IPFIX Working Group A. Kobayashi Internet-Draft K. Ishibashi Expires: September 3, 2006 K. Yamamoto NTT PF Lab. D. Matsubara Hitachi March 2, 2006 Managed Objects for IPFIX concentrator draft-kobayashi-ipfix-concentrator-mib-01.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on September 3, 2006. Copyright Notice Copyright (C) The Internet Society (2006). Abstract This document defines managed objects for IPFIX collectors and concentrators. The IPFIX concentrator has a several capabilities. These capabilities provide collecting flow records, and storing these to database, selecting, aggregating and forwarding these to next IPFIX nodes. These functions have the managed infomation objects. Kobayashi, et al. Expires September 3, 2006 [Page 1] Internet-Draft IPFIX concentrator MIB March 2006 These objects provide information about parameters and instruction rules used by each process. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 2.1. Base Association . . . . . . . . . . . . . . . . . . . . . 4 3. Structure of the IPFIX Collector MIB module . . . . . . . . . 5 3.1. The Collecting Objects . . . . . . . . . . . . . . . . . . 5 4. Structure of the IPFIX Concentrator MIB module . . . . . . . . 6 4.1. TEXTUAL CONVENTIONS . . . . . . . . . . . . . . . . . . . 6 4.2. The Extraction Objects . . . . . . . . . . . . . . . . . . 6 4.3. The Selection Objects . . . . . . . . . . . . . . . . . . 6 4.4. The Aggregation Objects . . . . . . . . . . . . . . . . . 7 4.5. The Reporting Objects . . . . . . . . . . . . . . . . . . 7 4.6. The Base Association Objects . . . . . . . . . . . . . . . 8 5. Definition . . . . . . . . . . . . . . . . . . . . . . . . . . 9 5.1. IPFIX collector MIB module . . . . . . . . . . . . . . . . 9 5.2. IPFIX concentrator MIB module . . . . . . . . . . . . . . 18 6. Security Considerations . . . . . . . . . . . . . . . . . . . 46 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 47 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 48 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 48 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 49 Intellectual Property and Copyright Statements . . . . . . . . . . 50 Kobayashi, et al. Expires September 3, 2006 [Page 2] Internet-Draft IPFIX concentrator MIB March 2006 1. Introduction The purpose of this document is to define standard-based MIB modules for IPFIX collectors and concentrators. IPFIX collectors are described in the IPFIX architecture [I-D.ietf-ipfix-architecture] and IPFIX concentrators are introduced in [I-D.dressler-ipfix- aggregation] and [I-D.kobayashi-ipfix-concentrator-model]. IPFIX concentrator has several function such as, collecting flow records from IPFIX device, and storing flow records, and then selecting and aggregating flow records to create aggregated flow, and exporting these to next IPFIX enabled nodes. This collecting process is common for IPFIX concentrator and Traffic Collector as IPFIX collecting process. The selection process, the aggregation process and reporting process are mapped as IPFIX metering process. These processes have specific function as IPFIX concentrator. This document define the IPFIX collector MIB module that is maintained by general collecting process, and IPFIX concentrator MIB module that is specific objects in IPFIX concentrator. IPFIX collector MIB module might be implemented in not only IPFIX concentrator but also Traffic Collector. IPFIX collector MIB objects provide informations that are profiles on pre-IPFIX enabled nodes, and received template and statistics informations. IPFIX concentrator MIB objects provide informations that are instruction and supporting parameters of each function. These objects can be configured. By using these informations, at the selection process, the configured parameters specify which flow records are selected. At the storing process, they specify which fields are stored, and at the aggregation process they specify how to aggregate these flow records. In addition, these objects coordinate and are similar to psampObjects that is described in the [I-D.ietf-psamp-mib]. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL","SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. Kobayashi, et al. Expires September 3, 2006 [Page 3] Internet-Draft IPFIX concentrator MIB March 2006 2. Terminology The terminology of IPFIX concentrator defined here is included in [RFC3917], [I-D.dressler-ipfix-aggregation] and [I-D.kobayashi-ipfix- concentrator-model]. Additional terms are described as follows. 2.1. Base Association The Base Association combines several values configured at an IPFIX concentrator device. This concept is described in the [I-D.ietf- psamp-mib]. The Base Association contains references to a list of pre-IPFIX enabled nodes, a template record, a list of next IPFIX enabled nodes, a selection, and aggregation instruction rules. These values are associated to specify one Metering Process. Kobayashi, et al. Expires September 3, 2006 [Page 4] Internet-Draft IPFIX concentrator MIB March 2006 3. Structure of the IPFIX Collector MIB module 3.1. The Collecting Objects The collecting process has three tables known as collectExporterTable, collectTemplateRcdTable and collectTemplateStatisticsTable. If this process treats flow records from previous IPFIX enabled node that is Exporter, these tables are specified. Each table is described as follows. collectExporterTable: This table lists information about a Exporter. This information contains a process Id, an exporter address and a source/ destination port number. The process Id indicates the instance of the collection process. This process manages information about a Exporter. Also, this table has statistic informations that contain the number of packets, bytes, IPFIX messages, flow records and templates received from this Exporter. collectTemplateRcdTable: This table lists the template that is received from the Exporter. This process manages the template. collectTemplateStatisticsTable: This table has statistic informations that contains the number of flow records on this template, and latest time this template is received from Exporter. Kobayashi, et al. Expires September 3, 2006 [Page 5] Internet-Draft IPFIX concentrator MIB March 2006 4. Structure of the IPFIX Concentrator MIB module 4.1. TEXTUAL CONVENTIONS The IPFIX concentrator MIB defines a new textual convention, ConcFieldModifier. They are used as SYNTAX of all those objects. These indicate the following. ConcFieldModifier: This is used as a description of instruction rules. This indicates how to treat specific fields by the aggregation process and the storing process. 4.2. The Extraction Objects In addition to general collecting process, if this process treats flow records from a storage database, the concExtractTable is specified, which is described as follows. concExtractTable: This table specifies how to extract flow records from a storage database. This table lists a process Id and an instruction rule set that gives the period of time and specific exporter address. The process Id indicates the instance of the collection process. 