Internet DRAFT - draft-ietf-ancp-mib-an
draft-ietf-ancp-mib-an
Network Working Group S. De Cnodder
Internet-Draft Alcatel-Lucent
Intended status: Standards Track M. Morgenstern
Expires: July 13, 2014 ECI Telecom Ltd.
January 9, 2014
Access Node Control Protocol (ANCP) MIB module for Access Nodes
draft-ietf-ancp-mib-an-12.txt
Abstract
This memo defines a portion of the Management Information Base (MIB)
for use with network management protocols. In particular it defines
objects for managing access nodes that are using the Access Node
Control Protocol (ANCP).
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 13, 2014.
Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
De Cnodder & Morgenstern Expires July 13, 2014 [Page 1]
�
Internet-Draft ANCP MIB January 2014
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. The Internet-Standard Management Framework . . . . . . . . . 2
3. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3
4. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 3
5. Structure of the MIB Module . . . . . . . . . . . . . . . . . 3
5.1. Textual Conventions . . . . . . . . . . . . . . . . . . . 3
5.2. The ANCP MIB module Subtree . . . . . . . . . . . . . . . 3
5.3. The Notifications Subtree . . . . . . . . . . . . . . . . 3
5.4. The Table Structures . . . . . . . . . . . . . . . . . . 4
6. Relationship to Other MIB Modules . . . . . . . . . . . . . . 5
6.1. Relationship to the Interfaces Group MIB module . . . . . 5
6.2. MIB modules required for IMPORTS . . . . . . . . . . . . 5
7. ANCP MIB Definitions for the Access Node . . . . . . . . . . 6
8. Security Considerations . . . . . . . . . . . . . . . . . . . 31
9. IANA considerations . . . . . . . . . . . . . . . . . . . . . 37
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 37
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 37
11.1. Normative References . . . . . . . . . . . . . . . . . . 38
11.2. Informative References . . . . . . . . . . . . . . . . . 38
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 39
1. Introduction
This memo defines a portion of the Management Information Base (MIB)
for use with network management protocols. In particular it defines
objects for managing access nodes as described in [RFC5851] that are
using the Access Node Control Protocol defined in [RFC6320].
2. The Internet-Standard Management Framework
For a detailed overview of the documents that describe the current
Internet-Standard Management Framework, please refer to section 7 of
RFC 3410 [RFC3410].
Managed objects are accessed via a virtual information store, termed
the Management Information Base or MIB. MIB objects are generally
accessed through the Simple Network Management Protocol (SNMP).
Objects in the MIB are defined using the mechanisms defined in the
Structure of Management Information (SMI). This memo specifies MIB
modules that is compliant to the SMIv2, which is described in STD 58,
RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580
[RFC2580].
De Cnodder & Morgenstern Expires July 13, 2014 [Page 2]
�
Internet-Draft ANCP MIB January 2014
3. Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
4. Overview
In [RFC5851], the framework for the Access Node Control Protocol
(ANCP) is described. It defines 2 network entities, the Access Node
(AN) and the Network Access Server (NAS), between which ANCP sessions
are established. The detailed protocol specification of ANCP is
described in [RFC6320]. This document specifies a MIB module for an
AN that supports ANCP, and a MIB module that defines textual
conventions.
This document specifies MIB modules for an AN as defined in
[RFC6320], and any protocol extensions not defined in [RFC6320] are
not covered by this document. Also MIB modules for a NAS are not
covered by this document.
5. Structure of the MIB Module
5.1. Textual Conventions
New textual conventions, AncpSessionCapabilities, AncpVersion,
AncpName, and AncpPartitionId are defined in a seperate MIB module in
this document. These textual conventions are used for the
convenience of humans reading the MIB.
5.2. The ANCP MIB module Subtree
ANCP-TC-MIB is the first MIB module defined in this document, and it
is put under mib-2. Also the second MIB module defined in this
document, ANCP-AN-MIB is put under mib-2.
5.3. The Notifications Subtree
Notifications are defined to inform the management station about
state changes of ANCP sessions, whenever an ANCP session changes
state. Two notifications are defined for this purpose. The
notification ancpAnSessionUp is to inform the management station when
the session comes up, and the notification ancpAnSessionDown is to
inform when the ANCP session is down again after it was up before.
Attributes are introduced to enable and disable the generation of
these notifications per ANCP session. No other special measures for
congestion avoidance for the notifications are needed because the
De Cnodder & Morgenstern Expires July 13, 2014 [Page 3]
�
Internet-Draft ANCP MIB January 2014
number of ANCP sessions in an access node is typically small. In
addition, establishing an ANCP session and tearing down it again,
takes some time such that for a particular ANCP session, not many
notifications in a short time period can be generated.
5.4. The Table Structures
The ANCP MIB module for the AN has 3 tables. The tables are the
following:
o ancpAnSessionConfigTable
This table is used to configure ANCP sessions at the AN towards a
specific NAS. The NAS is identified by a number of attributes in
this table (ancpAnSessionConfigNasIpAddressType and
ancpAnSessionConfigNasIpAddress). The other attributes in this
table can be used to configure properties that are specific for
that particular ANCP session. The interface to which the ANCP
session is bound is also configured in this table. This interface
can be an IP interface, an ATM PVC, a VLAN (or VLAN stack), or any
other interface defined in IF-MIB.
o ancpAnCurrentSessionTable
This table shows the operational state of a particular ANCP
session, as well as the actual values of various parameters
associated with it. The table also provides statistical
information collected for each particular ANCP session. Each
session configured in ancpAnSessionConfigTable has a corresponding
row in ancpAnCurrentSessionTable. When a session is configured or
deleted in the ancpAnSessionConfigTable, then the corresponding
row of that session in the ancpAnCurrentSessionTable is,
respectively, automatically created or deleted.
o ancpAnInterfaceConfigTable
This table is used to assign interfaces to particular partitions
if partitions are being used as indicated by the scalar
ancpAnPartitionsUsed. When partitions are used, a row in this
table is created automatically when a user facing interface for
which the system supports ANCP is created in the ifTable of the
IF-MIB [RFC2863].
Four groups are defined:
De Cnodder & Morgenstern Expires July 13, 2014 [Page 4]
�
Internet-Draft ANCP MIB January 2014
o ancpAnConfigGroup
This group contains all objects of the ancpAnSessionConfigTable in
which the ANCP sessions are configured in the access node.
o ancpAnCurrentGroup
This group contains all objects of the
ancpAnCurrentSessionTable where the operational state and other
information of the ANCP sessions are shown.
o ancpAnInterfaceGroup
This group contains all objects to configure interfaces to be used
by ANCP. Assigning interfaces to particular partitions is part of
this group in case partitions are used.
o ancpAnNotificationsGroup
This group contains the notifications that indicate state changes
of ANCP sessions.
6. Relationship to Other MIB Modules
6.1. Relationship to the Interfaces Group MIB module
There is a dependency between the ANCP MIB module and the Interfaces
Group MIB (IF-MIB) defined in [RFC2863]. The ifIndex defined in the
ifTable of IF-MIB is used as the index of the
ancpAnInterfaceConfigTable defined in the ANCP MIB module for access
nodes. Each time that an entry is created in the ifTable for which
the system supports ANCP (e.g., in a DSLAM this is typically for each
DSL line), a row is created automatically in the
ancpAnInterfaceConfigTable if partitions are being used.
