PPVPN WG Yacine El Mghazli Internet Draft Alcatel Kwok Ho Chan Expires: August 2003 Nortel Networks February 2003 BGP/MPLS VPN Policy Information Base Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026 [STD]. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress". The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Abstract This document describes a Policy Information Base (PIB) for a device implementing the BGP/MPLS VPN [2547bis] Architecture. The Provisioning Classes defined here provide policy control of resources implementing the BGP/MPLS VPN Architecture. These Provisioning Classes can be used with other non BGP/MPLS VPN Provisioning Classes (defined in other PIBs) to provide for a comprehensive policy controlled mapping of service requirements to device resource capability and usage. El Mghazli, et al. Expires - August 2003 [Page 1] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. Table of Contents 1. Glossary.......................................................3 2. Introduction...................................................3 3. Relationship to the MPLS VPN MIB...............................4 4. Assumptions and Prerequisites..................................4 5. Operational Overview...........................................5 5.1 Features List..............................................5 5.2 Roles usage with the 2547bis PIB...........................5 6. PIB overview...................................................6 6.1 Capabilities Group.........................................6 6.2 Policy Group...............................................7 6.3 FeedBack Group.............................................8 7. PIB Usage Example..............................................9 8. BGP/MPLS VPN PIB Definition...................................12 8.1 The BGP/MPLS VPN PIB......................................12 9. Subject Category Considerations...............................30 10. Intellectual Property Considerations.........................31 11. IANA Considerations..........................................31 Security Considerations..........................................31 Normative References.............................................31 Acknowledgments..................................................33 Author's Addresses...............................................33 Full Copyright Statement.........................................35 El Mghazli, et al. Expires - August 2003 [Page 2] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 1. Glossary PRC Provisioning Class. A type of policy data. PRI Provisioning Instance. An instance of a PRC. PIB Policy Information Base. The database of policy information. PDP Policy Decision Point. See [RAP-FRWK]. PEP Policy Enforcement Point. See [RAP-FRWK]. PRID Rovisioning Instance Identifier. Uniquely identifies an instance of a PRC. PE Provider Edge. See [2547bis]. CE Customer Edge. See [2547bis]. RR Route Reflector. See [2547bis]. VRF Virtual Routing and Forwarding. See [2547bis]. ORF Outbound Route Filtering. See [2547bis]. 2. Introduction [SPPI] describes a structure for specifying policy information that can then be transmitted to a network device for the purpose of configuring policy at that device. The model underlying this structure is one of well-defined provisioning classes and instances of these classes residing in a virtual information store called the Policy Information Base (PIB). This document specifies a set of provisioning classes specifically or configuring BGP/MPLS VPN services in the service provider devices (PE routers). One way to provision policy is by means of the COPS protocol [COPS] with the extensions for provisioning [COPS-PR]. This protocol supports multiple clients, each of which may provision policy for a specific policy domain such as VPNs. The PRCs defined in this BGP/MPLS VPN PIB are intended for use by the COPS-PR PPVPN client- type [COPS-PPVPN]. Furthermore, these PRCs are in addition to any other PIBs that may be defined for the PPVPN client type in the future, as well as the PRCs defined in the Framework PIB [FR-PIB] and the Feedback Framework PIB [FEED-PIB]. The COPS-PR protocol offers significant advantages when dealing with dynamic configuration and when compared to traditional management solutions. Moreover, dynamic VPN resource assignment is crucial to cope with the frequent changes requests from customer's (e.g., sites joining or leaving a VPN), as well as to achieve scalability. The PEs should be able to dynamically assign the VPN resources. This capability is especially important for temporary access VPN services. El Mghazli, et al. Expires - August 2003 [Page 3] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 3. Relationship to the MPLS VPN MIB The present version of the BGP/MPLS VPN PIB has been designed to be as close as possible to the MPLS VPN MIB [MPLS-VPN-MIB] for consistency purposes. However, in order to take advantage of the specifics of SPPI and COPS-PR in general, the BGP/MPLS VPN PIB has its own structure and data organization. 4. Assumptions and Prerequisites It is assumed that certain things are configured and operational inorder for the tables and objects described in this PIB to workcorrectly. These things are outlined below: . Customer Visible Routing: Routing protocols running on the customer interface (between PE routers and CE devices) must be configurable per VRF. To this end, the service provider may use any of the management solutions such SNMP with the routing protocols MIBs. . Routing across the SP backbone: The MP-iBGP mechanisms specific to BGP/MPLS VPNs are assumed to be configured and operational in order for PEs to exchange their routes. To this end, the service provider may use any of the management solutions such as SNMP with the BGP4 specific MIB, namely [BGP4-MIB]. Then the BGP/MPLS mechanisms are in charge of dynamically distribute these routes between sites according to the VPN policies contained in the present PIB. . VPN Tunneling and QoS: MPLS in general, must be configured and operational. To this end, the service provider may use any of the management solutions such as SNMP with the MPLS specific MIBs, namely [LSR-MIB], [FTN-MIB] or [TE-MIB]. The LSPs establishment between PEs within the service provider network is out of the scope of this document. It is the service provider's responsibility to establish internal LSPs in order to connect its PEs or RRs together. The LSPs can be either best- effort or QoS-aware, traffic engineered or not, etc. In the case of hierarchical and recursive VPNs, the LSPs establishment on the PE-CE interface is also out of the scope of this document. El Mghazli, et al. Expires - August 2003 [Page 4] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 This requires coordination of identifiers of tunnels, hierarchical tunnels, VPNs, and any associated service information, for example, a QoS service. This is an implementation concern. . Underlying infrasructure: The configuration of a VPN must be coordinated with the configuration of the underlying infrastructure, including Layer 1 and 2 networks interconnecting components of a PPVPN. This is out of the scope of this document. 