Internet Engineering Task Force K. Korte Internet-Draft J. Schoenwaelder Intended status: Standards Track A. Sehgal Expires: April 18, 2011 Jacobs University October 15, 2010 Definition of Managed Objects for the IPv6 Routing Protocol for Low power and Lossy Networks (RPL) draft-sehgal-roll-rpl-mib-00 Abstract This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it defines objects for managing the IPv6 Routing Protocol for Low power and Lossy Networks (RPL). Status of This Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on April 18, 2011. Copyright Notice Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents Korte, et al. Expires April 18, 2011 [Page 1] Internet-Draft RPL MIB October 2010 (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. The Internet-Standard Management Framework . . . . . . . . . . 3 3. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 4. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 5. Relationship to Other MIB Modules . . . . . . . . . . . . . . 4 6. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 4 7. Security Considerations . . . . . . . . . . . . . . . . . . . 13 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 14 9.1. Normative References . . . . . . . . . . . . . . . . . . . 14 9.2. Informative References . . . . . . . . . . . . . . . . . . 15 Korte, et al. Expires April 18, 2011 [Page 2] Internet-Draft RPL MIB October 2010 1. Introduction This memo defines a portion of the Management Information Base (MIB) for use with network management protocols. In particular it defines objects for managing the IPv6 Routing Protocol for Low power and Lossy Networks (RPL) [ID-RPL]. 2. The Internet-Standard Management Framework For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580]. 3. Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. 4. Overview The MIB module is organized into a group of scalars and tables. Korte, et al. Expires April 18, 2011 [Page 3] Internet-Draft RPL MIB October 2010 +--rplObjects(1) | +-- rwn RplInstanceID rplActiveInstance(1) | +--rplDodagTable(2) | | | +--rplDodagEntry(1) [rplDodagInstanceID] | | | +-- --- RplInstanceID rplDodagInstanceID(1) | +-- r-n InetAddressIPv6 rplDodagRoot(2) | +-- r-n RplDodagVersionNumber rplDodagVersion(3) | +-- r-n RplRank rplDodagRank(4) | +-- r-n RplObjectiveCodePoint rplDodagOCP(5) | +-- r-n InetAddressIPv6 rplDodagParent(6) | +-- r-n Enumeration rplDodagState(7) | +--rplDodagParentTable(3) | | | +--rplDodagParentEntry(1) [rplDodagInstanceID,rplDodagParentID] | | | +-- r-n InetAddressIPv6 rplDodagParentID(1) | +-- r-n InterfaceIndex rplDodagParentIf(2) | +--rplDodagChildTable(4) | | | +--rplDodagChildEntry(1) [rplDodagInstanceID,rplDodagChildID] | | | +-- r-n InetAddressIPv6 rplDodagChildID(1) | +--rplStats(5) | +-- r-n Counter32 rplStatsMemOverflows(1) +-- r-n Counter32 rplStatsValidParentFailures(2) +-- r-n Counter32 rplStatsNoInstanceIDs(3) +-- r-n Counter32 rplStatsTriggeredLocalRepairs(4) +-- r-n Counter32 rplStatsTriggeredGlobalRepairs(5) +-- r-n Counter32 rplStatsParseErrors(6) +-- r-n Counter32 rplStatsNoParentSecs(7) +-- r-n Counter32 rplStatsActiveNoParentSecs(8) 5. Relationship to Other MIB Modules The MIB module IMPORTS objects from SNMPv2-SMI [RFC2578], SNMPv2-TC [RFC2579], SNMPv2-CONF [RFC2580], IF-MIB [RFC2863] and the INET- ADDRESS-MIB [RFC4001]. 