Network Working Group                                          T. Nadeau
Internet-Draft                                                   Brocade
Intended status: Standards Track                                  Z. Ali
Expires: October 30, 2014                                       N. Akiya
                                                           Cisco Systems
                                                          April 28, 2014


                    BFD Management Information Base
                         draft-ietf-bfd-mib-18

Abstract

   This draft defines a portion of the Management Information Base (MIB)
   for use with network management protocols in the Internet community.
   In particular, it describes managed objects for modeling
   Bidirectional Forwarding Detection (BFD) protocol.

Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in BCP
   14, RFC 2119 [RFC2119].

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on October 30, 2014.

Copyright Notice

   Copyright (c) 2014 IETF Trust and the persons identified as the
   document authors.  All rights reserved.





Nadeau, et al.          Expires October 30, 2014                [Page 1]


Internet-Draft                 BFD-STD-MIB                    April 2014


   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  The Internet-Standard Management Framework  . . . . . . . . .   2
   3.  Terminology . . . . . . . . . . . . . . . . . . . . . . . . .   3
   4.  Brief Description of MIB Objects  . . . . . . . . . . . . . .   3
     4.1.  General Variables . . . . . . . . . . . . . . . . . . . .   3
     4.2.  Session Table (bfdSessionTable) . . . . . . . . . . . . .   3
     4.3.  Session Performance Table (bfdSessionPerfTable) . . . . .   3
     4.4.  BFD Session Discriminator Mapping Table
           (bfdSessDiscMapTable) . . . . . . . . . . . . . . . . . .   3
     4.5.  BFD Session IP Mapping Table (bfdSessIpMapTable)  . . . .   4
   5.  BFD MIB Module Definitions  . . . . . . . . . . . . . . . . .   4
   6.  Security Considerations . . . . . . . . . . . . . . . . . . .  34
   7.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  36
   8.  Acknowledgments . . . . . . . . . . . . . . . . . . . . . . .  37
   9.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  37
     9.1.  Normative References  . . . . . . . . . . . . . . . . . .  37
     9.2.  Informative References  . . . . . . . . . . . . . . . . .  38

1.  Introduction

   This memo defines a portion of the Management Information Base (MIB)
   for use with network management protocols in the Internet community.
   In particular, it describes managed objects to configure and/or
   monitor Bidirectional Forwarding Detection for [RFC5880], [RFC5881],
   [RFC5883] and [RFC7130], BFD versions 0 and/or 1, on devices
   supporting this feature.

   This memo does not define a compliance requirement for a system that
   only implements BFD version 0.  This is a reflection of a considered
   and deliberate decision by the BFD WG.

2.  The Internet-Standard Management Framework

   For a detailed overview of the documents that describe the current
   Internet-Standard Management Framework, please refer to section 7 of
   RFC 3410 [RFC3410].



Nadeau, et al.          Expires October 30, 2014                [Page 2]


Internet-Draft                 BFD-STD-MIB                    April 2014


   Managed objects are accessed via a virtual information store, termed
   the Management Information Base or MIB.  MIB objects are generally
   accessed through the Simple Network Management Protocol (SNMP).
   Objects in the MIB are defined using the mechanisms defined in the
   Structure of Management Information (SMI).  This memo specifies a MIB
   module that is compliant to the SMIv2, which is described in STD 58,
   RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580
   [RFC2580].

3.  Terminology

   This document adopts the definitions, acronyms and mechanisms
   described in [RFC5880], [RFC5881], [RFC5883] and [RFC7130].  Unless
   otherwise stated, the mechanisms described therein will not be re-
   described here.

4.  Brief Description of MIB Objects

   This section describes objects pertaining to BFD.  The MIB objects
   are derived from [RFC5880], [RFC5881], [RFC5883] and [RFC7130], and
   also include textual conventions defined in [I-D.ietf-bfd-tc-mib].

4.1.  General Variables

   The General Variables are used to identify parameters that are global
   to the BFD process.

4.2.  Session Table (bfdSessionTable)

   The session table is used to identify a BFD session between a pair of
   nodes.

4.3.  Session Performance Table (bfdSessionPerfTable)

   The session performance table is used for collecting BFD performance
   counters on a per session basis.  This table is an AUGMENT to the
   bfdSessionTable.

4.4.  BFD Session Discriminator Mapping Table (bfdSessDiscMapTable)

   The BFD Session Discriminator Mapping Table provides a mapping
   between a local discriminator value to the associated BFD session
   found in the bfdSessionTable.








Nadeau, et al.          Expires October 30, 2014                [Page 3]


Internet-Draft                 BFD-STD-MIB                    April 2014


4.5.  BFD Session IP Mapping Table (bfdSessIpMapTable)

   The BFD Session IP Mapping Table maps, given bfdSessInterface,
   bfdSessSrcAddrType, bfdSessSrcAddr, bfdSessDstAddrType, and
   bfdSessDstAddr, to an associated BFD session found in the
   bfdSessionTable.  This table SHOULD contain those BFD sessions that
   are of type IP.

5.  BFD MIB Module Definitions

   This MIB module makes references to the following documents.
   [RFC2578], [RFC2579], [RFC2580], [RFC2863], [RFC3289], [RFC3413],
   [RFC5082] and [RFC5880].

    BFD-STD-MIB DEFINITIONS ::= BEGIN

    IMPORTS
        MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
            mib-2, Integer32, Unsigned32, Counter32, Counter64
            FROM SNMPv2-SMI                       -- [RFC2578]

        TruthValue, RowStatus, StorageType, TimeStamp
            FROM SNMPv2-TC                        -- [RFC2579]

        MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
            FROM SNMPv2-CONF                      -- [RFC2580]

        InterfaceIndexOrZero
            FROM IF-MIB                           -- [RFC2863]

        InetAddress, InetAddressType, InetPortNumber
            FROM INET-ADDRESS-MIB

        IndexIntegerNextFree
            FROM DIFFSERV-MIB                     -- [RFC3289]


        BfdSessIndexTC, BfdIntervalTC, BfdMultiplierTC,
        BfdCtrlDestPortNumberTC, BfdCtrlSourcePortNumberTC
            FROM BFD-TC-STD-MIB

        IANAbfdDiagTC, IANAbfdSessTypeTC, IANAbfdSessOperModeTC,
        IANAbfdSessStateTC, IANAbfdSessAuthenticationTypeTC,
        IANAbfdSessAuthenticationKeyTC
            FROM IANA-BFD-TC-STD-MIB;

    bfdMIB MODULE-IDENTITY
        LAST-UPDATED "201404131200Z" -- 13 April 2014 12:00:00 EST



Nadeau, et al.          Expires October 30, 2014                [Page 4]


Internet-Draft                 BFD-STD-MIB                    April 2014


        ORGANIZATION "IETF Bidirectional Forwarding Detection
                      Working Group"
        CONTACT-INFO
            "Thomas D. Nadeau
             Brocade
             Email:  tnadeau@lucidvision.com

             Zafar Ali
             Cisco Systems, Inc.
             Email:  zali@cisco.com

             Nobo Akiya
             Cisco Systems, Inc.
             Email:  nobo@cisco.com

             Comments about this document should be emailed directly
             to the BFD working group mailing list at
             rtg-bfd@ietf.org"
        DESCRIPTION
            "Bidirectional Forwarding Management Information Base."
        REVISION "201404131200Z" -- 13 April 2014 12:00:00 EST
        DESCRIPTION
            "Initial version. Published as RFC xxxx."
   -- RFC Ed.: RFC-editor pls fill in xxxx
        ::= { mib-2 XXX }
   -- RFC Ed.: assigned by IANA, see section 7.1 for details

   -- Top level components of this MIB module.

    bfdNotifications OBJECT IDENTIFIER ::= { bfdMIB 0 }

    bfdObjects       OBJECT IDENTIFIER ::= { bfdMIB 1 }

    bfdConformance   OBJECT IDENTIFIER ::= { bfdMIB 2 }

    bfdScalarObjects OBJECT IDENTIFIER ::= { bfdObjects 1 }

   -- BFD General Variables

   -- These parameters apply globally to the Systems'
   -- BFD Process.

