RFC7257
Internet Engineering Task Force (IETF) T. Nadeau, Ed. Request for Comments: 7257 Lucid Vision Category: Standards Track A. Kiran Koushik, Ed. ISSN: 2070-1721 Brocade
R. Mediratta, Ed.
Cisco Systems, Inc.
July 2014
Virtual Private LAN Service (VPLS) Management Information Base
Abstract
This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects to configure and/or monitor Virtual Private LAN services. It needs to be used in conjunction with the Pseudowire (PW) Management Information Base (PW-STD-MIB from RFC 5601).
Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7257.
Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November 10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s) controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate it into languages other than English.
Contents
Introduction
This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it defines three MIB modules that can be used to manage VPLS (Virtual Private LAN Service) for transmission over a Packet Switched Network (PSN) using LDP RFC4762 or BGP RFC4761 signaling. This MIB module provides generic management of VPLS services as defined by the IETF L2VPN Working Group. Additional MIB modules are also defined for management of LDP VPLS and BGP VPLS services by the IETF L2VPN Working Group.
Terminology
This document adopts the definitions, acronyms, and mechanisms described in RFC3985. Unless otherwise stated, the mechanisms of RFC3985 apply and will not be described again here.
Conventions Used in This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC2119.
The Internet-Standard Management Framework
For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 RFC3410.
Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies MIB modules that are compliant to the SMIv2, which is described in STD 58, RFC 2578 RFC2578, STD 58, RFC 2579 RFC2579 and STD 58, RFC 2580 RFC2580.
VPLS MIB Module Architecture
The MIB structure for defining a VPLS service is composed from three MIB modules. (They are referred to as "VPLS MIB" in the figure below.)
The first is the VPLS-GENERIC-MIB module, which configures general parameters of the VPLS service that are common to all types of VPLS services.
The second is the VPLS-LDP-MIB module, which configures VPLS-LDP RFC4762 specific parameters of the VPLS service.
The third is the VPLS-BGP-MIB module, which configures VPLS-BGP RFC4761 specific parameters of the VPLS service.
The arrows in Figure 1 indicate whether we can map data from one module into another.
---------- -----------------
PW Mapping | | | PW-ENET-STD-MIB |
----->|PW-STD-MIB|-->| or |
__________ / | | | PW-MPLS-STD-MIB |
| | / ---------- -----------------
| VPLS MIB | / ------------
| |----------------------> | |
---------- MAC addr. mapping using | BRIDGE-MIB |
[SNMP-CONTEXT-MAP-MIB] | |
------------
Figure 1
Additionally, service-specific modules may be defined in other documents.
VPLS-GENERIC-MIB Module Usage
An entry in the vplsConfigTable MUST exist for every VPLS service. This table holds generic parameters that apply to a VPLS service which can be signaled via LDP or BGP.
A conceptual row can be created in the vplsConfigTable in one of the following ways:
1) A Network Management System (NMS) creates a row in the
vplsConfigTable using Simple Network Management Protocol (SNMP) Set requests, which causes the node to create and start a new VPLS service. The agent MUST support the creation of VPLS services in this way.
2) The agent MAY create a row in the vplsConfigTable automatically
due to some auto discovery application, or based on configuration that is done through non-SNMP applications. This mode is OPTIONAL.
At least one entry in the vplsPwBindTable MUST exist for each VPLS service.
This Binding table links one VPLS service with one or many pseudowires (defined in RFC5601). Each pseudowire may be used as a spoke or as part of a mesh based on the parameters defined in this table.
For each VPLS service, an entry in the vplsBgpAdConfigTable MUST exist if Auto-discovery has been enabled for that service. This table stores the information required for auto-discovery.
For each VPLS service, at least one entry in the vplsBgpRteTargetTable MUST exist if auto-discovery has been configured for that service. One service can import and export multiple Route Targets.
VPLS-LDP-MIB Module Usage
An entry in the vplsLdpConfigTable MUST be created by the agent for a VPLS service signaled using LDP.
VPLS-BGP-MIB Module Usage
An entry in the vplsBgpConfigTable MUST be created by the agent for a VPLS service signaled using BGP.
Relations to Other MIB Modules
- The vplsPwBindTable links the VPLS entry to the pwTable in
RFC5601.
- The association of Media Access Control (MAC) addresses to VPLS
entries is possible by adding a turnstile function to interpret the entries in [SNMP-CONTEXT-MAP-MIB]. In [SNMP-CONTEXT-MAP-MIB], there is a mapping from the vacmContextName RFC3415 to dot1dBasePort RFC4188 and vplsConfigIndex. This mapping can be used to map the vplsConfigIndex to a dot1dBasePort in the BRIDGE- MIB. This resulting value of dot1dBasePort can be used to access corresponding MAC addresses that belong to a particular vplsConfigIndex.
- Unless all the necessary entries in the applicable tables have been
created and all the parameters have been consistently configured in those tables, signaling cannot be performed from the local node, and the vplsConfigRowStatus should report 'notReady'.
- Statistics can be gathered from the PW Performance tables in
RFC5601.
Example of the VPLS MIB Modules Usage
In this section, we provide an example of the use of the MIB objects described in Section 6 to set up a VPLS service over MPLS. While this example is not meant to illustrate every permutation of the MIB, it is intended as an aid to understanding some of the key concepts. It is meant to be read after going through the MIB itself.
In this example, a VPLS service (VPLS-A) is set up using LDP for signaling the pseudowire. The Binding between the VPLS service and the pseudowire is reflected in the VplsPwBindTable. The pseudowire configuration is defined in RFC 5601.
In the VPLS-GENERIC-MIB module:
Row in vplsConfigTable: {
vplsConfigIndex 10,
vplsConfigName "VPLS-A"
vplsConfigAdminStatus 1(up),
vplsConfigMacLearning 1(true),
vplsConfigDiscardUnknownDest 2(false),
vplsConfigMacAging 1(true),
vplsConfigVpnId "100:10"
vplsConfigRowStatus 1(active)
}
Row in vplsStatusTable: {
vplsStatusOperStatus 1(up),
vplsStatusPeerCount 1
}
Row in VplsPwBindTable : {
vplsPwBindConfigType manual,
vplsPwBindType spoke,
vplsPwBindRowStatus 1(active),
vplsPwBindStorageType volatile
}
In the VPLS-LDP-MIB module:
Row in vplsLdpConfigTable: {
vplsLdpConfigMacAddrWithdraw 1(true),
}
Row in vplsLdpPwBindTable: {
vplsLdpPwBindType 1(mesh),
vplsLdpPwBindMacAddressLimit 100
}
Object Definitions
VPLS-GENERIC-MIB Object Definitions
This MIB module mentions the following documents: RFC2578, RFC2579, RFC2580, RFC3411, RFC5601, RFC4265, RFC4364, RFC4761, RFC4762, RFC6074, and RFC3413.