6.2. MIB modules required for IMPORTS
The ANCP TC MIB module requires the following MIB modules for
IMPORTS:
De Cnodder & Morgenstern Expires July 13, 2014 [Page 5]
�
Internet-Draft ANCP MIB January 2014
o SNMPv2-SMI defined in [RFC2578]
o SNMPv2-TC defined in [RFC2579]
The ANCP MIB module for access nodes requires thefollowing MIB
modules for IMPORTS:
o SNMPv2-SMI defined in [RFC2578]
o RMON2-MIB defined in [RFC4502]
o IF-MIB defined in [RFC2863]
o INET-ADDRESS-MIB defined in [RFC4001]
o SNMPv2-CONF defined in [RFC2580]
o SNMPv2-TC defined in [RFC2579]
o Q-BRIDGE-MIB defined in [RFC4363]
o ANCP-TC-MIB defined in this document
7. ANCP MIB Definitions for the Access Node
ANCP-TC-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, mib-2, Unsigned32
FROM SNMPv2-SMI -- RFC2578
TEXTUAL-CONVENTION
FROM SNMPv2-TC; -- RFC2579
ancpTcMIB MODULE-IDENTITY
LAST-UPDATED "201306240000Z" -- 24 June 2013
ORGANIZATION "IETF ANCP Working Group"
CONTACT-INFO
" Editors:
Stefaan De Cnodder
Alcatel-Lucent
Postal: Copernicuslaan 50
B-2018 Antwerp
Belgium
EMail: stefaan.de_cnodder@alcatel-lucent.com
Phone: +32 3 240 85 15
De Cnodder & Morgenstern Expires July 13, 2014 [Page 6]
�
Internet-Draft ANCP MIB January 2014
Moti Morgenstern
ECI Telecom Ltd.
Postal: 30 Hasivim St.
Petach Tikva 4959388,
Israel
Email: moti.morgenstern@ecitele.com
Phone: +972 3 926 6258
"
DESCRIPTION
"This MIB module provides Textual Conventions to be
used by MIB modules for AN and NAS that are implementing
the Access Node Control Protocol (ANCP).
Copyright (C) The IETF Trust (2008). The initial version
of this MIB module was published in RFC yyyy; for full
legal notices see the RFC itself."
-- RFC Ed.: replace yyyy with actual RFC number and remove this note
REVISION "201306240000Z" -- 24 June 2013
DESCRIPTION "Initial version as published in RFC yyyy."
-- RFC Ed.: replace yyyy with actual RFC number and remove this note
::= { mib-2 xxx }
-- The value xxx to be assigned by IANA.
--
-- Textual Conventions
--
AncpSessionCapabilities ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"ANCP capabilities supported by the AN.
The following capabilities are available:
dslTopologyDiscovery (1) - Access Topology Discovery
dslLineConfiguration (2) - Line Configuration
dslLineTesting (4) - Layer 2 OAM
A bit set means the associated capability is supported."
SYNTAX BITS {
dslTopologyDiscovery (1),
dslLineConfiguration (2),
dslLineTesting (4)
}
AncpVersion ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The version numbers defined for the ANCP protocol.
The version numbers used are defined in the
specifications of the respective protocol.
De Cnodder & Morgenstern Expires July 13, 2014 [Page 7]
�
Internet-Draft ANCP MIB January 2014
Version 50 is defined in [RFC6320].
Other numbers may be defined for other versions of the
ANCP protocol."
SYNTAX Unsigned32
AncpPartitionId ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"A 8-bit value identifying a partition on the AN."
SYNTAX OCTET STRING (SIZE(1))
AncpName ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The Name is a 48-bit quantity.
A 48-bit IEEE 802 MAC address, if
available, may be used."
SYNTAX OCTET STRING (SIZE(6))
END
ANCP-AN-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE,
Unsigned32, TimeTicks,zeroDotZero,
NOTIFICATION-TYPE, mib-2
FROM SNMPv2-SMI -- RFC2578
ZeroBasedCounter32
FROM RMON2-MIB -- RFC4502
InterfaceIndex, ifIndex FROM IF-MIB -- RFC2863
InetAddressType, InetAddress, InetPortNumber
FROM INET-ADDRESS-MIB -- RFC4001
MODULE-COMPLIANCE, OBJECT-GROUP,
NOTIFICATION-GROUP
FROM SNMPv2-CONF -- RFC2580
RowStatus, TruthValue, RowPointer
FROM SNMPv2-TC -- RFC2579
VlanIdOrNone
FROM Q-BRIDGE-MIB -- RFC4363
AncpSessionCapabilities, AncpVersion,
AncpPartitionId, AncpName
FROM ANCP-TC-MIB; -- This document
ancpAnMIB MODULE-IDENTITY
LAST-UPDATED "201306240000Z" -- 24 June 2013
ORGANIZATION "IETF ANCP Working Group"
CONTACT-INFO
" Editors:
De Cnodder & Morgenstern Expires July 13, 2014 [Page 8]
�
Internet-Draft ANCP MIB January 2014
Stefaan De Cnodder
Alcatel-Lucent
Postal: Copernicuslaan 50
B-2018 Antwerp
Belgium
EMail: stefaan.de_cnodder@alcatel-lucent.com
Phone: +32 3 240 85 15
Moti Morgenstern
ECI Telecom Ltd.
Postal: 30 Hasivim St.
Petach Tikva 4959388,
Israel
Email: moti.morgenstern@ecitele.com
Phone: +972 3 926 6258
"
DESCRIPTION
"The MIB module for entities implementing the access node
side of the Access Node Control Protocol (ANCP).
Copyright (C) The IETF Trust (2008). The initial version
of this MIB module was published in RFC yyyy; for full
legal notices see the RFC itself."
-- RFC Ed.: replace yyyy with actual RFC number and remove this note
REVISION "201306240000Z" -- 24 June 2013
DESCRIPTION "Initial version as published in RFC yyyy."
-- RFC Ed.: replace yyyy with actual RFC number and remove this note
::= { mib-2 xxx }
-- The value xxx to be assigned by IANA.
ancpAnNotifications OBJECT IDENTIFIER ::= { ancpAnMIB 0 }
ancpAnObjects OBJECT IDENTIFIER ::= { ancpAnMIB 1 }
ancpAnConformance OBJECT IDENTIFIER ::= { ancpAnMIB 2 }
--
-- Global ANCP Control Parameters
--
-- The following scalar parameters globally control the behavior
-- of the ANCP implementation
--
ancpAnPartitionsUsed OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object allows the manager to specify whether or
De Cnodder & Morgenstern Expires July 13, 2014 [Page 9]
�
Internet-Draft ANCP MIB January 2014
not to use the 'Partition ID' field in the ANCP message
header. When set to 'false' the application does not
use partitions and the ancpAnSessionConfigPartitionId
object MUST be zero for all sessions. In addition, rows
SHOULD NOT be created in the ancpAnInterfaceConfigTable.
When set to 'true' the application uses partitions and
the ancpAnSessionConfigPartitionId object MUST be set,
for every session, to a nonzero value. In such a case,
rows are created in ancpAnInterfaceConfigTable. The
default value zero in ancpAnInterfaceConfigPartitionId
object means that the operator did not associate the
interface with a particular partition. Note that
modifying the value of this object is restricted.
E.g., prior to setting it from 'true' to 'false'
ancpAnSessionConfigRowStatus objects for all sessions
should be set to notInService and the partition ID value
MUST be set to zero.
The value of this object is persistent."
DEFVAL { false }
::= { ancpAnObjects 1 }
--
-- Configuration of ANCP Sessions
--
ancpAnNextSessionId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The object reports the next index (potential value of
ancpAnSessionConfigSessionId) which is available for
creating a new row in ancpAnSessionConfigTable.
If no such value is available (e.g., the table is full
or any other reason) the object reports '0' (zero).
An available value V becomes unavailable when a row is
actually created with ancpAnSessionConfigSessionId=V and
until then consecutive GET commands with this object may
return the same value V. Note that eventually only one
row creation with the value V can succeed.
An unavailable value V becomes available again when a
row with ancpAnSessionConfigSessionId=V in
ancpAnSessionConfigTable is deleted."
::= { ancpAnObjects 2 }
ancpAnSessionConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF AncpAnSessionConfigEntry
MAX-ACCESS not-accessible
De Cnodder & Morgenstern Expires July 13, 2014 [Page 10]
�
Internet-Draft ANCP MIB January 2014
STATUS current
DESCRIPTION
"This table represents the ANCP sessions in the access
node. An entry in this table needs to be configured
(created) before an ANCP session might be started."