    bfdAdminStatus OBJECT-TYPE
        SYNTAX     INTEGER {
            enabled(1),
            disabled(2)
        }
        MAX-ACCESS read-write



Nadeau, et al.          Expires October 30, 2014                [Page 5]


Internet-Draft                 BFD-STD-MIB                    April 2014


        STATUS     current
        DESCRIPTION
            "The desired global administrative status of the BFD
             system in this device."
        ::= { bfdScalarObjects 1 }

    bfdOperStatus OBJECT-TYPE
        SYNTAX     INTEGER {
            up(1),
            down(2),
            adminDown(3)
        }
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "Indicates the actual operational status of the
             BFD system in this device. When this value is
             down(2), all entries in the bfdSessTable MUST have
             their bfdSessOperStatus as down(2) as well. When
             this value is adminDown(3), all entries in the
             bfdSessTable MUST have their bfdSessOperStatus
             as adminDown(3) as well."
        ::= { bfdScalarObjects 2 }

    bfdNotificationsEnable OBJECT-TYPE
        SYNTAX     TruthValue
        MAX-ACCESS read-write
        STATUS     current
        DESCRIPTION
            "If this object is set to true(1), then it enables
             the emission of bfdSessUp and bfdSessDown
             notifications; otherwise these notifications are not
             emitted."
        REFERENCE
            "See also RFC3413 for explanation that
             notifications are under the ultimate control of the
             MIB modules in this document."
        DEFVAL { false }
        ::= { bfdScalarObjects 3 }

    bfdSessIndexNext OBJECT-TYPE
        SYNTAX        IndexIntegerNextFree (0..4294967295)
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION
            "This object contains an unused value for
             bfdSessIndex that can be used when creating
             entries in the table. A zero indicates that



Nadeau, et al.          Expires October 30, 2014                [Page 6]


Internet-Draft                 BFD-STD-MIB                    April 2014


             no entries are available, but MUST NOT be used
             as a valid index. "
        ::= { bfdScalarObjects 4 }

   -- BFD Session Table
   -- The BFD Session Table specifies BFD session specific
   -- information.

    bfdSessTable OBJECT-TYPE
        SYNTAX     SEQUENCE OF BfdSessEntry
        MAX-ACCESS not-accessible
        STATUS     current
        DESCRIPTION
            "The BFD Session Table describes the BFD sessions."
        REFERENCE
            "Katz, D. and D. Ward, Bidirectional Forwarding
              Detection (BFD), RFC 5880, June 2012."
        ::= { bfdObjects 2 }

    bfdSessEntry OBJECT-TYPE
        SYNTAX     BfdSessEntry
        MAX-ACCESS not-accessible
        STATUS     current
        DESCRIPTION
            "The BFD Session Entry describes BFD session."
        INDEX { bfdSessIndex }
        ::= { bfdSessTable 1 }

    BfdSessEntry ::= SEQUENCE {
        bfdSessIndex                    BfdSessIndexTC,
        bfdSessVersionNumber            Unsigned32,
        bfdSessType                     IANAbfdSessTypeTC,
        bfdSessDiscriminator            Unsigned32,
        bfdSessRemoteDiscr              Unsigned32,
        bfdSessDestinationUdpPort       BfdCtrlDestPortNumberTC,
        bfdSessSourceUdpPort            BfdCtrlSourcePortNumberTC,
        bfdSessEchoSourceUdpPort        InetPortNumber,
        bfdSessAdminStatus              INTEGER,
        bfdSessOperStatus               INTEGER,
        bfdSessState                    IANAbfdSessStateTC,
        bfdSessRemoteHeardFlag          TruthValue,
        bfdSessDiag                     IANAbfdDiagTC,
        bfdSessOperMode                 IANAbfdSessOperModeTC,
        bfdSessDemandModeDesiredFlag    TruthValue,
        bfdSessControlPlaneIndepFlag    TruthValue,
        bfdSessMultipointFlag           TruthValue,
        bfdSessInterface                InterfaceIndexOrZero,
        bfdSessSrcAddrType              InetAddressType,



Nadeau, et al.          Expires October 30, 2014                [Page 7]


Internet-Draft                 BFD-STD-MIB                    April 2014


        bfdSessSrcAddr                  InetAddress,
        bfdSessDstAddrType              InetAddressType,
        bfdSessDstAddr                  InetAddress,
        bfdSessGTSM                     TruthValue,
        bfdSessGTSMTTL                  Unsigned32,
        bfdSessDesiredMinTxInterval     BfdIntervalTC,
        bfdSessReqMinRxInterval         BfdIntervalTC,
        bfdSessReqMinEchoRxInterval     BfdIntervalTC,
        bfdSessDetectMult               BfdMultiplierTC,
        bfdSessNegotiatedInterval       BfdIntervalTC,
        bfdSessNegotiatedEchoInterval   BfdIntervalTC,
        bfdSessNegotiatedDetectMult     BfdMultiplierTC,
        bfdSessAuthPresFlag             TruthValue,
        bfdSessAuthenticationType       IANAbfdSessAuthenticationTypeTC,
        bfdSessAuthenticationKeyID      Integer32,
        bfdSessAuthenticationKey        IANAbfdSessAuthenticationKeyTC,
        bfdSessStorageType              StorageType,
        bfdSessRowStatus                RowStatus
    }

    bfdSessIndex OBJECT-TYPE
        SYNTAX     BfdSessIndexTC
        MAX-ACCESS not-accessible
        STATUS     current
        DESCRIPTION
            "This object contains an index used to represent a
             unique BFD session on this device.  Managers
             should obtain new values for row creation in this
             table by reading bfdSessIndexNext."
        ::= { bfdSessEntry 1 }

    bfdSessVersionNumber OBJECT-TYPE
        SYNTAX     Unsigned32 (0..7)
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "The version number of the BFD protocol that this session
             is running in. Write access is available for this object
             to provide ability to set desired version for this
             BFD session."
        REFERENCE
            "Katz, D. and D. Ward, Bidirectional Forwarding
              Detection (BFD), RFC 5880, June 2012."
        DEFVAL { 1 }
        ::= { bfdSessEntry 2 }

    bfdSessType OBJECT-TYPE
        SYNTAX     IANAbfdSessTypeTC



Nadeau, et al.          Expires October 30, 2014                [Page 8]


Internet-Draft                 BFD-STD-MIB                    April 2014


        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This object specifies the type of this BFD session."
        ::= { bfdSessEntry 3 }

    bfdSessDiscriminator OBJECT-TYPE
        SYNTAX     Unsigned32 (1..4294967295)
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This object specifies the local discriminator for this BFD
             session, used to uniquely identify it."
        ::= { bfdSessEntry 4 }

    bfdSessRemoteDiscr OBJECT-TYPE
        SYNTAX     Unsigned32 (0 | 1..4294967295)
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "This object specifies the session discriminator chosen
             by the remote system for this BFD session.  The value may
             be zero(0) if the remote discriminator is not yet known
             or if the session is in the down or adminDown(1) state."
        REFERENCE
            "Section 6.8.6, from Katz, D. and D. Ward, Bidirectional
             Forwarding Detection (BFD), RFC 5880, June 2012."
        ::= { bfdSessEntry 5 }

    bfdSessDestinationUdpPort OBJECT-TYPE
        SYNTAX     BfdCtrlDestPortNumberTC
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This object specifies the destination UDP port number
             used for this BFD session's control packets. The value
             may be zero(0) if the session is in adminDown(1) state."
        DEFVAL { 0 }
        ::= { bfdSessEntry 6 }

    bfdSessSourceUdpPort OBJECT-TYPE
        SYNTAX     BfdCtrlSourcePortNumberTC
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This object specifies the source UDP port number used
             for this BFD session's control packets. The value may be
             zero(0) if the session is in adminDown(1) state. Upon



Nadeau, et al.          Expires October 30, 2014                [Page 9]


Internet-Draft                 BFD-STD-MIB                    April 2014


             creation of a new BFD session via this MIB, the value of
             zero(0) specified would permit the implementation to
             choose its own source port number."
        DEFVAL { 0 }
        ::= { bfdSessEntry 7 }

    bfdSessEchoSourceUdpPort OBJECT-TYPE
        SYNTAX     InetPortNumber
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This object specifies the source UDP port number used for
             this BFD session's echo packets. The value may be zero(0)
             if the session is not running in the echo mode, or the
             session is in adminDown(1) state. Upon creation of a new
             BFD session via this MIB, the value of zero(0) would
             permit the implementation to choose its own source port
             number."
        DEFVAL { 0 }
        ::= { bfdSessEntry 8 }

    bfdSessAdminStatus OBJECT-TYPE
        SYNTAX     INTEGER {
                            enabled(1),
                            disabled(2)
                   }
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "Denotes the desired operational status of the BFD Session.

