Elwin Stelzer Internet Draft Sam Hancock Corona Networks, Inc. Benson Schliesser SAVVIS Communications November 2001 Expires: June 2002 Virtual Router Management Information Base Using SMIv2 draft-ietf-ppvpn-vr-mib-01.txt 1.0 Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at: http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at: http://www.ietf.org/shadow.html. 2.0 Abstract This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in TCP/IP based internets. In particular, it defines objects for managing networks using Virtual Routers (VR). Elwin, Sam & Benson [Page 1] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 3.0 Table of Contents 1.0 Status of this Memo .................................... 1 2.0 Abstract ............................................... 1 3.0 Table of Contents ...................................... 2 4.0 Terminologies .......................................... 2 5.0 Introduction ........................................... 3 6.0 The SNMP Network Management Framework .................. 3 7.0 Overview of the Virtual Router MIB ..................... 4 7.1 Community based VR contexts ............................ 5 7.2 VR Indexing ............................................ 6 7.3 Creation and Deletion of VRs ........................... 7 7.4 VrAdminStatus and VrOperStatus ......................... 7 7.5 Binding interfaces to a VR ............................. 7 7.6 Setting per VR limits .................................. 8 7.7 Per VR Statistics ...................................... 8 7.8 Internal Virtual Interfaces ............................ 8 7.9 Traps .................................................. 8 8.0 Sample VR MIB Configuration Scenario ................... 10 8.1 Creation of a VR ....................................... 10 8.2 Creation of an IVL and and connecting two VRs .......... 12 9.0 Definition of the Virual Router MIB..................... 12 10.0 Summary for Sub-IP Area ................................ 26 10.1 Where does it fit in the Picture of the Sub-IP Work .... 26 10.2 Why is it Targeted at this WG .......................... 27 10.3 Justification .......................................... 27 11.0 Security Considerations ................................ 27 12.0 Acknowledgments ........................................ 27 13.0 References ............................................. 27 14.0 Authors' Addresses ..................................... 28 4.0 Terminologies Provider Edge Router (PE) A PE device faces the provider network on one side and attaches via an access connection over one or more access networks to one or more CE devices. It may be a router or a switching router. This document applies to PE devices which support Virtual Routers Virtual Router (VR) A Virtual Router emulates instance of a physical router, and services that are available with a physical router are made available with a Virtual Router. Each VR has a separate routing and forwarding table. Internal Virtual Interface (IVI) IVIs are internal interfaces that are used to associate two VRs together. Elwin, Sam & Benson [Page 2] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 Internal Virtual Link (IVL) These are virtual links that are created within a PE device primarily to connect two VRs together. Each IVL has two corresponding IVIs, representing the two endpoints of the link. 5.0 Introduction Provider Provisioned VPNs can be achieved through different models. This MIB is designed to help providers to provision their VPNs, for the models that emulate a physical router for a VPN subscriber, by having separate routing and forwarding tables. Following are the goals, in defining this MIB: - To have a means for Service Providers to provision VPN service for subscribers, at the PE device. - To make the agent-side implementation simple, by not modifying the existing standard MIBs. - Define all the gluing tables that are needed towards this. 6.0 The SNMP Network Management Framework The SNMP Management Framework presently consists of five major components: o An overall architecture, described in RFC 2571 [1]. o Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in STD 16, RFC 1155 [2], STD 16, RFC 1212 [3] and RFC 1215 [4]. The second version, called SMIv2, is described in STD 58, which consists of RFC 2578 [5], RFC 2579 [6] and RFC 2580 [7]. o Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in