idnits 2.17.1 draft-ietf-bess-l2l3-vpn-mcast-mib-10.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document date (August 27, 2017) is 2434 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC5015' is mentioned on line 263, but not defined == Missing Reference: 'RFC3811' is mentioned on line 399, but not defined == Missing Reference: 'RFCXXXX' is mentioned on line 403, but not defined == Missing Reference: 'RFC7902' is mentioned on line 559, but not defined == Unused Reference: 'RFC4087' is defined on line 838, but no explicit reference was found in the text == Unused Reference: 'RFC7385' is defined on line 884, but no explicit reference was found in the text Summary: 0 errors (**), 0 flaws (~~), 8 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group Z. Zhang 3 Internet-Draft Juniper Networks, Inc. 4 Intended status: Standards Track H. Tsunoda 5 Expires: February 28, 2018 Tohoku Institute of Technology 6 August 27, 2017 8 L2L3 VPN Multicast MIB 9 draft-ietf-bess-l2l3-vpn-mcast-mib-10 11 Abstract 13 This memo defines a portion of the Management Information Base (MIB) 14 for use with network management protocols in the Internet community. 15 In particular, it describes two MIB modules which will be used by 16 other MIB modules for monitoring and/or configuring Layer 2 and Layer 17 3 Virtual Private Networks that support multicast. 19 Status of This Memo 21 This Internet-Draft is submitted in full conformance with the 22 provisions of BCP 78 and BCP 79. 24 Internet-Drafts are working documents of the Internet Engineering 25 Task Force (IETF). Note that other groups may also distribute 26 working documents as Internet-Drafts. The list of current Internet- 27 Drafts is at http://datatracker.ietf.org/drafts/current/. 29 Internet-Drafts are draft documents valid for a maximum of six months 30 and may be updated, replaced, or obsoleted by other documents at any 31 time. It is inappropriate to use Internet-Drafts as reference 32 material or to cite them other than as "work in progress." 34 This Internet-Draft will expire on February 28, 2018. 36 Copyright Notice 38 Copyright (c) 2017 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (http://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Table of Contents 53 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 54 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 55 2. The Internet-Standard Management Framework . . . . . . . . . 4 56 3. Summary of MIB Modules . . . . . . . . . . . . . . . . . . . 4 57 4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 4 58 4.1. L2L3-VPN-MCAST-TC-MIB Object Definitions . . . . . . . . 5 59 4.2. L2L3-VPN-MCAST-MIB Object Definitions . . . . . . . . . . 9 60 5. Security Considerations . . . . . . . . . . . . . . . . . . . 16 61 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17 62 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 17 63 7.1. Normative References . . . . . . . . . . . . . . . . . . 17 64 7.2. Informative References . . . . . . . . . . . . . . . . . 20 65 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 20 67 1. Introduction 69 In BGP/MPLS Virtual Private Networks (VPN), Border Gateway Protocol 70 (BGP) is used for distributing routes and MultiProtocol Label 71 Switching (MPLS) is used for forwarding packets accross service 72 provider networks. 74 The procedures for supporting multicast in BGP/MPLS Layer 3 (L3) VPN 75 are specified in [RFC6513]. The procedures for supporting multicast 76 in BGP/MPLS Layer 2 (L2) VPN are specified in [RFC7117]. Throughout 77 this document, we will use the term "L2L3VpnMCast" to mean BGP/MPLS 78 L2 and L3 VPN that support multicast. 80 This document describes textual conventions (TCs) and common managed 81 objects (MOs) which will be used by other Management Information Base 82 (MIB) modules for monitoring and/or configuring L2L3VpnMCast. 84 L2L3VpnMCast can be achieved by using various kinds of transport 85 mechanisms for forwarding a packet to all or a subset of Provider 86 Edge routers (PEs) across service provider networks. Such transport 87 mechanisms are referred to as provider tunnels (P-tunnels). TCs and 88 MOs defined in this document will be used by other MIB modules for 89 monitoring and/or configuring both L2 and L3 VPNs that support 90 multicast. 