             A transition from disabled(2) to enabled(1) will start
             the BFD state machine for the session. The state
             machine will have an initial state of down(2).
             A transition from enabled(1) to disabled(2) will cause
             the BFD session to be brought down to adminDown(1).

             Care should be used in providing write access to this
             object without adequate authentication."
        ::= { bfdSessEntry 9 }

    bfdSessOperStatus OBJECT-TYPE
        SYNTAX     INTEGER {
                            up(1),
                            down(2),
                            adminDown(3)
                   }
        MAX-ACCESS read-only



Nadeau, et al.          Expires October 30, 2014               [Page 10]


Internet-Draft                 BFD-STD-MIB                    April 2014


        STATUS     current
        DESCRIPTION
            "Denotes the actual operational status of the BFD Session.
             If the value of bfdOperStatus is down(2), this value MUST
             eventually be down(2) as well. If the value of
             bfdOperStatus is adminDown(3), this value MUST eventually
             be adminDown(3) as well."
        ::= { bfdSessEntry 10 }

    bfdSessState OBJECT-TYPE
        SYNTAX     IANAbfdSessStateTC
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "Configured BFD session state."
        ::= { bfdSessEntry 11 }

    bfdSessRemoteHeardFlag OBJECT-TYPE
        SYNTAX     TruthValue
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "This object specifies status of BFD packet reception from
             the remote system. Specifically, it is set to true(1) if
             the local system is actively receiving BFD packets from the
             remote system, and is set to false(2) if the local system
             has not received BFD packets recently (within the detection
             time) or if the local system is attempting to tear down
             the BFD session."
        REFERENCE
            "Katz, D. and D. Ward, Bidirectional
             Forwarding Detection (BFD), RFC 5880, June 2012."
        ::= { bfdSessEntry 12 }

    bfdSessDiag OBJECT-TYPE
        SYNTAX     IANAbfdDiagTC
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "A diagnostic code specifying the local system's reason
             for the last transition of the session from up(4)
             to some other state."
        ::= { bfdSessEntry 13 }

    bfdSessOperMode OBJECT-TYPE
        SYNTAX     IANAbfdSessOperModeTC
        MAX-ACCESS read-create
        STATUS     current



Nadeau, et al.          Expires October 30, 2014               [Page 11]


Internet-Draft                 BFD-STD-MIB                    April 2014


        DESCRIPTION
            "This object specifies the operational mode of this
             BFD session."
        ::= { bfdSessEntry 14 }

    bfdSessDemandModeDesiredFlag OBJECT-TYPE
        SYNTAX     TruthValue
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This object indicates that the local system's
             desire to use Demand mode. Specifically, it is set
             to true(1) if the local system wishes to use
             Demand mode or false(2) if not"
        DEFVAL { false }
        ::= { bfdSessEntry 15 }

    bfdSessControlPlaneIndepFlag OBJECT-TYPE
        SYNTAX     TruthValue
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This object indicates that the local system's
             ability to continue to function through a disruption of
             the control plane. Specifically, it is set
             to true(1) if the local system BFD implementation is
             independent of the control plane. Otherwise, the
             value is set to false(2)"
        DEFVAL { false }
        ::= { bfdSessEntry 16 }

    bfdSessMultipointFlag OBJECT-TYPE
        SYNTAX     TruthValue
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This object indicates the Multipoint (M) bit for this
             session. It is set to true(1) if Multipoint (M) bit is
             set to 1. Otherwise, the value is set to false(2)"
        DEFVAL { false }
        ::= { bfdSessEntry 17 }

    bfdSessInterface OBJECT-TYPE
        SYNTAX     InterfaceIndexOrZero
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This object contains an interface index used to indicate



Nadeau, et al.          Expires October 30, 2014               [Page 12]


Internet-Draft                 BFD-STD-MIB                    April 2014


             the interface which this BFD session is running on. This
             value can be zero if there is no interface associated
             with this BFD session."
        ::= { bfdSessEntry 18 }

    bfdSessSrcAddrType OBJECT-TYPE
        SYNTAX     InetAddressType
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This object specifies IP address type of the source IP
             address of this BFD session. Only values unknown(0),
             ipv4(1), ipv6(2), or ipv6z(4) have to be supported.
             The value of unknown(0) is allowed only when the session
             is singleHop(1) and the source IP address of this BFD
             session is derived from the outgoing interface, or when
             the BFD session is not associated with a specific
             interface. If any other unsupported values are attempted
             in a set operation, the agent MUST return an
             inconsistentValue error."
      ::= { bfdSessEntry 19 }

    bfdSessSrcAddr OBJECT-TYPE
        SYNTAX     InetAddress
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This object specifies the source IP address of this BFD
             session."
        ::= { bfdSessEntry 20 }

    bfdSessDstAddrType OBJECT-TYPE
        SYNTAX     InetAddressType
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This object specifies IP address type of the neighboring IP
             address which is being monitored with this BFD session.
             Only values unknown(0), ipv4(1), ipv6(2), or ipv6z(4)
             have to be supported. The value of unknown(0) is allowed
             only when the session is singleHop(1) and the outgoing
             interface is of type point-to-point, or when the BFD
             session is not associated with a specific interface. If any
             other unsupported values are attempted in a set operation,
             the agent MUST return an inconsistentValue error."
      ::= { bfdSessEntry 21 }

    bfdSessDstAddr OBJECT-TYPE



Nadeau, et al.          Expires October 30, 2014               [Page 13]


Internet-Draft                 BFD-STD-MIB                    April 2014


        SYNTAX     InetAddress
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This object specifies the neighboring IP address which is
             being monitored with this BFD session."
        ::= { bfdSessEntry 22 }

    bfdSessGTSM OBJECT-TYPE
        SYNTAX  TruthValue
        MAX-ACCESS read-create
        STATUS current
        DESCRIPTION
            "Setting the value of this object to false(2) will disable
             GTSM protection of the BFD session.  GTSM MUST be enabled
             on a singleHop(1) session if no authentication is in use."
        REFERENCE
           "RFC5082, The Generalized TTL Security Mechanism (GTSM).
            RFC5881, Section 5"
        DEFVAL { true }
        ::= { bfdSessEntry 23 }

    bfdSessGTSMTTL OBJECT-TYPE
        SYNTAX Unsigned32 (0..255)
        MAX-ACCESS read-create
        STATUS current
        DESCRIPTION
            "This object is valid only when bfdSessGTSM protection is
             enabled on the system. This object indicates the minimum
             allowed TTL for received BFD control packets. For a
             singleHop(1) session, if GTSM protection is enabled,
             this object SHOULD be set to maximum TTL value allowed
             for single hop.

