One document matched: draft-ietf-ipfix-rfc5815bis-03.xml
<?xml version="1.0" encoding="US-ASCII"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
<!ENTITY rfc2119 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml">
<!ENTITY rfc2578 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2578.xml">
<!ENTITY rfc2579 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2579.xml">
<!ENTITY rfc2580 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2580.xml">
<!ENTITY rfc4001 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4001.xml">
<!ENTITY rfc3873 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3873.xml">
<!ENTITY rfc2863 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2863.xml">
<!ENTITY rfc4133 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4133.xml">
<!ENTITY rfc5101 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5101.xml">
<!ENTITY rfc5102 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5102.xml">
<!ENTITY rfc3410 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3410.xml">
<!ENTITY rfc3917 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3917.xml">
<!ENTITY rfc5226 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5226.xml">
<!ENTITY rfc5470 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5470.xml">
<!ENTITY rfc5472 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5472.xml">
<!ENTITY rfc5474 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5474.xml">
<!ENTITY rfc5475 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5475.xml">
<!ENTITY rfc5476 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5476.xml">
<!ENTITY rfc5815 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5815.xml">
]>
<!--<?rfc strict="yes"?>-->
<?rfc toc="yes"?>
<?rfc tocompact="yes"?>
<?rfc footer="draft-ietf-ipfix-rfc5815bis-03.txt"?>
<!--<?rfc compact="yes"?>-->
<!--<?rfc subcompact="compact"?>-->
<?rfc symrefs="yes"?>
<rfc category="std" docName="draft-ietf-ipfix-rfc5815bis-03.txt" ipr="trust200902">
<front>
<title abbrev="IPFIX MIB">Definitions of Managed Objects for IP Flow
Information Export</title>
<author fullname="Thomas Dietz" initials="T." role="editor"
surname="Dietz">
<organization>NEC Europe, Ltd.</organization>
<address>
<postal>
<street>NEC Laboratories Europe</street>
<street>Network Research Division</street>
<street>Kurfuersten-Anlage 36</street>
<code>69115</code>
<city>Heidelberg</city>
<country>DE</country>
</postal>
<phone>+49 6221 4342-128</phone>
<email>Thomas.Dietz@neclab.eu</email>
</address>
</author>
<author fullname="Atsushi Kobayashi" initials="A." surname="Kobayashi">
<organization abbrev="NTT PF Labs.">NTT Information Sharing Platform
Laboratories</organization>
<address>
<postal>
<street>3-9-11 Midori-cho</street>
<city>Musashino-shi</city>
<region>Tokyo</region>
<code>180-8585</code>
<country>JA</country>
</postal>
<phone>+81-422-59-3978</phone>
<email>akoba@nttv6.net</email>
</address>
</author>
<author fullname="Benoit Claise" initials="B." surname="Claise">
<organization>Cisco Systems, Inc.</organization>
<address>
<postal>
<street>De Kleetlaan 6a b1</street>
<code>1831</code>
<city>Diegem</city>
<country>BE</country>
</postal>
<phone>+32 2 704 5622</phone>
<email>bclaise@cisco.com</email>
</address>
</author>
<author fullname="Gerhard Muenz" initials="G." surname="Muenz">
<organization>Technische Universitaet Muenchen</organization>
<address>
<postal>
<street>Department of Informatics</street>
<street>Chair for Network Architectures and Services (I8)</street>
<street>Boltzmannstr. 3</street>
<code>85748</code>
<city>Garching</city>
<country>DE</country>
</postal>
<email>muenz@net.in.tum.de</email>
</address>
</author>
<date month="March" year="2012" />
<workgroup>IPFIX Working Group</workgroup>
<abstract>
<t>This document defines managed objects for IP Flow Information eXport
(IPFIX). These objects provide information for monitoring IPFIX
Exporters and IPFIX Collectors including the basic configuration
information.</t>
</abstract>
</front>
<middle>
<section title="Introduction">
<t>This document defines two MIB modules for monitoring IP Flow
Information eXport (IPFIX) Devices including Exporters and Collectors.
While most of the objects defined by the IPFIX MIB module must
be implemented, some objects may be implemented corresponding to the
functionality implemented in the equipment. Since the IPFIX architecture <xref
target="RFC5470"></xref> foresees the possibility of using Filtering
and/or Sampling functions to reduce the data volume, this document also
provides the IPFIX SELECTOR MIB module, which contains the standardized
selection methods and is controlled by IANA. The full configuration of
the IPFIX Metering Process is out of the scope of these MIB modules.</t>
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
<xref target="RFC2119">RFC 2119</xref>.</t>
</section>
<section title="IPFIX Documents Overview">
<t>The IPFIX protocol provides network administrators with access to IP
Flow information. The architecture for the export of measured IP Flow
information out of an IPFIX Exporting Process to a Collecting Process is
defined in <xref target="RFC5470"></xref>, per the requirements defined
in <xref target="RFC3917"></xref>. The protocol document <xref
target="RFC5101"></xref> specifies how IPFIX Data Records and Templates
are carried via a congestion-aware transport protocol from IPFIX
Exporting Processes to IPFIX Collecting Processes. IPFIX has a formal
description of IPFIX Information Elements, their name, type and
additional semantic information, as specified in <xref
target="RFC5102"></xref>. Finally, <xref target="RFC5472"></xref>
describes what type of applications can use the IPFIX protocol and how
they can use the information provided. It furthermore shows how the
IPFIX framework relates to other architectures and frameworks.</t>
<t>It is assumed that Flow metering, export, and collection is performed
according to the IPFIX architecture defined in <xref
target="RFC5470"></xref>. The monitored configuration parameters of the
export and collection of Flow Templates and Data Records is modeled
according to <xref target="RFC5101"></xref>. Packet selection methods
that may be optionally used by the IPFIX Metering Process are not
considered in this MIB module. They are defined in the Packet Sampling
(PSAMP) framework <xref target="RFC5474"></xref> and Sampling techniques
<xref target="RFC5475"></xref> documents. Nevertheless, the basis for
defining Sampling and Filtering functions is given with the IPFIX
SELECTOR MIB module. Since the PSAMP export protocol <xref
target="RFC5476"></xref> is based on the IPFIX protocol, the Sampling and
Filtering functions can be added to the IPFIX SELECTOR MIB module as
needed.</t>
</section>
<section title="The Internet-Standard Management Framework">
<t>For a detailed overview of the documents that describe the current
Internet-Standard Management Framework, please refer to section 7 of
<xref target="RFC3410">RFC 3410</xref>.</t>
<t>Managed objects are accessed via a virtual information store, termed
the Management Information Base or MIB. MIB objects are generally
accessed through the Simple Network Management Protocol (SNMP). Objects
in the MIB are defined using the mechanisms defined in the Structure of
Management Information (SMI). This memo specifies MIB modules that are
compliant to the SMIv2, which is described in STD 58, <xref
target="RFC2578">RFC 2578</xref>, STD 58, <xref target="RFC2579"> RFC
2579</xref> and STD 58, <xref target="RFC2580">RFC 2580</xref>.</t>
</section>
<section anchor="terminology" title="Terminology">
<t>The definitions of the basic terms like IP Traffic Flow, Exporting
Process, Collecting Process, Observation Points, etc. can be found in
the IPFIX protocol document <xref target="RFC5101"></xref>.</t>
</section>
<section anchor="structure" title="Structure of the IPFIX MIB">
<t>The IPFIX MIB module consists of seven main tables, the Transport
Session table, the Template table and the corresponding Template
Definition table, the Export table, the Metering Process table, the
Observation Point table, and the Selection Process table. Since the IPFIX
architecture <xref target="RFC5470"></xref> foresees the possibility of
using Filtering and/or Sampling functions to reduce the data volume, the
MIB module provides the basic objects for these functions with the
Selection Process table. The IPFIX SELECTOR MIB module defined in the
next section provides the standard Filtering and Sampling functions that
can be referenced in the ipfixSelectionProcessTable.</t>
<t>All remaining objects contain statistical values for the different
tables contained in the MIB module.</t>
<t>The following subsections describe all tables in the IPFIX MIB
module.</t>
<section title="The Transport Session Table">
<t>The Transport Session is the basis of the MIB module. The Transport
Session table (ipfixTransportSessionTable) contains all Transport
Sessions between Exporter and Collector. The table specifies the
transport layer protocol of the Transport Session and, depending on
that protocol, further parameters for the Transport Session. In the case
of UDP and TCP, these are the source and destination address as well as
the source and destination port. For Stream Control Transmission
Protocol (SCTP), the table contains the SCTP
Assoc Id, which is the index for the SCTP association in the SCTP MIB
module <xref target="RFC3873"></xref>. The mode of operation of the
device, i.e., if the Transport Session is used for collecting or
exporting is given in the ipfixTransportSessionDeviceMode object.
Further on, it contains the configured refresh parameters for Templates
and Options Templates that are used across unreliable connections as
UDP. Finally, the IPFIX version that is exported or collected by this
Transport Session and a status of the Transport Session is given in
the table.</t>
<t>To illustrate the use of the above tables, let us assume the
following scenario: we have an Exporter on IP address 192.0.2.22 and a
Collector on IP address 192.0.2.37. The Exporter uses TCP to export
Templates and Data Records. The same Exporter also exports, with UDP,
to a Collector with the IP address of 192.0.2.44. This would lead to
the following Transport Session table on the Exporter:</t>
<figure>
<artwork><![CDATA[
ipfixTransportSessionTable (1)
|
+- ipfixTransportSessionEntry (1)
|
+- index (5) (ipfixTransportSessionIndex)
| +- ipfixTransportSessionIndex (1) = 5
| +- ipfixTransportSessionProtocol (2) = 6 (TCP)
| +- ipfixTransportSessionSourceAddressType (3) = 1 (ipv4)
| +- ipfixTransportSessionSourceAddress (4) = 192.0.2.22
| +- ipfixTransportSessionDestinationAddressType (5) = 1 (ipv4)
| +- ipfixTransportSessionDestinationAddress (6) = 192.0.2.37
| +- ipfixTransportSessionSourcePort (7) = 7653
| +- ipfixTransportSessionDestinationPort (8) = 4739
| +- ipfixTransportSessionSctpAssocId (9) = 0
| +- ipfixTransportSessionDeviceMode (10) = exporting(1)
| +- ipfixTransportSessionTemplateRefreshTimeout (11) = 0
| +- ipfixTransportSessionOptionTemplateRefreshTimeout (12) = 0
| +- ipfixTransportSessionTemplateRefreshPacket (13) = 0
| +- ipfixTransportSessionOptionTemplateRefreshPacket (14) = 0
| +- ipfixTransportSessionIpfixVersion (15) = 10
| +- ipfixTransportSessionStatus (16) = 2 (active)
.
.
.
