idnits 2.17.1 draft-ietf-idr-bgp4-mib-07.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document is more than 15 pages and seems to lack a Table of Contents. == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 4 instances of too long lines in the document, the longest one being 7 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (July 2001) is 8315 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'BGP' is mentioned on line 64, but not defined == Missing Reference: 'BGPAPPL' is mentioned on line 64, but not defined -- Looks like a reference, but probably isn't: '14' on line 1324 -- Looks like a reference, but probably isn't: '17' on line 1325 == Unused Reference: 'BGP4' is defined on line 1219, but no explicit reference was found in the text == Unused Reference: 'BGP4APP' is defined on line 1222, but no explicit reference was found in the text ** Obsolete normative reference: RFC 1771 (ref. 'BGP4') (Obsoleted by RFC 4271) ** Obsolete normative reference: RFC 2571 (Obsoleted by RFC 3411) ** Downref: Normative reference to an Informational RFC: RFC 1215 ** Downref: Normative reference to an Historic RFC: RFC 1157 ** Downref: Normative reference to an Historic RFC: RFC 1901 ** Obsolete normative reference: RFC 1906 (Obsoleted by RFC 3417) ** Obsolete normative reference: RFC 2572 (Obsoleted by RFC 3412) ** Obsolete normative reference: RFC 2574 (Obsoleted by RFC 3414) ** Obsolete normative reference: RFC 1905 (Obsoleted by RFC 3416) ** Obsolete normative reference: RFC 2573 (Obsoleted by RFC 3413) ** Obsolete normative reference: RFC 2575 (Obsoleted by RFC 3415) ** Obsolete normative reference: RFC 2570 (Obsoleted by RFC 3410) Summary: 19 errors (**), 0 flaws (~~), 6 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group J. Haas 2 INTERNET DRAFT NextHop 3 S. Hares 4 NextHop 5 S. Willis 6 Argon Networks 7 J. Chu 8 Cosine 9 July 2001 11 Definitions of Managed Objects 12 for the Fourth Version of Border Gateway Protocol (BGP-4) 13 15 Status of this Memo 17 This document is an Internet-Draft and is in full conformance with 18 all provisions of Section 10 of RFC 2026. 20 Internet-Drafts are working documents of the Internet Engineering 21 Task Force (IETF), its areas, and its working groups. Note that 22 other groups may also distribute working documents as Internet- 23 Drafts. 25 Internet-Drafts are draft documents valid for a maximum of six months 26 and may be updated, replaced, or obsoleted by other documents at any 27 time. It is inappropriate to use Internet- Drafts as reference 28 material or to cite them other than as "work in progress." 30 The list of current Internet-Drafts can be accessed at 31 http://www.ietf.org/ietf/1id-abstracts. 33 The list of Internet-Draft Shadow Directories can be accessed at 34 http://www.ietf.org/shadow.html. 36 Copyright Notice 38 Copyright (C) The Internet Society (1999). All Rights Reserved. 40 Abstract 42 This memo is an extension to the SNMP MIB. The origin of this memo 43 is from RFC 1269 "Definitions of Managed Objects for the Border 44 Gateway Protocol (Version 3)", which was updated to support BGP-4 in 45 RFC 1657. This memo fixes errors introduced when the MIB was 46 converted to use the SNMPv2 SMI, as well as updates references to the 47 current SNMP framework documents. 49 This memo is intended to document deployed implementations of this 50 MIB in a historical context, provide clarifications of some items and 51 also note errors where the MIB fails to fully represent the BGP 52 protocol. Work is currently in progress to replace this MIB with a 53 new one representing the current state of the BGP protocol and its 54 extensions. 56 Distribution of this memo is unlimited. Please forward comments to 57 idr@merit.net. 59 1. Introduction 61 This memo defines a portion of the Management Information Base (MIB) 62 for use with network management protocols in the Internet community. 63 In particular, it describes managed objects used for managing the 64 Border Gateway Protocol Version 4 or lower [BGP, BGPAPPL]. 66 2. The SNMP Management Framework 68 The SNMP Management Framework presently consists of five major 69 components: 71 -- An overall architecture, described in RFC 2571 [RFC2571]. 73 -- Mechanisms for describing and naming objects and events for the 74 purpose of management. The first version of this Structure of 75 Management Information (SMI) is called SMIv1 and described in 76 STD 16, RFC 1155 [RFC1155], STD 16, RFC 1212 [RFC1212] and RFC 77 1215 [RFC1215]. The second version, called SMIv2, is described 78 in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and 79 STD 58, RFC 2580 [RFC2580]. 81 -- Message protocols for transferring management information. The 82 first version of the SNMP message protocol is called SNMPv1 and 83 described in STD 15, RFC 1157 [RFC1157]. A second version of 84 the SNMP message protocol, which is not an Internet standards 85 track protocol, is called SNMPv2c and described in RFC 1901 86 [RFC1901] and RFC 1906 [RFC1906]. The third version of the 87 message protocol is called SNMPv3 and described in RFC 1906 88 [RFC1906], RFC 2572 [RFC2572] and RFC 2574 [RFC2574]. 90 -- Protocol operations for accessing management information. The 91 first set of protocol operations and associated PDU formats is 92 described in STD 15, RFC 1157 [RFC1157]. A second set of 93 protocol operations and associated PDU formats is described in 94 RFC 1905 [RFC1905]. 96 -- A set of fundamental applications described in RFC 2573 97 [RFC2573] and the view-based access control mechanism described 98 in RFC 2575 [RFC2575]. 100 A more detailed introduction to the current SNMP Management Framework 101 can be found in RFC 2570 [RFC2570]. 