idnits 2.17.1 draft-ietf-pwe3-pw-mpls-mib-05.txt: ** The Abstract section seems to be numbered Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == There are 3 instances of lines with non-ascii characters in the document. == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Abstract section. (A line matching the expected section header was found, but with an unexpected indentation: ' 1 Abstract' ) ** The document seems to lack an Introduction section. (A line matching the expected section header was found, but with an unexpected indentation: ' Introduction and Applicability Statements for Internet-' ) ** The document seems to lack a Security Considerations section. (A line matching the expected section header was found, but with an unexpected indentation: ' 8 Security Considerations' ) ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) (A line matching the expected section header was found, but with an unexpected indentation: ' 9 IANA considerations' ) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == Line 207 has weird spacing: '...is only a...' == Line 230 has weird spacing: '...N |PWin inSeg...' == Line 234 has weird spacing: '...| inSeg outSe...' == The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but does not include the phrase in its RFC 2119 key words list. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (February 2004) is 7375 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Missing reference section? 'PW-MIB' on line 1241 looks like a reference -- Missing reference section? 'BCP14' on line 1275 looks like a reference -- Missing reference section? 'PWARCH' on line 1231 looks like a reference -- Missing reference section? 'PWREQ' on line 1234 looks like a reference -- Missing reference section? 'PWCNTRL' on line 107 looks like a reference -- Missing reference section? 'MPLSArch' on line 1250 looks like a reference -- Missing reference section? 'TRANS' on line 126 looks like a reference -- Missing reference section? 'RFC3410' on line 1293 looks like a reference -- Missing reference section? 'RFC2578' on line 1278 looks like a reference -- Missing reference section? 'RFC2579' on line 1283 looks like a reference -- Missing reference section? 'RFC2580' on line 1287 looks like a reference -- Missing reference section? 'CEPMIB' on line 185 looks like a reference -- Missing reference section? 'PWTC' on line 1237 looks like a reference -- Missing reference section? 'TEMIB' on line 1262 looks like a reference -- Missing reference section? 'LSRMIB' on line 1258 looks like a reference -- Missing reference section? 'PWTCMIB' on line 1222 looks like a reference -- Missing reference section? 'IF-MIB' on line 1244 looks like a reference -- Missing reference section? 'LblStk' on line 1254 looks like a reference -- Missing reference section? 'MPLSTCMIB' on line 1266 looks like a reference -- Missing reference section? 'LDP' on line 1272 looks like a reference Summary: 6 errors (**), 0 flaws (~~), 7 warnings (==), 22 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet Draft David Zelig 3 Expires: August 2004 Corrigent Systems 5 A. Malis Thomas D. Nadeau 6 Tellabs, Inc. Cisco Systems, Inc. 8 Sharon Mantin Dave Danenberg 9 AxONLinks 11 February 2004 13 Pseudo Wire (PW) over MPLS PSN Management Information Base 15 draft-ietf-pwe3-pw-mpls-mib-05.txt 17 Status of this Memo 19 This document is an Internet-Draft and is in full conformance 20 with all provisions of Section 10 of RFC2026. 22 Internet-Drafts are working documents of the Internet Engineering 23 Task Force (IETF), its areas, and its working groups. Note that 24 other groups may also distribute working documents as Internet- 25 Drafts. 27 Internet-Drafts are draft documents valid for a maximum of six 28 months and may be updated, replaced, or obsoleted by other 29 documents at any time. It is inappropriate to use Internet-Drafts 30 as reference material or to cite them other than as "work in 31 progress." 33 The list of current Internet-Drafts can be accessed at 34 http://www.ietf.org/ietf/1id-abstracts.txt 35 The list of Internet-Draft Shadow Directories can be accessed at 36 http://www.ietf.org/shadow.html. 38 Copyright (C) The Internet Society (2001). All rights reserved. 40 1 Abstract 42 This memo defines an experimental portion of the Management 43 Information Base (MIB) for use with network management protocols in 44 the Internet community. In particular, it describes a MIB module 45 for PW operation over Multi-Protocol Label Switching (MPLS) Label 46 Switch Router (LSR). 48 Pseudo Wire (PW) Over MPLS February 2004 49 Management Information Base 51 Table of Contents 53 1 Abstract.......................................................1 54 2 Introduction...................................................2 55 3 Terminology....................................................3 56 4 The Internet-Standard Management Framework.....................3 57 5 Feature Checklist..............................................4 58 6 MIB module usage...............................................4 59 6.1 PW MPLS MIB module usage.....................................4 60 6.2 Example of MIB module usage..................................6 61 7 Object definitions.............................................7 62 8 Security Considerations.......................................23 63 9 IANA considerations...........................................24 64 10 References..................................................24 65 10.1 Normative references........................................24 66 10.2 Informative references......................................25 67 11 Author's Addresses..........................................26 68 12 Full Copyright Statement....................................26 69 13 Intellectual Property Notice................................27 71 2 Introduction 73 This document describes a model for managing pseudo wire services 74 for transmission over different flavors of MPLS tunnels. The 75 general PW MIB module [PW-MIB] defines the parameters global to the 76 PW regardless of underlying PSN and emulated service. Indicating 77 PSN type of MPLS in PW-MIB references this module. 79 This document describes the MIB objects that define pseudo wire 80 association to the MPLS PSN, in a way that is not specific to the 81 carried service. 