VPLS-GENERIC-MIB DEFINITIONS ::= BEGIN
IMPORTS
NOTIFICATION-TYPE, MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, Counter32, transmission
FROM SNMPv2-SMI -- RFC 2578
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
FROM SNMPv2-CONF -- RFC 2580
TruthValue, RowStatus, StorageType, TEXTUAL-CONVENTION
FROM SNMPv2-TC -- RFC 2579
SnmpAdminString
FROM SNMP-FRAMEWORK-MIB -- RFC 3411
pwIndex
FROM PW-STD-MIB -- RFC 5601
VPNIdOrZero
FROM VPN-TC-STD-MIB -- RFC 4265
vplsGenericMIB MODULE-IDENTITY
LAST-UPDATED "201405191200Z" -- 19 May 2014 12:00:00 GMT
ORGANIZATION "Layer 2 Virtual Private Networks (L2VPN)
Working Group"
CONTACT-INFO
"
Thomas D. Nadeau
Email: [email protected]
The L2VPN Working Group (email distribution [email protected], http://www.ietf.org/wg/l2vpn/charter) "
DESCRIPTION
"Copyright (c) 2014 IETF Trust and the persons
identified as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
or without modification, is permitted pursuant to, and
subject to the license terms contained in, the Simplified
BSD License set forth in Section 4.c of the IETF Trust's
Legal Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info).
The initial version of this MIB module was published in
RFC 7257; for full legal notices see the RFC itself.
This MIB module contains generic managed object definitions
for Virtual Private LAN Service as defined in RFC 4761 and
RFC 4762.
This MIB module enables the use of any underlying pseudowire
network."
-- Revision history.
REVISION
"201405191200Z" -- 19 May 2014 12:00:00 GMT
DESCRIPTION "Initial version published as part of RFC 7257." ::= { transmission 274 }
VplsBgpRouteDistinguisher ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Syntax for a route distinguisher that matches the
definition in RFC 4364. For a complete
definition of a route distinguisher, see RFC 4364.
For more details on use of a route distinguisher
for a VPLS service, see RFC 4761."
REFERENCE
"RFC 4364"
SYNTAX OCTET STRING(SIZE (0..256))
VplsBgpRouteTarget ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Syntax for a Route Target that matches the
definition in RFC 4364. For a complete
definition of a Route Target, see RFC 4364."
REFERENCE
"RFC 4364"
SYNTAX OCTET STRING(SIZE (0..256))
VplsBgpRouteTargetType ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Used to define the type of a Route Target usage.
Route Targets can be specified to be imported,
exported, or both. For a complete definition of a
Route Target, see RFC 4364."
REFERENCE
"RFC 4364"
SYNTAX INTEGER { import(1), export(2), both(3) }
-- Top-level components of this MIB.
-- Notifications vplsNotifications OBJECT IDENTIFIER
::= { vplsGenericMIB 0 }
-- Tables, Scalars vplsObjects OBJECT IDENTIFIER
::= { vplsGenericMIB 1 }
-- Conformance vplsConformance OBJECT IDENTIFIER
::= { vplsGenericMIB 2 }
-- PW Virtual Connection Table
vplsConfigIndexNext OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains an appropriate value to be used
for vplsConfigIndex when creating entries in the
vplsConfigTable. The value 0 indicates that no
unassigned entries are available. To obtain the
value of vplsConfigIndex for a new entry in the
vplsConfigTable, the manager issues a management
protocol retrieval operation to obtain the current
value of vplsConfigIndex. After each retrieval
operation, the agent should modify the value to
reflect the next unassigned index. After a manager
retrieves a value the agent will determine through
its local policy when this index value will be made
available for reuse."
::= { vplsObjects 1 }
vplsConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF VplsConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table specifies information for configuring
and monitoring Virtual Private LAN Service (VPLS).
"
::= { vplsObjects 2 }
vplsConfigEntry OBJECT-TYPE
SYNTAX VplsConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A row in this table represents a Virtual Private LAN
Service (VPLS) in a packet network. It is indexed by
vplsConfigIndex, which uniquely identifies a single VPLS.
A row is created via SNMP or by the agent if a
VPLS service is created by a non-SNMP application or
due to the Auto-Discovery process.
All of the read-create objects values except
vplsConfigSignalingType can be changed when
vplsConfigRowStatus is in the active(1)
state. Changes for vplsConfigSignalingType are only
allowed when the vplsConfigRowStatus is in
notInService(2) or notReady(3) states.
"
INDEX { vplsConfigIndex }
::= { vplsConfigTable 1 }
VplsConfigEntry ::=
SEQUENCE {
vplsConfigIndex Unsigned32,
vplsConfigName SnmpAdminString,
vplsConfigDescr SnmpAdminString,
vplsConfigAdminStatus INTEGER,
vplsConfigMacLearning TruthValue,
vplsConfigDiscardUnknownDest TruthValue,
vplsConfigMacAging TruthValue,
vplsConfigFwdFullHighWatermark Unsigned32,
vplsConfigFwdFullLowWatermark Unsigned32,
vplsConfigRowStatus RowStatus,
vplsConfigMtu Unsigned32,
vplsConfigVpnId VPNIdOrZero,
vplsConfigStorageType StorageType,
vplsConfigSignalingType INTEGER
}
vplsConfigIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Unique index for the conceptual row identifying
a VPLS service."
::= { vplsConfigEntry 1 }
vplsConfigName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"A textual name of the VPLS.
If there is no local name, or this object is
otherwise not applicable, then this object MUST
contain a zero-length octet string."
DEFVAL { "" }
::= { vplsConfigEntry 2 }
vplsConfigDescr OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"A textual string containing information about the
VPLS service. If there is no information for this VPLS
service, then this object MUST contain a zero-length
octet string."
DEFVAL { "" }
::= { vplsConfigEntry 3 }
vplsConfigAdminStatus OBJECT-TYPE
SYNTAX INTEGER {
up(1),
down(2),
testing(3) -- in some test mode
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The desired administrative state of the VPLS
service. If the administrative status of the
VPLS service is changed to enabled, then this
service is able to utilize pseudowires to
perform the tasks of a VPLS service.
The testing(3) state indicates that no operational
packets can be passed."
DEFVAL { down }
::= { vplsConfigEntry 4 }
vplsConfigMacLearning OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object specifies if MAC Learning is enabled
in this service. If this object is true then MAC
Learning is enabled. If false, then MAC Learning is
disabled."
DEFVAL { true }
::= { vplsConfigEntry 6 }
vplsConfigDiscardUnknownDest OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"If the value of this object is 'true', then frames
received with an unknown destination MAC are discarded
in this VPLS. If 'false', then the packets are
processed."
DEFVAL { false }
::= { vplsConfigEntry 7 }
vplsConfigMacAging OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"If the value of this object is 'true',
then the MAC aging process is enabled in
this VPLS. If 'false', then the MAC aging process
is disabled."
