idnits 2.17.1 draft-ietf-bfd-mib-16.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (November 21, 2013) is 3809 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-08) exists of draft-ietf-bfd-tc-mib-03 Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group T. Nadeau 3 Internet-Draft Juniper Networks 4 Intended status: Standards Track Z. Ali 5 Expires: May 25, 2014 N. Akiya 6 Cisco Systems 7 November 21, 2013 9 BFD Management Information Base 10 draft-ietf-bfd-mib-16 12 Abstract 14 This draft defines a portion of the Management Information Base (MIB) 15 for use with network management protocols in the Internet community. 16 In particular, it describes managed objects for modeling 17 Bidirectional Forwarding Detection (BFD) protocol. 19 Requirements Language 21 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 22 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 23 "OPTIONAL" in this document are to be interpreted as described in BCP 24 14, RFC 2119 [RFC2119]. 26 Status of This Memo 28 This Internet-Draft is submitted in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF). Note that other groups may also distribute 33 working documents as Internet-Drafts. The list of current Internet- 34 Drafts is at http://datatracker.ietf.org/drafts/current/. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 This Internet-Draft will expire on May 25, 2014. 43 Copyright Notice 45 Copyright (c) 2013 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (http://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the Simplified BSD License. 58 Table of Contents 60 1. The Internet-Standard Management Framework . . . . . . . . . 2 61 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 62 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 63 4. Brief Description of MIB Objects . . . . . . . . . . . . . . 3 64 4.1. General Variables . . . . . . . . . . . . . . . . . . . . 3 65 4.2. Session Table (bfdSessionTable) . . . . . . . . . . . . . 3 66 4.3. Session Performance Table (bfdSessionPerfTable) . . . . . 3 67 4.4. BFD Session Discriminator Mapping Table 68 (bfdSessDiscMapTable) . . . . . . . . . . . . . . . . . . 3 69 4.5. BFD Session IP Mapping Table (bfdSessIpMapTable) . . . . 3 70 5. BFD MIB Module Definitions . . . . . . . . . . . . . . . . . 4 71 6. Security Considerations . . . . . . . . . . . . . . . . . . . 34 72 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 36 73 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 36 74 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 36 75 9.1. Normative References . . . . . . . . . . . . . . . . . . 36 76 9.2. Informative References . . . . . . . . . . . . . . . . . 37 78 1. The Internet-Standard Management Framework 80 For a detailed overview of the documents that describe the current 81 Internet-Standard Management Framework, please refer to section 7 of 82 RFC 3410 [RFC3410]. 84 Managed objects are accessed via a virtual information store, termed 85 the Management Information Base or MIB. MIB objects are generally 86 accessed through the Simple Network Management Protocol (SNMP). 87 Objects in the MIB are defined using the mechanisms defined in the 88 Structure of Management Information (SMI). This memo specifies a MIB 89 module that is compliant to the SMIv2, which is described in STD 58, 90 RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 91 [RFC2580]. 93 2. Introduction 94 This memo defines an portion of the Management Information Base (MIB) 95 for use with network management protocols in the Internet community. 96 In particular, it describes managed objects to configure and/or 97 monitor Bi-Directional Forwarding Detection for [RFC5880], [RFC5881] 98 and [RFC5883], BFD versions 0 and/or 1, on devices supporting this 99 feature. 101 3. Terminology 103 This document adopts the definitions, acronyms and mechanisms 104 described in [RFC5880], [RFC5881] and [RFC5883]. Unless otherwise 105 stated, the mechanisms described therein will not be re-described 106 here. 108 4. Brief Description of MIB Objects 110 This section describes objects pertaining to BFD. The MIB objects 111 are derived from [RFC5880], [RFC5881] and [RFC5883], and also include 112 textual conventions defined in [I-D.ietf-bfd-tc-mib]. 114 4.1. General Variables 116 The General Variables are used to identify parameters that are global 117 to the BFD process. 119 4.2. Session Table (bfdSessionTable) 121 The session table is used to identify a BFD session between a pair of 122 nodes. 124 4.3. Session Performance Table (bfdSessionPerfTable) 126 The session performance table is used for collecting BFD performance 127 counters on a per session basis. This table is an AUGMENT to the 128 bfdSessionTable. 130 4.4. BFD Session Discriminator Mapping Table (bfdSessDiscMapTable) 132 The BFD Session Discriminator Mapping Table maps a local 133 discriminator value to associated BFD session's IANAbfdSessIndexTC 134 used in the bfdSessionTable. 136 4.5. BFD Session IP Mapping Table (bfdSessIpMapTable) 137 The BFD Session IP Mapping Table maps, given bfdSessInterface, 138 bfdSessSrcAddrType, bfdSessSrcAddr, bfdSessDstAddrType, and 139 bfdSessDstAddr, to an associated BFD session's IANAbfdSessIndexTC 140 used in the bfdSessionTable. This table SHOULD contains those BFD 141 sessions that are of IP type. 143 5. BFD MIB Module Definitions 145 This MIB module makes references to the following documents. 146 [RFC2579], [RFC2580], [RFC2863], [RFC4001], and [RFC3413]. 148 BFD-STD-MIB DEFINITIONS ::= BEGIN 150 IMPORTS 151 MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, 152 mib-2, Integer32, Unsigned32, Counter32, Counter64 153 FROM SNMPv2-SMI 155 TruthValue, RowStatus, StorageType, TimeStamp 156 FROM SNMPv2-TC 158 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP 159 FROM SNMPv2-CONF 161 InterfaceIndexOrZero 162 FROM IF-MIB 164 InetAddress, InetAddressType, InetPortNumber 165 FROM INET-ADDRESS-MIB 167 IANAbfdSessIndexTC, IANAbfdIntervalTC, IANAbfdMultiplierTC, 168 IANAbfdDiagTC, IANAbfdSessTypeTC, IANAbfdSessOperModeTC, 169 IANAbfdCtrlDestPortNumberTC, IANAbfdCtrlSourcePortNumberTC, 170 IANAbfdSessStateTC, IANAbfdSessAuthenticationTypeTC, 171 IANAbfdSessAuthenticationKeyTC 172 FROM IANA-BFD-TC-STD-MIB; 174 bfdMIB MODULE-IDENTITY 175 LAST-UPDATED "201311211200Z" -- 21 Nov. 2013 12:00:00 EST 176 ORGANIZATION "IETF Bidirectional Forwarding Detection 177 Working Group" 178 CONTACT-INFO 179 "Thomas D. Nadeau 180 Juniper Networks 181 Email: tnadeau@lucidvision.com 183 Zafar Ali 184 Cisco Systems, Inc. 186 Email: zali@cisco.com 188 Nobo Akiya 189 Cisco Systems, Inc. 190 Email: nobo@cisco.com 192 Comments about this document should be emailed directly 193 to the BFD working group mailing list at 194 rtg-bfd@ietf.org" 195 DESCRIPTION 196 "Bidirectional Forwarding Management Information Base." 197 REVISION "201311211200Z" -- 21 Nov. 2013 12:00:00 EST 198 DESCRIPTION 199 "Initial version. Published as RFC xxxx." 200 -- RFC Ed.: RFC-editor pls fill in xxxx 201 ::= { mib-2 XXX } 202 -- RFC Ed.: assigned by IANA, see section 7.1 for details 204 -- Top level components of this MIB module. 206 bfdNotifications OBJECT IDENTIFIER ::= { bfdMIB 0 } 208 bfdObjects OBJECT IDENTIFIER ::= { bfdMIB 1 } 210 bfdConformance OBJECT IDENTIFIER ::= { bfdMIB 2 } 212 bfdScalarObjects OBJECT IDENTIFIER ::= { bfdObjects 1 } 214 -- BFD General Variables 216 -- These parameters apply globally to the Systems' 217 -- BFD Process. 