83 Together, [TEMIB and LSRMIB], describe the modeling of an MPLS 84 Tunnel, and a Tunnel's underlying cross-connects. The defined MIB 85 support MPLS-TE PSN, Non TE MPLS PSN (an outer tunnel created by 86 LDP or manually), and MPLS PW label only (no outer tunnel). 88 Some flavors of MPLS, such as carrying PW in MPLS in IP and MPLS in 89 GRE are not defined here, waiting to the WG documents that will 90 describe the exact MPLS functionality. It still for further study 91 whether this functionality will be treated in this MIB module or in 92 another one specific to IP PSN. 94 Pseudo Wire (PW) Over MPLS February 2004 95 Management Information Base 97 Conventions used in this document 99 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 100 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in 101 this document are to be interpreted as described in RFC-2119 102 [BCP14]. 104 3 Terminology 106 This document uses terminology from the document describing the PW 107 architecture [PWARCH], [PWREQ] and [PWCNTRL]. 109 The terms "Outbound" and "Inbound" in this MIB module are based on 110 the common practice in the MPLS standards, i.e. "outbound" are 111 toward the PSN. However, where these terms are used in an object 112 name, the object description clarifies the exact packet direction 113 to prevent confusion with these terms in other documents. 115 "PSN Tunnel" is a general term indicating a virtual connection 116 between the two PWE3 edge devices. Each tunnel may potentially 117 carry multiple PWs inside. In the scope of this document, it is 118 MPLS tunnel. 120 This document uses terminology from the document describing the 121 MPLS architecture [MPLSArch] for MPLS PSN. A Label Switched Path 122 (LSP) is modeled as described in [LSRMIB and TEMIB] via a series of 123 cross-connects through 1 or more Label switch routers (LSR). 125 In MPLS PSN, a PW connection typically uses a PW Label within a 126 Tunnel Label [TRANS]. Multiple pseudo wires each with a unique PW 127 Label can share the same Tunnel. For PW transport over MPLS, the 128 Tunnel Label is known as the "outer" Label, while the PW Label is 129 known as the "inner" Label. An exception to this is with adjacent 130 LSRs or the use of PHP. In this case, there is an option for PWs to 131 connect directly without an outer Label. 133 4 The Internet-Standard Management Framework 135 For a detailed overview of the documents that describe the current 136 Internet-Standard Management Framework, please refer to section 7 137 of RFC 3410 [RFC3410]. 139 Managed objects are accessed via a virtual information store, 140 termed the Management Information Base or MIB. MIB objects are 141 generally accessed through the Simple Network Management Protocol 142 (SNMP). Objects in the MIB are defined using the mechanisms defined 143 in the Structure of Management Information (SMI). This memo 144 specifies a MIB module that is compliant to the SMIv2, which is 145 described in STD 58,RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] 146 and STD 58, RFC 2580 [RFC2580]. 148 Pseudo Wire (PW) Over MPLS February 2004 149 Management Information Base 151 5 Feature Checklist 153 The PW MPLS MIB module is designed to satisfy the following 154 requirements and constraints: 156 - The MIB module supports both manually configured and signaled 157 PWs. 159 - The MIB module supports point-to-point PW connections. 161 - The MIB module enables the use of any emulated service. 163 - The MIB supports MPLS-TE outer tunnel, Non TE MPLS outer tunnel 164 (an outer tunnel signaled by LDP or set-up manually), and no 165 outer tunnel (where the PW label is the only label in the 166 incoming MPLS stack). The later case is applicable for manual 167 configuration of PW over a single hop (in multiple hops case, it 168 is required to have an outer MPLS tunnel). 170 6 MIB module usage 172 The MIB module structure for defining a PW service is composed from 173 three types of modules. 175 The first type is the PW MIB module [PW-MIB], which configures 176 general parameters of the PW that are common to all types of 177 emulated services and PSN. 179 The second type of modules is per PSN module. There is a separate 180 module for each type of PSN. This document defines the MIB module 181 for MPLS (PW-MPLS-MIB). 183 The third type of modules is service-specific module, which is 184 emulated signal type dependent. These modules are defined in other 185 documents; see for example [CEPMIB]. 187 [PWTC] defines some of the object types used in this module. 189 6.1 PW MPLS MIB module usage 191 - The PW table (pwVcTable) in [PW-MIB] is used for all PW types 192 (ATM, FR, Ethernet, SONET, etc.). This table contains high level 193 generic parameters related to the PW creation. A row is created by 194 the operator for each PW service. 196 - If the PSN type in pwVcTable is MPLS, the agent create a row in 197 the MPLS specific parameters table (pwMplsVcTable) in PW MPLS MIB, 198 Pseudo Wire (PW) Over MPLS February 2004 199 Management Information Base 201 which contain MPLS specific parameters such as EXP bits handling 202 and outer tunnel configuration. 204 - The operator configures the association to the desired MPLS 205 tunnel (require for MPLS TE tunnels or manually configured PWs) 206 through the pwMplsTeOutbaoundTable. For LDP based outer tunnel, 207 there is no need for manula configuration since there is only a 208 single tunnel toward the peer. 210 - The agent creates rows in the MPLS mapping table in order to 211 allow quick retrieval of information based on the tunnel indexes. 213 The relation to the MPLS network is by configuration of the edge 214 LSR only - that is to say, the LSR providing the PW function. Since 215 Tunnels are uni-directional, a pair of tunnels must exist (one for 216 inbound, one for outbound). The following graphic depicts a VC that 217 originates and terminates at LSR-M. It uses LSPs A and B formed by 218 Tunnels Ax and Bx continuing through LSR-N to LSR-P. The 219 concatenations of Tunnels create the LSPs. Note: 'X' denotes a 220 Tunnel's cross-connect. 