idnits 2.17.1 draft-an-savi-mib-14.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 7 instances of too long lines in the document, the longest one being 35 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 471 has weird spacing: '...n entry conta...' == Line 553 has weird spacing: '...n entry conta...' == Line 788 has weird spacing: '... of the bindi...' == Line 905 has weird spacing: '... of the filte...' == The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but does not include the phrase in its RFC 2119 key words list. -- The document date (January 15, 2018) is 2292 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC2131' is defined on line 1156, but no explicit reference was found in the text == Unused Reference: 'RFC3315' is defined on line 1176, but no explicit reference was found in the text == Unused Reference: 'RFC2223' is defined on line 1209, but no explicit reference was found in the text == Unused Reference: 'RFC2629' is defined on line 1213, but no explicit reference was found in the text == Unused Reference: 'RFC4181' is defined on line 1227, but no explicit reference was found in the text ** Obsolete normative reference: RFC 3315 (Obsoleted by RFC 8415) ** Downref: Normative reference to an Informational RFC: RFC 7039 -- Obsolete informational reference (is this intentional?): RFC 2223 (Obsoleted by RFC 7322) -- Obsolete informational reference (is this intentional?): RFC 2629 (Obsoleted by RFC 7749) Summary: 3 errors (**), 0 flaws (~~), 11 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 SAVI C. An 3 Internet-Draft J. Yang 4 Intended status: Standards Track J. Wu 5 Expires: July 19, 2018 J. Bi 6 Tsinghua University 7 January 15, 2018 9 Definition of Managed Objects for SAVI Protocol 10 draft-an-savi-mib-14 12 Abstract 14 This memo defines a portion of the Management Information Base (MIB) 15 for use with network management protocols in the Internet community. 16 In particular, it defines objects for managing SAVI (Source Address 17 Validation Improvements) protocol instance. 19 Status of This Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at https://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on July 19, 2018. 36 Copyright Notice 38 Copyright (c) 2018 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (https://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 54 2. The Internet-Standard Management Framework . . . . . . . . . 3 55 3. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 56 4. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 3 57 5. Structure of the MIB Module . . . . . . . . . . . . . . . . . 4 58 5.1. The SAVI System Table . . . . . . . . . . . . . . . . . . 4 59 5.2. The SAVI Preference Table . . . . . . . . . . . . . . . . 5 60 5.3. The SAVI Port Table . . . . . . . . . . . . . . . . . . . 5 61 5.4. The SAVI Binding Table . . . . . . . . . . . . . . . . . 6 62 5.5. The SAVI Filtering Table . . . . . . . . . . . . . . . . 7 63 5.6. The SAVI Counting Table . . . . . . . . . . . . . . . . . 7 64 6. Textual Conventions . . . . . . . . . . . . . . . . . . . . . 8 65 7. Relationship to Other MIB Modules . . . . . . . . . . . . . . 8 66 7.1. Relationship to the INET-ADDRESS-MIB . . . . . . . . . . 8 67 7.2. Relationship to the IF-MIB . . . . . . . . . . . . . . . 9 68 7.3. MIB modules required for IMPORTS . . . . . . . . . . . . 9 69 8. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 9 70 9. Security Considerations . . . . . . . . . . . . . . . . . . . 23 71 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 25 72 11. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 25 73 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 25 74 12.1. Normative References . . . . . . . . . . . . . . . . . . 25 75 12.2. Informative References . . . . . . . . . . . . . . . . . 26 76 12.3. URL References . . . . . . . . . . . . . . . . . . . . . 27 77 Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 28 78 Appendix B. Open Issues . . . . . . . . . . . . . . . . . . . . 29 79 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 30 81 1. Introduction 83 The Source Address Validation Improvement protocol was developed to 84 complement ingress filtering with finer-grained, standardized IP 85 source address validation(refer to [RFC7039]).A SAVI protocol 86 instance is located on the path of hosts' packets, enforcing the 87 hosts' use of legitimate IP source addresses. 89 SAVI protocol determines whether the IP address obtaining process is 90 legitimate according to IP address assignment method. For links with 91 Stateless Address Auto Configuration (SLAAC), Dynamic Host 92 Configuration Protocol (DHCP), and Secure Neighbor Discovery (SEND), 93 the process is defined in separate documents of SAVI Working Group 94 (refer to [RFC6620], [RFC7513], [RFC7219].) 95 This document defines a MIB module that can be used to manage the 96 SAVI protocol instance. It covers both configuration and status 97 monitoring aspects of SAVI implementations. 99 This document uses terminology from the SAVI Protocol specification. 101 2. The Internet-Standard Management Framework 103 For a detailed overview of the documents that describe the current 104 Internet-Standard Management Framework, please refer to section 7 of 105 RFC 3410 [RFC3410]. 107 Managed objects are accessed via a virtual information store, termed 108 the Management Information Base or MIB. MIB objects are generally 109 accessed through the Simple Network Management Protocol (SNMP). 