+- index (11) (ipfixTransportSessionIndex)
+- ipfixTransportSessionIndex (1) = 11
+- ipfixTransportSessionProtocol (2) = 17 (UDP)
+- ipfixTransportSessionSourceAddressType (3) = 1 (ipv4)
+- ipfixTransportSessionSourceAddress (4) = 192.0.2.22
+- ipfixTransportSessionDestinationAddressType (5) = 1 (ipv4)
+- ipfixTransportSessionDestinationAddress (6) = 192.0.2.44
+- ipfixTransportSessionSourcePort (7) = 14287
+- ipfixTransportSessionDestinationPort (8) = 4739
+- ipfixTransportSessionSctpAssocId (9) = 0
+- ipfixTransportSessionDeviceMode (10) = exporting(1)
+- ipfixTransportSessionTemplateRefreshTimeout (11) = 100
+- ipfixTransportSessionOptionTemplateRefreshTimeout (12)
| = 100
+- ipfixTransportSessionTemplateRefreshPacket (13) = 10
+- ipfixTransportSessionOptionTemplateRefreshPacket (14) = 10
+- ipfixTransportSessionIpfixVersion (15) = 10
+- ipfixTransportSessionStatus (16) = 2 (active)]]></artwork>
</figure>
<t>The values in brackets are the OID numbers. The Collectors would
then have the same entry except that the index would most likely
differ and the ipfixTransportSessionDeviceMode would be
collecting(2).</t>
</section>
<section title="The Template Table">
<t>The Template table lists all Templates (including Options
Templates) that are sent (by an Exporter) or received (by a
Collector). The (Options) Templates are unique per Observation
Domain and per Transport Session. Note that the Transport Session
also gives the device mode, i.e. Exporter or Collector. Thus, the
table is indexed by:<list style="symbols">
<t>the Transport Session Index (ipfixTransportSessionIndex)</t>
<t>and the Observation Domain Id
(ipfixTemplateObservationDomainId).</t>
</list> It contains the Set Id and an access time denoting the time
when the (Options) Template was last sent or received.</t>
<t>To resume the above example, the Exporter may want to export a
Template and an Options Template for each Transport Session defined
above. This leads to the following Template table defining Template
and Options Template:</t>
<figure>
<artwork><![CDATA[
ipfixTemplateTable (3)
|
+- ipfixTemplateEntry (1)
|
+- index (5) (ipfixTransportSessionIndex)
| +- index (3) (ipfixTemplateObservationDomainId)
| + index (257) (ipfixTemplateId)
| | +- ipfixTemplateObservationDomainId (1) = 3
| | +- ipfixTemplateId (2) = 257
| | +- ipfixTemplateSetId (3) = 2
| | +- ipfixTemplateAccessTime (4)
| | = 2008-7-1,12:49:11.2,+2:0
| |
| + index (264) (ipfixTemplateId)
| +- ipfixTemplateObservationDomainId (1) = 3
| +- ipfixTemplateId (2) = 264
| +- ipfixTemplateSetId (3) = 3
| +- ipfixTemplateAccessTime (4)
. = 2008-7-1,12:47:04.8,+2:0
.
.
.
+- index (11) (ipfixTransportSessionIndex)
+- index (3) (ipfixTemplateObservationDomainId)
+ index (273) (ipfixTemplateId)
| +- ipfixTemplateObservationDomainId (1) = 3
| +- ipfixTemplateId (2) = 273
| +- ipfixTemplateSetId (3) = 2
| +- ipfixTemplateAccessTime (4)
| = 2008-7-1,12:49:11.2,+2:0
|
+ index (289) (ipfixTemplateId)
+- ipfixTemplateObservationDomainId (1) = 3
+- ipfixTemplateId (2) = 289
+- ipfixTemplateSetId (3) = 3
+- ipfixTemplateAccessTime (4)
= 2008-7-1,12:47:04.8,+2:0]]></artwork>
</figure>
<t>We assume that the Transport Session that is stored with index 5 in
the Transport Session table of the Exporter is stored with index 17 in
the Transport Session table of the (corresponding) Collector. Then,
the Template table would look as follows:</t>
<figure>
<artwork><![CDATA[
ipfixTemplateTable (3)
|
+- ipfixTemplateEntry (1)
|
+- index (17) (ipfixTransportSessionIndex)
+- index (3) (ipfixTemplateObservationDomainId)
+ index (257) (ipfixTemplateId)
| +- ipfixTemplateObservationDomainId (1) = 3
| +- ipfixTemplateId (2) = 257
| +- ipfixTemplateSetId (3) = 2
| +- ipfixTemplateAccessTime (4)
| = 2008-7-1,12:49:11.8,+2:0
|
+ index (264) (ipfixTemplateId)
+- ipfixTemplateObservationDomainId (1) = 3
+- ipfixTemplateId (2) = 264
+- ipfixTemplateSetId (3) = 3
+- ipfixTemplateAccessTime (4)
= 2008-7-1,12:47:05.3,+2:0]]></artwork>
</figure>
<t>The table on the second Collector would be analogous to the one shown
above.</t>
</section>
<section title="The Template Definition Table">
<t>The Template Definition table lists all the Information Elements
contained in a Template or Options Template. Therefore, it has the same
indexes as the corresponding Template table plus the Template Id. Its
own index denotes the order of the Information Element inside the
Template. Besides the Information Element Id and the length of the
encoded value, the table contains the enterprise number for
enterprise-specific Information Elements and flags for each Information
Element. The flags indicate if the Information Element is used for
scoping or as a Flow Key.</t>
<t>To resume the above example again, the Exporter is configured to
export the octets received and dropped at the Observation Point since
the last export of these values. In addition, it exports the start and
end time of the Flow relative to the timestamp contained in the IPFIX
header. This leads to the following Template Definition table on the
Exporter:</t>
<figure>
<artwork><![CDATA[
ipfixTemplateDefinitionTable (4)
|
+- ipfixTemplateDefinitionEntry (1)
|
+- index (5) (ipfixTransportSessionIndex)
+- index (3) (ipfixTemplateObservationDomainId)
+ index (257) (ipfixTemplateId)
+- index (1) (ipfixTemplateDefinitionIndex)
| +- ipfixTemplateDefinitionIndex (1) = 1
| +- ipfixTemplateDefinitionIeId (2) = 158
| | (flowStartDeltaMicroseconds)
| +- ipfixTemplateDefinitionIeLength (3) = 4
| +- ipfixTemplateDefinitionEnterprise (4) = 0
| +- ipfixTemplateDefinitionFlags (5) = 0
|
+- index (2) (ipfixTemplateDefinitionIndex)
| +- ipfixTemplateDefinitionIndex (1) = 2
| +- ipfixTemplateDefinitionIeId (2) = 159
| | (flowEndDeltaMicroseconds)
| +- ipfixTemplateDefinitionIeLength (3) = 4
| +- ipfixTemplateDefinitionEnterprise (4) = 0
| +- ipfixTemplateDefinitionFlags (5) = 0
|
+- index (3) (ipfixTemplateDefinitionIndex)
| +- ipfixTemplateDefinitionIndex (1) = 3
| +- ipfixTemplateDefinitionIeId (2) = 1
| | (octetDeltaCount)
| +- ipfixTemplateDefinitionIeLength (3) = 8
| +- ipfixTemplateDefinitionEnterprise (4) = 0
| +- ipfixTemplateDefinitionFlags (5) = 0
|
+- index (4) (ipfixTemplateDefinitionIndex)
+- ipfixTemplateDefinitionIndex (1) = 4
+- ipfixTemplateDefinitionIeId (2) = 132
| (droppedOctetDeltaCount)
+- ipfixTemplateDefinitionIeLength (3) = 8
+- ipfixTemplateDefinitionEnterprise (4) = 0
+- ipfixTemplateDefinitionFlags (5) = 0 ]]></artwork>
</figure>
<t>The corresponding table entry on the Collector is the same except
that it would have another ipfixTransportSessionIndex, e.g., 17 as in
the previous example.</t>
</section>
<section title="The Export Table">
<t>On Exporters, the Export table (ipfixExportTable) can be used to
support features like failover, load-balancing, duplicate export to
several Collectors, etc. The table has three indexes that link an entry
with: <list style="symbols">
<t>the Metering Process table (ipfixMeteringProcessCacheId, see
below)</t>
<t>and the Transport Session table
(ipfixTransportSessionIndex).</t>
</list>Those entries with the same ipfixExportIndex and the same
ipfixMeteringProcessCacheId define a Transport Session group. The
member type for each group member describes its functionality. All
Transport Sessions referenced in this table MUST have the
ipfixTransportSessionDeviceMode exporting(1).</t>
<t>If the Exporter does not use Transport Session grouping, then each
ipfixExportIndex contains a single ipfixMeteringProcessCacheId, and
thus a singe Transport Session (ipfixTransportSessionIndex) and this
session MUST have the member type primary(1).</t>
<t>For failover, a Transport Session group can contain one Transport
Session with member type "primary" and several Transport Sessions with
type secondary(2). Entries with other member types are not allowed for
that type of group. For load-balancing or parallel export, all
Transport Sessions in the group MUST have the same member type, either
loadBalancing(4) or parallel(3).</t>
<t>The algorithms used for failover or load-balancing are out of the
scope of this document.</t>
<t>To continue the example, we assume that the Exporter uses the two
connections shown in the examples above as one primary Transport
Session protected by a secondary Transport Session. The Exporter then
has the following entries in the ipfixExportTable:</t>
<figure>
<artwork><![CDATA[
ipfixExportTable (5)
|
+- ipfixExportEntry (1)
|
+- index (7) (ipfixExportIndex)
| +- index (9) (ipfixMeteringProcessCacheId)
| | +- index (5) (ipfixTransportSessionIndex)
| | +- ipfixExportIndex (1) = 7
| | +- ipfixExportMemberType (2) = 1 (primary)
| |
| +- index (11) (ipfixTransportSessionIndex)
| +- ipfixExportIndex (1) = 7
| +- ipfixExportMemberType (2) = 2 (secondary)
|
+- index (8) (ipfixExportIndex)
+- index (9) (ipfixMeteringProcessCacheId)
+- index (5) (ipfixTransportSessionIndex)
| +- ipfixExportIndex (1) = 8
| +- ipfixExportMemberType (2) = 2 (secondary)
+- index (11) (ipfixTransportSessionIndex)
+- ipfixExportIndex (1) = 8
+- ipfixExportMemberType (2) = 1 (primary)]]></artwork>
</figure>
<t>The example shows that the Exporter uses the Metering Process Cache
9, explained below, to export IPFIX Data Records for the Transport
Sessions 5 and 11. The Templates 257 and 264 defined above are
exported within Transport Session 5 as primary, while the secondary
Transport Session is 11. The Templates 273 and 289 are exported
within Transport Session 11 as primary, while the secondary
Transport Session is 5.</t>
<t>Here are the steps required by a manager in order to understand
what is/are the backups (if any) for Template Records exported from
a specific Exporter to a specific Collector:<list style="numbers">
<t>Lookup the Collector IP address in the
ipfixTransportSessionDestinationAddress object (in the
ipfixTransportSessionTable).</t>
<t>From the same row, double check the Exporter IP address in
the ipfixTransportSessionSourceAddress object.</t>
<t>From the same row, write down the ipfixTransportSessionIndex
value.</t>
<t>Use that ipfixTransportSessionIndex value in the
ipfixTemplateTable, and look up the pairs of
(ipfixTemplateObservationDomainId, ipfixTemplateId). For there,
the manager deduces the Template Record(s) (ipfixTemplateId),
exported from the Observation Domain(s)
(ipfixTemplateObservationDomainId) on the tracked Exporter
(ipfixTransportSessionSourceAddress) to the tracked Collector
(ipfixTransportSessionDestinationAddress).</t>
<t>Reusing the same ipfixTransportSessionIndex in ipfixExportTable,
lookup the table for a value of ipfixExportMemberType equals to
"primary". Note that they could be multiple entries for which the
ipfixExportMemberType equals to "primary" in the ipfixExportTable,
so multiple iterations might be required until the correct value
of ipfixTransportSessionIndex is found.</t>
<t>From the same row, write down the ipfixExportIndex value.</t>
<t>In the ipfixExportTable, under the same three indexes values
(ipfixExportIndex, ipfixMeteringProcessCacheId, and
ipfixTransportSessionIndex), lookup the entries for which
ipfixExportMemberType is different than "primary". Write down the
associated ipfixTransportSessionIndex value.</t>
<t>From the ipfixTransportSessionTable, look up the Transport
Session details for this ipfixTransportSessionIndex value. For example,
the secondary Collector IP address and port
(ipfixTransportSessionDestinationAddress and
ipfixTransportSessionSourcePort).</t></list>
</t>
</section>
<section title="The Metering Process Table">
<t>The Metering Process, as defined in <xref target="RFC5101"></xref>,
consists of a set of functions. Maintaining the Flow Records is one of
them. This function is responsible for passing the Flow Records to the
Exporting Process and also for detecting Flow expiration. The Flow
Records that are maintained by the Metering Process can be grouped by
the Observation Points at which they are observed. The instance that
maintains such a group of Flow Records is a kind of cache. For this
reason, the Metering Process table (ipfixMeteringProcessTable) is
indexed by cache Ids (ipfixMeteringProcessCacheId). Each cache can be
maintained by a separate instance of the Metering Process. To specify
the Observation Point(s) where the Flow Records are gathered, the
ipfixMeteringProcessObservationPointGroupRef may contain an
ipfixObservationPointGroupId from the Observation Point table
(ipfixObservationPointTable) described in the next section. If an
Observation Point is not specified for the Flow Records, the
ipfixMeteringProcessObservationPointGroupRef MUST be zero(0). The
timeouts (ipfixMeteringProcessCacheActiveTimeout and
ipfixMeteringProcessCacheInactiveTimeout) specify when Flows
are expired.</t>
<figure>
<artwork><![CDATA[
ipfixMeteringProcessTable (6)
|
+- ipfixMeteringProcessEntry (1)
|
+- index (9) (ipfixMeteringProcessCacheId)
+- ipfixMeteringProcessCacheId (1) = 9
+- ipfixMeteringProcessObservationPointGroupRef (2) = 17
+- ipfixMeteringProcessCacheActiveTimeout (3) = 100
+- ipfixMeteringProcessCacheInactiveTimeout (4) = 100]]></artwork>
</figure>
</section>
<section title="The Observation Point Table">
<t>The Observation Point table (ipfixObservationPointTable) groups
Observation Points with the ipfixObservationPointGroupId. Each entry
contains the Observation Domain Id in which the Observation Point is
located and a reference to the ENTITY MIB module <xref
target="RFC4133"></xref> or the Interface MIB module <xref
target="RFC2863"></xref>. The objects in the ENTITY MIB module
referenced by ipfixObservationPointPhysicalEntity or Interface MIB module
referenced by ipfixObservationPointPhysicalInterface denote the
Observation Point. At least one reference for the objects
ipfixObservationPointPhysicalEntity or
ipfixObservationPointPhysicalInterface MUST exist for a valid Observation
Point entry. If a reference to the Observation Point is given in both
object ipfixObservationPointPhysicalEntity and
ipfixObservationPointPhysicalInterface, then both MUST point to the
same physical interface. However, if one of two references
(ipfixObservationPointPhysicalEntity or
ipfixObservationPointPhysicalInterface) can not be given, its
reference MUST be 0. In addition, a direction can be given to render more
specifically which Flow to monitor.</t>
<figure>
<artwork><![CDATA[
ipfixObservationPointTable (7)
|
+- ipfixObservationPointEntry (1)
|
+- index (17) (ipfixObservationPointGroupId)
+- index (1) (ipfixObservationPointIndex)
| +- ipfixObservationPointGroupId (1) = 17
| +- ipfixObservationPointIndex (2) = 1
| +- ipfixObservationPointObservationDomainId (3) = 3
| +- ipfixObservationPointPhysicalEntity (4) = 6
| +- ipfixObservationPointPhysicalInterface(5) = 0
| +- ipfixObservationPointPhysicalEntityDirection (6)
= 3 (both)
|
+- index (2) (ipfixObservationPointIndex)
+- ipfixObservationPointGroupId (1) = 17
+- ipfixObservationPointIndex (2) = 2
+- ipfixObservationPointObservationDomainId (3) = 3
+- ipfixObservationPointPhysicalEntity (4) = 0
+- ipfixObservationPointPhysicalInterface (5) = 0
+- ipfixObservationPointPhysicalEntityDirection (6)
= 1 (ingress) ]]></artwork>
</figure>
</section>
<section title="The Selection Process Table">
<t>This table supports the usage of Filtering and Sampling functions,
as described in <xref target="RFC5470"></xref>. It contains lists of
functions per Metering Process cache (ipfixMeteringProcessCacheId).
