draft-ietf-manet-smf-mib-02.txt   draft-ietf-manet-smf-mib-03.txt 
Internet Engineering Task Force R. Cole Internet Engineering Task Force R. Cole
Internet-Draft US Army CERDEC Internet-Draft US Army CERDEC
Intended status: Standards Track J. Macker Intended status: Experimental J. Macker
Expires: July 20, 2011 B. Adamson Expires: April 4, 2012 B. Adamson
Naval Research Laboratory Naval Research Laboratory
S. Harnedy S. Harnedy
Booz Allen Hamilton Booz Allen Hamilton
January 16, 2011 October 2, 2011
Definition of Managed Objects for the Manet Simplified Multicast Definition of Managed Objects for the Manet Simplified Multicast
Framework Relay Set Process Framework Relay Set Process
draft-ietf-manet-smf-mib-02 draft-ietf-manet-smf-mib-03
Abstract Abstract
This memo defines a portion of the Management Information Base (MIB) This memo defines a portion of the Management Information Base (MIB)
for use with network management protocols in the Internet community. for use with network management protocols in the Internet community.
In particular, it describes objects for configuring aspects of the In particular, it describes objects for configuring aspects of the
Simplified Multicast Forwarding (SMF) process for Mobile Ad-Hoc Simplified Multicast Forwarding (SMF) process for Mobile Ad-Hoc
Networks (MANETs). The SMF-MIB also reports state information, Networks (MANETs). The SMF-MIB also reports state information,
performance metrics, and notifications. In addition to performance metrics, and notifications. In addition to
configuration, the additional state and performance information is configuration, the additional state and performance information is
skipping to change at page 1, line 42 skipping to change at page 1, line 42
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 20, 2011. This Internet-Draft will expire on April 4, 2012.
Copyright Notice Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 34 skipping to change at page 2, line 34
5.3. The Configuration Group . . . . . . . . . . . . . . . . . 7 5.3. The Configuration Group . . . . . . . . . . . . . . . . . 7
5.4. The State Group . . . . . . . . . . . . . . . . . . . . . 7 5.4. The State Group . . . . . . . . . . . . . . . . . . . . . 7
5.5. The Performance Group . . . . . . . . . . . . . . . . . . 7 5.5. The Performance Group . . . . . . . . . . . . . . . . . . 7
5.6. The Notifications Group . . . . . . . . . . . . . . . . . 8 5.6. The Notifications Group . . . . . . . . . . . . . . . . . 8
6. Relationship to Other MIB Modules . . . . . . . . . . . . . . 8 6. Relationship to Other MIB Modules . . . . . . . . . . . . . . 8
6.1. Relationship to the SNMPv2-MIB . . . . . . . . . . . . . . 8 6.1. Relationship to the SNMPv2-MIB . . . . . . . . . . . . . . 8
6.2. MIB modules required for IMPORTS . . . . . . . . . . . . . 8 6.2. MIB modules required for IMPORTS . . . . . . . . . . . . . 8
6.3. Relationship to the Future RSSA-MIBs . . . . . . . . . . . 8 6.3. Relationship to the Future RSSA-MIBs . . . . . . . . . . . 8
7. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 9 7. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 9
8. Security Considerations . . . . . . . . . . . . . . . . . . . 48 8. Security Considerations . . . . . . . . . . . . . . . . . . . 48
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 49 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 51
10. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 50 10. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 52
11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 50 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 52
12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 50 11.1. Normative References . . . . . . . . . . . . . . . . . . . 52
12.1. Normative References . . . . . . . . . . . . . . . . . . . 50 11.2. Informative References . . . . . . . . . . . . . . . . . . 53
12.2. Informative References . . . . . . . . . . . . . . . . . . 51 Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 53
Appendix A. Change Log . . . . . . . . . . . . . . . . . . . . . 51 Appendix B. Open Issues . . . . . . . . . . . . . . . . . . . . . 54
Appendix B. Open Issues . . . . . . . . . . . . . . . . . . . . . 52 Appendix C. . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Appendix C. . . . . . . . . . . . . . . . . . . . . . . . . . . 53
1. Introduction 1. Introduction
This memo defines a portion of the Management Information Base (MIB) This memo defines a portion of the Management Information Base (MIB)
for use with network management protocols in the Internet community. for use with network management protocols in the Internet community.
In particular, it describes objects for configuring aspects of a In particular, it describes objects for configuring aspects of a
process implementing Simplified Multicast Forwarding (SMF) process implementing Simplified Multicast Forwarding (SMF)
[I-D.ietf-manet-smf] for Mobile Ad-Hoc Networks (MANETs). SMF [I-D.ietf-manet-smf] for Mobile Ad-Hoc Networks (MANETs). SMF
provides multicast Duplicate Packet Detection (DPD) and supports provides multicast Duplicate Packet Detection (DPD) and supports
algorithms for constructing an estimate of a MANET Minimum Connected algorithms for constructing an estimate of a MANET Minimum Connected
skipping to change at page 4, line 31 skipping to change at page 5, line 5
Figure 1 (reproduced from Figure 4 of [I-D.ietf-manet-smf]) shows the Figure 1 (reproduced from Figure 4 of [I-D.ietf-manet-smf]) shows the
relationship between the SMF Relay Set selection algorithm and the relationship between the SMF Relay Set selection algorithm and the
related algorithms, processes and protocols running in the MANET related algorithms, processes and protocols running in the MANET
nodes. The Relay Set Selection Algorithm (RSSA) can rely upon nodes. The Relay Set Selection Algorithm (RSSA) can rely upon
topology information gotten from the MANET Neighborhood Discovery topology information gotten from the MANET Neighborhood Discovery
Protocol (NHDP), from the specific MANET routing protocol running on Protocol (NHDP), from the specific MANET routing protocol running on
the node, or from Layer 2 information passed up to the higher layer the node, or from Layer 2 information passed up to the higher layer
protocol processes. protocol processes.
RGC Note: update this figure from the latest SMF draft.
______________ ____________ ______________ ____________
| | | | | | | |
| Neighborhood | | Relay Set | | Neighborhood | | Relay Set |
| Discovery |------------->| Selection | | Discovery |------------->| Selection |
| Protocol | neighbor | Algorithm | | Protocol | neighbor | Algorithm |
|______________| info |____________| |______________| info |____________|
\ / \ /
\ / \ /
neighbor\ / forwarding neighbor\ / forwarding
info* \ _____________ / status info* \ _____________ / status
skipping to change at page 7, line 25 skipping to change at page 7, line 25
o Duplicate Packet detection for IPv4 - Identification-based or o Duplicate Packet detection for IPv4 - Identification-based or
Hash-based DPD. Hash-based DPD.
o Duplicate Packet detection for IPv6 - Identification-based or o Duplicate Packet detection for IPv6 - Identification-based or
Hash-based DPD. Hash-based DPD.
o SMF Type Message TLV - if NHDP mode is selected, then is the SMF o SMF Type Message TLV - if NHDP mode is selected, then is the SMF
Type Message TLV may be included in the NHDP exchanges. Type Message TLV may be included in the NHDP exchanges.
o SMF Address Block TLV - if NHDP mode is selected, then is the SMF o SMF Address Block TLV - if NHDP mode is selected, then is the SMF
Address Block TLV included in the NHDP exchanges. (Note: is this Address Block TLV should be included in the NHDP exchanges.
correct?)