219 bfdAdminStatus OBJECT-TYPE 220 SYNTAX INTEGER { 221 enabled(1), 222 disabled(2) 223 } 224 MAX-ACCESS read-write 225 STATUS current 226 DESCRIPTION 227 "The global administrative status of BFD in this device. 228 The value 'enabled' denotes that the BFD Process is 229 active on at least one interface; 'disabled' disables 230 it on all interfaces." 231 DEFVAL { enabled } 232 ::= { bfdScalarObjects 1 } 234 bfdSessNotificationsEnable OBJECT-TYPE 235 SYNTAX TruthValue 236 MAX-ACCESS read-write 237 STATUS current 238 DESCRIPTION 239 "If this object is set to true(1), then it enables 240 the emission of bfdSessUp and bfdSessDown 241 notifications; otherwise these notifications are not 242 emitted." 243 REFERENCE 244 "See also RFC3413 for explanation that 245 notifications are under the ultimate control of the 246 MIB modules in this document." 247 DEFVAL { false } 248 ::= { bfdScalarObjects 2 } 250 -- BFD Session Table 251 -- The BFD Session Table specifies BFD session specific 252 -- information. 254 bfdSessTable OBJECT-TYPE 255 SYNTAX SEQUENCE OF BfdSessEntry 256 MAX-ACCESS not-accessible 257 STATUS current 258 DESCRIPTION 259 "The BFD Session Table describes the BFD sessions." 260 REFERENCE 261 "Katz, D. and D. Ward, Bidirectional Forwarding 262 Detection (BFD), RFC 5880, June 2012." 263 ::= { bfdObjects 2 } 265 bfdSessEntry OBJECT-TYPE 266 SYNTAX BfdSessEntry 267 MAX-ACCESS not-accessible 268 STATUS current 269 DESCRIPTION 270 "The BFD Session Entry describes BFD session." 271 INDEX { bfdSessIndex } 272 ::= { bfdSessTable 1 } 274 BfdSessEntry ::= SEQUENCE { 275 bfdSessIndex IANAbfdSessIndexTC, 276 bfdSessVersionNumber Unsigned32, 277 bfdSessType IANAbfdSessTypeTC, 278 bfdSessDiscriminator Unsigned32, 279 bfdSessRemoteDiscr Unsigned32, 280 bfdSessDestinationUdpPort IANAbfdCtrlDestPortNumberTC, 281 bfdSessSourceUdpPort IANAbfdCtrlSourcePortNumberTC, 282 bfdSessEchoSourceUdpPort InetPortNumber, 283 bfdSessAdminStatus INTEGER, 284 bfdSessState IANAbfdSessStateTC, 285 bfdSessRemoteHeardFlag TruthValue, 286 bfdSessDiag IANAbfdDiagTC, 287 bfdSessOperMode IANAbfdSessOperModeTC, 288 bfdSessDemandModeDesiredFlag TruthValue, 289 bfdSessControlPlaneIndepFlag TruthValue, 290 bfdSessMultipointFlag TruthValue, 291 bfdSessInterface InterfaceIndexOrZero, 292 bfdSessSrcAddrType InetAddressType, 293 bfdSessSrcAddr InetAddress, 294 bfdSessDstAddrType InetAddressType, 295 bfdSessDstAddr InetAddress, 296 bfdSessGTSM TruthValue, 297 bfdSessGTSMTTL Unsigned32, 298 bfdSessDesiredMinTxInterval IANAbfdIntervalTC, 299 bfdSessReqMinRxInterval IANAbfdIntervalTC, 300 bfdSessReqMinEchoRxInterval IANAbfdIntervalTC, 301 bfdSessDetectMult IANAbfdMultiplierTC, 302 bfdSessNegotiatedInterval IANAbfdIntervalTC, 303 bfdSessNegotiatedEchoInterval IANAbfdIntervalTC, 304 bfdSessNegotiatedDetectMult IANAbfdMultiplierTC, 305 bfdSessAuthPresFlag TruthValue, 306 bfdSessAuthenticationType IANAbfdSessAuthenticationTypeTC, 307 bfdSessAuthenticationKeyID Integer32, 308 bfdSessAuthenticationKey IANAbfdSessAuthenticationKeyTC, 309 bfdSessStorageType StorageType, 310 bfdSessRowStatus RowStatus 311 } 313 bfdSessIndex OBJECT-TYPE 314 SYNTAX IANAbfdSessIndexTC 315 MAX-ACCESS not-accessible 316 STATUS current 317 DESCRIPTION 318 "This object contains an index used to represent a 319 unique BFD session on this device." 320 ::= { bfdSessEntry 1 } 322 bfdSessVersionNumber OBJECT-TYPE 323 SYNTAX Unsigned32 (0..7) 324 MAX-ACCESS read-create 325 STATUS current 326 DESCRIPTION 327 "The version number of the BFD protocol that this session 328 is running in. Write access is available for this object 329 to provide ability to set desired version for this 330 BFD session." 331 REFERENCE 332 "Katz, D. and D. Ward, Bidirectional Forwarding 333 Detection (BFD), RFC 5880, June 2012." 334 DEFVAL { 1 } 335 ::= { bfdSessEntry 2 } 337 bfdSessType OBJECT-TYPE 338 SYNTAX IANAbfdSessTypeTC 339 MAX-ACCESS read-create 340 STATUS current 341 DESCRIPTION 342 "This object specifies the type of this BFD session." 343 ::= { bfdSessEntry 3 } 345 bfdSessDiscriminator OBJECT-TYPE 346 SYNTAX Unsigned32 (1..4294967295) 347 MAX-ACCESS read-create 348 STATUS current 349 DESCRIPTION 350 "This object specifies the local discriminator for this BFD 351 session, used to uniquely identify it." 352 ::= { bfdSessEntry 4 } 354 bfdSessRemoteDiscr OBJECT-TYPE 355 SYNTAX Unsigned32 (0 | 1..4294967295) 356 MAX-ACCESS read-only 357 STATUS current 358 DESCRIPTION 359 "This object specifies the session discriminator chosen 360 by the remote system for this BFD session. The value may 361 be zero(0) if the remote discriminator is not yet known 362 or if the session is in the down or adminDown(1) state." 363 REFERENCE 364 "Section 6.8.6, from Katz, D. and D. Ward, Bidirectional 365 Forwarding Detection (BFD), RFC 5880, June 2012." 366 ::= { bfdSessEntry 5 } 368 bfdSessDestinationUdpPort OBJECT-TYPE 369 SYNTAX IANAbfdCtrlDestPortNumberTC 370 MAX-ACCESS read-create 371 STATUS current 372 DESCRIPTION 373 "This object specifies the destination UDP port number 374 used for this BFD session's control packets. The value 375 may be zero(0) if the session is in adminDown(1) state." 376 DEFVAL { 0 } 377 ::= { bfdSessEntry 6 } 379 bfdSessSourceUdpPort OBJECT-TYPE 380 SYNTAX IANAbfdCtrlSourcePortNumberTC 381 MAX-ACCESS read-create 382 STATUS current 383 DESCRIPTION 384 "This object specifies the source UDP port number used 385 for this BFD session's control packets. The value may be 386 zero(0) if the session is in adminDown(1) state. Upon 387 creation of a new BFD session via this MIB, the value of 388 zero(0) specified would permit the implementation to 389 choose its own source port number." 390 DEFVAL { 0 } 391 ::= { bfdSessEntry 7 } 393 bfdSessEchoSourceUdpPort OBJECT-TYPE 394 SYNTAX InetPortNumber 395 MAX-ACCESS read-create 396 STATUS current 397 DESCRIPTION 398 "This object specifies the source UDP port number used for 399 this BFD session's echo packets. The value may be zero(0) 400 if the session is not running in the echo mode, or the 401 session is in adminDown(1) state. Upon creation of a new 402 BFD session via this MIB, the value of zero(0) would 403 permit the implementation to choose its own source port 404 number." 405 DEFVAL { 0 } 406 ::= { bfdSessEntry 8 } 408 bfdSessAdminStatus OBJECT-TYPE 409 SYNTAX INTEGER { 410 stop(1), 411 start(2) 412 } 413 MAX-ACCESS read-create 414 STATUS current 415 DESCRIPTION 416 "A transition from 'stop' to 'start' will start 417 the BFD state machine for the session. The state 418 machine will have an initial state of down. 419 A transition from 'start' to 'stop' will cause 420 the BFD session to be brought down to 421 adminDown(1). Care should be used in providing 422 write access to this object without adequate 423 authentication." 424 DEFVAL { 2 } 425 ::= { bfdSessEntry 9 } 427 bfdSessState OBJECT-TYPE 428 SYNTAX IANAbfdSessStateTC 429 MAX-ACCESS read-only 430 STATUS current 431 DESCRIPTION 432 "BFD session state." 433 DEFVAL { 2 } 434 ::= { bfdSessEntry 10 } 436 bfdSessRemoteHeardFlag OBJECT-TYPE 437 SYNTAX TruthValue 438 MAX-ACCESS read-only 439 STATUS current 440 DESCRIPTION 441 "This object specifies status of BFD packet reception from 442 the remote system. Specifically, it is set to true(1) if 443 the local system is actively receiving BFD packets from the 444 remote system, and is set to false(2) if the local system 445 has not received BFD packets recently (within the detection 446 time) or if the local system is attempting to tear down 447 the BFD session." 