Internet DRAFT - draft-peng-p2psip-snmp
draft-peng-p2psip-snmp
P2PSIP Y. Peng
Internet-Draft W. Wang
Intended status: Informational Z. Hao
Expires: April 21, 2013 Y. Meng
ZTE Corporation
October 18, 2012
An SNMP Usage for RELOAD
draft-peng-p2psip-snmp-05
Abstract
This document defines an SNMP Usage for REsource LOcation And
Discovery(RELOAD). The objective of SNMP Usage is to provide the
functionality of managing the RELOAD network. In particular, the
SNMP Usage provides the following functions: (a) defining the method
that allow the registrations to map a network manager's name to a
host node reachable in the overlay, and (b) providing lookup service
for the node hosts the network manager in the overlay. Then the
AppAttach method is used to exchange addresses between nodes to
establish a direct connection through which SNMP messages are
exchanged.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 21, 2013.
Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
Peng, et al. Expires April 21, 2013 [Page 1]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Network Management Requirements . . . . . . . . . . . . . . . 4
4. Basic Operations and SNMP . . . . . . . . . . . . . . . . . . 5
5. Overview of SNMP Usage . . . . . . . . . . . . . . . . . . . . 5
6. SNMP Usage Architecture . . . . . . . . . . . . . . . . . . . 6
7. Abstract Service Interfaces(ASI) . . . . . . . . . . . . . . . 7
7.1. SNMP-RELOAD Application Primitive . . . . . . . . . . . . 7
7.1.1. getNodeForResource ASI . . . . . . . . . . . . . . . . 7
7.1.2. returnNodeForResource ASI . . . . . . . . . . . . . . 7
7.1.3. getAddressForNode ASI . . . . . . . . . . . . . . . . 8
7.1.4. returnAddressForNode ASI . . . . . . . . . . . . . . . 8
7.2. RELOAD Node(M-Node/O-Node) primitive . . . . . . . . . . . 8
7.2.1. getNodeForResource ASI . . . . . . . . . . . . . . . . 8
7.2.2. returnNodeForResource ASI . . . . . . . . . . . . . . 9
7.2.3. exchangeCandidateAddressList ASI . . . . . . . . . . . 9
7.2.4. registerManagerReq ASI . . . . . . . . . . . . . . . . 9
7.2.5. registerManagerAns ASI . . . . . . . . . . . . . . . . 10
8. Managed Object Definitions for RELOAD . . . . . . . . . . . . 10
9. Network Manager Registration and Lookup . . . . . . . . . . . 15
10. An SNMP Entity Forms a Direct Connection with Another SNMP
Entity . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
11. O-Node information Collection . . . . . . . . . . . . . . . . 19
12. O-Node Lookup by the Network Manager for a Resource . . . . . 20
13. Definition of SNMP-REGISTRATION Kind . . . . . . . . . . . . . 21
14. Security Considerations . . . . . . . . . . . . . . . . . . . 22
15. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 22
16. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 23
17. References . . . . . . . . . . . . . . . . . . . . . . . . . . 23
17.1. Normative References . . . . . . . . . . . . . . . . . . . 23
17.2. Informative References . . . . . . . . . . . . . . . . . . 24
Appendix A. Additional Stuff . . . . . . . . . . . . . . . . . . 24
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 25
Peng, et al. Expires April 21, 2013 [Page 2]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
1. Introduction
This document defines an SNMP Usage for RELOAD, which can be used to
manage the RELOAD network. It can provide important network
management functions, such as changing the network configuration,
monitoring the performance of the network, collecting real-time
status/failure information, etc. These network management functions
are essential for stable operation and high-quality services offered
by the network. Since the traditional network management protocols
(e.g., SNMP) cannot be directly applied to RELOAD network management,
it is necessary to introduce new RELOAD usage of SNMP.
As defined in [I-D.ietf-p2psip-base], there are two kinds of network
elements in RELOAD network: centralized servers, such as the
Enrollment Server; distributed nodes, such as Peer and Client. The
management function of centralized servers can be carried out by
traditional management methods, and aren't discussed in this
document. We focus on the management of the distributed nodes called
as RELOAD Nodes in this draft.
When the manager starts up, it needs to register the mapping between
its name and Node-ID into the RELOAD network, in order to be
recognized and found by the managed RELOAD Nodes. So only the name
of manager needs be fixed, and needs be known beforhand by RELOAD
Nodes. Then, the RELOAD Nodes can get the manager's address and
connect with it. Then the Nodes and the manager can exchange
management messages through this link.
