idnits 2.17.1 draft-ietf-bess-mvpn-mib-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There is 1 instance of too long lines in the document, the longest one being 4 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but does not include the phrase in its RFC 2119 key words list. -- The document date (February 28, 2017) is 2614 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC2571' is mentioned on line 264, but not defined ** Obsolete undefined reference: RFC 2571 (Obsoleted by RFC 3411) == Missing Reference: 'RFC2851' is mentioned on line 267, but not defined ** Obsolete undefined reference: RFC 2851 (Obsoleted by RFC 3291) == Missing Reference: 'TBD' is mentioned on line 1483, but not defined == Outdated reference: A later version (-16) exists of draft-ietf-bess-l2l3-vpn-mcast-mib-06 Summary: 3 errors (**), 0 flaws (~~), 6 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group Z. Zhang, Ed. 3 Internet-Draft Juniper 4 Intended status: Standards Track S. Asif 5 Expires: September 1, 2017 AT&T 6 A. Green 7 BT 8 S. Gulranjani 9 Cisco 10 P. Jain 11 Alcatel-Lucent 12 H. Tsunoda, Ed. 13 Tohoku Institute of Technology 14 February 28, 2017 16 MPLS/BGP Layer 3 VPN Multicast Management Information Base 17 draft-ietf-bess-mvpn-mib-03 19 Abstract 21 This memo defines a portion of the Management Information Base (MIB) 22 for use with network management protocols in the Internet community. 23 In particular, it describes managed objects to configure and/or 24 monitor MVPN, Multicast in MultiProtocol Label Switching/Border 25 Gateway Protocol (MPLS/BGP) IP Virtual Private Networks (VPNs) on a 26 router. 28 Status of This Memo 30 This Internet-Draft is submitted in full conformance with the 31 provisions of BCP 78 and BCP 79. 33 Internet-Drafts are working documents of the Internet Engineering 34 Task Force (IETF). Note that other groups may also distribute 35 working documents as Internet-Drafts. The list of current Internet- 36 Drafts is at http://datatracker.ietf.org/drafts/current/. 38 Internet-Drafts are draft documents valid for a maximum of six months 39 and may be updated, replaced, or obsoleted by other documents at any 40 time. It is inappropriate to use Internet-Drafts as reference 41 material or to cite them other than as "work in progress." 43 This Internet-Draft will expire on September 1, 2017. 45 Copyright Notice 47 Copyright (c) 2017 IETF Trust and the persons identified as the 48 document authors. All rights reserved. 50 This document is subject to BCP 78 and the IETF Trust's Legal 51 Provisions Relating to IETF Documents 52 (http://trustee.ietf.org/license-info) in effect on the date of 53 publication of this document. Please review these documents 54 carefully, as they describe your rights and restrictions with respect 55 to this document. Code Components extracted from this document must 56 include Simplified BSD License text as described in Section 4.e of 57 the Trust Legal Provisions and are provided without warranty as 58 described in the Simplified BSD License. 60 Table of Contents 62 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 63 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 64 2. The Internet-Standard Management Framework . . . . . . . . . 3 65 3. MVPN MIB . . . . . . . . . . . . . . . . . . . . . . . . . . 4 66 3.1. Summary of MIB Module . . . . . . . . . . . . . . . . . . 4 67 3.2. MIB Module Definitions . . . . . . . . . . . . . . . . . 6 68 4. Security Considerations . . . . . . . . . . . . . . . . . . . 31 69 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32 70 6. Acknowledgement . . . . . . . . . . . . . . . . . . . . . . . 33 71 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 33 72 7.1. Normative References . . . . . . . . . . . . . . . . . . 33 73 7.2. Informative References . . . . . . . . . . . . . . . . . 34 74 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 35 76 1. Introduction 78 Multicast in MultiProtocol Label Switching/Border Gateway Protocol 79 (MPLS/BGP) IP Virtual Private Networks (VPNs) is specified in 80 [RFC6513], [RFC6514], and [RFC6625]. The term "Multicast VPN (MVPN)" 81 [RFC6513] refers to a BGP/MPLS Layer 3 (IP) VPN service that supports 82 multicast. 84 These specifications support either Protocol Independent Multicast 85 (PIM) or BGP as the protocol for exchanging VPN multicast state 86 (referred to as C-multicast states, where 'C-' stands for 'VPN 87 Customer-') among Provider Edge routers (PEs). In the rest of this 88 document we will use the term "PIM-MVPN" to refer to PIM being used 89 for exchanging C-multicast states, and "BGP-MVPN" to refer to BGP 90 being used for exchanging C-multicast states. 92 This document defines a Management Information Base (MIB) for MVPN- 93 specific objects that are generic to both PIM-MVPN and BGP-MVPN. 95 This document borrowed some text from Cisco PIM-MVPN MIB 96 [I-D.svaidya-mcast-vpn-mib]. For PIM-MVPN this document attempts to 97 provide coverage comparable to [I-D.svaidya-mcast-vpn-mib], but in a 98 generic way that applies to both PIM-MVPN and BGP-MVPN. 100 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 101 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 102 document are to be interpreted as described in [RFC2119]. 104 Comments should be made directly to the BESS WG at bess@ietf.org. 106 1.1. Terminology 108 This document adopts the definitions, acronyms and mechanisms 109 described in [RFC6513] and other documents that [RFC6513] refers to. 110 Familiarity with Multicast, MPLS, L3VPN, MVPN concepts and/or 111 mechanisms is assumed. Some terms specifically related to this 112 document are explained below. 114 The term "Multicast VPN (MVPN)" [RFC6513] refers to a BGP/MPLS L3 115 (IP) VPN service that supports multicast. 117 Interchangeably, the term Multicast Virtual Routing and Forwarding 118 table (MVRF) and MVPN are used to refer to a particular Multicast VPN 119 instantiation on a particular PE device. 121 "Provider Multicast Service Interface (PMSI)" [RFC6513] is a 122 conceptual interface instantiated by a Provider tunnel (P-tunnel), a 123 transport mechanism used to deliver multicast traffic. A PE uses to 124 send customer multicast traffic to all or some PEs in the same VPN. 126 There are two kinds of PMSI: "Inclusive PMSI (I-PMSI)" and "Selective 127 PMSI (S-PMSI)" [RFC6513]. An I-PMSI is a PMSI that enables a PE 128 attached to a particular MVPN to transmit a message to all PEs in the 129 same VPN. An S-PMSI is a PMSI that enables a PE attached to a 130 particular MVPN to transmit a message to some of the PEs in the same 131 VPN. 133 2. The Internet-Standard Management Framework 135 For a detailed overview of the documents that describe the current 136 Internet-Standard Management Framework, please refer to section 7 of 137 RFC 3410 [RFC3410]. 