idnits 2.17.1 draft-ietf-bfd-mib-11.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords -- however, there's a paragraph with a matching beginning. Boilerplate error? (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (June 14, 2012) is 4334 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-08) exists of draft-ietf-bfd-tc-mib-01 Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group T. Nadeau 2 Internet Draft Juniper Networks 3 Intended status: Standards Track Z. Ali 4 Expires: December 14, 2012 N. Akiya 5 Cisco Systems 6 June 14, 2012 8 BFD Management Information Base 9 draft-ietf-bfd-mib-11 11 Abstract 13 This draft defines a portion of the Management Information Base (MIB) 14 for use with network management protocols in the Internet community. 15 In particular, it describes managed objects for modeling 16 Bidirectional Forwarding Detection (BFD) protocol. 18 Status of this Memo 20 This Internet-Draft is submitted in full conformance with the 21 provisions of BCP 78 and BCP 79. 23 Internet-Drafts are working documents of the Internet Engineering 24 Task Force (IETF). Note that other groups may also distribute 25 working documents as Internet-Drafts. The list of current Internet- 26 Drafts is at http://datatracker.ietf.org/drafts/current/. 28 Internet-Drafts are draft documents valid for a maximum of six months 29 and may be updated, replaced, or obsoleted by other documents at any 30 time. It is inappropriate to use Internet-Drafts as reference 31 material or to cite them other than as "work in progress." 33 This Internet-Draft will expire on December 14, 2012. 35 Copyright Notice 36 BFD-STD-MIB June 14, 2012 38 Copyright (c) 2012 IETF Trust and the persons identified as the 39 document authors. All rights reserved. 41 This document is subject to BCP 78 and the IETF Trust's Legal 42 Provisions Relating to IETF Documents 43 (http://trustee.ietf.org/license-info) in effect on the date of 44 publication of this document. Please review these documents 45 carefully, as they describe your rights and restrictions with respect 46 to this document. Code Components extracted from this document must 47 include Simplified BSD License text as described in Section 4.e of 48 the Trust Legal Provisions and are provided without warranty as 49 described in the Simplified BSD License. 51 Requirements Language 53 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 54 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 55 OPTIONAL" in this document are to be interpreted as described in 56 [RFC2119]. 58 Table of Contents 60 1. The Internet-Standard Management Framework . . . . . . . . . . 3 61 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 62 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 63 4. Brief Description of MIB Objects . . . . . . . . . . . . . . . 3 64 4.1. General Variables . . . . . . . . . . . . . . . . . . . . 4 65 4.2. Session Table (bfdSessionTable) . . . . . . . . . . . . . 4 66 4.3. Session Performance Table (bfdSessionPerfTable) . . . . . 4 67 4.4. BFD Session Discriminator Mapping Table 68 (bfdSessDiscMapTable) . . . . . . . . . . . . . . . . . . 4 69 4.5. BFD Session IP Mapping Table (bfdSessIpMapTable) . . . . . 4 70 5. BFD MIB Module Definitions . . . . . . . . . . . . . . . . . . 4 71 6. Security Considerations . . . . . . . . . . . . . . . . . . . 31 72 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 33 73 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 33 74 8.1. Normative References . . . . . . . . . . . . . . . . . . . 33 75 8.2. Informative References . . . . . . . . . . . . . . . . . . 34 76 Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . . 34 77 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 34 79 1. The Internet-Standard Management Framework 81 For a detailed overview of the documents that describe the current 82 BFD-STD-MIB June 14, 2012 84 Internet-Standard Management Framework, please refer to section 7 of 85 [RFC3410]. 87 Managed objects are accessed via a virtual information store, termed 88 the Management Information Base or MIB. MIB objects are generally 89 accessed through the Simple Network Management Protocol (SNMP). 90 Objects in the MIB are defined using the mechanisms defined in the 91 Structure of Management Information (SMI). This memo specifies a MIB 92 module that is compliant to the SMIv2, which is described in STD 58, 93 [RFC2578], STD 58, [RFC2579] and STD 58, [RFC2580]. 95 2. Introduction 97 This memo defines an portion of the Management Information Base (MIB) 98 for use with network management protocols in the Internet community. 99 In particular, it describes managed objects to configure and/or 100 monitor Bi-Directional Forwarding Detection for [BFD], [BFD-1HOP] and 101 [BFD-MH], BFD versions 0 and/or 1, on devices supporting this 102 feature. 104 Comments should be made directly to the BFD mailing list at 105 rtg-bfd@ietf.org. 107 3. Terminology 109 This document adopts the definitions, acronyms and mechanisms 110 described in [BFD], [BFD-1HOP] and [BFD-MH]. Unless otherwise 111 stated, the mechanisms described therein will not be re-described 112 here. 114 4. Brief Description of MIB Objects 116 This section describes objects pertaining to BFD. The MIB objects 117 are derived from [BFD] and [BFD-MH], and also include textual 118 conventions defined in [BFD-TC]. 120 4.1. General Variables 122 The General Variables are used to identify parameters that are global 123 to the BFD process. 125 4.2. Session Table (bfdSessionTable) 127 The session table is used to identify a BFD session between a pair of 128 nodes. 130 BFD-STD-MIB June 14, 2012 132 4.3. Session Performance Table (bfdSessionPerfTable) 134 The session performance table is used for collecting BFD performance 135 counters on a per session basis. This table is an AUGMENT to the 136 bfdSessionTable. 138 4.4. BFD Session Discriminator Mapping Table (bfdSessDiscMapTable) 140 The BFD Session Discriminator Mapping Table maps a local 141 discriminator value to associated BFD session's BfdSessIndexTC used 142 in the bfdSessionTable. 144 4.5. BFD Session IP Mapping Table (bfdSessIpMapTable) 146 The BFD Session IP Mapping Table maps, given bfdSessInterface, 147 bfdSessSrcAddrType, bfdSessSrcAddr, bfdSessDstAddrType, and 148 bfdSessDstAddr, to an associated BFD session's BfdSessIndexTC 149 used in the bfdSessionTable. This table SHOULD contains those 150 BFD sessions that are of IP type. 152 5. BFD MIB Module Definitions 154 This MIB module makes references to the following documents. 155 [RFC2579], [RFC2580], [RFC2863], [RFC4001], and [RFC3413]. 157 BFD-STD-MIB DEFINITIONS ::= BEGIN 159 IMPORTS 160 MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, 161 mib-2, Integer32, Unsigned32, Counter32, Counter64 162 FROM SNMPv2-SMI 164 TruthValue, RowStatus, StorageType, TimeStamp 165 FROM SNMPv2-TC 167 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP 168 FROM SNMPv2-CONF 170 InterfaceIndexOrZero 171 FROM IF-MIB 173 InetAddress, InetAddressType, InetPortNumber 174 FROM INET-ADDRESS-MIB 175 BFD-STD-MIB June 14, 2012 177 BfdSessIndexTC, BfdIntervalTC, BfdMultiplierTC, BfdDiagTC, 178 BfdSessTypeTC, BfdSessOperModeTC, BfdCtrlDestPortNumberTC, 179 BfdCtrlSourcePortNumberTC, BfdSessStateTC, 180 BfdSessAuthenticationTypeTC, BfdSessionAuthenticationKeyTC 181 FROM BFD-TC-STD-MIB; 183 bfdMIB MODULE-IDENTITY 184 LAST-UPDATED "201204141200Z" -- 14 June 2012 12:00:00 EST 185 ORGANIZATION "IETF Bidirectional Forwarding Detection 186 Working Group" 187 CONTACT-INFO 188 "Thomas D. Nadeau 189 Juniper Networks 190 Email: tnadeau@lucidvision.com 192 Zafar Ali 193 Cisco Systems, Inc. 194 Email: zali@cisco.com 196 Nobo Akiya 197 Cisco Systems, G.K. 198 Email: nobo@cisco.com" 199 DESCRIPTION 200 "Bidirectional Forwarding Management Information Base." 201 REVISION "201204141200Z" -- 14 June 2012 12:00:00 EST 202 DESCRIPTION 203 "Initial version. Published as RFC xxxx." 204 -- RFC Ed.: RFC-editor pls fill in xxxx 205 ::= { mib-2 XXX } 206 -- RFC Ed.: assigned by IANA, see section 7.1 for details 208 -- Top level components of this MIB module. 