idnits 2.17.1 draft-ietf-bess-l2l3-vpn-mcast-mib-08.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but does not include the phrase in its RFC 2119 key words list. -- The document date (May 26, 2017) is 2520 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC3811' is mentioned on line 462, but not defined -- Obsolete informational reference (is this intentional?): RFC 4601 (Obsoleted by RFC 7761) Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group Z. Zhang 3 Internet-Draft Juniper Networks, Inc. 4 Intended status: Standards Track H. Tsunoda 5 Expires: November 27, 2017 Tohoku Institute of Technology 6 May 26, 2017 8 L2L3 VPN Multicast MIB 9 draft-ietf-bess-l2l3-vpn-mcast-mib-08 11 Abstract 13 This memo defines a portion of the Management Information Base (MIB) 14 for use with network management protocols in the Internet community. 15 In particular, it describes two MIB modules which will be used by 16 other MIB modules for monitoring and/or configuring Layer 2 and Layer 17 3 Virtual Private Networks that support multicast. 19 Status of This Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at http://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on November 27, 2017. 36 Copyright Notice 38 Copyright (c) 2017 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (http://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 54 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 55 2. The Internet-Standard Management Framework . . . . . . . . . 4 56 3. Summary of MIB Modules . . . . . . . . . . . . . . . . . . . 4 57 4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 5 58 4.1. L2L3-VPN-MCAST-TC-MIB Object Definitions . . . . . . . . 5 59 4.2. L2L3-VPN-MCAST-MIB Object Definitions . . . . . . . . . . 10 60 5. Security Considerations . . . . . . . . . . . . . . . . . . . 16 61 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17 62 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 17 63 7.1. Normative References . . . . . . . . . . . . . . . . . . 17 64 7.2. Informative References . . . . . . . . . . . . . . . . . 19 65 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20 67 1. Introduction 69 The procedures for supporting multicast in Border Gateway Protocol/ 70 MultiProtocol Label Switching (BGP/MPLS) Layer 3 (L3) Virtual Private 71 Network (VPN) are specified in [RFC6513]. The procedures for 72 supporting multicast in Border Gateway Protocol/MultiProtocol Label 73 Switching Layer 2 (L2) Virtual Private Network are specified in 74 [RFC7117]. Throughout this document, we will use the term 75 "L2L3VPNMCast" to mean BGP/MPLS L2 and L3 VPN that support multicast. 77 This document describes textual conventions (TCs) and common managed 78 objects (MOs) which will be used by other Management Information Base 79 (MIB) modules for monitoring and/or configuring L2L3VPNMCast. 81 L2L3VPNMCast can be achieved by using various kinds of transport 82 mechanisms for forwarding a packet to all or a subset of Provider 83 Edge routers (PEs) across service provider networks. Such transport 84 mechanisms are referred to as provider tunnels (P-tunnels). The 85 signaling of P-tunnel choice is very similar for multicast in both L2 86 and L3 VPNs. Therefore, TCs and MOs defined in this document will be 87 used by other MIB modules for monitoring and/or configuring both L2 88 and L3 VPNs that support multicast. 90 The are two type of the signaling mechanisms of P-tunnel choice: BGP- 91 based and UDP-based [RFC6513]. BGP-based mechanisms for Virtual 92 Private LAN Service and Multicast VPN (MVPN) are described in 93 [RFC7117] and [RFC6513], respectively. In [RFC6513], a UDP-based 94 signaling mechanism is also specified. 96 A BGP attribute that specifies information of a P-tunnel is called 97 Provider Multicast Service Interface (PMSI) tunnel attribute. The 98 PMSI tunnel attribute is advertised/received by PEs in BGP auto- 99 discovery (A-D) routes. [RFC6514] defines the format of a PMSI 100 tunnel attribute. 