RFC 6475
Proxy Mobile IPv6 Management Information Base
pmip6TimestampLowerThanPrevAccepted OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of Proxy Binding Update messages rejected
by the local mobility anchor with status code in the
Binding Acknowledgement message indicating
'The timestamp value is lower than the previously
accepted value' (Code 157).
Discontinuities in the value of this counter can
occur at re-initialization of the management system,
and at other times as indicated by the value of
pmip6CounterDiscontinuityTime.
"
REFERENCE
"RFC 5213: Sections 5.5, 6.9.1.2, 8.9"
::= { pmip6BindingRegCounters 10 }
pmip6BcePbuPrefixSetDoNotMatch OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of Proxy Binding Update messages rejected
by the local mobility anchor with status code in the
Binding Acknowledgement message indicating
'All the home network prefixes listed in the Binding
Cache entry do not match all the prefixes in the
received Proxy Binding Update' (Code 159).
Discontinuities in the value of this counter can
occur at re-initialization of the management system,
and at other times as indicated by the value of
pmip6CounterDiscontinuityTime.
"
REFERENCE
"RFC 5213: Sections 5.4.1.1, 8.9"
::= { pmip6BindingRegCounters 11 }
pmip6InitialBindingRegistrations OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of Proxy Binding Update messages that
newly creates the Binding Cache entry.
Discontinuities in the value of this counter can
occur at re-initialization of the management system,
and at other times as indicated by the value of
pmip6CounterDiscontinuityTime.
"
REFERENCE
"RFC 5213: Sections 5.3.2"
::= { pmip6BindingRegCounters 12 }
pmip6BindingLifeTimeExtensionNoHandOff OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of Proxy Binding Update messages for
extending the binding lifetime, received from the
same mobile access gateway that last updated the
binding.
Discontinuities in the value of this counter can
occur at re-initialization of the management system,
and at other times as indicated by the value of
pmip6CounterDiscontinuityTime.
"
REFERENCE
"RFC 5213: Sections 5.3.3"
::= { pmip6BindingRegCounters 13 }
pmip6BindingLifeTimeExtensionAfterHandOff OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of Proxy Binding Update messages for
extending the binding lifetime, received from a new
mobile access gateway where the mobile node's
mobility session is handed off.
Discontinuities in the value of this counter can
occur at re-initialization of the management system,
and at other times as indicated by the value of
pmip6CounterDiscontinuityTime.
"
REFERENCE
"RFC 5213: Sections 5.3.4"
::= { pmip6BindingRegCounters 14 }
pmip6BindingDeRegistrations OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of Proxy Binding Update messages with
the lifetime value of zero.
Discontinuities in the value of this counter can
occur at re-initialization of the management system,
and at other times as indicated by the value of
pmip6CounterDiscontinuityTime.
"
REFERENCE
"RFC 5213: Sections 5.3.5"
::= { pmip6BindingRegCounters 15 }
pmip6BindingBindingAcks OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of Proxy Binding Acknowledgement
messages.
Discontinuities in the value of this counter can
occur at re-initialization of the management system,
and at other times as indicated by the value of
pmip6CounterDiscontinuityTime.
"
REFERENCE
"RFC 5213: Sections 5.3.5"
::= { pmip6BindingRegCounters 16 }
pmip6CounterDiscontinuityTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime on the most recent occasion
at which any one or more of this PMIPv6 entity's
global counters, viz., counters with OID prefix
'pmip6BindingRegCounters' suffered a discontinuity.
If no such discontinuities have occurred since the
last re-initialization of the local management
subsystem, then this object will have a zero value.
"
::= { pmip6BindingRegCounters 17 }
pmip6LmaStatus OBJECT-TYPE
SYNTAX INTEGER { enabled(1), disabled(2) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates whether the PMIPv6 local
mobility anchor function is enabled for the managed
entity.
Changing the status from enabled(1) to disabled(2)
will terminate the PMIPv6 local mobility anchor
function. On the other hand, changing the status
from disabled(2) to enabled(1) will start the PMIPv6
local mobility anchor function.
The value of this object MUST remain unchanged
across reboots of the managed entity.
"
DEFVAL { disabled }
::= { pmip6LmaSystem 1 }
pmip6LmaLMAATable OBJECT-TYPE
SYNTAX SEQUENCE OF Pmip6LmaLMAAEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table models the LMA Addresses configured
on the local mobility anchor. Each LMA Address acts as
a transport endpoint of the tunnel between the local
mobility anchor and the mobile access gateway and is
the transport endpoint of the tunnel between the local
mobility anchor and the mobile access gateway.
Entries in this table are not required to survive
a reboot of the managed entity.
"
REFERENCE
"RFC 5213: Sections 2.2, 5.6"
::= { pmip6LmaSystem 2 }
pmip6LmaLMAAEntry OBJECT-TYPE
SYNTAX Pmip6LmaLMAAEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This entry represents a conceptual row in the
LMAA table. It represents each LMAA on the
local mobility anchor.
