idnits 2.17.1 draft-ietf-idr-bgp4-mib-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document is more than 15 pages and seems to lack a Table of Contents. == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 27 longer pages, the longest (page 21) being 68 lines == It seems as if not all pages are separated by form feeds - found 0 form feeds but 30 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 7 instances of too long lines in the document, the longest one being 34 characters in excess of 72. ** There are 15 instances of lines with control characters in the document. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (December 2000) is 8534 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 1771 (ref. '1') (Obsoleted by RFC 4271) ** Obsolete normative reference: RFC 2271 (ref. '3') (Obsoleted by RFC 2571) ** Downref: Normative reference to an Informational RFC: RFC 1215 (ref. '6') ** Obsolete normative reference: RFC 1902 (ref. '7') (Obsoleted by RFC 2578) ** Obsolete normative reference: RFC 1903 (ref. '8') (Obsoleted by RFC 2579) ** Obsolete normative reference: RFC 1904 (ref. '9') (Obsoleted by RFC 2580) ** Downref: Normative reference to an Historic RFC: RFC 1157 (ref. '10') ** Downref: Normative reference to an Historic RFC: RFC 1901 (ref. '11') ** Obsolete normative reference: RFC 1906 (ref. '12') (Obsoleted by RFC 3417) ** Obsolete normative reference: RFC 2272 (ref. '13') (Obsoleted by RFC 2572) ** Obsolete normative reference: RFC 2274 (ref. '14') (Obsoleted by RFC 2574) ** Obsolete normative reference: RFC 1905 (ref. '15') (Obsoleted by RFC 3416) ** Obsolete normative reference: RFC 2273 (ref. '16') (Obsoleted by RFC 2573) ** Obsolete normative reference: RFC 2275 (ref. '17') (Obsoleted by RFC 2575) Summary: 23 errors (**), 0 flaws (~~), 4 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group S. Hares 3 INTERNET DRAFT NextHop 4 J. Haas 5 NextHop 6 S. Willis 7 Argon Networks 8 J. Burruss 9 WinData 10 J. Chu 11 Cosine 12 December 2000 14 Definitions of Managed Objects 16 for the Fourth Version of Border Gateway Protocol (BGP-4) 18 20 Status of this Memo 22 This document is an Internet-Draft and is in full conformance with 23 all provisions of Section 10 of RFC 2026. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF), its areas, and its working groups. Note that 27 other groups may also distribute working documents as Internet- 28 Drafts. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet- Drafts as reference 33 material or to cite them other than as "work in progress." 35 The list of current Internet-Drafts can be accessed at 36 http://www.ietf.org/ietf/1id-abstracts. 38 The list of Internet-Draft Shadow Directories can be accessed at 39 http://www.ietf.org/shadow.html. 41 Copyright Notice 43 Copyright (C) The Internet Society (1999). All Rights Reserved. 45 Abstract 47 This memo is an extension to the SNMP MIB. It specifies an IAB 48 standards track protocol for the Internet community, and requests 49 discussion and suggestions for improvements. The origin of this memo 50 is from RFC 1269 "Definitions of Managed Objects for the Border 51 Gateway Protocol (Version 3)", which was updated to support BGP-4 in 52 RFC 1657. This memo fixes errors introduced when the MIB was 53 converted to use the SNMPv2 SMI, as well as updates references to the 54 current SNMP framework documents. 56 Distribution of this memo is unlimited. Please forward comments to 57 idr@merit.net. 59 1. Introduction 61 This memo defines a portion of the Management Information Base (MIB) 62 for use with network management protocols in the Internet community. 63 In particular, it describes managed objects used for managing the 64 Border Gateway Protocol Version 4 or lower [1, 2]. 66 2. The SNMP Network Management Framework 68 The SNMP Management Framework presently consists of five major 69 components: 71 o An overall architecture, described in RFC 2271 [3]. 73 o bgp Mechanisms for describing and naming objects and events for 74 the purpose of management. The first version of this 75 Structure of Management Information (SMI) is called SMIv1 and 76 described in RFC 1155 [4], RFC 1212 [5] and RFC 1215 [6]. The 77 second version, called SMIv2, is described in RFC 1902 [7], 78 RFC 1903 [8] and RFC 1904 [9]. 80 o Message protocols for transferring management information. 81 The first version of the SNMP message protocol is called 82 SNMPv1 and described in RFC 1157 [10]. A second version of 83 the SNMP message protocol, which is not an Internet standards 84 track protocol, is called SNMPv2c and described in RFC 1901 85 [11] and RFC 1906 [12]. The third version of the message 86 protocol is called SNMPv3 and described in RFC 1906 [12], RFC 87 2272 [13] and RFC 2274 [14]. 89 o Protocol operations for accessing management information. The 90 first set of protocol operations and associated PDU formats 91 is described in RFC 1157 [10]. A second set of protocol 92 operations and associated PDU formats is described in RFC 93 1905 [15]. 95 o A set of fundamental applications described in RFC 2273 [16] 96 and the view-based access control mechanism described in RFC 97 2275 [17]. 