RFC 5728
The SatLabs Group DVB-RCS MIB
OBJECT dvbRcsRequestClassChanId
MIN-ACCESS read-only
DESCRIPTION
"Create access only required if the RCST supports extended
management support. Such RCST is qualified as supporting
the SNMPMISC option, as defined in the SatLabs System
Recommendations."
OBJECT dvbRcsRequestClassVccVpi
MIN-ACCESS read-only
DESCRIPTION
"Create access only required if the RCST supports extended
management support. Such RCST is qualified as supporting
the SNMPMISC option, as defined in the SatLabs System
Recommendations."
OBJECT dvbRcsRequestClassVccVci
MIN-ACCESS read-only
DESCRIPTION
"Create access only required if the RCST supports extended
management support. Such RCST is qualified as supporting
the SNMPMISC option, as defined in the SatLabs System
Recommendations."
OBJECT dvbRcsRequestClassPidPoolReference
MIN-ACCESS not-accessible
DESCRIPTION
"Read-only access required if the RCST supports MPEG traffic
bursts, according to the MPEG_TRF option, as defined in the
SatLabs System Recommendations. Create access only required
if the RCST also supports extended management support,
according to the SNMPMISC option, as defined in the SatLabs
System Recommendations."
OBJECT dvbRcsRequestClassCra
MIN-ACCESS read-only
DESCRIPTION
"Create access only required if the RCST supports extended
management support, according to the SNMPMISC option, as
defined in the SatLabs System Recommendations."
OBJECT dvbRcsRequestClassRbdcMax
MIN-ACCESS read-only
DESCRIPTION
"Create access only required if the RCST supports extended
management support, according to the SNMPMISC option, as
defined in the SatLabs System Recommendations."
OBJECT dvbRcsRequestClassRbdcTimeout
MIN-ACCESS read-only
DESCRIPTION
"Create access only required if the RCST supports extended
management support, according to the SNMPMISC option, as
defined in the SatLabs System Recommendations."
OBJECT dvbRcsRequestClassVbdcMax
MIN-ACCESS read-only
DESCRIPTION
"Create access only required if the RCST supports extended
management support, according to the SNMPMISC option, as
defined in the SatLabs System Recommendations."
OBJECT dvbRcsRequestClassVbdcTimeout
MIN-ACCESS read-only
DESCRIPTION
"Create access only required if the RCST supports extended
management support, according to the SNMPMISC option, as
defined in the SatLabs System Recommendations."
OBJECT dvbRcsRequestClassVbdcMaxBackLog
MIN-ACCESS read-only
DESCRIPTION
"Create access only required if the RCST supports extended
management support, according to the SNMPMISC option, as
defined in the SatLabs System Recommendations."
OBJECT dvbRcsRequestClassRowStatus
MIN-ACCESS read-only
DESCRIPTION
"Create access only required if the RCST supports extended
management support, according to the SNMPMISC option, as
defined in the SatLabs System Recommendations."
OBJECT dvbRcsPidValue
MIN-ACCESS not-accessible
DESCRIPTION
"Read-only access required if the RCST supports MPEG traffic
bursts, according to the MPEG_TRF option, as defined in the
SatLabs System Recommendations. Create access only required
if the RCST also supports extended management support,
according to the SNMPMISC option, as defined in the SatLabs
System Recommendations."
OBJECT dvbRcsPidPoolRowStatus
MIN-ACCESS not-accessible
DESCRIPTION
"Read-only access required if the RCST supports MPEG traffic
bursts, according to the MPEG_TRF option, as defined in the
SatLabs System Recommendations. Create access only required
if the RCST also supports extended management support,
according to the SNMPMISC option, as defined in the SatLabs
System Recommendations."
::= {dvbRcsRcstCompliances 1}
--=============================================================
-- units of conformance
--=============================================================
--=============================================================
-- object groups for RCST system
--=============================================================
dvbRcsRcstSystemGroup OBJECT-GROUP
OBJECTS {
dvbRcsSystemMibRevision,
dvbRcsSystemSatLabsProfilesDeclaration,
dvbRcsSystemSatLabsOptionsDeclaration,
dvbRcsSystemSatLabsFeaturesDeclaration,
dvbRcsSystemLocation,
dvbRcsSystemOduAntennaSize,
dvbRcsSystemOduAntennaGain,
dvbRcsSystemOduSspa,
dvbRcsSystemOduTxType,
dvbRcsSystemOduRxType,
dvbRcsSystemOduRxBand,
dvbRcsSystemOduRxLO,
dvbRcsSystemOduTxLO,
dvbRcsTcpPep,
dvbRcsHttpPep
}
STATUS current
DESCRIPTION
"A collection of objects providing information
applicable for basic device management support."
