idnits 2.17.1 draft-decnodder-ancp-mib-an-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 16. -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on line 1251. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 1262. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 1269. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 1275. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The abstract seems to contain references ([ANCPFW], [ANCPPR]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust Copyright Line does not match the current year == The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but does not include the phrase in its RFC 2119 key words list. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (February 26, 2007) is 6240 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-13) exists of draft-ietf-ancp-framework-01 ** Downref: Normative reference to an Informational draft: draft-ietf-ancp-framework (ref. 'ANCPFW') -- No information found for draft-wadhwa-gsmp-l2control- - is the name correct? -- Possible downref: Normative reference to a draft: ref. 'ANCPPR' Summary: 3 errors (**), 0 flaws (~~), 3 warnings (==), 9 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group S. De Cnodder 3 Internet-Draft Alcatel-Lucent 4 Intended status: Standards Track M. Morgenstern 5 Expires: August 30, 2007 ECI Telecom Ltd. 6 February 26, 2007 8 Access Node Control Protocol (ANCP) MIB module for Access Nodes 9 draft-decnodder-ancp-mib-an-01.txt 11 Status of this Memo 13 By submitting this Internet-Draft, each author represents that any 14 applicable patent or other IPR claims of which he or she is aware 15 have been or will be disclosed, and any of which he or she becomes 16 aware will be disclosed, in accordance with Section 6 of BCP 79. 18 Internet-Drafts are working documents of the Internet Engineering 19 Task Force (IETF), its areas, and its working groups. Note that 20 other groups may also distribute working documents as Internet- 21 Drafts. 23 Internet-Drafts are draft documents valid for a maximum of six months 24 and may be updated, replaced, or obsoleted by other documents at any 25 time. It is inappropriate to use Internet-Drafts as reference 26 material or to cite them other than as "work in progress." 28 The list of current Internet-Drafts can be accessed at 29 http://www.ietf.org/ietf/1id-abstracts.txt. 31 The list of Internet-Draft Shadow Directories can be accessed at 32 http://www.ietf.org/shadow.html. 34 This Internet-Draft will expire on August 30, 2007. 36 Copyright Notice 38 Copyright (C) The IETF Trust (2007). 40 Abstract 42 This memo defines a portion of the Management Information Base (MIB) 43 for use with network management protocols. In particular it defines 44 objects for managing access nodes as described in [ANCPFW] that are 45 using the Access Node Control Protocol (ANCP) defined in [ANCPPR]. 47 Table of Contents 49 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 50 2. The Internet-Standard Management Framework . . . . . . . . . . 3 51 3. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 52 4. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 53 5. Structure of the MIB Module . . . . . . . . . . . . . . . . . 3 54 5.1. Textual Conventions . . . . . . . . . . . . . . . . . . . 4 55 5.2. The ANCP Subtree for the Access Node . . . . . . . . . . . 5 56 5.3. The Notifications Subtree . . . . . . . . . . . . . . . . 5 57 5.4. Relationship to Other MIB Modules . . . . . . . . . . . . 5 58 6. ANCP MIB Definitions for the Access Node . . . . . . . . . . . 5 59 7. Security Considerations . . . . . . . . . . . . . . . . . . . 22 60 8. IANA considerations . . . . . . . . . . . . . . . . . . . . . 25 61 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 25 62 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 26 63 10.1. Normative References . . . . . . . . . . . . . . . . . . . 26 64 10.2. Informative References . . . . . . . . . . . . . . . . . . 27 65 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 27 66 Intellectual Property and Copyright Statements . . . . . . . . . . 28 68 1. Introduction 70 This memo defines a portion of the Management Information Base (MIB) 71 for use with network management protocols. In particular it defines 72 objects for managing access nodes as described in [ANCPFW] that are 73 using the Access Node Control Protocol defined in [ANCPPR]. 75 2. The Internet-Standard Management Framework 77 For a detailed overview of the documents that describe the current 78 Internet-Standard Management Framework, please refer to section 7 of 79 RFC 3410 [RFC3410]. 81 Managed objects are accessed via a virtual information store, termed 82 the Management Information Base or MIB. MIB objects are generally 83 accessed through the Simple Network Management Protocol (SNMP). 84 Objects in the MIB are defined using the mechanisms defined in the 85 Structure of Management Information (SMI). This memo specifies a MIB 86 module that is compliant to the SMIv2, which is described in STD 58, 87 RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 88 [RFC2580]. 90 3. Conventions 92 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 93 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 94 document are to be interpreted as described in [RFC2119]. 96 4. Overview 98 In [ANCPFW], the framework for the Access Node Control Protocol 99 (ANCP) is described. It defines 2 network entities, the Access Node 100 (AN) and the Network Access Server (NAS), between which ANCP sessions 101 are established. The detailed protocol specification of ANCP is 102 described in [ANCPPR]. This document specifies a MIB module for an 103 AN that supports ANCP. 105 Note: the current MIB definition is specific for [ANCPPR]. If 106 [ANCPPR] gets updated later, then the MIB definition in this document 107 will also follow these changes. 