RFC 7784
Transparent Interconnection of Lots of Links (TRILL) Operations, Administration, and Maintenance (OAM) MIB
Pages: 50
Proposed Standard
Proposed Standard
Part 3 of 3 – Pages 28 to 50
trillOamMepPtrChassisId OBJECT-TYPE
SYNTAX LldpChassisId
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The Chassis ID returned in the Sender ID TLV of the PTR, if
any. The format of this object is determined by the
value of the trillOamMepPtrChassisIdSubtype object."
REFERENCE "RFC 7455, Section 8.4.1"
::= { trillOamPtrEntry 16 }
trillOamMepPtrOrganizationSpecificTlv OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0 | 4..1500))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"All organization-specific TLVs returned in the PTR, if
any. Includes all octets including and following the TLV
Length field of each TLV, concatenated together."
REFERENCE "RFC 7455, Section 8.4.1"
::= { trillOamPtrEntry 17 }
trillOamMepPtrNextHopNicknames OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0 | 4..1500))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Next hop RBridge List TLV returned in the PTR, if
any. Includes all octets including and following the TLV
Length field of each TLV, concatenated together."
REFERENCE "RFC 7455, Section 8.4.1"
::= { trillOamPtrEntry 18 }
-- ******************************************************************
-- TRILL OAM Multi-destination Reply Table
-- ******************************************************************
trillOamMtvrTable OBJECT-TYPE
SYNTAX SEQUENCE OF TrillOamMtvrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table includes Multi-destination Reply objects and
operations for the TRILL OAM facilities described in
RFC 7455.
Each row in the table represents a Multi-destination Reply
Entry for the defined MEP and Transaction. This table uses
five indices. The first three indices are the indices of the
Maintenance Domain, MANET, and MEP tables. The fourth index
is the specific Transaction Identifier on the selected MEP.
The fifth index is the receive order of Multi-destination
replies.
Some writable objects in this table are only applicable in
certain cases (as described under each object), and attempts
to write values for them in other cases will be ignored."
REFERENCE "RFC 7455"
::= { trillOamMep 4 }
trillOamMtvrEntry OBJECT-TYPE
SYNTAX TrillOamMtvrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The conceptual row of trillOamMtvrTable."
INDEX {
dot1agCfmMdIndex,
dot1agCfmMaIndex,
dot1agCfmMepIdentifier,
trillOamMepPtrTransactionId,
trillOamMepMtvrReceiveOrder
}
::= { trillOamMtvrTable 1 }
TrillOamMtvrEntry ::= SEQUENCE {
trillOamMepMtvrTransactionId Unsigned32,
trillOamMepMtvrReceiveOrder Unsigned32,
trillOamMepMtvrFlag Unsigned32,
trillOamMepMtvrErrorCode Unsigned32,
trillOamMepMtvrLastEgressId Unsigned32,
trillOamMepMtvrIngress Dot1agCfmIngressActionFieldValue,
trillOamMepMtvrIngressMac MacAddress,
trillOamMepMtvrIngressPortIdSubtype LldpPortIdSubtype,
trillOamMepMtvrIngressPortId LldpPortId,
trillOamMepMtvrEgress Dot1agCfmEgressActionFieldValue,
trillOamMepMtvrEgressMac MacAddress,
trillOamMepMtvrEgressPortIdSubtype LldpPortIdSubtype,
trillOamMepMtvrEgressPortId LldpPortId,
trillOamMepMtvrChassisIdSubtype LldpChassisIdSubtype,
trillOamMepMtvrChassisId LldpChassisId,
trillOamMepMtvrOrganizationSpecificTlv OCTET STRING,
trillOamMepMtvrNextHopNicknames OCTET STRING,
trillOamMepMtvrReceiverAvailability TruthValue,
trillOamMepMtvrReceiverCount TruthValue
}
trillOamMepMtvrTransactionId OBJECT-TYPE
SYNTAX Unsigned32 (0..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Sequence Number / Transaction Identifier returned by a
previously transmitted Multi-destination message command
indicating which MTVM's response is going to be returned."
