Skip to main content

BFD Management Information Base (MIB) extensions for MPLS and MPLS-TP Networks
draft-ietf-bfd-mpls-mib-03

The information below is for an old version of the document.
Document Type
This is an older version of an Internet-Draft whose latest revision state is "Expired".
Authors Sam Aldrin , Venkatesan Mahalingam , Kannan KV Sampath , Thomas Nadeau
Last updated 2013-12-26
Replaces draft-vkst-bfd-mpls-mib
RFC stream Internet Engineering Task Force (IETF)
Formats
Additional resources Mailing list discussion
Stream WG state WG Document
Document shepherd (None)
IESG IESG state I-D Exists
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)
draft-ietf-bfd-mpls-mib-03
Network Working Group                                                   
INTERNET-DRAFT                                                Sam Aldrin
Intended Status: Standards Track                     Huawei Technologies
Expires: June 29, 2014                                      M.Venkatesan
                                                               Dell Inc.
                                                       Kannan KV Sampath
                                                         Redeem Software
                                                        Thomas D. Nadeau
                                                                        

                                                       December 26, 2013

           BFD Management Information Base (MIB) extensions 
                     for MPLS and MPLS-TP Networks
                       draft-ietf-bfd-mpls-mib-03

Abstract

   This draft defines a portion of the Management Information Base (MIB)
   for use with network management protocols in the Internet community.
   In particular, it extends the BFD Management Information Base BFD-
   STD-MIB and describes the managed objects for modeling Bidirectional
   Forwarding Detection (BFD) protocol for MPLS and MPLS-TP networks.

Status of this Memo

   This Internet-Draft is submitted to IETF in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on June 29, 2014.
 

Aldrin,  et al.          Expires June 29, 2014                  [Page 1]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

Copyright Notice

   Copyright (c) 2013 IETF Trust and the persons identified as the
   document authors. All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document. Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document. Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . .  3
   2. The Internet-Standard Management Framework  . . . . . . . . . .  3
   3. Overview  . . . . . . . . . . . . . . . . . . . . . . . . . . .  3
     3.1 Conventions used in this document  . . . . . . . . . . . . .  3
     3.2 Terminology  . . . . . . . . . . . . . . . . . . . . . . . .  3
   4. Acronyms  . . . . . . . . . . . . . . . . . . . . . . . . . . .  4
   5. Brief description of MIB Objects  . . . . . . . . . . . . . . .  4
     5.1. Extensions to the BFD session table (bfdSessionTable) . . .  4
     5.2. Example of BFD session configuration  . . . . . . . . . . .  6
       5.2.1 Example of BFD Session configuration for MPLS TE
             tunnel . . . . . . . . . . . . . . . . . . . . . . . . .  6
       5.2.2 Example of BFD Session configuration for ME of MPLS-TP
             TE tunnel  . . . . . . . . . . . . . . . . . . . . . . .  7
     5.3. BFD objects for session performance counters  . . . . . . .  9
   6. BFD-EXT-STD-MIB Module Definition . . . . . . . . . . . . . . . 10
   7. Security Considerations . . . . . . . . . . . . . . . . . . . . 18
   8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 20
   9. References  . . . . . . . . . . . . . . . . . . . . . . . . . . 20
     9.1 Normative References . . . . . . . . . . . . . . . . . . . . 20
     9.2 Informative References . . . . . . . . . . . . . . . . . . . 21
   10. Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 22
   11. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 22

 

Aldrin,  et al.          Expires June 29, 2014                  [Page 2]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

1  Introduction

   The current MIB for BFD as defined by BFD-STD-MIB is used for
   neighbor monitoring in IP networks. The BFD session association to
   the neighbors being monitored is done using the source and
   destination IP addresses of the neighbors configured using the
   respective MIB objects.

   To monitor MPLS/MPLS-TP paths like tunnels or Pseudowires, there is a
   necessity to identify or associate the BFD session to those paths. 

   This memo defines an portion of the Management Information Base (MIB)
   for use with network management protocols in the Internet community.
   In particular, it extends the BFD Management Information Base BFD-
   STD-MIB and describes the managed objects to configure and/or monitor
   Bidirectional Forwarding Detection (BFD) protocol for MPLS [RFC5884]
   and MPLS-TP networks [RFC6428].

2. The Internet-Standard Management Framework

   For a detailed overview of the documents that describe the current
   Internet-Standard Management Framework, please refer to section 7 of
   RFC3410 [RFC3410].

   Managed objects are accessed via a virtual information store, termed
   the Management Information Base or MIB. MIB objects are generally
   accessed through the Simple Network Management Protocol (SNMP).
   Objects in the MIB are defined using the mechanisms defined in the
   Structure of Management Information (SMI). This memo specifies a MIB
   module that is compliant to the SMIv2, which is described in STD 58,
   RFC2578, STD 58, RFC2579 and STD58, RFC2580.

3. Overview

3.1 Conventions used in this document

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC-2119 [RFC2119].

3.2 Terminology

   This document adopts the definitions, acronyms and mechanisms
   described in [BFD], [BFD-1HOP], [BFD-MH], [RFC5884], [RFC6428]. 
   Unless otherwise stated, the mechanisms described therein will not be
   re-described here.