             By default, GTSM is enabled and TTL value is 255. For a
             multihop session, updating of maximum TTL value allowed
             is likely required."
        REFERENCE
           "RFC5082, The Generalized TTL Security Mechanism (GTSM).
            RFC5881, Section 5"
        DEFVAL { 255 }
        ::= { bfdSessEntry 24 }

    bfdSessDesiredMinTxInterval OBJECT-TYPE
        SYNTAX     BfdIntervalTC
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION



Nadeau, et al.          Expires October 30, 2014               [Page 14]


Internet-Draft                 BFD-STD-MIB                    April 2014


            "This object specifies the minimum interval, in
             microseconds, that the local system would like to use
             when transmitting BFD Control packets. The value of
             zero(0) is reserved in this case, and should not be
             used."
        REFERENCE
            "Section 4.1 from Katz, D. and D. Ward, Bidirectional
             Forwarding Detection (BFD), RFC 5880, June 2012."
        ::= { bfdSessEntry 25 }

    bfdSessReqMinRxInterval OBJECT-TYPE
        SYNTAX     BfdIntervalTC
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This object specifies the minimum interval, in
             microseconds, between received  BFD Control packets the
             local system is capable of supporting. The value of
             zero(0) can be specified when the transmitting system
             does not want the remote system to send any periodic BFD
             control packets."
        REFERENCE
            "Section 4.1 from Katz, D. and D. Ward, Bidirectional
             Forwarding Detection (BFD), RFC 5880, June 2012."
        ::= { bfdSessEntry 26 }

    bfdSessReqMinEchoRxInterval OBJECT-TYPE
        SYNTAX     BfdIntervalTC
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This object specifies the minimum interval, in
             microseconds, between received BFD Echo packets that this
             system is capable of supporting. Value must be zero(0) if
             this is a multihop BFD session."
        ::= { bfdSessEntry 27 }

    bfdSessDetectMult OBJECT-TYPE
        SYNTAX     BfdMultiplierTC
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This object specifies the Detect time multiplier."
        ::= { bfdSessEntry 28 }

    bfdSessNegotiatedInterval OBJECT-TYPE
        SYNTAX     BfdIntervalTC
        MAX-ACCESS read-only



Nadeau, et al.          Expires October 30, 2014               [Page 15]


Internet-Draft                 BFD-STD-MIB                    April 2014


        STATUS     current
        DESCRIPTION
            "This object specifies the negotiated interval, in
             microseconds, that the local system is transmitting
             BFD Control packets."
        ::= { bfdSessEntry 29 }

    bfdSessNegotiatedEchoInterval OBJECT-TYPE
        SYNTAX     BfdIntervalTC
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "This object specifies the negotiated interval, in
             microseconds, that the local system is transmitting
             BFD echo packets. Value is expected to be zero if
             the sessions is not running in echo mode."
        ::= { bfdSessEntry 30 }

    bfdSessNegotiatedDetectMult OBJECT-TYPE
        SYNTAX     BfdMultiplierTC
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "This object specifies the Detect time multiplier."
        ::= { bfdSessEntry 31 }

    bfdSessAuthPresFlag OBJECT-TYPE
        SYNTAX     TruthValue
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This object indicates that the local system's
             desire to use Authentication. Specifically, it is set
             to true(1) if the local system wishes the session
             to be authenticated or false(2) if not."
        REFERENCE
            "Sections 4.2 - 4.4 from Katz, D. and D. Ward,
             Bidirectional Forwarding Detection (BFD), RFC 5880,
             June 2012."
        DEFVAL { false }
        ::= { bfdSessEntry 32 }

    bfdSessAuthenticationType OBJECT-TYPE
        SYNTAX     IANAbfdSessAuthenticationTypeTC
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "The Authentication Type used for this BFD session.



Nadeau, et al.          Expires October 30, 2014               [Page 16]


Internet-Draft                 BFD-STD-MIB                    April 2014


             This field is valid only when the Authentication
             Present bit is set. Max-access to this object as well as
             other authentication related objects are set to
             read-create in order to support management of a single
             key ID at a time, key rotation is not handled. Key update
             in practice must be done by atomic update using a set
             containing all affected objects in the same varBindList
             or otherwise risk the session dropping."
        REFERENCE
            "Sections 4.2 - 4.4 from Katz, D. and D. Ward,
             Bidirectional Forwarding Detection (BFD), RFC 5880,
             June 2012."
        DEFVAL { noAuthentication }
        ::= { bfdSessEntry 33 }

    bfdSessAuthenticationKeyID OBJECT-TYPE
        SYNTAX     Integer32 (-1 | 0..255)
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "The authentication key ID in use for this session.  This
             object permits multiple keys to be active simultaneously.
             The value -1 indicates that no Authentication Key ID will
             be present in the optional BFD Authentication Section."
        REFERENCE
            "Sections 4.2 - 4.4 from Katz, D. and D. Ward,
             Bidirectional Forwarding Detection (BFD), RFC 5880,
             June 2012."
        DEFVAL { -1 }
        ::= { bfdSessEntry 34 }

    bfdSessAuthenticationKey OBJECT-TYPE
        SYNTAX     IANAbfdSessAuthenticationKeyTC
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "The authentication key.  When the
             bfdSessAuthenticationType is simplePassword(1), the value
             of this object is the password present in the BFD packets.

             When the bfdSessAuthenticationType is one of the keyed
             authentication types, this value is used in the
             computation of the key present in the BFD authentication
             packet."
        REFERENCE
            "Sections 4.2 - 4.4 from Katz, D. and D. Ward,
             Bidirectional Forwarding Detection (BFD), RFC 5880,
             June 2012."



Nadeau, et al.          Expires October 30, 2014               [Page 17]


Internet-Draft                 BFD-STD-MIB                    April 2014


        ::= { bfdSessEntry 35 }

    bfdSessStorageType OBJECT-TYPE
        SYNTAX     StorageType
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This variable indicates the storage type for this
             object. Conceptual rows having the value
             'permanent' need not allow write-access to any
             columnar objects in the row."
        ::= { bfdSessEntry 36 }

    bfdSessRowStatus OBJECT-TYPE
        SYNTAX     RowStatus
        MAX-ACCESS read-create
        STATUS     current
        DESCRIPTION
            "This variable is used to create, modify, and/or
             delete a row in this table. When a row in this
             table has a row in the active(1) state, no
             objects in this row can be modified except the
             bfdSessRowStatus and bfdSessStorageType."
        ::= { bfdSessEntry 37 }

   -- BFD Session Performance Table

    bfdSessPerfTable OBJECT-TYPE
        SYNTAX     SEQUENCE OF BfdSessPerfEntry
        MAX-ACCESS not-accessible
        STATUS     current
        DESCRIPTION
            "This table specifies BFD Session performance counters."
        ::= { bfdObjects 3 }

    bfdSessPerfEntry OBJECT-TYPE
        SYNTAX     BfdSessPerfEntry
        MAX-ACCESS not-accessible
        STATUS     current
        DESCRIPTION
            "An entry in this table is created by a BFD-enabled node
             for every BFD Session. bfdSessPerfDiscTime is used to
             indicate potential discontinuity for all counter objects
             in this table."
        AUGMENTS    { bfdSessEntry }
        ::= { bfdSessPerfTable 1 }

    BfdSessPerfEntry ::= SEQUENCE {



Nadeau, et al.          Expires October 30, 2014               [Page 18]


Internet-Draft                 BFD-STD-MIB                    April 2014


       bfdSessPerfCtrlPktIn           Counter32,
       bfdSessPerfCtrlPktOut          Counter32,
       bfdSessPerfCtrlPktDrop         Counter32,
       bfdSessPerfCtrlPktDropLastTime TimeStamp,
       bfdSessPerfEchoPktIn           Counter32,
       bfdSessPerfEchoPktOut          Counter32,
       bfdSessPerfEchoPktDrop         Counter32,
       bfdSessPerfEchoPktDropLastTime TimeStamp,
       bfdSessUpTime                  TimeStamp,
       bfdSessPerfLastSessDownTime    TimeStamp,
       bfdSessPerfLastCommLostDiag    IANAbfdDiagTC,
       bfdSessPerfSessUpCount         Counter32,
       bfdSessPerfDiscTime            TimeStamp,

       -- High Capacity Counters
       bfdSessPerfCtrlPktInHC         Counter64,
       bfdSessPerfCtrlPktOutHC        Counter64,
       bfdSessPerfCtrlPktDropHC       Counter64,
       bfdSessPerfEchoPktInHC         Counter64,
       bfdSessPerfEchoPktOutHC        Counter64,
       bfdSessPerfEchoPktDropHC       Counter64
    }

    bfdSessPerfCtrlPktIn OBJECT-TYPE
        SYNTAX     Counter32
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "The total number of BFD control messages received for this
             BFD session.

