RFC 5815
Definitions of Managed Objects for IP Flow Information Export
IpfixObservationPointEntry ::=
SEQUENCE {
ipfixObservationPointGroupId Unsigned32,
ipfixObservationPointIndex Unsigned32,
ipfixObservationPointObservationDomainId Unsigned32,
ipfixObservationPointPhysicalEntity PhysicalIndexOrZero,
ipfixObservationPointPhysicalInterface InterfaceIndexOrZero,
ipfixObservationPointPhysicalEntityDirection INTEGER
}
ipfixObservationPointGroupId OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Locally arbitrary, but unique identifier of an entry in the
ipfixObservationPointTable. The value is expected to remain
constant from a re-initialization of the entity's network
management agent to the next re-initialization.
This index represents a group of Observation Points.
The special value of 0 MUST NOT be used within this table
but is reserved for the usage in the
ipfixMeteringProcessTable. An index of 0 for the
ipfixObservationPointGroupReference index in that table
indicates that an Observation Point is unknown or
unspecified for a Metering Process cache."
::= { ipfixObservationPointEntry 1 }
ipfixObservationPointIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Locally arbitrary, but unique identifier of an entry in the
ipfixObservationPointTable. The value is expected to remain
constant from a re-initialization of the entity's network
management agent to the next re-initialization.
This index represents a single Observation Point in an
Observation Point group."
::= { ipfixObservationPointEntry 2 }
ipfixObservationPointObservationDomainId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The Id of the Observation Domain in which this
Observation Point is included.
The special value of 0 indicates that the Observation
Points within this group cannot be applied to a single
Observation Domain."
REFERENCE
"RFC 5101, Specification of the IP Flow Information Export
(IPFIX) Protocol for the Exchange of IP
Traffic Flow Information, Section 3.1."
::= { ipfixObservationPointEntry 3 }
ipfixObservationPointPhysicalEntity OBJECT-TYPE
SYNTAX PhysicalIndexOrZero
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains the index of a physical entity in
the ENTITY MIB. This physical entity is the given
Observation Point. If such a physical entity cannot be
specified or is not known, then the object is zero."
::= { ipfixObservationPointEntry 4 }
ipfixObservationPointPhysicalInterface OBJECT-TYPE
SYNTAX InterfaceIndexOrZero
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains the index of a physical interface in
the IF MIB. This physical interface is the given
Observation Point. If such a physical interface cannot be
specified or is not known, then the object is zero.
This object MAY be used stand alone or in addition to
ipfixObservationPointPhysicalEntity. If
ipfixObservationPointPhysicalEntity is not zero, this object
MUST point to the same physical interface that is
referenced in ipfixObservationPointPhysicalEntity.
Otherwise, it may reference any interface in the IF MIB."
::= { ipfixObservationPointEntry 5 }
ipfixObservationPointPhysicalEntityDirection OBJECT-TYPE
SYNTAX INTEGER {
unknown(0),
ingress(1),
egress(2),
both(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The direction of the Flow that is monitored on the given
physical entity. The following values are valid:
unknown(0)
This value MUST be used if a direction is not
known for the given physical entity.
ingress(1)
This value is used for monitoring incoming Flows on the
given physical entity.
egress(2)
This value is used for monitoring outgoing Flows on the
given physical entity.
both(3)
This value is used for monitoring incoming and outgoing
Flows on the given physical entity."
::= { ipfixObservationPointEntry 6 }
--------------------------------------------------------------------
-- 1.1.7: Selection Process Table
--------------------------------------------------------------------
ipfixSelectionProcessTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixSelectionProcessEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains Selector Functions connected to a
Metering Process by the index ipfixMeteringProcessCacheId.
The Selector Functions are grouped into Selection Processes
by the ipfixSelectionProcessIndex. The Selector Functions
are applied within the Selection Process to the packets
observed for the given Metering Process cache in increasing
order implied by the ipfixSelectionProcessSelectorIndex.
This means Selector Functions with lower
ipfixSelectionProcessSelectorIndex are applied first. The
remaining packets are accounted for in Flow Records.
Since IPFIX does not define any Selector Function (except
selecting every packet), this is a placeholder for future
use and a guideline for implementing enterprise-specific
Selector Function objects.
