idnits 2.17.1 draft-ietf-bfd-mib-20.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (May 9, 2014) is 3630 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-08) exists of draft-ietf-bfd-tc-mib-07 Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group T. Nadeau 3 Internet-Draft Brocade 4 Intended status: Standards Track Z. Ali 5 Expires: November 10, 2014 N. Akiya 6 Cisco Systems 7 May 9, 2014 9 BFD Management Information Base 10 draft-ietf-bfd-mib-20 12 Abstract 14 This draft defines a portion of the Management Information Base (MIB) 15 for use with network management protocols in the Internet community. 16 In particular, it describes managed objects for modeling 17 Bidirectional Forwarding Detection (BFD) protocol. 19 Requirements Language 21 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 22 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 23 "OPTIONAL" in this document are to be interpreted as described in BCP 24 14, RFC 2119 [RFC2119]. 26 Status of This Memo 28 This Internet-Draft is submitted in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF). Note that other groups may also distribute 33 working documents as Internet-Drafts. The list of current Internet- 34 Drafts is at http://datatracker.ietf.org/drafts/current/. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 This Internet-Draft will expire on November 10, 2014. 43 Copyright Notice 45 Copyright (c) 2014 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (http://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the Simplified BSD License. 58 Table of Contents 60 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 61 2. The Internet-Standard Management Framework . . . . . . . . . 3 62 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 63 4. Brief Description of MIB Objects . . . . . . . . . . . . . . 3 64 4.1. General Variables . . . . . . . . . . . . . . . . . . . . 3 65 4.2. Session Table (bfdSessionTable) . . . . . . . . . . . . . 3 66 4.3. Session Performance Table (bfdSessionPerfTable) . . . . . 3 67 4.4. BFD Session Discriminator Mapping Table 68 (bfdSessDiscMapTable) . . . . . . . . . . . . . . . . . . 4 69 4.5. BFD Session IP Mapping Table (bfdSessIpMapTable) . . . . 4 70 5. BFD MIB Module Definitions . . . . . . . . . . . . . . . . . 4 71 6. Security Considerations . . . . . . . . . . . . . . . . . . . 34 72 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 36 73 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 37 74 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 37 75 9.1. Normative References . . . . . . . . . . . . . . . . . . 37 76 9.2. Informative References . . . . . . . . . . . . . . . . . 38 78 1. Introduction 80 This memo defines a portion of the Management Information Base (MIB) 81 for use with network management protocols in the Internet community. 82 In particular, it describes managed objects to configure and/or 83 monitor Bidirectional Forwarding Detection for [RFC5880], [RFC5881], 84 [RFC5883] and [RFC7130], BFD versions 0 and/or 1, on devices 85 supporting this feature. 87 This memo does not define a compliance requirement for a system that 88 only implements BFD version 0. This is a reflection of a considered 89 and deliberate decision by the BFD WG, because the BFD version 0 90 protocol is primarily of historical interest by comparison to the 91 widespread deployment of the BFD version 1 protocol. 93 2. The Internet-Standard Management Framework 95 For a detailed overview of the documents that describe the current 96 Internet-Standard Management Framework, please refer to section 7 of 97 RFC 3410 [RFC3410]. 99 Managed objects are accessed via a virtual information store, termed 100 the Management Information Base or MIB. MIB objects are generally 101 accessed through the Simple Network Management Protocol (SNMP). 102 Objects in the MIB are defined using the mechanisms defined in the 103 Structure of Management Information (SMI). This memo specifies a MIB 104 module that is compliant to the SMIv2, which is described in STD 58, 105 RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 106 [RFC2580]. 108 3. Terminology 110 This document adopts the definitions, acronyms and mechanisms 111 described in [RFC5880], [RFC5881], [RFC5883] and [RFC7130]. Unless 112 otherwise stated, the mechanisms described therein will not be re- 113 described here. 115 4. Brief Description of MIB Objects 117 This section describes objects pertaining to BFD. The MIB objects 118 are derived from [RFC5880], [RFC5881], [RFC5883] and [RFC7130], and 119 also include textual conventions defined in [I-D.ietf-bfd-tc-mib]. 121 4.1. General Variables 123 The General Variables are used to identify parameters that are global 124 to the BFD process. 126 4.2. Session Table (bfdSessionTable) 128 The session table is used to identify a BFD session between a pair of 129 nodes. 131 4.3. Session Performance Table (bfdSessionPerfTable) 133 The session performance table is used for collecting BFD performance 134 counters on a per session basis. This table is an AUGMENT to the 135 bfdSessionTable. 137 4.4. BFD Session Discriminator Mapping Table (bfdSessDiscMapTable) 139 The BFD Session Discriminator Mapping Table provides a mapping 140 between a local discriminator value to the associated BFD session 141 found in the bfdSessionTable. 143 4.5. BFD Session IP Mapping Table (bfdSessIpMapTable) 145 The BFD Session IP Mapping Table maps, given bfdSessInterface, 146 bfdSessSrcAddrType, bfdSessSrcAddr, bfdSessDstAddrType, and 147 bfdSessDstAddr, to an associated BFD session found in the 148 bfdSessionTable. This table SHOULD contain those BFD sessions that 149 are of type IP. 151 5. BFD MIB Module Definitions 153 This MIB module makes references to the following documents. 154 [RFC2578], [RFC2579], [RFC2580], [RFC2863], [RFC3289], [RFC3413], 155 [RFC5082] and [RFC5880]. 157 BFD-STD-MIB DEFINITIONS ::= BEGIN 159 IMPORTS 160 MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, 161 mib-2, Integer32, Unsigned32, Counter32, Counter64 162 FROM SNMPv2-SMI -- [RFC2578] 164 TruthValue, RowStatus, StorageType, TimeStamp 165 FROM SNMPv2-TC -- [RFC2579] 167 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP 168 FROM SNMPv2-CONF -- [RFC2580] 170 InterfaceIndexOrZero 171 FROM IF-MIB -- [RFC2863] 173 InetAddress, InetAddressType, InetPortNumber 174 FROM INET-ADDRESS-MIB 176 IndexIntegerNextFree 177 FROM DIFFSERV-MIB -- [RFC3289] 179 BfdSessIndexTC, BfdIntervalTC, BfdMultiplierTC, 180 BfdCtrlDestPortNumberTC, BfdCtrlSourcePortNumberTC 181 FROM BFD-TC-STD-MIB 183 IANAbfdDiagTC, IANAbfdSessTypeTC, IANAbfdSessOperModeTC, 184 IANAbfdSessStateTC, IANAbfdSessAuthenticationTypeTC, 185 IANAbfdSessAuthenticationKeyTC 186 FROM IANA-BFD-TC-STD-MIB; 188 bfdMIB MODULE-IDENTITY 189 LAST-UPDATED "201405091200Z" -- 9 May 2014 12:00:00 EST 190 ORGANIZATION "IETF Bidirectional Forwarding Detection 191 Working Group" 192 CONTACT-INFO 193 "Thomas D. Nadeau 194 Brocade 195 Email: tnadeau@lucidvision.com 197 Zafar Ali 198 Cisco Systems, Inc. 199 Email: zali@cisco.com 201 Nobo Akiya 202 Cisco Systems, Inc. 203 Email: nobo@cisco.com 205 Comments about this document should be emailed directly 206 to the BFD working group mailing list at 207 rtg-bfd@ietf.org" 208 DESCRIPTION 209 "Bidirectional Forwarding Management Information Base." 210 REVISION "201405091200Z" -- 9 May 2014 12:00:00 EST 211 DESCRIPTION 212 "Initial version. Published as RFC xxxx." 213 -- RFC Ed.: RFC-editor pls fill in xxxx 214 ::= { mib-2 XXX } 215 -- RFC Ed.: assigned by IANA, see section 7.1 for details 217 -- Top level components of this MIB module. 