One document matched: draft-ietf-opsawg-operations-and-management-01.xml
<?xml version="1.0" encoding="US-ASCII"?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
<!ENTITY rfc1052 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.1052.xml">
<!ENTITY rfc2119 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml">
<!ENTITY rfc2578 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2578.xml">
<!ENTITY rfc2613 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2613.xml">
<!ENTITY rfc2819 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2819.xml">
<!ENTITY rfc2863 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2863.xml">
<!ENTITY rfc2865 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2865.xml">
<!ENTITY rfc2975 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2975.xml">
<!ENTITY rfc3060 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3060.xml">
<!ENTITY rfc3084 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3084.xml">
<!ENTITY rfc3139 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3139.xml">
<!ENTITY rfc3159 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3159.xml">
<!ENTITY rfc3165 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3165.xml">
<!ENTITY rfc3290 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3290.xml">
<!ENTITY rfc3317 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3317.xml">
<!ENTITY rfc3410 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3410.xml">
<!ENTITY rfc3413 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3413.xml">
<!ENTITY rfc3418 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3418.xml">
<!ENTITY rfc3444 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3444.xml">
<!ENTITY rfc3460 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3460.xml">
<!ENTITY rfc3535 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3535.xml">
<!ENTITY rfc3585 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3585.xml">
<!ENTITY rfc3588 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3588.xml">
<!ENTITY rfc3644 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3644.xml">
<!ENTITY rfc3670 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3670.xml">
<!ENTITY rfc3805 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3805.xml">
<!ENTITY rfc4011 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4011.xml">
<!ENTITY rfc4133 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4133.xml">
<!ENTITY rfc4502 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4502.xml">
<!ENTITY rfc4668 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4668.xml">
<!ENTITY rfc4669 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4669.xml">
<!ENTITY rfc4710 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4710.xml">
<!ENTITY rfc4741 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4741.xml">
<!ENTITY rfc4825 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4825.xml">
<!ENTITY rfc4930 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4930.xml">
<!ENTITY I-D.ietf-ipfix-protocol SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-ipfix-protocol.xml">
<!ENTITY I-D.ietf-syslog-protocol SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-syslog-protocol.xml">
<!ENTITY I-D.ietf-sipping-rtcp-summary SYSTEM "http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-sipping-rtcp-summary.xml">
]>
<?rfc toc="yes"?>
<?rfc tocompact="yes"?>
<?rfc tocdepth="3"?>
<?rfc tocindent="yes"?>
<?rfc symrefs="yes"?>
<?rfc sortrefs="yes"?>
<?rfc comments="yes"?>
<?rfc inline="yes"?>
<?rfc compact="yes"?>
<?rfc subcompact="no"?>
<?rfc strict="yes"?>
<?rfc rfcedstyle="yes"?>
<rfc category="bcp" docName="draft-ietf-opsawg-operations-and-management-01"
ipr="full3978">
<!--
$Id: draft-ietf-opsawg-operations-and-management.xml,v 1.1 2007/09/13 11:03:14 H73653 Exp $
-->
<front>
<title abbrev="Ops and Mgmt Guidelines">Guidelines for Considering
Operations and Management of New Protocols</title>
<author fullname="David Harrington" initials="D" surname="Harrington">
<organization>Huawei Technologies USA</organization>
<address>
<postal>
<street>1700 Alma Dr, Suite 100</street>
<city>Plano</city>
<region>TX</region>
<code>75075</code>
<country>USA</country>
</postal>
<phone>+1 603 436 8634</phone>
<facsimile></facsimile>
<email>dharrington@huawei.com</email>
<uri></uri>
</address>
</author>
<date year="2007" />
<area>IETF Operations and Management Area</area>
<keyword>management</keyword>
<keyword>operations</keyword>
<abstract>
<t>New protocols or protocol extensions are best designed with due
consideration of operations and management issues related to the
protocol. Retrofitting operations and management recommendations to
protocols is sub-optimal. The purpose of this document is to provide
guidance to authors and reviewers of documents defining new protocols or
protocol extensions, covering aspects of operations and management that
should be considered.</t>
</abstract>
</front>
<middle>
<section title="Introduction">
<t>Often when new protocols or protocol extensions are developed, not
enough consideration is given to how the protocol will be deployed,
operated and managed. Retrofitting operations and management mechanisms
is often hard and architecturally unpleasant, and certain protocol
design choices may make deployment, operations, and management
particularly hard. Since operations and management issues may impact the
success of IETF protocols, this document provides guidelines to help
protocol designers and working groups consider the operations and
management issues of their new IETF protocol or protocol extension at an
earlier phase.</t>
<t>This document recommends working groups consider operations and
management needs, and then select appropriate standard management
protocols and data models to address the relevant operations and
management needs, just as the WG might consider which security threats
are relevant to their protocol, and then select appropriate standard
security protocols to mitigate the relevant threats.</t>
<t>This document is organized to support such a progressive approach.
Section 2 discusses the importance of considering operations and
management. Section 3 discusses operational issues to consider. Section
4 discusses management issues to consider. Section 5 discusses IETF
standards-track management protocols and their uses. Section 6 discusses
specific data models, such as MIB modules, that have been designed to
address specific sets of issues.</t>
<t>This document sets forth a list of subjective guidelines and a list
of objective criteria by which a protocol designer can evaluate whether
the protocol that he/she has developed addresses common operations and
management needs. Operations and management is highly dependent on the
environment in which it is used, so most guidelines are subjective
rather than objective. We provide objective criteria to promote
interoperability through the use of standard management interfaces, such
as "did you design counters in a MIB module for monitoring packets
in/out of an interface?", "did you write an XML-based data model for
configuring your protocol with Netconf?", and "did you standardize
syslog message content and structured data elements for reporting events
that might occur when operating your protocol?"</t>
<t>A balance is needed between ensuring operations and management have
been considered, and getting a protocol specification published in a
timely fashion. IETF standards-track protocol documents should contain
enough information to understand how the protocol will be deployed and
managed. It should be expected that initial considerations for
operations and management may need to be updated in the future, after
further operational experience has been gained. This document only
provides guidelines; the (ever-changing membership of the) IESG can make
a decision about how the guidelines should be used by the IETF over
time.</t>
<section title="Terminology">
<t>This document deliberately does not use the (capitalized) key words
described in <xref target="RFC2119">RFC 2119</xref>. RFC 2119 states
the keywords must only be used where it is actually required for
interoperation or to limit behavior which has potential for causing
harm (e.g., limiting retransmissions). For example, they must not be
used to try to impose a particular method on implementers where the
method is not required for interoperability. This document is a set of
guidelines based on current practices of protocol designers and
operators. This document does not describe requirements, so the key
words from RFC2119 have no place here.</t>
<t><list style="symbols">
<t>"new protocol" includes new protocols, protocol extensions,
data models, or other functionality being designed.</t>
<t>"working group" represents individuals and working groups
involved in the development of new protocols.</t>
<t>[DISCUSS] markers indicate a lack of consensus on what should
be written.</t>
<t>[TODO] markers indicate the editor has a reasonable
understanding of what needs to be (re-)written. Contributions of
text would be welcome.</t>
<t>Note to RFC Editor - All [DISCUSS] or [TODO] marks should be
resolved before RFC publication. If any still exist, including in the
Terminology section, then please return the
document to the editor for resolution.</t>
</list></t>
</section>
</section>
<section title="Design for Operations and Management">
<t>"Design for operations and management" means that the operational
environment and manageability of the protocol should be considered from
the start when new protocols are designed.</t>
<section title="IETF Management Framework">
<t>For years the IETF has stressed the use of the IETF Standard Management
Framework and SMI MIB modules <xref target="RFC2578"></xref> for
managing new protocols. The IETF designed the Standard Management
Framework and SMI MIB modules to permit multiple protocols to utilize
the MIB data <xref target="RFC1052"></xref>, but it became a common
misunderstanding that a MIB module could only be used with the SNMP
protocol (described in <xref target="RFC3410"></xref> and associated
documents).</t>
<t>In 2001, OPS Area design teams were created to document issues and
requirements related to configuration of IP-based networks. One output
was "Requirements for Configuration Management of IP-based Networks"
<xref target="RFC3139"></xref>. The COPS-PR protocol was developed to address configuration.</t>
<t>In 2003, the Internet Architecture Board (IAB) held a workshop on
Network Management <xref target="RFC3535"></xref> that discussed the
strengths and weaknesses of some IETF network management protocols,
and compared them to operational needs, especially configuration. </t>
<t>One issue raised was the user-unfriendliness of the binary format of SNMP
and COPS-PR, so it was recommended that the IETF explore and XML-based
Structure of Management Information, and an XML-based protocol for configuration.</t>
<t>Another issue was that deployed tools for event/alarm correlation, root cause
analysis and logging are not sufficient, and there is a need to support a human interface
and a programmatic interface. The IETF decided to standardize aspects of the defacto