Not only RELOAD Nodes are managed object, but a RELOAD resource is a
managed object as well, such as some data stored in RELOAD network by
SNMP-RELOAD application.
The basic mechanism of SNMP Usage is the same as SIP Usage for
RELOAD[I-D.draft-ietf-p2psip-sip]. It is easier to understood the
SNMP Usage, if someone has the backgroud of SIP Usage draft.
2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
In this document, we use the definitions from Concepts and
Terminology as described in the following drafts:
Peer to Peer SIP [I-D.ietf-p2psip-concepts], RELOAD Base Protocol
[I-D.ietf-p2psip-base], SNMPv3 [RFC3411], TLS TM for SNMP [RFC5953] .
Peng, et al. Expires April 21, 2013 [Page 3]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
SNMP: Simple Network Management Protocol.
Entity: SNMP Entity, including both Manager and Agent, which
resides in RELOAD Node.
Manager: SNMP Manager, which resides in RELOAD Node.
Agent: SNMP Agent, which resides in RELOAD Node.
LCD: Local Configuration Datastore.
Node: RELOAD Node, including both Peer and Client, which SNMP
manager or agent resides in.
ReDiR: Recursive Distributed Rendezvous.
M-Node: Management Node, which is the RELOAD Node which SNMP
Manager resides in.
O-Node: Objective Node, which is the RELOAD Node managed by a
network manager, which SNMP agent resides in.
R-Node: Responsible Node, which is the RELOAD Node responsible
for storing the data according to P2P algorithm.
SNMP-RELOAD Application: It provides the functions related to
RELOAD for SNMP applications, such as getting available address for
Node-ID and getting Node-ID for Resource ID. SNMP applications can
implement the management for RELOAD network by SNMP-RELOAD
Application.
3. Network Management Requirements
SNMP usage SHOULD or MAY provide the following functions and
mechanisms:
i. SNMP usage for RELOAD SHOULD provide the management functions for
RELOAD Nodes. Such as setting node name, software version or other
configuration information, monitoring the number of the messages
initiated, forwarded or processed by nodes, reporting program
failure, message forwarding failure or other error on nodes.
ii. SNMP usage for RELOAD SHOULD provide the management functions
for RELOAD resource. Such as tracking the RELOAD messages is
forwarded, processing flows of resources.
iii. SNMP usage for RELOAD SHOULD provide mechanisms for SNMP
Peng, et al. Expires April 21, 2013 [Page 4]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
entities to discover each other based on RELOAD Node-ID.
iv. SNMP usage for RELOAD SHOULD provide mechanisms for SNMP
entities to establish a secure connection between each other.
v. SNMP usage for RELOAD SHOULD provide mechanisms for SNMP manager
to discover the RELOAD NodeID associated to a given Resource-ID.
vi. SNMP usage for RELOAD SHOULD provide mechanisms for SNMP
entities to traverse the NAT in front of the SNMP entities which they
will connect to.
vii. SNMP usage for RELOAD MAY provide mechanisms for SNMP entities
to discover the SNMP manager based on manager names or functions.
4. Basic Operations and SNMP
Management interactions between nodes can be abstracted into the
following basic operations: a) the network manager requests data of
nodes and resources; b) the network manager sets data of nodes and
resources; c) nodes initiate data reports to the network manager. A
variety of management functions can be carried out by these basic
operations or their combinations. This document adopts SNMP as a
RELOAD Usage to achieve the management of the RELOAD network. The
basic operations described above can be implemented by messages
defined in SNMP, such as GetRequest, GetNextRequest, GetBulkRequest,
Response, SetRequest, Trap, and InformRequest.
5. Overview of SNMP Usage
The SNMP entity is deployed as an application on RELOAD Nodes in the
SNMP usage for RELOAD. In other words, each SNMP entity is
associated with a RELOAD Node. SNMP entities discover other entities
(agents or managers) by RELOAD mechanisms and connect with other SNMP
entities. Therefore, SNMP entities talk to each other using SNMP
protocol on dedicated connections, while RELOAD protocols are used
for Node discovery and connection setup. The following figure shows
the system composition and protocol:
Peng, et al. Expires April 21, 2013 [Page 5]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
+------------------------------------------------+
| RELOAD Network |
| |
| |
| +------------+ +------------+ |
| | | SNMP | | |
| | Manager |------------------| Agent | |
| | | | | |
| +------------+ +------------+ |
| | | RELOAD | | |
| | Node |------------------| Node | |
| | | | | |
| +------------+ +------------+ |
| |
+------------------------------------------------+
The following figure shows SNMP Usage's position in the RELOAD
Architecture:
Application
+-------+ +-------+ +-------+
| SIP | | XMPP | | SNMP | ...