REFERENCE "RFC 7455, Section 11"
::= { trillOamMtvrEntry 1 }
trillOamMepMtvrReceiveOrder OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An index to distinguish among multiple MTVRs with same MTVR
Transaction Identifier field value.
trillOamMepMtvrReceiveOrder is assigned sequentially from 1,
in the order that the Multi-destination Tree Initiator
received the MTVRs."
REFERENCE "RFC 7455, Section 11"
::= { trillOamMtvrEntry 2 }
trillOamMepMtvrFlag OBJECT-TYPE
SYNTAX Unsigned32 (0..15)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"FCOI (TRILL OAM Message TLV) field value for a
returned MTVR."
REFERENCE "RFC 7455, Section 8.4.2"
::= { trillOamMtvrEntry 3 }
trillOamMepMtvrErrorCode OBJECT-TYPE
SYNTAX Unsigned32 (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Return Code and Return Sub-code value for a returned MTVR."
REFERENCE "RFC 7455, Section 8.4.2"
::= { trillOamMtvrEntry 4 }
trillOamMepMtvrLastEgressId OBJECT-TYPE
SYNTAX Unsigned32 (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"An Integer field holding the Last Egress Identifier returned
in the MTVR Upstream RBridge Nickname TLV of the MTVR. The
Last Egress Identifier identifies the Upstream Nickname."
REFERENCE "RFC 7455, Section 8.4.1"
::= { trillOamMtvrEntry 5 }
trillOamMepMtvrIngress OBJECT-TYPE
SYNTAX Dot1agCfmIngressActionFieldValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value returned in the Ingress Action field of
the MTVR. The value ingNoTlv(0) indicates that no
Reply Ingress TLV was returned in the MTVM."
REFERENCE "RFC 7455, Section 11.2.3"
::= { trillOamMtvrEntry 6 }
trillOamMepMtvrIngressMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"MAC address returned in the ingress MAC address field."
REFERENCE "RFC 7455, Section 8.4.1"
::= { trillOamMtvrEntry 7 }
trillOamMepMtvrIngressPortIdSubtype OBJECT-TYPE
SYNTAX LldpPortIdSubtype
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Ingress Port ID. The format of this object is
determined by the value of the
trillOamMepMtvrIngressPortIdSubtype object."
REFERENCE "RFC 7455, Section 8.4.1"
::= { trillOamMtvrEntry 8 }
trillOamMepMtvrIngressPortId OBJECT-TYPE
SYNTAX LldpPortId
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Ingress Port ID. The format of this object is determined by
the value of the trillOamMepMtvrIngressPortId object."
REFERENCE "RFC 7455, Section 8.4.1"
::= { trillOamMtvrEntry 9 }
trillOamMepMtvrEgress OBJECT-TYPE
SYNTAX Dot1agCfmEgressActionFieldValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value returned in the Egress Action field of the MTVR.
The value ingNoTlv(0) indicates that no Reply Egress TLV was
returned in the MTVR."
REFERENCE "RFC 7455, Section 8.4.1"
::= { trillOamMtvrEntry 10 }
trillOamMepMtvrEgressMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"MAC address returned in the egress MAC address field."
REFERENCE "RFC 7455, Section 8.4.1"
::= { trillOamMtvrEntry 11 }
trillOamMepMtvrEgressPortIdSubtype OBJECT-TYPE
SYNTAX LldpPortIdSubtype
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Egress Port ID. The format of this object is determined by
the value of the trillOamMepMtvrEgressPortIdSubtype object."
REFERENCE "RFC 7455, Section 8.4.1"
::= { trillOamMtvrEntry 12 }
trillOamMepMtvrEgressPortId OBJECT-TYPE
SYNTAX LldpPortId
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Egress Port ID. The format of this object is determined by
the value of the trillOamMepMtvrEgressPortId object."
REFERENCE "RFC 7455, Section 8.4.1"
::= { trillOamMtvrEntry 13 }
trillOamMepMtvrChassisIdSubtype OBJECT-TYPE
SYNTAX LldpChassisIdSubtype
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object specifies the format of the Chassis ID returned
in the Sender ID TLV of the MTVR, if any. This value is
meaningless if the trillOamMepMtvrChassisId has a
length of 0."
