idnits 2.17.1 draft-ietf-forces-mib-09.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 16. -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on line 857. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 868. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 875. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 881. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust Copyright Line does not match the current year == The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but does not include the phrase in its RFC 2119 key words list. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (September 9, 2008) is 5698 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFCzzzz' is mentioned on line 227, but not defined Summary: 1 error (**), 0 flaws (~~), 3 warnings (==), 7 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Forwarding and Control Element R. Haas 3 Separation (forces) IBM 4 Internet-Draft September 9, 2008 5 Intended status: Standards Track 6 Expires: March 13, 2009 8 ForCES MIB 9 draft-ietf-forces-mib-09 11 Status of this Memo 13 By submitting this Internet-Draft, each author represents that any 14 applicable patent or other IPR claims of which he or she is aware 15 have been or will be disclosed, and any of which he or she becomes 16 aware will be disclosed, in accordance with Section 6 of BCP 79. 18 Internet-Drafts are working documents of the Internet Engineering 19 Task Force (IETF), its areas, and its working groups. Note that 20 other groups may also distribute working documents as Internet- 21 Drafts. 23 Internet-Drafts are draft documents valid for a maximum of six months 24 and may be updated, replaced, or obsoleted by other documents at any 25 time. It is inappropriate to use Internet-Drafts as reference 26 material or to cite them other than as "work in progress." 28 The list of current Internet-Drafts can be accessed at 29 http://www.ietf.org/ietf/1id-abstracts.txt. 31 The list of Internet-Draft Shadow Directories can be accessed at 32 http://www.ietf.org/shadow.html. 34 This Internet-Draft will expire on March 13, 2009. 36 Abstract 38 This memo defines a Management Information Base (MIB) module for use 39 with network management protocols in the Internet community. In 40 particular, it defines managed objects for the Forwarding and Control 41 Element Separation (ForCES) Network Element (NE). 43 Table of Contents 45 1. Requirements notation . . . . . . . . . . . . . . . . . . . . 3 46 2. The Internet-Standard Management Framework . . . . . . . . . . 3 47 3. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 48 4. ForCES MIB Overview . . . . . . . . . . . . . . . . . . . . . 3 49 5. ForCES MIB Definition . . . . . . . . . . . . . . . . . . . . 5 50 6. Associations kept in the MIB . . . . . . . . . . . . . . . . . 13 51 7. Support for multiple CEs and FEs . . . . . . . . . . . . . . . 13 52 8. Security Considerations . . . . . . . . . . . . . . . . . . . 14 53 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14 54 10. Changes from Previous Draft Revisions . . . . . . . . . . . . 15 55 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 18 56 11.1. Normative References . . . . . . . . . . . . . . . . . . 18 57 11.2. Informative References . . . . . . . . . . . . . . . . . 18 58 Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . . 19 59 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 19 60 Intellectual Property and Copyright Statements . . . . . . . . . . 20 62 1. Requirements notation 64 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 65 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 66 document are to be interpreted as described in [RFC2119]. 68 2. The Internet-Standard Management Framework 70 For a detailed overview of the documents that describe the current 71 Internet-Standard Management Framework, please refer to section 7 of 72 [RFC3410]. 74 Managed objects are accessed via a virtual information store, termed 75 the Management Information Base or MIB. MIB objects are generally 76 accessed through the Simple Network Management Protocol (SNMP). 