The selection process index ipfixSelectionProcessIndex forms groups of
selection methods that are applied to an observed packet stream. The
selection process selector index (ipfixSelectionProcessSelectorIndex)
indicates the order in which the functions are applied to the packets
observed at the Observation Points associated with the Metering
Process cache. The selection methods are applied in increasing order,
i.e., selection methods with a lower
ipfixSelectionProcessSelectorIndex are applied first. The functions
are referred by object identifiers pointing to the function with its
parameters. If the selection method does not use parameters, then it
MUST point to the root of the function subtree (see also <xref
target="structure_ipfix_selector_mib"></xref>). If the function uses
parameters, then it MUST point to an entry in the parameter table of
the selection method. If no Filtering or Sampling function is used for
a Metering Process, then an entry for the Metering Process SHOULD be
created pointing to the Select All function (ipfixFuncSelectAll).</t>
</section>
<section title="The Statistical Tables">
<t>For the ipfixTransportSessionTable, the ipfixTemplateTable, the
ipfixMeteringProcessTable, and the ipfixSelectionProcessTable
statistical tables are defined that augment those tables. All the
statistical tables contain a discontinuity object that holds a
timestamp that denotes the time when a discontinuity event occurred to
notify the management system that the counters contained in those
tables might not be continuous anymore.</t>
<section title="The Transport Session Statistical Table">
<t>The Transport Session Statistical table
(ipfixTransportSessionStatsTable) augments the
ipfixTransportSessionTable with statistical values. It contains the
rate (in bytes per second) with which it receives or sends out IPFIX
Messages, the number of bytes, packets, messages, Records, Templates
and Options Templates received or sent and the number of messages
that were discarded.</t>
</section>
<section title="The Template Statistical Table">
<t>This table contains a statistical value for each Template. It
augments the Template table (ipfixTemplateTable) and specifies the
number of Data Records exported or collected for the Template.</t>
</section>
<section title="The Metering Process Statistical Table">
<t>This table augments the Metering Process table
(ipfixMeteringProcessTable). It contains the statistical values for
the exported Data Records and the number of unused cache entries.</t>
</section>
<section title="The Selection Process Statistical Table">
<t>This table augments the Selection Process table
(ipfixSelectionProcessTable) and introduces two generic statistical
values, the number of packets observed and the number of packets
dropped by the selection method.</t>
</section>
</section>
</section>
<section anchor="structure_ipfix_selector_mib"
title="Structure of the IPFIX SELECTOR MIB">
<t>The IPFIX SELECTOR MIB module defined in this section provides the
standard Filtering and Sampling functions that can be referenced in the
ipfixSelectionProcessTable. All standard Filtering and Sampling functions
MUST be registered in the subtree under object ipfixSelectorFunctions
(iso.org.dod.internet.mgmt.mib-2.ipfixSelectorMIB, or as numbers
1.3.6.1.2.1.194). The toplevel OIDs in the subtree under object
ipfixSelectorFunctions MUST be registered in a subregistry maintained by
IANA at http://www.iana.org/assignments/smi-numbers. The first entry in
this subtree is the Select All function (ipfixFuncSelectAll) defined in
this document as {ipfixSelectorFunctions 1}.</t>
<t>Further selector functions
MUST be registered at IANA and are subject to Expert Review
<xref target="RFC5226"></xref>, i.e., review by one of a group of experts
designated by an IETF Area Director. The group of experts MUST check the
requested MIB objects for completeness and accuracy of the description.
Requests for MIB objects that duplicate the functionality of existing
objects SHOULD be declined. The smallest available OID SHOULD be assigned
to a new MIB objects. The specification of new MIB objects SHOULD follow
the structure specified in the Section
<xref target="selectorFunctions"></xref> and MUST be published using a
well-established and persistent publication medium. The experts will
initially be drawn from the Working Group Chairs and document editors of
the IPFIX and PSAMP Working Groups.</t>
<section anchor="selectorFunctions" title="The Selector Functions">
<t>The following figure shows what the MIB tree usually should look
like. It already contains the ipfixFuncSelectAll. The subtree in
ipfixFuncF2 gives the basic structure that all selection methods
SHOULD follow.</t>
<figure>
<artwork><![CDATA[
ipfixSelectorFunctions
|
+- ipfixFuncSelectAll
| |
| +- ipfixFuncSelectAllAvail (is the function available?)
|
+- ipfixFuncF2
| |
| +- ipfixFuncF2Avail (is the function F2 available?)
| |
| +- ipfixFuncF2Parameters (a table with parameters)
...
|
+- ipfixFuncFn...]]></artwork>
</figure>
<t>The selection method SHOULD be designed as a MIB subtree introduced
by an object with the name ipfixFunc appended by a function name. The
objects in this subtree SHOULD be prefixed by this name. If the
function is named Fx, then we would start a subtree with an OID named
ipfixFuncFx. This subtree should contain an object ipfixFuncFxAvail
that has the type TruthValue. If a selection method takes parameters,
the MIB should contain a table named ipfixFuncFxParameters, which
should contain all the parameters that the selection method specifies.
An entry in this table will be referenced by the IPFIX MIB module if
the selection method with the parameters is used.</t>
<t>To illustrate the structure defined above, the following contains an
example of a function MyFunc that holds three integer parameters
Param1, Param2, and Param3. In the example, there are currently two
instances of the parameters set defined with indexes 1 and 4.</t>
<figure>
<artwork><![CDATA[
ipfixSelectorFunctions (1)
|
+- ipfixFuncMyFunc (?)
|
+- ipfixFuncMyFuncAvail (1) = true
+- ipfixFuncMyFuncParameters (2)
|
+- ipfixFuncMyFuncParametersEntry (1)
|
+- index (1) (ipfixFuncMyFuncParametersIndex)
| +- ipfixFuncMyFuncParam1 (1) = 47
| +- ipfixFuncMyFuncParam2 (2) = -128
| +- ipfixFuncMyFuncParam3 (3) = 19
|
+- index(4) (ipfixFuncMyFuncParametersIndex)
+- ipfixFuncMyFuncParam1 (1) = 19
+- ipfixFuncMyFuncParam2 (2) = -1
+- ipfixFuncMyFuncParam3 (3) = 728]]></artwork>
</figure>
<t>If the function defined above is referenced in the IPFIX MIB module,
the ipfixSelectionProcessTable would look as follows:</t>
<figure>
<artwork><![CDATA[
ipfixSelectionProcessTable (8)
|
+- ipfixSelectionProcessEntry (1)
|
+- index (9) (ipfixMeteringProcessCacheId)
+- index (1) (ipfixSelectionProcessIndex)
+- index (1) (ipfixSelectionProcessSelectorIndex)
| +- ipfixSelectionProcessSelectorFunction (3)
| = ipfixSelectorFunctions.?.2.1.4
+- index (2) (ipfixSelectionProcessSelectorIndex)
+- ipfixSelectionProcessSelectorFunction (3)
= ipfixSelectorFunctions.?.2.1.1]]></artwork>
</figure>
<t>This means that for the ipfixMeteringProcessCacheId(9), a Selection
Process with index 1 is created that applies two times the same
function but with different parameter sets. First, the function MyFunc
is applied with the parameters of the set with index 4 and the with
the parameters of the set with index 1.</t>
</section>
</section>
<section title="Relationship to Other MIB Modules">
<t>Besides the usual imports from the SNMP Standards <xref
target="RFC2578"></xref>, <xref target="RFC2579"></xref>, and <xref
target="RFC2580"></xref>, the IPFIX MIB module references the ENTITY MIB
module <xref target="RFC4133"></xref> and the Interface MIB module <xref
target="RFC2863"></xref>.</t>
<section title="Relationship to the ENTITY MIB and Interface MIB">
<t>The Observation Point table (ipfixObservationPointTable) contains a
reference to the ENTITY MIB module <xref target="RFC4133"></xref>
(ipfixObservationPointPhysicalEntity) or the Interface MIB module <xref
target="RFC2863"></xref> (ipfixObservationPointPhysicalInterface). If
the implementors of the IPFIX MIB module want to specify the physical
entity where Flows are observed, then they SHOULD also implement the
ENTITY MIB and/or the Interface MIB module. The implementation of the ENTITY
MIB and/or Interface MIB module is OPTIONAL. If one of them is not
implemented, then all values of the respective column
ipfixObservationPointPhysicalEntity or
ipfixObservationPointPhysicalInterface in the Observation Point table
are zero and the values of the
ipfixObservationPointPhysicalEntityDirection columns are unknown(0), if
none of them are defined.</t>
</section>
<section title="MIB Modules Required for IMPORTS">
<t>The IPFIX MIB module requires the modules SNMPv2-SMI <xref
target="RFC2578"></xref>, SNMPv2-TC <xref target="RFC2579"></xref>, and
SNMPv2-CONF <xref target="RFC2580"></xref>. Further on, it imports the
textual conventions InetAddressType and InetAddress from the INET
ADDRESS MIB module <xref target="RFC4001"></xref>.</t>
<t>The IPFIX SELECTOR MIB module also requires the modules
SNMPv2-SMI <xref target="RFC2578"></xref>, SNMPv2-TC <xref
target="RFC2579"></xref>, and SNMPv2-CONF <xref
target="RFC2580"></xref>.</t>
</section>
</section>
<section anchor="mib_definition" title="MIB Definitions">
<t>This section contains the definitions of the IPFIX-MIB module and the
IPFIX-SELECTOR-MIB module. There are different mandatory groups defined
for Collector and Exporter implementations. The statistical objects are
made OPTIONAL.</t>
<section title="IPFIX MIB Definition">
<t>
<figure><artwork><![CDATA[
IPFIX-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, mib-2, Unsigned32, Counter64,
Gauge32
FROM SNMPv2-SMI -- RFC2578
TimeStamp, DateAndTime
FROM SNMPv2-TC -- RFC2579
MODULE-COMPLIANCE, OBJECT-GROUP
FROM SNMPv2-CONF -- RFC2580
InterfaceIndexOrZero
FROM IF-MIB -- RFC2863
InetAddressType, InetAddress, InetPortNumber
FROM INET-ADDRESS-MIB -- RFC4001
PhysicalIndexOrZero
FROM ENTITY-MIB; -- RFC4133
ipfixMIB MODULE-IDENTITY
LAST-UPDATED "201203220000Z" -- 22 March 2012
ORGANIZATION "IETF IPFIX Working Group"
CONTACT-INFO
"WG charter:
http://www.ietf.org/html.charters/ipfix-charter.html
Mailing Lists:
General Discussion: ipfix@ietf.org
To Subscribe: http://www1.ietf.org/mailman/listinfo/ipfix
Archive:
http://www1.ietf.org/mail-archive/web/ipfix/current/index.html
Editor:
Thomas Dietz
NEC Europe Ltd.
