IPCDN Working Group Wim De Ketelaere INTERNET-DRAFT tComLabs draft-ietf-ipcdn-pktc-eventmess-12 Eugene Nechamkin Category: Standards Track Broadcom Corp. Sumanth Channabasappa CableLabs Expires: May 16, 2008 November 17, 2007 Management Event Management Information Base (MIB) for PacketCable- and IPCablecom-Compliant Devices Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.html The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html Abstract This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it defines a basic set of managed objects for Simple Network Management Protocol (SNMP)-based management of events that can be generated by PacketCable- and IPCablecom-compliant Multimedia Terminal Adapter devices. De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 1] PacketCable/IPCablecom Event management MTA MIB September 2007 Table of Contents 1. The Internet-Standard Management Framework....................2 2. Introduction..................................................2 3. Terminology...................................................3 3.1 PacketCable...............................................3 3.2 IPCableCom................................................3 3.3 MTA.......................................................4 3.4 Endpoint..................................................4 3.5 MSO.......................................................4 3.6 UDP.......................................................4 4. Overview......................................................4 4.1 Structure of the MIB......................................5 4.2 pktcEventControl..........................................6 4.3 pktcEventThrottle.........................................6 4.4 pktcEventStatus...........................................7 4.5 pktcEvent.................................................7 4.6 pktcEventLog..............................................7 4.7 pktcEventNotifications....................................7 5. Relationship to Other MIB Modules.............................7 5.1 MIB modules required for IMPORTS..........................7 6. Definitions...................................................7 7. Acknowledgments..............................................31 8. Normative References.........................................31 9. Informative References.......................................33 10. IANA Considerations.........................................34 11. Security Considerations.....................................34 12. Authors' Addresses..........................................36 Full Copyright Statement........................................36 Intellectual Property...........................................37 1. The Internet-Standard Management Framework For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580]. 2. Introduction De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 2] PacketCable/IPCablecom Event management MTA MIB September 2007 A multimedia terminal adapter (MTA) is used to deliver broadband Internet, data, and/or voice access jointly with telephony service to a subscriber's or customer's premises using a cable network infrastructure. A MTA is normally installed at the customer's or subscriber's premises, and it is coupled to a multiple system operator (MSO) using a hybrid fiber coax (HFC) access network. A MTA is provisioned by the MSO for broadband Internet, data, and/or voice service. For more information on MTA provisioning refer to [PKT-SP-PROV] and [RFC4682]. MTA devices include one or more endpoints (e.g., telephone ports) which receive call signaling information to establish ring cadence, and codecs used for providing telephony service. For more information on call signaling refer to [PKT-SP-MGCP] and [RFC3435]. For more information on codecs refer to [PKT-SP-CODEC]. Given the complexity of such systems it is important that a suitable event management mechanism be defined to allow for effective management. This MIB module provides objects suitable for generation and management of events on the MTA. 3. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. The terms "MIB module" and "information module" are used interchangeably in this memo. As used here, both terms refer to any of the three types of information modules defined in Section 3 of RFC 2578 [RFC2578]. Some of the terms used in this memo are defined below. Some additional terms are also defined in the PacketCable(TM) Management Event Mechanism Specification [PKT-SP-MEM1.5] and the PacketCable MTA Device Provisioning Specification [PKT-SP-PROV]. 3.1 PacketCable PacketCable is a CableLabs-led initiative that is aimed at developing interoperable interface specifications for delivering advanced, real-time multimedia services over two-way cable plants. 3.2 IPCableCom IPCableCom is an ITU Telecommunication Standardization Sector (ITU-T) project that includes architecture and a series of recommendations that enable the delivery of real time services over the cable television networks using cable modems. De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 3] PacketCable/IPCablecom Event management MTA MIB September 2007 3.3 MTA A Multimedia Terminal Adapter (MTA) is a PacketCable or IPCablecom compliant device providing telephony services over a cable or hybrid system used to deliver video signals to a community. It contains an interface to endpoints, a network interface, codecs, and all signaling and encapsulation functions required for Voice over IP transport, call signaling, and Quality of Service signaling. A MTA can be an embedded or a standalone device. An Embedded MTA (E-MTA) is a MTA device containing an embedded Data Over Cable Service Interface Specifications (DOCSIS) Cable Modem. A Standalone MTA (S-MTA) is a MTA device separated from the DOCSIS Cable Modem by non-DOCSIS MAC interface (e.g., Ethernet, USB). 3.4 Endpoint An endpoint or MTA endpoint is a standard RJ-11 telephony physical port located on the MTA and used for attaching the telephone device to the MTA. 3.5 MSO Multi-System Operator. A cable company that operates many head-end locations in several cities. 3.6 UDP User Datagram Protocol. A connectionless protocol built upon Internet Protocol (IP), as per RFC 768 [RFC768]. 