110 Objects in the MIB are defined using the mechanisms defined in the 111 Structure of Management Information (SMI). This memo specifies a MIB 112 module that is compliant to the SMIv2, which is described in STD 58, 113 RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 114 [RFC2580]. 116 3. Conventions 118 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 119 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 120 document are to be interpreted as described in RFC 2119 [RFC2119]. 122 4. Overview 124 The SAVI Protocol MIB module (SAVI-MIB) is conformant to SAVI 125 protocol, and is designed to: 127 o Support centralized management and monitoring of SAVI protocol 128 instance by standard SNMP protocol. 130 o Support configuration and querying of SAVI protocol parameters. 132 o Support configuration and querying of binding entries. Operators 133 may insert and delete manual binding entries. 135 o Support querying of filtering entries. 137 o Support querying of the count of packets dropped because of 138 validation failure for each interface. 140 Based on SAVI protocol, attributes and objects of a SAVI protocol 141 instance can be classified into five categories: 143 o System attributes. These attributes are corresponding to a SAVI 144 protocol instance, such as IP Address Assignment Methods and some 145 constants. 147 o Anchor attributes. These attributes are corresponding to a SAVI 148 anchor. Anchor is defined in [RFC7039]. 150 o Binding Status Table. This table contains the state of binding 151 between source address and binding anchor (refer to [RFC6620], 152 [RFC7513], [RFC7219]). 154 o Filtering Table. This table contains the bindings between binding 155 anchor and address, which is used to filter packets (refer to 156 [RFC6620], [RFC7513], [RFC7219]). 158 o Counting Table. This table contains the count of fail packets for 159 each interface. 161 A table is designed for each category of objects. 163 5. Structure of the MIB Module 165 This section presents the structure of the SAVI-MIB module. The MIB 166 objects are derived from the SAVI protocol specification. 168 This MIB is composed of a series of tables meant to form the base for 169 managing SAVI entities. The following subsections describe all 170 tables in the SAVI MIB module. 172 5.1. The SAVI System Table 174 The SAVI System Table (saviObjectsSystemTable) contains the objects 175 which are corresponding to SAVI system-wide parameters. It supports 176 the configuration and collection of SAVI system-wide parameters. 178 There is an entry for each IP stack, IPv4 and IPv6. The table is 179 indexed by: 181 o saviObjectsSystemIPVersion - The IP Version. A textual convention 182 InetVersion defined in RFC4001 is used to represent the different 183 version of IP protocol. 185 It contains the following objects: 187 o saviObjectsSystemSlaacEnable - If SAVI for SlAAC is enabled. 189 o saviObjectsSystemDhcpEnable - If SAVI for DHCP is enabled. 191 o saviObjectsSystemSendEnable - If SAVI for SEND is enabled. 193 o saviObjectsSystemManualEnable - If SAVI for MANUAL is enabled. 195 The MAX-ACCESS of these objects is READ-WRITE. Network Operators may 196 do configuration by setting these objects. 198 5.2. The SAVI Preference Table 200 The SAVI System Table (saviObjectsPreferenceTable) contains savi 201 preference parameters. 203 There is an entry for each IP stack, IPv4 and IPv6. The table is 204 indexed by: 206 o saviObjectsSystemIPVersion - The IP Version. A textual convention 207 InetVersion defined in RFC4001 is used to represent the different 208 version of IP protocol. 210 It contains the following objects: 212 o saviObjectsPreferenceSlaac - The preference of SAVI-SlAAC. 214 o saviObjectsPreferenceDhcp - The preference of SAVI-DHCP. 216 o saviObjectsPreferenceSend - The preference of SAVI-SEND. 218 o saviObjectsPreferenceManual - The preference of SAVI-MANUAL. 220 The MAX-ACCESS of these objects is READ-WRITE. Network Operators may 221 do configuration by setting these objects. 223 5.3. The SAVI Port Table 225 The SAVI Port Table (saviObjectsPortTable) contains the objects which 226 are corresponding to SAVI running parameters of each anchor. It 227 supports the configuration and collection of SAVI parameters of each 228 anchor. 230 There is an entry for each IP stack, IPv4 and IPv6. The table is 231 indexed by: 233 o saviObjectsPortIPVersion - The IP Version. 235 o saviObjectsPortIfIndex - The index value that uniquely identifies 236 the interface to which this entry is applicable. 238 It contains the following objects: 240 o saviObjectsPortValidatingAttr - An attribute defined in SAVI 241 protocol (refer to [RFC7513]). 243 o saviObjectsPortDhcpTrustAttr - An attribute defined in SAVI 244 protocol (refer to [RFC7513]). 246 o saviObjectsPortTrustAttr - An attribute defined in SAVI protocol 247 (refer to [RFC7513]). 249 o saviObjectsPortDhcpSnoopingAttr - An attribute defined in SAVI 250 protocol (refer to [RFC7513]). 252 o saviObjectsPortDataSnoopingAttr - An attribute defined in SAVI 253 protocol (refer to [RFC7513]). 255 o saviObjectsPortFilteringNum - The max filtering number of the 256 Port. 258 The MAX-ACCESS of these objects is READ-WRITE. Network Operators may 259 configure by setting these objects. 261 5.4. The SAVI Binding Table 263 The SAVI Binding Table (saviObjectsBindingTable) contains the objects 264 which are corresponding to Binding State Table (BST) defined in SAVI 265 protocol. It contains the binding parameters and state of each 266 binding entry. It supports the collection of binding entries. And 267 an entry can be inserted or deleted if it is a manual binding entry. 