One document matched: draft-mfine-cops-pib-00.txt
Network Working Group M. Fine
Internet Draft K. McCloghrie
Cisco Systems
S. Hahn
Intel
K. Chan
Nortel Networks
A. Smith
Extreme Networks
26 February 1999
An Initial
Quality of Service Policy Information Base
for COPS-PR Clients and Servers
draft-mfine-cops-pib-00.txt
Status of this Memo
This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas, and
its working groups. Note that other groups may also distribute working
documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference material
or to cite them other than as ``work in progress.''
To view the current status of any Internet-Draft, please check the
``1id-abstracts.txt'' listing contained in an Internet-Drafts Shadow
Directory, see http://www.ietf.org/shadow.html.
Expires August 1999 [Page 1]
Draft Initial PIB February 1999
1. Glossary
PRC Policy Rule Class. A type of policy data. See [COPS-PR].
PRI Policy Rule Instance. An instance of a PRC. See [COPS-PR].
PIB Policy Information Base. The database of policy information.
PDP Policy Decision Point. See [COPS].
PEP Policy Enforcement Point. See [COPS].
2. Introduction
This document defines an initial set of policy rule classes that
describe the quality of service (QoS) policies for use by COPS-PR
clients and servers.
As described in [COPS-PR] QoS policy information is structured as
instances of policy rule classes. A policy rule class (PRC) is an
ordered set of scalar attributes. Policy rule classes are arranged in a
hierarchical structure similar to tables in SNMP's SMI [SNMP-SMI]. As
with SNMP tables, they are identified by a sequence of integer
identifiers.
For each policy rule class a device may have zero or more policy rule
instances. Each policy instance is also identified by a sequence of
integers where the first part of the sequence is the ID of the PRC.
Collections of policy rule classes are defined in PIB modules. These
modules are written using the same structure of management information
used by SNMP with the following modifications.
(1) The module begins with keyword PIB-DEFINITIONS rather than the
keyword DEFINITIONS to identify it as a PIB rather than a MIB.
(2) All policy rule classes as expressed as tables where each table
is a PRC and the table columns are the class attributes. There
is no scalar object as in SNMP. This makes for a more consistent
"class-based" structure.
(3) The OBJECT-TYPE macro has additional clause POLICY-ACCESS. This
clause can only be applied to a policy rule class (i.e., the
table definition). It takes the value "install", "install-
notify" or "notify". "Install" or "install-notify" means that
PDP may install instances of this policy rule class. "install-
notify" or "notify" means that the PEP must report all instances
of this class to the PDP in the initial request message, or when
the PDP sends a message to synchronize state. The assumed value
if none is explicitly provided is "install".
Expires August 1999 [Page 2]
Draft Initial PIB February 1999
For policy rule classes whose access is install or install-
notify, the maximum access allowed from SNMP is read access.
(4) The OBJECT-TYPE macro has additional clause INSTALL-ERRORS which
enumerates the possible reasons for rejecting the install
decision from the PDP. This clause may only appear on a policy
rule class, i.e., on a table object type. If this clause is not
present, the install can still fail, but no policy class-specific
error is reported.
To facilitate future extensions to the PIB, the attributes of a class
may be augmented in another, perhaps enterprise specific, PIB by
defining a class (using the AUGMENTS clause) in that newer PIB.
Instances of the new class are related to instances of the existing
class by means of the instance index.
3. Mapping the PIB to a MIB
The PIB has been designed so that it can be easily and algorithmically
mapped into a MIB for the purpose of monitoring by SNMP. This mapping
is achieved by means of the following rules.
(1) Replace the keyword POLICY-DEFINITIONS with the keyword
DEFINITIONS.
(2) Delete all the POLICY-ACCESS clauses.
(3) Add a MAX-ACCESS clause for each OBJECT-TYPE. For each table and
entry OBJECT-TYPE the MAX-ACCESS is "not-accessible". For each
attribute that is an index, the MAX-ACCESS is "not-accessible".
For the remaining attributes, the MAX-ACCESS is "read-only" if
the POLICY-ACCESS for the class is "install" or "install-notify",
and it is "read-create" if the POLICY-ACCESS for the class is
"notify".
(4) Add a columnar attribute of type RowStatus with name status and
with the next available OID if the POLICY-ACCESS is "notify".
(5) Delete all the INSTALL-ERRORS clauses.
4. ACEs and ACLs
The basis of classification and policing for QoS is the access control
entry (ACE). An ACE is simply a flow specification generally matching
flows of a particular type rather than individual microflows or
Expires August 1999 [Page 3]
Draft Initial PIB February 1999
aggregates. Associated with each ACE is a permit or deny action.
Ordered sets of these ACEs are used to create Access Control Lists
(ACLs). Then, ordered sets of these ACLs are applied to interfaces
together with a classification rule for each ACL (and a direction to
indicate an input or output ACL). Thus, associated with each interface
and direction is an ordered set of ACLs, each ACL consisting of an
ordered set of ACEs.