DEFVAL { true }
::= { vplsConfigEntry 8 }
vplsConfigFwdFullHighWatermark OBJECT-TYPE
SYNTAX Unsigned32 (0..100)
UNITS "percentage"
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object specifies the utilization of the
forwarding database for this VPLS instance at
which the vplsFwdFullAlarmRaised notification
will be sent. The value of this object must
be higher than vplsConfigFwdFullLowWatermark."
DEFVAL { 95 }
::= { vplsConfigEntry 10 }
vplsConfigFwdFullLowWatermark OBJECT-TYPE
SYNTAX Unsigned32 (0..99)
UNITS "percentage"
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object specifies the utilization of the
forwarding database for this VPLS instance
at which the vplsFwdFullAlarmCleared
notification will be sent. The value of this
object must be less than
vplsConfigFwdFullHighWatermark."
DEFVAL { 90 }
::= { vplsConfigEntry 11 }
vplsConfigRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"For creating, modifying, and deleting this row.
All other objects in this row must be set to valid
values before this object can be set to active(1).
None of the read-create objects in the
conceptual rows may be changed when this
object is in the active(1) state.
If this object is set to destroy(6) or deleted by the
agent, all associated entries in the vplsPwBindTable,
vplsBgpRteTargetTable, and vplsBgpVETable shall be
deleted."
::= { vplsConfigEntry 12 }
vplsConfigMtu OBJECT-TYPE
SYNTAX Unsigned32 (64..9192)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object specifies the MTU of this
VPLS instance. This can be used to limit the MTU to a
value lower than the MTU supported by the associated
pseudowires."
DEFVAL { 1518 }
::= { vplsConfigEntry 13 }
vplsConfigVpnId OBJECT-TYPE
SYNTAX VPNIdOrZero
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This objects indicates the IEEE 802-1990
VPN ID of the associated VPLS service."
::= { vplsConfigEntry 14 }
vplsConfigStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This variable indicates the storage type for this row."
DEFVAL { nonVolatile }
::= { vplsConfigEntry 15 }
vplsConfigSignalingType OBJECT-TYPE
SYNTAX INTEGER {
ldp(1),
bgp(2),
none(3)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Desired signaling type of the VPLS service.
If the value of this object is ldp(1), then a
corresponding entry in vplsLdpConfigTable is required.
If the value of this object is bgp(2), then a
corresponding entry in vplsBgpConfigTable is required.
If the value of this object is none(3), then it
indicates a static configuration of PW labels."
DEFVAL { none }
::= { vplsConfigEntry 16 }
-- VPLS Status table
vplsStatusTable OBJECT-TYPE
SYNTAX SEQUENCE OF VplsStatusEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table provides information for monitoring
Virtual Private LAN Service (VPLS).
"
::= { vplsObjects 3 }
vplsStatusEntry OBJECT-TYPE
SYNTAX VplsStatusEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A row in this table represents a Virtual Private LAN
Service (VPLS) in a packet network. It is indexed by
vplsConfigIndex, which uniquely identifies a single VPLS.
A row in this table is automatically created by the agent
when a VPLS service is first set to active.
"
AUGMENTS { vplsConfigEntry }
::= { vplsStatusTable 1 }
VplsStatusEntry ::=
SEQUENCE {
vplsStatusOperStatus INTEGER,
vplsStatusPeerCount Counter32
}
vplsStatusOperStatus OBJECT-TYPE
SYNTAX INTEGER {
other(0),
up(1),
down(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current operational state of this VPLS service."
::= { vplsStatusEntry 1 }
vplsStatusPeerCount OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This objects specifies the number of peers
(pseudowires) present in this VPLS instance."
::= { vplsStatusEntry 2 }
-- VPLS PW Binding Table
vplsPwBindTable OBJECT-TYPE
SYNTAX SEQUENCE OF VplsPwBindEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table provides an association between a
VPLS service and the corresponding pseudowires.
A service can have more than one pseudowire
association. Pseudowires are defined in
the pwTable"
::= { vplsObjects 4 }
vplsPwBindEntry OBJECT-TYPE
SYNTAX VplsPwBindEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each row represents an association between a
VPLS instance and a pseudowire
defined in the pwTable. Each index is unique
in describing an entry in this table. However,
both indexes are required to define the one
to many association of service to
pseudowire.
Entries in this table may be created or deleted
through SNMP, as side effects of console or other
non-SNMP management commands, or upon learning via
autodiscovery.
It is optional for the agent to allow entries to be
created that point to nonexistent entries in
vplsConfigTable."
INDEX { vplsConfigIndex, pwIndex }
::= { vplsPwBindTable 1 }
VplsPwBindEntry ::=
SEQUENCE {
vplsPwBindConfigType INTEGER,
vplsPwBindType INTEGER,
vplsPwBindRowStatus RowStatus,
vplsPwBindStorageType StorageType
}
vplsPwBindConfigType OBJECT-TYPE
SYNTAX INTEGER {
manual (1),
autodiscovery (2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object indicates
whether the pseudowire Binding was created
via SNMP/Console or via Auto-Discovery.
The value of this object must be
specified when the row is created and cannot
be changed while the row status is active(1)"
::= { vplsPwBindEntry 1 }
vplsPwBindType OBJECT-TYPE
SYNTAX INTEGER {
mesh (1),
spoke (2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object indicates
whether the pseudowire Binding is of
type mesh or spoke.
The value of this object must be
specified when the row is created and cannot
be changed while the row status is active(1)"
::= { vplsPwBindEntry 2 }
vplsPwBindRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"For creating, modifying, and deleting this row.
All other objects in this row must be set to valid
values before this object can be set to active(1).
None of the read-create objects in the
conceptual rows may be changed when this
object is in the active(1) state.
If autodiscovered entries are deleted they would
likely re-appear in the next autodiscovery interval."
::= { vplsPwBindEntry 3 }
vplsPwBindStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This variable indicates the storage type for this row."
DEFVAL { volatile }
::= { vplsPwBindEntry 4 }
-- vplsBgpADConfigTable
vplsBgpADConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF VplsBgpADConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table specifies information for configuring
BGP Auto-Discovery parameters for a given VPLS service.
"
::= { vplsObjects 5 }
vplsBgpADConfigEntry OBJECT-TYPE
SYNTAX VplsBgpADConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A row in this table indicates that BGP based Auto-
Discovery is in use for this instance of VPLS.
A row in this table is indexed by vplsConfigIndex, which
uniquely identifies a single VPLS.
Entries in this table may be created or deleted
through SNMP, as side effects of console or other
non-SNMP management commands, or upon learning via
autodiscovery.
All of the read-create objects can be changed when
vplsBGPADConfigRowStatus is in active(1) state."
