idnits 2.17.1
draft-ietf-ipfix-rfc5815bis-00.txt:
Checking boilerplate required by RFC 5378 and the IETF Trust (see
https://trustee.ietf.org/license-info):
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
----------------------------------------------------------------------------
No issues found here.
Checking nits according to https://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------
== There are 1 instance of lines with non-RFC6890-compliant IPv4 addresses
in the document. If these are example addresses, they should be changed.
-- The document has examples using IPv4 documentation addresses according
to RFC6890, but does not use any IPv6 documentation addresses. Maybe
there should be IPv6 examples, too?
Miscellaneous warnings:
----------------------------------------------------------------------------
== The copyright year in the IETF Trust and authors Copyright Line does not
match the current year
== The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but
does not include the phrase in its RFC 2119 key words list.
-- The document date (November 14, 2011) is 4539 days in the past. Is this
intentional?
Checking references for intended status: Proposed Standard
----------------------------------------------------------------------------
(See RFCs 3967 and 4897 for information about using normative references
to lower-maturity documents in RFCs)
== Missing Reference: 'NewRFCNumber' is mentioned on line 2542, but not
defined
== Missing Reference: 'ThisRFC' is mentioned on line 2723, but not defined
** Obsolete normative reference: RFC 4133 (Obsoleted by RFC 6933)
** Obsolete normative reference: RFC 5101 (Obsoleted by RFC 7011)
** Obsolete normative reference: RFC 5102 (Obsoleted by RFC 7012)
** Obsolete normative reference: RFC 5226 (Obsoleted by RFC 8126)
** Obsolete normative reference: RFC 5815 (Obsoleted by RFC 6615)
Summary: 5 errors (**), 0 flaws (~~), 5 warnings (==), 2 comments (--).
Run idnits with the --verbose option for more detailed information about
the items above.
--------------------------------------------------------------------------------
2 IPFIX Working Group T. Dietz, Ed.
3 Internet-Draft NEC Europe, Ltd.
4 Intended status: Standards Track A. Kobayashi
5 Expires: May 17, 2012 NTT PF Labs.
6 B. Claise
7 Cisco Systems, Inc.
8 G. Muenz
9 Technische Universitaet Muenchen
10 November 14, 2011
12 Definitions of Managed Objects for IP Flow Information Export
13 draft-ietf-ipfix-rfc5815bis-00.txt
15 Abstract
17 This document defines managed objects for IP Flow Information eXport
18 (IPFIX). These objects provide information for monitoring IPFIX
19 Exporters and IPFIX Collectors including the basic configuration
20 information.
22 Status of this Memo
24 This Internet-Draft is submitted in full conformance with the
25 provisions of BCP 78 and BCP 79.
27 Internet-Drafts are working documents of the Internet Engineering
28 Task Force (IETF). Note that other groups may also distribute
29 working documents as Internet-Drafts. The list of current Internet-
30 Drafts is at http://datatracker.ietf.org/drafts/current/.
32 Internet-Drafts are draft documents valid for a maximum of six months
33 and may be updated, replaced, or obsoleted by other documents at any
34 time. It is inappropriate to use Internet-Drafts as reference
35 material or to cite them other than as "work in progress."
37 This Internet-Draft will expire on May 17, 2012.
39 Copyright Notice
41 Copyright (c) 2011 IETF Trust and the persons identified as the
42 document authors. All rights reserved.
44 This document is subject to BCP 78 and the IETF Trust's Legal
45 Provisions Relating to IETF Documents
46 (http://trustee.ietf.org/license-info) in effect on the date of
47 publication of this document. Please review these documents
48 carefully, as they describe your rights and restrictions with respect
49 to this document. Code Components extracted from this document must
50 include Simplified BSD License text as described in Section 4.e of
51 the Trust Legal Provisions and are provided without warranty as
52 described in the Simplified BSD License.
54 Table of Contents
56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
57 2. IPFIX Documents Overview . . . . . . . . . . . . . . . . . . . 4
58 3. The Internet-Standard Management Framework . . . . . . . . . . 5
59 4. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 6
60 5. Structure of the IPFIX MIB . . . . . . . . . . . . . . . . . . 7
61 5.1. The Transport Session Table . . . . . . . . . . . . . . . 7
62 5.2. The Template Table . . . . . . . . . . . . . . . . . . . . 9
63 5.3. The Template Definition Table . . . . . . . . . . . . . . 11
64 5.4. The Export Table . . . . . . . . . . . . . . . . . . . . . 12
65 5.5. The Metering Process Table . . . . . . . . . . . . . . . . 14
66 5.6. The Observation Point Table . . . . . . . . . . . . . . . 15
67 5.7. The Selection Process Table . . . . . . . . . . . . . . . 16
68 5.8. The Statistical Tables . . . . . . . . . . . . . . . . . . 16
69 5.8.1. The Transport Session Statistical Table . . . . . . . 17
70 5.8.2. The Template Statistical Table . . . . . . . . . . . . 17
71 5.8.3. The Metering Process Statistical Table . . . . . . . . 17
72 5.8.4. The Selection Process Statistical Table . . . . . . . 17
73 6. Structure of the IPFIX SELECTOR MIB . . . . . . . . . . . . . 18
74 6.1. The Selector Functions . . . . . . . . . . . . . . . . . . 18
75 7. Relationship to Other MIB Modules . . . . . . . . . . . . . . 21
76 7.1. Relationship to the ENTITY MIB and IF MIB . . . . . . . . 21
77 7.2. MIB Modules Required for IMPORTS . . . . . . . . . . . . . 21
78 8. MIB Definitions . . . . . . . . . . . . . . . . . . . . . . . 22
79 8.1. IPFIX MIB Definition . . . . . . . . . . . . . . . . . . . 22
80 8.2. IPFIX SELECTOR MIB Definition . . . . . . . . . . . . . . 57
81 9. Security Considerations . . . . . . . . . . . . . . . . . . . 62
82 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 64
83 11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 65
84 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 66
85 12.1. Normative References . . . . . . . . . . . . . . . . . . . 66
86 12.2. Informative References . . . . . . . . . . . . . . . . . . 67
87 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 68
89 1. Introduction
91 This document defines two MIB modules for monitoring IP Flow
92 Information eXport (IPFIX) Devices including Exporters and
93 Collectors. Most of the objects defined by the IPFIX MIB module MUST
94 be implemented. Some objects MAY be implemented corresponding to the
95 functionality implemented in the equipment. Since the IPFIX
96 architecture [RFC5470] foresees the possibility of using Filtering
97 and/or Sampling functions to reduce the data volume, this document
98 also provides the IPFIX SELECTOR MIB module, which contains the
99 standardized selection methods and is controlled by IANA. The full
100 configuration of the IPFIX Metering Process is out of the scope of
101 these MIB modules.
103 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
104 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
105 document are to be interpreted as described in RFC 2119 [RFC2119].
107 2. IPFIX Documents Overview
109 The IPFIX protocol provides network administrators with access to IP
110 Flow information. The architecture for the export of measured IP
111 Flow information out of an IPFIX Exporting Process to a Collecting
112 Process is defined in [RFC5470], per the requirements defined in
113 [RFC3917]. The protocol document [RFC5101] specifies how IPFIX Data
114 Records and Templates are carried via a congestion-aware transport
115 protocol from IPFIX Exporting Processes to IPFIX Collecting
116 Processes. IPFIX has a formal description of IPFIX Information
117 Elements, their name, type and additional semantic information, as
118 specified in [RFC5102]. Finally, [RFC5472] describes what type of
119 applications can use the IPFIX protocol and how they can use the
120 information provided. It furthermore shows how the IPFIX framework
121 relates to other architectures and frameworks.
123 It is assumed that Flow metering, export, and collection is performed
124 according to the IPFIX architecture defined in [RFC5470]. The
125 monitored configuration parameters of the export and collection of
126 Flow Templates and Data Records is modeled according to [RFC5101].
127 Packet selection methods that may be optionally used by the IPFIX
128 Metering Process are not considered in this MIB module. They are
129 defined in the Packet Sampling (PSAMP) framework [RFC5474] and
130 Sampling techniques [RFC5475] documents. Nevertheless, the basis for
131 defining Sampling and Filtering functions is given with the IPFIX
132 SELECTOR MIB module. Since the PSAMP export protocol [RFC5476] is
133 based on the IPFIX protocol, the Sampling and Filtering functions can
134 be added to the IPFIX SELECTOR MIB module as needed.
136 3. The Internet-Standard Management Framework
138 For a detailed overview of the documents that describe the current
139 Internet-Standard Management Framework, please refer to section 7 of
140 RFC 3410 [RFC3410].
142 Managed objects are accessed via a virtual information store, termed
143 the Management Information Base or MIB. MIB objects are generally
144 accessed through the Simple Network Management Protocol (SNMP).
145 Objects in the MIB are defined using the mechanisms defined in the
146 Structure of Management Information (SMI). This memo specifies MIB
147 modules that are compliant to the SMIv2, which is described in STD
148 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC
149 2580 [RFC2580].
151 4. Terminology
153 The definitions of the basic terms like IP Traffic Flow, Exporting
154 Process, Collecting Process, Observation Points, etc. can be found in
155 the IPFIX protocol document [RFC5101].
157 5. Structure of the IPFIX MIB
159 The IPFIX MIB module consists of seven main tables, the Transport
160 Session table, the Template table and the corresponding Template
161 Definition table, the Export table, the Metering Process table, the
162 Observation Point table, and the Selection Process table. Since the
163 IPFIX architecture [RFC5470] foresees the possibility of using
164 Filtering and/or Sampling functions to reduce the data volume, the
165 MIB module provides the basic objects for these functions with the
166 Selection Process table. The IPFIX SELECTOR MIB module defined in
167 the next section provides the standard Filtering and Sampling
168 functions that can be referenced in the ipfixSelectionProcessTable.
170 All remaining objects contain statistical values for the different
171 tables contained in the MIB module.
173 The following subsections describe all tables in the IPFIX MIB
174 module.
176 5.1. The Transport Session Table
178 The Transport Session is the basis of the MIB module. The Transport
179 Session table (ipfixTransportSessionTable) contains all Transport
180 Sessions between Exporter and Collector. The table specifies the
181 transport layer protocol of the Transport Session and, depending on
182 that protocol, further parameters for the Transport Session. In the
183 case of UDP and TCP, these are the source and destination address as
184 well as the source and destination port. For Stream Control
185 Transmission Protocol (SCTP), the table contains the SCTP Assoc Id,
186 which is the index for the SCTP association in the SCTP MIB module
187 [RFC3873]. The mode of operation of the device, i.e., if the
188 Transport Session is used for collecting or exporting is given in the
189 ipfixTransportSessionDeviceMode object. Further on, it contains the
190 configured refresh parameters for Templates and Options Templates
191 that are used across unreliable connections as UDP. Finally, the
192 IPFIX version that is exported or collected by this Transport Session
193 and a status of the Transport Session is given in the table.
195 To illustrate the use of the above tables, let us assume the
196 following scenario: we have an Exporter on IP address 192.0.2.22 and
197 a Collector on IP address 192.0.2.37. The Exporter uses TCP to
198 export Templates and Data Records. The same Exporter also exports,
199 with UDP, to a Collector with the IP address of 192.0.2.44. This
200 would lead to the following Transport Session table on the Exporter:
202 ipfixTransportSessionTable (1)
203 |
204 +- ipfixTransportSessionEntry (1)
205 |
206 +- index (5) (ipfixTransportSessionIndex)
207 | +- ipfixTransportSessionIndex (1) = 5
208 | +- ipfixTransportSessionProtocol (2) = 6 (TCP)
209 | +- ipfixTransportSessionSourceAddressType (3) = 1 (ipv4)
210 | +- ipfixTransportSessionSourceAddress (4) = 192.0.2.22
211 | +- ipfixTransportSessionDestinationAddressType (5) = 1 (ipv4)
212 | +- ipfixTransportSessionDestinationAddress (6) = 192.0.2.37
213 | +- ipfixTransportSessionSourcePort (7) = 7653
214 | +- ipfixTransportSessionDestinationPort (8) = 4739
215 | +- ipfixTransportSessionSctpAssocId (9) = 0
216 | +- ipfixTransportSessionDeviceMode (10) = exporting(1)
217 | +- ipfixTransportSessionTemplateRefreshTimeout (11) = 0
218 | +- ipfixTransportSessionOptionTemplateRefreshTimeout (12) = 0
219 | +- ipfixTransportSessionTemplateRefreshPacket (13) = 0
220 | +- ipfixTransportSessionOptionTemplateRefreshPacket (14) = 0
221 | +- ipfixTransportSessionIpfixVersion (15) = 10
222 | +- ipfixTransportSessionStatus (16) = 2 (active)
223 .
224 .
225 .
226 +- index (11) (ipfixTransportSessionIndex)
227 +- ipfixTransportSessionIndex (1) = 11
228 +- ipfixTransportSessionProtocol (2) = 17 (UDP)
229 +- ipfixTransportSessionSourceAddressType (3) = 1 (ipv4)
230 +- ipfixTransportSessionSourceAddress (4) = 192.0.2.22
231 +- ipfixTransportSessionDestinationAddressType (5) = 1 (ipv4)
232 +- ipfixTransportSessionDestinationAddress (6) = 192.0.2.44
233 +- ipfixTransportSessionSourcePort (7) = 14287
234 +- ipfixTransportSessionDestinationPort (8) = 4739
235 +- ipfixTransportSessionSctpAssocId (9) = 0
236 +- ipfixTransportSessionDeviceMode (10) = exporting(1)
237 +- ipfixTransportSessionTemplateRefreshTimeout (11) = 100
238 +- ipfixTransportSessionOptionTemplateRefreshTimeout (12)
239 | = 100
240 +- ipfixTransportSessionTemplateRefreshPacket (13) = 10
241 +- ipfixTransportSessionOptionTemplateRefreshPacket (14) = 10
242 +- ipfixTransportSessionIpfixVersion (15) = 10
243 +- ipfixTransportSessionStatus (16) = 2 (active)
245 The values in brackets are the OID numbers. The Collectors would
246 then have the same entry except that the index would most likely
247 differ and the ipfixTransportSessionDeviceMode would be
248 collecting(2).
250 5.2. The Template Table
252 The Template table lists all Templates (including Options Templates)
253 that are sent (by an Exporter) or received (by a Collector). The
254 (Options) Templates are unique per Transport Session, which also
255 gives the device mode (Exporter or Collector) and Observation Domain;
256 thus, the table is indexed by:
258 o the Transport Session Index (ipfixTransportSessionIndex)
260 o and the Observation Domain Id (ipfixTemplateObservationDomainId).
262 It contains the Set Id and an access time denoting the time when the
263 (Options) Template was last sent or received.
265 To resume the above example, the Exporter may want to export a
266 Template and an Options Template for each Transport Session defined
267 above. This leads to the following Template table defining Template
268 and Options Template:
270 ipfixTemplateTable (3)
271 |
272 +- ipfixTemplateEntry (1)
273 |
274 +- index (5) (ipfixTransportSessionIndex)
275 | +- index (3) (ipfixTemplateObservationDomainId)
276 | + index (257) (ipfixTemplateId)
277 | | +- ipfixTemplateObservationDomainId (1) = 3
278 | | +- ipfixTemplateId (2) = 257
279 | | +- ipfixTemplateSetId (3) = 2
280 | | +- ipfixTemplateAccessTime (4)
281 | | = 2008-7-1,12:49:11.2,+2:0
282 | |
283 | + index (264) (ipfixTemplateId)
284 | +- ipfixTemplateObservationDomainId (1) = 3
285 | +- ipfixTemplateId (2) = 264
286 | +- ipfixTemplateSetId (3) = 3
287 | +- ipfixTemplateAccessTime (4)
288 . = 2008-7-1,12:47:04.8,+2:0
289 .