219 bfdNotifications OBJECT IDENTIFIER ::= { bfdMIB 0 } 221 bfdObjects OBJECT IDENTIFIER ::= { bfdMIB 1 } 223 bfdConformance OBJECT IDENTIFIER ::= { bfdMIB 2 } 225 bfdScalarObjects OBJECT IDENTIFIER ::= { bfdObjects 1 } 227 -- BFD General Variables 229 -- These parameters apply globally to the Systems' 230 -- BFD Process. 232 bfdAdminStatus OBJECT-TYPE 233 SYNTAX INTEGER { 234 enabled(1), 235 disabled(2), 236 adminDown(3), 237 down(4) 238 } 239 MAX-ACCESS read-write 240 STATUS current 241 DESCRIPTION 242 "The desired global administrative status of the BFD 243 system in this device." 244 ::= { bfdScalarObjects 1 } 246 bfdOperStatus OBJECT-TYPE 247 SYNTAX INTEGER { 248 up(1), 249 down(2), 250 adminDown(3) 251 } 252 MAX-ACCESS read-only 253 STATUS current 254 DESCRIPTION 255 "Indicates the actual operational status of the 256 BFD system in this device. When this value is 257 down(2), all entries in the bfdSessTable MUST have 258 their bfdSessOperStatus as down(2) as well. When 259 this value is adminDown(3), all entries in the 260 bfdSessTable MUST have their bfdSessOperStatus 261 as adminDown(3) as well." 262 ::= { bfdScalarObjects 2 } 264 bfdNotificationsEnable OBJECT-TYPE 265 SYNTAX TruthValue 266 MAX-ACCESS read-write 267 STATUS current 268 DESCRIPTION 269 "If this object is set to true(1), then it enables 270 the emission of bfdSessUp and bfdSessDown 271 notifications; otherwise these notifications are not 272 emitted." 273 REFERENCE 274 "See also RFC3413 for explanation that 275 notifications are under the ultimate control of the 276 MIB modules in this document." 277 DEFVAL { false } 278 ::= { bfdScalarObjects 3 } 280 bfdSessIndexNext OBJECT-TYPE 281 SYNTAX IndexIntegerNextFree (0..4294967295) 282 MAX-ACCESS read-only 283 STATUS current 284 DESCRIPTION 285 "This object contains an unused value for 286 bfdSessIndex that can be used when creating 287 entries in the table. A zero indicates that 288 no entries are available, but MUST NOT be used 289 as a valid index. " 290 ::= { bfdScalarObjects 4 } 292 -- BFD Session Table 293 -- The BFD Session Table specifies BFD session specific 294 -- information. 296 bfdSessTable OBJECT-TYPE 297 SYNTAX SEQUENCE OF BfdSessEntry 298 MAX-ACCESS not-accessible 299 STATUS current 300 DESCRIPTION 301 "The BFD Session Table describes the BFD sessions." 302 REFERENCE 303 "Katz, D. and D. Ward, Bidirectional Forwarding 304 Detection (BFD), RFC 5880, June 2012." 305 ::= { bfdObjects 2 } 307 bfdSessEntry OBJECT-TYPE 308 SYNTAX BfdSessEntry 309 MAX-ACCESS not-accessible 310 STATUS current 311 DESCRIPTION 312 "The BFD Session Entry describes BFD session." 313 INDEX { bfdSessIndex } 314 ::= { bfdSessTable 1 } 316 BfdSessEntry ::= SEQUENCE { 317 bfdSessIndex BfdSessIndexTC, 318 bfdSessVersionNumber Unsigned32, 319 bfdSessType IANAbfdSessTypeTC, 320 bfdSessDiscriminator Unsigned32, 321 bfdSessRemoteDiscr Unsigned32, 322 bfdSessDestinationUdpPort BfdCtrlDestPortNumberTC, 323 bfdSessSourceUdpPort BfdCtrlSourcePortNumberTC, 324 bfdSessEchoSourceUdpPort InetPortNumber, 325 bfdSessAdminStatus INTEGER, 326 bfdSessOperStatus INTEGER, 327 bfdSessState IANAbfdSessStateTC, 328 bfdSessRemoteHeardFlag TruthValue, 329 bfdSessDiag IANAbfdDiagTC, 330 bfdSessOperMode IANAbfdSessOperModeTC, 331 bfdSessDemandModeDesiredFlag TruthValue, 332 bfdSessControlPlaneIndepFlag TruthValue, 333 bfdSessMultipointFlag TruthValue, 334 bfdSessInterface InterfaceIndexOrZero, 335 bfdSessSrcAddrType InetAddressType, 336 bfdSessSrcAddr InetAddress, 337 bfdSessDstAddrType InetAddressType, 338 bfdSessDstAddr InetAddress, 339 bfdSessGTSM TruthValue, 340 bfdSessGTSMTTL Unsigned32, 341 bfdSessDesiredMinTxInterval BfdIntervalTC, 342 bfdSessReqMinRxInterval BfdIntervalTC, 343 bfdSessReqMinEchoRxInterval BfdIntervalTC, 344 bfdSessDetectMult BfdMultiplierTC, 345 bfdSessNegotiatedInterval BfdIntervalTC, 346 bfdSessNegotiatedEchoInterval BfdIntervalTC, 347 bfdSessNegotiatedDetectMult BfdMultiplierTC, 348 bfdSessAuthPresFlag TruthValue, 349 bfdSessAuthenticationType IANAbfdSessAuthenticationTypeTC, 350 bfdSessAuthenticationKeyID Integer32, 351 bfdSessAuthenticationKey IANAbfdSessAuthenticationKeyTC, 352 bfdSessStorageType StorageType, 353 bfdSessRowStatus RowStatus 354 } 356 bfdSessIndex OBJECT-TYPE 357 SYNTAX BfdSessIndexTC 358 MAX-ACCESS not-accessible 359 STATUS current 360 DESCRIPTION 361 "This object contains an index used to represent a 362 unique BFD session on this device. Managers 363 should obtain new values for row creation in this 364 table by reading bfdSessIndexNext." 365 ::= { bfdSessEntry 1 } 367 bfdSessVersionNumber OBJECT-TYPE 368 SYNTAX Unsigned32 (0..7) 369 MAX-ACCESS read-create 370 STATUS current 371 DESCRIPTION 372 "The version number of the BFD protocol that this session 373 is running in. Write access is available for this object 374 to provide ability to set desired version for this 375 BFD session." 377 REFERENCE 378 "Katz, D. and D. Ward, Bidirectional Forwarding 379 Detection (BFD), RFC 5880, June 2012." 380 DEFVAL { 1 } 381 ::= { bfdSessEntry 2 } 383 bfdSessType OBJECT-TYPE 384 SYNTAX IANAbfdSessTypeTC 385 MAX-ACCESS read-create 386 STATUS current 387 DESCRIPTION 388 "This object specifies the type of this BFD session." 389 ::= { bfdSessEntry 3 } 391 bfdSessDiscriminator OBJECT-TYPE 392 SYNTAX Unsigned32 (1..4294967295) 393 MAX-ACCESS read-create 394 STATUS current 395 DESCRIPTION 396 "This object specifies the local discriminator for this BFD 397 session, used to uniquely identify it." 398 ::= { bfdSessEntry 4 } 400 bfdSessRemoteDiscr OBJECT-TYPE 401 SYNTAX Unsigned32 (0 | 1..4294967295) 402 MAX-ACCESS read-only 403 STATUS current 404 DESCRIPTION 405 "This object specifies the session discriminator chosen 406 by the remote system for this BFD session. The value may 407 be zero(0) if the remote discriminator is not yet known 408 or if the session is in the down or adminDown(1) state." 409 REFERENCE 410 "Section 6.8.6, from Katz, D. and D. Ward, Bidirectional 411 Forwarding Detection (BFD), RFC 5880, June 2012." 412 ::= { bfdSessEntry 5 } 414 bfdSessDestinationUdpPort OBJECT-TYPE 415 SYNTAX BfdCtrlDestPortNumberTC 416 MAX-ACCESS read-create 417 STATUS current 418 DESCRIPTION 419 "This object specifies the destination UDP port number 420 used for this BFD session's control packets. The value 421 may be zero(0) if the session is in adminDown(1) state." 422 DEFVAL { 0 } 423 ::= { bfdSessEntry 6 } 425 bfdSessSourceUdpPort OBJECT-TYPE 426 SYNTAX BfdCtrlSourcePortNumberTC 427 MAX-ACCESS read-create 428 STATUS current 429 DESCRIPTION 430 "This object specifies the source UDP port number used 431 for this BFD session's control packets. The value may be 432 zero(0) if the session is in adminDown(1) state. Upon 433 creation of a new BFD session via this MIB, the value of 434 zero(0) specified would permit the implementation to 435 choose its own source port number." 436 DEFVAL { 0 } 437 ::= { bfdSessEntry 7 } 439 bfdSessEchoSourceUdpPort OBJECT-TYPE 440 SYNTAX InetPortNumber 441 MAX-ACCESS read-create 442 STATUS current 443 DESCRIPTION 444 "This object specifies the source UDP port number used for 445 this BFD session's echo packets. The value may be zero(0) 446 if the session is not running in the echo mode, or the 447 session is in adminDown(1) state. Upon creation of a new 448 BFD session via this MIB, the value of zero(0) would 449 permit the implementation to choose its own source port 450 number." 