102 This document defines four TCs to represent 104 (a) the tunnel type of a P-tunnel, 105 (b) the identifier of a P-tunnel, 106 (c) the pointer to a row in some table pertaining to a P-tunnel, and 107 (d) the type of the pointer in (c) above, 109 respectively. 111 This document also describes common MOs that provide the information 112 in a PMSI tunnel attribute and corresponding tunnel information to 113 other MIB modules. 115 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 116 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 117 document are to be interpreted as described in [RFC2119]. 119 1.1. Terminology 121 This document adopts the definitions, acronyms and mechanisms 122 described in [RFC6513] [RFC6514] [RFC7117] and other documents that 123 they refer to. Familiarity with Multicast, MPLS, Layer 3 VPN, MVPN 124 (Multicast VPN) concepts and/or mechanisms is assumed. Some terms 125 specifically related to this document are explained below. 127 The term "Multicast VPN (MVPN)" [RFC6513] refers to a BGP/MPLS Layer 128 3 (IP) VPN service that supports multicast. 130 "Provider Multicast Service Interface (PMSI)" [RFC6513] is a 131 conceptual interface instantiated by a P-tunnel, a transport 132 mechanism used to deliver multicast traffic. A PE uses it to send 133 customer multicast traffic to all or some PEs in the same VPN. 135 There are two kinds of PMSIs: "Inclusive PMSI (I-PMSI)" and 136 "Selective PMSI (S-PMSI)" [RFC6513]. An I-PMSI is a PMSI that 137 enables a PE attached to a particular MVPN to transmit a message to 138 all PEs in the same VPN. An S-PMSI is a PMSI that enables a PE 139 attached to a particular MVPN to transmit a message to some of the 140 PEs in the same VPN. 142 Throughout this document, we will use the term "PMSI" to refer both 143 "I-PMSI" and "S-PMSI." 145 [RFC6513] describes the following tunnel setup techniques that can be 146 used to create the P-tunnels that instantiate the PMSIs. 148 o Protocol Independent Multicast tree 150 * Sparse Mode (PIM-SM) tree [RFC4601] 152 * Source Specific Multicast (PIM-SSM) tree [RFC4601] 154 * Bidirectional Protocol Independent Multicast (BIDIR-PIM) tree 155 [RFC5015] 157 o Label Distribution Protocol Extension for Multipoint Label 158 Switched Paths (mLDP) [RFC6388] 160 * Point-to-MultiPoint (mLDP P2MP) 162 * Point-to-MultiPoint (mLDP MP2MP) 164 o Resource Reservation Protocol - Traffic Engineering Point-to- 165 Multipoint (RSVP-TE P2MP) Label Switched Path [RFC4875] 167 o Ingress Replication through Unicast Tunnels [RFC6513] 169 A tunnel is identified by its Tunnel Identifier. The length of the 170 identifier will depend on the setup technique that is used to create 171 the tunnel. 173 2. The Internet-Standard Management Framework 175 For a detailed overview of the documents that describe the current 176 Internet-Standard Management Framework, please refer to section 7 of 177 RFC 3410 [RFC3410]. 179 Managed objects are accessed via a virtual information store, termed 180 the Management Information Base or MIB. MIB objects are generally 181 accessed through the Simple Network Management Protocol (SNMP). 182 Objects in the MIB are defined using the mechanisms defined in the 183 Structure of Management Information (SMI). This memo specifies a MIB 184 module that is compliant to the SMIv2, which is described in STD 58, 185 RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 186 [RFC2580]. 188 3. Summary of MIB Modules 190 This document defines two MIB modules: L2L3-VPN-MCAST-TC-MIB and 191 L2L3-VPN-MCAST-MIB. 193 o L2L3-VPN-MCAST-TC-MIB contains four Textual Conventions: 194 L2L3VpnMcastProviderTunnelType, L2L3VpnMcastProviderTunnelId, 195 L2L3VpnMcastProviderTunnelPointerType, and 196 L2L3VpnMcastProviderTunnelPointer. L2L3VpnMcastProviderTunnelType 197 provides an enumeration of the P-tunnel types. 198 L2L3VpnMcastProviderTunnelId represents an identifier of a 199 P-tunnel. L2L3VpnMcastProviderTunnelPointerType indicates a type 200 of pointer to the row pertaining to a table entry that represents 201 a P-tunnel. L2L3VpnMcastProviderTunnelPointer denotes a pointer 202 to the row pertaining to a table entry that represents a P-tunnel. 