Network Working Group Y. Fu
Internet Draft Sh. Jiang
Intended status: Standards Track Huawei Technologies Co., Ltd
Expires: January 12, 2012 Y. Cui
J.Dong
Tsinghua University
July 11, 2011
DS-Lite Management Information Base (MIB)
draft-fu-softwire-dslite-mib-01
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute working
documents as Internet-Drafts. The list of current Internet-Drafts is
at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 27, 2011.
Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Fu, et al. Expires January 12, 2012 [Page 1]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
Abstract
This memo defines a portion of the Management Information Base (MIB)
for use with network management protocols in the Internet community.
In particular, it defines managed objects for DS-Lite.
Table of Contents
1. Introduction ................................................ 3
2. The Internet-Standard Management Framework ................... 3
3. Terminology ................................................. 3
4. Difference from the IP tunnel MIB and NAT MIB ................ 3
5. Structure of the MIB Module .................................. 4
5.1. The dsliteTunnel Subtree ................................ 4
5.2. The dsliteNAT Subtree ................................... 4
5.3. The dsliteInfo Subtree .................................. 5
5.4. The dsliteTrap Subtree .................................. 5
5.5. The dsliteConformance Subtree ........................... 5
6. MIB modules required for IMPORTS ............................. 5
7. Definitions .................................................. 5
8. IANA Considerations ......................................... 27
9. Security Considerations ..................................... 27
10. References ................................................. 27
10.1. Normative References .................................. 27
10.2. Informative References ................................ 28
11. Change Log [RFC Editor please remove] ...................... 28
Author's Addresses ............................................. 29
Fu, et al. Expires January 12, 2011 [Page 2]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
1. Introduction
Dual-Stack Lite [I-D.ietf-softwire-dual-stack-lite] is a solution to
offer both IPv4 and IPv6 connectivity to customers crossing IPv6 only
infrastructure. One of its key components is an IPv4-over-IPv6
tunnel, which is used to provide IPv4 connection across service
provider IPv6 network. Another key component is a carrier-grade IPv4-
IPv4 NAT to share service provider IPv4 addresses among customers.
This document defines a portion of the Management Information Base
(MIB) for use with network management protocols in the Internet
community. This MIB module may be used for configuration and
monitoring the devices in the Dual-Stack Lite scenario.
2. The Internet-Standard Management Framework
For a detailed overview of the documents that describe the current
Internet-Standard Management Framework, please refer to section 7 of
[RFC3410].
Managed objects are accessed via a virtual information store, termed
the MIB. MIB objects are generally accessed through the Simple
Network Management Protocol (SNMP).
Objects in the MIB are defined using the mechanisms defined in the
Structure of Management Information (SMI). This memo specifies a MIB
module that is compliant to the SMIv2, which is described in
[RFC2578], [RFC2579] and [RFC2580].
3. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
4. Difference from the IP tunnel MIB and NAT MIB
The key technologies for DS-Lite are IP in IP (IPv4-in-IPv6) tunnel
and NAT (IPv4 to IPv4 translation).
The NAT-MIB [RFC4008] is designed to carry translation from any
address family to any address family, therefore supports IPv4 to IPv4
translation.
The tunnel MIB [RFC4087] is designed for managing tunnels of any type
over IPv4 and IPv6 networks, therefore supports IP in IP tunnels.
Fu, et al. Expires January 12, 2011 [Page 3]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
However, NAT MIB and tunnel MIB together are not sufficient to
support DS-Lite. This document describes the specific MIB
requirements for DS-Lite, as below.
In DS-Lite scenario, the tunnel type is IP in IP, more
precisely, is IPv4 in IPv6. Therefore, it is unnecessary to
describe tunnel type in DS-Lite MIB.
In DS-Lite scenario, the translation type is IPv4 private
address to IPv4 public address. Therefore, it is unnecessary to
describe the type of address in the corresponding
tunnelIfLocalInetAddress and tunnelIfRemoteInetAddress objects
in DS-Lite MIB.
In DS-Lite scenario, the AFTR is not only the tunnel end
concentrator, but also a 4-4 translator. Within the AFTR,
tunnel information and translation information MUST be mapped
each other. Two independent MIB is not able to reflect this
mapping relationship. Therefore, a combined MIB is necessary.
5. Structure of the MIB Module
The DS-Lite MIB provides a way to configure and manage the devices in
DS-Lite scenario through SNMP.
DS-Lite MIB is configurable on a per-interface basis. It depends on
several parts of the IF-MIB [RFC2863], tunnel MIB [RFC4087], and NAT
MIB [RFC4008].
5.1. The dsliteTunnel Subtree
The dsliteTunnel subtree describes managed objects used for managing
tunnels in the DS-Lite scenario. Because the tunnel MIB supports the
tunnel management function in DS-Lite, we may reuse it in DS-Lite
MIB.