103 Managed objects are accessed via a virtual information store, termed 104 the Management Information Base or MIB. Objects in the MIB are 105 defined using the mechanisms defined in the SMI. 107 This memo specifies a MIB module that is compliant to the SMIv2. A 108 MIB conforming to the SMIv1 can be produced through the appropriate 109 translations. The resulting translated MIB must be semantically 110 equivalent, except where objects or events are omitted because no 111 translation is possible (use of Counter64). Some machine readable 112 information in SMIv2 will be converted into textual descriptions in 113 SMIv1 during the translation process. However, this loss of machine 114 readable information is not considered to change the semantics of the 115 MIB. 117 3. Overview 119 These objects are used to control and manage a BGP-4 implementation. 121 Apart from a few system-wide scalar objects, this MIB is broken into 122 three tables: the BGP Peer Table, the BGP Received Path Attribute 123 Table, and the BGP-4 Received Path Attribute Table. The BGP Peer 124 Table contains information about state and current activity of 125 connections with the BGP peers. The Received Path Attribute Table 126 contains path attributes received from all peers running BGP version 127 3 or less. The BGP-4 Received Path Attribute Table contains path 128 attributes received from all BGP-4 peers. The actual attributes used 129 in determining a route are a subset of the received attribute tables 130 after local routing policy has been applied. 132 4. Definitions 134 BGP4-MIB DEFINITIONS ::= BEGIN 136 IMPORTS 137 MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, 138 IpAddress, Integer32, Counter32, Gauge32, mib-2 139 FROM SNMPv2-SMI 140 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP 141 FROM SNMPv2-CONF; 143 bgp MODULE-IDENTITY 144 LAST-UPDATED "200106010000Z" 145 ORGANIZATION "IETF IDR Working Group" 146 CONTACT-INFO "E-mail: idr@merit.net 148 Jeff Haas (Editor) 149 517 W. William Street 150 Ann Arbor, MI 48103-4943 151 Tel: +1 734 973-2200 152 Fax: +1 734 615-3241 153 E-mail: skh@nexthop.com" 155 DESCRIPTION 156 "1) Fixed the definitions of the traps to 157 make them equivalent to their initial 158 definition in RFC 1269. 159 2) Added compliance and conformance info. 160 3) Updated for latest BGP information 161 draft-ietf-idr-bgp4-10.txt for value of 162 bgpPeerNegotiatedVersion, bgp4PathAttrLocalPref, 163 bgp4PathAttrCalcLocalPref,bgp4PathAttrMultiExitDisc, 164 bgp4PathAttrASPathSegement. 165 4) Added additional clarification commments where 166 needed. 167 5) Noted where objects do not fully reflect 168 the protocol as Known Issues." 169 ::= { mib-2 15 } 171 bgpVersion OBJECT-TYPE 172 SYNTAX OCTET STRING (SIZE (1..255)) 173 MAX-ACCESS read-only 174 STATUS current 175 DESCRIPTION 176 "Vector of supported BGP protocol version 177 numbers. Each peer negotiates the version 178 from this vector. Versions are identified 179 via the string of bits contained within this 180 object. The first octet contains bits 0 to 181 7, the second octet contains bits 8 to 15, 182 and so on, with the most significant bit 183 referring to the lowest bit number in the 184 octet (e.g., the MSB of the first octet 185 refers to bit 0). If a bit, i, is present 186 and set, then the version (i+1) of the BGP 187 is supported." 188 ::= { bgp 1 } 190 bgpLocalAs OBJECT-TYPE 191 SYNTAX Integer32 (0..65535) 192 MAX-ACCESS read-only 193 STATUS current 194 DESCRIPTION 195 "The local autonomous system number." 196 ::= { bgp 2 } 198 -- BGP Peer table. This table contains, one entry per 199 -- BGP peer, information about the BGP peer. 201 bgpPeerTable OBJECT-TYPE 202 SYNTAX SEQUENCE OF BgpPeerEntry 203 MAX-ACCESS not-accessible 204 STATUS current 205 DESCRIPTION 206 "BGP peer table. This table contains, 207 one entry per BGP peer, information about the 208 connections with BGP peers." 209 ::= { bgp 3 } 211 bgpPeerEntry OBJECT-TYPE 212 SYNTAX BgpPeerEntry 213 MAX-ACCESS not-accessible 214 STATUS current 215 DESCRIPTION 216 "Entry containing information about the 217 connection with a BGP peer." 218 INDEX { bgpPeerRemoteAddr } 219 ::= { bgpPeerTable 1 } 221 BgpPeerEntry ::= SEQUENCE { 222 bgpPeerIdentifier 223 IpAddress, 224 bgpPeerState 225 INTEGER, 226 bgpPeerAdminStatus 227 INTEGER, 228 bgpPeerNegotiatedVersion 229 Integer32, 230 bgpPeerLocalAddr 231 IpAddress, 232 bgpPeerLocalPort 233 Integer32, 234 bgpPeerRemoteAddr 235 IpAddress, 236 bgpPeerRemotePort 237 Integer32, 238 bgpPeerRemoteAs 239 Integer32, 240 bgpPeerInUpdates 241 Counter32, 242 bgpPeerOutUpdates 243 Counter32, 244 bgpPeerInTotalMessages 245 Counter32, 246 bgpPeerOutTotalMessages 247 Counter32, 248 bgpPeerLastError 249 OCTET STRING, 250 bgpPeerFsmEstablishedTransitions 251 Counter32, 252 bgpPeerFsmEstablishedTime 253 Gauge32, 254 bgpPeerConnectRetryInterval 255 Integer32, 256 bgpPeerHoldTime 257 Integer32, 258 bgpPeerKeepAlive 259 Integer32, 260 bgpPeerHoldTimeConfigured 261 Integer32, 262 bgpPeerKeepAliveConfigured 263 Integer32, 264 bgpPeerMinASOriginationInterval 265 Integer32, 267 bgpPeerMinRouteAdvertisementInterval 268 Integer32, 269 bgpPeerInUpdateElapsedTime 270 Gauge32 271 } 273 bgpPeerIdentifier OBJECT-TYPE 274 SYNTAX IpAddress 275 MAX-ACCESS read-only 276 STATUS current 277 DESCRIPTION 278 "The BGP Identifier of this entry's BGP peer. 279 This entry should be 0.0.0.0 unless the 280 bgpPeerState is in the openconfirm or the 281 established state." 282 ::= { bgpPeerEntry 1 } 284 bgpPeerState OBJECT-TYPE 285 SYNTAX INTEGER { 286 idle(1), 287 connect(2), 288 active(3), 289 opensent(4), 290 openconfirm(5), 291 established(6) 292 } 293 MAX-ACCESS read-only 294 STATUS current 295 DESCRIPTION 296 "The BGP peer connection state." 