REFERENCE "RFC 7455, Section 8.4.1"
::= { trillOamMtvrEntry 14 }
trillOamMepMtvrChassisId OBJECT-TYPE
SYNTAX LldpChassisId
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The Chassis ID returned in the Sender ID TLV of the MTVR, if
any. The format of this object is determined by the
value of the trillOamMepMtvrChassisIdSubtype object."
REFERENCE "RFC 7455, Section 8.4.1"
::= { trillOamMtvrEntry 15 }
trillOamMepMtvrOrganizationSpecificTlv OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0 | 4..1500))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"All organization-specific TLVs returned in the MTVR, if
any. Includes all octets including and following the TLV
Length field of each TLV, concatenated together."
REFERENCE "RFC 7455, Section 8.4.1"
::= { trillOamMtvrEntry 16 }
trillOamMepMtvrNextHopNicknames OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0 | 4..1500))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Next hop RBridge List TLV returned in the PTR, if
any. Includes all octets including and following the TLV
Length field of each TLV, concatenated together."
REFERENCE "RFC 7455, Section 8.4.3"
::= { trillOamMtvrEntry 17 }
trillOamMepMtvrReceiverAvailability OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A value of true indicates that the MTVR response contained
Multicast receiver availability TLV."
REFERENCE "RFC 7455, Section 8.4.10"
::= { trillOamMtvrEntry 18 }
trillOamMepMtvrReceiverCount OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the number of multicast receivers available on
the responding RBridge on the VLAN specified by the
diagnostic VLAN."
REFERENCE "RFC 7455, Section 8.4.10"
::= { trillOamMtvrEntry 19 }
-- *****************************************************************
-- TRILL OAM MEP Database Table
-- *****************************************************************
trillOamMepDbTable OBJECT-TYPE
SYNTAX SEQUENCE OF TrillOamMepDbEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table is an extension of the dot1agCfmMepDbTable
and rows are automatically added to or deleted from
this table based upon row creation and destruction of the
dot1agCfmMepDbTable."
REFERENCE
"RFC 7455"
::= { trillOamMep 5 }
trillOamMepDbEntry OBJECT-TYPE
SYNTAX TrillOamMepDbEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The conceptual row of trillOamMepDbTable."
AUGMENTS {
dot1agCfmMepDbEntry
}
::= { trillOamMepDbTable 1 }
TrillOamMepDbEntry ::= SEQUENCE {
trillOamMepDbFlowIndex Unsigned32,
trillOamMepDbFlowEntropy OCTET STRING,
trillOamMepDbFlowState Dot1agCfmRemoteMepState,
trillOamMepDbFlowFailedOkTime TimeStamp,
trillOamMepDbRBridgeName Unsigned32,
trillOamMepDbLastGoodSeqNum Counter32
}
trillOamMepDbFlowIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object identifies the flow. If the Flow Identifier TLV
is received, then the index received can also be used."
REFERENCE "RFC 7455"
::= {trillOamMepDbEntry 1 }
trillOamMepDbFlowEntropy OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (96))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"96 byte Flow Entropy."
REFERENCE "RFC 7455, Section 3"
::= {trillOamMepDbEntry 2 }
trillOamMepDbFlowState OBJECT-TYPE
SYNTAX Dot1agCfmRemoteMepState
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The operational state of the remote MEP (flow-based)
IFF State machines. State Machine is running now per
flow."
REFERENCE "RFC 7455"
::= {trillOamMepDbEntry 3 }
trillOamMepDbFlowFailedOkTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The Time (sysUpTime) at which the Remote MEP flow state
machine last entered either the RMEP_FAILED or RMEP_OK
state."
REFERENCE "RFC 7455"
::= {trillOamMepDbEntry 4 }
trillOamMepDbRBridgeName OBJECT-TYPE
SYNTAX Unsigned32(0..65471)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Remote MEP RBridge Nickname."
