idnits 2.17.1 draft-dhody-pce-pcep-pathkey-mib-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 860: '... It is RECOMMENDED that implementers...' RFC 2119 keyword, line 866: '... RECOMMENDED. Instead, it is RECOMM...' Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (February 22, 2012) is 4446 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 1 error (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 PCE Working Group D. Dhody 3 Internet-Draft U. Palle 4 Intended status: Standards Track Q. Zhao 5 Expires: August 25, 2012 Huawei Technology 6 D. King 7 Old Dog Consulting 8 February 22, 2012 10 Management Information Base (MIB) for the PCE Communications Protocol 11 (PCEP) for Path-Key based Confidentiality in Inter-Domain Path 12 Computation. 13 draft-dhody-pce-pcep-pathkey-mib-03 15 Abstract 17 This memo defines an experimental portion of the Management 18 Information Base for use with network management protocols in the 19 Internet community. In particular, it describes managed objects for 20 modeling of the Path Computation Element communication Protocol 21 (PCEP)for communications between a Path Computation Client (PCC)and a 22 Path Computation Element (PCE), or between two PCEs when path-key- 23 based confidentiality in inter-domain path computation is requested. 25 Status of This Memo 27 This Internet-Draft is submitted in full conformance with the 28 provisions of BCP 78 and BCP 79. 30 Internet-Drafts are working documents of the Internet Engineering 31 Task Force (IETF). Note that other groups may also distribute 32 working documents as Internet-Drafts. The list of current Internet- 33 Drafts is at http://datatracker.ietf.org/drafts/current/. 35 Internet-Drafts are draft documents valid for a maximum of six months 36 and may be updated, replaced, or obsoleted by other documents at any 37 time. It is inappropriate to use Internet-Drafts as reference 38 material or to cite them other than as "work in progress." 40 This Internet-Draft will expire on August 25, 2012. 42 Copyright Notice 44 Copyright (c) 2012 IETF Trust and the persons identified as the 45 document authors. All rights reserved. 47 This document is subject to BCP 78 and the IETF Trust's Legal 48 Provisions Relating to IETF Documents 49 (http://trustee.ietf.org/license-info) in effect on the date of 50 publication of this document. Please review these documents 51 carefully, as they describe your rights and restrictions with respect 52 to this document. Code Components extracted from this document must 53 include Simplified BSD License text as described in Section 4.e of 54 the Trust Legal Provisions and are provided without warranty as 55 described in the Simplified BSD License. 57 Table of Contents 59 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 60 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 61 3. The Internet-Standard Management Framework . . . . . . . . . . 4 62 4. PCEP Pathkey MIB Module Architecture . . . . . . . . . . . . . 4 63 5. Example of the PCEP PathKey MIB module usage . . . . . . . . . 4 64 6. Object definitions . . . . . . . . . . . . . . . . . . . . . . 5 65 6.1. PCE-PCEP-PATHKEY-DRAFT-MIB . . . . . . . . . . . . . . . . 5 66 6.2. Objects for inclusion in module PCE-PCEP-DRAFT-MIB . . . . 19 67 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 20 68 8. Security Considerations . . . . . . . . . . . . . . . . . . . 20 69 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 21 70 9.1. Normative References . . . . . . . . . . . . . . . . . . . 21 71 9.2. Informative References . . . . . . . . . . . . . . . . . . 22 73 1. Introduction 75 The Path Computation Element (PCE) defined in [RFC4655] is an entity 76 that is capable of computing a network path or route based on a 77 network graph, and applying computational constraints. A Path 78 Computation Client (PCC) may make requests to a PCE for paths to be 79 computed. 