idnits 2.17.1
draft-ietf-ipfix-mib-10.txt:
Checking boilerplate required by RFC 5378 and the IETF Trust (see
https://trustee.ietf.org/license-info):
----------------------------------------------------------------------------
** You're using the IETF Trust Provisions' Section 6.b License Notice from
12 Sep 2009 rather than the newer Notice from 28 Dec 2009. (See
https://trustee.ietf.org/license-info/)
Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------
== There are 1 instance of lines with non-RFC6890-compliant IPv4 addresses
in the document. If these are example addresses, they should be changed.
-- The document has examples using IPv4 documentation addresses according
to RFC6890, but does not use any IPv6 documentation addresses. Maybe
there should be IPv6 examples, too?
Miscellaneous warnings:
----------------------------------------------------------------------------
== The copyright year in the IETF Trust and authors Copyright Line does not
match the current year
== Line 1015 has weird spacing: '...alue of sctpA...'
== The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but
does not include the phrase in its RFC 2119 key words list.
-- The document seems to lack a disclaimer for pre-RFC5378 work, but may
have content which was first submitted before 10 November 2008. If you
have contacted all the original authors and they are all willing to grant
the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
this comment. If not, you may need to add the pre-RFC5378 disclaimer.
(See the Legal Provisions document at
https://trustee.ietf.org/license-info for more information.)
-- The document date (January 12, 2010) is 5217 days in the past. Is this
intentional?
Checking references for intended status: Proposed Standard
----------------------------------------------------------------------------
(See RFCs 3967 and 4897 for information about using normative references
to lower-maturity documents in RFCs)
** Obsolete normative reference: RFC 4133 (Obsoleted by RFC 6933)
** Obsolete normative reference: RFC 5101 (Obsoleted by RFC 7011)
** Obsolete normative reference: RFC 5102 (Obsoleted by RFC 7012)
** Obsolete normative reference: RFC 5226 (Obsoleted by RFC 8126)
Summary: 5 errors (**), 0 flaws (~~), 4 warnings (==), 3 comments (--).
Run idnits with the --verbose option for more detailed information about
the items above.
--------------------------------------------------------------------------------
2 Network Working Group T. Dietz, Ed.
3 Internet-Draft NEC Europe Ltd.
4 Intended status: Standards Track A. Kobayashi
5 Expires: July 16, 2010 NTT PF Lab.
6 B. Claise
7 Cisco Systems, Inc.
8 G. Muenz
9 Technische Universitaet Muenchen
10 January 12, 2010
12 Definitions of Managed Objects for IP Flow Information Export
13 draft-ietf-ipfix-mib-10.txt
15 Abstract
17 This document defines managed objects for IP Flow Information Export
18 (IPFIX). These objects provide information for monitoring IPFIX
19 Exporters and IPFIX Collectors including the basic configuration
20 information.
22 Status of this Memo
24 This Internet-Draft is submitted to IETF in full conformance with the
25 provisions of BCP 78 and BCP 79.
27 Internet-Drafts are working documents of the Internet Engineering
28 Task Force (IETF), its areas, and its working groups. Note that
29 other groups may also distribute working documents as Internet-
30 Drafts.
32 Internet-Drafts are draft documents valid for a maximum of six months
33 and may be updated, replaced, or obsoleted by other documents at any
34 time. It is inappropriate to use Internet-Drafts as reference
35 material or to cite them other than as "work in progress."
37 The list of current Internet-Drafts can be accessed at
38 http://www.ietf.org/ietf/1id-abstracts.txt.
40 The list of Internet-Draft Shadow Directories can be accessed at
41 http://www.ietf.org/shadow.html.
43 This Internet-Draft will expire on July 16, 2010.
45 Copyright Notice
47 Copyright (c) 2010 IETF Trust and the persons identified as the
48 document authors. All rights reserved.
50 This document is subject to BCP 78 and the IETF Trust's Legal
51 Provisions Relating to IETF Documents
52 (http://trustee.ietf.org/license-info) in effect on the date of
53 publication of this document. Please review these documents
54 carefully, as they describe your rights and restrictions with respect
55 to this document. Code Components extracted from this document must
56 include Simplified BSD License text as described in Section 4.e of
57 the Trust Legal Provisions and are provided without warranty as
58 described in the BSD License.
60 Table of Contents
62 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
64 2. IPFIX Documents Overview . . . . . . . . . . . . . . . . . . . 5
66 3. The Internet-Standard Management Framework . . . . . . . . . . 6
68 4. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 7
70 5. Structure of the IPFIX MIB . . . . . . . . . . . . . . . . . . 8
71 5.1. The Transport Session Table . . . . . . . . . . . . . . . 8
72 5.2. The Template Table . . . . . . . . . . . . . . . . . . . . 10
73 5.3. The Template Definition Table . . . . . . . . . . . . . . 12
74 5.4. The Export Table . . . . . . . . . . . . . . . . . . . . . 13
75 5.5. The Metering Process Table . . . . . . . . . . . . . . . . 15
76 5.6. The Observation Point Table . . . . . . . . . . . . . . . 16
77 5.7. The Selection Process Table . . . . . . . . . . . . . . . 17
78 5.8. The Statistical Tables . . . . . . . . . . . . . . . . . . 17
79 5.8.1. The Transport Session Statistical Table . . . . . . . 18
80 5.8.2. The Template Statistical Table . . . . . . . . . . . . 18
81 5.8.3. The Metering Process Statistical Table . . . . . . . . 18
82 5.8.4. The Selection Process Statistical Table . . . . . . . 18
84 6. Structure of the IPFIX SELECTOR MIB . . . . . . . . . . . . . 19
85 6.1. The Selector Functions . . . . . . . . . . . . . . . . . . 19
87 7. Relationship to Other MIB Modules . . . . . . . . . . . . . . 22
88 7.1. Relationship to the ENTITY MIB and IF MIB . . . . . . . . 22
89 7.2. MIB modules required for IMPORTS . . . . . . . . . . . . . 22
91 8. MIB Definitions . . . . . . . . . . . . . . . . . . . . . . . 23
92 8.1. IPFIX MIB Definition . . . . . . . . . . . . . . . . . . . 23
93 8.2. IPFIX SELECTOR MIB Definition . . . . . . . . . . . . . . 58
95 9. Security Considerations . . . . . . . . . . . . . . . . . . . 62
96 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 64
98 11. Acknowledgment . . . . . . . . . . . . . . . . . . . . . . . . 65
100 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 66
101 12.1. Normative References . . . . . . . . . . . . . . . . . . . 66
102 12.2. Informative References . . . . . . . . . . . . . . . . . . 67
104 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 68
106 1. Introduction
108 This document defines two MIB modules for monitoring IP Flow
109 Information Export (IPFIX) Devices including Exporters and
110 Collectors. Most of the objects defined by the IPFIX MIB module MUST
111 be implemented. Some objects MAY be implemented corresponding to the
112 functionality implemented in the equipment. Since the IPFIX
113 architecture [RFC5470] foresees the possibility of using Filtering
114 and/or Sampling functions to reduce the data volume this document
115 also provides the IPFIX SELECTOR MIB module which contains the
116 standardized selection methods and is controlled by IANA. The full
117 configuration of the IPFIX Metering Process is out of the scope of
118 these MIB modules.
120 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
121 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
122 document are to be interpreted as described in RFC 2119 [RFC2119].
124 2. IPFIX Documents Overview
126 The IPFIX protocol provides network administrators with access to IP
127 Flow information. The architecture for the export of measured IP
128 Flow information out of an IPFIX Exporting Process to a Collecting
129 Process is defined in [RFC5470], per the requirements defined in
130 [RFC3917]. The protocol document [RFC5101] specifies how IPFIX Data
131 Records and Templates are carried via a congestion-aware transport
132 protocol from IPFIX Exporting Processes to IPFIX Collecting
133 Processes. IPFIX has a formal description of IPFIX Information
134 Elements, their name, type and additional semantic information, as
135 specified in [RFC5102]. Finally [RFC5472] describes what type of
136 applications can use the IPFIX protocol and how they can use the
137 information provided. It furthermore shows how the IPFIX framework
138 relates to other architectures and frameworks.
140 It is assumed that Flow metering, export and collection is performed
141 according to the IPFIX architecture defined in [RFC5470]. The
142 monitored configuration parameters of the export and collection of
143 Flow Templates and Data Records is modeled according to [RFC5101].
144 Packet selection methods that may be optionally used by the IPFIX
145 Metering Process are not considered in this MIB module. They are
146 defined in the Packet Sampling (PSAMP) framework [RFC5474] and
147 Sampling techniques [RFC5475] documents. Nevertheless the basis for
148 defining Sampling and Filtering functions is given with the IPFIX
149 SELECTOR MIB module. Since the PSAMP export protocol [RFC5476] is
150 based on the IPFIX protocol the Sampling and Filtering functions can
151 be added to the IPFIX SELECTOR MIB module as needed.
153 3. The Internet-Standard Management Framework
155 For a detailed overview of the documents that describe the current
156 Internet-Standard Management Framework, please refer to section 7 of
157 RFC 3410 [RFC3410].
159 Managed objects are accessed via a virtual information store, termed
160 the Management Information Base or MIB. MIB objects are generally
161 accessed through the Simple Network Management Protocol (SNMP).
162 Objects in the MIB are defined using the mechanisms defined in the
163 Structure of Management Information (SMI). This memo specifies MIB
164 modules that are compliant to the SMIv2, which is described in STD
165 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC
166 2580 [RFC2580].
168 4. Terminology
170 The definitions of the basic terms like IP Traffic Flow, Exporting
171 Process, Collecting Process, Observation Points, etc. can be found in
172 the IPFIX protocol document [RFC5101].
174 5. Structure of the IPFIX MIB
176 The IPFIX MIB module consists of seven main tables, the Transport
177 Session table, the Template table and the corresponding Template
178 Definition table, the Export table, the Metering Process table, the
179 Observation Point table and the Selection Process table. Since the
180 IPFIX architecture [RFC5470] foresees the possibility of using
181 Filtering and/or Sampling functions to reduce the data volume the MIB
182 module provides the basic objects for these functions with the
183 Selection Process table. The IPFIX SELECTOR MIB module defined in
184 the next section provides the standard Filtering and Sampling
185 functions that can be referenced in the ipfixSelectionProcessTable.
187 All remaining objects contain statistical values for the different
188 tables contained in the MIB module.
190 The following subsections describe all tables in the IPFIX MIB
191 module.
193 5.1. The Transport Session Table
195 The Transport Session is the basis of the MIB module. The Transport
196 Session table (ipfixTransportSessionTable) contains all Transport
197 Sessions between Exporter and Collector. The table specifies the
198 transport layer protocol of the Transport Session and, depending on
199 that protocol, further parameters for the Transport Session. In case
200 of UDP and TCP these are the source and destination address as well
201 as the source and destination port. For SCTP the table contains the
202 SCTP Assoc Id which is the index for the SCTP association in the SCTP
203 MIB module [RFC3873]. The mode of operation of the device, i.e. if
204 the Transport Session is used for collecting or exporting is given in
205 the ipfixTransportSessionDeviceMode object. Further on it contains
206 the configured refresh parameters for Templates and Options Templates
207 that are used across unreliable connections as UDP. Finally the
208 IPFIX version which is exported or collected by this Transport
209 Session and a status of the Transport Session is given in the table.
211 To illustrate the use of the above tables let us assume the following
212 scenario: We have an Exporter on IP address 192.0.2.22 and a
213 Collector on IP address 192.0.2.37. The Exporter uses TCP to export
214 Templates and Data Records. The same Exporter also exports, with
215 UDP, to a Collector with the IP address of 192.0.2.44. This would
216 lead to the following Transport Session table on the Exporter:
218 ipfixTransportSessionTable (1)
219 |
220 +- ipfixTransportSessionEntry (1)
221 |
222 +- index (5) (ipfixTransportSessionIndex)
223 | +- ipfixTransportSessionIndex (1) = 5
224 | +- ipfixTransportSessionProtocol (2) = 6 (TCP)
225 | +- ipfixTransportSessionSourceAddressType (3) = 1 (ipv4)
226 | +- ipfixTransportSessionSourceAddress (4) = 192.0.2.22
227 | +- ipfixTransportSessionDestinationAddressType (5) = 1 (ipv4)
228 | +- ipfixTransportSessionDestinationAddress (6) = 192.0.2.37
229 | +- ipfixTransportSessionSourcePort (7) = 7653
230 | +- ipfixTransportSessionDestinationPort (8) = 4739
231 | +- ipfixTransportSessionSctpAssocId (9) = 0
232 | +- ipfixTransportSessionDeviceMode (10) = exporting(1)
233 | +- ipfixTransportSessionTemplateRefreshTimeout (11) = 0
234 | +- ipfixTransportSessionOptionTemplateRefreshTimeout (12) = 0
235 | +- ipfixTransportSessionTemplateRefreshPacket (13) = 0
236 | +- ipfixTransportSessionOptionTemplateRefreshPacket (14) = 0
237 | +- ipfixTransportSessionIpfixVersion (15) = 10
238 | +- ipfixTransportSessionStatus (16) = 2 (active)
239 .
240 .
241 .
242 +- index (11) (ipfixTransportSessionIndex)
243 +- ipfixTransportSessionIndex (1) = 11
244 +- ipfixTransportSessionProtocol (2) = 17 (UDP)
245 +- ipfixTransportSessionSourceAddressType (3) = 1 (ipv4)
246 +- ipfixTransportSessionSourceAddress (4) = 192.0.2.22
247 +- ipfixTransportSessionDestinationAddressType (5) = 1 (ipv4)
248 +- ipfixTransportSessionDestinationAddress (6) = 192.0.2.44
249 +- ipfixTransportSessionSourcePort (7) = 14287
250 +- ipfixTransportSessionDestinationPort (8) = 4739
251 +- ipfixTransportSessionSctpAssocId (9) = 0
252 +- ipfixTransportSessionDeviceMode (10) = exporting(1)
253 +- ipfixTransportSessionTemplateRefreshTimeout (11) = 100
254 +- ipfixTransportSessionOptionTemplateRefreshTimeout (12)
255 | = 100
256 +- ipfixTransportSessionTemplateRefreshPacket (13) = 10
257 +- ipfixTransportSessionOptionTemplateRefreshPacket (14) = 10
258 +- ipfixTransportSessionIpfixVersion (15) = 10
259 +- ipfixTransportSessionStatus (16) = 2 (active)
261 The values in brackets are the OID numbers. The Collectors would
262 then have the same entry except that the index would most likely
263 differ and the ipfixTransportSessionDeviceMode would be
264 collecting(2).
266 5.2. The Template Table
268 The Template table lists all Templates (including Options Templates)
269 that are sent (by an Exporter) or received (by a Collector). The
270 (Options) Templates are unique per Transport Session which also gives
271 the device mode (Exporter or Collector) and Observation Domain, thus
272 the table is indexed by
274 o the Transport Session Index (ipfixTransportSessionIndex)
276 o and the Observation Domain Id (ipfixTemplateObservationDomainId).
278 It contains the Set Id and an access time denoting the time when the
279 (Options) Template was last sent or received.