INDEX { vplsConfigIndex }
::= { vplsBgpADConfigTable 1 }
VplsBgpADConfigEntry ::=
SEQUENCE {
vplsBgpADConfigRouteDistinguisher VplsBgpRouteDistinguisher,
vplsBgpADConfigPrefix Unsigned32,
vplsBgpADConfigVplsId VplsBgpRouteDistinguisher,
vplsBgpADConfigRowStatus RowStatus,
vplsBgpADConfigStorageType StorageType
}
vplsBgpADConfigRouteDistinguisher OBJECT-TYPE
SYNTAX VplsBgpRouteDistinguisher
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The route distinguisher for this VPLS. See RFC 4364
for a complete definition of a route distinguisher.
For more details on use of a route distinguisher
for a VPLS service, see RFC 4761. When not configured, the
value is derived from the lower 6 bytes of
vplsBgpADConfigVplsId.
"
::= { vplsBgpADConfigEntry 1 }
vplsBgpADConfigPrefix OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"In case of auto-discovery, the default prefix advertised
is the IP address of the loopback. In case the user wants
to override the loopback address, vplsBgpADConfigPrefix
should be set. When this value is non-zero, this value is
used along with vplsBgpADConfigRouteDistinguisher in the
Network Layer Reachability Information (NLRI), see RFC 6074.
"
DEFVAL { 0 }
::= { vplsBgpADConfigEntry 2 }
vplsBgpADConfigVplsId OBJECT-TYPE
SYNTAX VplsBgpRouteDistinguisher
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"VplsId is a unique identifier for all Virtual Switch
Instances (VSIs) belonging to the same VPLS. It is
advertised as an extended community.
"
::= { vplsBgpADConfigEntry 3 }
vplsBgpADConfigRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"For creating, modifying, and deleting this row.
All other objects in this row must be set to valid
values before this object can be set to active(1).
None of the read-create objects in the
conceptual rows may be changed when this
object is in the active(1) state."
::= { vplsBgpADConfigEntry 4 }
vplsBgpADConfigStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This variable indicates the storage type for this row."
DEFVAL { nonVolatile }
::= { vplsBgpADConfigEntry 5 }
-- vplsBgpRteTargetTable
vplsBgpRteTargetTable OBJECT-TYPE
SYNTAX SEQUENCE OF VplsBgpRteTargetEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table specifies the list of Route Targets
imported or exported by BGP during
auto-discovery of VPLS.
"
::= { vplsObjects 6 }
vplsBgpRteTargetEntry OBJECT-TYPE
SYNTAX VplsBgpRteTargetEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in this table specifies the value of the
Route Target being used by BGP. Depending on the value
of vplsBgpRteTargetType, a Route Target might be
exported, imported, or both. Every VPLS that
uses auto-discovery for finding peer nodes can
import and export multiple Route Targets. This
representation allows support for hierarchical VPLS.
Entries in this table may be created or deleted
through SNMP, as side effects of console or other
non-SNMP management commands, or upon learning via
autodiscovery.
It is optional for the agent to allow entries to be
created that point to nonexistent entries in
vplsConfigTable."
INDEX { vplsConfigIndex, vplsBgpRteTargetIndex }
::= { vplsBgpRteTargetTable 1 }
VplsBgpRteTargetEntry ::=
SEQUENCE {
vplsBgpRteTargetIndex Unsigned32,
vplsBgpRteTargetRTType VplsBgpRouteTargetType,
vplsBgpRteTargetRT VplsBgpRouteTarget,
vplsBgpRteTargetRowStatus RowStatus,
vplsBgpRteTargetStorageType StorageType
}
vplsBgpRteTargetIndex OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This index, along with vplsConfigIndex, identifies one
entry in the vplsBgpRteTargetTable. By keeping
vplsConfigIndex constant and using a new value of
vplsBgpRteTargetIndex, users can configure multiple
Route Targets for the same VPLS.
"
::= { vplsBgpRteTargetEntry 1 }
vplsBgpRteTargetRTType OBJECT-TYPE
SYNTAX VplsBgpRouteTargetType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Used to define the type of a Route Target usage.
Route Targets can be specified to be imported,
exported, or both. For a complete definition of a
Route Target, see RFC 4364."
::= { vplsBgpRteTargetEntry 2 }
vplsBgpRteTargetRT OBJECT-TYPE
SYNTAX VplsBgpRouteTarget
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Route Target associated with the VPLS service.
For more details on use of Route Targets
for a VPLS service, see RFC 4761.
"
::= { vplsBgpRteTargetEntry 3 }
vplsBgpRteTargetRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This variable is used to create, modify, and/or
delete a row in this table.
All other objects in this row must be set to valid
values before this object can be set to active(1).
When a row in this table is in active(1) state, no
objects in that row can be modified.
If autodiscovered entries are deleted they would
likely re-appear in the next autodiscovery interval."
::= { vplsBgpRteTargetEntry 4 }
vplsBgpRteTargetStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This variable indicates the storage type for this row."
DEFVAL { volatile }
::= { vplsBgpRteTargetEntry 5 }
vplsStatusNotifEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If this object is set to true(1), then it enables
the emission of a vplsStatusChanged
notification; otherwise, this notification is not
emitted."
REFERENCE
"See also RFC 3413 for explanation that
notifications are under the ultimate control of the
MIB module in this document."
DEFVAL { false }
::= { vplsObjects 7 }
vplsNotificationMaxRate OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the maximum number of
notifications issued per second. If events occur
more rapidly, the implementation may simply fail to
emit these notifications during that period, or it may
queue them until an appropriate time. A value of 0
means no throttling is applied and events may be
notified at the rate at which they occur."
DEFVAL { 0 }
::= { vplsObjects 8 }
-- VPLS Service Notifications
vplsStatusChanged NOTIFICATION-TYPE
OBJECTS {
vplsConfigVpnId,
vplsConfigAdminStatus,
vplsStatusOperStatus
}
STATUS current
DESCRIPTION
"The vplsStatusChanged notification is generated
when there is a change in the administrative or
operating status of a VPLS service.
The object instances included in the notification
are the ones associated with the VPLS service
whose status has changed."
::= { vplsNotifications 1 }
vplsFwdFullAlarmRaised NOTIFICATION-TYPE
OBJECTS {
vplsConfigVpnId,
vplsConfigFwdFullHighWatermark,
vplsConfigFwdFullLowWatermark
}
STATUS current
DESCRIPTION
"The vplsFwdFullAlarmRaised notification is
generated when the utilization of the Forwarding
database is above the value specified by
vplsConfigFwdFullHighWatermark.
The object instances included in the notification
are the ones associated with the VPLS service
that has exceeded the threshold."
::= { vplsNotifications 2 }
vplsFwdFullAlarmCleared NOTIFICATION-TYPE
OBJECTS {
vplsConfigVpnId,
vplsConfigFwdFullHighWatermark,
vplsConfigFwdFullLowWatermark
}
STATUS current
DESCRIPTION
"The vplsFwdFullAlarmCleared notification is
generated when the utilization of the Forwarding
database is below the value specified by
vplsConfigFwdFullLowWatermark.