81 The PCE communication protocol (PCEP) is designed as a communication 82 protocol between PCCs and PCEs for point-to-point (P2P) path 83 computations and is defined in [RFC5440]. 85 If confidentiality is required between domains, Path-Key-Based 86 mechanism is described in [RFC5520]. For preserving the 87 confidentiality of the "Confidential Path Segment (CPS)"; the PCE 88 returns a path containing a loose hop in place of the segment that 89 must be kept confidential. 91 [PCE-PCEP-DRAFT-MIB] defines a portion of the Management Information 92 Base (MIB) for use with network management protocols in the Internet 93 community for P2P path computations. 95 This memo defines an experimental portion of the Management 96 Information Base for use with network management protocols in the 97 Internet community. In particular, it describes managed objects for 98 modeling of Path Computation Element communication Protocol 99 (PCEP)[RFC5440] for communications between a Path Computation Client 100 (PCC)and a Path Computation Element (PCE), or between two PCEs in 101 path-key-based confidentiality in inter-domain path computations. 103 Some objects maybe moved to [PCE-PCEP-DRAFT-MIB] after consensus with 104 the authors and working group, these are defined in Section 6.2. 106 2. Terminology 108 The following terminology is used in this document. 110 CPS: Confidential Path Segment. A segment of a path that contains 111 nodes and links that the AS policy requires to not be disclosed 112 outside the AS. 114 Domain: Any collection of network elements within a common sphere of 115 address management or path computational responsibility. Examples 116 of domains include Interior Gateway Protocol (IGP) areas and 117 Autonomous Systems (ASs). 119 IGP: Interior Gateway Protocol. Either of the two routing 120 protocols, Open Shortest Path First (OSPF) or Intermediate System 121 to Intermediate System (IS-IS). 123 Path-Key: A Key used to replace or retreieve the Confidential Path 124 Segment (CPS). 126 PCC: Path Computation Client: any client application requesting a 127 path computation to be performed by a Path Computation Element. 129 PCE: Path Computation Element. An entity (component, application, 130 or network node) that is capable of computing a network path or 131 route based on a network graph and applying computational 132 constraints. 134 P2P: Point-to-Point 136 3. The Internet-Standard Management Framework 138 For a detailed overview of the documents that describe the current 139 Internet-Standard Management Framework, please refer to section 7 of 140 [RFC3410]. 142 Managed objects are accessed via a virtual information store, termed 143 the Management Information Base or MIB. MIB objects are generally 144 accessed through the Simple Network Management Protocol (SNMP). 145 Objects in the MIB are defined using the mechanisms defined in the 146 Structure of Management Information (SMI). This memo specifies a MIB 147 module that is compliant to the SMIv2, which is described in STD 58, 148 RFC 2578 [RFC2578] and STD 58, RFC 2580 [RFC2580]. 150 4. PCEP Pathkey MIB Module Architecture 152 The PCEP Pathkey MIB will contain the following information: 154 o PCEP Pathkey counters, timers and configurations 156 o PCEP Pathkey table of CPS related information. 158 5. Example of the PCEP PathKey MIB module usage 160 In this section we provide an example (pcePcepPathKeyTable 1) of 161 using the MIB objects described in Section 6 to monitor. While this 162 example is not meant to illustrate every permutation of the MIB, it 163 is intended as an aid to understanding some of the key concepts. It 164 is meant to be read after going through the MIB itself. 