idnits 2.17.1 draft-ietf-vrrp-ipv6-mib-00.txt: -(832): Line appears to be too long, but this could be caused by non-ascii characters in UTF-8 encoding Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == There is 1 instance of lines with non-ascii characters in the document. == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The abstract seems to contain references ([2], [5], [19]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == Line 485 has weird spacing: '...nsition the r...' == Line 511 has weird spacing: '...nsition to be...' == Line 831 has weird spacing: '...rReason indic...' == The document doesn't use any RFC 2119 keywords, yet seems to have RFC 2119 boilerplate text. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (June 2003) is 7615 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: 'ND' on line 136 -- Looks like a reference, but probably isn't: 'RFC2574' on line 967 -- Looks like a reference, but probably isn't: 'RFC2575' on line 968 == Outdated reference: A later version (-08) exists of draft-ietf-vrrp-ipv6-spec-04 -- Obsolete informational reference (is this intentional?): RFC 2571 (ref. '1') (Obsoleted by RFC 3411) -- Obsolete informational reference (is this intentional?): RFC 1906 (ref. '10') (Obsoleted by RFC 3417) -- Obsolete informational reference (is this intentional?): RFC 2572 (ref. '11') (Obsoleted by RFC 3412) -- Obsolete informational reference (is this intentional?): RFC 2574 (ref. '12') (Obsoleted by RFC 3414) -- Obsolete informational reference (is this intentional?): RFC 1905 (ref. '13') (Obsoleted by RFC 3416) -- Obsolete informational reference (is this intentional?): RFC 2573 (ref. '14') (Obsoleted by RFC 3413) -- Obsolete informational reference (is this intentional?): RFC 2575 (ref. '15') (Obsoleted by RFC 3415) -- Obsolete informational reference (is this intentional?): RFC 2570 (ref. '16') (Obsoleted by RFC 3410) -- Obsolete informational reference (is this intentional?): RFC 2338 (ref. '17') (Obsoleted by RFC 3768) -- Obsolete informational reference (is this intentional?): RFC 2233 (ref. '18') (Obsoleted by RFC 2863) -- Obsolete informational reference (is this intentional?): RFC 3291 (ref. '20') (Obsoleted by RFC 4001) -- Obsolete informational reference (is this intentional?): RFC 2787 (ref. '21') (Obsoleted by RFC 6527) Summary: 2 errors (**), 0 flaws (~~), 7 warnings (==), 17 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 VRRP working group 2 Internet Draft k. Tata 3 Document: draft-ietf-vrrp-ipv6-mib-00.txt Nokia inc. 4 Expires: December 2002 k. Karlekar 5 Nokia inc. 6 B. Jewell 7 Copper Mountain 8 Networks Inc. 9 June 2003 11 Definitions of Managed Objects for the VRRP IPv6 12 draft-ietf-vrrp-ipv6-mib-00.txt 14 Status of this Memo 16 This document is an Internet-Draft and is in full conformance with 17 all provisions of Section 10 of RFC2026 [1]. 19 This document is an Internet-Draft and is in full conformance with 20 all provisions of Section 10 of RFC2026 except that the right to 21 produce derivative works is not granted. 23 This document is an Internet-Draft and is NOT offered in accordance 24 with Section 10 of RFC2026, and the author does not provide the IETF 25 with any rights other than to publish as an Internet-Draft 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF), its areas, and its working groups. Note that 29 other groups may also distribute working documents as Internet- 30 Drafts. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 The list of current Internet-Drafts can be accessed at 38 http://www.ietf.org/ietf/1id-abstracts.txt 39 The list of Internet-Draft Shadow Directories can be accessed at 40 http://www.ietf.org/shadow.html. 42 Abstract 44 This specification defines an extension to the Management Information 45 Base (MIB) for use with SNMP-based network management. In particular, 46 it defines objects for configuring, monitoring, and controlling 47 routers that employ the Virtual Router Redundancy Protocol for IPv6 48 as defined in draft-ietf-vrrp-ipv6-spec-04.txt [19]. 50 This memo specifies a MIB module in a manner that is compliant with 51 SMIv2 [5], and semantically identical to the SMIv1 definitions [2]. 53 Conventions used in this document 55 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 56 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 57 document are to be interpreted as described in RFC-2119 [2]. 59 Table of Contents 61 1. The SNMP Management Framework..................................3 62 2. Overview.......................................................4 63 2.1 Virtual Router Redundancy Protocol for IPv6................4 64 2.2 VRRP IPv6 MIB Structure....................................5 65 2.3 VRRP for IPv6 MIB Table Design.............................5 66 2.4 Relation to Interface Group (RFC 2233) [18]................5 67 2.5 VRRP IPv6 Scenario.........................................5 68 3. Definitions....................................................8 69 4. Security considerations.......................................21 70 5. Normative References..........................................22 71 6. Informative References........................................22 72 7. Acknowledgements..............................................23 73 8. IANA Considerations...........................................23 74 Author's Addresses...............................................24 75 9. Changes from RFC 2787.........................................24 77 1. The SNMP Management Framework 79 The SNMP Management Framework presently consists of five major 80 components: 81 - An overall architecture, described in RFC 2571 [1]. 