INTERNET DRAFT I. Jeyasubramanian FSPL March 4, 1997 Definitions of Managed Objects for IEEE 802.1q Virtual LAN Bridges draft-jeya-vlan-8021q-mib-00.txt Status of This Memo This document is an Internet-Draft. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months, and may be updated, replaced, or obsoleted by other documents at any time. It is not appropriate to use Internet Drafts as reference material, or to cite them other than as a ``working draft'' or ``work in progress.'' To learn the current status of any Internet-Draft, please check the ``1id-abstracts.txt'' listing contained in the internet-drafts Shadow Directories on ds.internic.net (US East Coast), nic.nordu.net (Europe), ftp.isi.edu (US West Coast), or munnari.oz.au (Pacific Rim). 1. Abstract This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in TCP/IP based internets. In particular it defines objects for managing bridges based on the IEEE 802.1q draft standard between Local Area Network (LAN) segments. 2. The Network Management Framework The Internet-standard Network Management Framework consists of three components. They are: RFC 1155 which defines the SMI, the mechanisms used for describing and naming objects for the purpose of management. RFC 1212 defines a more concise description mechanism, which is wholly consistent with the SMI. Jeyasubramanian Expires September 9, 1997 [Page 1] Internet Draft VLAN Bridge MIB March 1997 RFC 1156 which defines MIB-I, the core set of managed objects for the Internet suite of protocols. RFC 1213, defines MIB-II, an evolution of MIB-I based on implementation experience and new operational requirements. RFC 1157 which defines the SNMP, the protocol used for network access to managed objects. The Framework permits new objects to be defined for the purpose of experimentation and evaluation. 3. Objects Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the subset of Abstract Syntax Notation One (ASN.1) [7] defined in the SMI. In particular, each object has a name, a syntax, and an encoding. The name is an object identifier, an administratively assigned name, which specifies an object type. The object type together with an object instance serves to uniquely identify a specific instantiation of the object. For human convenience, we often use a textual string, termed the OBJECT DESCRIPTOR, to also refer to the object type. The syntax of an object type defines the abstract data structure corresponding to that object type. The ASN.1 language is used for this purpose. However, the SMI [3] purposely restricts the ASN.1 constructs which may be used. These restrictions are explicitly made for simplicity. The encoding of an object type is simply how that object type is represented using the object type's syntax. Implicitly tied to the notion of an object type's syntax and encoding is how the object type is represented when being transmitted on the network. The SMI specifies the use of the basic encoding rules of ASN.1 [8], subject to the additional requirements imposed by the SNMP. 3.1. Format of Definitions Section 5 contains the specification of all object types contained in this MIB module. The object types are defined using the conventions defined in the SMI, as amended by the extensions specified in [9,10]. Jeyasubramanian Expires September 9, 1997 [Page 2] Internet Draft VLAN Bridge MIB March 1997 4. Overview Virtual LAN (VLAN) is now an integral feature of switched LAN networks. VLAN can be viewed as a group of end-stations on multiple LAN segements and can communicate as if thay were on a single LAN. The VLAN Bridge which implements Virtual LAN provides the following benefits (i) Broadcast containment (ii) Security (iii) Easy administration There are various styles in which Virtual LANs can be defined. (i) Port based VLAN (ii) MAC address based VLAN (iii) Protocol based VLAN (iv) Subnet based VLAN IEEE 802.1q is currently working on port based Virtual LAN. This memo defines those objects needed for the management of a Port based VLAN. The definitions presented here are based on Section 7, "VLAN Bridge management" of IEEE Draft 802.1q-1997 [12]. 