109 5. Structure of the MIB Module 111 The ANCP MIB module for the AN has 3 parts. A first table, 112 ancpAnSessionConfigTable, is used to configure ANCP sessions at the 113 AN towards a specific NAS. The NAS is identified by a number of 114 attributes in this table (ancpAnSessionConfigNasIpAddressType and 115 ancpAnSessionConfigNasIpAddress). The other attributes in this table 116 can be used to configure properties that are specific for that 117 particular ANCP session. A second table, ancpAnCurrentSessionTable, 118 shows the operational state of a particular ANCP session. Each 119 session configured in ancpAnSessionConfigTable has a corresponding 120 row in ancpAnCurrentSessionTable. When a session is configured or 121 deleted in the ancpAnSessionConfigTable, then the corresponding row 122 of that session in the ancpAnCurrentSessionTable is, respectively, 123 automatically created or deleted. A third table is used to assign 124 interfaces to particular partitions. A row in this table is created 125 automatically when an interface is created in the ifTable of the IF- 126 MIB [RFC2863] for which the system supports ANCP. 128 Four groups are defined: 130 o ancpAnConfigGroup 132 This group contains all objects of the ancpAnSessionConfigTable in 133 which the ANCP sessions are configured in the access node. 135 o ancpAnCurrentGroup 137 This group contains all objects of the ancpAnCurrentSessionTable 138 where the operational state and other information of the ANCP 139 sessions are shown. 141 o ancpAnInterfaceGroup 143 This group contains all objects to configure interfaces to be used 144 by ANCP. Assigning interfaces to particular partitions is part of 145 this group. 147 o ancpAnNotificationsGroup 149 This group contains the notifications that indicate state changes 150 of ANCP sessions. 152 5.1. Textual Conventions 154 Two new textual convention, GsmpSubVersion and 155 AncpAnSessionCapabilities, are defined in this MIB module. The ANCP 156 specification in [ANCPPR] is re-using the GSMP specification in 157 [RFC3292] where the GSMP subversion is introduced. These textual 158 convention complement the textual conventions defined in [RFC3295], 159 GsmpVersion, GsmpNameType, and GsmpPartitionIdType, which are also 160 used in this MIB module. These textual conventions are used for the 161 convenience of humans reading the MIB. 163 5.2. The ANCP Subtree for the Access Node 165 TBD 167 5.3. The Notifications Subtree 169 Notifications are defined to inform the management station about 170 state changes of ANCP sessions, whenever an ANCP session changes 171 state. Two notifications are defined for this purpose. The 172 notification ancpSessionUp is to inform the management station when 173 the session comes up, and the notification ancpSessionDown is to 174 inform when the ANCP session is down again after it was up before. 176 No special measures for congestion avoidance for the notifications 177 are needed because the number of ANCP sessions in an access node is 178 typically small. In addition, establishing an ANCP session and 179 tearing down it again, takes some time such that for a particular 180 ANCP session, not many notifications in a short time period can be 181 generated. 183 5.4. Relationship to Other MIB Modules 185 There is a dependency with the Interfaces Group MIB (IF-MIB) defined 186 in [RFC2863]. The ifIndex defined in the ifTable of IF-MIB is used 187 as the index of the ancpAnInterfaceConfigTable defined in the ANCP 188 MIB module for access nodes. Each time that an entry is created in 189 the ifTable for which the system supports ANCP (e.g., in a DSLAM this 190 is typically for each DSL line), a row is created automatically in 191 the ancpAnInterfaceConfigTable. 193 6. ANCP MIB Definitions for the Access Node 195 ANCP-AN-MIB DEFINITIONS ::= BEGIN 197 IMPORTS 198 MODULE-IDENTITY, OBJECT-TYPE, 199 Unsigned32, mib-2, TimeTicks, 200 NOTIFICATION-TYPE 201 FROM SNMPv2-SMI -- [RFC2578] 202 ZeroBasedCounter32 203 FROM RMON2-MIB -- [RFC4502] 204 ifIndex FROM IF-MIB -- [RFC2863] 205 InetAddressType, InetAddress, InetPortNumber 206 FROM INET-ADDRESS-MIB -- [RFC4001] 207 MODULE-COMPLIANCE, OBJECT-GROUP, 208 NOTIFICATION-GROUP 209 FROM SNMPv2-CONF -- [RFC2580] 210 GsmpVersion, GsmpNameType, GsmpPartitionIdType 211 FROM GSMP-MIB -- [RFC3295] 212 RowStatus, TEXTUAL-CONVENTION 213 FROM SNMPv2-TC; -- [RFC2579] 215 ancpAnMIB MODULE-IDENTITY 216 LAST-UPDATED "200702260000Z" -- 26 February 2007 217 ORGANIZATION "IETF ANCP Working Group" 218 CONTACT-INFO 219 " Editors: 221 Stefaan De Cnodder 222 Alcatel-Lucent 223 Postal: Copernicuslaan 50 224 B-2018 Antwerp 225 Belgium 226 EMail: stefaan.de_cnodder@alcatel-lucent.be 227 Phone: +32 3 240 85 15 229 Moti Morgenstern 230 ECI Telecom Ltd. 231 Postal: 30 Hasivim St. 232 Petach Tikva 49517, 233 Israel. 234 Email: moti.morgenstern@ecitele.com 235 Phone: +972 3 926 6258 236 " 237 DESCRIPTION 238 "The MIB module for entities implementing the access node 239 side of the Access Node Control Protocol (ANCP). 241 Copyright (C) The IETF Trust (2007). The initial version of 242 this MIB module was published in RFC yyyy; for full legal 243 notices see the RFC itself." 244 -- RFC Ed.: replace yyyy with actual RFC number & remove this note 245 REVISION "200702260000Z" -- 26 February 2007 246 DESCRIPTION "Initial version as published in RFC yyyy." 247 -- RFC Ed.: replace yyyy with actual RFC number & remove this note 248 ::= { mib-2 xxx } 249 -- The value xxx to be assigned by IANA. 251 ancpNotifications OBJECT IDENTIFIER ::= { ancpAnMIB 0 } 252 ancpAnObjects OBJECT IDENTIFIER ::= { ancpAnMIB 1 } 253 ancpAnConformance OBJECT IDENTIFIER ::= { ancpAnMIB 2 } 254 GsmpSubVersion ::= TEXTUAL-CONVENTION 255 STATUS current 256 DESCRIPTION 257 "The subversion numbers defined for the GSMP protocol." 258 SYNTAX Unsigned32 260 AncpAnSessionCapabilities ::= TEXTUAL-CONVENTION 261 STATUS current 262 DESCRIPTION 263 "ANCP capabilities supported by the AN. 264 The following capabilities are available: 265 topologyDiscovery (0)- Access Topology Discovery 266 lineConfig (1) - Line Configuration 267 multicast (2) - Multicast 268 l2Oam (3) - Layer 2 OAM 269 A bit set means the associated capability is supported." 