139 Managed objects are accessed via a virtual information store, termed 140 the Management Information Base or MIB. MIB objects are generally 141 accessed through the Simple Network Management Protocol (SNMP). 142 Objects in the MIB are defined using the mechanisms defined in the 143 Structure of Management Information (SMI). This memo specifies a MIB 144 module that is compliant to the SMIv2, which is described in STD 58, 145 RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 146 [RFC2580]. 148 3. MVPN MIB 150 This section gives the overview of the MVPN MIB. The MIB module aims 151 to provide configuring and/or monitoring of MVPNs on PE devices: the 152 whole multicast VPN machinery and the per-MVRFs information, 153 including the configuration, status and operational details, such as 154 different P-Multicast Service Interfaces (PMSIs) and the provider 155 tunnels implementing them. 157 3.1. Summary of MIB Module 159 The configuration and states specific to an MVPN include the 160 following: 162 o C-multicast routing exchange protocol (PIM or BGP) 164 o I-PMSI, S-PMSI and corresponding provider tunnels 166 o Mapping of C-multicast states to PMSI/tunnels 168 To represent them, the following tables are defined. The following 169 figure depicts relationships among tables defined in this document. 170 Each box in the figure represents a table defined in this document. 171 The label in each box corresponds to a table name. 173 +--------------+ 174 | MvpnBgp | 175 | GeneralTable | 176 +--------------+ +-------------------+ +-----------------+ 177 | MvpnGeneral | MvpnPmsiConfig | | MvpnSpmsiConfig | 178 | Table | -> | Table | <- | Table | 179 +--------------+ +-------------------+ +-----------------+ 181 +--------------+ +-------------------+ +-----------------+ 182 | MvpnIpmsi | -> | L2L3VpnMcastPmsi | <- | MvpnSpmsi | 183 | Table | | TunnelAttribute | | Table | 184 +--------------+ | Table | +-----------------+ 185 -> +-------------------+ 186 / ^ 187 / | 188 +--------------+ +-------------------+ 189 | MvpnInterAs | | MvpnMrouteTable | 190 | IpmsiTable | +-------------------+ 191 +--------------+ 193 o mvpnGeneralTable 195 An entry in this table is created for each MVRF in the device, for 196 general configuration/states of the MVRF, including Inclusive PMSI 197 (I-PMSI) configuration. 199 Existence of the corresponding VRF in [RFC4382] is necessary for a 200 row to exist in this table. 202 o mvpnBgpGeneralTable 204 This table augments mvpnGeneralTable and is for BGP-MVPN specific 205 information. 207 o mvpnSpmsiConfigTable 209 This table contains objects for Selective PMSI (S-PMSI) 210 configurations in an MVRF. 212 o mvpnPmsiConfigTable 214 Both I-PMSI configuration (in mvpnGeneralEntry) and S-PMSI 215 configuration (in mvpnSpmsiConfigEntry) refer to entries in this 216 table. 218 o mvpnIpmsiTable 219 This table contains all advertised and received intra-as I-PMSIs. 220 With PIM-MVPN, it is applicable only when BGP-Based Autodiscovery 221 of MVPN Membership is used. 223 o mvpnInterAsIpmsiTable 225 This table contains all advertised and received inter-as I-PMSIs. 226 With PIM-MVPN, it is applicable only when BGP-Based Autodiscovery 227 of MVPN Membership is used. 229 o mvpnSpmsiTable 231 This table contains all advertised or received S-PMSIs. 233 o l2l3VpnMcastPmsiTunnelAttributeTable 235 This table is defined separately in l2L3VpnMcastMIB 236 [I-D.ietf-bess-l2l3-vpn-mcast-mib], which is common for both VPLS 237 Multicast and MVPN. It contains sent/received PMSI attribute 238 entries referred to by mvpnIpmsiEntry, mvpnSpmsiEntry, 239 mvpnInterAsIpmsiEntry, and other MIB objects (e.g., VPLS Multicast 240 ones). 242 o mvpnMrouteTable 244 This table augments 245 ipMcastMIB.ipMcast.ipMcastRouteTable [RFC5132], for some MVPN 246 specific information. 248 3.2. MIB Module Definitions 250 MCAST-VPN-MIB DEFINITIONS ::= BEGIN 252 IMPORTS 253 MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, 254 Gauge32, Unsigned32, mib-2 -- [RFC2578] 255 FROM SNMPv2-SMI 257 MODULE-COMPLIANCE, OBJECT-GROUP 258 FROM SNMPv2-CONF -- [RFC2580] 260 TruthValue, RowPointer, RowStatus, TimeStamp, TimeInterval 261 FROM SNMPv2-TC -- [RFC2579] 263 SnmpAdminString 264 FROM SNMP-FRAMEWORK-MIB -- [RFC2571] 266 InetAddress, InetAddressType 267 FROM INET-ADDRESS-MIB -- [RFC2851] 269 mplsL3VpnVrfName, MplsL3VpnRouteDistinguisher 270 FROM MPLS-L3VPN-STD-MIB -- [RFC4382] 272 ipMcastRouteEntry 273 FROM IPMCAST-MIB -- [RFC5132] 275 L2L3VpnMcastProviderTunnelType 276 FROM L2L3-VPN-MCAST-MIB; 278 mvpnMIB MODULE-IDENTITY 279 LAST-UPDATED "201702281200Z" -- 28th February 2017 12:00:00 GMT 280 ORGANIZATION "IETF BESS Working Group." 281 CONTACT-INFO 282 " Zhaohui Zhang 283 Juniper Networks, Inc. 284 10 Technology Park Drive 285 Westford, MA 01886 286 USA 287 Email: zzhang@juniper.net 289 Saud Asif 290 AT&T 291 C5-3D30 200 South Laurel Avenue 292 Middletown, NJ 07748 293 USA 294 Email: sasif@att.com 296 Andy Green 297 BT Design 21CN Converged Core IP & Data 298 01473 629360 Adastral Park, Martlesham Heath, 299 Ipswich IP5 3RE 300 UK 301 Email: andy.da.green@bt.com 303 Sameer Gulrajani 304 Cisco Systems 305 Tasman Drive San Jose, CA 95134 306 USA 307 Email: sameerg@cisco.com 309 Pradeep G. Jain 310 Alcatel-Lucent Inc 311 701 E Middlefield road Mountain view, CA 94043 312 USA 313 Email: pradeep.jain@alcatel-lucent.com 314 Hiroshi Tsunoda 315 Tohoku Institute of Technology 316 35-1, Yagiyama Kasumi-cho 317 Taihaku-ku, Sendai, 982-8577 318 Japan 319 Email: tsuno@m.ieice.org 321 Comments and discussion to bess@ietf.org" 323 DESCRIPTION 324 "This MIB contains managed object definitions for 325 multicast in BGP/MPLS IP VPNs defined by [RFC6513]. 326 Copyright (C) The Internet Society (2016)." 328 -- Revision history. 330 REVISION "201702281200Z" -- 28th February, 2017 331 DESCRIPTION 332 "Initial version, published as RFC XXXX." 334 -- RFC Ed. replace XXXX with actual RFC number and remove this note 336 ::= { mib-2 YYYY } 338 -- IANA Reg.: Please assign a value for "YYYY" under the 339 -- 'mib-2' subtree and record the assignment in the SMI 340 -- Numbers registry. 