Network Working Group Thomas D. Nadeau
Internet Draft Cisco Systems, Inc.
Expires: September 2001
Cheenu Srinivasan
Tachion Networks, Inc.
Arun Viswanathan
Force10 Networks, Inc.
April 2001
Multiprotocol Label Switching (MPLS) FEC-To-NHLFE (FTN)
Management Information Base Using SMIv2
draft-ietf-mpls-ftn-mib-01.txt
Status of this Memo
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet- Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
Abstract
This memo defines an experimental portion of the Management
Information Base (MIB) for use with network management protocols in
the Internet community. In particular, it describes managed objects
for defining FEC-to-NHLFE mapping and corresponding actions for use
with Multiprotocol Label Switching (MPLS).
1. Introduction
This memo defines an experimental portion of the Management
Nadeau et al. Expires September 2001 [Page 1]
Internet Draft MPLS FTN MIB April 1, 2001
Information Base (MIB) for use with network management protocols in
the Internet community. In particular, it describes managed objects
for specifying FEC to NHLFE mappings and corresponding actions for
Multiprotocol Label Switching (MPLS).
This memo does not, in its draft form, specify a standard for the
Internet community.
2. Terminology
FEC รป Forward Equivalency Class
NHLFE - Next-Hop Label Forwarding Entry
MIB - Management Information Base
MPLS - Multi-Protocol Label Switching
3. The SNMP Management Framework
The SNMP Management Framework presently consists of five major
components:
- An overall architecture, described in RFC 2271 [SNMPArch].
- Mechanisms for describing and naming objects and events for the
purpose of management. The first version of this Structure of
Management Information (SMI) is called SMIv1 and described in RFC
1155 [SMIv1], RFC 1212 [SNMPv1MIBDef] and RFC 1215 [SNMPv1Traps].
The second version, called SMIv2, is described in RFC 1902
[SMIv2], RFC 1903 [SNMPv2TC] and RFC 1904 [SNMPv2Conf].
- Message protocols for transferring management information. The
first version of the SNMP message protocol is called SNMPv1 and
described in RFC 1157 [SNMPv1]. A second version of the SNMP
message protocol, which is not an Internet standards track
protocol, is called SNMPv2c and described in RFC 1901 [SNMPv2c]
and RFC 1906 [SNMPv2TM]. The third version of the message
protocol is called SNMPv3 and described in RFC 1906 [SNMPv2TM],
RFC 2272 [SNMPv3MP] and RFC 2274 [SNMPv3USM].
- Protocol operations for accessing management information. The
first set of protocol operations and associated PDU formats is
described in RFC 1157 [SNMPv1]. A second set of protocol
operations and associated PDU formats is described in RFC 1905
[SNMPv2PO].
- A set of fundamental applications described in RFC 2273
[SNMPv3App] and the view-based access control mechanism described
in RFC 2275 [SNMPv3VACM]. Managed objects are accessed via a
virtual information store, termed the Management Information Base
Nadeau et al. Expires September 2001 [Page 2]
Internet Draft MPLS FTN MIB April 1, 2001
or MIB. Objects in the MIB are defined using the mechanisms
defined in the SMI. This memo specifies a MIB module that is
compliant to the SMIv2. A MIB conforming to the SMIv1 can be
produced through the appropriate translations. The resulting
translated MIB must be semantically equivalent, except where
objects or events are omitted because no translation is possible
(use of Counter64). Some machine-readable information in SMIv2
will be converted into textual descriptions in SMIv1 during the
translation process. However, this loss of machine-readable
information is not considered to change the semantics of the MIB.
3.1. Object Definitions
Managed objects are accessed via a virtual information store, termed
the Management Information Base or MIB. Objects in the MIB are
defined using the subset of Abstract Syntax Notation One (ASN.1)
defined in the SMI. In particular, each object type is named by an
OBJECT IDENTIFIER, an administratively assigned name. The object
type together with an object instance serves to uniquely identify a
specific instantiation of the object. For human convenience, we
often use a textual string, termed the descriptor, to also refer to
the object type.
4. Motivation
On the edge of an MPLS network, packets belonging to a forwarding
equivalency class (FEC) are associated with an LSP (ER-LSP) via the
FEC-To-NHLFE (FTN) mapping [MPLS-Arch]. This mapping of packets to
an LSP is made at the ingress LSR of an LSP or a Traffic Engineered
(TE) Tunnel.
