idnits 2.17.1 draft-mfine-cops-pib-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts. ** The document seems to lack a 1id_guidelines paragraph about the list of Shadow Directories. == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Abstract section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. Miscellaneous warnings: ---------------------------------------------------------------------------- -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (26 February 1999) is 9184 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-08) exists of draft-ietf-rap-cops-06 -- Possible downref: Normative reference to a draft: ref. 'COPS-PR' -- Possible downref: Normative reference to a draft: ref. 'QOS-POL' ** Obsolete normative reference: RFC 1902 (ref. 'SNMP-SMI') (Obsoleted by RFC 2578) Summary: 10 errors (**), 0 flaws (~~), 2 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group M. Fine 2 Internet Draft K. McCloghrie 3 Cisco Systems 4 S. Hahn 5 Intel 6 K. Chan 7 Nortel Networks 8 A. Smith 9 Extreme Networks 11 26 February 1999 13 An Initial 14 Quality of Service Policy Information Base 15 for COPS-PR Clients and Servers 17 draft-mfine-cops-pib-00.txt 19 Status of this Memo 21 This document is an Internet-Draft and is in full conformance with all 22 provisions of Section 10 of RFC2026. Internet-Drafts are working 23 documents of the Internet Engineering Task Force (IETF), its areas, and 24 its working groups. Note that other groups may also distribute working 25 documents as Internet-Drafts. 27 Internet-Drafts are draft documents valid for a maximum of six months 28 and may be updated, replaced, or obsoleted by other documents at any 29 time. It is inappropriate to use Internet-Drafts as reference material 30 or to cite them other than as ``work in progress.'' 32 To view the current status of any Internet-Draft, please check the 33 ``1id-abstracts.txt'' listing contained in an Internet-Drafts Shadow 34 Directory, see http://www.ietf.org/shadow.html. 36 Draft Initial PIB February 1999 38 1. Glossary 40 PRC Policy Rule Class. A type of policy data. See [COPS-PR]. 41 PRI Policy Rule Instance. An instance of a PRC. See [COPS-PR]. 42 PIB Policy Information Base. The database of policy information. 43 PDP Policy Decision Point. See [COPS]. 44 PEP Policy Enforcement Point. See [COPS]. 46 2. Introduction 48 This document defines an initial set of policy rule classes that 49 describe the quality of service (QoS) policies for use by COPS-PR 50 clients and servers. 52 As described in [COPS-PR] QoS policy information is structured as 53 instances of policy rule classes. A policy rule class (PRC) is an 54 ordered set of scalar attributes. Policy rule classes are arranged in a 55 hierarchical structure similar to tables in SNMP's SMI [SNMP-SMI]. As 56 with SNMP tables, they are identified by a sequence of integer 57 identifiers. 59 For each policy rule class a device may have zero or more policy rule 60 instances. Each policy instance is also identified by a sequence of 61 integers where the first part of the sequence is the ID of the PRC. 62 Collections of policy rule classes are defined in PIB modules. These 63 modules are written using the same structure of management information 64 used by SNMP with the following modifications. 66 (1) The module begins with keyword PIB-DEFINITIONS rather than the 67 keyword DEFINITIONS to identify it as a PIB rather than a MIB. 69 (2) All policy rule classes as expressed as tables where each table 70 is a PRC and the table columns are the class attributes. There 71 is no scalar object as in SNMP. This makes for a more consistent 72 "class-based" structure. 74 (3) The OBJECT-TYPE macro has additional clause POLICY-ACCESS. This 75 clause can only be applied to a policy rule class (i.e., the 76 table definition). It takes the value "install", "install- 77 notify" or "notify". "Install" or "install-notify" means that 78 PDP may install instances of this policy rule class. "install- 79 notify" or "notify" means that the PEP must report all instances 80 of this class to the PDP in the initial request message, or when 81 the PDP sends a message to synchronize state. The assumed value 82 if none is explicitly provided is "install". 84 Draft Initial PIB February 1999 86 For policy rule classes whose access is install or install- 87 notify, the maximum access allowed from SNMP is read access. 89 (4) The OBJECT-TYPE macro has additional clause INSTALL-ERRORS which 90 enumerates the possible reasons for rejecting the install 91 decision from the PDP. This clause may only appear on a policy 92 rule class, i.e., on a table object type. If this clause is not 93 present, the install can still fail, but no policy class-specific 94 error is reported. 