Internet DRAFT - draft-shishio-softwire-rfc4087update
draft-shishio-softwire-rfc4087update
Internet Engineering Task Force S. Tsuchiya, Ed.
Internet-Draft J. Qin
Intended status: Standards Track Cisco Systems
Expires: January 11, 2013 July 10, 2012
IP TUNNEL MIB Extention for softwire
draft-shishio-softwire-rfc4087update-00
Abstract
This memo defines a Management Information Base (MIB) module for use
with network management protocols in the Internet community. In
particular,it describes managed objects used for managing tunnels of
any type over IPv4 and IPv6 networks.
IP TUNNEL MIB[RFC4087] provides provisioning capability for IPv4 and
IPv6 tunnel by SNMP. But it is not eqnough to support modern tunnel
protocol such as 6rd[RFC5969] and MAP[draft-ietf-softwire-map]. The
document describes extention of IP TUNNEL MIB[RFC4087] to support
6rd[RFC5969] and MAP[draft-ietf-softwire-map].
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 11, 2013.
Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
Tsuchiya & Qin Expires January 11, 2013 [Page 1]
Internet-Draft IP TUNNEL MIB Extention July 2012
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. The Internet-Standard Management Framework . . . . . . . . . . 3
3. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3
4. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
5. Structure of the MIB Module . . . . . . . . . . . . . . . . . 4
5.1. Relationship to the SNMPv2-MIB . . . . . . . . . . . . . . 4
5.2. Relationship to the IF-MIB . . . . . . . . . . . . . . . . 4
5.3. Relationship to the IP TUNNEL MIB . . . . . . . . . . . . 4
5.4. MIB modules required for IMPORTS . . . . . . . . . . . . . 5
6. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 5
7. Security Considerations . . . . . . . . . . . . . . . . . . . 9
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10
9. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 10
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 10
11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 10
11.1. Normative References . . . . . . . . . . . . . . . . . . . 10
11.2. Informative References . . . . . . . . . . . . . . . . . . 11
Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 11
Appendix B. Open Issues . . . . . . . . . . . . . . . . . . . . . 11
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 12
Tsuchiya & Qin Expires January 11, 2013 [Page 2]
Internet-Draft IP TUNNEL MIB Extention July 2012
1. Introduction
IP TUNNEL MIB[RFC4087] are used for managing tunnels of any type over
IPv4 and IPv6 networks, including Generic Routing Encapslation
(GRE)[RFC1701,RFC1702],IP-in-IP[RFC2003], Minimal Encapsulation
[RFC2004], Layer 2 Tunneling Protocol (L2TP) [RFC2661], Point-to-
Point Tunneling Protocol (PPTP) [RFC2637], Layer 2 Forwarding (L2F)
[RFC2341], UDP (e.g., [RFC1234]), Ascend Tunnel Management Protocol
(ATMP) [RFC2107], and IPv6-in-IPv4 [RFC2893] tunnels, among others.
Over the past several years, there has been a number of "tunneling"
protocols specified by the IETF (see [RFC1241] for an early
discussion of the model and examples). This document describes a
Management Information Base (MIB) module used for managing tunnels of
any type over IPv4 and IPv6 networks, including Generic Routing
Encapsulation (GRE) [RFC1701,RFC1702], IP-in-IP [RFC2003], Minimal
Encapsulation [RFC2004], Layer 2 Tunneling Protocol (L2TP) [RFC2661],
Point-to-Point Tunneling Protocol (PPTP) [RFC2637], Layer 2
Forwarding (L2F) [RFC2341], UDP (e.g., [RFC1234]), Ascend Tunnel
Management Protocol (ATMP) [RFC2107], and IPv6-in-IPv4 [RFC2893]
tunnels, among others.
This documents describes how to support IPv6 Rapid Deployment (6rd)
[RFC5969] and Mapping of Address and Port
(MAP)[draft-ietf-softwire-map] in IP TUNNEL MIB.
2. The Internet-Standard Management Framework
For a detailed overview of the documents that describe the current
Internet-Standard Management Framework, please refer to section 7 of
RFC 3410 [RFC3410].
Managed objects are accessed via a virtual information store, termed
the Management Information Base or MIB. MIB objects are generally
accessed through the Simple Network Management Protocol (SNMP).