5.2. The dsliteNAT Subtree
The dsliteNAT Subtree describes managed objects used for
configuration as well as monitoring of AFTR which is capable of NAT
function. Because the NAT MIB supports the NAT management function in
DS-Lite, we MAY reuse it in DS-Lite MIB. The dsliteNAT Subtree also
provides the information of mapping relationship between the tunnel
MIB and NAT MIB by extending B4 address to the bind table in NAT
MIB.
Fu, et al. Expires January 12, 2011 [Page 4]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
5.3. The dsliteInfo Subtree
The dsliteInfo Subtree provides the statistical information for
dilite.
5.4. The dsliteTrap Subtree
The dsliteTrap Subtree provides trap information in DS-lite instance.
5.5. The dsliteConformance Subtree
The Subtree provides conformance information of MIB objects.
6. MIB modules required for IMPORTS
This MIB module IMPORTs objects from [RFC4087], [RFC4008], [RFC2580],
[RFC2578], [RFC2863], [RFC4001],[RFC3411].
Notes: The IF-MIB defines the MTU for the interface which includes
the virtual interface of the tunnel, so DS-Lite MIB does not need to
define the MTU for tunnel.
7. Definitions
DSLite-MIB DEFFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, mib-2, transmission,
Gauge32, Integer32, Counter64
FROM SNMPv2-SMI
RowStatus, StorageType, DisplayString
FROM SNMPv2-TC
ifIndex, InterfaceIndexOrZero
FROM IF-MIB
InetAddress, InetPortNumber
FROM INET-ADDRESS-MIB
tunnelInetConfigIfIndex
FROM tunnelMIB
NatAddrMapId, natAddrMapName, natAddrMapEntryType,
natAddrMapLocalAddrFrom, natAddrMapLocalAddrTo,
natAddrMapLocalPortFrom, natAddrMapLocalPortTo,
natAddrMapGlobalAddrFrom, natAddrMapGlobalAddrTo,
Fu, et al. Expires January 12, 2011 [Page 5]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
natAddrMapGlobalPortFrom, natAddrMapGlobalPortTo
natAddrPortBindGlobalAddr, natAddrPortBindGlobalPort,
NatBindId, natAddrPortBindSessions,
natAddrPortBindMaxIdleTime, natAddrPortBindCurrentIdleTime,
natAddrPortBindInTranslates, natAddrPortBindOutTranslates
FROM natMIB
dsliteMIB MODULE-IDENTITY
LAST-UPDATED "201107110000Z" -- July 11, 2011
ORGANIZATION "IETF Softwire Working Group"
CONTACT-INFO
"Yu Fu
Huawei Technologies Co., Ltd
Huawei Building, No.3 Xinxi Rd, Hai-Dian District
Beijing, P.R. China 100085
EMail: eleven.fuyu@huawei.com
Sheng Jiang
Huawei Technologies Co., Ltd
Huawei Building, No.3 Xinxi Rd, Hai-Dian District
Beijing, P.R. China 100085
EMail: jiangsheng@huawei.com
Yong Cui
Tsinghua University
Department of Computer Science, Tsinghua University
Beijing 100084
P.R. China
Email: yong@csnet1.cs.tsinghua.edu.cn
Jiang Dong
Tsinghua University
Department of Computer Science, Tsinghua University
Beijing 100084
P.R. China
Email: dongjiang@csnet1.cs.tsinghua.edu.cn"
DESCRIPTION
"The MIB module is defined for management of object in the
DS-Lite scenario. "
::= { transmission xxx } --xxx to be replaced with correct
value
dsliteTunnel OBJECT IDENTIFIER
:: = { dsliteMIB 1 }
Fu, et al. Expires January 12, 2011 [Page 6]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
dsliteNAT OBJECT IDENTIFIER
:: = { dsliteMIB 2 }
dsliteInfo OBJECT IDENTIFIER
:: = { dsliteMIB 3 }
dsliteTraps OBJECT IDENTIFIER
::= { dsliteMIB 4 }
--Conformance
dsliteConformance OBJECT IDENTIFIER
:: = { dsliteMIB 5 }
--dsliteTunnel
--dsliteTunnelTable
dsliteTunnelTable OBJECT-TYPE
SYNTAX SEQUENCE OF dsliteTunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The (conceptual) table containing information on configured
tunnels. This table can be used to map CPE address to the
associated AFTR address. It can also be used for row
creation."
:: = { dsliteTunnel 1 }
dsliteTunnelEntry OBJECT-TYPE
SYNTAX dsliteTunnelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in this table contains the information on a
particular configured tunnel."
INDEX { dsliteTunnelLocalAddress,
dsliteTunnelRemoteAddress,
dsliteTunnelConfigID }
:: = { dsliteTunnelTable 1 }
dsliteTunnelEntry :: =
SEQUENCE {
dsliteTunnelStartAddress InetAddress,
dsliteTunnelStartAddPreLen Integer32,
dsliteTunnelEndAddress InetAddress,
dsliteTunnelID Integer32,
dsliteTunnelIfIndex tunnelInetConfigIfIndex,
dsliteTunnelStatus RowStatus,
Fu, et al. Expires January 12, 2011 [Page 7]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
dsliteTunnelStorageType StorageType
}
dsliteTunnelStartAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The address of the start point of the tunnel."