5. Operational Overview 5.1 Features List BGP/MPLS VPN management supports configuration of intranet and extranet membership. COPS-PR enables VPN service creation, configuration, monitoring and deletion. It supports the 'VPN join' and 'VPN prune' operations dynamically. BGP/MPLS VPN configuration using COPS-PR enables dynamic provisioning of resources associated with VPN services. For example, the number and size of VRF instances is provisionable. The PIB supports BGP/MPLS VPN service as Enterprise VPN, Carrier's Carrier VPN (a.k.a. hierachical VPNs), or Inter/Multi-provider Backbone VPN (a.k.a. recursive VPNs). The PIB supports the maintenance and troubleshooting of BGP/MPLS VPNs. The PIB supports BGP/MPLS VPNs that are configured on a particular physical interface or sub-interface if the interface can be divided (e.g. Frame Relay, ATM, or Ethernet VLAN) by the router. COPS-PR must be supported by PE routers and the present PIB shall be used to configure and maintain one or more VPN Routing and Forwarding Tables (VRFs). The BGP/MPLS VPN PIB enables the monitoring of some specific parameters for usage feedback purposes. 5.2 Roles usage with the 2547bis PIB According to [FR-PIB], roles provide a way to bind policy to interfaces without having to explicitly identify interfaces in a consistent manner across all network devices. That is, roles provide El Mghazli, et al. Expires - August 2003 [Page 5] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 a level of indirection to the application of a set of policies to specific interfaces. This separates the policy definition from device implementation specific interface identification. Furthermore, if the same policy is being applied to several interfaces, that policy need be pushed to the device only once, rather than once per interface, as long as the interfaces are configured with the same role combination. When using the BGP/MPLS VPN PIB, the manager SHOULD set the roles according to interfaces VPN membership. The role combination of a customer interface must correspond to the VPNs it belongs to. Hence, the PEP interprets this information and connect interfaces to VRFs accordingly. But such an interpretation is an implementation concern, hence it is out of the scope of the present document. 6. PIB overview This PIB is structured based on the need to configure the VRFs realizing a VPN among the different PE routers, and the parameterization of these VRFs. In addition, the PIB includes tables describing the capabilities and limitations of the device using a general extensible framework [FR- PIB]. These tables are reported to the PDP and assist the PDP with the configuration of VRFs that can be instantiated by the device. Finally, this PIB offers feedback tables in order for the PEP to monitor, record and report specific information. These tables are reported periodically to the PDP based on selection criteria set by the PDP itself. This feedback mechanism follows the feedback extensible framework [FEED-FRWK]. The 3 groups are summarized below in this section. 6.1 Capabilities Group This group consists of PRCs to indicate to the PDP the types of interface supported on the PEP in terms of their BGP/MPLS VPN capabilities (MPLS support, interface type with respect to the BGP/MPLS VPN mechanisms) and PRCs to indicate the device routing capabilities. This group describes capabilities in terms of the types of interfaces and general routing capabilities of the device. The framework PIB [FR-PIB] provides a general extensible framework for defining the capabilities and limitations of the elements listed above. The capability tables allow intelligent configuration of the elements by a PDP. El Mghazli, et al. Expires - August 2003 [Page 6] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 . Routing Capabilities: This table represents routing capabilities of the device (PE) in terms of protocol support, maximum number of routes and maximum number of VRFs in the PE. The configuration of VRFs in the PE must be according to these values. . Interfaces Capabilities: This table represents PE customer interfaces capabilities essentially in terms of MPLS support. An interface can either support MPLS, MPLS TE tunnels or even not support MPLS at all. 6.2 Policy Group This group contains configuration of the functional elements that comprise the BGP/MPLS VPN route distribution policy that applies to a device. This group contains VRFs, Route Targets, interfaces and ORF peers. This group takes configuration in terms of interface types and role combinations [FR-PIB]; it does not deal with individual interfaces on the device. . VRF Table: This table specifies BGP/MPLS VPN VRF Table associated information. Entries in this table define VRF routing instances associated with BGP/MPLS VPN interfaces or sub-interfaces. A specific Route Distinguisher is affected to each VRF in each PE. The whole pool of RDs is managed by the PDP. . Route Target Table: This table contains the objects necessary to configure and monitor route targets for a particular VRF. According to BGP/MPLS VPN framework [2547bis], the configuration of import and export route targets realize topological route distribution policies and, as a consequence, the so-called VPNs. . Interface Table: This table contains configuration information related to customer interfaces participating in BGP/MPLS VPNs. This table takes configuration in terms of interface index, referencing the Role Combination rows [FR-PIB]. . Outbound Route Filtering Peer Table: Outbound Route Filtering resolve a scalability issue of BGP/MPLS VPN mechanism, they