92 There are two types of signaling mechanisms of P-tunnel choice: BGP- 93 based and UDP-based [RFC6513]. BGP-based mechanisms for Virtual 94 Private LAN Service and Multicast VPN are described in [RFC7117] and 96 [RFC6513], respectively. In [RFC6513], a UDP-based signaling 97 mechanism is also specified. 99 A BGP attribute that specifies information of a P-tunnel is called 100 Provider Multicast Service Interface (PMSI) tunnel attribute. The 101 PMSI tunnel attribute is advertised/received by PEs in BGP auto- 102 discovery (A-D) routes. [RFC6514] defines the format of a PMSI 103 tunnel attribute. 105 This document defines two TCs to represent 107 (a) the tunnel type of a P-tunnel and 108 (b) the identifier of a P-tunnel 110 respectively. 112 This document also describes common MOs that provide the information 113 in a PMSI tunnel attribute and corresponding tunnel information to 114 other MIB modules. 116 1.1. Terminology 118 This document adopts the definitions, acronyms and mechanisms 119 described in [RFC6513] [RFC6514] [RFC7117] and other documents that 120 they refer to. Familiarity with Multicast, MPLS, Layer 3 VPN, 121 Multicast VPN concepts and/or mechanisms is assumed. Some terms 122 specifically related to this document are explained below. 124 "Provider Multicast Service Interface (PMSI)" [RFC6513] is a 125 conceptual interface instantiated by a P-tunnel, a transport 126 mechanism used to deliver multicast traffic. A PE uses it to send 127 customer multicast traffic to all or some PEs in the same VPN. 129 There are two kinds of PMSIs: "Inclusive PMSI (I-PMSI)" and 130 "Selective PMSI (S-PMSI)" [RFC6513]. An I-PMSI is a PMSI that 131 enables a PE attached to a particular Multicast VPN to transmit a 132 message to all PEs in the same VPN. An S-PMSI is a PMSI that enables 133 a PE attached to a particular Multicast VPN to transmit a message to 134 some of the PEs in the same VPN. 136 Throughout this document, we will use the term "PMSI" to refer both 137 "I-PMSI" and "S-PMSI." 139 The key words "MUST", "SHOULD", "RECOMMENDED", and "MAY" in this 140 document are to be interpreted as described in [RFC2119]. 142 2. The Internet-Standard Management Framework 144 For a detailed overview of the documents that describe the current 145 Internet-Standard Management Framework, please refer to section 7 of 146 RFC 3410 [RFC3410]. 148 Managed objects are accessed via a virtual information store, termed 149 the Management Information Base or MIB. MIB objects are generally 150 accessed through the Simple Network Management Protocol (SNMP). 151 Objects in the MIB are defined using the mechanisms defined in the 152 Structure of Management Information (SMI). This memo specifies a MIB 153 module that is compliant to the SMIv2, which is described in STD 58, 154 RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 155 [RFC2580]. 157 3. Summary of MIB Modules 159 This document defines two MIB modules: L2L3-VPN-MCAST-TC-MIB and 160 L2L3-VPN-MCAST-MIB. 162 o L2L3-VPN-MCAST-TC-MIB contains two Textual Conventions: 163 L2L3VpnMcastProviderTunnelType and L2L3VpnMcastProviderTunnelId. 164 L2L3VpnMcastProviderTunnelType provides an enumeration of the 165 P-tunnel types. L2L3VpnMcastProviderTunnelId represents an 166 identifier of a P-tunnel. 168 o L2L3-VPN-MCAST-MIB defines a table 169 l2L3VpnMcastPmsiTunnelAttributeTable. An entry in this table 170 corresponds to the attribute information of a specific P-tunnel on 171 a PE router. Entries in this table will be used by other MIB 172 modules for monitoring and/or configuring L2L3VpnMCast. The table 173 index uniquely identifies a tunnel. It is composed of a tunnel 174 type and a tunnel indentifier. The table may also be used in 175 conjunction with other MIBs, such as MPLS Traffic Engineering MIB 176 (MPLS-TE-STD-MIB) [RFC3812], to obtain further information of a 177 tunnel by following the row pointer of the corresponding tunnel's 178 row in this table. It may also be used in conjunction with 179 Interfaces Group MIB (IF-MIB) [RFC2863] to obtain further 180 information of the interface corresponding to the tunnel by 181 following the row pointer of the corresponding tunnel's row in 182 this table. 