99 Managed objects are accessed via a virtual information store, termed 100 the Management Information Base or MIB. Objects in the MIB are 101 defined using the mechanisms defined in the SMI. 103 This memo specifies a MIB module that is compliant to the SMIv2. A 104 MIB conforming to the SMIv1 can be produced through the appropriate 105 translations. The resulting translated MIB must be semantically 106 equivalent, except where objects or events are omitted because no 107 translation is possible (use of Counter64). Some machine readable 108 information in SMIv2 will be converted into textual descriptions in 109 SMIv1 during the translation process. However, this loss of machine 110 readable information is not considered to change the semantics of the 111 MIB. 113 3. Object Definitions 115 Managed objects are accessed via a virtual information store, termed 116 the Management Information Base or MIB. Objects in the MIB are 117 defined using the subset of Abstract Syntax Notation One (ASN.1) 118 defined in the SMI. In particular, each object type is named by an 119 OBJECT IDENTIFIER, an administratively assigned name. The object 120 type together with an object instance serves to uniquely identify a 121 specific instantiation of the object. For human convenience, we 122 often use a textual string, termed the descriptor, to refer to the 123 object type. 125 4. Overview 127 These objects are used to control and manage a BGP-4 implementation. 129 Apart from a few system-wide scalar objects, this MIB is broken into 130 three tables: the BGP Peer Table, the BGP Received Path Attribute 131 Table, and the BGP-4 Received Path Attribute Table. The BGP Peer 132 Table contains information about state and current activity of 133 connections with the BGP peers. The Received Path Attribute Table 134 contains path attributes received from all peers running BGP version 135 3 or less. The BGP-4 Received Path Attribute Table contains path 136 attributes received from all BGP-4 peers. The actual attributes used 137 in determining a route are a subset of the received attribute tables 138 after local routing policy has been applied. 140 5. Definitions 142 BGP4-MIB DEFINITIONS ::= BEGIN 144 IMPORTS 145 MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, 146 IpAddress, Integer32, Counter32, Gauge32, mib-2 147 FROM SNMPv2-SMI 148 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP 149 FROM SNMPv2-CONF; 151 bgp MODULE-IDENTITY 152 LAST-UPDATED "0012100000Z" 153 ORGANIZATION "IETF IDR Working Group" 154 CONTACT-INFO "E-mail: idr@merit.net 156 Susan Hares (Editor) 157 517 W. William Street 158 Ann Arbor, MI 48103-4943 159 Tel: +1 734 936 2095 160 Fax: +1 734 615-3241 161 E-mail: skh@nexthop.com" 163 DESCRIPTION 164 "The MIB module for BGP-4." 165 REVISION "0012100000Z" 166 DESCRIPTION 167 "Corrected duplicate OBJECT IDENTIFIER 168 assignment in the conformance information." 169 REVISION "9601080000Z" 170 DESCRIPTION 171 "1) Fixed the definitions of the traps to 172 make them equivalent to their initial 173 definition in RFC 1269. 174 2) Added compliance and conformance info. 175 3) Updated for latest BGP information 176 draft-ietf-idr-bgp4-10.txt for value of 177 bgpPeerNegotiatedVersion, bgp4PathAttrLocalPref, 178 bgp4PathAttrCalcLocalPref,bgp4PathAttrMultiExitDisc, 179 bgp4PathAttrASPathSegement." 181 ::= { mib-2 15 } 183 bgpVersion OBJECT-TYPE 184 SYNTAX OCTET STRING (SIZE (1..32)) --- change to match draft 185 MAX-ACCESS read-only 186 STATUS current 187 DESCRIPTION 188 "Vector of supported BGP protocol version 189 numbers. Each peer negotiates the version 190 from this vector. Versions are identified 191 via the string of bits contained within this 192 object. The first octet contains bits 0 to 193 7, the second octet contains bits 8 to 15, 194 and so on, with the most significant bit 195 referring to the lowest bit number in the 196 octet (e.g., the MSB of the first octet 197 refers to bit 0). If a bit, i, is present 198 and set, then the version (i+1) of the BGP 199 is supported." 200 ::= { bgp 1 } 202 bgpLocalAs OBJECT-TYPE 203 SYNTAX INTEGER (0..65535) 204 MAX-ACCESS read-only 205 STATUS current 206 DESCRIPTION 207 "The local autonomous system number." 208 ::= { bgp 2 } 210 -- BGP Peer table. This table contains, one entry per BGP 211 -- peer, information about the BGP peer. 213 bgpPeerTable OBJECT-TYPE 214 SYNTAX SEQUENCE OF BgpPeerEntry 215 MAX-ACCESS not-accessible 216 STATUS current 217 DESCRIPTION 218 "BGP peer table. This table contains, 219 one entry per BGP peer, information about the 220 connections with BGP peers." 221 ::= { bgp 3 } 223 bgpPeerEntry OBJECT-TYPE 224 SYNTAX BgpPeerEntry 225 MAX-ACCESS not-accessible 226 STATUS current 227 DESCRIPTION 228 "Entry containing information about the 229 connection with a BGP peer." 230 INDEX { bgpPeerRemoteAddr } 231 ::= { bgpPeerTable 1 } 233 BgpPeerEntry ::= SEQUENCE { 234 bgpPeerIdentifier 235 IpAddress, 236 bgpPeerState 237 INTEGER, 238 bgpPeerAdminStatus 239 INTEGER, 240 bgpPeerNegotiatedVersion 241 Integer32, 242 bgpPeerLocalAddr 243 IpAddress, 244 bgpPeerLocalPort 245 INTEGER, 246 bgpPeerRemoteAddr 247 IpAddress, 248 bgpPeerRemotePort 249 INTEGER, 250 bgpPeerRemoteAs 251 INTEGER, 252 bgpPeerInUpdates 253 Counter32, 254 bgpPeerOutUpdates 255 Counter32, 256 bgpPeerInTotalMessages 257 Counter32, 258 bgpPeerOutTotalMessages 259 Counter32, 260 bgpPeerLastError 261 OCTET STRING, 262 bgpPeerFsmEstablishedTransitions 263 Counter32, 264 bgpPeerFsmEstablishedTime 265 Gauge32, 266 bgpPeerConnectRetryInterval 267 INTEGER, 268 bgpPeerHoldTime 269 INTEGER, 270 bgpPeerKeepAlive 271 INTEGER, 272 bgpPeerHoldTimeConfigured 273 INTEGER, 274 bgpPeerKeepAliveConfigured 275 INTEGER, 276 bgpPeerMinASOriginationInterval 277 INTEGER, 278 bgpPeerMinRouteAdvertisementInterval 279 INTEGER, 280 bgpPeerInUpdateElapsedTime 281 Gauge32 282 } 284 bgpPeerIdentifier OBJECT-TYPE 285 SYNTAX IpAddress 286 MAX-ACCESS read-only 287 STATUS current 288 DESCRIPTION 289 "The BGP Identifier of this entry's BGP peer." 290 ::= { bgpPeerEntry 1 } 292 bgpPeerState OBJECT-TYPE 293 SYNTAX INTEGER { 294 idle(1), 295 connect(2), 296 active(3), 297 opensent(4), 298 openconfirm(5), 299 established(6) 300 } 301 MAX-ACCESS read-only 302 STATUS current 303 DESCRIPTION 304 "The BGP peer connection state." 