             It MUST be equal to the least significant 32 bits of
             bfdSessPerfCtrlPktInHC if supported, and MUST do so
             with the rules spelled out in RFC 2863."
        ::= { bfdSessPerfEntry 1 }

    bfdSessPerfCtrlPktOut OBJECT-TYPE
        SYNTAX     Counter32
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "The total number of BFD control messages sent for this BFD
             session.

             It MUST be equal to the least significant 32 bits of
             bfdSessPerfCtrlPktOutHC if supported, and MUST do so
             with the rules spelled out in RFC 2863."
        ::= { bfdSessPerfEntry 2 }



Nadeau, et al.          Expires October 30, 2014               [Page 19]


Internet-Draft                 BFD-STD-MIB                    April 2014


    bfdSessPerfCtrlPktDrop OBJECT-TYPE
        SYNTAX     Counter32
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "The total number of BFD control messages received for this
             session yet dropped for being invalid.

             It MUST be equal to the least significant 32 bits of
             bfdSessPerfCtrlPktDropHC if supported, and MUST do so
             with the rules spelled out in RFC 2863."
        ::= { bfdSessPerfEntry 3 }

    bfdSessPerfCtrlPktDropLastTime OBJECT-TYPE
        SYNTAX     TimeStamp
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "The value of sysUpTime on the most recent occasion at
             which received BFD control message for this session was
             dropped. If no such up event exists, this object contains
             a zero value."
        ::= { bfdSessPerfEntry 4 }

    bfdSessPerfEchoPktIn OBJECT-TYPE
        SYNTAX     Counter32
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "The total number of BFD echo messages received for this
             BFD session.

             It MUST be equal to the least significant 32 bits of
             bfdSessPerfEchoPktInHC if supported, and MUST do so
             with the rules spelled out in RFC 2863."
        ::= { bfdSessPerfEntry 5 }

    bfdSessPerfEchoPktOut OBJECT-TYPE
        SYNTAX     Counter32
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "The total number of BFD echo messages sent for this BFD
             session.

             It MUST be equal to the least significant 32 bits of
             bfdSessPerfEchoPktOutHC if supported, and MUST do so
             with the rules spelled out in RFC 2863."



Nadeau, et al.          Expires October 30, 2014               [Page 20]


Internet-Draft                 BFD-STD-MIB                    April 2014


        ::= { bfdSessPerfEntry 6 }

    bfdSessPerfEchoPktDrop OBJECT-TYPE
        SYNTAX     Counter32
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "The total number of BFD echo messages received for this
             session yet dropped for being invalid.

             It MUST be equal to the least significant 32 bits of
             bfdSessPerfEchoPktDropHC if supported, and MUST do so
             with the rules spelled out in RFC 2863."
        ::= { bfdSessPerfEntry 7 }

    bfdSessPerfEchoPktDropLastTime OBJECT-TYPE
        SYNTAX     TimeStamp
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "The value of sysUpTime on the most recent occasion at
             which received BFD echo message for this session was
             dropped. If no such up event has been issued, this
             object contains a zero value."
        ::= { bfdSessPerfEntry 8 }

    bfdSessUpTime OBJECT-TYPE
        SYNTAX     TimeStamp
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "The value of sysUpTime on the most recent occasion at which
             the session came up. If no such event has been issued,
             this object contains a zero value."
        ::= { bfdSessPerfEntry 9 }

    bfdSessPerfLastSessDownTime OBJECT-TYPE
        SYNTAX     TimeStamp
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "The value of sysUpTime on the most recent occasion at
             which the last time communication was lost with the
             neighbor. If no down event has been issued this object
             contains a zero value."
        ::= { bfdSessPerfEntry 10 }

    bfdSessPerfLastCommLostDiag OBJECT-TYPE



Nadeau, et al.          Expires October 30, 2014               [Page 21]


Internet-Draft                 BFD-STD-MIB                    April 2014


        SYNTAX     IANAbfdDiagTC
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "The BFD diag code for the last time communication was lost
             with the neighbor. If such an event has not been issued
             this object contains a zero value."
        ::= { bfdSessPerfEntry 11 }

    bfdSessPerfSessUpCount OBJECT-TYPE
        SYNTAX     Counter32
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "The number of times this session has gone into the Up
             state since the system last rebooted."
        ::= { bfdSessPerfEntry 12 }

    bfdSessPerfDiscTime OBJECT-TYPE
        SYNTAX     TimeStamp
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "The value of sysUpTime on the most recent occasion at
             which any one or more of the session counters suffered
             a discontinuity.

             The relevant counters are the specific instances associated
             with this BFD session of any Counter32 object contained in
             the BfdSessPerfTable. If no such discontinuities have
             occurred since the last re-initialization of the local
             management subsystem, then this object contains a zero
             value."
        ::= { bfdSessPerfEntry 13 }

    bfdSessPerfCtrlPktInHC OBJECT-TYPE
        SYNTAX     Counter64
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "This value represents the total number of BFD control
             messages received for this BFD session.

             The least significant 32 bits MUST equal to
             bfdSessPerfCtrlPktIn, and MUST do so with
             the rules spelled out in RFC 2863."
        ::= { bfdSessPerfEntry 14 }




Nadeau, et al.          Expires October 30, 2014               [Page 22]


Internet-Draft                 BFD-STD-MIB                    April 2014


    bfdSessPerfCtrlPktOutHC OBJECT-TYPE
        SYNTAX     Counter64
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "This value represents the total number of BFD control
             messages transmitted for this BFD session.

             The least significant 32 bits MUST equal to
             bfdSessPerfCtrlPktOut, and MUST do so with
             the rules spelled out in RFC 2863."
        ::= { bfdSessPerfEntry 15 }

    bfdSessPerfCtrlPktDropHC OBJECT-TYPE
        SYNTAX     Counter64
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "This value represents the total number of BFD control
             messages received for this BFD session yet dropped for
             being invalid.

             The least significant 32 bits MUST equal to
             bfdSessPerfCtrlPktDrop, and MUST do so with
             the rules spelled out in RFC 2863."
        ::= { bfdSessPerfEntry 16 }

    bfdSessPerfEchoPktInHC OBJECT-TYPE
        SYNTAX     Counter64
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "This value represents the total number of BFD echo
             messages received for this BFD session.

             The least significant 32 bits MUST equal to
             bfdSessPerfEchoPktIn, and MUST do so with
             the rules spelled out in RFC 2863."
        ::= { bfdSessPerfEntry 17 }

    bfdSessPerfEchoPktOutHC OBJECT-TYPE
        SYNTAX     Counter64
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "This value represents the total number of BFD echo
             messages transmitted for this BFD session.




Nadeau, et al.          Expires October 30, 2014               [Page 23]


Internet-Draft                 BFD-STD-MIB                    April 2014


             The least significant 32 bits MUST equal to
             bfdSessPerfEchoPktOut, and MUST do so with
             the rules spelled out in RFC 2863."
        ::= { bfdSessPerfEntry 18 }

    bfdSessPerfEchoPktDropHC OBJECT-TYPE
        SYNTAX     Counter64
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "This value represents the total number of BFD echo
             messages received for this BFD session yet dropped
             for being invalid.