290 .
291 .
292 +- index (11) (ipfixTransportSessionIndex)
293 +- index (3) (ipfixTemplateObservationDomainId)
294 + index (273) (ipfixTemplateId)
295 | +- ipfixTemplateObservationDomainId (1) = 3
296 | +- ipfixTemplateId (2) = 273
297 | +- ipfixTemplateSetId (3) = 2
298 | +- ipfixTemplateAccessTime (4)
299 | = 2008-7-1,12:49:11.2,+2:0
300 |
301 + index (289) (ipfixTemplateId)
302 +- ipfixTemplateObservationDomainId (1) = 3
303 +- ipfixTemplateId (2) = 289
304 +- ipfixTemplateSetId (3) = 3
305 +- ipfixTemplateAccessTime (4)
306 = 2008-7-1,12:47:04.8,+2:0
308 We assume that the Transport Session that is stored with index 5 in
309 the Transport Session table of the Exporter is stored with index 17
310 in the Transport Session table of the (corresponding) Collector.
311 Then, the Template table would look as follows:
313 ipfixTemplateTable (3)
314 |
315 +- ipfixTemplateEntry (1)
316 |
317 +- index (17) (ipfixTransportSessionIndex)
318 +- index (3) (ipfixTemplateObservationDomainId)
319 + index (257) (ipfixTemplateId)
320 | +- ipfixTemplateObservationDomainId (1) = 3
321 | +- ipfixTemplateId (2) = 257
322 | +- ipfixTemplateSetId (3) = 2
323 | +- ipfixTemplateAccessTime (4)
324 | = 2008-7-1,12:49:11.8,+2:0
325 |
326 + index (264) (ipfixTemplateId)
327 +- ipfixTemplateObservationDomainId (1) = 3
328 +- ipfixTemplateId (2) = 264
329 +- ipfixTemplateSetId (3) = 3
330 +- ipfixTemplateAccessTime (4)
331 = 2008-7-1,12:47:05.3,+2:0
333 The table on the second Collector would be analogous to the one shown
334 above.
336 5.3. The Template Definition Table
338 The Template Definition table lists all the Information Elements
339 contained in a Template or Options Template. Therefore, it has the
340 same indexes as the corresponding Template table plus the Template
341 Id. Its own index denotes the order of the Information Element
342 inside the Template. Besides the Information Element Id and the
343 length of the encoded value, the table contains the enterprise number
344 for enterprise-specific Information Elements and flags for each
345 Information Element. The flags indicate if the Information Element
346 is used for scoping or as a Flow Key.
348 To resume the above example again, the Exporter is configured to
349 export the octets received and dropped at the Observation Point since
350 the last export of these values. In addition, it exports the start
351 and end time of the Flow relative to the timestamp contained in the
352 IPFIX header. This leads to the following Template Definition table
353 on the Exporter:
355 ipfixTemplateDefinitionTable (4)
356 |
357 +- ipfixTemplateDefinitionEntry (1)
358 |
359 +- index (5) (ipfixTransportSessionIndex)
360 +- index (3) (ipfixTemplateObservationDomainId)
361 + index (257) (ipfixTemplateId)
362 +- index (1) (ipfixTemplateDefinitionIndex)
363 | +- ipfixTemplateDefinitionIndex (1) = 1
364 | +- ipfixTemplateDefinitionIeId (2) = 158
365 | | (flowStartDeltaMicroseconds)
366 | +- ipfixTemplateDefinitionIeLength (3) = 4
367 | +- ipfixTemplateDefinitionEnterprise (4) = 0
368 | +- ipfixTemplateDefinitionFlags (5) = 0
369 |
370 +- index (2) (ipfixTemplateDefinitionIndex)
371 | +- ipfixTemplateDefinitionIndex (1) = 2
372 | +- ipfixTemplateDefinitionIeId (2) = 159
373 | | (flowEndDeltaMicroseconds)
374 | +- ipfixTemplateDefinitionIeLength (3) = 4
375 | +- ipfixTemplateDefinitionEnterprise (4) = 0
376 | +- ipfixTemplateDefinitionFlags (5) = 0
377 |
378 +- index (3) (ipfixTemplateDefinitionIndex)
379 | +- ipfixTemplateDefinitionIndex (1) = 3
380 | +- ipfixTemplateDefinitionIeId (2) = 1
381 | | (octetDeltaCount)
382 | +- ipfixTemplateDefinitionIeLength (3) = 8
383 | +- ipfixTemplateDefinitionEnterprise (4) = 0
384 | +- ipfixTemplateDefinitionFlags (5) = 0
385 |
386 +- index (4) (ipfixTemplateDefinitionIndex)
387 +- ipfixTemplateDefinitionIndex (1) = 4
388 +- ipfixTemplateDefinitionIeId (2) = 132
389 | (droppedOctetDeltaCount)
390 +- ipfixTemplateDefinitionIeLength (3) = 8
391 +- ipfixTemplateDefinitionEnterprise (4) = 0
392 +- ipfixTemplateDefinitionFlags (5) = 0
394 The corresponding table entry on the Collector is the same except
395 that it would have another ipfixTransportSessionIndex, e.g., 17 as in
396 the previous example.
398 5.4. The Export Table
400 On Exporters, the Export table (ipfixExportTable) can be used to
401 support features like failover, load-balancing, duplicate export to
402 several Collectors, etc. The table has three indexes that link an
403 entry with:
405 o the Metering Process table (ipfixMeteringProcessCacheId, see
406 below)
408 o and the Transport Session table (ipfixTransportSessionIndex).
410 Those entries with the same ipfixExportIndex and the same
411 ipfixMeteringProcessCacheId define a Transport Session group. The
412 member type for each group member describes its functionality. All
413 Transport Sessions referenced in this table MUST have the
414 ipfixTransportSessionDeviceMode exporting(1).
416 If the Exporter does not use Transport Session grouping, then each
417 ipfixExportIndex contains a single ipfixMeteringProcessCacheId, and
418 thus a singe Transport Session (ipfixTransportSessionIndex) and this
419 session MUST have the member type primary(1).
421 For failover, a Transport Session group can contain one Transport
422 Session with member type "primary" and several Transport Sessions
423 with type secondary(2). Entries with other member types are not
424 allowed for that type of group. For load-balancing or parallel
425 export, all Transport Sessions in the group MUST have the same member
426 type, either loadBalancing(4) or parallel(3).
428 The algorithms used for failover or load-balancing are out of the
429 scope of this document.
431 To continue the example, we assume that the Exporter uses the two
432 connections shown in the examples above as one primary Transport
433 Session protected by a secondary Transport Session. The Exporter
434 then has the following entries in the ipfixExportTable:
436 ipfixExportTable (5)
437 |
438 +- ipfixExportEntry (1)
439 |
440 +- index (7) (ipfixExportIndex)
441 | +- index (9) (ipfixMeteringProcessCacheId)
442 | | +- index (5) (ipfixTransportSessionIndex)
443 | | +- ipfixExportIndex (1) = 7
444 | | +- ipfixExportMemberType (2) = 1 (primary)
445 | |
446 | +- index (11) (ipfixTransportSessionIndex)
447 | +- ipfixExportIndex (1) = 7
448 | +- ipfixExportMemberType (2) = 2 (secondary)
449 |
450 +- index (8) (ipfixExportIndex)
451 +- index (9) (ipfixMeteringProcessCacheId)
452 +- index (5) (ipfixTransportSessionIndex)
453 | +- ipfixExportIndex (1) = 8
454 | +- ipfixExportMemberType (2) = 2 (secondary)
455 +- index (11) (ipfixTransportSessionIndex)
456 +- ipfixExportIndex (1) = 8
457 +- ipfixExportMemberType (2) = 1 (primary)
459 The example shows that the Exporter uses the Metering Process Cache
460 9, explained below, to export IPFIX Data Records for the Transport
461 Sessions 5 and 11. The Templates 257 and 264 defined above are
462 exported within Transport Session 5, and the Templates 273 and 289
463 are exported within Transport Session 11. If we assume that
464 Templates 257 and 264 are identical, then the Collector that receives
465 Transport Session 11 is a backup for the Collector of Transport
466 Session 5.
468 5.5. The Metering Process Table
470 The Metering Process, as defined in [RFC5101], consists of a set of
471 functions. Maintaining the Flow Records is one of them. This
472 function is responsible for passing the Flow Records to the Exporting
473 Process and also for detecting Flow expiration. The Flow Records
474 that are maintained by the Metering Process can be grouped by the
475 Observation Points at which they are observed. The instance that
476 maintains such a group of Flow Records is a kind of cache. For this
477 reason, the Metering Process table (ipfixMeteringProcessTable) is
478 indexed by cache Ids (ipfixMeteringProcessCacheId). Each cache can
479 be maintained by a separate instance of the Metering Process. To
480 specify the Observation Point(s) where the Flow Records are gathered,
481 the ipfixMeteringProcessObservationPointGroupRef may contain an
482 ipfixObservationPointGroupId from the Observation Point table
483 (ipfixObservationPointTable) described in the next section. If an
484 Observation Point is not specified for the Flow Records, the
485 ipfixMeteringProcessObservationPointGroupRef MUST be zero(0). The
486 timeouts (ipfixMeteringProcessCacheActiveTimeout and
487 ipfixMeteringProcessCacheInactiveTimeout) specify when Flows are
488 expired.
490 ipfixMeteringProcessTable (6)
491 |
492 +- ipfixMeteringProcessEntry (1)
493 |
494 +- index (9) (ipfixMeteringProcessCacheId)
495 +- ipfixMeteringProcessCacheId (1) = 9
496 +- ipfixMeteringProcessObservationPointGroupRef (2) = 17
497 +- ipfixMeteringProcessCacheActiveTimeout (3) = 100
498 +- ipfixMeteringProcessCacheInactiveTimeout (4) = 100
500 5.6. The Observation Point Table
502 The Observation Point table (ipfixObservationPointTable) groups
503 Observation Points with the ipfixObservationPointGroupId. Each entry
504 contains the Observation Domain Id in which the Observation Point is
505 located and a reference to the ENTITY MIB module [RFC4133] or the IF
506 MIB module [RFC2863]. The objects in the ENTITY MIB module
507 referenced by ipfixObservationPointPhysicalEntity or IF MIB module
508 referenced by ipfixObservationPointPhysicalInterface denote the
509 Observation Point. If no such index can be given in those modules,
510 the references MUST be 0. If a reference is given in both object
511 ipfixObservationPointPhysicalEntity and
512 ipfixObservationPointPhysicalInterface, then both MUST point to the
513 same physical interface. In addition, a direction can be given to
514 render more specifically which Flow to monitor.
516 ipfixObservationPointTable (7)
517 |
518 +- ipfixObservationPointEntry (1)
519 |
520 +- index (17) (ipfixObservationPointGroupId)
521 +- index (1) (ipfixObservationPointIndex)
522 | +- ipfixObservationPointGroupId (1) = 17
523 | +- ipfixObservationPointIndex (2) = 1
524 | +- ipfixObservationPointObservationDomainId (3) = 3
525 | +- ipfixObservationPointPhysicalEntity (4) = 6
526 | +- ipfixObservationPointPhysicalInterface(5) = 0
527 | +- ipfixObservationPointPhysicalEntityDirection (6)
528 = 3 (both)
529 |
530 +- index (2) (ipfixObservationPointIndex)
531 +- ipfixObservationPointGroupId (1) = 17
532 +- ipfixObservationPointIndex (2) = 2
533 +- ipfixObservationPointObservationDomainId (3) = 3
534 +- ipfixObservationPointPhysicalEntity (4) = 0
535 +- ipfixObservationPointPhysicalInterface (5) = 0
536 +- ipfixObservationPointPhysicalEntityDirection (6)
537 = 1 (ingress)
539 5.7. The Selection Process Table
541 This table supports the usage of Filtering and Sampling functions, as
542 described in [RFC5470]. It contains lists of functions per Metering
543 Process cache (ipfixMeteringProcessCacheId). The selection process
544 index ipfixSelectionProcessIndex forms groups of selection methods
545 that are applied to an observed packet stream. The selection process
546 selector index (ipfixSelectionProcessSelectorIndex) indicates the
547 order in which the functions are applied to the packets observed at
548 the Observation Points associated with the Metering Process cache.
549 The selection methods are applied in increasing order, i.e.,
550 selection methods with a lower ipfixSelectionProcessSelectorIndex are
551 applied first. The functions are referred by object identifiers
552 pointing to the function with its parameters. If the selection
553 method does not use parameters, then it MUST point to the root of the
554 function subtree (see also Section 6). If the function uses
555 parameters, then it MUST point to an entry in the parameter table of
556 the selection method. If no Filtering or Sampling function is used
557 for a Metering Process, then an entry for the Metering Process SHOULD
558 be created pointing to the Select All function (ipfixFuncSelectAll).
560 5.8. The Statistical Tables
562 For the ipfixTransportSessionTable, the ipfixTemplateTable, the
563 ipfixMeteringProcessTable, and the ipfixSelectionProcessTable
564 statistical tables are defined that augment those tables. All the
565 statistical tables contain a discontinuity object that holds a
566 timestamp that denotes the time when a discontinuity event occurred
567 to notify the management system that the counters contained in those
568 tables might not be continuous anymore.
570 5.8.1. The Transport Session Statistical Table
572 The Transport Session Statistical table
573 (ipfixTransportSessionStatsTable) augments the
574 ipfixTransportSessionTable with statistical values. It contains the
575 rate (in bytes per second) with which it receives or sends out IPFIX
576 Messages, the number of bytes, packets, messages, Records, Templates
577 and Options Templates received or sent and the number of messages
578 that were discarded.
580 5.8.2. The Template Statistical Table
582 This table contains a statistical value for each Template. It
583 augments the Template table (ipfixTemplateTable) and specifies the
584 number of Data Records exported or collected for the Template.
586 5.8.3. The Metering Process Statistical Table
588 This table augments the Metering Process table
589 (ipfixMeteringProcessTable). It contains the statistical values for
590 the exported Data Records and the number of unused cache entries.
592 5.8.4. The Selection Process Statistical Table
594 This table augments the Selection Process table
595 (ipfixSelectionProcessTable) and introduces two generic statistical
596 values, the number of packets observed and the number of packets
597 dropped by the selection method.