The object instances included in the notification
are the ones associated with the VPLS service
that has fallen below the threshold."
::= { vplsNotifications 3 }
-- Conformance Section
vplsCompliances
OBJECT IDENTIFIER ::= { vplsConformance 1 }
-- Compliance requirement for fully compliant implementations
vplsModuleFullCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"Compliance requirement for implementations that
provide full support for VPLS-GENERIC-MIB.
Such devices can then be monitored and configured using
this MIB module."
MODULE -- this module
MANDATORY-GROUPS {
vplsGroup,
vplsPwBindGroup,
vplsNotificationGroup
}
::= { vplsCompliances 1 }
-- Compliance requirement for read-only implementations.
vplsModuleReadOnlyCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"Compliance requirement for implementations that only
provide read-only support for VPLS-GENERIC-MIB.
Such devices can then be monitored but cannot be
configured using this MIB modules."
MODULE -- this module
MANDATORY-GROUPS {
vplsGroup,
vplsPwBindGroup,
vplsNotificationGroup
}
OBJECT vplsConfigName
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT vplsConfigDescr
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT vplsConfigAdminStatus
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT vplsConfigMacLearning
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT vplsConfigDiscardUnknownDest
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT vplsConfigMacAging
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT vplsConfigFwdFullHighWatermark
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT vplsConfigFwdFullLowWatermark
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT vplsConfigRowStatus
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT vplsConfigMtu
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT vplsPwBindConfigType
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT vplsPwBindType
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT vplsPwBindRowStatus
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
::= { vplsCompliances 2 }
-- Units of conformance.
vplsGroups
OBJECT IDENTIFIER ::= { vplsConformance 2 }
vplsGroup OBJECT-GROUP
OBJECTS {
vplsConfigName,
vplsBgpADConfigRouteDistinguisher,
vplsBgpRteTargetRTType,
vplsBgpRteTargetRT,
vplsBgpRteTargetRowStatus,
vplsBgpRteTargetStorageType,
vplsBgpADConfigPrefix,
vplsBgpADConfigVplsId,
vplsBgpADConfigRowStatus,
vplsBgpADConfigStorageType,
vplsConfigDescr,
vplsConfigAdminStatus,
vplsConfigMacLearning,
vplsConfigDiscardUnknownDest,
vplsConfigMacAging,
vplsConfigVpnId,
vplsConfigFwdFullHighWatermark,
vplsConfigFwdFullLowWatermark,
vplsConfigRowStatus,
vplsConfigIndexNext,
vplsConfigMtu,
vplsConfigStorageType,
vplsConfigSignalingType,
vplsStatusOperStatus,
vplsStatusPeerCount,
vplsStatusNotifEnable,
vplsNotificationMaxRate
}
STATUS current
DESCRIPTION
"The group of objects supporting
management of L2VPN VPLS services"
::= { vplsGroups 1 }
vplsPwBindGroup OBJECT-GROUP
OBJECTS {
vplsPwBindConfigType,
vplsPwBindType,
vplsPwBindRowStatus,
vplsPwBindStorageType
}
STATUS current
DESCRIPTION
"The group of objects supporting
management of
pseudowire (PW) Binding to VPLS."
::= { vplsGroups 2 }
vplsNotificationGroup NOTIFICATION-GROUP
NOTIFICATIONS {
vplsStatusChanged,
vplsFwdFullAlarmRaised,
vplsFwdFullAlarmCleared
}
STATUS current
DESCRIPTION
"The group of notifications supporting
the Notifications generated for
VPLS services."
::= { vplsGroups 3 }
END
VPLS-LDP-MIB Object Definitions
This MIB module mentions the following documents: RFC2578, RFC2579, RFC2580, RFC5601, and RFC4762.
VPLS-LDP-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Unsigned32, transmission
FROM SNMPv2-SMI -- RFC 2578
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
FROM SNMPv2-CONF -- RFC 2580
TruthValue
FROM SNMPv2-TC -- RFC 2579
pwIndex, pwID
FROM PW-STD-MIB -- RFC 5601
vplsConfigIndex, vplsConfigName
FROM VPLS-GENERIC-MIB;
vplsLdpMIB MODULE-IDENTITY
LAST-UPDATED "201405191200Z" -- 19 May 2014 12:00:00 GMT
ORGANIZATION "Layer 2 Virtual Private Networks (L2VPN)
Working Group"
CONTACT-INFO
"
Rohit Mediratta
Email: [email protected]
The L2VPN Working Group
(email distribution [email protected],
http://www.ietf.org/wg/l2vpn/charter/)
"
DESCRIPTION
"Copyright (c) 2014 IETF Trust and the persons
identified as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
or without modification, is permitted pursuant to, and
subject to the license terms contained in, the Simplified
BSD License set forth in Section 4.c of the IETF Trust's
Legal Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info).
The initial version of this MIB module was published in
RFC 7257; for full legal notices see the RFC itself.
This MIB module contains managed object definitions for
LDP-signaled Virtual Private LAN Services as in
RFC 4762.
This MIB module enables the use of any
underlying pseudowire network."
-- Revision history.
REVISION
"201405191200Z" -- 19 May 2014 12:00:00 GMT
DESCRIPTION "Initial version published as part of RFC 7257." ::= { transmission 275 }
-- Top-level components of this MIB. -- Notifications
vplsLdpNotifications OBJECT IDENTIFIER
::= { vplsLdpMIB 0 }
-- Tables, Scalars vplsLdpObjects OBJECT IDENTIFIER
::= { vplsLdpMIB 1 }
-- Conformance
vplsLdpConformance OBJECT IDENTIFIER
::= { vplsLdpMIB 2 }
vplsLdpConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF VplsLdpConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table specifies information for configuring
and monitoring LDP-specific parameters for
Virtual Private LAN Service (VPLS)."
::= { vplsLdpObjects 1 }
vplsLdpConfigEntry OBJECT-TYPE
SYNTAX VplsLdpConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A row in this table represents LDP-specific information
for Virtual Private LAN Service (VPLS) in a packet
network. It is indexed by vplsConfigIndex, which uniquely
identifies a single VPLS.
A row is automatically created when a VPLS service is
configured using LDP signaling.
All of the writable objects values can be
changed when vplsConfigRowStatus is in the active(1)
state.
"
INDEX { vplsConfigIndex }
::= { vplsLdpConfigTable 1 }
VplsLdpConfigEntry ::=
SEQUENCE {
vplsLdpConfigMacAddrWithdraw TruthValue
}
vplsLdpConfigMacAddrWithdraw OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object specifies if MAC address withdrawal
is enabled in this service. If this object is 'true',
then MAC address withdrawal is enabled. If 'false',
then MAC address withdrawal is disabled."
