idnits 2.17.1 draft-ietf-rmonmib-sspm-mib-12.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts. ** The document seems to lack a 1id_guidelines paragraph about the list of Shadow Directories. ** The document is more than 15 pages and seems to lack a Table of Contents. == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 40 longer pages, the longest (page 2) being 60 lines == It seems as if not all pages are separated by form feeds - found 0 form feeds but 41 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == Line 991 has weird spacing: '... (if it matte...' == The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but does not include the phrase in its RFC 2119 key words list. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (14 June 2004) is 7253 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC2863' is defined on line 1479, but no explicit reference was found in the text == Unused Reference: 'RFC3291' is defined on line 1482, but no explicit reference was found in the text ** Obsolete normative reference: RFC 1305 (Obsoleted by RFC 5905) ** Obsolete normative reference: RFC 2460 (Obsoleted by RFC 8200) ** Obsolete normative reference: RFC 2680 (Obsoleted by RFC 7680) ** Obsolete normative reference: RFC 3291 (Obsoleted by RFC 4001) ** Downref: Normative reference to an Informational RFC: RFC 3577 -- Possible downref: Non-RFC (?) normative reference: ref. 'RFCXXX2' -- Obsolete informational reference (is this intentional?): RFC 2021 (Obsoleted by RFC 4502) -- Obsolete informational reference (is this intentional?): RFC 2679 (Obsoleted by RFC 7679) -- Obsolete informational reference (is this intentional?): RFC 2925 (Obsoleted by RFC 4560) Summary: 12 errors (**), 0 flaws (~~), 8 warnings (==), 6 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet Draft C. Kalbfleisch 3 NTT/VERIO 4 R.G. Cole 5 JHU/APL 6 D. Romascanu 7 Avaya 8 14 June 2004 10 Definition of Managed Objects for Synthetic Sources for 11 Performance Monitoring Algorithms. 13 15 Status of this Memo 17 This document is an Internet-Draft and is in full conformance with 18 all provisions of Section 10 of RFC2026. Internet-Drafts are working 19 documents of the Internet Engineering Task Force (IETF), its areas, 20 and its working groups. Note that other groups may also distribute 21 working documents as Internet-Drafts. 23 Internet-Drafts are draft documents valid for a maximum of six months 24 and may be updated, replaced, or obsoleted by other documents at any 25 time. It is inappropriate to use Internet- Drafts as reference 26 material or to cite them other than as "work in progress." 28 To view the list Internet-Draft Shadow Directories, see 29 http://www.ietf.org/shadow.html. 31 Copyright Notice 33 Copyright (C) The Internet Society (2002). All Rights Reserved. 35 Abstract 37 This memo defines a portion of the Management Information Base (MIB) 38 for use with network management protocols in the Internet community. 39 In particular, it describes objects for configuring Synthetic Sources 40 for Performance Monitoring (SSPM) algorithms. 42 Distribution of this memo is unlimited. 44 1. Introduction 46 This memo defines a portion of the Management Information Base (MIB) 47 for use with network management protocols in the Internet community. 49 In particular, it defines a method of describing Synthetic Sources 50 for Performance Monitoring (SSPM). This is useful within the RMON 51 framework [RFC3577] for performance monitoring in the cases where it 52 is desirable to inject packets into the network for the purpose of 53 monitoring their performance with the other MIBs in that framework. 55 This memo also includes a MIB module. 57 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 58 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 59 document are to be interpreted as described in RFC 2119 [RFC2119]. 61 2. The Internet-Standard Management Framework 63 For a detailed overview of the documents that describe the current 64 Internet-Standard Management Framework, please refer to section 7 of 65 RFC 3410 [RFC3410]. 67 Managed objects are accessed via a virtual information store, termed 68 the Management Information Base or MIB. MIB objects are generally 69 accessed through the Simple Network Management Protocol (SNMP). 70 Objects in the MIB are defined using the mechanisms defined in the 71 Structure of Management Information (SMI). This memo specifies a MIB 72 module that is compliant to the SMIv2, which is described in STD 58, 73 RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 74 [RFC2580]. 76 3. Overview 78 This document defines a MIB module for the purpose of remotely 79 controlling synthetic sources (or 'active' probes) and sinks for the 80 purpose of enhancing remote performance monitoring capabilities 81 within IP networks and services. Much work within the IETF exists 82 related to performance monitoring. One interesting aspect of this 83 body of work is that it does not explicitly define an 'active' probe 84 capability. An active probe capability is complimentary to existing 85 capabilities, and this MIB module is developed to fill this void. 87 3.1 Terms 89 The following definitions apply throughout this document: 91 o 'Performance monitoring' is the act of monitoring traffic for 92 the purpose of evaluating a statistic of a metric related to the 93 performance of the system. A performance monitoring system is 94 comprised of a) traffic generators, b) measurement, c) data 95 reduction, and d) reporting. The traffic generators may be 96 natural sources, synthetic sources or intrusive sources. 98 o A 'synthetic source' is a device or an embedded software program 99 which generates a data packet (or packets) and injects it (them) 100 onto the path to a corresponding probe or existing server solely 101 in support of a performance monitoring function. A synthetic 102 source may talk intrusively to existing application servers. 104 The design goals for this MIB module are: 106 o Compliment the overall performance management architecture being 107 defined within the RMONMIB WG, refer to the RMONMIB framework 108 document [RFC3577]. This MIB module is defined within the context 109 of the APM-MIB [RFC3729]. 111 o Extensibility - the MIB module should be easily extended to 112 include a greater set of protocols and applications for 113 performance monitoring purposes. 115 o Flexible - it should support both round trip and one way 116 measurements. 118 o Security - the control of the source and sink of traffic is 119 handled by a management application and communication is 120 recommended via SNMPv3. 122 This document is organized as follows. The next section discusses 123 the relationship of this MIB module to other MIB modules from the 124 RMONMIB and DISMAN working groups. Then the structure of the MIB 125 module is discussed. Finally, the MIB module definitions are given. 127 4. Relationship to other MIB modules 129 This MIB module is designed to be used in conjunction with the RMON 130 MIB Working Groups two other MIB modules for application performance 131 measurement: Application Performance Measurement MIB [RFC3729] and 132 Transport Performance Metrics MIB [RFCXXX2]. These MIB modules 133 define reporting capabilities for that framework. The intent of this 134 MIB module is to define a method for injecting packets into the 135 network utilizing probe capabilities defined in the base MIB modules 136 and measured with the reporting MIB modules. other reporting MIB 137 modules may be used as well. 139 Specifically, this MIB module uses the AppLocalIndex as defined in 140 the APM-MIB to map measurement configuration information to 141 definition and reporting structures defined in the APM-MIB. 143 5. Relationship to Other Work 145 Much work has already occurred within the IETF which has a direct 146 bearing on the development of active performance probe definitions. 147 This body of work is addressed in various working groups over the 148 years. In this section we focus our attention to the work of a) the 149 IPPM working group, b) the DISMAN working group, c) the RMON working 150 group, d) the ApplMIB working group, and e) the RTFM working group. 