5.4. The State Group 5.4. The State Group
The State Subtree reports current state information, e.g., The State Subtree reports current state information, e.g.,
o Node RSS State - is the node currently in or out of the Relay Set. o Node RSS State - is the node currently in or out of the Relay Set.
o Neighbors Table - a table containing current neighbors and their o Neighbors Table - a table containing current neighbors and their
operational RSSA. operational RSSA.
skipping to change at page 8, line 17 skipping to change at page 8, line 17
* Duplicate multicast packets detected. * Duplicate multicast packets detected.
5.6. The Notifications Group 5.6. The Notifications Group
The Notifications Subtree contains the list of notifications The Notifications Subtree contains the list of notifications
supported within the SMF-MIB and their intended purpose or utility. supported within the SMF-MIB and their intended purpose or utility.
6. Relationship to Other MIB Modules 6. Relationship to Other MIB Modules
[TODO]: The text of this section specifies the relationship of the
MIB modules contained in this document to other standards,
particularly to standards containing other MIB modules. Definitions
imported from other MIB modules and other MIB modules that SHOULD be
implemented in conjunction with the MIB module contained within this
document are identified in this section.
6.1. Relationship to the SNMPv2-MIB 6.1. Relationship to the SNMPv2-MIB
The 'system' group in the SNMPv2-MIB [RFC3418] is defined as being The 'system' group in the SNMPv2-MIB [RFC3418] is defined as being
mandatory for all systems, and the objects apply to the entity as a mandatory for all systems, and the objects apply to the entity as a
whole. The 'system' group provides identification of the management whole. The 'system' group provides identification of the management
entity and certain other system-wide data. The SMF-MIB does not entity and certain other system-wide data. The SMF-MIB does not
duplicate those objects. duplicate those objects.
6.2. MIB modules required for IMPORTS 6.2. MIB modules required for IMPORTS
skipping to change at page 9, line 16 skipping to change at page 9, line 12
station the ability to query the router to discover the set of station the ability to query the router to discover the set of
supported RSSAs. supported RSSAs.
7. Definitions 7. Definitions
MANET-SMF-MIB DEFINITIONS ::= BEGIN MANET-SMF-MIB DEFINITIONS ::= BEGIN
IMPORTS IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
Counter32, Unsigned32, Integer32, TimeTicks, mib-2 Counter32, Integer32, TimeTicks, experimental
FROM SNMPv2-SMI -- [RFC2578] FROM SNMPv2-SMI -- [RFC2578]
TEXTUAL-CONVENTION, RowStatus, TruthValue TEXTUAL-CONVENTION, RowStatus, TruthValue
FROM SNMPv2-TC -- [RFC2579] FROM SNMPv2-TC -- [RFC2579]
MODULE-COMPLIANCE, OBJECT-GROUP, MODULE-COMPLIANCE, OBJECT-GROUP,
NOTIFICATION-GROUP NOTIFICATION-GROUP
FROM SNMPv2-CONF -- [RFC2580] FROM SNMPv2-CONF -- [RFC2580]
InterfaceIndexOrZero InterfaceIndexOrZero
skipping to change at page 9, line 38 skipping to change at page 9, line 34
SnmpAdminString SnmpAdminString
FROM SNMP-FRAMEWORK-MIB -- [RFC3411] FROM SNMP-FRAMEWORK-MIB -- [RFC3411]
InetAddress, InetAddressType, InetAddress, InetAddressType,
InetAddressPrefixLength InetAddressPrefixLength
FROM INET-ADDRESS-MIB -- [RFC4001] FROM INET-ADDRESS-MIB -- [RFC4001]
; ;
manetSmfMIB MODULE-IDENTITY manetSmfMIB MODULE-IDENTITY
LAST-UPDATED "201101161300Z" -- January 16, 2011 LAST-UPDATED "201110021300Z" -- October 02, 2011
ORGANIZATION "IETF MANET Working Group" ORGANIZATION "IETF MANET Working Group"
CONTACT-INFO CONTACT-INFO
"WG E-Mail: manet@ietf.org "WG E-Mail: manet@ietf.org
WG Chairs: ian.chakeres@gmail.com WG Chairs: ian.chakeres@gmail.com
jmacker@nrl.navy.mil jmacker@nrl.navy.mil
Editors: Robert G. Cole Editors: Robert G. Cole
US Army CERDEC US Army CERDEC
Space and Terrestrial Communications Space and Terrestrial Communications
328 Hopkins Road 6010 Frankford Road
Bldg 245, Room 16
Aberdeen Proving Ground, MD 21005 Aberdeen Proving Ground, MD 21005
USA USA
+1 410 278-6779 +1 443 395-8744
robert.g.cole@us.army.mil robert.g.cole@us.army.mil
http://www.cs.jhu.edu/~rgcole/ http://www.cs.jhu.edu/~rgcole/
Joseph Macker Joseph Macker
Naval Research Laboratory Naval Research Laboratory
Washington, D.C. 20375 Washington, D.C. 20375
USA USA
macker@itd.nrl.navy.mil macker@itd.nrl.navy.mil
Brian Adamson Brian Adamson
skipping to change at page 10, line 45 skipping to change at page 10, line 39
[SMF] Macker, J.(ed.), [SMF] Macker, J.(ed.),
Simplified Multicast Forwarding draft-ietf-manet-smf-10, Simplified Multicast Forwarding draft-ietf-manet-smf-10,
March 06, 2010. March 06, 2010.
Copyright (C) The IETF Trust (2008). This version Copyright (C) The IETF Trust (2008). This version
of this MIB module is part of RFC xxxx; see the RFC of this MIB module is part of RFC xxxx; see the RFC
itself for full legal notices." itself for full legal notices."
-- Revision History -- Revision History
REVISION "201110021300Z" -- October 02, 2011
DESCRIPTION
"Updated 6th revision of the
draft of this MIB module published as
draft-ietf-manet-smf-mib-03.txt. The changes
made in this revision include:
- Added some notes to the MIB module
- Clarified and defined default settings
"
REVISION "201101161300Z" -- January 16, 2011 REVISION "201101161300Z" -- January 16, 2011
DESCRIPTION DESCRIPTION
"Updated 5th revision of the "Updated 5th revision of the
draft of this MIB module published as draft of this MIB module published as
draft-ietf-manet-smf-mib-02.txt. The changes draft-ietf-manet-smf-mib-02.txt. The changes
made in this revision include: made in this revision include:
- Added the Notification Group and cleaned - Added the Notification Group and cleaned
up the Conformance section up the Conformance section
- Completed the TEXTUAL CONVENTION for the - Completed the TEXTUAL CONVENTION for the
smfOpMode. smfOpMode.
skipping to change at page 12, line 28 skipping to change at page 12, line 31
REVISION "200811031300Z" -- November 03, 2008 REVISION "200811031300Z" -- November 03, 2008
DESCRIPTION DESCRIPTION
"Updated draft of this MIB module published as "Updated draft of this MIB module published as
draft-cole-manet-smf-mib-01.txt. Added gateway filter draft-cole-manet-smf-mib-01.txt. Added gateway filter
table and reports capabilities following rmon." table and reports capabilities following rmon."