 

Aldrin,  et al.          Expires June 29, 2014                  [Page 3]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

4. Acronyms

   BFD: Bidirectional Forwarding Detection
   CC: Continuity Check
   CV: Connectivity Verification
   IP: Internet Protocol
   LDP: Label Distribution Protocol
   LOC: Loss Of Continuity
   LSP: Label Switching Path
   LSR: Label Switching Router
   ME: Maintenance Entity
   MEG: Maintenance Entity Group
   MEP: Maintenance Entity End-Point
   MIP: Maintenance Entity Group Intermediate Point
   MIB: Management Information Base
   MPLS: Multi-Protocol Label Switching
   MPLS-TP: MPLS Transport Profile
   OAM: Operations, Administration, and Maintenance
   PW: Pseudo Wire
   RDI: Remote Defect Indication
   TE: Traffic Engineering 
   TP: Transport Profile

5. Brief description of MIB Objects

   The objects described in this section support the functionality
   described in documents [RFC5884] and [RFC6428].  The objects are
   defined as an extension to the BFD base MIB defined by BFD-STD-MIB.

5.1. Extensions to the BFD session table (bfdSessionTable)

   The BFD session table used to identify a BFD session between a pair
   of nodes, as defined in BFD-STD-MIB, is extended with managed objects
   to achieve the required functionality in MPLS and MPLS-TP networks as
   described below:

      1. SessionRole - Active/Passive role specification for the BFD
         session configured on the node. Either end of a BFD session
         can be configured as Active/Passive to determine which
         end starts transmitting the BFD control packets. 

      2. SessionMode - Defines the mode in which BFD
         session is running, defined as below:
            i.  CC - Indicates Continuity Check and RDI operations. 

            ii. CV - Indicates Continuity Check, Connectivity
                     Verification and RDI operations.

 

Aldrin,  et al.          Expires June 29, 2014                  [Page 4]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

      3. Timer Negotiation Flag - Provides for timer negotiation
         to be enabled or disabled. This object can be used to tune
         the detection of period mis-configuration.

      4. Map Type - Indicates the type of the path being monitored by
         the BFD session.
      This object can take the following values:

      For BFD session over MPLS based paths: 

      nonTeIpv4 (1) - BFD session configured for Non-TE
                      IPv4 path
      nonTeIpv6 (2) - BFD session configured for Non-TE
                      IPv6 path
      teIpv4 (3) - BFD session configured for a TE
                   IPv4 path
      teIpv6 (4) - BFD session configured for a TE
                   IPv6 path
      pw (5) - BFD session configured for a pseudowire

      For MPLS-TP based paths:

      mep (6) - BFD session configured for an MPLS-TP path
      (Bidirectional tunnel, PW or Sections) will map to
      the corresponding maintenance entity.

      5. Map Pointer

      A Row Pointer object which can be used to point to the first
      accessible object in the respective instance of the table entry
      identifying the path being monitored (mplsXCEntry[RFC3813]/
      mplsTunnelEntry[RFC3812]/pwEntry[RFC5601] respectively for 
      LSP/Tunnel/PW). 

      For NON-TE LSP, the map pointer points to the corresponding 
      mplsXCEntry. 

      For TE based tunnel, the map pointer points to the corresponding
      instance of the mplsTunnelEntry.

      For PW, this object points to the corresponding instance of
      pwEntry.

      For MPLS-TP paths, this object points to the corresponding 
      instance of mplsOamIdMeEntry[MPLS-OAM-ID-STD-MIB] configured to
      monitor the MPLS-TP path associated with the BFD session.

      6. Usage of existing object bfdSessType:
 

Aldrin,  et al.          Expires June 29, 2014                  [Page 5]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

      Additionally existing object "bfdSessType" in the BFD base MIB 
      [BFD-STD-MIB] can be used with the already defined value 
      multiHopOutOfBandSignaling(3) to specify an OOB (Out of band) 
      mechanism [E.g. LSP Ping] for bootstrapping the BFD session.

5.2. Example of BFD session configuration

   This section provides an example of BFD session configuration
   for an MPLS and MPLS-TP TE tunnel. This example is only meant 
   to enable an understanding of the proposed extension and does not
   illustrate every permutation of the MIB. 

5.2.1 Example of BFD Session configuration for MPLS TE tunnel

   This section provides an example BFD session configuration
   for an MPLS TE tunnel.