Objects in the MIB are defined using the mechanisms defined in the
Structure of Management Information (SMI). This memo specifies a MIB
module that is compliant to the SMIv2, which is described in STD 58,
RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580
[RFC2580].
3. Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
Tsuchiya & Qin Expires January 11, 2013 [Page 3]
Internet-Draft IP TUNNEL MIB Extention July 2012
4. Overview
IP TUNNEL MIB [RFC4087] are using provisioning for tunnel protocol,
but could not support 6rd [RFC5969] and MAP [draft-ietf-softwire-map]
due to lack of parameters. But MAP [draft-ietf-softwire-map] has
compativility with DS-Lite [RFC6333] and stateless NAT64 [RFC6145].
Therefore if TUNNEL MIB once supports 6rd [RFC5969] and
MAP[draft-ietf-softwire-map],it could manage many type of modern
tunnels such as 6rd [RFC5969], MAP-T/MAP-E, DS-Lite [RFC6333], and
XLAT464 CLAT [draft-ietf-v6ops-464xlat].
5. Structure of the MIB Module
The MIB module specified herein provides one way to manage the 6rd
and MAP devices thorough SNMP.
5.1. Relationship to the SNMPv2-MIB
The 'system' group in the SNMPv2-MIB [RFC3418] is defined as being
mandatory for all systems, and the objects apply to the entity as a
whole. The 'system' group provides identification of the management
entity and certain other system-wide data. The SAMPLE-MIB does not
duplicate those objects.
5.2. Relationship to the IF-MIB
The Interface MIB [RFC2863] requires that any MIB module which is an
adjunct of the Interface MIB clarify specific areas within the
Interface MIB. These areas were intentionally left vague in the
Interface MIB to avoid over constraining the MIB, thereby precluding
management of certain media-types.
Section 4 of [RFC2863] enumerates several areas which a media-
specific MIB must clarify. The implementor is referred to [RFC2863]
in order to understand the general intent of these areas.
5.3. Relationship to the IP TUNNEL MIB
The IP Tunnel MIB [RFC4087] contains objects common to all IP
tunnels, including 6rd/MAP Additionally, tunnel encapsulation
specific MIB (like what is defined in this document) extend the IP
tunnel MIB to further describe encapsulation specific information.
for example:
6rd case
Tsuchiya & Qin Expires January 11, 2013 [Page 4]
Internet-Draft IP TUNNEL MIB Extention July 2012
6rd prefix, 6rd Prefix Length, IPv4Mask Length
MAP case
rule IPv6 prefix, rule IPv6 prefix Length, rule IPv4 prefix , rule
IPv4 prefix length, EA-bit length, PSID
tunnel method, BR address, source addresss could use tunnelIfEntry.
TunnelIfEntry ::= SEQUENCE {
tunnelIfLocalAddress IpAddress, -- deprecated
tunnelIfRemoteAddress IpAddress, -- deprecated
tunnelIfEncapsMethod IANAtunnelType,
tunnelIfHopLimit Integer32,
tunnelIfSecurity INTEGER,
tunnelIfTOS Integer32,
tunnelIfFlowLabel IPv6FlowLabelOrAny,
tunnelIfAddressType InetAddressType,
tunnelIfLocalInetAddress InetAddress,
tunnelIfRemoteInetAddress InetAddress,
tunnelIfEncapsLimit Integer32
}
tunnelIfEncapsMethod must be sixRd(xx), MAPT(xx) and MAPE(xx).
tunnelIfRemoteInetAddress must be BR address for CE. When 6rd, it
would be IPv4 address. When MAP-T and MAP-E, it would be IPv6
address. 0.0.0.0 :: would be used for BR. TunnelIfXEntry would use
for another prametors .
5.4. MIB modules required for IMPORTS
The following MIB module IMPORTS objects from SNMPv2-SMI [RFC2578],
SNMPv2-TC [RFC2579], SNMPv2-CONF [RFC2580], and IF-MIB [RFC2863]
6. Definitions
tunnelIfXTable OBJECT-TYPE
SYNTAX SEQUENCE OF TunnelIfXEntry
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This table contains additional objects for the tunnel
interface table."
