Internet Engineering Task Force J. Schoenwaelder Internet-Draft Jacobs University Intended status: Standards Track C. Zhou Expires: January 5, 2013 Huawei Technologies T. Tsou Huawei Technologies (USA) C. Xie China Telecom July 4, 2012 Definition of Managed Objects for Lightweight 4over6 Transition Technology draft-zhou-softwire-lw4o6-mib-00 Abstract This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it defines objects for managing Lightweight 4over6 transition technology. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on January 5, 2013. Copyright Notice Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents Schoenwaelder, et al. Expires January 5, 2013 [Page 1] Internet-Draft Lightweight 4over6 MIB July 2012 carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. The Internet-Standard Management Framework . . . . . . . . . . 3 3. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 4. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 5. Relationship to Other MIB Modules . . . . . . . . . . . . . . 4 6. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 4 7. Security Considerations . . . . . . . . . . . . . . . . . . . 12 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 13 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 13 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 13 10.1. Normative References . . . . . . . . . . . . . . . . . . 13 10.2. Informative References . . . . . . . . . . . . . . . . . 14 Schoenwaelder, et al. Expires January 5, 2013 [Page 2] Internet-Draft Lightweight 4over6 MIB July 2012 1. Introduction This memo defines a portion of the Management Information Base (MIB) for use with network management protocols. In particular, it defines objects for managing the Lightweight 4over6 transition technology. The management of the network address translation function of Lightweight 4over6 initiators is expected to be handled by an updated version of the NAT-MIB [RFC4008], perhaps with a small Lightweight 4over6 specific addition. 2. The Internet-Standard Management Framework For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580]. 3. Conventions The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. 4. Overview The MIB module is organized into a group of scalars and tables. TODO: Add more details! The OID tree structure of the MIB module is shown below. Schoenwaelder, et al. Expires January 5, 2013 [Page 3] Internet-Draft Lightweight 4over6 MIB July 2012 --lw4o6Mib(1.3.6.1.2.1.XXXX) +--lw4o6Objects(1) +--lw4o6IfTable(1) | +--lw4o6IfEntry(1) [lw4o6IfIndex] | +-- --- InterfaceIndex lw4o6IfIndex(1) | +-- rwn Bits lw4o6IfIcmpControl(2) | +-- r-n Counter32 lw4o6IfBindingMatchFailures(3) | +-- r-n Counter32 lw4o6IfNoBindingFailures(4) +--lw4o6BindTable(2) +--lw4o6BindEntry(1) [lw4o6BindIfIndex,lw4o6BindIndex] +-- --- InterfaceIndex lw4o6BindIfIndex(1) +-- --- BindingIndex lw4o6BindIndex(2) +-- r-n Enumeration lw4o6BindType(3) +-- r-n InetAddressIPv6 lw4o6BindIPv6Address(4) +-- r-n InetAddressIPv4 lw4o6BindIPv4Address(5) +-- r-n Integer32 lw4o6BindPortRangeValue(6) +-- r-n Integer32 lw4o6BindPortRangeMask(7) +-- r-n Integer32 lw4o6BindRandomFunction(8) +-- r-n Integer32 lw4o6BindRandomStartingPoint(9) +-- r-n OctetString lw4o6BindRandomKey(10) +-- r-n Integer32 lw4o6BindNumberOfPorts(11) +-- r-n Gauge32 lw4o6BindNumberOfPortsUsed(12) +-- r-n Counter32 lw4o6BindPortAllocationFailures(13) 5. Relationship to Other MIB Modules The MIB module IMPORTS definitions from SNMPv2-SMI [RFC2578], SNMPv2-TC [RFC2579], SNMPv2-CONF [RFC2580], SNMP-FRAMEWORK-MIB [RFC3411], IF-MIB [RFC2863], and INET-ADDRESS-MIB [RFC4001]. 