599 6. Structure of the IPFIX SELECTOR MIB
601 The IPFIX SELECTOR MIB module defined in this section provides the
602 standard Filtering and Sampling functions that can be referenced in
603 the ipfixSelectionProcessTable. All standard Filtering and Sampling
604 functions MUST be registered in the subtree under object
605 ipfixSelectorFunctions (iso.org.dod.internet.mgmt.mib-
606 2.ipfixSelectorMIB, or as numbers 1.3.6.1.2.1.194). The toplevel
607 OIDs in the subtree under object ipfixSelectorFunctions MUST be
608 registered in a subregistry maintained by IANA at
609 http://www.iana.org/assignments/smi-numbers. The first entry in this
610 subtree is the Select All function (ipfixFuncSelectAll) defined in
611 this document as { ipfixSelectorFunctions 1}. Further selector
612 functions MUST be registered at IANA and are subject to Expert Review
613 [RFC5226], i.e., review by one of a group of experts designated by an
614 IETF Area Director. The group of experts MUST check the requested
615 MIB objects for completeness and accuracy of the description.
616 Requests for MIB objects that duplicate the functionality of existing
617 objects SHOULD be declined. The smallest available OID SHOULD be
618 assigned to a new MIB objects. The specification of new MIB objects
619 SHOULD follow the structure specified in the next Section and MUST be
620 published using a well-established and persistent publication medium.
621 The experts will initially be drawn from the Working Group Chairs and
622 document editors of the IPFIX and PSAMP Working Groups.
624 6.1. The Selector Functions
626 The following figure shows what the MIB tree usually should look
627 like. It already contains the ipfixFuncSelectAll. The subtree in
628 ipfixFuncF2 gives the basic structure that all selection methods
629 SHOULD follow.
631 ipfixSelectorFunctions
632 |
633 +- ipfixFuncSelectAll
634 | |
635 | +- ipfixFuncSelectAllAvail (is the function available?)
636 |
637 +- ipfixFuncF2
638 | |
639 | +- ipfixFuncF2Avail (is the function F2 available?)
640 | |
641 | +- ipfixFuncF2Parameters (a table with parameters)
642 ...
643 |
644 +- ipfixFunFn...
646 The selection method SHOULD be designed as a MIB subtree introduced
647 by an object with the name ipfixFunc appended by a function name.
648 The objects in this subtree SHOULD be prefixed by this name. If the
649 function is named Fx, then we would start a subtree with an OID named
650 ipfixFuncFx. This subtree should contain an object ipfixFuncFxAvail
651 that has the type TruthValue. If a selection method takes
652 parameters, the MIB should contain a table named
653 ipfixFuncFxParameters, which should contain all the parameters that
654 the selection method specifies. An entry in this table will be
655 referenced by the IPFIX MIB module if the selection method with the
656 parameters is used.
658 To illustrate the structure defined above, the following contains an
659 example of a function MyFunc that holds three integer parameters
660 Param1, Param2, and Param3. In the example, there are currently two
661 instances of the parameters set defined with indexes 1 and 4.
663 ipfixSelectorFunctions (1)
664 |
665 +- ipfixFuncMyFunc (?)
666 |
667 +- ipfixFuncMyFuncAvail (1) = true
668 +- ipfixFuncMyFuncParameters (2)
669 |
670 +- ipfixFuncMyFuncParametersEntry (1)
671 |
672 +- index (1) (ipfixFuncMyFuncParametersIndex)
673 | +- ipfixFuncMyFuncParam1 (1) = 47
674 | +- ipfixFuncMyFuncParam2 (2) = -128
675 | +- ipficFuncMyFuncParam3 (3) = 19
676 |
677 +- index(4) (ipfixFuncMyFuncParametersIndex)
678 +- ipfixFuncMyFuncParam1 (1) = 19
679 +- ipfixFuncMyFuncParam2 (2) = -1
680 +- ipficFuncMyFuncParam3 (3) = 728
682 If the function defined above is referenced in the IPFIX MIB module,
683 the ipfixSelectionProcessTable would look as follows:
685 ipfixSelectionProcessTable (8)
686 |
687 +- ipfixSelectionProcessEntry (1)
688 |
689 +- index (9) (ipfixMeteringProcessCacheId)
690 +- index (1) (ipfixSelectionProcessIndex)
691 +- index (1) (ipfixSelectionProcessSelectorIndex)
692 | +- ipfixSelectionProcessSelectorFunction (3)
693 | = ipfixSelectorFunctions.?.2.1.4
694 +- index (2) (ipfixSelectionProcessSelectorIndex)
695 +- ipfixSelectionProcessSelectorFunction (3)
696 = ipfixSelectorFunctions.?.2.1.1
698 This means that for the ipfixMeteringProcessCacheId(9), a Selection
699 Process with index 1 is created that applies two times the same
700 function but with different parameter sets. First, the function
701 MyFunc is applied with the parameters of the set with index 4 and the
702 with the parameters of the set with index 1.
704 7. Relationship to Other MIB Modules
706 Besides the usual imports from the SNMP Standards [RFC2578],
707 [RFC2579], and [RFC2580], the IPFIX MIB module references the ENTITY
708 MIB module [RFC4133] and the IF MIB module [RFC2863].
710 7.1. Relationship to the ENTITY MIB and IF MIB
712 The Observation Point table (ipfixObservationPointTable) contains a
713 reference to the ENTITY MIB module[RFC4133]
714 (ipfixObservationPointPhysicalEntity) or the IF MIB module [RFC2863]
715 (ipfixObservationPointPhysicalInterface). If the implementors of the
716 IPFIX MIB module want to specify the physical entity where Flows are
717 observed, then they SHOULD also implement the ENTITY MIB and/or the
718 IF MIB module. The implementation of the ENTITY MIB and/or IF MIB
719 module is OPTIONAL. If one of them is not implemented, then all
720 values of the respective column ipfixObservationPointPhysicalEntity
721 or ipfixObservationPointPhysicalInterface in the Observation Point
722 table are zero and the values of the
723 ipfixObservationPointPhysicalEntityDirection columns are unknown(0),
724 if none of them are defined.
726 7.2. MIB Modules Required for IMPORTS
728 The IPFIX MIB module requires the modules SNMPv2-SMI [RFC2578],
729 SNMPv2-TC [RFC2579], and SNMPv2-CONF [RFC2580]. Further on, it
730 imports the textual conventions InetAddressType and InetAddress from
731 the INET ADDRESS MIB module [RFC4001].
733 The IPFIX SELECTOR MIB module also requires the modules SNMPv2-SMI
734 [RFC2578], SNMPv2-TC [RFC2579], and SNMPv2-CONF [RFC2580].
736 8. MIB Definitions
738 This section contains the definitions of the IPFIX-MIB module and the
739 IPFIX-SELECTOR-MIB module. There are different mandatory groups
740 defined for Collector and Exporter implementations. The statistical
741 objects are made OPTIONAL.
743 8.1. IPFIX MIB Definition
745 IPFIX-MIB DEFINITIONS ::= BEGIN
747 IMPORTS
748 MODULE-IDENTITY, OBJECT-TYPE, mib-2, Unsigned32, Counter64,
749 Gauge32
750 FROM SNMPv2-SMI -- RFC2578
751 TimeStamp, DateAndTime
752 FROM SNMPv2-TC -- RFC2579
753 MODULE-COMPLIANCE, OBJECT-GROUP
754 FROM SNMPv2-CONF -- RFC2580
755 InterfaceIndexOrZero
756 FROM IF-MIB -- RFC2863
757 InetAddressType, InetAddress, InetPortNumber
758 FROM INET-ADDRESS-MIB -- RFC4001
759 PhysicalIndexOrZero
760 FROM ENTITY-MIB; -- RFC4133
762 ipfixMIB MODULE-IDENTITY
763 LAST-UPDATED "201004190000Z" -- 19 April 2010
764 ORGANIZATION "IETF IPFIX Working Group"
765 CONTACT-INFO
766 "WG charter:
767 http://www.ietf.org/html.charters/ipfix-charter.html
769 Mailing Lists:
770 General Discussion: ipfix@ietf.org
771 To Subscribe: http://www1.ietf.org/mailman/listinfo/ipfix
772 Archive:
773 http://www1.ietf.org/mail-archive/web/ipfix/current/index.html
775 Editor:
776 Thomas Dietz
777 NEC Europe Ltd.
778 NEC Laboratories Europe
779 Network Research Division
780 Kurfuersten-Anlage 36
781 69115 Heidelberg
782 Germany
783 Phone: +49 6221 4342-128
784 Email: Thomas.Dietz@nw.neclab.eu
786 Atsushi Kobayashi
787 NTT Information Sharing Platform Laboratories
788 3-9-11 Midori-cho
789 Musashino-shi
790 180-8585
791 Japan
792 Phone: +81-422-59-3978
793 Email: akoba@nttv6.net
795 Benoit Claise
796 Cisco Systems, Inc.
797 De Kleetlaan 6a b1
798 Degem 1831
799 Belgium
800 Phone: +32 2 704 5622
801 Email: bclaise@cisco.com
803 Gerhard Muenz
804 Technische Universitaet Muenchen
805 Department of Informatics
806 Chair for Network Architectures and Services (I8)
807 Boltzmannstr. 3
808 85748 Garching
809 Germany
810 Phone: +49 89 289-18008
811 Email: muenz@net.in.tum.de
812 URI: http://www.net.in.tum.de/~muenz"
813 DESCRIPTION
814 "The IPFIX MIB defines managed objects for IP Flow
815 Information eXport. These objects provide information about
816 managed nodes supporting the IPFIX protocol,
817 for Exporters as well as for Collectors.
819 Copyright (c) 2010 IETF Trust and the persons identified as
820 authors of the code. All rights reserved.
822 Redistribution and use in source and binary forms, with or
823 without modification, is permitted pursuant to, and subject
824 to the license terms contained in, the Simplified BSD
825 License set forth in Section 4.c of the IETF Trust's
826 Legal Provisions Relating to IETF Documents
827 (http://trustee.ietf.org/license-info)."
829 -- Revision history
830 REVISION "201004190000Z" -- 19 April 2010
831 DESCRIPTION
832 "Initial version, published as RFC 5815."
834 ::= { mib-2 193 }
836 --******************************************************************
837 -- Top Level Structure of the MIB
838 --******************************************************************
840 ipfixObjects OBJECT IDENTIFIER ::= { ipfixMIB 1 }
841 ipfixConformance OBJECT IDENTIFIER ::= { ipfixMIB 2 }
843 ipfixMainObjects OBJECT IDENTIFIER ::= { ipfixObjects 1 }
844 ipfixStatistics OBJECT IDENTIFIER ::= { ipfixObjects 2 }
846 --==================================================================
847 -- 1.1: Objects used by all IPFIX implementations
848 --==================================================================
849 --------------------------------------------------------------------
850 -- 1.1.1: Transport Session Table
851 --------------------------------------------------------------------
852 ipfixTransportSessionTable OBJECT-TYPE
853 SYNTAX SEQUENCE OF IpfixTransportSessionEntry
854 MAX-ACCESS not-accessible
855 STATUS current
856 DESCRIPTION
857 "This table lists the currently established Transport
858 Sessions between an Exporting Process and a Collecting
859 Process."
860 ::= { ipfixMainObjects 1 }
862 ipfixTransportSessionEntry OBJECT-TYPE
863 SYNTAX IpfixTransportSessionEntry
864 MAX-ACCESS not-accessible
865 STATUS current
866 DESCRIPTION
867 "Defines an entry in the ipfixTransportSessionTable."
868 INDEX { ipfixTransportSessionIndex }
869 ::= { ipfixTransportSessionTable 1 }
871 IpfixTransportSessionEntry ::=
872 SEQUENCE {
873 ipfixTransportSessionIndex Unsigned32,
874 ipfixTransportSessionProtocol Unsigned32,
875 ipfixTransportSessionSourceAddressType InetAddressType,
876 ipfixTransportSessionSourceAddress InetAddress,
877 ipfixTransportSessionDestinationAddressType InetAddressType,
878 ipfixTransportSessionDestinationAddress InetAddress,
879 ipfixTransportSessionSourcePort InetPortNumber,
880 ipfixTransportSessionDestinationPort InetPortNumber,
881 ipfixTransportSessionSctpAssocId Unsigned32,
882 ipfixTransportSessionDeviceMode INTEGER,
883 ipfixTransportSessionTemplateRefreshTimeout Unsigned32,
884 ipfixTransportSessionOptionsTemplateRefreshTimeout Unsigned32,
885 ipfixTransportSessionTemplateRefreshPacket Unsigned32,
886 ipfixTransportSessionOptionsTemplateRefreshPacket Unsigned32,
887 ipfixTransportSessionIpfixVersion Unsigned32,
888 ipfixTransportSessionStatus INTEGER
889 }
891 ipfixTransportSessionIndex OBJECT-TYPE
892 SYNTAX Unsigned32 (1..4294967295)
893 MAX-ACCESS not-accessible
894 STATUS current
895 DESCRIPTION
896 "Locally arbitrary, but unique identifier of an entry in
897 the ipfixTransportSessionTable. The value is expected to
898 remain constant from a re-initialization of the entity's
899 network management agent to the next re-initialization."
900 ::= { ipfixTransportSessionEntry 1 }
902 ipfixTransportSessionProtocol OBJECT-TYPE
903 SYNTAX Unsigned32 (1..255)
904 MAX-ACCESS read-only
905 STATUS current
906 DESCRIPTION
907 "The transport protocol used for receiving or transmitting
908 IPFIX Messages. Protocol numbers are assigned by IANA. A
909 current list of all assignments is available from
910 ."
911 REFERENCE
912 "RFC 5101, Specification of the IP Flow
913 Information Export (IPFIX) Protocol for the Exchange of IP
914 Traffic Flow Information, Section 10."
915 ::= { ipfixTransportSessionEntry 2 }
917 ipfixTransportSessionSourceAddressType OBJECT-TYPE
918 SYNTAX InetAddressType
919 MAX-ACCESS read-only
920 STATUS current
921 DESCRIPTION
922 "The type of address used for the source address,
923 as specified in RFC 4001. This object is used with protocols
924 (specified in ipfixTransportSessionProtocol) like TCP (6)
925 and UDP (17) that have the notion of addresses. SCTP (132)
926 should use the ipfixTransportSessionSctpAssocId instead.
927 If SCTP (132) or any other protocol without the notion of
928 addresses is used, the object MUST be set to unknown(0)."
929 ::= { ipfixTransportSessionEntry 3 }
931 ipfixTransportSessionSourceAddress OBJECT-TYPE
932 SYNTAX InetAddress
933 MAX-ACCESS read-only
934 STATUS current
935 DESCRIPTION
936 "The source address of the Exporter of the IPFIX Transport
937 Session. This value is interpreted according to the value of
938 ipfixTransportSessionAddressType as specified in RFC 4001.
939 This object is used with protocols (specified in
940 ipfixTransportSessionProtocol) like TCP (6) and UDP (17) that
941 have the notion of addresses. SCTP (132) should use the
942 ipfixTransportSessionSctpAssocId instead. If SCTP (132) or
943 any other protocol without the notion of addresses is used,
944 the object MUST be set to a zero-length string."
945 ::= { ipfixTransportSessionEntry 4 }
947 ipfixTransportSessionDestinationAddressType OBJECT-TYPE
948 SYNTAX InetAddressType
949 MAX-ACCESS read-only
950 STATUS current
951 DESCRIPTION
952 "The type of address used for the destination address,
953 as specified in RFC 4001. This object is used with protocols
954 (specified in ipfixTransportSessionProtocol) like TCP (6)
955 and UDP (17) that have the notion of addresses. SCTP (132)
956 should use the ipfixTransportSessionSctpAssocId instead.
957 If SCTP (132) or any other protocol without the notion of
958 addresses is used, the object MUST be set to unknown(0)."
