MADMAN Working Group                  Glenn Mansfield [glenn@cysols.com]
INTERNET-DRAFT                                      Cyber Solutions Inc.
draft-mansfield-irr-mib-00.txt                               August 1998


                   The Internet Routing Registry MIB

Status of this Memo

   This document is an Internet Draft. Internet Drafts are working
   documents of the Internet Engineering Task Force (IETF), its Areas,
   and its Working Groups. Note that other groups may also distribute
   working documents as Internet Drafts.

   Internet Drafts are draft documents valid for a maximum of six
   months. Internet Drafts may be updated, replaced, or obsoleted by
   other documents at any time.  It is not appropriate to use Internet
   Drafts as reference material or to cite them other than as a "working
   draft" or "work in progress."

   To view the entire list of current Internet-Drafts, please check the
   "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow
   Directories on ftp.is.co.za (Africa), ftp.nordu.net (Northern
   Europe), ftp.nis.garr.it (Southern Europe), munnari.oz.au (Pacific
   Rim), ftp.ietf.org (US East Coast), or ftp.isi.edu (US West Coast).

Abstract


   A routing registry(RR) is a repository of routing policy information.
   The IETF-RPSL-WG has developed a Routing Policy Specification
   Language (RPSL) for describing routing policy constraints.

   This document addresses the need for providing the means of managing
   the routing registry as well as to provide access to the routing
   registry from within the Internet standard network management
   framework.  It defines a portion of the Management Information Base
   (MIB) for use with network management protocols in the Internet
   community to monitor and manage the RRs.












Expires: February  7, 1998                                      [Page 1]


Internet Draft                                             August 5 1997


Table of Contents

   1.  The Routing Registry .......................................... 2
   2.  Rationale for having a Routing Registry MIB ................... 2
   3.  The Restriction of scope ...................................... 3
   4.  The SNMPv2 Network Management Framework  ...................... 3
   5.  The IRR MIB Model ............................................. 4
   6.  The IRR MIB ................................................... 5
   7.  Acknowledgements .............................................. 8
   8.  References .................................................... 8
   Security Considerations ........................................... 9
   Authors' Addresses ................................................ 9




1. The Routing Registry.


   The IRR is a repository of routing policies. The policies are
   themselves described the Routing Policy Specification Language
   (RPSL)[1]. Network operators and administrators are expected to
   announce their network routing policies by registering the same in
   the IRR.

   For a tutorial on using the  Routing  Policy  Specification Language
   (RPSL) to  describe  routing  policies  in  an IRR readers are
   encouraged to refer to [2].



   2.  Rationale for having a Routing Registry MIB.

   The usage of the IRR has evolved from the initial goals of plain
   information sharing to more involved applications ranging from
   troubleshooting to detecting and eliminating conflicting routing
   requirements, router configuration, network management and mapping.

   These new usages have on the one hand brought in stronger requirement
   for data integrity and security [8]. On the other hand it has brought
   in the requirement of being able to monitor a RR from within the
   standard network management framework as well to allow access to the
   information in the RR itself using the same network management
   protocols.

   The third revision of the Internet network management framework has
   put in place a safe and secure mechanism of accessing management
   information. There is also a gathering momentum to manage network



Expires: February  7, 1998                                      [Page 2]


Internet Draft                                             August 5 1997


   applications, hosts, resources and anything that is related to the
   operation of the network, within the standard Internet network
   management framework.

   The IRR is an important network resource and as such needs to be
   managed effectively. Management would certainly involve monitoring
   the status of the IRR DB. Moreover the information resource
   represented by the IRR is of great use to network management
   applications. Thus there is a substantial requirement to allow access
   to the IRR using the standard network management protocols. With the
   security and access control mechanisms firmly in place in the SNMP
   framework, the database contents may be updated subject to the
   locally enforced access controls.

   The new SNMP-based access mechanism will not exclude the present
   access mechanism, it will supplement the present mechanisms. One can
   foresee other modes of access, too  e.g. LDAP.



   3.  The Restriction of scope.

      To keep the MIB implementation and description relatively simple
   the the scope of the IRR-MIB is restricted as follows.

      o The present MIB will not concern itself with the distributed nature
        of the IRR.

      o The MIB itself will not contain information about or vouch for data
        integrity.

      o The consistency of the data retrieved from the MIB is not guaranteed.
        Separate mechanisms will need to be employed for which provisions
        will be made (like sync point information).


