PCE Working Group D. Dhody
Internet-Draft U. Palle
Intended status: Standards Track Q. Zhao
Expires: September 12, 2011 Huawei Technology
D. King
Old Dog Consulting
March 11, 2011
Management Information Base for the PCE Communications Protocol (PCEP)
for Path-Key-Based Inter-Domain Path Computation
draft-dhody-pce-pcep-pathkey-mib-01
Abstract
This memo defines an experimental portion of the Management
Information Base for use with network management protocols in the
Internet community. In particular, it describes managed objects for
modeling of the Path Computation Element communication Protocol
(PCEP)for communications between a Path Computation Client (PCC)and a
Path Computation Element (PCE), or between two PCEs when path-key-
based inter-domain path computation is requested.
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on September 12, 2011.
Dhody, et al. Expires September 12, 2011 [Page 1]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
Copyright Notice
Copyright (c) 2010 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
This Internet-Draft will expire on September 12, 2011.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. The Internet-Standard Management Framework . . . . . . . . . . 4
4. PCEP Pathkey MIB Module Architecture . . . . . . . . . . . . . 4
5. Example of the PCEP PathKey MIB module usage . . . . . . . . . 4
6. Object definitions . . . . . . . . . . . . . . . . . . . . . . 5
6.1. PCE-PCEP-PATHKEY-DRAFT-MIB . . . . . . . . . . . . . . . . 5
6.2. Objects for inclusion in module PCE-PCEP-DRAFT-MIB . . . . 19
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 20
8. Security Considerations . . . . . . . . . . . . . . . . . . . 20
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 21
9.1. Normative References . . . . . . . . . . . . . . . . . . . 21
9.2. Informative References . . . . . . . . . . . . . . . . . . 22
Dhody, et al. Expires September 12, 2011 [Page 2]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
1. Introduction
The Path Computation Element (PCE) defined in [RFC4655] is an entity
that is capable of computing a network path or route based on a
network graph, and applying computational constraints. A Path
Computation Client (PCC) may make requests to a PCE for paths to be
computed.
The PCE communication protocol (PCEP) is designed as a communication
protocol between PCCs and PCEs for point-to-point (P2P) path
computations and is defined in [RFC5440].
If confidentiality is required between domains, Path-Key-Based
mechanism is described in [RFC 5520]. For preserving the
confidentiality of the "Confidential Path Segment (CPS)";the PCE
returns a path containing a loose hop in place of the segment that
must be kept confidential.
[PCE-PCEP-DRAFT-MIB] defines a portion of the Management Information
Base (MIB) for use with network management protocols in the Internet
community for P2P path computations.
This memo defines an experimental portion of the Management
Information Base for use with network management protocols in the
Internet community. In particular, it describes managed objects for
modeling of Path Computation Element communication Protocol
(PCEP)[RFC5440] for communications between a Path Computation Client
(PCC)and a Path Computation Element (PCE), or between two PCEs in
path-key-based inter-domain path computations.
Some objects maybe moved to [PCE-PCEP-DRAFT-MIB] after consensus with
the authors and working group, these are defined in section 6.2.
2. Terminology
The following terminology is used in this document.
CPS: Confidential Path Segment. A segment of a path that contains
nodes and links that the AS policy requires to not be disclosed
outside the AS.
Domain: Any collection of network elements within a common sphere of
address management or path computational responsibility. Examples
of domains include Interior Gateway Protocol (IGP) areas and
Autonomous Systems (ASs).
Dhody, et al. Expires September 12, 2011 [Page 3]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
IGP: Interior Gateway Protocol. Either of the two routing
protocols, Open Shortest Path First (OSPF) or Intermediate System
to Intermediate System (IS-IS).
PCC: Path Computation Client: any client application requesting a
path computation to be performed by a Path Computation Element.
PCE: Path Computation Element. An entity (component, application,
or network node) that is capable of computing a network path or
route based on a network graph and applying computational
constraints.
P2P: Point-to-Point
3. The Internet-Standard Management Framework
For a detailed overview of the documents that describe the current
Internet-Standard Management Framework, please refer to section 7 of
RFC 3410 [RFC3410].
Managed objects are accessed via a virtual information store, termed
the Management Information Base or MIB. MIB objects are generally
accessed through the Simple Network Management Protocol (SNMP).
