RFC 6850
Definitions of Managed Objects for Routing Bridges (RBridges)
Pages: 59
Proposed Standard
Proposed Standard
Part 3 of 3 – Pages 36 to 59
rbridgeEsadiEntry OBJECT-TYPE
SYNTAX RbridgeEsadiEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about an ESADI instance on a VLAN."
INDEX { rbridgeVlanIndex }
::= { rbridgeEsadiTable 1 }
RbridgeEsadiEntry ::=
SEQUENCE {
rbridgeEsadiEnable
TruthValue,
rbridgeEsadiConfidence
Unsigned32,
rbridgeEsadiDrbPriority
Unsigned32,
rbridgeEsadiDrb
RbridgeAddress,
rbridgeEsadiDrbHoldingTime
Unsigned32,
rbridgeEsadiRowStatus
RowStatus
}
rbridgeEsadiEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"If the RBridge is participating in an ESADI instance for
this VLAN, the value of this object is 'true'. To disable
participation, set it to 'false'.
The value of this object MUST be retained across
re-initializations of the management system."
REFERENCE
"RFC 6325, Section 4.2.5"
DEFVAL { true }
::= { rbridgeEsadiEntry 1 }
rbridgeEsadiConfidence OBJECT-TYPE
SYNTAX Unsigned32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Confidence level of address entries sent by this
ESADI instance. The default is 16.
The value of this object MUST be retained across
re-initializations of the management system."
REFERENCE
"RFC 6325, Section 4.2.5"
DEFVAL { 16 }
::= { rbridgeEsadiEntry 2 }
rbridgeEsadiDrbPriority OBJECT-TYPE
SYNTAX Unsigned32 (0..127)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The priority of this RBridge for being selected as the
DRB for this ESADI instance.
The value of this object MUST be retained across
re-initializations of the management system."
REFERENCE
"RFC 6325, Section 4.2.5"
::= { rbridgeEsadiEntry 3 }
rbridgeEsadiDrb OBJECT-TYPE
SYNTAX RbridgeAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The DRB on this ESADI instance's virtual link."
REFERENCE
"RFC 6325, Section 4.2.5"
::= { rbridgeEsadiEntry 4 }
rbridgeEsadiDrbHoldingTime OBJECT-TYPE
SYNTAX Unsigned32 (0..127)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The holding time for this ESADI instance.
The value of this object MUST be retained across
re-initializations of the management system."
REFERENCE
"RFC 6325, Section 4.2.5"
::= { rbridgeEsadiEntry 5 }
rbridgeEsadiRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the status of the entry."
::= { rbridgeEsadiEntry 6 }
-- ---------------------------------------------------------- --
-- The RBridge IP Multicast Snooping Port Table
-- ---------------------------------------------------------- --
rbridgeSnoopingPortTable OBJECT-TYPE
SYNTAX SEQUENCE OF RbridgeSnoopingPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"For RBridges implementing IP Multicast Snooping,
information about ports on which the presence of IPv4
or IPv6 multicast routers has been detected."
REFERENCE
"RFC 6325, Section 4.7"
::= { rbridgeSnooping 1 }
rbridgeSnoopingPortEntry OBJECT-TYPE
SYNTAX RbridgeSnoopingPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about ports on which the presence of IPv4
or IPv6 multicast routers has been detected for a
VLAN."
INDEX { rbridgeBasePort, rbridgeVlanIndex }
::= { rbridgeSnoopingPortTable 1 }
RbridgeSnoopingPortEntry ::=
SEQUENCE {
rbridgeSnoopingPortAddrType
INTEGER
}
rbridgeSnoopingPortAddrType OBJECT-TYPE
SYNTAX INTEGER {
ipv4(1),
ipv6(2),
ipv4v6(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP address type of an IP multicast router detected
on this port and VLAN. If only IPv4 router(s)
are detected, the value returned is 'ipv4'. If only
IPv6 routers are detected, the value returned is
'ipv6'. If both IPv4 and IPv6 routers are detected on
this port and VLAN, the value returned is 'ipv4v6'."
REFERENCE
"RFC 6325, Section 4.7"
::= { rbridgeSnoopingPortEntry 1 }
-- ---------------------------------------------------------- --
-- The RBridge IP Multicast Snooping Address Table
-- ---------------------------------------------------------- --
rbridgeSnoopingAddrTable OBJECT-TYPE
SYNTAX SEQUENCE OF RbridgeSnoopingAddrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"For RBridges implementing IP Multicast Snooping,
information about IP multicast addresses being
snooped."