281 To resume the above example the Exporter may want to export a
282 Template and an Options Template for each Transport Session defined
283 above. This leads to the following Template table defining Template
284 and Options Template:
286 ipfixTemplateTable (3)
287 |
288 +- ipfixTemplateEntry (1)
289 |
290 +- index (5) (ipfixTransportSessionIndex)
291 | +- index (3) (ipfixTemplateObservationDomainId)
292 | + index (257) (ipfixTemplateId)
293 | | +- ipfixTemplateObservationDomainId (1) = 3
294 | | +- ipfixTemplateId (2) = 257
295 | | +- ipfixTemplateSetId (3) = 2
296 | | +- ipfixTemplateAccessTime (4)
297 | | = 2008-7-1,12:49:11.2,+2:0
298 | |
299 | + index (264) (ipfixTemplateId)
300 | +- ipfixTemplateObservationDomainId (1) = 3
301 | +- ipfixTemplateId (2) = 264
302 | +- ipfixTemplateSetId (3) = 3
303 | +- ipfixTemplateAccessTime (4)
304 . = 2008-7-1,12:47:04.8,+2:0
305 .
306 .
307 .
308 +- index (11) (ipfixTransportSessionIndex)
309 +- index (3) (ipfixTemplateObservationDomainId)
310 + index (273) (ipfixTemplateId)
311 | +- ipfixTemplateObservationDomainId (1) = 3
312 | +- ipfixTemplateId (2) = 273
313 | +- ipfixTemplateSetId (3) = 2
314 | +- ipfixTemplateAccessTime (4)
315 | = 2008-7-1,12:49:11.2,+2:0
316 |
317 + index (289) (ipfixTemplateId)
318 +- ipfixTemplateObservationDomainId (1) = 3
319 +- ipfixTemplateId (2) = 289
320 +- ipfixTemplateSetId (3) = 3
321 +- ipfixTemplateAccessTime (4)
322 = 2008-7-1,12:47:04.8,+2:0
324 We assume that the Transport Session that is stored with index 5 in
325 the Transport Session table of the Exporter is stored with index 17
326 in the Transport Session table of the (corresponding) Collector.
327 Then, the Template table would look as follows:
329 ipfixTemplateTable (3)
330 |
331 +- ipfixTemplateEntry (1)
332 |
333 +- index (17) (ipfixTransportSessionIndex)
334 +- index (3) (ipfixTemplateObservationDomainId)
335 + index (257) (ipfixTemplateId)
336 | +- ipfixTemplateObservationDomainId (1) = 3
337 | +- ipfixTemplateId (2) = 257
338 | +- ipfixTemplateSetId (3) = 2
339 | +- ipfixTemplateAccessTime (4)
340 | = 2008-7-1,12:49:11.8,+2:0
341 |
342 + index (264) (ipfixTemplateId)
343 +- ipfixTemplateObservationDomainId (1) = 3
344 +- ipfixTemplateId (2) = 264
345 +- ipfixTemplateSetId (3) = 3
346 +- ipfixTemplateAccessTime (4)
347 = 2008-7-1,12:47:05.3,+2:0
349 The table on the second Collector would be analog to the one shown
350 above.
352 5.3. The Template Definition Table
354 The Template Definition table lists all the Information Elements
355 contained in a Template or Options Template. Therefore it has the
356 same indexes as the corresponding Template table plus the Template
357 Id. Its own index denotes the order of the Information Element
358 inside the Template. Besides the Information Element Id and the
359 length of the encoded value the table contains the enterprise number
360 for enterprise specific Information Elements and flags for each
361 Information Element. The flags indicate if the Information Element
362 is used for scoping or as a Flow Key.
364 To resume the above example again the Exporter is configured to
365 export the octets received and dropped at the Observation Point since
366 the last export of these values. In addition it exports the start
367 and end time of the flow relative to the timestamp contained in the
368 IPFIX header. This leads to the following Template Definition table
369 on the Exporter:
371 ipfixTemplateDefinitionTable (4)
372 |
373 +- ipfixTemplateDefinitionEntry (1)
374 |
375 +- index (5) (ipfixTransportSessionIndex)
376 +- index (3) (ipfixTemplateObservationDomainId)
377 + index (257) (ipfixTemplateId)
378 +- index (1) (ipfixTemplateDefinitionIndex)
379 | +- ipfixTemplateDefinitionIndex (1) = 1
380 | +- ipfixTemplateDefinitionIeId (2) = 158
381 | | (flowStartDeltaMicroseconds)
382 | +- ipfixTemplateDefinitionIeLength (3) = 4
383 | +- ipfixTemplateDefinitionEnterprise (4) = 0
384 | +- ipfixTemplateDefinitionFlags (5) = 0
385 |
386 +- index (2) (ipfixTemplateDefinitionIndex)
387 | +- ipfixTemplateDefinitionIndex (1) = 2
388 | +- ipfixTemplateDefinitionIeId (2) = 159
389 | | (flowEndDeltaMicroseconds)
390 | +- ipfixTemplateDefinitionIeLength (3) = 4
391 | +- ipfixTemplateDefinitionEnterprise (4) = 0
392 | +- ipfixTemplateDefinitionFlags (5) = 0
393 |
394 +- index (3) (ipfixTemplateDefinitionIndex)
395 | +- ipfixTemplateDefinitionIndex (1) = 3
396 | +- ipfixTemplateDefinitionIeId (2) = 1
397 | | (octetDeltaCount)
398 | +- ipfixTemplateDefinitionIeLength (3) = 8
399 | +- ipfixTemplateDefinitionEnterprise (4) = 0
400 | +- ipfixTemplateDefinitionFlags (5) = 0
401 |
402 +- index (4) (ipfixTemplateDefinitionIndex)
403 +- ipfixTemplateDefinitionIndex (1) = 4
404 +- ipfixTemplateDefinitionIeId (2) = 132
405 | (droppedOctetDeltaCount)
406 +- ipfixTemplateDefinitionIeLength (3) = 8
407 +- ipfixTemplateDefinitionEnterprise (4) = 0
408 +- ipfixTemplateDefinitionFlags (5) = 0
410 The corresponding table entry on the collector is the same except
411 that it would have another ipfixTransportSessionIndex, e.g. 17 as in
412 the previous example.
414 5.4. The Export Table
416 On Exporters, the Export table (ipfixExportTable) can be used to
417 support features like failover, load-balancing, duplicate export to
418 several Collectors etc. The table has three indexes that link an
419 entry with
421 o the Metering Process table (ipfixMeteringProcessCacheId, see
422 below),
424 o and the Transport Session table (ipfixTransportSessionIndex).
426 Those entries with the same ipfixExportIndex and the same
427 ipfixMeteringProcessCacheId define a Transport Session group. The
428 member type for each group member describes its functionality. All
429 Transport Sessions referenced in this table MUST have the
430 ipfixTransportSessionDeviceMode exporting(1).
432 If the Exporter does not use Transport Session grouping then each
433 ipfixExportIndex contains a single ipfixMeteringProcessCacheId and
434 thus a singe Transport Session (ipfixTransportSessionIndex) and this
435 session MUST have the member type primary(1).
437 For failover a Transport Session group can contain one Transport
438 Session with member type "primary" and several Transport Sessions
439 with type secondary(2). Entries with other member types are not
440 allowed for that type of group. For load-balancing or parallel
441 export all Transport Sessions in the group MUST have the same member
442 type either loadBalancing(4) or parallel(3).
444 The algorithms used for failover or load-balancing are out of the
445 scope of this document.
447 To continue the example we assume that the Exporter uses the two
448 connections shown in the examples above as one primary Transport
449 Session protected by a secondary Transport Session. The Exporter
450 then has the following entries in the ipfixExportTable:
452 ipfixExportTable (5)
453 |
454 +- ipfixExportEntry (1)
455 |
456 +- index (7) (ipfixExportIndex)
457 | +- index (9) (ipfixMeteringProcessCacheId)
458 | | +- index (5) (ipfixTransportSessionIndex)
459 | | +- ipfixExportIndex (1) = 7
460 | | +- ipfixExportMemberType (2) = 1 (primary)
461 | |
462 | +- index (11) (ipfixTransportSessionIndex)
463 | +- ipfixExportIndex (1) = 7
464 | +- ipfixExportMemberType (2) = 2 (secondary)
465 |
466 +- index (8) (ipfixExportIndex)
467 +- index (9) (ipfixMeteringProcessCacheId)
468 +- index (5) (ipfixTransportSessionIndex)
469 | +- ipfixExportIndex (1) = 8
470 | +- ipfixExportMemberType (2) = 2 (secondary)
471 +- index (11) (ipfixTransportSessionIndex)
472 +- ipfixExportIndex (1) = 8
473 +- ipfixExportMemberType (2) = 1 (primary)
475 The example shows that the Exporter uses the Metering Process Cache 9
476 explained below to export IPFIX Data Records for the Transport
477 Sessions 5 and 11. The Templates 257 and 264 defined above are
478 exported within Transport Session 5 and the Templates 273 and 289 are
479 exported within Transport Session 11. If we assume that Templates
480 257 and 264 are identical then the Collector that receives Transport
481 Session 11 is a backup for the Collector of Transport Session 5.
483 5.5. The Metering Process Table
485 The Metering Process as defined in [RFC5101] consists of a set of
486 functions. Maintaining the Flow Records is one of them. This
487 function is responsible for passing the Flow Records to the Exporting
488 Process and also for detecting Flow expiration. The Flow Records
489 that are maintained by the Metering Process can be grouped by the
490 Observation Points they are observed at. The instance that maintains
491 such a group of Flow Records is a kind of cache. For this reason the
492 Metering Process table (ipfixMeteringProcessTable) is indexed by
493 cache IDs (ipfixMeteringProcessCacheId). Each cache can be
494 maintained by a separate instance of the Metering Process. To
495 specify the Observation Point(s) where the Flow Records are gathered
496 the ipfixMeteringProcessObservationPointGroupRef may contain an
497 ipfixObservationPointGroupId from the Observation Point table
498 (ipfixObservationPointTable) described in the next section. If an
499 Observation Point is not specified for the Flow Records the
500 ipfixMeteringProcessObservationPointGroupRef MUST be zero(0). The
501 timeouts (ipfixMeteringProcessCacheActiveTimeout and
502 ipfixMeteringProcessCacheInactiveTimeout) specify when Flow Records
503 are expired.
505 ipfixMeteringProcessTable (6)
506 |
507 +- ipfixMeteringProcessEntry (1)
508 |
509 +- index (9) (ipfixMeteringProcessCacheId)
510 +- ipfixMeteringProcessCacheId (1) = 9
511 +- ipfixMeteringProcessObservationPointGroupRef (2) = 17
512 +- ipfixMeteringProcessCacheActiveTimeout (3) = 100
513 +- ipfixMeteringProcessCacheInactiveTimeout (4) = 100
515 5.6. The Observation Point Table
517 The Observation Point table (ipfixObservationPointTable) groups
518 Observation Points with the ipfixObservationPointGroupId. Each entry
519 contains the Observation Domain ID in which the Observation Point is
520 located and a reference to the ENTITY MIB module [RFC4133] or the IF
521 MIB module [RFC2863]. The objects in the ENTITY MIB module
522 referenced by ipfixObservationPointPhysicalEntity or IF MIB module
523 referenced by ipfixObservationPointPhysicalInterface denote the
524 Observation Point. If no such index can be given in those modules
525 the references MUST be 0. If a reference is given in both object
526 ipfixObservationPointPhysicalEntity and
527 ipfixObservationPointPhysicalInterface then both MUST point to the
528 same physical interface. In addition a direction can be given to
529 render more specific which Flow to monitor.
531 ipfixObservationPointTable (7)
532 |
533 +- ipfixObservationPointEntry (1)
534 |
535 +- index (17) (ipfixObservationPointGroupId)
536 +- index (1) (ipfixObservationPointIndex)
537 | +- ipfixObservationPointGroupId (1) = 17
538 | +- ipfixObservationPointIndex (2) = 1
539 | +- ipfixObservationPointObservationDomainId (3) = 3
540 | +- ipfixObservationPointPhysicalEntity (4) = 6
541 | +- ipfixObservationPointPhysicalInterface(5) = 0
542 | +- ipfixObservationPointPhysicalEntityDirection (6)
543 = 3 (both)
544 |
545 +- index (2) (ipfixObservationPointIndex)
546 +- ipfixObservationPointGroupId (1) = 17
547 +- ipfixObservationPointIndex (2) = 2
548 +- ipfixObservationPointObservationDomainId (3) = 3
549 +- ipfixObservationPointPhysicalEntity (4) = 0
550 +- ipfixObservationPointPhysicalInterface (5) = 0
551 +- ipfixObservationPointPhysicalEntityDirection (6)
552 = 1 (ingress)
554 5.7. The Selection Process Table
556 This table supports the usage of Filtering and Sampling functions as
557 described in [RFC5470]. It contains lists of functions per Metering
558 Process cache (ipfixMeteringProcessCacheId). The selection process
559 index ipfixSelectionProcessIndex forms groups of selection methods
560 that are applied to an observed packet stream. The selection process
561 selector index (ipfixSelectionProcessSelectorIndex) indicates the
562 order in which the functions are applied to the packets observed at
563 the Observation Points associated with the Metering Process cache.
564 The selection methods are applied in increasing order i.e., selection
565 methods with a lower ipfixSelectionProcessSelectorIndex are applied
566 first. The functions are referred by object identifiers pointing to
567 the function with its parameters. If the selection method does not
568 use parameters then it MUST point to the root of the function subtree
569 (see also Section Section 6). If the function uses parameters then
570 it MUST point to an entry in the parameter table of the selection
571 method. If no Filtering or Sampling function is used for a Metering
572 Process then an entry for the Metering Process SHOULD be created
573 pointing to the Select All function (ipfixFuncSelectAll).
575 5.8. The Statistical Tables
577 For the ipfixTransportSessionTable, the ipfixTemplateTable, the
578 ipfixMeteringProcessTable and the ipfixSelectionProcessTable
579 statistical tables are defined that augment those tables. All the
580 statistical tables contain a discontinuity object that holds a
581 timestamp that denotes the time when a discontinuity event occurred
582 to notify the management system that the counters contained in those
583 tables might not be continuous anymore.
585 5.8.1. The Transport Session Statistical Table
587 The Transport Session Statistical table
588 (ipfixTransportSessionStatsTable) augments the
589 ipfixTransportSessionTable with statistical values. It contains the
590 rate (in bytes per second) with which it receives or sends out IPFIX
591 Messages, the number of bytes, packets, messages, Records, Templates
592 and Options Templates received or sent and the number of messages
593 that were discarded.
595 5.8.2. The Template Statistical Table
597 This table contains a statistical value for each Template. It
598 augments the Template table (ipfixTemplateTable) and specifies the
599 number of Data Records exported or collected for the Template.
601 5.8.3. The Metering Process Statistical Table
603 This table augments the Metering Process table
604 (ipfixMeteringProcessTable). It contains the statistical values for
605 the exported Data Records and the number of active and inactive flows
606 that are currently observed.