enables a PE to know among all the BGP peers which PE might exchange VPN membership and routing information with. This is a network management level information, based on backbone topological information. [BGP-ORF] offers a distributed way to deal with ORFs and the ORF table here offers a centralized way to build ORFs. El Mghazli, et al. Expires - August 2003 [Page 7] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 This class contains the actual BGP peers of the device among all the provider PEs. Based on the information contained in this table, the PE implementation can build BGP ORFs. In case the PE routers uses BGP to exchange ORF capabilities [BGP-ORF], this table should be ignored and each PE router is a potential BGP peer. 6.3 FeedBack Group According to the framework of COPS-PR policy usage feedback [FEED- FRWK], there are three basic types of policy used to define what the PEP is to monitor, record and report. These are the selection criteria policy, the usage policy and the feedback report linkage policy. The selection criteria policy is installed by the PDP. It defines the conditions used by the PEP to monitor and record a usage policy. The selection criteria policy may only be used for defining usage feedback selection criteria. The usage policy defines what attributes are monitored and recorded by the PEP. The usage policies specify counts related to a specific action such as routes being added in a VRF. The PDP decides which PRC(s) best suit(s) its requirements. The PEP may support multiple usage feedback PRCs. The PDP then decides which PRC to associate with a particular selection criterion. A usage feedback policy and selection policy are tightly associated with one another. A third policy, the frwkFeedbackLinkTable, is used to associate, or provide a linkage for the selection and usage policies. The frwkFeedbackLinkTable [FEED-PIB] also specifies when to report the usage feedback. The frwkFeedbackLinkTable entry permits the same selection criteria instance to be re-used for various usage feedback policies. The frwkFeedbackLinkTable contains the value of the selection criteria instance as well as contains the value of the usage feedback PRC. The PDP is not aware of the instance identifier of the usage feedback policy when installing the selection criteria and feedback linkage policies. The usage feedback policy is instantiated on the PEP by the installation of a feedback report linkage and the PEP designates the instance identifier. The usage feedback policy class always contains an attribute of type ReferenceId that contains the instance value of the associated frwkFeedbackLinkTable instance installed by the PDP. . Usage Tables: El Mghazli, et al. Expires - August 2003 [Page 8] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 Route Count: This table contain counters of routes hold by a VRF. The aim of this table is to trigger alarms when the maximum number of routes for a given VRF is nearly exceeded. Label Count: This table contain counters of labels illegally received by a VRF. It is used in the case of interprovider VPNs for PE routers to notify the management system that a given VRF receives packets with non-affected labels for interdomain routes. . Threshold Table: This table contains the thresholds which triggers a report of the counters of either routes or labels. . Selection Table: In the present PIB, this class identifies a VRF to collect usage information from. 7. PIB Usage Example Below is an example of a fulfilled BGP/MPLS VPN PIB. The example given in this section aims at realizing the following configuration in a PE router: +------------------+ +- | +---+ +----+ |ospf | ~~~~~~~~~~~| | M | |VRF |---+----IF1 (intranet VPN1) | | | P |---| 1 |---+----IF2 (intranet VPN1) | | | | +----+ |eBGP | ~~~~~~~~~~~| | i | +----+ | backbone | | | B |---|VRF |---+----IF3 (intranet VPN1 & LSPs | | | G | | 2 | |static extranet VPN2) | ~~~~~~~~~~~| | P | +----+ | | | | | +----+ | | | | 4 |---|VRF |---+----IF4 (inter-SP VPN3) | ~~~~~~~~~~~| | | | 3 | |eBGP +- | +---+ +----+ | +------------------+ Figure 1. PE router example configuration -- Local settings: The following tables are BGP/MPLS VPN specific. They give an example of the routing and interface capabilities for a particular device (PE). These information are sent to the PDP mainly at the beginning of the session. El Mghazli, et al. Expires - August 2003 [Page 9] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 ppvpn2547RoutingCapsTable { Prid=1, DistProtocol=eBGP+OSPF, MaxRoutes=500.000, MaxVrfs=500, BgpOrf = False; } ppvpn2547IfCapsTable { Prid=1, TunnelSupport=mplsTunnel; Prid=2, TunnelSupport=mpls; Prid=3, TunnelSupport=none; } -- Framework PIB: The following tables are defined in the generic framework PIB [FR- PIB]. The PRIs are set by the PDP and sent to the PEP for consistent later configuration. The framework Capability Set table defines the different interface types in terms of the BGP/MPLS VPN capabilities. frwkIfCapSetTable { Prid=1, Name="MPLS", Capability=ppvpn2547IfCaps.2; Prid=2, Name="NONE", Capability=ppvpn2547IfCaps.3; Prid=3, Name="MPLS", Capability=ppvpn2547IfCaps.1; } The framework Role Combination table informs on which interface type each interface belongs to and also affect roles to each interface. The role affected to each interface SHOULD correspond to the VPN membership, as shown in the example bellow: frwkIfRoleComboTable { Prid=1, Roles=VPN1, CapSetName="MPLS", IfIndex=1; Prid=2, Roles=VPN1, CapSetName="NONE", IfIndex=2; Prid=3, Roles=VPN1+VPN2, CapSetName="MPLS", IfIndex=3; Prid=4, Roles=VPN3, CapSetName="MPLS", IfIndex=4; } Do note that two interfaces (IF1 & IF2), corresponding to two distinct sites can belong to the same VPN and be connected to two distinct VRF. -- BGP/MPLS VPN PIB: El Mghazli, et al. Expires - August 2003 [Page 10] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 The following tables are also BGP/MPLS VPN specific and realize routes distribution policies between sites. For further details about each PRCs, read the BGP/MPLS VPN PIB definition in the next section. ppvpn2547VrfTable{ Prid=1, Roles=VPN1, VrfId=1, Descr="Intranet", RD=XX, MaxRoutes=1000; Prid=2, Roles=VPN1+VPN2, VrfId=2, Descr="Extranet", RD=YY, MaxRoutes=2000; Prid=3, Roles=VPN3, VrfId=3, Descr="Carrier's Carrier", RD=ZZ, MaxRoutes=500; } Do note that the roles enable to link an interface