Implementers need to be aware that if the total
number of octets in pmip6LmaLMAA exceeds 113,
then OIDs of column instances in this row will
have more than 128 sub-identifiers and cannot
be accessed using SNMPv1, SNMPv2c, or SNMPv3.
"
INDEX { pmip6LmaLMAAType, pmip6LmaLMAA }
::= { pmip6LmaLMAATable 1 }
Pmip6LmaLMAAEntry ::=
SEQUENCE {
pmip6LmaLMAAType InetAddressType,
pmip6LmaLMAA InetAddress,
pmip6LmaLMAAState INTEGER
}
pmip6LmaLMAAType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The InetAddressType of the pmip6LmaLMAA
that follows.
"
::= { pmip6LmaLMAAEntry 1 }
pmip6LmaLMAA OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The LMAA configured on the local mobility anchor.
The type of the address represented by this object
is specified by the corresponding
pmip6LmaLMAAType object.
"
REFERENCE
"RFC 5213: Sections 2.2, 5.6"
::= { pmip6LmaLMAAEntry 2 }
pmip6LmaLMAAState OBJECT-TYPE
SYNTAX INTEGER {
unknown(1),
activated(2),
tunneled(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates the state of the LMAA:
unknown -- The state of the LMAA
cannot be determined.
activated -- The LMAA is ready to establish
a tunnel.
tunneled -- The LMAA is used to set up the
bidirectional tunnel.
"
::= { pmip6LmaLMAAEntry 3 }
pmip6LmaMinDelayBeforeBCEDelete OBJECT-TYPE
SYNTAX Integer32 (1..65535)
UNITS "milliseconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This variable specifies the length of time in
milliseconds the local mobility anchor MUST wait before
it deletes a Binding Cache entry of a mobile node, upon
receiving a Proxy Binding Update message from a mobile
access gateway with a lifetime value of 0.
During this wait time, if the local mobility anchor
receives a Proxy Binding Update for the same mobility
binding, with a lifetime value greater than 0, then it
must update the Binding Cache entry with the accepted
binding values. By the end of this wait time, if the
local mobility anchor did not receive any valid Proxy
Binding Update message for that mobility binding, it
MUST delete the Binding Cache entry. This delay
essentially ensures that a mobile node's Binding Cache
entry is not deleted too quickly and allows some time
for the new mobile access gateway to complete the
signaling for the mobile node.
The default value for this variable is 10000
milliseconds.
"
REFERENCE
"RFC 5213: Sections 5.3.5, 9.1"
DEFVAL { 10000 }
::= { pmip6LmaConf 1 }
pmip6LmaMaxDelayBeforeNewBCEAssign OBJECT-TYPE
SYNTAX Integer32 (1..65535)
UNITS "milliseconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This variable specifies the length of time in
milliseconds the local mobility anchor MUST wait for
the de-registration message for an existing mobility
session before it decides to create a new mobility
session.
The default value for this variable is 1500
milliseconds. Note that there is a dependency between
this value and the values used in the retransmission
algorithm for Proxy Binding Updates. The
retransmissions need to happen before
MaxDelayBeforeNewBCEAssign runs out, as otherwise there
are situations where a de-registration from a previous
mobile access gateway may be lost, and the local
mobility anchor creates, needlessly, a new mobility
session and new prefixes for the mobile node. However,
this affects situations where there is no information
from the lower layers about the type of a handoff or
other parameters that can be used for identifying the
mobility session.
"
REFERENCE
"RFC 5213: Sections 5.4.1.2, 5.4.1.3, 9.1"
DEFVAL { 1500 }
::= { pmip6LmaConf 2 }
pmip6LmaTimestampValidityWindow OBJECT-TYPE
SYNTAX Integer32 (1..65535)
UNITS "milliseconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This variable specifies the maximum length of time
difference in milliseconds between the timestamp in the
received Proxy Binding Update message and the current
time of day on the local mobility anchor that is
allowed by the local mobility anchor for the received
message to be considered valid.
The default value for this variable is 300 milliseconds.
This variable must be adjusted to suit the deployments.
"
REFERENCE
"RFC 5213: Sections 5.5, 9.1"
DEFVAL { 300 }
::= { pmip6LmaConf 3 }
pmip6LmaMnIdentifierTable OBJECT-TYPE
SYNTAX SEQUENCE OF Pmip6LmaMnIdentifierEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table containing the identifiers of mobile nodes
served by the LMA.
Entries in this table are not required to survive
a reboot of the managed entity.
"
REFERENCE
"RFC 5213: Sections 2, 6.1"
::= { pmip6LmaConf 4 }
pmip6LmaMnIdentifierEntry OBJECT-TYPE
SYNTAX Pmip6LmaMnIdentifierEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the mobile node identifier table.