   The following denotes the configured tunnel "head" entry:

      In mplsTunnelTable:
      {
       mplsTunnelIndex              = 100,
       mplsTunnelInstance           = 1,
       mplsTunnelIngressLSRId       = 192.0.2.1,
       mplsTunnelEgressLSRId        = 192.0.2.3,
       mplsTunnelName               = "Tunnel",
       ...
       mplsTunnelSignallingProto    = none (1),
       mplsTunnelSetupPrio          = 0,
       mplsTunnelHoldingPrio        = 0,
       mplsTunnelSessionAttributes  = 0,
       mplsTunnelLocalProtectInUse  = false (0),
       mplsTunnelResourcePointer    = mplsTunnelResourceMaxRate.5,
       mplsTunnelInstancePriority   = 1,
       mplsTunnelHopTableIndex      = 1,
       mplsTunnelIncludeAnyAffinity = 0,
       mplsTunnelIncludeAllAffinity = 0,
       mplsTunnelExcludeAnyAffinity = 0,
       mplsTunnelPathInUse          = 1,
       mplsTunnelRole               = head (1),
       ...
       mplsTunnelRowStatus          = Active
       }

       BFD session parameters used to monitor this tunnel should be 
       configured on head-end as follows:

 

Aldrin,  et al.          Expires June 29, 2014                  [Page 6]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

       In bfdSessTable:
       BfdSessEntry ::= SEQUENCE {
        -- BFD session index
        bfdSessIndex                  = 2,
        bfdSessVersionNumber          = 1, 
        -- LSP Ping used for OOB bootstrapping
        bfdSessType  = multiHopOutOfBandSignaling,
        ...
        bfdSessAdminStatus            = start,
        ...
        bfdSessDemandModeDesiredFlag  = false,
        bfdSessControlPlaneIndepFlag  = false,
        bfdSessMultipointFlag         = false,
        bfdSessDesiredMinTxInterval   = 100000,
        bfdSessReqMinRxInterval       = 100000,
        ...
        -- Indicates that the BFD session is to monitor
        -- an MPLS TE tunnel
        bfdMplsSessMapType         = teIpv4(3),

        -- OID of the first accessible object (mplsTunnelName) of
        -- the mplsTunnelEntry identifying the MPLS TE tunnel (being  
        -- monitored using BFD) in the MPLS  tunnel table. 
        -- A value of zeroDotzero indicates that no association
        -- has been made as yet between the BFD session and the path
        -- being monitored. 
        -- In the above OID example: 
        -- 100 -> Tunnel Index
        -- 1 -> Tunnel instance 
        -- 3221225985 -> Ingress LSR Id 192.0.2.1
        -- 3221225987 -> Egress LSR Id 192.0.2.3
        bfdMplsSessMapPointer 
                  = mplsTunnelName.100.1.3221225985.3221225987,       
        bfdSessRowStatus      = createAndGo
        }

        Similarly BFD session would be configured on the tail-end of 
        the tunnel. Creating the above row will trigger 
        the bootstrapping of the session using LSP Ping and its
        subsequent establishment over the path by de-multiplexing of
        the control packets using the BFD session discriminators.

5.2.2 Example of BFD Session configuration for ME of MPLS-TP TE tunnel

   This example considers the OAM identifiers configuration on a
   head-end LSR to manage and monitor a co-routed bidirectional MPLS
   tunnel.
   Only relevant objects which are applicable for IP based OAM
 

Aldrin,  et al.          Expires June 29, 2014                  [Page 7]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

   identifiers of co-routed MPLS tunnel are illustrated here.

      In mplsOamIdMegTable:
      {
       -- MEG index (Index to the table)
         mplsOamIdMegIndex                 = 1,
         mplsOamIdMegName                  = "MEG1",
         mplsOamIdMegOperatorType          = ipCompatible (1),
         mplsOamIdMegServiceType           = lsp (1),
         mplsOamIdMegMpLocation            = perNode(1),
       -- Mandatory parameters needed to activate the row go here
         mplsOamIdMegRowStatus             = createAndGo (4)
      }

      This will create an entry in the mplsOamIdMegTable to manage and
      monitor the MPLS tunnel.

      The following ME table is used to associate the path information
      to a MEG.

      In mplsOamIdMeTable:
      {
         -- ME index (Index to the table)
          mplsOamIdMeIndex                  = 1,
         -- MP index (Index to the table)
          mplsOamIdMeMpIndex                = 1,
          mplsOamIdMeName                   = "ME1",
          mplsOamIdMeMpIfIndex              = 0,
          -- Source MEP id is derived from the IP compatible MPLS tunnel
          mplsOamIdMeSourceMepIndex         = 0,
          -- Source MEP id is derived from the IP compatible MPLS tunnel
          mplsOamIdMeSinkMepIndex           = 0,
          mplsOamIdMeMpType                 = mep (1),
          mplsOamIdMeMepDirection           = down (2),
          mplsOamIdMeProactiveOamPhbTCValue = 0,
          mplsOamIdMeOnDemandOamPhbTCValue  = 0,
         --  RowPointer MUST point to the first accessible column of an
         --  MPLS tunnel
          mplsOamIdMeServicePointer         = mplsTunnelName.1.1.1.2,
         -- Mandatory parameters needed to activate the row go here
          mplsOamIdMeRowStatus              = createAndGo (4)
      }

      BFD session parameters used to monitor this tunnel should be 
      configured on head-end as follows:

      In bfdSessTable:
      BfdSessEntry ::= SEQUENCE {
 

Aldrin,  et al.          Expires June 29, 2014                  [Page 8]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