166 pcePcepPathKeyTable 1 of the PCE-PCEP-PATHKEY-DRAFT-MIB module : 167 { 168 pcePcepPathKey (4512), 169 pcePcepPathKeyCPSIndex (1), 170 pcePcepPathKeyRequestSource (x.x.x.x), 171 pcePcepPathKeyRequestId (10), 172 pcePcepPathKeyRetrieved (1), 173 pcePcepPathKeyRetrieveSource (y.y.y.y), 174 pcePcepPathKeyDiscardTime (10), 175 pcePcepPathKeyReuseTime (30) 176 } 178 pcePcepPathKeyHopTable 1 of the PCE-PCEP-PATHKEY-DRAFT-MIB module : 179 { 180 pcePcepPathKeyHopListIndex 1, 181 pcePcepPathKeyHopIndex 1, 182 pcePcepPathKeyHopAddrType ipv4 (1), 183 pcePcepPathKeyHopIpAddr "192.168.100.1", 184 pcePcepPathKeyHopIpPrefixLen 32, 185 pcePcepPathKeyHopType strict (2) 186 } 187 { 188 pcePcepPathKeyHopListIndex 1, 189 pcePcepPathKeyHopIndex 2, 190 pcePcepPathKeyHopAddrType ipv4 (1), 191 pcePcepPathKeyHopIpAddr "192.168.100.2", 192 pcePcepPathKeyHopIpPrefixLen 32, 193 pcePcepPathKeyHopType strict (2) 194 } 196 6. Object definitions 198 6.1. PCE-PCEP-PATHKEY-DRAFT-MIB 200 This MIB module makes references to the following documents. 202 [RFC2578], [RFC2580], [RFC3411], [RFC2863], [RFC3813]. 204 PCE-PCEP-PATHKEY-DRAFT-MIB DEFINITIONS ::= BEGIN 206 IMPORTS 207 MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, 208 Unsigned32, 209 Counter32, 210 OCTET STRING, 211 experimental 212 FROM SNMPv2-SMI -- [RFC2578] 214 TimeStamp 215 FROM SNMPv2-TC -- [RFC2579] 217 PcePcepIdentifier, 218 FROM PCE-TC-STD-MIB 220 MplsLSPID, MplsPathIndex, TeHopAddressType, 221 TeHopAddress, TeHopAddressUnnum 222 FROM MPLS-TC-STD-MIB -- [RFC3811] 224 MODULE-COMPLIANCE, 225 OBJECT-GROUP, 226 NOTIFICATION-GROUP 227 FROM SNMPv2-CONF; -- [RFC2580] 229 pcePcepPathkeyDraftMIB MODULE-IDENTITY 230 LAST-UPDATED "201202221200Z" -- Feb 22, 2012 231 ORGANIZATION "Path Computation Element (PCE) Working Group" 232 CONTACT-INFO " 234 Dhruv Dhody 235 Udayasree Palle 236 Quintin Zhao 237 Huawei Technology 238 Daniel King 239 OldDog Consulting 241 EMail: dhruv.dhody@huawei.com 242 EMail: udayasree.palle@huawei.com 243 EMail: quintin.zhao@huawei.com 244 EMail: daniel@oldog.co.uk 245 EMail comments directly to the PCE WG Mailing List at pce@ietf.org 246 WG-URL: http://www.ietf.org/html.charters/pce-charter.html 247 " 249 DESCRIPTION 250 "This MIB module defines a collection of objects for managing PCE 251 communication protocol(PCEP) for Path-Key-Based Inter-Domain Path 252 Computation" 254 -- Revision history 255 REVISION 256 "201202221200Z" -- 22 Feb 2012 12:00:00 EST 257 DESCRIPTION 258 " 259 Main Changes from -02 draft : 260 1. Editorial Changes. 261 2. Updated Contact Information. 263 REVISION 264 "201109051200Z" -- 05 Sept 2011 12:00:00 EST 265 DESCRIPTION 266 " 267 Main Changes from -01 draft : 268 1. Added pcePcepPathKeyCPSIndex. 269 2. Added pcePcepPathKeyHopListIndex. 270 3. Removed pcePcepPathKeyHopNum. 271 4. Updated Contact Information. 273 REVISION 274 "201103081200Z" -- 08 Mar 2011 12:00:00 EST 275 DESCRIPTION 276 " 277 Main Changes from -00 draft : 278 1. Added HopTable to store the CPS hops. 279 2. Added Path Key Creation Time. 281 REVISION 282 "201009171200Z" -- 17 Sep 2010 12:00:00 EST 283 DESCRIPTION 285 "draft-00 version" 286 ::= { experimental 9999 } -- 288 -- Notifications -- 290 pcePcepPathKeyNotifications OBJECT IDENTIFIER ::= 291 { pcePcepPathKeyDraftMIB 0 } 293 pcePcepPathKeyMIBObjects OBJECT IDENTIFIER ::= 294 { pcePcepPathKeyDraftMIB 1 } 295 pcePcepPathKeyConformance OBJECT IDENTIFIER ::= 296 { pcePcepPathKeyDraftMIB 2 } 298 pcePcepPathKeyObjects OBJECT IDENTIFIER ::= 299 { pcePcepPathKeyMIBObjects 1 } 301 -- 303 -- PCE Pathkey Objects 305 -- 307 pcePcepPathKeyDiscardTimer OBJECT-TYPE 308 SYNTAX Unsigned32 309 UNITS "minutes" 310 MAX-ACCESS read-write 311 STATUS mandatory 312 DESCRIPTION 313 "The value which indicates a period of time after the 314 expiration of which a PCE discard unwanted path-keys." 315 ::= { pcePcepPathKeyObjects 1 } 317 pcePcepPathKeyReUseTimer OBJECT-TYPE 318 SYNTAX Unsigned32 319 UNITS "minutes" 320 MAX-ACCESS read-write 321 STATUS mandatory 322 DESCRIPTION 323 "The value which indicates a period of time which 324 should expire before an old path-key could be 325 reused for a new CPS." 326 ::= { pcePcepPathKeyObjects 2 } 328 pcePcepPathKeyRetainStatus OBJECT-TYPE 329 SYNTAX INTEGER { 330 enabled(1), 331 disabled(2) 332 } 333 MAX-ACCESS read-write 334 STATUS optional 335 DESCRIPTION 336 "The path-key retain status of this PCE to retain the 337 path-key and CPS for debugging purposes." 