DEFVAL { true }
::= { vplsLdpConfigEntry 1 }
-- VPLS LDP PW Binding Table
vplsLdpPwBindTable OBJECT-TYPE
SYNTAX SEQUENCE OF VplsLdpPwBindEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table provides LDP-specific information for
an association between a VPLS service and the
corresponding pseudowires. A service can have more
than one pseudowire association. Pseudowires are
defined in the pwTable."
::= { vplsLdpObjects 2 }
vplsLdpPwBindEntry OBJECT-TYPE
SYNTAX VplsLdpPwBindEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each row represents an association between a
VPLS instance and one or more pseudowires
defined in the pwTable. Each index is unique
in describing an entry in this table. However,
both indexes are required to define the
one-to-many association of service to pseudowire.
An entry in this table in instantiated only when
LDP signaling is used to configure VPLS service.
Each entry in this table provides LDP-specific
information for the VPLS represented by
vplsConfigIndex."
INDEX { vplsConfigIndex, pwIndex }
::= { vplsLdpPwBindTable 1 }
VplsLdpPwBindEntry ::=
SEQUENCE {
vplsLdpPwBindMacAddressLimit Unsigned32
}
vplsLdpPwBindMacAddressLimit OBJECT-TYPE
SYNTAX Unsigned32 (0..4294967295)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The value of this object specifies the maximum
number of learned and static entries allowed in the
Forwarding database for this PW Binding. The value 0
means there is no limit for this PW Binding."
DEFVAL { 0 }
::= { vplsLdpPwBindEntry 1 }
-- VPLS LDP Service Notifications
vplsLdpPwBindMacTableFull NOTIFICATION-TYPE
OBJECTS {
vplsConfigName,
pwID
}
STATUS current
DESCRIPTION
"The vplsLdpPwBindMacTableFull notification is generated
when the number of learned MAC addresses increases to
the value specified in vplsLdpPwBindMacAddressLimit."
::= { vplsLdpNotifications 1 }
-- Conformance Section
vplsLdpCompliances
OBJECT IDENTIFIER ::= { vplsLdpConformance 1 }
-- Compliance requirement for fully compliant implementations
vplsLdpModuleFullCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"Compliance requirement for implementations that
provide full support for VPLS-LDP-MIB.
Such devices can then be monitored and configured using
this MIB module."
MODULE -- this module
MANDATORY-GROUPS {
vplsLdpGroup,
vplsLdpNotificationGroup
}
::= { vplsLdpCompliances 1 }
-- Compliance requirement for read-only implementations.
vplsLdpModuleReadOnlyCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"Compliance requirement for implementations that only
provide read-only support for VPLS-LDP-MIB.
Such devices can then be monitored but cannot be
configured using this MIB modules."
MODULE -- this module
MANDATORY-GROUPS {
vplsLdpGroup,
vplsLdpNotificationGroup
}
OBJECT vplsLdpConfigMacAddrWithdraw
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT vplsLdpPwBindMacAddressLimit
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
::= { vplsLdpCompliances 2 }
-- Units of conformance.
vplsLdpGroups
OBJECT IDENTIFIER ::= { vplsLdpConformance 2 }
vplsLdpGroup OBJECT-GROUP
OBJECTS {
vplsLdpConfigMacAddrWithdraw,
vplsLdpPwBindMacAddressLimit
}
STATUS current
DESCRIPTION
"The group of objects supporting
management of L2VPN VPLS services using LDP."
::= { vplsLdpGroups 1 }
vplsLdpNotificationGroup NOTIFICATION-GROUP
NOTIFICATIONS {
vplsLdpPwBindMacTableFull
}
STATUS current
DESCRIPTION
"The group of notifications supporting
the Notifications generated for
VPLS LDP Service."
::= { vplsLdpGroups 2 }
END
VPLS-BGP-MIB Object Definitions
This MIB module mentions the following documents: RFC2578, RFC2579, RFC2580, RFC3411, RFC5601, and RFC4761.
VPLS-BGP-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, transmission
FROM SNMPv2-SMI -- RFC 2578
MODULE-COMPLIANCE, OBJECT-GROUP
FROM SNMPv2-CONF -- RFC 2580
RowStatus, StorageType
FROM SNMPv2-TC -- RFC 2579
SnmpAdminString
FROM SNMP-FRAMEWORK-MIB -- RFC 3411
pwIndex
FROM PW-STD-MIB -- RFC 5601
vplsConfigIndex
FROM VPLS-GENERIC-MIB
vplsBgpMIB MODULE-IDENTITY
LAST-UPDATED "201405191200Z" -- 19 May 2014 12:00:00 GMT
ORGANIZATION "Layer 2 Virtual Private Networks (L2VPN)
Working Group"
CONTACT-INFO
"
V. J. Shah
Email: [email protected]
The L2VPN Working Group (email distribution [email protected], http://www.ietf.org/wg/l2vpn/charter/) "
DESCRIPTION
"Copyright (c) 2014 IETF Trust and the persons
identified as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with
or without modification, is permitted pursuant to, and
subject to the license terms contained in, the Simplified
BSD License set forth in Section 4.c of the IETF Trust's
Legal Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info).
The initial version of this MIB module was published in
RFC 7257; for full legal notices see the RFC itself.
This MIB module contains managed object definitions for
BGP signaled Virtual Private LAN Service as in
RFC 4761.
This MIB module enables the use of any underlying
pseudowire network."
-- Revision history.
REVISION
"201405191200Z" -- 19 May 2014 12:00:00 GMT
DESCRIPTION "Initial version published as part of RFC 7257." ::= { transmission 276 }
-- Top-level components of this MIB.
-- Tables, Scalars vplsBgpObjects OBJECT IDENTIFIER
::= { vplsBgpMIB 1 }
-- Conformance vplsBgpConformance OBJECT IDENTIFIER
::= { vplsBgpMIB 2 }
-- Vpls Bgp Config Table
vplsBgpConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF VplsBgpConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table specifies information for configuring
and monitoring BGP-specific parameters for
Virtual Private LAN Service (VPLS)."
::= { vplsBgpObjects 1 }
vplsBgpConfigEntry OBJECT-TYPE
SYNTAX VplsBgpConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A row in this table represents BGP-specific information
for Virtual Private LAN Service (VPLS) in a packet
network. It is indexed by vplsConfigIndex, which uniquely
identifies a single instance of a VPLS service.
A row is automatically created when a VPLS service is
created that is configured to use BGP signaling.
All of the writable object values can be
changed when vplsConfigRowStatus is in the active(1)
state.
"
INDEX { vplsConfigIndex }
::= { vplsBgpConfigTable 1 }
VplsBgpConfigEntry ::=
SEQUENCE {
vplsBgpConfigVERangeSize Unsigned32
}
vplsBgpConfigVERangeSize OBJECT-TYPE
SYNTAX Unsigned32 (0..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the size of the range of VPLS Edge
Identifier (VE ID) in this VPLS service. This
number controls the size of the label block
advertised for this VE by the PE. A value of 0
indicates that the range is not configured and
the PE derives the range value from received
advertisements from other PEs.