REVISION "200807071200Z" -- July 07, 2008 REVISION "200807071200Z" -- July 07, 2008
DESCRIPTION DESCRIPTION
"Initial draft of this MIB module published as "Initial draft of this MIB module published as
draft-cole-manet-smf-mib-00.txt." draft-cole-manet-smf-mib-00.txt."
-- RFC-Editor assigns XXXX -- RFC-Editor assigns XXXX
::= { mib-2 998 } -- to be assigned by IANA ::= { experimental 998 } -- to be assigned by IANA
-- --
-- TEXTUAL CONVENTIONs -- TEXTUAL CONVENTIONs
-- --
SmfStatus ::= TEXTUAL-CONVENTION SmfStatus ::= TEXTUAL-CONVENTION
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An indication of the operability of a SMF "An indication of the operability of a SMF
function or feature. For example, the status function or feature. For example, the status
skipping to change at page 15, line 39 skipping to change at page 15, line 42
and Cross-layer Mode. Others may be defined and Cross-layer Mode. Others may be defined
in future revisions of [SMF]. in future revisions of [SMF].
" "
::= { smfOpModeCapabilitiesEntry 2 } ::= { smfOpModeCapabilitiesEntry 2 }
smfOpModeCapabilitiesReference OBJECT-TYPE smfOpModeCapabilitiesReference OBJECT-TYPE
SYNTAX SnmpAdminString SYNTAX SnmpAdminString
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"This object contains a reference to the document that "This object contains a reference to the document
defines this operational mode. that defines this operational mode.
" "
::= { smfOpModeCapabilitiesEntry 3 } ::= { smfOpModeCapabilitiesEntry 3 }
-- --
-- SMF RSSA Capabilities Table -- SMF RSSA Capabilities Table
-- --
smfRssaCapabilitiesTable OBJECT-TYPE smfRssaCapabilitiesTable OBJECT-TYPE
SYNTAX SEQUENCE OF SmfRssaCapabilitiesEntry SYNTAX SEQUENCE OF SmfRssaCapabilitiesEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
skipping to change at page 16, line 35 skipping to change at page 16, line 38
} }
smfRssaCapabilitiesID OBJECT-TYPE smfRssaCapabilitiesID OBJECT-TYPE
SYNTAX SmfRssaID SYNTAX SmfRssaID
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The index for this entry. This object identifies "The index for this entry. This object identifies
the particular RSSA algorithm in this MIB the particular RSSA algorithm in this MIB
module. Example RSSAs are found in the module. Example RSSAs are found in the
appendix of [SMF]." appendix of [SMF]. The default for this is the
Classical Flooding algorithm. All compliant
SMF forwarders must support Classical Flooding.
Hence, at least one entry in this table must
exist with a smfRssaCapabilitiesID of '1'."
DEFVAL { 1 }
::= { smfRssaCapabilitiesEntry 1 } ::= { smfRssaCapabilitiesEntry 1 }
smfRssaCapabilitiesName OBJECT-TYPE smfRssaCapabilitiesName OBJECT-TYPE
SYNTAX SnmpAdminString SYNTAX SnmpAdminString
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The textual name of this RSSA algorithm. "The textual name of this RSSA algorithm.
Currently defined names are: Currently defined names are:
Classical Flooding - cF, Classical Flooding - cF,
Source-based MultiPoint Source-based MultiPoint
Relay - sMPR, Relay - sMPR,
Essential Connecting Dominating Essential Connecting Dominating
Set - eCDS, Set - eCDS,
MultiPoint Relay Connected MultiPoint Relay Connected
Dominating Set - mprCDS. Dominating Set - mprCDS.
" "
::= { smfRssaCapabilitiesEntry 2 } ::= { smfRssaCapabilitiesEntry 2 }
smfRssaCapabilitiesReference OBJECT-TYPE smfRssaCapabilitiesReference OBJECT-TYPE
SYNTAX SnmpAdminString SYNTAX SnmpAdminString
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"This object contains a published reference "This object contains a published reference
to the document that defines this algorithm. to the document that defines this algorithm.
skipping to change at page 17, line 46 skipping to change at page 18, line 8
SMF is configured to run on this device. SMF is configured to run on this device.
Disabled(2) mean that the SMF process Disabled(2) mean that the SMF process
is configured off. is configured off.
This object is persistent and when written This object is persistent and when written
the entity SHOULD save the change to the entity SHOULD save the change to
non-volatile storage. non-volatile storage.
" "
::= { smfConfigurationGroup 1 } ::= { smfConfigurationGroup 1 }
-- Note: need to better define the algorithm to
-- choose the smfRouterID.
smfRouterIDAddrType OBJECT-TYPE smfRouterIDAddrType OBJECT-TYPE
SYNTAX InetAddressType SYNTAX InetAddressType
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The address type of the address used for "The address type of the address used for
SMF ID of this router as specified SMF ID of this router as specified
in the 'smfRouterID' next. in the 'smfRouterID' next.
This can be set by the management station, must This can be set by the management station,
the smfRouterID must be a routable address the smfRouterID must be a routable address
assigned to this router. If the management assigned to this router. If the management
station does not assign this value, then the station does not assign this value, then the
router should choose the highest IP address router should choose the highest routable
assigned to this router. IP address assigned to this router.
This object is persistent and when written This object is persistent and when written
the entity SHOULD save the change to the entity SHOULD save the change to
non-volatile storage. non-volatile storage.
" "
::= { smfConfigurationGroup 2 } ::= { smfConfigurationGroup 2 }
smfRouterID OBJECT-TYPE smfRouterID OBJECT-TYPE
SYNTAX InetAddress SYNTAX InetAddress
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The IP address used as the SMF router ID. "The IP address used as the SMF router ID.
this can be set by the management station. This can be set by the management station.
If not explicitly set, then the device If not explicitly set, then the device
should select a routable IP address should select a routable IP address
assigned to this router for use as assigned to this router for use as
the 'smfRouterID'. the 'smfRouterID'.
The smfRouterID is a logical identification
that MUST be consistent across interoperating
SMF neighborhoods and it is RECOMMENDED to be
chosen as the numerically largest address
contained in a node's 'Neighbor Address List'
as defined in NHDP. A smfRouterID MUST be
unique within the scope of the operating
MANET network regardless of the method used
for selecting it.