6. Definitions LW4O6-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, Gauge32, Counter32, mib-2 FROM SNMPv2-SMI -- RFC 2578 TEXTUAL-CONVENTION FROM SNMPv2-TC -- RFC 2579 OBJECT-GROUP, MODULE-COMPLIANCE FROM SNMPv2-CONF -- RFC 2580 InterfaceIndex FROM IF-MIB -- RFC 2863 InetAddressIPv4, InetAddressIPv6 FROM INET-ADDRESS-MIB; -- RFC 4001 lw4o6Mib MODULE-IDENTITY Schoenwaelder, et al. Expires January 5, 2013 [Page 4] Internet-Draft Lightweight 4over6 MIB July 2012 LAST-UPDATED "201207040000Z" ORGANIZATION "Huawei Technologies" CONTACT-INFO "Cathy Zhou Huawei Technologies Email: cathyzhou@huawei.com Tina Tsou Huawei Technologies (USA) Email: tina.tsou.zouting@huawei.com" DESCRIPTION "The MIB module for managing the Lightweight 4over6 transition technology. Copyright (c) 2012 IETF Trust and the persons identified as authors of the code. All rights reserved. Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info)." REVISION "201207040000Z" DESCRIPTION "Initial version, published as RFC XXXX." -- RFC Ed.: replace XXXX with actual RFC number & remove this note ::= { mib-2 XXXX } lw4o6Notifications OBJECT IDENTIFIER ::= { lw4o6Mib 0 } lw4o6Objects OBJECT IDENTIFIER ::= { lw4o6Mib 1 } lw4o6Conformance OBJECT IDENTIFIER ::= { lw4o6Mib 2 } -- Textual convention definitions: BindingIndex ::= TEXTUAL-CONVENTION DISPLAY-HINT "d" STATUS current DESCRIPTION "A unique value, greater than zero, identifying a Lightweight 4over6 binding. The value for each binding must remain constant at least from one re-initialization of the Lightweight 4over6 subsystem to the next re-initialization." SYNTAX Integer32 (1..2147483647) Schoenwaelder, et al. Expires January 5, 2013 [Page 5] Internet-Draft Lightweight 4over6 MIB July 2012 -- Object definitions: -- lw4o6IfTable: lw4o6IfTable OBJECT-TYPE SYNTAX SEQUENCE OF Lw4o6IfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The lw4o6IfTable extends the interface table providing information about Lightweight 4over6 specific error conditions and it controls the interface specific handling of detected error situations." ::= { lw4o6Objects 1 } lw4o6IfEntry OBJECT-TYPE SYNTAX Lw4o6IfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry of the lw4o6IfTable providing information about Lightweight 4over6 statistics if an interface." INDEX { lw4o6IfIndex } ::= { lw4o6IfTable 1 } Lw4o6IfEntry ::= SEQUENCE { lw4o6IfIndex InterfaceIndex, lw4o6IfIcmpControl BITS, lw4o6IfBindingMatchFailures Counter32, lw4o6IfNoBindingFailures Counter32 } lw4o6IfIndex OBJECT-TYPE SYNTAX InterfaceIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "The network interface the Lightweight 4over6 statistics are associated with." ::= { lw4o6IfEntry 1 } lw4o6IfIcmpControl OBJECT-TYPE SYNTAX BITS { icmpOnMatchFailure(0), icmpOnBindingFailure(1) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object controls the generation of ICMP messages on certain failures. Schoenwaelder, et al. Expires January 5, 2013 [Page 6] Internet-Draft Lightweight 4over6 MIB July 2012 If the icmpOnMatchFailure(0) bit is set, then an ICMP message is generated when an encapsulated packet is received that does not match a valid binding. If the icmpOnBindingFailure(1) bit is set, then an ICMP message is generated if a packet is received for which there is no valid binding." ::= { lw4o6IfEntry 2 } lw4o6IfBindingMatchFailures OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets received over this interfaces that have been dropped by the concentrator because the IPv6 source address of the outer header or the IPv4 source address or the port number of the inner header did not match a valid binding." ::= { lw4o6IfEntry 3 } lw4o6IfNoBindingFailures OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets received over this interfaces that have been dropped by the concentrator because the IPv4 address and port number of a received IPv4 packet does not match a valid binding." ::= { lw4o6IfEntry 4 } -- lw4o6IfBindTable: lw4o6BindTable OBJECT-TYPE SYNTAX SEQUENCE OF Lw4o6BindEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The lw4o6IfBindTable extends the interface table providing information about Lightweight 4over6 bindings." ::= { lw4o6Objects 2 } lw4o6BindEntry OBJECT-TYPE SYNTAX