Internet Engineering Task Force Dave Thaler INTERNET-DRAFT Merit Expires May 1998 14 November 1997 IP Tunnel MIB Status of this Memo This document is an Internet Draft. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its Areas, and its Working Groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet Drafts as reference material or to cite them other than as a "work in progress". 1. Introduction This memo defines an experimental portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects used for managing tunnels of any type in IP networks, including GRE [5,6], IP- in-IP [7], Minimal Encapsulation [8], L2TP [9], and PPTP [10] tunnels. Extension MIBs (e.g., [11]) may be designed for managing protocol- specific objects. Expires October 1997 [Page 1] Draft IP Tunnel MIB November 1997 2. The SNMPv2 Network Management Framework The SNMPv2 Network Management Framework presently consists of three major components. They are: o RFC 1902 [1] which defines the SMI, the mechanisms used for describing and naming objects for the purpose of management. o STD 17, RFC 1213 [2] defines MIB-II, the core set of managed objects for the Internet suite of protocols. o RFC 1157 [3] and RFC 1905 [4] which define two versions of the protocol used for network access to managed objects. The Framework permits new objects to be defined for the purpose of experimentation and evaluation. 2.1. Object Definitions Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the subset of Abstract Syntax Notation One (ASN.1) defined in the SMI. In particular, each object type is named by an OBJECT IDENTIFIER, an administratively assigned name. The object type together with an object instance serves to uniquely identify a specific instantiation of the object. For human convenience, we often use a textual string, termed the descriptor, to refer to the object type. 3. Overview This MIB module contains a single table: o The Tunnel Table contains information on the tunnels known to a router. 3.1. Relationship to the Interfaces MIB This section clarifies the relationship of this MIB to the Interfaces MIB [12]. Several areas of correlation are addressed in the following subsections. The implementor is referred to the Interfaces MIB document in order to understand the general intent of these areas. Expires October 1997 [Page 2] Draft IP Tunnel MIB November 1997 3.1.1. Layering Model Each logical interface (physical or virtual) has an ifEntry in the Interfaces MIB [12]. Tunnels are handled by creating a logical interface (ifEntry) for each tunnel. These are then correlated to physical interfaces using the ifStack table of the Interfaces MIB. The basic model, therefore, looks something like this (for example): | | | | | | +--+ +---+ +--+ +---+ | | |IP-in-IP| | GRE | | | | tunnel | | tunnel | | | +--+ +---+ +--+ +---+ | | | | | | | | <== attachment to physical +--+ +---------+ +----------+ +--+ interfaces, to be provided | Physical interface | by ifStack table +--------------------------------+ 3.1.2. ifTestTable The ifTestTable usage is defined in the MIBs defining the encapsulation below the network layer. For example, if IP-in-IP encapsulation is being used, the ifTestTable is defined by IP-in-IP. 3.1.3. ifRcvAddressTable The ifRcvAddressTable usage is defined in the MIBs defining the encapsulation below the network layer. For example, if IP-in-IP encapsulation is being used, the ifRcvAddressTable is defined by IP- in-IP. 3.1.4. ifEntry IfEntries are defined in the MIBs defining the encapsulation below the network layer. For example, if IP-in-IP encapsulation [9] is being used, the ifEntry is defined by IP-in-IP. The ifType of a tunnel should be set to [TO BE ASSIGNED]. An entry in the IP Tunnel MIB will exist for every ifEntry with this ifType. An implementation of the IP Tunnel MIB MAY allow ifEntries to be created. Creating a tunnel will also add an entry in the ifTable, and deleting a tunnel will likewise delete the entry in the ifTable. Expires October 1997 [Page 3] Draft IP Tunnel MIB November 1997 4. Definitions TUNNEL-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, enterprises, Integer32, IpAddress FROM SNMPv2-SMI RowStatus FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF, ifIndex FROM IF-MIB; tunnelMIB MODULE-IDENTITY LAST-UPDATED "9711141200Z" ORGANIZATION "Merit Network" CONTACT-INFO " Dave Thaler Merit Network, Inc 4251 Plymouth Rd., Suite C Ann Arbor, MI 48105-2785 EMail: thalerd@merit.net" DESCRIPTION "The MIB module for management of IP Tunnels, independent of the specific encapsulation scheme in use." ::= { enterprises 61 3 2 2 } tunnelMIBObjects OBJECT IDENTIFIER ::= { tunnelMIB 1 } tunnel OBJECT IDENTIFIER ::= { tunnelMIBObjects 1 } Expires October 1997 [Page 4] Draft IP Tunnel MIB November 1997 -- the IP Tunnel MIB-Group -- -- a collection of objects providing information about -- IP Multicast Groups tunnelIfTable OBJECT-TYPE SYNTAX SEQUENCE OF TunnelIfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The (conceptual) table containing information on configured tunnels." ::= { tunnel 1 } tunnelIfEntry OBJECT-TYPE SYNTAX TunnelIfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (conceptual row) containing the information on a particular configured tunnel." INDEX { ifIndex } ::= { tunnelIfTable 1 } TunnelIfEntry ::= SEQUENCE { tunnelIfLocalAddress IpAddress, tunnelIfRemoteAddress IpAddress, tunnelIfEncapsMethod INTEGER, tunnelIfHopLimit Integer32, tunnelIfStatus RowStatus, tunnelIfPriority Integer32, tunnelIfEncapsLimit Integer32 } tunnelIfLocalAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The address of the local endpoint of the tunnel." ::= { tunnelIfEntry 1 } tunnelIfRemoteAddress OBJECT-TYPE SYNTAX IpAddress