This object is persistent and when written This object is persistent and when written
the entity SHOULD save the change to the entity SHOULD save the change to
non-volatile storage. non-volatile storage.
" "
::= { smfConfigurationGroup 3 } ::= { smfConfigurationGroup 3 }
smfConfiguredOpMode OBJECT-TYPE smfConfiguredOpMode OBJECT-TYPE
SYNTAX INTEGER { SYNTAX INTEGER {
withNHDP(1), withNHDP(1),
cdsAwareRouting(2), cdsAwareRouting(2),
skipping to change at page 19, line 17 skipping to change at page 19, line 34
The value withNHDP(1) indicates Independent The value withNHDP(1) indicates Independent
Mode of operation. Mode of operation.
The value cdsAwareRouting(2) indicates The value cdsAwareRouting(2) indicates
CDS-aware Routing Mode of operation. CDS-aware Routing Mode of operation.
The value crossLayer(3) indicates The value crossLayer(3) indicates
Cross-layer Mode of operation. Cross-layer Mode of operation.
The default value for this object is
withNHDP(1).
This object is persistent and when written This object is persistent and when written
the entity SHOULD save the change to the entity SHOULD save the change to
non-volatile storage. non-volatile storage.
" "
DEFVAL { 1 }
::= { smfConfigurationGroup 4 } ::= { smfConfigurationGroup 4 }
smfConfiguredRssa OBJECT-TYPE smfConfiguredRssa OBJECT-TYPE
SYNTAX SmfRssaID SYNTAX SmfRssaID
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The SMF RSS currently operational algorithm "The SMF RSS currently operational algorithm
as defined in the TEXTUAL CONVENTION for as defined in the TEXTUAL CONVENTION for
`SmfRssaID' and in [SMF]. `SmfRssaID' and in [SMF].
The defluat value for this object is
cF(1), i.e., Classical Flooding.
This object is persistent and when written This object is persistent and when written
the entity SHOULD save the change to the entity SHOULD save the change to
non-volatile storage. non-volatile storage.
" "
DEFVAL { 1 }
::= { smfConfigurationGroup 5 } ::= { smfConfigurationGroup 5 }
smfRssaMember OBJECT-TYPE smfRssaMember OBJECT-TYPE
SYNTAX INTEGER { SYNTAX INTEGER {
potential(1), potential(1),
always(2), always(2),
never(3) never(3)
} }
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
skipping to change at page 20, line 16 skipping to change at page 20, line 40
The value potential(1) allows the selected The value potential(1) allows the selected
RSSA to determine if this agent is included RSSA to determine if this agent is included
or excluded from the RSS. or excluded from the RSS.
The value always(1) forces the selected The value always(1) forces the selected
RSSA include this agent in the RSS. RSSA include this agent in the RSS.
The value never(3) forces the selected The value never(3) forces the selected
RSSA to exclude this agent from the RSS. RSSA to exclude this agent from the RSS.
The default setting for this object is
'potential(1)'. Other settings could pose
operational risks under certain conditions.
This object is persistent and when written This object is persistent and when written
the entity SHOULD save the change to the entity SHOULD save the change to
non-volatile storage. non-volatile storage.
" "
DEFVAL { 1 }
::= { smfConfigurationGroup 6 } ::= { smfConfigurationGroup 6 }
smfIpv4Dpd OBJECT-TYPE smfIpv4Dpd OBJECT-TYPE
SYNTAX INTEGER { SYNTAX INTEGER {
identificationBased(1), hashBased(1),
hashBased(2) identificationBased(2)
} }
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The current method for IPv4 duplicate packet "The current method for IPv4 duplicate packet
detection. detection.
The value identificationBased(1) The value hashBased(1) indicates that the
routers duplicate packet detection is based
upon comparing a hash over the packet fields.
This is the default setting for this object.
The value identificationBased(2)
indicates that the duplicate packet indicates that the duplicate packet
detection relies upon header information detection relies upon header information
in the multicast packets to identify in the multicast packets to identify
previously received packets. previously received packets.
The value 'hashBased(2) indicates that the
routers duplicate packet detection is based
upon comparing a hash over the packet fields.
This object is persistent and when written This object is persistent and when written
the entity SHOULD save the change to the entity SHOULD save the change to
non-volatile storage. non-volatile storage.
" "
DEFVAL { 1 }
::= { smfConfigurationGroup 7 } ::= { smfConfigurationGroup 7 }
smfIpv6Dpd OBJECT-TYPE smfIpv6Dpd OBJECT-TYPE
SYNTAX INTEGER { SYNTAX INTEGER {
identificationBased(1), hashBased(1),
hashBased(2) identificationBased(2)
} }
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The current method for IPv6 duplicate packet "The current method for IPv6 duplicate packet
detection. detection.
The values indicate the type of method used The values indicate the type of method used
for duplicate packet detection as described for duplicate packet detection as described
the previous description for the object the previous description for the object
`smfIpv4Dpd'. `smfIpv4Dpd'.
The default value for this object is
hashBased(1).
This object is persistent and when written This object is persistent and when written
the entity SHOULD save the change to the entity SHOULD save the change to
non-volatile storage. non-volatile storage.
" "
DEFVAL { 1 }
::= { smfConfigurationGroup 8 } ::= { smfConfigurationGroup 8 }
smfMaxPktLifetime OBJECT-TYPE smfMaxPktLifetime OBJECT-TYPE
SYNTAX Integer32 (0..65535) SYNTAX Integer32 (0..65535)
UNITS "Seconds" UNITS "Seconds"
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The estimate of the network packet "The estimate of the network packet
traversal time. traversal time.
skipping to change at page 21, line 49 skipping to change at page 22, line 35
smfDpdMaxMemorySize OBJECT-TYPE smfDpdMaxMemorySize OBJECT-TYPE
SYNTAX Integer32 (0..65535) SYNTAX Integer32 (0..65535)
UNITS "Kilo-Bytes" UNITS "Kilo-Bytes"
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The locally reserved memory for storage "The locally reserved memory for storage
of cached DPD records for both IPv4 and of cached DPD records for both IPv4 and
IPv6 methods. IPv6 methods.
The local SMF device should protect itself
against the SNMP manager from requesting
too large a memory value. If this is the case,
an error indication should be returned in response
to the SNMP SET request.
This object is persistent and when written This object is persistent and when written
the entity SHOULD save the change to the entity SHOULD save the change to
non-volatile storage. non-volatile storage.
" "
DEFVAL { 1024 } DEFVAL { 1024 }
::= { smfConfigurationGroup 10 } ::= { smfConfigurationGroup 10 }
smfDpdEntryMaxLifetime OBJECT-TYPE smfDpdEntryMaxLifetime OBJECT-TYPE
SYNTAX Integer32 (0..65525) SYNTAX Integer32 (0..65525)
UNITS "Seconds" UNITS "Seconds"
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
skipping to change at page 22, line 18 skipping to change at page 23, line 9
smfDpdEntryMaxLifetime OBJECT-TYPE smfDpdEntryMaxLifetime OBJECT-TYPE
SYNTAX Integer32 (0..65525) SYNTAX Integer32 (0..65525)
UNITS "Seconds" UNITS "Seconds"
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The maximum lifetime of a cached DPD "The maximum lifetime of a cached DPD
record in the local device storage. record in the local device storage.