::= {dvbRcsRcstGroups 1}
--=============================================================
-- object groups for RCST networking
--=============================================================
dvbRcsRcstNetworkGroup OBJECT-GROUP
OBJECTS {
dvbRcsNetworkOamInetAddressType,
dvbRcsNetworkOamInetAddress,
dvbRcsNetworkOamInetAddressPrefixLength,
dvbRcsNetworkLanInetAddressType,
dvbRcsNetworkLanInetAddress,
dvbRcsNetworkLanInetAddressPrefixLength,
dvbRcsNetworkConfigFileDownloadUrl,
dvbRcsNetworkConfigFileUploadUrl,
dvbRcsNetworkLogFileUploadUrl
}
STATUS current
DESCRIPTION
"A collection of objects providing basic networking
management support."
::= {dvbRcsRcstGroups 2}
dvbRcsRcstExtNetworkGroup OBJECT-GROUP
OBJECTS {
dvbRcsNetworkOamInetAddressAssign,
dvbRcsNetworkAirInterfaceDefaultGatewayInetAddressType,
dvbRcsNetworkAirInterfaceDefaultGatewayInetAddress,
dvbRcsNetworkAirInterfaceDefaultGatewayInetAddressPrefixLength,
dvbRcsNetworkNccMgtInetAddressType,
dvbRcsNetworkNccMgtInetAddress,
dvbRcsNetworkNccMgtInetAddressPrefixLength
}
STATUS current
DESCRIPTION
"A collection of objects providing extended networking
management support."
::= {dvbRcsRcstGroups 3}
dvbRcsRcstDnsGroup OBJECT-GROUP
OBJECTS {
dvbRcsPrimaryDnsServerInetAddressType,
dvbRcsPrimaryDnsServerInetAddress,
dvbRcsPrimaryDnsServerInetAddressPrefixLength,
dvbRcsSecondaryDnsServerInetAddressType,
dvbRcsSecondaryDnsServerInetAddress,
dvbRcsSecondaryDnsServerInetAddressPrefixLength
}
STATUS current
DESCRIPTION
"A collection of objects providing DNS management
support."
::= {dvbRcsRcstGroups 4}
--=============================================================
-- object groups for RCST installation
--=============================================================
dvbRcsRcstInstallGroup OBJECT-GROUP
OBJECTS {
dvbRcsInstallAntennaAlignmentState,
dvbRcsInstallCwFrequency,
dvbRcsInstallCwMaxDuration,
dvbRcsInstallCwPower,
dvbRcsInstallCoPolReading,
dvbRcsInstallXPolReading,
dvbRcsInstallCoPolTarget,
dvbRcsInstallXPolTarget,
dvbRcsInstallStandByDuration,
dvbRcsInstallTargetEsN0
}
STATUS current
DESCRIPTION
"A collection of objects providing information
applicable for basic installation support."
::= {dvbRcsRcstGroups 5}
dvbRcsRcstExtInstallGroup OBJECT-GROUP
OBJECTS {
dvbRcsNetworkInstallLogFileDownloadUrl,
dvbRcsNetworkInstallLogFileUploadUrl
}
STATUS current
DESCRIPTION
"A collection of objects providing extended device
installation support."
::= {dvbRcsRcstGroups 6}
--=============================================================
-- object groups for QoS
--=============================================================
dvbRcsRcstQosGroup OBJECT-GROUP
OBJECTS {
dvbRcsPktClassDscpLow,
dvbRcsPktClassDscpHigh,
dvbRcsPktClassDscpMarkValue,
dvbRcsPktClassPhbAssociation,
dvbRcsPktClassRowStatus,
dvbRcsPhbName,
dvbRcsPhbRequestClassAssociation,
dvbRcsPhbMappingRowStatus,
dvbRcsRequestClassName,
dvbRcsRequestClassChanId,
dvbRcsRequestClassVccVpi,
dvbRcsRequestClassVccVci,
dvbRcsRequestClassCra,
dvbRcsRequestClassRbdcMax,
dvbRcsRequestClassRbdcTimeout,
dvbRcsRequestClassVbdcMax,
dvbRcsRequestClassVbdcTimeout,
dvbRcsRequestClassVbdcMaxBackLog,
dvbRcsRequestClassRowStatus
}
STATUS current
DESCRIPTION
"A collection of objects providing basic access to QoS
configuration data."