STD 15, RFC 1157 [8]. A second version of the SNMP message protocol, which is not an Internet standards track protocol, is called SNMPv2c and described in RFC 1901 [9] and RFC 1906 [10]. The third version of the message protocol is called SNMPv3 and described in RFC 1906 [10], RFC 2572 [11] and RFC 2574 [12]. Elwin, Sam & Benson [Page 3] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 o Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described in STD 15, RFC 1157 [8]. A second set of protocol operations and associated PDU formats is described in RFC 1905 [13]. o A set of fundamental applications described in RFC 2573 [14] and the view-based access control mechanism described in RFC 2575 [15]. A more detailed introduction to the current SNMP Management Framework can be found in RFC 2570 [22]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the mechanisms defined in the SMI. This memo specifies a MIB module that is compliant to the SMIv2. A MIB conforming to the SMIv1 can be produced through the appropriate translations. The resulting translated MIB must be semantically equivalent, except where objects or events are omitted because no translation is possible (e.g., use of Counter64). Some machine readable information in SMIv2 will be converted into textual descriptions in SMIv1 during the translation process. However, this loss of machine readable information is not considered to change the semantics of the MIB. 7.0 Overview of the Virtual Router MIB This section gives an overview of some of the underlying concepts in this MIB. 7.1 SNMP Contexts for Management for Virtual Routers There is a need for a single agent to manage multiple Virtual Routers. The Architecture for describing Internet Management Frameworks [RFC2571] provides a way to support such cases. Managing multiple virtual routers requires that the management plane be divided into logical management domains. A single PE VR device contains many virtual routers. Different management entities can manage the virtual routers and services. Using SNMP contexts to group a collection of management information provides the following benefits. Elwin, Sam & Benson [Page 4] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 (1) Uses a standard framework defined by the IETF, allowing the product to remain flexible to all implementations of virtual routing. (a) Use SNMPv2c Community String's (b) Use SNMPv3 contextName's (2) Prevents vendors from having to add an extra index into the standard MIBs, allowing the implementation to remain standards compliant. (3) Provides a framework that will work for RIP, OSPF, IS-IS, BGP, IP-FORWARDING, MPLS, and other MIB which can be administratively grouped with a VR. The SNMP context for the Virtual Routing Instance can be specified in the VrConfigTable. The VrContextName columnar object is used to set the SNMPv2c Community String or the SNMPv3 contextName. A management system using the SNMP context of a particular virtual router can manage the virtual router without disrupting other virtual routers in the same entity. For example, the ospfAreaTable of vr01 is different from the ospfAreaTable of vr09. Thus it emulates two different physical routers supporting the OSPF-MIB. Elwin, Sam & Benson [Page 5] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 +-----------------------------------------------------------------+ | +------------------------------------------------------------+ | | | SNMP entity (including Engine, Applications) | | | | | | | | example contextNames: | | | | | | | | "vr01" "vr09" "admin" | | | | --------- --------- ------------ | | | | | | | | | | +------|------------------|-------------------|--------------+ | | | | | | | +------|------------------|-------------------|--------------+ | | | MIB | instrumentation | | | | | | +---v------------+ +---v------------+ +----v-----------+ | | | | | context=vr01 | | context=vr09 | | context=admin | | | | | | | | | | | | | | | | +------------+ | | +------------+ | | +------------+ | | | | | | | OSPF MIB | | | | OSPF MIB | | | | VR MIB | | | | | | | +------------+ | | +------------+ | | +------------+ | | | | | | | | | | | | | | | | +------------+ | | +------------+ | | +------------+ | | | | | | | BGP MIB | | | | BGP MIB | | | | ATM MIB | | | | | | | +------------+ | | +------------+ | | +------------+ | | | | | | | | | | | | | | | | +------------+ | | +------------+ | | +------------+ | | | | | | | IP MIB | | | | IP MIB | | | | ENTITY MIB | | | | | | | +------------+ | | +------------+ | | +------------+ | | | | | | | | | | | | | | | | +------------+ | | +------------+ | | +------------+ | | | | | | | other MIB | | | | other MIB | | | | IF MIB | | | | | | | +------------+ | | +------------+ | | +------------+ | | | | | | ... | | ... | | ... | | | +-----------------------------------------------------------------+ 7.2 VR Indexing While the standard protocol MIB tables are instantiated with the context specified using SNMP contexts, there may be tables that are defined with the VRID as index. The VRID is of local significance to a particular PE switch, and need not be globally unique. Thus a VRID of 100 may mean a particular VR in one PE device and can mean a different VR in another PE device, and both of these devices can be managed by the same SNMP manager. The VRID is a 4-octet value, and this value is assigned by the Elwin, Sam & Benson [Page 6] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 management station. To aid the management station to assign a VRID without conflict, the management station can get the 'NextAvailableVRID' from the PE Switch. 7.3 Creation and Deletion of VRs The VR Config Table is used for this purpose. This is a read-create table and adding an entry into this table will create a VR. Removing an entry from this table marks the deletion of a VR. VR0 is a VR that exists by default, and need not be created. Deletion of VR0 will not be permitted. 7.4 Administrative and Operational Status of VRs VRs can be administratively turned down. When this is done, no packet forwarding via the VR takes place. VrOperStatus denotes the operational status of a VR. Currently the VrOperStatus is expected to change along the VrAdminStatus unless an error condition exists. 7.5 Binding interfaces to a VR Interfaces are bound to a VR, using the VR If Config Table. This is a read-write table, and note that interfaces are not created through this table. For each interface present in the system, this table is used to provide the maping from IfIndex to a unique VR. An interface can not be attached to more than one VRs. By default, all interfaces are attached to VR0. 7.6 Setting per VR limits VRs consume resources, and hence the following parameters defined in the VR Config Table, are used to specify an upperbound of resource utilization. VrMaxRoutes Specify the maximum number of routes that will be permitted in this VR. This includes the statically configured routes, and the routes learnt via dynamic routing protocols. 7.7 Per VR Statistics In addition to the regular VR instantiated MIB tables, there are some per-VR statistics available through the VR Statistics Table. Example: Elwin, Sam & Benson [Page 7] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 VrStatFibEntries VrStatRouteEntries 7.8 Internal Virtual Interfaces These interfaces can be used to connect one VR to another. For this purpose IVLs are created explicitly, through the IVL Config Table. First an IVL needs to be defined in this table, that will generate the two ends of the IVL as two IVIs which are IfIndex values. These two interfaces are then attached to the two backbone VRs that are to be connected together, using the VR If Config Table. 7.9 Traps This memo defines that VrUp and VrDown traps are generated just after VrOperStatus leaves, or just before it enters, the down state, respectively. (1) A transition into the down state will occur when an error is detected on a VR instance. (2) Departing the down state generally indicates that the VR is going to up, which is considered a "healthy" state. An exception to the above generation of VrUp/VrDown traps on changes in VrOperStatus, occurs when an VR is "flapping", i.e., when it is rapidly oscillating between the up and down states. If traps were generated for each such oscillation, the network and the network management system would be flooded with unnecessary traps. In such a situation, the agent should limit the rate at which it generates traps. This memo defines that enabling and disabling the VR traps is achieved by setting the VrTrapEnable to true(1) or false(2), respectively. By default, this object should have the value true(1). 