::= { ancpAnObjects 3 }
ancpAnSessionConfigEntry OBJECT-TYPE
SYNTAX AncpAnSessionConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the table showing the data for a
specific actual or yet to be established session.
If partitions are used, one session corresponds to
one specific access node partition."
INDEX { ancpAnSessionConfigSessionId }
::= { ancpAnSessionConfigTable 1 }
AncpAnSessionConfigEntry ::= SEQUENCE {
ancpAnSessionConfigSessionId Unsigned32,
ancpAnSessionConfigRowStatus RowStatus,
ancpAnSessionConfigAncpVersion AncpVersion,
ancpAnSessionConfigEncapsulationType INTEGER,
ancpAnSessionConfigCapabilities AncpSessionCapabilities,
ancpAnSessionConfigAliveTimer Unsigned32,
ancpAnSessionConfigPortReportShaper Unsigned32,
ancpAnSessionConfigAggregateReportShaper Unsigned32,
ancpAnSessionConfigTransportRetryTimer Unsigned32,
ancpAnSessionConfigAncpRetryTimer Unsigned32,
ancpAnSessionConfigAnName AncpName,
ancpAnSessionConfigPartitionId AncpPartitionId,
ancpAnSessionConfigWindowSize Unsigned32,
ancpAnSessionConfigRelatedInterface InterfaceIndex,
ancpAnSessionConfigRelatedEntity RowPointer,
ancpAnSessionConfigSvid VlanIdOrNone,
ancpAnSessionConfigSPrio Unsigned32,
ancpAnSessionConfigCvid VlanIdOrNone,
ancpAnSessionConfigCPrio Unsigned32,
ancpAnSessionConfigNasIpAddressType InetAddressType,
ancpAnSessionConfigNasIpAddress InetAddress,
ancpAnSessionConfigEncapPortNumber InetPortNumber,
ancpAnSessionConfigNotifyDnEnable TruthValue,
ancpAnSessionConfigNotifyUpEnable TruthValue
}
ancpAnSessionConfigSessionId OBJECT-TYPE
SYNTAX Unsigned32 (1..255)
De Cnodder & Morgenstern Expires July 13, 2014 [Page 11]
�
Internet-Draft ANCP MIB January 2014
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An index of a session referred by this row. The index
is unique across all partitions.
The referred session may be actually established or
just potential.
Prior to creating a row in the table it is advised to
check the ancpAnNextSessionId for an available index."
::= { ancpAnSessionConfigEntry 1 }
ancpAnSessionConfigRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"An object that allows entries in this table to
be created, modified and deleted using the RowStatus
convention.
A SET operation to any other attribute in this row,
when this object is set to 'active' (1), MUST be
rejected with an SNMP error (e.g., inconsistentValue).
In order to perform a SET operation to any other
attribute in this table the manager MUST set this
object to notInService (2). After setting the object
back to 'active' the implementation MAY tear down the
session and recreate it, depending on what session
attributes have been modified. "
::= { ancpAnSessionConfigEntry 2 }
ancpAnSessionConfigAncpVersion OBJECT-TYPE
SYNTAX AncpVersion
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The maximum version number of the ANCP protocol that
may be used in this session. The value of this object
is persistent."
DEFVAL { 50 }
::= { ancpAnSessionConfigEntry 3 }
ancpAnSessionConfigEncapsulationType OBJECT-TYPE
SYNTAX INTEGER {
tcp(1)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
De Cnodder & Morgenstern Expires July 13, 2014 [Page 12]
�
Internet-Draft ANCP MIB January 2014
"Required encapsulation for this session. The value of
this object is persistent."
DEFVAL { tcp }
::= { ancpAnSessionConfigEntry 4 }
ancpAnSessionConfigCapabilities OBJECT-TYPE
SYNTAX AncpSessionCapabilities
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"ANCP capabilities supported by the AN in this session.
When all bits are set to zero then this means that no
capabilities are supported. The value of this object
is persistent."
DEFVAL { { dslTopologyDiscovery, dslLineTesting } }
::= { ancpAnSessionConfigEntry 5 }
ancpAnSessionConfigAliveTimer OBJECT-TYPE
SYNTAX Unsigned32(1..255)
UNITS "deciseconds"
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The timer specifies the nominal time between periodic
adjacency protocol messages generated by the access
node.
It is a constant for the duration of an ANCP session.
The timer is specified in units of 100ms. The value
of this object is persistent."
DEFVAL { 250 }
::= { ancpAnSessionConfigEntry 6 }
ancpAnSessionConfigPortReportShaper OBJECT-TYPE
SYNTAX Unsigned32(1..255)
UNITS "deciseconds"
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The timer specifies the nominal time between
2 EventReport messages related to the same port.
It is a constant for the duration of a ANCP session.
The timer is specified in units of 100ms. The value
of this object is persistent."
DEFVAL { 10 }
::= { ancpAnSessionConfigEntry 7 }
ancpAnSessionConfigAggregateReportShaper OBJECT-TYPE
SYNTAX Unsigned32(1..2550)
De Cnodder & Morgenstern Expires July 13, 2014 [Page 13]
�
Internet-Draft ANCP MIB January 2014
UNITS "centiseconds"
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The timer specifies the nominal time between
2 EventReport messages related to any port.
It is a constant for the duration of a ANCP session.
The timer is specified in units of 10ms. The value
of this object is persistent."
DEFVAL { 10 }
::= { ancpAnSessionConfigEntry 8 }
ancpAnSessionConfigTransportRetryTimer OBJECT-TYPE
SYNTAX Unsigned32(0..255)
UNITS "deciseconds"
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The timer specifies the nominal time between 2
transport connection setup attempts done by the
access node.
The transport protocol is specified in
ancpAnSessionConfigEncapsulationType.
The timer is specified in units of 100ms.
A value 0 means that the access node will NOT
initiate nor setup the transport connection. The
value of this object is persistent."
DEFVAL { 10 }
::= { ancpAnSessionConfigEntry 9 }
ancpAnSessionConfigAncpRetryTimer OBJECT-TYPE
SYNTAX Unsigned32(0..255)
UNITS "deciseconds"
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The timer specifies the nominal time between
2 ANCP connection setup attempts.
The timer is specified in units of 100ms.
A value 0 means that the access node will NOT
spontaneously trigger an ANCP session.
Whatever the setting of this timer, the access
node shall always listen for ANCP session setup.
The value of this object is persistent."
DEFVAL { 10 }
::= { ancpAnSessionConfigEntry 10 }
ancpAnSessionConfigAnName OBJECT-TYPE
De Cnodder & Morgenstern Expires July 13, 2014 [Page 14]
�
Internet-Draft ANCP MIB January 2014
SYNTAX AncpName
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The name of the access node. The first three octets
must be an Organizationally Unique Identifier (OUI)
that identifies the manufacturer of the access node.
This object can be (one of) the MAC address(es) of the
access node on the network side.
When set to zero, the access node shall autonomously
decide on using the most appropriate MAC address of the
access node. Then the actually used access node name
can be read from ancpAnCurrentSessionAnName.
The value of this object is persistent."
DEFVAL { '000000000000'H }
::= { ancpAnSessionConfigEntry 11 }
ancpAnSessionConfigPartitionId OBJECT-TYPE
SYNTAX AncpPartitionId
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Id for this session's specific access node
partition.
This object has a meaning only if partitions are used
(ancpAnPartitionsUsed='true') and is ignored
otherwise.
The value of this object is persistent."
DEFVAL { '00'H }
::= { ancpAnSessionConfigEntry 12 }
ancpAnSessionConfigWindowSize OBJECT-TYPE
SYNTAX Unsigned32(1..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The maximum number of unacknowledged request messages
that may be transmitted by the controller without the
possibility of loss. This field is used to prevent
request messages from being lost in the access node
because of overflow in the receive buffer. The field is
a hint to the controller. The value of this object is
persistent."
