MPLS Working Group Kingston Smiler Selvaraj Internet-Draft IpInfusion Intended status: Standards Track M. Venkatesan Expires: September 19, 2016 Dell Inc. V. Manral Nano Sec Daniel King Old Dog Consulting Sam Aldrin Google, Inc. J. Ryoo ETRI March 18, 2016 MPLS Transport Profile Linear Protection MIB draft-ietf-mpls-tp-linear-protection-mib-07 Abstract This memo defines a portion of the Management Information Base (MIB) for use with network management protocols. In particular it defines objects for managing MPLS Transport Profile (MPLS-TP) Linear Protection. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on September 19, 2016. Copyright Notice Copyright (c) 2016 IETF Trust and the persons identified as the document authors. All rights reserved. Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 1] Internet-Draft MPLS-TP Linear Protection MIB March 2016 This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. The Internet-Standard Management Framework . . . . . . . . . 3 3. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 4. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 3 5. Structure of the MIB Module . . . . . . . . . . . . . . . . . 4 5.1. Textual Conventions . . . . . . . . . . . . . . . . . . . 4 5.2. The MPLS-TP Linear Protection Subtree . . . . . . . . . . 4 5.3. The Notifications Subtree . . . . . . . . . . . . . . . . 4 5.4. The Table Structures . . . . . . . . . . . . . . . . . . 5 6. Relationship to Other MIB Modules . . . . . . . . . . . . . . 6 6.1. Relationship to the MPLS OAM maintenance identifiers MIB module . . . . . . . . . . . . . . . . . . . . . . . . . 6 7. Example of Protection switching configuration for MPLS-TP TE tunnel . . . . . . . . . . . . . . . . . . . . . . 6 8. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 8 9. Security Considerations . . . . . . . . . . . . . . . . . . . 34 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 36 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 36 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 36 12.1. Normative References . . . . . . . . . . . . . . . . . . 36 12.2. Informative References . . . . . . . . . . . . . . . . . 36 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 38 1. Introduction This memo defines a portion of the Management Information Base (MIB) for use with network management protocols. In particular it defines objects for managing MPLS Transport Profile (MPLS-TP) Linear Protection. This MIB module should be used for configuring and managing the MPLS- TP linear protection for MPLS-TP LSPs. At the time of writing, SNMP SET is no longer recommended as a way to configure MPLS networks as was described in RFC 3812 [RFC3812]. However, since the MIB modules specified in this document are Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 2] Internet-Draft MPLS-TP Linear Protection MIB March 2016 intended to work in parallel with the MIB modules for MPLS specified in [RFC3812], certain objects defined here are specified with MAX- ACCESS of read- write or read-create so that specifications of the base tables in [RFC3812] and the new MIB modules in this document are consistent. Although the examples described in Section 7 specify means to configure OAM identifiers for MPLS-TP tunnels, this should be seen as indicating how the MIB values would be returned in the specified circumstances having been configured by alternative means. 2. The Internet-Standard Management Framework For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580]. 3. Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14, RFC 2119 [RFC2119]. 4. Overview RFC 6378 [RFC6378] defines the protocol to provide a linear protection switching mechanism for MPLS transport profile with protection domain as a point-to-point LSP. RFC 7271 [RFC7271] describes alternate mechanisms to perform some of the functions defined in [RFC6378], and also defines additional mechanisms, in order to provide operator control and experience that more closely models the behavior of linear protection seen in other transport networks. Two modes are defined for MPLS-TP linear protection switching: Protection State Coordination (PSC) mode and Automatic Protection Switching (APS) mode as specified in [RFC6378] and [RFC7271], respectively. The detailed protocol specification of MPLS transport profile linear protection is described in [RFC6378] and [RFC7271]. Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 3] Internet-Draft MPLS-TP Linear Protection MIB March 2016 This document specifies a MIB module for the Label Edge Router (LER) that supports MPLS TP Linear protection and a MIB module that defines textual conventions. Objects defined in the document are generally applied to both PSC and APS modes. If an object is valid for a particular mode only, it is noted in the description for the object. 5. Structure of the MIB Module 5.1. Textual Conventions The following new textual conventions are defined in a separate MIB module in this document MplsLpsReq MplsLpsFpathPath MplsLpsCommand MplsLpsState 5.2. The MPLS-TP Linear Protection Subtree MPLS-LPS-MIB is the MIB module defined in this document, and it is put under mplsStdMIB. 5.3. The Notifications Subtree Notifications are defined to inform the management station about switchover, provisioning mismatches, and protocol failures of linear protection domain. The following notifications are defined for this purpose: o The notification, mplsLpsEventSwitchover is to inform the management station about the switchover of the active path. o The notification, mplsLpsEventRevertiveMismatch is to inform the management station about the provisioning mismatch in the revertive mode across the end point of the protection domain. o The notification, mplsLpsEventProtecTypeMismatch is to inform the management station about the provisioning mismatch in protection type, representing both bridge and switching types, across the end point of the protection domain. o The notification, mplsLpsEventCapabilitiesMismatch is to inform the management station about the provisioning mismatch in Capabilities TLVs across the end point of the protection domain. Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 4] Internet-Draft MPLS-TP Linear Protection MIB March 2016 o The notification, mplsLpsEventPathConfigMismatch is to inform the management station about the provisioning mismatch in the protection path configuration for PSC communication. o The notification, mplsLpsEventFopNoResponse is to inform the management station about the failure of protocol due to a lack of response to a traffic switchover request in 50 ms. o The notification, mplsLpsEventFopTimOut is to inform the management station about the failure of protocol due to no protocol message received during at least 3.5 times the long PSC message interval. 