608 5.8.4. The Selection Process Statistical Table
610 This table augments the Selection Process table
611 (ipfixSelectionProcessTable) and introduces two generic statistical
612 values, the number of packets observed and the number of packets
613 dropped by the selection method.
615 6. Structure of the IPFIX SELECTOR MIB
617 The IPFIX SELECTOR MIB module defined in this section provides the
618 standard Filtering and Sampling functions that can be referenced in
619 the ipfixSelectionProcessTable. The subtree ipfixSelectorFunctions
620 is a placeholder where all standard Filtering and Sampling functions
621 should be located. It currently contains the Select All function
622 (ipfixFuncSelectAll). The IPFIX SELECTOR MIB module is maintained by
623 IANA and can be extended through Expert Review [RFC5226], i.e.,
624 review by one of a group of experts designated by an IETF Area
625 Director. The group of experts MUST check the requested MIB objects
626 for completeness and accuracy of the description. Requests for MIB
627 objects that duplicate the functionality of existing objects SHOULD
628 be declined. The smallest available OID SHOULD be assigned to a new
629 MIB objects. The specification of new MIB objects SHOULD follow the
630 structure specified in the next Section and MUST be published using a
631 well-established and persistent publication medium. The experts will
632 initially be drawn from the Working Group Chairs and document editors
633 of the IPFIX and PSAMP Working Groups.
635 6.1. The Selector Functions
637 The following figure shows how the MIB tree usually should look like.
638 It already contains the ipfixFuncSelectAll. The subtree in
639 ipfixFuncF2 gives the basic structure which all selection methods
640 SHOULD follow.
642 ipfixSelectorFunctions
643 |
644 +- ipfixFuncSelectAll
645 | |
646 | +- ipfixFuncSelectAllAvail (is the function available?)
647 |
648 +- ipfixFuncF2
649 | |
650 | +- ipfixFuncF2Avail (is the function F2 available)
651 | |
652 | +- ipfixFuncF2Parameters (a table with parameters)
653 ...
654 |
655 +- ipfixFunFn...
657 The selection method SHOULD be designed as a MIB subtree introduced
658 by an object with the name ipfixFunc appended by a function name.
659 The objects in this subtree SHOULD be prefixed by this name. If the
660 function is named Fx then we would start a subtree with an OID named
661 ipfixFuncFx. This subtree should contain an object ipfixFuncFxAvail
662 which has the type TruthValue. If a selection method takes
663 parameters the MIB should contain a table named ipfixFuncFxParameters
664 which should contain all the parameters that the selection method
665 specifies. An entry in this table will be referenced by the IPFIX
666 MIB module if the selection method with the parameters is used.
668 To illustrate the structure defined above the following contains an
669 example of a function MyFunc that holds three integer parameters
670 Param1, Param2 and Param3. In the example there are currently two
671 instances of the parameters set defined with indexes 1 and 4.
673 ipfixSelectorFunctions (1)
674 |
675 +- ipfixFuncMyFunc (?)
676 |
677 +- ipfixFuncMyFuncAvail (1) = true
678 +- ipfixFuncMyFuncParameters (2)
679 |
680 +- ipfixFuncMyFuncParametersEntry (1)
681 |
682 +- index (1) (ipfixFuncMyFuncParametersIndex)
683 | +- ipfixFuncMyFuncParam1 (1) = 47
684 | +- ipfixFuncMyFuncParam2 (2) = -128
685 | +- ipficFuncMyFuncParam3 (3) = 19
686 |
687 +- index(4) (ipfixFuncMyFuncParametersIndex)
688 +- ipfixFuncMyFuncParam1 (1) = 19
689 +- ipfixFuncMyFuncParam2 (2) = -1
690 +- ipficFuncMyFuncParam3 (3) = 728
692 If the function defined above is referenced in the IPFIX MIB module
693 the ipfixSelectionProcessTable would look as follows:
695 ipfixSelectionProcessTable (8)
696 |
697 +- ipfixSelectionProcessEntry (1)
698 |
699 +- index (9) (ipfixMeteringProcessCacheId)
700 +- index (1) (ipfixSelectionProcessIndex)
701 +- index (1) (ipfixSelectionProcessSelectorIndex)
702 | +- ipfixSelectionProcessSelectorFunction (3)
703 | = ipfixSelectorFunctions.?.2.1.4
704 +- index (2) (ipfixSelectionProcessSelectorIndex)
705 +- ipfixSelectionProcessSelectorFunction (3)
706 = ipfixSelectorFunctions.?.2.1.1
708 This means that for the ipfixMeteringProcessCacheId(9) a Selection
709 Process with index 1 is created that applies two times the same
710 function but with different parameter sets. First the function
711 MyFunc is applied with the parameters of the set with index 4 and the
712 with the parameters of the set with index 1.
714 7. Relationship to Other MIB Modules
716 Besides the usual imports from the SNMP Standards [RFC2578],
717 [RFC2579] and [RFC2580] the IPFIX MIB module references the ENTITY
718 MIB module [RFC4133] and the IF MIB module [RFC2863].
720 7.1. Relationship to the ENTITY MIB and IF MIB
722 The Observation Point table (ipfixObservationPointTable) contains a
723 reference to the ENTITY MIB module[RFC4133]
724 (ipfixObservationPointPhysicalEntity) or the IF MIB module [RFC2863]
725 (ipfixObservationPointPhysicalInterface). If the implementors of the
726 IPFIX MIB module want to specify the physical entity where Flows are
727 observed then they SHOULD also implement the ENTITY MIB and/or the IF
728 MIB module. The implementation of the ENTITY MIB and/or IF MIB
729 module is OPTIONAL. If one of them is not implemented then all
730 values of the respective column ipfixObservationPointPhysicalEntity
731 or ipfixObservationPointPhysicalInterface in the Observation Point
732 table are zero and the values of the
733 ipfixObservationPointPhysicalEntityDirection columns are unknown(0)
734 if none of them is defined.
736 7.2. MIB modules required for IMPORTS
738 The IPFIX MIB module requires the modules SNMPv2-SMI[RFC2578],
739 SNMPv2-TC[RFC2579] and SNMPv2-CONF[RFC2580]. Further on it imports
740 the textual conventions InetAddressType and InetAddress from the INET
741 ADDRESS MIB module[RFC4001].
743 The IPFIX SELECTOR MIB module also requires the modules SNMPv2-
744 SMI[RFC2578], SNMPv2-TC[RFC2579] and SNMPv2-CONF[RFC2580].
746 8. MIB Definitions
748 This section contains the definitions of the IPFIX-MIB module and the
749 IPFIX-SELECTOR-MIB module. There are different mandatory groups
750 defined for Collector and Exporter implementations. The statistical
751 objects are made OPTIONAL.
753 8.1. IPFIX MIB Definition
755 IPFIX-MIB DEFINITIONS ::= BEGIN
757 IMPORTS
758 MODULE-IDENTITY, OBJECT-TYPE, mib-2, Unsigned32, Counter64,
759 Gauge32
760 FROM SNMPv2-SMI -- RFC2578
761 TimeStamp, DateAndTime
762 FROM SNMPv2-TC -- RFC2579
763 MODULE-COMPLIANCE, OBJECT-GROUP
764 FROM SNMPv2-CONF -- RFC2580
765 InterfaceIndexOrZero
766 FROM IF-MIB -- RFC2863
767 InetAddressType, InetAddress, InetPortNumber
768 FROM INET-ADDRESS-MIB -- RFC4001
769 PhysicalIndexOrZero
770 FROM ENTITY-MIB; -- RFC4133
772 ipfixMIB MODULE-IDENTITY
773 LAST-UPDATED "201001120900Z" -- 12 January 2010
774 ORGANIZATION "IETF IPFIX Working Group"
775 CONTACT-INFO
776 "WG charter:
777 http://www.ietf.org/html.charters/ipfix-charter.html
779 Mailing Lists:
780 General Discussion: ipfix@ietf.org
781 To Subscribe: http://www1.ietf.org/mailman/listinfo/ipfix
782 Archive:
783 http://www1.ietf.org/mail-archive/web/ipfix/current/index.html
785 Editor:
786 Thomas Dietz
787 NEC Europe Ltd.
788 NEC Laboratories Europe
789 Network Research Division
790 Kurfuersten-Anlage 36
791 69115 Heidelberg
792 Germany
793 Phone: +49 6221 4342-128
794 Email: Thomas.Dietz@nw.neclab.eu
796 Atsushi Kobayashi
797 NTT Information Sharing Platform Laboratories
798 3-9-11 Midori-cho
799 Musashino-shi
800 180-8585
801 Japan
802 Phone: +81-422-59-3978
803 Email: akoba@nttv6.net
805 Benoit Claise
806 Cisco Systems, Inc.
807 De Kleetlaan 6a b1
808 Degem 1831
809 Belgium
810 Phone: +32 2 704 5622
811 Email: bclaise@cisco.com
813 Gerhard Muenz
814 Technische Universitaet Muenchen
815 Department of Informatics
816 Chair for Network Architectures and Services (I8)
817 Boltzmannstr. 3
818 85748 Garching
819 Germany
820 Phone: +49 89 289-18008
821 Email: muenz@net.in.tum.de
822 URI: http://www.net.in.tum.de/~muenz"
823 DESCRIPTION
824 "The IPFIX MIB defines managed objects for IP Flow
825 Information eXport. These objects provide information about
826 managed nodes supporting the IP Flow Information Export
827 protocol, for Exporters as well as for Collectors.
829 Copyright (c) 2009 IETF Trust and the persons identified as
830 the document authors. All rights reserved. This version
831 of this MIB module is part of RFC yyyy; see the RFC itself
832 for full legal notices."
833 -- replace yyyy with actual RFC number & remove this notice
835 -- Revision history
837 REVISION "201001120900Z" -- 12 January 2010
838 DESCRIPTION
839 "Initial version, published as RFC yyyy."
840 -- replace yyyy with actual RFC number & remove this notice
841 ::= { mib-2 xxx }
842 -- xxx to be assigned by IANA.
844 --******************************************************************
845 -- Top Level Structure of the MIB
846 --******************************************************************
848 ipfixObjects OBJECT IDENTIFIER ::= { ipfixMIB 1 }
849 ipfixConformance OBJECT IDENTIFIER ::= { ipfixMIB 2 }
851 ipfixMainObjects OBJECT IDENTIFIER ::= { ipfixObjects 1 }
852 ipfixStatistics OBJECT IDENTIFIER ::= { ipfixObjects 2 }
854 --==================================================================
855 -- 1.1: Objects used by all IPFIX implementations
856 --==================================================================
857 --------------------------------------------------------------------
858 -- 1.1.1: Transport Session Table
859 --------------------------------------------------------------------
860 ipfixTransportSessionTable OBJECT-TYPE
861 SYNTAX SEQUENCE OF IpfixTransportSessionEntry
862 MAX-ACCESS not-accessible
863 STATUS current
864 DESCRIPTION
865 "This table lists the currently established Transport
866 Sessions between an Exporting Process and a Collecting
867 Process."
868 ::= { ipfixMainObjects 1 }
870 ipfixTransportSessionEntry OBJECT-TYPE
871 SYNTAX IpfixTransportSessionEntry
872 MAX-ACCESS not-accessible
873 STATUS current
874 DESCRIPTION
875 "Defines an entry in the ipfixTransportSessionTable"
876 INDEX { ipfixTransportSessionIndex }
877 ::= { ipfixTransportSessionTable 1 }
879 IpfixTransportSessionEntry ::=
880 SEQUENCE {
881 ipfixTransportSessionIndex Unsigned32,
882 ipfixTransportSessionProtocol Unsigned32,
883 ipfixTransportSessionSourceAddressType InetAddressType,
884 ipfixTransportSessionSourceAddress InetAddress,
885 ipfixTransportSessionDestinationAddressType InetAddressType,
886 ipfixTransportSessionDestinationAddress InetAddress,
887 ipfixTransportSessionSourcePort InetPortNumber,
888 ipfixTransportSessionDestinationPort InetPortNumber,
889 ipfixTransportSessionSctpAssocId Unsigned32,
890 ipfixTransportSessionDeviceMode INTEGER,
891 ipfixTransportSessionTemplateRefreshTimeout Unsigned32,
892 ipfixTransportSessionOptionsTemplateRefreshTimeout Unsigned32,
893 ipfixTransportSessionTemplateRefreshPacket Unsigned32,
894 ipfixTransportSessionOptionsTemplateRefreshPacket Unsigned32,
895 ipfixTransportSessionIpfixVersion Unsigned32,
896 ipfixTransportSessionStatus INTEGER
897 }
899 ipfixTransportSessionIndex OBJECT-TYPE
900 SYNTAX Unsigned32 (1..4294967295)
901 MAX-ACCESS not-accessible
902 STATUS current
903 DESCRIPTION
904 "Locally arbitrary, but unique identifier of an entry in
905 the ipfixTransportSessionTable. The value is expected to
906 remain constant from a re-initialization of the entity's
907 network management agent to the next re-initialization."
908 ::= { ipfixTransportSessionEntry 1 }
910 ipfixTransportSessionProtocol OBJECT-TYPE
911 SYNTAX Unsigned32 (1..255)
912 MAX-ACCESS read-only
913 STATUS current
914 DESCRIPTION
915 "The transport protocol used for receiving or transmitting
916 IPFIX Messages. Protocol numbers are assigned by IANA. A
917 current list of all assignments is available from
918 ."
919 REFERENCE
920 "RFC5101 Section 10 - Specification of the IP Flow
921 Information Export(IPFIX) Protocol for the Exchange of IP
922 Traffic Flow Information"
923 ::= { ipfixTransportSessionEntry 2 }
925 ipfixTransportSessionSourceAddressType OBJECT-TYPE
926 SYNTAX InetAddressType
927 MAX-ACCESS read-only
928 STATUS current
929 DESCRIPTION
930 "The type of address used for the source address
931 as specified in RFC4001. This object is used with protocols
932 (specified in ipfixTransportSessionProtocol) like TCP(6)
933 and UDP(17) that have the notion of addresses. SCTP(132)
934 should use the ipfixTransportSessionSctpAssocId instead.
935 If SCTP(132) or any other protocol without the notion of
936 addresses is used the object MUST be set to unknown(0)."
938 ::= { ipfixTransportSessionEntry 3 }
940 ipfixTransportSessionSourceAddress OBJECT-TYPE
941 SYNTAX InetAddress
942 MAX-ACCESS read-only
943 STATUS current
944 DESCRIPTION
945 "The source address of the Exporter of the IPFIX Transport
946 Session. This value is interpreted according to the value of
947 ipfixTransportSessionAddressType as specified in RFC4001.
948 This object is used with protocols (specified in
949 ipfixTransportSessionProtocol) like TCP(6) and UDP(17) that
950 have the notion of addresses. SCTP(132) should use the
951 ipfixTransportSessionSctpAssocId instead. If SCTP(132) or
952 any other protocol without the notion of addresses is used
953 the object MUST be set to a zero-length string."