DEFVAL { 10 }
::= { ancpAnSessionConfigEntry 13 }
ancpAnSessionConfigRelatedInterface OBJECT-TYPE
SYNTAX InterfaceIndex
De Cnodder & Morgenstern Expires July 13, 2014 [Page 15]
�
Internet-Draft ANCP MIB January 2014
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object contains the value of an ifIndex object,
defined in IF-MIB, indicating an interface
corresponding to this session.
The corresponding interface might be either physical
or logical (e.g., IP Interface).
The value of this object is persistent."
::= { ancpAnSessionConfigEntry 14 }
ancpAnSessionConfigRelatedEntity OBJECT-TYPE
SYNTAX RowPointer
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object contains the name of an object instance
uniquely identifying a lower layer entity associated
with this session. For example, in the case where the
session is associated with an ATM VCC, this object might
be set to an object identifier uniquely identifying
that VCC (e.g., an object instance in atmVclTable).
If unused, this object MUST have the value zeroDotZero.
The value of this object is persistent."
DEFVAL { zeroDotZero }
::= { ancpAnSessionConfigEntry 15 }
ancpAnSessionConfigSvid OBJECT-TYPE
SYNTAX VlanIdOrNone
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"If the session is associated with a single VLAN, this
object contains the VLAN ID of the single VLAN tag. If
ancpAnSessionConfigCvid is also nonzero then the
session is associated with two VLAN tags, S-VLAN tag
and C-VLAN tag, then this object contains the VLAN ID
of the S-VLAN tag (the outer VLAN tag). In both cases
the value of this object SHOULD be nonzero.
If the session is not associated with any VLAN, this
object MUST have the default value 0.
The value of this object is persistent."
DEFVAL { 0 }
::= { ancpAnSessionConfigEntry 16 }
ancpAnSessionConfigSPrio OBJECT-TYPE
SYNTAX Unsigned32(0..7 | 65535)
MAX-ACCESS read-create
De Cnodder & Morgenstern Expires July 13, 2014 [Page 16]
�
Internet-Draft ANCP MIB January 2014
STATUS current
DESCRIPTION
"If the session is associated with a single VLAN, this
object contains the priority value of the single VLAN
tag.
If ancpAnSessionConfigCvid is also nonzero then the
session is associated with two VLAN tags, S-VLAN tag
and C-VLAN tag, then this object contains the priority
value of the S-VLAN tag (the priority value of the
outer VLAN tag). In both cases the value of this object
SHOULD be in the range 0 to 7 inclusive.
If the session is not associated with any VLAN, this
object MUST have the default value 65535.
The value of this object is persistent."
DEFVAL { 65535 }
::= { ancpAnSessionConfigEntry 17 }
ancpAnSessionConfigCvid OBJECT-TYPE
SYNTAX VlanIdOrNone
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"If the session is associated with two VLANs, has both
S-VLAN tag and C-VLAN tag, this object contains the
VLAN ID of the inner VLAN tag (also called C-VLAN ID).
In such a case the value of this object SHOULD be
nonzero.
If the session is not associated with any VLAN or if it
is associated with a single VLAN, this object MUST
have the default value 0.
The value of this object is persistent."
DEFVAL { 0 }
::= { ancpAnSessionConfigEntry 18 }
ancpAnSessionConfigCPrio OBJECT-TYPE
SYNTAX Unsigned32(0..7 | 65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"If the session is associated with two VLANs, has both
S-VLAN tag and C-VLAN tag, this object contains the
priority value of the inner VLAN tag (also called
C-VLAN priority). In such a case the value of this
object SHOULD be in the range 0 to 7 inclusive.
If the session is not associated with any VLAN or if it
is associated with a single VLAN, this object MUST have
the default value 65535.
The value of this object is persistent."
De Cnodder & Morgenstern Expires July 13, 2014 [Page 17]
�
Internet-Draft ANCP MIB January 2014
DEFVAL { 65535 }
::= { ancpAnSessionConfigEntry 19 }
ancpAnSessionConfigNasIpAddressType OBJECT-TYPE
SYNTAX InetAddressType { ipv4(1), ipv6(2) }
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of address in ancpAnSessionConfigNasIpAddress.
The value of this object is persistent.
Note that although other types of addresses are defined
in the InetAddressType textual convention, this object
is limited to IPv4 and IPv6 addresses."
::= { ancpAnSessionConfigEntry 20 }
ancpAnSessionConfigNasIpAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IP address used for the ANCP session peer (NAS).
The type of this IP address attribute is determined
by the value of ancpAnSessionConfigNasIpAddressType.
The value of this object is persistent."
::= { ancpAnSessionConfigEntry 21 }
ancpAnSessionConfigEncapPortNumber OBJECT-TYPE
SYNTAX InetPortNumber (1..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The port number used for the transport protocol
establishment to the ANCP peer. The transport
protocol type is specified by
ancpAnSessionConfigEncapsulationType and as
it is set by default to 'tcp' then the default
port number is set to 6068 (see details in
http://www.iana.org/). Other port numbers may
be relevant if other transport protocols are used.
The value of this object is persistent."
DEFVAL { 6068 }
::= { ancpAnSessionConfigEntry 22 }
ancpAnSessionConfigNotifyDnEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
De Cnodder & Morgenstern Expires July 13, 2014 [Page 18]
�
Internet-Draft ANCP MIB January 2014
"This object specifies if ancpAnSessionDown
notification should be generated when this session
leaves the 'estab' state as given by
ancpAnCurrentSessionState in the corresponding row
in ancpAnCurrentSessionTable.
The value of this object is persistent."
DEFVAL { false }
::= { ancpAnSessionConfigEntry 23 }
ancpAnSessionConfigNotifyUpEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object specifies if ancpAnSessionUp
notification should be generated when this session
goes to 'estab' state as given by
ancpAnCurrentSessionState in the corresponding row
in ancpAnCurrentSessionTable.
The value of this object is persistent."
DEFVAL { false }
::= { ancpAnSessionConfigEntry 24 }
--
-- Operational Information of ANCP Sessions
--
ancpAnCurrentSessionTable OBJECT-TYPE
SYNTAX SEQUENCE OF AncpAnCurrentSessionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table gives actual information of the sessions
in the access node.
A row in this table is available only for active
sessions, i.e., for each session that its corresponding
row status (ancpAnSessionConfigRowStatus) in
ancpAnSessionConfigTable is set to either 'active' (1)
or 'notInService' (2).
A row in this table is deleted when the corresponding
row in the ancpAnSessionConfigTable is deleted."
::= { ancpAnObjects 4 }
ancpAnCurrentSessionEntry OBJECT-TYPE
SYNTAX AncpAnCurrentSessionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
De Cnodder & Morgenstern Expires July 13, 2014 [Page 19]
�
Internet-Draft ANCP MIB January 2014
"An entry in the table showing the data for a
specific actual session."
INDEX { ancpAnSessionConfigSessionId }
::= { ancpAnCurrentSessionTable 1 }
AncpAnCurrentSessionEntry ::= SEQUENCE {
ancpAnCurrentSessionState INTEGER,
ancpAnCurrentSessionAncpVersion AncpVersion,
ancpAnCurrentSessionAnName AncpName,
ancpAnCurrentSessionNasName AncpName,
ancpAnCurrentSessionAnIpAddressType InetAddressType,
ancpAnCurrentSessionAnIpAddress InetAddress,
ancpAnCurrentSessionAnInstance Unsigned32,
ancpAnCurrentSessionNasInstance Unsigned32,
ancpAnCurrentSessionCapabilities AncpSessionCapabilities,
ancpAnCurrentSessionStartUptime TimeTicks,
ancpAnCurrentSessionDiscontinuityTime TimeTicks,
ancpAnCurrentSessionStatSentMessages ZeroBasedCounter32,
ancpAnCurrentSessionStatReceivedValidMessages
ZeroBasedCounter32,
ancpAnCurrentSessionStatDiscardedMessages ZeroBasedCounter32,
ancpAnCurrentSessionStatReceivedAdjSyn ZeroBasedCounter32,
ancpAnCurrentSessionStatReceivedAdjSynack ZeroBasedCounter32,
ancpAnCurrentSessionStatReceivedAdjAck ZeroBasedCounter32,
ancpAnCurrentSessionStatReceivedAdjRstack ZeroBasedCounter32,
ancpAnCurrentSessionStatTransmittedAdjSyn ZeroBasedCounter32,
ancpAnCurrentSessionStatTransmittedAdjSynack
ZeroBasedCounter32,
ancpAnCurrentSessionStatTransmittedAdjAck ZeroBasedCounter32,
ancpAnCurrentSessionStatTransmittedAdjRstack
ZeroBasedCounter32
}
ancpAnCurrentSessionState OBJECT-TYPE
SYNTAX INTEGER {
other(1),
synsent(2),
synrcvd(3),
estab(4),
syncloss(5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The state of this session as defined in the ANCP
specification.
the state other(1) is returned if the session state
cannot be reflected by any other valid object-value.