Lw4o6BindEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry of the lw4o6IfBindTable providing information about Schoenwaelder, et al. Expires January 5, 2013 [Page 7] Internet-Draft Lightweight 4over6 MIB July 2012 Lightweight 4over6 bindings." INDEX { lw4o6BindIfIndex, lw4o6BindIndex } ::= { lw4o6BindTable 1 } -- DISCUSS: Is the binding table a per interface table or a global -- table? Lw4o6BindEntry ::= SEQUENCE { lw4o6BindIfIndex InterfaceIndex, lw4o6BindIndex BindingIndex, lw4o6BindType INTEGER, lw4o6BindIPv6Address InetAddressIPv6, lw4o6BindIPv4Address InetAddressIPv4, lw4o6BindPortRangeValue Integer32, lw4o6BindPortRangeMask Integer32, lw4o6BindRandomFunction Integer32, lw4o6BindRandomStartingPoint Integer32, lw4o6BindRandomKey OCTET STRING, lw4o6BindNumberOfPorts Integer32, lw4o6BindNumberOfPortsUsed Gauge32, lw4o6BindPortAllocationFailures Counter32 } lw4o6BindIfIndex OBJECT-TYPE SYNTAX InterfaceIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "The interface the Lightweight 4over6 bindings are associated with." ::= { lw4o6BindEntry 1 } lw4o6BindIndex OBJECT-TYPE SYNTAX BindingIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index uniquely identifying a binding." ::= { lw4o6BindEntry 2 } lw4o6BindType OBJECT-TYPE SYNTAX INTEGER { unknown(0), portrange(1), portrandom(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "The port binding type: portrange(1) The port range is specified using a port Schoenwaelder, et al. Expires January 5, 2013 [Page 8] Internet-Draft Lightweight 4over6 MIB July 2012 range value and a port range mask. portrandom(2) " ::= { lw4o6BindEntry 3 } lw4o6BindIPv6Address OBJECT-TYPE SYNTAX InetAddressIPv6 MAX-ACCESS read-only STATUS current DESCRIPTION "The IPv6 address used with this binding." ::= { lw4o6BindEntry 4 } lw4o6BindIPv4Address OBJECT-TYPE SYNTAX InetAddressIPv4 MAX-ACCESS read-only STATUS current DESCRIPTION "The IPv4 address used with this binding." ::= { lw4o6BindEntry 5 } lw4o6BindPortRangeValue OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The port value used with this binding if the binding type is portrange." REFERENCE "draft-bajko-pripaddrassign-04" ::= { lw4o6BindEntry 6 } lw4o6BindPortRangeMask OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The port mask used with this binding if the binding type is portrange." REFERENCE "draft-bajko-pripaddrassign-04" ::= { lw4o6BindEntry 7 } lw4o6BindRandomFunction OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only Schoenwaelder, et al. Expires January 5, 2013 [Page 9] Internet-Draft Lightweight 4over6 MIB July 2012 STATUS current DESCRIPTION "The random function used with this binding if the binding type is portrandom." REFERENCE "draft-bajko-pripaddrassign-04" ::= { lw4o6BindEntry 8 } lw4o6BindRandomStartingPoint OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The value used as input to the random function if the binding type is portrandom." REFERENCE "draft-bajko-pripaddrassign-04" ::= { lw4o6BindEntry 9 } lw4o6BindRandomKey OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "The key used as input to the random function if the binding type is portrandom." REFERENCE "draft-bajko-pripaddrassign-04" ::= { lw4o6BindEntry 10 } lw4o6BindNumberOfPorts OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of ports of this binding." ::= { lw4o6BindEntry 11 } lw4o6BindNumberOfPortsUsed OBJECT-TYPE SYNTAX Gauge32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The number of ports of this binding that are currently used." ::= { lw4o6BindEntry 12 } lw4o6BindPortAllocationFailures OBJECT-TYPE SYNTAX Counter32 Schoenwaelder, et al. Expires January 5, 2013 [Page 10] Internet-Draft Lightweight 4over6 MIB July 2012 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of situations where a port could not be allocated because there we no more ports left in the binding." ::= { lw4o6BindEntry 13 } -- Compliance definitions: lw4o6Groups OBJECT IDENTIFIER ::= { lw4o6Conformance 