210 bfdNotifications OBJECT IDENTIFIER ::= { bfdMIB 0 } 212 bfdObjects OBJECT IDENTIFIER ::= { bfdMIB 1 } 214 bfdConformance OBJECT IDENTIFIER ::= { bfdMIB 2 } 216 bfdScalarObjects OBJECT IDENTIFIER ::= { bfdObjects 1 } 218 -- BFD General Variables 220 -- These parameters apply globally to the Systems' 221 -- BFD Process. 223 bfdAdminStatus OBJECT-TYPE 224 SYNTAX INTEGER { 225 BFD-STD-MIB June 14, 2012 227 enabled(1), 228 disabled(2) 229 } 230 MAX-ACCESS read-write 231 STATUS current 232 DESCRIPTION 233 "The global administrative status of BFD in this device. 234 The value 'enabled' denotes that the BFD Process is 235 active on at least one interface; 'disabled' disables 236 it on all interfaces." 237 DEFVAL { enabled } 238 ::= { bfdScalarObjects 1 } 240 bfdSessNotificationsEnable OBJECT-TYPE 241 SYNTAX TruthValue 242 MAX-ACCESS read-write 243 STATUS current 244 DESCRIPTION 245 "If this object is set to true(1), then it enables 246 the emission of bfdSessUp and bfdSessDown 247 notifications; otherwise these notifications are not 248 emitted." 249 REFERENCE 250 "See also RFC3413 for explanation that 251 notifications are under the ultimate control of the 252 MIB modules in this document." 253 DEFVAL { false } 254 ::= { bfdScalarObjects 2 } 256 -- BFD Session Table 257 -- The BFD Session Table specifies BFD session specific 258 -- information. 260 bfdSessTable OBJECT-TYPE 261 SYNTAX SEQUENCE OF BfdSessEntry 262 MAX-ACCESS not-accessible 263 STATUS current 264 DESCRIPTION 265 "The BFD Session Table describes the BFD sessions." 266 REFERENCE 267 "Katz, D. and D. Ward, Bidirectional Forwarding 268 Detection (BFD), RFC 5880, June 2012." 269 ::= { bfdObjects 2 } 271 bfdSessEntry OBJECT-TYPE 272 SYNTAX BfdSessEntry 273 MAX-ACCESS not-accessible 274 STATUS current 275 BFD-STD-MIB June 14, 2012 277 DESCRIPTION 278 "The BFD Session Entry describes BFD session." 279 INDEX { bfdSessIndex } 280 ::= { bfdSessTable 1 } 282 BfdSessEntry ::= SEQUENCE { 283 bfdSessIndex BfdSessIndexTC, 284 bfdSessVersionNumber Unsigned32, 285 bfdSessType BfdSessTypeTC, 286 bfdSessDiscriminator Unsigned32, 287 bfdSessRemoteDiscr Unsigned32, 288 bfdSessDestinationUdpPort BfdCtrlDestPortNumberTC, 289 bfdSessSourceUdpPort BfdCtrlSourcePortNumberTC, 290 bfdSessEchoSourceUdpPort InetPortNumber, 291 bfdSessAdminStatus INTEGER, 292 bfdSessState BfdSessStateTC, 293 bfdSessRemoteHeardFlag TruthValue, 294 bfdSessDiag BfdDiagTC, 295 bfdSessOperMode BfdSessOperModeTC, 296 bfdSessDemandModeDesiredFlag TruthValue, 297 bfdSessControlPlaneIndepFlag TruthValue, 298 bfdSessMultipointFlag TruthValue, 299 bfdSessInterface InterfaceIndexOrZero, 300 bfdSessSrcAddrType InetAddressType, 301 bfdSessSrcAddr InetAddress, 302 bfdSessDstAddrType InetAddressType, 303 bfdSessDstAddr InetAddress, 304 bfdSessGTSM TruthValue, 305 bfdSessGTSMTTL Unsigned32, 306 bfdSessDesiredMinTxInterval BfdIntervalTC, 307 bfdSessReqMinRxInterval BfdIntervalTC, 308 bfdSessReqMinEchoRxInterval BfdIntervalTC, 309 bfdSessDetectMult BfdMultiplierTC, 310 bfdSessNegotiatedInterval BfdIntervalTC, 311 bfdSessNegotiatedEchoInterval BfdIntervalTC, 312 bfdSessNegotiatedDetectMult BfdMultiplierTC, 313 bfdSessAuthPresFlag TruthValue, 314 bfdSessAuthenticationType BfdSessAuthenticationTypeTC, 315 bfdSessAuthenticationKeyID Integer32, 316 bfdSessAuthenticationKey BfdSessionAuthenticationKeyTC, 317 bfdSessStorageType StorageType, 318 bfdSessRowStatus RowStatus 319 } 321 bfdSessIndex OBJECT-TYPE 322 SYNTAX BfdSessIndexTC 323 MAX-ACCESS not-accessible 324 STATUS current 325 BFD-STD-MIB June 14, 2012 327 DESCRIPTION 328 "This object contains an index used to represent a 329 unique BFD session on this device." 330 ::= { bfdSessEntry 1 } 332 bfdSessVersionNumber OBJECT-TYPE 333 SYNTAX Unsigned32 (0..7) 334 MAX-ACCESS read-create 335 STATUS current 336 DESCRIPTION 337 "The version number of the BFD protocol that this session 338 is running in. Write access is available for this object 339 to provide ability to set desired version for this 340 BFD session." 341 REFERENCE 342 "Katz, D. and D. Ward, Bidirectional Forwarding 343 Detection (BFD), RFC 5880, June 2012." 344 DEFVAL { 1 } 345 ::= { bfdSessEntry 2 } 347 bfdSessType OBJECT-TYPE 348 SYNTAX BfdSessTypeTC 349 MAX-ACCESS read-create 350 STATUS current 351 DESCRIPTION 352 "This object specifies the type of this BFD session." 353 ::= { bfdSessEntry 3 } 355 bfdSessDiscriminator OBJECT-TYPE 356 SYNTAX Unsigned32 (1..4294967295) 357 MAX-ACCESS read-only 358 STATUS current 359 DESCRIPTION 360 "This object specifies the local discriminator for this BFD 361 session, used to uniquely identify it." 362 ::= { bfdSessEntry 4 } 364 bfdSessRemoteDiscr OBJECT-TYPE 365 SYNTAX Unsigned32 (0 | 1..4294967295) 366 MAX-ACCESS read-only 367 STATUS current 368 DESCRIPTION 369 "This object specifies the session discriminator chosen 370 by the remote system for this BFD session. The value may 371 be zero(0) if the remote discriminator is not yet known 372 or if the session is in the down or adminDown(1) state." 373 REFERENCE 374 "Section 6.8.6, from Katz, D. and D. Ward, Bidirectional 375 BFD-STD-MIB June 14, 2012 377 Forwarding Detection (BFD), RFC 5880, June 2012." 378 ::= { bfdSessEntry 5 } 380 bfdSessDestinationUdpPort OBJECT-TYPE 381 SYNTAX BfdCtrlDestPortNumberTC 382 MAX-ACCESS read-create 383 STATUS current 384 DESCRIPTION 385 "This object specifies the destination UDP port number 386 used for this BFD session's control packets. The value 387 may be zero(0) if the session is in adminDown(1) state." 388 DEFVAL { 0 } 389 ::= { bfdSessEntry 6 } 391 bfdSessSourceUdpPort OBJECT-TYPE 392 SYNTAX BfdCtrlSourcePortNumberTC 393 MAX-ACCESS read-create 394 STATUS current 395 DESCRIPTION 396 "This object specifies the source UDP port number used 397 for this BFD session's control packets. The value may be 398 zero(0) if the session is in adminDown(1) state. Upon 399 creation of a new BFD session via this MIB, the value of 400 zero(0) specified would permit the implementation to 401 chose its own source port number." 402 DEFVAL { 0 } 403 ::= { bfdSessEntry 7 } 405 bfdSessEchoSourceUdpPort OBJECT-TYPE 406 SYNTAX InetPortNumber 407 MAX-ACCESS read-create 408 STATUS current 409 DESCRIPTION 410 "This object specifies the source UDP port number used for 411 this BFD session's echo packets. The value may be zero(0) 412 if the session is not running in the echo mode, or the 413 session is in adminDown(1) state. Upon creation of a new 414 BFD session via this MIB, the value of zero(0) would 415 permit the implementation to chose its own source port 416 number." 417 DEFVAL { 0 } 418 ::= { bfdSessEntry 8 } 420 bfdSessAdminStatus OBJECT-TYPE 421 SYNTAX INTEGER { 422 stop(1), 423 start(2) 424 } 425 BFD-STD-MIB June 14, 2012 427 MAX-ACCESS read-create 428 STATUS current 429 DESCRIPTION 430 "A transition from 'stop' to 'start' will start 431 the BFD state machine for the session. The state 432 machine will have an initial state of down. 433 A transition from 'start' to 'stop' will cause 434 the BFD sesssion to be brought down to 435 adminDown(1). Care should be used in providing 436 write access to this object without adequate 437 authentication." 