342 -- RFC Ed.: When the above assignment has been made, please 343 -- remove the above note 344 -- replace "YYYY" here with the assigned value and 345 -- remove this note. 347 -- Top level components of this MIB. 348 mvpnNotifications OBJECT IDENTIFIER ::= { mvpnMIB 0 } 350 -- tables, scalars 351 mvpnObjects OBJECT IDENTIFIER ::= { mvpnMIB 1 } 353 -- conformance information 354 mvpnConformance OBJECT IDENTIFIER ::= { mvpnMIB 2 } 356 -- mvpn Objects 357 mvpnScalars OBJECT IDENTIFIER ::= { mvpnObjects 1 } 358 mvpnGeneral OBJECT IDENTIFIER ::= { mvpnObjects 2 } 359 mvpnConfig OBJECT IDENTIFIER ::= { mvpnObjects 3 } 360 mvpnStates OBJECT IDENTIFIER ::= { mvpnObjects 4 } 361 -- Scalar Objects 363 mvpnMvrfs OBJECT-TYPE 364 SYNTAX Gauge32 365 MAX-ACCESS read-only 366 STATUS current 367 DESCRIPTION 368 "The total number of MVRFs that are present on this device, 369 whether for IPv4, IPv6, or mLDP C-Multicast." 370 ::= { mvpnScalars 1 } 372 mvpnV4Mvrfs OBJECT-TYPE 373 SYNTAX Gauge32 374 MAX-ACCESS read-only 375 STATUS current 376 DESCRIPTION 377 "The number of MVRFs for IPv4 C-Multicast that are 378 present in this device." 379 ::= { mvpnScalars 2 } 381 mvpnV6Mvrfs OBJECT-TYPE 382 SYNTAX Gauge32 383 MAX-ACCESS read-only 384 STATUS current 385 DESCRIPTION 386 "The number of MVRFs for IPv6 C-Multicast that are 387 present in this device." 388 ::= { mvpnScalars 3 } 390 mvpnPimV4Mvrfs OBJECT-TYPE 391 SYNTAX Gauge32 392 MAX-ACCESS read-only 393 STATUS current 394 DESCRIPTION 395 "The number of PIM-MVPN MVRFs for IPv4 C-Multicast that are 396 present in this device." 397 ::= { mvpnScalars 4 } 399 mvpnPimV6Mvrfs OBJECT-TYPE 400 SYNTAX Gauge32 401 MAX-ACCESS read-only 402 STATUS current 403 DESCRIPTION 404 "The number of PIM-MVPN MVRFs for IPv6 C-Multicast that are 405 present in this device." 406 ::= { mvpnScalars 5 } 408 mvpnBgpV4Mvrfs OBJECT-TYPE 409 SYNTAX Gauge32 410 MAX-ACCESS read-only 411 STATUS current 412 DESCRIPTION 413 "The number of BGP-MVPN MVRFs for IPv4 C-Multicast that are 414 present in this device." 415 ::= { mvpnScalars 6 } 417 mvpnBgpV6Mvrfs OBJECT-TYPE 418 SYNTAX Gauge32 419 MAX-ACCESS read-only 420 STATUS current 421 DESCRIPTION 422 "The number of BGP-MVPN MVRFs for IPv6 C-Multicast that are 423 present in this device." 424 ::= { mvpnScalars 7 } 426 mvpnMldpMvrfs OBJECT-TYPE 427 SYNTAX Gauge32 428 MAX-ACCESS read-only 429 STATUS current 430 DESCRIPTION 431 "The number of BGP-MVPN MVRFs for mLDP C-Multicast that are 432 present in this device." 433 ::= { mvpnScalars 8 } 435 mvpnNotificationEnable OBJECT-TYPE 436 SYNTAX TruthValue 437 MAX-ACCESS read-write 438 STATUS current 439 DESCRIPTION 440 "If this object is TRUE, then the generation of all 441 notifications defined in this MIB is enabled." 442 DEFVAL { false } 443 ::= { mvpnScalars 9 } 445 -- General MVRF Information Table 447 mvpnGeneralTable OBJECT-TYPE 448 SYNTAX SEQUENCE OF MvpnGeneralEntry 449 MAX-ACCESS not-accessible 450 STATUS current 451 DESCRIPTION 452 "This table specifies the general information about the MVRFs 453 present in this device." 454 ::= { mvpnGeneral 1 } 456 mvpnGeneralEntry OBJECT-TYPE 457 SYNTAX MvpnGeneralEntry 458 MAX-ACCESS not-accessible 459 STATUS current 460 DESCRIPTION 461 "An entry in this table is created for each MVRF in the 462 device." 463 INDEX { mplsL3VpnVrfName, 464 mvpnGenAddressFamily } 465 ::= { mvpnGeneralTable 1 } 467 MvpnGeneralEntry ::= SEQUENCE { 468 mvpnGenAddressFamily INTEGER, 469 mvpnGenOperStatusChange INTEGER, 470 mvpnGenOperChangeTime TimeStamp, 471 mvpnGenCmcastRouteProtocol INTEGER, 472 mvpnGenIpmsiConfig RowPointer, 473 mvpnGenInterAsPmsiConfig RowPointer, 474 mvpnGenUmhSelection INTEGER, 475 mvpnGenSiteType INTEGER, 476 mvpnGenSptnlLimit Unsigned32, 477 mvpnGenRowStatus RowStatus 478 } 480 mvpnGenAddressFamily OBJECT-TYPE 481 SYNTAX INTEGER { ipv4(1), 482 ipv6(2) 483 } 484 MAX-ACCESS not-accessible 485 STATUS current 486 DESCRIPTION 487 "The Address Family that this entry is for" 488 ::= { mvpnGeneralEntry 1 } 490 mvpnGenOperStatusChange OBJECT-TYPE 491 SYNTAX INTEGER { createdMvrf(1), 492 deletedMvrf(2), 493 modifiedMvrfIpmsiConfig(3), 494 modifiedMvrfSpmsiConfig(4) 495 } 496 MAX-ACCESS read-only 497 STATUS current 498 DESCRIPTION 499 "This object describes the last operational change that 500 happened for the given MVRF. 502 createdMvrf - indicates that the MVRF was created in the 503 device. 505 deletedMvrf - indicates that the MVRF was deleted from the 506 device. A row in this table will never have 507 mvpnGenOperStatusChange equal to deletedMvrf(2), 508 because in that case the row itself will be deleted from the 509 table. This value for mvpnGenOperStatusChange is defined 510 mainly for use in mvpnMvrfChange notification. 512 modifiedMvrfIpmsiConfig - indicates that the I-PMSI 513 for the MVRF was configured, deleted or changed. 515 modifiedMvrfSpmsiConfig - indicates that the S-PMSI 516 for the MVRF was configured, deleted or changed." 517 DEFVAL { createdMvrf } 518 ::= { mvpnGeneralEntry 2 } 520 mvpnGenOperChangeTime OBJECT-TYPE 521 SYNTAX TimeStamp 522 MAX-ACCESS read-only 523 STATUS current 524 DESCRIPTION 525 "The time at which the last operational change for the MVRF in 526 question took place. The last operational change is specified 527 by mvpnGenOperStatusChange." 528 ::= { mvpnGeneralEntry 3 } 530 mvpnGenCmcastRouteProtocol OBJECT-TYPE 531 SYNTAX INTEGER { pim (1), 532 bgp (2) 533 } 534 MAX-ACCESS read-write 535 STATUS current 536 DESCRIPTION 537 "The protocol used to signal C-multicast states across the 538 provider core. 539 pim(1): PIM (PIM-MVPN). 540 bgp(2): BGP (BGP-MVPN)." 541 ::= { mvpnGeneralEntry 4 } 543 mvpnGenIpmsiConfig OBJECT-TYPE 544 SYNTAX RowPointer 545 MAX-ACCESS read-write 546 STATUS current 547 DESCRIPTION 548 "This points to a row in mvpnPmsiConfigTable, 549 for I-PMSI configuration." 550 ::= { mvpnGeneralEntry 5 } 552 mvpnGenInterAsPmsiConfig OBJECT-TYPE 553 SYNTAX RowPointer 554 MAX-ACCESS read-write 555 STATUS current 556 DESCRIPTION 557 "This points to a row in mvpnPmsiConfigTable, 558 for inter-as I-PMSI configuration, in case of segmented 559 inter-as provider tunnels." 