82 - Mechanisms for describing and naming objects and events for the 83 purpose of management. The first version of this Structure of 84 Management Information (SMI) is called SMIv1 and described in STD 85 16, RFC 1155 [2], STD 16, RFC 1212 [3] and RFC 1215 [4]. The 86 second version, called SMIv2, is described in STD 58, RFC 2578 87 [5], STD 58, RFC 2579 [6] and STD 58, RFC 2580 [7]. 88 - Message protocols for transferring management information. The 89 first version of the SNMP message protocol is called SNMPv1 and 90 described in STD 15, RFC 1157 [8]. A second version of the SNMP 91 message protocol, which is not an Internet standards track 92 protocol, is called SNMPv2c and described in RFC 1901 [9] and RFC 93 1906 [10]. The third version of the message protocol is called 94 SNMPv3 and described in RFC 1906 [10], RFC 2572 [11] and RFC 2574 95 [12]. 96 - Protocol operations for accessing management information. The 97 first set of protocol operations and associated PDU formats is 98 described in STD 15, RFC 1157 [8]. A second set of protocol 99 operations and associated PDU formats is described in RFC 1905 100 [13]. 101 - A set of fundamental applications described in RFC 2573 [14] and 102 the view-based access control mechanism described in RFC 2575 103 [15]. 105 A more detailed introduction to the current SNMP Management Framework 106 can be found in RFC 2570 [16]. 108 Managed objects are accessed via a virtual information store, termed 109 the Management Information Base or MIB. Objects in the MIB are 110 defined using the mechanisms defined in the SMI. 112 This memo specifies a MIB module that is compliant to the SMIv2. A 113 MIB conforming to the SMIv1 can be produced through the appropriate 114 translations. The resulting translated MIB must be semantically 115 equivalent, except where objects or events are omitted because no 116 translation is possible (use of Counter64). Some machine readable 117 information in SMIv2 will be converted into textual descriptions in 118 SMIv1 during the translation process. However, this loss of machine 119 readable information is not considered to change the semantics of the 120 MIB. 122 2. Overview 124 VRRP protocols as defined in RFC 2338 [17] and draft-ietf-vrrp-ipv6- 125 spec-04.txt [19] are inherently IP version specific. Though both the 126 protocols are similar they are not identical and can coexist on a 127 network element. Network managers should be able to configure and 128 monitor these protocols independently. RFC 2787 [21] defines managed 129 objects that are specific to VRRP protocol for IPv4 networks as 130 defined in RFC 2338 [17]. This document defines managed objects for 131 configuring and monitoring VRRP protocol for IPv6 networks as defined 132 in draft-ietf-vrrp-ipv6-spec-04.txt [19] 134 IPv6 hosts on a LAN will usually learn about one or more default 135 routers by receiving Router Advertisements sent using the IPv6 136 Neighbor Discovery protocol [ND]. The Router Advertisements are 137 multicast periodically at a rate that the hosts will learn about the 138 default routers in a few minutes. They are not sent frequently enough 139 to rely on the absence of the router advertisement to detect router 140 failures. 142 The Virtual Router Redundancy Protocol for IPv6 provides a much 143 faster switch over to an alternate default router than can be 144 obtained using standard ND procedures. Using VRRP for IPv6 a backup 145 router can take over for a failed default router in around three 146 seconds (using VRRP for IPv6 default parameters). This is done with 147 out any interaction with the hosts and a minimum amount of VRRP 148 traffic. 150 2.1 Virtual Router Redundancy Protocol for IPv6 152 This MIB is based on the following characteristics of VRRP as defined 153 in the VRRP for IPv6 specification [19]. 154 - A "VRRP IPv6 router" is one that is configured to run the VRRP 155 for IPv6 protocol in conjunction with one or more other VRRP 156 IPv6 routers attached to a LAN. 157 - A VRRP IPv6 router can be running one or more instances of a 158 virtual router. 159 - A "IPv6 virtual router" is an abstraction, which consists of 160 two or more physical routers associated by a IPv6 Virtual 161 Router Identifier (IPv6VRID). 162 - An instance of a virtual router (on a physical VRRP IPv6 163 router), can be uniquely identified by a combination of the 164 'ifIndex' [18] and "Virtual Router Identifier" (IPv6VRID). 166 2.2 VRRP IPv6 MIB Structure 168 The VRRP IPv6 MIB contains three conformance groups: 169 - vrrpIpv6Operations Group: Objects related to VRRP IPv6 router's 170 configuration and control. 