idnits 2.17.1 draft-ietf-pwe3-enet-mib-14.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** The document seems to lack a License Notice according IETF Trust Provisions of 28 Dec 2009, Section 6.b.i or Provisions of 12 Sep 2009 Section 6.b -- however, there's a paragraph with a matching beginning. Boilerplate error? -- It seems you're using the 'non-IETF stream' Licence Notice instead Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but does not include the phrase in its RFC 2119 key words list. -- The document seems to contain a disclaimer for pre-RFC5378 work, and may have content which was first submitted before 10 November 2008. The disclaimer is necessary when there are original authors that you have been unable to contact, or if some do not wish to grant the BCP78 rights to the IETF Trust. If you are able to get all authors (current and original) to grant those rights, you can and should remove the disclaimer; otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (February 15, 2009) is 5539 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Possible downref: Non-RFC (?) normative reference: ref. 'PWMIB' -- Possible downref: Non-RFC (?) normative reference: ref. 'PWTC' Summary: 1 error (**), 0 flaws (~~), 2 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Pseudowire Edge-to-Edge Emulation D. Zelig, Ed. 3 Internet-Draft Corrigent Systems 4 Intended status: Standards Track T. Nadeau, Ed. 5 Expires: August 15, 2009 BT 6 February 15, 2009 8 Ethernet Pseudowire (PW) Management Information Base (MIB) 9 draft-ietf-pwe3-enet-mib-14 11 Status of this Memo 13 This Internet-Draft is submitted to IETF in full conformance with the 14 provisions of BCP 78 and BCP 79. 16 Internet-Drafts are working documents of the Internet Engineering 17 Task Force (IETF), its areas, and its working groups. Note that 18 other groups may also distribute working documents as Internet- 19 Drafts. 21 Internet-Drafts are draft documents valid for a maximum of six months 22 and may be updated, replaced, or obsoleted by other documents at any 23 time. It is inappropriate to use Internet-Drafts as reference 24 material or to cite them other than as "work in progress." 26 The list of current Internet-Drafts can be accessed at 27 http://www.ietf.org/ietf/1id-abstracts.txt 29 The list of Internet-Draft Shadow Directories can be accessed at 30 http://www.ietf.org/shadow.html. 32 This Internet-Draft will expire on July 15, 2009. 34 Copyright Notice 36 Copyright (c) 2009 IETF Trust and the persons identified as the 37 document authors. All rights reserved. 39 This document is subject to BCP 78 and the IETF Trust's Legal 40 Provisions Relating to IETF Documents 41 (http://trustee.ietf.org/license-info) in effect on the date of 42 publication of this document. Please review these documents 43 carefully, as they describe your rights and restrictions with respect 44 to this document. 46 draft-ietf-pwe3-enet-mib-14 August 2009 48 This document may contain material from IETF Documents or IETF 49 Contributions published or made publicly available before November 50 10, 2008. The person(s) controlling the copyright in some of this 51 material may not have granted the IETF Trust the right to allow 52 modifications of such material outside the IETF Standards Process. 53 Without obtaining an adequate license from the person(s) 54 controlling the copyright in such materials, this document may not 55 be modified outside the IETF Standards Process, and derivative 56 works of it may not be created outside the IETF Standards Process, 57 except to format it for publication as an RFC or to translate it 58 into languages other than English. 60 Abstract 62 This memo defines a portion of the Management Information Base (MIB) 63 for use with network management protocols in the Internet community. 64 In particular, it describes managed objects for modeling of Ethernet 65 Pseudowire (PW) services. 67 Conventions used in this document 69 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 70 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 71 document are to be interpreted as described in RFC-2119. 73 Table of Contents 75 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 76 2. The Internet-Standard Management Framework . . . . . . . . . . 3 77 3. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 78 4. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 79 5. Feature Checklist . . . . . . . . . . . . . . . . . . . . . . 4 80 6. PW ENET MIB Module Usage . . . . . . . . . . . . . . . . . . . 5 81 7. PW-ENET Management Model . . . . . . . . . . . . . . . . . . . 6 82 8. Example of the PW-ENET MIB Module Usage . . . . . . . . . . . 7 83 9. Service Delimiting Modes . . . . . . . . . . . . . . . . . . . 7 84 10. Object Definitions . . . . . . . . . . . . . . . . . . . . . . 