222 LSP-A 223 <- - - - - - - - - - - - - - - - - - - - - - - - - - - - 225 +---- (edge) LSR-M ---+ +--------- LSR-N ---------+ + LSR-P 226 |---+ | | | | 227 | | Tunnel | | Tunnel | | 228 + | A1 (M<-N) +----+ +----+ A2 (M<-P) +----+ +----+ 229 | | <------| | | |<--------------| | | | 230 <-->| N |PWin inSeg |MPLS| |MPLS| outSeg inSeg |MPLS| |MPLS| 231 N S | | <---X<-----| IF | | IF |<------X<------| IF | | IF | 232 A E | S | | |<-->| | | |<-->| | | 233 T R | | --->X----->| | | |------>X------>| | | | 234 I V | P |PWout outSeg| | | | inSeg outSeg | | | | 235 V I | | ------>| | | |-------------->| | | | 236 E C + | Tunnel +----+ +----+ Tunnel +----+ +----+ 237 E |---+ B1 (M->N) | | B2 (M->P) | | 238 | | | | | 239 +---------------------+ +-------------------------+ +----- 241 - - - - - - - - - - - - - - - - - - - - - - - - - - - -> 242 LSP-B 244 The PW-MPLS-MIB supports three options for MPLS network: 246 - In the MPLS-TE case, Tunnel A1 and B1 are created via the MPLS-TE 247 MIB [TEMIB]. The tunnels are associated to the PW by the (4) 248 indexes that uniquely identify the Tunnel at the TE-MIB. 250 Pseudo Wire (PW) Over MPLS February 2004 251 Management Information Base 253 - In the Non TE case, Tunnel A1 and B1 are either manually 254 configured or set up with LDP. The tunnels are associated to the PW 255 by the XC index in the MPLS-LSR-MIB [LSRMIB]. 257 - In the PW label only case, there is no outer tunnel on top of the 258 PW label. This case is useful in case of adjacent PEs in manual 259 configuration mode. Note that when LSR-N acts as PHP for the outer 260 tunnel label, there are still entries for the outer tunnel in the 261 relevant MPLS MIB modules. 263 A combination of MPLS-TE outer tunnel(s) and LDP outer tunnel for 264 the same PW is allowed through the pwVcMplsOutboundTunnel. The 265 current tunnel which is used to forward traffic is indicated in the 266 object pwVcMplsOutboundTunnelTypeInUse. 268 The PW MPLS MIB module reports through the inbound table the XC 269 entry in the LDP-STD_MIB of the PW which were signaled through LDP. 271 This MIB module assumes that a single PW can be associated to one 272 MPLS-TE tunnel at a time. This tunnel may be composed of multiple 273 instances (i.e. LSP), each represented by a separate instance 274 index. The current active LSP is reported through this MIB module. 276 It is worth noting that inbound (tunnel originated in the remote 277 PE) mapping is nor configured nor reported through the PW MPLS MIB 278 module since the local PE does not know the inbound association 279 between specific PW and MPLS tunnels. 281 6.2 Example of MIB module usage 283 Please see [PW-MIB] for detailed MIB usage example. 285 Pseudo Wire (PW) Over MPLS February 2004 286 Management Information Base 288 7 Object definitions 290 PW-MPLS-DRAFT05-MIB DEFINITIONS ::= BEGIN 292 IMPORTS 293 MODULE-IDENTITY, OBJECT-TYPE, 294 Unsigned32 295 FROM SNMPv2-SMI 297 MODULE-COMPLIANCE, OBJECT-GROUP 298 FROM SNMPv2-CONF 300 StorageType 301 FROM SNMPv2-TC 303 InterfaceIndexOrZero 304 FROM IF-MIB 306 MplsTunnelIndex, MplsTunnelInstanceIndex, 307 MplsLdpIdentifier, MplsLsrIdentifier 308 FROM MPLS-TC-STD-MIB 310 MplsIndexType 311 FROM MPLS-LSR-STD-MIB 313 PwVcIndexType, pwStdMIB 314 FROM PW-TC-DRAFT04-MIB 316 pwVcIndex 317 FROM PW-DRAFT04-MIB 319 ; 321 pwVcMplsMIB MODULE-IDENTITY 322 LAST-UPDATED "200402121200Z" -- 12 February 2004 12:00:00 GMT 323 ORGANIZATION "Pseudo Wire Edge to Edge Emulation (PWE3) Working 324 Group" 325 CONTACT-INFO 326 " 327 David Zelig 328 Postal: Corrigent Systems 329 126, Yigal Alon St. 330 Tel Aviv, ISRAEL 331 Phone: +972-3-6945273 332 E-mail: davidz@corrigent.com 334 Thomas D. Nadeau 335 Postal: Cisco Systems, Inc. 336 250 Apollo Drive 337 Chelmsford, MA 01824 338 Tel: +1-978-497-3051 339 Pseudo Wire (PW) Over MPLS February 2004 340 Management Information Base 342 Email: tnadeau@cisco.com 344 Dave Danenberg 345 Email: dave_danenberg@yahoo.com 347 Sharon Mantin 348 Postal: AxONLink (Israel) Ltd 349 9 Bareket St. 350 Petah Tikva 49517, Israel 351 Tel: +972-3-9263972 352 Email: sharon.mantin@axonlink.com 354 The PWE3 Working Group (email distribution pwe3@ietf.org, 355 http://www.ietf.org/html.charters/pwe3-charter.html) 356 " 357 DESCRIPTION 358 "This MIB module complements the PW MIB module for PW 359 operation over MPLS. 361 Copyright (C) The Internet Society (date). This version 362 of this MIB module is part of RFC yyyy; see the RFC 363 itself for full legal notices. 364 -- RFC Ed.: replace yyyy with actual RFC number & remove this note 365 " 367 -- Revision history. 369 REVISION 370 "200402121200Z" -- 12 February 2004 12:00:00 GMT 371 DESCRIPTION 373 -- To be udated if these changes will be agreed 374 "Draft-ietf-pwe3-pw-mpls-mib-05 version. Changes from 375 previous version: 376 1) Add inbound/outbound index for the nonTe mapping table 377 2) Clarify the pwVcMplsTeMappingTunnelInstance usage in 378 pwVcMplsTeMappingTable. 379 3) Remove an index from pwVcMplsOutboundTable and adding 380 an indication of Te or non-TE usage. 381 4) Removing the RowStatus from the outbound tables since it 382 possible to configure a PW to a single TE tunnel head-end 383 and/or a single nonTE tunnel, so the agent can open the 384 row automatically. 385 5) Adding a nonTe inbound table in order to enable a quick 386 search for a PW based on pwVcIndex. 387 " 388 REVISION 389 "200311301200Z" -- 30 November 2003 12:00:00 EST 390 DESCRIPTION 391 "Draft-ietf-pwe3-pw-mpls-mib-04 version. Changes from 392 previous version: 394 Pseudo Wire (PW) Over MPLS February 2004 395 Management Information Base 397 1) Adapting description to MIB boilerplate. 398 2) Module OID changed to PWE3 tree. 399 3) Sync descriptions of various items to table structure and 400 removing unnecessary references. 401 " 402 REVISION 403 "200307291200Z" -- 29 July 2003 12:00:00 EST 404 DESCRIPTION 405 "Draft-ietf-pwe3-pw-mpls-mib-02 version. Changes from 406 previous version: 407 1) Removing inbound table (no strict mode and no knowledge 408 of inbound tunnel). 409 2) Provisioning (i.e. RowCreate) done via mapping tables. 410 Outbound table is now read only for sorted search for 411 pwVcIndex. 412 " 414 REVISION 415 "200206021200Z" -- 02 June 2002 12:00:00 EST 416 DESCRIPTION 417 "Draft-ietf-pwe3-pw-mpls-mib-00 version. Changes from 418 previous version: 419 1) Splitting the mapping table into two tables, one for 420 Non TE application and one for TE application. 421 2) Object types alignment with MPLS MIBs. 422 " 423 REVISION 424 "200201291200Z" -- 29 January 2002 12:00:00 EST 425 DESCRIPTION 426 "Changes from previous version: 427 1) Add LDP entity association. 428 2) Clarify inbound/outbound directions. 429 3) Simplify indexing of outbound and inbound tables 430 and providing get next variables. 431 " 432 REVISION 433 "200111071200Z" -- 7 November 2001 12:00:00 EST 434 DESCRIPTION 435 "Changes from previous version: 436 1) Remove Vc instance from table indexing. 