4. Overview PacketCable, European Telecommunications Standards Institute (ETSI), and International Telecommunication Union Telecommunication Standardization Sector (ITU-T) IPCablecom compliant Multimedia Terminal Adaptors (MTAs) are required to generate management events upon the occurrence of certain operational conditions. For instance, "AC power failure, MTA operational on battery power". The complete set of conditions and the corresponding management events to be generated are specified in [PKT-SP-MEM1.5], [ETSITS101909-22] and [ITU-T-J176], respectively. In addition, the MTA manufacturer is allowed to specify vendor-specific management events. For example, vendor XYZ can specify "Memory read error, terminating process, code: XYZ123". When management events are generated, they can either be stored in a local log on the MTA, or transmitted using two possible mechanisms: SNMP and syslog. This is required to be configurable and manageable De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 4] PacketCable/IPCablecom Event management MTA MIB September 2007 by the management station for each management event (default values can be provided when the events are defined). This Internet-Draft proposes a MIB that can provide for configuration and management of such management events. A means to log the events is provided within the specified MIB module. For syslog as a transport, the necessary information (format, transport etc.) is also specified. For SNMP as a transport, the MIB objects specified in the SNMP-TARGET-MIB and SNMP-NOTIFICATION-MIB as utilized, as specified in [RFC3413]. Further, each management event can be uniquely identified using the 'Organization ID' and an 'Event ID'. The 'Organization ID' is the enterprise ID of the organization specifying the event (e.g., 4491 for CableLabs) and a unique identifier that identifies the event. The 'Event ID' is an identifier that uniquely identifies the event within the 'Organization ID' space. This Internet-Draft does not specify any management events. It only provides a mechanism to manage the storage and transmission of events. The EVENT MIB module specified in this document is intended to update the EVENT MIB modules from which it is partly derived: - the PacketCable 1.5 Management Event MIB Specification [PKT-SP-EVEMIB1.5], - the ITU-T IPCablecom management event mechanism MIB requirements [ITU-T-J176] Several normative and informative references are used to help define Management Event MIB objects. As a convention, wherever the requirements are equivalent at the time of the writing, the PacketCable reference is used. However, MTA implementations MUST refer to the corresponding specifications to ensure compliance. 4.1 Structure of the MIB The Management Event MIB module is identified by pktcIetfEventMib and is structured into the following sub-trees: - pktcEventControl specifies the management information pertinent to control of the device's event generation capabilities. - pktcEventThrottle specifies the management information pertinent to throttling the transmission of management events using syslog or SNMP. - pktcEventStatus specifies the management information for the device to report status information related to the generated events. - pktcEvents specifies the management information for the device to list all the events it is capable of generating. De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 5] PacketCable/IPCablecom Event management MTA MIB September 2007 - pktcEventLog specifies the management information for the device to store the generated events. - pktcEventNotifications specifies the management information that defines the SNMP trap and inform messages. 4.2 pktcEventControl The group of objects in this sub-tree provide for three important controls: ability to reset the event logs and event descriptions, syslog configuration and event classes. Some highlights are as follows: pktcEventReset - this MIB object allows a management station to reset the event logs, the event descriptions, or both. pktcEventSyslog - this group of MIB objects allow the management station to provide information for transmission of events to a syslog server, such as message formats and transport protocols. pktcEventClassTable - this MIB table allows for MTAs to classify the management events into different categories, termed 'event classes'. It then allows for common operations to be affected across all the events pertaining to a specific event class. 4.3 pktcEventThrottle As indicated earlier, the generated events can be stored locally, or transmitted using SNMP, Syslog, or both. However, the management stations receiving such events may wish to control the rate of transmission of such events. This event throttling behavior is provided by the MIB objects in this sub-tree. Some highlights are as follows: pktcEventThrottleAdminStatus - this MIB object allows for transmissions to be unconstrained, maintained below threshold, stopped at the threshold or inhibited. pktcEventThrottleThreshold - this MIB object specifies the throttle, i.e., the number of events over an interval that is considered to be the threshold. pktcEventThrottleInterval - this MIB object specifies the interval over which the threshold is calculated. De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 6] PacketCable/IPCablecom Event management MTA MIB September 2007 4.4 pktcEventStatus This sub-tree is designed to provide status information related to event transmissions. It currently contains one MIB object, pktcEventTransmissionStatus, that allows a client to report the status of event transmissions. 4.5 pktcEvent This sub-tree is designed to provide a list of all the events that can be generated by an MTA and its associated descriptions. The MIB objects are grouped under the MIB table pktcEventTable. 4.6 pktcEventLog This sub-tree is designed to allow the MTA to store all the events that are generated during its operation. The events are stored with information such as the time of the event, its description and related characteristics like severity levels. 4.7 pktcEventNotifications This sub-tree specifies the notification information, when MTAs transmit messages using SNMP traps and informs. SNMP traps refer to the SNMPv2-Trap-PDU. SNMPv1 traps are disallowed. 5. Relationship to Other MIB Modules Some management objects defined in other MIB modules are applicable to an entity implementing this MIB. In particular, it is assumed that an entity implementing the PKTC-IETF-EVENT-MIB module will also implement the 'interfaces' group of the IF-MIB [RFC2863]. 5.1 MIB modules required for IMPORTS The PKTC-IETF-EVENT-MIB MIB module IMPORTS objects from SNMPv2-SMI [RFC2578], SNMPv2-TC [RFC2579], SNMP-FRAMEWORK-MIB [RFC3411], SNMPv2-CONF [RFC2580], IF-MIB [RFC2863], INET-ADDRESS-MIB [RFC4001], SNMP-TARGET-MIB [RFC3413], SNMP-NOTIFICATION-MIB [RFC3413] and the SYSLOG-TC-MIB [RFCDDD]. 6. Definitions PKTC-IETF-EVENT-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, NOTIFICATION-TYPE, mib-2 FROM SNMPv2-SMI De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 7] PacketCable/IPCablecom Event management MTA MIB September 2007 TruthValue, DateAndTime, TEXTUAL-CONVENTION FROM SNMPv2-TC SnmpAdminString FROM SNMP-FRAMEWORK-MIB OBJECT-GROUP, MODULE-COMPLIANCE, NOTIFICATION-GROUP FROM SNMPv2-CONF ifPhysAddress FROM IF-MIB InetAddressType, InetAddress, InetPortNumber FROM INET-ADDRESS-MIB snmpTargetBasicGroup, snmpTargetResponseGroup FROM SNMP-TARGET-MIB snmpNotifyGroup, snmpNotifyFilterGroup FROM SNMP-NOTIFICATION-MIB SyslogSeverity, SyslogFacility FROM SYSLOG-TC-MIB; pktcIetfEventMib MODULE-IDENTITY LAST-UPDATED "200711170000Z" -- November 17, 2007 ORGANIZATION "IETF IP over Cable Data Network Working Group" CONTACT-INFO "Sumanth Channabasappa Cable Television Laboratories, Inc. 858 Coal Creek Circle, Louisville, CO 80027, USA +1 303-661-3307 Sumanth@cablelabs.com Wim De Ketelaere tComLabs Gildestraat 8 9000 Gent, Belgium +32 9 269 22 90 deketelaere@tComLabs.com Eugene Nechamkin Broadcom Corporation 200 - 13711 International Place Richmond, BC, V6V 2Z8, Canada +1 604 233 8500 enechamkin@broadcom.com IETF IPCDN