   4.  The SNMPv2 Network Management Framework.

   The major components of the SNMPv2 Network Management framework  are
   described in the documents listed below.


         o RFC 1902 [3] defines the Structure of Management Information
           (SMI), the mechanisms used for describing and naming objects
           for the purpose of management.

         o STD 17, RFC 1213 [4] defines MIB-II, the core set of managed
           objects (MO) for the Internet suite of protocols.



Expires: February  7, 1998                                      [Page 3]


Internet Draft                                             August 5 1997


         o RFC 1905 [5] defines the protocol used for network access to
           managed objects.

   Textual conventions are defined in RFC 1903 [6], and conformance
   statements are defined in RFC 1904 [7].

   The framework is adaptable/extensible by defining new MIBs to suit
   the requirements of specific applications/protocols/situations.

   1.1.  Object Definitions.



   Managed objects are accessed via a virtual information store, the
   MIB.  Objects in the MIB are defined using the subset of Abstract
   Syntax Notation One (ASN.1) defined in the SMI.  In particular, each
   object type is named by an OBJECT IDENTIFIER, which is an
   administratively assigned name.  The object type together with an
   object instance serves to uniquely identify a specific instantiation
   of the object.  For human convenience, often a textual string, termed
   the descriptor, is used to refer to the object type.


   4.  The IRR MIB Model.

                      +------------+               +--------------+
                      |            |               |              |
                      |            |               |              |
                      |  IRR-DB    |<------------->| IRR server   |
                      |            |               |              |
                      |            |               |              |
                      +-----X------+               +--------------+
                            |
                            |
                      +-----X------+               +--------------+
                      |            |               |              |
                      |  IRR-MIB   |<------------->|   SNMPD      |
                      |            |               |              |
                      +------------+               +--------------+

   The IRR-MIB essentially consists of two components. The iRRstatsTable
   and the iRRDBs.

   The iRRstatsTable contains the summary statistics of all the modules
   of the IRR, the owner of the module, the number of objects
   corresponding to each IRR object-type, and the date and time of last
   update.




Expires: February  7, 1998                                      [Page 4]


Internet Draft                                             August 5 1997


   The iRRDBs contains tables corresponding to the each object types.



   5.  The IRR MIB.


   IRR-MIB DEFINITIONS ::= BEGIN

    IMPORTS
      MODULE-IDENTITY,  Counter32, Gauge32, OBJECT-TYPE
                 FROM SNMPv2-SMI
      DisplayString,    TimeStamp
                 FROM SNMPv2-TC
      MODULE-COMPLIANCE, OBJECT-GROUP
                 FROM SNMPv2-CONF;

    iRRMIB MODULE-IDENTITY
       LAST-UPDATED "9808050000Z"
       ORGANIZATION "The WIDE project "
       CONTACT-INFO
              "        Glenn Mansfield
               Postal: Cyber Solutions Inc.
                       6-6-3, Minami Yoshinari
                       Aoba-ku, Sendai, Japan 989-3204.

               Tel:    +81-22-303-4012
               Fax:    +81-22-303-4015
               E-mail: glenn@cysols.com"
       DESCRIPTION
               " The MIB module for monitoring and accessing the IRR."
            ::= { experimental NN }


    iRRStatsTable OBJECT-TYPE
        SYNTAX SEQUENCE OF iRRStatsTableEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
          " The table holding information related to the Directory
            Servers."
        ::= {iRRMIB 1}

    iRRStatsTableEntry OBJECT-TYPE
        SYNTAX IRRStatsTableEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION



Expires: February  7, 1998                                      [Page 5]


Internet Draft                                             August 5 1997


          " Entry containing summary description for each module
            of the IRR-DB."
        INDEX { iRRModuleIndex }
        ::= {iRRStatsTable 1}


    IRRStatsTableEntry ::= SEQUENCE {
        iRRModuleIndex
            INTEGER,
        iRRModuleDescription
            DisplayString,
        iRRAsObjects
            Gauge32,
        iRRMntnerObjects
            Gauge32,
        iRRPersonObjects
            Gauge32,
        iRRRouteObjects
            Counter32,
    --  ..
    --  ..
    }


    iRRModuleIndex OBJECT-TYPE
        SYNTAX INTEGER (1..255)
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
         "An index to uniquely identify the IRR module.
          This attribute is the index used for lexicographic
          ordering of the table."
        ::= {iRRStatsTableEntry 1}

    iRRModuleDescription OBJECT-TYPE
        SYNTAX Display
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
          " Describes the IRR DB Module."
        ::= {iRRStatsTableEntry 2}










Expires: February  7, 1998                                      [Page 6]