269 The table is indexed by: 271 o saviObjectsBindingIpAddressType - IP address type. A textual 272 convention InetAddressType defined in RFC4001 is used to represent 273 the different kind of IP address. 275 o saviObjectsBindingMethod - which IP address assignment method is 276 used to create the binding entry - manual(1), slaac(2), dhcp(3), 277 send(4). 279 o saviObjectsBindingIfIndex - The index value that uniquely 280 identifies the interface to which this entry is applicable. 282 o saviObjectsBindingIpAddress - The binding source IP address. A 283 textual convention InetAddress defined in RFC4001 is used to 284 define this object. 286 The SAVI Binding Table contains the following objects: 288 o saviObjectsBindingMacAddr - The binding source mac address. 290 o saviObjectsBindingLifetime - The remaining lifetime of the entry. 292 o saviObjectsBindingCreationtime - The value of the local clock when 293 the entry was firstly created. 295 o saviObjectsBindingRowStatus - The status of this row, by which new 296 entries may be created, or old entries be deleted from this table. 297 As defined in RFC2579, the RowStatus textual convention is used to 298 manage the creation and deletion of conceptual rows. For SAVI 299 Binding Table, an entry can be created or deleted only when 300 saviObjectsBindingMethod=manual. 302 The MAX-ACCESS of these objects is READ-CREATE. Network Operators 303 may create or delete an entry by setting these objects. 305 5.5. The SAVI Filtering Table 307 The SAVI Filtering Table (saviObjectsFilteringTable) contains the 308 objects which are corresponding to Filtering Table (FT) defined in 309 SAVI protocol. It supports the collection of filtering entries. 311 The table is indexed by: 313 o saviObjectsFilteringIpAddressType - IP address type. 315 o saviObjectsFilteringIfIndex - The index value that uniquely 316 identifies the interface to which this entry is applicable. 318 o saviObjectsFilteringIpAddress - The source IP address. 320 It contains the following objects: 322 o saviObjectsFilteringMacAddr - The source mac address. 324 The MAX-ACCESS of the object is READ-ONLY. 326 5.6. The SAVI Counting Table 328 The SAVI Counting Table (saviObjectsCountTable) contains the objects 329 counting packets dropped because of validation failure for each 330 interface. 332 The table is indexed by: 334 o saviObjectsCountIPVersion - IP Version. 336 o saviObjectsCountIfIndex - The index value that uniquely identifies 337 the interface to which this entry is applicable. 339 It contains the following objects: 341 o saviObjectsCountFilterPkts - The count of packets dropped because 342 of validation failure. 344 o saviObjectsCountFilterOctets - The count of octets dropped because 345 of validation failure. 347 The MAX-ACCESS of the object is READ-ONLY. 349 6. Textual Conventions 351 The textual conventions used in the SAVI-MIB are as follows. 353 The MODULE-COMPLIANCE,OBJECT-GROUP textual convention is imported 354 from SNMPv2-CONF [RFC2580]. The MODULE-IDENTITY, OBJECT-IDENTITY, 355 OBJECT-TYPE, Unsigned32 textual convention is imported from 356 SNMPv2-SMI [RFC2578]. 358 The MacAddress,TimeInterval,RowStatus textual convention is imported 359 from SNMPv2-TC [RFC2579]. 361 The InetVersion,InetAddressType,InetAddress textual convention is 362 imported from INET-ADDRESS-MIB [RFC4001]. 364 The InterfaceIndex textual convention is imported from IF-MIB 365 [RFC2863]. 367 The ip textual convention is imported from IP-MIB [RFC4293]. 369 7. Relationship to Other MIB Modules 371 7.1. Relationship to the INET-ADDRESS-MIB 373 To support extensibility, IETF defined new textual conventions to 374 represent different IP protocol and different IP address in a unified 375 formation in RFC4001. To support different IP version, a textual 376 convention InetVersion is defined to represent the different version 377 of IP protocol. To support different IP address, a generic Internet 378 address is defined. It consists of two objects: The first one has 379 the syntax InetAddressType, and the second object have the syntax 380 InetAddress. The value of the first object determines how the value 381 of the second is encoded. 383 Since SAVI running mode and parameter is independent of IPv4 and 384 IPv6, so different OID instances should be defined for each protocol. 385 In SAVI-MIB definition, when IP address is used as a part of binding 386 table, it is defined using textual conventions described in INET- 387 ADDRESS-MIB. 389 7.2. Relationship to the IF-MIB 391 The Interfaces MIB [RFC2863] defines generic managed objects for 392 managing interfaces. This document contains the interface-specific 393 extensions for managing SAVI anchors that are modeled as interfaces. 395 The IF-MIB module is required to be supported on the SAVI device. 396 The interface MUST be modeled as an ifEntry, and ifEntry objects such 397 as ifIndex are to be used as per [RFC2863]. 399 An ifIndex [RFC2863] is used as a common index for interfaces in the 400 SAVI-MIB modules. 402 7.3. MIB modules required for IMPORTS 404 The SAVI MIB module IMPORTS objects from SNMPv2-SMI [RFC2578], 405 SNMPv2-TC [RFC2579],SNMPv2-CONF [RFC2580], IF-MIB [RFC2863] and INET- 406 ADDRESS-MIB [RFC4001] . 