Conceptually, some of the FTN table functionality could be
implemented using the Forwarding Information Base (FIB) to map all
packets destined for a prefix to an LSP. However, this mapping is
coarse in nature.
Similar functionality is already being used in other contexts, such
as security filters, access filters, and for RSVP flow
identification. All of these require various combinations of
matching based on IP header and upper-layer header information to
identify packets for a particular treatment. When packets match a
particular rule, a corresponding action is executed against those
packets. For example, two popular actions to take when a successful
match is detected are allowing the packet to be forwarded or to
discard it. However, other actions are possible, such as modifying
the TOS byte, or redirecting a packet to a particular outgoing
interface.
Nadeau et al. Expires September 2001 [Page 3]
Internet Draft MPLS FTN MIB April 1, 2001
This draft attempts to consolidate the various matching requirements
and associated action options needed for MPLS into a single
specification.
5. Outline
This MIB resides on edge LSRs in order to map selected traffic into
the MPLS cloud. It consists of three tables. mplsFTNTable defines the
rule base against which incoming packets are matched and actions
taken on matching packets. mplsFTNMapTable defines the application
of these rules to specific interfaces. Finally, the mplsFTNPerfTable
provides performance counters for every FTN entry that is active, on
a per-interface basis.
5.1. mplsFTNTable
This table allows FEC to NHLFE mappings to be specified. Each entry
in this table defines a rule to be applied to incoming packets (on
interfaces that the FTN entry is activated on using mplsFTNMapTable;
see Section 5.2) and an action to be taken on matching packets.
mplsFTNTable provides a standard 5-tuple matching and allows address
and port ranges to be specified.
5.2. mplsFTNMapTable
This table provides the capability to activate or map FTN entries
defined in mplsFTNTable to specific interfaces in the system. FTN
entries are compared with incoming packets in the order in which they
are applied on an interface. For this reason, this table provides a
mechanism to 'insert' an FTN entry between two existing FTN entries
already applied on an interface.
Using this linked-list structure, one can retrieve FTN entries in the
order of application on a per-interface basis as follows:
- To determine the first FTN entry on an interface with index
ifIndex perform a GETNEXT retrieval operation on
mplsFTNMapIfIndex.ifIndex.0.0; the returned object, if one
exists, is (say) mplsFTNMapIfIndex.ifIndex.0.n. Then the index of
the first FTN entry applied on this interface is n.
- To determine the FTN entry applied after the one indexed by n
perform a GETNEXT retrieval operation on
mplsFTNMapIfIndex.ifIndex.n.0; the returned object, if one
exists, is (say) mplsFTNMapIfIndex.n.m. Then the index of the
next FTN entry applied on this interface is m.
Nadeau et al. Expires September 2001 [Page 4]
Internet Draft MPLS FTN MIB April 1, 2001
Use the above steps to retrieve all the applied FTN entries on a per-
interface basis in application order. Note that the number of
retrieval operations is the same as the number of applied FTN entries
(i.e. the minimum number of GETNEXT operations needed using any
indexing scheme).
5.3. mplsFTNPerfTable
This table provides performance counters for each FTN entry that is
active on a per-interface basis. High capacity counters are provided
for situations where 32-bit counters would wrap around too quickly.
6. Example
TBD.
7. The Use of RowPointer
RowPointer is a textual convention used to identify a conceptual row
in an SNMP Table by pointing to one of its objects. In this MIB, in
mplsFTNTable, the RowPointer object mplsFTNActionPointer indicates
the LSP or tunnel to redirect packets matching an FTN entry to. This
object SHOULD point to the first column of the appropriate conceptual
row.
Alternately it allows some implementations, if they so choose, to
implement a different (proprietary) action table and use this object
to point to entries within that table. If this object returns
zeroDotZero it implies that there is no currently defined action that
is associated with that particular FTN entry.
8. MPLS FTN MIB Definitions
MPLS-FTN-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
Integer32, Unsigned32, Counter32, experimental
FROM SNMPv2-SMI
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
FROM SNMPv2-CONF
TEXTUAL-CONVENTION, TruthValue, RowStatus,
StorageType, DisplayString
FROM SNMPv2-TC
InterfaceIndexOrZero
FROM IF-MIB
Nadeau et al. Expires September 2001 [Page 5]
Internet Draft MPLS FTN MIB April 1, 2001
MplsTunnelIndex
FROM MPLS-TE-MIB
InetAddressIPv4, InetAddressIPv6, InetAddressType
FROM INET-ADDRESS-MIB;
mplsFTNMIB MODULE-IDENTITY
LAST-UPDATED "200104011200Z" -- 1 April 2001 12:00:00 EST
ORGANIZATION "Multiprotocol Label Switching (MPLS) Working Group"
CONTACT-INFO
" Thomas D. Nadeau
Postal: Cisco Systems, Inc.