204 o L2L3-VPN-MCAST-MIB defines a table 205 l2L3VpnMcastPmsiTunnelAttributeTable. An entry in this table 206 corresponds to a PMSI Tunnel Attribute (PTA) advertised/received 207 by a PE router. Entries in this table will be used by other MIB 208 modules for monitoring and/or configuring L2L3VPNMCast. The table 209 index uniquely identifies a tunnel. It is composed of a set of 210 attributes which depend on the tunnel type. The table may also be 211 used in conjunction with other MIBs, such as MPLS Traffic 212 Engineering MIB (MPLS-TE-STD-MIB) [RFC3812], to obtain further 213 information of a tunnel by following the row pointer of the 214 corresponding tunnel's row in this table. It may also be used in 215 conjunction with Interfaces Group MIB (IF-MIB) [RFC2863] to obtain 216 further information of the interface corresponding to the tunnel 217 by following the row pointer of the corresponding tunnel's row in 218 this table. 220 4. Definitions 222 4.1. L2L3-VPN-MCAST-TC-MIB Object Definitions 224 L2L3-VPN-MCAST-TC-MIB DEFINITIONS ::= BEGIN 226 IMPORTS 227 MODULE-IDENTITY, mib-2 228 FROM SNMPv2-SMI -- [RFC2578] 230 TEXTUAL-CONVENTION 231 FROM SNMPv2-TC; -- [RFC2579] 233 l2L3VpnMcastTCMIB MODULE-IDENTITY 234 LAST-UPDATED "201705261200Z" -- 26th May, 2017 235 ORGANIZATION "IETF BESS Working Group." 236 CONTACT-INFO 237 " Zhaohui Zhang 238 Juniper Networks, Inc. 239 10 Technology Park Drive 240 Westford, MA 01886 241 USA 242 Email: zzhang@juniper.net 244 Hiroshi Tsunoda 245 Tohoku Institute of Technology 246 35-1, Yagiyama Kasumi-cho 247 Taihaku-ku, Sendai, 982-8577 248 Japan 249 Email: tsuno@m.ieice.org 251 Comments and discussion to bess@ietf.org 252 " 253 DESCRIPTION 254 "This MIB module specifies textual conventions for 255 Border Gateway Protocol/MultiProtocol Label 256 Switching Layer 2 and Layer 3 Virtual Private Network 257 that support multicast (L2L3VPNMCast). 259 Copyright (C) The Internet Society (2017). 260 " 262 -- Revision history. 264 REVISION "201705261200Z" -- 26th May, 2017 265 DESCRIPTION 266 "Initial version, published as RFC XXXX." 268 -- RFC Ed. replace XXXX with actual RFC number and remove this note 270 ::= { mib-2 AAAA } 272 -- IANA Reg.: Please assign a value for "AAAA" under the 273 -- 'mib-2' subtree and record the assignment in the SMI 274 -- Numbers registry. 276 -- RFC Ed.: When the above assignment has been made, please 277 -- remove the above note 278 -- replace "AAAA" here with the assigned value and 279 -- remove this note. 281 -- Textual convention 283 L2L3VpnMcastProviderTunnelType ::= TEXTUAL-CONVENTION 284 STATUS current 285 DESCRIPTION 286 "This textual convention enumerates values 287 representing the type of a provider tunnel (P-tunnel) 288 used for L2L3VPNMCast. 289 These labeled numbers are aligned with the definition 290 of Tunnel types in Section 5 of [RFC6514]. 291 " 292 REFERENCE 293 "RFC6514, Section 5" 294 SYNTAX INTEGER 295 { 296 noTunnelId (0), -- No tunnel information 297 rsvpP2mp (1), -- RSVP-TE P2MP LSP 298 ldpP2mp (2), -- mLDP P2MP LSP 299 pimSsm (3), -- PIM-SSM Tree 300 pimAsm (4), -- PIM-SM Tree 301 pimBidir (5), -- BIDIR-PIM Tree 302 ingressReplication (6), -- Ingress Replication 303 ldpMp2mp (7) -- mLDP MP2MP LSP 304 } 306 L2L3VpnMcastProviderTunnelId ::= TEXTUAL-CONVENTION 307 STATUS current 308 DESCRIPTION 309 "This textual convention represents the tunnel identifier 310 of a P-tunnel. 312 The size of the identifier depends on the address family 313 (IPv4 or IPv6) and the value of the corresponding 314 L2L3VpnMcastProviderTunnelType object. 316 The corresponding L2L3VpnMcastProviderTunnelType object 317 represents the type of the tunneling technology used 318 to establish the P-tunnel. 320 The size of the identifier for each tunneling technology 321 is summarized below. 323 L2L3VpnMcastProviderTunnelType Size (in octets) 324 (tunneling technology) IPv4 IPv6 325 -------------------------------------------------------- 326 noTunnelId (No tunnel information) 0 0 327 rsvpP2mp (RSVP-TE P2MP LSP) 12 24 328 ldpP2mp (mLDP P2MP LSP) 17 29 329 pimSsm (PIM-SSM Tree) 8 32 330 pimAsm (PIM-SM Tree) 8 32 331 pimBidir (BIDIR-PIM Tree) 8 32 332 ingressReplication (Ingress Replication) 4 16 333 ldpMp2mp (mLDP MP2MP LSP) 17 29 335 A L2L3VpnMcastProviderTunnelType object of value 336 noTunnelId(0) indicates that the corresponding 337 Provider Multicast Service Interface (PMSI) Tunnel 338 attribute does not have tunnel information. 