Internet Engineering Task Force (IETF)
Request for Comments: 8503
Category: Standards Track
ISSN: 2070-1721
H. Tsunoda
Tohoku Institute of Technology
December 2018

BGP/MPLS Layer 3 VPN Multicast Management Information Base

Abstract

This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects to configure and/or monitor Multicast communication over IP Virtual Private Networks (VPNs) supported by the Multiprotocol Label Switching/Border Gateway Protocol (MPLS/BGP) on a Provider Edge (PE) router.

Status of This Memo

This is an Internet Standards Track document.

This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841.

Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at https://www.rfc-editor.org/info/rfc8503.

Copyright Notice

Copyright © 2018 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  Terminology . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  The Internet-Standard Management Framework  . . . . . . . . .   3
   3.  BGP-MPLS-LAYER3-VPN-MULTICAST-MIB . . . . . . . . . . . . . .   3
     3.1.  Summary of the MIB Module . . . . . . . . . . . . . . . .   4
     3.2.  MIB Module Definitions  . . . . . . . . . . . . . . . . .   5
   4.  Security Considerations . . . . . . . . . . . . . . . . . . .  51
   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  53
   6.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  54
     6.1.  Normative References  . . . . . . . . . . . . . . . . . .  54
     6.2.  Informative References  . . . . . . . . . . . . . . . . .  56
   Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .  57
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . .  57

1. Introduction

[RFC6513], [RFC6514], and [RFC6625] specify procedures for supporting multicast in Multiprotocol Label Switching/Border Gateway Protocol (MPLS/BGP) Layer 3 (IP) Virtual Private Networks (VPNs). Throughout this document, we will use the term "MVPN" (for "multicast VPN") [RFC6513] to refer to a BGP/MPLS IP VPN that supports multicast.

Provider Edge (PE) routers that attach to a particular MVPN exchange customer multicast (C-multicast) routing information with neighboring PEs. In [RFC6513], two basic methods for exchanging C-multicast routing information are defined: (1) Protocol Independent Multicast (PIM) [RFC7761] and (2) BGP.

In the rest of this document, we will use the term "PIM-MVPN" to refer to the case where PIM is used for exchanging C-multicast routing information and "BGP-MVPN" to refer to the case where BGP is used for exchanging C-multicast routing information.

This document describes managed objects to configure and/or monitor MVPNs. Most of the managed objects are common to both PIM-MVPN and BGP-MVPN, and some managed objects are BGP-MVPN specific.

1.1. Terminology

This document adopts the definitions, abbreviations, and mechanisms described in [RFC4364], [RFC6513], and [RFC6514]. Familiarity with multicast, MPLS, Layer 3 (L3) VPN, and MVPN concepts and/or mechanisms is assumed. Some terms specifically related to this document are explained below.

An MVPN can be realized by using various kinds of transport mechanisms for forwarding a packet to all or a subset of PEs across service provider networks. Such transport mechanisms are referred to as provider tunnels (P-tunnels).

A Provider Multicast Service Interface (PMSI) [RFC6513] is a conceptual interface instantiated by a P-tunnel. A PE uses a PMSI to send customer multicast traffic to all or some PEs in the same VPN.

There are two kinds of PMSIs: Inclusive PMSI (I-PMSI) and Selective PMSI (S-PMSI) [RFC6513]. An I-PMSI enables a PE attached to a particular MVPN to transmit a message to all PEs in the same MVPN. An S-PMSI enables a PE to transmit a message to a selected set of PEs in the same MVPN.

As described in [RFC4382], each PE maintains one default forwarding table and zero or more Virtual Routing and Forwarding (VRF) tables. Throughout this document, we will use the term "MVRF" (for "multicast VRF") to refer to a VRF that contains multicast routing information.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

2. The Internet-Standard Management Framework

For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410].

Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580].

3. BGP-MPLS-LAYER3-VPN-MULTICAST-MIB

   This document defines BGP-MPLS-LAYER3-VPN-MULTICAST-MIB, a MIB module
   for monitoring and/or configuring MVPNs on PEs.  This MIB module will
   be used in conjunction with MPLS-L3VPN-STD-MIB [RFC4382] and IPMCAST-
   MIB [RFC5132].

3.1. Summary of the MIB Module

   BGP-MPLS-LAYER3-VPN-MULTICAST-MIB provides the following
   functionalities.
  • Monitoring attributes of MVPNs on a PE
  • Configuring timers and thresholds related to an MVPN on a PE
  • Notifying creation, deletion, and modification of MVRFs on a PE
  • Monitoring PMSI attributes
  • Monitoring statistics of advertisements exchanged by a PE
  • Monitoring routing information for multicast destinations
  • Monitoring next hops for each multicast destination
   To provide these functionalities, BGP-MPLS-LAYER3-VPN-MULTICAST-MIB
   defines the following tables.
  • mvpnGenericTable

This table contains generic information about MVPNs on a PE. Each entry in this table represents an instance of an MVPN on a PE and contains generic information related to the MVPN. For each entry in this table, there MUST be a corresponding VRF in MPLS-L3VPN- STD-MIB [RFC4382].

  • mvpnBgpTable

This table contains information specific to BGP-MVPNs. Each BGP- MVPN on a PE will have an entry in this table.

  • mvpnPmsiTable

This table contains managed objects representing attribute information that is common to I-PMSIs and S-PMSIs on a PE.

  • mvpnSpmsiTable

This table contains managed objects representing attribute information specific to S-PMSIs. An S-PMSI represented in this table will have a corresponding entry in mvpnPmsiTable.

  • mvpnAdvtStatsTable

This table contains statistics pertaining to I-PMSI and S-PMSI advertisements sent/received.

  • mvpnMrouteTable

This table contains multicast routing information in MVRFs on a PE.

  • mvpnMrouteNextHopTable

This table contains information on the next hops for routing IP multicast datagrams in MVPNs on a PE.

3.2. MIB Module Definitions

   This MIB module makes reference to the following documents:
   [RFC2003], [RFC2784], [RFC2863], [RFC3032], [RFC4001], and [RFC8502].
  
  BGP-MPLS-LAYER3-VPN-MULTICAST-MIB DEFINITIONS ::= BEGIN

IMPORTS

     MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
     Counter32, Counter64, Gauge32, Unsigned32, TimeTicks,
     mib-2
        FROM SNMPv2-SMI                         -- RFC 2578
     
     MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
        FROM SNMPv2-CONF                        -- RFC 2580

RowPointer, TimeStamp, DateAndTime

FROM SNMPv2-TC -- RFC 2579

InterfaceIndex, InterfaceIndexOrZero

FROM IF-MIB -- RFC 2863

InetAddress, InetAddressType, InetAddressPrefixLength

FROM INET-ADDRESS-MIB -- RFC 4001

mplsL3VpnVrfName, MplsL3VpnRouteDistinguisher

FROM MPLS-L3VPN-STD-MIB -- RFC 4382

IANAipRouteProtocol, IANAipMRouteProtocol FROM IANA-RTPROTO-MIB

       -- http://www.iana.org/assignments/ianaiprouteprotocol-mib

L2L3VpnMcastProviderTunnelType

FROM L2L3-VPN-MULTICAST-TC-MIB; -- RFC 8502

mvpnMIB MODULE-IDENTITY

     LAST-UPDATED "201812140000Z"  -- 14 December 2018
     ORGANIZATION "IETF BESS Working Group"
     CONTACT-INFO
                  "Hiroshi Tsunoda
                   Tohoku Institute of Technology
                   35-1, Yagiyama Kasumi-cho
                   Taihaku-ku, Sendai, 982-8577
                   Japan
                   Email: tsuno@m.ieice.org"

DESCRIPTION

"This MIB module contains managed object definitions to

configure and/or monitor Multicast communication over IP Virtual Private Networks (VPNs) supported by the Multiprotocol Label Switching/Border Gateway Protocol (MPLS/BGP) on a Provider Edge (PE) router.

Copyright © 2018 IETF Trust and the persons identified as authors of the code. All rights reserved.

           Redistribution and use in source and binary forms, with or
           without modification, is permitted pursuant to, and subject
           to the license terms contained in, the Simplified BSD License
           set forth in Section 4.c of the IETF Trust's Legal Provisions
           Relating to IETF Documents
           (http://trustee.ietf.org/license-info).
          "
    
    -- Revision History
    
    REVISION "201812140000Z"  -- 14 December 2018
    DESCRIPTION
        "Initial version, published as RFC 8503."
    