954 ::= { ipfixTransportSessionEntry 4 }
956 ipfixTransportSessionDestinationAddressType OBJECT-TYPE
957 SYNTAX InetAddressType
958 MAX-ACCESS read-only
959 STATUS current
960 DESCRIPTION
961 "The type of address used for the destination address
962 as specified in RFC4001. This object is used with protocols
963 (specified in ipfixTransportSessionProtocol) like TCP(6)
964 and UDP(17) that have the notion of addresses. SCTP(132)
965 should use the ipfixTransportSessionSctpAssocId instead.
966 If SCTP(132) or any other protocol without the notion of
967 addresses is used the object MUST be set to unknown(0)."
968 ::= { ipfixTransportSessionEntry 5 }
970 ipfixTransportSessionDestinationAddress OBJECT-TYPE
971 SYNTAX InetAddress
972 MAX-ACCESS read-only
973 STATUS current
974 DESCRIPTION
975 "The destination address of the Collector of the IPFIX
976 Transport Session. This value is interpreted according to
977 the value of ipfixTransportSessionAddressType as specified
978 in RFC4001. This object is used with protocols
979 (specified in ipfixTransportSessionProtocol) like TCP(6)
980 and UDP(17) that have the notion of addresses. SCTP(132)
981 should use the ipfixTransportSessionSctpAssocId instead.
982 If SCTP(132) or any other protocol without the notion of
983 addresses is used the object MUST be set to a zero-length
984 string"
985 ::= { ipfixTransportSessionEntry 6 }
987 ipfixTransportSessionSourcePort OBJECT-TYPE
988 SYNTAX InetPortNumber
989 MAX-ACCESS read-only
990 STATUS current
991 DESCRIPTION
992 "The transport protocol port number of the Exporter.
993 This object is used with protocols (specified in
994 ipfixTransportSessionProtocol) like TCP(6)
995 and UDP(17) that have the notion of ports. SCTP(132)
996 should copy the value of sctpAssocLocalPort if the
997 Transport Session is in collecting mode or
998 sctpAssocRemPort if the Transport Session is in
999 exporting mode. The association is referenced with
1000 by the ipfixTransportSessionSctpAssocId.
1001 If any other protocol without the notion of
1002 ports is used the object MUST be set to zero."
1003 ::= { ipfixTransportSessionEntry 7 }
1005 ipfixTransportSessionDestinationPort OBJECT-TYPE
1006 SYNTAX InetPortNumber
1007 MAX-ACCESS read-only
1008 STATUS current
1009 DESCRIPTION
1010 "The transport protocol port number of the Collector. The
1011 default value is 4739 for all currently defined transport
1012 protocol types. This object is used with protocols
1013 (specified in ipfixTransportSessionProtocol) like TCP(6)
1014 and UDP(17) that have the notion of ports. SCTP(132)
1015 should copy the value of sctpAssocRemPort if the
1016 Transport Session is in collecting mode or
1017 sctpAssocLocalPort if the Transport Session is in
1018 exporting mode. The association is referenced with
1019 by the ipfixTransportSessionSctpAssocId.
1020 If any other protocol without the notion of
1021 ports is used the object MUST be set to zero."
1022 ::= { ipfixTransportSessionEntry 8 }
1024 ipfixTransportSessionSctpAssocId OBJECT-TYPE
1025 SYNTAX Unsigned32
1026 MAX-ACCESS read-only
1027 STATUS current
1028 DESCRIPTION
1029 "The association id used for the SCTP session between the
1030 Exporter and the Collector of the IPFIX Transport Session.
1031 It is equal to the sctpAssocId entry in the sctpAssocTable
1032 defined in the SCTP MIB. This object is only valid if
1033 ipfixTransportSessionProtocol has the value 132 (SCTP). In
1034 all other cases the value MUST be zero."
1036 REFERENCE
1037 "RFC3873 - Stream Control Transmission Protocol (SCTP)
1038 Management Information Base (MIB)"
1039 ::= { ipfixTransportSessionEntry 9 }
1041 ipfixTransportSessionDeviceMode OBJECT-TYPE
1042 SYNTAX INTEGER {
1043 exporting(1),
1044 collecting(2)
1045 }
1046 MAX-ACCESS read-only
1047 STATUS current
1048 DESCRIPTION
1049 "The mode of operation of the device for the given Transport
1050 Session. This object can have the following values:
1052 exporting(1)
1053 This value MUST be used if the Transport Session is
1054 used for exporting Records to other IPFIX Devices,
1055 i.e. this device acts as Exporter.
1057 collecting(2)
1058 This value MUST be used if the Transport Session is
1059 used for collecting Records from other IPFIX Devices,
1060 i.e. this device acts as Collector."
1061 ::= { ipfixTransportSessionEntry 10 }
1063 ipfixTransportSessionTemplateRefreshTimeout OBJECT-TYPE
1064 SYNTAX Unsigned32
1065 UNITS "seconds"
1066 MAX-ACCESS read-only
1067 STATUS current
1068 DESCRIPTION
1069 "On Exporters this object contains the time in seconds
1070 after which IPFIX Templates MUST be resent by the
1071 Exporter.
1073 On Collectors this object contains the lifetime in seconds
1074 after which a Template becomes invalid when it is not
1075 received again within this lifetime.
1077 This object is only valid if ipfixTransportSessionProtocol
1078 has the value 17 (UDP). In all other cases the value MUST
1079 be zero."
1080 REFERENCE
1081 "RFC5101 Sections 10.3.6 and 10.3.7 - Specification of
1082 the IP Flow Information Export(IPFIX) Protocol for the
1083 Exchange of IP Traffic Flow Information"
1085 ::= { ipfixTransportSessionEntry 11 }
1087 ipfixTransportSessionOptionsTemplateRefreshTimeout OBJECT-TYPE
1088 SYNTAX Unsigned32
1089 UNITS "seconds"
1090 MAX-ACCESS read-only
1091 STATUS current
1092 DESCRIPTION
1093 "On Exporters this object contains the time in seconds
1094 after which IPFIX Options Templates MUST be resent by the
1095 Exporter.
1097 On Collectors this object contains the lifetime in seconds
1098 after which an Options Template becomes invalid when it is
1099 not received again within this lifetime.
1101 This object is only valid if ipfixTransportSessionProtocol
1102 has the value 17 (UDP). In all other cases the value MUST
1103 be zero."
1104 REFERENCE
1105 "RFC5101 Sections 10.3.6 and 10.3.7 - Specification of
1106 the IP Flow Information Export(IPFIX) Protocol for the
1107 Exchange of IP Traffic Flow Information"
1108 ::= { ipfixTransportSessionEntry 12 }
1110 ipfixTransportSessionTemplateRefreshPacket OBJECT-TYPE
1111 SYNTAX Unsigned32
1112 UNITS "packets"
1113 MAX-ACCESS read-only
1114 STATUS current
1115 DESCRIPTION
1116 "On Exporters this object contains the number of exported
1117 IPFIX Messages after which IPFIX Templates MUST be resent
1118 by the Exporter.
1120 On Collectors this object contains the lifetime in number
1121 of exported IPFIX Messages after which a Template becomes
1122 invalid when it is not received again within this lifetime.
1124 This object is only valid if ipfixTransportSessionProtocol
1125 has the value 17 (UDP). In all other cases the value MUST
1126 be zero."
1127 REFERENCE
1128 "RFC5101 Sections 10.3.6 and 10.3.7 - Specification of
1129 the IP Flow Information Export(IPFIX) Protocol for the
1130 Exchange of IP Traffic Flow Information"
1131 ::= { ipfixTransportSessionEntry 13 }
1133 ipfixTransportSessionOptionsTemplateRefreshPacket OBJECT-TYPE
1134 SYNTAX Unsigned32
1135 UNITS "packets"
1136 MAX-ACCESS read-only
1137 STATUS current
1138 DESCRIPTION
1139 "On Exporters this object contains the number of exported
1140 IPFIX Messages after which IPFIX Options Templates MUST be
1141 resent by the Exporter.
1143 On Collectors this object contains the lifetime in number
1144 of exported IPFIX Messages after which an Options Template
1145 becomes invalid when it is not received again within this
1146 lifetime.
1148 This object is only valid if ipfixTransportSessionProtocol
1149 has the value 17 (UDP). In all other cases the value MUST
1150 be zero."
1151 REFERENCE
1152 "RFC5101 Sections 10.3.6 and 10.3.7 - Specification of
1153 the IP Flow Information Export(IPFIX) Protocol for the
1154 Exchange of IP Traffic Flow Information"
1155 ::= { ipfixTransportSessionEntry 14 }
1157 ipfixTransportSessionIpfixVersion OBJECT-TYPE
1158 SYNTAX Unsigned32 (0..65535)
1159 MAX-ACCESS read-only
1160 STATUS current
1161 DESCRIPTION
1162 "On Exporters the object contains the version number of the
1163 IPFIX protocol that the Exporter uses to export its data in
1164 this Transport Session.
1166 On Collectors the object contains the version number of the
1167 IPFIX protocol it receives for this Transport Session.
1169 If IPFIX Messages of different IPFIX protocol versions are
1170 transmitted or received in this Transport Session, this
1171 object contains the maximum version number."
1172 REFERENCE
1173 "RFC5101 Section 3.1 - Specification of the IP Flow
1174 Information Export (IPFIX) Protocol for the Exchange of IP
1175 Traffic Flow Information"
1176 ::= { ipfixTransportSessionEntry 15 }
1178 ipfixTransportSessionStatus OBJECT-TYPE
1179 SYNTAX INTEGER {
1180 unknown(0),
1181 inactive(1),
1182 active(2)
1183 }
1184 MAX-ACCESS read-only
1185 STATUS current
1186 DESCRIPTION
1187 "The status of a Transport Session. This object can have the
1188 following values:
1190 unknown(0)
1191 This value MUST be used if the status of the
1192 Transport Session cannot be detected by the equipment.
1193 This value should be avoided as far as possible.
1195 inactive(1)
1196 This value MUST be used for Transport Sessions that
1197 are specified in the system but not currently active.
1198 The value can be used e.g. for Transport Sessions that
1199 are backup (secondary) sessions in a Transport Session
1200 group.
1202 active(2)
1203 This value MUST be used for Transport Sessions that are
1204 currently active and transmitting or receiving data."
1205 ::= { ipfixTransportSessionEntry 16 }
1207 --------------------------------------------------------------------
1208 -- 1.1.2: Template Table
1209 --------------------------------------------------------------------
1210 ipfixTemplateTable OBJECT-TYPE
1211 SYNTAX SEQUENCE OF IpfixTemplateEntry
1212 MAX-ACCESS not-accessible
1213 STATUS current
1214 DESCRIPTION
1215 "This table lists the Templates and Options Templates that
1216 are transmitted by the Exporting Process or received by the
1217 Collecting Process.
1219 The table contains the Templates and Options Templates that
1220 are received or used for exporting data for a given
1221 Transport Session group and Observation Domain.
1223 Withdrawn or invalidated (Options) Template MUST be removed
1224 from this table."
1225 ::= { ipfixMainObjects 2 }
1227 ipfixTemplateEntry OBJECT-TYPE
1228 SYNTAX IpfixTemplateEntry
1229 MAX-ACCESS not-accessible
1230 STATUS current
1231 DESCRIPTION
1232 "Defines an entry in the ipfixTemplateTable"
1233 INDEX {
1234 ipfixTransportSessionIndex,
1235 ipfixTemplateObservationDomainId,
1236 ipfixTemplateId
1237 }
1238 ::= { ipfixTemplateTable 1 }
1240 IpfixTemplateEntry ::=
1241 SEQUENCE {
1242 ipfixTemplateObservationDomainId Unsigned32,
1243 ipfixTemplateId Unsigned32,
1244 ipfixTemplateSetId Unsigned32,
1245 ipfixTemplateAccessTime DateAndTime
1246 }
1248 ipfixTemplateObservationDomainId OBJECT-TYPE
1249 SYNTAX Unsigned32 (0..4294967295)
1250 MAX-ACCESS not-accessible
1251 STATUS current
1252 DESCRIPTION
1253 "The ID of the Observation Domain for which this Template
1254 is defined. This value is used when sending IPFIX Messages.
1256 The special value of 0 indicates that the Data Records
1257 exported with this (Option Template) cannot be applied to a
1258 single Observation Domain."
1259 REFERENCE
1260 "RFC5101 Section 3.1 - Specification of the IP Flow
1261 Information Export (IPFIX) Protocol for the Exchange of IP
1262 Traffic Flow Information"
1263 ::= { ipfixTemplateEntry 1 }
1265 ipfixTemplateId OBJECT-TYPE
1266 SYNTAX Unsigned32 (256..65535)
1267 MAX-ACCESS not-accessible
1268 STATUS current
1269 DESCRIPTION
1270 "This number indicates the Template Id in the IPFIX
1271 message. Values from 0 to 255 are not allowed for Template
1272 Ids."
1273 REFERENCE
1274 "RFC5101 Section 3.4.1 - Specification of the IP Flow
1275 Information Export (IPFIX) Protocol for the Exchange of IP
1276 Traffic Flow Information"
1278 ::= { ipfixTemplateEntry 2 }
1280 ipfixTemplateSetId OBJECT-TYPE
1281 SYNTAX Unsigned32 (1..65535)
1282 MAX-ACCESS read-only
1283 STATUS current
1284 DESCRIPTION
1285 "This number indicates the Set ID of the Template. This
1286 object allows to easily retrieve the Template type.
1288 Currently there are two values defined. The value 2 is
1289 used for Sets containing Template definitions. The value 3
1290 is used for Sets containing Options Template definitions."
1291 REFERENCE
1292 "RFC5101 Section 3.3.2 - Specification of the IP Flow
1293 Information Export (IPFIX) Protocol for the Exchange of IP
1294 Traffic Flow Information"
1295 ::= { ipfixTemplateEntry 3 }
1297 ipfixTemplateAccessTime OBJECT-TYPE
1298 SYNTAX DateAndTime
1299 MAX-ACCESS read-only
1300 STATUS current
1301 DESCRIPTION
1302 "If the Transport Session is in exporting mode
1303 (ipfixTransportSessionDeviceMode) the time when this
1304 (Options) Template was last sent to the Collector(s).
1306 In the specific case of UDP as transport protocol, this
1307 time is used to know when a retransmission of the
1308 (Options) Template is needed.
1310 If it is in collecting mode it this object contains the
1311 time when this (Options) Template was last received from
1312 the Exporter. In the specific case of UDP as transport
1313 protocol, this time is used to know when this (Options)
1314 Template times out and thus is no longer valid."
1315 ::= { ipfixTemplateEntry 4 }
1317 --------------------------------------------------------------------
1318 -- 1.1.3: Exported Template Definition Table
1319 --------------------------------------------------------------------
1320 ipfixTemplateDefinitionTable OBJECT-TYPE
1321 SYNTAX SEQUENCE OF IpfixTemplateDefinitionEntry
1322 MAX-ACCESS not-accessible
1323 STATUS current
1324 DESCRIPTION
1325 "On Exporters this table lists the (Options) Template fields
1326 of which a (Options) Template is defined. It defines the
1327 (Options) Template given in the ipfixTemplateId specified in
1328 the ipfixTemplateTable.
