Routing Area Working Group A. Atlas
Internet-Draft Juniper Networks
Intended status: Standards Track K. Koushik
Expires: February 8, 2016 Cisco Systems
S. Litkowski
Orange
August 7, 2015

IP MIB for IP Fast-Reroute
draft-ietf-rtgwg-ipfrr-ip-mib-07

Abstract

This draft defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects relevant for IP routes using IP Fast-Reroute [RFC5714]

Requirements Language

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on February 8, 2016.

Copyright Notice

Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.


Table of Contents

1. Introduction

This document defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it defines the managed objects used for IP routes and interfaces in relation to IP Fast-Reroute. This document uses terminology from [RFC5714] and [RFC5286].

Current work is underway to define mechanisms for determining alternate paths for traffic to use when the original path becomes unavailable due to a local failure. The alternate next-hops can be computed in the context of any IGP.

There are certain configuration attributes for IP Fast-Reroute that should be configured to enable IP Fast Reroute in the context of the IGP. These configuration attributes of IP Fast-Reroute are not covered by this MIB module. Examples include whether IP Fast-Reroute is enabled on a network region (i.e. an OSPF area or IS-IS level) and the desired local hold-down timer [RFC5286], whose proper value is dependent upon the size of the network region.

It is possible for traffic other than IP to depend upon and use the alternate next-hops computed by IP Fast-Reroute. An example would be MPLS traffic whose path is configured via LDP [RFC5036]. The additional details (for example, outgoing MPLS label) pertaining to alternate next-hops that are required by such traffic are not covered by this MIB module.

An IP route may be reachable via multiple primary next-hops which provide equal-cost paths. Where IP Fast-Reroute is enabled, each primary next-hop will be protected by one or more alternate next- hops. Such an alternate next-hop may itself be a primary next-hop.

1.1. The SNMP Management Framework

For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of [RFC3410].

Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, [RFC2578], STD 58, [RFC2579] and STD 58, [RFC2580].

2. Brief description of MIB Objects

2.1. ipFrrProtectStats Group

The global objects in this group provide summary information related to protection for all IP routes. The information available includes counts of all routes, of all protected routes, of all unprotected routes, of all routes which are protected against a link failure, and of all routes which are protected against a node failure.

2.2. ipFrrInstanceTable

The ipFrrInstanceTable provides information about configuration of IP FRR instantiations on a node. A single node may have multiple instances of IP FRR using different algorithms or protocols. ipFrrInstances cannot be created through the MIB.

2.3. ipFrrIfTable

The ipFrrIfTable provides information about configuration of interfaces for IPFRR. Entries can be created to activate IPFRR on a particular interface or setting the candidate properties.

2.4. ipFrrProtectStatsTable

The ipFrrProtectStatsTable complements the ipFrrProtectStats group by providing statistics per IP FRR instance.

2.5. ipFrrAltTable

The ipFrrAltTable extends the inetCidrRouteTable [RFC4292] to provide information about each alternate next-hop associated with a primary next-hop used by a route.

2.6. ipFrrNoAltTable

The ipFrrNoAltTable extends the inetCidrRouteTable [RFC4292] to provide information about the routes which do not have an alternate next-hop associated with any of the route's primary next-hop. The entry provides an explanation for the lack of protection.

3. IP Fast-Reroute MIB Module Definitions

IPFRR-MIB DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY,
    OBJECT-TYPE,
    Gauge32,
    Integer32             FROM SNMPv2-SMI          -- [RFC2578]

    RowStatus
                          FROM SNMPv2-TC           -- [RFC2579]

    MODULE-COMPLIANCE,
    OBJECT-GROUP          FROM SNMPv2-CONF         -- [RFC2580]

    InetAddressType,
    InetAddress           FROM INET-ADDRESS-MIB    -- [RFC4001]


    ifIndex, InterfaceIndex        FROM IF-MIB              -- [RFC2863]

    ip                    FROM IP-MIB              -- [RFC4293]

    inetCidrRouteDestType,
    inetCidrRouteDest,
    inetCidrRoutePfxLen,
    inetCidrRoutePolicy,
    inetCidrRouteNextHopType,
    inetCidrRouteNextHop FROM IP-FORWARD-MIB
                        --  [RFC4292]


            IANAipRouteProtocol FROM IANA-RTPROTO-MIB



;

    ipFrrMIB MODULE-IDENTITY
    LAST-UPDATED "201508040000Z" -- Aug 04, 2015
    ORGANIZATION "draft-ietf-ipfrr-ip-mib-06.txt"
    CONTACT-INFO
            "
                     A S Kiran Koushik
                     Cisco Systems Inc.
              EMail: kkoushik@cisco.com

                     Alia Atlas
                     Juniper Networks
              Email: akatlas@juniper.net

                     Stephane Litkowski
                     Orange Business Service
              Email: stephane.litkowski@orange.com

            "

	DESCRIPTION
            "IP MIB module for management of IP Fast-Reroute.