438 DEFVAL { 2 } 439 ::= { bfdSessEntry 9 } 441 bfdSessState OBJECT-TYPE 442 SYNTAX BfdSessStateTC 443 MAX-ACCESS read-only 444 STATUS current 445 DESCRIPTION 446 "BFD session state." 447 DEFVAL { 2 } 448 ::= { bfdSessEntry 10 } 450 bfdSessRemoteHeardFlag OBJECT-TYPE 451 SYNTAX TruthValue 452 MAX-ACCESS read-only 453 STATUS current 454 DESCRIPTION 455 "This object specifies status of BFD packet reception from 456 the remote system. Specifically, it is set to true(1) if 457 the local system is actively receiving BFD packets from the 458 remote system, and is set to false(2) if the local system 459 has not received BFD packets recently (within the detection 460 time) or if the local system is attempting to tear down 461 the BFD session." 462 REFERENCE 463 "Katz, D. and D. Ward, Bidirectional 464 Forwarding Detection (BFD), RFC 5880, June 2012." 465 DEFVAL { false } 466 ::= { bfdSessEntry 11 } 468 bfdSessDiag OBJECT-TYPE 469 SYNTAX BfdDiagTC 470 MAX-ACCESS read-only 471 STATUS current 472 DESCRIPTION 473 "A diagnostic code specifying the local system's reason 474 for the last transition of the session from up(4) 475 BFD-STD-MIB June 14, 2012 477 to some other state." 478 ::= { bfdSessEntry 12 } 480 bfdSessOperMode OBJECT-TYPE 481 SYNTAX BfdSessOperModeTC 482 MAX-ACCESS read-create 483 STATUS current 484 DESCRIPTION 485 "This object specifies current operating mode that BFD 486 session is operating in." 487 ::= { bfdSessEntry 13 } 489 bfdSessDemandModeDesiredFlag OBJECT-TYPE 490 SYNTAX TruthValue 491 MAX-ACCESS read-create 492 STATUS current 493 DESCRIPTION 494 "This object indicates that the local system's 495 desire to use Demand mode. Specifically, it is set 496 to true(1) if the local system wishes to use 497 Demand mode or false(2) if not" 498 DEFVAL { false } 499 ::= { bfdSessEntry 14 } 501 bfdSessControlPlaneIndepFlag OBJECT-TYPE 502 SYNTAX TruthValue 503 MAX-ACCESS read-create 504 STATUS current 505 DESCRIPTION 506 "This object indicates that the local system's 507 ability to continue to function through a disruption of 508 the control plane. Specifically, it is set 509 to true(1) if the local system BFD implementation is 510 independent of the control plane. Otherwise, the 511 value is set to false(2)" 512 DEFVAL { false } 513 ::= { bfdSessEntry 15 } 515 bfdSessMultipointFlag OBJECT-TYPE 516 SYNTAX TruthValue 517 MAX-ACCESS read-create 518 STATUS current 519 DESCRIPTION 520 "This object indicates the Multipoint (M) bit for this 521 session. It is set to true(1) if Multipoint (M) bit is 522 set to 1. Otherwise, the value is set to false(2)" 523 DEFVAL { false } 524 ::= { bfdSessEntry 16 } 525 BFD-STD-MIB June 14, 2012 527 bfdSessInterface OBJECT-TYPE 528 SYNTAX InterfaceIndexOrZero 529 MAX-ACCESS read-create 530 STATUS current 531 DESCRIPTION 532 "This object contains an interface index used to indicate 533 the interface which this BFD session is running on. This 534 value can be zero if there is no interface associated 535 with this BFD session." 536 ::= { bfdSessEntry 17 } 538 bfdSessSrcAddrType OBJECT-TYPE 539 SYNTAX InetAddressType 540 MAX-ACCESS read-create 541 STATUS current 542 DESCRIPTION 543 "This object specifies IP address type of the source IP 544 address of this BFD session. Only values unknown(0), 545 ipv4(1), ipv6(2), or ipv6z(4) have to be supported. 546 The value of unknown(0) is allowed only when the session 547 is singleHop(1) and the source IP address of this BFD 548 session is drived from the outgoing interface, or when 549 the BFD session is not associated with a specific 550 interface. If any other unsupported values are attempted 551 in a set operation, the agent MUST return an 552 inconsistentValue error." 553 ::= { bfdSessEntry 18 } 555 bfdSessSrcAddr OBJECT-TYPE 556 SYNTAX InetAddress 557 MAX-ACCESS read-create 558 STATUS current 559 DESCRIPTION 560 "This object specifies the source IP address of this BFD 561 session." 562 ::= { bfdSessEntry 19 } 564 bfdSessDstAddrType OBJECT-TYPE 565 SYNTAX InetAddressType 566 MAX-ACCESS read-create 567 STATUS current 568 DESCRIPTION 569 "This object specifies IP address type of the neighboring IP 570 address which is being monitored with this BFD session. 571 Only values unknown(0), ipv4(1), ipv6(2), or ipv6z(4) 572 have to be supported. The value of unknown(0) is allowed 573 only when the session is singleHop(1) and the outgoing 574 BFD-STD-MIB June 14, 2012 576 interface is of type point-to-point, or when the BFD 577 session is not associated with a specific interface. If any 578 other unsupported values are attempted in a set operation, 579 the agent MUST return an inconsistentValue error." 580 ::= { bfdSessEntry 20 } 582 bfdSessDstAddr OBJECT-TYPE 583 SYNTAX InetAddress 584 MAX-ACCESS read-create 585 STATUS current 586 DESCRIPTION 587 "This object specifies the neighboring IP address which is 588 being monitored with this BFD session." 589 ::= { bfdSessEntry 21 } 591 bfdSessGTSM OBJECT-TYPE 592 SYNTAX TruthValue 593 MAX-ACCESS read-create 594 STATUS current 595 DESCRIPTION 596 "Setting the value of this object to true(1) will enable GTSM 597 protection of the BFD session. GTSM MUST be enabled on a 598 singleHop(1) session if no authentication is in use." 599 REFERENCE 600 "RFC5082, The Generalized TTL Security Mechanism (GTSM). 601 RFC5881, Section 5" 602 DEFVAL { false } 603 ::= { bfdSessEntry 22 } 605 bfdSessGTSMTTL OBJECT-TYPE 606 SYNTAX Unsigned32 (0..255) 607 MAX-ACCESS read-create 608 STATUS current 609 DESCRIPTION 610 "This object is valid only when bfdSessGTSM protection is 611 enabled on the system. This object specifies the minimum 612 allowed TTL for received BFD control packets. For 613 singleHop(1) session, if GTSM protection is enabled, 614 this object SHOULD be set to maximum TTL allowed for 615 single hop. The value of zero(0) indicates that 616 bfdSessGTSM is disabled." 617 REFERENCE 618 "RFC5082, The Generalized TTL Security Mechanism (GTSM). 619 RFC5881, Section 5" 620 DEFVAL { 0 } 621 ::= { bfdSessEntry 23 } 623 bfdSessDesiredMinTxInterval OBJECT-TYPE 624 BFD-STD-MIB June 14, 2012 626 SYNTAX BfdIntervalTC 627 MAX-ACCESS read-create 628 STATUS current 629 DESCRIPTION 630 "This object specifies the minimum interval, in 631 microseconds, that the local system would like to use 632 when transmitting BFD Control packets. The value of 633 zero(0) is reserved, and should not be used." 634 REFERENCE 635 "Section 4.1 from Katz, D. and D. Ward, Bidirectional 636 Forwarding Detection (BFD), RFC 5880, June 2012." 637 ::= { bfdSessEntry 24 } 639 bfdSessReqMinRxInterval OBJECT-TYPE 640 SYNTAX BfdIntervalTC 641 MAX-ACCESS read-create 642 STATUS current 643 DESCRIPTION 644 "This object specifies the minimum interval, in 645 microseconds, between received BFD Control packets the 646 local system is capable of supporting. The value of 647 zero(0) can be specified when the transmitting system 648 does not want the remote system to send any periodic BFD 649 control packets." 650 REFERENCE 651 "Section 4.1 from Katz, D. and D. Ward, Bidirectional 652 Forwarding Detection (BFD), RFC 5880, June 2012." 653 ::= { bfdSessEntry 25 } 655 bfdSessReqMinEchoRxInterval OBJECT-TYPE 656 SYNTAX BfdIntervalTC 657 MAX-ACCESS read-create 658 STATUS current 659 DESCRIPTION 660 "This object specifies the minimum interval, in 661 microseconds, between received BFD Echo packets that this 662 system is capable of supporting. Value must be zero(0) if 663 this is a multihop BFD session." 664 ::= { bfdSessEntry 26 } 666 bfdSessDetectMult OBJECT-TYPE 667 SYNTAX BfdMultiplierTC 668 MAX-ACCESS read-create 669 STATUS current 670 DESCRIPTION 671 "This object specifies the Detect time multiplier." 