INTERNET-DRAFT B. Jewell March 4, 1998 D. Chuang 3Com, Inc. Definitions of Managed Objects for the Virtual Router Redundancy Protocol using SNMPv2 Status of this Memo This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as ``work in progress.'' To learn the current status of any Internet-Draft, please check the ``1id-abstracts.txt'' listing contained in the Internet-Drafts Shadow Directories on ds.internic.net (US East Coast), nic.nordu.net (Europe), ftp.isi.edu (US West Coast), or munnari.oz.au (Pacific Rim). Abstract This specification defines an extension to the Management Information Base (MIB) for use with SNMP-based network management. In particular, it defines objects for configuring, monitoring, and controlling routers that employ the Virtual Router Redundancy Protocol (VRRP) [1]. This memo specifies a MIB module in a manner that is compliant with both the SNMPv2 SMI [6], and semantically identical to the SNMPv1 definitions [2]. draft-ietf-vrrp-mib-01.txt [Page 1] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 Table of Contents 1.0 The SNMP Network Management Framework ................ 3 1.1 Object Definitions ................................... 3 2.0 Overview ............................................ 4 2.1 MIB Structure ........................................ 4 2.2 Virtual Router Redundancy Protocol ................... 5 2.3 VRRP MIB Table Design ................................ 5 2.3.1 Relation to Interface Group ....................... 5 2.4 VRRP Scenarios ....................................... 6 2.4.1 Scenario #1 ....................................... 6 2.4.2 Scenario #2 ....................................... 8 3.0 Definitions ........................................... 11 4.0 Acknowledgements ...................................... 26 5.0 References ............................................ 26 6.0 Author's Address ...................................... 27 7.0 Change Log ............................................ 28 draft-ietf-vrrp-mib-01.txt [Page 2] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 1. The SNMPv2 Network Management Framework The SNMP Network Management Framework presently consists of three major components. They are: o the SMI, described in RFC 1902 [6] - the mechanisms used for describing and naming objects for the purpose of management. o the MIB-II, STD 17, RFC 1213 [4] - the core set of managed objects for the Internet suite of protocols. o the protocol, RFC 1157 [3] and/or RFC 1905 [8], - the protocol for accessing managed objects. The Framework permits new objects to be defined for the purpose of experimentation and evaluation. 1.1 Object Definitions Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the subset of Abstract Syntax Notation One (ASN.1) defined in the SMI. In particular, each object type is named by an OBJECT IDENTIFIER, an administratively assigned name. The object type together with an object instance serves to uniquely identify a specific instantiation of the object. For human convenience, we often use a textual string, termed the descriptor, to also refer to the object type. The syntax of an object type defines the abstract data structure corresponding to that object type. The ASN.1 language is used for this purpose. However, the SMI [5] purposely restricts the ASN.1 constructs which may be used. These restrictions are explicitly made for simplicity. The encoding of an object type is simply how that object type is represented using the object type's syntax. Implicitly tied to the notion of an object type's syntax and encoding is how the object type is represented when being transmitted on the network. The SMI specifies the use of the basic encoding rules of ASN.1, subject to the additional requirements imposed by the SNMP. draft-ietf-vrrp-mib-01.txt [Page 3] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 2.0 Overview This memo identifies the set of objects for configuring, monitoring, and controlling the Virtual Router Redundancy Protocol (VRRP). It is based on the VRRP specification [1], entitled "draft-ietf-vrrp-spec-05.txt" VRRP specifies an election protocol that dynamically allows a set of routers running VRRP to backup each other on a LAN. The VRRP router controlling one or more IP addresses is called the "master router" and forwards packets sent to these IP addresses. In the event that the master router fails, a backup VRRP router assumes the packet fowarding responsibilities of the failed router. Thus, IP packets with the destination address of the failed router will be fowarded by another VRRP router that has assumed control. Hence, VRRP provides redundancy in routed networks without requiring