::= { dsliteTunnelEntry 1 }
dsliteTunnelStartAddPreLen OBJECT-TYPE
SYNTAX Integer32 (0..128)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"IPv6 prefix length of the IP address of the
start point of the tunnel."
::= { dsliteTunnelEntry 2 }
dsliteTunnelEndAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The address of the endpoint of the tunnel."
::= { dsliteTunnelEntry 3 }
dsliteTunnelID OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"An identifier used to distinguish between multiple
tunnels in DS-Lite scenario."
::= { dsliteTunnelEntry 4 }
dsliteTunnelIfIndex OBJECT-TYPE
SYNTAX tunnelInetConfigIfIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"If the value of dsliteTunnelStatus for this row
is active, then this object contains the value of
ifIndex corresponding to the tunnel interface. A
value of 0 is not legal in the active state,
and means that the interface index has not
Fu, et al. Expires January 12, 2011 [Page 8]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
yet been assigned."
::= { dsliteTunnelEntry 5 }
dsliteTunnelStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this row, by which new entries may be
created, or old entries deleted from this table.
::= { dsliteTunnelEntry 6 }
dsliteTunnelStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The storage type of this row. If the row is
permanent(4), no objects in the row need be
writable."
::= { dsliteTunnelEntry 7 }
--dsliteNAT
--dsliteNATMapTable(define address pool)
--dsliteNATBindTable
dsliteNATMapTable OBJECT-TYPE
SYNTAX SEQUENCE OF dsliteNATMapEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains information about address map
parameters."
:: = { dsliteNAT 1 }
dsliteNATMapEntry OBJECT-TYPE
SYNTAX dsliteNATMapEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" This entry represents an address map to be used for
NAT and contributes to the address mapping tables of
AFTR."
INDEX { ifIndex,
dsliteNATMapIndex }
:: = { dsliteNATMapTable 1 }
Fu, et al. Expires January 12, 2011 [Page 9]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
dsliteNATMapEntry :: =
SEQUENCE {
dsliteNATMapIndex NatAddrMapId,
dsliteNATMapAddrName natAddrMapName,
dsliteNATMapEntryType natAddrMapEntryType,
dsliteNATMapLocalAddrFrom natAddrMapLocalAddrFrom,
dsliteNATMapLocalAddrTo natAddrMapLocalAddrTo,
dsliteNATMapLocalPortFrom natAddrMapLocalPortFrom,
dsliteNATMapLocalPortTo natAddrMapLocalPortTo,
dsliteNATMapGlobalAddrFrom natAddrMapGlobalAddrFrom,
dsliteNATMapGlobalAddrTo natAddrMapGlobalAddrTo,
dsliteNATMapGlobalPortFrom natAddrMapGlobalPortFrom,
dsliteNATMapGlobalPortTo natAddrMapGlobalPortTo,
dsliteNATMapAddrUsed natAddrMapAddrUsed,
dsliteNATMapStorageType StorageType,
dsliteNATMapRowStatus RowStatus
}
dsliteNATMapIndex OBJECT-TYPE
SYNTAX NatAddrMapId
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Along with ifIndex, this object uniquely
identifies an entry in the dsliteNATMapTable.
Address map entries are applied in the order
specified by dsliteNATMapIndex."
::= { dsliteNATMapEntry 1 }
dsliteNATMapAddrName OBJECT-TYPE
SYNTAX natAddrMapName
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name identifying all map entries in the table associated
with the same interface. All map entries with the same
ifIndex MUST have the same map name."
::= { dsliteNATMapEntry 2 }
dsliteNATMapEntryType OBJECT-TYPE
SYNTAX natAddrMapEntryType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This parameter can be used to set up static
or dynamic address maps."
::= { dsliteNATMapEntry 3 }
Fu, et al. Expires January 12, 2011 [Page 10]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
dsliteNATMapLocalAddrFrom OBJECT-TYPE
SYNTAX natAddrMapLocalAddrFrom
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object specifies the first IP address of the range
of IP addresses mapped by this translation entry.
The value of this object must be less than or
equal to the value of the dsliteNATMapLocalAddrTo
object."
::= { dsliteNATMapEntry 4 }
dsliteNATMapLocalAddrTo OBJECT-TYPE
SYNTAX natAddrMapLocalAddrTo
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object specifies the last IP address of the range of
IP addresses mapped by this translation entry. If only
a single address is being mapped, the value of this
object is equal to the value of natAddrMapLocalAddrFrom.
The value of this object must be greater than or equal to
the value of the natAddrMapLocalAddrFrom object."
::= { dsliteNATMapEntry 5 }
dsliteNATMapLocalPortFrom OBJECT-TYPE
SYNTAX natAddrMapLocalPortFrom
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object must be less than or equal
to the value of the dsliteNATMapLocalPortTo object.
If the translation specifies a single port, then the
value of this object is equal to the value of
dsliteNATMapLocalPortTo."