672 ::= { bfdSessEntry 27 } 673 BFD-STD-MIB June 14, 2012 675 bfdSessNegotiatedInterval OBJECT-TYPE 676 SYNTAX BfdIntervalTC 677 MAX-ACCESS read-only 678 STATUS current 679 DESCRIPTION 680 "This object specifies the negotiated interval, in 681 microseconds, that the local system is transmitting 682 BFD Control packets." 683 ::= { bfdSessEntry 28 } 685 bfdSessNegotiatedEchoInterval OBJECT-TYPE 686 SYNTAX BfdIntervalTC 687 MAX-ACCESS read-only 688 STATUS current 689 DESCRIPTION 690 "This object specifies the negotiated interval, in 691 microseconds, that the local system is transmitting 692 BFD echo packets. Value is expected to be zero if 693 the sessions is not running in echo mode." 694 ::= { bfdSessEntry 29 } 696 bfdSessNegotiatedDetectMult OBJECT-TYPE 697 SYNTAX BfdMultiplierTC 698 MAX-ACCESS read-only 699 STATUS current 700 DESCRIPTION 701 "This object specifies the Detect time multiplier." 702 ::= { bfdSessEntry 30 } 704 bfdSessAuthPresFlag OBJECT-TYPE 705 SYNTAX TruthValue 706 MAX-ACCESS read-create 707 STATUS current 708 DESCRIPTION 709 "This object indicates that the local system's 710 desire to use Authentication. Specifically, it is set 711 to true(1) if the local system wishes the session 712 to be authenticated or false(2) if not." 713 REFERENCE 714 "Sections 4.2 - 4.4 from Katz, D. and D. Ward, 715 Bidirectional Forwarding Detection (BFD), RFC 5880, 716 June 2012." 717 DEFVAL { false } 718 ::= { bfdSessEntry 31 } 720 bfdSessAuthenticationType OBJECT-TYPE 721 SYNTAX BfdSessAuthenticationTypeTC 722 MAX-ACCESS read-create 723 BFD-STD-MIB June 14, 2012 725 STATUS current 726 DESCRIPTION 727 "The Authentication Type used for this BFD session. 728 This field is valid only when the Authentication 729 Present bit is set. Max-access to this object as well as 730 other authentication related objects are set to 731 read-create in order to support management of a single 732 key ID at a time, key rotation is not handled. Key update 733 in practice must be done by atomic update using a set 734 containing all affected objects in the same varBindList 735 or otherwise risk the session dropping. Value -1 736 indicates that no authentication is in use for this 737 session." 738 REFERENCE 739 "Sections 4.2 - 4.4 from Katz, D. and D. Ward, 740 Bidirectional Forwarding Detection (BFD), RFC 5880, 741 June 2012." 742 DEFVAL { -1 } 743 ::= { bfdSessEntry 32 } 745 bfdSessAuthenticationKeyID OBJECT-TYPE 746 SYNTAX Integer32 (-1 | 0..255) 747 MAX-ACCESS read-create 748 STATUS current 749 DESCRIPTION 750 "The authentication key ID in use for this session. This 751 object permits multiple keys to be active simultaneously. 752 When bfdSessAuthPresFlag is false(2), then the value 753 of this object MUST be -1. The value -1 indicates that 754 no Authentication Key ID will be present in the optional 755 BFD Authentication Section." 756 REFERENCE 757 "Sections 4.2 - 4.4 from Katz, D. and D. Ward, 758 Bidirectional Forwarding Detection (BFD), RFC 5880, 759 June 2012." 760 DEFVAL { -1 } 761 ::= { bfdSessEntry 33 } 763 bfdSessAuthenticationKey OBJECT-TYPE 764 SYNTAX BfdSessionAuthenticationKeyTC 765 MAX-ACCESS read-create 766 STATUS current 767 DESCRIPTION 768 "The authentication key. When the 769 bfdSessAuthenticationType is simplePassword(1), the value 770 of this object is the password present in the BFD packets. 772 When the bfdSessAuthentication type is one of the keyed 773 BFD-STD-MIB June 14, 2012 775 authentication types, this value is used in the 776 computation of the key present in the BFD authentication 777 packet." 778 REFERENCE 779 "Sections 4.2 - 4.4 from from Katz, D. and D. Ward, 780 Bidirectional Forwarding Detection (BFD), RFC 5880, 781 June 2012." 782 ::= { bfdSessEntry 34 } 784 bfdSessStorageType OBJECT-TYPE 785 SYNTAX StorageType 786 MAX-ACCESS read-create 787 STATUS current 788 DESCRIPTION 789 "This variable indicates the storage type for this 790 object. Conceptual rows having the value 791 'permanent' need not allow write-access to any 792 columnar objects in the row." 793 ::= { bfdSessEntry 35 } 795 bfdSessRowStatus OBJECT-TYPE 796 SYNTAX RowStatus 797 MAX-ACCESS read-create 798 STATUS current 799 DESCRIPTION 800 "This variable is used to create, modify, and/or 801 delete a row in this table. When a row in this 802 table has a row in the active(1) state, no 803 objects in this row can be modified except the 804 bfdSessRowStatus and bfdSessStorageType." 805 ::= { bfdSessEntry 36 } 807 -- BFD Session Performance Table 809 bfdSessPerfTable OBJECT-TYPE 810 SYNTAX SEQUENCE OF BfdSessPerfEntry 811 MAX-ACCESS not-accessible 812 STATUS current 813 DESCRIPTION 814 "This table specifies BFD Session performance counters." 815 ::= { bfdObjects 3 } 817 bfdSessPerfEntry OBJECT-TYPE 818 SYNTAX BfdSessPerfEntry 819 MAX-ACCESS not-accessible 820 STATUS current 821 DESCRIPTION 822 "An entry in this table is created by a BFD-enabled node 823 BFD-STD-MIB June 14, 2012 825 for every BFD Session. bfdSessPerfDiscTime is used to 826 indicate potential discontinuity for all counter objects 827 in this table." 828 AUGMENTS { bfdSessEntry } 829 ::= { bfdSessPerfTable 1 } 831 BfdSessPerfEntry ::= SEQUENCE { 832 bfdSessPerfCtrlPktIn Counter32, 833 bfdSessPerfCtrlPktOut Counter32, 834 bfdSessPerfCtrlPktDrop Counter32, 835 bfdSessPerfCtrlPktDropLastTime TimeStamp, 836 bfdSessPerfEchoPktIn Counter32, 837 bfdSessPerfEchoPktOut Counter32, 838 bfdSessPerfEchoPktDrop Counter32, 839 bfdSessPerfEchoPktDropLastTime TimeStamp, 840 bfdSessUpTime TimeStamp, 841 bfdSessPerfLastSessDownTime TimeStamp, 842 bfdSessPerfLastCommLostDiag BfdDiagTC, 843 bfdSessPerfSessUpCount Counter32, 844 bfdSessPerfDiscTime TimeStamp, 846 -- High Capacity Counters 847 bfdSessPerfCtrlPktInHC Counter64, 848 bfdSessPerfCtrlPktOutHC Counter64, 849 bfdSessPerfCtrlPktDropHC Counter64, 850 bfdSessPerfEchoPktInHC Counter64, 851 bfdSessPerfEchoPktOutHC Counter64, 852 bfdSessPerfEchoPktDropHC Counter64 853 } 855 -- Ed Note: should we add per-diag code counts here, 857 bfdSessPerfCtrlPktIn OBJECT-TYPE 858 SYNTAX Counter32 859 MAX-ACCESS read-only 860 STATUS current 861 DESCRIPTION 862 "The total number of BFD control messages received for this 863 BFD session. This value MUST be equal to the least 864 significant 32 bits of bfdSessPerfCtrlPktInHC." 865 ::= { bfdSessPerfEntry 1 } 867 bfdSessPerfCtrlPktOut OBJECT-TYPE 868 SYNTAX Counter32 869 MAX-ACCESS read-only 870 STATUS current 871 DESCRIPTION 872 "The total number of BFD control messages sent for this BFD 873 BFD-STD-MIB June 14, 2012 875 session. 877 It MUST be equal to the least significant 32 bits of 878 significant 32 bits of bfdSessPerfCtrlPktOutHC 879 if supported, and MUST do so the rules spelled out in 880 RFC 2863." 882 ::= { bfdSessPerfEntry 2 } 884 bfdSessPerfCtrlPktDrop OBJECT-TYPE 885 SYNTAX Counter32 886 MAX-ACCESS read-only 887 STATUS current 888 DESCRIPTION 889 "The total number of BFD control messages received for this 890 session yet dropped for being invalid. 892 It MUST be equal to the least significant 32 bits of 893 significant 32 bits of bfdSessPerfCtrlPktDropHC 894 if supported, and MUST do so the rules spelled out in 895 RFC 2863." 896 ::= { bfdSessPerfEntry 3 } 898 bfdSessPerfCtrlPktDropLastTime OBJECT-TYPE 899 SYNTAX TimeStamp 900 MAX-ACCESS read-only 901 STATUS current 902 DESCRIPTION 903 "The value of sysUpTime on the most recent occasion at 904 which received BFD control message for this session was 905 dropped. If no such up event exists, this object contains 906 a zero value." 907 ::= { bfdSessPerfEntry 4 } 909 bfdSessPerfEchoPktIn OBJECT-TYPE 910 SYNTAX Counter32 911 MAX-ACCESS read-only 912 STATUS current 913 DESCRIPTION 914 "The total number of BFD echo messages received for this 915 BFD session. 