Network Working Group T. Dietz, Ed.
Internet-Draft NEC Europe Ltd.
Intended status: Standards Track A. Kobayashi
Expires: June 5, 2008 NTT PF Lab.
B. Claise
Cisco Systems, Inc.
December 3, 2007
Definitions of Managed Objects for IP Flow Information Export
draft-ietf-ipfix-mib-02.txt
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on June 5, 2008.
Copyright Notice
Copyright (C) The IETF Trust (2007).
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 1]
Internet-Draft IPFIX MIB December 2007
Abstract
This document defines managed objects for IP Flow Information Export
(IPFIX). These objects provide information for monitoring IPFIX
Exporters and IPFIX Collectors including some minor configuration
information.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. IPFIX Documents Overview . . . . . . . . . . . . . . . . . . . 4
3. The Internet-Standard Management Framework . . . . . . . . . . 5
4. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 6
5. Structure of the IPFIX MIB . . . . . . . . . . . . . . . . . . 7
5.1. The Transport Session Table . . . . . . . . . . . . . . . 7
5.1.1. The Transport Session Group Table . . . . . . . . . . 7
5.2. The Observation Domain Table . . . . . . . . . . . . . . . 10
5.3. The Template Table . . . . . . . . . . . . . . . . . . . . 10
5.4. The Template Definition Table . . . . . . . . . . . . . . 10
5.5. The Selector Table . . . . . . . . . . . . . . . . . . . . 12
5.6. The Selector Functions . . . . . . . . . . . . . . . . . . 13
5.6.1. Textual Convention IpfixFunctionAvailabilty . . . . . 13
5.7. The Statistical Tables . . . . . . . . . . . . . . . . . . 13
6. MIB Definitions . . . . . . . . . . . . . . . . . . . . . . . 14
7. Security Considerations . . . . . . . . . . . . . . . . . . . 43
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 44
9. Acknowledgment . . . . . . . . . . . . . . . . . . . . . . . . 45
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 46
10.1. Normative References . . . . . . . . . . . . . . . . . . . 46
10.2. Informative References . . . . . . . . . . . . . . . . . . 46
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 48
Intellectual Property and Copyright Statements . . . . . . . . . . 49
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 2]
Internet-Draft IPFIX MIB December 2007
1. Introduction
This document defines MIB modules for monitoring IP Flow Information
Export (IPFIX) Devices including Exporters and Collectors. The full
configuration of the IPFIX Metering Process is out of the scope this
MIB. However, some configuration of the Exporting Process is
specified in this document.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 3]
Internet-Draft IPFIX MIB December 2007
2. IPFIX Documents Overview
The IPFIX protocol provides network administrators with access to IP
Flow information. The architecture for the export of measured IP
Flow information out of an IPFIX Exporting Process to a Collecting
Process is defined in [I-D.ietf-ipfix-architecture], per the
requirements defined in [RFC3917]. The protocol document
[I-D.ietf-ipfix-protocol] specifies how IPFIX Data Record and
Templates are carried via a congestion-aware transport protocol from
IPFIX Exporting Processes to IPFIX Collecting Process. IPFIX has a
formal description of IPFIX Information Elements, their name, type
and additional semantic information, as specified in
[I-D.ietf-ipfix-info]. Finally [I-D.ietf-ipfix-as] describes what
type of applications can use the IPFIX protocol and how they can use
the information provided. It furthermore shows how the IPFIX
framework relates to other architectures and frameworks.
It is assumed that Flow metering, export and collection is performed
according to the IPFIX architecture defined in
[I-D.ietf-ipfix-architecture]. Configuration of the export and
collection of Flow Information Templates and Records is modeled
according to [I-D.ietf-ipfix-protocol]. Packet selection and
filtering methods that may be optionally used by the IPFIX Metering
Process are not considered in this MIB module. They are defined in
the Packet Sampling (PSAMP) framework [I-D.ietf-psamp-framework] and
sampling techniques [I-D.ietf-psamp-sample-tech] documents.
Nevertheless the entry point for those methods [I-D.ietf-psamp-mib]
is given within this MIB module since PSAMP export protocol
[I-D.ietf-psamp-protocol] is based on the IPFIX protocol.
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 4]
Internet-Draft IPFIX MIB December 2007
3. The Internet-Standard Management Framework
For a detailed overview of the documents that describe the current
Internet-Standard Management Framework, please refer to section 7 of
RFC 3410 [RFC3410].
Managed objects are accessed via a virtual information store, termed
the Management Information Base or MIB. MIB objects are generally
accessed through the Simple Network Management Protocol (SNMP).
Objects in the MIB are defined using the mechanisms defined in the
Structure of Management Information (SMI). This memo specifies a MIB
module that is compliant to the SMIv2, which is described in STD 58,
RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580
[RFC2580].
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 5]
Internet-Draft IPFIX MIB December 2007
4. Terminology
The definitions of the basic terms like IP Traffic Flow, Exporting
Process, Collecting Process, Observation Points, etc. can be found in
the IPFIX protocol document [I-D.ietf-ipfix-protocol].
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 6]
Internet-Draft IPFIX MIB December 2007
5. Structure of the IPFIX MIB
The IPFIX MIB consists of four main tables, the Transport Session
table, the Observation Domain table, the Template table and the
Template Definition table. Since the IPFIX architecture
[I-D.ietf-ipfix-architecture] foresees the possibility of using
filtering and/or sampling functions to reduce the data volume the MIB
provides the basic objects for theses functions with the Selector
Table and a subtree for hooking standard filtering and sampling
functions.
All remaining objects contain statistical values for the different
tables contained in the MIB. Finally an entry point for extensions
of the IPFIX MIB is given that can be used e.g. for the PSAMP MIB
[I-D.ietf-psamp-mib].
The following subsections describe all tables in the IPFIX MIB
module.
5.1. The Transport Session Table
The Transport Session is the basic concept in the MIB. The Transport
Session table (ipfixTransportSessionTable) contains all Transport
Sessions between Exporter and Collector. The table specifies the
layer 4 protocol of the Transport Session and, depending on the
protocol, further parameters for the Transport Session. In case of
UDP and TCP these are the source and destination address as well as
the source and destination port. For SCTP the table contains the
SCTP Assoc Id which is the index for the SCTP association in the SCTP
MIB [RFC3873]. Finally a status of the Transport Session is given in
the table.
5.1.1. The Transport Session Group Table
On Exporters, the Transport Session Group table
(ipfixTransportSessionGroupTable)can be used to achieve features like
failover, load-balancing, duplicate export to several Collectors etc.
The member type for each group member describes its functionality.
For failover a Transport Session group can contain one Transport
Session with member type "primary" and several Transport Sessions
with type "secondary". Entries with other member types are not
allowed for that group.
For load-balancing or parallel export all Transport Sessions in the
group MUST have the same member type either "loadBalancing" or
"duplicate". The algorithms used for failover or load-balancing are
out of the scope of this document.
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 7]
Internet-Draft IPFIX MIB December 2007
The notion of Transport Session Grouping is only available on
Exporters. Nevertheless the Transport Session Group table exists on
Exporters and Collectors, for consistency reasons. Each Transport
Session Group on a Collector consists of a single entry with a
Transport Session. The member type for this entry MUST be set to
unused. If the Transport Session Grouping is not supported on an
Exporter the same conditions as described above for Collectors apply.