184 4. Definitions 185 4.1. L2L3-VPN-MCAST-TC-MIB Object Definitions 187 L2L3-VPN-MCAST-TC-MIB DEFINITIONS ::= BEGIN 189 IMPORTS 190 MODULE-IDENTITY, mib-2 191 FROM SNMPv2-SMI -- [RFC2578] 193 TEXTUAL-CONVENTION 194 FROM SNMPv2-TC; -- [RFC2579] 196 l2L3VpnMcastTCMIB MODULE-IDENTITY 197 LAST-UPDATED "201708211200Z" -- 21th August, 2017 198 ORGANIZATION "IETF BESS Working Group." 199 CONTACT-INFO 200 " Zhaohui Zhang 201 Juniper Networks, Inc. 202 10 Technology Park Drive 203 Westford, MA 01886 204 USA 205 Email: zzhang@juniper.net 207 Hiroshi Tsunoda 208 Tohoku Institute of Technology 209 35-1, Yagiyama Kasumi-cho 210 Taihaku-ku, Sendai, 982-8577 211 Japan 212 Email: tsuno@m.ieice.org 214 Comments and discussion to bess@ietf.org 215 " 216 DESCRIPTION 217 "This MIB module specifies textual conventions for 218 Border Gateway Protocol/MultiProtocol Label 219 Switching Layer 2 and Layer 3 Virtual Private Network 220 that support multicast (L2L3VpnMCast). 222 Copyright (C) The Internet Society (2017). 223 " 225 -- Revision history. 227 REVISION "201708211200Z" -- 21th August, 2017 228 DESCRIPTION 229 "Initial version, published as RFC XXXX." 231 -- RFC Ed.: replace XXXX with actual RFC number and remove this note 232 ::= { mib-2 AAAA } 234 -- IANA Reg.: Please assign a value for "AAAA" under the 235 -- 'mib-2' subtree and record the assignment in the SMI 236 -- Numbers registry. 238 -- RFC Ed.: When the above assignment has been made, please 239 -- remove the above note 240 -- replace "AAAA" here with the assigned value and 241 -- remove this note. 243 -- Textual convention 245 L2L3VpnMcastProviderTunnelType ::= TEXTUAL-CONVENTION 246 STATUS current 247 DESCRIPTION 248 "This textual convention enumerates values 249 representing the type of a provider tunnel (P-tunnel) 250 used for L2L3VpnMCast. 251 These labeled numbers are aligned with the definition 252 of Tunnel types in Section 5 of [RFC6514] and 253 Section 14.1 of [RFC7524]. 255 The enumerated values and the corresponding tunnel type 256 are as follows: 258 noTunnelInfo (0) : no tunnel information present 259 rsvpP2mp (1) : RSVP-TE P2MP LSP [RFC4875] 260 ldpP2mp (2) : mLDP P2MP LSP [RFC6388] 261 pimSsm (3) : PIM-SSM Tree [RFC7761] 262 pimAsm (4) : PIM-SM Tree [RFC7761] 263 pimBidir (5) : BIDIR-PIM Tree [RFC5015] 264 ingressReplication (6) : Ingress Replication [RFC6513] 265 ldpMp2mp (7) : mLDP MP2MP LSP [RFC6388] 266 transportTunnel (8) : Transport Tunnel [RFC7524] 268 These numbers are registered at IANA. 269 A current list of assignments can be found at 270 . 272 " 273 REFERENCE 274 "RFC4875 275 RFC6388 276 RFC6513 277 RFC6514, Section 5 278 RFC7385 279 RFC7524, Section 14.1 280 RFC7761 281 " 282 SYNTAX INTEGER 283 { 284 noTunnelInfo (0), 285 rsvpP2mp (1), 286 ldpP2mp (2), 287 pimSsm (3), 288 pimAsm (4), 289 pimBidir (5), 290 ingressReplication (6), 291 ldpMp2mp (7), 292 transportTunnel (8) 293 } 295 L2L3VpnMcastProviderTunnelId ::= TEXTUAL-CONVENTION 296 STATUS current 297 DESCRIPTION 298 "This textual convention represents the tunnel identifier 299 of a P-tunnel. 301 The size of the identifier depends on the address family 302 (IPv4 or IPv6) and the value of the corresponding 303 L2L3VpnMcastProviderTunnelType object. 305 The corresponding L2L3VpnMcastProviderTunnelType object 306 represents the type of the tunneling technology used 307 to establish the P-tunnel. 309 The size of the identifier for each tunneling technology 310 is summarized below. 