Request for Comments: 8150
Category: Standards Track
ISSN: 2070-1721
IP Infusion
M. Venkatesan
Dell Technologies
D. King
Old Dog Consulting
S. Aldrin
Google, Inc.
J. Ryoo
ETRI
April 2017
MPLS Transport Profile Linear Protection MIB
Abstract
-
This memo defines a portion of the Management Information Base (MIB) for use with network management protocols. In particular, it defines objects for managing Multiprotocol Label Switching - Transport Profile (MPLS-TP) linear protection.
Status of This Memo
-
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841.
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc8150.
Copyright Notice
-
Copyright © 2017 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
Table of Contents
-
1. Introduction ....................................................3 2. The Internet-Standard Management Framework ......................3 3. Conventions .....................................................3 4. Overview ........................................................4 5. Structure of the MIB Module .....................................4 5.1. Textual Conventions ........................................4 5.2. The MPLS-TP Linear Protection Switching Subtree ............4 5.3. The Notifications Subtree ..................................5 5.4. The Table Structures .......................................5 6. Relationship to Other MIB Modules ...............................7 6.1. Relationship to the MPLS OAM Identifiers MIB Module ........7 7. Example of Protection Switching Configuration ...................7 8. Definitions .....................................................9 9. Security Considerations ........................................43 10. IANA Considerations ...........................................44 11. References ....................................................45 11.1. Normative References .....................................45 11.2. Informative References ...................................47 Acknowledgments ...................................................47 Contributors ......................................................47 Authors' Addresses ................................................48
1. Introduction
-
This memo defines a portion of the Management Information Base (MIB) for use with network management protocols. In particular, it defines objects for managing Multiprotocol Label Switching - Transport Profile (MPLS-TP) linear protection.
This MIB module should be used for configuring and managing MPLS-TP linear protection for MPLS-TP Label Switched Paths (LSPs).
At the time of this writing, Simple Network Management Protocol (SNMP) SET is no longer recommended as a way to configure MPLS networks as described in RFC 3812 [RFC3812]. However, since the MIB module specified in this document is intended to work in parallel with the MIB module for MPLS specified in [RFC3812] and the MIB module for MPLS-TP Operations, Administration, and Maintenance (OAM) identifiers in RFC 7697 [RFC7697], certain objects defined here are specified with a MAX-ACCESS clause of read-write or read-create so that specifications of the base tables in [RFC3812] and [RFC7697] and the new MIB module in this document are consistent.
2. The Internet-Standard Management Framework
-
For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410].
Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580].
3. Conventions
-
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14, RFC 2119 [RFC2119].
4. Overview
-
RFC 6378 [RFC6378] defines the protocol to provide a linear protection switching mechanism for MPLS-TP for a point-to-point LSP within the protection domain bounded by the endpoints of the LSP. RFC 7271 [RFC7271] describes alternative mechanisms to perform some of the functions defined in [RFC6378] and also defines additional mechanisms to provide operator control and experience that more closely model the behavior of linear protection seen in other transport networks. Two modes are defined for MPLS-TP linear protection switching: the Protection State Coordination (PSC) mode and the Automatic Protection Switching (APS) mode, as specified in [RFC6378] and [RFC7271], respectively. The detailed protocol specification of MPLS-TP linear protection is described in [RFC6378] and [RFC7271].
This document specifies a MIB module for Label Edge Routers (LERs) that support MPLS-TP linear protection as described in [RFC6378] and [RFC7271]. Objects defined in this document are generally applied to both the PSC mode and the APS mode. If an object is valid for a particular mode only, it is noted in the description for the object.
5. Structure of the MIB Module
5.1. Textual Conventions
-
The following new textual conventions are defined in this document:
- MplsLpsReq: This textual convention describes an object that stores the PSC Request field of the PSC control packet.
- MplsLpsFpathPath: This textual convention describes an object that stores the Fault Path (FPath) field and Data Path (Path) field of the PSC control packet.
- MplsLpsCommand: This textual convention describes an object that allows a user to perform any action over a protection domain.
- MplsLpsState: This textual convention describes an object that stores the current state of the PSC state machine.
5.2. The MPLS-TP Linear Protection Switching Subtree
-
MPLS-LPS-MIB is the MIB module defined in this document. It is rooted under the mplsStdMIB subtree per [RFC3811]. "LPS" as used in this document means "Linear Protection Switching".
5.3. The Notifications Subtree
-
Notifications are defined to inform the management station about switchovers, provisioning mismatches, and protocol failures of the linear protection domain. The following notifications are defined for this purpose:
- The notification mplsLpsEventSwitchover informs the management station about the switchover of the active path.
- The notification mplsLpsEventRevertiveMismatch informs the management station about a provisioning mismatch in the revertive mode across the endpoint of the protection domain.
- The notification mplsLpsEventProtecTypeMismatch informs the management station about a provisioning mismatch in the protection type, representing both the bridge type and the switching type, across the endpoint of the protection domain.
- The notification mplsLpsEventCapabilitiesMismatch informs the management station about a provisioning mismatch in Capabilities TLVs across the endpoint of the protection domain.
- The notification mplsLpsEventPathConfigMismatch informs the management station about a provisioning mismatch in the protection path configuration for PSC communication.
- The notification mplsLpsEventFopNoResponse informs the management station that protocol failure has occurred due to a lack of response to a traffic switchover request in 50 ms.
- The notification mplsLpsEventFopTimeout informs the management station that protocol failure has occurred because no protocol message was received during at least 3.5 times the long PSC message interval [RFC7271].
5.4. The Table Structures
-
The MPLS-TP linear protection MIB module has four tables. The tables are as follows:
- mplsLpsConfigTable
-
This table is used to configure MPLS-TP linear protection domains. An MPLS-TP linear protection domain (or a protection domain) is identified by mplsLpsConfigDomainIndex. A protection domain consists of two LERs, as well as the working path and protection path that connect the two LERs. The objects in this table are used to configure properties that are specific to the protection domain. Two Maintenance Entities (MEs) MUST be defined for each protection domain: one for the working path and the other for the protection path. Therefore, two entries in the mplsLpsMeConfigTable, which is for configuring the MEs used in protection switching, are associated to one entry in this table.
- mplsLpsStatusTable
-
This table provides the current status information of MPLS-TP linear protection domains that have been configured on the system. The entries in the mplsLpsStatusTable have an AUGMENTS relationship with the entries in the mplsLpsConfigTable. When a protection domain is configured or deleted in the mplsLpsConfigTable, then the corresponding row of that session in the mplsLpsStatusTable is automatically created or deleted, respectively.
- mplsLpsMeConfigTable
-
This table is used to associate MEs to the protection domain. Each protection domain requires two MEs. One entry in the mplsLpsConfigTable is associated with two entries in this table: one for the working path and the other for the protection path of the protection domain. The mplsLpsMeConfigPath object in this table indicates that the path is either the working path or the protection path. The ME is identified by mplsOamIdMegIndex, mplsOamIdMeIndex, and mplsOamIdMeMpIndex, which are the same index values as the entry in the mplsOamIdMeTable defined in [RFC7697]. The relationship to the mplsOamIdMeTable is described in Section 6.1.
- mplsLpsMeStatusTable
-
This table provides current information about the protection status of MEs that have been configured on the system. When an ME is configured or deleted in the mplsLpsMeConfigTable, then the corresponding row of that session in the mplsLpsMeStatusTable is automatically created or deleted, respectively.