297 ::= { bgpPeerEntry 2 } 299 bgpPeerAdminStatus OBJECT-TYPE 300 SYNTAX INTEGER { 301 stop(1), 302 start(2) 303 } 304 MAX-ACCESS read-write 305 STATUS current 306 DESCRIPTION 307 "The desired state of the BGP connection. 308 A transition from 'stop' to 'start' will 309 cause the BGP Start Event to be generated. 310 A transition from 'start' to 'stop' will 311 cause the BGP Stop Event to be generated. 313 This parameter can be used to restart BGP 314 peer connections. Care should be used in 315 providing write access to this object 316 without adequate authentication." 317 ::= { bgpPeerEntry 3 } 319 bgpPeerNegotiatedVersion OBJECT-TYPE 320 SYNTAX Integer32 (1..255) 321 MAX-ACCESS read-only 322 STATUS current 323 DESCRIPTION 324 "The negotiated version of BGP running between 325 the two peers." 326 ::= { bgpPeerEntry 4 } 328 bgpPeerLocalAddr OBJECT-TYPE 329 SYNTAX IpAddress 330 MAX-ACCESS read-only 331 STATUS current 332 DESCRIPTION 333 "The local IP address of this entry's BGP 334 connection." 335 ::= { bgpPeerEntry 5 } 337 bgpPeerLocalPort OBJECT-TYPE 338 SYNTAX Integer32 (0..65535) 339 MAX-ACCESS read-only 340 STATUS current 341 DESCRIPTION 342 "The local port for the TCP connection between 343 the BGP peers." 344 ::= { bgpPeerEntry 6 } 346 bgpPeerRemoteAddr OBJECT-TYPE 347 SYNTAX IpAddress 348 MAX-ACCESS read-only 349 STATUS current 350 DESCRIPTION 351 "The remote IP address of this entry's BGP 352 peer." 353 ::= { bgpPeerEntry 7 } 355 bgpPeerRemotePort OBJECT-TYPE 356 SYNTAX Integer32 (0..65535) 357 MAX-ACCESS read-only 358 STATUS current 359 DESCRIPTION 360 "The remote port for the TCP connection 361 between the BGP peers. Note that the 362 OBJECts bgpPeerLocalAddr, 363 bgpPeerLocalPort, bgpPeerRemoteAddr and 364 bgpPeerRemotePort provide the appropriate 365 reference to the standard MIB TCP 366 connection table." 367 ::= { bgpPeerEntry 8 } 369 bgpPeerRemoteAs OBJECT-TYPE 370 SYNTAX Integer32 (0..65535) 371 MAX-ACCESS read-only 372 STATUS current 373 DESCRIPTION 374 "The remote autonomous system number." 375 ::= { bgpPeerEntry 9 } 377 bgpPeerInUpdates OBJECT-TYPE 378 SYNTAX Counter32 379 MAX-ACCESS read-only 380 STATUS current 381 DESCRIPTION 382 "The number of BGP UPDATE messages 383 received on this connection. This object 384 should be initialized to zero (0) when the 385 connection is established." 386 ::= { bgpPeerEntry 10 } 388 bgpPeerOutUpdates OBJECT-TYPE 389 SYNTAX Counter32 390 MAX-ACCESS read-only 391 STATUS current 392 DESCRIPTION 393 "The number of BGP UPDATE messages 394 transmitted on this connection. This 395 object should be initialized to zero (0) 396 when the connection is established." 397 ::= { bgpPeerEntry 11 } 399 bgpPeerInTotalMessages OBJECT-TYPE 400 SYNTAX Counter32 401 MAX-ACCESS read-only 402 STATUS current 403 DESCRIPTION 404 "The total number of messages received 405 from the remote peer on this connection. 406 This object should be initialized to zero 407 when the connection is established." 408 ::= { bgpPeerEntry 12 } 410 bgpPeerOutTotalMessages OBJECT-TYPE 411 SYNTAX Counter32 412 MAX-ACCESS read-only 413 STATUS current 414 DESCRIPTION 415 "The total number of messages transmitted to 416 the remote peer on this connection. This 417 object should be initialized to zero when 418 the connection is established." 419 ::= { bgpPeerEntry 13 } 421 bgpPeerLastError OBJECT-TYPE 422 SYNTAX OCTET STRING (SIZE (2)) 423 MAX-ACCESS read-only 424 STATUS current 425 DESCRIPTION 426 "The last error code and subcode seen by this 427 peer on this connection. If no error has 428 occurred, this field is zero. Otherwise, the 429 first byte of this two byte OCTET STRING 430 contains the error code, and the second byte 431 contains the subcode." 432 ::= { bgpPeerEntry 14 } 434 bgpPeerFsmEstablishedTransitions OBJECT-TYPE 435 SYNTAX Counter32 436 MAX-ACCESS read-only 437 STATUS current 438 DESCRIPTION 439 "The total number of times the BGP FSM 440 transitioned into the established state 441 for this peer." 442 ::= { bgpPeerEntry 15 } 444 bgpPeerFsmEstablishedTime OBJECT-TYPE 445 SYNTAX Gauge32 446 MAX-ACCESS read-only 447 STATUS current 448 DESCRIPTION 449 "This timer indicates how long (in 450 seconds) this peer has been in the 451 Established state or how long 452 since this peer was last in the 453 Established state. It is set to zero when 454 a new peer is configured or the router is 455 booted." 456 ::= { bgpPeerEntry 16 } 458 bgpPeerConnectRetryInterval OBJECT-TYPE 459 SYNTAX Integer32 (1..65535) 460 MAX-ACCESS read-write 461 STATUS current 462 DESCRIPTION 463 "Time interval in seconds for the 464 ConnectRetry timer. The suggested value 465 for this timer is 120 seconds." 466 ::= { bgpPeerEntry 17 } 468 bgpPeerHoldTime OBJECT-TYPE 469 SYNTAX Integer32 ( 0 | 3..65535 ) 470 MAX-ACCESS read-only 471 STATUS current 472 DESCRIPTION 473 "Time interval in seconds for the Hold 474 Timer established with the peer. The 475 value of this object is calculated by this 476 BGP speaker by using the smaller of the 477 value in bgpPeerHoldTimeConfigured and the 478 Hold Time received in the OPEN message. 479 This value must be at lease three seconds 480 if it is not zero (0) in which case the 481 Hold Timer has not been established with the 482 peer, or, the value of 483 bgpPeerHoldTimeConfigured is zero (0)." 484 ::= { bgpPeerEntry 18 } 486 bgpPeerKeepAlive OBJECT-TYPE 487 SYNTAX Integer32 ( 0 | 1..21845 ) 488 MAX-ACCESS read-only 489 STATUS current 490 DESCRIPTION 491 "Time interval in seconds for the KeepAlive 492 timer established with the peer. The value of 493 this object is calculated by this BGP 494 speaker such that, when compared with 495 bgpPeerHoldTime, it has the same 496 proportion as what 497 bgpPeerKeepAliveConfigured has when 498 compared with bgpPeerHoldTimeConfigured. 