To illustrate the use of the the above tables lets assume the
following scenario: We have an exporter on IP address 192.0.2.22 and
a collector on IP address 192.0.2.37. They use TCP. Then we would
have the following Transport Session Table on the exporter:
ipfixTransportSessionTable (2)
|
+- ipfixTransportSessionEntry (1)
|
+- index (5)
+- ipfixTrasportSessionIndex (1) = 5
+- ipfixTransportSessionProtocol (2) = 6 (TCP)
+- ipfixTransportSessionAddressType (3) = 1 (ipv4)
+- ipfixTransportSessionSourceAddress (4) = 192.0.2.22
+- ipfixTransportSessionDestinationAddress (5) = 192.0.2.37
+- ipfixTransportSessionSourcePort (6) = 7653
+- ipfixTransportSessionDestinationPort (7) = 4739
+- ipfixTransportSessionSctpAssocId (8) = 0
+- ipfixTransportSessionTemplateRefreshTimeout (9) = 0
+- ipfixTransportSessionOptionTemplateRefreshTimeout (10) = 0
+- ipfixTransportSessionTemplateRefreshPacket (11) = 0
+- ipfixTransportSessionOptionTemplateRefreshPacket (12) = 0
+- ipfixTransportSessionStatus (13) = 2 (active)
The values in brackets are the OID numbers. The collector would then
have e.g. the following table:
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 8]
Internet-Draft IPFIX MIB December 2007
ipfixTransportSessionTable (2)
|
+- ipfixTransportSessionEntry (1)
|
+- index (17)
+- ipfixTrasportSessionIndex (1) = 17
+- ipfixTransportSessionProtocol (2) = 6 (TCP)
+- ipfixTransportSessionAddressType (3) = 1 (ipv4)
+- ipfixTransportSessionSourceAddress (4) = 192.0.2.22
+- ipfixTransportSessionDestinationAddress (5) = 192.0.2.37
+- ipfixTransportSessionSourcePort (6) = 7653
+- ipfixTransportSessionDestinationPort (7) = 4739
+- ipfixTransportSessionSctpAssocId (8) = 0
+- ipfixTransportSessionTemplateRefreshTimeout (9) = 0
+- ipfixTransportSessionOptionTemplateRefreshTimeout (10) = 0
+- ipfixTransportSessionTemplateRefreshPacket (11) = 0
+- ipfixTransportSessionOptionTemplateRefreshPacket (12) = 0
+- ipfixTransportSessionStatus (13) = 2 (active)
We further asume that the exporter uses the above connection as the
primary export for a session protected by a secondary backup
connection with a ipfixTransportSessionIndex of 28. Both, exporter
and collector, also need to have a Transport Session Group Table.
For the export this may look like the following table:
ipfixTransportSessionGroupTable (3)
|
+- ipfixTransportSessionGroupEntry (1)
|
+- index (11)
|
+- index (5)
| +- ipfixTransportSessionGroupIndex (1) = 11
| +- ipfixTransportSessionGroupMemberType (2) = 1 (primary)
+- index (28)
+- ipfixTransportSessionGroupIndex (1) = 11
+- ipfixTransportSessionGroupMemberType (2) = 2 (secondary)
Since the collector does not know which Transport Sessions belong
together he has one Transport Session Group Table entry per Transport
Session. So the entry for the given example is the following:
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 9]
Internet-Draft IPFIX MIB December 2007
ipfixTransportSessionGroupTable (3)
|
+- ipfixTransportSessionGroupEntry (1)
|
+- index (19)
|
+- index (17)
+- ipfixTransportSessionGroupIndex (1) = 19
+- ipfixTransportSessionGroupMemberType (2) = 5 (unused)
5.2. The Observation Domain Table
The Observation Domain Table (ipfixObservationDomainTable) contains a
reference to the ENTITY MIB [RFC4133]. The objects in the ENTITY MIB
denote the Observation Point associated with the given Observation
Domain Id. In addition a direction can be given to render more
specific which flow to monitor. Since a Collector could receive the
same Observation Domain Id in different sessions (thus from different
Exporters) the table takes the Transport Session index as first
index. The Transport Session index would be typically zero (0) at an
Exporter because the Observation Domain Id is usually unique per
Device and thus need not to be scoped by the Transport Session.
5.3. The Template Table
The Template table lists all Templates (including Option Templates)
that are sent (by an Exporter) or received (by a Collector). The
Templates are unique per Transport Session Group and Observation
Domain, thus the table is indexed by the Transport Session Index and
the Observation Domain Id from the previous two tables. It contains
the Set Id and an Access Time denoting the time when the Template was
last sent or received. In addition it contains an inactive timeout
to terminate Flows that are inactive for a certain amount of time and
an active timeout to expire Flows that are still active to get#
intermediate Flow Records for these long-living Flows.
5.4. The Template Definition Table
This table lists all the Information Elements contained in a Template
or Option Template. Therefore it takes the same indexes as the
Template table plus the Template Id. Its own index denotes the order
of the Information Element inside the Template if necessary. Besides
the Information Element Id and the length of the encoded value the
table contains flags for each Information Element. The flags
indicate if the Information Element is used for scoping or as a Flow
key.
To resume the above example the exporter may want to export the
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 10]
Internet-Draft IPFIX MIB December 2007
octets received and dropped at the Observation Point since the last
export of these values. In addition it exports the start and end
time of the flow relative to the timestamp contained in the IPFIX
header. The active timeout is set to 0 i.e., long-living Flows do
not generate intermediate exports. The inactive timeout is set to
300 seconds i.e., a Flow is exported after 5 minutes of inactivity.
This leads to the following Template Table defining Template and
Option Template:
ipfixTemplateTable (5)
|
+- ipfixTemplateEntry (1)
|
+- index (11)
|
+- index (3)
|
+ index (257)
| +- ipfixTemplateId (1) = 257
| +- ipfixTemplateSetId (2) = 3
| +- ipfixTemplateAccessTime (3) = 2007-7-9,12:49:11.2,+2:0
| +- ipfixTemplateActiveTimeout (4) = 0
| +- ipfixTemplateInactiveTimeout (5) = 500
|
+ index (264)
+- ipfixTemplateId (1) = 264
+- ipfixTemplateSetId (2) = 4
+- ipfixTemplateAccessTime (3) = 2007-7-9,12:47:04.8,+2:0
+- ipfixTemplateActiveTimeout (4) = 0
+- ipfixTemplateInactiveTimeout (5) = 0
The Template Definition Table for the Template may look like follows:
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 11]
Internet-Draft IPFIX MIB December 2007
ipfixTemplateDefinitionTable (6)
|
+- ipfixTemplateDefinitionEntry (1)
|
+- index (11)
|
+- index (3)
|
+ index (257)
|
+- index (1)
| +- ipfixTemplateDefinitionIndex (1) = 1
| +- ipfixTemplateDefinitionIeId (2) = 150
| | (flowStartSeconds)
| +- ipfixTemplateDefinitionIeLength (3) = 4
| +- ipfixTemplateDefinitionFlags (4) = 0
|
+- index (2)
| +- ipfixTemplateDefinitionIndex (1) = 2
| +- ipfixTemplateDefinitionIeId (2) = 151
| | (flowEndSeconds)
| +- ipfixTemplateDefinitionIeLength (3) = 4
| +- ipfixTemplateDefinitionFlags (4) = 0
|
+- index (3)
| +- ipfixTemplateDefinitionIndex (1) = 3
| +- ipfixTemplateDefinitionIeId (2) = 1
| | (octetDeltaCount)
| +- ipfixTemplateDefinitionIeLength (3) = 8
| +- ipfixTemplateDefinitionFlags (4) = 0
|
+- index (4)
+- ipfixTemplateDefinitionIndex (1) = 4
+- ipfixTemplateDefinitionIeId (2) = 132
| (droppedOctetDeltaCount)
+- ipfixTemplateDefinitionIeLength (3) = 8
+- ipfixTemplateDefinitionFlags (4) = 0
5.5. The Selector Table
This table supports the usage of filtering and sampling functions as
described in [I-D.ietf-ipfix-architecture]. The implementation and
use of this table is optional. If implemented it contains lists of
functions per Template, thus it takes the same indexes as the
Template Field table. The Selector Index indicates the order of the
functions i.e, the order in that the functions are applied to the
packets observed at the Observation Point. The functions are
referred by object identifiers pointing to the function with its
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 12]
Internet-Draft IPFIX MIB December 2007
parameters. If the table is implemented and no filtering or sampling
is used for a Template then an entry for the Template should be
created pointing to the Select All function (ipfixFuncSelectAll).