250 Apollo Drive
Chelmsford, MA 01824
Tel: +1-978-244-3051
Email: tnadeau@cisco.com
Cheenu Srinivasan
Postal: Tachion Networks, Inc.
Monmouth Park Corporate Center I
Building C, 185 Monmouth Park Highway
West Long Branch, NJ 07764
Tel: +1-732-542-7750 x1234
Email: cheenu@tachion.com
Arun Viswanathan
Postal: Force10 Networks, Inc.
1440 McCarthy Blvd
Milpitas, CA 95035
Tel: +1-408-571-3516
Email: arun@force10networks.com"
DESCRIPTION
"This MIB module contains managed object definitions for
specifying FEC to NHLFE (FTN) mappings and corresponding
performance for MPLS."
-- Revision history.
REVISION
"200104011200Z" -- 1 April 2001 12:00:00 EST
DESCRIPTION
"Updates based on MPLS working group feedback."
REVISION
"200009201200Z" -- 20 September 2000 12:00:00 EST
DESCRIPTION
"First draft version issued as MPLS working group
document."
REVISION
"200007141200Z" -- 14 July 2000 12:00:00 EST
DESCRIPTION
Nadeau et al. Expires September 2001 [Page 6]
Internet Draft MPLS FTN MIB April 1, 2001
"Updated draft version."
REVISION
"200003032030Z" -- 03 March 2000 20:30:00 EST
DESCRIPTION
"Initial draft version."
::= { experimental oid } -- to be assigned
-- Textual Conventions.
MplsPortAddr ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"A TCP or UDP port number. Along with an IP address
identifies a stream of IP traffic uniquely."
SYNTAX INTEGER (0..65535)
MplsFTNIndex ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Index for an FTN entry."
SYNTAX Integer32(1..2147483647)
MplsFTNIndexOrZero ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Index for an FTN entry or zero."
SYNTAX Integer32(0..2147483647)
-- Top-Level Components of this MIB.
mplsFTNNotifications OBJECT IDENTIFIER ::= { mplsFTNMIB 0 }
mplsFTNObjects OBJECT IDENTIFIER ::= { mplsFTNMIB 1 }
mplsFTNConformance OBJECT IDENTIFIER ::= { mplsFTNMIB 2 }
-- FTN table.
mplsFTNIndexNext OBJECT-TYPE
SYNTAX MplsFTNIndexOrZero
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains the next appropriate value to be
used for mplsFTNIndex when creating entries in the
mplsFTNTable. If the number of unassigned entries is
exhausted, this object MUST return a value of 0. To
obtain the mplsFTNIndex value for a new entry, the
manager must first issue a management protocol
Nadeau et al. Expires September 2001 [Page 7]
Internet Draft MPLS FTN MIB April 1, 2001
retrieval operation to obtain the current value of this
object. The agent should modify the value to reflect
the next unassigned index after each retrieval
operation. After a manager retrieves a value the agent
will determine through its local policy when this index
value will be made available for reuse."
::= { mplsFTNObjects 1 }
mplsFTNTable OBJECT-TYPE
SYNTAX SEQUENCE OF MplsFTNEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains the currently defined FTN entries."
::= { mplsFTNObjects 2 }
mplsFTNEntry OBJECT-TYPE
SYNTAX MplsFTNEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry represents one FTN entry which defines a
rule to compare against incoming packets and an action
to be taken on matching packets."