448 REFERENCE 449 "Katz, D. and D. Ward, Bidirectional 450 Forwarding Detection (BFD), RFC 5880, June 2012." 451 DEFVAL { false } 452 ::= { bfdSessEntry 11 } 454 bfdSessDiag OBJECT-TYPE 455 SYNTAX IANAbfdDiagTC 456 MAX-ACCESS read-only 457 STATUS current 458 DESCRIPTION 459 "A diagnostic code specifying the local system's reason 460 for the last transition of the session from up(4) 461 to some other state." 462 ::= { bfdSessEntry 12 } 464 bfdSessOperMode OBJECT-TYPE 465 SYNTAX IANAbfdSessOperModeTC 466 MAX-ACCESS read-create 467 STATUS current 468 DESCRIPTION 469 "This object specifies current operating mode that BFD 470 session is operating in." 471 ::= { bfdSessEntry 13 } 473 bfdSessDemandModeDesiredFlag OBJECT-TYPE 474 SYNTAX TruthValue 475 MAX-ACCESS read-create 476 STATUS current 477 DESCRIPTION 478 "This object indicates that the local system's 479 desire to use Demand mode. Specifically, it is set 480 to true(1) if the local system wishes to use 481 Demand mode or false(2) if not" 482 DEFVAL { false } 483 ::= { bfdSessEntry 14 } 485 bfdSessControlPlaneIndepFlag OBJECT-TYPE 486 SYNTAX TruthValue 487 MAX-ACCESS read-create 488 STATUS current 489 DESCRIPTION 490 "This object indicates that the local system's 491 ability to continue to function through a disruption of 492 the control plane. Specifically, it is set 493 to true(1) if the local system BFD implementation is 494 independent of the control plane. Otherwise, the 495 value is set to false(2)" 496 DEFVAL { false } 497 ::= { bfdSessEntry 15 } 499 bfdSessMultipointFlag OBJECT-TYPE 500 SYNTAX TruthValue 501 MAX-ACCESS read-create 502 STATUS current 503 DESCRIPTION 504 "This object indicates the Multipoint (M) bit for this 505 session. It is set to true(1) if Multipoint (M) bit is 506 set to 1. Otherwise, the value is set to false(2)" 507 DEFVAL { false } 508 ::= { bfdSessEntry 16 } 510 bfdSessInterface OBJECT-TYPE 511 SYNTAX InterfaceIndexOrZero 512 MAX-ACCESS read-create 513 STATUS current 514 DESCRIPTION 515 "This object contains an interface index used to indicate 516 the interface which this BFD session is running on. This 517 value can be zero if there is no interface associated 518 with this BFD session." 519 ::= { bfdSessEntry 17 } 521 bfdSessSrcAddrType OBJECT-TYPE 522 SYNTAX InetAddressType 523 MAX-ACCESS read-create 524 STATUS current 525 DESCRIPTION 526 "This object specifies IP address type of the source IP 527 address of this BFD session. Only values unknown(0), 528 ipv4(1), ipv6(2), or ipv6z(4) have to be supported. 529 The value of unknown(0) is allowed only when the session 530 is singleHop(1) and the source IP address of this BFD 531 session is derived from the outgoing interface, or when 532 the BFD session is not associated with a specific 533 interface. If any other unsupported values are attempted 534 in a set operation, the agent MUST return an 535 inconsistentValue error." 536 ::= { bfdSessEntry 18 } 538 bfdSessSrcAddr OBJECT-TYPE 539 SYNTAX InetAddress 540 MAX-ACCESS read-create 541 STATUS current 542 DESCRIPTION 543 "This object specifies the source IP address of this BFD 544 session." 545 ::= { bfdSessEntry 19 } 547 bfdSessDstAddrType OBJECT-TYPE 548 SYNTAX InetAddressType 549 MAX-ACCESS read-create 550 STATUS current 551 DESCRIPTION 552 "This object specifies IP address type of the neighboring IP 553 address which is being monitored with this BFD session. 554 Only values unknown(0), ipv4(1), ipv6(2), or ipv6z(4) 555 have to be supported. The value of unknown(0) is allowed 556 only when the session is singleHop(1) and the outgoing 557 interface is of type point-to-point, or when the BFD 558 session is not associated with a specific interface. If any 559 other unsupported values are attempted in a set operation, 560 the agent MUST return an inconsistentValue error." 561 ::= { bfdSessEntry 20 } 563 bfdSessDstAddr OBJECT-TYPE 564 SYNTAX InetAddress 565 MAX-ACCESS read-create 566 STATUS current 567 DESCRIPTION 568 "This object specifies the neighboring IP address which is 569 being monitored with this BFD session." 570 ::= { bfdSessEntry 21 } 572 bfdSessGTSM OBJECT-TYPE 573 SYNTAX TruthValue 574 MAX-ACCESS read-create 575 STATUS current 576 DESCRIPTION 577 "Setting the value of this object to true(1) will enable GTSM 578 protection of the BFD session. GTSM MUST be enabled on a 579 singleHop(1) session if no authentication is in use." 580 REFERENCE 581 "RFC5082, The Generalized TTL Security Mechanism (GTSM). 582 RFC5881, Section 5" 583 DEFVAL { false } 584 ::= { bfdSessEntry 22 } 586 bfdSessGTSMTTL OBJECT-TYPE 587 SYNTAX Unsigned32 (0..255) 588 MAX-ACCESS read-create 589 STATUS current 590 DESCRIPTION 591 "This object is valid only when bfdSessGTSM protection is 592 enabled on the system. This object specifies the minimum 593 allowed TTL for received BFD control packets. For 594 singleHop(1) session, if GTSM protection is enabled, 595 this object SHOULD be set to maximum TTL allowed for 596 single hop. The value of zero(0) indicates that 597 bfdSessGTSM is disabled." 598 REFERENCE 599 "RFC5082, The Generalized TTL Security Mechanism (GTSM). 600 RFC5881, Section 5" 601 DEFVAL { 0 } 602 ::= { bfdSessEntry 23 } 604 bfdSessDesiredMinTxInterval OBJECT-TYPE 605 SYNTAX IANAbfdIntervalTC 606 MAX-ACCESS read-create 607 STATUS current 608 DESCRIPTION 609 "This object specifies the minimum interval, in 610 microseconds, that the local system would like to use 611 when transmitting BFD Control packets. The value of 612 zero(0) is reserved, and should not be used." 613 REFERENCE 614 "Section 4.1 from Katz, D. and D. Ward, Bidirectional 615 Forwarding Detection (BFD), RFC 5880, June 2012." 616 ::= { bfdSessEntry 24 } 618 bfdSessReqMinRxInterval OBJECT-TYPE 619 SYNTAX IANAbfdIntervalTC 620 MAX-ACCESS read-create 621 STATUS current 622 DESCRIPTION 623 "This object specifies the minimum interval, in 624 microseconds, between received BFD Control packets the 625 local system is capable of supporting. The value of 626 zero(0) can be specified when the transmitting system 627 does not want the remote system to send any periodic BFD 628 control packets." 629 REFERENCE 630 "Section 4.1 from Katz, D. and D. Ward, Bidirectional 631 Forwarding Detection (BFD), RFC 5880, June 2012." 632 ::= { bfdSessEntry 25 } 634 bfdSessReqMinEchoRxInterval OBJECT-TYPE 635 SYNTAX IANAbfdIntervalTC 636 MAX-ACCESS read-create 637 STATUS current 638 DESCRIPTION 639 "This object specifies the minimum interval, in 640 microseconds, between received BFD Echo packets that this 641 system is capable of supporting. Value must be zero(0) if 642 this is a multihop BFD session." 643 ::= { bfdSessEntry 26 } 645 bfdSessDetectMult OBJECT-TYPE 646 SYNTAX IANAbfdMultiplierTC 647 MAX-ACCESS read-create 648 STATUS current 649 DESCRIPTION 650 "This object specifies the Detect time multiplier." 651 ::= { bfdSessEntry 27 } 653 bfdSessNegotiatedInterval OBJECT-TYPE 654 SYNTAX IANAbfdIntervalTC 655 MAX-ACCESS read-only 656 STATUS current 657 DESCRIPTION 658 "This object specifies the negotiated interval, in 659 microseconds, that the local system is transmitting 660 BFD Control packets." 