270 SYNTAX BITS { 271 topologyDiscovery (0), 272 lineConfig (1), 273 multicast (2), 274 l2Oam (3) 275 } 277 ancpAnNextSessionId OBJECT-TYPE 278 SYNTAX Unsigned32 279 MAX-ACCESS read-only 280 STATUS current 281 DESCRIPTION 282 "The object reports the next index (potential value of 283 ancpAnSessionConfigSessionId) which is available for 284 creating a new row in ancpAnSessionConfigTable. 285 If no such value is available (e.g., the table is full or 286 any other reason) the object reports '0' (zero). 287 An available value V becomes unavailable when a row is 288 actually created with ancpAnSessionConfigSessionId=V and 289 until then consecutive GET commands with this object may 290 return the same value V. Note that eventually only one row 291 creation with the value V can succeed. 292 An unavailable value V becomes available again when a row 293 with ancpAnSessionConfigSessionId=V in 294 ancpAnSessionConfigTable is deleted." 295 ::= { ancpAnObjects 1 } 297 ancpAnSessionConfigTable OBJECT-TYPE 298 SYNTAX SEQUENCE OF AncpAnSessionConfigEntry 299 MAX-ACCESS not-accessible 300 STATUS current 301 DESCRIPTION 302 "This table represents the ANCP sessions in the access 303 node. An entry in this table needs to be configured 304 (created) before an ANCP session might be started." 305 ::= { ancpAnObjects 2 } 307 ancpAnSessionConfigEntry OBJECT-TYPE 308 SYNTAX AncpAnSessionConfigEntry 309 MAX-ACCESS not-accessible 310 STATUS current 311 DESCRIPTION 312 "An entry in the table showing the data for a 313 specific actual or yet to be established session. 314 If partitions are used, one session corresponds to 315 one specific access node partition." 316 INDEX { ancpAnSessionConfigSessionId } 317 ::= { ancpAnSessionConfigTable 1 } 319 AncpAnSessionConfigEntry ::= SEQUENCE { 320 ancpAnSessionConfigSessionId Unsigned32, 321 ancpAnSessionConfigRowStatus RowStatus, 322 ancpAnSessionConfigGsmpVersion GsmpVersion, 323 ancpAnSessionConfigGsmpSubVersion GsmpSubVersion, 324 ancpAnSessionConfigEncapsulationType INTEGER, 325 ancpAnSessionConfigCapabilities AncpAnSessionCapabilities, 326 ancpAnSessionConfigAliveTimer Unsigned32, 327 ancpAnSessionConfigPortReportShaper Unsigned32, 328 ancpAnSessionConfigAggregateReportShaper Unsigned32, 329 ancpAnSessionConfigTransportRetryTimer Unsigned32, 330 ancpAnSessionConfigGsmpRetryTimer Unsigned32, 331 ancpAnSessionConfigAnName GsmpNameType, 332 ancpAnSessionConfigPartitionId GsmpPartitionIdType, 333 ancpAnSessionConfigWindowSize Unsigned32, 334 ancpAnSessionConfigNasIpAddressType InetAddressType, 335 ancpAnSessionConfigNasIpAddress InetAddress, 336 ancpAnSessionConfigEncapPortNumber InetPortNumber 337 } 339 ancpAnSessionConfigSessionId OBJECT-TYPE 340 SYNTAX Unsigned32 (1..255) 341 MAX-ACCESS not-accessible 342 STATUS current 343 DESCRIPTION 344 "A system generated index to distinguish between 345 different sessions. Session may be actually established 346 or just potential." 347 ::= { ancpAnSessionConfigEntry 1 } 349 ancpAnSessionConfigRowStatus OBJECT-TYPE 350 SYNTAX RowStatus 351 MAX-ACCESS read-create 352 STATUS current 353 DESCRIPTION 354 "An object that allows entries in this table to 355 be created and deleted using the RowStatus convention." 356 ::= { ancpAnSessionConfigEntry 2 } 358 ancpAnSessionConfigGsmpVersion OBJECT-TYPE 359 SYNTAX GsmpVersion 360 MAX-ACCESS read-create 361 STATUS current 362 DESCRIPTION 363 "The maximum version number of the GSMP protocol that 364 may be used in this session. The value of this object 365 is persistent." 366 DEFVAL { 3 } 367 ::= { ancpAnSessionConfigEntry 3 } 369 ancpAnSessionConfigGsmpSubVersion OBJECT-TYPE 370 SYNTAX GsmpSubVersion 371 MAX-ACCESS read-create 372 STATUS current 373 DESCRIPTION 374 "The maximum subversion number of the GSMP protocol that 375 may be used in this session. The value of this object 376 is persistent." 377 DEFVAL { 1 } 378 ::= { ancpAnSessionConfigEntry 4 } 380 ancpAnSessionConfigEncapsulationType OBJECT-TYPE 381 SYNTAX INTEGER { 382 tcp(1) 383 } 384 MAX-ACCESS read-create 385 STATUS current 386 DESCRIPTION 387 "Required encapsulation for this session. The value of 388 this object is persistent." 389 DEFVAL { tcp } 390 ::= { ancpAnSessionConfigEntry 5 } 392 ancpAnSessionConfigCapabilities OBJECT-TYPE 393 SYNTAX AncpAnSessionCapabilities 394 MAX-ACCESS read-create 395 STATUS current 396 DESCRIPTION 397 "ANCP capabilities supported by the AN in this session. 399 When all bits are set to zero then this means that no 400 capabilities are supported. The value of this object 401 is persistent." 402 DEFVAL { { topologyDiscovery, l2Oam } } 403 ::= { ancpAnSessionConfigEntry 6 } 405 ancpAnSessionConfigAliveTimer OBJECT-TYPE 406 SYNTAX Unsigned32(1..255) 407 UNITS "deciseconds" 408 MAX-ACCESS read-create 409 STATUS current 410 DESCRIPTION 411 "The timer specifies the nominal time between periodic 412 adjacency protocol messages generated by the access node. 413 It is a constant for the duration of a GSMP session. The 414 timer is specified in units of 100ms. The value of this 415 object is persistent." 416 DEFVAL { 100 } 417 ::= { ancpAnSessionConfigEntry 7 } 419 ancpAnSessionConfigPortReportShaper OBJECT-TYPE 420 SYNTAX Unsigned32(1..255) 421 UNITS "deciseconds" 422 MAX-ACCESS read-create 423 STATUS current 424 DESCRIPTION 425 "The timer specifies the nominal time between 426 2 EventReport messages related to the same port. 427 It is a constant for the duration of a GSMP session. 428 The timer is specified in units of 100ms. The value 429 of this object is persistent." 430 DEFVAL { 10 } 431 ::= { ancpAnSessionConfigEntry 8 } 433 ancpAnSessionConfigAggregateReportShaper OBJECT-TYPE 434 SYNTAX Unsigned32(1..2550) 435 UNITS "centiseconds" 436 MAX-ACCESS read-create 437 STATUS current 438 DESCRIPTION 439 "The timer specifies the nominal time between 440 2 EventReport messages related to any port. 441 It is a constant for the duration of a GSMP session. 442 The timer is specified in units of 10ms. The value 443 of this object is persistent." 444 DEFVAL { 10 } 445 ::= { ancpAnSessionConfigEntry 9 } 447 ancpAnSessionConfigTransportRetryTimer OBJECT-TYPE 448 SYNTAX Unsigned32(0..255) 449 UNITS "deciseconds" 450 MAX-ACCESS read-create 451 STATUS current 452 DESCRIPTION 453 "The timer specifies the nominal time between 2 transport 454 connection setup attempts done by the access node. 455 The transport protocol is specified in 456 ancpAnSessionConfigEncapsulationType. 