idnits 2.17.1 draft-ietf-rtgwg-ipfrr-ip-mib-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 17. -- Found old boilerplate from RFC 3978, Section 5.5 on line 784. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 761. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 768. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 774. ** This document has an original RFC 3978 Section 5.4 Copyright Line, instead of the newer IETF Trust Copyright according to RFC 4748. ** This document has an original RFC 3978 Section 5.5 Disclaimer, instead of the newer disclaimer which includes the IETF Trust according to RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** The abstract seems to contain references ([IPFRR]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 660: '... It is RECOMMENDED that implementers...' RFC 2119 keyword, line 666: '... RECOMMENDED. Instead, it is RECOMM...' Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == Line 347 has weird spacing: '...terface throu...' == Line 629 has weird spacing: '... entire colle...' -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (June 17, 2005) is 6888 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC2011' is mentioned on line 158, but not defined ** Obsolete undefined reference: RFC 2011 (Obsoleted by RFC 4293) == Unused Reference: 'RFC2096' is defined on line 689, but no explicit reference was found in the text == Outdated reference: A later version (-13) exists of draft-ietf-rtgwg-ipfrr-framework-02 ** Downref: Normative reference to an Informational draft: draft-ietf-rtgwg-ipfrr-framework (ref. 'FRAMEWORK') == Outdated reference: A later version (-12) exists of draft-ietf-rtgwg-ipfrr-spec-base-04 == Outdated reference: A later version (-03) exists of draft-atlas-ip-local-protect-uturn-02 -- Possible downref: Normative reference to a draft: ref. 'IPFRR-UTURN' ** Obsolete normative reference: RFC 2096 (Obsoleted by RFC 4292) ** Obsolete normative reference: RFC 3036 (Obsoleted by RFC 5036) ** Obsolete normative reference: RFC 3291 (Obsoleted by RFC 4001) ** Downref: Normative reference to an Informational RFC: RFC 3410 Summary: 13 errors (**), 0 flaws (~~), 9 warnings (==), 8 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group A. Atlas, Ed. 3 Internet-Draft B. Anderson 4 Expires: December 19, 2005 Avici Systems, Inc. 5 D. Fedyk 6 Nortel Networks 7 June 17, 2005 9 IP MIB for IP Fast-Reroute 10 draft-ietf-rtgwg-ipfrr-ip-mib-00 12 Status of this Memo 14 By submitting this Internet-Draft, each author represents that any 15 applicable patent or other IPR claims of which he or she is aware 16 have been or will be disclosed, and any of which he or she becomes 17 aware will be disclosed, in accordance with Section 6 of BCP 79. 19 Internet-Drafts are working documents of the Internet Engineering 20 Task Force (IETF), its areas, and its working groups. Note that 21 other groups may also distribute working documents as Internet- 22 Drafts. 24 Internet-Drafts are draft documents valid for a maximum of six months 25 and may be updated, replaced, or obsoleted by other documents at any 26 time. It is inappropriate to use Internet-Drafts as reference 27 material or to cite them other than as "work in progress." 29 The list of current Internet-Drafts can be accessed at 30 http://www.ietf.org/ietf/1id-abstracts.txt. 32 The list of Internet-Draft Shadow Directories can be accessed at 33 http://www.ietf.org/shadow.html. 35 This Internet-Draft will expire on December 19, 2005. 37 Copyright Notice 39 Copyright (C) The Internet Society (2005). 