437 2) Update descriptions of indexing and protection. 438 3) Remove the need for MPLS-LSR in case of VC only. 439 4) Change pwVcMplsMplsType to BITS in order to enable 440 multiple types of outer tunnel. 441 5) Add ifindex to outer tunnel tables to support vcOnly 442 option. 443 6) change naming of outbound, inbound and mapping tables to 444 reflect addition of VC only port ifindexes. 445 7) Adapt order of items in mapping table to SNMP convention. 446 " 447 REVISION 448 Pseudo Wire (PW) Over MPLS February 2004 449 Management Information Base 451 "200107111200Z" -- July 11 2001 12:00:00 EST 452 DESCRIPTION 453 "draft-zelig-pw-mib-00.txt - initial version" 455 ::= { pwStdMIB 3 } -- To be assigned by IANA 457 -- Top-level components of this MIB. 459 -- Tables, Scalars 460 pwVcMplsObjects OBJECT IDENTIFIER 461 ::= { pwVcMplsMIB 1 } 462 -- Conformance 463 pwVcMplsConformance OBJECT IDENTIFIER 464 ::= { pwVcMplsMIB 2 } 466 -- PW MPLS table 468 pwVcMplsTable OBJECT-TYPE 469 SYNTAX SEQUENCE OF PwVcMplsEntry 470 MAX-ACCESS not-accessible 471 STATUS current 472 DESCRIPTION 473 "This table controls MPLS specific parameters when the PW is 474 going to be carried over MPLS PSN." 475 ::= { pwVcMplsObjects 1 } 477 pwVcMplsEntry OBJECT-TYPE 478 SYNTAX PwVcMplsEntry 479 MAX-ACCESS not-accessible 480 STATUS current 481 DESCRIPTION 482 "A row in this table represents parameters specific to MPLS 483 PSN for a pseudo wire (PW). The row is created 484 automatically by the local agent if the pwVcPsnType is 485 MPLS. It is indexed by pwVcIndex, which uniquely 486 identifying a singular PW. 487 " 489 INDEX { pwVcIndex } 491 ::= { pwVcMplsTable 1 } 493 PwVcMplsEntry ::= SEQUENCE { 494 pwVcMplsMplsType BITS, 495 pwVcMplsExpBitsMode INTEGER, 496 pwVcMplsExpBits Unsigned32, 497 pwVcMplsTtl Unsigned32, 498 pwVcMplsLocalLdpID MplsLdpIdentifier, 499 pwVcMplsLocalLdpEntityID MplsLsrIdentifier, 500 pwVcMplsPeerLdpID MplsLdpIdentifier, 501 pwVcMplsStorageType StorageType 502 Pseudo Wire (PW) Over MPLS February 2004 503 Management Information Base 505 } 507 pwVcMplsMplsType OBJECT-TYPE 508 SYNTAX BITS { 509 mplsTe (0), 510 mplsNonTe (1), 511 vcOnly (2) 512 } 513 MAX-ACCESS read-write 514 STATUS current 515 DESCRIPTION 516 "Set by the operator to indicate the outer tunnel types, if 517 exists. mplsTe is used if the outer tunnel was set-up by 518 MPLS-TE, and mplsNonTe is used the outer tunnel was set up 519 by LDP or manually. Combination of mplsTe and mplsNonTe 520 may exist together. 521 vcOnly is used if there is no outer tunnel label, i.e. in 522 static provisioning without MPLS tunnel. vcOnly 523 cannot be combined with mplsNonTe or mplsTe." 524 DEFVAL { { mplsNonTe } } 525 ::= { pwVcMplsEntry 1 } 527 pwVcMplsExpBitsMode OBJECT-TYPE 528 SYNTAX INTEGER { 529 outerTunnel (1), 530 specifiedValue (2), 531 serviceDependant (3) 532 } 534 MAX-ACCESS read-write 535 STATUS current 536 DESCRIPTION 537 "Set by the operator to indicate the way the PW shim label 538 EXP bits are to be determined. The value of outerTunnel(1) 539 is used where there is an outer tunnel - pwVcMplsMplsType 540 is mplsTe or mplsNonTe. Note that in this case there is no 541 need to mark the PW label with the EXP bits since the PW 542 label is not visible to the intermediate nodes. 543 If there is no outer tunnel, specifiedValue(2) indicate 544 that the value is specified by pwVcMplsExpBits, and 545 serviceDependant(3) indicate that the EXP bits are setup 546 based on a rule specified in the emulated service specific 547 tables, for example when the EXP bits are a function of 548 802.1p marking for Ethernet emulated service." 550 DEFVAL { outerTunnel } 551 ::= { pwVcMplsEntry 2 } 553 pwVcMplsExpBits OBJECT-TYPE 554 SYNTAX Unsigned32 (0..7) 555 Pseudo Wire (PW) Over MPLS February 2004 556 Management Information Base 558 MAX-ACCESS read-write 559 STATUS current 560 DESCRIPTION 561 "Set by the operator to indicate the MPLS EXP bits to be 562 used on the PW shim label if pwVcMplsExpBitsMode is 563 specifiedValue(2), zero otherwise." 564 DEFVAL { 0 } 565 ::= { pwVcMplsEntry 3 } 567 pwVcMplsTtl OBJECT-TYPE 568 SYNTAX Unsigned32 (0..255) 569 MAX-ACCESS read-write 570 STATUS current 571 DESCRIPTION 572 "Set by the operator to indicate the PW TTL bits to be used 573 on the PW shim label." 574 DEFVAL { 2 } 575 ::= { pwVcMplsEntry 4 } 577 pwVcMplsLocalLdpID OBJECT-TYPE 578 SYNTAX MplsLdpIdentifier 579 MAX-ACCESS read-write 580 STATUS current 581 DESCRIPTION 582 "The local LDP identifier of the LDP entity creating 583 this PW in the local node. As the PW labels are always 584 set from the per platform label space, the last two octets 585 in the LDP ID MUST be always both zeros." 586 REFERENCE 587 "'LDP specifications', RFC 3036 section 2.2.2." 588 ::= { pwVcMplsEntry 5 } 590 pwVcMplsLocalLdpEntityID OBJECT-TYPE 591 SYNTAX MplsLsrIdentifier 592 MAX-ACCESS read-write 593 STATUS current 594 DESCRIPTION 595 "The local node LDP Entity index of the LDP entity creating 596 this PW. Should be set to all zeros if not used." 597 ::= { pwVcMplsEntry 6 } 599 pwVcMplsPeerLdpID OBJECT-TYPE 600 SYNTAX MplsLdpIdentifier 601 MAX-ACCESS read-only 602 STATUS current 603 DESCRIPTION 604 "The peer LDP identifier as identified from the LDP 605 session. Should be zero if not relevant or not known yet." 606 ::= { pwVcMplsEntry 7 } 608 pwVcMplsStorageType OBJECT-TYPE 609 Pseudo Wire (PW) Over MPLS February 2004 610 Management Information Base 612 SYNTAX StorageType 613 MAX-ACCESS read-write 614 STATUS current 615 DESCRIPTION 616 "This variable indicates the storage type for this row." 617 ::= { pwVcMplsEntry 8 } 619 -- End of PW MPLS table 621 -- Pseudo Wire MPLS Outbound Tunnel table 623 pwVcMplsOutboundTable OBJECT-TYPE 624 SYNTAX SEQUENCE OF PwVcMplsOutboundEntry 625 MAX-ACCESS not-accessible 626 STATUS current 627 DESCRIPTION 628 "This table reports and configure the current outbound MPLS 629 tunnels (i.e. toward the PSN) or the physical interface in 630 case of PW label only that carry the PW traffic. It also 631 reports the current outer tunnel and LSP which forward the 632 PW traffic." 633 ::= { pwVcMplsObjects 2 } 635 pwVcMplsOutboundEntry OBJECT-TYPE 636 SYNTAX PwVcMplsOutboundEntry 637 MAX-ACCESS not-accessible 638 STATUS current 639 DESCRIPTION 640 "A row in this table configured the outer tunnel used for 641 carrying the PW traffic toward the PSN. 642 In the case of PW label only, it configures the interface 643 that will carry the PW traffic. 