idnits 2.17.1 draft-ietf-rtgwg-ipfrr-ip-mib-08.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 40 instances of too long lines in the document, the longest one being 56 characters in excess of 72. ** The abstract seems to contain references ([RFC5714]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but does not include the phrase in its RFC 2119 key words list. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (February 9, 2016) is 2970 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 2 errors (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Routing Area Working Group A. Atlas 3 Internet-Draft Juniper Networks 4 Intended status: Standards Track K. Koushik 5 Expires: August 12, 2016 Cisco Systems 6 S. Litkowski 7 Orange 8 February 9, 2016 10 IP MIB for IP Fast-Reroute 11 draft-ietf-rtgwg-ipfrr-ip-mib-08 13 Abstract 15 This draft defines a portion of the Management Information Base (MIB) 16 for use with network management protocols in the Internet community. 17 In particular, it describes managed objects relevant for IP routes 18 using IP Fast-Reroute [RFC5714] 20 Requirements Language 22 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 23 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 24 document are to be interpreted as described in [RFC2119]. 26 Status of This Memo 28 This Internet-Draft is submitted in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF). Note that other groups may also distribute 33 working documents as Internet-Drafts. The list of current Internet- 34 Drafts is at http://datatracker.ietf.org/drafts/current/. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 This Internet-Draft will expire on August 12, 2016. 43 Copyright Notice 45 Copyright (c) 2016 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (http://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the Simplified BSD License. 58 Table of Contents 60 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 61 1.1. The SNMP Management Framework . . . . . . . . . . . . . . 3 62 2. Brief description of MIB Objects . . . . . . . . . . . . . . 3 63 2.1. ipFrrProtectStats Group . . . . . . . . . . . . . . . . . 3 64 2.2. ipFrrInstanceTable . . . . . . . . . . . . . . . . . . . 3 65 2.3. ipFrrIfTable . . . . . . . . . . . . . . . . . . . . . . 4 66 2.4. ipFrrProtectStatsTable . . . . . . . . . . . . . . . . . 4 67 2.5. ipFrrAltTable . . . . . . . . . . . . . . . . . . . . . . 4 68 2.6. ipFrrNoAltTable . . . . . . . . . . . . . . . . . . . . . 4 69 3. IP Fast-Reroute MIB Module Definitions . . . . . . . . . . . 4 70 4. Security Considerations . . . . . . . . . . . . . . . . . . . 25 71 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 26 72 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 26 73 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 26 74 7.1. Normative References . . . . . . . . . . . . . . . . . . 26 75 7.2. Informative References . . . . . . . . . . . . . . . . . 27 76 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 27 78 1. Introduction 80 This document defines a portion of the Management Information Base 81 (MIB) for use with network management protocols in the Internet 82 community. In particular, it defines the managed objects used for IP 83 routes and interfaces in relation to IP Fast-Reroute. This document 84 uses terminology from [RFC5714] and [RFC5286]. 86 Current work is underway to define mechanisms for determining 87 alternate paths for traffic to use when the original path becomes 88 unavailable due to a local failure. The alternate next-hops can be 89 computed in the context of any IGP. 91 There are certain configuration attributes for IP Fast-Reroute that 92 should be configured to enable IP Fast Reroute in the context of the 93 IGP. These configuration attributes of IP Fast-Reroute are not 94 covered by this MIB module. Examples include whether IP Fast-Reroute 95 is enabled on a network region (i.e. an OSPF area or IS-IS level) and 96 the desired local hold-down timer [RFC5286], whose proper value is 97 dependent upon the size of the network region. 99 It is possible for traffic other than IP to depend upon and use the 100 alternate next-hops computed by IP Fast-Reroute. An example would be 101 MPLS traffic whose path is configured via LDP [RFC5036]. The 102 additional details (for example, outgoing MPLS label) pertaining to 103 alternate next-hops that are required by such traffic are not covered 104 by this MIB module. 106 An IP route may be reachable via multiple primary next-hops which 107 provide equal-cost paths. Where IP Fast-Reroute is enabled, each 108 primary next-hop will be protected by one or more alternate next- 109 hops. Such an alternate next-hop may itself be a primary next-hop. 111 1.1. The SNMP Management Framework 113 For a detailed overview of the documents that describe the current 114 Internet-Standard Management Framework, please refer to section 7 of 115 [RFC3410]. 