6. Relationship to Other MIB Modules
6.1. Relationship to the MPLS OAM Identifiers MIB Module
-
Entries in the mplsOamIdMeTable [RFC7697] are extended by entries in the mplsLpsMeConfigTable. Note that the nature of the "extends" relationship is a sparse augmentation so that the entry in the mplsLpsMeConfigTable has the same index values as the entry in the mplsOamIdMeTable. Each time that an entry is created in the mplsOamIdMeTable for which the LER supports MPLS-TP linear protection, a row is created automatically in the mplsLpsMeConfigTable.
When a point-to-point transport path needs to be monitored, one ME is needed for the path and one entry in the mplsOamIdMeTable will be created. But the ME entry in the mplsOamIdMeTable may or may not participate in protection switching. If an ME participates in protection switching, an entry in the mplsLpsMeConfigTable MUST be created, and the objects in the entry indicate which protection domain this ME belongs to and whether this ME is for the working path or the protection path. If the ME does not participate in protection switching, an entry in the mplsLpsMeConfigTable does not need to be created.
7. Example of Protection Switching Configuration
-
This example considers the protection domain configuration on an LER to provide protection for a co-routed bidirectional MPLS tunnel. For the working path and protection path of the protection domain, two Maintenance Entity Groups (MEGs) need to be configured, and each MEG contains one ME for a point-to-point transport path. For more information on the mplsOamIdMegTable and the mplsOamIdMeTable, see [RFC7697].
Although the example described in this section shows a way to configure linear protection for MPLS-TP tunnels, this also indicates how the MIB values would be returned if they had been configured by alternative means.
The following table configures a protection domain.
In the mplsLpsConfigTable: mplsLpsConfigEntry ::= SEQUENCE { -- Protection domain index (index to the table) mplsLpsConfigDomainIndex = 3, -- Protection domain name mplsLpsConfigDomainName = "LPDomain3", mplsLpsConfigMode = psc(1), mplsLpsConfigProtectionType = oneColonOneBidirectional(2), -- Mandatory parameters needed to activate the row go here mplsLpsConfigRowStatus = createAndGo(4) }
The following table associates the MEs with the protection domain.
In the mplsLpsMeConfigTable: MplsLpsMeConfigEntry ::= SEQUENCE { -- MEG index (index to the table) mplsOamIdMegIndex = 1, -- ME index (index to the table) mplsOamIdMeIndex = 1, -- Maintenance Point (MP) index (index to the table) mplsOamIdMeMpIndex = 1, -- Protection domain this ME belongs to mplsLpsMeConfigDomain = 3, -- Configuration state mplsLpsMeConfigPath = working(1) } { -- MEG index (index to the table) mplsOamIdMegIndex = 2, -- ME index (index to the table) mplsOamIdMeIndex = 2, -- MP index (index to the table) mplsOamIdMeMpIndex = 2, -- Protection domain this ME belongs to mplsLpsMeConfigDomain = 3, -- Configuration state mplsLpsMeConfigPath = protection(2) }
8. Definitions
-
This MIB module makes reference to the following documents: [RFC2578], [RFC2579], [RFC2580], [RFC3289], [RFC3411], [RFC3811], [RFC6378], [RFC7271], [RFC7697], [G8121], and [G8151]. MPLS-LPS-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, NOTIFICATION-TYPE, OBJECT-TYPE, Counter32, Unsigned32 FROM SNMPv2-SMI -- RFC 2578 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF -- RFC 2580 TEXTUAL-CONVENTION, RowStatus, TimeStamp, StorageType, TruthValue FROM SNMPv2-TC -- RFC 2579
-
SnmpAdminString
FROM SNMP-FRAMEWORK-MIB -- RFC 3411
-
IndexIntegerNextFree
FROM DIFFSERV-MIB -- RFC 3289
-
mplsStdMIB
FROM MPLS-TC-STD-MIB -- RFC 3811
-
mplsOamIdMegIndex, mplsOamIdMeIndex, mplsOamIdMeMpIndex
FROM MPLS-OAM-ID-STD-MIB; -- RFC 7697
mplsLpsMIB MODULE-IDENTITY
LAST-UPDATED "201704040000Z" -- April 4, 2017 ORGANIZATION "Multiprotocol Label Switching (MPLS) Working Group" CONTACT-INFO " Kingston Smiler Selvaraj IP Infusion RMZ Centennial Mahadevapura Post Bangalore 560048 India Email: kingstonsmiler@gmail.com Venkatesan Mahalingam Dell Technologies 5450 Great America Parkway Santa Clara, CA 95054 United States of America Email: venkat.mahalingams@gmail.com Daniel King Old Dog Consulting United Kingdom Email: daniel@olddog.co.uk Sam Aldrin Google, Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043 United States of America Email: aldrin.ietf@gmail.com Jeong-dong Ryoo ETRI 218 Gajeong-ro Yuseong-gu, Daejeon 34129 South Korea Email: ryoo@etri.re.kr " DESCRIPTION "This MIB module supports the configuration and management of MPLS-TP linear protection domains.
-
Copyright © 2017 IETF Trust and the persons identified as authors of the code. All rights reserved.
Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info)."
REVISION
"201704040000Z" -- April 4, 2017 DESCRIPTION "MPLS-TP protection domain objects for LSP MEG End Points (MEPs)." ::= { mplsStdMIB 22 } -- Top-level components of this MIB module. -- Notifications mplsLpsNotifications OBJECT IDENTIFIER ::= { mplsLpsMIB 0 }
-
-- Tables, scalars
mplsLpsObjects
OBJECT IDENTIFIER ::= { mplsLpsMIB 1 }
-
-- Conformance
mplsLpsConformance
OBJECT IDENTIFIER ::= { mplsLpsMIB 2 }
MplsLpsReq ::= TEXTUAL-CONVENTION
STATUS current DESCRIPTION "This textual convention describes an object that stores the PSC Request field of the PSC control packet. The values are as follows:
-
-
noRequest
No RequestdoNotRevert
Do-not-RevertreverseRequest
Reverse Requestexercise
ExercisewaitToRestore
Wait-to-RestoremanualSwitch
Manual SwitchsignalDegrade
Signal Degrade (SD)signalFail
Signal Fail (SF)
forcedSwitch
Forced Switch
-
lockoutOfProtection Lockout of Protection." REFERENCE "Section 4.2.2 of RFC 6378 and Section 8 of RFC 7271" SYNTAX INTEGER { noRequest(0), doNotRevert(1), reverseRequest(2), exercise(3), waitToRestore(4), manualSwitch(5), signalDegrade(7), signalFail(10), forcedSwitch(12), lockoutOfProtection(14) }
MplsLpsFpathPath ::= TEXTUAL-CONVENTION
DISPLAY-HINT "1x:" STATUS current DESCRIPTION "This textual convention describes an object that stores the Fault Path (FPath) field and Data Path (Path) field of the PSC control packet.
-
-
FPath is located in the first octet, and Path is located in the second octet.
