IETF Internet Draft Thomas D. Nadeau Expires: May 2003 Cisco Systems, Inc. Document: draft-ietf-l3vpn-mpls-vpn-mib-05.txt Luyuan Fang Harmen Van Der Linde AT&T Stephen J. Brannon Fabio M. Chiussi Lucent Technologies Joseph Dube Avici Systems, Inc. Martin Tatham British Telecom November 2002 MPLS/BGP Virtual Private Network Management Information Base Using SMIv2 Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are Working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Contents 1.0 Abstract..........................................................2 2.0 Introduction......................................................2 3.0 Terminology.......................................................3 4.0 The SNMP Management Framework.....................................3 5.0 Oobject Definitions...............................................4 6.0 Feature Checklist.................................................4 PPVPN Working Group Expires May 2003 [Page 1] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 7.0 Assumptions and Prerequisites.....................................5 8.0 Application of the Interfaces Group to MPLS.......................6 9.0 Summary of MPLS-VPN-MIB...........................................7 10.0 Brief Description of MIB Objects.................................7 10.1 MplsVpnVrfTable..................................................7 10.2 MplsVpnIfConfTable...............................................7 10.3 MplsVpnPerfTable.................................................8 10.4 MplsVpnVrfRouteTable.............................................8 10.5 MplsVpnRouteTargetTable..........................................8 11.0 Example of MPLS/BGP VPN Setup....................................8 12.0 MPLS/BGP VPN MIB Definitions....................................10 13.0 Acknowledgements................................................37 14.0 References......................................................37 15.0 Authors' Addresses..............................................40 16.0 Dedication......................................................41 17.0 Full Copyright Statement........................................41 1.0 Abstract This memo defines an experimental portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, in response to customer demands and strong input from vendors, it describes managed objects for modeling and managing Multi-Protocol Label Switching (MPLS) [MPLSArch]/Border Gateway Protocol (BGP) Virtual Private Networks (VPNs) [RFC2547bis]. 2.0 Introduction This memo defines an experimental portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects for modeling a Multi-Protocol Label Switching [MPLSArch, MPLSFW]/Border Gateway Protocol Virtual Private Networks. Comments should be made directly to the MPLS mailing list at mpls@uu.net and the Provider-Provisioned VPN (PPVPN) WG at ppvpn@ietf.org. This memo does not, in its draft form, specify a standard for the Internet community. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119, reference [BCP14]. PPVPN Working Group Expires May 2003 [Page 2] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 3.0 Terminology This document uses terminology from the document describing the MPLS architecture [MPLSArch] and from the document describing MPLS/BGP VPNs [MPLSBGPVPN]. Throughout this document, the use of the terms "Provider Edge (PE) and Customer Edge (CE) or PE/CE" will be replaced by PE in all cases except when a network device is a CE when used in the carrier of carriers model. 4.0 The SNMP Management Framework The SNMP Management Framework presently consists of five major components: - An overall architecture, as described in RFC 2271 [SNMPArch]. - Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in RFC 1155 [SMIv1], RFC 1212 [SNMPv1MIBDef] and RFC 1215 [SNMPv1Traps]. The second version, called SMIv2, is described in RFC 1902 [SMIv2], RFC 1903 [SNMPv2TC] and RFC 1904 [SNMPv2Conf]. - Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in RFC 1157 [SNMPv1]. A second version of the SNMP message protocol, which is not an Internet standards track protocol, is called SNMPv2c and described in RFC 1901 [SNMPv2c] and RFC 1906 [SNMPv2TM]. The third version of the message protocol is called SNMPv3 and described in RFC 1906 [SNMPv2TM], RFC 2272 [SNMPv3MP] and RFC 2574 [SNMPv3USM]. - Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described in RFC 1157 [SNMPv1]. A second set of protocol operations and associated PDU formats is described in RFC 1905 [SNMPv2PO]. - A set of fundamental applications described in RFC 2273 [SNMPv3App] and the view-based access control mechanism described in RFC 2575 [SNMPv3VACM]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the mechanisms defined in the SMI. This memo specifies a MIB module that is compliant to the SMIv2. A MIB conforming to the PPVPN Working Group Expires May 2003 [Page 3] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 SMIv1 can be produced through the appropriate translations. The resulting translated MIB must be semantically equivalent, except where objects or events are omitted because no translation is possible (use of Counter64). Some machine-readable information in SMIv2 will be converted into textual descriptions in SMIv1 during the translation process. However, this loss of machine-readable information is not considered to change the semantics of the MIB. 5.0 Object Definitions Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the subset of Abstract Syntax Notation One (ASN.1) defined in the SMI. In particular, each object type is named by an OBJECT IDENTIFIER, an administratively assigned name. The object type together with an object instance serves to uniquely identify a specific instantiation of the object. For human convenience, we often use a textual string, termed the descriptor, to also refer to the object type. 6.0 Feature Checklist The MPLS/BGP Virtual Private Network MIB (MPLS-VPN-MIB) is designed to satisfy the following requirements and constraints: 1. The MIB must support the BGP/MPLS Virtual Private Networks as described in [RFC2547bis]. It does not support other generalized network-based VPN solutions such as IPSec VPNs [RFC2547bis]. 2. The MIB must support the operation of BGP/MPLS VPN based on either an IP backbone that contains only routers/switches, or a layer-2 backbone (e.g. Frame Relay, ATM). 3. The MIB must support BGP/MPLS VPN service as Enterprise VPN, Carrier's Carrier VPN, or Inter-provider Backbone VPN. 4. The MIB must support the configuration of BGP/MPLS VPNs under the scope listed above in 1, 2, and 3. It can be used for service creation and validation, or building the configuration tools to achieve MPLS VPN service creation automation. 5. The MIB must support the maintenance and troubleshooting of BGP/MPLS VPN under the scope listed in 1, 2, and 3. It can be used, in conjunction with other MIBs to build monitoring and troubleshooting network management tools. PPVPN Working Group Expires May 2003 [Page 4] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 6. The MIB must support BGP/MPLS VPNs that are configured on a particular physical or sub-interface if the interface can be divided (e.g. Frame Relay or ATM) by the router. The PE or CE (in the case of carrier supporing carriers) will determine the forwarding table to be used based on the particular interface or sub-interface information. 7. The MIB must be supported by PE/CEs and shall be used to configure and maintain one or more VPN Routing and Forwarding Tables (VRFs). 8. The MIB must be supported by each interface or sub-interface on a PE/CE that can be configured for a single VPN only. 9. The MIB must support a configuration where each interface belonging to a particular VPN on the PE router can be configured to import or export the information from the same VPN at different sites. These interfaces must also be capable of being configured to import or export the routing information from the different VPNs at the different sites. 7.0 Assumptions and Prerequisites It is assumed that certain things are configured and operational in order for the tables and objects described in this MIB to work correctly. These things are outlined below: - MPLS in general, must be configured and operational. - LDP paths configured between PEs and CEs. - Underlying MPLS interfaces on which the MPLS-VPN interfaces are run "on top of" must be configured and operational. 