5.6. The Selector Functions
The subtree ipfixSelectorFunctions is a placeholder where all
standard filtering and sampling functions should be located (if any)
and is mainly build for extensibility in future versions. It
currently contains the Select All functions (ipfixFuncSelectAll).
A future extension could produce e.g., the MIB tree shown in the
following figure:
ipfixSelectorFunctions
|
+- ipfixFuncSelectAll
| |
| +- ipfixFuncSelectAllAvail (is the function available?)
|
+- ipfixFuncF2
| |
| +- ipfixFuncF2Avail (is the function F2 available)
| |
| +- ipfixFuncF2Parameters (a table with parameters)
...
|
+- ipfixFunFn...
If a Selector Function takes parameters the MIB should contain a
table with an entry for each set of parameters used at the Exporter.
In this way a future extension could point to an entry in that table
to indicate both the used Selector Function as well as the parameters
used for that function.
5.6.1. Textual Convention IpfixFunctionAvailabilty
In conjunction with the Selector Functions the textual convention
IpfixFunctionAvailabilty is defined in the MIB. It MUST be used
within all Selector Functions to indicate if a standard function is
currently available at the Device or not. The previous mentioned
Select All function is always available.
5.7. The Statistical Tables
The remaining tables are all for statistical evaluation and all of
them are optional. Those table gather statistical values for a
corresponding table of those described above.
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 13]
Internet-Draft IPFIX MIB December 2007
6. MIB Definitions
This section contains the definitions of the IPFIX-MIB module. There
are different mandatory groups defined for Collector and Exporter
implementations. The statistical objects are made optional. As well
as such features as transport session grouping which need not be
supported by all IPFIX Devices.
IPFIX-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, mib-2, Integer32, Unsigned32,
Counter32, Counter64
FROM SNMPv2-SMI -- RFC2578
TEXTUAL-CONVENTION, DateAndTime
FROM SNMPv2-TC -- RFC2579
MODULE-COMPLIANCE, OBJECT-GROUP
FROM SNMPv2-CONF -- RFC2580
InetAddressType, InetAddress
FROM INET-ADDRESS-MIB -- RFC3291
PhysicalIndexOrZero
FROM ENTITY-MIB; -- RFC4133
ipfixMIB MODULE-IDENTITY
LAST-UPDATED "200712030900Z" -- 03 December 2007
ORGANIZATION "IETF IPFIX Working Group"
CONTACT-INFO
"WG charter:
http://www.ietf.org/html.charters/ipfix-charter.html
Mailing Lists:
General Discussion: ipfix@ietf.org
To Subscribe: http://www1.ietf.org/mailman/listinfo/ipfix
Archive:
http://www1.ietf.org/mail-archive/web/ipfix/current/index.html
Editor:
Thomas Dietz
NEC Europe Ltd.
NEC Laboratories Europe
Network Research Division
Kurfuersten-Anlage 36
69115 Heidelberg
Germany
Phone: +49 6221 4342-128
Email: dietz@nw.neclab.eu
Atsushi Kobayashi
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 14]
Internet-Draft IPFIX MIB December 2007
NTT Information Sharing Platform Laboratories
3-9-11 Midori-cho
Musashino-shi
180-8585
Japan
Phone: +81-422-59-3978
Email: akoba@nttv6.net
Benoit Claise
Cisco Systems, Inc.
De Kleetlaan 6a b1
Degem 1831
Belgium
Phone: +32 2 704 5622
Email: bclaise@cisco.com"
DESCRIPTION
"The IPFIX MIB defines managed objects for IP Flow
Information eXport. These objects provide information about
managed nodes supporting the IP Flow Information Export
protocol, for Exporters as well as for Collectors. The
objects also allow to perform some limited configuration on
an IPFIX Exporter.
Copyright (C) The IETF Trust (2007). This version
of this MIB module is part of RFC yyyy; see the RFC itself
for full legal notices."
-- replace yyyy with actual RFC number & remove this notice
-- Revision history
REVISION "200712030900Z" -- 03 December 2007
DESCRIPTION
"Initial version, published as RFC yyyy."
-- replace yyyy with actual RFC number & remove this notice
::= { mib-2 xxx }
-- xxx to be assigned by IANA.
--******************************************************************
-- Textual Conventions
--******************************************************************
--------------------------------------------------------------------
-- Define Selector Function Availability
--------------------------------------------------------------------
IpfixFunctionAvailability ::= TEXTUAL-CONVENTION
STATUS current
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 15]
Internet-Draft IPFIX MIB December 2007
DESCRIPTION
"Used to report the availability of a selection function:
available(1)
the function is supported and can be used
notAvailable(2)
the function is not available"
SYNTAX INTEGER {
available(1),
notAvailable(2)
}
--******************************************************************
-- Top Level Structure of the MIB
--******************************************************************
ipfixObjects OBJECT IDENTIFIER ::= { ipfixMIB 1 }
ipfixExtensions OBJECT IDENTIFIER ::= { ipfixMIB 2 }
ipfixConformance OBJECT IDENTIFIER ::= { ipfixMIB 3 }
--==================================================================
-- 1: Objects used by all IPFIX implementations
--==================================================================
--------------------------------------------------------------------
-- 1.1: Exporter Version
--------------------------------------------------------------------
ipfixExportVersion OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"On Exporters the object contains the version number of the
IPFIX Protocol that the exporter uses to export its data.
On Collectors the object contains the highest version
number of all IPFIX Protocols understood by the Collector."
::= { ipfixObjects 1 }
--------------------------------------------------------------------
-- 1.2: Transport Session Table
--------------------------------------------------------------------
ipfixTransportSessionTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixTransportSessionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists the currently established transport
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 16]
Internet-Draft IPFIX MIB December 2007
sessions between an Exporting Process and a Collecting
Process."