499 If the value of this object is zero (0), 500 it indicates that the KeepAlive timer has 501 not been established with the peer, or, 502 the value of bgpPeerKeepAliveConfigured is 503 zero (0)." 504 ::= { bgpPeerEntry 19 } 506 bgpPeerHoldTimeConfigured OBJECT-TYPE 507 SYNTAX Integer32 ( 0 | 3..65535 ) 508 MAX-ACCESS read-write 509 STATUS current 510 DESCRIPTION 511 "Time interval in seconds for the Hold Time 512 configured for this BGP speaker with this 513 peer. This value is placed in an OPEN 514 message sent to this peer by this BGP 515 speaker, and is compared with the Hold 516 Time field in an OPEN message received 517 from the peer when determining the Hold 518 Time (bgpPeerHoldTime) with the peer. 519 This value must not be less than three 520 seconds if it is not zero (0) in which 521 case the Hold Time is NOT to be 522 established with the peer. The suggested 523 value for this timer is 90 seconds." 524 ::= { bgpPeerEntry 20 } 526 bgpPeerKeepAliveConfigured OBJECT-TYPE 527 SYNTAX Integer32 ( 0 | 1..21845 ) 528 MAX-ACCESS read-write 529 STATUS current 530 DESCRIPTION 531 "Time interval in seconds for the 532 KeepAlive timer configured for this BGP 533 speaker with this peer. The value of this 534 object will only determine the 535 KEEPALIVE messages' frequency relative to 536 the value specified in 537 bgpPeerHoldTimeConfigured; the actual 538 time interval for the KEEPALIVE messages is 539 indicated by bgpPeerKeepAlive. A 540 reasonable maximum value for this timer 541 would be configured to be one 542 third of that of 543 bgpPeerHoldTimeConfigured. 544 If the value of this object is zero (0), 545 no periodical KEEPALIVE messages are sent 546 to the peer after the BGP connection has 547 been established. The suggested value for 548 this timer is 30 seconds." 549 ::= { bgpPeerEntry 21 } 551 bgpPeerMinASOriginationInterval OBJECT-TYPE 552 SYNTAX Integer32 (1..65535) 553 MAX-ACCESS read-write 554 STATUS current 555 DESCRIPTION 556 "Time interval in seconds for the 557 MinASOriginationInterval timer. 558 The suggested value for this timer is 15 559 seconds." 560 ::= { bgpPeerEntry 22 } 562 bgpPeerMinRouteAdvertisementInterval OBJECT-TYPE 563 SYNTAX Integer32 (1..65535) 564 MAX-ACCESS read-write 565 STATUS current 566 DESCRIPTION 567 "Time interval in seconds for the 568 MinRouteAdvertisementInterval timer. 569 The suggested value for this timer is 30 570 seconds." 571 ::= { bgpPeerEntry 23 } 573 bgpPeerInUpdateElapsedTime OBJECT-TYPE 574 SYNTAX Gauge32 575 MAX-ACCESS read-only 576 STATUS current 577 DESCRIPTION 578 "Elapsed time in seconds since the last BGP 579 UPDATE message was received from the peer. 581 Each time bgpPeerInUpdates is incremented, 582 the value of this object is set to zero 583 (0)." 584 ::= { bgpPeerEntry 24 } 586 bgpIdentifier OBJECT-TYPE 587 SYNTAX IpAddress 588 MAX-ACCESS read-only 589 STATUS current 590 DESCRIPTION 591 "The BGP Identifier of local system." 592 ::= { bgp 4 } 594 -- Received Path Attribute Table. This table contains, 595 -- one entry per path to a network, path attributes 596 -- received from all peers running BGP version 3 or less. 597 -- This table is obsolete, having been replaced in 598 -- functionality with the bgp4PathAttrTable. 600 bgpRcvdPathAttrTable OBJECT-TYPE 601 SYNTAX SEQUENCE OF BgpPathAttrEntry 602 MAX-ACCESS not-accessible 603 STATUS obsolete 604 DESCRIPTION 605 "The BGP Received Path Attribute Table 606 contains information about paths to 607 destination networks received from all 608 peers running BGP version 3 or less." 609 ::= { bgp 5 } 611 bgpPathAttrEntry OBJECT-TYPE 612 SYNTAX BgpPathAttrEntry 613 MAX-ACCESS not-accessible 614 STATUS obsolete 615 DESCRIPTION 616 "Information about a path to a network." 617 INDEX { bgpPathAttrDestNetwork, 618 bgpPathAttrPeer } 619 ::= { bgpRcvdPathAttrTable 1 } 621 BgpPathAttrEntry ::= SEQUENCE { 622 bgpPathAttrPeer 623 IpAddress, 625 bgpPathAttrDestNetwork 626 IpAddress, 627 bgpPathAttrOrigin 628 Integer32, 629 bgpPathAttrASPath 630 OCTET STRING, 631 bgpPathAttrNextHop 632 IpAddress, 633 bgpPathAttrInterASMetric 634 Integer32 635 } 637 bgpPathAttrPeer OBJECT-TYPE 638 SYNTAX IpAddress 639 MAX-ACCESS read-only 640 STATUS obsolete 641 DESCRIPTION 642 "The IP address of the peer where the path 643 information was learned." 644 ::= { bgpPathAttrEntry 1 } 646 bgpPathAttrDestNetwork OBJECT-TYPE 647 SYNTAX IpAddress 648 MAX-ACCESS read-only 649 STATUS obsolete 650 DESCRIPTION 651 "The address of the destination network." 652 ::= { bgpPathAttrEntry 2 } 654 bgpPathAttrOrigin OBJECT-TYPE 655 SYNTAX INTEGER { 656 igp(1),-- networks are interior 657 egp(2),-- networks learned via EGP 658 incomplete(3) -- undetermined 659 } 660 MAX-ACCESS read-only 661 STATUS obsolete 662 DESCRIPTION 663 "The ultimate origin of the path information." 664 ::= { bgpPathAttrEntry 3 } 666 bgpPathAttrASPath OBJECT-TYPE 667 SYNTAX OCTET STRING (SIZE (2..255)) 668 MAX-ACCESS read-only 669 STATUS obsolete 670 DESCRIPTION 671 "The set of ASs that must be traversed to reach 672 the network. This object is probably best 673 represented as SEQUENCE OF INTEGER. For SMI 674 compatibility, though, it is represented as 675 OCTET STRING. Each AS is represented as a pair 676 of octets according to the following algorithm: 678 first-byte-of-pair = ASNumber / 256; 679 second-byte-of-pair = ASNumber & 255;" 680 ::= { bgpPathAttrEntry 4 } 682 bgpPathAttrNextHop OBJECT-TYPE 683 SYNTAX IpAddress 684 MAX-ACCESS read-only 685 STATUS obsolete 686 DESCRIPTION 687 "The address of the border router that should 688 be used for the destination network." 