idnits 2.17.1 draft-mfine-cops-pib-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts. ** The document seems to lack a 1id_guidelines paragraph about the list of Shadow Directories. == No 'Intended status' indicated for this document; assuming Proposed Standard == It seems as if not all pages are separated by form feeds - found 0 form feeds but 64 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Abstract section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. Miscellaneous warnings: ---------------------------------------------------------------------------- -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- Couldn't find a document date in the document -- date freshness check skipped. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-08) exists of draft-ietf-rap-cops-07 -- No information found for draft-ietf-rap-cops-pr - is the name correct? -- Possible downref: Normative reference to a draft: ref. 'COPS-PR' -- Possible downref: Normative reference to a draft: ref. 'POLICY' ** Downref: Normative reference to an Informational draft: draft-ietf-rap-framework (ref. 'RAP-FRAMEWORK') == Outdated reference: A later version (-06) exists of draft-ietf-diffserv-model-00 ** Downref: Normative reference to an Informational draft: draft-ietf-diffserv-model (ref. 'MODEL') Summary: 10 errors (**), 0 flaws (~~), 4 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group M. Fine 2 Internet Draft K. McCloghrie 3 Expires June 2000 Cisco Systems 4 J. Seligson 5 K. Chan 6 Nortel Networks 7 S. Hahn 8 Intel 9 A. Smith 10 Extreme Networks 12 Oct 22 1999 14 Quality of Service Policy Information Base 16 draft-mfine-cops-pib-02.txt 18 Status of this Memo 20 This document is an Internet-Draft and is in full conformance with all 21 provisions of Section 10 of RFC2026. Internet-Drafts are working 22 documents of the Internet Engineering Task Force (IETF), its areas, and 23 its working groups. Note that other groups may also distribute working 24 documents as Internet-Drafts. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference material 29 or to cite them other than as ``work in progress.'' 31 To view the current status of any Internet-Draft, please check the 32 ``1id-abstracts.txt'' listing contained in an Internet-Drafts Shadow 33 Directory, see http://www.ietf.org/shadow.html. 35 Disclaimer 37 This draft is preliminary and is known to be inconsistent in some 38 respects with the Diffserv Conceptual Model [MODEL]. It is intended to 39 correct this prior to the next version, as well as checking for full 40 consistency with RFC 2474 and RFC 2475. 42 1. Glossary 44 PRC Policy Rule Class. A type of policy data. 45 PRI Policy Rule Instance. An instance of a PRC. 46 PIB Policy Information Base. The database of policy information. 47 PDP Policy Decision Point. See [RAP-FRAMEWORK]. 48 PEP Policy Enforcement Point. See [RAP-FRAMEWORK]. 49 PRID Policy Rule Instance Identifier. Uniquely identifies an 50 instance of a a PRC. 52 2. Introduction 54 This document defines a set of policy rule classes for describing 55 quality of service (QoS) policies. 57 This document structures QoS policy information as instances of policy 58 rule classes. A policy rule class (PRC) is an ordered set of scalar 59 attributes. Policy rule classes are arranged in a hierarchical 60 structure similar to tables in SNMP's SMIv2 [SNMP-SMI]. As with SNMP 61 tables, they are identified by a sequence of integer identifiers (an 62 Object Identifier). 64 For each policy rule class a device may have zero or more policy rule 65 instances. Each policy rule instance is also identified by a sequence 66 of integers where the first part of the sequence is the ID of the PRC. 67 Collections of policy rule classes are defined in PIB modules. These 68 modules are written using a structure designed for policy information 69 which is described in [COPS-PR]. 71 3. General PIB Concepts 73 3.1. Roles 75 The policy to apply to an interface may depend on many factors such as 76 immutable characteristics of the interface (e.g., ethernet or frame 77 relay), the status of the interface (e.g., half or full duplex), or user 78 configuration (e.g., branch office or headquarters interface). Rather 79 than specifying policies explicitly for each interface in the QoS 80 domain, policies are specified in terms of interface functionality. 82 To describe these functionalities of an interface we use the concept of 83 "roles". A role is simply a string that is associated with an 84 interface. A given interface may have any number of roles 85 simultaneously. Policy rule classes have an attribute called a "role- 86 combination" which is an unordered set of roles. Instances of a given 87 policy rule class are applied to an interface if and only if the set of 88 roles in the role combination is identical to the set of the roles of 89 the interface. 91 Thus, roles provide a way to bind policy to interfaces without having to 92 explicitly identify interfaces in a consistent manner across all network 93 devices. (The SNMP experience with ifIndex has proved this to be a 94 difficult task.) That is, roles provide a level of indirection to the 95 application of a set of policies to specific interfaces. Furthermore, 96 if the same policy is being applied to several interfaces, that policy 97 need be pushed to the device only once, rather than once per interface, 98 as long as the interfaces are configured with the same role combination. 100 We point out that, in the event that the administrator needs to have 101 unique policy for each interface, this can be achieved by configuring 102 each interface with a unique role. 104 The PEP reports all its role combinations to the PDP at connect time or 105 whenever they change. 107 The comparing of roles (or role combinations) must be case insensitive. 108 For display purposes, roles (or role combinations) should preserve the 109 case specified by the user. 111 The concept and usage of roles in this document is consistent with that 112 specified in [POLICY]. Roles are currently under discussion in the 113 IETF's Policy WG; as and when that discussion reaches a conclusion, this 114 PIB will be updated in accordance with that conclusion. 116 3.2. Reporting of Device Capabilities 118 Each network device providing policy-based services has its own inherent 119 capabilities. These capabilities can be hardware specific, e.g., an 120 ethernet interface supporting input classification, or can be statically 121 configured, e.g., supported queuing disciplines. These capabilities are 122 communicated to the PDP when initial policy is requested by the PEP. 123 Knowing device capabilities, the PDP can send the policy rule instances 124 (PRIs) relevant to the specific device, rather than sending the entire 125 PIB. 127 4. DiffServ PIB Concepts 129 4.1. Filters, Filter Groups and Classifiers 131 The basis of differential QoS treatment of packets is a filter. This is 132 simply a general specification for matching a pattern to appear in 133 packets belonging to flows, e.g. microflows or bandwidth aggregates. 134 Associated with each filter is a permit/deny flag which effectively 135 gives a negation operation. 137 Sets of these filters are used to create classifiers. Classifiers are 138 applied to interfaces with a direction flag to indicate an ingress or 139 egress classifier. Filters are combined, in order, into filter groups; 140 filter groups are then combined, in order, to build a classifier. This 141 allows a rudimentary classification grammar to be defined. On input, 142 each packet is checked against the ingress classifier on the interface. 143 Similarly, on output each packet is checked against the egress 144 classifier on the interface. The result of the classifier then feeds 145 into appropriate meters and actions to be applied to packets. 147 For each classifier, the packet is checked against the set of filter 148 groups in the appropriate order. The detailed operation of the PIB 149 syntax is as follows. If a packet matches a filter in the first filter 150 group of a classifier and the sense is "permit" then the subsequent 151 meters and actions associated with that classifier are applied to that 152 packet and no further filters are compared. If the sense is "deny" then 153 the rest of the filters in the current filter group are skipped and 154 operation proceeds with the first filter of the next filter group. If 155 the packet does not match any of the filters in the filter group then 156 the next filter group is tried. This process is continued until a 157 definitive match is obtained. Each classifier must cover all possible 158 matches i.e., it must be complete. 160 4.2. Applying QoS Policy Using Targets 162 The task of applying QoS policy within a network requires the 163 specification of several components. The flows to which QoS policy 164 should be applied must be identified. The interfaces of the device on 165 which the policy should be enforced must be known. A certain set of 166 parameters to support flow metering is also required. The combination of 167 these components provides the target against which QoS policy is to be 168 applied. Within the context of the QoS PIB, the association between 169 these components is defined efficiently using the Target class. 171 The Target class serves to logically link several other QoS policy 172 classes. Flow classification rules, specifying behavior aggregate (BA) 173 or multi-field (MF) classification parameters, are indirectly identified 174 using the PRC for the appropriate classification class (e.g., IP, 802) 175 coupled with an identifier for a specific classifier. Interface 176 information is specified using the role combination tag, defined in the 177 Interface Type class, to identify the group of interfaces on which 178 classification is to be performed. The direction of packet flow on the 179 identified interfaces is provided as well. A link to the metering 180 component is provided using the PRC for the appropriate metering class 181 instance. 183 Once a target has been defined, actions based on the classification and 184 metering phases must be specified. Action class instances are linked 185 with the Target entry through the associated Meter class instance. A 186 precedence component is also provided so that a definitive order of 187 evaluation may be defined for Target class instances being applied to 188 the same interface role and flow direction targets. The Target class 189 thus functions as the integration point for the range of components used 190 for the application of QoS policy. 192 4.3. Queue Modeling with Queue Sets 194 The traffic processing capabilities of an interface are determined by 195 the queuing resources that are associated with the interface. These 196 capabilities are represented abstractly using queue sets. A queue set is 197 comprised of one or more individual queues and facilitates treating the 198 collection of queues as a single unit based on their combined behaviors. 199 A device may support a number of different queue sets. The number of 200 queue sets supported by a device is typically related to the number of 201 unique combinations of interface properties within that device. The 202 queue set abstraction is not limited to modeling physical interface 203 properties, however, and can be used to represent logical and dynamic 204 queuing behavior as well. 206 Each individual queue in a set is characterized by the interface 207 bandwidth it can consume, the queuing discipline it employs and it's 208 relationship with other queues in the set. Interface bandwidth 209 allocation per queue can be represented in either relative or absolute 210 terms. A queue's drain size (i.e., the maximum number of bytes that may 211 be drained from the queue in one cycle) can be used to determine the 212 relative bandwidth allocation. The sum of the drain sizes of all of the 213 related queues in a set is used to compute the percentage of interface 214 bandwidth allocated to a specific queue based on its drain size. The 215 maximum interface bandwidth that is available may also be described in 216 absolute terms. 