1 } lw4o6Compliances OBJECT IDENTIFIER ::= { lw4o6Conformance 2 } lw4o6FullCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "Compliance statement for implementations supporting read/write access, according to the object definitions." MODULE -- this module MANDATORY-GROUPS { lw4o6IfGroup, lw4o6BindGroup } ::= { lw4o6Compliances 1 } lw4o6ReadOnlyCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "Compliance statement for implementations supporting only readonly access." MODULE -- this module MANDATORY-GROUPS { lw4o6IfGroup, lw4o6BindGroup } OBJECT lw4o6IfIcmpControl MIN-ACCESS read-only DESCRIPTION "Write access is not required." ::= { lw4o6Compliances 2 } lw4o6IfGroup OBJECT-GROUP OBJECTS { Schoenwaelder, et al. Expires January 5, 2013 [Page 11] Internet-Draft Lightweight 4over6 MIB July 2012 -- lw4o6IfIndex, lw4o6IfIcmpControl, lw4o6IfBindingMatchFailures, lw4o6IfNoBindingFailures } STATUS current DESCRIPTION "A collection of objects providing insight into the performance of a Lightweight 4over6 interface." ::= { lw4o6Groups 1 } lw4o6BindGroup OBJECT-GROUP OBJECTS { -- lw4o6BindIfIndex, -- lw4o6BindIndex lw4o6BindType, lw4o6BindIPv6Address, lw4o6BindIPv4Address, lw4o6BindPortRangeValue, lw4o6BindPortRangeMask, lw4o6BindRandomFunction, lw4o6BindRandomStartingPoint, lw4o6BindRandomKey, lw4o6BindNumberOfPorts, lw4o6BindNumberOfPortsUsed, lw4o6BindPortAllocationFailures } STATUS current DESCRIPTION "A collection of objects providing insight into the bindings associated with a Lightweight 4over6 interface." ::= { lw4o6Groups 2 } END 7. Security Considerations There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. These are the tables and objects and their sensitivity/vulnerability: Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to Schoenwaelder, et al. Expires January 5, 2013 [Page 12] Internet-Draft Lightweight 4over6 MIB July 2012 control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability: SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPsec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module. It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy). Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them. 8. IANA Considerations IANA is requested to assign a value for "XXXX" under the 'mib-2' subtree and to record the assignment in the SMI Numbers registry. When the assignment has been made, the RFC Editor is asked to replace "XXXX" (here and in the MIB module) with the assigned value and to remove this note. 9. Acknowledgements TBD 10. References 10.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, et al. Expires January 5, 2013 [Page 13] Internet-Draft Lightweight 4over6 MIB July 2012 Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB", RFC 2863, June 2000. [RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks", STD 62, RFC 3411, December 2002. [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. Schoenwaelder, "Textual Conventions for Internet Network Addresses", RFC 4001, February 2005. [RFC4008] Rohit, R., Srisuresh, P., Raghunarayan, R., Pai, N., and C. Wang, "Definitions of Managed Objects for Network Address Translators (NAT)", RFC 4008, March 2005. 10.2. Informative References [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework", RFC 3410, December 2002. Authors' Addresses Juergen Schoenwaelder Jacobs University Campus Ring 1 Bremen 28759 Germany EMail: j.schoenwaelder@jacobs-university.de Cathy Zhou Huawei Technologies Bantian, Longgang District Shenzhen 518129 P.R. China EMail: cathy.zhou@huawei.com Schoenwaelder, et al. Expires January 5, 2013 [Page 14] Internet-Draft Lightweight 4over6 MIB July 2012 Tina Tsou Huawei Technologies (USA) 2330 Central Expressway Santa Clara CA 95050 USA EMail: tina.tsou.zouting@huawei.com Chongfeng Xie China Telecom Room 708 No.118, Xizhimenneidajie Beijing P.R. China EMail: xiechf@ctbri.com.cn Schoenwaelder, et al. Expires January 5, 2013 [Page 15]