41 Abstract 43 This draft defines a portion of the Management Information Base (MIB) 44 for use with network management protocols in the Internet community. 45 In particular, it describes managed objects relevant for IP routes 46 using IP Fast-Reroute [IPFRR]. 48 Table of Contents 50 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 51 1.1 The SNMP Management Framework . . . . . . . . . . . . . . 3 52 2. Brief Description of MIB Objects . . . . . . . . . . . . . . . 4 53 2.1 ipFrrProtectStats Group . . . . . . . . . . . . . . . . . 4 54 2.2 ipFrrAltTable . . . . . . . . . . . . . . . . . . . . . . 4 55 2.3 ipFrrNoAltTable . . . . . . . . . . . . . . . . . . . . . 4 56 3. IP Fast-Reroute MIB Module Definitions . . . . . . . . . . . . 5 57 4. Security Considerations . . . . . . . . . . . . . . . . . . . 16 58 5. References . . . . . . . . . . . . . . . . . . . . . . . . . . 16 59 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 18 60 Intellectual Property and Copyright Statements . . . . . . . . 19 62 1. Introduction 64 This document defines a portion of the Management Information Base 65 (MIB) for use with network management protocols in the Internet 66 community. In particular, it defines the managed objects used for IP 67 routes and interfaces in relation to IP Fast-Reroute. This document 68 uses terminology from [FRAMEWORK], [IPFRR] and [IPFRR-UTURN]. 70 Current work is underway to define mechanisms for determining 71 alternate paths for traffic to use when the original path becomes 72 unavailable due to a local failure. The alternate next-hops can be 73 computed in the context of any IGP. 75 There are certain configuration attributes for IP Fast-Reroute that 76 should be configured to enable IP Fast Reroute in the context of the 77 IGP. These configuration attributes of IP Fast-Reroute are not 78 covered by this MIB module. Examples include whether IP Fast-Reroute 79 is enabled on a network region (i.e. an OSPF area or IS-IS level) and 80 the desired local hold-down timer[IPFRR], whose proper value is 81 dependent upon the size of the network region. 83 It is possible for traffic other than IP to depend upon and use the 84 alternate next-hops computed by IP Fast-Reroute. An example would be 85 MPLS traffic whose path is configured via LDP[RFC3036]. The 86 additional details (for example, outgoing MPLS label) pertaining to 87 alternate next-hops that are required by such traffic are not covered 88 by this MIB module. 90 An IP route may be reachable via multiple primary next-hops which 91 provide equal-cost paths. Where IP Fast-Reroute is enabled, each 92 primary next-hop will be protected by one or more alternate next- 93 hops. Such an alternate next-hop may itself be a primary next-hop. 95 1.1 The SNMP Management Framework 97 For a detailed overview of the documents that describe the current 98 Internet-Standard Management Framework, please refer to section 7 of 99 RFC 3410 [RFC3410]. 101 Managed objects are accessed via a virtual information store, termed 102 the Management Information Base or MIB. MIB objects are generally 103 accessed through the Simple Network Management Protocol (SNMP). 104 Objects in the MIB are defined using the mechanisms defined in the 105 Structure of Management Information (SMI). This memo specifies a MIB 106 module that is compliant to the SMIv2, which is described in STD 58, 107 RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 108 [RFC2580]. 110 2. Brief Description of MIB Objects 112 This MIB module consists of five global objects, organized into the 113 ipFrrProtectStats group, and two tables. 