Working Group General Discussion: ipcdn@ietf.org Subscribe: http://www.ietf.org/mailman/listinfo/ipcdn Archive: ftp://ftp.ietf.org/ietf-mail-archive/ipcdn Co-Chair: Jean-Francois Mule, jf.mule@cablelabs.com Co-Chair: Richard Woundy, Richard_Woundy@cable.comcast.com" De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 8] PacketCable/IPCablecom Event management MTA MIB September 2007 DESCRIPTION "This MIB module specifies the basic management objects for managing events generated by the Multimedia Terminal Adapter devices compliant with the PacketCable and IPCablecom requirements. Copyright (C) The IETF Trust (2007). This version of this MIB module is part of RFC nnnn; see the RFC itself for full legal notices." -- RFC Ed: replace nnnn with actual RFC number and remove this note. REVISION "200711170000Z" -- November 17, 2007 DESCRIPTION "Initial version, published as RFC yyyy." -- RFC Ed: replace yyyy with actual RFC number and remove this note ::= { mib-2 XXX } -- RFC Ed: replace XXX with IANA-assigned number and remove this -- note SyslogSeverityMask ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This textual convention represents a bit mask representing the severity of the syslog events that can be generated. It corresponds to the various severity levels associated with syslog messages, as specified in The syslog Protocol, [RFCAAA]. emergency(0) - A condition that makes the system unusable. alert(1) - A service-affecting condition for which immediate action must be taken. critical(2) - A service-affecting critical condition. error(3) - An error condition. warning(4) - A warning condition. notice(5) - A normal but significant condition. info(6) - An informational message. debug(7) - A debug message." SYNTAX BITS { emergency(0), alert(1), critical(2), error(3), warning(4), De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 9] PacketCable/IPCablecom Event management MTA MIB September 2007 notice(5), info(6), debug(7) } -- -- pktcEventNotifications OBJECT IDENTIFIER ::= { pktcIetfEventMib 0 } pktcEventMibObjects OBJECT IDENTIFIER ::= { pktcIetfEventMib 1 } pktcEventConformance OBJECT IDENTIFIER ::= { pktcIetfEventMib 2 } -- -- pktcEventControl OBJECT IDENTIFIER ::= { pktcEventMibObjects 1 } pktcEventThrottle OBJECT IDENTIFIER ::= { pktcEventMibObjects 2 } pktcEventStatus OBJECT IDENTIFIER ::= { pktcEventMibObjects 3 } pktcEvents OBJECT IDENTIFIER ::= { pktcEventMibObjects 4 } pktcEventLog OBJECT IDENTIFIER ::= { pktcEventMibObjects 5 } --- -- Event Reporting control objects --- pktcEventReset OBJECT-TYPE SYNTAX BITS { resetEventLogTable(0), resetEventTable(1) } MAX-ACCESS read-write STATUS current DESCRIPTION "This MIB object allows a management station to clear the local log of generated events, reset the management event descriptions, or both. MTAs generate management events. These events are stored in the MIB table 'pktcEventLogTable'. If a management station needs to clear all the current entries (e.g., after a troubleshooting operation is complete), it can do so by setting the resetEventLogTable(0) bit to a value of '1'. The MTA is pre-configured with the events that it can generate. This is stored in the MIB table 'pktcEventTable'. This table also contains the descriptions associated with these events. These descriptions can be modified by a management station. However, if the management station wishes to reset the descriptions, to factory defaults, it can do so by setting the resetEvDescrTable(1) bit to a value of '1'. De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 10] PacketCable/IPCablecom Event management MTA MIB September 2007 The MTA actions are summarized below: Bit resetEventLogTable(0) set to a value of '1' - delete all entries in pktcEventLogTable; - reset the value of pktcEventLogIndex to '0'. Bit resetEventTable(1) set to a value of '1' - reset the pktcEventTable to the factory default values. Bits resetEventLogTable(0) and resetEventTable(1) set to a value of '1' - perform the above actions as though they were performed individually (in any order). Setting a reset bit to a value of '0' MUST NOT result in any action. The MTA MUST perform the above actions regardless of persistence (i.e. storage in non-volatile memory). The MTA MUST always return a value of '00' when this MIB object is read. A management station that resets tables using this MIB Object needs to be careful about the impacts to other management stations that may be reliant on the information contained in the table(s) being reset. For example, say management station A creates a specific set of event descriptions in the event table (pktcEventTable) for debugging purposes and expects any generated events to report the modified descriptions. In such a case, if another management station resets the event table to factory defaults, any subsequent events will not contain the modified descriptions expected by management station A. Such multi-manager contentions are not addressed within this MIB module. Thus, management stations are RECOMMENDED to use this MIB object with care and caution, and only when absolutely required." ::= { pktcEventControl 1 } --- -- syslog-specific MIB objects --- pktcEventSyslog OBJECT IDENTIFIER ::= { pktcEventControl 2 } De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 11] PacketCable/IPCablecom Event management MTA MIB September 2007 pktcEventSyslogCapabilities OBJECT-TYPE SYNTAX BITS { formatBSDSyslog(0), formatSyslogProtocol(1), transportUDP(2), transportTLS(3), transportBEEP(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "This MIB object contains the MTA capabilities for supporting the Syslog protocol, specifically the message formats and the transport protocols. The BSD syslog message format is specified in [RFC3164] (formatBSDSyslog), and the IETF syslog protocol is specified in [RFCAAA] (formatSyslogProtocol). The MTA MUST set the appropriate protocol and transport bits, based on implementation." REFERENCE "The BSD syslog Protocol, [RFC3164]; The syslog Protocol, [RFCAAA]; Transmission of syslog messages over UDP, [RFCBBB]; TLS Transport Mapping for Syslog, [RFCCCC]; Reliable Delivery for syslog, [RFCEEE]." ::= { pktcEventSyslog 1 } pktcEventSyslogAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-write STATUS current DESCRIPTION "This MIB object defines the Internet address type of the syslog server specified by the MIB object 'pktcEventSyslogAddress' . A value of dns(16) is disallowed since a non-resolvable DNS domain name will leave the device without a syslog server to which it can report events." REFERENCE "PacketCable MTA Device Provisioning Specification, [PKT-SP-PROV]." DEFVAL { ipv4 } ::= { pktcEventSyslog 2 } pktcEventSyslogAddress OBJECT-TYPE De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 12] PacketCable/IPCablecom Event management MTA MIB September 2007 SYNTAX InetAddress MAX-ACCESS read-write STATUS current DESCRIPTION "This MIB object contains the IP address of the syslog server to which the MTA can transmit a syslog message upon the generation of a management event. The type of address this object represents is defined by the MIB object pktDevEventSyslogAddressType. The MTA SHOULD NOT attempt to route