152 5.1 IPPM 154 The IPPM working group has defined in detail a set of performance 155 metrics, sampling techniques and associated statistics for transport- 156 level, or connectivity-level, measurements. The IPPM framework 157 document [RFC2330] discusses numerous issues around sampling 158 techniques, clock accuracy, resolution and skew, wire time versus 159 host time, error analysis, etc. Much of these are considerations for 160 Configuration and Implementation Issues discussed below. The IPPM 161 working group has defined several metrics and their associated 162 statistics, including 164 + a connectivity metric [RFC2678] 166 + one-way delay metric [RFC2679] 168 + one-way loss metric [RFC2680] 170 + round trip delay and loss metrics [RFC2681] 172 + delay variation metric [RFC3393] 174 + a streaming media metric [RFC3432] 176 + a throughput metric [EBT] and [TBT], and 178 + others are under development. 180 These (or a subset) could form the basis for a set of active, 181 connectivity-level, probe types designed for the purpose of 182 monitoring the quality of transport services. A consideration of 183 some of these metrics may form a set of work activities and a set of 184 early deliverables out of a group developing an active probe 185 capability. 187 During the early development of the SSPM-MIB, it became apparent that 188 a one-way measurement protocol was required in order for the SSPM-MIB 189 to control a one-way measurement. This led to the current work with 190 the IPPM WG on the development of the One-Way Measurement Protocol 191 (OWDP) [ODP]. This protocol work includes both the measurement 192 protocol itself, as well as the development of a separate control 193 protocol. This later control protocol is redundant with the current 194 work on the SSPM-MIB. The SSPM-MIB could be used as an alternative 195 to the one-way delay control protocol. 197 5.2 DISMAN 199 The DISMAN working group has defined a set of 'active' tools for 200 remote management. Of relevance to this draft are: 202 + the pingMIB [RFC2925], 204 + the DNS Lookup MIB [RFC2925], 206 + the tracerouteMIB [RFC2925], 208 + the scriptMIB [RFC3165], and 210 + the expressionMIB [RFC2982]. 212 The pingMIB and tracerouteMIB define an active probe capability, 213 primarily for the remote determination of path and path connectivity. 214 There are some performance related metrics collected from the pingMIB 215 and one could conceivably use these measurements for the evaluation 216 of a limited set of performance statistics. But there is a 217 fundamental difference in determining connectivity versus determining 218 the quality of that connectivity. However, in the context of 219 performance monitoring, a fault can be viewed as not performing at 220 all. Therefore, they should both be monitored with the same probes 221 to reduce network traffic. 223 The DNS Lookup MIB also includes some probe-like capabilities and 224 performance time measurements for the DNS lookup. This could be used 225 to suggest details of a related session-level, active probe. 227 The scriptMIB allows a network management application to distribute 228 and manage scripts to remote devices. Conceivably, these scripts 229 could be designed to run a set of active probe monitors on remote 230 devices. 232 5.3 RMON 234 The RMON working group has developed a extensive, passive monitoring 235 capability defined in RFC 2819 [RFC2819] and RFC 2021 [RFC2021] as 236 well as additional MIB modules. Initially, the monitors collected 237 statistics at the MAC layer, but has now been extended to higher- 238 layer statistics. Higher-layer statistics are identified through the 239 definition of a Protocol Directory [RFC2021]. See the RMONMIB 240 framework document [RFC3577] for an overview of the RMONMIB 241 capabilities. 243 Within this context, the development of an active traffic source for 244 performance monitoring fits well within the overall performance 245 monitoring architecture being defined within the RMON WG. 247 5.4 ApplMIB 249 The ApplMIB working group defined a series of MIB modules which 250 monitor various aspects of applications, processes and services. 252 The System Application MIB [RFC2287] describes a basic set of managed 253 objects for fault, configuration and performance management of 254 applications from a systems perspective. More specifically, the 255 managed objects it defines are restricted to information that can be 256 determined from the system itself and which does not require special 257 instrumentation within the applications to make the information 258 available. 260 The Application MIB [RFC2564] complements the System Application MIB, 261 providing for the management of applications' common attributes which 262 could not typically be observed without the cooperation of the 263 software being managed. There are attributes which provide 264 information on application and communication performance. 266 The WWW MIB [RFC2594] describes a set of objects for managing 267 networked services in the Internet Community, particularly World Wide 268 Web (WWW) services. Performance attributes are available for the 269 information about each WWW service, each type of request, each type 270 of response and top accessed documents. 272 In the development of synthetic application-level probes, 273 consideration should be given to the relationship of the application 274 MIB modules to the measurements being performed through a synthetic 275 application-level probe. Similar, cross-indexing issues arise within 276 the context of the RMON monitoring and synthetic application-level 277 active probes. 279 5.5 SNMPCONF 281 The SNMPCONF working group has created an informational RFC 3512 282 [RFC3512] which outlines the most effective methods for using the 283 SNMP Framework to accomplish configuration management. This work 284 includes recommendations for device specific as well as network-wide 285 (Policy) configuration. The group is also chartered to write any MIB 286 modules necessary to facilitate configuration management, 287 specifically they will write a MIB module which describes a network 288 entities capabilities and capacities which can be used by management 289 entities making policy decisions at a network level or device 290 specific level. 292 Currently the SNMPCONF working group is focused on the SNMP 293 Configuration MIB for policy [PMM]. It is conceivable that one would 294 want to monitor the performance of newly configured policies as they 295 are implemented within networks. This would require correlation of 296 the implemented policy and a related performance monitoring policy, 297 which would specify synthetic probe definitions. For synthetic 298 probes there would be a need to have configuration of a) a single 299 probe, b) several probes, c) source and destination probes and d) 300 intermediate probes. In addition, it may be necessary to configure 301 any or all of these combinations simultaneously. It is hoped that 302 the work of SNMPCONF will suffice. The scripting language defined by 303 the SNMP Configuration MIB could allow for active monitoring to be 304 activated and configured from a policy management script. Further, 305 the results of active monitoring could become arguments in further 306 policy decisions. This notion is reflected in the decision flow 307 outlined in Figure 1 below. 309 5.6 RTFM 311 The Realtime Traffic Flow Measurement (RTFM) working group is 312 concerned with issues relating to traffic flow measurements, usage 313 reporting for network traffic and Internet accounting. Various 314 documents exist which describe requirements [RFC1272], traffic flow 315 measurement architectures [RFC2722], and a traffic flow MIB 316 [RFC2720]. The work in this group is focused on passive measurements 317 of user traffic. As such, its work is related to the monitoring work 318 within the RMON WG. Fundamentally, their attention has not been 319 concerned with methods of active traffic generation. 321 5.7 Relationship to Other Work: Summary 323 In summary, the development of an active traffic generation 324 capability primarily for the purpose of performance monitoring should 325 draw upon various activities, both past and present within the IETF. 326 Figure 1 shows the relationship of the various work activities 327 briefly touched upon in this section. 