idnits 2.17.1 draft-schoenw-6lowpan-mib-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but does not include the phrase in its RFC 2119 key words list. -- The document date (October 18, 2012) is 4206 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-02) exists of draft-lhotka-netmod-yang-json-00 Summary: 0 errors (**), 0 flaws (~~), 3 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet Engineering Task Force J. Schoenwaelder 3 Internet-Draft A. Sehgal 4 Intended status: Standards Track Jacobs University 5 Expires: April 21, 2013 T. Tsou 6 Huawei Technologies (USA) 7 C. Zhou 8 Huawei Technologies 9 October 18, 2012 11 Definition of Managed Objects for IPv6 over Low-Power Wireless Personal 12 Area Networks (6LoWPANs) 13 draft-schoenw-6lowpan-mib-01 15 Abstract 17 This memo defines a portion of the Management Information Base (MIB) 18 for use with network management protocols in the Internet community. 19 In particular, it defines objects for managing IPv6 over Low-Power 20 Wireless Personal Area Networks (6LoWPANs). 22 Status of This Memo 24 This Internet-Draft is submitted in full conformance with the 25 provisions of BCP 78 and BCP 79. 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF). Note that other groups may also distribute 29 working documents as Internet-Drafts. The list of current Internet- 30 Drafts is at http://datatracker.ietf.org/drafts/current/. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 This Internet-Draft will expire on April 21, 2013. 39 Copyright Notice 41 Copyright (c) 2012 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents 46 (http://trustee.ietf.org/license-info) in effect on the date of 47 publication of this document. Please review these documents 48 carefully, as they describe your rights and restrictions with respect 49 to this document. Code Components extracted from this document must 50 include Simplified BSD License text as described in Section 4.e of 51 the Trust Legal Provisions and are provided without warranty as 52 described in the Simplified BSD License. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 57 2. The Internet-Standard Management Framework . . . . . . . . . . 3 58 3. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 59 4. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 60 5. Relationship to Other MIB Modules . . . . . . . . . . . . . . 4 61 6. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 4 62 7. Security Considerations . . . . . . . . . . . . . . . . . . . 10 63 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 64 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 11 65 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11 66 10.1. Normative References . . . . . . . . . . . . . . . . . . 11 67 10.2. Informative References . . . . . . . . . . . . . . . . . 12 68 Appendix A. JSON Representation . . . . . . . . . . . . . . . . . 12 70 1. Introduction 72 This memo defines a portion of the Management Information Base (MIB) 73 for use with network management protocols. In particular it defines 74 objects for managing IPv6 over Low-Power Wireless Personal Area 75 Networks (6LoWPANs) [RFC4944]. 77 2. The Internet-Standard Management Framework 79 For a detailed overview of the documents that describe the current 80 Internet-Standard Management Framework, please refer to section 7 of 81 RFC 3410 [RFC3410]. 83 Managed objects are accessed via a virtual information store, termed 84 the Management Information Base or MIB. MIB objects are generally 85 accessed through the Simple Network Management Protocol (SNMP). 86 Objects in the MIB are defined using the mechanisms defined in the 87 Structure of Management Information (SMI). This memo specifies a MIB 88 module that is compliant to the SMIv2, which is described in STD 58, 89 RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 90 [RFC2580]. 