218 The traffic processing paradigm employed by a given queue is represented 219 by queue discipline attributes. Several general purpose and well-known 220 queuing disciplines (e.g., priority, fifo, weighted fair queuing) are 221 supported and a mechanism to define additional paradigms in an 222 extensible fashion is provided. The relationship among queues within a 223 set is specified using a service order attribute. This attribute 224 provides an additional level of service precedence among queues. This is 225 required for describing the behavior of queues utilizing the same 226 processing discipline (e.g., a series of priority queues) and when the 227 various queues that comprise a queue set are serviced using a mix of 228 queuing disciplines (e.g., priority and weighted round robin queues). 229 These individual queue attributes, when combined, support the 230 representation of (potentially) complex queuing systems associated with 231 an interface type (i.e., role combination). 233 4.4. IP Mapping to and from Layer 2 235 The PIB specifies QoS policy by assigning DSCP values to specific 236 queues, but in order to provide a complete QoS picture, the PIB must 237 consider that not all devices on the network are diffserv capable, i.e., 238 capable of setting/inspecting a packet's DSCP value. Specifically, the 239 network might include layer 2 devices (switches) that can only support 240 IEEE 802.1p classes of service. In order to support network 241 configuration that consists of diffserv capable devices and devices that 242 can only support IEEE 802.1p, the PIB has included a mapping table that 243 can allow the DSCP values to be mapped to specific IEEE 802.1p tag 244 values. 246 DSCP ---------- DSCP -------- DSCP ---------- DSCP 247 ----->|diffserv|--------->|L2 |--------->|diffserv|------> 248 | router | 802.1p |switch| 802.1p | router | 802.1p 249 ---------- priority -------- priority ---------- priority 251 A second case exists where packets coming into the network are arriving 252 from a non-diffserv enabled device and no DSCP exists with in the 253 packet, but an 802.1p tag does exist. In the case where the diffserv 254 device has the ability to set a DSCP in the packet, the diffserv router 255 can map the layer 2 tag into a DSCP value. The PIB supports a mapping 256 table that can be used to map from the layer 2 tag to a DSCP value. 257 This mapping would be configured to apply to those ports where the 258 upstream device marks packets using a L2 802.1p tag as shown in the 259 figure below. 261 ---------- ------------ DSCP 262 -->| L2 |--------->| diffserv |-------> 263 -->| switch | 802.1p | router | 802.1p 264 ---------- priority ------------ priority 266 Alternatively, the diffserv router can have policies applied to it that 267 cause it to reclassify the incoming packet using a MF classifier, 268 ignoring the incoming 802.1p tag. 270 5. Summary of the PIB Modules 272 This section gives a brief summary of the top-level groups in the three 273 modules defined in this document. 275 Device Configuration Group 276 This group contains device configuration information. This 277 configuration is either set by management or reflects the physical 278 configuration of the device. 280 QoS Interface Group 281 This group is used to indicate to the PDP the types of interface 282 configured on the PEP. Note that this group indicates the types of 283 interfaces, not the configuration of each and every interface on 284 the device. 286 QoS Metering Group 287 This group contains configuration of meters. These meters can then 288 be used to by target classes to specify metering policy. 290 QoS Action Group 291 This group contains the policies that define the action to be taken 292 after the result of the classification and metering. This group 293 also contains the policies that associate the classifiers, meters 294 and actions. 296 IP Classification and Policing Group 297 This group contains the policies that define the IP classifier 298 elements. 300 802 Classification and Policing Group 301 This group contains the policies that define the IEEE 802 302 classifier elements. 304 6. PIB Operational Overview 306 This section provides an operation overview of how the three modules are 307 used in concert to provide policy to the PEP. 309 After initial PEP to PDP communication setup, using [COPS-PR] for 310 example, the PEP will provide to the PDP the PIB Policy Rule Classes 311 (PRCs), interface types, and interface type capabilities it supports. 313 The PRCs supported by the PEP are reported to the PDP in the PRC Support 314 Table, qosPrcSupportTable. Each instance of the qosPrcSupportTable 315 class indicates a PRC that the PEP understands and for which the PDP can 316 send class instances as part of the policy information. 318 The interface types the PEP supports are reported to the PDP in the 319 Interface Type Table, qosInterfaceTypeTable. Each instance of this 320 class describes the characteristics of an interface type. Each 321 interface type is identified by a role combination. Each interface 322 type's inherent capability is reported to the PDP using the Interface 323 Type Table. Examples of interface capabilities are classification, 324 policing, dropping, queuing, and shaping. An interface type is 325 associated with a queue set which indicates the number of queues that 326 interface supports and its queuing disciplines. 328 The PDP, with knowledge of the PEP's capabilities, will provide the PEP 329 with: 331 (1) Administration domain policy information in 332 qosIfDscpAssignmentTable 333 qos802DscpMappingTable 334 qos802CosToDscpTable 336 (2) Interface type and role specific IP policy information in 337 qosIpAceTable 338 qosIpAclDefinitionTable 339 qosActionTable 340 qosTargetTable 341 qosMeterTable 343 (3) Interface type and role specific IEEE 802 policy information in 344 qos802AceTable 345 qos802AclDefinitionTable 347 Instances of the qosTargetTable define how the Traffic Conditioning 348 Elements are combined into Traffic Conditioning Blocks, as described in 349 [MODEL]. Each instance of the qosTargetTable applies to an interface 350 type defined by its roles and direction (ingress or egress). This is 351 pictured in the following diagram where the InterfaceRoles X, and Y 352 would be used by the network device to associate the traffic 353 conditioning block with the interfaces needing each of thess policies. 355 +----------------------------+ +----------------------------+ 356 | qosIpAclDefinitionEntries | | qosTargetEntry | 357 | with AclType = IP | | with AclType = IP | 358 | AclId = 1 | <------------ AclId = 1 | 359 | referencing its list of | | InterfaceRoles = X | 360 | qosIpAceEntries | | Order = 5 | 361 +----------------------------+ | Meter -----+ | 362 +-------------------|--------+ 363 | 364 v 365 +----------------+ 366 | qosMeterEntry | 367 +----------------+ 368 | 369 v 370 +----------------+ 371 | qosActionEntry | 372 +----------------+ 374 +----------------------------+ +----------------------------+ 375 | qos802AclDefinitionEntries | | qosTargetEntry | 376 | with AclType = 802 | | with AclType = 802 | 377 | AclId = 10 | <------------ AclId = 10 | 378 | referencing its list of | | InterfaceRoles = Y | 379 | qos802AceEntries | | Order = 15 | 380 +----------------------------+ | Meter -----+ | 381 +-------------------|--------+ 382 | 383 v 385 +----------------+ 386 | qosMeterEntry | 387 +----------------+ 388 | 389 v 390 +----------------+ 391 | qosActionEntry | 392 +----------------+ 394 Figure 7.1 Diffserv PIB Table Relationships 396 Notice in the above diagram, IEEE 802 type classifiers are intermixed 397 with the IP type classifiers, sharing the same pool of Traffic 398 Conditioning Elements. The qosTargetTable allows use of heterogeneous 399 classifiers with same instance of qosMeterTable. Using IP and IEEE 802 400 classifiers together is just one example. Other types of classifiers 401 may be used heterogeneously. 403 After receiving the PIB, the PEP will associate the Classifier, Meter 404 and Action with the corresponding interfaces supporting the specific 405 interface type and roles. 407 7. PIB Definitions 409 NOTE 410 In these PIB definitions, we use the term "access control entry" (ACE) 411 synonymous with filter, "access control list" (ACL) synonymous with 412 filter group, and sets of ACLs synonymous with classifier. 414 7.1. The Policy Framework PIB Module 416 POLICY-FRAMEWORK-PIB PIB-DEFINITIONS ::= BEGIN 418 IMPORTS 419 Unsigned32, MODULE-IDENTITY, OBJECT-TYPE 420 FROM SNMPv2-SMI 421 TEXTUAL-CONVENTION 422 FROM SNMPv2-TC 423 SnmpAdminString 424 FROM SNMP-FRAMEWORK-MIB; 426 policyFrameworkPib MODULE-IDENTITY 427 LAST-UPDATED "9906241800Z" 428 ORGANIZATION "IETF RAP WG" 429 CONTACT-INFO " 430 Michael Fine 431 Cisco Systems, Inc. 432 170 West Tasman Drive 433 San Jose, CA 95134-1706 USA 434 Phone: +1 408 527 8218 435 Email: mfine@cisco.com 437 Keith McCloghrie 438 Cisco Systems, Inc. 439 170 West Tasman Drive, 440 San Jose, CA 95134-1706 USA 441 Phone: +1 408 526 5260 442 Email: kzm@cisco.com 444 John Seligson 445 Nortel Networks, Inc. 446 4401 Great America Parkway 447 Santa Clara, CA 95054 USA 448 Phone: +1 408 495 2992 449 Email: jseligso@nortelnetworks.com" 451 DESCRIPTION 452 "A PIB module containing the base set of policy 453 rule classes that are required for support of 454 all policies." 456 ::= { tbd } 458 policyBasePibClasses 459 OBJECT IDENTIFIER ::= { policyFrameworkPib 1 } 461 -- 462 -- Textual Conventions 463 -- 465 -- 466 -- Interface Role 467 -- 469 Role ::= TEXTUAL-CONVENTION 470 STATUS current 471 DESCRIPTION 472 "A display string but where the characters '+', ' ' (space), 473 NULL, LF, CR, BELL, BS, HT (tab) VT and FF are illegal." 475 SYNTAX SnmpAdminString (SIZE (0..31)) 477 -- 478 -- Interface Role Combination 479 -- 481 RoleCombination ::= TEXTUAL-CONVENTION 482 STATUS current 483 DESCRIPTION 484 "A Display string consisting of a set of roles concatenated 485 with a '+' character where the roles are in lexicographic 486 order from minimum to maximum." 488 SYNTAX SnmpAdminString (SIZE (0..255)) 490 -- 491 -- Policy Instance Index 492 -- 494 PolicyInstanceId ::= TEXTUAL-CONVENTION 495 STATUS current 496 DESCRIPTION 497 "A textual convention for an attribute that is an integer 498 index of a class. It is used for attributes that exist 499 for the purpose of providing a policy rule instance with 500 a unique instance identifier. 502 For any instance identifier that refers to another policy 503 rule instance, that other policy instance must exist. 504 Furthermore, it is an error to try to delete a policy rule 505 instance that is referred to by another instance without 506 first deleting the referencing instance. 508 Class instances of this type need not be contiguous." 510 SYNTAX Unsigned32 512 -- 513 -- Device Configuration Group 514 -- 516 -- This group contains device configuration information. This 517 -- configuration is either set by management or reflects the physical 518 -- configuration of the device. This configuration is generally 519 -- reported to the PDP (i.e., the policy server) when configuration 520 -- is performed by the policy server so that the PDP can determine 521 -- what policies to download to the PEP (i.e., the device). Class 522 -- instances may also be downloaded by a network manager prior to 523 -- static configuration. 524 -- 526 policyDeviceConfig OBJECT IDENTIFIER ::= { policyBasePibClasses 1 } 528 -- 529 -- PRC Support Table 530 -- 532 policyPrcSupportTable OBJECT-TYPE 533 SYNTAX SEQUENCE OF PolicyPrcSupportEntry 534 POLICY-ACCESS notify 535 STATUS current 536 DESCRIPTION 537 "Each instance of this class specifies a PRC that the device 538 supports and a bit string to indicate the attributes of the 539 class that are supported. These PRIs are sent to the PDP to 540 indicate to the PDP which PRCs, and which attributes of these 541 PRCs, the device supports. This table can also be downloaded 542 by a network manager when static configuration is used. 544 All install and install-notify PRCs supported by the device 545 must be represented in this table." 