DEFVAL { 0 }
::= { dsliteNATMapEntry 6 }
dsliteNATMapLocalPortTo OBJECT-TYPE
SYNTAX natAddrMapLocalPortTo
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object must be greater than or equal
to the value of the dsliteNATMapLocalPortFrom object.
If the translation specifies a single port, then
Fu, et al. Expires January 12, 2011 [Page 11]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
the value of this object is equal to the value of
dsliteNATMapLocalPortFrom."
DEFVAL { 0 }
::= { dsliteNATMapEntry 7 }
dsliteNATMapGlobalAddrFrom OBJECT-TYPE
SYNTAX natAddrMapGlobalAddrFrom
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object specifies the first IP address of
the range of IP addresses being mapped to.
The value of this object must be less than
or equal to the value of the
dsliteNATMapGlobalAddrTo object.
::= { dsliteNATMapEntry 8 }
dsliteNATMapGlobalAddrTo OBJECT-TYPE
SYNTAX natAddrMapGlobalAddrTo
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object specifies the last IP address of the range
of IP addresses being mapped to. If only a single
address is being mapped to, the value of this object
is equal to the value of dsliteNATMapGlobalAddrFrom.
The value of this object must be greater than or equal
to the value of the dsliteNATMapGlobalAddrFrom object.
::= { dsliteNATMapEntry 9 }
dsliteNATMapGlobalPortFrom OBJECT-TYPE
SYNTAX natAddrMapGlobalPortFrom
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object must be less than or equal
to the value of the dsliteNATMapGlobalPortTo object.
If the translation specifies a single port, then the
value of this object is equal to the value
dsliteNATMapGlobalPortTo."
DEFVAL { 0 }
::= { dsliteNATMapEntry 10 }
dsliteNATMapGlobalPortTo OBJECT-TYPE
SYNTAX natAddrMapGlobalPortTo
MAX-ACCESS read-create
STATUS current
Fu, et al. Expires January 12, 2011 [Page 12]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
DESCRIPTION
"The value of this object must be greater than or
equal to the value of the dsliteNATMapGlobalPortFrom
object. If the translation specifies a single port,
then the value of this object is equal to the
value of dsliteNATMapGlobalPortFrom."
DEFVAL { 0 }
::= { dsliteNATMapEntry 11 }
dsliteNATMapAddrUsed OBJECT-TYPE
SYNTAX natAddrMapAddrUsed
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of addresses pertaining to this address
map that are currently being used from the NAT pool."
::= { dsliteNATMapEntry 12 }
dsliteNATMapStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The storage type for this conceptual row.
Conceptual rows having the value 'permanent'
need not allow write-access to any columnar
objects in the row."
REFERENCE
"Textual Conventions for SMIv2, Section 2."
DEFVAL { nonVolatile }
::= { dsliteNATMapEntry 13 }
dsliteNATMapRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this conceptual row."
REFERENCE
"Textual Conventions for SMIv2, Section 2."
::= { dsliteNATMapEntry 14 }
dsliteNATBindTable OBJECT-TYPE
SYNTAX SEQUENCE OF dsliteNATBindEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
Fu, et al. Expires January 12, 2011 [Page 13]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
"This table contains information about currently
active NAT binds in AFTR. This table extends the
natAddrPortBindTable designed in NAT MIB (RFC
4008) by IPv6 address of B4."
:: = { dsliteNAT 2 }
dsliteNATBindEntry OBJECT-TYPE
SYNTAX dsliteNATBindEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in this table holds the relationship between
tunnel information and nat bind information. These entries
are lost upon agent restart."
INDEX { ifIndex,
dsliteNATBindLocalAddr,
dsliteNATBindLocalPort,
dsliteB4Addr }
:: = { dsliteNATBindTable 1 }
dsliteNATBindEntry :: =
SEQUENCE {
dsliteNATBindLocalAddr InetAddress,
dsliteNATBindLocalPort InetPortNumber,
dsliteNATBindGlobalAddr natAddrPortBindGlobalAddr,
dsliteNATBindGlobalPort natAddrPortBindGlobalPort,
dsliteNATBindId NatBindId,
dsliteB4Addr dsliteTunnelStartAddress,
dsliteB4PreLen dsliteTunnelStartAddPreLen,
dsliteNATBindMapIndex NatAddrMapId,
dsliteNATBindSessions natAddrPortBindSessions,
dsliteNATBindMaxIdleTime natAddrPortBindMaxIdleTime,
dsliteNATBindCurrentIdleTime natAddrPortBindCurrentIdleTime,
dsliteNATBindInTranslates natAddrPortBindInTranslates,
dsliteNATBindOutTranslates natAddrPortBindOutTranslates
}
dsliteNATBindLocalAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object represents the private IP address of host."
::= { dsliteNATBindEntry 1 }
dsliteNATBindLocalPort OBJECT-TYPE
SYNTAX InetPortNumber
Fu, et al. Expires January 12, 2011 [Page 14]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object represents the private-realm Port
number of host."