::= {dvbRcsRcstGroups 7}
dvbRcsRcstEnhancedClassifierGroup OBJECT-GROUP
OBJECTS {
dvbRcsPktClassIpProtocol,
dvbRcsPktClassSrcInetAddressType,
dvbRcsPktClassSrcInetAddress,
dvbRcsPktClassSrcInetAddressPrefixLength,
dvbRcsPktClassDstInetAddressType,
dvbRcsPktClassDstInetAddress,
dvbRcsPktClassDstInetAddressPrefixLength,
dvbRcsPktClassSrcPortLow,
dvbRcsPktClassSrcPortHigh,
dvbRcsPktClassDstPortLow,
dvbRcsPktClassDstPortHigh,
dvbRcsPktClassVlanUserPri
}
STATUS current
DESCRIPTION
"A collection of objects providing support for
management of the enhanced classifier."
::= {dvbRcsRcstGroups 8}
dvbRcsRcstMpegQosGroup OBJECT-GROUP
OBJECTS {
dvbRcsRequestClassPidPoolReference,
dvbRcsPidValue,
dvbRcsPidPoolRowStatus
}
STATUS current
DESCRIPTION
"A collection of objects providing access to
MPEG-related link QoS configuration data."
::= {dvbRcsRcstGroups 9}
dvbRcsRcstGlobalQosGroup OBJECT-GROUP
OBJECTS {
dvbRcsQosGlobalRbdcMax,
dvbRcsQosGlobalVbdcMax,
dvbRcsQosGlobalVbdcMaxBackLog
}
STATUS current
DESCRIPTION
"A collection of objects providing access to global RCST
QoS configuration data."
::= {dvbRcsRcstGroups 10}
dvbRcsRcstStrictQosGroup OBJECT-GROUP
OBJECTS {
dvbRcsQosChannelIdStrictDispatching
}
STATUS current
DESCRIPTION
"A collection of objects allowing management of strict
channel ID dispatching."
::= {dvbRcsRcstGroups 11}
--=============================================================
-- object groups for RCST control
--=============================================================
dvbRcsRcstControlGroup OBJECT-GROUP
OBJECTS {
dvbRcsCtrlRebootCommand,
dvbRcsCtrlUserTrafficDisable,
dvbRcsCtrlCwEnable,
dvbRcsCtrlDownloadFileCommand,
dvbRcsCtrlUploadFileCommand,
dvbRcsCtrlActivateConfigFileCommand,
dvbRcsCtrlRcstRxReacquire
}
STATUS current
DESCRIPTION
"A collection of objects allowing basic RCST control."
::= {dvbRcsRcstGroups 12}
dvbRcsRcstExtControlGroup OBJECT-GROUP
OBJECTS {
dvbRcsCtrlRcstTxDisable,
dvbRcsCtrlOduTxReferenceEnable,
dvbRcsCtrlOduTxDCEnable,
dvbRcsCtrlOduRxDCEnable,
dvbRcsCtrlRcstLogonCommand,
dvbRcsCtrlRcstLogoffCommand
}
STATUS current
DESCRIPTION
"A collection of objects allowing extended RCST
control."
::= {dvbRcsRcstGroups 13}
--=============================================================
-- object groups for RCST state
--=============================================================
dvbRcsRcstStateGroup OBJECT-GROUP
OBJECTS {
dvbRcsRcstMode,
dvbRcsRcstFaultStatus,
dvbRcsRcstFwdLinkStatus,
dvbRcsRcstLogUpdated,
dvbRcsRcstCurrentSoftwareVersion,
dvbRcsRcstAlternateSoftwareVersion,
dvbRcsRcstActivatedConfigFileVersion,
dvbRcsRcstDownloadedConfigFileVersion
}
STATUS current
DESCRIPTION
"A collection of objects allowing access to RCST state."
::= {dvbRcsRcstGroups 14}
--=============================================================
-- object groups for forward link
--=============================================================
dvbRcsFwdConfigGroup OBJECT-GROUP
OBJECTS {
dvbRcsFwdStartPopId,
dvbRcsFwdStartFrequency,
dvbRcsFwdStartPolar,
dvbRcsFwdStartFormat,
dvbRcsFwdStartRolloff,
dvbRcsFwdStartSymbolRate,
dvbRcsFwdStartInnerFec,
dvbRcsFwdStartRowStatus
}
STATUS current
DESCRIPTION
"A collection of objects providing basic start forward
link configuration support."