"
INDEX { pmip6BindingMnIndex
}
::= { pmip6LmaMnIdentifierTable 1 }
Pmip6LmaMnIdentifierEntry ::=
SEQUENCE {
pmip6LmaMnIdentifier Pmip6MnIdentifier
}
pmip6LmaMnIdentifier OBJECT-TYPE
SYNTAX Pmip6MnIdentifier
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The identity of a mobile node in the Proxy Mobile IPv6
domain.
"
REFERENCE
"RFC 5213: Section 2.2"
::= { pmip6LmaMnIdentifierEntry 1 }
pmip6LmaMnLLIdentifierTable OBJECT-TYPE
SYNTAX SEQUENCE OF Pmip6LmaMnLLIdentifierEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table containing the link-layer identifiers
of the interfaces of the mobile nodes served
by the LMA.
Entries in this table are not required to survive
a reboot of the managed entity.
"
REFERENCE
"RFC 5213: Sections 2, 6.1"
::= { pmip6LmaConf 5 }
pmip6LmaMnLLIdentifierEntry OBJECT-TYPE
SYNTAX Pmip6LmaMnLLIdentifierEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the mobile node link-layer identifier
table.
"
INDEX { pmip6BindingMnIndex, pmip6BindingMnLLIndex
}
::= { pmip6LmaMnLLIdentifierTable 1 }
Pmip6LmaMnLLIdentifierEntry ::=
SEQUENCE {
pmip6LmaMnLLIdentifier Pmip6MnLLIdentifier
}
pmip6LmaMnLLIdentifier OBJECT-TYPE
SYNTAX Pmip6MnLLIdentifier
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The link-layer identifier of the mobile node's
connected interface on the access link.
"
::= { pmip6LmaMnLLIdentifierEntry 1 }
pmip6LmaHomeNetworkPrefixTable OBJECT-TYPE
SYNTAX SEQUENCE OF Pmip6LmaHomeNetworkPrefixEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table representing the home network prefixes
assigned to the connected interfaces of all the
mobile nodes anchored at the LMA.
"
REFERENCE
"RFC 5213: Sections 2, 5.1, 5.2"
::= { pmip6LmaConf 6 }
pmip6LmaHomeNetworkPrefixEntry OBJECT-TYPE
SYNTAX Pmip6LmaHomeNetworkPrefixEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the home network prefixes table.
Implementers need to be aware that if the total
number of octets in pmip6LmaHomeNetworkPrefix
exceeds 111 then OIDs of column instances in this
row will have more than 128 sub-identifiers and
cannot be accessed using SNMPv1, SNMPv2c, or
SNMPv3.
"
INDEX { pmip6BindingMnIndex, pmip6BindingMnLLIndex,
pmip6LmaHomeNetworkPrefixType,
pmip6LmaHomeNetworkPrefix }
::= { pmip6LmaHomeNetworkPrefixTable 1 }
Pmip6LmaHomeNetworkPrefixEntry ::=
SEQUENCE {
pmip6LmaHomeNetworkPrefixType InetAddressType,
pmip6LmaHomeNetworkPrefix InetAddress,
pmip6LmaHomeNetworkPrefixLength InetAddressPrefixLength,
pmip6LmaHomeNetworkPrefixLifeTime Gauge32
}
pmip6LmaHomeNetworkPrefixType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The InetAddressType of the pmip6LmaHomeNetworkPrefix
that follows.
"
::= { pmip6LmaHomeNetworkPrefixEntry 1 }
pmip6LmaHomeNetworkPrefix OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The mobile network prefix that is delegated to the
mobile node. The type of the address represented by
this object is specified by the corresponding
pmip6LmaHomeNetworkPrefixType object.
"
REFERENCE
"RFC 5213: Section 2"
::= { pmip6LmaHomeNetworkPrefixEntry 2 }
pmip6LmaHomeNetworkPrefixLength OBJECT-TYPE
SYNTAX InetAddressPrefixLength
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The prefix length of the home network prefix.
"
::= { pmip6LmaHomeNetworkPrefixEntry 3 }
pmip6LmaHomeNetworkPrefixLifeTime OBJECT-TYPE
SYNTAX Gauge32
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The lifetime (in seconds) granted to the mobile
node for this registration.
"
REFERENCE
"RFC 5213: Section 5.3"
::= { pmip6LmaHomeNetworkPrefixEntry 4 }
--
-- pmip6Notifications
--
--
pmip6MagHomeTunnelEstablished NOTIFICATION-TYPE
OBJECTS {
pmip6MagBLTunnelIfIdentifier,
pmip6MagProxyCOAState
}
STATUS current
DESCRIPTION
"This notification is sent by the Proxy Mobile IPv6
entities every time the tunnel is established between
the local mobility anchor and mobile access gateway.
"
REFERENCE
"RFC 5213: Section 5.6.1"
::= { pmip6Notifications 1 }
pmip6MagHomeTunnelReleased NOTIFICATION-TYPE
OBJECTS {
pmip6MagBLTunnelIfIdentifier,
pmip6MagProxyCOAState
}
STATUS current
DESCRIPTION
"This notification is sent by the Proxy Mobile IPv6
entities every time the tunnel between the local
mobility anchor and mobile access gateway is released.