451 DEFVAL { 0 } 452 ::= { bfdSessEntry 8 } 454 bfdSessAdminStatus OBJECT-TYPE 455 SYNTAX INTEGER { 456 enabled(1), 457 disabled(2), 458 adminDown(3), 459 down(4) 460 } 461 MAX-ACCESS read-create 462 STATUS current 463 DESCRIPTION 464 "Denotes the desired operational status of the BFD Session. 466 A transition to enabled(1) will start the BFD state machine 467 for the session. The state machine will have an initial 468 state of down(2). 470 A transition to disabled(2) will stop the BFD state machine 471 for the session. The state machine may first transition to 472 adminDown(1) prior to stopping. 474 A transition to adminDown(3) will cause the BFD state 475 machine to transition to adminDown(1), and will cause the 476 session to remain in this state. 478 A transition to down(4) will cause the BFD state machine 479 to transition to down(2), and will cause the session to 480 remain in this state. 482 Care should be used in providing write access to this 483 object without adequate authentication." 484 ::= { bfdSessEntry 9 } 486 bfdSessOperStatus OBJECT-TYPE 487 SYNTAX INTEGER { 488 up(1), 489 down(2), 490 adminDown(3) 491 } 492 MAX-ACCESS read-only 493 STATUS current 494 DESCRIPTION 495 "Denotes the actual operational status of the BFD Session. 496 If the value of bfdOperStatus is down(2), this value MUST 497 eventually be down(2) as well. If the value of 498 bfdOperStatus is adminDown(3), this value MUST eventually 499 be adminDown(3) as well." 500 ::= { bfdSessEntry 10 } 502 bfdSessState OBJECT-TYPE 503 SYNTAX IANAbfdSessStateTC 504 MAX-ACCESS read-only 505 STATUS current 506 DESCRIPTION 507 "Configured BFD session state." 508 ::= { bfdSessEntry 11 } 510 bfdSessRemoteHeardFlag OBJECT-TYPE 511 SYNTAX TruthValue 512 MAX-ACCESS read-only 513 STATUS current 514 DESCRIPTION 515 "This object specifies status of BFD packet reception from 516 the remote system. Specifically, it is set to true(1) if 517 the local system is actively receiving BFD packets from the 518 remote system, and is set to false(2) if the local system 519 has not received BFD packets recently (within the detection 520 time) or if the local system is attempting to tear down 521 the BFD session." 523 REFERENCE 524 "Katz, D. and D. Ward, Bidirectional 525 Forwarding Detection (BFD), RFC 5880, June 2012." 526 ::= { bfdSessEntry 12 } 528 bfdSessDiag OBJECT-TYPE 529 SYNTAX IANAbfdDiagTC 530 MAX-ACCESS read-only 531 STATUS current 532 DESCRIPTION 533 "A diagnostic code specifying the local system's reason 534 for the last transition of the session from up(4) 535 to some other state." 536 ::= { bfdSessEntry 13 } 538 bfdSessOperMode OBJECT-TYPE 539 SYNTAX IANAbfdSessOperModeTC 540 MAX-ACCESS read-create 541 STATUS current 542 DESCRIPTION 543 "This object specifies the operational mode of this 544 BFD session." 545 ::= { bfdSessEntry 14 } 547 bfdSessDemandModeDesiredFlag OBJECT-TYPE 548 SYNTAX TruthValue 549 MAX-ACCESS read-create 550 STATUS current 551 DESCRIPTION 552 "This object indicates that the local system's 553 desire to use Demand mode. Specifically, it is set 554 to true(1) if the local system wishes to use 555 Demand mode or false(2) if not" 556 DEFVAL { false } 557 ::= { bfdSessEntry 15 } 559 bfdSessControlPlaneIndepFlag OBJECT-TYPE 560 SYNTAX TruthValue 561 MAX-ACCESS read-create 562 STATUS current 563 DESCRIPTION 564 "This object indicates that the local system's 565 ability to continue to function through a disruption of 566 the control plane. Specifically, it is set 567 to true(1) if the local system BFD implementation is 568 independent of the control plane. Otherwise, the 569 value is set to false(2)" 570 DEFVAL { false } 571 ::= { bfdSessEntry 16 } 573 bfdSessMultipointFlag OBJECT-TYPE 574 SYNTAX TruthValue 575 MAX-ACCESS read-create 576 STATUS current 577 DESCRIPTION 578 "This object indicates the Multipoint (M) bit for this 579 session. It is set to true(1) if Multipoint (M) bit is 580 set to 1. Otherwise, the value is set to false(2)" 581 DEFVAL { false } 582 ::= { bfdSessEntry 17 } 584 bfdSessInterface OBJECT-TYPE 585 SYNTAX InterfaceIndexOrZero 586 MAX-ACCESS read-create 587 STATUS current 588 DESCRIPTION 589 "This object contains an interface index used to indicate 590 the interface which this BFD session is running on. This 591 value can be zero if there is no interface associated 592 with this BFD session." 593 ::= { bfdSessEntry 18 } 595 bfdSessSrcAddrType OBJECT-TYPE 596 SYNTAX InetAddressType 597 MAX-ACCESS read-create 598 STATUS current 599 DESCRIPTION 600 "This object specifies IP address type of the source IP 601 address of this BFD session. The value of unknown(0) is 602 allowed only when the session is singleHop(1) and the 603 source IP address of this BFD session is derived from 604 the outgoing interface, or when the BFD session is not 605 associated with a specific interface. If any other 606 unsupported values are attempted in a set operation, the 607 agent MUST return an inconsistentValue error." 608 ::= { bfdSessEntry 19 } 610 bfdSessSrcAddr OBJECT-TYPE 611 SYNTAX InetAddress 612 MAX-ACCESS read-create 613 STATUS current 614 DESCRIPTION 615 "This object specifies the source IP address of this BFD 616 session. The format of this object is controlled by the 617 bfdSessSrcAddrType object." 618 ::= { bfdSessEntry 20 } 620 bfdSessDstAddrType OBJECT-TYPE 621 SYNTAX InetAddressType 622 MAX-ACCESS read-create 623 STATUS current 624 DESCRIPTION 625 "This object specifies IP address type of the neighboring IP 626 address which is being monitored with this BFD session. 627 The value of unknown(0) is allowed only when the session is 628 singleHop(1) and the outgoing interface is of type 629 point-to-point, or when the BFD session is not associated 630 with a specific interface. If any other unsupported values 631 are attempted in a set operation, the agent MUST return an 632 inconsistentValue error." 633 ::= { bfdSessEntry 21 } 635 bfdSessDstAddr OBJECT-TYPE 636 SYNTAX InetAddress 637 MAX-ACCESS read-create 638 STATUS current 639 DESCRIPTION 640 "This object specifies the neighboring IP address which is 641 being monitored with this BFD session. The format of this 642 object is controlled by the bfdSessDstAddrType object." 643 ::= { bfdSessEntry 22 } 645 bfdSessGTSM OBJECT-TYPE 646 SYNTAX TruthValue 647 MAX-ACCESS read-create 648 STATUS current 649 DESCRIPTION 650 "Setting the value of this object to false(2) will disable 651 GTSM protection of the BFD session. GTSM MUST be enabled 652 on a singleHop(1) session if no authentication is in use." 653 REFERENCE 654 "RFC5082, The Generalized TTL Security Mechanism (GTSM). 655 RFC5881, Section 5" 656 DEFVAL { true } 657 ::= { bfdSessEntry 23 } 659 bfdSessGTSMTTL OBJECT-TYPE 660 SYNTAX Unsigned32 (0..255) 661 MAX-ACCESS read-create 662 STATUS current 663 DESCRIPTION 664 "This object is valid only when bfdSessGTSM protection is 665 enabled on the system. This object indicates the minimum 666 allowed TTL for received BFD control packets. For a 667 singleHop(1) session, if GTSM protection is enabled, 668 this object SHOULD be set to maximum TTL value allowed 669 for single hop. 671 By default, GTSM is enabled and TTL value is 255. For a 672 multihop session, updating of maximum TTL value allowed 673 is likely required." 674 REFERENCE 675 "RFC5082, The Generalized TTL Security Mechanism (GTSM). 