| Usage | | Usage | | Usage |
+-------+ +-------+ +-------+
------------------------------------------- Messaging API
RELOAD
6. SNMP Usage Architecture
This document defines SNMP Usage Architeture, which includes SNMP-
RELOAD application and SNMP applications in the Simple Network
Management Protocol (SNMP) architecture defined in [RFC3411]. The
SNMP-RELOAD Application will provide the functions related to RELOAD,
such as getting available address for Node-ID and getting Node-ID for
Resource-ID, to SNMP applications to implement the management for
RELOAD network. This document identifies and describes some key
aspects that need to be considered for SNMP usage for RELOAD. The
following figure depicts SNMP usage architecture.
Peng, et al. Expires April 21, 2013 [Page 6]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
+------------------------------------------+
| SNMP Usage |
| |
| +------------+ +------------+ |
| | SNMP | |SNMP-RELOAD | |
| |applications|<---------->|application | |
| | | | | |
| +------------+ +------------+ |
| ^ ^ |
+------|--------------------------|--------+
| |
| |
v v
+-----------+ +------------+
| SNMP | | RELOAD |
| Engine | | (M/O-Node) |
|(with DTLS)| | |
+-----------+ +------------+
7. Abstract Service Interfaces(ASI)
Abstract service interfaces describe only the conceptual interfaces
between SNMP-RELOAD application and the other subsystems, and it is
intended to help clarify the externally observable behavior. They
should not be interpreted as APIs or as requirements statements for
APIs. More description about abstract service interfaces is in
[RFC3411].
7.1. SNMP-RELOAD Application Primitive
7.1.1. getNodeForResource ASI
The getNodeForResource ASI is provided for SNMP applications by SNMP-
RELOAD application, and it is used to get the Node-ID of the RELOAD
Node that is responsible for a resource.
getNodeForResource(
IN resourceName -- managed resource name
)
7.1.2. returnNodeForResource ASI
The returnNodeForResource ASI is used to return the Node-ID of RELOAD
Node that is responsible for resource to SNMP applications by SNMP-
RELOAD application.
Peng, et al. Expires April 21, 2013 [Page 7]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
result = -- SUCCESS or errorIndication
returnNodeForResource(
IN resourceName -- managed resource name
IN nodeID -- node that responsible for managed resource
name
)
7.1.3. getAddressForNode ASI
The getAddressForNode ASI is provided for SNMP applications (e.g.
Command Application, Notification Application) by SNMP-RELOAD
application, and it is used to get the address of the other side for
SNMP communication.
getAddressForNode(
IN nodeID -- destination node
)
7.1.4. returnAddressForNode ASI
The returnNodeForResource ASI is used to return the address of the
other side for SNMP communication.
result = -- SUCCESS or errorIndication
returnAddressForNode(
IN nodeID -- destination node
IN transportAddress -- destination network address
)
7.2. RELOAD Node(M-Node/O-Node) primitive
7.2.1. getNodeForResource ASI
The getNodeForResource ASI is provided for SNMP-RELOAD application by
RELOAD Node(M-Node/O-Node), and it is used to get Node-ID of RELOAD
Node that is responsible for resource. The difinition of
getNodeForResource is above.
Peng, et al. Expires April 21, 2013 [Page 8]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
7.2.2. returnNodeForResource ASI
The returnNodeForResource ASI is used to return the Node-ID of RELOAD
Node that is responsible for resource to SNMP-RELOAD application by
RELOAD Node. The difinition of returnNodeForResource is above.
7.2.3. exchangeCandidateAddressList ASI
The exchangeCandidateAddressList ASI is used by SNMP-RELOAD
application and RELOAD Node to exchange the address list with each
other for SNMP communication, and these address lists will be used
for NAT traversal by the ICE.
exchangeCandidateAddressList(
IN nodeID -- destination node
IN ufrag -- the username fragment (from ICE)
IN password -- the ICE password
IN candidateAddressList -- sender's candidate address
list
)
the Elements of candidateAddress of candidateAddressList including:
IP address, LinkType, etc.