92 3. Conventions 94 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 95 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 96 document are to be interpreted as described in RFC 2119 [RFC2119]. 98 4. Overview 100 The MIB module is organized into groups of scalars and tables. 102 # LOWPAN-MIB registration tree (generated by smidump 0.4.8) 104 --lowpanMIB(1.3.6.1.2.1.XXXX) 105 +--lowpanNotifications(0) 106 +--lowpanObjects(1) 107 | +--lowpanGeneral(1) 108 | | +-- rwn Unsigned32 lowpanReasmTimeout(1) 109 | +--lowpanStats(2) 110 | +-- r-n Counter32 lowpanStatsInReceives(1) 111 | +-- r-n Counter32 lowpanStatsInHdrErrors(2) 112 | +-- r-n Counter32 lowpanStatsReasmReqds(3) 113 | +-- r-n Counter32 lowpanStatsReasmOKs(4) 114 | +-- r-n Counter32 lowpanStatsReasmFails(5) 115 | +-- r-n Counter32 lowpanStatsInDiscards(6) 116 | +-- r-n Counter32 lowpanStatsInDelivers(7) 117 | +-- r-n Counter32 lowpanStatsOutRequests(8) 118 | +-- r-n Counter32 lowpanStatsOutDiscards(9) 119 | +-- r-n Counter32 lowpanStatsOutFragReqds(10) 120 | +-- r-n Counter32 lowpanStatsOutFragOKs(11) 121 | +-- r-n Counter32 lowpanStatsOutFragFails(12) 122 | +-- r-n Counter32 lowpanStatsOutFragCreates(13) 123 | +-- r-n Counter32 lowpanStatsOutTransmits(14) 124 +--lowpanConformance(2) 125 +--lowpanGroups(1) 126 | +--lowpanGeneralGroup(1) 127 | +--lowpanStatsGroup(2) 128 +--lowpanCompliances(2) 129 +--lowpanFullCompliance(1) 130 +--lowpanReadOnlyCompliance(2) 132 5. Relationship to Other MIB Modules 134 The MIB module IMPORTS definitions from SNMPv2-SMI [RFC2578] and 135 SNMPv2-CONF [RFC2580]. 137 6. Definitions 139 LOWPAN-MIB DEFINITIONS ::= BEGIN 141 IMPORTS 142 MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, Counter32, mib-2 143 FROM SNMPv2-SMI -- RFC 2578 144 OBJECT-GROUP, MODULE-COMPLIANCE 145 FROM SNMPv2-CONF; -- RFC 2580 147 lowpanMIB MODULE-IDENTITY 148 LAST-UPDATED "201210180000Z" 149 ORGANIZATION 150 "Jacobs University Bremen" 151 CONTACT-INFO 152 "Juergen Schoenwaelder 153 Jacobs University Bremen 154 Email: j.schoenwaelder@jacobs-university.de 156 Anuj Sehgal 157 Jacobs University Bremen 158 Email: s.anuj@jacobs-university.de 160 Tina Tsou 161 Huawei Technologies 162 Email: tina.tsou.zouting@huawei.com 164 Cathy Zhou 165 Huawei Technologies 166 Email: cathyzhou@huawei.com" 167 DESCRIPTION 168 "The MIB module for monitoring nodes implementing the IPv6 169 over Low-Power Wireless Personal Area Networks (6LoWPAN) 170 protocol. 172 Copyright (c) 2012 IETF Trust and the persons identified as 173 authors of the code. All rights reserved. 175 Redistribution and use in source and binary forms, with or 176 without modification, is permitted pursuant to, and subject 177 to the license terms contained in, the Simplified BSD 178 License set forth in Section 4.c of the IETF Trust's 179 Legal Provisions Relating to IETF Documents 180 (http://trustee.ietf.org/license-info)." 182 REVISION "201210180000Z" 183 DESCRIPTION 184 "Initial version, published as RFC XXXX." 185 -- RFC Ed.: replace XXXX with actual RFC number & remove this note 187 ::= { mib-2 XXXX } 189 -- object definitions 191 lowpanNotifications OBJECT IDENTIFIER ::= { lowpanMIB 0 } 192 lowpanObjects OBJECT IDENTIFIER ::= { lowpanMIB 1 } 193 lowpanConformance OBJECT IDENTIFIER ::= { lowpanMIB 2 } 195 lowpanGeneral OBJECT IDENTIFIER ::= { lowpanObjects 1 } 196 lowpanStats OBJECT IDENTIFIER ::= { lowpanObjects 2 } 197 lowpanReasmTimeout OBJECT-TYPE 198 SYNTAX Unsigned32 199 UNITS "seconds" 200 MAX-ACCESS read-write 201 STATUS current 202 DESCRIPTION 203 "The maximum number of seconds that received fragments are 204 held while they are awaiting reassembly at this entity." 205 ::= { lowpanGeneral 1 } 207 lowpanStatsInReceives OBJECT-TYPE 208 SYNTAX Counter32 209 MAX-ACCESS read-only 210 STATUS current 211 DESCRIPTION 212 "The total number of datagrams received, including those 213 received in error." 