312 L2L3VpnMcastProviderTunnelType Size (in octets) 313 (tunneling technology) IPv4 IPv6 314 ----------------------------------------------------------- 315 noTunnelInfo (No tunnel information) 0 0 316 rsvpP2mp (RSVP-TE P2MP LSP) 12 24 317 ldpP2mp (mLDP P2MP LSP) 17 29 318 pimSsm (PIM-SSM Tree) 8 32 319 pimAsm (PIM-SM Tree) 8 32 320 pimBidir (BIDIR-PIM Tree) 8 32 321 ingressReplication (Ingress Replication) 4 16 322 ldpMp2mp (mLDP MP2MP LSP) 17 29 323 transportTunnel (Transport Tunnel) 8 32 325 A L2L3VpnMcastProviderTunnelType object of value 326 noTunnelInfo(0) indicates that the corresponding 327 Provider Multicast Service Interface (PMSI) Tunnel 328 attribute does not have a Tunnel Identifier. 329 The value of the corresponding L2L3VpnMcastProviderTunnelId 330 object will be a string of length zero. 332 When the L2L3VpnMcastProviderTunnelType object is of value 333 rsvpP2mp(1), the corresponding Tunnel Identifier is composed of 334 Extended Tunnel ID (4 octets in IPv4, 16 octets in IPv6), 335 Reserved (2 octets), Tunnel ID (2 octets), and 336 P2MP ID (4 octets). 337 The size of the corresponding L2L3VpnMcastProviderTunnelId 338 object will be 12 octets in IPv4 and 24 octets in IPv6. 340 When the L2L3VpnMcastProviderTunnelType object is of value 341 ldpP2mp(2), the corresponding Tunnel Identifier is P2MP 342 Forwarding Equivalence Class (FEC) Element [RFC6388]. 343 The size of the corresponding L2L3VpnMcastProviderTunnelId 344 object will be 17 octets in IPv4 and 29 octets in IPv6 346 When the L2L3VpnMcastProviderTunnelType object is of value 347 pimSsm(3), PimAsm(4), or PimBidir(5), the corresponding 348 Tunnel Identifier is composed of the source IP address 349 and the group IP address. 350 The size of the corresponding L2L3VpnMcastProviderTunnelId 351 object will be 8 octets in IPv4 and 32 octets in IPv6. 353 When the L2L3VpnMcastProviderTunnelType object is of value 354 ingressReplication(6), the Tunnel Identifier is 355 the unicast tunnel endpoint IP address of the local PE. 356 The size of the corresponding L2L3VpnMcastProviderTunnelId 357 object will be 4 octets in IPv4 and 16 octets in IPv6. 359 When the L2L3VpnMcastProviderTunnelType object is of value 360 ldpMp2mp(7), the Tunnel Identifier is MP2MP FEC Element 361 [RFC6388]. 362 The size of the corresponding L2L3VpnMcastProviderTunnelId 363 object will be 17 octets in IPv4 and 29 octets in IPv6. 365 When the L2L3VpnMcastProviderTunnelType object is of value 366 transportTunnel(8), the Tunnel Identifier is a tuple of 367 Source PE Address and Local Number, which is a number 368 that is unique to the Source PE [RFC7524]. 369 Both Source PE Address and Local Number are 4 octets in IPv4 370 and 16 octets in IPv6. 371 The size of the corresponding L2L3VpnMcastProviderTunnelId 372 object will be 8 octets in IPv4 and 32 octets in IPv6. 373 " 374 REFERENCE 375 "RFC6514, Section 5 376 RFC4875, Section 19.1 377 RFC6388, Section 2.2 and 3.2 378 RFC7524, Section 14.1 379 " 380 SYNTAX OCTET STRING ( SIZE (0|4|8|12|16|17|24|29|32) ) 382 END 384 4.2. L2L3-VPN-MCAST-MIB Object Definitions 386 L2L3-VPN-MCAST-MIB DEFINITIONS ::= BEGIN 388 IMPORTS 389 MODULE-IDENTITY, OBJECT-TYPE, mib-2, zeroDotZero 390 FROM SNMPv2-SMI -- [RFC2578] 392 MODULE-COMPLIANCE, OBJECT-GROUP 393 FROM SNMPv2-CONF -- [RFC2580] 395 RowPointer 396 FROM SNMPv2-TC -- [RFC2579] 398 MplsLabel 399 FROM MPLS-TC-STD-MIB -- [RFC3811] 401 L2L3VpnMcastProviderTunnelType, 402 L2L3VpnMcastProviderTunnelId 403 FROM L2L3-VPN-MCAST-TC-MIB; -- [RFCXXXX] 405 -- RFC Ed.: replace XXXX with actual RFC number and remove this note 407 l2L3VpnMcastMIB MODULE-IDENTITY 408 LAST-UPDATED "201708211200Z" -- 21th August, 2017 409 ORGANIZATION "IETF BESS Working Group." 410 CONTACT-INFO 411 " Zhaohui Zhang 412 Juniper Networks, Inc. 413 10 Technology Park Drive 414 Westford, MA 01886 415 USA 416 Email: zzhang@juniper.net 418 Hiroshi Tsunoda 419 Tohoku Institute of Technology 420 35-1, Yagiyama Kasumi-cho 421 Taihaku-ku, Sendai, 982-8577 422 Japan 423 Email: tsuno@m.ieice.org 424 Comments and discussion to bess@ietf.org 425 " 426 DESCRIPTION 427 "This MIB module defines a table representing the attribute 428 information of P-tunnels on a PE router. 429 This MIB module will be used by other MIB modules designed for 430 monitoring and/or configuring Border Gateway 431 Protocol/MultiProtocol Label Switching 432 Layer 2 and Layer 3 Virtual Private 433 Network that support multicast (L2L3VpnMCast). 