    ::= { mib-2 243 }
  
  -- Top-level components of this MIB module.
  mvpnNotifications OBJECT IDENTIFIER ::= { mvpnMIB 0 }
  
  -- Scalars, Tables
  mvpnObjects       OBJECT IDENTIFIER ::= { mvpnMIB 1 }
  
  -- Conformance Information
  mvpnConformance   OBJECT IDENTIFIER ::= { mvpnMIB 2 }
  -- MVPN Objects
  mvpnScalars       OBJECT IDENTIFIER ::= { mvpnObjects 1 }
  
  -- Scalar Objects

mvpnMvrfs OBJECT-TYPE

     SYNTAX        Gauge32
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The total number of Multicast Virtual Routing and
          Forwarding (MVRF) tables that are present on
          this Provider Edge (PE) router.  This includes MVRFs
          for IPv4, IPv6, and Multipoint LDP (mLDP) C-multicast.
         "
     ::= { mvpnScalars 1 }

mvpnV4Mvrfs OBJECT-TYPE

     SYNTAX        Gauge32
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The number of MVRFs for IPv4 C-multicast on this PE.
         "
     ::= { mvpnScalars 2 }

mvpnV6Mvrfs OBJECT-TYPE

     SYNTAX        Gauge32
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The number of MVRFs for IPv6 C-multicast on this PE.
         "
     ::= { mvpnScalars 3 }

mvpnMldpMvrfs OBJECT-TYPE

     SYNTAX         Gauge32
     MAX-ACCESS     read-only
     STATUS         current
     DESCRIPTION
         "The number of MVRFs on this PE that use BGP for
          exchanging mLDP C-multicast routing information.
         "
     ::= { mvpnScalars 4 }

mvpnPimV4Mvrfs OBJECT-TYPE

     SYNTAX         Gauge32
     MAX-ACCESS     read-only
     STATUS         current
     DESCRIPTION
         "The number of MVRFs on this PE that use Provider
          Independent Multicast (PIM) for exchanging IPv4
          C-multicast routing information.
         "
     ::= { mvpnScalars 5 }

mvpnPimV6Mvrfs OBJECT-TYPE

     SYNTAX         Gauge32
     MAX-ACCESS     read-only
     STATUS         current
     DESCRIPTION
         "The number of MVRFs on this PE that use PIM for
          exchanging IPv6 C-multicast routing information.
         "
     ::= { mvpnScalars 6 }

mvpnBgpV4Mvrfs OBJECT-TYPE

     SYNTAX         Gauge32
     MAX-ACCESS     read-only
     STATUS         current
     DESCRIPTION
         "The number of MVRFs on this PE that use BGP for
          exchanging IPv4 C-multicast routing information.
         "
     ::= { mvpnScalars 7 }

mvpnBgpV6Mvrfs OBJECT-TYPE

     SYNTAX         Gauge32
     MAX-ACCESS     read-only
     STATUS         current
     DESCRIPTION
         "The number of MVRFs on this PE that use BGP for
          exchanging IPv6 C-multicast routing information.
         "
     ::= { mvpnScalars 8 }

mvpnSPTunnelLimit OBJECT-TYPE

     SYNTAX        Unsigned32 (1..4294967295)
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
         "The maximum number of selective provider tunnels that
          are allowed for a particular MVPN on this PE.
     
         "
     REFERENCE
         "RFC 6513, Section 13"
     ::= { mvpnScalars 9 }

mvpnBgpCmcastRouteWithdrawalTimer OBJECT-TYPE

     SYNTAX        Unsigned32
     UNITS         "milliseconds"
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
         "A configurable timer to control the delay
          of C-multicast route withdrawal advertisements.
         "
     REFERENCE
         "RFC 6514, Section 16.1.1"
     ::= { mvpnScalars 10 }

mvpnBgpSrcSharedTreeJoinTimer OBJECT-TYPE

     SYNTAX        Unsigned32
     UNITS         "milliseconds"
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
         "A configurable timer to control the delay
          of Source/Shared Tree Join C-multicast route
          advertisements.
         "
     REFERENCE
         "RFC 6514, Section 16.1.2"
     ::= { mvpnScalars 11 }
  
  -- Generic MVRF Information Table
  
  mvpnGenericTable  OBJECT-TYPE
     SYNTAX        SEQUENCE OF MvpnGenericEntry
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "A conceptual table containing generic information about
          MVPNs on this PE.
         "
     ::= { mvpnObjects 2 }

mvpnGenericEntry OBJECT-TYPE

     SYNTAX        MvpnGenericEntry
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "A conceptual row that represents an MVPN on this PE.
          The MVPN represented by this entry will have one or more
          corresponding P-Multicast Service Interfaces (PMSIs)
          and a corresponding VRF in MPLS-L3VPN-STD-MIB (RFC 4382).
         "
     INDEX {
             mplsL3VpnVrfName
           }
     ::= { mvpnGenericTable 1 }
  
  MvpnGenericEntry ::= SEQUENCE {
     mvpnGenMvrfLastAction       INTEGER,
     mvpnGenMvrfLastActionTime   DateAndTime,
     mvpnGenMvrfCreationTime     DateAndTime,
     mvpnGenCmcastRouteProtocol  INTEGER,
     mvpnGenIpmsiInfo            RowPointer,
     mvpnGenInterAsPmsiInfo      RowPointer,
     mvpnGenUmhSelection         INTEGER,
     mvpnGenCustomerSiteType     INTEGER
  }

mvpnGenMvrfLastAction OBJECT-TYPE

     SYNTAX      INTEGER {
                           createdMvrf             (1),
                           deletedMvrf             (2),
                           modifiedMvrfIpmsiConfig (3),
                           modifiedMvrfSpmsiConfig (4)
                         }
     MAX-ACCESS  read-only
     STATUS      current
     DESCRIPTION
         "This object describes the last action pertaining
          to the MVPN represented by this entry.

The enumerated action types and the corresponding descriptions are as follows:

createdMvrf:

MVRF was created for this MVPN on the PE.

deletedMvrf:

MVRF for this MVPN was deleted from the PE. A conceptual row in this table will never have mvpnGenMvrfLastAction equal to deletedMvrf, because in that case, the row itself will not exist in the table.

This value for mvpnGenMvrfLastAction is defined

solely for use in the mvpnMvrfActionChange

notification.

modifiedMvrfIpmsiConfig:

An I-PMSI for this MVPN was configured, deleted, or changed.

            modifiedMvrfSpmsiConfig:
              An S-PMSI for this MVPN was configured, deleted,
              or changed.
         "
     ::= { mvpnGenericEntry 2 }

mvpnGenMvrfLastActionTime OBJECT-TYPE

     SYNTAX        DateAndTime
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The timestamp when the last action, given in
          the corresponding mvpnGenMvrfLastAction object,
          was carried out.
         "
     ::= { mvpnGenericEntry 3 }

mvpnGenMvrfCreationTime OBJECT-TYPE

     SYNTAX        DateAndTime
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The timestamp when the MVRF was created for
          the MVPN represented by this entry.
         "
     ::= { mvpnGenericEntry 4 }

mvpnGenCmcastRouteProtocol OBJECT-TYPE

     SYNTAX        INTEGER {
                             pim (1),
                             bgp (2)
                           }
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The protocol used to signal C-multicast routing
          information across the provider core for the MVPN
          represented by this entry.

The enumerated protocols and the corresponding descriptions are as follows:

            pim : PIM (PIM-MVPN)
            bgp : BGP (BGP-MVPN)
         "
     REFERENCE
         "RFC 6513, Section 5"
     ::= { mvpnGenericEntry 5 }

mvpnGenIpmsiInfo OBJECT-TYPE

     SYNTAX        RowPointer
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "A pointer to a conceptual row representing
          the corresponding I-PMSI in mvpnPmsiTable.
          If there is no I-PMSI for the MVPN
          represented by this entry, the
          value of this object will be zeroDotZero.
         "
     ::= { mvpnGenericEntry 6 }

mvpnGenInterAsPmsiInfo OBJECT-TYPE

     SYNTAX        RowPointer
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "A pointer to a conceptual row representing
          the corresponding segmented Inter-AS I-PMSI in mvpnPmsiTable.
          If there is no segmented Inter-AS I-PMSI for the MVPN,
          the value of this object will be zeroDotZero.
         "
     ::= { mvpnGenericEntry 7 }

mvpnGenUmhSelection OBJECT-TYPE

     SYNTAX        INTEGER {
                             highestPeAddress  (1),
                             cRootGroupHashing (2),
                             ucastUmhRoute     (3)
                           }
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The Upstream Multicast Hop (UMH) selection method for the
          MVPN represented by this entry.

The enumerated methods and the corresponding descriptions are as follows:

            highestPeAddress  : PE with the highest address
                                (see RFC 6513, Section 5.1.3)
            cRootGroupHashing : hashing based on (c-root, c-group)
            ucastUmhRoute     : per-unicast route towards c-root
         "
     REFERENCE
         "RFC 6513, Section 5.1"
     ::= { mvpnGenericEntry 8 }

mvpnGenCustomerSiteType OBJECT-TYPE

     SYNTAX        INTEGER {
                             senderReceiver (1),
                             receiverOnly   (2),
                             senderOnly     (3)
                           }
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The type of the customer site, connected to
          the MVPN represented by this entry.