408 8. Definitions 410 SAVI-MIB DEFINITIONS ::=BEGIN 412 IMPORTS 413 MODULE-COMPLIANCE,OBJECT-GROUP 414 FROM SNMPv2-CONF --RFC2580 415 MODULE-IDENTITY, OBJECT-IDENTITY, OBJECT-TYPE, Unsigned32 416 FROM SNMPv2-SMI --RFC2578 417 TEXTUAL-CONVENTION,MacAddress,TimeInterval,RowStatus 418 FROM SNMPv2-TC --RFC2579 419 InterfaceIndex 420 FROM IF-MIB --RFC2863 421 InetVersion,InetAddressType,InetAddress 422 FROM INET-ADDRESS-MIB --RFC4001 423 ip 424 FROM IP-MIB --RFC4293 425 ; 427 saviMIB MODULE-IDENTITY 428 LAST-UPDATED "201710170000Z" 429 ORGANIZATION 430 "IETF SAVI Working Group" 432 CONTACT-INFO 433 "WG charter: 434 http://datatracker.ietf.org/wg/savi/charter/ 436 Editor: 437 Changqing An 438 CERNET 439 Postal: Institute for Network Sciences and Cyberspace, Tsinghua University 440 Beijing 100084 441 China 442 Email: acq@tsinghua.edu.cn 443 " 445 DESCRIPTION 446 "This MIB Module is designed to support configuration 447 and monitoring of SAVI protocol. 448 " 449 REVISION "201710170000Z" 450 DESCRIPTION 451 "Initial version" 452 ::= {ip xxx} 454 saviObjects OBJECT IDENTIFIER ::= { saviMIB 1 } 456 -- System parameters for SAVI protocol 458 saviObjectsSystemTable OBJECT-TYPE 459 SYNTAX SEQUENCE OF SaviObjectsSystemEntry 460 MAX-ACCESS not-accessible 461 STATUS current 462 DESCRIPTION 463 "The table containing savi system-wide parameters." 464 ::= { saviObjects 1 } 466 saviObjectsSystemEntry OBJECT-TYPE 467 SYNTAX SaviObjectsSystemEntry 468 MAX-ACCESS not-accessible 469 STATUS current 470 DESCRIPTION 471 "An entry containing savi system-wide parameters for a 472 particular IP version. 473 " 474 INDEX { saviObjectsSystemIPVersion } 475 ::= { saviObjectsSystemTable 1 } 477 SaviObjectsSystemEntry ::= 478 SEQUENCE { 479 saviObjectsSystemIPVersion InetVersion, 480 saviObjectsSystemSlaacEnable INTEGER, 481 saviObjectsSystemDhcpEnable INTEGER, 482 saviObjectsSystemSendEnable INTEGER, 483 saviObjectsSystemManualEnable INTEGER 484 } 486 saviObjectsSystemIPVersion OBJECT-TYPE 487 SYNTAX InetVersion 488 MAX-ACCESS not-accessible 489 STATUS current 490 DESCRIPTION 491 "The IP version " 492 ::= { saviObjectsSystemEntry 1 } 494 saviObjectsSystemSlaacEnable OBJECT-TYPE 495 SYNTAX INTEGER { 496 enable(1), 497 disable(2) 498 } 499 MAX-ACCESS read-write 500 STATUS current 501 DESCRIPTION 502 "If SAVI for SlAAC is enabled. " 503 ::= { saviObjectsSystemEntry 2 } 505 saviObjectsSystemDhcpEnable OBJECT-TYPE 506 SYNTAX INTEGER { 507 enable(1), 508 disable(2) 509 } 510 MAX-ACCESS read-write 511 STATUS current 512 DESCRIPTION 513 "If SAVI for DHCP is enabled. " 514 ::= { saviObjectsSystemEntry 3 } 516 saviObjectsSystemSendEnable OBJECT-TYPE 517 SYNTAX INTEGER { 518 enable(1), 519 disable(2) 520 } 521 MAX-ACCESS read-write 522 STATUS current 523 DESCRIPTION 524 "If SAVI for SEND is enabled. " 525 ::= { saviObjectsSystemEntry 4 } 527 saviObjectsSystemManualEnable OBJECT-TYPE 528 SYNTAX INTEGER { 529 enable(1), 530 disable(2) 531 } 532 MAX-ACCESS read-write 533 STATUS current 534 DESCRIPTION 535 "If SAVI for MANUAL is enabled. " 536 ::= { saviObjectsSystemEntry 5 } 538 -- Preference parameters for SAVI protocol 540 saviObjectsPreferenceTable OBJECT-TYPE 541 SYNTAX SEQUENCE OF SaviObjectsPreferenceEntry 542 MAX-ACCESS not-accessible 543 STATUS current 544 DESCRIPTION 545 "The table containing savi preference parameters." 546 ::= { saviObjects 2 } 548 saviObjectsPreferenceEntry OBJECT-TYPE 549 SYNTAX SaviObjectsPreferenceEntry 550 MAX-ACCESS not-accessible 551 STATUS current 552 DESCRIPTION 553 "An entry containing savi system-wide parameters for a 554 particular IP version. 555 " 556 INDEX { saviObjectsPreferenceIPVersion } 557 ::= { saviObjectsPreferenceTable 1 } 559 SaviObjectsPreferenceEntry ::= 560 SEQUENCE { 561 saviObjectsPreferenceIPVersion InetVersion, 562 saviObjectsPreferenceSlaac INTEGER, 563 saviObjectsPreferenceDhcp INTEGER, 564 saviObjectsPreferenceSend INTEGER, 565 saviObjectsPreferenceManual INTEGER 566 } 568 saviObjectsPreferenceIPVersion OBJECT-TYPE 569 SYNTAX InetVersion 570 MAX-ACCESS not-accessible 571 STATUS current 572 DESCRIPTION 573 "The IP version " 574 ::= { saviObjectsPreferenceEntry 1 } 576 saviObjectsPreferenceSlaac OBJECT-TYPE 577 SYNTAX INTEGER 578 MAX-ACCESS read-write 579 STATUS current 580 DESCRIPTION 581 "Preference of SAVI-SLAAC. " 582 ::= { saviObjectsPreferenceEntry 2 } 584 saviObjectsPreferenceDhcp OBJECT-TYPE 585 SYNTAX INTEGER 586 MAX-ACCESS read-write 587 STATUS current 588 DESCRIPTION 589 "Preference of SAVI-DHCP." 590 ::= { saviObjectsPreferenceEntry 3 } 592 saviObjectsPreferenceSend OBJECT-TYPE 593 SYNTAX INTEGER 594 MAX-ACCESS read-write 595 STATUS current 596 DESCRIPTION 597 "Preference of SAVI-SEND. " 598 ::= { saviObjectsPreferenceEntry 4 } 600 saviObjectsPreferenceManual OBJECT-TYPE 601 SYNTAX INTEGER 602 MAX-ACCESS read-write 603 STATUS current 604 DESCRIPTION 605 "Preference of SAVI-MANUAL. " 606 ::= { saviObjectsPreferenceEntry 5 } 608 -- Port parameters for SAVI protocol 610 saviObjectsPortTable OBJECT-TYPE 611 SYNTAX SEQUENCE OF SaviObjectsPortEntry 612 MAX-ACCESS not-accessible 613 STATUS current 614 DESCRIPTION 615 "The table containing SAVI parameters of each anchor." 617 ::= { saviObjects 3 } 619 saviObjectsPortEntry OBJECT-TYPE 620 SYNTAX SaviObjectsPortEntry 621 MAX-ACCESS not-accessible 622 STATUS current 623 DESCRIPTION 624 "An entry containing SAVI running parameters of an anchor." 