6. Definitions Korte, et al. Expires April 18, 2011 [Page 4] Internet-Draft RPL MIB October 2010 RPL-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, Counter32, mib-2 FROM SNMPv2-SMI -- RFC 2578 TEXTUAL-CONVENTION FROM SNMPv2-TC -- RFC 2579 OBJECT-GROUP, MODULE-COMPLIANCE FROM SNMPv2-CONF -- RFC 2580 InterfaceIndex FROM IF-MIB -- RFC 2863 InetAddressIPv6 FROM INET-ADDRESS-MIB; -- RFC 4001 rplMib MODULE-IDENTITY LAST-UPDATED "201010151600Z" ORGANIZATION "Jacobs University Bremen" CONTACT-INFO "Kevin Dominik Korte Jacobs University Bremen Email: k.korte@jacobs-university.de Anuj Sehgal Jacobs University Bremen Email: s.anuj@jacobs-university.de Juergen Schoenwaelder Jacobs University Bremen Email: j.schoenwaelder@jacobs-university.de" DESCRIPTION "The MIB module for monitoring nodes implementing the IPv6 routing protocol for low power and lossy networks (RPL). Copyright (c) 2010 IETF Trust and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info)." REVISION "201010151600Z" DESCRIPTION "Initial version, published as RFC XXXX." -- RFC Ed.: replace XXXX with actual RFC number & remove this note Korte, et al. Expires April 18, 2011 [Page 5] Internet-Draft RPL MIB October 2010 ::= { mib-2 XXXX } RplInstanceID ::= TEXTUAL-CONVENTION DISPLAY-HINT "d" STATUS current DESCRIPTION "A global or local RPLinstanceID as defined in Section 5.1. of RFC YYYY." REFERENCE "RFC YYYY: RPL: IPv6 Routing Protocol for LLNs" SYNTAX Unsigned32 (0..255) RplDodagVersionNumber ::= TEXTUAL-CONVENTION DISPLAY-HINT "d" STATUS current DESCRIPTION "The version number of a DODAG." REFERENCE "RFC YYYY: RPL: IPv6 Routing Protocol for LLNs" SYNTAX Unsigned32 (0..255) RplRank ::= TEXTUAL-CONVENTION DISPLAY-HINT "d" STATUS current DESCRIPTION "The rank of a node within a DODAG." REFERENCE "RFC YYYY: RPL: IPv6 Routing Protocol for LLNs" SYNTAX Unsigned32 (0..65535) RplObjectiveCodePoint ::= TEXTUAL-CONVENTION DISPLAY-HINT "d" STATUS current DESCRIPTION "The Objective Code Point of a DODAG." REFERENCE "RFC YYYY: RPL: IPv6 Routing Protocol for LLNs" SYNTAX Unsigned32 (0..65535) -- object definitions rplNotifications OBJECT IDENTIFIER ::= { rplMib 0 } rplObjects OBJECT IDENTIFIER ::= { rplMib 1 } rplConformance OBJECT IDENTIFIER ::= { rplMib 2 } rplActiveInstance OBJECT-TYPE SYNTAX RplInstanceID MAX-ACCESS read-write Korte, et al. Expires April 18, 2011 [Page 6] Internet-Draft RPL MIB October 2010 STATUS current DESCRIPTION "The currently active RPL Instance." ::= { rplObjects 1 } rplDodagTable OBJECT-TYPE SYNTAX SEQUENCE OF RplDodagEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table represents information about all locally known DODAGs." ::= { rplObjects 2 } rplDodagEntry OBJECT-TYPE SYNTAX RplDodagEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry representing information about a DODAG." INDEX { rplDodagInstanceID } ::= { rplDodagTable 1 } RplDodagEntry ::= SEQUENCE { rplDodagInstanceID RplInstanceID, rplDodagRoot InetAddressIPv6, rplDodagVersion RplDodagVersionNumber, rplDodagRank RplRank, rplDodagOCP RplObjectiveCodePoint, rplDodagState INTEGER } rplDodagInstanceID OBJECT-TYPE SYNTAX RplInstanceID MAX-ACCESS not-accessible STATUS current DESCRIPTION "The InstanceID of this RPL Instance." ::= { rplDodagEntry 1 } rplDodagRoot OBJECT-TYPE SYNTAX InetAddressIPv6 MAX-ACCESS read-only STATUS current DESCRIPTION "The DODAGID in the currently active RPL instance. The root of the DODAG reports its own IPv6 address as the DODAG root." Korte, et al. Expires April 18, 2011 [Page 7] Internet-Draft RPL MIB October 2010 ::= { rplDodagEntry 2 } rplDodagVersion OBJECT-TYPE SYNTAX RplDodagVersionNumber MAX-ACCESS read-only STATUS current DESCRIPTION "The version of the DODAG in this RPL instance." ::= { rplDodagEntry 3 } rplDodagRank OBJECT-TYPE SYNTAX RplRank MAX-ACCESS read-only STATUS current DESCRIPTION "The rank of the node within the DODAG." ::= { rplDodagEntry 4 } rplDodagOCP OBJECT-TYPE SYNTAX RplObjectiveCodePoint MAX-ACCESS