The value and the interpretation of the FPath field are as follows:
2-255
for future extensions1
the anomaly condition is on the working path0
the anomaly condition is on the protection pathThe value and the interpretation of the Path field are as follows:
2-255
for future extensions1
protection path is transporting user data traffic
-
0 protection path is not transporting user data traffic." REFERENCE "Sections 4.2.5 and 4.2.6 of RFC 6378" SYNTAX OCTET STRING (SIZE (2))
MplsLpsCommand ::= TEXTUAL-CONVENTION
STATUS current DESCRIPTION "This command allows a user to perform any action over a protection domain. If the protection command cannot be executed because a request of equal or higher priority is in effect, an inconsistentValue error is returned.
-
-
The command values are as follows:
noCmd
This value should be returned by a read request when no command has been written to the object in question since initialization. This value may not be used in a write operation. If noCmd is used in a write operation, a wrongValue error is returned.clear
Clears all of the commands listed below for the protection domain.lockoutOfProtection
Prevents switching traffic to the protection path.forcedSwitch
Switches traffic from the working path to the protection path.manualSwitchToWork
Switches traffic from the protection path to the working path.manualSwitchToProtect
Switches traffic from the working path to the protection path.exercise
Used to verify the correct operation of the PSC communication and the integrity of the protection path. This command is not applicable to the PSC mode.freeze
This command freezes the protection state and is a local command that is not signaled to the remote node. This command is not applicable to the PSC mode.
-
clearfreeze Clears the local freeze. This command is not applicable to the PSC mode." REFERENCE "Sections 3.1 and 3.2 of RFC 6378 and Sections 4.3 and 6 of RFC 7271" SYNTAX INTEGER { noCmd(1), clear(2), lockoutOfProtection(3), forcedSwitch(4), manualSwitchToWork(5), manualSwitchToProtect(6), exercise(7), freeze(8), clearfreeze(9) }
MplsLpsState ::= TEXTUAL-CONVENTION
STATUS current DESCRIPTION "This textual convention describes an object that stores the current state of the PSC state machine. The values are as follows:
-
-
normal
Normal state.unavLOlocal
Unavailable state due to local LO command.unavSFPlocal
Unavailable state due to local SF-P.unavSDPlocal
Unavailable state due to local SD-P.unavLOremote
Unavailable state due to remote LO message.unavSFPremote
Unavailable state due to remote SF-P message.unavSDPremote
Unavailable state due to remote SD-P message.protfailSFWlocal
Protecting Failure state due to local SF-W.protfailSDWlocal
Protecting Failure state due to local SD-W.protfailSFWremote
Protecting Failure state due to remote SF-W message.protfailSDWremote
Protecting Failure state due to remote SD-W message.switadmFSlocal
Switching Administrative state due to local FS command. Same as Protecting Administrative state due to local FS command in the PSC mode.switadmMSWlocal
Switching Administrative state due to local MS-W command.switadmMSPlocal
Switching Administrative state due to local MS-P command. Same as Protecting Administrative state due to local MS command in the PSC mode.switadmFSremote
Switching Administrative state due to remote FS message. Same as Protecting Administrative state due to remote FS message in the PSC mode.switadmMSWremote
Switching Administrative state due to remote MS-W message.switadmMSPremote
Switching Administrative state due to remote MS-P message. Same as Protecting Administrative state due to remote MS message in the PSC mode.wtr
Wait-to-Restore state.dnr
Do-not-Revert state.exerLocal
Exercise state due to local EXER command.
-
exerRemote Exercise state due to remote EXER message." REFERENCE "Sections 3 and 11 of RFC 7271" SYNTAX INTEGER { normal(1), unavLOlocal(2), unavSFPlocal(3), unavSDPlocal(4), unavLOremote(5), unavSFPremote(6), unavSDPremote(7), protfailSFWlocal(8), protfailSDWlocal(9), protfailSFWremote(10), protfailSDWremote(11), switadmFSlocal(12), switadmMSWlocal(13), switadmMSPlocal(14), switadmFSremote(15), switadmMSWremote(16), switadmMSPremote(17), wtr(18), dnr(19), exerLocal(20), exerRemote(21) } -- Start of -- MPLS-TP Linear Protection Switching Configuration Table. -- This table supports the addition, configuration, and deletion -- of MPLS-TP linear protection domains.
mplsLpsConfigDomainIndexNext OBJECT-TYPE
SYNTAX IndexIntegerNextFree (0..4294967295) MAX-ACCESS read-only STATUS current DESCRIPTION "This object contains an unused value for mplsLpsConfigDomainIndex, or a zero to indicate that the number of unassigned entries has been exhausted. Negative values are not allowed, as they do not correspond to valid values of mplsLpsConfigDomainIndex." ::= { mplsLpsObjects 1 }
mplsLpsConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF MplsLpsConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists the MPLS-TP linear protection domains that have been configured on the system. An entry is created by a network operator who wants to run the MPLS-TP linear protection protocol for the protection domain." ::= { mplsLpsObjects 2 }
mplsLpsConfigEntry OBJECT-TYPE
SYNTAX MplsLpsConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the mplsLpsConfigTable." INDEX { mplsLpsConfigDomainIndex } ::= { mplsLpsConfigTable 1 }
MplsLpsConfigEntry ::= SEQUENCE {
mplsLpsConfigDomainIndex Unsigned32, mplsLpsConfigDomainName SnmpAdminString, mplsLpsConfigMode INTEGER, mplsLpsConfigProtectionType INTEGER, mplsLpsConfigRevertive INTEGER, mplsLpsConfigSdThreshold Unsigned32, mplsLpsConfigSdBadSeconds Unsigned32, mplsLpsConfigSdGoodSeconds Unsigned32, mplsLpsConfigWaitToRestore Unsigned32, mplsLpsConfigHoldOff Unsigned32, mplsLpsConfigContinualTxInterval Unsigned32, mplsLpsConfigRapidTxInterval Unsigned32, mplsLpsConfigCommand MplsLpsCommand, mplsLpsConfigCreationTime TimeStamp, mplsLpsConfigRowStatus RowStatus, mplsLpsConfigStorageType StorageType }
mplsLpsConfigDomainIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Index for the conceptual row identifying a protection domain. Operators should obtain new values for row creation in this table by reading mplsLpsConfigDomainIndexNext. When the value of this object is the same as the value of mplsLpsMeConfigDomain, the mplsLpsMeConfigDomain is defined as either the working path or the protection path for this protection domain." ::= { mplsLpsConfigEntry 1 }
mplsLpsConfigDomainName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "Textual name that represents the MPLS-TP linear protection domain. It facilitates easy administrative identification of each protection domain." DEFVAL {""} ::= { mplsLpsConfigEntry 2 }
mplsLpsConfigMode OBJECT-TYPE
SYNTAX INTEGER { psc(1), aps(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The mode of the MPLS-TP linear protection mechanism. This can be either PSC or APS, as follows:
This object may not be modified if the associated
mplsLpsConfigRowStatus object is equal to active(1).
-
-
-
The value of this object is not supposed to be changed during operation. When the value should be changed, the protection processes in both LERs MUST be restarted with the same new value.
-
If this value is changed at one LER during operation, the LER will generate PSC packets with a new Capabilities TLV value. This will result in mplsLpsEventCapabilitiesMismatch notifications at both LERs." REFERENCE "Sections 9.2 and 10 of RFC 7271" DEFVAL {psc} ::= { mplsLpsConfigEntry 3 }
mplsLpsConfigProtectionType OBJECT-TYPE
SYNTAX INTEGER { onePlusOneUnidirectional(1), oneColonOneBidirectional(2), onePlusOneBidirectional(3) } MAX-ACCESS read-create STATUS current DESCRIPTION "The protection architecture type of the protection domain. This object represents both the bridge type, which can be either a permanent bridge (1+1) or a selector bridge (1:1); and the switching scheme, which can be either unidirectional or bidirectional.