        -- BFD session index
        bfdSessIndex                  = 2,
        bfdSessVersionNumber          = 1, 
        -- LSP Ping used for OOB bootstrapping
        bfdSessType  = multiHopOutOfBandSignaling,
        ...
        bfdSessAdminStatus            = start,
        ...
        bfdSessDemandModeDesiredFlag  = false,
        bfdSessControlPlaneIndepFlag  = false,
        bfdSessMultipointFlag         = false,
        bfdSessDesiredMinTxInterval   = 100000,
        bfdSessReqMinRxInterval       = 100000,
        ...
        -- Indicates that the BFD session is to monitor              
        -- a ME of an MPLS-TP TE tunnel
        bfdMplsSessMapType         = mep(6),

        bfdMplsSessMapPointer 
                    = mplsOamIdMeName.1.1.1,       
        bfdSessRowStatus      = createAndGo
      }

     Similarly BFD session would be configured on the tail-end of 
     the tunnel and creating the above row will trigger
     the bootstrapping of the session using LSP Ping and its subsequent
     establishment over the path by de-multiplexing of the control 
     packets using the BFD session discriminators.

5.3. BFD objects for session performance counters

     BFD-STD-MIB defines BFD Session Performance Table 
     (bfdSessionPerfTable), for collecting per-session BFD performance 
     counters, as an extension to the bfdSessionTable. 

     The bfdSessionPerfTable is extended with the performance counters 
     to collect Mis-connectivity Defect, Loss of Continuity Defect
     and RDI (Remote Defect Indication) counters.

     1. bfdMplsSessPerfMisDefCount - Mis-connectivity defect count
                                     for this BFD session.
     2. bfdMplsSessPerfLocDefCount - Loss of continuity defect count for
                                     this BFD session.
     3. bfdMplsSessPerfRdiInCount - Total number of RDI messages
                                    received for this BFD session.
     4. bfdMplsSessPerfRdiOutCount - Total number of RDI messages sent
                                     for this BFD session.

 

Aldrin,  et al.          Expires June 29, 2014                  [Page 9]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

6. BFD-EXT-STD-MIB Module Definition
       BFD-EXT-STD-MIB DEFINITIONS ::= BEGIN

       IMPORTS
         MODULE-IDENTITY, OBJECT-TYPE, mib-2,
             Counter32, zeroDotZero    
             FROM SNMPv2-SMI             -- [RFC2578]

         RowPointer,TruthValue,TEXTUAL-CONVENTION
             FROM SNMPv2-TC              -- [RFC2579]

         MODULE-COMPLIANCE, OBJECT-GROUP
             FROM SNMPv2-CONF            -- [RFC2580] 

         bfdSessIndex 
             FROM BFD-STD-MIB;

         bfdMplsMib MODULE-IDENTITY
         LAST-UPDATED "201312260000Z" -- December 26 2013
         ORGANIZATION "IETF Bidirectional Forwarding Detection
                       Working Group"
         CONTACT-INFO
            "
               Sam Aldrin
               Huawei Technologies
               2330 Central Express Way,
               Santa Clara, CA 95051, USA
         Email:  aldrin.ietf@gmail.com   

               Venkatesan Mahalingam
               Dell Inc.
               350 Holger Way, 
               San Jose,  CA 95134, USA
         Email: venkat.mahalingams@gmail.com

               Kannan KV Sampath
               Redeem Software
               India
         Email: kannankvs@gmail.com

               Thomas D. Nadeau
         Email: tnadeau@lucidvision.com"

         DESCRIPTION
             " Copyright (c) 2013 IETF Trust and the persons identified
               as the document authors. All rights reserved.
               This MIB module is an initial version containing objects
               to provide a proactive mechanism to detect faults using
 

Aldrin,  et al.          Expires June 29, 2014                 [Page 10]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

               BFD for MPLS and MPLS-TP networks."
         REVISION "201312260000Z" -- December 26 2013
         DESCRIPTION
          -- RFC Ed.: RFC-editor pls fill in xxxx
         ::=  { mib-2 XXX }  -- XXX to be replaced with correct value
         -- RFC Ed.: assigned by IANA

   -- ------------------------------------------------------------
   -- groups in the MIB
   -- ------------------------------------------------------------

         bfdMplsObjects         OBJECT IDENTIFIER ::= { bfdMplsMib 0 }
         bfdMplsConformance     OBJECT IDENTIFIER ::= { bfdMplsMib 1 }

   -- ------------------------------------------------------------
   -- Textual Conventions
   -- ------------------------------------------------------------

       SessionMapTypeTC ::= TEXTUAL-CONVENTION
           STATUS         current
           DESCRIPTION
             "Used to indicate the type of MPLS or MPLS-TP path
              associated to the session"
           SYNTAX INTEGER {
                    nonTeIpv4(1),    -- mapping into LDP IPv4
                    nonTeIpv6(2),    -- mapping into LDP IPv6
                    teIpv4(3),       -- mapping into TE IPv4
                    teIpv6(4),       -- mapping into TE IPv6
                    pw(5),           -- mapping into Pseudowires
                    mep(6)           -- mapping into MEPs in MPLS-TP 
                  }

       DefectActionTC ::= TEXTUAL-CONVENTION
           STATUS         current
           DESCRIPTION
             "The action to be taken when the mis-connectivity/loss of
              connectivity defect occurs in the MPLS or MPLS-TP
              path associated to the session"
           SYNTAX INTEGER {
                    alarmOnly(1),    -- Alarm only
                    alarmAndBlockData(2)  -- Alarm and block the data
                   }