read-only STATUS current DESCRIPTION "The Objective Code Point used by this DODAG." ::= { rplDodagEntry 5 } rplDodagState OBJECT-TYPE SYNTAX INTEGER { other(0), associated(1), grounded(2), floating(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The status of the DODAG: other(0) An unknown state. associated(1) A node is associated with the RPL instance. grounded(2) The DODAG is grounded. floating(3) The DODAG is floating (not grounded). " ::= { rplDodagEntry 6 } Korte, et al. Expires April 18, 2011 [Page 8] Internet-Draft RPL MIB October 2010 rplDodagParentTable OBJECT-TYPE SYNTAX SEQUENCE OF RplDodagParentEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The list of parents for a DODAG." ::= { rplObjects 3 } rplDodagParentEntry OBJECT-TYPE SYNTAX RplDodagParentEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information about a known DODAG parent." INDEX { rplDodagInstanceID, rplDodagParentID } ::= { rplDodagParentTable 1 } RplDodagParentEntry ::= SEQUENCE { rplDodagParentID InetAddressIPv6, rplDodagParentIf InterfaceIndex } rplDodagParentID OBJECT-TYPE SYNTAX InetAddressIPv6 MAX-ACCESS read-only STATUS current DESCRIPTION "An RPL parent associated with this RPL node." ::= { rplDodagParentEntry 1 } rplDodagParentIf OBJECT-TYPE SYNTAX InterfaceIndex MAX-ACCESS read-only STATUS current DESCRIPTION "The interface over which the parent can be reached." ::= { rplDodagParentEntry 2 } rplDodagChildTable OBJECT-TYPE SYNTAX SEQUENCE OF RplDodagChildEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "" ::= { rplObjects 4 } rplDodagChildEntry OBJECT-TYPE SYNTAX RplDodagChildEntry Korte, et al. Expires April 18, 2011 [Page 9] Internet-Draft RPL MIB October 2010 MAX-ACCESS not-accessible STATUS current DESCRIPTION "" INDEX { rplDodagInstanceID, rplDodagChildID } ::= { rplDodagChildTable 1 } RplDodagChildEntry ::= SEQUENCE { rplDodagChildID InetAddressIPv6 } rplDodagChildID OBJECT-TYPE SYNTAX InetAddressIPv6 MAX-ACCESS read-only STATUS current DESCRIPTION "An RPL child associated with this RPL node." ::= { rplDodagChildEntry 1 } rplStats OBJECT IDENTIFIER ::= { rplObjects 5 } rplStatsMemOverflows OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of memory allocation failures (e.g., routing table overflows)." ::= { rplStats 1 } rplStatsValidParentFailures OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times a packet could not be sent to a DODAG parent flagged as valid." ::= { rplStats 2 } rplStatsNoInstanceIDs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times a packet could not be sent because of a missing RPLInstanceID." ::= { rplStats 3 } Korte, et al. Expires April 18, 2011 [Page 10] Internet-Draft RPL MIB October 2010 rplStatsTriggeredLocalRepairs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times a local repair procedure was triggered." ::= { rplStats 4 } rplStatsTriggeredGlobalRepairs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times a global repair procedure was triggered." ::= { rplStats 5 } rplStatsParseErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of received malformed messages." ::= { rplStats 6 } rplStatsNoParentSecs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of seconds without a next hop (DODAG parent)." ::= { rplStats 7 } rplStatsActiveNoParentSecs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of seconds with packets to forward without a next hop (DODAG parent)." ::= { rplStats 8 } rplGroups OBJECT IDENTIFIER ::= { rplConformance 1 } rplCompliances OBJECT IDENTIFIER ::= { rplConformance 2 } rplCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "" Korte, et al. Expires April 18, 2011 [Page 11] Internet-Draft