::= { tunnel xx }
Tsuchiya & Qin Expires January 11, 2013 [Page 5]
Internet-Draft IP TUNNEL MIB Extention July 2012
tunnelIfXEntry OBJECT-TYPE
SYNTAX TunnelIfXEntry
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"An entry containing additional information applicable to a
particular tunnel interface."
INDEX { ifIndex }
::= { tunnelIfXTable 1 }
TunnelIfXEntry ::= SEQUENCE {
SamPrex InetAddress,
SamLength Integer32
BasePrex InetAddress,
BaseLength Integer32
EAbit Integer32
PSID Integer32
}
}
SamPrefix OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Stateless Adress Mapping Prex IPv4 for MAP,IPv6 for 6rd"
:= { TunnelIfXEntry 1 }
SamLength OBJECT-TYPE
SYNTAX Integer32(0..127)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Stateless Adress Mapping length IPv4(0-31) for MAP,IPv6(0-127) for 6rd"
:= { TunnelIfXEntry 2 }
BasePrefix OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"rule IPv6 prefix for MAP, IPv4 address for 6rd"
:= { TunnelIfXEntry 3 }
BaseLength OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-write
STATUS current
Tsuchiya & Qin Expires January 11, 2013 [Page 6]
Internet-Draft IP TUNNEL MIB Extention July 2012
DESCRIPTION
"rule IPv6 prefix for MAP, IPv4 address for 6rd"
:= { TunnelIfXEntry 4 }
EAbit OBJECT-TYPE
SYNTAX Integer32(0..127)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"rule IPv6 prefix length for MAP, IPv4MaskLength for 6rd"
:= { TunnelIfXEntry 5 }
PSID OBJECT-TYPE
SYNTAX Integer32(0..127)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"EA bit for MAP,0 must be for 6rd"
:= { TunnelIfXEntry 6 }
END
tunnelIfXTable OBJECT-TYPE
SYNTAX SEQUENCE OF TunnelIfXEntry
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This table contains additional objects for the tunnel
interface table."
::= { tunnel xx }
tunnelIfXEntry OBJECT-TYPE
SYNTAX TunnelIfXEntry
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"An entry containing additional information applicable to a
particular tunnel interface."
INDEX { ifIndex }
::= { tunnelIfXTable 1 }
TunnelIfXEntry ::= SEQUENCE {
SamPrex InetAddress,
SamLength Integer32
BasePrex InetAddress,
Tsuchiya & Qin Expires January 11, 2013 [Page 7]
Internet-Draft IP TUNNEL MIB Extention July 2012
BaseLength Integer32
EAbit Integer32
PSID Integer32
}
}
SamPrefix OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Stateless Adress Mapping Prex IPv4 for MAP,IPv6 for 6rd"
:= { TunnelIfXEntry 1 }
SamLength OBJECT-TYPE
SYNTAX Integer32(0..127)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Stateless Adress Mapping length IPv4(0-31) for MAP,IPv6(0-127) for 6rd"
:= { TunnelIfXEntry 2 }
BasePrefix OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"rule IPv6 prefix for MAP, IPv4 address for 6rd"
:= { TunnelIfXEntry 3 }
BaseLength OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"rule IPv6 prefix for MAP, IPv4 address for 6rd"
:= { TunnelIfXEntry 4 }
EAbit OBJECT-TYPE
SYNTAX Integer32(0..127)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"rule IPv6 prefix length for MAP, IPv4MaskLength for 6rd"
:= { TunnelIfXEntry 5 }
PSID OBJECT-TYPE
SYNTAX Integer32(0..127)
Tsuchiya & Qin Expires January 11, 2013 [Page 8]
Internet-Draft IP TUNNEL MIB Extention July 2012
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"EA bit for MAP,0 must be for 6rd"
:= { TunnelIfXEntry 6 }
END
7. Security Considerations
There are a number of management objects defined in this MIB module
with a MAX-ACCESS clause of read-write and/or read-create. Such
objects may be considered sensitive or vulnerable in some network
environments. The support for SET operations in a non-secure
environment without proper protection can have a negative effect on
network operations. These are the tables and objects and their
sensitivity/vulnerability:
There are no management objects defined in this MIB module that have
a MAX-ACCESS clause of read-write and/or read-create. So, if this
MIB module is implemented correctly, then there is no risk that an
intruder can alter or create any management objects of this MIB
module via direct SNMP SET operations.