676 RFC5881, Section 5" 677 DEFVAL { 255 } 678 ::= { bfdSessEntry 24 } 680 bfdSessDesiredMinTxInterval OBJECT-TYPE 681 SYNTAX BfdIntervalTC 682 MAX-ACCESS read-create 683 STATUS current 684 DESCRIPTION 685 "This object specifies the minimum interval, in 686 microseconds, that the local system would like to use 687 when transmitting BFD Control packets. The value of 688 zero(0) is reserved in this case, and should not be 689 used." 690 REFERENCE 691 "Section 4.1 from Katz, D. and D. Ward, Bidirectional 692 Forwarding Detection (BFD), RFC 5880, June 2012." 693 ::= { bfdSessEntry 25 } 695 bfdSessReqMinRxInterval OBJECT-TYPE 696 SYNTAX BfdIntervalTC 697 MAX-ACCESS read-create 698 STATUS current 699 DESCRIPTION 700 "This object specifies the minimum interval, in 701 microseconds, between received BFD Control packets the 702 local system is capable of supporting. The value of 703 zero(0) can be specified when the transmitting system 704 does not want the remote system to send any periodic BFD 705 control packets." 706 REFERENCE 707 "Section 4.1 from Katz, D. and D. Ward, Bidirectional 708 Forwarding Detection (BFD), RFC 5880, June 2012." 709 ::= { bfdSessEntry 26 } 711 bfdSessReqMinEchoRxInterval OBJECT-TYPE 712 SYNTAX BfdIntervalTC 713 MAX-ACCESS read-create 714 STATUS current 715 DESCRIPTION 716 "This object specifies the minimum interval, in 717 microseconds, between received BFD Echo packets that this 718 system is capable of supporting. Value must be zero(0) if 719 this is a multihop BFD session." 720 ::= { bfdSessEntry 27 } 722 bfdSessDetectMult OBJECT-TYPE 723 SYNTAX BfdMultiplierTC 724 MAX-ACCESS read-create 725 STATUS current 726 DESCRIPTION 727 "This object specifies the Detect time multiplier." 728 ::= { bfdSessEntry 28 } 730 bfdSessNegotiatedInterval OBJECT-TYPE 731 SYNTAX BfdIntervalTC 732 MAX-ACCESS read-only 733 STATUS current 734 DESCRIPTION 735 "This object specifies the negotiated interval, in 736 microseconds, that the local system is transmitting 737 BFD Control packets." 738 ::= { bfdSessEntry 29 } 740 bfdSessNegotiatedEchoInterval OBJECT-TYPE 741 SYNTAX BfdIntervalTC 742 MAX-ACCESS read-only 743 STATUS current 744 DESCRIPTION 745 "This object specifies the negotiated interval, in 746 microseconds, that the local system is transmitting 747 BFD echo packets. Value is expected to be zero if 748 the sessions is not running in echo mode." 749 ::= { bfdSessEntry 30 } 751 bfdSessNegotiatedDetectMult OBJECT-TYPE 752 SYNTAX BfdMultiplierTC 753 MAX-ACCESS read-only 754 STATUS current 755 DESCRIPTION 756 "This object specifies the Detect time multiplier." 757 ::= { bfdSessEntry 31 } 759 bfdSessAuthPresFlag OBJECT-TYPE 760 SYNTAX TruthValue 761 MAX-ACCESS read-create 762 STATUS current 763 DESCRIPTION 764 "This object indicates that the local system's 765 desire to use Authentication. Specifically, it is set 766 to true(1) if the local system wishes the session 767 to be authenticated or false(2) if not." 768 REFERENCE 769 "Sections 4.2 - 4.4 from Katz, D. and D. Ward, 770 Bidirectional Forwarding Detection (BFD), RFC 5880, 771 June 2012." 772 DEFVAL { false } 773 ::= { bfdSessEntry 32 } 775 bfdSessAuthenticationType OBJECT-TYPE 776 SYNTAX IANAbfdSessAuthenticationTypeTC 777 MAX-ACCESS read-create 778 STATUS current 779 DESCRIPTION 780 "The Authentication Type used for this BFD session. 781 This field is valid only when the Authentication 782 Present bit is set. Max-access to this object as well as 783 other authentication related objects are set to 784 read-create in order to support management of a single 785 key ID at a time, key rotation is not handled. Key update 786 in practice must be done by atomic update using a set 787 containing all affected objects in the same varBindList 788 or otherwise risk the session dropping." 789 REFERENCE 790 "Sections 4.2 - 4.4 from Katz, D. and D. Ward, 791 Bidirectional Forwarding Detection (BFD), RFC 5880, 792 June 2012." 793 DEFVAL { noAuthentication } 794 ::= { bfdSessEntry 33 } 796 bfdSessAuthenticationKeyID OBJECT-TYPE 797 SYNTAX Integer32 (-1 | 0..255) 798 MAX-ACCESS read-create 799 STATUS current 800 DESCRIPTION 801 "The authentication key ID in use for this session. This 802 object permits multiple keys to be active simultaneously. 803 The value -1 indicates that no Authentication Key ID will 804 be present in the optional BFD Authentication Section." 805 REFERENCE 806 "Sections 4.2 - 4.4 from Katz, D. and D. Ward, 807 Bidirectional Forwarding Detection (BFD), RFC 5880, 808 June 2012." 809 DEFVAL { -1 } 810 ::= { bfdSessEntry 34 } 812 bfdSessAuthenticationKey OBJECT-TYPE 813 SYNTAX IANAbfdSessAuthenticationKeyTC 814 MAX-ACCESS read-create 815 STATUS current 816 DESCRIPTION 817 "The authentication key. When the 818 bfdSessAuthenticationType is simplePassword(1), the value 819 of this object is the password present in the BFD packets. 821 When the bfdSessAuthenticationType is one of the keyed 822 authentication types, this value is used in the 823 computation of the key present in the BFD authentication 824 packet." 825 REFERENCE 826 "Sections 4.2 - 4.4 from Katz, D. and D. Ward, 827 Bidirectional Forwarding Detection (BFD), RFC 5880, 828 June 2012." 829 ::= { bfdSessEntry 35 } 831 bfdSessStorageType OBJECT-TYPE 832 SYNTAX StorageType 833 MAX-ACCESS read-create 834 STATUS current 835 DESCRIPTION 836 "This variable indicates the storage type for this 837 object. Conceptual rows having the value 838 'permanent' need not allow write-access to any 839 columnar objects in the row." 840 ::= { bfdSessEntry 36 } 842 bfdSessRowStatus OBJECT-TYPE 843 SYNTAX RowStatus 844 MAX-ACCESS read-create 845 STATUS current 846 DESCRIPTION 847 "This variable is used to create, modify, and/or 848 delete a row in this table. When a row in this 849 table has a row in the active(1) state, no 850 objects in this row can be modified except the 851 bfdSessRowStatus and bfdSessStorageType." 852 ::= { bfdSessEntry 37 } 854 -- BFD Session Performance Table 856 bfdSessPerfTable OBJECT-TYPE 857 SYNTAX SEQUENCE OF BfdSessPerfEntry 858 MAX-ACCESS not-accessible 859 STATUS current 860 DESCRIPTION 861 "This table specifies BFD Session performance counters." 862 ::= { bfdObjects 3 } 864 bfdSessPerfEntry OBJECT-TYPE 865 SYNTAX BfdSessPerfEntry 866 MAX-ACCESS not-accessible 867 STATUS current 868 DESCRIPTION 869 "An entry in this table is created by a BFD-enabled node 870 for every BFD Session. bfdSessPerfDiscTime is used to 871 indicate potential discontinuity for all counter objects 872 in this table." 873 AUGMENTS { bfdSessEntry } 874 ::= { bfdSessPerfTable 1 } 876 BfdSessPerfEntry ::= SEQUENCE { 877 bfdSessPerfCtrlPktIn Counter32, 878 bfdSessPerfCtrlPktOut Counter32, 879 bfdSessPerfCtrlPktDrop Counter32, 880 bfdSessPerfCtrlPktDropLastTime TimeStamp, 881 bfdSessPerfEchoPktIn Counter32, 882 bfdSessPerfEchoPktOut Counter32, 883 bfdSessPerfEchoPktDrop Counter32, 884 bfdSessPerfEchoPktDropLastTime TimeStamp, 885 bfdSessUpTime TimeStamp, 886 bfdSessPerfLastSessDownTime TimeStamp, 887 bfdSessPerfLastCommLostDiag IANAbfdDiagTC, 888 bfdSessPerfSessUpCount Counter32, 889 bfdSessPerfDiscTime TimeStamp, 891 -- High Capacity Counters 892 bfdSessPerfCtrlPktInHC Counter64, 893 bfdSessPerfCtrlPktOutHC Counter64, 894 bfdSessPerfCtrlPktDropHC Counter64, 895 bfdSessPerfEchoPktInHC Counter64, 896 bfdSessPerfEchoPktOutHC Counter64, 897 bfdSessPerfEchoPktDropHC Counter64 898 } 900 bfdSessPerfCtrlPktIn OBJECT-TYPE 901 SYNTAX Counter32 902 MAX-ACCESS read-only 903 STATUS current 904 DESCRIPTION 905 "The total number of BFD control messages received for this 906 BFD session. 