standard for system logging, especially security and the need for better programmatic
support.</t>
<t>In 2006, the IETF discussed how the Management Framework should
be updated to accommodate multiple IETF standard SMI languages, and multiple
IETF standard protocols for doing network management.</t>
<t>This document provides some initial guidelines for considering operations and management
in this environment of multiple protocols and multiple data models, with an eye toward being flexible
while also striving for interoperability.</t>
</section>
</section>
<section title="Operational Considerations">
<t>When a new protocol is deployed in a network, it may affect the
network negatively. A working group should consider deployment of a new
protocol or protocol extension in a network, impact on the network
operations, traffic levels and operation of other protocols or previous
versions of the protocol, how the new protocol will be operated, and how
its presence might affect the existing deployment.</t>
<t>Operations and manageability considerations should focus on
interoperability of externally observable behaviors.</t>
<section title="Operations Model">
<t>Protocol designers can analyze the operational environment and mode
of work in which the new protocol or extension will work. Such an
exercise needs not be reflected directly by text in their document,
but could help in visualizing the operational model related to the
applicability of the protocol in the Internet environments where it
will be deployed. The operational model should take into account
issues like: <list style="symbols">
<t>what type of management entities will be involved (agents,
network management systems)?</t>
<t>what is the possible architecture (client-server,
manager-agent, polling-driven or event-driven, autoconfiguration,
two levels or hierarchical)?</t>
<t>what are the basic management operations - initial
configuration, dynamic configuration, alarms and exceptions
reporting, logging, performance monitoring, performance
reporting?</t>
<t>how are these operations performed - locally, remotely, atomic
operation, scripts?</t>
<t>what are the typical user interfaces - Command line (CLI) or
graphical user interface (GUI)?</t>
</list></t>
<t>Working groups should consider how the new protocol will be managed
in different deployment scales. It might be sensible to use a local
management interface to manage the new protocol on a single device,
but in a large network, remote management using a centralized server
and/or using distributed management functionality might make more
sense. Auto-configuration might be possible for some new
protocols.</t>
<t>There may be a need to support a human interface, e.g., for
troubleshooting, and a programmatic interface, e.g., for automated
monitoring and root cause analysis. It might be important that the
internal method routines for both interfaces should be the same to
ensure that data exchanged between these two interfaces is always
consistent.</t>
<!--A human interface, such as a command line interface, is
useful for troubleshooting, while a programmatic interface is
important for managing multiple devices in a consistent manner, and
automating repetitive functions. Graphical user interfaces can help an
operator comprehend an overview of the network quickly (one picture is
worth a thousand words), but an operator may also require seeing the
raw data to better understand just what is happening in the network.
Ease of use is a key requirement for any network management technology
from the operators point of view. Working groups should consider how
various protocol choices might impact ease of use in different
scenarios. -->
<t>Working groups should consider what management operations are
expected to be performed as a result of the deployment of the protocol
- such as whether write operations will be allowed on routers and on
hosts, or if notifications for alarms or other events will be
expected.</t>
</section>
<section title="Installation and Initial Setup">
<t>Working groups should consider default values that make protocol
sense, to simplify configuration, including default modes and
parameters. For example, it could be helpful or necessary to specify
default values for modes, timers, default state of logical control
variables, default transports, and so on. Even if default values are
used, it must be possible to retrieve all the actual values or at
least an indication that known default values are being used.</t>
<t>Working groups should consider how to enable operators to
concentrate on the configuration of the network as a whole rather than
individual devices.</t>
</section>
<section title="Migration Path">
<t>If the new protocol is a new version of the protocol, or is
replacing another technology, the working group should consider how
deployments should transition to the new protocol. This should include
co-existence with previously deployed protocols and/or previous
versions of the same protocol, incompatibilities between versions,
translation between versions, and side effects that might occur. Are
older protocols or versions disabled or do they co-exist in the
network with the new protocol?</t>
<t>Another point to consider is extensibility of the management
approach - How open to future protocol extensions are the management
techniques you are defining?</t>
</section>
<section title="Requirements on Other Protocols and Functional Components">
<t>Working groups should consider the requirements that the new
protocol might put on other protocols and functional components, and
should also document the requirements from other protocols that have
been considered in designing the new protocol.</t>
<t>These considerations should generally remain illustrative to avoid
creating restrictions or dependencies, or potentially impacting the
behavior of existing protocols, or restricting the extensibility of
other protocols, or assuming other protocols will not be extended in
certain ways.</t>
</section>
<section title="Impact on Network Operation">
<t>The introduction of a new protocol or extensions to an existing
protocol may have an impact on the operation of existing networks.
Protocol designers should outline such impacts (which may be positive)
including scaling concerns and interactions with other protocols. For
example, a new protocol that doubles the number of active, reachable
addresses in use within a network might need to be considered in the
light of the impact on the scalability of the IGPs operating within
the network.</t>
<t>The working group should consider the potential impact on the
behavior of other protocols in the network and on the traffic levels
and traffic patterns that might change, including specific types of
traffic such as multicast. Also consider the need to install new
components that are added to the network as result of the changes in
the operational model, such as servers performing auto-configuration
operations.</t>
<t>The working group should consider also the impact on applications
and registries, for example DNS entries, or the size of routing
tables.</t>
<t>The impact on performance may also be noted - increased delay or jitter
in real-time traffic applications, or response time in client-server
applications when encryption or filtering are applied.</t>
<t>It is important to minimize the impact caused by configuration
changes. Given configuration A and configuration B, it should be
possible to generate the operations necessary to get from A to B with
minimal state changes and effects on network and systems.</t>
</section>
<section title="Verifying Correct Operation">
<t>The working group should consider techniques for testing the effect
that the protocol has had on the network by sending data through the
network and observing its behavior. Working groups should consider how
the correct end-to-end operation of the new protocol in the network
can be tested, and how the correct data or forwarding plane function
of each network element can be verified to be working properly with
the new protocol.</t>
<t>It must be easy to do consistency checks of configurations over
time and between the ends of a link in order to determine the changes
between two configurations and whether those configurations are
consistent.</t>
</section>
</section>
<section title="Management Considerations">
<t>The considerations of manageability should start from describing the
operational model, which includes identifying the entities to be
managed, how the respective protocol is supposed to be installed,
configured and monitored, who are the managers and what type of
management interfaces and protocols they would use.</t>
<t>Considerations for management should include a discussion of what
needs to be managed. This document, for better or worse, talks mainly
about management of a protocol endpoint on a single device. It doesn't
talk about managing the *protocol* (it manages one end at a time), and
doesn't even come near managing the *service* (which includes a lot of
stuff that's very far away from the box). In a client/server protocol,
it may be more important to instrument the server end of a protocol than
the client end.</t>
<t>One issue that the IETF has always struggled with (and for which we
still have no good guidance) is the problem of how to configure multiple
related/co-operating devices and how to back off if one of those
configurations fails or causes trouble. NETCONF addresses this somewhat
by allowing an operator to lock the configuration on multiple devices,
perform the configuration settings/changes, check that they are OK (undo
if not) and then unlock the devices.</t>
<t>Protocol debugging is not part (and should not be part) of the
Network Management tools/hooks in a system. Debugging is an
implementation-dependent issue, not a protocol standardization
issue.</t>
<section title="Interoperability">
<t>Just as when deploying protocols that will inter-connect devices,
our primary goal in considering management should be interoperability,
whether across devices from different vendors, across models from the
same vendor, or across different releases of the same product.</t>
<t>Some product designers and protocol designers assume that if a
device can be managed individually using a command line interface or a
web page interface, that such a solution is enough. But when equipment
from multiple vendors is combined into a large network, scalability of
management becomes a problem. It is important to have consistency in
the management interfaces so network-wide operational processes can be
automated.</t>
<t>Getting everybody to agree on a certain syntax and the protocol
associated with that has proven to be difficult. So management systems
tend to speak whatever the boxes support, whether the IETF likes this
or not. The IETF is moving from support for a single management data
modeling language and a single management protocol towards support for
multiple management protocols and multiple data models suited to
different purposes, such as logging (syslog), configuration (netconf),
and usage accounting (ipfix). Other Standard Development Organizations
(e.g. DMTF, TMF) also define management mechanisms and these
mechanisms may be more suitable than IETF mechanisms in some
cases.</t>
<t>Interoperability needs to be considered on the syntactic level and
the semantic level. While it can be irritating and time-consuming,
application designers including operators who write their own scripts
can make their processing conditional to accommodate differences
across vendors or models or releases of product.</t>
<t>Semantic differences are much harder to deal with on the manager
side - once you have the data, its meaning is a function of the
managed entity. For example, if a single counter provided by vendor A
counts three types of error conditions, while the corresponding
counter provided by vendor B counts seven types of error conditions,
these counters cannot be compared effectively - they are not
interoperable counters.</t>
<t>Information models are helpful to try to focus interoperability on
the semantic level - they establish standards for what information
should be gathered, and how gathered information might be used
regardless of which management interface carries the data or which
vendor produces the product. The use of an information model might
help improve the ability of operators to correlate messages in
different protocols where the data overlaps, such as a SYSLOG message
and an SNMP notification about the same event. An information model
might identify which error conditions should be counted separately,
and which error conditions can be counted together in a single
counter. Then, whether the counter is gathered via SNMP or a CLI
command or a SYSLOG message, the counter will have similar
meaning.</t>
<t>Protocol designers should consider which information might be
useful for managing the new protocol or protocol extensions.</t>
<figure title="Figure 1">
<preamble></preamble>
<artwork><![CDATA[ IM --> conceptual/abstract model
| for designers and operators
+----------+---------+
| | |
DM DM DM --> concrete/detailed model
for implementers
]]></artwork>
<postamble>Information Models and Data Models</postamble>
</figure>
<t>On the Difference between Information Models and Data Models <xref
target="RFC3444"> </xref> may be useful in determining what
information to consider regarding information models, as compared to
data models.</t>
<t>Information models should come from the protocol WGs and include
lists of events, counters and configuration parameters that are
relevant. There are a number of information models contained in
protocol WG RFCs. Some examples:</t>
<t><list style="symbols">
<t><xref target="RFC3060"></xref> - Policy Core Information Model
version 1</t>
<t><xref target="RFC3290"></xref> - An Informal Management Model
for DiffServ Routers</t>
<t><xref target="RFC3460"></xref> - Policy Core Information Model
Extensions</t>
<t><xref target="RFC3585"></xref> - IPsec Configuration Policy
Information Model</t>
<t><xref target="RFC3644"></xref> - Policy Quality of Service
Information Model</t>
<t><xref target="RFC3670"></xref> - Information Model for
Describing Network Device QoS Datapath Mechanisms</t>
<t><xref target="RFC3805"></xref> - Printer MIB v2 (contains both
an IM and a DM</t>
</list>Management protocol standards and management data model
standards often contain compliance clauses to ensure interoperability.
Manageability considerations should include discussion of which level
of compliance is expected to be supported for interoperability.</t>
<t></t>
</section>
<section title="Management Information">
<t>Operators find it important to be able to make a clear distinction
between configuration data, operational state, and statistics. They
need to determine which parameters were administrative configured and
which parameters have changed since configuration as the result of
mechanisms such as routing protocols.</t>
<t>It is important to be able to separately fetch configuration data,
operational state data, and statistics from devices, and to be able to
compare current state to initial state, and to compare data between
devices.</t>
<t>A management information model should include a discussion of what
is manageable, which aspects of the protocol need to be configured,
what types of operations are allowed, what protocol-specific events
might occur, which events can be counted, and for which events should
an operator be notified.</t>
<t>What is typically difficult to work through are relationships
between abstract objects. Ideally an information model would describe
the relationships between the objects and concepts in the information
model.</t>
<t>Is there always just one instance of this object or can there be
multiple instances? Does this object relate to exactly one other
object or may it relate to multiple? When is it possible to change a
relationship?</t>
<t>Do objects (such as rows in tables) share fate? For example, if a
row in table A must exist before a related row in table B can be
created, what happens to the row in table B if the related row in
table A is deleted? Does the existence of relationships between
objects have an impact on fate sharing?</t>
<t><!---
<t>[DISCUSS} There have been recommendations that templates be
provided for such things as SNMP notifications and SYSLOG messages, so
working groups just need to fill in the blanks. if "reusable
manageability" was easy to do, domain-specific WGs would be inclined
to provide more NM features in their protocol. Translation: Pick the
integration points, and create procedures and tools to let WGs create
consistent NM more easily. Notification content and configuration
management have the most room for improvement. Every protocol should
define critical and severe fault notifications in a consistent manner
(e.g. template for SMIv2 NOTIFICATION-TYPE or SYSLOG or XML PDU).
Every protocol should identify, for every sub-feature and PDU field,
whether it is (a) standard-fixed, (b) vendor-fixed, or (c)
user-configurable parameter (e.g., template for a MIB module). just
require the WGs to put the template(s) in the NM Considerations
section of every RFC. real integrations comes from an underlying
common understanding of the informal information model. Once an
information model exists, it is usually easy for people to cast it
into MIBs or other data models.</t>
<t>[DISCUSS] One approach would be to provide a standardized
information-model text template that a working group could fill in,
which could then be converted from its information model format to a
data model format, such as an SNMP notification or a SYSLOG message or
a NETCONF XSD specification. It might be possible to develop tools to
do the conversion, similar to the SMING approach developed by the NMRG
to generate MIBs and PIBs from a common specification. Working groups
should have an easier way to produce consistent network management
data models that support several IETF standard protocols.</t>
<t>[DISCUSS] What about recommending for each WG designing a protocol
to define - the management informational model (what is manageable,
what type of operations are allowed) - applicability statement or
mapping of the informational model to existing management protocols. I
was thinking (for the template) of something like the IPFIX info-model
document that Juergen Q. wrote a couple years ago.</t>
<t>[DISCUSS] There is a risk to moving toward having working groups
just identify what is manageable, without actually producing a
standardized data model, such as a MIB module or XML document or
SYSLOG messages or LDAP schemas. This could lead to vendors producing
proprietary MIB modules all containing the same information, but using
different OIDs and descriptors. That is not interoperable. We need to
have standard addressing and naming for interoperability, as well as
common semantic understanding</t>
<t>[DISCUSS] a well defined info model is the minimum and mandatory
management model that needs to be put in place. Standard addressing
and naming can be made part of this model, as well as the min and
max-access for each object. We should not however push for one
mandatory data modeling language, this does not help and leads
eventually to protocol designers towards finessing the process. As an
example, in IP telephony the tentative to impose SMIv2 and SNMP are
failing and IP phones almost never have a SNMP agent. The people who
designed SIP believe that SNMP is not deployable behind firewalls and
that in-band SIP can be used to carry management information. What
they need is an information model and an access model that would allow
carrying management information between authenticated entities.</t>
--></t>
</section>
<section title="Fault Management">
<t>The working group should consider how faults information will be
propagated. Will it be done using asynchronous notifications or
polling of health indicators?</t>
<t>If notifications are used to alert operators to certain conditions,
then the working group should discuss mechanisms to throttle
notifications to prevent congestion. Will there be a hierarchy of
faults, and will the fault reporting be done by each fault in the
hierarchy, or will only the lowest fault be reported and the higher
levels be suppressed? should there be aggregated status indicators
based on concatenation of propagated faults from a given domain
or device?</t>
<t>SNMP notifications and SYSLOG messages can alert an operator when
an aspect of the new protocol fails or encounters an error condition,
and SNMP is frequently used as a heartbeat monitor.</t>
<section title="Liveness Detection and Monitoring">
<t>Liveness detection and monitoring applies both to the control
plane and the data plane. Mechanisms for detecting faults in the
control plane or for monitoring its liveness are usually built into
the control plane protocols or inherited from underlying data plane
or forwarding plane protocols. These mechanisms do not typically
require additional management capabilities. However, when a system
detects a control plane fault, there is often a requirement to
coordinate recovery action through management applications or at
least to record the fact in an event log.</t>
<t>Where the protocol is responsible for establishing data or user
plane connectivity, liveness detection and monitoring usually need
to be achieved through other mechanisms. In some cases, these
mechanisms already exist within other protocols responsible for
maintaining lower layer connectivity, but it will often be the case
that new procedures are required to detect failures in the data path
and to report rapidly, allowing remedial action to be taken.</t>
<t>Protocol designers should always build in basic testing features
(e.g. ICMP echo, UDP/TCP echo service, NULL RPC calls) that can be
used to test for liveness, with an option to enable and disable
them.</t>
</section>
<section title="Fault Determination">
<t>It can be helpful to describe how faults can be pinpointed using
management information. For example, counters might record instances
of error conditions. Some faults might be able to be pinpointed by
comparing the outputs of one device and the inputs of another device
looking for anomalies.</t>
</section>
<section title="Fault Isolation">
<t>It might be useful to isolate faults, such as a system that emits
malformed messages necessary to coordinate connections properly.