115 2.1 ipFrrProtectStats Group 117 The global objects in this group provide summary information related 118 to protection for all IP routes. The information available includes 119 counts of all routes, of all protected routes, of all unprotected 120 routes, of all routes which are protected against a link failure, and 121 of all routes which are protected against a node failure. 123 2.2 ipFrrAltTable 125 The ipFrrAltTable extends the inetCidrRouteTable[RFC2096-update] to 126 provide information about each alternate next-hop associated with a 127 primary next-hop used by a route. Statically configured alternate 128 next-hops associated with primary next-hops can be created. 130 2.3 ipFrrNoAltTable 132 The ipFrrNoAltTable extends the inetCidrRouteTable[RFC2096-update] to 133 provide information about the routes which do not have an alternate 134 next-hop associated with any of the route's primary next-hop. The 135 entry provides an explanation for the lack of protection. 137 3. IP Fast-Reroute MIB Module Definitions 139 IPFRR-MIB DEFINITIONS ::= BEGIN 141 IMPORTS 142 MODULE-IDENTITY, 143 OBJECT-TYPE, 144 Gauge32, 145 Integer32 FROM SNMPv2-SMI -- [RFC2578] 147 RowStatus 148 FROM SNMPv2-TC -- [RFC2579] 150 MODULE-COMPLIANCE, 151 OBJECT-GROUP FROM SNMPv2-CONF -- [RFC2580] 153 InetAddressType, 154 InetAddress FROM INET-ADDRESS-MIB -- [RFC3291] 156 InterfaceIndex FROM IF-MIB -- [RFC2863] 158 ip FROM IP-MIB -- [RFC2011] 160 inetCidrRouteDestType, 161 inetCidrRouteDest, 162 inetCidrRoutePfxLen, 163 inetCidrRoutePolicy, 164 inetCidrRouteNextHopType, 165 inetCidrRouteNextHop FROM IP-FORWARD-MIB 166 -- [draft-ietf-ipv6-rfc2096-update-07] 167 ; 169 ipFrrMIB MODULE-IDENTITY 170 LAST-UPDATED "200502181200Z" -- June 10, 2005 171 ORGANIZATION "draft-ietf-ipfrr-ip-mib-00.txt" 172 CONTACT-INFO 173 " Bill Anderson 174 Avici Systems, Inc. 175 EMail: wanderson@avici.com 177 Alia Atlas 178 Avici Systems, Inc. 179 Email: aatlas@avici.com 181 Don Fedyk 182 Nortel Networks 183 Email: dwfedyk@nortel.com 185 " 186 DESCRIPTION 187 "IP MIB module for management of IP Fast-Reroute. 189 Copyright (C) The Internet Society (date). 190 This version of this MIB module is part of 191 draft-ietf-rtgwg-ipfrr-ip-mib-00.txt" 193 REVISION "200502181200Z" -- February 18, 2005 194 DESCRIPTION 195 "Add Set operations on ipFrrAltTable" 196 REVISION "200502131200Z" -- February 13, 2005 197 DESCRIPTION 198 "Initial version." 199 ::= { ip 999 } -- To be assigned by IANA 200 -- RFC Ed.: replace 999 with actual RFC number 201 -- & remove this note 203 -- Top level components of this MIB module. 205 ipFrrMIBObjects OBJECT IDENTIFIER ::= { ipFrrMIB 1 } 207 ipFrrProtectStats OBJECT IDENTIFIER ::= { ipFrrMIBObjects 1 } 209 -- the IP FRR MIB-Group 211 -- A collection of objects providing summarized information 212 -- about the protection availability and type of alternate paths 213 -- provided by IP Fast-Reroute mechanisms. 215 ipFrrTotalRoutes OBJECT-TYPE 216 SYNTAX Gauge32 217 MAX-ACCESS read-only 218 STATUS current 219 DESCRIPTION 220 "The number of valid routes known by this entity." 