5.4. The Table Structures The MPLS-TP linear protection MIB module has four tables. The tables are as follows o mplsLpsConfigTable This table is used to configure MPLS-TP linear protection domain. The protection domain is identified by mplsLpsConfigGroupName. The other attributes in this table can be used to configure properties that are specific to the protection domain. o mplsLpsStatusTable This table provides the current status information of MPLS-TP linear protection domains that have been configured on the system. When a protection domain is configured or deleted in the mplsLpsConfigTable, then the corresponding row of that session in the mplsLpsStatusTable is, respectively, automatically created or deleted. o mplsLpsMeConfigTable This table is used to associate the Maintenance Entities (MEs) to the protection domain. The ME is identified by mplsOamIdMegIndex, mplsOamIdMeIndex and mplsOamIdMeMpIndex. o mplsLpsMeStatusTable This table provides the current information about the protection state of MEs that have been configured on the system. When a ME configured or deleted in the mplsLpsMeConfigTable, then the corresponding row of that session in the mplsLpsMeStatusTable is, respectively, automatically created or deleted. Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 5] Internet-Draft MPLS-TP Linear Protection MIB March 2016 6. Relationship to Other MIB Modules 6.1. Relationship to the MPLS OAM maintenance identifiers MIB module The mplsLpsMeConfigTable entry is extended by entry in the mplsOamIdMeTable defined in draft-ietf-mpls-tp-oam-id-mib [I-D.ietf-mpls-tp-oam-id-mib]. Note that the nature of the 'extends' relationship is a sparse augmentation so that the entry in the mplsLpsMeConfigTable has the same index values as the entry in the mplsOamIdMeTable. Each time that an entry is created in the mplsOamIdMeTable for which the LER supports MPLS-TP linear protection a row is created automatically in the mplsLpsMeConfigTable. 7. Example of Protection switching configuration for MPLS-TP TE tunnel This example considers the protection domain configuration on a head- end LSR to provide protection for a co-routed bidirectional MPLS tunnel. Only relevant objects which are applicable for protection domain identifiers of co-routed MPLS tunnel are illustrated here. In mplsOamIdMegTable: { -- MEG index (Index to the table) mplsOamIdMegIndex = 1, mplsOamIdMegName = "MEG1", mplsOamIdMegOperatorType = ipCompatible (1), mplsOamIdMegServiceType = lsp (1), mplsOamIdMegMpLocation = perNode(1), -- Mandatory parameters needed to activate the row go here mplsOamIdMegRowStatus = createAndGo (4) } This will create an entry in the mplsOamIdMegTable to protect the MPLS tunnel. The following ME table is used to associate the path information to a MEG. Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 6] Internet-Draft MPLS-TP Linear Protection MIB March 2016 In mplsOamIdMeTable: { -- ME index (Index to the table) mplsOamIdMeIndex = 1, -- MP index (Index to the table) mplsOamIdMeMpIndex = 1, mplsOamIdMeName = "ME1", mplsOamIdMeMpIfIndex = 0, -- Source MEP id is derived from the IP compatible MPLS -- tunnel mplsOamIdMeSourceMepIndex = 0, -- Source MEP id is derived from the IP compatible MPLS -- tunnel mplsOamIdMeSinkMepIndex = 0, mplsOamIdMeMpType = mep (1), mplsOamIdMeMepDirection = down (2), mplsOamIdMeProactiveOamPhbTCValue = 0, mplsOamIdMeOnDemandOamPhbTCValue = 0, -- RowPointer MUST point to the first accessible column -- of an MPLS tunnel mplsOamIdMeServicePointer = mplsTunnelName.1.1.1.2, -- Mandatory parameters needed to activate the row go here mplsOamIdMeRowStatus = createAndGo (4) } The below table associates the MEs with protection domains. Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 7] Internet-Draft MPLS-TP Linear Protection MIB March 2016 In mplsLpsConfigTable: mplsLpsConfigEntry ::= SEQUENCE { -- Group index mplsLpsConfigDomainIndex = 1, mplsLpsConfigDomainName = "LPDomain1", mplsLpsConfigMode = psc (1), mplsLpsConfigProtectionType = oneColonOneBidirectional (2), -- Mandatory parameters needed to activate the row go here mplsLpsConfigRowStatus = createAndGo (4) } In mplsLpsMeConfigTable: MplsLpsMeConfigEntry ::= SEQUENCE { -- MEG index (Index to the table) mplsOamIdMegIndex = 1, -- ME index mplsOamIdMeIndex = 1, -- MP index (Index to the table) mplsOamIdMeMpIndex = 1, -- Group index mplsLpsMeConfigDomainIndex = 1, -- Configuration state mplsLpsMeConfigState = working(1) } 8. Definitions MPLS-LPS-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, NOTIFICATION-TYPE, OBJECT-TYPE, Gauge32, Counter32, Integer32, Unsigned32 FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF -- [RFC2580] TEXTUAL-CONVENTION, RowStatus, TimeStamp, StorageType FROM SNMPv2-TC SnmpAdminString FROM SNMP-FRAMEWORK-MIB mplsStdMIB FROM MPLS-TC-STD-MIB -- [RFC3811] mplsOamIdMegIndex, mplsOamIdMeIndex, mplsOamIdMeMpIndex FROM MPLS-OAM-ID-STD-MIB; Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 8] Internet-Draft MPLS-TP Linear Protection MIB March 2016 mplsLpsMIB MODULE-IDENTITY LAST-UPDATED "201512060000Z" -- December 06, 2015 ORGANIZATION "Multiprotocol Label Switching (MPLS) Working Group" CONTACT-INFO " Kingston Smiler Selvaraj IP Infusion RMZ Centennial Mahadevapura Post Bangalore - 560048 India EMail: kingstonsmiler@gmail.com Mahalingam Venkatesan Dell Inc. 5450 Great America Parkway, Santa Clara, CA 95054, USA Email: venkat.mahalingams@gmail.com Vishwas Manral Ionos Corp, 4100 Moorpark Ave, San Jose, CA Email: vishwas@ionosnetworks.com Daniel King Old Dog Consulting UK Email:daniel@olddog.co.uk Sam Aldrin Google, Inc. 1600 Amphitheatre Parkway Mountain View, CA USA Email: aldrin.ietf@gmail.com Jeong-dong Ryoo ETRI 218 Gajeong-ro Yuseong-gu, Daejeon 34129 South Korea Email:ryoo@etri.re.kr " DESCRIPTION "This management information module supports the configuration and management of MPLS-TP linear protection domains. " REVISION Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 9] Internet-Draft MPLS-TP Linear Protection MIB March 2016 "201512060000Z" -- December 06, 2015 DESCRIPTION "MPLS-TP Protection Switching Domain objects for LSP MEPs" ::= { mplsStdMIB xxx } -- xxx to be replaced with -- correct value -- Top level components of this MIB module. -- Notifications mplsLpsNotifications OBJECT IDENTIFIER ::= { mplsLpsMIB 0 } -- tables, scalars