Spanning tree comes to mind. This might be able to be done by
configuring next-hop devices to drop the faulty messages to prevent
them from entering the rest of the network.</t>
</section>
<section title="Corrective Action">
<t>What sort of corrective action can be taken by an operator for
each of the fault conditions that are being identified?</t>
<t>[DISCUSS: this should be expanded or eliminated.</t>
</section>
</section>
<section title="Configuration Management">
<t>RFC3139 <xref target="RFC3139"></xref> discusses requirements for
configuration management. This document includes discussion of
different levels of management, including high-level-policies,
network-wide configuration data, and device-local configuration.</t>
<t>A number of efforts have existed in the IETF to develop
policy-based management. RFC3198 was written to standardize the
terminology for policy-based management across these efforts.</t>
<t>It is highly desirable that text processing tools such as diff, and
version management tools such as RCS or CVS or SVN, can be used to
process configurations. This approach simplifies comparing the current
operational state to the initial configuration.</t>
<t>With structured text such as XML, simple text diffs may be found to
be inadequate and more sophisticated tools may be needed to make any
useful comparison of versions.</t>
<t>To simplify such configuration comparisons, devices should not
arbitrarily reorder data such as access control lists. If a working
group defines mechanisms for configuration, it would be desirable to
standardize the order of elements for consistency of configuration and
of reporting across vendors, and across releases from vendors.</t>
<t>Network wide configurations are ideally stored in central master
databases and transformed into formats that can be pushed to devices,
either by generating sequences of CLI commands or complete
configuration files that are pushed to devices. There is no common
database schema for network configuration, although the models used by
various operators are probably very similar. It is desirable to
extract, document, and standardize the common parts of these network
wide configuration database schemas. A working group should consider
how to standardize the common parts of configuring the new protocol,
while recognizing the vendors will likely have proprietary aspects of
their configurations.</t>
<t>It is important to distinguish between the distribution of
configurations and the activation of a certain configuration. Devices
should be able to hold multiple configurations. NETCONF <xref
target="RFC4741"></xref>, for example, differentiates between the
"running" configuration and "candidate" configurations.</t>
<t>It is important to enable operators to concentrate on the
configuration of the network as a whole rather than individual
devices. Support for configuration transactions across a number of
devices would significantly simplify network configuration management.
The ability to distribute configurations to multiple devices, or
modify "candidate configurations on multiple devices, and then
activate them in a near-simultaneous manner might help.</t>
<t>Consensus of the 2002 IAB Workshop was that textual configuration
files should be able to contain international characters.
Human-readable strings should utilize UTF-8, and protocol elements
should be in case insensitive ASCII.</t>
<t>A mechanism to dump and restore configurations is a primitive
operation needed by operators. Standards for pulling and pushing
configurations from/to devices are desirable.</t>
<t>Given configuration A and configuration B, it should be possible to
generate the operations necessary to get from A to B with minimal
state changes and effects on network and systems. It is important to
minimize the impact caused by configuration changes.</t>
<t>Many protocol specifications include timers that are used as part
of operation of the protocol. These timers may need default values
suggested in the protocol specification and do not need to be
otherwise configurable.</t>
<section title="Verifying Correct Operation">
<t>An important function that might be provided is a tool set for
verifying the correct operation of a protocol. This may be achieved
to some extent through access to information and data models that
report the status of the protocol and the state installed on network
devices. It may also be valuable to provide techniques for testing
the effect that the protocol has had on the network by sending data
through the network and observing its behavior.</t>
<t>Protocol designers should consider how to test the correct
end-to-end operation of the network, and how to verify the correct
data or forwarding plane function of each network element.</t>
</section>
<section title="Control of Function and Policy ">
<t>A working group should consider the configurable items that exist
for the control of function via the protocol elements described in
the protocol specification. For example, Sometimes the protocol
requires that timers can be configured by the operator to ensure
specific policy-based behavior by the implementation.</t>
</section>
</section>
<section title="Accounting Management">
<t>A working group should consider whether it would be appropriate to
collect usage information related to this protocol, and if so, what
usage information would be appropriate to collect?</t>
<t>RFC2975 <xref target="RFC2975"></xref> Introduction to Accounting
Management discusses a number of issues that arise when monitoring
usage of protocols for purposes of capacity and trend analysis, cost
allocation, auditing, and billing. This document also discusses how
RADIUS, TACACS+, and SNMP protocols are used for these purposes. These
issues should be considered when designing a protocol whose usage
might need to be monitored, or when recommending a protocol to do
usage accounting. While this discussion is now dated, many of the
issues remain relevant, and new protocols might be better to address
those issues.</t>
</section>
<section title="Performance Management">
<t>Consider information that would be useful when trying to determine
the performance characteristics of a deployed system using the target
protocol.</t>
<t>What are the principal performance factors that need to be looked
at when measuring the efficiency of the protocol implementations? Is
it important to measure setup times? throughput? quality versus
throughput? interruptions? end-to-end throughput? end-to-end quality?
hop-to-hop throughput?</t>
<t>Consider scaling issues, such as whether performance will be
affected by the number of protocol connections. If so, then it might
be useful to provide information about the maximum number of table
entries that should be expected to be modeled, how many entries an
implementation can support, the current number of instances, and the
expected behavior when the current instances exceed the capacity of
the implementation. This should be considered in a data-modeling
independent manner - what makes managed-protocol sense, not what makes
management-protocol-sense. If it is not managed-protocol-dependent,
then it should be left for the management-protocol data modelers to
decide.</t>
<t>For example, VLAN identifiers have a range of 1..4095 because of
the VLAN standards.</t>
<t>Consider operational activity, such as the number of message in and
the messages out, the number of received messages rejected due to
format problems, the expected behaviors when a malformed message is
received.</t>
<t>Consider the expected behaviors for counters - what is a reasonable
maximum value for expected usage? should they stop counting at the
maximum value and retain the maximum value, or should they rollover?
How can users determine if a rollover has occurred, and how can users
determine if more than one rollover has occurred?</t>
<t>What information should be maintained across reboots of the device,
or restarts of the management system?</t>
<t>Could events, such as hot-swapping a blade in a chassis, cause
discontinuities in information? Does this make any difference in
evaluating the performance of a protocol?</t>
<t>Consider whether multiple management applications will share a
counter; if so, then no one management application should be allowed
to reset the value to zero since this will impact other
applications.</t>
<t>For performance monitoring, it is often important to report the
time spent in a state rather than the current state. Snapshots are of
less value for performance monitoring.</t>
<t>The Benchmarking Methodology WG (bmwg) has defined recommendations
for the measurement of the performance characteristics of various
internetworking technologies in a laboratory environment, including
the systems or services that are built from these technologies. Each
recommendation describes the class of equipment, system, or service
being addressed; discuss the performance characteristics that are
pertinent to that class; clearly identify a set of metrics that aid in
the description of those characteristics; specify the methodologies
required to collect said metrics; and lastly, present the requirements
for the common, unambiguous reporting of benchmarking results.</t>
</section>
<section title="Security Management">
<t>Protocol designers should consider how to monitor and to manage
security aspects and vulnerabilities of the new protocol.</t>
<t>There will be security considerations related to the new protocol.
To make it possible for operators to be aware of security-related
events, it is recommended that system logs should record events, such
as failed logins, but the logs must be secured.</t>
<t>Should a system automatically notify operators of every event
occurrence, or should an operator-defined threshold control when a
notification is sent to an operator?</t>
<t>Should certain statistics be collected about the operation of the
new protocol that might be useful for detecting attacks, such as the
receipt of malformed messages, or messages out of order, or messages
with invalid timestamps? If such statistics are collected, is it
important to count them separately for each sender to help identify
the source of attacks?</t>
<t>Manageability considerations that are security-oriented might
include discussion of the security implications when no monitoring is
in place, the regulatory implications of absence of audit-trail or
logs in enterprises, exceeding the capacity of logs, and security
exposures present in chosen / recommended management mechanisms.</t>
<t>The granularity of access control needed on management interfaces
needs to match operational needs. Typical requirements are a
role-based access control model and the principle of least privilege,
where a user can be given only the minimum access necessary to perform
a required task.</t>
<t>It must be possible to do consistency checks of access control
lists across devices. Working groups should consider information
models to promote comparisons across devices and across vendors to
permit checking the consistency of security configurations.</t>
<t>Working groups should consider how to provide a secure transport,
authentication, identity, and access control which integrates well
with existing key and credential management infrastructure.</t>
<t>Working groups should consider how ACLs (access control lists) are
maintained and updated.</t>
<t>Standard SNMP notifications or SYSLOG messages <xref
target="I-D.ietf-syslog-protocol"></xref> might already exist, or can
be defined, to alert operators to the conditions identified in the
security considerations for the new protocol. [TODO: find existing
notificiations or syslog messages related to security]</t>
<t>An analysis of existing counters might help operators recognize the
conditions identified in the security considerations for the new
protocol before they can impact the network.</t>
<t>RADIUS and DIAMETER can provide authentication and authorization. A
working group should consider which attributes would be appropriate
for their protocol.</t>
<t>Different protocols use different assumptions about message
security and data access controls. A working group that recommends
using different protocols should consider how security will be applied
in a balanced manner across multiple management interfaces. SNMP
access control is data-oriented, while CLI access control is usually
command (task) oriented. Depending on the management function,
sometimes data-oriented or task-oriented access control makes more
sense. Working groups should consider both data-oriented and
task-oriented access control.</t>
</section>
</section>
<section title="Existing Protocols">
<t>[DISCUSS: Section 5 reviews which protocols the IETF has to offer for
management and, what I really like, the text discusses for which
applications they were designed or already successfully deployed. I like
to perhaps see even stronger guidelines;]</t>
<t>Existing protocols and data models can provide the management
functions identified in the previous section. WGs should consider how
using these existing protocols and data models might impact network
operations.</t>
<t>In choosing existing protocol solutions to meet the information model
requirements, it is recommended that the strengths and weaknesses of
IETF protocols, as documented in <xref target="RFC3535"></xref> be
considered, and working groups should consider asking for help from the
IETF directorates knowledgeable in available existing solutions. This is
especially true since some of the recommendations from the 2002 IAB
workshop have become outdated, some have been implemented, and some are
being realized.</t>
<t>We want to avoid seeming to impose a solution by putting in place a
strict terminology - for example implying that a formal data model, or
even using a management protocol is mandatory. If a WG considers that
its technology can be managed solely by using proprietary CLIs, and no
structured or standardized data model needs to be in place, this should
be fine, but this is a requirement that needs to be explicit in the
manageability discussion, so that the WG reaches consensus in full
awareness that this is how the protocol will need to be operated and
managed. Working groups should avoid having manageability pushed for a
later/never phase of the development of the standard.</t>
<t>Listed here are a number of protocols that have reached Proposed
Standard status or higher within the IETF.</t>
<section title="SNMP">
<t>SNMP is widely used for monitoring fault and performance data. Some
operators use SNMP for configuration in various
environments/technologies while others find SNMP an inappropriate
choice for configuration in their environments. SNMPv1 is a Full
Standard, but is not recommended due to its lack of security features.
SNMPv3 is a Full Standard that includes security features. An overview
of the SNMPv3 document set is in <xref target="RFC3410"></xref>.</t>
<t>SNMP relies on the MIB. MIB module support is uneven across
vendors, and even within devices. The lack of standard MIB module
support for all functionality in a device forces operators to use
other protocols such as a CLI to do configuration of some aspects of
their managed devices, and it is easier to use one protocol for all
configuration than to split the task across multiple protocols.</t>
<t>SNMP is good at determining operational state of specific
functionality, but not necessarily for the complete operational state
of a managed device.</t>
<t>SNMP is good for statistics gathering for specific functionality.
The wide-spread use of counters in standard MIB modules permits the
interoperable comparison of statistics across devices from different
vendors. SNMP is often used to poll a device for sysUpTime, which
serves to check for operational liveness and discontinuity in
counters.</t>
<t>SNMP traps and informs can alert an operator or an application when
an aspect of the new protocol fails or encounters an error condition,
and the contents of a notification can be used to guide subsequent
SNMP polling to gather additional information about an event.</t>
<t>SNMPv1 and SNMPv2c lack strong security, and are not recommended by
the IETF. SNMPv3 does offer strong security and is recommended by the
IETF.</t>
<t>Stardards exist to run SNMP over multiple network protocols,
including UDP, Ethernet, Appletalk, OSI, and others..</t>
</section>
<section title="SYSLOG">
<t>The SYSLOG protocol <xref target="I-D.ietf-syslog-protocol"></xref>
allows a machine to send event notification messages across networks
to event message collectors. The protocol is simply designed to
transport these event messages. No acknowledgement of the receipt is
made. One of the fundamental tenets of the SYSLOG protocol and process
is its simplicity. No stringent coordination is required between the
transmitters and the receivers. Indeed, the transmission of SYSLOG
messages may be started on a device without a receiver being
configured, or even actually physically present. Conversely, many
devices will most likely be able to receive messages without explicit
configuration or definitions. This simplicity has greatly aided the
acceptance and deployment of SYSLOG.</t>
<t>Since each process, application and operating system was written
somewhat independently, there has been little uniformity to the
message format or content of SYSLOG messages.</t>
<t>The IETF has developed a new Proposed Standard version of the
protocol that allows the use of any number of transport protocols
including reliable transports and secure transports, and standardized
the application of message security to SYSLOG messages. The IETF
standardized a new message header format, including timestamp,
hostname, application, and message ID, to improve filtering, and
interoperability and correlation between compliant
implementations.</t>
<t>SYSLOG message content has traditionally been unstructured natural
language text. This content is human-friendly, but difficult for
applications to parse and correlate across vendors, or correlate with
other event reporting such as SNMP traps. The IETF standard syslog
protocol includes structured data elements to aid application-parsing.
The structured data element design allows vendors to define their own
structured data elements to supplement standardized elements.</t>
<t>Working groups are encouraged to standardize structured data
elements, extensible human-friendly text, and consistent
facility/severity values for SYSLOG to report events specific to their
protocol.</t>
</section>
<section title="IPFIX">
<t>There are several applications e.g., usage-based accounting,
traffic profiling, traffic engineering, intrusion detection, QoS
monitoring, that require flow-based traffic measurements.</t>
<t>IPFIX <xref target="I-D.ietf-ipfix-protocol"></xref> is a Proposed
Standard approach for transmitting IP traffic flow information over
the network from an exporting process to an information collecting
process.</t>
<t>IPFIX defines a common representation of flow data and a standard
means of communicating the data over a number of transport
protocols.</t>
<t>Some extensions to IPFIX are in development and have not yet become
Proposed Standards.</t>
<t>[TODO: update as needed]</t>
</section>
<section title="PSAMP">
<t>Several applications require sampling packets from specific data
flows, or across multiple data flows, and reporting information about
the packets. Measurement-based network management is a prime example.
The PSAMP standard includes support for packet sampling in IPv4, IPv6,
and MPLS-based networks.</t>
<t>PSAMP standardizes sampling, selection, metering, and reporting
strategies for different purposes.</t>
<t>To simplify the solution, the IPFIX protocol is used for exporting
the reports to collector applications.</t>
<t>[TODO: this is in IESG review to become a PS. update as needed]</t>
</section>
<section title="NETCONF">
<t>The NETCONF protocol <xref target="RFC4741"></xref> is a Proposed
Standard that defines a simple mechanism through which a network
device can be managed, configuration data information can be
retrieved, and new configuration data can be uploaded and manipulated.
The protocol allows the device to expose a full, formal application
programming interface (API). Applications can use this straightforward
API to send and receive full and partial configuration data sets.</t>
<t>The NETCONF protocol uses a remote procedure call (RPC) paradigm. A
client encodes an RPC in XML and sends it to a server using a secure,
connection-oriented session. The server responds with a reply encoded
in XML.</t>
<t>A key aspect of NETCONF is that it allows the functionality of the
management protocol to closely mirror the native command line
interface of the device. This reduces implementation costs and allows
timely access to new features. In addition, applications can access
both the syntactic and semantic content of the device's native user
interface.</t>
<t>The contents of both the request and the response can be fully
described in XML DTDs or XML schemas, or both, allowing both parties
to recognize the syntax constraints imposed on the exchange. As of
this writing, no standard has been developed for data content
specification.</t>
</section>
<section title="COPS-PR">
<t>COPS-PR and the Structure of Policy Provisioning Information (SPPI)
have been approved as Proposed Standards. COPS-PR <xref
target="RFC3084"></xref> uses the Common Open Policy Service (COPS)
protocol for support of policy provisioning. The COPS-PR specification
is independent of the type of policy being provisioned (QoS, Security,
etc.) but focuses on the mechanisms and conventions used to
communicate provisioned information between policy-decision-points
(PDPs) and policy enforcement points (PEPs). COPS-PR does not make any
assumptions about the policy data model being communicated, but
describes the message formats and objects that carry the modeled
policy data. Policy data is modeled using Policy Information Base
modules (PIB modules).</t>
<t>COPS-PR has not had wide deployment, and operators have stated that
its use of binary encoding (BER) for management data makes it
difficult to develop automated scripts for simple configuration
management tasks in most text-based scripting languages. In an IAB
Workshop on Network Management <xref target="RFC3535"></xref>, the
consensus of operators and protocol developers indicated a lack of
interest in PIB modules for use with COPS-PR.</t>
<t>As a result, the IESG has not approved any policy models (PIB
modules) as an IETF standard, and the use of COPS-PR is not
recommended.</t>
</section>
<section title="RADIUS">
<t>RADIUS <xref target="RFC2865"></xref>, the remote Authentication
Dial In User Service, is a Draft Standard that describes a protocol
for carrying authentication, authorization, and configuration
information between a Network Access Server which desires to
authenticate its links and a shared Authentication Server.</t>
<t>This protocol is widely implemented and used. RADIUS is widely used
in environments, such as enterprise networks, where a single
administrative authority manages the network, and protects the privacy
of user information.</t>
</section>
<section title="Diameter">
<t>DIAMETER <xref target="RFC3588"></xref> is a Proposed Standard that
provides an Authentication, Authorization and Accounting (AAA)
framework for applications such as network access or IP mobility.
DIAMETER is also intended to work in both local Authentication,
Authorization & Accounting and roaming situations.</t>
<t>Diameter is designed to resolve a number of known problems with
RADIUS. Diameter supports server failover, transmission-level
security, reliable transport over TCP, agents for proxy and redirect
and relay, server-initiated messages, auditability, capability
negotiation, peer discovery and configuration, and roaming support.
Diameter also provides a larger attribute space than RADIUS.</t>
<t>Diameter features make it especially appropriate for environments
where the providers of services are in different administrative
domains than the maintainer (protector) of confidential user
information.</t>
</section>
<section title="EPP">
<t>The Extensible Provision Protocol <xref target="RFC4930"></xref> is
a Draft Standard that describes an application layer client-server
protocol for the provisioning and management of objects stored in a
shared central repository. EPP permits multiple service providers to
perform object provisioning operations using a shared central object
repository, and addresses the requirements for a generic registry
registrar protocol.</t>
</section>
<section title="VCCV">
<t>VCCV is a Proposed Standard protocol that provides a control
channel associated with a Pseudowire. It is used for operations and
management functions such as connectivity verification over the
control channel. VCCV applies to all supported access circuit and
transport types currently defined for PWs.</t>
</section>
<section title="XCAP">
<t>XCAP <xref target="RFC4825"></xref> is a Proposed Standard protocol
that allows a client to read, write, and modify application
configuration data stored in XML format on a server.</t>
</section>
<section title="Other Protocols">
<t>A command line interface (CLI) might be used to provide initial
configuration of the target functionality. Command line interfaces are
usually proprietary, but working groups could suggest specific
commands and command parameters that would be useful in configuring
the new protocol, so implementers could have similarities in their
proprietary CLI implementations.</t>
<t>[DISCUSS: Routing and control plane people may prefer NETCONF since
it is close to CLIs which seem to rule in this space. ]</t>
<t>[DISCUSS] Other PS-level NM protocols? SIP NM?</t>
</section>
</section>
<section title="Existing IETF Data Models">
<t>[DISCUSS: JS: The weakest part of the document is IMHO section 6. It
is not clear to me what David's intention were here; sometimes he gives
general advise while at other places he kind of surveys data models and
such things. I am also not sure all the stuff listed there is actually
useful to list; for example, has anybody ever deployed the technology
which came out of the snmpconf working group? So we need to be more
selective and probably also organize our pointers based on the protocol
layer people are working on (transmission specific MIB modules are kind
of widely used, people managing application servers usually do not use
much of SNMP; the IETF application management MIBs we have produced have
not gained large deployments as far as I can tell). ]</t>
<t>[DISCUSS: David: Some MIB modules may not be deployed because few
people know about them and has never tried them. Others may have been
tried and been found to be inadequate. We have very little feedback
concerning which ones are useful and which are widely deployed, which
have been found useful by operators, and which have been found to be
junk. ;-) I hesitate to make recommendations that people should avoid a
MIB unless there is real evidence that is is unsuitable for its designed
task. Even then, I hesitate because maybe the MIB would be found useful
in a different environment that is just emerging. Maybe we need to
perform a de-crufting operation for data models, similar to that done
for protocols a few years ago. But I think that would require feedback
from LOTS of operators and application developers - and these tend to be
scarce in the IETF. ]</t>
<t>The purpose of this section is to inform protocol designers about
solutions for which components have already been standardized in the
IETF, so they can reuse existing solutions or use those solutions to
extract information models that could be applied to new solutions.</t>
<t>This section discusses management data models that have reached at
least Proposed Standard status in the IETF. Because making management
information available through the MIB has long been the IETF-preferred
approach for managing the Internet, there are a large number of MIB
modules available. Rather than attempt to discuss each here, with a
discussion of the tables they contain, this section will focus on those
MIB modules that have reached at least Draft status, and some commonly
deployed MIB modules. This is supplemented by an appendix that lists
additional MIB modules that have reached Proposed Standard status.</t>
<t>[TODO] discuss specific MIB modules, SDEs, XML schemas that are
designed to solve generic problems. This might cover things like Textual
Conventions, RFC3415 Target tables, SYSLOG SDEs defined in -protocol-,
SYSLOG -sign-, IPFIX IEs, etc.</t>
<section title="Fault Management">
<t></t>
<t>RFC 3418 <xref target="RFC3418"></xref>, part of STD 62 SNMP,
contains objects in the system group that are often polled to
determine if a device is still operating, and sysUpTime can be used to
detect if a system has rebooted, and counters have been
reinitialized.</t>
<t>RFC3413 <xref target="RFC3413"></xref>, part of STD 62 SNMP,
includes objects designed for managing notifications, including tables
for addressing, retry parameters, security, lists of targets for
notifications, and user customization filters.</t>
<t>An RMON monitor <xref target="RFC2819"></xref> can be configured to
recognize conditions, most notably error conditions, and continuously
to check for them. When one of these conditions occurs, the event may
be logged, and management stations may be notified in a number of
ways. See further discussion of RMON under Performance Management.</t>
</section>
<section title="Configuration Management">
<t>It is expected that standard XML-based data models will be
developed for use with NETCONF, and working groups might identify
specific NETCONF data models that would be applicable to the new
protocol. At the time of this writing, no such standard data models
exist.</t>
<t>For monitoring network configuration, such as physical and logical
network topologies, existing MIB modules already exist that provide
some of the desired capabilities. New MIB modules might be developed
for the target functionality to allow operators to monitor and modify
the operational parameters, such as timer granularity, event reporting
thresholds, target addresses, and so on.</t>
<t>RFC 3418 <xref target="RFC3418"></xref>, part of STD 62 SNMPv3,
contains objects in the system group that are often polled to
determine if a device is still operating, and sysUpTime can be used to
detect if a system has rebooted and caused potential discontinuity in
counters. Other objects in the system MIB are useful for identifying
the type of device, the location of the device, the person responsible
for the device, etc.</t>
<t>RFC3413 <xref target="RFC3413"></xref>, part of STD 62 SNMPv3,
includes objects designed for configuring notification destinations,
and for configuring proxy-forwarding SNMP agents, which can be used to
forward messages through firewalls and NAT devices.</t>
<t>Draft Standard RFC2863 <xref target="RFC2863"></xref>, the
Interfaces MIB is used for managing Network Interfaces. This includes
the 'interfaces' group of MIB-II and discusses the experience gained
from the definition of numerous media-specific MIB modules for use in
conjunction with the 'interfaces' group for managing various
sub-layers beneath the internetwork-layer.</t>
<t>Proposed Standard RFC3165 <xref target="RFC3165"></xref> supports the use of user-written
scripts to delegate management functionality.</t>
<t>Proposed Standard RFC4011 <xref target="RFC4011"></xref> defines
objects that enable policy-based monitoring using SNMP, using a scripting
language, and a script execution environment. </t>
<t> Few vendors have not implemented MIB modules that support scripting.
Some vendors consider running user-developed scripts within the
managed device as a violation of support agreements.</t>
</section>
<section title="Accounting Management">
<t>TODO: RADIUS Accounting MIBs are PS; are there any DS data models
for accounting? ]</t>
</section>
<section title="Performance Management">
<t>Working groups should consider how performance can be monitored for
the new protocol.</t>
<t>MIB modules typically contain counters to determine the frequency
and rate of an occurrence.</t>
<t>RFC2819, STD 59 RMON, defines objects for managing remote network
monitoring devices. An organization may employ many remote management
probes, one per network segment, to manage its internet. These devices
may be used for a network management service provider to access a
client network, often geographically remote. Most of the objects in
the RMON MIB module are suitable for the management of any type of
network, and there are some which are specific to managing Ethernet
networks.</t>
<t>RMON allows a probe to be configured to perform diagnostics and to
collect statistics continuously, even when communication with the
management station may not be possible or efficient. The alarm group
periodically takes statistical samples from variables in the probe and
compares them to previously configured thresholds. If the monitored
variable crosses a threshold, an event is generated.</t>
<t>The RMON host group discovers hosts on the network by keeping a
list of source and destination MAC Addresses seen in good packets
promiscuously received from the network, and contains statistics
associated with each host. The hostTopN group is used to prepare
reports that describe the hosts that top a list ordered by one of
their statistics. The available statistics are samples of one of their
base statistics over an interval specified by the management station.
Thus, these statistics are rate based. The management station also
selects how many such hosts are reported.</t>
<t>The RMON matrix group stores statistics for conversations between
sets of two addresses. The filter group allows packets to be matched
by a filter equation. These matched packets form a data stream that
may be captured or may generate events. The Packet Capture group
allows packets to be captured after they flow through a channel. The
event group controls the generation and notification of events from
this device.</t>
<t>The RMON-2 MIB <xref target="RFC4502"></xref> extends RMON by
providing RMON analysis up to the application layer. The SMON MIB
<xref target="RFC2613"></xref> extends RMON by providing RMON analysis
for switched networks.</t>
</section>
<section title="Security Management">
<t>Working groups should consider existing data models that would be
relevant to monitoring and managing the security of the new
protocol.</t>
<t>The IETF has no standard data models for managing security
protocols such as TLS and SSH.</t>
</section>
</section>
<section title="Documentation Guidelines">
<t>The purpose of this document is to provide guidance about what to
consider when thinking about the management and deployment of a new
protocol, and to provide guidance about documenting the considerations
should a working group choose to do so. The following guidelines are
designed to help writers provide a reasonably consistent format to such
documentation. Separate manageability and operational considerations
sections are desirable in many cases, but their structure and location
is a decision that can be made from case to case.</t>
<t>Making a Management Considerations section a mandatory publication
requirement is the responsibility of the IESG, or specific area
directors, or working groups, and this document avoids recommending any
mandatory publication requirements. For a complex protocol, a completely
separate draft on operations and management might be appropriate, or
even a completely separate WG.</t>
<t>This document is focused on what to think about, and how to document
the considerations of the working group.</t>
<section title="Recommended Discussions">
<t>A Manageability Considerations section should include discussion of
the management and operations topics raised in this document, and when
one or more of these topics is not relevant, it would be useful to
contain a simple statement explaining why the topic is not relevant
for the new protocol. Of course, additional relevant topics should be
included as well.</t>
</section>
<section title="Null Manageability Considerations Sections">
<t>A working group may seriously consider the manageability
requirements of a new protocol, and determine that there are no
manageability issues related to the new protocol. It would be helpful
to those who may update or write extensions to the protocol in the
future or to those deploying the new protocol to know the thinking of
the working regarding the manageability of the protocol at the time of
its design.</t>
<t>If there are no new manageability or deployment considerations, it
is recommended that a Manageability Considerations section contain a
simple statement such as "There are no new manageability requirements
introduced by this document," and a brief explanation of why that is
the case. The presence of such a Manageability Considerations section
would indicate to the reader that due consideration has been given to