If the memory is running low prior to the
MaxLifetimes being exceeded, the local SMF
devices should purge the oldest records first.
This object is persistent and when written This object is persistent and when written
the entity SHOULD save the change to the entity SHOULD save the change to
non-volatile storage. non-volatile storage.
" "
DEFVAL { 600 } DEFVAL { 600 }
::= { smfConfigurationGroup 11 } ::= { smfConfigurationGroup 11 }
-- --
-- Configuration of messages to be included in -- Configuration of messages to be included in
-- NHDP message exchanges in support of SMF -- NHDP message exchanges in support of SMF
-- operations. -- operations.
-- --
-- Note: need to clarify whether this is an option
-- or is required when the smfOpMode is set
-- to 'independent'.
smfNhdpRssaMesgTLVIncluded OBJECT-TYPE smfNhdpRssaMesgTLVIncluded OBJECT-TYPE
SYNTAX TruthValue SYNTAX TruthValue
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Indicates whether the associated NHDP messages "Indicates whether the associated NHDP messages
include the RSSA Message TLV, or not. This include the RSSA Message TLV, or not. This
is an optional SMF operational setting. is an optional SMF operational setting.
The value true(1) indicates that this TLV is The value true(1) indicates that this TLV is
included; the value false(2) indicates that it included; the value false(2) indicates that it
is not included. is not included.
It is RECOMMENDED that the RSSA Message TLV
be included in the NHDP messages.
This object is persistent and when written This object is persistent and when written
the entity SHOULD save the change to the entity SHOULD save the change to
non-volatile storage. non-volatile storage.
" "
::= { smfConfigurationGroup 12 } ::= { smfConfigurationGroup 12 }
smfNhdpRssaAddrBlockTLVIncluded OBJECT-TYPE smfNhdpRssaAddrBlockTLVIncluded OBJECT-TYPE
SYNTAX TruthValue SYNTAX TruthValue
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Indicates whether the associated NHDP messages "Indicates whether the associated NHDP messages
include the RSSA Address Block TLV, or not. include the RSSA Address Block TLV, or not.
This is an optional SMF operational setting. This is an optional SMF operational setting.
The value true(1) indicates that this TLV is The value true(1) indicates that this TLV is
included; the value false(2) indicates that it included; the value false(2) indicates that it
skipping to change at page 23, line 16 skipping to change at page 24, line 12
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Indicates whether the associated NHDP messages "Indicates whether the associated NHDP messages
include the RSSA Address Block TLV, or not. include the RSSA Address Block TLV, or not.
This is an optional SMF operational setting. This is an optional SMF operational setting.
The value true(1) indicates that this TLV is The value true(1) indicates that this TLV is
included; the value false(2) indicates that it included; the value false(2) indicates that it
is not included. is not included.
The smfNhdpRssaAddrBlockTLVIncluded is optional
in all cases as it depends on the existence of
an address block which may not be present.
If this SMF device is configured with NHDP,
then this object should be set to 'true(1)'.
This object is persistent and when written This object is persistent and when written
the entity SHOULD save the change to the entity SHOULD save the change to
non-volatile storage. non-volatile storage.
" "
::= { smfConfigurationGroup 13 } ::= { smfConfigurationGroup 13 }
-- --
-- Table identifying configured multicast addresses to be forwarded. -- Table identifying configured multicast addresses to be forwarded.
-- --
skipping to change at page 27, line 42 skipping to change at page 28, line 44
-- --
-- Dynamically Discovered Multicast Addr Table -- Dynamically Discovered Multicast Addr Table
-- --
smfDiscoveredAddrForwardingTable OBJECT-TYPE smfDiscoveredAddrForwardingTable OBJECT-TYPE
SYNTAX SEQUENCE OF SmfDiscoveredAddrForwardingEntry SYNTAX SEQUENCE OF SmfDiscoveredAddrForwardingEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The (conceptual) table containing information on multicast "This state table, smfDiscoveredAddrForwardingTable
addresses which are to be forwarded by the SMF process. contains additional, dynamically discovered address
for forwarding.
Entries in this table are configured. As well, addresses
to be forwarded by the SMF device can be dynamically
discovered by other means. The corresponding state
table, smfDiscoveredAddrForwardingTable contains
these additional, dynamically discovered address for
forwarding.
Each row is associated with a range of Each row is associated with a range of
multicast addresses, and ranges for different rows multicast addresses, and ranges for different rows
must be disjoint. must be disjoint.
" "
::= { smfStateGroup 3 } ::= { smfStateGroup 3 }
smfDiscoveredAddrForwardingEntry OBJECT-TYPE smfDiscoveredAddrForwardingEntry OBJECT-TYPE
SYNTAX SmfDiscoveredAddrForwardingEntry SYNTAX SmfDiscoveredAddrForwardingEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
skipping to change at page 28, line 25 skipping to change at page 29, line 22
DESCRIPTION DESCRIPTION
"An entry (conceptual row) containing the information on a "An entry (conceptual row) containing the information on a
particular multicast scope." particular multicast scope."
INDEX { smfDiscoveredAddrForwardingAddrType, INDEX { smfDiscoveredAddrForwardingAddrType,
smfDiscoveredAddrForwardingFirstAddr } smfDiscoveredAddrForwardingFirstAddr }
::= { smfDiscoveredAddrForwardingTable 1 } ::= { smfDiscoveredAddrForwardingTable 1 }
SmfDiscoveredAddrForwardingEntry ::= SEQUENCE { SmfDiscoveredAddrForwardingEntry ::= SEQUENCE {
smfDiscoveredAddrForwardingAddrType InetAddressType, smfDiscoveredAddrForwardingAddrType InetAddressType,
smfDiscoveredAddrForwardingFirstAddr InetAddress, smfDiscoveredAddrForwardingFirstAddr InetAddress,
smfDiscoveredAddrForwardingLastAddr InetAddress, smfDiscoveredAddrForwardingLastAddr InetAddress
smfDiscoveredAddrForwardingStatus RowStatus
} }
smfDiscoveredAddrForwardingAddrType OBJECT-TYPE smfDiscoveredAddrForwardingAddrType OBJECT-TYPE
SYNTAX InetAddressType SYNTAX InetAddressType
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The type of the addresses in the multicast forwarding "The type of the addresses in the multicast forwarding
range. Legal values correspond to the subset of range. Legal values correspond to the subset of
address families for which multicast address allocation address families for which multicast address allocation
skipping to change at page 29, line 7 skipping to change at page 30, line 4
of this address is determined by the value of the of this address is determined by the value of the
smfConfiguredAddrForwardingAddrType object." smfConfiguredAddrForwardingAddrType object."