INDEX { mplsFTNIndex }
::= { mplsFTNTable 1 }
MplsFTNEntry ::= SEQUENCE {
mplsFTNIndex MplsFTNIndex,
mplsFTNRowStatus RowStatus,
mplsFTNDescr DisplayString,
mplsFTNApplied TruthValue,
mplsFTNMask BITS,
mplsFTNAddrType InetAddressType,
mplsFTNSourceIpv4AddrMin InetAddressIPv4,
mplsFTNSourceIpv6AddrMin InetAddressIPv6,
mplsFTNSourceIpv4AddrMax InetAddressIPv4,
mplsFTNSourceIpv6AddrMax InetAddressIPv6,
mplsFTNDestIpv4AddrMin InetAddressIPv4,
mplsFTNDestIpv6AddrMin InetAddressIPv6,
mplsFTNDestIpv4AddrMax InetAddressIPv4,
mplsFTNDestIpv6AddrMax InetAddressIPv6,
mplsFTNSourcePortMin MplsPortAddr,
mplsFTNSourcePortMax MplsPortAddr,
mplsFTNDestPortMin MplsPortAddr,
mplsFTNDestPortMax MplsPortAddr,
mplsFTNProtocol INTEGER,
mplsFTNActionType INTEGER,
mplsFTNActionPointer RowPointer,
mplsFTNStorageType StorageType
Nadeau et al. Expires September 2001 [Page 8]
Internet Draft MPLS FTN MIB April 1, 2001
}
mplsFTNIndex OBJECT-TYPE
SYNTAX MplsFTNIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Unique index for the this entry."
::= { mplsFTNEntry 1 }
mplsFTNRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"For controlling the creation and deletion of this row."
::= { mplsFTNEntry 2 }
mplsFTNDescr OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Description of this FTN entry."
::= { mplsFTNEntry 3 }
mplsFTNApplied OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates whether this FTN entry has been applied on
any interface (using mplsFTNMapTable) or not."
::= { mplsFTNEntry 4 }
mplsFTNMask OBJECT-TYPE
SYNTAX BITS {
sourceAddr(0),
destAddr(1),
sourcePort(2),
destPort(3),
protocol(4)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This bit map indicates which of the fields described
next, namely source address range, destination address
range, source port range, destination port range, and
protocol is active for this FTN entry. If a particular
Nadeau et al. Expires September 2001 [Page 9]
Internet Draft MPLS FTN MIB April 1, 2001
bit is inactive (i.e., set to zero) then the
corresponding field in the packet is ignored for
comparison purposes."
::= { mplsFTNEntry 5 }
mplsFTNAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Type of IP packet that this entry will match against.
If this object has the value ipv4(1) then the objects
in this entry of type InetAddressIpv6 MUST be ignored
by management applications. If this object has the
value ipv6(1) then the objects in this entry of type
InetAddressIpv4 MUST be ignored by management
applications."
DEFVAL { ipv4 }
::= { mplsFTNEntry 6 }
mplsFTNSourceIpv4AddrMin OBJECT-TYPE
SYNTAX InetAddressIPv4
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Lower end of source address range - IPv4 version."
::= { mplsFTNEntry 7 }
mplsFTNSourceIpv6AddrMin OBJECT-TYPE
SYNTAX InetAddressIPv6
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" Lower end of source address range - IPv6 version."
::= { mplsFTNEntry 8 }
mplsFTNSourceIpv4AddrMax OBJECT-TYPE
SYNTAX InetAddressIPv4
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Upper end of source address range - IPv4 version."
::= { mplsFTNEntry 9 }
mplsFTNSourceIpv6AddrMax OBJECT-TYPE
SYNTAX InetAddressIPv6
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Upper end of source address range - IPv4 version."
Nadeau et al. Expires September 2001 [Page 10]
Internet Draft MPLS FTN MIB April 1, 2001
::= { mplsFTNEntry 10 }
mplsFTNDestIpv4AddrMin OBJECT-TYPE
SYNTAX InetAddressIPv4
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Lower end of destination address range - IPv4 version."
::= { mplsFTNEntry 11 }
mplsFTNDestIpv6AddrMin OBJECT-TYPE
SYNTAX InetAddressIPv6
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Lower end of destination address range - IPv6 version."
::= { mplsFTNEntry 12 }
mplsFTNDestIpv4AddrMax OBJECT-TYPE
SYNTAX InetAddressIPv4
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Upper end of destination address range - IPv4 version "
::= { mplsFTNEntry 13 }
mplsFTNDestIpv6AddrMax OBJECT-TYPE
SYNTAX InetAddressIPv6
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Upper end of destination address range - IPv6 version "
::= { mplsFTNEntry 14 }
mplsFTNSourcePortMin OBJECT-TYPE
SYNTAX MplsPortAddr
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Lower end of source port range."