917 It MUST be equal to the least significant 32 bits of 918 significant 32 bits of bfdSessPerfEchoPktInHC if 919 supported, and MUST do so the rules spelled out in 920 RFC 2863." 921 ::= { bfdSessPerfEntry 5 } 922 BFD-STD-MIB June 14, 2012 924 bfdSessPerfEchoPktOut OBJECT-TYPE 925 SYNTAX Counter32 926 MAX-ACCESS read-only 927 STATUS current 928 DESCRIPTION 929 "The total number of BFD echo messages sent for this BFD 930 session. 932 It MUST be equal to the least significant 32 bits of 933 bfdSessPerfEchoPktOutHC if supported, and MUST do so 934 the rules spelled out in RFC 2863." 935 ::= { bfdSessPerfEntry 6 } 937 bfdSessPerfEchoPktDrop OBJECT-TYPE 938 SYNTAX Counter32 939 MAX-ACCESS read-only 940 STATUS current 941 DESCRIPTION 942 "The total number of BFD echo messages received for this 943 session yet dropped for being invalid. 945 It MUST be equal to the least significant 32 bits of 946 bfdSessPerfEchoPktDropHC if supported, and MUST do so 947 the rules spelled out in RFC 2863." 948 ::= { bfdSessPerfEntry 7 } 950 bfdSessPerfEchoPktDropLastTime OBJECT-TYPE 951 SYNTAX TimeStamp 952 MAX-ACCESS read-only 953 STATUS current 954 DESCRIPTION 955 "The value of sysUpTime on the most recent occasion at 956 which received BFD echo message for this session was 957 dropped. If no such up event exists, this object contains 958 a zero value." 959 ::= { bfdSessPerfEntry 8 } 961 bfdSessUpTime OBJECT-TYPE 962 SYNTAX TimeStamp 963 MAX-ACCESS read-only 964 STATUS current 965 DESCRIPTION 966 "The value of sysUpTime on the most recent occasion at which 967 the session came up. If no such up event exists this object 968 contains a zero value." 969 ::= { bfdSessPerfEntry 9 } 971 bfdSessPerfLastSessDownTime OBJECT-TYPE 972 BFD-STD-MIB June 14, 2012 974 SYNTAX TimeStamp 975 MAX-ACCESS read-only 976 STATUS current 977 DESCRIPTION 978 "The value of sysUpTime on the most recent occasion at 979 which the last time communication was lost with the 980 neighbor. If no such down event exist this object 981 contains a zero value." 982 ::= { bfdSessPerfEntry 10 } 984 bfdSessPerfLastCommLostDiag OBJECT-TYPE 985 SYNTAX BfdDiagTC 986 MAX-ACCESS read-only 987 STATUS current 988 DESCRIPTION 989 "The BFD diag code for the last time communication was lost 990 with the neighbor. If no such down event exists this object 991 contains a zero value." 992 ::= { bfdSessPerfEntry 11 } 994 bfdSessPerfSessUpCount OBJECT-TYPE 995 SYNTAX Counter32 996 MAX-ACCESS read-only 997 STATUS current 998 DESCRIPTION 999 "The number of times this session has gone into the Up 1000 state since the system last rebooted." 1001 ::= { bfdSessPerfEntry 12 } 1003 bfdSessPerfDiscTime OBJECT-TYPE 1004 SYNTAX TimeStamp 1005 MAX-ACCESS read-only 1006 STATUS current 1007 DESCRIPTION 1008 "The value of sysUpTime on the most recent occasion at 1009 which any one or more of the session counters suffered 1010 a discontinuity. 1012 The relevant counters are the specific instances associated 1013 with this BFD session of any Counter32 object contained in 1014 the BfdSessPerfTable. If no such discontinuities have 1015 occurred since the last re-initialization of the local 1016 management subsystem, then this object contains a zero 1017 value." 1018 ::= { bfdSessPerfEntry 13 } 1020 bfdSessPerfCtrlPktInHC OBJECT-TYPE 1021 SYNTAX Counter64 1022 BFD-STD-MIB June 14, 2012 1024 MAX-ACCESS read-only 1025 STATUS current 1026 DESCRIPTION 1027 "This value represents the total number of BFD control 1028 messages received for this BFD session. 1030 It MUST be equal to the least significant 32 bits of 1031 bfdSessPerfCtrlPktInHC if supported, and MUST do so 1032 the rules spelled out in RFC 2863." 1033 ::= { bfdSessPerfEntry 14 } 1035 bfdSessPerfCtrlPktOutHC OBJECT-TYPE 1036 SYNTAX Counter64 1037 MAX-ACCESS read-only 1038 STATUS current 1039 DESCRIPTION 1040 "This value represents the total number of BFD control 1041 messages transmitted for this BFD session. 1043 It MUST be equal to the least significant 32 bits of 1044 bfdSessPerfCtrlPktOut if supported, and MUST do so 1045 the rules spelled out in RFC 2863." 1046 ::= { bfdSessPerfEntry 15 } 1048 bfdSessPerfCtrlPktDropHC OBJECT-TYPE 1049 SYNTAX Counter64 1050 MAX-ACCESS read-only 1051 STATUS current 1052 DESCRIPTION 1053 "This value represents the total number of BFD control 1054 messages received for this BFD session yet dropped for 1055 being invalid. 1057 It MUST be equal to the least significant 32 bits of 1058 bfdSessPerfCtrlPktDrop if supported, and MUST do so 1059 the rules spelled out in RFC 2863." 1060 ::= { bfdSessPerfEntry 16 } 1062 bfdSessPerfEchoPktInHC OBJECT-TYPE 1063 SYNTAX Counter64 1064 MAX-ACCESS read-only 1065 STATUS current 1066 DESCRIPTION 1067 "This value represents the total number of BFD echo 1068 messages received for this BFD session. 1070 It MUST be equal to the least significant 32 bits of 1071 bfdSessPerfEchoPktIn if supported, and MUST do so 1072 BFD-STD-MIB June 14, 2012 1074 the rules spelled out in RFC 2863." 1075 ::= { bfdSessPerfEntry 17 } 1077 bfdSessPerfEchoPktOutHC OBJECT-TYPE 1078 SYNTAX Counter64 1079 MAX-ACCESS read-only 1080 STATUS current 1081 DESCRIPTION 1082 "This value represents the total number of BFD echo 1083 messages transmitted for this BFD session. 1085 It MUST be equal to the least significant 32 bits of 1086 bfdSessPerfEchoPktOut if supported, and MUST do so 1087 the rules spelled out in RFC 2863." 1088 ::= { bfdSessPerfEntry 18 } 1090 bfdSessPerfEchoPktDropHC OBJECT-TYPE 1091 SYNTAX Counter64 1092 MAX-ACCESS read-only 1093 STATUS current 1094 DESCRIPTION 1095 "This value represents the total number of BFD echo 1096 messages received for this BFD session yet dropped 1097 for being invalid. 1099 It MUST be equal to the least significant 32 bits of 1100 bfdSessPerfEchoPktDrop if supported, and MUST do so 1101 the rules spelled out in RFC 2863." 1102 ::= { bfdSessPerfEntry 19 } 1104 -- BFD Session Discriminator Mapping Table 1106 bfdSessDiscMapTable OBJECT-TYPE 1107 SYNTAX SEQUENCE OF BfdSessDiscMapEntry 1108 MAX-ACCESS not-accessible 1109 STATUS current 1110 DESCRIPTION 1111 "The BFD Session Discriminator Mapping Table maps a 1112 local discriminator value to associated BFD session's 1113 BfdSessIndexTC used in the bfdSessionTable." 1114 ::= { bfdObjects 4 } 1116 bfdSessDiscMapEntry OBJECT-TYPE 1117 SYNTAX BfdSessDiscMapEntry 1118 MAX-ACCESS not-accessible 1119 STATUS current 1120 DESCRIPTION 1121 "The BFD Session Discriminator Map Entry describes 1122 BFD-STD-MIB June 14, 2012 1124 BFD session that is mapped to this BfdSessIndexTC." 1125 INDEX { bfdSessDiscriminator } 1126 ::= { bfdSessDiscMapTable 1 } 1128 BfdSessDiscMapEntry ::= SEQUENCE { 1129 bfdSessDiscMapIndex BfdSessIndexTC, 1130 bfdSessDiscMapStorageType StorageType, 1131 bfdSessDiscMapRowStatus RowStatus 1132 } 1134 bfdSessDiscMapIndex OBJECT-TYPE 1135 SYNTAX BfdSessIndexTC 1136 MAX-ACCESS read-only 1137 STATUS current 1138 DESCRIPTION 1139 "This object specifies the BfdSessIndexTC referred to by 1140 the indices of this row. In essence, a mapping is 1141 provided between these indexes and the BfdSessTable." 1142 ::= { bfdSessDiscMapEntry 1 } 1144 bfdSessDiscMapStorageType OBJECT-TYPE 1145 SYNTAX StorageType 1146 MAX-ACCESS read-create 1147 STATUS current 1148 DESCRIPTION 1149 "This variable indicates the storage type for this 1150 object. Conceptual rows having the value 1151 'permanent' need not allow write-access to any 1152 columnar objects in the row." 1153 ::= { bfdSessDiscMapEntry 2 } 1155 bfdSessDiscMapRowStatus OBJECT-TYPE 1156 SYNTAX RowStatus 1157 MAX-ACCESS read-create 1158 STATUS current 1159 DESCRIPTION 1160 "This variable is used to create, modify, and/or 1161 delete a row in this table. When a row in this 1162 table has a row in the active(1) state, no 1163 objects in this row can be modified except the 1164 bfdSessDiscMapRowStatus and bfdSessDiscMapStorageType." 