645 An entry in this table augments the pwVcMplsEntry. 647 This table points to the appropriate MPLS MIB. In the case 648 of MPLS-TE, the 3 variables relevant to the indexing of 649 a TE tunnel head-end are used as in MPLS-TE-STD-MIB are to 650 be configured, and the tunnel instance indicates the 651 LSP that is currently in use for forwarding the traffic. 653 In case of signaled Non-TE MPLS (an outer tunnel label 654 assigned by LDP) the table points to the XC entry in the 655 LSR-STD-MIB. If the Non-TE MPLS tunnel is manually 656 configured, the operator configure the XC pointer to this 657 tunnel. 659 In case of PW label only (no outer tunnel) the ifIndex of 660 the port to carry the PW is configured here. 662 It is possible to associate a PW to one TE tunnel head-end 663 Pseudo Wire (PW) Over MPLS February 2004 664 Management Information Base 666 and a non-TE tunnel together. An indication in this table 667 will report the currently active one, In addition, in the 668 TE case the table reports also report the active tunnel 669 instance (i.e. the specific LSP). 670 " 672 AUGMENTS { pwVcMplsEntry } 674 ::= { pwVcMplsOutboundTable 1 } 676 PwVcMplsOutboundEntry ::= SEQUENCE { 677 pwVcMplsOutboundLsrXcIndex MplsIndexType, 678 pwVcMplsOutboundTunnelIndex MplsTunnelIndex, 679 pwVcMplsOutboundTunnelInstance MplsTunnelInstanceIndex, 680 pwVcMplsOutboundTunnelLclLSR MplsLsrIdentifier, 681 pwVcMplsOutboundTunnelPeerLSR MplsLsrIdentifier, 682 pwVcMplsOutboundIfIndex InterfaceIndexOrZero, 683 pwVcMplsOutboundTunnelTypeInUse INTEGER 684 } 686 pwVcMplsOutboundLsrXcIndex OBJECT-TYPE 687 SYNTAX MplsIndexType 688 MAX-ACCESS read-write 689 STATUS current 690 DESCRIPTION 691 "This object is applicable if pwVcMplsMplsType 'mplsNonTe' 692 bit is set, and MUST return a value of zero otherwise. 693 If the outer tunnel is signaled, the object is read-only 694 and indicate the XC index in the MPLS-LSR-STD-MIB of the 695 outer tunnel toward the peer. Otherwise (tunnel is set-up 696 manually) the operator define the XC index of the manually 697 created outer tunnel through this object. 698 " 699 ::= { pwVcMplsOutboundEntry 1 } 701 pwVcMplsOutboundTunnelIndex OBJECT-TYPE 702 SYNTAX MplsTunnelIndex 703 MAX-ACCESS read-write 704 STATUS current 705 DESCRIPTION 706 "This object is applicable if pwVcMplsMplsType 'mplsTe' 707 bit is set, and MUST return a value of zero otherwise. 708 It is Part of set of indexes for outbound tunnel. 709 The operator set this object to represent the desired 710 tunnel head-end toward the peer for carrying the PW 711 traffic. 712 " 713 ::= { pwVcMplsOutboundEntry 2 } 715 pwVcMplsOutboundTunnelInstance OBJECT-TYPE 716 SYNTAX MplsTunnelInstanceIndex 717 Pseudo Wire (PW) Over MPLS February 2004 718 Management Information Base 720 MAX-ACCESS read-only 721 STATUS current 722 DESCRIPTION 723 "This object is applicable if pwVcMplsMplsType 'mplsTe' 724 bit is set, and MUST return a value of zero otherwise. 725 It indicates the actual tunnel instance that is currently 726 active and carryng the PW traffic - it should return the 727 value of zero until if the information from the MPLS-TE 728 application is not yet known. 729 " 730 ::= { pwVcMplsOutboundEntry 3 } 732 pwVcMplsOutboundTunnelLclLSR OBJECT-TYPE 733 SYNTAX MplsLsrIdentifier 734 MAX-ACCESS read-write 735 STATUS current 736 DESCRIPTION 737 "This object is applicable if pwVcMplsMplsType 'mplsTe' 738 bit is set, and MUST return a value of all zeros otherwise. 739 It is part of set of indexes for outbound tunnel. 740 The operator set this object to represent the desired 741 tunnel head-end toward the peer for carrying the PW 742 traffic. 743 " 744 ::= { pwVcMplsOutboundEntry 4 } 746 pwVcMplsOutboundTunnelPeerLSR OBJECT-TYPE 747 SYNTAX MplsLsrIdentifier 748 MAX-ACCESS read-only 749 STATUS current 750 DESCRIPTION 751 "This object is applicable if pwVcMplsMplsType 'mplsTe' 752 bit is set, and MUST return a value of zero otherwise. 753 It is part of set of indexes for outbound tunnel. 754 " 755 ::= { pwVcMplsOutboundEntry 5 } 757 pwVcMplsOutboundIfIndex OBJECT-TYPE 758 SYNTAX InterfaceIndexOrZero 759 MAX-ACCESS read-only 760 STATUS current 761 DESCRIPTION 762 "This object is applicable if pwVcMplsMplsType 'mplsTe' 763 bit is set, and MUST return a value of zero otherwise. 764 The operator configure the ifIndex of the outbound port 765 in this case. 766 " 767 ::= { pwVcMplsOutboundEntry 6 } 769 pwVcMplsOutboundTunnelTypeInUse OBJECT-TYPE 770 SYNTAX INTEGER { 771 Pseudo Wire (PW) Over MPLS February 2004 772 Management Information Base 774 notYetKnown (1), 775 mplsTe (2), 776 mplsNonTe (3), 777 vcOnly (4) 778 } 779 MAX-ACCESS read-only 780 STATUS current 781 DESCRIPTION 782 "This object indicates the current tunnel that is carrying 783 the PW traffic. 784 The value of 'notYetKnown' should be used if the agent is 785 currently unable to determine which tunnel or interface is 786 carrying the PW, for example because both tunnels are in 787 operational status down. 788 " 789 ::= { pwVcMplsOutboundEntry 7 } 791 -- End of PW MPLS Outbound Tunnel table 793 -- PW MPLS inbound table 795 pwVcMplsInboundTable OBJECT-TYPE 796 SYNTAX SEQUENCE OF PwVcMplsInboundEntry 797 MAX-ACCESS not-accessible 798 STATUS current 799 DESCRIPTION 800 "This table indicates the PW LDP XC entry in the 801 MPLS-LSR-STD-MIB. 802 " 803 ::= { pwVcMplsObjects 3 } 805 pwVcMplsInboundEntry OBJECT-TYPE 806 SYNTAX PwVcMplsInboundEntry 807 MAX-ACCESS not-accessible 808 STATUS current 809 DESCRIPTION 810 "A row in this table is created in this table by the agent 811 for each signaled PW, and shows the XC index related to 812 the PW signaling in the inbound direction in the 813 MPLS-LSR-STD-MIB that controls and display the information 814 for all the LDP signaling processes in the local node. 815 " 817 INDEX { pwVcIndex } 819 ::= { pwVcMplsInboundTable 1 } 821 PwVcMplsInboundEntry ::= SEQUENCE { 822 pwVcMplsInboundXcIndex MplsIndexType 823 } 824 Pseudo Wire (PW) Over MPLS February 2004 825 Management Information Base 827 pwVcMplsInboundXcIndex OBJECT-TYPE 828 SYNTAX MplsIndexType 829 MAX-ACCESS read-only 830 STATUS current 831 DESCRIPTION 832 "The XC index representing this PW in the inbound 833 direction." 834 ::= { pwVcMplsInboundEntry 1 } 836 -- End of PW MPLS inbound table 838 -- PW to Non-TE mapping Table. 