to a non-routable syslog IP address. The format of the syslog message is specified by the MIB object 'pktcEventSyslogMessageFormat'." REFERENCE "PacketCable MTA Device Provisioning Specification, [PKT-SP-PROV]; PacketCable Management Event Mechanism Specification, [PKT-SP-MEM1.5];" DEFVAL { "0.0.0.0" } ::= { pktcEventSyslog 3 } pktcEventSyslogMessageFormat OBJECT-TYPE SYNTAX INTEGER { formatBSDSyslog(1), -- The BSD syslog Protocol formatSyslogProtocol(2) -- The syslog Protocol } MAX-ACCESS read-write STATUS current DESCRIPTION "This MIB object contains the syslog message format to be used for transmitting syslog messages to the server contained in the MIB object 'pktcEventSyslogServer'." REFERENCE "The BSD syslog Protocol, [RFC3164]; The syslog Protocol, [RFCAAA]." DEFVAL { formatSyslogProtocol } ::= { pktcEventSyslog 4 } pktcEventSyslogTransport OBJECT-TYPE SYNTAX INTEGER { udp(1),-- Transmission of syslog messages over UDP tls(2),-- TLS Transport Mapping for Syslog beep(3)-- BEEP Transport Mapping for Syslog } MAX-ACCESS read-write STATUS current DESCRIPTION De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 13] PacketCable/IPCablecom Event management MTA MIB September 2007 "This MIB object specifies the transport to be used to transmit syslog messages to the syslog server contained in the MIB object 'pktcEventSyslogAddress'. If the MTA does not support the transport specified in a SET operation, then the MTA MUST return an appropriate error response, such as 'inconsistentValue'." REFERENCE "Transmission of syslog messages over UDP, [RFCBBB]; TLS Transport Mapping for Syslog, [RFCCCC]." DEFVAL {tls} ::= { pktcEventSyslog 5 } pktcEventSyslogPort OBJECT-TYPE SYNTAX InetPortNumber MAX-ACCESS read-write STATUS current DESCRIPTION "This MIB object contains the port number of the syslog Server to which the syslog messages are to be transmitted." REFERENCE "Transmission of syslog messages over UDP, [RFCBBB]; TLS Transport Mapping for Syslog, [RFCCCC]." DEFVAL { 514 } ::= { pktcEventSyslog 6 } --- -- Event classes --- pktcEventClassTable OBJECT-TYPE SYNTAX SEQUENCE OF PktcEventClassEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This MIB table allows for management events that can be generated by an MTA to be classified into categories, or 'event classes'. For example, all the configuration related events can be associated with an event class titled 'configuration'. Such as a classification allows for a management station to affect changes on a common group of events, at once. Two operations are specified on an event class: enabling or disabling of all the De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 14] PacketCable/IPCablecom Event management MTA MIB September 2007 events in an event class, and selective enabling or disabling based on the severity level." ::= { pktcEventControl 3 } pktcEventClassEntry OBJECT-TYPE SYNTAX PktcEventClassEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry in this table specifies an event class, a grouping of events, as identified by the MTA manufacturer. Any event associated with an event class in this table MUST be specified in the pktcEventTable. The MTA MUST create one entry (index=100) for the event class titled 'generic'. This event class MUST contain all the events that are not contained in any other vendor specified event classes. A management station SHOULD NOT associate an event with multiple event classes. However, if an event is associated with multiple event classes, the MTA MUST give precedence to the event class with the lowest index. Thus, at a given point in time, only one event class is applicable for an event. The event table (pktcEventTable) provides the event class that affects the event. Whenever an event is generated, the MTA MUST verify the applicable event class entry to take any specified actions. Entries in this table persist across resets and reboots." INDEX { pktcEventClassIndex } ::= { pktcEventClassTable 1 } PktcEventClassEntry::= SEQUENCE { pktcEventClassIndex Unsigned32, pktcEventClassName SnmpAdminString, pktcEventClassStatus TruthValue, pktcEventClassSeverity SyslogSeverityMask } pktcEventClassIndex OBJECT-TYPE SYNTAX Unsigned32 (1..100) MAX-ACCESS not-accessible STATUS current DESCRIPTION De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 15] PacketCable/IPCablecom Event management MTA MIB September 2007 "This MIB object is an index into the event class table. It is a locally-meaningful value." ::= { pktcEventClassEntry 1 } pktcEventClassName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..100)) MAX-ACCESS read-only STATUS current DESCRIPTION "This MIB object contains the name of the event class. Vendors MAY define different event classes (e.g. DHCP, SNMP, DEBUG) to group together management events of a particular category. Event class names need to take into consideration the SnmpAdminString definition requirements such as the use of control code sequence CR LF to represent a newline." ::= { pktcEventClassEntry 2 } pktcEventClassStatus OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This MIB object indicates if events belonging to the corresponding event class are enabled or disabled, for event reporting. Setting this object to a value of 'true' enables reporting of all the events in the event class. When enabled, the means of reporting events is specified by the MIB object 'pktcEventReporting'. Setting this object to a value of 'false' disables any event reporting, irrespective of the value of the MIB object 'pktcEventReporting' for a specific event. The default value of this MIB object is vendor specific. However, the vendor SHOULD enable all event categories defined by PacketCable or IPCableCom, by default." ::= { pktcEventClassEntry 3 } De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 16] PacketCable/IPCablecom Event management MTA MIB September 2007 pktcEventClassSeverity OBJECT-TYPE SYNTAX SyslogSeverityMask MAX-ACCESS read-write STATUS current DESCRIPTION "This MIB object defines the severity level of events belonging to a specific event class that are enabled for event reporting. This MIB object has no effect on the event reporting unless the MIB object 'pktcEventClassStatus' is set to a value of 'true' (enabled), for the corresponding event class. Setting a bit within the mask to a value of '1' implies that events corresponding to that severity level MUST be reported as defined by the corresponding value of 'pktcEventReporting' for events in the event class. Setting a bit to a value of '0' implies that events corresponding to that level MUST NOT be reported, irrespective of the corresponding value of 'pktcEventReporting' for events in the event class. It is recommended that the bits corresponding to emergency(0), alert(1), critical(2) and error(3) be set to a value of '1' to ensure reporting of events requiring immediate attention." REFERENCE "The syslog Protocol, [RFCAAA]; Syslog Management Information Base, [RFCABC]." ::= { pktcEventClassEntry 4 } --- -- Event throttling control --- pktcEventThrottleAdminStatus OBJECT-TYPE SYNTAX INTEGER { unconstrained(1), maintainBelowThreshold(2), stopAtThreshold(3), inhibited(4) } MAX-ACCESS read-write