::= { ipfixObjects 2 }
ipfixTransportSessionEntry OBJECT-TYPE
SYNTAX IpfixTransportSessionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixTransportSessionTable"
INDEX { ipfixTransportSessionIndex }
::= { ipfixTransportSessionTable 1 }
IpfixTransportSessionEntry ::=
SEQUENCE {
ipfixTransportSessionIndex Integer32,
ipfixTransportSessionProtocol Integer32,
ipfixTransportSessionAddressType InetAddressType,
ipfixTransportSessionSourceAddress InetAddress,
ipfixTransportSessionDestinationAddress InetAddress,
ipfixTransportSessionSourcePort Integer32,
ipfixTransportSessionDestinationPort Integer32,
ipfixTransportSessionSctpAssocId Unsigned32,
ipfixTransportSessionTemplateRefreshTimeout Unsigned32,
ipfixTransportSessionOptionTemplateRefreshTimeout Unsigned32,
ipfixTransportSessionTemplateRefreshPacket Unsigned32,
ipfixTransportSessionOptionTemplateRefreshPacket Unsigned32,
ipfixTransportSessionStatus INTEGER
}
ipfixTransportSessionIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Locally arbitrary, but unique identifier of an entry in
the ipfixTransportSessionTable. The value is expected to
remain constant from a re-initialization of the entity's
network management system to the next re-initialization."
::= { ipfixTransportSessionEntry 1 }
ipfixTransportSessionProtocol OBJECT-TYPE
SYNTAX Integer32 (1..255)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The transport protocol used for receiving or transmitting
IPFIX Messages. The protocols currently defined for usage
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 17]
Internet-Draft IPFIX MIB December 2007
within IPFIX are TCP (6), UDP (17) and SCTP (132). The
default protocol is SCTP."
DEFVAL { 132 }
::= { ipfixTransportSessionEntry 2 }
ipfixTransportSessionAddressType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of address used for source and destination address
as specified in RFC4001. This object is only valid if
ipfixTransportSessionProtocol has the value 6 (TCP) or 17
(UDP)."
::= { ipfixTransportSessionEntry 3 }
ipfixTransportSessionSourceAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The source address of the Exporter of the IPFIX transport
session. This value is interpreted according to the value of
ipfixTransportSessionAddressType as specified in RFC4001.
This object is only valid if ipfixTransportSessionProtocol
has the value 6 (TCP) or 17 (UDP)."
::= { ipfixTransportSessionEntry 4 }
ipfixTransportSessionDestinationAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The destination address of the Collector of the IPFIX
transport session. This value is interpreted according to
the value of ipfixTransportSessionAddressType as specified
in RFC4001. This object is only valid if
ipfixTransportSessionProtocol has the value 6 (TCP) or 17
(UDP)."
::= { ipfixTransportSessionEntry 5 }
ipfixTransportSessionSourcePort OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The transport protocol port number of the Exporter."
::= { ipfixTransportSessionEntry 6 }
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 18]
Internet-Draft IPFIX MIB December 2007
ipfixTransportSessionDestinationPort OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The transport protocol port number of the Collector. The
default value is 4739 for all currently defined transport
protocol types."
DEFVAL { 4739 }
::= { ipfixTransportSessionEntry 7 }
ipfixTransportSessionSctpAssocId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The association id used for the SCTP session between the
Exporter and the Collector of the IPFIX transport session.
It is equal to the sctpAssocIdentry in the sctpAssocTable
defined in the SCTP MIB. This object is only valid if
ipfixTransportSessionProtocol has the value 132 (SCTP). In
all other cases the value MUST be 0."
DEFVAL { 0 }
::= { ipfixTransportSessionEntry 8 }
ipfixTransportSessionTemplateRefreshTimeout OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"On Exporters this object contains the time in seconds
after which IPFIX Templates MUST be resend by the
Exporter.
On Collectors this object contains the lifetime in seconds
after which a Template becomes invalid when it is not
received again within this lifetime.
This object is only valid if ipfixTransportSessionProtocol
has the value 17 (UDP). In all other cases the value MUST
be 0."
DEFVAL { 0 }
::= { ipfixTransportSessionEntry 9 }
ipfixTransportSessionOptionTemplateRefreshTimeout OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 19]
Internet-Draft IPFIX MIB December 2007
DESCRIPTION
"On Exporters this object contains the time in seconds
after which IPFIX Option Templates MUST be resend by the
Exporter.
On Collectors this object contains the lifetime in seconds
after which an Option Template becomes invalid when it is
not received again within this lifetime.
This object is only valid if ipfixTransportSessionProtocol
has the value 17 (UDP). In all other cases the value MUST
be 0."
DEFVAL { 0 }
::= { ipfixTransportSessionEntry 10 }
ipfixTransportSessionTemplateRefreshPacket OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"On Exporters this object contains the number of packets
after which IPFIX Templates MUST be resend by the
Exporter.
On Collectors this object contains the lifetime in number
of packets after which a Template becomes invalid when it
is not received again within this lifetime.
This object is only valid if ipfixTransportSessionProtocol
has the value 17 (UDP). In all other cases the value MUST
be 0."
DEFVAL { 0 }
::= { ipfixTransportSessionEntry 11 }
ipfixTransportSessionOptionTemplateRefreshPacket OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"On Exporters this object contains the number of packets
after which IPFIX Option Templates MUST be resend by the
Exporter.
On Collectors this object contains the lifetime in number
of packets after which an Option Template becomes invalid
when it is not received again within this lifetime.
This object is only valid if ipfixTransportSessionProtocol
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 20]
Internet-Draft IPFIX MIB December 2007
has the value 17 (UDP). In all other cases the value MUST
be 0."
DEFVAL { 0 }
::= { ipfixTransportSessionEntry 12 }
ipfixTransportSessionStatus OBJECT-TYPE
SYNTAX INTEGER {
unknown(0),
inactive(1),
active(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of a transport session. This object can have the
following values:
unknown(0)
This value muse be used if the status of the
connection cannot be detected by the equipment. This
value should be avoided as far as possible.
inactive(1)
This value MUST be used for transport sessions that
are specified in the system but not currently connected.
The value can be used e.g. for transport sessions that
are backup (secondary) sessions in a transport session
group.
active(2)
This value MUST be used for transport sessions that are
currently connected and transmitting or receiving data."
::= { ipfixTransportSessionEntry 13 }
--------------------------------------------------------------------
-- 1.3: Transport Session Group Table
--------------------------------------------------------------------
ipfixTransportSessionGroupTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixTransportSessionGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists groups of transport sessions to
achieve features like automatic failover, load
balancing, parallel export etc.
On Exporters this table can group one ore more transport
sessions to achieve a special functionality like failover
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 21]
Internet-Draft IPFIX MIB December 2007
management, load-balancing etc. If the Exporter does not
use Transport Session grouping then each group MUST contain
a single Transport Session and this session MUST have the
member type unused(5).
On Collectors the Transport Session grouping is not used
and the same scheme MUST be used as described above for
Exporters not using Transport Session grouping."
::= { ipfixObjects 3 }
ipfixTransportSessionGroupEntry OBJECT-TYPE
SYNTAX IpfixTransportSessionGroupEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixTransportSessionGroupTable"
INDEX {
ipfixTransportSessionGroupIndex,
ipfixTransportSessionIndex
}
::= { ipfixTransportSessionGroupTable 1 }
IpfixTransportSessionGroupEntry ::=
SEQUENCE {
ipfixTransportSessionGroupIndex Integer32,
ipfixTransportSessionGroupMemberType INTEGER
}
ipfixTransportSessionGroupIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Locally arbitrary, but unique identifier of an entry in
the ipfixTransportSessionGroupTable. The value is expected
to remain constant from a re-initialization of the entity's
network management system to the next re-initialization.
The special value of zero (0) is reserved for use within
the ipfixObservationDomainTable and is not allowed as an
index in this table. For a detailed explanation see the
definition of the ipfixObservationDomainTable."