REFERENCE "RFC 7455 and RFC 6325, Section 3"
::= {trillOamMepDbEntry 5 }
trillOamMepDbLastGoodSeqNum OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Last Sequence Number received."
REFERENCE "RFC 7455, Section 13.1"
::= {trillOamMepDbEntry 6}
-- ******************************************************************
-- TRILL OAM MIB NOTIFICATIONS (TRAPS)
-- This notification is sent to management entity whenever a
-- MEP loses/restores
-- contact with its peer flow MEPs
-- ******************************************************************
trillOamFaultAlarm NOTIFICATION-TYPE
OBJECTS { trillOamMepDbFlowState }
STATUS current
DESCRIPTION
"A MEP flow has a persistent defect condition.
A notification (fault alarm) is sent to the management
entity with the OID of the flow that has detected the fault.
The management entity receiving the notification can identify
the system from the network source address of the
notification and can identify the flow reporting the defect
by the indices in the OID of the trillOamMepFlowIndex and
trillOamFlowDefect variable in the notification:
dot1agCfmMdIndex - Also the index of the MEP's
Maintenance Domain table entry
(dot1agCfmMdTable).
dot1agCfmMaIndex - Also an index (with the MD table index)
of the MEP's Maintenance Association
network table entry
(dot1agCfmMaNetTable) and (with the MD
table index and component ID) of the
MEP's MA component table entry
(dot1agCfmMaCompTable).
dot1agCfmMepIdentifier - MEP Identifier and final index
into the MEP table (dot1agCfmMepTable).
trillOamMepFlowCfgIndex - Index identifies
indicates the specific flow for
the MEP"
REFERENCE "RFC 7455"
::= { trillOamNotifications 1 }
-- ******************************************************************
-- TRILL OAM MIB Module - Conformance Information
-- ******************************************************************
trillOamMibCompliances OBJECT IDENTIFIER
::= { trillOamMibConformance 1 }
trillOamMibGroups OBJECT IDENTIFIER
::= { trillOamMibConformance 2 }
-- ******************************************************************
-- TRILL OAM MIB Units of Conformance
-- ******************************************************************
trillOamMepMandatoryGroup OBJECT-GROUP
OBJECTS {
trillOamMepRName,
trillOamMepNextPtmTId,
trillOamMepNextMtvmTId,
trillOamMepPtrIn,
trillOamMepPtrInOutofOrder,
trillOamMepPtrOut,
trillOamMepMtvrIn,
trillOamMepMtvrInOutofOrder,
trillOamMepMtvrOut,
trillOamMepTxLbmDestRName,
trillOamMepTxLbmHC,
trillOamMepTxLbmReplyModeOob,
trillOamMepTransmitLbmReplyIp,
trillOamMepTxLbmFlowEntropy,
trillOamMepTxPtmDestRName,
trillOamMepTxPtmHC,
trillOamMepTxPtmReplyModeOob,
trillOamMepTransmitPtmReplyIp,
trillOamMepTxPtmFlowEntropy,
trillOamMepTxPtmStatus,
trillOamMepTxPtmResultOK,
trillOamMepTxPtmMessages,
trillOamMepTxPtmSeqNumber,
trillOamMepTxMtvmTree,
trillOamMepTxMtvmHC,
trillOamMepTxMtvmReplyModeOob,
trillOamMepTransmitMtvmReplyIp,
trillOamMepTxMtvmFlowEntropy,
trillOamMepTxMtvmStatus,
trillOamMepTxMtvmResultOK,
trillOamMepTxMtvmMessages,
trillOamMepTxMtvmSeqNumber,
trillOamMepTxMtvmScopeList,
trillOamMepDiscontinuityTime
}
STATUS current
DESCRIPTION
"Mandatory objects for the TRILL OAM MEP group."
::= { trillOamMibGroups 1 }
trillOamMepFlowCfgTableGroup OBJECT-GROUP
OBJECTS {
trillOamMepFlowCfgFlowEntropy,
trillOamMepFlowCfgDestRName,
trillOamMepFlowCfgFlowHC,
trillOamMepFlowCfgRowStatus
}
STATUS current
DESCRIPTION
"TRILL OAM MEP Flow Configuration objects group."