In order to implement ICE, these items need to be added into
LCD(Local Configuration Datastore):
Ufrag
Password
LinkType: DTLS-UDP-NO-ICE, DTLS-UDP-ICE, TLS-TCP-NO-ICE.
7.2.4. registerManagerReq ASI
The registerManagerReq ASI is provided for SNMP-RELOAD application by
RELOAD M-Node, and it is used to register the Node-ID of the RELOAD
Node which hosts the Manager.
registerManagerReq(
IN managerName -- the name of Manager
Peng, et al. Expires April 21, 2013 [Page 9]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
IN nodeID -- the Node-ID of the RELOAD Node which Manager
resides in
)
7.2.5. registerManagerAns ASI
The registerManagerAns ASI is used to return the result of
registering to SNMP-RELOAD application by RELOAD M-Node.
result = -- SUCCESS or errorIndication
8. Managed Object Definitions for RELOAD
SNMP-RELOAD-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, OBJECT-IDENTITY, mib-2, Counter32,
Gauge32, Integer32, NOTIFICATION-TYPE
FROM SNMPv2-SMI -- RFC 2578 or any update thereof
MODULE-COMPLIANCE, OBJECT-GROUP,
NOTIFICATION-GROUP
FROM SNMPv2-CONF -- RFC 2580 or any update thereof
TimeStamp
FROM SNMPv2-TC -- RFC 2579 or any update thereof
;
snmpReloadMIB MODULE-IDENTITY
LAST-UPDATED "201202280000Z"
ORGANIZATION "P2PSIP Working Group"
CONTACT-INFO "WG-EMail: p2psip@ietf.org"
DESCRIPTION "
SNMP Usage for RELOAD MIB
Copyright (c) 2011 IETF Trust and the persons identified as
the document authors. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD License
set forth in Section 4.c of the IETF Trust's Legal Provisions
Relating to IETF Documents
(http://trustee.ietf.org/license-info)."
REVISION "201202280000Z"
Peng, et al. Expires April 21, 2013 [Page 10]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
DESCRIPTION "This version of this MIB module is part of
draft-peng-p2psip-snmp-04; see the draft itself
for full legal notices."
::= { mib-2 199 }
-- ************************************************
-- subtrees of the SNMP-RELOAD-MIB
-- ************************************************
snmpReloadNotifications OBJECT IDENTIFIER ::= { snmpReloadMIB 0 }
snmpReloadObjects OBJECT IDENTIFIER ::= { snmpReloadMIB 1 }
snmpReloadConformance OBJECT IDENTIFIER ::= { snmpReloadMIB 2 }
-- ************************************************
-- snmpReloadObjects - Objects
-- ************************************************
-- Configuration Objects
snmpReloadConfig OBJECT IDENTIFIER ::= { snmpReloadObjects 1 }
snmpReloadConfigVersion OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The version of snmpReloadConfigItem."
::= { snmpReloadConfig 1 }
snmpReloadConfigLastChanged OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime.0 when the snmpReloadConfigItem was
last modified through any means, or 0 if it has not been
modified since the command responder was started."
::= { snmpReloadConfig 2 }
snmpReloadConfigItem OBJECT IDENTIFIER ::= { snmpReloadConfig 3 }
snmpReloadNodeName OBJECT-IDENTITY
STATUS current
DESCRIPTION
"The name of RELOAD Node."
::= { snmpReloadConfigItem 1 }
Peng, et al. Expires April 21, 2013 [Page 11]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
snmpReloadNodeId OBJECT-IDENTITY
STATUS current
DESCRIPTION
"node-id-length This element contains the length of
a NodeId(NodeIdLength) in bytes. This value MUST be
between 16 (128 bits) and 20 (160 bits). If this
element is not present, the default of 16 is used."
::= { snmpReloadConfigItem 2 }
snmpReloadNodeType OBJECT-TYPE
SYNTAX Integer32(0..9)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"the type of RELOAD Node.
Definition of values as follows:
Client(0),
Peer(1)
"
::= { snmpReloadConfigItem 3 }
snmpReloadLogPrintLevel OBJECT-TYPE
SYNTAX Integer32(0..9)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"the type of RELOAD Node.
Definition of values as follows:
debug(3),
info(2),
warn(1),
error(0)
"
::= { snmpReloadConfigItem 4 }
snmpReloadNotificationEnable OBJECT-TYPE
SYNTAX Integer32(0..9)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Whether are notifications sent.