305 ::= { bgpPeerEntry 2 } 307 bgpPeerAdminStatus OBJECT-TYPE 308 SYNTAX INTEGER { 309 stop(1), 310 start(2) 311 } 312 MAX-ACCESS read-write 313 STATUS current 314 DESCRIPTION 315 "The desired state of the BGP connection. A 316 transition from 'stop' to 'start' will cause 317 the BGP Start Event to be generated. A 318 transition from 'start' to 'stop' will cause 319 the BGP Stop Event to be generated. This 320 parameter can be used to restart BGP peer 321 connections. Care should be used in providing 322 write access to this object without adequate 323 authentication." 324 ::= { bgpPeerEntry 3 } 326 bgpPeerNegotiatedVersion OBJECT-TYPE 327 SYNTAX Integer[1..255] --- change to match draft 328 MAX-ACCESS read-only 329 STATUS current 330 DESCRIPTION 331 "The negotiated version of BGP running between 332 the two peers." 333 ::= { bgpPeerEntry 4 } 335 bgpPeerLocalAddr OBJECT-TYPE 336 SYNTAX IpAddress 337 MAX-ACCESS read-only 338 STATUS current 339 DESCRIPTION 340 "The local IP address of this entry's BGP 341 connection." 342 ::= { bgpPeerEntry 5 } 344 bgpPeerLocalPort OBJECT-TYPE 345 SYNTAX INTEGER (0..65535) 346 MAX-ACCESS read-only 347 STATUS current 348 DESCRIPTION 349 "The local port for the TCP connection between 350 the BGP peers." 351 ::= { bgpPeerEntry 6 } 353 bgpPeerRemoteAddr OBJECT-TYPE 354 SYNTAX IpAddress 355 MAX-ACCESS read-only 356 STATUS current 357 DESCRIPTION 358 "The remote IP address of this entry's BGP 359 peer." 360 ::= { bgpPeerEntry 7 } 362 bgpPeerRemotePort OBJECT-TYPE 363 SYNTAX INTEGER (0..65535) 364 MAX-ACCESS read-only 365 STATUS current 366 DESCRIPTION 367 "The remote port for the TCP connection between 368 the BGP peers. Note that the objects 369 bgpPeerLocalAddr, bgpPeerLocalPort, 370 bgpPeerRemoteAddr and bgpPeerRemotePort 371 provide the appropriate reference to the 372 standard MIB TCP connection table." 373 ::= { bgpPeerEntry 8 } 375 bgpPeerRemoteAs OBJECT-TYPE 376 SYNTAX INTEGER (0..65535) 377 MAX-ACCESS read-only 378 STATUS current 379 DESCRIPTION 380 "The remote autonomous system number." 381 ::= { bgpPeerEntry 9 } 383 bgpPeerInUpdates OBJECT-TYPE 384 SYNTAX Counter32 385 MAX-ACCESS read-only 386 STATUS current 387 DESCRIPTION 388 "The number of BGP UPDATE messages received on 389 this connection. This object should be 390 initialized to zero (0) when the connection is 391 established." 392 ::= { bgpPeerEntry 10 } 394 bgpPeerOutUpdates OBJECT-TYPE 395 SYNTAX Counter32 396 MAX-ACCESS read-only 397 STATUS current 398 DESCRIPTION 399 "The number of BGP UPDATE messages transmitted 400 on this connection. This object should be 401 initialized to zero (0) when the connection is 402 established." 403 ::= { bgpPeerEntry 11 } 405 bgpPeerInTotalMessages OBJECT-TYPE 406 SYNTAX Counter32 407 MAX-ACCESS read-only 408 STATUS current 409 DESCRIPTION 410 "The total number of messages received from the 411 remote peer on this connection. This object 412 should be initialized to zero when the 413 connection is established." 414 ::= { bgpPeerEntry 12 } 416 bgpPeerOutTotalMessages OBJECT-TYPE 417 SYNTAX Counter32 418 MAX-ACCESS read-only 419 STATUS current 420 DESCRIPTION 421 "The total number of messages transmitted to 422 the remote peer on this connection. This object 423 should be initialized to zero when the 424 connection is established." 425 ::= { bgpPeerEntry 13 } 427 bgpPeerLastError OBJECT-TYPE 428 SYNTAX OCTET STRING (SIZE (2)) 429 MAX-ACCESS read-only 430 STATUS current 431 DESCRIPTION 432 "The last error code and subcode seen by this 433 peer on this connection. If no error has 434 occurred, this field is zero. Otherwise, the 435 first byte of this two byte OCTET STRING 436 contains the error code, and the second byte 437 contains the subcode." 438 ::= { bgpPeerEntry 14 } 440 bgpPeerFsmEstablishedTransitions OBJECT-TYPE 441 SYNTAX Counter32 442 MAX-ACCESS read-only 443 STATUS current 444 DESCRIPTION 445 "The total number of times the BGP FSM 446 transitioned into the established state." 447 ::= { bgpPeerEntry 15 } 449 bgpPeerFsmEstablishedTime OBJECT-TYPE 450 SYNTAX Gauge32 451 MAX-ACCESS read-only 452 STATUS current 453 DESCRIPTION 454 "This timer indicates how long (in seconds) this 455 peer has been in the Established state or how long 456 since this peer was last in the Established state. 457 It is set to zero when a new peer is configured or 458 the router is booted." 459 ::= { bgpPeerEntry 16 } 461 bgpPeerConnectRetryInterval OBJECT-TYPE 462 SYNTAX INTEGER (1..65535) 463 MAX-ACCESS read-write 464 STATUS current 465 DESCRIPTION 466 "Time interval in seconds for the ConnectRetry 467 timer. The suggested value for this timer is 468 120 seconds." 469 ::= { bgpPeerEntry 17 } 471 bgpPeerHoldTime OBJECT-TYPE 472 SYNTAX INTEGER ( 0 | 3..65535 ) 473 MAX-ACCESS read-only 474 STATUS current 475 DESCRIPTION 476 "Time interval in seconds for the Hold Timer 477 established with the peer. The value of this 478 object is calculated by this BGP speaker by 479 using the smaller of the value in 480 bgpPeerHoldTimeConfigured and the Hold Time 481 received in the OPEN message. This value 482 must be at lease three seconds if it is not 483 zero (0) in which case the Hold Timer has 484 not been established with the peer, or, the 485 value of bgpPeerHoldTimeConfigured is zero (0)." 