"
REFERENCE
"RFC 5213: Section 5.6.1"
::= { pmip6Notifications 2}
pmip6LmaHomeTunnelEstablished NOTIFICATION-TYPE
OBJECTS {
pmip6BindingTunnelIfIdentifier,
pmip6LmaLMAAState
}
STATUS current
DESCRIPTION
"This notification is sent by the Proxy Mobile IPv6
entities every time the tunnel is established between
the local mobility anchor and mobile access gateway.
"
REFERENCE
"RFC 5213: Section 5.6.1"
::= { pmip6Notifications 3 }
pmip6LmaHomeTunnelReleased NOTIFICATION-TYPE
OBJECTS {
pmip6BindingTunnelIfIdentifier,
pmip6LmaLMAAState
}
STATUS current
DESCRIPTION
"This notification is sent by the Proxy Mobile IPv6
entities every time the tunnel between the local
mobility anchor and mobile access gateway is released.
"
REFERENCE
"RFC 5213: Section 5.6.1"
::= { pmip6Notifications 4}
-- Conformance information
pmip6Groups OBJECT IDENTIFIER ::= { pmip6Conformance 1 }
pmip6Compliances OBJECT IDENTIFIER ::= { pmip6Conformance 2 }
-- Units of conformance
pmip6SystemGroup OBJECT-GROUP
OBJECTS {
pmip6Capabilities,
pmip6MobileNodeGeneratedTimestampInUse,
pmip6FixedMagLinkLocalAddressOnAllAccessLinksType,
pmip6FixedMagLinkLocalAddressOnAllAccessLinks,
pmip6FixedMagLinkLayerAddressOnAllAccessLinks
}
STATUS current
DESCRIPTION
" A collection of objects for basic PMIPv6
monitoring."
::= { pmip6Groups 1 }
pmip6BindingCacheGroup OBJECT-GROUP
OBJECTS {
pmip6BindingPBUFlag,
pmip6BindingMnIndex,
pmip6BindingMnLLIndex,
pmip6BindingMagLinkLocalAddressType,
pmip6BindingMagLinkLocalAddress,
pmip6BindingTunnelIfIdentifier,
pmip6BindingMnInterfaceATT,
pmip6BindingTimeRecentlyAccepted,
pmip6LmaMnIdentifier,
pmip6LmaMnLLIdentifier
}
STATUS current
DESCRIPTION
" A collection of objects for monitoring the
PMIPv6 extensions of the Binding Cache."
::= { pmip6Groups 2 }
pmip6StatsGroup OBJECT-GROUP
OBJECTS {
pmip6MissingMnIdentifierOption,
pmip6MagNotAuthorizedForProxyReg,
pmip6NotLMAForThisMobileNode,
pmip6ProxyRegNotEnabled,
pmip6MissingHomeNetworkPrefixOption,
pmip6MissingHandOffIndicatorOption,
pmip6MissingAccessTechTypeOption,
pmip6NotAuthorizedForHomeNetworkPrefix,
pmip6TimestampMismatch,
pmip6TimestampLowerThanPrevAccepted,
pmip6BcePbuPrefixSetDoNotMatch,
pmip6InitialBindingRegistrations,
pmip6BindingLifeTimeExtensionNoHandOff,
pmip6BindingLifeTimeExtensionAfterHandOff,
pmip6BindingDeRegistrations,
pmip6BindingBindingAcks,
pmip6CounterDiscontinuityTime
}
STATUS current
DESCRIPTION
" A collection of objects for basic PMIPv6
statistics monitoring.
"
::= { pmip6Groups 3 }
pmip6MagSystemGroup OBJECT-GROUP
OBJECTS {
pmip6MagStatus,
pmip6MagProxyCOAState
}
STATUS current
DESCRIPTION
" A collection of objects for monitoring the
PMIPv6-system-related objects on a mobile router."
::= { pmip6Groups 4 }
pmip6MagConfigurationGroup OBJECT-GROUP
OBJECTS {
pmip6MagHomeNetworkPrefixLength,
pmip6MagHomeNetworkPrefixLifeTime,
pmip6MagEnableMagLocalRouting
}
STATUS current
DESCRIPTION
" A collection of objects for monitoring the
configuration-related objects on a mobile access
gateway.
"
::= { pmip6Groups 5 }
pmip6MagRegistrationGroup OBJECT-GROUP
OBJECTS {
pmip6MagBLFlag,
pmip6MagBLMnIndex,
pmip6MagBLMnLLIndex,
pmip6MagBLMagLinkLocalAddressType,
pmip6MagBLMagLinkLocalAddress,
pmip6MagBLMagIfIdentifierToMn,
pmip6MagBLTunnelIfIdentifier,
pmip6MagBLMnInterfaceATT,
pmip6MagBLTimeRecentlyAccepted,
pmip6MagMnIdentifier,
pmip6MagMnLLIdentifier,
pmip6MagProfMnIdentifier,
pmip6MagProfMnLocalMobilityAnchorAddressType,
pmip6MagProfMnLocalMobilityAnchorAddress
}
STATUS current
DESCRIPTION
" A collection of objects for monitoring the
registration-related objects on a mobile access
gateway.