The VE ID takes 2 octets in VPLS BGP NLRI according
to RFC 4761. Hence we have limited the range of
this object to 65535."
DEFVAL { 0 }
::= { vplsBgpConfigEntry 1 }
-- Vpls Edge Device (VE) Identifier Table
vplsBgpVETable OBJECT-TYPE
SYNTAX SEQUENCE OF VplsBgpVEEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table associates VPLS Edge devices to a VPLS service"
::= { vplsBgpObjects 2 }
vplsBgpVEEntry OBJECT-TYPE
SYNTAX VplsBgpVEEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in this table is created for each VE ID
configured on a PE for a particular VPLS service
instance.
Entries in this table may be created or deleted
through SNMP, as side effects of console or other
non-SNMP management commands, or upon learning via
autodiscovery.
It is optional for the agent to allow entries to be
created that point to nonexistent entries in
vplsConfigTable."
INDEX { vplsConfigIndex, vplsBgpVEId }
::= { vplsBgpVETable 1 }
VplsBgpVEEntry ::= SEQUENCE {
vplsBgpVEId Unsigned32,
vplsBgpVEName SnmpAdminString,
vplsBgpVEPreference Unsigned32,
vplsBgpVERowStatus RowStatus,
vplsBgpVEStorageType StorageType
}
vplsBgpVEId OBJECT-TYPE
SYNTAX Unsigned32 (1..65535)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A secondary index identifying a VE within an
instance of a VPLS service.
The VE ID takes 2 octets in VPLS BGP NLRI according
to RFC 4761. Hence, we have limited the range of
this object to 65535."
::= { vplsBgpVEEntry 1 }
vplsBgpVEName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Descriptive name for the site or user-facing PE
(U-PE) associated with this VE ID."
DEFVAL { "" }
::= { vplsBgpVEEntry 2 }
vplsBgpVEPreference OBJECT-TYPE
SYNTAX Unsigned32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Specifies the preference of the VE ID on this
Provider Edge (PE) if the site is multihomed
and VE ID is reused."
DEFVAL { 0 }
::= { vplsBgpVEEntry 3 }
vplsBgpVERowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This variable is used to create, modify, and/or
delete a row in this table.
All other objects in this row must be set to valid
values before this object can be set to active(1).
When a row in this table is in active(1) state, no
objects in that row can be modified except
vplsBgpSiteRowStatus."
::= { vplsBgpVEEntry 5 }
vplsBgpVEStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This variable indicates the storage type for this
row."
DEFVAL { volatile }
::= { vplsBgpVEEntry 6 }
-- VPLS BGP PW Binding Table
vplsBgpPwBindTable OBJECT-TYPE
SYNTAX SEQUENCE OF VplsBgpPwBindEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table provides BGP-specific information for
an association between a VPLS service and the
corresponding pseudowires. A service can have more
than one pseudowire association. Pseudowires are
defined in the pwTable."
::= { vplsBgpObjects 3 }
vplsBgpPwBindEntry OBJECT-TYPE
SYNTAX VplsBgpPwBindEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each row represents an association between a
VPLS instance and one or more pseudowires
defined in the pwTable. Each index is unique
in describing an entry in this table. However,
both indexes are required to define the one
to many association of service to pseudowire.
An entry in this table in instantiated only when
BGP signaling is used to configure VPLS service.
Each entry in this table provides BGP-specific
information for the VPLS represented by
vplsConfigIndex."
INDEX { vplsConfigIndex, pwIndex }
::= { vplsBgpPwBindTable 1 }
VplsBgpPwBindEntry ::=
SEQUENCE {
vplsBgpPwBindLocalVEId Unsigned32,
vplsBgpPwBindRemoteVEId Unsigned32
}
vplsBgpPwBindLocalVEId OBJECT-TYPE
SYNTAX Unsigned32 (1..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Identifies the local VE with which this pseudowire
is associated.
The VE ID takes 2 octets in VPLS BGP NLRI according
to RFC 4761. Hence, we have limited the range of
this object to 65535."
::= { vplsBgpPwBindEntry 1 }
vplsBgpPwBindRemoteVEId OBJECT-TYPE
SYNTAX Unsigned32 (1..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Identifies the remote VE with which this pseudowire
is associated.
The VE ID takes 2 octets in VPLS BGP NLRI according
to RFC 4761. Hence, we have limited the range of
this object to 65535."
::= { vplsBgpPwBindEntry 2 }
-- Conformance Section
-- Compliance requirement for fully compliant implementations
vplsBgpCompliances
OBJECT IDENTIFIER ::= { vplsBgpConformance 1 }
vplsBgpModuleFullCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"Compliance requirement for implementations that
provide full support for VPLS-BGP-MIB.
Such devices can then be monitored and configured using
this MIB module."
MODULE -- this module
MANDATORY-GROUPS {
vplsBgpConfigGroup,
vplsBgpVEGroup,
vplsBgpPwBindGroup
}
::= { vplsBgpCompliances 1 }
-- Compliance requirement for read-only implementations.
vplsBgpModuleReadOnlyCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"Compliance requirement for implementations that only
provide read-only support for VPLS-BGP-MIB.
Such devices can then be monitored but cannot be
configured using this MIB modules."
MODULE -- this module
MANDATORY-GROUPS {
vplsBgpConfigGroup,
vplsBgpVEGroup,
vplsBgpPwBindGroup
}
OBJECT vplsBgpConfigVERangeSize
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT vplsBgpVEName
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT vplsBgpVEPreference
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT vplsBgpVERowStatus
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
::= { vplsBgpCompliances 2 }
-- Units of conformance.
vplsBgpGroups
OBJECT IDENTIFIER ::= { vplsBgpConformance 2 }
vplsBgpConfigGroup OBJECT-GROUP
OBJECTS {
vplsBgpConfigVERangeSize
}
STATUS current
DESCRIPTION
"The group of objects supporting configuration
of L2VPN VPLS services using BGP."
::= { vplsBgpGroups 1 }
vplsBgpVEGroup OBJECT-GROUP
OBJECTS {
vplsBgpVEName,
vplsBgpVEPreference,
vplsBgpVERowStatus,
vplsBgpVEStorageType
}
STATUS current
DESCRIPTION
"The group of objects supporting management of VPLS
Edge devices for L2VPN VPLS services using BGP."
::= { vplsBgpGroups 2 }
vplsBgpPwBindGroup OBJECT-GROUP
OBJECTS {
vplsBgpPwBindLocalVEId,
vplsBgpPwBindRemoteVEId
}
STATUS current
DESCRIPTION
"The group of objects supporting management of
pseudowires for L2VPN VPLS services using BGP."