configuration of dynamic routing or router discovery protocols on every end-host. 2.1 VRRP MIB Structure The VRRP MIB contains three conformance groups: - vrrpOperations Group: Objects related to VRRP router's configuration and control. - vrrpStatistics Group: Objects containing information useful in monitoring the operation of VRRP routers. - vrrpNotifications Group: Consists of objects and definitions for use in SNMP traps sent by VRRP routers. Tables in the MIB include the following: (1) The vrrpOperTable, which contains objects that define the operational characteristics of a VRRP router. Rows in this table correspond to instances of virtual routers. (2) The vrrpAssoIpAddrTable, which contains the addresses of the virtual router(s) that a given VRRP router is backing up. (3) The vrrpRouterStatsTable which contains the operating statistics for a VRRP router. draft-ietf-vrrp-mib-01.txt [Page 4] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 2.2 Virtual Router Redundancy Protocol This MIB is based on the following characteristics of VRRP as defined in the VRRP specification [1]. - A "VRRP router" is one that is configured to run the VRRP protocol in conjunction with one or more other VRRP routers attached to a LAN. - A VRRP router can be running one or more instances of a virtual router. - A "virtual router" is an abstraction which consists of two or more physical routers. A virtual router essentially identifies a pool of physical routers that are capable of providing routing services for one or more associated IP addresses in the event of a failure of a router that is a member of the virtual router group. - An instance of a virtual router (on a physical VRRP router), can be uniquely identified by a combination of the 'IF Index' [4] and "Virtual Router Identifier" (VRID). - For each VRID there is a set of one or more "associated IP addresses" that are backed-up by the virtual router. 2.3 VRRP MIB Table Design The tables in the VRRP MIB are structured with the assumption that a VRRP network management application would likely be designed to display information or provide configuration about a VRRP router on a "per-virtual-router basis". Thus, the tables defined in the MIB consist of conceptual rows which are grouped in a manner to present a view of individual virtual routers with a minimal number of SNMP operations. 2.3.1 Relation to Interface Group (RFC 1573) [10]. Since a router can be participating in VRRP on one or more physical interfaces, "ifIndex" is used as an index into the tables defined in the VRRP MIB. draft-ietf-vrrp-mib-01.txt [Page 5] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 2.4 VRRP Scenarios The following section provides examples of how some of the objects in this MIB are instantiated for two different VRRP scenarios. KEY: ---- The labels in the following table diagrams correspond to the actual MIB objects as follows: if = vrrpOperIfIndex VrId = vrrpOperVrId State = vrrpOperState Prior = vrrpOperPriority AddrCnt = vrrpOperIpAddrCount IpAddr = vrrpOperMasterIpAddr RowStat = vrrpOperRowStatus 2.4.1 VRRP Scenario #1 The following figure shows a simple network with two VRRP routers configured with two virtual routers. This sample topology is taken from the VRRP specification [1]. Addresses in () indicate the IP address of the default gateway for a given host, H1 - H4. In the diagram, "Interface" is used in the context defined in MIB-II [4]. VRID=1 VRID=2 +-----+ +-----+ | MR1 | | MR2 | | & | | & | | BR2 | | BR1 | +-----+ +-----+ IP A ---------->* *<---------- IP B Interface=I1 | | Interface=I2 | | | | ------------------+------------+-----+--------+--------+--------+-- ^ ^ ^ ^ | | | | (IP A) (IP A) (IP A) (IP A) | | | | +--+--+ +--+--+ +--+--+ +--+--+ | H1 | | H2 | | H3 | | H4 | +-----+ +-----+ +--+--+ +--+--+ draft-ietf-vrrp-mib-01.txt [Page 6] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 ----- MIB Tables For VRRP Router "IP A": ----- vrrpOperTable ------------- | if | VrId | State | Prior | AddrCnt | IpAddr | ... | RowStat | +----+------+-------+-------+---------+--------+-( )-+---------+ | | | | | | | | | | I1 | 01 | M | 255 | 1 | A | | active | | | | | | | | | | +----+------+-------+-------+---------+--------+-( )-+---------+ | | | | | | | | | | I1 | 02 | B | 1-254 | 1 | B | | active | | | | | | | | | | +----+------+-------+-------+---------+--------+-( )-+---------+ vrrpAssoIpAddrTable ------------------- | if | VrId | Index | IP Addr | RowStat | +----+------+-------+---------+---------+ | | | | | | | I1 | 01 | 1 | A | active | | | | | | | +----+------+-------+---------+---------+ | | | | | | | I1 | 02 | 1 | B | active | | | | | | | +----+------+-------+---------+---------+ ----- MIB Tables For VRRP Router "IP B": ----- vrrpOperTable ------------- | if | VrId | State | Prior | AddrCnt | IpAddr | ... | RowStat | +----+------+-------+-------+---------+--------+-( )-+---------+ | | | | | | | | | | I2 | 01 | B | 1-254 | 1 | A | | active | | | | | | | | | | +----+------+-------+-------+---------+--------+-( )-+---------+ | | | | | | | | | | I2 | 02 | M | 255 | 1 | B | | active | | | | | | | | | | +----+------+-------+-------+---------+--------+-( )-+---------+ draft-ietf-vrrp-mib-01.txt [Page 7] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 vrrpAssoIpAddrTable ------------------- | if | VrId | Index | IP Addr | RowStat | +----+------+-------+---------+---------+ | | | | | | | I1 | 01 | 1 | A | active | | | | | | | +----+------+-------+---------+---------+ | | | | | | | I1 | 02 | 1 | B | active | | | | | | | +----+------+-------+---------+---------+ NOTES: 1) "I1" and "I2" are used to designate IF indices on each respective router. 2) For "State": M = Master; B = Backup. 3) In the vrrpOperTable, a "priority" of 255 indicates that the respective router owns the IP address, e.g., this IP address is native to the router (e.g., "the IP Address Owner" [1]). 2.4.2 VRRP Scenario #2 The following figure shows a simple network with two virtual routers. Here, a single interface has been configured with two IP addresses. Again, addresses in () indicate the IP address of the default gateway for a given host, H1 - H2. VRID=1 VRID=2 +-----+ +-----+ | MR1 | | MR2 | | & | | & | | BR2 | | BR1 | +-----+ +-----+ IP A ---------->* *<---------- IP B IP C | | Interface=I2 Interface=I1 | | | | | | ------------------+------------+-----+--------+ ^ ^ | | (IP A) (IP B) | | +--+--+ +--+--+ | H1 | | H2 | +-----+ +-----+ draft-ietf-vrrp-mib-01.txt [Page 8] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 ----- MIB Tables For VRRP Router "IP A": ----- vrrpOperTable ------------- | if | VrId | State | Prior | AddrCnt | IpAddr | ... | RowStat | +----+------+-------+-------+---------+--------+-( )-+---------+ | | | | | | | | | | I1 | 01 | M | 255 | 2 | A | | active | | | | | | | | | | +----+------+-------+-------+---------+--------+-( )-+---------+ | | | | | | | | | | I1 | 02 | B | 1-254 | 1 | B | | active | | | | | | | | | | +----+------+-------+-------+---------+--------+-( )-+---------+ vrrpAssoIpAddrTable ------------------- | if | VrId | Index | IP Addr | RowStat | +----+------+-------+---------+---------+ | | | | | | | I1 | 01 | 1 | A | active | | | | | | | +----+------+-------+---------+---------+ | | | | | | | I1 | 01 | 2 | C | active | | | | | | | +----+------+-------+---------+---------+ | | | | | | | I1 | 02 | 1 | B | active | | | | | | | +----+------+-------+---------+---------+ ----- MIB Tables For VRRP Router "IP B": ----- vrrpOperTable ------------- | if | VrId | State | Prior | AddrCnt | IpAddr | ... | RowStat | +----+------+-------+-------+---------+--------+-( )-+---------+ | | | | | | | | | | I2 | 01 | B | 1-254 | 2 | A | | active | | | | | | | | | | +----+------+-------+-------+---------+--------+-( )-+---------+ | | | | | | | | | | I2 | 02 | M | 255 | 1 | B | | active | | | | | | | | | | +----+------+-------+-------+---------+--------+-( )-+---------+ draft-ietf-vrrp-mib-01.txt [Page 9] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 vrrpAssoIpAddrTable ------------------- | if | VrId | Index | IP Addr | RowStat | +----+------+-------+---------+---------+ | | | | | | | I1 | 01 | 1 | A | active | | | | | | | +----+------+-------+---------+---------+ | | | | | | | I1 | 01 | 2 | C | active | | | | | | | +----+------+-------+---------+---------+ | | | | | | | I1 | 02 | 1 | B | active | | | | | | | +----+------+-------+---------+---------+ NOTES: 1) The 'vrrpAssoIpAddrIndex' (labeled as 'Index' in the diagrams above) does not have to be consecutive numbers. These are set by the management application(s). draft-ietf-vrrp-mib-01.txt [Page 10] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 3. Definitions VRRP-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Counter32, Integer32, TimeTicks, IpAddress FROM SNMPv2-SMI -- RFC1442 TEXTUAL-CONVENTION, RowStatus, MacAddress FROM SNMPv2-TC -- RFC1443 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF -- RFC1444 mib-2, ifIndex FROM RFC1213-MIB; vrrp MODULE-IDENTITY LAST-UPDATED "9606040900Z" -- Dummy value ORGANIZATION "IETF VRRP Working Group" CONTACT-INFO "Brian R. Jewell Postal: 3Com Corporation 5400 BayFront Plaza Santa Clara, California 95052 Tel: +1 408 764 6173 E-Mail: bjewell@3com.com" DESCRIPTION "The MIB module to describe the VRRP Version 2 Protocol." ::= { mib-2 