-
-
1+1
In the 1+1 protection scheme, a fully dedicated protection path is allocated. Data traffic is copied and fed at the source to both the working path and the protection path. The traffic on the working path and protection path is transmitted simultaneously to the sink of the protection domain, where selection between the working path and the protection path is performed.1:1
In the 1:1 protection scheme, a protection path is allocated to protect against a defect, failure, or degradation on the working path. In normal conditions, data traffic is transmitted over the working path, while the protection path functions in the idle state. If there is a defect on the working path or a specific administrative request, traffic is switched to the protection path.bidirectional
In the bidirectional protection scheme, both directions will be switched simultaneously even if the fault applies to only one direction of the path.unidirectional
In the unidirectional protection scheme, protection switching will be performed independently for each direction of a bidirectional transport path.
-
-
This object may not be modified if the associated
mplsLpsConfigRowStatus object is equal to active(1)."
-
REFERENCE "Section 4.2.3 of RFC 6378" DEFVAL {oneColonOneBidirectional} ::= { mplsLpsConfigEntry 4 }
mplsLpsConfigRevertive OBJECT-TYPE
SYNTAX INTEGER { nonrevertive(1), revertive(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the reversion mode of the linear protection domain. The reversion mode of the protection mechanism may be either revertive or non-revertive.
-
-
nonrevertive
In the non-revertive mode, after a service has been recovered, traffic will be forwarded on the protection path.revertive
In the revertive mode, after a service has been recovered, traffic will be redirected back onto the original working path.
-
This object may not be modified if the associated mplsLpsConfigRowStatus object is equal to active(1)." REFERENCE "Section 4.2.4 of RFC 6378" DEFVAL { revertive } ::= { mplsLpsConfigEntry 5 }
mplsLpsConfigSdThreshold OBJECT-TYPE
SYNTAX Unsigned32 (0..100) MAX-ACCESS read-create STATUS current DESCRIPTION "This object holds the threshold value of the Signal Degrade (SD) defect in percent. In order to detect the SD defect, the MPLS-TP packet loss measurement (LM) is performed every second.
-
-
If either the packet loss is negative (i.e., there are more packets received than transmitted) or the packet loss ratio (lost packets/transmitted packets) in percent is greater than this threshold value, a Bad Second is declared. Otherwise, a Good Second is declared.
The SD defect is detected if there are mplsLpsConfigSdBadSeconds consecutive Bad Seconds and cleared if there are mplsLpsConfigSdGoodSeconds consecutive Good Seconds.
-
This object may be modified if the associated mplsLpsConfigRowStatus object is equal to active(1)." REFERENCE "Clause 6.1.3.3 of ITU-T Recommendation G.8121/Y.1381 and Table 8-1 of ITU-T Recommendation G.8151/Y.1374" DEFVAL { 30 } ::= { mplsLpsConfigEntry 6 }
mplsLpsConfigSdBadSeconds OBJECT-TYPE
SYNTAX Unsigned32 (2..10) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "This object holds the number of Bad Seconds to detect the SD.
-
-
If the number of consecutive Bad Seconds reaches this value, the SD defect is detected and used as an input to the protection switching process.
-
This object may be modified if the associated mplsLpsConfigRowStatus object is equal to active(1)." REFERENCE "Clause 6.1.3.3 of ITU-T Recommendation G.8121/Y.1381 and Table 8-1 of ITU-T Recommendation G.8151/Y.1374" DEFVAL { 10 } ::= { mplsLpsConfigEntry 7 }
mplsLpsConfigSdGoodSeconds OBJECT-TYPE
SYNTAX Unsigned32 (2..10) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "This object holds the number of Good Seconds to declare the clearance of an SD defect.
-
-
After an SD defect occurs on a path, if the number of consecutive Good Seconds reaches this value for the degraded path, the clearance of the SD defect is declared and used as an input to the protection switching process.
-
This object may be modified if the associated mplsLpsConfigRowStatus object is equal to active(1)." REFERENCE "Clause 6.1.3.3 of ITU-T Recommendation G.8121/Y.1381 and Table 8-1 of ITU-T Recommendation G.8151/Y.1374" DEFVAL { 10 } ::= { mplsLpsConfigEntry 8 }
mplsLpsConfigWaitToRestore OBJECT-TYPE
SYNTAX Unsigned32 (5..12) UNITS "minutes" MAX-ACCESS read-create STATUS current DESCRIPTION "This object holds the Wait-to-Restore timer value in minutes and can be configured in 1-minute intervals between 5 and 12 minutes.
-
-
The WTR timer is used to delay the reversion of the PSC state to the Normal state when recovering from a failure condition on the working path when the protection domain is configured for revertive behavior.
-
This object may not be modified if the associated mplsLpsConfigRowStatus object is equal to active(1)." REFERENCE "Section 3.5 of RFC 6378" DEFVAL { 5 } ::= { mplsLpsConfigEntry 9 }
mplsLpsConfigHoldOff OBJECT-TYPE
SYNTAX Unsigned32 (0..100) UNITS "deciseconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The hold-off time in deciseconds. Represents the time between SF/SD condition detection and declaration of an SF/SD request to the protection switching logic. It is intended to avoid unnecessary switching when a lower-layer protection mechanism is in place. Can be configured in intervals of 100 milliseconds.
-
-
When a new defect or a more severe defect occurs on the active path (the path from which the selector selects the user data traffic) and this value is non-zero, the hold-off timer will be started. A defect on the standby path (the path from which the selector does not select the user data traffic) does not trigger the start of the hold-off timer, as there is no need for a traffic switchover.
-
This object may not be modified if the associated mplsLpsConfigRowStatus object is equal to active(1)." REFERENCE "Section 3.1 of RFC 6378" DEFVAL { 0 } ::= { mplsLpsConfigEntry 10 }
mplsLpsConfigContinualTxInterval OBJECT-TYPE
SYNTAX Unsigned32 (1..20) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The Continual Tx Time in seconds. Represents the time interval to send the continual PSC packet to the other end, based on the current state. This object may not be modified if the associated mplsLpsConfigRowStatus object is equal to active(1)." REFERENCE "Section 4.1 of RFC 6378" DEFVAL { 5 } ::= { mplsLpsConfigEntry 11 }
mplsLpsConfigRapidTxInterval OBJECT-TYPE
SYNTAX Unsigned32 (1000..20000) UNITS "microseconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The Rapid Tx interval in microseconds. Represents the time interval to send the PSC packet to the other end, when there is a change in the state of the linear protection domain due to local input. The default value is 3.3 milliseconds (3300 microseconds). This object may not be modified if the associated mplsLpsConfigRowStatus object is equal to active(1)." REFERENCE "Section 4.1 of RFC 6378" DEFVAL { 3300 } ::= { mplsLpsConfigEntry 12 }
mplsLpsConfigCommand OBJECT-TYPE
SYNTAX MplsLpsCommand MAX-ACCESS read-create STATUS current DESCRIPTION "Allows the initiation of an operator command on the protection domain.