840 pwVcMplsNonTeMappingTable OBJECT-TYPE 841 SYNTAX SEQUENCE OF PwVcMplsNonTeMappingEntry 842 MAX-ACCESS not-accessible 843 STATUS current 844 DESCRIPTION 845 "This table indicates outbound Tunnel to a PW in non-TE 846 applications, maps the PW to it's (inbound) XC entry, and 847 indicates the PW to physical interface mapping for a PW 848 label to physical interface a PW label is in use without 849 outer tunnel. 850 " 851 ::= { pwVcMplsObjects 4 } 853 pwVcMplsNonTeMappingEntry OBJECT-TYPE 854 SYNTAX PwVcMplsNonTeMappingEntry 855 MAX-ACCESS not-accessible 856 STATUS current 857 DESCRIPTION 858 "A row in this table displays the association 859 between the PW and 860 - it's non-TE MPLS outbound outer Tunnel or, 861 - it's XC entry in the MPLS-LSR-STD-MIB, 862 - it's physical interface if there is no outer tunnel 863 (PW label only) and manual configuration. 865 Rows are created in this table by the by the 866 agent depending on the setting of pwVcMplsMplsType: 868 - If pwVcMplsMplsType 'mplsNonTe' bit is set, the agent 869 creates a row for the outbound direction 870 (pwVcMplsNonTeMappingDirection set to 'psnBound'). 871 The pwVcMplsNonTeMappingXcIndex holds the XC index in the 872 MPLS-LSR-STD-MIB of the PSN bound outer tunnel. 873 pwVcMplsNonTeMappingIfIndex MUST be zero for this row. 875 - If pwVcMplsMplsType 'vcOnly' bit is set, the agent 876 creates a row for the outbound direction 877 Pseudo Wire (PW) Over MPLS February 2004 878 Management Information Base 880 (pwVcMplsNonTeMappingDirection set to 'psnBound'). 881 The pwVcMplsNonTeMappingIfIndex holds the ifIndex of the 882 physical port this PW will use in the outbound direction. 883 pwVcMplsNonTeMappingXcIndex MUST be zero for this row. 885 - If the PW has been set-up by signaling protocol (i.e. 886 pwVcOwner equal 'pwIdFecSignaling' or 'genFecSignaling'), 887 the agent creates a row for the inbound direction 888 (pwVcMplsNonTeMappingDirection set to 'fromPsn'). 889 The pwVcMplsNonTeMappingXcIndex holds the XC index in the 890 MPLS-LSR-STD-MIB of the PW LDP generated XC entry. 891 pwVcMplsNonTeMappingIfIndex MUST be zero for this row. 893 An application can use this table to quickly retrieve the 894 PW carried over specific non-TE MPLS outer tunnel or 895 physical interface. 896 " 898 INDEX { pwVcMplsNonTeMappingDirection, 899 pwVcMplsNonTeMappingXcIndex, 900 pwVcMplsNonTeMappingIfIndex, 901 pwVcMplsNonTeMappingVcIndex } 903 ::= { pwVcMplsNonTeMappingTable 1 } 905 PwVcMplsNonTeMappingEntry ::= SEQUENCE { 906 pwVcMplsNonTeMappingDirection INTEGER, 907 pwVcMplsNonTeMappingXcIndex MplsIndexType, 908 pwVcMplsNonTeMappingIfIndex InterfaceIndexOrZero, 909 pwVcMplsNonTeMappingVcIndex PwVcIndexType 910 } 912 pwVcMplsNonTeMappingDirection OBJECT-TYPE 913 SYNTAX INTEGER { 914 psnBound (1), 915 fromPsn (2) 916 } 917 MAX-ACCESS not-accessible 918 STATUS current 919 DESCRIPTION 920 "Index for the conceptual XC row identifying Tunnel to PW 921 mappings, indicating the direction of packet flow the entry 922 is related too. 923 'psnBound' (1) indicates that the entry is related to 924 packets toward the PSN. 925 'fromPsn' (2) indicates that the entry is related to 926 packets coming from the PSN. 927 " 928 ::= { pwVcMplsNonTeMappingEntry 1 } 930 pwVcMplsNonTeMappingXcIndex OBJECT-TYPE 931 Pseudo Wire (PW) Over MPLS February 2004 932 Management Information Base 934 SYNTAX MplsIndexType 935 MAX-ACCESS not-accessible 936 STATUS current 937 DESCRIPTION 938 "See the description clause of pwVcMplsNonTeMappingEntry for 939 the usage guidelines of this object." 940 ::= { pwVcMplsNonTeMappingEntry 2 } 942 pwVcMplsNonTeMappingIfIndex OBJECT-TYPE 943 SYNTAX InterfaceIndexOrZero 944 MAX-ACCESS not-accessible 945 STATUS current 946 DESCRIPTION 947 "See the description clause of pwVcMplsNonTeMappingEntry for 948 the usage guidelines of this object." 949 ::= { pwVcMplsNonTeMappingEntry 3 } 951 pwVcMplsNonTeMappingVcIndex OBJECT-TYPE 952 SYNTAX PwVcIndexType 953 MAX-ACCESS read-only 954 STATUS current 955 DESCRIPTION 956 "The value that represent the PW in the pwVcTable." 957 ::= { pwVcMplsNonTeMappingEntry 4 } 959 -- End of PW to Non-TE mapping Table. 961 -- PW to TE MPLS tunnels mapping Table. 963 pwVcMplsTeMappingTable OBJECT-TYPE 964 SYNTAX SEQUENCE OF PwVcMplsTeMappingEntry 965 MAX-ACCESS not-accessible 966 STATUS current 967 DESCRIPTION 968 "This table enable the retrieval of a PW association to the 969 outbound MPLS tunnel for MPLS-TE applications." 970 ::= { pwVcMplsObjects 5 } 972 pwVcMplsTeMappingEntry OBJECT-TYPE 973 SYNTAX PwVcMplsTeMappingEntry 974 MAX-ACCESS not-accessible 975 STATUS current 976 DESCRIPTION 977 "A row in this table represents the association 978 between a PW and it's MPLS-TE outer (head-end) Tunnel. 980 An application can use this table to quickly retrieve the 981 list of the PWs that are configured on a specific MPLS TE 982 outer tunnel. 984 The pwVcMplsTeMappingTunnelInstance reports the actual 985 Pseudo Wire (PW) Over MPLS February 2004 986 Management Information Base 988 LSP out of the tunnel head-end that is currently 989 forwarding the traffic. 991 The table in indexed by the head-end indexes of a TE 992 tunnel and the PW index. 993 " 995 INDEX { pwVcMplsTeMappingTunnelIndex, 996 pwVcMplsTeMappingTunnelInstance, 997 pwVcMplsTeMappingTunnelPeerLsrID, 998 pwVcMplsTeMappingTunnelLocalLsrID, 999 pwVcMplsTeMappingVcIndex } 1001 ::= { pwVcMplsTeMappingTable 1 } 1003 PwVcMplsTeMappingEntry ::= SEQUENCE { 1004 pwVcMplsTeMappingTunnelIndex MplsTunnelIndex, 1005 pwVcMplsTeMappingTunnelInstance MplsTunnelInstanceIndex, 1006 pwVcMplsTeMappingTunnelPeerLsrID MplsLsrIdentifier, 1007 pwVcMplsTeMappingTunnelLocalLsrID MplsLsrIdentifier, 1008 pwVcMplsTeMappingVcIndex PwVcIndexType 1009 } 1011 pwVcMplsTeMappingTunnelIndex OBJECT-TYPE 1012 SYNTAX MplsTunnelIndex 1013 MAX-ACCESS not-accessible 1014 STATUS current 1015 DESCRIPTION 1016 "Primary index for the conceptual row identifying the 1017 MPLS-TE tunnel that is carrying the PW traffic." 1018 ::= { pwVcMplsTeMappingEntry 1 } 1020 pwVcMplsTeMappingTunnelInstance OBJECT-TYPE 1021 SYNTAX MplsTunnelInstanceIndex 1022 MAX-ACCESS not-accessible 1023 STATUS current 1024 DESCRIPTION 1025 "This object identify the MPLS-TE LSP that is carrying the 1026 PW traffic. Should return the value of zero if the 1027 information of the specific LSP is not yet known. 1028 Note that based on the recommendation in the 1029 MPLS-TC-STD-MIB, instance index 0 should refer to the 1030 configured tunnel interface." 