NEC Laboratories Europe
Network Research Division
Kurfuersten-Anlage 36
69115 Heidelberg
Germany
Phone: +49 6221 4342-128
Email: Thomas.Dietz@nw.neclab.eu
Atsushi Kobayashi
NTT Information Sharing Platform Laboratories
3-9-11 Midori-cho
Musashino-shi
180-8585
Japan
Phone: +81-422-59-3978
Email: akoba@nttv6.net
Benoit Claise
Cisco Systems, Inc.
De Kleetlaan 6a b1
Diegem 1831
Belgium
Phone: +32 2 704 5622
Email: bclaise@cisco.com
Gerhard Muenz
Technische Universitaet Muenchen
Department of Informatics
Chair for Network Architectures and Services (I8)
Boltzmannstr. 3
85748 Garching
Germany
Email: muenz@net.in.tum.de
DESCRIPTION
"The IPFIX MIB defines managed objects for IP Flow
Information eXport. These objects provide information about
managed nodes supporting the IPFIX protocol,
for Exporters as well as for Collectors.
Copyright (c) 2012 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD
License set forth in Section 4.c of the IETF Trust's
Legal Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info)."
-- Note for RFC Editor: substitute [ThisRFC] with the newly
-- assigned number in the following sections.
-- Revision history
REVISION "201203220000Z" -- 22 March 2012
DESCRIPTION
"Fixed errata from RFC 5815. Published as RFC [ThisRFC]."
REVISION "201004190000Z" -- 19 April 2010
DESCRIPTION
"Initial version, published as RFC 5815."
::= { mib-2 193 }
--******************************************************************
-- Top Level Structure of the MIB
--******************************************************************
ipfixObjects OBJECT IDENTIFIER ::= { ipfixMIB 1 }
ipfixConformance OBJECT IDENTIFIER ::= { ipfixMIB 2 }
ipfixMainObjects OBJECT IDENTIFIER ::= { ipfixObjects 1 }
ipfixStatistics OBJECT IDENTIFIER ::= { ipfixObjects 2 }
--==================================================================
-- 1.1: Objects used by all IPFIX implementations
--==================================================================
--------------------------------------------------------------------
-- 1.1.1: Transport Session Table
--------------------------------------------------------------------
ipfixTransportSessionTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixTransportSessionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists the currently established Transport
Sessions between an Exporting Process and a Collecting
Process."
::= { ipfixMainObjects 1 }
ipfixTransportSessionEntry OBJECT-TYPE
SYNTAX IpfixTransportSessionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixTransportSessionTable."
INDEX { ipfixTransportSessionIndex }
::= { ipfixTransportSessionTable 1 }
IpfixTransportSessionEntry ::=
SEQUENCE {
ipfixTransportSessionIndex Unsigned32,
ipfixTransportSessionProtocol Unsigned32,
ipfixTransportSessionSourceAddressType InetAddressType,
ipfixTransportSessionSourceAddress InetAddress,
ipfixTransportSessionDestinationAddressType InetAddressType,
ipfixTransportSessionDestinationAddress InetAddress,
ipfixTransportSessionSourcePort InetPortNumber,
ipfixTransportSessionDestinationPort InetPortNumber,
ipfixTransportSessionSctpAssocId Unsigned32,
ipfixTransportSessionDeviceMode INTEGER,
ipfixTransportSessionTemplateRefreshTimeout Unsigned32,
ipfixTransportSessionOptionsTemplateRefreshTimeout Unsigned32,
ipfixTransportSessionTemplateRefreshPacket Unsigned32,
ipfixTransportSessionOptionsTemplateRefreshPacket Unsigned32,
ipfixTransportSessionIpfixVersion Unsigned32,
ipfixTransportSessionStatus INTEGER
}
ipfixTransportSessionIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Locally arbitrary, but unique identifier of an entry in
the ipfixTransportSessionTable. The value is expected to
remain constant from a re-initialization of the entity's
network management agent to the next re-initialization."
::= { ipfixTransportSessionEntry 1 }
ipfixTransportSessionProtocol OBJECT-TYPE
SYNTAX Unsigned32 (1..255)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The transport protocol used for receiving or transmitting
IPFIX Messages. Protocol numbers are assigned by IANA. A
current list of all assignments is available from
<http://www.iana.org/assignments/protocol-numbers/
protocol-numbers.xml>."
REFERENCE
"RFC 5101, Specification of the IP Flow
Information Export (IPFIX) Protocol for the Exchange of IP
Traffic Flow Information, Section 10."
::= { ipfixTransportSessionEntry 2 }
ipfixTransportSessionSourceAddressType OBJECT-TYPE
SYNTAX InetAddressType { unknown(0), ipv4(1), ipv6 (2) }
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of address used for the source address,
as specified in RFC 4001. The InetAddressType supported
values are ipv4(1) and ipv6(2). This object is used with
protocols specified in ipfixTransportSessionProtocol) like
TCP (6) and UDP (17) that have the notion of addresses.
SCTP (132) should use the ipfixTransportSessionSctpAssocId
instead. If SCTP (132) or any other protocol without the
notion of addresses is used, the object MUST be set to
unknown(0)."
::= { ipfixTransportSessionEntry 3 }
ipfixTransportSessionSourceAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The source address of the Exporter of the IPFIX Transport
Session. This value is interpreted according to the value of
ipfixTransportSessionAddressType as specified in RFC 4001.
This object is used with protocols (specified in
ipfixTransportSessionProtocol) like TCP (6) and UDP (17) that
have the notion of addresses. SCTP (132) should use the
ipfixTransportSessionSctpAssocId instead. If SCTP (132) or
any other protocol without the notion of addresses is used,
the object MUST be set to a zero-length string."
::= { ipfixTransportSessionEntry 4 }
ipfixTransportSessionDestinationAddressType OBJECT-TYPE
SYNTAX InetAddressType { unknown(0), ipv4(1), ipv6 (2) }
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of address used for the destination address,
as specified in RFC 4001. The InetAddressType supported
values are ipv4(1) and ipv6(2). This object is used with
protocols (specified in ipfixTransportSessionProtocol) like
TCP (6) and UDP (17) that have the notion of addresses.
SCTP (132) should use the ipfixTransportSessionSctpAssocId
instead. If SCTP (132) or any other protocol without the
notion of addresses is used, the object MUST be set to
unknown(0)."
::= { ipfixTransportSessionEntry 5 }
ipfixTransportSessionDestinationAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The destination address of the Collector of the IPFIX
Transport Session. This value is interpreted according to
the value of ipfixTransportSessionAddressType, as specified
in RFC 4001. This object is used with protocols
(specified in ipfixTransportSessionProtocol) like TCP (6)
and UDP (17) that have the notion of addresses. SCTP (132)
should use the ipfixTransportSessionSctpAssocId instead.
If SCTP (132) or any other protocol without the notion of
addresses is used, the object MUST be set to a zero-length
string"
::= { ipfixTransportSessionEntry 6 }
ipfixTransportSessionSourcePort OBJECT-TYPE
SYNTAX InetPortNumber
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The transport protocol port number of the Exporter.
This object is used with protocols (specified in
ipfixTransportSessionProtocol) like TCP (6)
and UDP (17) that have the notion of ports. SCTP (132)
should copy the value of sctpAssocLocalPort if the
Transport Session is in collecting mode or
sctpAssocRemPort if the Transport Session is in
exporting mode. The association is referenced
by the ipfixTransportSessionSctpAssocId.
If any other protocol without the notion of
ports is used, the object MUST be set to zero."
::= { ipfixTransportSessionEntry 7 }
ipfixTransportSessionDestinationPort OBJECT-TYPE
SYNTAX InetPortNumber
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The transport protocol port number of the Collector. The
default value is 4739 for all currently defined transport
protocol types. This object is used with protocols
(specified in ipfixTransportSessionProtocol) like TCP (6)
and UDP (17) that have the notion of ports. SCTP (132)
should copy the value of sctpAssocRemPort if the
Transport Session is in collecting mode or
sctpAssocLocalPort if the Transport Session is in
exporting mode. The association is referenced
by the ipfixTransportSessionSctpAssocId.
If any other protocol without the notion of
ports is used, the object MUST be set to zero."
::= { ipfixTransportSessionEntry 8 }
ipfixTransportSessionSctpAssocId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The association id used for the SCTP session between the
Exporter and the Collector of the IPFIX Transport Session.
It is equal to the sctpAssocId entry in the sctpAssocTable
defined in the SCTP MIB. This object is only valid if
ipfixTransportSessionProtocol has the value 132 (SCTP). In
all other cases, the value MUST be zero."
REFERENCE
"RFC 3873, Stream Control Transmission Protocol (SCTP)
Management Information Base (MIB)."
::= { ipfixTransportSessionEntry 9 }
ipfixTransportSessionDeviceMode OBJECT-TYPE
SYNTAX INTEGER {
exporting(1),
collecting(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The mode of operation of the device for the given Transport
Session. This object can have the following values:
exporting(1)
This value MUST be used if the Transport Session is
used for exporting Records to other IPFIX Devices,
i.e., this device acts as Exporter.
collecting(2)
This value MUST be used if the Transport Session is
used for collecting Records from other IPFIX Devices,
i.e., this device acts as Collector."
::= { ipfixTransportSessionEntry 10 }
ipfixTransportSessionTemplateRefreshTimeout OBJECT-TYPE
SYNTAX Unsigned32
UNITS "seconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"On Exporters, this object contains the time in seconds
after which IPFIX Templates are resent by the
Exporter.
On Collectors, this object contains the lifetime in seconds
after which a Template becomes invalid when it is not
received again within this lifetime.
This object is only valid if ipfixTransportSessionProtocol
has the value 17 (UDP). In all other cases, the value MUST
be zero."
REFERENCE
"RFC 5101, Specification of the IP Flow Information Export
(IPFIX) Protocol for the Exchange of IP Traffic Flow
Information, Sections 10.3.6 and 10.3.7."