689 ::= { bgpPathAttrEntry 5 } 691 bgpPathAttrInterASMetric OBJECT-TYPE 692 SYNTAX Integer32 693 MAX-ACCESS read-only 694 STATUS obsolete 695 DESCRIPTION 696 "The optional inter-AS metric. If this 697 attribute has not been provided for this route, 698 the value for this object is 0." 699 ::= { bgpPathAttrEntry 6 } 701 -- BGP-4 Received Path Attribute Table. This table 702 -- contains, one entry per path to a network, path 703 -- attributes received from all peers running BGP-4. 705 bgp4PathAttrTable OBJECT-TYPE 706 SYNTAX SEQUENCE OF Bgp4PathAttrEntry 707 MAX-ACCESS not-accessible 708 STATUS current 709 DESCRIPTION 710 "The BGP-4 Received Path Attribute Table 711 contains information about paths to 712 destination networks received from all 713 BGP4 peers." 714 ::= { bgp 6 } 716 bgp4PathAttrEntry OBJECT-TYPE 717 SYNTAX Bgp4PathAttrEntry 718 MAX-ACCESS not-accessible 719 STATUS current 720 DESCRIPTION 721 "Information about a path to a network." 722 INDEX { bgp4PathAttrIpAddrPrefix, 723 bgp4PathAttrIpAddrPrefixLen, 724 bgp4PathAttrPeer } 725 ::= { bgp4PathAttrTable 1 } 727 Bgp4PathAttrEntry ::= SEQUENCE { 728 bgp4PathAttrPeer 729 IpAddress, 730 bgp4PathAttrIpAddrPrefixLen 731 Integer32, 732 bgp4PathAttrIpAddrPrefix 733 IpAddress, 734 bgp4PathAttrOrigin 735 INTEGER, 736 bgp4PathAttrASPathSegment 737 OCTET STRING, 738 bgp4PathAttrNextHop 739 IpAddress, 740 bgp4PathAttrMultiExitDisc 741 Integer32, 742 bgp4PathAttrLocalPref 743 Integer32, 744 bgp4PathAttrAtomicAggregate 745 INTEGER, 746 bgp4PathAttrAggregatorAS 747 Integer32, 748 bgp4PathAttrAggregatorAddr 749 IpAddress, 750 bgp4PathAttrCalcLocalPref 751 Integer32, 752 bgp4PathAttrBest 753 INTEGER, 754 bgp4PathAttrUnknown 755 OCTET STRING 756 } 757 bgp4PathAttrPeer OBJECT-TYPE 758 SYNTAX IpAddress 759 MAX-ACCESS read-only 760 STATUS current 761 DESCRIPTION 762 "The IP address of the peer where the path 763 information was learned." 764 ::= { bgp4PathAttrEntry 1 } 766 bgp4PathAttrIpAddrPrefixLen OBJECT-TYPE 767 SYNTAX Integer32 (0..32) 768 MAX-ACCESS read-only 769 STATUS current 770 DESCRIPTION 771 "Length in bits of the IP address prefix in 772 the Network Layer Reachability 773 Information field." 774 ::= { bgp4PathAttrEntry 2 } 776 bgp4PathAttrIpAddrPrefix OBJECT-TYPE 777 SYNTAX IpAddress 778 MAX-ACCESS read-only 779 STATUS current 780 DESCRIPTION 781 "An IP address prefix in the Network Layer 782 Reachability Information field. This object 783 is an IP address containing the prefix with 784 length specified by 785 bgp4PathAttrIpAddrPrefixLen. 786 Any bits beyond the length specified by 787 bgp4PathAttrIpAddrPrefixLen are zeroed." 788 ::= { bgp4PathAttrEntry 3 } 790 bgp4PathAttrOrigin OBJECT-TYPE 791 SYNTAX INTEGER { 792 igp(1),-- networks are interior 793 egp(2),-- networks learned 794 -- via EGP 795 incomplete(3) -- undetermined 796 } 797 MAX-ACCESS read-only 798 STATUS current 799 DESCRIPTION 800 "The ultimate origin of the path 801 information." 803 ::= { bgp4PathAttrEntry 4 } 805 bgp4PathAttrASPathSegment OBJECT-TYPE 806 SYNTAX OCTET STRING (SIZE (2..255)) 807 MAX-ACCESS read-only 808 STATUS current 809 DESCRIPTION 810 "The sequence of AS path segments. Each AS 811 path segment is represented by a triple 812 . 814 The type is a 1-octet field which has two 815 possible values: 816 1 AS_SET: unordered set of ASs a 817 route in the UPDATE message 818 has traversed 820 2 AS_SEQUENCE: ordered set of ASs 821 a route in the UPDATE message 822 has traversed. 824 The length is a 1-octet field containing the 825 number of ASs in the value field. 827 The value field contains one or more AS 828 numbers, each AS is represented in the octet 829 string as a pair of octets according to the 830 following algorithm: 832 first-byte-of-pair = ASNumber / 256; 833 second-byte-of-pair = ASNumber & 255; 835 Known Issues: 836 o BGP Confederations will result in 837 a type of value of either 3 or 4. 838 o An AS Path may be longer than 255 octets. 839 This may result in this object containing 840 a truncated AS Path." 841 ::= { bgp4PathAttrEntry 5 } 843 bgp4PathAttrNextHop OBJECT-TYPE 844 SYNTAX IpAddress 845 MAX-ACCESS read-only 846 STATUS current 847 DESCRIPTION 848 "The address of the border router that 849 should be used for the destination 850 network. This address is the nexthop 851 address received in the UPDATE packet." 852 ::= { bgp4PathAttrEntry 6 } 854 bgp4PathAttrMultiExitDisc OBJECT-TYPE 855 SYNTAX Integer32 (-1..2147483647) 856 MAX-ACCESS read-only 857 STATUS current 858 DESCRIPTION 859 "This metric is used to discriminate 860 between multiple exit points to an 861 adjacent autonomous system. A value of -1 862 indicates the absence of this attribute. 864 Known Issues: 865 o The BGP-4 specification uses an 866 unsigned 32 bit number and thus this 867 object cannot represent the full 868 range of the protocol." 869 ::= { bgp4PathAttrEntry 7 } 871 bgp4PathAttrLocalPref OBJECT-TYPE 872 SYNTAX Integer32 (-1..2147483647) 873 MAX-ACCESS read-only 874 STATUS current 875 DESCRIPTION 876 "The originating BGP4 speaker's degree of 877 preference for an advertised route. A 878 value of -1 indicates the absence of this 879 attribute. 881 Known Issues: 882 o The BGP-4 specification uses an 883 unsigned 32 bit number and thus this 884 object cannot represent the full 885 range of the protocol." 886 ::= { bgp4PathAttrEntry 8 } 888 bgp4PathAttrAtomicAggregate OBJECT-TYPE 889 SYNTAX INTEGER { 890 lessSpecificRouteNotSelected(1), 891 lessSpecificRouteSelected(2) 892 } 893 MAX-ACCESS read-only 894 STATUS current 895 DESCRIPTION 896 "Whether or not a system has selected 897 a less specific route without 898 selecting a more specific route." 