486 ::= { bgpPeerEntry 18 } 488 bgpPeerKeepAlive OBJECT-TYPE 489 SYNTAX INTEGER ( 0 | 1..21845 ) 490 MAX-ACCESS read-only 491 STATUS current 492 DESCRIPTION 493 "Time interval in seconds for the KeepAlive 494 timer established with the peer. The value of 495 this object is calculated by this BGP speaker 496 such that, when compared with bgpPeerHoldTime, 497 it has the same proportion as what 498 bgpPeerKeepAliveConfigured has when compared 499 with bgpPeerHoldTimeConfigured. If the value 500 of this object is zero (0), it indicates that 501 the KeepAlive timer has not been established 502 with the peer, or, the value of 503 bgpPeerKeepAliveConfigured is zero (0)." 504 ::= { bgpPeerEntry 19 } 506 bgpPeerHoldTimeConfigured OBJECT-TYPE 507 SYNTAX INTEGER ( 0 | 3..65535 ) 508 MAX-ACCESS read-write 509 STATUS current 510 DESCRIPTION 511 "Time interval in seconds for the Hold Time 512 configured for this BGP speaker with this peer. 513 This value is placed in an OPEN message sent to 514 this peer by this BGP speaker, and is compared 515 with the Hold Time field in an OPEN message 516 received from the peer when determining the Hold 517 Time (bgpPeerHoldTime) with the peer. This value 518 must not be less than three seconds if it is not 519 zero (0) in which case the Hold Time is NOT to be 520 established with the peer. The suggested value for 521 this timer is 90 seconds." 522 ::= { bgpPeerEntry 20 } 524 bgpPeerKeepAliveConfigured OBJECT-TYPE 525 SYNTAX INTEGER ( 0 | 1..21845 ) 526 MAX-ACCESS read-write 527 STATUS current 528 DESCRIPTION 529 "Time interval in seconds for the KeepAlive timer 530 configured for this BGP speaker with this peer. 531 The value of this object will only determine the 532 KEEPALIVE messages' frequency relative to the value 533 specified in bgpPeerHoldTimeConfigured; the actual 534 time interval for the KEEPALIVE messages is 535 indicated by bgpPeerKeepAlive. A reasonable 536 maximum value for this timer would be configured to 537 be one third of that of bgpPeerHoldTimeConfigured. 538 If the value of this object is zero (0), no 539 periodical KEEPALIVE messages are sent to the peer 540 after the BGP connection has been established. The 541 suggested value for this timer is 30 seconds." 542 ::= { bgpPeerEntry 21 } 544 bgpPeerMinASOriginationInterval OBJECT-TYPE 545 SYNTAX INTEGER (1..65535) 546 MAX-ACCESS read-write 547 STATUS current 548 DESCRIPTION 549 "Time interval in seconds for the 550 MinASOriginationInterval timer. 551 The suggested value for this timer is 15 seconds." 552 ::= { bgpPeerEntry 22 } 554 bgpPeerMinRouteAdvertisementInterval OBJECT-TYPE 555 SYNTAX INTEGER (1..65535) 556 MAX-ACCESS read-write 557 STATUS current 558 DESCRIPTION 559 "Time interval in seconds for the 560 MinRouteAdvertisementInterval timer. 561 The suggested value for this timer is 30 seconds." 562 ::= { bgpPeerEntry 23 } 564 bgpPeerInUpdateElapsedTime OBJECT-TYPE 565 SYNTAX Gauge32 566 MAX-ACCESS read-only 567 STATUS current 568 DESCRIPTION 569 "Elapsed time in seconds since the last BGP 570 UPDATE message was received from the peer. 571 Each time bgpPeerInUpdates is incremented, 572 the value of this object is set to zero (0)." 573 ::= { bgpPeerEntry 24 } 575 bgpIdentifier OBJECT-TYPE 576 SYNTAX IpAddress 577 MAX-ACCESS read-only 578 STATUS current 579 DESCRIPTION 580 "The BGP Identifier of local system." 581 ::= { bgp 4 } 583 -- Received Path Attribute Table. This table contains, 584 -- one entry per path to a network, path attributes 585 -- received from all peers running BGP version 3 or less. 586 -- This table is obsolete, having been replaced in 587 -- functionality with the bgp4PathAttrTable. 589 bgpRcvdPathAttrTable OBJECT-TYPE 590 SYNTAX SEQUENCE OF BgpPathAttrEntry 591 MAX-ACCESS not-accessible 592 STATUS obsolete 593 DESCRIPTION 594 "The BGP Received Path Attribute Table contains 595 information about paths to destination networks 596 received from all peers running BGP version 3 or 597 less." 598 ::= { bgp 5 } 600 bgpPathAttrEntry OBJECT-TYPE 601 SYNTAX BgpPathAttrEntry 602 MAX-ACCESS not-accessible 603 STATUS obsolete 604 DESCRIPTION 605 "Information about a path to a network." 606 INDEX { bgpPathAttrDestNetwork, 607 bgpPathAttrPeer } 608 ::= { bgpRcvdPathAttrTable 1 } 610 BgpPathAttrEntry ::= SEQUENCE { 611 bgpPathAttrPeer 612 IpAddress, 613 bgpPathAttrDestNetwork 614 IpAddress, 615 bgpPathAttrOrigin 616 INTEGER, 617 bgpPathAttrASPath 618 OCTET STRING, 619 bgpPathAttrNextHop 620 IpAddress, 621 bgpPathAttrInterASMetric 622 Integer32 623 } 625 bgpPathAttrPeer OBJECT-TYPE 626 SYNTAX IpAddress 627 MAX-ACCESS read-only 628 STATUS obsolete 629 DESCRIPTION 630 "The IP address of the peer where the path 631 information was learned." 632 ::= { bgpPathAttrEntry 1 } 634 bgpPathAttrDestNetwork OBJECT-TYPE 635 SYNTAX IpAddress 636 MAX-ACCESS read-only 637 STATUS obsolete 638 DESCRIPTION 639 "The address of the destination network." 640 ::= { bgpPathAttrEntry 2 } 642 bgpPathAttrOrigin OBJECT-TYPE 643 SYNTAX INTEGER { 644 igp(1),-- networks are interior 645 egp(2),-- networks learned via EGP 646 incomplete(3) -- undetermined 647 } 648 MAX-ACCESS read-only 649 STATUS obsolete 650 DESCRIPTION 651 "The ultimate origin of the path information." 