221 ::= { ipFrrProtectStats 1 } 223 ipFrrUnprotectedRoutes OBJECT-TYPE 224 SYNTAX Gauge32 225 MAX-ACCESS read-only 226 STATUS current 227 DESCRIPTION 228 "The number of valid routes known by this entity 229 which do not have an alternate next-hop associated 230 with any primary next-hop." 231 ::= { ipFrrProtectStats 2 } 233 ipFrrProtectedRoutes OBJECT-TYPE 234 SYNTAX Gauge32 235 MAX-ACCESS read-only 236 STATUS current 237 DESCRIPTION 238 "The number of routes known by this entity 239 which have at least one alternate next-hop." 240 ::= { ipFrrProtectStats 3 } 242 ipFrrLinkProtectedRoutes OBJECT-TYPE 243 SYNTAX Gauge32 244 MAX-ACCESS read-only 245 STATUS current 246 DESCRIPTION 247 "The number of routes known by this entity 248 for which all alternate next-hops provide link 249 protection for their associated primary next-hops." 250 ::= { ipFrrProtectStats 4 } 252 ipFrrNodeProtectedRoutes OBJECT-TYPE 253 SYNTAX Gauge32 254 MAX-ACCESS read-only 255 STATUS current 256 DESCRIPTION 257 "The number of routes known by this entity 258 for which all alternate next-hops provide node 259 protection for their associated primary next-hops." 260 ::= { ipFrrProtectStats 5 } 262 -- the IP FRR Alternate MIB-Group 263 -- 264 -- The ipFrrAltTable extends the inetCidrRouteTable to indicate 265 -- the alternate next-hop(s) associated with each primary 266 -- next-hop. The additional indices (ipFrrAltNextHopType and 267 -- ipFrrAltNextHop ) allow for multiple alternate paths for a 268 -- given primary next-hop. 270 ipFrrAltTable OBJECT-TYPE 271 SYNTAX SEQUENCE OF IpFrrAltEntry 272 MAX-ACCESS not-accessible 273 STATUS current 274 DESCRIPTION 275 "This entity's IP Fast Reroute Alternates table." 276 ::= { ipFrrMIBObjects 2 } 278 ipFrrAltEntry OBJECT-TYPE 279 SYNTAX IpFrrAltEntry 280 MAX-ACCESS not-accessible 281 STATUS current 282 DESCRIPTION 283 "An entry containing information on a particular route, 284 one of its particular (primary) next-hops and one of 285 the associated alternate next-hops. 287 Implementers need to be aware that if the total 288 number of elements (octets or sub-identifiers) in 289 inetCidrRouteDest, inetCidrRoutePolicy, 290 inetCidrRouteNextHop, and ipFrrAltNextHop exceeds 107 291 then OIDs of column instances in this table will have 292 more than 128 sub-identifiers and cannot be accessed 293 using SNMPv1, SNMPv2c, or SNMPv3." 295 INDEX { inetCidrRouteDestType, 296 inetCidrRouteDest, 297 inetCidrRoutePfxLen, 298 inetCidrRoutePolicy, 299 inetCidrRouteNextHopType, 300 inetCidrRouteNextHop, 301 ipFrrAltNextHopType, 302 ipFrrAltNextHop 303 } 304 ::= { ipFrrAltTable 1 } 306 IpFrrAltEntry ::= SEQUENCE { 307 ipFrrAltNextHopType InetAddressType, 308 ipFrrAltNextHop InetAddress, 309 ipFrrAltIfIndex InterfaceIndex, 310 ipFrrAltType INTEGER, 311 ipFrrAltProtectionAvailable BITS, 312 ipFrrAltMetric1 Integer32, 313 ipFrrAltStatus RowStatus 314 } 316 ipFrrAltNextHopType OBJECT-TYPE 317 SYNTAX InetAddressType 318 MAX-ACCESS not-accessible 319 STATUS current 320 DESCRIPTION 321 "The type of the ipFrrNextHop address, as defined 322 in the InetAddress MIB. 324 Only those address types that may appear in an actual 325 routing table are allowed as values of this object." 326 REFERENCE "RFC 3291" 327 ::= { ipFrrAltEntry 1 } 329 ipFrrAltNextHop OBJECT-TYPE 330 SYNTAX InetAddress 331 MAX-ACCESS not-accessible 332 STATUS current 333 DESCRIPTION 334 "The address of the next system along the alternate 335 route. 337 The type of this address is determined by the value 338 of the ipFrrAltNextHopType." 339 ::= { ipFrrAltEntry 2 } 341 ipFrrAltIfIndex OBJECT-TYPE 342 SYNTAX InterfaceIndex 343 MAX-ACCESS read-create 344 STATUS current 345 DESCRIPTION 346 "The ifIndex value which identifies the local 347 interface through which the next hop of this 348 alternate route should be reached." 