::= { ipfixTransportSessionEntry 11 }
ipfixTransportSessionOptionsTemplateRefreshTimeout OBJECT-TYPE
SYNTAX Unsigned32
UNITS "seconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"On Exporters, this object contains the time in seconds
after which IPFIX Options Templates are resent by the
Exporter.
On Collectors, this object contains the lifetime in seconds
after which an Options Template becomes invalid when it is
not received again within this lifetime.
This object is only valid if ipfixTransportSessionProtocol
has the value 17 (UDP). In all other cases the value MUST
be zero."
REFERENCE
"RFC 5101, Specification of the IP Flow Information Export
(IPFIX) Protocol for the Exchange of IP Traffic Flow
Information, Sections 10.3.6 and 10.3.7."
::= { ipfixTransportSessionEntry 12 }
ipfixTransportSessionTemplateRefreshPacket OBJECT-TYPE
SYNTAX Unsigned32
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"On Exporters, this object contains the number of exported
IPFIX Messages after which IPFIX Templates are resent
by the Exporter.
On Collectors, this object contains the lifetime in number
of exported IPFIX Messages after which a Template becomes
invalid when it is not received again within this lifetime.
This object is only valid if ipfixTransportSessionProtocol
has the value 17 (UDP). In all other cases the value MUST
be zero."
REFERENCE
"RFC 5101, Specification of the IP Flow Information Export
(IPFIX) Protocol for the Exchange of IP Traffic Flow
Information, Sections 10.3.6 and 10.3.7."
::= { ipfixTransportSessionEntry 13 }
ipfixTransportSessionOptionsTemplateRefreshPacket OBJECT-TYPE
SYNTAX Unsigned32
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"On Exporters, this object contains the number of exported
IPFIX Messages after which IPFIX Options Templates are
resent by the Exporter.
On Collectors, this object contains the lifetime in number
of exported IPFIX Messages after which an Options Template
becomes invalid when it is not received again within this
lifetime.
This object is only valid if ipfixTransportSessionProtocol
has the value 17 (UDP). In all other cases the value MUST
be zero."
REFERENCE
"RFC 5101, Specification of the IP Flow Information Export
(IPFIX) Protocol for the Exchange of IP Traffic Flow
Information, Sections 10.3.6 and 10.3.7."
::= { ipfixTransportSessionEntry 14 }
ipfixTransportSessionIpfixVersion OBJECT-TYPE
SYNTAX Unsigned32 (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"On Exporters the object contains the version number of the
IPFIX protocol that the Exporter uses to export its data in
this Transport Session.
On Collectors the object contains the version number of the
IPFIX protocol it receives for this Transport Session.
If IPFIX Messages of different IPFIX protocol versions are
transmitted or received in this Transport Session, this
object contains the maximum version number."
REFERENCE
"RFC 5101, Specification of the IP Flow Information Export
(IPFIX) Protocol for the Exchange of IP Traffic Flow
Information, Section 3.1."
::= { ipfixTransportSessionEntry 15 }
ipfixTransportSessionStatus OBJECT-TYPE
SYNTAX INTEGER {
unknown(0),
inactive(1),
active(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of a Transport Session. This object can have the
following values:
unknown(0)
This value MUST be used if the status of the
Transport Session cannot be detected by the equipment.
This value should be avoided as far as possible.
inactive(1)
This value MUST be used for Transport Sessions that
are specified in the system but are not currently active.
The value can be used, e.g., for Transport Sessions that
are backup (secondary) sessions in a Transport Session
group.
active(2)
This value MUST be used for Transport Sessions that are
currently active and transmitting or receiving data."
::= { ipfixTransportSessionEntry 16 }
--------------------------------------------------------------------
-- 1.1.2: Template Table
--------------------------------------------------------------------
ipfixTemplateTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixTemplateEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists the Templates and Options Templates that
are transmitted by the Exporting Process or received by the
Collecting Process.
The table contains the Templates and Options Templates that
are received or used for exporting data for a given
Transport Session group and Observation Domain.
Withdrawn or invalidated (Options) Template MUST be removed
from this table."
::= { ipfixMainObjects 2 }
ipfixTemplateEntry OBJECT-TYPE
SYNTAX IpfixTemplateEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixTemplateTable."
INDEX {
ipfixTransportSessionIndex,
ipfixTemplateObservationDomainId,
ipfixTemplateId
}
::= { ipfixTemplateTable 1 }
IpfixTemplateEntry ::=
SEQUENCE {
ipfixTemplateObservationDomainId Unsigned32,
ipfixTemplateId Unsigned32,
ipfixTemplateSetId Unsigned32,
ipfixTemplateAccessTime DateAndTime
}
ipfixTemplateObservationDomainId OBJECT-TYPE
SYNTAX Unsigned32 (0..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The Id of the Observation Domain for which this Template
is defined. This value is used when sending IPFIX Messages.
The special value of 0 indicates that the Data Records
exported with this (Option Template) cannot be applied to a
single Observation Domain."
REFERENCE
"RFC 5101, Specification of the IP Flow Information Export
(IPFIX) Protocol for the Exchange of IP Traffic Flow
Information, Section 3.1."
::= { ipfixTemplateEntry 1 }
ipfixTemplateId OBJECT-TYPE
SYNTAX Unsigned32 (256..65535)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This number indicates the Template Id in the IPFIX
Message. Values from 0 to 255 are not allowed for Template
Ids."
REFERENCE
"RFC 5101, Specification of the IP Flow Information Export
(IPFIX) Protocol for the Exchange of IP Traffic Flow
Information, Section 3.4.1."
::= { ipfixTemplateEntry 2 }
ipfixTemplateSetId OBJECT-TYPE
SYNTAX Unsigned32 (1..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This number indicates the Set Id of the Template. This
object allows to easily retrieve the Template type.
Currently, there are two values defined. The value 2 is
used for Sets containing Template definitions. The value 3
is used for Sets containing Options Template definitions."
REFERENCE
"RFC 5101, Specification of the IP Flow Information Export
(IPFIX) Protocol for the Exchange of IP Traffic Flow
Information, Section 3.3.2."
::= { ipfixTemplateEntry 3 }
ipfixTemplateAccessTime OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"If the Transport Session is in exporting mode
(ipfixTransportSessionDeviceMode) the time when this
(Options) Template was last sent to the Collector(s).
In the specific case of UDP as transport protocol, this
time is used to know when a retransmission of the
(Options) Template is needed.
If it is in collecting mode, this object contains the
time when this (Options) Template was last received from
the Exporter. In the specific case of UDP as transport
protocol, this time is used to know when this (Options)
Template times out and thus is no longer valid."
::= { ipfixTemplateEntry 4 }
--------------------------------------------------------------------
-- 1.1.3: Exported Template Definition Table
--------------------------------------------------------------------
ipfixTemplateDefinitionTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixTemplateDefinitionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"On Exporters, this table lists the (Options) Template fields
of which a (Options) Template is defined. It defines the
(Options) Template given in the ipfixTemplateId specified in
the ipfixTemplateTable.
On Collectors, this table lists the (Options) Template fields
of which a (Options) Template is defined. It defines the
(Options) Template given in the ipfixTemplateId specified in
the ipfixTemplateTable."
::= { ipfixMainObjects 3 }
ipfixTemplateDefinitionEntry OBJECT-TYPE
SYNTAX IpfixTemplateDefinitionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixTemplateDefinitionTable."
INDEX {
ipfixTransportSessionIndex,
ipfixTemplateObservationDomainId,
ipfixTemplateId,
ipfixTemplateDefinitionIndex
}
::= { ipfixTemplateDefinitionTable 1 }
IpfixTemplateDefinitionEntry ::=
SEQUENCE {
ipfixTemplateDefinitionIndex Unsigned32,
ipfixTemplateDefinitionIeId Unsigned32,
ipfixTemplateDefinitionIeLength Unsigned32,
ipfixTemplateDefinitionEnterpriseNumber Unsigned32,
ipfixTemplateDefinitionFlags BITS
}
ipfixTemplateDefinitionIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..65535)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The ipfixTemplateDefinitionIndex specifies the order in
which the Information Elements are used in the (Options)
Template Record.
Since a Template Record can contain a maximum of 65535
Information Elements, the index is limited to this value."
REFERENCE
"RFC 5101, Specification of the IP Flow Information Export
(IPFIX) Protocol for the Exchange of IP Traffic Flow
Information, Sections 3.4.1 and 3.4.2."
::= { ipfixTemplateDefinitionEntry 1 }
ipfixTemplateDefinitionIeId OBJECT-TYPE
SYNTAX Unsigned32 (1..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This indicates the Information Element Id at position
ipfixTemplateDefinitionIndex in the (Options) Template
ipfixTemplateId. This implicitly specifies the data type
of the Information Element. The elements are registered
at IANA. A current list of assignments can be found at
<http://www.iana.org/assignments/ipfix>"
REFERENCE
"RFC 5101, Specification of the IP Flow Information Export
(IPFIX) Protocol for the Exchange of IP Traffic Flow
Information, Section 3.2.
RFC 5102, Information Model for IP Flow Information Export."
::= { ipfixTemplateDefinitionEntry 2 }
ipfixTemplateDefinitionIeLength OBJECT-TYPE
SYNTAX Unsigned32 (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This indicates the length of the Information Element Id at
position ipfixTemplateDefinitionIndex in the (Options)
Template ipfixTemplateId."
REFERENCE
"RFC 5101, Specification of the IP Flow Information Export
(IPFIX) Protocol for the Exchange of IP Traffic Flow
Information, Section 3.2.
RFC 5102, Information Model for IP Flow Information Export."
::= { ipfixTemplateDefinitionEntry 3 }
ipfixTemplateDefinitionEnterpriseNumber OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"IANA enterprise number of the authority defining the
Information Element identifier in this Template Record.
Enterprise numbers are assigned by IANA. A current list of
all assignments is available from
<http://www.iana.org/assignments/enterprise-numbers/>.
This object must be zero(0) for all standard Information
Elements registered with IANA. A current list of these
elements is available from
<http://www.iana.org/assignments/ipfix/ipfix.xhtml>."
REFERENCE
"RFC 5101, Specification of the IP Flow Information Export
(IPFIX) Protocol for the Exchange of IP Traffic Flow
Information, Section 3.2.
RFC 5102, Information Model for IP Flow Information Export."
::= { ipfixTemplateDefinitionEntry 4 }
ipfixTemplateDefinitionFlags OBJECT-TYPE
SYNTAX BITS {
scope(0),
flowKey(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This bitmask indicates special attributes for the
Information Element:
scope(0)
This Information Element is used for scope.
flowKey(1)
This Information Element is a Flow Key.
Thus, we get the following values for an Information Element:
If neither bit scope(0) nor bit flowKey(1) are set
The Information Element is neither used for scoping nor
as Flow Key.
If only bit scope(0) is set
The Information Element is used for scoping.
If only bit flowKey(1) is set
The Information Element is used as Flow Key.
Both bit scope(0) and flowKey(1) MUST NOT be set at the same
time. This combination is not allowed."
REFERENCE
"RFC 5101, Specification of the IP Flow Information
Export (IPFIX) Protocol for the Exchange of IP Traffic Flow
Information, Sections 2 and 3.4.2.1.
RFC 5102, Information Model for IP Flow Information Export."
::= { ipfixTemplateDefinitionEntry 5 }
--------------------------------------------------------------------
-- 1.1.4: Export Table
--------------------------------------------------------------------
ipfixExportTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixExportEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists all exports of an IPFIX device.
On Exporters, this table contains all exports grouped by
Transport Session, Observation Domain Id, Template Id, and
Metering Process represented by the
ipfixMeteringProcessCacheId. Thanks to the ipfixExportIndex,
the exports can group one or more Transport Sessions to
achieve a special functionality like failover management,
load-balancing, etc. The entries with the same
ipfixExportIndex, ipfixObservationDomainId,
and ipfixMeteringProcessCacheId define a Transport
Session group. If the Exporter does not use Transport
Session grouping, then each ipfixExportIndex contains a
single ipfixMeteringProcessCacheId and thus a singe
Transport Session, and this session MUST have the member
type primary(1). Transport Sessions referenced in this
table MUST have the ipfixTransportSessionDeviceMode
exporting(1).