899 ::= { bgp4PathAttrEntry 9 } 901 bgp4PathAttrAggregatorAS OBJECT-TYPE 902 SYNTAX Integer32 (0..65535) 903 MAX-ACCESS read-only 904 STATUS current 905 DESCRIPTION 906 "The AS number of the last BGP4 speaker that 907 performed route aggregation. A value of 908 zero (0) indicates the absence of this 909 attribute." 910 ::= { bgp4PathAttrEntry 10 } 912 bgp4PathAttrAggregatorAddr OBJECT-TYPE 913 SYNTAX IpAddress 914 MAX-ACCESS read-only 915 STATUS current 916 DESCRIPTION 917 "The IP address of the last BGP4 speaker 918 that performed route aggregation. A 919 value of 0.0.0.0 indicates the absence 920 of this attribute. 922 Note propagation of AS of zero is illegal in 923 the Internet." 924 ::= { bgp4PathAttrEntry 11 } 926 bgp4PathAttrCalcLocalPref OBJECT-TYPE 927 SYNTAX Integer32 (-1..2147483647) 928 MAX-ACCESS read-only 929 STATUS current 930 DESCRIPTION 931 "The degree of preference calculated by the 932 receiving BGP4 speaker for an advertised 933 route. A value of -1 indicates the 934 absence of this attribute. 936 Known Issues: 937 o The BGP-4 specification uses an 938 unsigned 32 bit number and thus this 939 object cannot represent the full 940 range of the protocol." 941 ::= { bgp4PathAttrEntry 12 } 943 bgp4PathAttrBest OBJECT-TYPE 944 SYNTAX INTEGER { 945 false(1),-- not chosen as best route 946 true(2) -- chosen as best route 947 } 948 MAX-ACCESS read-only 949 STATUS current 950 DESCRIPTION 951 "An indication of whether or not this route 952 was chosen as the best BGP4 route." 953 ::= { bgp4PathAttrEntry 13 } 955 bgp4PathAttrUnknown OBJECT-TYPE 956 SYNTAX OCTET STRING (SIZE(0..255)) 957 MAX-ACCESS read-only 958 STATUS current 959 DESCRIPTION 960 "One or more path attributes not understood 961 by the base BGP-4 document. 963 Path attributes are recorded in the Update 964 Path attribute format of type, length, value. 965 Size zero (0) indicates the absence of such 966 attribute(s). Octets beyond the maximum size, 967 if any, are not recorded by this object. " 968 ::= { bgp4PathAttrEntry 14 } 970 -- Traps. 972 -- note that in RFC 1657, bgpTraps was incorrectly 973 -- assigned a value of { bgp 7 }, and each of the 974 -- traps had the bgpPeerRemoteAddr object inappropriately 975 -- removed from their OBJECTS clause. The following 976 -- definitions restore the semantics of the traps as 977 -- they were initially defined in RFC 1269. 979 bgpNotification OBJECT IDENTIFIER ::= { bgp 0 } 980 bgpEstablishedNotification NOTIFICATION-TYPE 981 OBJECTS { bgpPeerRemoteAddr, 982 bgpPeerLastError, 983 bgpPeerState } 984 STATUS current 985 DESCRIPTION 986 "The BGP Established event is generated when 987 the BGP FSM enters the ESTABLISHED state. 989 This object obsoletes bgpEstablished." 990 ::= { bgpNotification 1 } 992 bgpBackwardTransNotification NOTIFICATION-TYPE 993 OBJECTS { bgpPeerRemoteAddr, 994 bgpPeerLastError, 995 bgpPeerState } 996 STATUS current 997 DESCRIPTION 998 "The BGP Backward Transition Event is generated 999 when the BGP FSM moves from a higher numbered 1000 state to a lower numbered state. 1002 This object obsoletes bgpBackwardTransition." 1003 ::= { bgpNotification 2 } 1005 -- { bgp 7 } is obsoleted 1007 bgpTraps OBJECT IDENTIFIER ::= { bgp 7 } 1009 bgpEstablished NOTIFICATION-TYPE 1010 OBJECTS { bgpPeerRemoteAddr, 1011 bgpPeerLastError, 1012 bgpPeerState } 1013 STATUS obsolete 1014 DESCRIPTION 1015 "The BGP Established event is generated when 1016 the BGP FSM enters the ESTABLISHED state. 1018 This object has been obsoleted in favor of 1019 bgpEstablishedNotification." 1020 ::= { bgpTraps 1 } 1022 bgpBackwardTransition NOTIFICATION-TYPE 1023 OBJECTS { bgpPeerRemoteAddr, 1024 bgpPeerLastError, 1025 bgpPeerState } 1026 STATUS obsolete 1027 DESCRIPTION 1028 "The BGPBackwardTransition Event is generated 1029 when the BGP FSM moves from a higher numbered 1030 state to a lower numbered state. 1032 This object has been obsoleted in favor of 1033 bgpBackwardTransitionNotification." 1034 ::= { bgpTraps 2 } 1036 -- conformance information 1038 bgpMIBConformance OBJECT IDENTIFIER 1039 ::= { bgp 8 } 1040 bgpMIBCompliances OBJECT IDENTIFIER 1041 ::= { bgpMIBConformance 1 } 1042 bgpMIBGroups OBJECT IDENTIFIER 1043 ::= { bgpMIBConformance 2 } 1045 -- compliance statements 1047 bgpMIBCompliance MODULE-COMPLIANCE 1048 STATUS current 1049 DESCRIPTION 1050 "The compliance statement for entities which 1051 implement the BGP4 mib." 1052 MODULE -- this module 1053 MANDATORY-GROUPS { bgp4MIBGlobalsGroup, 1054 bgp4MIBPeerGroup, 1055 bgp4MIBPathAttrGroup, 1056 bgp4MIBNotificationGroup, 1057 bgp4MIBNewNotificationGroup } 1058 ::= { bgpMIBCompliances 1 } 1060 -- units of conformance 1062 bgp4MIBGlobalsGroup OBJECT-GROUP 1063 OBJECTS { bgpVersion, 1064 bgpLocalAs, 1065 bgpIdentifier } 1066 STATUS current 1067 DESCRIPTION 1068 "A collection of objects providing 1069 information on global BGP state." 1070 ::= { bgpMIBGroups 1 } 1072 bgp4MIBPeerGroup OBJECT-GROUP 1073 OBJECTS { bgpPeerIdentifier, 1074 bgpPeerState, 1075 bgpPeerAdminStatus, 1076 bgpPeerNegotiatedVersion, 1077 bgpPeerLocalAddr, 1078 bgpPeerLocalPort, 1079 bgpPeerRemoteAddr, 1080 bgpPeerRemotePort, 1081 bgpPeerRemoteAs, 1082 bgpPeerInUpdates, 1083 bgpPeerOutUpdates, 1084 bgpPeerInTotalMessages, 1085 bgpPeerOutTotalMessages, 1086 bgpPeerLastError, 1087 bgpPeerFsmEstablishedTransitions, 1088 bgpPeerFsmEstablishedTime, 1089 bgpPeerConnectRetryInterval, 1090 bgpPeerHoldTime, 1091 bgpPeerKeepAlive, 1092 bgpPeerHoldTimeConfigured, 1093 bgpPeerKeepAliveConfigured, 1094 bgpPeerMinASOriginationInterval, 1095 bgpPeerMinRouteAdvertisementInterval, 1096 bgpPeerInUpdateElapsedTime } 1097 STATUS current 1098 DESCRIPTION 1099 "A collection of objects for managing 1100 BGP peers." 