::= { trillOamMibGroups 2 }
trillOamPtrTableGroup OBJECT-GROUP
OBJECTS {
trillOamMepPtrHC,
trillOamMepPtrFlag,
trillOamMepPtrErrorCode,
trillOamMepPtrTerminalMep,
trillOamMepPtrLastEgressId,
trillOamMepPtrIngress,
trillOamMepPtrIngressMac,
trillOamMepPtrIngressPortIdSubtype,
trillOamMepPtrIngressPortId,
trillOamMepPtrEgress,
trillOamMepPtrEgressMac,
trillOamMepPtrEgressPortIdSubtype,
trillOamMepPtrEgressPortId,
trillOamMepPtrChassisIdSubtype,
trillOamMepPtrChassisId,
trillOamMepPtrOrganizationSpecificTlv,
trillOamMepPtrNextHopNicknames
}
STATUS current
DESCRIPTION
"TRILL OAM MEP PTR objects group."
::= { trillOamMibGroups 3 }
trillOamMtvrTableGroup OBJECT-GROUP
OBJECTS {
trillOamMepMtvrFlag,
trillOamMepMtvrErrorCode,
trillOamMepMtvrLastEgressId,
trillOamMepMtvrIngress,
trillOamMepMtvrIngressMac,
trillOamMepMtvrIngressPortIdSubtype,
trillOamMepMtvrIngressPortId,
trillOamMepMtvrEgress,
trillOamMepMtvrEgressMac,
trillOamMepMtvrEgressPortIdSubtype,
trillOamMepMtvrEgressPortId,
trillOamMepMtvrChassisIdSubtype,
trillOamMepMtvrChassisId,
trillOamMepMtvrOrganizationSpecificTlv,
trillOamMepMtvrNextHopNicknames,
trillOamMepMtvrReceiverAvailability,
trillOamMepMtvrReceiverCount
}
STATUS current
DESCRIPTION
"TRILL OAM MEP MTVR objects group."
::= { trillOamMibGroups 4 }
trillOamMepDbGroup OBJECT-GROUP
OBJECTS {
trillOamMepDbFlowIndex,
trillOamMepDbFlowEntropy,
trillOamMepDbFlowState,
trillOamMepDbFlowFailedOkTime,
trillOamMepDbRBridgeName,
trillOamMepDbLastGoodSeqNum
}
STATUS current
DESCRIPTION
"TRILL OAM MEP DB objects group."
::= { trillOamMibGroups 5 }
trillOamNotificationGroup NOTIFICATION-GROUP
NOTIFICATIONS { trillOamFaultAlarm }
STATUS current
DESCRIPTION
"A collection of objects describing notifications(traps)."
::= { trillOamMibGroups 6 }
-- ******************************************************************
-- TRILL OAM MIB Module Compliance Statements
-- ******************************************************************
trillOamMibCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for the TRILL OAM MIB."
MODULE -- this module
MANDATORY-GROUPS {
trillOamMepMandatoryGroup,
trillOamMepFlowCfgTableGroup,
trillOamPtrTableGroup,
trillOamMtvrTableGroup,
trillOamMepDbGroup,
trillOamNotificationGroup
}
::= { trillOamMibCompliances 1 }
-- Compliance requirement for read-only implementation.
trillOamMibReadOnlyCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"Compliance requirement for implementations that only
provide read-only support for TRILL-OAM-MIB.
Such devices can be monitored but cannot be configured
using this MIB module."