The enumerated types and the corresponding descriptions are as follows:

            senderReceiver : Site is both sender and receiver
            receiverOnly   : Site is receiver only
            senderOnly     : Site is sender only
         "
     REFERENCE
         "RFC 6513, Section 2.3"
     ::= { mvpnGenericEntry 9 }

-- Generic BGP-MVPN Table

mvpnBgpTable OBJECT-TYPE

     SYNTAX        SEQUENCE OF MvpnBgpEntry
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "A conceptual table that supplements mvpnGenericTable
          with BGP-MVPN-specific information for BGP-MVPNs on this PE.
         "
     ::= { mvpnObjects 3 }
  mvpnBgpEntry OBJECT-TYPE
     SYNTAX           MvpnBgpEntry
     MAX-ACCESS       not-accessible
     STATUS           current
     DESCRIPTION
         "A conceptual row corresponding to a BGP-MVPN on this PE.
         "
     INDEX {
             mplsL3VpnVrfName
           }
  ::= { mvpnBgpTable 1 }
  
  MvpnBgpEntry ::= SEQUENCE {
     mvpnBgpMode                            INTEGER,
     mvpnBgpVrfRouteImportExtendedCommunity MplsL3VpnRouteDistinguisher,
     mvpnBgpSrcASExtendedCommunity          Unsigned32,
     mvpnBgpMsgRateLimit                    Unsigned32,
     mvpnBgpMaxSpmsiAdRoutes                Unsigned32,
     mvpnBgpMaxSpmsiAdRouteFreq             Unsigned32,
     mvpnBgpMaxSrcActiveAdRoutes            Unsigned32,
     mvpnBgpMaxSrcActiveAdRouteFreq         Unsigned32
  }

mvpnBgpMode OBJECT-TYPE

     SYNTAX        INTEGER {
                             other   (0),
                             rptSpt  (1),
                             sptOnly (2)
                           }
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The inter-site C-tree mode used by the BGP-MVPN
          represented by this entry.
     
            other   : none of the following
            rptSpt  : inter-site shared tree mode
                      (Rendezvous Point Tree (RPT) and
                      source-specific shortest-path tree (SPT))
            sptOnly : inter-site source-only tree mode
         "
     REFERENCE
         "RFC 6513, Section 9.3.1"
     ::= { mvpnBgpEntry 1 }

mvpnBgpVrfRouteImportExtendedCommunity OBJECT-TYPE

     SYNTAX             MplsL3VpnRouteDistinguisher
     MAX-ACCESS         read-only
     STATUS             current
     DESCRIPTION
         "The VRF Route Import Extended Community added by this PE
          to unicast VPN routes that it advertises for the BGP-MVPN
          corresponding to this entry.
         "
     REFERENCE
         "RFC 6514, Section 7
         "
     ::= { mvpnBgpEntry 2 }

mvpnBgpSrcASExtendedCommunity OBJECT-TYPE

     SYNTAX            Unsigned32
     MAX-ACCESS        read-only
     STATUS            current
     DESCRIPTION
         "The Source AS Extended Community added by this PE
          to the unicast VPN routes that it advertises for
          the BGP-MVPN represented by this entry.
         "
     REFERENCE
         "RFC 6514, Section 6
         "
     ::= { mvpnBgpEntry 3 }

mvpnBgpMsgRateLimit OBJECT-TYPE

     SYNTAX        Unsigned32 (0..4294967295)
     UNITS         "messages per second"
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
         "The configurable upper bound for the rate of the BGP
          C-multicast routing information message exchange between
          this PE and other PEs in the BGP-MVPN corresponding to
          this entry.
         "
     REFERENCE
         "RFC 6514, Section 17"
     ::= { mvpnBgpEntry 4 }

mvpnBgpMaxSpmsiAdRoutes OBJECT-TYPE

     SYNTAX        Unsigned32 (0..4294967295)
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
         "The configurable upper bound for the number of S-PMSI
          auto-discovery (A-D) routes for the BGP-MVPN
          corresponding to this entry.
     
         "
     REFERENCE
         "RFC 6514, Section 17"
     ::= { mvpnBgpEntry 5 }

mvpnBgpMaxSpmsiAdRouteFreq OBJECT-TYPE

     SYNTAX        Unsigned32 (0..4294967295)
     UNITS         "routes per second"
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
         "The configurable upper bound for the frequency of
          S-PMSI A-D route generation for the BGP-MVPN
          corresponding to this entry.
         "
     REFERENCE
         "RFC 6514, Section 17"
     ::= { mvpnBgpEntry 6 }

mvpnBgpMaxSrcActiveAdRoutes OBJECT-TYPE

     SYNTAX        Unsigned32 (0..4294967295)
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
         "The configurable upper bound for the number of
          Source Active A-D routes for the BGP-MVPN corresponding
          to this entry.
         "
     REFERENCE
         "RFC 6514, Section 17"
     ::= { mvpnBgpEntry 7 }

mvpnBgpMaxSrcActiveAdRouteFreq OBJECT-TYPE

     SYNTAX        Unsigned32 (0..4294967295)
     UNITS         "routes per second"
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
         "The configurable upper bound for the frequency of Source
          Active A-D route generation for the BGP-MVPN corresponding
          to this entry.
         "
     REFERENCE
         "RFC 6514, Section 17"
     ::= { mvpnBgpEntry 8 }
  
  -- Table of PMSI Information
  
  mvpnPmsiTable  OBJECT-TYPE
     SYNTAX        SEQUENCE OF MvpnPmsiEntry
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "A conceptual table containing information related
          to PMSIs on this PE.
         "
     ::= { mvpnObjects 4 }

mvpnPmsiEntry OBJECT-TYPE

     SYNTAX        MvpnPmsiEntry
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "A conceptual row corresponding to a
          PMSI on this PE.
         "
     INDEX       {
                   mvpnPmsiTunnelIfIndex
                 }
     ::= { mvpnPmsiTable 1 }
  
  MvpnPmsiEntry ::= SEQUENCE {
     mvpnPmsiTunnelIfIndex          InterfaceIndex,
     mvpnPmsiRD                     MplsL3VpnRouteDistinguisher,
     mvpnPmsiTunnelType             L2L3VpnMcastProviderTunnelType,
     mvpnPmsiTunnelAttribute        RowPointer,
     mvpnPmsiTunnelPimGroupAddrType InetAddressType,
     mvpnPmsiTunnelPimGroupAddr     InetAddress,
     mvpnPmsiEncapsulationType      INTEGER
  }

mvpnPmsiTunnelIfIndex OBJECT-TYPE

     SYNTAX        InterfaceIndex
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "A unique value for this conceptual row.  Its value
          will be the same as that of the ifIndex object instance
          for the corresponding PMSI in ifTable.
         "
     REFERENCE
         "RFC 2863, Section 3.1.5
         "
     ::= { mvpnPmsiEntry 1 }

mvpnPmsiRD OBJECT-TYPE

     SYNTAX        MplsL3VpnRouteDistinguisher
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The Route Distinguisher for this I-PMSI.
         "
     ::= { mvpnPmsiEntry 3 }

mvpnPmsiTunnelType OBJECT-TYPE

     SYNTAX        L2L3VpnMcastProviderTunnelType
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The type of tunnel used to
          instantiate the PMSI corresponding to this entry.
         "
     REFERENCE
         "RFC 6513, Section 2.6
         "
     ::= { mvpnPmsiEntry 4 }

mvpnPmsiTunnelAttribute OBJECT-TYPE

     SYNTAX        RowPointer
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "A pointer to a conceptual row representing
          the P-tunnel used by the PMSI in
          l2L3VpnMcastPmsiTunnelAttributeTable.
         "
     ::= { mvpnPmsiEntry 5 }

mvpnPmsiTunnelPimGroupAddrType OBJECT-TYPE

     SYNTAX        InetAddressType
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The InetAddressType of the mvpnPmsiTunnelPimGroupAddr object
          that follows.  When the PMSI corresponding to this entry
          does not use the PIM provider tunnel, i.e., the value of
          mvpnPmsiTunnelType is not one of pimSsm(3), pimAsm(4), or
          pimBidir(5), this object should be unknown(0).
         "
     ::= { mvpnPmsiEntry 6 }

mvpnPmsiTunnelPimGroupAddr OBJECT-TYPE

     SYNTAX        InetAddress
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The tunnel address that is used by the PMSI
          corresponding to this entry.  When the PMSI
          corresponding to this entry does not use
          the PIM provider tunnel, i.e., the value of
          mvpnPmsiTunnelType is not one of pimSsm(3),
          pimAsm(4), or pimBidir(5), this
          object should be a zero-length octet string.
         "
     ::= { mvpnPmsiEntry 7 }

mvpnPmsiEncapsulationType OBJECT-TYPE

     SYNTAX        INTEGER {
                             greIp (1),
                             ipIp  (2),
                             mpls  (3)
                           }
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The encapsulation type used for sending
          packets through the PMSI corresponding to this entry.