339 The value of the corresponding L2L3VpnMcastProviderTunnelId 340 object will be a string of length zero. 342 When the L2L3VpnMcastProviderTunnelType object is of value 343 rsvpP2mp(1), the corresponding Tunnel Identifier is composed of 344 Extended Tunnel ID (4 octets in IPv4, 16 octets in IPv6), 345 Reserved (2 octets), Tunnel ID (2 octets), and 346 P2MP ID (4 octets). 347 The size of the corresponding L2L3VpnMcastProviderTunnelId 348 object will be 12 octets in IPv4 and 24 octets in IPv6. 350 When the L2L3VpnMcastProviderTunnelType object is of value 351 ldpP2mp(2), the corresponding Tunnel Identifier is P2MP 352 Forwarding Equivalence Class (FEC) Element [RFC6388]. 353 The size of the corresponding L2L3VpnMcastProviderTunnelId 354 object will be 17 octets in IPv4 and 29 octets in IPv6 356 When the L2L3VpnMcastProviderTunnelType object is of value 357 pimSsm(3), PimAsm(4), or PimBidir(5), the corresponding 358 Tunnel Identifier is composed of the source IP address 359 and the group IP address. 360 The size of the corresponding L2L3VpnMcastProviderTunnelId 361 object will be 8 octets in IPv4 and 32 octets in IPv6. 363 When the L2L3VpnMcastProviderTunnelType object is of value 364 ingressReplication(6), the Tunnel Identifier is 365 the unicast tunnel endpoint IP address of the local PE. 366 The size of the corresponding L2L3VpnMcastProviderTunnelId 367 object is 4 octets in IPv4 and 16 octets in IPv6. 369 When the L2L3VpnMcastProviderTunnelType object is of value 370 ldpMp2mp(7), the Tunnel Identifier is MP2MP FEC Element 371 [RFC6388]. 372 The size of the corresponding L2L3VpnMcastProviderTunnelId 373 object 17 octets in IPv4 and 29 octets in IPv6. 374 " 375 REFERENCE 376 "RFC6514, Section 5 377 RFC4875, Section 19.1 378 RFC6388, Section 2.2 and 3.2 379 " 380 SYNTAX OCTET STRING ( SIZE (0|4|8|12|16|17|24|29|32) ) 382 L2L3VpnMcastProviderTunnelPointer ::= TEXTUAL-CONVENTION 383 STATUS current 384 DESCRIPTION 385 "This textual convention represents a pointer to a row in 386 a table represented by the following object of type 387 L2L3VpnMcastProviderTunnelPointerType. 389 An L2L3VpnMcastProviderTunnelPointer value is always 390 interpreted within the context of an 391 L2L3VpnMcastProviderTunnelPointerType value. 392 Every usage of the L2L3VpnMcastProviderTunnelPointer 393 textual convention MUST specify the 394 L2L3VpnMcastProviderTunnelPointerType object which 395 provides the context. 397 Furthermore, MIB authors SHOULD define a separate 398 L2L3VpnMcastProviderTunnelPointerType object for each 399 L2L3VpnMcastProviderTunnelPointer object. 400 The L2L3VpnMcastProviderTunnelPointerType object which 401 defines the context must be registered immediately before 402 the object which uses the L2L3VpnMcastProviderTunnelPointer 403 textual convention. 404 " 405 SYNTAX OBJECT IDENTIFIER 407 L2L3VpnMcastProviderTunnelPointerType ::= TEXTUAL-CONVENTION 408 STATUS current 409 DESCRIPTION 410 "This textual convention enumerates the 411 tables having the row that an L2L3VpnMcastProviderTunnelPointer 412 object points to. 413 The row pertains to the entry that represents a 414 P-tunnel used for L2L3VPNMCast. 416 The enumerated values have the following meanings: 418 null(0) 419 Default value. This indicates that the corresponding 420 L2L3VpnMcastProviderTunnelPointer object is not assigned. 422 pointerToMplsTunnelTable(1) 423 The corresponding L2L3VpnMcastProviderTunnelPointer object 424 points to a row in an mplsTunnelTable defined in [RFC3812]. 426 pointerToTunnelIfTableForGRE(2) 427 The corresponding L2L3VpnMcastProviderTunnelPointer object 428 points to a row in a tunnelIfTable defined in [RFC4087] for 429 GRE tunnel. 