::= { mplsFTNEntry 15 }
mplsFTNSourcePortMax OBJECT-TYPE
SYNTAX MplsPortAddr
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Higher end of source port range "
::= { mplsFTNEntry 16 }
Nadeau et al. Expires September 2001 [Page 11]
Internet Draft MPLS FTN MIB April 1, 2001
mplsFTNDestPortMin OBJECT-TYPE
SYNTAX MplsPortAddr
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Lower end of the destination port range."
::= { mplsFTNEntry 17 }
mplsFTNDestPortMax OBJECT-TYPE
SYNTAX MplsPortAddr
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Higher end of the destination port range."
::= { mplsFTNEntry 18 }
mplsFTNProtocol OBJECT-TYPE
SYNTAX INTEGER (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Protocol."
::= { mplsFTNEntry 19 }
mplsFTNActionType OBJECT-TYPE
SYNTAX INTEGER {
drop(1), -- discard this packet
redirectLsp(2), -- redirect into specified LSP
redirectTunnel(3) -- redirect into specified tunnel
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of action to be taken on packets matching this
FTN entry."
::= { mplsFTNEntry 20 }
mplsFTNActionPointer OBJECT-TYPE
SYNTAX RowPointer
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"If mplsFTNActionType is redirectLsp(2), then this
object indicates the instance of mplsXCEntry for the
LSP to redirect matching packets to. If
mplsFTNActionType is redirectTunnel(3), then this
object indicates the instance of mplsTunnelEntry for
the MPLS tunnel to redirect matching packets to. For
other values of mplsFTNActionType this object MUST be
ignored by management applications. Agents SHOULD
Nadeau et al. Expires September 2001 [Page 12]
Internet Draft MPLS FTN MIB April 1, 2001
return zeroDotZero as the value of this object."
::= { mplsFTNEntry 21 }
mplsFTNStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The storage type for this FTN entry."
::= { mplsFTNEntry 22 }
-- End of mplsFTNTable.
-- FTN to interface mapping table.
mplsFTNMapTable OBJECT-TYPE
SYNTAX SEQUENCE OF MplsFTNMapEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains objects for mapping previously
defined entries in mplsFTNTable to interfaces."
::= { mplsFTNObjects 3 }
mplsFTNMapEntry OBJECT-TYPE
SYNTAX MplsFTNMapEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry indicates the application of a particular
entry defined in mplsFTNTable on an interface. The
order of application of FTN entries on an interface is
the order in which they will be compared against
incoming packets for a match. Each entry of this table
is indexed by the interface index that the FTN entry is
applied to, with the value 0 representing all
interfaces, the index of the previous FTN entry applied
on the interface and the index of the current FTN
entry. This linked-list structure allows FTN entries to
be inserted at arbitrary positions in the list. Agents
MUST NOT allow the same FTN entries to be applied
multiple times to the same interface."
INDEX {
mplsFTNMapIfIndex,
mplsFTNMapPrevIndex,
mplsFTNMapCurrIndex
}
::= { mplsFTNMapTable 1 }
Nadeau et al. Expires September 2001 [Page 13]
Internet Draft MPLS FTN MIB April 1, 2001
MplsFTNMapEntry ::= SEQUENCE {
mplsFTNMapIfIndex InterfaceIndexOrZero,
mplsFTNMapPrevIndex MplsFTNIndexOrZero,
mplsFTNMapCurrIndex MplsFTNIndex,
mplsFTNMapRowStatus RowStatus,
mplsFTNMapStorageType StorageType
}
mplsFTNMapIfIndex OBJECT-TYPE
SYNTAX InterfaceIndexOrZero
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Interface index that this FTN entry is being applied
to. Zero represents all interfaces."
::= { mplsFTNMapEntry 1 }
mplsFTNMapPrevIndex OBJECT-TYPE
SYNTAX MplsFTNIndexOrZero
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Index of the previous FTN entry that was applied to
this interface. Zero indicates that this should be the
first FTN entry in the list."
::= { mplsFTNMapEntry 2 }
mplsFTNMapCurrIndex OBJECT-TYPE
SYNTAX MplsFTNIndex
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Index of the current FTN entry that is being applied to
this interface."
::= { mplsFTNMapEntry 3 }
mplsFTNMapRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"For controlling the creation and deletion of this row."
::= { mplsFTNMapEntry 4 }
mplsFTNMapStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The storage type for this entry."