::= { ipfixTransportSessionGroupEntry 1 }
ipfixTransportSessionGroupMemberType OBJECT-TYPE
SYNTAX INTEGER {
unknown(0),
primary(1),
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 22]
Internet-Draft IPFIX MIB December 2007
secondary(2),
parallel(3),
loadBalancing(4),
unused(5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of a member transport session in its transport
session group (identified by the value of
ipfixTransportSessionGroupIndex). The following values are
valid:
unknown(0)
This value muse be used if the status of the group
membership cannot be detected by the equipment. This
value should be avoided as far as possible.
primary(1)
This value is used for a group member that is used as
the primary target of an Exporter. Other group members
(with the same ipfixTransportSessionGroupIndex) MUST
NOT have the value primary(1) but MUST have the value
secondary(2).
secondary(2)
This value is used for a group member that is used as a
secondary target of an Exporter. The Exporter will use
one of the targets specified as secondary(2) within the
same transport session group when the primary target is
not reachable.
duplicate(3)
This value is used for a group member that is used for
duplicate exporting i.e., all group members identified
by the ipfixTransportSessionGroupIndex are exporting
the same Records in parallel. This implies that all
group members MUST have the the same membertype
duplicate(3).
loadBalancing(4)
This value is used for a group member that is used as
as one target for load-balancing. This means that a
Record is send to one of the group members in this
group identified by ipfixTransportSessionGroupIndex.
This implies that all group members MUST have the same
membertype load-balancing(4)
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 23]
Internet-Draft IPFIX MIB December 2007
unused(5)
This value MUST be specified if the Exporter does not
support transport session grouping. It is the default
value for Collectors since the Collector cannot decide
if the received transport session uses transport
session grouping or not. In this case the group MUST
contain only one transport session."
::= { ipfixTransportSessionGroupEntry 2 }
--------------------------------------------------------------------
-- 1.4: Observation Domain Table
--------------------------------------------------------------------
ipfixObservationDomainTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixObservationDomainEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists Observation Domains used by the Metering
Process, the Exporting Process or the Collecting Process.
On Exporters the index ipfixTransportSessionGroupIndex MUST
always be zero (0) because the Observation Domain Id is
unique on the Exporter and can be used by any Transport
Session.
On Collectors the index ipfixTransportSessionGroupIndex MUST
NOT be zero (0) because the Collector could receive Records
from different Transport Sessions which use the same
Observation Domain Ids."
::= { ipfixObjects 4 }
ipfixObservationDomainEntry OBJECT-TYPE
SYNTAX IpfixObservationDomainEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixObservationDomainTable."
INDEX {
ipfixTransportSessionGroupIndex,
ipfixObservationDomainId
}
::= { ipfixObservationDomainTable 1 }
IpfixObservationDomainEntry ::=
SEQUENCE {
ipfixObservationDomainId Integer32,
ipfixPhysicalEntity PhysicalIndexOrZero,
ipfixPhysicalEntityDirection INTEGER
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 24]
Internet-Draft IPFIX MIB December 2007
}
ipfixObservationDomainId OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Locally arbitrary, but unique identifier of an entry in the
ipfixObservationDomainTable. The value is expected to remain
constant from a re-initialization of the entity's network
management system to the next re-initialization.
The special value of 0 MUST NOT be used within this table
but is reserved for the usage in the ipfixTemplateTable
and the ipfixTemplateDefinitionTable. An index of 0 for the
ipfixObservationDomainId index in those tables indicates
that a Template or Option Template cannot be applied to a
single Observation Domain."
::= { ipfixObservationDomainEntry 1 }
ipfixPhysicalEntity OBJECT-TYPE
SYNTAX PhysicalIndexOrZero
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains the index of a physical entity in
the Entity MIB. This physical entity is the given
Observation Domain. If such a physical entity cannot be
specified or is not known then the object contains 0."
DEFVAL { 0 }
::= { ipfixObservationDomainEntry 2 }
ipfixPhysicalEntityDirection OBJECT-TYPE
SYNTAX INTEGER {
none(0),
ingress(1),
egress(2),
both(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The direction of the flow that is monitored on the given
physical entity. The following values are valid:
none(0)
This value muse be used if a direction is not
applicable on the given physical entity.
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 25]
Internet-Draft IPFIX MIB December 2007
ingress(1)
This value is used for monitoring incoming flows on the
given physical entity.
egress(2)
This value is used for monitoring outgoing flows on the
given physical entity.
both(3)
This value is used for monitoring incoming and outgoing
flows on the given physical entity."
::= { ipfixObservationDomainEntry 3 }
--------------------------------------------------------------------
-- 1.5: Template Table
--------------------------------------------------------------------
ipfixTemplateTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixTemplateEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists the Templates and Option Templates that
are transmitted or received by the Exporting or Collecting
Process.
On an Exporter the table contains the Templates and Option
Templates that are used for exporting data for a given
Transport Session group and Observation Domain.
On an Collector the table contains Templates and Option
Templates that are received in the given Transport Session
group per Observation Domain.
If a value of zero (0) is specified for the
ipfixObservationDomainId then the Template or Option
Template cannot be applied to a single Observation Domain."
::= { ipfixObjects 5 }
ipfixTemplateEntry OBJECT-TYPE
SYNTAX IpfixTemplateEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixTemplateTable"
INDEX {
ipfixTransportSessionGroupIndex,
ipfixObservationDomainId,
ipfixTemplateId
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 26]
Internet-Draft IPFIX MIB December 2007
}
::= { ipfixTemplateTable 1 }
IpfixTemplateEntry ::=
SEQUENCE {
ipfixTemplateId Integer32,
ipfixTemplateSetId Integer32,
ipfixTemplateAccessTime DateAndTime,
ipfixTemplateActiveTimeout Unsigned32,
ipfixTemplateInactiveTimeout Unsigned32
}
ipfixTemplateId OBJECT-TYPE
SYNTAX Integer32 (256..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This number indicates the Template Id in the IPFIX
message. Values from 0 to 255 are not allowed for Template
Ids (see FIX_ME!!!!! IPFIX-PROTO)."
::= { ipfixTemplateEntry 1 }
ipfixTemplateSetId OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This number indicates the set id of the Template. This
object allows to easily retrieve the Template type.
Currently there are two values defined. The value 3 is
used for Sets containing Template definitions. The value 4
is used for Sets containing Option Template definitions. A
value greater than 255 is used for Sets containing Data
Records for the (Option) Template Id given by the Set Id."
::= { ipfixTemplateEntry 2 }
ipfixTemplateAccessTime OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The time when the Template was last sent or received.
On the Exporter this object contains the time when this
(Option) Template was last sent to the Collector(s). This
time is used if the transport protocol is UDP to know when a
retransmission of the (Option) Template is needed.
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 27]
Internet-Draft IPFIX MIB December 2007
On the Collector this object contains the time when this
(Option) Template was last received from the Exporter. This
time is used if the transport protocol is UDP to know when
this (Option) Template times out and thus is no longer
valid."
::= { ipfixTemplateEntry 3 }
ipfixTemplateActiveTimeout OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The time in seconds after which an active Flow is expired.
On the exporter this object contains the time after which a
Flow is expired (and a data record for the template is sent)
even though packets matching this Flow are still received by
the Metering Process. If this value is 0 the Flow is not
prematurely expired.
On the Collector as well as for Option Templates this object
is not valid and should be set to 0 (see
[I-D.ietf-ipfix-architecture], Section 5.1.1, Point 3)."
::= { ipfixTemplateEntry 4 }
ipfixTemplateInactiveTimeout OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The time in seconds after which an inactive Flow is
expired.