-
-
When read, this object returns the last command written or noCmd if no command has been written since initialization. The return of the last command written does not imply that this command is currently in effect. This request may have been preempted by a higher-priority local or remote request.
-
This object may be modified if the associated mplsLpsConfigRowStatus object is equal to active(1)." REFERENCE "Sections 3.1 and 3.2 of RFC 6378 and Sections 4.3 and 6 of RFC 7271" DEFVAL { noCmd } ::= { mplsLpsConfigEntry 13 }
mplsLpsConfigCreationTime OBJECT-TYPE
SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime at the time the row was created." ::= { mplsLpsConfigEntry 14 }
mplsLpsConfigRowStatus OBJECT-TYPE
SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the status of the MPLS-TP linear protection domain entry. This variable is used to create, modify, and/or delete a row in this table." ::= { mplsLpsConfigEntry 15 }
mplsLpsConfigStorageType OBJECT-TYPE
SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for this conceptual row. Conceptual rows having the value 'permanent' need not allow write access to any columnar objects in the row." DEFVAL { nonVolatile } ::= { mplsLpsConfigEntry 16 } -- -- MPLS-TP Linear Protection Switching Status Table. -- This table provides protection domain statistics. --
mplsLpsStatusTable OBJECT-TYPE
SYNTAX SEQUENCE OF MplsLpsStatusEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table provides status information about MPLS-TP linear protection domains that have been configured on the system." ::= { mplsLpsObjects 3 }
mplsLpsStatusEntry OBJECT-TYPE
SYNTAX MplsLpsStatusEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the mplsLpsStatusTable." AUGMENTS { mplsLpsConfigEntry } ::= { mplsLpsStatusTable 1 } MplsLpsStatusEntry ::= SEQUENCE { mplsLpsStatusState MplsLpsState, mplsLpsStatusReqRcv MplsLpsReq, mplsLpsStatusReqSent MplsLpsReq, mplsLpsStatusFpathPathRcv MplsLpsFpathPath, mplsLpsStatusFpathPathSent MplsLpsFpathPath, mplsLpsStatusRevertiveMismatch TruthValue, mplsLpsStatusProtecTypeMismatch TruthValue, mplsLpsStatusCapabilitiesMismatch TruthValue, mplsLpsStatusPathConfigMismatch TruthValue, mplsLpsStatusFopNoResponses Counter32, mplsLpsStatusFopTimeouts Counter32 }
mplsLpsStatusState OBJECT-TYPE
SYNTAX MplsLpsState MAX-ACCESS read-only STATUS current DESCRIPTION "The current state of the PSC state machine." REFERENCE "Section 11 of RFC 7271" ::= { mplsLpsStatusEntry 1 }
mplsLpsStatusReqRcv OBJECT-TYPE
SYNTAX MplsLpsReq MAX-ACCESS read-only STATUS current DESCRIPTION "The current value of the PSC Request field received on the most recent PSC packet." REFERENCE "Section 4.2 of RFC 6378" ::= { mplsLpsStatusEntry 2 }
mplsLpsStatusReqSent OBJECT-TYPE
SYNTAX MplsLpsReq MAX-ACCESS read-only STATUS current DESCRIPTION "The current value of the PSC Request field sent on the most recent PSC packet." REFERENCE "Section 4.2 of RFC 6378" ::= { mplsLpsStatusEntry 3 }
mplsLpsStatusFpathPathRcv OBJECT-TYPE
SYNTAX MplsLpsFpathPath MAX-ACCESS read-only STATUS current DESCRIPTION "The current value of the FPath and Path fields received on the most recent PSC packet." REFERENCE "Section 4.2 of RFC 6378" ::= { mplsLpsStatusEntry 4 }
mplsLpsStatusFpathPathSent OBJECT-TYPE
SYNTAX MplsLpsFpathPath MAX-ACCESS read-only STATUS current DESCRIPTION "The current value of the FPath and Path fields sent on the most recent PSC packet." REFERENCE "Section 4.2 of RFC 6378" ::= { mplsLpsStatusEntry 5 }
mplsLpsStatusRevertiveMismatch OBJECT-TYPE
SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates a provisioning mismatch in the revertive mode across the protection domain endpoints. The value of this object becomes true when a PSC message with an incompatible Revertive field is received or false when a PSC message with a compatible Revertive field is received." REFERENCE "Section 12 of RFC 7271" ::= { mplsLpsStatusEntry 6 }
mplsLpsStatusProtecTypeMismatch OBJECT-TYPE
SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates a provisioning mismatch in the protection type, representing both the bridge type and the switching type, across the protection domain endpoints. The value of this object becomes true when a PSC message with an incompatible Protection Type (PT) field is received or false when a PSC message with a compatible PT field is received." REFERENCE "Section 12 of RFC 7271" ::= { mplsLpsStatusEntry 7 }
mplsLpsStatusCapabilitiesMismatch OBJECT-TYPE
SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates a provisioning mismatch in Capabilities TLVs across the protection domain endpoints. The value of this object becomes true when a PSC message with an incompatible Capabilities TLV field is received or false when a PSC message with a compatible Capabilities TLV field is received. The Capabilities TLV with 0xF8000000 indicates that the APS mode is used for the MPLS-TP linear protection mechanism, whereas the PSC mode either (1) uses the Capabilities TLV with a value of 0x0 or (2) does not use the Capabilities TLV because the TLV does not exist." REFERENCE "Section 12 of RFC 7271" ::= { mplsLpsStatusEntry 8 }
mplsLpsStatusPathConfigMismatch OBJECT-TYPE
SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates a provisioning mismatch in the protection path configuration for PSC communication across the protection domain endpoints. The value of this object becomes true when a PSC message is received from the working path or false when a PSC message is received from the protection path." REFERENCE "Section 12 of RFC 7271" ::= { mplsLpsStatusEntry 9 }
mplsLpsStatusFopNoResponses OBJECT-TYPE
SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object holds the number of occurrences of protocol failure due to a lack of response to a traffic switchover request within 50 ms. When there is a traffic switchover due to a local request, a 50 ms timer is started to detect protocol failure due to no response. If there is no PSC message received with the same Path value as the Path value in the transmitted PSC message until the 50 ms timer expires, protocol failure due to no response occurs." REFERENCE "Section 12 of RFC 7271" ::= { mplsLpsStatusEntry 10 }
mplsLpsStatusFopTimeouts OBJECT-TYPE
SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object holds the number of occurrences of protocol failure due to no PSC message being received during at least 3.5 times the long PSC message interval. When no PSC message is received on the protection path during at least 3.5 times the long PSC message interval and there is no defect on the protection path, protocol failure due to no PSC message occurs." REFERENCE "Section 12 of RFC 7271" ::= { mplsLpsStatusEntry 11 }
-- MPLS-TP Linear Protection ME Association Configuration Table. -- This table supports the addition, configuration, and deletion -- of MPLS-TP linear protection MEs in protection domains.
mplsLpsMeConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF MplsLpsMeConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists ME associations that have been configured in protection domains." ::= { mplsLpsObjects 4 }
mplsLpsMeConfigEntry OBJECT-TYPE
SYNTAX MplsLpsMeConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the mplsLpsMeConfigTable. There is a sparse relationship between the conceptual rows of this table and the mplsOamIdMeTable.