117 Managed objects are accessed via a virtual information store, termed 118 the Management Information Base or MIB. MIB objects are generally 119 accessed through the Simple Network Management Protocol (SNMP). 120 Objects in the MIB are defined using the mechanisms defined in the 121 Structure of Management Information (SMI). This memo specifies a MIB 122 module that is compliant to the SMIv2, which is described in STD 58, 123 [RFC2578], STD 58, [RFC2579] and STD 58, [RFC2580]. 125 2. Brief description of MIB Objects 127 2.1. ipFrrProtectStats Group 129 The global objects in this group provide summary information related 130 to protection for all IP routes. The information available includes 131 counts of all routes, of all protected routes, of all unprotected 132 routes, of all routes which are protected against a link failure, and 133 of all routes which are protected against a node failure. 135 2.2. ipFrrInstanceTable 137 The ipFrrInstanceTable provides information about configuration of IP 138 FRR instantiations on a node. A single node may have multiple 139 instances of IP FRR using different algorithms or protocols. 140 ipFrrInstances cannot be created through the MIB. 142 2.3. ipFrrIfTable 144 The ipFrrIfTable provides information about configuration of 145 interfaces for IPFRR. Entries can be created to activate IPFRR on a 146 particular interface or setting the candidate properties. 148 2.4. ipFrrProtectStatsTable 150 The ipFrrProtectStatsTable complements the ipFrrProtectStats group by 151 providing statistics per IP FRR instance. 153 2.5. ipFrrAltTable 155 The ipFrrAltTable extends the inetCidrRouteTable [RFC4292] to provide 156 information about each alternate next-hop associated with a primary 157 next-hop used by a route. 159 2.6. ipFrrNoAltTable 161 The ipFrrNoAltTable extends the inetCidrRouteTable [RFC4292] to 162 provide information about the routes which do not have an alternate 163 next-hop associated with any of the route's primary next-hop. The 164 entry provides an explanation for the lack of protection. 166 3. IP Fast-Reroute MIB Module Definitions 168 IPFRR-MIB DEFINITIONS ::= BEGIN 170 IMPORTS 171 MODULE-IDENTITY, 172 OBJECT-TYPE, 173 Gauge32, 174 Integer32 FROM SNMPv2-SMI -- [RFC2578] 176 RowStatus 177 FROM SNMPv2-TC -- [RFC2579] 179 MODULE-COMPLIANCE, 180 OBJECT-GROUP FROM SNMPv2-CONF -- [RFC2580] 182 InetAddressType, 183 InetAddress FROM INET-ADDRESS-MIB -- [RFC4001] 185 ifIndex, InterfaceIndex FROM IF-MIB -- [RFC2863] 187 ip FROM IP-MIB -- [RFC4293] 188 inetCidrRouteDestType, 189 inetCidrRouteDest, 190 inetCidrRoutePfxLen, 191 inetCidrRoutePolicy, 192 inetCidrRouteNextHopType, 193 inetCidrRouteNextHop FROM IP-FORWARD-MIB 194 -- [RFC4292] 196 IANAipRouteProtocol FROM IANA-RTPROTO-MIB 198 ; 200 ipFrrMIB MODULE-IDENTITY 201 LAST-UPDATED "201508040000Z" -- Aug 04, 2015 202 ORGANIZATION "draft-ietf-ipfrr-ip-mib-06.txt" 203 CONTACT-INFO 204 " 205 A S Kiran Koushik 206 Cisco Systems Inc. 207 EMail: kkoushik@cisco.com 209 Alia Atlas 210 Juniper Networks 211 Email: akatlas@juniper.net 213 Stephane Litkowski 214 Orange Business Service 215 Email: stephane.litkowski@orange.com 217 " 219 DESCRIPTION 220 "IP MIB module for management of IP Fast-Reroute. 222 Copyright (C) The Internet Society (date). 223 This version of this MIB module is part of 224 draft-ietf-rtgwg-ipfrr-ip-mib-07.txt" 226 REVISION "201508040000Z" -- Aug 04, 2015 227 DESCRIPTION 228 "Fixing some syntax issues 229 Moved ipFrrInstanceTable to readonly 230 Moved ipFrrAltTable to readonly 231 Modified Readonly conformance 232 Deleting ipFrrInstanceRowStatus 233 Deleting ipFrrAltStatus 234 Added notProtect to ipFrrIfProtectionType 235 " 237 REVISION "201406141200Z" -- Jun 14, 2014 238 DESCRIPTION 239 "draft-ietf-rtgwg-ipfrr-ip-mib-03.txt" 241 REVISION "201406131200Z" -- Jun 13, 2014 242 DESCRIPTION 243 "Add ipFrrTunnelType in ipFrrAltEntry 244 Modify ipFrrAltType" 246 REVISION "201405261200Z" -- May 26, 2014 247 DESCRIPTION 248 "Add ipFrrInstanceTable. 249 Add ipFrrIfTable. 250 ipFrrProtectStatsTable complements ipFrrProtectStats to have statistics per instance. 251 Add ipFrrAltMetric2, ipFrrAltMetric3, ipFrrAltBest, ipFrrAltNonBestReason to ipFrrAltEntry. 252 Add integer values to ipFrrAltType. 253 Add integer values to ipFrrAltProtectionAvailable. 254 Changed attachment of ipFrrAltStatus in ipFrrAltEntry. 255 Added IPv6 objects in ipFrrProtectStats." 257 REVISION "201203131200Z" -- Mar 13, 2012 258 DESCRIPTION 259 "Editorial changes. Added new type to ipFrrAltType." 261 REVISION "200502181200Z" -- February 18, 2005 262 DESCRIPTION 263 "Add Set operations on ipFrrAltTable" 265 REVISION "200502131200Z" -- February 13, 2005 266 DESCRIPTION 267 "Initial version." 268 ::= { ip 50 } -- To be assigned by IANA 270 -- Top level components of this MIB module. 272 ipFrrMIBObjects OBJECT IDENTIFIER ::= { ipFrrMIB 1 } 274 ipFrrProtectStats OBJECT IDENTIFIER ::= { ipFrrMIBObjects 1 } 276 -- the IP FRR MIB-Group 277 -- A collection of objects providing summarized information 278 -- about the protection availability and type of alternate paths 279 -- provided by IP Fast-Reroute mechanisms. 