77 Objects in the MIB are defined using the mechanisms defined in the 78 Structure of Management Information (SMI). This memo specifies a MIB 79 module that is compliant to the SMIv2, which is described in STD 58, 80 [RFC2578], STD 58, [RFC2579] and STD 58, [RFC2580]. 82 3. Introduction 84 The ForCES MIB module is a read-only MIB module that captures 85 information related to the ForCES protocol ([RFC3654], [RFC3746], 86 [forces-applicability-draft] and [forces-protocol-draft]). 88 The ForCES MIB module does not include information that is specified 89 in other MIB modules, such as packet counters for interfaces, etc. 91 More specifically, the information in the ForCES MIB module relative 92 to associations (between Control Elements and Forwarding Elements) 93 that are in the UP state includes: 95 o identifiers of the elements in the association, 97 o configuration parameters of the association, and 99 o statistics of the association. 101 4. ForCES MIB Overview 103 The MIB module contains the latest ForCES protocol version supported 104 by the Control Element (CE) (forcesLatestProtocolVersionSupported). 105 Note that the CE must also allow interaction with Forwarding Elements 106 (FEs) supporting earlier versions. 108 For each association identified by the pair CE ID and FE ID, the 109 following associated information is provided by the MIB module as an 110 entry (forcesAssociationEntry) in the association table 111 (forcesAssociationTable): 113 o Version number of the ForCES protocol running in this association 114 (forcesAssociationRunningProtocolVersion). 116 o Time when the association entered the UP state 117 (forcesAssociationTimeUp). 119 o Time when the association left the UP state 120 (forcesAssociationTimeDown). Note that this is only used for 121 notification purposes as the association is removed from the MIB 122 immediately after it leaves the UP state. 124 o Number of ForCES Heartbeat messages sent from the CE 125 (forcesAssociationHBMsgSent) and received by the CE 126 (forcesAssociationHBMsgReceived) since the association entered the 127 UP state. 129 o Number of operational ForCES messages sent from the CE 130 (forcesAssociationOperMsgSent) and received by the CE 131 (forcesAssociationOperMsgReceived) since the association entered 132 the UP state. Only messages other than Heartbeat, Association 133 Setup, Association Setup Response, and Association Teardown are 134 counted. 136 Finally, the MIB module defines the following notifications: 138 o Whenever an association enters the UP state, a notification 139 (forcesAssociationEntryUp) is issued containing the version of the 140 ForCES protocol running. CE ID and FE ID are concatenated to form 141 the table index, hence they appear in the OID of the ForCES- 142 protocol running-version object. Optionally, a notification 143 (forcesAssociationEntryUpStats) can instead be issued with all 144 associated information for this association, except 145 forcesAssociationTimeDown. 147 o Whenever an association leaves the UP state, a notification 148 (forcesAssociationEntryDown) is issued containing the version of 149 the ForCES protocol running. Optionally, a notification 150 (forcesAssociationEntryDownStats) can instead be issued with all 151 associated information for this association. The reason is that 152 the association and all its associated information will be removed 153 from the MIB immediately after this notification has been issued. 155 5. ForCES MIB Definition 157 FORCES-MIB DEFINITIONS ::= BEGIN 159 IMPORTS 160 MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, 161 mib-2, Integer32 162 FROM SNMPv2-SMI 164 TEXTUAL-CONVENTION, TimeStamp 165 FROM SNMPv2-TC 167 MODULE-COMPLIANCE, OBJECT-GROUP, 168 NOTIFICATION-GROUP 169 FROM SNMPv2-CONF 171 ZeroBasedCounter32 172 FROM RMON2-MIB; 174 forcesMib MODULE-IDENTITY 175 LAST-UPDATED "200809091200Z" -- Sep 9, 2008 176 ORGANIZATION "IETF Forwarding and Control Element 177 Separation (ForCES) Working Group" 178 CONTACT-INFO 179 "WG Charter: 180 http://www.ietf.org/html.charters/forces-charter.html 182 Mailing lists: 183 General Discussion: forces@peach.ease.lsoft.com 184 To Subscribe: listserv@peach.ease.lsoft.com 185 In Body: subscribe forces 187 Chairs: Patrick Droz 188 Email: dro@zurich.ibm.com 189 Jamal Hadi Salim 190 Email: hadi@znyx.com 192 Editor: Robert Haas 193 IBM 194 Email: rha@zurich.ibm.com" 195 DESCRIPTION 196 "This MIB module contains managed object definitions 197 for the ForCES Protocol. 