::= { smfDiscoveredAddrForwardingEntry 2 } ::= { smfDiscoveredAddrForwardingEntry 2 }
smfDiscoveredAddrForwardingLastAddr OBJECT-TYPE smfDiscoveredAddrForwardingLastAddr OBJECT-TYPE
SYNTAX InetAddress (SIZE(0..20)) SYNTAX InetAddress (SIZE(0..20))
MAX-ACCESS read-create MAX-ACCESS read-create
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The last address in the multicast scope range. "The last address in the multicast scope range.
The type of this address is determined by the The type of this address is determined by the
value of the smfConfiguredAddrForwardingAddrType value of the smfConfiguredAddrForwardingAddrType
object." object."
::= { smfDiscoveredAddrForwardingEntry 3 } ::= { smfDiscoveredAddrForwardingEntry 3 }
smfDiscoveredAddrForwardingStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this row, by which new entries may be
created, or old entries deleted from this table. If write
access is supported, the other writable objects in this
table may be modified even while the status is `active'."
::= { smfDiscoveredAddrForwardingEntry 4 }
-- --
-- SMF Neighbor Table -- SMF Neighbor Table
-- --
smfNeighborTable OBJECT-TYPE smfNeighborTable OBJECT-TYPE
SYNTAX SEQUENCE OF SmfNeighborEntry SYNTAX SEQUENCE OF SmfNeighborEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The SMF NeighborTable describes the "The SMF NeighborTable describes the
skipping to change at page 46, line 19 skipping to change at page 46, line 47
"Set of SMF configuration objects implemented "Set of SMF configuration objects implemented
in this module." in this module."
::= { smfMIBGroups 2 } ::= { smfMIBGroups 2 }
smfStateObjectsGroup OBJECT-GROUP smfStateObjectsGroup OBJECT-GROUP
OBJECTS { OBJECTS {
smfNodeRsStatusIncluded, smfNodeRsStatusIncluded,
smfDpdMemoryOverflow, smfDpdMemoryOverflow,
smfDiscoveredAddrForwardingLastAddr, smfDiscoveredAddrForwardingLastAddr,
smfDiscoveredAddrForwardingStatus,
smfNeighborRSSA, smfNeighborRSSA,
smfNeighborNextHopInterface smfNeighborNextHopInterface
} }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Set of SMF state objects implemented "Set of SMF state objects implemented
in this module." in this module."
::= { smfMIBGroups 3 } ::= { smfMIBGroups 3 }
skipping to change at page 48, line 4 skipping to change at page 48, line 28
smfIfAdminStatusChange, smfIfAdminStatusChange,
smfDpdMemoryOverflowEvent, smfDpdMemoryOverflowEvent,
smfIpv4DuplMultiPktsDetectedTotalEvents, smfIpv4DuplMultiPktsDetectedTotalEvents,
smfIpv6DuplMultiPktsDetectedTotalEvents smfIpv6DuplMultiPktsDetectedTotalEvents
} }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Set of SMF notifications implemented "Set of SMF notifications implemented
in this module." in this module."
::= { smfMIBGroups 6 } ::= { smfMIBGroups 6 }
END END
8. Security Considerations 8. Security Considerations
[TODO] Each specification that defines one or more MIB modules MUST This section discusses security implications of the choices made in
contain a section that discusses security considerations relevant to this SMF-MIB module.
those modules. This section MUST be patterned after the latest
approved template (available at
http://www.ops.ietf.org/mib-security.html). Remember that the
objective is not to blindly copy text from the template, but rather
to think and evaluate the risks/vulnerabilities and then state/
document the result of this evaluation.
[TODO] if you have any read-write and/or read-create objects, please
include the following boilerplate paragraph.
There are a number of management objects defined in this MIB module There are a number of management objects defined in this MIB module
with a MAX-ACCESS clause of read-write and/or read-create. Such with a MAX-ACCESS clause of read-write and/or read-create. Such
objects may be considered sensitive or vulnerable in some network objects may be considered sensitive or vulnerable in some network
environments. The support for SET operations in a non-secure environments. The support for SET operations in a non-secure
environment without proper protection can have a negative effect on environment without proper protection can have a negative effect on
network operations. These are the tables and objects and their network operations. These are the tables and objects and their
sensitivity/vulnerability: sensitivity/vulnerability:
o [TODO] writable MIB objects that could be especially disruptive if o 'smfAdminStatus' - this writable configuration object controls the
abused MUST be explicitly listed by name and the associated operational status of the SMF process. If this setting is
security risks MUST be spelled out; RFC 2669 has a very good configured inconsistently across the MANET multicasting domain,
example. then delivery of multicast data may be inconsistent across the
domain; some nodes may not receive multicast data intended for
them.
o [TODO] list the writable tables and objects and state why they are o 'smfRouterIDAddrType' and 'smfRouterID' - these writable
sensitive. configuration objects define the ID of the SMF process. These
objects should be configured with a routable address defined on
the local SMF device. The smfRouterID is a logical identification
that MUST be consistent across interoperating SMF neighborhoods
and it is RECOMMENDED to be chosen as the numerically largest
address contained in a node's 'Neighbor Address List' as defined
in NHDP. A smfRouterID MUST be unique within the scope of the
operating MANET network regardless of the method used for
selecting it.
[TODO] else if there are no read-write objects in your MIB module, o 'smfConfiguredOpMode' - this writable configuration objects define
use the following boilerplate paragraph. the operational mode of the SMF process. The operational mode
defines how the SMF process develops its local estimate of the
CDS.
There are no management objects defined in this MIB module that have o 'smfConfiguredRssa' - this writable configuration object sets the
a MAX-ACCESS clause of read-write and/or read-create. So, if this specific Reduced Set Selection Algorithm (RSSA) for the SMF
MIB module is implemented correctly, then there is no risk that an process. If this object is set inconsistently across the MANET
intruder can alter or create any management objects of this MIB domain, multicast delivery of data will fail.
module via direct SNMP SET operations.
[TODO] if you have any sensitive readable objects, please include the o 'smfRssaMember' - this writable configuration object sets the
following boilerplate paragraph. 'interest' of the local SMF node in participating in the CDS.