329 Horizontally, across the top of the figure are overall control 330 functions, which would coordinate the various aspects of the 331 performance monitoring systems. Vertically at the bottom of the 332 figure are the functions which comprise the minimum performance 333 monitoring capability, i.e., traffic generation, monitoring and 334 measurements, and data reduction. Traffic generation is address in 335 this MIB module. Monitoring and measurement is address in the APM- 336 MIB [RFC3729] and the TPM-MIB [RFCXXX2] modules. Data reduction is 337 not yet addressed within the IETF. But data reduction could include 338 both spatial and temporal aggregations and at different levels of 339 reduction. This is indicated in the figure by the arrow labeled 340 "Various levels and span". 342 +-----------------------------------+ 343 | | 344 V | 345 +------------------------------------------+ | 346 +------| Application [script], [expr], [snmpconf],|---+ | 347 | | [apmmib] | | | 348 | +------------------------------------------+ | | 349 | | | | 350 +--------------------------------+ | | 351 | Synchronization Control | | | 352 +--------------------------------+ | | 353 | | | | 354 V V V | 355 +----------------+ +----------------------+ +-------------------+ | 356 | Traffic | |Monitoring Metrics | |Data Reduction | | 357 | Generation | |Control [rmon],[ippm],| |Control [applmib], | | 358 | Control [sspm]| | [applmib] | |[wwwservmib],[expr]| | 359 +----------------+ +----------------------+ +-------------------+ | 360 | | | | 361 | | | | 362 V V V | 363 +------------------+ +-------------------+ +----------------+ | 364 |Traffic Generation| |Monitoring Metrics | |Data Reduction | | 365 | Instrumentation| | Instrumentation | +-->| Instrumentation| | 366 +------------------+ +-------------------+ | +----------------+ | 367 | | | 368 | | | 369 Various levels | | | 370 and span +--------------| | 371 | | 372 | | 373 V | 374 Reports ---+ 376 Figure 1: Coverage for an overall performance monitoring system 378 6. MIB Structure 380 This section presents the structure of the MIB module. The objects 381 are arranged into the following groups: 383 o general information 385 o source configuration 387 o sink configuration 389 6.1. General Information 390 This section provides general information about the capabilities of 391 the probe. Currently this information is related to the resolution of 392 the probe clock and its source. 394 6.2. Source Configuration 395 The source is configured with a pair of tables. The first, 396 sspmSourceProfileTable, defines a set of profiles for monitoring. 397 These profiles are then used by the second table, 398 sspmSourceControlTable, to instantiate a specific measurement. This 399 MIB module takes an IP centric view of the configuration of the 400 measurement. 402 6.3. Sink Configuration 403 Configures the sink for measurements. If the test is round-trip then 404 this table is on the same probe as the source configuration. If the 405 test is one-way then the table is on a different probe. The 406 sspmSinkInstance is a unique identifier for the entry per probe. 407 Additional attributes are provided for test type and source of the 408 test to uniquely identifier entries in the table. 410 7. Definitions 412 SSPM-MIB DEFINITIONS ::= BEGIN 414 IMPORTS 416 MODULE-IDENTITY, OBJECT-TYPE, 417 Counter32, Integer32, Unsigned32 418 FROM SNMPv2-SMI --[RFC2578] 420 TEXTUAL-CONVENTION, StorageType, 421 TruthValue, RowStatus 422 FROM SNMPv2-TC --[RFC2579] 424 MODULE-COMPLIANCE, OBJECT-GROUP 425 FROM SNMPv2-CONF --[STD58] 427 OwnerString, rmon 428 FROM RMON-MIB --[STD59] 430 InetAddressType, InetAddress 431 FROM INET-ADDRESS-MIB --[RFC3291] 433 InterfaceIndexOrZero 434 FROM IF-MIB --[RFC2863] 436 AppLocalIndex 437 FROM APM-MIB --[RFC3729] 439 Utf8String 440 FROM SYSAPPL-MIB; --[RFC2287] 442 sspmMIB MODULE-IDENTITY 443 LAST-UPDATED "200406141500Z" -- June 14, 2004 444 ORGANIZATION "IETF RMON MIB working group" 445 CONTACT-INFO 446 " Carl W. Kalbfleisch 448 Postal: NTT/VERIO 449 8700 Stemmons Freeway 450 Suite 211 451 Dallas, TX 75247 452 US 454 Tel: +1 972 306-2034 455 E-mail: ckalbfleisch@verio.net 457 Working group mailing list: rmonmib@ietf.org 458 To subscribe send email to rmonmib-request@ietf.org" 459 DESCRIPTION 460 "This SSPM MIB module is applicable to probes 461 implementing Synthetic Source for Performance 462 Monitoring functions. 464 Copyright (C) The Internet Society (year). This version 465 of this MIB module is part of RFC xxxx; see the RFC 466 itself for full legal notices." 468 -- revision history 470 REVISION "200406141500Z" -- June 14, 2004 471 DESCRIPTION 472 "The original version of this MIB module, 473 published as RFCXXXX." 474 -- RFC-Editor assigns XXXX 475 ::= { rmon 28 } -- to be assigned by IANA 477 -- 478 -- Object Identifier Assignments 479 -- 480 sspmMIBObjects OBJECT IDENTIFIER ::= { sspmMIB 1 } 481 sspmMIBNotifications OBJECT IDENTIFIER ::= { sspmMIB 2 } 482 sspmMIBConformance OBJECT IDENTIFIER ::= { sspmMIB 3 } 483 -- 484 -- Textual Conventions 485 -- 487 SspmMicroSeconds ::= TEXTUAL-CONVENTION 488 DISPLAY-HINT "d" 489 STATUS current 490 DESCRIPTION 491 "A unit of time with resolution of MicroSeconds." 492 SYNTAX Unsigned32 494 SspmClockSource ::= TEXTUAL-CONVENTION 495 DISPLAY-HINT "d" 496 STATUS current 497 DESCRIPTION 498 "An indication of the source of the clock as defined by the 499 NTP specification RFC1305 [RFC1305] definition of stratum: 501 Stratum (sys.stratum, peer.stratum, pkt.stratum): This is 502 an integer indicating the stratum of the local clock, 503 with values defined as follows: 505 0, unspecified 507 1, primary reference (e.g.,, calibrated atomic clock, 508 radio clock) 510 2-255, secondary reference (via NTP)." 511 REFERENCE 512 "RFC1305." 513 SYNTAX Integer32 (0..255) 515 SspmClockMaxSkew ::= TEXTUAL-CONVENTION 516 DISPLAY-HINT "d" 517 STATUS current 518 -- UNITS "Seconds" 519 DESCRIPTION 520 " An indication of the accuracy of the clock as defined by 521 RFC1305. This variable indicates the maximum offset 522 error due to skew of the local clock over the 523 time interval 86400 seconds, in seconds." 524 REFERENCE 525 "RFC1305." 526 SYNTAX Integer32 (1..65535) 528 -- 529 -- sspmGeneral 530 -- 531 sspmGeneral OBJECT IDENTIFIER ::= { sspmMIBObjects 1 } 532 sspmGeneralClockResolution OBJECT-TYPE 533 SYNTAX SspmMicroSeconds 534 MAX-ACCESS read-only 535 STATUS current 536 -- UNITS Microseconds 537 DESCRIPTION 538 "A read only variable indicating the resolution 539 of the measurements possible by this device." 540 ::= { sspmGeneral 1 } 542 sspmGeneralClockMaxSkew OBJECT-TYPE 543 SYNTAX SspmClockMaxSkew 544 MAX-ACCESS read-only 545 STATUS current 546 -- UNITS Seconds 547 DESCRIPTION 548 "A read only variable indicating the maximum offset 549 error due to skew of the local clock over the 550 time interval 86400 seconds, in seconds." 551 ::= { sspmGeneral 2 } 553 sspmGeneralClockSource OBJECT-TYPE 554 SYNTAX SspmClockSource 555 MAX-ACCESS read-only 556 STATUS current 557 DESCRIPTION 558 "A read only variable indicating the source of the clock. 559 This is provided to allow a user to determine how accurate 560 the timing mechanism is compared with other devices. This 561 is needed for the coordination of time values 562 between probes for one-way measurements." 563 ::= { sspmGeneral 3 } 565 sspmGeneralMinFrequency OBJECT-TYPE 566 SYNTAX SspmMicroSeconds 567 MAX-ACCESS read-only 568 -- units MicroSeconds 569 STATUS current 570 DESCRIPTION 571 "A read-only variable which indicates the devices 572 capability for the minimum supported 573 sspmSourceFrequency. If sspmSourceFrequency is 574 set to a value lower than the value reported 575 by this attribute, then the set of sspmSourceFrequency 576 will fail with an inconsistent value error." 577 ::= { sspmGeneral 4 } 579 -- 580 -- sspmCapabilities 581 -- 582 -- Describes the capabilities of the SSPM device. 583 -- 584 sspmCapabilitiesTable OBJECT-TYPE 585 SYNTAX SEQUENCE OF SspmCapabilitiesEntry 586 MAX-ACCESS not-accessible 587 STATUS current 588 DESCRIPTION 589 "The table of SSPM capabilities." 590 ::= { sspmGeneral 5 } 592 sspmCapabilitiesEntry OBJECT-TYPE 593 SYNTAX SspmCapabilitiesEntry 594 MAX-ACCESS not-accessible 595 STATUS current 596 DESCRIPTION 597 "Details about a particular SSPM capability." 