            Copyright (C) The Internet Society (date).
            This version of this MIB module is part of
            draft-ietf-rtgwg-ipfrr-ip-mib-07.txt"
            
	
	REVISION      "201508040000Z" -- Aug 04, 2015
    DESCRIPTION
            "Fixing some syntax issues
			Moved ipFrrInstanceTable to readonly
			Moved ipFrrAltTable to readonly
			Modified Readonly conformance
			Deleting ipFrrInstanceRowStatus
			Deleting ipFrrAltStatus
			Added notProtect to ipFrrIfProtectionType
			"
	
	REVISION      "201406141200Z" -- Jun 14, 2014
    DESCRIPTION
            "draft-ietf-rtgwg-ipfrr-ip-mib-03.txt"
            
	REVISION      "201406131200Z" -- Jun 13, 2014
    DESCRIPTION
                          "Add ipFrrTunnelType in ipFrrAltEntry
                          Modify ipFrrAltType"
						  
    REVISION      "201405261200Z" -- May 26, 2014
    DESCRIPTION
           "Add ipFrrInstanceTable.
            Add ipFrrIfTable.
                            ipFrrProtectStatsTable complements ipFrrProtectStats to have statistics per instance.
                            Add ipFrrAltMetric2, ipFrrAltMetric3, ipFrrAltBest, ipFrrAltNonBestReason to ipFrrAltEntry.
                            Add integer values to ipFrrAltType.
                            Add integer values to ipFrrAltProtectionAvailable.
                            Changed attachment of ipFrrAltStatus in ipFrrAltEntry.
                            Added IPv6 objects in ipFrrProtectStats."
							
    REVISION      "201203131200Z" -- Mar 13, 2012
    DESCRIPTION
           "Editorial changes. Added new type to ipFrrAltType."
		   
    REVISION      "200502181200Z"  -- February 18, 2005
    DESCRIPTION
           "Add Set operations on ipFrrAltTable"
		   
    REVISION     "200502131200Z" -- February 13, 2005
    DESCRIPTION
            "Initial version."
	::= {  ip 50 } -- To be assigned by IANA	
    
	


-- Top level components of this MIB module.

ipFrrMIBObjects OBJECT IDENTIFIER ::= { ipFrrMIB 1 }

ipFrrProtectStats OBJECT IDENTIFIER ::= { ipFrrMIBObjects 1 }

-- the IP FRR MIB-Group

-- A collection of objects providing summarized information
-- about the protection availability and type of alternate paths
-- provided by IP Fast-Reroute mechanisms.

ipFrrTotalRoutes    OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of IPv4 valid routes known by this entity."
    ::= { ipFrrProtectStats 1 }

ipFrrUnprotectedRoutes    OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only


    STATUS     current
    DESCRIPTION
           "The number of IPv4 valid routes known by this entity
            which do not have an alternate next-hop associated
            with any primary next-hop."
    ::= { ipFrrProtectStats 2 }

ipFrrProtectedRoutes    OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The number of IPv4 routes known by this entity
            which have at least one alternate next-hop."
    ::= { ipFrrProtectStats 3 }

ipFrrLinkProtectedRoutes OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of IPv4 routes known by this entity
             for which all alternate next-hops provide link
             protection for their associated primary next-hops."
    ::= { ipFrrProtectStats 4 }

ipFrrNodeProtectedRoutes OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The number of IPv4 routes known by this entity
            for which all alternate next-hops provide node
            protection for their associated primary next-hops."
    ::= { ipFrrProtectStats 5 }

    ipv6FrrTotalRoutes    OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of IPv6 valid routes known by this entity."
    ::= { ipFrrProtectStats 6 }

ipv6FrrUnprotectedRoutes    OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current