"
::= { pmip6Groups 6 }
pmip6LmaSystemGroup OBJECT-GROUP
OBJECTS {
pmip6LmaStatus,
pmip6LmaLMAAState
}
STATUS current
DESCRIPTION
" A collection of objects for monitoring the
system-related objects on an LMA."
::= { pmip6Groups 7 }
pmip6LmaConfigurationGroup OBJECT-GROUP
OBJECTS {
pmip6LmaMinDelayBeforeBCEDelete,
pmip6LmaMaxDelayBeforeNewBCEAssign,
pmip6LmaTimestampValidityWindow,
pmip6LmaHomeNetworkPrefixLength,
pmip6LmaHomeNetworkPrefixLifeTime
}
STATUS current
DESCRIPTION
" A collection of objects for Monitoring the
configuration-related objects on an LMA."
::= { pmip6Groups 8 }
pmip6MagNotificationGroup NOTIFICATION-GROUP
NOTIFICATIONS {
pmip6MagHomeTunnelEstablished,
pmip6MagHomeTunnelReleased
}
STATUS current
DESCRIPTION
"A collection of notifications from a home agent
or correspondent node to the Manager about the
tunnel status of the mobile router.
"
::= { pmip6Groups 9 }
pmip6LmaNotificationGroup NOTIFICATION-GROUP
NOTIFICATIONS {
pmip6LmaHomeTunnelEstablished,
pmip6LmaHomeTunnelReleased
}
STATUS current
DESCRIPTION
"A collection of notifications from a home agent
or correspondent node to the Manager about the
tunnel status of the mobile router.
"
::= { pmip6Groups 10 }
-- Compliance statements
pmip6CoreCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities
that implement the PMIPV6-MIB.
There are a number of INDEX objects that cannot be
represented in the form of OBJECT clauses in
SMIv2, but for which there are compliance
requirements, expressed in OBJECT clause form in
this description:
-- OBJECT pmip6BindingHomeAddressType
-- SYNTAX InetAddressType { ipv6(2) }
-- DESCRIPTION
-- This MIB module requires support for global
-- ipv6 addresses for the pmip6BindingHomeAddress
-- object.
--
"
MODULE -- this module
MANDATORY-GROUPS { pmip6SystemGroup
}
::= { pmip6Compliances 1 }
pmip6Compliance2 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities
that implement the PMIPV6-MIB.
"
MODULE -- this module
MANDATORY-GROUPS { pmip6SystemGroup,
pmip6BindingCacheGroup,
pmip6StatsGroup
}
::= { pmip6Compliances 2 }
pmip6CoreReadOnlyCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities
that implement the PMIPV6-MIB without support
for read-write (i.e., in read-only mode).
"
MODULE -- this module
MANDATORY-GROUPS { pmip6SystemGroup
}
OBJECT pmip6MobileNodeGeneratedTimestampInUse
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT pmip6FixedMagLinkLocalAddressOnAllAccessLinksType
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT pmip6FixedMagLinkLocalAddressOnAllAccessLinks
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT pmip6FixedMagLinkLayerAddressOnAllAccessLinks
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
::= { pmip6Compliances 3 }
pmip6ReadOnlyCompliance2 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities
that implement the PMIPV6-MIB without support
for read-write (i.e., in read-only mode).
"
MODULE -- this module
MANDATORY-GROUPS { pmip6SystemGroup,
pmip6BindingCacheGroup,
pmip6StatsGroup
}
OBJECT pmip6MobileNodeGeneratedTimestampInUse
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT pmip6FixedMagLinkLocalAddressOnAllAccessLinksType
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT pmip6FixedMagLinkLocalAddressOnAllAccessLinks
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT pmip6FixedMagLinkLayerAddressOnAllAccessLinks
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
::= { pmip6Compliances 4 }
pmip6MagCoreCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities
that implement the PMIPV6-MIB.
There are a number of INDEX objects that cannot be
represented in the form of OBJECT clauses in
SMIv2, but for which there are compliance
requirements, expressed in OBJECT clause form in
this description:
-- OBJECT pmip6MagProxyCOAType
-- SYNTAX InetAddressType { ipv6(2) }
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the pmip6MagProxyCOAType
-- object.
--
-- OBJECT pmip6MagProxyCOA
-- SYNTAX InetAddress (SIZE(16))
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the pmip6MagProxyCOA
-- object.
--
"
MODULE -- this module
MANDATORY-GROUPS { pmip6MagSystemGroup
}
::= { pmip6Compliances 5 }
pmip6MagCompliance2 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities that
implement the PMIPV6-MIB for monitoring configuration-
related information, registration details, and
statistics on a mobile access gateway.