De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 17] PacketCable/IPCablecom Event management MTA MIB September 2007 STATUS current DESCRIPTION "This MIB object controls the throttling of the transmitted messages upon generation of an event (SNMP/syslog). It does not affect local logging of events. A value of unconstrained(1) causes event messages to be transmitted without regard to the threshold settings. A value of maintainBelowThreshold(2) causes event messages to be suppressed if the number of transmissions would otherwise exceed the threshold specified by pktcEventThrottleThreshold over the interval specified by pktcEventThrottleInterval. A value of stopAtThreshold(3) causes event message transmission to cease once the threshold specified by pktcEventThrottleThreshold (over the interval specified by pktcEventThrottleInterval) is reached. Event generation is resumed when the value of this MIB object is modified by a Management Station, or the device resets or reboots. A value of inhibited(4) causes all event message transmission to be suppressed. An event causing both an SNMP and a syslog message is still treated as a single event. Refer to MIB objects pktcEventThrottleThreshold and pktcEventThrottleInterval for information on throttling." DEFVAL { unconstrained } ::= { pktcEventThrottle 1 } pktcEventThrottleThreshold OBJECT-TYPE SYNTAX Unsigned32(0..1024) MAX-ACCESS read-write STATUS current DESCRIPTION "This MIB object contains the number of events per pktcEventThrottleInterval to be transmitted before throttling. An event resulting in multiple actions (e.g., SNMP and syslog) is still treated as a single event." De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 18] PacketCable/IPCablecom Event management MTA MIB September 2007 DEFVAL { 2 } ::= { pktcEventThrottle 2 } pktcEventThrottleInterval OBJECT-TYPE SYNTAX Unsigned32(0..604800) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "This MIB object contains the interval over which the throttle threshold applies." DEFVAL { 1 } ::= { pktcEventThrottle 3 } --- -- Reporting of transmission status --- pktcEventTransmissionStatus OBJECT-TYPE SYNTAX BITS { syslogThrottled(0), snmpThrottled(1), validsyslogServerAbsent(2), validSnmpManagerAbsent(3), syslogTransmitError(4), snmpTransmitError(5) } MAX-ACCESS read-only STATUS current DESCRIPTION "This MIB object reflects the status of the event transmissions using syslog, SNMP or both. If a bit corresponding to a state is set to a value of: '1', it indicates that the state is true '0', it indicates that the state is false If the MTA is not configured with a syslog server or an SNMP Manager, the corresponding 'throttling' and 'transmit error' bits MUST be set to a value of '0'. For example, if an SNMP Manager is not configured on the MTA, the bit corresponding to validSnmpManagerAbsent(3) is set to a value of '1', and the values of the bits corresponding to snmpThrottled(1) and snmpTransmitError(5) are set to a value of '0'. De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 19] PacketCable/IPCablecom Event management MTA MIB September 2007 'Event throttling' is based on thresholds and the current setting of the MIB object pktcEventThrottleAdminStatus. 'Server/Manager' indicators are based on the availability of valid syslog server/SNMP managers. Transmit Errors are reported when detected. If an MTA cannot detect an error situation, the value of the BIT will be set to a value of '0'. It is to be noted that not all the conditions that are indicated by this MIB object are detectable by all devices, and when detected may not be accurate. It is meant to provide a report of the status as determined by the device during event transmissions." ::= { pktcEventStatus 1 } --- -- Description of events --- pktcEventTable OBJECT-TYPE SYNTAX SEQUENCE OF PktcEventEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This MIB table contains all possible management events that can be generated by the device. This includes both PacketCable and IPCableCom defined, and vendor-specific events." ::= { pktcEvents 1 } pktcEventEntry OBJECT-TYPE SYNTAX PktcEventEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table is created for each event the MTA implementing this MIB is capable of reporting. Entries in this table are persisted across resets and reboots." INDEX { pktcEventOrganization, pktcEventIdentifier } ::= { pktcEventTable 1 } PktcEventEntry::= SEQUENCE { De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 20] PacketCable/IPCablecom Event management MTA MIB September 2007 pktcEventOrganization Unsigned32, pktcEventIdentifier Unsigned32, pktcEventFacility SyslogFacility, pktcEventSeverityLevel SyslogSeverity, pktcEventReporting BITS, pktcEventText SnmpAdminString, pktcEventClass SnmpAdminString } pktcEventOrganization OBJECT-TYPE SYNTAX Unsigned32(1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This MIB object provides the IANA enterprise number of the Organization defining the event. Thus, all PacketCable or IPCableCom defined events will contain the PacketCable or IPCableCom IANA enterprise number and for vendor-specific events it will contain the IANA enterprise number of the defining organization." REFERENCE "IANA Enterprise ID assignment, [IANA-ENTERPRISE]." ::= { pktcEventEntry 1 } pktcEventIdentifier OBJECT-TYPE SYNTAX Unsigned32(1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This MIB object contains the event identifier for the corresponding event." REFERENCE "PacketCable Management Event Mechanism Specification, [PKT-SP-MEM1.5]; PacketCable MTA Device Provisioning Specification, [PKT-SP-PROV]." ::= { pktcEventEntry 2 } pktcEventFacility OBJECT-TYPE SYNTAX SyslogFacility MAX-ACCESS read-only STATUS current DESCRIPTION "This MIB object contains the facility for the event. For PacketCable, IPCableCom or ETSI events this MUST be set to a value of local0(16)." REFERENCE "The syslog Protocol, [RFCAAA]; De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 21] PacketCable/IPCablecom Event management MTA MIB September 2007 Textual Conventions for Syslog Management, [RFCDDD]." ::= { pktcEventEntry 3 } pktcEventSeverityLevel OBJECT-TYPE SYNTAX SyslogSeverity MAX-ACCESS read-write STATUS current DESCRIPTION "This MIB object contains the severity level that is applicable to the specified event." REFERENCE "The syslog Protocol, [RFCAAA]; Textual Conventions for Syslog Management, [RFCDDD]." ::= { pktcEventEntry 4 } pktcEventReporting OBJECT-TYPE SYNTAX BITS { local(0), syslog(1), snmpTrap(2), snmpInform(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "This MIB object defines the action to be taken on occurrence of this event. Bit local(0) refers to local logging of events, bit sylog(1) refers to the transmission of events using syslog, bit snmpTrap(2) refers to the transmission of events using SNMP Traps (SNMPv2-Trap-PDU) and bit snmpInform(3)refers to the transmission of events using SNMP INFORMs. Setting a bit to a value of '1' indicates that the corresponding action will be taken upon occurrence of this event. If none of the bits are set then no action is taken upon occurrence of the event. The success of transmission using syslog and SNMP depends on the MTA