On input, each packet is checked against the set of ACLs configured on
the ingress interface for the input direction starting with the first in
the set. Similarly, on output each packet is checked against the set of
ACLs configured on the egress interface for the output direction. For
each ACL, the packet is checked against the set of ACEs in order. If a
packet matches an ACE in an ACL and the action is a permit, then the
action associated with that ACL is applied to that packet and no further
ACEs are compared. If the action is a deny then the rest of the ACEs in
the current ACL are skipped and the matching proceeds with the first ACE
of the next ACL (thus, providing a rudimentary "NOT" capability). If
the packet does not match any of the ACEs in the ACL, the next ACL is
tried.
5. Roles
The policy to apply to an interface may depend on many factors such as
immutable characteristics of the interface (e.g., ethernet or frame
relay), the status of the interface (e.g., half or full duplex), or user
configuration (e.g., branch office or headquarters interface). Rather
than specifying policies explicitly for each interface in the QoS
domain, policies are specified in terms of interface functionality.
To describe these functionalities of an interface we use the concept of
"roles". A role is simply a string that is associated with an
interface. A given interface may have any number of roles
simultaneously. Policy rule classes have an attribute called a "role-
combination" which is an unordered set of roles. Instances of a given
policy rule class are applied to interface if and only if the set of
roles in the role combination is identical to the set of the roles of
the interface.
Thus, roles provide a way to bind policy to interfaces without having to
to explicitly identify interfaces in a consistent manner across all
network devices. (The SNMP experience with ifIndex has proved this to
be a difficult task.) That is, roles provide a level of indirection to
the application of a set of policies to specific interfaces.
Expires August 1999 [Page 4]
Draft Initial PIB February 1999
Furthermore, if the same policy is being applied to several interfaces,
that policy need be pushed to the device only once, rather than once per
interface, as long as the interfaces are configured with the same role
combination.
We point out that, in the event that the administrator needs to have
unique policy for each interface, this can be achieved by configuring
each interface with a unique role.
The PEP reports all its role combinations to the PDP at connect time or
whenever they change.
The comparing of roles (or role combinations) must be case insensitive.
For display purposes, roles (or role combinations) should preserve the
case specified by the user.
The concept and usage of roles in this document is consistent with that
specified in [QOS-POL]. Roles are currently under discussion in the
IETF's Policy WG; as and when that discussion reaches a conclusion, this
PIB will be updated in accordance with that conclusion.
6. Summary of the PIB
This section gives a brief summary of the top level groups in the PIB.
Device Configuration
This group contains device configuration information. This
configuration is either set by management or reflects the physical
configuration of the device.
General Policy Configuration
This group contains general, global configuration such as the
mapping from DSCP to 802.1p CoS.
The IP Classification Group
This group describes the IP ACLs used for classification of IP
flows.
QoS Interface Group
This group specifies the configuration of the various interface
types including the setting of queueing parameters and mapping of
DSCPs to queues.
Expires August 1999 [Page 5]
Draft Initial PIB February 1999
7. PIB Definitions
QOS-POLICY-PIB PIB-DEFINITIONS ::= BEGIN
IMPORTS
Unsigned32, IpAddress FROM SNMPv2-SMI
DisplayString, TruthValue FROM SNMPv2-TC;
qosPolicyPib MODULE-IDENTITY
LAST-UPDATED "199902261800Z"
ORGANIZATION "IETF RAP WG"
CONTACT-INFO "
Michael Fine
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706 USA
Phone: +1 408 527 8218
Email: mfine@cisco.com
Keith McCloghrie
Cisco Systems, Inc.
170 West Tasman Drive,
San Jose CA 95134-1706. USA
Phone: +1 408 526 5260
Email: kzm@cisco.com"
DESCRIPTION
"The PIB module containing an initial set of policy
rule classes that describe the quality of service
(QoS) policies."
::= { tbd }
qosPolicyPibClasses OBJECT IDENTIFIER ::= { qosPolicyPib 1 }
-- New textual conventions
--
-- DiffServ Codepoint
--
Dscp ::= TEXTUAL-CONVENTION
DESCRIPTION
"An integer that is in the range of the DiffServ codepoint
values."
Expires August 1999 [Page 6]
Draft Initial PIB February 1999
SYNTAX INTEGER (0..63)
-- Ip Precedence
--
IpPrecedence ::= TEXTUAL-CONVENTION
DESCRIPTION
"An integer that is in the range of the IP precedence
values."
SYNTAX INTEGER (0..7)
-- Layer 2 CoS
--
QosLayer2Cos ::= TEXTUAL-CONVENTION
DESCRIPTION
"An integer that is in the range of the layer 2 CoS values.
This corresponds to the 802.1p priority values."
SYNTAX INTEGER (0..7)
-- Interface types
--
QosInterfaceQueueCount ::= TEXTUAL-CONVENTION
DESCRIPTION
"An integer that describes the number of queues an interface
supports. It is limited to the range of DSCP values."
SYNTAX INTEGER (0..63)
-- Role
--
Role ::= TEXTUAL-CONVENTION
DESCRIPTION
"A display string but where the characters '+', ' ' (space),
NULL, LF, CR, BELL, BS, HT (tab) VT and FF are illegal."
SYNTAX DisplayString (SIZE (0..31))
-- Role Combination
--
RoleCombination ::= TEXTUAL-CONVENTION
DESCRIPTION
"A Display string consisting of a set of roles concatenated
with a '+' character where the roles are in lexicographic
Expires August 1999 [Page 7]
Draft Initial PIB February 1999
order from minimum to maximum."
SYNTAX DisplayString (SIZE (0..255))
-- Policy Instance Index
--
PolicyInstanceId ::= TEXTUAL-CONVENTION
DESCRIPTION
"An textual convention for an attribute that is an an integer
index attribute of class. It is used for attributes that
exist for the purpose of providing a policy rule instance
with a unique instance identifier.
For any instance identifier that refers to another policy
rule instance, that other policy instance must exist.
Furthermore, it is an error to try to delete a policy rule
instance that is referred to by another instance without
first deleting the referencing instance."
SYNTAX Unsigned32
--
-- Device Configuration
--
-- This group contains device configuration information. This
-- configuration is either set by management or reflects the physical
-- configuration of the device. This configuration is generally
-- reported to the PDP (i.e., the policy server so that the PDP can
-- determine what policies to download to the PEP (i.e., the device).
qosDeviceConfig ::= { qosPolicy 1 }
qosPrcSupportTable OBJECT-TYPE
SYNTAX SEQUENCE OF QosPrcSupportEntry
POLICY-ACCESS notify
STATUS current
DESCRIPTION
"Each instance of this class specifies a PRC that the device
supports and a bit string to indicate the attributes of the
class that are supported. These PRIs are sent to the PDP to
indicate to the PDP which PRCs, and which attributes of these
PRCs, the device supports. All install and install-notify PRCs
Expires August 1999 [Page 8]
Draft Initial PIB February 1999
supported by the device must be represented in this table."
::= { qosDeviceConfig 1 }
qosPrcSupportEntry OBJECT-TYPE
SYNTAX QosPrcSupportEntry
INDEX { qosPrcSupportId }
::= { qosPrcSupportTable 1 }
QosPrcSupportEntry ::=
SEQUENCE {
qosPrcSupportId PolicyInstanceId,
qosPrcSupportSupportedPrc OBJECT IDENTIFIER,
qosPrcSupportSupportedAttrs OCTET STRING
}
qosPrcSupportId OBJECT-TYPE
SYNTAX PolicyInstanceId
DESCRIPTION
"Id to uniquely identify an instance."
::= { qosPrcSupportEntry 1 }
qosPrcSupportSupportedPrc OBJECT-TYPE
SYNTAX OBJECT IDENTIFIER
DESCRIPTION
"The object ID of a supported PRC. There may not be more
than one instance of PRC qosPrcSupportTable with the same
value of qosPrcSupportSupportedPrc."
::= { qosPrcSupportEntry 2 }
qosPrcSupportSupportedAttrs OBJECT-TYPE
SYNTAX OCTET STRING
DESCRIPTION
"A bit string representing the supported attributes of the
class."
::= { qosPrcSupportEntry 3 }
qosDevicePibIncarnationTable OBJECT-TYPE
SYNTAX SEQUENCE OF QosDevicePibIncarnationEntry
POLICY-ACCESS install-notify
STATUS current
DESCRIPTION
"This class contains a single policy rule instance that
identifies the current incarnation of the PIB and the PDP
Expires August 1999 [Page 9]
Draft Initial PIB February 1999
that installed this incarnation. The instance of this class
is reported to the PDP at client connect time so that the PDP
can (attempt to) ascertain the current state of the PIB."
INSTALL-ERRORS {
tooManyPris(1),
}
::= { qosDeviceConfig 2 }
qosDevicePibIncarnationEntry OBJECT-TYPE
SYNTAX QosDevicePibIncarnationEntry
INDEX { qosDeviceIncarnationId }
::= { qosDevicePibIncarnationTable 1 }
QosDevicePibIncarnationEntry ::=
SEQUENCE {
qosDeviceIncarnationId PolicyInstanceId,
qosDevicePdpName DisplayString
qosDevicePibIncarnation OCTET STRING,
qosDevicePibTtl Unsigned32
}
qosDeviceIncarnationId OBJECT-TYPE
SYNTAX PolicyInstanceId
DESCRIPTION
"Id to uniquely identify an instance."
::= { qosDevicePibIncarnationEntry 1 }
qosDevicePdpName OBJECT-TYPE
SYNTAX DisplayString
DESCRIPTION
"The name of the PDP that installed the current incarnation
of the PIB into the device. By default it is the zero length
string."
::= { qosDevicePibIncarnationEntry 2 }
qosDevicePibIncarnation OBJECT-TYPE
SYNTAX OCTET STRING
DESCRIPTION
"An ID to identify the current incarnation. It has meaning
to the PDP that installed the PIB and perhaps its standby
PDPs. By default the zero-length string."
::= { qosDevicePibIncarnationEntry 3 }
qosDevicePibTtl OBJECT-TYPE
Expires August 1999 [Page 10]
Draft Initial PIB February 1999
SYNTAX Unsigned32
DESCRIPTION
"The number of seconds after a client close or TCP timeout
for which the PEP continues to enforce the policy in the PIB.
After this interval, the PIB is considered expired and the
device no longer enforces the policy installed in the PIB."
::= { qosDevicePibIncarnationEntry 4 }
qosInterfaceTypeTable OBJECT-TYPE
SYNTAX SEQUENCE OF QosInterfaceTypeEntry
POLICY-ACCESS notify
STATUS current
DESCRIPTION
"This class describes the interface types of the interfaces
that exist on the device. It includes the queue count, role
combination and capabilities of interfaces. An instance is
required for each different combination of queue count, role
combination, and interface capabilities that is operational
on the device at any given time. The PEP does not report
which specific interfaces have which characteristics."
::= { qosDeviceConfig 3 }
qosInterfaceTypeEntry OBJECT-TYPE
SYNTAX QosInterfaceTypeEntry
INDEX { qosInterfaceTypeId }
::= { qosInterfaceTypeTable 1 }
QosInterfaceTypeEntry ::=
SEQUENCE {
qosInterfaceTypeId PolicyInstanceId,
qosInterfaceQueueCount QosInterfaceQueueCount,
qosInterfaceTypeRoles RoleCombination,
qosInterfaceTypeCapabilities BITS
}
qosInterfaceTypeId OBJECT-TYPE
SYNTAX PolicyInstanceId
DESCRIPTION
"Id to uniquely identify an instance."
::= { qosInterfaceTypeEntry 1 }
qosInterfaceQueueCount OBJECT-TYPE
SYNTAX QosInterfaceQueueCount
DESCRIPTION
Expires August 1999 [Page 11]
Draft Initial PIB February 1999
"The number of queues supported by interfaces to which
this policy rule instance applies."
::= { qosInterfaceTypeEntry 2 }
qosInterfaceTypeRoles OBJECT-TYPE
SYNTAX RoleCombination
DESCRIPTION
"The role combination of interfaces to which this policy
rule instance applies."
::= { qosInterfaceTypeEntry 3 }
qosInterfaceTypeCapabilities OBJECT-TYPE
SYNTAX BITS {
other(1),
-- Classification support
inputIpClassification(2),
outputIpClassification(3),
-- Expect more to be added
}
DESCRIPTION
"An enumeration of interface capabilities. Used by the
PDP to select which policies and configuration it should
push to the PEP."
::= { qosInterfaceTypeEntry 4 }
--
-- General Config for the entire domain.
--
qosDomainConfig ::= { qosPolicy 2 }
-- Table of DiffServ codepoint mappings
-- Maps DSCP to IP precedence and CoS
qosDiffServMappingTable OBJECT-TYPE
SYNTAX SEQUENCE OF QosDiffServMappingEntry
POLICY-ACCESS install
STATUS current
DESCRIPTION
"Maps each DSCP to an IP precedence and QosLayer2Cos. When
configured for the first time, all 64 entries of the table
Expires August 1999 [Page 12]
Draft Initial PIB February 1999
must be specified. Thereafter, instances may be modified but
not deleted unless all instances are deleted"
INSTALL-ERRORS {
tooManyPris(1), -- Must have 0 or 64
tooFewPris(2),
outOfOrder(3), -- Must have all 64 values
}
::= { qosDomainConfig 1 }
qosDiffServMappingEntry OBJECT-TYPE
SYNTAX QosDiffServMappingEntry
INDEX { qosDscp }
:: = { qosDiffServMappingTable 1 }
QosDiffServMappingEntry ::=
SEQUENCE {
qosDscp Dscp,
qosIpPrecedence IpPrecedence,
qosL2Cos QosLayer2Cos
}
qosDscp OBJECT-TYPE
SYNTAX Dscp
DESCRIPTION
"A DSCP"
::= { qosDiffServMappingEntry 1 }
qosIpPrecedence OBJECT-TYPE
SYNTAX IpPrecedence
DESCRIPTION
"The IP precedence to use when mapping this DSCP to an IP
precedence."
::= { qosDiffServMappingEntry 2 }
qosL2Cos OBJECT-TYPE
SYNTAX QosLayer2Cos
DESCRIPTION
"The L2 CoS value to use when mapping this DSCP to layer 2
CoS."
::= { qosDiffServMappingEntry 3 }
-- Table of Layer 2 CoS to DSCP mappings
--
Expires August 1999 [Page 13]
Draft Initial PIB February 1999
qosCosToDscpTable OBJECT-TYPE
SYNTAX SEQUENCE OF QosCosToDscpEntry
POLICY-ACCESS install
STATUS current
DESCRIPTION
"Maps each of eight CoS values to a DSCP. When configured
for the first time, all 8 entries of the table must be
specified. Thereafter, instances may be modified but not
deleted unless all instances are deleted."
::= { qosDomainConfig 2 }
qosCosToDscpEntry OBJECT-TYPE
SYNTAX QosCosToDscpEntry
INDEX { qosCosToDscpCos }
:: = { qosCosToDscpTable 1 }
QosCosToDscpEntry ::=
SEQUENCE {
qosCosToDscpCos QosLayer2Cos,
qosCosToDscpDscp Dscp
}
qosCosToDscpCos OBJECT-TYPE
SYNTAX QosLayer2Cos
DESCRIPTION
"The L2 CoS value that is being mapped."
::= { qosDiffServMappingEntry 1 }
qosCosToDscpDscp OBJECT-TYPE
SYNTAX Dscp
DESCRIPTION
"The DSCP value to use when mapping the L2 CoS to a DSCP."
::= { qosDiffServMappingEntry 2 }
--
-- The IP Classification and Policing Group
--
qosIpQos ::= { qosPolicy 3 }
-- The ACE Table
Expires August 1999 [Page 14]
Draft Initial PIB February 1999
--
qosIpAceTable OBJECT-TYPE
SYNTAX SEQUENCE OF QosIpAceEntry
POLICY-ACCESS install
STATUS current
DESCRIPTION
"ACE definitions. A packet has to match all fields in an
ACE. Wildcards may be specified for those fields that are
not relevant."
::= { qosIpQos 1 }
qosIpAceEntry OBJECT-TYPE
SYNTAX QosIpAceEntry
INDEX { qosIpAceId }
::= { qosIpAceTable 1 }
QosIpAceEntry ::=
SEQUENCE {
qosIpAceId PolicyInstanceId,
qosIpAceDstAddr IpAddress,
qosIpAceDstAddrMask IpAddress,
qosIpAceSrcAddr IpAddress,
qosIpAceSrcAddrMask IpAddress,
qosIpAceDscpMin Dscp,
qosIpAceDscpMax Dscp,
qosIpAceProtocol INTEGER,
qosIpAceDstL4PortMin INTEGER,
qosIpAceDstL4PortMax INTEGER,
qosIpAceSrcL4PortMin INTEGER,
qosIpAceSrcL4PortMax INTEGER,
qosIpAcePermit TruthValue
}
qosIpAceId OBJECT-TYPE
SYNTAX PolicyInstanceId
DESCRIPTION
"An integer index to uniquely identify this ACE among all the
ACEs."
::= { qosIpAceEntry 1 }
qosIpAceDstAddr OBJECT-TYPE
SYNTAX IpAddress
DESCRIPTION
"The IP address to match against the packet's destination IP
Expires August 1999 [Page 15]
Draft Initial PIB February 1999
address."
::= { qosIpAceEntry 2 }
qosIpAceDstAddrMask OBJECT-TYPE
SYNTAX IpAddress
DESCRIPTION
"A mask for the matching of the destination IP address.
A zero bit in the mask means that the corresponding bit in
the address always matches."
::= { qosIpAceEntry 3 }
qosIpAceSrcAddr OBJECT-TYPE
SYNTAX IpAddress
DESCRIPTION
"The IP address to match against the packet's source IP
address."
::= { qosIpAceEntry 4 }
qosIpAceSrcAddrMask OBJECT-TYPE
SYNTAX IpAddress
DESCRIPTION
"A mask for the matching of the source IP address."
::= { qosIpAceEntry 5 }
qosIpAceDscpMin OBJECT-TYPE
SYNTAX Dscp
DESCRIPTION
"The minimum value that the DSCP in the packet can have and
match this ACE."
::= { qosIpAceEntry 6 }
qosIpAceDscpMax OBJECT-TYPE
SYNTAX Dscp
DESCRIPTION
"The maximum value that the DSCP in the packet can have and
match this ACE."
::= { qosIpAceEntry 7 }
qosIpAceProtocol OBJECT-TYPE
SYNTAX INTEGER (0..255)
DESCRIPTION
"The IP protocol to match against the packet's protocol.
A value of zero means match all."
::= { qosIpAceEntry 8 }
Expires August 1999 [Page 16]
Draft Initial PIB February 1999
qosIpAceDstL4PortMin OBJECT-TYPE
SYNTAX INTEGER (0..65536)
DESCRIPTION
"The minimum value that the packet's layer 4 destination
port number can have and match this ACE."
::= { qosIpAceEntry 9 }
qosIpAceDstL4PortMax OBJECT-TYPE
SYNTAX INTEGER (0..65536)
DESCRIPTION
"The maximum value that the packet's layer 4 destination
port number can have and match this ACE."
::= { qosIpAceEntry 10 }
qosIpAceSrcL4PortMin OBJECT-TYPE
SYNTAX INTEGER (0..65536)
DESCRIPTION
"The minimum value that the packet's layer 4 source port
number can have and match this ACE."
::= { qosIpAceEntry 11 }
qosIpAceSrcL4PortMax OBJECT-TYPE
SYNTAX INTEGER (0..65536)
DESCRIPTION
"The maximum value that the packet's layer 4 source port
number can have and match this ACE."
::= { qosIpAceEntry 12 }
qosIpAcePermit OBJECT-TYPE
SYNTAX TruthValue
DESCRIPTION
"If the packet matches this ACE and the value of this
attribute is true, then the matching process terminates
and the QoS associated with this ACE (indirectly through
the ACL) is applied to the packet. If the value of this
attribute is false, then no more ACEs in this ACL are
compared to this packet and matching continues with the
first ACE of the next ACL."
::= { qosIpAceEntry 13 }
-- The ACL Definition Table
--
Expires August 1999 [Page 17]
Draft Initial PIB February 1999
qosIpAclDefinitionTable OBJECT-TYPE
SYNTAX QosIpAclDefinitionEntry
POLICY-ACCESS install
STATUS current
DESCRIPTION
"A class that defines a set of ACLs each being an ordered list
of ACEs. Each instance of this class identifies one ACE of
an ACL and the precedence order of that ACE with respect to
other ACEs in the same ACL."
::= { qosIpQos 2 }
qosIpAclDefinitionEntry OBJECT-TYPE
SYNTAX QosIpAclDefinitionEntry
INDEX { qosIpAclDefinitionId }
::= { qosIpAclDefinitionTable 1 }
QosIpAclDefinitionEntry ::=
SEQUENCE {
qosIpAclDefinitionId PolicyInstanceId,
qosIpAclId PolicyInstanceId,
qosIpAceId PolicyInstanceId,
qosIpAceOrder Unsigned32
}
qosIpAclDefinitionId OBJECT-TYPE
SYNTAX PolicyInstanceId
DESCRIPTION
"Unique ID of this policy rule instance."
::= { qosIpAclDefinitionEntry 1 }
qosIpAclId OBJECT-TYPE
SYNTAX PolicyInstanceId
DESCRIPTION
"An index for this ACL. There will be one instance of
the class qosIpAclDefinition with this ID for each ACE in
the ACL per role combination."
::= { qosIpAclDefinitionEntry 2 }
qosIpAceId OBJECT-TYPE
SYNTAX PolicyInstanceId
DESCRIPTION
"This attribute specifies the ACE in the qosIpAceTable that
is in the ACL specified by qosIpAclId at the position
specified by qosIpAceOrder."
::= { qosIpAclDefinitionEntry 3 }
Expires August 1999 [Page 18]
Draft Initial PIB February 1999
qosIpAceOrder OBJECT-TYPE
SYNTAX Unsigned32
DESCRIPTION
"The precedence order of this ACE. The precedence order
determines the position of this ACE in the ACL. An ACE with
a given precedence order is positioned in the access control
list before one with a higher-valued precedence order."
::= { qosIpAclDefinitionEntry 4 }
-- The ACL Action Table
--
qosIpAclActionTable OBJECT-TYPE
SYNTAX QosIpAclActionEntry
POLICY-ACCESS install
STATUS current
DESCRIPTION
"A class that applies a set of ACLs to interfaces specifying,
for each interface, the precedence order of the ACL with respect
to other ACLs applied to the same interface and, for each ACL,
the action to take for a packet that matches a permit ACE in
that ACL. Interfaces are specified abstractly in terms of
interface roles."
::= { qosIpQos 3 }
qosIpAclActionEntry OBJECT-TYPE
SYNTAX QosIpAclActionEntry
INDEX { qosIpAclActionId }
::= { qosIpAclActionTable 1 }
QosIpAclActionEntry ::=
SEQUENCE {
qosIpAclActionId PolicyInstanceId,
qosIpAclId PolicyInstanceId,
qosIpAclInterfaceRoles RoleCombination,
qosIpAclInterfaceDirection INTEGER,
qosIpAclOrder Unsigned32,
qosIpAclDscp Dscp
}
qosIpAclActionId OBJECT-TYPE
SYNTAX PolicyInstanceId
DESCRIPTION
"An ID to uniquely identify the instance of the class."
Expires August 1999 [Page 19]
Draft Initial PIB February 1999
::= { qosIpAclActionEntry 1 }
qosIpAclId OBJECT-TYPE
SYNTAX PolicyInstanceId
DESCRIPTION
"The ACL associated with this action."
::= { qosIpAclActionEntry 2 }
qosIpAclInterfaceRoles OBJECT-TYPE
SYNTAX RoleCombination
DESCRIPTION
"The interfaces to which this ACL applies specified in terms
of a set of roles."
::= { qosIpAclActionEntry 3 }
qosIpAclInterfaceDirection OBJECT-TYPE
SYNTAX INTEGER { in(0), out(1) }
DESCRIPTION
"The direction of packet flow at the interface in question to
which this ACL applies."
::= { qosIpAclActionEntry 4 }
qosIpAclOrder OBJECT-TYPE
SYNTAX Unsigned32
DESCRIPTION
"An integer that determines the precedence order of this ACL in
the list of ACLs applied to interfaces of the specified role
combination. An ACL with a given precedence order is positioned
in the list before one with a higher-valued precedence order."
::= { qosIpAclActionEntry 5 }
qosIpAclDscp OBJECT-TYPE
SYNTAX Dscp
DESCRIPTION
"The DSCP to classify the packet with in the event that the
packet matches an ACE in this ACL and the ACE is a permit."
::= { qosIpAclActionEntry 6 }
--
-- QoS Interface Group
--
Expires August 1999 [Page 20]
Draft Initial PIB February 1999
-- This group specifies the configuration of the various interface
-- types including the setting of queueing parameters and the
-- mapping of DSCPs to queues.
qosIfParameters ::= { qosPolicy 4 }
-- The Assignment of DSCPs to queues for each interface type.
--
qosIfDscpAssignmentTable OBJECT-TYPE
SYNTAX SEQUENCE OF QosIfDscpAssignmentEntry
POLICY-ACCESS install
STATUS current
DESCRIPTION
"The assignment of each DSCP to a queue for each interface
queue count. There will be 64 instances of this class for
each combination of queue count and role combination."
::= { qosIfParameters 1 }
qosIfDscpAssignmentEntry OBJECT-TYPE
SYNTAX QosIfDscpAssignmentEntry
INDEX { qosIfDscpAssignmentId }
::= { qosIfAssignmentTable 1 }
QosIfDscpAssignmentEntry ::=
SEQUENCE {
qosIfDscpAssignmentId PolicyInstanceId,
qosIfDscpRoles RoleCombination,
qosIfQueueCount QosInterfaceQueueCount,
qosIfDscp Dscp,
qosIfQueue INTEGER
}
qosIfDscpAssignmentId OBJECT-TYPE
SYNTAX PolicyInstanceId
DESCRIPTION
"An ID to uniquely identify the instance of the class."
::= { qosIfAssignmentEntry 1 }
qosIfDscpRoles OBJECT-TYPE
SYNTAX RoleCombination
DESCRIPTION
"The role combination the interface must be configured with."
::= { qosIfAssignmentEntry 2 }
Expires August 1999 [Page 21]
Draft Initial PIB February 1999
qosIfQueueCount OBJECT-TYPE
SYNTAX QosInterfaceQueueCount
DESCRIPTION
"This row applies only to interfaces that have as many queues
as specified by this attribute."
::= { qosIfAssignmentEntry 3 }
qosIfDscp OBJECT-TYPE
SYNTAX Dscp
DESCRIPTION
"The DSCP to which this row applies."
::= { qosIfAssignmentEntry 4 }
qosIfQueue OBJECT-TYPE
SYNTAX INTEGER
DESCRIPTION
"The queue to be used for packets which have this DSCP.
It must be in the range 1 through qosIfQueueCount."
::= { qosIfAssignmentEntry 5 }
-- Weights for interfaces that support WRR.
--
qosIfWeightsTable OBJECT-TYPE
SYNTAX SEQUENCE OF QosIfWeightsEntry
POLICY-ACCESS install
STATUS current
DESCRIPTION
"A class of scheduling weights for each queue of an interface
that supports weighted round robin scheduling.
::= { qosIfParameters 2 }
qosIfWeightsEntry OBJECT-TYPE
SYNTAX QosIfWeightsEntry
INDEX { qosIfWeightsId }
::= { qosIfWeightsTable 1 }
QosIfWeightsEntry ::=
SEQUENCE {
qosIfWeightsId PolicyInstanceId,
qosIfWeightsRoles RoleCombination,
qosIfWeightsNumQueues QosInterfaceQueueCount,
qosIfWeightsQueue INTEGER,
qosIfWeightsDrainSize INTEGER,
Expires August 1999 [Page 22]
Draft Initial PIB February 1999
qosIfWeightsQueueSize INTEGER,
}
qosIfWeightsId OBJECT-TYPE
SYNTAX PolicyInstanceId
DESCRIPTION
"An ID to uniquely identify the instance of the class."
::= { qosIfWeightsEntry 1 }
qosIfWeightsRoles OBJECT-TYPE
SYNTAX RoleCombination
DESCRIPTION
"The role combination the interface must be configured with."
::= { qosIfWeightsEntry 2 }
qosIfWeightsNumQueues OBJECT-TYPE
SYNTAX QosInterfaceQueueCount
DESCRIPTION
"The value of the weight in this PRI applies only to
interfaces with the number of queues specified by this
attribute."
::= { qosIfWeightsEntry 3 }
qosIfWeightsQueue OBJECT-TYPE
SYNTAX INTEGER
DESCRIPTION
"The queue to which the weight applies"
::= { qosIfWeightsEntry 4 }
qosIfWeightsDrainSize OBJECT-TYPE
SYNTAX INTEGER
DESCRIPTION
"The maximum number of bytes that may be drained from the
queue in one cycle. The percentage of the bandwidth allocated
to this queue can be calculated from this attribute and the
sum of the drain sizes of all the queues of the interface.
For an interface that uses priority queueing, the drain size
specifies the queue priority. The higher the drain size the
higher the priority."
::= { qosIfWeightsEntry 5 }
qosIfWeightsQueueSize OBJECT-TYPE
SYNTAX INTEGER
DESCRIPTION
Expires August 1999 [Page 23]
Draft Initial PIB February 1999
"The size of the queue in bytes. Some devices set queue size
in terms of packets. These devices must calculate the queue
size in packets by assuming an average packet size suitable
for the particular interface.
Some devices have a fixed size buffer to be shared among all
queues. These devices must allocate a fraction of the
total buffer space to this queue calculated as the the ratio
of the queue size to the sum of the queue sizes for the
interface."
::= { qosIfWeightsEntry 6 }
END
Expires August 1999 [Page 24]
Draft Initial PIB February 1999
8. Security Considerations
The information contained in a PIB when transported by the COPS protocol
[COPS-PR] may be sensitive, and its function of provisioning a PEP
requires that only authorized communication take place. The use of
IPSEC between PDP and PEP, as described in [COPS], provides the
necessary protection against these threats.
9. Intellectual Property Considerations
The IETF is being notified of intellectual property rights claimed in
regard to some or all of the specification contained in this docu- ment.
For more information consult the online list of claimed rights.
10. Authors' Addresses
Michael Fine
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706 USA
Phone: +1 408 527 8218
Email: mfine@cisco.com
Keith McCloghrie
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706 USA
Phone: +1 408 526 5260
Email: kzm@cisco.com
Scott Hahn
Intel
2111 NE 25th Avenue
Hillsboro, OR 97124 USA
503.264.8231
Email: scott.hahn@intel.com
Kwok Ho Chan
Nortel Networks, Inc.
600 Technology Park Drive
Billerica, MA 01821 USA
Phone: (978) 916-8175
Email: khchan@nortelnetworks.com
Expires August 1999 [Page 25]
Draft Initial PIB February 1999
Andrew Smith
Extreme Networks
10460 Bandley Drive
Cupertino CA 95014 USA
+1 (408) 342 0999
Email: andrew@extremenetworks.com
11. References
[COPS] J. Boyle, R. Cohen, D. Durham, S. Herzog, R. Rajan, A. Sastry,
"The COPS (Common Open Policy Service) Protocol"
Internet-Draft, draft-ietf-rap-cops-06.txt, February 1999.
[COPS-PR] R. Yavatkar, K. McCloghrie, S. Herzog, F. Reichmeyer,
D. Durham, K. Chan, S. Gai, "COPS Usage for Policy
Provisioning", draft-sgai-cops-provisioning-00.txt,
February 1999.
[QOS-POL] S. Gai, J. Strassner, D. Durham, S. Herzog, H. Mahon,
F. Reichmeyer, "QoS Policy Framework Architecture",
draft-sgai-policy-framework-00.txt, February 1999.
[SNMP-SMI] SNMPv2 Working Group, J. Case, K. McCloghrie, M. Rose,
S. Waldbusser, "Structure of Management Information for
Version 2 of the Simple Network Management Protocol (SNMPv2)",
RFC 1902, January 1996.
Expires August 1999 [Page 26]
Draft Initial PIB February 1999
Table of Contents
1 Glossary ........................................................ 2
2 Introduction .................................................... 2
3 Mapping the PIB to a MIB ........................................ 3
4 ACEs and ACLs ................................................... 3
5 Roles ........................................................... 4
6 Summary of the PIB .............................................. 5
7 PIB Definitions ................................................. 6
8 Security Considerations ......................................... 25
9 Intellectual Property Considerations ............................ 25
10 Authors' Addresses ............................................. 25
11 References ..................................................... 26
Expires August 1999 [Page 27]
| PAFTECH AB 2003-2026 | 2026-04-22 21:16:48 |