338 ::= { pcePcepPathKeyObjects 3 } 340 pcePcepPathKeysGenerated OBJECT-TYPE 341 SYNTAX Counter32 342 MAX-ACCESS read-only 343 STATUS mandatory 344 DESCRIPTION 345 "The number of path-keys generated by this PCE." 346 ::= { pcePcepPathKeyObjects 4 } 348 pcePcepPathKeyExpandUnknown OBJECT-TYPE 349 SYNTAX Counter32 350 MAX-ACCESS read-only 351 STATUS mandatory 352 DESCRIPTION 353 "The number of attempts to expand an unknown 354 path-key." 355 ::= { pcePcepPathKeyObjects 5 } 357 pcePcepPathKeyExpandExpired OBJECT-TYPE 358 SYNTAX Counter32 359 MAX-ACCESS read-only 360 STATUS mandatory 361 DESCRIPTION 362 "The number of attempts to expand an expired 363 path-key." 364 ::= { pcePcepPathKeyObjects 6 } 366 pcePcepPathKeyExpandSame OBJECT-TYPE 367 SYNTAX Counter32 368 MAX-ACCESS read-only 369 STATUS optional 370 DESCRIPTION 371 "The number of attempts to expand the same 372 path-key." 373 ::= { pcePcepPathKeyObjects 7 } 375 pcePcepPathKeyExpiredNoExpansion OBJECT-TYPE 376 SYNTAX Counter32 377 MAX-ACCESS read-only 378 STATUS optional 379 DESCRIPTION 380 "The number of path-keys expired without any attempt 381 to expand it." 382 ::= { pcePcepPathKeyObjects 8 } 384 pcePcepPathKeyExpansionSuccess OBJECT-TYPE 385 SYNTAX Counter32 386 MAX-ACCESS read-only 387 STATUS optional 388 DESCRIPTION 389 "The number of path-key expansion requests (PCReq) 390 which had successful retrieval." 391 ::= { pcePcepPathKeyObjects 9 } 393 pcePcepPathKeyExpansionFailures OBJECT-TYPE 394 SYNTAX Counter32 395 MAX-ACCESS read-only 396 STATUS optional 397 DESCRIPTION 398 "The number of path-key expansion requests (PCReq) 399 which had failed retrieval." 400 ::= { pcePcepPathKeyObjects 10 } 402 pcePcepPathKeyConfig OBJECT-TYPE 403 SYNTAX INTEGER { 404 enabled(1), 405 disabled(2) 406 } 407 MAX-ACCESS read-write 408 STATUS mandatory 409 DESCRIPTION 410 "The path-key based inter domain computation 411 configuration." 412 ::= { pcePcepPathKeyObjects 11 } 414 pcePcepPathKeyTable OBJECT-TYPE 415 SYNTAX SEQUENCE OF pcePcepPathKeyEntry 416 MAX-ACCESS not-accessible 417 STATUS current 418 DESCRIPTION 419 "This table contains information about the 420 Pathkey CPS of PCE." 421 ::= { pcePcepPathKeyObjects 12 } 423 pcePcepPathKeyEntry OBJECT-TYPE 424 SYNTAX pcePcepPathKeyEntry 425 MAX-ACCESS not-accessible 426 STATUS current 427 DESCRIPTION 428 "An entry in this table represents a path-key and CPS. 429 An entry is only created when a path-key generated by 430 PCE during inter-domain computation." 432 INDEX { pcePcepPathKey } 434 ::= { pcePcepPathKeyTable 1 } 436 pcePcepPathKeyEntry ::= SEQUENCE { 437 pcePcepPathKey Unsigned32, 438 pcePcepPathKeyCPSIndex MplsPathIndex, 439 pcePcepPathKeyRequestSource PcePcepIdentifier, 440 pcePcepPathKeyRequestId Unsigned32, 441 pcePcepPathKeyRetrieved INTEGER, 442 pcePcepPathKeyRetrieveSource PcePcepIdentifier, 443 pcePcepPathKeyCreationTime TimeStamp, 444 pcePcepPathKeyDiscardTime Unsigned32, 445 pcePcepPathKeyReuseTime Unsigned32, 446 } 448 pcePcepPathKey OBJECT-TYPE 449 SYNTAX Unsigned32 450 MAX-ACCESS read-only 451 STATUS mandatory 452 DESCRIPTION 453 "The path-key value to identify a CPS." 454 ::= { pcePcepPathKeyEntry 1 } 456 pcePcepPathKeyCPSIndex OBJECT-TYPE 457 SYNTAX MplsPathIndex 458 MAX-ACCESS read-only 459 STATUS mandatory 460 DESCRIPTION 461 "The HopList index of the CPS. This index 462 is used to expand Hops in 463 pcePcepPathKeyHopTable." 