De Cnodder & Morgenstern Expires July 13, 2014 [Page 20]
�
Internet-Draft ANCP MIB January 2014
The state syncloss(5) indicates that the AN has
declared loss of synchronization as defined in section
3.5.2.7 of RFC 6320."
::= { ancpAnCurrentSessionEntry 1 }
ancpAnCurrentSessionAncpVersion OBJECT-TYPE
SYNTAX AncpVersion
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The actual version number of the ANCP protocol that
is used in this session.
This object has value 0 if ancpAnCurrentSessionState is
not estab(4)."
::= { ancpAnCurrentSessionEntry 2 }
ancpAnCurrentSessionAnName OBJECT-TYPE
SYNTAX AncpName
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The name of the access node used in this session.
It should be the same as ancpAnSessionConfigAnName if
that object is not set to zero.
If ancpAnSessionConfigAnName is set to zero, then this
object will contain the MAC address selected by the
access node as described in the description of
ancpAnSessionConfigAnName.
The value of this object is used as value for the
'Sender Name' field in the header of the ANCP messages
generated for this session by the AN."
::= { ancpAnCurrentSessionEntry 3 }
ancpAnCurrentSessionNasName OBJECT-TYPE
SYNTAX AncpName
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The name of the NAS as advertised in the adjacency
message.
The value of this object is set to the value of the
'Sender Name' field in the header of the ANCP messages
received on this session. This object has value 0 if
ancpAnCurrentSessionState is not estab(4)."
::= { ancpAnCurrentSessionEntry 4 }
ancpAnCurrentSessionAnIpAddressType OBJECT-TYPE
SYNTAX InetAddressType { ipv4(1), ipv6(2) }
De Cnodder & Morgenstern Expires July 13, 2014 [Page 21]
�
Internet-Draft ANCP MIB January 2014
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of address in ancpAnCurrentSessionAnIpAddress.
Note that although other types of addresses are defined
in the InetAddressType textual convention, this object
is limited to IPv4 and IPv6 addresses."
::= { ancpAnCurrentSessionEntry 5 }
ancpAnCurrentSessionAnIpAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address used for the access node.
The type of this IP address attribute is determined
by the value of ancpAnCurrentSessionAnIpAddressType."
::= { ancpAnCurrentSessionEntry 6 }
ancpAnCurrentSessionAnInstance OBJECT-TYPE
SYNTAX Unsigned32(0..16777215)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The instance number used by the access node during this
session. The Instance number is a 24-bit number
that should be guaranteed to be unique within
the recent past and to change when the link
or node comes back up after going down. Zero is
not a valid instance number.
This object has value 0 if ancpAnCurrentSessionState is
not estab(4)."
::= { ancpAnCurrentSessionEntry 7 }
ancpAnCurrentSessionNasInstance OBJECT-TYPE
SYNTAX Unsigned32(0..16777215)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The instance number used by the NAS during this
session. The Instance number is a 24-bit number
that should be guaranteed to be unique within
the recent past and to change when the link
or node comes back up after going down.
This object has value 0 if ancpAnCurrentSessionState is
not estab(4)."
::= { ancpAnCurrentSessionEntry 8 }
De Cnodder & Morgenstern Expires July 13, 2014 [Page 22]
�
Internet-Draft ANCP MIB January 2014
ancpAnCurrentSessionCapabilities OBJECT-TYPE
SYNTAX AncpSessionCapabilities
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The common ANCP capabilities supported by the AN and
NAS in this session.
The object has the value 0 if no capabilities are
supported
or if ancpAnCurrentSessionState is not estab(4)."
::= { ancpAnCurrentSessionEntry 9 }
ancpAnCurrentSessionStartUptime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when the session came to
established state.
This object has value 0 if ancpAnCurrentSessionState is
not estab(4)."
::= { ancpAnCurrentSessionEntry 10 }
ancpAnCurrentSessionDiscontinuityTime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime on the most recent occasion at
which session's counters suffered a discontinuity.
If no such discontinuities have occurred since then,
this object contains the same value as
ancpAnCurrentSessionStartUptime."
::= { ancpAnCurrentSessionEntry 11 }
ancpAnCurrentSessionStatSentMessages OBJECT-TYPE
SYNTAX ZeroBasedCounter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of messages that have been sent in this
session by the access node.
All ANCP messages pertaining to this session shall
be counted, also including adjacency protocol messages
and failure response messages.
Discontinuities of this counter are indicated by
ancpAnCurrentSessionDiscontinuityTime."
::= { ancpAnCurrentSessionEntry 12 }
De Cnodder & Morgenstern Expires July 13, 2014 [Page 23]
�
Internet-Draft ANCP MIB January 2014
ancpAnCurrentSessionStatReceivedValidMessages OBJECT-TYPE
SYNTAX ZeroBasedCounter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of messages that have been received and
processed in this session by the access node.
All ANCP messages pertaining to this session shall
be counted, also including adjacency protocol messages
and failure response messages.
Discontinuities of this counter are indicated by
ancpAnCurrentSessionDiscontinuityTime."
::= { ancpAnCurrentSessionEntry 13 }
ancpAnCurrentSessionStatDiscardedMessages OBJECT-TYPE
SYNTAX ZeroBasedCounter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of messages that in this session have been
received and discarded for whatever reason by the
access node.
All ANCP messages pertaining to this session shall
be counted, also including adjacency protocol messages
and failure response messages.
Discontinuities of this counter are indicated by
ancpAnCurrentSessionDiscontinuityTime."
::= { ancpAnCurrentSessionEntry 14 }
ancpAnCurrentSessionStatReceivedAdjSyn OBJECT-TYPE
SYNTAX ZeroBasedCounter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of adjacency SYN messages that in this
session have been received by the access node.
Discontinuities of this counter are indicated by
ancpAnCurrentSessionDiscontinuityTime."
::= { ancpAnCurrentSessionEntry 15 }
ancpAnCurrentSessionStatReceivedAdjSynack OBJECT-TYPE
SYNTAX ZeroBasedCounter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of adjacency SYNACK messages that in this
session have been received by the access node.
Discontinuities of this counter are indicated by
De Cnodder & Morgenstern Expires July 13, 2014 [Page 24]
�
Internet-Draft ANCP MIB January 2014
ancpAnCurrentSessionDiscontinuityTime."
::= { ancpAnCurrentSessionEntry 16 }
ancpAnCurrentSessionStatReceivedAdjAck OBJECT-TYPE
SYNTAX ZeroBasedCounter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of adjacency ACK messages that in this
session have been received by the access node.
Discontinuities of this counter are indicated by
ancpAnCurrentSessionDiscontinuityTime."
::= { ancpAnCurrentSessionEntry 17 }
ancpAnCurrentSessionStatReceivedAdjRstack OBJECT-TYPE
SYNTAX ZeroBasedCounter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of adjacency RSTACK messages that in this
session have been received by the access node.