8.0 Application of the Interfaces Group to MPLS The Interfaces Group of MIB II defines generic managed objects for managing interfaces. This memo contains the media-specific extensions to the Interfaces Group for managing MPLS interfaces. This memo assumes the interpretation of the Interfaces Group to be in accordance with [IFMIB] which states that the interfaces table (ifTable) contains information on the managed resource's interfaces and that each sub-layer below the internetwork layer of a network interface is considered an interface. A MPLS VPN-enabled interface is represented as an entry in the ifTable with ifType = mpls(166) [LSRMIB]. It is also possible that MPLS TE Tunnels are used to transport MPLS BGP/VPN traffic. In this case the entry PPVPN Working Group Expires May 2003 [Page 5] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 in the ifTable is associated with an interface with ifType equal to mplsTunnel(150) [TEMIB] which, in turn, is 'stacked' upon an MPLS-type interface. Finally, it is also possible that a non-MPLS interface type, such as an Ethernet interface, is used transport MPLS BGP/VPN traffic. In this case the MPLS VPN-enabled interface is represented as an entry in the ifTable with an ifType corresponding to the interface type such as ethernet-csmacd(6). The inter-relation of entries in the ifTable is defined by the Interfaces Stack Group defined in [IFMIB]. The VPN interface should keep track of statistics and other interface related information for that VPN interface only. These interface statistics should be a subset of those maintained on the underlying (MPLS) interface(s). That is, the bytes received on an MPLS VPN interface should be less than or equal to those noted as received on the underlying interface onto which the VPN interface is stacked. When using MPLS VPN-enabled interfaces, the interface stack table should appear as follows: +-------------------------------------------+ | MPLS-interface ifType = mpls(166) + +-------------------------------------------+ | Underlying Layer... + +-------------------------------------------+ In the above diagram, "Underlying Layer..." refers to the ifIndex of any interface type, which has been defined for MPLS interworking and onto which the MPLS-layer is stacked upon. Examples include ATM, Frame Relay, Ethernet, etc. It is also possible that the interface stack table appear as follows in the case that MPLS TE Tunnels are used to transport the MPLS VPN traffic: +-------------------------------------------+ | MPLS TE Tunnel ifType = mplsTunnel(150) | +-------------------------------------------+ | MPLS-interface ifType = mpls(166) + +-------------------------------------------+ | Underlying Layer... + +-------------------------------------------+ A non-MPLS type of interface carrying MPLS VPN traffic should be represented as follows: +-------------------------------------------+ | Underlying Layer... + +-------------------------------------------+ PPVPN Working Group Expires May 2003 [Page 6] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 9.0 Brief Description of MIB Objects The following subsections describe the purpose of each of the objects contained in the MPLS-VPN-MIB. 9.1 mplsVpnVrfTable This table represents the MPLS/BGP VPNs that are configured. An operator or Network Management System (NMS) creates an entry in this table for every MPLS/BGP VPN configured to run in this MPLS domain. A VRF represents an instance of a VPN supported by one or more PE Routers. The collection of VRFs from all network devices comprises the actual VPN. It should be noted that the VPN that is configured at a particular device represents an instance of that VPN and not the entire VPN. The collective set of VPN instances comprises the actual VPN. This information is typically only known in its entirety at the NMS. 9.2 mplsVPNInterfaceConfTable This table represents the MPLS/BGP VPN-enabled interfaces. Each entry in this table corresponds to an entry in the Interfaces MIB. In addition, each entry extends its corresponding entry in the Interface MIB to contain specific BGP/MPLS VPN information. Due to this correspondence, certain objects such as traffic counters are not found in this MIB to avoid overlap, and instead are found in the Interfaces MIB. 9.3 mplsVPNPerfTable This table contains objects to measure the performance of MPLS/BGP VPNs and augments the mplsVPNConfTable. High capacity counters are provided for objects that are likely to wrap around quickly on objects such as high-speed interface counters. 9.4 mplsVpnVrfRouteTable The table contains the objects necessary to configure and monitor routes for a particular VRF. 9.5 MplsVpnRouteTargetTable The table contains the objects necessary to configure and monitor route targets for a particular VRF. PPVPN Working Group Expires May 2003 [Page 7] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 10.0 Example of MPLS/BGP VPN Setup In this section, we provide a brief example of using the MIB objects described in the following section. While this example is not meant to illustrate very nuance of the MIB, it is intended as an aid to understanding some of the key concepts. It is our intent that it is read only after the reader has gone through the MIB itself. This configuration is under the assumption that 1) MPLS has been pre- configured in the network, through enabling LDP or RSVP-TE. 2) OSPF or ISIS has been pre-configured. 3) BGP sessions have been established between PEs. Defining the VPN: In mplsVpnVrfTable: { mplsVpnVrfName = "RED", mplsVpnVrfDescription = "Intranet of Company ABC", mplsVpnVrfRouteDistinguisher = 100:1, } In mplsVpnVrfRouteTargetTable mplsVpnVrfRouteTargetRowStatus."Red"."100:1".import = createAndGo, mplsVpnVrfRouteTargetRowStatus."Red"."100:1".export = createAndGo } Configuring PE to PE BGP Routing Session with BGP extended family In mplsVpnVrfTable: { mplsVpnVrfBgpAddrFamilyVpnv4Unicast = true (1), mplsVpnVrfBgpAFNeighborPEAddr = 10.10.10.1 {the other PE}, mplsVpnVrfBgpAFNeighborPEType = IpV4 } Configuring PE to CE BGP Routing Sessions: In mplsVpnVrfTable: { mplsVpnVrfName = "RED", mplsVpnVrfBgpAddrFamilyVpnv4Unicast = true (1), mplsVpnVrfBgpAFNeighborCEAddr = 192.123.123.1 {adjacent CE}, mplsVpnVrfBgpAFNeighborCEType = IpV4 } PPVPN Working Group Expires May 2003 [Page 8] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 (or Configuring PE to CE RIP Routing Sessions) In mplsVpnVrfTable: { mplsVpnVrfName = "RED", mplsVpnVrfNetType = rip(2), mplsVpnVrfRipNetPrefix = 192.123.123.4 {the network prefix to the adjacent CE), } (or Configuring PE to CE Static Routing Sessions) In mplsVpnVrfTable: { mplsVpnVrfName = "RED", mplsVpnVrfIpRouteVrfForwByType = IpV4 (1) mplsVpnVrfIpRouteVrfDest = 192.123.210.1 {destination}, mplsVpnVrfIpRouteVrfForwByAddr = 192.123.123.1 {forwarded by}, mplsVpnVrfIpRouteRedistributeConn = true (1) } Note that this example assumes that the P routers are configured with MPLS LDP and RSVP TE tunnels using existing MIBs. Ed Notes: Need to add route target table here. Step 1: create VRF; result (VRF + I/F associations + BGP peers, routes etc) Step 2: verification; how Also a monitoring example would be helpful 11.0 MPLS/BGP VPN MIB Definitions MPLS-VPN-MIB-DRAFT-05 DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, experimental, Integer32, Counter32, Unsigned32 FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF TEXTUAL-CONVENTION, TruthValue, RowStatus, StorageType, PPVPN Working Group Expires May 2003 [Page 9] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 TimeStamp, DisplayString FROM SNMPv2-TC InterfaceIndex, InterfaceIndexOrZero FROM IF-MIB VPNId FROM PPVPN-TC-MIB SnmpAdminString FROM SNMP-FRAMEWORK-MIB InetAddress, InetAddressType FROM INET-ADDRESS-MIB bgp4PathAttrIpAddrPrefix, bgp4PathAttrIpAddrPrefixLen, bgp4PathAttrPeer FROM BGP4-MIB; mplsVpnMIB MODULE-IDENTITY LAST-UPDATED "200210311200Z" -- 31 October 2002 12:00:00 GMT ORGANIZATION "Provider Provisioned Virtual Private Networks Working Group." CONTACT-INFO " Thomas D. Nadeau tnadeau@cisco.com Luyuan Fang luyuanfang@att.com Stephen Brannon Fabio M. Chiussi fabio@bell-labs.com Joseph Dube jdube@avici.com Martin Tatham martin.tatham@bt.com Harmen van der Linde hvdl@att.com Comments and discussion to ppvpn@ietf.org" DESCRIPTION "This MIB contains managed object definitions for the Multiprotocol Label Switching (MPLS)/Border Gateway Protocol (BGP) Virtual Private Networks (VPNs) as PPVPN Working Group Expires May 2003 [Page 10] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 defined in : Rosen, E., Viswanathan, A., and R. Callon, Multiprotocol Label Switching Architecture, RFC3031, January 2001." -- Revision history. REVISION "200210311200Z" -- 31 October 2002 12:00:00 GMT DESCRIPTION "Added Intellectual Property Considerations section. Added new mplsNumVrfRouteMaxThreshCleared notification. " REVISION "200102281200Z" -- 28 February 2002 12:00:00 GMT DESCRIPTION "mplsVpnVrfRouteIfIndex changed to InterfaceIndexOrZero. mplsVpnIfVpnRouteDistProtocol BITS changed to start at 0. Changed notifications to not include indexes. Those indexes' MAX-ACESS changed to not-accessible. Fixed description of mplsVpnIfLabelEdgeType and mplsVpnVrfConfLastChanged. " REVISION "200201261200Z" -- 26 January 2002 12:00:00 GMT DESCRIPTION "Removed indexes from notifications. Changed mplsVpnVrfRouteTos to not-accessible as it is used as an index." REVISION "200111131200Z" -- 13 November 2001 12:00:00 GMT DESCRIPTION "MPLS PPVPN MIB now assigned IANA experimental 118. Changed mplsVpnVrfRouteTarget from not-accessible to read-create. " REVISION "200110151200Z" -- 15 October 2001 12:00:00 GMT DESCRIPTION "Fixed compilation errors from last version. Changed mplsVpnIfVpnRouteDistProtocol to be a BITS