198 Copyright (C) The Internet Trust (2008). This 199 version of this MIB module is part of RFC yyyy; see 200 the RFC itself for full legal notices." 201 -- RFC Ed.: replace yyyy with actual RFC number & remove this note 202 REVISION "200809091200Z" -- Sep 9, 2008 203 DESCRIPTION 204 "Initial version, published as RFC yyyy." 205 -- RFC Ed.: replace yyyy with actual RFC number & remove this note 206 ::= { mib-2 XXX } 207 -- RFC Ed.: replace XXX with IANA-assigned number & remove this note 209 --**************************************************************** 211 forcesMibNotifications OBJECT IDENTIFIER ::= { forcesMib 0 } 212 forcesMibObjects OBJECT IDENTIFIER ::= { forcesMib 1 } 213 forcesMibConformance OBJECT IDENTIFIER ::= { forcesMib 2 } 215 ForcesID ::= TEXTUAL-CONVENTION 216 STATUS current 217 DESCRIPTION 218 "The ForCES identifier is a four octet quantity." 219 SYNTAX OCTET STRING (SIZE (4)) 221 ForcesProtocolVersion ::= TEXTUAL-CONVENTION 222 STATUS current 223 DESCRIPTION 224 "ForCES protocol version number. 225 The version numbers used are defined in the 226 specifications of the respective protocol: 227 1 - ForCESv1 [RFCzzzz]." 228 -- RFC Ed.: replace zzzz with actual RFC number of ForCES protocol 229 -- & remove this note 231 SYNTAX Integer32 (1..255) 232 DISPLAY-HINT "d" 234 -- Notifications 236 forcesAssociationEntryUp NOTIFICATION-TYPE 237 OBJECTS { 238 forcesAssociationRunningProtocolVersion 239 } 240 STATUS current 241 DESCRIPTION 242 "This notification is generated as soon 243 as an association enters the UP state. 244 Note that these notifications are not 245 throttled as the CE itself should 246 throttle the setup of associations." 247 ::= { forcesMibNotifications 1 } 249 forcesAssociationEntryDown NOTIFICATION-TYPE 250 OBJECTS { 251 forcesAssociationRunningProtocolVersion 252 } 253 STATUS current 254 DESCRIPTION 255 "This notification is generated as soon 256 as an association leaves the UP state. 257 Note that these notifications are not 258 throttled as the CE itself should 259 throttle the setup of associations." 260 ::= { forcesMibNotifications 2 } 262 forcesAssociationEntryUpStats NOTIFICATION-TYPE 263 OBJECTS { 264 forcesAssociationRunningProtocolVersion, 265 forcesAssociationTimeUp 266 } 267 STATUS current 268 DESCRIPTION 269 "This notification is generated as soon 270 as an association enters the UP state. 271 Note that these notifications are not 272 throttled as the CE itself should 273 throttle the setup of associations." 274 ::= { forcesMibNotifications 3 } 276 forcesAssociationEntryDownStats NOTIFICATION-TYPE 277 OBJECTS { 278 forcesAssociationRunningProtocolVersion, 279 forcesAssociationTimeUp, 280 forcesAssociationTimeDown, 281 forcesAssociationHBMsgSent, 282 forcesAssociationHBMsgReceived, 283 forcesAssociationOperMsgSent, 284 forcesAssociationOperMsgReceived, 285 forcesAssociationCounterDiscontinuityTime 286 } 287 STATUS current 288 DESCRIPTION 289 "This notification is generated as soon 290 as an association leaves the UP state. 291 Note that these notifications are not 292 throttled as the CE itself should 293 throttle the setup of associations." 294 ::= { forcesMibNotifications 4 } 296 -- Objects 297 forcesLatestProtocolVersionSupported OBJECT-TYPE 298 SYNTAX ForcesProtocolVersion 299 MAX-ACCESS read-only 300 STATUS current 301 DESCRIPTION 302 "The ForCES protocol version supported by the CE. 303 The current protocol version is 1. 304 Note that the CE must also allow interaction 305 with FEs supporting earlier versions." 306 ::= { forcesMibObjects 1 } 308 forcesAssociations OBJECT IDENTIFIER ::= { forcesMibObjects 2 } 310 forcesAssociationTable OBJECT-TYPE 311 SYNTAX SEQUENCE OF ForcesAssociationEntry 312 MAX-ACCESS not-accessible 313 STATUS current 314 DESCRIPTION 315 "The (conceptual) table of associations." 