464 ::= { pcePcepPathKeyEntry 2 } 466 pcePcepPathKeyRequestSource OBJECT-TYPE 467 SYNTAX PcePcepIdentifier 468 MAX-ACCESS read-only 469 STATUS mandatory 470 DESCRIPTION 471 "Source that issued the original request that led 472 to the creation of the path-key." 473 ::= { pcePcepPathKeyEntry 3 } 475 pcePcepPathKeyRequestId OBJECT-TYPE 476 SYNTAX Unsigned32 477 MAX-ACCESS read-only 478 STATUS mandatory 479 DESCRIPTION 480 "The request ID of the original PCReq that led 481 to the creation of the path-key." 482 ::= { pcePcepPathKeyEntry 4 } 484 pcePcepPathKeyRetrieved OBJECT-TYPE 485 SYNTAX INTEGER { 486 TRUE(1), 487 FALSE(2) 488 } 489 MAX-ACCESS read-only 490 STATUS mandatory 491 DESCRIPTION 492 "It specifies whether the path-key is retrieved 493 or not." 494 ::= { pcePcepPathKeyEntry 5 } 496 pcePcepPathKeyRetrieveSource OBJECT-TYPE 497 SYNTAX PcePcepIdentifier 498 MAX-ACCESS read-only 499 STATUS mandatory 500 DESCRIPTION 501 "If the path-key is retrieved then by which 502 PCC." 503 ::= { pcePcepPathKeyEntry 6 } 505 pcePcepPathKeyCreationTime OBJECT-TYPE 506 SYNTAX TimeStamp 507 MAX-ACCESS read-only 508 STATUS mandatory 509 DESCRIPTION 510 "The value of sysUpTime at which Path Key 511 was generated by PCE." 512 ::= { pcePcepPathKeyEntry 7 } 514 pcePcepPathKeyDiscardTime OBJECT-TYPE 515 SYNTAX Unsigned32 516 MAX-ACCESS read-only 517 STATUS mandatory 518 DESCRIPTION 519 "The time after which the path segment associated 520 with the path-key will be discarded." 521 ::= { pcePcepPathKeyEntry 8 } 523 pcePcepPathKeyReuseTime OBJECT-TYPE 524 SYNTAX Unsigned32 525 MAX-ACCESS read-only 526 STATUS mandatory 527 DESCRIPTION 528 "The time after which the path-key will be available 529 for re-use." 530 ::= { pcePcepPathKeyEntry 9 } 532 pcePcepPathKeyHopTable OBJECT-TYPE 533 SYNTAX SEQUENCE OF pcePcepPathKeyHopEntry 534 MAX-ACCESS not-accessible 535 STATUS current 536 DESCRIPTION 537 "This table contains information about the 538 Pathkey Hop in the CPS of PCE." 539 ::= { pcePcepPathKeyObjects 13 } 541 pcePcepPathKeyHopEntry OBJECT-TYPE 542 SYNTAX pcePcepPathKeyHopEntry 543 MAX-ACCESS not-accessible 544 STATUS current 545 DESCRIPTION 546 "An entry in this table represents a Hop in the CPS. 547 An entry is only created when a path-key generated by 548 PCE during inter-domain computation." 550 INDEX { pcePcepPathKeyHopListIndex, 551 pcePcepPathKeyHopIndex } 553 ::= { pcePcepPathKeyHopTable 1 } 555 pcePcepPathKeyHopEntry ::= SEQUENCE { 556 pcePcepPathKeyHopListIndex MplsPathIndex, 557 pcePcepPathKeyHopIndex MplsPathIndex, 558 pcePcepPathKeyHopAddrType TeHopAddressType, 559 pcePcepPathKeyHopIpAddr TeHopAddress, 560 pcePcepPathKeyHopIpPrefixLen InetAddressPrefixLength, 561 pcePcepPathKeyHopAddrUnnum TeHopAddressUnnum, 562 pcePcepPathKeyHopLspId MplsLSPID, 563 pcePcepPathKeyHopType INTEGER, 564 } 566 pcePcepPathKeyHopListIndex OBJECT-TYPE 567 SYNTAX MplsPathIndex 568 MAX-ACCESS read-only 569 STATUS mandatory 570 DESCRIPTION 571 "The primary index into this table identifying a 572 particular CPS. All hops in the CPS will have the 573 same ListIndex. This corresponds to 574 pcePcepPathKeyCPSIndex in pcePcepPathKeyEntry." 576 ::= { pcePcepPathKeyHopEntry 1 } 578 pcePcepPathKeyHopIndex OBJECT-TYPE 579 SYNTAX MplsPathIndex 580 MAX-ACCESS read-only 581 STATUS mandatory 582 DESCRIPTION 583 "The secondry index into this table identifying a 584 particular Hop." 586 ::= { pcePcepPathKeyHopEntry 2 } 588 pcePcepPathKeyHopAddrType OBJECT-TYPE 589 SYNTAX TeHopAddressType 590 MAX-ACCESS read-only 591 STATUS mandatory 592 DESCRIPTION 593 "The Hop Address Type of this CPS hop. 594 Note that lspid(5) is a valid option only 595 for tunnels signaled via CRLDP." 