1330 On Collectors this table lists the (Options) Template fields
1331 of which a (Options) Template is defined. It defines the
1332 (Options) Template given in the ipfixTemplateId specified in
1333 the ipfixTemplateTable."
1334 ::= { ipfixMainObjects 3 }
1336 ipfixTemplateDefinitionEntry OBJECT-TYPE
1337 SYNTAX IpfixTemplateDefinitionEntry
1338 MAX-ACCESS not-accessible
1339 STATUS current
1340 DESCRIPTION
1341 "Defines an entry in the ipfixTemplateDefinitionTable"
1342 INDEX {
1343 ipfixTransportSessionIndex,
1344 ipfixTemplateObservationDomainId,
1345 ipfixTemplateId,
1346 ipfixTemplateDefinitionIndex
1347 }
1348 ::= { ipfixTemplateDefinitionTable 1 }
1350 IpfixTemplateDefinitionEntry ::=
1351 SEQUENCE {
1352 ipfixTemplateDefinitionIndex Unsigned32,
1353 ipfixTemplateDefinitionIeId Unsigned32,
1354 ipfixTemplateDefinitionIeLength Unsigned32,
1355 ipfixTemplateDefinitionEnterpriseNumber Unsigned32,
1356 ipfixTemplateDefinitionFlags BITS
1357 }
1359 ipfixTemplateDefinitionIndex OBJECT-TYPE
1360 SYNTAX Unsigned32 (1..65535)
1361 MAX-ACCESS not-accessible
1362 STATUS current
1363 DESCRIPTION
1364 "The ipfixTemplateDefinitionIndex specifies the order in
1365 which the Information Elements are used in the (Options)
1366 Template Record.
1368 Since a Template Record can contain a maximum of 65535
1369 Information Elements the index is limited to this value."
1370 REFERENCE
1371 "RFC5101 Section 3.4.1 and 3.4.2 - Specification of the
1372 IP Flow Information Export (IPFIX) Protocol for the
1373 Exchange of IP Traffic Flow Information"
1375 ::= { ipfixTemplateDefinitionEntry 1 }
1377 ipfixTemplateDefinitionIeId OBJECT-TYPE
1378 SYNTAX Unsigned32 (1..65535)
1379 MAX-ACCESS read-only
1380 STATUS current
1381 DESCRIPTION
1382 "This indicates the Information Element Id at position
1383 ipfixTemplateDefinitionIndex in the (Options) Template
1384 ipfixTemplateId. This implicitly specifies the data type
1385 of the Information Element. The elements are registered
1386 at IANA. A current list of assignments can be found at
1387 "
1388 REFERENCE
1389 "RFC5101 Section 3.2 - Specification of the IP Flow
1390 Information Export (IPFIX) Protocol for the Exchange of IP
1391 Traffic Flow Information
1393 RFC5102 - Information Model for IP Flow Information Export"
1394 ::= { ipfixTemplateDefinitionEntry 2 }
1396 ipfixTemplateDefinitionIeLength OBJECT-TYPE
1397 SYNTAX Unsigned32 (0..65535)
1398 MAX-ACCESS read-only
1399 STATUS current
1400 DESCRIPTION
1401 "This indicates the length of the Information Element Id at
1402 position ipfixTemplateDefinitionIndex in the (Options)
1403 Template ipfixTemplateId."
1404 REFERENCE
1405 "RFC5101 Section 3.2 - Specification of the IP Flow
1406 Information Export (IPFIX) Protocol for the Exchange of IP
1407 Traffic Flow Information
1409 RFC5102 - Information Model for IP Flow Information Export"
1410 ::= { ipfixTemplateDefinitionEntry 3 }
1412 ipfixTemplateDefinitionEnterpriseNumber OBJECT-TYPE
1413 SYNTAX Unsigned32
1414 MAX-ACCESS read-only
1415 STATUS current
1416 DESCRIPTION
1417 "IANA enterprise number of the authority defining the
1418 Information Element identifier in this Template Record.
1419 Enterprise numbers are assigned by IANA. A current list of
1420 all assignments is available from
1421 .
1423 This object must be zero(0) for all standard Information
1424 Elements registered with IANA. A current list of these
1425 elements is available from
1426 ."
1427 REFERENCE
1428 "RFC5101 Section 3.2 - Specification of the IP Flow
1429 Information Export (IPFIX) Protocol for the Exchange of IP
1430 Traffic Flow Information
1432 RFC5102 - Information Model for IP Flow Information Export"
1433 ::= { ipfixTemplateDefinitionEntry 4 }
1435 ipfixTemplateDefinitionFlags OBJECT-TYPE
1436 SYNTAX BITS {
1437 scope(0),
1438 flowKey(1)
1439 }
1440 MAX-ACCESS read-only
1441 STATUS current
1442 DESCRIPTION
1443 "This bitmask indicates special attributes for the
1444 Information Element:
1446 scope(0)
1447 This Information Element is used for scope.
1449 flowKey(1)
1450 This Information Element is a Flow key.
1452 Thus we get the following values for an Information Element:
1454 If neither bit scope(0) nor bit flowKey(1) are set
1455 The Information Element is neither used for scoping nor
1456 as Flow Key.
1457 If only bit scope(0) is set
1458 The Information Element is used for scoping.
1459 If only bit flowKey(1) is set
1460 The Information Element is used as Flow Key.
1462 Both bit scope(0) and flowKey(1) MUST NOT be set at the same
1463 time. This combination is not allowed."
1464 REFERENCE
1465 "RFC5101 Section 2 and 3.4.2.1 - Specification of the IP
1466 Flow Information Export (IPFIX) Protocol for the Exchange
1467 of IP Traffic Flow Information
1469 RFC5102 - Information Model for IP Flow Information Export"
1470 ::= { ipfixTemplateDefinitionEntry 5 }
1472 --------------------------------------------------------------------
1473 -- 1.1.4: Export Table
1474 --------------------------------------------------------------------
1475 ipfixExportTable OBJECT-TYPE
1476 SYNTAX SEQUENCE OF IpfixExportEntry
1477 MAX-ACCESS not-accessible
1478 STATUS current
1479 DESCRIPTION
1480 "This table lists all exports of an IPFIX device.
1482 On Exporters this table contains all exports grouped by
1483 Transport Session, Observation Domain Id, Template Id and
1484 Metering Process represented by the
1485 ipfixMeteringProcessCacheId. Thanks to the ipfixExportIndex
1486 the exports can group one or more Transport Sessions to
1487 achieve a special functionality like failover management,
1488 load-balancing etc. The entries with the same
1489 ipfixExportIndex, the same ipfixObservationDomainId
1490 and the same ipfixMeteringProcessCacheId define a Transport
1491 Session group. If the Exporter does not use Transport
1492 Session grouping then each ipfixExportIndex contains a
1493 single ipfixMeteringProcessCacheId and thus a singe
1494 Transport Session and this session MUST have the member
1495 type primary(1). Transport Sessions referenced in this
1496 table MUST have the ipfixTransportSessionDeviceMode
1497 exporting(1).
1499 On Collectors this table is not needed."
1500 ::= { ipfixMainObjects 4 }
1502 ipfixExportEntry OBJECT-TYPE
1503 SYNTAX IpfixExportEntry
1504 MAX-ACCESS not-accessible
1505 STATUS current
1506 DESCRIPTION
1507 "Defines an entry in the ipfixExportTable"
1508 INDEX {
1509 ipfixExportIndex,
1510 ipfixMeteringProcessCacheId,
1511 ipfixTransportSessionIndex
1512 }
1513 ::= { ipfixExportTable 1 }
1515 IpfixExportEntry ::=
1516 SEQUENCE {
1517 ipfixExportIndex Unsigned32,
1518 ipfixExportMemberType INTEGER
1519 }
1521 ipfixExportIndex OBJECT-TYPE
1522 SYNTAX Unsigned32 (1..4294967295)
1523 MAX-ACCESS not-accessible
1524 STATUS current
1525 DESCRIPTION
1526 "Locally arbitrary, but unique identifier of an entry in
1527 the ipfixExportTable. The value is expected
1528 to remain constant from a re-initialization of the entity's
1529 network management agent to the next re-initialization.
1531 A common ipfixExportIndex between two entries from this
1532 table expresses that there is a relationship between the
1533 Transport Sessions in ipfixTransportSessionIndex. The type
1534 of relationship is expressed by the value of
1535 ipfixExportMemberType."
1536 ::= { ipfixExportEntry 1 }
1538 ipfixExportMemberType OBJECT-TYPE
1539 SYNTAX INTEGER {
1540 unknown(0),
1541 primary(1),
1542 secondary(2),
1543 parallel(3),
1544 loadBalancing(4)
1545 }
1546 MAX-ACCESS read-only
1547 STATUS current
1548 DESCRIPTION
1549 "The type of a member Transport Session in a Transport
1550 Session group (identified by the value of ipfixExportIndex,
1551 ipfixObservationDomainId and ipfixMeteringProcessCacheId).
1552 The following values are valid:
1554 unknown(0)
1555 This value MUST be used if the status of the group
1556 membership cannot be detected by the equipment. This
1557 value should be avoided as far as possible.
1559 primary(1)
1560 This value is used for a group member that is used as
1561 the primary target of an Exporter. Other group members
1562 (with the same ipfixExportIndex and
1563 ipfixMeteringProcessCacheId) MUST NOT have the value
1564 primary(1) but MUST have the value secondary(2).
1565 This value MUST also be specified if the Exporter does
1566 not support Transport Session grouping. In this case
1567 the group contains only one Transport Session.
1569 secondary(2)
1570 This value is used for a group member that is used as a
1571 secondary target of an Exporter. The Exporter will use
1572 one of the targets specified as secondary(2) within the
1573 same Transport Session group when the primary target is
1574 not reachable.
1576 parallel(3)
1577 This value is used for a group member that is used for
1578 duplicate exporting i.e., all group members identified
1579 by the ipfixExportIndex are exporting the same Records
1580 in parallel. This implies that all group members MUST
1581 have the same membertype parallel(3).
1583 loadBalancing(4)
1584 This value is used for a group member that is used
1585 as one target for load-balancing. This means that a
1586 Record is sent to one of the group members in this
1587 group identified by ipfixExportIndex.
1588 This implies that all group members MUST have the same
1589 membertype loadBalancing(4)."
1590 ::= { ipfixExportEntry 2 }
1592 --------------------------------------------------------------------
1593 -- 1.1.5: Metering Process Table
1594 --------------------------------------------------------------------
1595 ipfixMeteringProcessTable OBJECT-TYPE
1596 SYNTAX SEQUENCE OF IpfixMeteringProcessEntry
1597 MAX-ACCESS not-accessible
1598 STATUS current
1599 DESCRIPTION
1600 "This table lists so called caches used at the Metering
1601 Process to store the metering data of Flows observed at
1602 the Observation Points given in the
1603 ipfixObservationPointGroupReference. The table lists the
1604 timeouts that specify when the cached metering data is
1605 expired.
1607 On Collectors the table is not needed."
1608 ::= { ipfixMainObjects 5 }
1610 ipfixMeteringProcessEntry OBJECT-TYPE
1611 SYNTAX IpfixMeteringProcessEntry
1612 MAX-ACCESS not-accessible
1613 STATUS current
1614 DESCRIPTION
1615 "Defines an entry in the ipfixMeteringProcessTable."
1616 INDEX { ipfixMeteringProcessCacheId }
1617 ::= { ipfixMeteringProcessTable 1 }
1619 IpfixMeteringProcessEntry ::=
1620 SEQUENCE {
1621 ipfixMeteringProcessCacheId Unsigned32,
1622 ipfixMeteringProcessObservationPointGroupRef Unsigned32,
1623 ipfixMeteringProcessCacheActiveTimeout Unsigned32,
1624 ipfixMeteringProcessCacheInactiveTimeout Unsigned32
1625 }
1627 ipfixMeteringProcessCacheId OBJECT-TYPE
1628 SYNTAX Unsigned32 (1..4294967295)
1629 MAX-ACCESS not-accessible
1630 STATUS current
1631 DESCRIPTION
1632 "Locally arbitrary, but unique identifier of an entry in the
1633 ipfixMeterinProcessTable. The value is expected to remain
1634 constant from a re-initialization of the entity's network
1635 management agent to the next re-initialization."
1636 ::= { ipfixMeteringProcessEntry 1 }
1638 ipfixMeteringProcessObservationPointGroupRef OBJECT-TYPE
1639 SYNTAX Unsigned32
1640 MAX-ACCESS read-only
1641 STATUS current
1642 DESCRIPTION
1643 "The Observation Point Group Id that links this table entry
1644 to the ipfixObservationPointTable. The matching
1645 ipfixObservationPointGroupId in that table gives the
1646 Observation Points used in that cache. If the Observation
1647 Points are unknown the
1648 ipfixMeteringProcessObservationPointGroupRef MUST be zero."
1649 ::= { ipfixMeteringProcessEntry 2 }
1651 ipfixMeteringProcessCacheActiveTimeout OBJECT-TYPE
1652 SYNTAX Unsigned32
1653 UNITS "seconds"
1654 MAX-ACCESS read-only
1655 STATUS current
1656 DESCRIPTION
1657 "The time in seconds after which an active Flow is expired.
1659 On the Exporter this object contains the time after which a
1660 Flow is expired (and a Data Record for the template is sent)
1661 even though packets matching this Flow are still received by
1662 the Metering Process. If this value is 0 the Flow is not
1663 prematurely expired."
1664 REFERENCE
1665 "RFC5470 Section 5.1.1, item 3 -
1666 Architecture for IP Flow Information Export"
1667 ::= { ipfixMeteringProcessEntry 3 }
1669 ipfixMeteringProcessCacheInactiveTimeout OBJECT-TYPE
1670 SYNTAX Unsigned32
1671 UNITS "seconds"
1672 MAX-ACCESS read-only
1673 STATUS current
1674 DESCRIPTION
1675 "The time in seconds after which an inactive Flow is
1676 expired.
1678 On the Exporter this object contains the time after which a
1679 Flow is expired (and a Data Record for the template is sent)
1680 when no packets matching this Flow are received by the
1681 Metering Process for the given number of seconds. If this
1682 value is zero the Flow is timed out immediately i.e., a Data
1683 Record is sent for every packet received by the Metering
1684 Process."
1685 REFERENCE
1686 "RFC5470 Section 5.1.1, item 1 -
1687 Architecture for IP Flow Information Export"
1688 ::= { ipfixMeteringProcessEntry 4 }
1690 --------------------------------------------------------------------
1691 -- 1.1.6: Observation Point Table
1692 --------------------------------------------------------------------
1693 ipfixObservationPointTable OBJECT-TYPE
1694 SYNTAX SEQUENCE OF IpfixObservationPointEntry
1695 MAX-ACCESS not-accessible
1696 STATUS current
1697 DESCRIPTION
1698 "This table lists the Observation Points used within an
1699 Exporter by the Metering Process. The index
1700 ipfixObservationPointGroupId groups Observation Points
1701 and is referenced in the Metering Process table.