MODULE -- this module
MANDATORY-GROUPS {
trillOamMepMandatoryGroup,
trillOamMepFlowCfgTableGroup,
trillOamPtrTableGroup,
trillOamMtvrTableGroup,
trillOamMepDbGroup,
trillOamNotificationGroup
}
-- trillOamMepTable
OBJECT trillOamMepTxLbmDestRName
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxLbmHC
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxLbmReplyModeOob
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTransmitLbmReplyIp
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxLbmFlowEntropy
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxPtmDestRName
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxPtmHC
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxPtmReplyModeOob
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTransmitPtmReplyIp
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxPtmFlowEntropy
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxPtmStatus
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxPtmResultOK
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxPtmMessages
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxPtmSeqNumber
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxMtvmTree
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxMtvmHC
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxMtvmReplyModeOob
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTransmitMtvmReplyIp
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxMtvmFlowEntropy
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxMtvmStatus
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxMtvmResultOK
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxMtvmMessages
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxMtvmSeqNumber
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepTxMtvmScopeList
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
-- trillOamMepFlowCfgTable
OBJECT trillOamMepFlowCfgFlowEntropy
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepFlowCfgDestRName
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepFlowCfgFlowHC
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT trillOamMepFlowCfgRowStatus
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
::= { trillOamMibCompliances 2 }
END
8. Security Considerations
This MIB relates to a system that will provide network connectivity and packet-forwarding services. As such, improper manipulation of the objects represented by this MIB may result in denial of service to a large number of end users. There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection opens devices to attack. There are the tables and objects and their sensitivity/vulnerability: The following table and objects in the TRILL OAM MIB can be manipulated to interfere with the operation of RBridges by causing CPU use spikes: o trillOamMepTransmitLbmReplyIp allows the reply from a Loopback message to be transmitted to an IP address in the TLV, thus allowing replies to be sent to any system to cause denial of service. o trillOamMepTransmitPtmReplyIp allows the reply from a Path Trace message to be transmitted to an IP address in the TLV, thus allowing replies to be sent to any system to cause denial of service. o trillOamMepTxPtmMessages allows the generation of PTMs and can be used to generate lots of CPU-driven traffic. o trillOamMepTransmitMtvmReplyIp allows a from reply from an MTVM to be transmitted to an IP address in the TLV, thus allowing replies to be sent to any system to cause denial of service. o trillOamMepTxMtvmMessages allows the generation of MTVMs and can be used to generate lots of CPU-driven traffic. The following objects in the TRILL OAM MIB are read-create and can be manipulated to interfere with the OAM operations of RBridges. If the number of OAM frames generated in the network is high, this can cause a CPU spike on destination RBridges if control-plane policing is not properly implemented or configured on destination RBridges. o trillOamMepTxLbmHC is used to set the Maximum Hop Count for the LBM. As OAM frames don't leak out of the TRILL network, it has no side effects.
o trillOamMepTxLbmReplyModeOob is used to indicate whether the reply
is in or out of band. This object's vulnerability is covered as
part of trillOamMepTransmitLbmReplyIp.
o trillOamMepTxLbmFlowEntropy is used to indicate the customer flow
and find the exact path in the network. The creation of valid
flows is its intended purpose. If invalid flows are created on
vulnerable system, they will be dropped in forwarding.
o trillOamMepTxLbmDestRName is read-create, but it's not vulnerable
as invalid-name routes won't be present and will be rejected by
the OAM application as part of normal processing.
o trillOamMepTxPtmHC is used to set the Maximum Hop Count for the
PTM. As OAM frames don't leak out of the TRILL network, it has no
side effect.
o trillOamMepTxPtmReplyModeOob is used to indicate whether the reply
is in or out of band. This object's vulnerability is covered as
part of trillOamMepTransmitPtmReplyIp.
o trillOamMepTxPtmFlowEntropy is used to indicate the customer flow
and find the exact path in the network. Creation of valid flows
is its intended purpose. If invalid flows are created on
vulnerable systems, they will be dropped in forwarding.
o trillOamMepTxPtmDestRName is read-create, but it's not vulnerable
as invalid-name routes won't be present and will be rejected by
the OAM application as part of normal processing.
o trillOamMepTxPtmStatus is required for normal PTM operation.
o trillOamMepTxPtmResultOK is required for normal PTM operation.
o trillOamMepTxPtmSeqNumber is required for normal PTM operation.
o trillOamMepTxPtmMessages is required for normal PTM operation.