560 ::= { mvpnGeneralEntry 6 } 562 mvpnGenUmhSelection OBJECT-TYPE 563 SYNTAX INTEGER { 564 highestPeAddress (1), 565 cRootGroupHashing (2), 566 ucastUmhRoute (3) 567 } 568 MAX-ACCESS read-write 569 STATUS current 570 DESCRIPTION 571 "The UMH selection method for this mvpn, as specified in 572 section 5.1.3 of [RFC6513]: 573 highestPeAddress (1): PE with the highest address 574 cRootGroupHashing (2): hashing based on (c-root, c-group) 575 uncastUmhRoute (3): per ucast route towards c-root" 577 ::= { mvpnGeneralEntry 7} 579 mvpnGenSiteType OBJECT-TYPE 580 SYNTAX INTEGER { 581 senderReceiver (1), 582 receiverOnly (2), 583 senderOnly (3) 584 } 585 MAX-ACCESS read-write 586 STATUS current 587 DESCRIPTION 588 "Whether this site is a receiver-only site or not. 589 senderReceiver (1): both sender and receiver site. 590 receiverOnly (2): receiver-only site. 591 senderOnly (3): sender-only site." 592 ::= { mvpnGeneralEntry 8} 594 mvpnGenSptnlLimit OBJECT-TYPE 595 SYNTAX Unsigned32 596 MAX-ACCESS read-write 597 STATUS current 598 DESCRIPTION 599 "The max number of selective provider tunnels this device 600 allows for this mvpn." 602 ::= { mvpnGeneralEntry 9} 604 mvpnGenRowStatus OBJECT-TYPE 605 SYNTAX RowStatus 606 MAX-ACCESS read-create 607 STATUS current 608 DESCRIPTION 609 "This is used to create or delete a row in this table." 610 ::= { mvpnGeneralEntry 10 } 612 -- General BGP-MVPN table 614 mvpnBgpGeneralTable OBJECT-TYPE 615 SYNTAX SEQUENCE OF MvpnBgpGeneralEntry 616 MAX-ACCESS not-accessible 617 STATUS current 618 DESCRIPTION 619 "This table augments the mvpnGeneralTable and is for BGP-MVPN 620 specific information." 621 ::= { mvpnGeneral 2 } 623 mvpnBgpGeneralEntry OBJECT-TYPE 624 SYNTAX MvpnBgpGeneralEntry 625 MAX-ACCESS not-accessible 626 STATUS current 627 DESCRIPTION 628 "The mvpnBgpGeneralEntry matches and augments an 629 mvpnGeneralEntry for a BGP-MVPN instance, with BGP-MVPN 630 specific informatoin." 631 AUGMENTS { mvpnGeneralEntry } 632 ::= { mvpnBgpGeneralTable 1 } 634 MvpnBgpGeneralEntry ::= SEQUENCE { 635 mvpnBgpGenMode INTEGER, 636 mvpnBgpGenVrfRtImport MplsL3VpnRouteDistinguisher, 637 mvpnBgpGenSrcAs Unsigned32 638 } 640 mvpnBgpGenMode OBJECT-TYPE 641 SYNTAX INTEGER { 642 rptSpt (1), 643 sptOnly (2) 644 } 645 MAX-ACCESS read-write 646 STATUS current 647 DESCRIPTION 648 "For two different BGP-MVPN modes: 649 rptSpt(1): inter-site shared tree mode 650 sptOnly(2): inter-site source-only tree mode." 651 ::= { mvpnBgpGeneralEntry 1} 653 mvpnBgpGenVrfRtImport OBJECT-TYPE 654 SYNTAX MplsL3VpnRouteDistinguisher 655 MAX-ACCESS read-write 656 STATUS current 657 DESCRIPTION 658 "The VRF Route Import Extended Community that this device 659 adds to unicast vpn routes that it advertises for this mvpn." 660 ::= { mvpnBgpGeneralEntry 2} 662 mvpnBgpGenSrcAs OBJECT-TYPE 663 SYNTAX Unsigned32 664 MAX-ACCESS read-only 665 STATUS current 666 DESCRIPTION 667 "The Source AS number in Source AS Extended Community that this 668 device adds to the unicast vpn routes that it advertises for 669 this mvpn." 670 ::= { mvpnBgpGeneralEntry 3} 672 -- PMSI Configuration Table 674 mvpnPmsiConfigTable OBJECT-TYPE 675 SYNTAX SEQUENCE OF MvpnPmsiConfigEntry 676 MAX-ACCESS not-accessible 677 STATUS current 678 DESCRIPTION 679 "This table specifies the configured PMSIs." 680 ::= { mvpnConfig 1 } 682 mvpnPmsiConfigEntry OBJECT-TYPE 683 SYNTAX MvpnPmsiConfigEntry 684 MAX-ACCESS not-accessible 685 STATUS current 686 DESCRIPTION 687 "An entry in this table is created for each PMSI configured 688 on this router. It can be referred to by either I-PMSI 689 configuration (in mvpnGeneralEntry) or S-PMSI configuration 690 (in mvpnSpmsiConfigEntry)" 691 INDEX { mvpnPmsiConfigTunnelType, 692 mvpnPmsiConfigTunnelAuxInfo, 693 mvpnPmsiConfigTunnelPimGroupAddressType, 694 mvpnPmsiConfigTunnelPimGroupAddress, 695 mvpnPmsiConfigTunnelOrTemplateName } 696 ::= { mvpnPmsiConfigTable 1 } 698 MvpnPmsiConfigEntry ::= SEQUENCE { 699 mvpnPmsiConfigTunnelType L2L3VpnMcastProviderTunnelType, 700 mvpnPmsiConfigTunnelAuxInfo Unsigned32, 701 mvpnPmsiConfigTunnelPimGroupAddressType InetAddressType, 702 mvpnPmsiConfigTunnelPimGroupAddress InetAddress, 703 mvpnPmsiConfigTunnelOrTemplateName SnmpAdminString, 704 mvpnPmsiConfigEncapsType INTEGER, 705 mvpnPmsiConfigRowStatus RowStatus 706 } 708 mvpnPmsiConfigTunnelType OBJECT-TYPE 709 SYNTAX L2L3VpnMcastProviderTunnelType 710 MAX-ACCESS not-accessible 711 STATUS current 712 DESCRIPTION 713 "Type of tunnel used to instantiate the PMSI." 714 ::= { mvpnPmsiConfigEntry 1 } 716 mvpnPmsiConfigTunnelAuxInfo OBJECT-TYPE 717 SYNTAX Unsigned32 718 MAX-ACCESS not-accessible 719 STATUS current 720 DESCRIPTION 721 "Additional tunnel information depending on the type. 722 pim: In case of S-PMSI, number of groups starting at 723 mvpnPmsiConfigTunnelPimGroupAddress. 724 This allows a range of PIM provider tunnel 725 group addresses to be specified in S-PMSI case. 726 In I-PMSI case, it must be 1. 727 rsvp-p2mp: 1 for statically specified rsvp-p2mp tunnel 728 2 for dynamically created rsvp-p2mp tunnel 729 ingress-replication: 730 1 for using any existing p2p/mp2p lsp 731 2 for dynamically creating new p2p lsp" 732 ::= { mvpnPmsiConfigEntry 2 } 734 mvpnPmsiConfigTunnelPimGroupAddressType OBJECT-TYPE 735 SYNTAX InetAddressType 736 MAX-ACCESS not-accessible 737 STATUS current 738 DESCRIPTION 739 "In case of PIM provider tunnel, the type of tunnel address." 740 ::= { mvpnPmsiConfigEntry 3 } 742 mvpnPmsiConfigTunnelPimGroupAddress OBJECT-TYPE 743 SYNTAX InetAddress 744 MAX-ACCESS not-accessible 745 STATUS current 746 DESCRIPTION 747 "In case of PIM provider tunnel, the provider tunnel address." 748 ::= { mvpnPmsiConfigEntry 4 } 750 mvpnPmsiConfigTunnelOrTemplateName OBJECT-TYPE 751 SYNTAX SnmpAdminString 752 MAX-ACCESS not-accessible 753 STATUS current 754 DESCRIPTION 755 "The tunnel name or template name used to create tunnels. 756 Depending on mvpnPmsiConfigTunnelType and 757 mvpnPmsiConfigTunnelAuxInfo: 759 dynamically created rsvp-p2mp tunnel: template name 760 statically specified rsvp-p2mp tunnel: tunnel name 761 ingress-replication using 762 dynamically created lsps: template name 763 other: null" 764 ::= { mvpnPmsiConfigEntry 5 } 766 mvpnPmsiConfigEncapsType OBJECT-TYPE 767 SYNTAX INTEGER { greIp (1), 768 ipIp (2), 769 mpls (3) 770 } 771 MAX-ACCESS read-write 772 STATUS current 773 DESCRIPTION 774 "The encapsulation type to be used, in case of PIM tunnel or 775 ingress-replication." 776 ::= { mvpnPmsiConfigEntry 6 } 778 mvpnPmsiConfigRowStatus OBJECT-TYPE 779 SYNTAX RowStatus 780 MAX-ACCESS read-create 781 STATUS current 782 DESCRIPTION 783 "Used to create/modify/delete a row in this table." 784 ::= { mvpnPmsiConfigEntry 7 } 786 -- S-PMSI configuration table 788 mvpnSpmsiConfigTable OBJECT-TYPE 789 SYNTAX SEQUENCE OF MvpnSpmsiConfigEntry 790 MAX-ACCESS not-accessible 791 STATUS current 792 DESCRIPTION 793 "This table specifies S-PMSI configuration." 795 ::= { mvpnConfig 2 } 797 mvpnSpmsiConfigEntry OBJECT-TYPE 798 SYNTAX MvpnSpmsiConfigEntry 799 MAX-ACCESS not-accessible 800 STATUS current 801 DESCRIPTION 802 "An entry is created for each S-PMSI configuration." 