625 INDEX { 626 saviObjectsPortIPVersion, 627 saviObjectsPortIfIndex 628 } 629 ::= { saviObjectsPortTable 1 } 631 SaviObjectsPortEntry ::= 632 SEQUENCE { 633 saviObjectsPortIPVersion InetVersion, 634 saviObjectsPortIfIndex InterfaceIndex, 635 saviObjectsPortValidatingAttr INTEGER, 636 saviObjectsPortDhcpTrustAttr INTEGER, 637 saviObjectsPortTrustAttr INTEGER, 638 saviObjectsPortDhcpSnoopingAttr INTEGER, 639 saviObjectsPortDataSnoopingAttr INTEGER, 640 saviObjectsPortFilteringNum Unsigned32 641 } 643 saviObjectsPortIPVersion OBJECT-TYPE 644 SYNTAX InetVersion 645 MAX-ACCESS not-accessible 646 STATUS current 647 DESCRIPTION 648 "The IP version " 649 ::= { saviObjectsPortEntry 1 } 651 saviObjectsPortIfIndex OBJECT-TYPE 652 SYNTAX InterfaceIndex 653 MAX-ACCESS not-accessible 654 STATUS current 655 DESCRIPTION 656 "The index value that uniquely identifies the interface to 657 which this entry is applicable. The interface identified by 658 a particular value of this index is the same interface as 659 identified by the same value of the IF-MIB's ifIndex. 660 " 661 ::= { saviObjectsPortEntry 2 } 663 saviObjectsPortValidatingAttr OBJECT-TYPE 664 SYNTAX INTEGER { 665 enable(1), 666 disable(2) 667 } 668 MAX-ACCESS read-write 669 STATUS current 670 DESCRIPTION 671 "An attribute defined in SAVI protocol. 672 enable(1), the attribute is set. 673 disable(2), the attribute is not set. 674 " 675 ::= { saviObjectsPortEntry 3 } 677 saviObjectsPortDhcpTrustAttr OBJECT-TYPE 678 SYNTAX INTEGER { 679 enable(1), 680 disable(2) 681 } 682 MAX-ACCESS read-write 683 STATUS current 684 DESCRIPTION 685 "An attribute defined in SAVI protocol. 686 enable(1), the attribute is set. 687 disable(2), the attribute is not set. 688 " 689 ::= { saviObjectsPortEntry 4 } 691 saviObjectsPortTrustAttr OBJECT-TYPE 692 SYNTAX INTEGER { 693 enable(1), 694 disable(2) 695 } 696 MAX-ACCESS read-write 697 STATUS current 698 DESCRIPTION 699 "An attribute defined in SAVI protocol. 700 enable(1), the attribute is set. 701 disable(2), the attribute is not set. 702 " 703 ::= { saviObjectsPortEntry 5 } 705 saviObjectsPortDhcpSnoopingAttr OBJECT-TYPE 706 SYNTAX INTEGER { 707 enable(1), 708 disable(2) 709 } 710 MAX-ACCESS read-write 711 STATUS current 712 DESCRIPTION 713 "An attribute defined in SAVI protocol. 714 enable(1), the attribute is set. 715 disable(2), the attribute is not set. 716 " 717 ::= { saviObjectsPortEntry 6 } 719 saviObjectsPortDataSnoopingAttr OBJECT-TYPE 720 SYNTAX INTEGER { 721 enable(1), 722 disable(2) 723 } 724 MAX-ACCESS read-write 725 STATUS current 726 DESCRIPTION 727 "An attribute defined in SAVI protocol. 728 enable(1), the attribute is set. 729 disable(2), the attribute is not set. 730 " 731 ::= { saviObjectsPortEntry 7 } 733 saviObjectsPortFilteringNum OBJECT-TYPE 734 SYNTAX Unsigned32 735 MAX-ACCESS read-write 736 STATUS current 737 DESCRIPTION 738 "The max filtering number of the Port." 739 ::= { saviObjectsPortEntry 8 } 741 -- Binding Status Table for SAVI protocol 743 saviObjectsBindingTable OBJECT-TYPE 744 SYNTAX SEQUENCE OF SaviObjectsBindingEntry 745 MAX-ACCESS not-accessible 746 STATUS current 747 DESCRIPTION 748 "The table containing the state of binding 749 between source address and anchor. 750 " 751 ::= { saviObjects 4 } 753 saviObjectsBindingEntry OBJECT-TYPE 754 SYNTAX SaviObjectsBindingEntry 755 MAX-ACCESS not-accessible 756 STATUS current 757 DESCRIPTION 758 "An entry containing the state of binding between source 759 address and anchor. 760 Entries are keyed on the source IP address type, 761 binding type, anchor, and source IP address. 762 " 763 INDEX { 764 saviObjectsBindingIpAddressType, 765 saviObjectsBindingMethod, 766 saviObjectsBindingIfIndex, 767 saviObjectsBindingIpAddress 768 } 769 ::= { saviObjectsBindingTable 1 } 771 SaviObjectsBindingEntry ::= 772 SEQUENCE { 773 saviObjectsBindingIpAddressType InetAddressType, 774 saviObjectsBindingMethod INTEGER, 775 saviObjectsBindingIfIndex InterfaceIndex, 776 saviObjectsBindingIpAddress InetAddress, 777 saviObjectsBindingMacAddr MacAddress, 778 saviObjectsBindingLifetime TimeInterval, 779 saviObjectsBindingCreationtime DateAndTime, 780 saviObjectsBindingRowStatus RowStatus 781 } 783 saviObjectsBindingIpAddressType OBJECT-TYPE 784 SYNTAX InetAddressType 785 MAX-ACCESS not-accessible 786 STATUS current 787 DESCRIPTION 788 "IP address type of the binding source IP." 789 ::= { saviObjectsBindingEntry 1 } 791 saviObjectsBindingMethod OBJECT-TYPE 792 SYNTAX INTEGER { 793 manual(1), 794 slaac(2), 795 dhcp(3), 796 send(4) 797 } 798 MAX-ACCESS not-accessible 799 STATUS current 800 DESCRIPTION 801 "IP address assignment methods." 802 ::= { saviObjectsBindingEntry 2 } 804 saviObjectsBindingIfIndex OBJECT-TYPE 805 SYNTAX InterfaceIndex 806 MAX-ACCESS not-accessible 807 STATUS current 808 DESCRIPTION 809 "The index value that uniquely identifies the interface to 810 which this entry is applicable. The interface identified by 811 a particular value of this index is the same interface as 812 identified by the same value of the IF-MIB's ifIndex. 813 " 814 ::= { saviObjectsBindingEntry 3 } 816 saviObjectsBindingIpAddress OBJECT-TYPE 817 SYNTAX InetAddress 818 MAX-ACCESS not-accessible 819 STATUS current 820 DESCRIPTION 821 "The binding source IP address" 822 ::= { saviObjectsBindingEntry 4 } 824 saviObjectsBindingMacAddr OBJECT-TYPE 825 SYNTAX MacAddress 826 MAX-ACCESS read-create 827 STATUS current 828 DESCRIPTION 829 "The binding source mac address." 830 ::= { saviObjectsBindingEntry 5 } 832 saviObjectsBindingLifetime OBJECT-TYPE 833 SYNTAX TimeInterval 834 MAX-ACCESS read-create 835 STATUS current 836 DESCRIPTION 837 "The remaining lifetime of the entry. 838 TimeInterval is defined in RFC 2579, it's a period of time, 839 measured in units of 0.01 seconds, 840 and the value is (0..2147483647). 841 If saviObjectsBindingMethod=manual, a value of 2147483647 842 represents infinity. 