Discontinuities of this counter are indicated by
ancpAnCurrentSessionDiscontinuityTime."
::= { ancpAnCurrentSessionEntry 18 }
ancpAnCurrentSessionStatTransmittedAdjSyn OBJECT-TYPE
SYNTAX ZeroBasedCounter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of adjacency SYN messages that in this
session have been transmitted by the access node.
Discontinuities of this counter are indicated by
ancpAnCurrentSessionDiscontinuityTime."
::= { ancpAnCurrentSessionEntry 19 }
ancpAnCurrentSessionStatTransmittedAdjSynack OBJECT-TYPE
SYNTAX ZeroBasedCounter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of adjacency SYNACK messages that in this
session have been transmitted by the access node.
Discontinuities of this counter are indicated by
ancpAnCurrentSessionDiscontinuityTime."
::= { ancpAnCurrentSessionEntry 20 }
ancpAnCurrentSessionStatTransmittedAdjAck OBJECT-TYPE
De Cnodder & Morgenstern Expires July 13, 2014 [Page 25]
�
Internet-Draft ANCP MIB January 2014
SYNTAX ZeroBasedCounter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of adjacency ACK messages that in this
session have been transmitted by the access node.
Discontinuities of this counter are indicated by
ancpAnCurrentSessionDiscontinuityTime."
::= { ancpAnCurrentSessionEntry 21 }
ancpAnCurrentSessionStatTransmittedAdjRstack OBJECT-TYPE
SYNTAX ZeroBasedCounter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of adjacency RSTACK messages that in this
session have been transmitted by the access node.
Discontinuities of this counter are indicated by
ancpAnCurrentSessionDiscontinuityTime."
::= { ancpAnCurrentSessionEntry 22 }
--
-- Partitions
--
ancpAnInterfaceConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF AncpAnInterfaceConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table configures the association of user facing
interfaces to ANCP partitions in the access node.
An entry in this table needs to be added by the agent
for each relevant user facing interface with the value
of ancpAnInterfaceConfigPartitionId set to zero at the
time of the creation of the row. A relevant user facing
interface is created whenever a row is created in the
ifTable of the IF-MIB that can be controlled by ANCP.
When such an interface is deleted from the ifTable, the
corresponding row in this table has to be removed by
the agent.
Rows should only be created by the agent when
ancpAnPartitionsUsed is set to 'true'. If no
partitions are used, then no rows should be created in
this table."
::= { ancpAnObjects 5 }
ancpAnInterfaceConfigEntry OBJECT-TYPE
De Cnodder & Morgenstern Expires July 13, 2014 [Page 26]
�
Internet-Draft ANCP MIB January 2014
SYNTAX AncpAnInterfaceConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the table showing the partition id for a
specific user facing interface"
INDEX { ifIndex }
::= { ancpAnInterfaceConfigTable 1 }
AncpAnInterfaceConfigEntry ::= SEQUENCE {
ancpAnInterfaceConfigPartitionId AncpPartitionId
}
ancpAnInterfaceConfigPartitionId OBJECT-TYPE
SYNTAX AncpPartitionId
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"A partition Id associated with the related ifIndex.
Upon creation of the row, the value is set to '00'H.
The value of this object is persistent."
DEFVAL { '00'H }
::= { ancpAnInterfaceConfigEntry 1 }
--
-- Notifications
--
ancpAnSessionDown NOTIFICATION-TYPE
OBJECTS {
ancpAnCurrentSessionAnIpAddressType,
ancpAnCurrentSessionAnIpAddress,
ancpAnSessionConfigNasIpAddressType,
ancpAnSessionConfigNasIpAddress,
ancpAnCurrentSessionAnInstance,
ancpAnCurrentSessionNasInstance,
ancpAnCurrentSessionStartUptime,
ancpAnCurrentSessionDiscontinuityTime,
ancpAnCurrentSessionStatSentMessages,
ancpAnCurrentSessionStatReceivedValidMessages,
ancpAnCurrentSessionStatDiscardedMessages,
ancpAnCurrentSessionStatReceivedAdjSyn,
ancpAnCurrentSessionStatReceivedAdjSynack,
ancpAnCurrentSessionStatReceivedAdjAck,
ancpAnCurrentSessionStatReceivedAdjRstack,
ancpAnCurrentSessionStatTransmittedAdjSyn,
ancpAnCurrentSessionStatTransmittedAdjSynack,
ancpAnCurrentSessionStatTransmittedAdjAck,
De Cnodder & Morgenstern Expires July 13, 2014 [Page 27]
�
Internet-Draft ANCP MIB January 2014
ancpAnCurrentSessionStatTransmittedAdjRstack
}
STATUS current
DESCRIPTION
"This notification is generated whenever an ANCP session
goes down. A session can go down for several reasons:
1) The ANCP session can be deleted by a manager from the
ancpAnSessionConfigTable, and hence it will also be
removed from the ancpAnCurrentSessionTable.
2) The session can go operational down due to some
malfunction in the network, the AN, or the NAS. In
this case, the ANCP session will be still in the
ancpAnSessionConfigTable and
ancpAnCurrentSessionTable, but the
ancpAnCurrentSessionState moves from the 'estab'
state to another state.
This notification is only generated when
ancpAnSessionConfigNotifyDnEnable of this session is
set to true."
::= { ancpAnNotifications 1 }
ancpAnSessionUp NOTIFICATION-TYPE
OBJECTS {
ancpAnCurrentSessionAnInstance
}
STATUS current
DESCRIPTION
"This notification is generated when an ANCP session
enters the 'estab' state as given by
ancpAnCurrentSessionState.
Since ancpAnCurrentSessionAnInstance identifies the ANCP
session uniquely the other attributes can be derived
from this attribute.
This notification is only generated when
ancpAnSessionConfigNotifyUpEnable of this session is set
to true."
::= { ancpAnNotifications 2 }
--
-- ANCP AN Compliance
--
ancpAnGroups OBJECT IDENTIFIER ::= { ancpAnConformance 1 }
ancpAnCompliances OBJECT IDENTIFIER ::= { ancpAnConformance 2 }
ancpAnModuleCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
De Cnodder & Morgenstern Expires July 13, 2014 [Page 28]
�
Internet-Draft ANCP MIB January 2014
"The compliance statement for agents that support
the ANCP MIB module for access nodes."
MODULE -- this module
MANDATORY-GROUPS {
ancpAnConfigGroup,
ancpAnCurrentGroup,
ancpAnInterfaceGroup,
ancpAnNotificationsGroup
}
::= { ancpAnCompliances 1 }
-- units of conformance
ancpAnConfigGroup OBJECT-GROUP
OBJECTS {
ancpAnNextSessionId,
ancpAnSessionConfigRowStatus,
ancpAnSessionConfigAncpVersion,
ancpAnSessionConfigEncapsulationType,
ancpAnSessionConfigCapabilities,
ancpAnSessionConfigAliveTimer,
ancpAnSessionConfigPortReportShaper,
ancpAnSessionConfigAggregateReportShaper,
ancpAnSessionConfigTransportRetryTimer,
ancpAnSessionConfigAncpRetryTimer,
ancpAnSessionConfigAnName,
ancpAnSessionConfigPartitionId,
ancpAnSessionConfigWindowSize,
ancpAnSessionConfigNasIpAddressType,
ancpAnSessionConfigNasIpAddress,
ancpAnSessionConfigEncapPortNumber,
ancpAnSessionConfigNotifyDnEnable,
ancpAnSessionConfigNotifyUpEnable
}
STATUS current
DESCRIPTION
"These objects apply to the configuration of ANCP
sessions in access nodes."
::= { ancpAnGroups 1 }
ancpAnRelatedInterfaceGroup OBJECT-GROUP
OBJECTS {
ancpAnSessionConfigRelatedInterface
}
STATUS current
DESCRIPTION
"This object contains the ifIndex of an interface defined
in IF-MIB. If an ANCP session must be associated with an
De Cnodder & Morgenstern Expires July 13, 2014 [Page 29]
�
Internet-Draft ANCP MIB January 2014
IP interface, then this group must be supported. This
group also must be supported together with the
ancpAnRelatedEntityGroup in case the ANCP session is to
be associated with an ATM PVC."