Setting this object to 'never(3)' on a highly highly connected
device could lead to frequent island formation. Setting this
object to 'always(2)' could support data ex-filtration from the
MANET domain.
o 'smfIpv4Dpd' - this writable configuration object sets the
duplicate packet detection method for forwarding of IPv4 multicast
packets.
o 'smfIpv6Dpd' - this writable configuration object sets the
duplicate packet detection method for forwarding of IPv6 multicast
packets.
o 'smfMaxPktLifetime' - this writable configuration object sets the
estimate of the network packet traversal time. If set too small,
this could lead to poor multicast data delivery ratios throughout
the MANET domain.
o 'smfDpdMaxMemorySize' - this writable configuration object sets
the memory storage size (in Kilo-Bytes) for the cached DPD records
for the combined IPv4 and IPv6 methods. If set too small this
could lead to poor performance of the duplicate packet protection
algorithms and lead to inefficient resource, e.g., link,
utilization within the MANET domain. The local SMF device should
protect itself against memory overruns in the event that too large
a setting is requested.
o 'smfDpdEntryMaxLifetime' - this writable configuration object sets
the maximum lifetime (in seconds) for the cached DPD records for
the combined IPv4 and IPv6 methods. If the memory is running low
prior to the MaxLifetimes being exceeded, the local SMF devices
should purge the oldest records first.
o 'smfNhdpRssaMesgTLVIncluded' - this writable configuration object
indicates whether the associated NHDP messages include the the
RSSA Message TLV, or not. It is highly RECOMMENDED that this
object be set to 'true(1)'.
o 'smfNhdpRssaAddrBlockTLVIncluded' - this writable configuration
object indicates whether the associated NHDP messages include the
the RSSA Address Block TLV, or not. The
smfNhdpRssaAddrBlockTLVIncluded is optional in all cases as it
depends on the existence of an address block which may not be
present. If this SMF device is configured with NHDP, then this
object should be set to 'true(1)'.
o 'smfConfiguredAddrForwardingTable' - the writable configuration
objects in this table indicate which multicast IP address are to
be forwarded by this SMF node. Misconfiguration of rows within
this table can limit the ability of this SMF device to forward
multicast data.
o 'smfInterfaceTable' - the writable configuration objects in this
table indicate which SMF node interfaces are participating in the
SMF packet forwarding process. Misconfiguration of rows within
this table can limit the ability of this SMF device to forward
multicast data.
Some of the readable objects in this MIB module (i.e., objects with a Some of the readable objects in this MIB module (i.e., objects with a
MAX-ACCESS other than not-accessible) may be considered sensitive or MAX-ACCESS other than not-accessible) may be considered sensitive or
vulnerable in some network environments. It is thus important to vulnerable in some network environments. It is thus important to
control even GET and/or NOTIFY access to these objects and possibly control even GET and/or NOTIFY access to these objects and possibly
to even encrypt the values of these objects when sending them over to even encrypt the values of these objects when sending them over
the network via SNMP. These are the tables and objects and their the network via SNMP. These are the tables and objects and their
sensitivity/vulnerability: sensitivity/vulnerability:
o [TODO] you must explicitly list by name any readable objects that o 'smfNodeRsStatusIncluded' - this readable state object indicates
are sensitive or vulnerable and the associated security risks MUST that this SMF node is part of the CDS, or not. Being part of the
be spelled out (for instance, if they might reveal customer CDS makes this node a distinguished device. It could be exploited
information or violate personal privacy laws such as those of the for data ex-filtration, or denial of service attacks.
European Union if exposed to unauthorized parties)
o [TODO] list the tables and objects and state why they are o 'smfDiscoveredAddrForwardingTable' - the readable state objects in
sensitive. this table indicate which, dynamically discovered, multicast IP
address are to be forwarded by this SMF node.
[TODO] discuss what security the protocol used to carry the o 'smfNeighborTable' - the readable state objects in this table
information should have. The following three boilerplate paragraphs indicate current neighbor nodes to this SMF node. Exposing this
should not be changed without very good reason. Changes will almost information to an attacker could allow the attacker easier access
certainly require justification during IESG review. to the larger MANET domain.
The remainder of the objects in the SMF-MIB are performance counter
objects. While these give an indication of the activity of the SMF
process on this node, it is not expected that exposing these values
pose a security risk to the MANET network.
SNMP versions prior to SNMPv3 did not include adequate security. SNMP versions prior to SNMPv3 did not include adequate security.
Even if the network itself is secure (for example by using IPSec), Even if the network itself is secure (for example by using IPSec),
even then, there is no control as to who on the secure network is even then, there is no control as to who on the secure network is
allowed to access and GET/SET (read/change/create/delete) the objects allowed to access and GET/SET (read/change/create/delete) the objects
in this MIB module. in this MIB module.
It is RECOMMENDED that implementers consider the security features as It is RECOMMENDED that implementers consider the security features as
provided by the SNMPv3 framework (see [RFC3410], section 8), provided by the SNMPv3 framework (see [RFC3410], section 8),
including full support for the SNMPv3 cryptographic mechanisms (for including full support for the SNMPv3 cryptographic mechanisms (for
skipping to change at page 49, line 44 skipping to change at page 51, line 40
Further, deployment of SNMP versions prior to SNMPv3 is NOT Further, deployment of SNMP versions prior to SNMPv3 is NOT
RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
enable cryptographic security. It is then a customer/operator enable cryptographic security. It is then a customer/operator
responsibility to ensure that the SNMP entity giving access to an responsibility to ensure that the SNMP entity giving access to an
instance of this MIB module is properly configured to give access to instance of this MIB module is properly configured to give access to
the objects only to those principals (users) that have legitimate the objects only to those principals (users) that have legitimate
rights to indeed GET or SET (change/create/delete) them. rights to indeed GET or SET (change/create/delete) them.
9. IANA Considerations 9. IANA Considerations
[TODO] In order to comply with IESG policy as set forth in
http://www.ietf.org/ID-Checklist.html, every Internet-Draft that is
submitted to the IESG for publication MUST contain an IANA
Considerations section. The requirements for this section vary
depending what actions are required of the IANA. see RFC4181 section
3.5 for more information on writing an IANA clause for a MIB module
document.
[TODO] select an option and provide the necessary details.
Option #1:
The MIB module in this document uses the following IANA-assigned
OBJECT IDENTIFIER values recorded in the SMI Numbers registry:
Descriptor OBJECT IDENTIFIER value
---------- -----------------------
sampleMIB { mib-2 XXX }
Option #2:
Editor's Note (to be removed prior to publication): the IANA is Editor's Note (to be removed prior to publication): the IANA is
requested to assign a value for "XXX" under the 'mib-2' subtree and requested to assign a value for "XXXX" under the 'experimental'
to record the assignment in the SMI Numbers registry. When the subtree and to record the assignment in the SMI Numbers registry.
assignment has been made, the RFC Editor is asked to replace "XXX" When the assignment has been made, the RFC Editor is asked to replace
(here and in the MIB module) with the assigned value and to remove "XXXX" (here and in the MIB module) with the assigned value and to
this note. remove this note. Note well: prior to official assignment by the
IANA, a draft document MUST use placeholders (such as "XXXX" above)
Note well: prior to official assignment by the IANA, a draft document rather than actual numbers. See RFC4181 Section 4.5 for an example
MUST use placeholders (such as "XXX" above) rather than actual of how this is done in a draft MIB module.
numbers. See RFC4181 Section 4.5 for an example of how this is done
in a draft MIB module.
Option #3:
This memo includes no request to IANA.