1031 ::= { pwVcMplsTeMappingEntry 2 } 1033 pwVcMplsTeMappingTunnelPeerLsrID OBJECT-TYPE 1034 SYNTAX MplsLsrIdentifier 1035 MAX-ACCESS not-accessible 1036 STATUS current 1037 DESCRIPTION 1038 "Identifies the Peer LSR when the outer tunnel is MPLS-TE 1039 Pseudo Wire (PW) Over MPLS February 2004 1040 Management Information Base 1042 based." 1043 ::= { pwVcMplsTeMappingEntry 3 } 1045 pwVcMplsTeMappingTunnelLocalLsrID OBJECT-TYPE 1046 SYNTAX MplsLsrIdentifier 1047 MAX-ACCESS not-accessible 1048 STATUS current 1049 DESCRIPTION 1050 "Identifies the local LSR." 1051 ::= { pwVcMplsTeMappingEntry 4 } 1053 pwVcMplsTeMappingVcIndex OBJECT-TYPE 1054 SYNTAX PwVcIndexType 1055 MAX-ACCESS read-only 1056 STATUS current 1057 DESCRIPTION 1058 "The value that represent the PW in the pwVcTable." 1059 ::= { pwVcMplsTeMappingEntry 5 } 1061 -- End of PW to TE MPLS tunnels mapping Table. 1063 -- conformance information 1065 -- Note: Conformance at the object access and values level is 1066 -- still FFS, therefore current conformance is defined at the 1067 -- object existence level only. 1069 pwVcMplsGroups OBJECT IDENTIFIER ::= { pwVcMplsConformance 1 } 1070 pwVcMplsCompliances OBJECT IDENTIFIER ::= { pwVcMplsConformance 2 } 1072 pwMplsModuleCompliance MODULE-COMPLIANCE 1073 STATUS current 1074 DESCRIPTION 1075 "The compliance statement for agent that support PW 1076 over MPLS PSN operation." 1078 MODULE -- this module 1079 MANDATORY-GROUPS { pwVcMplsGroup, 1080 pwVcMplsOutboundGroup, 1081 pwVcMplsInboundGroup, 1082 pwVcMplsMappingGroup 1083 } 1085 ::= { pwVcMplsCompliances 1 } 1087 -- Units of conformance. 1089 pwVcMplsGroup OBJECT-GROUP 1090 OBJECTS { 1091 pwVcMplsMplsType, 1092 Pseudo Wire (PW) Over MPLS February 2004 1093 Management Information Base 1095 pwVcMplsExpBitsMode, 1096 pwVcMplsExpBits, 1097 pwVcMplsTtl, 1098 pwVcMplsLocalLdpID, 1099 pwVcMplsLocalLdpEntityID, 1100 pwVcMplsPeerLdpID, 1101 pwVcMplsStorageType 1102 } 1104 STATUS current 1105 DESCRIPTION 1106 "Collection of objects needed for PW over MPLS PSN 1107 configuration." 1108 ::= { pwVcMplsGroups 1 } 1110 pwVcMplsOutboundGroup OBJECT-GROUP 1111 OBJECTS { 1112 pwVcMplsOutboundLsrXcIndex, 1113 pwVcMplsOutboundTunnelIndex, 1114 pwVcMplsOutboundTunnelInstance, 1115 pwVcMplsOutboundTunnelLclLSR, 1116 pwVcMplsOutboundTunnelPeerLSR, 1117 pwVcMplsOutboundIfIndex, 1118 pwVcMplsOutboundTunnelTypeInUse 1119 } 1121 STATUS current 1122 DESCRIPTION 1123 "Collection of objects needed for outbound association of 1124 PW and MPLS tunnel." 1125 ::= { pwVcMplsGroups 2 } 1127 pwVcMplsInboundGroup OBJECT-GROUP 1128 OBJECTS { 1129 pwVcMplsInboundXcIndex 1130 } 1132 STATUS current 1133 DESCRIPTION 1134 "Collection of objects needed for inbound PW presentation. 1135 This group MUST be supported if PW signaling through LDP is 1136 used." 1137 ::= { pwVcMplsGroups 3 } 1139 pwVcMplsMappingGroup OBJECT-GROUP 1140 OBJECTS { 1141 pwVcMplsNonTeMappingVcIndex, 1142 pwVcMplsTeMappingVcIndex 1143 } 1144 Pseudo Wire (PW) Over MPLS February 2004 1145 Management Information Base 1147 STATUS current 1148 DESCRIPTION 1149 "Collection of objects needed for mapping association of 1150 PW and MPLS tunnel." 1151 ::= { pwVcMplsGroups 4 } 1153 END -- of PW MPLS MIB Module 1155 8 Security Considerations 1157 It is clear that this MIB module is potentially useful for 1158 monitoring of PW capable PEs. This MIB module can also be used for 1159 configuration of certain objects, and anything that can be 1160 configured can be incorrectly configured, with potentially 1161 disastrous results. 1163 There are a number of management objects defined in this MIB module 1164 with a MAX-ACCESS clause of read-write and/or read-create. Such 1165 objects may be considered sensitive or vulnerable in some network 1166 environments. The support for SET operations in a non-secure 1167 environment without proper protection can have a negative effect on 1168 network operations. These are the tables and objects and their 1169 sensitivity/vulnerability: 1171 o the pwVcMplsTable, pwVcMplsNonTeMappingTable and 1172 pwVcMplsTeMappingTable collectively contain objects to 1173 provision PW over MPLS tunnels. Unauthorized access to 1174 objects in these tables, could result in disruption of 1175 traffic on the network. The use of stronger mechanisms 1176 such as SNMPv3 security should be considered where 1177 possible. Specifically, SNMPv3 VACM and USM MUST be used 1178 with any v3 agent which implements this MIB module. 1179 Administrators should consider whether read access to these 1180 objects should be allowed, since read access may be 1181 undesirable under certain circumstances. 1183 Some of the readable objects in this MIB module "i.e., objects with 1184 a MAX-ACCESS other than not-accessible" may be considered sensitive 1185 or vulnerable in some network environments. It is thus important 1186 to control even GET and/or NOTIFY access to these objects and 1187 possibly to even encrypt the values of these objects when sending 1188 them over the network via SNMP. These are the tables and objects 1189 and their sensitivity/vulnerability: 1191 o the pwVcMplsTable, pwVcMplsNonTeMappingTable, 1192 pwVcMplsTeMappingTable and pwVcMplsOutboundTable 1193 collectively show the PW over MPLS association. 1194 If an Administrator does not want to reveal this 1195 information, then these tables should be 1196 Pseudo Wire (PW) Over MPLS February 2004 1197 Management Information Base 1199 considered sensitive/vulnerable. 1201 SNMP versions prior to SNMPv3 did not include adequate security. 1202 Even if the network itself is secure "for example by using IPSec", 1203 even then, there is no control as to who on the secure network is 1204 allowed to access and GET/SET "read/change/create/delete" the 1205 objects in this MIB module. 1207 It is RECOMMENDED that implementers consider the security features 1208 as provided by the SNMPv3 framework "see [RFC3410], section 8", 1209 including full support for the SNMPv3 cryptographic mechanisms "for 1210 authentication and privacy". 