959 ::= { ipfixTransportSessionEntry 5 }
961 ipfixTransportSessionDestinationAddress OBJECT-TYPE
962 SYNTAX InetAddress
963 MAX-ACCESS read-only
964 STATUS current
966 DESCRIPTION
967 "The destination address of the Collector of the IPFIX
968 Transport Session. This value is interpreted according to
969 the value of ipfixTransportSessionAddressType, as specified
970 in RFC 4001. This object is used with protocols
971 (specified in ipfixTransportSessionProtocol) like TCP (6)
972 and UDP (17) that have the notion of addresses. SCTP (132)
973 should use the ipfixTransportSessionSctpAssocId instead.
975 If SCTP (132) or any other protocol without the notion of
976 addresses is used, the object MUST be set to a zero-length
977 string"
978 ::= { ipfixTransportSessionEntry 6 }
980 ipfixTransportSessionSourcePort OBJECT-TYPE
981 SYNTAX InetPortNumber
982 MAX-ACCESS read-only
983 STATUS current
984 DESCRIPTION
985 "The transport protocol port number of the Exporter.
986 This object is used with protocols (specified in
987 ipfixTransportSessionProtocol) like TCP (6)
988 and UDP (17) that have the notion of ports. SCTP (132)
989 should copy the value of sctpAssocLocalPort if the
990 Transport Session is in collecting mode or
991 sctpAssocRemPort if the Transport Session is in
992 exporting mode. The association is referenced
993 by the ipfixTransportSessionSctpAssocId.
994 If any other protocol without the notion of
995 ports is used, the object MUST be set to zero."
996 ::= { ipfixTransportSessionEntry 7 }
998 ipfixTransportSessionDestinationPort OBJECT-TYPE
999 SYNTAX InetPortNumber
1000 MAX-ACCESS read-only
1001 STATUS current
1002 DESCRIPTION
1003 "The transport protocol port number of the Collector. The
1004 default value is 4739 for all currently defined transport
1005 protocol types. This object is used with protocols
1006 (specified in ipfixTransportSessionProtocol) like TCP (6)
1007 and UDP (17) that have the notion of ports. SCTP (132)
1008 should copy the value of sctpAssocRemPort if the
1009 Transport Session is in collecting mode or
1010 sctpAssocLocalPort if the Transport Session is in
1011 exporting mode. The association is referenced
1012 by the ipfixTransportSessionSctpAssocId.
1013 If any other protocol without the notion of
1014 ports is used, the object MUST be set to zero."
1016 ::= { ipfixTransportSessionEntry 8 }
1018 ipfixTransportSessionSctpAssocId OBJECT-TYPE
1019 SYNTAX Unsigned32
1020 MAX-ACCESS read-only
1021 STATUS current
1022 DESCRIPTION
1023 "The association id used for the SCTP session between the
1024 Exporter and the Collector of the IPFIX Transport Session.
1025 It is equal to the sctpAssocId entry in the sctpAssocTable
1026 defined in the SCTP MIB. This object is only valid if
1027 ipfixTransportSessionProtocol has the value 132 (SCTP). In
1028 all other cases, the value MUST be zero."
1029 REFERENCE
1030 "RFC 3873, Stream Control Transmission Protocol (SCTP)
1031 Management Information Base (MIB)."
1032 ::= { ipfixTransportSessionEntry 9 }
1034 ipfixTransportSessionDeviceMode OBJECT-TYPE
1035 SYNTAX INTEGER {
1036 exporting(1),
1037 collecting(2)
1038 }
1039 MAX-ACCESS read-only
1040 STATUS current
1041 DESCRIPTION
1042 "The mode of operation of the device for the given Transport
1043 Session. This object can have the following values:
1045 exporting(1)
1046 This value MUST be used if the Transport Session is
1047 used for exporting Records to other IPFIX Devices,
1048 i.e., this device acts as Exporter.
1050 collecting(2)
1051 This value MUST be used if the Transport Session is
1052 used for collecting Records from other IPFIX Devices,
1053 i.e., this device acts as Collector."
1054 ::= { ipfixTransportSessionEntry 10 }
1056 ipfixTransportSessionTemplateRefreshTimeout OBJECT-TYPE
1057 SYNTAX Unsigned32
1058 UNITS "seconds"
1059 MAX-ACCESS read-only
1060 STATUS current
1062 DESCRIPTION
1063 "On Exporters, this object contains the time in seconds
1064 after which IPFIX Templates are resent by the
1065 Exporter.
1067 On Collectors, this object contains the lifetime in seconds
1068 after which a Template becomes invalid when it is not
1069 received again within this lifetime.
1071 This object is only valid if ipfixTransportSessionProtocol
1072 has the value 17 (UDP). In all other cases, the value MUST
1073 be zero."
1074 REFERENCE
1075 "RFC 5101, Specification of the IP Flow Information Export
1076 (IPFIX) Protocol for the Exchange of IP Traffic Flow
1077 Information, Sections 10.3.6 and 10.3.7."
1078 ::= { ipfixTransportSessionEntry 11 }
1080 ipfixTransportSessionOptionsTemplateRefreshTimeout OBJECT-TYPE
1081 SYNTAX Unsigned32
1082 UNITS "seconds"
1083 MAX-ACCESS read-only
1084 STATUS current
1085 DESCRIPTION
1086 "On Exporters, this object contains the time in seconds
1087 after which IPFIX Options Templates are resent by the
1088 Exporter.
1090 On Collectors, this object contains the lifetime in seconds
1091 after which an Options Template becomes invalid when it is
1092 not received again within this lifetime.
1094 This object is only valid if ipfixTransportSessionProtocol
1095 has the value 17 (UDP). In all other cases the value MUST
1096 be zero."
1097 REFERENCE
1098 "RFC 5101, Specification of the IP Flow Information Export
1099 (IPFIX) Protocol for the Exchange of IP Traffic Flow
1100 Information, Sections 10.3.6 and 10.3.7."
1101 ::= { ipfixTransportSessionEntry 12 }
1103 ipfixTransportSessionTemplateRefreshPacket OBJECT-TYPE
1104 SYNTAX Unsigned32
1105 UNITS "packets"
1106 MAX-ACCESS read-only
1107 STATUS current
1109 DESCRIPTION
1110 "On Exporters, this object contains the number of exported
1111 IPFIX Messages after which IPFIX Templates are resent
1112 by the Exporter.
1114 On Collectors, this object contains the lifetime in number
1115 of exported IPFIX Messages after which a Template becomes
1116 invalid when it is not received again within this lifetime.
1118 This object is only valid if ipfixTransportSessionProtocol
1119 has the value 17 (UDP). In all other cases the value MUST
1120 be zero."
1121 REFERENCE
1122 "RFC 5101, Specification of the IP Flow Information Export
1123 (IPFIX) Protocol for the Exchange of IP Traffic Flow
1124 Information, Sections 10.3.6 and 10.3.7."
1125 ::= { ipfixTransportSessionEntry 13 }
1127 ipfixTransportSessionOptionsTemplateRefreshPacket OBJECT-TYPE
1128 SYNTAX Unsigned32
1129 UNITS "packets"
1130 MAX-ACCESS read-only
1131 STATUS current
1132 DESCRIPTION
1133 "On Exporters, this object contains the number of exported
1134 IPFIX Messages after which IPFIX Options Templates are
1135 resent by the Exporter.
1137 On Collectors, this object contains the lifetime in number
1138 of exported IPFIX Messages after which an Options Template
1139 becomes invalid when it is not received again within this
1140 lifetime.
1142 This object is only valid if ipfixTransportSessionProtocol
1143 has the value 17 (UDP). In all other cases the value MUST
1144 be zero."
1145 REFERENCE
1146 "RFC 5101, Specification of the IP Flow Information Export
1147 (IPFIX) Protocol for the Exchange of IP Traffic Flow
1148 Information, Sections 10.3.6 and 10.3.7."
1149 ::= { ipfixTransportSessionEntry 14 }
1151 ipfixTransportSessionIpfixVersion OBJECT-TYPE
1152 SYNTAX Unsigned32 (0..65535)
1153 MAX-ACCESS read-only
1154 STATUS current
1156 DESCRIPTION
1157 "On Exporters the object contains the version number of the
1158 IPFIX protocol that the Exporter uses to export its data in
1159 this Transport Session.
1161 On Collectors the object contains the version number of the
1162 IPFIX protocol it receives for this Transport Session.
1164 If IPFIX Messages of different IPFIX protocol versions are
1165 transmitted or received in this Transport Session, this
1166 object contains the maximum version number."
1168 REFERENCE
1169 "RFC 5101, Specification of the IP Flow Information Export
1170 (IPFIX) Protocol for the Exchange of IP Traffic Flow
1171 Information, Section 3.1."
1172 ::= { ipfixTransportSessionEntry 15 }
1174 ipfixTransportSessionStatus OBJECT-TYPE
1175 SYNTAX INTEGER {
1176 unknown(0),
1177 inactive(1),
1178 active(2)
1179 }
1180 MAX-ACCESS read-only
1181 STATUS current
1182 DESCRIPTION
1183 "The status of a Transport Session. This object can have the
1184 following values:
1186 unknown(0)
1187 This value MUST be used if the status of the
1188 Transport Session cannot be detected by the equipment.
1189 This value should be avoided as far as possible.
1191 inactive(1)
1192 This value MUST be used for Transport Sessions that
1193 are specified in the system but are not currently active.
1194 The value can be used, e.g., for Transport Sessions that
1195 are backup (secondary) sessions in a Transport Session
1196 group.
1198 active(2)
1199 This value MUST be used for Transport Sessions that are
1200 currently active and transmitting or receiving data."
1201 ::= { ipfixTransportSessionEntry 16 }
1203 --------------------------------------------------------------------
1204 -- 1.1.2: Template Table
1205 --------------------------------------------------------------------
1206 ipfixTemplateTable OBJECT-TYPE
1207 SYNTAX SEQUENCE OF IpfixTemplateEntry
1208 MAX-ACCESS not-accessible
1209 STATUS current
1210 DESCRIPTION
1211 "This table lists the Templates and Options Templates that
1212 are transmitted by the Exporting Process or received by the
1213 Collecting Process.
1215 The table contains the Templates and Options Templates that
1216 are received or used for exporting data for a given
1217 Transport Session group and Observation Domain.
1219 Withdrawn or invalidated (Options) Template MUST be removed
1220 from this table."
1221 ::= { ipfixMainObjects 2 }
1223 ipfixTemplateEntry OBJECT-TYPE
1224 SYNTAX IpfixTemplateEntry
1225 MAX-ACCESS not-accessible
1226 STATUS current
1227 DESCRIPTION
1228 "Defines an entry in the ipfixTemplateTable."
1229 INDEX {
1230 ipfixTransportSessionIndex,
1231 ipfixTemplateObservationDomainId,
1232 ipfixTemplateId
1233 }
1234 ::= { ipfixTemplateTable 1 }
1236 IpfixTemplateEntry ::=
1237 SEQUENCE {
1238 ipfixTemplateObservationDomainId Unsigned32,
1239 ipfixTemplateId Unsigned32,
1240 ipfixTemplateSetId Unsigned32,
1241 ipfixTemplateAccessTime DateAndTime
1242 }
1244 ipfixTemplateObservationDomainId OBJECT-TYPE
1245 SYNTAX Unsigned32 (0..4294967295)
1246 MAX-ACCESS not-accessible
1247 STATUS current
1248 DESCRIPTION
1249 "The Id of the Observation Domain for which this Template
1250 is defined. This value is used when sending IPFIX Messages.
1252 The special value of 0 indicates that the Data Records
1253 exported with this (Option Template) cannot be applied to a
1254 single Observation Domain."
1255 REFERENCE
1256 "RFC 5101, Specification of the IP Flow Information Export
1257 (IPFIX) Protocol for the Exchange of IP Traffic Flow
1258 Information, Section 3.1."
1259 ::= { ipfixTemplateEntry 1 }
1261 ipfixTemplateId OBJECT-TYPE
1262 SYNTAX Unsigned32 (256..65535)
1263 MAX-ACCESS not-accessible
1264 STATUS current
1265 DESCRIPTION
1266 "This number indicates the Template Id in the IPFIX
1267 Message. Values from 0 to 255 are not allowed for Template
1268 Ids."
1269 REFERENCE
1270 "RFC 5101, Specification of the IP Flow Information Export
1271 (IPFIX) Protocol for the Exchange of IP Traffic Flow
1272 Information, Section 3.4.1."
1273 ::= { ipfixTemplateEntry 2 }
1275 ipfixTemplateSetId OBJECT-TYPE
1276 SYNTAX Unsigned32 (1..65535)
1277 MAX-ACCESS read-only
1278 STATUS current
1279 DESCRIPTION
1280 "This number indicates the Set Id of the Template. This
1281 object allows to easily retrieve the Template type.
1283 Currently, there are two values defined. The value 2 is
1284 used for Sets containing Template definitions. The value 3
1285 is used for Sets containing Options Template definitions."
1286 REFERENCE
1287 "RFC 5101, Specification of the IP Flow Information Export
1288 (IPFIX) Protocol for the Exchange of IP Traffic Flow
1289 Information, Section 3.3.2."
1290 ::= { ipfixTemplateEntry 3 }
1292 ipfixTemplateAccessTime OBJECT-TYPE
1293 SYNTAX DateAndTime
1294 MAX-ACCESS read-only
1295 STATUS current
1296 DESCRIPTION
1297 "If the Transport Session is in exporting mode
1298 (ipfixTransportSessionDeviceMode) the time when this
1299 (Options) Template was last sent to the Collector(s).
1301 In the specific case of UDP as transport protocol, this
1302 time is used to know when a retransmission of the
1303 (Options) Template is needed.
1305 If it is in collecting mode, this object contains the
1306 time when this (Options) Template was last received from
1307 the Exporter. In the specific case of UDP as transport
1308 protocol, this time is used to know when this (Options)
1309 Template times out and thus is no longer valid."
1310 ::= { ipfixTemplateEntry 4 }
1312 --------------------------------------------------------------------
1313 -- 1.1.3: Exported Template Definition Table
1314 --------------------------------------------------------------------
1315 ipfixTemplateDefinitionTable OBJECT-TYPE
1316 SYNTAX SEQUENCE OF IpfixTemplateDefinitionEntry
1317 MAX-ACCESS not-accessible
1318 STATUS current
1319 DESCRIPTION
1320 "On Exporters, this table lists the (Options) Template fields
1321 of which a (Options) Template is defined. It defines the
1322 (Options) Template given in the ipfixTemplateId specified in
1323 the ipfixTemplateTable.
1325 On Collectors, this table lists the (Options) Template fields
1326 of which a (Options) Template is defined. It defines the
1327 (Options) Template given in the ipfixTemplateId specified in
1328 the ipfixTemplateTable."
1329 ::= { ipfixMainObjects 3 }
1331 ipfixTemplateDefinitionEntry OBJECT-TYPE
1332 SYNTAX IpfixTemplateDefinitionEntry
1333 MAX-ACCESS not-accessible
1334 STATUS current
1335 DESCRIPTION
1336 "Defines an entry in the ipfixTemplateDefinitionTable."