803 INDEX { mplsL3VpnVrfName, 804 mvpnSpmsiConfigCmcastAddressType, 805 mvpnSpmsiConfigCmcastGroupAddress, 806 mvpnSpmsiConfigCmcastGroupPrefixLen, 807 mvpnSpmsiConfigCmcastSourceAddress, 808 mvpnSpmsiConfigCmcastSourcePrefixLen } 809 ::= { mvpnSpmsiConfigTable 1 } 811 MvpnSpmsiConfigEntry ::= SEQUENCE { 812 mvpnSpmsiConfigCmcastAddressType InetAddressType, 813 mvpnSpmsiConfigCmcastGroupAddress InetAddress, 814 mvpnSpmsiConfigCmcastGroupPrefixLen Unsigned32, 815 mvpnSpmsiConfigCmcastSourceAddress InetAddress, 816 mvpnSpmsiConfigCmcastSourcePrefixLen Unsigned32, 817 mvpnSpmsiConfigThreshold Unsigned32, 818 mvpnSpmsiConfigPmsiPointer RowPointer, 819 mvpnSpmsiConfigRowStatus RowStatus 820 } 822 mvpnSpmsiConfigCmcastAddressType OBJECT-TYPE 823 SYNTAX InetAddressType 824 MAX-ACCESS not-accessible 825 STATUS current 826 DESCRIPTION 827 "Type of C-multicast address" 828 ::= { mvpnSpmsiConfigEntry 1 } 830 mvpnSpmsiConfigCmcastGroupAddress OBJECT-TYPE 831 SYNTAX InetAddress 832 MAX-ACCESS not-accessible 833 STATUS current 834 DESCRIPTION 835 "C-multicast group address" 836 ::= { mvpnSpmsiConfigEntry 2 } 838 mvpnSpmsiConfigCmcastGroupPrefixLen OBJECT-TYPE 839 SYNTAX Unsigned32 840 MAX-ACCESS not-accessible 841 STATUS current 842 DESCRIPTION 843 "C-multicast group address prefix length. 844 A group 0 (or ::0) with prefix length 32 (or 128) 845 indicates wildcard group, while a group 0 (or ::0) 846 with prefix length 0 indicates any group." 847 ::= { mvpnSpmsiConfigEntry 3 } 849 mvpnSpmsiConfigCmcastSourceAddress OBJECT-TYPE 850 SYNTAX InetAddress 851 MAX-ACCESS not-accessible 852 STATUS current 853 DESCRIPTION 854 "C-multicast source address" 855 ::= { mvpnSpmsiConfigEntry 4 } 857 mvpnSpmsiConfigCmcastSourcePrefixLen OBJECT-TYPE 858 SYNTAX Unsigned32 859 MAX-ACCESS not-accessible 860 STATUS current 861 DESCRIPTION 862 "C-multicast source address prefix length. 863 A source 0 (or ::0) with prefix length 32 (or 128) 864 indicates a wildcard source, while a source 0 (or ::0) 865 with prefix length 0 indicates any source." 866 ::= { mvpnSpmsiConfigEntry 5 } 868 mvpnSpmsiConfigThreshold OBJECT-TYPE 869 SYNTAX Unsigned32 (0..4294967295) 870 UNITS "kilobits per second" 871 MAX-ACCESS read-write 872 STATUS current 873 DESCRIPTION 874 "The bandwidth threshold value which when exceeded for a 875 multicast routing entry in the given MVRF, triggers usage 876 of S-PMSI." 877 ::= { mvpnSpmsiConfigEntry 6 } 879 mvpnSpmsiConfigPmsiPointer OBJECT-TYPE 880 SYNTAX RowPointer 881 MAX-ACCESS read-write 882 STATUS current 883 DESCRIPTION 884 "This points to a row in mvpnPmsiConfigTable, 885 to specify tunnel attributes." 886 ::= { mvpnSpmsiConfigEntry 7 } 888 mvpnSpmsiConfigRowStatus OBJECT-TYPE 889 SYNTAX RowStatus 890 MAX-ACCESS read-create 891 STATUS current 892 DESCRIPTION 893 "Used to create/modify/delete a row in this table." 894 ::= { mvpnSpmsiConfigEntry 8 } 896 -- Table of intra-as I-PMSIs advertised/received 898 mvpnIpmsiTable OBJECT-TYPE 899 SYNTAX SEQUENCE OF MvpnIpmsiEntry 900 MAX-ACCESS not-accessible 901 STATUS current 902 DESCRIPTION 903 "This table is for all advertised/received I-PMSI 904 advertisements." 905 ::= { mvpnStates 1 } 907 mvpnIpmsiEntry OBJECT-TYPE 908 SYNTAX MvpnIpmsiEntry 909 MAX-ACCESS not-accessible 910 STATUS current 911 DESCRIPTION 912 "An entry in this table corresponds to an I-PMSI 913 advertisement that is advertised/received on this router. 914 This represents all the sender PEs in the MVPN, 915 with the provider tunnel they use to send traffic." 916 INDEX { mplsL3VpnVrfName, 917 mvpnIpmsiAfi, 918 mvpnIpmsiRD, 919 mvpnIpmsiOrigAddrType, 920 mvpnIpmsiOrigAddress } 921 ::= { mvpnIpmsiTable 1 } 923 MvpnIpmsiEntry ::= SEQUENCE { 924 mvpnIpmsiAfi Unsigned32, 925 mvpnIpmsiRD MplsL3VpnRouteDistinguisher, 926 mvpnIpmsiOrigAddrType InetAddressType, 927 mvpnIpmsiOrigAddress InetAddress, 928 mvpnIpmsiUpTime TimeInterval, 929 mvpnIpmsiAttribute RowPointer 930 } 932 mvpnIpmsiAfi OBJECT-TYPE 933 SYNTAX Unsigned32 (1|2) 934 MAX-ACCESS not-accessible 935 STATUS current 936 DESCRIPTION 937 "The address family this I-PMSI is for. 938 1 - IPv4 939 2 - IPv6" 940 ::= { mvpnIpmsiEntry 1 } 942 mvpnIpmsiRD OBJECT-TYPE 943 SYNTAX MplsL3VpnRouteDistinguisher 944 MAX-ACCESS not-accessible 945 STATUS current 946 DESCRIPTION 947 "The Route Distinguisher in this I-PMSI." 948 ::= { mvpnIpmsiEntry 2 } 950 mvpnIpmsiOrigAddrType OBJECT-TYPE 951 SYNTAX InetAddressType 952 MAX-ACCESS not-accessible 953 STATUS current 954 DESCRIPTION 955 "The Internet address type of mvpnIpmsiOrigAddress." 956 ::= { mvpnIpmsiEntry 3 } 958 mvpnIpmsiOrigAddress OBJECT-TYPE 959 SYNTAX InetAddress 960 MAX-ACCESS not-accessible 961 STATUS current 962 DESCRIPTION 963 "The BGP address of the device that originated the I-PMSI." 964 ::= { mvpnIpmsiEntry 4 } 966 mvpnIpmsiUpTime OBJECT-TYPE 967 SYNTAX TimeInterval 968 MAX-ACCESS read-only 969 STATUS current 970 DESCRIPTION 971 "The time since this I-PMSI 972 was first advertised/received by the device." 973 ::= { mvpnIpmsiEntry 5 } 975 mvpnIpmsiAttribute OBJECT-TYPE 976 SYNTAX RowPointer 977 MAX-ACCESS read-only 978 STATUS current 979 DESCRIPTION 980 "Points to a row in the l2L3VpnMcastPmsiTunnelAttributeTable." 981 ::= { mvpnIpmsiEntry 6 } 983 -- Table of inter-as I-PMSIs advertised/received 985 mvpnInterAsIpmsiTable OBJECT-TYPE 986 SYNTAX SEQUENCE OF MvpnInterAsIpmsiEntry 987 MAX-ACCESS not-accessible 988 STATUS current 989 DESCRIPTION 990 "This table is for all advertised/received inter-as I-PMSI 991 advertisements." 992 ::= { mvpnStates 2 } 994 mvpnInterAsIpmsiEntry OBJECT-TYPE 995 SYNTAX MvpnInterAsIpmsiEntry 996 MAX-ACCESS not-accessible 997 STATUS current 998 DESCRIPTION 999 "An entry in this table corresponds to an inter-as I-PMSI 1000 advertisement that is advertised/received on this router. 