4.1. Structure of MIB The Managed objects in this MIB are arranged into a single group. The overall structure and assignment of objects to their groups is shown below. The mapping of IEEE 802.1q management objects is also included. VLAN Bridge MIB Name IEEE 802.1q Name dot1qBridge dot1qVlan BridgeVlanConfiguration Version .VersionNumber NumVlans VlanTypesSupported TriggerPortSet .TriggerPortSet PortTable Port .PortNumber PVID .PVID ConfigTable VlanConfiguration Identifier .VlanIdentifier Name .VlanName VlanTypeInIngress UntaggedPortList .ListOfUntaggedPorts Jeyasubramanian Expires September 9, 1997 [Page 3] Internet Draft VLAN Bridge MIB March 1997 EgressPortList .ListOfEgressPorts Enable 5. Definitions VLAN-BRIDGE-MIB DEFINITIONS ::= BEGIN IMPORTS Counter, Gauge, TimeTicks FROM RFC1155-SMI mib-2 FROM RFC1213-MIB OBJECT-TYPE FROM RFC-1212 TRAP-TYPE FROM RFC-1215; dot1qBridge OBJECT IDENTIFIER ::= { experimental XX } -- group in the VLAN Bridge MIB dot1qVlan OBJECT IDENTIFIER ::= { dot1qBridge 1 } -- the dot1qVlan group -- Implementation of the dot1qVlan group is mandatory for all -- VLAN bridges. dot1qVlanVersion OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The 802.1q VLAN Version number. Reported as '1' by devices which implement VLAN functionality as per the draft P802.1q/D5." REFERENCE "P802.1q/D5, February 28, 1997: Section 7.2.1.3" ::= { dot1qVlan 1 } dot1qVlanNumVlans OBJECT-TYPE SYNTAX INTEGER (0..4095) ACCESS read-only STATUS mandatory Jeyasubramanian Expires September 9, 1997 [Page 4] Internet Draft VLAN Bridge MIB March 1997 DESCRIPTION "The number of VLANs associated with this VLAN bridge. The number of VLANs supported by the bridge can not exceed 4095." REFERENCE "P802.1q/D5, February 28, 1997: Section 4.3.2.3" ::= { dot1qVlan 2 } dot1qVlanTypesSupported OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The type of VLANs supported by this VLAN bridge. Here each bit position indicates the type of Vlans supported by this VLAN bridge. 0 - Port based VLAN. 1 - MAC Address based VLAN. 2 - Protocol based VLAN. 3 - Subnet based VLAN. 4 - ELAN based VLAN. REFERENCE "P802.1q/D5, February 28, 1997: Section C.2.2" ::= { dot1qVlan 3 } dot1qVlanTriggerPortSetMembers OBJECT-TYPE SYNTAX OCTET STRING (SIZE(8)) ACCESS read-write STATUS mandatory DESCRIPTION "The set of ports that are members of the Trigger Port Set. Each octet within the value of this object specifies a set of eight ports, with the first octet specifying ports 1 through 8, the second octet specifying ports 9 through 16, etc. Within each octet, the most significant bit represents the lowest numbered port, and the least significant bit represents the highest numbered port. Thus, each port of the VLAN bridge is represented by a single bit within the value of this object. If that bit has a value of '1' then that port is included in the set of ports; the port is not included if its bit has a value of '0'. (Note that the setting of the bit corresponding to the port from which a frame is received is irrelevant.)" DEFVAL { 0 } REFERENCE "P802.1q/D5, February 28, 1997: Section 6.3" ::= { dot1qVlan 4 } Jeyasubramanian Expires September 9, 1997 [Page 5] Internet Draft VLAN Bridge MIB March 1997 -- PVID Table for VLAN Bridges dot1qVlanPvidTable OBJECT-TYPE SYNTAX SEQUENCE OF Dot1qVlanPortEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table that contains information about every port that is associated with this VLAN bridge." REFERENCE "P802.1q/D5, February 28, 1997: Section 7.3.1" ::= { dot1qVlan 5 } dot1qVlanPvidEntry OBJECT-TYPE SYNTAX Dot1qVlanPvidEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A list of PVID nformation for each port of a VLAN bridge." INDEX { dot1qVlanPort } REFERENCE "P802.1q/D5, February 28, 1997: Section 7.3.1" ::= { dot1qVlanPortTable 1 } Dot1qVlanPvidEntry ::= SEQUENCE { dot1qVlanPort INTEGER, dot1qVlanPvid INTEGER } dot1qVlanPort OBJECT-TYPE SYNTAX (0..63) ACCESS read-write STATUS mandatory DESCRIPTION "The port number of the port for which this entry contains VLAN bridging management information." REFERENCE "P802.1q/D5, February 28, 1997: Section 7.3.1" ::= { dot1qVlanPortEntry 1 } dot1qVlanPvid OBJECT-TYPE SYNTAX INTEGER (1..4095) Jeyasubramanian Expires September 9, 1997 [Page 6] Internet Draft VLAN Bridge MIB March 1997 ACCESS read-only STATUS mandatory DESCRIPTION "A 12 bit Port VLAN