mplsLpsObjects OBJECT IDENTIFIER ::= { mplsLpsMIB 1 } -- conformance mplsLpsConformance OBJECT IDENTIFIER ::= { mplsLpsMIB 2 } MplsLpsReq ::= TEXTUAL-CONVENTION DISPLAY-HINT "1d" STATUS current DESCRIPTION "This Textual Convention describes an object that stores the PSC Request field of the PSC control packet. The values are as follows 1110 Lockout of Protection 1100 Forced Switch 1010 Signal Fail (SF) 0111 Signal Degrade (SD) 0101 Manual Switch 0100 Wait-to-Restore 0011 Exercise 0010 Reverse Request 0001 Do Not Revert 0000 No Request" REFERENCE "Section 4.2.2 of RFC6378 and Section 8 of RFC7271" SYNTAX OCTET STRING (SIZE (2)) MplsLpsFpathPath ::= TEXTUAL-CONVENTION DISPLAY-HINT "1x:" STATUS current DESCRIPTION "This Textual Convention describes an object that stores Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 10] Internet-Draft MPLS-TP Linear Protection MIB March 2016 the Fault Path (FPath) field and Data Path (Path) field of the PSC control packet. FPath is located in the first octet and Path is located in the second octet. Bits are numbered from left to right. The value and the interpretation of FPath field is as follows 2-255 for future extensions 1 the anomaly condition is on the working path 0 the anomaly condition is on the protection path The value and the interpretation of Path field is as follows 2-255 for future extensions 1 protection path is transporting user data traffic 0 protection path is not transporting user data traffic " REFERENCE "Section 4.2.5 and 4.2.6 of RFC6378" SYNTAX OCTET STRING (SIZE (2)) MplsLpsCommand ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This command allows a user to perform any action over a protection domain. If the protection command cannot be executed because an equal or higher priority request is in effect, an inconsistentValue error is returned. The command values are: noCmd This value should be returned by a read request when no command has been written to the object in question since initialization. This value may not be used in a write operation. If noCmd is used in a write operation a wrongValue error is returned. clear Clears all of the commands listed below for the protection domain. lockoutOfProtection Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 11] Internet-Draft MPLS-TP Linear Protection MIB March 2016 Prevents switching traffic to the protection path. forcedSwitch Switches traffic from the working path to the protection path. manualSwitchToWork Switches traffic from the protection path to the working path. manualSwitchToProtect Switches traffic from the working path to the protection path. exercise Used to verify the correct operation of the PSC communication and the integrity of the protection path. This command is not applicable to the PSC mode. freeze This command freezes the protection state and is a local command that is not signaled to the remote node. This command is not applicable to the PSC mode. clearfreeze Clears the local freeze. This command is not applicable to the PSC mode. " SYNTAX INTEGER { noCmd(1), clear(2), lockoutOfProtection(3), forcedSwitch(4), manualSwitchToWork(5), manualSwitchToProtect(6), exercise(7), freeze(8), clearfreeze(9) } MplsLpsState ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This Textual Convention describes an object that stores Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 12] Internet-Draft MPLS-TP Linear Protection MIB March 2016 the current state of the PSC state machine. The values are as follows: normal normal state unavLOlocal Unavailable state due to local LO command. unavSFPlocal Unavailable state due to local SF-P. unavSDPlocal Unavailable state due to local SD-P. unavLOremote Unavailable state due to remote LO message. unavSFPremote Unavailable state due to remote SF-P message. unavSDPremote Unavailable state due to remote SD-P message. protfailSFWlocal Protecting Failure state due to local SF-W. protfailSDWlocal Protecting Failure state due to local SD-W. protfailSFWremote Protecting Failure state due to remote SF-W message. protfailSDWremote Protecting Failure state due to remote SD-W message. switadmFSlocal Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 13] Internet-Draft MPLS-TP Linear Protection MIB March 2016 Switching Administrative state due to local FS command. Same as Protecting administrative state due to local FS command in the PSC mode. switadmMSWlocal Switching Administrative state due to local MS-W command switadmMSPlocal Switching Administrative state due to local MS-P command. Same as Protecting administrative state due to local MS command in the PSC mode switadmFSremote Switching Administrative state due to remote FS message. Same as Protecting administrative state due to remote FS message in the PSC mode. switadmMSWremote Switching Administrative state due to remote MS-W message switadmMSPremote Switching Administrative state due to remote MS-P message. Same as Protecting administrative state due to remote MS message in the PSC mode. wtr Wait-to-Restore state dnr Do-not-Revert state exerLocal Exercise state due to local EXER command. exerRemote Exercise state due to remote EXER message." SYNTAX INTEGER { normal (1), Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 14] Internet-Draft MPLS-TP Linear Protection MIB March 2016 unavLOlocal (2), unavSFPlocal (3), unavSDPlocal (4), unavLOremote (5), unavSFPremote (6), unavSDPremote (7), protfailSFWlocal (8), protfailSDWlocal (9), protfailSFWremote (10), protfailSDWremote (11), switadmFSlocal (12), switadmMSWlocal (13), switadmMSPlocal (14), switadmFSremote (15), switadmMSWremote (16), switadmMSPremote (17), wtr (18), dnr (19), exerLocal (20), exerRemote (21) } -- Start of MPLS Transport Profile Protection Switching -- Table -- MPLS TP Protection Switching Configuration Table -- This table supports the addition, configuration and deletion -- of MPLS-TP linear protection domains. mplsLpsConfigDomains OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The object holds the count of MPLS-TP linear protection domains. This count includes all rows in mplsLpsConfigTable, regardless of the value of mplsLpsConfigRowStatus." ::= { mplsLpsObjects 1 } mplsLpsConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF MplsLpsConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists the MPLS-TP linear protection domains that have been configured on the system." ::= { mplsLpsObjects 2 } mplsLpsConfigEntry OBJECT-TYPE Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 15] Internet-Draft MPLS-TP Linear Protection MIB March 2016 SYNTAX MplsLpsConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the mplsLpsConfigTable." INDEX { mplsLpsConfigDomainIndex } ::= { mplsLpsConfigTable 1 } MplsLpsConfigEntry ::= SEQUENCE { mplsLpsConfigDomainIndex Unsigned32, mplsLpsConfigDomainName SnmpAdminString, mplsLpsConfigMode INTEGER, mplsLpsConfigProtectionType INTEGER, mplsLpsConfigRevertive INTEGER, mplsLpsConfigSdThreshold Integer32, mplsLpsConfigSdBadSeconds Integer32, mplsLpsConfigSdGoodSeconds Integer32, mplsLpsConfigWaitToRestore Integer32, mplsLpsConfigHoldOff Integer32, mplsLpsConfigContinualTxInterval Integer32, mplsLpsConfigRapidTxInterval Integer32, mplsLpsConfigCommand MplsLpsCommand, mplsLpsConfigCreationTime TimeStamp, mplsLpsConfigRowStatus RowStatus, mplsLpsConfigStorageType StorageType } mplsLpsConfigDomainIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "Index for the conceptual row identifying a protection domain." ::= { mplsLpsConfigEntry 1 } mplsLpsConfigDomainName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "Textual name represents the MPLS-TP linear protection domain. Each protection domain is identified by a unique protection domain name. " ::= { mplsLpsConfigEntry 2 } mplsLpsConfigMode OBJECT-TYPE SYNTAX INTEGER { psc(1), Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 16] Internet-Draft MPLS-TP Linear Protection MIB March 2016 aps(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The mode of MPLS-TP linear protection mechanism. This can either be PSC or APS as follows: PSC The Protection State Coordination mode as described in RFC 6378. APS The Automatic Protection Switching mode as described in RFC 7271." DEFVAL {psc} ::= { mplsLpsConfigEntry 3 } mplsLpsConfigProtectionType OBJECT-TYPE SYNTAX INTEGER { onePlusOneUnidirectional (1), oneColonOneBidirectional (2), onePlusOneBidirectional (3) } MAX-ACCESS read-create STATUS current DESCRIPTION "The protection architecture type of the Protection domain. This represents both bridge type, which can be either permanent bridge (1+1) or selector bridge (1:1), and switching scheme, which can be either unidirectional or bidirectional. 1+1 In the 1+1 protection scheme, a fully dedicated protection path is allocated. Data traffic is copied and fed at the source to both the working and the protection path. The traffic on the working and the protection paths is transmitted simultaneously to the sink of the protection domain, where selection between the working and protection paths is performed 1:1 Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 17] Internet-Draft MPLS-TP Linear Protection MIB March 2016 In the 1:1 scheme, a protection path is allocated to protect against a defect, failure, or a degradation in the working path. In normal conditions, data traffic is transmitted over the working path, while the protection path functions in the idle state. If there is a defect on the working path or a specific administrative request, traffic is switched to the protection path. bidirectional In bidirectional protection scheme, both the directions will be switched simultaneously even if the fault applies to only one direction of the path. unidirectional In unidirectional protection scheme protection switching will be performed independently for each direction of a bidirectional transport path. This object may not be modified if the associated mplsLpsConfigRowStatus object is equal to active(1). " DEFVAL {oneColonOneBidirectional} ::= { mplsLpsConfigEntry 4 } mplsLpsConfigRevertive OBJECT-TYPE SYNTAX INTEGER { nonrevertive(1), revertive(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the reversion mode of the linear protection domain. The reversion mode of protection mechanism may be either revertive or non-revertive. nonrevertive In non-revertive mode, after a service has been recovered, traffic will be forwarded on the protection path. revertive In revertive mode, after a service has been recovered, traffic will be redirected back onto the original working path." DEFVAL { revertive } ::= { mplsLpsConfigEntry 5 } Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 18] Internet-Draft MPLS-TP Linear Protection MIB March 2016 mplsLpsConfigSdThreshold OBJECT-TYPE SYNTAX Integer32 (0..100) MAX-ACCESS read-create STATUS current DESCRIPTION "This object holds the threshold value of the Signal Degrade defect in percent. In order to detect the Signal Degrade (SD) defect, the MPLS-TP packet loss measurement (LM) is performed every second. If either the packet loss is negative (i.e., there are more packets received than transmitted) or the packet loss ratio (lost packets/transmitted packets) in percent is greater this threshold value, a Bad Second is declared. The SD defect is detected if there are mplsLpsConfigSdBadSeconds consecutive Bad Seconds and cleared if there are mplsLpsConfigSdGoodSeconds consecutive Good Seconds. This object may be modified if the associated mplsLpsConfigRowStatus object is equal to active(1)." DEFVAL { 30 } ::= { mplsLpsConfigEntry 6 } mplsLpsConfigSdBadSeconds OBJECT-TYPE SYNTAX Integer32 (2..10) MAX-ACCESS read-create STATUS current DESCRIPTION "This object holds the number of Bad Seconds to detect the SD. See the description of mplsLpsConfigSdThreshold. This object may be modified if the associated mplsLpsConfigRowStatus object is equal to active(1)." DEFVAL { 10 } ::= { mplsLpsConfigEntry 7 } mplsLpsConfigSdGoodSeconds OBJECT-TYPE SYNTAX Integer32 (2..10) MAX-ACCESS read-create STATUS current DESCRIPTION "This object holds the number of Good Seconds to declare the clearance of SD defect. See the description of mplsLpsConfigSdThreshold. This object may be modified if the associated Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 19] Internet-Draft MPLS-TP Linear Protection MIB March 2016 mplsLpsConfigRowStatus object is equal to active(1)." DEFVAL { 10 } ::= { mplsLpsConfigEntry 8 } mplsLpsConfigWaitToRestore OBJECT-TYPE SYNTAX Integer32 (0..720) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "This object holds the Wait To Restore timer value in seconds. Can be configured in 1 minute steps between 5 and 12 minutes. The WTR timer is used to delay reversion of PSC state to Normal state when recovering from a failure condition on the working path when the protection domain is configured for revertive behavior This object may not be modified if the associated mplsLpsConfigRowStatus object is equal to active(1)." DEFVAL { 300 } ::= { mplsLpsConfigEntry 9 } mplsLpsConfigHoldOff OBJECT-TYPE SYNTAX Integer32 (0..10000) UNITS "milli-seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The hold-off time in