On the exporter this object contains the time after which a
(and a data record for the template is sent) when no packets
matching this Flow are received by the Metering Process for
the given number of seconds. If this value is 0 the Flow is
timed out immediately i.e., a data record is sent for every
packet received by the Metering Process.
On the Collector as well as for Option Templates this object
is not valid and should be set to 0 (see
[I-D.ietf-ipfix-architecture], Section 5.1.1, Point 1)."
::= { ipfixTemplateEntry 5 }
--------------------------------------------------------------------
-- 1.6: Template Definition Table
--------------------------------------------------------------------
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 28]
Internet-Draft IPFIX MIB December 2007
ipfixTemplateDefinitionTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixTemplateDefinitionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists the (Option) Template Fields of which a
(Option) Template is defined. It defines the (Option)
Template given in the ipfixTemplateId specified in the
ipfixTemplateTable."
::= { ipfixObjects 6 }
ipfixTemplateDefinitionEntry OBJECT-TYPE
SYNTAX IpfixTemplateDefinitionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixTemplateDefinitionTable"
INDEX {
ipfixTransportSessionIndex,
ipfixObservationDomainId,
ipfixTemplateId,
ipfixTemplateDefinitionIndex
}
::= { ipfixTemplateDefinitionTable 1 }
IpfixTemplateDefinitionEntry ::=
SEQUENCE {
ipfixTemplateDefinitionIndex Integer32,
ipfixTemplateDefinitionIeId Integer32,
ipfixTemplateDefinitionIeLength Integer32,
ipfixTemplateDefinitionFlags BITS
}
ipfixTemplateDefinitionIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The ipfixTemplateDefinitionIndex specifies the order in
which the Information Elements are used in the (Option)
Template Record if an order MUST be applied.
For more information on the order of Information Elements
see [I-D.ietf-ipfix-protocol]."
::= { ipfixTemplateDefinitionEntry 1 }
ipfixTemplateDefinitionIeId OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 29]
Internet-Draft IPFIX MIB December 2007
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This indicates the Information Element Id at position
ipfixTemplateDefinitionIndex in the (Option) Template
ipfixTemplateId. This implicitly specifies the data type of
the Information Element.
For more information about Information Elements see
[I-D.ietf-ipfix-info] and [I-D.ietf-ipfix-protocol]."
::= { ipfixTemplateDefinitionEntry 2 }
ipfixTemplateDefinitionIeLength OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This indicates the length of the Information Element Id at
position ipfixTemplateDefinitionIndex in the (Option)
Template ipfixTemplateId.
For more information about Information Elements see
[I-D.ietf-ipfix-info] and [I-D.ietf-ipfix-protocol]."
::= { ipfixTemplateDefinitionEntry 3 }
ipfixTemplateDefinitionFlags OBJECT-TYPE
SYNTAX BITS {
scope(0),
flowKey(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This bitmask indicates special attributes for the
Information Element:
scope(0)
This Information Element is used for scope.
flowKey(1)
This Information Element is a Flow key.
Thus we get the following values for an Information Element:
0
The Information Element contains Record values.
1 (scope)
The Information Element is used for scoping.
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 30]
Internet-Draft IPFIX MIB December 2007
2 (flowKey)
The Information Element is used as Flow Key.
3 (scope | flowKey)
This combination is not allowed."
DEFVAL { { } }
::= { ipfixTemplateDefinitionEntry 4 }
--------------------------------------------------------------------
-- 1.7: Transport Session Statistics Table
--------------------------------------------------------------------
ipfixTransportSessionStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixTransportSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists transport sessions statistics between
Exporting Process and Collecting Process."
::= { ipfixObjects 7 }
ipfixTransportSessionStatsEntry OBJECT-TYPE
SYNTAX IpfixTransportSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixTransportSessionStatsTable"
AUGMENTS { ipfixTransportSessionEntry }
::= { ipfixTransportSessionStatsTable 1 }
IpfixTransportSessionStatsEntry ::=
SEQUENCE {
ipfixTransportSessionRate Integer32,
ipfixTransportSessionPackets Counter32,
ipfixTransportSessionBytes Counter32,
ipfixTransportSessionMessages Counter32,
ipfixTransportSessionDiscardedMessages Counter32,
ipfixTransportSessionRecords Counter64,
ipfixTransportSessionActiveFlows Integer32,
ipfixTransportSessionInactiveFlows Integer32
}
ipfixTransportSessionRate OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of bytes per second received by the
Collector or transmitted by the Exporter. A
value of zero (0) means that no packets were sent or
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 31]
Internet-Draft IPFIX MIB December 2007
received yet."
::= { ipfixTransportSessionStatsEntry 1 }
ipfixTransportSessionPackets OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets received by the Collector
or transmitted by the Exporter."
::= { ipfixTransportSessionStatsEntry 2 }
ipfixTransportSessionBytes OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of bytes received by the Collector
or transmitted by the Exporter."
::= { ipfixTransportSessionStatsEntry 3 }
ipfixTransportSessionMessages OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of IPFIX messages received by the
Collector or transmitted by the Exporter."
::= { ipfixTransportSessionStatsEntry 4 }
ipfixTransportSessionDiscardedMessages OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of received IPFIX Message that are malformed,
cannot be decoded, are received in the wrong order or are
missing according to the sequence number.
If used at the Exporter the number of messages that could
not be sent due to e.g. internal buffer overflows, network
congestion, or routing issues."
::= { ipfixTransportSessionStatsEntry 5 }
ipfixTransportSessionRecords OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 32]
Internet-Draft IPFIX MIB December 2007
DESCRIPTION
"The number of Data Records received by the Collector or
transmitted by the Exporter."
::= { ipfixTransportSessionStatsEntry 6 }
ipfixTransportSessionActiveFlows OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Flows that are currently active. I.e. the
number of Flows that are currently monitored."
::= { ipfixTransportSessionStatsEntry 7 }
ipfixTransportSessionInactiveFlows OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Flows that are currently inactive. I.e. the
number of Flows that are currently not monitored because
there is no traffice matching the Flow Keys."
::= { ipfixTransportSessionStatsEntry 8 }
--------------------------------------------------------------------
-- 1.8: Observation Domain Statistics Table
--------------------------------------------------------------------
ipfixObservationDomainStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixObservationDomainStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists statistic objects that have data per
Observation Domain."
::= { ipfixObjects 8 }
ipfixObservationDomainStatsEntry OBJECT-TYPE
SYNTAX IpfixObservationDomainStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixObservationDomainStatsTable."
AUGMENTS { ipfixObservationDomainEntry }
::= { ipfixObservationDomainStatsTable 1 }
IpfixObservationDomainStatsEntry ::=
SEQUENCE {
ipfixObservationDomainMessages Counter32,
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 33]
Internet-Draft IPFIX MIB December 2007
ipfixObservationDomainErrors Counter32,
ipfixObservationDomainDataRecords Counter32,
ipfixObservationDomainTemplates Counter32,
ipfixObservationDomainOptionTemplates Counter32,
ipfixObservationDomainSequenceNumber Integer32
}
ipfixObservationDomainMessages OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of IPFIX messages received or transmitted."
::= { ipfixObservationDomainStatsEntry 1 }
ipfixObservationDomainErrors OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of received IPFIX messages that are malformed,
cannot be decoded, are received in the wrong order or are
missing according to the sequence number.