configuration. For example, a valid syslog server address is required for syslog message transmission. Specification of a management event does not necessarily include the actions to be taken upon its generation, i.e., it does not need to specify if a generated event needs to be transmitted via SNMP, syslog or stored locally. Thus, certain default values are specified, based on the event's severity level specified by the De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 22] PacketCable/IPCablecom Event management MTA MIB September 2007 MIB object 'pktcEventSeverityLevel', as follows: - If the severity level of an event is emergency(0), alert(1), critical(2) or error(3), set the bits for local(0), syslog(1) and snmpInform(3) to a value of '1', and the remaining bits to a value of '0'. - For an event with any other severity level set the bits for local(0) and syslog(1) to a value of of '1', and the rest of the bits to a value of '0'. " ::= { pktcEventEntry 5 } pktcEventText OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (0..127)) MAX-ACCESS read-write STATUS current DESCRIPTION "This MIB object provides a human-readable description of the event. Descriptions need to take into consideration the SnmpAdminString definition requirements such as the use of control code sequence CR LF to represent a newline." ::= { pktcEventEntry 6 } pktcEventClass OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (0..100)) MAX-ACCESS read-only STATUS current DESCRIPTION "This MIB object represents the event class that affects the event. If an event is associated with only one event class, then its name (pktcEventClassName) is reported. If an event is associated with more than one event class, then the name of the event class with the lowest index in the event class table (pktcEventClassTable) is reported. See the MIB table 'pktcEventClassTable' for a description of event classes and usage. Descriptions need to take into consideration the SnmpAdminString definition requirements such as the use of control code sequence CR LF to represent a newline." ::= { pktcEventEntry 7 } --- De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 23] PacketCable/IPCablecom Event management MTA MIB September 2007 -- Log of generated events --- pktcEventLogTable OBJECT-TYPE SYNTAX SEQUENCE OF PktcEventLogEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This MIB table contains a log of the events generated by the MTA. A description of all the events that can be generated by the device can be obtained from the MIB table 'pktcEventTable'. An MTA is not required to persist the contents of this table across resets." ::= { pktcEventLog 1 } pktcEventLogEntry OBJECT-TYPE SYNTAX PktcEventLogEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry in this table describes an event that has occurred, indexed in the chronological order of generation. The details of the event are borrowed from the parameters associated with the corresponding event entry in 'pktcEventTable', at the time of the event generation. While all entries created as such can be cleared using the MIB object pktcEventReset, the Event entries themselves cannot be individually deleted." INDEX { pktcEventLogIndex } ::= { pktcEventLogTable 1 } PktcEventLogEntry ::= SEQUENCE { pktcEventLogIndex Unsigned32, pktcEventLogTime DateAndTime, pktcEventLogOrganization Unsigned32, pktcEventLogIdentifier Unsigned32, pktcEventLogText SnmpAdminString, pktcEventLogEndpointName SnmpAdminString, pktcEventLogType BITS, pktcEventLogTargetInfo SnmpAdminString, pktcEventLogCorrelationId Unsigned32, pktcEventLogAdditionalInfo SnmpAdminString } De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 24] PacketCable/IPCablecom Event management MTA MIB September 2007 pktcEventLogIndex OBJECT-TYPE SYNTAX Unsigned32(1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This MIB object provides relative ordering of the objects in the event log. If the MTA implements non-volatile storage, then this object will always increase except when it reaches the value of 2^31. If the MTA does not implement non-volatile storage, then this object will always increase except when it reaches the value of 2^31 or the MTA is reset. When the value reaches 2^31 or is reset, newer events will be stored starting with an index value of '1' (cyclic rotation)." ::= { pktcEventLogEntry 1 } pktcEventLogTime OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "This MIB object provides a human-readable description of the date and time at which the event occurred. The value of the date and time contained in this MIB Object SHOULD reflect the date and time used in the syslog message resulting from the associated event, if such a syslog message was transmitted." ::= { pktcEventLogEntry 2 } pktcEventLogOrganization OBJECT-TYPE SYNTAX Unsigned32(1..4294967295) MAX-ACCESS read-only STATUS current DESCRIPTION "This MIB object provides the IANA enterprise number of the Organization defining the event. Thus, all PacketCable or IPCableCom defined events will contain the CableLabs or IPCableCom IANA enterprise number and for vendor-specific events it will contain the IANA enterprise number of the defining organization." ::= { pktcEventLogEntry 3 } De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 25] PacketCable/IPCablecom Event management MTA MIB September 2007 pktcEventLogIdentifier OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "This MIB object contains the event identifier for the corresponding event." ::= { pktcEventLogEntry 4 } pktcEventLogText OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (0..127)) MAX-ACCESS read-only STATUS current DESCRIPTION "This MIB object contains the contents of the MIB object 'pktcEventText', corresponding to the event, at the moment of generation." ::= { pktcEventLogEntry 5 } pktcEventLogEndpointName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "This MIB object provides the endpoint identifier followed by the PacketCable MTA's Fully Qualified Domain Name (FQDN) and the IP Address (IP) of the PacketCable MTA device. This will be denoted as follows: aaln/n:/, where 'n' is the Endpoint number. or / if it is not specific to an endpoint. Endpoint identifiers need to observe the SnmpAdminString definition requirements." ::= { pktcEventLogEntry 6 } pktcEventLogType OBJECT-TYPE SYNTAX BITS { local(0), syslog(1), trap(2), inform(3) } MAX-ACCESS read-only STATUS current DESCRIPTION De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 26] PacketCable/IPCablecom Event management MTA MIB September 2007 "This MIB object contains the type of actions taken by the MTA, when the event indicated by the MIB object 'pktcEventLogIdentifier' occurred. A bit with a value of '1' indicates the corresponding action was taken. Setting it to a value of '0' indicates that the corresponding action was not taken. An event may trigger one or more actions (e.g.: syslog and SNMP), or result only in a local log. An action may also be prevented due to throttling in which case it is not reported by this MIB object." ::= { pktcEventLogEntry 7 } pktcEventLogTargetInfo OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "This MIB object contains a comma separated list of the