REFERENCE
"RFC 6325, Section 4.8"
::= { rbridgeSnooping 2 }
rbridgeSnoopingAddrEntry OBJECT-TYPE
SYNTAX RbridgeSnoopingAddrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about IP multicast addresses being
snooped."
INDEX { rbridgeVlanIndex, rbridgeSnoopingAddrType,
rbridgeSnoopingAddr }
::= { rbridgeSnoopingAddrTable 1 }
RbridgeSnoopingAddrEntry ::=
SEQUENCE {
rbridgeSnoopingAddrType
InetAddressType,
rbridgeSnoopingAddr
InetAddress,
rbridgeSnoopingAddrPorts
PortList
}
rbridgeSnoopingAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The IP multicast address type for which a listener has been
detected by this RBridge. This MIB requires support for only
IPv4 and IPv6 address types."
REFERENCE
"RFC 6325, Section 4.7"
::= { rbridgeSnoopingAddrEntry 1 }
rbridgeSnoopingAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The IP multicast address for which a listener has been
detected by this RBridge. The address type of this object
is specified in rbridgeSnoopingAddrType. This MIB requires
support for only global IPv4 and IPv6 addresses, so the
length of the object can be either 4 or 16 bytes. Hence,
the index will not exceed the OID size limit."
REFERENCE
"RFC 6325, Section 4.7"
::= { rbridgeSnoopingAddrEntry 2 }
rbridgeSnoopingAddrPorts OBJECT-TYPE
SYNTAX PortList
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The set of ports on which a listener has been detected
for this IP multicast address."
REFERENCE
"RFC 6325, Section 4.7"
::= { rbridgeSnoopingAddrEntry 3 }
-- ---------------------------------------------------------- --
-- Distribution Trees
-- ---------------------------------------------------------- --
rbridgeDtreePriority OBJECT-TYPE
SYNTAX Unsigned32 (1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The distribution tree root priority for this RBridge.
The default value of this object is 32768.
The value of this object MUST be retained across
re-initializations of the management system."
REFERENCE
"RFC 6325, Section 4.5"
::= { rbridgeDtree 1 }
rbridgeDtreeActiveTrees OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of trees being computed by all RBridges
in the campus."
REFERENCE
"RFC 6325, Section 4.5"
::= { rbridgeDtree 2 }
rbridgeDtreeMaxTrees OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The maximum number of trees this RBridge can compute."
REFERENCE
"RFC 6325, Section 4.5"
::= { rbridgeDtree 3 }
rbridgeDtreeDesiredUseTrees OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The maximum number of trees this RBridge would like to
use for transmission of ingress multi-destination frames."
REFERENCE
"RFC 6325, Section 4.5"
::= { rbridgeDtree 4 }
rbridgeDtreeTable OBJECT-TYPE
SYNTAX SEQUENCE OF RbridgeDtreeEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about distribution trees being computed
by this RBridge."
REFERENCE
"RFC 6325, Section 4.5"
::= { rbridgeDtree 5 }
rbridgeDtreeEntry OBJECT-TYPE
SYNTAX RbridgeDtreeEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"List of information about distribution trees being computed
by this RBridge."
INDEX { rbridgeDtreeNumber }
::= { rbridgeDtreeTable 1 }
RbridgeDtreeEntry ::=
SEQUENCE {
rbridgeDtreeNumber
Unsigned32,
rbridgeDtreeNickname
RbridgeNickname,
rbridgeDtreeIngress
TruthValue
}
rbridgeDtreeNumber OBJECT-TYPE
SYNTAX Unsigned32 (0..65535)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The tree number of a distribution tree being computed by
this RBridge."
REFERENCE
"RFC 6325, Section 4.5"
::= { rbridgeDtreeEntry 1 }
rbridgeDtreeNickname OBJECT-TYPE
SYNTAX RbridgeNickname
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The nickname of the distribution tree."
REFERENCE
"RFC 6325, Section 4.5"
::= { rbridgeDtreeEntry 2 }
rbridgeDtreeIngress OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates whether this RBridge might choose this
distribution tree to ingress a multi-destination frame."