652 ::= { bgpPathAttrEntry 3 } 654 bgpPathAttrASPath OBJECT-TYPE 655 SYNTAX OCTET STRING (SIZE (2..255)) 656 MAX-ACCESS read-only 657 STATUS obsolete 658 DESCRIPTION 659 "The set of ASs that must be traversed to reach 660 the network. This object is probably best 661 represented as SEQUENCE OF INTEGER. For SMI 662 compatibility, though, it is represented as 663 OCTET STRING. Each AS is represented as a pair 664 of octets according to the following algorithm: 666 first-byte-of-pair = ASNumber / 256; 667 second-byte-of-pair = ASNumber & 255;" 668 ::= { bgpPathAttrEntry 4 } 670 bgpPathAttrNextHop OBJECT-TYPE 671 SYNTAX IpAddress 672 MAX-ACCESS read-only 673 STATUS obsolete 674 DESCRIPTION 675 "The address of the border router that should 676 be used for the destination network." 677 ::= { bgpPathAttrEntry 5 } 679 bgpPathAttrInterASMetric OBJECT-TYPE 680 SYNTAX Integer32 681 MAX-ACCESS read-only 682 STATUS obsolete 683 DESCRIPTION 684 "The optional inter-AS metric. If this 685 attribute has not been provided for this route, 686 the value for this object is 0." 687 ::= { bgpPathAttrEntry 6 } 689 -- BGP-4 Received Path Attribute Table. This table contains, 690 -- one entry per path to a network, path attributes 691 -- received from all peers running BGP-4. 693 bgp4PathAttrTable OBJECT-TYPE 694 SYNTAX SEQUENCE OF Bgp4PathAttrEntry 695 MAX-ACCESS not-accessible 696 STATUS current 697 DESCRIPTION 698 "The BGP-4 Received Path Attribute Table contains 699 information about paths to destination networks 700 received from all BGP4 peers." 701 ::= { bgp 6 } 703 bgp4PathAttrEntry OBJECT-TYPE 704 SYNTAX Bgp4PathAttrEntry 705 MAX-ACCESS not-accessible 706 STATUS current 707 DESCRIPTION 708 "Information about a path to a network." 709 INDEX { bgp4PathAttrIpAddrPrefix, 710 bgp4PathAttrIpAddrPrefixLen, 711 bgp4PathAttrPeer } 712 ::= { bgp4PathAttrTable 1 } 714 Bgp4PathAttrEntry ::= SEQUENCE { 715 bgp4PathAttrPeer 716 IpAddress, 717 bgp4PathAttrIpAddrPrefixLen 718 INTEGER, 719 bgp4PathAttrIpAddrPrefix 720 IpAddress, 721 bgp4PathAttrOrigin 722 INTEGER, 723 bgp4PathAttrASPathSegment 724 OCTET STRING, 725 bgp4PathAttrNextHop 726 IpAddress, 727 bgp4PathAttrMultiExitDisc 728 INTEGER, 729 bgp4PathAttrLocalPref 730 INTEGER, 731 bgp4PathAttrAtomicAggregate 732 INTEGER, 733 bgp4PathAttrAggregatorAS 734 INTEGER, 735 bgp4PathAttrAggregatorAddr 736 IpAddress, 737 bgp4PathAttrCalcLocalPref 738 INTEGER, 739 bgp4PathAttrBest 740 INTEGER, 741 bgp4PathAttrUnknown 742 OCTET STRING 743 } 745 bgp4PathAttrPeer OBJECT-TYPE 746 SYNTAX IpAddress 747 MAX-ACCESS read-only 748 STATUS current 749 DESCRIPTION 750 "The IP address of the peer where the path 751 information was learned." 752 ::= { bgp4PathAttrEntry 1 } 754 bgp4PathAttrIpAddrPrefixLen OBJECT-TYPE 755 SYNTAX INTEGER (0..32) 756 MAX-ACCESS read-only 757 STATUS current 758 DESCRIPTION 759 "Length in bits of the IP address prefix in the 760 Network Layer Reachability Information field." 761 ::= { bgp4PathAttrEntry 2 } 763 bgp4PathAttrIpAddrPrefix OBJECT-TYPE 764 SYNTAX IpAddress 765 MAX-ACCESS read-only 766 STATUS current 767 DESCRIPTION 768 "An IP address prefix in the Network Layer 769 Reachability Information field. This object 770 is an IP address containing the prefix with 771 length specified by bgp4PathAttrIpAddrPrefixLen. 772 Any bits beyond the length specified by 773 bgp4PathAttrIpAddrPrefixLen are zeroed." 774 ::= { bgp4PathAttrEntry 3 } 776 bgp4PathAttrOrigin OBJECT-TYPE 777 SYNTAX INTEGER { 778 igp(1),-- networks are interior 779 egp(2),-- networks learned via EGP 780 incomplete(3) -- undetermined 781 } 782 MAX-ACCESS read-only 783 STATUS current 784 DESCRIPTION 785 "The ultimate origin of the path information." 786 ::= { bgp4PathAttrEntry 4 } 788 bgp4PathAttrASPathSegment OBJECT-TYPE 789 SYNTAX OCTET STRING (SIZE (2..500)) --- [change 3 possible to have 500*4 bytes of aSpath] 790 MAX-ACCESS read-only 791 STATUS current 792 DESCRIPTION 793 "The sequence of AS path segments. Each AS 794 path segment is represented by a triple 795 . 797 The type is a 1-octet field which has two 798 possible values: 799 1 AS_SET: unordered set of ASs a 800 route in the UPDATE message 801 has traversed 803 2 AS_SEQUENCE: ordered set of ASs 804 a route in the UPDATE message 805 has traversed. 807 The length is a 1-octet field containing the 808 number of ASs in the value field. 810 The value field contains one or more AS 811 numbers, each AS is represented in the octet 812 string as a pair of octets according to the 813 following algorithm: 815 first-byte-of-pair = ASNumber / 256; 816 second-byte-of-pair = ASNumber & 255;" 817 ::= { bgp4PathAttrEntry 5 } 819 bgp4PathAttrNextHop OBJECT-TYPE 820 SYNTAX IpAddress 821 MAX-ACCESS read-only 822 STATUS current 823 DESCRIPTION 824 "The address of the border router that should 825 be used for the destination network. This 826 address is the nexthop address received in 827 the UPDATE packet." 828 ::= { bgp4PathAttrEntry 6 } 830 bgp4PathAttrMultiExitDisc OBJECT-TYPE 831 SYNTAX INTEGER (0..4294967295) 832 MAX-ACCESS read-only 833 STATUS current 834 DESCRIPTION 835 "This metric is used to discriminate between 836 multiple exit points to an adjacent autonomous 837 system. A value of -1 (4294967295) indicates the absence of 838 this attribute." 839 ::= { bgp4PathAttrEntry 7 } 841 bgp4PathAttrLocalPref OBJECT-TYPE 842 SYNTAX INTEGER (0..4294967295) 843 MAX-ACCESS read-only 844 STATUS current 845 DESCRIPTION 846 "The originating BGP4 speaker's degree of 847 preference for an advertised route. A value of 848 -1 (4294967295) indicates the absence of this attribute." 