843 " 844 ::= { saviObjectsBindingEntry 6 } 846 saviObjectsBindingCreationtime OBJECT-TYPE 847 SYNTAX DateAndTime 848 MAX-ACCESS read-create 849 STATUS current 850 DESCRIPTION 851 "The value of the local clock when the entry was firstly created. 852 " 853 ::= { saviObjectsBindingEntry 7 } 855 saviObjectsBindingRowStatus OBJECT-TYPE 856 SYNTAX RowStatus 857 MAX-ACCESS read-create 858 STATUS current 859 DESCRIPTION 860 "The status of this row, by which new entries may be 861 created, or old entries deleted from this table. 862 An Entry can be created or deleted only when 863 saviObjectsBindingMethod=manual. 864 " 865 ::= { saviObjectsBindingEntry 8 } 867 -- Filtering Table for SAVI protocol 869 saviObjectsFilteringTable OBJECT-TYPE 870 SYNTAX SEQUENCE OF SaviObjectsFilteringEntry 871 MAX-ACCESS not-accessible 872 STATUS current 873 DESCRIPTION 874 "The table containing the filtering entries." 875 ::= { saviObjects 5 } 877 saviObjectsFilteringEntry OBJECT-TYPE 878 SYNTAX SaviObjectsFilteringEntry 879 MAX-ACCESS not-accessible 880 STATUS current 881 DESCRIPTION 882 "An entry containing the filtering parameters. 883 Entries are keyed on the source IP address type, 884 anchor, and source IP address. 885 " 886 INDEX { saviObjectsFilteringIpAddressType, 887 saviObjectsFilteringIfIndex, 888 saviObjectsFilteringIpAddress 889 } 890 ::= { saviObjectsFilteringTable 1 } 892 SaviObjectsFilteringEntry ::= 893 SEQUENCE { 894 saviObjectsFilteringIpAddressType InetAddressType, 895 saviObjectsFilteringIfIndex InterfaceIndex, 896 saviObjectsFilteringIpAddress InetAddress, 897 saviObjectsFilteringMacAddr MacAddress 898 } 900 saviObjectsFilteringIpAddressType OBJECT-TYPE 901 SYNTAX InetAddressType 902 MAX-ACCESS not-accessible 903 STATUS current 904 DESCRIPTION 905 "IP address type of the filtering source IP" 906 ::= { saviObjectsFilteringEntry 1 } 908 saviObjectsFilteringIfIndex OBJECT-TYPE 909 SYNTAX InterfaceIndex 910 MAX-ACCESS not-accessible 911 STATUS current 912 DESCRIPTION 913 "The index value that uniquely identifies the interface to 914 which this entry is applicable. The interface identified by 915 a particular value of this index is the same interface as 916 identified by the same value of the IF-MIB's ifIndex. 917 " 918 ::= { saviObjectsFilteringEntry 2 } 920 saviObjectsFilteringIpAddress OBJECT-TYPE 921 SYNTAX InetAddress 922 MAX-ACCESS not-accessible 923 STATUS current 924 DESCRIPTION 925 "The filtering source IP address." 926 ::= { saviObjectsFilteringEntry 3 } 928 saviObjectsFilteringMacAddr OBJECT-TYPE 929 SYNTAX MacAddress 930 MAX-ACCESS read-only 931 STATUS current 932 DESCRIPTION 933 "The filtering source mac address." 934 ::= { saviObjectsFilteringEntry 4 } 936 --Count of packets dropped because of validation failure for each interface. 938 saviObjectsCountTable OBJECT-TYPE 939 SYNTAX SEQUENCE OF saviObjectsCountEntry 940 MAX-ACCESS not-accessible 941 STATUS current 942 DESCRIPTION 943 "The table containing count of packets dropped because of validation failure." 944 ::= { saviObjects 6 } 946 saviObjectsCountEntry OBJECT-TYPE 947 SYNTAX saviObjectsCountEntry 948 MAX-ACCESS not-accessible 949 STATUS current 950 DESCRIPTION 951 "An entry containing count of packets dropped because of validation failure for each interface." 952 INDEX { saviObjectsCountIPVersion, 953 saviObjectsCountIfIndex 954 } 955 ::= { saviObjectsCountTable 1 } 957 saviObjectsCountEntry ::= 958 SEQUENCE { 959 saviObjectsCountIPVersion InetVersion, 960 saviObjectsCountIfIndex InterfaceIndex, 961 saviObjectsCountFilterPkts Counter64, 962 saviObjectsCountFilterOctets Counter64 963 } 965 saviObjectsCountIPVersion OBJECT-TYPE 966 SYNTAX InetVersion 967 MAX-ACCESS not-accessible 968 STATUS current 969 DESCRIPTION 970 "The IP version " 971 ::= { saviObjectsCountEntry 1 } 973 saviObjectsCountIfIndex OBJECT-TYPE 974 SYNTAX InterfaceIndex 975 MAX-ACCESS not-accessible 976 STATUS current 977 DESCRIPTION 978 "The Interface." 979 ::= { saviObjectsCountEntry 2 } 981 saviObjectsCountFilterPkts OBJECT-TYPE 982 SYNTAX Counter64 983 MAX-ACCESS read-only 984 STATUS current 985 DESCRIPTION 986 "The count of Pkts dropped." 987 ::= { saviObjectsCountEntry 3 } 989 saviObjectsCountFilterOctets OBJECT-TYPE 990 SYNTAX Counter64 991 MAX-ACCESS read-only 992 STATUS current 993 DESCRIPTION 994 "The count of Octets dropped." 995 ::= { saviObjectsCountEntry 4 } 997 -- Conformance information 998 saviConformance OBJECT IDENTIFIER ::= { saviMIB 2 } 999 saviCompliances OBJECT IDENTIFIER ::= { saviConformance 1 } 1001 -- Compliance statements 1002 saviCompliance MODULE-COMPLIANCE 1003 STATUS current 1004 DESCRIPTION 1005 "The compliance statement for entities which implement SAVI 1006 protocol. 1007 " 1008 MODULE 1009 MANDATORY-GROUPS { 1010 systemGroup, 1011 portGroup, 1012 bindingGroup, 1013 filteringGroup 1014 } 1015 ::= { saviCompliances 1} 1017 saviGroups OBJECT IDENTIFIER ::= { saviConformance 2 } 1019 --Units of conformance 1021 systemGroup OBJECT-GROUP 1022 OBJECTS { 1023 saviObjectsSystemSlaacEnable, 1024 saviObjectsSystemDhcpEnable, 1025 saviObjectsSystemSendEnable, 1026 saviObjectsSystemManualEnable 1027 } 1028 STATUS current 1029 DESCRIPTION 1030 "The system group contains objects corrsponding to savi system 1031 parameters. 1032 " 1033 ::= {saviGroups 1} 1035 portGroup OBJECT-GROUP 1036 OBJECTS { 1037 saviObjectsPortValidatingAttr, 1038 saviObjectsPortDhcpTrustAttr, 1039 saviObjectsPortTrustAttr, 1040 saviObjectsPortDhcpSnoopingAttr, 1041 saviObjectsPortDataSnoopingAttr, 1042 saviObjectsPortFilteringNum 1043 } 1044 STATUS current 1045 DESCRIPTION 1046 "The if group contains objects corresponding to the savi running 1047 parameters of each anchor. 