REFERENCE
"RFC 6325, Section 4.5"
::= { rbridgeDtreeEntry 3 }
-- ---------------------------------------------------------- --
-- TRILL Neighbor List
-- ---------------------------------------------------------- --
rbridgeTrillMinMtuDesired OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The desired minimum acceptable inter-RBridge link MTU for
the campus, that is, originatingLSPBufferSize.
The value of this object MUST be retained across
re-initializations of the management system."
REFERENCE
"RFC 6325, Section 4.3"
::= { rbridgeTrill 1 }
rbridgeTrillSz OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The minimum acceptable inter-RBridge link size for the
campus for the proper operation of TRILL IS-IS."
REFERENCE
"RFC 6325, Section 4.3"
::= { rbridgeTrill 2 }
rbridgeTrillMaxMtuProbes OBJECT-TYPE
SYNTAX Unsigned32 (1..255)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The number of failed MTU-probes before the RBridge
concludes that a particular MTU is not supported by
a neighbor.
The value of this object MUST be retained across
re-initializations of the management system."
REFERENCE
"RFC 6325, Section 4.3"
::= { rbridgeTrill 3 }
rbridgeTrillNbrTable OBJECT-TYPE
SYNTAX SEQUENCE OF RbridgeTrillNbrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about this RBridge's TRILL neighbors."
REFERENCE
"RFC 6325, Section 4.4.2.1"
::= { rbridgeTrill 4 }
rbridgeTrillNbrEntry OBJECT-TYPE
SYNTAX RbridgeTrillNbrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"List of information about this RBridge's TRILL neighbors."
INDEX { rbridgeTrillNbrMacAddr }
::= { rbridgeTrillNbrTable 1 }
RbridgeTrillNbrEntry ::=
SEQUENCE {
rbridgeTrillNbrMacAddr
MacAddress,
rbridgeTrillNbrMtu
Unsigned32,
rbridgeTrillNbrFailedMtuTest
TruthValue
}
rbridgeTrillNbrMacAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The MAC address of a neighbor of this RBridge."
REFERENCE
"RFC 6325, Section 4.4.2.1"
::= { rbridgeTrillNbrEntry 1 }
rbridgeTrillNbrMtu OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"MTU size for this neighbor for IS-IS communication
purposes."
REFERENCE
"RFC 6325, Section 4.3.2"
::= { rbridgeTrillNbrEntry 2 }
rbridgeTrillNbrFailedMtuTest OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"If true, indicates that the neighbor's tested MTU is less
than the minimum acceptable inter-bridge link MTU for the
campus (1470)."
REFERENCE
"RFC 6325, Section 4.3.1"
::= { rbridgeTrillNbrEntry 3 }
-- ---------------------------------------------------------- --
-- Notifications for use by RBridges
-- ---------------------------------------------------------- --
rbridgeBaseNewDrb NOTIFICATION-TYPE
-- OBJECTS { }
STATUS current
DESCRIPTION
"The rbridgeBaseNewDrb notification indicates that the
sending agent has become the new Designated RBridge; the
notification is sent by an RBridge soon after its election
as the new DRB root, e.g., upon expiration of the Topology
Change Timer, immediately subsequent to its election."
::= { rbridgeNotifications 1 }
rbridgeBaseTopologyChange NOTIFICATION-TYPE
-- OBJECTS { }
STATUS current
DESCRIPTION
"The rbridgeBaseTopologyChange notification is sent by an
RBridge when any of its configured ports transition to/from
the VLAN-x designated forwarder. The notification is not
sent if an rbridgeBaseNewDrb notification is sent for the
same transition."
::= { rbridgeNotifications 2 }
-- Compliance and Group sections
rbridgeCompliances OBJECT IDENTIFIER ::= { rbridgeConformance 1 }
rbridgeGroup OBJECT IDENTIFIER ::= { rbridgeConformance 2 }
-- ---------------------------------------------------------- --
-- Units of Conformance
-- ---------------------------------------------------------- --
rbridgeBaseGroup OBJECT-GROUP
OBJECTS {
rbridgeBaseTrillVersion,
rbridgeBaseNumPorts,
rbridgeBaseForwardDelay,
rbridgeBaseUniMultipathEnable,
rbridgeBaseMultiMultipathEnable,
rbridgeBaseAcceptEncapNonadj,
rbridgeBaseNicknameNumber
}
STATUS current
DESCRIPTION
"A collection of objects providing basic control
and status information for the RBridge."
::= { rbridgeGroup 1 }
rbridgeBaseNicknameGroup OBJECT-GROUP
OBJECTS {
rbridgeBaseNicknamePriority,
rbridgeBaseNicknameDtrPriority,
rbridgeBaseNicknameType,
rbridgeBaseNicknameRowStatus
}
STATUS current
DESCRIPTION
"A collection of objects providing basic control
and status information for RBridge nicknames."
::= { rbridgeGroup 2 }
rbridgeBasePortGroup OBJECT-GROUP
OBJECTS {
rbridgeBasePortIfIndex,
rbridgeBasePortDisable,
rbridgeBasePortTrunkPort,
rbridgeBasePortAccessPort,
rbridgeBasePortP2pHellos,
rbridgeBasePortState,
rbridgeBasePortDesiredDesigVlan,
rbridgeBasePortDesigVlan,
rbridgeBasePortInhibitionTime,
rbridgeBasePortDisableLearning,
rbridgeBasePortStpRoot,
rbridgeBasePortStpRootChanges,
rbridgeBasePortStpWiringCloset
}
STATUS current
DESCRIPTION
"A collection of objects providing basic control
and status information for RBridge ports."
::= { rbridgeGroup 3 }
rbridgeFdbGroup OBJECT-GROUP
OBJECTS {
rbridgeConfidenceNative,
rbridgeConfidenceDecap,
rbridgeConfidenceStatic,
rbridgeUniFdbPort,
rbridgeUniFdbNickname,
rbridgeUniFdbConfidence,
rbridgeUniFdbStatus
}
STATUS current
DESCRIPTION
"A collection of objects providing information
about the Unicast Address Database."
::= { rbridgeGroup 4 }
rbridgeFibGroup OBJECT-GROUP
OBJECTS {
rbridgeUniFibHopCount,
rbridgeMultiFibPorts
}
STATUS current
DESCRIPTION
"A collection of objects providing information
about the Unicast and Multicast FIBs."
::= { rbridgeGroup 5 }
rbridgeVlanGroup OBJECT-GROUP
OBJECTS {
rbridgeVlanForwarderLosts,
rbridgeVlanDisableLearning,
rbridgeVlanSnooping,
rbridgeVlanPortInhibited,
rbridgeVlanPortForwarder,
rbridgeVlanPortAnnouncing,
rbridgeVlanPortDetectedVlanMapping
}
STATUS current
DESCRIPTION
"A collection of objects providing information
about VLANs on the RBridge."
::= { rbridgeGroup 6 }
rbridgePortCounterGroup OBJECT-GROUP
OBJECTS {
rbridgePortRpfCheckFails,
rbridgePortHopCountExceeds,
rbridgePortOptionDrops,
rbridgePortTrillInFrames,
rbridgePortTrillOutFrames
}
STATUS current
DESCRIPTION
"A collection of objects providing per-port
counters for the RBridge."
::= { rbridgeGroup 7 }
rbridgeEsadiGroup OBJECT-GROUP
OBJECTS {
rbridgeEsadiEnable,
rbridgeEsadiConfidence,
rbridgeEsadiDrbPriority,
rbridgeEsadiDrb,
rbridgeEsadiDrbHoldingTime,
rbridgeEsadiRowStatus
}
STATUS current
DESCRIPTION
"A collection of objects providing information
about ESADI instances on the RBridge."
::= { rbridgeGroup 8 }
rbridgeSnoopingGroup OBJECT-GROUP
OBJECTS {
rbridgeSnoopingPortAddrType,
rbridgeSnoopingAddrPorts
}
STATUS current
DESCRIPTION
"A collection of objects providing information about
IP Multicast Snooping. This MIB requires support for
only global IPv4 and IPv6 address types in
rbridgeSnoopingPortAddrType and rbridgeSnoopingAddrType,
so the length of rbridgeSnoopingAddr can be either 4 or
16 bytes."
::= { rbridgeGroup 9 }
rbridgeDtreeGroup OBJECT-GROUP
OBJECTS {
rbridgeDtreePriority,
rbridgeDtreeActiveTrees,
rbridgeDtreeMaxTrees,
rbridgeDtreeDesiredUseTrees,
rbridgeDtreeNickname,
rbridgeDtreeIngress
}
STATUS current
DESCRIPTION
"A collection of objects providing information
about distribution trees."
::= { rbridgeGroup 10 }
rbridgeTrillGroup OBJECT-GROUP
OBJECTS {
rbridgeTrillMinMtuDesired,
rbridgeTrillSz,
rbridgeTrillMaxMtuProbes,
rbridgeTrillNbrMtu,
rbridgeTrillNbrFailedMtuTest
}
STATUS current
DESCRIPTION
"A collection of objects providing information
about TRILL neighbors."
::= { rbridgeGroup 11 }
rbridgeNotificationGroup NOTIFICATION-GROUP
NOTIFICATIONS {
rbridgeBaseNewDrb,
rbridgeBaseTopologyChange
}
STATUS current
DESCRIPTION
"A collection of objects describing notifications (traps)."
::= { rbridgeGroup 12 }
-- ---------------------------------------------------------- --
-- Compliance Statement
-- ---------------------------------------------------------- --
rbridgeCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for support of RBridge
services."
MODULE
MANDATORY-GROUPS {
rbridgeBaseGroup,
rbridgeBaseNicknameGroup,
rbridgeBasePortGroup,
rbridgeFdbGroup,
rbridgeFibGroup,
rbridgeVlanGroup,
rbridgeDtreeGroup,
rbridgeTrillGroup,
rbridgeNotificationGroup
}
GROUP rbridgePortCounterGroup
DESCRIPTION
"Implementation of this group is optional."
GROUP rbridgeEsadiGroup
DESCRIPTION
"Implementation of this group is optional."
GROUP rbridgeSnoopingGroup
DESCRIPTION
"Implementation of this group is optional."
::= { rbridgeCompliances 1 }
rbridgeReadOnlyCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"When this MIB is implemented in read-only mode, then
the implementation can claim read-only compliance.
In that case, RBridge objects can be monitored but
cannot be configured with this implementation."
MODULE
MANDATORY-GROUPS {
rbridgeBaseGroup,
rbridgeBaseNicknameGroup,
rbridgeBasePortGroup,
rbridgeFdbGroup,
rbridgeFibGroup,
rbridgeVlanGroup,
rbridgeDtreeGroup,
rbridgeTrillGroup,
rbridgeNotificationGroup
}
OBJECT rbridgeBaseForwardDelay
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeBaseUniMultipathEnable
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeBaseMultiMultipathEnable
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeBaseAcceptEncapNonadj
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeBaseNicknameNumber
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeBaseNicknamePriority
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeBaseNicknameDtrPriority
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeBaseNicknameRowStatus
SYNTAX INTEGER { active(1) }
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required, and 'active' is the only
status that needs to be supported."
OBJECT rbridgeBasePortDisable
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeBasePortTrunkPort
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeBasePortAccessPort
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeBasePortP2pHellos
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeBasePortInhibitionTime
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeBasePortDisableLearning
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeBasePortDesiredDesigVlan
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeBasePortStpWiringCloset
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeConfidenceNative
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeConfidenceDecap
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeConfidenceStatic
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeVlanDisableLearning
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeVlanPortAnnouncing
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeEsadiEnable
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeEsadiConfidence
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeEsadiDrbPriority
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeEsadiDrbHoldingTime
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeEsadiRowStatus
SYNTAX INTEGER { active(1) }
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required, and 'active' is the only
status that needs to be supported."
OBJECT rbridgeDtreePriority
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeTrillMinMtuDesired
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT rbridgeTrillMaxMtuProbes
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
GROUP rbridgePortCounterGroup
DESCRIPTION
"Implementation of this group is optional."
GROUP rbridgeEsadiGroup
DESCRIPTION
"Implementation of this group is optional."
GROUP rbridgeSnoopingGroup
DESCRIPTION
"Implementation of this group is optional."