-
-
Each time that an entry is created in the mplsOamIdMeTable for which the LER supports MPLS-TP linear protection, a row is created automatically in the mplsLpsMeConfigTable.
An entry in this table is related to a single entry in the mplsOamIdMeTable. When a point-to-point transport path needs to be monitored, one ME is needed for the path, and one entry in the mplsOamIdMeTable will be created. But the ME entry in the mplsOamIdMeTable may or may not participate in protection switching.
If an ME participates in protection switching, an entry in the mplsLpsMeConfigTable MUST be created, and the objects in the entry indicate which protection domain this ME belongs to and whether this ME is for the working path or the protection path.
-
If the ME does not participate in protection switching, an entry in the mplsLpsMeConfigTable does not need to be created." INDEX {mplsOamIdMegIndex, mplsOamIdMeIndex, mplsOamIdMeMpIndex} ::= { mplsLpsMeConfigTable 1 } MplsLpsMeConfigEntry ::= SEQUENCE { mplsLpsMeConfigDomain Unsigned32, mplsLpsMeConfigPath INTEGER }
mplsLpsMeConfigDomain OBJECT-TYPE
SYNTAX Unsigned32 (0..4294967295) MAX-ACCESS read-create STATUS current DESCRIPTION "This object holds the mplsLpsConfigDomainIndex value for the protection domain in which this ME is included. If this ME is not part of any protection domain, then this object contains the value 0. When the value of this object is the same as the value of mplsLpsConfigDomainIndex, the object is defined as either the working path or the protection path of the protection domain corresponding to mplsLpsConfigDomainIndex." DEFVAL { 0 } ::= { mplsLpsMeConfigEntry 1 }
mplsLpsMeConfigPath OBJECT-TYPE
SYNTAX INTEGER { working(1), protection(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents whether the ME is configured as the working path or the protection path." REFERENCE "Section 4.3 of RFC 6378" ::= { mplsLpsMeConfigEntry 2 } -- -- MPLS Linear Protection ME Status Table. -- This table provides protection switching ME statistics. --
mplsLpsMeStatusTable OBJECT-TYPE
SYNTAX SEQUENCE OF MplsLpsMeStatusEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains status information of all the MEs that are included in MPLS-TP linear protection domains." ::= { mplsLpsObjects 5 }
mplsLpsMeStatusEntry OBJECT-TYPE
SYNTAX MplsLpsMeStatusEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the mplsLpsMeStatusTable." AUGMENTS { mplsLpsMeConfigEntry } ::= { mplsLpsMeStatusTable 1 } MplsLpsMeStatusEntry ::= SEQUENCE { mplsLpsMeStatusCurrent BITS, mplsLpsMeStatusSignalDegrades Counter32, mplsLpsMeStatusSignalFailures Counter32, mplsLpsMeStatusSwitchovers Counter32, mplsLpsMeStatusLastSwitchover TimeStamp, mplsLpsMeStatusSwitchoverSeconds Counter32 }
mplsLpsMeStatusCurrent OBJECT-TYPE
SYNTAX BITS { localSelectTraffic(0), localSD(1), localSF(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the current state of the ME.
-
-
localSelectTraffic
This bit indicates that traffic is being selected from this ME.localSD
This bit implies that a local Signal Degrade condition is in effect on this ME/path.
-
localSF This bit implies that a local Signal Fail condition is in effect on this ME/path." REFERENCE "Section 4.3 of RFC 6378 and Section 7 of RFC 7271" ::= { mplsLpsMeStatusEntry 1 }
mplsLpsMeStatusSignalDegrades OBJECT-TYPE
SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Represents the count of Signal Degrade conditions. For the detection and clearance of Signal Degrade, see the description of mplsLpsConfigSdThreshold." REFERENCE "Section 7 of RFC 7271" ::= { mplsLpsMeStatusEntry 2 }
mplsLpsMeStatusSignalFailures OBJECT-TYPE
SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Represents the count of Signal Fail conditions. This condition occurs when the OAM running on this ME detects the Signal Fail event." REFERENCE "Section 4.3 of RFC 6378" ::= { mplsLpsMeStatusEntry 3 }
mplsLpsMeStatusSwitchovers OBJECT-TYPE
SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Represents the count of switchovers that happened in this ME.
When the mplsLpsMeConfigPath value is 'working', this object
will return the number of times that traffic has been
switched from this working path to the protection path.
-
When the mplsLpsMeConfigPath value is 'protection', this object will return the number of times that traffic has been switched back to the working path from this protection path." REFERENCE "Section 4.3 of RFC 6378" ::= { mplsLpsMeStatusEntry 4 }
mplsLpsMeStatusLastSwitchover OBJECT-TYPE
SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "This object holds the value of sysUpTime at the time that the last switchover happened.
-
-
When the mplsLpsMeConfigPath value is 'working', this object will return the value of sysUpTime when traffic was switched from this path to the protection path.
If traffic has never switched to the protection path, the value 0 will be returned.
-
When the mplsLpsMeConfigPath value is 'protection', this object will return the value of sysUpTime the last time that traffic was switched back to the working path from this path. If no traffic has ever switched back to the working path from this protection path, the value 0 will be returned." REFERENCE "Section 4.3 of RFC 6378" ::= { mplsLpsMeStatusEntry 5 }
mplsLpsMeStatusSwitchoverSeconds OBJECT-TYPE
SYNTAX Counter32 UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The cumulative Protection Switching Duration (PSD) time in seconds.
-
-
For the working path, this is the cumulative number of seconds that traffic was selected from the protection path.
-
For the protection path, this is the cumulative number of seconds that the working path has been used to select traffic." REFERENCE "Section 4.3 of RFC 6378" ::= { mplsLpsMeStatusEntry 6 }
mplsLpsNotificationEnable OBJECT-TYPE
SYNTAX BITS { switchover(0), revertiveMismatch(1), protecTypeMismatch(2), capabilitiesMismatch(3), pathConfigMismatch(4), fopNoResponse(5), fopTimeout(6) } MAX-ACCESS read-write STATUS current DESCRIPTION "Provides the ability to enable and disable notifications defined in this MIB module.
-
-
switchover
Indicates that mplsLpsEventSwitchover notifications should be generated.revertiveMismatch
Indicates that mplsLpsEventRevertiveMismatch notifications should be generated.protecTypeMismatch
Indicates that mplsLpsEventProtecTypeMismatch notifications should be generated.capabilitiesMismatch
Indicates that mplsLpsEventCapabilitiesMismatch notifications should be generated.pathConfigMismatch
Indicates that mplsLpsEventPathConfigMismatch notifications should be generated.fopNoResponse
Indicates that mplsLpsEventFopNoResponse notifications should be generated.
-
fopTimeout Indicates that mplsLpsEventFopTimeout notifications should be generated." REFERENCE "Section 12 of RFC 7271" DEFVAL { { } } ::= { mplsLpsObjects 6 }
-- MPLS Linear Protection EVENTS.
mplsLpsEventSwitchover NOTIFICATION-TYPE
OBJECTS { mplsLpsMeStatusSwitchovers, mplsLpsMeStatusCurrent } STATUS current DESCRIPTION "An mplsLpsEventSwitchover notification is sent when the value of an instance of mplsLpsMeStatusSwitchovers increments." ::= { mplsLpsNotifications 1 }
mplsLpsEventRevertiveMismatch NOTIFICATION-TYPE
OBJECTS { mplsLpsStatusRevertiveMismatch } STATUS current DESCRIPTION "An mplsLpsEventRevertiveMismatch notification is sent when the value of mplsLpsStatusRevertiveMismatch changes." ::= { mplsLpsNotifications 2 }
mplsLpsEventProtecTypeMismatch NOTIFICATION-TYPE
OBJECTS { mplsLpsStatusProtecTypeMismatch } STATUS current DESCRIPTION "An mplsLpsEventProtecTypeMismatch notification is sent when the value of mplsLpsStatusProtecTypeMismatch changes." ::= { mplsLpsNotifications 3 }
mplsLpsEventCapabilitiesMismatch NOTIFICATION-TYPE
OBJECTS { mplsLpsStatusCapabilitiesMismatch } STATUS current DESCRIPTION "An mplsLpsEventCapabilitiesMismatch notification is sent when the value of mplsLpsStatusCapabilitiesMismatch changes." ::= { mplsLpsNotifications 4 }
mplsLpsEventPathConfigMismatch NOTIFICATION-TYPE
OBJECTS { mplsLpsStatusPathConfigMismatch } STATUS current DESCRIPTION "An mplsLpsEventPathConfigMismatch notification is sent when the value of mplsLpsStatusPathConfigMismatch changes." ::= { mplsLpsNotifications 5 }
mplsLpsEventFopNoResponse NOTIFICATION-TYPE
OBJECTS { mplsLpsStatusFopNoResponses } STATUS current DESCRIPTION "An mplsLpsEventFopNoResponse notification is sent when the value of mplsLpsStatusFopNoResponses increments." ::= { mplsLpsNotifications 6 }
mplsLpsEventFopTimeout NOTIFICATION-TYPE
OBJECTS { mplsLpsStatusFopTimeouts } STATUS current DESCRIPTION "An mplsLpsEventFopTimeout notification is sent when the value of mplsLpsStatusFopTimeouts increments." ::= { mplsLpsNotifications 7 }
-- End of Notifications.
-- Module Compliance.
mplsLpsCompliances
OBJECT IDENTIFIER ::= { mplsLpsConformance 1 }
mplsLpsGroups
OBJECT IDENTIFIER ::= { mplsLpsConformance 2 }
-- Compliance requirement for fully compliant implementations.
mplsLpsModuleFullCompliance MODULE-COMPLIANCE
STATUS current DESCRIPTION "Compliance statement for agents that provide full support for the MPLS-LPS-MIB module. Such devices can provide linear protection and also be configured using this MIB module." MODULE -- this module MANDATORY-GROUPS { mplsLpsScalarGroup, mplsLpsTableGroup, mplsLpsMeTableGroup } GROUP mplsLpsNotificationGroup DESCRIPTION "This group is only mandatory for those implementations that can efficiently implement the notifications contained in this group." ::= { mplsLpsCompliances 1 }
-- Compliance requirement for read-only implementations.
mplsLpsModuleReadOnlyCompliance MODULE-COMPLIANCE
STATUS current DESCRIPTION "Compliance statement for agents that only provide read-only support for the MPLS-LPS-MIB module." MODULE -- this module MANDATORY-GROUPS { mplsLpsScalarGroup, mplsLpsTableGroup, mplsLpsMeTableGroup } GROUP mplsLpsNotificationGroup DESCRIPTION "This group is only mandatory for those implementations that can efficiently implement the notifications contained in this group." -- mplsLpsConfigTable OBJECT mplsLpsConfigMode MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsLpsConfigProtectionType MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsLpsConfigRevertive MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsLpsConfigSdThreshold MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsLpsConfigSdBadSeconds MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsLpsConfigSdGoodSeconds MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsLpsConfigWaitToRestore MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsLpsConfigContinualTxInterval MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsLpsConfigRapidTxInterval MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsLpsConfigCommand MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsLpsConfigRowStatus SYNTAX RowStatus { active(1) } MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsLpsConfigStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." -- mplsLpsMeConfigTable OBJECT mplsLpsMeConfigDomain MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mplsLpsMeConfigPath MIN-ACCESS read-only DESCRIPTION "Write access is not required." ::= { mplsLpsCompliances 2 }
-- Units of conformance.
mplsLpsScalarGroup OBJECT-GROUP
OBJECTS { mplsLpsConfigDomainIndexNext, mplsLpsNotificationEnable } STATUS current DESCRIPTION "Collection of objects needed for MPLS linear protection." ::= { mplsLpsGroups 1 }
mplsLpsTableGroup OBJECT-GROUP
-
OBJECTS {
mplsLpsConfigDomainName, mplsLpsConfigRowStatus, mplsLpsConfigMode, mplsLpsConfigProtectionType, mplsLpsConfigRevertive, mplsLpsConfigSdThreshold, mplsLpsConfigSdBadSeconds, mplsLpsConfigSdGoodSeconds, mplsLpsConfigWaitToRestore, mplsLpsConfigHoldOff, mplsLpsConfigContinualTxInterval, mplsLpsConfigRapidTxInterval, mplsLpsConfigCommand, mplsLpsConfigCreationTime, mplsLpsConfigStorageType, mplsLpsStatusState, mplsLpsStatusReqRcv, mplsLpsStatusReqSent, mplsLpsStatusFpathPathRcv, mplsLpsStatusFpathPathSent, mplsLpsStatusRevertiveMismatch, mplsLpsStatusProtecTypeMismatch, mplsLpsStatusCapabilitiesMismatch, mplsLpsStatusPathConfigMismatch, mplsLpsStatusFopNoResponses, mplsLpsStatusFopTimeouts } STATUS current DESCRIPTION "Collection of objects needed for MPLS linear protection configuration and statistics." ::= { mplsLpsGroups 2 }
mplsLpsMeTableGroup OBJECT-GROUP
OBJECTS { mplsLpsMeConfigDomain, mplsLpsMeConfigPath, mplsLpsMeStatusCurrent, mplsLpsMeStatusSignalDegrades, mplsLpsMeStatusSignalFailures, mplsLpsMeStatusSwitchovers, mplsLpsMeStatusLastSwitchover, mplsLpsMeStatusSwitchoverSeconds } STATUS current DESCRIPTION "Collection of objects needed for MPLS linear protection ME configuration and statistics." ::= { mplsLpsGroups 3 }
mplsLpsNotificationGroup NOTIFICATION-GROUP
NOTIFICATIONS { mplsLpsEventSwitchover, mplsLpsEventRevertiveMismatch, mplsLpsEventProtecTypeMismatch, mplsLpsEventCapabilitiesMismatch, mplsLpsEventPathConfigMismatch, mplsLpsEventFopNoResponse, mplsLpsEventFopTimeout } STATUS current DESCRIPTION "Collection of objects needed to implement notifications." ::= { mplsLpsGroups 4 } -- MPLS-LPS-MIB module ends END
9. Security Considerations
-
There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection opens devices to attack. These are the tables and objects and their sensitivity/vulnerability:
- The mplsLpsConfigTable is used to configure MPLS-TP linear protection domains. Improper manipulation of the objects in this table may result in different behaviors than what network operators originally intended, such as delaying traffic switching or causing a race condition with server-layer protection after network failure (mplsLpsConfigHoldOff), delaying or speeding up reversion after recovering from network failure (mplsLpsConfigWaitToRestore), unexpected traffic switching (mplsLpsConfigCommand), or the discontinuance of the operation of a protection switching control process (mplsLpsConfigMode, mplsLpsConfigProtectionType).