Some of the readable objects in this MIB module (i.e., objects with a
MAX-ACCESS other than not-accessible) may be considered sensitive or
vulnerable in some network environments. It is thus important to
control even GET and/or NOTIFY access to these objects and possibly
to even encrypt the values of these objects when sending them over
the network via SNMP. These are the tables and objects and their
sensitivity/vulnerability:
o SNMP versions prior to SNMPv3 did not include adequate security.
Even if the network itself is secure (for example by using IPSec),
even then, there is no control as to who on the secure network is
allowed to access and GET/SET (read/change/create/delete) the
objects in this MIB module.
It is RECOMMENDED that implementers consider the security features as
provided by the SNMPv3 framework (see [RFC3410], section 8),
including full support for the SNMPv3 cryptographic mechanisms (for
authentication and privacy).
Further, deployment of SNMP versions prior to SNMPv3 is NOT
RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
enable cryptographic security. It is then a customer/operator
Tsuchiya & Qin Expires January 11, 2013 [Page 9]
Internet-Draft IP TUNNEL MIB Extention July 2012
responsibility to ensure that the SNMP entity giving access to an
instance of this MIB module is properly configured to give access to
the objects only to those principals (users) that have legitimate
rights to indeed GET or SET (change/create/delete) them.
8. IANA Considerations
The MIB module in this document uses the following IANA-assigned
OBJECT IDENTIFIER values recorded in the SMI Numbers registry:
Descriptor OBJECT IDENTIFIER value
---------- -----------------------
TunnelIXEntry { tunnel XXX }
IANAtunnelType ::= TEXTUAL-CONVENTION
SYNTAX INTEGER {
sixRd ("XX") -- 6rd encapsulation
MAPT ("XX") -- MAP-T encapsulation
MAPE ("XX") -- MAP-T encapsulation
}
9. Contributors
This template is based on contributions from the MIb Doctors,
especially Juergen Schoenwaelder, Dave Perkins, C.M.Heard and Randy
Presuhn.
10. Acknowledgements
Thanks to Marshall Rose for developing the XML2RFC format.
11. References
11.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J.
Schoenwaelder, Ed., "Structure of Management Information
Tsuchiya & Qin Expires January 11, 2013 [Page 10]
Internet-Draft IP TUNNEL MIB Extention July 2012
Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.
[RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J.
Schoenwaelder, Ed., "Textual Conventions for SMIv2",
STD 58, RFC 2579, April 1999.
[RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder,
"Conformance Statements for SMIv2", STD 58, RFC 2580,
April 1999.
[RFC2629] Rose, M., "Writing I-Ds and RFCs using XML", RFC 2629,
June 1999.
[RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group
MIB", RFC 2863, June 2000.
[RFC3418] Presuhn, R., "Management Information Base (MIB) for the
Simple Network Management Protocol (SNMP)", STD 62,
RFC 3418, December 2002.
[RFC4181] Heard, C., "Guidelines for Authors and Reviewers of MIB
Documents", BCP 111, RFC 4181, September 2005.
11.2. Informative References
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart,
"Introduction and Applicability Statements for Internet-
Standard Management Framework", RFC 3410, December 2002.
Appendix A. Change Log
The following changes have been made from draft-xxx-xxx-xxx-12 .
[TODO] replace this list with your own list
1. Updated the introductry boilerplate text, the security
considerations section and the references to comply with the
current IETF standards and guidelines.
2. Additions and clarifications in various description clauses.
Appendix B. Open Issues
[TODO] This list of open issues should be cleared and removed before
this document hits the IESG.
Tsuchiya & Qin Expires January 11, 2013 [Page 11]
Internet-Draft IP TUNNEL MIB Extention July 2012
1. Contributor addresses need to be updated
Authors' Addresses
Shishio Tsuchiya (editor)
Cisco Systems
Midtown Tower, 9-7-1,Akasaka
Minato-Ku, Tokyo 107-6227
Japan
Phone: +81 3 6434 6543
Email: shtsuchi@cisco.com
Jacni Qin
Cisco Systems
Shanghai
China
Phone:
Email: jacni@jacni.com
Tsuchiya & Qin Expires January 11, 2013 [Page 12]