434 Copyright (C) The Internet Society (2017). 435 " 436 -- Revision history. 438 REVISION "201708211200Z" -- 21th August, 2017 439 DESCRIPTION 440 "Initial version, published as RFC XXXX." 442 -- RFC Ed.: replace XXXX with actual RFC number and remove this note 444 ::= { mib-2 BBBB } 446 -- IANA Reg.: Please assign a value for "BBBB" under the 447 -- 'mib-2' subtree and record the assignment in the SMI 448 -- Numbers registry. 450 -- RFC Ed.: When the above assignment has been made, please 451 -- remove the above note 452 -- replace "BBBB" here with the assigned value and 453 -- remove this note. 455 -- Top level components of this MIB. 456 l2L3VpnMcastStates OBJECT IDENTIFIER 457 ::= { l2L3VpnMcastMIB 1 } 458 l2L3VpnMcastConformance OBJECT IDENTIFIER 459 ::= { l2L3VpnMcastMIB 2 } 461 -- tables, scalars, conformance information 462 -- Table of PMSI Tunnel Attributes 464 l2L3VpnMcastPmsiTunnelAttributeTable OBJECT-TYPE 465 SYNTAX SEQUENCE OF L2L3VpnMcastPmsiTunnelAttributeEntry 466 MAX-ACCESS not-accessible 467 STATUS current 468 DESCRIPTION 469 "An entry in this table corresponds to 470 the attribute information of a specific 471 P-tunnel on a PE router. 473 A part of attributes correspond to fields in 474 a Provider Multicast Service Interface (PMSI) Tunnel 475 attribute advertised and received by a PE router. 476 The entries will be referred to by other MIB modules 477 for monitoring and/or configuring L2L3VpnMCast. 478 " 479 REFERENCE 480 "RFC6514, Section 5" 481 ::= { l2L3VpnMcastStates 1 } 483 l2L3VpnMcastPmsiTunnelAttributeEntry OBJECT-TYPE 484 SYNTAX L2L3VpnMcastPmsiTunnelAttributeEntry 485 MAX-ACCESS not-accessible 486 STATUS current 487 DESCRIPTION 488 "A conceptual row corresponding to a specific 489 P-tunnel on this router. 490 " 491 REFERENCE 492 "RFC6514, Section 5" 493 INDEX { 494 l2L3VpnMcastPmsiTunnelAttributeType, 495 l2L3VpnMcastPmsiTunnelAttributeId 496 } 497 ::= { l2L3VpnMcastPmsiTunnelAttributeTable 1 } 499 L2L3VpnMcastPmsiTunnelAttributeEntry ::= 500 SEQUENCE { 501 l2L3VpnMcastPmsiTunnelAttributeFlags 502 OCTET STRING, 503 l2L3VpnMcastPmsiTunnelAttributeAddlFlags 504 OCTET STRING, 505 l2L3VpnMcastPmsiTunnelAttributeType 506 L2L3VpnMcastProviderTunnelType, 507 l2L3VpnMcastPmsiTunnelAttributeLabel 508 MplsLabel, 509 l2L3VpnMcastPmsiTunnelAttributeId 510 L2L3VpnMcastProviderTunnelId, 511 l2L3VpnMcastPmsiTunnelPointer 512 RowPointer, 513 l2L3VpnMcastPmsiTunnelIf 514 RowPointer 515 } 517 l2L3VpnMcastPmsiTunnelAttributeFlags OBJECT-TYPE 518 SYNTAX OCTET STRING (SIZE (1)) 519 MAX-ACCESS read-only 520 STATUS current 521 DESCRIPTION 522 "This object represents the Flags field in the PMSI Tunnel 523 attribute. The Flags field has the following format. 525 0 1 2 3 4 5 6 7 526 +-+-+-+-+-+-+-+-+ 527 |U|E| U |L| 528 +-+-+-+-+-+-+-+-+ 530 E: Extension flag [RFC7902] 531 U: Unassigned 532 L: Leaf Information Required flag [RFC6514] 534 When BGP-based PMSI signaling is used, the value of 535 this object corresponds to the Flags field in 536 an advertised/received PMSI auto-discovery (A-D) route. 538 When UDP-based S-PMSI signaling is used, the value of 539 this object is zero. 541 These flags are registered at IANA. 542 A current list of assignments can be found at 543 . 545 " 546 REFERENCE 547 "RFC6514, Section 5 548 RFC7902 549 " 550 ::= { l2L3VpnMcastPmsiTunnelAttributeEntry 1 } 552 l2L3VpnMcastPmsiTunnelAttributeAddlFlags OBJECT-TYPE 553 SYNTAX OCTET STRING (SIZE (6)) 554 MAX-ACCESS read-only 555 STATUS current 556 DESCRIPTION 557 "This object represents BGP Additional PMSI 558 Tunnel Attribute Flags Extended Community 559 defined in [RFC7902]. 561 Additional PMSI Tunnel Attribute Flags is 562 48 one-bit Flags and has the following format. 