On Collectors, this table is not needed."
::= { ipfixMainObjects 4 }
ipfixExportEntry OBJECT-TYPE
SYNTAX IpfixExportEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixExportTable."
INDEX {
ipfixExportIndex,
ipfixMeteringProcessCacheId,
ipfixTransportSessionIndex
}
::= { ipfixExportTable 1 }
IpfixExportEntry ::=
SEQUENCE {
ipfixExportIndex Unsigned32,
ipfixExportMemberType INTEGER
}
ipfixExportIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Locally arbitrary, but unique identifier of an entry in
the ipfixExportTable. The value is expected
to remain constant from a re-initialization of the entity's
network management agent to the next re-initialization.
A common ipfixExportIndex between two entries from this
table expresses that there is a relationship between the
Transport Sessions in ipfixTransportSessionIndex. The type
of relationship is expressed by the value of
ipfixExportMemberType."
::= { ipfixExportEntry 1 }
ipfixExportMemberType OBJECT-TYPE
SYNTAX INTEGER {
unknown(0),
primary(1),
secondary(2),
parallel(3),
loadBalancing(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of a member Transport Session in a Transport
Session group (identified by the value of ipfixExportIndex,
ipfixObservationDomainId, and ipfixMeteringProcessCacheId).
The following values are valid:
unknown(0)
This value MUST be used if the status of the group
membership cannot be detected by the equipment. This
value should be avoided as far as possible.
primary(1)
This value is used for a group member that is used as
the primary target of an Exporter. Other group members
(with the same ipfixExportIndex and
ipfixMeteringProcessCacheId) MUST NOT have the value
primary(1) but MUST have the value secondary(2).
This value MUST also be specified if the Exporter does
not support Transport Session grouping. In this case,
the group contains only one Transport Session.
secondary(2)
This value is used for a group member that is used as a
secondary target of an Exporter. The Exporter will use
one of the targets specified as secondary(2) within the
same Transport Session group when the primary target is
not reachable.
parallel(3)
This value is used for a group member that is used for
duplicate exporting, i.e., all group members identified
by the ipfixExportIndex are exporting the same Records
in parallel. This implies that all group members MUST
have the same membertype parallel(3).
loadBalancing(4)
This value is used for a group member that is used
as one target for load-balancing. This means that a
Record is sent to one of the group members in this
group identified by ipfixExportIndex.
This implies that all group members MUST have the same
membertype loadBalancing(4)."
::= { ipfixExportEntry 2 }
--------------------------------------------------------------------
-- 1.1.5: Metering Process Table
--------------------------------------------------------------------
ipfixMeteringProcessTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixMeteringProcessEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists so-called caches used at the Metering
Process to store the metering data of Flows observed at
the Observation Points given in the
ipfixObservationPointGroupReference. The table lists the
timeouts that specify when the cached metering data is
expired.
On Collectors, the table is not needed."
::= { ipfixMainObjects 5 }
ipfixMeteringProcessEntry OBJECT-TYPE
SYNTAX IpfixMeteringProcessEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixMeteringProcessTable."
INDEX { ipfixMeteringProcessCacheId }
::= { ipfixMeteringProcessTable 1 }
IpfixMeteringProcessEntry ::=
SEQUENCE {
ipfixMeteringProcessCacheId Unsigned32,
ipfixMeteringProcessObservationPointGroupRef Unsigned32,
ipfixMeteringProcessCacheActiveTimeout Unsigned32,
ipfixMeteringProcessCacheInactiveTimeout Unsigned32
}
ipfixMeteringProcessCacheId OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Locally arbitrary, but unique identifier of an entry in the
ipfixMeteringProcessTable. The value is expected to remain
constant from a re-initialization of the entity's network
management agent to the next re-initialization."
::= { ipfixMeteringProcessEntry 1 }
ipfixMeteringProcessObservationPointGroupRef OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The Observation Point Group Id that links this table entry
to the ipfixObservationPointTable. The matching
ipfixObservationPointGroupId in that table gives the
Observation Points used in that cache. If the Observation
Points are unknown, the
ipfixMeteringProcessObservationPointGroupRef MUST be zero."
::= { ipfixMeteringProcessEntry 2 }
ipfixMeteringProcessCacheActiveTimeout OBJECT-TYPE
SYNTAX Unsigned32
UNITS "seconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"On the Exporter, this object contains the time after which a
Flow is expired (and a Data Record for the template is sent)
even though packets matching this Flow are still received by
the Metering Process. If this value is 0, the Flow is not
prematurely expired."
REFERENCE
"RFC 5470, Architecture for IP Flow Information Export,
Section 5.1.1, item 3."
::= { ipfixMeteringProcessEntry 3 }
ipfixMeteringProcessCacheInactiveTimeout OBJECT-TYPE
SYNTAX Unsigned32
UNITS "seconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"On the Exporter. this object contains the time after which a
Flow is expired (and a Data Record for the template is sent)
when no packets matching this Flow are received by the
Metering Process for the given number of seconds. If this
value is zero, the Flow is expired immediately, i.e., a Data
Record is sent for every packet received by the Metering
Process."
REFERENCE
"RFC 5470, Architecture for IP Flow Information Export,
Section 5.1.1, item 1"
::= { ipfixMeteringProcessEntry 4 }
--------------------------------------------------------------------
-- 1.1.6: Observation Point Table
--------------------------------------------------------------------
ipfixObservationPointTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixObservationPointEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists the Observation Points used within an
Exporter by the Metering Process. The index
ipfixObservationPointGroupId groups Observation Points
and is referenced in the Metering Process table.
On Collectors this table is not needed."
::= { ipfixMainObjects 6 }
ipfixObservationPointEntry OBJECT-TYPE
SYNTAX IpfixObservationPointEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixObservationPointTable."
INDEX {
ipfixObservationPointGroupId,
ipfixObservationPointIndex
}
::= { ipfixObservationPointTable 1 }
IpfixObservationPointEntry ::=
SEQUENCE {
ipfixObservationPointGroupId Unsigned32,
ipfixObservationPointIndex Unsigned32,
ipfixObservationPointObservationDomainId Unsigned32,
ipfixObservationPointPhysicalEntity PhysicalIndexOrZero,
ipfixObservationPointPhysicalInterface InterfaceIndexOrZero,
ipfixObservationPointPhysicalEntityDirection INTEGER
}
ipfixObservationPointGroupId OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Locally arbitrary, but unique identifier of an entry in the
ipfixObservationPointTable. The value is expected to remain
constant from a re-initialization of the entity's network
management agent to the next re-initialization.
This index represents a group of Observation Points.
The special value of 0 MUST NOT be used within this table
but is reserved for the usage in the
ipfixMeteringProcessTable. An index of 0 for the
ipfixObservationPointGroupReference index in that table
indicates that an Observation Point is unknown or
unspecified for a Metering Process cache."
::= { ipfixObservationPointEntry 1 }
ipfixObservationPointIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Locally arbitrary, but unique identifier of an entry in the
ipfixObservationPointTable. The value is expected to remain
constant from a re-initialization of the entity's network
management agent to the next re-initialization.
This index represents a single Observation Point in an
Observation Point group."
::= { ipfixObservationPointEntry 2 }
ipfixObservationPointObservationDomainId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The Id of the Observation Domain in which this
Observation Point is included.
The special value of 0 indicates that the Observation
Points within this group cannot be applied to a single
Observation Domain."
REFERENCE
"RFC 5101, Specification of the IP Flow Information Export
(IPFIX) Protocol for the Exchange of IP
Traffic Flow Information, Section 3.1."
::= { ipfixObservationPointEntry 3 }
ipfixObservationPointPhysicalEntity OBJECT-TYPE
SYNTAX PhysicalIndexOrZero
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains the index of a physical entity in
the ENTITY MIB. This physical entity is the given
Observation Point. If such a physical entity cannot be
specified or is not known, then the object is zero."
::= { ipfixObservationPointEntry 4 }
ipfixObservationPointPhysicalInterface OBJECT-TYPE
SYNTAX InterfaceIndexOrZero
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains the index of a physical interface in
the IF MIB. This physical interface is the given
Observation Point. If such a physical interface cannot be
specified or is not known, then the object is zero.
This object MAY be used stand alone or in addition to
ipfixObservationPointPhysicalEntity. If
ipfixObservationPointPhysicalEntity is not zero, this object
MUST point to the same physical interface that is
referenced in ipfixObservationPointPhysicalEntity.
Otherwise, it may reference any interface in the IF MIB."
::= { ipfixObservationPointEntry 5 }
ipfixObservationPointPhysicalEntityDirection OBJECT-TYPE
SYNTAX INTEGER {
unknown(0),
ingress(1),
egress(2),
both(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The direction of the Flow that is monitored on the given
physical entity. The following values are valid:
unknown(0)
This value MUST be used if a direction is not
known for the given physical entity.
ingress(1)
This value is used for monitoring incoming Flows on the
given physical entity.
egress(2)
This value is used for monitoring outgoing Flows on the
given physical entity.
both(3)
This value is used for monitoring incoming and outgoing
Flows on the given physical entity."
::= { ipfixObservationPointEntry 6 }
--------------------------------------------------------------------
-- 1.1.7: Selection Process Table
--------------------------------------------------------------------
ipfixSelectionProcessTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixSelectionProcessEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains Selector Functions connected to a
Metering Process by the index ipfixMeteringProcessCacheId.
The Selector Functions are grouped into Selection Processes
by the ipfixSelectionProcessIndex. The Selector Functions
are applied within the Selection Process to the packets
observed for the given Metering Process cache in increasing
order implied by the ipfixSelectionProcessSelectorIndex.
This means Selector Functions with lower
ipfixSelectionProcessSelectorIndex are applied first. The
remaining packets are accounted for in Flow Records.
Since IPFIX does not define any Selector Function (except
selecting every packet), this is a placeholder for future
use and a guideline for implementing enterprise-specific
Selector Function objects.
The following object tree should visualize how the
Selector Function objects should be implemented:
ipfixSelectorFunctions
|
+- ipfixFuncSelectAll
| |
| +- ipfixFuncSelectAllAvail (is the function available?)
|
+- ipfixFuncF2
| |
| +- ipfixFuncF2Avail (is the function F2 available?)
| |
| +- ipfixFuncF2Parameters (a table with parameters)
...
|
+- ipfixFuncFn...
If a Selector Function takes parameters, the MIB should
contain a table with an entry for each set of parameters
used at the Exporter."
::= { ipfixMainObjects 7 }
ipfixSelectionProcessEntry OBJECT-TYPE
SYNTAX IpfixSelectionProcessEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixSelectionProcessTable."
INDEX {
ipfixMeteringProcessCacheId,
ipfixSelectionProcessIndex,
ipfixSelectionProcessSelectorIndex
}
::= { ipfixSelectionProcessTable 1 }
IpfixSelectionProcessEntry ::= SEQUENCE {
ipfixSelectionProcessIndex Unsigned32,
ipfixSelectionProcessSelectorIndex Unsigned32,
ipfixSelectionProcessSelectorFunction OBJECT IDENTIFIER
}
ipfixSelectionProcessIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Locally arbitrary, but unique identifier of an entry in the
ipfixSelectionProcessTable. The value is expected to remain
constant from a re-initialization of the entity's network
management agent to the next re-initialization."
::= { ipfixSelectionProcessEntry 1 }
ipfixSelectionProcessSelectorIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Index specifying the order in which the referenced
ipfixSelectionProcessSelectorFunctions are applied to the
observed packet stream within the given Selection Process
(identified by the ipfixSelectionProcessIndex). The
Selector Functions are applied in increasing order, i.e.,
Selector Functions with lower index are applied first."
::= { ipfixSelectionProcessEntry 2 }
ipfixSelectionProcessSelectorFunction OBJECT-TYPE
SYNTAX OBJECT IDENTIFIER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The pointer to the Selector Function used at position
ipfixSelectionProcessSelectorIndex in the list of Selector
Functions for the Metering Process cache specified by the
index ipfixMeteringProcessCacheId and for the given
Selection Process (identified by the
ipfixSelectionProcessIndex).