214 ::= { lowpanStats 1 } 216 lowpanStatsInHdrErrors OBJECT-TYPE 217 SYNTAX Counter32 218 MAX-ACCESS read-only 219 STATUS current 220 DESCRIPTION 221 "The number of received datagrams discarded due to errors 222 in their headers, including unknown dispatch values, 223 errors discovered during any decompression attempts, etc." 224 ::= { lowpanStats 2 } 226 lowpanStatsReasmReqds OBJECT-TYPE 227 SYNTAX Counter32 228 MAX-ACCESS read-only 229 STATUS current 230 DESCRIPTION 231 "The number of received datagrams that needed to be 232 reassembled." 233 ::= { lowpanStats 3 } 235 lowpanStatsReasmOKs OBJECT-TYPE 236 SYNTAX Counter32 237 MAX-ACCESS read-only 238 STATUS current 239 DESCRIPTION 240 "The number of received datagrams successfully reassembled." 241 ::= { lowpanStats 4 } 243 lowpanStatsReasmFails OBJECT-TYPE 244 SYNTAX Counter32 245 MAX-ACCESS read-only 246 STATUS current 247 DESCRIPTION 248 "The number of failures detected by the re-assembly algorithm 249 (e.g., timeouts)." 250 ::= { lowpanStats 5 } 252 lowpanStatsInDiscards OBJECT-TYPE 253 SYNTAX Counter32 254 MAX-ACCESS read-only 255 STATUS current 256 DESCRIPTION 257 "The number of received datagrams for which no problems were 258 encountered to prevent their continued processing, but 259 were discarded (e.g., for lack of buffer space). Note that 260 this counter does not include any datagrams discarded while 261 awaiting re-assembly." 262 ::= { lowpanStats 6 } 264 lowpanStatsInDelivers OBJECT-TYPE 265 SYNTAX Counter32 266 MAX-ACCESS read-only 267 STATUS current 268 DESCRIPTION 269 "The total number of datagrams successfully delivered to the 270 IPv6 layer." 271 ::= { lowpanStats 7 } 273 lowpanStatsOutRequests OBJECT-TYPE 274 SYNTAX Counter32 275 MAX-ACCESS read-only 276 STATUS current 277 DESCRIPTION 278 "The total number of datagrams supplied by the IPv6 layer." 279 ::= { lowpanStats 8 } 281 lowpanStatsOutDiscards OBJECT-TYPE 282 SYNTAX Counter32 283 MAX-ACCESS read-only 284 STATUS current 285 DESCRIPTION 286 "The number of datagrams for which no problem was 287 encountered to prevent their transmission to their 288 destination, but were discarded (e.g., for lack of 289 buffer space).." 290 ::= { lowpanStats 9 } 292 lowpanStatsOutFragReqds OBJECT-TYPE 293 SYNTAX Counter32 294 MAX-ACCESS read-only 295 STATUS current 296 DESCRIPTION 297 "The number of datagrams that would require fragmentation 298 in order to be transmitted." 299 ::= { lowpanStats 10 } 301 lowpanStatsOutFragOKs OBJECT-TYPE 302 SYNTAX Counter32 303 MAX-ACCESS read-only 304 STATUS current 305 DESCRIPTION 306 "The number of IP datagrams that have been successfully 307 fragmented." 308 ::= { lowpanStats 11 } 310 lowpanStatsOutFragFails OBJECT-TYPE 311 SYNTAX Counter32 312 MAX-ACCESS read-only 313 STATUS current 314 DESCRIPTION 315 "The number of IP datagrams that have been discarded because 316 they needed to be fragmented but could not be." 317 ::= { lowpanStats 12 } 319 lowpanStatsOutFragCreates OBJECT-TYPE 320 SYNTAX Counter32 321 MAX-ACCESS read-only 322 STATUS current 323 DESCRIPTION 324 "The number of datagram fragments that have been 325 generated as a result of fragmentation." 326 ::= { lowpanStats 13 } 328 lowpanStatsOutTransmits OBJECT-TYPE 329 SYNTAX Counter32 330 MAX-ACCESS read-only 331 STATUS current 332 DESCRIPTION 333 "The total number of datagram fragments that this entity 334 supplied to the lower layers for transmission." 335 ::= { lowpanStats 14 } 337 -- conformance definitions 339 lowpanGroups OBJECT IDENTIFIER ::= { lowpanConformance 1 } 340 lowpanCompliances OBJECT IDENTIFIER ::= { lowpanConformance 2 } 341 lowpanFullCompliance MODULE-COMPLIANCE 342 STATUS current 343 DESCRIPTION 344 "Compliance statement for implementations supporting 345 read/write access, according to the object definitions." 