349 ::= { ipFrrAltEntry 3 } 351 ipFrrAltType OBJECT-TYPE 352 SYNTAX INTEGER { 353 other (1), -- type not defined 354 equalCost (2), -- primary path 355 loopFree (3), -- loop free alternate 356 uTurn (4) -- u-turn alternate 357 } 358 MAX-ACCESS read-create 359 STATUS current 360 DESCRIPTION 361 "The type of alternate which is provided by the 362 alternate next-hop. The supported types are as 363 follows: 365 equalCost : The alternate next-hop is another 366 primary next-hop. 368 loopFree : The shortest route to the destination 369 IP address from the alternate next-hop 370 does not traverse this system. See 371 draft-ietf-rtgwg-ipfrr-spec-base-04. 373 uTurn : The alternate next system, which is 374 indicated by the alternate next-hop, has 375 itself a primary path that traverses this 376 system but also has an alternate next-hop 377 for this route that does not traverse this 378 system. See 379 draft-atlas-ip-local-protect-uturn-02. 381 other : The mechanism by which the alternate next-hop 382 can be used is not specified." 383 ::= { ipFrrAltEntry 4 } 385 ipFrrAltProtectionAvailable OBJECT-TYPE 386 SYNTAX BITS { 387 nodeProtect(0), 388 linkProtect(1), 389 unknownProtection(2) 390 } 391 MAX-ACCESS read-create 392 STATUS current 393 DESCRIPTION 394 "This object specifies the scope of protection for 395 which this alternate next-hop can provide failure 396 protection. The alternate next-hop should provide 397 one or more of node-protection and link-protection. 398 If the protection provided by the alternate next-hop 399 is unknown, then only unknownProtection should be 400 specified. Specifying uknownProtection with any 401 other type of protection is not supported. " 402 ::= { ipFrrAltEntry 5 } 404 ipFrrAltMetric1 OBJECT-TYPE 405 SYNTAX Integer32 406 MAX-ACCESS read-create 407 STATUS current 408 DESCRIPTION 409 "This is the primary routing metric for this 410 alternate path to the destination IP address. 411 If the alternate path metric is unknown, the value 412 should be set to -1." 413 ::= { ipFrrAltEntry 6 } 415 ipFrrAltStatus OBJECT-TYPE 416 SYNTAX RowStatus 417 MAX-ACCESS read-create 418 STATUS current 419 DESCRIPTION 420 "The row status variable, used according to 421 row installation and removal conventions." 422 ::= { ipFrrAltEntry 7 } 424 -- the IP FRR No Alternate MIB-Group 425 -- 426 -- The ipFrrNoAltTable extends the inetCidrRouteTable 427 -- to indicate which routes are unprotected and the reason 428 -- why. The indices do not include the primary next-hop because 429 -- the lack of protection is for the route. This allows easy 430 -- access to the set of unprotected routes that would be 431 -- affected by a local failure of their primary next-hop. 433 ipFrrNoAltTable OBJECT-TYPE 434 SYNTAX SEQUENCE OF IpFrrNoAltEntry 435 MAX-ACCESS not-accessible 436 STATUS current 437 DESCRIPTION 438 "This entity's IP Fast Reroute Unprotected Routes 439 table." 440 ::= { ipFrrMIBObjects 3 } 442 ipFrrNoAltEntry OBJECT-TYPE 443 SYNTAX IpFrrNoAltEntry 444 MAX-ACCESS not-accessible 445 STATUS current 446 DESCRIPTION 447 "An entry containing the reason why a route does not 448 have an alternate next-hop. The existence of an 449 entry for a route indicates that there is no 450 alternate next-hop." 451 INDEX { inetCidrRouteDestType, 452 inetCidrRouteDest, 453 inetCidrRoutePfxLen 454 } 455 ::= { ipFrrNoAltTable 1 } 457 IpFrrNoAltEntry ::= SEQUENCE { 458 ipFrrNoAltCause INTEGER 459 } 461 ipFrrNoAltCause OBJECT-TYPE 462 SYNTAX INTEGER { 463 ipFrrUnavailable (1), -- No valid alternate(s) 464 localAddress (2), -- local/internal address 465 ipFrrDisabled (3), -- Protection not enabled 466 ipFrrUturnDisabled (4), -- Protection not enabled 467 other (5) -- unknown or other cause 468 } 469 MAX-ACCESS read-only 470 STATUS current 471 DESCRIPTION 472 "For valid routes without an alternate next-hop, this 473 object enumerates the reason why no protection is 474 available. The possibilities are as follows. 