4.3. The Selection Objects The selection process has one table that is the concSelectMatchParamSetTable. This table is described as follows. concSelectMatchParamSetTable: This table specifies how to select particular flow records from input flow records. This table lists configurations of match filtering. The match filtering is based on IPFIX/PSAMP Information Elements that are described in [I-D.ietf-ipfix-info]. This filtering pattern indicates the value or the value range of the information element. Multiple Information Elements that are the same enable configuration in the same index that is concSelectMatchIndex of this table. In that case, this process examines the "OR" operation. By using a multi-information element, this method enables configuration of several pattern conditions of the same information element. In examination during different fields, this process examines the "AND" operation. Then, this process selects flow records that match this filter. Kobayashi, et al. Expires September 3, 2006 [Page 6] Internet-Draft IPFIX concentrator MIB March 2006 4.4. The Aggregation Objects The aggregation process has three tables that are concAggrParamSetTable, concAggrFieldSetTable, and concAggrAddFieldTable. Each table is described as follows. concAggrParamSetTable: This table specifies a time interval that is used when aggregating flow records. This process gathers flow records within this time interval and then aggregates flow records that have common properties. concAggrFieldSetTable: This table specifies a field modifier of each information element. The field modifier is described in [I-D.dressler-ipfix- aggregation]. If the keep modifier is specified to information element, this field is distinguished in the aggregated flow record. In addition, if this field is the Flow Key that is described in [I-D.ietf-ipfix-protocol], this field becomes the key field of the aggregated flow. If it is not the Flow Key, this field is merged into a single-counter element. If the IP address field and the prefix field are specified as the keep modifier, the significant bit of the IP address field is the prefix. That means the keep modifier specifies the mask value of this IP address. In other words, that means the mask modifier is specified to IP address field. If the discard modifier is specified to information element, this field is discarded from aggregated flow records. concAggrAddFieldTable: This table lists the information element Id that is added to the aggregated flow. These information elements complement information that is discarded during the aggregation process. These information elements are described in [I-D.kobayashi-ipfix- concentrator-model]. For example, they are a total number of flows in aggregated flow and an average number of packets per flow in aggregated flow. The aggregation process calculates and adds the merged values to this field in a aggregated flow record. 4.5. The Reporting Objects The reporting process has three tables: concReportCtrTable, concReportCtrGrTable, concReportTemplateRcdTable. Each table has the same structure as PSAMP collector tables(psampCollectorTable, psampCollectorGroupTable, psampTemplateRecordTable) in [I-D.ietf- psamp-mib]. Kobayashi, et al. Expires September 3, 2006 [Page 7] Internet-Draft IPFIX concentrator MIB March 2006 4.6. The Base Association Objects Objects in the Base Association subtree combine all objects needed to model each process on the IPFIX concentrator. This concept refers to [I-D.ietf-psamp-mib]. It contains two tables: the concBaseAssocTable, and the concExporterListTable. concExporterListTable: This table lists indexes of collecting process information that includes process Id of the collecting process, exporter IP address, and port number. It indicates collectExporterIndex in IPFIX Collector MIB objects. If the metering process treats flow records from multiple exporters, this table lists indexes that point to exporter information. In addition, this table has concBaseAssocIndex as the first key. These instances of collecting processes are associated with the metering process by the concBaseAssocIndex in the IPFIX concentrator. concBaseAssocTable: This table is the heart of these objects and combines each process in an IPFIX concentrator. Processes coordinate during Base association. This table lists the process Id of the metering Process and the index that is pointer to show the method of each process. Also, using concBaseAssocIndex as the first key enables combining instances of the collecting process. In addition, if the collection process extracts flow records from the storage database, this table lists indexes of concCollectExtractIndex. Kobayashi, et al. Expires September 3, 2006 [Page 8] Internet-Draft IPFIX concentrator MIB March 2006 5. Definition 5.1. IPFIX collector MIB module IPFIX-COLLECTOR-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, Counter32, mib-2 FROM SNMPv2-SMI -- RFC2578 TEXTUAL-CONVENTION, RowStatus, DateAndTime FROM SNMPv2-TC -- RFC2579 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF -- RFC2580 InetAddressType, InetAddress FROM INET-ADDRESS-MIB; -- RFC3291 ipfixCollectorMIB MODULE-IDENTITY LAST-UPDATED "200602161600Z" -- 16 February 2006 ORGANIZATION "IETF IPFIX Working Group" CONTACT-INFO "Editor: Atsushi Kobayashi NTT Information Sharing Platform Laboratories 3-9-11 Midori-cho Musashino-shi 180-8585 Japan Phone: +81-422-59-3978> Email: akoba@nttv6.net" DESCRIPTION "The IPFIX collector MIB defines managed objects that are maintained by the collecting process in Traffic Collector or IPFIX concentrator. These objects provide informations that are Exporter's profile data and received templates. Exporter's profile has that Exporter's ip address and port number. In addition, these object has statistics data per exporter or per templates. Copyright (C) The Internet Society (2005). This version of this MIB module is part of RFC yyyy; see the RFC itself for full legal notices." -- replace yyyy with actual RFC number & remove this noti -- Revision history REVISION "200502161600Z" -- 16 February 2006 DESCRIPTION "Initial version, published as RFC yyyy." Kobayashi, et al. Expires September 3, 2006 [Page 9] Internet-Draft IPFIX concentrator MIB March 2006 -- replace yyyy with actual RFC number & remove this notice ::= { mib-2 XXXX } -- XXXX to be assigned by IANA. -- Top level structure of the MIB collectorObjects OBJECT IDENTIFIER ::= { ipfixCollectorMIB 1 } collectorConformance OBJECT IDENTIFIER ::= { ipfixCollectorMIB 2 } -------------------------------------------------------------------- -- objects of collecting process -------------------------------------------------------------------- collectExporter OBJECT IDENTIFIER ::= { collectorObjects 1 } -------------------------------------------------------------------- -- 1: Exporter Table -------------------------------------------------------------------- collectExporterTable OBJECT-TYPE SYNTAX SEQUENCE OF CollectExporterEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists Exporters that received by collecting process. This process manages them." ::= { collectExporter 1 } collectExporterEntry OBJECT-TYPE SYNTAX CollectExporterEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the collectExporterTable" INDEX { collectExporterIndex } ::= { collectExporterTable 1 } CollectExporterEntry ::= SEQUENCE { collectExporterIndex Integer32, collectExporterSrcIpAddrType InetAddressType, collectExporterSrcIpAddr InetAddress, collectExporterProtocol Integer32, collectExporterDstPort Integer32, collectExporterSrcPort Integer32, collectExporterProcessId Integer32, Kobayashi, et al. Expires September 3, 2006 [Page 10] Internet-Draft IPFIX concentrator MIB March 2006 collectExporterRcdPackets Counter32, collectExporterRcdBytes Counter32, collectExporterRcdMessages Counter32, collectExporterRcdFlows Counter32, collectExporterRcdTemplates Counter32, collectExporterRcdSequence Integer32, collectExporterRowStatus RowStatus } collectExporterIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in collectExporterTable. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization. It is used in entries of the concExporterListTable in IPFIX concentrator MIB objects as reference to the collectExporterTable and its associated parameters." ::= { collectExporterEntry 1 } collectExporterSrcIpAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The IP address type of the exporter. The value for IPv4 is ipv4(1). The value for IPv6 is ipv6(2)." ::= { collectExporterEntry 2 } collectExporterSrcIpAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The IP address of the exporter." ::= { collectExporterEntry 3 } collectExporterProtocol OBJECT-TYPE SYNTAX Integer32 (0..256) MAX-ACCESS read-create STATUS current DESCRIPTION Kobayashi, et al. Expires September 3, 2006 [Page 11] Internet-Draft IPFIX concentrator MIB March 2006 "The transport protocol is used for receiving sampled packets from the exporter. The recommended protocols are TCP (6), UDP (17) and SCTP (132). The default is SCTP." DEFVAL { 132 } ::= { collectExporterEntry 4 } collectExporterDstPort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The transport protocol port number used by the local Collecting Process." DEFVAL { 4739 } ::= { collectExporterEntry 5 } collectExporterSrcPort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The transport protocol port number of the pre-IPFIX enabled device." ::= { collectExporterEntry 6 } collectExporterProcessId OBJECT-TYPE SYNTAX Integer32 (0..256) MAX-ACCESS read-only STATUS current DESCRIPTION "The process id is used by this collecting process." ::= { collectExporterEntry 7 } collectExporterRcdPackets OBJECT-TYPE SYNTAX Counter32 (0..256) MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets received from the pre-IPFIX enabled device." ::= { collectExporterEntry 8 } collectExporterRcdBytes OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of bytes received from the pre-IPFIX enabled Kobayashi, et al. Expires September 3, 2006 [Page 12] Internet-Draft IPFIX concentrator MIB March 2006 device." ::= { collectExporterEntry 9 } collectExporterRcdMessages OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of IPFIX messages received from the pre-IPFIX enabled device." ::= { collectExporterEntry 10 } collectExporterRcdFlows OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of flow records received from the pre-IPFIX enabled device." ::= { collectExporterEntry 11 } collectExporterRcdTemplates OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of templates received from the pre-IPFIX enabled device." ::= { collectExporterEntry 12 } collectExporterRcdSequence OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The latest sequence number. The collecting process overwrites to this object when it receives IPFIX message." ::= { collectExporterEntry 13 } collectExporterRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row of the table." ::= { collectExporterEntry 14 } -------------------------------------------------------------------- Kobayashi, et al. Expires September 3, 2006 [Page 13] Internet-Draft IPFIX concentrator MIB March 2006 -- 2: Template Record Table -------------------------------------------------------------------- collectTemplateRcdTable OBJECT-TYPE SYNTAX SEQUENCE OF CollectTemplateRcdEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists templates that are received by the collecting process. This process manages them." ::= { collectExporter 2 } collectTemplateRcdEntry OBJECT-TYPE SYNTAX CollectTemplateRcdEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the collectTemplateRcdTable" INDEX { collectExporterIndex, collectTemplateRcdId, collectTemplateRcdIndex } ::= { collectTemplateRcdTable 1 } CollectTemplateRcdEntry ::= SEQUENCE { collectTemplateRcdId Integer32, collectTemplateRcdIndex Integer32, collectTemplateRcdInfoEltId Integer32, collectTemplateRcdRowStatus RowStatus } collectTemplateRcdId OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in collectTemplateRcdTable. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization. It groups the information element ids in a template record." ::= { collectTemplateRcdEntry 2 } Kobayashi, et al. Expires September 3, 2006 [Page 14] Internet-Draft IPFIX concentrator MIB March 2006 collectTemplateRcdIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an information element id in the template record identified by collectTemplateRcdId. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization. The collectTemplateRcdIndex specifies the order in which the information element ids are used in the template record." ::= { collectTemplateRcdEntry 3 } collectTemplateRcdInfoEltId OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "This indicates the Information Elt Id at position collectTemplateRcdIndex in the template collectTemplateRcdId. This implicitly gives the data type and state values that are received." ::= { collectTemplateRcdEntry 4 } collectTemplateRcdRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row of the table." ::= { collectTemplateRcdEntry 5 } -------------------------------------------------------------------- -- 3: Template Statistics Table -------------------------------------------------------------------- collectTemplateStatisticsTable OBJECT-TYPE SYNTAX SEQUENCE OF CollectTemplateStatisticsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists statistics objects that have data per Kobayashi, et al. Expires September 3, 2006 [Page 15] Internet-Draft IPFIX concentrator MIB March 2006 template." ::= { collectExporter 3 } collectTemplateStatisticsEntry OBJECT-TYPE SYNTAX CollectTemplateStatisticsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the collectTemplateStatisticsTable" INDEX { collectExporterIndex, collectTemplateRcdId } ::= { collectTemplateStatisticsTable 1 } CollectTemplateStatisticsEntry ::= SEQUENCE { collectTempRcdFlows Counter32, collectTempRcdTime DateAndTime, collectTempStatisRowStatus RowStatus } collectTempRcdFlows OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of flow records per template received from the pre-IPFIX enabled device." ::= { collectTemplateStatisticsEntry 1 } collectTempRcdTime OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "Time that the collecting process received this template." ::= { collectTemplateStatisticsEntry 2 } collectTempStatisRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row of the table." ::= { collectTemplateStatisticsEntry 3 } --================================================================== -- Conformance information Kobayashi, et al. Expires September 3, 2006 [Page 16] Internet-Draft IPFIX concentrator MIB March 2006 --================================================================== collectCompliances OBJECT IDENTIFIER ::= { collectorConformance 1 } collectGroups OBJECT IDENTIFIER ::= { collectorConformance 2 } --================================================================== -- Compliance statements --================================================================== collectCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "An implementation that complies to this module must implement the objects defined in the mandatory groups collectGroupExporters, collectGroupTemplates. The imeplementation of all other objects depends on the imeplementation of the corresponding functionality in the equipment." MODULE -- this module MANDATORY-GROUPS { collectGroupExporters, collectGroupTemplates } GROUP collectGroupStatistics DESCRIPTION "These objects must be implementes if the statistics function is implemented in the equipment." ::= { collectCompliances 1 } --================================================================== -- MIB groupings --================================================================== collectGroupExporters OBJECT-GROUP OBJECTS { collectExporterSrcIpAddrType, collectExporterSrcIpAddr, collectExporterProtocol, collectExporterDstPort, collectExporterSrcPort, collectExporterProcessId, collectExporterRowStatus } STATUS current DESCRIPTION "All objects that are basic for the management function of exporters." ::= { collectGroups 1 } Kobayashi, et al. Expires September 3, 2006 [Page 17] Internet-Draft IPFIX concentrator MIB March 2006 collectGroupTemplates OBJECT-GROUP OBJECTS { collectTemplateRcdInfoEltId, collectTemplateRcdRowStatus } STATUS current DESCRIPTION "All objects that are basic for the management function of templates." ::= { collectGroups 2 } collectGroupStatistics OBJECT-GROUP OBJECTS { collectExporterRcdPackets, collectExporterRcdBytes, collectExporterRcdMessages, collectExporterRcdFlows, collectExporterRcdTemplates, collectExporterRcdSequence, collectTempRcdFlows, collectTempRcdTime, collectTempStatisRowStatus } STATUS current DESCRIPTION "All objects that are basic for the statistics function." ::= { collectGroups 3 } END 