RPL MIB October 2010 MODULE -- this module MANDATORY-GROUPS { rplDodagGroup, rplStatsGroup } ::= { rplCompliances 1 } rplDodagGroup OBJECT-GROUP OBJECTS { rplActiveInstance, -- rplDodagInstanceID rplDodagRoot, rplDodagVersion, rplDodagRank, rplDodagOCP, rplDodagState, rplDodagParentID, rplDodagParentIf, rplDodagChildID } STATUS current DESCRIPTION "A collection of objects providing insight into the DODAGs known to the implementation." ::= { rplGroups 1 } rplStatsGroup OBJECT-GROUP OBJECTS { rplStatsMemOverflows, rplStatsValidParentFailures, rplStatsNoInstanceIDs, rplStatsTriggeredLocalRepairs, rplStatsTriggeredGlobalRepairs, rplStatsParseErrors, rplStatsNoParentSecs, rplStatsActiveNoParentSecs } STATUS current DESCRIPTION "A collection of objects providing statistics about the RPL implementation." ::= { rplGroups 2 } END Korte, et al. Expires April 18, 2011 [Page 12] Internet-Draft RPL MIB October 2010 7. Security Considerations There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. These are the tables and objects and their sensitivity/vulnerability: o rplActiveInstance: [TBD] explain sensitivity Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability: o rplActiveInstance: [TBD] explain sensitivity o rplDodagRoot: [TBD] explain sensitivity o rplDodagVersion: [TBD] explain sensitivity o rplDodagRank: [TBD] explain sensitivity o rplDodagOCP: [TBD] explain sensitivity o rplDodagState: [TBD] explain sensitivity o rplDodagParentID: [TBD] explain sensitivity o rplDodagChildID: [TBD] explain sensitivity o rplStatsMemOverflows: [TBD] explain sensitivity o rplStatsValidParentFailures: [TBD] explain sensitivity o rplStatsNoInstanceIDs: [TBD] explain sensitivity o rplStatsTriggeredLocalRepairs: [TBD] explain sensitivity o rplStatsTriggeredGlobalRepairs: [TBD] explain sensitivity o rplStatsParseErrors: [TBD] explain sensitivity Korte, et al. Expires April 18, 2011 [Page 13] Internet-Draft RPL MIB October 2010 o rplStatsNoParentSecs: [TBD] explain sensitivity o rplStatsActiveNoParentSecs: [TBD] explain sensitivity SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPsec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module. It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy). Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them. 8. IANA Considerations IANA is requested to assign a value for "XXX" under the 'mib-2' subtree and to record the assignment in the SMI Numbers registry. When the assignment has been made, the RFC Editor is asked to replace "XXX" (here and in the MIB module) with the assigned value and to remove this note. 9. References 9.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58, RFC 2580, Korte, et al. Expires April 18, 2011 [Page 14] Internet-Draft RPL MIB October 2010 April 1999. [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB", RFC 2863, June 2000. [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. Schoenwaelder, "Textual Conventions for Internet Network Addresses", RFC 4001, February 2005. [ID-RPL] Winter, T., Ed. and P. Thubert, Ed., "RPL: IPv6 Routing Protocol for Low power and Lossy Networks", draft-ietf-roll-rpl-12 (work in progress). 9.2. Informative References [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework", RFC 3410, December 2002. Authors' Addresses Kevin Korte Jacobs University Campus Ring 1 Bremen 28759 Germany EMail: k.korte@jacobs-university.de Juergen Schoenwaelder Jacobs University Campus Ring 1 Bremen 28759 Germany EMail: j.schoenwaelder@jacobs-university.de Anuj Sehgal Jacobs University Campus Ring 1 Bremen 28759 Germany EMail: s.anuj@jacobs-university.de Korte, et al. Expires April 18, 2011 [Page 15]