1338 INDEX {
1339 ipfixTransportSessionIndex,
1340 ipfixTemplateObservationDomainId,
1341 ipfixTemplateId,
1342 ipfixTemplateDefinitionIndex
1343 }
1344 ::= { ipfixTemplateDefinitionTable 1 }
1346 IpfixTemplateDefinitionEntry ::=
1347 SEQUENCE {
1348 ipfixTemplateDefinitionIndex Unsigned32,
1349 ipfixTemplateDefinitionIeId Unsigned32,
1350 ipfixTemplateDefinitionIeLength Unsigned32,
1351 ipfixTemplateDefinitionEnterpriseNumber Unsigned32,
1352 ipfixTemplateDefinitionFlags BITS
1353 }
1355 ipfixTemplateDefinitionIndex OBJECT-TYPE
1356 SYNTAX Unsigned32 (1..65535)
1357 MAX-ACCESS not-accessible
1358 STATUS current
1359 DESCRIPTION
1360 "The ipfixTemplateDefinitionIndex specifies the order in
1361 which the Information Elements are used in the (Options)
1362 Template Record.
1364 Since a Template Record can contain a maximum of 65535
1365 Information Elements, the index is limited to this value."
1366 REFERENCE
1367 "RFC 5101, Specification of the IP Flow Information Export
1368 (IPFIX) Protocol for the Exchange of IP Traffic Flow
1369 Information, Sections 3.4.1 and 3.4.2."
1370 ::= { ipfixTemplateDefinitionEntry 1 }
1372 ipfixTemplateDefinitionIeId OBJECT-TYPE
1373 SYNTAX Unsigned32 (1..65535)
1374 MAX-ACCESS read-only
1375 STATUS current
1376 DESCRIPTION
1377 "This indicates the Information Element Id at position
1378 ipfixTemplateDefinitionIndex in the (Options) Template
1379 ipfixTemplateId. This implicitly specifies the data type
1380 of the Information Element. The elements are registered
1381 at IANA. A current list of assignments can be found at
1382 "
1384 REFERENCE
1385 "RFC 5101, Specification of the IP Flow Information Export
1386 (IPFIX) Protocol for the Exchange of IP Traffic Flow
1387 Information, Section 3.2.
1389 RFC 5102, Information Model for IP Flow Information Export."
1390 ::= { ipfixTemplateDefinitionEntry 2 }
1392 ipfixTemplateDefinitionIeLength OBJECT-TYPE
1393 SYNTAX Unsigned32 (0..65535)
1394 MAX-ACCESS read-only
1395 STATUS current
1396 DESCRIPTION
1397 "This indicates the length of the Information Element Id at
1398 position ipfixTemplateDefinitionIndex in the (Options)
1399 Template ipfixTemplateId."
1400 REFERENCE
1401 "RFC 5101, Specification of the IP Flow Information Export
1402 (IPFIX) Protocol for the Exchange of IP Traffic Flow
1403 Information, Section 3.2.
1405 RFC 5102, Information Model for IP Flow Information Export."
1406 ::= { ipfixTemplateDefinitionEntry 3 }
1408 ipfixTemplateDefinitionEnterpriseNumber OBJECT-TYPE
1409 SYNTAX Unsigned32
1410 MAX-ACCESS read-only
1411 STATUS current
1412 DESCRIPTION
1413 "IANA enterprise number of the authority defining the
1414 Information Element identifier in this Template Record.
1415 Enterprise numbers are assigned by IANA. A current list of
1416 all assignments is available from
1417 .
1419 This object must be zero(0) for all standard Information
1420 Elements registered with IANA. A current list of these
1421 elements is available from
1422 ."
1423 REFERENCE
1424 "RFC 5101, Specification of the IP Flow Information Export
1425 (IPFIX) Protocol for the Exchange of IP Traffic Flow
1426 Information, Section 3.2.
1428 RFC 5102, Information Model for IP Flow Information Export."
1429 ::= { ipfixTemplateDefinitionEntry 4 }
1431 ipfixTemplateDefinitionFlags OBJECT-TYPE
1432 SYNTAX BITS {
1433 scope(0),
1434 flowKey(1)
1435 }
1436 MAX-ACCESS read-only
1437 STATUS current
1438 DESCRIPTION
1439 "This bitmask indicates special attributes for the
1440 Information Element:
1442 scope(0)
1443 This Information Element is used for scope.
1445 flowKey(1)
1446 This Information Element is a Flow Key.
1448 Thus, we get the following values for an Information Element:
1450 If neither bit scope(0) nor bit flowKey(1) are set
1451 The Information Element is neither used for scoping nor
1452 as Flow Key.
1453 If only bit scope(0) is set
1454 The Information Element is used for scoping.
1455 If only bit flowKey(1) is set
1456 The Information Element is used as Flow Key.
1458 Both bit scope(0) and flowKey(1) MUST NOT be set at the same
1459 time. This combination is not allowed."
1460 REFERENCE
1461 "RFC 5101, Specification of the IP Flow Information
1462 Export (IPFIX) Protocol for the Exchange of IP Traffic Flow
1463 Information, Sections 2 and 3.4.2.1.
1465 RFC 5102, Information Model for IP Flow Information Export."
1466 ::= { ipfixTemplateDefinitionEntry 5 }
1468 --------------------------------------------------------------------
1469 -- 1.1.4: Export Table
1470 --------------------------------------------------------------------
1471 ipfixExportTable OBJECT-TYPE
1472 SYNTAX SEQUENCE OF IpfixExportEntry
1473 MAX-ACCESS not-accessible
1474 STATUS current
1475 DESCRIPTION
1476 "This table lists all exports of an IPFIX device.
1478 On Exporters, this table contains all exports grouped by
1479 Transport Session, Observation Domain Id, Template Id, and
1480 Metering Process represented by the
1481 ipfixMeteringProcessCacheId. Thanks to the ipfixExportIndex,
1482 the exports can group one or more Transport Sessions to
1483 achieve a special functionality like failover management,
1484 load-balancing, etc. The entries with the same
1485 ipfixExportIndex, ipfixObservationDomainId,
1486 and ipfixMeteringProcessCacheId define a Transport
1487 Session group. If the Exporter does not use Transport
1488 Session grouping, then each ipfixExportIndex contains a
1489 single ipfixMeteringProcessCacheId and thus a singe
1490 Transport Session, and this session MUST have the member
1491 type primary(1). Transport Sessions referenced in this
1492 table MUST have the ipfixTransportSessionDeviceMode
1493 exporting(1).
1495 On Collectors, this table is not needed."
1496 ::= { ipfixMainObjects 4 }
1498 ipfixExportEntry OBJECT-TYPE
1499 SYNTAX IpfixExportEntry
1500 MAX-ACCESS not-accessible
1501 STATUS current
1502 DESCRIPTION
1503 "Defines an entry in the ipfixExportTable."
1505 INDEX {
1506 ipfixExportIndex,
1507 ipfixMeteringProcessCacheId,
1508 ipfixTransportSessionIndex
1509 }
1510 ::= { ipfixExportTable 1 }
1512 IpfixExportEntry ::=
1513 SEQUENCE {
1514 ipfixExportIndex Unsigned32,
1515 ipfixExportMemberType INTEGER
1516 }
1518 ipfixExportIndex OBJECT-TYPE
1519 SYNTAX Unsigned32 (1..4294967295)
1520 MAX-ACCESS not-accessible
1521 STATUS current
1522 DESCRIPTION
1523 "Locally arbitrary, but unique identifier of an entry in
1524 the ipfixExportTable. The value is expected
1525 to remain constant from a re-initialization of the entity's
1526 network management agent to the next re-initialization.
1528 A common ipfixExportIndex between two entries from this
1529 table expresses that there is a relationship between the
1530 Transport Sessions in ipfixTransportSessionIndex. The type
1531 of relationship is expressed by the value of
1532 ipfixExportMemberType."
1533 ::= { ipfixExportEntry 1 }
1535 ipfixExportMemberType OBJECT-TYPE
1536 SYNTAX INTEGER {
1537 unknown(0),
1538 primary(1),
1539 secondary(2),
1540 parallel(3),
1541 loadBalancing(4)
1542 }
1543 MAX-ACCESS read-only
1544 STATUS current
1545 DESCRIPTION
1546 "The type of a member Transport Session in a Transport
1547 Session group (identified by the value of ipfixExportIndex,
1548 ipfixObservationDomainId, and ipfixMeteringProcessCacheId).
1549 The following values are valid:
1551 unknown(0)
1552 This value MUST be used if the status of the group
1553 membership cannot be detected by the equipment. This
1554 value should be avoided as far as possible.
1556 primary(1)
1557 This value is used for a group member that is used as
1558 the primary target of an Exporter. Other group members
1559 (with the same ipfixExportIndex and
1560 ipfixMeteringProcessCacheId) MUST NOT have the value
1561 primary(1) but MUST have the value secondary(2).
1562 This value MUST also be specified if the Exporter does
1563 not support Transport Session grouping. In this case,
1564 the group contains only one Transport Session.
1566 secondary(2)
1567 This value is used for a group member that is used as a
1568 secondary target of an Exporter. The Exporter will use
1569 one of the targets specified as secondary(2) within the
1570 same Transport Session group when the primary target is
1571 not reachable.
1573 parallel(3)
1574 This value is used for a group member that is used for
1575 duplicate exporting, i.e., all group members identified
1576 by the ipfixExportIndex are exporting the same Records
1577 in parallel. This implies that all group members MUST
1578 have the same membertype parallel(3).
1580 loadBalancing(4)
1581 This value is used for a group member that is used
1582 as one target for load-balancing. This means that a
1583 Record is sent to one of the group members in this
1584 group identified by ipfixExportIndex.
1585 This implies that all group members MUST have the same
1586 membertype loadBalancing(4)."
1587 ::= { ipfixExportEntry 2 }
1589 --------------------------------------------------------------------
1590 -- 1.1.5: Metering Process Table
1591 --------------------------------------------------------------------
1592 ipfixMeteringProcessTable OBJECT-TYPE
1593 SYNTAX SEQUENCE OF IpfixMeteringProcessEntry
1594 MAX-ACCESS not-accessible
1595 STATUS current
1596 DESCRIPTION
1597 "This table lists so-called caches used at the Metering
1598 Process to store the metering data of Flows observed at
1599 the Observation Points given in the
1600 ipfixObservationPointGroupReference. The table lists the
1601 timeouts that specify when the cached metering data is
1602 expired.
1604 On Collectors, the table is not needed."
1605 ::= { ipfixMainObjects 5 }
1607 ipfixMeteringProcessEntry OBJECT-TYPE
1608 SYNTAX IpfixMeteringProcessEntry
1609 MAX-ACCESS not-accessible
1610 STATUS current
1611 DESCRIPTION
1612 "Defines an entry in the ipfixMeteringProcessTable."
1613 INDEX { ipfixMeteringProcessCacheId }
1614 ::= { ipfixMeteringProcessTable 1 }
1616 IpfixMeteringProcessEntry ::=
1617 SEQUENCE {
1618 ipfixMeteringProcessCacheId Unsigned32,
1619 ipfixMeteringProcessObservationPointGroupRef Unsigned32,
1620 ipfixMeteringProcessCacheActiveTimeout Unsigned32,
1621 ipfixMeteringProcessCacheInactiveTimeout Unsigned32
1622 }
1624 ipfixMeteringProcessCacheId OBJECT-TYPE
1625 SYNTAX Unsigned32 (1..4294967295)
1626 MAX-ACCESS not-accessible
1627 STATUS current
1628 DESCRIPTION
1629 "Locally arbitrary, but unique identifier of an entry in the
1630 ipfixMeterinProcessTable. The value is expected to remain
1631 constant from a re-initialization of the entity's network
1632 management agent to the next re-initialization."
1633 ::= { ipfixMeteringProcessEntry 1 }
1635 ipfixMeteringProcessObservationPointGroupRef OBJECT-TYPE
1636 SYNTAX Unsigned32
1637 MAX-ACCESS read-only
1638 STATUS current
1639 DESCRIPTION
1640 "The Observation Point Group Id that links this table entry
1641 to the ipfixObservationPointTable. The matching
1642 ipfixObservationPointGroupId in that table gives the
1643 Observation Points used in that cache. If the Observation
1644 Points are unknown, the
1645 ipfixMeteringProcessObservationPointGroupRef MUST be zero."
1646 ::= { ipfixMeteringProcessEntry 2 }
1648 ipfixMeteringProcessCacheActiveTimeout OBJECT-TYPE
1649 SYNTAX Unsigned32
1650 UNITS "seconds"
1651 MAX-ACCESS read-only
1652 STATUS current
1653 DESCRIPTION
1654 "On the Exporter, this object contains the time after which a
1655 Flow is expired (and a Data Record for the template is sent)
1656 even though packets matching this Flow are still received by
1657 the Metering Process. If this value is 0, the Flow is not
1658 prematurely expired."
1659 REFERENCE
1660 "RFC 5470, Architecture for IP Flow Information Export,
1661 Section 5.1.1, item 3."
1662 ::= { ipfixMeteringProcessEntry 3 }
1664 ipfixMeteringProcessCacheInactiveTimeout OBJECT-TYPE
1665 SYNTAX Unsigned32
1666 UNITS "seconds"
1667 MAX-ACCESS read-only
1668 STATUS current
1669 DESCRIPTION
1670 "On the Exporter. this object contains the time after which a
1671 Flow is expired (and a Data Record for the template is sent)
1672 when no packets matching this Flow are received by the
1673 Metering Process for the given number of seconds. If this
1674 value is zero, the Flow is expired immediately, i.e., a Data
1675 Record is sent for every packet received by the Metering
1676 Process."
1677 REFERENCE
1678 "RFC 5470, Architecture for IP Flow Information Export,
1679 Section 5.1.1, item 1"
1680 ::= { ipfixMeteringProcessEntry 4 }
1682 --------------------------------------------------------------------
1683 -- 1.1.6: Observation Point Table
1684 --------------------------------------------------------------------
1685 ipfixObservationPointTable OBJECT-TYPE
1686 SYNTAX SEQUENCE OF IpfixObservationPointEntry
1687 MAX-ACCESS not-accessible
1688 STATUS current
1689 DESCRIPTION
1690 "This table lists the Observation Points used within an
1691 Exporter by the Metering Process. The index
1692 ipfixObservationPointGroupId groups Observation Points
1693 and is referenced in the Metering Process table.
1695 On Collectors this table is not needed."
1696 ::= { ipfixMainObjects 6 }
1698 ipfixObservationPointEntry OBJECT-TYPE
1699 SYNTAX IpfixObservationPointEntry
1700 MAX-ACCESS not-accessible
1701 STATUS current
1702 DESCRIPTION
1703 "Defines an entry in the ipfixObservationPointTable."
1704 INDEX {
1705 ipfixObservationPointGroupId,
1706 ipfixObservationPointIndex
1707 }
1708 ::= { ipfixObservationPointTable 1 }
1710 IpfixObservationPointEntry ::=
1711 SEQUENCE {
1712 ipfixObservationPointGroupId Unsigned32,
1713 ipfixObservationPointIndex Unsigned32,
1714 ipfixObservationPointObservationDomainId Unsigned32,
1715 ipfixObservationPointPhysicalEntity PhysicalIndexOrZero,
1716 ipfixObservationPointPhysicalInterface InterfaceIndexOrZero,
1717 ipfixObservationPointPhysicalEntityDirection INTEGER
1718 }
1720 ipfixObservationPointGroupId OBJECT-TYPE
1721 SYNTAX Unsigned32 (1..4294967295)
1722 MAX-ACCESS not-accessible
1723 STATUS current
1724 DESCRIPTION
1725 "Locally arbitrary, but unique identifier of an entry in the
1726 ipfixObservationPointTable. The value is expected to remain
1727 constant from a re-initialization of the entity's network
1728 management agent to the next re-initialization.
1730 This index represents a group of Observation Points.
1732 The special value of 0 MUST NOT be used within this table
1733 but is reserved for the usage in the
1734 ipfixMeteringProcessTable. An index of 0 for the
1735 ipfixObservationPointGroupReference index in that table
1736 indicates that an Observation Point is unknown or
1737 unspecified for a Metering Process cache."
1738 ::= { ipfixObservationPointEntry 1 }
1740 ipfixObservationPointIndex OBJECT-TYPE
1741 SYNTAX Unsigned32 (1..4294967295)
1742 MAX-ACCESS not-accessible
1743 STATUS current
1744 DESCRIPTION
1745 "Locally arbitrary, but unique identifier of an entry in the
1746 ipfixObservationPointTable. The value is expected to remain
1747 constant from a re-initialization of the entity's network
1748 management agent to the next re-initialization.
1750 This index represents a single Observation Point in an
1751 Observation Point group."
1752 ::= { ipfixObservationPointEntry 2 }
1754 ipfixObservationPointObservationDomainId OBJECT-TYPE
1755 SYNTAX Unsigned32
1756 MAX-ACCESS read-only
1757 STATUS current
1759 DESCRIPTION
1760 "The Id of the Observation Domain in which this
1761 Observation Point is included.
1763 The special value of 0 indicates that the Observation
1764 Points within this group cannot be applied to a single
1765 Observation Domain."
1766 REFERENCE
1767 "RFC 5101, Specification of the IP Flow Information Export
1768 (IPFIX) Protocol for the Exchange of IP
1769 Traffic Flow Information, Section 3.1."
1770 ::= { ipfixObservationPointEntry 3 }
1772 ipfixObservationPointPhysicalEntity OBJECT-TYPE
1773 SYNTAX PhysicalIndexOrZero
1774 MAX-ACCESS read-only
1775 STATUS current
1776 DESCRIPTION
1777 "This object contains the index of a physical entity in
1778 the ENTITY MIB. This physical entity is the given
1779 Observation Point. If such a physical entity cannot be
1780 specified or is not known, then the object is zero."
1781 ::= { ipfixObservationPointEntry 4 }
1783 ipfixObservationPointPhysicalInterface OBJECT-TYPE
1784 SYNTAX InterfaceIndexOrZero
1785 MAX-ACCESS read-only
1786 STATUS current
1787 DESCRIPTION
1788 "This object contains the index of a physical interface in
1789 the IF MIB. This physical interface is the given
1790 Observation Point. If such a physical interface cannot be
1791 specified or is not known, then the object is zero.
1793 This object MAY be used stand alone or in addition to
1794 ipfixObservationPointPhysicalEntity. If
1795 ipfixObservationPointPhysicalEntity is not zero, this object
1796 MUST point to the same physical interface that is
1797 referenced in ipfixObservationPointPhysicalEntity.
1798 Otherwise, it may reference any interface in the IF MIB."
1799 ::= { ipfixObservationPointEntry 5 }
1801 ipfixObservationPointPhysicalEntityDirection OBJECT-TYPE
1802 SYNTAX INTEGER {
1803 unknown(0),
1804 ingress(1),
1805 egress(2),
1806 both(3)
1807 }
1808 MAX-ACCESS read-only
1809 STATUS current
1810 DESCRIPTION
1811 "The direction of the Flow that is monitored on the given
1812 physical entity. The following values are valid:
1814 unknown(0)
1815 This value MUST be used if a direction is not
1816 known for the given physical entity.
1818 ingress(1)
1819 This value is used for monitoring incoming Flows on the
1820 given physical entity.
1822 egress(2)
1823 This value is used for monitoring outgoing Flows on the
1824 given physical entity.
1826 both(3)
1827 This value is used for monitoring incoming and outgoing
1828 Flows on the given physical entity."
1829 ::= { ipfixObservationPointEntry 6 }
1831 --------------------------------------------------------------------
1832 -- 1.1.7: Selection Process Table
1833 --------------------------------------------------------------------
1834 ipfixSelectionProcessTable OBJECT-TYPE
1835 SYNTAX SEQUENCE OF IpfixSelectionProcessEntry
1836 MAX-ACCESS not-accessible
1837 STATUS current
1838 DESCRIPTION
1839 "This table contains Selector Functions connected to a
1840 Metering Process by the index ipfixMeteringProcessCacheId.
1841 The Selector Functions are grouped into Selection Processes
1842 by the ipfixSelectionProcessIndex. The Selector Functions
1843 are applied within the Selection Process to the packets
1844 observed for the given Metering Process cache in increasing
1845 order implied by the ipfixSelectionProcessSelectorIndex.
1846 This means Selector Functions with lower
1847 ipfixSelectionProcessSelectorIndex are applied first. The
1848 remaining packets are accounted for in Flow Records.
1850 Since IPFIX does not define any Selector Function (except
1851 selecting every packet), this is a placeholder for future
1852 use and a guideline for implementing enterprise-specific
1853 Selector Function objects.
1855 The following object tree should visualize how the
1856 Selector Function objects should be implemented:
1858 ipfixSelectorFunctions
1859 |
1860 +- ipfixFuncSelectAll
1861 | |
1862 | +- ipfixFuncSelectAllAvail (is the function available?)
1863 |
1864 +- ipfixFuncF2
1865 | |
1866 | +- ipfixFuncF2Avail (is the function F2 available?)
1867 | |
1868 | +- ipfixFuncF2Parameters (a table with parameters)
1869 ...
1870 |
1871 +- ipfixFunFn...
1873 If a Selector Function takes parameters, the MIB should
1874 contain a table with an entry for each set of parameters
1875 used at the Exporter."
1876 ::= { ipfixMainObjects 7 }
1878 ipfixSelectionProcessEntry OBJECT-TYPE
1879 SYNTAX IpfixSelectionProcessEntry
1880 MAX-ACCESS not-accessible
1881 STATUS current
1882 DESCRIPTION
1883 "Defines an entry in the ipfixSelectionProcessTable."
1884 INDEX {
1885 ipfixMeteringProcessCacheId,
1886 ipfixSelectionProcessIndex,
1887 ipfixSelectionProcessSelectorIndex
1888 }
1889 ::= { ipfixSelectionProcessTable 1 }
1891 IpfixSelectionProcessEntry ::= SEQUENCE {
1892 ipfixSelectionProcessIndex Unsigned32,
1893 ipfixSelectionProcessSelectorIndex Unsigned32,
1894 ipfixSelectionProcessSelectorFunction OBJECT IDENTIFIER
1895 }
1897 ipfixSelectionProcessIndex OBJECT-TYPE
1898 SYNTAX Unsigned32 (1..4294967295)
1899 MAX-ACCESS not-accessible
1900 STATUS current
1901 DESCRIPTION
1902 "Locally arbitrary, but unique identifier of an entry in the
1903 ipfixSelectionProcessTable. The value is expected to remain
1904 constant from a re-initialization of the entity's network
1905 management agent to the next re-initialization."
1906 ::= { ipfixSelectionProcessEntry 1 }
1908 ipfixSelectionProcessSelectorIndex OBJECT-TYPE
1909 SYNTAX Unsigned32 (1..4294967295)
1910 MAX-ACCESS not-accessible
1911 STATUS current
1912 DESCRIPTION
1913 "Index specifying the order in which the referenced
1914 ipfixSelctionProcessSelectorFunctions are applied to the
1915 observed packet stream within the given Selection Process
1916 (identified by the ipfixSelectionProcessIndex). The
1917 Selector Functions are applied in increasing order, i.e.,
1918 Selector Functions with lower index are applied first."
1919 ::= { ipfixSelectionProcessEntry 2 }
1921 ipfixSelectionProcessSelectorFunction OBJECT-TYPE
1922 SYNTAX OBJECT IDENTIFIER
1923 MAX-ACCESS read-only
1924 STATUS current
1925 DESCRIPTION
1926 "The pointer to the Selector Function used at position
1927 ipfixSelectionProcessSelectorIndex in the list of Selector
1928 Functions for the Metering Process cache specified by the
1929 index ipfixMeteringProcessCacheId and for the given
1930 Selection Process (identified by the
1931 ipfixSelectionProcessIndex).
1933 This usually points to an object in the IPFIX SELECTOR MIB.
1934 If the Selector Function does not take parameters, then it
1935 MUST point to the root of the function subtree. If the
1936 function takes parameters, then it MUST point to an entry
1937 in the parameter table of the Selector Function."
1938 ::= { ipfixSelectionProcessEntry 3 }
1940 --------------------------------------------------------------------
1941 -- 1.2.1: Transport Session Statistics Table
1942 --------------------------------------------------------------------
1943 ipfixTransportSessionStatsTable OBJECT-TYPE
1944 SYNTAX SEQUENCE OF IpfixTransportSessionStatsEntry
1945 MAX-ACCESS not-accessible
1946 STATUS current
1947 DESCRIPTION
1948 "This table lists Transport Sessions statistics between
1949 Exporting Processes and Collecting Processes."
1950 ::= { ipfixStatistics 1 }
1952 ipfixTransportSessionStatsEntry OBJECT-TYPE
1953 SYNTAX IpfixTransportSessionStatsEntry
1954 MAX-ACCESS not-accessible
1955 STATUS current
1956 DESCRIPTION
1957 "Defines an entry in the ipfixTransportSessionStatsTable."
1958 AUGMENTS { ipfixTransportSessionEntry }
1959 ::= { ipfixTransportSessionStatsTable 1 }
1961 IpfixTransportSessionStatsEntry ::=
1962 SEQUENCE {
1963 ipfixTransportSessionRate Gauge32,
1964 ipfixTransportSessionPackets Counter64,
1965 ipfixTransportSessionBytes Counter64,
1966 ipfixTransportSessionMessages Counter64,
1967 ipfixTransportSessionDiscardedMessages Counter64,
1968 ipfixTransportSessionRecords Counter64,
1969 ipfixTransportSessionTemplates Counter64,
1970 ipfixTransportSessionOptionsTemplates Counter64,
1971 ipfixTransportSessionDiscontinuityTime TimeStamp
1972 }
1974 ipfixTransportSessionRate OBJECT-TYPE
1975 SYNTAX Gauge32
1976 UNITS "bytes/second"
1977 MAX-ACCESS read-only
1978 STATUS current
1979 DESCRIPTION
1980 "The number of bytes per second received by the
1981 Collector or transmitted by the Exporter. A
1982 value of zero (0) means that no packets were sent or
1983 received, yet. This object is updated every second."
1984 ::= { ipfixTransportSessionStatsEntry 1 }
1986 ipfixTransportSessionPackets OBJECT-TYPE
1987 SYNTAX Counter64
1988 UNITS "packets"
1989 MAX-ACCESS read-only
1990 STATUS current
1991 DESCRIPTION
1992 "The number of packets received by the Collector
1993 or transmitted by the Exporter.
1994 Discontinuities in the value of this counter can occur at
1995 re-initialization of the management system and at other
1996 times as indicated by the value of
1997 ipfixTransportSessionDiscontinuityTime."
1998 ::= { ipfixTransportSessionStatsEntry 2 }
2000 ipfixTransportSessionBytes OBJECT-TYPE
2001 SYNTAX Counter64
2002 UNITS "bytes"
2003 MAX-ACCESS read-only
2004 STATUS current
2005 DESCRIPTION
2006 "The number of bytes received by the Collector
2007 or transmitted by the Exporter.
2008 Discontinuities in the value of this counter can occur at
2009 re-initialization of the management system and at other
2010 times as indicated by the value of
2011 ipfixTransportSessionDiscontinuityTime."
2012 ::= { ipfixTransportSessionStatsEntry 3 }
2014 ipfixTransportSessionMessages OBJECT-TYPE
2015 SYNTAX Counter64
2016 MAX-ACCESS read-only
2017 STATUS current
2018 DESCRIPTION
2019 "The number of IPFIX Messages received by the
2020 Collector or transmitted by the Exporter.
2021 Discontinuities in the value of this counter can occur at
2022 re-initialization of the management system and at other
2023 times as indicated by the value of
2024 ipfixTransportSessionDiscontinuityTime."
2025 ::= { ipfixTransportSessionStatsEntry 4 }
2027 ipfixTransportSessionDiscardedMessages OBJECT-TYPE
2028 SYNTAX Counter64
2029 MAX-ACCESS read-only
2030 STATUS current
2032 DESCRIPTION
2033 "The number of received IPFIX Message that are malformed,
2034 cannot be decoded, are received in the wrong order, or are
2035 missing according to the sequence number.
2037 If used at the Exporter, the number of messages that could
2038 not be sent due to, e.g., internal buffer overflows, network
2039 congestion, or routing issues.
2040 Discontinuities in the value of this counter can occur at
2041 re-initialization of the management system and at other
2042 times as indicated by the value of
2043 ipfixTransportSessionDiscontinuityTime."
2044 ::= { ipfixTransportSessionStatsEntry 5 }
2046 ipfixTransportSessionRecords OBJECT-TYPE
2047 SYNTAX Counter64
2048 MAX-ACCESS read-only
2049 STATUS current
2050 DESCRIPTION
2051 "The number of Data Records received by the Collector or
2052 transmitted by the Exporter.
2053 Discontinuities in the value of this counter can occur at
2054 re-initialization of the management system and at other
2055 times as indicated by the value of
2056 ipfixTransportSessionDiscontinuityTime."
2057 ::= { ipfixTransportSessionStatsEntry 6 }
2059 ipfixTransportSessionTemplates OBJECT-TYPE
2060 SYNTAX Counter64
2061 MAX-ACCESS read-only
2062 STATUS current
2063 DESCRIPTION
2064 "The number of Templates received or transmitted.
2065 Discontinuities in the value of this counter can occur at
2066 re-initialization of the management system and at other
2067 times as indicated by the value of
2068 ipfixTransportSessionDiscontinuityTime."
2069 ::= { ipfixTransportSessionStatsEntry 7 }
2071 ipfixTransportSessionOptionsTemplates OBJECT-TYPE
2072 SYNTAX Counter64
2073 MAX-ACCESS read-only
2074 STATUS current
2076 DESCRIPTION
2077 "The number of Options Templates received or transmitted.
2078 Discontinuities in the value of this counter can occur at
2079 re-initialization of the management system and at other
2080 times as indicated by the value of
2081 ipfixTransportSessionDiscontinuityTime."
2082 ::= { ipfixTransportSessionStatsEntry 8 }
2084 ipfixTransportSessionDiscontinuityTime OBJECT-TYPE
2085 SYNTAX TimeStamp
2086 MAX-ACCESS read-only
2087 STATUS current
2088 DESCRIPTION
2089 "The value of sysUpTime at the most recent occasion at which
2090 one or more of the Transport Session counters suffered a
2091 discontinuity.
2092 A value of zero indicates no such discontinuity has
2093 occurred since the last re-initialization of the local
2094 management subsystem."