The enumerated encapsulation types and the corresponding descriptions are as follows:

            greIp : Generic Routing Encapsulation (GRE)
                    (RFC 2784)
            ipIp  : IP-in-IP encapsulation (RFC 2003)
            mpls  : MPLS encapsulation (RFC 3032)
         "
     REFERENCE
         "RFC 2003
          RFC 2784
          RFC 3032
          RFC 6513, Section 12.1
         "
     ::= { mvpnPmsiEntry 8 }
  
  -- Table of S-PMSI-Specific Information
  
  mvpnSpmsiTable  OBJECT-TYPE
     SYNTAX        SEQUENCE OF MvpnSpmsiEntry
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "A conceptual table containing information related
          to S-PMSIs on this PE.
          This table stores only S-PMSI-specific attribute
          information.  Generic PMSI attribute information of
          S-PMSIs is stored in mvpnPmsiTable.
         "
     ::= { mvpnObjects 5 }

mvpnSpmsiEntry OBJECT-TYPE

     SYNTAX        MvpnSpmsiEntry
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "A conceptual row corresponding to an S-PMSI on this PE.
          Implementers need to be aware that if the total number of
          octets in mplsL3VpnVrfName, mvpnSpmsiCmcastGroupAddr, and
          mvpnSpmsiCmcastSourceAddr exceeds 113, the OIDs of column
          instances in this row will have more than 128 sub-identifiers
          and cannot be accessed using SNMPv1, SNMPv2c, or SNMPv3.
         "
     INDEX       {
                   mplsL3VpnVrfName,
                   mvpnSpmsiCmcastGroupAddrType,
                   mvpnSpmsiCmcastGroupAddr,
                   mvpnSpmsiCmcastGroupPrefixLen,
                   mvpnSpmsiCmcastSourceAddrType,
                   mvpnSpmsiCmcastSourceAddr,
                   mvpnSpmsiCmcastSourcePrefixLen
                 }
     ::= { mvpnSpmsiTable 1 }
  
  MvpnSpmsiEntry ::= SEQUENCE {
     mvpnSpmsiCmcastGroupAddrType   InetAddressType,
     mvpnSpmsiCmcastGroupAddr       InetAddress,
     mvpnSpmsiCmcastGroupPrefixLen  InetAddressPrefixLength,
     mvpnSpmsiCmcastSourceAddrType  InetAddressType,
     mvpnSpmsiCmcastSourceAddr      InetAddress,
     mvpnSpmsiCmcastSourcePrefixLen InetAddressPrefixLength,
     mvpnSpmsiPmsiPointer           RowPointer
  }

mvpnSpmsiCmcastGroupAddrType OBJECT-TYPE

     SYNTAX        InetAddressType
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "The InetAddressType of the mvpnSpmsiCmcastGroupAddr object
          that follows.
         "
     ::= { mvpnSpmsiEntry 1 }

mvpnSpmsiCmcastGroupAddr OBJECT-TYPE

     SYNTAX        InetAddress
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "The group address of the C-flow assigned to the
          S-PMSI corresponding to this entry.
         "
     REFERENCE
         "RFC 6513, Section 3.1"
     ::= { mvpnSpmsiEntry 2 }

mvpnSpmsiCmcastGroupPrefixLen OBJECT-TYPE

     SYNTAX        InetAddressPrefixLength
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "The prefix length of the corresponding
          mvpnSpmsiCmcastGroupAddr object.
         "
     ::= { mvpnSpmsiEntry 3 }

mvpnSpmsiCmcastSourceAddrType OBJECT-TYPE

     SYNTAX        InetAddressType
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "The InetAddressType of the mvpnSpmsiCmcastSourceAddr object
          that follows.
         "
     ::= { mvpnSpmsiEntry 4 }

mvpnSpmsiCmcastSourceAddr OBJECT-TYPE

     SYNTAX        InetAddress
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "The source address of the C-flow assigned to the
          S-PMSI corresponding to this entry.
         "
     ::= { mvpnSpmsiEntry 5 }

mvpnSpmsiCmcastSourcePrefixLen OBJECT-TYPE

     SYNTAX        InetAddressPrefixLength
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "The prefix length of the corresponding
          mvpnSpmsiCmcastSourceAddr object.
         "
     ::= { mvpnSpmsiEntry 6 }

mvpnSpmsiPmsiPointer OBJECT-TYPE

     SYNTAX        RowPointer
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "A pointer to a conceptual row representing
          generic information of this S-PMSI in mvpnPmsiTable.
         "
     ::= { mvpnSpmsiEntry 7 }
  
  -- Table of Statistics Pertaining to
  -- Advertisements Sent/Received

mvpnAdvtStatsTable OBJECT-TYPE

     SYNTAX        SEQUENCE OF MvpnAdvtStatsEntry
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "A conceptual table containing statistics pertaining to
          I-PMSI and S-PMSI advertisements sent/received by this PE.
         "
     ::= { mvpnObjects 6 }

mvpnAdvtStatsEntry OBJECT-TYPE

     SYNTAX        MvpnAdvtStatsEntry
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "A conceptual row corresponding to statistics
          pertaining to advertisements sent/received
          for a particular MVPN on this PE.
     
          Implementers need to be aware that if the total number of
          octets in mplsL3VpnVrfName and mvpnAdvtPeerAddr exceeds 115,
          then OIDs of column instances in this row will have more than
          128 sub-identifiers and cannot be accessed using SNMPv1,
          SNMPv2c, or SNMPv3.
         "
     
     INDEX  {
              mplsL3VpnVrfName,
              mvpnAdvtType,
              mvpnAdvtPeerAddrType,
              mvpnAdvtPeerAddr
            }
     ::= { mvpnAdvtStatsTable 1 }

MvpnAdvtStatsEntry ::= SEQUENCE {

     mvpnAdvtType                        INTEGER,
     mvpnAdvtPeerAddrType                InetAddressType,
     mvpnAdvtPeerAddr                    InetAddress,
     mvpnAdvtSent                        Counter32,
     mvpnAdvtReceived                    Counter32,
     mvpnAdvtReceivedError               Counter32,
     mvpnAdvtReceivedMalformedTunnelType Counter32,
     mvpnAdvtReceivedMalformedTunnelId   Counter32,
     mvpnAdvtLastSentTime                DateAndTime,
     mvpnAdvtLastReceivedTime            DateAndTime,
     mvpnAdvtCounterDiscontinuityTime    TimeStamp
    }

mvpnAdvtType OBJECT-TYPE

     SYNTAX        INTEGER {
                              intraAsIpmsi (0),
                              interAsIpmsi (1),
                              sPmsi        (2)
                           }
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "The PMSI type.

The enumerated PMSI types and corresponding descriptions are as follows:

            intraAsIpmsi : Intra-AS Inclusive PMSI
            interAsIpmsi : Inter-AS Inclusive PMSI
            sPmsi        : Selective PMSI
         "
     REFERENCE
         "RFC 6513, Sec. 3.2.1"
     ::= { mvpnAdvtStatsEntry 1 }

mvpnAdvtPeerAddrType OBJECT-TYPE

     SYNTAX        InetAddressType
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "The InternetAddressType of the mvpnAdvtPeerAddr object
          that follows.
         "
     ::= { mvpnAdvtStatsEntry 2 }

mvpnAdvtPeerAddr OBJECT-TYPE

     SYNTAX        InetAddress
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "The address of a peer PE that exchanges advertisement with
          this PE.
         "
     ::= { mvpnAdvtStatsEntry 3 }

mvpnAdvtSent OBJECT-TYPE

     SYNTAX        Counter32
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The number of advertisements successfully
          sent to the peer PE specified by the corresponding
          mvpnAdvtPeerAddr.
     
          Discontinuities in the value of this counter can
          occur at re-initialization of the management system
          and at other times as indicated by the corresponding
          mvpnAdvtCounterDiscontinuityTime object.
         "
     ::= { mvpnAdvtStatsEntry 4 }

mvpnAdvtReceived OBJECT-TYPE

     SYNTAX        Counter32
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The number of advertisements received from the peer PE
          specified by the corresponding mvpnAdvtPeerAddr object.
          This includes advertisements that were discarded.
     
          Discontinuities in the value of this counter can
          occur at re-initialization of the management system
          and at other times as indicated by the corresponding
          mvpnAdvtCounterDiscontinuityTime object.
         "
     ::= { mvpnAdvtStatsEntry 5 }

mvpnAdvtReceivedError OBJECT-TYPE

     SYNTAX        Counter32
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The total number of advertisements received from a peer PE,
          specified by the corresponding mvpnAdvtPeerAddr object,
          that were rejected due to an error(s) in the advertisement.
          The value of this object includes
          the error cases counted in the corresponding
          mvpnAdvtReceivedMalformedTunnelType and
          mvpnAdvtReceivedMalformedTunnelId objects.
     
          Discontinuities in the value of this counter can
          occur at re-initialization of the management system
          and at other times as indicated by the corresponding
          mvpnAdvtCounterDiscontinuityTime object.
         "
     ::= { mvpnAdvtStatsEntry 6 }

mvpnAdvtReceivedMalformedTunnelType OBJECT-TYPE

     SYNTAX        Counter32
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The total number of advertisements received from the peer PE,
          specified by the corresponding mvpnAdvtPeerAddr object,
          that were rejected due to a malformed Tunnel Type
          in the PMSI Tunnel attribute.
     