596 DEFVAL { ipv4 } 597 ::= { pcePcepPathKeyHopEntry 2 } 599 pcePcepPathKeyHopIpAddr OBJECT-TYPE 600 SYNTAX TeHopAddress 601 MAX-ACCESS read-only 602 STATUS mandatory 603 DESCRIPTION 604 "The Hop Address for this CPS hop. 605 The type of this address is determined by the 606 value of the corresponding pcePcepPathKeyHopAddrType." 607 DEFVAL { '00000000'h } -- IPv4 address 0.0.0.0 608 ::= { pcePcepPathKeyHopEntry 4 } 610 pcePcepPathKeyHopIpPrefixLen OBJECT-TYPE 611 SYNTAX InetAddressPrefixLength 612 MAX-ACCESS read-only 613 STATUS current 614 DESCRIPTION 615 "If pcePcepPathKeyHopAddrType is set to ipv4(1) or 616 ipv6(2), then this value will contain an 617 appropriate prefix length for the IP address in 618 object pcePcepPathKeyHopIpAddr. Otherwise this value 619 is irrelevant and should be ignored." 620 DEFVAL { 32 } 621 ::= { pcePcepPathKeyHopEntry 5 } 623 pcePcepPathKeyHopAddrUnnum OBJECT-TYPE 624 SYNTAX TeHopAddressUnnum 625 MAX-ACCESS read-only 626 STATUS current 627 DESCRIPTION 628 "If pcePcepPathKeyHopAddrType is set to unnum(4), 629 then this value will contain the interface 630 identifier of the unnumbered interface for this 631 hop. This object should be used in conjunction 632 with pcePcepPathKeyHopIpAddr which would contain 633 the LSR Router ID in this case." 634 ::= { pcePcepPathKeyHopEntry 6 } 636 pcePcepPathKeyHopLspId OBJECT-TYPE 637 SYNTAX MplsLSPID 638 MAX-ACCESS read-only 639 STATUS current 640 DESCRIPTION 641 "If pcePcepPathKeyHopAddrType is set to lspid(5), 642 then this value will contain the LSPID of a tunnel 643 of this hop. The present tunnel being configured is 644 tunneled through this hop (using label stacking). 645 This object is otherwise insignificant and should 646 contain a value of 0 to indicate this fact." 647 ::= { pcePcepPathKeyHopEntry 7 } 649 pcePcepPathKeyHopType OBJECT-TYPE 650 SYNTAX INTEGER {\ 651 strict(1), 652 loose(2) 653 } 654 MAX-ACCESS read-only 655 STATUS mandatory 656 DESCRIPTION 657 "Denotes whether this hop is routed in a 658 strict or loose fashion. " 659 DEFVAL { strict } 660 ::= { pcePcepPathKeyHopEntry 8 } 662 --- 664 --- Notifications 666 --- 668 pcePcepPathKeyExpandUnknownNtf NOTIFICATION-TYPE 669 OBJECTS { 670 pcePcepPathKeyExpandUnknown 671 } 672 STATUS mandatory 673 DESCRIPTION 674 "This notification is sent when an attempt to expand an 675 unknown path-key is made. The value of the counter 676 pcePcepPathKeyExpandUnknown is also increased at this 677 time." 678 ::= { pcePcepPathKeyNotifications 1 } 680 pcePcepPathKeyExpandExpiredNtf NOTIFICATION-TYPE 681 OBJECTS { 682 pcePcepPathKeyExpandExpired 683 } 684 STATUS mandatory 685 DESCRIPTION 686 "This notification is sent when an attempt to expand an 687 expired path-key is made. The value of the counter 688 pcePcepPathKeyExpandExpired is also increased at this 689 time." 690 ::= { pcePcepPathKeyNotifications 2 } 692 pcePcepPathKeyExpandSameNtf NOTIFICATION-TYPE 693 OBJECTS { 694 pcePcepPathKeyExpandSame 695 } 696 STATUS optional 697 DESCRIPTION 698 "This notification is sent when a duplicate attempt to 699 expand the same path-key is made. The value of the 700 counter pcePcepPathKeyExpandSame is also increased at 701 this time." 702 ::= { pcePcepPathKeyNotifications 3 } 704 pcePcepPathKeyExpiredNoExpansionNtf NOTIFICATION-TYPE 705 OBJECTS { 706 pcePcepPathKeyExpiredNoExpansion 707 } 708 STATUS optional 709 DESCRIPTION 710 "This notification is sent when path-key expires without 711 any attempt to expand it. The value of the counter 712 pcePcepPathKeyExpiredNoExpansion is also increased at 713 this time." 714 ::= { pcePcepPathKeyNotifications 4 } 716 --**************************************************************** 717 -- Module Conformance Statement 718 --**************************************************************** 720 pcePcepPathKeyGroups 721 OBJECT IDENTIFIER ::= { pcePcepPathKeyConformance 1 } 723 pcePcepPathKeyCompliances 724 OBJECT IDENTIFIER ::= { pcePcepPathKeyConformance 2 } 726 -- 727 -- Full Compliance 728 -- 730 pcePcepPathKeyModuleFullCompliance MODULE-COMPLIANCE 731 STATUS current 732 DESCRIPTION 733 "The Module is implemented with support 734 for read-create and read-write. In other 735 words, both monitoring and configuration 736 are available when using this MODULE-COMPLIANCE." 