    DESCRIPTION
           "The number of IPv6 valid routes known by this entity
            which do not have an alternate next-hop associated
            with any primary next-hop."
    ::= { ipFrrProtectStats 7 }

ipv6FrrProtectedRoutes    OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The number of IPv6 routes known by this entity
            which have at least one alternate next-hop."
    ::= { ipFrrProtectStats 8 }

ipv6FrrLinkProtectedRoutes OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of IPv6 routes known by this entity
             for which all alternate next-hops provide link
             protection for their associated primary next-hops."
    ::= { ipFrrProtectStats 9 }

ipv6FrrNodeProtectedRoutes OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The number of IPv6 routes known by this entity
            for which all alternate next-hops provide node
            protection for their associated primary next-hops."
    ::= { ipFrrProtectStats 10 }

    -- the IP FRR instance MIB-group
    --
-- The ipFrrInstanceTable provides detail on current IPFRR
    -- instances activated on the node

ipFrrInstanceTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF IpFrrInstanceEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "This entity's IP Fast Reroute Instance table."
    ::= { ipFrrMIBObjects 4 }



ipFrrInstanceEntry OBJECT-TYPE
    SYNTAX     IpFrrInstanceEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
          "An entry containing information on a particular
                          IP FRR instance on the node."

    INDEX { ipFrrInstanceId
          }
    ::= { ipFrrInstanceTable 1 }

     IpFrrInstanceEntry ::= SEQUENCE {
    ipFrrInstanceId                                               INTEGER,
            ipFrrInstanceProtocol                                 IANAipRouteProtocol,
            ipFrrInstanceAlgorithm                                Integer32,
            ipFrrInstancePerPrefixComputation             INTEGER
}

ipFrrInstanceId OBJECT-TYPE
    SYNTAX     Integer32 (1..255)
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
          "This object specifies an identificator a of particular IPFRR instance. "
    ::= { ipFrrInstanceEntry 1 }

ipFrrInstanceProtocol OBJECT-TYPE
    SYNTAX     IANAipRouteProtocol
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
          "This object specifies the protocol used by the IPFRR instance."
    ::= { ipFrrInstanceEntry 2 }

ipFrrInstanceAlgorithm OBJECT-TYPE
    SYNTAX     INTEGER {
                loopFree(1),
                loopFreeRemote(2),
                loopFreeTI(3),
                mrt(4)
                }
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
          "This object specifies the algorithm used by the IPFRR instance."
    ::= { ipFrrInstanceEntry 3 }


ipFrrInstancePerPrefixComputation OBJECT-TYPE
    SYNTAX     INTEGER {
                          false(0),
                          true(1)
                }
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
          "This object specifies if per prefix computation is used."
    ::= { ipFrrInstanceEntry 4 }




-- the IP FRR Interface MIB-Group
--
-- ipFrrIfTable provides information on configuration
-- of interfaces for IPFRR


ipFrrIfTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF IpFrrIfEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "This entity's IP Fast Reroute Alternates Interface configuration table."
    ::= { ipFrrMIBObjects 5 }

ipFrrIfEntry OBJECT-TYPE
    SYNTAX        IpFrrIfEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
          "An entry containing information on a particular instance of an IPFRR interface."

    INDEX { ipFrrInstanceId,
                    ifIndex
          }
    ::= { ipFrrIfTable 1 }

IpFrrIfEntry ::= SEQUENCE {
                  ipFrrIfProtectionType                   BITS,
                  ipFrrIfCandidate                        INTEGER,
                  ipFrrIfRowStatus                        RowStatus
}


ipFrrIfProtectionType OBJECT-TYPE
    SYNTAX     BITS {
                  nodeProtect(0),
                  linkProtect(1),
                  nodelinkProtect(2),
				  notProtect(3)
               }
    MAX-ACCESS read-create
    STATUS     current
    DESCRIPTION
          "This object specifies the scope of protection requested for the protection of the destinations.
                           nodeProtect means node protection only compared to nodelinkProtect which means node protection
                           if available and link protection if not available. "
    ::= { ipFrrIfEntry 1 }

ipFrrIfCandidate OBJECT-TYPE
    SYNTAX     INTEGER {
                  false (0),
                  true (1)
               }
    MAX-ACCESS read-create
    STATUS     current
    DESCRIPTION
          "This object specifies the scope of protection requested for the protection of the destinations.
                           nodeProtect means node protection only compared to nodelinkProtect which means node protection
                           if available and link protection if not available. "
	DEFVAL {1}
    ::= { ipFrrIfEntry 2 }

ipFrrIfRowStatus OBJECT-TYPE
    SYNTAX     RowStatus
    MAX-ACCESS read-create
    STATUS     current
    DESCRIPTION
          "."
    ::= { ipFrrIfEntry 3 }