8.0 Sample VR MIB Configuration Scenario 8.1 Creation of a VR Creating VR instances can be achieved using the following example. (1) Get the next available Virtual Router Id using the NextAvailableVrId, to create a VR: Using a context with 'read' access for system level entities. GetRequest { NextAvailableVrId.0 } Response { NextAvailableVrId.0 = 5555 } Elwin, Sam & Benson [Page 8] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 (2) In VrConfigTable, create VR Instance using VrRowStatus: Using a context with 'read-write' access for system level entities SetRequest { VrRowStatus.5555 createAndGo(4), VrName.5555 "BigTelcoVR", VrContextName.5555 "vr5555", VrTrapEnable.5555 true(1), VrAdminStatus.5555 up(1) } 8.2 Creation of an IVL and and connecting two VRs 9.0 Definition of the Virtual Router MIB -- ***************************************************************** -- -- ***************************************************************** VIRTUAL-ROUTER-MIB DEFINITIONS ::= BEGIN IMPORTS InterfaceIndex FROM IF-MIB OBJECT-GROUP, MODULE-COMPLIANCE, NOTIFICATION-GROUP FROM SNMPv2-CONF experimental, IpAddress, Unsigned32, OBJECT-TYPE, MODULE-IDENTITY, Gauge32, TimeTicks, NOTIFICATION-TYPE FROM SNMPv2-SMI TruthValue, DisplayString, RowStatus, TEXTUAL-CONVENTION FROM SNMPv2-TC; virtualRouterMIB MODULE-IDENTITY LAST-UPDATED "200111211200Z" ORGANIZATION "Corona Networks Inc." CONTACT-INFO "Corona Networks Inc. 630 Alder Drive Milpitas, CA 95035 USA Tel: +1 408 519 3800 Fax: +1 408 519 3830 Email: sam@coronanetworks.com Elwin, Sam & Benson [Page 9] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 elwinietf@yahoo.com bensons@savvis.net" DESCRIPTION "The MIB is the definition of the managed objects for the Virtual Router." REVISION "200111211200Z" DESCRIPTION "Initial submission." ::= { experimental XXXX } -- To be assigned -- -- Textual conventions -- VrIndex ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Virtual Router Identifier. NULL VRID is '0' and cannot be used to create VR's. " SYNTAX Unsigned32 VpnIdentifier ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "RFC2685: The global VPN Identifier format is: 3 octet VPN authority Organizationally Unique Identifier followed by 4 octet VPN index identifying VPN according to OUI" SYNTAX OCTET STRING(SIZE (0..7)) -- -- Node definitions -- vrMIBObjects OBJECT IDENTIFIER ::= { virtualRouterMIB 1 } vrConfig OBJECT IDENTIFIER ::= { vrMIBObjects 1 } vrConfigScalars OBJECT IDENTIFIER ::= { vrConfig 1 } vrConfigNextAvailableVrId OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The next available Virtual Router Id (index). This object provides a hint for the vrID value to use when administratively creating a new vrConfigEntry. Elwin, Sam & Benson [Page 10] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 A GET of this object returns the next available vrId value to be used to create an entry in the associated vrConfigTable; or zero, if no valid vrId value is available. A value of zero(0) indicates that it is not possible to create a new vrConfigEntry This object also returns a value of zero when it is the lexicographic successor of a varbind presented in an SNMP GETNEXT or GETBULK request, for which circumstance it is assumed that ifIndex allocation is unintended. Successive GETs will typically return different values, thus avoiding collisions among cooperating management clients seeking to create table entries simultaneously. Unless specified otherwise by its MAX-ACCESS and DESCRIPTION clauses, an object of this type is read-only, and a SET of such an object returns a notWritable error." ::= { vrConfigScalars 1 } vrConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF VrConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table is for creating the new Virtual Routers." ::= { vrConfig 2 } vrConfigEntry OBJECT-TYPE SYNTAX VrConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The entries in this table can be added/deleted using the vrRowStatus." INDEX { vrId } ::= { vrConfigTable 1 } VrConfigEntry ::= SEQUENCE { vrId VrIndex, vrRowStatus RowStatus, vrName DisplayString, vrContextName DisplayString, vrTrapEnable Elwin, Sam & Benson [Page 11] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 TruthValue, vrMaxRoutes Unsigned32, vrType Unsigned32, vrAdminStatus INTEGER, vrVpnId VpnIdentifier, vrRpTrigger Unsigned32, vrTunnelIpAddress IpAddress } vrId OBJECT-TYPE SYNTAX VrIndex MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The unique id of this