738 MODULE -- this module 739 MANDATORY-GROUPS { pcePcepPathKeyGeneralGroup, 740 pcePcepPathKeyNotificationsGroup 741 } 743 ::= { pcePcepPathKeyCompliances 1 } 745 -- 746 -- Read-Only Compliance 747 -- 749 pcePcepPathKeyModuleReadOnlyCompliance MODULE-COMPLIANCE 750 STATUS current 751 DESCRIPTION 752 "The Module is implemented with support 753 for read-only. In other words, only monitoring 754 is available by implementing this MODULE-COMPLIANCE." 756 MODULE -- this module 757 MANDATORY-GROUPS { pcePcepPathKeyGeneralGroup, 758 pcePcepPathKeyNotificationsGroup 759 } 760 ::= { pcePcepPathKeyCompliances 2 } 762 -- units of conformance 763 pcePcepPathKeyGeneralGroup OBJECT-GROUP 764 OBJECTS { 765 pcePcepPathKeyDiscardTimer, 766 pcePcepPathKeyReUseTimer, 767 pcePcepPathKeysGenerated, 768 pcePcepPathKeyExpandUnknown, 769 pcePcepPathKeyExpandExpired, 770 pcePcepPathKeyConfig, 771 pcePcepPathKey, 772 pcePcepPathKeyCPSIndex, 773 pcePcepPathKeyRequestSource, 774 pcePcepPathKeyRequestId, 775 pcePcepPathKeyRetrieved, 776 pcePcepPathKeyRetrieveSource, 777 pcePcepPathKeyCreationTime, 778 pcePcepPathKeyDiscardTime, 779 pcePcepPathKeyReuseTime, 780 pcePcepPathKeyHopListIndex, 781 pcePcepPathKeyHopIndex, 782 pcePcepPathKeyHopAddrType, 783 pcePcepPathKeyHopIpAddr, 784 pcePcepPathKeyHopIpPrefixLen, 785 pcePcepPathKeyHopType 786 } 787 STATUS current 788 DESCRIPTION 789 "Objects that apply to all PCEP Pathkey MIB 790 implementations." 792 ::= { pcePcepPathKeyGroups 1 } 794 pcePcepPathKeyNotificationsGroup NOTIFICATION-GROUP 795 NOTIFICATIONS { pcePcepPathKeyExpandUnknownNtf, 796 pcePcepPathKeyExpandExpiredNtf 797 } 798 STATUS current 800 DESCRIPTION 801 "The notifications for a PCEP Pathkey MIB implementation." 802 ::= { pcePcepPathKeyGroups 2 } 804 END 806 6.2. Objects for inclusion in module PCE-PCEP-DRAFT-MIB 808 Following object maybe moved to [PCE-PCEP-DRAFT-MIB] after consensus 809 with the authors and working group. 811 pcePcepPathKeyConfig 813 7. IANA Considerations 815 TBD 817 8. Security Considerations 819 This MIB module can be used for configuration of certain objects, and 820 anything that can be configured can be incorrectly configured, with 821 potentially disastrous results. 823 There are a number of management objects defined in this MIB module 824 with a MAX-ACCESS clause of read-create. Such objects may be 825 considered sensitive or vulnerable in some network environments. The 826 support for SET operations in a non-secure environment without proper 827 protection can have a negatie effect on network operations. These 828 are the tables and objects and their sensitivity/vulnerability: 830 o pcePcepPathKeyDiscardTimer: Setting this value incorrectly may 831 cause the expiration of Pathkey before attempt to retrieve the 832 CPS. 834 o pcePcepPathKeyReUseTimer: Setting this value incorrectly may cause 835 the re-use of pathkey which may not guarantee the uniqueness of 836 path-key values. 838 The user of the PCE-PCEP-PATHKEY-DRAFT-MIB module must therefore be 839 aware that support for SET operations in a non-secure environment 840 without proper protection can have a negative effect on network 841 operations. 843 The readable objects in the PCE-PCEP-PATHKEY-DRAFT-MIB module (i.e., 844 those with MAX-ACCESS other than not-accessible) may be considered 845 sensitive in some environments since, collectively, they provide 846 information about the amount and frequency of path computation 847 requests and responses within the network and can reveal some aspects 848 of their configuration. 