316 ::= { forcesAssociations 1 } 318 forcesAssociationEntry OBJECT-TYPE 319 SYNTAX ForcesAssociationEntry 320 MAX-ACCESS not-accessible 321 STATUS current 322 DESCRIPTION 323 "A (conceptual) entry for one association." 324 INDEX { forcesAssociationCEID, forcesAssociationFEID } 325 ::= { forcesAssociationTable 1 } 327 ForcesAssociationEntry ::= SEQUENCE { 328 forcesAssociationCEID ForcesID, 329 forcesAssociationFEID ForcesID, 331 forcesAssociationRunningProtocolVersion 332 ForcesProtocolVersion, 334 forcesAssociationTimeUp TimeStamp, 335 forcesAssociationTimeDown TimeStamp, 337 forcesAssociationHBMsgSent ZeroBasedCounter32, 338 forcesAssociationHBMsgReceived ZeroBasedCounter32, 339 forcesAssociationOperMsgSent ZeroBasedCounter32, 340 forcesAssociationOperMsgReceived ZeroBasedCounter32, 341 forcesAssociationCounterDiscontinuityTime TimeStamp 342 } 344 forcesAssociationCEID OBJECT-TYPE 345 SYNTAX ForcesID 346 MAX-ACCESS not-accessible 347 STATUS current 348 DESCRIPTION 349 "The ForCES ID of the CE." 350 ::= { forcesAssociationEntry 1 } 352 forcesAssociationFEID OBJECT-TYPE 353 SYNTAX ForcesID 354 MAX-ACCESS not-accessible 355 STATUS current 356 DESCRIPTION 357 "The ForCES ID of the FE." 358 ::= { forcesAssociationEntry 2 } 360 forcesAssociationRunningProtocolVersion OBJECT-TYPE 361 SYNTAX ForcesProtocolVersion 362 MAX-ACCESS read-only 363 STATUS current 364 DESCRIPTION 365 "The current ForCES protocol version used in this 366 association. 367 The current protocol version is 1." 368 ::= { forcesAssociationEntry 3 } 370 forcesAssociationTimeUp OBJECT-TYPE 371 SYNTAX TimeStamp 372 MAX-ACCESS read-only 373 STATUS current 374 DESCRIPTION 375 "The value of sysUpTime at the time this 376 association entered the UP state. 377 If this association started prior to the last 378 initialization of the network subsystem, then 379 this object contains a zero value. 380 This object allows to uniquely identify 381 associations with the same CE and FE IDs." 382 ::= { forcesAssociationEntry 4 } 384 forcesAssociationTimeDown OBJECT-TYPE 385 SYNTAX TimeStamp 386 MAX-ACCESS accessible-for-notify 387 STATUS current 388 DESCRIPTION 389 "The value of sysUpTime at the time this 390 association left the UP state." 391 ::= { forcesAssociationEntry 5 } 393 forcesAssociationHBMsgSent OBJECT-TYPE 394 SYNTAX ZeroBasedCounter32 395 MAX-ACCESS read-only 396 STATUS current 397 DESCRIPTION 398 "A counter of how many heartbeat messages have 399 have been sent by the CE on this association 400 since the association entered the UP state. 401 Discontinuities in the value of this counter 402 can occur at re-initialization of the management 403 system, and at other times as indicated by the 404 value of forcesAssociationCounterDiscontinuityTime." 405 ::= { forcesAssociationEntry 6 } 407 forcesAssociationHBMsgReceived OBJECT-TYPE 408 SYNTAX ZeroBasedCounter32 409 MAX-ACCESS read-only 410 STATUS current 411 DESCRIPTION 412 "A counter of how many heartbeat messages 413 have been received by the CE on this association 414 since the association entered the UP state. 415 Discontinuities in the value of this counter 416 can occur at re-initialization of the management 417 system, and at other times as indicated by the 418 value of forcesAssociationCounterDiscontinuityTime." 419 ::= { forcesAssociationEntry 7 } 421 forcesAssociationOperMsgSent OBJECT-TYPE 422 SYNTAX ZeroBasedCounter32 423 MAX-ACCESS read-only 424 STATUS current 425 DESCRIPTION 426 "A counter of how many messages other than 427 heartbeat (i.e., config and query) 428 have been sent by the CE on this association 429 since the association entered the UP state. 430 Discontinuities in the value of this counter 431 can occur at re-initialization of the management 432 system, and at other times as indicated by the 433 value of forcesAssociationCounterDiscontinuityTime." 434 ::= { forcesAssociationEntry 8 } 436 forcesAssociationOperMsgReceived OBJECT-TYPE 437 SYNTAX ZeroBasedCounter32 438 MAX-ACCESS read-only 439 STATUS current 440 DESCRIPTION 441 "A counter of how many messages other than 442 heartbeat (i.e., config response, query response, 443 event notification, and packet redirect) 444 have been received by the CE on this association 445 since the association entered the UP state. 