The following object tree should visualize how the
Selector Function objects should be implemented:
ipfixSelectorFunctions
|
+- ipfixFuncSelectAll
| |
| +- ipfixFuncSelectAllAvail (is the function available?)
|
+- ipfixFuncF2
| |
| +- ipfixFuncF2Avail (is the function F2 available?)
| |
| +- ipfixFuncF2Parameters (a table with parameters)
...
|
+- ipfixFunFn...
If a Selector Function takes parameters, the MIB should
contain a table with an entry for each set of parameters
used at the Exporter."
::= { ipfixMainObjects 7 }
ipfixSelectionProcessEntry OBJECT-TYPE
SYNTAX IpfixSelectionProcessEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixSelectionProcessTable."
INDEX {
ipfixMeteringProcessCacheId,
ipfixSelectionProcessIndex,
ipfixSelectionProcessSelectorIndex
}
::= { ipfixSelectionProcessTable 1 }
IpfixSelectionProcessEntry ::= SEQUENCE {
ipfixSelectionProcessIndex Unsigned32,
ipfixSelectionProcessSelectorIndex Unsigned32,
ipfixSelectionProcessSelectorFunction OBJECT IDENTIFIER
}
ipfixSelectionProcessIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Locally arbitrary, but unique identifier of an entry in the
ipfixSelectionProcessTable. The value is expected to remain
constant from a re-initialization of the entity's network
management agent to the next re-initialization."
::= { ipfixSelectionProcessEntry 1 }
ipfixSelectionProcessSelectorIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Index specifying the order in which the referenced
ipfixSelctionProcessSelectorFunctions are applied to the
observed packet stream within the given Selection Process
(identified by the ipfixSelectionProcessIndex). The
Selector Functions are applied in increasing order, i.e.,
Selector Functions with lower index are applied first."
::= { ipfixSelectionProcessEntry 2 }
ipfixSelectionProcessSelectorFunction OBJECT-TYPE
SYNTAX OBJECT IDENTIFIER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The pointer to the Selector Function used at position
ipfixSelectionProcessSelectorIndex in the list of Selector
Functions for the Metering Process cache specified by the
index ipfixMeteringProcessCacheId and for the given
Selection Process (identified by the
ipfixSelectionProcessIndex).
This usually points to an object in the IPFIX SELECTOR MIB.
If the Selector Function does not take parameters, then it
MUST point to the root of the function subtree. If the
function takes parameters, then it MUST point to an entry
in the parameter table of the Selector Function."
::= { ipfixSelectionProcessEntry 3 }
--------------------------------------------------------------------
-- 1.2.1: Transport Session Statistics Table
--------------------------------------------------------------------
ipfixTransportSessionStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixTransportSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists Transport Sessions statistics between
Exporting Processes and Collecting Processes."
::= { ipfixStatistics 1 }
ipfixTransportSessionStatsEntry OBJECT-TYPE
SYNTAX IpfixTransportSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixTransportSessionStatsTable."
AUGMENTS { ipfixTransportSessionEntry }
::= { ipfixTransportSessionStatsTable 1 }
IpfixTransportSessionStatsEntry ::=
SEQUENCE {
ipfixTransportSessionRate Gauge32,
ipfixTransportSessionPackets Counter64,
ipfixTransportSessionBytes Counter64,
ipfixTransportSessionMessages Counter64,
ipfixTransportSessionDiscardedMessages Counter64,
ipfixTransportSessionRecords Counter64,
ipfixTransportSessionTemplates Counter64,
ipfixTransportSessionOptionsTemplates Counter64,
ipfixTransportSessionDiscontinuityTime TimeStamp
}
ipfixTransportSessionRate OBJECT-TYPE
SYNTAX Gauge32
UNITS "bytes/second"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of bytes per second received by the
Collector or transmitted by the Exporter. A
value of zero (0) means that no packets were sent or
received, yet. This object is updated every second."
::= { ipfixTransportSessionStatsEntry 1 }
ipfixTransportSessionPackets OBJECT-TYPE
SYNTAX Counter64
UNITS "packets"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets received by the Collector
or transmitted by the Exporter.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixTransportSessionDiscontinuityTime."
::= { ipfixTransportSessionStatsEntry 2 }
ipfixTransportSessionBytes OBJECT-TYPE
SYNTAX Counter64
UNITS "bytes"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of bytes received by the Collector
or transmitted by the Exporter.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixTransportSessionDiscontinuityTime."
::= { ipfixTransportSessionStatsEntry 3 }
ipfixTransportSessionMessages OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of IPFIX Messages received by the
Collector or transmitted by the Exporter.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixTransportSessionDiscontinuityTime."
::= { ipfixTransportSessionStatsEntry 4 }
ipfixTransportSessionDiscardedMessages OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of received IPFIX Message that are malformed,
cannot be decoded, are received in the wrong order, or are
missing according to the sequence number.
If used at the Exporter, the number of messages that could
not be sent due to, e.g., internal buffer overflows, network
congestion, or routing issues.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixTransportSessionDiscontinuityTime."
::= { ipfixTransportSessionStatsEntry 5 }
ipfixTransportSessionRecords OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Data Records received by the Collector or
transmitted by the Exporter.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixTransportSessionDiscontinuityTime."
::= { ipfixTransportSessionStatsEntry 6 }
ipfixTransportSessionTemplates OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Templates received or transmitted.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixTransportSessionDiscontinuityTime."
::= { ipfixTransportSessionStatsEntry 7 }
ipfixTransportSessionOptionsTemplates OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Options Templates received or transmitted.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixTransportSessionDiscontinuityTime."
::= { ipfixTransportSessionStatsEntry 8 }
ipfixTransportSessionDiscontinuityTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime at the most recent occasion at which
one or more of the Transport Session counters suffered a
discontinuity.
A value of zero indicates no such discontinuity has
occurred since the last re-initialization of the local
management subsystem."
::= { ipfixTransportSessionStatsEntry 9 }
--------------------------------------------------------------------
-- 1.2.2: Template Statistics Table
--------------------------------------------------------------------
ipfixTemplateStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixTemplateStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists statistics objects per Template."
::= { ipfixStatistics 2 }
ipfixTemplateStatsEntry OBJECT-TYPE
SYNTAX IpfixTemplateStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixTemplateStatsTable."
AUGMENTS { ipfixTemplateEntry }
::= { ipfixTemplateStatsTable 1 }
IpfixTemplateStatsEntry ::=
SEQUENCE {
ipfixTemplateDataRecords Counter64,
ipfixTemplateDiscontinuityTime TimeStamp
}
ipfixTemplateDataRecords OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Data Records that are transmitted or received
per Template.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ipfixTemplateDiscontinuityTime."
::= { ipfixTemplateStatsEntry 1 }
ipfixTemplateDiscontinuityTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime at the most recent occasion at which
the Template counter suffered a discontinuity.
A value of zero indicates no such discontinuity has
occurred since the last re-initialization of the local
management subsystem."
::= { ipfixTemplateStatsEntry 2 }
--------------------------------------------------------------------
-- 1.2.3: Metering Process Statistics Table
--------------------------------------------------------------------
ipfixMeteringProcessStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixMeteringProcessStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table lists statistic objects that have data per
Metering Process cache.
On Collectors, this table is not needed."
::= { ipfixStatistics 3 }
ipfixMeteringProcessStatsEntry OBJECT-TYPE
SYNTAX IpfixMeteringProcessStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixMeteringProcessStatsTable."
AUGMENTS { ipfixMeteringProcessEntry }
::= { ipfixMeteringProcessStatsTable 1 }
IpfixMeteringProcessStatsEntry ::=
SEQUENCE {
ipfixMeteringProcessCacheActiveFlows Gauge32,
ipfixMeteringProcessCacheUnusedCacheEntries Gauge32,
ipfixMeteringProcessCacheDataRecords Counter64,
ipfixMeteringProcessCacheDiscontinuityTime TimeStamp
}
ipfixMeteringProcessCacheActiveFlows OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Flows currently active at this cache."
::= { ipfixMeteringProcessStatsEntry 1 }
ipfixMeteringProcessCacheUnusedCacheEntries OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of unused cache entries."
::= { ipfixMeteringProcessStatsEntry 2 }
ipfixMeteringProcessCacheDataRecords OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of Data Records generated.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixTemplateDiscontinuityTime."
::= { ipfixMeteringProcessStatsEntry 3 }
ipfixMeteringProcessCacheDiscontinuityTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime at the most recent occasion at which
the Metering Process counter suffered a discontinuity.
A value of zero indicates no such discontinuity has
occurred since the last re-initialization of the local
management subsystem."
::= { ipfixMeteringProcessStatsEntry 4 }
--------------------------------------------------------------------
-- 1.2.4: Selection Process Statistics Table
--------------------------------------------------------------------
ipfixSelectionProcessStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF IpfixSelectionProcessStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains statistics for the Selector Functions
connected to Metering Process by the index
ipfixMeteringProcessCacheId.