   -- ------------------------------------------------------------------
   -- BFD session table extensions for MPLS and MPLS-TP BFD sessions
   -- ------------------------------------------------------------------
   -- bfdMplsSessTable - bfdSessTable Extension

 

Aldrin,  et al.          Expires June 29, 2014                 [Page 11]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

       bfdMplsSessTable   OBJECT-TYPE
           SYNTAX              SEQUENCE OF BfdMplsSessEntry
           MAX-ACCESS          not-accessible
           STATUS              current
           DESCRIPTION
             "This table is an extension to the bfdSessTable for
              configuring BFD sessions for MPLS or MPLS-TP paths."
       ::= { bfdMplsObjects 1 }

       bfdMplsSessEntry   OBJECT-TYPE
           SYNTAX              BfdMplsSessEntry
           MAX-ACCESS          not-accessible
           STATUS              current
           DESCRIPTION
             "A row in this table extends a row in bfdSessTable."
         INDEX { bfdSessIndex }
       ::= { bfdMplsSessTable 1 }

       BfdMplsSessEntry ::= SEQUENCE {
           bfdMplsSessRole               INTEGER,
           bfdMplsSessMode               INTEGER,
           bfdMplsSessTmrNegotiate       TruthValue,
           bfdMplsSessMapType            SessionMapTypeTC,
           bfdMplsSessMapPointer         RowPointer,
           bfdMplsSessMisConnectivityDefectAction DefectActionTC,
           bfdMplsSessLOCDefect DefectActionTC
       }

       bfdMplsSessRole  OBJECT-TYPE
           SYNTAX      INTEGER {
                         active(1),
                         passive(2)
                       }
           MAX-ACCESS  read-create
           STATUS      current
           DESCRIPTION
             "This object specifies whether the system is playing the
              active(1) role or the passive(2) role for this
              BFD session."
           REFERENCE
               "RFC 5880, Section 6.1"
           DEFVAL { active }
       ::= { bfdMplsSessEntry 1 }

       bfdMplsSessMode  OBJECT-TYPE
           SYNTAX      INTEGER {
                         cc(1),
                         cv(2)
 

Aldrin,  et al.          Expires June 29, 2014                 [Page 12]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

                       }
           MAX-ACCESS  read-create
           STATUS      current
           DESCRIPTION
             "This object specifies whether the BFD session is running
              in Continuity Check(CC) or the Connectivity
              Verification(CV) mode."
           REFERENCE
               "1.RFC6428, Proactive Connectivity Verification,
                  Continuity Check and Remote Defect Indication
                  for MPLS Transport Profile."
           DEFVAL { cc }
       ::= { bfdMplsSessEntry 2 }

       bfdMplsSessTmrNegotiate  OBJECT-TYPE
           SYNTAX             TruthValue
           MAX-ACCESS         read-create
           STATUS             current
           DESCRIPTION
             "This object specifies if timer negotiation is required for
              the BFD session. When set to false, timer negotiation is
              disabled."
           DEFVAL { true }
       ::= { bfdMplsSessEntry 3 }

       bfdMplsSessMapType OBJECT-TYPE
           SYNTAX             SessionMapTypeTC
           MAX-ACCESS         read-create
           STATUS             current
           DESCRIPTION
             "This object indicates the type of path being monitored
              by this BFD session entry."
           DEFVAL { nonTeIpv4 }
       ::= { bfdMplsSessEntry 4 }

       bfdMplsSessMapPointer OBJECT-TYPE
           SYNTAX           RowPointer
           MAX-ACCESS       read-create
           STATUS           current
           DESCRIPTION
             "If bfdMplsSessMapType is nonTeIpv4(1) or nonTeIpv6(2),
              then this object MUST contain zeroDotZero or point to
              an instance of the mplsXCEntry indicating the LDP-based
              LSP associated with this BFD session.

              If bfdMplsSessMapType is teIpv4(3) or teIpv6(4), then
              this object MUST contain zeroDotZero or point to
              an instance of the mplsTunnelEntry indicating
 

Aldrin,  et al.          Expires June 29, 2014                 [Page 13]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

              the RSVP-based MPLS TE tunnel associated with this
              BFD session.

              If bfdMplsSessMapType is pw(5), then this object MUST
              contain zeroDotZero or point to an instance of
              the pwEntry indicating the MPLS Pseudowire associated
              with this BFD session.

              If bfdMplsSessMapTpye is mep(6). then this object MUST
              contain zeroDotZero or point to an instance identifying
              the mplsOamIdMeEntry configured for monitoring the MPLS-TP
              path associated with this BFD session.

              If this object points to a conceptual row instance
              in a table consistent with bfdMplsSessMapType but this
              instance does not currently exist then no valid
              path is associated with this session entry.