If used at the Exporter the number of messages that could
not be sent due to e.g. internal buffer overflows or network
congestion."
::= { ipfixObservationDomainStatsEntry 2 }
ipfixObservationDomainDataRecords OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Data Records received or transmitted."
::= { ipfixObservationDomainStatsEntry 3 }
ipfixObservationDomainTemplates OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Templates received or transmitted."
::= { ipfixObservationDomainStatsEntry 4 }
ipfixObservationDomainOptionTemplates OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 34]
Internet-Draft IPFIX MIB December 2007
STATUS current
DESCRIPTION
"The number of Option Templates received or transmitted."
::= { ipfixObservationDomainStatsEntry 5 }
ipfixObservationDomainSequenceNumber OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The latest sequence number transmitted or received."
::= { ipfixObservationDomainStatsEntry 6 }
--------------------------------------------------------------------
-- 1.9: Template Statistics Table
--------------------------------------------------------------------
ipfixTemplateStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixTemplateStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists statistics objects per Template."
::= { ipfixObjects 9 }
ipfixTemplateStatsEntry OBJECT-TYPE
SYNTAX IpfixTemplateStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixTemplateStatsTable"
AUGMENTS { ipfixTemplateEntry }
::= { ipfixTemplateStatsTable 1 }
IpfixTemplateStatsEntry ::=
SEQUENCE {
ipfixTemplateDataRecords Counter32
}
ipfixTemplateDataRecords OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Data Records per Template received or
transmitted."
::= { ipfixTemplateStatsEntry 1 }
--------------------------------------------------------------------
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 35]
Internet-Draft IPFIX MIB December 2007
-- 1.10: Selector Table
--------------------------------------------------------------------
ipfixSelectorTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixSelectorEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains Selector Functions connected to a
Template by the indexes ipfixTransportSessionIndex,
ipfixObservationDomainId and ipfixTemplateId. The Selector
Functions are applied to the packets observed at the
given Observation Domain in the order implied by the
ipfixSelectorIndex. The resulting Flow Records are then
exported by using the connected Template.
Since IPFIX does not define any Selector Function (except
selecting every packet) this is a placeholder for future
use and a guideline for implementing enterprise specific
Selector Function objects.
The following object tree should visualize how the Selector
Function objects should be implemented:
ipfixSelectorFunctions
|
+- ipfixFuncSelectAll
| |
| +- ipfixFuncSelectAllAvail (is the function available?)
|
+- ipfixFuncF2
| |
| +- ipfixFuncF2Avail (is the function F2 available)
| |
| +- ipfixFuncF2Parameters (a table with parameters)
...
|
+- ipfixFunFn...
If a Selector Function takes parameters the MIB should
table with an entry for each set of parameters used at the
Exporter."
::= { ipfixObjects 10 }
ipfixSelectorEntry OBJECT-TYPE
SYNTAX IpfixSelectorEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 36]
Internet-Draft IPFIX MIB December 2007
"Defines an entry in the ipfixSelectorTable."
INDEX {
ipfixTransportSessionIndex,
ipfixObservationDomainId,
ipfixTemplateId,
ipfixSelectorIndex
}
::= { ipfixSelectorTable 1 }
IpfixSelectorEntry ::= SEQUENCE {
ipfixSelectorIndex Integer32,
ipfixSelectorFunction OBJECT IDENTIFIER
}
ipfixSelectorIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Locally arbitrary, but unique identifier of an entry in the
ipfixSelectorTable. The value is expected to remain
constant from a re-initialization of the entity's network
management system to the next re-initialization."
::= { ipfixSelectorEntry 1 }
ipfixSelectorFunction OBJECT-TYPE
SYNTAX OBJECT IDENTIFIER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The pointer to the Selector Function used at position
ipfixSelectorIndex in the list of Selector Functions for
the Template specified by the indexes
ipfixTransportSessionIndex, ipfixObservationDomainId and
ipfixTemplateId."
::= { ipfixSelectorEntry 2 }
--------------------------------------------------------------------
-- 1.11: Packet Selector Functions for IPFIX
--------------------------------------------------------------------
ipfixSelectorFunctions OBJECT IDENTIFIER
::= { ipfixObjects 11 }
--------------------------------------------------------------------
-- 1.11.1: Function 1: Selecting All Packets
--------------------------------------------------------------------
ipfixFuncSelectAll OBJECT IDENTIFIER
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 37]
Internet-Draft IPFIX MIB December 2007
::= { ipfixSelectorFunctions 1 }
ipfixFuncSelectAllAvail OBJECT-TYPE
SYNTAX IpfixFunctionAvailability
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the availability of the trivial
function of selecting all packets. This function is always
available."
DEFVAL { available }
::= { ipfixFuncSelectAll 1 }
--------------------------------------------------------------------
-- 1.12: Selector Statistics Table
--------------------------------------------------------------------
ipfixSelectorStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixSelectorStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains statistics for the Selector Functions
connected to a Template by the indexes
ipfixTransportSessionIndex, ipfixObservationDomainId and
ipfixTemplateId.
The indexes MUST match an entry in the ipfixSelectorTable."
::= { ipfixObjects 12 }
ipfixSelectorStatsEntry OBJECT-TYPE
SYNTAX IpfixSelectorStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixSelectorStatsTable."
AUGMENTS { ipfixSelectorEntry }
::= { ipfixSelectorStatsTable 1 }
IpfixSelectorStatsEntry ::= SEQUENCE {
ipfixSelectorStatsPacketsObserved Integer32,
ipfixSelectorStatsPacketsDropped Integer32
}
ipfixSelectorStatsPacketsObserved OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 38]
Internet-Draft IPFIX MIB December 2007
"The number of packets observed at the entry point of the
function. The entry point may be the Observation Point or
the exit point of another Selector Function."
::= { ipfixSelectorStatsEntry 1 }
ipfixSelectorStatsPacketsDropped OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets dropped while selecting packets."
::= { ipfixSelectorStatsEntry 2 }
--==================================================================
-- 3: Conformance Information
--==================================================================
ipfixCompliances OBJECT IDENTIFIER ::= { ipfixConformance 1 }
ipfixGroups OBJECT IDENTIFIER ::= { ipfixConformance 2 }
--------------------------------------------------------------------
-- 3.1: Compliance Statements
--------------------------------------------------------------------
ipfixCollectorCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"An implementation that implements an IPFIX Collector Device
that complies to this module MUST implement the objects
defined in the mandatory group ipfixCommonGroup.
The implementation of all objects in the other groups is
optional and depends on the corresponding functionality
implemented in the equipment."
MODULE -- this module
MANDATORY-GROUPS {
ipfixCommonGroup
}
GROUP ipfixCommonStatsGroup
DESCRIPTION
"These objects should be implemented if the statistics
function is implemented in the equipment."
::= { ipfixCompliances 1 }
ipfixExporterCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"An implementation that implements an IPFIX Exporter that
complies to this module MUST implement the objects defined
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 39]
Internet-Draft IPFIX MIB December 2007
in the mandatory group ipfixCommonGroup. The implementation
of all other objects depends on the implementation of the
corresponding functionality in the equipment."
MODULE -- this module
MANDATORY-GROUPS {
ipfixCommonGroup
}
GROUP ipfixExporterGroup
DESCRIPTION
"These objects MUST be implemented if the IPFIX Exporter
supports Selector Functions like filtering and/or sampling."