1001 This represents all the ASes in the MVPN, 1002 with the provider tunnel used to send traffic to." 1003 INDEX { mplsL3VpnVrfName, 1004 mvpnInterAsIpmsiAfi, 1005 mvpnInterAsIpmsiRD, 1006 mvpnInterAsIpmsiSrcAs } 1007 ::= { mvpnInterAsIpmsiTable 1 } 1009 MvpnInterAsIpmsiEntry ::= SEQUENCE { 1010 mvpnInterAsIpmsiAfi Unsigned32, 1011 mvpnInterAsIpmsiRD MplsL3VpnRouteDistinguisher, 1012 mvpnInterAsIpmsiSrcAs Unsigned32, 1013 mvpnInterAsIpmsiAttribute RowPointer 1014 } 1016 mvpnInterAsIpmsiAfi OBJECT-TYPE 1017 SYNTAX Unsigned32 (1|2) 1018 MAX-ACCESS not-accessible 1019 STATUS current 1020 DESCRIPTION 1021 "The address family this I-PMSI is for. 1022 1 - IPv4 1023 2 - IPv6" 1024 ::= { mvpnInterAsIpmsiEntry 1 } 1026 mvpnInterAsIpmsiRD OBJECT-TYPE 1027 SYNTAX MplsL3VpnRouteDistinguisher 1028 MAX-ACCESS not-accessible 1029 STATUS current 1030 DESCRIPTION 1031 "The Route Distinguisher in this inter-as I-PMSI." 1032 ::= { mvpnInterAsIpmsiEntry 2 } 1034 mvpnInterAsIpmsiSrcAs OBJECT-TYPE 1035 SYNTAX Unsigned32 1036 MAX-ACCESS not-accessible 1037 STATUS current 1038 DESCRIPTION 1039 "The source-as in this inter-as I-PMSI." 1040 ::= { mvpnInterAsIpmsiEntry 3 } 1042 mvpnInterAsIpmsiAttribute OBJECT-TYPE 1043 SYNTAX RowPointer 1044 MAX-ACCESS read-only 1045 STATUS current 1046 DESCRIPTION 1047 "Points to a row in the l2L3VpnMcastPmsiTunnelAttributeTable." 1048 ::= { mvpnInterAsIpmsiEntry 4 } 1050 -- Table of S-PMSIs advertised/received 1052 mvpnSpmsiTable OBJECT-TYPE 1053 SYNTAX SEQUENCE OF MvpnSpmsiEntry 1054 MAX-ACCESS not-accessible 1055 STATUS current 1056 DESCRIPTION 1057 "This table has information about the S-PMSIs sent/received 1058 by a device." 1059 ::= { mvpnStates 3 } 1061 mvpnSpmsiEntry OBJECT-TYPE 1062 SYNTAX MvpnSpmsiEntry 1063 MAX-ACCESS not-accessible 1064 STATUS current 1065 DESCRIPTION 1066 "An entry in this table is created or updated for each S-PMSI 1067 advertised/received in a particular MVRF." 1068 INDEX { mplsL3VpnVrfName, 1069 mvpnSpmsiCmcastAddrType, 1070 mvpnSpmsiCmcastGroup, 1071 mvpnSpmsiCmcastGroupPrefixLen, 1072 mvpnSpmsiCmcastSource, 1073 mvpnSpmsiCmcastSourcePrefixLen, 1074 mvpnSpmsiOrigAddrType, 1075 mvpnSpmsiOrigAddress} 1076 ::= { mvpnSpmsiTable 1 } 1078 MvpnSpmsiEntry ::= SEQUENCE { 1079 mvpnSpmsiCmcastAddrType InetAddressType, 1080 mvpnSpmsiCmcastGroup InetAddress, 1081 mvpnSpmsiCmcastGroupPrefixLen Unsigned32, 1082 mvpnSpmsiCmcastSource InetAddress, 1083 mvpnSpmsiCmcastSourcePrefixLen Unsigned32, 1084 mvpnSpmsiOrigAddrType InetAddressType, 1085 mvpnSpmsiOrigAddress InetAddress, 1086 mvpnSpmsiTunnelAttribute RowPointer, 1087 mvpnSpmsiUpTime TimeInterval, 1088 mvpnSpmsiExpTime TimeInterval, 1089 mvpnSpmsiRefCnt Unsigned32 1090 } 1092 mvpnSpmsiCmcastAddrType OBJECT-TYPE 1093 SYNTAX InetAddressType 1094 MAX-ACCESS not-accessible 1095 STATUS current 1096 DESCRIPTION 1097 "The Internet address type of mvpnSpmsiCmcastGroup/Source." 1098 ::= { mvpnSpmsiEntry 1 } 1100 mvpnSpmsiCmcastGroup OBJECT-TYPE 1101 SYNTAX InetAddress 1102 MAX-ACCESS not-accessible 1103 STATUS current 1104 DESCRIPTION 1105 "S-PMSI C-multicast group address. 1106 If it is 0 (or ::0), this is a wildcard group, 1107 and mvpnSpmsiCmcastGroupPrefixLen must be 32 (or 128)." 1108 ::= { mvpnSpmsiEntry 2 } 1110 mvpnSpmsiCmcastGroupPrefixLen OBJECT-TYPE 1111 SYNTAX Unsigned32 1112 MAX-ACCESS not-accessible 1113 STATUS current 1114 DESCRIPTION 1115 "S-PMSI C-multicast group address prefix length." 1116 ::= { mvpnSpmsiEntry 3 } 1118 mvpnSpmsiCmcastSource OBJECT-TYPE 1119 SYNTAX InetAddress 1120 MAX-ACCESS not-accessible 1121 STATUS current 1122 DESCRIPTION 1123 "S-PMSI C-multicast source address 1124 If it is 0 (or ::0), this is a wildcard source, 1125 and mvpnSpmsiCmcastSourcePrefixLen must be 32 (or 128)." 1126 ::= { mvpnSpmsiEntry 4 } 1128 mvpnSpmsiCmcastSourcePrefixLen OBJECT-TYPE 1129 SYNTAX Unsigned32 1130 MAX-ACCESS not-accessible 1131 STATUS current 1132 DESCRIPTION 1133 "S-PMSI C-multicast source address prefix length." 1134 ::= { mvpnSpmsiEntry 5 } 1136 mvpnSpmsiOrigAddrType OBJECT-TYPE 1137 SYNTAX InetAddressType 1138 MAX-ACCESS not-accessible 1139 STATUS current 1140 DESCRIPTION 1141 "The Internet address type of mvpnSpmsiOrigAddress." 1142 ::= { mvpnSpmsiEntry 6 } 1144 mvpnSpmsiOrigAddress OBJECT-TYPE 1145 SYNTAX InetAddress 1146 MAX-ACCESS not-accessible 1147 STATUS current 1148 DESCRIPTION 1149 "The BGP address of the device that originated the S-PMSI." 1150 ::= { mvpnSpmsiEntry 7 } 1152 mvpnSpmsiTunnelAttribute OBJECT-TYPE 1153 SYNTAX RowPointer 1154 MAX-ACCESS read-only 1155 STATUS current 1156 DESCRIPTION 1157 "A row pointer to the l2L3VpnMcastPmsiTunnelAttributeTable" 1158 ::= { mvpnSpmsiEntry 8 } 1160 mvpnSpmsiUpTime OBJECT-TYPE 1161 SYNTAX TimeInterval 1162 MAX-ACCESS read-only 1163 STATUS current 1164 DESCRIPTION 1165 "The time since this S-PMSI 1166 was first advertised/received by the device." 1167 ::= { mvpnSpmsiEntry 9 } 1169 mvpnSpmsiExpTime OBJECT-TYPE 1170 SYNTAX TimeInterval 1171 MAX-ACCESS read-only 1172 STATUS current 1173 DESCRIPTION 1174 "For UDP-based S-PMSI signaling for PIM-MVPN, 1175 the amount of time remaining before this 1176 received S-PMSI Join Message expires, 1177 or the next S-PMSI Join Message refresh is to be 1178 advertised again from the device. 1180 Otherwise, it is 0." 1181 ::= { mvpnSpmsiEntry 10 } 1183 mvpnSpmsiRefCnt OBJECT-TYPE 1184 SYNTAX Unsigned32 1185 MAX-ACCESS read-only 1186 STATUS current 1187 DESCRIPTION 1188 "The number of c-multicast routes that are mapped to 1189 this S-PMSI." 1190 ::= { mvpnSpmsiEntry 11 } 1192 -- Table of multicast routes in an MVPN 1194 mvpnMrouteTable OBJECT-TYPE 1195 SYNTAX SEQUENCE OF MvpnMrouteEntry 1196 MAX-ACCESS not-accessible 1197 STATUS current 1198 DESCRIPTION 1199 "This table augments ipMcastRouteTable, to provide some MVPN 1200 specific information." 1201 ::= { mvpnStates 4 } 1203 mvpnMrouteEntry OBJECT-TYPE 1204 SYNTAX MvpnMrouteEntry 1205 MAX-ACCESS not-accessible 1206 STATUS current 1207 DESCRIPTION 1208 "The mvpnMrouteEntry matches and augments an ipMcastRouteEntry, 1209 with MVPN specific information, such as PMSI used." 1210 AUGMENTS { ipMcastRouteEntry } 1211 ::= { mvpnMrouteTable 1 } 1213 MvpnMrouteEntry ::= SEQUENCE { 1214 mvpnMroutePmsiPointer RowPointer, 1215 mvpnMrouteNumberOfLocalReplication Unsigned32, 1216 mvpnMrouteNumberOfRemoteReplication Unsigned32 1217 } 1219 mvpnMroutePmsiPointer OBJECT-TYPE 1220 SYNTAX RowPointer 1221 MAX-ACCESS read-only 1222 STATUS current 1223 DESCRIPTION 1224 "The I-PMSI or S-PMSI this C-multicast route is using. 1225 This is important because an implementation may not have an 1226 interface corresponding to a provider tunnel, 1227 that can be used in ipMcastRouteNextHopEntry." 1229 ::= { mvpnMrouteEntry 1 } 1231 mvpnMrouteNumberOfLocalReplication OBJECT-TYPE 1232 SYNTAX Unsigned32 1233 MAX-ACCESS read-only 1234 STATUS current 1235 DESCRIPTION 1236 "Number of replications for local receivers. 