2095 ::= { ipfixTransportSessionStatsEntry 9 }
2097 --------------------------------------------------------------------
2098 -- 1.2.2: Template Statistics Table
2099 --------------------------------------------------------------------
2100 ipfixTemplateStatsTable OBJECT-TYPE
2101 SYNTAX SEQUENCE OF IpfixTemplateStatsEntry
2102 MAX-ACCESS not-accessible
2103 STATUS current
2104 DESCRIPTION
2105 "This table lists statistics objects per Template."
2106 ::= { ipfixStatistics 2 }
2108 ipfixTemplateStatsEntry OBJECT-TYPE
2109 SYNTAX IpfixTemplateStatsEntry
2110 MAX-ACCESS not-accessible
2111 STATUS current
2112 DESCRIPTION
2113 "Defines an entry in the ipfixTemplateStatsTable."
2114 AUGMENTS { ipfixTemplateEntry }
2115 ::= { ipfixTemplateStatsTable 1 }
2117 IpfixTemplateStatsEntry ::=
2118 SEQUENCE {
2119 ipfixTemplateDataRecords Counter64,
2120 ipfixTemplateDiscontinuityTime TimeStamp
2121 }
2123 ipfixTemplateDataRecords OBJECT-TYPE
2124 SYNTAX Counter64
2125 MAX-ACCESS read-only
2126 STATUS current
2127 DESCRIPTION
2128 "The number of Data Records that are transmitted or received
2129 per Template.
2130 Discontinuities in the value of this counter can occur at
2131 re-initialization of the management system, and at other
2132 times as indicated by the value of
2133 ipfixTemplateDiscontinuityTime."
2134 ::= { ipfixTemplateStatsEntry 1 }
2136 ipfixTemplateDiscontinuityTime OBJECT-TYPE
2137 SYNTAX TimeStamp
2138 MAX-ACCESS read-only
2139 STATUS current
2140 DESCRIPTION
2141 "The value of sysUpTime at the most recent occasion at which
2142 the Template counter suffered a discontinuity.
2143 A value of zero indicates no such discontinuity has
2144 occurred since the last re-initialization of the local
2145 management subsystem."
2146 ::= { ipfixTemplateStatsEntry 2 }
2148 --------------------------------------------------------------------
2149 -- 1.2.3: Metering Process Statistics Table
2150 --------------------------------------------------------------------
2151 ipfixMeteringProcessStatsTable OBJECT-TYPE
2152 SYNTAX SEQUENCE OF IpfixMeteringProcessStatsEntry
2153 MAX-ACCESS not-accessible
2154 STATUS current
2155 DESCRIPTION
2156 "This table lists statistic objects that have data per
2157 Metering Process cache.
2159 On Collectors, this table is not needed."
2160 ::= { ipfixStatistics 3 }
2162 ipfixMeteringProcessStatsEntry OBJECT-TYPE
2163 SYNTAX IpfixMeteringProcessStatsEntry
2164 MAX-ACCESS not-accessible
2165 STATUS current
2166 DESCRIPTION
2167 "Defines an entry in the ipfixMeteringProcessStatsTable."
2168 AUGMENTS { ipfixMeteringProcessEntry }
2169 ::= { ipfixMeteringProcessStatsTable 1 }
2171 IpfixMeteringProcessStatsEntry ::=
2172 SEQUENCE {
2173 ipfixMeteringProcessCacheActiveFlows Gauge32,
2174 ipfixMeteringProcessCacheUnusedCacheEntries Gauge32,
2175 ipfixMeteringProcessCacheDataRecords Counter64,
2176 ipfixMeteringProcessCacheDiscontinuityTime TimeStamp
2177 }
2179 ipfixMeteringProcessCacheActiveFlows OBJECT-TYPE
2180 SYNTAX Gauge32
2181 MAX-ACCESS read-only
2182 STATUS current
2183 DESCRIPTION
2184 "The number of Flows currently active at this cache."
2185 ::= { ipfixMeteringProcessStatsEntry 1 }
2187 ipfixMeteringProcessCacheUnusedCacheEntries OBJECT-TYPE
2188 SYNTAX Gauge32
2189 MAX-ACCESS read-only
2190 STATUS current
2191 DESCRIPTION
2192 "The number of unused cache entries."
2193 ::= { ipfixMeteringProcessStatsEntry 2 }
2195 ipfixMeteringProcessCacheDataRecords OBJECT-TYPE
2196 SYNTAX Counter64
2197 MAX-ACCESS read-only
2198 STATUS current
2199 DESCRIPTION
2200 "The number of Data Records generated.
2201 Discontinuities in the value of this counter can occur at
2202 re-initialization of the management system and at other
2203 times as indicated by the value of
2204 ipfixTemplateDiscontinuityTime."
2205 ::= { ipfixMeteringProcessStatsEntry 3 }
2207 ipfixMeteringProcessCacheDiscontinuityTime OBJECT-TYPE
2208 SYNTAX TimeStamp
2209 MAX-ACCESS read-only
2210 STATUS current
2211 DESCRIPTION
2212 "The value of sysUpTime at the most recent occasion at which
2213 the Metering Process counter suffered a discontinuity.
2214 A value of zero indicates no such discontinuity has
2215 occurred since the last re-initialization of the local
2216 management subsystem."
2217 ::= { ipfixMeteringProcessStatsEntry 4 }
2219 --------------------------------------------------------------------
2220 -- 1.2.4: Selection Process Statistics Table
2221 --------------------------------------------------------------------
2222 ipfixSelectionProcessStatsTable OBJECT-TYPE
2223 SYNTAX SEQUENCE OF IpfixSelectionProcessStatsEntry
2224 MAX-ACCESS not-accessible
2225 STATUS current
2226 DESCRIPTION
2227 "This table contains statistics for the Selector Functions
2228 connected to Metering Process by the index
2229 ipfixMeteringProcessCacheId.
2231 The indexes MUST match an entry in the
2232 ipfixSelectionProcessTable."
2233 ::= { ipfixStatistics 4 }
2235 ipfixSelectionProcessStatsEntry OBJECT-TYPE
2236 SYNTAX IpfixSelectionProcessStatsEntry
2237 MAX-ACCESS not-accessible
2238 STATUS current
2239 DESCRIPTION
2240 "Defines an entry in the ipfixSelectionProcessStatsTable."
2241 AUGMENTS { ipfixSelectionProcessEntry }
2242 ::= { ipfixSelectionProcessStatsTable 1 }
2244 IpfixSelectionProcessStatsEntry ::= SEQUENCE {
2245 ipfixSelectionProcessStatsPacketsObserved Counter64,
2246 ipfixSelectionProcessStatsPacketsDropped Counter64,
2247 ipfixSelectionProcessStatsDiscontinuityTime TimeStamp
2248 }
2250 ipfixSelectionProcessStatsPacketsObserved OBJECT-TYPE
2251 SYNTAX Counter64
2252 MAX-ACCESS read-only
2253 STATUS current
2255 DESCRIPTION
2256 "The number of packets observed at the entry point of the
2257 function. The entry point may be the Observation Point or
2258 the exit point of another Selector Function.
2259 Discontinuities in the value of this counter can occur at
2260 re-initialization of the management system and at other
2261 times as indicated by the value of
2262 ipfixSelectionProcessStatsDiscontinuityTime."
2263 ::= { ipfixSelectionProcessStatsEntry 1 }
2265 ipfixSelectionProcessStatsPacketsDropped OBJECT-TYPE
2266 SYNTAX Counter64
2267 MAX-ACCESS read-only
2268 STATUS current
2269 DESCRIPTION
2270 "The number of packets dropped while selecting packets.
2271 Discontinuities in the value of this counter can occur at
2272 re-initialization of the management system and at other
2273 times as indicated by the value of
2274 ipfixSelectionProcessStatsDiscontinuityTime."
2275 ::= { ipfixSelectionProcessStatsEntry 2 }
2277 ipfixSelectionProcessStatsDiscontinuityTime OBJECT-TYPE
2278 SYNTAX TimeStamp
2279 MAX-ACCESS read-only
2280 STATUS current
2281 DESCRIPTION
2282 "The value of sysUpTime at the most recent occasion at which
2283 one or more of the Selector counters suffered a
2284 discontinuity.
2285 A value of zero indicates no such discontinuity has
2286 occurred since the last re-initialization of the local
2287 management subsystem."
2288 ::= { ipfixSelectionProcessStatsEntry 3 }
2290 --==================================================================
2291 -- 2: Conformance Information
2292 --==================================================================
2293 ipfixCompliances OBJECT IDENTIFIER ::= { ipfixConformance 1 }
2294 ipfixGroups OBJECT IDENTIFIER ::= { ipfixConformance 2 }
2296 --------------------------------------------------------------------
2297 -- 2.1: Compliance Statements
2298 --------------------------------------------------------------------
2299 ipfixCollectorCompliance MODULE-COMPLIANCE
2300 STATUS current
2301 DESCRIPTION
2302 "An implementation that builds an IPFIX Collector
2303 that complies to this module MUST implement the objects
2304 defined in the mandatory group ipfixCommonGroup.
2306 The implementation of all objects in the other groups is
2307 optional and depends on the corresponding functionality
2308 implemented in the equipment.
2310 An implementation that is compliant to this MIB module
2311 is limited to use only the values TCP (6), UDP (17), and
2312 SCTP (132) in the ipfixTransportSessionProtocol object
2313 because these are the only protocol currently specified
2314 for usage within IPFIX (see RFC 5101)."
2315 MODULE -- this module
2316 MANDATORY-GROUPS {
2317 ipfixCommonGroup
2318 }
2320 GROUP ipfixCommonStatsGroup
2321 DESCRIPTION
2322 "These objects should be implemented if the statistics
2323 function is implemented in the equipment."
2324 ::= { ipfixCompliances 1 }
2326 ipfixExporterCompliance MODULE-COMPLIANCE
2327 STATUS current
2328 DESCRIPTION
2329 "An implementation that builds an IPFIX Exporter that
2330 complies to this module MUST implement the objects defined
2331 in the mandatory group ipfixCommonGroup. The implementation
2332 of all other objects depends on the implementation of the
2333 corresponding functionality in the equipment."
2334 MODULE -- this module
2336 MANDATORY-GROUPS {
2337 ipfixCommonGroup,
2338 ipfixExporterGroup
2339 }
2341 GROUP ipfixCommonStatsGroup
2342 DESCRIPTION
2343 "These objects should be implemented if the statistics
2344 function is implemented in the equipment."
2346 GROUP ipfixExporterStatsGroup
2347 DESCRIPTION
2348 "These objects MUST be implemented if statistical functions
2349 are implemented on the equipment."
2350 ::= { ipfixCompliances 2 }
2352 --------------------------------------------------------------------
2353 -- 2.2: MIB Grouping
2354 --------------------------------------------------------------------
2355 ipfixCommonGroup OBJECT-GROUP
2356 OBJECTS {
2357 ipfixTransportSessionProtocol,
2358 ipfixTransportSessionSourceAddressType,
2359 ipfixTransportSessionSourceAddress,
2360 ipfixTransportSessionDestinationAddressType,
2361 ipfixTransportSessionDestinationAddress,
2362 ipfixTransportSessionSourcePort,
2363 ipfixTransportSessionDestinationPort,
2364 ipfixTransportSessionSctpAssocId,
2365 ipfixTransportSessionDeviceMode,
2366 ipfixTransportSessionTemplateRefreshTimeout,
2367 ipfixTransportSessionOptionsTemplateRefreshTimeout,
2368 ipfixTransportSessionTemplateRefreshPacket,
2369 ipfixTransportSessionOptionsTemplateRefreshPacket,
2370 ipfixTransportSessionIpfixVersion,
2371 ipfixTransportSessionStatus,
2373 ipfixTemplateSetId,
2374 ipfixTemplateAccessTime,
2376 ipfixTemplateDefinitionIeId,
2377 ipfixTemplateDefinitionIeLength,
2378 ipfixTemplateDefinitionEnterpriseNumber,
2379 ipfixTemplateDefinitionFlags
2380 }
2381 STATUS current
2383 DESCRIPTION
2384 "The main IPFIX objects."
2385 ::= { ipfixGroups 1 }
2387 ipfixCommonStatsGroup OBJECT-GROUP
2388 OBJECTS {
2389 ipfixTransportSessionRate,
2390 ipfixTransportSessionPackets,
2391 ipfixTransportSessionBytes,
2392 ipfixTransportSessionMessages,
2393 ipfixTransportSessionDiscardedMessages,
2394 ipfixTransportSessionRecords,
2395 ipfixTransportSessionTemplates,
2396 ipfixTransportSessionOptionsTemplates,
2397 ipfixTransportSessionDiscontinuityTime,
2399 ipfixTemplateDataRecords,
2400 ipfixTemplateDiscontinuityTime
2401 }
2402 STATUS current
2403 DESCRIPTION
2404 "Common statistical objects."
2405 ::= { ipfixGroups 2 }
2407 ipfixExporterGroup OBJECT-GROUP
2408 OBJECTS {
2409 ipfixExportMemberType,
2411 ipfixMeteringProcessObservationPointGroupRef,
2412 ipfixMeteringProcessCacheActiveTimeout,
2413 ipfixMeteringProcessCacheInactiveTimeout,
2415 ipfixObservationPointObservationDomainId,
2416 ipfixObservationPointPhysicalEntity,
2417 ipfixObservationPointPhysicalInterface,
2418 ipfixObservationPointPhysicalEntityDirection,
2420 ipfixSelectionProcessSelectorFunction
2421 }
2422 STATUS current
2423 DESCRIPTION
2424 "The main objects for Exporters."
2425 ::= { ipfixGroups 3 }
2427 ipfixExporterStatsGroup OBJECT-GROUP
2428 OBJECTS {
2429 ipfixMeteringProcessCacheActiveFlows,
2430 ipfixMeteringProcessCacheUnusedCacheEntries,
2431 ipfixMeteringProcessCacheDataRecords,
2432 ipfixMeteringProcessCacheDiscontinuityTime,
2434 ipfixSelectionProcessStatsPacketsObserved,
2435 ipfixSelectionProcessStatsPacketsDropped,
2436 ipfixSelectionProcessStatsDiscontinuityTime
2437 }
2438 STATUS current
2439 DESCRIPTION
2440 "The statistical objects for Exporters."