actions taken for external notifications, along with the target IP address for the generated events. Locally stored events MUST NOT be recorded in this MIB object. The syntax is as: ,, Where is to be denoted as follows: For syslog events: syslog/ For SNMP traps: snmpTrap/ For SNMP INFORMS: snmpInform/ If there are multiple targets for the same type (SNMP Traps sent to multiple IP addresses) or if there are multiple message types sent to the same IP (syslog and SNMP sent to the same IP address) they need to be reported individually. It is to be noted that this MIB object may not be able to store all the data in some cases (e.g., multiple IPv6 addresses) in which case some actions may not be reported. In such cases, the MTA MUST present a value of '...' at the end of the value. Values contained by this MIB object need to observe the SnmpAdminString definition requirements." De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 27] PacketCable/IPCablecom Event management MTA MIB September 2007 ::= { pktcEventLogEntry 8 } pktcEventLogCorrelationId OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "This MIB object contains the correlation ID generated by the MTA during the initiation of the last provisioning flow, within or following which the event occurred. Although a Correlation-ID, once generated after MTA reset, does not change until next MTA reset, the value of this object will differ for the events preserved across MTA resets in case of a persistent pktcEventLogTable. For more information on the generation of correlation ids, refer to the corresponding PacketCable/IPCableCom Device Provisioning specifications." REFERENCE "PacketCable MTA Device Provisioning Specification, [PKT-SP-PROV]." ::= { pktcEventLogEntry 9 } pktcEventLogAdditionalInfo OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "This MIB object contains additional, useful information in relation to the corresponding event that an MTA might wish to report such as parameterized data or debugging information. The format is vendor-specific. If MTA cannot provide any additional information for the particular event generated, it MUST populate this MIB object with a zero-length OCTET-STRING. Vendors providing this information need to observe the SnmpAdminString definition requirements such as the use of control code sequence CR LF for newline." ::= { pktcEventLogEntry 10 } --- -- Notifications --- De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 28] PacketCable/IPCablecom Event management MTA MIB September 2007 pktcEventNotification NOTIFICATION-TYPE OBJECTS { pktcEventLogTime, pktcEventLogOrganization, pktcEventLogIdentifier, pktcEventLogEndpointName, pktcEventLogCorrelationId, ifPhysAddress } STATUS current DESCRIPTION "This Notification MIB object contains the contents for event reporting. It contains the event log time, the organization ID, the event identifier, the endpoint identifier, the correlation id, and the MTA's MAC address." ::= { pktcEventNotifications 1 } --- -- Conformance/Compliance --- pktcEventCompliances OBJECT IDENTIFIER ::= { pktcEventConformance 1 } pktcEventGroups OBJECT IDENTIFIER ::= { pktcEventConformance 2 } pktcEventBasicCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for devices that implement Event reporting feature." MODULE --pktcIetfEventMib MANDATORY-GROUPS { pktcEventGroup, pktcEventNotificationGroup } MODULE SNMP-TARGET-MIB MANDATORY-GROUPS { snmpTargetBasicGroup, De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 29] PacketCable/IPCablecom Event management MTA MIB September 2007 snmpTargetResponseGroup } MODULE SNMP-NOTIFICATION-MIB MANDATORY-GROUPS { snmpNotifyGroup, snmpNotifyFilterGroup } ::= { pktcEventCompliances 3 } pktcEventGroup OBJECT-GROUP OBJECTS { pktcEventReset, pktcEventSyslogCapabilities, pktcEventSyslogAddressType, pktcEventSyslogAddress, pktcEventSyslogTransport, pktcEventSyslogPort, pktcEventSyslogMessageFormat, pktcEventThrottleAdminStatus, pktcEventThrottleThreshold, pktcEventThrottleInterval, pktcEventTransmissionStatus, pktcEventFacility, pktcEventSeverityLevel, pktcEventReporting, pktcEventText, pktcEventLogTime, pktcEventLogOrganization, pktcEventLogIdentifier, pktcEventLogText, pktcEventLogEndpointName, pktcEventLogType, pktcEventLogTargetInfo, pktcEventLogCorrelationId, pktcEventLogAdditionalInfo, pktcEventClass, pktcEventClassName, pktcEventClassStatus, pktcEventClassSeverity } STATUS current DESCRIPTION "Group of MIB objects for PacketCable Management Event MIB." ::= { pktcEventGroups 1 } De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 30] PacketCable/IPCablecom Event management MTA MIB September 2007 pktcEventNotificationGroup NOTIFICATION-GROUP NOTIFICATIONS { pktcEventNotification } STATUS current DESCRIPTION "Group of MIB objects for notifications related to change in status of the MTA Device." ::= { pktcEventGroups 2 } END 7. Acknowledgments The authors would like to thank the members of the IETF IPCDN working group and the CableLabs PacketCable Provisioning focus team for their contributions, comments and suggestions. Special appreciation is extended to the following individuals (in alphabetical order): Dan Romascanu, David Harrington, Greg Nakanishi, Jean-Francois Mule, John Berg, Kevin Marez, Paul Duffy, Peter Bates, Randy Presuhn, Rich Woundy, Rick Vetter, Roy Spitzer, and Satish Kumar. The primary editor (Sumanth) wishes to acknowledge the MIB doctors David Harrington and Dan Romascanu, as well as Rich Woundy for expert feedback and numerous suggestions to improve this document. 8. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [PKT-SP-PROV] Packetcable MTA Device Provisioning Specification PKT-SP-PROV-I11-050812. [RFC3413] D. Levi et al, "Simple Network Management Protocol (SNMP) Applications", STD 62, RFC 3413, December 2002. [RFC4682] Nechamkin, E., and Mule J., "Multimedia Terminal Adapter (MTA) Management Information Base for PacketCable and IPCablecom compliant devices", RFC4682, December 2006. [RFCABC] Glenn Mansfield Keeni, "Syslog Management Information Base", RFCABC, Editor's Note (to be removed prior to publication): This is the reference to ' draft-ietf-syslog-device-mib'. When the draft is accepted, the RFC Editor is requested to De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 31] PacketCable/IPCablecom Event management MTA MIB September 2007 replace ABC (and in the reference earlier) with the assigned value and to remove this note. [RFCAAA] R. Gerhards, "The syslog Protocol", RFCAAA, Editor's Note (to be removed prior to publication): This is the reference to 'draft-ietf-syslog-protocol'. When the draft is accepted, the RFC Editor is requested to replace AAA (and in the reference earlier) with the assigned value and to remove this note. [RFCBBB] A. Okmianski, "Transmission of syslog messages over UDP", RFCBBB, Editor's Note (to be removed prior to publication): This is the reference to 'draft-ietf-syslog-transport-udp'. When the draft is accepted, the RFC Editor is requested to replace BBB (and in the reference earlier) with the assigned value and to remove this note. [RFCCCC] F. Miao, M. Yuzhi, "TLS Transport Mapping for Syslog", RFCCCC, Editor's Note (to be removed prior to