171 - vrrpIpv6Statistics Group: Objects containing information useful 172 in monitoring the operation of VRRP IPv6 routers. 174 - vrrpIpv6Notifications Group: Consists of objects and 175 definitions for use in SNMP notifications sent by VRRP Ipv6 176 routers. 178 Tables in the MIB include the following: 180 (1)The vrrpIpv6OperTable, which contains objects that define the 181 operational characteristics of a VRRP IPv6 router. Rows in this 182 table correspond to instances of virtual routers. 184 (2)The vrrpIpv6RouterStatsTable which contains the operating 185 statistics for a VRRP IPv6 router. 187 2.3 VRRP for IPv6 MIB Table Design 189 The tables in the VRRP for IPv6 MIB are structured with the 190 assumption that a VRRP network management application would likely be 191 designed to display information or provide configuration about a IPv6 192 VRRP router on a "per-IPv6-virtual-router basis". Thus, the tables 193 defined in the MIB consist of conceptual rows which are grouped in a 194 manner to present a view of individual virtual routers with a minimal 195 number of SNMP operations. 197 2.4 Relation to Interface Group (RFC 2233) [18] 199 Since a router can be participating in VRRP over IPv6 on one or more 200 physical interfaces, "ifIndex" is used as an index into the tables 201 defined in the VRRP IPv6 MIB. 203 2.5 VRRP IPv6 Scenario 205 The following section provides examples of how some of the objects in 206 this MIB are instantiated for two different VRRP IPv6 scenarios. 208 KEY: 209 ---- 211 The labels in the following tables and diagrams correspond to the 212 actual MIB objects as follows: 214 if = vrrpIpv6OperIfIndex 215 IPv6VrId= vrrpIpv6OperVrId 216 State = vrrpIpv6OperState 217 Prior = vrrpIpv6OperPriority 218 AddrType= vrrpIpv6OperIpAddrType 219 IpAddr = vrrpIpv6OperMasterIpAddr 220 RowStat = vrrpIpv6OperRowStatus 222 The following figure shows a simple network with two VRRP IPv6 223 routers configured with two virtual routers. This sample topology is 224 taken from the VRRP specification [17]. Addresses in '()' indicate 225 the IPv6 address of the default gateway for a given host, H1 - H4. In 226 the diagram, "Interface" is used in the context defined in IF-MIB 227 [18]. 229 IPv6VRID=1 IPv6VRID=2 230 +-----+ +-----+ 231 | MR1 | | MR2 | 232 | & | | & | 233 | BR2 | | BR1 | 234 IPv6VRID=1 +-----+ +-----+ IPv6VRID=2 235 IPv6 A -------->* *<---------- IPv6 B 236 | | 237 | | 238 | | 239 ------------------+------------+-----+--------+--------+--------+-- 240 ^ ^ ^ ^ 241 | | | | 242 (IPv6 A) (IPv6 A) (IPv6 B) (IPv6 B) 243 | | | | 244 +--+--+ +--+--+ +--+--+ +--+--+ 245 | H1 | | H2 | | H3 | | H4 | 246 +-----+ +-----+ +--+--+ +--+--+ 248 ----- MIB Tables For VRRP IPv6 Router "IPv6 A": ----- 250 vrrpOperTable 251 ------------- 253 | if |IPv6VrId| State | Prior | AddrType| IpAddr | ... | RowStat | 254 +----+--------+-------+-------+---------+--------+-( )-+---------+ 255 | | | | | | | | | 256 | I1 | 01 | M | 255 | 2 | A | | active | 257 | | | | | | | | | 258 +----+--------+-------+-------+---------+--------+-( )-+---------+ 259 | | | | | | | | | 260 | I1 | 02 | B | 1-254 | 2 | B | | active | 261 | | | | | | | | | 262 +----+--------+-------+-------+---------+--------+-( )-+---------+ 264 ----- MIB Tables For VRRP IPv6 Router "IPv6 B": ----- 266 vrrpIPv6OperTable 267 ------------- 269 | if |IPv6VrId| State | Prior | AddrType| IpAddr | ... | RowStat | 270 +----+--------+-------+-------+---------+--------+-( )-+---------+ 271 | | | | | | | | | 272 | I2 | 01 | B | 1-254 | 2 | A | | active | 273 | | | | | | | | | 274 +----+--------+-------+-------+---------+--------+-( )-+---------+ 275 | | | | | | | | | 276 | I2 | 02 | M | 255 | 2 | B | | active | 277 | | | | | | | | | 278 +----+--------+-------+-------+---------+--------+-( )-+---------+ 280 NOTES: 282 1) "I1" and "I2" are used to designate IF indices on each respective 283 router. 284 2) For "State": M = Master; B = Backup. 285 3) In the vrrpIpv6OperTable, a "priority" of 255 indicates that the 286 respective router owns the IPv6 address, e.g., this IPv6 address 287 is native to the router (i.e., "the IPv6 Address Owner" [17]). 289 3. Definitions 291 VRRP-IPv6-MIB DEFINITIONS ::= BEGIN 293 IMPORTS 294 MODULE-IDENTITY, OBJECT-TYPE, 295 NOTIFICATION-TYPE, Counter32, 296 Integer32, mib-2 FROM SNMPv2-SMI 298 RowStatus, 299 MacAddress, TruthValue, TimeStamp FROM SNMPv2-TC 301 MODULE-COMPLIANCE, OBJECT-GROUP, 302 NOTIFICATION-GROUP FROM SNMPv2-CONF 303 ifIndex FROM IF-MIB 304 VrId FROM VRRP-MIB 305 InetAddressType, InetAddress FROM INET-ADDRESS-MIB; 307 vrrpIpv6MIB MODULE-IDENTITY 308 LAST-UPDATED "200304200000Z" 309 ORGANIZATION "IETF VRRP Working Group" 310 CONTACT-INFO "Kalyan Tata 311 Postal: Nokia, Inc. 312 313, Fair child Dr. 313 Mountain View, California 94303 314 Tel: +1 408 896 6493 315 E-Mail: kalyan.tata@nokia.com" 317 DESCRIPTION 318 "This MIB describes objects used for managing Virtual Router 319 Redundancy Protocol (VRRP) for IPv6 routers. 321 Copyright (C) The Internet Society (2003). This version 322 of this MIB module is part of RFC XXXX: see the RFC 323 itself for full legal notices. 