Objects in the MIB are defined using the mechanisms defined in the
Structure of Management Information (SMI). This memo specifies a MIB
module that is compliant to the SMIv2, which is described in STD
58,RFC 2578 [RFC2578] and STD 58, RFC 2580 [RFC2580].
4. PCEP Pathkey MIB Module Architecture
The PCEP Pathkey MIB will contain the following information:
o PCEP Pathkey counters, timers and configurations
o PCEP Pathkey table of CPS related information.
5. Example of the PCEP PathKey MIB module usage
In this section we provide an example (pcePcepPathKeyTable 1) of
using the MIB objects described in Section 6 (Object definitions) to
monitor. While this example is not meant to illustrate every
permutation of the MIB, it is intended as an aid to understanding
some of the key concepts. It is meant to be read after going through
the MIB itself.
Dhody, et al. Expires September 12, 2011 [Page 4]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
pcePcepPathKeyTable 1 of the PCE-PCEP-PATHKEY-DRAFT-MIB module :
{
pcePcepPathKey (4512),
pcePcepPathKeyFirstHopIndex (1),
pcePcepPathKeyHopNum (2),
pcePcepPathKeyRequestSource (x.x.x.x),
pcePcepPathKeyRequestId (10),
pcePcepPathKeyRetrieved (1),
pcePcepPathKeyRetrieveSource (y.y.y.y),
pcePcepPathKeyDiscardTime (10),
pcePcepPathKeyReuseTime (30)
}
pcePcepPathKeyHopTable 1 of the PCE-PCEP-PATHKEY-DRAFT-MIB module :
{
pcePcepPathKeyHopIndex 1,
pcePcepPathKeyHopAddrType ipv4 (1),
pcePcepPathKeyHopIpAddr "192.168.100.1",
pcePcepPathKeyHopIpPrefixLen 32,
pcePcepPathKeyHopType strict (2)
}
{
pcePcepPathKeyHopIndex 2,
pcePcepPathKeyHopAddrType ipv4 (1),
pcePcepPathKeyHopIpAddr "192.168.100.2",
pcePcepPathKeyHopIpPrefixLen 32,
pcePcepPathKeyHopType strict (2)
}
6. Object definitions
6.1. PCE-PCEP-PATHKEY-DRAFT-MIB
This MIB module makes references to the following documents.
[RFC2578], [RFC2580], [RFC3411], [RFC2863], [RFC3813].
Dhody, et al. Expires September 12, 2011 [Page 5]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
PCE-PCEP-PATHKEY-DRAFT-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
Unsigned32,
Counter32,
OCTET STRING,
experimental
FROM SNMPv2-SMI -- [RFC2578]
TimeStamp
FROM SNMPv2-TC -- [RFC2579]
PcePcepIdentifier,
FROM PCE-TC-STD-MIB
MplsLSPID, MplsPathIndex, TeHopAddressType,
TeHopAddress, TeHopAddressUnnum
FROM MPLS-TC-STD-MIB -- [RFC3811]
MODULE-COMPLIANCE,
OBJECT-GROUP,
NOTIFICATION-GROUP
FROM SNMPv2-CONF; -- [RFC2580]
pcePcepPathkeyDraftMIB MODULE-IDENTITY
LAST-UPDATED "201103081200Z" --Mar 8, 2011
ORGANIZATION "Path Computation Element (PCE) Working Group"
CONTACT-INFO "
Dhruv Dhody
Udayasree Palle
Quintin Zhao
Huawei Technology
Daniel King
OldDog Consulting
EMail: dhruvd@huawei.com
EMail: udayasreepalle@huawei.com
EMail: qzhao@huawei.com
EMail: daniel@oldog.co.uk
EMail comments directly to the PCE WG Mailing List at pce@ietf.org
WG-URL: http://www.ietf.org/html.charters/pce-charter.html
"
DESCRIPTION
Dhody, et al. Expires September 12, 2011 [Page 6]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
"This MIB module defines a collection of objects for managing PCE
communication protocol(PCEP) for Path-Key-Based Inter-Domain Path
Computation"
-- Revision history
REVISION
"201103081200Z" -- 08 Mar 2011 12:00:00 EST
DESCRIPTION
"
Main Changes from -00 draft :