2441 ::= { ipfixGroups 4 }
2443 END
2445 8.2. IPFIX SELECTOR MIB Definition
2447 IPFIX-SELECTOR-MIB DEFINITIONS ::= BEGIN
2449 IMPORTS
2450 MODULE-IDENTITY, OBJECT-TYPE, mib-2
2451 FROM SNMPv2-SMI -- RFC2578
2452 TruthValue
2453 FROM SNMPv2-TC -- RFC2579
2454 MODULE-COMPLIANCE, OBJECT-GROUP
2455 FROM SNMPv2-CONF; -- RFC2580
2457 ipfixSelectorMIB MODULE-IDENTITY
2458 LAST-UPDATED "201110200000Z" -- 20 October 2011
2459 ORGANIZATION "IETF IPFIX Working Group"
2460 CONTACT-INFO
2461 "WG charter:
2462 http://www.ietf.org/html.charters/ipfix-charter.html
2464 Mailing Lists:
2465 General Discussion: ipfix@ietf.org
2466 To Subscribe: http://www1.ietf.org/mailman/listinfo/ipfix
2467 Archive:
2468 http://www1.ietf.org/mail-archive/web/ipfix/current/index.html
2469 Editor:
2470 Thomas Dietz
2471 NEC Europe Ltd.
2472 NEC Laboratories Europe
2473 Network Research Division
2474 Kurfuersten-Anlage 36
2475 69115 Heidelberg
2476 Germany
2477 Phone: +49 6221 4342-128
2478 Email: Thomas.Dietz@nw.neclab.eu
2480 Atsushi Kobayashi
2481 NTT Information Sharing Platform Laboratories
2482 3-9-11 Midori-cho
2483 Musashino-shi
2484 180-8585
2485 Japan
2486 Phone: +81-422-59-3978
2487 Email: akoba@nttv6.net
2489 Benoit Claise
2490 Cisco Systems, Inc.
2491 De Kleetlaan 6a b1
2492 Degem 1831
2493 Belgium
2494 Phone: +32 2 704 5622
2495 Email: bclaise@cisco.com
2497 Gerhard Muenz
2498 Technische Universitaet Muenchen
2499 Department of Informatics
2500 Chair for Network Architectures and Services (I8)
2501 Boltzmannstr. 3
2502 85748 Garching
2503 Germany
2504 Phone: +49 89 289-18008
2505 Email: muenz@net.in.tum.de
2506 URI: http://www.net.in.tum.de/~muenz"
2507 DESCRIPTION
2508 "The IPFIX SELECTOR MIB module defined in this section
2509 provides the standard Filtering and Sampling functions that
2510 can be referenced in the ipfixSelectionProcessTable. All
2511 standard Filtering and Sampling functions MUST be registered
2512 in the subtree under object ipfixSelectorFunctions
2513 (1.3.6.1.2.1.194.1.1). The toplevel OIDs in the subtree
2514 under object ipfixSelectorFunctions MUST be registered in a
2515 subregistry maintained by IANA at
2516 http://www.iana.org/assignments/smi-numbers.
2518 New selector functions MUST be registered at IANA and are
2519 subject to Expert Review RFC 5226, i.e., review by one of a
2520 group of experts designated by an IETF Area Director. The
2521 group of experts MUST check the requested MIB objects for
2522 completeness and accuracy of the description. Requests for
2523 MIB objects that duplicate the functionality of existing
2524 objects SHOULD be declined. The smallest available OID
2525 SHOULD be assigned to a new MIB objects. The specification
2526 of new MIB objects SHOULD follow the structure specified in
2527 RFC [NewRFCNumber] and MUST be published using a well-
2528 established and persistent publication medium. The experts
2529 will initially be drawn from the Working Group Chairs and
2530 document editors of the IPFIX and PSAMP Working Groups.
2532 Copyright (c) 2011 IETF Trust and the persons identified as
2533 authors of the code. All rights reserved.
2535 Redistribution and use in source and binary forms, with or
2536 without modification, is permitted pursuant to, and subject
2537 to the license terms contained in, the Simplified BSD
2538 License set forth in Section 4.c of the IETF Trust's
2539 Legal Provisions Relating to IETF Documents
2540 (http://trustee.ietf.org/license-info)."
2542 -- Note for RFC Editor: substitute [NewRFCNumber] with the newly
2543 -- assigned number.
2545 -- Revision history
2547 REVISION "201110200000Z" -- 20 October 2011
2548 DESCRIPTION
2549 "Update to MIB description to reflect updated registration
2550 of new Sampling and Filtering Functions."
2552 REVISION "201003150000Z" -- 15 March 2010
2553 DESCRIPTION
2554 "Initial version, published as RFC 5815."
2556 ::= { mib-2 194 }
2558 --******************************************************************
2559 -- Top Level Structure of the MIB
2560 --******************************************************************
2562 ipfixSelectorObjects OBJECT IDENTIFIER
2563 ::= { ipfixSelectorMIB 1 }
2564 ipfixSelectorConformance OBJECT IDENTIFIER
2565 ::= { ipfixSelectorMIB 2 }
2567 --==================================================================
2568 -- 1: Objects used by all IPFIX implementations
2569 --==================================================================
2570 --------------------------------------------------------------------
2571 -- 1.1: Packet Selector Functions for IPFIX
2572 --------------------------------------------------------------------
2573 ipfixSelectorFunctions OBJECT IDENTIFIER
2574 ::= { ipfixSelectorObjects 1 }
2576 --------------------------------------------------------------------
2577 -- 1.1.1: Function 1: Selecting All Packets
2578 --------------------------------------------------------------------
2579 ipfixFuncSelectAll OBJECT IDENTIFIER
2580 ::= { ipfixSelectorFunctions 1 }
2582 ipfixFuncSelectAllAvail OBJECT-TYPE
2583 SYNTAX TruthValue
2584 MAX-ACCESS read-only
2585 STATUS current
2586 DESCRIPTION
2587 "This object indicates the availability of the trivial
2588 function of selecting all packets. This function is always
2589 available."
2590 ::= { ipfixFuncSelectAll 1 }
2592 --==================================================================
2593 -- 2: Conformance Information
2594 --==================================================================
2595 ipfixSelectorCompliances OBJECT IDENTIFIER
2596 ::= { ipfixSelectorConformance 1 }
2597 ipfixSelectorGroups OBJECT IDENTIFIER
2598 ::= { ipfixSelectorConformance 2 }
2600 --------------------------------------------------------------------
2601 -- 2.1: Compliance Statements
2602 --------------------------------------------------------------------
2603 ipfixSelectorBasicCompliance MODULE-COMPLIANCE
2604 STATUS current
2605 DESCRIPTION
2606 "An implementation that builds an IPFIX Exporter that
2607 complies to this module MUST implement the objects defined
2608 in the mandatory group ipfixBasicGroup. The implementation
2609 of all other objects depends on the implementation of the
2610 corresponding functionality in the equipment."
2611 MODULE -- this module
2612 MANDATORY-GROUPS {
2613 ipfixSelectorBasicGroup
2614 }
2615 ::= { ipfixSelectorCompliances 1 }
2617 --------------------------------------------------------------------
2618 -- 2.2: MIB Grouping
2619 --------------------------------------------------------------------
2620 ipfixSelectorBasicGroup OBJECT-GROUP
2621 OBJECTS {
2622 ipfixFuncSelectAllAvail
2623 }
2625 STATUS current
2626 DESCRIPTION
2627 "The main IPFIX objects."
2628 ::= { ipfixSelectorGroups 1 }
2630 END
2632 9. Security Considerations
2634 There are no management objects defined in this MIB module that have
2635 a MAX-ACCESS clause of read-write and/or read-create. So, if these
2636 MIB modules are implemented correctly, then there is no risk that an
2637 intruder can alter or create any management objects of these MIB
2638 modules via direct SNMP SET operations.
2640 Some of the readable objects in these MIB modules (i.e., objects with
2641 a MAX-ACCESS other than not-accessible) may be considered sensitive
2642 or vulnerable in some network environments. It is thus important to
2643 control even GET and/or NOTIFY access to these objects and possibly
2644 to even encrypt the values of these objects when sending them over
2645 the network via SNMP. These are the tables and objects and their
2646 sensitivity/vulnerability:
2648 o ipfixTransportSessionTable - contains configuration data that
2649 might be sensitive because objects in this table may reveal
2650 information about the network infrastructure
2652 o ipfixExportTable - contains configuration data that might be
2653 sensitive because object in this table may reveal information
2654 about the network infrastructure as well
2656 o ipfixMeteringProcessTable - contains configuration data that might
2657 be sensitive because objects in this table may reveal information
2658 about the IPFIX Device itself
2660 o ipfixObservationPointTable - contains configuration data that
2661 might be sensitive because objects in this table may reveal
2662 information about the IPFIX Device itself and the network
2663 infrastructure
2665 o ipfixSelectorFunctions - currently contains no sensitive data but
2666 might want to be secured anyway since it may contain sensitive
2667 data in a future version
2669 All other objects and tables contain no data that is considered
2670 sensitive.
2672 SNMP versions prior to SNMPv3 did not include adequate security.
2673 Even if the network itself is secure (for example by using IPsec),
2674 even then, there is no control as to who on the secure network is
2675 allowed to access and GET/SET (read/change/create/delete) the objects
2676 in these MIB modules.
2678 It is RECOMMENDED that implementers consider the security features as
2679 provided by the SNMPv3 framework (see [RFC3410] Section 8), including
2680 full support for the SNMPv3 cryptographic mechanisms (for
2681 authentication and privacy).
2683 Further, deployment of SNMP versions prior to SNMPv3 is NOT
2684 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
2685 enable cryptographic security. It is then a customer/operator
2686 responsibility to ensure that the SNMP entity giving access to an
2687 instance of these MIB modules is properly configured to give access
2688 to the objects only to those principals (users) that have legitimate
2689 rights to indeed GET or SET (change/create/delete) them.
2691 10. IANA Considerations
2693 The MIB module in this document uses the following IANA-assigned
2694 OBJECT IDENTIFIER values recorded in the SMI Numbers registry:
2696 Descriptor OBJECT IDENTIFIER value
2697 ---------- -----------------------
2698 ipfixMIB { mib-2 193 }
2699 ipfixSelectorMIB { mib-2 194 }
2701 NOTE TO RFC EDITOR: substitute ThisRFC with the RFC number of this
2702 document after assignment in the following section.
2704 The IPFIX SELECTOR MIB registry as defined in [RFC5815] Section 10
2705 will be removed by IANA as its use is discontinued with this
2706 document.
2708 Further on, IANA will maintain a subregistry at
2709 http://www.iana.org/assignments/smi-numbers in which the toplevel
2710 OIDs in the subtree under object ipfixSelectorFunctions MUST be
2711 registered. The initial version of this subregistry should contain
2712 the following content:
2714 Sub-registry Name: IPFIX-SELECTOR-MIB Functions
2715 Reference: [ThisRFC]
2716 Registration Procedures: Expert Review [RFC5226]
2718 Prefix:
2719 mib-2.ipfixSelectorMIB.ipfixSelectorObjects.ipfixSelectorFunctions
2720 (1.3.6.1.2.1.194.1.1)
2721 Decimal Name Description Reference
2722 ------- ---- ----------- ---------
2723 1 ipfixFuncSelectAll Select everything [ThisRFC]
2725 Additions to this subregistry are subject to Expert Review [RFC5226],
2726 i.e., review by one of a group of experts designated by an IETF Area
2727 Director. The group of experts MUST check the requested MIB objects
2728 for completeness and accuracy of the description. Requests for MIB
2729 objects that duplicate the functionality of existing objects SHOULD
2730 be declined. The smallest available OID SHOULD be assigned to new
2731 MIB objects. The specification of new MIB objects SHOULD follow the
2732 structure specified in Section 6 and MUST be published using a well-
2733 established and persistent publication medium. The experts will
2734 initially be drawn from the Working Group Chairs and document editors
2735 of the IPFIX and PSAMP Working Groups.
2737 11. Acknowledgments
2739 This document is a product of the IPFIX Working Group. The authors
2740 would like to thank the following persons: Paul Aitken for his
2741 detailed review, Dan Romascanu and the MIB doctors, and many more,
2742 for the technical reviews and feedback.
2744 12. References
2746 12.1. Normative References
2748 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
2749 Requirement Levels", BCP 14, RFC 2119, March 1997.
2751 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J.
2752 Schoenwaelder, Ed., "Structure of Management Information
2753 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.
2755 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J.
2756 Schoenwaelder, Ed., "Textual Conventions for SMIv2",
2757 STD 58, RFC 2579, April 1999.
2759 [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder,
2760 "Conformance Statements for SMIv2", STD 58, RFC 2580,
2761 April 1999.
2763 [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J.
2764 Schoenwaelder, "Textual Conventions for Internet Network
2765 Addresses", RFC 4001, February 2005.
2767 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group
2768 MIB", RFC 2863, June 2000.
2770 [RFC3873] Pastor, J. and M. Belinchon, "Stream Control Transmission
2771 Protocol (SCTP) Management Information Base (MIB)",
2772 RFC 3873, September 2004.
2774 [RFC4133] Bierman, A. and K. McCloghrie, "Entity MIB (Version 3)",
2775 RFC 4133, August 2005.
2777 [RFC5101] Claise, B., "Specification of the IP Flow Information
2778 Export (IPFIX) Protocol for the Exchange of IP Traffic
2779 Flow Information", RFC 5101, January 2008.
2781 [RFC5102] Quittek, J., Bryant, S., Claise, B., Aitken, P., and J.
2782 Meyer, "Information Model for IP Flow Information Export",
2783 RFC 5102, January 2008.
2785 [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
2786 IANA Considerations Section in RFCs", BCP 26, RFC 5226,
2787 May 2008.
2789 [RFC5815] Dietz, T., Kobayashi, A., Claise, B., and G. Muenz,
2790 "Definitions of Managed Objects for IP Flow Information
2791 Export", RFC 5815, April 2010.
2793 12.2. Informative References
2795 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart,
2796 "Introduction and Applicability Statements for Internet-
2797 Standard Management Framework", RFC 3410, December 2002.
2799 [RFC3917] Quittek, J., Zseby, T., Claise, B., and S. Zander,
2800 "Requirements for IP Flow Information Export (IPFIX)",
2801 RFC 3917, October 2004.
2803 [RFC5470] Sadasivan, G., Brownlee, N., Claise, B., and J. Quittek,
2804 "Architecture for IP Flow Information Export", RFC 5470,
2805 March 2009.
2807 [RFC5472] Zseby, T., Boschi, E., Brownlee, N., and B. Claise, "IP
2808 Flow Information Export (IPFIX) Applicability", RFC 5472,
2809 March 2009.
2811 [RFC5474] Duffield, N., Chiou, D., Claise, B., Greenberg, A.,
2812 Grossglauser, M., and J. Rexford, "A Framework for Packet
2813 Selection and Reporting", RFC 5474, March 2009.
2815 [RFC5475] Zseby, T., Molina, M., Duffield, N., Niccolini, S., and F.
2816 Raspall, "Sampling and Filtering Techniques for IP Packet
2817 Selection", RFC 5475, March 2009.
2819 [RFC5476] Claise, B., Johnson, A., and J. Quittek, "Packet Sampling
2820 (PSAMP) Protocol Specifications", RFC 5476, March 2009.
2822 Authors' Addresses
2824 Thomas Dietz (editor)
2825 NEC Europe, Ltd.
2826 NEC Laboratories Europe
2827 Network Research Division
2828 Kurfuersten-Anlage 36
2829 Heidelberg 69115
2830 DE
2832 Phone: +49 6221 4342-128
2833 Email: Thomas.Dietz@neclab.eu
2835 Atsushi Kobayashi
2836 NTT Information Sharing Platform Laboratories
2837 3-9-11 Midori-cho
2838 Musashino-shi, Tokyo 180-8585
2839 JA
2841 Phone: +81-422-59-3978
2842 Email: akoba@nttv6.net
2844 Benoit Claise
2845 Cisco Systems, Inc.
2846 De Kleetlaan 6a b1
2847 Degem 1831
2848 BE
2850 Phone: +32 2 704 5622
2851 Email: bclaise@cisco.com
2853 Gerhard Muenz
2854 Technische Universitaet Muenchen
2855 Department of Informatics
2856 Chair for Network Architectures and Services (I8)
2857 Boltzmannstr. 3
2858 Garching 85748
2859 DE
2861 Email: muenz@net.in.tum.de