476 ipFrrUnavailable : The supported IP Fast-Reroute 477 mechanisms could not find a safe 478 alternate next-hop. 480 localAddress : The route represents a local address. 481 This system is the destination so no 482 alternate path is possible or necessary. 484 ipFrrDisabled : Finding of alternate next-hops is 485 operationally disabled. 487 ipFrrUturnDisabled : Finding of u-turn alternate 488 next-hops is operationally disabled. No 489 loop-free alternate could be found. See 490 draft-atlas-ip-local-protect-uturn-02 492 other : The reason is unknown or different from those 493 specifically enumerated possible causes." 494 ::= { ipFrrNoAltEntry 1 } 496 -- conformance information 498 ipFrrMIBConformance 499 OBJECT IDENTIFIER ::= { ipFrrMIB 2 } 501 ipFrrMIBCompliances 502 OBJECT IDENTIFIER ::= { ipFrrMIBConformance 1 } 504 ipFrrMIBGroups 505 OBJECT IDENTIFIER ::= { ipFrrMIBConformance 2 } 507 -- compliance statements 509 ipFrrMIBCompliance MODULE-COMPLIANCE 510 STATUS deprecated 511 DESCRIPTION 512 "Minimum requirements to state conformity 513 to this MIB. Supporting only IP v4 addresses 514 This is deprecated in favor of 515 ipFrrMIBInetCompliance 517 There are a number of INDEX objects that cannot be 518 represented in the form of OBJECT clauses in SMIv2, 519 but for which there are compliance requirements, 520 expressed in OBJECT clause form in this description: 522 OBJECT inetCidrRouteDestType 523 SYNTAX InetAddressType { ipv4(1), ipv4z(3) } 524 MIN-ACCESS read-only 525 DESCRIPTION 526 A (deprecated) complying implementation at this 527 level is required to support IPv4 addresses only. 528 This compliance level is defined so an 529 implementation only needs to support the addresses 530 it actually supports on the device. 532 OBJECT inetCidrRouteNextHopType 533 SYNTAX InetAddressType { ipv4(1), ipv4z(3) } 534 MIN-ACCESS read-only 535 DESCRIPTION 536 A (deprecated) complying implementation at this 537 level is required to support IPv4 addresses only. 538 This compliance level is defined so an 539 implementation only needs to support the addresses 540 it actually supports on the device. 542 OBJECT ipFrrAltNextHopType 543 SYNTAX InetAddressType { ipv4(1), ipv4z(3) } 544 MIN-ACCESS read-only 545 DESCRIPTION 546 A (deprecated) complying implementation at this 547 level is required to support IPv4 addresses only. 548 This compliance level is defined so an 549 implementation only needs to support the 550 addresses it actually supports on the device. 551 " 552 MODULE -- this module 553 MANDATORY-GROUPS { ipFrrBasicGroup } 555 ::= { ipFrrMIBCompliances 1 } 557 ipFrrMIBInetCompliance MODULE-COMPLIANCE 558 STATUS current 559 DESCRIPTION 560 "Full conformity to this MIB." 561 MODULE -- this module 562 MANDATORY-GROUPS { ipFrrBasicGroup } 564 OBJECT ipFrrAltStatus 565 SYNTAX INTEGER { active(1) } 566 WRITE-SYNTAX INTEGER { createAndGo(4), destroy(6) } 567 DESCRIPTION 568 "Support for createAndWait and notInService is not 569 required." 571 ::= { ipFrrMIBCompliances 2 } 573 ipFrrReadOnlyCompliance MODULE-COMPLIANCE 574 STATUS current 575 DESCRIPTION 577 "When this MIB is implemented without support for 578 read-create (i.e. in read-only mode), then that 579 implementation can claim read-only compliance. In that 580 case, ipFrrAlt group can be monitored but cannot be 581 configured with this MIB." 583 MODULE 584 MANDATORY-GROUPS { ipFrrBasicGroup } 586 OBJECT ipFrrAltIfIndex 587 MIN-ACCESS read-only 588 DESCRIPTION 589 "Write access is not required." 591 OBJECT ipFrrAltType 592 MIN-ACCESS read-only 593 DESCRIPTION 594 "Write access is not required." 