Identifier for this Port. 0 - The Null VLAN ID.used when the Tag Header contains only user_priority information; No VLAN identifier is present in the frame. This number is not allowed here. 1 - The Default PVID value used for tagging frames on ingress through a Bridge Port. The PVID used for Port-based tagging of frames can be changed by management." REFERENCE "P802.1q/D5, February 28, 1997: Section 3.4.1.1" DEFVAL { 1 } ::= { dot1qVlanPortEntry 2 } -- VLAN Configuration Table for VLAN Bridges dot1qVlanConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF Dot1qVlanConfigEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table that contains information about every VLAN that is associated with this VLAN bridge." REFERENCE "P802.1q/D5, February 28, 1997: Section 7.3" ::= { dot1qVlan 6 } dot1qVlanConfigEntry OBJECT-TYPE SYNTAX Dot1qVlanConfigEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A list of information for each VLAN of a VLAN bridge." INDEX { dot1qVlanIdentifier } REFERENCE "P802.1q/D5, February 28, 1997: Section 7.3" ::= { dot1qVlanConfigTable 1 } Dot1qVlanConfigEntry ::= SEQUENCE { dot1qVlanIdentifier INTEGER, dot1qVlanName Jeyasubramanian Expires September 9, 1997 [Page 7] Internet Draft VLAN Bridge MIB March 1997 INTEGER, dot1qVlanTypeInIngress INTEGER, dot1qVlanUntaggedPortList OCTET STRING, dot1qVlanEgressPortList OCTET STRING, dot1qVlanEnable INTEGER } dot1qVlanIdentifier OBJECT-TYPE SYNTAX INTEGER (1..4095) ACCESS read-write STATUS mandatory DESCRIPTION "A 12 bit Identifier for this VLAN. 0 - The Null VLAN ID.used when the Tag Header contains only user_priority information; No VLAN identifier is present in the frame. This number is not allowed here. 1 - The Default PVID value used for tagging frames on ingress through a Bridge Port. The PVID used for Port-based tagging of frames can be changed by management." REFERENCE "P802.1q/D5, February 28, 1997: Section 3.4.1.1" ::= { dot1qVlanConfigEntry 1 } dot1qVlanName OBJECT-TYPE SYNTAX DisplayString (SIZE(0..32)) ACCESS read-write STATUS mandatory DESCRIPTION "The readable name for this VLAN." REFERENCE "P802.1q/D5, February 28, 1997: Section 7.3.1" ::= { dot1qVlanConfigEntry 2 } dot1qVlanTypeInIngress SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "VLAN type used in ingress ports for VLAN classification of Untagged frames" 0 - 1 - MAC address based VLAN. Jeyasubramanian Expires September 9, 1997 [Page 8] Internet Draft VLAN Bridge MIB March 1997 2 - Protocol based VLAN. 3 - Subnet based VLAN. 4 - ELAN based VLAN. REFERENCE "P802.1q/D5, February 28, 1997: Section C.2.2" ::= { dot1qVlanConfigEntry 3 } dot1qVlanUntaggedPortList OBJECT-TYPE SYNTAX OCTET STRING (SIZE(8)) ACCESS read-write STATUS mandatory DESCRIPTION "The set of ports to which traffic destined for this VLAN should be untagged. Each octet within the value of this object specifies a set of eight ports, with the first octet specifying ports 1 through 8, the second octet specifying ports 9 through 16, etc. Within each octet, the most significant bit represents the lowest numbered port, and the least significant bit represents the highest numbered port. Thus, each port of the VLAN bridge is represented by a single bit within the value of this object. If that bit has a value of '1' then that port is included in the set of ports; the port is not included if its bit has a value of '0'. (Note that the setting of the bit corresponding to the port from which a frame is received is irrelevant.)" REFERENCE "P802.1q/D5, February 28, 1997: Section 7.3.1" ::= { dot1qVlanConfigEntry 4 } dot1qVlanEgressPortList OBJECT-TYPE SYNTAX OCTET STRING (SIZE(8)) ACCESS read-write STATUS mandatory DESCRIPTION "The set of ports to which traffic destined for this VLAN may be transmitted. Each octet within the value of this object specifies a set of eight ports, with the first octet specifying ports 1 through 8, the second octet specifying ports 9 through 16, etc. Within each octet, the most significant bit represents the lowest numbered port, and the least significant bit represents the highest numbered port. Thus, each port of the VLAN bridge is represented by a single bit within the value of this object. If that bit has a value of '1' then that port is