598 INDEX { sspmCapabilitiesInstance } 599 ::= { sspmCapabilitiesTable 1 } 601 SspmCapabilitiesEntry ::= SEQUENCE { 602 sspmCapabilitiesInstance AppLocalIndex 603 } 605 sspmCapabilitiesInstance OBJECT-TYPE 606 SYNTAX AppLocalIndex 607 MAX-ACCESS read-only 608 STATUS current 609 DESCRIPTION 610 "Indicates whether SSPM configuration of the corresponding 611 AppLocalIndex is supported by this device. Generally entries 612 in this table are only made by the device when the 613 configuration of the measurement is available." 614 ::= { sspmCapabilitiesEntry 1 } 616 -- 617 -- sspmSource 618 -- 619 -- Contains the details of the source of the 620 -- Synthetic Sources for Performance Monitoring algorithms. 621 -- This information is split into two tables. The first defines 622 -- profiles which can be applied to specific sources in the 623 -- control table. 625 -- 626 sspmSource OBJECT IDENTIFIER ::= { sspmMIBObjects 2 } 628 -- 629 -- sspmSourceProfileTable 630 -- Define template profiles for measurements. 631 -- 632 sspmSourceProfileTable OBJECT-TYPE 633 SYNTAX SEQUENCE OF SspmSourceProfileEntry 634 MAX-ACCESS not-accessible 635 STATUS current 636 DESCRIPTION 637 "The table of SSPM Source Profiles configured." 638 ::= { sspmSource 1 } 640 sspmSourceProfileEntry OBJECT-TYPE 641 SYNTAX SspmSourceProfileEntry 642 MAX-ACCESS not-accessible 643 STATUS current 644 DESCRIPTION 645 "Details about a particular SSPM Source Profile 646 configuration. Entries must exist in this table 647 in order to be referenced by rows in the 648 sspmSourceControlTable." 649 INDEX { sspmSourceProfileInstance } 650 ::= { sspmSourceProfileTable 1 } 652 SspmSourceProfileEntry ::= SEQUENCE { 653 sspmSourceProfileInstance Unsigned32, 654 sspmSourceProfileType AppLocalIndex, 655 sspmSourceProfilePacketSize Unsigned32, 656 sspmSourceProfilePacketFillType INTEGER, 657 sspmSourceProfilePacketFillValue OCTET STRING, 658 sspmSourceProfileTOS Integer32, 659 sspmSourceProfileFlowLabel Integer32, 660 sspmSourceProfileLooseSrcRteFill OCTET STRING, 661 sspmSourceProfileLooseSrcRteLen Integer32, 662 sspmSourceProfileTTL Integer32, 663 sspmSourceProfileNoFrag TruthValue, 664 sspmSourceProfile8021Tagging Integer32, 665 sspmSourceProfileUsername Utf8String, 666 sspmSourceProfilePassword Utf8String, 667 sspmSourceProfileParameter OCTET STRING, 668 sspmSourceProfileOwner OwnerString, 669 sspmSourceProfileStorageType StorageType, 670 sspmSourceProfileStatus RowStatus 671 } 672 sspmSourceProfileInstance OBJECT-TYPE 673 SYNTAX Unsigned32 (1..65535) 674 MAX-ACCESS not-accessible 675 STATUS current 676 DESCRIPTION 677 "An arbitrary index." 678 ::= { sspmSourceProfileEntry 1 } 680 sspmSourceProfileType OBJECT-TYPE 681 SYNTAX AppLocalIndex 682 MAX-ACCESS read-create 683 STATUS current 684 DESCRIPTION 685 "The AppLocalIndex value which uniquely identifies the 686 measurement per the APM-MIB. In order to create a row 687 in this table there must be a corresponding row in the 688 sspmCapabilitiesTable. 690 When attempting to set this object, if there exists 691 no corresponding row in the sspmCapabilitiesTable, 692 then the agent should return a 'badValue' error." 693 ::= { sspmSourceProfileEntry 2} 695 sspmSourceProfilePacketSize OBJECT-TYPE 696 SYNTAX Unsigned32 697 MAX-ACCESS read-create 698 STATUS current 699 DESCRIPTION 700 "The size of packet to be transmitted in bytes. The 701 size accounts for all data within the IPv4 or IPv6 702 payloads, excluding the IP headers, IP header options 703 and link-level protocol headers. 705 If the size is set smaller than the minimum allowed 706 packet size or greater than the allowed maximum 707 packet size then the set should fail and the agent 708 should return a 'badValue' error." 709 ::= { sspmSourceProfileEntry 3 } 711 sspmSourceProfilePacketFillType OBJECT-TYPE 712 SYNTAX INTEGER { 713 random (1), 714 pattern (2), 715 url(3) 716 } 717 MAX-ACCESS read-create 718 STATUS current 719 DESCRIPTION 720 "Indicates how the packet is filled. 722 'random' indicates that the packet contains random 723 data patterns. This is probe and implementation 724 dependent. 726 'pattern' indicates that the pattern defined in the 727 sspmSourceProfilePacketFillValue attribute is used to 728 fill the packet. 730 'url' indicates that the value of 731 sspmSourceProfilePacketFillValue should 732 contain a URL. The contents of the document 733 at that URL are retrieved when sspmSourceStatus becomes 734 active and utilized in the packet. If the attempt to 735 access that URL fails then the row status is set to 736 'notReady' and the set should fail with 737 'inconsistentValue'. This value must contain a 738 dereferencable URL of the type 'http:', https:' or 739 'ftp:' only." 740 ::= { sspmSourceProfileEntry 4 } 742 sspmSourceProfilePacketFillValue OBJECT-TYPE 743 SYNTAX OCTET STRING (SIZE(0..255)) 744 MAX-ACCESS read-create 745 STATUS current 746 DESCRIPTION 747 "The string value to fill the packet with. If 748 sspmSourceProfilePacketFillType is set to 'pattern' 749 then this pattern is repeated until the packet is 750 sspmSourcePacketSize in bytes. Note that if 751 length of the octet string specified for this 752 value does not divide evenly into the packet 753 size then an incomplete last copy of this data 754 may be copied into the packet. If the value of 755 sspmSourceProfilePacketFillType is set to 'random' then 756 this attribute is unused. If the value of the 757 sspmSourceProfilePacketFillType is set to 'url' then 758 the URL specified in this attribute is retrieved 759 and used by the probe. In case of a URL, this value 760 must contain a dereferencable URL of the type 761 'http:', https:' or 'ftp:' only." 762 ::= { sspmSourceProfileEntry 5 } 764 sspmSourceProfileTOS OBJECT-TYPE 765 SYNTAX Integer32 (0..255) 766 MAX-ACCESS read-create 767 STATUS current 768 DESCRIPTION 769 "Represents the TOS field in the IP packet header. The 770 value of this object defaults to zero if not set." 771 DEFVAL { 0 } 772 ::= { sspmSourceProfileEntry 6 } 774 sspmSourceProfileFlowLabel OBJECT-TYPE 775 SYNTAX Integer32 (0..1048575) -- 20-bit range (0 to 0xfffff) 776 MAX-ACCESS read-create 777 STATUS current 778 DESCRIPTION 779 "This object is used to specify the Flow Label in a IPv6 780 packet (RFC 2460) to force special handling by the IPv6 781 routers, e.g., non-default quality-of-service handling. 783 This object is meaningful only when the object 784 sspmSourceDestAddressType is IPv6(2). 785 The value of this object defaults to zero if not set." 786 DEFVAL { 0 } 787 ::= { sspmSourceProfileEntry 7 } 789 sspmSourceProfileLooseSrcRteFill OBJECT-TYPE 790 SYNTAX OCTET STRING (SIZE(0..240)) 791 MAX-ACCESS read-create 792 STATUS current 793 DESCRIPTION 794 "In the event that the test should run over a 795 specific route. Intent is to force the route using the 796 Loose Source Route option in IPv4 [RFC791] and 797 IPv6 [RFC2460]. This object contains a 798 series of IP addresses along the path that would be 799 put into the loose source route option in the IP header. 801 The IPv4 addresses are to be listed as 32-bit 802 address values and the IPv6 addresses are to be 803 listed as a string of 128-bit addresses. The 804 maximum length allowed within the IPv4 source route 805 option is 63 addresses. To simply account for 806 IPv6 addresses as well, the maximum length of the 807 octet string is 240. This allows for up to 60 808 IPv4 addresses or up to 15 IPv6 addresses in the 809 string." 810 ::= { sspmSourceProfileEntry 8 } 812 sspmSourceProfileLooseSrcRteLen OBJECT-TYPE 813 SYNTAX Integer32(0..240) 814 MAX-ACCESS read-create 815 STATUS current 816 DESCRIPTION 817 "In the event that the test should run over a 818 specific route. Intent is to force the route. 819 This attribute specifies the length of data to 820 be copied from the sspmSourceProfileLooseSrcRteFill 821 into the route data fields of the loose source route 822 options in the IPv4 or IPv6 headers." 823 ::= { sspmSourceProfileEntry 9 } 825 sspmSourceProfileTTL OBJECT-TYPE 826 SYNTAX Integer32(1..255) 827 MAX-ACCESS read-create 828 STATUS current 829 DESCRIPTION 830 "If non-zero specifies the value to place into 831 the TTL field on transmission." 832 ::= { sspmSourceProfileEntry 10 } 834 sspmSourceProfileNoFrag OBJECT-TYPE 835 SYNTAX TruthValue 836 MAX-ACCESS read-create 837 STATUS current 838 DESCRIPTION 839 "When true, the 'Don't Fragment Bit' should be set 840 on the packet header." 