457 The timer is specified in units of 100ms. 458 A value 0 means that the access node will NOT 459 initiate nor setup the transport connection. The 460 value of this object is persistent." 461 DEFVAL { 10 } 462 ::= { ancpAnSessionConfigEntry 10 } 464 ancpAnSessionConfigGsmpRetryTimer OBJECT-TYPE 465 SYNTAX Unsigned32(0..255) 466 UNITS "deciseconds" 467 MAX-ACCESS read-create 468 STATUS current 469 DESCRIPTION 470 "The timer specifies the nominal time between 471 2 ANCP connection setup attempts. 472 The timer is specified in units of 100ms. 473 A value 0 means that the access node will NOT 474 spontaneously trigger an ANCP session. 475 Whatever the setting of this timer, the access 476 node shall always listen for ANCP session setup. 477 The value of this object is persistent." 478 DEFVAL { 10 } 479 ::= { ancpAnSessionConfigEntry 11 } 481 ancpAnSessionConfigAnName OBJECT-TYPE 482 SYNTAX GsmpNameType 483 MAX-ACCESS read-create 484 STATUS current 485 DESCRIPTION 486 "The name of the access node. The first three octets must 487 be an Organizationally Unique Identifier (OUI) that 488 identifies the manufacturer of the access node. This can 489 be (one of) the MAC address(es) of the access node on the 490 network side. 491 It may not change during the ANCP session. 492 When set to zero, the access node shall autonomously 493 decide on using the most appropriate MAC address of the 494 access node. Then the actually used access node name can 495 be read from ancpAnCurrentSessionAnName. 496 The value of this object is persistent." 497 DEFVAL { '000000000000'H } 498 ::= { ancpAnSessionConfigEntry 12 } 500 ancpAnSessionConfigPartitionId OBJECT-TYPE 501 SYNTAX GsmpPartitionIdType 502 MAX-ACCESS read-create 503 STATUS current 504 DESCRIPTION 505 "The Id for this session's specific access node partition. 506 The value of this object is persistent." 507 DEFVAL { '00'H } 508 ::= { ancpAnSessionConfigEntry 13 } 510 ancpAnSessionConfigWindowSize OBJECT-TYPE 511 SYNTAX Unsigned32(1..65535) 512 MAX-ACCESS read-create 513 STATUS current 514 DESCRIPTION 515 "The maximum number of unacknowledged request messages 516 that may be transmitted by the controller without the 517 possibility of loss. This field is used to prevent 518 request messages from being lost in the access node 519 because of overflow in the receive buffer. The field is 520 a hint to the controller. The value of this object is 521 persistent." 522 DEFVAL { 10 } 523 ::= { ancpAnSessionConfigEntry 14 } 525 ancpAnSessionConfigNasIpAddressType OBJECT-TYPE 526 SYNTAX InetAddressType 527 MAX-ACCESS read-create 528 STATUS current 529 DESCRIPTION 530 "The type of address in ancpAnSessionConfigNasIpAddress. 531 The value of this object is persistent." 532 ::= { ancpAnSessionConfigEntry 15 } 534 ancpAnSessionConfigNasIpAddress OBJECT-TYPE 535 SYNTAX InetAddress 536 MAX-ACCESS read-create 537 STATUS current 538 DESCRIPTION 539 "The IP address used for the ANCP session peer (NAS). 540 The value of this object is persistent." 541 ::= { ancpAnSessionConfigEntry 16 } 543 ancpAnSessionConfigEncapPortNumber OBJECT-TYPE 544 SYNTAX InetPortNumber 545 MAX-ACCESS read-create 546 STATUS current 547 DESCRIPTION 548 "The port number used for the transport protocol 549 establishment to the ANCP peer. The value of this 550 object is persistent." 551 DEFVAL { 6068 } 552 ::= { ancpAnSessionConfigEntry 17 } 554 ancpAnCurrentSessionTable OBJECT-TYPE 555 SYNTAX SEQUENCE OF AncpAnCurrentSessionEntry 556 MAX-ACCESS not-accessible 557 STATUS current 558 DESCRIPTION 559 "This table gives actual information of the sessions 560 in the access node. 561 A row in this table is created when the corresponding row 562 in the ancpAnSessionConfigTable is activated. 563 A row in this table is deleted when the corresponding row 564 in the ancpAnSessionConfigTable is deleted." 565 ::= { ancpAnObjects 3 } 567 ancpAnCurrentSessionEntry OBJECT-TYPE 568 SYNTAX AncpAnCurrentSessionEntry 569 MAX-ACCESS not-accessible 570 STATUS current 571 DESCRIPTION 572 "An entry in the table showing the data for a 573 specific actual session." 574 INDEX { ancpAnSessionConfigSessionId } 575 ::= { ancpAnCurrentSessionTable 1 } 577 AncpAnCurrentSessionEntry ::= SEQUENCE { 578 ancpAnCurrentSessionState INTEGER, 579 ancpAnCurrentSessionGsmpVersion GsmpVersion, 580 ancpAnCurrentSessionGsmpSubVersion GsmpSubVersion, 581 ancpAnCurrentSessionAnName GsmpNameType, 582 ancpAnCurrentSessionNasName GsmpNameType, 583 ancpAnCurrentSessionAnIpAddressType InetAddressType, 584 ancpAnCurrentSessionAnIpAddress InetAddress, 585 ancpAnCurrentSessionAnInstance Unsigned32, 586 ancpAnCurrentSessionNasInstance Unsigned32, 587 ancpAnCurrentSessionCapabilities AncpAnSessionCapabilities, 588 ancpAnCurrentSessionStartUptime TimeTicks, 589 ancpAnCurrentSessionDiscontinuityTime TimeTicks, 590 ancpAnCurrentSessionStatSentMessages ZeroBasedCounter32, 591 ancpAnCurrentSessionStatReceivedValidMessages ZeroBasedCounter32, 592 ancpAnCurrentSessionStatDiscardedMessages ZeroBasedCounter32 593 } 595 ancpAnCurrentSessionState OBJECT-TYPE 596 SYNTAX INTEGER { 597 null(1), 598 synsent(2), 599 synrcvd(3), 600 estab(4) 601 } 602 MAX-ACCESS read-only 603 STATUS current 604 DESCRIPTION 605 "The state of this session. 606 The null (1) state is returned if the proper 607 encapsulation data is not yet configured, if the row is 608 not in active status or if the session is in NULL state 609 as defined in the GSMP specification." 610 ::= { ancpAnCurrentSessionEntry 1 } 612 ancpAnCurrentSessionGsmpVersion OBJECT-TYPE 613 SYNTAX GsmpVersion 614 MAX-ACCESS read-only 615 STATUS current 616 DESCRIPTION 617 "The actual version number of the GSMP protocol that 618 is used in this session. 619 This object has value 0 if ancpAnCurrentSessionState is 620 not estab(4)." 621 ::= { ancpAnCurrentSessionEntry 2 } 623 ancpAnCurrentSessionGsmpSubVersion OBJECT-TYPE 624 SYNTAX GsmpSubVersion 625 MAX-ACCESS read-only 626 STATUS current 627 DESCRIPTION 628 "The actual subversion number of the GSMP protocol that 629 may be used in this session. 