1212 Further, deployment of SNMP versions prior to SNMPv3 is NOT 1213 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 1214 enable cryptographic security. It is then a customer/operator 1215 responsibility to ensure that the SNMP entity giving access to an 1216 instance of this MIB module, is properly configured to give access 1217 to the objects only to those principals "users" that have 1218 legitimate rights to indeed GET or SET "change/create/delete" them. 1220 9 IANA considerations 1222 As requested in the PW-TC-STD-MIB [PWTCMIB], PWE3 related standards 1223 track MIB modules should be rooted under the pwStdMIB subtree. The 1224 IANA is requested to assign { pwStdMIB 3 } to the PW-MPLS-STD-MIB 1225 module specified in this document. 1227 10 References 1229 10.1 Normative references 1231 [PWARCH] Bryant, S., et al, "PWE3 Architecture", work-in- 1232 progress. 1234 [PWREQ] Xiao, X., et al, "Requirements for Pseudo Wire 1235 Emulation Edge-to-Edge (PWE3)", work-in-progress. 1237 [PWTC] Nadeau, T., et al, "Definitions for Textual Conventions 1238 and OBJECT-IDENTITIES for Pseudo-Wires Management", 1239 work-in-progress. 1241 [PW-MIB] Zelig, D., et al, "Pseudo Wire (PW) Management 1242 Information Base", work-in-progress. 1244 [IF-MIB] McCloghrie, K., Kastenholz, F., �The Interfaces Group 1245 MIB�, RFC 2863, June 2000. 1247 Pseudo Wire (PW) Over MPLS February 2004 1248 Management Information Base 1250 [MPLSArch] Rosen, E., Viswanathan, A., and R. Callon, 1251 "Multiprotocol Label Switching Architecture", RFC 3031, 1252 Jan 2001. 1254 [LblStk] Rosen, E., Rekhter, Y., Tappan, D., Farinacci, D., 1255 Federokow, G., Li, T., and A. Conta, "MPLS Label Stack 1256 Encoding", RFC 3032, January 2001. 1258 [LSRMIB] Srinivasan, C., Viswanathan, A., and Nadeau, T., "MPLS 1259 Label Switch Router Management Information Base Using 1260 SMIv2", work-in-progress. 1262 [TEMIB] Srinivasan, C., Viswanathan, A., and Nadeau, T., "MPLS 1263 Traffic Engineering Management Information Base Using 1264 SMIv2", work-in-progress. 1266 [MPLSTCMIB] Nadeau, T., Cucchiara, J., Srinivasan, C., Viswanathan, 1267 A., Sjostrand, H. and K. Kompella, "Definition of 1268 Textual Conventions and OBJECT-IDENTITIES for Multi- 1269 Protocol Label Switching (MPLS) Management", work-in- 1270 progress. 1272 [LDP] Andersson, L., et al, "LDP specification�, RFC 3036, 1273 January 2001. 1275 [BCP14] Bradner, S., "Key words for use in RFCs to Indicate 1276 requirement Levels", BCP 14, RFC 2119, March 1997. 1278 [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, 1279 J.,Rose, M. and S. Waldbusser, "Structure of Management 1280 Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1281 1999. 1283 [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, 1284 J., Rose, M. and S. Waldbusser, "Textual Conventions 1285 for SMIv2", STD 58, RFC 2579, April 1999. 1287 [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, 1288 J., Rose, M. and S. Waldbusser, "Conformance Statements 1289 for SMIv2", STD 58, RFC 2580, April 1999. 1291 10.2 Informative references 1293 [RFC3410] Case, J., Mundy, R., Partain, D. and B. Stewart, 1294 Introduction and Applicability Statements for Internet- 1295 Standard Management Framework", RFC 3410, December 1296 2002. 1298 Pseudo Wire (PW) Over MPLS February 2004 1299 Management Information Base 1301 11 Author's Addresses 1303 David Zelig 1304 Corrigent Systems 1305 126, Yigal Alon st. 1306 Tel Aviv, ISRAEL 1307 Phone: +972-3-6945273 1308 Email: davidz@corrigent.com 1310 Thomas D. Nadeau 1311 Cisco Systems, Inc. 1312 250 Apollo Drive 1313 Chelmsford, MA 01824 1314 Email: tnadeau@cisco.com 1316 Dave Danenberg 1317 Email: dave_danenberg@yahoo.com 1319 Andrew G. Malis 1320 Tellabs, Inc. 1321 2730 Orchard Parkway 1322 San Jose, CA 95134 1323 Email: Andy.Malis@tellabs.com 1325 Sharon Mantin 1326 AxONLink (Israel) Ltd 1327 9 Bareket St. 1328 Petah Tikva 49517, Israel 1329 Phone: +972-3-9263972 1330 Email: sharon.mantin@axonlink.com 1332 12 Full Copyright Statement 1334 Copyright (C) The Internet Society (2000). All Rights Reserved. 1336 This document and translations of it may be copied and furnished to 1337 others, and derivative works that comment on or otherwise explain 1338 it or assist in its implementation may be prepared, copied, 1339 published and distributed, in whole or in part, without restriction 1340 of any kind, provided that the above copyright notice and this 1341 paragraph are included on all such copies and derivative works. 1342 However, this document itself may not be modified in any way, such 1343 as by removing the copyright notice or references to the Internet 1344 Society or other Internet organizations, except as needed for the 1345 purpose of developing Internet standards in which case the 1346 procedures for copyrights defined in the Internet Standards process 1347 must be followed, or as required to translate it into languages 1348 other than English. 1350 Pseudo Wire (PW) Over MPLS February 2004 1351 Management Information Base 1353 The limited permissions granted above are perpetual and will not be 1354 revoked by the Internet Society or its successors or assigns. This 1355 document and the information contained herein is provided on an "AS 1356 IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 1357 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 1358 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 1359 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 1360 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 1362 13 Intellectual Property Notice 1364 The IETF takes no position regarding the validity or scope of any 1365 intellectual property or other rights that might be claimed to 1366 pertain to the implementation or use of the technology described in 1367 this document or the extent to which any license under such rights 1368 might or might not be available; neither does it represent that it 1369 has made any effort to identify any such rights. Information on 1370 the IETF's procedures with respect to rights in standards-track and 1371 standards-related documentation can be found in BCP-11 [RFC2028]. 1372 Copies of claims of rights made available for publication and any 1373 assurances of licenses to be made available, or the result of an 1374 attempt made to obtain a general license or permission for the use 1375 of such proprietary rights by implementors or users of this 1376 specification can be obtained from the IETF Secretariat. 1377 The IETF invites any interested party to bring to its attention any 1378 copyrights, patents or patent applications, or other proprietary 1379 rights that may cover technology that may be required to practice 1380 this standard. Please address the information to the IETF 1381 Executive Director.