10 85 draft-ietf-pwe3-enet-mib-14 August 2009 87 11. Security Considerations . . . . . . . . . . . . . . . . . . . 20 88 12. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 21 89 13. References . . . . . . . . . . . . . . . . . . . . . . . . . . 21 90 13.1. Normative References . . . . . . . . . . . . . . . . . . 21 91 13.2. Informative References . . . . . . . . . . . . . . . . . 22 92 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 22 94 1. Introduction 96 This document describes a model for managing Ethernet pseudowire 97 services for transmission over a Packet Switched Network (PSN). This 98 MIB module is generic and common to all types of PSNs supported in 99 the PWE3 architecture [RFC3985], which describes the transport and 100 encapsulation of L1 and L2 services over supported PSN types. 102 In particular, the MIB module associates a port or specific VLANs on 103 top of a physical Ethernet port or a virtual Ethernet interface (for 104 VPLS service) to a point-to-point PW. It is complementary to the 105 [PWMIB], which manages the generic PW parameters common to all 106 services, including all supported PSN types. 108 Comments should be made directly to the PWE3 mailing list at 109 pwe3@ietf.org. 111 2. The Internet-Standard Management Framework 113 For a detailed overview of the documents that describe the current 114 Internet-Standard Management Framework, please refer to section 7 of 115 RFC 3410 [RFC3410]. 117 Managed objects are accessed via a virtual information store, termed 118 the Management Information Base or MIB. MIB objects are generally 119 accessed through Simple Network Management Protocol (SNMP). Objects 120 in the MIB are defined using the mechanisms defined in the Structure 121 of Management Information (SMI). This memo specifies a MIB module 122 that is compliant to the SMIv2, which is described in STD 58, RFC 123 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 124 [RFC2580]. 126 3. Conventions 128 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 129 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 130 document are to be interpreted as described in RFC 2119 [BCP14]. 132 draft-ietf-pwe3-enet-mib-14 August 2009 134 This document adopts the definitions, acronyms and mechanisms 135 described in [RFC3985] and [RFC3916]. Unless otherwise stated, the 136 mechanisms of [RFC3985] apply and will not be re-described here. 138 4. Overview 140 The MIB module structure for defining a PW service is composed of 141 three layers of MIB modules functioning together. This general model 142 is defined in the PWE3 architecture [RFC3985]. The layering model is 143 intended to sufficiently isolate PW services from the underlying PSN 144 layer that carries the emulated service. This is done at the same 145 time as providing a standard means for connecting any supported 146 services to any supported PSNs. 148 The first layer, known as the service layer, contains service- 149 specific modules. These modules define service-specific management 150 objects that interface or collaborate with existing MIB modules for 151 the native version of the service. The service-specific module 152 "glues" the standard modules to the PWE3 MIB modules. 154 The next layer of the PWE3 MIB framework is the PW MIB module 155 [PWMIB]. This module is used to configure general parameters of PWs 156 that are common to all types of emulated services and PSNs. This 157 layer is connected to the service-specific layer above, and the PSN 158 layer below. 160 The PSN layer provides PSN-specific modules for each type of PSN. 161 These modules associate the PW with one or more "tunnels" that carry 162 the service over the PSN. These modules are used to "glue" the PW 163 service to the underlying PSN-specific MIB modules. This document 164 defines the MIB module for Ethernet PW over any PSN type. 166 This module uses TCs and objects as defined in [RFC2578], [RFC2579], 167 [RFC2580], [RFC2863], [RFC4502], [PWMIB] and [PWTC]. 169 The Etherlike-MIB [RFC3635] does not support virtual Ethernet port, 170 however it is sometimes desired to manage the PW as an Ethernet port 171 via the Etherlike-MIB. This MIB module supports an option to 172 recognize the PW as an ifIndex, enabling standard use of the 173 Etherlike-MIB to manage the PW. 175 5. Feature Checklist 177 The PW Ethernet MIB module (PW-ENET-STD-MIB) is designed to satisfy 178 the following requirements and constraints: 180 draft-ietf-pwe3-enet-mib-14 August 2009 182 - The MIB module is designed to work with the PW-STD-MIB [PWMIB]. 184 - The MIB module is agnostic to the PSN type. 186 - The MIB module supports various options for selecting Ethernet 187 packets into the PW, as defined in [RFC4448]. These include port- 188 based PW, VLAN-based PW, VLAN-manipulated based (change, add or 189 remove) between the port to be emulated and the PW. 191 - In the case of an MPLS PSN, the MIB module supports the use of 192 multiple PWs to carry the same Ethernet service. These PWs can be 193 used to support L-LSPs or single COS E-LSPs capable PSN, when 194 mapping of the Ethernet PRI bits to the PSN COS is required. 