324 RFC Ed.: replace XXXX with assigned number & remove 325 this note. 326 " 327 ::= { mib-2 xx } -- To be assigned by IANA 329 --******************************************************************* 330 -- VRRP MIB Groups 331 --******************************************************************* 333 vrrpIpv6Operations OBJECT IDENTIFIER ::= { vrrpIpv6MIB 1 } 334 vrrpIpv6Statistics OBJECT IDENTIFIER ::= { vrrpIpv6MIB 2 } 335 vrrpIpv6Conformance OBJECT IDENTIFIER ::= { vrrpIpv6MIB 3 } 337 --******************************************************************* 338 -- Start of MIB objects 339 --******************************************************************* 341 vrrpIpv6NodeVersion OBJECT-TYPE 342 SYNTAX Integer32 343 MAX-ACCESS read-only 344 STATUS current 345 DESCRIPTION 346 "This value identifies the particular version of the VRRP 347 over IPv6 supported by this node. Version 3 for this 348 document." 349 ::= { vrrpIpv6Operations 1 } 351 vrrpIpv6NotificationCntl OBJECT-TYPE 352 SYNTAX INTEGER { 353 enabled (1), 354 disabled (2) 355 } 356 MAX-ACCESS read-write 357 STATUS current 358 DESCRIPTION 359 "Indicates whether the VRRP-IPv6-enabled router will generate 360 SNMP traps for events defined in this MIB. 'Enabled' 361 results in SNMP traps; 'disabled', no traps are sent." 362 DEFVAL { enabled } 363 ::= { vrrpIpv6Operations 2 } 365 --******************************************************************* 366 -- VRRP IPv6 Operations Table 367 --******************************************************************* 369 vrrpIpv6OperTable OBJECT-TYPE 370 SYNTAX SEQUENCE OF VrrpIpv6OperEntry 371 MAX-ACCESS not-accessible 372 STATUS current 373 DESCRIPTION 374 "Operations table for a VRRP router which consists of a 375 sequence (i.e., one or more conceptual rows) of 376 'vrrpIpv6OperEntry' items." 378 ::= { vrrpIpv6Operations 3 } 380 vrrpIpv6OperEntry OBJECT-TYPE 381 SYNTAX VrrpIpv6OperEntry 382 MAX-ACCESS not-accessible 383 STATUS current 384 DESCRIPTION 385 "An entry in the vrrpIpv6OperTable containing the 386 operational characteristics of a virtual router. On a VRRP 387 IPv6 router, a given virtual router is identified by a 388 Combination of the IF index and IPv6VRID. 390 Rows in the table cannot be modified unless the value 391 of `vrrpIpv6OperAdminState' is `disabled' and the 392 `vrrpIpv6OperState' has transitioned to `initialize'." 394 INDEX { ifIndex, vrrpIpv6OperVrId } 395 ::= { vrrpIpv6OperTable 1 } 397 VrrpIpv6OperEntry ::= 398 SEQUENCE { 399 vrrpIpv6OperVrId 400 VrId, 401 vrrpIpv6OperVirtualMacAddr 402 MacAddress, 403 vrrpIpv6OperState 404 INTEGER, 405 vrrpIpv6OperAdminState 406 INTEGER, 407 vrrpIpv6OperPriority 408 Integer32, 409 vrrpIpv6OperIpAddrType 410 InetAddressType, 411 vrrpIpv6OperMasterIpAddr 412 InetAddress, 413 vrrpIpv6OperAdvInterval 414 Integer32, 415 vrrpIpv6OperPreemptMode 416 TruthValue, 417 vrrpIpv6OperVirtualRouterUpTime 418 TimeStamp, 419 vrrpIpv6OperProtocol 420 INTEGER, 421 vrrpIpv6OperRowStatus 422 RowStatus 423 } 425 vrrpIpv6OperVrId OBJECT-TYPE 426 SYNTAX VrId 427 MAX-ACCESS read-only 428 STATUS current 429 DESCRIPTION 430 "This object contains the IPv6 Virtual Router Identifier 431 (IPv6VRID)." 432 ::= { vrrpIpv6OperEntry 1 } 434 vrrpIpv6OperVirtualMacAddr OBJECT-TYPE 435 SYNTAX MacAddress 436 MAX-ACCESS read-only 437 STATUS current 438 DESCRIPTION 439 "The virtual MAC address of the virtual router. Although this 440 object can be derived from the 'vrrpIpv6OperVrId'object, it is 441 defined so that it is easily obtainable by a management 442 application and can be included in VRRP-related SNMP traps." 443 ::= { vrrpIpv6OperEntry 2 } 445 vrrpIpv6OperState OBJECT-TYPE 446 SYNTAX INTEGER { 447 initialize(1), 448 backup(2), 449 master(3) 450 } 451 MAX-ACCESS read-only 452 STATUS current 454 DESCRIPTION 455 "The current state of the virtual router. This object has 456 three defined values: 458 - `initialize', which indicates that all the 459 virtual router is waiting for a startup event. 461 - `backup', which indicates the virtual router is 462 monitoring the availability of the master router. 464 - `master', which indicates that the virtual router 465 is forwarding packets for IPv6 addresses that are 466 associated with this router. 468 Setting the `vrrpIpv6OperAdminState' object(below) initiates 469 transitions in the value of this object." 470 ::= { vrrpIpv6OperEntry 3 } 472 vrrpIpv6OperAdminState OBJECT-TYPE 473 SYNTAX INTEGER { 474 up(1), 475 down(2) 476 } 477 MAX-ACCESS read-create 478 STATUS current 479 DESCRIPTION 480 "This object will enable/disable the virtual router 481 function. Setting the value to `up', will transition 482 the state of the virtual router from `initialize' to 483 `backup' or `master', depending on the value of 484 `vrrpIpv6OperPriority'. Setting the value to `down', will 485 transition the router from `master' or `backup' to 486 `initialize'. State transitions may not be immediate; they 487 sometimes depend on other factors, such as the interface 488 (IF) state. 