5.2. IPFIX concentrator MIB module IPFIX-CONCENTRATOR-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, mib-2 FROM SNMPv2-SMI -- RFC2578 TEXTUAL-CONVENTION, RowStatus, DateAndTime, TruthValue FROM SNMPv2-TC -- RFC2579 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF -- RFC2580 InetAddressType, InetAddress FROM INET-ADDRESS-MIB; -- RFC3291 ipfixConcentratorMIB MODULE-IDENTITY Kobayashi, et al. Expires September 3, 2006 [Page 18] Internet-Draft IPFIX concentrator MIB March 2006 LAST-UPDATED "200602161600Z" -- 15 February 2006 ORGANIZATION "IETF IPFIX Working Group" CONTACT-INFO "Editor: Atsushi Kobayashi NTT Information Sharing Platform Laboratories 3-9-11 Midori-cho Musashino-shi 180-8585 Japan Phone: +81-422-59-3978> Email: akoba@nttv6.net" DESCRIPTION "The IPFIX concentrator MIB defines managed objects that are used by each process in IPFIX concentrator. These objects provide information that are instruction rules and supporting parameters of each function. These objects can be configured. By using these objects, the selection process decides which flow records are selected. The storing process decides which fields are stored and the aggregation process decides how to aggregate these flow records. These objects support information to enable these functions. Copyright (C) The Internet Society (2005). This version of this MIB module is part of RFC yyyy; see the RFC itself for full legal notices." -- replace yyyy with actual RFC number & remove this noti -- Revision history REVISION "200602161600Z" -- 16 February 2006 DESCRIPTION "Initial version, published as RFC yyyy." -- replace yyyy with actual RFC number & remove this notice ::= { mib-2 5555 } -- ::= { mib-2 XXXX } -- XXXX to be assigned by IANA. ConcFieldModifier ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This field modifier is used by the aggregation process and storing process. This is used as in the following method. method: keep(1) - the field that is specified by this value is distinguished by each process. Kobayashi, et al. Expires September 3, 2006 [Page 19] Internet-Draft IPFIX concentrator MIB March 2006 discard(2) - the field that is specified by this value is discarded by each process." SYNTAX INTEGER { keep(1), discard(2) } -- Top level structure of the MIB concentratorObjects OBJECT IDENTIFIER ::= { ipfixConcentratorMIB 1 } concentratorConformance OBJECT IDENTIFIER ::= { ipfixConcentratorMIB 2 } -------------------------------------------------------------------- -- objects of collection process -------------------------------------------------------------------- concExtraction OBJECT IDENTIFIER ::= { concentratorObjects 1 } -------------------------------------------------------------------- -- 1: Extraction Function Available -------------------------------------------------------------------- concExtractIsAvail OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the availability of the function for extracting flow records from storage database." DEFVAL { false } ::= { concExtraction 1 } -------------------------------------------------------------------- -- 2: Extraction Table -------------------------------------------------------------------- concExtractTable OBJECT-TYPE SYNTAX SEQUENCE OF ConcExtractEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists parameters that are used by extracting flow records from the storage database." ::= { concExtraction 2 } Kobayashi, et al. Expires September 3, 2006 [Page 20] Internet-Draft IPFIX concentrator MIB March 2006 concExtractEntry OBJECT-TYPE SYNTAX ConcExtractEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the concExtractTable" INDEX { concExtractIndex } ::= { concExtractTable 1 } ConcExtractEntry ::= SEQUENCE { concExtractIndex Integer32, concExtractEtrIpAddrType InetAddressType, concExtractEtrIpAddr InetAddress, concExtractStartTime DateAndTime, concExtractEndTime DateAndTime, concExtractProcessId Integer32, concExtractRowStatus RowStatus } concExtractIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in concExtractTable. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization. It is used in entries of the concEtrListTable as reference to concExtractTable table and its associated parameters." ::= { concExtractEntry 1 } concExtractEtrIpAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The IP address type of the exporter. The value for IPv4 is ipv4(1). The value for IPv6 is ipv6(2)." ::= { concExtractEntry 2 } concExtractEtrIpAddr OBJECT-TYPE SYNTAX InetAddress Kobayashi, et al. Expires September 3, 2006 [Page 21] Internet-Draft IPFIX concentrator MIB March 2006 MAX-ACCESS read-create STATUS current DESCRIPTION "The IP address is the exporter that is stored in the database. The collection process extracts flow records that are exported from this exporter address." ::= { concExtractEntry 3 } concExtractStartTime OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-create STATUS current DESCRIPTION "This hour is used by extracting flow records. The collection process extracts flow records that are created after this time. Then, these flow-records that belong in the period of time between concExtractStartTime and concExtractEndTime are extracted." ::= { concExtractEntry 4 } concExtractEndTime OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-create STATUS current DESCRIPTION "This hour is used by extracting flow records. The collection process does not extract flow records that are created after this hour." ::= { concExtractEntry 5 } concExtractProcessId OBJECT-TYPE SYNTAX Integer32 (0..256) MAX-ACCESS read-only STATUS current DESCRIPTION "The process id is used by the IPFIX collectng process." ::= { concExtractEntry 6 } concExtractRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row of the table." ::= { concExtractEntry 7 } -------------------------------------------------------------------- -- Objects of Selection Process Kobayashi, et al. Expires September 3, 2006 [Page 22] Internet-Draft IPFIX concentrator MIB March 2006 -------------------------------------------------------------------- concSelection OBJECT IDENTIFIER ::= { concentratorObjects 2 } -------------------------------------------------------------------- -- 1: Selection Function Available -------------------------------------------------------------------- concSelectIsAvail OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the availability of the selection function." DEFVAL { false } ::= { concSelection 1 } -------------------------------------------------------------------- -- 2: Selection Match Parameter Set Table -------------------------------------------------------------------- concSelectMatchParamSetTable OBJECT-TYPE SYNTAX SEQUENCE OF ConcSelectMatchParamSetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists configurations of match filtering. The match filtering is based on IPFIX/PSAMP Information Elements. The parameter set contains the Information Element Id, a value or value range, and a mask." ::= { concSelection 2 } concSelectMatchParamSetEntry OBJECT-TYPE SYNTAX ConcSelectMatchParamSetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the concSelectMatchParamSetTable" INDEX { concSelectMatchIndex, concSelectMatchInfoEltId } ::= { concSelectMatchParamSetTable 1 } ConcSelectMatchParamSetEntry ::= SEQUENCE { Kobayashi, et al. Expires September 3, 2006 [Page 23] Internet-Draft IPFIX concentrator MIB March 2006 concSelectMatchIndex Integer32, concSelectMatchInfoEltId Integer32, concSelectMatchStartValue OCTET STRING, concSelectMatchEndValue OCTET STRING, concSelectMatchMask OCTET STRING, concSelectMatchRowStatus RowStatus } concSelectMatchIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in this parameter set table. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization. It is used in entries of the concBaseAssocTable reference to this method and its associated parameter set." ::= { concSelectMatchParamSetEntry 1 } concSelectMatchInfoEltId OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The id of the information element that is encoded as InfoElementId defined in the IPFIX/PSAMP Information Models." ::= { concSelectMatchParamSetEntry 2 } concSelectMatchStartValue OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-create STATUS current DESCRIPTION "This indicates the value of the information element or the start of the value range. If concSelectMatchEndValue is defined, then the range between the start value and the end value is a value range. If concSelectMatchMask is defined, then concSelectMatchEndValue is ignored. In this case, the flow record is selected if the masked value exactly matches the start value, concSelectMatchStartValue." ::= { concSelectMatchParamSetEntry 3 } Kobayashi, et al. Expires September 3, 2006 [Page 24] Internet-Draft IPFIX concentrator MIB March 2006 concSelectMatchEndValue OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-create STATUS current DESCRIPTION "The final value of a value range. It should be equal to it's default value (''H) if a single value should be encoded. It is ignored if concSelectFilterMatchMask is defined." DEFVAL { ''H } ::= { concSelectMatchParamSetEntry 4 } concSelectMatchMask OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-create STATUS current DESCRIPTION "The selected value of the given information element is masked with this value. The resulting value is compared to concSelectMatchStartValue and the flow record is selected if they match. If concSelectFilterMatchEndValue and concnetSelectFilterMatchMask are defined at the same time, concSelectFilterMatchEndValue is ignored. Note that a mask is not useful for all information elements and, if it is specified, the mask has the same data type and encoding as the information element referenced by concSelectMatchInfoEltId." DEFVAL { ''H } ::= { concSelectMatchParamSetEntry 5 } concSelectMatchRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row of the table." ::= { concSelectMatchParamSetEntry 6 } -------------------------------------------------------------------- -- Objects of Aggregation Process -------------------------------------------------------------------- concAggregation OBJECT IDENTIFIER ::= { concentratorObjects 3 } -------------------------------------------------------------------- -- 1: Aggregation Function Available -------------------------------------------------------------------- Kobayashi, et al. Expires September 3, 2006 [Page 25] Internet-Draft IPFIX concentrator MIB March 2006 concAggrIsAvail OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the availability of the aggregating flow records." DEFVAL { false } ::= { concAggregation 1 } -------------------------------------------------------------------- -- 2: Aggregation Parameter Set Table -------------------------------------------------------------------- concAggrParamSetTable OBJECT-TYPE SYNTAX SEQUENCE OF ConcAggrParamSetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists parameters that are used for aggregating flow records." ::= { concAggregation 2 } concAggrParamSetEntry OBJECT-TYPE SYNTAX ConcAggrParamSetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the concAggrParamSetTable" INDEX { concAggrIndex } ::= { concAggrParamSetTable 1 } ConcAggrParamSetEntry ::= SEQUENCE { concAggrIndex Integer32, concAggrTimeInterval Integer32, concAggrParamRowStatus RowStatus } concAggrIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in concAggrParamSetTable. Kobayashi, et al. Expires September 3, 2006 [Page 26] Internet-Draft IPFIX concentrator MIB March 2006 The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization. It is used in entries of the concBaseAssocTable as reference to the concAggrParamSetTable table and its associated parameters." ::= { concAggrParamSetEntry 1 } concAggrTimeInterval OBJECT-TYPE SYNTAX Integer32 (1..2147483647) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies a time interval that is used by the aggregation process. This process gathers flow records within this time interval and then aggregates flow records that have a common property." ::= { concAggrParamSetEntry 2 } concAggrParamRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row of the table." ::= { concAggrParamSetEntry 3 } -------------------------------------------------------------------- -- 3: Aggregation Field Set Table -------------------------------------------------------------------- concAggrFieldSetTable OBJECT-TYPE SYNTAX SEQUENCE OF ConcAggrFieldSetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists field modifiers that are used for aggregating flow records." ::= { concAggregation 3 } concAggrFieldSetEntry OBJECT-TYPE SYNTAX ConcAggrFieldSetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION Kobayashi, et al. Expires September 3, 2006 [Page 27] Internet-Draft IPFIX concentrator MIB March 2006 "Defines an entry in the concAggrParamSetTable" INDEX { concAggrIndex, concAggrFieldSetId } ::= { concAggrFieldSetTable 1 } ConcAggrFieldSetEntry ::= SEQUENCE { concAggrFieldSetId Integer32, concAggrFieldModifier ConcFieldModifier, concAggrFieldRowStatus RowStatus } concAggrFieldSetId OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the id of the information element. These are encoded as the InfoEltId that is defined in IPFIX/PSAMP Information Models." ::= { concAggrFieldSetEntry 2 } concAggrFieldModifier OBJECT-TYPE SYNTAX ConcFieldModifier MAX-ACCESS read-create STATUS current DESCRIPTION "This field modifier is used by the aggregation process. If the keep modifier of this object is specified, the information element of concAggrFieldSetId is distinguished in the aggregated flow record. In addition, if the information element of concAggrFieldSetId is the flow key, this field becomes the key of aggregated flow. If it is not the flow key, this field is merged into a single counter. If the IP address field and prefix field are specified, a significant bit of the IP address field is reduced by the prefix. That means the keep modifier of the mask value of this IP address is specified." DEFVAL { discard } ::= { concAggrFieldSetEntry 3 } concAggrFieldRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION Kobayashi, et al. Expires September 3, 2006 [Page 28] Internet-Draft IPFIX concentrator MIB March 2006 "The status of this row of the table." ::= { concAggrFieldSetEntry 4 } -------------------------------------------------------------------- -- 4: Aggregation Additional Field Set Table -------------------------------------------------------------------- concAggrAddFieldSetTable OBJECT-TYPE SYNTAX SEQUENCE OF ConcAggrAddFieldSetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists the information element id that is added to the aggregated flow." ::= { concAggregation 4 } concAggrAddFieldSetEntry OBJECT-TYPE SYNTAX ConcAggrAddFieldSetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the concAggrAddFieldSetTable" INDEX { concAggrIndex, concAggrAddFieldSetId } ::= { concAggrAddFieldSetTable 1 } ConcAggrAddFieldSetEntry ::= SEQUENCE { concAggrAddFieldSetId Integer32, concAggrAddFieldRowStatus RowStatus } concAggrAddFieldSetId OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the Id of the information element. This object is encoded as the InfoEltId that is defined in IPFIX/PSAMP Information Models. This information element complements information that is discarded during the aggregation process. For example, these information elements are the total number of flows in aggregated flow and an average number of packets per-flow in aggregated flow. If this object is specified as an information element, Kobayashi, et al. Expires September 3, 2006 [Page 29] Internet-Draft IPFIX concentrator MIB March 2006 the aggregation process calculates and adds to create this field and this information element is included in the aggregated flow record." ::= { concAggrAddFieldSetEntry 2 } concAggrAddFieldRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row of the table." ::= { concAggrAddFieldSetEntry 3 } -------------------------------------------------------------------- -- Objects of Report and Exporting Process -------------------------------------------------------------------- concReport OBJECT IDENTIFIER ::= { concentratorObjects 4 } -------------------------------------------------------------------- -- 1: Report Parameter Set Table -------------------------------------------------------------------- concReportCtrTable OBJECT-TYPE SYNTAX SEQUENCE OF ConcReportCtrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists collectors to which IPFIX concentrator selected flow records are exported." ::= { concReport 1 } concReportCtrEntry OBJECT-TYPE SYNTAX ConcReportCtrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the concReportCtrTable." INDEX { concReportCtrIndex } ::= { concReportCtrTable 1 } ConcReportCtrEntry ::= SEQUENCE { concReportCtrIndex Integer32, concReportCtrDstIpAddrType InetAddressType, concReportCtrDstIpAddr InetAddress, concReportCtrDstProtocol Integer32, Kobayashi, et al. Expires September 3, 2006 [Page 30] Internet-Draft IPFIX concentrator MIB March 2006 concReportCtrDstPort Integer32, concReportCtrReportsSent Integer32, concReportCtrRowStatus RowStatus } concReportCtrIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in this collector table. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization. It is used in entries of concReportCtrGrTable as reference to this collector and its associated parameters." ::= { concReportCtrEntry 1 } concReportCtrDstIpAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The IP address type of the collector. The value for IPv4 is ipv4(1). The value for IPv6 is ipv6(2)." ::= { concReportCtrEntry 2 } concReportCtrDstIpAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The IP address of the collector." ::= { concReportCtrEntry 3 } concReportCtrDstProtocol OBJECT-TYPE SYNTAX Integer32 (0..256) MAX-ACCESS read-create STATUS current DESCRIPTION "Transport protocol used for exporting sampled packets to the collector. The recommended protocols are TCP (6), UDP (17), and SCTP (132). The default is SCTP." DEFVAL { 132 } Kobayashi, et al. Expires September 3, 2006 [Page 31] Internet-Draft IPFIX concentrator MIB March 2006 ::= { concReportCtrEntry 4 } concReportCtrDstPort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "Transport protocol port number of the collector." DEFVAL { 4739 } ::= { concReportCtrEntry 5 } concReportCtrReportsSent OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of packet reports sent to the collector." ::= { concReportCtrEntry 6 } concReportCtrRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Status of this row of the table." ::= { concReportCtrEntry 7 } -------------------------------------------------------------------- -- 2: Collector Gr Table -------------------------------------------------------------------- concReportCtrGrTable OBJECT-TYPE SYNTAX SEQUENCE OF ConcReportCtrGrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists groups of collectors to which IPFIX concentrator selected flow records are exported simultaneously. If IPFIX concentrator selected flow records are exported to only one collector, the group consists of exactly one collector." ::= { concReport 2 } concReportCtrGrEntry OBJECT-TYPE SYNTAX ConcReportCtrGrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION Kobayashi, et al. Expires September 3, 2006 [Page 32] Internet-Draft IPFIX concentrator MIB March 2006 "Defines an entry in the concReportCtrGrTable." INDEX { concReportCtrGrIndex, concReportCtrIndex } ::= { concReportCtrGrTable 1 } ConcReportCtrGrEntry ::= SEQUENCE { concReportCtrGrIndex Integer32, concReportCtrGrRowStatus RowStatus } concReportCtrGrIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in this parameter set table. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization. It is used in entries of the concBaseAssocTable as reference to this collector group and its associated parameters." ::= { concReportCtrGrEntry 1 } concReportCtrGrRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row of the table." ::= { concReportCtrGrEntry 3 } -------------------------------------------------------------------- -- 3: (Data) Template Record Table -------------------------------------------------------------------- concReportTemplateRcdTable OBJECT-TYPE SYNTAX SEQUENCE OF ConcReportTemplateRcdEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION Kobayashi, et al. Expires September 3, 2006 [Page 33] Internet-Draft IPFIX concentrator MIB March 2006 "This table lists templates used by the exporter." ::= { concReport 3 } concReportTemplateRcdEntry OBJECT-TYPE SYNTAX ConcReportTemplateRcdEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the concReportTemplateTable." INDEX { concReportTemplateRcdId, concReportTemplateRcdIndex } ::= { concReportTemplateRcdTable 1 } ConcReportTemplateRcdEntry ::= SEQUENCE { concReportTemplateRcdId Integer32, concReportTemplateRcdIndex Integer32, concReportTemplateRcdInfoEltId Integer32, concReportTemplateRcdRowStatus RowStatus } concReportTemplateRcdId OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in this template record table. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization. It is used in entries of the concBaseAssocTable as reference to this template record and its associated parameters. It groups the information element ids in a template record." ::= { concReportTemplateRcdEntry 1 } concReportTemplateRcdIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of a information element id in the template record identified by Kobayashi, et al. Expires September 3, 2006 [Page 34] Internet-Draft IPFIX concentrator MIB March 2006 concReportTemplateRcdId. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization. The concReportTemplateRcdIndex specifies the order in which the information element ids are used in the template record." ::= { concReportTemplateRcdEntry 2 } concReportTemplateRcdInfoEltId OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The Information Elt Id at position concReportTemplateRcdIndex in the template concReportTemplateRcdId. This implicitly gives the data type and state values that are exported." ::= { concReportTemplateRcdEntry 3 } concReportTemplateRcdRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row of the table." ::= { concReportTemplateRcdEntry 4 } -------------------------------------------------------------------- -- Objects of Storing Process -------------------------------------------------------------------- concStoring OBJECT IDENTIFIER ::= { concentratorObjects 5 } -------------------------------------------------------------------- -- 1: Storing Function Available -------------------------------------------------------------------- concStoringIsAvail OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the availability of the storing function." DEFVAL { false } Kobayashi, et al. Expires September 3, 2006 [Page 35] Internet-Draft IPFIX concentrator MIB March 2006 ::= { concStoring 1 } -------------------------------------------------------------------- -- 2: Storing Parameter Set Table -------------------------------------------------------------------- concStoringParamSetTable OBJECT-TYPE SYNTAX SEQUENCE OF ConcStoringParamSetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists the field modifiers that are used for storing IPFIX header information." ::= { concStoring 2 } concStoringParamSetEntry OBJECT-TYPE SYNTAX ConcStoringParamSetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the concStoringParamSetTable" INDEX { concStoringIndex } ::= { concStoringParamSetTable 1 } ConcStoringParamSetEntry ::= SEQUENCE { concStoringIndex Integer32, concStoringSourceidModifier ConcFieldModifier, concStoringExportTimeModifier ConcFieldModifier, concStoringProcessId Integer32, concStoringParamRowStatus RowStatus } concStoringIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in this parameter set table. The value is expected to remain constant from one re-initialization of the entity's network