281 ipFrrTotalRoutes OBJECT-TYPE 282 SYNTAX Gauge32 283 MAX-ACCESS read-only 284 STATUS current 285 DESCRIPTION 286 "The number of IPv4 valid routes known by this entity." 287 ::= { ipFrrProtectStats 1 } 289 ipFrrUnprotectedRoutes OBJECT-TYPE 290 SYNTAX Gauge32 291 MAX-ACCESS read-only 293 STATUS current 294 DESCRIPTION 295 "The number of IPv4 valid routes known by this entity 296 which do not have an alternate next-hop associated 297 with any primary next-hop." 298 ::= { ipFrrProtectStats 2 } 300 ipFrrProtectedRoutes OBJECT-TYPE 301 SYNTAX Gauge32 302 MAX-ACCESS read-only 303 STATUS current 304 DESCRIPTION 305 "The number of IPv4 routes known by this entity 306 which have at least one alternate next-hop." 307 ::= { ipFrrProtectStats 3 } 309 ipFrrLinkProtectedRoutes OBJECT-TYPE 310 SYNTAX Gauge32 311 MAX-ACCESS read-only 312 STATUS current 313 DESCRIPTION 314 "The number of IPv4 routes known by this entity 315 for which all alternate next-hops provide link 316 protection for their associated primary next-hops." 317 ::= { ipFrrProtectStats 4 } 319 ipFrrNodeProtectedRoutes OBJECT-TYPE 320 SYNTAX Gauge32 321 MAX-ACCESS read-only 322 STATUS current 323 DESCRIPTION 324 "The number of IPv4 routes known by this entity 325 for which all alternate next-hops provide node 326 protection for their associated primary next-hops." 327 ::= { ipFrrProtectStats 5 } 329 ipv6FrrTotalRoutes OBJECT-TYPE 330 SYNTAX Gauge32 331 MAX-ACCESS read-only 332 STATUS current 333 DESCRIPTION 334 "The number of IPv6 valid routes known by this entity." 335 ::= { ipFrrProtectStats 6 } 337 ipv6FrrUnprotectedRoutes OBJECT-TYPE 338 SYNTAX Gauge32 339 MAX-ACCESS read-only 340 STATUS current 342 DESCRIPTION 343 "The number of IPv6 valid routes known by this entity 344 which do not have an alternate next-hop associated 345 with any primary next-hop." 346 ::= { ipFrrProtectStats 7 } 348 ipv6FrrProtectedRoutes OBJECT-TYPE 349 SYNTAX Gauge32 350 MAX-ACCESS read-only 351 STATUS current 352 DESCRIPTION 353 "The number of IPv6 routes known by this entity 354 which have at least one alternate next-hop." 355 ::= { ipFrrProtectStats 8 } 357 ipv6FrrLinkProtectedRoutes OBJECT-TYPE 358 SYNTAX Gauge32 359 MAX-ACCESS read-only 360 STATUS current 361 DESCRIPTION 362 "The number of IPv6 routes known by this entity 363 for which all alternate next-hops provide link 364 protection for their associated primary next-hops." 365 ::= { ipFrrProtectStats 9 } 367 ipv6FrrNodeProtectedRoutes OBJECT-TYPE 368 SYNTAX Gauge32 369 MAX-ACCESS read-only 370 STATUS current 371 DESCRIPTION 372 "The number of IPv6 routes known by this entity 373 for which all alternate next-hops provide node 374 protection for their associated primary next-hops." 375 ::= { ipFrrProtectStats 10 } 377 -- the IP FRR instance MIB-group 378 -- 379 -- The ipFrrInstanceTable provides detail on current IPFRR 380 -- instances activated on the node 382 ipFrrInstanceTable OBJECT-TYPE 383 SYNTAX SEQUENCE OF IpFrrInstanceEntry 384 MAX-ACCESS not-accessible 385 STATUS current 386 DESCRIPTION 387 "This entity's IP Fast Reroute Instance table." 388 ::= { ipFrrMIBObjects 4 } 390 ipFrrInstanceEntry OBJECT-TYPE 391 SYNTAX IpFrrInstanceEntry 392 MAX-ACCESS not-accessible 393 STATUS current 394 DESCRIPTION 395 "An entry containing information on a particular 396 IP FRR instance on the node." 398 INDEX { ipFrrInstanceId 399 } 400 ::= { ipFrrInstanceTable 1 } 402 IpFrrInstanceEntry ::= SEQUENCE { 403 ipFrrInstanceId INTEGER, 404 ipFrrInstanceProtocol IANAipRouteProtocol, 405 ipFrrInstanceAlgorithm Integer32, 406 ipFrrInstancePerPrefixComputation INTEGER 407 } 409 ipFrrInstanceId OBJECT-TYPE 410 SYNTAX Integer32 (1..255) 411 MAX-ACCESS not-accessible 412 STATUS current 413 DESCRIPTION 414 "This object specifies an identificator a of particular IPFRR instance. " 415 ::= { ipFrrInstanceEntry 1 } 417 ipFrrInstanceProtocol OBJECT-TYPE 418 SYNTAX IANAipRouteProtocol 419 MAX-ACCESS read-only 420 STATUS current 421 DESCRIPTION 422 "This object specifies the protocol used by the IPFRR instance." 423 ::= { ipFrrInstanceEntry 2 } 425 ipFrrInstanceAlgorithm OBJECT-TYPE 426 SYNTAX INTEGER { 427 loopFree(1), 428 loopFreeRemote(2), 429 loopFreeTI(3), 430 mrt(4) 431 } 432 MAX-ACCESS read-only 433 STATUS current 434 DESCRIPTION 435 "This object specifies the algorithm used by the IPFRR instance." 436 ::= { ipFrrInstanceEntry 3 } 438 ipFrrInstancePerPrefixComputation OBJECT-TYPE 439 SYNTAX INTEGER { 440 false(0), 441 true(1) 442 } 443 MAX-ACCESS read-only 444 STATUS current 445 DESCRIPTION 446 "This object specifies if per prefix computation is used." 447 ::= { ipFrrInstanceEntry 4 } 449 -- the IP FRR Interface MIB-Group 450 -- 451 -- ipFrrIfTable provides information on configuration 452 -- of interfaces for IPFRR 454 ipFrrIfTable OBJECT-TYPE 455 SYNTAX SEQUENCE OF IpFrrIfEntry 456 MAX-ACCESS not-accessible 457 STATUS current 458 DESCRIPTION 459 "This entity's IP Fast Reroute Alternates Interface configuration table." 