          Discontinuities in the value of this counter can
          occur at re-initialization of the management system
          and at other times as indicated by the corresponding
          mvpnAdvtCounterDiscontinuityTime object.
         "
     REFERENCE
         "RFC 6514, Section 5"
     ::= { mvpnAdvtStatsEntry 7 }
  
  mvpnAdvtReceivedMalformedTunnelId   OBJECT-TYPE
     SYNTAX        Counter32
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The total number of advertisements received from the peer PE,
          specified by the corresponding mvpnAdvtPeerAddr object,
          that were rejected due to a malformed Tunnel Identifier
          in the PMSI Tunnel attribute.  Discontinuities in the value
          of this counter can occur at re-initialization of the
          management system and at other times as indicated by the
          corresponding mvpnAdvtCounterDiscontinuityTime object.
         "
     REFERENCE
         "RFC 6514, Section 5"
     ::= { mvpnAdvtStatsEntry 8 }
  
  mvpnAdvtLastSentTime   OBJECT-TYPE
     SYNTAX        DateAndTime
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The timestamp when the last advertisement
          was successfully sent by this PE.  If no
          advertisement has been sent since the
          last re-initialization of this PE, this
          object will have a zero-length string.
         "
     ::= { mvpnAdvtStatsEntry 9 }
  
  mvpnAdvtLastReceivedTime   OBJECT-TYPE
     SYNTAX        DateAndTime
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The timestamp when the last advertisement
          was successfully received from the peer PE specified
          by the corresponding mvpnAdvtPeerAddr object and
          processed by this PE.
          If no advertisement has been received since the
          last re-initialization of this PE, this object
          will have a zero-length string.
         "
     ::= { mvpnAdvtStatsEntry 10 }

mvpnAdvtCounterDiscontinuityTime OBJECT-TYPE

     SYNTAX        TimeStamp
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The value of sysUpTime on the most recent occasion
          at which any one or more of this application's
          counters, viz., counters with the OID prefix
          'mvpnAdvtSent', 'mvpnAdvtReceived',
          'mvpnAdvtReceivedError',
          'mvpnAdvtReceivedMalformedTunnelType', or
          'mvpnAdvtReceivedMalformedTunnelId', suffered a
     
          discontinuity.
          If no such discontinuities have occurred since the
          last re-initialization of the local management
          subsystem, this object will have a zero value.
         "
     ::= { mvpnAdvtStatsEntry 11 }

-- Table of Multicast Routes in an MVPN

mvpnMrouteTable OBJECT-TYPE

     SYNTAX        SEQUENCE OF MvpnMrouteEntry
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "A conceptual table containing multicast routing information
          corresponding to the MVRFs present on the PE.
         "
     ::= { mvpnObjects 7 }

mvpnMrouteEntry OBJECT-TYPE

     SYNTAX        MvpnMrouteEntry
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION
         "A conceptual row corresponding to a route for IP datagrams
          from a particular source and addressed to a particular
          IP multicast group address.
     
          Implementers need to be aware that if the total number of
          octets in mplsL3VpnVrfName, mvpnMrouteCmcastGroupAddr, and
          mvpnMrouteCmcastSourceAddrs exceeds 113, the OIDs of column
          instances in this row will have more than 128 sub-identifiers
          and cannot be accessed using SNMPv1, SNMPv2c, or SNMPv3.
         "
     INDEX  {
              mplsL3VpnVrfName,
              mvpnMrouteCmcastGroupAddrType,
              mvpnMrouteCmcastGroupAddr,
              mvpnMrouteCmcastGroupPrefixLength,
              mvpnMrouteCmcastSourceAddrType,
              mvpnMrouteCmcastSourceAddrs,
              mvpnMrouteCmcastSourcePrefixLength
            }
     ::= { mvpnMrouteTable 1 }
  
  MvpnMrouteEntry ::= SEQUENCE {
     mvpnMrouteCmcastGroupAddrType       InetAddressType,
     mvpnMrouteCmcastGroupAddr           InetAddress,
     mvpnMrouteCmcastGroupPrefixLength   InetAddressPrefixLength,
     mvpnMrouteCmcastSourceAddrType      InetAddressType,
     mvpnMrouteCmcastSourceAddrs         InetAddress,
     mvpnMrouteCmcastSourcePrefixLength  InetAddressPrefixLength,
     mvpnMrouteUpstreamNeighborAddrType  InetAddressType,
     mvpnMrouteUpstreamNeighborAddr      InetAddress,
     mvpnMrouteInIfIndex                 InterfaceIndexOrZero,
     mvpnMrouteExpiryTime                TimeTicks,
     mvpnMrouteProtocol                  IANAipMRouteProtocol,
     mvpnMrouteRtProtocol                IANAipRouteProtocol,
     mvpnMrouteRtAddrType                InetAddressType,
     mvpnMrouteRtAddr                    InetAddress,
     mvpnMrouteRtPrefixLength            InetAddressPrefixLength,
     mvpnMrouteRtType                    INTEGER,
     mvpnMrouteOctets                    Counter64,
     mvpnMroutePkts                      Counter64,
     mvpnMrouteTtlDroppedOctets          Counter64,
     mvpnMrouteTtlDroppedPackets         Counter64,
     mvpnMrouteDroppedInOctets           Counter64,
     mvpnMrouteDroppedInPackets          Counter64,
     mvpnMroutePmsiPointer               RowPointer,
     mvpnMrouteNumberOfLocalReplication  Unsigned32,
     mvpnMrouteNumberOfRemoteReplication Unsigned32,
     mvpnMrouteCounterDiscontinuityTime  TimeStamp
  }

mvpnMrouteCmcastGroupAddrType OBJECT-TYPE

     SYNTAX     InetAddressType
     MAX-ACCESS not-accessible
     STATUS     current
     DESCRIPTION
         "The InetAddressType of the mvpnMrouteCmcastGroupAddr object
          that follows.
         "
     ::= { mvpnMrouteEntry 1 }

mvpnMrouteCmcastGroupAddr OBJECT-TYPE

     SYNTAX     InetAddress
     MAX-ACCESS not-accessible
     STATUS     current
     DESCRIPTION
         "The IP multicast group address that, along with
          the corresponding mvpnMrouteCmcastGroupPrefixLength object,
          identifies destinations for which this entry contains
          multicast routing information.

This address object is only significant up to mvpnMrouteCmcastGroupPrefixLength bits. The remaining address bits MUST be set to zero.

          For addresses of type 'ipv4z' or 'ipv6z', the appended zone
          index is significant even though it lies beyond the prefix
          length.  The use of these address types indicates that this
          forwarding state applies only within the given zone.  Zone
          index zero is not valid in this table.
         "
     ::= { mvpnMrouteEntry 2 }

mvpnMrouteCmcastGroupPrefixLength OBJECT-TYPE

     SYNTAX     InetAddressPrefixLength
     MAX-ACCESS not-accessible
     STATUS     current
     DESCRIPTION
         "The length in bits of the mask that, along with
          the corresponding mvpnMrouteCmcastGroupAddr object,
          identifies destinations for which this entry contains
          multicast routing information.
     
          If the corresponding InetAddressType is 'ipv4' or 'ipv4z',
          this object must be in the range 4..32.
          If the corresponding InetAddressType is 'ipv6' or 'ipv6z',
          this object must be in the range 8..128.
         "
     ::= { mvpnMrouteEntry 3 }

mvpnMrouteCmcastSourceAddrType OBJECT-TYPE

     SYNTAX     InetAddressType
     MAX-ACCESS not-accessible
     STATUS     current
     DESCRIPTION
         "The InetAddressType of the mvpnMrouteCmcastSourceAddrs object
          that follows.
     
          A value of unknown(0) indicates a non-source-specific entry,
          corresponding to all sources in the group.  Otherwise, the
          value MUST be the same as the value of
          mvpnMrouteCmcastGroupAddrType.
         "
     ::= { mvpnMrouteEntry 4 }

mvpnMrouteCmcastSourceAddrs OBJECT-TYPE

     SYNTAX     InetAddress
     MAX-ACCESS not-accessible
     STATUS     current

DESCRIPTION

"The network address that, along with the

corresponding mvpnMrouteCmcastSourcePrefixLength object,

identifies the sources for which this entry contains

multicast routing information.

This address object is only significant up to mvpnMrouteCmcastSourcePrefixLength bits.
The remaining address bits MUST be set to zero.

          For addresses of type 'ipv4z' or 'ipv6z', the appended zone
          index is significant even though it lies beyond the prefix
          length.  The use of these address types indicates that this
          source address applies only within the given zone.  Zone
          index zero is not valid in this table.
         "
     ::= { mvpnMrouteEntry 5 }

mvpnMrouteCmcastSourcePrefixLength OBJECT-TYPE

     SYNTAX     InetAddressPrefixLength
     MAX-ACCESS not-accessible
     STATUS     current
     DESCRIPTION
         "The length in bits of the mask that, along with
          the corresponding mvpnMrouteCmcastSourceAddr object,
          identifies the sources for which this entry contains
          multicast routing information.
     