::= { ancpAnGroups 2 }
ancpAnRelatedEntityGroup OBJECT-GROUP
OBJECTS {
ancpAnSessionConfigRelatedEntity
}
STATUS current
DESCRIPTION
"This object contains the name of an object instance
uniquely identifying a lower layer entity. If an ANCP
session must be associated with an ATM PVC, then this
group together with ancpAnRelatedInterfaceGroup must be
supported."
::= { ancpAnGroups 3 }
ancpAnRelatedVlanGroup OBJECT-GROUP
OBJECTS {
ancpAnSessionConfigSvid,
ancpAnSessionConfigSPrio,
ancpAnSessionConfigCvid,
ancpAnSessionConfigCPrio
}
STATUS current
DESCRIPTION
"These objects contains all VLAN related configuration
when the ANCP session is associated with a particular
VLAN. If an ANCP session must be associated with a
VLAN (or VLAN stack), then this group must be
supported."
::= { ancpAnGroups 4 }
ancpAnCurrentGroup OBJECT-GROUP
OBJECTS {
ancpAnCurrentSessionState,
ancpAnCurrentSessionAncpVersion,
ancpAnCurrentSessionAnName,
ancpAnCurrentSessionNasName,
ancpAnCurrentSessionAnIpAddressType,
ancpAnCurrentSessionAnIpAddress,
ancpAnCurrentSessionAnInstance,
ancpAnCurrentSessionNasInstance,
ancpAnCurrentSessionCapabilities,
ancpAnCurrentSessionStartUptime,
ancpAnCurrentSessionDiscontinuityTime,
De Cnodder & Morgenstern Expires July 13, 2014 [Page 30]
�
Internet-Draft ANCP MIB January 2014
ancpAnCurrentSessionStatSentMessages,
ancpAnCurrentSessionStatReceivedValidMessages,
ancpAnCurrentSessionStatDiscardedMessages,
ancpAnCurrentSessionStatReceivedAdjSyn,
ancpAnCurrentSessionStatReceivedAdjSynack,
ancpAnCurrentSessionStatReceivedAdjAck,
ancpAnCurrentSessionStatReceivedAdjRstack,
ancpAnCurrentSessionStatTransmittedAdjSyn,
ancpAnCurrentSessionStatTransmittedAdjSynack,
ancpAnCurrentSessionStatTransmittedAdjAck,
ancpAnCurrentSessionStatTransmittedAdjRstack
}
STATUS current
DESCRIPTION
"These objects show the operational state of all ANCP
sessions configured in the access node."
::= { ancpAnGroups 5 }
ancpAnInterfaceGroup OBJECT-GROUP
OBJECTS {
ancpAnPartitionsUsed,
ancpAnInterfaceConfigPartitionId
}
STATUS current
DESCRIPTION
"These objects are used to assign user facing interface
to partitions."
::= { ancpAnGroups 6 }
ancpAnNotificationsGroup NOTIFICATION-GROUP
NOTIFICATIONS {
ancpAnSessionDown,
ancpAnSessionUp
}
STATUS current
DESCRIPTION
"These objects are used to enable or disable the
generation of notifications by the access node about
changes in the state of ANCP sessions."
::= { ancpAnGroups 7 }
END
8. Security Considerations
There are a number of management objects defined in this MIB module
with a MAX-ACCESS clause of read-write and/or read-create. Such
objects may be considered sensitive or vulnerable in some network
De Cnodder & Morgenstern Expires July 13, 2014 [Page 31]
�
Internet-Draft ANCP MIB January 2014
environments. The support for SET operations in a non-secure
environment without proper protection can have a negative effect on
network operations. These are the tables and objects and their
sensitivity/vulnerability:
o ancpAnPartitionsUsed
This scalar object supports SET operations. Unauthorized changes
to this object could result in a wrong interpretation of
ancpAnSessionConfigPartitionId attribute of all sessions, as if
all sessions use partition id zero, or to actually disabling the
use of partitions in the system.
o ancpAnSessionConfigTable
The table consists of the following objects that support SET
operations:
* ancpAnSessionConfigRowStatus
* ancpAnSessionConfigAncpVersion
* ancpAnSessionConfigEncapsulationType
* ancpAnSessionConfigCapabilities
* ancpAnSessionConfigAliveTimer
* ancpAnSessionConfigPortReportShaper
* ancpAnSessionConfigAggregateReportShaper
* ancpAnSessionConfigTransportRetryTimer
* ancpAnSessionConfigAncpRetryTimer
* ancpAnSessionConfigAnName
* ancpAnSessionConfigPartitionId
* ancpAnSessionConfigWindowSize
* ancpAnSessionConfigRelatedInterface
De Cnodder & Morgenstern Expires July 13, 2014 [Page 32]
�
Internet-Draft ANCP MIB January 2014
* ancpAnSessionConfigRelatedEntity
* ancpAnSessionConfigSvid
* ancpAnSessionConfigSPrio
* ancpAnSessionConfigCvid
* ancpAnSessionConfigCPrio
* ancpAnSessionConfigNasIpAddressType
* ancpAnSessionConfigNasIpAddress
* ancpAnSessionConfigEncapPortNumber
* ancpAnSessionConfigNotifyDnEnable
* ancpAnSessionConfigNotifyUpEnable
Unauthorized changes to ancpAnSessionConfigRowStatus could result
in session being created or brought into service prematurely; or
could result in session being inadvertently deleted or taken out
of service.
Unauthorized changes to ancpAnSessionConfigAncpVersion could have
an adverse operational effect by limiting the ANCP version to be
used in the context of this session or enabling an ANCP version
number that is actually unsupported by the access node.
Unauthorized changes to ancpAnSessionConfigEncapsulationType could
have an adverse operational effect by configuring the session to
use an undesired or even unsupported protocol.
Unauthorized changes to ancpAnSessionConfigCapabilities could have
an adverse operational effect by disabling certain ANCP
capabilities that the operator assumed that are enabled, or enable
a capability that the operator would not like to activate.
Unauthorized changes to ancpAnSessionConfigAliveTimer could have
an adverse operational effect by increasing the frequency of
adjacency protocol messages generated by the access node and
leading to an overload of such messages. Decreasing the frequency
of such messages may harm the synchronization between the access
node and the NAS.
Unauthorized changes to ancpAnSessionConfigPortReportShaper or
ancpAnSessionConfigAggregateReportShaper could have an adverse
De Cnodder & Morgenstern Expires July 13, 2014 [Page 33]
�
Internet-Draft ANCP MIB January 2014
operational effect by increasing the frequency of Event Report
messages generated by the access node and leading to an overload
of such messages. Decreasing the frequency of such messages may
delay the responsiveness of the system to events associated with
one or more ports.
Unauthorized changes to ancpAnSessionConfigTransportRetryTimer
could have an adverse operational effect by increasing the
frequency of transport connection setup attempts initiated by the
access node or even unexpectedly enabling the access node to
initiate the transport connection setup when that supposed to be
disabled. Alternatively, when the operator basically planned
transport connection setup attempts by the access node
unauthorized changes to the attribute may cause unexpected low
frequency of such attempts or unexpectedly disable those attempts.
Unauthorized changes to ancpAnSessionConfigAncpRetryTimer could
have an adverse operational effect by increasing the frequency of
ANCP connection setup attempts initiated by the access node or
even unexpectedly enabling the access node to initiate the ANCP
connection setup when that supposed to be disabled.
Alternatively, when the operator basically planned ANCP connection
setup attempts by the access node unauthorized changes to the
attribute may cause unexpected low frequency of such attempts or
unexpectedly disable those attempts.
Unauthorized changes to ancpAnSessionConfigAnName could confuse
the NAS, e.g., by detecting the same name from multiple access
nodes. This may also override the operator's will to allow/avoid
the access node to autonomously determine its name.