The indexes MUST match an entry in the
ipfixSelectionProcessTable."
::= { ipfixStatistics 4 }
ipfixSelectionProcessStatsEntry OBJECT-TYPE
SYNTAX IpfixSelectionProcessStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Defines an entry in the ipfixSelectionProcessStatsTable."
AUGMENTS { ipfixSelectionProcessEntry }
::= { ipfixSelectionProcessStatsTable 1 }
IpfixSelectionProcessStatsEntry ::= SEQUENCE {
ipfixSelectionProcessStatsPacketsObserved Counter64,
ipfixSelectionProcessStatsPacketsDropped Counter64,
ipfixSelectionProcessStatsDiscontinuityTime TimeStamp
}
ipfixSelectionProcessStatsPacketsObserved OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets observed at the entry point of the
function. The entry point may be the Observation Point or
the exit point of another Selector Function.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixSelectionProcessStatsDiscontinuityTime."
::= { ipfixSelectionProcessStatsEntry 1 }
ipfixSelectionProcessStatsPacketsDropped OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of packets dropped while selecting packets.
Discontinuities in the value of this counter can occur at
re-initialization of the management system and at other
times as indicated by the value of
ipfixSelectionProcessStatsDiscontinuityTime."
::= { ipfixSelectionProcessStatsEntry 2 }
ipfixSelectionProcessStatsDiscontinuityTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime at the most recent occasion at which
one or more of the Selector counters suffered a
discontinuity.
A value of zero indicates no such discontinuity has
occurred since the last re-initialization of the local
management subsystem."
::= { ipfixSelectionProcessStatsEntry 3 }
--==================================================================
-- 2: Conformance Information
--==================================================================
ipfixCompliances OBJECT IDENTIFIER ::= { ipfixConformance 1 }
ipfixGroups OBJECT IDENTIFIER ::= { ipfixConformance 2 }
--------------------------------------------------------------------
-- 2.1: Compliance Statements
--------------------------------------------------------------------
ipfixCollectorCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"An implementation that builds an IPFIX Collector
that complies to this module MUST implement the objects
defined in the mandatory group ipfixCommonGroup.
The implementation of all objects in the other groups is
optional and depends on the corresponding functionality
implemented in the equipment.
An implementation that is compliant to this MIB module
is limited to use only the values TCP (6), UDP (17), and
SCTP (132) in the ipfixTransportSessionProtocol object
because these are the only protocol currently specified
for usage within IPFIX (see RFC 5101)."
MODULE -- this module
MANDATORY-GROUPS {
ipfixCommonGroup
}
GROUP ipfixCommonStatsGroup
DESCRIPTION
"These objects should be implemented if the statistics
function is implemented in the equipment."
::= { ipfixCompliances 1 }
ipfixExporterCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"An implementation that builds an IPFIX Exporter that
complies to this module MUST implement the objects defined
in the mandatory group ipfixCommonGroup. The implementation
of all other objects depends on the implementation of the
corresponding functionality in the equipment."
MODULE -- this module
MANDATORY-GROUPS {
ipfixCommonGroup,
ipfixExporterGroup
}
GROUP ipfixCommonStatsGroup
DESCRIPTION
"These objects should be implemented if the statistics
function is implemented in the equipment."
GROUP ipfixExporterStatsGroup
DESCRIPTION
"These objects MUST be implemented if statistical functions
are implemented on the equipment."
::= { ipfixCompliances 2 }
--------------------------------------------------------------------
-- 2.2: MIB Grouping
--------------------------------------------------------------------
ipfixCommonGroup OBJECT-GROUP
OBJECTS {
ipfixTransportSessionProtocol,
ipfixTransportSessionSourceAddressType,
ipfixTransportSessionSourceAddress,
ipfixTransportSessionDestinationAddressType,
ipfixTransportSessionDestinationAddress,
ipfixTransportSessionSourcePort,
ipfixTransportSessionDestinationPort,
ipfixTransportSessionSctpAssocId,
ipfixTransportSessionDeviceMode,
ipfixTransportSessionTemplateRefreshTimeout,
ipfixTransportSessionOptionsTemplateRefreshTimeout,
ipfixTransportSessionTemplateRefreshPacket,
ipfixTransportSessionOptionsTemplateRefreshPacket,
ipfixTransportSessionIpfixVersion,
ipfixTransportSessionStatus,
ipfixTemplateSetId,
ipfixTemplateAccessTime,
ipfixTemplateDefinitionIeId,
ipfixTemplateDefinitionIeLength,
ipfixTemplateDefinitionEnterpriseNumber,
ipfixTemplateDefinitionFlags
}
STATUS current
DESCRIPTION
"The main IPFIX objects."