564 0 1 2 565 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 566 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 567 | | | | 568 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 569 3 4 570 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 571 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 572 | | | | 573 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 575 When BGP-based PMSI signaling is used, and the 576 Extension flag of l2L3VpnMcastPmsiTunnelAttributeFlags 577 object is set, the value of this object corresponds to 578 the value of Additional PMSI Tunnel Attribute Flags 579 Extended Community in an advertised/received PMSI 580 auto-discovery (A-D) route. 582 When UDP-based S-PMSI signaling is used, the value of 583 this object is zero. 585 These flags are registered at IANA. 586 A current list of assignments can be found at 587 . 590 " 591 REFERENCE 592 "RFC6514, Section 5 593 RFC7902 594 " 595 ::= { l2L3VpnMcastPmsiTunnelAttributeEntry 2 } 597 l2L3VpnMcastPmsiTunnelAttributeType OBJECT-TYPE 598 SYNTAX L2L3VpnMcastProviderTunnelType 599 MAX-ACCESS not-accessible 600 STATUS current 601 DESCRIPTION 602 "The Tunnel Type field that identifies 603 the type of the tunneling technology used to 604 establish the provider tunnel (P-tunnel), in a 605 PMSI Tunnel attribute. 607 When BGP-based PMSI signaling is used, the value of 608 this object corresponds to the Tunnel Type field in 609 an advertised/received PMSI auto-discovery (A-D) route. 611 When UDP-based S-PMSI signaling is used, the value of 612 this object will be one of pimAsm (3), pimSsm (4), or 613 pimBidir (5). 614 " 615 REFERENCE 616 "RFC6514, Section 5" 618 ::= { l2L3VpnMcastPmsiTunnelAttributeEntry 3 } 620 l2L3VpnMcastPmsiTunnelAttributeLabel OBJECT-TYPE 621 SYNTAX MplsLabel 622 MAX-ACCESS read-only 623 STATUS current 624 DESCRIPTION 625 "The MPLS Label field in a PMSI Tunnel attribute. 627 When BGP-based PMSI signaling is used, the value of 628 this object corresponds to the MPLS Label field in 629 an advertised/received PMSI A-D route. 631 When UDP-based S-PMSI signaling is used, the value of 632 this object is zero that indicates the absence of MPLS 633 Label. 634 " 635 REFERENCE 636 "RFC6514, Section 5" 637 ::= { l2L3VpnMcastPmsiTunnelAttributeEntry 4 } 639 l2L3VpnMcastPmsiTunnelAttributeId OBJECT-TYPE 640 SYNTAX L2L3VpnMcastProviderTunnelId 641 MAX-ACCESS not-accessible 642 STATUS current 643 DESCRIPTION 644 "The Tunnel Identifier field that uniquely 645 identifies a tunnel, in a PMSI Tunnel attribute. 646 The size of the identifier depends on the address family 647 (IPv4 or IPv6) and the value of the corresponding 648 l2L3VpnMcastPmsiTunnelAttributeType object i.e., the type of 649 the tunneling technology used to establish the provider 650 tunnel. 651 " 652 REFERENCE 653 "RFC6514, Section 5" 654 ::= { l2L3VpnMcastPmsiTunnelAttributeEntry 5 } 656 l2L3VpnMcastPmsiTunnelPointer OBJECT-TYPE 657 SYNTAX RowPointer 658 MAX-ACCESS read-only 659 STATUS current 660 DESCRIPTION 661 "The tunnel identified by l2L3VpnMcastPmsiTunnelAttributeId 662 may be represented as an entry in some other table, e.g., 663 mplsTunnelTable [RFC3812]. This object specifies 664 the pointer to the row pertaining to the entry. 666 If such an entry does not exist, the value of this object 667 MUST be zeroDotZero. 668 " 669 DEFVAL { zeroDotZero } 670 ::= { l2L3VpnMcastPmsiTunnelAttributeEntry 6 } 672 l2L3VpnMcastPmsiTunnelIf OBJECT-TYPE 673 SYNTAX RowPointer 674 MAX-ACCESS read-only 675 STATUS current 676 DESCRIPTION 677 "If the tunnel identified by l2L3VpnMcastPmsiTunnelAttributeId 678 has a corresponding entry in the ifXTable [RFC2863], 679 this object will point to the row pertaining to the entry 680 in the ifXTable. Otherwise, this object MUST be set to 681 zeroDotZero." 682 DEFVAL { zeroDotZero } 683 ::= { l2L3VpnMcastPmsiTunnelAttributeEntry 7 } 685 -- Conformance Information 687 l2L3VpnMcastCompliances OBJECT IDENTIFIER 688 ::= { l2L3VpnMcastConformance 1 } 689 l2L3VpnMcastGroups OBJECT IDENTIFIER 690 ::= { l2L3VpnMcastConformance 2 } 692 -- Compliance Statements 694 l2L3VpnMcastCompliance MODULE-COMPLIANCE 695 STATUS current 696 DESCRIPTION 697 "The compliance statement for SNMP entities which implement 698 this L2L3-VPN-MCAST-MIB Module." 699 MODULE -- this module 701 MANDATORY-GROUPS { 702 l2L3VpnMcastPmsiFieldGroup 703 } 705 GROUP l2L3VpnMcastOptionalGroup 706 DESCRIPTION 707 "This group is optional." 