1. Added HopTable to store the CPS hops.
2. Added Path Key Creation Time.
REVISION
"201009171200Z" -- 17 Sep 2010 12:00:00 EST
DESCRIPTION
"draft-00 version"
::= { experimental 9999 } --
-- Notifications --
pcePcepPathKeyNotifications OBJECT IDENTIFIER ::=
{ pcePcepPathKeyDraftMIB 0 }
pcePcepPathKeyMIBObjects OBJECT IDENTIFIER ::=
{ pcePcepPathKeyDraftMIB 1 }
pcePcepPathKeyConformance OBJECT IDENTIFIER ::=
{ pcePcepPathKeyDraftMIB 2 }
pcePcepPathKeyObjects OBJECT IDENTIFIER ::=
{ pcePcepPathKeyMIBObjects 1 }
--
-- PCE Pathkey Objects
--
Dhody, et al. Expires September 12, 2011 [Page 7]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
pcePcepPathKeyDiscardTimer OBJECT-TYPE
SYNTAX Unsigned32
UNITS "minutes"
MAX-ACCESS read-write
STATUS mandatory
DESCRIPTION
"The value which indicates a period of time after the
expiration of which a PCE discard unwanted path-keys."
::= { pcePcepPathKeyObjects 1 }
pcePcepPathKeyReUseTimer OBJECT-TYPE
SYNTAX Unsigned32
UNITS "minutes"
MAX-ACCESS read-write
STATUS mandatory
DESCRIPTION
"The value which indicates a period of time which
should expire before an old path-key could be
reused for a new CPS."
::= { pcePcepPathKeyObjects 2 }
pcePcepPathKeyRetainStatus OBJECT-TYPE
SYNTAX INTEGER {
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS optional
DESCRIPTION
"The path-key retain status of this PCE to retain the
path-key and CPS for debugging purposes."
::= { pcePcepPathKeyObjects 3 }
pcePcepPathKeysGenerated OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of path-keys generated by this PCE."
::= { pcePcepPathKeyObjects 4 }
Dhody, et al. Expires September 12, 2011 [Page 8]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
pcePcepPathKeyExpandUnknown OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of attempts to expand an unknown
path-key."
::= { pcePcepPathKeyObjects 5 }
pcePcepPathKeyExpandExpired OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of attempts to expand an expired
path-key."
::= { pcePcepPathKeyObjects 6 }
pcePcepPathKeyExpandSame OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS optional
DESCRIPTION
"The number of attempts to expand the same
path-key."
::= { pcePcepPathKeyObjects 7 }
pcePcepPathKeyExpiredNoExpansion OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS optional
DESCRIPTION
"The number of path-keys expired without any attempt
to expand it."
::= { pcePcepPathKeyObjects 8 }
pcePcepPathKeyExpansionSuccess OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS optional
DESCRIPTION
"The number of path-key expansion requests (PCReq)
which had successful retrieval."
::= { pcePcepPathKeyObjects 9 }
Dhody, et al. Expires September 12, 2011 [Page 9]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
pcePcepPathKeyExpansionFailures OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS optional
DESCRIPTION
"The number of path-key expansion requests (PCReq)
which had failed retrieval."
::= { pcePcepPathKeyObjects 10 }
pcePcepPathKeyConfig OBJECT-TYPE
SYNTAX INTEGER {
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS mandatory
DESCRIPTION
"The path-key based inter domain computation
configuration."
::= { pcePcepPathKeyObjects 11 }
pcePcepPathKeyTable OBJECT-TYPE
SYNTAX SEQUENCE OF pcePcepPathKeyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains information about the
Pathkey CPS of PCE."
::= { pcePcepPathKeyObjects 12 }
pcePcepPathKeyEntry OBJECT-TYPE
SYNTAX pcePcepPathKeyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in this table represents a path-key and CPS.
An entry is only created when a path-key generated by
PCE during inter-domain computation."