virtual router instance. A Virtual Router cannot not be created with vrId = 0. " ::= { vrConfigEntry 1 } vrRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status column has three defined values: - `active', which indicates that the conceptual row is available for use by the managed device; - `createAndGo', which is supplied by a management station wishing to create a new instance of a conceptual row and to have its status automatically set to active, making it available for use by the managed device; - `destroy', which is supplied by a management station wishing to delete all of the instances associated with an existing conceptual row." ::= { vrConfigEntry 2 } vrName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-create STATUS current Elwin, Sam & Benson [Page 12] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 DESCRIPTION "The Name of the Virtual Router. Default Name for VRID is 'VR'. e.g. vrId = 200012 vrName = 'VR200012' " ::= { vrConfigEntry 3 } vrContextName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-create STATUS current DESCRIPTION "The SNMPv2 Community String or SNMPv3 contextName denotes the VR 'context' and is used to logically separate the MIB management. RFC2571 and RFC2737 describe this approach." ::= { vrConfigEntry 4 } vrTrapEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This objects is used to enable the generation of the VrUp and VrDown traps. true(1) - VR Traps Enabled false(2) - VR Traps Disabled" DEFVAL { true } ::= { vrConfigEntry 5 } vrMaxRoutes OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the maximum number of routes that this VR can support. The default value is 4 Gig (meaning unlimited)." DEFVAL { 4294967295 } ::= { vrConfigEntry 6 } vrType OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION Elwin, Sam & Benson [Page 13] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 "This objects is used to denote the type of the VR." ::= { vrConfigEntry 7 } vrAdminStatus OBJECT-TYPE SYNTAX INTEGER { up(1), down(2), unknown(3) } MAX-ACCESS read-create STATUS current DESCRIPTION "The administrative state of the Virtual Router." DEFVAL { down } ::= { vrConfigEntry 8 } vrVpnId OBJECT-TYPE SYNTAX VpnIdentifier MAX-ACCESS read-create STATUS current DESCRIPTION "The Virtual Private Network Identifier of the Virtual Router." ::= { vrConfigEntry 9 } vrRpTrigger OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "The Routing Protocol Triggers on the Virtual Router. This can be used to initiate or shutdown routing protocols on a VR. The 32 bits are divided into: 16 bits of RP bitmap, 15 bits reserved (0), and 1 bit of action-code. The RP bitmap specify the RP that is to be initiated or shutdown. Multiple RPs can be acted on simultaneously. Also, individual RPs can be brought up in steps, which should not affect the RPs that were running. Action-code specify what needs to be done for the RPs in the RP bitmap. The actions are: initiate or shutdown. The running status of the RP shall be available in the VR stats table's vrRpStatus, which has a similar format, but represent the status." Elwin, Sam & Benson [Page 14] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 ::= { vrConfigEntry 10 } vrTunnelIpAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "This address will be used as the local IP address in the tunnels that are made to the remote peer from this VR." ::= { vrConfigEntry 11 } vrStat OBJECT IDENTIFIER ::= { vrMIBObjects 2 } vrStatScalars OBJECT IDENTIFIER ::= { vrStat 1 } vrConfiguredVRs OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of VRs configured on this network element." ::= { vrStatScalars 1 } vrActiveVRs OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of VRs that are active on the network element. These are VRs for which the vrStatOperationalStatus = up(1)" ::= { vrStatScalars 2 } vrStatTable OBJECT-TYPE SYNTAX SEQUENCE OF VrStatEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains statistics for the Virtual Router." ::= { vrStat 2 } vrStatEntry OBJECT-TYPE SYNTAX VrStatEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Entries in this table a per vrId." INDEX { vrId } Elwin, Sam & Benson [Page 15] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 ::= { vrStatTable 1 } VrStatEntry ::= SEQUENCE { vrStatRouteEntries Unsigned32, vrStatFIBEntries Unsigned32, vrStatUpTime TimeTicks, vrOperStatus INTEGER, vrRpStatus