management system to the next re-initialization. It is used in entries as the concBaseAssocTable reference to this method and its associated parameter set." Kobayashi, et al. Expires September 3, 2006 [Page 36] Internet-Draft IPFIX concentrator MIB March 2006 ::= { concStoringParamSetEntry 1 } concStoringSourceidModifier OBJECT-TYPE SYNTAX ConcFieldModifier MAX-ACCESS read-create STATUS current DESCRIPTION "This field modifier is used by the storing process. If the keep modifier of this object is specified, the source Id of IPFIX header information is stored in the storage database. If the discard modifier of this object is specified, it is not stored." DEFVAL { discard } ::= { concStoringParamSetEntry 2 } concStoringExportTimeModifier OBJECT-TYPE SYNTAX ConcFieldModifier MAX-ACCESS read-create STATUS current DESCRIPTION "This field modifier is used by the storing process. If the keep modifier of this object is specified, the Export time of IPFIX header information is stored in the storage database. If the discard modifier of this object is specified, it is not stored." DEFVAL { discard } ::= { concStoringParamSetEntry 3 } concStoringProcessId OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The process id is used by this storing process." ::= { concStoringParamSetEntry 4 } concStoringParamRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row of the table." ::= { concStoringParamSetEntry 5 } -------------------------------------------------------------------- -- 3: Storing Field Set Table -------------------------------------------------------------------- Kobayashi, et al. Expires September 3, 2006 [Page 37] Internet-Draft IPFIX concentrator MIB March 2006 concStoringFieldSetTable OBJECT-TYPE SYNTAX SEQUENCE OF ConcStoringFieldSetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists field modifiers that are used for storing flow records." ::= { concStoring 3 } concStoringFieldSetEntry OBJECT-TYPE SYNTAX ConcStoringFieldSetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in concStoringFieldSetTable" INDEX { concStoringIndex,concStoringInfoEltId } ::= { concStoringFieldSetTable 1 } ConcStoringFieldSetEntry ::= SEQUENCE { concStoringInfoEltId Integer32, concStoringFieldModifier ConcFieldModifier, concStoringRowStatus RowStatus } concStoringInfoEltId OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the id of the information element. These are encoded as the InfoEltId that is defined in the IPFIX/PSAMP Information Models." ::= { concStoringFieldSetEntry 2 } concStoringFieldModifier OBJECT-TYPE SYNTAX ConcFieldModifier MAX-ACCESS read-create STATUS current DESCRIPTION "This field modifier is used by the storing process. If the keep modifier of this object is specified, the information element of concStoringInfoEltId is stored in the storage database. If the discard modifier of this object is specified, the information element of concStoringInfoEltId is discarded." DEFVAL { discard } Kobayashi, et al. Expires September 3, 2006 [Page 38] Internet-Draft IPFIX concentrator MIB March 2006 ::= { concStoringFieldSetEntry 3 } concStoringRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row of the table." ::= { concStoringFieldSetEntry 4 } -------------------------------------------------------------------- -- objects of Base Association -------------------------------------------------------------------- concBaseAssociations OBJECT IDENTIFIER ::= { concentratorObjects 6 } -------------------------------------------------------------------- -- 1: Base Association Table -------------------------------------------------------------------- concBaseAssocTable OBJECT-TYPE SYNTAX SEQUENCE OF ConcBaseAssocEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists all Base Associations at the managed node." ::= { concBaseAssociations 1 } concBaseAssocEntry OBJECT-TYPE SYNTAX ConcBaseAssocEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the concBaseAssocTable" INDEX { concBaseAssocIndex } ::= { concBaseAssocTable 1 } ConcBaseAssocEntry ::= SEQUENCE { concBaseAssocIndex Integer32, concBaseAssocSelectMatchIndex Integer32, concBaseAssocAggrIndex Integer32, concBaseAssocReportCtrGrIndex Integer32, concBaseAssocReportTemplateRcdId Integer32, concBaseAssocStoringIndex Integer32, concBaseAssocMeteringProcessId Integer32, concBaseAssocExtractIndex Integer32, Kobayashi, et al. Expires September 3, 2006 [Page 39] Internet-Draft IPFIX concentrator MIB March 2006 concBaseAssocRowStatus RowStatus } concBaseAssocIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in this parameter set table. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization." ::= { concBaseAssocEntry 1 } concBaseAssocSelectMatchIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "This object is the Index of the concSelectMatchIndex object. It links the instance when the identified selection match parameter table is applied to the method of selection that uses the input flow records." ::= { concBaseAssocEntry 2 } concBaseAssocAggrIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "This object is the Index of the concAggrIndex object. It links the instance when the identified aggregation parameter set table including the associated table is applied to the method of aggregation of selected flow records." ::= { concBaseAssocEntry 3 } concBaseAssocReportCtrGrIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "This object is the index of the collector group to which packet reports are sent." ::= { concBaseAssocEntry 4 } concBaseAssocReportTemplateRcdId OBJECT-TYPE Kobayashi, et al. Expires September 3, 2006 [Page 40] Internet-Draft IPFIX concentrator MIB March 2006 SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "This object is the Id of a template in the template table. It links the instance, concEtrListTable, and template together. The identified template is applied to the stream of selected/aggregated flow records." ::= { concBaseAssocEntry 5 } concBaseAssocStoringIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "This object is the index of the concStoringIndex object. It links the instance when the identified storing parameter is applied to the method of storing of input flow records. In addition, if the index of the concBaseAssocExtractIndex is specified, this object SHOULD not be specified." ::= { concBaseAssocEntry 6 } concBaseAssocMeteringProcessId OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The process Id of the metering process is used by this Base Association. The metering process means the chain of selection process and aggregation process, and reporting process." ::= { concBaseAssocEntry 7 } concBaseAssocExtractIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object is the Index of the concExtractIndex object. When it is specified, it links the parameters that are used by extracting flow records from the storage database. In addition, if the index of the concBaseAssocStoringIndex or concExporterListIndex is specified, this object SHOULD not be specified." ::= { concBaseAssocEntry 8 } concBaseAssocRowStatus OBJECT-TYPE SYNTAX RowStatus Kobayashi, et al. Expires September 3, 2006 [Page 41] Internet-Draft IPFIX concentrator MIB March 2006 MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row of the table." ::= { concBaseAssocEntry 9 } -------------------------------------------------------------------- -- 2: Exporter List Table -------------------------------------------------------------------- concExporterListTable OBJECT-TYPE SYNTAX SEQUENCE OF ConcExporterListEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists the concCollectExporterIndexes in the Base Association." ::= { concBaseAssociations 2 } concExporterListEntry OBJECT-TYPE SYNTAX ConcExporterListEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in concExporterListTable" INDEX { concBaseAssocIndex,concExporterListIndex } ::= { concExporterListTable 1 } ConcExporterListEntry ::= SEQUENCE { concExporterListIndex Integer32, concExporterListMethod OBJECT IDENTIFIER, concExporterListRowStatus RowStatus } concExporterListIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in this parameter set table. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization." ::= { concExporterListEntry 2 } Kobayashi, et al. Expires September 3, 2006 [Page 42] Internet-Draft IPFIX concentrator MIB March 2006 concExporterListMethod OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-create STATUS current DESCRIPTION "The object is represented by a pointer (OID) of the collectExporterIndex in IPFIX collector MIB objects. If the Base Association deals with only flow records from one exporter, the table will hold exactly one entry per Base Association. The concExporterListIndex does not mean the position in the exporter list." ::= { concExporterListEntry 3 } concExporterListRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row of the table." ::= { concExporterListEntry 4 } --================================================================== -- Conformance information --================================================================== concCompliances OBJECT IDENTIFIER ::= { concentratorConformance 1 } concGroups OBJECT IDENTIFIER ::= { concentratorConformance 2 } --================================================================== -- Compliance statements --================================================================== concCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "An implementation that complies to this module must implement the objects defined in the mandatory groups concGroupMetering. The imeplementation of all other objects depends on the imeplementation of the corresponding functionality in the equipment." MODULE -- this module MANDATORY-GROUPS { concGroupMetering } GROUP concGroupExtracting DESCRIPTION "These objects must be implementes if the corresponding Kobayashi, et al. Expires September 3, 2006 [Page 43] Internet-Draft IPFIX concentrator MIB March 2006 extraction function is implemented in the equipment." GROUP concGroupStoring DESCRIPTION "These objects must be implementes if the corresponding storing function is implemented in the equipment." ::= { concCompliances 1 } --================================================================== -- MIB groupings --================================================================== concGroupMetering OBJECT-GROUP OBJECTS { concAggrTimeInterval, concAggrParamRowStatus, concAggrFieldModifier, concAggrFieldRowStatus, concAggrAddFieldRowStatus, concAggrFieldSetId, concAggrIsAvail, concAggrAddFieldSetId, concSelectMatchInfoEltId, concSelectMatchStartValue, concSelectMatchEndValue, concSelectMatchMask, concSelectMatchRowStatus, concSelectIsAvail, concReportCtrDstIpAddrType, concReportCtrDstIpAddr, concReportCtrDstProtocol, concReportCtrDstPort, concReportCtrReportsSent, concReportCtrRowStatus, concReportCtrGrRowStatus, concReportTemplateRcdInfoEltId, concReportTemplateRcdRowStatus, concBaseAssocReportCtrGrIndex, concBaseAssocReportTemplateRcdId, concBaseAssocSelectMatchIndex, concBaseAssocAggrIndex, concBaseAssocMeteringProcessId, concBaseAssocRowStatus, concExporterListMethod, concExporterListRowStatus Kobayashi, et al. Expires September 3, 2006 [Page 44] Internet-Draft IPFIX concentrator MIB March 2006 } STATUS current DESCRIPTION "All objects that are basic for the aggregation function and the selection function and reporting function." ::= { concGroups 1 } concGroupExtracting OBJECT-GROUP OBJECTS { concExtractIsAvail, concExtractEtrIpAddrType, concExtractEtrIpAddr, concExtractStartTime, concExtractEndTime, concExtractProcessId, concExtractRowStatus, concBaseAssocExtractIndex } STATUS current DESCRIPTION "All objects that are basic for the extraction function. This function is needed for extracting flow records from storage database." ::= { concGroups 2 } concGroupStoring OBJECT-GROUP OBJECTS { concStoringSourceidModifier, concStoringExportTimeModifier, concStoringProcessId, concStoringParamRowStatus, concBaseAssocStoringIndex, concStoringRowStatus, concStoringFieldModifier, concStoringInfoEltId, concStoringIsAvail } STATUS current DESCRIPTION "All objects that are basic for the storing function. This function is needed for storing flow records to storage database." ::= { concGroups 3 } END Kobayashi, et al. Expires September 3, 2006 [Page 45] Internet-Draft IPFIX concentrator MIB March 2006 6. Security Considerations There are a number of management objects defined in these MIB modules with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. Especially, the support for SET operations in a non- secure environment without proper protection can have a negative effect on network operations. Kobayashi, et al. Expires September 3, 2006 [Page 46] Internet-Draft IPFIX concentrator MIB March 2006 7. IANA Considerations The IANA is requested to assign 2 OBJECT IDENTIFIER values in the SMI Numbers registry. +----------------------+-------------------------+ | Descriptor | OBJECT IDENTIFIER value | +----------------------+-------------------------+ | ipfixCollectorMIB | { mib-2 XXXX } | | ipfixConcentratorMIB | { mib-2 XXXX } | +----------------------+-------------------------+ Kobayashi, et al. Expires September 3, 2006 [Page 47] Internet-Draft IPFIX concentrator MIB March 2006 8. Acknowledgments Many thanks to J. Quittek for providing valuable comments. 9. References 9.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. 9.2. Informative References [I-D.dressler-ipfix-aggregation] Dressler, F., Sommer, C., and G. Munz, "IPFIX Aggregation", draft-dressler-ipfix-aggregation-01.txt (work in progress) , July 2005. [I-D.ietf-ipfix-architecture] Sadasivan, G., Brownlee, N., Claise, B., and J. Quittek, "Architecture for IP Flow Information Export", draft-ietf-ipfix-architecture-09.txt(work in progress) , August 2005. [I-D.ietf-ipfix-info] Quittek, J., Bryant, S., Claise, B., and J. Meyer, "Information Model for IP Flow Information Export", draft-ietf-ipfix-info-11.txt(work in progress) , September 2005. [I-D.ietf-ipfix-protocol] Claise, B., "IPFIX Protocol Specification", draft-ietf-ipfix-protocol-19.txt(work in progress) , September 2005. [I-D.ietf-psamp-mib] Dietz, T. and B. Claise, "Definitions Managed Objects for Packet Sampling", draft-ietf-psamp-mib-05.txt (work in progress) , October 2005. [I-D.kobayashi-ipfix-concentrator-model] Kobayashi, A., Ishibashi, K., Yamamoto, K., and D. Matsubara, "The reference model of IPFIX concentrators", draft-kobayashi-ipfix-concentrator-model-01.txt (work in progress) , March 2006. Kobayashi, et al. Expires September 3, 2006 [Page 48] Internet-Draft IPFIX concentrator MIB March 2006 [RFC3917] Quittek, J., Zseby, T., Claise, B., and S. Zander, "Requirements for IP Flow Information Export(IPFIX)", October 2004. Authors' Addresses Atsushi Kobayashi NTT Information Sharing Platform Laboratories 3-9-11 Midori-cho Musashino-shi, Tokyo 180-8585 Japan Phone: +81-422-59-3978 Email: akoba@nttv6.net Keisuke Ishibashi NTT Information Sharing Platform Laboratories 3-9-11 Midori-cho Musashino-shi, Tokyo 180-8585 Japan Phone: +81-422-59-3407 Email: ishibashi.keisuke@lab.ntt.co.jp Yamamoto Kimihiro NTT Information Sharing Platform Laboratories 3-9-11 Midori-cho Musashino-shi, Tokyo 180-8585 Japan Phone: +81-422-59-2514 Email: yamamoto.kimihiro@lab.ntt.co.jp Daisuke Matsubara Hitachi, Ltd., Central Reseach Laboratory 1-280 Higashi-koigakubo Kokubunji-shi, Tokyo 185-8601 Japan Phone: +81-42-323-1111 Email: d-matuba@crl.hitachi.co.jp Kobayashi, et al. Expires September 3, 2006 [Page 49] Internet-Draft IPFIX concentrator MIB March 2006 Intellectual Property Statement The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Disclaimer of Validity This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Copyright Statement Copyright (C) The Internet Society (2006). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. Acknowledgment Funding for the RFC Editor function is currently provided by the Internet Society. Kobayashi, et al. Expires September 3, 2006 [Page 50]