708 ::= { l2L3VpnMcastCompliances 1 } 710 -- units of conformance 712 l2L3VpnMcastPmsiFieldGroup OBJECT-GROUP 713 OBJECTS { 714 l2L3VpnMcastPmsiTunnelAttributeFlags, 715 l2L3VpnMcastPmsiTunnelAttributeAddlFlags, 716 l2L3VpnMcastPmsiTunnelAttributeLabel 717 } 718 STATUS current 719 DESCRIPTION 720 "Support of these objects is required." 721 ::= { l2L3VpnMcastGroups 1 } 723 l2L3VpnMcastOptionalGroup OBJECT-GROUP 724 OBJECTS { 725 l2L3VpnMcastPmsiTunnelPointer, 726 l2L3VpnMcastPmsiTunnelIf 727 } 728 STATUS current 729 DESCRIPTION 730 "Support of these objects is optional." 731 ::= { l2L3VpnMcastGroups 2 } 733 END 735 5. Security Considerations 737 There are no management objects defined in these MIB modules that 738 have a MAX-ACCESS clause of read-write and/or read-create. So, if 739 this MIB module is implemented correctly, then there is no risk that 740 an intruder can alter or create any management objects of this MIB 741 module via direct SNMP SET operations. 743 Some of the readable objects in these MIB modules (i.e., objects with 744 a MAX-ACCESS other than not-accessible) may be considered sensitive 745 or vulnerable in some network environments. It is thus important to 746 control even GET and/or NOTIFY access to these objects and possibly 747 to even encrypt the values of these objects when sending them over 748 the network via SNMP. These are the tables and objects and their 749 sensitivity/vulnerability: 751 o the l2L3VpnMcastPmsiTunnelAttributeTable collectively shows the 752 P-tunnel network topology and its performance characteristics. 753 For instance, l2L3VpnMcastPmsiTunnelAttributeId in this table will 754 contain the identifier that uniquely identifies a created 755 P-tunnel. This identifier may be composed of source and multicast 756 group IP addresses. l2L3VpnMcastPmsiTunnelPointer and 757 l2L3VpnMcastPmsiTunnelIf will point to the corresponding entries 758 in other tables containing configuration and/or performance 759 information of a tunnel and an interface. If an Administrator 760 does not want to reveal this information, then these objects 761 should be considered sensitive/vulnerable. 763 SNMP versions prior to SNMPv3 did not include adequate security. 764 Even if the network itself is secure (for example by using IPsec), 765 there is no control as to who on the secure network is allowed to 766 access and GET/SET (read/change/create/delete) the objects in this 767 MIB module. 769 Implementations SHOULD provide the security features described by the 770 SNMPv3 framework (see [RFC3410]), and implementations claiming 771 compliance to the SNMPv3 standard MUST include full support for 772 authentication and privacy via the User-based Security Model (USM) 773 [RFC3414] with the AES cipher algorithm [RFC3826]. Implementations 774 MAY also provide support for the Transport Security Model (TSM) 775 [RFC5591] in combination with a secure transport such as SSH 776 [RFC5592] or TLS/DTLS [RFC6353]. 778 Further, deployment of SNMP versions prior to SNMPv3 is NOT 779 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 780 enable cryptographic security. It is then a customer/operator 781 responsibility to ensure that the SNMP entity giving access to an 782 instance of this MIB module is properly configured to give access to 783 the objects only to those principals (users) that have legitimate 784 rights to indeed GET or SET (change/create/delete) them. 786 6. IANA Considerations 788 IANA is requested to root MIB objects in the MIB module contained in 789 this document under the mib-2 subtree. 791 7. References 793 7.1. Normative References 795 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 796 Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/ 797 RFC2119, March 1997, . 800 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 801 Schoenwaelder, Ed., "Structure of Management Information 802 Version 2 (SMIv2)", STD 58, RFC 2578, DOI 10.17487/ 803 RFC2578, April 1999, . 