196 - The MIB module enables both point-to-point Ethernet services and 197 VPLS services as discussed in the L2VPN working group [RFC4664]. 199 - The MIB module allows modeling of the PW as an Ethernet virtual 200 port to be managed via existing Ethernet MIBs like Etherlike-MIB 201 [RFC3635]. 203 6. PW ENET MIB Module Usage 205 - The PW table (pwTable) is used for all PW types (ATM, FR, 206 Ethernet, SONET, etc.). This table contains high level generic 207 parameters related to the PW creation. A row is typically created 208 by the operator (see [PWTC] for other options) for each PW 209 service. 211 - Based on the PSN type defined for the PW, rows are created in PSN 212 specific module (for example [PWMPLSMIB]) and associated to the 213 pwTable by the common pwIndex. 215 - If the PW type is Ethernet or EthernetTagged a row is created by 216 the agent in pwEnetTable. 218 7. PW-ENET Management Model 220 The management model for the Ethernet PW is shown in Figure 1, and is 221 based on the PW layering [RFC3985]. 223 +--------------------------------------+ 224 | PE Device | 225 +--------------------------------------+ 227 draft-ietf-pwe3-enet-mib-14 August 2009 229 Single | | | 230 AC | | Single | PW Instance 231 <------>o Forwarder + PW Instance X<=========> 232 | | | 233 +--------------------------------------+ 234 ^ 235 | 236 May be modeled as 237 ifIndex 239 Notation: 240 o A physical CE-bound PE port 241 + A PW IWF instance interface to the forwarder. 242 X A PE PSN-bound port. 244 Figure 1: A simple point-to-point service 246 In the typical point-to-point service, the object pwEnetPortIfIndex 247 associates the physical CE-bound PE port ('o') to the PW (it is 248 allowed to have multiple PWs associated to the same physical port). 249 This MIB module also manages some of the possible operations of the 250 forwarder. 252 In some models it is convenient to model the forwarder virtual 253 interface to a PW IWF instance ('+') as an ifIndex. As discussed in 254 the [PWMIB], this is possible by using the PW ifType in the ifTable 255 and indicating the ifIndex in the main pwTable. In case of Ethernet 256 PW a virtual interface of ifType = etherLike will be assigned on top 257 of the PW interface to enable statistics gathering and statuses and 258 other management configuration tasks via existing tools. This way, 259 the PW instance is managed as virtual Ethernet interface in the PE. 261 The model for using the PW in non-point-to-point applications, such 262 as VPLS are done with the same principle in mind, except that the 263 creation of the tables is related typically to an auto-discovery 264 process. 266 8. Example of the PW-ENET MIB Module Usage 268 Assume we would like to create a PW of type VLAN between two PEs, for 269 VLAN value 5. 271 - Follows the example in [PWMIB], with pwType equals 272 'ethernetTagged'. 274 - The agent creates a row in pwEnetTable and a row in 275 pwEnetStatsTable for the specified pwIndex. The pwEnetPwInstance 276 is automatically set by the agent to the value of '1'. 278 draft-ietf-pwe3-enet-mib-14 August 2009 280 - The operator fills the following entries in the pwEnetTable: 282 pwEnetPwVlan 5, 283 pwEnetVlanMode noChange, 284 pwEnetPortVlan 5, 286 pwEnetPortIfIndex 1001, 287 pwEnetPwIfIndex 0, -- Not managed in the 288 -- Etherlike MIB module 289 ... 291 - The PW is ready for forwarding when signaling has been 292 accomplished successfully between the two peers. 294 9. Service Delimiting Modes 296 This section describes how the MIB module supports point-to-point 297 applications with various VLAN service delimiting options on the 298 original Ethernet port and the corresponding PW mode and VLAN values. 299 If the PW is attached to VPLS service, the PW is associated to a 300 virtual interface that is attached to a bridge or VPLS forwarder. 301 The bridging function between local physical ports and virtual 302 interfaces that are later associated tp PWs is not handled via this 303 MIB module. 305 There are 3 main service types that are supported by this MIB module: 307 (1) Port mode: In this mode, the whole traffic from the port is 308 mapped to the PW. 310 A. In the typical application, the packet is sent to the PW as 311 is: 313 pwEnetPwVlan 4095, 314 pwEnetVlanMode portMode, 315 pwEnetPortVlan 4095, 317 pwType Ethernet, 319 B. It is possible to add a provider tag (value 10 for example) 320 to the packet when it is sent over the PW: 322 pwEnetPwVlan 10, 323 pwEnetVlanMode addVlan, 324 pwEnetPortVlan 4095, 325 draft-ietf-pwe3-enet-mib-14 August 2009 327 pwType SHOULD be set to 'EthernetTagged'. 