1101 ::= { bgpMIBGroups 2 } 1103 bgp4MIBRcvdPathAttrGroup OBJECT-GROUP 1104 OBJECTS { bgpPathAttrPeer, 1105 bgpPathAttrDestNetwork, 1106 bgpPathAttrOrigin, 1107 bgpPathAttrASPath, 1108 bgpPathAttrNextHop, 1109 bgpPathAttrInterASMetric } 1110 STATUS obsolete 1111 DESCRIPTION 1112 "A collection of objects for managing BGP 1113 path entries. 1115 This conformance group is obsolete, 1116 replaced by bgp4MIBPathAttrGroup." 1117 ::= { bgpMIBGroups 3 } 1119 bgp4MIBPathAttrGroup OBJECT-GROUP 1120 OBJECTS { bgp4PathAttrPeer, 1121 bgp4PathAttrIpAddrPrefixLen, 1122 bgp4PathAttrIpAddrPrefix, 1123 bgp4PathAttrOrigin, 1124 bgp4PathAttrASPathSegment, 1125 bgp4PathAttrNextHop, 1126 bgp4PathAttrMultiExitDisc, 1127 bgp4PathAttrLocalPref, 1128 bgp4PathAttrAtomicAggregate, 1129 bgp4PathAttrAggregatorAS, 1130 bgp4PathAttrAggregatorAddr, 1131 bgp4PathAttrCalcLocalPref, 1132 bgp4PathAttrBest, 1133 bgp4PathAttrUnknown } 1134 STATUS current 1135 DESCRIPTION 1136 "A collection of objects for managing 1137 BGP path entries." 1138 ::= { bgpMIBGroups 4 } 1140 bgp4MIBNotificationGroup NOTIFICATION-GROUP 1141 NOTIFICATIONS { bgpEstablished, 1142 bgpBackwardTransition } 1143 STATUS obsolete 1144 DESCRIPTION 1145 "A collection of notifications for signaling 1146 changes in BGP peer relationships. 1148 Obsoleted by bgp4MIBNewNotificationGroup." 1149 ::= { bgpMIBGroups 5 } 1151 bgp4MIBNewNotificationGroup NOTIFICATION-GROUP 1152 NOTIFICATIONS { bgpEstablishedNotification, 1153 bgpBackwardTransNotification } 1154 STATUS current 1155 DESCRIPTION 1156 "A collection of notifications for signaling 1157 changes in BGP peer relationships. 1159 Obsoletes bgp4MIBNotificationGroup." 1160 ::= { bgpMIBGroups 6 } 1162 END 1164 5. Intellectual Property 1166 The IETF takes no position regarding the validity or scope of any 1167 intellectual property or other rights that might be claimed to 1168 pertain to the implementation or use of the technology described in 1169 this document or the extent to which any license under such rights 1170 might or might not be available; neither does it represent that it 1171 has made any effort to identify any such rights. Information on the 1172 IETF's procedures with respect to rights in standards-track and 1173 standards-related documentation can be found in BCP-11. Copies of 1174 claims of rights made available for publication and any assurances of 1175 licenses to be made available, or the result of an attempt made to 1176 obtain a general license or permission for the use of such 1177 proprietary rights by implementors or users of this specification can 1178 be obtained from the IETF Secretariat. 1180 6. Acknowledgements 1182 We would like to acknowledge the assistance of all the members of the 1183 Inter-Domain Routing Working Group, and particularly the following 1184 individuals: 1186 Yakov Rekhter, Juniper Networks 1187 Rob Coltun, Redback 1188 Guy Almes, Internet2 1189 Jeff Honig, BSDi 1190 Marshall T. Rose, Dover Beach Consulting, Inc. 1191 Dennis Ferguson, Juniper Networks 1192 Mike Mathis, PSC 1193 John Krawczyk, Bay Networks 1194 Curtis Villamizar, Avici 1195 Dave LeRoy, Pencom Systems 1196 Paul Traina, Juniper Networks 1197 Andrew Partan, MFN 1198 Robert Snyder, cisco Systems 1199 Dimitry Haskin, Nortel 1200 Peder Chr Norgaard, Telebit Communications A/S 1201 Joel Halpern, CTO Longitude Systems, Inc. 1203 Nick Thille, RedBack Networks 1204 Bert Wijnen, Lucent 1205 Shane Wright, NextHop 1206 Mike McFadden, Riverstone Networks, Inc. 1207 Jon Saperia, JDS Consulting, Inc. 1208 Wayne Tackabury, Gold Wire Technology, Inc 1209 Bill Fenner, AT&T Research 1211 The origin of this document is from RFC 1269 "Definitions of Managed 1212 Objects for the Border Gateway Protocol (Version 3)" written by Steve 1213 Willis and John Burruss, which was updated by John Chu to support 1214 BGP-4 in RFC 1657. The editors wish to acknowledge the fine work of 1215 these original authors. 1217 7. References 1219 [BGP4] Rekhter, Y., Li, T., "A Border Gateway Protocol 4 (BGP-4)", RFC 1220 1771, March 1995. 1222 [BGP4APP] Rekhter, Y., Gross, P., "Application of the Border Gateway 1223 Protocol in the Internet", RFC 1772, March 1995. 1225 [RFC2571] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture 1226 for Describing SNMP Management Frameworks", RFC 2571, April 1227 1999. 1229 [RFC1155] Rose, M., and K. McCloghrie, "Structure and Identification 1230 of Management Information for TCP/IP-based Internets", STD 1231 16, RFC 1155, May 1990. 1233 [RFC1212] Rose, M., and K. McCloghrie, "Concise MIB Definitions", STD 1234 16, RFC 1212, March 1991. 1236 [RFC1215] M. Rose, "A Convention for Defining Traps for use with the 1237 SNMP", RFC 1215, March 1991. 1239 [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., 1240 Rose, M., and S. Waldbusser, "Structure of Management 1241 Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1242 1999. 1244 [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., 1245 Rose, M., and S. Waldbusser, "Textual Conventions for 1246 SMIv2", STD 58, RFC 2579, April 1999. 1248 [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., 1249 Rose, M., and S. Waldbusser, "Conformance Statements for 1250 SMIv2", STD 58, RFC 2580, April 1999. 1252 [RFC1157] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple 1253 Network Management Protocol", STD 15, RFC 1157, May 1990. 1255 [RFC1901] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, 1256 "Introduction to Community-based SNMPv2", RFC 1901, January 1257 1996. 