46 } vrrpMIB OBJECT IDENTIFIER ::= { vrrp 1 } -- ******************************************************************* -- Textual Conventions -- ******************************************************************* VrId ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "A number which, along with an interface index (ifIndex), serves to uniquely identify a virtual router on a given VRRP router. A set of one or more associated addresses is assigned to a VRID." SYNTAX Integer32 (1..255) draft-ietf-vrrp-mib-01.txt [Page 11] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 -- ******************************************************************* -- VRRP MIB Groups -- ******************************************************************* vrrpOperations OBJECT IDENTIFIER ::= { vrrpMIB 1 } vrrpStatistics OBJECT IDENTIFIER ::= { vrrpMIB 2 } vrrpNotifications OBJECT IDENTIFIER ::= { vrrpMIB 3 } vrrpConformance OBJECT IDENTIFIER ::= { vrrpMIB 4 } -- ******************************************************************* -- Start of MIB objects -- ******************************************************************* vrrpNodeVersion OBJECT-TYPE SYNTAX OCTET STRING (SIZE (2)) MAX-ACCESS read-only STATUS current DESCRIPTION "This value identifies the particular version of the VRRP supported by this node. The current value is '02'." REFERENCE "Virtual Router Redundancy Protocol, RFC XXXX" DEFVAL { '0200'H } ::= { vrrpOperations 1 } vrrpTrapCntl OBJECT-TYPE SYNTAX INTEGER { enabled (1), disabled (2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates whether the VRRP-enabled router will generate SNMP traps for events defined in this MIB. Enabled results in SNMP traps; disabled, no traps are sent." DEFVAL { enabled } ::= { vrrpOperations 2 } draft-ietf-vrrp-mib-01.txt [Page 12] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 -- ******************************************************************* -- VRRP Operations Table -- ******************************************************************* vrrpOperTable OBJECT-TYPE SYNTAX SEQUENCE OF VrrpOperEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Operations table for a VRRP router which consists of a sequence (i.e., one or more conceptual rows) of 'vrrpOperEntry' items." ::= { vrrpOperations 3 } vrrpOperEntry OBJECT-TYPE SYNTAX VrrpOperEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the vrrpOperTable containing the operational characteristics of a virtual router. On a VRRP router, a given virtual router is identified by a combination of the IF index and VRID." INDEX { ifIndex, vrrpOperVrId } ::= { vrrpOperTable 1 } VrrpOperEntry ::= SEQUENCE { vrrpOperVrId VrId, vrrpOperVirtualMacAddr MacAddress, vrrpOperState INTEGER, vrrpOperControl INTEGER, vrrpOperPriority Integer32, vrrpOperIpAddrCount Integer32, vrrpOperMasterIpAddr IpAddress, vrrpOperAuthType INTEGER, vrrpOperHMACMD5Key OCTET STRING, vrrpOperAuthKey OCTET STRING, vrrpOperAdvertisementInterval Integer32, draft-ietf-vrrp-mib-01.txt [Page 13] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 vrrpOperPreemptMode INTEGER, vrrpOperVirtualRouterUpTime TimeTicks, vrrpOperRowStatus RowStatus } vrrpOperVrId OBJECT-TYPE SYNTAX VrId MAX-ACCESS read-create STATUS current DESCRIPTION "This object contains the Virtual Router Identifier (VRID)." ::= { vrrpOperEntry 2 } vrrpOperVirtualMacAddr OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The virtual MAC address of the virtual router. This is derived as follows: 00-00-5E-00-01-. Where the first three octets consist of the IANA's OUI; The next two octets indicate the address block of the VRRP protocol; and the remaining octets consist of the VRID. Although this object can be derived from the 'vrrpOperVrId' object, it is included here, for completeness, so that it is easily obtainable by a management application and can be included in VRRP-related SNMP traps." REFERENCE "rfc1903 - MacAddress" ::= { vrrpOperEntry 3 } vrrpOperState OBJECT-TYPE SYNTAX INTEGER { initialize(1), -- Waiting for a startup event backup(2), -- Monitoring the state/availability of -- master router master(3) -- Forwarding IP addresses associated with -- this virtual router. } MAX-ACCESS read-only STATUS current DESCRIPTION "The current state of the virtual router." ::= { vrrpOperEntry 4 } draft-ietf-vrrp-mib-01.txt [Page 14] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 vrrpOperControl OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object will enable/disable the virtual router function. Setting the value to 'enabled', will transition the state of the router from 'initialize to 'backup'; Setting the value to 'disabled', will tranisition the router from 'master' or 