430 " 432 REFERENCE 433 "RFC3812, RFC4087" 435 SYNTAX INTEGER 436 { 437 null (0), -- Default value 438 pointerToMplsTunnelTable (1), -- Pointer to a row 439 -- in mplsTunnelTable 440 pointerToTunnelIfTableForGRE (2) -- Pointer to a row 441 -- in tunnelIfTable 442 -- for GRE tunnel 443 } 445 END 447 4.2. L2L3-VPN-MCAST-MIB Object Definitions 449 L2L3-VPN-MCAST-MIB DEFINITIONS ::= BEGIN 451 IMPORTS 452 MODULE-IDENTITY, OBJECT-TYPE, mib-2, zeroDotZero 453 FROM SNMPv2-SMI -- [RFC2578] 455 MODULE-COMPLIANCE, OBJECT-GROUP 456 FROM SNMPv2-CONF -- [RFC2580] 458 RowPointer 459 FROM SNMPv2-TC -- [RFC2579] 461 MplsLabel 462 FROM MPLS-TC-STD-MIB -- [RFC3811] 464 L2L3VpnMcastProviderTunnelType, 465 L2L3VpnMcastProviderTunnelId, 466 L2L3VpnMcastProviderTunnelPointerType, 467 L2L3VpnMcastProviderTunnelPointer 468 FROM L2L3-VPN-MCAST-TC-MIB; 470 l2L3VpnMcastMIB MODULE-IDENTITY 471 LAST-UPDATED "201705261200Z" -- 26th May, 2017 472 ORGANIZATION "IETF BESS Working Group." 473 CONTACT-INFO 474 " Zhaohui Zhang 475 Juniper Networks, Inc. 476 10 Technology Park Drive 477 Westford, MA 01886 478 USA 479 Email: zzhang@juniper.net 480 Hiroshi Tsunoda 481 Tohoku Institute of Technology 482 35-1, Yagiyama Kasumi-cho 483 Taihaku-ku, Sendai, 982-8577 484 Japan 485 Email: tsuno@m.ieice.org 487 Comments and discussion to bess@ietf.org 488 " 489 DESCRIPTION 490 "This MIB module will be used by other MIB modules designed for 491 monitoring and/or configuring Border Gateway 492 Protocol/MultiProtocol Label Switching 493 Layer 2 and Layer 3 Virtual Private 494 Network that support multicast (L2L3VPNMCast). 495 Copyright (C) The Internet Society (2017). 496 " 497 -- Revision history. 499 REVISION "201705261200Z" -- 26th May, 2017 500 DESCRIPTION 501 "Initial version, published as RFC XXXX." 503 -- RFC Ed. replace XXXX with actual RFC number and remove this note 505 ::= { mib-2 BBBB } 507 -- IANA Reg.: Please assign a value for "BBBB" under the 508 -- 'mib-2' subtree and record the assignment in the SMI 509 -- Numbers registry. 511 -- RFC Ed.: When the above assignment has been made, please 512 -- remove the above note 513 -- replace "BBBB" here with the assigned value and 514 -- remove this note. 516 -- Top level components of this MIB. 517 l2L3VpnMcastStates OBJECT IDENTIFIER 518 ::= { l2L3VpnMcastMIB 1 } 519 l2L3VpnMcastConformance OBJECT IDENTIFIER 520 ::= { l2L3VpnMcastMIB 2 } 522 -- tables, scalars, conformance information 523 -- Table of PMSI Tunnel Attributes 525 l2L3VpnMcastPmsiTunnelAttributeTable OBJECT-TYPE 526 SYNTAX SEQUENCE OF L2L3VpnMcastPmsiTunnelAttributeEntry 527 MAX-ACCESS not-accessible 528 STATUS current 529 DESCRIPTION 530 "An entry in this table corresponds to a 531 (Provider Multicast Service Interface) PMSI Tunnel 532 attribute and is maintained by a PE router 533 that advertises and receives the attribute. 534 The entries will be referred to by other MIB modules 535 for monitoring and/or configuring L2L3VPNMCast. 536 " 537 REFERENCE 538 "RFC6514, Section 5" 539 ::= { l2L3VpnMcastStates 1 } 541 l2L3VpnMcastPmsiTunnelAttributeEntry OBJECT-TYPE 542 SYNTAX L2L3VpnMcastPmsiTunnelAttributeEntry 543 MAX-ACCESS not-accessible 544 STATUS current 545 DESCRIPTION 546 "A conceptual row corresponding to a PTA 547 that is advertised/received on this router. 548 " 549 REFERENCE 550 "RFC6514, Section 5" 551 INDEX { 552 l2L3VpnMcastPmsiTunnelAttributeFlags, 553 l2L3VpnMcastPmsiTunnelAttributeType, 554 l2L3VpnMcastPmsiTunnelAttributeLabel, 555 l2L3VpnMcastPmsiTunnelAttributeId 556 } 557 ::= { l2L3VpnMcastPmsiTunnelAttributeTable 1 } 559 L2L3VpnMcastPmsiTunnelAttributeEntry ::= 560 SEQUENCE { 561 l2L3VpnMcastPmsiTunnelAttributeFlags 562 OCTET STRING, 563 l2L3VpnMcastPmsiTunnelAttributeType 564 L2L3VpnMcastProviderTunnelType, 565 l2L3VpnMcastPmsiTunnelAttributeLabel 566 MplsLabel, 567 l2L3VpnMcastPmsiTunnelAttributeId 568 L2L3VpnMcastProviderTunnelId, 569 l2L3VpnMcastPmsiTunnelPointerType 570 L2L3VpnMcastProviderTunnelPointerType, 571 l2L3VpnMcastPmsiTunnelPointer 572 L2L3VpnMcastProviderTunnelPointer, 573 l2L3VpnMcastPmsiTunnelIf 574 RowPointer 575 } 577 l2L3VpnMcastPmsiTunnelAttributeFlags OBJECT-TYPE 578 SYNTAX OCTET STRING (SIZE (1)) 579 MAX-ACCESS not-accessible 580 STATUS current 581 DESCRIPTION 582 "This object represents the Flags field in the PMSI Tunnel 583 attribute. The Flags field has the following format. 