841 ::= { sspmSourceProfileEntry 11 } 843 sspmSourceProfile8021Tagging OBJECT-TYPE 844 SYNTAX Integer32 (-1..65535) 845 MAX-ACCESS read-create 846 STATUS current 847 DESCRIPTION 848 "IEEE 802.1Q tagging used in IEEE 802.1D bridged 849 environments. 851 A value of -1 indicates that the packets are untagged. 853 A value of 0 to 65535 is the value of the tag to be 854 inserted in the tagged packets. 856 Note that according to IEEE 802.1Q, VLAN-ID tags with 857 a value of 4095 shall not be transmitted on the wire. 858 As the VLAN-ID is encoded in the 12 least significant 859 bits on the tag, values that translate in a binary 860 representation of all 1's in the last 12 bits 861 SHALL NOT be configured. In this case the set should 862 fail and return an error-status of 'inconsistentValue'." 863 ::= { sspmSourceProfileEntry 12 } 865 sspmSourceProfileUsername OBJECT-TYPE 866 SYNTAX Utf8String 867 MAX-ACCESS read-create 868 STATUS current 869 DESCRIPTION 870 "An optional username used by the application protocol." 871 ::= { sspmSourceProfileEntry 13 } 873 sspmSourceProfilePassword OBJECT-TYPE 874 SYNTAX Utf8String 875 MAX-ACCESS read-create 876 STATUS current 877 DESCRIPTION 878 "An optional password used by the application protocol." 879 ::= { sspmSourceProfileEntry 14 } 881 sspmSourceProfileParameter OBJECT-TYPE 882 SYNTAX OCTET STRING (SIZE(0..65535)) 883 MAX-ACCESS read-create 884 STATUS current 885 DESCRIPTION 886 "An optional parameter used by the application protocol. 887 For DNS this would be the hostname or IP. For HTTP, 888 this would be the URL. For nntp this would be the 889 news group. For TCP this would be the port number. 890 For SMTP this would be the recipient (and could 891 assume the message is predefined)." 892 ::= { sspmSourceProfileEntry 15 } 894 sspmSourceProfileOwner OBJECT-TYPE 895 SYNTAX OwnerString 896 MAX-ACCESS read-create 897 STATUS current 898 DESCRIPTION 899 "Name of the management station/application who 900 set up the profile." 901 ::= { sspmSourceProfileEntry 16 } 903 sspmSourceProfileStorageType OBJECT-TYPE 904 SYNTAX StorageType 905 MAX-ACCESS read-create 906 STATUS current 907 DESCRIPTION 908 "The storage type of this sspmSourceProfileEntry. If the 909 value of this object is 'permanent', no objects in this row 910 need to be writable." 911 ::= { sspmSourceProfileEntry 17 } 913 sspmSourceProfileStatus OBJECT-TYPE 914 SYNTAX RowStatus 915 MAX-ACCESS read-create 916 STATUS current 917 DESCRIPTION 918 "Status of this profile. 920 An entry may not exist in the active state unless all 921 objects in the entry have an appropriate value. 923 Once this object is set to active(1), no objects in the 924 sspmSourceProfileTable can be changed." 925 ::= { sspmSourceProfileEntry 18 } 927 -- 928 -- sspmSourceControlTable 929 -- Defines specific measurement instances based on template 930 -- profiles in the sspmSourceProfileTable which must be 931 -- pre-configured. 932 -- 933 sspmSourceControlTable OBJECT-TYPE 934 SYNTAX SEQUENCE OF SspmSourceControlEntry 935 MAX-ACCESS not-accessible 936 STATUS current 937 DESCRIPTION 938 "The table of SSPM measurements configured." 939 ::= { sspmSource 2 } 941 sspmSourceControlEntry OBJECT-TYPE 942 SYNTAX SspmSourceControlEntry 943 MAX-ACCESS not-accessible 944 STATUS current 945 DESCRIPTION 946 "Details about a particular SSPM configuration." 947 INDEX { sspmSourceControlInstance } 948 ::= { sspmSourceControlTable 1 } 950 SspmSourceControlEntry ::= SEQUENCE { 951 sspmSourceControlInstance Unsigned32, 952 sspmSourceControlProfile Integer32, 953 sspmSourceControlSrc InterfaceIndexOrZero, 954 sspmSourceControlDestAddrType InetAddressType, 955 sspmSourceControlDestAddr InetAddress, 956 sspmSourceControlEnabled TruthValue, 957 sspmSourceControlTimeOut SspmMicroSeconds, 958 sspmSourceControlSamplingDist INTEGER, 959 sspmSourceControlFrequency SspmMicroSeconds, 960 sspmSourceControlFirstSeqNum Unsigned32, 961 sspmSourceControlLastSeqNum Unsigned32, 962 sspmSourceControlOwner OwnerString, 963 sspmSourceControlStorageType StorageType, 964 sspmSourceControlStatus RowStatus 965 } 967 sspmSourceControlInstance OBJECT-TYPE 968 SYNTAX Unsigned32 (1..65535) 969 MAX-ACCESS not-accessible 970 STATUS current 971 DESCRIPTION 972 "An arbitrary index." 973 ::= { sspmSourceControlEntry 1 } 975 sspmSourceControlProfile OBJECT-TYPE 976 SYNTAX Integer32 (1..65535) 977 MAX-ACCESS read-create 978 STATUS current 979 DESCRIPTION 980 "A pointer to the profile (sspmSourceProfileEntry) which 981 this control entry uses to define the test being 982 performed." 983 ::= { sspmSourceControlEntry 2 } 985 sspmSourceControlSrc OBJECT-TYPE 986 SYNTAX InterfaceIndexOrZero 987 MAX-ACCESS read-create 988 STATUS current 989 DESCRIPTION 990 "ifIndex where the packet should originate from the 991 probe (if it matters). Zero value indicates it does 992 not matter and the device decides." 993 ::= { sspmSourceControlEntry 3 } 995 sspmSourceControlDestAddrType OBJECT-TYPE 996 SYNTAX InetAddressType 997 MAX-ACCESS read-create 998 STATUS current 999 DESCRIPTION 1000 "The type of Internet address by which the destination 1001 is accessed." 1002 ::= { sspmSourceControlEntry 4 } 1004 sspmSourceControlDestAddr OBJECT-TYPE 1005 SYNTAX InetAddress 1006 MAX-ACCESS read-create 1007 STATUS current 1008 DESCRIPTION 1009 "The Internet address for the destination. The formatting 1010 of this object is controlled by the 1011 sspmSourceControlDestAddrType object above. 1013 When this object contains a DNS name, then the name is 1014 resolved to an address each time measurement is to be made. 1015 Further, the agent should not cache this address, 1016 but instead should perform the resolution prior to each 1017 measurement." 1018 ::= { sspmSourceControlEntry 5 } 1020 sspmSourceControlEnabled OBJECT-TYPE 1021 SYNTAX TruthValue 1022 MAX-ACCESS read-create 1023 STATUS current 1024 DESCRIPTION 1025 "When set to 'true' this test is enabled. When set to 1026 'false', it is disabled." 1027 ::= { sspmSourceControlEntry 6 } 1029 sspmSourceControlTimeOut OBJECT-TYPE 1030 SYNTAX SspmMicroSeconds 1031 MAX-ACCESS read-create 1032 STATUS current 1033 DESCRIPTION 1034 "Timeout value for the measurement response. If no 1035 response is received in the time specified then 1036 the test fails." 1037 ::= { sspmSourceControlEntry 7 } 1039 sspmSourceControlSamplingDist OBJECT-TYPE 1040 SYNTAX INTEGER { 1041 deterministic(1), 1042 poisson(2) 1043 } 1044 MAX-ACCESS read-create 1045 STATUS current 1046 DESCRIPTION 1047 "When this attribute is set to 'deterministic', then 1048 packets are generated at with a fixed interpacket 1049 injection time specified by sspmSourceFrequency. 1051 When this attribute is set to 'Poisson' then packets 1052 are generated with interpacket injection times sampled 1053 from a exponential distribution with the single 1054 distributional parameter determined by the inverse 1055 frequency)." 1056 ::= { sspmSourceControlEntry 8 } 1058 sspmSourceControlFrequency OBJECT-TYPE 1059 SYNTAX SspmMicroSeconds 1060 MAX-ACCESS read-create 1061 STATUS current 1062 DESCRIPTION 1063 "The inverse of this value is the rate at which packets 1064 are generated. Refer to sspmSourceSamplingDistribution. 1065 If the value set is less than the value of 1066 sspmGeneralMinFrequency then the set will fail with an 1067 error-status of 'inconsistentValue'." 1068 ::= { sspmSourceControlEntry 9 } 1070 sspmSourceControlFirstSeqNum OBJECT-TYPE 1071 SYNTAX Unsigned32 1072 MAX-ACCESS read-create 1073 STATUS current 1074 DESCRIPTION 1075 "The first sequence number of packets to be transmitted." 1076 ::= { sspmSourceControlEntry 10 } 1078 sspmSourceControlLastSeqNum OBJECT-TYPE 1079 SYNTAX Unsigned32 1080 MAX-ACCESS read-only 1081 STATUS current 1082 DESCRIPTION 1083 "The last sequence number transmitted. This value is updated 1084 by the agent after packet generation." 1085 ::= { sspmSourceControlEntry 11 } 1087 sspmSourceControlOwner OBJECT-TYPE 1088 SYNTAX OwnerString 1089 MAX-ACCESS read-create 1090 STATUS current 1091 DESCRIPTION 1092 "Name of the management station/application who set 1093 up the test." 1095 ::= { sspmSourceControlEntry 12 } 1097 sspmSourceControlStorageType OBJECT-TYPE 1098 SYNTAX StorageType 1099 MAX-ACCESS read-create 1100 STATUS current 1101 DESCRIPTION 1102 "The storage type of this sspmSourceControlEntry. If the 1103 value of this object is 'permanent', no objects in this row 1104 need to be writable." 