INDEX { pcePcepPathKey }
::= { pcePcepPathKeyTable 1 }
Dhody, et al. Expires September 12, 2011 [Page 10]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
pcePcepPathKeyEntry ::= SEQUENCE {
pcePcepPathKey Unsigned32,
pcePcepPathKeyFirstHopIndex MplsPathIndex,
pcePcepPathKeyHopNum Unsigned32,
pcePcepPathKeyRequestSource PcePcepIdentifier,
pcePcepPathKeyRequestId Unsigned32,
pcePcepPathKeyRetrieved INTEGER,
pcePcepPathKeyRetrieveSource PcePcepIdentifier,
pcePcepPathKeyCreationTime TimeStamp,
pcePcepPathKeyDiscardTime Unsigned32,
pcePcepPathKeyReuseTime Unsigned32,
}
pcePcepPathKey OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION
"The path-key value to identify a CPS."
::= { pcePcepPathKeyEntry 1 }
pcePcepPathKeyFirstHopIndex OBJECT-TYPE
SYNTAX MplsPathIndex
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION
"The Hop index of the first Hop in the CPS. This
index along with pcePcepPathKeyHopNum is used to
traverse the Hops in the CPS."
::= { pcePcepPathKeyEntry 2 }
pcePcepPathKeyHopNum OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of Hops in this CPS. This number along
with pcePcepPathKeyFirstHopIndex is used to
traverse the Hops in the CPS."
::= { pcePcepPathKeyEntry 3 }
Dhody, et al. Expires September 12, 2011 [Page 11]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
pcePcepPathKeyRequestSource OBJECT-TYPE
SYNTAX PcePcepIdentifier
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION
"Source that issued the original request that led
to the creation of the path-key."
::= { pcePcepPathKeyEntry 4 }
pcePcepPathKeyRequestId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION
"The request ID of the original PCReq that led
to the creation of the path-key."
::= { pcePcepPathKeyEntry 5 }
pcePcepPathKeyRetrieved OBJECT-TYPE
SYNTAX INTEGER {
TRUE(1),
FALSE(2)
}
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION
"It specifies whether the path-key is retrieved
or not."
::= { pcePcepPathKeyEntry 6 }
pcePcepPathKeyRetrieveSource OBJECT-TYPE
SYNTAX PcePcepIdentifier
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION
"If the path-key is retrieved then by which
PCC."
::= { pcePcepPathKeyEntry 7 }
pcePcepPathKeyCreationTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION
"The value of sysUpTime at which Path Key
was generated by PCE."
::= { pcePcepPathKeyEntry 8 }
Dhody, et al. Expires September 12, 2011 [Page 12]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
pcePcepPathKeyDiscardTime OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION
"The time after which the path segment associated
with the path-key will be discarded."
::= { pcePcepPathKeyEntry 9 }
pcePcepPathKeyReuseTime OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION
"The time after which the path-key will be available
for re-use."
::= { pcePcepPathKeyEntry 10 }
pcePcepPathKeyHopTable OBJECT-TYPE
SYNTAX SEQUENCE OF pcePcepPathKeyHopEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains information about the
Pathkey Hop in the CPS of PCE."
::= { pcePcepPathKeyObjects 13 }
pcePcepPathKeyHopEntry OBJECT-TYPE
SYNTAX pcePcepPathKeyHopEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in this table represents a Hop in the CPS.
An entry is only created when a path-key generated by
PCE during inter-domain computation."
INDEX { pcePcepPathKeyHopIndex }
::= { pcePcepPathKeyHopTable 1 }
Dhody, et al. Expires September 12, 2011 [Page 13]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
pcePcepPathKeyHopEntry ::= SEQUENCE {
pcePcepPathKeyHopIndex MplsPathIndex,
pcePcepPathKeyHopAddrType TeHopAddressType,
pcePcepPathKeyHopIpAddr TeHopAddress,
pcePcepPathKeyHopIpPrefixLen InetAddressPrefixLength,
pcePcepPathKeyHopAddrUnnum TeHopAddressUnnum,
pcePcepPathKeyHopLspId MplsLSPID,
pcePcepPathKeyHopType INTEGER,
}
pcePcepPathKeyHopIndex OBJECT-TYPE
SYNTAX MplsPathIndex
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION
"The index into this table identifying a particular
Hop. All Hops in the CPS are added sequentially into
the table. The first hop index and number of Hops are
used for traversing the table."
::= { pcePcepPathKeyHopEntry 1 }
pcePcepPathKeyHopAddrType OBJECT-TYPE
SYNTAX TeHopAddressType
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION
"The Hop Address Type of this CPS hop.