structure to allow more than one to be selected. Changed mplsIfDown -> mplsVrfIfDown Changed mplsIfUp -> mplsVrfIfUp " PPVPN Working Group Expires May 2003 [Page 11] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 REVISION "200110051200Z" -- 05 October 2001 12:00:00 GMT DESCRIPTION "Added integer index and removed route distinguisher index from mplsVpnVrfRouteTargetTable. Removed mplsVpn ifType; simply use mpls(166) ifType for MPLS VPN-enabled interfaces instead. Removed interface and protocol-related objects from mplsVpnVrfTable. Moved mplsVpnVrfConfMaxPossibleRoutes from mplsVpnVrfTable to scalar object. Removed mplsVpnActiveVrfInterfaces scalar object. Removed mplsVpnVrfUpTime object from mplsVpnVrfTable. Added MplsVpnVrfBgpNbrPrefixTable providing a linkage with the bgp4PathAttrTable of the BGPv4 MIB." REVISION "200107171200Z" -- 17 July 2001 12:00:00 GMT DESCRIPTION "Removed mplsVpnVrfRouteTargetImport/Export from route target table, and modified indexing to better reflect N <> R distribution policy. Also added new object called mplsVpnVrfRouteTargetType which denotes import/export policy for the specified route target. Added mplsVpnIfConfRowStatus which allows for an interface to be associated with a VPN through SNMP configuration. Added VrfName to index of VrfInterfaceConfEntry which allows interfaces to be associated with the appropriate VRF. Modified description of mplsVpnVrfConfMaxPossibleRoutes and mplsVpnVrfConfMaxRoutes to allow for undetermined value. Removed 'both' enumerated value in mplsVpnVrfBgpNbrRole. Updated example to reflect these changes." REVISION "200107101200Z" -- 10 July 2001 12:00:00 GMT DESCRIPTION "Renamed mplsNumVrfSecViolationThreshExceeded to mplsNumVrfSecIllglLblThrshExcd, and removed mplsVpnIfConfIndex from varbind. PPVPN Working Group Expires May 2003 [Page 12] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 Changed MplsVpnId TC from SnmpAdminString to OCTET STRING. Added mplsVpnVrfSecIllegalLblRcvThrsh to mplsVpnVrfSecEntry. Changed duplicate mplsVpnVrfRouteTargetImport in mplsVpnVrfRouteTargetEntry INDEX to mplsVpnVrfRouteTargetExport." REVISION "200106191200Z" -- 19 June 2001 12:00:00 GMT DESCRIPTION "Fixed several compile errors." REVISION "200105301200Z" -- 30 May 2001 12:00:00 EST DESCRIPTION "Updated most of document and MIB to reflect comments from WG." REVISION "200009301200Z" -- 30 September 2000 12:00:00 EST DESCRIPTION "Initial draft version." ::= { experimental 118 } -- assigned by IANA -- Textual Conventions. MplsVpnName ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "An identifier that is assigned to each MPLS/BGP VPN and is used to uniquely identify it. This is assigned by the system operator or NMS and SHOULD be unique throughout the MPLS domain. If this is the case, then this identifier can then be used at any LSR within a specific MPLS domain to identify this MPLS/BGP VPN. It may also be possible to preserve the uniqueness of this identifier across MPLS domain boundaries, in which case this identifier can then be used to uniquely identify MPLS/BGP VPNs on a more global basis. This object MAY be set to the VPN ID as defined in RFC 2685." REFERENCE "RFC 2685 [VPN-RFC2685] Fox B., et al, 'Virtual Private Networks Identifier', September 1999." SYNTAX OCTET STRING(SIZE (0..31)) MplsVpnRouteDistinguisher ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION PPVPN Working Group Expires May 2003 [Page 13] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 "Syntax for a route distinguisher and route target." SYNTAX OCTET STRING(SIZE (0..256)) -- Top level components of this MIB. mplsVpnNotifications OBJECT IDENTIFIER ::= { mplsVpnMIB 0 } mplsVpnObjects OBJECT IDENTIFIER ::= { mplsVpnMIB 1 } mplsVpnScalars OBJECT IDENTIFIER ::= { mplsVpnObjects 1 } mplsVpnConf OBJECT IDENTIFIER ::= { mplsVpnObjects 2 } mplsVpnPerf OBJECT IDENTIFIER ::= { mplsVpnObjects 3 } mplsVpnRoute OBJECT IDENTIFIER ::= { mplsVpnObjects 4 } mplsVpnConformance OBJECT IDENTIFIER ::= { mplsVpnMIB 3 } -- -- Scalar Objects -- mplsVpnConfiguredVrfs OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of VRFs which are configured on this node." ::= { mplsVpnScalars 1 } mplsVpnActiveVrfs OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of VRFs which are active on this node. That is, those VRFs whose corresponding mplsVpnVrfOperStatus object value is equal to operational (1)." ::= { mplsVpnScalars 2 } mplsVpnConnectedInterfaces OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of interfaces connected to a VRF." ::= { mplsVpnScalars 3 } mplsVpnNotificationEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "If this object is true, then it enables the generation of all notifications defined in PPVPN Working Group Expires May 2003 [Page 14] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 this MIB." DEFVAL { false } ::= { mplsVpnScalars 4 } mplsVpnVrfConfMaxPossibleRoutes OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Denotes maximum number of routes which the device will allow all VRFs jointly to hold. If this value is set to 0, this indicates that the device is unable to determine the absolute maximum. In this case, the configured maximum MAY not actually be allowed by the device." ::= { mplsVpnScalars 5 } mplsVpnVrfConfRouteMaxThreshTime OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "Denotes the interval in seconds, at which the route max threshold notification will be re-issued after the maximum value has been exceeded (or has been reached if mplsVpnVrfConfMaxRoutes and mplsVpnVrfConfHighRouteThreshold are equal) and the initial notification has been issued. This value is intended to prevent continuous generation of notifications by an agent in the event that routes are continually added to a VRF after it has reached its maximum value. The default value is 10 minutes (600 seconds). If this value is set to 0, the agent should only issue a single notification at the time that the maxium threshold has been reached, and should not issue any more notifications until the value of routes has fallen below the configured threshold value." DEFVAL { 600 } ::= { mplsVpnScalars 6 } -- VPN Interface Configuration Table mplsVpnIfConfTable OBJECT-TYPE SYNTAX SEQUENCE OF MplsVpnIfConfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table specifies per-interface MPLS capability and associated information." ::= { mplsVpnConf 1 } mplsVpnIfConfEntry OBJECT-TYPE SYNTAX MplsVpnIfConfEntry PPVPN Working Group Expires May 2003 [Page 15] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table is created by an LSR for every interface capable of supporting MPLS/BGP VPN. Each entry in this table is meant to correspond to an entry in the Interfaces Table." INDEX { mplsVpnVrfName, mplsVpnIfConfIndex } ::= { mplsVpnIfConfTable 1 } MplsVpnIfConfEntry ::= SEQUENCE { mplsVpnIfConfIndex InterfaceIndex, mplsVpnIfLabelEdgeType INTEGER, mplsVpnIfVpnClassification INTEGER, mplsVpnIfVpnRouteDistProtocol BITS, mplsVpnIfConfStorageType StorageType, mplsVpnIfConfRowStatus RowStatus } mplsVpnIfConfIndex OBJECT-TYPE SYNTAX InterfaceIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "This is a unique index for an entry in the MplsVPNInterfaceConfTable. A non-zero index for an entry indicates the ifIndex for the corresponding interface entry in the MPLS-VPN-layer in the ifTable. Note that this table does not necessarily correspond one-to-one with all entries in the Interface MIB having an ifType of MPLS-layer; rather, only those which are enabled for MPLS/BGP VPN functionality." REFERENCE "RFC 2233 - The Interfaces Group MIB using SMIv2, McCloghrie, K., and F. Kastenholtz, Nov. 1997" ::= { mplsVpnIfConfEntry 1 } mplsVpnIfLabelEdgeType OBJECT-TYPE SYNTAX INTEGER { providerEdge (1), customerEdge (2) } MAX-ACCESS read-only STATUS current DESCRIPTION "Either the providerEdge(0) (PE) or customerEdge(1) (CE) bit MUST be set." ::= { mplsVpnIfConfEntry 2 } mplsVpnIfVpnClassification OBJECT-TYPE SYNTAX INTEGER { carrierOfCarrier (1), PPVPN Working Group Expires May 2003 [Page 16] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 enterprise (2), interProvider (3) } MAX-ACCESS read-create STATUS current DESCRIPTION "Denotes whether this link participates in a carrier-of-carrier's, enterprise, or inter-provider scenario." ::= { mplsVpnIfConfEntry 3 } mplsVpnIfVpnRouteDistProtocol OBJECT-TYPE SYNTAX BITS { none (0), bgp (1), ospf (2), rip(3), isis(4), other (5) } MAX-ACCESS read-create STATUS current DESCRIPTION "Denotes the route distribution protocol across the PE-CE link. Note that more than one routing protocol may be enabled at the same time." ::= { mplsVpnIfConfEntry 4 } mplsVpnIfConfStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for this entry." ::= { mplsVpnIfConfEntry 5 } mplsVpnIfConfRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The row status for this entry. This value is used to create a row in this table, signifying that the specified interface is to be associated with the specified interface. If this operation succeeds, the interface will have been associated, otherwise the agent would not allow the