1105 ::= { sspmSourceControlEntry 13 } 1107 sspmSourceControlStatus OBJECT-TYPE 1108 SYNTAX RowStatus 1109 MAX-ACCESS read-create 1110 STATUS current 1111 DESCRIPTION 1112 "Status of this source control entry. 1114 An entry may not exist in the active state unless all 1115 objects in the entry have an appropriate value. 1117 When this attribute has the value of 1118 'active' none of the read-write or read-create attributes 1119 in this table may be modified with the exception of 1120 sspmSourceControlEnabled." 1121 ::= { sspmSourceControlEntry 14 } 1123 -- 1124 -- sspmSinkTable 1125 -- 1126 -- Contains attributes for configuration of Synthetic 1127 -- Sources for Performance Monitoring sinks. IE 1128 -- sinks for receipt of one-way delay measurements. 1129 -- 1130 sspmSink OBJECT IDENTIFIER ::= { sspmMIBObjects 5 } 1132 sspmSinkTable OBJECT-TYPE 1133 SYNTAX SEQUENCE OF SspmSinkEntry 1134 MAX-ACCESS not-accessible 1135 STATUS current 1136 DESCRIPTION 1137 "A table configuring the sink for measurements." 1138 ::= { sspmSink 1 } 1140 sspmSinkEntry OBJECT-TYPE 1141 SYNTAX SspmSinkEntry 1142 MAX-ACCESS not-accessible 1143 STATUS current 1144 DESCRIPTION 1145 "The details of a particular sink entry. If the measurement 1146 is a round trip type then the sink entry will be on the 1147 same probe as the corresponding sspmSourceEntry. If the 1148 measurement is a one way type then the sink entry will be 1149 on a different probe." 1150 INDEX { sspmSinkInstance } 1151 ::= { sspmSinkTable 1} 1153 SspmSinkEntry ::= SEQUENCE { 1154 sspmSinkInstance Unsigned32, 1155 sspmSinkType AppLocalIndex, 1156 sspmSinkSourceAddressType InetAddressType, 1157 sspmSinkSourceAddress InetAddress, 1158 sspmSinkExpectedRate SspmMicroSeconds, 1159 sspmSinkEnable TruthValue, 1160 sspmSinkExpectedFirstSequenceNum Unsigned32, 1161 sspmSinkLastSequenceNumber Unsigned32, 1162 sspmSinkLastSequenceInvalid Counter32, 1163 sspmSinkStorageType StorageType, 1164 sspmSinkStatus RowStatus 1165 } 1167 sspmSinkInstance OBJECT-TYPE 1168 SYNTAX Unsigned32 (1..65535) 1169 MAX-ACCESS not-accessible 1170 STATUS current 1171 DESCRIPTION 1172 "An index. When the measurement is for a round trip 1173 measurement then this table entry is on the same probe as 1174 the corresponding sspmSourceEntry and the value of this 1175 attribute should correspond to the value of 1176 sspmSourceInstance. Management applications configuring 1177 sinks for one way measurements could define some 1178 scheme whereby the sspmSinkInstance is unique across 1179 all probes. Note that the unique key to this entry is 1180 also constructed with sspmSinkType, 1181 sspmSinkSourceAddressType and sspmSinkSourceAddress. 1182 Those other attributes are not included in the index 1183 to make the implementation simpler, but, uniqueness 1184 is still needed to receive all of the packets." 1185 ::= { sspmSinkEntry 1 } 1187 sspmSinkType OBJECT-TYPE 1188 SYNTAX AppLocalIndex 1189 MAX-ACCESS read-create 1190 STATUS current 1191 DESCRIPTION 1192 "The AppLocalIndex value which uniquely identifies the 1193 measurement per the APM-MIB. In order to create a row 1194 in this table there must be a corresponding row in the 1195 sspmCapabilitiesTable. If there is no corresponding 1196 row in the sspmCapabilitiestable, then the agent will 1197 return an error-status of 'inconsistentValue'." 1198 ::= { sspmSinkEntry 2} 1200 sspmSinkSourceAddressType OBJECT-TYPE 1201 SYNTAX InetAddressType 1202 MAX-ACCESS read-create 1203 STATUS current 1204 DESCRIPTION 1205 "The type of Internet address of the source." 1206 ::= { sspmSinkEntry 3 } 1208 sspmSinkSourceAddress OBJECT-TYPE 1209 SYNTAX InetAddress 1210 MAX-ACCESS read-create 1211 STATUS current 1212 DESCRIPTION 1213 "The Internet address of the source. The formatting 1214 of this object is controlled by the sspmSinkSourceAddressType 1215 object above. 1217 This object should be set only to a valid device address 1218 which has been administratively configured into the 1219 device. If a set attempts to set this object to an 1220 address which does not belong, i.e., is not administratively 1221 configured into the device, the set should fail and the 1222 agent should return a error-status of 'inconsistentValue'." 1223 ::= { sspmSinkEntry 4 } 1225 sspmSinkExpectedRate OBJECT-TYPE 1226 SYNTAX SspmMicroSeconds 1227 MAX-ACCESS read-create 1228 STATUS current 1229 DESCRIPTION 1230 "The expected rate of packets to arrive." 1231 ::= { sspmSinkEntry 5 } 1233 sspmSinkEnable OBJECT-TYPE 1234 SYNTAX TruthValue 1235 MAX-ACCESS read-create 1236 STATUS current 1237 DESCRIPTION 1238 "Indicates if the sink is enabled or not." 1239 ::= { sspmSinkEntry 6 } 1241 sspmSinkExpectedFirstSequenceNum OBJECT-TYPE 1242 SYNTAX Unsigned32 1243 MAX-ACCESS read-create 1244 STATUS current 1245 DESCRIPTION 1246 "The expected first sequence number of packets. 1247 This is used by the sink to determine if packets 1248 were lost at the initiation of the test." 1249 ::= { sspmSinkEntry 7 } 1251 sspmSinkLastSequenceNumber OBJECT-TYPE 1252 SYNTAX Unsigned32 1253 MAX-ACCESS read-only 1254 STATUS current 1255 DESCRIPTION 1256 "The last sequence number received." 1257 ::= { sspmSinkEntry 8 } 1259 sspmSinkLastSequenceInvalid OBJECT-TYPE 1260 SYNTAX Counter32 1261 MAX-ACCESS read-only 1262 STATUS current 1263 DESCRIPTION 1264 "The number of packets that arrived where their 1265 sequence number was not one plus the value of 1266 sspmSinkLastSequenceNumber." 1267 ::= { sspmSinkEntry 9 } 1269 sspmSinkStorageType OBJECT-TYPE 1270 SYNTAX StorageType 1271 MAX-ACCESS read-create 1272 STATUS current 1273 DESCRIPTION 1274 "The storage type of this sspmSinkEntry. If the value 1275 of this object is 'permanent', no objects in this row 1276 need to be writable." 1277 ::= { sspmSinkEntry 10 } 1279 sspmSinkStatus OBJECT-TYPE 1280 SYNTAX RowStatus 1281 MAX-ACCESS read-create 1282 STATUS current 1283 DESCRIPTION 1284 "Status of this conceptual row. 1286 An entry may not exist in the active state unless all 1287 objects in the entry have an appropriate value. 1289 Once this object is set to active(1), no objects with 1290 MAX-ACCESS of read-create in the sspmSinkTable can 1291 be changed." 1292 ::= { sspmSinkEntry 11 } 1294 -- 1295 -- Notifications 1296 -- 1298 -- 1299 -- Conformance information 1300 -- 1301 sspmCompliances OBJECT IDENTIFIER ::= { sspmMIBConformance 1 } 1302 sspmGroups OBJECT IDENTIFIER ::= { sspmMIBConformance 2 } 1304 -- Compliance Statements 1305 sspmGeneralCompliance MODULE-COMPLIANCE 1306 STATUS current 1307 DESCRIPTION 1308 "A general compliance which allows all things to be optional." 1309 MODULE -- this module 1311 MANDATORY-GROUPS { sspmGeneralGroup } 1313 GROUP sspmSourceGroup 1314 DESCRIPTION 1315 "The SSPM Source Group is optional." 1317 GROUP sspmSinkGroup 1318 DESCRIPTION 1319 "The SSPM Sink Group is optional." 1321 GROUP sspmUserPassGroup 1322 DESCRIPTION 1323 "The SSPM User Pass Group is optional." 1325 ::= { sspmCompliances 1 } 1327 -- 1328 -- SSPM Source Compliance 1329 -- 1330 sspmSourceFullCompliance MODULE-COMPLIANCE 1331 STATUS current 1332 DESCRIPTION 1333 "A source compliance. Use this compliance when implementing 1334 a traffic source only device. This is useful for implementing 1335 devices which probe other devices for intrusive application 1336 monitoring. It is also useful for implementing the source 1337 of one way tests used with a sink only device." 1338 MODULE -- this module 1340 MANDATORY-GROUPS { sspmGeneralGroup, sspmSourceGroup } 1342 GROUP sspmUserPassGroup 1343 DESCRIPTION 1344 "The SSPM User Pass Group is optional." 1345 ::= { sspmCompliances 2 } 1347 -- 1348 -- SSPM Sink Compliance 1349 -- 1350 sspmSinkFullCompliance MODULE-COMPLIANCE 1351 STATUS current 1352 DESCRIPTION 1353 "A sink-only compliance. Use this compliance when implementing a 1354 sink-only device. This is useful for devices to receive one way 1355 measurements." 1356 MODULE -- this module 1358 MANDATORY-GROUPS { sspmGeneralGroup, sspmSinkGroup } 1360 ::= { sspmCompliances 3 } 1362 -- 1363 -- Groups 1364 -- 1365 sspmGeneralGroup OBJECT-GROUP 1366 OBJECTS { 1367 sspmGeneralClockResolution, 1368 sspmGeneralClockMaxSkew, 1369 sspmGeneralClockSource, 1370 sspmGeneralMinFrequency, 1371 sspmCapabilitiesInstance 1372 } 1373 STATUS current 1374 DESCRIPTION 1375 "The objects in the SSPM General Group." 