461 ::= { ipFrrMIBObjects 5 } 463 ipFrrIfEntry OBJECT-TYPE 464 SYNTAX IpFrrIfEntry 465 MAX-ACCESS not-accessible 466 STATUS current 467 DESCRIPTION 468 "An entry containing information on a particular instance of an IPFRR interface." 470 INDEX { ipFrrInstanceId, 471 ifIndex 472 } 473 ::= { ipFrrIfTable 1 } 475 IpFrrIfEntry ::= SEQUENCE { 476 ipFrrIfProtectionType BITS, 477 ipFrrIfCandidate INTEGER, 478 ipFrrIfRowStatus RowStatus 479 } 481 ipFrrIfProtectionType OBJECT-TYPE 482 SYNTAX BITS { 483 nodeProtect(0), 484 linkProtect(1), 485 nodelinkProtect(2), 486 notProtect(3) 487 } 488 MAX-ACCESS read-create 489 STATUS current 490 DESCRIPTION 491 "This object specifies the scope of protection requested for the protection of the destinations. 492 nodeProtect means node protection only compared to nodelinkProtect which means node protection 493 if available and link protection if not available. " 494 ::= { ipFrrIfEntry 1 } 496 ipFrrIfCandidate OBJECT-TYPE 497 SYNTAX INTEGER { 498 false (0), 499 true (1) 500 } 501 MAX-ACCESS read-create 502 STATUS current 503 DESCRIPTION 504 "This object specifies the scope of protection requested for the protection of the destinations. 505 nodeProtect means node protection only compared to nodelinkProtect which means node protection 506 if available and link protection if not available. " 507 DEFVAL {1} 509 ::= { ipFrrIfEntry 2 } 511 ipFrrIfRowStatus OBJECT-TYPE 512 SYNTAX RowStatus 513 MAX-ACCESS read-create 514 STATUS current 515 DESCRIPTION 516 "." 517 ::= { ipFrrIfEntry 3 } 519 -- the IP FRR Stats MIB-Group 520 -- 521 -- ipFrrProtectStatsTable provides provides 522 -- protection availability and type of alternate paths 523 -- provided by IP Fast-Reroute mechanisms per IPFRR instance. 525 ipFrrProtectStatsTable OBJECT-TYPE 526 SYNTAX SEQUENCE OF IpFrrProtectStatsEntry 527 MAX-ACCESS not-accessible 528 STATUS current 529 DESCRIPTION 530 "This entity's IP Fast Reroute Alternates statistics table." 531 ::= { ipFrrMIBObjects 6 } 533 ipFrrProtectStatsEntry OBJECT-TYPE 534 SYNTAX IpFrrProtectStatsEntry 535 MAX-ACCESS not-accessible 536 STATUS current 537 DESCRIPTION 538 "An entry containing information on a particular instance of IPFRR. 540 ." 542 INDEX { ipFrrInstanceId 543 } 544 ::= { ipFrrProtectStatsTable 1 } 546 IpFrrProtectStatsEntry ::= SEQUENCE { 547 ipFrrStatsTotalRoutes Gauge32, 548 ipFrrStatsUnprotectedRoutes Gauge32, 549 ipFrrStatsProtectedRoutes Gauge32, 550 ipFrrStatsLinkProtectedRoutes Gauge32, 551 ipFrrStatsNodeProtectedRoutes Gauge32, 552 ipv6FrrStatsTotalRoutes Gauge32, 553 ipv6FrrStatsUnprotectedRoutes Gauge32, 554 ipv6FrrStatsProtectedRoutes Gauge32, 555 ipv6FrrStatsLinkProtectedRoutes Gauge32, 556 ipv6FrrStatsNodeProtectedRoutes Gauge32 557 } 559 ipFrrStatsTotalRoutes OBJECT-TYPE 560 SYNTAX Gauge32 561 MAX-ACCESS read-only 562 STATUS current 563 DESCRIPTION 564 "The number of valid routes known by this entity." 565 ::= { ipFrrProtectStatsEntry 1 } 567 ipFrrStatsUnprotectedRoutes OBJECT-TYPE 568 SYNTAX Gauge32 569 MAX-ACCESS read-only 570 STATUS current 571 DESCRIPTION 572 "The number of valid routes known by this entity 574 which do not have an alternate next-hop associated 575 with any primary next-hop." 576 ::= { ipFrrProtectStatsEntry 2 } 578 ipFrrStatsProtectedRoutes OBJECT-TYPE 579 SYNTAX Gauge32 580 MAX-ACCESS read-only 581 STATUS current 582 DESCRIPTION 583 "The number of routes known by this entity 584 which have at least one alternate next-hop." 585 ::= { ipFrrProtectStatsEntry 3 } 587 ipFrrStatsLinkProtectedRoutes OBJECT-TYPE 588 SYNTAX Gauge32 589 MAX-ACCESS read-only 590 STATUS current 591 DESCRIPTION 592 "The number of routes known by this entity 593 for which all alternate next-hops provide link 594 protection for their associated primary next-hops." 595 ::= { ipFrrProtectStatsEntry 4 } 597 ipFrrStatsNodeProtectedRoutes OBJECT-TYPE 598 SYNTAX Gauge32 599 MAX-ACCESS read-only 600 STATUS current 601 DESCRIPTION 602 "The number of routes known by this entity 603 for which all alternate next-hops provide node 604 protection for their associated primary next-hops." 605 ::= { ipFrrProtectStatsEntry 5 } 607 ipv6FrrStatsTotalRoutes OBJECT-TYPE 608 SYNTAX Gauge32 609 MAX-ACCESS read-only 610 STATUS current 611 DESCRIPTION 612 "The number of valid IPv6 routes known by this entity." 