association. If the agent only allows read-only operations on this table, it will create entries in this table as they are created." ::= { mplsVpnIfConfEntry 6 } PPVPN Working Group Expires May 2003 [Page 17] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 -- VRF Configuration Table mplsVpnVrfTable OBJECT-TYPE SYNTAX SEQUENCE OF MplsVpnVrfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table specifies per-interface MPLS/BGP VPN VRF Table capability and associated information. Entries in this table define VRF routing instances associated with MPLS/VPN interfaces. Note that multiple interfaces can belong to the same VRF instance. The collection of all VRF instances comprises an actual VPN." ::= { mplsVpnConf 2 } mplsVpnVrfEntry OBJECT-TYPE SYNTAX MplsVpnVrfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table is created by an LSR for every VRF capable of supporting MPLS/BGP VPN. The indexing provides an ordering of VRFs per-VPN interface." INDEX { mplsVpnVrfName } ::= { mplsVpnVrfTable 1 } MplsVpnVrfEntry ::= SEQUENCE { mplsVpnVrfName MplsVpnName, mplsVpnVrfVpnId VPNId, mplsVpnVrfDescription SnmpAdminString, mplsVpnVrfRouteDistinguisher MplsVpnRouteDistinguisher, mplsVpnVrfCreationTime TimeStamp, mplsVpnVrfOperStatus INTEGER, mplsVpnVrfActiveInterfaces Unsigned32, mplsVpnVrfAssociatedInterfaces Unsigned32, mplsVpnVrfConfMidRouteThreshold Unsigned32, mplsVpnVrfConfHighRouteThreshold Unsigned32, mplsVpnVrfConfMaxRoutes Unsigned32, mplsVpnVrfConfLastChanged TimeStamp, mplsVpnVrfConfRowStatus RowStatus, mplsVpnVrfConfStorageType StorageType } mplsVpnVrfName OBJECT-TYPE SYNTAX MplsVpnName MAX-ACCESS not-accessible STATUS current PPVPN Working Group Expires May 2003 [Page 18] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 DESCRIPTION "The human-readable name of this VPN. This MAY be equivalent to the RFC2685 VPN-ID, but may also vary. If it is set to the VPN ID, it MUST be equivalent to the value of mplsVpnVrfVpnId. It is strongly recommended that all sites supporting VRFs that are part of the same VPN use the same naming convention for VRFs as well as the same VPN ID." REFERENCE "RFC 2685 [VPN-RFC2685] Fox B., et al, `Virtual Private Networks Identifier`, September 1999." ::= { mplsVpnVrfEntry 1 } mplsVpnVrfVpnId OBJECT-TYPE SYNTAX VPNId MAX-ACCESS read-create STATUS current DESCRIPTION "The VPN ID as specified in RFC 2685. If a VPN ID as not been specified for this VRF, then this variable SHOULD be set to an empty string." ::= { mplsVpnVrfEntry 2 } mplsVpnVrfDescription OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "The human-readable description of this VRF." ::= { mplsVpnVrfEntry 3 } mplsVpnVrfRouteDistinguisher OBJECT-TYPE SYNTAX MplsVpnRouteDistinguisher MAX-ACCESS read-create STATUS current DESCRIPTION "The route distinguisher for this VRF." ::= { mplsVpnVrfEntry 4 } mplsVpnVrfCreationTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The time at which this VRF entry was created." ::= { mplsVpnVrfEntry 5 } mplsVpnVrfOperStatus OBJECT-TYPE PPVPN Working Group Expires May 2003 [Page 19] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 SYNTAX INTEGER { up (1), down (2) } MAX-ACCESS read-only STATUS current DESCRIPTION "Denotes whether a VRF is operational or not. A VRF is up(1) when at least one interface associated with the VRF, which ifOperStatus is up(1). A VRF is down(2) when: a. There does not exist at least one interface whose ifOperStatus is up(1). b. There are no interfaces associated with the VRF." ::= { mplsVpnVrfEntry 6 } mplsVpnVrfActiveInterfaces OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of interfaces connected to this VRF with ifOperStatus = up(1). This counter should be incremented when: a. When the ifOperStatus of one of the connected interfaces changes from down(2) to up(1). b. When an interface with ifOperStatus = up(1) is connected to this VRF. This counter should be decremented when: a. When the ifOperStatus of one of the connected interfaces changes from up(1) to down(2). b. When one of the connected interfaces with ifOperStatus = up(1) gets disconnected from this VRF." ::= { mplsVpnVrfEntry 7 } mplsVpnVrfAssociatedInterfaces OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of interfaces connected to this VRF (independent of ifOperStatus type)." ::= { mplsVpnVrfEntry 8 } PPVPN Working Group Expires May 2003 [Page 20] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 mplsVpnVrfConfMidRouteThreshold OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "Denotes mid-level water marker for the number of routes which this VRF may hold." ::= { mplsVpnVrfEntry 9 } mplsVpnVrfConfHighRouteThreshold OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "Denotes high-level water marker for the number of routes which this VRF may hold." ::= { mplsVpnVrfEntry 10 } mplsVpnVrfConfMaxRoutes OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "Denotes maximum number of routes which this VRF is configured to hold. This value MUST be less than or equal to mplsVrfMaxPossibleRoutes unless it is set to 0." ::= { mplsVpnVrfEntry 11 } mplsVpnVrfConfLastChanged OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime at the time of the last change of this table entry, which includes changes of VRF parameters defined in this table or addition or deletion of interfaces associated with this VRF." ::= { mplsVpnVrfEntry 12 } mplsVpnVrfConfRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This variable is used to create, modify, and/or delete a row in this table." ::= { mplsVpnVrfEntry 13 } mplsVpnVrfConfStorageType OBJECT-TYPE PPVPN Working Group Expires May 2003 [Page 21] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for this entry." ::= { mplsVpnVrfEntry 14 } -- MplsVpnRouteTargetTable mplsVpnVrfRouteTargetTable OBJECT-TYPE SYNTAX SEQUENCE OF MplsVpnVrfRouteTargetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table specifies per-VRF route target association. Each entry identifies a connectivity policy supported as part of a VPN." ::= { mplsVpnConf 3 } mplsVpnVrfRouteTargetEntry OBJECT-TYPE SYNTAX MplsVpnVrfRouteTargetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " An entry in this table is created by an LSR for each route target configured for a VRF supporting a MPLS/BGP VPN instance. The indexing provides an ordering per-VRF instance." INDEX { mplsVpnVrfName, mplsVpnVrfRouteTargetIndex, mplsVpnVrfRouteTargetType } ::= { mplsVpnVrfRouteTargetTable 1 } MplsVpnVrfRouteTargetEntry ::= SEQUENCE { mplsVpnVrfRouteTargetIndex Unsigned32, mplsVpnVrfRouteTargetType INTEGER, mplsVpnVrfRouteTarget MplsVpnRouteDistinguisher, mplsVpnVrfRouteTargetDescr DisplayString, mplsVpnVrfRouteTargetRowStatus RowStatus } mplsVpnVrfRouteTargetIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "Auxiliary index for route-targets configured for a particular VRF." ::= { mplsVpnVrfRouteTargetEntry 2 } mplsVpnVrfRouteTargetType OBJECT-TYPE PPVPN Working Group Expires May 2003 [Page 22] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 SYNTAX INTEGER { import(1), export(2), both(3) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The route target export distribution type." ::= { mplsVpnVrfRouteTargetEntry 3 } mplsVpnVrfRouteTarget OBJECT-TYPE SYNTAX MplsVpnRouteDistinguisher MAX-ACCESS read-create STATUS current DESCRIPTION "The route target distribution policy." ::= { mplsVpnVrfRouteTargetEntry 4 } mplsVpnVrfRouteTargetDescr OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-create STATUS current DESCRIPTION "Description of the route target." ::= { mplsVpnVrfRouteTargetEntry 5 } mplsVpnVrfRouteTargetRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Row status for this entry." ::= { mplsVpnVrfRouteTargetEntry 6 } -- MplsVpnVrfBgpNbrAddrTable mplsVpnVrfBgpNbrAddrTable OBJECT-TYPE SYNTAX SEQUENCE OF MplsVpnVrfBgpNbrAddrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry in this table specifies a per-interface MPLS/EBGP neighbor." ::= { mplsVpnConf 4 } mplsVpnVrfBgpNbrAddrEntry OBJECT-TYPE SYNTAX MplsVpnVrfBgpNbrAddrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table is created by an LSR for every VRF capable of supporting MPLS/BGP VPN. The indexing provides an ordering of VRFs per-VPN PPVPN Working Group Expires May 2003 [Page 23] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 interface." INDEX { mplsVpnVrfName, mplsVpnIfConfIndex, mplsVpnVrfBgpNbrIndex } ::= { mplsVpnVrfBgpNbrAddrTable 1 } MplsVpnVrfBgpNbrAddrEntry ::= SEQUENCE { mplsVpnVrfBgpNbrIndex Unsigned32, mplsVpnVrfBgpNbrRole INTEGER, mplsVpnVrfBgpNbrType InetAddressType, mplsVpnVrfBgpNbrAddr InetAddress, mplsVpnVrfBgpNbrRowStatus RowStatus, mplsVpnVrfBgpNbrStorageType StorageType } mplsVpnVrfBgpNbrIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "This is a unique tertiary index for an entry in the MplsVpnVrfBgpNbrAddrEntry Table." ::= { mplsVpnVrfBgpNbrAddrEntry 1 } mplsVpnVrfBgpNbrRole OBJECT-TYPE SYNTAX INTEGER { ce(1), pe(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Denotes the role played by this EBGP neighbor with respect to this VRF." ::= { mplsVpnVrfBgpNbrAddrEntry 2 } mplsVpnVrfBgpNbrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "Denotes the address family of the PE address." ::= { mplsVpnVrfBgpNbrAddrEntry 3 } mplsVpnVrfBgpNbrAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Denotes the EBGP neighbor address." ::= { mplsVpnVrfBgpNbrAddrEntry 4 } mplsVpnVrfBgpNbrRowStatus OBJECT-TYPE SYNTAX RowStatus PPVPN Working Group Expires May 2003 [Page 24] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 MAX-ACCESS read-create STATUS current DESCRIPTION "This variable is used to create, modify, and/or delete a row in this table." ::= { mplsVpnVrfBgpNbrAddrEntry 5 } mplsVpnVrfBgpNbrStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for this entry." ::= { mplsVpnVrfBgpNbrAddrEntry 6 } -- MplsVpnVrfBgpNbrPrefixTable -- -- Ed note: this table will be removed as soon as the BGP4 MIB -- is updated. -- mplsVpnVrfBgpNbrPrefixTable OBJECT-TYPE SYNTAX SEQUENCE OF MplsVpnVrfBgpNbrPrefixEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table specifies per-VRF vpnv4 multi-protocol prefixes supported by BGP." ::= { mplsVpnConf 5 } mplsVpnVrfBgpNbrPrefixEntry OBJECT-TYPE SYNTAX MplsVpnVrfBgpNbrPrefixEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table is created by an LSR for every BGP prefix associated with a VRF supporting a MPLS/BGP VPN. The indexing provides an ordering of BGP prefixes per VRF." INDEX { mplsVpnVrfName, bgp4PathAttrIpAddrPrefix, bgp4PathAttrIpAddrPrefixLen, bgp4PathAttrPeer } ::= { mplsVpnVrfBgpNbrPrefixTable 1 } MplsVpnVrfBgpNbrPrefixEntry ::= SEQUENCE { mplsVpnVrfBgpPAtrPeerType InetAddressType, mplsVpnVrfBgpPAtrPeer InetAddress, mplsVpnVrfBgpPAtrIpAddrPrefixLen Integer32, mplsVpnVrfBgpPAtrIpAddrPfxType InetAddressType, mplsVpnVrfBgpPAtrIpAddrPrefix InetAddress, mplsVpnVrfBgpPAtrOrigin INTEGER, PPVPN Working Group Expires May 2003 [Page 25] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 mplsVpnVrfBgpPAtrASPathSegment OCTET STRING, mplsVpnVrfBgpPAtrNextHopType InetAddressType, mplsVpnVrfBgpPAtrNextHop InetAddress, mplsVpnVrfBgpPAtrMultiExitDisc Integer32, mplsVpnVrfBgpPAtrLocalPref Integer32, mplsVpnVrfBgpPAtrAtomicAggregate INTEGER, mplsVpnVrfBgpPAtrAggregatorAS Integer32, mplsVpnVrfBgpPAtrAggrAddrType InetAddressType, mplsVpnVrfBgpPAtrAggregatorAddr InetAddress, mplsVpnVrfBgpPAtrCalcLocalPref INTEGER, mplsVpnVrfBgpPAtrBest INTEGER, mplsVpnVrfBgpPAtrUnknown OCTET STRING } mplsVpnVrfBgpPAtrPeerType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "Address type of the mplsVpnVrfBgpPAtrPeer object." ::= { mplsVpnVrfBgpNbrPrefixEntry 1 } mplsVpnVrfBgpPAtrPeer OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The IP address of the peer where the path information was learned." ::= { mplsVpnVrfBgpNbrPrefixEntry 2 } mplsVpnVrfBgpPAtrIpAddrPrefixLen OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "Length in bits of the IP address prefix in the Network Layer Reachability Information field." ::= { mplsVpnVrfBgpNbrPrefixEntry 3 } mplsVpnVrfBgpPAtrIpAddrPfxType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "Address type of the mplsVpnVrfBgpPAtrIpAddrPrefix object." ::= { mplsVpnVrfBgpNbrPrefixEntry 4 } PPVPN Working Group Expires May 2003 [Page 26] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 mplsVpnVrfBgpPAtrIpAddrPrefix OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "An IP address prefix in the Network Layer Reachability Information field. This object is an IP address containing the prefix with length specified by mplsVpnVrfBgpPAtrIpAddrPrefixLen. Any bits beyond the length specified by mplsVpnVrfBgpPAtrIpAddrPrefixLen are zeroed." ::= { mplsVpnVrfBgpNbrPrefixEntry 5 } mplsVpnVrfBgpPAtrOrigin OBJECT-TYPE SYNTAX INTEGER { igp(1),-- networks are interior egp(2),-- networks learned via EGP incomplete(3) -- undetermined } MAX-ACCESS read-only STATUS current DESCRIPTION "The ultimate origin of the path information." ::= { mplsVpnVrfBgpNbrPrefixEntry 6 } mplsVpnVrfBgpPAtrASPathSegment OBJECT-TYPE SYNTAX OCTET STRING (SIZE (2..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "The sequence of AS path segments. Each AS path segment is represented by a triple . The type is a 1-octet field which has two possible values: 1 AS_SET: unordered set of ASs a route in the UPDATE message has traversed 2 AS_SEQUENCE: ordered set of ASs a route in the UPDATE message has traversed. The length is a 1-octet field containing the number of ASs in the value field. The value field contains one or more AS numbers, each AS is represented in the octet string as a pair of octets according to the following algorithm: PPVPN Working Group Expires May 2003 [Page 27] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 first-byte-of-pair = ASNumber / 256; second-byte-of-pair = ASNumber & 255;" ::= { mplsVpnVrfBgpNbrPrefixEntry 7 } mplsVpnVrfBgpPAtrNextHopType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "Address type of the mplsVpnVrfBgpPAtrNextHop object." ::= { mplsVpnVrfBgpNbrPrefixEntry 8 } mplsVpnVrfBgpPAtrNextHop OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The address of the border router that should be used for the destination network." ::= { mplsVpnVrfBgpNbrPrefixEntry 9 } mplsVpnVrfBgpPAtrMultiExitDisc OBJECT-TYPE SYNTAX Integer32 (-1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "This metric is used to discriminate between multiple exit points to an adjacent autonomous system. A value of -1 indicates the absence of this attribute." ::= { mplsVpnVrfBgpNbrPrefixEntry 10 } mplsVpnVrfBgpPAtrLocalPref OBJECT-TYPE SYNTAX Integer32 (-1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The originating BGP4 speaker's degree of preference for an advertised route. A value of -1 indicates the absence of this attribute." ::= { mplsVpnVrfBgpNbrPrefixEntry 11 } mplsVpnVrfBgpPAtrAtomicAggregate OBJECT-TYPE SYNTAX INTEGER { lessSpecificRrouteNotSelected(1), lessSpecificRouteSelected(2) } MAX-ACCESS read-only STATUS current PPVPN Working Group Expires May 2003 [Page 28] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 DESCRIPTION "Whether or not the local system has selected a less specific route without selecting a more specific route." ::= { mplsVpnVrfBgpNbrPrefixEntry 12 } mplsVpnVrfBgpPAtrAggregatorAS OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The AS number of the last BGP4 speaker that performed route aggregation. A value of zero (0) indicates the absence of this attribute." ::= { mplsVpnVrfBgpNbrPrefixEntry 13 } mplsVpnVrfBgpPAtrAggrAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "Address type of the mplsVpnVrfBgpPAtrAggrAddr object." ::= { mplsVpnVrfBgpNbrPrefixEntry 14 } mplsVpnVrfBgpPAtrAggregatorAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The IP address of the last BGP4 speaker that performed route aggregation. A value of 0.0.0.0 indicates the absence of this attribute." ::= { mplsVpnVrfBgpNbrPrefixEntry 15 } mplsVpnVrfBgpPAtrCalcLocalPref OBJECT-TYPE SYNTAX Integer32 (-1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The degree of preference calculated by the receiving BGP4 speaker for an advertised route. A value of -1 indicates the absence of this attribute." ::= { mplsVpnVrfBgpNbrPrefixEntry 16 } mplsVpnVrfBgpPAtrBest OBJECT-TYPE SYNTAX INTEGER { false(1),-- not chosen as best route PPVPN Working Group Expires May 2003 [Page 29] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 true(2) -- chosen as best route } MAX-ACCESS read-only STATUS current DESCRIPTION "An indication of whether or not this route was chosen as the best BGP4 route." ::= { mplsVpnVrfBgpNbrPrefixEntry 17 } mplsVpnVrfBgpPAtrUnknown OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "One or more path attributes not understood by this BGP4 speaker. Size zero (0) indicates the absence of such attribute(s). Octets beyond the maximum size, if any, are not recorded by this object." ::= { mplsVpnVrfBgpNbrPrefixEntry 18 } -- VRF Security Table mplsVpnVrfSecTable OBJECT-TYPE SYNTAX SEQUENCE OF MplsVpnVrfSecEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table specifies per MPLS/BGP VPN VRF Table security features." ::= { mplsVpnConf 6 } mplsVpnVrfSecEntry OBJECT-TYPE SYNTAX MplsVpnVrfSecEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table is created by an LSR for every VRF capable of supporting MPLS/BGP VPN. Each entry in this table is used to indicate security-related information for each VRF entry." AUGMENTS { mplsVpnVrfEntry } ::= { mplsVpnVrfSecTable 1 } MplsVpnVrfSecEntry ::= SEQUENCE { mplsVpnVrfSecIllegalLblVltns Counter32, mplsVpnVrfSecIllegalLblRcvThrsh Unsigned32 } PPVPN Working Group Expires May 2003 [Page 30] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 mplsVpnVrfSecIllegalLblVltns OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the number of illegally received labels on this VPN/VRF." ::= { mplsVpnVrfSecEntry 1 } mplsVpnVrfSecIllegalLblRcvThrsh OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "The number of illegally received labels above which this notification is issued." ::= { mplsVpnVrfSecEntry 2 } -- VRF Performance Table mplsVpnVrfPerfTable OBJECT-TYPE SYNTAX SEQUENCE OF MplsVpnVrfPerfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table