908 It MUST be equal to the least significant 32 bits of 909 bfdSessPerfCtrlPktInHC if supported, and MUST do so 910 with the rules spelled out in RFC 2863." 911 ::= { bfdSessPerfEntry 1 } 913 bfdSessPerfCtrlPktOut OBJECT-TYPE 914 SYNTAX Counter32 915 MAX-ACCESS read-only 916 STATUS current 917 DESCRIPTION 918 "The total number of BFD control messages sent for this BFD 919 session. 921 It MUST be equal to the least significant 32 bits of 922 bfdSessPerfCtrlPktOutHC if supported, and MUST do so 923 with the rules spelled out in RFC 2863." 924 ::= { bfdSessPerfEntry 2 } 926 bfdSessPerfCtrlPktDrop OBJECT-TYPE 927 SYNTAX Counter32 928 MAX-ACCESS read-only 929 STATUS current 930 DESCRIPTION 931 "The total number of BFD control messages received for this 932 session yet dropped for being invalid. 934 It MUST be equal to the least significant 32 bits of 935 bfdSessPerfCtrlPktDropHC if supported, and MUST do so 936 with the rules spelled out in RFC 2863." 937 ::= { bfdSessPerfEntry 3 } 939 bfdSessPerfCtrlPktDropLastTime OBJECT-TYPE 940 SYNTAX TimeStamp 941 MAX-ACCESS read-only 942 STATUS current 943 DESCRIPTION 944 "The value of sysUpTime on the most recent occasion at 945 which received BFD control message for this session was 946 dropped. If no such up event exists, this object contains 947 a zero value." 948 ::= { bfdSessPerfEntry 4 } 950 bfdSessPerfEchoPktIn OBJECT-TYPE 951 SYNTAX Counter32 952 MAX-ACCESS read-only 953 STATUS current 954 DESCRIPTION 955 "The total number of BFD echo messages received for this 956 BFD session. 958 It MUST be equal to the least significant 32 bits of 959 bfdSessPerfEchoPktInHC if supported, and MUST do so 960 with the rules spelled out in RFC 2863." 961 ::= { bfdSessPerfEntry 5 } 963 bfdSessPerfEchoPktOut OBJECT-TYPE 964 SYNTAX Counter32 965 MAX-ACCESS read-only 966 STATUS current 967 DESCRIPTION 968 "The total number of BFD echo messages sent for this BFD 969 session. 971 It MUST be equal to the least significant 32 bits of 972 bfdSessPerfEchoPktOutHC if supported, and MUST do so 973 with the rules spelled out in RFC 2863." 974 ::= { bfdSessPerfEntry 6 } 976 bfdSessPerfEchoPktDrop OBJECT-TYPE 977 SYNTAX Counter32 978 MAX-ACCESS read-only 979 STATUS current 980 DESCRIPTION 981 "The total number of BFD echo messages received for this 982 session yet dropped for being invalid. 984 It MUST be equal to the least significant 32 bits of 985 bfdSessPerfEchoPktDropHC if supported, and MUST do so 986 with the rules spelled out in RFC 2863." 987 ::= { bfdSessPerfEntry 7 } 989 bfdSessPerfEchoPktDropLastTime OBJECT-TYPE 990 SYNTAX TimeStamp 991 MAX-ACCESS read-only 992 STATUS current 993 DESCRIPTION 994 "The value of sysUpTime on the most recent occasion at 995 which received BFD echo message for this session was 996 dropped. If no such up event has been issued, this 997 object contains a zero value." 998 ::= { bfdSessPerfEntry 8 } 1000 bfdSessUpTime OBJECT-TYPE 1001 SYNTAX TimeStamp 1002 MAX-ACCESS read-only 1003 STATUS current 1004 DESCRIPTION 1005 "The value of sysUpTime on the most recent occasion at which 1006 the session came up. If no such event has been issued, 1007 this object contains a zero value." 1008 ::= { bfdSessPerfEntry 9 } 1010 bfdSessPerfLastSessDownTime OBJECT-TYPE 1011 SYNTAX TimeStamp 1012 MAX-ACCESS read-only 1013 STATUS current 1014 DESCRIPTION 1015 "The value of sysUpTime on the most recent occasion at 1016 which the last time communication was lost with the 1017 neighbor. If no down event has been issued this object 1018 contains a zero value." 1019 ::= { bfdSessPerfEntry 10 } 1021 bfdSessPerfLastCommLostDiag OBJECT-TYPE 1022 SYNTAX IANAbfdDiagTC 1023 MAX-ACCESS read-only 1024 STATUS current 1025 DESCRIPTION 1026 "The BFD diag code for the last time communication was lost 1027 with the neighbor. If such an event has not been issued 1028 this object contains a zero value." 1029 ::= { bfdSessPerfEntry 11 } 1031 bfdSessPerfSessUpCount OBJECT-TYPE 1032 SYNTAX Counter32 1033 MAX-ACCESS read-only 1034 STATUS current 1035 DESCRIPTION 1036 "The number of times this session has gone into the Up 1037 state since the system last rebooted." 1038 ::= { bfdSessPerfEntry 12 } 1040 bfdSessPerfDiscTime OBJECT-TYPE 1041 SYNTAX TimeStamp 1042 MAX-ACCESS read-only 1043 STATUS current 1044 DESCRIPTION 1045 "The value of sysUpTime on the most recent occasion at 1046 which any one or more of the session counters suffered 1047 a discontinuity. 1049 The relevant counters are the specific instances associated 1050 with this BFD session of any Counter32 object contained in 1051 the BfdSessPerfTable. If no such discontinuities have 1052 occurred since the last re-initialization of the local 1053 management subsystem, then this object contains a zero 1054 value." 1055 ::= { bfdSessPerfEntry 13 } 1057 bfdSessPerfCtrlPktInHC OBJECT-TYPE 1058 SYNTAX Counter64 1059 MAX-ACCESS read-only 1060 STATUS current 1061 DESCRIPTION 1062 "This value represents the total number of BFD control 1063 messages received for this BFD session. 1065 The least significant 32 bits MUST equal to 1066 bfdSessPerfCtrlPktIn, and MUST do so with 1067 the rules spelled out in RFC 2863." 1068 ::= { bfdSessPerfEntry 14 } 1070 bfdSessPerfCtrlPktOutHC OBJECT-TYPE 1071 SYNTAX Counter64 1072 MAX-ACCESS read-only 1073 STATUS current 1074 DESCRIPTION 1075 "This value represents the total number of BFD control 1076 messages transmitted for this BFD session. 1078 The least significant 32 bits MUST equal to 1079 bfdSessPerfCtrlPktOut, and MUST do so with 1080 the rules spelled out in RFC 2863." 1081 ::= { bfdSessPerfEntry 15 } 1083 bfdSessPerfCtrlPktDropHC OBJECT-TYPE 1084 SYNTAX Counter64 1085 MAX-ACCESS read-only 1086 STATUS current 1087 DESCRIPTION 1088 "This value represents the total number of BFD control 1089 messages received for this BFD session yet dropped for 1090 being invalid. 1092 The least significant 32 bits MUST equal to 1093 bfdSessPerfCtrlPktDrop, and MUST do so with 1094 the rules spelled out in RFC 2863." 1095 ::= { bfdSessPerfEntry 16 } 1097 bfdSessPerfEchoPktInHC OBJECT-TYPE 1098 SYNTAX Counter64 1099 MAX-ACCESS read-only 1100 STATUS current 1101 DESCRIPTION 1102 "This value represents the total number of BFD echo 1103 messages received for this BFD session. 1105 The least significant 32 bits MUST equal to 1106 bfdSessPerfEchoPktIn, and MUST do so with 1107 the rules spelled out in RFC 2863." 1108 ::= { bfdSessPerfEntry 17 } 1110 bfdSessPerfEchoPktOutHC OBJECT-TYPE 1111 SYNTAX Counter64 1112 MAX-ACCESS read-only 1113 STATUS current 1114 DESCRIPTION 1115 "This value represents the total number of BFD echo 1116 messages transmitted for this BFD session. 1118 The least significant 32 bits MUST equal to 1119 bfdSessPerfEchoPktOut, and MUST do so with 1120 the rules spelled out in RFC 2863." 1121 ::= { bfdSessPerfEntry 18 } 1123 bfdSessPerfEchoPktDropHC OBJECT-TYPE 1124 SYNTAX Counter64 1125 MAX-ACCESS read-only 1126 STATUS current 1127 DESCRIPTION 1128 "This value represents the total number of BFD echo 1129 messages received for this BFD session yet dropped 1130 for being invalid. 1132 The least significant 32 bits MUST equal to 1133 bfdSessPerfEchoPktDrop, and MUST do so with 1134 the rules spelled out in RFC 2863." 1135 ::= { bfdSessPerfEntry 19 } 1137 -- BFD Session Discriminator Mapping Table 1139 bfdSessDiscMapTable OBJECT-TYPE 1140 SYNTAX SEQUENCE OF BfdSessDiscMapEntry 1141 MAX-ACCESS not-accessible 1142 STATUS current 1143 DESCRIPTION 1144 "The BFD Session Discriminator Mapping Table maps a 1145 local discriminator value to associated BFD session's 1146 bfdSessIndex found in the bfdSessionTable." 