             The least significant 32 bits MUST equal to
             bfdSessPerfEchoPktDrop, and MUST do so with
             the rules spelled out in RFC 2863."
        ::= { bfdSessPerfEntry 19 }

   -- BFD Session Discriminator Mapping Table

    bfdSessDiscMapTable OBJECT-TYPE
        SYNTAX     SEQUENCE OF BfdSessDiscMapEntry
        MAX-ACCESS not-accessible
        STATUS     current
        DESCRIPTION
            "The BFD Session Discriminator Mapping Table maps a
             local discriminator value to associated BFD session's
             bfdSessIndex found in the bfdSessionTable."
        ::= { bfdObjects 4 }

    bfdSessDiscMapEntry OBJECT-TYPE
        SYNTAX     BfdSessDiscMapEntry
        MAX-ACCESS not-accessible
        STATUS     current
        DESCRIPTION
            "The BFD Session Discriminator Mapping Entry
             specifies a mapping between a local discriminator
             and a BFD session."
        INDEX { bfdSessDiscriminator }
        ::= { bfdSessDiscMapTable 1 }

    BfdSessDiscMapEntry ::= SEQUENCE {
        bfdSessDiscMapIndex            BfdSessIndexTC
    }

    bfdSessDiscMapIndex OBJECT-TYPE
        SYNTAX     BfdSessIndexTC



Nadeau, et al.          Expires October 30, 2014               [Page 24]


Internet-Draft                 BFD-STD-MIB                    April 2014


        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
            "This object specifies a mapping between a
             local discriminator and a BFD Session in
             the BfdSessTable."
        ::= { bfdSessDiscMapEntry 1 }

   -- BFD Session IP Mapping Table

    bfdSessIpMapTable OBJECT-TYPE
        SYNTAX     SEQUENCE OF BfdSessIpMapEntry
        MAX-ACCESS not-accessible
        STATUS     current
        DESCRIPTION
            "The BFD Session IP Mapping Table maps given
             bfdSessInterface, bfdSessSrcAddrType, bfdSessSrcAddr,
             bfdSessDstAddrType and bfdSessDstAddr
             to an associated BFD session found in the
             bfdSessionTable."
        ::= { bfdObjects 5 }

    bfdSessIpMapEntry OBJECT-TYPE
        SYNTAX     BfdSessIpMapEntry
        MAX-ACCESS not-accessible
        STATUS     current
        DESCRIPTION
            "The BFD Session IP Map Entry contains a mapping
             from the IP information for a session, to the session
             in the bfdSessionTable."
        INDEX {
            bfdSessInterface,
            bfdSessSrcAddrType,
            bfdSessSrcAddr,
            bfdSessDstAddrType,
            bfdSessDstAddr
        }
        ::= { bfdSessIpMapTable 1 }

    BfdSessIpMapEntry ::= SEQUENCE {
        bfdSessIpMapIndex            BfdSessIndexTC
    }

    bfdSessIpMapIndex OBJECT-TYPE
        SYNTAX     BfdSessIndexTC
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION



Nadeau, et al.          Expires October 30, 2014               [Page 25]


Internet-Draft                 BFD-STD-MIB                    April 2014


            "This object specifies the BfdSessIndexTC referred
             to by the indexes of this row. In essence, a mapping is
             provided between these indexes and the BfdSessTable."
        ::= { bfdSessIpMapEntry 1 }

   -- Notification Configuration

    bfdSessUp NOTIFICATION-TYPE
        OBJECTS {
            bfdSessDiag, -- low range value
            bfdSessDiag  -- high range value
        }
        STATUS     current
        DESCRIPTION
            "This notification is generated when the
             bfdSessState object for one or more contiguous
             entries in bfdSessTable are about to enter the up(4)
             state from some other state. The included values of
             bfdSessDiag MUST both be set equal to this
             new state (i.e: up(4)).  The two instances of
             bfdSessDiag in this notification indicate the range
             of indexes that are affected.  Note that all the indexes
             of the two ends of the range can be derived from the
             instance identifiers of these two objects.  For the
             cases where a contiguous range of sessions
             have transitioned into the up(4) state at roughly
             the same time, the device SHOULD issue a single
             notification for each range of contiguous indexes in
             an effort to minimize the emission of a large number
             of notifications.  If a notification has to be
             issued for just a single bfdSessEntry, then
             the instance identifier (and values) of the two
             bfdSessDiag objects MUST be the identical."
        ::= { bfdNotifications 1 }

    bfdSessDown NOTIFICATION-TYPE
        OBJECTS {
            bfdSessDiag, -- low range value
            bfdSessDiag  -- high range value
        }
        STATUS     current
        DESCRIPTION
            "This notification is generated when the
             bfdSessState object for one or more contiguous
             entries in bfdSessTable are about to enter the down(2)
             or adminDown(1) states from some other state. The included
             values of bfdSessDiag MUST both be set equal to this new
             state (i.e: down(2) or adminDown(1)).  The two instances



Nadeau, et al.          Expires October 30, 2014               [Page 26]


Internet-Draft                 BFD-STD-MIB                    April 2014


             of bfdSessDiag in this notification indicate the range
             of indexes that are affected.  Note that all the indexes
             of the two ends of the range can be derived from the
             instance identifiers of these two objects.  For
             cases where a contiguous range of sessions
             have transitioned into the down(2) or adminDown(1) states
             at roughly the same time, the device SHOULD issue a single
             notification for each range of contiguous indexes in
             an effort to minimize the emission of a large number
             of notifications.  If a notification has to be
             issued for just a single bfdSessEntry, then
             the instance identifier (and values) of the two
             bfdSessDiag objects MUST be the identical."
        ::= { bfdNotifications 2 }

   -- Module compliance.

    bfdGroups
        OBJECT IDENTIFIER ::= { bfdConformance 1 }

    bfdCompliances
        OBJECT IDENTIFIER ::= { bfdConformance 2 }

   -- Compliance requirement for fully compliant implementations.

    bfdModuleFullCompliance MODULE-COMPLIANCE
        STATUS current
        DESCRIPTION
            "Compliance statement for agents that provide full
             support for the BFD-MIB module. Such devices can
             then be monitored and also be configured using
             this MIB module."

        MODULE -- This module.

        MANDATORY-GROUPS {
            bfdSessionGroup,
            bfdSessionReadOnlyGroup,
            bfdSessionPerfGroup,
            bfdNotificationGroup
        }

        GROUP        bfdSessionPerfHCGroup
        DESCRIPTION  "This group is mandatory for all systems that
                      are able to support the Counter64 date type."

        OBJECT       bfdSessSrcAddrType
        SYNTAX       InetAddressType { unknown(0), ipv4(1),



Nadeau, et al.          Expires October 30, 2014               [Page 27]


Internet-Draft                 BFD-STD-MIB                    April 2014


                                       ipv6(2), ipv6z(4) }
        DESCRIPTION  "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4)
                      support are required."

        OBJECT       bfdSessSrcAddr
        SYNTAX       InetAddress (SIZE (0|4|16|20))
        DESCRIPTION  "An implementation is only required to support
                      unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes."

        OBJECT       bfdSessDstAddrType
        SYNTAX       InetAddressType { unknown(0), ipv4(1),
                                       ipv6(2), ipv6z(4) }
        DESCRIPTION  "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4)
                      support are required."

        OBJECT       bfdSessDstAddr
        SYNTAX       InetAddress (SIZE (0|4|16|20))
        DESCRIPTION  "An implementation is only required to support
                      unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes."

        OBJECT       bfdSessRowStatus
        SYNTAX       RowStatus { active(1), notInService(2) }
        WRITE-SYNTAX RowStatus { active(1), notInService(2),
                                 createAndGo(4), destroy(6) }
        DESCRIPTION  "Support for createAndWait and notReady is not
                      required."

        ::= { bfdCompliances 1 }

    bfdModuleReadOnlyCompliance MODULE-COMPLIANCE
        STATUS current
        DESCRIPTION
            "Compliance requirement for implementations that only
             provide read-only support for BFD-MIB. Such devices
             can then be monitored but cannot be configured using
             this MIB module."

        MODULE -- This module.

        MANDATORY-GROUPS {
            bfdSessionGroup,
            bfdSessionReadOnlyGroup,
            bfdSessionPerfGroup,
            bfdNotificationGroup
        }

        GROUP        bfdSessionPerfHCGroup
        DESCRIPTION  "This group is mandatory for all systems that



Nadeau, et al.          Expires October 30, 2014               [Page 28]


Internet-Draft                 BFD-STD-MIB                    April 2014


                      are able to support the Counter64 date type."