GROUP ipfixExporterStatsGroup
DESCRIPTION
"These objects MUST be implemented if statistical functions
are implemented on the equipment."
::= { ipfixCompliances 2 }
--------------------------------------------------------------------
-- 3.2: MIB Grouping
--------------------------------------------------------------------
ipfixCommonGroup OBJECT-GROUP
OBJECTS {
ipfixExportVersion,
ipfixTransportSessionProtocol,
ipfixTransportSessionAddressType,
ipfixTransportSessionSourceAddress,
ipfixTransportSessionDestinationAddress,
ipfixTransportSessionSourcePort,
ipfixTransportSessionDestinationPort,
ipfixTransportSessionSctpAssocId,
ipfixTransportSessionTemplateRefreshTimeout,
ipfixTransportSessionOptionTemplateRefreshTimeout,
ipfixTransportSessionTemplateRefreshPacket,
ipfixTransportSessionOptionTemplateRefreshPacket,
ipfixTransportSessionStatus,
ipfixTransportSessionGroupMemberType,
ipfixPhysicalEntity,
ipfixPhysicalEntityDirection,
ipfixTemplateSetId,
ipfixTemplateAccessTime,
ipfixTemplateActiveTimeout,
ipfixTemplateInactiveTimeout,
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 40]
Internet-Draft IPFIX MIB December 2007
ipfixTemplateDefinitionIeId,
ipfixTemplateDefinitionIeLength,
ipfixTemplateDefinitionFlags
}
STATUS current
DESCRIPTION
"All objects that are mandatory for the management function
of any IPFIX Device."
::= { ipfixGroups 1 }
ipfixCommonStatsGroup OBJECT-GROUP
OBJECTS {
ipfixTransportSessionRate,
ipfixTransportSessionPackets,
ipfixTransportSessionBytes,
ipfixTransportSessionMessages,
ipfixTransportSessionDiscardedMessages,
ipfixTransportSessionRecords,
ipfixTransportSessionActiveFlows,
ipfixTransportSessionInactiveFlows,
ipfixObservationDomainMessages,
ipfixObservationDomainErrors,
ipfixObservationDomainDataRecords,
ipfixObservationDomainTemplates,
ipfixObservationDomainOptionTemplates,
ipfixObservationDomainSequenceNumber,
ipfixTemplateDataRecords
}
STATUS current
DESCRIPTION
"All statistical objects that should be common on all IPFIX
Devices."
::= { ipfixGroups 3 }
ipfixExporterGroup OBJECT-GROUP
OBJECTS {
ipfixSelectorFunction,
ipfixFuncSelectAllAvail
}
STATUS current
DESCRIPTION
"This group contains all objects that MUST be implemented
for supporting Selector Functions like filtering and/or
sampling on an Device using the IPFIX procol."
::= { ipfixGroups 4 }
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 41]
Internet-Draft IPFIX MIB December 2007
ipfixExporterStatsGroup OBJECT-GROUP
OBJECTS {
ipfixSelectorStatsPacketsObserved,
ipfixSelectorStatsPacketsDropped
}
STATUS current
DESCRIPTION
"This statistical objects are optional for Exporters. They
should be implemented if statistical functions are available
on the used equipment."
::= { ipfixGroups 5 }
END
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 42]
Internet-Draft IPFIX MIB December 2007
7. Security Considerations
Certain management information defined in this MIB may be considered
sensitive in some network environments. Therefore, authentication of
received SNMP requests and controlled access to management
information should be employed in such environments.
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 43]
Internet-Draft IPFIX MIB December 2007
8. IANA Considerations
This document requires an OID assignment to be made by IANA:
Descriptor OBJECT IDENTIFIER value
---------- -----------------------
ipfixMIB { mib-2 xxxxx }
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 44]
Internet-Draft IPFIX MIB December 2007
9. Acknowledgment
This document is a product of the IPFIX working group.
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 45]
Internet-Draft IPFIX MIB December 2007
10. References
10.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J.
Schoenwaelder, Ed., "Structure of Management Information
Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.
[RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J.
Schoenwaelder, Ed., "Textual Conventions for SMIv2",
STD 58, RFC 2579, April 1999.
[RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder,
"Conformance Statements for SMIv2", STD 58, RFC 2580,
April 1999.
[RFC3873] Pastor, J. and M. Belinchon, "Stream Control Transmission
Protocol (SCTP) Management Information Base (MIB)",
RFC 3873, September 2004.
[RFC4133] Bierman, A. and K. McCloghrie, "Entity MIB (Version 3)",
RFC 4133, August 2005.
[I-D.ietf-ipfix-protocol]
Claise, B., "Specification of the IPFIX Protocol for the
Exchange of IP Traffic Flow Information",
draft-ietf-ipfix-protocol-26 (work in progress),
September 2007.
[I-D.ietf-ipfix-info]
Quittek, J., "Information Model for IP Flow Information
Export", draft-ietf-ipfix-info-15 (work in progress),
February 2007.
10.2. Informative References
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart,
"Introduction and Applicability Statements for Internet-
Standard Management Framework", RFC 3410, December 2002.
[RFC3917] Quittek, J., Zseby, T., Claise, B., and S. Zander,
"Requirements for IP Flow Information Export (IPFIX)",
RFC 3917, October 2004.
[I-D.ietf-ipfix-architecture]
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 46]
Internet-Draft IPFIX MIB December 2007
Sadasivan, G., "Architecture for IP Flow Information
Export", draft-ietf-ipfix-architecture-12 (work in
progress), September 2006.
[I-D.ietf-ipfix-as]
Zseby, T., "IPFIX Applicability", draft-ietf-ipfix-as-12
(work in progress), July 2007.
[I-D.ietf-psamp-framework]
Duffield, N., "A Framework for Packet Selection and
Reporting", draft-ietf-psamp-framework-12 (work in
progress), June 2007.
[I-D.ietf-psamp-sample-tech]
Zseby, T., "Sampling and Filtering Techniques for IP
Packet Selection", draft-ietf-psamp-sample-tech-10 (work
in progress), June 2007.
[I-D.ietf-psamp-mib]
Dietz, T. and B. Claise, "Definitions of Managed Objects
for Packet Sampling", draft-ietf-psamp-mib-06 (work in
progress), June 2006.
[I-D.ietf-psamp-protocol]
Claise, B., "Packet Sampling (PSAMP) Protocol
Specifications", draft-ietf-psamp-protocol-08 (work in
progress), June 2007.
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 47]
Internet-Draft IPFIX MIB December 2007
Authors' Addresses
Thomas Dietz (editor)
NEC Europe Ltd.
NEC Laboratories Europe
Network Research Division
Kurfuersten-Anlage 36
Heidelberg 69115
DE
Phone: +49 6221 4342-128
Email: dietz@nw.neclab.eu
Atsushi Kobayashi
NTT Information Sharing Platform Laboratories
3-9-11 Midori-cho
Musashino-shi, Tokyo 180-8585
JA
Phone: +81-422-59-3978
Email: akoba@nttv6.net
Benoit Claise
Cisco Systems, Inc.
De Kleetlaan 6a b1
Degem 1831
BE
Phone: +32 2 704 5622
Email: bclaise@cisco.com
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 48]
Internet-Draft IPFIX MIB December 2007
Full Copyright Statement
Copyright (C) The IETF Trust (2007).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Acknowledgment
Funding for the RFC Editor function is provided by the IETF
Administrative Support Activity (IASA).
Dietz, et al. draft-ietf-ipfix-mib-02.txt [Page 49]