There are a number of INDEX objects that cannot be
represented in the form of OBJECT clauses in
SMIv2, but for which there are compliance
requirements, expressed in OBJECT clause form in
this description:
-- OBJECT pmip6MagProxyCOAType
-- SYNTAX InetAddressType { ipv6(2) }
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the pmip6MagProxyCOA
-- object.
--
-- OBJECT pmip6MagProxyCOA
-- SYNTAX InetAddress (SIZE(16))
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the pmip6MagProxyCOAType
-- object.
--
-- OBJECT pmip6MagHomeNetworkPrefixType
-- SYNTAX InetAddressType { ipv6(2) }
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the
-- pmip6MagHomeNetworkPrefix object.
--
-- OBJECT pmip6MagHomeNetworkPrefix
-- SYNTAX InetAddress (SIZE(16))
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the
-- pmip6MagHomeNetworkPrefix object.
--
"
MODULE -- this module
MANDATORY-GROUPS { pmip6MagSystemGroup,
pmip6MagConfigurationGroup,
pmip6MagRegistrationGroup
}
::= { pmip6Compliances 6 }
pmip6MagCoreReadOnlyCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities
that implement the PMIPV6-MIB without support
for read-write (i.e., in read-only mode).
There are a number of INDEX objects that cannot be
represented in the form of OBJECT clauses in
SMIv2, but for which there are compliance
requirements, expressed in OBJECT clause form in
this description:
-- OBJECT pmip6MagProxyCOAType
-- SYNTAX InetAddressType { ipv6(2) }
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the pmip6MagProxyCOA
-- object.
--
-- OBJECT pmip6MagProxyCOA
-- SYNTAX InetAddress (SIZE(16))
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the pmip6MagProxyCOAType
-- object.
--
-- OBJECT pmip6MagHomeNetworkPrefixType
-- SYNTAX InetAddressType { ipv6(2) }
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the
-- pmip6MagHomeNetworkPrefix object.
--
"
MODULE -- this module
MANDATORY-GROUPS { pmip6MagSystemGroup
}
OBJECT pmip6MagStatus
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
::= { pmip6Compliances 7 }
pmip6MagReadOnlyCompliance2 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities that
implement the PMIPV6-MIB without support for read-
write (i.e., in read-only mode) and with support
for monitoring configuration-related information,
registration details, and statistics on a mobile
access gateway.
There are a number of INDEX objects that cannot be
represented in the form of OBJECT clauses in
SMIv2, but for which there are compliance
requirements, expressed in OBJECT clause form in
this description:
-- OBJECT pmip6MagProxyCOAType
-- SYNTAX InetAddressType { ipv6(2) }
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the pmip6MagProxyCOA
-- object.
--
-- OBJECT pmip6MagProxyCOA
-- SYNTAX InetAddress (SIZE(16))
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the pmip6MagProxyCOAType
-- object.
--
-- OBJECT pmip6MagHomeNetworkPrefixType
-- SYNTAX InetAddressType { ipv6(2) }
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the
-- pmip6MagHomeNetworkPrefix object.
--
-- OBJECT pmip6MagHomeNetworkPrefix
-- SYNTAX InetAddress (SIZE(16))
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the
-- pmip6MagHomeNetworkPrefix object.
--
"
MODULE -- this module
MANDATORY-GROUPS { pmip6MagSystemGroup,
pmip6MagConfigurationGroup,
pmip6MagRegistrationGroup
}
OBJECT pmip6MagStatus
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT pmip6MagEnableMagLocalRouting
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
::= { pmip6Compliances 8 }
pmip6LmaCoreCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities
that implement the PMIPV6-MIB.
There are a number of INDEX objects that cannot be
represented in the form of OBJECT clauses in
SMIv2, but for which there are compliance
requirements, expressed in OBJECT clause form in
this description:
-- OBJECT pmip6LmaLMAAType
-- SYNTAX InetAddressType { ipv6(2) }
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the pmip6LmaLMAA
-- object.
--
-- OBJECT pmip6LmaLMAA
-- SYNTAX InetAddress (SIZE(16))
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the pmip6LmaLMAA
-- object.
--
"
MODULE -- this module
MANDATORY-GROUPS { pmip6LmaSystemGroup
}
::= { pmip6Compliances 9 }
pmip6LmaCompliance2 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities that
implement the PMIPV6-MIB for monitoring configuration-
related information, registration details, and
statistics on a mobile access gateway.
There are a number of INDEX objects that cannot be
represented in the form of OBJECT clauses in
SMIv2, but for which there are compliance
requirements, expressed in OBJECT clause form in
this description:
-- OBJECT pmip6LmaLMAAType
-- SYNTAX InetAddressType { ipv6(2) }
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the pmip6LmaLMAA
-- object.
--
-- OBJECT pmip6LmaLMAA
-- SYNTAX InetAddress (SIZE(16))
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the pmip6LmaLMAA
-- object.
--
-- OBJECT pmip6LmaHomeNetworkPrefixType
-- SYNTAX InetAddressType { ipv6(2) }
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the
-- pmip6LmaHomeNetworkPrefix object.