::= { vplsBgpGroups 3 }
END
Security Considerations
There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. These are the tables and their sensitivity/vulnerability:
o vplsConfigTable: o vplsPwBindTable: o vplsBgpADConfigTable: o vplsBgpRteTargetTable: o vplsLdpPwBindTable: o vplsLdpConfigTable: o vplsBgpConfigTable: o vplsBgpVETable:
The tables listed above contain read-create/read-write objects that can be used to configure or modify a LDP/BGP VPLS service. Any improper configuration or modification of objects in these tables can disrupt VPLS services.
The use of stronger mechanisms such as SNMPv3 security should be considered where possible for configuring these objects. Specifically, SNMPv3 View-based Access Control Model (VACM) and User-based Security Model (USM) MUST be used with any v3 agent that provides SET access to these tables.
o vplsNotificationMaxRate
Setting this object to a very high value can cause a notification storm that may disrupt network service.
Most of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These readable objects are contained in the following tables:
o vplsConfigTable o vplsStatusTable o vplsPwBindTable o vplsBgpADConfigTable o vplsBgpRteTargetTable o vplsLdpPwBindTable
o vplsLdpConfigTable o vplsBgpConfigTable o vplsBgpVETable o vplsBgpPwBindTable
SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPsec), there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module.
Implementations SHOULD provide the security features described by the SNMPv3 framework (see RFC3410), and implementations claiming compliance to the SNMPv3 standard MUST include full support for authentication and privacy via the User-based Security Model (USM) RFC3414 with the AES cipher algorithm RFC3826. Implementations MAY also provide support for the Transport Security Model (TSM) RFC5591 in combination with a secure transport such as SSH RFC5592 or TLS/DTLS RFC6353.
Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them.
IANA Considerations
The MIB modules in this document use the following IANA-assigned OBJECT IDENTIFIER values recorded in the SMI Numbers registry.
IANA Considerations for VPLS-GENERIC-MIB
The IANA has assigned { transmission 274 } to the VPLS-GENERIC-MIB module specified in this document.
IANA Considerations for VPLS-LDP-MIB
The IANA has assigned { transmission 275 } to the VPLS-LDP-MIB module specified in this document.
IANA Considerations for VPLS-BGP-MIB
The IANA has assigned { transmission 276 } to the VPLS-BGP-MIB module specified in this document.
References
Normative References
RFC2119 Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
RFC2578 McCloghrie, K., Ed., Perkins, D., Ed., and J.
Schoenwaelder, Ed., "Structure of Management Information
Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.
RFC2579 McCloghrie, K., Ed., Perkins, D., Ed., and J.
Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD
58, RFC 2579, April 1999.
RFC2580 McCloghrie, K., Ed., Perkins, D., Ed., and J.
Schoenwaelder, Ed., "Conformance Statements for SMIv2",
STD 58, RFC 2580, April 1999.
RFC3413 Levi, D., Meyer, P., and B. Stewart, "Simple Network
Management Protocol (SNMP) Applications", STD 62, RFC 3413, December 2002.
RFC3414 Blumenthal, U. and B. Wijnen, "User-based Security Model
(USM) for version 3 of the Simple Network Management
Protocol (SNMPv3)", STD 62, RFC 3414, December 2002.
RFC3415 Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based
Access Control Model (VACM) for the Simple Network
Management Protocol (SNMP)", STD 62, RFC 3415, December
2002.
RFC3826 Blumenthal, U., Maino, F., and K. McCloghrie, "The
Advanced Encryption Standard (AES) Cipher Algorithm in the
SNMP User-based Security Model", RFC 3826, June 2004.
RFC4188 Norseth, K., Ed., and E. Bell, Ed., "Definitions of
Managed Objects for Bridges", RFC 4188, September 2005.
RFC4265 Schliesser, B. and T. Nadeau, "Definition of Textual
Conventions for Virtual Private Network (VPN) Management",
RFC 4265, November 2005.
RFC4364 Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private
Networks (VPNs)", RFC 4364, February 2006.
RFC4761 Kompella, K., Ed., and Y. Rekhter, Ed., "Virtual Private
LAN Service (VPLS) Using BGP for Auto-Discovery and
Signaling", RFC 4761, January 2007.
RFC4762 Lasserre, M., Ed., and V. Kompella, Ed., "Virtual Private
LAN Service (VPLS) Using Label Distribution Protocol (LDP)
Signaling", RFC 4762, January 2007.
RFC5591 Harrington, D. and W. Hardaker, "Transport Security Model
for the Simple Network Management Protocol (SNMP)", STD
78, RFC 5591, June 2009.
RFC5592 Harrington, D., Salowey, J., and W. Hardaker, "Secure
Shell Transport Model for the Simple Network Management
Protocol (SNMP)", RFC 5592, June 2009.
RFC5601 Nadeau, T., Ed., and D. Zelig, Ed., "Pseudowire (PW)
Management Information Base (MIB)", RFC 5601, July 2009.
RFC6353 Hardaker, W., "Transport Layer Security (TLS) Transport
Model for the Simple Network Management Protocol (SNMP)",
STD 78, RFC 6353, July 2011.
Informative References
RFC3410 Case, J., Mundy, R., Partain, D., and B. Stewart,
"Introduction and Applicability Statements for Internet-
Standard Management Framework", RFC 3410, December 2002.
RFC3411 Harrington, D., Presuhn, R., and B. Wijnen, "An
Architecture for Describing Simple Network Management
Protocol (SNMP) Management Frameworks", STD 62, RFC 3411,
December 2002.
RFC3985 Bryant, S., Ed., and P. Pate, Ed., "Pseudo Wire Emulation
Edge-to-Edge (PWE3) Architecture", RFC 3985, March 2005.
RFC6074 Rosen, E., Davie, B., Radoaca, V., and W. Luo,
"Provisioning, Auto-Discovery, and Signaling in Layer 2
Virtual Private Networks (L2VPNs)", RFC 6074, January
2011.
[SNMP-CONTEXT-MAP-MIB]
Nadeau, T., and AS Kiran Koushik, "SNMP Context Mapping
MIB", Work in Progress, March 2010.
10. Acknowledgments
We wish to thank Marcelo Mourier and Reva Bailey for their valuable feedback. Some portion of the work has been referenced from their original Timetra Enterprise MIB work.
We wish to thank Praveen Muley, VJ Shah, Li Wentao, Kong Yong, Luo Jian, Feng Jun, and Takeshi Usui for their feedback.
Authors' Addresses
Thomas D. Nadeau (editor) Lucid Vision US EMail: [email protected]
A S Kiran Koushik (editor) Brocade Communications Systems, Inc. 130 Holger Way San Jose, CA 95134 US EMail: [email protected]
Rohit Mediratta (editor) Cisco Systems, Inc. 210 W Tasman Dr. Bldg. F, San Jose, CA 95134 US EMail: [email protected]