::= { dsliteNATBindEntry 2 }
dsliteNATBindGlobalAddr OBJECT-TYPE
SYNTAX natAddrPortBindGlobalAddr
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the public-realm IP
address of the host."
::= { dsliteNATBindEntry 3 }
dsliteNATBindGlobalPort OBJECT-TYPE
SYNTAX natAddrPortBindGlobalPort
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the public-realm Port number
of host."
::= { dsliteNATBindEntry 4 }
dsliteNATBindId OBJECT-TYPE
SYNTAX NatBindId
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents a bind id that is
dynamically assigned to each bind by AFTR.
Each bind is represented by a unique bind
id across the dsliteNATBindTable."
::= { dsliteNATBindEntry 5 }
dsliteB4Addr OBJECT-TYPE
SYNTAX dsliteTunnelStartAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the relationship between
tunnel start point to the Bind entry, which extends
the source IPv6 address of packet to the Bind table."
::= { dsliteNATBindEntry 6 }
Fu, et al. Expires January 12, 2011 [Page 15]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
dsliteB4PreLen OBJECT-TYPE
SYNTAX dsliteTunnelStartAddPreLen
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the IPv6 prefix length of the
start point of tunnel, which is also need to extend to
the Bind table."
::= { dsliteNATBindEntry 7 }
dsliteNATBindMapIndex OBJECT-TYPE
SYNTAX NatAddrMapId
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object is a pointer to the dsliteNATMapTable
entry used in creating this BIND."
::= { dsliteNATBindEntry 8 }
dsliteNATBindSessions OBJECT-TYPE
SYNTAX natAddrPortBindSessions
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" This object represents the number of sessions currently
using this BIND."
::= { dsliteNATBindEntry 9 }
dsliteNATBindMaxIdleTime OBJECT-TYPE
SYNTAX natAddrPortBindMaxIdleTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the maximum time for
which this bind can be idle without any sessions
attached to it."
::= { dsliteNATBindEntry 10 }
dsliteNATBindCurrentIdleTime OBJECT-TYPE
SYNTAX natAddrPortBindCurrentIdleTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"At any given instance, this object indicates the
time that this bind has been idle without any sessions
attached to it."
::= { dsliteNATBindEntry 11 }
Fu, et al. Expires January 12, 2011 [Page 16]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
dsliteNATBindInTranslates OBJECT-TYPE
SYNTAX natAddrPortBindInTranslates
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of inbound packets that were
translated as per this bind entry."
::= { dsliteNATBindEntry 12 }
dsliteNATBindBindOutTranslates OBJECT-TYPE
SYNTAX natAddrPortBindOutTranslates
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of outbound packets that were
translated as per this bind entry."
::= { dsliteNATBindEntry 13 }
--dsliteInfo
dsliteSessionLimitTable OBJECT-TYPE
SYNTAX SEQUENCE OF dsliteSessionLimitEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The (conceptual) table containing information about session
limit. It can also be used for row creation."
:: = { dsliteInfo 1 }
dsliteSessionLimitEntry OBJECT-TYPE
SYNTAX dsliteSessionLimitEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in this table contains the information to be
used for configuring session limits for DS-lite."
INDEX { dsliteInstanceName,
dsliteSessionLimitaType }
:: = { dsliteSessionLimitTable 1 }
dsliteSessionLimitEntry :: =
SEQUENCE {
dsliteSessionLimitInstanceName DisplayString,
dsliteSessionLimitType INTEGER,
dsliteSessionLimitNumber Integer32,
dsliteSessionLimitStorageType StorageType,
Fu, et al. Expires January 12, 2011 [Page 17]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
dsliteSessionLimitRowStatus RowStatus
}
dsliteSessionLimitInstanceName OBJECT-TYPE
SYNTAX DisplayString (SIZE (1..31))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" This object represents the instance name
that is limited."
::= { dsliteSessionLimitEntry 1 }
dsliteSessionLimitType OBJECT-TYPE
SYNTAX INTEGER
{
tcp(0),
udp(1),
icmp(2),
total(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the session limit type :
tcp or udp or totally."
::= { dsliteSessionLimitEntry 2 }
dsliteSessionLimitNumber OBJECT-TYPE
SYNTAX Integer32 (1..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" This table represents the limit number of the session."
::= { dsliteSessionLimitEntry 3 }
dsliteSessionLimitStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The storage type for this conceptual row. Conceptual
rows having the value 'permanent' need not allow
write-access to any columnar objects in the row."
::= { dsliteSessionLimitEntry 4 }
dsliteSessionLimitRowStatus OBJECT-TYPE
SYNTAX RowStatus
Fu, et al. Expires January 12, 2011 [Page 18]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" The status of this conceptual row."
REFERENCE
"Textual Conventions for SMIv2, Section 2."
DEFVAL { nonVolatile }
::= { dsliteSessionLimitEntry 5 }
dslitePortLimitTable OBJECT-TYPE
SYNTAX SEQUENCE OF dslitePortLimitEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table is used to configure port limits for a
DS-Lite instance."