-- the IP FRR Stats MIB-Group
--
-- ipFrrProtectStatsTable provides provides
-- protection availability and type of alternate paths
-- provided by IP Fast-Reroute mechanisms per IPFRR instance.



ipFrrProtectStatsTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF IpFrrProtectStatsEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "This entity's IP Fast Reroute Alternates statistics table."
    ::= { ipFrrMIBObjects 6 }

ipFrrProtectStatsEntry OBJECT-TYPE
    SYNTAX     IpFrrProtectStatsEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
          "An entry containing information on a particular instance of IPFRR.

           ."

    INDEX { ipFrrInstanceId
          }
    ::= { ipFrrProtectStatsTable 1 }

IpFrrProtectStatsEntry ::= SEQUENCE {
                  ipFrrStatsTotalRoutes           Gauge32,
                  ipFrrStatsUnprotectedRoutes             Gauge32,
                  ipFrrStatsProtectedRoutes               Gauge32,
                  ipFrrStatsLinkProtectedRoutes           Gauge32,
                  ipFrrStatsNodeProtectedRoutes           Gauge32,
                  ipv6FrrStatsTotalRoutes         Gauge32,
                  ipv6FrrStatsUnprotectedRoutes           Gauge32,
                  ipv6FrrStatsProtectedRoutes             Gauge32,
                  ipv6FrrStatsLinkProtectedRoutes         Gauge32,
                  ipv6FrrStatsNodeProtectedRoutes         Gauge32
}

ipFrrStatsTotalRoutes    OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of valid routes known by this entity."
    ::= { ipFrrProtectStatsEntry 1 }

ipFrrStatsUnprotectedRoutes    OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The number of valid routes known by this entity


            which do not have an alternate next-hop associated
            with any primary next-hop."
    ::= { ipFrrProtectStatsEntry 2 }

ipFrrStatsProtectedRoutes    OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The number of routes known by this entity
            which have at least one alternate next-hop."
    ::= { ipFrrProtectStatsEntry 3 }

ipFrrStatsLinkProtectedRoutes OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of routes known by this entity
             for which all alternate next-hops provide link
             protection for their associated primary next-hops."
    ::= { ipFrrProtectStatsEntry 4 }

ipFrrStatsNodeProtectedRoutes OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The number of routes known by this entity
            for which all alternate next-hops provide node
            protection for their associated primary next-hops."
    ::= { ipFrrProtectStatsEntry 5 }

     ipv6FrrStatsTotalRoutes    OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of valid IPv6 routes known by this entity."
    ::= { ipFrrProtectStatsEntry 6 }

ipv6FrrStatsUnprotectedRoutes    OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The number of valid IPv6 routes known by this entity
            which do not have an alternate next-hop associated


            with any primary next-hop."
    ::= { ipFrrProtectStatsEntry 7 }

ipv6FrrStatsProtectedRoutes    OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The number of IPv6 routes known by this entity
            which have at least one alternate next-hop."
    ::= { ipFrrProtectStatsEntry 8 }

ipv6FrrStatsLinkProtectedRoutes OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "The number of IPv6 routes known by this entity
             for which all alternate next-hops provide link
             protection for their associated primary next-hops."
    ::= { ipFrrProtectStatsEntry 9 }

ipv6FrrStatsNodeProtectedRoutes OBJECT-TYPE
    SYNTAX     Gauge32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The number of IPv6 routes known by this entity
            for which all alternate next-hops provide node
            protection for their associated primary next-hops."
    ::= { ipFrrProtectStatsEntry 10 }


-- the IP FRR Alternate MIB-Group
--
-- The ipFrrAltTable extends the inetCidrRouteTable to indicate
-- the alternate next-hop(s) associated with each primary
-- next-hop.  The additional indices (ipFrrAltNextHopType and
-- ipFrrAltNextHop ) allow for multiple alternate paths for a
-- given primary next-hop.

ipFrrAltTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF IpFrrAltEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "This entity's IP Fast Reroute Alternates table."
    ::= { ipFrrMIBObjects 2 }


ipFrrAltEntry OBJECT-TYPE
    SYNTAX     IpFrrAltEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
          "An entry containing information on a particular route,
           one of its particular (primary) next-hops and one of
           the associated alternate next-hops.