630 This object has value 0 if ancpAnCurrentSessionState is 631 not estab(4)." 632 ::= { ancpAnCurrentSessionEntry 3 } 634 ancpAnCurrentSessionAnName OBJECT-TYPE 635 SYNTAX GsmpNameType 636 MAX-ACCESS read-only 637 STATUS current 638 DESCRIPTION 639 "The name of the access node used in this session. 640 It should be the same as ancpAnSessionConfigAnName. 641 The value of this object is used as value for the 642 'Sender Name' field in the header of the ANCP messages 643 generated for this session by the AN." 644 ::= { ancpAnCurrentSessionEntry 4 } 646 ancpAnCurrentSessionNasName OBJECT-TYPE 647 SYNTAX GsmpNameType 648 MAX-ACCESS read-only 649 STATUS current 650 DESCRIPTION 651 "The name of the NAS as advertised in the adjacency 652 message. 653 The value of this object is set to the value of the 654 'Sender Name' field in the header of the ANCP messages 655 received on this session. This object has value 0 if 656 ancpAnCurrentSessionState is not estab(4)." 657 ::= { ancpAnCurrentSessionEntry 5 } 659 ancpAnCurrentSessionAnIpAddressType OBJECT-TYPE 660 SYNTAX InetAddressType 661 MAX-ACCESS read-only 662 STATUS current 663 DESCRIPTION 664 "The type of address in ancpAnCurrentSessionAnIpAddress." 665 ::= { ancpAnCurrentSessionEntry 6 } 667 ancpAnCurrentSessionAnIpAddress OBJECT-TYPE 668 SYNTAX InetAddress 669 MAX-ACCESS read-only 670 STATUS current 671 DESCRIPTION 672 "The IP address used for the access node." 673 ::= { ancpAnCurrentSessionEntry 7 } 675 ancpAnCurrentSessionAnInstance OBJECT-TYPE 676 SYNTAX Unsigned32(0..16777215) 677 MAX-ACCESS read-only 678 STATUS current 679 DESCRIPTION 680 "The instance number used by the access node during this 681 session. The Instance number is a 24-bit number 682 that should be guaranteed to be unique within 683 the recent past and to change when the link 684 or node comes back up after going down. Zero is 685 not a valid instance number. 686 This object has value 0 if ancpAnCurrentSessionState is 687 not estab(4)." 688 ::= { ancpAnCurrentSessionEntry 8 } 690 ancpAnCurrentSessionNasInstance OBJECT-TYPE 691 SYNTAX Unsigned32(0..16777215) 692 MAX-ACCESS read-only 693 STATUS current 694 DESCRIPTION 695 "The instance number used by the NAS during this 696 session. The Instance number is a 24-bit number 697 that should be guaranteed to be unique within 698 the recent past and to change when the link 699 or node comes back up after going down. 700 This object has value 0 if ancpAnCurrentSessionState is 701 not estab(4)." 702 ::= { ancpAnCurrentSessionEntry 9 } 704 ancpAnCurrentSessionCapabilities OBJECT-TYPE 705 SYNTAX AncpAnSessionCapabilities 706 MAX-ACCESS read-only 707 STATUS current 708 DESCRIPTION 709 "The common ANCP capabilities supported by the AN and 710 NAS in this session. 711 The object has the value 0 if no capabilities are 712 supported 713 or if ancpAnCurrentSessionState is not estab(4)." 714 ::= { ancpAnCurrentSessionEntry 10 } 716 ancpAnCurrentSessionStartUptime OBJECT-TYPE 717 SYNTAX TimeTicks 718 MAX-ACCESS read-only 719 STATUS current 720 DESCRIPTION 721 "The value of sysUpTime when the session came to 722 established state. 723 This object has value 0 if ancpAnCurrentSessionState is 724 not estab(4)." 725 ::= { ancpAnCurrentSessionEntry 11 } 727 ancpAnCurrentSessionDiscontinuityTime OBJECT-TYPE 728 SYNTAX TimeTicks 729 MAX-ACCESS read-only 730 STATUS current 731 DESCRIPTION 732 "The value of sysUpTime on the most recent occasion at 733 which session's counters suffered a discontinuity. 734 If no such discontinuities have occurred since then, 735 this object contains the same value as 736 ancpAnCurrentSessionStartUptime." 737 ::= { ancpAnCurrentSessionEntry 12 } 739 ancpAnCurrentSessionStatSentMessages OBJECT-TYPE 740 SYNTAX ZeroBasedCounter32 741 MAX-ACCESS read-only 742 STATUS current 743 DESCRIPTION 744 "The number of messages that have been sent in this session 745 by the access node. 746 All ANCP messages pertaining to this session after 747 the session came to established state shall 748 be counted, also including adjacency protocol messages 749 and failure response messages. 750 Discontinuities of this counter are indicated by 751 ancpAnCurrentSessionDiscontinuityTime." 752 ::= { ancpAnCurrentSessionEntry 13 } 754 ancpAnCurrentSessionStatReceivedValidMessages OBJECT-TYPE 755 SYNTAX ZeroBasedCounter32 756 MAX-ACCESS read-only 757 STATUS current 758 DESCRIPTION 759 "The number of messages that have been received and 760 processed in this session by the access node. 761 All ANCP messages pertaining to this session after 762 the session came to established state shall 763 be counted, also including adjacency protocol messages 764 and failure response messages. 765 Discontinuities of this counter are indicated by 766 ancpAnCurrentSessionDiscontinuityTime." 767 ::= { ancpAnCurrentSessionEntry 14 } 769 ancpAnCurrentSessionStatDiscardedMessages OBJECT-TYPE 770 SYNTAX ZeroBasedCounter32 771 MAX-ACCESS read-only 772 STATUS current 773 DESCRIPTION 774 "The number of messages that in this session have been 775 received and discarded for whatever reason by the access 776 node. 777 All ANCP messages pertaining to this session after 778 the session came to established state shall 779 be counted, also including adjacency protocol messages 780 and failure response messages. 781 Discontinuities of this counter are indicated by 782 ancpAnCurrentSessionDiscontinuityTime." 784 ::= { ancpAnCurrentSessionEntry 15 } 786 -- 787 -- Partitions 788 -- 790 ancpAnInterfaceDefaultPartitionId OBJECT-TYPE 791 SYNTAX GsmpPartitionIdType 792 MAX-ACCESS read-write 793 STATUS current 794 DESCRIPTION 795 "This object allows the manager control the default value 796 for the ancpAnInterfaceConfigPartitionId object in 797 ancpAnInterfaceConfigTable. The value of this object is 798 persistent." 