::= { dsliteInfo 2 }
dslitePortLimitEntry OBJECT-TYPE
SYNTAX dslitePortLimitEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in this table contains the information to be
used for configuring session limits for DS-lite."
INDEX { dslitePortLimitInstanceName,
dslitePortLimitType }
::= { dslitePortLimitTable 1 }
dslitePortLimitEntry ::=
SEQUENCE {
dslitePortLimitInstanceName DisplayString,
dslitePortLimitType INTEGER,
dslitePortLimitNumber Integer32,
dslitePortLimitStorageType StorageType,
dslitePortLimitRowStatus RowStatus
}
dslitePortLimitInstanceName OBJECT-TYPE
SYNTAX DisplayString (SIZE (1..31))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" This object represents the instance name
that is limited."
::= { dslitePortLimitEntry 1 }
Fu, et al. Expires January 12, 2011 [Page 19]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
dslitePortLimitType OBJECT-TYPE
SYNTAX INTEGER
{
tcp(0),
udp(1),
icmp(2),
total(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object represents the port limit
type: tcp or udp or totally."
::= { dslitePortLimitEntry 2 }
dslitePortLimitNumber OBJECT-TYPE
SYNTAX Integer32 (1..300000)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object represents the limit number of the
port usage."
::= { dslitePortLimitEntry 3 }
dslitePortLimitStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The storage type for this conceptual row. Conceptual
rows having the value 'permanent' need not allow
write-access to any columnar objects in the row."
::= { dslitePortLimitEntry 4 }
dslitePortLimitRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Create or delete table row."
::= { dslitePortLimitEntry 5 }
dsliteAFTRAlarmScalar OBJECT IDENTIFIER ::= { dsliteInfo 3 }
dsliteAFTRAlarmB4Addr OBJECT-TYPE
SYNTAX dsliteTunnelStartAddress
MAX-ACCESS accessible-for-notify
Fu, et al. Expires January 12, 2011 [Page 20]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
STATUS current
DESCRIPTION
"This object indicate the IP address of
B4 that send alarm "
::= { dsliteAFTRAlarmScalar 1 }
dsliteAFTRAlarmProtocolType OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"This object indicate the procotol type of alarm,
0:tcp,1:udp,2:icmp,3:total "
::= { dsliteAFTRAlarmScalar 2 }
dsliteAFTRAlarmMapAddrName OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"This object indicate the name of dsliteNATMapAddrName "
::= { dsliteAFTRAlarmScalar 3 }
dsliteAFTRAlarmSpecificIP OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
" This object indicate the IP address whose port usage
reach threshold "
::= { dsliteAFTRAlarmScalar 4 }
dsliteAFTRAlarmConnectNumber OBJECT-TYPE
SYNTAX Integer32 (60..90)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" This object indicate the threshold of DS-Lite
connections alarm."
::= { dsliteAFTRAlarmScalar 5 }
dsliteStatisticTable OBJECT-TYPE
SYNTAX SEQUENCE OF dsliteStatisticEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table provides statistical information
Fu, et al. Expires January 12, 2011 [Page 21]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
of DS-Lite."
::= { dsliteInfo 4 }
dsliteStatisticEntry OBJECT-TYPE
SYNTAX dsliteStatisticEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table provides statistical information
of DS-Lite."
INDEX { dsliteStatisticInstanceName }
::= { dsliteStatisticTable 1 }
dsliteStatisticEntry ::=
SEQUENCE {
dsliteStatisticInstanceName DisplayString,
dsliteStatisticDiscard Counter64,
dsliteStatisticReceived Counter64,
dsliteStatisticTransmitted Counter64,
dsliteStatisticIpv4Session Counter64,
dsliteStatisticIpv6Session Counter64,
dsliteStatisticStorageType StorageType,
dsliteStatisticRowStatus RowStatus
}
dsliteStatisticInstanceName OBJECT-TYPE
SYNTAX DisplayString (SIZE (1..31))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
" This object indicate the instance name
that is limited."
::= { dsliteStatisticEntry 1 }
dsliteStatisticDiscard OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" This object indicate the count number of
the discarded packet."
::= { dsliteStatisticEntry 2 }
dsliteStatisticReceived OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-create
Fu, et al. Expires January 12, 2011 [Page 22]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
STATUS current
DESCRIPTION
"This object indicate the count number of
received packet count."
::= { dsliteStatisticEntry 3 }
dsliteStatisticTransmitted OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicate the count number of
transmitted packet count."
::= { dsliteStatisticEntry 4 }
dsliteStatisticIpv4Session OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" This object indicate the number of the
current IPv4 Session."
::= { dsliteStatisticEntry 5 }
dsliteStatisticIpv6Session OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" This object indicate the number of the
current IPv6 Session."
::= { dsliteStatisticEntry 6 }
dsliteStatisticRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Create or delete table row."