96 To facilitate future extensions to the PIB, the attributes of a class 97 may be augmented in another, perhaps enterprise specific, PIB by 98 defining a class (using the AUGMENTS clause) in that newer PIB. 99 Instances of the new class are related to instances of the existing 100 class by means of the instance index. 102 3. Mapping the PIB to a MIB 104 The PIB has been designed so that it can be easily and algorithmically 105 mapped into a MIB for the purpose of monitoring by SNMP. This mapping 106 is achieved by means of the following rules. 108 (1) Replace the keyword POLICY-DEFINITIONS with the keyword 109 DEFINITIONS. 111 (2) Delete all the POLICY-ACCESS clauses. 113 (3) Add a MAX-ACCESS clause for each OBJECT-TYPE. For each table and 114 entry OBJECT-TYPE the MAX-ACCESS is "not-accessible". For each 115 attribute that is an index, the MAX-ACCESS is "not-accessible". 116 For the remaining attributes, the MAX-ACCESS is "read-only" if 117 the POLICY-ACCESS for the class is "install" or "install-notify", 118 and it is "read-create" if the POLICY-ACCESS for the class is 119 "notify". 121 (4) Add a columnar attribute of type RowStatus with name status and 122 with the next available OID if the POLICY-ACCESS is "notify". 124 (5) Delete all the INSTALL-ERRORS clauses. 126 4. ACEs and ACLs 128 The basis of classification and policing for QoS is the access control 129 entry (ACE). An ACE is simply a flow specification generally matching 130 flows of a particular type rather than individual microflows or 131 Draft Initial PIB February 1999 133 aggregates. Associated with each ACE is a permit or deny action. 135 Ordered sets of these ACEs are used to create Access Control Lists 136 (ACLs). Then, ordered sets of these ACLs are applied to interfaces 137 together with a classification rule for each ACL (and a direction to 138 indicate an input or output ACL). Thus, associated with each interface 139 and direction is an ordered set of ACLs, each ACL consisting of an 140 ordered set of ACEs. 142 On input, each packet is checked against the set of ACLs configured on 143 the ingress interface for the input direction starting with the first in 144 the set. Similarly, on output each packet is checked against the set of 145 ACLs configured on the egress interface for the output direction. For 146 each ACL, the packet is checked against the set of ACEs in order. If a 147 packet matches an ACE in an ACL and the action is a permit, then the 148 action associated with that ACL is applied to that packet and no further 149 ACEs are compared. If the action is a deny then the rest of the ACEs in 150 the current ACL are skipped and the matching proceeds with the first ACE 151 of the next ACL (thus, providing a rudimentary "NOT" capability). If 152 the packet does not match any of the ACEs in the ACL, the next ACL is 153 tried. 155 5. Roles 157 The policy to apply to an interface may depend on many factors such as 158 immutable characteristics of the interface (e.g., ethernet or frame 159 relay), the status of the interface (e.g., half or full duplex), or user 160 configuration (e.g., branch office or headquarters interface). Rather 161 than specifying policies explicitly for each interface in the QoS 162 domain, policies are specified in terms of interface functionality. 164 To describe these functionalities of an interface we use the concept of 165 "roles". A role is simply a string that is associated with an 166 interface. A given interface may have any number of roles 167 simultaneously. Policy rule classes have an attribute called a "role- 168 combination" which is an unordered set of roles. Instances of a given 169 policy rule class are applied to interface if and only if the set of 170 roles in the role combination is identical to the set of the roles of 171 the interface. 173 Thus, roles provide a way to bind policy to interfaces without having to 174 to explicitly identify interfaces in a consistent manner across all 175 network devices. (The SNMP experience with ifIndex has proved this to 176 be a difficult task.) That is, roles provide a level of indirection to 177 the application of a set of policies to specific interfaces. 179 Draft Initial PIB February 1999 181 Furthermore, if the same policy is being applied to several interfaces, 182 that policy need be pushed to the device only once, rather than once per 183 interface, as long as the interfaces are configured with the same role 184 combination. 186 We point out that, in the event that the administrator needs to have 187 unique policy for each interface, this can be achieved by configuring 188 each interface with a unique role. 190 The PEP reports all its role combinations to the PDP at connect time or 191 whenever they change. 193 The comparing of roles (or role combinations) must be case insensitive. 