849 ::= { bgp4PathAttrEntry 8 } 851 bgp4PathAttrAtomicAggregate OBJECT-TYPE 852 SYNTAX INTEGER { 853 lessSpecificRrouteNotSelected(1), 854 lessSpecificRouteSelected(2) 855 } 856 MAX-ACCESS read-only 857 STATUS current 858 DESCRIPTION 859 "Whether or not a system has selected 860 a less specific route without selecting a 861 more specific route." 862 ::= { bgp4PathAttrEntry 9 } 864 bgp4PathAttrAggregatorAS OBJECT-TYPE 865 SYNTAX INTEGER (0..65535) 866 MAX-ACCESS read-only 867 STATUS current 868 DESCRIPTION 869 "The AS number of the last BGP4 speaker that 870 performed route aggregation. A value of zero (0) 871 indicates the absence of this attribute." 872 ::= { bgp4PathAttrEntry 10 } 874 bgp4PathAttrAggregatorAddr OBJECT-TYPE 875 SYNTAX IpAddress propagation of AS path zero] 876 MAX-ACCESS read-only 877 STATUS current 878 DESCRIPTION 879 "The IP address of the last BGP4 speaker that 880 performed route aggregation. A value of 881 0.0.0.0 indicates the absence of this attribute. 882 Note propagation of AS of zero is illegal in internet." 883 ::= { bgp4PathAttrEntry 11 } 885 bgp4PathAttrCalcLocalPref OBJECT-TYPE 886 SYNTAX INTEGER (0 ..4294967295) 887 MAX-ACCESS read-only 888 STATUS current 889 DESCRIPTION 890 "The degree of preference calculated by the 891 receiving BGP4 speaker for an advertised route. 892 A value of -1 (4294967295) indicates the absence of this 893 attribute." 894 ::= { bgp4PathAttrEntry 12 } 896 bgp4PathAttrBest OBJECT-TYPE 897 SYNTAX INTEGER { 898 false(1),-- not chosen as best route 899 true(2) -- chosen as best route 900 } 901 MAX-ACCESS read-only 902 STATUS current 903 DESCRIPTION 904 "An indication of whether or not this route 905 was chosen as the best BGP4 route." 906 ::= { bgp4PathAttrEntry 13 } 908 bgp4PathAttrUnknown OBJECT-TYPE [format not specific enough 909 [switch to path format 910 type length value] 911 SYNTAX OCTET STRING (SIZE(0..255)) 912 MAX-ACCESS read-only 913 STATUS current 914 DESCRIPTION 915 "One or more path attributes not understood 916 by this BGP4 speaker. Path attributes are 917 recorded in the Update Path attribute format 918 of type, length, value. Size zero (0) indicates 919 the absence of such attribute(s). Octets 920 beyond the maximum size, if any, are not 921 recorded by this object. " 922 ::= { bgp4PathAttrEntry 14 } 924 -- Traps. 926 -- note that in RFC 1657, bgpTraps was incorrectly 927 -- assigned a value of { bgp 7 }, and each of the 928 -- traps had the bgpPeerRemoteAddr object inappropriately 929 -- removed from their OBJECTS clause. The following 930 -- definitions restore the semantics of the traps as 931 -- they were initially defined in RFC 1269. 933 -- { bgp 7 } is unused 935 bgpTraps OBJECT IDENTIFIER ::= { bgp 0 } 937 bgpEstablished NOTIFICATION-TYPE 938 OBJECTS { bgpPeerRemoteAddr, 939 bgpPeerLastError, 940 bgpPeerState } 941 STATUS current 942 DESCRIPTION 943 "The BGP Established event is generated when 944 the BGP FSM enters the ESTABLISHED state." 945 ::= { bgpTraps 1 } 947 bgpBackwardTransition NOTIFICATION-TYPE 948 OBJECTS { bgpPeerRemoteAddr, 949 bgpPeerLastError, 950 bgpPeerState } 951 STATUS current 952 DESCRIPTION 953 "The BGPBackwardTransition Event is generated 954 when the BGP FSM moves from a higher numbered 955 state to a lower numbered state." 956 ::= { bgpTraps 2 } 958 -- conformance information 960 bgpMIBConformance OBJECT IDENTIFIER ::= { bgp 8 } 961 bgpMIBCompliances OBJECT IDENTIFIER ::= { bgpMIBConformance 1 } 962 bgpMIBGroups OBJECT IDENTIFIER ::= { bgpMIBConformance 2 } 964 -- compliance statements 966 bgpMIBCompliance MODULE-COMPLIANCE 967 STATUS current 968 DESCRIPTION 969 "The compliance statement for entities which 970 implement the BGP4 mib." 971 MODULE -- this module 972 MANDATORY-GROUPS { bgp4MIBGlobalsGroup, 973 bgp4MIBPeerGroup, 974 bgp4MIBPathAttrGroup, 975 bgp4MIBNotificationGroup } 976 ::= { bgpMIBCompliances 1 } 978 -- units of conformance 980 bgp4MIBGlobalsGroup OBJECT-GROUP 981 OBJECTS { bgpVersion, 982 bgpLocalAs, 983 bgpIdentifier } 984 STATUS current 985 DESCRIPTION 986 "A collection of objects providing information 987 on global BGP state." 988 ::= { bgpMIBGroups 1 } 990 bgp4MIBPeerGroup OBJECT-GROUP 991 OBJECTS { bgpPeerIdentifier, 992 bgpPeerState, 993 bgpPeerAdminStatus, 994 bgpPeerNegotiatedVersion, 995 bgpPeerLocalAddr, 996 bgpPeerLocalPort, 997 bgpPeerRemoteAddr, 998 bgpPeerRemotePort, 999 bgpPeerRemoteAs, 1000 bgpPeerInUpdates, 1001 bgpPeerOutUpdates, 1002 bgpPeerInTotalMessages, 1003 bgpPeerOutTotalMessages, 1004 bgpPeerLastError, 1005 bgpPeerFsmEstablishedTransitions, 1006 bgpPeerFsmEstablishedTime, 1007 bgpPeerConnectRetryInterval, 1008 bgpPeerHoldTime, 1009 bgpPeerKeepAlive, 1010 bgpPeerHoldTimeConfigured, 1011 bgpPeerKeepAliveConfigured, 1012 bgpPeerMinASOriginationInterval, 1013 bgpPeerMinRouteAdvertisementInterval, 1014 bgpPeerInUpdateElapsedTime } 1015 STATUS current 1016 DESCRIPTION 1017 "A collection of objects for managing 1018 BGP peers." 1019 ::= { bgpMIBGroups 2 } 1021 bgp4MIBRcvdPathAttrGroup OBJECT-GROUP 1022 OBJECTS { bgpPathAttrPeer, 1023 bgpPathAttrDestNetwork, 1024 bgpPathAttrOrigin, 1025 bgpPathAttrASPath, 1026 bgpPathAttrNextHop, 1027 bgpPathAttrInterASMetric } 1028 STATUS obsolete 1029 DESCRIPTION 1030 "A collection of objects for managing BGP 1031 path entries. 1033 This conformance group is obsolete, 1034 replaced by bgp4MIBPathAttrGroup." 