          If the corresponding InetAddressType is 'ipv4' or 'ipv4z',
          this object must be in the range 4..32.
          If the corresponding InetAddressType is 'ipv6' or 'ipv6z',
          this object must be in the range 8..128.
          If the corresponding InetAddressType is 'unknown',
          this object must be zero.
         "
     ::= { mvpnMrouteEntry 6 }

mvpnMrouteUpstreamNeighborAddrType OBJECT-TYPE

     SYNTAX     InetAddressType
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The InetAddressType of the mvpnMrouteUpstreamNeighborAddr
          object that follows.

A value of unknown(0) indicates that the upstream neighbor is unknown, for example, in
Bidirectional PIM (BIDIR-PIM).

         "
     REFERENCE
         "RFC 5015"
     ::= { mvpnMrouteEntry 7 }

mvpnMrouteUpstreamNeighborAddr OBJECT-TYPE

     SYNTAX     InetAddress
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The address of the upstream neighbor (for example,
          the Reverse Path Forwarding (RPF) neighbor) from
          which IP datagrams from these sources represented
          by this entry to this multicast address are received.
         "
     ::= { mvpnMrouteEntry 8 }

mvpnMrouteInIfIndex OBJECT-TYPE

     SYNTAX     InterfaceIndexOrZero
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The value of ifIndex for the interface on which IP
          datagrams sent by these sources represented by this entry to
          this multicast address are received.
     
          A value of zero indicates that datagrams are not
          subject to an incoming interface check but may be accepted
          on multiple interfaces (for example, in BIDIR-PIM).
         "
     REFERENCE
         "RFC 5015"
     ::= { mvpnMrouteEntry 9 }

mvpnMrouteExpiryTime OBJECT-TYPE

     SYNTAX     TimeTicks
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The minimum amount of time remaining before this entry will
          be aged out.  The value zero indicates that the entry is not
          subject to aging.  If the corresponding mvpnMrouteNextHopState
          object is pruned(1), this object represents the remaining
          time for the prune to expire after which the state will
          return to forwarding(2).
          If the corresponding mvpnMrouteNextHopState object is
          forwarding(2), this object indicates the time after which
          this entry will be removed from the table.
     
         "
     ::= { mvpnMrouteEntry 10 }

mvpnMrouteProtocol OBJECT-TYPE

     SYNTAX     IANAipMRouteProtocol
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The multicast routing protocol via which this multicast
          forwarding entry was learned.
         "
     ::= { mvpnMrouteEntry 11 }

mvpnMrouteRtProtocol OBJECT-TYPE

     SYNTAX     IANAipRouteProtocol
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The routing protocol via which the route used to find the
          upstream or parent interface for this multicast forwarding
          entry was learned.
         "
     ::= { mvpnMrouteEntry 12 }

mvpnMrouteRtAddrType OBJECT-TYPE

     SYNTAX     InetAddressType
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The InetAddressType of the mvpnMrouteRtAddr object
          that follows.
         "
     ::= { mvpnMrouteEntry 13 }

mvpnMrouteRtAddr OBJECT-TYPE

     SYNTAX     InetAddress
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The address portion of the route used to find the upstream
          or parent interface for this multicast forwarding entry.

This address object is only significant up to mvpnMrouteRtPrefixLength bits. The remaining address bits MUST be set to zero.

For addresses of type 'ipv4z' or 'ipv6z', the appended zone index is significant even though it lies beyond the prefix

          length.  The use of these address types indicates that this
          forwarding state applies only within the given zone.  Zone
          index zero is not valid in this table.
         "
     ::= { mvpnMrouteEntry 14 }

mvpnMrouteRtPrefixLength OBJECT-TYPE

     SYNTAX     InetAddressPrefixLength
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The length in bits of the mask associated with the route
          used to find the upstream or parent interface for this
          multicast forwarding entry.
     
          If the corresponding InetAddressType is 'ipv4' or 'ipv4z',
          this object must be in the range 4..32.
          If the corresponding InetAddressType is 'ipv6' or 'ipv6z',
          this object must be in the range 8..128.
         "
     ::= { mvpnMrouteEntry 15 }

mvpnMrouteRtType OBJECT-TYPE

     SYNTAX     INTEGER {
                          unicast   (1),
                          multicast (2)
                        }
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The reason for placing the route in the (logical)
          multicast Routing Information Base (RIB).

The enumerated reasons and the corresponding descriptions are as follows:

unicast:

The route would normally be placed only in the unicast RIB, but it was placed in the multicast RIB by local configuration, such as when running PIM over RIP.

            multicast:
              The route was explicitly added to the multicast RIB by
              the routing protocol, such as the Distance Vector
              Multicast Routing Protocol (DVMRP) or Multiprotocol BGP.
         "
     ::= { mvpnMrouteEntry 16 }

mvpnMrouteOctets OBJECT-TYPE

     SYNTAX     Counter64
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The number of octets contained in IP datagrams that were
          received from sources represented by this entry and
          addressed to this multicast group address and that were
          forwarded by this router.
     
          Discontinuities in the value of this counter can
          occur at re-initialization of the management system
          and at other times as indicated by the corresponding
          mvpnMrouteCounterDiscontinuityTime object.
         "
     ::= { mvpnMrouteEntry 17 }

mvpnMroutePkts OBJECT-TYPE

     SYNTAX     Counter64
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The number of packets routed using this multicast route
          entry.
     
          Discontinuities in the value of this counter can
          occur at re-initialization of the management system
          and at other times as indicated by the corresponding
          mvpnMrouteCounterDiscontinuityTime object.
         "
     ::= { mvpnMrouteEntry 18 }

mvpnMrouteTtlDroppedOctets OBJECT-TYPE

     SYNTAX     Counter64
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The number of octets contained in IP datagrams that this
          router has received from sources represented by
          this entry and addressed to this multicast group address,
          which were dropped due to Time To Live (TTL) issues.
          TTL issues occur when the TTL (IPv4) or Hop Limit (IPv6)
          of the incoming packet was decremented to zero or to a
          value less than ipMcastInterfaceTtl of the corresponding
          interface.

The ipMcastInterfaceTtl object is defined in IPMCAST-MIB (RFC 5132) and represents the datagram TTL
threshold for the interface. Any IP multicast datagrams with a TTL (IPv4) or Hop Limit (IPv6) less than this threshold will not be forwarded out of the interface. The default value of zero means all multicast packets are forwarded out of the interface. A value of 256 means that no multicast packets are forwarded out of the interface.

          Discontinuities in the value of this counter can
          occur at re-initialization of the management system
          and at other times as indicated by the corresponding
          mvpnMrouteCounterDiscontinuityTime object.
         "
     REFERENCE
         "RFC 5132, Section 6
         "
     ::= { mvpnMrouteEntry 19 }

mvpnMrouteTtlDroppedPackets OBJECT-TYPE

     SYNTAX     Counter64
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The number of packets that this router has received from
          the sources represented by this entry and addressed to this
          multicast group address, which were dropped due to
          Time To Live (TTL) issues.  TTL issues occur when the
          TTL (IPv4) or Hop Limit (IPv6) of the incoming packet was
          decremented to zero or to a value less than
          ipMcastInterfaceTtl of the corresponding interface.

The ipMcastInterfaceTtl object is defined in IPMCAST-MIB (RFC 5132) and represents the datagram TTL
threshold for the interface. Any IP multicast datagrams with a TTL (IPv4) or Hop Limit (IPv6) less than this threshold will not be forwarded out of the interface. The default value of zero means all multicast packets are forwarded out of the interface. A value of 256 means that no multicast packets are forwarded out of the interface.

          Discontinuities in the value of this counter can
          occur at re-initialization of the management system
          and at other times as indicated by the corresponding
          mvpnMrouteCounterDiscontinuityTime object.
         "
     REFERENCE
         "RFC 5132, Section 6
         "
     ::= { mvpnMrouteEntry 20 }

mvpnMrouteDroppedInOctets OBJECT-TYPE

     SYNTAX     Counter64
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The number of octets contained in IP datagrams that this
          router has received from sources represented by
          this entry and addressed to this multicast group address,
          which were dropped due to an error(s).
          The value of this object includes the octets counted
          in the corresponding mvpnMrouteTtlDroppedOctets object.
     
          Discontinuities in the value of this counter can
          occur at re-initialization of the management system
          and at other times as indicated by the corresponding
          mvpnMrouteCounterDiscontinuityTime object.
         "
     ::= { mvpnMrouteEntry 21 }

mvpnMrouteDroppedInPackets OBJECT-TYPE

     SYNTAX     Counter64
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The number of packets that this router has received from
          sources represented by this entry and addressed to this
          multicast group address, which were dropped due to an
          error(s).  The value of this object includes the number
          of octets counted in the corresponding
          mvpnMrouteTtlDroppedPackets object.
     