194 For display purposes, roles (or role combinations) should preserve the 195 case specified by the user. 197 The concept and usage of roles in this document is consistent with that 198 specified in [QOS-POL]. Roles are currently under discussion in the 199 IETF's Policy WG; as and when that discussion reaches a conclusion, this 200 PIB will be updated in accordance with that conclusion. 202 6. Summary of the PIB 204 This section gives a brief summary of the top level groups in the PIB. 206 Device Configuration 207 This group contains device configuration information. This 208 configuration is either set by management or reflects the physical 209 configuration of the device. 211 General Policy Configuration 212 This group contains general, global configuration such as the 213 mapping from DSCP to 802.1p CoS. 215 The IP Classification Group 216 This group describes the IP ACLs used for classification of IP 217 flows. 219 QoS Interface Group 220 This group specifies the configuration of the various interface 221 types including the setting of queueing parameters and mapping of 222 DSCPs to queues. 224 Draft Initial PIB February 1999 226 7. PIB Definitions 228 QOS-POLICY-PIB PIB-DEFINITIONS ::= BEGIN 230 IMPORTS 231 Unsigned32, IpAddress FROM SNMPv2-SMI 232 DisplayString, TruthValue FROM SNMPv2-TC; 234 qosPolicyPib MODULE-IDENTITY 235 LAST-UPDATED "199902261800Z" 236 ORGANIZATION "IETF RAP WG" 237 CONTACT-INFO " 238 Michael Fine 239 Cisco Systems, Inc. 240 170 West Tasman Drive 241 San Jose, CA 95134-1706 USA 242 Phone: +1 408 527 8218 243 Email: mfine@cisco.com 245 Keith McCloghrie 246 Cisco Systems, Inc. 247 170 West Tasman Drive, 248 San Jose CA 95134-1706. USA 249 Phone: +1 408 526 5260 250 Email: kzm@cisco.com" 251 DESCRIPTION 252 "The PIB module containing an initial set of policy 253 rule classes that describe the quality of service 254 (QoS) policies." 255 ::= { tbd } 257 qosPolicyPibClasses OBJECT IDENTIFIER ::= { qosPolicyPib 1 } 259 -- New textual conventions 260 -- 262 -- DiffServ Codepoint 263 -- 264 Dscp ::= TEXTUAL-CONVENTION 265 DESCRIPTION 266 "An integer that is in the range of the DiffServ codepoint 267 values." 269 Draft Initial PIB February 1999 271 SYNTAX INTEGER (0..63) 273 -- Ip Precedence 274 -- 275 IpPrecedence ::= TEXTUAL-CONVENTION 276 DESCRIPTION 277 "An integer that is in the range of the IP precedence 278 values." 279 SYNTAX INTEGER (0..7) 281 -- Layer 2 CoS 282 -- 283 QosLayer2Cos ::= TEXTUAL-CONVENTION 284 DESCRIPTION 285 "An integer that is in the range of the layer 2 CoS values. 286 This corresponds to the 802.1p priority values." 287 SYNTAX INTEGER (0..7) 289 -- Interface types 290 -- 291 QosInterfaceQueueCount ::= TEXTUAL-CONVENTION 292 DESCRIPTION 293 "An integer that describes the number of queues an interface 294 supports. It is limited to the range of DSCP values." 295 SYNTAX INTEGER (0..63) 297 -- Role 298 -- 299 Role ::= TEXTUAL-CONVENTION 300 DESCRIPTION 301 "A display string but where the characters '+', ' ' (space), 302 NULL, LF, CR, BELL, BS, HT (tab) VT and FF are illegal." 303 SYNTAX DisplayString (SIZE (0..31)) 305 -- Role Combination 306 -- 307 RoleCombination ::= TEXTUAL-CONVENTION 308 DESCRIPTION 309 "A Display string consisting of a set of roles concatenated 310 with a '+' character where the roles are in lexicographic 312 Draft Initial PIB February 1999 314 order from minimum to maximum." 315 SYNTAX DisplayString (SIZE (0..255)) 317 -- Policy Instance Index 318 -- 319 PolicyInstanceId ::= TEXTUAL-CONVENTION 320 DESCRIPTION 321 "An textual convention for an attribute that is an an integer 322 index attribute of class. It is used for attributes that 323 exist for the purpose of providing a policy rule instance 324 with a unique instance identifier. 326 For any instance identifier that refers to another policy 327 rule instance, that other policy instance must exist. 328 Furthermore, it is an error to try to delete a policy rule 329 instance that is referred to by another instance without 330 first deleting the referencing instance." 331 SYNTAX Unsigned32 333 -- 334 -- Device Configuration 335 -- 337 -- This group contains device configuration information. This 338 -- configuration is either set by management or reflects the physical 339 -- configuration of the device. This configuration is generally 340 -- reported to the PDP (i.e., the policy server so that the PDP can 341 -- determine what policies to download to the PEP (i.e., the device). 343 qosDeviceConfig ::= { qosPolicy 1 } 345 qosPrcSupportTable OBJECT-TYPE 346 SYNTAX SEQUENCE OF QosPrcSupportEntry 347 POLICY-ACCESS notify 348 STATUS current 349 DESCRIPTION 350 "Each instance of this class specifies a PRC that the device 351 supports and a bit string to indicate the attributes of the 352 class that are supported. These PRIs are sent to the PDP to 353 indicate to the PDP which PRCs, and which attributes of these 354 PRCs, the device supports. All install and install-notify PRCs 356 Draft Initial PIB February 1999 358 supported by the device must be represented in this table." 