Definitions of Managed Objects for Middlebox Communication
RFC 5190

 
Document Type RFC - Proposed Standard (March 2008; No errata)
Last updated 2013-03-02
Replaces draft-barnes-midcom-mib
Stream IETF
Formats plain text pdf html
Stream WG state (None)
Consensus Unknown
Document shepherd No shepherd assigned
IESG IESG state RFC 5190 (Proposed Standard)
Telechat date
Responsible AD Magnus Westerlund
Send notices to midcom-chairs@ietf.org,srisuresh@yahoo.com,stiemerling@netlab.nec.de,quittek@netlab.nec.de
Network Working Group                                         J. Quittek
Request for Comments: 5190                                M. Stiemerling
Category: Standards Track                                            NEC
                                                            P. Srisuresh
                                                          Kazeon Systems
                                                              March 2008

       Definitions of Managed Objects for Middlebox Communication

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Abstract

   This memo defines a portion of the Management Information Base (MIB)
   for use with network management protocols in the Internet community.
   In particular, it describes a set of managed objects that allow
   configuring middleboxes, such as firewalls and network address
   translators, in order to enable communication across these devices.
   The definitions of managed objects in this documents follow closely
   the MIDCOM semantics defined in RFC 5189.

Quittek, et al.             Standards Track                     [Page 1]
RFC 5190                       MIDCOM MIB                     March 2008

Table of Contents

   1. Introduction ....................................................4
   2. The Internet-Standard Management Framework ......................4
   3. Overview ........................................................4
      3.1. Terminology ................................................5
   4. Realizing the MIDCOM Protocol with SNMP .........................6
      4.1. MIDCOM Sessions ............................................6
           4.1.1. Authentication and Authorization ....................6
      4.2. MIDCOM Transactions ........................................7
           4.2.1. Asynchronous Transactions ...........................7
           4.2.2. Configuration Transactions ..........................8
           4.2.3. Monitoring Transactions ............................11
           4.2.4. Atomicity of MIDCOM Transactions ...................12
                  4.2.4.1. Asynchronous MIDCOM Transactions ..........12
                  4.2.4.2. Session Establishment and
                           Termination Transactions ..................12
                  4.2.4.3. Monitoring Transactions ...................13
                  4.2.4.4. Lifetime Change Transactions ..............13
                  4.2.4.5. Transactions Establishing New
                           Policy Rules ..............................14
           4.2.5. Access Control .....................................14
      4.3. Access Control Policies ...................................14
   5. Structure of the MIB Module ....................................15
      5.1. Transaction Objects .......................................16
           5.1.1. midcomRuleTable ....................................17
           5.1.2. midcomGroupTable ...................................19
      5.2. Configuration Objects .....................................20
           5.2.1. Capabilities .......................................20
           5.2.2. midcomConfigFirewallTable ..........................21
      5.3. Monitoring Objects ........................................22
           5.3.1. midcomResourceTable ................................22
           5.3.2. midcomStatistics ...................................24
      5.4. Notifications .............................................25
   6. Recommendations for Configuration and Operation ................26
      6.1. Security Model Configuration ..............................26
      6.2. VACM Configuration ........................................27
      6.3. Notification Configuration ................................28
      6.4. Simultaneous Access .......................................28
      6.5. Avoiding Idempotency Problems .............................29
      6.6. Interface Indexing Problems ...............................29
      6.7. Applicability Restrictions ................................30
   7. Usage Examples for MIDCOM Transactions .........................30
      7.1. Session Establishment (SE) ................................31
      7.2. Session Termination (ST) ..................................31
      7.3. Policy Reserve Rule (PRR) .................................31
      7.4. Policy Enable Rule (PER) after PRR ........................33
      7.5. Policy Enable Rule (PER) without Previous PRR .............34

Quittek, et al.             Standards Track                     [Page 2]
Show full document text