1376 ::= { sspmGroups 1 } 1378 sspmSourceGroup OBJECT-GROUP 1379 OBJECTS { 1380 sspmSourceProfileType, 1381 sspmSourceProfilePacketSize, 1382 sspmSourceProfilePacketFillType, 1383 sspmSourceProfilePacketFillValue, 1384 sspmSourceProfileTOS, 1385 sspmSourceProfileFlowLabel, 1386 sspmSourceProfileLooseSrcRteFill, 1387 sspmSourceProfileLooseSrcRteLen, 1388 sspmSourceProfileTTL, 1389 sspmSourceProfileNoFrag, 1390 sspmSourceProfile8021Tagging, 1391 sspmSourceProfileUsername, 1392 sspmSourceProfilePassword, 1393 sspmSourceProfileParameter, 1394 sspmSourceProfileOwner, 1395 sspmSourceProfileStorageType, 1396 sspmSourceProfileStatus, 1397 sspmSourceControlProfile, 1398 sspmSourceControlSrc, 1399 sspmSourceControlDestAddrType, 1400 sspmSourceControlDestAddr, 1401 sspmSourceControlEnabled, 1402 sspmSourceControlTimeOut, 1403 sspmSourceControlSamplingDist, 1404 sspmSourceControlFrequency, 1405 sspmSourceControlFirstSeqNum, 1406 sspmSourceControlLastSeqNum, 1407 sspmSourceControlOwner, 1408 sspmSourceControlStorageType, 1409 sspmSourceControlStatus 1410 } 1411 STATUS current 1412 DESCRIPTION 1413 "The objects in the SSPM Source Group." 1414 ::= { sspmGroups 2 } 1416 sspmUserPassGroup OBJECT-GROUP 1417 OBJECTS { 1418 sspmSourceProfileUsername, 1419 sspmSourceProfilePassword 1420 } 1421 STATUS current 1422 DESCRIPTION 1423 "The objects in the SSPM Username and password group." 1424 ::= { sspmGroups 3 } 1426 sspmSinkGroup OBJECT-GROUP 1427 OBJECTS { 1428 sspmSinkType, 1429 sspmSinkSourceAddressType, 1430 sspmSinkSourceAddress, 1431 sspmSinkExpectedRate, 1432 sspmSinkEnable, 1433 sspmSinkExpectedFirstSequenceNum, 1434 sspmSinkLastSequenceNumber, 1435 sspmSinkLastSequenceInvalid, 1436 sspmSinkStorageType, 1437 sspmSinkStatus 1438 } 1439 STATUS current 1440 DESCRIPTION 1441 "The objects in the SSPM Sink Group." 1442 ::= { sspmGroups 4 } 1444 END 1446 8. Normative References 1448 [RFC791] Postel, J. "Internet Protocol: DARPA Internet Program 1449 Protocol Specification", RFC 791, September 1981. 1451 [RFC1305] Mills, D. "Network Time Protocol (Version 3)", RFC 1305, 1452 March 1992. 1454 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1455 Requirement Levels", RFC 2119, March 1997. 1457 [RFC2287] Krupczak, C. and J. Saperia, "Definitions of System-Level 1458 Managed Objects for Applications", RFC 2287, February 1998. 1460 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 1461 (IPv6) Specification", RFC 2460, December 1998. 1463 [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., 1464 Rose, M. and S. Waldbusser, "Structure of Management 1465 Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1466 1999. 1468 [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., 1469 Rose, M. and S. Waldbusser, "Textual Conventions for SMIv2", 1470 STD 58, RFC 2579, April 1999. 1472 [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., 1473 Rose, M. and S. Waldbusser, "Conformance Statements for 1474 SMIv2", STD 58, RFC 2580, April 1999. 1476 [RFC2680] Almes, G., Kalidindi, S. and M. Zekauskas, "A One-Way Packet 1477 Loss Metric for IPPM" RFC 2680, September 1999. 1479 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group 1480 MIB", RFC 2863, June 2000. 1482 [RFC3291] Daniele, M., Haberman, B., Routhier, S. and J. 1483 Schoenwaelder, "Textual Conventions for Internet Network 1484 Addresses ", RFC 3291, May 2002. 1486 [RFC3393] Demichelis, C. and P. Chimento, "IP Packet Delay Variation 1487 Metric for IP Performance Metrics (IPPM)", RFC 3393, 1488 November 2002. 1490 [RFC3432] Raisanen, V., Grotefeld, G. and A. Morton, "Network 1491 Performance Measurement with Periodic Streams", RFC 3432, 1492 November 2002. 1494 [RFC3577] Waldbusser, S., Cole, R.G., Kalbfleisch, C. and D. 1495 Romascanu, "Introduction to the Remote Monitoring (RMON) 1496 Family of MIB Modules", RFC3577, August 2003. 1498 [RFC3729] Waldbusser, S., "Application Performance Measurement MIB", 1499 RFC 3729, March 2004. 1501 [RFCXXX2] Dietz, R. and R.G. Cole, "Transport Performance Metrics 1502 MIB", Internet Draft, RFC XXX2, October 2003. 1504 9. Informative References 1505 [RFC1272] Mills, C., Hirsch, G., and Ruth, G. "Internet Accounting 1506 Background", RFC 1272, November 1991. 1508 [RFC2021] Waldbusser, S., "Remote Network Monitoring Management 1509 Information Base Version 2 using SMIv2", RFC 2021, January 1510 1997. 1512 [RFC2722] Browlee, N., Mills, C. and Ruth, G. "Traffic Flow 1513 Measurement: Architecture", RFC 2722, October 1999. 1515 [RFC2720] Brownlee, N. "Traffic Flow Measurement: Meter MIB", RFC 1516 2720, October 1999. 1518 [RFC2330] Paxson, V., Almes, G., Mahdavi, J. and M. Mathis, "Framework 1519 for IP Performance Metrics", RFC 2330, May 1998. 1521 [RFC2564] Kalbfleisch, C., Krupczak, C., Presuhn, R. and J. Saperia, 1522 "Application Management MIB", RFC 2564, May 1999. 1524 [RFC2594] Hazewinkel, H., Kalbfleisch, C., and J. Schoenwaelder, 1525 "Definitions of Managed Objects for WWW Services", RFC 2594, 1526 May 1999. 1528 [RFC3165] Levi, D. and J. Schoenwaelder, "Definitions of Managed 1529 Objects for the Delegation of Management Scripts", RFC 3165, 1530 August 2001. 1532 [RFC2678] Mahdavi, J. and V. Paxson, "IPPM metrics for Measuring 1533 Connectivity", RFC 2678, September 1999. 1535 [RFC2679] Almes, G., Kalidindi, S. and M. Zekauskas, "A One-way Delay 1536 Metric for IPPM", RFC 2679, September 1999. 1538 [RFC2681] Almes, G., Kalidindi, S. and M. Zekauskas, "A Round-Trip 1539 Delay Metric for IPPM", RFC 2681, September 1999. 1541 [RFC2819] Waldbusser, S., "Remote Network Monitoring Management 1542 Information Base", RFC 2819, February 1995. 1544 [RFC2925] White, K., "Definitions of Managed Objects for Remote Ping, 1545 Traceroute, and Lookup Operations", RFC 2925, September 1546 2000. 1548 [RFC2982] Stewart, B. and R. Kavasseri, "Distributed Management 1549 Expression MIB", RFC 2982, October 2000. 1551 [RFC3410] Case, J., Mundy, R., Partain, D. and B. Stewart, 1552 "Introduction and Applicability Statements for Internet- 1553 Standard Management Framework", RFC 3410, December 2002. 1555 [RFC3512] MacFadden, M., Partain, D., Saperia, J. and W. Tackabury, 1556 "Configuring Networks and Devices with Simple Network 1557 Management Protocol (SNMP)", RFC 3512, April 2003. 1559 [EBT] Mathis, M. and M. Allman, "Empirical Bulk Transfer 1560 Capacity", Internet Draft, , October 1999. 1563 [ODP] Shalunov, S., Teitelbaum, B. and M. Zekauskas, "A One-Way 1564 Delay Protocol for IP Performance Measurements", , December 2000. 1567 [PMM] Waldbusser, S., Saperia, J., and T. Hongal, "Policy Based 1568 Management MIB", Internet Draft, , March 2003. 1571 [TBT] Mathis, M., "TReno Bulk transfer Capacity", Internet Draft, 1572 , February 1999. 1574 10. Intellectual Property 1576 The IETF takes no position regarding the validity or scope of any 1577 intellectual property or other rights that might be claimed to 1578 pertain to the implementation or use of the technology described in 1579 this document or the extent to which any license under such rights 1580 might or might not be available; neither does it represent that it 1581 has made any effort to identify any such rights. Information on the 1582 IETF's procedures with respect to rights in standards-track and 1583 standards-related documentation can be found in BCP-11. Copies of 1584 claims of rights made available for publication and any assurances of 1585 licenses to be made available, or the result of an attempt made to 1586 obtain a general license or permission for the use of such 1587 proprietary rights by implementors or users of this specification can 1588 be obtained from the IETF Secretariat. 1590 The IETF invites any interested party to bring to its attention any 1591 copyrights, patents or patent applications, or other proprietary 1592 rights which may cover technology that may be required to practice 1593 this standard. Please address the information to the IETF Executive 1594 Director. 1596 11. Security Considerations 1598 This MIB module defines objects to allow packets to be injected into 1599 the network for the purpose of measuring some performance 1600 characteristics. As such, the MIB module may contain sensitive 1601 network and application data, e.g., user IDs and passwords. Further, 1602 if security is compromised, this MIB module could provide a source 1603 for denial-of-service, and potential other, attacks. These issues 1604 will be addressed within this section. 