1035 ::= { bgpMIBGroups 3 } 1037 bgp4MIBPathAttrGroup OBJECT-GROUP 1038 OBJECTS { bgp4PathAttrPeer, 1039 bgp4PathAttrIpAddrPrefixLen, 1040 bgp4PathAttrIpAddrPrefix, 1041 bgp4PathAttrOrigin, 1042 bgp4PathAttrASPathSegment, 1043 bgp4PathAttrNextHop, 1044 bgp4PathAttrMultiExitDisc, 1045 bgp4PathAttrLocalPref, 1046 bgp4PathAttrAtomicAggregate, 1047 bgp4PathAttrAggregatorAS, 1048 bgp4PathAttrAggregatorAddr, 1049 bgp4PathAttrCalcLocalPref, 1050 bgp4PathAttrBest, 1051 bgp4PathAttrUnknown } 1052 STATUS current 1053 DESCRIPTION 1054 "A collection of objects for managing 1055 BGP path entries." 1056 ::= { bgpMIBGroups 4 } 1058 bgp4MIBNotificationGroup NOTIFICATION-GROUP 1059 NOTIFICATIONS { bgpEstablished, 1060 bgpBackwardTransition } 1061 STATUS current 1062 DESCRIPTION 1063 "A collection of notifications for signaling 1064 changes in BGP peer relationships." 1065 ::= { bgpMIBGroups 5 } 1067 END 1069 6. Intellectual Property 1071 The IETF takes no position regarding the validity or scope of any 1072 intellectual property or other rights that might be claimed to 1073 pertain to the implementation or use of the technology described in 1074 this document or the extent to which any license under such rights 1075 might or might not be available; neither does it represent that it 1076 has made any effort to identify any such rights. Information on the 1077 IETF's procedures with respect to rights in standards-track and 1078 standards-related documentation can be found in BCP-11. Copies of 1079 claims of rights made available for publication and any assurances of 1080 licenses to be made available, or the result of an attempt made to 1081 obtain a general license or permission for the use of such 1082 proprietary rights by implementors or users of this specification can 1083 be obtained from the IETF Secretariat. 1085 7. Acknowledgements 1087 We would like to acknowledge the assistance of all the members of the 1088 Inter-Domain Routing Working Group, and particularly the following 1089 individuals: 1091 Yakov Rekhter, cisco Systems 1092 Rob Coltun, Redback 1093 Guy Almes, Internet2 1094 Jeff Honig, Cornell Theory Center 1095 Marshall T. Rose, Dover Beach Consulting, Inc. 1096 Dennis Ferguson, Juniper Networks 1097 Mike Mathis, PSC 1098 John Krawczyk, Bay Networks 1099 Curtis Villamizar, Avici 1100 Dave LeRoy, Pencom Systems 1101 Paul Traina, Juniper Networks 1102 Andrew Partan, MFS 1103 Robert Snyder, cisco Systems 1104 Dimitry Haskin, Nortel 1105 Peder Chr Norgaard, Telebit Communications A/S 1106 Joel Halpern, CTO Longitude Systems, Inc. 1107 Nick Thille, RedBack Networks 1108 Bert Wijnen, IBM 1109 Shane Wright, NextHop 1111 The origin of this document is from RFC 1269 "Definitions of Managed 1112 Objects for the Border Gateway Protocol (Version 3)" written by Steve 1113 Willis and John Burruss, which was updated by John Chu to support 1114 BGP-4 in RFC 1657. The editors wishes to acknowledge the fine work 1115 of these original authors. 1117 8. References 1119 [1] Rekhter, Y., Li, T., "A Border Gateway Protocol 4 (BGP-4)", RFC 1120 1771, March 1995. 1122 [2] Rekhter, Y., Gross, P., "Application of the Border Gateway 1123 Protocol in the Internet", RFC 1772, March 1995. 1125 [3] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for 1126 Describing SNMP Management Frameworks", RFC 2271, Cabletron 1127 Systems, Inc., BMC Software, Inc., IBM T. J. Watson Research, 1128 January 1998 1130 [4] Rose, M., and K. McCloghrie, "Structure and Identification of 1131 Management Information for TCP/IP-based Internets", RFC 1155, 1132 Performance Systems International, Hughes LAN Systems, May 1990 1134 [5] Rose, M., and K. McCloghrie, "Concise MIB Definitions", RFC 1135 1212, Performance Systems International, Hughes LAN Systems, 1136 March 1991 1138 [6] M. Rose, "A Convention for Defining Traps for use with the 1139 SNMP", RFC 1215, Performance Systems International, March 1991 1141 [7] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, 1142 "Structure of Management Information for Version 2 of the Simple 1143 Network Management Protocol (SNMPv2)", RFC 1902, SNMP 1144 Research,Inc., Cisco Systems, Inc., Dover Beach Consulting, 1145 Inc., International Network Services, January 1996. 1147 [8] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Textual 1148 Conventions for Version 2 of the Simple Network Management 1149 Protocol (SNMPv2)", RFC 1903, SNMP Research, Inc., Cisco 1150 Systems, Inc., Dover Beach Consulting, Inc., International 1151 Network Services, January 1996. 1153 [9] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, 1154 "Conformance Statements for Version 2 of the Simple Network 1155 Management Protocol (SNMPv2)", RFC 1904, SNMP Research, Inc., 1156 Cisco Systems, Inc., Dover Beach Consulting, Inc., International 1157 Network Services, January 1996. 1159 [10] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple 1160 Network Management Protocol", RFC 1157, SNMP Research, 1161 Performance Systems International, Performance Systems 1162 International, MIT Laboratory for Computer Science, May 1990. 1164 [11] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, 1165 "Introduction to Community-based SNMPv2", RFC 1901, SNMP 1166 Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, 1167 Inc., International Network Services, January 1996. 1169 [12] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, 1170 "Transport Mappings for Version 2 of the Simple Network 1171 Management Protocol (SNMPv2)", RFC 1906, SNMP Research, Inc., 1172 Cisco Systems, Inc., Dover Beach Consulting, Inc., International 1173 Network Services, January 1996. 1175 [13] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message 1176 Processing and Dispatching for the Simple Network Management 1177 Protocol (SNMP)", RFC 2272, SNMP Research, Inc., Cabletron 1178 Systems, Inc., BMC Software, Inc., IBM T. J. Watson Research, 1179 January 1998. 