806 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 807 Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD 808 58, RFC 2579, DOI 10.17487/RFC2579, April 1999, 809 . 811 [RFC2580] McCloghrie, K., Ed., Perkins, D., Ed., and J. 812 Schoenwaelder, Ed., "Conformance Statements for SMIv2", 813 STD 58, RFC 2580, DOI 10.17487/RFC2580, April 1999, 814 . 816 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group 817 MIB", RFC 2863, DOI 10.17487/RFC2863, June 2000, 818 . 820 [RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security Model 821 (USM) for version 3 of the Simple Network Management 822 Protocol (SNMPv3)", STD 62, RFC 3414, DOI 10.17487/ 823 RFC3414, December 2002, . 826 [RFC3812] Srinivasan, C., Viswanathan, A., and T. Nadeau, 827 "Multiprotocol Label Switching (MPLS) Traffic Engineering 828 (TE) Management Information Base (MIB)", RFC 3812, DOI 829 10.17487/RFC3812, June 2004, . 832 [RFC3826] Blumenthal, U., Maino, F., and K. McCloghrie, "The 833 Advanced Encryption Standard (AES) Cipher Algorithm in the 834 SNMP User-based Security Model", RFC 3826, DOI 10.17487/ 835 RFC3826, June 2004, . 838 [RFC4087] Thaler, D., "IP Tunnel MIB", RFC 4087, DOI 10.17487/ 839 RFC4087, June 2005, . 842 [RFC4875] Aggarwal, R., Ed., Papadimitriou, D., Ed., and S. 843 Yasukawa, Ed., "Extensions to Resource Reservation 844 Protocol - Traffic Engineering (RSVP-TE) for Point-to- 845 Multipoint TE Label Switched Paths (LSPs)", RFC 4875, DOI 846 10.17487/RFC4875, May 2007, . 849 [RFC5591] Harrington, D. and W. Hardaker, "Transport Security Model 850 for the Simple Network Management Protocol (SNMP)", STD 851 78, RFC 5591, DOI 10.17487/RFC5591, June 2009, 852 . 854 [RFC5592] Harrington, D., Salowey, J., and W. Hardaker, "Secure 855 Shell Transport Model for the Simple Network Management 856 Protocol (SNMP)", RFC 5592, DOI 10.17487/RFC5592, June 857 2009, . 859 [RFC6353] Hardaker, W., "Transport Layer Security (TLS) Transport 860 Model for the Simple Network Management Protocol (SNMP)", 861 STD 78, RFC 6353, DOI 10.17487/RFC6353, July 2011, 862 . 864 [RFC6388] Wijnands, IJ., Ed., Minei, I., Ed., Kompella, K., and B. 865 Thomas, "Label Distribution Protocol Extensions for Point- 866 to-Multipoint and Multipoint-to-Multipoint Label Switched 867 Paths", RFC 6388, DOI 10.17487/RFC6388, November 2011, 868 . 870 [RFC6513] Rosen, E., Ed. and R. Aggarwal, Ed., "Multicast in MPLS/ 871 BGP IP VPNs", RFC 6513, DOI 10.17487/RFC6513, February 872 2012, . 874 [RFC6514] Aggarwal, R., Rosen, E., Morin, T., and Y. Rekhter, "BGP 875 Encodings and Procedures for Multicast in MPLS/BGP IP 876 VPNs", RFC 6514, DOI 10.17487/RFC6514, February 2012, 877 . 879 [RFC7117] Aggarwal, R., Ed., Kamite, Y., Fang, L., Rekhter, Y., and 880 C. Kodeboniya, "Multicast in Virtual Private LAN Service 881 (VPLS)", RFC 7117, DOI 10.17487/RFC7117, February 2014, 882 . 884 [RFC7385] Andersson, L. and G. Swallow, "IANA Registry for 885 P-Multicast Service Interface (PMSI) Tunnel Type Code 886 Points", RFC 7385, DOI 10.17487/RFC7385, October 2014, 887 . 889 [RFC7524] Rekhter, Y., Rosen, E., Aggarwal, R., Morin, T., 890 Grosclaude, I., Leymann, N., and S. Saad, "Inter-Area 891 Point-to-Multipoint (P2MP) Segmented Label Switched Paths 892 (LSPs)", RFC 7524, DOI 10.17487/RFC7524, May 2015, 893 . 895 [RFC7761] Fenner, B., Handley, M., Holbrook, H., Kouvelas, I., 896 Parekh, R., Zhang, Z., and L. Zheng, "Protocol Independent 897 Multicast - Sparse Mode (PIM-SM): Protocol Specification 898 (Revised)", STD 83, RFC 7761, DOI 10.17487/RFC7761, March 899 2016, . 901 7.2. Informative References 903 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 904 "Introduction and Applicability Statements for Internet- 905 Standard Management Framework", RFC 3410, DOI 10.17487/ 906 RFC3410, December 2002, . 909 Authors' Addresses 911 Zhaohui (Jeffrey) Zhang 912 Juniper Networks, Inc. 913 10 Technology Park Drive 914 Westford, MA 01886 915 USA 917 Email: zzhang@juniper.net 919 Hiroshi Tsunoda 920 Tohoku Institute of Technology 921 35-1, Yagiyama Kasumi-cho 922 Taihaku-ku, Sendai 982-8577 923 Japan 925 Phone: +81-22-305-3411 926 Email: tsuno@m.ieice.org