1147 ::= { bfdObjects 4 } 1149 bfdSessDiscMapEntry OBJECT-TYPE 1150 SYNTAX BfdSessDiscMapEntry 1151 MAX-ACCESS not-accessible 1152 STATUS current 1153 DESCRIPTION 1154 "The BFD Session Discriminator Mapping Entry 1155 specifies a mapping between a local discriminator 1156 and a BFD session." 1157 INDEX { bfdSessDiscriminator } 1158 ::= { bfdSessDiscMapTable 1 } 1160 BfdSessDiscMapEntry ::= SEQUENCE { 1161 bfdSessDiscMapIndex BfdSessIndexTC 1162 } 1164 bfdSessDiscMapIndex OBJECT-TYPE 1165 SYNTAX BfdSessIndexTC 1166 MAX-ACCESS read-only 1167 STATUS current 1168 DESCRIPTION 1169 "This object specifies a mapping between a 1170 local discriminator and a BFD Session in 1171 the BfdSessTable." 1172 ::= { bfdSessDiscMapEntry 1 } 1174 -- BFD Session IP Mapping Table 1176 bfdSessIpMapTable OBJECT-TYPE 1177 SYNTAX SEQUENCE OF BfdSessIpMapEntry 1178 MAX-ACCESS not-accessible 1179 STATUS current 1180 DESCRIPTION 1181 "The BFD Session IP Mapping Table maps given 1182 bfdSessInterface, bfdSessSrcAddrType, bfdSessSrcAddr, 1183 bfdSessDstAddrType and bfdSessDstAddr 1184 to an associated BFD session found in the 1185 bfdSessionTable." 1186 ::= { bfdObjects 5 } 1188 bfdSessIpMapEntry OBJECT-TYPE 1189 SYNTAX BfdSessIpMapEntry 1190 MAX-ACCESS not-accessible 1191 STATUS current 1192 DESCRIPTION 1193 "The BFD Session IP Map Entry contains a mapping 1194 from the IP information for a session, to the session 1195 in the bfdSessionTable." 1196 INDEX { 1197 bfdSessInterface, 1198 bfdSessSrcAddrType, 1199 bfdSessSrcAddr, 1200 bfdSessDstAddrType, 1201 bfdSessDstAddr 1202 } 1203 ::= { bfdSessIpMapTable 1 } 1205 BfdSessIpMapEntry ::= SEQUENCE { 1206 bfdSessIpMapIndex BfdSessIndexTC 1207 } 1209 bfdSessIpMapIndex OBJECT-TYPE 1210 SYNTAX BfdSessIndexTC 1211 MAX-ACCESS read-only 1212 STATUS current 1213 DESCRIPTION 1214 "This object specifies the BfdSessIndexTC referred 1215 to by the indexes of this row. In essence, a mapping is 1216 provided between these indexes and the BfdSessTable." 1217 ::= { bfdSessIpMapEntry 1 } 1219 -- Notification Configuration 1221 bfdSessUp NOTIFICATION-TYPE 1222 OBJECTS { 1223 bfdSessDiag, -- low range value 1224 bfdSessDiag -- high range value 1225 } 1226 STATUS current 1227 DESCRIPTION 1228 "This notification is generated when the 1229 bfdSessState object for one or more contiguous 1230 entries in bfdSessTable are about to enter the up(4) 1231 state from some other state. The included values of 1232 bfdSessDiag MUST both be set equal to this 1233 new state (i.e: up(4)). The two instances of 1234 bfdSessDiag in this notification indicate the range 1235 of indexes that are affected. Note that all the indexes 1236 of the two ends of the range can be derived from the 1237 instance identifiers of these two objects. For the 1238 cases where a contiguous range of sessions 1239 have transitioned into the up(4) state at roughly 1240 the same time, the device SHOULD issue a single 1241 notification for each range of contiguous indexes in 1242 an effort to minimize the emission of a large number 1243 of notifications. If a notification has to be 1244 issued for just a single bfdSessEntry, then 1245 the instance identifier (and values) of the two 1246 bfdSessDiag objects MUST be the identical." 1247 ::= { bfdNotifications 1 } 1249 bfdSessDown NOTIFICATION-TYPE 1250 OBJECTS { 1251 bfdSessDiag, -- low range value 1252 bfdSessDiag -- high range value 1253 } 1254 STATUS current 1255 DESCRIPTION 1256 "This notification is generated when the 1257 bfdSessState object for one or more contiguous 1258 entries in bfdSessTable are about to enter the down(2) 1259 or adminDown(1) states from some other state. The included 1260 values of bfdSessDiag MUST both be set equal to this new 1261 state (i.e: down(2) or adminDown(1)). The two instances 1262 of bfdSessDiag in this notification indicate the range 1263 of indexes that are affected. Note that all the indexes 1264 of the two ends of the range can be derived from the 1265 instance identifiers of these two objects. For 1266 cases where a contiguous range of sessions 1267 have transitioned into the down(2) or adminDown(1) states 1268 at roughly the same time, the device SHOULD issue a single 1269 notification for each range of contiguous indexes in 1270 an effort to minimize the emission of a large number 1271 of notifications. If a notification has to be 1272 issued for just a single bfdSessEntry, then 1273 the instance identifier (and values) of the two 1274 bfdSessDiag objects MUST be the identical." 1275 ::= { bfdNotifications 2 } 1277 -- Module compliance. 1279 bfdGroups 1280 OBJECT IDENTIFIER ::= { bfdConformance 1 } 1282 bfdCompliances 1283 OBJECT IDENTIFIER ::= { bfdConformance 2 } 1285 -- Compliance requirement for fully compliant implementations. 1287 bfdModuleFullCompliance MODULE-COMPLIANCE 1288 STATUS current 1289 DESCRIPTION 1290 "Compliance statement for agents that provide full 1291 support for the BFD-MIB module. Such devices can 1292 then be monitored and also be configured using 1293 this MIB module." 1295 MODULE -- This module. 1297 MANDATORY-GROUPS { 1298 bfdSessionGroup, 1299 bfdSessionReadOnlyGroup, 1300 bfdSessionPerfGroup, 1301 bfdNotificationGroup 1302 } 1304 GROUP bfdSessionPerfHCGroup 1305 DESCRIPTION "This group is mandatory for all systems that 1306 are able to support the Counter64 date type." 1308 OBJECT bfdSessSrcAddrType 1309 SYNTAX InetAddressType { unknown(0), ipv4(1), 1310 ipv6(2), ipv6z(4) } 1311 DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) 1312 support are required. ipv4z(3) is not required 1313 and dns(16) is not allowed." 1315 OBJECT bfdSessSrcAddr 1316 SYNTAX InetAddress (SIZE (0|4|16|20)) 1317 DESCRIPTION "An implementation is only required to support 1318 unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." 1320 OBJECT bfdSessDstAddrType 1321 SYNTAX InetAddressType { unknown(0), ipv4(1), 1322 ipv6(2), ipv6z(4) } 1323 DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) 1324 support are required. ipv4z(3) is not required 1325 and dns(16) is not allowed." 1327 OBJECT bfdSessDstAddr 1328 SYNTAX InetAddress (SIZE (0|4|16|20)) 1329 DESCRIPTION "An implementation is only required to support 1330 unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." 1332 OBJECT bfdSessRowStatus 1333 SYNTAX RowStatus { active(1), notInService(2) } 1334 WRITE-SYNTAX RowStatus { active(1), notInService(2), 1335 createAndGo(4), destroy(6) } 1336 DESCRIPTION "Support for createAndWait and notReady is not 1337 required." 1339 ::= { bfdCompliances 1 } 1341 bfdModuleReadOnlyCompliance MODULE-COMPLIANCE 1342 STATUS current 1343 DESCRIPTION 1344 "Compliance requirement for implementations that only 1345 provide read-only support for BFD-MIB. Such devices 1346 can then be monitored but cannot be configured using 1347 this MIB module." 1349 MODULE -- This module. 1351 MANDATORY-GROUPS { 1352 bfdSessionGroup, 1353 bfdSessionReadOnlyGroup, 1354 bfdSessionPerfGroup, 1355 bfdNotificationGroup 1356 } 1358 GROUP bfdSessionPerfHCGroup 1359 DESCRIPTION "This group is mandatory for all systems that 1360 are able to support the Counter64 date type." 1362 OBJECT bfdSessVersionNumber 1363 MIN-ACCESS read-only 1364 DESCRIPTION "Write access is not required." 1366 OBJECT bfdSessType 1367 MIN-ACCESS read-only 1368 DESCRIPTION "Write access is not required." 1370 OBJECT bfdSessDiscriminator 1371 MIN-ACCESS read-only 1372 DESCRIPTION "Write access is not required." 