490 The `vrrpIpv6OperAdminState' object must be set to `down' 491 prior to modifying the other read-create objects in the 492 conceptual row. The value of the `vrrpIpv6OperRowStatus' 493 object (below) must be `active', signifying that the 494 conceptual row is valid (i.e., the objects are correctly 495 set), in order for this object to be set to `up'." 496 DEFVAL { down } 497 ::= { vrrpIpv6OperEntry 4 } 499 vrrpIpv6OperPriority OBJECT-TYPE 500 SYNTAX Integer32 (0..255) 501 MAX-ACCESS read-create 502 STATUS current 503 DESCRIPTION 504 "This object specifies the priority to be used for the 505 virtual router master election process. Higher values imply 506 higher priority. 508 A priority of '0', although not settable, is sent by 509 the master router to indicate that this router has ceased 510 to participate in VRRP and a backup virtual router should 511 transition to become a new master. 513 A priority of 255 is used for the router that owns the 514 associated IP address(es)." 515 DEFVAL { 100 } 516 ::= { vrrpIpv6OperEntry 5 } 518 vrrpIpv6OperIpAddrType OBJECT-TYPE 519 SYNTAX InetAddressType 520 MAX-ACCESS read-only 521 STATUS current 522 DESCRIPTION 523 "This specifies the the type of inetAddress in this row. 524 This should allways be ipv6(2) for this document." 525 ::= { vrrpIpv6OperEntry 6 } 527 vrrpIpv6OperMasterIpAddr OBJECT-TYPE 528 SYNTAX InetAddress 529 MAX-ACCESS read-only 530 STATUS current 531 DESCRIPTION 532 "The master router's real (primary) IPv6 address. This is 533 the IPv6 address listed as the source in VRRP advertisement 534 last received by this virtual router." 535 ::= { vrrpIpv6OperEntry 7 } 537 vrrpIpv6OperAdvInterval OBJECT-TYPE 538 SYNTAX Integer32 (1..255) 539 UNITS "seconds" 540 MAX-ACCESS read-create 541 STATUS current 542 DESCRIPTION 543 "The time interval, in seconds, between sending 544 advertisement messages. Only the master router sends 545 VRRP advertisements." 546 DEFVAL { 1 } 547 ::= { vrrpIpv6OperEntry 8 } 549 vrrpIpv6OperPreemptMode OBJECT-TYPE 550 SYNTAX TruthValue 551 MAX-ACCESS read-create 552 STATUS current 553 DESCRIPTION 554 "Controls whether a higher priority virtual router will 555 preempt a lower priority master." 556 DEFVAL { true } 557 ::= { vrrpIpv6OperEntry 9 } 559 vrrpIpv6OperVirtualRouterUpTime OBJECT-TYPE 561 SYNTAX TimeStamp 562 MAX-ACCESS read-only 563 STATUS current 564 DESCRIPTION 565 "This is the value of the `sysUpTime' object when this 566 virtual router (i.e., the `vrrpIpv6OperState') transitioned 567 out of `initialized'." 568 ::= { vrrpIpv6OperEntry 10 } 570 vrrpIpv6OperProtocol OBJECT-TYPE 571 SYNTAX INTEGER { 572 ip (1), 573 bridge (2), 574 decnet (3), 575 other (4) 576 } 577 MAX-ACCESS read-create 578 STATUS current 579 DESCRIPTION 580 "The particular protocol being controlled by this Virtual 581 Router. 583 New enumerations to this list can only be added via a new 584 RFC on the standards track." 585 DEFVAL { ip } 586 ::= { vrrpIpv6OperEntry 11 } 588 vrrpIpv6OperRowStatus OBJECT-TYPE 589 SYNTAX RowStatus 590 MAX-ACCESS read-create 591 STATUS current 592 DESCRIPTION 593 "The row status variable, used in accordance to installation 594 and removal conventions for conceptual rows. The rowstatus 595 of a currently active row in the vrrpIpv6OperTable is 596 constrained by the operational state of the corresponding 597 virtual router. 598 When `vrrpIpv6OperRowStatus' is set to active(1), no other 599 objects in the conceptual row, with the exception of 600 `vrrpIpv6OperAdminState', can be modified. Prior to setting 601 the `vrrpIpv6OperRowStatus' object from `active' to a 602 different value, the `vrrpIpv6OperAdminState' object must be 603 set to `down' and the `vrrpIpv6OperState' object be 604 transitioned to `initialize'. 606 To create a row in this table, a manager sets this object 607 to either createAndGo(4) or createAndWait(5). Until 608 instances of all corresponding columns are appropriately 609 configured, the value of the corresponding instance of the 610 `vrrpIpv6OperRowStatus' column will be read as notReady(3). 611 In particular, a newly created row cannot be made active(1) 612 until (minimally) the corresponding instance of 613 `vrrpIpv6OperVrId' has been set." 614 ::= { vrrpIpv6OperEntry 12 615 } 617 --******************************************************************* 618 -- VRRP IPv6 Router Statistics 619 --******************************************************************* 621 vrrpIpv6RouterChecksumErrors OBJECT-TYPE 622 SYNTAX Counter32 623 MAX-ACCESS read-only 624 STATUS current 625 DESCRIPTION 626 "The total number of VRRP packets received with an invalid 627 VRRP checksum value." 629 ::= { vrrpIpv6Statistics 1 } 631 vrrpIpv6RouterVersionErrors OBJECT-TYPE 632 SYNTAX Counter32 633 MAX-ACCESS read-only 634 STATUS current 635 DESCRIPTION 636 "The total number of IPv6 VRRP packets received with an 637 unknown or unsupported version number." 638 ::= { vrrpIpv6Statistics 2 } 640 vrrpIpv6RouterVrIdErrors OBJECT-TYPE 641 SYNTAX Counter32 642 MAX-ACCESS read-only 643 STATUS current 645 DESCRIPTION 646 "The total number of IPv6 VRRP packets received with an 647 invalid IPv6VRID for this virtual router." 