547 ::= { policyDeviceConfig 1 } 549 policyPrcSupportEntry OBJECT-TYPE 550 SYNTAX PolicyPrcSupportEntry 551 STATUS current 552 DESCRIPTION 553 "An instance of the policyPrcSupport class that identifies a 554 specific policy class and associated attributes as supported 555 by the device." 557 INDEX { policyPrcSupportId } 558 ::= { policyPrcSupportTable 1 } 560 PolicyPrcSupportEntry ::= SEQUENCE { 561 policyPrcSupportId PolicyInstanceId, 562 policyPrcSupportSupportedPrc OBJECT IDENTIFIER, 563 policyPrcSupportSupportedAttrs OCTET STRING 564 } 566 policyPrcSupportId OBJECT-TYPE 567 SYNTAX PolicyInstanceId 568 STATUS current 569 DESCRIPTION 570 "An arbitrary integer index that uniquely identifies an 571 instance of the policyPrcSupport class." 573 ::= { policyPrcSupportEntry 1 } 575 policyPrcSupportSupportedPrc OBJECT-TYPE 576 SYNTAX OBJECT IDENTIFIER 577 STATUS current 578 DESCRIPTION 579 "The object identifier of a supported PRC. There may not 580 be more than one instance of the policyPrcSupport class with 581 the same value of policyPrcSupportSupportedPrc." 583 ::= { policyPrcSupportEntry 2 } 585 policyPrcSupportSupportedAttrs OBJECT-TYPE 586 SYNTAX OCTET STRING 587 STATUS current 588 DESCRIPTION 589 "A bit string representing the supported attributes of the 590 class that is identified by the policyPrcSupportSupportedPrc 591 object. 593 Each bit of this bit mask corresponds to a class attribute, 594 with the most significant bit of the i-th octet of this octet 595 string corresponding to the (8*i - 7)-th attribute, and the 596 least significant bit of the i-th octet corresponding to the 597 (8*i)-th class attribute. Each bit of this bit mask specifies 598 whether or not the corresponding class attribute is currently 599 supported, with a '1' indicating support and a '0' indicating 600 no support. If the value of this bit mask is N bits long and 601 there are more than N class attributes then the bit mask is 602 logically extended with 0's to the required length." 604 ::= { policyPrcSupportEntry 3 } 606 -- 607 -- PIB Incarnation Table 608 -- 610 policyDevicePibIncarnationTable OBJECT-TYPE 611 SYNTAX SEQUENCE OF PolicyDevicePibIncarnationEntry 612 POLICY-ACCESS install-notify 613 STATUS current 614 DESCRIPTION 615 "This class contains a single policy rule instance that 616 identifies the current incarnation of the PIB and the PDP 617 or network manager that installed this incarnation. The 618 instance of this class is reported to the PDP at client 619 connect time so that the PDP can (attempt to) ascertain the 620 current state of the PIB. A network manager may use the 621 instance to determine the state of the device with regard 622 to existing NMS interactions." 624 ::= { policyDeviceConfig 2 } 626 policyDevicePibIncarnationEntry OBJECT-TYPE 627 SYNTAX PolicyDevicePibIncarnationEntry 628 STATUS current 629 DESCRIPTION 630 "An instance of the policyDevicePibIncarnation class. Only 631 one instance of this policy class is ever instantiated." 633 INDEX { policyDevicePibIncarnationId } 634 ::= { policyDevicePibIncarnationTable 1 } 636 PolicyDevicePibIncarnationEntry ::= SEQUENCE { 637 policyDevicePibIncarnationId PolicyInstanceId, 638 policyDevicePibIncarnationName SnmpAdminString, 639 policyDevicePibIncarnationId OCTET STRING, 640 policyDevicePibIncarnationTtl Unsigned32 641 } 643 policyDevicePibIncarnationId OBJECT-TYPE 644 SYNTAX PolicyInstanceId 645 STATUS current 646 DESCRIPTION 647 "An index to uniquely identify an instance of this 648 policy class." 650 ::= { policyDevicePibIncarnationEntry 1 } 652 policyDevicePibIncarnationName OBJECT-TYPE 653 SYNTAX SnmpAdminString 654 STATUS current 655 DESCRIPTION 656 "The name of the entity that installed the current 657 incarnation of the PIB into the device. The name may 658 reference a PDP when dynamic configuration is being 659 used or a network manager when static configuration 660 is being used. By default, it is the zero length 661 string." 663 ::= { policyDevicePibIncarnationEntry 2 } 665 policyDevicePibIncarnationId OBJECT-TYPE 666 SYNTAX OCTET STRING 667 STATUS current 668 DESCRIPTION 669 "An ID to identify the current incarnation. It has meaning 670 to the PDP/manager that installed the PIB and perhaps its 671 standby PDPs/managers. By default, it is the zero-length 672 string." 674 ::= { policyDevicePibIncarnationEntry 3 } 676 policyDevicePibIncarnationTtl OBJECT-TYPE 677 SYNTAX Unsigned32 678 STATUS current 679 DESCRIPTION 680 "The number of seconds after a client close or TCP timeout 681 for which the PEP continues to enforce the policy in the PIB. 682 After this interval, the PIB is considered expired and the 683 device no longer enforces the policy installed in the PIB. 684 Policy enforcement timing only applies to policies that have 685 been installed dynamically (e.g., by a PDP via COPS)." 687 ::= { policyDevicePibIncarnationEntry 4 } 689 END 690 7.2. The QoS IP PIB 692 QOS-POLICY-IP-PIB PIB-DEFINITIONS ::= BEGIN 694 IMPORTS 695 Unsigned32, IpAddress, Integer32, 696 MODULE-IDENTITY, OBJECT-TYPE 697 FROM SNMPv2-SMI 698 TruthValue, TEXTUAL-CONVENTION 699 FROM SNMPv2-TC 700 RoleCombination, PolicyInstanceId 701 FROM POLICY-FRAMEWORK-PIB; 703 qosPolicyIpPib MODULE-IDENTITY 704 LAST-UPDATED "9906241800Z" 705 ORGANIZATION "IETF RAP WG" 706 CONTACT-INFO " 707 Michael Fine 708 Cisco Systems, Inc. 709 170 West Tasman Drive 710 San Jose, CA 95134-1706 USA 711 Phone: +1 408 527 8218 712 Email: mfine@cisco.com 714 Keith McCloghrie 715 Cisco Systems, Inc. 716 170 West Tasman Drive, 717 San Jose, CA 95134-1706 USA 718 Phone: +1 408 526 5260 719 Email: kzm@cisco.com 721 John Seligson 722 Nortel Networks, Inc. 723 4401 Great America Parkway 724 Santa Clara, CA 95054 USA 725 Phone: +1 408 495 2992 726 Email: jseligso@nortelnetworks.com" 727 DESCRIPTION 728 "The PIB module containing an initial set of policy 729 rule classes that describe the quality of service 730 (QoS) policies. It includes general classes that may 731 be extended by other PIB specifications as well as 732 an initial set of PIB classes related to IP processing." 734 ::= { tbd } 736 qosPolicyGenPibClasses OBJECT IDENTIFIER ::= { qosPolicyIpPib 1 } 737 qosPolicyIpPibClasses OBJECT IDENTIFIER ::= { qosPolicyIpPib 2 } 739 -- 740 -- Textual Conventions 741 -- 743 -- 744 -- Diffserv Codepoint 745 -- 747 Dscp ::= TEXTUAL-CONVENTION 748 STATUS current 749 DESCRIPTION 750 "An integer that is in the range of the diffserv codepoint 751 values." 753 SYNTAX INTEGER (0..63) 755 -- 756 -- Interface types 757 -- 759 QosInterfaceQueueCount ::= TEXTUAL-CONVENTION 760 STATUS current 761 DESCRIPTION 762 "An integer that describes the number of queues an interface 763 supports. It is limited to the number of DSCP values." 765 SYNTAX INTEGER (1..64) 767 -- 768 -- QoS Interface Group 769 -- 770 -- 771 -- This group specifies the configuration of the various interface 772 -- types including the setting of queueing parameters and the 773 -- mapping of DSCPs and 802.1 CoS to queues. 774 -- 776 qosIfParameters OBJECT IDENTIFIER ::= { qosPolicyGenPibClasses 1 } 778 -- 779 -- Interface Type Table 780 -- 782 qosInterfaceTypeTable OBJECT-TYPE 783 SYNTAX SEQUENCE OF QosInterfaceTypeEntry 784 POLICY-ACCESS notify 785 STATUS current 786 DESCRIPTION 787 "Interface type definitions. This class describes the types 788 of interfaces that exist on the device. An interface type 789 is denoted by its designated role identifier as well as 790 by the queue set and queue capabilities it supports." 792 ::= { qosIfParameters 1 } 794 qosInterfaceTypeEntry OBJECT-TYPE 795 SYNTAX QosInterfaceTypeEntry 796 STATUS current 797 DESCRIPTION 798 "An instance of this class describes the characteristics 799 of a type of an interface. Interface type characteristics 800 include a role combination identifier, a queue set 801 identifier and a queue capabilities attribute. An 802 instance is required for each different unique role 803 combination identifier which represents the different 804 interface types that are operational in the device at 805 any given time. The PEP does not report which specific 806 interfaces have which characteristics." 808 INDEX { qosInterfaceTypeId } 809 ::= { qosInterfaceTypeTable 1 } 811 QosInterfaceTypeEntry ::= SEQUENCE { 812 qosInterfaceTypeId PolicyInstanceId, 813 qosInterfaceTypeRoles RoleCombination, 814 qosInterfaceTypeQueueSet PolicyInstanceId, 815 qosInterfaceTypeCapabilities BITS 816 } 818 qosInterfaceTypeId OBJECT-TYPE 819 SYNTAX PolicyInstanceId 820 STATUS current 821 DESCRIPTION 822 "An arbitrary integer index that uniquely identifies a 823 instance of the qosInterfaceType class. Class instances 824 may not be contiguous." 826 ::= { qosInterfaceTypeEntry 1 } 828 qosInterfaceTypeRoles OBJECT-TYPE 829 SYNTAX RoleCombination 830 STATUS current 831 DESCRIPTION 832 "The role combination that is used to identify interfaces 833 with the characteristics specified by the attributes 834 of this class instance. Interface role combination 835 identifiers are used within a number of classes to 836 logically identify a physical set of interfaces to which 837 policy rules and actions are applied. Role combination 838 identifiers must exist in this table prior to being 839 referenced in other class instances." 841 ::= { qosInterfaceTypeEntry 2 } 843 qosInterfaceTypeQueueSet OBJECT-TYPE 844 SYNTAX PolicyInstanceId 845 STATUS current 846 DESCRIPTION 847 "The index of the queue set that is associated with 848 interfaces that are identified with the role combination 849 identifier that is associated with this class instance." 851 ::= { qosInterfaceTypeEntry 3 } 853 qosInterfaceTypeCapabilities OBJECT-TYPE 854 SYNTAX BITS { 855 other(0), 857 -- Classification support 858 inputIpClassification(1), 859 outputIpClassification(2), 860 input802Classification(3), 861 output802Classification(4), 863 -- Queuing discipline support 864 singleQueuingDiscipline(5), 865 hybridQueuingDiscipline(6) 866 } 867 STATUS current 868 DESCRIPTION 869 "An enumeration of interface capabilities. Used by the 870 PDP or network manager to select which policies and 871 configuration it should push to the PEP." 873 ::= { qosInterfaceTypeEntry 4 } 875 -- 876 -- Interface Queue Table 877 -- 878 -- The Interface Queue Table enumerates the individual queues that 879 -- comprise a given queue set. Information specific to each queue 880 -- is exported by this table. 881 -- 883 qosIfQueueTable OBJECT-TYPE 884 SYNTAX SEQUENCE OF QosIfQueueEntry 885 POLICY-ACCESS notify 886 STATUS current 887 DESCRIPTION 888 "Contains information about the individual queues that 889 comprise a queue set implemented on the device." 891 ::= { qosIfParameters 2 } 893 qosIfQueueEntry OBJECT-TYPE 894 SYNTAX QosIfQueueEntry 895 STATUS current 896 DESCRIPTION 897 "A conceptual row in the qosIfQueueTable. 899 Each row identifies a specific queue within a given queue 900 set and contains detailed information about the queue. Queues 901 are associated with a given set through this table and 902 a queue set is associated with an interface set through 903 the qosInterfaceTypeTable." 905 INDEX { qosIfQueueId } 906 ::= { qosIfQueueTable 1 } 908 QosIfQueueEntry ::= SEQUENCE { 909 qosIfQueueId PolicyInstanceId 910 qosIfQueueSetId INTEGER, 911 qosIfQueueIndex QosInterfaceQueueCount, 912 qosIfQueueGenDiscipline INTEGER, 913 qosIfQueueExtDiscipline OBJECT IDENTIFIER, 914 qosIfQueueDrainSize Unsigned32, 915 qosIfQueueAbsBandwidth Unsigned32, 916 qosIfQueueBandwidthAllocation INTEGER, 917 qosIfQueueServiceOrder QosInterfaceQueueCount, 918 qosIfQueueSize Unsigned32 919 } 921 qosIfQueueId OBJECT-TYPE 922 SYNTAX PolicyInstanceId 923 STATUS current 924 DESCRIPTION 925 "The index that uniquely identifies this row in the table, 926 i.e., this PRI." 928 ::= { qosIfQueueEntry 1 } 930 qosIfQueueSetId OBJECT-TYPE 931 SYNTAX INTEGER 932 STATUS current 933 DESCRIPTION 934 "An index that uniquely identifies a specific queue set. The 935 queue set that is identified with this value is associated 936 with an interface set through the qosInterfaceTypeQueueSet 937 object in the qosInterfaceTypeTable. The individual queues 938 that are members of this set all have the same value for 939 this attribute (i.e., they have the same set ID)." 