Expires October 1997 [Page 5] Draft IP Tunnel MIB November 1997 MAX-ACCESS read-create STATUS current DESCRIPTION "The address of the remote endpoint of the tunnel." ::= { tunnelIfEntry 2 } tunnelIfEncapsMethod OBJECT-TYPE SYNTAX INTEGER { other(1), -- none of the following native(2), -- no intermediate header gre(3), -- GRE encapsulation minimal(4), -- Minimal encapsulation l2tp(5), -- L2TP encapsulation pptp(6) -- PPTP encapsulation } MAX-ACCESS read-create STATUS current DESCRIPTION "The encapsulation method used by the tunnel. The value native indicates that the packet is encapsulated inside a normal IPv4 header and unicast to the remote tunnel endpoint. The value gre indicates that a GRE header is inserted between the outer header and the payload header, and minimal indicates that a Minimal Forwarding Header (RFC 2004) is inserted between the outer header and the payload data. The value pptp indicates that an enhanced GRE header and a PPP header are inserted." ::= { tunnelIfEntry 3 } tunnelIfHopLimit OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The IPv4 TTL (or IPv6 hop limit) to use in the outer IP header. A value of 0 indicates that the value is copied from the payload's header." ::= { tunnelIfEntry 4 } tunnelIfStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row, by which new entries may be Expires October 1997 [Page 6] Draft IP Tunnel MIB November 1997 created, or old entries deleted from this table." ::= { tunnelIfEntry 5 } tunnelIfPriority OBJECT-TYPE SYNTAX Integer32 (-1..15) MAX-ACCESS read-create STATUS current DESCRIPTION "The IPv4 Preference or IPv6 Priority to use in the outer IP header. A value of -1 indicates that the value is copied from the payload's header." ::= { tunnelIfEntry 6 } tunnelIfEncapsLimit OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum number of encapsulations permitted for packets undergoing encapsulation at this node. A value of 0 indicates that no limit is present (except as a result of the packet size)." ::= { tunnelIfEntry 7 } Expires October 1997 [Page 7] Draft IP Tunnel MIB November 1997 -- conformance information tunnelMIBConformance OBJECT IDENTIFIER ::= { tunnelMIB 2 } tunnelMIBCompliances OBJECT IDENTIFIER ::= { tunnelMIBConformance 1 } tunnelMIBGroups OBJECT IDENTIFIER ::= { tunnelMIBConformance 2 } -- compliance statements tunnelMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for the IP Tunnel MIB." MODULE -- this module MANDATORY-GROUPS { tunnelMIBBasicGroup } ::= { tunnelMIBCompliances 1 } -- units of conformance tunnelMIBBasicGroup OBJECT-GROUP OBJECTS { tunnelIfEncapsMethod, tunnelIfHopLimit, tunnelIfStatus, tunnelIfPriority, tunnelIfEncapsLimit } STATUS current DESCRIPTION "A collection of objects to support basic management of IP Tunnels." ::= { tunnelMIBGroups 1 } END Expires October 1997 [Page 8] Draft IP Tunnel MIB November 1997 5. References [1] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Structure of Management Information for version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1902, January 1996. [2] McCloghrie, K., and M. Rose, Editors, "Management Information Base for Network Management of TCP/IP-based internets: MIB-II", STD 17, RFC 1213, March 1991. [3] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network Management Protocol", RFC 1157, May 1990. [4] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol Operations for version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, January 1996. [5] Hanks, S., Li, T., Farinacci, D., and P. Traina, "Generic Routing Encapsulation (GRE)", RFC 1701, October 1994. [6] Hanks, S., Li, T., Farinacci, D., and P. Traina, "Generic Routing Encapsulation over IPv4 networks", RFC 1702, October 1994. [7] Perkins, C., "IP Encapsulation within IP", RFC 2003, October 1996. [8] Perkins, C., "Minimal Encapsulation within IP", RFC 2004, October 1996. [9] Hamzeh, Kolar, Littlewood, Pall, Taarud, Valencia, and Verthein, "Layer Two Tunneling Protocol (L2TP)", draft-ietf-pppext-l2tp- 04.txt, June 1997. [10] Hamzeh, Pall, Verthein, Taarud, and Little, "Point-to-Point Tunneling Protocol--PPTP", draft-ietf-pppext-pptp-02.txt, July 1997. [11] Calhoun, Reddy, Vroman, and Wheeler. "Layer Two Tunneling Protocol "L2TP" Management Information Base", draft-ietf-pppext-l2tp-mib- 00.txt, October 1997. [12] McCloghrie and Kastenholz. "Evolution of the Interfaces Group of MIB-II", RFC 1573, January 1994. Expires October 1997 [Page 9] Draft IP Tunnel MIB November 1997 6. Security Considerations Security issues are not discussed in this memo. 7. Author's Address Dave Thaler Merit Network, Inc 4251 Plymouth Rd., Suite C Ann Arbor, MI 48105-2785 Phone: +1 313 647 4813 EMail: thalerd@merit.net Expires October 1997 [Page 10] Draft IP Tunnel MIB November 1997 Table of Contents 1 Introduction .................................................... 1 2 The SNMPv2 Network Management Framework ......................... 2 2.1 Object Definitions ............................................ 2 3 Overview ........................................................ 2 3.1 Relationship to the Interfaces MIB ............................ 2 3.1.1 Layering Model .............................................. 3 3.1.2 ifTestTable ................................................. 3 3.1.3 ifRcvAddressTable ........................................... 3 3.1.4 ifEntry ..................................................... 3 4 Definitions ..................................................... 4 5 References ...................................................... 9 6 Security Considerations ......................................... 10 7 Author's Address ................................................ 10 Expires October 1997 [Page 11]