Definition of values as follows:
Disable(0),
Enable(1)
"
::= { snmpReloadConfigItem 5 }
Peng, et al. Expires April 21, 2013 [Page 12]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
-- The snmpReloadFailures Group
snmpReloadFailures OBJECT IDENTIFIER ::= { snmpReloadObjects 2 }
snmpReloadMessageForwardFailures OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of times RELOAD message failed to be forwarded,
for any reason."
::= { snmpReloadFailures 1 }
snmpReloadDataUpdateFailures OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of times RELOAD data failed to be updated,
for any reason."
::= { snmpReloadFailures 2 }
-- ****************************************************
-- snmpReloadNotifications - Notifications Information
-- ****************************************************
snmpReloadMessageForwardFailNotification NOTIFICATION-TYPE
OBJECTS { snmpReloadMessageForwardFailures }
STATUS current
DESCRIPTION
"Notification that RELOAD message failed to be forwarded."
::= { snmpReloadNotifications 1 }
snmpReloadDataUpdateFailNotification NOTIFICATION-TYPE
OBJECTS { snmpReloadDataUpdateFailures }
STATUS current
DESCRIPTION
"Notification that RELOAD data failed to be updated."
::= { snmpReloadNotifications 2 }
-- ************************************************
-- snmpReloadCompliances - Conformance Information
-- ************************************************
snmpReloadCompliances OBJECT IDENTIFIER ::= {snmpReloadConformance 1}
snmpReloadGroups OBJECT IDENTIFIER ::= { snmpReloadConformance 2 }
Peng, et al. Expires April 21, 2013 [Page 13]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
-- ************************************************
-- Compliance statements
-- ************************************************
snmpReloadCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP engines that support
the SNMP-RELOAD-MIB"
MODULE
MANDATORY-GROUPS { snmpReloadConfigGroup,
snmpReloadFailuresGroup,
snmpReloadNotificationGroup }
::= { snmpReloadCompliances 1 }
-- ************************************************
-- Units of conformance
-- ************************************************
snmpReloadConfigGroup OBJECT-GROUP
OBJECTS {
snmpReloadConfigVersion,
snmpReloadConfigLastChanged,
snmpReloadNodeType,
snmpReloadLogPrintLevel,
snmpReloadNotificationEnable
}
STATUS current
DESCRIPTION
"A collection of objects for maintaining configuration
information of an SNMP engine that implements
the SNMP Usage for RELOAD."
::= { snmpReloadGroups 1 }
snmpReloadFailuresGroup OBJECT-GROUP
OBJECTS {
snmpReloadMessageForwardFailures,
snmpReloadDataUpdateFailures
}
STATUS current
DESCRIPTION
"A collection of objects for failures
information of an SNMP engine that implements
the SNMP Usage for RELOAD."
::= { snmpReloadGroups 2 }
Peng, et al. Expires April 21, 2013 [Page 14]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
snmpReloadNotificationGroup NOTIFICATION-GROUP
NOTIFICATIONS {
snmpReloadMessageForwardFailNotification,
snmpReloadDataUpdateFailNotification
}
STATUS current
DESCRIPTION
"Notifications"
::= { snmpReloadGroups 3 }
END
9. Network Manager Registration and Lookup
The Node-ID of the network manager which acts as a provider of
management service should be discovered by agents on RELOAD nodes, so
that the agents can send messages to the manager. The Node-ID of
network manager may not be fixed or predefined in advance. So a
recognizable name is necessary and the managed nodes should find the
Node-ID of the manager through this fixed name. Therefore, it is
necessary for the manager to register itself in the network after
joining the network. In other words, the manager needs to store the
mapping between its name and its Node-ID in the RELOAD network. When
an agent wants to contact the manager, it needs to first look up the
manager's Node-ID corresponding to the predefined management service
name. This registration is achieved by storing the name of the
network manager and the structure of SnmpRegistration into the RELOAD
network. The corresponding SNMP-REGISTRATION Kind-ID will be
formally defined in the following chapter. It is proposed to store
the mapping of the manager's name to a destination list in this
document. Therefore, a single Node-ID as a special case for a
destination list. The contents of a SnmpRegistration structure are
as follows
struct {
opaque contact_prefs<0..2^16-1>;
Destination destination_list<0..2^16-1>;
} SnmpRegistrationData;
struct {
uint16 length;
Peng, et al. Expires April 21, 2013 [Page 15]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
SnmpRegistrationData data;
} SnmpRegistration;
The contents of the SnmpRegistration PDU are:
length
the length of the rest of the PDU
data
the contents of the registration data is an opaque string
containing the network manager's contact preferences and a
destination list for the peer.