941 ::= { qosIfQueueEntry 2 } 943 qosIfQueueIndex OBJECT-TYPE 944 SYNTAX QosInterfaceQueueCount 945 STATUS current 946 DESCRIPTION 947 "An arbitrary index that uniquely identifies a specific 948 queue within a set of queues that is identified by the 949 qosIfQueueSetId value." 951 ::= { qosIfQueueEntry 3 } 953 qosIfQueueGenDiscipline OBJECT-TYPE 954 SYNTAX INTEGER { 955 other(1), -- Use qosIfQueueExtDiscipline 956 fifo(2), -- First In First Out queuing 957 pq(3), -- Priority Queuing 958 fq(4), -- Fair Queuing 959 wfq(5) -- Weighted Fair Queuing 960 } 962 STATUS current 963 DESCRIPTION 964 "This object identifies the queuing discipline that is 965 associated with the specified queue. Several general 966 purpose and well-known queuing disciplines are supported 967 by this attribute. Queuing disciplines that differ from 968 those that are supported by this object are specified 969 by setting this attribute to other(1) and providing 970 the object identifier that represents the different 971 queuing paradigm in the qosIfQueueExtDiscipline object. 973 A value of fifo(2) indicates that the queue is serviced 974 on a first-in-first-out (FIFO) basis. This discipline is 975 generally employed when only a single queue is available 976 for a given interface. 978 A value of pq(3) indicates that the queue is serviced 979 using a priority queuing discipline. This technique is 980 used when several queues are available for a given 981 interface. Each queue is assigned a priority and queues 982 are serviced in order of priority. Higher priority queues 983 are completely drained before lower priority queues are 984 serviced. 986 A value of fq(4) indicates that the queue is serviced 987 using a fair queuing discipline. This technique is used 988 when several queues are available for a given interface. 989 Each queue is treated equally and is serviced in a 990 round-robin fashion. 992 A value of wfq(5) indicates that the queue is serviced 993 using a weighted fair queuing discipline. This technique is 994 used when several queues are available for a given interface. 995 Each queue is serviced based on queue weights which determine 996 the scheduling and frequency of queue servicing. Queues that 997 are assigned a greater weight are implicitly provided with 998 more bandwidth. 1000 Note that the processing disciplines for all of the queues 1001 in a given set must be considered when trying to establish 1002 a processing profile for a given interface." 1004 ::= { qosIfQueueEntry 4 } 1006 qosIfQueueExtDiscipline OBJECT-TYPE 1007 SYNTAX OBJECT IDENTIFIER 1008 STATUS current 1009 DESCRIPTION 1010 "This object identifies the queuing discipline that is 1011 associated with the specified queue. This attribute 1012 provides a means through which additional queuing mechanisms 1013 can be identified should the general queuing disciplines 1014 be inadequate for a given device. As such. this attribute is 1015 consulted only when the value of the qosIfQueueGenDiscipline 1016 object is other(1). It contains an object identifier that 1017 uniquely identifies a queuing paradigm. 1019 Note that the processing disciplines for all of the queues 1020 in a given set must be considered when trying to establish 1021 a processing profile for a given interface." 1023 ::= { qosIfQueueEntry 5 } 1025 qosIfQueueDrainSize OBJECT-TYPE 1026 SYNTAX Unsigned32 1027 STATUS current 1028 DESCRIPTION 1029 "The maximum number of bytes that may be drained from the 1030 queue in one cycle. The percentage of the interface 1031 bandwidth allocated to this queue can be calculated from 1032 this attribute and the sum of the drain sizes of all the 1033 queues in a specific queue cluster in a queue set. 1035 This attribute represents the relative bandwidth that is 1036 available to a given queue with respect to other queues with 1037 which it is associated. The absolute bandwidth that is 1038 available to a given queue is specified by the attribute 1039 qosIfQueueAbsBandwidth. Which of these two applies is 1040 specified by the attribute qosIfQueueBandwidthAllocation." 1042 ::= { qosIfQueueEntry 6 } 1044 qosIfQueueAbsBandwidth OBJECT-TYPE 1045 SYNTAX Unsigned32 1046 STATUS current 1047 DESCRIPTION 1048 "The maximum interface bandwidth that is available for 1049 consumption when servicing this queue. This bandwidth is 1050 specified in terms of kilobits per second. 1052 This attribute represents the absolute bandwidth that is 1053 available to a given queue. The relative bandwidth that is 1054 available to a given queue, with respect to other queues with 1055 which it is associated, is specified by the attribute 1056 qosIfQueueDrainSize. Which of these two applies is specified 1057 by the attribute qosIfQueueBandwidthAllocation." 1059 ::= { qosIfQueueEntry 7 } 1061 qosIfQueueBandwidthAllocation OBJECT-TYPE 1062 SYNTAX INTEGER { 1063 absolute(1), --use qosIfQueueAbsBandwidth 1064 relative(2) --use qosIfQueueDrainSize 1065 } 1066 STATUS current 1067 DESCRIPTION 1068 "This attribute specifies whether to configure the queue for 1069 an absolute bandwidth limit or one that is relative to other 1070 queues of the interface. i.e., whether to configure the queue 1071 using qosIfQueueAbsBandwidth or qosIfQueueDrainSize." 1073 ::= { qosIfQueueEntry 8 } 1075 qosIfQueueServiceOrder OBJECT-TYPE 1076 SYNTAX QosInterfaceQueueCount 1077 STATUS current 1078 DESCRIPTION 1079 "This object is used to provide an additional level of 1080 priority that is required for certain queuing disciplines 1081 and when the different queues that comprise a queue set 1082 are serviced using a mix of queuing disciplines. This 1083 object can be used to specify, for example, the order in 1084 which queues will be serviced when priority queuing is 1085 used. It also supports the ability to describe the 1086 servicing hierarchy when a hybrid queuing scheme, such 1087 as priority queuing coupled with weighted fair queuing, 1088 is used. 1090 Queue service priority is assigned such that a lower 1091 service order value indicates a higher priority. For 1092 example, a priority queue with a value of 1 will be 1093 serviced (i.e., drained) before another priority queue 1094 with a service order value of 2. 1096 Note that multiple queues that are logically associated, 1097 based on the queuing discipline that is being employed, 1098 will be assigned the same service order value. Under 1099 this scenario, other parameters that are related to the 1100 queuing discipline determine the order of queue servicing 1101 (e.g., queue drain size is used for 'wfq'). 1103 For example, an interface that is associated with a queue 1104 set supporting two priority queues and three queues that 1105 are serviced using WFQ would be modeled as follows: 1107 Q Index Q Discipline Q Drain Size Q Service Order 1108 22 pq(1) - 1 1109 23 pq(1) - 2 1110 24 wfq(3) 500 3 1111 25 wfq(3) 350 3 1112 26 wfq(3) 150 3 1114 The queue set presented in this example would service 1115 all queued traffic in queue 22 first, followed by all of 1116 the queued traffic in queue 23. Next the queued traffic 1117 in queues 24 through 26 would be serviced in a round 1118 robin fashion with queue 24 receiving 50% of the available 1119 bandwidth, queue 25 receiving 35% of the available 1120 bandwidth and queue 26 receiving 15% of the available 1121 bandwidth. This example is presented for expository 1122 purposes and has been simplified accordingly. 1124 Note that, in this example, queues 24, 25 and 26 form a 1125 queue cluster. Members of a queue cluster are all assigned 1126 the same qosIfQueueServiceOrder as there are tightly 1127 coupled. The qosIfQueueDrainSize attribute is used to 1128 determine the additional processing characteristics of 1129 the individual queues in a cluster." 1131 ::= { qosIfQueueEntry 9 } 1133 qosIfQueueSize OBJECT-TYPE 1134 SYNTAX Unsigned32 1135 STATUS current 1136 DESCRIPTION 1137 "The size of the queue in bytes. Some devices set queue size 1138 in terms of packets. These devices must calculate the queue 1139 size in packets by assuming an average packet size suitable 1140 for the particular interface. 1142 Some devices have a fixed size buffer to be shared among all 1143 queues. These devices must allocate a fraction of the 1144 total buffer space to this queue calculated as the the ratio 1145 of the queue size to the sum of the queue sizes for the 1146 interface." 1148 ::= { qosIfQueueEntry 10 } 1150 -- 1151 -- DSCP Assignment Table 1152 -- 1153 -- Supports the assignment of DSCPs to queues for each 1154 -- interface type. 1155 -- 1157 qosIfDscpAssignmentTable OBJECT-TYPE 1158 SYNTAX SEQUENCE OF QosIfDscpAssignmentEntry 1159 POLICY-ACCESS install 1160 STATUS current 1161 DESCRIPTION 1162 "Supports the assignment of DSCP values to a queue for 1163 each interface with a specific queue count. There will be 1164 64 instances of this class for each supported combination 1165 of queue count and role combination." 1167 ::= { qosIfParameters 3 } 1169 qosIfDscpAssignmentEntry OBJECT-TYPE 1170 SYNTAX QosIfDscpAssignmentEntry 1171 STATUS current 1172 DESCRIPTION 1173 "An instance of the qosIfDscpAssignment class." 1175 INDEX { qosIfDscpAssignmentId } 1176 ::= { qosIfDscpAssignmentTable 1 } 1178 QosIfDscpAssignmentEntry ::= SEQUENCE { 1179 qosIfDscpAssignmentId PolicyInstanceId, 1180 qosIfDscpAssignmentRoles RoleCombination, 1181 qosIfDscpAssignmentDscp Dscp, 1182 qosIfDscpAssignmentQueue QosInterfaceQueueCount 1183 } 1185 qosIfDscpAssignmentId OBJECT-TYPE 1186 SYNTAX PolicyInstanceId 1187 STATUS current 1188 DESCRIPTION 1189 "An index that is used to uniquely identify the 1190 instance of the qosIfDscpAssignment class." 1192 ::= { qosIfDscpAssignmentEntry 1 } 1194 qosIfDscpAssignmentRoles OBJECT-TYPE 1195 SYNTAX RoleCombination 1196 STATUS current 1197 DESCRIPTION 1198 "The role combination with which an interface must be 1199 configured to support the DSCP-to-queue assignment 1200 described by this instance. The specified role 1201 combination must be defined in the qosInterfaceType 1202 table prior to being referenced by this entry. 1203 Otherwise a 'priAssociationUnknown(3)' error code 1204 will be returned." 1206 ::= { qosIfDscpAssignmentEntry 2 } 1208 qosIfDscpAssignmentDscp OBJECT-TYPE 1209 SYNTAX Dscp 1210 STATUS current 1211 DESCRIPTION 1212 "The DSCP to which this class instance applies." 1214 ::= { qosIfDscpAssignmentEntry 3 } 1216 qosIfDscpAssignmentQueue OBJECT-TYPE 1217 SYNTAX QosInterfaceQueueCount 1218 STATUS current 1219 DESCRIPTION 1220 "The specific queue, within the queue set that is 1221 associated with the interface set identified by the 1222 qosIfDscpAssignmentRoles tag, on which traffic with 1223 the specified DSCP, dictated by the 1224 qosIfDscpAssignmentDscp value, is placed. Failure to 1225 specify an appropriate queue results in a 1226 'priAssociationConflict(4)' error indication being 1227 returned." 1229 ::= { qosIfDscpAssignmentEntry 4 } 1231 -- 1232 -- QoS Meter Table 1233 -- 1234 -- The QoS Meter Table contains metering specifications that 1235 -- can be used to provide an acceptable flow bandwidth 1236 -- dimension to the Target table. 1237 -- 1239 qosMeter OBJECT IDENTIFIER ::= { qosPolicyGenPibClasses 2 } 1241 qosMeterTable OBJECT-TYPE 1242 SYNTAX SEQUENCE OF QosMeterEntry 1243 POLICY-ACCESS install 1244 STATUS current 1245 DESCRIPTION 1246 "Contains the current set of configured meters. The 1247 meters are associated with a classifier during 1248 operation through the QoS Target Table." 1250 ::= { qosMeter 1 } 1252 qosMeterEntry OBJECT-TYPE 1253 SYNTAX QosMeterEntry 1254 STATUS current 1255 DESCRIPTION 1256 "General metering definitions. Each entry specifies 1257 an instance of the qosMeter class which specifies 1258 metering information in terms of traffic stream 1259 bandwidth parameters. An entry can thus be used to 1260 support traffic metering based on the specified 1261 service level specification." 