        OBJECT       bfdSessVersionNumber
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessType
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessDiscriminator
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessDestinationUdpPort
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessSourceUdpPort
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessEchoSourceUdpPort
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessAdminStatus
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessOperMode
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessDemandModeDesiredFlag
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessControlPlaneIndepFlag
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessMultipointFlag
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessInterface
        MIN-ACCESS   read-only



Nadeau, et al.          Expires October 30, 2014               [Page 29]


Internet-Draft                 BFD-STD-MIB                    April 2014


        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessSrcAddrType
        SYNTAX       InetAddressType { unknown(0), ipv4(1),
                                       ipv6(2), ipv6z(4) }
        MIN-ACCESS   read-only
        DESCRIPTION  "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4)
                      support are required."

        OBJECT       bfdSessSrcAddr
        SYNTAX       InetAddress (SIZE (0|4|16|20))
        MIN-ACCESS   read-only
        DESCRIPTION  "An implementation is only required to support
                      unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes."

        OBJECT       bfdSessDstAddrType
        SYNTAX       InetAddressType { unknown(0), ipv4(1),
                                       ipv6(2), ipv6z(4) }
        MIN-ACCESS   read-only
        DESCRIPTION  "Only unknown(0), ipv4(1), ipv6(2) and ipv6z(4)
                      support are required."

        OBJECT       bfdSessDstAddr
        SYNTAX       InetAddress (SIZE (0|4|16|20))
        MIN-ACCESS   read-only
        DESCRIPTION  "An implementation is only required to support
                      unknown(0), ipv4(1), ipv6(2) and ipv6z(4) sizes."

        OBJECT       bfdSessGTSM
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessGTSMTTL
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessDesiredMinTxInterval
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessReqMinRxInterval
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessReqMinEchoRxInterval
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."




Nadeau, et al.          Expires October 30, 2014               [Page 30]


Internet-Draft                 BFD-STD-MIB                    April 2014


        OBJECT       bfdSessDetectMult
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessAuthPresFlag
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessAuthenticationType
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessAuthenticationKeyID
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessAuthenticationKey
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessStorageType
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        OBJECT       bfdSessRowStatus
        SYNTAX       RowStatus { active(1) }
        MIN-ACCESS   read-only
        DESCRIPTION  "Write access is not required."

        ::= { bfdCompliances 2 }

   -- Units of conformance.

    bfdSessionGroup OBJECT-GROUP
        OBJECTS {
            bfdAdminStatus,
            bfdOperStatus,
            bfdNotificationsEnable,
            bfdSessVersionNumber,
            bfdSessType,
            bfdSessIndexNext,
            bfdSessDiscriminator,
            bfdSessDestinationUdpPort,
            bfdSessSourceUdpPort,
            bfdSessEchoSourceUdpPort,
            bfdSessAdminStatus,
            bfdSessOperStatus,
            bfdSessOperMode,



Nadeau, et al.          Expires October 30, 2014               [Page 31]


Internet-Draft                 BFD-STD-MIB                    April 2014


            bfdSessDemandModeDesiredFlag,
            bfdSessControlPlaneIndepFlag,
            bfdSessMultipointFlag,
            bfdSessInterface,
            bfdSessSrcAddrType,
            bfdSessSrcAddr,
            bfdSessDstAddrType,
            bfdSessDstAddr,
            bfdSessGTSM,
            bfdSessGTSMTTL,
            bfdSessDesiredMinTxInterval,
            bfdSessReqMinRxInterval,
            bfdSessReqMinEchoRxInterval,
            bfdSessDetectMult,
            bfdSessAuthPresFlag,
            bfdSessAuthenticationType,
            bfdSessAuthenticationKeyID,
            bfdSessAuthenticationKey,
            bfdSessStorageType,
            bfdSessRowStatus
        }
        STATUS     current
        DESCRIPTION
            "Collection of objects needed for BFD sessions."
        ::= { bfdGroups 1 }

    bfdSessionReadOnlyGroup OBJECT-GROUP
        OBJECTS {
            bfdSessRemoteDiscr,
            bfdSessState,
            bfdSessRemoteHeardFlag,
            bfdSessDiag,
            bfdSessNegotiatedInterval,
            bfdSessNegotiatedEchoInterval,
            bfdSessNegotiatedDetectMult,
            bfdSessDiscMapIndex,
            bfdSessIpMapIndex
        }
        STATUS     current
        DESCRIPTION
            "Collection of read-only objects needed for BFD sessions."
        ::= { bfdGroups 2 }

    bfdSessionPerfGroup OBJECT-GROUP
        OBJECTS {
            bfdSessPerfCtrlPktIn,
            bfdSessPerfCtrlPktOut,
            bfdSessPerfCtrlPktDrop,



Nadeau, et al.          Expires October 30, 2014               [Page 32]


Internet-Draft                 BFD-STD-MIB                    April 2014


            bfdSessPerfCtrlPktDropLastTime,
            bfdSessPerfEchoPktIn,
            bfdSessPerfEchoPktOut,
            bfdSessPerfEchoPktDrop,
            bfdSessPerfEchoPktDropLastTime,
            bfdSessUpTime,
            bfdSessPerfLastSessDownTime,
            bfdSessPerfLastCommLostDiag,
            bfdSessPerfSessUpCount,
            bfdSessPerfDiscTime
        }
        STATUS     current
        DESCRIPTION
            "Collection of objects needed to monitor the
             performance of BFD sessions."
        ::= { bfdGroups 3 }

    bfdSessionPerfHCGroup OBJECT-GROUP
        OBJECTS {
            bfdSessPerfCtrlPktInHC,
            bfdSessPerfCtrlPktOutHC,
            bfdSessPerfCtrlPktDropHC,
            bfdSessPerfEchoPktInHC,
            bfdSessPerfEchoPktOutHC,
            bfdSessPerfEchoPktDropHC
        }

        STATUS     current
        DESCRIPTION
            "Collection of objects needed to monitor the
             performance of BFD sessions for which the
             values of bfdSessPerfPktIn, bfdSessPerfPktOut
             wrap around too quickly."
        ::= { bfdGroups 4 }

    bfdNotificationGroup NOTIFICATION-GROUP
        NOTIFICATIONS {
            bfdSessUp,
            bfdSessDown
        }
        STATUS     current
        DESCRIPTION
            "Set of notifications implemented in this
             module."
        ::= { bfdGroups 5 }

    END




Nadeau, et al.          Expires October 30, 2014               [Page 33]


Internet-Draft                 BFD-STD-MIB                    April 2014


6.  Security Considerations

   As BFD may be tied into the stability of the network infrastructure
   (such as routing protocols), the effects of an attack on a BFD
   session may be very serious.  This ultimately has denial-of-service
   effects, as links may be declared to be down (or falsely declared to
   be up.)  As such, improper manipulation of the objects represented by
   this MIB may result in denial of service to a large number of end-
   users.