manageability and operations.</t>
<t>In the case where the new protocol is an extension, and the base
protocol discusses all the relevant operational and manageability
considerations, it would be helpful to point out the considerations
section in the base document.</t>
</section>
<section title="Placement of Operations and Manageability Considerations Sections ">
<t>If a working group develops a Manageability Considerations section
for a new protocol, it is recommended that the section be placed
immediately before the Security Considerations section. Reviewers
interested in such sections could find it easily, and this placement
could simplify the development of tools to detect the presence of such
a section.</t>
</section>
</section>
<section title="IANA Considerations">
<t>This document does not introduce any new codepoints or name spaces
for registration with IANA. Note to RFC Editor: this section may be
removed on publication as an RFC.</t>
</section>
<section title="Security Considerations">
<t>This document is informational and provides guidelines for
considering manageability and operations. It introduces no new security
concerns.</t>
</section>
<section title="Acknowledgements">
<t>This document started from an earlier document edited by Adrian
Farrel, which itself was based on work exploring the need for
Manageability Considerations sections in all Internet-Drafts produced
within the Routing Area of the IETF. That earlier work was produced by
Avri Doria, Loa Andersson, and Adrian Farrel, with valuable feedback
provided by Pekka Savola and Bert Wijnen.</t>
<t>Some of the discussion about designing for manageability came from
private discussions between Dan Romascanu, Bert Wijnen, Juergen
Schoenwaelder, Andy Bierman, and David Harrington.</t>
</section>
</middle>
<back>
<references title="Informative References">
&rfc1052;
&rfc2119;
&rfc2578;
&rfc2613;
&rfc2819;
&rfc2863;
&rfc2865;
&rfc2975;
&rfc3060;
&rfc3084;
&rfc3139;
&rfc3159;
&rfc3165;
&rfc3290;
&rfc3317;
&rfc3410;
&rfc3413;
&rfc3418;
&rfc3444;
&rfc3460;
&rfc3535;
&rfc3585;
&rfc3588;
&rfc3644;
&rfc3670;
&rfc3805;
&rfc4011;
&rfc4133;
&rfc4502;
&rfc4668;
&rfc4669;
&rfc4710;
&rfc4741;
&rfc4825;
&rfc4930;
&I-D.ietf-ipfix-protocol;
&I-D.ietf-syslog-protocol;
&I-D.ietf-sipping-rtcp-summary;
</references>
<section title="Operations and Management Checklist">
<t>This appendix provides a quick summary of issues to consider.</t>
<t><list>
<t>are configuration parameters clearly identified?</t>
<t>are configuration parameters normalized?</t>
<t>does each configuration parameter have a reasonable default
value?</t>
<t>is protocol state information exposed to the user? How?</t>
<t>is protocol performance information exposed to the user? How?</t>
<t>are significant state transitions logged?</t>
</list></t>
</section>
<section title="Additional Data Models on the Standards Track">
<t>The IETF SYSLOG protocol <xref
target="I-D.ietf-syslog-protocol"></xref> is a Proposed Standard that
includes a mechanism for defining structured data elements (SDEs). The
SYSLOG protocol document defines an initial set of SDEs that relate to
content time quality, content origin, and meta-information about the
message, such as language. Proprietary SDEs can be used to supplement
the IETF-defined SDEs.</t>
<t>SIP Package for Voice Quality Reporting <xref
target="I-D.ietf-sipping-rtcp-summary"></xref> defines a SIP event
package that enables the collection and reporting of metrics that
measure the quality for Voice over Internet Protocol (VoIP)
sessions.</t>
<t>DISMAN-EVENT-MIB in RFC 2981 and DISMAN-EXPRESSION-MIB in RFC 2982
provide a superset of the capabilities of the RMON alarm and event
groups. These modules provide mechanisms for thresholding and reporting
anomalous events to management applications.</t>
<t>RAQMON <xref target="RFC4710"></xref> describes Real-Time Application
Quality of Service Monitoring.</t>
<t>The IPPM WG has defined metrics for accurately measuring and
reporting the quality, performance, and reliability of Internet data
delivery services. The metrics include connectivity, one-way delay and
loss, round-trip delay and loss, delay variation, loss patterns, packet
reordering, bulk transport capacity, and link bandwidth capacity. [TODO:
detail the RFCs - 4737, 3393, 2681, 2680, 2679, 2678</t>
<t>The IPFIX protocol <xref target="I-D.ietf-ipfix-protocol"></xref> can
collect information related to IP flows, and existing Information
Elements (IEs) may be appropriate to report flows of the new protocol.
New IPFIX Information Elements might be useful for collecting flow
information useful only in consideration of the new protocol. As of this
writing, no IEs have reached Proposed Standard status yet, but a base
set of IEs has been submitted to IESG for advancement. These include IEs
for Identifying the scope of reporting, Metering and Export Process
configuration, IP and Transport and Sub-IP header fields, Packet and
Flow properties, timestamps, and counters.</t>
<t>RFC3159 discusses the Proposed Standard Structure of Policy
Provisioning Information (SPPI), an extension to the SMI standard for
purposes of policy-based provisioning, for use with the COPS-PR protocol
defined in RFC3084. Informational RFC3317 defines a DiffServ QoS PIB,
and Informational RFC3571 defines policy classes for monitoring and
reporting policy usage feedback, as well as policy classes for
controlling reporting intervals, suspension, resumption and
solicitation. At the time of this writing, there are no standards-track
PIBs During the IAB Workshop on Network Management, the workshop had
rough consensus from the protocol developers that the IETF should not
spend resources on SPPI PIB definitions, and the operators had rough
consensus that they do not care about SPPI PIBs.</t>
<t>Proposed Standard RFC4011 <xref target="RFC4011"></xref> defines
objects that enable policy-based monitoring and management of SNMP
infrastructures, a scripting language, and a script execution
environment.</t>
<t>DIAMETER <xref target="RFC3588"></xref> accounting might be collected
for services, and working groups might document some of the
RADIUS/DIAMETER attributes that could be used. [TODO: what data
models?]</t>
<t>RADIUS Authentication Client MIB <xref target="RFC4668"></xref> and
RADIUS Authentication Server MIB <xref target="RFC4669"></xref> allow the
gathering of accounting data.</t>
<t>Proposed Standard RFC4133 <xref target="RFC4133"></xref> the Entity
MIB is used for managing multiple logical and physical entities managed
by a single SNMP agent. This module provides a useful mechanism for
identifying the entities comprising a system. There are also event
notifications defined for configuration changes that may be useful to
management applications.</t>
<t>RFC3159 <xref target="RFC3159"></xref> discusses the Structure of
Policy Provisioning Information, an extension to the SMI standard for
purposes of policy-based provisioning, for use with the COPS-PR protocol
defined in RFC3084 <xref target="RFC3084"></xref>. RFC3317 <xref
target="RFC3317"></xref> defines a DiffServ QoS PIB. At the time of this
writing, there are no standards-track PIBs. During the IAB Workshop on
Network Management, the workshop had rough consensus from the protocol
developers that the IETF should not spend resources on SPPI PIB
definitions, and the operators had rough consensus that they do not care
about SPPI PIBs.</t>
<t>The ALARM MIB in RFC 3877 and the Alarm Reporting Control MIB in RFC
3878 specify mechanisms for expressing state transition models for
persistent problem states. There is also a mechanism specified to
correlate a notification with subsequent state transition notifications
about the same entity/object.</t>
<t>Other MIB modules that may be applied to Fault Management include:
<list>
<t>NOTIFICATION-LOG-MIB in RFC 3014</t>
<t>ENTITY-STATE-MIB in RFC 4268</t>
<t>ENTITY-SENSOR-MIB in RFC 4268</t>
</list></t>
<t></t>
</section>
<section title="Open Issues">
<t><list>
<t>[TODO: need to verify all citations have references (in xref format)]</t>
<t>Organize data models by layer? both section 6 and appendix.</t>
<t>start to identify bullets for appendix checklist</t>
<t>Is section 2 needed?</t>
</list></t>
</section>
<section title="Change Log">
<t>Changes from opsawg-00 to opsawg-01</t>
<t><list>
<t>moved Proposed Standard data models to appendix</t>
<t>moved advice out of data model survey and into considerations section </t>
<t>addressed comments from Adrian and Dan</t>
<t>modified the Introduction and Section 2 in response to many comments.</t>
<t>expanded radius and syslog discussion, added psamp and VCCV, modified ipfix, </t>
</list></t>
<t>Changes from harrington-01 to opsawg-00</t>
<t><list>
<t>added text regarding operational models to be managed.</t>
<t>Added checklist appendix (to be filled in after consensus is
reached on main text )</t>
</list></t>
<t>Changes from harrington-00 to harrington-01</t>
<t><list>
<t>modified unclear text in "Design for Operations and
Management"</t>
<t>Expanded discussion of counters</t>
<t>Removed some redundant text</t>
<t>Added ACLs to Security Management</t>
<t>Expanded discussion of the status of COPS-PR, SPPI, and PIBs.</t>
<t>Expanded comparison of RADIUS and Diameter.</t>
<t>Added placeholders for EPP and XCAP protocols.</t>
<t>Added Change Log and Open Issues</t>
</list></t>
</section>
</back>
</rfc>| PAFTECH AB 2003-2026 | 2026-04-23 09:00:20 |