When an agent needs to contact a network manager, it must perform a
query of SnmpRegistration by FetchReq message to get the manager's
Node-ID.
The process for Network Manager Registration and Lookup is as shown
the following figure:
Peng, et al. Expires April 21, 2013 [Page 16]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
+------------------------+ +-------------++-------------+
|Manager | | R-Node || Agent |
| | | || |
|SNMP-RELOAD RELOAD | | RELOAD || RELOAD |
|application M-Node | | R-Node || O-Node |
| | | || |
| | | | | | || | |
+------------------------+ +-------------++-------------+
| | | |
| | | |
+---------------------------------+ |
|1.Manager Registering: | | |
| | | | |
| |registerManagerReq | | |
| |------------->| | | |
| | | | | |
| | |StoreReq | | |
| | |------------->| | |
| | | | | |
| | |StoreAns | | |
| | |<-------------| | |
| | | | | |
| |registerManagerAns | | |
| |<-------------| | | |
+---------------------------------+ |
| | | |
| | +---------------------+
| | |2.Manager Lookup: |
| | | | | |
| | | | FetchReq | |
| | | |<-------------| |
| | | | | |
| | | | FetchAns | |
| | | |------------->| |
| | +---------------------+
| | | |
| | | |
10. An SNMP Entity Forms a Direct Connection with Another SNMP Entity
Note that the targets of the management tasks and reports of RELOAD
network are Node-ID of RELOAD or snmeEngineID of SNMP. (Note: In
this document, snmeEngineID constructed from Node-ID.) When a SNMP
Entity needs to send SNMP messages to another SNMP Entity, it must
get the other side of available IP address firstly. Due to the
existence of NAT, they need to exchange ICE addresses with each other
and check for connectivity, and then selects a pair of available IP
Peng, et al. Expires April 21, 2013 [Page 17]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
address to establish the connection(of course, if a connection has
been established between this pair of IP address, the initiator node
will directly send messages to the target node.) The process of
establishing a direct connection between SNMP Entities is as shown
below:
+---------------------------------------+ +-----------------------+
|Entity 1 | | Entity 2 |
| | | |
| SNMP SNMP-RELOAD RELOAD | | RELOAD SNMP-RELOAD|
|applications application M/O-Node | | O/M-Node application|
| | | |
| | | | | | | | |
+---------------------------------------+ +-----------------------+
| | | | |
| | | | |
|getAddressForNode | | |
|------------->| | | |
| | | | |
| | | | |
| +---------------+ | | |
| |Get ICE ufrag/ | | | |
| |password from | | | |
| |LCD, collect | | | |
| |candidate | | | |
| |address list | | | |
| +---------------+ | | |
| | | | |
| | | | |
| |exchangeCandidateAddressList | |
| |------------->| | |
| | | | |
| | | exchangeCandidateAddressList
| | | AppAttach | |
| | |<------------>|<------------>|
| | | | |
| | | | |
| |exchangeCandidateAddressList | |
| |<-------------| | |
| | | | |
| | | | |
| | | | |
| | ICE Check | | |
| |<------------------------------------------>|
| | | | |
| | | | |
| | | | |
Peng, et al. Expires April 21, 2013 [Page 18]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
| +----------------+ | | |
| |Select available| | | |
| |address from | | | |
| |candidate list | | | |
| +----------------+ | | |
| | | | |
| | | | |
|returnAddressForNode | | |
|<-------------| | | |
| | | | |
| | | | |
+-------------+ | | | |
|If agent, | | | | |
|store address| | | | |
|into MIB | | | | |
|(snmpTarget | | | | |
|AddrTable) | | | | |
+-------------+ | | | |
| | | | |
11. O-Node information Collection
Before a network manager performs management tasks for nodes, it must
first collect the Node-ID and the status information of managed
nodes. The manager collects the information about RELOAD nodes
(including Peer and Client) using the following method: when an agent
starts up(or is activated), its associated RELOAD node joins the
RELOAD network, and it needs to obtain the name of a network manager
by some method. Such as: a) the name of the network manager is set
in the configuration file in configuration server, and the managed
nodes can obtain the name from the configuration file, b) build the
tree struture of the names of the network manager according to ReDiR,
and the managed nodes can obtain the name by the method of ReDiR
service discovery (note: an entry is added in ReDiR Namespaces
Registry, its detail is in the section of IANA Considerations), c)
the name of the network manager is set in the LCD in the managed
node, and the managed node can obtain the name from its LCD. Then
this node connects to the network manager and registers its own
information, such as node name, Node-ID, status, etc., to the
manager. The procedure for finding the manager and connecting to it
has been introduced in the previous section. There are many other
ways to collect the information about managed nodes, which could be
studied further in future.