648 ::= { vrrpIpv6Statistics 3 } 650 --******************************************************************* 651 -- VRRP IPv6 Router Statistics Table 652 --******************************************************************* 654 vrrpIpv6RouterStatsTable OBJECT-TYPE 655 SYNTAX SEQUENCE OF VrrpRouterStatsEntry 656 MAX-ACCESS not-accessible 657 STATUS current 658 DESCRIPTION 659 "Table of virtual router statistics." 660 ::= { vrrpIpv6Statistics 4 } 662 vrrpIpv6RouterStatsEntry OBJECT-TYPE 663 SYNTAX VrrpRouterStatsEntry 664 MAX-ACCESS not-accessible 665 STATUS current 666 DESCRIPTION 667 "An entry in the table, containing statistics information 668 about a given virtual router." 669 AUGMENTS { vrrpIpv6OperEntry } 670 ::= { vrrpIpv6RouterStatsTable 1 } 672 VrrpRouterStatsEntry ::= 673 SEQUENCE { 674 vrrpIpv6StatsBecomeMaster 675 Counter32, 676 vrrpIpv6StatsAsMasterUpTime 677 TimeStamp, 679 vrrpIpv6StatsAdvRcvd 680 Counter32, 681 vrrpIpv6StatsAdvIntervalErrors 682 Counter32, 683 vrrpIpv6StatsHopLimitErrors 684 Counter32, 685 vrrpIpv6StatsPriZeroPktsRcvd 686 Counter32, 687 vrrpIpv6StatsPriZeroPktsSent 688 Counter32, 689 vrrpIpv6StatsInvalidTypePktsRcvd 690 Counter32, 691 vrrpIpv6StatsAddressListErrors 692 Counter32, 693 vrrpIpv6StatsPacketLengthErrors 694 Counter32 695 } 697 vrrpIpv6StatsBecomeMaster OBJECT-TYPE 698 SYNTAX Counter32 699 MAX-ACCESS read-only 700 STATUS current 701 DESCRIPTION 702 "The total number of times that this virtual router's state 703 has transitioned to MASTER." 704 ::= { vrrpIpv6RouterStatsEntry 1 } 706 vrrpIpv6StatsAsMasterUpTime OBJECT-TYPE 707 SYNTAX TimeStamp 708 MAX-ACCESS read-only 709 STATUS current 710 DESCRIPTION 711 "The total number of seconds this router is UP in master 712 state." 713 ::= { vrrpIpv6RouterStatsEntry 2 } 715 vrrpIpv6StatsAdvRcvd OBJECT-TYPE 716 SYNTAX Counter32 717 MAX-ACCESS read-only 718 STATUS current 719 DESCRIPTION 720 "The total number of IPv6 VRRP advertisements received by 721 this virtual router." 722 ::= { vrrpIpv6RouterStatsEntry 3 } 724 vrrpIpv6StatsAdvIntervalErrors OBJECT-TYPE 725 SYNTAX Counter32 726 MAX-ACCESS read-only 727 STATUS current 728 DESCRIPTION 729 "The total number of IPv6 VRRP advertisement packets 730 received for which the advertisement interval is different 731 than the one configured for the local virtual router." 732 ::= { vrrpIpv6RouterStatsEntry 4 } 734 vrrpIpv6StatsHopLimitErrors OBJECT-TYPE 735 SYNTAX Counter32 736 MAX-ACCESS read-only 737 STATUS current 739 DESCRIPTION 740 "The total number of IPv6 VRRP packets received by the 741 virtual router with IPv6 hop limit not equal to 255." 742 ::= { vrrpIpv6RouterStatsEntry 5 } 744 vrrpIpv6StatsPriZeroPktsRcvd OBJECT-TYPE 745 SYNTAX Counter32 746 MAX-ACCESS read-only 747 STATUS current 748 DESCRIPTION 749 "The total number of IPv6 VRRP packets received by the 750 virtual router with a priority of '0'." 751 ::= { vrrpIpv6RouterStatsEntry 6 } 753 vrrpIpv6StatsPriZeroPktsSent OBJECT-TYPE 754 SYNTAX Counter32 755 MAX-ACCESS read-only 756 STATUS current 757 DESCRIPTION 758 "The total number of IPv6 VRRP packets sent by the virtual 759 router with a priority of '0'." 760 ::= { vrrpIpv6RouterStatsEntry 7 } 762 vrrpIpv6StatsInvalidTypePktsRcvd OBJECT-TYPE 763 SYNTAX Counter32 764 MAX-ACCESS read-only 765 STATUS current 766 DESCRIPTION 767 "The number of VRRP packets received by the virtual router 768 with an invalid value in the 'type' field." 769 ::= { vrrpIpv6RouterStatsEntry 8 } 771 vrrpIpv6StatsAddressListErrors OBJECT-TYPE 772 SYNTAX Counter32 773 MAX-ACCESS read-only 774 STATUS current 775 DESCRIPTION 776 "The total number of packets received for which the address 777 list does not match the locally configured list for the 778 virtual router." 779 ::= { vrrpIpv6RouterStatsEntry 9 } 781 vrrpIpv6StatsPacketLengthErrors OBJECT-TYPE 782 SYNTAX Counter32 783 MAX-ACCESS read-only 784 STATUS current 785 DESCRIPTION 786 "The total number of packets received with a packet length 787 less than the length of the VRRP header." 788 ::= { vrrpIpv6RouterStatsEntry 10 } 790 --******************************************************************* 791 -- Trap Definitions 792 --******************************************************************* 794 vrrpIpv6Notifications OBJECT IDENTIFIER ::= { vrrpIpv6MIB 0 } 796 vrrpIpv6TrapNewMasterReason OBJECT-TYPE 797 SYNTAX INTEGER { 798 priority (0), 799 preempted (1), 800 masterNoResponse (2) 801 } 802 MAX-ACCESS accessible-for-notify 803 STATUS current 804 DESCRIPTION 805 "This indicates the reason for NewMaster trap. 806 Used by vrrpIpv6TrapNewMaster trap." 807 ::= { vrrpIpv6Operations 6 } 809 vrrpIpv6TrapProtoErrReason OBJECT-TYPE 810 SYNTAX INTEGER { 811 hopLimitError (0), 812 versionError (1), 813 checksumError (2), 814 vridError(3) 815 } 816 MAX-ACCESS accessible-for-notify 817 STATUS current 818 DESCRIPTION 819 "This indicates the reason for protocol error trap. 820 Used by vrrpIpv6TrapProtoError trap." 821 ::= { vrrpIpv6Operations 7 } 823 vrrpIpv6TrapNewMaster NOTIFICATION-TYPE 824 OBJECTS { vrrpIpv6OperMasterIpAddr, 825 vrrpIpv6TrapNewMasterReason 826 } 827 STATUS current 828 DESCRIPTION 829 "The newMaster trap indicates that the sending agent 830 has transitioned to 'Master' state. The 831 vrrpIpv6TrapNewMasterReason indicates the reason due to 832 which the sending agent transitioned to �master� state.