799 DEFVAL { "0" } 800 ::= { ancpAnObjects 4 } 802 ancpAnInterfaceConfigTable OBJECT-TYPE 803 SYNTAX SEQUENCE OF AncpAnInterfaceConfigEntry 804 MAX-ACCESS not-accessible 805 STATUS current 806 DESCRIPTION 807 "This table configures the association of user facing 808 interfaces to ANCP partitions in the access node. 809 An entry in this table needs to be added by the agent 810 for each relevant user facing interface with the value 811 of ancpAnInterfaceConfigPartitionId set to 812 the value of ancpAnInterfaceDefaultPartitionId at the 813 time of the creation of the row. A relevant user facing 814 interface is created whenever a row is created in the 815 ifTable of the IF-MIB that can be controlled by ANCP. 816 When such an interface is deleted from the ifTable, the 817 corresponding row in this table has to be removed by the 818 agent. 819 A manager is allowed to change the value of 820 ancpAnInterfaceConfigPartitionId after the row has been 821 created." 822 ::= { ancpAnObjects 5 } 824 ancpAnInterfaceConfigEntry OBJECT-TYPE 825 SYNTAX AncpAnInterfaceConfigEntry 826 MAX-ACCESS not-accessible 827 STATUS current 828 DESCRIPTION 829 "An entry in the table showing the partition id for a 830 specific user facing interface" 831 INDEX { ifIndex } 832 ::= { ancpAnInterfaceConfigTable 1 } 834 AncpAnInterfaceConfigEntry ::= SEQUENCE { 835 ancpAnInterfaceConfigPartitionId GsmpPartitionIdType 836 } 838 ancpAnInterfaceConfigPartitionId OBJECT-TYPE 839 SYNTAX GsmpPartitionIdType 840 MAX-ACCESS read-write 841 STATUS current 842 DESCRIPTION 843 "A partition Id associated with the related ifIndex. 844 Upon creation of the row, the value is set to 845 ancpAnInterfaceDefaultPartitionId. The value of this 846 object is persistent." 847 ::= { ancpAnInterfaceConfigEntry 1 } 849 -- 850 -- Notifications 851 -- 853 ancpSessionDown NOTIFICATION-TYPE 854 OBJECTS { 855 ancpAnCurrentSessionAnIpAddressType, 856 ancpAnCurrentSessionAnIpAddress, 857 ancpAnSessionConfigNasIpAddressType, 858 ancpAnSessionConfigNasIpAddress, 859 ancpAnCurrentSessionAnInstance, 860 ancpAnCurrentSessionNasInstance, 861 ancpAnCurrentSessionStartUptime, 862 ancpAnCurrentSessionStatSentMessages, 863 ancpAnCurrentSessionStatReceivedValidMessages, 864 ancpAnCurrentSessionStatDiscardedMessages 865 } 866 STATUS current 867 DESCRIPTION 868 "This notification is generated whenever an ANCP session 869 goes down. A session can go down for several reasons: 870 1) The ANCP session can be deleted by a manager from the 871 ancpAnSessionConfigTable, and hence it will also be 872 removed from the ancpAnCurrentSessionTable. 873 2) The session can go operational down due to some 874 malfunction in the network, the AN, or the NAS. In 875 this case, the ANCP session will be still in the 876 ancpAnSessionConfigTable and ancpAnCurrentSessionTable, 877 but the ancpAnCurrentSessionState moves from the estab 878 state to another state." 880 ::= { ancpNotifications 1 } 882 ancpSessionUp NOTIFICATION-TYPE 883 OBJECTS { 884 ancpAnCurrentSessionAnInstance 885 } 886 STATUS current 887 DESCRIPTION 888 "This notification is generated when an ANCP session enters 889 the estab state as given by ancpAnCurrentSessionState. 890 Since ancpAnCurrentSessionAnInstance identifies the ANCP 891 session uniquely the other attributes can be derived from 892 this attribute." 893 ::= { ancpNotifications 2 } 895 -- 896 -- ANCP AN Compliance 897 -- 899 ancpAnGroups OBJECT IDENTIFIER ::= { ancpAnConformance 1 } 900 ancpAnCompliances OBJECT IDENTIFIER ::= { ancpAnConformance 2 } 902 ancpAnModuleCompliance MODULE-COMPLIANCE 903 STATUS current 904 DESCRIPTION 905 "The compliance statement for agents that support 906 the ANCP MIB module for access nodes." 907 MODULE -- this module 908 MANDATORY-GROUPS { 909 ancpAnConfigGroup, 910 ancpAnCurrentGroup, 911 ancpAnInterfaceGroup, 912 ancpAnNotificationsGroup 913 } 914 ::= { ancpAnCompliances 1 } 916 -- units of conformance 918 ancpAnConfigGroup OBJECT-GROUP 919 OBJECTS { 920 ancpAnNextSessionId, 921 ancpAnSessionConfigRowStatus, 922 ancpAnSessionConfigGsmpVersion, 923 ancpAnSessionConfigGsmpSubVersion, 924 ancpAnSessionConfigEncapsulationType, 925 ancpAnSessionConfigCapabilities, 926 ancpAnSessionConfigAliveTimer, 927 ancpAnSessionConfigPortReportShaper, 928 ancpAnSessionConfigAggregateReportShaper, 929 ancpAnSessionConfigTransportRetryTimer, 930 ancpAnSessionConfigGsmpRetryTimer, 931 ancpAnSessionConfigAnName, 932 ancpAnSessionConfigPartitionId, 933 ancpAnSessionConfigWindowSize, 934 ancpAnSessionConfigNasIpAddressType, 935 ancpAnSessionConfigNasIpAddress, 936 ancpAnSessionConfigEncapPortNumber 937 } 938 STATUS current 939 DESCRIPTION 940 "These objects apply to the configuration of ANCP 941 sessions in access nodes." 942 ::= { ancpAnGroups 1 } 944 ancpAnCurrentGroup OBJECT-GROUP 945 OBJECTS { 946 ancpAnCurrentSessionState, 947 ancpAnCurrentSessionGsmpVersion, 948 ancpAnCurrentSessionGsmpSubVersion, 949 ancpAnCurrentSessionAnName, 950 ancpAnCurrentSessionNasName, 951 ancpAnCurrentSessionAnIpAddressType, 952 ancpAnCurrentSessionAnIpAddress, 953 ancpAnCurrentSessionAnInstance, 954 ancpAnCurrentSessionNasInstance, 955 ancpAnCurrentSessionCapabilities, 956 ancpAnCurrentSessionStartUptime, 957 ancpAnCurrentSessionDiscontinuityTime, 958 ancpAnCurrentSessionStatSentMessages, 959 ancpAnCurrentSessionStatReceivedValidMessages, 960 ancpAnCurrentSessionStatDiscardedMessages 961 } 962 STATUS current 963 DESCRIPTION 964 "These objects show the operational state of all ANCP 965 sessions configured in the access node." 966 ::= { ancpAnGroups 2 } 968 ancpAnInterfaceGroup OBJECT-GROUP 969 OBJECTS { 970 ancpAnInterfaceDefaultPartitionId, 971 ancpAnInterfaceConfigPartitionId 972 } 973 STATUS current 974 DESCRIPTION 975 "These objects are used to assign user facing interface to 976 partitions." 977 ::= { ancpAnGroups 3 } 979 ancpAnNotificationsGroup NOTIFICATION-GROUP 980 NOTIFICATIONS { 981 ancpSessionDown, 982 ancpSessionUp 983 } 984 STATUS current 985 DESCRIPTION 986 "These notifications inform management stations about 987 changes in the state of ANCP sessions." 