446 Discontinuities in the value of this counter 447 can occur at re-initialization of the management 448 system, and at other times as indicated by the 449 value of forcesAssociationCounterDiscontinuityTime." 450 ::= { forcesAssociationEntry 9 } 452 forcesAssociationCounterDiscontinuityTime OBJECT-TYPE 453 SYNTAX TimeStamp 454 MAX-ACCESS read-only 455 STATUS current 456 DESCRIPTION 457 "The value of sysUpTime on the most recent occasion 458 at which any one or more of this association's 459 counters suffered a discontinuity. The relevant 460 counters are the specific instances associated with 461 this association of any ZeroBasedCounter32 object 462 contained in the forcesAssociationTable. If no 463 such discontinuities have occured since the last 464 reinitialization of the local management subsystem, 465 then this object contains a zero value." 466 ::= { forcesAssociationEntry 10 } 468 -- Conformance 470 forcesMibCompliances OBJECT IDENTIFIER 471 ::= { forcesMibConformance 1 } 472 forcesMibGroups OBJECT IDENTIFIER 473 ::= { forcesMibConformance 2 } 475 -- Compliance statements 477 forcesMibCompliance MODULE-COMPLIANCE 478 STATUS current 479 DESCRIPTION 480 "The compliance statement for routers running ForCES and 481 implementing the ForCES MIB." 482 MODULE -- this module 483 MANDATORY-GROUPS { forcesMibGroup, forcesNotificationGroup } 485 GROUP forcesNotificationStatsGroup 486 DESCRIPTION 487 "Implementation of this group is recommended." 489 GROUP forcesStatsGroup 490 DESCRIPTION 491 "Implementation of this group is recommended." 493 ::= { forcesMibCompliances 1 } 495 -- Units of conformance 497 forcesNotificationGroup NOTIFICATION-GROUP 498 NOTIFICATIONS { forcesAssociationEntryUp, 499 forcesAssociationEntryDown 500 } 501 STATUS current 502 DESCRIPTION 504 "A collection of notifications for signaling important 505 ForCES events." 506 ::= { forcesMibGroups 1 } 508 forcesMibGroup OBJECT-GROUP 509 OBJECTS { forcesLatestProtocolVersionSupported, 510 forcesAssociationRunningProtocolVersion 511 } 512 STATUS current 513 DESCRIPTION 514 "A collection of objects to support management of ForCES 515 routers." 516 ::= { forcesMibGroups 2 } 518 forcesNotificationStatsGroup NOTIFICATION-GROUP 519 NOTIFICATIONS { forcesAssociationEntryUpStats, 520 forcesAssociationEntryDownStats 521 } 522 STATUS current 523 DESCRIPTION 525 "A collection of optional notifications for signaling 526 important ForCES events including statistics." 527 ::= { forcesMibGroups 3 } 529 forcesStatsGroup OBJECT-GROUP 530 OBJECTS { forcesAssociationTimeUp, 531 forcesAssociationTimeDown, 532 forcesAssociationHBMsgSent, 533 forcesAssociationHBMsgReceived, 534 forcesAssociationOperMsgSent, 535 forcesAssociationOperMsgReceived, 536 forcesAssociationCounterDiscontinuityTime 537 } 538 STATUS current 539 DESCRIPTION 540 "A collection of optional objects to provide extra 541 information about the associations. There is no protocol 542 reason to keep such information, but these objects can 543 be very useful in debugging connectivity problems." 544 ::= { forcesMibGroups 4} 546 END 548 6. Associations kept in the MIB 550 Associations enter the UP state as soon as the CE has sent to the FE 551 an Association Setup Response message containing a successful 552 Association Setup Result. Only associations that are UP are 553 reflected in this MIB module. 555 Associations are removed from the MIB module as soon as they leave 556 the UP state, i.e., if the CE has not received any message (Heartbeat 557 or other protocol message) from the FE within a given time period or 558 if an Association Teardown message has been sent by the CE. 560 Statistics counters are initialized to zero when the association is 561 created. If the same association goes down and comes back up, the 562 counters will reset and the discontinuity can be discovered by 563 checking the discontinuity timestamp. In addition, the time-up 564 timestamp in the association allows to distinguish new associations 565 from past ones with the same index. Note that the optional down 566 notification contains the statistics with the final values of the 567 statistics counters. 