              If this object contains zeroDotZero then no valid path is
              associated with this BFD session entry till it is
              populated with a valid pointer consistent with
              the value of bfdMplsSessMapType as explained above."
           REFERENCE
             "1. Multiprotocol Label Switching (MPLS) Traffic
                 Engineering (TE)Management Information Base (MIB),
                 [RFC3812].
              2. Multiprotocol Label Switching (MPLS) Label Switching
                 Router (LSR) Management Information Base (MIB),
                 [RFC3813].
              3. Pseudowire (PW) Management Information Base (MIB,
                 [RFC5601].
              4. MPLS-TP Operations, Administration, and Management
                (OAM) Identifiers Management Information Base (MIB), ID
                 draft-ietf-mpls-tp-oam-id-mib-04, December 2013."
            DEFVAL  { zeroDotZero }   
         ::= { bfdMplsSessEntry 5 }

        bfdMplsSessMisConnectivityDefectAction OBJECT-TYPE
           SYNTAX             DefectActionTC
           MAX-ACCESS         read-create
           STATUS             current
           DESCRIPTION
             "This object indicates the action to be taken when 
              the mis-connectivity defect is detected on 
              this BFD session."
           DEFVAL { alarmOnly }
       ::= { bfdMplsSessEntry 6 }

 

Aldrin,  et al.          Expires June 29, 2014                 [Page 14]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

       bfdMplsSessLOCDefect OBJECT-TYPE
           SYNTAX             DefectActionTC
           MAX-ACCESS         read-create
           STATUS             current
           DESCRIPTION
             "This object indicates the action to be taken when 
              the loss of continuity defect is detected on 
              this BFD session."
           DEFVAL { alarmOnly }
       ::= { bfdMplsSessEntry 7 }

   -- ------------------------------------------------------------------
   -- BFD Objects for Session performance
   -- -----------------------------------------------------------------
   -- bfdMplsSessPerfTable - bfdSessPerfTable Extension

       bfdMplsSessPerfTable     OBJECT-TYPE
           SYNTAX              SEQUENCE OF BfdMplsSessPerfEntry
           MAX-ACCESS          not-accessible
           STATUS              current
           DESCRIPTION
             "This table is an extension to the bfdSessPerfTable"
       ::= { bfdMplsObjects 2 }

       bfdMplsSessPerfEntry OBJECT-TYPE
           SYNTAX     BfdMplsSessPerfEntry
           MAX-ACCESS not-accessible
           STATUS     current
           DESCRIPTION
               "A row in this table extends the bfdSessPerfTable"
        INDEX { bfdSessIndex }
       ::= { bfdMplsSessPerfTable 1 }

       BfdMplsSessPerfEntry ::= SEQUENCE {
           bfdMplsSessPerfMisDefCount    Counter32,
           bfdMplsSessPerfLocDefCount    Counter32,
           bfdMplsSessPerfRdiInCount     Counter32,
           bfdMplsSessPerfRdiOutCount    Counter32
       }

       bfdMplsSessPerfMisDefCount OBJECT-TYPE
           SYNTAX          Counter32
           MAX-ACCESS      read-only
           STATUS          current
           DESCRIPTION
              "This object gives a count of the mis-connectivity defects
              detected for the BFD session. For instance, this count
              will be incremented when the received BFD control packet
 

Aldrin,  et al.          Expires June 29, 2014                 [Page 15]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

              carries an incorrect globally unique source
              MEP identifier."
       ::= { bfdMplsSessPerfEntry 1 }

       bfdMplsSessPerfLocDefCount OBJECT-TYPE
           SYNTAX          Counter32
           MAX-ACCESS      read-only
           STATUS          current
           DESCRIPTION
              "This object gives a count of the Loss of continuity
               defects detected in MPLS and MPLS-TP paths"
       ::= { bfdMplsSessPerfEntry 2 }

       bfdMplsSessPerfRdiInCount OBJECT-TYPE
           SYNTAX          Counter32
           MAX-ACCESS      read-only
           STATUS          current
           DESCRIPTION
              "This object gives a count of the Remote Defect
               Indications received for the BFD session."
       ::= { bfdMplsSessPerfEntry 3 }

       bfdMplsSessPerfRdiOutCount OBJECT-TYPE
           SYNTAX          Counter32
           MAX-ACCESS      read-only
           STATUS          current
           DESCRIPTION
              "This object gives a count of the Remote Defect
               Indications sent by the BFD session"
       ::= { bfdMplsSessPerfEntry 4 }

       -- Module compliance

       bfdMplsGroups
       OBJECT IDENTIFIER ::= { bfdMplsConformance 1 }

       bfdMplsCompliances
       OBJECT IDENTIFIER ::= { bfdMplsConformance 2 }

       -- Compliance requirement for fully compliant implementations.

       bfdMplsModuleFullCompliance MODULE-COMPLIANCE
       STATUS current
       DESCRIPTION
       "Compliance statement for agents that provide full
       support for the BFD-EXT-STD-MIB module. "

       MODULE -- This module.
 

Aldrin,  et al.          Expires June 29, 2014                 [Page 16]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

       MANDATORY-GROUPS {
           bfdSessionExtGroup,
           bfdSessionExtPerfGroup
       }
       ::= { bfdMplsCompliances 1 }

       -- Compliance requirement for read-only implementations.

       bfdMplsModuleReadOnlyCompliance MODULE-COMPLIANCE
       STATUS current
       DESCRIPTION
       "Compliance requirement for implementations that only
       provide read-only support for BFD-EXT-STD-MIB. Such devices
       can then be monitored but cannot be configured using
       this MIB module."