1237 For example, if an ingress PE needs to send traffic out of 1238 N PE-CE interfaces, then mvpnMrouteNumberOfLocalReplication 1239 is N." 1240 ::= { mvpnMrouteEntry 2 } 1242 mvpnMrouteNumberOfRemoteReplication OBJECT-TYPE 1243 SYNTAX Unsigned32 1244 MAX-ACCESS read-only 1245 STATUS current 1246 DESCRIPTION 1247 "Number of local replications for remote PEs. For example, 1248 if the number of remote PEs that need to receive traffic is N, 1249 then mvpnMrouteNumberOfRemoteReplication is N in case of 1250 Ingress Replication, but may be less than N in case of RSVP-TE 1251 or mLDP P2MP tunnels, depending on the actual number of 1252 replications the PE needs do." 1253 ::= { mvpnMrouteEntry 3 } 1255 -- MVPN Notifications 1257 mvpnMvrfChange NOTIFICATION-TYPE 1258 OBJECTS { 1259 mvpnGenOperStatusChange 1260 } 1261 STATUS current 1262 DESCRIPTION 1263 "A mvpnMvrfChange notification signifies a change about 1264 a MVRF in the device. The change event can be creation of 1265 the MVRF, deletion of the MVRF or an update on the I-PMSI 1266 or S-PMSI configuration of the MVRF. The change event 1267 is indicated by mvpnGenOperStatusChange embedded in 1268 the notification. The user can then query 1269 mvpnGeneralTable, and/or mvpnSpmsiConfigTable to 1270 get the details of the change as necessary. 1272 Note: Since the creation of a MVRF is often followed by 1273 configuration of I-PMSI and/or S-PMSIs for the MVRF, 1274 more than one (three at most) notifications for a MVRF may 1275 be generated serially, and it is really not necessary to 1276 generate all three of them. An agent may choose to generate a 1277 notification for the last event only, that is for S-PMSI 1278 configuration. 1280 Similarly, deletion of I-PMSI and S-PMSI configuration on a 1281 MVRF happens before a MVRF is deleted and it is recommended 1282 that the agent send the notification for MVRF deletion 1283 event only." 1284 ::= { mvpnNotifications 1 } 1286 -- MVPN MIB Conformance Information 1288 mvpnGroups OBJECT IDENTIFIER ::= { mvpnConformance 1 } 1289 mvpnCompliances OBJECT IDENTIFIER ::= { mvpnConformance 2 } 1291 -- Compliance Statements 1293 mvpnCompliance MODULE-COMPLIANCE 1294 STATUS current 1295 DESCRIPTION 1296 "The compliance statement " 1297 MODULE -- this module 1298 MANDATORY-GROUPS { 1299 mvpnScalarGroup, 1300 mvpnGeneralGroup, 1301 mvpnSpmsiConfigGroup, 1302 mvpnSpmsiGroup, 1303 mvpnMrouteGroup 1304 } 1306 GROUP mvpnIpmsiGroup 1307 DESCRIPTION 1308 "This group is mandatory for systems that support 1309 BGP signaling for I-PMSI." 1311 GROUP mvpnInterAsIpmsiGroup 1312 DESCRIPTION 1313 "This group is mandatory for systems that support 1314 Inter-AS Segmented I-PMSI." 1316 GROUP mvpnBgpGeneralGroup 1317 DESCRIPTION 1318 "This group is mandatory for systems that support 1319 BGP-MVPN." 1321 ::= { mvpnCompliances 1 } 1323 -- units of conformance 1324 mvpnScalarGroup OBJECT-GROUP 1325 OBJECTS { 1326 mvpnMvrfs, 1327 mvpnV4Mvrfs, 1328 mvpnV6Mvrfs, 1329 mvpnPimV4Mvrfs, 1330 mvpnPimV6Mvrfs, 1331 mvpnBgpV4Mvrfs, 1332 mvpnBgpV6Mvrfs, 1333 mvpnMldpMvrfs, 1334 mvpnNotificationEnable 1335 } 1336 STATUS current 1337 DESCRIPTION 1338 "These objects are used to monitor/manage 1339 global MVPN parameters." 1340 ::= { mvpnGroups 1 } 1342 mvpnGeneralGroup OBJECT-GROUP 1343 OBJECTS { 1344 mvpnGenOperStatusChange, 1345 mvpnGenOperChangeTime, 1346 mvpnGenCmcastRouteProtocol, 1347 mvpnGenIpmsiConfig, 1348 mvpnGenInterAsPmsiConfig, 1349 mvpnGenUmhSelection, 1350 mvpnGenSiteType, 1351 mvpnGenSptnlLimit, 1352 mvpnGenRowStatus 1353 } 1354 STATUS current 1355 DESCRIPTION 1356 "These objects are used to monitor/manage 1357 per-VRF MVPN parameters." 1358 ::= { mvpnGroups 2 } 1360 mvpnPmsiConfigGroup OBJECT-GROUP 1361 OBJECTS { 1362 mvpnPmsiConfigEncapsType, 1363 mvpnPmsiConfigRowStatus 1364 } 1365 STATUS current 1366 DESCRIPTION 1367 "These objects are used to monitor/manage 1368 PMSI tunnel configurations." 1369 ::= { mvpnGroups 3 } 1371 mvpnSpmsiConfigGroup OBJECT-GROUP 1372 OBJECTS { 1373 mvpnSpmsiConfigThreshold, 1374 mvpnSpmsiConfigPmsiPointer, 1375 mvpnSpmsiConfigRowStatus 1376 } 1377 STATUS current 1378 DESCRIPTION 1379 "These objects are used to monitor/manage 1380 S-PMSI configurations." 1381 ::= { mvpnGroups 4 } 1383 mvpnIpmsiGroup OBJECT-GROUP 1384 OBJECTS { 1385 mvpnIpmsiUpTime, 1386 mvpnIpmsiAttribute 1387 } 1388 STATUS current 1389 DESCRIPTION 1390 "These objects are used to monitor/manage 1391 Intra-AS I-PMSI attributes." 1392 ::= { mvpnGroups 5 } 1394 mvpnInterAsIpmsiGroup OBJECT-GROUP 1395 OBJECTS { 1396 mvpnInterAsIpmsiAttribute 1397 } 1398 STATUS current 1399 DESCRIPTION 1400 "These objects are used to monitor/manage 1401 Inter-AS I-PMSI attributes." 1402 ::= { mvpnGroups 6 } 1404 mvpnSpmsiGroup OBJECT-GROUP 1405 OBJECTS { 1406 mvpnSpmsiTunnelAttribute, 1407 mvpnSpmsiUpTime, 1408 mvpnSpmsiExpTime, 1409 mvpnSpmsiRefCnt 1410 } 1411 STATUS current 1412 DESCRIPTION 1413 "These objects are used to monitor/manage 1414 S-PMSI attributes." 1415 ::= { mvpnGroups 7 } 1417 mvpnMrouteGroup OBJECT-GROUP 1418 OBJECTS { 1419 mvpnMrouteNumberOfLocalReplication, 1420 mvpnMrouteNumberOfRemoteReplication 1421 } 1422 STATUS current 1423 DESCRIPTION 1424 "These objects are used to monitor/manage 1425 VPN multicast forwarding states." 1426 ::= { mvpnGroups 8 } 1428 mvpnBgpGeneralGroup OBJECT-GROUP 1429 OBJECTS { 1430 mvpnBgpGenMode, 1431 mvpnBgpGenVrfRtImport, 1432 mvpnBgpGenSrcAs 1433 } 1434 STATUS current 1435 DESCRIPTION 1436 "These objects are used to monitor/manage BGP-MVPN " 1437 ::= { mvpnGroups 9 } 1439 mvpnOptionalGroup OBJECT-GROUP 1440 OBJECTS { 1441 mvpnMroutePmsiPointer 1442 } 1443 STATUS current 1444 DESCRIPTION 1445 "Support of these object is not required." 1446 ::= { mvpnGroups 10} 1448 END 1450 4. Security Considerations 1452 This MIB contains some read-only objects that may be deemed senstive 1453 by some though perhaps not all operators. It also contains some 1454 read- write objects, whose setting will change the device's behavior 1455 related to MVPN. Appropriate security procedures related to SNMP in 1456 general but not specific to this MIB need to be implemented by 1457 concerned operators. 