585 0 1 2 3 4 5 6 7 586 +-+-+-+-+-+-+-+-+ 587 | reserved |L| 588 +-+-+-+-+-+-+-+-+ 590 L: Leaf Information Required 592 When BGP-based PMSI signaling is used, the value of 593 this object corresponds to the Flags field in 594 an advertised/received PMSI auto-discovery (A-D) route. 596 When UDP-based S-PMSI signaling is used, the value of 597 this object is zero. 598 " 599 REFERENCE 600 "RFC6514, Section 5" 601 ::= { l2L3VpnMcastPmsiTunnelAttributeEntry 1 } 603 l2L3VpnMcastPmsiTunnelAttributeType OBJECT-TYPE 604 SYNTAX L2L3VpnMcastProviderTunnelType 605 MAX-ACCESS not-accessible 606 STATUS current 607 DESCRIPTION 608 "The Tunnel Type field that identifies 609 the type of the tunneling technology used to 610 establish the provider tunnel (P-tunnel), in a 611 PMSI Tunnel attribute. 613 When BGP-based PMSI signaling is used, the value of 614 this object corresponds to the Tunnel Type field in 615 an advertised/received PMSI auto-discovery (A-D) route. 617 When UDP-based S-PMSI signaling is used, the value of 618 this object will be one of pimAsm (3), pimSsm (4), or 619 pimBidir (5). 620 " 621 REFERENCE 622 "RFC6514, Section 5" 623 ::= { l2L3VpnMcastPmsiTunnelAttributeEntry 2 } 625 l2L3VpnMcastPmsiTunnelAttributeLabel OBJECT-TYPE 626 SYNTAX MplsLabel 627 MAX-ACCESS not-accessible 628 STATUS current 629 DESCRIPTION 630 "The MPLS Label field in a PMSI Tunnel attribute. 632 When BGP-based PMSI signaling is used, the value of 633 this object corresponds to the MPLS Label field in 634 an advertised/received PMSI A-D route. 636 When UDP-based S-PMSI signaling is used, the value of 637 this object is zero that indicates the absence of MPLS 638 Label. 639 " 640 REFERENCE 641 "RFC6514, Section 5" 642 ::= { l2L3VpnMcastPmsiTunnelAttributeEntry 3 } 644 l2L3VpnMcastPmsiTunnelAttributeId OBJECT-TYPE 645 SYNTAX L2L3VpnMcastProviderTunnelId 646 MAX-ACCESS not-accessible 647 STATUS current 648 DESCRIPTION 649 "The Tunnel Identifier field that uniquely 650 identifies a tunnel, in a PMSI Tunnel attribute. 651 The size of the identifier depends on the address family 652 (IPv4 or IPv6) and the value of the corresponding 653 l2L3VpnMcastPmsiTunnelAttributeType object i.e., the type of 654 the tunneling technology used to establish the provider 655 tunnel. 656 " 657 REFERENCE 658 "RFC6514, Section 5" 659 ::= { l2L3VpnMcastPmsiTunnelAttributeEntry 4 } 661 l2L3VpnMcastPmsiTunnelPointerType OBJECT-TYPE 662 SYNTAX L2L3VpnMcastProviderTunnelPointerType 663 MAX-ACCESS read-only 664 STATUS current 665 DESCRIPTION 666 "The type of l2L3VpnMcastPmsiTunnelPointer. 668 The tunnel identified by l2L3VpnMcastPmsiTunnelAttributeId 669 may be represented as an entry in some other table, e.g., 670 mplsTunnelTable [RFC3812]. This object specifies 671 the type of the pointer to the row pertaining to the entry. 673 If such an entry does not exist, the value of this object 674 MUST be null(0). 675 " 676 DEFVAL { null } 677 ::= { l2L3VpnMcastPmsiTunnelAttributeEntry 5 } 679 l2L3VpnMcastPmsiTunnelPointer OBJECT-TYPE 680 SYNTAX L2L3VpnMcastProviderTunnelPointer 681 MAX-ACCESS read-only 682 STATUS current 683 DESCRIPTION 684 "The pointer to a table entry representing the tunnel 685 identified by l2L3VpnMcastPmsiTunnelAttributeId. 687 The type of this pointer is specified with 688 the corresponding instance of the 689 l2L3VpnMcastPmsiTunnelPointerType object. 691 If the value of the corresponding instance of the 692 l2L3VpnMcastPmsiTunnelPointerType is null(0), 693 the value of this object MUST be set to zeroDotZero. 694 " 695 DEFVAL { zeroDotZero } 696 ::= { l2L3VpnMcastPmsiTunnelAttributeEntry 6 } 698 l2L3VpnMcastPmsiTunnelIf OBJECT-TYPE 699 SYNTAX RowPointer 700 MAX-ACCESS read-only 701 STATUS current 702 DESCRIPTION 703 "If the tunnel identified by l2L3VpnMcastPmsiTunnelAttributeId 704 has a corresponding entry in the ifXTable [RFC2863], 705 this object will point to the row pertaining to the entry 706 in the ifXTable. Otherwise, this object MUST be set to 707 zeroDotZero." 