613 ::= { ipFrrProtectStatsEntry 6 } 615 ipv6FrrStatsUnprotectedRoutes OBJECT-TYPE 616 SYNTAX Gauge32 617 MAX-ACCESS read-only 618 STATUS current 619 DESCRIPTION 620 "The number of valid IPv6 routes known by this entity 621 which do not have an alternate next-hop associated 623 with any primary next-hop." 624 ::= { ipFrrProtectStatsEntry 7 } 626 ipv6FrrStatsProtectedRoutes OBJECT-TYPE 627 SYNTAX Gauge32 628 MAX-ACCESS read-only 629 STATUS current 630 DESCRIPTION 631 "The number of IPv6 routes known by this entity 632 which have at least one alternate next-hop." 633 ::= { ipFrrProtectStatsEntry 8 } 635 ipv6FrrStatsLinkProtectedRoutes OBJECT-TYPE 636 SYNTAX Gauge32 637 MAX-ACCESS read-only 638 STATUS current 639 DESCRIPTION 640 "The number of IPv6 routes known by this entity 641 for which all alternate next-hops provide link 642 protection for their associated primary next-hops." 643 ::= { ipFrrProtectStatsEntry 9 } 645 ipv6FrrStatsNodeProtectedRoutes OBJECT-TYPE 646 SYNTAX Gauge32 647 MAX-ACCESS read-only 648 STATUS current 649 DESCRIPTION 650 "The number of IPv6 routes known by this entity 651 for which all alternate next-hops provide node 652 protection for their associated primary next-hops." 653 ::= { ipFrrProtectStatsEntry 10 } 655 -- the IP FRR Alternate MIB-Group 656 -- 657 -- The ipFrrAltTable extends the inetCidrRouteTable to indicate 658 -- the alternate next-hop(s) associated with each primary 659 -- next-hop. The additional indices (ipFrrAltNextHopType and 660 -- ipFrrAltNextHop ) allow for multiple alternate paths for a 661 -- given primary next-hop. 663 ipFrrAltTable OBJECT-TYPE 664 SYNTAX SEQUENCE OF IpFrrAltEntry 665 MAX-ACCESS not-accessible 666 STATUS current 667 DESCRIPTION 668 "This entity's IP Fast Reroute Alternates table." 669 ::= { ipFrrMIBObjects 2 } 671 ipFrrAltEntry OBJECT-TYPE 672 SYNTAX IpFrrAltEntry 673 MAX-ACCESS not-accessible 674 STATUS current 675 DESCRIPTION 676 "An entry containing information on a particular route, 677 one of its particular (primary) next-hops and one of 678 the associated alternate next-hops. 680 Implementers need to be aware that if the total 681 number of elements (octets or sub-identifiers) in 682 inetCidrRouteDest, inetCidrRoutePolicy, 683 inetCidrRouteNextHop, and ipFrrAltNextHop exceeds 107 684 then OIDs of column instances in this table will have 685 more than 128 sub-identifiers and cannot be accessed 686 using SNMPv1, SNMPv2c, or SNMPv3." 688 INDEX { inetCidrRouteDestType, 689 inetCidrRouteDest, 690 inetCidrRoutePfxLen, 691 inetCidrRoutePolicy, 692 inetCidrRouteNextHopType, 693 inetCidrRouteNextHop, 694 ipFrrAltNextHopType, 695 ipFrrAltNextHop 696 } 697 ::= { ipFrrAltTable 1 } 699 IpFrrAltEntry ::= SEQUENCE { 700 ipFrrAltNextHopType InetAddressType, 701 ipFrrAltNextHop InetAddress, 702 ipFrrAltIfIndex InterfaceIndex, 703 ipFrrAltType INTEGER, 704 ipFrrTunnelType INTEGER, 705 ipFrrAltProtectionAvailable BITS, 706 ipFrrAltMetric1 Integer32, 707 ipFrrAltMetric2 Integer32, 708 ipFrrAltMetric3 Integer32, 709 ipFrrAltBest INTEGER, 710 ipFrrAltNonBestReason OCTET STRING 711 } 713 ipFrrAltNextHopType OBJECT-TYPE 714 SYNTAX InetAddressType 715 MAX-ACCESS not-accessible 716 STATUS current 717 DESCRIPTION 719 "The type of the ipFrrNextHop address, as defined 720 in the InetAddress MIB. 722 Only those address types that may appear in an actual 723 routing table are allowed as values of this object." 724 REFERENCE "RFC 4001" 725 ::= { ipFrrAltEntry 1 } 727 ipFrrAltNextHop OBJECT-TYPE 728 SYNTAX InetAddress 729 MAX-ACCESS not-accessible 730 STATUS current 731 DESCRIPTION 732 "The address of the next system along the alternate 733 route. 735 The type of this address is determined by the value 736 of the ipFrrAltNextHopType." 737 ::= { ipFrrAltEntry 2 } 739 ipFrrAltIfIndex OBJECT-TYPE 740 SYNTAX InterfaceIndex 741 MAX-ACCESS read-only 742 STATUS current 743 DESCRIPTION 744 "The ifIndex value which identifies the local 745 interface through which the next hop of this 746 alternate route should be reached." 747 ::= { ipFrrAltEntry 3 } 749 ipFrrAltType OBJECT-TYPE 750 SYNTAX INTEGER { 751 other (1), -- type not defined 752 equalCost (2), -- primary path 753 loopFree (3), -- loop free alternate 754 loopFreeRemote (4), -- remote loop free alternate 755 loopFreeNH (5), -- loop free alternate using a configured tunnel toward the nexthop 756 loopFreeNNH (6), -- loop free alternate using a configured tunnel toward the nextnexthop 757 loopFreeTI (7), -- loop free alternate using topology independent algorithm 758 mrt (8) -- Maximally Redundant Trees 759 } 760 MAX-ACCESS read-only 761 STATUS current 762 DESCRIPTION 763 "The type of alternate which is provided by the 764 alternate next-hop. The supported types are as 765 follows: 767 equalCost : The alternate next-hop is another 768 primary next-hop. 770 loopFreeConnected : loop free alternate (LFA as described in RFC5286) 772 loopFreeRemote : remote LFA (as described in draft-ietf-rtgwg-remote-lfa) 774 loopFreeNH : loop free alternate using a configured tunnel toward the nexthop (link protection only) 776 loopFreeNNH : loop free alternate using a configured tunnel toward the nextnexthop (node protection) 778 loopFreeTI : loop free alternate using topology independent algorithm 780 other : The mechanism by which the alternate next-hop 781 can be used is not specified. 783 MRT : Maximally Redundant Trees, where each 784 destination has two MRTs associated with it. 785 These two trees are referred as blue and red 786 MRTs. 788 See draft-ietf-rtgwg-mrt-frr-architecture-00. 