or a set of interfaces, according to the VPN membership information. ppvpn2547RouteTargetTable{ Prid=1, Type=both , VrfId=1, RT="VPN1", Decsr="CUG VPN1"; Prid=2, Type=both , VrfId=2, RT="VPN1", Decsr="CUG VPN1"; Prid=3, Type=import, VrfId=2, RT="VPN2-Hub", Descr="Hub Site VPN2"; Prid=4, Type=both, VrfId=3, RT="VPN3", Descr="CC CUG VPN3"; } ppvpn2547IfTable{ Prid=1, IfIndex=1, EdgeType=customerEdge, VpnClassif=enterprise, RouteDistProtocol="OSPF"; Prid=2, IfIndex=2, EdgeType=customerEdge, VpnClassif=enterprise, RouteDistProtocol="eBGP"; Prid=3, IfIndex=3, EdgeType=customerEdge, VpnClassif=enterprise, RouteDistProtocol="none"; Prid=4, IfIndex=4, EdgeType=providerEdge, VpnClassif=cc, RouteDistProtocol="eBGP"; } ppvpn2547OrfPeerTable{ Prid=1, Role=PE, AddrType=Ipv4, Addr=192.123.122.1; Prid=2, Role=PE, AddrType=Ipv4, Addr=192.123.145.5; Prid=3, Role=RR, AddrType=Ipv4, Addr=192.123.12.34; Prid=4, Role=PE, AddrType=Ipv4, Addr=192.156.78.25; Prid=5, Role=PE, AddrType=Ipv4, Addr=192.123.9.125; } -- Feedback El Mghazli, et al. Expires - August 2003 [Page 11] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 The following table is defined in the generic feedback framework PIB [FEED-PIB]. These capabilities information are sent to the PDP mainly at the beginning of the session. frwkFeedbackSelUsageComboCapsTable{ Id=1, Selection=ppvpn2547Selection, Usage=ppvpn2547RouteCountUsage, Threshold=ppvpn2547Threshold; Id=2, Selection=ppvpn2547Selection, Usage=ppvpn2547LabelCountUsage, Threshold=ppvpn2547Threshold; } The following tables are BGP/MPLS VPN specific. The PRIs are set by the PDP and sent to the PEP for periodic reporting. ppvpn2547SelectionTable{ Prid=1, Vrf=ppvpn2547Vrf.1; Prid=2, Vrf=ppvpn2547Vrf.3; } ppvpn2547ThresholdTable{ Prid=1, Thresh=10.000; } The following table is defined in the generic feedback framework PIB [FEED-PIB]. The PRIs are set by the PDP and sent to the PEP for periodic reporting. frwkFeedbackLinkTable{ Id=1, Sel=ppvpn2547Selection.1, Usage=ppvpn2547RouteCountUsage, Interval=10, Threshold=ppvpn2547Treshold.1, Flags=threshold; Id=2, Sel=ppvpn2547Selection.2, Usage=ppvpn2547LabelCountUsage, Interval=20, Threshold=NULL, Flags=changeOnly; } 8. BGP/MPLS VPN PIB Definition 8.1 The BGP/MPLS VPN PIB PPVPN-PIB PIB-DEFINITIONS ::= BEGIN IMPORTS Unsigned32, Integer32, MODULE-IDENTITY, MODULE-COMPLIANCE, OBJECT-TYPE, OBJECT-GROUP, pib, TEXTUAL-CONVENTION FROM COPS-PR-SPPI InstanceId, TagId, TagReferenceId, ReferenceId El Mghazli, et al. Expires - August 2003 [Page 12] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 FROM COPS-PR-SPPI-TC DisplayString FROM SNMPv2-SMI TruthValue FROM SNMPv2-TC RoleCombination FROM FRAMEWORK-TC-PIB InetAddress, InetAddressType FROM INET-ADDRESS-MIB; ppvpn2547PolicyPib MODULE-IDENTITY SUBJECT-CATEGORIES { ppvpn(tbd) } -- PPVPN COPS Client Type -- to be assigned by IANA LAST-UPDATED "200301201800Z" ORGANIZATION "IETF PPVPN WG" CONTACT-INFO " Yacine El Mghazli Alcatel Route de Nozay F-91460 Marcoussis - FRANCE Phone: +33 1 69 63 41 87 Email: yacine.el_mghazli@alcatel.fr Kwok Ho Chan Nortel Networks 600 Technology Park Drive Billerica, MA, 01821 USA Phone: +01 978 288 8175 Email: khchan@nortelnetworks.com" DESCRIPTION "The PIB module containing a set of provisioning classes that describe provider provisioned virtual private networks (PPVPN) policies for BGP/MPLS VPN. It includes general classes that may be extended by other PIB specifications as well as a set of PIB classes related to PPVPNs." REVISION "200207011800Z" DESCRIPTION "Intermediate version -01, published as draft-yacine-ppvpn-2547-pib-01.txt, with mainly the feedback features added." REVISION "200203081800Z" DESCRIPTION "Initial version, published as draft-yacine-ppvpn-2547-pib-00.txt." ::= { pib xxx } -- xxx to be assigned by IANA El Mghazli, et al. Expires - August 2003 [Page 13] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 -- BGP/MPLS VPN specific Textual Conventions. Ppvpn2547RouteDistinguisher ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Syntax for a route distinguisher." SYNTAX OCTET STRING(SIZE (0..256)) Ppvpn2547RouteTarget ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Syntax for a route target." SYNTAX OCTET STRING(SIZE (0..256)) -- BGP/MPLS VPN PIB module ppvpn2547CapabilityClasses OBJECT IDENTIFIER ::= { ppvpn2547PolicyPib 1 } ppvpn2547PolicyClasses OBJECT IDENTIFIER ::= { ppvpn2547PolicyPib 2 } ppvpn2547FeedbackClasses OBJECT IDENTIFIER ::= { ppvpn2547PolicyPib 3 } ppvpn2547PibConformance OBJECT IDENTIFIER ::= { ppvpn2547PolicyPib 4 } -- Capabilities Classes -- -- BGP/MPLS VPN PE Routing Capabilities -- ppvpn2547RoutingCapsTable OBJECT-TYPE SYNTAX SEQUENCE OF Ppvpn2547RoutingCapsEntry PIB-ACCESS notify STATUS current DESCRIPTION "This class represents routing capabilities of a device (PE)." ::= { ppvpn2547CapabilityClasses 1 } ppvpn2547RoutingCapsEntry OBJECT-TYPE SYNTAX Ppvpn2547RoutingCapsEntry STATUS current DESCRIPTION "An instance of the ppvpn2547RoutingCaps class." PIB-INDEX { ppvpn2547RoutingCapsPrid } ::= { ppvpn2547RoutingCapsTable 1 } El Mghazli, et al. Expires - August 2003 [Page 14] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 ppvpn2547RoutingCapsEntry ::= SEQUENCE { ppvpn2547RoutingCapsPrid InstanceId, ppvpn2547RoutingCapsDistProtocol BITS, ppvpn2547RoutingCapsMaxRoutes unsigned32, ppvpn2547RoutingCapsMaxVrfs unsigned32, ppvpn2547RoutingCapsBgpOrf TruthValue } ppvpn2547RoutingCapsPrid OBJECT-TYPE SYNTAX InstanceId STATUS current DESCRIPTION "An arbitrary integer index that uniquely identifies an instance of the class." ::= { ppvpn2547RoutingCapsEntry 1 } ppvpn2547RoutingCapsDistProtocol OBJECT-TYPE SYNTAX BITS { static (0), ebgp (1), ospf (2), rip (3), isis (4) } STATUS current DESCRIPTION "Denotes the route distribution protocol supported by the PE across the PE-CE links. Note that more than one routing protocol may be enabled at the same time." ::= { ppvpn2547RoutingCapsEntry 2 } ppvpn2547RoutingCapsMaxRoutes OBJECT-TYPE SYNTAX Unsigned32 STATUS current DESCRIPTION "Denotes maximum number of routes which this PE is able to hold." ::= { ppvpn2547RoutingCapsEntry 3 } ppvpn2547RoutingCapsMaxVrfs OBJECT-TYPE SYNTAX Unsigned32 STATUS current DESCRIPTION "Denotes maximum number of VRF which this PE is able to hold." ::= { ppvpn2547RoutingCapsEntry 4 } ppvpn2547RoutingCapsBgpOrf OBJECT-TYPE SYNTAX TruthValue El Mghazli, et al. Expires - August 2003 [Page 15] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 STATUS current DESCRIPTION "Denotes if the PEP supports Cooperative Route Filtering Capability for BGP [BGP-ORF]." ::= { ppvpn2547RoutingCapsEntry 5 } -- -- PE Interface Capabilities -- ppvpn2547IfCapsTable OBJECT-TYPE SYNTAX SEQUENCE OF Ppvpn2547IfCapsEntry PIB-ACCESS notify STATUS current DESCRIPTION " This class represents interfaces capabilities of a device (PE) in terms of MPLS support." ::= { ppvpn2547CapabilityClasses 2 } ppvpn2547IfCapsEntry OBJECT-TYPE SYNTAX Ppvpn2547IfCapsEntry STATUS current DESCRIPTION "An instance of the ppvpn2547IfCaps class." PIB-INDEX { ppvpn2547IfCapsPrid } ::= { ppvpn2547IfCapsTable 1 } ppvpn2547IfCapsEntry ::= SEQUENCE { ppvpn2547IfCapsPrid InstanceId, ppvpn2547IfCapsTunnelSupport INTEGER, } ppvpn2547IfCapsPrid OBJECT-TYPE SYNTAX InstanceId STATUS current DESCRIPTION "An arbitrary integer index that uniquely identifies an instance of the class." ::= { ppvpn2547IfCapsEntry 1 } ppvpn2547IfCapsTunnelSupport OBJECT-TYPE SYNTAX INTEGER { none (0), mpls (1), mplsTunnel (2), ipsec (3), l2tp (4), ppp (5), atmVc (6), El Mghazli, et al. Expires - August 2003 [Page 16] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 frDlci (7), gre (8), vLan (9), other (10) } STATUS current DESCRIPTION " Denotes the interface type in accordance with [IFMIB] which states that the interfaces tables contains information on the managed resource's interfaces and each sub-layer bellow the internetwork layer interface is considered as an interface." ::= { ppvpn2547IfCapsEntry 2 } -- Policy Classes -- -- BGP/MPLS VPN VRF Table -- ppvpn2547VrfTable OBJECT-TYPE SYNTAX SEQUENCE OF Ppvpn2547VrfEntry PIB-ACCESS install STATUS current DESCRIPTION "This class specifies BGP/MPLS VPN VRF Table associated information. Entries in this table define VRF instances associated with MPLS/VPN interfaces. Note that multiple interfaces can belong to the same VRF instance." ::= { ppvpn2547PolicyClasses 1 } ppvpn2547VrfEntry OBJECT-TYPE SYNTAX Ppvpn2547VrfEntry STATUS current DESCRIPTION "An entry in this table is created by the provider for every VRF capable of supporting MPLS/BGP VPN." PIB-INDEX { ppvpn2547VrfPrid } UNIQUENESS { ppvpn2547VrfId, ppvpn2547VrfRoles, ppvpn2547VrfRD } ::= { ppvpn2547VrfTable 1 } ppvpn2547VrfEntry ::= SEQUENCE { ppvpn2547VrfPrid InstanceId, ppvpn2547VrfVpnCombo RoleCombination, ppvpn2547VrfId TagReferenceId, ppvpn2547VrfDescription SnmpAdminString, ppvpn2547VrfRD Ppvpn2547RouteDistinguisher, El Mghazli, et al. Expires - August 2003 [Page 17] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 ppvpn2547VrfMaxRoutes Unsigned32 } ppvpn2547VrfPrid OBJECT-TYPE SYNTAX InstanceId STATUS current DESCRIPTION "An arbitrary integer index that uniquely identifies an instance of the class." ::= { ppvpn2547VrfEntry 1 } ppvpn2547VrfVpnCombo OBJECT-TYPE SYNTAX RoleCombination STATUS current DESCRIPTION "The interfaces to which the VRF is attached to, specified in terms of roles. There must exist an entry in the frwkIfRoleComboTable [FR-PIB] specifying this role combination, together with the interface capability set specified by ppvpn2547IfName, prior to association with an instance of this class." ::= { ppvpn2547VrfEntry 2 } ppvpn2547VrfId OBJECT-TYPE SYNTAX TagReferenceId PIB-TAG { ppvpn2547RouteTargetVrfId } STATUS current DESCRIPTION "Identifies a VRF instance." ::= { ppvpn2547VrfEntry 3 } ppvpn2547VrfDescription OBJECT-TYPE SYNTAX SnmpAdminString STATUS current DESCRIPTION "The human-readable description of this VRF." ::= { ppvpn2547VrfEntry 4 } ppvpn2547VrfRD OBJECT-TYPE SYNTAX Ppvpn2547RouteDistinguisher STATUS current DESCRIPTION "The route distinguisher for this VRF." ::= { ppvpn2547VrfEntry 5 } ppvpn2547VrfMaxRoutes OBJECT-TYPE SYNTAX Unsigned32 STATUS current DESCRIPTION El Mghazli, et al. Expires - August 2003 [Page 18] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 "Denotes maximum number of routes which this VRF is configured to hold." ::= { ppvpn2547VrfEntry 6 } -- -- BGP/MPLS VPN Route Target Table -- ppvpn2547RouteTargetTable OBJECT-TYPE SYNTAX SEQUENCE OF Ppvpn2547RouteTargetEntry PIB-ACCESS install STATUS current DESCRIPTION "This table specifies per-VRF route target association. Each entry identifies a connectivity policy supported as part of a VPN." ::= { ppvpn2547PolicyClasses 2 } ppvpn2547RouteTargetEntry OBJECT-TYPE SYNTAX Ppvpn2547RouteTargetEntry STATUS current DESCRIPTION "An entry in this table is created for each route target configured for a VRF supporting a MPLS/BGP VPN instance." PIB-INDEX { ppvpn2547RouteTargetPrid} UNIQUENESS { ppvpn2547RouteTargetVrfId, ppvpn2547RouteTargetType, ppvpn2547RouteTargetPrecedence, ppvpn2547RouteTargetRT } ::= { ppvpn2547RouteTargetTable 1 } ppvpn2547RouteTargetEntry ::= SEQUENCE { ppvpn2547RouteTargetPrid InstanceId, ppvpn2547RouteTargetType INTEGER, ppvpn2547RouteTargetVrfId TagId, ppvpn2547RouteTargetRT Ppvpn2547RouteTarget, ppvpn2547RouteTargetDescr DisplayString } ppvpn2547RouteTargetPrid OBJECT-TYPE SYNTAX InstanceId STATUS current DESCRIPTION "An arbitrary integer index that uniquely identifies an instance of the class." ::= { ppvpn2547RouteTargetEntry 1 } El Mghazli, et al. Expires - August 2003 [Page 19] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 ppvpn2547RouteTargetType OBJECT-TYPE SYNTAX INTEGER { import(1), export(2), both(3) } STATUS current DESCRIPTION "The route target distribution type." ::= { ppvpn2547RouteTargetEntry 2 } ppvpn2547RouteTargetVrfId OBJECT-TYPE SYNTAX TagId STATUS current DESCRIPTION "A VRF is composed of an import RT list and a export RT list. Each RT belonging to the same VRF uses the same VRF ID. Hence, a VRF Id identifies which this RT is a part of. This needs to be the value of ppvpn2547VrfId attribute for an existing instance of ppvpn2547VrfEntry." ::= { ppvpn2547RouteTargetEntry 3 } ppvpn2547RouteTargetRT OBJECT-TYPE SYNTAX Ppvpn2547RouteTarget STATUS current DESCRIPTION "The route target value." ::= { ppvpn2547RouteTargetEntry 4 } ppvpn2547RouteTargetDescr OBJECT-TYPE SYNTAX DisplayString STATUS current DESCRIPTION "Description of the route target." ::= { ppvpn2547RouteTargetEntry 5 } -- -- BGP/MPLS VPN Interface Table -- ppvpn2547IfTable OBJECT-TYPE SYNTAX SEQUENCE OF Ppvpn2547IfEntry PIB-ACCESS install STATUS current DESCRIPTION "This table specifies per customer interface configuration