--
-- OBJECT pmip6LmaHomeNetworkPrefix
-- SYNTAX InetAddress (SIZE(16))
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the
-- pmip6LmaHomeNetworkPrefix object.
--
"
MODULE -- this module
MANDATORY-GROUPS { pmip6LmaSystemGroup,
pmip6LmaConfigurationGroup
}
::= { pmip6Compliances 10 }
pmip6LmaReadOnlyCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities
that implement the PMIPV6-MIB.
There are a number of INDEX objects that cannot be
represented in the form of OBJECT clauses in
SMIv2, but for which there are compliance
requirements, expressed in OBJECT clause form in
this description:
-- OBJECT pmip6LmaLMAAType
-- SYNTAX InetAddressType { ipv6(2) }
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the pmip6LmaLMAA
-- object.
--
-- OBJECT pmip6LmaLMAA
-- SYNTAX InetAddress (SIZE(16))
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the pmip6LmaLMAA
-- object.
--
"
MODULE -- this module
MANDATORY-GROUPS { pmip6LmaSystemGroup
}
OBJECT pmip6LmaStatus
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
::= { pmip6Compliances 11 }
pmip6LmaReadOnlyCompliance2 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities that
implement the PMIPV6-MIB without support
for read-write (i.e., in read-only mode) and for
monitoring configuration-related information,
registration details, and statistics on a mobile
access gateway.
There are a number of INDEX objects that cannot be
represented in the form of OBJECT clauses in
SMIv2, but for which there are compliance
requirements, expressed in OBJECT clause form in
this description:
-- OBJECT pmip6LmaLMAAType
-- SYNTAX InetAddressType { ipv6(2) }
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the pmip6LmaLMAA
-- object.
--
-- OBJECT pmip6LmaLMAA
-- SYNTAX InetAddress (SIZE(16))
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the pmip6LmaLMAA
-- object.
--
-- OBJECT pmip6LmaHomeNetworkPrefixType
-- SYNTAX InetAddressType { ipv6(2) }
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the
-- pmip6LmaHomeNetworkPrefix object.
--
-- OBJECT pmip6LmaHomeNetworkPrefix
-- SYNTAX InetAddress (SIZE(16))
-- DESCRIPTION
-- This MIB module requires support for global
-- IPv6 addresses for the
-- pmip6LmaHomeNetworkPrefix object.
--
"
MODULE -- this module
MANDATORY-GROUPS { pmip6LmaSystemGroup,
pmip6LmaConfigurationGroup
}
OBJECT pmip6LmaStatus
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT pmip6LmaMinDelayBeforeBCEDelete
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT pmip6LmaMaxDelayBeforeNewBCEAssign
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT pmip6LmaTimestampValidityWindow
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT pmip6LmaHomeNetworkPrefixLifeTime
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
::= { pmip6Compliances 12 }
pmip6MagNotificationCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities that
implement the PMIPV6-MIB and support notification
from the mobile access gateway.
"
MODULE -- this module
MANDATORY-GROUPS { pmip6MagNotificationGroup
}
::= { pmip6Compliances 13 }
pmip6LmaNotificationCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities that
implement the PMIPV6-MIB and support notification
from the LMA.
"
MODULE -- this module
MANDATORY-GROUPS { pmip6LmaNotificationGroup
}
::={ pmip6Compliances 14 }
END
6. Security Considerations
There are a number of management objects defined in this MIB module
with a MAX-ACCESS clause of read-write. Such objects may be
considered sensitive or vulnerable in some network environments. The
support for SET operations in a non-secure environment without proper
protection can have a negative effect on network operations. These
are the tables and objects and the corresponding
sensitivity/vulnerability:
The value of the following objects is used to enable or disable
the PMIPv6 functionality on the corresponding PMIPv6 entity.
Access to these MOs may be abused to disrupt the communication
that depends on the PMIPv6 functionality.
pmip6MagStatus
pmip6LmaStatus
Access to the following MOs may be abused to misconfigure PMIPv6
entities and disrupt communications.
pmip6MobileNodeGeneratedTimestampInUse
pmip6FixedMagLinkLocalAddressOnAllAccessLinksType
pmip6FixedMagLinkLocalAddressOnAllAccessLinks
pmip6FixedMagLinkLayerAddressOnAllAccessLinks
pmip6MagEnableMagLocalRouting
pmip6MagHomeNetworkPrefixLifeTime
pmip6LmaMinDelayBeforeBCEDelete
pmip6LmaMaxDelayBeforeNewBCEAssign
pmip6LmaTimestampValidityWindow
pmip6LmaHomeNetworkPrefixLifeTime
Some of the readable objects in this MIB module (i.e., objects with a
MAX-ACCESS other than not-accessible) may be considered sensitive or
vulnerable in some network environments. It is thus important to
control even GET and/or NOTIFY access to these objects and possibly
to even encrypt the values of these objects when sending them over
the network via SNMP. These are the tables and objects and their
sensitivity/vulnerability:
The following address-related objects may be considered to be
particularly sensitive and/or private.
pmip6LmaHomeNetworkPrefixType
pmip6LmaHomeNetworkPrefix
pmip6LmaHomeNetworkPrefixLength
The following MN Identifier-related MOs may be used to identify
users. These may be considered to be sensitive and/or private.
pmip6MagMnIdentifier
pmip6MagMnLLIdentifier
pmip6LmaMnIdentifier
pmip6LmaMnLLIdentifier
pmip6MagProfMnIdentifier
SNMP versions prior to SNMPv3 did not include adequate security.