::= { dsliteStatisticEntry 7 }
---dslite trap
dsliteTunnelNumAlarm NOTIFICATION-TYPE
STATUS current
DESCRIPTION
"This trap is triggered when dslite tunnel
Fu, et al. Expires January 12, 2011 [Page 23]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
reach the threshold."
::= { dsliteTraps 1 }
dsliteAFTRUserSessionNumAlarm NOTIFICATION-TYPE
OBJECTS { dsliteAFTRAlarmProtocolType,
dsliteAFTRAlarmB4Addr }
STATUS current
DESCRIPTION
" This trap is triggered when sessions of
user reach the threshold."
::= { dsliteTraps 2 }
dsliteAFTRPortUsageOfSpecificIpAlarm NOTIFICATION-TYPE
OBJECTS { dsliteAFTRAlarmMapAddrName,
dsliteAFTRAlarmSpecificIP }
STATUS current
DESCRIPTION
"This trap is triggered when used NAT
ports of map address reach the threshold."
::= { dsliteTraps 3 }
--Module Conformance statement
dsliteCompliances OBJECT IDENTIFIER ::= { dsliteConformance 1 }
dsliteCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"Description."
MODULE -- this module
MANDATORY-GROUPS { dsliteNATMapGroup,
dsliteTunnelGroup }
::= { dsliteCompliances 1 }
dsliteGroups OBJECT IDENTIFIER ::= { dsliteConformance 2 }
dsliteAFTRAlarmScalarGroup OBJECT-GROUP
OBJECTS { dsliteAFTRAlarmB4Addr, dsliteAFTRAlarmProtocolType,
dsliteAFTRAlarmMapAddrName, dsliteAFTRAlarmSpecificIP,
dsliteAFTRAlarmConnectNumber }
STATUS current
DESCRIPTION
" The collection of this objects are used to give the
information about AFTR alarming Scalar."
::= { dsliteGroups 1 }
Fu, et al. Expires January 12, 2011 [Page 24]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
dsliteNATMapGroup OBJECT-GROUP
OBJECTS { dsliteNATMapIndex, dsliteNATMapAddrName,
dsliteNATMapEntryType, dsliteNATMapLocalAddrFrom,
dsliteNATMapLocalAddrTo, dsliteNATMapLocalPortFrom,
dsliteNATMapLocalPortTo, dsliteNATMapGlobalAddrFrom,
dsliteNATMapGlobalAddrTo, dsliteNATMapGlobalPortFrom,
dsliteNATMapGlobalPortTo, dsliteNATMapAddrUsed,
dsliteNATMapStorageType, dsliteNATMapRowStatu }
STATUS current
DESCRIPTION
" The collection of this objects are used to give the
information about NAT address mapping."
::= { dsliteGroups 2 }
dsliteTunnelGroup OBJECT-GROUP
OBJECTS { dsliteTunnelStartAddress, dsliteTunnelStartAddPreLen,
dsliteTunnelEndAddress, dsliteTunnelID,
dsliteTunnelIfIndex, dsliteTunnelStatus,
dsliteTunnelStorageType }
STATUS current
DESCRIPTION
" The collection of this objects are used to give the
information of tunnel in ds-lite."
::= { dsliteGroups 3 }
dsliteNATBindGroup OBJECT-GROUP
OBJECTS { dsliteNATBindLocalAddr, dsliteNATBindLocalPort,
dsliteNATBindGlobalAddr, dsliteNATBindGlobalPort,
dsliteNATBindId, dsliteB4Addr, dsliteB4PreLen,
dsliteNATBindMapIndex, dsliteNATBindSessions,
dsliteNATBindMaxIdleTime,
dsliteNATBindCurrentIdleTime,
dsliteNATBindInTranslates,
dsliteNATBindOutTranslates }
STATUS current
DESCRIPTION
" The collection of this objects are used to give the
information about NAT Bind."
::= { dsliteGroups 4 }
dsliteSessionLimitGroup OBJECT-GROUP
OBJECTS { dsliteSessionLimitInstanceName,
dsliteSessionLimitType, dsliteSessionLimitNumber,
dsliteSessionLimitStorageType,
dsliteSessionLimitRowStatus }
STATUS current
DESCRIPTION
Fu, et al. Expires January 12, 2011 [Page 25]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
" The collection of this objects are used to give the
information about port limit."
::= { dsliteGroups 5 }
dslitePortLimitGroup OBJECT-GROUP
OBJECTS { dslitePortLimitInstanceName,
dslitePortLimitType, dslitePortLimitNumber,
dslitePortLimitStorageType,
dslitePortLimitRowStatus }
STATUS current
DESCRIPTION
" The collection of this objects are used to give the
information about port limit."
::= { dsliteGroups 6 }
dsliteStatisticGroup OBJECT-GROUP
OBJECTS { dsliteStatisticInstanceName,
dsliteStatisticDiscard,
dsliteStatisticReceived,
dsliteStatisticTransmitted,
dsliteStatisticIpv4Session,
dsliteStatisticIpv6Session,
dsliteStatisticStorageType,
dsliteStatisticRowStatus }
STATUS current
DESCRIPTION
" The collection of this objects are used to give the
statistical information of ds-lite."