789 " 790 ::= { ipFrrAltEntry 4 } 792 ipFrrTunnelType OBJECT-TYPE 793 SYNTAX INTEGER { 794 none (1), -- No tunnel used 795 other (2), -- type not defined 796 ldp (3), -- LDP tunnel 797 ip (4), -- IP based tunnel (GRE, IPIP, L2TP ...) 798 srmpls (5), -- SPRING tunnel using MPLS dataplane 799 sripv6 (6), -- SPRING tunnel using IPv6 dataplane 800 rsvpte (7), -- RSVP-TE tunnel 801 mtldp (8) -- LDP tunnel on another topology 802 } 803 MAX-ACCESS read-only 804 STATUS current 805 DESCRIPTION 806 "The type of tunnel used to reach the alternate. 807 The supported types are as follows: 809 none : No tunnel used 811 ldp : use LDP tunnel to reach the alternate (typically the case of rLFA) 813 ip : use IP based tunnel to reach the alternate 815 srmpls or sripv6 : use SPRING based tunnel (typically the case of TI-LFA) 817 rsvpte : use a RSVP-TE LSP to reach the alternate 819 mtldp : use an LDP tunnel based on another topology (typically the case of MRT) 821 " 822 ::= { ipFrrAltEntry 5 } 824 ipFrrAltProtectionAvailable OBJECT-TYPE 825 SYNTAX BITS { 826 nodeProtect(0), 827 linkProtect(1), 828 srlgProtect(2), 829 downstreamProtect(3), 830 unknownProtection(4) 831 } 832 MAX-ACCESS read-only 833 STATUS current 834 DESCRIPTION 835 "This object specifies the scope of protection for 836 which this alternate next-hop can provide failure 837 protection. The alternate next-hop should provide 838 one or more of node-protection and link-protection. 839 If the protection provided by the alternate next-hop 840 is unknown, then only unknownProtection should be 841 specified. Specifying uknownProtection with any 842 other type of protection is not supported. " 843 ::= { ipFrrAltEntry 6 } 845 ipFrrAltMetric1 OBJECT-TYPE 846 SYNTAX Integer32 847 MAX-ACCESS read-only 848 STATUS current 849 DESCRIPTION 850 "This is the primary routing metric for this 851 alternate path to the destination IP address. 852 If the alternate path metric is unknown, the value 853 should be set to -1." 854 ::= { ipFrrAltEntry 7 } 856 ipFrrAltMetric2 OBJECT-TYPE 857 SYNTAX Integer32 858 MAX-ACCESS read-only 859 STATUS current 860 DESCRIPTION 861 "This is the primary routing metric for this 862 alternate path from the PLR to the alternate. 863 If the alternate path metric is unknown, the value 865 should be set to -1." 866 ::= { ipFrrAltEntry 8 } 868 ipFrrAltMetric3 OBJECT-TYPE 869 SYNTAX Integer32 870 MAX-ACCESS read-only 871 STATUS current 872 DESCRIPTION 873 "This is the primary routing metric for this 874 alternate path from the alternate to the destination. 875 If the alternate path metric is unknown, the value 876 should be set to -1." 877 ::= { ipFrrAltEntry 9 } 879 ipFrrAltBest OBJECT-TYPE 880 SYNTAX INTEGER { false(0), true(1) } 881 MAX-ACCESS read-only 882 STATUS current 883 DESCRIPTION 884 "This object provides information if the alternate is the best one." 885 ::= { ipFrrAltEntry 10 } 887 ipFrrAltNonBestReason OBJECT-TYPE 888 SYNTAX OCTET STRING (SIZE (0..255)) 889 MAX-ACCESS read-only 890 STATUS current 891 DESCRIPTION 892 "This object provides reason why an alternate is not the best one." 893 ::= { ipFrrAltEntry 11 } 895 -- the IP FRR No Alternate MIB-Group 896 -- 897 -- The ipFrrNoAltTable extends the inetCidrRouteTable 898 -- to indicate which routes are unprotected and the reason 899 -- why. The indices do not include the primary next-hop because 900 -- the lack of protection is for the route. This allows easy 901 -- access to the set of unprotected routes that would be 902 -- affected by a local failure of their primary next-hop. 904 ipFrrNoAltTable OBJECT-TYPE 905 SYNTAX SEQUENCE OF IpFrrNoAltEntry 906 MAX-ACCESS not-accessible 907 STATUS current 908 DESCRIPTION 909 "This entity's IP Fast Reroute Unprotected Routes 910 table." 911 ::= { ipFrrMIBObjects 3 } 913 ipFrrNoAltEntry OBJECT-TYPE 914 SYNTAX IpFrrNoAltEntry 915 MAX-ACCESS not-accessible 916 STATUS current 917 DESCRIPTION 918 "An entry containing the reason why a route does not 919 have an alternate next-hop. The existence of an 920 entry for a route indicates that there is no 921 alternate next-hop." 922 INDEX { inetCidrRouteDestType, 923 inetCidrRouteDest, 924 inetCidrRoutePfxLen 926 } 927 ::= { ipFrrNoAltTable 1 } 929 IpFrrNoAltEntry ::= SEQUENCE { 930 ipFrrNoAltCause INTEGER 931 } 933 ipFrrNoAltCause OBJECT-TYPE 934 SYNTAX INTEGER { 935 ipFrrUnavailable (1), -- No valid alternate(s) 936 localAddress (2), -- local/internal address 937 ipFrrDisabled (3), -- Protection not enabled 938 other (4) -- unknown or other cause 939 } 940 MAX-ACCESS read-only 941 STATUS current 942 DESCRIPTION 943 "For valid routes without an alternate next-hop, this 944 object enumerates the reason why no protection is 945 available. The possibilities are as follows. 947 ipFrrUnavailable : The supported IP Fast-Reroute 948 mechanisms could not find a safe 949 alternate next-hop. 951 localAddress : The route represents a local address. 952 This system is the destination so no 954 alternate path is possible or necessary. 956 ipFrrDisabled : Finding of alternate next-hops is 957 operationally disabled. 959 other : The reason is unknown or different from those 960 specifically enumerated possible causes." 961 ::= { ipFrrNoAltEntry 1 } 963 -- conformance information 965 ipFrrMIBConformance 966 OBJECT IDENTIFIER ::= { ipFrrMIB 2 } 968 ipFrrMIBCompliances 969 OBJECT IDENTIFIER ::= { ipFrrMIBConformance 1 } 971 ipFrrMIBGroups 972 OBJECT IDENTIFIER ::= { ipFrrMIBConformance 2 } 974 -- compliance statements 976 ipFrrMIBCompliance MODULE-COMPLIANCE 977 STATUS deprecated 978 DESCRIPTION 979 "Minimum requirements to state conformity 980 to this MIB. Supporting only IP v4 addresses 981 This is deprecated in favor of 982 ipFrrMIBInetCompliance 984 There are a number of INDEX objects that cannot be 985 represented in the form of OBJECT clauses in SMIv2, 986 but for which there are compliance requirements, 987 expressed in OBJECT clause form in this description: 989 OBJECT inetCidrRouteDestType 990 SYNTAX InetAddressType { ipv4(1), ipv4z(3) } 991 MIN-ACCESS read-only 992 DESCRIPTION 993 A (deprecated) complying implementation at this 994 level is required to support IPv4 addresses only. 995 This compliance level is defined so an 996 implementation only needs to support the addresses 997 it actually supports on the device. 999 OBJECT inetCidrRouteNextHopType 1000 SYNTAX InetAddressType { ipv4(1), ipv4z(3) } 1001 MIN-ACCESS read-only 1003 DESCRIPTION 1004 A (deprecated) complying implementation at this 1005 level is required to support IPv4 addresses only. 1006 This compliance level is defined so an 1007 implementation only needs to support the addresses 1008 it actually supports on the device. 1010 OBJECT ipFrrAltNextHopType 1011 SYNTAX InetAddressType { ipv4(1), ipv4z(3) } 1012 MIN-ACCESS read-only 1013 DESCRIPTION 1014 A (deprecated) complying implementation at this 1015 level is required to support IPv4 addresses only. 1016 This compliance level is defined so an 1017 implementation only needs to support the 1018 addresses it actually supports on the device. 1019 " 1020 MODULE -- this module 1021 MANDATORY-GROUPS { ipFrrBasicGroup } 1023 ::= { ipFrrMIBCompliances 1 } 1025 ipFrrMIBInetCompliance MODULE-COMPLIANCE 1026 STATUS current 1027 DESCRIPTION 1028 "Full conformity to this MIB." 1029 MODULE -- this module 1030 MANDATORY-GROUPS { ipFrrBasicGroup } 1032 OBJECT ipFrrIfRowStatus 1033 SYNTAX INTEGER { active(1) } 1034 WRITE-SYNTAX INTEGER { createAndGo(4), destroy(6) } 1035 DESCRIPTION 1036 "Support for createAndWait and notInService is not 1037 required." 1039 ::= { ipFrrMIBCompliances 2 } 1041 ipFrrReadOnlyCompliance MODULE-COMPLIANCE 1042 STATUS current 1043 DESCRIPTION 1045 "When this MIB is implemented without support for 1046 read-create (i.e. in read-only mode), then that 1047 implementation can claim read-only compliance. In that 1048 case, ipFrrAlt group can be monitored but cannot be 1049 configured with this MIB." 1051 MODULE 1052 MANDATORY-GROUPS { ipFrrBasicGroup } 1054 OBJECT ipFrrIfProtectionType 1055 MIN-ACCESS read-only 1056 DESCRIPTION 1057 "Write access is not required." 1059 OBJECT ipFrrIfCandidate 1060 MIN-ACCESS read-only 1061 DESCRIPTION 1062 "Write access is not required." 1064 OBJECT ipFrrIfRowStatus 1065 MIN-ACCESS read-only 1066 DESCRIPTION 1067 "Write access is not required." 1069 ::= { ipFrrMIBCompliances 3 } 1071 -- units of conformance 1072 ipFrrBasicGroup OBJECT-GROUP 1073 OBJECTS {ipFrrTotalRoutes, 1074 ipFrrUnprotectedRoutes, 1075 ipFrrProtectedRoutes, 1076 ipFrrLinkProtectedRoutes, 1077 ipFrrNodeProtectedRoutes, 1078 ipv6FrrTotalRoutes, 1079 ipv6FrrUnprotectedRoutes, 1080 ipv6FrrProtectedRoutes, 1081 ipv6FrrLinkProtectedRoutes, 1082 ipv6FrrNodeProtectedRoutes, 1083 ipFrrAltIfIndex, 1084 ipFrrAltType, 1085 ipFrrTunnelType, 1086 ipFrrAltProtectionAvailable, 1087 ipFrrAltMetric1, 1088 ipFrrAltMetric2, 1089 ipFrrAltMetric3, 1090 ipFrrAltNonBestReason, 1091 ipFrrAltBest, 1092 ipFrrNoAltCause, 1093 ipFrrInstanceAlgorithm, 1094 ipFrrInstanceProtocol, 1095 ipFrrInstancePerPrefixComputation, 1096 ipFrrIfCandidate, 1097 ipFrrIfProtectionType, 1098 ipFrrIfRowStatus, 1099 ipFrrStatsTotalRoutes, 1100 ipFrrStatsUnprotectedRoutes, 1101 ipFrrStatsProtectedRoutes, 1102 ipFrrStatsLinkProtectedRoutes, 1103 ipFrrStatsNodeProtectedRoutes, 1104 ipv6FrrStatsTotalRoutes, 1105 ipv6FrrStatsUnprotectedRoutes, 1106 ipv6FrrStatsProtectedRoutes, 1107 ipv6FrrStatsLinkProtectedRoutes, 1108 ipv6FrrStatsNodeProtectedRoutes 1110 } 1111 STATUS current 1112 DESCRIPTION 1113 "The entire collection of objects defined in 1114 this MIB for management of IP Fast Reroute ." 1116 ::= { ipFrrMIBGroups 1 } 1118 END 1120 4. Security Considerations 1122 There are a number of management objects defined in this MIB module 1123 with a MAX-ACCESS clause of read-write and/or read-create. Such 1124 objects may be considered sensitive or vulnerable in some network 1125 environments. The support for SET operations in a non-secure 1126 environment without proper protection can have a negative effect on 1127 network operations. The ipFrrAltTable contains routing and 1128 forwarding information that is critical to the operation of the 1129 network in the event of a local failure. Allowing unauthenticated 1130 write access to this table can compromise the validity of the 1131 alternate forwarding information. 1133 Some of the readable objects in this MIB module (i.e. objects with a 1134 MAX-ACCESS other than not-accessible) may be considered sensitive or 1135 vulnerable in some network environments. It is thus important to 1136 control even GET access to these objects and possibly to even encrypt 1137 the values of these objects when sending them over the network via 1138 SNMP. 1140 SNMP versions prior to SNMPv3 did not include adequate security. 1141 Even if the network itself is secure (for example by using IPSec), 1142 even then, there is no control as to who on the secure network is 1143 allowed to access and GET the objects in this MIB module. 1145 It is RECOMMENDED that implementers consider the security features as 1146 provided by the SNMPv3 framework (see [RFC3410], section 8), 1147 including full support for the SNMPv3 cryptographic mechanisms (for 1148 authentication and privacy). 1150 Further, deployment of SNMP versions prior to SNMPv3 is NOT 1151 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 1152 enable cryptographic security. It is then a customer/operator 1153 responsibility to ensure that the SNMP entity giving access to an 1154 instance of this MIB module is properly configured to give access to 1155 the objects only to those principals (users) that have legitimate 1156 rights to indeed GET them. 1158 5. Acknowledgements 1160 The authors would like to acknowledge contributions made by Bill 1161 Anderson, Don Fedyk, John Flick and Bruno Decraene. 1163 6. IANA Considerations 1165 The MIB module in this document uses the following IANA-assigned 1166 OBJECT IDENTIFIER value recorded in the SMI Numbers registry. 1168 The IANA is requested to assign { ip ZZZ } to the IPFRR-MIB MIB 1169 module specified in this document. 1171 Editor's Note (to be removed prior to publication): the IANA is 1172 requested to assign a value for "ZZZ" under the ip subtree and to 1173 record the assignments in the SMI Numbers registry. When the 1174 assignments have been made, the RFC Editor is asked to replace "ZZZ" 1175 (here and in the MIB modules) with the assigned value and to remove 1176 this note. 1178 7. References 1180 7.1. Normative References 1182 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1183 Requirement Levels", BCP 14, RFC 2119, 1184 DOI 10.17487/RFC2119, March 1997, 1185 . 1187 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group 1188 MIB", RFC 2863, DOI 10.17487/RFC2863, June 2000, 1189 . 1191 [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. 1192 Schoenwaelder, "Textual Conventions for Internet Network 1193 Addresses", RFC 4001, DOI 10.17487/RFC4001, February 2005, 1194 . 1196 [RFC4292] Haberman, B., "IP Forwarding Table MIB", RFC 4292, 1197 DOI 10.17487/RFC4292, April 2006, 1198 . 1200 [RFC4293] Routhier, S., Ed., "Management Information Base for the 1201 Internet Protocol (IP)", RFC 4293, DOI 10.17487/RFC4293, 1202 April 2006, . 1204 [RFC5286] Atlas, A., Ed. and A. Zinin, Ed., "Basic Specification for 1205 IP Fast Reroute: Loop-Free Alternates", RFC 5286, 1206 DOI 10.17487/RFC5286, September 2008, 1207 . 1209 7.2. Informative References 1211 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1212 Schoenwaelder, Ed., "Structure of Management Information 1213 Version 2 (SMIv2)", STD 58, RFC 2578, 1214 DOI 10.17487/RFC2578, April 1999, 1215 . 1217 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1218 Schoenwaelder, Ed., "Textual Conventions for SMIv2", 1219 STD 58, RFC 2579, DOI 10.17487/RFC2579, April 1999, 1220 . 1222 [RFC2580] McCloghrie, K., Ed., Perkins, D., Ed., and J. 1223 Schoenwaelder, Ed., "Conformance Statements for SMIv2", 1224 STD 58, RFC 2580, DOI 10.17487/RFC2580, April 1999, 1225 . 1227 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 1228 "Introduction and Applicability Statements for Internet- 1229 Standard Management Framework", RFC 3410, 1230 DOI 10.17487/RFC3410, December 2002, 1231 . 1233 [RFC5036] Andersson, L., Ed., Minei, I., Ed., and B. Thomas, Ed., 1234 "LDP Specification", RFC 5036, DOI 10.17487/RFC5036, 1235 October 2007, . 1237 [RFC5714] Shand, M. and S. Bryant, "IP Fast Reroute Framework", 1238 RFC 5714, DOI 10.17487/RFC5714, January 2010, 1239 . 1241 Authors' Addresses 1243 Alia Atlas 1244 Juniper Networks 1246 Email: akatlas@juniper.net 1247 A S Kiran Koushik 1248 Cisco Systems 1250 Email: kkoushik@cisco.com 1252 Stephane Litkowski 1253 Orange 1255 Email: stephane.litkowski@orange.com