::= { rbridgeCompliances 2 }
END
8. Security Considerations
This MIB relates to a system that will provide network connectivity and packet-forwarding services. As such, improper manipulation of the objects represented by this MIB may result in denial of service to a large number of end-users. There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. These are the tables and objects and their sensitivity/vulnerability: The following tables and objects in the RBRIDGE-MIB can be manipulated to interfere with the operation of RBridges: o rbridgeBaseUniMultipathEnable affects the ability of the RBridge to route unicast traffic over multiple paths, and rbridgeBaseMultiMultipathEnable affects the ability of the RBridge to route multi-destination traffic over multiple paths. o rbridgeBasePortTable contains a number of objects that may affect network connectivity. Actions that may be triggered by manipulating objects in this table include disabling of an RBridge port, discarding of native packets, disabling learning, and others. o rbridgeEsadiTable contains objects that affect the operation of the ESADI protocol used for learning, and manipulation of the objects contained therein can be used to confuse the learning ability of RBridges. o rbridgeDtreePriority can affect computation of distribution trees within an RBridge campus, thereby affecting the forwarding of multi-destination traffic. o rbridgeTrillMinMtuDesired can affect the size of packets being used to exchange information between RBridges. Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over
the network via SNMP. For example, access to network topology and RBridge attributes can reveal information that should not be available to all users of the network. SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPsec), there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module. Implementations SHOULD provide the security features described by the SNMPv3 framework (see [RFC3410]), and implementations claiming compliance to the SNMPv3 standard MUST include full support for authentication and privacy via the User-based Security Model (USM) [RFC3414] with the AES cipher algorithm [RFC3826]. Implementations MAY also provide support for the Transport Security Model (TSM) [RFC5591] in combination with a secure transport such as SSH [RFC5592] or TLS/DTLS [RFC6353]. Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them. For other RBridge security considerations, see [RFC6325].9. IANA Considerations
The MIB module in this document uses the following IANA-assigned OBJECT IDENTIFIER value recorded in the SMI Numbers registry: Descriptor OBJECT IDENTIFIER value ---------- ----------------------- rbridgeMIB { mib-2 214 }10. Contributors
The authors would like to acknowledge the contributions of Donald Eastlake, Radia Perlman, Anoop Ghanwani, Dan Romascanu, Mahesh Akula, Sue Hares, and Joan Cucchiara.
11. References
11.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB", RFC 2863, June 2000. [RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", STD 62, RFC 3414, December 2002. [RFC3826] Blumenthal, U., Maino, F., and K. McCloghrie, "The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model", RFC 3826, June 2004. [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. Schoenwaelder, "Textual Conventions for Internet Network Addresses", RFC 4001, February 2005. [RFC4188] Norseth, K., Ed., and E. Bell, Ed., "Definitions of Managed Objects for Bridges", RFC 4188, September 2005. [RFC4363] Levi, D. and D. Harrington, "Definitions of Managed Objects for Bridges with Traffic Classes, Multicast Filtering, and Virtual LAN Extensions", RFC 4363, January 2006. [RFC4444] Parker, J., Ed., "Management Information Base for Intermediate System to Intermediate System (IS-IS)", RFC 4444, April 2006.
[RFC5591] Harrington, D. and W. Hardaker, "Transport Security Model for the Simple Network Management Protocol (SNMP)", RFC 5591, June 2009. [RFC5592] Harrington, D., Salowey, J., and W. Hardaker, "Secure Shell Transport Model for the Simple Network Management Protocol (SNMP)", RFC 5592, June 2009. [RFC6325] Perlman, R., Eastlake 3rd, D., Dutt, D., Gai, S., and A. Ghanwani, "Routing Bridges (RBridges): Base Protocol Specification", RFC 6325, July 2011. [RFC6353] Hardaker, W., "Transport Layer Security (TLS) Transport Model for the Simple Network Management Protocol (SNMP)", RFC 6353, July 2011.11.2. Informative References
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework", RFC 3410, December 2002. [RFC4663] Harrington, D., "Transferring MIB Work from IETF Bridge MIB WG to IEEE 802.1 WG", RFC 4663, September 2006. [RFC5556] Touch, J. and R. Perlman, "Transparent Interconnection of Lots of Links (TRILL): Problem and Applicability Statement", RFC 5556, May 2009.
Authors' Addresses
Anil Rijhsinghani Hewlett-Packard 153 Taylor St. Littleton, MA USA Phone: +1 508 323 1251 EMail: anil@charter.net Kate Zebrose HW Embedded 26 Josephine Ave. Somerville, MA USA Phone: +1 617 840 9673 EMail: zebrose@alum.mit.edu