This usually points to an object in the IPFIX SELECTOR MIB.
If the Selector Function does not take parameters, then it
MUST point to the root of the function subtree. If the
function takes parameters, then it MUST point to an entry
in the parameter table of the Selector Function."
::= { ipfixSelectionProcessEntry 3 }
--------------------------------------------------------------------
-- 1.2.1: Transport Session Statistics Table
--------------------------------------------------------------------
ipfixTransportSessionStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixTransportSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists Transport Sessions statistics between
Exporting Processes and Collecting Processes."
::= { ipfixStatistics 1 }
ipfixTransportSessionStatsEntry OBJECT-TYPE
SYNTAX IpfixTransportSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixTransportSessionStatsTable."
AUGMENTS { ipfixTransportSessionEntry }
::= { ipfixTransportSessionStatsTable 1 }
IpfixTransportSessionStatsEntry ::=
SEQUENCE {
ipfixTransportSessionRate Gauge32,
ipfixTransportSessionPackets Counter64,
ipfixTransportSessionBytes Counter64,
ipfixTransportSessionMessages Counter64,
ipfixTransportSessionDiscardedMessages Counter64,
ipfixTransportSessionRecords Counter64,
ipfixTransportSessionTemplates Counter64,
ipfixTransportSessionOptionsTemplates Counter64,
ipfixTransportSessionDiscontinuityTime TimeStamp
}
ipfixTransportSessionRate OBJECT-TYPE
SYNTAX Gauge32
UNITS "bytes/second"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of bytes per second received by the
Collector or transmitted by the Exporter. A
value of zero (0) means that no packets were sent or
received, yet. This object is updated every second."
::= { ipfixTransportSessionStatsEntry 1 }
ipfixTransportSessionPackets OBJECT-TYPE
SYNTAX Counter64
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets received by the Collector
or transmitted by the Exporter.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixTransportSessionDiscontinuityTime."
::= { ipfixTransportSessionStatsEntry 2 }
ipfixTransportSessionBytes OBJECT-TYPE
SYNTAX Counter64
UNITS "bytes"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of bytes received by the Collector
or transmitted by the Exporter.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixTransportSessionDiscontinuityTime."
::= { ipfixTransportSessionStatsEntry 3 }
ipfixTransportSessionMessages OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of IPFIX Messages received by the
Collector or transmitted by the Exporter.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixTransportSessionDiscontinuityTime."
::= { ipfixTransportSessionStatsEntry 4 }
ipfixTransportSessionDiscardedMessages OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of received IPFIX Message that are malformed,
cannot be decoded, are received in the wrong order, or are
missing according to the sequence number.
If used at the Exporter, the number of messages that could
not be sent due to, e.g., internal buffer overflows, network
congestion, or routing issues.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixTransportSessionDiscontinuityTime."
::= { ipfixTransportSessionStatsEntry 5 }
ipfixTransportSessionRecords OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Data Records received by the Collector or
transmitted by the Exporter.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixTransportSessionDiscontinuityTime."
::= { ipfixTransportSessionStatsEntry 6 }
ipfixTransportSessionTemplates OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Templates received or transmitted.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixTransportSessionDiscontinuityTime."
::= { ipfixTransportSessionStatsEntry 7 }
ipfixTransportSessionOptionsTemplates OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Options Templates received or transmitted.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixTransportSessionDiscontinuityTime."
::= { ipfixTransportSessionStatsEntry 8 }
ipfixTransportSessionDiscontinuityTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime at the most recent occasion at which
one or more of the Transport Session counters suffered a
discontinuity.
A value of zero indicates no such discontinuity has
occurred since the last re-initialization of the local
management subsystem."
::= { ipfixTransportSessionStatsEntry 9 }
--------------------------------------------------------------------
-- 1.2.2: Template Statistics Table
--------------------------------------------------------------------
ipfixTemplateStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixTemplateStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists statistics objects per Template."
::= { ipfixStatistics 2 }
ipfixTemplateStatsEntry OBJECT-TYPE
SYNTAX IpfixTemplateStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixTemplateStatsTable."
AUGMENTS { ipfixTemplateEntry }
::= { ipfixTemplateStatsTable 1 }
IpfixTemplateStatsEntry ::=
SEQUENCE {
ipfixTemplateDataRecords Counter64,
ipfixTemplateDiscontinuityTime TimeStamp
}
ipfixTemplateDataRecords OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Data Records that are transmitted or received
per Template.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ipfixTemplateDiscontinuityTime."
::= { ipfixTemplateStatsEntry 1 }
ipfixTemplateDiscontinuityTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime at the most recent occasion at which
the Template counter suffered a discontinuity.
A value of zero indicates no such discontinuity has
occurred since the last re-initialization of the local
management subsystem."
::= { ipfixTemplateStatsEntry 2 }
--------------------------------------------------------------------
-- 1.2.3: Metering Process Statistics Table
--------------------------------------------------------------------
ipfixMeteringProcessStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixMeteringProcessStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists statistic objects that have data per
Metering Process cache.
On Collectors, this table is not needed."
::= { ipfixStatistics 3 }
ipfixMeteringProcessStatsEntry OBJECT-TYPE
SYNTAX IpfixMeteringProcessStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixMeteringProcessStatsTable."
AUGMENTS { ipfixMeteringProcessEntry }
::= { ipfixMeteringProcessStatsTable 1 }
IpfixMeteringProcessStatsEntry ::=
SEQUENCE {
ipfixMeteringProcessCacheActiveFlows Gauge32,
ipfixMeteringProcessCacheUnusedCacheEntries Gauge32,
ipfixMeteringProcessCacheDataRecords Counter64,
ipfixMeteringProcessCacheDiscontinuityTime TimeStamp
}
ipfixMeteringProcessCacheActiveFlows OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Flows currently active at this cache."
::= { ipfixMeteringProcessStatsEntry 1 }
ipfixMeteringProcessCacheUnusedCacheEntries OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of unused cache entries."
::= { ipfixMeteringProcessStatsEntry 2 }
ipfixMeteringProcessCacheDataRecords OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Data Records generated.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixTemplateDiscontinuityTime."
::= { ipfixMeteringProcessStatsEntry 3 }
ipfixMeteringProcessCacheDiscontinuityTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime at the most recent occasion at which
the Metering Process counter suffered a discontinuity.
A value of zero indicates no such discontinuity has
occurred since the last re-initialization of the local
management subsystem."
::= { ipfixMeteringProcessStatsEntry 4 }
--------------------------------------------------------------------
-- 1.2.4: Selection Process Statistics Table
--------------------------------------------------------------------
ipfixSelectionProcessStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixSelectionProcessStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains statistics for the Selector Functions
connected to Metering Process by the index
ipfixMeteringProcessCacheId.
The indexes MUST match an entry in the
ipfixSelectionProcessTable."
::= { ipfixStatistics 4 }
ipfixSelectionProcessStatsEntry OBJECT-TYPE
SYNTAX IpfixSelectionProcessStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixSelectionProcessStatsTable."
AUGMENTS { ipfixSelectionProcessEntry }
::= { ipfixSelectionProcessStatsTable 1 }
IpfixSelectionProcessStatsEntry ::= SEQUENCE {
ipfixSelectionProcessStatsPacketsObserved Counter64,
ipfixSelectionProcessStatsPacketsDropped Counter64,
ipfixSelectionProcessStatsDiscontinuityTime TimeStamp
}
ipfixSelectionProcessStatsPacketsObserved OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets observed at the entry point of the
function. The entry point may be the Observation Point or
the exit point of another Selector Function.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixSelectionProcessStatsDiscontinuityTime."
::= { ipfixSelectionProcessStatsEntry 1 }
ipfixSelectionProcessStatsPacketsDropped OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets dropped while selecting packets.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixSelectionProcessStatsDiscontinuityTime."
::= { ipfixSelectionProcessStatsEntry 2 }
ipfixSelectionProcessStatsDiscontinuityTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime at the most recent occasion at which
one or more of the Selector counters suffered a
discontinuity.
A value of zero indicates no such discontinuity has
occurred since the last re-initialization of the local
management subsystem."
::= { ipfixSelectionProcessStatsEntry 3 }
--==================================================================
-- 2: Conformance Information
--==================================================================
ipfixCompliances OBJECT IDENTIFIER ::= { ipfixConformance 1 }
ipfixGroups OBJECT IDENTIFIER ::= { ipfixConformance 2 }
--------------------------------------------------------------------
-- 2.1: Compliance Statements
--------------------------------------------------------------------
ipfixCollectorCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"An implementation that builds an IPFIX Collector
that complies to this module MUST implement the objects
defined in the mandatory group ipfixCommonGroup.
The implementation of all objects in the other groups is
optional and depends on the corresponding functionality
implemented in the equipment.
An implementation that is compliant to this MIB module
is limited to use only the values TCP (6), UDP (17), and
SCTP (132) in the ipfixTransportSessionProtocol object
because these are the only protocol currently specified
for usage within IPFIX (see RFC 5101)."
MODULE -- this module
MANDATORY-GROUPS {
ipfixCommonGroup
}
GROUP ipfixCommonStatsGroup
DESCRIPTION
"These objects should be implemented if the statistics
function is implemented in the equipment."
::= { ipfixCompliances 1 }
ipfixExporterCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"An implementation that builds an IPFIX Exporter that
complies to this module MUST implement the objects defined
in the mandatory group ipfixCommonGroup. The implementation
of all other objects depends on the implementation of the
corresponding functionality in the equipment."
MODULE -- this module
MANDATORY-GROUPS {
ipfixCommonGroup,
ipfixExporterGroup
}
GROUP ipfixCommonStatsGroup
DESCRIPTION
"These objects should be implemented if the statistics
function is implemented in the equipment."
GROUP ipfixExporterStatsGroup
DESCRIPTION
"These objects MUST be implemented if statistical functions
are implemented on the equipment."
::= { ipfixCompliances 2 }
--------------------------------------------------------------------
-- 2.2: MIB Grouping
--------------------------------------------------------------------
ipfixCommonGroup OBJECT-GROUP
OBJECTS {
ipfixTransportSessionProtocol,
ipfixTransportSessionSourceAddressType,
ipfixTransportSessionSourceAddress,
ipfixTransportSessionDestinationAddressType,
ipfixTransportSessionDestinationAddress,
ipfixTransportSessionSourcePort,
ipfixTransportSessionDestinationPort,
ipfixTransportSessionSctpAssocId,
ipfixTransportSessionDeviceMode,
ipfixTransportSessionTemplateRefreshTimeout,
ipfixTransportSessionOptionsTemplateRefreshTimeout,
ipfixTransportSessionTemplateRefreshPacket,
ipfixTransportSessionOptionsTemplateRefreshPacket,
ipfixTransportSessionIpfixVersion,
ipfixTransportSessionStatus,
ipfixTemplateSetId,
ipfixTemplateAccessTime,
ipfixTemplateDefinitionIeId,
ipfixTemplateDefinitionIeLength,
ipfixTemplateDefinitionEnterpriseNumber,
ipfixTemplateDefinitionFlags
}
STATUS current
DESCRIPTION
"The main IPFIX objects."
::= { ipfixGroups 1 }
ipfixCommonStatsGroup OBJECT-GROUP
OBJECTS {
ipfixTransportSessionRate,
ipfixTransportSessionPackets,
ipfixTransportSessionBytes,
ipfixTransportSessionMessages,
ipfixTransportSessionDiscardedMessages,
ipfixTransportSessionRecords,
ipfixTransportSessionTemplates,
ipfixTransportSessionOptionsTemplates,
ipfixTransportSessionDiscontinuityTime,
ipfixTemplateDataRecords,
ipfixTemplateDiscontinuityTime
}
STATUS current
DESCRIPTION
"Common statistical objects."