publication): This is the reference to 'draft-ietf-syslog-transport-tls'. When the draft is accepted, the RFC Editor is requested to replace CCC(and in the reference earlier) with the assigned value and to remove this note. [RFCDDD] G. Keeni, "Textual Conventions for Syslog Management", RFCDDD, Editor's Note (to be removed prior to publication): This is the reference to 'draft-ietf-syslog-tc-mib'. When the draft is accepted, the RFC Editor is requested to replace DDD (and in the reference earlier) with the assigned value and to remove this note. [RFCEEE] D. New, M. Rose, E. Lear, "Reliable Delivery for syslog", RFCEEE, Editor's Note (to be removed prior to publication): This is the reference to 'draft-ietf-syslog-rfc3195bis'. When the draft is accepted, the RFC Editor is requested to replace EEE(and in the reference earlier) with the assigned value and to remove this note. [ITU-T-J176] IPCablecom management event mechanism MIB, J.176, ITU- T, August 2002. De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 32] PacketCable/IPCablecom Event management MTA MIB September 2007 [PKT-SP-EVEMIB1.5] PacketCable(TM) Management Event MIB Specification, PKT-SP-EVEMIB1.5-I02-050812, August, 2005. [PKT-SP-MEM1.5] PacketCable(TM) Management Event Mechanism Specification, PKT-SP-MEM1.5-I02-050812, August, 2005. [ETSITS101909-22] ETSI TS 101 909-22: "Digital Broadband Cable Access to the Public Telecommunications Network; IP Multimedia Time Critical Services; Part 22: Management Event Messages". [RFC768] J. Postel, "User Datagram Protocol", STD0006, RFC 768, August, 1980. [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB", RFC 2863, June 2000. [RFC3411] Harrington, D., Presuhn, R. and B. Wijnen, "An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks", RFC 3411, December 2002. [RFC4001] Daniele, M., Haberman, B., Routhier, S., Schoenwaelder, J., "Textual Conventions for Internet Network Addresses", RFC 4001, February 2005. [IANA-ENTERPRISE] "IANA Private Enterprise Numbers", http://www.iana.org/assignments/enterprise-numbers 9. Informative References [RFC3164] C. Lonvick, "The BSD syslog Protocol", RFC 3164, August 2001. [RFC3410] Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction and Applicability Statements for Internet - De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 33] PacketCable/IPCablecom Event management MTA MIB September 2007 Standard Management Framework", RFC 3410, December 2002. [PKT-SP-MGCP] Packetcable Network-Based Call Signaling Protocol Specification PKT-SP-EC-MGCP-I11-050812. [RFC3435] Andreasen, F., and B. Foster, "Media Gateway Control Protocol (MGCP)", RFC 3435, January 2003. [PKT-SP-CODEC] Packetcable Audio/Video Codecs Specification PKT-SP-CODEC-I06-050812. 10. IANA Considerations The MIB module in this document uses the following IANA-assigned OBJECT IDENTIFIER values recorded in the SMI Numbers registry: Descriptor OBJECT IDENTIFIER Value ---------- ----------------------- pktcIetfEventMib { mib-2 XXX } Editor's Note (to be removed prior to publication): the IANA is requested to assign a value for XXX under the mib-2 subtree and to record the assignment in the SMI Numbers registry. When the assignment has been made, the RFC Editor is asked to replace XXX (here and in the MIB module) with the assigned value and to remove this note. 11. Security Considerations There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. Security threats include events unreported on errors, redirection of events (deliberately or otherwise) or minimized reporting of errors. Such threats can mask certain misconfiguration attempts and denial of service attacks that can be recognized and thwarted via event reporting. MIB objects of significance include: - those that control the event generation, the target syslog address for events and the reporting status, i.e.: pktcEventReset pktcEventSyslogAddressType pktcEventSyslogAddress De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 34] PacketCable/IPCablecom Event management MTA MIB September 2007 pktcEventSyslogUdpPort pktcEventClassStatus - those related to event classes, i.e.: pktcEventClassSeverity - those related to throttling, i.e.: pktcEventThrottleAdminStatus pktcEventThrottleThreshold pktcEventThrottleInterval - those related to the event reporting capabilities of an MTA, i.e: pktcEventSeverityLevel pktcEventReporting pktcEventText pktcEventClass The MIB object pktcEventReset deserves special mention since access to this MIB object can be used to disrupt event collection by management stations. For example, consider a management station that modifies the descriptions in the event table pktcEventTable. It would then expect management events generated by the MTA to reflect the modified values. A rogue management station that has access to the pktcEventReset can reset the event table resulting in the management station not receiving events with the expected descriptions. Further, a rogue management station with access to pktcEventReset can also clear local logs, eliminating local logs of generated events for management stations that are not configured to receive syslog or SNMP messages. The same concerns apply when allowed management stations performing such operations are unaware of other management stations that may be reliant on the event table or the event log table for management or monitoring. This MIB module does not address such multi-manager contentions, and recommends that the MIB object pktcEventReset be used with caution. Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability: pktcEventLogTable: This table contains the log of generated event messages. Read access to this table might reveal some specific information that should be kept confidential. De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 35] PacketCable/IPCablecom Event management MTA MIB September 2007 pktcEventTransmissionStatus: This MIB object reveals the status of event transmission and MAY be sensitive in some environments. SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPsec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module. It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy). Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module, is properly configured to give access to the objects only to those principals (users) that have legitimate rights to perform GET or SET (change/create/delete) operations. 12. Authors' Addresses Sumanth Channabasappa Cable Television Laboratories, Inc. 858 Coal Creek Circle, Louisville, CO 80027, USA +1 303-661-3307 Sumanth@cablelabs.com Wim De Ketelaere tComLabs Gildestraat 8 9000 Gent, Belgium +32 9 269 22 90 deketelaere@tComLabs.com Eugene Nechamkin Broadcom Corporation 200 - 13711 International Place Richmond, BC, V6V 2Z8, Canada +1 604 233 8500 enechamkin@broadcom.com Full Copyright Statement Copyright (C) The IETF Trust (2007). De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 36] PacketCable/IPCablecom Event management MTA MIB September 2007 This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf- ipr@ietf.org. Acknowledgement Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA). De Ketelaere/Nechamkin/Channabasappa Expires - March 2008 [Page 37]