::= { ipfixGroups 1 }
ipfixCommonStatsGroup OBJECT-GROUP
OBJECTS {
ipfixTransportSessionRate,
ipfixTransportSessionPackets,
ipfixTransportSessionBytes,
ipfixTransportSessionMessages,
ipfixTransportSessionDiscardedMessages,
ipfixTransportSessionRecords,
ipfixTransportSessionTemplates,
ipfixTransportSessionOptionsTemplates,
ipfixTransportSessionDiscontinuityTime,
ipfixTemplateDataRecords,
ipfixTemplateDiscontinuityTime
}
STATUS current
DESCRIPTION
"Common statistical objects."
::= { ipfixGroups 2 }
ipfixExporterGroup OBJECT-GROUP
OBJECTS {
ipfixExportMemberType,
ipfixMeteringProcessObservationPointGroupRef,
ipfixMeteringProcessCacheActiveTimeout,
ipfixMeteringProcessCacheInactiveTimeout,
ipfixObservationPointObservationDomainId,
ipfixObservationPointPhysicalEntity,
ipfixObservationPointPhysicalInterface,
ipfixObservationPointPhysicalEntityDirection,
ipfixSelectionProcessSelectorFunction
}
STATUS current
DESCRIPTION
"The main objects for Exporters."
::= { ipfixGroups 3 }
ipfixExporterStatsGroup OBJECT-GROUP
OBJECTS {
ipfixMeteringProcessCacheActiveFlows,
ipfixMeteringProcessCacheUnusedCacheEntries,
ipfixMeteringProcessCacheDataRecords,
ipfixMeteringProcessCacheDiscontinuityTime,
ipfixSelectionProcessStatsPacketsObserved,
ipfixSelectionProcessStatsPacketsDropped,
ipfixSelectionProcessStatsDiscontinuityTime
}
STATUS current
DESCRIPTION
"The statistical objects for Exporters."
::= { ipfixGroups 4 }
END
8.2. IPFIX SELECTOR MIB Definition
IPFIX-SELECTOR-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, mib-2
FROM SNMPv2-SMI -- RFC2578
TruthValue
FROM SNMPv2-TC -- RFC2579
MODULE-COMPLIANCE, OBJECT-GROUP
FROM SNMPv2-CONF; -- RFC2580
ipfixSelectorMIB MODULE-IDENTITY
LAST-UPDATED "201003150000Z" -- 15 March 2010
ORGANIZATION "IETF IPFIX Working Group"
CONTACT-INFO
"WG charter:
http://www.ietf.org/html.charters/ipfix-charter.html
Mailing Lists:
General Discussion: ipfix@ietf.org
To Subscribe: http://www1.ietf.org/mailman/listinfo/ipfix
Archive:
http://www1.ietf.org/mail-archive/web/ipfix/current/index.html
Editor:
Thomas Dietz
NEC Europe Ltd.
NEC Laboratories Europe
Network Research Division
Kurfuersten-Anlage 36
69115 Heidelberg
Germany
Phone: +49 6221 4342-128
Email: Thomas.Dietz@nw.neclab.eu
Atsushi Kobayashi
NTT Information Sharing Platform Laboratories
3-9-11 Midori-cho
Musashino-shi
180-8585
Japan
Phone: +81-422-59-3978
Email: akoba@nttv6.net
Benoit Claise
Cisco Systems, Inc.
De Kleetlaan 6a b1
Degem 1831
Belgium
Phone: +32 2 704 5622
Email: bclaise@cisco.com
Gerhard Muenz
Technische Universitaet Muenchen
Department of Informatics
Chair for Network Architectures and Services (I8)
Boltzmannstr. 3
85748 Garching
Germany
Phone: +49 89 289-18008
Email: muenz@net.in.tum.de
URI: http://www.net.in.tum.de/~muenz"
DESCRIPTION
"The IPFIX SELECTOR MIB module defines the standard
filtering and sampling functions that can be referenced in
the ipfixSelectorTable of the IPFIX MIB. The subtree
ipfixSelectorFunctions is a placeholder where all standard
filtering and sampling functions should be located.