o trillOamMepTxMtvmTree is required for normal MTVM operation.
o trillOamMepTxMtvmHC is used to set the Maximum Hop Count for the
MTVM. As OAM frames don't leak out of the TRILL network, it has
no side effect
o trillOamMepTxMtvmReplyModeOob is used to indicate whether the
reply is in or out of band. This object's vulnerability is
covered as part of trillOamMepTransmitMtmReplyIp
o trillOamMepTxMtvmFlowEntropy is used to indicate the customer flow
and find the exact path in the network. Creation of valid flows
is its intended purpose. If invalid flows are created on
vulnerable systems, they will be dropped in forwarding.
o trillOamMepTxMtvmStatus is required for normal MTVM operation.
o trillOamMepTxMtvmResultOK, trillOamMepTxMtvmMessages,
trillOamMepTxMtvmSeqNumber, and trillOamMepTxMtvmScopeList are
required for normal MTVM operation.
trillOamMepTransmitLbmReplyIp, trillOamMepTransmitPtmReplyIp, and
trillOamMepTransmitMtvmReplyIp allow setting of the IP address to
which reports are sent; thus, it can be used for denial of service
for that IP.
Some of the readable objects in this MIB module (i.e., objects with a
MAX-ACCESS other than not-accessible) may be considered sensitive or
vulnerable in some network environments. It is thus important to
control even GET and/or NOTIFY access to these objects and possibly
to even encrypt the values of these objects when sending them over
the network via SNMP. For example, Path Trace messages expose the
unicast topology of the network and Multi-destination Tree
Verification Messages expose the multicast tree topology of the
network. This information should not be available to all users of
the network.
SNMP versions prior to SNMPv3 did not include adequate security.
Even if the network itself is secure (for example by using IPsec),
there is no control as to who on the secure network is allowed to
access and GET/SET (read/change/create/delete) the objects in this
MIB module.
Implementation should provide the security features described by the
SNMPv3 framework (see [RFC3410]), and implementations claiming
compliance to the SNMPv3 standard MUST include full support for
authentication and privacy via the User-based Security Model (USM)
[RFC3414] with the AES cipher algorithm [RFC3826]. Implementations
MAY also provide support for the Transport Security Model (TSM)
[RFC5591] in combination with a secure transport such as SSH
[RFC5592] or TLS/DTLS [RFC6353].
Further, deployment of SNMP versions prior to SNMPv3 is NOT
RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
enable cryptographic security. It is then a customer/operator
responsibility to ensure that the SNMP entity giving access to an
instance of this MIB module is properly configured to give only those
principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them.9. IANA Considerations
The MIB module in this document uses the following IANA-assigned OBJECT IDENTIFIER value recorded in the SMI Numbers registry: Descriptor OBJECT IDENTIFIER value ---------------------------------------- trillOamMIB { mib-2 238 }10. References
10.1. Normative References
[802.1Q] IEEE, "IEEE Standard for Local and metropolitan area networks -- Media Access Control (MAC) Bridges and Virtual Bridge Local Area Networks", IEEE Std 802.1Q-2011, DOI 10.1109/IEEESTD.2011.6009146. [IEEE8021-CFM-MIB] IEEE, "Connectivity Fault Management module for managing IEEE 802.1ag", IEEE 802.1ag, October 2008, <http://www.ieee802.org/1/files/public/MIBs/IEEE8021-CFM- MIB-200810150000Z.txt>. [LLDP-MIB] IEEE, "Management Information Base module for LLDP configuration, statistics, local system data and remote systems data components", IEEE 802.1AB, May 2005, <http://www.ieee802.org/1/files/public/MIBs/ LLDP-MIB-200505060000Z.txt>. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <http://www.rfc-editor.org/info/rfc2119>. [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, DOI 10.17487/RFC2578, April 1999, <http://www.rfc-editor.org/info/rfc2578>. [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD 58, RFC 2579, DOI 10.17487/RFC2579, April 1999, <http://www.rfc-editor.org/info/rfc2579>.