10. Contributors 10. Contributors
This MIB document uses the template authored by D. Harrington which This MIB document uses the template authored by D. Harrington which
is based on contributions from the MIB Doctors, especially Juergen is based on contributions from the MIB Doctors, especially Juergen
Schoenwaelder, Dave Perkins, C.M.Heard and Randy Presuhn. Schoenwaelder, Dave Perkins, C.M.Heard and Randy Presuhn.
11. Acknowledgements 11. References
12. References
12.1. Normative References 11.1. Normative References
[RFC2863] McCloghrie, K. and F. Kastenholz, "The [RFC2863] McCloghrie, K. and F. Kastenholz, "The
Interfaces Group MIB", RFC 2863, June 2000. Interfaces Group MIB", RFC 2863, June 2000.
[RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An [RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An
Architecture for Describing Simple Network Architecture for Describing Simple Network
Management Protocol (SNMP) Management Management Protocol (SNMP) Management
Frameworks", STD 62, RFC 3411, December 2002. Frameworks", STD 62, RFC 3411, December 2002.
[RFC3418] Presuhn, R., "Management Information Base (MIB) [RFC3418] Presuhn, R., "Management Information Base (MIB)
skipping to change at page 51, line 33 skipping to change at page 52, line 49
RFC 2578, April 1999. RFC 2578, April 1999.
[RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J.
Schoenwaelder, Ed., "Textual Conventions for Schoenwaelder, Ed., "Textual Conventions for
SMIv2", STD 58, RFC 2579, April 1999. SMIv2", STD 58, RFC 2579, April 1999.
[RFC2580] McCloghrie, K., Perkins, D., and J. [RFC2580] McCloghrie, K., Perkins, D., and J.
Schoenwaelder, "Conformance Statements for Schoenwaelder, "Conformance Statements for
SMIv2", STD 58, RFC 2580, April 1999. SMIv2", STD 58, RFC 2580, April 1999.
[I-D.ietf-manet-smf] Macker, J. and S. Team, "Simplified Multicast [I-D.ietf-manet-smf] Macker, J., "Simplified Multicast Forwarding",
Forwarding", draft-ietf-manet-smf-10 (work in draft-ietf-manet-smf-12 (work in progress),
progress), March 2010. July 2011.
12.2. Informative References 11.2. Informative References
[RFC3410] Case, J., Mundy, R., Partain, D., and B. [RFC3410] Case, J., Mundy, R., Partain, D., and B.
Stewart, "Introduction and Applicability Stewart, "Introduction and Applicability
Statements for Internet-Standard Management Statements for Internet-Standard Management
Framework", RFC 3410, December 2002. Framework", RFC 3410, December 2002.
Appendix A. Change Log Appendix A. Change Log
This section tracks the revision history in the development of this This section tracks the revision history in the development of this
SMF-MIB. It will be removed from the final version of this document. SMF-MIB. It will be removed from the final version of this document.
These changes were made from draft-ietf-manet-smf-mib-02 to
draft-ietf-manet-smf-mib-03.
1. Clarified and added discussion of default values for several of
the configuration objects within the MIB.
2. Added the security section.
These changes were made from draft-ietf-manet-smf-mib-01 to These changes were made from draft-ietf-manet-smf-mib-01 to
draft-ietf-manet-smf-mib-02. draft-ietf-manet-smf-mib-02.
1. Added the NotificationGroup to the MIB and updated the 1. Added the NotificationGroup to the MIB and updated the
ConformanceGroup. ConformanceGroup.
2. Added the definition of an smfRouterID to the MIB. This is later 2. Added the definition of an smfRouterID to the MIB. This is later
used in the Notifications to indicate the origin of the event to used in the Notifications to indicate the origin of the event to
the management station. the management station.
skipping to change at page 52, line 41 skipping to change at page 54, line 15
3. Changed the name of the TEXTUAL-CONVENTION 'Status', defined 3. Changed the name of the TEXTUAL-CONVENTION 'Status', defined
within this MIB to 'SmfStatus'. within this MIB to 'SmfStatus'.
Appendix B. Open Issues Appendix B. Open Issues
This section contains the set of open issues related to the This section contains the set of open issues related to the
development and design of the SMF-MIB. This section will not be development and design of the SMF-MIB. This section will not be
present in the final version of the MIB and will be removed once all present in the final version of the MIB and will be removed once all
the open issues have been resolved. the open issues have been resolved.
1. The SMF draft states that use of the SMF Type Message TLV is 1. A careful review by the working group.
optional and is used when the router runs NHDP. But the draft
does not clearly state if the use of the SMF Address Block TLV is
also optional.
2. Is it useful to track the effectiveness of the coverage of the
current RSSA? Is it possible to track this?
3. Complete the security analysis and section.
4. Cleanup all the [TODOs] from the MIB template.
Appendix C. Appendix C.
*************************************************************** ***************************************************************
* Note to the RFC Editor (to be removed prior to publication) * * Note to the RFC Editor (to be removed prior to publication) *
* * * *
* 1) The reference to RFCXXXX within the DESCRIPTION clauses * * 1) The reference to RFCXXXX within the DESCRIPTION clauses *
* of the MIB module point to this draft and are to be * * of the MIB module point to this draft and are to be *
* assigned by the RFC Editor. * * assigned by the RFC Editor. *
* * * *
* 2) The reference to RFCXXX2 throughout this document point * * 2) The reference to RFCXXX2 throughout this document point *
* to the current draft-ietf-manet-smf-xx.txt. This * * to the current draft-ietf-manet-smf-xx.txt. This *
* need to be replaced with the XXX RFC number. * * need to be replaced with the XXX RFC number. *
* * * *
*************************************************************** ***************************************************************
Authors' Addresses Authors' Addresses
Robert G. Cole Robert G. Cole
US Army CERDEC US Army CERDEC
328 Hopkins Road, Bldg 245 6010 Frankford Road
Aberdeen Proving Ground, Maryland 21005 Aberdeen Proving Ground, Maryland 21005
USA USA
Phone: +1 410 278 6779 Phone: +1 443 395 8744
EMail: robert.g.cole@us.army.mil EMail: robert.g.cole@us.army.mil
URI: http://www.cs.jhu.edu/~rgcole/ URI: http://www.cs.jhu.edu/~rgcole/
Joseph Macker Joseph Macker
Naval Research Laboratory Naval Research Laboratory
Washington, D.C. 20375 Washington, D.C. 20375
USA USA
EMail: macker@itd.nrl.navy.mil EMail: macker@itd.nrl.navy.mil
Brian Adamson Brian Adamson
Naval Research Laboratory Naval Research Laboratory
Washington, D.C. 20375 Washington, D.C. 20375
USA USA
EMail: adamson@itd.nrl.navy.mil EMail: adamson@itd.nrl.navy.mil
Sean Harnedy Sean Harnedy
Booz Allen Hamilton Booz Allen Hamilton
333 City Boulevard West 333 City Boulevard West
Orange, CA 92868 Orange, CA 92868
USA USA
EMail: harnedy_sean@bah.com EMail: harnedy_sean@bah.com
 End of changes. 70 change blocks. 
172 lines changed or deleted 232 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/