1374 OBJECT bfdSessDestinationUdpPort 1375 MIN-ACCESS read-only 1376 DESCRIPTION "Write access is not required." 1378 OBJECT bfdSessSourceUdpPort 1379 MIN-ACCESS read-only 1380 DESCRIPTION "Write access is not required." 1382 OBJECT bfdSessEchoSourceUdpPort 1383 MIN-ACCESS read-only 1384 DESCRIPTION "Write access is not required." 1386 OBJECT bfdSessAdminStatus 1387 MIN-ACCESS read-only 1388 DESCRIPTION "Write access is not required." 1389 OBJECT bfdSessOperMode 1390 MIN-ACCESS read-only 1391 DESCRIPTION "Write access is not required." 1393 OBJECT bfdSessDemandModeDesiredFlag 1394 MIN-ACCESS read-only 1395 DESCRIPTION "Write access is not required." 1397 OBJECT bfdSessControlPlaneIndepFlag 1398 MIN-ACCESS read-only 1399 DESCRIPTION "Write access is not required." 1401 OBJECT bfdSessMultipointFlag 1402 MIN-ACCESS read-only 1403 DESCRIPTION "Write access is not required." 1405 OBJECT bfdSessInterface 1406 MIN-ACCESS read-only 1407 DESCRIPTION "Write access is not required." 1409 OBJECT bfdSessSrcAddrType 1410 SYNTAX InetAddressType { unknown(0), ipv4(1), 1411 ipv6(2), ipv6z(4) } 1412 MIN-ACCESS read-only 1413 DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) 1414 support are required. ipv4z(3) is not required 1415 and dns(16) is not allowed." 1417 OBJECT bfdSessSrcAddr 1418 SYNTAX InetAddress (SIZE (0|4|16|20)) 1419 MIN-ACCESS read-only 1420 DESCRIPTION "An implementation is only required to support 1421 unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." 1423 OBJECT bfdSessDstAddrType 1424 SYNTAX InetAddressType { unknown(0), ipv4(1), 1425 ipv6(2), ipv6z(4) } 1426 MIN-ACCESS read-only 1427 DESCRIPTION "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4) 1428 support are required. ipv4z(3) is not required 1429 and dns(16) is not allowed." 1431 OBJECT bfdSessDstAddr 1432 SYNTAX InetAddress (SIZE (0|4|16|20)) 1433 MIN-ACCESS read-only 1434 DESCRIPTION "An implementation is only required to support 1435 unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes." 1437 OBJECT bfdSessGTSM 1438 MIN-ACCESS read-only 1439 DESCRIPTION "Write access is not required." 1441 OBJECT bfdSessGTSMTTL 1442 MIN-ACCESS read-only 1443 DESCRIPTION "Write access is not required." 1445 OBJECT bfdSessDesiredMinTxInterval 1446 MIN-ACCESS read-only 1447 DESCRIPTION "Write access is not required." 1449 OBJECT bfdSessReqMinRxInterval 1450 MIN-ACCESS read-only 1451 DESCRIPTION "Write access is not required." 1453 OBJECT bfdSessReqMinEchoRxInterval 1454 MIN-ACCESS read-only 1455 DESCRIPTION "Write access is not required." 1457 OBJECT bfdSessDetectMult 1458 MIN-ACCESS read-only 1459 DESCRIPTION "Write access is not required." 1461 OBJECT bfdSessAuthPresFlag 1462 MIN-ACCESS read-only 1463 DESCRIPTION "Write access is not required." 1465 OBJECT bfdSessAuthenticationType 1466 MIN-ACCESS read-only 1467 DESCRIPTION "Write access is not required." 1469 OBJECT bfdSessAuthenticationKeyID 1470 MIN-ACCESS read-only 1471 DESCRIPTION "Write access is not required." 1473 OBJECT bfdSessAuthenticationKey 1474 MIN-ACCESS read-only 1475 DESCRIPTION "Write access is not required." 1477 OBJECT bfdSessStorageType 1478 MIN-ACCESS read-only 1479 DESCRIPTION "Write access is not required." 1481 OBJECT bfdSessRowStatus 1482 SYNTAX RowStatus { active(1) } 1483 MIN-ACCESS read-only 1484 DESCRIPTION "Write access is not required." 1485 ::= { bfdCompliances 2 } 1487 -- Units of conformance. 1489 bfdSessionGroup OBJECT-GROUP 1490 OBJECTS { 1491 bfdAdminStatus, 1492 bfdOperStatus, 1493 bfdNotificationsEnable, 1494 bfdSessVersionNumber, 1495 bfdSessType, 1496 bfdSessIndexNext, 1497 bfdSessDiscriminator, 1498 bfdSessDestinationUdpPort, 1499 bfdSessSourceUdpPort, 1500 bfdSessEchoSourceUdpPort, 1501 bfdSessAdminStatus, 1502 bfdSessOperStatus, 1503 bfdSessOperMode, 1504 bfdSessDemandModeDesiredFlag, 1505 bfdSessControlPlaneIndepFlag, 1506 bfdSessMultipointFlag, 1507 bfdSessInterface, 1508 bfdSessSrcAddrType, 1509 bfdSessSrcAddr, 1510 bfdSessDstAddrType, 1511 bfdSessDstAddr, 1512 bfdSessGTSM, 1513 bfdSessGTSMTTL, 1514 bfdSessDesiredMinTxInterval, 1515 bfdSessReqMinRxInterval, 1516 bfdSessReqMinEchoRxInterval, 1517 bfdSessDetectMult, 1518 bfdSessAuthPresFlag, 1519 bfdSessAuthenticationType, 1520 bfdSessAuthenticationKeyID, 1521 bfdSessAuthenticationKey, 1522 bfdSessStorageType, 1523 bfdSessRowStatus 1524 } 1525 STATUS current 1526 DESCRIPTION 1527 "Collection of objects needed for BFD sessions." 1528 ::= { bfdGroups 1 } 1530 bfdSessionReadOnlyGroup OBJECT-GROUP 1531 OBJECTS { 1532 bfdSessRemoteDiscr, 1533 bfdSessState, 1534 bfdSessRemoteHeardFlag, 1535 bfdSessDiag, 1536 bfdSessNegotiatedInterval, 1537 bfdSessNegotiatedEchoInterval, 1538 bfdSessNegotiatedDetectMult, 1539 bfdSessDiscMapIndex, 1540 bfdSessIpMapIndex 1541 } 1542 STATUS current 1543 DESCRIPTION 1544 "Collection of read-only objects needed for BFD sessions." 1545 ::= { bfdGroups 2 } 1547 bfdSessionPerfGroup OBJECT-GROUP 1548 OBJECTS { 1549 bfdSessPerfCtrlPktIn, 1550 bfdSessPerfCtrlPktOut, 1551 bfdSessPerfCtrlPktDrop, 1552 bfdSessPerfCtrlPktDropLastTime, 1553 bfdSessPerfEchoPktIn, 1554 bfdSessPerfEchoPktOut, 1555 bfdSessPerfEchoPktDrop, 1556 bfdSessPerfEchoPktDropLastTime, 1557 bfdSessUpTime, 1558 bfdSessPerfLastSessDownTime, 1559 bfdSessPerfLastCommLostDiag, 1560 bfdSessPerfSessUpCount, 1561 bfdSessPerfDiscTime 1562 } 1563 STATUS current 1564 DESCRIPTION 1565 "Collection of objects needed to monitor the 1566 performance of BFD sessions." 1567 ::= { bfdGroups 3 } 1569 bfdSessionPerfHCGroup OBJECT-GROUP 1570 OBJECTS { 1571 bfdSessPerfCtrlPktInHC, 1572 bfdSessPerfCtrlPktOutHC, 1573 bfdSessPerfCtrlPktDropHC, 1574 bfdSessPerfEchoPktInHC, 1575 bfdSessPerfEchoPktOutHC, 1576 bfdSessPerfEchoPktDropHC 1577 } 1579 STATUS current 1580 DESCRIPTION 1581 "Collection of objects needed to monitor the 1582 performance of BFD sessions for which the 1583 values of bfdSessPerfPktIn, bfdSessPerfPktOut 1584 wrap around too quickly." 1585 ::= { bfdGroups 4 } 1587 bfdNotificationGroup NOTIFICATION-GROUP 1588 NOTIFICATIONS { 1589 bfdSessUp, 1590 bfdSessDown 1591 } 1592 STATUS current 1593 DESCRIPTION 1594 "Set of notifications implemented in this 1595 module." 1596 ::= { bfdGroups 5 } 1598 END 1600 6. Security Considerations 1602 As BFD may be tied into the stability of the network infrastructure 1603 (such as routing protocols), the effects of an attack on a BFD 1604 session may be very serious. This ultimately has denial-of-service 1605 effects, as links may be declared to be down (or falsely declared to 1606 be up.) As such, improper manipulation of the objects represented by 1607 this MIB may result in denial of service to a large number of end- 1608 users. 1610 There are a number of management objects defined in this MIB module 1611 with a MAX-ACCESS clause of read-write and/or read-create. Such 1612 objects may be considered sensitive or vulnerable in some network 1613 environments. The support for SET operations in a non-secure 1614 environment without proper protection can have a negative effect on 1615 network operations. These are the tables and objects and their 1616 sensitivity/vulnerability: 1618 o bfdAdminStatus - Improper change of bfdAdminStatus, to 1619 disabled(2), adminDown(3) or down(4), can cause significant 1620 disruption of the connectivity to those portions of the Internet 1621 reached via all the applicable remote BFD peers. 1623 o bfdSessAdminStatus - Improper change of bfdSessAdminStatus, to 1624 disabled(2), adminDown(3) or down(4), can cause significant 1625 disruption of the connectivity to those portions of the Internet 1626 reached via all the applicable remote BFD peers. 