::= { ipfixGroups 2 }
ipfixExporterGroup OBJECT-GROUP
OBJECTS {
ipfixExportMemberType,
ipfixMeteringProcessObservationPointGroupRef,
ipfixMeteringProcessCacheActiveTimeout,
ipfixMeteringProcessCacheInactiveTimeout,
ipfixObservationPointObservationDomainId,
ipfixObservationPointPhysicalEntity,
ipfixObservationPointPhysicalInterface,
ipfixObservationPointPhysicalEntityDirection,
ipfixSelectionProcessSelectorFunction
}
STATUS current
DESCRIPTION
"The main objects for Exporters."
::= { ipfixGroups 3 }
ipfixExporterStatsGroup OBJECT-GROUP
OBJECTS {
ipfixMeteringProcessCacheActiveFlows,
ipfixMeteringProcessCacheUnusedCacheEntries,
ipfixMeteringProcessCacheDataRecords,
ipfixMeteringProcessCacheDiscontinuityTime,
ipfixSelectionProcessStatsPacketsObserved,
ipfixSelectionProcessStatsPacketsDropped,
ipfixSelectionProcessStatsDiscontinuityTime
}
STATUS current
DESCRIPTION
"The statistical objects for Exporters."
::= { ipfixGroups 4 }
END
]]></artwork></figure>
</t>
</section>
<section title="IPFIX SELECTOR MIB Definition">
<t>
<figure><artwork><![CDATA[
IPFIX-SELECTOR-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, mib-2
FROM SNMPv2-SMI -- RFC2578
TruthValue
FROM SNMPv2-TC -- RFC2579
MODULE-COMPLIANCE, OBJECT-GROUP
FROM SNMPv2-CONF; -- RFC2580
ipfixSelectorMIB MODULE-IDENTITY
LAST-UPDATED "201203220000Z" -- 22 March 2012
ORGANIZATION "IETF IPFIX Working Group"
CONTACT-INFO
"WG charter:
http://www.ietf.org/html.charters/ipfix-charter.html
Mailing Lists:
General Discussion: ipfix@ietf.org
To Subscribe: http://www1.ietf.org/mailman/listinfo/ipfix
Archive:
http://www1.ietf.org/mail-archive/web/ipfix/current/index.html
Editor:
Thomas Dietz
NEC Europe Ltd.
NEC Laboratories Europe
Network Research Division
Kurfuersten-Anlage 36
69115 Heidelberg
Germany
Phone: +49 6221 4342-128
Email: Thomas.Dietz@nw.neclab.eu
Atsushi Kobayashi
NTT Information Sharing Platform Laboratories
3-9-11 Midori-cho
Musashino-shi
180-8585
Japan
Phone: +81-422-59-3978
Email: akoba@nttv6.net
Benoit Claise
Cisco Systems, Inc.
De Kleetlaan 6a b1
Diegem 1831
Belgium
Phone: +32 2 704 5622
Email: bclaise@cisco.com
Gerhard Muenz
Technische Universitaet Muenchen
Department of Informatics
Chair for Network Architectures and Services (I8)
Boltzmannstr. 3
85748 Garching
Germany
Email: muenz@net.in.tum.de
DESCRIPTION
"The IPFIX SELECTOR MIB module defined in this section
provides the standard Filtering and Sampling functions that
can be referenced in the ipfixSelectionProcessTable. All
standard Filtering and Sampling functions MUST be registered
in the subtree under object ipfixSelectorFunctions
(1.3.6.1.2.1.194.1.1). The toplevel OIDs in the subtree
under object ipfixSelectorFunctions MUST be registered in a
subregistry maintained by IANA at
http://www.iana.org/assignments/smi-numbers.
New selector functions MUST be registered at IANA and are
subject to Expert Review RFC 5226, i.e., review by one of a
group of experts designated by an IETF Area Director. The
group of experts MUST check the requested MIB objects for
completeness and accuracy of the description. Requests for
MIB objects that duplicate the functionality of existing
objects SHOULD be declined. The smallest available OID
SHOULD be assigned to a new MIB objects. The specification
of new MIB objects SHOULD follow the structure specified in
RFC [ThisRFC] and MUST be published using a well-
established and persistent publication medium. The experts
will initially be drawn from the Working Group Chairs and
document editors of the IPFIX and PSAMP Working Groups.
Copyright (c) 2012 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD
License set forth in Section 4.c of the IETF Trust's
Legal Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info)."
-- Revision history
REVISION "201203220000Z" -- 22 March 2012
DESCRIPTION
"Update to MIB description to reflect updated registration
of new Sampling and Filtering Functions. Published as RFC
[ThisRFC]."
REVISION "201003150000Z" -- 15 March 2010
DESCRIPTION
"Initial version, published as RFC 5815."
::= { mib-2 194 }
-- Note for RFC Editor: substitute [ThisRFC] with the newly
-- assigned number in the previous sections.
--******************************************************************
-- Top Level Structure of the MIB
--******************************************************************
ipfixSelectorObjects OBJECT IDENTIFIER
::= { ipfixSelectorMIB 1 }
ipfixSelectorConformance OBJECT IDENTIFIER
::= { ipfixSelectorMIB 2 }
--==================================================================
-- 1: Objects used by all IPFIX implementations
--==================================================================
--------------------------------------------------------------------
-- 1.1: Packet Selector Functions for IPFIX
--------------------------------------------------------------------
ipfixSelectorFunctions OBJECT IDENTIFIER
::= { ipfixSelectorObjects 1 }
--------------------------------------------------------------------
-- 1.1.1: Function 1: Selecting All Packets
--------------------------------------------------------------------
ipfixFuncSelectAll OBJECT IDENTIFIER
::= { ipfixSelectorFunctions 1 }
ipfixFuncSelectAllAvail OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the availability of the trivial
function of selecting all packets. This function is always
available."
::= { ipfixFuncSelectAll 1 }
--==================================================================
-- 2: Conformance Information
--==================================================================
ipfixSelectorCompliances OBJECT IDENTIFIER
::= { ipfixSelectorConformance 1 }
ipfixSelectorGroups OBJECT IDENTIFIER
::= { ipfixSelectorConformance 2 }
--------------------------------------------------------------------
-- 2.1: Compliance Statements
--------------------------------------------------------------------
ipfixSelectorBasicCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"An implementation that builds an IPFIX Exporter that
complies to this module MUST implement the objects defined
in the mandatory group ipfixBasicGroup. The implementation
of all other objects depends on the implementation of the
corresponding functionality in the equipment."
MODULE -- this module
MANDATORY-GROUPS {
ipfixSelectorBasicGroup
}
::= { ipfixSelectorCompliances 1 }
--------------------------------------------------------------------
-- 2.2: MIB Grouping
--------------------------------------------------------------------
ipfixSelectorBasicGroup OBJECT-GROUP
OBJECTS {
ipfixFuncSelectAllAvail
}
STATUS current
DESCRIPTION
"The main IPFIX objects."
::= { ipfixSelectorGroups 1 }
END
]]></artwork></figure>
</t>
</section>
</section>
<section anchor="security" title="Security Considerations">
<t>There are no management objects defined in this MIB module that have
a MAX-ACCESS clause of read-write and/or read-create. So, if these MIB
modules are implemented correctly, then there is no risk that an
intruder can alter or create any management objects of these MIB modules
via direct SNMP SET operations.</t>
<t>Some of the readable objects in these MIB modules (i.e., objects with
a MAX-ACCESS other than not-accessible) may be considered sensitive or
vulnerable in some network environments. It is thus important to control
even GET and/or NOTIFY access to these objects and possibly to even
encrypt the values of these objects when sending them over the network
via SNMP. These are the tables and objects and their
sensitivity/vulnerability:<list style="symbols">
<t>ipfixTransportSessionTable - contains configuration data that
might be sensitive because objects in this table may reveal
information about the network infrastructure</t>
<t>ipfixExportTable - contains configuration data that might be
sensitive because object in this table may reveal information about
the network infrastructure as well</t>
<t>ipfixMeteringProcessTable - contains configuration data that
might be sensitive because objects in this table may reveal
information about the IPFIX Device itself</t>
<t>ipfixObservationPointTable - contains configuration data that
might be sensitive because objects in this table may reveal
information about the IPFIX Device itself and the network
infrastructure</t>
<t>ipfixSelectorFunctions - currently contains no sensitive data but
might want to be secured anyway since it may contain sensitive data
in a future version</t>
</list>All other objects and tables contain no data that is considered
sensitive.</t>
<t>SNMP versions prior to SNMPv3 did not include adequate security. Even
if the network itself is secure (for example by using IPsec), even then,
there is no control as to who on the secure network is allowed to access
and GET/SET (read/change/create/delete) the objects in these MIB
modules.</t>
<t>It is RECOMMENDED that implementers consider the security features as
provided by the SNMPv3 framework (see <xref target="RFC3410"></xref>
Section 8), including full support for the SNMPv3 cryptographic
mechanisms (for authentication and privacy).</t>
<t>Further, deployment of SNMP versions prior to SNMPv3 is NOT
RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable
cryptographic security. It is then a customer/operator responsibility to
ensure that the SNMP entity giving access to an instance of these MIB
modules is properly configured to give access to the objects only to
those principals (users) that have legitimate rights to indeed GET or
SET (change/create/delete) them.</t>
</section>
<section anchor="iana" title="IANA Considerations">
<t>The MIB module in this document uses the following IANA-assigned
OBJECT IDENTIFIER values recorded in the SMI Numbers registry:</t>
<figure>
<artwork><![CDATA[
Descriptor OBJECT IDENTIFIER value
---------- -----------------------
ipfixMIB { mib-2 193 }
ipfixSelectorMIB { mib-2 194 }
]]></artwork>
</figure>
<t>NOTE TO RFC EDITOR: substitute ThisRFC with the RFC number of this
document after assignment in the following section.</t>
<t>The IPFIX SELECTOR MIB registry as defined in
<xref target="RFC5815"></xref> Section 10 will be removed by IANA as its
use is discontinued with this document.</t>
<t>IANA will create and maintain a subregistry at
http://www.iana.org/assignments/smi-numbers in which the toplevel OIDs in
the subtree under object ipfixSelectorFunctions MUST be registered. The
initial version of this subregistry should contain the following content:
<figure>
<artwork><![CDATA[
Sub-registry Name: IPFIX-SELECTOR-MIB Functions
Reference: [ThisRFC]
Registration Procedures: Expert Review [RFC5226]
Prefix:
mib-2.ipfixSelectorMIB.ipfixSelectorObjects.ipfixSelectorFunctions
(1.3.6.1.2.1.194.1.1)
Decimal Name Description Reference
------- ---- ----------- ---------
1 ipfixFuncSelectAll Select everything [ThisRFC]
]]></artwork>
</figure>
Additions to this subregistry are subject to Expert Review <xref
target="RFC5226"></xref>, i.e., review by one of a group of experts
designated by an IETF Area Director. The group of experts MUST check the
requested MIB objects for completeness and accuracy of the description.
Requests for MIB objects that duplicate the functionality of existing
objects SHOULD be declined. The smallest available OID SHOULD be
assigned to new MIB objects. The specification of new MIB objects
SHOULD follow the structure specified in Section <xref format="counter"
target="structure_ipfix_selector_mib"></xref> and MUST be published
using a well-established and persistent publication medium. The experts
will initially be drawn from the Working Group Chairs and document
editors of the IPFIX and PSAMP Working Groups.</t>
</section>
<section title="Acknowledgments">
<t>This document is a product of the IPFIX Working Group. The authors
would like to thank the following persons: Paul Aitken for his detailed
review, Dan Romascanu and the MIB doctors, and many more, for the
technical reviews and feedback.</t>
</section>
</middle>
<back>
<references title="Normative References">
&rfc2119;
&rfc2578;
&rfc2579;
&rfc2580;
&rfc4001;
&rfc2863;
&rfc3873;
&rfc4133;
&rfc5101;
&rfc5102;
&rfc5226;
&rfc5815;
</references>
<references title="Informative References">
&rfc3410;
&rfc3917;
&rfc5470;
&rfc5472;
&rfc5474;
&rfc5475;
&rfc5476;
</references>
</back>
</rfc>
| PAFTECH AB 2003-2026 | 2026-04-23 14:47:18 |