346 MODULE -- this module 347 MANDATORY-GROUPS { 348 lowpanGeneralGroup, 349 lowpanStatsGroup 350 } 351 ::= { lowpanCompliances 1 } 353 lowpanReadOnlyCompliance MODULE-COMPLIANCE 354 STATUS current 355 DESCRIPTION 356 "Compliance statement for implementations supporting 357 only readonly access." 358 MODULE -- this module 359 MANDATORY-GROUPS { 360 lowpanGeneralGroup, 361 lowpanStatsGroup 362 } 364 OBJECT lowpanReasmTimeout 365 MIN-ACCESS read-only 366 DESCRIPTION 367 "Write access is not required." 369 ::= { lowpanCompliances 2 } 371 lowpanGeneralGroup OBJECT-GROUP 372 OBJECTS { 373 lowpanReasmTimeout 374 } 375 STATUS current 376 DESCRIPTION 377 "A collection of objects providing general information about 378 the 6LoWPAN implementation." 379 ::= { lowpanGroups 1 } 381 lowpanStatsGroup OBJECT-GROUP 382 OBJECTS { 383 lowpanStatsInReceives, 384 lowpanStatsInHdrErrors, 385 lowpanStatsReasmReqds, 386 lowpanStatsReasmOKs, 387 lowpanStatsReasmFails, 388 lowpanStatsInDiscards, 389 lowpanStatsInDelivers, 390 lowpanStatsOutRequests, 391 lowpanStatsOutDiscards, 392 lowpanStatsOutFragReqds, 393 lowpanStatsOutFragOKs, 394 lowpanStatsOutFragFails, 395 lowpanStatsOutFragCreates, 396 lowpanStatsOutTransmits 397 } 398 STATUS current 399 DESCRIPTION 400 "A collection of objects providing statistics about 401 the 6LoWPAN implementation." 402 ::= { lowpanGroups 2 } 404 END 406 7. Security Considerations 408 There are a number of management objects defined in this MIB module 409 with a MAX-ACCESS clause of read-write and/or read-create. Such 410 objects may be considered sensitive or vulnerable in some network 411 environments. The support for SET operations in a non-secure 412 environment without proper protection can have a negative effect on 413 network operations. These are the tables and objects and their 414 sensitivity/vulnerability: 416 o lowpanReasmTimeout: This object controls how long received 417 fragments are kept in memory awaiting reassembly. An attacker 418 might set this object to a very small value in order to prevent 419 successful reassembly of fragmented IPv6 packets. An attacker 420 might as well set this object to a very large value in order to 421 reserve memory for a long time as part of a denial of service 422 attack. 424 Some of the readable objects in this MIB module (i.e., objects with a 425 MAX-ACCESS other than not-accessible) may be considered sensitive or 426 vulnerable in some network environments. It is thus important to 427 control even GET and/or NOTIFY access to these objects and possibly 428 to even encrypt the values of these objects when sending them over 429 the network via SNMP. These are the tables and objects and their 430 sensitivity/vulnerability: 432 The read-only counters provide insights into the amount of 6LoWPAN 433 traffic a node is receiving or transmitting. This might provide 434 information whether a device is regularly exchanging information with 435 other devices or whether a device is mostly not participating in any 436 communication (e.g., the device might be "easier" to take away 437 unnoticed). The reassembly counters could be used to direct denial 438 of service attacks on the reassembly mechanism. 440 SNMP versions prior to SNMPv3 did not include adequate security. 441 Even if the network itself is secure (for example by using IPsec), 442 even then, there is no control as to who on the secure network is 443 allowed to access and GET/SET (read/change/create/delete) the objects 444 in this MIB module. 446 It is RECOMMENDED that implementers consider the security features as 447 provided by the SNMPv3 framework (see [RFC3410], section 8), 448 including full support for the SNMPv3 cryptographic mechanisms (for 449 authentication and privacy). 