596 OBJECT ipFrrAltProtectionAvailable 597 MIN-ACCESS read-only 598 DESCRIPTION 599 "Write access is not required." 601 OBJECT ipFrrAltMetric1 602 MIN-ACCESS read-only 603 DESCRIPTION 604 "Write access is not required." 606 OBJECT ipFrrAltStatus 607 MIN-ACCESS read-only 608 DESCRIPTION 609 "Write access is not required." 611 ::= { ipFrrMIBCompliances 3 } 613 -- units of conformance 614 ipFrrBasicGroup OBJECT-GROUP 615 OBJECTS {ipFrrTotalRoutes, 616 ipFrrUnprotectedRoutes, 617 ipFrrProtectedRoutes, 618 ipFrrLinkProtectedRoutes, 619 ipFrrNodeProtectedRoutes, 620 ipFrrAltIfIndex, 621 ipFrrAltType, 622 ipFrrAltProtectionAvailable, 623 ipFrrAltMetric1, 624 ipFrrAltStatus, 625 ipFrrNoAltCause 626 } 627 STATUS current 628 DESCRIPTION 629 "The entire collection of objects defined in 630 this MIB for management of IP Fast Reroute ." 631 ::= { ipFrrMIBGroups 1 } 633 END 635 4. Security Considerations 637 There are a number of management objects defined in this MIB module 638 with a MAX-ACCESS clause of read-write and/or read-create. Such 639 objects may be considered sensitive or vulnerable in some network 640 environments. The support for SET operations in a non-secure 641 environment without proper protection can have a negative effect on 642 network operations. The ipFrrAltTable contains routing and 643 forwarding information that is critical to the operation of the 644 network in the event of a local failure. Allowing unauthenticated 645 write access to this table can compromise the validity of the 646 alternate forwarding information. 648 Some of the readable objects in this MIB module (i.e. objects with a 649 MAX-ACCESS other than not-accessible) may be considered sensitive or 650 vulnerable in some network environments. It is thus important to 651 control even GET access to these objects and possibly to even encrypt 652 the values of these objects when sending them over the network via 653 SNMP. 655 SNMP versions prior to SNMPv3 did not include adequate security. 656 Even if the network itself is secure (for example by using IPSec), 657 even then, there is no control as to who on the secure network is 658 allowed to access and GET the objects in this MIB module. 660 It is RECOMMENDED that implementers consider the security features as 661 provided by the SNMPv3 framework (see [RFC3410], section 8), 662 including full support for the SNMPv3 cryptographic mechanisms (for 663 authentication and privacy). 665 Further, deployment of SNMP versions prior to SNMPv3 is NOT 666 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 667 enable cryptographic security. It is then a customer/operator 668 responsibility to ensure that the SNMP entity giving access to an 669 instance of this MIB module is properly configured to give access to 670 the objects only to those principals (users) that have legitimate 671 rights to indeed GET them. 673 5. References 675 [FRAMEWORK] 676 Shand, M., "IP Fast Reroute Framework", 677 draft-ietf-rtgwg-ipfrr-framework-02.txt (work in 678 progress), October 2004. 680 [IPFRR] Atlas, A., "Basic Specification for IP Fast-Reroute: Loop- 681 free Alternates", draft-ietf-rtgwg-ipfrr-spec-base-04.txt 682 (work in progress), June 2005. 684 [IPFRR-UTURN] 685 Atlas, A., "U-Turn Alternates for IP/LDP Local 686 Protection", draft-atlas-ip-local-protect-uturn-02.txt 687 (work in progress), February 2005. 689 [RFC2096] Baker, F., "IP Forwarding Table MIB", RFC 2096, 690 January 1997. 692 [RFC2096-update] 693 Haberman, B., "IP Forwarding Table MIB", 694 draft-ietf-ipv6-rfc2096-update-07.txt (work in progress), 695 February 2004. 