          Discontinuities in the value of this counter can
          occur at re-initialization of the management system
          and at other times as indicated by the corresponding
          mvpnMrouteCounterDiscontinuityTime object.
         "
     ::= { mvpnMrouteEntry 22 }

mvpnMroutePmsiPointer OBJECT-TYPE

     SYNTAX        RowPointer
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "A pointer to a conceptual row representing
          the corresponding I-PMSI in mvpnPmsiTable or S-PMSI
          in mvpnSpmsiTable that this C-multicast route is using.
         "
     ::= { mvpnMrouteEntry 23 }

mvpnMrouteNumberOfLocalReplication OBJECT-TYPE

     SYNTAX        Unsigned32
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "Number of replications for local receivers.
          For example, if an ingress PE needs to send traffic out of
          N PE-CE interfaces, then mvpnMrouteNumberOfLocalReplication
          is N.
         "
     ::= { mvpnMrouteEntry 24 }

mvpnMrouteNumberOfRemoteReplication OBJECT-TYPE

     SYNTAX        Unsigned32
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "Number of local replications for remote PEs.  For example,
          if the number of remote PEs that need to receive traffic is N,
          then mvpnMrouteNumberOfRemoteReplication is N in case of
          Ingress Replication, but it may be less than N in case of
          RSVP-TE or mLDP Point-to-Multipoint (P2MP) tunnels, depending
          on the actual number of replications the PE needs to do.
         "
     ::= { mvpnMrouteEntry 25 }

mvpnMrouteCounterDiscontinuityTime OBJECT-TYPE

     SYNTAX        TimeStamp
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The value of sysUpTime on the most recent occasion
          at which any one or more of this application's
          counters, viz., counters with the OID prefix
          'mvpnMrouteOctets', 'mvpnMroutePkts',
          'mvpnMrouteTtlDroppedOctets',
          'mvpnMrouteTtlDroppedPackets',
          'mvpnMrouteDroppedInOctets', or 'mvpnMrouteDroppedInPackets',
          suffered a discontinuity.
          If no such discontinuities have occurred since the
          last re-initialization of the local management
          subsystem, this object will have a zero value.
         "
     ::= { mvpnMrouteEntry 26 }

-- Table of Next Hops for Multicast Routes in an MVPN

mvpnMrouteNextHopTable OBJECT-TYPE

     SYNTAX     SEQUENCE OF MvpnMrouteNextHopEntry
     MAX-ACCESS not-accessible
     STATUS     current
     DESCRIPTION
         "A conceptual table containing information on the
          next hops for routing IP multicast datagrams.
          Each entry is one of a list of next hops for
          a set of sources sending to a multicast group
          address.
         "
     ::= { mvpnObjects 8 }

mvpnMrouteNextHopEntry OBJECT-TYPE

     SYNTAX     MvpnMrouteNextHopEntry
     MAX-ACCESS not-accessible
     STATUS     current
     DESCRIPTION
         "A conceptual row corresponding to a next hop to which
          IP multicast datagrams from a set of sources to
          an IP multicast group address are routed.
     
          Implementers need to be aware that if the total number of
          octets in mplsL3VpnVrfName, mvpnMrouteNextHopGroupAddr,
          mvpnMrouteNextHopSourceAddrs, and mvpnMrouteNextHopAddr
          exceeds 111, the OIDs of column instances in this row
          will have more than 128 sub-identifiers and cannot be
          accessed using SNMPv1, SNMPv2c, or SNMPv3.
         "
     INDEX      {
                  mplsL3VpnVrfName,
                  mvpnMrouteNextHopGroupAddrType,
                  mvpnMrouteNextHopGroupAddr,
                  mvpnMrouteNextHopGroupPrefixLength,
                  mvpnMrouteNextHopSourceAddrType,
                  mvpnMrouteNextHopSourceAddrs,
                  mvpnMrouteNextHopSourcePrefixLength,
                  mvpnMrouteNextHopIfIndex,
                  mvpnMrouteNextHopAddrType,
                  mvpnMrouteNextHopAddr
                }
     ::= { mvpnMrouteNextHopTable 1 }

MvpnMrouteNextHopEntry ::= SEQUENCE {

     mvpnMrouteNextHopGroupAddrType            InetAddressType,
     mvpnMrouteNextHopGroupAddr                InetAddress,
  
     mvpnMrouteNextHopGroupPrefixLength        InetAddressPrefixLength,
     mvpnMrouteNextHopSourceAddrType           InetAddressType,
     mvpnMrouteNextHopSourceAddrs              InetAddress,
     mvpnMrouteNextHopSourcePrefixLength       InetAddressPrefixLength,
     mvpnMrouteNextHopIfIndex                  InterfaceIndex,
     mvpnMrouteNextHopAddrType                 InetAddressType,
     mvpnMrouteNextHopAddr                     InetAddress,
     mvpnMrouteNextHopState                    INTEGER,
     mvpnMrouteNextHopExpiryTime               TimeTicks,
     mvpnMrouteNextHopClosestMemberHops        Unsigned32,
     mvpnMrouteNextHopProtocol                 IANAipMRouteProtocol,
     mvpnMrouteNextHopOctets                   Counter64,
     mvpnMrouteNextHopPkts                     Counter64,
     mvpnMrouteNextHopCounterDiscontinuityTime TimeStamp
  }

mvpnMrouteNextHopGroupAddrType OBJECT-TYPE

     SYNTAX     InetAddressType
     MAX-ACCESS not-accessible
     STATUS     current
     DESCRIPTION
         "The InetAddressType of the mvpnMrouteNextHopGroupAddr object
          that follows.
         "
     ::= { mvpnMrouteNextHopEntry 1 }

mvpnMrouteNextHopGroupAddr OBJECT-TYPE

     SYNTAX     InetAddress
     MAX-ACCESS not-accessible
     STATUS     current
     DESCRIPTION
         "The IP multicast group address that, along with
          the corresponding mvpnMrouteNextHopGroupPrefixLength object,
          identifies destinations for which this entry contains
          multicast forwarding information.

This address object is only significant up to mvpnMrouteNextHopGroupPrefixLength bits. The remaining address bits MUST be set to zero.

          For addresses of type 'ipv4z' or 'ipv6z', the appended zone
          index is significant even though it lies beyond the prefix
          length.  The use of these address types indicates that this
          forwarding state applies only within the given zone.  Zone
          index zero is not valid in this table.
         "
     ::= { mvpnMrouteNextHopEntry 2 }

mvpnMrouteNextHopGroupPrefixLength OBJECT-TYPE

     SYNTAX     InetAddressPrefixLength
     MAX-ACCESS not-accessible
     STATUS     current
     DESCRIPTION
         "The length in bits of the mask that, along with
          the corresponding mvpnMrouteGroupAddr object,
          identifies destinations for which this entry contains
          multicast routing information.
     
          If the corresponding InetAddressType is 'ipv4' or 'ipv4z',
          this object must be in the range 4..32.
          If the corresponding InetAddressType is 'ipv6' or 'ipv6z',
          this object must be in the range 8..128.
         "
     ::= { mvpnMrouteNextHopEntry 3 }

mvpnMrouteNextHopSourceAddrType OBJECT-TYPE

     SYNTAX     InetAddressType
     MAX-ACCESS not-accessible
     STATUS     current
     DESCRIPTION
         "The InetAddressType of the mvpnMrouteNextHopSourceAddrs
          object that follows.
     
          A value of unknown(0) indicates a non-source-specific entry,
          corresponding to all sources in the group.  Otherwise, the
          value MUST be the same as the value of
          mvpnMrouteNextHopGroupAddrType.
         "
     ::= { mvpnMrouteNextHopEntry 4 }

mvpnMrouteNextHopSourceAddrs OBJECT-TYPE

     SYNTAX     InetAddress
     MAX-ACCESS not-accessible
     STATUS     current
     DESCRIPTION
         "The network address that, along with the
          corresponding mvpnMrouteNextHopSourcePrefixLength object,
          identifies the sources for which this entry specifies
          a next hop.

This address object is only significant up to mvpnMrouteNextHopSourcePrefixLength bits. The remaining address bits MUST be set to zero.

For addresses of type 'ipv4z' or 'ipv6z', the appended zone index is significant even though it lies beyond the prefix

          length.  The use of these address types indicates that this
          source address applies only within the given zone.  Zone
          index zero is not valid in this table.
         "
     ::= { mvpnMrouteNextHopEntry 5 }

mvpnMrouteNextHopSourcePrefixLength OBJECT-TYPE

     SYNTAX     InetAddressPrefixLength
     MAX-ACCESS not-accessible
     STATUS     current
     DESCRIPTION
         "The length in bits of the mask that, along with
          the corresponding mvpnMrouteNextHopSourceAddrs object,
          identifies the sources for which this entry specifies
          a next hop.
     