� 833 ::= { vrrpIpv6Notifications 1 } 835 vrrpIpv6TrapProtoError NOTIFICATION-TYPE 836 OBJECTS { vrrpIpv6TrapProtoErrReason 837 } 838 STATUS current 839 DESCRIPTION 840 "The error trap indicates that the sending agent has 841 encountered the protocol error indicated by ErrorReason." 842 ::= { vrrpIpv6Notifications 2 } 844 --******************************************************************* 845 -- Conformance Information 846 --******************************************************************* 848 vrrpIpv6MIBCompliances OBJECT IDENTIFIER 849 ::= { vrrpIpv6Conformance 1 } 850 vrrpIpv6MIBGroups OBJECT IDENTIFIER 851 ::= { vrrpIpv6Conformance 2 } 853 --................................................................... 854 -- Compliance Statements 855 --................................................................... 857 vrrpIpv6MIBCompliance MODULE-COMPLIANCE 858 STATUS current 859 DESCRIPTION 860 "The core compliance statement for all VRRP IPv6 861 implementations." 862 MODULE -- this module 863 MANDATORY-GROUPS { 864 vrrpIpv6OperGroup, 865 vrrpIpv6StatsGroup 866 } 867 OBJECT vrrpIpv6OperPriority 868 WRITE-SYNTAX Integer32 (1..255) 869 DESCRIPTION "SETable values are from 1 to 255." 871 ::= { vrrpIpv6MIBCompliances 1 } 873 --................................................................... 874 -- Conformance Groups 875 --................................................................... 877 vrrpIpv6OperGroup OBJECT-GROUP 878 OBJECTS { 879 vrrpIpv6NodeVersion, 880 vrrpIpv6NotificationCntl, 881 vrrpIpv6OperVirtualMacAddr, 882 vrrpIpv6OperState, 883 vrrpIpv6OperAdminState, 884 vrrpIpv6OperPriority, 885 vrrpIpv6OperIpAddrType, 886 vrrpIpv6OperMasterIpAddr, 887 vrrpIpv6OperAdvInterval, 888 vrrpIpv6OperPreemptMode, 889 vrrpIpv6OperVirtualRouterUpTime, 890 vrrpIpv6OperProtocol, 891 vrrpIpv6OperRowStatus 892 } 893 STATUS current 894 DESCRIPTION 895 "Conformance group for VRRP operations." 896 ::= { vrrpIpv6MIBGroups 1 } 898 vrrpIpv6StatsGroup OBJECT-GROUP 899 OBJECTS { 900 vrrpIpv6RouterChecksumErrors, 901 vrrpIpv6RouterVersionErrors, 902 vrrpIpv6RouterVrIdErrors, 903 vrrpIpv6StatsBecomeMaster, 904 vrrpIpv6StatsAsMasterUpTime, 905 vrrpIpv6StatsAdvRcvd, 906 vrrpIpv6StatsAdvIntervalErrors, 907 vrrpIpv6StatsHopLimitErrors, 908 vrrpIpv6StatsPriZeroPktsRcvd, 909 vrrpIpv6StatsPriZeroPktsSent, 910 vrrpIpv6StatsInvalidTypePktsRcvd, 911 vrrpIpv6StatsAddressListErrors, 912 vrrpIpv6StatsPacketLengthErrors 913 } 914 STATUS current 915 DESCRIPTION 916 "Conformance group for VRRP statistics." 917 ::= { vrrpIpv6MIBGroups 2 } 919 vrrpIpv6TrapGroup OBJECT-GROUP 920 OBJECTS { 921 vrrpIpv6TrapNewMasterReason, 922 vrrpIpv6TrapProtoErrReason 923 } 924 STATUS current 925 DESCRIPTION 926 "Conformance group for objects contained in VRRP 927 notifications." 928 ::= { vrrpIpv6MIBGroups 3 } 930 vrrpIpv6NotificationGroup NOTIFICATION-GROUP 931 NOTIFICATIONS { 932 vrrpIpv6TrapNewMaster, 933 vrrpIpv6TrapProtoError 934 } 935 STATUS current 936 DESCRIPTION 937 "The VRRP MIB Notification Group." 938 ::= { vrrpIpv6MIBGroups 4 } 940 END 942 4. Security considerations 944 There are a number of management objects defined in this MIB that 945 have a MAX-ACCESS clause of read-write or read-create. Such objects 946 may be considered sensitive or vulnerable to security attacks in some 947 networking environments. The support for SET operations in a non- 948 secure environment without proper protection can have a negative 949 effect on VRRP router operations. 951 A number of objects in the vrrpIpv6OperTable possess the read-create 952 attribute. Manipulation of these objects is capable of affecting the 953 operation of a virtual router. 955 Specific examples of this include, but are not limited to: 957 o The vrrpIpv6OperAdminState object which could be used to disable a 958 virtual router. 960 SNMPv1 by itself is not a secure environment. Even if the network 961 itself is secure (for example by using IPSec), even then, there is no 962 control as to who on the secure network is allowed to access and 963 GET/SET (read/change/create/delete) the objects in this MIB. 965 It is recommended that the implementers consider the security 966 features as provided by the SNMPv3 framework. Specifically, 967 the use of the User-based Security Model RFC 2574 [RFC2574] and the 968 View-based Access Control Model RFC 2575 [RFC2575] is recommended. 970 It is then a customer/user responsibility to ensure that the SNMP 971 entity giving access to an instance of this MIB, is properly 972 configured to give access to the objects only to those principals 973 (users) that have legitimate rights to indeed GET or SET 974 (change/create/delete) them. 976 5. Normative References 978 [19] Robert Hinden, "Virtual Router Redundancy Protocol for IPv6", 979 (draft-ietf-vrrp-ipv6-spec-04.txt), May 2003. 