       MODULE -- This module.

       MANDATORY-GROUPS {
           bfdSessionExtGroup,
           bfdSessionExtPerfGroup
       }

       OBJECT       bfdMplsSessRole
       MIN-ACCESS   read-only
       DESCRIPTION  "Write access is not required."

       OBJECT       bfdMplsSessMode
       MIN-ACCESS   read-only
       DESCRIPTION  "Write access is not required."

       OBJECT       bfdMplsSessTmrNegotiate
       MIN-ACCESS   read-only
       DESCRIPTION  "Write access is not required."

       OBJECT       bfdMplsSessMapType
       MIN-ACCESS   read-only
       DESCRIPTION  "Write access is not required."

       OBJECT       bfdMplsSessMapPointer
       MIN-ACCESS   read-only
       DESCRIPTION  "Write access is not required."

       ::= { bfdMplsCompliances 2 }

       -- Units of conformance.

 

Aldrin,  et al.          Expires June 29, 2014                 [Page 17]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

      bfdSessionExtGroup OBJECT-GROUP
      OBJECTS {
                   bfdMplsSessRole,
                   bfdMplsSessMode,
                   bfdMplsSessTmrNegotiate,
                   bfdMplsSessMapType,
                   bfdMplsSessMapPointer,
                   bfdMplsSessMisConnectivityDefectAction,
                   bfdMplsSessLOCDefect
              }
      STATUS     current
      DESCRIPTION
            "Collection of objects needed for BFD monitoring for
            MPLS and MPLS-TP paths"
            ::= { bfdMplsGroups 1 }

      bfdSessionExtPerfGroup OBJECT-GROUP
      OBJECTS {
                  bfdMplsSessPerfMisDefCount,
                  bfdMplsSessPerfLocDefCount,
                  bfdMplsSessPerfRdiInCount,
                  bfdMplsSessPerfRdiOutCount
             }
     STATUS     current
     DESCRIPTION
           "Collection of objects needed to monitor the
            performance of BFD sessions on MPLS and MPLS-TP
            paths"
           ::= { bfdMplsGroups 2 }

     END

7. Security Considerations

   As BFD session for MPLS path may be tied into the stability of 
   the MPLS network infrastructure, the effects of an attack on a BFD
   session may be very serious.  This ultimately has denial-of-service
   effects, as links may be declared to be down (or falsely declared to
   be up.)  As such, improper configuration of the objects represented
   by this MIB may result in denial of service to a large number of end-
   users.

   There are a number of management objects defined in this MIB module
   with a MAX-ACCESS clause of read-write and/or read-create.  Such
   objects may be considered sensitive or vulnerable in some network
   environments.  The support for SET operations in a non-secure
   environment without proper protection can have a negative effect on
 

Aldrin,  et al.          Expires June 29, 2014                 [Page 18]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

   network operations.  

   There are a number of management objects defined in this MIB module
   with a MAX-ACCESS clause of read-write and/or read-create.  Such
   objects may be considered sensitive or vulnerable in some network
   environments.  It is thus important to control even GET and/or NOTIFY
   access to these objects and possibly to even encrypt the values of
   these objects when sending them over the network via SNMP.

    o  The bfdMplsSessTable may be used to directly configure BFD
       sessions for MPLS path.
       Unauthorized access to objects in this table could result in
       disruption of traffic on the network.  This is especially true if
       an unauthorized user configures enough tables to invoke a denial
       of service attack on the device where they are configured, or on
       a remote device where the sessions terminate.

   Some of the readable objects in this MIB module (i.e., objects with a
   MAX-ACCESS other than not-accessible) may be considered sensitive or
   vulnerable in some network environments.  It is thus important to
   control even GET and/or NOTIFY access to these objects and possibly
   to even encrypt the values of these objects when sending them over
   the network via SNMP.  These are the tables and objects and their
   sensitivity/vulnerability:

    o  The bfdSessPerfTable and bfdMplsSessPerfTable both allows access
       to the performance characteristics of BFD sessions for MPLS 
       paths. Network administrators not wishing to show 
       this information should consider this table sensitive.

   The bfdSessAuthenticationType, bfdSessAuthenticationKeyID, and
   bfdSessAuthenticationKey objects hold security methods and 
   associated security keys of BFD sessions for MPLS paths. These
   objects SHOULD be considered highly sensitive objects. In order
   for these sensitive information from being improperly accessed, 
   implementers MAY wish to disallow read and create access to these
   objects.

   SNMP versions prior to SNMPv3 did not include adequate security.
   Even if the network itself is secure "for example by using IPSec",
   even then, there is no control as to who on the secure network is
   allowed to access and GET/SET "read/change/create/delete" the objects
   in these MIB modules.

   It is RECOMMENDED that implementers consider the security features as
   provided by the SNMPv3 framework (see [RFC3410], section 8),
   including full support for the SNMPv3 cryptographic mechanisms "for
   authentication and privacy".
 