Peng, et al. Expires April 21, 2013 [Page 19]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
12. O-Node Lookup by the Network Manager for a Resource
When a network manager needs to send a management task for resource,
it is necessary that the network manager first gets the Node-ID of
the O-Node responsible for the resource in order to determine whether
there is a connection with the O-Node. One way for the manager to
get the Node-ID of the O-Node responsible for the resource is to
acquire the Node-ID of the O-NODE responsible for the target resource
through the via_list of Forwarding Header in FindAns. The process is
as follows:
First, the network manager sends a FindReq to the RELOAD network with
the target Reource-ID put into the destination_list of the FindReq.
Then the RELOAD network routes FindReq to the node responsible for
the target Resource ID according to its routing algorithm.
Second, the O-Node returns FindAns to the network manager through the
RELOAD network. The first Node-ID in the via_list of the Forwarding
Header of the FindAns is the Node-ID of the O-Node responsible for
the target resource.
The process which Network Manger utilizes when Looking up the O-Node
for a Resource is as shown below:
Peng, et al. Expires April 21, 2013 [Page 20]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
+---------------------------------------+ +-------------+
|Manager | | Agent |
| | | |
| SNMP SNMP-RELOAD RELOAD | | RELOAD |
|applications application M-Node | | O-Node |
| | | |
| | | | | | | |
+---------------------------------------+ +-------------+
| | | |
| | | |
|getNodeForResource | |
|------------->| | |
| | | |
| | | |
| | | |
| |getNodeForResource |
| |------------->| |
| | | |
| | | |
| | | Find |
| | |<------------>|
| | | |
| | | |
| |returnNodeForResource |
| |<-------------| |
| | | |
| | | |
| | | |
|returnNodeForResource | |
|<-------------| | |
| | | |
After the network manager gets the Node-ID of O-Node, it can
determine whether there is a connection between itself and the
O-Node. If the connection exists, the network manager may directly
send SNMP message to the O-Node, otherwise it is required to
establish a new connection to the O-Node.
13. Definition of SNMP-REGISTRATION Kind
This section defines the SNMP-REGISTRATION kind.
Name: SNMP-REGISTRATION
Kind ID: The Resource Name for the SNMP-REGISTRATION Kind-ID is
the Name of the network manager. The data stored is a
SnmpRegistrationData, which can contain a destination list and
Peng, et al. Expires April 21, 2013 [Page 21]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
contact preferences to the peer which is acting for the network
manager.
Data Model: The data model for the SNMP-REGISTRATION Kind-ID is
single value.
Access Control: USER-NODE-MATCH.
Data stored under the SNMP-REGISTRATION kind is of type
SnmpRegistration. A destination list can be used to reach the
network manager.
14. Security Considerations
The threats to SNMP Usage for RELOAD are the same with the SNMP, and
which are described specifically in RFC5953. We won't repeat it in
this document.
There are three solutions can solve the security issues in SNMP Usage
for RELOAD. The first option is to use a shared key based solution
which is utilized in SNMPv3 security solution (USM). The second
option is a PKI based security solution, which is to use the
certificate of RELOAD to authenticate and encrypt the SNMP messages.
The third option is (D)TLS based security solution, which uses the
secure (D)TLS links to transfer the SNMP message.
USM was designed to be independent of other existing security
infrastructures. USM therefore uses a separate principal and key
management infrastructure. Many operators have reported that
deploying another principal and key management infrastructure in
order to use SNMPv3 is a deterrent to deploying SNMPv3[RFC5590]. We
note that the second option may not be as efficient as expected by
the service providers. So we recommend the third option.
The special detail of (D)TLS based security for SNMP is defined in
RFC5953, and it won't be described again in this document. In short,
we propose to use RELOAD certificate for setting up the connection
using (D)TLS based security. When the Mapping of certificate's
subjectAltName to a tmSecurityName is used in the SNMP-TLS-TM-MIB's
snmpTlstmCertToTSNTable, tmSecurityName is derived from the user name
value of the SubjectAltName field in RELOAD certificate.