661 ::= { bfdSessEntry 28 } 663 bfdSessNegotiatedEchoInterval OBJECT-TYPE 664 SYNTAX IANAbfdIntervalTC 665 MAX-ACCESS read-only 666 STATUS current 667 DESCRIPTION 668 "This object specifies the negotiated interval, in 669 microseconds, that the local system is transmitting 670 BFD echo packets. Value is expected to be zero if 671 the sessions is not running in echo mode." 672 ::= { bfdSessEntry 29 } 674 bfdSessNegotiatedDetectMult OBJECT-TYPE 675 SYNTAX IANAbfdMultiplierTC 676 MAX-ACCESS read-only 677 STATUS current 678 DESCRIPTION 679 "This object specifies the Detect time multiplier." 680 ::= { bfdSessEntry 30 } 682 bfdSessAuthPresFlag OBJECT-TYPE 683 SYNTAX TruthValue 684 MAX-ACCESS read-create 685 STATUS current 686 DESCRIPTION 687 "This object indicates that the local system's 688 desire to use Authentication. Specifically, it is set 689 to true(1) if the local system wishes the session 690 to be authenticated or false(2) if not." 691 REFERENCE 692 "Sections 4.2 - 4.4 from Katz, D. and D. Ward, 693 Bidirectional Forwarding Detection (BFD), RFC 5880, 694 June 2012." 695 DEFVAL { false } 696 ::= { bfdSessEntry 31 } 698 bfdSessAuthenticationType OBJECT-TYPE 699 SYNTAX IANAbfdSessAuthenticationTypeTC 700 MAX-ACCESS read-create 701 STATUS current 702 DESCRIPTION 703 "The Authentication Type used for this BFD session. 704 This field is valid only when the Authentication 705 Present bit is set. Max-access to this object as well as 706 other authentication related objects are set to 707 read-create in order to support management of a single 708 key ID at a time, key rotation is not handled. Key update 709 in practice must be done by atomic update using a set 710 containing all affected objects in the same varBindList 711 or otherwise risk the session dropping. Value -1 712 indicates that no authentication is in use for this 713 session." 714 REFERENCE 715 "Sections 4.2 - 4.4 from Katz, D. and D. Ward, 716 Bidirectional Forwarding Detection (BFD), RFC 5880, 717 June 2012." 718 DEFVAL { -1 } 719 ::= { bfdSessEntry 32 } 721 bfdSessAuthenticationKeyID OBJECT-TYPE 722 SYNTAX Integer32 (-1 | 0..255) 723 MAX-ACCESS read-create 724 STATUS current 725 DESCRIPTION 726 "The authentication key ID in use for this session. This 727 object permits multiple keys to be active simultaneously. 728 When bfdSessAuthPresFlag is false(2), then the value 729 of this object MUST be -1. The value -1 indicates that 730 no Authentication Key ID will be present in the optional 731 BFD Authentication Section." 732 REFERENCE 733 "Sections 4.2 - 4.4 from Katz, D. and D. Ward, 734 Bidirectional Forwarding Detection (BFD), RFC 5880, 735 June 2012." 736 DEFVAL { -1 } 737 ::= { bfdSessEntry 33 } 739 bfdSessAuthenticationKey OBJECT-TYPE 740 SYNTAX IANAbfdSessAuthenticationKeyTC 741 MAX-ACCESS read-create 742 STATUS current 743 DESCRIPTION 744 "The authentication key. When the 745 bfdSessAuthenticationType is simplePassword(1), the value 746 of this object is the password present in the BFD packets. 748 When the bfdSessAuthenticationType is one of the keyed 749 authentication types, this value is used in the 750 computation of the key present in the BFD authentication 751 packet." 752 REFERENCE 753 "Sections 4.2 - 4.4 from Katz, D. and D. Ward, 754 Bidirectional Forwarding Detection (BFD), RFC 5880, 755 June 2012." 756 ::= { bfdSessEntry 34 } 758 bfdSessStorageType OBJECT-TYPE 759 SYNTAX StorageType 760 MAX-ACCESS read-create 761 STATUS current 762 DESCRIPTION 763 "This variable indicates the storage type for this 764 object. Conceptual rows having the value 765 'permanent' need not allow write-access to any 766 columnar objects in the row." 767 ::= { bfdSessEntry 35 } 769 bfdSessRowStatus OBJECT-TYPE 770 SYNTAX RowStatus 771 MAX-ACCESS read-create 772 STATUS current 773 DESCRIPTION 774 "This variable is used to create, modify, and/or 775 delete a row in this table. When a row in this 776 table has a row in the active(1) state, no 777 objects in this row can be modified except the 778 bfdSessRowStatus and bfdSessStorageType." 779 ::= { bfdSessEntry 36 } 781 -- BFD Session Performance Table 783 bfdSessPerfTable OBJECT-TYPE 784 SYNTAX SEQUENCE OF BfdSessPerfEntry 785 MAX-ACCESS not-accessible 786 STATUS current 787 DESCRIPTION 788 "This table specifies BFD Session performance counters." 789 ::= { bfdObjects 3 } 791 bfdSessPerfEntry OBJECT-TYPE 792 SYNTAX BfdSessPerfEntry 793 MAX-ACCESS not-accessible 794 STATUS current 795 DESCRIPTION 796 "An entry in this table is created by a BFD-enabled node 797 for every BFD Session. bfdSessPerfDiscTime is used to 798 indicate potential discontinuity for all counter objects 799 in this table." 800 AUGMENTS { bfdSessEntry } 801 ::= { bfdSessPerfTable 1 } 803 BfdSessPerfEntry ::= SEQUENCE { 804 bfdSessPerfCtrlPktIn Counter32, 805 bfdSessPerfCtrlPktOut Counter32, 806 bfdSessPerfCtrlPktDrop Counter32, 807 bfdSessPerfCtrlPktDropLastTime TimeStamp, 808 bfdSessPerfEchoPktIn Counter32, 809 bfdSessPerfEchoPktOut Counter32, 810 bfdSessPerfEchoPktDrop Counter32, 811 bfdSessPerfEchoPktDropLastTime TimeStamp, 812 bfdSessUpTime TimeStamp, 813 bfdSessPerfLastSessDownTime TimeStamp, 814 bfdSessPerfLastCommLostDiag IANAbfdDiagTC, 815 bfdSessPerfSessUpCount Counter32, 816 bfdSessPerfDiscTime TimeStamp, 818 -- High Capacity Counters 819 bfdSessPerfCtrlPktInHC Counter64, 820 bfdSessPerfCtrlPktOutHC Counter64, 821 bfdSessPerfCtrlPktDropHC Counter64, 822 bfdSessPerfEchoPktInHC Counter64, 823 bfdSessPerfEchoPktOutHC Counter64, 824 bfdSessPerfEchoPktDropHC Counter64 825 } 827 bfdSessPerfCtrlPktIn OBJECT-TYPE 828 SYNTAX Counter32 829 MAX-ACCESS read-only 830 STATUS current 831 DESCRIPTION 832 "The total number of BFD control messages received for this 833 BFD session. 835 It MUST be equal to the least significant 32 bits of 836 bfdSessPerfCtrlPktInHC if supported, and MUST do so 837 with the rules spelled out in RFC 2863." 838 ::= { bfdSessPerfEntry 1 } 840 bfdSessPerfCtrlPktOut OBJECT-TYPE 841 SYNTAX Counter32 842 MAX-ACCESS read-only 843 STATUS current 844 DESCRIPTION 845 "The total number of BFD control messages sent for this BFD 846 session. 848 It MUST be equal to the least significant 32 bits of 849 bfdSessPerfCtrlPktOutHC if supported, and MUST do so 850 with the rules spelled out in RFC 2863." 851 ::= { bfdSessPerfEntry 2 } 853 bfdSessPerfCtrlPktDrop OBJECT-TYPE 854 SYNTAX Counter32 855 MAX-ACCESS read-only 856 STATUS current 857 DESCRIPTION 858 "The total number of BFD control messages received for this 859 session yet dropped for being invalid. 861 It MUST be equal to the least significant 32 bits of 862 bfdSessPerfCtrlPktDropHC if supported, and MUST do so 863 with the rules spelled out in RFC 2863." 864 ::= { bfdSessPerfEntry 3 } 866 bfdSessPerfCtrlPktDropLastTime OBJECT-TYPE 867 SYNTAX TimeStamp 868 MAX-ACCESS read-only 869 STATUS current 870 DESCRIPTION 871 "The value of sysUpTime on the most recent occasion at 872 which received BFD control message for this session was 873 dropped. If no such up event exists, this object contains 874 a zero value." 875 ::= { bfdSessPerfEntry 4 } 877 bfdSessPerfEchoPktIn OBJECT-TYPE 878 SYNTAX Counter32 879 MAX-ACCESS read-only 880 STATUS current 881 DESCRIPTION 882 "The total number of BFD echo messages received for this 883 BFD session. 885 It MUST be equal to the least significant 32 bits of 886 bfdSessPerfEchoPktInHC if supported, and MUST do so 887 with the rules spelled out in RFC 2863." 