1259 [RFC1906] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, 1260 "Transport Mappings for Version 2 of the Simple Network 1261 Management Protocol (SNMPv2)", RFC 1906, January 1996. 1263 [RFC2572] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message 1264 Processing and Dispatching for the Simple Network Management 1265 Protocol (SNMP)", RFC 2572, April 1999. 1267 [RFC2574] Blumenthal, U., and B. Wijnen, "User-based Security Model 1268 (USM) for version 3 of the Simple Network Management 1269 Protocol (SNMPv3)", RFC 2574, April 1999. 1271 [RFC1905] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, 1272 "Protocol Operations for Version 2 of the Simple Network 1273 Management Protocol (SNMPv2)", RFC 1905, January 1996. 1275 [RFC2573] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", 1276 RFC 2573, April 1999. 1278 [RFC2575] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based 1279 Access Control Model (VACM) for the Simple Network 1280 Management Protocol (SNMP)", RFC 2575, April 1999. 1282 [RFC2570] Case, J., Mundy, R., Partain, D., and B. Stewart, 1283 "Introduction to Version 3 of the Internet-standard Network 1284 Management Framework", RFC 2570, April 1999. 1286 8. Security Considerations 1288 There are a number of management objects defined in this MIB that 1289 have a MAX-ACCESS clause of read-write: 1291 bgpPeerAdminStatus 1292 bgpPeerConnectRetryInterval 1293 bgpPeerHoldTimeConfigured 1294 bgpPeerKeepAliveConfigured 1295 bgpPeerMinASOriginationInterval 1296 bgpPeerMinRouteAdvertisementInterval 1298 These objects should be considered sensitive or vulnerable in most 1299 network environments. The support for SET operations in a non-secure 1300 environment without proper protection can have a negative effect on 1301 network operations. Incorrect configuration of these parameters may 1302 cause BGP peer connections to terminate early or to send more routes 1303 under a flapping condition. 1305 There are a number of managed objects in this MIB that may be 1306 considered to contain sensitive information in the operation of a 1307 network. For example, a BGP peer's local and remote addresses may be 1308 sensitive for ISPs who want to keep interface addresses on routers 1309 confidential to prevent router addresses used for a denial of service 1310 attack or spoofing. 1312 Therefore, it may be important in some environments to control read 1313 access to these objects and possibly to even encrypt the values of 1314 these object when sending them over the network via SNMP. Not all 1315 versions of SNMP provide features for such a secure environment. 1317 SNMPv1 by itself is not a secure environment. Even if the network 1318 itself is secure (for example by using IPSec), even then, there is no 1319 control as to who on the secure network is allowed to access and 1320 GET/SET (read/change/create/delete) the objects in this MIB. 1322 It is recommended that the implementers consider the security 1323 features as provided by the SNMPv3 framework. Specifically, the use 1324 of the User-based Security Model RFC 2274 [14] and the View-based 1325 Access Control Model RFC 2275 [17] is recommended. 1327 It is then a customer/user responsibility to ensure that the SNMP 1328 entity giving access to an instance of this MIB, is properly 1329 configured to give access to the objects only to those principals 1330 (users) that have legitimate rights to indeed GET or SET 1331 (change/create/delete) them. 1333 9. Authors' Address 1335 Jeff Haas 1336 NextHop Technologies 1337 517 Williams 1338 Ann Arbor, MI 48103-4943 1339 Phone: +1 734 973-2200 1340 Fax: +1 734 615-3241 1341 Email: jhaas@nexthop.com 1343 Jeff Johnson 1344 RedBack Networks, Inc. 1345 1389 Moffett Park Drive 1346 Sunnyvale, CA 94089 1347 Phone: +1 408 548 3516 1348 Email: jeff@redback.com 1350 Steve Willis 1351 Argon Networks 1352 25 Porter Road 1353 Littleton, MA 01450 1354 Phone: +1 508 486 0665 1355 Fax: +1 508 486 9379 1356 Email: swills@argon.com 1358 John Burruss 1359 Windata Inc. 1360 543 Great Road 1361 Littleton MA 01460 1362 Phone: +1 508 952 0170 1363 Email: jburruss@windata.com 1365 John Chu 1366 Cosine Communications 1367 1200 Bridge Parkway 1368 Redwood City, CA 94065 1369 Phone: 650-637-4780 1370 Email: jchu@cosinecom.com 1372 10. Full Copyright Statement 1374 Copyright (C) The Internet Society (1999). All Rights Reserved. 1376 This document and translations of it may be copied and furnished to 1377 others, and derivative works that comment on or otherwise explain it 1378 or assist in its implementation may be prepared, copied, published 1379 and distributed, in whole or in part, without restriction of any 1380 kind, provided that the above copyright notice and this paragraph are 1381 included on all such copies and derivative works. However, this 1382 document itself may not be modified in any way, such as by removing 1383 the copyright notice or references to the Internet Society or other 1384 Internet organizations, except as needed for the purpose of 1385 developing Internet standards in which case the procedures for 1386 copyrights defined in the Internet Standards process must be 1387 followed, or as required to translate it into languages other than 1388 English. 1390 The limited permissions granted above are perpetual and will not be 1391 revoked by the Internet Society or its successors or assigns. 1393 This document and the information contained herein is provided on an 1394 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 1395 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 1396 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 1397 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 1398 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.