   There are a number of management objects defined in this MIB module
   with a MAX-ACCESS clause of read-write and/or read-create.  Such
   objects may be considered sensitive or vulnerable in some network
   environments.  The support for SET operations in a non-secure
   environment without proper protection can have a negative effect on
   network operations.  These are the tables and objects and their
   sensitivity/vulnerability:

   o  bfdAdminStatus - Improper change of bfdAdminStatus, from
      enabled(1) to disabled(2), can cause significant disruption of the
      connectivity to those portions of the Internet reached via all the
      applicable remote BFD peers.

   o  bfdOperStatus - Improper change of bfdOperStatus, from up(1) to
      down(2) or up(1) to adminDown(3), can cause significant disruption
      of the connectivity to those portions of the Internet reached via
      all the applicable remote BFD peers.

   o  bfdSessAdminStatus - Improper change of bfdSessAdminStatus, from
      enabled(1) to disabled(2), can cause significant disruption of the
      connectivity to those portions of the Internet reached via the
      applicable remote BFD peer.

   o  bfdSessOperStatus - Improper change of bfdSessOperStatus, from
      up(1) to down(2) or up(1) to adminDown(3), can cause significant
      disruption of the connectivity to those portions of the Internet
      reached via the applicable remote BFD peer.

   o  bfdSessDesiredMinTxInterval, bfdSessReqMinRxInterval,
      bfdSessReqMinEchoRxInterval, bfdSessDetectMult - Improper change
      of this object can cause connections to be disrupted for extremely
      long time periods when otherwise they would be restored in a
      relatively short period of time.

   o  Some management objects define the BFD session whilst other
      management objects define the parameter of the BFD session.  It is
      particularly important to control the support for SET access to
      those management objects that define the BFD session, as changes



Nadeau, et al.          Expires October 30, 2014               [Page 34]


Internet-Draft                 BFD-STD-MIB                    April 2014


      to them can be disruptive.  Implementation SHOULD NOT allow
      changes to following management objects when bfdSessState is
      up(4):

      *  bfdSessVersionNumber

      *  bfdSessType

      *  bfdSessDestinationUdpPort

      *  bfdSessMultipointFlag

      *  bfdSessInterface

      *  bfdSessSrcAddrType

      *  bfdSessSrcAddr

      *  bfdSessDstAddrType

      *  bfdSessDstAddr

   There are a number of management objects defined in this MIB module
   with a MAX-ACCESS clause of read-write and/or read-create.  Such
   objects may be considered sensitive or vulnerable in some network
   environments.  It is thus important to control even GET and/or NOTIFY
   access to these objects and possibly to even encrypt the values of
   these objects when sending them over the network via SNMP.

   o  The bfdSessTable may be used to directly configure BFD sessions.
      The bfdSessMapTable can be used indirectly in the same way.
      Unauthorized access to objects in this table could result in
      disruption of traffic on the network.  This is especially true if
      an unauthorized user configures enough tables to invoke a denial
      of service attack on the device where they are configured, or on a
      remote device where the sessions terminate.

   Some of the readable objects in this MIB module (i.e., objects with a
   MAX-ACCESS other than not-accessible) may be considered sensitive or
   vulnerable in some network environments.  It is thus important to
   control even GET and/or NOTIFY access to these objects and possibly
   to even encrypt the values of these objects when sending them over
   the network via SNMP.  These are the tables and objects and their
   sensitivity/vulnerability:

   o  The bfdSessPerfTable both allows access to the performance
      characteristics of BFD sessions.  Network administrators not




Nadeau, et al.          Expires October 30, 2014               [Page 35]


Internet-Draft                 BFD-STD-MIB                    April 2014


      wishing to show this information should consider this table
      sensitive.

   The bfdSessAuthenticationType, bfdSessAuthenticationKeyID, and
   bfdSessAuthenticationKey objects hold security methods and associated
   security keys of BFD sessions.  These objects SHOULD be considered
   highly sensitive objects.  In order to prevent this sensitive
   information from being improperly accessed, implementers MAY disallow
   access to these objects.

   SNMP versions prior to SNMPv3 did not include adequate security.
   Even if the network itself is secure "for example by using IPSec",
   even then, there is no control as to who on the secure network is
   allowed to access and GET/SET "read/change/create/delete" the objects
   in these MIB modules.

   It is RECOMMENDED that implementers consider the security features as
   provided by the SNMPv3 framework (see [RFC3410], section 8),
   including full support for the SNMPv3 cryptographic mechanisms "for
   authentication and privacy".

   Further, deployment of SNMP versions prior to SNMPv3 is NOT
   RECOMMENDED.  Instead, it is RECOMMENDED to deploy SNMPv3 and to
   enable cryptographic security.  It is then a customer/operator
   responsibility to ensure that the SNMP entity giving access to an
   instance of this MIB module, is properly configured to give access to
   the objects only to those principals "users" that have legitimate
   rights to indeed GET or SET "change/create/delete" them.

7.  IANA Considerations

        The MIB module in this document uses the following IANA-assigned
        OBJECT IDENTIFIER values recorded in the SMI Numbers registry:

        Descriptor        OBJECT IDENTIFIER value
        ----------        -----------------------

        bfdMib            { mib-2 XXX }

   [RFC-Editor's Note (to be removed prior to publication): the IANA is
   requested to assign a value for "XXX" under the 'mib-2' subtree and
   to record the assignment in the SMI Numbers registry.  When the
   assignment has been made, the RFC Editor is asked to replace "XXX"
   (here and in the MIB module) with the assigned value and to remove
   this note.]






Nadeau, et al.          Expires October 30, 2014               [Page 36]


Internet-Draft                 BFD-STD-MIB                    April 2014


8.  Acknowledgments

   Authors would like to thank Adrian Farrel and Jeffrey Haas for
   performing thorough reviews and providing number of suggestions.
   Authors would also like to thank David Ward, Reshad Rahman, David
   Toscano, Sylvain Masse, Mark Tooker, Kiran Koushik Agrahara
   Sreenivasa and David Black for their comments and suggestions.

9.  References

9.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC2578]  McCloghrie, K., Ed., Perkins, D., Ed., and J.
              Schoenwaelder, Ed., "Structure of Management Information
              Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.

   [RFC2579]  McCloghrie, K., Ed., Perkins, D., Ed., and J.
              Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD
              58, RFC 2579, April 1999.

   [RFC2580]  McCloghrie, K., Perkins, D., and J. Schoenwaelder,
              "Conformance Statements for SMIv2", STD 58, RFC 2580,
              April 1999.

   [RFC5082]  Gill, V., Heasley, J., Meyer, D., Savola, P., and C.
              Pignataro, "The Generalized TTL Security Mechanism
              (GTSM)", RFC 5082, October 2007.

   [RFC5880]  Katz, D. and D. Ward, "Bidirectional Forwarding Detection
              (BFD)", RFC 5880, June 2010.

   [RFC5881]  Katz, D. and D. Ward, "Bidirectional Forwarding Detection
              (BFD) for IPv4 and IPv6 (Single Hop)", RFC 5881, June
              2010.

   [RFC5883]  Katz, D. and D. Ward, "Bidirectional Forwarding Detection
              (BFD) for Multihop Paths", RFC 5883, June 2010.

   [RFC7130]  Bhatia, M., Chen, M., Boutros, S., Binderberger, M., and
              J. Haas, "Bidirectional Forwarding Detection (BFD) on Link
              Aggregation Group (LAG) Interfaces", RFC 7130, February
              2014.






Nadeau, et al.          Expires October 30, 2014               [Page 37]


Internet-Draft                 BFD-STD-MIB                    April 2014


   [I-D.ietf-bfd-tc-mib]
              Nadeau, T., Ali, Z., and N. Akiya, "Definitions of Textual
              Conventions (TCs) for Bidirectional Forwarding Detection
              (BFD) Management", draft-ietf-bfd-tc-mib-05 (work in
              progress), April 2014.

9.2.  Informative References

   [RFC3410]  Case, J., Mundy, R., Partain, D., and B. Stewart,
              "Introduction and Applicability Statements for Internet-
              Standard Management Framework", RFC 3410, December 2002.

   [RFC2863]  McCloghrie, K. and F. Kastenholz, "The Interfaces Group
              MIB", RFC 2863, June 2000.

   [RFC3413]  Levi, D., Meyer, P., and B. Stewart, "Simple Network
              Management Protocol (SNMP) Applications", STD 62, RFC
              3413, December 2002.

   [RFC3289]  Baker, F., Chan, K., and A. Smith, "Management Information
              Base for the Differentiated Services Architecture", RFC
              3289, May 2002.

Authors' Addresses

   Thomas D. Nadeau
   Brocade

   EMail: tnadeau@lucidvision.com


   Zafar Ali
   Cisco Systems

   EMail: zali@cisco.com


   Nobo Akiya
   Cisco Systems

   EMail: nobo@cisco.com










Nadeau, et al.          Expires October 30, 2014               [Page 38]