information ." ::= { ppvpn2547PolicyClasses 3 } ppvpn2547IfEntry OBJECT-TYPE El Mghazli, et al. Expires - August 2003 [Page 20] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 SYNTAX Ppvpn2547IfEntry STATUS current DESCRIPTION "An entry in this table is created for every interface type supporting MPLS/BGP VPN. Each entry in this table is meant to correspond to an entry in the Interfaces Table." PIB-INDEX { ppvpn2547IfPrid } UNIQUENESS { ppvpn2547IfRoles, ppvpn2547IfName } ::= { ppvpn2547IfTable 1 } ppvpn2547IfEntry ::= SEQUENCE { ppvpn2547IfPrid InstanceId, ppvpn2547IfIndex ReferenceId, ppvpn2547IfEdgeType INTEGER, ppvpn2547IfVpnClassification INTEGER, ppvpn2547IfRouteDistProtocol BITS } ppvpn2547IfPrid OBJECT-TYPE SYNTAX InstanceId STATUS current DESCRIPTION "An arbitrary integer index that uniquely identifies an instance of the class." ::= { ppvpn2547IfEntry 1 } ppvpn2547IfIndex OBJECT-TYPE SYNTAX ReferenceId PIB-REFERENCES { frwkRoleCombinationEntry } STATUS current DESCRIPTION "The interface capability set to configure. The interface capability name specified by this attribute must exist in the frwkIfCapSetTable [FR-PIB] prior to association with an instance of this class." ::= { ppvpn2547IfEntry 2 } ppvpn2547IfCustomerEdgeType OBJECT-TYPE SYNTAX INTEGER { providerEdge (1) customerEdge (2) } STATUS current DESCRIPTION " The Customer Edge can be either another Provider Edge (PE) in the case of a multi-AS VPN or a stub Customer Edge (CE) in case of an enterprise VPN. Either the providerEdge (PE) or customerEdge (CE) bit must be set accordingly." El Mghazli, et al. Expires - August 2003 [Page 21] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 ::= { ppvpn2547IfEntry 3 } ppvpn2547IfVpnClassification OBJECT-TYPE SYNTAX INTEGER { enterprise (1), cc (2), interProviderOption1 (3) interProviderOption2 (4) interProviderOption3 (5) } STATUS current DESCRIPTION "Denotes which VPN scenario this PE-CE link participates in: - enterprise - carrier's carrier - inter-provider option 1 (VRF-to-VRF connections) - inter-provider option 2 (MP-eBGP redistribution) - inter-provider option 3 (multi-hop MP-eBGP)" ::= { ppvpn2547IfEntry 4 } ppvpn2547IfRouteDistProtocol OBJECT-TYPE SYNTAX BITS { none (0), ebgp (1), ospf (2), rip (3), isis (4) } STATUS current DESCRIPTION "Denotes the route distribution protocol across the customer interface protocol. Note that more than one routing protocol may be enabled at the same time. Moreover, according to [2547bis], in the case this interface participates in a hierarchical (CsC) or recursive (multi-AS) VPN, the routing protocol accross this PE-CE link must be eBGP." ::= { ppvpn2547IfEntry 5 } -- -- BGP/MPLS VPN ORF Peer Table -- ppvpn2547OrfPeerTable OBJECT-TYPE SYNTAX SEQUENCE OF Ppvpn2547OrfPeerEntry PIB-ACCESS install STATUS current DESCRIPTION "Each entry in this table specifies a iBGP peer of the El Mghazli, et al. Expires - August 2003 [Page 22] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 device." ::= { ppvpn2547PolicyClasses 4 } ppvpn2547OrfPeerEntry OBJECT-TYPE SYNTAX Ppvpn2547OrfPeerEntry STATUS current DESCRIPTION "An entry in this table is created by the PDP for every distinct PE which may exchange VPN membership and reachability in formation with the device." PIB-INDEX { ppvpn2547OrfPeerPrid } UNIQUENESS { ppvpn2547OrfPeerAddrType, ppvpn2547OrfPeerAddr } ::= { ppvpn2547OrfPeerTable 1 } ppvpn2547OrfPeerEntry ::= SEQUENCE { ppvpn2547OrfPeerPrid InstanceId, ppvpn2547OrfPeerRole INTEGER, ppvpn2547OrfPeerAddrType InetAddressType, ppvpn2547OrfPeerAddr InetAddress } ppvpn2547OrfPeerPrid OBJECT-TYPE SYNTAX InstanceId STATUS current DESCRIPTION "An arbitrary integer index that uniquely identifies an instance of the class." ::= { ppvpn2547OrfPeerEntry 1 } ppvpn2547OrfPeerRole OBJECT-TYPE SYNTAX INTEGER { pe(1), rr(2) } STATUS current DESCRIPTION "Denotes the role played by this BGP peer. rr(0) stands for Route Reflector, pe(1) stands for Provider Edge" ::= { ppvpn2547OrfPeerEntry 2 } ppvpn2547OrfPeerAddrType OBJECT-TYPE SYNTAX InetAddressType STATUS current DESCRIPTION "Denotes the address family of the PE address." ::= { ppvpn2547OrfPeerEntry 3 } ppvpn2547OrfPeerAddr OBJECT-TYPE El Mghazli, et al. Expires - August 2003 [Page 23] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 SYNTAX InetAddress STATUS current DESCRIPTION "Denotes the EBGP neighbor address." ::= { ppvpn2547OrfPeerEntry 4 } -- BGP/MPLS VPN Feedback Classes -- -- BGP/MPLS VPN Route Count Usage Table -- ppvpn2547RouteCountUsageTable OBJECT-TYPE SYNTAX SEQUENCE OF Ppvpn2547RouteCountUsageEntry PIB-ACCESS report-only STATUS current DESCRIPTION "This class defines the usage attributes that the PEP is to monitor for VRFs. All routes hold by the VRF are counted. It also contains the PRID of the linkage instance associating the selection criteria with the usage instance." ::= { ppvpn2547FeedbackClasses 1 } ppvpn2547RouteCountUsageEntry OBJECT-TYPE SYNTAX Ppvpn2547RouteCountUsageEntry STATUS current DESCRIPTION "Defines the attributes the PEP is to monitor, record and report." PIB-INDEX { ppvpn2547RouteCountUsagePrid } UNIQUENESS { ppvpn2547RouteCountUsageLinkRefId } ::= { ppvpn2547RouteCountUsageTable 1 } ppvpn2547RouteCountUsageEntry ::= SEQUENCE { ppvpn2547RouteCountUsagePrid InstanceId, ppvpn2547RouteCountUsageLinkRefId ReferenceId, ppvpn2547RouteCountUsageCount Counter32 } ppvpn2547RouteCountUsagePrid OBJECT-TYPE SYNTAX InstanceId STATUS current DESCRIPTION "An arbitrary integer index that uniquely identifies an instance of the class." ::= { ppvpn2547RouteCountUsageEntry 1 } El Mghazli, et al. Expires - August 2003 [Page 24] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 ppvpn2547RouteCountUsageLinkRefId OBJECT-TYPE SYNTAX ReferenceId PIB-REFERENCES { frwkFeedBackLinkEntry } STATUS current DESCRIPTION "The ReferenceId of the Linkage Policy instance used to base this usage policy instance upon." ::= { ppvpn2547RouteCountUsageEntry 2 } ppvpn2547RouteCountUsageCount OBJECT-TYPE SYNTAX Counter32 STATUS current DESCRIPTION "The count of Routes hold by the assocuiated VRF during the reporting interval." ::= { ppvpn2547RouteCountUsageEntry 3 } -- -- BGP/MPLS VPN Label Count Usage Table -- ppvpn2547LabelCountUsageTable OBJECT-TYPE SYNTAX SEQUENCE OF Ppvpn2547LabelCountUsageEntry PIB-ACCESS report-only STATUS current DESCRIPTION "This class defines the usage attributes that the PEP is