1181 [14] Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) 1182 for version 3 of the Simple Network Management Protocol 1183 (SNMPv3)", RFC 2274, IBM T. J. Watson Research, January 1998. 1185 [15] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol 1186 Operations for Version 2 of the Simple Network Management 1187 Protocol (SNMPv2)", RFC 1905, SNMP Research, Inc., Cisco 1188 Systems, Inc., Dover Beach Consulting, Inc., International 1189 Network Services, January 1996. 1191 [16] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC 1192 2273, SNMP Research, Inc., Secure Computing Corporation, Cisco 1193 Systems, January 1998 1195 [17] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access 1196 Control Model (VACM) for the Simple Network Management Protocol 1197 (SNMP)", RFC 2275, IBM T. J. Watson Research, BMC Software, 1198 Inc., Cisco Systems, Inc., January 1998 1200 9. Security Considerations 1202 There are a number of management objects defined in this MIB that 1203 have a MAX-ACCESS clause of read-write: 1204 bgpPeerAdminStatus 1205 bgpPeerConnectRetryInterval 1206 bgpPeerHoldTimeConfigured 1207 bgpPeerKeepAliveConfigured 1208 bgpPeerMinASOriginationInterval 1209 bgpPeerMinRouteAdvertisementInterval 1211 These objects should be considered sensitive or vulnerable in most 1212 network environments. The support for SET operations in a non-secure 1213 environment without proper protection can have a negative effect on 1214 network operations. Incorrect configuration of these parameters may 1215 cause BGP peer connections to terminate early or to send more routes 1216 under a flapping condition. 1218 There are a number of managed objects in this MIB that may be 1219 considered to contain sensitive information in the operation of a 1220 network. For example, a BGP peer's local and remote addresses may be 1221 sensitive for ISPs who want to keep interface addresses on routers 1222 confidential to prevent router addresses used for a denial of service 1223 attack or spoofing. 1225 Therefore, it may be important in some environments to control read 1226 access to these objects and possibly to even encrypt the values of 1227 these object when sending them over the network via SNMP. Not all 1228 versions of SNMP provide features for such a secure environment. 1230 SNMPv1 by itself is not a secure environment. Even if the network 1231 itself is secure (for example by using IPSec), even then, there is no 1232 control as to who on the secure network is allowed to access and 1233 GET/SET (read/change/create/delete) the objects in this MIB. 1235 It is recommended that the implementers consider the security 1236 features as provided by the SNMPv3 framework. Specifically, the use 1237 of the User-based Security Model RFC 2274 [14] and the View-based 1238 Access Control Model RFC 2275 [17] is recommended. 1240 It is then a customer/user responsibility to ensure that the SNMP 1241 entity giving access to an instance of this MIB, is properly 1242 configured to give access to the objects only to those principals 1243 (users) that have legitimate rights to indeed GET or SET 1244 (change/create/delete) them. 1246 10. Authors' Address 1248 Susan Hares 1249 NextHop Technologies 1250 517 Williams 1251 Ann Arbor, MI 48103-4943 1252 Phone: +1 734 936 2095 1253 Fax: +1 734 615-3241 1254 Email: skh@nexthop.com 1256 Jeff Johnson 1257 RedBack Networks, Inc. 1258 1389 Moffett Park Drive 1259 Sunnyvale, CA 94089 1260 Phone: +1 408 548 3516 1261 Email: jeff@redback.com 1263 Steve Willis 1264 Argon Networks 1265 25 Porter Road 1266 Littleton, MA 01450 1267 Phone: +1 508 486 0665 1268 Fax: +1 508 486 9379 1269 Email: swills@argon.com 1271 John Burruss 1272 Windata Inc. 1273 543 Great Road 1274 Littleton MA 01460 1275 Phone: +1 508 952 0170 1276 Email: jburruss@windata.com 1278 John Chu 1279 Cosine Communications 1280 1200 Bridge Parkway 1281 Redwood City, CA 94065 1282 Phone: 650-637-4780 1283 Email: jchu@cosinecom.com 1285 11. Full Copyright Statement 1287 Copyright (C) The Internet Society (1999). All Rights Reserved. 1289 This document and translations of it may be copied and furnished to 1290 others, and derivative works that comment on or otherwise explain it 1291 or assist in its implementation may be prepared, copied, published 1292 and distributed, in whole or in part, without restriction of any 1293 kind, provided that the above copyright notice and this paragraph are 1294 included on all such copies and derivative works. However, this 1295 document itself may not be modified in any way, such as by removing 1296 the copyright notice or references to the Internet Society or other 1297 Internet organizations, except as needed for the purpose of 1298 developing Internet standards in which case the procedures for 1299 copyrights defined in the Internet Standards process must be 1300 followed, or as required to translate it into languages other than 1301 English. 1303 The limited permissions granted above are perpetual and will not be 1304 revoked by the Internet Society or its successors or assigns. 1306 This document and the information contained herein is provided on an 1307 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 1308 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 1309 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 1310 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 1311 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.