Unsigned32, vrRouterId Unsigned32 } vrStatRouteEntries OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of routes for this VR." ::= { vrStatEntry 1 } vrStatFIBEntries OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of FIB Entries for this VR." ::= { vrStatEntry 2 } vrStatUpTime OBJECT-TYPE SYNTAX TimeTicks MAX-ACCESS read-only STATUS current DESCRIPTION "The time in (in hundredths of a second) since this VR entry has been operational." ::= { vrStatEntry 3 } vrOperStatus OBJECT-TYPE SYNTAX INTEGER { up(1), down(2), unknown(3) } Elwin, Sam & Benson [Page 16] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 MAX-ACCESS read-only STATUS current DESCRIPTION "The operational state of the Virtual Router." ::= { vrStatEntry 4 } vrRpStatus OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "List of Routing Protocols on this VR." ::= { vrStatEntry 5 } vrRouterId OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Router id of this VR. It is derived from one of the interfaces. If loopback interface is present, the loopback interface address can be used. However, loopback interface is optional." ::= { vrStatEntry 6 } vrIfConfig OBJECT IDENTIFIER ::= { vrMIBObjects 3 } vrIfConfigScalars OBJECT IDENTIFIER ::= { vrIfConfig 1 } vrIfConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF VrIfConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table is for configuring VR Interfaces." ::= { vrIfConfig 2 } vrIfConfigEntry OBJECT-TYPE SYNTAX VrIfConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Entries in this table correspond to the entries in the ifTable that apply to the Virtual Router." INDEX { vrIfId } ::= { vrIfConfigTable 1 } Elwin, Sam & Benson [Page 17] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 VrIfConfigEntry ::= SEQUENCE { vrIfId InterfaceIndex, vrIfVrId VrIndex } vrIfId OBJECT-TYPE SYNTAX InterfaceIndex MAX-ACCESS read-only STATUS current DESCRIPTION "Virtual Router Interface Index." ::= { vrIfConfigEntry 1 } vrIfVrId OBJECT-TYPE SYNTAX VrIndex MAX-ACCESS read-write STATUS current DESCRIPTION "Denotes the VrIndex that this Interface is associated." ::= { vrIfConfigEntry 2 } vrIVLConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF VrIVLConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table is for creating Internal Virtual Links." ::= { vrIfConfig 3 } vrIVLConfigEntry OBJECT-TYPE SYNTAX VrIVLConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Creating/Deleting IVL in this table adds/removes entries in the ifTable." INDEX { vrIVLName } ::= { vrIVLConfigTable 1 } VrIVLConfigEntry ::= SEQUENCE { vrIVLName DisplayString, vrIVLInterfaceA Elwin, Sam & Benson [Page 18] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 InterfaceIndex, vrIVLInterfaceB InterfaceIndex, vrIVLRowStatus RowStatus } vrIVLName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-create STATUS current DESCRIPTION "The name representing the IVL." ::= { vrIVLConfigEntry 1 } vrIVLInterfaceA OBJECT-TYPE SYNTAX InterfaceIndex MAX-ACCESS read-only STATUS current DESCRIPTION "Interface associated with the one endpoint of the IVL." ::= { vrIVLConfigEntry 2 } vrIVLInterfaceB OBJECT-TYPE SYNTAX InterfaceIndex MAX-ACCESS read-only STATUS current DESCRIPTION "Interface associated with the second endpoint of the IVL." ::= { vrIVLConfigEntry 3 } vrIVLRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "See SNMPv2-TC MIB" ::= { vrIVLConfigEntry 4 } vrNotificationsPrefix OBJECT IDENTIFIER ::= { virtualRouterMIB 2 } vrNotifications OBJECT IDENTIFIER ::= { vrNotificationsPrefix 0 } vrUp NOTIFICATION-TYPE OBJECTS { vrId } STATUS current DESCRIPTION "This notification is generated when the specified Elwin, Sam & Benson [Page 19] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 VR is about to initialized or change the status from down to up." ::= { vrNotifications 1 } vrDown NOTIFICATION-TYPE OBJECTS { vrId } STATUS current DESCRIPTION "This notification is generated when the specified VR is about to go down." ::= { vrNotifications 2 } vrMaxRoutesExceeded NOTIFICATION-TYPE OBJECTS { vrId, vrMaxRoutes, vrStatRouteEntries } STATUS current DESCRIPTION "This notification is generated when the specified VR has exceeded the maximum number of routes specified" ::= { vrNotifications 3 } vrConformance OBJECT IDENTIFIER ::= { virtualRouterMIB 3 } vrCompliances OBJECT IDENTIFIER ::= { vrConformance 1 } vrMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities that implement the VIRTUAL-ROUTER-MIB. Implementation of this MIB is strongly recommended for any platform targeted for a carrier-class environment." MODULE -- this module MANDATORY-GROUPS { vrConfigGroup, vrIfGroup} ::= { vrCompliances 1 } vrGroups OBJECT IDENTIFIER ::= { vrConformance 2 } vrConfigGroup OBJECT-GROUP OBJECTS { vrId, vrRowStatus, vrName, vrContextName, vrTrapEnable, vrMaxRoutes, vrType, vrAdminStatus, vrVpnId, vrRpTrigger, vrTunnelIpAddress, vrNextAvailableVrId } STATUS current DESCRIPTION "A collection of attributes that support provisioning of a virtual router." Elwin, Sam & Benson [Page 20] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 ::= { vrGroups 1 } vrStatGroup OBJECT-GROUP OBJECTS { vrConfiguredVRs, vrActiveVRs, vrStatRouteEntries, vrStatFIBEntries, vrStatUpTime, vrOperStatus, vrRpStatus, vrRouterId } STATUS current DESCRIPTION "A collection of attributes that contain stats about the virtual router." ::= { vrGroups 2 } vrIfGroup OBJECT-GROUP OBJECTS { vrIfId, vrIfVrId } STATUS current DESCRIPTION "A collection of attributes that support provisioning of a virtual router interfaces." ::= { vrGroups 3 } vrIVLGroup OBJECT-GROUP OBJECTS {vrIVLName, vrIVLInterfaceA, vrIVLInterfaceB, vrIVLRowStatus } STATUS current DESCRIPTION "A collection of attributes that support provisioning of a virtual router IVL's." ::= { vrGroups 4 } vrNotificationGroup NOTIFICATION-GROUP NOTIFICATIONS { vrUp, vrDown, vrMaxRoutesExceeded } STATUS current DESCRIPTION "A collection of traps that are supported by the VR." ::= { vrGroups 5 } END -- -- VIRTUAL-ROUTER-MIB.mib -- 10.0 Summary for Sub-IP Area This document defines a MIB that provides a way to provision VPNs at the PE devices having virtual routers. Elwin, Sam & Benson [Page 21] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 10.1 Where does it fit in the Picture of the Sub-IP Work This work fits in the PPVPN Working Group. 10.2 Why is it Targeted at this WG The WG is chartered with developing Provider Provisioned VPN solutions. This draft contributes to this. 10.3 Justification The WG should consider this document since it provides a means to configure and manage Virtual Router based PPVPNs. 11.0 Security Considerations TBD 12.0 Acknowledgments 13.0 References [1] Harrington, D., Presuhn, R. and B. Wijnen, "An Architecture for Describing SNMP Management Frameworks", RFC 2571, April 1999. [2] Rose, M. and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based Internets", STD 16, RFC 1155, May 1990. [3] Rose, M. and K. McCloghrie, "Concise MIB Definitions", STD 16, RFC 1212, March 1991. [4] Rose, M., "A Convention for Defining Traps for use with the SNMP", RFC 1215, March 1991. [5] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [6] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [7] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, Elwin, Sam & Benson [Page 22] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 M. and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. [8] Case, J., Fedor, M., Schoffstall, M. and J. Davin, "Simple Network Management Protocol", STD 15, RFC 1157, May 1990. [9] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, January 1996. [10] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1906, January 1996 [15] Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2575, January 1998. [16] Bradner, S., "Key words for use in RFCs to Indicate Requirements Levels", BCP 14, RFC 2119, March 1997. [17] Ouldbrahim's VR draft, "Network Based IP VPN Architecture Using Virtual Routers", draft-ouldbrahim-vpn-vr-01.txt [18] RFC 2685, "Virtual Private Networks Identifier" [19] RFC 2764, "A Framework for IP Based Vitual Private Networks" [20] RFC 2547bis, "BGP/MPLS VPNs", draft-rosen-rfc2547bis-03.txt [21] "BGP/IPsec VPN", draft-declercq-bgp-ipsec-vpn-00.txt [22] RFC 2667, "IP Tunnel MIB" 14.0 Authors' Addresses Elwin Stelzer Eliazer Corona Networks, Inc. 630 Alder Drive Milpitas, CA 95035 Phone: 408-519-3832 Email: elwinietf@yahoo.com Elwin, Sam & Benson [Page 23] draft-ietf-ppvpn-vr-mib-01 VR MIB Nov 2001 Samuel Hancock Corona Networks, Inc. 630 Alder Drive Milpitas, CA 95035 Phone: 408-519-3800 Ext 421 Email: sam@coronanetworks.com Benson Schliesser SAVVIS Communications 717 Office Parkway St. Louis, MO 63141 Phone: 314-468-7036 Email: bensons@savvis.net Elwin, Sam & Benson [Page 24]