milliseconds. Represents the time between SF/SD condition detection and declaration of an SF/SD request to the protection switching logic. It is intended to avoid unnecessary switching when a lower- layer protection mechanism is in place. Can be configured in steps of 100. When a new defect or more severe defect occurs at the active path (the path from which the selector selects the user data traffic) and this value is non-zero, the hold-off timer will be started. A defect on the standby path (the path from which the selector does not select the user data traffic) does not trigger the start of the hold-off timer as there is no need for a traffic switchover." DEFVAL { 0 } ::= { mplsLpsConfigEntry 10 } Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 20] Internet-Draft MPLS-TP Linear Protection MIB March 2016 mplsLpsConfigContinualTxInterval OBJECT-TYPE SYNTAX Integer32 (1..20) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The Continual Tx Time in Seconds. Represents the time interval to send the continual LPS packet to the other end based on the current state." DEFVAL { 5 } ::= { mplsLpsConfigEntry 11 } mplsLpsConfigRapidTxInterval OBJECT-TYPE SYNTAX Integer32 (1000..20000) UNITS "micro-seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The Rapid Tx interval in micro-Seconds. Represents the time interval to send the LPS packet to the other end, when there is a change in state of linear protection domain due to local input. The default value is 3.3 milli-seconds which is 3300 micro-seconds" DEFVAL { 3300 } ::= { mplsLpsConfigEntry 12 } mplsLpsConfigCommand OBJECT-TYPE SYNTAX MplsLpsCommand MAX-ACCESS read-write STATUS current DESCRIPTION "Allows the initiation of an operator command on the protection domain. When read this object returns the last command written or noCmd if no command has been written since initialization. The return of the last command written does not imply that this command is currently in effect. This request may have been preempted by a higher priority local or remote request." ::= { mplsLpsConfigEntry 13 } mplsLpsConfigCreationTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 21] Internet-Draft MPLS-TP Linear Protection MIB March 2016 DESCRIPTION "The value of sysUpTime at the time the row was created." ::= { mplsLpsConfigEntry 14 } mplsLpsConfigRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This represents the status of the MPLS-TP linear protection domain entry. This variable is used to create, modify, and/or delete a row in this table. An entry may not exist in the active state unless all objects in the entry have an appropriate value." ::= { mplsLpsConfigEntry 15 } mplsLpsConfigStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for this conceptual row. Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row." DEFVAL { nonVolatile } ::= { mplsLpsConfigEntry 16 } -- -- MPLS TP Linear Protection Switching Status Table -- -- This table provides Protection Switching domain statistics. -- mplsLpsStatusTable OBJECT-TYPE SYNTAX SEQUENCE OF MplsLpsStatusEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table provides status information about MPLS-TP linear protection domains that have been configured on the system." ::= { mplsLpsObjects 3 } mplsLpsStatusEntry OBJECT-TYPE SYNTAX MplsLpsStatusEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 22] Internet-Draft MPLS-TP Linear Protection MIB March 2016 "A conceptual row in the mplsLpsStatusTable." AUGMENTS { mplsLpsConfigEntry } ::= { mplsLpsStatusTable 1 } MplsLpsStatusEntry ::= SEQUENCE { mplsLpsStatusState MplsLpsState, mplsLpsStatusReqRcv MplsLpsReq, mplsLpsStatusReqSent MplsLpsReq, mplsLpsStatusFpathPathRcv MplsLpsFpathPath, mplsLpsStatusFpathPathSent MplsLpsFpathPath, mplsLpsStatusRevertiveMismatch INTEGER, mplsLpsStatusProtecTypeMismatch INTEGER, mplsLpsStatusCapabilitiesMismatch INTEGER, mplsLpsStatusPathConfigMismatch INTEGER, mplsLpsStatusFopNoResponses Counter32, mplsLpsStatusFopTimeOuts Counter32 } mplsLpsStatusState OBJECT-TYPE SYNTAX MplsLpsState MAX-ACCESS read-only STATUS current DESCRIPTION "The current state of the PSC state machine." ::= { mplsLpsStatusEntry 1 } mplsLpsStatusReqRcv OBJECT-TYPE SYNTAX MplsLpsReq MAX-ACCESS read-only STATUS current DESCRIPTION "The current value of the PSC Request field received on the most recent PSC packet." ::= { mplsLpsStatusEntry 2 } mplsLpsStatusReqSent OBJECT-TYPE SYNTAX MplsLpsReq MAX-ACCESS read-only STATUS current DESCRIPTION "The current value of the PSC Request field sent on the most recent PSC packet." ::= { mplsLpsStatusEntry 3 } mplsLpsStatusFpathPathRcv OBJECT-TYPE SYNTAX MplsLpsFpathPath MAX-ACCESS read-only STATUS current Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 23] Internet-Draft MPLS-TP Linear Protection MIB March 2016 DESCRIPTION "The current value of the FPath and Path fields received on the most recent PSC packet." ::= { mplsLpsStatusEntry 4 } mplsLpsStatusFpathPathSent OBJECT-TYPE SYNTAX MplsLpsFpathPath MAX-ACCESS read-only STATUS current DESCRIPTION "The current value of the FPath and Path fields sent on the most recent PSC packet." ::= { mplsLpsStatusEntry 5 } mplsLpsStatusRevertiveMismatch OBJECT-TYPE SYNTAX INTEGER {true (1), false (2)} MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the provisioning mismatch in revertive mode across the protection domain end points. The value of this object becomes true when a PSC message with incompatible Revertive field is received, or false when a PSC message with compatible Revertive field is received. " ::= { mplsLpsStatusEntry 6 } mplsLpsStatusProtecTypeMismatch OBJECT-TYPE SYNTAX INTEGER {true (1), false (2)} MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the provisioning mismatch in protection type, representing both bridge and switching types, across the protection domain end points. The value of this object becomes true when a PSC message with incompatible PT field is received, or false when a PSC message with compatible PT field is received. " ::= { mplsLpsStatusEntry 7 } mplsLpsStatusCapabilitiesMismatch OBJECT-TYPE SYNTAX INTEGER {true (1), false (2)} MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the provisioning mismatch in Capabilities TLVs across the protection domain end points. The value of this object becomes true when a PSC message with Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 24] Internet-Draft MPLS-TP Linear Protection MIB March 2016 incompatible Capabilities TLV field is received, or false when a PSC message with compatible Capabilities TLV field is received. The Capabilities TLV