1628 o bfdSessDesiredMinTxInterval, bfdSessReqMinRxInterval, 1629 bfdSessReqMinEchoRxInterval, bfdSessDetectMult - Improper change 1630 of this object can cause connections to be disrupted for extremely 1631 long time periods when otherwise they would be restored in a 1632 relatively short period of time. 1634 o Some management objects define the BFD session whilst other 1635 management objects define the parameter of the BFD session. It is 1636 particularly important to control the support for SET access to 1637 those management objects that define the BFD session, as changes 1638 to them can be disruptive. Implementation SHOULD NOT allow 1639 changes to following management objects when bfdSessState is 1640 up(4): 1642 * bfdSessVersionNumber 1644 * bfdSessType 1646 * bfdSessDestinationUdpPort 1648 * bfdSessMultipointFlag 1650 * bfdSessInterface 1652 * bfdSessSrcAddrType 1654 * bfdSessSrcAddr 1656 * bfdSessDstAddrType 1658 * bfdSessDstAddr 1660 There are a number of management objects defined in this MIB module 1661 with a MAX-ACCESS clause of read-write and/or read-create. Such 1662 objects may be considered sensitive or vulnerable in some network 1663 environments. It is thus important to control even GET and/or NOTIFY 1664 access to these objects and possibly to even encrypt the values of 1665 these objects when sending them over the network via SNMP. 1667 o The bfdSessTable may be used to directly configure BFD sessions. 1668 The bfdSessMapTable can be used indirectly in the same way. 1669 Unauthorized access to objects in this table could result in 1670 disruption of traffic on the network. This is especially true if 1671 an unauthorized user configures enough tables to invoke a denial 1672 of service attack on the device where they are configured, or on a 1673 remote device where the sessions terminate. 1675 Some of the readable objects in this MIB module (i.e., objects with a 1676 MAX-ACCESS other than not-accessible) may be considered sensitive or 1677 vulnerable in some network environments. It is thus important to 1678 control even GET and/or NOTIFY access to these objects and possibly 1679 to even encrypt the values of these objects when sending them over 1680 the network via SNMP. These are the tables and objects and their 1681 sensitivity/vulnerability: 1683 o The bfdSessPerfTable both allows access to the performance 1684 characteristics of BFD sessions. Network administrators not 1685 wishing to show this information should consider this table 1686 sensitive. 1688 The bfdSessAuthenticationType, bfdSessAuthenticationKeyID, and 1689 bfdSessAuthenticationKey objects hold security methods and associated 1690 security keys of BFD sessions. These objects SHOULD be considered 1691 highly sensitive objects. In order to prevent this sensitive 1692 information from being improperly accessed, implementers MAY disallow 1693 access to these objects. 1695 SNMP versions prior to SNMPv3 did not include adequate security. 1696 Even if the network itself is secure "for example by using IPSec", 1697 even then, there is no control as to who on the secure network is 1698 allowed to access and GET/SET "read/change/create/delete" the objects 1699 in these MIB modules. 1701 It is RECOMMENDED that implementers consider the security features as 1702 provided by the SNMPv3 framework (see [RFC3410], section 8), 1703 including full support for the SNMPv3 cryptographic mechanisms "for 1704 authentication and privacy". 1706 Further, deployment of SNMP versions prior to SNMPv3 is NOT 1707 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 1708 enable cryptographic security. It is then a customer/operator 1709 responsibility to ensure that the SNMP entity giving access to an 1710 instance of this MIB module, is properly configured to give access to 1711 the objects only to those principals "users" that have legitimate 1712 rights to indeed GET or SET "change/create/delete" them. 1714 7. IANA Considerations 1716 The MIB module in this document uses the following IANA-assigned 1717 OBJECT IDENTIFIER values recorded in the SMI Numbers registry: 1719 Descriptor OBJECT IDENTIFIER value 1720 ---------- ----------------------- 1722 bfdMib { mib-2 XXX } 1724 [RFC-Editor's Note (to be removed prior to publication): the IANA is 1725 requested to assign a value for "XXX" under the 'mib-2' subtree and 1726 to record the assignment in the SMI Numbers registry. When the 1727 assignment has been made, the RFC Editor is asked to replace "XXX" 1728 (here and in the MIB module) with the assigned value and to remove 1729 this note.] 1731 8. Acknowledgments 1733 Authors would like to thank Adrian Farrel and Jeffrey Haas for 1734 performing thorough reviews and providing number of suggestions. 1735 Authors would also like to thank David Ward, Reshad Rahman, David 1736 Toscano, Sylvain Masse, Mark Tooker, Kiran Koushik Agrahara 1737 Sreenivasa, David Black and Bert Wijnen for their comments and 1738 suggestions. 1740 9. References 1742 9.1. Normative References 1744 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1745 Requirement Levels", BCP 14, RFC 2119, March 1997. 1747 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1748 Schoenwaelder, Ed., "Structure of Management Information 1749 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. 1751 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1752 Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD 1753 58, RFC 2579, April 1999. 1755 [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 1756 "Conformance Statements for SMIv2", STD 58, RFC 2580, 1757 April 1999. 1759 [RFC5082] Gill, V., Heasley, J., Meyer, D., Savola, P., and C. 1760 Pignataro, "The Generalized TTL Security Mechanism 1761 (GTSM)", RFC 5082, October 2007. 1763 [RFC5880] Katz, D. and D. Ward, "Bidirectional Forwarding Detection 1764 (BFD)", RFC 5880, June 2010. 1766 [RFC5881] Katz, D. and D. Ward, "Bidirectional Forwarding Detection 1767 (BFD) for IPv4 and IPv6 (Single Hop)", RFC 5881, June 1768 2010. 1770 [RFC5883] Katz, D. and D. Ward, "Bidirectional Forwarding Detection 1771 (BFD) for Multihop Paths", RFC 5883, June 2010. 1773 [RFC7130] Bhatia, M., Chen, M., Boutros, S., Binderberger, M., and 1774 J. Haas, "Bidirectional Forwarding Detection (BFD) on Link 1775 Aggregation Group (LAG) Interfaces", RFC 7130, February 1776 2014. 1778 [I-D.ietf-bfd-tc-mib] 1779 Nadeau, T., Ali, Z., and N. Akiya, "Definitions of Textual 1780 Conventions (TCs) for Bidirectional Forwarding Detection 1781 (BFD) Management", draft-ietf-bfd-tc-mib-07 (work in 1782 progress), April 2014. 1784 9.2. Informative References 1786 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 1787 "Introduction and Applicability Statements for Internet- 1788 Standard Management Framework", RFC 3410, December 2002. 1790 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group 1791 MIB", RFC 2863, June 2000. 1793 [RFC3413] Levi, D., Meyer, P., and B. Stewart, "Simple Network 1794 Management Protocol (SNMP) Applications", STD 62, RFC 1795 3413, December 2002. 1797 [RFC3289] Baker, F., Chan, K., and A. Smith, "Management Information 1798 Base for the Differentiated Services Architecture", RFC 1799 3289, May 2002. 1801 Authors' Addresses 1803 Thomas D. Nadeau 1804 Brocade 1806 EMail: tnadeau@lucidvision.com 1808 Zafar Ali 1809 Cisco Systems 1811 EMail: zali@cisco.com 1813 Nobo Akiya 1814 Cisco Systems 1816 EMail: nobo@cisco.com