1703 On Collectors this table is not needed."
1704 ::= { ipfixMainObjects 6 }
1706 ipfixObservationPointEntry OBJECT-TYPE
1707 SYNTAX IpfixObservationPointEntry
1708 MAX-ACCESS not-accessible
1709 STATUS current
1710 DESCRIPTION
1711 "Defines an entry in the ipfixObservationPointTable."
1712 INDEX {
1713 ipfixObservationPointGroupId,
1714 ipfixObservationPointIndex
1715 }
1716 ::= { ipfixObservationPointTable 1 }
1718 IpfixObservationPointEntry ::=
1719 SEQUENCE {
1720 ipfixObservationPointGroupId Unsigned32,
1721 ipfixObservationPointIndex Unsigned32,
1722 ipfixObservationPointObservationDomainId Unsigned32,
1723 ipfixObservationPointPhysicalEntity PhysicalIndexOrZero,
1724 ipfixObservationPointPhysicalInterface InterfaceIndexOrZero,
1725 ipfixObservationPointPhysicalEntityDirection INTEGER
1726 }
1728 ipfixObservationPointGroupId OBJECT-TYPE
1729 SYNTAX Unsigned32 (1..4294967295)
1730 MAX-ACCESS not-accessible
1731 STATUS current
1732 DESCRIPTION
1733 "Locally arbitrary, but unique identifier of an entry in the
1734 ipfixObservationPointTable. The value is expected to remain
1735 constant from a re-initialization of the entity's network
1736 management agent to the next re-initialization.
1738 This index represents a group of Observation Points.
1740 The special value of 0 MUST NOT be used within this table
1741 but is reserved for the usage in the
1742 ipfixMeteringProcessTable. An index of 0 for the
1743 ipfixObservationPointGroupReference index in that table
1744 indicates that an Observation Point is unknown or
1745 unspecified for a Metering Process cache."
1746 ::= { ipfixObservationPointEntry 1 }
1748 ipfixObservationPointIndex OBJECT-TYPE
1749 SYNTAX Unsigned32 (1..4294967295)
1750 MAX-ACCESS not-accessible
1751 STATUS current
1752 DESCRIPTION
1753 "Locally arbitrary, but unique identifier of an entry in the
1754 ipfixObservationPointTable. The value is expected to remain
1755 constant from a re-initialization of the entity's network
1756 management agent to the next re-initialization.
1758 This index represents a single Observation Point in an
1759 Observation Point group."
1760 ::= { ipfixObservationPointEntry 2 }
1762 ipfixObservationPointObservationDomainId OBJECT-TYPE
1763 SYNTAX Unsigned32
1764 MAX-ACCESS read-only
1765 STATUS current
1766 DESCRIPTION
1767 "The ID of the Observation Domain in which this
1768 Observation Point is included.
1770 The special value of 0 indicates that the Observation
1771 Points within this group cannot be applied to a single
1772 Observation Domain."
1773 REFERENCE
1774 "RFC5101 Section 3.1 - Specification of the IP Flow
1775 Information Export (IPFIX) Protocol for the Exchange of IP
1776 Traffic Flow Information"
1777 ::= { ipfixObservationPointEntry 3 }
1779 ipfixObservationPointPhysicalEntity OBJECT-TYPE
1780 SYNTAX PhysicalIndexOrZero
1781 MAX-ACCESS read-only
1782 STATUS current
1783 DESCRIPTION
1784 "This object contains the index of a physical entity in
1785 the ENTITY MIB. This physical entity is the given
1786 Observation Point. If such a physical entity cannot be
1787 specified or is not known then the object is zero."
1788 ::= { ipfixObservationPointEntry 4 }
1790 ipfixObservationPointPhysicalInterface OBJECT-TYPE
1791 SYNTAX InterfaceIndexOrZero
1792 MAX-ACCESS read-only
1793 STATUS current
1794 DESCRIPTION
1795 "This object contains the index of a physical interface in
1796 the IF MIB. This physical interface is the given
1797 Observation Point. If such a physical interface cannot be
1798 specified or is not known then the object is zero.
1800 This object MAY be used stand alone or in addition to
1801 ipfixObservationPointPhysicalEntity. If
1802 ipfixObservationPointPhysicalEntity is not zero this object
1803 MUST point to the same physical interface that is
1804 referenced in ipfixObservationPointPhysicalEntity.
1805 Otherwise it may reference any interface in the IF MIB."
1806 ::= { ipfixObservationPointEntry 5 }
1808 ipfixObservationPointPhysicalEntityDirection OBJECT-TYPE
1809 SYNTAX INTEGER {
1810 unknown(0),
1811 ingress(1),
1812 egress(2),
1813 both(3)
1814 }
1815 MAX-ACCESS read-only
1816 STATUS current
1817 DESCRIPTION
1818 "The direction of the flow that is monitored on the given
1819 physical entity. The following values are valid:
1821 unknown(0)
1822 This value MUST be used if a direction is not
1823 known for the given physical entity.
1825 ingress(1)
1826 This value is used for monitoring incoming flows on the
1827 given physical entity.
1829 egress(2)
1830 This value is used for monitoring outgoing flows on the
1831 given physical entity.
1833 both(3)
1834 This value is used for monitoring incoming and outgoing
1835 flows on the given physical entity."
1836 ::= { ipfixObservationPointEntry 6 }
1838 --------------------------------------------------------------------
1839 -- 1.1.7: Selection Process Table
1840 --------------------------------------------------------------------
1841 ipfixSelectionProcessTable OBJECT-TYPE
1842 SYNTAX SEQUENCE OF IpfixSelectionProcessEntry
1843 MAX-ACCESS not-accessible
1844 STATUS current
1845 DESCRIPTION
1846 "This table contains Selector Functions connected to a
1847 Metering Process by the index ipfixMeteringProcessCacheId.
1848 The Selector Functions are grouped into Selection Processes
1849 by the ipfixSelectionProcessIndex. The Selector Functions
1850 are applied within the Selection Process to the packets
1851 observed for the given Metering Process cache in increasing
1852 order implied by the ipfixSelectionProcessSelectorIndex.
1853 This means Selector Functions with lower
1854 ipfixSelectionProcessSelectorIndex are applied first. The
1855 remaining packets are accounted in Flow Records.
1857 Since IPFIX does not define any Selector Function (except
1858 selecting every packet) this is a placeholder for future
1859 use and a guideline for implementing enterprise specific
1860 Selector Function objects.
1862 The following object tree should visualizes how the
1863 Selector Function objects should be implemented:
1865 ipfixSelectorFunctions
1866 |
1867 +- ipfixFuncSelectAll
1868 | |
1869 | +- ipfixFuncSelectAllAvail (is the function available?)
1870 |
1871 +- ipfixFuncF2
1872 | |
1873 | +- ipfixFuncF2Avail (is the function F2 available)
1874 | |
1875 | +- ipfixFuncF2Parameters (a table with parameters)
1876 ...
1877 |
1878 +- ipfixFunFn...
1880 If a Selector Function takes parameters the MIB should
1881 contain a table with an entry for each set of parameters
1882 used at the Exporter."
1883 ::= { ipfixMainObjects 7 }
1885 ipfixSelectionProcessEntry OBJECT-TYPE
1886 SYNTAX IpfixSelectionProcessEntry
1887 MAX-ACCESS not-accessible
1888 STATUS current
1889 DESCRIPTION
1890 "Defines an entry in the ipfixSelectionProcessTable."
1891 INDEX {
1892 ipfixMeteringProcessCacheId,
1893 ipfixSelectionProcessIndex,
1894 ipfixSelectionProcessSelectorIndex
1895 }
1896 ::= { ipfixSelectionProcessTable 1 }
1898 IpfixSelectionProcessEntry ::= SEQUENCE {
1899 ipfixSelectionProcessIndex Unsigned32,
1900 ipfixSelectionProcessSelectorIndex Unsigned32,
1901 ipfixSelectionProcessSelectorFunction OBJECT IDENTIFIER
1902 }
1904 ipfixSelectionProcessIndex OBJECT-TYPE
1905 SYNTAX Unsigned32 (1..4294967295)
1906 MAX-ACCESS not-accessible
1907 STATUS current
1908 DESCRIPTION
1909 "Locally arbitrary, but unique identifier of an entry in the
1910 ipfixSelectionProcessTable. The value is expected to remain
1911 constant from a re-initialization of the entity's network
1912 management agent to the next re-initialization."
1913 ::= { ipfixSelectionProcessEntry 1 }
1915 ipfixSelectionProcessSelectorIndex OBJECT-TYPE
1916 SYNTAX Unsigned32 (1..4294967295)
1917 MAX-ACCESS not-accessible
1918 STATUS current
1919 DESCRIPTION
1920 "Index specifying the order in which the referenced
1921 ipfixSelctionProcessSelectorFunction's are applied to the
1922 observed packet stream within the given Selection Process
1923 (identified by the ipfixSelectionProcessIndex). The
1924 Selector Functions are applied in increasing order i.e.,
1925 Selector Functions with lower index are applied first."
1926 ::= { ipfixSelectionProcessEntry 2 }
1928 ipfixSelectionProcessSelectorFunction OBJECT-TYPE
1929 SYNTAX OBJECT IDENTIFIER
1930 MAX-ACCESS read-only
1931 STATUS current
1932 DESCRIPTION
1933 "The pointer to the Selector Function used at position
1934 ipfixSelectionProcessSelectorIndex in the list of Selector
1935 Functions for the Metering Process cache specified by the
1936 index ipfixMeteringProcessCacheId and the for the given
1937 Selection Process (identified by the
1938 ipfixSelectionProcessIndex).
1940 This usually points to an object in the IPFIX SELECTOR MIB.
1941 If the Selector Function does take no parameters then it
1942 MUST point to the root of the function subtree. If the
1943 function takes parameters then it MUST point to an entry
1944 in the parameter table of the Selector Function."
1945 ::= { ipfixSelectionProcessEntry 3 }
1947 --------------------------------------------------------------------
1948 -- 1.2.1: Transport Session Statistics Table
1949 --------------------------------------------------------------------
1950 ipfixTransportSessionStatsTable OBJECT-TYPE
1951 SYNTAX SEQUENCE OF IpfixTransportSessionStatsEntry
1952 MAX-ACCESS not-accessible
1953 STATUS current
1954 DESCRIPTION
1955 "This table lists Transport Sessions statistics between
1956 Exporting Process and Collecting Process."
1957 ::= { ipfixStatistics 1 }
1959 ipfixTransportSessionStatsEntry OBJECT-TYPE
1960 SYNTAX IpfixTransportSessionStatsEntry
1961 MAX-ACCESS not-accessible
1962 STATUS current
1963 DESCRIPTION
1964 "Defines an entry in the ipfixTransportSessionStatsTable"
1965 AUGMENTS { ipfixTransportSessionEntry }
1966 ::= { ipfixTransportSessionStatsTable 1 }
1968 IpfixTransportSessionStatsEntry ::=
1969 SEQUENCE {
1970 ipfixTransportSessionRate Gauge32,
1971 ipfixTransportSessionPackets Counter64,
1972 ipfixTransportSessionBytes Counter64,
1973 ipfixTransportSessionMessages Counter64,
1974 ipfixTransportSessionDiscardedMessages Counter64,
1975 ipfixTransportSessionRecords Counter64,
1976 ipfixTransportSessionTemplates Counter64,
1977 ipfixTransportSessionOptionsTemplates Counter64,
1978 ipfixTransportSessionDiscontinuityTime TimeStamp
1979 }
1981 ipfixTransportSessionRate OBJECT-TYPE
1982 SYNTAX Gauge32
1983 UNITS "bytes/second"
1984 MAX-ACCESS read-only
1985 STATUS current
1986 DESCRIPTION
1987 "The number of bytes per second received by the
1988 Collector or transmitted by the Exporter. A
1989 value of zero (0) means that no packets were sent or
1990 received yet. This object is updated every second."
1991 ::= { ipfixTransportSessionStatsEntry 1 }
1993 ipfixTransportSessionPackets OBJECT-TYPE
1994 SYNTAX Counter64
1995 UNITS "packets"
1996 MAX-ACCESS read-only
1997 STATUS current
1998 DESCRIPTION
1999 "The number of packets received by the Collector
2000 or transmitted by the Exporter.
2001 Discontinuities in the value of this counter can occur at
2002 re-initialisation of the management system, and at other
2003 times as indicated by the value of
2004 ipfixTransportSessionDiscontinuityTime."
2005 ::= { ipfixTransportSessionStatsEntry 2 }
2007 ipfixTransportSessionBytes OBJECT-TYPE
2008 SYNTAX Counter64
2009 UNITS "bytes"
2010 MAX-ACCESS read-only
2011 STATUS current
2012 DESCRIPTION
2013 "The number of bytes received by the Collector
2014 or transmitted by the Exporter.
2015 Discontinuities in the value of this counter can occur at
2016 re-initialisation of the management system, and at other
2017 times as indicated by the value of
2018 ipfixTransportSessionDiscontinuityTime."
2019 ::= { ipfixTransportSessionStatsEntry 3 }
2021 ipfixTransportSessionMessages OBJECT-TYPE
2022 SYNTAX Counter64
2023 MAX-ACCESS read-only
2024 STATUS current
2025 DESCRIPTION
2026 "The number of IPFIX messages received by the
2027 Collector or transmitted by the Exporter.
2028 Discontinuities in the value of this counter can occur at
2029 re-initialisation of the management system, and at other
2030 times as indicated by the value of
2031 ipfixTransportSessionDiscontinuityTime."
2032 ::= { ipfixTransportSessionStatsEntry 4 }
2034 ipfixTransportSessionDiscardedMessages OBJECT-TYPE
2035 SYNTAX Counter64
2036 MAX-ACCESS read-only
2037 STATUS current
2038 DESCRIPTION
2039 "The number of received IPFIX Message that are malformed,
2040 cannot be decoded, are received in the wrong order or are
2041 missing according to the sequence number.
2043 If used at the Exporter the number of messages that could
2044 not be sent due to e.g. internal buffer overflows, network
2045 congestion, or routing issues.
2046 Discontinuities in the value of this counter can occur at
2047 re-initialisation of the management system, and at other
2048 times as indicated by the value of
2049 ipfixTransportSessionDiscontinuityTime."
2051 ::= { ipfixTransportSessionStatsEntry 5 }
2053 ipfixTransportSessionRecords OBJECT-TYPE
2054 SYNTAX Counter64
2055 MAX-ACCESS read-only
2056 STATUS current
2057 DESCRIPTION
2058 "The number of Data Records received by the Collector or
2059 transmitted by the Exporter.
2060 Discontinuities in the value of this counter can occur at
2061 re-initialisation of the management system, and at other
2062 times as indicated by the value of
2063 ipfixTransportSessionDiscontinuityTime."
2064 ::= { ipfixTransportSessionStatsEntry 6 }
2066 ipfixTransportSessionTemplates OBJECT-TYPE
2067 SYNTAX Counter64
2068 MAX-ACCESS read-only
2069 STATUS current
2070 DESCRIPTION
2071 "The number of Templates received or transmitted.
2072 Discontinuities in the value of this counter can occur at
2073 re-initialisation of the management system, and at other
2074 times as indicated by the value of
2075 ipfixTransportSessionDiscontinuityTime."