- The mplsLpsMeConfigTable is used to assign each ME to either the working path or the protection path. Improper manipulation of this object may result in the discontinuance of the operation of a protection switching control process.
- The notification is controlled by the mplsLpsNotificationEnable object. In the case of the discontinuance of a protection switching control process, network operators may not be notified if the mplsLpsNotificationEnable object is compromised.
Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability:
- The mplsLpsStatusTable and the mplsLpsMeStatusTable collectively show the history and current status of the MPLS-TP linear protection domains. They can be used to estimate the performance and qualities of networks configured to use MPLS-TP linear protection. If an administrator does not want to reveal this information, then these tables should be considered sensitive/vulnerable.
SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPsec), there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module.
Implementations SHOULD provide the security features described by the SNMPv3 framework (see [RFC3410]), and implementations claiming compliance to the SNMPv3 standard MUST include full support for authentication and privacy via the User-based Security Model (USM) [RFC3414] with the AES cipher algorithm [RFC3826]. Implementations MAY also provide support for the Transport Security Model (TSM) [RFC5591] in combination with a secure transport such as SSH [RFC5592] or TLS/DTLS [RFC6353].
Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them.
10. IANA Considerations
-
IANA has assigned an OID of decimal 22 for the MPLS Linear Protection MIB module (MPLS-LPS-MIB) specified in this document in the "MIB Transmission Group - MPLS STD MIB" subregistry of the "Internet-standard MIB - Transmission Group" registry.
11. References
11.1. Normative References
-
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <http://www.rfc-editor.org/info/rfc2119>. [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, DOI 10.17487/RFC2578, April 1999, <http://www.rfc-editor.org/info/rfc2578>. [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD 58, RFC 2579, DOI 10.17487/RFC2579, April 1999, <http://www.rfc-editor.org/info/rfc2579>. [RFC2580] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Conformance Statements for SMIv2", STD 58, RFC 2580, DOI 10.17487/RFC2580, April 1999, <http://www.rfc-editor.org/info/rfc2580>. [RFC3289] Baker, F., Chan, K., and A. Smith, "Management Information Base for the Differentiated Services Architecture", RFC 3289, DOI 10.17487/RFC3289, May 2002, <http://www.rfc-editor.org/info/rfc3289>. [RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks", STD 62, RFC 3411, DOI 10.17487/RFC3411, December 2002, <http://www.rfc-editor.org/info/rfc3411>. [RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", STD 62, RFC 3414, DOI 10.17487/RFC3414, December 2002, <http://www.rfc-editor.org/info/rfc3414>. [RFC3811] Nadeau, T., Ed., and J. Cucchiara, Ed., "Definitions of Textual Conventions (TCs) for Multiprotocol Label Switching (MPLS) Management", RFC 3811, DOI 10.17487/RFC3811, June 2004, <http://www.rfc-editor.org/info/rfc3811>. [RFC3826] Blumenthal, U., Maino, F., and K. McCloghrie, "The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model", RFC 3826, DOI 10.17487/RFC3826, June 2004, <http://www.rfc-editor.org/info/rfc3826>. [RFC5591] Harrington, D. and W. Hardaker, "Transport Security Model for the Simple Network Management Protocol (SNMP)", STD 78, RFC 5591, DOI 10.17487/RFC5591, June 2009, <http://www.rfc-editor.org/info/rfc5591>. [RFC5592] Harrington, D., Salowey, J., and W. Hardaker, "Secure Shell Transport Model for the Simple Network Management Protocol (SNMP)", RFC 5592, DOI 10.17487/RFC5592, June 2009, <http://www.rfc-editor.org/info/rfc5592>. [RFC6353] Hardaker, W., "Transport Layer Security (TLS) Transport Model for the Simple Network Management Protocol (SNMP)", STD 78, RFC 6353, DOI 10.17487/RFC6353, July 2011, <http://www.rfc-editor.org/info/rfc6353>. [RFC6378] Weingarten, Y., Ed., Bryant, S., Osborne, E., Sprecher, N., and A. Fulignoli, Ed., "MPLS Transport Profile (MPLS-TP) Linear Protection", RFC 6378, DOI 10.17487/RFC6378, October 2011, <http://www.rfc-editor.org/info/rfc6378>. [RFC7271] Ryoo, J., Ed., Gray, E., Ed., van Helvoort, H., D'Alessandro, A., Cheung, T., and E. Osborne, "MPLS Transport Profile (MPLS-TP) Linear Protection to Match the Operational Expectations of Synchronous Digital Hierarchy, Optical Transport Network, and Ethernet Transport Network Operators", RFC 7271, DOI 10.17487/RFC7271, June 2014, <http://www.rfc-editor.org/info/rfc7271>. [RFC7697] Pan, P., Aldrin, S., Venkatesan, M., Sampath, K., Nadeau, T., and S. Boutros, "MPLS Transport Profile (MPLS-TP) Operations, Administration, and Maintenance (OAM) Identifiers Management Information Base (MIB)", RFC 7697, DOI 10.17487/RFC7697, January 2016, <http://www.rfc-editor.org/info/rfc7697>.
11.2. Informative References
-
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet-Standard Management Framework", RFC 3410, DOI 10.17487/RFC3410, December 2002, <http://www.rfc-editor.org/info/rfc3410>. [RFC3812] Srinivasan, C., Viswanathan, A., and T. Nadeau, "Multiprotocol Label Switching (MPLS) Traffic Engineering (TE) Management Information Base (MIB)", RFC 3812, DOI 10.17487/RFC3812, June 2004, <http://www.rfc-editor.org/info/rfc3812>. [G8121] International Telecommunication Union, "Characteristics of MPLS-TP equipment functional blocks", ITU-T Recommendation G.8121/Y.1381, April 2016, <https://www.itu.int/rec/T-REC-G.8121/en>. [G8151] International Telecommunication Union, "Management aspects of the MPLS-TP network element", ITU-T Recommendation G.8151/Y.1374, January 2015, <https://www.itu.int/rec/T-REC-G.8151/en>.
Acknowledgments
-
The authors wish to thank Joan Cucchiara for her review as MIB Doctor. Joan's detailed comments were of great help for improving the quality of this document.
The authors would also like to thank Loa Andersson and Adrian Farrel for their valuable comments and suggestions on this document.
Contributors
-
Vishwas Manral
Nano Sec
599 Fairchild Drive
Mountain View, CA
United States of AmericaEmail:
vishwas@nanosec.io
Authors' Addresses
-
Kingston Selvaraj IP Infusion RMZ Centennial Mahadevapura Post Bangalore 560048 India
Email:
kingstonsmiler@gmail.com Venkatesan Mahalingam Dell Technologies 5450 Great America Parkway Santa Clara, CA 95054 United States of America Email: venkat.mahalingams@gmail.com
Daniel King
Old Dog Consulting
United KingdomEmail: daniel@olddog.co.uk Sam Aldrin Google, Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043 United States of America Email: aldrin.ietf@gmail.com Jeong-dong Ryoo ETRI 218 Gajeong-ro Yuseong-gu, Daejeon 34129 South Korea Email: ryoo@etri.re.kr