Aldrin,  et al.          Expires June 29, 2014                 [Page 19]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

   Further, deployment of SNMP versions prior to SNMPv3 is not 
   recommended.  Instead, it is RECOMMENDED to deploy SNMPv3 and to
   enable cryptographic security.  It is then a customer/operator
   responsibility to ensure that the SNMP entity giving access to an
   instance of this MIB module, is properly configured to give access to
   the objects only to those principals "users" that have legitimate
   rights to indeed GET or SET "change/create/delete" them.

8. IANA Considerations

      The MIB module in this document uses the following IANA-assigned
      OBJECT IDENTIFIER values recorded in the SMI Numbers registry:

           Descriptor        OBJECT IDENTIFIER value
           ----------        -----------------------

           bfdMplsMib            { mib-2 XXX }

      [Editor's Note (to be removed prior to publication): the IANA is
      requested to assign a value for "XXX" under the 'mib-2' subtree
      and to record the assignment in the SMI Numbers registry.  When
      the assignment has been made, the RFC Editor is asked to replace
      "XXX" here and in the MIB module) with the assigned value and 
      to remove this note.]

9. References

9.1 Normative References

      [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
                Requirement Levels", BCP 14, RFC 2119, March 1997.

      [BFD]      Katz, D. and D. Ward, "Bidirectional Forwarding
                 Detection (BFD)", RFC 5880, June 2010.

      [BFD-1HOP] Katz, D. and D. Ward, "Bidirectional Forwarding
                 Detection (BFD) for IPv4 and IPv6 (Single Hop)",
                 RFC 5881, June 2010.

      [BFD-MH]   Katz, D. and D. Ward, "Bidirectional Forwarding
                 Detection (BFD) for Multihop Paths", RFC 5883,
                 June 2010.

      [RFC5884] Aggarwal, R. et.al., "Bidirectional Forwarding
                 Detection (BFD) for MPLS Label Switched Paths (LSPs)",
                 RFC 5884, June 2010

 

Aldrin,  et al.          Expires June 29, 2014                 [Page 20]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

      [RFC6428] Allan, D., Swallow, G., Drake, J., "Proactive
                Connectivity Verification, Continuity Check and Remote
                Defect indication for MPLS Transport Profile", RFC
                6428, November 2011.

      [RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder,
                "Structure of Management Information Version 2 (SMIv2)",
                STD 58, RFC 2578, April 1999.

      [RFC2579] McCloghrie, K., Perkins, D., and J. Schoenwaelder,
                "Textual Conventions for SMIv2", STD 58, RFC 2579, April
                1999.

      [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder,
                "Conformance Statements for SMIv2", STD 58, RFC 2580,
                April 1999.

9.2 Informative References

      [RFC3410] J. Case, R. Mundy, D. pertain, B.Stewart, "Introduction
               and Applicability Statement for Internet Standard
               Management Framework", RFC 3410, December 2002.

      [RFC3812] Srinivasan, C., Viswanathan, A., and T. Nadeau,
               "Multiprotocol Label Switching (MPLS) Traffic Engineering
               (TE) Management Information Base (MIB)", RFC 3812, June
                2004.

      [RFC3813] Srinivasan, C., Viswanathan, A., and T. Nadeau,
                "Multiprotocol Label Switching (MPLS) Label Switching
                (LSR) Router Management Information Base (MIB)", 
                RFC 3813, June 2004.

      [RFC5601] T. Nadeau, Ed., D. Zelig, Ed., "Pseudowire (PW)
                Management Information Base (MIB)", RFC 5601,
                July 2009

      [BFD-STD-MIB] T. Nadeau, Z. Ali, N. Akiya "BFD Management
                    Information Base", ID draft-ietf-bfd-mib-16, 
                    November 2013. 

      [MPLS-OAM-ID-STD-MIB] Sam Aldrin, M.Venkatesan, Kannan KV Sampath,
                           Thomas D. Nadeau, Sami Boutros, Ping Pan,
                           "MPLS-TP Operations, Administration, and
                           Management (OAM) Identifiers Management
                           Information Base (MIB)", ID
                           draft-ietf-mpls-tp-oam-id-mib-04, 
                           December 2013.
 

Aldrin,  et al.          Expires June 29, 2014                 [Page 21]
INTERNET DRAFT        BFD Extensions for MPLS MIB      December 26, 2013

10. Acknowledgments

   The authors would like to thank Jeffrey Haas, Mukund Mani, 
   Lavanya Srivatsa, Muly Ilan and John Salloway for their valuable
   comments.

11. Authors' Addresses

   Sam Aldrin
   Huawei Technologies
   2330 Central Express Way,
   Santa Clara, CA 95051, USA
   Email:  aldrin.ietf@gmail.com

   Venkatesan Mahalingam
   Dell Inc.
   350 Holger Way, 
   San Jose,  CA 95134, USA
   Email: venkat.mahalingams@gmail.com

   Kannan KV Sampath
   Redeem Software
   India
   Email: kannankvs@gmail.com

   Thomas D. Nadeau
   Email: tnadeau@lucidvision.com

Aldrin,  et al.          Expires June 29, 2014                 [Page 22]