2076 ::= { ipfixTransportSessionStatsEntry 7 }
2078 ipfixTransportSessionOptionsTemplates OBJECT-TYPE
2079 SYNTAX Counter64
2080 MAX-ACCESS read-only
2081 STATUS current
2082 DESCRIPTION
2083 "The number of Options Templates received or transmitted.
2084 Discontinuities in the value of this counter can occur at
2085 re-initialisation of the management system, and at other
2086 times as indicated by the value of
2087 ipfixTransportSessionDiscontinuityTime."
2088 ::= { ipfixTransportSessionStatsEntry 8 }
2090 ipfixTransportSessionDiscontinuityTime OBJECT-TYPE
2091 SYNTAX TimeStamp
2092 MAX-ACCESS read-only
2093 STATUS current
2094 DESCRIPTION
2095 "The value of sysUpTime at the most recent occasion at which
2096 one or more of the Transport Session counters suffered a
2097 discontinuity.
2098 A value of zero indicates no such discontinuity has
2099 occurred since the last re-initialisation of the local
2100 management subsystem."
2101 ::= { ipfixTransportSessionStatsEntry 9 }
2103 --------------------------------------------------------------------
2104 -- 1.2.2: Template Statistics Table
2105 --------------------------------------------------------------------
2106 ipfixTemplateStatsTable OBJECT-TYPE
2107 SYNTAX SEQUENCE OF IpfixTemplateStatsEntry
2108 MAX-ACCESS not-accessible
2109 STATUS current
2110 DESCRIPTION
2111 "This table lists statistics objects per Template."
2112 ::= { ipfixStatistics 2 }
2114 ipfixTemplateStatsEntry OBJECT-TYPE
2115 SYNTAX IpfixTemplateStatsEntry
2116 MAX-ACCESS not-accessible
2117 STATUS current
2118 DESCRIPTION
2119 "Defines an entry in the ipfixTemplateStatsTable"
2120 AUGMENTS { ipfixTemplateEntry }
2121 ::= { ipfixTemplateStatsTable 1 }
2123 IpfixTemplateStatsEntry ::=
2124 SEQUENCE {
2125 ipfixTemplateDataRecords Counter64,
2126 ipfixTemplateDiscontinuityTime TimeStamp
2127 }
2129 ipfixTemplateDataRecords OBJECT-TYPE
2130 SYNTAX Counter64
2131 MAX-ACCESS read-only
2132 STATUS current
2133 DESCRIPTION
2134 "The number of Data Records that are transmitted or received
2135 per Template.
2136 Discontinuities in the value of this counter can occur at
2137 re-initialisation of the management system, and at other
2138 times as indicated by the value of
2139 ipfixTemplateDiscontinuityTime."
2140 ::= { ipfixTemplateStatsEntry 1 }
2142 ipfixTemplateDiscontinuityTime OBJECT-TYPE
2143 SYNTAX TimeStamp
2144 MAX-ACCESS read-only
2145 STATUS current
2146 DESCRIPTION
2147 "The value of sysUpTime at the most recent occasion at which
2148 the Template counter suffered a discontinuity.
2149 A value of zero indicates no such discontinuity has
2150 occurred since the last re-initialisation of the local
2151 management subsystem."
2152 ::= { ipfixTemplateStatsEntry 2 }
2154 --------------------------------------------------------------------
2155 -- 1.2.3: Metering Process Statistics Table
2156 --------------------------------------------------------------------
2157 ipfixMeteringProcessStatsTable OBJECT-TYPE
2158 SYNTAX SEQUENCE OF IpfixMeteringProcessStatsEntry
2159 MAX-ACCESS not-accessible
2160 STATUS current
2161 DESCRIPTION
2162 "This table lists statistic objects that have data per
2163 Metering Process cache.
2165 On Collectors this table is not needed."
2166 ::= { ipfixStatistics 3 }
2168 ipfixMeteringProcessStatsEntry OBJECT-TYPE
2169 SYNTAX IpfixMeteringProcessStatsEntry
2170 MAX-ACCESS not-accessible
2171 STATUS current
2172 DESCRIPTION
2173 "Defines an entry in the ipfixMeteringProcessStatsTable."
2174 AUGMENTS { ipfixMeteringProcessEntry }
2175 ::= { ipfixMeteringProcessStatsTable 1 }
2177 IpfixMeteringProcessStatsEntry ::=
2178 SEQUENCE {
2179 ipfixMeteringProcessCacheActiveFlows Gauge32,
2180 ipfixMeteringProcessCacheInactiveFlows Gauge32,
2181 ipfixMeteringProcessCacheDataRecords Counter64,
2182 ipfixMeteringProcessCacheDiscontinuityTime TimeStamp
2183 }
2185 ipfixMeteringProcessCacheActiveFlows OBJECT-TYPE
2186 SYNTAX Gauge32
2187 MAX-ACCESS read-only
2188 STATUS current
2189 DESCRIPTION
2190 "The number of Flows currently active at this cache."
2191 ::= { ipfixMeteringProcessStatsEntry 1 }
2193 ipfixMeteringProcessCacheInactiveFlows OBJECT-TYPE
2194 SYNTAX Gauge32
2195 MAX-ACCESS read-only
2196 STATUS current
2197 DESCRIPTION
2198 "The number of Flows currently inactive at this cache."
2199 ::= { ipfixMeteringProcessStatsEntry 2 }
2201 ipfixMeteringProcessCacheDataRecords OBJECT-TYPE
2202 SYNTAX Counter64
2203 MAX-ACCESS read-only
2204 STATUS current
2205 DESCRIPTION
2206 "The number of Data Records generated.
2207 Discontinuities in the value of this counter can occur at
2208 re-initialisation of the management system, and at other
2209 times as indicated by the value of
2210 ipfixTemplateDiscontinuityTime."
2211 ::= { ipfixMeteringProcessStatsEntry 3 }
2213 ipfixMeteringProcessCacheDiscontinuityTime OBJECT-TYPE
2214 SYNTAX TimeStamp
2215 MAX-ACCESS read-only
2216 STATUS current
2217 DESCRIPTION
2218 "The value of sysUpTime at the most recent occasion at which
2219 the Metering Process counter suffered a discontinuity.
2220 A value of zero indicates no such discontinuity has
2221 occurred since the last re-initialisation of the local
2222 management subsystem."
2223 ::= { ipfixMeteringProcessStatsEntry 4 }
2225 --------------------------------------------------------------------
2226 -- 1.2.4: Selection Process Statistics Table
2227 --------------------------------------------------------------------
2228 ipfixSelectionProcessStatsTable OBJECT-TYPE
2229 SYNTAX SEQUENCE OF IpfixSelectionProcessStatsEntry
2230 MAX-ACCESS not-accessible
2231 STATUS current
2232 DESCRIPTION
2233 "This table contains statistics for the Selector Functions
2234 connected to Metering Process by the index
2235 ipfixMeteringProcessCacheId.
2237 The indexes MUST match an entry in the
2238 ipfixSelectionProcessTable."
2239 ::= { ipfixStatistics 4 }
2241 ipfixSelectionProcessStatsEntry OBJECT-TYPE
2242 SYNTAX IpfixSelectionProcessStatsEntry
2243 MAX-ACCESS not-accessible
2244 STATUS current
2245 DESCRIPTION
2246 "Defines an entry in the ipfixSelectionProcessStatsTable."
2247 AUGMENTS { ipfixSelectionProcessEntry }
2248 ::= { ipfixSelectionProcessStatsTable 1 }
2250 IpfixSelectionProcessStatsEntry ::= SEQUENCE {
2251 ipfixSelectionProcessStatsPacketsObserved Counter64,
2252 ipfixSelectionProcessStatsPacketsDropped Counter64,
2253 ipfixSelectionProcessStatsDiscontinuityTime TimeStamp
2254 }
2256 ipfixSelectionProcessStatsPacketsObserved OBJECT-TYPE
2257 SYNTAX Counter64
2258 MAX-ACCESS read-only
2259 STATUS current
2260 DESCRIPTION
2261 "The number of packets observed at the entry point of the
2262 function. The entry point may be the Observation Point or
2263 the exit point of another Selector Function.
2264 Discontinuities in the value of this counter can occur at
2265 re-initialisation of the management system, and at other
2266 times as indicated by the value of
2267 ipfixSelectionProcessStatsDiscontinuityTime."
2268 ::= { ipfixSelectionProcessStatsEntry 1 }
2270 ipfixSelectionProcessStatsPacketsDropped OBJECT-TYPE
2271 SYNTAX Counter64
2272 MAX-ACCESS read-only
2273 STATUS current
2274 DESCRIPTION
2275 "The number of packets dropped while selecting packets.
2276 Discontinuities in the value of this counter can occur at
2277 re-initialisation of the management system, and at other
2278 times as indicated by the value of
2279 ipfixSelectionProcessStatsDiscontinuityTime."
2280 ::= { ipfixSelectionProcessStatsEntry 2 }
2282 ipfixSelectionProcessStatsDiscontinuityTime OBJECT-TYPE
2283 SYNTAX TimeStamp
2284 MAX-ACCESS read-only
2285 STATUS current
2286 DESCRIPTION
2287 "The value of sysUpTime at the most recent occasion at which
2288 one or more of the Selector counters suffered a
2289 discontinuity.
2290 A value of zero indicates no such discontinuity has
2291 occurred since the last re-initialisation of the local
2292 management subsystem."
2293 ::= { ipfixSelectionProcessStatsEntry 3 }
2295 --==================================================================
2296 -- 2: Conformance Information
2297 --==================================================================
2298 ipfixCompliances OBJECT IDENTIFIER ::= { ipfixConformance 1 }
2299 ipfixGroups OBJECT IDENTIFIER ::= { ipfixConformance 2 }
2301 --------------------------------------------------------------------
2302 -- 2.1: Compliance Statements
2303 --------------------------------------------------------------------
2304 ipfixCollectorCompliance MODULE-COMPLIANCE
2305 STATUS current
2306 DESCRIPTION
2307 "An implementation that builds an IPFIX Collector
2308 that complies to this module MUST implement the objects
2309 defined in the mandatory group ipfixCommonGroup.
2311 The implementation of all objects in the other groups is
2312 optional and depends on the corresponding functionality
2313 implemented in the equipment.
2315 An implementation that is compliant to this MIB module
2316 is limited to use only the values TCP (6), UDP (17) and
2317 SCTP (132) in the ipfixTransportSessionProtocol object
2318 because these are the only protocol currently specified
2319 for usage within IPFIX (see RFC5101)."
2320 MODULE -- this module
2321 MANDATORY-GROUPS {
2322 ipfixCommonGroup
2323 }
2325 GROUP ipfixCommonStatsGroup
2326 DESCRIPTION
2327 "These objects should be implemented if the statistics
2328 function is implemented in the equipment."
2329 ::= { ipfixCompliances 1 }
2331 ipfixExporterCompliance MODULE-COMPLIANCE
2332 STATUS current
2333 DESCRIPTION
2334 "An implementation that builds an IPFIX Exporter that
2335 complies to this module MUST implement the objects defined
2336 in the mandatory group ipfixCommonGroup. The implementation
2337 of all other objects depends on the implementation of the
2338 corresponding functionality in the equipment."
2340 MODULE -- this module
2341 MANDATORY-GROUPS {
2342 ipfixCommonGroup,
2343 ipfixExporterGroup
2344 }
2346 GROUP ipfixCommonStatsGroup
2347 DESCRIPTION
2348 "These objects should be implemented if the statistics
2349 function is implemented in the equipment."
2351 GROUP ipfixExporterStatsGroup
2352 DESCRIPTION
2353 "These objects MUST be implemented if statistical functions
2354 are implemented on the equipment."
2355 ::= { ipfixCompliances 2 }
2357 --------------------------------------------------------------------
2358 -- 2.2: MIB Grouping
2359 --------------------------------------------------------------------
2360 ipfixCommonGroup OBJECT-GROUP
2361 OBJECTS {
2362 ipfixTransportSessionProtocol,
2363 ipfixTransportSessionSourceAddressType,
2364 ipfixTransportSessionSourceAddress,
2365 ipfixTransportSessionDestinationAddressType,
2366 ipfixTransportSessionDestinationAddress,
2367 ipfixTransportSessionSourcePort,
2368 ipfixTransportSessionDestinationPort,
2369 ipfixTransportSessionSctpAssocId,
2370 ipfixTransportSessionDeviceMode,
2371 ipfixTransportSessionTemplateRefreshTimeout,
2372 ipfixTransportSessionOptionsTemplateRefreshTimeout,
2373 ipfixTransportSessionTemplateRefreshPacket,
2374 ipfixTransportSessionOptionsTemplateRefreshPacket,
2375 ipfixTransportSessionIpfixVersion,
2376 ipfixTransportSessionStatus,
2378 ipfixTemplateSetId,
2379 ipfixTemplateAccessTime,
2381 ipfixTemplateDefinitionIeId,
2382 ipfixTemplateDefinitionIeLength,
2383 ipfixTemplateDefinitionEnterpriseNumber,
2384 ipfixTemplateDefinitionFlags
2385 }
2386 STATUS current
2387 DESCRIPTION
2388 "The main IPFIX objects."
2389 ::= { ipfixGroups 1 }
2391 ipfixCommonStatsGroup OBJECT-GROUP
2392 OBJECTS {
2393 ipfixTransportSessionRate,
2394 ipfixTransportSessionPackets,
2395 ipfixTransportSessionBytes,
2396 ipfixTransportSessionMessages,
2397 ipfixTransportSessionDiscardedMessages,
2398 ipfixTransportSessionRecords,
2399 ipfixTransportSessionTemplates,
2400 ipfixTransportSessionOptionsTemplates,
2401 ipfixTransportSessionDiscontinuityTime,
2403 ipfixTemplateDataRecords,
2404 ipfixTemplateDiscontinuityTime
2405 }
2406 STATUS current
2407 DESCRIPTION
2408 "Common statistical objects."
2409 ::= { ipfixGroups 2 }
2411 ipfixExporterGroup OBJECT-GROUP
2412 OBJECTS {
2413 ipfixExportMemberType,
2415 ipfixMeteringProcessObservationPointGroupRef,
2416 ipfixMeteringProcessCacheActiveTimeout,
2417 ipfixMeteringProcessCacheInactiveTimeout,
2419 ipfixObservationPointObservationDomainId,
2420 ipfixObservationPointPhysicalEntity,
2421 ipfixObservationPointPhysicalInterface,
2422 ipfixObservationPointPhysicalEntityDirection,
2424 ipfixSelectionProcessSelectorFunction
2425 }
2426 STATUS current
2427 DESCRIPTION
2428 "The main objects for Exporters."
2429 ::= { ipfixGroups 3 }
2431 ipfixExporterStatsGroup OBJECT-GROUP
2432 OBJECTS {
2433 ipfixMeteringProcessCacheActiveFlows,
2434 ipfixMeteringProcessCacheInactiveFlows,
2435 ipfixMeteringProcessCacheDataRecords,
2436 ipfixMeteringProcessCacheDiscontinuityTime,
2438 ipfixSelectionProcessStatsPacketsObserved,
2439 ipfixSelectionProcessStatsPacketsDropped,
2440 ipfixSelectionProcessStatsDiscontinuityTime
2441 }
2442 STATUS current
2443 DESCRIPTION
2444 "The statistical objects for Exporters."