           Implementers need to be aware that if the total
           number of elements (octets or sub-identifiers) in
           inetCidrRouteDest, inetCidrRoutePolicy,
           inetCidrRouteNextHop, and ipFrrAltNextHop exceeds 107
           then OIDs of column instances in this table will have
           more than 128 sub-identifiers and cannot be accessed
           using SNMPv1, SNMPv2c, or SNMPv3."

    INDEX { inetCidrRouteDestType,
            inetCidrRouteDest,
            inetCidrRoutePfxLen,
            inetCidrRoutePolicy,
            inetCidrRouteNextHopType,
            inetCidrRouteNextHop,
            ipFrrAltNextHopType,
            ipFrrAltNextHop
          }
    ::= { ipFrrAltTable 1 }

IpFrrAltEntry ::= SEQUENCE {
    ipFrrAltNextHopType              InetAddressType,
    ipFrrAltNextHop                  InetAddress,
    ipFrrAltIfIndex                  InterfaceIndex,
    ipFrrAltType                     INTEGER,
    ipFrrTunnelType                  INTEGER,
    ipFrrAltProtectionAvailable      BITS,
    ipFrrAltMetric1                  Integer32,
    ipFrrAltMetric2                  Integer32,
    ipFrrAltMetric3                  Integer32,
    ipFrrAltBest                     INTEGER,
    ipFrrAltNonBestReason            OCTET STRING
}

ipFrrAltNextHopType OBJECT-TYPE
    SYNTAX     InetAddressType
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION


           "The type of the ipFrrNextHop address, as defined
            in the InetAddress MIB.

            Only those address types that may appear in an actual
            routing table are allowed as values of this object."
    REFERENCE "RFC 4001"
    ::= { ipFrrAltEntry 1 }

ipFrrAltNextHop OBJECT-TYPE
    SYNTAX     InetAddress
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "The address of the next system along the alternate
            route.

            The type of this address is determined by the value
            of the ipFrrAltNextHopType."
    ::= { ipFrrAltEntry 2 }

ipFrrAltIfIndex OBJECT-TYPE
    SYNTAX     InterfaceIndex
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The ifIndex value which identifies the local
            interface through which the next hop of this
            alternate route should be reached."
    ::= { ipFrrAltEntry 3 }

ipFrrAltType OBJECT-TYPE
    SYNTAX   INTEGER {
                other                     (1), -- type not defined
                equalCost                 (2), -- primary path
                loopFree                  (3), -- loop free alternate
                loopFreeRemote            (4), -- remote loop free alternate
                loopFreeNH                (5), -- loop free alternate using a configured tunnel toward the nexthop
                loopFreeNNH               (6), -- loop free alternate using a configured tunnel toward the nextnexthop
                loopFreeTI                (7), -- loop free alternate using topology independent algorithm
                mrt                       (8)  -- Maximally Redundant Trees
             }
    MAX-ACCESS read-only
    STATUS   current
    DESCRIPTION
           "The type of alternate which is provided by the
            alternate next-hop.  The supported types are as
            follows:



            equalCost : The alternate next-hop is another
                        primary next-hop.

            loopFreeConnected : loop free alternate (LFA as described in RFC5286)

                            loopFreeRemote : remote LFA (as described in draft-ietf-rtgwg-remote-lfa)

                            loopFreeNH : loop free alternate using a configured tunnel toward the nexthop (link protection only)

                            loopFreeNNH : loop free alternate using a configured tunnel toward the nextnexthop (node protection)

                            loopFreeTI : loop free alternate using topology independent algorithm

            other : The mechanism by which the alternate next-hop
                    can be used is not specified.

            MRT : Maximally Redundant Trees, where each
                  destination has two MRTs associated with it.
                  These two trees are referred as blue and red
                  MRTs.
                  See draft-ietf-rtgwg-mrt-frr-architecture-00.
            "
    ::= { ipFrrAltEntry 4 }

ipFrrTunnelType OBJECT-TYPE
    SYNTAX   INTEGER {
                none                  (1), -- No tunnel used
                other                 (2), -- type not defined
                ldp                   (3), -- LDP tunnel
                ip                    (4), -- IP based tunnel (GRE, IPIP, L2TP ...)
                srmpls               (5), -- SPRING tunnel using MPLS dataplane
                sripv6               (6), -- SPRING tunnel using IPv6 dataplane
                rsvpte               (7), -- RSVP-TE tunnel
                mtldp                (8)  -- LDP tunnel on another topology
             }
    MAX-ACCESS read-only
    STATUS   current
    DESCRIPTION
           "The type of tunnel used to reach the alternate.
                           The supported types are as follows:

                           none : No tunnel used

                           ldp : use LDP tunnel to reach the alternate (typically the case of rLFA)

                           ip : use IP based tunnel to reach the alternate

                           srmpls or sripv6 : use SPRING based tunnel (typically the case of TI-LFA)


                           rsvpte : use a RSVP-TE LSP to reach the alternate

                           mtldp : use an LDP tunnel based on another topology (typically the case of MRT)


            "
    ::= { ipFrrAltEntry 5 }

ipFrrAltProtectionAvailable OBJECT-TYPE
    SYNTAX     BITS {
                  nodeProtect(0),
                  linkProtect(1),
                  srlgProtect(2),
                  downstreamProtect(3),
                  unknownProtection(4)
               }
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
          "This object specifies the scope of protection for
           which this alternate next-hop can provide failure
           protection.  The alternate next-hop should provide
           one or more of node-protection and link-protection.
           If the protection provided by the alternate next-hop
           is unknown, then only unknownProtection should be
           specified.  Specifying uknownProtection with any
           other type of protection is not supported. "
    ::= { ipFrrAltEntry 6 }

ipFrrAltMetric1 OBJECT-TYPE
    SYNTAX     Integer32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This is the primary routing metric for this
             alternate path to the destination IP address.
             If the alternate path metric is unknown, the value
             should be set to -1."
    ::= { ipFrrAltEntry 7 }

     ipFrrAltMetric2 OBJECT-TYPE
    SYNTAX     Integer32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This is the primary routing metric for this
             alternate path from the PLR to the alternate.
             If the alternate path metric is unknown, the value


             should be set to -1."
    ::= { ipFrrAltEntry 8 }

ipFrrAltMetric3 OBJECT-TYPE
    SYNTAX     Integer32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This is the primary routing metric for this
             alternate path from the alternate to the destination.
             If the alternate path metric is unknown, the value
             should be set to -1."
    ::= { ipFrrAltEntry 9 }

     ipFrrAltBest OBJECT-TYPE
    SYNTAX     INTEGER { false(0), true(1) }
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This object provides information if the alternate is the best one."
    ::= { ipFrrAltEntry 10 }

ipFrrAltNonBestReason OBJECT-TYPE
    SYNTAX     OCTET STRING (SIZE (0..255))
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "This object provides reason why an alternate is not the best one."
    ::= { ipFrrAltEntry 11 }



-- the IP FRR No Alternate MIB-Group
--
-- The ipFrrNoAltTable extends the inetCidrRouteTable
-- to indicate which routes are unprotected and the reason
-- why.  The indices do not include the primary next-hop because
-- the lack of protection is for the route.  This allows easy
-- access to the set of unprotected routes that would be
-- affected by a local failure of their primary next-hop.



ipFrrNoAltTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF IpFrrNoAltEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "This entity's IP Fast Reroute Unprotected Routes
            table."
    ::= { ipFrrMIBObjects 3 }

ipFrrNoAltEntry OBJECT-TYPE
    SYNTAX     IpFrrNoAltEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
          "An entry containing the reason why a route does not
           have an alternate next-hop.  The existence of an
           entry for a route indicates that there is no
           alternate next-hop."
    INDEX { inetCidrRouteDestType,
            inetCidrRouteDest,
            inetCidrRoutePfxLen
          }
    ::= { ipFrrNoAltTable 1 }

IpFrrNoAltEntry ::= SEQUENCE {
    ipFrrNoAltCause           INTEGER
}

ipFrrNoAltCause OBJECT-TYPE
    SYNTAX   INTEGER {
               ipFrrUnavailable  (1), -- No valid alternate(s)
               localAddress      (2), -- local/internal address
               ipFrrDisabled     (3), -- Protection not enabled
               other             (4)  -- unknown or other cause
             }
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
          "For valid routes without an alternate next-hop, this
           object enumerates the reason why no protection is
           available.  The possibilities are as follows.

           ipFrrUnavailable : The supported IP Fast-Reroute
                              mechanisms could not find a safe
                              alternate next-hop.

           localAddress : The route represents a local address.
                      This system is the destination so no


                      alternate path is possible or necessary.