359 ::= { qosDeviceConfig 1 } 361 qosPrcSupportEntry OBJECT-TYPE 362 SYNTAX QosPrcSupportEntry 363 INDEX { qosPrcSupportId } 364 ::= { qosPrcSupportTable 1 } 366 QosPrcSupportEntry ::= 367 SEQUENCE { 368 qosPrcSupportId PolicyInstanceId, 369 qosPrcSupportSupportedPrc OBJECT IDENTIFIER, 370 qosPrcSupportSupportedAttrs OCTET STRING 371 } 373 qosPrcSupportId OBJECT-TYPE 374 SYNTAX PolicyInstanceId 375 DESCRIPTION 376 "Id to uniquely identify an instance." 377 ::= { qosPrcSupportEntry 1 } 379 qosPrcSupportSupportedPrc OBJECT-TYPE 380 SYNTAX OBJECT IDENTIFIER 381 DESCRIPTION 382 "The object ID of a supported PRC. There may not be more 383 than one instance of PRC qosPrcSupportTable with the same 384 value of qosPrcSupportSupportedPrc." 385 ::= { qosPrcSupportEntry 2 } 387 qosPrcSupportSupportedAttrs OBJECT-TYPE 388 SYNTAX OCTET STRING 389 DESCRIPTION 390 "A bit string representing the supported attributes of the 391 class." 392 ::= { qosPrcSupportEntry 3 } 394 qosDevicePibIncarnationTable OBJECT-TYPE 395 SYNTAX SEQUENCE OF QosDevicePibIncarnationEntry 396 POLICY-ACCESS install-notify 397 STATUS current 398 DESCRIPTION 399 "This class contains a single policy rule instance that 400 identifies the current incarnation of the PIB and the PDP 402 Draft Initial PIB February 1999 404 that installed this incarnation. The instance of this class 405 is reported to the PDP at client connect time so that the PDP 406 can (attempt to) ascertain the current state of the PIB." 407 INSTALL-ERRORS { 408 tooManyPris(1), 409 } 410 ::= { qosDeviceConfig 2 } 412 qosDevicePibIncarnationEntry OBJECT-TYPE 413 SYNTAX QosDevicePibIncarnationEntry 414 INDEX { qosDeviceIncarnationId } 415 ::= { qosDevicePibIncarnationTable 1 } 417 QosDevicePibIncarnationEntry ::= 418 SEQUENCE { 419 qosDeviceIncarnationId PolicyInstanceId, 420 qosDevicePdpName DisplayString 421 qosDevicePibIncarnation OCTET STRING, 422 qosDevicePibTtl Unsigned32 423 } 425 qosDeviceIncarnationId OBJECT-TYPE 426 SYNTAX PolicyInstanceId 427 DESCRIPTION 428 "Id to uniquely identify an instance." 429 ::= { qosDevicePibIncarnationEntry 1 } 431 qosDevicePdpName OBJECT-TYPE 432 SYNTAX DisplayString 433 DESCRIPTION 434 "The name of the PDP that installed the current incarnation 435 of the PIB into the device. By default it is the zero length 436 string." 437 ::= { qosDevicePibIncarnationEntry 2 } 439 qosDevicePibIncarnation OBJECT-TYPE 440 SYNTAX OCTET STRING 441 DESCRIPTION 442 "An ID to identify the current incarnation. It has meaning 443 to the PDP that installed the PIB and perhaps its standby 444 PDPs. By default the zero-length string." 445 ::= { qosDevicePibIncarnationEntry 3 } 447 qosDevicePibTtl OBJECT-TYPE 448 Draft Initial PIB February 1999 450 SYNTAX Unsigned32 451 DESCRIPTION 452 "The number of seconds after a client close or TCP timeout 453 for which the PEP continues to enforce the policy in the PIB. 454 After this interval, the PIB is considered expired and the 455 device no longer enforces the policy installed in the PIB." 456 ::= { qosDevicePibIncarnationEntry 4 } 458 qosInterfaceTypeTable OBJECT-TYPE 459 SYNTAX SEQUENCE OF QosInterfaceTypeEntry 460 POLICY-ACCESS notify 461 STATUS current 462 DESCRIPTION 463 "This class describes the interface types of the interfaces 464 that exist on the device. It includes the queue count, role 465 combination and capabilities of interfaces. An instance is 466 required for each different combination of queue count, role 467 combination, and interface capabilities that is operational 468 on the device at any given time. The PEP does not report 469 which specific interfaces have which characteristics." 470 ::= { qosDeviceConfig 3 } 472 qosInterfaceTypeEntry OBJECT-TYPE 473 SYNTAX QosInterfaceTypeEntry 474 INDEX { qosInterfaceTypeId } 475 ::= { qosInterfaceTypeTable 1 } 477 QosInterfaceTypeEntry ::= 478 SEQUENCE { 479 qosInterfaceTypeId PolicyInstanceId, 480 qosInterfaceQueueCount QosInterfaceQueueCount, 481 qosInterfaceTypeRoles RoleCombination, 482 qosInterfaceTypeCapabilities BITS 483 } 485 qosInterfaceTypeId OBJECT-TYPE 486 SYNTAX PolicyInstanceId 487 DESCRIPTION 488 "Id to uniquely identify an instance." 489 ::= { qosInterfaceTypeEntry 1 } 491 qosInterfaceQueueCount OBJECT-TYPE 492 SYNTAX QosInterfaceQueueCount 493 DESCRIPTION 495 Draft Initial PIB February 1999 497 "The number of queues supported by interfaces to which 498 this policy rule instance applies." 499 ::= { qosInterfaceTypeEntry 2 } 501 qosInterfaceTypeRoles OBJECT-TYPE 502 SYNTAX RoleCombination 503 DESCRIPTION 504 "The role combination of interfaces to which this policy 505 rule instance applies." 506 ::= { qosInterfaceTypeEntry 3 } 508 qosInterfaceTypeCapabilities OBJECT-TYPE 509 SYNTAX BITS { 510 other(1), 512 -- Classification support 513 inputIpClassification(2), 514 outputIpClassification(3), 516 -- Expect more to be added 517 } 518 DESCRIPTION 519 "An enumeration of interface capabilities. Used by the 520 PDP to select which policies and configuration it should 521 push to the PEP." 522 ::= { qosInterfaceTypeEntry 4 } 524 -- 525 -- General Config for the entire domain. 526 -- 528 qosDomainConfig ::= { qosPolicy 2 } 530 -- Table of DiffServ codepoint mappings 531 -- Maps DSCP to IP precedence and CoS 533 qosDiffServMappingTable OBJECT-TYPE 534 SYNTAX SEQUENCE OF QosDiffServMappingEntry 535 POLICY-ACCESS install 536 STATUS current 537 DESCRIPTION 538 "Maps each DSCP to an IP precedence and QosLayer2Cos. When 539 configured for the first time, all 64 entries of the table 541 Draft Initial PIB February 1999 543 must be specified. Thereafter, instances may be modified but 544 not deleted unless all instances are deleted" 545 INSTALL-ERRORS { 546 tooManyPris(1), -- Must have 0 or 64 547 tooFewPris(2), 548 outOfOrder(3), -- Must have all 64 values 549 } 550 ::= { qosDomainConfig 1 } 552 qosDiffServMappingEntry OBJECT-TYPE 553 SYNTAX QosDiffServMappingEntry 554 INDEX { qosDscp } 555 :: = { qosDiffServMappingTable 1 } 557 QosDiffServMappingEntry ::= 558 SEQUENCE { 559 qosDscp Dscp, 560 qosIpPrecedence IpPrecedence, 561 qosL2Cos QosLayer2Cos 562 } 564 qosDscp OBJECT-TYPE 565 SYNTAX Dscp 566 DESCRIPTION 567 "A DSCP" 568 ::= { qosDiffServMappingEntry 1 } 570 qosIpPrecedence OBJECT-TYPE 571 SYNTAX IpPrecedence 572 DESCRIPTION 573 "The IP precedence to use when mapping this DSCP to an IP 574 precedence." 575 ::= { qosDiffServMappingEntry 2 } 577 qosL2Cos OBJECT-TYPE 578 SYNTAX QosLayer2Cos 579 DESCRIPTION 580 "The L2 CoS value to use when mapping this DSCP to layer 2 581 CoS." 582 ::= { qosDiffServMappingEntry 3 } 584 -- Table of Layer 2 CoS to DSCP mappings 585 -- 586 Draft Initial PIB February 1999 588 qosCosToDscpTable OBJECT-TYPE 589 SYNTAX SEQUENCE OF QosCosToDscpEntry 590 POLICY-ACCESS install 591 STATUS current 592 DESCRIPTION 593 "Maps each of eight CoS values to a DSCP. When configured 594 for the first time, all 8 entries of the table must be 595 specified. Thereafter, instances may be modified but not 596 deleted unless all instances are deleted." 597 ::= { qosDomainConfig 2 } 599 qosCosToDscpEntry OBJECT-TYPE 600 SYNTAX QosCosToDscpEntry 601 INDEX { qosCosToDscpCos } 602 :: = { qosCosToDscpTable 1 } 604 QosCosToDscpEntry ::= 605 SEQUENCE { 606 qosCosToDscpCos QosLayer2Cos, 607 qosCosToDscpDscp Dscp 608 } 610 qosCosToDscpCos OBJECT-TYPE 611 SYNTAX QosLayer2Cos 612 DESCRIPTION 613 "The L2 CoS value that is being mapped." 614 ::= { qosDiffServMappingEntry 1 } 616 qosCosToDscpDscp OBJECT-TYPE 617 SYNTAX Dscp 618 DESCRIPTION 619 "The DSCP value to use when mapping the L2 CoS to a DSCP." 620 ::= { qosDiffServMappingEntry 2 } 622 -- 623 -- The IP Classification and Policing Group 624 -- 626 qosIpQos ::= { qosPolicy 3 } 628 -- The ACE Table 629 Draft Initial PIB February 1999 631 -- 633 qosIpAceTable OBJECT-TYPE 634 SYNTAX SEQUENCE OF QosIpAceEntry 635 POLICY-ACCESS install 636 STATUS current 637 DESCRIPTION 638 "ACE definitions. A packet has to match all fields in an 639 ACE. Wildcards may be specified for those fields that are 640 not relevant." 641 ::= { qosIpQos 1 } 643 qosIpAceEntry OBJECT-TYPE 644 SYNTAX QosIpAceEntry 645 INDEX { qosIpAceId } 646 ::= { qosIpAceTable 1 } 648 QosIpAceEntry ::= 649 SEQUENCE { 650 qosIpAceId PolicyInstanceId, 651 qosIpAceDstAddr IpAddress, 652 qosIpAceDstAddrMask IpAddress, 653 qosIpAceSrcAddr IpAddress, 654 qosIpAceSrcAddrMask IpAddress, 655 qosIpAceDscpMin Dscp, 656 qosIpAceDscpMax Dscp, 657 qosIpAceProtocol INTEGER, 658 qosIpAceDstL4PortMin INTEGER, 659 qosIpAceDstL4PortMax INTEGER, 660 qosIpAceSrcL4PortMin INTEGER, 661 qosIpAceSrcL4PortMax INTEGER, 662 qosIpAcePermit TruthValue 663 } 665 qosIpAceId OBJECT-TYPE 666 SYNTAX PolicyInstanceId 667 DESCRIPTION 668 "An integer index to uniquely identify this ACE among all the 669 ACEs." 670 ::= { qosIpAceEntry 1 } 672 qosIpAceDstAddr OBJECT-TYPE 673 SYNTAX IpAddress 674 DESCRIPTION 675 "The IP address to match against the packet's destination IP 677 Draft Initial PIB February 1999 679 address." 680 ::= { qosIpAceEntry 2 } 682 qosIpAceDstAddrMask OBJECT-TYPE 683 SYNTAX IpAddress 684 DESCRIPTION 685 "A mask for the matching of the destination IP address. 686 A zero bit in the mask means that the corresponding bit in 687 the address always matches." 688 ::= { qosIpAceEntry 3 } 690 qosIpAceSrcAddr OBJECT-TYPE 691 SYNTAX IpAddress 692 DESCRIPTION 693 "The IP address to match against the packet's source IP 694 address." 