2445 ::= { ipfixGroups 4 }
2447 END
2449 8.2. IPFIX SELECTOR MIB Definition
2451 IPFIX-SELECTOR-MIB DEFINITIONS ::= BEGIN
2453 IMPORTS
2454 MODULE-IDENTITY, OBJECT-TYPE, mib-2
2455 FROM SNMPv2-SMI -- RFC2578
2456 TruthValue
2457 FROM SNMPv2-TC -- RFC2579
2458 MODULE-COMPLIANCE, OBJECT-GROUP
2459 FROM SNMPv2-CONF; -- RFC2580
2461 ipfixSelectorMIB MODULE-IDENTITY
2462 LAST-UPDATED "200906020900Z" -- 02 June 2009
2463 ORGANIZATION "IETF IPFIX Working Group"
2464 CONTACT-INFO
2465 "WG charter:
2466 http://www.ietf.org/html.charters/ipfix-charter.html
2468 Mailing Lists:
2469 General Discussion: ipfix@ietf.org
2470 To Subscribe: http://www1.ietf.org/mailman/listinfo/ipfix
2471 Archive:
2472 http://www1.ietf.org/mail-archive/web/ipfix/current/index.html
2474 Editor:
2475 Thomas Dietz
2476 NEC Europe Ltd.
2477 NEC Laboratories Europe
2478 Network Research Division
2479 Kurfuersten-Anlage 36
2480 69115 Heidelberg
2481 Germany
2482 Phone: +49 6221 4342-128
2483 Email: Thomas.Dietz@nw.neclab.eu
2485 Atsushi Kobayashi
2486 NTT Information Sharing Platform Laboratories
2487 3-9-11 Midori-cho
2488 Musashino-shi
2489 180-8585
2490 Japan
2491 Phone: +81-422-59-3978
2492 Email: akoba@nttv6.net
2494 Benoit Claise
2495 Cisco Systems, Inc.
2496 De Kleetlaan 6a b1
2497 Degem 1831
2498 Belgium
2499 Phone: +32 2 704 5622
2500 Email: bclaise@cisco.com
2502 Gerhard Muenz
2503 Technische Universitaet Muenchen
2504 Department of Informatics
2505 Chair for Network Architectures and Services (I8)
2506 Boltzmannstr. 3
2507 85748 Garching
2508 Germany
2509 Phone: +49 89 289-18008
2510 Email: muenz@net.in.tum.de
2511 URI: http://www.net.in.tum.de/~muenz"
2512 DESCRIPTION
2513 "The IPFIX SELECTOR MIB module defines the standard
2514 filtering and sampling functions that can be referenced in
2515 the ipfixSelectorTable of the IPFIX MIB. The subtree
2516 ipfixSelectorFunctions is a placeholder where all standard
2517 filtering and sampling functions should be located.
2519 The IPFIX SELECTOR MIB module is maintained by IANA and can
2520 be extended through Expert Review [RFC5226], i.e. review by
2521 one of a group of experts designated by an IETF Area
2522 Director. The group of experts MUST check the requested MIB
2523 objects for completeness and accuracy of the description.
2524 Requests for MIB objects that duplicate the functionality of
2525 existing objects SHOULD be declined. The smallest available
2526 OID SHOULD be assigned to a new MIB objects. The
2527 specification of new MIB objects SHOULD follow the structure
2528 specified in RFC yyyy and MUST be published using a
2529 well-established and persistent publication medium. The
2530 experts will initially be drawn from the Working Group
2531 Chairs and document editors of the IPFIX and PSAMP Working
2532 Groups.
2534 Copyright (c) 2009 IETF Trust and the persons identified as
2535 the document authors. All rights reserved. This version
2536 of this MIB module is part of RFC yyyy; see the RFC itself
2537 for full legal notices."
2538 -- replace yyyy with actual RFC number & remove this notice
2540 -- Revision history
2542 REVISION "200906020900Z" -- 02 June 2009
2543 DESCRIPTION
2544 "Initial version, published as RFC yyyy."
2545 -- replace yyyy with actual RFC number & remove this notice
2547 ::= { mib-2 zzz }
2548 -- zzz to be assigned by IANA.
2550 --******************************************************************
2551 -- Top Level Structure of the MIB
2552 --******************************************************************
2554 ipfixSelectorObjects OBJECT IDENTIFIER
2555 ::= { ipfixSelectorMIB 1 }
2556 ipfixSelectorConformance OBJECT IDENTIFIER
2557 ::= { ipfixSelectorMIB 2 }
2559 --==================================================================
2560 -- 1: Objects used by all IPFIX implementations
2561 --==================================================================
2562 --------------------------------------------------------------------
2563 -- 1.1: Packet Selector Functions for IPFIX
2564 --------------------------------------------------------------------
2565 ipfixSelectorFunctions OBJECT IDENTIFIER
2566 ::= { ipfixSelectorObjects 1 }
2568 --------------------------------------------------------------------
2569 -- 1.1.1: Function 1: Selecting All Packets
2570 --------------------------------------------------------------------
2571 ipfixFuncSelectAll OBJECT IDENTIFIER
2572 ::= { ipfixSelectorFunctions 1 }
2574 ipfixFuncSelectAllAvail OBJECT-TYPE
2575 SYNTAX TruthValue
2576 MAX-ACCESS read-only
2577 STATUS current
2578 DESCRIPTION
2579 "This object indicates the availability of the trivial
2580 function of selecting all packets. This function is always
2581 available."
2582 ::= { ipfixFuncSelectAll 1 }
2584 --==================================================================
2585 -- 2: Conformance Information
2586 --==================================================================
2587 ipfixSelectorCompliances OBJECT IDENTIFIER
2588 ::= { ipfixSelectorConformance 1 }
2589 ipfixSelectorGroups OBJECT IDENTIFIER
2590 ::= { ipfixSelectorConformance 2 }
2592 --------------------------------------------------------------------
2593 -- 2.1: Compliance Statements
2594 --------------------------------------------------------------------
2595 ipfixSelectorBasicCompliance MODULE-COMPLIANCE
2596 STATUS current
2597 DESCRIPTION
2598 "An implementation that builds an IPFIX Exporter that
2599 complies to this module MUST implement the objects defined
2600 in the mandatory group ipfixBasicGroup. The implementation
2601 of all other objects depends on the implementation of the
2602 corresponding functionality in the equipment."
2603 MODULE -- this module
2604 MANDATORY-GROUPS {
2605 ipfixSelectorBasicGroup
2606 }
2607 ::= { ipfixSelectorCompliances 1 }
2609 --------------------------------------------------------------------
2610 -- 2.2: MIB Grouping
2611 --------------------------------------------------------------------
2612 ipfixSelectorBasicGroup OBJECT-GROUP
2613 OBJECTS {
2614 ipfixFuncSelectAllAvail
2615 }
2616 STATUS current
2617 DESCRIPTION
2618 "The main IPFIX objects."
2619 ::= { ipfixSelectorGroups 1 }
2621 END
2623 9. Security Considerations
2625 There are no management objects defined in this MIB module that have
2626 a MAX-ACCESS clause of read-write and/or read-create. So, if these
2627 MIB modules are implemented correctly, then there is no risk that an
2628 intruder can alter or create any management objects of these MIB
2629 modules via direct SNMP SET operations.
2631 Some of the readable objects in these MIB modules (i.e., objects with
2632 a MAX-ACCESS other than not-accessible) may be considered sensitive
2633 or vulnerable in some network environments. It is thus important to
2634 control even GET and/or NOTIFY access to these objects and possibly
2635 to even encrypt the values of these objects when sending them over
2636 the network via SNMP. These are the tables and objects and their
2637 sensitivity/vulnerability:
2639 o ipfixTransportSessionTable - contains configuration data that
2640 might be sensitive because objects in this table may reveal
2641 information about the network infrastructure
2643 o ipfixExportTable - contains configuration data that might be
2644 sensitive because object in this table may reveal information
2645 about the network infrastructure as well
2647 o ipfixMeteringProcessTable - contains configuration data that might
2648 be sensitive because objects in this table may reveal information
2649 about the IPFIX Device itself
2651 o ipfixObservationPointTable - contains configuration data that
2652 might be sensitive because objects in this table may reveal
2653 information about the IPFIX Device itself and the network
2654 infrastructure
2656 o ipfixSelectorFunctions - currently contains no sensitive data but
2657 might want to be secured anyway since it may contain sensitive
2658 data in a future version
2660 All other objects and tables contain no data that is considered
2661 sensitive.
2663 SNMP versions prior to SNMPv3 did not include adequate security.
2664 Even if the network itself is secure (for example by using IPsec),
2665 even then, there is no control as to who on the secure network is
2666 allowed to access and GET/SET (read/change/create/delete) the objects
2667 in these MIB modules.
2669 It is RECOMMENDED that implementers consider the security features as
2670 provided by the SNMPv3 framework (see [RFC3410], section 8),
2671 including full support for the SNMPv3 cryptographic mechanisms (for
2672 authentication and privacy).
2674 Further, deployment of SNMP versions prior to SNMPv3 is NOT
2675 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
2676 enable cryptographic security. It is then a customer/operator
2677 responsibility to ensure that the SNMP entity giving access to an
2678 instance of these MIB modules is properly configured to give access
2679 to the objects only to those principals (users) that have legitimate
2680 rights to indeed GET or SET (change/create/delete) them.
2682 10. IANA Considerations
2684 The MIB module in this document uses the following IANA-assigned
2685 OBJECT IDENTIFIER values recorded in the SMI Numbers registry:
2687 Descriptor OBJECT IDENTIFIER value
2688 ---------- -----------------------
2689 ipfixMIB { mib-2 xxxxx }
2690 ipfixSelectorMIB { mib-2 zzzzz }
2692 Further on the whole IPFIX SELECTOR MIB module is maintained by IANA.
2693 Additions to this MIB module are subject to Expert Review [RFC5226],
2694 i.e., review by one of a group of experts designated by an IETF Area
2695 Director. The group of experts MUST check the requested MIB objects
2696 for completeness and accuracy of the description. Requests for MIB
2697 objects that duplicate the functionality of existing objects SHOULD
2698 be declined. The smallest available OID SHOULD be assigned to a new
2699 MIB objects. The specification of new MIB objects SHOULD follow the
2700 structure specified in Section 6 and MUST be published using a well-
2701 established and persistent publication medium. The experts will
2702 initially be drawn from the Working Group Chairs and document editors
2703 of the IPFIX and PSAMP Working Groups.
2705 11. Acknowledgment
2707 This document is a product of the IPFIX working group. The authors
2708 would like to thank the following persons: Paul Aitken for his
2709 detailed review, Dan Romascanu and the MIB doctors, and many more,
2710 for the technical reviews and feedback.
2712 12. References
2714 12.1. Normative References
2716 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
2717 Requirement Levels", BCP 14, RFC 2119, March 1997.
2719 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J.
2720 Schoenwaelder, Ed., "Structure of Management Information
2721 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.
2723 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J.
2724 Schoenwaelder, Ed., "Textual Conventions for SMIv2",
2725 STD 58, RFC 2579, April 1999.
2727 [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder,
2728 "Conformance Statements for SMIv2", STD 58, RFC 2580,
2729 April 1999.
2731 [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J.
2732 Schoenwaelder, "Textual Conventions for Internet Network
2733 Addresses", RFC 4001, February 2005.
2735 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group
2736 MIB", RFC 2863, June 2000.
2738 [RFC3873] Pastor, J. and M. Belinchon, "Stream Control Transmission
2739 Protocol (SCTP) Management Information Base (MIB)",
2740 RFC 3873, September 2004.
2742 [RFC4133] Bierman, A. and K. McCloghrie, "Entity MIB (Version 3)",
2743 RFC 4133, August 2005.
2745 [RFC5101] Claise, B., "Specification of the IP Flow Information
2746 Export (IPFIX) Protocol for the Exchange of IP Traffic
2747 Flow Information", RFC 5101, January 2008.
2749 [RFC5102] Quittek, J., Bryant, S., Claise, B., Aitken, P., and J.
2750 Meyer, "Information Model for IP Flow Information Export",
2751 RFC 5102, January 2008.
2753 [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
2754 IANA Considerations Section in RFCs", BCP 26, RFC 5226,
2755 May 2008.
2757 12.2. Informative References
2759 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart,
2760 "Introduction and Applicability Statements for Internet-
2761 Standard Management Framework", RFC 3410, December 2002.
2763 [RFC3917] Quittek, J., Zseby, T., Claise, B., and S. Zander,
2764 "Requirements for IP Flow Information Export (IPFIX)",
2765 RFC 3917, October 2004.
2767 [RFC5470] Sadasivan, G., Brownlee, N., Claise, B., and J. Quittek,
2768 "Architecture for IP Flow Information Export", RFC 5470,
2769 March 2009.
2771 [RFC5472] Zseby, T., Boschi, E., Brownlee, N., and B. Claise, "IP
2772 Flow Information Export (IPFIX) Applicability", RFC 5472,
2773 March 2009.
2775 [RFC5474] Duffield, N., Chiou, D., Claise, B., Greenberg, A.,
2776 Grossglauser, M., and J. Rexford, "A Framework for Packet
2777 Selection and Reporting", RFC 5474, March 2009.
2779 [RFC5475] Zseby, T., Molina, M., Duffield, N., Niccolini, S., and F.
2780 Raspall, "Sampling and Filtering Techniques for IP Packet
2781 Selection", RFC 5475, March 2009.
2783 [RFC5476] Claise, B., Johnson, A., and J. Quittek, "Packet Sampling
2784 (PSAMP) Protocol Specifications", RFC 5476, March 2009.
2786 Authors' Addresses
2788 Thomas Dietz (editor)
2789 NEC Europe Ltd.
2790 NEC Laboratories Europe
2791 Network Research Division
2792 Kurfuersten-Anlage 36
2793 Heidelberg 69115
2794 DE
2796 Phone: +49 6221 4342-128
2797 Email: Thomas.Dietz@nw.neclab.eu
2799 Atsushi Kobayashi
2800 NTT Information Sharing Platform Laboratories
2801 3-9-11 Midori-cho
2802 Musashino-shi, Tokyo 180-8585
2803 JA
2805 Phone: +81-422-59-3978
2806 Email: akoba@nttv6.net
2808 Benoit Claise
2809 Cisco Systems, Inc.
2810 De Kleetlaan 6a b1
2811 Degem 1831
2812 BE
2814 Phone: +32 2 704 5622
2815 Email: bclaise@cisco.com
2817 Gerhard Muenz
2818 Technische Universitaet Muenchen
2819 Department of Informatics
2820 Chair for Network Architectures and Services (I8)
2821 Boltzmannstr. 3
2822 Garching 85748
2823 DE
2825 Phone: +49 89 289-18008
2826 Email: muenz@net.in.tum.de
2827 URI: http://www.net.in.tum.de/~muenz