Even if the network itself is secure (for example by using IPsec),
even then, there is no control as to who on the secure network is
allowed to access and GET/SET (read/change/create/delete) the objects
in this MIB module.
It is RECOMMENDED that implementers consider the security features as
provided by the SNMPv3 framework (see [RFC3410], section 8),
including full support for the SNMPv3 cryptographic mechanisms (for
authentication and privacy).
Implementations MUST provide the security features described by the
SNMPv3 framework (see [RFC3410]), including full support for
authentication and privacy via the User-based Security Model (USM)
[RFC3414] with the AES cipher algorithm [RFC3826]. Implementations
MAY also provide support for the Transport Security Model (TSM)
[RFC5591] in combination with a secure transport such as SSH
[RFC5592] or TLS/DTLS [RFC6353].
Further, deployment of SNMP versions prior to SNMPv3 is NOT
RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
enable cryptographic security. It is then a customer/operator
responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them.7. IANA Considerations
IANA has assigned the following: 1. a base arc in the 'mib-2' (Standards Track) OID tree for the 'pmip6TCMIB' MODULE-IDENTITY defined in the PMIPV6-TC-MIB. 2. a base arc in the 'mib-2' (Standards Track) OID tree for the 'pmip6MIB' MODULE-IDENTITY defined in the PMIPV6-MIB.8. References
8.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. Schoenwaelder, "Textual Conventions for Internet Network Addresses", RFC 4001, February 2005. [RFC4283] Patel, A., Leung, K., Khalil, M., Akhtar, H., and K. Chowdhury, "Mobile Node Identifier Option for Mobile IPv6 (MIPv6)", RFC 4283, November 2005. [RFC4293] Routhier, S., Ed., "Management Information Base for the Internet Protocol (IP)", RFC 4293, April 2006. [RFC4295] Keeni, G., Koide, K., Nagami, K., and S. Gundavelli, "Mobile IPv6 Management Information Base", RFC 4295, April 2006.
[RFC5213] Gundavelli, S., Ed., Leung, K., Devarapalli, V., Chowdhury, K., and B. Patil, "Proxy Mobile IPv6", RFC 5213, August 2008. [RFC6275] Perkins, C., Ed., Johnson, D., and J. Arkko, "Mobility Support in IPv6", RFC 6275, July 2011.8.2. Informative References
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework", RFC 3410, December 2002. [RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", STD 62, RFC 3414, December 2002. [RFC3826] Blumenthal, U., Maino, F., and K. McCloghrie, "The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model", RFC 3826, June 2004. [RFC4831] Kempf, J., Ed., "Goals for Network-Based Localized Mobility Management (NETLMM)", RFC 4831, April 2007. [RFC5591] Harrington, D. and W. Hardaker, "Transport Security Model for the Simple Network Management Protocol (SNMP)", RFC 5591, June 2009. [RFC5592] Harrington, D., Salowey, J., and W. Hardaker, "Secure Shell Transport Model for the Simple Network Management Protocol (SNMP)", RFC 5592, June 2009. [RFC6353] Hardaker, W., "Transport Layer Security (TLS) Transport Model for the Simple Network Management Protocol (SNMP)", RFC 6353, July 2011.
9. Acknowledgements
The following individuals and groups have contributed to this document with discussions and comments: Adrian Farrel Dan Romascanu David Harrington Dirk von-Hugo Francis Dupont Harrie Hazewinkel Jari Arkko Sean Turner Stephen Farrell Vincent Roca WIDE Project netman-WG
Authors' Addresses
Glenn Mansfield Keeni Cyber Solutions, Inc. 6-6-3 Minami Yoshinari Aoba-ku, Sendai 989-3204 Japan Phone: +81-22-303-4012 EMail: glenn@cysols.com Kazuhide Koide KDDI Corporation GARDEN AIR TOWER 3-10-10, Iidabashi Chiyoda-ku, Tokyo, 102-8460 Japan Phone: +81-3-6678-3378 EMail: ka-koide@kddi.com Sri Gundavelli Cisco Systems 170 W.Tasman Drive, San Jose, CA 95134 USA Phone: +1-408-527-6109 EMail: sgundave@cisco.com Ryuji Wakikawa TOYOTA InfoTechnology Center, U.S.A., Inc. 465 Bernardo Avenue Mountain View, CA 94043 USA EMail: ryuji@us.toyota-itc.com