1048 " 1049 ::= {saviGroups 2} 1051 bindingGroup OBJECT-GROUP 1052 OBJECTS { 1053 saviObjectsBindingMacAddr, 1054 saviObjectsBindingLifetime, 1055 saviObjectsBindingCreationtime, 1056 saviObjectsBindingRowStatus 1057 } 1058 STATUS current 1059 DESCRIPTION 1060 "The binding group contains the binding 1061 information of anchor and soure ip address. 1062 " 1063 ::= {saviGroups 3} 1065 filteringGroup OBJECT-GROUP 1066 OBJECTS { 1067 saviObjectsFilteringMacAddr 1068 } 1069 STATUS current 1070 DESCRIPTION 1071 "The filtering group contains the filtering 1072 information of anchor and soure ip address. 1073 " 1074 ::= {saviGroups 4} 1076 END 1078 9. Security Considerations 1080 There are a number of management objects defined in this MIB module 1081 with a MAX-ACCESS clause of read-write and/or read-create. Such 1082 objects may be considered sensitive or vulnerable in some network 1083 environments. The support for SET operations in a non-secure 1084 environment without proper protection can have a negative effect on 1085 network operations. These are the tables and objects and their 1086 sensitivity/vulnerability: 1088 o saviObjectsSystemTable - Unauthorized changes to the writable 1089 objects under saviObjectsSystemTable MAY disrupt allocation of 1090 resources in the network. For example, a device's SAVI system 1091 mode be changed by set operation to SAVI-DISABLE will give chance 1092 to IP source address spoofing. 1094 o saviObjectsPortTable - Unauthorized changes to the writable 1095 objects under saviObjectsPortTable MAY disrupt allocation of 1096 resources in the network. For example, an anchor's ValidatingAttr 1097 be changed by set operation to DISABLE will give chance to IP 1098 source address spoofing. 1100 o saviObjectsBindingTable - Unauthorized changes to the writable 1101 objects under this table MAY disrupt allocation of resources in 1102 the network. For example, a manual binding entry is inserted to 1103 the BST will give chance to IP source address spoofing. 1105 Some of the readable objects in this MIB module (i.e., objects with a 1106 MAX-ACCESS other than not-accessible) may be considered sensitive or 1107 vulnerable in some network environments. It is thus important to 1108 control even GET and/or NOTIFY access to these objects and possibly 1109 to even encrypt the values of these objects when sending them over 1110 the network via SNMP. These are the tables and objects and their 1111 sensitivity/vulnerability: 1113 o saviObjectsBindingTable, saviObjectsFilteringTable - The IP 1114 address and binding anchor information will be helpful to some 1115 attacks. 1117 SNMP versions prior to SNMPv3 did not include adequate security. 1118 Even if the network itself is secure (for example by using IPsec), 1119 there is no control as to who on the secure network is allowed to 1120 access and GET/SET (read/change/create/delete) the objects in this 1121 MIB module. 1123 It is RECOMMENDED that implementers consider the security features as 1124 provided by the SNMPv3 framework (see [RFC3410], section 8), 1125 including full support for the SNMPv3 cryptographic mechanisms (for 1126 authentication and privacy). 1128 Further, deployment of SNMP versions prior to SNMPv3 is NOT 1129 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 1130 enable cryptographic security. It is then a customer/operator 1131 responsibility to ensure that the SNMP entity giving access to an 1132 instance of this MIB module is properly configured to give access to 1133 the objects only to those principals (users) that have legitimate 1134 rights to indeed GET or SET (change/create/delete) them. 1136 10. IANA Considerations 1138 The MIB module in this document uses the following IANA-assigned 1139 OBJECT IDENTIFIER values recorded in the SMI Numbers registry: 1141 Descriptor OBJECT IDENTIFIER value 1142 ---------- ----------------------- 1143 SAVI-MIB { ip XXX } 1145 11. Contributors 1147 12. References 1149 12.1. Normative References 1151 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1152 Requirement Levels", BCP 14, RFC 2119, 1153 DOI 10.17487/RFC2119, March 1997, 1154 . 1156 [RFC2131] Droms, R., "Dynamic Host Configuration Protocol", 1157 RFC 2131, DOI 10.17487/RFC2131, March 1997, 1158 . 1160 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1161 Schoenwaelder, Ed., "Structure of Management Information 1162 Version 2 (SMIv2)", STD 58, RFC 2578, 1163 DOI 10.17487/RFC2578, April 1999, 1164 . 1166 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1167 Schoenwaelder, Ed., "Textual Conventions for SMIv2", 1168 STD 58, RFC 2579, DOI 10.17487/RFC2579, April 1999, 1169 . 1171 [RFC2580] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1172 Schoenwaelder, Ed., "Conformance Statements for SMIv2", 1173 STD 58, RFC 2580, DOI 10.17487/RFC2580, April 1999, 1174 . 1176 [RFC3315] Droms, R., Ed., Bound, J., Volz, B., Lemon, T., Perkins, 1177 C., and M. Carney, "Dynamic Host Configuration Protocol 1178 for IPv6 (DHCPv6)", RFC 3315, DOI 10.17487/RFC3315, July 1179 2003, . 1181 [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. 1182 Schoenwaelder, "Textual Conventions for Internet Network 1183 Addresses", RFC 4001, DOI 10.17487/RFC4001, February 2005, 1184 . 1186 [RFC6620] Nordmark, E., Bagnulo, M., and E. Levy-Abegnoli, "FCFS 1187 SAVI: First-Come, First-Served Source Address Validation 1188 Improvement for Locally Assigned IPv6 Addresses", 1189 RFC 6620, DOI 10.17487/RFC6620, May 2012, 1190 . 