Note that lspid(5) is a valid option only
for tunnels signaled via CRLDP."
DEFVAL { ipv4 }
::= { pcePcepPathKeyHopEntry 2 }
pcePcepPathKeyHopIpAddr OBJECT-TYPE
SYNTAX TeHopAddress
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION
"The Hop Address for this CPS hop.
The type of this address is determined by the
value of the corresponding pcePcepPathKeyHopAddrType."
DEFVAL { '00000000'h } -- IPv4 address 0.0.0.0
::= { pcePcepPathKeyHopEntry 3 }
Dhody, et al. Expires September 12, 2011 [Page 14]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
pcePcepPathKeyHopIpPrefixLen OBJECT-TYPE
SYNTAX InetAddressPrefixLength
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"If pcePcepPathKeyHopAddrType is set to ipv4(1) or
ipv6(2), then this value will contain an
appropriate prefix length for the IP address in
object pcePcepPathKeyHopIpAddr. Otherwise this value
is irrelevant and should be ignored."
DEFVAL { 32 }
::= { pcePcepPathKeyHopEntry 4 }
pcePcepPathKeyHopAddrUnnum OBJECT-TYPE
SYNTAX TeHopAddressUnnum
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"If pcePcepPathKeyHopAddrType is set to unnum(4),
then this value will contain the interface
identifier of the unnumbered interface for this
hop. This object should be used in conjunction
with pcePcepPathKeyHopIpAddr which would contain
the LSR Router ID in this case."
::= { pcePcepPathKeyHopEntry 5 }
pcePcepPathKeyHopLspId OBJECT-TYPE
SYNTAX MplsLSPID
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"If pcePcepPathKeyHopAddrType is set to lspid(5),
then this value will contain the LSPID of a tunnel
of this hop. The present tunnel being configured is
tunneled through this hop (using label stacking).
This object is otherwise insignificant and should
contain a value of 0 to indicate this fact."
::= { pcePcepPathKeyHopEntry 6 }
Dhody, et al. Expires September 12, 2011 [Page 15]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
pcePcepPathKeyHopType OBJECT-TYPE
SYNTAX INTEGER {
strict(1),
loose(2)
}
MAX-ACCESS read-only
STATUS mandatory
DESCRIPTION
"Denotes whether this hop is routed in a
strict or loose fashion. "
DEFVAL { strict }
::= { pcePcepPathKeyHopEntry 7 }
---
--- Notifications
---
pcePcepPathKeyExpandUnknownNtf NOTIFICATION-TYPE
OBJECTS {
pcePcepPathKeyExpandUnknown
}
STATUS mandatory
DESCRIPTION
"This notification is sent when an attempt to expand an
unknown path-key is made. The value of the counter
pcePcepPathKeyExpandUnknown is also increased at this
time."
::= { pcePcepPathKeyNotifications 1 }
pcePcepPathKeyExpandExpiredNtf NOTIFICATION-TYPE
OBJECTS {
pcePcepPathKeyExpandExpired
}
STATUS mandatory
DESCRIPTION
"This notification is sent when an attempt to expand an
expired path-key is made. The value of the counter
pcePcepPathKeyExpandExpired is also increased at this
time."
::= { pcePcepPathKeyNotifications 2 }
Dhody, et al. Expires September 12, 2011 [Page 16]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
pcePcepPathKeyExpandSameNtf NOTIFICATION-TYPE
OBJECTS {
pcePcepPathKeyExpandSame
}
STATUS optional
DESCRIPTION
"This notification is sent when a duplicate attempt to
expand the same path-key is made. The value of the
counter pcePcepPathKeyExpandSame is also increased at
this time."
::= { pcePcepPathKeyNotifications 3 }
pcePcepPathKeyExpiredNoExpansionNtf NOTIFICATION-TYPE
OBJECTS {
pcePcepPathKeyExpiredNoExpansion
}
STATUS optional
DESCRIPTION
"This notification is sent when path-key expires without
any attempt to expand it. The value of the counter
pcePcepPathKeyExpiredNoExpansion is also increased at
this time."