with 0xF8000000 indicates that the APS mode is used for MPLS-TP linear protection mechanism, whereas PSC mode uses either the Capabilities TLV with Ox0 or no existence of the Capabilities TLV." ::= { mplsLpsStatusEntry 8 } mplsLpsStatusPathConfigMismatch OBJECT-TYPE SYNTAX INTEGER {true (1), false (2)} MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the provisioning mismatch in the protection path configuration for PSC communication across the protection domain end points. The value of this object becomes true when a PSC message is received from the working path, or false when a PSC message is received from the protection path." ::= { mplsLpsStatusEntry 9 } mplsLpsStatusFopNoResponses OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object holds the number of occurrences of the failure of protocol due to a lack of response to a traffic switchover request within in 50 ms. When there is a traffic switchover due to a local request, a 50 ms timer is started to detect the failure of protocol due to no response. If there is no PSC message is received with the same Path value as in the transmitted PSC message until the 50 ms timer expires, the failure of protocol due to no response occurs." ::= { mplsLpsStatusEntry 10 } mplsLpsStatusFopTimeOuts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object holds the number of occurrences of the failure of protocol due to no PSC message received during at least Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 25] Internet-Draft MPLS-TP Linear Protection MIB March 2016 3.5 times the long PSC message interval. When no PSC message is received on the protection path during at least 3.5 times the long PSC message interval and there is no defect on the protection path, the failure of protocol due to no PSC message occurs." ::= { mplsLpsStatusEntry 11 } -- MPLS Linear Protection ME Association Configuration Table -- This table supports the addition, configuration and deletion -- of MPLS Linear Protection Maintenance Entities in protection -- domains. mplsLpsMeConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF MplsLpsMeConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists Maintenance Association that have been configured in Protection domains." ::= { mplsLpsObjects 4 } mplsLpsMeConfigEntry OBJECT-TYPE SYNTAX MplsLpsMeConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the mplsLpsMeConfigTable." INDEX {mplsOamIdMegIndex, mplsOamIdMeIndex, mplsOamIdMeMpIndex} ::= { mplsLpsMeConfigTable 1 } MplsLpsMeConfigEntry ::= SEQUENCE { mplsLpsMeConfigDomainIndex Unsigned32, mplsLpsMeConfigState INTEGER } mplsLpsMeConfigDomainIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object holds the Protection domain index wherein this ME included in. If this ME is not part of any protection domain then this object contains value 0. " DEFVAL { 0 } ::= { mplsLpsMeConfigEntry 1 } mplsLpsMeConfigState OBJECT-TYPE Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 26] Internet-Draft MPLS-TP Linear Protection MIB March 2016 SYNTAX INTEGER { working(1), protection(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the operational state of the ME as either working or protection" ::= { mplsLpsMeConfigEntry 2 } -- MPLS Linear Protection ME Status Table -- This table provides Protection Switching ME statistics. mplsLpsMeStatusTable OBJECT-TYPE SYNTAX SEQUENCE OF MplsLpsMeStatusEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains status information of all the MEs that are included in MPLS-TP liear protection domains." ::= { mplsLpsObjects 5 } mplsLpsMeStatusEntry OBJECT-TYPE SYNTAX MplsLpsMeStatusEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the mplsLpsMeStatusTable." AUGMENTS { mplsLpsMeConfigEntry } ::= { mplsLpsMeStatusTable 1 } MplsLpsMeStatusEntry ::= SEQUENCE { mplsLpsMeStatusCurrent BITS, mplsLpsMeStatusSignalDegrades Counter32, mplsLpsMeStatusSignalFailures Counter32, mplsLpsMeStatusSwitchovers Counter32, mplsLpsMeStatusLastSwitchover TimeStamp, mplsLpsMeStatusSwitchoverSeconds Counter32 } mplsLpsMeStatusCurrent OBJECT-TYPE SYNTAX BITS { localSelectTraffic(0), localSD(1), localSF(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the current state of the ME. Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 27] Internet-Draft MPLS-TP Linear Protection MIB March 2016 localSelectTraffic This bit indicates that traffic is being selected from this ME. localSD This bit implies that local signal degrade condition is in effect on this ME / path. localSF This bit implies that local signal failure condition is in effect on this ME / path." ::= { mplsLpsMeStatusEntry 1 } mplsLpsMeStatusSignalDegrades OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Represents the count of Signal Degrade conditions. For the detection and clearance of Signal Degrade, see the description of mplsLpsConfigSdThreshold." ::= { mplsLpsMeStatusEntry 2 } mplsLpsMeStatusSignalFailures OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Represents the count of Signal failure conditions. This condition occurs when the OAM running on this ME detects the Signal Fail event." ::= { mplsLpsMeStatusEntry 3 } mplsLpsMeStatusSwitchovers OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Represents the count of SwitchOvers happened in this ME. When the mplsLpsMeConfigState is working, this object will return the number of times that traffic has been switched from this working path to the protection path. When the mplsLpsMeConfigState is protection, this object Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 28] Internet-Draft MPLS-TP Linear Protection MIB March 2016 will return the number of times that traffic has been switched back to the working path from this protection path." ::= { mplsLpsMeStatusEntry 4 } mplsLpsMeStatusLastSwitchover OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "This object holds the value of sysUpTime wherein the last switchover happened. When the mplsLpsMeConfigState is working, this object will return the value of sysUpTime when traffic was switched from this path to the protection path. If traffic has never switched to the protection path, the value 0 will be returned. When the mplsLpsMeConfigState is protection, this object will return the value of sysUpTime the last time that traffic was switched back to the working path from this path. If no traffic has ever switched back to the working path from this protection path, the value 0 will be returned." ::= { mplsLpsMeStatusEntry 5 } mplsLpsMeStatusSwitchoverSeconds OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The cumulative Protection