Internet Draft                                             August 5 1997


    iRRAsObjects OBJECT-TYPE
        SYNTAX Gauge32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
          " Number of As Objects in this module."
        ::= {iRRStatsTableEntry  3}


     -- etc.
     -- etc.
    iRRDBs OBJECT-TYPE ::= {iRRMIB 2}


    iRRASTable OBJECT-TYPE
        SYNTAX iRRAsTableEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
          " Table containing the AS Objects
            of the IRR-DB corresponding to the
            module indexed by iRRModuleIndex."
        INDEX { iRRModuleIndex }
        ::= {iRRDBs 1}

     iRRASTableEntry OBJECT-TYPE
        SYNTAX IRRASTableEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
          " Entry containing the attributes of the AS object."
        INDEX { iRRAsNumber,  }
        ::= {iRRASTable 1}

    IRRASTableEntry ::= SEQUENCE {
        iRRAsNumber
            INTEGER,
        iRRAsName
            DisplayString,
    --  ..
    --  ..
    }









Expires: February  7, 1998                                      [Page 7]


Internet Draft                                             August 5 1997


    iRRAsNumber OBJECT-TYPE
        SYNTAX INTEGER (1..100000)
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
         "The AS number. It also uniquely identifies the AS."
        ::= {iRRASTableEntry 1}

    iRRAsName OBJECT-TYPE
        SYNTAX DisplayString
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
          " The name of the AS."
        ::= {iRRASTableEntry 2}

     -- etc.
     -- etc.

   END


7.  Acknowledgments



  This document draws from the discussion within the WIDE project and with
  personnel of NTT-Data's networking group.

8.  References


   [1]  C. Alaettinoglu, T. Bates, E. Gerich, D. Karrenberg, D. Meyer,
        M. Terpstra, and C. Villamizar.     Routing policy specification
        language (rpsl). Technical Report RFC 2280, Internet Engineering
        Task Force, 1998. ftp://ds.internic.net/rfc/rfc2280.txt.

   [2]  T. Bates, E. Gerich, L. Joncheray, J-M.
        Jouanigot, D. Karrenberg, M. Terpstra, and J. Yu. Representation
        of ip routing policies in a routing reg-
        istry (ripe-81++). Technical Report RFC 1786, Internet Engineer-
        ing Task Force, 1995. ftp://ds.internic.net/rfc/rfc1786.txt.

   [3] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Structure
       of Management Information for version 2 of the Simple Network
       Management Protocol (SNMPv2)", RFC 1902, SNMP Research,Inc.,
       Hughes LAN Systems, Dover Beach Consulting, Inc., Carnegie Mellon
       University, January 1996.



Expires: February  7, 1998                                      [Page 8]


Internet Draft                                             August 5 1997


   [4] McCloghrie, K., and M. Rose, Editors, "Management Information
       Base for Network Management of TCP/IP-based internets: MIB-II",
       STD 17, RFC 1213, Hughes LAN Systems, Performance Systems
       International, March 1991.

   [5] Case, J., McCloghrie, K., Rose, M., and S, Waldbusser, "Protocol
       Operations for version 2 of the Simple Network Management
       Protocol (SNMPv2)", RFC 1905, SNMP Research,Inc., Hughes LAN
       Systems, Dover Beach Consulting, Inc., Carnegie Mellon
       University, January 1996.

   [6] Case, J., McCloghrie, K., Rose, M., Waldbusser, S., "Textual
       Conventions for Version 2 of the Simple Network Management Protocol
       (SNMPv2)", RFC 1903, January 1996.

   [7] Case, J., McCloghrie, K., Rose, M., Waldbusser, S., "Conformance
       Statements for Version 2 of the Simple Network Management Protocol
       (SNMPv2)", RFC 1904, January 1996.

   [8] Meyer, D., Schmitz, J., Orange, C., Alaettinoglu, C., "Using RPSL
       in Practice", work in progress, draft-ietf-rps-appl-rpsl-02.txt.

Security Considerations

   The contents of the IRR are sensitive and are likely to effect the operation
   on a small or large scale.

   The defined MIB provides read-write access to information in the IRR.
   Thus it may be used for active attacks on the system.  Proper access
   controls and security mechanism available in the SNMP framework need to
   put in place to before allowing write access.


Authors' Addresses

   Glenn Mansfield
   Cyber Solutions Inc.
   6-6-3 Minami Yoshinari
   Aoba-ku, Sendai 989-3204
   Japan

   Phone: +81-22-303-4012
   EMail: glenn@cysols.com








Expires: February  7, 1998                                      [Page 9]