::= {dvbRcsRcstGroups 15}
dvbRcsFwdStatusGroup OBJECT-GROUP
OBJECTS {
dvbRcsFwdStatusPopId,
dvbRcsFwdStatusIfReference,
dvbRcsFwdStatusNetId,
dvbRcsFwdStatusNetName,
dvbRcsFwdStatusFormat,
dvbRcsFwdStatusFrequency,
dvbRcsFwdStatusPolar,
dvbRcsFwdStatusInnerFec,
dvbRcsFwdStatusSymbolRate,
dvbRcsFwdStatusRolloff,
dvbRcsFwdStatusModulation,
dvbRcsFwdStatusFecFrame,
dvbRcsFwdStatusPilot,
dvbRcsFwdStatusBer,
dvbRcsFwdStatusCnr,
dvbRcsFwdStatusRxPower
}
STATUS current
DESCRIPTION
"A collection of objects providing forward link status."
::= {dvbRcsRcstGroups 16}
--=============================================================
-- object groups for return link
--=============================================================
dvbRcsRtnConfigGroup OBJECT-GROUP
OBJECTS {
dvbRcsRtnConfigDefIfLevel
}
STATUS current
DESCRIPTION
"A collection of objects providing basic return link
configuration support."
::= {dvbRcsRcstGroups 17}
dvbRcsRtnExtConfigGroup OBJECT-GROUP
OBJECTS {
dvbRcsRtnConfigMaxEirp
}
STATUS current
DESCRIPTION
"A collection of objects providing extended return link
configuration support."
::= {dvbRcsRcstGroups 18}
dvbRcsRtnStatusGroup OBJECT-GROUP
OBJECTS {
dvbRcsRtnStatusPayloadUnit
}
STATUS current
DESCRIPTION
"A collection of objects allowing access to return link
status."
::= {dvbRcsRcstGroups 19}
dvbRcsRtnExtStatusGroup OBJECT-GROUP
OBJECTS {
dvbRcsRcstRtnLinkStatus,
dvbRcsRtnStatusEbN0,
dvbRcsRtnStatusSFDuration
}
STATUS current
DESCRIPTION
"A collection of objects allowing access to extended
return link status."
::= {dvbRcsRcstGroups 20}
dvbRcsRcstOduListGroup OBJECT-GROUP
OBJECTS {
dvbRcsOduTxTypeDescription,
dvbRcsOduTxType,
dvbRcsOduRxTypeDescription,
dvbRcsOduRxType,
dvbRcsOduAntennaTypeDescription,
dvbRcsOduAntennaType
}
STATUS current
DESCRIPTION
"A collection of objects supporting flexible
selection of ODU devices."
::= {dvbRcsRcstGroups 21}
END
5. Security Considerations
This MIB module relates to a system that allows end users to access a private network or public Internet access. As such, improper manipulation of the MIB objects represented by this MIB module may result in denial of service to a large number of end users. There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read- create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. These are the tables and objects and their sensitivity/vulnerability: o The use of the dvbRcsNetworkNccMgtInetAddress object to specify management stations is considered only limited protection and does not protect against attacks that spoof the management station's IP address. The use of stronger mechanisms, such as SNMPv3 security, should be considered, where possible. o The dvbRcsSystemOdu objects, dvbRcsCtrlCwEnable, dvbRcsRtnConfigMaxEirp, dvbRcsRtnConfigDefIfLevel objects, and dvbRcsRcstInstall sub-tree can, if improperly or maliciously used, lead to unwanted emissions or emission levels on the satellite uplink, thereby resulting in potential degradation of the RCS service or other services using the frequency band being used. o The RCST may have its configuration file changed by the actions of the management system using a combination of the following objects: dvbRcsNetworkInstallLogFileDownloadUrl, dvbRcsCtrlDownloadFileCommand, dvbRcsCtrlActivateConfigFileCommand, or dvbRcsCtrlRebootCommand. An improper configuration file download may result in substantial vulnerabilities and the loss of the ability of the management system to control the satellite terminal. o Setting dvbRcsNetworkLogFileUploadUrl to a wrong address may potentially impact debugging/troubleshooting efforts. o Setting objects in dvbRcsPktClassTable could cause significant changes to default traffic filtering on an RCST. Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over
the network via SNMP. These are the tables and objects and their
sensitivity/vulnerability:
o The dvbRcsNetworkNccMgtInetAddress object may provide sufficient
information for attackers to spoof management stations that have
management access to the device.
o The dvbRcsRcstCurrentSoftwareVersion object may provide hints as
to the software vulnerabilities of the RCST.
o The object dvbRcsNetworkOamInetAddress and the table
dvbRcsPktClassTable may provide clues for attacking the RCST and
other subscriber devices.