695 ::= { qosIpAceEntry 4 } 697 qosIpAceSrcAddrMask OBJECT-TYPE 698 SYNTAX IpAddress 699 DESCRIPTION 700 "A mask for the matching of the source IP address." 701 ::= { qosIpAceEntry 5 } 703 qosIpAceDscpMin OBJECT-TYPE 704 SYNTAX Dscp 705 DESCRIPTION 706 "The minimum value that the DSCP in the packet can have and 707 match this ACE." 708 ::= { qosIpAceEntry 6 } 710 qosIpAceDscpMax OBJECT-TYPE 711 SYNTAX Dscp 712 DESCRIPTION 713 "The maximum value that the DSCP in the packet can have and 714 match this ACE." 715 ::= { qosIpAceEntry 7 } 717 qosIpAceProtocol OBJECT-TYPE 718 SYNTAX INTEGER (0..255) 719 DESCRIPTION 720 "The IP protocol to match against the packet's protocol. 721 A value of zero means match all." 722 ::= { qosIpAceEntry 8 } 724 Draft Initial PIB February 1999 726 qosIpAceDstL4PortMin OBJECT-TYPE 727 SYNTAX INTEGER (0..65536) 728 DESCRIPTION 729 "The minimum value that the packet's layer 4 destination 730 port number can have and match this ACE." 731 ::= { qosIpAceEntry 9 } 733 qosIpAceDstL4PortMax OBJECT-TYPE 734 SYNTAX INTEGER (0..65536) 735 DESCRIPTION 736 "The maximum value that the packet's layer 4 destination 737 port number can have and match this ACE." 738 ::= { qosIpAceEntry 10 } 740 qosIpAceSrcL4PortMin OBJECT-TYPE 741 SYNTAX INTEGER (0..65536) 742 DESCRIPTION 743 "The minimum value that the packet's layer 4 source port 744 number can have and match this ACE." 745 ::= { qosIpAceEntry 11 } 747 qosIpAceSrcL4PortMax OBJECT-TYPE 748 SYNTAX INTEGER (0..65536) 749 DESCRIPTION 750 "The maximum value that the packet's layer 4 source port 751 number can have and match this ACE." 752 ::= { qosIpAceEntry 12 } 754 qosIpAcePermit OBJECT-TYPE 755 SYNTAX TruthValue 756 DESCRIPTION 757 "If the packet matches this ACE and the value of this 758 attribute is true, then the matching process terminates 759 and the QoS associated with this ACE (indirectly through 760 the ACL) is applied to the packet. If the value of this 761 attribute is false, then no more ACEs in this ACL are 762 compared to this packet and matching continues with the 763 first ACE of the next ACL." 764 ::= { qosIpAceEntry 13 } 766 -- The ACL Definition Table 767 -- 768 Draft Initial PIB February 1999 770 qosIpAclDefinitionTable OBJECT-TYPE 771 SYNTAX QosIpAclDefinitionEntry 772 POLICY-ACCESS install 773 STATUS current 774 DESCRIPTION 775 "A class that defines a set of ACLs each being an ordered list 776 of ACEs. Each instance of this class identifies one ACE of 777 an ACL and the precedence order of that ACE with respect to 778 other ACEs in the same ACL." 779 ::= { qosIpQos 2 } 781 qosIpAclDefinitionEntry OBJECT-TYPE 782 SYNTAX QosIpAclDefinitionEntry 783 INDEX { qosIpAclDefinitionId } 784 ::= { qosIpAclDefinitionTable 1 } 786 QosIpAclDefinitionEntry ::= 787 SEQUENCE { 788 qosIpAclDefinitionId PolicyInstanceId, 789 qosIpAclId PolicyInstanceId, 790 qosIpAceId PolicyInstanceId, 791 qosIpAceOrder Unsigned32 792 } 794 qosIpAclDefinitionId OBJECT-TYPE 795 SYNTAX PolicyInstanceId 796 DESCRIPTION 797 "Unique ID of this policy rule instance." 798 ::= { qosIpAclDefinitionEntry 1 } 800 qosIpAclId OBJECT-TYPE 801 SYNTAX PolicyInstanceId 802 DESCRIPTION 803 "An index for this ACL. There will be one instance of 804 the class qosIpAclDefinition with this ID for each ACE in 805 the ACL per role combination." 806 ::= { qosIpAclDefinitionEntry 2 } 808 qosIpAceId OBJECT-TYPE 809 SYNTAX PolicyInstanceId 810 DESCRIPTION 811 "This attribute specifies the ACE in the qosIpAceTable that 812 is in the ACL specified by qosIpAclId at the position 813 specified by qosIpAceOrder." 814 ::= { qosIpAclDefinitionEntry 3 } 816 Draft Initial PIB February 1999 818 qosIpAceOrder OBJECT-TYPE 819 SYNTAX Unsigned32 820 DESCRIPTION 821 "The precedence order of this ACE. The precedence order 822 determines the position of this ACE in the ACL. An ACE with 823 a given precedence order is positioned in the access control 824 list before one with a higher-valued precedence order." 825 ::= { qosIpAclDefinitionEntry 4 } 827 -- The ACL Action Table 828 -- 830 qosIpAclActionTable OBJECT-TYPE 831 SYNTAX QosIpAclActionEntry 832 POLICY-ACCESS install 833 STATUS current 834 DESCRIPTION 835 "A class that applies a set of ACLs to interfaces specifying, 836 for each interface, the precedence order of the ACL with respect 837 to other ACLs applied to the same interface and, for each ACL, 838 the action to take for a packet that matches a permit ACE in 839 that ACL. Interfaces are specified abstractly in terms of 840 interface roles." 