569 7. Support for multiple CEs and FEs 571 An NE consists of one or more FEs and one or more CEs. Where there 572 is a single CE, that CE will have knowledge of all the associations 573 in the NE and so can provide the information necessary to support the 574 managed objects defined in this MIB module. Where there is more than 575 one CE, information about the associations may be distributed among 576 the CEs. Whether each CE implements the managed objects for the 577 associations of which it is aware or whether the CEs cooperate to 578 present the appearance of a single set of managed objects for all the 579 associations in the NE is outside the scope of this document. 581 8. Security Considerations 583 There are no management objects defined in this MIB module that have 584 a MAX-ACCESS clause of read-write and/or read-create. So, if this 585 MIB module is implemented correctly, then there is no risk that an 586 intruder can alter or create any management objects of this MIB 587 module via direct SNMP SET operations. 589 Some of the readable objects in this MIB module (i.e., objects with a 590 MAX-ACCESS other than not-accessible) may be considered sensitive or 591 vulnerable in some network environments. It is thus important to 592 control even GET and/or NOTIFY access to these objects and possibly 593 to even encrypt the values of these objects when sending them over 594 the network via SNMP. These are the tables and objects and their 595 sensitivity/vulnerability: 597 o Objects in the forcesMibGroup are protocol versions. They are 598 neither sensitive nor vulnerable. 600 o Objects in the forcesStatsGroup are statistics. They are neither 601 sensitive nor vulnerable. 603 SNMP versions prior to SNMPv3 did not include adequate security. 604 Even if the network itself is secure (for example by using IPsec), 605 even then, there is no control as to who on the secure network is 606 allowed to access and GET/SET (read/change/create/delete) the objects 607 in this MIB module. 609 It is RECOMMENDED that implementers consider the security features as 610 provided by the SNMPv3 framework (see [RFC3410], section 8), 611 including full support for the SNMPv3 cryptographic mechanisms (for 612 authentication and privacy). 614 Further, deployment of SNMP versions prior to SNMPv3 is NOT 615 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 616 enable cryptographic security. It is then a customer/operator 617 responsibility to ensure that the SNMP entity giving access to an 618 instance of this MIB module is properly configured to give access to 619 the objects only to those principals (users) that have legitimate 620 rights to indeed GET or SET (change/create/delete) them. 622 9. IANA Considerations 624 The MIB module in this document uses the following IANA-assigned 625 OBJECT IDENTIFIER values recorded in the SMI Numbers registry: 627 Descriptor OBJECT IDENTIFIER value 628 ---------- ----------------------- 630 forcesMIB { mib-2 XXX } 632 Editor's Note (to be removed prior to publication): the IANA is 633 requested to assign a value for "XXX" under the 'mib-2' subtree and 634 to record the assignment in the SMI Numbers registry. When the 635 assignment has been made, the RFC Editor is asked to replace "XXX" 636 (here and in the MIB module) with the assigned value and to remove 637 this note. 639 10. Changes from Previous Draft Revisions 641 Editor's Note (to be removed prior to publication): Prior to RFC 642 publication of this document, the RFC Editor is asked to remove this 643 entire section titled "Changes from Previous Draft Versions". 645 Changes from draft-ietf-forces-mib-08: 647 o Changed the MIB objects forcesAssociationOtherMsgSent and 648 forcesAssociationOtherMsgReceived to forcesAssociationOperMsgSent 649 and forcesAssociationOperMsgReceived as they are not all other 650 messages besides HB (comment from the General Area Review Team). 