697 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 698 Schoenwaelder, Ed., "Structure of Management Information 699 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. 701 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 702 Schoenwaelder, Ed., "Textual Conventions for SMIv2", 703 STD 58, RFC 2579, April 1999. 705 [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, 706 "Conformance Statements for SMIv2", STD 58, RFC 2580, 707 April 1999. 709 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group 710 MIB", RFC 2863, June 2000. 712 [RFC3036] Andersson, L., Doolan, P., Feldman, N., Fredette, A., and 713 B. Thomas, "LDP Specification", RFC 3036, January 2001. 715 [RFC3291] Daniele, M., Haberman, B., Routhier, S., and J. 716 Schoenwaelder, "Textual Conventions for Internet Network 717 Addresses", RFC 3291, May 2002. 719 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 720 "Introduction and Applicability Statements for Internet- 721 Standard Management Framework", RFC 3410, December 2002. 723 Authors' Addresses 725 Alia K. Atlas (editor) 726 Avici Systems, Inc. 727 101 Billerica Avenue 728 N. Billerica, MA 01862 729 USA 731 Phone: +1 978 964 2070 732 Email: aatlas@avici.com 734 Bill Anderson 735 Avici Systems, Inc. 736 101 Billerica Avenue 737 N. Billerica, MA 01862 738 USA 740 Phone: +1 978 964 2679 741 Email: wanderson@avici.com 743 Don Fedyk 744 Nortel Networks 745 600 Technology Park 746 Billerica, MA 01821 747 USA 749 Phone: +1 978 288 3041 750 Email: dwfedyk@nortel.com 752 Intellectual Property Statement 754 The IETF takes no position regarding the validity or scope of any 755 Intellectual Property Rights or other rights that might be claimed to 756 pertain to the implementation or use of the technology described in 757 this document or the extent to which any license under such rights 758 might or might not be available; nor does it represent that it has 759 made any independent effort to identify any such rights. Information 760 on the procedures with respect to rights in RFC documents can be 761 found in BCP 78 and BCP 79. 763 Copies of IPR disclosures made to the IETF Secretariat and any 764 assurances of licenses to be made available, or the result of an 765 attempt made to obtain a general license or permission for the use of 766 such proprietary rights by implementers or users of this 767 specification can be obtained from the IETF on-line IPR repository at 768 http://www.ietf.org/ipr. 770 The IETF invites any interested party to bring to its attention any 771 copyrights, patents or patent applications, or other proprietary 772 rights that may cover technology that may be required to implement 773 this standard. Please address the information to the IETF at 774 ietf-ipr@ietf.org. 776 Disclaimer of Validity 778 This document and the information contained herein are provided on an 779 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 780 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET 781 ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, 782 INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE 783 INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 784 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 786 Copyright Statement 788 Copyright (C) The Internet Society (2005). This document is subject 789 to the rights, licenses and restrictions contained in BCP 78, and 790 except as set forth therein, the authors retain all their rights. 792 Acknowledgment 794 Funding for the RFC Editor function is currently provided by the 795 Internet Society.