841 ::= { qosIpQos 3 } 843 qosIpAclActionEntry OBJECT-TYPE 844 SYNTAX QosIpAclActionEntry 845 INDEX { qosIpAclActionId } 846 ::= { qosIpAclActionTable 1 } 848 QosIpAclActionEntry ::= 849 SEQUENCE { 850 qosIpAclActionId PolicyInstanceId, 851 qosIpAclId PolicyInstanceId, 852 qosIpAclInterfaceRoles RoleCombination, 853 qosIpAclInterfaceDirection INTEGER, 854 qosIpAclOrder Unsigned32, 855 qosIpAclDscp Dscp 856 } 858 qosIpAclActionId OBJECT-TYPE 859 SYNTAX PolicyInstanceId 860 DESCRIPTION 861 "An ID to uniquely identify the instance of the class." 863 Draft Initial PIB February 1999 865 ::= { qosIpAclActionEntry 1 } 867 qosIpAclId OBJECT-TYPE 868 SYNTAX PolicyInstanceId 869 DESCRIPTION 870 "The ACL associated with this action." 871 ::= { qosIpAclActionEntry 2 } 873 qosIpAclInterfaceRoles OBJECT-TYPE 874 SYNTAX RoleCombination 875 DESCRIPTION 876 "The interfaces to which this ACL applies specified in terms 877 of a set of roles." 878 ::= { qosIpAclActionEntry 3 } 880 qosIpAclInterfaceDirection OBJECT-TYPE 881 SYNTAX INTEGER { in(0), out(1) } 882 DESCRIPTION 883 "The direction of packet flow at the interface in question to 884 which this ACL applies." 885 ::= { qosIpAclActionEntry 4 } 887 qosIpAclOrder OBJECT-TYPE 888 SYNTAX Unsigned32 889 DESCRIPTION 890 "An integer that determines the precedence order of this ACL in 891 the list of ACLs applied to interfaces of the specified role 892 combination. An ACL with a given precedence order is positioned 893 in the list before one with a higher-valued precedence order." 894 ::= { qosIpAclActionEntry 5 } 896 qosIpAclDscp OBJECT-TYPE 897 SYNTAX Dscp 898 DESCRIPTION 899 "The DSCP to classify the packet with in the event that the 900 packet matches an ACE in this ACL and the ACE is a permit." 901 ::= { qosIpAclActionEntry 6 } 903 -- 904 -- QoS Interface Group 905 -- 906 Draft Initial PIB February 1999 908 -- This group specifies the configuration of the various interface 909 -- types including the setting of queueing parameters and the 910 -- mapping of DSCPs to queues. 912 qosIfParameters ::= { qosPolicy 4 } 914 -- The Assignment of DSCPs to queues for each interface type. 915 -- 917 qosIfDscpAssignmentTable OBJECT-TYPE 918 SYNTAX SEQUENCE OF QosIfDscpAssignmentEntry 919 POLICY-ACCESS install 920 STATUS current 921 DESCRIPTION 922 "The assignment of each DSCP to a queue for each interface 923 queue count. There will be 64 instances of this class for 924 each combination of queue count and role combination." 925 ::= { qosIfParameters 1 } 927 qosIfDscpAssignmentEntry OBJECT-TYPE 928 SYNTAX QosIfDscpAssignmentEntry 929 INDEX { qosIfDscpAssignmentId } 930 ::= { qosIfAssignmentTable 1 } 932 QosIfDscpAssignmentEntry ::= 933 SEQUENCE { 934 qosIfDscpAssignmentId PolicyInstanceId, 935 qosIfDscpRoles RoleCombination, 936 qosIfQueueCount QosInterfaceQueueCount, 937 qosIfDscp Dscp, 938 qosIfQueue INTEGER 939 } 941 qosIfDscpAssignmentId OBJECT-TYPE 942 SYNTAX PolicyInstanceId 943 DESCRIPTION 944 "An ID to uniquely identify the instance of the class." 945 ::= { qosIfAssignmentEntry 1 } 947 qosIfDscpRoles OBJECT-TYPE 948 SYNTAX RoleCombination 949 DESCRIPTION 950 "The role combination the interface must be configured with." 951 ::= { qosIfAssignmentEntry 2 } 953 Draft Initial PIB February 1999 955 qosIfQueueCount OBJECT-TYPE 956 SYNTAX QosInterfaceQueueCount 957 DESCRIPTION 958 "This row applies only to interfaces that have as many queues 959 as specified by this attribute." 960 ::= { qosIfAssignmentEntry 3 } 962 qosIfDscp OBJECT-TYPE 963 SYNTAX Dscp 964 DESCRIPTION 965 "The DSCP to which this row applies." 966 ::= { qosIfAssignmentEntry 4 } 968 qosIfQueue OBJECT-TYPE 969 SYNTAX INTEGER 970 DESCRIPTION 971 "The queue to be used for packets which have this DSCP. 972 It must be in the range 1 through qosIfQueueCount." 973 ::= { qosIfAssignmentEntry 5 } 975 -- Weights for interfaces that support WRR. 976 -- 978 qosIfWeightsTable OBJECT-TYPE 979 SYNTAX SEQUENCE OF QosIfWeightsEntry 980 POLICY-ACCESS install 981 STATUS current 982 DESCRIPTION 983 "A class of scheduling weights for each queue of an interface 984 that supports weighted round robin scheduling. 985 ::= { qosIfParameters 2 } 987 qosIfWeightsEntry OBJECT-TYPE 988 SYNTAX QosIfWeightsEntry 989 INDEX { qosIfWeightsId } 990 ::= { qosIfWeightsTable 1 } 992 QosIfWeightsEntry ::= 993 SEQUENCE { 994 qosIfWeightsId PolicyInstanceId, 995 qosIfWeightsRoles RoleCombination, 996 qosIfWeightsNumQueues QosInterfaceQueueCount, 997 qosIfWeightsQueue INTEGER, 998 qosIfWeightsDrainSize INTEGER, 1000 Draft Initial PIB February 1999 1002 qosIfWeightsQueueSize INTEGER, 1003 } 1005 qosIfWeightsId OBJECT-TYPE 1006 SYNTAX PolicyInstanceId 1007 DESCRIPTION 1008 "An ID to uniquely identify the instance of the class." 1009 ::= { qosIfWeightsEntry 1 } 1011 qosIfWeightsRoles OBJECT-TYPE 1012 SYNTAX RoleCombination 1013 DESCRIPTION 1014 "The role combination the interface must be configured with." 1015 ::= { qosIfWeightsEntry 2 } 1017 qosIfWeightsNumQueues OBJECT-TYPE 1018 SYNTAX QosInterfaceQueueCount 1019 DESCRIPTION 1020 "The value of the weight in this PRI applies only to 1021 interfaces with the number of queues specified by this 1022 attribute." 