652 o Changed MIB counter objects forcesAssociationHBMsgSent, 653 forcesAssociationHBMsgReceived, forcesAssociationOperMsgSent, and 654 forcesAssociationOperMsgReceived from Counter32 to 655 ZeroBasedCounter32 (comment from Bert Wijnen). Adapted the 656 paragraph about statistics counters in section "Associations kept 657 in the MIB" 659 o Introduced a MIB object forcesAssociationCounterDiscontinuityTime, 660 and added it to the forcesAssociationEntry as well as to the 661 forcesAssociationEntryDownStats notification and the 662 forcesStatsGroup compliance group. Added text on discontinuity 663 for all counter objects. 665 o Removed MIB counters from the forcesAssociationEntryUpStats 666 notification, as passing now zero values is useless. 668 Changes from draft-ietf-forces-mib-07: They are editorial changes 669 made as suggested by the General Area Review Team. 671 Changes from draft-ietf-forces-mib-06: 673 o Informational RFCs 3654 and 3746 moved to Informative References 674 section. 676 o Updated chairs' names in the MIB description. 678 o Update references to protocol and applicability drafts. 680 o Reversed the order of the two first sentences in section 681 "Associations kept in the MIB" 683 Changes from draft-ietf-forces-mib-05: Copyright statement in the MIB 684 description corrected to IETF Trust. 686 Changes from draft-ietf-forces-mib-04. They are changes suggested by 687 the MIB doctor review, according to the MIB Review Checklist in 688 Appendix A of RFC 4181: 690 o Changed MIB descriptions with "since the association entered the 691 UP state" instead of "since the association is up". 693 o Updated the I-D boilerplate copyright statement. 695 o Removed last sentence of abstract. 697 o Moved the MIB boilerplate into a section of its own. 699 o Moved the MIB definition into a section of its own. 701 o Updated the Security Considerations section according to the 702 boilerplate at http://www.ops.ietf.org/mib-security.html. 704 o Updated the MIB description with the copyright statement. 706 o Added DISPLAY-HINT to the ForCESProtocolVersion. Note that the 707 smilint tool doesn't like it. 709 o Added IETF to the MODULE-IDENTITY ORGANIZATION. 711 o Updated CONTACT-INFO to indicate how to reach the group. 713 o Changed forcesAssocationTimeDown MAX-ACCESS to accessible-for- 714 notify. 716 o Added text to DESCRIPTION of forcesAssociationTimeUp to indicate 717 that it allows to uniquely identify associations with the same FE 718 and CE IDs. 720 o Added two optional notifications that carry stats and added 721 corresponding text in the last paragraph of section titled 722 "Associations kept in the MIB". The reason is that optional 723 objects such as stats in a mandatory notification are not 724 supported. 726 Changes from draft-ietf-forces-mib-03. They are small fixes to the 727 text and the MIB module: 729 o Added MIB boilerplate according to 730 http://www.ops.ietf.org/mib-boilerplate.html 732 o Clarified terminology with respect to MIB module and MIB managed 733 objects. 735 o Added RFC Editor note to indicate RFC number for version 1 of 736 ForCES protocol under ForcesProtocolVersion. 738 o Renumbered elements in forcesAssociationEntry starting with 1. 740 o Changed ForcesProtocolVersion from INTEGER to Integer32. 742 o Added forcesLatestProtocolVersionSupported into the mandatory 743 forcesMibGroups conformance group. 745 o Explicitely added the forcesStatsGroup to the forcesMibCompliance 746 compliance statement as optional. 748 o Moved the MIB Definition section to the front. 750 o Rephrased IANA Considerations section according to RFC 4181 751 Section 3.5.2. 753 o Added RFC Editor note to remove the "Changes from Previous Draft 754 Revisions" section prior to publication. 756 Changes from draft-ietf-forces-mib-02. They are refinements of the 757 MIB module: 759 o Changed forcesAssociationCEID and forcesAssociationFEID from read- 760 only to not-accessible to conform with Section 7.7 in [RFC2578]. 762 o Removed forcesAssociationCEID and forcesAssociationFEID from the 763 notifications. This information is conveyed in the OID anyway. 765 o Added MIB conformance information. 767 Changes from draft-ietf-forces-mib-01. The changes are in response 768 to the Working Group Last Call: 770 o Addition of two traps/notifications to signal the associations 771 that enter or leave the UP state. 