included in the set of ports; the port is not included if its bit has a value of '0'. (Note that the setting of the bit corresponding to the port from Jeyasubramanian Expires September 9, 1997 [Page 9] Internet Draft VLAN Bridge MIB March 1997 which a frame is received is irrelevant.)" REFERENCE "P802.1q/D5, February 28, 1997: Section 7.3.1" ::= { dot1qVlanConfigEntry 5 } dot1qVlanEnable OBJECT-TYPE SYNTAX INTEGER { disable(1), enable(2) } ACCESS read-write STATUS mandatory DESCRIPTION "It sets the PVID as follows disable - This operation causes the VLAN Identifier to be removed from the Untagged set in the Port Egress Lists of all ports of the Bridge. enable - This operation causes the VLAN Identifier to be included in the Untagged set of the Port Egress List for each Port, in accordance with the configuration specified. " REFERENCE "P802.1q/D5, February 28, 1997: Sections 7.3.4 and 7.3.5" DEFVAL { disable } ::= { dot1qVlanConfigEntry 6 } END 6. References [1] Cerf, V., "IAB Recommendations for the Development of Internet Network Management Standards", RFC 1052, NRI, April 1988. [2] Cerf, V., "Report of the Second Ad Hoc Network Management Review Group", RFC 1109, NRI, August 1989. [3] Rose M., and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based internets", RFC 1155, Performance Systems International, Hughes LAN Systems, May 1990. [4] McCloghrie K., and M. Rose, "Management Information Base for Network Management of TCP/IP-based internets", RFC 1156, Hughes LAN Systems, Performance Systems International, May 1990. Jeyasubramanian Expires September 9, 1997 [Page 10] Internet Draft VLAN Bridge MIB March 1997 [5] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network Management Protocol", RFC 1157, SNMP Research, Performance Systems International, Performance Systems International, MIT Laboratory for Computer Science, May 1990. [6] McCloghrie K., and M. Rose, Editors, "Management Information Base for Network Management of TCP/IP-based internets", RFC 1213, Performance Systems International, March 1991. [7] Information processing systems - Open Systems Interconnection - Specification of Abstract Syntax Notation One (ASN.1), International Organization for Standardization, International Standard 8824, December 1987. [8] Information processing systems - Open Systems Interconnection - Specification of Basic Encoding Rules for Abstract Notation One (ASN.1), International Organization for Standardization, International Standard 8825, December 1987. [9] Rose, M., and K. McCloghrie, Editors, "Concise MIB Definitions", RFC 1212, Performance Systems International, Hughes LAN Systems, March 1991. [10] Rose, M., Editor, "A Convention for Defining Traps for use with the SNMP", RFC 1215, Performance Systems International, March 1991. [11] ANSI/IEEE Draft P802.1d/D9 MAC Bridges, "IEEE Project 802 Local and Metropolitan Area Networks", July 14, 1989. [12] IEEE Standards for Local and Metropolitan Area Networks: Draft Standard for Virtual Bridged Local Area Networks, P802.1q/D5, February 28, 1997. 7. Acknowledgements This draft is based on IEEE Draft P802.1q/D5. 8. Security Considerations Security issues are not discussed in this memo. Jeyasubramanian Expires September 9, 1997 [Page 11] Internet Draft VLAN Bridge MIB March 1997 9. Authors' Address I.Jeyasubramanian Future Software Private Limited. Madras - 600 035, INDIA. Phone: +91-44-4340323 Fax: +91-44-4344157 Email: jeyai@future.futsoft.com Table of Contents 1. Abstract ................................................... 1 2. The Network Management Framework ........................... 1 3. Objects .................................................... 2 3.1. Format of Definitions .................................... 2 4. Overview ................................................... 3 4.1. Structure of MIB ......................................... 3 5. Definitions ................................................ 4 6. References ................................................. 10 7. Acknowledgements ........................................... 11 8. Security Considerations .................................... 11 9. Author's Address ........................................... 12 Jeyasubramanian Expires September 9, 1997 [Page 12]