1263 INDEX { qosMeterId } 1264 ::= { qosMeterTable 1 } 1266 QosMeterEntry ::= SEQUENCE { 1267 qosMeterId PolicyInstanceId, 1268 qosMeterDataSpecification INTEGER, 1269 qosMeterCommittedRate Unsigned32, 1270 qosMeterCommittedBurst Unsigned32, 1271 qosMeterPeakRate Unsigned32, 1272 qosMeterPeakBurst Unsigned32, 1273 qosMeterHighConfAction PolicyInstanceId, 1274 qosMeterMedConfAction PolicyInstanceId, 1275 qosMeterLowConfAction PolicyInstanceId 1276 } 1278 qosMeterId OBJECT-TYPE 1279 SYNTAX PolicyInstanceId 1280 STATUS current 1281 DESCRIPTION 1282 "An arbitrary integer index that uniquely identifies 1283 the instance of the qosMeter class. Meters are 1284 associated with specific flows using this attribute 1285 through the qosTargetMeter attribute in the QoS 1286 Target class." 1288 ::= { qosMeterEntry 1 } 1290 qosMeterDataSpecification OBJECT-TYPE 1291 SYNTAX INTEGER { 1292 noMeterData(1), -- no metering reqd 1293 committedData(2), -- committed rate only 1294 peakData(3) -- committed and peak 1295 } 1296 STATUS current 1297 DESCRIPTION 1298 "Specifies the metering data, and thus the actions, that 1299 are defined in a given entry. 1301 A value of noMeterData(1) indicates that no flow metering 1302 is necessary. All flows associated with this meter entry 1303 are considered to be at a high level of conformance. 1305 A value of committedData(2) indicates that committed rate 1306 and committed burst information has been specified and will 1307 be applied to associated flows. No peak rate and burst 1308 information has been specified meaning that two levels 1309 of conformance (high, medium) are supported. 1311 A value of peakData(3) indicates that peak rate and peak 1312 burst information has been provided in addition to the 1313 committed rate and committed burst information. All provided 1314 information will be applied to associated flows meaning that 1315 three levels of conformance (high, medium, low) are 1316 supported." 1318 ::= { qosMeterEntry 2 } 1320 qosMeterCommittedRate OBJECT-TYPE 1321 SYNTAX Unsigned32 (0..'ffffffff'h) 1322 STATUS current 1323 DESCRIPTION 1324 "This object represents the committed information rate 1325 (CIR) against which associated traffic streams will be 1326 metered. The CIR specifies the rate at which incoming 1327 traffic can arrive to be considered to be at a high 1328 level of conformance. Typically, this value specifies 1329 the rate at which tokens are added to a token bucket 1330 used to meter received flows. 1332 This object specifies a rate in bytes per second units 1333 such that, for example, a value of 100 equates to a 1334 committed information rate of 100 bytes per second. 1336 Committed rate (and burst) information must be present 1337 if the qosMeterDataSpecification object has the value 1338 committedData(2) or peakRate(3). This, in turn, requires 1339 that at least both high and medium conformance actions 1340 be specified." 1342 ::= { qosMeterEntry 3 } 1344 qosMeterCommittedBurst OBJECT-TYPE 1345 SYNTAX Unsigned32 (0..'ffffffff'h) 1346 STATUS current 1347 DESCRIPTION 1348 "This object represents the committed burst size 1349 (CBS) against which associated traffic streams will 1350 be metered. The CBS specifies the maximum burst size 1351 that is supported for flows to be considered to be at 1352 a high level of conformance. Typically, this value 1353 represents the maximum number of tokens in a token 1354 bucket. 1356 This object specifies flow data in bytes per second 1357 units such that, for example, a value of 100 equates 1358 to a committed information rate of 100 bytes per 1359 second. 1361 Committed burst (and rate) information must be present 1362 if the qosMeterDataSpecification object has the value 1363 committedData(2) or peakRate(3). This, in turn, requires 1364 that at least both high and medium conformance actions 1365 be specified." 1367 ::= { qosMeterEntry 4 } 1369 qosMeterPeakRate OBJECT-TYPE 1370 SYNTAX Unsigned32 (0..'ffffffff'h) 1371 STATUS current 1372 DESCRIPTION 1373 "This object represents the peak information rate (PIR) 1374 against which associated traffic streams will be 1375 metered. The PIR specifies the rate at which incoming 1376 traffic can arrive to be considered to be at a medium 1377 level of conformance. Typically, this value specifies 1378 the rate at which tokens are added to a token bucket 1379 used to meter received flows. 1381 This object specifies a rate in bytes per second units 1382 such that, for example, a value of 100 equates to a 1383 committed information rate of 100 bytes per second. 1385 Peak rate (and burst) information must be present 1386 if the qosMeterDataSpecification object has the value 1387 peakData(3). This, in turn, requires that high, medium 1388 and low conformance actions be specified." 1390 ::= { qosMeterEntry 5 } 1392 qosMeterPeakBurst OBJECT-TYPE 1393 SYNTAX Unsigned32 (0..'ffffffff'h) 1394 STATUS current 1395 DESCRIPTION 1396 "This object represents the peak burst size (PBS) 1397 against which associated traffic streams will 1398 be metered. The CBS specifies the maximum burst size 1399 that is supported for flows to be considered to be at 1400 a medium level of conformance. Typically, this value 1401 represents the maximum number of tokens in a token 1402 bucket. 1404 This object specifies flow data in bytes per second 1405 units such that, for example, a value of 100 equates 1406 to a committed information rate of 100 bytes per 1407 second. 1409 Peak burst (and rate) information must be present 1410 if the qosMeterDataSpecification object has the value 1411 peakData(3). This, in turn, requires that high, medium 1412 and low conformance actions be specified." 1414 ::= { qosMeterEntry 6 } 1416 qosMeterHighConfAction OBJECT-TYPE 1417 SYNTAX PolicyInstanceId 1418 STATUS current 1419 DESCRIPTION 1420 "This attribute identifies the action that is to be 1421 initiated for flows that are determined to have a high 1422 level of conformance with regard to metering criteria 1423 being applied to the flow. 1425 Actions must be defined in the qosActionTable prior to 1426 being referenced by this attribute. A valid value for 1427 this attribute must always be provided." 1429 ::= { qosMeterEntry 7 } 1431 qosMeterMedConfAction OBJECT-TYPE 1432 SYNTAX PolicyInstanceId 1433 STATUS current 1434 DESCRIPTION 1435 "This attribute identifies the action that is to be 1436 initiated for flows that are determined to have a medium 1437 level of conformance with regard to metering criteria 1438 being applied to the flow. 1440 Actions must be defined in the qosActionTable prior to 1441 being referenced by this attribute. A valid value for 1442 this attribute must be provided if the value of the 1443 associated qosMeterDataSpecification object is 1444 committedRate(2) or peakRate(3)." 1446 ::= { qosMeterEntry 8 } 1448 qosMeterLowConfAction OBJECT-TYPE 1449 SYNTAX PolicyInstanceId 1450 STATUS current 1451 DESCRIPTION 1452 "This attribute identifies the action that is to be 1453 initiated for flows that are determined to have a low 1454 level of conformance with regard to metering criteria 1455 being applied to the flow. 1457 Actions must be defined in the qosActionTable prior to 1458 being referenced by this attribute. A valid value for 1459 this attribute must be provided if the value of the 1460 associated qosMeterDataSpecification object is 1461 peakRate(3)." 1463 ::= { qosMeterEntry 9 } 1465 -- 1466 -- The Generic QoS ACL Action Group 1467 -- 1469 qosAction OBJECT IDENTIFIER ::= { qosPolicyGenPibClasses 3 } 1471 -- 1472 -- The QoS Action Table 1473 -- 1474 -- The QoS Action Table describes actions that are associated with 1475 -- specific IP, IEEE 802 and other ACLs through the QoS Target 1476 -- Table. An action specification may be simple (i.e., a single 1477 -- action) or complex (i.e., multiple actions that are performed 1478 -- in "parallel"). 1479 -- 1481 qosActionTable OBJECT-TYPE 1482 SYNTAX SEQUENCE OF QosActionEntry 1483 POLICY-ACCESS install 1484 STATUS current 1485 DESCRIPTION 1486 "Contains the current set of configured actions. The actions 1487 are associated with IP, IEEE 802 and other ACLs and 1488 interfaces during operation." 1490 ::= { qosAction 1 } 1492 qosActionEntry OBJECT-TYPE 1493 SYNTAX QosActionEntry 1494 STATUS current 1495 DESCRIPTION 1496 "General action definitions. Each entry specifies an instance 1497 of the qosAction class which describes (potentially) 1498 several distinct action attributes. Each action is taken 1499 individually regarding the data in question. Several actions 1500 can be taken for a single frame. 1502 An instance of this class can not be deleted while it is being 1503 referenced in a target instance in another class. This 1504 class may be extended with actions that apply to specific QoS 1505 policies (e.g., IP, IEEE 802, security) using augmentation." 1507 INDEX { qosActionId } 1508 ::= { qosActionTable 1 } 1510 QosActionEntry ::= SEQUENCE { 1511 qosActionId PolicyInstanceId, 1512 qosActionDrop TruthValue, 1513 qosActionUpdateDSCP Integer32, 1514 qosActionMeter PolicyInstanceId 1515 } 1517 qosActionId OBJECT-TYPE 1518 SYNTAX PolicyInstanceId 1519 STATUS current 1520 DESCRIPTION 1521 "An arbitrary integer index that uniquely identifies 1522 the instance of the QoS Action class. Class instances 1523 may not be contiguous. Actions are associated with 1524 Target instances in other classes (e.g., the QoS 1525 Target class) using this attribute." 1527 ::= { qosActionEntry 1 } 1529 qosActionDrop OBJECT-TYPE 1530 SYNTAX TruthValue 1531 STATUS current 1532 DESCRIPTION 1533 "This action attribute, when specified, will cause the 1534 frame being evaluated to be dropped if the value is 1535 'true(1)'. A value of 'false(2)' indicates that this 1536 action will not be initiated (i.e., the frame will not 1537 be dropped) based on this attribute. 1539 Prior to discarding a packet, other actions that have 1540 been specified should be performed if they make protocol 1541 sense. For example, requests for traffic mirroring (if 1542 such an action is supported by a device) should be 1543 honored. However, updating protocol header values will 1544 typically not be necessary." 1546 ::= { qosActionEntry 2 } 1548 qosActionUpdateDSCP OBJECT-TYPE 1549 SYNTAX Integer32 (-1 | 0..63) 1550 STATUS current 1551 DESCRIPTION 1552 "This action component, when specified, will cause the 1553 value contained in the Differentiated Services (DS) 1554 field of an associated IP datagram to be updated with 1555 the value of this object. 1557 A value of -1 indicates that this action component has not 1558 been set to an appropriate value and should not be used for 1559 action initiation. The DSCP should remain unchanged." 1561 ::= { qosActionEntry 3 } 1563 qosActionMeter OBJECT-TYPE 1564 SYNTAX PolicyInstanceId 1565 STATUS current 1566 DESCRIPTION 1567 "This action component, when specified, will identify 1568 another level of metering that should be applied to 1569 the given flow. This action is only taken if it is 1570 not in conflict with other specified actions, i.e., 1571 qosActionDrop. 1573 A value of 0 indicates that an additional metering 1574 component has not been specified. No additional metering 1575 is thus required." 1577 ::= { qosActionEntry 4 } 1579 -- 1580 -- The QoS Target Table 1581 -- 1582 -- The QoS Target Table supports the association of ACLs, 1583 -- interfaces and actions. It allows ACL class instances, as 1584 -- defined in various ACL Defintion classes, to be associated 1585 -- with specific interfaces/flow direction (based on interface 1586 -- role combination and traffic direction) and actions to be 1587 -- performed based on traffic classification. Furthermore, it 1588 -- allows heterogeneous ACL Definition class instances (e.g., 1589 -- IP, IEEE 802, security) to be applied to the same interface 1590 -- group in a prescribed order of precedence. 1591 -- 1593 qosTargetTable OBJECT-TYPE 1594 SYNTAX SEQUENCE OF QosTargetEntry 1595 POLICY-ACCESS install 1596 STATUS current 1597 DESCRIPTION 1598 "A class that applies a set of ACLs to interfaces specifying, 1599 for each interface, the precedence order of the ACL with 1600 respect to other ACLs applied to the same interface and, for 1601 each ACL, the action to take for a packet that matches a 1602 permit ACE in that ACL. Interfaces are specified abstractly 1603 in terms of interface roles. 