Unauthorized changes to ancpAnSessionConfigPartitionId could mean
that partitions are used when actually they are not, or vice
versa. It could also at least specify a different partition ID
than the one actually associated with the session.
Unauthorized changes to ancpAnSessionConfigWindowSize are not
directly harmful. However, if the controller adopts the suggested
wrong window size it may either cause the controller to send too
many messages in a window or unnecessarily limit itself and that
could reduce the system performance.
Unauthorized changes to ancpAnSessionConfigRelatedInterface and/or
ancpAnSessionConfigRelatedEntity and/or ancpAnSessionConfigSvid
and/or ancpAnSessionConfigCvid can result in the ANCP packets to
be sent out on the wrong interface. This means that the ANCP
packets to establish a session can be received by someone who is
not the intended receiver.
De Cnodder & Morgenstern Expires July 13, 2014 [Page 34]
�
Internet-Draft ANCP MIB January 2014
Unauthorized changes to ancpAnSessionConfigSPrio and/or
ancpAnSessionConfigCPrio may give the ANCP packets a lower or a
higher priority in the network compared to other packets.
Lowering the priority might result in a reduced timely behavior of
the ANCP session, and increasing the priority may result in
impacting other traffic in the network than ANCP.
Unauthorized changes to ancpAnSessionConfigNasIpAddressType and/or
ancpAnSessionConfigNasIpAddress and/or
ancpAnSessionConfigEncapPortNumber could produce a wrong address
type (interpretation) and/or IP address for the NAS and/or specify
a wrong transport protocol port number for the session,
respectively.
Unauthorized changes to ancpAnSessionConfigNotifyDnEnable could
lead (if the change was setting the attribute to 'enable') to
overload of notification messages at the SNMP manager in case
multiple sessions leave the 'estab' state simultaneously. If the
change was setting the attribute to 'disable' it could lead to
hiding the actual session state from the SNMP manager.
Unauthorized changes to ancpAnSessionConfigNotifyUpEnable could
lead (if the change was setting the attribute to 'enable') to
overload of notification messages at the SNMP manager in case
multiple sessions enter the 'estab' state simultaneously. If the
change was setting the attribute to 'disable' it could lead to
hiding the actual session state from the SNMP manager.
o ancpAnInterfaceConfigTable
The table consists of the following objects that support SET
operations:
* ancpAnInterfaceConfigPartitionId
Unauthorized changes to ancpAnInterfaceConfigPartitionId could
result in a wrong association between the interface and a
partition. It could result in not being able to manage the
interface from the correct session and/or to exposing the
interface to a wrong NAS.
De Cnodder & Morgenstern Expires July 13, 2014 [Page 35]
�
Internet-Draft ANCP MIB January 2014
Some of the readable objects in this MIB module (i.e., objects with a
MAX-ACCESS other than not-accessible) may be considered sensitive or
vulnerable in some network environments. It is thus important to
control even GET and/or NOTIFY access to these objects and possibly
to even encrypt the values of these objects when sending them over
the network via SNMP. This is the table and these are the objects
and their sensitivity/vulnerability:
o ancpAnCurrentSessionTable
Access to these objects would allow an intruder to obtain
information about which vendor's equipment is in use on the
network. Further, such information is considered sensitive in
many environments for competitive reasons.
* ancpAnCurrentSessionState
* ancpAnCurrentSessionAncpVersion
* ancpAnCurrentSessionAnName
* ancpAnCurrentSessionNasName
* ancpAnCurrentSessionAnIpAddressType
* ancpAnCurrentSessionAnIpAddress
* ancpAnCurrentSessionAnInstance
* ancpAnCurrentSessionNasInstance
* ancpAnCurrentSessionCapabilities
* ancpAnCurrentSessionStartUptime
* ancpAnCurrentSessionDiscontinuityTime
* ancpAnCurrentSessionStatSentMessages
* ancpAnCurrentSessionStatReceivedValidMessages
* ancpAnCurrentSessionStatDiscardedMessages
* ancpAnCurrentSessionStatReceivedAdjSyn
De Cnodder & Morgenstern Expires July 13, 2014 [Page 36]
�
Internet-Draft ANCP MIB January 2014
* ancpAnCurrentSessionStatReceivedAdjSynack
* ancpAnCurrentSessionStatReceivedAdjAck
* ancpAnCurrentSessionStatReceivedAdjRstack
* ancpAnCurrentSessionStatTransmittedAdjSyn
* ancpAnCurrentSessionStatTransmittedAdjSynack
* ancpAnCurrentSessionStatTransmittedAdjAck
* ancpAnCurrentSessionStatTransmittedAdjRstack
SNMP versions prior to SNMPv3 did not include adequate security.
Even if the network itself is secure (for example by using IPSec),
even then, there is no control as to who on the secure network is
allowed to access and GET/SET (read/change/create/delete) the objects
in this MIB module.
It is RECOMMENDED that implementers consider the security features as
provided by the SNMPv3 framework (see [RFC3410], Section 8),
including full support for the SNMPv3 cryptographic mechanisms (for
authentication and privacy).
Further, deployment of SNMP versions prior to SNMPv3 is NOT
RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
enable cryptographic security. It is then a customer/operator
responsibility to ensure that the SNMP entity giving access to an
instance of this MIB module is properly configured to give access to
the objects only to those principals (users) that have legitimate
rights to indeed GET or SET (change/create/delete) them.
9. IANA considerations
IANA is requested to assign two OID's xxx under mib-2 for ANCP-TC-MIB
and ANCP-AN-MIB.
10. Acknowledgements
The authors would like to thank Paul Reynders, Bert Wijnen and Tom
Taylor for their feedback.
11. References
De Cnodder & Morgenstern Expires July 13, 2014 [Page 37]
�
Internet-Draft ANCP MIB January 2014
11.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J.
Schoenwaelder, Ed., "Structure of Management Information
Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.
[RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J.
Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD
58, RFC 2579, April 1999.
[RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder,
"Conformance Statements for SMIv2", STD 58, RFC 2580,
April 1999.
[RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group
MIB", RFC 2863, June 2000.
[RFC4001] Daniele, M., Haberman, B., Routhier, S., and J.
Schoenwaelder, "Textual Conventions for Internet Network
Addresses", RFC 4001, February 2005.
[RFC4363] Levi, D. and D. Harrington, "Definitions of Managed
Objects for Bridges with Traffic Classes, Multicast
Filtering, and Virtual LAN Extensions", RFC 4363, January
2006.
[RFC4502] Waldbusser, S., "Remote Network Monitoring Management
Information Base Version 2", RFC 4502, May 2006.
[RFC6320] Wadhwa, S., Moisand, J., Haag, T., Voigt, N., and T.
Taylor, "Protocol for Access Node Control Mechanism in
Broadband Networks", RFC 6320, October 2011.
11.2. Informative References
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart,
"Introduction and Applicability Statements for Internet-
Standard Management Framework", RFC 3410, December 2002.
[RFC5851] Ooghe, S., Voigt, N., Platnic, M., Haag, T., and S.
Wadhwa, "Framework and Requirements for an Access Node
Control Mechanism in Broadband Multi-Service Networks",
RFC 5851, May 2010.
De Cnodder & Morgenstern Expires July 13, 2014 [Page 38]
�
Internet-Draft ANCP MIB January 2014
Authors' Addresses
Stefaan De Cnodder
Alcatel-Lucent
Copernicuslaan 50
B-2018 Antwerp
Belgium
Phone: +32 3 240 85 15
Email: stefaan.de_cnodder@alcatel-lucent.com
Moti Morgenstern
ECI Telecom Ltd.
30 Hasivim St.
Petach Tikva 4959388
Israel
Phone: +972 3 926 6258
Fax: +972 3 928 7322
Email: moti.Morgenstern@ecitele.com
De Cnodder & Morgenstern Expires July 13, 2014 [Page 39]