Switching Duration (PSD) time in seconds. For the working path, this is the cumulative number of seconds that traffic was selected from the protection path. For the protection path, this is the cumulative number of seconds that the working path has been used to select traffic." ::= { mplsLpsMeStatusEntry 6 } mplsLpsNotificationEnable OBJECT-TYPE SYNTAX BITS { switchover(0), revertiveMismatch(1), Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 29] Internet-Draft MPLS-TP Linear Protection MIB March 2016 protecTypeMismatch(2), capabilitiesMismatch(3), pathConfigMismatch(4), fopNoResponse(5), fopTimeOut(6) } MAX-ACCESS read-write STATUS current DESCRIPTION "Provides the ability to enable and disable notifications defined in this MIB. switchover Indicates mplsLpsEventSwitchover notifications should be generated. revertiveMismatch Indicates mplsLpsEventRevertiveMismatch notifications should be generated. protecTypeMismatch Indicates mplsLpsEventProtecTypeMismatch notifications should be generated. capabilitiesMismatch Indicates mplsLpsEventCapabilitiesMismatch notifications should be generated. pathConfigMismatch Indicates mplsLpsEventPathConfigMismatch notifications should be generated. fopNoResponse Indicates mplsLpsEventFopNoResponse notifications should be generated. fopTimeOut Indicates mplsLpsEventFopTimOut notifications should be generated." DEFVAL { { } } Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 30] Internet-Draft MPLS-TP Linear Protection MIB March 2016 ::= { mplsLpsObjects 6 } -- MPLS Linear Protection EVENTS mplsLpsEventSwitchover NOTIFICATION-TYPE OBJECTS { mplsLpsMeStatusSwitchovers, mplsLpsMeStatusCurrent } STATUS current DESCRIPTION "An mplsLpsEventSwitchover notification is sent when the value of an instance of mplsLpsMeStatusSwitchovers increments." ::= { mplsLpsNotifications 1 } mplsLpsEventRevertiveMismatch NOTIFICATION-TYPE OBJECTS { mplsLpsStatusRevertiveMismatch } STATUS current DESCRIPTION "An mplsLpsEventRevertiveMismatch notification is sent when the value of mplsLpsStatusRevertiveMismatch changes." ::= { mplsLpsNotifications 2 } mplsLpsEventProtecTypeMismatch NOTIFICATION-TYPE OBJECTS { mplsLpsStatusProtecTypeMismatch } STATUS current DESCRIPTION "An mplsLpsEventProtecTypeMismatch notification is sent when the value of mplsLpsStatusProtecTypeMismatch changes." ::= { mplsLpsNotifications 3 } mplsLpsEventCapabilitiesMismatch NOTIFICATION-TYPE OBJECTS { mplsLpsStatusCapabilitiesMismatch } STATUS current DESCRIPTION "An mplsLpsEventCapabilitiesMismatch notification is sent when the value of mplsLpsStatusCapabilitiesMismatch changes." ::= { mplsLpsNotifications 4 } mplsLpsEventPathConfigMismatch NOTIFICATION-TYPE OBJECTS { mplsLpsStatusPathConfigMismatch } STATUS current DESCRIPTION "An mplsLpsEventPathConfigMismatch notification is sent when the value of mplsLpsStatusPathConfigMismatch changes." ::= { mplsLpsNotifications 5 } mplsLpsEventFopNoResponse NOTIFICATION-TYPE OBJECTS { mplsLpsStatusFopNoResponses } STATUS current Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 31] Internet-Draft MPLS-TP Linear Protection MIB March 2016 DESCRIPTION "An mplsLpsEventFopNoResponse notification is sent when the value of mplsLpsStatusFopNoResponses increments." ::= { mplsLpsNotifications 6 } mplsLpsEventFopTimOut NOTIFICATION-TYPE OBJECTS { mplsLpsStatusFopTimeOuts } STATUS current DESCRIPTION "An mplsLpsEventFopTimOut notification is sent when the value of mplsLpsStatusFopTimeOuts increments." ::= { mplsLpsNotifications 7 } -- End of Notifications. -- Module Compliance. mplsLpsCompliances OBJECT IDENTIFIER ::= { mplsLpsConformance 1 } mplsLpsGroups OBJECT IDENTIFIER ::= { mplsLpsConformance 2 } -- Compliance requirement for fully compliant implementations. mplsLpsModuleFullCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "Compliance statement for agents that provide full support for MPLS-LPS-MIB. Such devices can provide linear protection and also be configured using this MIB module." MODULE -- This module. MANDATORY-GROUPS { mplsLpsScalarGroup, mplsLpsTableGroup, mplsLpsMeTableGroup } GROUP mplsLpsNotificationGroup DESCRIPTION "This group is only mandatory for those implementations which can efficiently implement the notifications contained in this group." ::= { mplsLpsCompliances 1 } -- Units of conformance. mplsLpsScalarGroup OBJECT-GROUP Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 32] Internet-Draft MPLS-TP Linear Protection MIB March 2016 OBJECTS { mplsLpsConfigDomains, mplsLpsNotificationEnable } STATUS current DESCRIPTION "Collection of objects needed for MPLS Linear Protection." ::= { mplsLpsGroups 1 } mplsLpsTableGroup OBJECT-GROUP OBJECTS { mplsLpsConfigDomainName, mplsLpsConfigRowStatus, mplsLpsConfigMode, mplsLpsConfigProtectionType, mplsLpsConfigRevertive, mplsLpsConfigSdThreshold, mplsLpsConfigSdBadSeconds, mplsLpsConfigSdGoodSeconds, mplsLpsConfigWaitToRestore, mplsLpsConfigHoldOff, mplsLpsConfigContinualTxInterval, mplsLpsConfigRapidTxInterval, mplsLpsConfigCommand, mplsLpsConfigCreationTime, mplsLpsConfigStorageType, mplsLpsStatusState, mplsLpsStatusReqRcv, mplsLpsStatusReqSent, mplsLpsStatusFpathPathRcv, mplsLpsStatusFpathPathSent, mplsLpsStatusRevertiveMismatch, mplsLpsStatusProtecTypeMismatch, mplsLpsStatusCapabilitiesMismatch, mplsLpsStatusPathConfigMismatch, mplsLpsStatusFopNoResponses, mplsLpsStatusFopTimeOuts } STATUS current DESCRIPTION "Collection of objects needed for MPLS Linear Protection configuration and statistics." ::= { mplsLpsGroups 2 } mplsLpsMeTableGroup OBJECT-GROUP OBJECTS { mplsLpsMeConfigState, mplsLpsMeStatusCurrent, Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 33] Internet-Draft MPLS-TP Linear Protection MIB March 2016 mplsLpsMeStatusSignalDegrades, mplsLpsMeStatusSignalFailures, mplsLpsMeStatusSwitchovers, mplsLpsMeStatusLastSwitchover, mplsLpsMeStatusSwitchoverSeconds } STATUS current DESCRIPTION "Collection of objects needed for MPLS Linear Protection ME configuration and statistics." ::= { mplsLpsGroups 3 } mplsLpsNotificationGroup NOTIFICATION-GROUP NOTIFICATIONS { mplsLpsEventSwitchover, mplsLpsEventRevertiveMismatch, mplsLpsEventProtecTypeMismatch, mplsLpsEventCapabilitiesMismatch, mplsLpsEventPathConfigMismatch, mplsLpsEventFopNoResponse, mplsLpsEventFopTimOut } STATUS current DESCRIPTION "Collection of objects needed to implement notifications." ::= { mplsLpsGroups 4 } -- MPLS-LPS-MIB module ends END 9. Security Considerations There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some networks in a non-secure environment without proper protection can have a negative effect on network operations. These are the tables and objects and their sensitivity/vulnerability: o mplsLpsConfigTable is used to configure MPLS-TP linear protection domains. Improper manipulation of the objects in this table may result in different behaviors than network operators have originally intended, such as delaying traffic switching or causing a race condition with server layer protection after network failure (mplsLpsConfigHoldOff), delaying or speeding up reversion after recovering network failure (mplsLpsConfigWaitToRestore), unexpected traffic switching (mplsLpsConfigCommand), or Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 34] Internet-Draft MPLS-TP Linear Protection MIB March 2016 discontinuance of operation of a protection switching control process (mplsLpsConfigMode, mplsLpsConfigProtectionType). o mplsLpsMeConfigTable is used to assign each ME either working or protection path. Improper manipulation of this object may result in discontinuance of operation of a protection switching control process. o In the case of the discontinuance of a protection switching control process, network operators will be notified. However, the notification is controlled by mplsLpsNotificationEnable object, which is read-write. Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability: o mplsLpsStatusTable and mplsLpsMeStatusTable collectively show the history and current status of the MPLS-TP linear protection domains. They can be used to estimate the performances and qualities of the network being operated with the MPLS-TP linear protection. If an Administrator does not want to reveal this information, then these tables should be considered sensitive/ vulnerable. SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPsec), there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module. Implementations SHOULD provide the security features described by the SNMPv3 framework (see [RFC3410]), and implementations claiming compliance to the SNMPv3 standard MUST include full support for authentication and privacy via the User-based Security Model (USM) RFC 3414 [RFC3414] with the AES cipher algorithm RFC 3826 [RFC3826]. Implementations MAY also provide support for the Transport Security Model (TSM) RFC 5591 [RFC5591] in combination with a secure transport such as SSH RFC 5592 [RFC5592] or TLS/DTLS RFC 6353 [RFC6353]. Further, deployment of SNMP versions prior to SNMPv3 is not recommended. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 35] Internet-Draft MPLS-TP Linear Protection MIB March 2016 instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them. 10. IANA Considerations IANA is requested to assign an OID for the MIB module from the "MIB Transmission Group - MPLS STD" sub-registry of the "Internet-standard MIB - Transmission Group" registry for the MPLS Linear Protection MIB module specified in this document. 11. Acknowledgments The authors wish to thank Joan Cucchiara for her review as MIB Doctor, Joan's detailed comments were of great help for improving the quality of this document. 12. References 12.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, DOI 10.17487/RFC2578, April 1999, . [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD 58, RFC 2579, DOI 10.17487/RFC2579, April 1999, . [RFC2580] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Conformance Statements for SMIv2", STD 58, RFC 2580, DOI 10.17487/RFC2580, April 1999, . 12.2. Informative References Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 36] Internet-Draft MPLS-TP Linear Protection MIB March 2016 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework", RFC 3410, DOI 10.17487/RFC3410, December 2002, . [RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", STD 62, RFC 3414, DOI 10.17487/RFC3414, December 2002, . [RFC3811] Nadeau, T., Ed. and J. Cucchiara, Ed., "Definitions of Textual Conventions (TCs) for Multiprotocol Label Switching (MPLS) Management", RFC 3811, DOI 10.17487/RFC3811, June 2004, . [RFC3812] Srinivasan, C., Viswanathan, A., and T. Nadeau, "Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) Management Information Base (MIB)", RFC 3812, DOI 10.17487/RFC3812, June 2004, . [RFC3826] Blumenthal, U., Maino, F., and K. McCloghrie, "The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model", RFC 3826, DOI 10.17487/RFC3826, June 2004, . [RFC5591] Harrington, D. and W. Hardaker, "Transport Security Model for the Simple Network Management Protocol (SNMP)", STD 78, RFC 5591, DOI 10.17487/RFC5591, June 2009, . [RFC5592] Harrington, D., Salowey, J., and W. Hardaker, "Secure Shell Transport Model for the Simple Network Management Protocol (SNMP)", RFC 5592, DOI 10.17487/RFC5592, June 2009, . [RFC6353] Hardaker, W., "Transport Layer Security (TLS) Transport Model for the Simple Network Management Protocol (SNMP)", STD 78, RFC 6353, DOI 10.17487/RFC6353, July 2011, . Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 37] Internet-Draft MPLS-TP Linear Protection MIB March 2016 [RFC6378] Weingarten, Y., Ed., Bryant, S., Osborne, E., Sprecher, N., and A. Fulignoli, Ed., "MPLS Transport Profile (MPLS- TP) Linear Protection", RFC 6378, DOI 10.17487/RFC6378, October 2011, . [RFC7271] Ryoo, J., Ed., Gray, E., Ed., van Helvoort, H., D'Alessandro, A., Cheung, T., and E. Osborne, "MPLS Transport Profile (MPLS-TP) Linear Protection to Match the Operational Expectations of Synchronous Digital Hierarchy, Optical Transport Network, and Ethernet Transport Network Operators", RFC 7271, DOI 10.17487/RFC7271, June 2014, . [I-D.ietf-mpls-tp-oam-id-mib] Aldrin, S., Mahalingam, V., Sampath, K., and T. Nadeau, "MPLS-TP Operations, Administration, and Management (OAM) Identifiers Management Information Base (MIB)", draft- ietf-mpls-tp-oam-id-mib-11 (work in progress), September 2015. Authors' Addresses Kingston Smiler Selvaraj IpInfusion RMZ Centennial Mahadevapura Post Bangalore - 560048 India EMail: kingstonsmiler@gmail.com Mahalingam Venkatesan Dell Inc. 5450 Great America Parkway Santa Clara, CA 95054 USA EMail: venkat.mahalingams@gmail.com Vishwas Manral Nano Sec 599 Fairchild Drive Mountain View, CA USA EMail: vishwas@nanosec.io Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 38] Internet-Draft MPLS-TP Linear Protection MIB March 2016 Daniel King Old Dog Consulting UK EMail: daniel@olddog.co.uk Sam Aldrin Google, Inc. 1600 Amphitheatre Parkway Mountain View, CA USA EMail: aldrin.ietf@gmail.com Jeong-dong Ryoo ETRI 218 Gajeong-ro Yuseong-gu, Daejeon 34129 South Korea EMail: ryoo@etri.re.kr Kingston Smiler SelvaraExpireslSeptember 19, 2016 [Page 39]