::= { dsliteGroups 7 }
dsliteTrapsGroup NOTIFICATION-GROUP
NOTIFICATIONS { dsliteTunnelNumAlarm,
dsliteAFTRUserSessionNumAlarm,
dsliteAFTRPortUsageOfSpecificIpAlarm }
STATUS current
DESCRIPTION
"The collection of this objects are used to give the
trap information of ds-lite."
::= { dsliteGroups 8 }
END
Fu, et al. Expires January 12, 2011 [Page 26]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
8. IANA Considerations
The MIB module in this document uses the following IANA-assigned
OBJECT IDENTIFIER values recorded in the SMI Numbers registry:
Descriptor OBJECT IDENTIFIER value
---------- -----------------------
DSLite-MIB { transmission XXX }
9. Security Considerations
The DS-Lite MIB module can be used for configuration of certain
objects, and anything that can be configured can be incorrectly
configured, with potentially disastrous results. Because this MIB
module reuse the IP tunnel MIB and nat MIB, the security
considerations for these MIBs are also applicable to the DS-Lite
MIB.
Unauthorized read access to tunnelIfLocalAddress, or any object in
the dsliteBindRelationTable or dslitePortBindRelationTable would
reveal information about the mapping information.
SNMP versions prior to SNMPv3 did not include adequate security.
Even if the network itself is secure (for example by using IPSec),
even then, there is no control as to who on the secure network is
allowed to access and GET/SET (read/change/create/delete) the objects
in this MIB module.
It is RECOMMENDED that implementers consider the security features as
provided by the SNMPv3 framework (see [RFC3410], section 8),
including full support for the SNMPv3 cryptographic mechanisms (for
authentication and privacy).
Further, deployment of SNMP versions prior to SNMPv3 is NOT
RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
enable cryptographic security. It is then a customer/operator
responsibility to ensure that the SNMP entity giving access to an
instance of this MIB module is properly configured to give access to
the objects only to those principals (users) that have legitimate
rights to indeed GET or SET (change/create/delete) them.
10. References
10.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
Fu, et al. Expires January 12, 2011 [Page 27]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
[RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder,
"Structure of Management Information Version 2 (SMIv2)",
RFC 2578, April 1999.
[RFC2579] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Textual
Conventions for SMIv2", RFC 2579, April 1999.
[RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder,
"Conformance Statements for SMIv2", RFC 2580, April 1999.
[RFC2863] McCloghrie, K. and F. Kastenholz. "The Interfaces Group
MIB", RFC 2863, June 2000.
[RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An
Architecture for Describing Simple Network Management
Protocol (SNMP) Management Frameworks", RFC 3411, December
2002.
[RFC4001] Daniele, M., Haberman, B., Routhier, S., and J.
Schoenwaelder, "Textual Conventions for Internet Network
Addresses", RFC 4001, February 2005.
[RFC4008] Rohit, R., Srisuresh, P., Raghunarayan,R., Pai, N., and
Wang, C., "Definitions of Managed Objects for Network
Address Translators (NAT)", RFC 4008, March 2005.
[RFC4087] Thaler, D., "IP Tunnel MIB", RFC 4087, June 2005.
10.2. Informative References
[I-D.ietf-softwire-dual-stack-lite]
Durand, A., Droms, R., Woodyatt, J., and Y. Lee, "Dual-
Stack Lite Broadband Deployments Following IPv4
Exhaustion", draft-ietf-softwire-dual-stack-lite-08 (work
in progress), August 2010.
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart,
"Introduction and Applicability Statements for Internet-
Standard Management Framework", RFC 3410, December 2002.
11. Change Log [RFC Editor please remove]
draft-fu-softwire-dslite-mib-00, original version, 2011-05-04
draft-fu-softwire-dslite-mib-01, 01 version, 2011-07-11
Fu, et al. Expires January 12, 2011 [Page 28]
Internet-Draft draft-fu-softwire-dslite-mib-01.txt July 2011
Author's Addresses
Yu Fu
Huawei Technologies Co., Ltd
Huawei Building, No.3 Xinxi Rd.,
Shang-Di Information Industry Base, Hai-Dian District, Beijing 100085
P.R. China
Email: fy@huawei.com
Sheng Jiang
Huawei Technologies Co., Ltd
Huawei Building, No.3 Xinxi Rd.,
Shang-Di Information Industry Base, Hai-Dian District, Beijing 100085
P.R. China
Email: shengjiang@huawei.com
Yong Cui
Tsinghua University
Department of Computer Science, Tsinghua University
Beijing 100084
P.R. China
Email: yong@csnet1.cs.tsinghua.edu.cn
Jiang Dong
Tsinghua University
Department of Computer Science, Tsinghua University
Beijing 100084
P.R. China
Email: dongjiang@csnet1.cs.tsinghua.edu.cn
Fu, et al. Expires January 12, 2011 [Page 29]