888 ::= { bfdSessPerfEntry 5 } 890 bfdSessPerfEchoPktOut OBJECT-TYPE 891 SYNTAX Counter32 892 MAX-ACCESS read-only 893 STATUS current 894 DESCRIPTION 895 "The total number of BFD echo messages sent for this BFD 896 session. 898 It MUST be equal to the least significant 32 bits of 899 bfdSessPerfEchoPktOutHC if supported, and MUST do so 900 with the rules spelled out in RFC 2863." 901 ::= { bfdSessPerfEntry 6 } 903 bfdSessPerfEchoPktDrop OBJECT-TYPE 904 SYNTAX Counter32 905 MAX-ACCESS read-only 906 STATUS current 907 DESCRIPTION 908 "The total number of BFD echo messages received for this 909 session yet dropped for being invalid. 911 It MUST be equal to the least significant 32 bits of 912 bfdSessPerfEchoPktDropHC if supported, and MUST do so 913 with the rules spelled out in RFC 2863." 914 ::= { bfdSessPerfEntry 7 } 916 bfdSessPerfEchoPktDropLastTime OBJECT-TYPE 917 SYNTAX TimeStamp 918 MAX-ACCESS read-only 919 STATUS current 920 DESCRIPTION 921 "The value of sysUpTime on the most recent occasion at 922 which received BFD echo message for this session was 923 dropped. If no such up event exists, this object contains 924 a zero value." 925 ::= { bfdSessPerfEntry 8 } 927 bfdSessUpTime OBJECT-TYPE 928 SYNTAX TimeStamp 929 MAX-ACCESS read-only 930 STATUS current 931 DESCRIPTION 932 "The value of sysUpTime on the most recent occasion at which 933 the session came up. If no such up event exists this object 934 contains a zero value." 935 ::= { bfdSessPerfEntry 9 } 937 bfdSessPerfLastSessDownTime OBJECT-TYPE 938 SYNTAX TimeStamp 939 MAX-ACCESS read-only 940 STATUS current 941 DESCRIPTION 942 "The value of sysUpTime on the most recent occasion at 943 which the last time communication was lost with the 944 neighbor. If no such down event exist this object 945 contains a zero value." 946 ::= { bfdSessPerfEntry 10 } 948 bfdSessPerfLastCommLostDiag OBJECT-TYPE 949 SYNTAX IANAbfdDiagTC 950 MAX-ACCESS read-only 951 STATUS current 952 DESCRIPTION 953 "The BFD diag code for the last time communication was lost 954 with the neighbor. If no such down event exists this object 955 contains a zero value." 956 ::= { bfdSessPerfEntry 11 } 958 bfdSessPerfSessUpCount OBJECT-TYPE 959 SYNTAX Counter32 960 MAX-ACCESS read-only 961 STATUS current 962 DESCRIPTION 963 "The number of times this session has gone into the Up 964 state since the system last rebooted." 965 ::= { bfdSessPerfEntry 12 } 967 bfdSessPerfDiscTime OBJECT-TYPE 968 SYNTAX TimeStamp 969 MAX-ACCESS read-only 970 STATUS current 971 DESCRIPTION 972 "The value of sysUpTime on the most recent occasion at 973 which any one or more of the session counters suffered 974 a discontinuity. 976 The relevant counters are the specific instances associated 977 with this BFD session of any Counter32 object contained in 978 the BfdSessPerfTable. If no such discontinuities have 979 occurred since the last re-initialization of the local 980 management subsystem, then this object contains a zero 981 value." 982 ::= { bfdSessPerfEntry 13 } 984 bfdSessPerfCtrlPktInHC OBJECT-TYPE 985 SYNTAX Counter64 986 MAX-ACCESS read-only 987 STATUS current 988 DESCRIPTION 989 "This value represents the total number of BFD control 990 messages received for this BFD session. 992 The least significant 32 bits MUST equal to 993 bfdSessPerfCtrlPktIn, and MUST do so with 994 the rules spelled out in RFC 2863." 995 ::= { bfdSessPerfEntry 14 } 997 bfdSessPerfCtrlPktOutHC OBJECT-TYPE 998 SYNTAX Counter64 999 MAX-ACCESS read-only 1000 STATUS current 1001 DESCRIPTION 1002 "This value represents the total number of BFD control 1003 messages transmitted for this BFD session. 1005 The least significant 32 bits MUST equal to 1006 bfdSessPerfCtrlPktOut, and MUST do so with 1007 the rules spelled out in RFC 2863." 1008 ::= { bfdSessPerfEntry 15 } 1010 bfdSessPerfCtrlPktDropHC OBJECT-TYPE 1011 SYNTAX Counter64 1012 MAX-ACCESS read-only 1013 STATUS current 1014 DESCRIPTION 1015 "This value represents the total number of BFD control 1016 messages received for this BFD session yet dropped for 1017 being invalid. 1019 The least significant 32 bits MUST equal to 1020 bfdSessPerfCtrlPktDrop, and MUST do so with 1021 the rules spelled out in RFC 2863." 1022 ::= { bfdSessPerfEntry 16 } 1024 bfdSessPerfEchoPktInHC OBJECT-TYPE 1025 SYNTAX Counter64 1026 MAX-ACCESS read-only 1027 STATUS current 1028 DESCRIPTION 1029 "This value represents the total number of BFD echo 1030 messages received for this BFD session. 1032 The least significant 32 bits MUST equal to 1033 bfdSessPerfEchoPktIn, and MUST do so with 1034 the rules spelled out in RFC 2863." 1035 ::= { bfdSessPerfEntry 17 } 1037 bfdSessPerfEchoPktOutHC OBJECT-TYPE 1038 SYNTAX Counter64 1039 MAX-ACCESS read-only 1040 STATUS current 1041 DESCRIPTION 1042 "This value represents the total number of BFD echo 1043 messages transmitted for this BFD session. 1045 The least significant 32 bits MUST equal to 1046 bfdSessPerfEchoPktOut, and MUST do so with 1047 the rules spelled out in RFC 2863." 1048 ::= { bfdSessPerfEntry 18 } 1050 bfdSessPerfEchoPktDropHC OBJECT-TYPE 1051 SYNTAX Counter64 1052 MAX-ACCESS read-only 1053 STATUS current 1054 DESCRIPTION 1055 "This value represents the total number of BFD echo 1056 messages received for this BFD session yet dropped 1057 for being invalid. 1059 The least significant 32 bits MUST equal to 1060 bfdSessPerfEchoPktDrop, and MUST do so with 1061 the rules spelled out in RFC 2863." 1062 ::= { bfdSessPerfEntry 19 } 1064 -- BFD Session Discriminator Mapping Table 1066 bfdSessDiscMapTable OBJECT-TYPE 1067 SYNTAX SEQUENCE OF BfdSessDiscMapEntry 1068 MAX-ACCESS not-accessible 1069 STATUS current 1070 DESCRIPTION 1071 "The BFD Session Discriminator Mapping Table maps a 1072 local discriminator value to associated BFD session's 1073 IANAbfdSessIndexTC used in the bfdSessionTable." 1074 ::= { bfdObjects 4 } 1076 bfdSessDiscMapEntry OBJECT-TYPE 1077 SYNTAX BfdSessDiscMapEntry 1078 MAX-ACCESS not-accessible 1079 STATUS current 1080 DESCRIPTION 1081 "The BFD Session Discriminator Map Entry describes 1082 BFD session that is mapped to this IANAbfdSessIndexTC." 1083 INDEX { bfdSessDiscriminator } 1084 ::= { bfdSessDiscMapTable 1 } 1086 BfdSessDiscMapEntry ::= SEQUENCE { 1087 bfdSessDiscMapIndex IANAbfdSessIndexTC, 1088 bfdSessDiscMapStorageType StorageType, 1089 bfdSessDiscMapRowStatus RowStatus 1090 } 1092 bfdSessDiscMapIndex OBJECT-TYPE 1093 SYNTAX IANAbfdSessIndexTC 1094 MAX-ACCESS read-only 1095 STATUS current 1096 DESCRIPTION 1097 "This object specifies the IANAbfdSessIndexTC referred 1098 to by the indices of this row. In essence, a mapping is 1099 provided between these indexes and the BfdSessTable." 1100 ::= { bfdSessDiscMapEntry 1 } 1102 bfdSessDiscMapStorageType OBJECT-TYPE 1103 SYNTAX StorageType 1104 MAX-ACCESS read-create 1105 STATUS current 1106 DESCRIPTION 1107 "This variable indicates the storage type for this 1108 object. Conceptual rows having the value 1109 'permanent' need not allow write-access to any 1110 columnar objects in the row." 1111 ::= { bfdSessDiscMapEntry 2 } 1113 bfdSessDiscMapRowStatus OBJECT-TYPE 1114 SYNTAX RowStatus 1115 MAX-ACCESS read-create 1116 STATUS current 1117 DESCRIPTION 1118 "This variable is used to create, modify, and/or 1119 delete a row in this table. When a row in this 1120 table has a row in the active(1) state, no 1121 objects in this row can be modified except the 1122 bfdSessDiscMapRowStatus and bfdSessDiscMapStorageType." 