to monitor for VRFs. All labels illegally received by the VRF are counted. It also contains the PRID of the linkage instance associating the selection criteria with the usage instance." ::= { ppvpn2547FeedbackClasses 2 } ppvpn2547LabelCountUsageEntry OBJECT-TYPE SYNTAX Ppvpn2547LabelCountUsageEntry STATUS current DESCRIPTION "Defines the attributes the PEP is to monitor, record and report." PIB-INDEX { ppvpn2547LabelCountUsagePrid } UNIQUENESS { ppvpn2547LabelCountUsageLinkRefId } ::= { ppvpn2547LabelCountUsageTable 1 } ppvpn2547LabelCountUsageEntry ::= SEQUENCE { ppvpn2547LabelCountUsagePrid InstanceId, ppvpn2547LabelCountUsageLinkRefId ReferenceId, ppvpn2547LabelCountUsageCount Counter32 } El Mghazli, et al. Expires - August 2003 [Page 25] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 ppvpn2547LabelCountUsagePrid OBJECT-TYPE SYNTAX InstanceId STATUS current DESCRIPTION "An arbitrary integer index that uniquely identifies an instance of the class." ::= { ppvpn2547LabelCountUsageEntry 1 } ppvpn2547LabelCountUsageLinkRefId OBJECT-TYPE SYNTAX ReferenceId PIB-REFERENCES { frwkFeedBackLinkEntry } STATUS current DESCRIPTION "The ReferenceId of the Linkage Policy instance used to base this usage policy instance upon." ::= { ppvpn2547LabelCountUsageEntry 2 } ppvpn2547LabelCountUsageCount OBJECT-TYPE SYNTAX Counter32 STATUS current DESCRIPTION "The count of labels illegally received by the associated VRF during the reporting interval." ::= { ppvpn2547LabelCountUsageEntry 3 } -- -- BGP/MPLS VPN Threshold Table -- ppvpn2547ThresholdTable OBJECT-TYPE SYNTAX SEQUENCE OF Ppvpn2547ThresholdEntry PIB-ACCESS install STATUS current DESCRIPTION "This class defines the threshold attributes corresponding to usage attributes specified in the ppvpn2547RouteCountUsageTable and ppvpn2547LabelCountUsageTable classes." ::= { ppvpn2547FeedbackClasses 3 } ppvpn2547ThresholdEntry OBJECT-TYPE SYNTAX Ppvpn2547ThresholdEntry STATUS current DESCRIPTION "Defines the attributes to hold thershold values." PIB-INDEX { ppvpn2547ThresholdPrid } ::= { ppvpn2547ThresholdTable 1 } El Mghazli, et al. Expires - August 2003 [Page 26] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 ppvpn2547ThresholdEntry ::= SEQUENCE { ppvpn2547ThresholdPrid InstanceId, ppvpn2547ThresholdThresh Unsigned32 } ppvpn2547ThresholdPrid OBJECT-TYPE SYNTAX InstanceId STATUS current DESCRIPTION "An arbitrary integer index that uniquely identifies an instance of the class." ::= { ppvpn2547ThresholdEntry 1 } ppvpn2547ThresholdThresh OBJECT-TYPE SYNTAX Unsigned32 STATUS current DESCRIPTION "The threshold, in terms of number of routes or labels, that must be exceeded to trigger a report in the next reporting interval." ::= { ppvpn2547ThresholdEntry 2 } -- -- BGP/MPLS VPN VRF Selection Table -- ppvpn2547VrfSelectionTable OBJECT-TYPE SYNTAX SEQUENCE OF Ppvpn2547VrfSelectionEntry PIB-ACCESS install STATUS current DESCRIPTION "This class defines a selection criteria that identifies a specific VRF to collect usage information from." ::= { ppvpn2547FeedbackClasses 4 } ppvpn2547VrfSelectionEntry OBJECT-TYPE SYNTAX Ppvpn2547VrfSelectionEntry STATUS current DESCRIPTION "Defines the attributes of the selection criteria identifying a specific policy where to monitor the associated usage." PIB-INDEX { ppvpn2547VrfSelectionPrid } UNIQUENESS { ppvpn2547VrfSelectionVrf } ::= { ppvpn2547VrfSelectionTable 1 } ppvpn2547VrfSelectionEntry ::= SEQUENCE { ppvpn2547VrfSelectionPrid InstanceId, ppvpn2547VrfSelectionId ReferenceId El Mghazli, et al. Expires - August 2003 [Page 27] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 } ppvpn2547VrfSelectionPrid OBJECT-TYPE SYNTAX InstanceId STATUS current DESCRIPTION "An arbitrary integer index that uniquely identifies an instance of the class." ::= { ppvpn2547VrfSelectionEntry 1 } ppvpn2547VrfSelectionId OBJECT-TYPE SYNTAX ReferenceId PIB-REFERENCES { ppvpn2547VrfEntry } STATUS current DESCRIPTION "The Prid of the VRF that one wants to collect usage information from." ::= { ppvpn2547VrfSelectionEntry 2 } -- Conformance Section ppvpn2547PibCompliances OBJECT IDENTIFIER ::= { ppvpn2547PibConformance 1 } ppvpn2547PibGroups OBJECT IDENTIFIER ::= { ppvpn2547PibConformance 2 } ppvpn2547PibCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "Describes the requirements for conformance to the PPVPN BGP/MPLS VPN Policy PIB." MODULE -- this module MANDATORY-GROUPS { ppvpn2547PibVrfGroup, ppvpn2547PibRouteTargetGroup, ppvpn2547PibIfGroup, ppvpn2547PibOrfPeerGroup, ppvpn2547PibRouteGroup, ppvpn2547PibRouteCountUsageGroup, ppvpn2547PibLabelCountUsageGroup, ppvpn2547PibThresholdGroup, ppvpn2547PibVrfSelectionGroup } ::= { ppvpn2547PibCompliances 1 } ppvpn2547PibVrfGroup OBJECT-GROUP OBJECTS { ppvpn2547VrfRoles, El Mghazli, et al. Expires - August 2003 [Page 28] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 ppvpn2547VrfIfName, ppvpn2547VrfId, ppvpn2547VrfDescription, ppvpn2547VrfRD, ppvpn2547VrfMaxRoutes } STATUS current DESCRIPTION "The VRF Group defines the PIB Objects that describe a VRF." ::= { ppvpn2547PibGroups 1 } ppvpn2547PibRouteTargetGroup OBJECT-GROUP OBJECTS { ppvpn2547RouteTargetType, ppvpn2547RouteTargetVrfId, ppvpn2547RouteTargetRT, ppvpn2547RouteTargetDescr } STATUS current DESCRIPTION "The Route Target Group defines the PIB Objects that describe a Route Target." ::= { ppvpn2547PibGroups 2 } ppvpn2547PibIfGroup OBJECT-GROUP OBJECTS { ppvpn2547IfIndex, ppvpn2547IfVpnClassification, ppvpn2547IfRouteDistProtocol } STATUS current DESCRIPTION "The Interface Group defines the PIB Objects that describe a Interface." ::= { ppvpn2547PibGroups 3 } ppvpn2547PibOrfPeerGroup OBJECT-GROUP OBJECTS { ppvpn2547OrfPeerVrfId, ppvpn2547OrfPeerRole, ppvpn2547OrfPeerAddrType, ppvpn2547OrfPeerAddr } STATUS current DESCRIPTION "The BGP Peer Group defines the PIB Objects that describe a BGP Peer." ::= { ppvpn2547PibGroups 4 } ppvpn2547PibRouteCountUsageGroup OBJECT-GROUP OBJECTS { ppvpn2547RouteCountUsageLinkRefId, El Mghazli, et al. Expires - August 2003 [Page 29] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 ppvpn2547RouteCountUsageCount } STATUS current DESCRIPTION "The Route Count Usage Group defines the PIB Objects that describe a Route Count Usage class." ::= { ppvpn2547PibGroups 5 } ppvpn2547PibLabelCountUsageGroup OBJECT-GROUP OBJECTS { ppvpn2547LabelCountUsageLinkRefId, ppvpn2547LabelCountUsageCount } STATUS current