1605 This class may contain ACLs that specify different types 1606 of traffic classification (e.g., IP ACLs and IEEE 802 ACLs 1607 defined in their respective definition tables). An ACL is 1608 identified by its class and instance within that class. An 1609 ACL association is formed when ACLs apply to the same 1610 interfaces, as determined by the specified interface role 1611 and direction. ACL evaluation precedence within an 1612 association is determined by the precedence attribute." 1614 INSTALL-ERRORS { 1615 priPrecedenceConflict(1) -- precedence conflict detected 1616 } 1618 ::= { qosAction 2 } 1620 qosTargetEntry OBJECT-TYPE 1621 SYNTAX QosTargetEntry 1622 STATUS current 1623 DESCRIPTION 1624 "An instance of the qosTarget class. Instance creation 1625 may be prohibited based on the status of certain class 1626 attributes which must exist prior to class instantiation." 1628 INDEX { qosTargetId } 1629 ::= { qosTargetTable 1 } 1631 QosTargetEntry ::= SEQUENCE { 1632 qosTargetId PolicyInstanceId, 1633 qosTargetAclId PolicyInstanceId, 1634 qosTargetAclType OBJECT IDENTIFIER, 1635 qosTargetInterfaceRoles RoleCombination, 1636 qosTargetInterfaceDirection INTEGER, 1637 qosTargetOrder Unsigned32, 1638 qosTargetMeter PolicyInstanceId 1639 } 1641 qosTargetId OBJECT-TYPE 1642 SYNTAX PolicyInstanceId 1643 STATUS current 1644 DESCRIPTION 1645 "An arbitrary integer index that uniquely identifies 1646 the instance of the QoS Target class." 1648 ::= { qosTargetEntry 1 } 1650 qosTargetAclId OBJECT-TYPE 1651 SYNTAX PolicyInstanceId 1652 STATUS current 1653 DESCRIPTION 1654 "This attribute identifies the ACL that is associated 1655 with this target. It identifies (potentially many) ACL 1656 class instances in a specific ACL Definition table 1657 where ACLs, and their associated ACEs, are defined. 1658 For example, instances in the qosIpAclDefinitionTable 1659 are identified by setting the value of this object 1660 equal to the qosIpAclDefinitionAclId of the instances 1661 being targeted. This value, together with the value of 1662 the corresponding qosTargetAclType attribute, 1663 uniquely identifies one or more instances of a specific 1664 ACL Definition class. 1666 Attempting to specify an unknown ACL class instance will 1667 result in an appropriate error indication being returned 1668 to the entity that is attempting to install the conflicting 1669 entry. For example, a 'priUnknown(2)' error indication is 1670 returned to the policy server in this situation." 1672 ::= { qosTargetEntry 2 } 1674 qosTargetAclType OBJECT-TYPE 1675 SYNTAX OBJECT IDENTIFIER 1676 STATUS current 1677 DESCRIPTION 1678 "The ACL Definition class that is being referenced by 1679 this instance of the ACL Target class. This policy 1680 class identifier, together with the corresponding 1681 qosTargetAclId attribute, uniquely identifies 1682 instances of a specific ACL Definition class. 1684 The object identifier value of this attribute must 1685 exist in the policyPrcSupportTable." 1687 ::= { qosTargetEntry 3 } 1689 qosTargetInterfaceRoles OBJECT-TYPE 1690 SYNTAX RoleCombination 1691 STATUS current 1692 DESCRIPTION 1693 "The interfaces to which this ACL applies specified 1694 in terms of a set of roles. The role combination 1695 specified by this attribute must exist in the 1696 qosInterfaceTypeTable prior to being association 1697 with an instance of this class." 1699 ::= { qosTargetEntry 4 } 1701 qosTargetInterfaceDirection OBJECT-TYPE 1702 SYNTAX INTEGER { 1703 in(1), 1704 out(2) 1705 } 1706 STATUS current 1707 DESCRIPTION 1708 "The direction of packet flow at the interface in 1709 question to which this ACL applies." 1711 ::= { qosTargetEntry 5 } 1713 qosTargetOrder OBJECT-TYPE 1714 SYNTAX Unsigned32 1715 STATUS current 1716 DESCRIPTION 1717 "An integer that determines the precedence order of 1718 this ACL in the list of ACLs applied to interfaces of 1719 the specified role combination. An ACL with a given 1720 precedence order is positioned in the list before one 1721 with a higher-valued precedence order. 1723 As an example, consider the following ACL Target association: 1725 Index IfRoleCombo IfDirection AclId AclType Order 1726 14 'eth1000+L2+L3' 'in' 8 '802' 1 1727 15 'eth1000+L2+L3' 'in' 3 '802' 2 1728 16 'eth1000+L2+L3' 'in' 12 'IP' 3 1729 17 'eth1000+L2+L3' 'in' 6 'IP' 4 1730 18 'eth1000+L2+L3' 'in' 21 'IP' 5 1732 Five distinct ACL specifications, 3 from an IP ACL 1733 Definition class and 2 from an IEEE 802 ACL Definition class, 1734 form an Acl Target association (e.g., based on the specified 1735 interface role combination and direction attributes) with a 1736 prescribed order of evaluation. The AclType and AclId 1737 attributes identify the ACL Definition instances in their 1738 respective classes. 1740 Precedence values within an association must be unique 1741 otherwise instance installation will be prohibited and an 1742 error value will be returned." 1744 ::= { qosTargetEntry 6 } 1746 qosTargetMeter OBJECT-TYPE 1747 SYNTAX PolicyInstanceId 1748 STATUS current 1749 DESCRIPTION 1750 "This attribute identifies the meter that is associated 1751 with this QoS Target instance. Meters are defined 1752 in the qosMeterTable. The corresponding instance in 1753 the qosMeter class (i.e., the class instance where 1754 the qosMeterId is equal to the value of this object) 1755 must exist prior to being associated with a Target 1756 entry." 1758 ::= { qosTargetEntry 7 } 1760 -- 1761 -- The IP Classification and Policing Group 1762 -- 1764 qosIpQos OBJECT IDENTIFIER ::= { qosPolicyIpPibClasses 1 } 1766 -- The IP ACE Table 1767 qosIpAceTable OBJECT-TYPE 1768 SYNTAX SEQUENCE OF QosIpAceEntry 1769 POLICY-ACCESS install 1770 STATUS current 1771 DESCRIPTION 1772 "ACE definitions. A packet has to match all fields in an 1773 ACE. Wildcards may be specified for those fields that are 1774 not relevant." 1776 ::= { qosIpQos 1 } 1778 qosIpAceEntry OBJECT-TYPE 1779 SYNTAX QosIpAceEntry 1780 STATUS current 1781 DESCRIPTION 1782 "An instance of the qosIpAce class." 1784 INDEX { qosIpAceId } 1785 ::= { qosIpAceTable 1 } 1787 QosIpAceEntry ::= SEQUENCE { 1788 qosIpAceId PolicyInstanceId, 1789 qosIpAceDstAddr IpAddress, 1790 qosIpAceDstAddrMask IpAddress, 1791 qosIpAceSrcAddr IpAddress, 1792 qosIpAceSrcAddrMask IpAddress, 1793 qosIpAceDscp Integer32, 1794 qosIpAceProtocol INTEGER, 1795 qosIpAceDstL4PortMin INTEGER, 1796 qosIpAceDstL4PortMax INTEGER, 1797 qosIpAceSrcL4PortMin INTEGER, 1798 qosIpAceSrcL4PortMax INTEGER, 1799 qosIpAcePermit TruthValue 1800 } 1802 qosIpAceId OBJECT-TYPE 1803 SYNTAX PolicyInstanceId 1804 STATUS current 1805 DESCRIPTION 1806 "An integer index to uniquely identify this ACE among all the 1807 ACEs." 1809 ::= { qosIpAceEntry 1 } 1811 qosIpAceDstAddr OBJECT-TYPE 1812 SYNTAX IpAddress 1813 STATUS current 1814 DESCRIPTION 1815 "The IP address to match against the packet's destination IP 1816 address." 1818 ::= { qosIpAceEntry 2 } 1820 qosIpAceDstAddrMask OBJECT-TYPE 1821 SYNTAX IpAddress 1822 STATUS current 1823 DESCRIPTION 1824 "A mask for the matching of the destination IP address. 1825 A zero bit in the mask means that the corresponding bit in 1826 the address always matches." 1828 ::= { qosIpAceEntry 3 } 1830 qosIpAceSrcAddr OBJECT-TYPE 1831 SYNTAX IpAddress 1832 STATUS current 1833 DESCRIPTION 1834 "The IP address to match against the packet's source IP 1835 address." 1837 ::= { qosIpAceEntry 4 } 1839 qosIpAceSrcAddrMask OBJECT-TYPE 1840 SYNTAX IpAddress 1841 STATUS current 1842 DESCRIPTION 1843 "A mask for the matching of the source IP address." 1845 ::= { qosIpAceEntry 5 } 1847 qosIpAceDscp OBJECT-TYPE 1848 SYNTAX Integer32 (-1 | 0..63) 1849 STATUS current 1850 DESCRIPTION 1851 "The value that the DSCP in the packet can have and 1852 match this ACE. A value of -1 indicates that a specific 1853 DSCP value has not been defined and thus all DSCP values 1854 are considered a match." 1856 ::= { qosIpAceEntry 6 } 1858 qosIpAceProtocol OBJECT-TYPE 1859 SYNTAX INTEGER (0..255) 1860 STATUS current 1861 DESCRIPTION 1862 "The IP protocol to match against the packet's protocol. 1863 A value of zero means match all." 1865 ::= { qosIpAceEntry 7 } 1867 qosIpAceDstL4PortMin OBJECT-TYPE 1868 SYNTAX INTEGER (0..65535) 1869 STATUS current 1870 DESCRIPTION 1871 "The minimum value that the packet's layer 4 destination 1872 port number can have and match this ACE." 1874 ::= { qosIpAceEntry 8 } 1876 qosIpAceDstL4PortMax OBJECT-TYPE 1877 SYNTAX INTEGER (0..65535) 1878 STATUS current 1879 DESCRIPTION 1880 "The maximum value that the packet's layer 4 destination 1881 port number can have and match this ACE. This value must be 1882 equal to or greater that the value specified for this ACE in 1883 qosIpAceDstL4PortMin." 1885 ::= { qosIpAceEntry 9 } 1887 qosIpAceSrcL4PortMin OBJECT-TYPE 1888 SYNTAX INTEGER (0..65535) 1889 STATUS current 1890 DESCRIPTION 1891 "The minimum value that the packet's layer 4 source port 1892 number can have and match this ACE." 1894 ::= { qosIpAceEntry 10 } 1896 qosIpAceSrcL4PortMax OBJECT-TYPE 1897 SYNTAX INTEGER (0..65535) 1898 STATUS current 1899 DESCRIPTION 1900 "The maximum value that the packet's layer 4 source port 1901 number can have and match this ACE. This value must be equal 1902 to or greater that the value specified for this ACE in 1903 qosIpAceSrcL4PortMin." 1905 ::= { qosIpAceEntry 11 } 1907 qosIpAcePermit OBJECT-TYPE 1908 SYNTAX TruthValue 1909 STATUS current 1910 DESCRIPTION 1911 "If the packet matches this ACE and the value of this 1912 attribute is true, then the matching process terminates 1913 and the QoS associated with this ACE (indirectly through 1914 the ACL) is applied to the packet. If the value of this 1915 attribute is false, then no more ACEs in this ACL are 1916 compared to this packet and matching continues with the 1917 first ACE of the next ACL." 1919 ::= { qosIpAceEntry 12 } 1921 -- 1922 -- The IP ACL Definition Table 1923 -- 1925 qosIpAclDefinitionTable OBJECT-TYPE 1926 SYNTAX SEQUENCE OF QosIpAclDefinitionEntry 1927 POLICY-ACCESS install 1928 STATUS current 1929 DESCRIPTION 1930 "A class that defines a set of ACLs each being an ordered list 1931 of ACEs. Each instance of this class identifies one ACE of 1932 an ACL and the precedence order of that ACE with respect to 1933 other ACEs in the same ACL." 1935 INSTALL-ERRORS { 1936 priPrecedenceConflict(1) -- precedence conflict detected 1937 } 1939 ::= { qosIpQos 2 } 1941 qosIpAclDefinitionEntry OBJECT-TYPE 1942 SYNTAX QosIpAclDefinitionEntry 1943 STATUS current 1944 DESCRIPTION 1945 "An instance of the qosIpAclDefinition class." 1947 INDEX { qosIpAclDefinitionId } 1948 ::= { qosIpAclDefinitionTable 1 } 1950 QosIpAclDefinitionEntry ::= SEQUENCE { 1951 qosIpAclDefinitionId PolicyInstanceId, 1952 qosIpAclDefinitionAclId PolicyInstanceId, 1953 qosIpAclDefinitionAceId PolicyInstanceId, 1954 qosIpAclDefinitionAceOrder Unsigned32 1955 } 1957 qosIpAclDefinitionId OBJECT-TYPE 1958 SYNTAX PolicyInstanceId 1959 STATUS current 1960 DESCRIPTION 1961 "Unique index of this policy rule instance." 1963 ::= { qosIpAclDefinitionEntry 1 } 1965 qosIpAclDefinitionAclId OBJECT-TYPE 1966 SYNTAX PolicyInstanceId 1967 STATUS current 1968 DESCRIPTION 1969 "An ID for this ACL. There will be one instance of 1970 the class qosIpAclDefinition with this ID for each ACE in 1971 the ACL per role combination." 1973 ::= { qosIpAclDefinitionEntry 2 } 1975 qosIpAclDefinitionAceId OBJECT-TYPE 1976 SYNTAX PolicyInstanceId 1977 STATUS current 1978 DESCRIPTION 1979 "This attribute specifies the ACE in the qosIpAceTable that 1980 is in the ACL specified by qosIpAclDefinitionAclId at the 1981 position specified by qosIpAceOrder. 1983 Attempting to specify an unknown class instance will result 1984 in an appropriate error indication being returned to the 1985 entity that is attempting to install the conflicting entry. 1986 For example, a 'priUnknown(2)' error indication is returned 1987 to the policy server in this situation." 