1123 ::= { bfdSessDiscMapEntry 3 } 1125 -- BFD Session IP Mapping Table 1127 bfdSessIpMapTable OBJECT-TYPE 1128 SYNTAX SEQUENCE OF BfdSessIpMapEntry 1129 MAX-ACCESS not-accessible 1130 STATUS current 1131 DESCRIPTION 1132 "The BFD Session IP Mapping Table maps given 1133 bfdSessInterface, bfdSessSrcAddrType, bfdSessSrcAddr, 1134 bfdSessDstAddrType and bfdSessDstAddr 1135 to an associated BFD session's IANAbfdSessIndexTC 1136 used in the bfdSessionTable." 1137 ::= { bfdObjects 5 } 1139 bfdSessIpMapEntry OBJECT-TYPE 1140 SYNTAX BfdSessIpMapEntry 1141 MAX-ACCESS not-accessible 1142 STATUS current 1143 DESCRIPTION 1144 "The BFD Session IP Map Entry describes 1145 BFD session that is mapped to this IANAbfdSessIndexTC." 1146 INDEX { 1147 bfdSessInterface, 1148 bfdSessSrcAddrType, 1149 bfdSessSrcAddr, 1150 bfdSessDstAddrType, 1151 bfdSessDstAddr 1152 } 1153 ::= { bfdSessIpMapTable 1 } 1155 BfdSessIpMapEntry ::= SEQUENCE { 1156 bfdSessIpMapIndex IANAbfdSessIndexTC, 1157 bfdSessIpMapStorageType StorageType, 1158 bfdSessIpMapRowStatus RowStatus 1159 } 1161 bfdSessIpMapIndex OBJECT-TYPE 1162 SYNTAX IANAbfdSessIndexTC 1163 MAX-ACCESS read-only 1164 STATUS current 1165 DESCRIPTION 1166 "This object specifies the IANAbfdSessIndexTC referred 1167 to by the indexes of this row. In essence, a mapping is 1168 provided between these indexes and the BfdSessTable." 1169 ::= { bfdSessIpMapEntry 1 } 1171 bfdSessIpMapStorageType OBJECT-TYPE 1172 SYNTAX StorageType 1173 MAX-ACCESS read-create 1174 STATUS current 1175 DESCRIPTION 1176 "This variable indicates the storage type for this 1177 object. Conceptual rows having the value 1178 'permanent' need not allow write-access to any 1179 columnar objects in the row." 1180 ::= { bfdSessIpMapEntry 2 } 1182 bfdSessIpMapRowStatus OBJECT-TYPE 1183 SYNTAX RowStatus 1184 MAX-ACCESS read-create 1185 STATUS current 1186 DESCRIPTION 1187 "This variable is used to create, modify, and/or 1188 delete a row in this table. When a row in this 1189 table has a row in the active(1) state, no 1190 objects in this row can be modified except the 1191 bfdSessIpMapRowStatus and bfdSessIpMapStorageType." 1192 ::= { bfdSessIpMapEntry 3 } 1194 -- Notification Configuration 1196 bfdSessUp NOTIFICATION-TYPE 1197 OBJECTS { 1198 bfdSessDiag, -- low range value 1199 bfdSessDiag -- high range value 1200 } 1201 STATUS current 1202 DESCRIPTION 1203 "This notification is generated when the 1204 bfdSessState object for one or more contiguous 1205 entries in bfdSessTable are about to enter the up(4) 1206 state from some other state. The included values of 1207 bfdSessDiag MUST both be set equal to this 1208 new state (i.e: up(4)). The two instances of 1209 bfdSessDiag in this notification indicate the range 1210 of indexes that are affected. Note that all the indexes 1211 of the two ends of the range can be derived from the 1212 instance identifiers of these two objects. For the 1213 cases where a contiguous range of sessions 1214 have transitioned into the up(4) state at roughly 1215 the same time, the device SHOULD issue a single 1216 notification for each range of contiguous indexes in 1217 an effort to minimize the emission of a large number 1218 of notifications. If a notification has to be 1219 issued for just a single bfdSessEntry, then 1220 the instance identifier (and values) of the two 1221 bfdSessDiag objects MUST be the identical." 1222 ::= { bfdNotifications 1 } 1224 bfdSessDown NOTIFICATION-TYPE 1225 OBJECTS { 1226 bfdSessDiag, -- low range value 1227 bfdSessDiag -- high range value 1228 } 1229 STATUS current 1230 DESCRIPTION 1231 "This notification is generated when the 1232 bfdSessState object for one or more contiguous 1233 entries in bfdSessTable are about to enter the down(2) 1234 or adminDown(1) states from some other state. The included 1235 values of bfdSessDiag MUST both be set equal to this new 1236 state (i.e: down(2) or adminDown(1)). The two instances 1237 of bfdSessDiag in this notification indicate the range 1238 of indexes that are affected. Note that all the indexes 1239 of the two ends of the range can be derived from the 1240 instance identifiers of these two objects. For 1241 cases where a contiguous range of sessions 1242 have transitioned into the down(2) or adminDown(1) states 1243 at roughly the same time, the device SHOULD issue a single 1244 notification for each range of contiguous indexes in 1245 an effort to minimize the emission of a large number 1246 of notifications. If a notification has to be 1247 issued for just a single bfdSessEntry, then 1248 the instance identifier (and values) of the two 1249 bfdSessDiag objects MUST be the identical." 1250 ::= { bfdNotifications 2 } 1252 -- Module compliance. 1254 bfdGroups 1255 OBJECT IDENTIFIER ::= { bfdConformance 1 } 1257 bfdCompliances 1258 OBJECT IDENTIFIER ::= { bfdConformance 2 } 1260 -- Compliance requirement for fully compliant implementations. 1262 bfdModuleFullCompliance MODULE-COMPLIANCE 1263 STATUS current 1264 DESCRIPTION 1265 "Compliance statement for agents that provide full 1266 support for the BFD-MIB module. Such devices can 1267 then be monitored and also be configured using 1268 this MIB module." 1270 MODULE -- This module. 1272 MANDATORY-GROUPS { 1273 bfdSessionGroup, 1274 bfdSessionReadOnlyGroup, 1275 bfdSessionPerfGroup, 1276 bfdNotificationGroup 1277 } 1279 GROUP bfdSessionPerfHCGroup 1280 DESCRIPTION "This group is mandatory for all systems that 1281 are able to support the Counter64 date type." 1283 OBJECT bfdSessSrcAddrType 1284 SYNTAX InetAddressType { unknown(0), ipv4(1), 1285 ipv6(2), ipv6z(4) } 1286 DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) 1287 support are required." 1289 OBJECT bfdSessSrcAddr 1290 SYNTAX InetAddress (SIZE (0|4|16|20)) 1291 DESCRIPTION "An implementation is only required to support 1292 unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." 1294 OBJECT bfdSessDstAddrType 1295 SYNTAX InetAddressType { unknown(0), ipv4(1), 1296 ipv6(2), ipv6z(4) } 1297 DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) 1298 support are required." 1300 OBJECT bfdSessDstAddr 1301 SYNTAX InetAddress (SIZE (0|4|16|20)) 1302 DESCRIPTION "An implementation is only required to support 1303 unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." 1305 OBJECT bfdSessRowStatus 1306 SYNTAX RowStatus { active(1), notInService(2) } 1307 WRITE-SYNTAX RowStatus { active(1), notInService(2), 1308 createAndGo(4), destroy(6) } 1309 DESCRIPTION "Support for createAndWait and notReady is not 1310 required." 1312 OBJECT bfdSessDiscMapRowStatus 1313 SYNTAX RowStatus { active(1), notInService(2) } 1314 WRITE-SYNTAX RowStatus { active(1), notInService(2), 1315 createAndGo(4), destroy(6) } 1316 DESCRIPTION "Support for createAndWait and notReady is not 1317 required." 1319 OBJECT bfdSessIpMapRowStatus 1320 SYNTAX RowStatus { active(1), notInService(2) } 1321 WRITE-SYNTAX RowStatus { active(1), notInService(2), 1322 createAndGo(4), destroy(6) } 1323 DESCRIPTION "Support for createAndWait and notReady is not 1324 required." 1326 ::= { bfdCompliances 1 } 1328 bfdModuleReadOnlyCompliance MODULE-COMPLIANCE 1329 STATUS current 1330 DESCRIPTION 1331 "Compliance requirement for implementations that only 1332 provide read-only support for BFD-MIB. Such devices 1333 can then be monitored but cannot be configured using 1334 this MIB module." 