Nadeau et al. Expires September 2001 [Page 14]
Internet Draft MPLS FTN MIB April 1, 2001
::= { mplsFTNMapEntry 5 }
-- End of mplsFTNMapTable
-- FTN entry performance table
mplsFTNPerfTable OBJECT-TYPE
SYNTAX SEQUENCE OF MplsFTNPerfEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains performance statistics on FTN
entries on a per-interface basis."
::= { mplsFTNObjects 4 }
mplsFTNPerfEntry OBJECT-TYPE
SYNTAX MplsFTNPerfEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains performance information for the
specified interface and FTN entry activated/mapped to
this interface."
INDEX { mplsFTNMapIfIndex, mplsFTNMapCurrIndex }
::= { mplsFTNPerfTable 1 }
MplsFTNPerfEntry ::= SEQUENCE {
mplsFTNMatchedPackets Counter32,
mplsFTNMatchedOctets Counter32,
mplsFTNMatchedHCPackets Counter64,
mplsFTNMatchedHCOctets Counter64
}
mplsFTNMatchedPackets OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of packets that matched the specified FTN entry
if it is applied/mapped to the specified interface."
::= { mplsFTNPerfEntry 1 }
mplsFTNMatchedOctets OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number of octets that matched the specified FTN entry
if it is applied/mapped to the specified interface."
::= { mplsFTNPerfEntry 2 }
Nadeau et al. Expires September 2001 [Page 15]
Internet Draft MPLS FTN MIB April 1, 2001
mplsFTNMatchedHCPackets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"High-capacity counter for the number of packets that
matched the specified FTN entry if it is applied/mapped
to the specified interface."
::= { mplsFTNPerfEntry 3 }
mplsFTNMatchedHCOctets OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"High-capacity counter for the number of octets that
matched the specified FTN entry if it is applied/mapped
to the specified interface."
::= { mplsFTNPerfEntry 4 }
-- End of mplsFTNPerfTable
-- Module compliance.
mplsFTNGroups
OBJECT IDENTIFIER ::= { mplsFTNConformance 1 }
mplsFTNCompliances
OBJECT IDENTIFIER ::= { mplsFTNConformance 2 }
mplsFTNModuleCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"Compliance statement for agents that support the MPLS
FTN MIB."
MODULE -- this module
-- The mandatory groups have to be implemented
-- by all LSRs. However, they may all be supported
-- as read-only objects in the case where manual
-- configuration is unsupported.
MANDATORY-GROUPS {
mplsFTNRuleGroup,
mplsFTNMapGroup
}
GROUP mplsFTNHCPerfGroup
Nadeau et al. Expires September 2001 [Page 16]
Internet Draft MPLS FTN MIB April 1, 2001
DESCRIPTION
"This group is mandatory for those performance entries
for which the object mplsFTNMatchedHCOctets and
mplsFTNMatchedHCPackets wrap around too quickly."
::= { mplsFTNCompliances 1 }
-- Units of conformance.
mplsFTNRuleGroup OBJECT-GROUP
OBJECTS {
mplsFTNIndexNext,
mplsFTNRowStatus,
mplsFTNDescr,
mplsFTNApplied,
mplsFTNMask,
mplsFTNAddrType,
mplsFTNSourceIpv4AddrMin,
mplsFTNSourceIpv6AddrMin,
mplsFTNSourceIpv4AddrMax,
mplsFTNSourceIpv6AddrMax,
mplsFTNDestIpv4AddrMin,
mplsFTNDestIpv6AddrMin,
mplsFTNDestIpv4AddrMax,
mplsFTNDestIpv6AddrMax,
mplsFTNSourcePortMin,
mplsFTNSourcePortMax,
mplsFTNDestPortMin,
mplsFTNDestPortMax,
mplsFTNProtocol,
mplsFTNActionType,
mplsFTNActionPointer,
mplsFTNStorageType
}
STATUS current
DESCRIPTION
"Collection of objects needed for MPLS FTN
configuration."
::= { mplsFTNGroups 1 }
mplsFTNMapGroup OBJECT-GROUP
OBJECTS {
mplsFTNMapIfIndex,
mplsFTNMapPrevIndex,
mplsFTNMapCurrIndex,
mplsFTNMapRowStatus,
mplsFTNMapStorageType
}
STATUS current
DESCRIPTION
"Collection of objects needed for MPLS FTN activation."