'backup' to 'initialize'." DEFVAL { enabled } ::= { vrrpOperEntry 5 } vrrpOperPriority OBJECT-TYPE SYNTAX Integer32 (1..255) MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the priority for the virtual router (e.g., master election) with respect to other virtual routers that are backing up a one or more associated IP addresses. Higher values imply higher priority. A priority of '0', although not settable, is used to indicate that this router has ceased to particpate in VRRP and a backup virtual router should transition \ to become a new master. A priority of 255 is used for the router that owns the associated IP address(es)." DEFVAL { 100 } ::= { vrrpOperEntry 6 } vrrpOperIpAddrCount OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The number of IP addresses that are associated with this virtual router. This number is equal to the number of rows in the vrrpAssoIpAddrTable that correspond to a given IF index/VRID pair." ::= { vrrpOperEntry 7 } draft-ietf-vrrp-mib-01.txt [Page 15] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 vrrpOperMasterIpAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The master router's real (primary) IP address. This is the IP address listed as the source in VRRP advertisement last received by this virtual router" ::= { vrrpOperEntry 8 } vrrpOperAuthType OBJECT-TYPE SYNTAX INTEGER { noAuthentication(1), -- VRRP protocol exchanges are not -- authenticated. simpleTextPassword(2), -- Exchanges are authenticated by a -- clear text password. ipAuthenticationHeader(3) -- Exchanges are authenticated using -- the IP authentication header [x]. } MAX-ACCESS read-create STATUS current DESCRIPTION "Authentication type used for VRRP protocol exchanges between virtual routers." ::= { vrrpOperEntry 9 } vrrpOperAuthKey OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-create STATUS current DESCRIPTION "The Authentication Key. If the virtual router's Authorization Type is 'simpleTextPassword', and the key length is shorter than 8 octets, the agent will left adjust and zero fill to 8 octets. When read, vrrpOperAuthKey always returns an Octet String of length zero." DEFVAL { '0000000000000000'H } -- 0.0.0.0.0.0.0.0 ::= { vrrpOperEntry 10 } draft-ietf-vrrp-mib-01.txt [Page 16] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 vrrpOperHMACMD5Key OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-create STATUS current DESCRIPTION "The Authentication Key. If the virtual router's 'Authorization Type' is 'ipAuthenticationHeader', and the key length is shorter than 16 octets, the agent will left adjust and zero fill to 16 octets. When read, vrrpOperHMACMD5Key always returns an Octet String of length zero." DEFVAL { '00000000000000000000000000000000'H } -- 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 ::= { vrrpOperEntry 11 } vrrpOperAdvertisementInterval OBJECT-TYPE SYNTAX Integer32 (1..255) MAX-ACCESS read-create STATUS current DESCRIPTION "This is the time interval, in seconds, between sending advertisement messages. Only the master router sends VRRP advertisements." DEFVAL { 1 } ::= { vrrpOperEntry 12 } vrrpOperPreemptMode OBJECT-TYPE SYNTAX INTEGER { true(1), -- Preempt false(2) -- Do not preempt } MAX-ACCESS read-create STATUS current DESCRIPTION "Controls whether a higher priority virtual router will preempt a lower priority master." DEFVAL { true } ::= { vrrpOperEntry 13 } vrrpOperVirtualRouterUpTime OBJECT-TYPE SYNTAX TimeTicks MAX-ACCESS read-only STATUS current DESCRIPTION "This is the time interval (in hundredths of a second) since this virtual router was initialized." ::= { vrrpOperEntry 14 } draft-ietf-vrrp-mib-01.txt [Page 17] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 vrrpOperRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The row status variable, used according to installation and removal conventions for conceptual rows. Setting this object to 'createAndGo' results in enabling the VRRP protocol for this virtual router. The information required to actually create the conceptual row may be included in the SET primitive or may be initialized by the agent on the virtual router. Destroying the entry or setting it to 'notInService' disables VRRP on this virtual router." ::= { vrrpOperEntry 15 } -- ******************************************************************* -- VRRP Associated IP Address Table -- ******************************************************************* vrrpAssoIpAddrTable OBJECT-TYPE SYNTAX SEQUENCE OF VrrpAssoIpAddrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table of addresses associated with this virtual router." ::= { vrrpOperations 4 } vrrpAssoIpAddrEntry OBJECT-TYPE SYNTAX VrrpAssoIpAddrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the table contains an IP address that is associated with a virtual router. The number of rows for a given IF Index and VRID will equal the number of IP addresses associated (e.g., backed up by the virtual router)." INDEX { ifIndex, vrrpOperVrId, vrrpAssoIpAddrIndex } ::= { vrrpAssoIpAddrTable 1 } VrrpAssoIpAddrEntry ::= SEQUENCE { vrrpAssoIpAddrIndex Integer32, vrrpAssoIpAddr IpAddress, vrrpAssoIpAddrStatus RowStatus } draft-ietf-vrrp-mib-01.txt [Page 18] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 vrrpAssoIpAddrIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This is an opaque object whose value is set by the management application creating this conceptual row in the table. Its purpose is to provide uniqueness and ordering. A management station attempting to create a row in the table with an 'vrrpAssoIpAddrIndex' that already exists, will receive an error indication. If this occurs, the management station should increment its 'vrrpAssoIpAddrIndex' value and try again." REFERENCE "rfc 1442 (auxilary objects); rfc1903" ::= { vrrpAssoIpAddrEntry 1 } vrrpAssoIpAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The assigned IP addresses that a virtual router is responsible for backing up." ::= { vrrpAssoIpAddrEntry 2 } vrrpAssoIpAddrStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The row status variable, used according to installation and removal conventions for conceptual rows. Setting this object to 'createAndGo' results in the addition of an associated address for a virtual router. The information required to actually create the conceptual may be included in the SET primitive or may be initialized by the agent on the VRRP router. Destroying the entry or setting it to 'notInService' removes the associated address from the virtual router." ::= { vrrpAssoIpAddrEntry 3 } -- ******************************************************************* -- VRRP Router Statistics Table -- ******************************************************************* vrrpRouterStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF VrrpRouterStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Table of virtual router statistics." ::= { vrrpStatistics 1 } draft-ietf-vrrp-mib-01.txt [Page 19] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 vrrpRouterStatsEntry OBJECT-TYPE SYNTAX VrrpRouterStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the table, containing statistics information about a given virtual router." INDEX { ifIndex, vrrpOperVrId } ::= { vrrpRouterStatsTable 1 } VrrpRouterStatsEntry ::= SEQUENCE { vrrpStatsBecomeMaster Counter32, vrrpStatsAdvertiseRcvd Counter32, vrrpStatsChecksumErrors Counter32, vrrpStatsVersionErrors Counter32, vrrpStatsVrIdErrors Counter32, vrrpStatsAdvertiseIntervalErrors Counter32, vrrpStatsPasswdSecurityViolations Counter32, vrrpStatsHmacSecurityViolations Counter32, vrrpStatsIpTtlErrors Counter32, vrrpStatsPriorityZeroPktsRcvd Counter32, vrrpStatsPriorityZeroPktsSent Counter32, vrrpStatsInvalidTypePktsRcvd Counter32, vrrpStatsAddressListErrors Counter32, vrrpStatsUnknownAuthType Counter32, vrrpStatsAuthTypeErrors Counter32 } draft-ietf-vrrp-mib-01.txt [Page 20] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 vrrpStatsBecomeMaster OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of times that this virtual router's state has transitioned from BACKUP to MASTER." ::= { vrrpRouterStatsEntry 1 } vrrpStatsAdvertiseRcvd OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of VRRP advertisements received by this virtual router." ::= { vrrpRouterStatsEntry 2 } vrrpStatsChecksumErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of VRRP packets received with an invalid checksum value." ::= { vrrpRouterStatsEntry 3 } vrrpStatsVersionErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of VRRP packets received with an invalid version number." ::= { vrrpRouterStatsEntry 4 } vrrpStatsVrIdErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of VRRP packets received with an invalid VRID for this virtual router." ::= { vrrpRouterStatsEntry 5 } vrrpStatsAdvertiseIntervalErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of VRRP advertisement packets received for which the advertisement interval is different than the one configured for the local virtual router." ::= { vrrpRouterStatsEntry 6 } draft-ietf-vrrp-mib-01.txt [Page 21] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 vrrpStatsPasswdSecurityViolations OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of VRRP packets received that do not pass the simple text password authentification check." ::= { vrrpRouterStatsEntry 7 } vrrpStatsHmacSecurityViolations OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of VRRP packets received that do not pass the HMAC-MD5-96 authentification check." ::= { vrrpRouterStatsEntry 8 } vrrpStatsIpTtlErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of VRRP packets received by the virtual router with IP TTL (Time-To-Live) not equal to 255." ::= { vrrpRouterStatsEntry 9 } vrrpStatsPriorityZeroPktsRcvd OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of VRRP packets received by the virtual router with a priority of '0'." ::= { vrrpRouterStatsEntry 10 } vrrpStatsPriorityZeroPktsSent OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of VRRP packets sent by the virtual router with a priority of '0'." ::= { vrrpRouterStatsEntry 11 } draft-ietf-vrrp-mib-01.txt [Page 22] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 vrrpStatsInvalidTypePktsRcvd OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of VRRP packets received by the virtual router with an invalid value in the 'type' field." ::= { vrrpRouterStatsEntry 12 } vrrpStatsAddressListErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Packets received address list the address list does not match the locally configured list for the virtual router." ::= { vrrpRouterStatsEntry 13 } vrrpStatsUnknownAuthType OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Packets received with an unknown authentication type." ::= { vrrpRouterStatsEntry 14 } vrrpStatsAuthTypeErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Packets received with 'Auth Type' not equal to the locally configured authentication method ('vrrpOperAuthType')." ::= { vrrpRouterStatsEntry 15 } draft-ietf-vrrp-mib-01.txt [Page 23] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 -- ******************************************************************* -- Trap Definitions -- ******************************************************************* vrrpTraps OBJECT IDENTIFIER ::= { vrrpNotifications 0 } vrrpTrapPacketSrc OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The IP address of an inbound VRRP packet. Used by vrrpTrapAuthFailure trap." ::= { vrrpOperations 5 } vrrpTrapConfigErrorType OBJECT-TYPE SYNTAX INTEGER { authTypeMismatch (1), authFailure (2) } MAX-ACCESS read-only STATUS current DESCRIPTION "Potential types of configuration conflicts. Used by vrrpAuthFailure trap." ::= { vrrpOperations 6 } vrrpTrapNewMaster NOTIFICATION-TYPE OBJECTS { ifIndex, vrrpOperVrId, vrrpOperVirtualMacAddr } STATUS current DESCRIPTION "The newMaster trap indicates that the sending agent has transitioned from 'Backup' state to 'Master' state." ::= { vrrpTraps 2 } vrrpTrapAuthFailure NOTIFICATION-TYPE OBJECTS { ifIndex, vrrpOperVrId, vrrpTrapPacketSrc, vrrpTrapConfigErrorType } STATUS current DESCRIPTION "A vrrpAuthFailure trap signifies that a packet has been received from a router whose authentication key or authentication type conflicts with this router's authentication key or authentication type. Implementation of this trap is optional." ::= { vrrpTraps 3 } draft-ietf-vrrp-mib-01.txt [Page 24] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 -- ******************************************************************* -- Conformance Information -- ******************************************************************* vrrpMIBCompliances OBJECT IDENTIFIER ::= { vrrpConformance 1 } vrrpMIBGroups OBJECT IDENTIFIER ::= { vrrpConformance 2 } -- ................................................................... -- Compliance Statements -- ................................................................... vrrpMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The core compliance statement for all VRRP implementations." MODULE -- this module MANDATORY-GROUPS { vrrpOperGroup , vrrpStatsGroup } ::= { vrrpMIBCompliances 1 } -- ................................................................... -- Conformance Groups -- ................................................................... vrrpOperGroup OBJECT-GROUP OBJECTS { vrrpNodeVersion, vrrpTrapCntl, vrrpOperVrId, vrrpOperVirtualMacAddr, vrrpOperState, vrrpOperControl, vrrpOperPriority, vrrpOperIpAddrCount, vrrpOperMasterIpAddr, vrrpOperAuthType, vrrpOperHMACMD5Key, vrrpOperAuthKey, vrrpOperAdvertisementInterval, vrrpOperPreemptMode, vrrpOperVirtualRouterUpTime, vrrpOperRowStatus, vrrpTrapPacketSrc, vrrpTrapConfigErrorType, vrrpAssoIpAddr, vrrpAssoIpAddrStatus } STATUS current DESCRIPTION "Conformance group for VRRP operations." ::= { vrrpMIBGroups 1 } draft-ietf-vrrp-mib-01.txt [Page 25] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 vrrpStatsGroup OBJECT-GROUP OBJECTS { vrrpStatsBecomeMaster, vrrpStatsAdvertiseRcvd, vrrpStatsChecksumErrors, vrrpStatsVersionErrors, vrrpStatsVrIdErrors, vrrpStatsAdvertiseIntervalErrors, vrrpStatsPasswdSecurityViolations, vrrpStatsHmacSecurityViolations, vrrpStatsIpTtlErrors, vrrpStatsPriorityZeroPktsRcvd, vrrpStatsPriorityZeroPktsSent, vrrpStatsInvalidTypePktsRcvd, vrrpStatsAddressListErrors, vrrpStatsUnknownAuthType, vrrpStatsAuthTypeErrors } STATUS current DESCRIPTION "Conformance group for VRRP statistics." ::= { vrrpMIBGroups 2 } END draft-ietf-vrrp-mib-01.txt [Page 26] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 4.0 Acknowledgements The authors would like to thank Venkat Prasad, Barbera Denny, Al Pham, Robert Hinden and Danny Mitzel for their comments and suggestions. 5.0 References [1] Knight, S., Weaver, D., Whipple, D., Hinden, R., Mitzel, D., Hunt, P., Higginson, P., Shand, M., "Virtual Router Redunancy Protocol", RFC xxxx [2] Rose, M., and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based Internets", STD 16, RFC 1155, Performance Systems International, Hughes LAN Systems, May 1990. [3] Case, J., Fedor, M., Schoffstall, M., Davin, J., A Simple Network Management Protocol (SNMP)", RFC 1157, Performance Systems International, MIT Laboratory for Computer Science, May 1990. [4] McCloghrie, K., and M. Rose, "Management Information Base for Network Management of TCP/IP-based internets - MIB-II", STD 17, RFC 1213, Hughes LAN Systems, Performance Systems International, March 1991. [5] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Structure of Management Information for version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1442, SNMP Research, Inc., Hughes LAN Systems, Dover Beach Consulting, Inc., Carnegie Mellon University, April 1993. [6] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Structure of Management Information for version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1902, January 1996. [7] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Textual Conventions for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1903, SNMP Research, Inc., Hughes LAN Systems, Dover Beach Consulting, Inc., Carnegie Mellon University, October 1997. [8] Case, J., McCloghrie, K., Rose, M., Waldbusser, S., Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, SNMP Research Inc., Cisco Systems Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [9] Postel, J., Reynolds, J., "Instructions to RFC Authors", RFC 2223, SNMP Research, Inc., Hughes LAN Systems, Dover Beach Consulting, Inc., Carnegie Mellon University, October 1997. draft-ietf-vrrp-mib-01.txt [Page 27] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 [10] McCloghrie K., and F. Kastenholz, "Evolution of the Interfaces Group of MIB-II", RFC 1573, Hughes LAN Syst, FTP Software, January 1994. 6.0 Authors' Addresses Brian R. Jewell 3Com, Inc. 5400 Bayfront Plaza Santa Clara, CA 95052 US Phone: +1 408 764 6173 EMail: bjewell@3com.com David Chuang 3Com, Inc. 5400 Bayfront Plaza Santa Clara, CA 95052 US Phone: +1 408 764 6610 EMail: david_chuang@3com.com draft-ietf-vrrp-mib-01.txt [Page 28] Internet Draft VRRP MIB Using SNMPv2 March 4, 1998 -- ------------------------------------------------------------------- -- Change Log -- ------------------------------------------------------------------- This section tracks changes made during revisions of this document. It will be deleted when the document is published as an RFC. * 3/4/1998: Changes in 1st revision (draft-ietf-vrrp-mib-01.txt): - Overall review and editing of document text and object descriptions from feedback received at December 1997 IETF meeting. More specifically the changes made along these lines include the following: -- Cleaned up Section 5.0 ("References") and validated. -- Modifed diagram for VRRP Scenario #2 (Section 2.4.2). -- VRRP Overview (Section 2.0) rewritten to be more in-line with latest revision (05) of VRRP RFC Draft. -- Description of "VrId" Textual convention rewritten. - MAX-ACCESS of vrrpTrapCntl object changed to "read-write". - Changed SYNTAX of "vrrpOperVirtualMacAddr" object from "PhyAddress" to "MacAddress". - Changed the syntax of the "vrrpOperPriority" object so upper value can be 255. - Change MAX-ACCESS for "vrrpOperAuthType" object from read-only to read-create. - Added three new objects to "vrrpRouterStatsTable": "vrrpStatsAddressListErrors", "vrrpStatsUnknownAuthType" and "vrrpStatsAuthTypeErrors". - Removed "vrrpStatsUnknownPacketType" object, as it was redundant (with "vrrpStatsInvalidPacketType"). - Removed the "vrrpOperIfIndex" object to use "ifIndex" (which is actually equivalent) instead. * 11/19/97 (vft-ietf-vrrp-mib-00.txt) - Initial Draft draft-ietf-vrrp-mib-01.txt [Page 29]