15. IANA Considerations
In case of multiple managers and single administration domain, the
managed Nodes may get the manager's name by the method of ReDiR
Peng, et al. Expires April 21, 2013 [Page 22]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
service discovery. And an entry added in ReDiR Namespaces Registry
is below.
+----------------+----------+
| Namespace | RFC |
+----------------+----------+
| snmp-manager | RFC-AAAA |
+----------------+----------+
16. Acknowledgments
This draft is based on "REsource LOcation And Discovery (RELOAD) Base
Protocol" draft by C. Jennings, B. Lowekamp, E. Rescorla, S. Baset
and H. Schulzrinne.
This draft make a reference to "A SIP Usage for RELOAD" draft by C.
Jennings, B. Lowekamp, Ed., E. Rescorla, S. Baset, H. Schulzrinne.
This draft is based on "Architecture for Describing Simple Network
Management Protocol (SNMP) Management Frameworks" RFC by Harrington,
D., Presuhn, R., and B. Wijnen.
This draft is based on "Transport Layer Security (TLS) Transport
Model for the Simple Network Management Protocol (SNMP)" RFC by
Hardaker, W..
Thanks to David Harrington, Juergen Schoenwaelder, Dan Romascanu, Tom
Petch, Marc Petit-Huguenin, and others in P2PSIP and Network WG who
offered significant advice on earlier versions of this draft.
Thank the many people of the IETF P2PSIP WG and Network WG whose many
drafts and RFCs we have learned.
17. References
17.1. Normative References
[I-D.ietf-p2psip-base]
Jennings, C., Lowekamp, B., Rescorla, E., Baset, S., and
H. Schulzrinne, "REsource LOcation And Discovery
(RELOAD)Base Protocol", August 2010.
[I-D.ietf-p2psip-service-discovery]
Maenpaa, J. and G. Camarillo, "Service Discovery Usage for
REsource LOcation And Discovery (RELOAD)", October 2012.
Peng, et al. Expires April 21, 2013 [Page 23]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
[I-D.ietf-p2psip-sip]
Jennings, C., Lowekamp, B., Rescorla, E., Baset, S., and
H. Schulzrinne, "A SIP Usage for RELOAD", July 2010.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An
Architecture for Describing Simple Network Management
Protocol (SNMP) Management Frameworks", STD 62, RFC 3411,
December 2002.
[RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security Model
(USM) for version 3 of the Simple Network Management
Protocol (SNMPv3)", STD 62, RFC 3414, December 2002.
[RFC5953] Hardaker, W., "Transport Layer Security (TLS) Transport
Model for the Simple Network Management Protocol (SNMP)",
RFC 5953, August 2010.
17.2. Informative References
[I-D.ietf-p2psip-concepts]
Bryan, D., Matthews, P., Shim, E., Willis, D., and S.
Dawkins, "Concepts and Terminology for Peer to Peer SIP",
July 2008.
[I-D.narten-iana-considerations-rfc2434bis]
Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs",
draft-narten-iana-considerations-rfc2434bis-09 (work in
progress), March 2008.
[RFC2629] Rose, M., "Writing I-Ds and RFCs using XML", RFC 2629,
June 1999.
[RFC3552] Rescorla, E. and B. Korver, "Guidelines for Writing RFC
Text on Security Considerations", BCP 72, RFC 3552,
July 2003.
[RFC4181] Heard, C., "Guidelines for Authors and Reviewers of MIB
Documents", BCP 111, RFC 4181, September 2005.
Appendix A. Additional Stuff
Peng, et al. Expires April 21, 2013 [Page 24]
�
Internet-Draft An SNMP Usage for RELOAD October 2012
Authors' Addresses
YongLin Peng
ZTE Corporation
Nanjing, 210012
China
Phone: +86 13776637274
Email: peng.yonglin@zte.com.cn
Wei Wang
ZTE Corporation
Nanjing, 210012
China
Phone: +86 13851658076
Email: wang.wei108@zte.com.cn
ZhenWu Hao
ZTE Corporation
Nanjing, 210012
China
Phone: +86 13382087596
Email: hao.zhenwu@zte.com.cn
Yu Meng
ZTE Corporation
Nanjing, 210012
China
Phone: +86 18651806839
Email: meng.yu@zte.com.cn
Peng, et al. Expires April 21, 2013 [Page 25]
�
