One document matched: draft-thaler-tunnel-mib-02.txt
Differences from draft-thaler-tunnel-mib-01.txt
Internet Engineering Task Force Dave Thaler
INTERNET-DRAFT Merit
Expires May 1998 14 November 1997
IP Tunnel MIB
<draft-thaler-tunnel-mib-02.txt>
Status of this Memo
This document is an Internet Draft. Internet Drafts are working
documents of the Internet Engineering Task Force (IETF), its Areas, and
its Working Groups. Note that other groups may also distribute working
documents as Internet Drafts.
Internet Drafts are valid for a maximum of six months and may be
updated, replaced, or obsoleted by other documents at any time. It is
inappropriate to use Internet Drafts as reference material or to cite
them other than as a "work in progress".
1. Introduction
This memo defines an experimental portion of the Management Information
Base (MIB) for use with network management protocols in the Internet
community. In particular, it describes managed objects used for
managing tunnels of any type in IP networks, including GRE [5,6], IP-
in-IP [7], Minimal Encapsulation [8], L2TP [9], and PPTP [10] tunnels.
Extension MIBs (e.g., [11]) may be designed for managing protocol-
specific objects. Likewise, extension MIBs may be designed for managing
security-specific objects (e.g., IPSEC [13]).
Expires May 1998 [Page 1]
Draft IP Tunnel MIB November 1997
2. The SNMPv2 Network Management Framework
The SNMPv2 Network Management Framework presently consists of three
major components. They are:
o RFC 1902 [1] which defines the SMI, the mechanisms used for
describing and naming objects for the purpose of management.
o STD 17, RFC 1213 [2] defines MIB-II, the core set of managed
objects for the Internet suite of protocols.
o RFC 1157 [3] and RFC 1905 [4] which define two versions of the
protocol used for network access to managed objects.
The Framework permits new objects to be defined for the purpose of
experimentation and evaluation.
2.1. Object Definitions
Managed objects are accessed via a virtual information store, termed the
Management Information Base or MIB. Objects in the MIB are defined
using the subset of Abstract Syntax Notation One (ASN.1) defined in the
SMI. In particular, each object type is named by an OBJECT IDENTIFIER,
an administratively assigned name. The object type together with an
object instance serves to uniquely identify a specific instantiation of
the object. For human convenience, we often use a textual string,
termed the descriptor, to refer to the object type.
3. Overview
This MIB module contains a single table:
o The Tunnel Table contains information on the tunnels known to a
router.
3.1. Relationship to the Interfaces MIB
This section clarifies the relationship of this MIB to the Interfaces
MIB [12]. Several areas of correlation are addressed in the following
subsections. The implementor is referred to the Interfaces MIB document
in order to understand the general intent of these areas.
Expires May 1998 [Page 2]
Draft IP Tunnel MIB November 1997
3.1.1. Layering Model
Each logical interface (physical or virtual) has an ifEntry in the
Interfaces MIB [12]. Tunnels are handled by creating a logical
interface (ifEntry) for each tunnel. These are then correlated to
physical interfaces using the ifStack table of the Interfaces MIB. The
basic model, therefore, looks something like this (for example):
| | | | | |
+--+ +---+ +--+ +---+ | |
|IP-in-IP| | GRE | | |
| tunnel | | tunnel | | |
+--+ +---+ +--+ +---+ | |
| | | | | | <== attachment to physical
+--+ +---------+ +----------+ +--+ interfaces, to be provided
| Physical interface | by ifStack table
+--------------------------------+
3.1.2. ifTestTable
The ifTestTable usage is defined in the MIBs defining the
encapsulation below the network layer. For example, if IP-in-IP
encapsulation is being used, the ifTestTable is defined by IP-in-IP.
3.1.3. ifRcvAddressTable
The ifRcvAddressTable usage is defined in the MIBs defining the
encapsulation below the network layer. For example, if IP-in-IP
encapsulation is being used, the ifRcvAddressTable is defined by IP-
in-IP.
3.1.4. ifEntry
IfEntries are defined in the MIBs defining the encapsulation below
the network layer. For example, if IP-in-IP encapsulation [9] is
being used, the ifEntry is defined by IP-in-IP.
The ifType of a tunnel should be set to "tunnel" (131). An entry in
the IP Tunnel MIB will exist for every ifEntry with this ifType. An
implementation of the IP Tunnel MIB MAY allow ifEntries to be
created. Creating a tunnel will also add an entry in the ifTable,
and deleting a tunnel will likewise delete the entry in the ifTable.
Expires May 1998 [Page 3]
Draft IP Tunnel MIB November 1997
4. Definitions
TUNNEL-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, enterprises,
Integer32, IpAddress FROM SNMPv2-SMI
RowStatus FROM SNMPv2-TC
MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF
ifIndex FROM IF-MIB;
tunnelMIB MODULE-IDENTITY
LAST-UPDATED "9803131200Z"
ORGANIZATION "Merit Network"
CONTACT-INFO
" Dave Thaler
Merit Network, Inc
4251 Plymouth Rd., Suite C
Ann Arbor, MI 48105-2785
EMail: thalerd@merit.net"
DESCRIPTION
"The MIB module for management of IP Tunnels, independent of
the specific encapsulation scheme in use."
::= { enterprises 61 3 2 2 }
tunnelMIBObjects OBJECT IDENTIFIER ::= { tunnelMIB 1 }
tunnel OBJECT IDENTIFIER ::= { tunnelMIBObjects 1 }
Expires May 1998 [Page 4]
Draft IP Tunnel MIB November 1997
-- the IP Tunnel MIB-Group
--
-- a collection of objects providing information about
-- IP Tunnels
tunnelIfTable OBJECT-TYPE
SYNTAX SEQUENCE OF TunnelIfEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The (conceptual) table containing information on configured
tunnels."
::= { tunnel 1 }
tunnelIfEntry OBJECT-TYPE
SYNTAX TunnelIfEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (conceptual row) containing the information on a
particular configured tunnel."
INDEX { ifIndex }
::= { tunnelIfTable 1 }
TunnelIfEntry ::= SEQUENCE {
tunnelIfLocalAddress IpAddress,
tunnelIfRemoteAddress IpAddress,
tunnelIfEncapsMethod INTEGER,
tunnelIfHopLimit Integer32,
tunnelIfStatus RowStatus,
tunnelIfPriority Integer32,
tunnelIfEncapsLimit Integer32,
tunnelIfSecurity INTEGER
}
tunnelIfLocalAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The address of the local endpoint of the tunnel, or 0.0.0.0
if unknown."
::= { tunnelIfEntry 1 }
Expires May 1998 [Page 5]
Draft IP Tunnel MIB November 1997
tunnelIfRemoteAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The address of the remote endpoint of the tunnel, or
0.0.0.0 if unknown."
::= { tunnelIfEntry 2 }
tunnelIfEncapsMethod OBJECT-TYPE
SYNTAX INTEGER {
other(1), -- none of the following
native(2), -- no intermediate header
gre(3), -- GRE encapsulation
minimal(4), -- Minimal encapsulation
l2tp(5), -- L2TP encapsulation
pptp(6) -- PPTP encapsulation
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The encapsulation method used by the tunnel. The value
native indicates that the packet is encapsulated inside a
normal IPv4 header and unicast to the remote tunnel
endpoint. The value gre indicates that a GRE header is
inserted between the outer header and the payload header,
and minimal indicates that a Minimal Forwarding Header (RFC
2004) is inserted between the outer header and the payload
data. The value pptp indicates that an enhanced GRE header
and a PPP header are inserted."
::= { tunnelIfEntry 3 }
tunnelIfHopLimit OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IPv4 TTL (or IPv6 hop limit) to use in the outer IP
header. A value of 0 indicates that the value is copied from
the payload's header."
::= { tunnelIfEntry 4 }
tunnelIfStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
Expires May 1998 [Page 6]
Draft IP Tunnel MIB November 1997
STATUS current
DESCRIPTION
"The status of this row, by which new entries may be
created, or old entries deleted from this table."
::= { tunnelIfEntry 5 }
tunnelIfPriority OBJECT-TYPE
SYNTAX Integer32 (-1..15)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IPv4 Preference or IPv6 Priority to use in the outer IP
header. A value of -1 indicates that the value is copied
from the payload's header."
::= { tunnelIfEntry 6 }
tunnelIfEncapsLimit OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The maximum number of encapsulations permitted for packets
undergoing encapsulation at this node. A value of 0
indicates that no limit is present (except as a result of
the packet size)."
::= { tunnelIfEntry 7 }
tunnelIfSecurity OBJECT-TYPE
SYNTAX INTEGER {
none(1), -- no security
ipsec(2), -- IPSEC security
other(3)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The method used by the tunnel to secure the outer IP
header."
::= { tunnelIfEntry 8 }
Expires May 1998 [Page 7]
Draft IP Tunnel MIB November 1997
-- conformance information
tunnelMIBConformance
OBJECT IDENTIFIER ::= { tunnelMIB 2 }
tunnelMIBCompliances
OBJECT IDENTIFIER ::= { tunnelMIBConformance 1 }
tunnelMIBGroups OBJECT IDENTIFIER ::= { tunnelMIBConformance 2 }
-- compliance statements
tunnelMIBCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for the IP Tunnel MIB."
MODULE -- this module
MANDATORY-GROUPS { tunnelMIBBasicGroup }
::= { tunnelMIBCompliances 1 }
-- units of conformance
tunnelMIBBasicGroup OBJECT-GROUP
OBJECTS { tunnelIfLocalAddress, tunnelIfRemoteAddress,
tunnelIfEncapsMethod, tunnelIfHopLimit, tunnelIfStatus,
tunnelIfPriority, tunnelIfEncapsLimit, tunnelIfSecurity }
STATUS current
DESCRIPTION
"A collection of objects to support basic management of IP
Tunnels."
::= { tunnelMIBGroups 1 }
END
Expires May 1998 [Page 8]
Draft IP Tunnel MIB November 1997
5. References
[1] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and
S. Waldbusser, "Structure of Management Information for version 2
of the Simple Network Management Protocol (SNMPv2)", RFC 1902,
January 1996.
[2] McCloghrie, K., and M. Rose, Editors, "Management Information Base
for Network Management of TCP/IP-based internets: MIB-II", STD 17,
RFC 1213, March 1991.
[3] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network
Management Protocol", RFC 1157, May 1990.
[4] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and
S. Waldbusser, "Protocol Operations for version 2 of the Simple
Network Management Protocol (SNMPv2)", RFC 1905, January 1996.
[5] Hanks, S., Li, T., Farinacci, D., and P. Traina, "Generic Routing
Encapsulation (GRE)", RFC 1701, October 1994.
[6] Hanks, S., Li, T., Farinacci, D., and P. Traina, "Generic Routing
Encapsulation over IPv4 networks", RFC 1702, October 1994.
[7] Perkins, C., "IP Encapsulation within IP", RFC 2003, October 1996.
[8] Perkins, C., "Minimal Encapsulation within IP", RFC 2004, October
1996.
[9] Hamzeh, Kolar, Littlewood, Pall, Taarud, Valencia, and Verthein,
"Layer Two Tunneling Protocol (L2TP)", draft-ietf-pppext-l2tp-
04.txt, June 1997.
[10] Hamzeh, Pall, Verthein, Taarud, and Little, "Point-to-Point
Tunneling Protocol--PPTP", draft-ietf-pppext-pptp-02.txt, July
1997.
[11] Calhoun, Reddy, Vroman, and Wheeler. "Layer Two Tunneling Protocol
"L2TP" Management Information Base", draft-ietf-pppext-l2tp-mib-
00.txt, October 1997.
[12] McCloghrie and Kastenholz. "Evolution of the Interfaces Group of
MIB-II", RFC 1573, January 1994.
Expires May 1998 [Page 9]
Draft IP Tunnel MIB November 1997
[13] R. Atkinson. "Security architecture for the internet protocol",
RFC 1825, August 1995.
6. Security Considerations
Security issues are not discussed in this memo.
7. Author's Address
Dave Thaler
Merit Network, Inc
4251 Plymouth Rd., Suite C
Ann Arbor, MI 48105-2785
Phone: +1 313 647 4813
EMail: thalerd@merit.net
Expires May 1998 [Page 10]
Draft IP Tunnel MIB November 1997
Table of Contents
1 Introduction .................................................... 1
2 The SNMPv2 Network Management Framework ......................... 2
2.1 Object Definitions ............................................ 2
3 Overview ........................................................ 2
3.1 Relationship to the Interfaces MIB ............................ 2
3.1.1 Layering Model .............................................. 3
3.1.2 ifTestTable ................................................. 3
3.1.3 ifRcvAddressTable ........................................... 3
3.1.4 ifEntry ..................................................... 3
4 Definitions ..................................................... 4
5 References ...................................................... 9
6 Security Considerations ......................................... 10
7 Author's Address ................................................ 10
Expires May 1998 [Page 11]
| PAFTECH AB 2003-2026 | 2026-04-23 22:31:30 |