DESCRIPTION "The Label Count Usage Group defines the PIB Objects that describe a Label Count Usage class." ::= { ppvpn2547PibGroups 6 } ppvpn2547PibThresholdGroup OBJECT-GROUP OBJECTS { ppvpn2547ThresholdThresh } STATUS current DESCRIPTION "The Threshold Group defines the PIB Objects that describe a Threshold class." ::= { ppvpn2547PibGroups 7 } ppvpn2547PibVrfSelectionGroup OBJECT-GROUP OBJECTS { ppvpn2547VrfSelectionId } STATUS current DESCRIPTION "The VRF Selection Group defines the PIB Objects that describe a VRF Selection class." ::= { ppvpn2547PibGroups 8 } END 9. Subject Category Considerations The numbering space used for the BGP/MPLS VPN PIB, as indicated by the SUBJECT-CATEGORIES clause, will be assigned by the Internet Assigned Numbers Authority (IANA). Notice the numbering space used by SUBJECT-CATEGORIES maps to the Client Type numbering space in [COPS- PR]. This relationship is detailed in section 7.1 of [SPPI]. Due to the fact that Client Type value of 1 has already been used by [COPS- RSVP], the numbering space for SUBJECT-CATEGORIES will need to start with the value of 2. El Mghazli, et al. Expires - August 2003 [Page 30] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 Other PIB Modules may use the same SUBJECT-CATEGORIES as this BGP/MPLS VPN PIB Module. In such situations, PRC numbering space under a specific SUBJECT-CATEGORIES should be coordinated with existing PIB Modules using the same SUBJECT-CATEGORIES. 10. Intellectual Property Considerations The IETF is being notified of intellectual property rights claimed in regard to some or all of the specification contained in this document. For more information consult the online list of claimed rights. 11. IANA Considerations This document standardizes a Policy Information Base (PIB) module, requesting an IANA assigned PIB number. Security Considerations The information contained in a PIB when transported by the COPS protocol [COPS-PR] are sensitive, and its function of provisioning a PEP/EP requires that only authorized communication take place. The use of IPSEC between PDP and PEP, as described in [COPS], provides the necessary protection against these threats. Normative References [STD] Bradner, S., "The Internet Standards Process -- Revision 3", BCP 9, RFC 2026, October 1996. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997 [2547bis] Rosen, E., Rekhter, Y., Bogovic, T., Brannon, S., Carugi, M., Chase, C., Chung, T., De Clercq, J., Dean, E., Hitchin, P., Leelanivas, M., Marshall, D., Martini, L., Srinivasan, V., Vedrenne, A., "BGP/MPLS VPNs", Internet Draft , October 2002. [MPLSArch] Rosen, E., Viswanathan, A., and R. Callon, "Multiprotocol Label Switching Architecture", RFC3031, January 2001. El Mghazli, et al. Expires - August 2003 [Page 31] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 [VPN-RFC2685] Fox B., et al, "Virtual Private Networks Identifier", RFC 2685, September 1999. [LSR-MIB] Srinivasan, C., Viswanathan, A. and T. Nadeau, "MPLS Label Switch Router Management Information Base Using SMIv2", Internet Draft , October 2002. [TE-MIB] Srinivasan, C., Viswanathan, A. and T. Nadeau, "MPLS Traffic Engineering Management Information Base Using SMIv2", Internet Draft , November 2002. [FTN-MIB] T. Nadeau, C. Srinivasan, A. Viswanathan, "Multiprotocol Label Switching (MPLS) FEC-To-NHLFE (FTN) Management Information Base", draft-ietf-mpls-ftn-mib-05.txt, November 2002. [MPLS-VPN-MIB] Nadeau, T., Fang, L. Chiussi, F., Dube, J., Tatham, M and H. van der Linde, "MPLS/BGP Virtual Private Network Management Information Base Using SMIv2", Internet Draft , November 2002. [BGP-ORF] Chen, Rekhter, "Cooperative Route Filtering Capability for BGP-4", Internet Draft , January 2003. [BGP4-MIB] J. Haas, S. Hares, S. Willis, J. Burruss, J. Chu, "Definitions of Managed Objects for the Fourth Version of Border Gateway Protocol (BGP-4)", draft-ietf-idr-bgp4-mib-18.txt, October 2002. [COPS] Boyle, J., Cohen, R., Durham, D., Herzog, S., Rajan, R., and A. Sastry, "The COPS (Common Open Policy Service) Protocol" RFC 2748, January 2000. [COPS-PR] K. Chan, D. Durham, S. Gai, S. Herzog, K. McCloghrie, F. Reichmeyer, J. Seligson, A. Smith, R. Yavatkar, "COPS Usage for Policy Provisioning,", RFC 3084, March 2001 [COPS-PPVPN] Y. El Mghazli, "A COPS client-type for PPVPN", work in progress. [SPPI] K. McCloghrie, M. Fine, J. Seligson, K. Chan, S. Hahn, R. Sahita, A. Smith, F. Reichmeyer, "Structure of Policy Provisioning Information", RFC 3159, August 2001. [FR-PIB] M. Fine, K. McCloghrie, J. Seligson, K. Chan, S. Hahn, R. Sahita, A. Smith, F. Reichmeyer, "Framework Policy Information El Mghazli, et al. Expires - August 2003 [Page 32] Internet Draft draft-yacine-ppvpn-2547bis-pib-02.txt February 2003 Base", Internet Draft , June 2002. [RAP-FRWK] R. Yavatkar, D. Pendarakis, "A Framework for Policy-based Admission Control", RFC 2753, January 2000. [FEED-PIB] D. Rawlins, A. Kulkarni, K.H. Chan, M. Bokaemper, D. Dutt, "Framework of COPS-PR Policy Information base Usage Feedback", Internet Draft , March 2002. [FEED-FRWK] D. Rawlins, A. Kulkarni, "Framework of COPS-PR Policy Usage Feedback", Internet Draft , March 2002. [SNMP-SMI] K. McCloghrie, D. Perkins, J. Schoenwaelder, J. Case, M. Rose and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [IFMIB] K. McCloghrie, F. Kastenholz, "The Interfaces Group MIB using SMIv2", RFC 2233, November 1997. [INETADDRESS] Daniele, M., Haberman, B., Routhier, S., Schoenwaelder, J., "Textual Conventions for Internet Network Addresses.", RFC 2851, June 2000. Acknowledgments This PIB builds on all the work that has gone into the BGP/MPLS VPN Management Information Base [MPLS-VPN-MIB]. Special thanks also to J. De Clercq for his valuable comments. Author's Addresses Yacine El Mghazli Alcatel Route de Nozay 91460 Marcoussis - FRANCE Phone: +33 1 69 63 41 87 Email: yacine.el_mghazli@alcatel.fr Kwok Ho Chan Nortel Networks 600 Technology Park Drive Billerica, MA, 01821 USA El Mghazli, et al. Expires - August 2003 [Page 33] Internet Draft draft-yacine-pana-cops-ep-00.txt February 2003 Phone: +01 978 288 8175 Email: khchan@nortelnetworks.com El Mghazli Expires - August 2003 [Page 34] Internet Draft draft-yacine-pana-cops-ep-00.txt February 2003 Full Copyright Statement "Copyright (C) The Internet Society (2003). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. El Mghazli Expires - August 2003 [Page 35]