1165 ::= { bfdSessDiscMapEntry 3 } 1167 -- BFD Session IP Mapping Table 1169 bfdSessIpMapTable OBJECT-TYPE 1170 SYNTAX SEQUENCE OF BfdSessIpMapEntry 1171 MAX-ACCESS not-accessible 1172 BFD-STD-MIB June 14, 2012 1174 STATUS current 1175 DESCRIPTION 1176 "The BFD Session IP Mapping Table maps given 1177 bfdSessInterface, bfdSessSrcAddrType, bfdSessSrcAddr, 1178 bfdSessDstAddrType and bfdSessDstAddr 1179 to an associated BFD session's BfdSessIndexTC used in 1180 the bfdSessionTable." 1181 ::= { bfdObjects 5 } 1183 bfdSessIpMapEntry OBJECT-TYPE 1184 SYNTAX BfdSessIpMapEntry 1185 MAX-ACCESS not-accessible 1186 STATUS current 1187 DESCRIPTION 1188 "The BFD Session IP Map Entry describes 1189 BFD session that is mapped to this BfdSessIndexTC." 1190 INDEX { 1191 bfdSessInterface, 1192 bfdSessSrcAddrType, 1193 bfdSessSrcAddr, 1194 bfdSessDstAddrType, 1195 bfdSessDstAddr 1196 } 1197 ::= { bfdSessIpMapTable 1 } 1199 BfdSessIpMapEntry ::= SEQUENCE { 1200 bfdSessIpMapIndex BfdSessIndexTC, 1201 bfdSessIpMapStorageType StorageType, 1202 bfdSessIpMapRowStatus RowStatus 1203 } 1205 bfdSessIpMapIndex OBJECT-TYPE 1206 SYNTAX BfdSessIndexTC 1207 MAX-ACCESS read-only 1208 STATUS current 1209 DESCRIPTION 1210 "This object specifies the BfdSessIndexTC referred to by 1211 the indexes of this row. In essence, a mapping is 1212 provided between these indexes and the BfdSessTable." 1213 ::= { bfdSessIpMapEntry 1 } 1215 bfdSessIpMapStorageType OBJECT-TYPE 1216 SYNTAX StorageType 1217 MAX-ACCESS read-create 1218 STATUS current 1219 DESCRIPTION 1220 "This variable indicates the storage type for this 1221 object. Conceptual rows having the value 1222 BFD-STD-MIB June 14, 2012 1224 'permanent' need not allow write-access to any 1225 columnar objects in the row." 1226 ::= { bfdSessIpMapEntry 2 } 1228 bfdSessIpMapRowStatus OBJECT-TYPE 1229 SYNTAX RowStatus 1230 MAX-ACCESS read-create 1231 STATUS current 1232 DESCRIPTION 1233 "This variable is used to create, modify, and/or 1234 delete a row in this table. When a row in this 1235 table has a row in the active(1) state, no 1236 objects in this row can be modified except the 1237 bfdSessIpMapRowStatus and bfdSessIpMapStorageType." 1238 ::= { bfdSessIpMapEntry 3 } 1240 -- Notification Configuration 1242 bfdSessUp NOTIFICATION-TYPE 1243 OBJECTS { 1244 bfdSessDiag, -- low range value 1245 bfdSessDiag -- high range value 1246 } 1247 STATUS current 1248 DESCRIPTION 1249 "This notification is generated when the 1250 bfdSessState object for one or more contiguous 1251 entries in bfdSessTable are about to enter the up(4) 1252 state from some other state. The included values of 1253 bfdSessDiag MUST both be set equal to this 1254 new state (i.e: up(4)). The two instances of 1255 bfdSessDiag in this notification indicate the range 1256 of indexes that are affected. Note that all the indexes 1257 of the two ends of the range can be derived from the 1258 instance identifiers of these two objects. For the 1259 cases where a contiguous range of sessions 1260 have transitioned into the up(4) state at roughly 1261 the same time, the device SHOULD issue a single 1262 notification for each range of contiguous indexes in 1263 an effort to minimize the emission of a large number 1264 of notifications. If a notification has to be 1265 issued for just a single bfdSessEntry, then 1266 the instance identifier (and values) of the two 1267 bfdSessDiag objects MUST be the identical." 1268 ::= { bfdNotifications 1 } 1270 bfdSessDown NOTIFICATION-TYPE 1271 OBJECTS { 1272 BFD-STD-MIB June 14, 2012 1274 bfdSessDiag, -- low range value 1275 bfdSessDiag -- high range value 1276 } 1277 STATUS current 1278 DESCRIPTION 1279 "This notification is generated when the 1280 bfdSessState object for one or more contiguous 1281 entries in bfdSessTable are about to enter the down(2) 1282 or adminDown(1) states from some other state. The included 1283 values of bfdSessDiag MUST both be set equal to this new 1284 state (i.e: down(2) or adminDown(1)). The two instances 1285 of bfdSessDiag in this notification indicate the range 1286 of indexes that are affected. Note that all the indexes 1287 of the two ends of the range can be derived from the 1288 instance identifiers of these two objects. For 1289 cases where a contiguous range of sessions 1290 have transitioned into the down(2) or adminDown(1) states 1291 at roughly the same time, the device SHOULD issue a single 1292 notification for each range of contiguous indexes in 1293 an effort to minimize the emission of a large number 1294 of notifications. If a notification has to be 1295 issued for just a single bfdSessEntry, then 1296 the instance identifier (and values) of the two 1297 bfdSessDiag objects MUST be the identical." 1298 ::= { bfdNotifications 2 } 1300 -- Ed Note: We need to add notification for changes 1301 -- when the two ends automatically negotiate to a new detection time 1302 -- value or when detection multiplier changes. 1304 -- Module compliance. 1306 bfdGroups 1307 OBJECT IDENTIFIER ::= { bfdConformance 1 } 1309 bfdCompliances 1310 OBJECT IDENTIFIER ::= { bfdConformance 2 } 1312 -- Compliance requirement for fully compliant implementations. 1314 bfdModuleFullCompliance MODULE-COMPLIANCE 1315 STATUS current 1316 DESCRIPTION 1317 "Compliance statement for agents that provide full 1318 support for the BFD-MIB module. Such devices can 1319 then be monitored and also be configured using 1320 this MIB module." 1321 BFD-STD-MIB June 14, 2012 1323 MODULE -- This module. 1325 MANDATORY-GROUPS { 1326 bfdSessionGroup, 1327 bfdSessionReadOnlyGroup, 1328 bfdSessionPerfGroup, 1329 bfdNotificationGroup 1330 } 1332 GROUP bfdSessionPerfHCGroup 1333 DESCRIPTION "This group is mandatory for all systems that 1334 are able to support the Counter64 date type." 1336 OBJECT bfdSessSrcAddrType 1337 SYNTAX InetAddressType { unknown(0), ipv4(1), 1338 ipv6(2), ipv6z(4) } 1339 DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) 1340 support are required." 1342 OBJECT bfdSessSrcAddr 1343 SYNTAX InetAddress (SIZE (0|4|16|20)) 1344 DESCRIPTION "An implementation is only required to support 1345 unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." 1347 OBJECT bfdSessDstAddrType 1348 SYNTAX InetAddressType { unknown(0), ipv4(1), 1349 ipv6(2), ipv6z(4) } 1350 DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) 1351 support are required." 1353 OBJECT bfdSessDstAddr 1354 SYNTAX InetAddress (SIZE (0|4|16|20)) 1355 DESCRIPTION "An implementation is only required to support 1356 unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." 1358 OBJECT bfdSessRowStatus 1359 SYNTAX RowStatus { active(1), notInService(2) } 1360 WRITE-SYNTAX RowStatus { active(1), notInService(2), 1361 createAndGo(4), destroy(6) } 1362 DESCRIPTION "Support for createAndWait and notReady is not 1363 required." 1365 OBJECT bfdSessDiscMapRowStatus 1366 SYNTAX RowStatus { active(1), notInService(2) } 1367 WRITE-SYNTAX RowStatus { active(1), notInService(2), 1368 createAndGo(4), destroy(6) } 1369 DESCRIPTION "Support for createAndWait and notReady is not 1370 BFD-STD-MIB June 14, 2012 1372 required." 1374 OBJECT bfdSessIpMapRowStatus 1375 SYNTAX RowStatus { active(1), notInService(2) } 1376 WRITE-SYNTAX RowStatus { active(1), notInService(2), 1377 createAndGo(4), destroy(6) } 1378 DESCRIPTION "Support for createAndWait and notReady is not 1379 required." 