1989 ::= { qosIpAclDefinitionEntry 3 } 1991 qosIpAclDefinitionAceOrder OBJECT-TYPE 1992 SYNTAX Unsigned32 1993 STATUS current 1994 DESCRIPTION 1995 "The precedence order of this ACE. The precedence order 1996 determines the position of this ACE in the ACL. An ACE with 1997 a given precedence order is positioned in the access control 1998 list before one with a higher-valued precedence order. 2000 Precedence values within a group must be unique otherwise 2001 instance installation will be prohibited and an error 2002 value will be returned." 2004 ::= { qosIpAclDefinitionEntry 4 } 2006 END 2007 7.3. The QoS IEEE 802 PIB 2009 QOS-POLICY-802-PIB PIB-DEFINITIONS ::= BEGIN 2011 IMPORTS 2012 Unsigned32, Integer32, 2013 MODULE-IDENTITY, OBJECT-TYPE 2014 FROM SNMPv2-SMI 2015 TruthValue, PhysAddress, 2016 TEXTUAL-CONVENTION 2017 FROM SNMPv2-TC 2018 RoleCombination, PolicyInstanceId 2019 FROM POLICY-FRAMEWORK-PIB 2020 Dscp 2021 FROM QOS-POLICY-IP-PIB; 2023 qosPolicy802Pib MODULE-IDENTITY 2024 LAST-UPDATED "9906241800Z" 2025 ORGANIZATION "IETF RAP WG" 2026 CONTACT-INFO " 2027 Michael Fine 2028 Cisco Systems, Inc. 2029 170 West Tasman Drive 2030 San Jose, CA 95134-1706 USA 2031 Phone: +1 408 527 8218 2032 Email: mfine@cisco.com 2034 Keith McCloghrie 2035 Cisco Systems, Inc. 2036 170 West Tasman Drive, 2037 San Jose, CA 95134-1706 USA 2038 Phone: +1 408 526 5260 2039 Email: kzm@cisco.com 2041 John Seligson 2042 Nortel Networks, Inc. 2043 4401 Great America Parkway 2044 Santa Clara, CA 95054 USA 2045 Phone: +1 408 495 2992 2046 Email: jseligso@nortelnetworks.com" 2047 DESCRIPTION 2048 "The PIB module containing an initial set of policy 2049 rule classes that describe the quality of service 2050 (QoS) policies supported by devices for IEEE 802- 2051 based traffic." 2053 ::= { tbd } 2055 qosPolicy802PibClasses OBJECT IDENTIFIER ::= { qosPolicy802Pib 1 } 2057 -- 2058 -- Textual Conventions 2059 -- 2061 -- 2062 -- IEEE 802 CoS 2063 -- 2065 QosIeee802Cos ::= TEXTUAL-CONVENTION 2066 STATUS current 2067 DESCRIPTION 2068 "An integer that is in the range of the IEEE 802 CoS 2069 values. This corresponds to the 802.1p priority values." 2071 SYNTAX INTEGER (0..7) 2073 -- 2074 -- General configuration information for the entire domain 2075 -- 2077 qos802DomainConfig OBJECT IDENTIFIER ::= { qosPolicy802PibClasses 1 } 2079 -- 2080 -- Differentiated Services Code Point Mapping Table 2081 -- 2082 -- Supports the mapping of DSCP values to IEEE CoS values. 2083 -- 2085 qos802DscpMappingTable OBJECT-TYPE 2086 SYNTAX SEQUENCE OF Qos802DscpMappingEntry 2087 POLICY-ACCESS install 2088 STATUS current 2089 DESCRIPTION 2090 "Maps each DSCP to an QosIeee802Cos. When configured 2091 for the first time, all 64 entries of the table must 2092 be specified. Thereafter, instances may be modified but 2093 not deleted unless all instances are deleted." 2095 INSTALL-ERRORS { 2096 priInstNotComplete(1) -- required instances not created 2097 } 2099 ::= { qos802DomainConfig 1 } 2101 qos802DscpMappingEntry OBJECT-TYPE 2102 SYNTAX Qos802DscpMappingEntry 2103 STATUS current 2104 DESCRIPTION 2105 "An instance of the qos802DscpMapping class. A total of 64 2106 class instances are constantly maintained after initial device 2107 configuration." 2109 INDEX { qos802DscpMappingId } 2110 ::= { qos802DscpMappingTable 1 } 2112 Qos802DscpMappingEntry ::= SEQUENCE { 2113 qos802DscpMappingId PolicyInstanceId, 2114 qos802DscpMappingDscp Dscp, 2115 qos802DscpMapping802Cos QosIeee802Cos 2116 } 2118 qos802DscpMappingId OBJECT-TYPE 2119 SYNTAX PolicyInstanceId 2120 STATUS current 2121 DESCRIPTION 2122 "A unique ID for this policy rule instance." 2124 ::= { qos802DscpMappingEntry 1 } 2126 qos802DscpMappingDscp OBJECT-TYPE 2127 SYNTAX Dscp 2128 STATUS current 2129 DESCRIPTION 2130 "The DSCP class instance attribute that is used to 2131 determine the appropriate layer 2 CoS mappings. DSCP 2132 values 0 through 63 (inclusive) are maintained in 2133 the table." 2135 ::= { qos802DscpMappingEntry 2 } 2137 qos802DscpMapping802Cos OBJECT-TYPE 2138 SYNTAX QosIeee802Cos 2139 STATUS current 2140 DESCRIPTION 2141 "The IEEE 802 CoS value to use when mapping the DSCP 2142 value specified by the qos802DscpMappingDscp attribute 2143 to a IEEE 802 CoS." 2145 ::= { qos802DscpMappingEntry 3 } 2147 -- 2148 -- Layer 2 CoS-to-DSCP Mapping Table 2149 -- 2150 -- Supports the mapping of IEEE CoS values to DSCP values 2151 -- for generic QoS traffic classification 2152 -- 2154 qos802CosToDscpTable OBJECT-TYPE 2155 SYNTAX SEQUENCE OF Qos802CosToDscpEntry 2156 POLICY-ACCESS install 2157 STATUS current 2158 DESCRIPTION 2159 "Maps each of eight layer 2 CoS values to a DSCP. When 2160 configured for the first time, all 8 entries of the table 2161 must be specified. Thereafter, instances may be modified 2162 but not deleted unless all instances are deleted." 2164 INSTALL-ERRORS { 2165 priInstNotComplete(1) -- required instances not created 2166 } 2168 ::= { qos802DomainConfig 2 } 2170 qos802CosToDscpEntry OBJECT-TYPE 2171 SYNTAX Qos802CosToDscpEntry 2172 STATUS current 2173 DESCRIPTION 2174 "An instance of the qosCosToDscp class. A total of 8 2175 class instances are constantly maintained after initial 2176 device configuration." 2178 INDEX { qos802CosToDscpId } 2179 ::= { qos802CosToDscpTable 1 } 2181 Qos802CosToDscpEntry ::= SEQUENCE { 2182 qos802CosToDscpId PolicyInstanceId, 2183 qos802CosToDscpCos QosIeee802Cos, 2184 qos802CosToDscpDscp Dscp 2185 } 2187 qos802CosToDscpId OBJECT-TYPE 2188 SYNTAX PolicyInstanceId 2189 STATUS current 2190 DESCRIPTION 2191 "A unique index for this policy rule instance." 2193 ::= { qos802CosToDscpEntry 1 } 2195 qos802CosToDscpCos OBJECT-TYPE 2196 SYNTAX QosIeee802Cos 2197 STATUS current 2198 DESCRIPTION 2199 "The layer 2 CoS class instance attribute that is used to 2200 determine the appropriate DSCP mappings. CoS values 0 2201 through 7 (inclusive) are maintained in the table." 2203 ::= { qos802CosToDscpEntry 2 } 2205 qos802CosToDscpDscp OBJECT-TYPE 2206 SYNTAX Dscp 2207 STATUS current 2208 DESCRIPTION 2209 "The DSCP value to use when mapping the layer 2 CoS value 2210 specified by the qosCosToDscp attribute to a DSCP." 2212 ::= { qos802CosToDscpEntry 3 } 2214 -- 2215 -- The IEEE 802 Classification and Policing Group 2216 -- 2218 qos802Qos OBJECT IDENTIFIER ::= { qosPolicy802PibClasses 2 } 2220 -- 2221 -- The IEEE 802 ACE Table 2222 -- 2223 -- The IEEE 802 ACE Table supports the specification of IEEE 2224 -- 802-based (e.g., 802.3) information that is used to perform 2225 -- traffic classification. 2226 -- 2228 qos802AceTable OBJECT-TYPE 2229 SYNTAX SEQUENCE OF Qos802AceEntry 2230 POLICY-ACCESS install 2231 STATUS current 2232 DESCRIPTION 2233 "IEEE 802-based ACE definitions. A class that contains 2234 attributes of IEEE 802 (e.g., 802.3) traffic that form 2235 an association that is used to perform traffic 2236 classification." 2238 ::= { qos802Qos 1 } 2240 qos802AceEntry OBJECT-TYPE 2241 SYNTAX Qos802AceEntry 2242 STATUS current 2243 DESCRIPTION 2244 "IEEE 802-based ACE definitions. An entry specifies 2245 (potentially) several distinct matching components. Each 2246 component is tested against the data in a frame 2247 individually. An overall match occurs when all of the 2248 individual components match the data they are compared 2249 against in the frame being processed. A failure of any 2250 one test causes the overall match to fail. 2252 Wildcards may be specified for those fields that are not 2253 relevant." 2255 INDEX { qos802AceId } 2256 ::= { qos802AceTable 1 } 2258 Qos802AceEntry ::= SEQUENCE { 2259 qos802AceId PolicyInstanceId, 2260 qos802AceDstAddr PhysAddress, 2261 qos802AceDstAddrMask PhysAddress, 2262 qos802AceSrcAddr PhysAddress, 2263 qos802AceSrcAddrMask PhysAddress, 2264 qos802AceVlanId Integer32, 2265 qos802AceVlanTagRequired INTEGER, 2266 qos802AceEtherType Integer32, 2267 qos802AceUserPriority BITS, 2268 qos802AcePermit TruthValue 2269 } 2271 qos802AceId OBJECT-TYPE 2272 SYNTAX PolicyInstanceId 2273 STATUS current 2274 DESCRIPTION 2275 "An arbitrary integer index that uniquely identifies this 2276 802 ACE among all of the 802 ACEs. Note that this identifier 2277 is used in instances of the qos802Acl class to associate a 2278 802 ACE with a 802 ACL. An active ACE/ACL association 2279 prohibits the deletion of the 802 ACE until the ACE/ACL 2280 association is terminated. Class instances may not be 2281 contiguous." 2283 ::= { qos802AceEntry 1 } 2285 qos802AceDstAddr OBJECT-TYPE 2286 SYNTAX PhysAddress 2287 STATUS current 2288 DESCRIPTION 2289 "The 802 address against which the 802 DA of incoming traffic 2290 streams will be compared. Frames whose 802 DA matches the 2291 physical address specified by this object, taking into account 2292 address wildcarding as specified by the qos802AceDstAddrMask 2293 object, are potentially subject to the processing guidelines 2294 that are associated with this entry through the related 2295 action class." 2297 ::= { qos802AceEntry 2 } 2299 qos802AceDstAddrMask OBJECT-TYPE 2300 SYNTAX PhysAddress 2301 STATUS current 2302 DESCRIPTION 2303 "This object specifies the bits in a 802 destination address 2304 that should be considered when performing a 802 DA comparison 2305 against the address specified in the qos802AceDstAddr object. 2307 The value of this object represents a mask that is logically 2308 and'ed with the 802 DA in received frames to derive the value 2309 to be compared against the qos802AceDstAddr address. A zero 2310 bit in the mask thus means that the corresponding bit in the 2311 address always matches. The qos802AceDstAddr value must also 2312 be masked using this value prior to any comparisons. 2314 The length of this object in octets must equal the length in 2315 octets of the qos802AceDstAddr. Note that a mask with no bits 2316 set (i.e., all zeroes) effectively wildcards the 2317 qos802AceDstAddr object." 2319 ::= { qos802AceEntry 3 } 2321 qos802AceSrcAddr OBJECT-TYPE 2322 SYNTAX PhysAddress 2323 STATUS current 2324 DESCRIPTION 2325 "The 802 MAC address against which the 802 MAC SA of incoming 2326 traffic streams will be compared. Frames whose 802 MAC SA 2327 matches the physical address specified by this object, 2328 taking into account address wildcarding as specified by the 2329 qos802AceSrcAddrMask object, are potentially subject to the 2330 processing guidelines that are associated with this entry 2331 through the related action class." 2333 ::= { qos802AceEntry 4 } 2335 qos802AceSrcAddrMask OBJECT-TYPE 2336 SYNTAX PhysAddress 2337 STATUS current 2338 DESCRIPTION 2339 "This object specifies the bits in a 802 MAC source address 2340 that should be considered when performing a 802 MAC SA 2341 comparison against the address specified in the 2342 qos802AceSrcAddr object. 2344 The value of this object represents a mask that is logically 2345 and'ed with the 802 MAC SA in received frames to derive the 2346 value to be compared against the qos802AceSrcAddr address. A 2347 zero bit in the mask thus means that the corresponding bit 2348 in the address always matches. The qos802AceSrcAddr value 2349 must also be masked using this value prior to any 2350 comparisons. 2352 The length of this object in octets must equal the length in 2353 octets of the qos802AceSrcAddr. Note that a mask with no bits 2354 set (i.e., all zeroes) effectively wildcards the 2355 qos802AceSrcAddr object." 2357 ::= { qos802AceEntry 5 } 2359 qos802AceVlanId OBJECT-TYPE 2360 SYNTAX Integer32 (-1 | 1..4094) 2361 STATUS current 2362 DESCRIPTION 2363 "The VLAN ID (VID) that uniquely identifies a VLAN 2364 within the device. This VLAN may be known or unknown 2365 (i.e., traffic associated with this VID has not yet 2366 been seen by the device) at the time this entry 2367 is instantiated. 2369 Setting the qos802AceVlanId object to -1 indicates that 2370 VLAN data should not be considered during traffic 2371 classification." 2373 ::= { qos802AceEntry 6 } 2375 qos802AceVlanTagRequired OBJECT-TYPE 2376 SYNTAX INTEGER { 2377 taggedOnly(1), 2378 priorityTaggedPlus(2), 2379 untaggedOnly(3), 2380 ignoreTag(4) 2381 } 2382 STATUS current 2383 DESCRIPTION 2384 "This object indicates whether the presence of an 2385 IEEE 802.1Q VLAN tag in data link layer frames must 2386 be considered when determining if a given frame 2387 matches this 802 ACE entry. 