           ipFrrDisabled : Finding of alternate next-hops is
                           operationally disabled.

           other : The reason is unknown or different from those
                   specifically enumerated possible causes."
    ::= { ipFrrNoAltEntry 1 }

-- conformance information

ipFrrMIBConformance
               OBJECT IDENTIFIER ::= { ipFrrMIB 2 }

ipFrrMIBCompliances
               OBJECT IDENTIFIER ::= { ipFrrMIBConformance 1 }

ipFrrMIBGroups
               OBJECT IDENTIFIER ::= { ipFrrMIBConformance 2 }

-- compliance statements

ipFrrMIBCompliance MODULE-COMPLIANCE
    STATUS  deprecated
    DESCRIPTION
          "Minimum requirements to state conformity
           to this MIB. Supporting only IP v4 addresses
           This is deprecated in favor of
           ipFrrMIBInetCompliance

           There are a number of INDEX objects that cannot be
           represented in the form of OBJECT clauses in SMIv2,
           but for which there are compliance requirements,
           expressed in OBJECT clause form in this description:

   OBJECT      inetCidrRouteDestType
   SYNTAX      InetAddressType { ipv4(1), ipv4z(3) }
   MIN-ACCESS  read-only
   DESCRIPTION
          A (deprecated) complying implementation at this
          level is required to support IPv4 addresses only.
          This compliance level is defined so an
          implementation only needs to support the addresses
          it actually supports on the device.

    OBJECT      inetCidrRouteNextHopType
    SYNTAX      InetAddressType { ipv4(1), ipv4z(3) }
      MIN-ACCESS  read-only


    DESCRIPTION
           A (deprecated) complying implementation at this
           level is required to support IPv4 addresses only.
           This compliance level is defined so an
           implementation only needs to support the addresses
           it actually supports on the device.

    OBJECT      ipFrrAltNextHopType
    SYNTAX      InetAddressType { ipv4(1), ipv4z(3) }
      MIN-ACCESS  read-only
    DESCRIPTION
           A (deprecated) complying implementation at this
           level is required to support IPv4 addresses only.
           This compliance level is defined so an
           implementation only needs to support the
           addresses it actually supports on the device.
    "
    MODULE  -- this module
    MANDATORY-GROUPS { ipFrrBasicGroup }

   ::= { ipFrrMIBCompliances 1 }


ipFrrMIBInetCompliance MODULE-COMPLIANCE
    STATUS  current
    DESCRIPTION
            "Full conformity to this MIB."
    MODULE  -- this module
    MANDATORY-GROUPS { ipFrrBasicGroup }

    OBJECT  ipFrrIfRowStatus
    SYNTAX INTEGER { active(1) }
    WRITE-SYNTAX INTEGER { createAndGo(4), destroy(6) }
    DESCRIPTION
        "Support for createAndWait and notInService is not
         required."

   ::= { ipFrrMIBCompliances 2 }

 ipFrrReadOnlyCompliance MODULE-COMPLIANCE
     STATUS  current
     DESCRIPTION

         "When this MIB is implemented without support for
          read-create (i.e. in read-only mode), then that
          implementation can claim read-only compliance. In that
          case, ipFrrAlt group can be monitored but cannot be
          configured with this MIB."


     MODULE
     MANDATORY-GROUPS { ipFrrBasicGroup }

     OBJECT  ipFrrIfProtectionType
     MIN-ACCESS  read-only
     DESCRIPTION
         "Write access is not required."

     OBJECT  ipFrrIfCandidate
     MIN-ACCESS  read-only
     DESCRIPTION
         "Write access is not required."

     OBJECT  ipFrrIfRowStatus
     MIN-ACCESS  read-only
     DESCRIPTION
         "Write access is not required."