329 (2) Single VLAN: In this mode, only the first VLAN field on the 330 packet from the physical port is the service delimiting tag, as 331 an example VLAN=5. The following options of processing are 332 possible: 334 A. One to one mapping: The service delimiting tag is kept as is 335 on the PW. 337 pwEnetPwVlan 5, 338 pwEnetVlanMode noChange, 339 pwEnetPortVlan 5, 341 pwType SHOULD be set to 'EthernetTagged'. 343 B. VLAN change mapping: The service delimiting tag changes its 344 value (to value of 6) on the PW. 346 pwEnetPwVlan 6, 347 pwEnetVlanMode changeVlan, 348 pwEnetPortVlan 5, 350 pwType SHOULD be set to 'EthernetTagged'. 352 C. The service delimiting tag is removed when the packet is 353 sent to the PW. 355 pwEnetPwVlan 5, 356 pwEnetVlanMode removeVlan, 357 pwEnetPortVlan 4095, 359 pwType SHOULD be set to 'EthernetTagged'. 361 It should be noted that this mode is also applicable when 362 the service delimiting tag is a service provider tag (VLAN=5 363 in this case), and the node removes this VLAN and maps the 364 traffic to a single PW independent of the packet format on 365 top of this VLAN. 367 D. Untagged packets mapped to a PW as is (packets with a VLAN 368 field from the same port MAY be mapped to other PWs). 370 pwEnetPwVlan 0, 371 pwEnetVlanMode noChange, 372 pwEnetPortVlan 0, 373 draft-ietf-pwe3-enet-mib-14 August 2009 375 pwType MAY equal 'Ethernet' or 'EthernetTagged'. 377 E. Untagged packets mapped to a PW, and a VLAN field is added 378 to the packet. 380 pwEnetPwVlan 6, 381 pwEnetVlanMode addVlan, 382 pwEnetPortVlan 0, 384 pwType SHOULD be set to 'EthernetTagged'. 386 F. A provider VLAN (value 10) is added to packets arriving with 387 VLAN value 5 before they are sent to the PW. 389 pwEnetPwVlan 10, 390 pwEnetVlanMode addVlan, 391 pwEnetPortVlan 5, 393 pwType SHOULD be set to 'EthernetTagged'. 395 (3) Nested VLAN (QinQ): When only the first VLAN is the service 396 delimiting tag, one of the modes as described in 2) SHOULD be 397 used. If the service delimiting tag is both the first VLAN and 398 the second VLAN, the following option is supported by this MIB 399 module: 400 Assuming the provider VLAN tag equals 5 and the user VLAN tag 401 equal 100, this traffic can be mapped to the PW without the 402 provider tag by using the following configuration: 404 pwEnetPwVlan 100, 405 pwEnetVlanMode removeVLAN, 406 pwEnetPortVlan 5, 408 It is RECOMMENDED that the pwType would equal 'EthernetTagged', 409 but pwType equal to 'Ethernet' MAY be used as well. 411 Packets with the same provider tag MAY be mapped to other PWs. 413 (4) Other scenarios are considered out of the scope and should be 414 handled by other MIB modules that manage the forwarder and the 415 NSP sections. 417 10. Object Definitions 419 PW-ENET-STD-MIB DEFINITIONS ::= BEGIN 420 draft-ietf-pwe3-enet-mib-14 August 2009 422 IMPORTS 423 OBJECT-TYPE, MODULE-IDENTITY, Unsigned32, mib-2 424 FROM SNMPv2-SMI -- [RFC2578] 426 MODULE-COMPLIANCE, OBJECT-GROUP 427 FROM SNMPv2-CONF -- [RFC2580] 429 StorageType, RowStatus 430 FROM SNMPv2-TC -- [RFC2579] 432 InterfaceIndexOrZero 433 FROM IF-MIB -- [RFC2863] 435 ZeroBasedCounter32 436 FROM RMON2-MIB -- [RFC4502] 438 pwIndex 439 FROM PW-STD-MIB -- [PWMIB] 440 -- RFC Editor: Please replace 441 -- PWMIB with correct RFC # 442 VlanIdOrAnyOrNone 443 FROM Q-BRIDGE-MIB; -- [RFC4363] 445 pwEnetStdMIB MODULE-IDENTITY 446 LAST-UPDATED "200902091200Z" -- 9 February 2009 12:00:00 GMT 447 ORGANIZATION "IETF PWE3 Working group" 448 CONTACT-INFO 449 "David Zelig 450 E-mail: davidz@corrigent.com 452 Thomas D. Nadeau 453 Email: tom.nadeau@bt.com 454 " 455 DESCRIPTION 456 "This MIB module describes a model for managing Ethernet 457 point-to-point pseudowire services over a Packet 458 Switched Network (PSN). 460 Copyright (c) The IETF Trust (2009). This version 461 of this MIB module is part of RFC yyyy; see the RFC 462 itself for full legal notices." 463 -- RFC Editor: replace yyyy with the actual RFC number and remove 464 -- this note 466 -- Revision history. 468 draft-ietf-pwe3-enet-mib-14 August 2009 470 REVISION "200902091200Z" -- 9 February 2009 12:00:00 GMT 471 DESCRIPTION "Initial version published as part of RFC XXXX." 472 -- RFC Editor: Please replace XXXX with the actual RFC number and 473 -- remove this note 475 ::= { mib-2 XXXX } -- RFC Editor: Please replace 476 -- XXXX with IANA assigned value. 477 -- See IANA considerations section. 479 pwEnetObjects OBJECT IDENTIFIER ::= { pwEnetStdMIB 1 } 480 pwEnetConformance OBJECT IDENTIFIER ::= { pwEnetStdMIB 2 } 482 -- 483 -- Ethernet PW table 484 -- 486 pwEnetTable OBJECT-TYPE 487 SYNTAX SEQUENCE OF PwEnetEntry 488 MAX-ACCESS not-accessible 489 STATUS current 490 DESCRIPTION 491 "This table contains the index to the Ethernet tables 492 associated with this ETH PW, the VLAN configuration and 493 VLAN mode." 494 ::= { pwEnetObjects 1 } 496 pwEnetEntry OBJECT-TYPE 497 SYNTAX PwEnetEntry 498 MAX-ACCESS not-accessible 499 STATUS current 500 DESCRIPTION 501 "This table is indexed by the same index that was created 502 for the associated entry in the PW generic table in the 504 PW-STD-MIB module. 505 The pwIndex and the pwEnetPwInstance are used as indexes 506 to allow multiple VLANs to exist on the same PW. 508 An entry is created in this table by the agent for every 509 entry in the pwTable with a pwType of 'ethernetTagged' 510 or 'ethernet'. Additional rows may be created by the 511 operator or the agent if multiple entries are required for 512 the same PW. 514 The value of pwEnetPwInstance can be arbitrary selected 515 to make the row unique, however implementations that know 516 the VLAN field value when the row is created MAY use the 517 value of the VLAN itself for better readability and 518 draft-ietf-pwe3-enet-mib-14 August 2009 520 backward compatibility with older versions of this MIB 521 module. 523 This table provides Ethernet port mapping and VLAN 524 configuration for each Ethernet PW. 526 All read-create object in this table MAY be changed at any 527 time, however change of some objects (for example 528 pwEnetVlanMode) during PW forwarding state MAY cause traffic 529 disruption. 531 Manual entries in this table SHOULD be preserved after a 532 re-boot, the agent MUST ensure the integrity of those 533 entries. If the set of entires of a specific row are found to 534 be non consistent after reboot, the PW pwOperStatus MUST be 535 declared as notPresent(5). 536 " 538 INDEX { pwIndex, pwEnetPwInstance } 539 ::= { pwEnetTable 1 } 541 PwEnetEntry ::= SEQUENCE { 542 pwEnetPwInstance Unsigned32, 543 pwEnetPwVlan VlanIdOrAnyOrNone, 544 pwEnetVlanMode INTEGER, 545 pwEnetPortVlan VlanIdOrAnyOrNone, 547 pwEnetPortIfIndex InterfaceIndexOrZero, 548 pwEnetPwIfIndex InterfaceIndexOrZero, 550 pwEnetRowStatus RowStatus, 551 pwEnetStorageType StorageType 552 } 554 pwEnetPwInstance OBJECT-TYPE 555 SYNTAX Unsigned32 556 MAX-ACCESS not-accessible 557 STATUS current 558 DESCRIPTION 559 "If multiple rows are mapped to the same PW, this index is 560 used to uniquely identify the individual row. 561 If the value of the VLAN field is known at the time of 562 of row creation, the value of pwEnetPwVlan MAY be used 563 for better readability and backward compatibility with 564 older versions of this MIB module. Otherwise the value 565 '1' SHOULD be set to the first row for each pwIndex 566 for better readability and in order that the management 567 draft-ietf-pwe3-enet-mib-14 August 2009 569 application will know in advance how to access the 570 first row when it was created by the agent. 571 " 572 ::= { pwEnetEntry 1 } 574 pwEnetPwVlan OBJECT-TYPE 575 SYNTAX VlanIdOrAnyOrNone 576 MAX-ACCESS read-create 577 STATUS current 578 DESCRIPTION 579 "This Object defines the (service delimiting) VLAN field 580 value on the PW. The value of 4095 MUST be used if the 581 object is not applicable, for example when mapping all 582 packets from an Ethernet port to this PW (raw mode). 583 The value 0 MUST be set to indicate untagged frames 584 (from the PW point of view), i.e. when pwEnetVlanMode 585 equals 'noChange' and pwEnetPortVlan equals 0." 586 ::= { pwEnetEntry 2 } 588 pwEnetVlanMode OBJECT-TYPE 589 SYNTAX INTEGER { 590 other(0), 591 portBased(1), 592 noChange(2), 593 changeVlan(3), 594 addVlan(4), 595 removeVlan(5) 596 } 597 MAX-ACCESS read-create 598 STATUS current 599 DESCRIPTION 600 "This object indicates the mode of VLAN handling between the 601 port or the virtual port associated with the PW and the 602 PW encapsulation. 604 - 'other' indicates an operation that is not defined by 605 this MIB module. 607 - 'portBased' indicates that the forwarder will forward 608 packets between the port and the PW independent of their 609 structure (i.e. there is no service delimiting VLAN tags 610 from the PE standpoint). 612 - 'noChange' indicates that the PW contains the original 613 user VLAN, as specified in pwEnetPortVlan, i.e. the 614 VLAN on the PE-CE link is the service delimiting tag 615 and is kept 'as is' on the PW. 617 draft-ietf-pwe3-enet-mib-14 August 2009 619 - 'changeVlan' indicates that the VLAN field on the PW 620 may be different than the VLAN field on the user's 621 port. The VLAN on the PE-CE link is the service delimiting 622 tag but has a different value on the PW. 624 - 'removeVlan' indicates that the encapsulation on the 625 PW does not include the service delimiting VLAN field. 626 Note that PRI bits transparency is lost in this case. 628 - 'addVlan' indicates that a VLAN field will be added 629 on the PSN bound direction (i.e. on the PW). pwEnetPwVlan 630 indicates the value that will be added. 632 - Implementation of 'portsbased', 'removeVlan', 'addVlan' 633 'other' and 'changeVlan' is OPTIONAL. 634 " 635 DEFVAL { noChange } 636 ::= { pwEnetEntry 3 } 638 pwEnetPortVlan OBJECT-TYPE 639 SYNTAX VlanIdOrAnyOrNone 640 MAX-ACCESS read-create 641 STATUS current 642 DESCRIPTION 643 "This object defines if the mapping between the original port 644 (physical port or VPLS virtual port) to the PW is VLAN based 645 or not. In case of VLAN mapping, this object indicates the 646 the VLAN value on the original port. 648 The value of '4095' MUST be used if the whole original port 649 traffic is mapped to the same PW. Note that a pwType of 650 'ethernetTagged' can still be used if service delimiting tag 651 is added on the PW (pwEnetVlanMode equals 'addVlan'). 653 This object MUST be equal to pwEnetPwVlan if pwEnetVlanMode 654 equals 'noChange'. 656 The value 0 indicates packets without VLAN field 657 (i.e. untagged frames) on the port are associated to this 658 PW. This allows the same behavior as assigning 'Default 659 VLAN' to untagged frames. 660 " 661 DEFVAL { 4095 } 662 ::= { pwEnetEntry 4 } 664 pwEnetPortIfIndex OBJECT-TYPE 665 SYNTAX InterfaceIndexOrZero 666 MAX-ACCESS read-create 667 draft-ietf-pwe3-enet-mib-14 August 2009 669 STATUS current 670 DESCRIPTION 671 "This object is used to specify the ifIndex of the Ethernet 672 port associated with this PW for point-to-point Ethernet 673 service, or the ifIndex of the virtual interface of the 674 VPLS instance associated with the PW if the service is 675 VPLS. Two rows in this table can point to the same ifIndex 676 only if there is no overlap of VLAN values specified in 677 pwEnetPortVlan that are associated with this port. 679 A value of zero indicates that association to an ifIndex is 680 not yet known." 682 ::= { pwEnetEntry 5 } 684 pwEnetPwIfIndex OBJECT-TYPE 685 SYNTAX InterfaceIndexOrZero 686 MAX-ACCESS read-create 687 STATUS current 688 DESCRIPTION 689 "If the PW is modeled as an ifIndex in the ifTable, this 690 object indicates the value of the ifIndex representing the 691 Ethernet PW on the PSN side in the Etherlike-MIB. Note that 692 this value may be different from the value of pwIfIndex 693 that represents the ifIndex of the PW for ifType 'pw'." 695 DEFVAL { 0 } 696 ::= { pwEnetEntry 6 } 698 pwEnetRowStatus OBJECT-TYPE 699 SYNTAX RowStatus 700 MAX-ACCESS read-create 701 STATUS current 702 DESCRIPTION 703 "This object enables creating, deleting and modifying this row." 704 ::= { pwEnetEntry 7 } 706 pwEnetStorageType OBJECT-TYPE 707 SYNTAX StorageType 708 MAX-ACCESS read-create 709 STATUS current 710 DESCRIPTION 711 "This object indicates the storage type of this row." 712 DEFVAL { nonVolatile } 713 ::= { pwEnetEntry 8 } 715 -- 716 -- Ethernet PW Statistics Table 717 draft-ietf-pwe3-enet-mib-14 August 2009 719 -- 721 pwEnetStatsTable OBJECT-TYPE 722 SYNTAX SEQUENCE OF PwEnetStatsEntry 723 MAX-ACCESS not-accessible 724 STATUS current 725 DESCRIPTION 726 "This table contains statistical counters specific for 727 Ethernet PW." 728 ::= { pwEnetObjects 2 } 730 pwEnetStatsEntry OBJECT-TYPE 731 SYNTAX PwEnetStatsEntry 732 MAX-ACCESS not-accessible 733 STATUS current 734 DESCRIPTION 735 "Each entry represents the statistics gathered for the 736 PW carrying the Ethernet." 737 INDEX { pwIndex } 738 ::= { pwEnetStatsTable 1 } 740 PwEnetStatsEntry ::= SEQUENCE { 741 pwEnetStatsIllegalVlan ZeroBasedCounter32, 742 pwEnetStatsIllegalLength ZeroBasedCounter32 743 } 745 pwEnetStatsIllegalVlan OBJECT-TYPE 746 SYNTAX ZeroBasedCounter32 747 MAX-ACCESS read-only 748 STATUS current 749 DESCRIPTION 750 "The number of packets received (from the PSN) on this PW 751 with either an illegal VLAN field, a missing VLAN field 752 when one was expected, or an excessive VLAN field when 753 it was not expected. This counter may not be applicable 754 in some cases, and MUST return the value of zero in 755 such a case." 756 ::= { pwEnetStatsEntry 1 } 758 pwEnetStatsIllegalLength OBJECT-TYPE 759 SYNTAX ZeroBasedCounter32 760 MAX-ACCESS read-only 761 STATUS current 762 DESCRIPTION 763 "The number of packets that were received with an illegal 764 Ethernet packet length on this PW. An illegal length is 765 defined as being greater than the value in the advertised 766 draft-ietf-pwe3-enet-mib-14 August 2009 768 MTU supported, or shorter than the allowed Ethernet packet 769 size." 770 ::= { pwEnetStatsEntry 2 } 772 --- 773 --- Conformance description 774 --- 776 pwEnetGroups OBJECT IDENTIFIER ::= { pwEnetConformance 1 } 777 pwEnetCompliances OBJECT IDENTIFIER ::= { pwEnetConformance 2 } 779 -- Compliance requirement for fully compliant implementations. 781 pwEnetModuleFullCompliance MODULE-COMPLIANCE 782 STATUS current 783 DESCRIPTION 784 "The compliance statement for agents that provide full 785 support for the PW-ENET-STD-MIB Module. Such devices 786 can then be monitored and also be configured using 787 this MIB module." 788 MODULE -- this module 789 MANDATORY-GROUPS { 790 pwEnetGroup, 791 pwEnetStatsGroup 792 } 794 OBJECT pwEnetVlanMode 795 DESCRIPTION "An implementation MUST support at least the value 796 noChange(2)." 798 OBJECT pwEnetPwIfIndex 799 MIN-ACCESS read-only 800 DESCRIPTION "Write access and values other than zero are 801 required only for implementations that support 802 modeling the Ethernet PW in the Etherlike-MIB." 803 OBJECT pwEnetRowStatus 804 SYNTAX RowStatus { active(1), notInService(2), 805 notReady(3) } 806 WRITE-SYNTAX RowStatus { active(1), notInService(2), 807 createAndGo(4), destroy(6) 808 } 809 MIN-ACCESS read-only 810 DESCRIPTION "Support for createAndWait is not required. Support 811 of notReady is not required for implementations that 812 do not support signaling. 813 Support of read-write is not required for 814 implementations that do not support more than one 815 VLAN mapping to the same PW." 816 draft-ietf-pwe3-enet-mib-14 August 2009 818 ::= { pwEnetCompliances 1 } 820 -- Compliance requirement for read-only compliant implementations. 822 pwEnetModuleReadOnlyCompliance MODULE-COMPLIANCE 823 STATUS current 824 DESCRIPTION 825 "The compliance statement for agents that provide read- 826 only support for the PW-ENET-STD-MIB Module. Such 827 devices can then be monitored but cannot be configured 828 using this MIB module." 830 MODULE -- this module 831 MANDATORY-GROUPS { pwEnetGroup, 832 pwEnetStatsGroup 833 } 835 OBJECT pwEnetPwVlan 836 MIN-ACCESS read-only 837 DESCRIPTION "Write access is not required." 839 OBJECT pwEnetVlanMode 840 MIN-ACCESS read-only 841 DESCRIPTION "Write access is not required. An implementation 842 MUST support at least the value noChange(2)." 844 OBJECT pwEnetPortVlan 845 MIN-ACCESS read-only 846 DESCRIPTION "Write access is not required." 848 OBJECT pwEnetPortIfIndex 849 MIN-ACCESS read-only 850 DESCRIPTION "Write access is not required." 852 OBJECT pwEnetPwIfIndex 853 MIN-ACCESS read-only 854 DESCRIPTION "Write access is not required. Values other than 855 zero are required only for implementations that 856 support modeling the Ethernet PW in the 857 Etherlike-MIB." 859 OBJECT pwEnetRowStatus 860 SYNTAX RowStatus { active(1), notInService(2), 861 notReady(3) } 862 MIN-ACCESS read-only 863 DESCRIPTION "Write access is not required. Support 864 draft-ietf-pwe3-enet-mib-14 August 2009 866 of notReady is not required for implementations that 867 do not support signaling." 869 OBJECT pwEnetStorageType 870 MIN-ACCESS read-only 871 DESCRIPTION "Write access is not required." 873 ::= { pwEnetCompliances 2 } 875 -- Units of conformance. 877 pwEnetGroup OBJECT-GROUP 878 OBJECTS { 879 pwEnetPwVlan, 880 pwEnetVlanMode, 881 pwEnetPortVlan, 882 pwEnetPortIfIndex, 883 pwEnetPwIfIndex, 884 pwEnetRowStatus, 885 pwEnetStorageType 886 } 887 STATUS current 888 DESCRIPTION 889 "Collection of objects for basic Ethernet PW configuration." 890 ::= { pwEnetGroups 1 } 892 pwEnetStatsGroup OBJECT-GROUP 893 OBJECTS { 894 pwEnetStatsIllegalVlan, 895 pwEnetStatsIllegalLength 896 } 897 STATUS current 898 DESCRIPTION 899 "Collection of objects counting various PW level errors." 900 ::= { pwEnetGroups 2 } 902 END 904 11. Security Considerations 906 It is clear that this MIB module is potentially useful for monitoring 907 of PW capable PEs. This MIB module can also be used for 908 configuration of certain objects, and anything that can be configured 909 can be incorrectly configured, with potentially disastrous results. 911 There are number of management objects defined in this MIB module 912 with a MAX-ACCESS clause of read-write and/or read-create. Such 913 draft-ietf-pwe3-enet-mib-14 August 2009 915 objects may be considered sensitive or vulnerable in some network 916 environments. The support for SET operations in a non-secure 917 environment without proper protection can have a negative effect on 918 network operations. These are the tables and objects and their 919 sensitivity/vulnerability: 921 o the pwEnetTable contains objects to provision Ethernet PWs. 922 Unauthorized access to objects in these tables, could result in 923 disruption of traffic on the network. The use of stronger 924 mechanisms such as SNMPv3 security should be considered where 925 possible. Specifically, SNMPv3 VACM and USM MUST be used with any 926 v3 agent which implements this MIB module. Administrators should 927 consider whether read access to these objects should be allowed, 928 since read access may be undesirable under certain circumstances. 930 Some of the readable objects in this MIB module (i.e., objects with a 931 MAX-ACCESS other than not-accessible) may be considered sensitive or 932 vulnerable in some network environments. It is thus important to 933 control even GET and/or NOTIFY access to these objects and possibly 934 to even encrypt the values of these objects when sending them over 935 the network via SNMP. These are the tables and objects and their 936 sensitivity/vulnerability: 938 o the pwEnetTable shows the Ethernet PW service configuration. If 939 an Administrator does not want to reveal this information, then 940 these tables should be considered sensitive/vulnerable. 942 SNMP versions prior to SNMPv3 did not include adequate security. 943 Even if the network itself is secure (for example by using IPsec), 944 even then, there is no control as to who on the secure network is 945 allowed to access and GET/SET (read/change/create/delete) the objects 946 in this MIB module. 948 It is RECOMMENDED that implementers consider the security features as 949 provided by the SNMPv3 framework (see [RFC3410], section 8), 950 including full support for the SNMPv3 cryptographic mechanisms (for 951 authentication and privacy). 953 Further, deployment of SNMP versions prior to SNMPv3 is NOT 954 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 955 enable cryptographic security. It is then a customer/operator 956 responsibility to ensure that the SNMP entity giving access to an 957 instance of this MIB module, is properly configured to give access to 958 the objects only to those principals (users) that have legitimate 959 rights to indeed GET or SET (change/create/delete) them. 961 12. IANA Considerations 962 draft-ietf-pwe3-enet-mib-14 August 2009 964 The MIB module in this document uses the following IANA-assigned 965 OBJECT IDENTIFIER values recorded in the SMI Numbers registry: 967 Descriptor OBJECT IDENTIFIER value 968 ---------- ----------------------- 970 pwEnetStdMIB { mib-2 XXXX } 972 Editor's Note (to be removed prior to publication): The IANA is 973 requested to assign a value for "XXXX" under the 'mib-2' subtree and 974 to record the assignment in the SMI Numbers registry. When the 975 assignment has been made, the RFC Editor is asked to replace "XXXX" 976 (here and in the MIB module) with the assigned value and to remove 977 this note. 979 13. References 981 13.1. Normative References 983 [BCP14] Bradner, S., "Key words for use in RFCs to Indicate 984 requirement Levels", BCP 14, RFC 2119, March 1997. 986 [PWMIB] Zelig, D. and T. Nadeau, "Pseudowire (PW) Management 987 Information Base", work-in-progress . 989 [PWTC] Nadeau, T. and D. Zelig, "Definitions for Textual 990 Conventions and OBJECT-IDENTITIES for Pseudowires 991 Management", work-in-progress . 993 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 994 Schoenwaelder, Ed., "Structure of Management Information 995 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. 997 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 998 Schoenwaelder, Ed., "Textual Conventions for SMIv2", 999 STD 58, RFC 2579, April 1999. 1001 [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 1002 "Conformance Statements for SMIv2", STD 58, RFC 2580, 1003 April 1999. 1005 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group 1006 MIB", RFC 2863, June 2000. 1008 [RFC3635] Flick, J., "Definitions of Managed Objects for the 1009 Ethernet-like Interface Types", RFC 3635, September 2003. 1011 draft-ietf-pwe3-enet-mib-14 August 2009 1013 [RFC4448] Martini, L., Rosen, E., El-Aawar, N., and G. Heron, 1014 "Encapsulation Methods for Transport of Ethernet over MPLS 1015 Networks", RFC 4448, April 2006. 1017 [RFC4502] Waldbusser, S., "Remote Network Monitoring Management 1018 Information Base Version 2", RFC 4502, May 2006. 1020 [RFC4363] Levi, D., Harrington, D, "Definitions of Managed 1021 Objects for Bridges with Traffic", RFC 4363, 1022 January 2006. 1024 13.2. Informative References 1026 [PWMPLSMIB] 1027 Zelig, D. and T. Nadeau, "Pseudowire (PW) Over MPLS PSN 1028 Management Information Base", work-in-progress . 1030 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 1031 "Introduction and Applicability Statements for Internet- 1032 Standard Management Framework", RFC 3410, December 2002. 1034 [RFC3916] Xiao, X., McPherson, D., and P. Pate, "Requirements for 1035 Pseudo-Wire Emulation Edge-to-Edge (PWE3)", RFC 3916, 1036 September 2004. 1038 [RFC3985] Bryant, S. and P. Pate, "Pseudo Wire Emulation Edge-to- 1039 Edge (PWE3) Architecture", RFC 3985, March 2005. 1041 [RFC4664] Andersson, L. and E. Rosen, "Framework for Layer 2 Virtual 1042 Private Networks (L2VPNs)", RFC 4664, September 2006. 1044 Authors' Addresses 1046 David Zelig (editor) 1047 Corrigent Systems 1048 126, Yigal Alon St. 1049 Tel Aviv, 1050 Israel 1052 Phone: +972 3 6945 273 1053 Email: davidz@corrigent.com 1055 Thomas D. Nadeau (editor) 1056 BT 1057 BT Centre 1058 draft-ietf-pwe3-enet-mib-14 August 2009 1060 81 Newgate Street 1061 London EC1A 7AJ 1062 United Kingdom 1064 Email: tom.nadeau@bt.com 1066 Acknowledgment 1068 Funding for the RFC Editor function is provided by the IETF 1069 Administrative Support Activity (IASA). 1071 This document was produced by the PWE3 Working Group. Special 1072 thanks to Orly Nicklass for close review and good suggestions.