981 6. Informative References 983 [1] Harrington, D., Presuhn, R. and B. Wijnen, "An Architecture for 984 Describing SNMP Management Frameworks", RFC 2571, April 1999. 986 [2] Rose, M. and K. McCloghrie, "Structure and Identification of 987 Management Information for TCP/IP-based Internets", STD 16, RFC 988 1155, May 1990. 990 [3] Rose, M. and K. McCloghrie, "Concise MIB Definitions", STD 16, 991 RFC 1212, March 1991. 993 [4] Rose, M., "A Convention for Defining Traps for use with the 994 SNMP", RFC 1215, March 1991. 996 [5] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, 997 M. and S. Waldbusser, "Structure of Management Information 998 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. 1000 [6] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, 1001 M. and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, 1002 RFC 2579, April 1999. 1004 [7] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, 1005 M. and S. Waldbusser, "Conformance Statements for SMIv2", STD 1006 58, RFC 2580, April 1999. 1008 [8] Case, J., Fedor, M., Schoffstall, M. and J. Davin, "Simple 1009 Network Management Protocol", STD 15, RFC 1157, May 1990. 1011 [9] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, 1012 "Introduction to Community-based SNMPv2", RFC 1901, January 1013 1996. 1015 [10] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, 1016 "Transport Mappings for Version 2 of the Simple Network 1017 Management Protocol (SNMPv2)", RFC 1906, January 1996. 1019 [11] Case, J., Harrington D., Presuhn R. and B. Wijnen, "Message 1020 Processing and Dispatching for the Simple Network Management 1021 Protocol (SNMP)", RFC 2572, April 1999. 1023 [12] Blumenthal, U. and B. Wijnen, "User-based Security Model (USM) 1024 for version 3 of the Simple Network Management Protocol 1025 (SNMPv3)", RFC 2574, April 1999. 1027 [13] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Protocol 1028 Operations for Version 2 of the Simple Network Management 1029 Protocol (SNMPv2)", RFC 1905, January 1996. 1031 [14] Levi, D., Meyer, P. and B. Stewart, "SNMPv3 Applications", RFC 1032 2573, April 1999. 1034 [15] Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based Access 1035 Control Model (VACM) for the Simple Network Management Protocol 1036 (SNMP)", RFC 2575, April 1999 1038 [16] Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction 1039 to Version 3 of the Internet-standard Network Management 1040 Framework", RFC 2570, April 1999 1042 [17] Knight, S., Weaver, D., Whipple, D., Hinden, R., Mitzel, D., 1043 Hunt, P., Higginson, P., Shand, M. and Lindem, A., "Virtual 1044 Router Redundancy Protocol", RFC 2338, November 1997. 1046 [18] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB 1047 using SMIv2", RFC 2233, November 1997. 1049 [20] M. Daniele, "Textual Conventions for Internet Network 1050 Addresses", RFC 3291, May 2002. 1052 [21] Jewell & Chuang, "Definitions of Managed Objects for the 1053 Virtual Router Redundancy Protocol", RFC 2787, March 2000. 1055 7. Acknowledgements 1057 This specification is based on RFC 2787 [21]. The authors of RFC2787 1058 are Brian Jewell and David Chuang 1060 8. IANA Considerations 1061 VRRP IPv6 MIB requires an OID assigned under mib-2 and this should be 1062 entered into section 3. 1064 Author's Addresses 1066 Kalyan Tata 1067 Nokia Inc. 1068 313 Fair Child Dr. 1069 Mountain View, California 94087 1070 US 1072 Phone: +1 408-896 6493 1073 Email: kalyan.tata@nokia.com 1075 Kripakaran karlekar 1076 Nokia Inc. 1077 313 Fair Child Dr. 1078 Mountain View, California 94087 1079 US 1080 Phone: +1 - 1081 Email: kripakaran.karlekar@nokia.com 1083 Brian R. Jewell 1084 Copper Mountain Networks, Inc. 1085 2470 Embarcadero Way 1086 Palo Alto, California 94303 1087 US 1089 Phone: +1 650 687 3367 1090 Email: bjewell@coppermountain.com 1092 9. Changes from RFC 2787 1094 - General rewrite to change MIB definition to accommodate protocol 1095 changes in virtual router functionality from IPv4 to IPv6. 1096 - Change all definitions of IPaddress to InetAddress and add 1097 InetAddressType as defined in RFC 3291 [20] in the following : 1098 o vrrpIPv6OperTable defined with vrrpIpv6OperIpAddrType and 1099 vrrpIPv6OperMasterIpAddr. 1101 - There is no definition to support multiple IP addresses per 1102 virtual router in VRRP-IPv6 and hence the following have been 1103 changed 1104 o No corresponding definition to vrrpAssoAddrTable. 1105 o No definition corresponding to vrrpPrimaryIPAddress 1106 o No definition corresponding to vrrpIPAddrCount 1107 - Added vrrpIpv6StatsAsMasterUpTime to vrrpIPv6Statisctcs group. 1108 - There is no authentication mechanism defined in VRRP for IPv6 1109 protocol. So all authentication related configuration, statistics 1110 and notifications are removed. 1111 - Changed vrrpIpv6StatsIpTtlErrors to vrrpIpv6HopLimitErrors 1112 - Added new trap to indicate various errors encountered by the VRRP 1113 protocol. 1114 - Added ErrorReason to indicate the reason for vrrpIpv6ErrorTrap. 1115 - Updated mib description with copyright information. 1116 - Modify conformance statement to reflect changes in 1117 vrrpIpv6OperGroup and vrrpIPv6StatsGroup.