988 ::= { ancpAnGroups 4 } 990 END 992 7. Security Considerations 994 There are a number of management objects defined in this MIB module 995 with a MAX-ACCESS clause of read-write and/or read-create. Such 996 objects may be considered sensitive or vulnerable in some network 997 environments. The support for SET operations in a non-secure 998 environment without proper protection can have a negative effect on 999 network operations. This is the table and these are the objects and 1000 their sensitivity/vulnerability: 1002 o ancpAnSessionConfigTable 1004 The table consists of the following objects that support SET 1005 operations: 1007 * ancpAnSessionConfigRowStatus 1008 * ancpAnSessionConfigGsmpVersion 1009 * ancpAnSessionConfigGsmpSubVersion 1010 * ancpAnSessionConfigEncapsulationType 1011 * ancpAnSessionConfigCapabilities 1012 * ancpAnSessionConfigAliveTimer 1013 * ancpAnSessionConfigPortReportShaper 1014 * ancpAnSessionConfigAggregateReportShaper 1015 * ancpAnSessionConfigTransportRetryTimer 1016 * ancpAnSessionConfigGsmpRetryTimer 1017 * ancpAnSessionConfigAnName 1018 * ancpAnSessionConfigPartitionId 1019 * ancpAnSessionConfigWindowSize 1020 * ancpAnSessionConfigNasIpAddressType 1021 * ancpAnSessionConfigNasIpAddress 1022 * ancpAnSessionConfigEncapPortNumber 1024 Unauthorized changes to ancpAnSessionConfigRowStatus could result 1025 in session being created or brought into service prematurely; or 1026 could result in session being inadvertently deleted or taken out 1027 of service. 1029 Unauthorized changes to ancpAnSessionConfigGsmpVersion or 1030 ancpAnSessionConfigGsmpSubVersion could have an adverse 1031 operational effect by limiting the GSMP version to be used in the 1032 context of this session or enabling a GSMP version number that is 1033 actually unsupported by the access node. 1035 Unauthorized changes to ancpAnSessionConfigEncapsulationType could 1036 have an adverse operational effect by configuring the session to 1037 use an undesired or even unsupported protocol. 1039 Unauthorized changes to ancpAnSessionConfigCapabilities could have 1040 an adverse operational effect by disabling certain ANCP 1041 capabilities that the operator assumed that are enabled, or enable 1042 a capability that the operator would not like to activate. 1044 Unauthorized changes to ancpAnSessionConfigAliveTimer could have 1045 an adverse operational effect by increasing the frequency of 1046 adjacency protocol messages generated by the access node and 1047 leading to an overload of such messages. Decreasing the frequency 1048 of such messages may harm the synchronization between the access 1049 node and the NAS. 1051 Unauthorized changes to ancpAnSessionConfigPortReportShaper or 1052 ancpAnSessionConfigAggregateReportShaper could have an adverse 1053 operational effect by increasing the frequency of Event Report 1054 messages generated by the access node and leading to an overload 1055 of such messages. Decreasing the frequency of such messages may 1056 delay the responsivness of the system to events associated with 1057 one or more ports. 1059 Unauthorized changes to ancpAnSessionConfigTransportRetryTimer 1060 could have an adverse operational effect by increasing the 1061 frequency of transport connection setup attempts initiated by the 1062 access node or even unexpectedly enabling the access node to 1063 initiate the transport connection setup when that supposed to be 1064 disabled. Alternatively, when the operator basically planned 1065 transport connection setup attempts by the access node 1066 unauthorized changes to the attribute may cause unexpected low 1067 frequency of such attepts or unexpectedly disable those attempts. 1069 Unauthorized changes to ancpAnSessionConfigGsmpRetryTimer could 1070 have an adverse operational effect by increasing the frequency of 1071 ANCP onnection setup attempts initiated by the access node or even 1072 unexpectedly enabling the access node to initiate the ANCP 1073 connection setup when that supposed to be disabled. 1074 Alternatively, when the operator basically planned ANCP connection 1075 setup attempts by the access node unauthorized changes to the 1076 attribute may cause unexpected low frequency of such attepts or 1077 unexpectedly disable those attempts. 1079 Unauthorized changes to ancpAnSessionConfigAnName could confuse 1080 the NAS, e.g., by detecting the same name from multiple access 1081 nodes. This may also override the operator's will to allow/avoid 1082 the access node to autonomously determine its name. 1084 Unauthorized changes to ancpAnSessionConfigPartitionId could mean 1085 that partitions are used when actually they are not, or vice 1086 versa. It could also al least specify a different partition ID 1087 than the one actually associated with the session. 1089 Unauthorized changes to ancpAnSessionConfigWindowSize are not 1090 directly harmfull. However, if the controller adopts the 1091 suggested wrong window size it may either cause the controller to 1092 send too many messages in a window or unnecessarily limit itself 1093 and that could reduce the system performance. 1095 Unauthorized changes to ancpAnSessionConfigNasIpAddressType and/or 1096 ancpAnSessionConfigNasIpAddress and/or 1097 ancpAnSessionConfigEncapPortNumber could produce a wrong address 1098 type (interpretation) and/or IP address for the NAS and/or specify 1099 a wrong transport protocol port number for the session, 1100 respectively. 1102 Some of the readable objects in this MIB module (i.e., objects with a 1103 MAX-ACCESS other than not-accessible) may be considered sensitive or 1104 vulnerable in some network environments. It is thus important to 1105 control even GET and/or NOTIFY access to these objects and possibly 1106 to even encrypt the values of these objects when sending them over 1107 the network via SNMP. This is the table and these are the objects 1108 and their sensitivity/vulnerability: 1110 o ancpAnCurrentSessionTable 1112 Access to these objects would allow an intruder to obtain 1113 information about which vendor's equipment is in use on the 1114 network. Further, such information is considered sensitive in 1115 many environments for competitive reasons. 