SNMP versions prior to SNMPv3 did not include adequate security.
Even if the network itself is secure (for example by using IPsec),
even then, there is no control as to who on the secure network is
allowed to access and GET/SET (read/change/create/delete) the objects
in this MIB module.
It is RECOMMENDED that implementers consider the security features
provided by the SNMPv3 framework (see [RFC3410], section 8),
including full support for the SNMPv3 cryptographic mechanisms (for
authentication and privacy).
Further, deployment of SNMP versions prior to SNMPv3 is NOT
RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
enable cryptographic security. It is then a customer/operator
responsibility to ensure that the SNMP entity giving access to an
instance of this MIB module, is properly configured to give access to
the objects only to those principals (users) that have legitimate
rights to indeed GET or SET (change/create/delete) them.
6. IANA Considerations
The transmission and ifType numbers described in Section 3 have
already been assigned under the smi-numbers registry.
7. Acknowledgments
The authors thank Gorry Fairhurst for advice in the preparation of
this document and Bert Wijnen for his review comments.
The authors recognize this document is a collective effort of the
SatLabs Group (www.satlabs.org), in particular the many corrections
and suggestions brought by Juan Luis Manas.
8. References
8.1. Normative References
[IANA] Internet Assigned Numbers Authority, "Internet Assigned Numbers Authority", June 2008, <http://www.iana.org>. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB", RFC 2863, June 2000. [RFC3289] Baker, F., Chan, K., and A. Smith, "Management Information Base for the Differentiated Services Architecture", RFC 3289, May 2002. [RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks", STD 62, RFC 3411, December 2002. [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. Schoenwaelder, "Textual Conventions for Internet Network Addresses", RFC 4001, February 2005. [RFC5017] McWalter, D., Ed., "MIB Textual Conventions for Uniform Resource Identifiers (URIs)", RFC 5017, September 2007.
8.2. Informative References
[ISO-MPEG] ISO/IEC DIS 13818-1:2000, "Information Technology; Generic Coding of Moving Pictures and Associated Audio Information Systems", International Organization for Standardization (ISO). [ITU-ATM] ITU-T Recommendation I.432 (all parts): "B-ISDN user- network interface - Physical layer specification". [ITU-AAL5] ITU-T Recommendation I.363-5 (1996): "B-ISDN ATM Adaptation Layer specification: Type 5 AAL". [ETSI-DAT] ETSI EN 301 192, "Digital Video Broadcasting (DVB); DVB Specifications for Data Broadcasting", European Telecommunications Standards Institute (ETSI). [ETSI-DVBS] ETSI EN 301 421, "Digital Video Broadcasting (DVB); Modulation and Coding for DBS satellite systems at 11/12 GHz", European Telecommunications Standards Institute (ETSI). [ETSI-DVBS2] ETSI EN 302 307, "Digital Video Broadcasting (DVB); Second generation framing structure, channel coding and modulation systems for Broadcasting, Interactive Services, News Gathering and other broadband satellite applications", European Telecommunications Standards Institute (ETSI). [ETSI-GSE] ETSI TS 102 606, "Digital Video Broadcasting (DVB); Generic Stream Encapsulation (GSE) Protocol", European Telecommunications Standards Institute (ETSI). [ETSI-RCS] ETSI 301 790, "Digital Video Broadcasting (DVB); Interaction Channel for Satellite Distribution Systems", European Telecommunications Standards Institute (ETSI). [ETSI-SI] ETSI EN 300 468, "Digital Video Broadcasting (DVB); Specification for Service Information (SI) in DVB Systems", European Telecommunications Standards Institute (ETSI). [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework", RFC 3410, December 2002. [SATLABS] SatLabs System Recommendations, <http://www.satlabs.org>.
Authors' Addresses
Stephane Combes ESTEC European Space Agency Keplerlaan 1 P.O. Box 299 2200 AG Noordwijk ZH The Netherlands EMail: stephane.combes@esa.int URL: telecom.esa.int Petter Chr. Amundsen VeriSat AS P.O Box 1 1330 Fornebu Norway EMail: pca@verisat.no URL: www.verisat.no Micheline Lambert Advantech Satellite Networks 2341 boul. Alfred-Nobel Saint-Laurent (Montreal) H4S 2A9 Quebec, Canada EMail: micheline.lambert@advantechamt.com URL: www.advantechsatnet.com Hans Peter Lexow STM Norway Vollsveien 21 1366 Lysaker Norway EMail: hlexow@stmi.com URL: www.stmi.com