773 o Suppression of the DOWN and ESTABLISHING states. Only 774 associations in the UP state are kept in the table. 776 o Split of the Message counters into Heartbeat and other messages. 778 o Addition of the current running version of ForCES protocol for 779 each association in the UP state. 781 o Addition of the latest version of the ForCES protocol supported by 782 the CE. 784 11. References 786 11.1. Normative References 788 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 789 Requirement Levels", BCP 14, RFC 2119, March 1997. 791 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 792 Schoenwaelder, Ed., "Structure of Management Information 793 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. 795 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 796 Schoenwaelder, Ed., "Textual Conventions for SMIv2", 797 STD 58, RFC 2579, April 1999. 799 [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 800 "Conformance Statements for SMIv2", STD 58, RFC 2580, 801 April 1999. 803 [forces-protocol-draft] 804 Doria, A., Haas, R., Hadi Salim, J., Khosravi, H., and W. 805 Wang, "ForCES Protocol Specification", ID Document: 806 draft-ietf-forces-protocol-15.txt, August 2008. 808 11.2. Informative References 810 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 811 "Introduction and Applicability Statements for Internet- 812 Standard Management Framework", RFC 3410, December 2002. 814 [RFC3654] Khosravi, H. and T. Anderson, "Requirements for Separation 815 of IP Control and Forwarding", RFC 3654, November 2003. 817 [RFC3746] Yang, L., Dantu, R., Anderson, T., and R. Gopal, 818 "Forwarding and Control Element Separation (ForCES) 819 Framework", RFC 3746, April 2004. 821 [forces-applicability-draft] 822 Crouch, A., Khosravi, H., Handley, M., and A. Doria, 823 "ForCES Applicability Statement", ID Document: 824 draft-ietf-forces-applicability-05.txt, July 2006. 826 Appendix A. Acknowledgments 828 The author gratefully acknowledges the contributions of: Jinrong 829 Fenggen, John Flick, Xiaoyi Guo, Joel Halpern, Tom Petch, and Jamal 830 Hadi Salim. 832 Author's Address 834 Robert Haas 835 IBM 836 Saeumerstrasse 4 837 Rueschlikon 8803 838 CH 840 Email: rha@zurich.ibm.com 841 URI: http://www.zurich.ibm.com/~rha 843 Full Copyright Statement 845 Copyright (C) The IETF Trust (2008). 847 This document is subject to the rights, licenses and restrictions 848 contained in BCP 78, and except as set forth therein, the authors 849 retain all their rights. 851 This document and the information contained herein are provided on an 852 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 853 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND 854 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS 855 OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF 856 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 857 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 859 Intellectual Property 861 The IETF takes no position regarding the validity or scope of any 862 Intellectual Property Rights or other rights that might be claimed to 863 pertain to the implementation or use of the technology described in 864 this document or the extent to which any license under such rights 865 might or might not be available; nor does it represent that it has 866 made any independent effort to identify any such rights. Information 867 on the procedures with respect to rights in RFC documents can be 868 found in BCP 78 and BCP 79. 870 Copies of IPR disclosures made to the IETF Secretariat and any 871 assurances of licenses to be made available, or the result of an 872 attempt made to obtain a general license or permission for the use of 873 such proprietary rights by implementers or users of this 874 specification can be obtained from the IETF on-line IPR repository at 875 http://www.ietf.org/ipr. 877 The IETF invites any interested party to bring to its attention any 878 copyrights, patents or patent applications, or other proprietary 879 rights that may cover technology that may be required to implement 880 this standard. Please address the information to the IETF at 881 ietf-ipr@ietf.org.