::= { pcePcepPathKeyNotifications 4 }
--****************************************************************
-- Module Conformance Statement
--****************************************************************
pcePcepPathKeyGroups
OBJECT IDENTIFIER ::= { pcePcepPathKeyConformance 1 }
pcePcepPathKeyCompliances
OBJECT IDENTIFIER ::= { pcePcepPathKeyConformance 2 }
Dhody, et al. Expires September 12, 2011 [Page 17]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
--
-- Full Compliance
--
pcePcepPathKeyModuleFullCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The Module is implemented with support
for read-create and read-write. In other
words, both monitoring and configuration
are available when using this MODULE-COMPLIANCE."
MODULE -- this module
MANDATORY-GROUPS { pcePcepPathKeyGeneralGroup,
pcePcepPathKeyNotificationsGroup
}
::= { pcePcepPathKeyCompliances 1 }
--
-- Read-Only Compliance
--
pcePcepPathKeyModuleReadOnlyCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The Module is implemented with support
for read-only. In other words, only monitoring
is available by implementing this MODULE-COMPLIANCE."
MODULE -- this module
MANDATORY-GROUPS { pcePcepPathKeyGeneralGroup,
pcePcepPathKeyNotificationsGroup
}
::= { pcePcepPathKeyCompliances 2 }
-- units of conformance
Dhody, et al. Expires September 12, 2011 [Page 18]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
pcePcepPathKeyGeneralGroup OBJECT-GROUP
OBJECTS {
pcePcepPathKeyDiscardTimer,
pcePcepPathKeyReUseTimer,
pcePcepPathKeysGenerated,
pcePcepPathKeyExpandUnknown,
pcePcepPathKeyExpandExpired,
pcePcepPathKeyConfig,
pcePcepPathKey,
pcePcepPathKeyFirstHopIndex,
pcePcepPathKeyHopNum,
pcePcepPathKeyRequestSource,
pcePcepPathKeyRequestId,
pcePcepPathKeyRetrieved,
pcePcepPathKeyRetrieveSource,
pcePcepPathKeyCreationTime,
pcePcepPathKeyDiscardTime,
pcePcepPathKeyReuseTime,
pcePcepPathKeyHopIndex,
pcePcepPathKeyHopAddrType,
pcePcepPathKeyHopIpAddr,
pcePcepPathKeyHopIpPrefixLen,
pcePcepPathKeyHopType
}
STATUS current
DESCRIPTION
"Objects that apply to all PCEP Pathkey MIB
implementations."
::= { pcePcepPathKeyGroups 1 }
pcePcepPathKeyNotificationsGroup NOTIFICATION-GROUP
NOTIFICATIONS { pcePcepPathKeyExpandUnknownNtf,
pcePcepPathKeyExpandExpiredNtf
}
STATUS current
DESCRIPTION
"The notifications for a PCEP Pathkey MIB implementation."
::= { pcePcepPathKeyGroups 2 }
END
6.2. Objects for inclusion in module PCE-PCEP-DRAFT-MIB
Following object maybe moved to [PCE-PCEP-DRAFT-MIB] after consensus
with the authors and working group.
Dhody, et al. Expires September 12, 2011 [Page 19]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
pcePcepPathKeyConfig
7. IANA Considerations
TBD
8. Security Considerations
This MIB module can be used for configuration of certain objects, and
anything that can be configured can be incorrectly configured, with
potentially disastrous results.
There are a number of management objects defined in this MIB module
with a MAX-ACCESS clause of read-create. Such objects may be
considered sensitive or vulnerable in some network environments. The
support for SET operations in a non-secure environment without proper
protection can have a negatie effect on network operations. These
are the tables and objects and their sensitivity/vulnerability:
o pcePcepPathKeyDiscardTimer: Setting this value incorrectly may
cause the expiration of Pathkey before attempt to retrieve the
CPS.
o pcePcepPathKeyReUseTimer: Setting this value incorrectly may cause
the re-use of pathkey which may not guarantee the uniqueness of
path-key values.
The user of the PCE-PCEP-PATHKEY-DRAFT-MIB module must therefore be
aware that support for SET operations in a non-secure environment
without proper protection can have a negative effect on network
operations.
The readable objects in the PCE-PCEP-PATHKEY-DRAFT-MIB module (i.e.,
those with MAX-ACCESS other than not-accessible) may be considered
sensitive in some environments since, collectively, they provide
information about the amount and frequency of path computation
requests and responses within the network and can reveal some aspects
of their configuration.