850 In such environments it is important to control also GET and NOTIFY 851 access to these objects and possibly even to encrypt their values 852 when sending them over the network via SNMP. 854 SNMP versions prior to SNMPv3 did not include adequate security. 855 Even if the network itself is secure (for example by using IPsec), 856 even then, there is no control as to who on the secure network is 857 allowed to access and GET/SET (read/change/create/delete) the objects 858 in this MIB module. 860 It is RECOMMENDED that implementers consider the security features as 861 provided by the SNMPv3 framework (see [RFC3410], section 8), 862 including full support for the SNMPv3 cryptographic mechanisms (for 863 authentication and privacy). 865 Further, deployment of SNMP versions prior to SNMPv3 is NOT 866 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 867 enable cryptographic security. It is then a customer/operator 868 responsibility to ensure that the SNMP entity giving access to an 869 instance of this MIB module is properly configured to give access to 870 the objects only to those principals (users) that have legitimate 871 rights to indeed GET or SET (change/create/delete) them. 873 9. References 875 9.1. Normative References 877 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 878 Schoenwaelder, Ed., "Structure of Management 879 Information Version 2 (SMIv2)", STD 58, 880 RFC 2578, April 1999. 882 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 883 Schoenwaelder, Ed., "Textual Conventions for 884 SMIv2", STD 58, RFC 2579, April 1999. 886 [RFC2580] McCloghrie, K., Perkins, D., and J. 887 Schoenwaelder, "Conformance Statements for 888 SMIv2", STD 58, RFC 2580, April 1999. 890 [RFC2863] McCloghrie, K. and F. Kastenholz, "The 891 Interfaces Group MIB", RFC 2863, June 2000. 893 [RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An 894 Architecture for Describing Simple Network 895 Management Protocol (SNMP) Management 896 Frameworks", STD 62, RFC 3411, December 2002. 898 [RFC3811] Nadeau, T. and J. Cucchiara, "Definitions of 899 Textual Conventions (TCs) for Multiprotocol 900 Label Switching (MPLS) Management", RFC 3811, 901 June 2004. 903 [RFC3813] Srinivasan, C., Viswanathan, A., and T. Nadeau, 904 "Multiprotocol Label Switching (MPLS) Label 905 Switching Router (LSR) Management Information 906 Base (MIB)", RFC 3813, June 2004. 908 [RFC5440] Vasseur, JP. and JL. Le Roux, "Path Computation 909 Element (PCE) Communication Protocol (PCEP)", 910 RFC 5440, March 2009. 912 9.2. Informative References 914 [RFC3410] Case, J., Mundy, R., Partain, D., and B. 915 Stewart, "Introduction and Applicability 916 Statements for Internet-Standard Management 917 Framework", RFC 3410, December 2002. 919 [RFC4655] Farrel, A., Vasseur, J., and J. Ash, "A Path 920 Computation Element (PCE)-Based Architecture", 921 RFC 4655, August 2006. 923 [RFC5520] Bradford, R., Vasseur, JP., and A. Farrel, 924 "Preserving Topology Confidentiality in Inter- 925 Domain Path Computation Using a Path-Key-Based 926 Mechanism", RFC 5520, April 2009. 928 [PCE-PCEP-DRAFT-MIB] Kiran Koushik, A S., Stephan, E., Zhao, Q., and 929 D. King, "PCE communication protocol(PCEP) 930 Management Information Base", July 2010. 932 Authors' Addresses 934 Dhruv Dhody 935 Huawei Technology 936 Leela Palace 937 Bangalore, Karnataka 560008 938 INDIA 940 EMail: dhruv.dhody@huawei.com 942 Udayasree Palle 943 Huawei Technology 944 Leela Palace 945 Bangalore, Karnataka 560008 946 INDIA 948 EMail: Udayasree.palle@huawei.com 949 Quintin Zhao 950 Huawei Technology 951 125 Nagog Technology Park 952 Acton, MA 01719 953 US 955 EMail: quintin.zhao@huawei.com 957 Daniel King 958 Old Dog Consulting 959 UK 961 EMail: daniel@olddog.co.uk