1381 ::= { bfdCompliances 1 } 1383 bfdModuleReadOnlyCompliance MODULE-COMPLIANCE 1384 STATUS current 1385 DESCRIPTION 1386 "Compliance requirement for implementations that only 1387 provide read-only support for BFD-MIB. Such devices 1388 can then be monitored but cannot be configured using 1389 this MIB module." 1391 MODULE -- This module. 1393 MANDATORY-GROUPS { 1394 bfdSessionGroup, 1395 bfdSessionReadOnlyGroup, 1396 bfdSessionPerfGroup, 1397 bfdNotificationGroup 1398 } 1400 GROUP bfdSessionPerfHCGroup 1401 DESCRIPTION "This group is mandatory for all systems that 1402 are able to support the Counter64 date type." 1404 OBJECT bfdSessVersionNumber 1405 MIN-ACCESS read-only 1406 DESCRIPTION "Write access is not required." 1408 OBJECT bfdSessType 1409 MIN-ACCESS read-only 1410 DESCRIPTION "Write access is not required." 1412 OBJECT bfdSessDestinationUdpPort 1413 MIN-ACCESS read-only 1414 DESCRIPTION "Write access is not required." 1416 OBJECT bfdSessSourceUdpPort 1417 MIN-ACCESS read-only 1418 DESCRIPTION "Write access is not required." 1419 BFD-STD-MIB June 14, 2012 1421 OBJECT bfdSessEchoSourceUdpPort 1422 MIN-ACCESS read-only 1423 DESCRIPTION "Write access is not required." 1425 OBJECT bfdSessAdminStatus 1426 MIN-ACCESS read-only 1427 DESCRIPTION "Write access is not required." 1429 OBJECT bfdSessOperMode 1430 MIN-ACCESS read-only 1431 DESCRIPTION "Write access is not required." 1433 OBJECT bfdSessDemandModeDesiredFlag 1434 MIN-ACCESS read-only 1435 DESCRIPTION "Write access is not required." 1437 OBJECT bfdSessControlPlaneIndepFlag 1438 MIN-ACCESS read-only 1439 DESCRIPTION "Write access is not required." 1441 OBJECT bfdSessMultipointFlag 1442 MIN-ACCESS read-only 1443 DESCRIPTION "Write access is not required." 1445 OBJECT bfdSessInterface 1446 MIN-ACCESS read-only 1447 DESCRIPTION "Write access is not required." 1449 OBJECT bfdSessSrcAddrType 1450 SYNTAX InetAddressType { unknown(0), ipv4(1), 1451 ipv6(2), ipv6z(4) } 1452 MIN-ACCESS read-only 1453 DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) 1454 support are required." 1456 OBJECT bfdSessSrcAddr 1457 SYNTAX InetAddress (SIZE (0|4|16|20)) 1458 MIN-ACCESS read-only 1459 DESCRIPTION "An implementation is only required to support 1460 unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." 1462 OBJECT bfdSessDstAddrType 1463 SYNTAX InetAddressType { unknown(0), ipv4(1), 1464 ipv6(2), ipv6z(4) } 1465 MIN-ACCESS read-only 1466 DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) 1467 support are required." 1468 BFD-STD-MIB June 14, 2012 1470 OBJECT bfdSessDstAddr 1471 SYNTAX InetAddress (SIZE (0|4|16|20)) 1472 MIN-ACCESS read-only 1473 DESCRIPTION "An implementation is only required to support 1474 unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." 1476 OBJECT bfdSessGTSM 1477 MIN-ACCESS read-only 1478 DESCRIPTION "Write access is not required." 1480 OBJECT bfdSessGTSMTTL 1481 MIN-ACCESS read-only 1482 DESCRIPTION "Write access is not required." 1484 OBJECT bfdSessDesiredMinTxInterval 1485 MIN-ACCESS read-only 1486 DESCRIPTION "Write access is not required." 1488 OBJECT bfdSessReqMinRxInterval 1489 MIN-ACCESS read-only 1490 DESCRIPTION "Write access is not required." 1492 OBJECT bfdSessReqMinEchoRxInterval 1493 MIN-ACCESS read-only 1494 DESCRIPTION "Write access is not required." 1496 OBJECT bfdSessDetectMult 1497 MIN-ACCESS read-only 1498 DESCRIPTION "Write access is not required." 1500 OBJECT bfdSessAuthPresFlag 1501 MIN-ACCESS read-only 1502 DESCRIPTION "Write access is not required." 1504 OBJECT bfdSessAuthenticationType 1505 MIN-ACCESS read-only 1506 DESCRIPTION "Write access is not required." 1508 OBJECT bfdSessAuthenticationKeyID 1509 MIN-ACCESS read-only 1510 DESCRIPTION "Write access is not required." 1512 OBJECT bfdSessAuthenticationKey 1513 MIN-ACCESS read-only 1514 DESCRIPTION "Write access is not required." 1516 OBJECT bfdSessStorageType 1517 BFD-STD-MIB June 14, 2012 1519 MIN-ACCESS read-only 1520 DESCRIPTION "Write access is not required." 1522 OBJECT bfdSessRowStatus 1523 SYNTAX RowStatus { active(1) } 1524 MIN-ACCESS read-only 1525 DESCRIPTION "Write access is not required." 1527 OBJECT bfdSessDiscMapStorageType 1528 MIN-ACCESS read-only 1529 DESCRIPTION "Write access is not required." 1531 OBJECT bfdSessDiscMapRowStatus 1532 SYNTAX RowStatus { active(1) } 1533 MIN-ACCESS read-only 1534 DESCRIPTION "Write access is not required." 1536 OBJECT bfdSessIpMapStorageType 1537 MIN-ACCESS read-only 1538 DESCRIPTION "Write access is not required." 1540 OBJECT bfdSessIpMapRowStatus 1541 SYNTAX RowStatus { active(1) } 1542 MIN-ACCESS read-only 1543 DESCRIPTION "Write access is not required." 1545 ::= { bfdCompliances 2 } 1547 -- Units of conformance. 1549 bfdSessionGroup OBJECT-GROUP 1550 OBJECTS { 1551 bfdAdminStatus, 1552 bfdSessNotificationsEnable, 1553 bfdSessVersionNumber, 1554 bfdSessType, 1555 bfdSessDestinationUdpPort, 1556 bfdSessSourceUdpPort, 1557 bfdSessEchoSourceUdpPort, 1558 bfdSessAdminStatus, 1559 bfdSessOperMode, 1560 bfdSessDemandModeDesiredFlag, 1561 bfdSessControlPlaneIndepFlag, 1562 bfdSessMultipointFlag, 1563 bfdSessInterface, 1564 bfdSessSrcAddrType, 1565 bfdSessSrcAddr, 1566 bfdSessDstAddrType, 1567 BFD-STD-MIB June 14, 2012 1569 bfdSessDstAddr, 1570 bfdSessGTSM, 1571 bfdSessGTSMTTL, 1572 bfdSessDesiredMinTxInterval, 1573 bfdSessReqMinRxInterval, 1574 bfdSessReqMinEchoRxInterval, 1575 bfdSessDetectMult, 1576 bfdSessAuthPresFlag, 1577 bfdSessAuthenticationType, 1578 bfdSessAuthenticationKeyID, 1579 bfdSessAuthenticationKey, 1580 bfdSessStorageType, 1581 bfdSessRowStatus, 1582 bfdSessDiscMapStorageType, 1583 bfdSessDiscMapRowStatus, 1584 bfdSessIpMapStorageType, 1585 bfdSessIpMapRowStatus 1586 } 1587 STATUS current 1588 DESCRIPTION 1589 "Collection of objects needed for BFD sessions." 1590 ::= { bfdGroups 1 } 1592 bfdSessionReadOnlyGroup OBJECT-GROUP 1593 OBJECTS { 1594 bfdSessDiscriminator, 1595 bfdSessRemoteDiscr, 1596 bfdSessState, 1597 bfdSessRemoteHeardFlag, 1598 bfdSessDiag, 1599 bfdSessNegotiatedInterval, 1600 bfdSessNegotiatedEchoInterval, 1601 bfdSessNegotiatedDetectMult, 1602 bfdSessDiscMapIndex, 1603 bfdSessIpMapIndex 1604 } 1605 STATUS current 1606 DESCRIPTION 1607 "Collection of read-only objects needed for BFD sessions." 1608 ::= { bfdGroups 2 } 1610 bfdSessionPerfGroup OBJECT-GROUP 1611 OBJECTS { 1612 bfdSessPerfCtrlPktIn, 1613 bfdSessPerfCtrlPktOut, 1614 bfdSessPerfCtrlPktDrop, 1615 bfdSessPerfCtrlPktDropLastTime, 1616 bfdSessPerfEchoPktIn, 1617 BFD-STD-MIB June 14, 2012 1619 bfdSessPerfEchoPktOut, 1620 bfdSessPerfEchoPktDrop, 1621 bfdSessPerfEchoPktDropLastTime, 1622 bfdSessUpTime, 1623 bfdSessPerfLastSessDownTime, 1624 bfdSessPerfLastCommLostDiag, 1625 bfdSessPerfSessUpCount, 1626 bfdSessPerfDiscTime 1627 } 1628 STATUS current 1629 DESCRIPTION 1630 "Collection of objects needed to monitor the 1631 performance of BFD sessions." 1632 ::= { bfdGroups 3 } 1634 bfdSessionPerfHCGroup OBJECT-GROUP 1635 OBJECTS { 1636 bfdSessPerfCtrlPktInHC, 1637 bfdSessPerfCtrlPktOutHC, 1638 bfdSessPerfCtrlPktDropHC, 1639 bfdSessPerfEchoPktInHC, 1640 bfdSessPerfEchoPktOutHC, 1641 bfdSessPerfEchoPktDropHC 1642 } 1643 STATUS current 1644 DESCRIPTION 1645 "Collection of objects needed to monitor the 1646 performance of BFD sessions for which the 1647 values of bfdSessPerfPktIn, bfdSessPerfPktOut 1648 wrap around too quickly." 1649 ::= { bfdGroups 4 } 1651 bfdNotificationGroup NOTIFICATION-GROUP 1652 NOTIFICATIONS { 1653 bfdSessUp, 1654 bfdSessDown 1655 } 1656 STATUS current 1657 DESCRIPTION 1658 "Set of notifications implemented in this 1659 module." 