In such environments it is important to control also GET and NOTIFY
access to these objects and possibly even to encrypt their values
when sending them over the network via SNMP.
SNMP versions prior to SNMPv3 did not include adequate security.
Even if the network itself is secure (for example by using IPsec),
even then, there is no control as to who on the secure network is
allowed to access and GET/SET (read/change/create/delete) the objects
in this MIB module.
Dhody, et al. Expires September 12, 2011 [Page 20]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
It is RECOMMENDED that implementers consider the security features as
provided by the SNMPv3 framework (see [RFC3410], section 8),
including full support for the SNMPv3 cryptographic mechanisms (for
authentication and privacy).
Further, deployment of SNMP versions prior to SNMPv3 is NOT
RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
enable cryptographic security. It is then a customer/operator
responsibility to ensure that the SNMP entity giving access to an
instance of this MIB module is properly configured to give access to
the objects only to those principals (users) that have legitimate
rights to indeed GET or SET (change/create/delete) them.
9. References
9.1. Normative References
[RFC2578] McCloghrie, k., Perkins, D., Schoenwaelder, J.,
Case, J., Rose, M., and S. Waldbusser,
"Structure of Management Information Version 2
(SMIv2)", April 1999.
[RFC2579] McCloghrie, k., Perkins, D., Schoenwaelder, J.,
Case, J., Rose, M., and S. Waldbusser, "Textual
Conventions for SMIv2", April 1999.
[RFC2580] McCloghrie, k., Perkins, D., Schoenwaelder, J.,
Case, J., Rose, M., and S. Waldbusser,
"Conformance Statements for SMIv2", April 1999.
[RFC2863] McCloghrie, k. and F. Kastenholz, "The
Interfaces Group MIB", June 2000.
[RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An
Architecture for Describing Simple Network
Management Protocol (SNMP) Management
Frameworks", December 2002.
[RFC3811] Nadeau, T. and J. Cucchiara, "Definition of
Textual Conventions and for Multiprotocol Label
Switching (MPLS) Management", June 2004.
[RFC3813] Srinivasan, C., Viswanathan, A., and T. Nadeau,
"MPLS Multiprotocol Label Switching (MPLS)
Label Switch Router Management Information
Base", June 2004.
[RFC5440] Ayyangar, A ., Farrel, A ., Oki, E., Atlas, A.,
Dhody, et al. Expires September 12, 2011 [Page 21]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
Dolganow, A., Ikejiri, Y., Kumaki, K., Vasseur,
J., and J. Roux, "Path Computation Element
(PCE) communication Protocol (PCEP)",
March 2009.
9.2. Informative References
[PCE-PCEP-DRAFT-MIB] Kiran Koushik, A S., Stephan, E., Zhao, Q., and
D. King, "PCE communication protocol(PCEP)
Management Information Base", July 2010.
[RFC3410] Case, J ., Mundy, R., Partain, D., and B.
Stewart, "Introduction and Applicability
Statements for Internet-Standard Management
Framework", December 2002.
[RFC4655] Farrel, A., Vasseur, J., and J. Ash, "A Path
Computation Element (PCE)-Based Architecture",
August 2006.
[RFC5520] Bradford, R., Vasseur, JP., and A. Farrel,
"Preserving Topology Confidentiality in Inter-
Domain Path Computation Using a Path-Key-Based
Mechanism", April 2009.
Authors' Addresses
Dhruv Dhody
Huawei Technology
Leela Palace
Bangalore, Karnataka 560008
INDIA
EMail: dhruvd@huawei.com
Udayasree Palle
Huawei Technology
Leela Palace
Bangalore, Karnataka 560008
INDIA
EMail: Udayasreepalle@huawei.com
Dhody, et al. Expires September 12, 2011 [Page 22]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011
Quintin Zhao
Huawei Technology
125 Nagog Technology Park
Acton, MA 01719
US
EMail: qzhao@huawei.com
Daniel King
Old Dog Consulting
UK
EMail: daniel@olddog.co.uk
Dhody, et al. Expires September 12, 2011 [Page 23]
Internet-Draft PCE-PCEP-PATHKEY-DRAFT-MIB March 2011