1606 There are a number of management objects defined in this MIB module 1607 that have a MAX-ACCESS clause of read-write and/or read-create. Such 1608 objects may be considered sensitive or vulnerable in some network 1609 environments. The support for SET operations in a non-secure 1610 environment without proper protection can have a negative effect on 1611 network operations. These are the tables and objects and their 1612 sensitivity/vulnerability: 1614 + The sspmSourceProfileTable contains objects that configure link- 1615 level, IP and application level data used within test suites. 1616 These objects with a MAX-ACCESS clause of read-write and/or read- 1617 create are: 1619 o sspmSourcePacketSize - configures the overall size of the 1620 test packets, 1622 o sspmSourceProfileTOS - sets the TOS field in the IPv4 and 1623 IPv6 headers, 1625 o sspmSourceProfileLooseSrcRteFill and 1626 sspmSourceProfileLooseSrcRteLen - gives a list of IPv4 or IPv6 1627 addresses for the loose source route options in the IP headers, 1628 o sspmSourceProfileFlowLabel - sets the Flow Label in the IPv6 1629 header, 1631 o sspmSourceProfileTTL - sets the TTL field in the packet 1632 headers, 1634 o sspmSourceProfileNoFrag - sets the No Fragment bit in the 1635 packet headers, 1637 o sspmSourceProfile8021Tagging - sets the Tag field in the 1638 802.1 headers, and 1640 o sspmSourceProfileUsername and sspmSourceProfilePassowrd - 1641 these hold the ID and passwords specific to an application test 1642 profile., 1644 + The sspmSourceControlTable contains objects that configure IP 1645 and application level data used within a given test. These 1646 objects with a MAX-ACCESS clause of read-write and/or read-create 1647 are: 1649 o sspmSourceControlSrc - controls the source IP address used on 1650 the test packets, 1652 o sspmSourceControlDestAddr - holds the destination address for 1653 the specific test packet, 1655 o sspmSourceControlTimeout, sspmSourceControlSamplingDist and 1656 sspmSourceControlFrequency - control the nature and frequency 1657 of the test packet injection onto the network, and 1659 o sspmSourceControlFirstSeqNum and sspmSourceControlLastSeqNum 1660 - sets the first and last sequence numbers for the specific 1661 test. 1663 + The sspmSinkTable contains objects that configure the recipient 1664 of the test packets. As such, the objects in this table have no 1665 security issues related to them. 1667 There are some attributes which configure username and password 1668 information for some application level protocols as indicated above. 1669 Access to these attributes may provide unauthorized use of resources. 1670 These attributes are: sspmSourceProfileUsername and 1671 sspmSourceProfilePassword. 1673 There are some attributes which configure the size and rate of 1674 traffic flows for the purpose of performance measurements. Access to 1675 these attributes may exacerbate the use of this MIB module in denial- 1676 of-service attacks. It is possible to define a maximum packet rate 1677 on the device and indicate this maximum rate through the 1678 sspmSourceFrequency object. This object reflects the maximum 1679 acceptable packet rate that a device supporting this MIB module is 1680 willing to generate. This places a bound on setting the test packet 1681 rate through the sspmSourceControlFrequency object. Other objects 1682 which control aspects of the test packets related to packet size and 1683 rate are the sspmSourceControlTimeOut, sspmSourceControlSamplingDist 1684 and sspmSourceControlFrequency. 1686 The objects sspmSourceControlSrc, sspmSourceControlDestAddr, 1687 sspmSourceControlLooseSrcRteFill and sspmSourceControlLooseSrcRteLen 1688 control the setting of the source and destination addresses on the 1689 packet headers and the routing of the packets. The device should not 1690 allow the setting of source addresses on the test packets other than 1691 those which are administratively configured onto the device. This is 1692 controlled by using the syntax InterfaceIndexOrZero for the control 1693 of the source address through the sspmSourceControlSrc object. 1695 It is thus important to control even GET access to these objects and 1696 possibly to even encrypt the values of these object when sending them 1697 over the network via SNMP. Not all versions of SNMP provide features 1698 for such a secure environment. 1700 SNMP versions prior to SNMPv3 did not include adequate security. 1701 Even if the network itself is secure (for example by using IPSec), 1702 even then, there is no control as to who on the secure network is 1703 allowed to access and GET/SET (read/change/create/delete) the objects 1704 in this MIB module. 1706 It is RECOMMENDED that implementers consider the security features as 1707 provided by the SNMPv3 framework (see [RFC3410], section 8), 1708 including full support for the SNMPv3 cryptographic mechanisms (for 1709 authentication and privacy). 1711 Further, deployment of SNMP versions prior to SNMPv3 is NOT 1712 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 1713 enable cryptographic security. It is then a customer/operator 1714 responsibility to ensure that the SNMP entity giving access to an 1715 instance of this MIB module is properly configured to give access to 1716 the objects only to those principals (users) that have legitimate 1717 rights to indeed GET or SET (change/create/delete) them. 1719 12. Acknowledgments 1721 This document was produced by the IETF Remote Network Monitoring 1722 Working Group. The editors gratefully acknowledge the comments of the 1723 following individuals: 1725 Andy Bierman, Lester D'Souza, Jim McQuaid, Steven Waldbusser 1727 13. Author's Addresses 1729 Carl W. Kalbfleisch 1730 NTT/VERIO 1731 8700 Stemmons Freeway, Suite 211 1732 Dallas, TX 75247 1733 USA 1734 Tel: +1 972-306-2034 1735 Email: ckalbfleisch@verio.net 1737 Robert G. Cole 1738 Johns Hopkins University Applied Physics Laboratory 1739 MP2-170 1740 11100 Johns Hopkins Road 1741 Laurel, MD 20723-6099 1742 USA 1743 Tel: +1 443-778-6951 1744 Email: robert.cole@jhuapl.edu 1746 Dan Romascanu 1747 Avaya 1748 Atidim Technology Park, Bldg. #3 1749 Tel Aviv, 61131 1750 Israel 1751 Tel: +972-3-645-8414 1752 Email: dromasca@avaya.com 1754 A. Full Copyright Statement 1756 This document and translations of it may be copied and furnished to 1757 others, and derivative works that comment on or otherwise explain it 1758 or assist in its implementation may be prepared, copied, published 1759 and distributed, in whole or in part, without restriction of any 1760 kind, provided that the above copyright notice and this paragraph are 1761 included on all such copies and derivative works. However, this 1762 document itself may not be modified in any way, such as by removing 1763 the copyright notice or references to the Internet Society or other 1764 Internet organizations, except as needed for the purpose of 1765 developing Internet standards in which case the procedures for 1766 copyrights defined in the Internet Standards process must be 1767 followed, or as required to translate it into languages other than 1768 English. 1770 The limited permissions granted above are perpetual and will not be 1771 revoked by the Internet Society or its successors or assigns. 1773 This document and the information contained herein is provided on an 1774 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 1775 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 1776 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 1777 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 1778 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 1780 *************************************************************** 1781 * Note to the RFC Editor (to be removed prior to publication) * 1782 * * 1783 * 1) The reference to RFCXXXX within the DESCRIPTION clauses * 1784 * of the MIB module point to this draft and are to be * 1785 * assigned by the RFC Editor. * 1786 * * 1787 * 2) The reference to RFCXXX2 throughout this document point * 1788 * to the current . This * 1789 * MIB module imports TCs from this draft. Once the TPM MIB * 1790 * draft is published as an RFC, then the RFCXXX2 references * 1791 * need to be replaced with the TPM MIB RFC number. * 1792 * * 1793 ***************************************************************