1660 ::= { bfdGroups 5 } 1662 END 1664 6. Security Considerations 1665 BFD-STD-MIB June 14, 2012 1667 As BFD may be tied into the stability of the network infrastructure 1668 (such as routing protocols), the effects of an attack on a BFD 1669 session may be very serious. This ultimately has denial-of-service 1670 effects, as links may be declared to be down (or falsely declared to 1671 be up.) As such, improper manipulation of the objects represented by 1672 this MIB may result in denial of service to a large number of end- 1673 users. 1675 There are a number of management objects defined in this MIB module 1676 with a MAX-ACCESS clause of read-write and/or read-create. Such 1677 objects may be considered sensitive or vulnerable in some network 1678 environments. The support for SET operations in a non-secure 1679 environment without proper protection can have a negative effect on 1680 network operations. These are the tables and objects and their 1681 sensitivity/vulnerability: 1683 o bfdSessAdminStatus - Improper change of bfdSessAdminStatus, from 1684 start to stop, can cause significant disruption of the 1685 connectivity to those portions of the Internet reached via the 1686 applicable remote BFD peer. 1688 o bfdSessDesiredMinTxInterval, bfdSessReqMinRxInterval, 1689 bfdSessReqMinEchoRxInterval, bfdSessDetectMult - Improper change 1690 of this object can cause connections to be disrupted for extremely 1691 long time periods when otherwise they would be restored in a 1692 relatively short period of time. 1694 There are a number of management objects defined in this MIB module 1695 with a MAX-ACCESS clause of read-write and/or read-create. Such 1696 objects may be considered sensitive or vulnerable in some network 1697 environments. It is thus important to control even GET and/or NOTIFY 1698 access to these objects and possibly to even encrypt the values of 1699 these objects when sending them over the network via SNMP. 1701 o The bfdSessTable may be used to directly configure BFD sessions. 1702 The bfdSessMapTable can be used indirectly in the same way. 1703 Unauthorized access to objects in this table could result in 1704 disruption of traffic on the network. This is especially true if 1705 an unauthorized user configures enough tables to invoke a denial 1706 of service attack on the device where they are configured, or on a 1707 remote device where the sessions terminate. 1709 Some of the readable objects in this MIB module (i.e., objects with a 1710 MAX-ACCESS other than not-accessible) may be considered sensitive or 1711 vulnerable in some network environments. It is thus important to 1712 control even GET and/or NOTIFY access to these objects and possibly 1713 to even encrypt the values of these objects when sending them over 1714 BFD-STD-MIB June 14, 2012 1716 the network via SNMP. These are the tables and objects and their 1717 sensitivity/vulnerability: 1719 o The bfdSessPerfTable both allows access to the performance 1720 characteristics of BFD sessions. Network administrators not 1721 wishing to show this information should consider this table 1722 sensitive. 1724 The bfdSessAuthenticationType, bfdSessAuthenticationKeyID, and 1725 bfdSessAuthenticationKey objects hold security methods and associated 1726 security keys of BFD sessions. These objects SHOULD be considered 1727 highly sensitive objects. In order for these sensitive information 1728 from being improperly accessed, implementors MAY wish to disallow 1729 read and create access to these objects. 1731 SNMP versions prior to SNMPv3 did not include adequate security. 1732 Even if the network itself is secure "for example by using IPSec", 1733 even then, there is no control as to who on the secure network is 1734 allowed to access and GET/SET "read/change/create/delete" the objects 1735 in these MIB modules. 1737 It is RECOMMENDED that implementers consider the security features as 1738 provided by the SNMPv3 framework "see [RFC3410], section 8", 1739 including full support for the SNMPv3 cryptographic mechanisms "for 1740 authentication and privacy". 1742 Further, deployment of SNMP versions prior to SNMPv3 is NOT 1743 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 1744 enable cryptographic security. It is then a customer/operator 1745 responsibility to ensure that the SNMP entity giving access to an 1746 instance of this MIB module, is properly configured to give access to 1747 the objects only to those principals "users" that have legitimate 1748 rights to indeed GET or SET "change/create/delete" them. 1750 7. IANA Considerations 1752 The MIB module in this document uses the following IANA-assigned 1753 OBJECT IDENTIFIER values recorded in the SMI Numbers registry: 1755 Descriptor OBJECT IDENTIFIER value 1756 ---------- ----------------------- 1758 bfdMib { mib-2 XXX } 1760 [Editor's Note (to be removed prior to publication): the IANA is 1761 requested to assign a value for "XXX" under the 'mib-2' subtree and 1762 to record the assignment in the SMI Numbers registry. When the 1763 BFD-STD-MIB June 14, 2012 1765 assignment has been made, the RFC Editor is asked to replace "XXX" 1766 (here and in the MIB module) with the assigned value and to remove 1767 this note.] 1769 This document also requests IANA to manage the registry for the 1770 BfdDiagTC object. 1772 8. References 1774 8.1. Normative References 1776 [BFD] Katz, D. and D. Ward, "Bidirectional Forwarding 1777 Detection (BFD)", RFC 5880, June 2012. 1779 [BFD-1HOP] Katz, D. and D. Ward, "Bidirectional Forwarding 1780 Detection (BFD) for IPv4 and IPv6 (Single Hop)", 1781 RFC 5881, June 2012. 1783 [BFD-MH] Katz, D. and D. Ward, "Bidirectional Forwarding 1784 Detection (BFD) for Multihop Paths", RFC 5883, 1785 June 2012. 1787 [BFD-TC] Nadeau, T., Ali, Z. and N. Akiya, "Definitions of Textual 1788 Conventions (TCs) for Bidirectional Forwarding Detection 1789 (BFD) Management", 1790 ID Document: draft-ietf-bfd-tc-mib-01.txt, June 2012. 1792 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1793 Schoenwaelder, Ed., "Structure of Management Information 1794 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. 1796 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1797 Schoenwaelder, Ed., "Textual Conventions for SMIv2", 1798 STD 58, RFC 2579, April 1999. 1800 [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 1801 "Conformance Statements for SMIv2", STD 58, RFC 2580, 1802 April 1999. 1804 8.2. Informative References 1806 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1807 Requirement Levels", BCP 14, RFC 2119, March 1997. 1809 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group 1810 MIB", RFC 2863, June 2000. 1812 BFD-STD-MIB June 14, 2012 1814 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 1815 "Introduction and Applicability Statements for Internet- 1816 Standard Management Framework", RFC 3410, December 2002. 1818 [RFC3413] Levi, D., Meyer, P., and B. Stewart, "Simple Network 1819 Management Protocol (SNMP) Applications", STD 62, 1820 RFC 3413, December 2002. 1822 [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. 1823 Schoenwaelder, "Textual Conventions for Internet Network 1824 Addresses", RFC 4001, February 2005. 1826 Appendix A. Acknowledgments 1828 We would like to thank David Ward, Jeffrey Haas, Reshad Rahman, David 1829 Toscano, Sylvain Masse, Mark Tooker, and Kiran Koushik Agrahara 1830 Sreenivasa for their comments and suggestions. 1832 Authors' Addresses 1834 Thomas D. Nadeau 1835 Juniper Networks 1837 Email: tnadeau@juniper.net 1839 Zafar Ali 1840 Cisco Systems, Inc. 1841 2000 Innovation Drive 1842 Kanata, Ontario K2K 3E8 1843 Canada 1845 Email: zali@cisco.com 1847 Nobo Akiya 1848 Cisco Systems G.K. 1849 Shinjuku Mitsui Building 1850 2-1-1 Nishi-Shinjuku, Shinjuku-Ku 1851 Tokyo 163-0409 1852 Japan 1854 Email: nobo@cisco.com