1336 MODULE -- This module. 1338 MANDATORY-GROUPS { 1339 bfdSessionGroup, 1340 bfdSessionReadOnlyGroup, 1341 bfdSessionPerfGroup, 1342 bfdNotificationGroup 1343 } 1345 GROUP bfdSessionPerfHCGroup 1346 DESCRIPTION "This group is mandatory for all systems that 1347 are able to support the Counter64 date type." 1349 OBJECT bfdSessVersionNumber 1350 MIN-ACCESS read-only 1351 DESCRIPTION "Write access is not required." 1353 OBJECT bfdSessType 1354 MIN-ACCESS read-only 1355 DESCRIPTION "Write access is not required." 1357 OBJECT bfdSessDiscriminator 1358 MIN-ACCESS read-only 1359 DESCRIPTION "Write access is not required." 1361 OBJECT bfdSessDestinationUdpPort 1362 MIN-ACCESS read-only 1363 DESCRIPTION "Write access is not required." 1365 OBJECT bfdSessSourceUdpPort 1366 MIN-ACCESS read-only 1367 DESCRIPTION "Write access is not required." 1369 OBJECT bfdSessEchoSourceUdpPort 1370 MIN-ACCESS read-only 1371 DESCRIPTION "Write access is not required." 1373 OBJECT bfdSessAdminStatus 1374 MIN-ACCESS read-only 1375 DESCRIPTION "Write access is not required." 1377 OBJECT bfdSessOperMode 1378 MIN-ACCESS read-only 1379 DESCRIPTION "Write access is not required." 1381 OBJECT bfdSessDemandModeDesiredFlag 1382 MIN-ACCESS read-only 1383 DESCRIPTION "Write access is not required." 1385 OBJECT bfdSessControlPlaneIndepFlag 1386 MIN-ACCESS read-only 1387 DESCRIPTION "Write access is not required." 1389 OBJECT bfdSessMultipointFlag 1390 MIN-ACCESS read-only 1391 DESCRIPTION "Write access is not required." 1393 OBJECT bfdSessInterface 1394 MIN-ACCESS read-only 1395 DESCRIPTION "Write access is not required." 1397 OBJECT bfdSessSrcAddrType 1398 SYNTAX InetAddressType { unknown(0), ipv4(1), 1399 ipv6(2), ipv6z(4) } 1400 MIN-ACCESS read-only 1401 DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) 1402 support are required." 1404 OBJECT bfdSessSrcAddr 1405 SYNTAX InetAddress (SIZE (0|4|16|20)) 1406 MIN-ACCESS read-only 1407 DESCRIPTION "An implementation is only required to support 1408 unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." 1410 OBJECT bfdSessDstAddrType 1411 SYNTAX InetAddressType { unknown(0), ipv4(1), 1412 ipv6(2), ipv6z(4) } 1413 MIN-ACCESS read-only 1414 DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) 1415 support are required." 1417 OBJECT bfdSessDstAddr 1418 SYNTAX InetAddress (SIZE (0|4|16|20)) 1419 MIN-ACCESS read-only 1420 DESCRIPTION "An implementation is only required to support 1421 unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." 1423 OBJECT bfdSessGTSM 1424 MIN-ACCESS read-only 1425 DESCRIPTION "Write access is not required." 1427 OBJECT bfdSessGTSMTTL 1428 MIN-ACCESS read-only 1429 DESCRIPTION "Write access is not required." 1431 OBJECT bfdSessDesiredMinTxInterval 1432 MIN-ACCESS read-only 1433 DESCRIPTION "Write access is not required." 1435 OBJECT bfdSessReqMinRxInterval 1436 MIN-ACCESS read-only 1437 DESCRIPTION "Write access is not required." 1438 OBJECT bfdSessReqMinEchoRxInterval 1439 MIN-ACCESS read-only 1440 DESCRIPTION "Write access is not required." 1442 OBJECT bfdSessDetectMult 1443 MIN-ACCESS read-only 1444 DESCRIPTION "Write access is not required." 1446 OBJECT bfdSessAuthPresFlag 1447 MIN-ACCESS read-only 1448 DESCRIPTION "Write access is not required." 1450 OBJECT bfdSessAuthenticationType 1451 MIN-ACCESS read-only 1452 DESCRIPTION "Write access is not required." 1454 OBJECT bfdSessAuthenticationKeyID 1455 MIN-ACCESS read-only 1456 DESCRIPTION "Write access is not required." 1458 OBJECT bfdSessAuthenticationKey 1459 MIN-ACCESS read-only 1460 DESCRIPTION "Write access is not required." 1462 OBJECT bfdSessStorageType 1463 MIN-ACCESS read-only 1464 DESCRIPTION "Write access is not required." 1466 OBJECT bfdSessRowStatus 1467 SYNTAX RowStatus { active(1) } 1468 MIN-ACCESS read-only 1469 DESCRIPTION "Write access is not required." 1471 OBJECT bfdSessDiscMapStorageType 1472 MIN-ACCESS read-only 1473 DESCRIPTION "Write access is not required." 1475 OBJECT bfdSessDiscMapRowStatus 1476 SYNTAX RowStatus { active(1) } 1477 MIN-ACCESS read-only 1478 DESCRIPTION "Write access is not required." 1480 OBJECT bfdSessIpMapStorageType 1481 MIN-ACCESS read-only 1482 DESCRIPTION "Write access is not required." 1484 OBJECT bfdSessIpMapRowStatus 1485 SYNTAX RowStatus { active(1) } 1486 MIN-ACCESS read-only 1487 DESCRIPTION "Write access is not required." 1489 ::= { bfdCompliances 2 } 1491 -- Units of conformance. 1493 bfdSessionGroup OBJECT-GROUP 1494 OBJECTS { 1495 bfdAdminStatus, 1496 bfdSessNotificationsEnable, 1497 bfdSessVersionNumber, 1498 bfdSessType, 1499 bfdSessDiscriminator, 1500 bfdSessDestinationUdpPort, 1501 bfdSessSourceUdpPort, 1502 bfdSessEchoSourceUdpPort, 1503 bfdSessAdminStatus, 1504 bfdSessOperMode, 1505 bfdSessDemandModeDesiredFlag, 1506 bfdSessControlPlaneIndepFlag, 1507 bfdSessMultipointFlag, 1508 bfdSessInterface, 1509 bfdSessSrcAddrType, 1510 bfdSessSrcAddr, 1511 bfdSessDstAddrType, 1512 bfdSessDstAddr, 1513 bfdSessGTSM, 1514 bfdSessGTSMTTL, 1515 bfdSessDesiredMinTxInterval, 1516 bfdSessReqMinRxInterval, 1517 bfdSessReqMinEchoRxInterval, 1518 bfdSessDetectMult, 1519 bfdSessAuthPresFlag, 1520 bfdSessAuthenticationType, 1521 bfdSessAuthenticationKeyID, 1522 bfdSessAuthenticationKey, 1523 bfdSessStorageType, 1524 bfdSessRowStatus, 1525 bfdSessDiscMapStorageType, 1526 bfdSessDiscMapRowStatus, 1527 bfdSessIpMapStorageType, 1528 bfdSessIpMapRowStatus 1529 } 1530 STATUS current 1531 DESCRIPTION 1532 "Collection of objects needed for BFD sessions." 1533 ::= { bfdGroups 1 } 1535 bfdSessionReadOnlyGroup OBJECT-GROUP 1536 OBJECTS { 1537 bfdSessRemoteDiscr, 1538 bfdSessState, 1539 bfdSessRemoteHeardFlag, 1540 bfdSessDiag, 1541 bfdSessNegotiatedInterval, 1542 bfdSessNegotiatedEchoInterval, 1543 bfdSessNegotiatedDetectMult, 1544 bfdSessDiscMapIndex, 1545 bfdSessIpMapIndex 1546 } 1547 STATUS current 1548 DESCRIPTION 1549 "Collection of read-only objects needed for BFD sessions." 1550 ::= { bfdGroups 2 } 1552 bfdSessionPerfGroup OBJECT-GROUP 1553 OBJECTS { 1554 bfdSessPerfCtrlPktIn, 1555 bfdSessPerfCtrlPktOut, 1556 bfdSessPerfCtrlPktDrop, 1557 bfdSessPerfCtrlPktDropLastTime, 1558 bfdSessPerfEchoPktIn, 1559 bfdSessPerfEchoPktOut, 1560 bfdSessPerfEchoPktDrop, 1561 bfdSessPerfEchoPktDropLastTime, 1562 bfdSessUpTime, 1563 bfdSessPerfLastSessDownTime, 1564 bfdSessPerfLastCommLostDiag, 1565 bfdSessPerfSessUpCount, 1566 bfdSessPerfDiscTime 1567 } 1568 STATUS current 1569 DESCRIPTION 1570 "Collection of objects needed to monitor the 1571 performance of BFD sessions." 1572 ::= { bfdGroups 3 } 1574 bfdSessionPerfHCGroup OBJECT-GROUP 1575 OBJECTS { 1576 bfdSessPerfCtrlPktInHC, 1577 bfdSessPerfCtrlPktOutHC, 1578 bfdSessPerfCtrlPktDropHC, 1579 bfdSessPerfEchoPktInHC, 1580 bfdSessPerfEchoPktOutHC, 1581 bfdSessPerfEchoPktDropHC 1582 } 1583 STATUS current 1584 DESCRIPTION 1585 "Collection of objects needed to monitor the 1586 performance of BFD sessions for which the 1587 values of bfdSessPerfPktIn, bfdSessPerfPktOut 1588 wrap around too quickly." 1589 ::= { bfdGroups 4 } 1591 bfdNotificationGroup NOTIFICATION-GROUP 1592 NOTIFICATIONS { 1593 bfdSessUp, 1594 bfdSessDown 1595 } 1596 STATUS current 1597 DESCRIPTION 1598 "Set of notifications implemented in this 1599 module." 