708 DEFVAL { zeroDotZero } 709 ::= { l2L3VpnMcastPmsiTunnelAttributeEntry 7 } 711 -- Conformance Information 713 l2L3VpnMcastGroups OBJECT IDENTIFIER 714 ::= { l2L3VpnMcastConformance 1 } 715 l2L3VpnMcastCompliances OBJECT IDENTIFIER 716 ::= { l2L3VpnMcastConformance 2 } 718 -- Compliance Statements 720 l2L3VpnMcastCompliance MODULE-COMPLIANCE 721 STATUS current 722 DESCRIPTION 723 "The compliance statement: no mandatory groups " 724 MODULE -- this module 726 GROUP l2L3VpnMcastOptionalGroup 727 DESCRIPTION 728 "This group is optional." 729 ::= { l2L3VpnMcastCompliances 1 } 731 -- units of conformance 733 l2L3VpnMcastOptionalGroup OBJECT-GROUP 734 OBJECTS { 735 l2L3VpnMcastPmsiTunnelPointerType, 736 l2L3VpnMcastPmsiTunnelPointer, 737 l2L3VpnMcastPmsiTunnelIf 738 } 739 STATUS current 740 DESCRIPTION 741 "Support of these objects is not required." 742 ::= { l2L3VpnMcastGroups 1 } 744 END 746 5. Security Considerations 748 There are no management objects defined in these MIB modules that 749 have a MAX-ACCESS clause of read-write and/or read-create. So, if 750 this MIB module is implemented correctly, then there is no risk that 751 an intruder can alter or create any management objects of this MIB 752 module via direct SNMP SET operations. 754 Some of the readable objects in these MIB modules (i.e., objects with 755 a MAX-ACCESS other than not-accessible) may be considered sensitive 756 or vulnerable in some network environments. It is thus important to 757 control even GET and/or NOTIFY access to these objects and possibly 758 to even encrypt the values of these objects when sending them over 759 the network via SNMP. These are the tables and objects and their 760 sensitivity/vulnerability: 762 o the l2L3VpnMcastPmsiTunnelAttributeTable collectively show the 763 P-tunnel network topology and its performance characteristics. 764 For instance, l2L3VpnMcastPmsiTunnelAttributeId in this table will 765 contain the identifier that uniquely identifies a created 766 P-tunnel. This identifier may be composed of source and multicast 767 group IP addresses. l2L3VpnMcastPmsiTunnelPointer and 768 l2L3VpnMcastPmsiTunnelIf will point to the corresponding entries 769 in other tables containing configuration and/or performance 770 information of a tunnel and an interface. If an Administrator 771 does not want to reveal this information, then these objects 772 should be considered sensitive/vulnerable. 774 SNMP versions prior to SNMPv3 did not include adequate security. 775 Even if the network itself is secure (for example by using IPsec), 776 there is no control as to who on the secure network is allowed to 777 access and GET/SET (read/change/create/delete) the objects in this 778 MIB module. 780 Implementations SHOULD provide the security features described by the 781 SNMPv3 framework (see [RFC3410]), and implementations claiming 782 compliance to the SNMPv3 standard MUST include full support for 783 authentication and privacy via the User-based Security Model (USM) 784 [RFC3414] with the AES cipher algorithm [RFC3826]. Implementations 785 MAY also provide support for the Transport Security Model (TSM) 786 [RFC5591] in combination with a secure transport such as SSH 787 [RFC5592] or TLS/DTLS [RFC6353]. 789 Further, deployment of SNMP versions prior to SNMPv3 is NOT 790 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 791 enable cryptographic security. It is then a customer/operator 792 responsibility to ensure that the SNMP entity giving access to an 793 instance of this MIB module is properly configured to give access to 794 the objects only to those principals (users) that have legitimate 795 rights to indeed GET or SET (change/create/delete) them. 797 6. IANA Considerations 799 IANA is requested to root MIB objects in the MIB module contained in 800 this document under the mib-2 subtree. 802 7. References 804 7.1. Normative References 806 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 807 Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/ 808 RFC2119, March 1997, 809 . 