The IPFIX SELECTOR MIB module is maintained by IANA and can
be extended through Expert Review [RFC5226], i.e., review by
one of a group of experts designated by an IETF Area
Director. The group of experts MUST check the requested MIB
objects for completeness and accuracy of the description.
Requests for MIB objects that duplicate the functionality of
existing objects SHOULD be declined. The smallest available
OID SHOULD be assigned to a new MIB objects. The
specification of new MIB objects SHOULD follow the structure
specified in RFC 5815 and MUST be published using a
well-established and persistent publication medium. The
experts will initially be drawn from the Working Group
Chairs and document editors of the IPFIX and PSAMP Working
Groups.
Copyright (c) 2010 IETF Trust and the persons identified as
authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or
without modification, is permitted pursuant to, and subject
to the license terms contained in, the Simplified BSD
License set forth in Section 4.c of the IETF Trust's
Legal Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info)."
-- Revision history
REVISION "201003150000Z" -- 15 March 2010
DESCRIPTION
"Initial version, published as RFC 5815."
::= { mib-2 194 }
--******************************************************************
-- Top Level Structure of the MIB
--******************************************************************
ipfixSelectorObjects OBJECT IDENTIFIER
::= { ipfixSelectorMIB 1 }
ipfixSelectorConformance OBJECT IDENTIFIER
::= { ipfixSelectorMIB 2 }
--==================================================================
-- 1: Objects used by all IPFIX implementations
--==================================================================
--------------------------------------------------------------------
-- 1.1: Packet Selector Functions for IPFIX
--------------------------------------------------------------------
ipfixSelectorFunctions OBJECT IDENTIFIER
::= { ipfixSelectorObjects 1 }
--------------------------------------------------------------------
-- 1.1.1: Function 1: Selecting All Packets
--------------------------------------------------------------------
ipfixFuncSelectAll OBJECT IDENTIFIER
::= { ipfixSelectorFunctions 1 }
ipfixFuncSelectAllAvail OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the availability of the trivial
function of selecting all packets. This function is always
available."
::= { ipfixFuncSelectAll 1 }
--==================================================================
-- 2: Conformance Information
--==================================================================
ipfixSelectorCompliances OBJECT IDENTIFIER
::= { ipfixSelectorConformance 1 }
ipfixSelectorGroups OBJECT IDENTIFIER
::= { ipfixSelectorConformance 2 }
--------------------------------------------------------------------
-- 2.1: Compliance Statements
--------------------------------------------------------------------
ipfixSelectorBasicCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"An implementation that builds an IPFIX Exporter that
complies to this module MUST implement the objects defined
in the mandatory group ipfixBasicGroup. The implementation
of all other objects depends on the implementation of the
corresponding functionality in the equipment."
MODULE -- this module
MANDATORY-GROUPS {
ipfixSelectorBasicGroup
}
::= { ipfixSelectorCompliances 1 }
--------------------------------------------------------------------
-- 2.2: MIB Grouping
--------------------------------------------------------------------
ipfixSelectorBasicGroup OBJECT-GROUP
OBJECTS {
ipfixFuncSelectAllAvail
}
STATUS current
DESCRIPTION
"The main IPFIX objects."
::= { ipfixSelectorGroups 1 }
END
9. Security Considerations
There are no management objects defined in this MIB module that have
a MAX-ACCESS clause of read-write and/or read-create. So, if these
MIB modules are implemented correctly, then there is no risk that an
intruder can alter or create any management objects of these MIB
modules via direct SNMP SET operations.
Some of the readable objects in these MIB modules (i.e., objects with
a MAX-ACCESS other than not-accessible) may be considered sensitive
or vulnerable in some network environments. It is thus important to
control even GET and/or NOTIFY access to these objects and possibly
to even encrypt the values of these objects when sending them over
the network via SNMP. These are the tables and objects and their
sensitivity/vulnerability:
o ipfixTransportSessionTable - contains configuration data that
might be sensitive because objects in this table may reveal
information about the network infrastructure
o ipfixExportTable - contains configuration data that might be
sensitive because object in this table may reveal information
about the network infrastructure as well
o ipfixMeteringProcessTable - contains configuration data that might
be sensitive because objects in this table may reveal information
about the IPFIX Device itself
o ipfixObservationPointTable - contains configuration data that
might be sensitive because objects in this table may reveal
information about the IPFIX Device itself and the network
infrastructure
o ipfixSelectorFunctions - currently contains no sensitive data but
might want to be secured anyway since it may contain sensitive
data in a future version
All other objects and tables contain no data that is considered
sensitive.
SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPsec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in these MIB modules. It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see [RFC3410] Section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy). Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of these MIB modules is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them.10. IANA Considerations
The MIB module in this document uses the following IANA-assigned OBJECT IDENTIFIER values recorded in the SMI Numbers registry: Descriptor OBJECT IDENTIFIER value ---------- ----------------------- ipfixMIB { mib-2 193 } ipfixSelectorMIB { mib-2 194 } Further on, the whole IPFIX SELECTOR MIB module is maintained by IANA. Additions to this MIB module are subject to Expert Review [RFC5226], i.e., review by one of a group of experts designated by an IETF Area Director. The group of experts MUST check the requested MIB objects for completeness and accuracy of the description. Requests for MIB objects that duplicate the functionality of existing objects SHOULD be declined. The smallest available OID SHOULD be assigned to new MIB objects. The specification of new MIB objects SHOULD follow the structure specified in Section 6 and MUST be published using a well-established and persistent publication medium. The experts will initially be drawn from the Working Group Chairs and document editors of the IPFIX and PSAMP Working Groups.11. Acknowledgments
This document is a product of the IPFIX Working Group. The authors would like to thank the following persons: Paul Aitken for his detailed review, Dan Romascanu and the MIB doctors, and many more, for the technical reviews and feedback.
12. References
12.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. Schoenwaelder, "Textual Conventions for Internet Network Addresses", RFC 4001, February 2005. [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB", RFC 2863, June 2000. [RFC3873] Pastor, J. and M. Belinchon, "Stream Control Transmission Protocol (SCTP) Management Information Base (MIB)", RFC 3873, September 2004. [RFC4133] Bierman, A. and K. McCloghrie, "Entity MIB (Version 3)", RFC 4133, August 2005. [RFC5101] Claise, B., "Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information", RFC 5101, January 2008. [RFC5102] Quittek, J., Bryant, S., Claise, B., Aitken, P., and J. Meyer, "Information Model for IP Flow Information Export", RFC 5102, January 2008. [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 5226, May 2008.
12.2. Informative References
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework", RFC 3410, December 2002. [RFC3917] Quittek, J., Zseby, T., Claise, B., and S. Zander, "Requirements for IP Flow Information Export (IPFIX)", RFC 3917, October 2004. [RFC5470] Sadasivan, G., Brownlee, N., Claise, B., and J. Quittek, "Architecture for IP Flow Information Export", RFC 5470, March 2009. [RFC5472] Zseby, T., Boschi, E., Brownlee, N., and B. Claise, "IP Flow Information Export (IPFIX) Applicability", RFC 5472, March 2009. [RFC5474] Duffield, N., Chiou, D., Claise, B., Greenberg, A., Grossglauser, M., and J. Rexford, "A Framework for Packet Selection and Reporting", RFC 5474, March 2009. [RFC5475] Zseby, T., Molina, M., Duffield, N., Niccolini, S., and F. Raspall, "Sampling and Filtering Techniques for IP Packet Selection", RFC 5475, March 2009. [RFC5476] Claise, B., Johnson, A., and J. Quittek, "Packet Sampling (PSAMP) Protocol Specifications", RFC 5476, March 2009.
Authors' Addresses
Thomas Dietz (editor) NEC Europe, Ltd. NEC Laboratories Europe Network Research Division Kurfuersten-Anlage 36 Heidelberg 69115 DE Phone: +49 6221 4342-128 EMail: Thomas.Dietz@nw.neclab.eu Atsushi Kobayashi NTT Information Sharing Platform Laboratories 3-9-11 Midori-cho Musashino-shi, Tokyo 180-8585 JA Phone: +81-422-59-3978 EMail: akoba@nttv6.net Benoit Claise Cisco Systems, Inc. De Kleetlaan 6a b1 Degem 1831 BE Phone: +32 2 704 5622 EMail: bclaise@cisco.com Gerhard Muenz Technische Universitaet Muenchen Department of Informatics Chair for Network Architectures and Services (I8) Boltzmannstr. 3 Garching 85748 DE Phone: +49 89 289-18008 EMail: muenz@net.in.tum.de URI: http://www.net.in.tum.de/~muenz