1192 [RFC7039] Wu, J., Bi, J., Bagnulo, M., Baker, F., and C. Vogt, Ed., 1193 "Source Address Validation Improvement (SAVI) Framework", 1194 RFC 7039, DOI 10.17487/RFC7039, October 2013, 1195 . 1197 [RFC7219] Bagnulo, M. and A. Garcia-Martinez, "SEcure Neighbor 1198 Discovery (SEND) Source Address Validation Improvement 1199 (SAVI)", RFC 7219, DOI 10.17487/RFC7219, May 2014, 1200 . 1202 [RFC7513] Bi, J., Wu, J., Yao, G., and F. Baker, "Source Address 1203 Validation Improvement (SAVI) Solution for DHCP", 1204 RFC 7513, DOI 10.17487/RFC7513, May 2015, 1205 . 1207 12.2. Informative References 1209 [RFC2223] Postel, J. and J. Reynolds, "Instructions to RFC Authors", 1210 RFC 2223, DOI 10.17487/RFC2223, October 1997, 1211 . 1213 [RFC2629] Rose, M., "Writing I-Ds and RFCs using XML", RFC 2629, 1214 DOI 10.17487/RFC2629, June 1999, 1215 . 1217 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group 1218 MIB", RFC 2863, DOI 10.17487/RFC2863, June 2000, 1219 . 1221 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 1222 "Introduction and Applicability Statements for Internet- 1223 Standard Management Framework", RFC 3410, 1224 DOI 10.17487/RFC3410, December 2002, 1225 . 1227 [RFC4181] Heard, C., Ed., "Guidelines for Authors and Reviewers of 1228 MIB Documents", BCP 111, RFC 4181, DOI 10.17487/RFC4181, 1229 September 2005, . 1231 [RFC4293] Routhier, S., Ed., "Management Information Base for the 1232 Internet Protocol (IP)", RFC 4293, DOI 10.17487/RFC4293, 1233 April 2006, . 1235 12.3. URL References 1237 [idguidelines] 1238 IETF Internet Drafts editor, 1239 "http://www.ietf.org/ietf/1id-guidelines.txt". 1241 [idnits] IETF Internet Drafts editor, 1242 "http://www.ietf.org/ID-Checklist.html". 1244 [ietf] IETF Tools Team, "http://tools.ietf.org". 1246 [ops] the IETF OPS Area, "http://www.ops.ietf.org". 1248 [xml2rfc] XML2RFC tools and documentation, 1249 "http://xml.resource.org". 1251 Appendix A. Change Log 1253 From draft 00 to draft 01 1255 o Change the value range of object saviObjectsSystemMode and add a 1256 new value savi-send(6). 1258 From draft 01 to draft 02 1260 o Change saviObjectsTrustStatus into two booleans, one is 1261 saviObjectsDhcpTrustStatus, another is saviObjectsRaTrustStatus. 1263 o Change the character string saviObjectsIf to saviObjectsPort 1264 globally. 1266 o Change saviObjectsBindingState according to the latest version of 1267 solution drafts. 1269 From draft 02 to draft 03 1271 o Add a new object saviObjectsPortBindRecoveryAttr, and change the 1272 object saviObjectsPortRaTrustStatus to saviObjectsPortTrustAttr 1273 according to the latest version of solution drafts and RFC. 1275 o Change the value range and meaning of saviObjectsBindingState 1276 according to the latest version of solution drafts and RFC. 1278 o Change the value range of object saviObjectsBindingType, add a new 1279 value send(4), and change the value static(1) to manual(1). 1281 From draft 03 to draft 04 1283 o Add three new objects according to the latest version of solution 1284 drafts and RFC, i.e. saviObjectsSystemTentLT, 1285 saviObjectsSystemDefaultLT, saviObjectsSystemTWAIT. 1287 From draft 04 to draft 05 1289 o Add two new objects according to the latest version of solution 1290 drafts and RFC, i.e. saviObjectsBindingCreationtime, 1291 saviObjectsBindingTID. 1293 From draft 05 to draft 06 1295 o Add three new objects, saviObjectsSystemDadTimeout, 1296 saviObjectsPortDhcpSnoopingAttr and 1297 saviObjectsPortDataSnoopingAttr. 1299 o Replace object saviObjectsSystemBindRecoveryInterval with 1300 saviObjectsSystemDataSnoopingInterval. 1302 o Replace object saviObjectsPortSAVISAVIAttr with 1303 saviObjectsPortTrustAttr. 1305 o Delete object saviObjectsPortBindRecoveryAttr. 1307 From draft 06 to draft 07 1309 o Replace object saviObjectsSystemDadTimeout with 1310 saviObjectsSystemDetectionTimeout. 1312 From draft 07 to draft 08 1314 o Add a new table to count the fail packets of each interface. 1316 From draft 08 to draft 09 1318 o Change the value range and meaning of saviObjectsBindingState 1319 according to the latest version of solution RFC. 1321 From draft 09 to draft 10 1323 o Replace object saviObjectsSystemMode with 1324 saviObjectsSystemSlaacEnable, saviObjectsSystemDhcpEnable, 1325 saviObjectsSystemSendEnable, saviObjectsManualEnable. 1327 From draft 10 to draft 11 1329 o Add a new table SaviObjectsPreferenceTable to reflect the 1330 preference of each savi method. 1332 From draft 11 to draft 12 1334 o Replace object saviObjectsBindingType with 1335 saviObjectsBindingMethod. 1337 From draft 12 to draft 13 1339 o Add a new object saviObjectsCountFilterOctets to count the octets 1340 dropped by SAVI protocol. 1342 Appendix B. Open Issues 1344 Note to RFC Editor: please remove this appendix before publication as 1345 an RFC. 1347 Authors' Addresses 1349 Changqing An 1350 Tsinghua University 1351 Institute for Network Sciences and Cyberspace, Tsinghua University 1352 Beijing 100084 1353 China 1355 Phone: +86 10 62603113 1356 EMail: acq@cernet.edu.cn 1358 Jiahai Yang 1359 Tsinghua University 1360 Institute for Network Sciences and Cyberspace, Tsinghua University 1361 Beijing 100084 1362 China 1364 Phone: +86 10 62783492 1365 EMail: yang@cernet.edu.cn 1367 Jianping Wu 1368 Tsinghua University 1369 Institute for Network Sciences and Cyberspace, Tsinghua University 1370 Beijing 100084 1371 China 1373 EMail: jianping@cernet.edu.cn 1375 Jun Bi 1376 Tsinghua University 1377 Institute for Network Sciences and Cyberspace, Tsinghua University 1378 Beijing 100084 1379 China 1381 EMail: junbi@cernet.edu.cn