::= { mplsFTNGroups 2 }
Nadeau et al. Expires September 2001 [Page 17]
Internet Draft MPLS FTN MIB April 1, 2001
mplsFTNPerfGroup OBJECT-GROUP
OBJECTS {
mplsFTNMatchedPackets,
mplsFTNMatchedOctets
}
STATUS current
DESCRIPTION
"Collection of objects needed for MPLS FTN performance
monitoring."
::= { mplsFTNGroups 3 }
mplsFTNHCPerfGroup OBJECT-GROUP
OBJECTS {
mplsFTNMatchedHCPackets,
mplsFTNMatchedHCOctets
}
STATUS current
DESCRIPTION
"Collection of objects needed for MPLS FTN performance
monitoring using high-capacity counters."
::= { mplsFTNGroups 4 }
-- End of MPLS-FTN-MIB
END
9. Security Considerations
It is clear that this MIB can be used for configuration of certain
objects, and anything that can be configured can be incorrectly
configured, with potentially disastrous results.
At this writing, no security holes have been identified beyond those
that SNMP Security [SNMPArch] is itself intended to address. These
relate to primarily controlled access to sensitive information and
the ability to configure a device - or which might result from
operator error, which is beyond the scope of any security
architecture.
There are a number of management objects defined in this MIB which
have a MAX-ACCESS clause of read-write and/or read-create. Such
objects may be considered sensitive or vulnerable in some network
environments. The support for SET operations in a non-secure
environment without proper protection can have a negative effect on
network operations. The use of SNMP Version 3 is recommended over
prior versions, for configuration control, as its security model is
improved.
Nadeau et al. Expires September 2001 [Page 18]
Internet Draft MPLS FTN MIB April 1, 2001
SNMPv1 or SNMPv2 are by themselves not a secure environment. Even if
the network itself is secure (for example by using IPSec [IPSEC]),
there is no control as to who on the secure network is allowed to
access and GET/SET (read/change/create/delete) the objects in this
MIB. It is recommended that the implementers consider the security
features as provided by the SNMPv3 framework. Specifically, the use
of the User-based Security Model [SNMPv3USM] and the View-based
Access Control [SNMPv3VACM] is recommended. It is then a
customer/user responsibility to ensure that the SNMP entity giving
access to an instance of this MIB is properly configured to give
access to the objects only to those principals (users) that have
legitimate rights to indeed GET or SET (change/create/delete) them.
There are a number of managed objects in this MIB that may contain
information that may be sensitive from a business perspective, in
that they represent a customer's interface to the MPLS network.
Allowing uncontrolled access to these objects could result in
malicious and unwanted disruptions of network traffic or incorrect
configurations for these customers. There are no objects that are
particularly sensitive in their own right, such as passwords or
monetary amounts.
10. References
[MPLSArch] Rosen, E., Viswanathan, A., and R. Callon,
"Multiprotocol Label Switching Architecture", Internet
Draft <draft-ietf-mpls-arch-03.txt>, February 1999.
[MPLSFW] Callon, R., Doolan, P., Feldman, N., Fredette, A.,
Swallow, G., and A. Viswanathan, "A Framework for
Multiprotocol Label Switching", Internet Draft <draft-
ietf-mpls-framework-02.txt>, November 1997.
[LSRMIB] Srinivasan, C., Viswanathan, A. and T. Nadeau, "MPLS
Label Switch Router Management Information Base Using
SMIv2", Internet Draft <draft-ietf-mpls-lsr-mib-
06.txt>, July 2000.
[TEMIB] Srinivasan, C., Viswanathan, A. and Nadeau, T., "MPLS
Traffic Engineering Management Information Base Using
SMIv2", Internet Draft <draft-ietf-mpls-te-mib-
04.txt>, July 2000.
[LDPMIB] Cucchiara, J., Sjostrand, H., and J. Luciani, "
Definitions of Managed Objects for the Multiprotocol
Label Switching, Label Distribution Protocol (LDP)",
Internet Draft <draft-ietf-mpls-ldp-mib-07.txt>,
August 2000.
Nadeau et al. Expires September 2001 [Page 19]
Internet Draft MPLS FTN MIB April 1, 2001
[LblStk] Rosen, E., Rekhter, Y., Tappan, D., Farinacci, D.,
Federokow, G., Li, T., and A. Conta, "MPLS Label Stack
Encoding", Internet Draft <draft-ietf-mpls-label-
encaps-03.txt>, September 1998.