811 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 812 Schoenwaelder, Ed., "Structure of Management Information 813 Version 2 (SMIv2)", STD 58, RFC 2578, DOI 10.17487/ 814 RFC2578, April 1999, 815 . 817 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 818 Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD 819 58, RFC 2579, DOI 10.17487/RFC2579, April 1999, 820 . 822 [RFC2580] McCloghrie, K., Ed., Perkins, D., Ed., and J. 823 Schoenwaelder, Ed., "Conformance Statements for SMIv2", 824 STD 58, RFC 2580, DOI 10.17487/RFC2580, April 1999, 825 . 827 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group 828 MIB", RFC 2863, DOI 10.17487/RFC2863, June 2000, 829 . 831 [RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security Model 832 (USM) for version 3 of the Simple Network Management 833 Protocol (SNMPv3)", STD 62, RFC 3414, DOI 10.17487/ 834 RFC3414, December 2002, 835 . 837 [RFC3812] Srinivasan, C., Viswanathan, A., and T. Nadeau, 838 "Multiprotocol Label Switching (MPLS) Traffic Engineering 839 (TE) Management Information Base (MIB)", RFC 3812, DOI 840 10.17487/RFC3812, June 2004, 841 . 843 [RFC3826] Blumenthal, U., Maino, F., and K. McCloghrie, "The 844 Advanced Encryption Standard (AES) Cipher Algorithm in the 845 SNMP User-based Security Model", RFC 3826, DOI 10.17487/ 846 RFC3826, June 2004, 847 . 849 [RFC4087] Thaler, D., "IP Tunnel MIB", RFC 4087, DOI 10.17487/ 850 RFC4087, June 2005, 851 . 853 [RFC4875] Aggarwal, R., Ed., Papadimitriou, D., Ed., and S. 854 Yasukawa, Ed., "Extensions to Resource Reservation 855 Protocol - Traffic Engineering (RSVP-TE) for Point-to- 856 Multipoint TE Label Switched Paths (LSPs)", RFC 4875, DOI 857 10.17487/RFC4875, May 2007, 858 . 860 [RFC5591] Harrington, D. and W. Hardaker, "Transport Security Model 861 for the Simple Network Management Protocol (SNMP)", STD 862 78, RFC 5591, DOI 10.17487/RFC5591, June 2009, 863 . 865 [RFC5592] Harrington, D., Salowey, J., and W. Hardaker, "Secure 866 Shell Transport Model for the Simple Network Management 867 Protocol (SNMP)", RFC 5592, DOI 10.17487/RFC5592, June 868 2009, . 870 [RFC6353] Hardaker, W., "Transport Layer Security (TLS) Transport 871 Model for the Simple Network Management Protocol (SNMP)", 872 STD 78, RFC 6353, DOI 10.17487/RFC6353, July 2011, 873 . 875 [RFC6388] Wijnands, IJ., Ed., Minei, I., Ed., Kompella, K., and B. 876 Thomas, "Label Distribution Protocol Extensions for Point- 877 to-Multipoint and Multipoint-to-Multipoint Label Switched 878 Paths", RFC 6388, DOI 10.17487/RFC6388, November 2011, 879 . 881 [RFC6513] Rosen, E., Ed. and R. Aggarwal, Ed., "Multicast in MPLS/ 882 BGP IP VPNs", RFC 6513, DOI 10.17487/RFC6513, February 883 2012, . 885 [RFC6514] Aggarwal, R., Rosen, E., Morin, T., and Y. Rekhter, "BGP 886 Encodings and Procedures for Multicast in MPLS/BGP IP 887 VPNs", RFC 6514, DOI 10.17487/RFC6514, February 2012, 888 . 890 [RFC7117] Aggarwal, R., Ed., Kamite, Y., Fang, L., Rekhter, Y., and 891 C. Kodeboniya, "Multicast in Virtual Private LAN Service 892 (VPLS)", RFC 7117, DOI 10.17487/RFC7117, February 2014, 893 . 895 7.2. Informative References 897 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 898 "Introduction and Applicability Statements for Internet- 899 Standard Management Framework", RFC 3410, DOI 10.17487/ 900 RFC3410, December 2002, 901 . 903 [RFC4601] Fenner, B., Handley, M., Holbrook, H., and I. Kouvelas, 904 "Protocol Independent Multicast - Sparse Mode (PIM-SM): 905 Protocol Specification (Revised)", RFC 4601, DOI 10.17487/ 906 RFC4601, August 2006, 907 . 909 [RFC5015] Handley, M., Kouvelas, I., Speakman, T., and L. Vicisano, 910 "Bidirectional Protocol Independent Multicast (BIDIR- 911 PIM)", RFC 5015, DOI 10.17487/RFC5015, October 2007, 912 . 914 Authors' Addresses 916 Zhaohui (Jeffrey) Zhang 917 Juniper Networks, Inc. 918 10 Technology Park Drive 919 Westford, MA 01886 920 USA 922 Email: zzhang@juniper.net 924 Hiroshi Tsunoda 925 Tohoku Institute of Technology 926 35-1, Yagiyama Kasumi-cho 927 Taihaku-ku, Sendai 982-8577 928 Japan 930 Phone: +81-22-305-3411 931 Email: tsuno@m.ieice.org