2389 A value of 'taggedOnly(1)' means that only frames 2390 containing a VLAN tag with a non-Null VID (i.e., a 2391 VID in the range 1..4094) will be considered a match. 2393 A value of 'priorityTaggedPlus(2)' means that only 2394 frames containing a VLAN tag, regardless of the value 2395 of the VID, will be considered a match. 2397 A value of 'untaggedOnly(3)' indicates that only 2398 untagged frames will match this filter component. 2400 The presence of a VLAN tag is not taken into 2401 consideration in terms of a match if the value is 2402 'ignoreTag(4)'." 2404 ::= { qos802AceEntry 7 } 2406 qos802AceEtherType OBJECT-TYPE 2407 SYNTAX Integer32 (-1 | 0..'ffff'h) 2408 STATUS current 2409 DESCRIPTION 2410 "This object specifies the value that will be compared 2411 against the value contained in the EtherType field of an 2412 IEEE 802 frame. Example settings would include 'IP' 2413 (0x0800), 'ARP' (0x0806) and 'IPX' (0x8137). 2415 Setting the qos802AceEtherTypeMin object to -1 indicates 2416 that EtherType data should not be considered during traffic 2417 classification. 2419 Note that the position of the EtherType field depends on 2420 the underlying frame format. For Ethernet-II encapsulation, 2421 the EtherType field follows the 802 MAC source address. For 2422 802.2 LLC/SNAP encapsulation, the EtherType value follows the 2423 Organization Code field in the 802.2 SNAP header. The value 2424 that is tested with regard to this filter component therefore 2425 depends on the data link layer frame format being used. If 2426 this 802 ACE component is active when there is no EtherType 2427 field in a frame (e.g., 802.2 LLC), a match is implied." 2429 ::= { qos802AceEntry 8 } 2431 qos802AceUserPriority OBJECT-TYPE 2432 SYNTAX BITS { 2433 matchPriority0(0), 2434 matchPriority1(1), 2435 matchPriority2(2), 2436 matchPriority3(3), 2437 matchPriority4(4), 2438 matchPriority5(5), 2439 matchPriority6(6), 2440 matchPriority7(7) 2441 } 2442 STATUS current 2443 DESCRIPTION 2444 "The set of values, representing the potential range 2445 of user priority values, against which the value contained 2446 in the user priority field of a tagged 802.1 frame is 2447 compared. A test for equality is performed when determining 2448 if a match exists between the data in a data link layer 2449 frame and the value of this 802 ACE component. Multiple 2450 values may be set at one time such that potentially several 2451 different user priority values may match this 802 ACE 2452 component. 2454 Setting all of the bits that are associated with this 2455 object causes all user priority values to match this 2456 attribute. This essentially makes any comparisons 2457 with regard to user priority values unnecessary. Untagged 2458 frames are treated as an implicit match." 2460 ::= { qos802AceEntry 9 } 2462 qos802AcePermit OBJECT-TYPE 2463 SYNTAX TruthValue 2464 STATUS current 2465 DESCRIPTION 2466 "If the frame matches this ACE and the value of this 2467 attribute is true, then the matching process terminates 2468 and the QoS associated with this 802-based ACE (indirectly 2469 through the 802 ACL) is applied to the packet. If the 2470 value of this attribute is false, then no more 802 ACEs in 2471 this 802 ACL are compared to this packet and matching 2472 continues with the first 802-based ACE of the next 802 ACL." 2474 ::= { qos802AceEntry 10 } 2476 -- 2477 -- The IEEE 802 ACL Definition Table 2478 -- 2479 -- The IEEE 802 ACL Definition Table supports the association of 2480 -- distinct IEEE 802-based (e.g., 802.3) traffic classification 2481 -- specifications into an ordered list. 2482 -- 2484 qos802AclDefinitionTable OBJECT-TYPE 2485 SYNTAX SEQUENCE OF Qos802AclDefinitionEntry 2486 POLICY-ACCESS install 2487 STATUS current 2488 DESCRIPTION 2489 "IEEE 802-based ACL definitions. A class that defines a 2490 set of 802 ACLs, each of which is comprised of an ordered 2491 list of 802 ACEs." 2493 INSTALL-ERRORS { 2494 priPrecedenceConflict(1) -- precedence conflict detected 2495 } 2497 ::= { qos802Qos 2 } 2499 qos802AclDefinitionEntry OBJECT-TYPE 2500 SYNTAX Qos802AclDefinitionEntry 2501 STATUS current 2502 DESCRIPTION 2503 "IEEE 802-based ACL definitions. An entry specifies an 2504 instance of this class that associates an 802 ACE with 2505 a given 802 ACL. The evaluation order of distinct 802 2506 ACEs that are associated with a specific 802 ACL is 2507 specified as well." 2509 INDEX { qos802AclDefinitionId } 2510 ::= { qos802AclDefinitionTable 1 } 2512 Qos802AclDefinitionEntry ::= SEQUENCE { 2513 qos802AclDefinitionId PolicyInstanceId, 2514 qos802AclDefinitionAclId PolicyInstanceId, 2515 qos802AclDefinitionAceId PolicyInstanceId, 2516 qos802AclDefinitionAceOrder Unsigned32 2517 } 2519 qos802AclDefinitionId OBJECT-TYPE 2520 SYNTAX PolicyInstanceId 2521 STATUS current 2522 DESCRIPTION 2523 "An arbitrary integer index that uniquely identifies this 2524 802 ACE / 802 ACL association." 2526 ::= { qos802AclDefinitionEntry 1 } 2528 qos802AclDefinitionAclId OBJECT-TYPE 2529 SYNTAX PolicyInstanceId 2530 STATUS current 2531 DESCRIPTION 2532 "An index for this 802 ACL. Each 802 ACL in the device is 2533 assigned a unique integer index. There will (potentially) be 2534 multiple instances of the qos802AclDefinition class with this 2535 identifier, one for each 802 ACE that is associated with the 2536 specified 802 ACL. 2538 For example, assume that 2 802 ACLs, each comprised of 4 802 2539 ACEs, have been installed. The instances of this class may 2540 appear as follows: 2542 Index AclId AceId AceOrder 2543 10 6 4 1 2544 11 6 5 2 2545 12 6 9 23 2546 13 6 11 24 2547 65 18 5 8 2548 66 18 9 12 2549 67 18 13 15 2550 70 18 14 16 2552 Note that this identifier is used in instances of the 2553 qosAclTarget class to associate an 802 ACL with an interface 2554 set and action. An active ACL Target association prohibits 2555 the deletion of all of the qos802AclDefinition instances 2556 with a given qos802AclDefinitionAclId (i.e., at least one 2557 entry for the specific qos802AclDefinitionAclId must be 2558 present in this table) until the ACL Target association is 2559 terminated." 2561 ::= { qos802AclDefinitionEntry 2 } 2563 qos802AclDefinitionAceId OBJECT-TYPE 2564 SYNTAX PolicyInstanceId 2565 STATUS current 2566 DESCRIPTION 2567 "This attribute identifies the 802 ACE in the qos802AceTable 2568 that is associated with the 802 ACL specified by 2569 qos802AclDefinitionAclId object. The corresponding instance 2570 in the qos802Ace class must exist prior to being associated 2571 with a 802 ACL. 2573 Attempting to specify an unknown class instance will result 2574 in an appropriate error indication being returned to the 2575 entity that is attempting to install the conflicting entry. 2576 For example, a 'priUnknown(2)' error indication is returned 2577 to the policy server in this situation." 2579 ::= { qos802AclDefinitionEntry 3 } 2581 qos802AclDefinitionAceOrder OBJECT-TYPE 2582 SYNTAX Unsigned32 2583 STATUS current 2584 DESCRIPTION 2585 "The precedence of the 802 ACE, identified via the 2586 qos802AclDefinitionAceId object, with regard to evaluation 2587 order. The precedence determines the order of evaluation of 2588 this ACE in relation to related 802 ACEs that are associated 2589 with an ACL. An ACE with a given precedence order in the 2590 access control list is evaluated before one with a higher- 2591 valued precedence order. 2593 Precedence values within a group must be unique otherwise 2594 instance installation will be prohibited and an error 2595 value will be returned. 2597 Note that qos802AclDefinitionAceOrder values within a given 2598 ACL need not be contiguous." 2600 ::= { qos802AclDefinitionEntry 4 } 2602 END 2603 8. Security Considerations 2605 The information contained in a PIB when transported by the COPS protocol 2606 [COPS-PR] may be sensitive, and its function of provisioning a PEP 2607 requires that only authorized communication take place. The use of 2608 IPSEC between PDP and PEP, as described in [COPS], provides the 2609 necessary protection against these threats. 2611 9. Intellectual Property Considerations 2613 The IETF is being notified of intellectual property rights claimed in 2614 regard to some or all of the specification contained in this document. 2615 For more information consult the online list of claimed rights. 2617 10. Authors' Addresses 2619 Michael Fine 2620 Cisco Systems, Inc. 2621 170 West Tasman Drive 2622 San Jose, CA 95134-1706 USA 2623 Phone: +1 408 527 8218 2624 Email: mfine@cisco.com 2626 Keith McCloghrie 2627 Cisco Systems, Inc. 2628 170 West Tasman Drive 2629 San Jose, CA 95134-1706 USA 2630 Phone: +1 408 526 5260 2631 Email: kzm@cisco.com 2633 John Seligson 2634 Nortel Networks, Inc. 2635 4401 Great America Parkway 2636 Santa Clara, CA 95054 USA 2637 Phone: +1 408 495 2992 2638 Email: jseligso@nortelnetworks.com 2640 Kwok Ho Chan 2641 Nortel Networks, Inc. 2642 600 Technology Park Drive 2643 Billerica, MA 01821 USA 2644 Phone: +1 978 288 8175 2645 Email: khchan@nortelnetworks.com 2646 Scott Hahn 2647 Intel 2648 2111 NE 25th Avenue 2649 Hillsboro, OR 97124 USA 2650 Phone: +1 503 264 8231 2651 Email: scott.hahn@intel.com 2653 Andrew Smith 2654 Extreme Networks 2655 10460 Bandley Drive 2656 Cupertino CA 95014 USA 2657 Phone: +1 408 342 0999 2658 Email: andrew@extremenetworks.com 2660 11. References 2662 [COPS] J. Boyle, R. Cohen, D. Durham, S. Herzog, R. Rajan, A. Sastry, 2663 "The COPS (Common Open Policy Service) Protocol" 2664 Internet-Draft, draft-ietf-rap-cops-07.txt, August 1999. 2666 [COPS-PR] F. Reichmeyer, S. Herzog, K. Chan, D. Durham, R. Yavatkar, 2667 S. Gai, K. McCloghrie, A. Smith, "COPS Usage for Policy 2668 Provisioning," draft-ietf-rap-cops-pr-01.txt, June 1999. 2670 [POLICY] M. Stevens, W. Weiss H. Mahon, B. Moore, J. Strassner, 2671 G. Waters, A. Westerinen, J. Wheeler, "Policy Framework", 2672 draft-ietf-policy-framework-00.txt, September 1999. 2674 [RAP-FRAMEWORK] R. Yavatkar, D. Pendarakis, "A Framework for 2675 Policy-based Admission Control", 2676 draft-ietf-rap-framework-03.txt, April 1999. 2678 [SNMP-SMI] K. McCloghrie, D. Perkins, J. Schoenwaelder, J. Case, 2679 M. Rose and S. Waldbusser, "Structure of Management Information 2680 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. 2682 [MODEL] Y. Bernet, A. Smith, S. Blake, "A Conceptual Model for 2683 Diffserv Routers", draft-ietf-diffserv-model-00.txt, June 2684 1999. 2686 Table of Contents 2688 1 Glossary ........................................................ 2 2689 2 Introduction .................................................... 2 2690 3 General PIB Concepts ............................................ 2 2691 3.1 Roles ......................................................... 2 2692 3.2 Reporting of Device Capabilities .............................. 3 2693 4 DiffServ PIB Concepts ........................................... 4 2694 4.1 Filters, Filter Groups and Classifiers ........................ 4 2695 4.2 Applying QoS Policy Using Targets ............................. 4 2696 4.3 Queue Modeling with Queue Sets ................................ 5 2697 4.4 IP Mapping to and from Layer 2 ................................ 6 2698 5 Summary of the PIB Modules ...................................... 7 2699 6 PIB Operational Overview ........................................ 8 2700 7 PIB Definitions ................................................. 11 2701 7.1 The Policy Framework PIB Module ............................... 11 2702 7.2 The QoS IP PIB ................................................ 18 2703 7.3 The QoS IEEE 802 PIB .......................................... 48 2704 8 Security Considerations ......................................... 62 2705 9 Intellectual Property Considerations ............................ 62 2706 10 Authors' Addresses ............................................. 62 2707 11 References ..................................................... 63