specifies per MPLS/BGP VPN VRF Table performance information." ::= { mplsVpnPerf 1 } mplsVpnVrfPerfEntry OBJECT-TYPE SYNTAX MplsVpnVrfPerfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table is created by an LSR for every VRF capable of supporting MPLS/BGP VPN." AUGMENTS { mplsVpnVrfEntry } ::= { mplsVpnVrfPerfTable 1 } MplsVpnVrfPerfEntry ::= SEQUENCE { mplsVpnVrfPerfRoutesAdded Counter32, mplsVpnVrfPerfRoutesDeleted Counter32, mplsVpnVrfPerfCurrNumRoutes Unsigned32 } mplsVpnVrfPerfRoutesAdded OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the number of routes added to this VPN/VRF over the PPVPN Working Group Expires May 2003 [Page 31] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 coarse of its lifetime." ::= { mplsVpnVrfPerfEntry 1 } mplsVpnVrfPerfRoutesDeleted OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the number of routes removed from this VPN/VRF." ::= { mplsVpnVrfPerfEntry 2 } mplsVpnVrfPerfCurrNumRoutes OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the number of routes currently used by this VRF." ::= { mplsVpnVrfPerfEntry 3 } -- VRF Routing Table mplsVpnVrfRouteTable OBJECT-TYPE SYNTAX SEQUENCE OF MplsVpnVrfRouteEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table specifies per-interface MPLS/BGP VPN VRF Table routing information. Entries in this table define VRF routing entries associated with the specified MPLS/VPN interfaces. Note that this table contains both BGP and IGP routes, as both may appear in the same VRF." REFERENCE "1. RFC 1213 Section 6.6, The IP Group. 2. RFC 2096 " ::= { mplsVpnRoute 1 } mplsVpnVrfRouteEntry OBJECT-TYPE SYNTAX MplsVpnVrfRouteEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table is created by an LSR for every route present configured (either dynamically or statically) within the context of a specific VRF capable of supporting MPLS/BGP VPN. The indexing provides an ordering of VRFs per-VPN interface." INDEX { mplsVpnVrfName, mplsVpnVrfRouteDest, mplsVpnVrfRouteMask, mplsVpnVrfRouteTos, mplsVpnVrfRouteNextHop } ::= { mplsVpnVrfRouteTable 1 } PPVPN Working Group Expires May 2003 [Page 32] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 MplsVpnVrfRouteEntry ::= SEQUENCE { mplsVpnVrfRouteDestAddrType InetAddressType, mplsVpnVrfRouteDest InetAddress, mplsVpnVrfRouteMaskAddrType InetAddressType, mplsVpnVrfRouteMask InetAddress, mplsVpnVrfRouteTos Unsigned32, mplsVpnVrfRouteNextHopAddrType InetAddressType, mplsVpnVrfRouteNextHop InetAddress, mplsVpnVrfRouteIfIndex InterfaceIndexOrZero, mplsVpnVrfRouteType INTEGER, mplsVpnVrfRouteProto INTEGER, mplsVpnVrfRouteAge Unsigned32, mplsVpnVrfRouteInfo OBJECT IDENTIFIER, mplsVpnVrfRouteNextHopAS Unsigned32, mplsVpnVrfRouteMetric1 Integer32, mplsVpnVrfRouteMetric2 Integer32, mplsVpnVrfRouteMetric3 Integer32, mplsVpnVrfRouteMetric4 Integer32, mplsVpnVrfRouteMetric5 Integer32, mplsVpnVrfRouteRowStatus RowStatus, mplsVpnVrfRouteStorageType StorageType } mplsVpnVrfRouteDestAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The address type of the mplsVpnVrfRouteDest entry." ::= { mplsVpnVrfRouteEntry 1 } mplsVpnVrfRouteDest OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The destination IP address of this route. This object may not take a Multicast (Class D) address value. Any assignment (implicit or otherwise) of an instance of this object to a value x must be rejected if the bit-wise logical-AND of x with the value of the corresponding instance of the mplsVpnVrfRouteMask object is not equal to x." ::= { mplsVpnVrfRouteEntry 2 } mplsVpnVrfRouteMaskAddrType OBJECT-TYPE PPVPN Working Group Expires May 2003 [Page 33] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The address type of mplsVpnVrfRouteMask." ::= { mplsVpnVrfRouteEntry 3 } mplsVpnVrfRouteMask OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "Indicate the mask to be logical-ANDed with the destination address before being compared to the value in the mplsVpnVrfRouteDest field. For those systems that do not support arbitrary subnet masks, an agent constructs the value of the mplsVpnVrfRouteMask by reference to the IP Address Class. Any assignment (implicit or otherwise) of an instance of this object to a value x must be rejected if the bit-wise logical-AND of x with the value of the corresponding instance of the mplsVpnVrfRouteDest object is not equal to mplsVpnVrfRouteDest." ::= { mplsVpnVrfRouteEntry 4 } mplsVpnVrfRouteTos OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The IP TOS Field is used to specify the policy to be applied to this route. The encoding of IP TOS is as specified by the following convention. Zero indicates the default path if no more specific policy applies. +-----+-----+-----+-----+-----+-----+-----+-----+ | | | | | PRECEDENCE | TYPE OF SERVICE | 0 | | | | | +-----+-----+-----+-----+-----+-----+-----+-----+ IP TOS IP TOS Field Policy Field Policy Contents Code Contents Code 0 0 0 0 ==> 0 0 0 0 1 ==> 2 0 0 1 0 ==> 4 0 0 1 1 ==> 6 PPVPN Working Group Expires May 2003 [Page 34] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 0 1 0 0 ==> 8 0 1 0 1 ==> 10 0 1 1 0 ==> 12 0 1 1 1 ==> 14 1 0 0 0 ==> 16 1 0 0 1 ==> 18 1 0 1 0 ==> 20 1 0 1 1 ==> 22 1 1 0 0 ==> 24 1 1 0 1 ==> 26 1 1 1 0 ==> 28 1 1 1 1 ==> 30." ::= { mplsVpnVrfRouteEntry 5 } mplsVpnVrfRouteNextHopAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The address type of the mplsVpnVrfRouteNextHopAddrType object." ::= { mplsVpnVrfRouteEntry 6 } mplsVpnVrfRouteNextHop OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "On remote routes, the address of the next system en route; Otherwise, 0.0.0.0. ." ::= { mplsVpnVrfRouteEntry 7 } mplsVpnVrfRouteIfIndex OBJECT-TYPE SYNTAX InterfaceIndexOrZero MAX-ACCESS read-create STATUS current DESCRIPTION "The ifIndex value that identifies the local interface through which the next hop of this route should be reached. If this value is set to 0, this indicates that no interface is associated with this route." ::= { mplsVpnVrfRouteEntry 8 } mplsVpnVrfRouteType OBJECT-TYPE SYNTAX INTEGER { other (1), -- not specified reject (2), -- route to discard traffic local (3), -- local interface remote (4) -- remote destination } MAX-ACCESS read-create STATUS current DESCRIPTION "The type of route. Note that local(3) refers to a route for which the next hop is the final destination; remote(4) refers to a route for PPVPN Working Group Expires May 2003 [Page 35] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 that the next hop is not the final destination. Routes which do not result in traffic forwarding or rejection should not be displayed even if the implementation keeps them stored internally. reject (2) refers to a route which, if matched, discards the message as unreachable. This is used in some protocols as a means of correctly aggregating routes." ::= { mplsVpnVrfRouteEntry 9 } mplsVpnVrfRouteProto OBJECT-TYPE SYNTAX INTEGER { other (1), -- not specified local (2), -- local interface netmgmt (3), -- static route icmp (4), -- result of ICMP Redirect -- the following are all dynamic -- routing protocols egp (5), -- Exterior Gateway Protocol ggp (6), -- Gateway-Gateway Protocol hello (7), -- FuzzBall HelloSpeak rip (8), -- Berkeley RIP or RIP-II isIs (9), -- Dual IS-IS esIs (10), -- ISO 9542 ciscoIgrp (11), -- Cisco IGRP bbnSpfIgp (12), -- BBN SPF IGP ospf (13), -- Open Shortest Path First bgp (14), -- Border Gateway Protocol idpr (15), -- InterDomain Policy Routing ciscoEigrp (16) -- Cisco EIGRP } MAX-ACCESS read-create STATUS current DESCRIPTION "The routing mechanism via which this route was learned. Inclusion of values for gateway rout- ing protocols is not intended to imply that hosts should support those protocols." ::= { mplsVpnVrfRouteEntry 10 } mplsVpnVrfRouteAge OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of seconds since this route was last updated or otherwise determined to be correct. Note that no semantics of `too old' PPVPN Working Group Expires May 2003 [Page 36] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 can be implied except through knowledge of the routing protocol by which the route was learned." ::= { mplsVpnVrfRouteEntry 11 } mplsVpnVrfRouteInfo OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-create STATUS current DESCRIPTION "A reference to MIB definitions specific to the particular routing protocol which is responsi- ble for this route, as determined by the value specified in the route's mplsVpnVrfRouteProto value. If this information is not present, its value SHOULD be set to the OBJECT IDENTIFIER { 0 0 }, which is a syntactically valid object identif-ier, and any implementation conforming to ASN.1 and the Basic Encoding Rules must be able to generate and recognize this value." ::= { mplsVpnVrfRouteEntry 12 } mplsVpnVrfRouteNextHopAS OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "The Autonomous System Number of the Next Hop. The semantics of this object are determined by the routing-protocol specified in the route's mplsVpnVrfRouteProto value. When this object is unknown or not relevant its value should be set to zero." ::= { mplsVpnVrfRouteEntry 13 } mplsVpnVrfRouteMetric1 OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "The primary routing metric for this route. The semantics of this metric are determined by the routing-protocol specified in the route's mplsVpnVrfRouteProto value. If this metric is not used, its value should be set to -1." ::= { mplsVpnVrfRouteEntry 14 } mplsVpnVrfRouteMetric2 OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create PPVPN Working Group Expires May 2003 [Page 37] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 STATUS current DESCRIPTION "An alternate routing metric for this route. The semantics of this metric are determined by the routing-protocol specified in the route's mplsVpnVrfRouteProto value. If this metric is not used, its value should be set to -1." ::= { mplsVpnVrfRouteEntry 15 } mplsVpnVrfRouteMetric3 OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "An alternate routing metric for this route. The semantics of this metric are determined by the routing-protocol specified in the route's mplsVpnVrfRouteProto value. If this metric is not used, its value should be set to -1." ::= { mplsVpnVrfRouteEntry 16 } mplsVpnVrfRouteMetric4 OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "An alternate routing metric for this route. The semantics of this metric are determined by the routing-protocol specified in the route's mplsVpnVrfRouteProto value. If this metric is not used, its value should be set to -1." ::= { mplsVpnVrfRouteEntry 17 } mplsVpnVrfRouteMetric5 OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "An alternate routing metric for this route. The semantics of this metric are determined by the routing-protocol specified in the route's mplsVpnVrfRouteProto value. If this metric is not used, its value should be set to -1." ::= { mplsVpnVrfRouteEntry 18 } mplsVpnVrfRouteRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION PPVPN Working Group Expires May 2003 [Page 38] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 "Row status for this table. It is used according to row installation and removal conventions." ::= { mplsVpnVrfRouteEntry 19 } mplsVpnVrfRouteStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "Storage type value." ::= { mplsVpnVrfRouteEntry 20 } -- MPLS/BGP VPN Notifications mplsVrfIfUp NOTIFICATION-TYPE OBJECTS { mplsVpnIfConfRowStatus, mplsVpnVrfOperStatus } STATUS current DESCRIPTION "This notification is generated when: a. The ifOperStatus of an interface associated with a VRF changes to the up(1) state. b. When an interface with ifOperStatus = up(1) is associated with a VRF." ::= { mplsVpnNotifications 1 } mplsVrfIfDown NOTIFICATION-TYPE OBJECTS { mplsVpnIfConfRowStatus, mplsVpnVrfOperStatus } STATUS current DESCRIPTION "This notification is generated when: a. The ifOperStatus of an interface associated with a VRF changes to the down(1) state. b. When an interface with ifOperStatus = up(1) state is disassociated with a VRF." ::= { mplsVpnNotifications 2 } mplsNumVrfRouteMidThreshExceeded NOTIFICATION-TYPE OBJECTS { mplsVpnVrfPerfCurrNumRoutes, mplsVpnVrfConfMidRouteThreshold } STATUS current DESCRIPTION "This notification is generated when the number of routes contained by the specified VRF exceeds the value indicated by mplsVrfMidRouteThreshold. A single notification MUST be generated when this threshold is exceeded, and no other notifications of PPVPN Working Group Expires May 2003 [Page 39] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 this type should be issued until the value of mplsVpnVrfPerfCurrNumRoutes has fallen below that of mplsVpnVrfConfMidRouteThreshold." ::= { mplsVpnNotifications 3 } mplsNumVrfRouteMaxThreshExceeded NOTIFICATION-TYPE OBJECTS { mplsVpnVrfPerfCurrNumRoutes, mplsVpnVrfConfHighRouteThreshold } STATUS current DESCRIPTION "This notification is generated when the number of routes contained by the specified VRF reaches or attempts to exceed the maximum allowed value as indicated by mplsVrfMaxRouteThreshold. In cases where mplsVpnVrfConfHighRouteThreshold is set to the same value as mplsVpnVrfConfMaxRoutes, mplsVpnVrfConfHighRouteThreshold need not be exceeded; rather, just reached for this notification to be issued. Note that mplsVpnVrfConfRouteMaxThreshTime denotes the interval at which the this notification will be re-issued after the maximum value has been exceeded (or reached if mplsVpnVrfConfMaxRoutes and mplsVpnVrfConfHighRouteThreshold are equal) and the initial notification has been issued. This value is intended to prevent continuous generation of notifications by an agent in the event that routes are continually added to a VRF after it has reached its maximum value. The default value is 10 minutes. If this value is set to 0, the agent should only issue a single notification at the time that the maximum threshold has been reached, and should not issue any more notifications until the value of routes has fallen below the configured threshold value." ::= { mplsVpnNotifications 4 } mplsNumVrfSecIllglLblThrshExcd NOTIFICATION-TYPE OBJECTS { mplsVpnVrfSecIllegalLblVltns } STATUS current DESCRIPTION "This notification is generated when the number of illegal label violations on a VRF as indicated by mplsVpnVrfSecIllegalLblVltns has exceeded mplsVpnVrfSecIllegalLblRcvThrsh. The threshold is not included in the varbind here because the value of mplsVpnVrfSecIllegalLblVltns should be one greater than the threshold at the time this notification is issued." ::= { mplsVpnNotifications 5 } mplsNumVrfRouteMaxThreshCleared NOTIFICATION-TYPE OBJECTS { mplsVpnVrfPerfCurrNumRoutes, mplsVpnVrfConfHighRouteThreshold } PPVPN Working Group Expires May 2003 [Page 40] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 STATUS current DESCRIPTION "This notification is generated only after the number of routes contained by the specified VRF reaches or attempts to exceed the maximum allowed value as indicated by mplsVrfMaxRouteThreshold, and then falls below this value. The emission of this notification informs the operator that the error condition has been cleared without the operator having to query the device. Note that mplsVpnVrfConfRouteMaxThreshTime denotes the interval at which the the mplsNumVrfRouteMaxThreshExceeded notification will be re-issued after the maximum value has been exceeded (or reached if mplsVpnVrfConfMaxRoutes and mplsVpnVrfConfHighRouteThreshold are equal) and the initial notification has been issued. Therefore, the generation of this notification should also be emitted with this same frequency (assuming that the error condition is cleared). Specifically, if the error condition is reached and cleared several times during the period of time specified in mplsVpnVrfConfRouteMaxThreshTime, only a single notification will be issued to indicate the first instance of the error condition as well as the first time the error condition is cleared. This behavior is intended to prevent continuous generation of notifications by an agent in the event that routes are continually added and removed to/from a VRF after it has reached its maximum value. The default value is 10 minutes. If this value is set to 0, the agent should issue a notification whenever the maximum threshold has been cleared." ::= { mplsVpnNotifications 6 } -- Conformance Statement mplsVpnGroups OBJECT IDENTIFIER ::= { mplsVpnConformance 1 } mplsVpnCompliances OBJECT IDENTIFIER ::= { mplsVpnConformance 2 } -- Module Compliance mplsVpnModuleCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "Compliance statement for agents that support the MPLS VPN MIB." MODULE -- this module -- The mandatory groups have to be implemented -- by all LSRs supporting MPLS BGP/VPNs. However, -- they may all be supported PPVPN Working Group Expires May 2003 [Page 41] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 -- as read-only objects in the case where manual -- configuration is unsupported. MANDATORY-GROUPS { mplsVpnScalarGroup, mplsVpnVrfGroup, mplsVpnIfGroup, mplsVpnPerfGroup, mplsVpnVrfRouteGroup, mplsVpnVrfBgpNbrGroup, mplsVpnVrfRouteTargetGroup, mplsVpnVrfBgpPrefixGroup, mplsVpnSecGroup, mplsVpnNotificationGroup } ::= { mplsVpnCompliances 1 } -- Units of conformance. mplsVpnScalarGroup OBJECT-GROUP OBJECTS { mplsVpnConfiguredVrfs, mplsVpnActiveVrfs, mplsVpnConnectedInterfaces, mplsVpnNotificationEnable, mplsVpnVrfConfMaxPossibleRoutes, mplsVpnVrfConfRouteMaxThreshTime } STATUS current DESCRIPTION "Collection of scalar objects required for MPLS VPN management." ::= { mplsVpnGroups 1 } mplsVpnVrfGroup OBJECT-GROUP OBJECTS { mplsVpnVrfVpnId, mplsVpnVrfDescription, mplsVpnVrfRouteDistinguisher, mplsVpnVrfCreationTime, mplsVpnVrfOperStatus, mplsVpnVrfActiveInterfaces, mplsVpnVrfAssociatedInterfaces, mplsVpnVrfConfMidRouteThreshold, mplsVpnVrfConfHighRouteThreshold, mplsVpnVrfConfMaxRoutes, mplsVpnVrfConfLastChanged, mplsVpnVrfConfRowStatus, mplsVpnVrfConfStorageType } STATUS current PPVPN Working Group Expires May 2003 [Page 42] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 DESCRIPTION "Collection of objects needed for MPLS VPN VRF management." ::= { mplsVpnGroups 2 } mplsVpnIfGroup OBJECT-GROUP OBJECTS { mplsVpnIfLabelEdgeType, mplsVpnIfVpnClassification, mplsVpnIfVpnRouteDistProtocol, mplsVpnIfConfStorageType, mplsVpnIfConfRowStatus } STATUS current DESCRIPTION "Collection of objects needed for MPLS VPN interface management." ::= { mplsVpnGroups 3 } mplsVpnPerfGroup OBJECT-GROUP OBJECTS { mplsVpnVrfPerfRoutesAdded, mplsVpnVrfPerfRoutesDeleted, mplsVpnVrfPerfCurrNumRoutes } STATUS current DESCRIPTION "Collection of objects needed for MPLS VPN performance information." ::= { mplsVpnGroups 4 } mplsVpnVrfBgpNbrGroup OBJECT-GROUP OBJECTS { mplsVpnVrfBgpNbrRole, mplsVpnVrfBgpNbrType, mplsVpnVrfBgpNbrAddr, mplsVpnVrfBgpNbrRowStatus, mplsVpnVrfBgpNbrStorageType } STATUS current DESCRIPTION "Collection of objects needed for MPLS VPN bgp neighbor-related information." ::= { mplsVpnGroups 5 } mplsVpnVrfBgpPrefixGroup OBJECT-GROUP OBJECTS { mplsVpnVrfBgpPAtrOrigin, mplsVpnVrfBgpPAtrASPathSegment, mplsVpnVrfBgpPAtrNextHop, mplsVpnVrfBgpPAtrMultiExitDisc, PPVPN Working Group Expires May 2003 [Page 43] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 mplsVpnVrfBgpPAtrLocalPref, mplsVpnVrfBgpPAtrAtomicAggregate, mplsVpnVrfBgpPAtrAggregatorAS, mplsVpnVrfBgpPAtrAggregatorAddr, mplsVpnVrfBgpPAtrCalcLocalPref, mplsVpnVrfBgpPAtrBest, mplsVpnVrfBgpPAtrUnknown, mplsVpnVrfBgpPAtrPeerType, mplsVpnVrfBgpPAtrIpAddrPfxType, mplsVpnVrfBgpPAtrNextHopType, mplsVpnVrfBgpPAtrAggrAddrType } STATUS current DESCRIPTION "Collection of objects needed for MPLS VPN bgp neighbor-related information." ::= { mplsVpnGroups 6 } mplsVpnSecGroup OBJECT-GROUP OBJECTS { mplsVpnVrfSecIllegalLblVltns, mplsVpnVrfSecIllegalLblRcvThrsh } STATUS current DESCRIPTION "Collection of objects needed for MPLS VPN security-related information." ::= { mplsVpnGroups 7 } mplsVpnVrfRouteGroup OBJECT-GROUP OBJECTS { mplsVpnVrfRouteDestAddrType, mplsVpnVrfRouteMaskAddrType, mplsVpnVrfRouteNextHop, mplsVpnVrfRouteNextHopAddrType, mplsVpnVrfRouteIfIndex, mplsVpnVrfRouteType, mplsVpnVrfRouteProto, mplsVpnVrfRouteAge, mplsVpnVrfRouteInfo, mplsVpnVrfRouteNextHopAS, mplsVpnVrfRouteMetric1, mplsVpnVrfRouteMetric2, mplsVpnVrfRouteMetric3, mplsVpnVrfRouteMetric4, mplsVpnVrfRouteMetric5, mplsVpnVrfRouteRowStatus, mplsVpnVrfRouteStorageType } STATUS current DESCRIPTION "Objects required for VRF route table management." PPVPN Working Group Expires May 2003 [Page 44] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 ::= { mplsVpnGroups 8 } mplsVpnVrfRouteTargetGroup OBJECT-GROUP OBJECTS { mplsVpnVrfRouteTargetDescr, mplsVpnVrfRouteTarget, mplsVpnVrfRouteTargetRowStatus } STATUS current DESCRIPTION "Objects required for VRF route target management." ::= { mplsVpnGroups 9 } mplsVpnNotificationGroup NOTIFICATION-GROUP NOTIFICATIONS { mplsVrfIfUp, mplsVrfIfDown, mplsNumVrfRouteMidThreshExceeded, mplsNumVrfRouteMaxThreshExceeded, mplsNumVrfSecIllglLblThrshExcd, mplsNumVrfRouteMaxThreshCleared } STATUS current DESCRIPTION "Objects required for MPLS VPN notifications." ::= { mplsVpnGroups 10 } -- End of MPLS-VPN-MIB END 12.0 Acknowledgments This document has benefited from discussions and input from Bill Fenner, Gerald Ash, Sumit Mukhopadhyay, Mike Piecuch. 13.0 Intellectual Property Considerations The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to per- tain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards- related documentation can be found in BCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF Secretariat. PPVPN Working Group Expires May 2003 [Page 45] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director. 14.0 References [RFC2547bis] Rosen, E., Rekhter, Y., Bogovic, T., Brannon, S., Carugi, M., Chase, C., Chung, T., De Clercq, J., Dean, E., Hitchin, P., Leelanivas, M., Marshall, D., Martini, L., Srinivasan, V., Vedrenne, A., "BGP/MPLS VPNs", Internet Draft , February 2001. [MPLSArch] Rosen, E., Viswanathan, A., and R. Callon, "Multiprotocol Label Switching Architecture", RFC3031, January 2001. [VPN-RFC2685] Fox B., et al, "Virtual Private Networks Identifier", RFC 2685, September 1999. [LSRMIB] Srinivasan, C., Viswanathan, A. and T. Nadeau, "MPLS Label Switch Router Management Information Base Using SMIv2", Internet Draft , January 2001. [LSRMIB] Srinivasan, C., Viswanathan, A. and T. Nadeau, "MPLS Traffic Engineering Management Information Base Using SMIv2", Internet Draft , March 2001. [Assigned] Reynolds, J., and J. Postel, "Assigned Numbers", RFC 1700, October 1994. See also: http://www.isi.edu/in-notes/iana/assignments/smi- numbers [IANAFamily] Internet Assigned Numbers Authority (IANA), ADDRESS FAMILY NUMBERS,(http://www.isi.edu/in- notes/iana/assignements/address-family-numbers), for MIB see: ftp://ftp.isi.edu/mib/ianaaddressfamilynumbers.mib [SNMPArch] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing SNMP Management Frameworks", RFC 2271, January 1998. [SMIv1] Rose, M., and K. McCloghrie, "Structure and Identification of Management Information for PPVPN Working Group Expires May 2003 [Page 46] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 TCP/IP-based Internets", RFC 1155, May 1990. [SNMPv1MIBDef]Rose, M., and K. McCloghrie, "Concise MIB Definitions", RFC 1212, March 1991. [SNMPv1Traps] M. Rose, "A Convention for Defining Traps for use with the SNMP", RFC 1215, March 1991. [RFC2572] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2572, April 1999. [RFC2574] Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2574, April 1999. [RFC1905] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, January 1996. [RFC2573] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC 2573, April 1999. [RFC2575] Wijnen, B., Presuhn, R., and K. McCloghrie, "View- based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2575, April 1999. [RFC2570] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction to Version 3 of the Internet-standard Network Management Framework", RFC 2570, April 1999. [SMIv2] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Structure of Management Information for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1902, January 1996. [SNMPv2TC] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Textual Conventions for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1903, SNMP Research, Inc., Cisco Systems, Inc., January 1996. [SNMPv2Conf] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Conformance Statements for Version 2 of the Simple Network Management Protocol PPVPN Working Group Expires May 2003 [Page 47] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 (SNMPv2)", RFC 1904, January 1996. [SNMPv1] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network Management Protocol", RFC 1157, May 1990. [SNMPv2c] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, January 1996. [SNMPv2TM] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1906, January 1996. [SNMPv3MP] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2272, January 1998. [SNMPv3USM] Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2574, April 1999. [SNMPv2PO] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, January 1996. [SNMPv3App] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC 2273, January 1998. [SNMPv3VACM] Wijnen, B., Presuhn, R., and K. McCloghrie, "View- based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2575, April 1999. [IPSEC] Kent, S., and Atkinson, R., "Security Architecture for the Internet Protocol", RFC 2401, November 1998. [IFMIB] McCloghrie, K., and F. Kastenholtz, "The Interfaces Group MIB using SMIv2", RFC 2233, Nov. 1997 [BCP14] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC1213] McCloghrie, K., and M. Rose, "Management Information Base for Network Management of PPVPN Working Group Expires May 2003 [Page 48] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 TCP/IP-based internets: MIB-II", RFC1213, March 1991. [RFC2096] Baker, F., "IP Forwarding Table MIB", RFC2096, January 1997. 14.0 Authors' Addresses Thomas D. Nadeau Cisco Systems, Inc. 250 Apollo Drive Chelmsford, MA 01824 Phone: +1-978-244-3051 Email: tnadeau@cisco.com Luyuan Fang AT&T 200 Laurel Ave Middletown, NJ 07748 Phone: +1-732-420-1921 Email: luyuanfang@att.com Fabio M. Chiussi Bell Laboratories, Lucent Technologies 101 Crawfords Corner Road, Room 4D-521 Holmdel, NJ 07733 Phone: +1-732-949-2407 Email: fabio@bell-labs.com Joseph Dube Avici Systems, Inc. 101 Billerica Avenue North Billerica, MA 01862 Phone: +1-978-964-2258 Email: jdube@avici.com Martin Tatham British Telecom BT Adastal Park, Martlesham Heath, Ipswich, IP5 3RE UK Tel: +44 1473 606349 Fax: +44 1473 606727 Email: martin.tatham@bt.com Harmen van der Linde AT&T - Frame Relay Network Mgnt Platform Planning Room C2-3C34 PPVPN Working Group Expires May 2003 [Page 49] Internet Draft PPVPN-MPLS-VPN MIB Novemebr 1, 2002 200 Laurel Ave Middletown, NJ 07748 Tel: +1-732-420-1916 Email: hvdl@att.com 15.0 Dedication Steve Brannon passed away suddenly on January 30, 2001. We would like to dedicate our efforts in this area and this document to his memory. 16.0 Full Copyright Statement Copyright (C) The Internet Society (2000). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. PPVPN Working Group Expires May 2003 [Page 50]