1023 ::= { qosIfWeightsEntry 3 } 1025 qosIfWeightsQueue OBJECT-TYPE 1026 SYNTAX INTEGER 1027 DESCRIPTION 1028 "The queue to which the weight applies" 1029 ::= { qosIfWeightsEntry 4 } 1031 qosIfWeightsDrainSize OBJECT-TYPE 1032 SYNTAX INTEGER 1033 DESCRIPTION 1034 "The maximum number of bytes that may be drained from the 1035 queue in one cycle. The percentage of the bandwidth allocated 1036 to this queue can be calculated from this attribute and the 1037 sum of the drain sizes of all the queues of the interface. 1039 For an interface that uses priority queueing, the drain size 1040 specifies the queue priority. The higher the drain size the 1041 higher the priority." 1042 ::= { qosIfWeightsEntry 5 } 1044 qosIfWeightsQueueSize OBJECT-TYPE 1045 SYNTAX INTEGER 1046 DESCRIPTION 1048 Draft Initial PIB February 1999 1050 "The size of the queue in bytes. Some devices set queue size 1051 in terms of packets. These devices must calculate the queue 1052 size in packets by assuming an average packet size suitable 1053 for the particular interface. 1055 Some devices have a fixed size buffer to be shared among all 1056 queues. These devices must allocate a fraction of the 1057 total buffer space to this queue calculated as the the ratio 1058 of the queue size to the sum of the queue sizes for the 1059 interface." 1060 ::= { qosIfWeightsEntry 6 } 1062 END 1063 Draft Initial PIB February 1999 1065 8. Security Considerations 1067 The information contained in a PIB when transported by the COPS protocol 1068 [COPS-PR] may be sensitive, and its function of provisioning a PEP 1069 requires that only authorized communication take place. The use of 1070 IPSEC between PDP and PEP, as described in [COPS], provides the 1071 necessary protection against these threats. 1073 9. Intellectual Property Considerations 1075 The IETF is being notified of intellectual property rights claimed in 1076 regard to some or all of the specification contained in this docu- ment. 1077 For more information consult the online list of claimed rights. 1079 10. Authors' Addresses 1081 Michael Fine 1082 Cisco Systems, Inc. 1083 170 West Tasman Drive 1084 San Jose, CA 95134-1706 USA 1085 Phone: +1 408 527 8218 1086 Email: mfine@cisco.com 1088 Keith McCloghrie 1089 Cisco Systems, Inc. 1090 170 West Tasman Drive 1091 San Jose, CA 95134-1706 USA 1092 Phone: +1 408 526 5260 1093 Email: kzm@cisco.com 1095 Scott Hahn 1096 Intel 1097 2111 NE 25th Avenue 1098 Hillsboro, OR 97124 USA 1099 503.264.8231 1100 Email: scott.hahn@intel.com 1102 Kwok Ho Chan 1103 Nortel Networks, Inc. 1104 600 Technology Park Drive 1105 Billerica, MA 01821 USA 1106 Phone: (978) 916-8175 1107 Email: khchan@nortelnetworks.com 1109 Draft Initial PIB February 1999 1111 Andrew Smith 1112 Extreme Networks 1113 10460 Bandley Drive 1114 Cupertino CA 95014 USA 1115 +1 (408) 342 0999 1116 Email: andrew@extremenetworks.com 1118 11. References 1120 [COPS] J. Boyle, R. Cohen, D. Durham, S. Herzog, R. Rajan, A. Sastry, 1121 "The COPS (Common Open Policy Service) Protocol" 1122 Internet-Draft, draft-ietf-rap-cops-06.txt, February 1999. 1124 [COPS-PR] R. Yavatkar, K. McCloghrie, S. Herzog, F. Reichmeyer, 1125 D. Durham, K. Chan, S. Gai, "COPS Usage for Policy 1126 Provisioning", draft-sgai-cops-provisioning-00.txt, 1127 February 1999. 1129 [QOS-POL] S. Gai, J. Strassner, D. Durham, S. Herzog, H. Mahon, 1130 F. Reichmeyer, "QoS Policy Framework Architecture", 1131 draft-sgai-policy-framework-00.txt, February 1999. 1133 [SNMP-SMI] SNMPv2 Working Group, J. Case, K. McCloghrie, M. Rose, 1134 S. Waldbusser, "Structure of Management Information for 1135 Version 2 of the Simple Network Management Protocol (SNMPv2)", 1136 RFC 1902, January 1996. 1138 Draft Initial PIB February 1999 1140 Table of Contents 1142 1 Glossary ........................................................ 2 1143 2 Introduction .................................................... 2 1144 3 Mapping the PIB to a MIB ........................................ 3 1145 4 ACEs and ACLs ................................................... 3 1146 5 Roles ........................................................... 4 1147 6 Summary of the PIB .............................................. 5 1148 7 PIB Definitions ................................................. 6 1149 8 Security Considerations ......................................... 25 1150 9 Intellectual Property Considerations ............................ 25 1151 10 Authors' Addresses ............................................. 25 1152 11 References ..................................................... 26