451 Further, deployment of SNMP versions prior to SNMPv3 is NOT 452 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 453 enable cryptographic security. It is then a customer/operator 454 responsibility to ensure that the SNMP entity giving access to an 455 instance of this MIB module is properly configured to give access to 456 the objects only to those principals (users) that have legitimate 457 rights to indeed GET or SET (change/create/delete) them. 459 8. IANA Considerations 461 IANA is requested to assign a value for "XXXX" under the 'mib-2' 462 subtree and to record the assignment in the SMI Numbers registry. 463 When the assignment has been made, the RFC Editor is asked to replace 464 "XXXX" (here and in the MIB module) with the assigned value and to 465 remove this note. 467 9. Acknowledgements 469 This specification borrows heavily from the IP-MIB defined in 470 [RFC4293]. 472 10. References 474 10.1. Normative References 476 [RFC2119] Bradner, S., "Key words for use in 477 RFCs to Indicate Requirement Levels", 478 BCP 14, RFC 2119, March 1997. 480 [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., 481 and J. Schoenwaelder, Ed., "Structure 482 of Management Information Version 2 483 (SMIv2)", STD 58, RFC 2578, 484 April 1999. 486 [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., 487 and J. Schoenwaelder, Ed., "Textual 488 Conventions for SMIv2", STD 58, 489 RFC 2579, April 1999. 491 [RFC2580] McCloghrie, K., Perkins, D., and J. 492 Schoenwaelder, "Conformance Statements 493 for SMIv2", STD 58, RFC 2580, 494 April 1999. 496 [RFC4944] Montenegro, G., Kushalnagar, N., Hui, 497 J., and D. Culler, "Transmission of 498 IPv6 Packets over IEEE 802.15.4 499 Networks", RFC 4944, September 2007. 501 10.2. Informative References 503 [RFC3410] Case, J., Mundy, R., Partain, D., and 504 B. Stewart, "Introduction and 505 Applicability Statements for Internet- 506 Standard Management Framework", 507 RFC 3410, December 2002. 509 [RFC4293] Routhier, S., "Management Information 510 Base for the Internet Protocol (IP)", 511 RFC 4293, April 2006. 513 [RFC6643] Schoenwaelder, J., "Translation of 514 Structure of Management Information 515 Version 2 (SMIv2) MIB Modules to YANG 516 Modules", RFC 6643, July 2012. 518 [I-D.lhotka-netmod-yang-json] Lhotka, L., "Modeling JSON Text with 519 YANG", 520 draft-lhotka-netmod-yang-json-00 (work 521 in progress), October 2012. 523 Appendix A. JSON Representation 525 Using the translation algorithm defined in [RFC6643], the SMIv2 526 module can be translated to YANG. Using the JSON representation of 527 data modeled in YANG defined in [I-D.lhotka-netmod-yang-json], the 528 objects defined in the MIB module can be represented in JSON as shown 529 below. The compact representation without any white space uses 468 530 octets. (Of course, this number depends on the number of octets 531 needed for the counter values.) 532 { 533 "LOWPAN-MIB:LOWPAN-MIB": { 534 "lowpanGeneral": { 535 "lowpanReasmTimeout": 120 536 }, 537 "lowpanStats": { 538 "lowpanStatsInReceives": 42, 539 "lowpanStatsInHdrErrors": 0, 540 "lowpanStatsReasmReqds": 22, 541 "lowpanStatsReasmOKs": 20, 542 "lowpanStatsReasmFails": 2, 543 "lowpanStatsInDiscards": 1, 544 "lowpanStatsInDelivers": 12, 545 "lowpanStatsOutRequests": 12, 546 "lowpanStatsOutDiscards": 0, 547 "lowpanStatsOutFragReqds": 5, 548 "lowpanStatsOutFragOKs": 5, 549 "lowpanStatsOutFragFails": 0, 550 "lowpanStatsOutFragCreates": 8, 551 "lowpanStatsOutTransmits": 15 552 } 553 } 554 } 556 Authors' Addresses 558 Juergen Schoenwaelder 559 Jacobs University 560 Campus Ring 1 561 Bremen 28759 562 Germany 564 EMail: j.schoenwaelder@jacobs-university.de 566 Anuj Sehgal 567 Jacobs University 568 Campus Ring 1 569 Bremen 28759 570 Germany 572 EMail: s.anuj@jacobs-university.de 573 Tina Tsou 574 Huawei Technologies (USA) 575 2330 Central Expressway 576 Santa Clara CA 95050 577 USA 579 EMail: tina.tsou.zouting@huawei.com 581 Cathy Zhou 582 Huawei Technologies 583 Bantian, Longgang District 584 Shenzhen 518129 585 P.R. China 587 EMail: cathyzhou@huawei.com