1600 ::= { bfdGroups 5 } 1602 END 1604 6. Security Considerations 1606 As BFD may be tied into the stability of the network infrastructure 1607 (such as routing protocols), the effects of an attack on a BFD 1608 session may be very serious. This ultimately has denial-of-service 1609 effects, as links may be declared to be down (or falsely declared to 1610 be up.) As such, improper manipulation of the objects represented by 1611 this MIB may result in denial of service to a large number of end- 1612 users. 1614 There are a number of management objects defined in this MIB module 1615 with a MAX-ACCESS clause of read-write and/or read-create. Such 1616 objects may be considered sensitive or vulnerable in some network 1617 environments. The support for SET operations in a non-secure 1618 environment without proper protection can have a negative effect on 1619 network operations. These are the tables and objects and their 1620 sensitivity/vulnerability: 1622 o bfdSessAdminStatus - Improper change of bfdSessAdminStatus, from 1623 start to stop, can cause significant disruption of the 1624 connectivity to those portions of the Internet reached via the 1625 applicable remote BFD peer. 1627 o bfdSessDesiredMinTxInterval, bfdSessReqMinRxInterval, 1628 bfdSessReqMinEchoRxInterval, bfdSessDetectMult - Improper change 1629 of this object can cause connections to be disrupted for extremely 1630 long time periods when otherwise they would be restored in a 1631 relatively short period of time. 1633 There are a number of management objects defined in this MIB module 1634 with a MAX-ACCESS clause of read-write and/or read-create. Such 1635 objects may be considered sensitive or vulnerable in some network 1636 environments. It is thus important to control even GET and/or NOTIFY 1637 access to these objects and possibly to even encrypt the values of 1638 these objects when sending them over the network via SNMP. 1640 o The bfdSessTable may be used to directly configure BFD sessions. 1641 The bfdSessMapTable can be used indirectly in the same way. 1642 Unauthorized access to objects in this table could result in 1643 disruption of traffic on the network. This is especially true if 1644 an unauthorized user configures enough tables to invoke a denial 1645 of service attack on the device where they are configured, or on a 1646 remote device where the sessions terminate. 1648 Some of the readable objects in this MIB module (i.e., objects with a 1649 MAX-ACCESS other than not-accessible) may be considered sensitive or 1650 vulnerable in some network environments. It is thus important to 1651 control even GET and/or NOTIFY access to these objects and possibly 1652 to even encrypt the values of these objects when sending them over 1653 the network via SNMP. These are the tables and objects and their 1654 sensitivity/vulnerability: 1656 o The bfdSessPerfTable both allows access to the performance 1657 characteristics of BFD sessions. Network administrators not 1658 wishing to show this information should consider this table 1659 sensitive. 1661 The bfdSessAuthenticationType, bfdSessAuthenticationKeyID, and 1662 bfdSessAuthenticationKey objects hold security methods and associated 1663 security keys of BFD sessions. These objects SHOULD be considered 1664 highly sensitive objects. In order for these sensitive information 1665 from being improperly accessed, implementers MAY wish to disallow 1666 read and create access to these objects. 1668 SNMP versions prior to SNMPv3 did not include adequate security. 1669 Even if the network itself is secure "for example by using IPSec", 1670 even then, there is no control as to who on the secure network is 1671 allowed to access and GET/SET "read/change/create/delete" the objects 1672 in these MIB modules. 1674 It is RECOMMENDED that implementers consider the security features as 1675 provided by the SNMPv3 framework (see [RFC3410], section 8), 1676 including full support for the SNMPv3 cryptographic mechanisms "for 1677 authentication and privacy". 1679 Further, deployment of SNMP versions prior to SNMPv3 is NOT 1680 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 1681 enable cryptographic security. It is then a customer/operator 1682 responsibility to ensure that the SNMP entity giving access to an 1683 instance of this MIB module, is properly configured to give access to 1684 the objects only to those principals "users" that have legitimate 1685 rights to indeed GET or SET "change/create/delete" them. 1687 7. IANA Considerations 1689 The MIB module in this document uses the following IANA-assigned 1690 OBJECT IDENTIFIER values recorded in the SMI Numbers registry: 1692 Descriptor OBJECT IDENTIFIER value 1693 ---------- ----------------------- 1695 bfdMib { mib-2 XXX } 1697 [RFC-Editor's Note (to be removed prior to publication): the IANA is 1698 requested to assign a value for "XXX" under the 'mib-2' subtree and 1699 to record the assignment in the SMI Numbers registry. When the 1700 assignment has been made, the RFC Editor is asked to replace "XXX" 1701 (here and in the MIB module) with the assigned value and to remove 1702 this note.] 1704 8. Acknowledgments 1706 Authors would like to thank David Ward, Jeffrey Haas, Reshad Rahman, 1707 David Toscano, Sylvain Masse, Mark Tooker, and Kiran Koushik Agrahara 1708 Sreenivasa for their comments and suggestions. 1710 9. References 1712 9.1. Normative References 1714 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1715 Requirement Levels", BCP 14, RFC 2119, March 1997. 1717 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1718 Schoenwaelder, Ed., "Structure of Management Information 1719 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. 1721 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1722 Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD 1723 58, RFC 2579, April 1999. 1725 [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 1726 "Conformance Statements for SMIv2", STD 58, RFC 2580, 1727 April 1999. 1729 [RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection 1730 (BFD)", RFC 5880, June 2010. 1732 [RFC5881] Katz, D. and D. Ward, "Bidirectional Forwarding Detection 1733 (BFD) for IPv4 and IPv6 (Single Hop)", RFC 5881, June 1734 2010. 1736 [RFC5883] Katz, D. and D. Ward, "Bidirectional Forwarding Detection 1737 (BFD) for Multihop Paths", RFC 5883, June 2010. 1739 [I-D.ietf-bfd-tc-mib] 1740 Nadeau, T., Ali, Z., and N. Akiya, "Definitions of Textual 1741 Conventions (TCs) for Bidirectional Forwarding Detection 1742 (BFD) Management", draft-ietf-bfd-tc-mib-03 (work in 1743 progress), November 2013. 1745 9.2. Informative References 1747 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 1748 "Introduction and Applicability Statements for Internet- 1749 Standard Management Framework", RFC 3410, December 2002. 1751 [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. 1752 Schoenwaelder, "Textual Conventions for Internet Network 1753 Addresses", RFC 4001, February 2005. 1755 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group 1756 MIB", RFC 2863, June 2000. 1758 [RFC3413] Levi, D., Meyer, P., and B. Stewart, "Simple Network 1759 Management Protocol (SNMP) Applications", STD 62, RFC 1760 3413, December 2002. 1762 Authors' Addresses 1764 Thomas D. Nadeau 1765 Juniper Networks 1767 EMail: tnadeau@juniper.net 1768 Zafar Ali 1769 Cisco Systems 1771 EMail: zali@cisco.com 1773 Nobo Akiya 1774 Cisco Systems 1776 EMail: nobo@cisco.com