[RFC2580] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Conformance Statements for SMIv2", STD 58, RFC 2580, DOI 10.17487/RFC2580, April 1999, <http://www.rfc-editor.org/info/rfc2580>. [RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", STD 62, RFC 3414, DOI 10.17487/RFC3414, December 2002, <http://www.rfc-editor.org/info/rfc3414>. [RFC3826] Blumenthal, U., Maino, F., and K. McCloghrie, "The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model", RFC 3826, DOI 10.17487/RFC3826, June 2004, <http://www.rfc-editor.org/info/rfc3826>. [RFC5591] Harrington, D. and W. Hardaker, "Transport Security Model for the Simple Network Management Protocol (SNMP)", STD 78, RFC 5591, DOI 10.17487/RFC5591, June 2009, <http://www.rfc-editor.org/info/rfc5591>. [RFC5592] Harrington, D., Salowey, J., and W. Hardaker, "Secure Shell Transport Model for the Simple Network Management Protocol (SNMP)", RFC 5592, DOI 10.17487/RFC5592, June 2009, <http://www.rfc-editor.org/info/rfc5592>. [RFC6325] Perlman, R., Eastlake 3rd, D., Dutt, D., Gai, S., and A. Ghanwani, "Routing Bridges (RBridges): Base Protocol Specification", RFC 6325, DOI 10.17487/RFC6325, July 2011, <http://www.rfc-editor.org/info/rfc6325>. [RFC6353] Hardaker, W., "Transport Layer Security (TLS) Transport Model for the Simple Network Management Protocol (SNMP)", STD 78, RFC 6353, DOI 10.17487/RFC6353, July 2011, <http://www.rfc-editor.org/info/rfc6353>. [RFC7172] Eastlake 3rd, D., Zhang, M., Agarwal, P., Perlman, R., and D. Dutt, "Transparent Interconnection of Lots of Links (TRILL): Fine-Grained Labeling", RFC 7172, DOI 10.17487/RFC7172, May 2014, <http://www.rfc-editor.org/info/rfc7172>. [RFC7455] Senevirathne, T., Finn, N., Salam, S., Kumar, D., Eastlake 3rd, D., Aldrin, S., and Y. Li, "Transparent Interconnection of Lots of Links (TRILL): Fault Management", RFC 7455, DOI 10.17487/RFC7455, March 2015, <http://www.rfc-editor.org/info/rfc7455>.
10.2. Informative References
[Q.840.1] ITU-T, "Requirements and analysis for NMS-EMS management interface of Ethernet over Transport and Metro Ethernet Network (EoT/MEN)", Recommendation Q.840.1, March 2007. [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework", RFC 3410, DOI 10.17487/RFC3410, December 2002, <http://www.rfc-editor.org/info/rfc3410>. [RFC6905] Senevirathne, T., Bond, D., Aldrin, S., Li, Y., and R. Watve, "Requirements for Operations, Administration, and Maintenance (OAM) in Transparent Interconnection of Lots of Links (TRILL)", RFC 6905, DOI 10.17487/RFC6905, March 2013, <http://www.rfc-editor.org/info/rfc6905>. [RFC7174] Salam, S., Senevirathne, T., Aldrin, S., and D. Eastlake 3rd, "Transparent Interconnection of Lots of Links (TRILL) Operations, Administration, and Maintenance (OAM) Framework", RFC 7174, DOI 10.17487/RFC7174, May 2014, <http://www.rfc-editor.org/info/rfc7174>.
Acknowledgments
We wish to thank members of the IETF TRILL WG and the MIB Doctors for their comments and suggestions. Detailed comments were provided by Sam Aldrin, Donald Eastlake, Tom Taylor, and Harrie Hazewinkel.Authors' Addresses
Deepak Kumar Cisco 510 McCarthy Blvd. Milpitas, CA 95035 United States Phone : +1 408-853-9760 Email: dekumar@cisco.com Samer Salam Cisco 595 Burrard St. Suite 2123 Vancouver, BC V7X 1J1 Canada Email: ssalam@cisco.com Tissa Senevirathne Consultant Email: tsenevir@gmail.com