1459 There are a number of management objects defined in this MIB module 1460 with a MAX-ACCESS clause of read-write and/or read-create. Such 1461 objects may be considered sensitive or vulnerable in some network 1462 environments. The support for SET operations in a non-secure 1463 environment without proper protection opens devices to attack. These 1464 are the tables and objects and their sensitivity/vulnerability: 1466 o mvpnNotificationEnable, mvpnGenCmcastRouteProtocol, 1467 mvpnGenIpmsiConfig, mvpnGenInterAsPmsiConfig, mvpnGenUmhSelection, 1468 mvpnGenSiteType, mvpnGenSptnlLimit, mvpnBgpGenMode, 1469 mvpnBgpGenVrfRtImport, mvpnPmsiConfigEncapsType, 1470 mvpnSpmsiConfigThreshold, mvpnSpmsiConfigPmsiPointer 1472 o mvpnGenRowStatus, mvpnPmsiConfigRowStatus, 1473 mvpnSpmsiConfigRowStatus 1475 Some of the readable objects in this MIB module (i.e., objects with a 1476 MAX-ACCESS other than not-accessible) may be considered sensitive or 1477 vulnerable in some network environments. It is thus important to 1478 control even GET and/or NOTIFY access to these objects and possibly 1479 to even encrypt the values of these objects when sending them over 1480 the network via SNMP. These are the tables and objects and their 1481 sensitivity/vulnerability: 1483 o [TBD] 1485 SNMP versions prior to SNMPv3 did not include adequate security. 1486 Even if the network itself is secure (for example by using IPsec), 1487 there is no control as to who on the secure network is allowed to 1488 access and GET/SET (read/change/create/delete) the objects in this 1489 MIB module. 1491 Implementations SHOULD provide the security features described by the 1492 SNMPv3 framework (see [RFC3410]), and implementations claiming 1493 compliance to the SNMPv3 standard MUST include full support for 1494 authentication and privacy via the User-based Security Model (USM) 1495 [RFC3414] with the AES cipher algorithm [RFC3826]. Implementations 1496 MAY also provide support for the Transport Security Model (TSM) 1497 [RFC5591] in combination with a secure transport such as SSH 1498 [RFC5592] or TLS/DTLS [RFC6353]. 1500 Further, deployment of SNMP versions prior to SNMPv3 is NOT 1501 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 1502 enable cryptographic security. It is then a customer/operator 1503 responsibility to ensure that the SNMP entity giving access to an 1504 instance of this MIB module is properly configured to give access to 1505 the objects only to those principals (users) that have legitimate 1506 rights to indeed GET or SET (change/create/delete) them. 1508 5. IANA Considerations 1510 IANA is requested to root MIB objects in the MIB module contained in 1511 this document under the mib-2 subtree. 1513 6. Acknowledgement 1515 Some of the text has been taken almost verbatim from 1516 [I-D.svaidya-mcast-vpn-mib]. We would like to thank Yakov Rekhter, 1517 Jeffrey Haas, Huajin Jeng, Durga Prasad Velamuri for their helpful 1518 comments. 1520 7. References 1522 7.1. Normative References 1524 [I-D.ietf-bess-l2l3-vpn-mcast-mib] 1525 Zhang, Z. and H. Tsunoda, "L2L3 VPN Multicast MIB", draft- 1526 ietf-bess-l2l3-vpn-mcast-mib-06 (work in progress), 1527 February 2017. 1529 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1530 Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/ 1531 RFC2119, March 1997, 1532 . 1534 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1535 Schoenwaelder, Ed., "Structure of Management Information 1536 Version 2 (SMIv2)", STD 58, RFC 2578, DOI 10.17487/ 1537 RFC2578, April 1999, 1538 . 1540 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1541 Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD 1542 58, RFC 2579, DOI 10.17487/RFC2579, April 1999, 1543 . 1545 [RFC2580] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1546 Schoenwaelder, Ed., "Conformance Statements for SMIv2", 1547 STD 58, RFC 2580, DOI 10.17487/RFC2580, April 1999, 1548 . 1550 [RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security Model 1551 (USM) for version 3 of the Simple Network Management 1552 Protocol (SNMPv3)", STD 62, RFC 3414, DOI 10.17487/ 1553 RFC3414, December 2002, 1554 . 1556 [RFC3826] Blumenthal, U., Maino, F., and K. McCloghrie, "The 1557 Advanced Encryption Standard (AES) Cipher Algorithm in the 1558 SNMP User-based Security Model", RFC 3826, DOI 10.17487/ 1559 RFC3826, June 2004, 1560 . 1562 [RFC4382] Nadeau, T., Ed. and H. van der Linde, Ed., "MPLS/BGP Layer 1563 3 Virtual Private Network (VPN) Management Information 1564 Base", RFC 4382, DOI 10.17487/RFC4382, February 2006, 1565 . 1567 [RFC5132] McWalter, D., Thaler, D., and A. Kessler, "IP Multicast 1568 MIB", RFC 5132, DOI 10.17487/RFC5132, December 2007, 1569 . 1571 [RFC5591] Harrington, D. and W. Hardaker, "Transport Security Model 1572 for the Simple Network Management Protocol (SNMP)", STD 1573 78, RFC 5591, DOI 10.17487/RFC5591, June 2009, 1574 . 1576 [RFC5592] Harrington, D., Salowey, J., and W. Hardaker, "Secure 1577 Shell Transport Model for the Simple Network Management 1578 Protocol (SNMP)", RFC 5592, DOI 10.17487/RFC5592, June 1579 2009, . 1581 [RFC6353] Hardaker, W., "Transport Layer Security (TLS) Transport 1582 Model for the Simple Network Management Protocol (SNMP)", 1583 STD 78, RFC 6353, DOI 10.17487/RFC6353, July 2011, 1584 . 1586 [RFC6513] Rosen, E., Ed. and R. Aggarwal, Ed., "Multicast in MPLS/ 1587 BGP IP VPNs", RFC 6513, DOI 10.17487/RFC6513, February 1588 2012, . 1590 [RFC6514] Aggarwal, R., Rosen, E., Morin, T., and Y. Rekhter, "BGP 1591 Encodings and Procedures for Multicast in MPLS/BGP IP 1592 VPNs", RFC 6514, DOI 10.17487/RFC6514, February 2012, 1593 . 1595 [RFC6625] Rosen, E., Ed., Rekhter, Y., Ed., Hendrickx, W., and R. 1596 Qiu, "Wildcards in Multicast VPN Auto-Discovery Routes", 1597 RFC 6625, DOI 10.17487/RFC6625, May 2012, 1598 . 1600 7.2. Informative References 1602 [I-D.svaidya-mcast-vpn-mib] 1603 Vaidya, S., "Multicast in BGP/MPLS IP VPNs Management 1604 Information Base", draft-svaidya-mcast-vpn-mib-02 (work in 1605 progress), March 2005. 1607 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 1608 "Introduction and Applicability Statements for Internet- 1609 Standard Management Framework", RFC 3410, DOI 10.17487/ 1610 RFC3410, December 2002, 1611 . 1613 Authors' Addresses 1615 Zhaohui (Jeffrey) Zhang (editor) 1616 Juniper Networks, Inc. 1617 10 Technology Park Drive 1618 Westford, MA 01886 1619 USA 1621 Email: zzhang@juniper.net 1623 Saud Asif 1624 AT&T 1625 C5-3D30 200 South Laurel Avenue 1626 Middletown, NJ 07748 1627 USA 1629 Email: sasif@att.com 1631 Andy Green 1632 BT Design 21CN Converged Core IP & Data 1633 01473 629360 Adastral Park, Martlesham Heath, Ipswich IP5 3RE 1634 UK 1636 Email: andy.da.green@bt.com 1638 Sameer Gulrajani 1639 Cisco Systems 1640 Tasman Drive San Jose, CA 95134 1641 USA 1643 Email: sameerg@cisco.com 1645 Pradeep G. Jain 1646 Alcatel-Lucent Inc 1647 701 E Middlefield road Mountain view, CA 94043 1648 USA 1650 Email: pradeep.jain@alcatel-lucent.com 1651 Hiroshi Tsunoda (editor) 1652 Tohoku Institute of Technology 1653 35-1, Yagiyama Kasumi-cho, Taihaku-ku 1654 Sendai 982-8577 1655 Japan 1657 Phone: +81-22-305-3411 1658 Email: tsuno@m.ieice.org