1117 * ancpAnCurrentSessionState 1118 * ancpAnCurrentSessionGsmpVersion 1119 * ancpAnCurrentSessionGsmpSubVersion 1120 * ancpAnCurrentSessionAnName 1121 * ancpAnCurrentSessionNasName 1122 * ancpAnCurrentSessionAnIpAddressType 1123 * ancpAnCurrentSessionAnIpAddress 1124 * ancpAnCurrentSessionAnInstance 1125 * ancpAnCurrentSessionNasInstance 1126 * ancpAnCurrentSessionCapabilities 1127 * ancpAnCurrentSessionStartUptime 1128 * ancpAnCurrentSessionDiscontinuityTime 1129 * ancpAnCurrentSessionStatSentMessages 1130 * ancpAnCurrentSessionStatReceivedValidMessages 1131 * ancpAnCurrentSessionStatDiscardedMessages 1133 SNMP versions prior to SNMPv3 did not include adequate security. 1134 Even if the network itself is secure (for example by using IPsec), 1135 even then, there is no control as to who on the secure network is 1136 allowed to access and GET/SET (read/change/create/delete) the objects 1137 in this MIB module. 1139 It is RECOMMENDED that implementers consider the security features as 1140 provided by the SNMPv3 framework (see [RFC3410], Section 8), 1141 including full support for the SNMPv3 cryptographic mechanisms (for 1142 authentication and privacy). 1144 Further, deployment of SNMP versions prior to SNMPv3 is NOT 1145 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 1146 enable cryptographic security. It is then a customer/operator 1147 responsibility to ensure that the SNMP entity giving access to an 1148 instance of this MIB module is properly configured to give access to 1149 the objects only to those principals (users) that have legitimate 1150 rights to indeed GET or SET (change/create/delete) them. 1152 8. IANA considerations 1154 IANA is requested to assign an OID xxx under mib-2. 1156 9. Acknowledgements 1158 The authors would like to thank Paul Reynders and Bert Wijnen for 1159 their feedback. 1161 10. References 1163 10.1. Normative References 1165 [ANCPFW] Ooghe, S., Voigt, N., Platnic, M., Haag, T., and S. 1166 Wadhwa, "Framework and Requirements for an Access Node 1167 Control Mechanism in Broadband Multi-Service Networks", 1168 draft-ietf-ancp-framework-01.txt, work in progress, 1169 February 2007. 1171 [ANCPPR] Wadhwa, S., Moisand, J., Subramanian, S., Haag, T., and N. 1172 Voigt, "GSMP extensions for layer2 control (L2C) Topology 1173 Discovery and Line Configuration", 1174 draft-wadhwa-gsmp-l2control- configuration-01.txt, work in 1175 progress, March 2006. 1177 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1178 Requirement Levels", BCP 14, RFC 2119, March 1997. 1180 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1181 Schoenwaelder, Ed., "Structure of Management Information 1182 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. 1184 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1185 Schoenwaelder, Ed., "Textual Conventions for SMIv2", 1186 STD 58, RFC 2579, April 1999. 1188 [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 1189 "Conformance Statements for SMIv2", STD 58, RFC 2580, 1190 April 1999. 1192 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group 1193 MIB", RFC 2863, June 2000. 1195 [RFC3292] Doria, A., Hellstrand, F., Sundell, K., and T. Worster, 1196 "General Switch Management Protocol (GSMP) V3", RFC 3292, 1197 June 2002. 1199 [RFC3295] Sjostrand, H., Buerkle, J., and B. Srinivasan, 1200 "Definitions of Managed Objects for the General Switch 1201 Management Protocol (GSMP)", RFC 3295, June 2002. 1203 [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. 1204 Schoenwaelder, "Textual Conventions for Internet Network 1205 Addresses", RFC 4001, February 2005. 1207 [RFC4502] Waldbusser, S., "Remote Network Monitoring Management 1208 Information Base Version 2", RFC 4502, May 2006. 1210 10.2. Informative References 1212 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 1213 "Introduction and Applicability Statements for Internet- 1214 Standard Management Framework", RFC 3410, December 2002. 1216 Authors' Addresses 1218 Stefaan De Cnodder 1219 Alcatel-Lucent 1220 Copernicuslaan 50 1221 B-2018 Antwerp 1222 Belgium 1224 Phone: +32 3 240 85 15 1225 Email: stefaan.de_cnodder@alcatel- lucent.be 1227 Moti Morgenstern 1228 ECI Telecom Ltd. 1229 30 Hasivim St. 1230 Petach Tikva 49517 1231 Israel 1233 Phone: +972 3 926 6258 1234 Fax: +972 3 928 7342 1235 Email: moti.Morgenstern@ecitele.com 1237 Full Copyright Statement 1239 Copyright (C) The IETF Trust (2007). 1241 This document is subject to the rights, licenses and restrictions 1242 contained in BCP 78, and except as set forth therein, the authors 1243 retain all their rights. 1245 This document and the information contained herein are provided on an 1246 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 1247 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND 1248 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS 1249 OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF 1250 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 1251 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 1253 Intellectual Property 1255 The IETF takes no position regarding the validity or scope of any 1256 Intellectual Property Rights or other rights that might be claimed to 1257 pertain to the implementation or use of the technology described in 1258 this document or the extent to which any license under such rights 1259 might or might not be available; nor does it represent that it has 1260 made any independent effort to identify any such rights. Information 1261 on the procedures with respect to rights in RFC documents can be 1262 found in BCP 78 and BCP 79. 1264 Copies of IPR disclosures made to the IETF Secretariat and any 1265 assurances of licenses to be made available, or the result of an 1266 attempt made to obtain a general license or permission for the use of 1267 such proprietary rights by implementers or users of this 1268 specification can be obtained from the IETF on-line IPR repository at 1269 http://www.ietf.org/ipr. 1271 The IETF invites any interested party to bring to its attention any 1272 copyrights, patents or patent applications, or other proprietary 1273 rights that may cover technology that may be required to implement 1274 this standard. Please address the information to the IETF at 1275 ietf-ipr@ietf.org. 1277 Acknowledgment 1279 Funding for the RFC Editor function is provided by the IETF 1280 Administrative Support Activity (IASA).