[RSVPTun] Awaduche, D., Berger, L., Der-Haw, G., Li, T.,
Swallow, G., and V. Srinivasan, "Extensions to RSVP
for LSP Tunnels", Internet Draft <draft-mpls-rsvp-lsp-
tunnel-00.txt>, November 1998.
[CRLDP] Andersson, L., Fredette, A., Jamoussi, B., Callon, R.,
Doolan, P., Feldman, N., Gray, E., Halpern, J.,
Heinenan, J., Kilty, T., Malis, A., Girish, M.,
Sundell, K., Vaananen, P., T. Worster, Wu, L., and
Dantu, R., "Explicit Routing Over LDP Specification",
Internet Draft <draft-jamoussi-mpls-cr-ldp-00.txt>,
November 1998.
[Assigned] Reynolds, J., and J. Postel, "Assigned Numbers", RFC
1700, October 1994.
[SNMPArch] Harrington, D., Presuhn, R., and B. Wijnen, "An
Architecture for Describing SNMP Management
Frameworks", RFC 2271, January 1998.
[SMIv1] Rose, M., and K. McCloghrie, "Structure and
Identification of Management Information for TCP/IP-
based Internets", RFC 1155, May 1990.
[SNMPv1MIBDef]Rose, M., and K. McCloghrie, "Concise MIB
Definitions", RFC 1212, March 1991.
[SNMPv1Traps] M. Rose, "A Convention for Defining Traps for use with
the SNMP", RFC 1215, March 1991.
[SMIv2] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
"Structure of Management Information for Version 2 of
the Simple Network Management Protocol (SNMPv2)", RFC
1902, January 1996.
[SNMPv2TC] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
"Textual Conventions for Version 2 of the Simple
Network Management Protocol (SNMPv2)", RFC 1903, SNMP
Research, Inc., Cisco Systems, Inc., January 1996.
[SNMPv2Conf] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
"Conformance Statements for Version 2 of the Simple
Network Management Protocol (SNMPv2)", RFC 1904,
January 1996.
Nadeau et al. Expires September 2001 [Page 20]
Internet Draft MPLS FTN MIB April 1, 2001
[SNMPv1] Case, J., Fedor, M., Schoffstall, M., and J. Davin,
"Simple Network Management Protocol", RFC 1157, May
1990.
[SNMPv2c] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
"Introduction to Community-based SNMPv2", RFC 1901,
January 1996.
[SNMPv2TM] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
"Transport Mappings for Version 2 of the Simple
Network Management Protocol (SNMPv2)", RFC 1906,
January 1996.
[SNMPv3MP] Case, J., Harrington D., Presuhn R., and B. Wijnen,
"Message Processing and Dispatching for the Simple
Network Management Protocol (SNMP)", RFC 2272, January
1998.
[SNMPv3USM] Blumenthal, U., and B. Wijnen, "User-based Security
Model (USM) for version 3 of the Simple Network
Management Protocol (SNMPv3)", RFC 2274, January 1998.
[SNMPv2PO] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
"Protocol Operations for Version 2 of the Simple
Network Management Protocol (SNMPv2)", RFC 1905,
January 1996.
[SNMPv3App] Levi, D., Meyer, P., and B. Stewart, "SNMPv3
Applications", RFC 2273, January 1998
[SNMPv3VACM] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-
based Access Control Model (VACM) for the Simple
Network Management Protocol (SNMP)", RFC 2275, January
1998
11. Authors' Addresses
Thomas D. Nadeau
Cisco Systems, Inc.
300 Apollo Drive
Chelmsford, MA 01824
Phone: +1-978-244-3051
Email: tnadeau@cisco.com
Cheenu Srinivasan
Tachion Networks, Inc.
185 Monmouth Park Highway
West Long Branch, NJ 07764
Phone: +1-732-542-7750 x1234
Nadeau et al. Expires September 2001 [Page 21]
Internet Draft MPLS FTN MIB April 1, 2001
Email: cheenu@tachion.com
Arun Viswanathan
Force10 Networks, Inc.
1440 McCarthy Blvd
Milpitas, CA 95035
Phone: +1-408-571-3516
Email: arun@force10networks.com
12. Acknowledgements
We would like to thank Joan Cucchiara for her insightful
comments on this draft.
13. Full Copyright Statement
Copyright (C) The Internet Society (2000). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns. This
document and the information contained herein is provided on an "AS
IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK
FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT
NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN
WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Nadeau et al. Expires September 2001 [Page 22]