   ::= { ipFrrMIBCompliances 3 }

-- units of conformance
ipFrrBasicGroup OBJECT-GROUP
    OBJECTS {ipFrrTotalRoutes,
             ipFrrUnprotectedRoutes,
             ipFrrProtectedRoutes,
             ipFrrLinkProtectedRoutes,
             ipFrrNodeProtectedRoutes,
             ipv6FrrTotalRoutes,
             ipv6FrrUnprotectedRoutes,
             ipv6FrrProtectedRoutes,
             ipv6FrrLinkProtectedRoutes,
             ipv6FrrNodeProtectedRoutes,
             ipFrrAltIfIndex,
             ipFrrAltType,
			 ipFrrTunnelType,
             ipFrrAltProtectionAvailable,
             ipFrrAltMetric1,
             ipFrrAltMetric2,
             ipFrrAltMetric3,
             ipFrrAltNonBestReason,
             ipFrrAltBest,
             ipFrrNoAltCause,
             ipFrrInstanceAlgorithm,
             ipFrrInstanceProtocol,
             ipFrrInstancePerPrefixComputation,
             ipFrrIfCandidate,
             ipFrrIfProtectionType,
             ipFrrIfRowStatus,
             ipFrrStatsTotalRoutes,
             ipFrrStatsUnprotectedRoutes,
             ipFrrStatsProtectedRoutes,
             ipFrrStatsLinkProtectedRoutes,
             ipFrrStatsNodeProtectedRoutes,
             ipv6FrrStatsTotalRoutes,
             ipv6FrrStatsUnprotectedRoutes,
             ipv6FrrStatsProtectedRoutes,
             ipv6FrrStatsLinkProtectedRoutes,
             ipv6FrrStatsNodeProtectedRoutes

    }
    STATUS  current
    DESCRIPTION
            "The entire collection of objects defined in
             this MIB for management of IP Fast Reroute ."
    ::= { ipFrrMIBGroups 1 }

END



	

4. Security Considerations

There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. The ipFrrAltTable contains routing and forwarding information that is critical to the operation of the network in the event of a local failure. Allowing unauthenticated write access to this table can compromise the validity of the alternate forwarding information.

Some of the readable objects in this MIB module (i.e. objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP.

SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPSec), even then, there is no control as to who on the secure network is allowed to access and GET the objects in this MIB module.

It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy).

Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET them.

5. Acknowledgements

The authors would like to acknowledge contributions made by Bill Anderson, Don Fedyk, John Flick and Bruno Decraene.

6. IANA Considerations

The MIB module in this document uses the following IANA-assigned OBJECT IDENTIFIER value recorded in the SMI Numbers registry.

The IANA is requested to assign { ip ZZZ } to the IPFRR-MIB MIB module specified in this document.

Editor's Note (to be removed prior to publication): the IANA is requested to assign a value for "ZZZ" under the ip subtree and to record the assignments in the SMI Numbers registry. When the assignments have been made, the RFC Editor is asked to replace "ZZZ" (here and in the MIB modules) with the assigned value and to remove this note.

7. References

7.1. Normative References

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997.
[RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB", RFC 2863, DOI 10.17487/RFC2863, June 2000.
[RFC4001] Daniele, M., Haberman, B., Routhier, S. and J. Schoenwaelder, "Textual Conventions for Internet Network Addresses", RFC 4001, DOI 10.17487/RFC4001, February 2005.
[RFC4292] Haberman, B., "IP Forwarding Table MIB", RFC 4292, DOI 10.17487/RFC4292, April 2006.
[RFC4293] Routhier, S., "Management Information Base for the Internet Protocol (IP)", RFC 4293, DOI 10.17487/RFC4293, April 2006.
[RFC5286] Atlas, A. and A. Zinin, "Basic Specification for IP Fast Reroute: Loop-Free Alternates", RFC 5286, DOI 10.17487/RFC5286, September 2008.

7.2. Informative References

[RFC2578] McCloghrie, K., Perkins, D. and J. Schoenwaelder, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, DOI 10.17487/RFC2578, April 1999.
[RFC2579] McCloghrie, K., Perkins, D. and J. Schoenwaelder, "Textual Conventions for SMIv2", STD 58, RFC 2579, DOI 10.17487/RFC2579, April 1999.
[RFC2580] McCloghrie, K., Perkins, D. and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58, RFC 2580, DOI 10.17487/RFC2580, April 1999.
[RFC3410] Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction and Applicability Statements for Internet-Standard Management Framework", RFC 3410, DOI 10.17487/RFC3410, December 2002.
[RFC5036] Andersson, L., Minei, I. and B. Thomas, "LDP Specification", RFC 5036, DOI 10.17487/RFC5036, October 2007.
[RFC5714] Shand, M. and S. Bryant, "IP Fast Reroute Framework", RFC 5714, DOI 10.17487/RFC5714, January 2010.

Authors' Addresses

Alia Atlas Juniper Networks EMail: akatlas@juniper.net
A S Kiran Koushik Cisco Systems EMail: kkoushik@cisco.com
Stephane Litkowski Orange EMail: stephane.litkowski@orange.com