idnits 2.17.1 draft-ietf-softwire-map-mib-10.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (September 15, 2017) is 2408 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC7598' is defined on line 636, but no explicit reference was found in the text -- Obsolete informational reference (is this intentional?): RFC 2629 (Obsoleted by RFC 7749) Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet Engineering Task Force Y. Fu 3 Internet-Draft CNNIC 4 Intended status: Standards Track S. Jiang 5 Expires: March 19, 2018 B. Liu 6 Huawei Technologies Co., Ltd 7 J. Dong 8 Y. Chen 9 Tsinghua University 10 September 15, 2017 12 Definitions of Managed Objects for MAP-E 13 draft-ietf-softwire-map-mib-10 15 Abstract 17 This memo defines a portion of the Management Information Base (MIB) 18 for using with network management protocols in the Internet 19 community. In particular, it defines managed objects for MAP 20 encapsulation (MAP-E) mode. 22 Status of This Memo 24 This Internet-Draft is submitted in full conformance with the 25 provisions of BCP 78 and BCP 79. 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF). Note that other groups may also distribute 29 working documents as Internet-Drafts. The list of current Internet- 30 Drafts is at https://datatracker.ietf.org/drafts/current/. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 This Internet-Draft will expire on March 19, 2018. 39 Copyright Notice 41 Copyright (c) 2017 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents 46 (https://trustee.ietf.org/license-info) in effect on the date of 47 publication of this document. Please review these documents 48 carefully, as they describe your rights and restrictions with respect 49 to this document. Code Components extracted from this document must 50 include Simplified BSD License text as described in Section 4.e of 51 the Trust Legal Provisions and are provided without warranty as 52 described in the Simplified BSD License. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 57 2. The Internet-Standard Management Framework . . . . . . . . . 2 58 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 59 4. Structure of the MIB Module . . . . . . . . . . . . . . . . . 3 60 4.1. The mapMIBObjects . . . . . . . . . . . . . . . . . . . . 3 61 4.1.1. The mapRule Subtree . . . . . . . . . . . . . . . . . 3 62 4.1.2. The mapSecurityCheck Subtree . . . . . . . . . . . . 3 63 4.2. The mapMIBConformance Subtree . . . . . . . . . . . . . . 4 64 5. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 4 65 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 66 7. Security Considerations . . . . . . . . . . . . . . . . . . . 12 67 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 13 68 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 13 69 9.1. Normative References . . . . . . . . . . . . . . . . . . 13 70 9.2. Informative References . . . . . . . . . . . . . . . . . 14 71 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 15 73 1. Introduction 75 Mapping of Address and Port with Encapsulation (MAP-E) [RFC7597] is a 76 stateless mechanism for running IPv4 over IPv6-only infrastructure. 77 In particular, it includes two mode, translation mode or 78 encapsulation mode. For the encapsulation mode, it provides an 79 automatic tunnelling mechanism for providing IPv4 connectivity 80 service to end users over a service provider's IPv6 network 82 This document defines a portion of the Management Information Base 83 (MIB) for use with network management protocols in the Internet 84 community. This MIB module would be used for monitoring the devices 85 in the MAP scenario, especially, for the encapsulation mode. 87 2. The Internet-Standard Management Framework 89 For a detailed overview of the documents that describe the current 90 Internet-Standard Management Framework, please refer to section 7 of 91 [RFC3410]. 93 Managed objects are accessed via a virtual information store, termed 94 the Management Information Base or MIB. MIB objects are generally 95 accessed through the Simple Network Management Protocol (SNMP). 96 Objects in the MIB are defined using the mechanisms defined in the 97 Structure of Management Information (SMI). This memo specifies a MIB 98 module that is compliant to the SMIv2, which is described in 99 [RFC2578], [RFC2579] and [RFC2580]. 101 3. Terminology 103 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 104 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 105 "OPTIONAL" in this document are to be interpreted as described in 106 [RFC2119]. 108 4. Structure of the MIB Module 110 The MAP-E MIB provides a way to manage and monitor the MAP devices in 111 MAP encapsulation mode through SNMP. 113 MAP-E MIB is configurable on a per-interface basis. It depends on 114 several parts of the IF-MIB[RFC2863]. 116 4.1. The mapMIBObjects 118 4.1.1. The mapRule Subtree 120 The mapRule subtree describes managed objects used for managing the 121 multiple mapping rules in the MAP encapsulation mode. 123 According to the MAP specification[RFC7597], the mapping rules are 124 divided into two categories, which are Basic Mapping Rule (BMR), and 125 Forwarding Mapping Rule (FMR). 127 4.1.2. The mapSecurityCheck Subtree 129 The mapSecurityCheck subtree is to statistic the number of invalid 130 packets that have been identified. There are two kind of invalid 131 packets which are defined in the MAP specification [RFC7597]as below. 133 - The Border Relay (BR) will perform a validation of the consistency 134 of the source IPv6 address and destination IPv6 address for the 135 packet using Basic Mapping Rule (BMR). 137 - The Map node (CE and BR) will check that the received packets' 138 source IPv4 address and port is in the range derived from the 139 matching MAP Rule. 141 4.2. The mapMIBConformance Subtree 143 The mapMIBConformance subtree provides conformance information of MIB 144 objects. 146 5. Definitions 148 The following MIB module imports definitions from [RFC2578], 149 [RFC2579],[RFC2580],[RFC2863], and [RFC4001]. 151 MAP-E-MIB DEFINITIONS ::= BEGIN 153 IMPORTS 154 MODULE-IDENTITY, OBJECT-TYPE, mib-2, 155 Unsigned32, Counter64 156 FROM SNMPv2-SMI --RFC2578 157 TEXTUAL-CONVENTION 158 FROM SNMPv2-TC --RFC2579 159 ifIndex 160 FROM IF-MIB --RFC2863 161 InetAddressIPv6, InetAddressIPv4, 162 InetAddressPrefixLength 163 FROM INET-ADDRESS-MIB --RFC4001 164 OBJECT-GROUP, MODULE-COMPLIANCE 165 FROM SNMPv2-CONF; --RFC2580 167 mapMIB MODULE-IDENTITY 168 LAST-UPDATED "201709150000Z" 169 ORGANIZATION 170 "IETF Softwire Working Group" 171 CONTACT-INFO 172 "Yu Fu 173 CNNIC 174 No.4 South 4th Street, Zhongguancun 175 Beijing, P.R. China 100190 176 EMail: fuyu@cnnic.cn 178 Sheng Jiang 179 Huawei Technologies Co., Ltd 180 Huawei Building, 156 Beiqing Rd., Hai-Dian District 181 Beijing, P.R. China 100095 182 EMail: jiangsheng@huawei.com 184 Bing Liu 185 Huawei Technologies Co., Ltd 186 Huawei Building, 156 Beiqing Rd., Hai-Dian District 187 Beijing, P.R. China 100095 188 EMail: leo.liubing@huawei.com 190 Jiang Dong 191 Tsinghua University 192 Department of Computer Science, Tsinghua University 193 Beijing 100084 194 P.R. China 195 Email: knight.dongjiang@gmail.com 197 Yuchi Chen 198 Tsinghua University 199 Department of Computer Science, Tsinghua University 200 Beijing 100084 201 P.R. China 202 Email: chenycmx@gmail.com" 204 DESCRIPTION 205 "The MIB module is defined for management of objects in the 206 MAP-E BRs or CEs." 207 REVISION "201709150000Z" 208 DESCRIPTION 209 "Initial version. Published as RFC xxxx." 210 --RFC Ed.: RFC-edtitor pls fill in xxxx 211 ::= { mib-2 xxx } 212 --xxx to be replaced withIANA-assigned value 214 mapMIBObjects OBJECT IDENTIFIER ::= {mapMIB 1} 216 mapRule OBJECT IDENTIFIER 217 ::= { mapMIBObjects 1 } 219 mapSecurityCheck OBJECT IDENTIFIER 220 ::= { mapMIBObjects 2 } 222 -- ============================================================== 223 -- Textual Conventions used in this MIB module 224 -- ============================================================== 226 RulePSID ::= TEXTUAL-CONVENTION 227 DISPLAY-HINT "0x:" 228 STATUS current 229 DESCRIPTION 230 "It represents the PSID represented in the hexadecimal version 231 so as to display it more clearly." 232 SYNTAX OCTET STRING (SIZE (2)) 234 RuleType ::= TEXTUAL-CONVENTION 235 STATUS current 236 DESCRIPTION 237 "This enumeration provides the type of the mapping rule. It 238 defines tree types of mapping rules here: 239 bmr: Basic Mapping Rule (Not Forwarding Mapping Rule), 240 fmr: Forwarding Mapping Rule (Not Basic Mapping Rule), 241 bmrAndfmr: Basic and Forwarding Mapping Rule. The Basic 242 Mapping Rule may also be a Forwarding Mapping Rule for 243 mesh mode." 244 REFERENCE "bmr, fmr: section 5 of RFC 7597. 245 bmrAndfmr: section 5 of RFC 7597,section 4.1 of RFC 246 7598." 247 SYNTAX INTEGER { 248 bmr(1), 249 fmr(2), 250 bmrAndfmr(3) 251 } 253 mapRuleTable OBJECT-TYPE 254 SYNTAX SEQUENCE OF MapRuleEntry 255 MAX-ACCESS not-accessible 256 STATUS current 257 DESCRIPTION 258 "The (conceptual) table containing rule Information of 259 specific mapping rule. It can also be used for row 260 creation." 261 ::= { mapRule 1 } 263 mapRuleEntry OBJECT-TYPE 264 SYNTAX MapRuleEntry 265 MAX-ACCESS not-accessible 266 STATUS current 267 DESCRIPTION 268 "Each entry in this table contains the information on a 269 particular mapping rule." 270 INDEX { mapRuleID } 271 ::= { mapRuleTable 1 } 273 MapRuleEntry ::= 274 SEQUENCE { 275 mapRuleID Unsigned32, 276 mapRuleIPv6Prefix InetAddressIPv6, 277 mapRuleIPv6PrefixLen InetAddressPrefixLength, 278 mapRuleIPv4Prefix InetAddressIPv4, 279 mapRuleIPv4PrefixLen InetAddressPrefixLength, 280 mapRuleBRIPv6Address InetAddressIPv6, 281 mapRulePSID RulePSID, 282 mapRulePSIDLen Unsigned32, 283 mapRuleOffset Unsigned32, 284 mapRuleEALen Unsigned32, 285 mapRuleType RuleType 286 } 288 mapRuleID OBJECT-TYPE 289 SYNTAX Unsigned32 (1..4294967295) 290 MAX-ACCESS not-accessible 291 STATUS current 292 DESCRIPTION 293 "A unique identifier used to distinguish mapping 294 rules." 295 ::= { mapRuleEntry 1 } 297 -- The object mapRuleIPv6Prefix is IPv6 specific and hence it does 298 -- not use the version agnostic InetAddress. 300 mapRuleIPv6Prefix OBJECT-TYPE 301 SYNTAX InetAddressIPv6 302 MAX-ACCESS read-only 303 STATUS current 304 DESCRIPTION 305 "The IPv6 prefix defined in mapping rule which will be 306 assigned to CE. The address type is given by 307 mapRuleIPv6PrefixType." 308 ::= { mapRuleEntry 2 } 310 mapRuleIPv6PrefixLen OBJECT-TYPE 311 SYNTAX InetAddressPrefixLength 312 MAX-ACCESS read-only 313 STATUS current 314 DESCRIPTION 315 "The length of the IPv6 prefix defined in the mapping rule. 316 As a parameter for mapping rule, it will be also assigned 317 to CE." 318 ::= { mapRuleEntry 3 } 320 -- The object mapRuleIPv4Prefix is IPv4 specific and hence it does 321 -- not use the version agnostic InetAddress. 323 mapRuleIPv4Prefix OBJECT-TYPE 324 SYNTAX InetAddressIPv4 325 MAX-ACCESS read-only 326 STATUS current 327 DESCRIPTION 328 " The IPv4 prefix defined in mapping rule which will be 329 assigned to CE. The address type is given by 330 mapRuleIPv4PrefixType." 332 ::= { mapRuleEntry 4 } 334 mapRuleIPv4PrefixLen OBJECT-TYPE 335 SYNTAX InetAddressPrefixLength 336 MAX-ACCESS read-only 337 STATUS current 338 DESCRIPTION 339 "The length of the IPv4 prefix defined in the mapping 340 rule. As a parameter for mapping rule, it will be also 341 assigned to CE." 342 ::= { mapRuleEntry 5 } 344 -- The object mapRuleBRIPv6Address is IPv6 specific and hence it does 345 -- not use the version agnostic InetAddress. 347 mapRuleBRIPv6Address OBJECT-TYPE 348 SYNTAX InetAddressIPv6 349 MAX-ACCESS read-only 350 STATUS current 351 DESCRIPTION 352 "The IPv6 address of the BR which will be 353 conveyed to CE. If the BR IPv6 address is anycast, the 354 relay must use this anycast IPv6 address as the source 355 address in packets relayed to CEs." 356 ::= { mapRuleEntry 6 } 358 mapRulePSID OBJECT-TYPE 359 SYNTAX RulePSID 360 MAX-ACCESS read-only 361 STATUS current 362 DESCRIPTION 363 "The PSID value algorithmically identifies a set of 364 ports assigned to a CE." 365 REFERENCE 366 "PSID: section 5.1 of RFC 7597." 367 ::= { mapRuleEntry 7 } 369 mapRulePSIDLen OBJECT-TYPE 370 SYNTAX Unsigned32(0..16) 371 MAX-ACCESS read-only 372 STATUS current 373 DESCRIPTION 374 "The bit length value of the number of significant bits in 375 the PSID field. When it is set to 0, the PSID 376 field is to be ignored." 377 ::= { mapRuleEntry 8 } 379 mapRuleOffset OBJECT-TYPE 380 SYNTAX Unsigned32(0..15) 381 MAX-ACCESS read-only 382 STATUS current 383 DESCRIPTION 384 "The number of the mapRuleOffset is 6 by default as to 385 exclude the System ports (0-1023). It is provided via 386 the Rule Port Mapping Parameters in the Basic Mapping 387 Rule." 388 DEFVAL {6} 389 ::= { mapRuleEntry 9 } 391 mapRuleEALen OBJECT-TYPE 392 SYNTAX Unsigned32(0..48) 393 MAX-ACCESS read-only 394 STATUS current 395 DESCRIPTION 396 "The length of the Embedded-Address (EA) defined in 397 mapping rule which will be assigned to CE." 398 REFERENCE 399 "EA: section 3 of RFC 7597." 400 ::= { mapRuleEntry 10 } 402 mapRuleType OBJECT-TYPE 403 SYNTAX RuleType 404 MAX-ACCESS read-only 405 STATUS current 406 DESCRIPTION 407 "It represents the type of the mapping rule. The value of 408 1 means it is a bmr, the value 2 means it is a fmr, the 409 value 3 means that the bmr is also a fmr for mesh mode." 410 REFERENCE 411 "bmr, fmr: section 5 of RFC 7597. 412 bmrAndfmr: section 5 of RFC 7597,section 4.1 of RFC 7598." 413 ::= { mapRuleEntry 11 } 415 mapSecurityCheckTable OBJECT-TYPE 416 SYNTAX SEQUENCE OF MapSecurityCheckEntry 417 MAX-ACCESS not-accessible 418 STATUS current 419 DESCRIPTION 420 "The (conceptual) table containing information on 421 MAP security checks. This table can be used to statistic 422 the number of invalid packets that been identified." 423 ::= { mapSecurityCheck 1 } 425 mapSecurityCheckEntry OBJECT-TYPE 426 SYNTAX MapSecurityCheckEntry 427 MAX-ACCESS not-accessible 428 STATUS current 429 DESCRIPTION 430 "Each entry in this table contains the information on a 431 particular MAP SecurityCheck." 432 INDEX { ifIndex } 433 ::= { mapSecurityCheckTable 1 } 435 MapSecurityCheckEntry ::= 436 SEQUENCE { 437 mapSecurityCheckInvalidv4 Counter64, 438 mapSecurityCheckInvalidv6 Counter64 439 } 441 mapSecurityCheckInvalidv4 OBJECT-TYPE 442 SYNTAX Counter64 443 MAX-ACCESS read-only 444 STATUS current 445 DESCRIPTION 446 "The Map node (CE and BR) will check that the received 447 packets'source IPv4 address and port is in the range 448 derived from matching MAP Rule.So this object indicate 449 the number of the invalid IPv4 packets received by the 450 MAP domain." 451 ::= { mapSecurityCheckEntry 1 } 453 mapSecurityCheckInvalidv6 OBJECT-TYPE 454 SYNTAX Counter64 455 MAX-ACCESS read-only 456 STATUS current 457 DESCRIPTION 458 "The BR will perform a validation of the consistency 459 of the source IPv6 address and destination IPv6 address 460 for the packet using Basic Mapping Rule (BMR). So this 461 object indicate the number of the invalid IPv6 packets 462 received by the BR." 463 ::= { mapSecurityCheckEntry 2 } 465 -- Conformance Information 466 mapMIBConformance OBJECT IDENTIFIER ::= {mapMIB 2} 467 mapMIBCompliances OBJECT IDENTIFIER ::= { mapMIBConformance 1 } 468 mapMIBGroups OBJECT IDENTIFIER ::= { mapMIBConformance 2 } 470 -- compliance statements 471 mapMIBCompliance MODULE-COMPLIANCE 472 STATUS current 473 DESCRIPTION 474 " Describes the minimal requirements for conformance 475 to the MAP-E MIB." 476 MODULE -- this module 477 MANDATORY-GROUPS { mapMIBRuleGroup , mapMIBSecurityGroup } 478 ::= { mapMIBCompliances 1 } 480 -- Units of Conformance 481 mapMIBRuleGroup OBJECT-GROUP 482 OBJECTS { 483 mapRuleIPv6Prefix, 484 mapRuleIPv6PrefixLen, 485 mapRuleIPv4Prefix, 486 mapRuleIPv4PrefixLen, 487 mapRuleBRIPv6Address, 488 mapRulePSID, 489 mapRulePSIDLen, 490 mapRuleOffset, 491 mapRuleEALen, 492 mapRuleType } 493 STATUS current 494 DESCRIPTION 495 " The collection of this objects are used to give the 496 information of mapping rules in MAP-E." 497 ::= { mapMIBGroups 1 } 499 mapMIBSecurityGroup OBJECT-GROUP 500 OBJECTS { 501 mapSecurityCheckInvalidv4, 502 mapSecurityCheckInvalidv6 } 503 STATUS current 504 DESCRIPTION 505 " The collection of this objects are used to give the 506 information on MAP security checks." 507 ::= { mapMIBGroups 2 } 509 END 511 6. IANA Considerations 513 The MIB module in this document uses the following IANA-assigned 514 OBJECT IDENTIFIER values recorded in the SMI Numbers registry: 516 Descriptor OBJECT IDENTIFIER value 517 ---------- ----------------------- 518 MAP-E-MIB { mib-2 XXX } 520 7. Security Considerations 522 There are no management objects defined in this MIB module that have 523 a MAX-ACCESS clause of read-write and/or read-create. So, if this 524 MIB module is implemented correctly, then there is no risk that an 525 intruder can alter or create any management objects of this MIB 526 module via direct SNMP SET operations. 528 Some of the readable objects in this MIB module (i.e., objects with a 529 MAX-ACCESS other than not-accessible) may be considered sensitive or 530 vulnerable in some network environments. It is thus important to 531 control even GET and/or NOTIFY access to these objects and possibly 532 to even encrypt the values of these objects when sending them over 533 the network via SNMP. 535 The following objects are vulnerable in the sense that when an 536 intruder sees the information in this MIB module, then it might help 537 him/her to set up an attack on the MAP node. Objects that reveal 538 rule information of the MAP Domain: Various objects can reveal the 539 rule information of the map domain. A curious outsider could monitor 540 these to assess the number of rules and the IPv6 prefix performed in 541 this domain. Futher, an intruder could use the information to guess 542 the address-sharing ratios of the ISPs. These are the objects and 543 their sensitivity/ vulnerability: 545 mapRuleIPv6Prefix 547 mapRuleIPv6PrefixLen 549 mapRuleIPv4Prefix 551 mapRuleIPv4PrefixLen 553 mapRuleBRIPv6Address 555 mapRulePSID 557 mapRulePSIDLen 559 mapRuleOffset 561 mapRuleEALen 563 mapRuleType 565 SNMP versions prior to SNMPv3 did not include adequate security. 566 Even if the network itself is secure (for example by using IPSec), 567 even then, there is no control as to who on the secure network is 568 allowed to access and GET/SET (read/change/create/delete) the objects 569 in this MIB module. 571 Implementations SHOULD provide the security features described by the 572 SNMPv3 framework (see [RFC3410]), and implementations claiming 573 compliance to the SNMPv3 standard MUST include full support for 574 authentication and privacy via the User-based Security Model (USM) 575 [RFC3414] with the AES cipher algorithm [RFC3826]. Implementations 576 MAY also provide support for the Transport Security Model (TSM) 577 [RFC5591] in combination with a secure transport such as SSH 578 [RFC5592] or TLS/DTLS [RFC6353]. 580 Further, deployment of SNMP versions prior to SNMPv3 is NOT 581 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 582 enable cryptographic security. It is then a customer/operator 583 responsibility to ensure that the SNMP entity giving access to an 584 instance of this MIB module is properly configured to give access to 585 the objects only to those principals (users) that have legitimate 586 rights to indeed GET or SET (change/create/delete) them. 588 8. Acknowledgements 590 The authors would like to thank for valuable comments from David 591 Harrington, Mark Townsley, Shishio Tsuchiya, Yong Cui, Suresh 592 Krishnan, Bert Wijnen and Juergen Schoenwaelder. 594 This document was produced using the xml2rfc tool [RFC2629]. 596 9. References 598 9.1. Normative References 600 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 601 Requirement Levels", BCP 14, RFC 2119, 602 DOI 10.17487/RFC2119, March 1997, 603 . 605 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. 606 Schoenwaelder, Ed., "Structure of Management Information 607 Version 2 (SMIv2)", STD 58, RFC 2578, 608 DOI 10.17487/RFC2578, April 1999, 609 . 611 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. 612 Schoenwaelder, Ed., "Textual Conventions for SMIv2", 613 STD 58, RFC 2579, DOI 10.17487/RFC2579, April 1999, 614 . 616 [RFC2580] McCloghrie, K., Ed., Perkins, D., Ed., and J. 617 Schoenwaelder, Ed., "Conformance Statements for SMIv2", 618 STD 58, RFC 2580, DOI 10.17487/RFC2580, April 1999, 619 . 621 [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group 622 MIB", RFC 2863, DOI 10.17487/RFC2863, June 2000, 623 . 625 [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. 626 Schoenwaelder, "Textual Conventions for Internet Network 627 Addresses", RFC 4001, DOI 10.17487/RFC4001, February 2005, 628 . 630 [RFC7597] Troan, O., Ed., Dec, W., Li, X., Bao, C., Matsushima, S., 631 Murakami, T., and T. Taylor, Ed., "Mapping of Address and 632 Port with Encapsulation (MAP-E)", RFC 7597, 633 DOI 10.17487/RFC7597, July 2015, 634 . 636 [RFC7598] Mrugalski, T., Troan, O., Farrer, I., Perreault, S., Dec, 637 W., Bao, C., Yeh, L., and X. Deng, "DHCPv6 Options for 638 Configuration of Softwire Address and Port-Mapped 639 Clients", RFC 7598, DOI 10.17487/RFC7598, July 2015, 640 . 642 9.2. Informative References 644 [RFC2629] Rose, M., "Writing I-Ds and RFCs using XML", RFC 2629, 645 DOI 10.17487/RFC2629, June 1999, 646 . 648 [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, 649 "Introduction and Applicability Statements for Internet- 650 Standard Management Framework", RFC 3410, 651 DOI 10.17487/RFC3410, December 2002, 652 . 654 [RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security Model 655 (USM) for version 3 of the Simple Network Management 656 Protocol (SNMPv3)", STD 62, RFC 3414, 657 DOI 10.17487/RFC3414, December 2002, 658 . 660 [RFC3826] Blumenthal, U., Maino, F., and K. McCloghrie, "The 661 Advanced Encryption Standard (AES) Cipher Algorithm in the 662 SNMP User-based Security Model", RFC 3826, 663 DOI 10.17487/RFC3826, June 2004, 664 . 666 [RFC5591] Harrington, D. and W. Hardaker, "Transport Security Model 667 for the Simple Network Management Protocol (SNMP)", 668 STD 78, RFC 5591, DOI 10.17487/RFC5591, June 2009, 669 . 671 [RFC5592] Harrington, D., Salowey, J., and W. Hardaker, "Secure 672 Shell Transport Model for the Simple Network Management 673 Protocol (SNMP)", RFC 5592, DOI 10.17487/RFC5592, June 674 2009, . 676 [RFC6353] Hardaker, W., "Transport Layer Security (TLS) Transport 677 Model for the Simple Network Management Protocol (SNMP)", 678 STD 78, RFC 6353, DOI 10.17487/RFC6353, July 2011, 679 . 681 Authors' Addresses 683 Yu Fu 684 CNNIC 685 No.4 South 4th Street, Zhongguancun 686 Beijing 100190 687 P.R. China 689 Email: fuyu@cnnic.cn 691 Sheng Jiang 692 Huawei Technologies Co., Ltd 693 Q14, Huawei Campus, No.156 Beiqing Road 694 Hai-Dian District, Beijing, 100095 695 P.R. China 697 Email: jiangsheng@huawei.com 699 Bing Liu 700 Huawei Technologies Co., Ltd 701 Q14, Huawei Campus, No.156 Beiqing Road 702 Hai-Dian District, Beijing, 100095 703 P.R. China 705 Email: leo.liubing@huawei.com 706 Jiang Dong 707 Tsinghua University 708 Department of Computer Science, Tsinghua University 709 Beijing 100084 710 P.R. China 712 Email: knight.dongjiang@gmail.com 714 Yuchi Chen 715 Tsinghua University 716 Department of Computer Science, Tsinghua University 717 Beijing 100084 718 P.R. China 720 Email: flashfoxmx@gmail.com