          If the corresponding InetAddressType is 'ipv4' or 'ipv4z',
          this object must be in the range 4..32.
          If the corresponding InetAddressType is 'ipv6' or 'ipv6z',
          this object must be in the range 8..128.
          If the corresponding InetAddressType is 'unknown',
          this object must be zero.
         "
     ::= { mvpnMrouteNextHopEntry 6 }

mvpnMrouteNextHopIfIndex OBJECT-TYPE

     SYNTAX     InterfaceIndex
     MAX-ACCESS not-accessible
     STATUS     current
     DESCRIPTION
         "The ifIndex value of the outgoing interface
          for this next hop.
         "
     ::= { mvpnMrouteNextHopEntry 7 }

mvpnMrouteNextHopAddrType OBJECT-TYPE

     SYNTAX     InetAddressType
     MAX-ACCESS not-accessible
     STATUS     current
     DESCRIPTION
         "The InetAddressType of the mvpnMrouteNextHopAddr object
          that follows.
         "
     ::= { mvpnMrouteNextHopEntry 8 }

mvpnMrouteNextHopAddr OBJECT-TYPE

     SYNTAX     InetAddress
     MAX-ACCESS not-accessible
     STATUS     current
     DESCRIPTION
         "The address of the next hop specific to this entry.  For
          most interfaces, this is identical to
          mvpnMrouteNextHopGroupAddr.  Non-Broadcast Multi-Access
          (NBMA) interfaces, however, may have multiple next-hop
          addresses out of a single outgoing interface.
         "
     ::= { mvpnMrouteNextHopEntry 9 }

mvpnMrouteNextHopState OBJECT-TYPE

     SYNTAX     INTEGER {
                          pruned(1),
                          forwarding(2)
                        }
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "An indication of whether the outgoing interface and next
          hop represented by this entry is currently being used to
          forward IP datagrams.

The enumerated states and the corresponding descriptions are as follows:

            pruned     : this entry is not currently being used.
            forwarding : this entry is currently being used.
         "
     ::= { mvpnMrouteNextHopEntry 10 }

mvpnMrouteNextHopExpiryTime OBJECT-TYPE

     SYNTAX     TimeTicks
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The minimum amount of time remaining before this entry will
          be aged out.  If mvpnMrouteNextHopState is pruned(1),
          this object represents the remaining time for the prune
          to expire after which the state will return to forwarding(2).
          If mvpnMrouteNextHopState is forwarding(2),
          this object indicates the time after which this
          entry will be removed from the table.
     
          The value of zero indicates that the entry is not subject to
          aging.
         "
     ::= { mvpnMrouteNextHopEntry 11 }

mvpnMrouteNextHopClosestMemberHops OBJECT-TYPE

     SYNTAX     Unsigned32 (0..256)
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The minimum number of hops between this router and any
          member of this IP multicast group reached via this next hop
          on the corresponding outgoing interface.  Any IP multicast
          datagram for the group that has a TTL (IPv4) or a Hop Count
          (IPv6) less than mvpnMrouteNextHopClosestMemberHops will
          not be forwarded through this interface.

A value of zero means all multicast datagrams are forwarded out of the interface. A value of 256 means that no multicast datagrams are forwarded out of the interface.

          This is an optimization applied by multicast routing
          protocols that explicitly track hop counts to downstream
          listeners.  Multicast protocols that are not aware of hop
          counts to downstream listeners set this object to zero.
         "
     ::= { mvpnMrouteNextHopEntry 12 }

mvpnMrouteNextHopProtocol OBJECT-TYPE

     SYNTAX     IANAipMRouteProtocol
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The routing protocol via which this next hop was learned.
         "
     ::= { mvpnMrouteNextHopEntry 13 }

mvpnMrouteNextHopOctets OBJECT-TYPE

     SYNTAX     Counter64
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The number of octets of multicast packets that have been
          forwarded using this route.
     
          Discontinuities in the value of this counter can
          occur at re-initialization of the management system
          and at other times as indicated by the corresponding
          mvpnMrouteNextHopCounterDiscontinuityTime object.
         "
     ::= { mvpnMrouteNextHopEntry 14 }

mvpnMrouteNextHopPkts OBJECT-TYPE

     SYNTAX     Counter64
     MAX-ACCESS read-only
     STATUS     current
     DESCRIPTION
         "The number of packets that have been forwarded using this
          route.
     
          Discontinuities in the value of this counter can
          occur at re-initialization of the management system
          and at other times as indicated by the corresponding
          mvpnMrouteNextHopCounterDiscontinuityTime object.
         "
     ::= { mvpnMrouteNextHopEntry 15 }

mvpnMrouteNextHopCounterDiscontinuityTime OBJECT-TYPE

     SYNTAX        TimeStamp
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
         "The value of sysUpTime on the most recent occasion
          at which any one or more of this application's
          counters, viz., counters with the OID prefix
          'mvpnMrouteNextHopOctets' or 'mvpnMrouteNextHopPackets',
          suffered a discontinuity.
          If no such discontinuities have occurred since the
          last re-initialization of the local management
          subsystem, this object will have a zero value.
         "
     ::= { mvpnMrouteNextHopEntry 16 }
  
  -- MVPN Notifications

mvpnMvrfActionTaken NOTIFICATION-TYPE

     OBJECTS     {
                   mvpnGenMvrfCreationTime,
                   mvpnGenMvrfLastAction,
                   mvpnGenMvrfLastActionTime,
                   mvpnGenMvrfCreationTime,
                   mvpnGenCmcastRouteProtocol,
                   mvpnGenUmhSelection,
                   mvpnGenCustomerSiteType
                 }
     STATUS      current
     DESCRIPTION
         "mvpnMvrfActionTaken notifies about a change
          in an MVRF on the PE.  The change itself will be given by
          mvpnGenMvrfLastAction.
         "
     ::= { mvpnNotifications 1 }
  
  -- MVPN MIB Conformance Information
  
  mvpnGroups      OBJECT IDENTIFIER ::= { mvpnConformance 1 }
  mvpnCompliances OBJECT IDENTIFIER ::= { mvpnConformance 2 }
  
  -- Compliance Statements

mvpnModuleFullCompliance MODULE-COMPLIANCE

         STATUS  current
         DESCRIPTION
              "Compliance statement for agents that provide full support
               for BGP-MPLS-LAYER3-VPN-MULTICAST-MIB.
              "
         MODULE  -- this module
         MANDATORY-GROUPS {
             mvpnScalarGroup,
             mvpnGenericGroup,
             mvpnPmsiGroup,
             mvpnAdvtStatsGroup,
             mvpnMrouteGroup,
             mvpnMrouteNextHopGroup,
             mvpnNotificationGroup
         }

GROUP mvpnBgpScalarGroup

DESCRIPTION

"This group is mandatory for systems that support BGP-MVPN.
"

GROUP mvpnBgpGroup

DESCRIPTION

"This group is mandatory for systems that support BGP-MVPN.
"

         ::= { mvpnCompliances 1 }

mvpnModuleReadOnlyCompliance MODULE-COMPLIANCE

         STATUS  current
         DESCRIPTION "Compliance requirement for implementations that
                      only provide read-only support for
                      BGP-MPLS-LAYER3-VPN-MULTICAST-MIB.  Such devices
                      can then be monitored but cannot be configured
                      using this MIB module.
         
                     "
         MODULE  -- this module
         MANDATORY-GROUPS {
             mvpnScalarGroup,
             mvpnGenericGroup,
             mvpnPmsiGroup,
             mvpnAdvtStatsGroup,
             mvpnMrouteGroup,
             mvpnMrouteNextHopGroup,
             mvpnNotificationGroup
         }
         
         GROUP mvpnBgpScalarGroup
             DESCRIPTION
                 "This group is mandatory for systems that support
                  BGP-MVPN.
                 "
         GROUP mvpnBgpGroup
             DESCRIPTION
                 "This group is mandatory for systems that support
                  BGP-MVPN.
                 "
         
         OBJECT       mvpnSPTunnelLimit
         MIN-ACCESS   read-only
         DESCRIPTION "Write access is not required."
         
         OBJECT       mvpnBgpCmcastRouteWithdrawalTimer
         MIN-ACCESS   read-only
         DESCRIPTION "Write access is not required."
         
         OBJECT       mvpnBgpSrcSharedTreeJoinTimer
         MIN-ACCESS   read-only
         DESCRIPTION "Write access is not required."
         
         OBJECT       mvpnBgpMsgRateLimit
         MIN-ACCESS   read-only
         DESCRIPTION "Write access is not required."
         
         OBJECT       mvpnBgpMaxSpmsiAdRoutes
         MIN-ACCESS   read-only
         DESCRIPTION "Write access is not required."
         
         OBJECT       mvpnBgpMaxSpmsiAdRouteFreq
         MIN-ACCESS   read-only
         DESCRIPTION "Write access is not required."
         
         OBJECT       mvpnBgpMaxSrcActiveAdRoutes
         MIN-ACCESS   read-only
         DESCRIPTION "Write access is not required."
         
         OBJECT       mvpnBgpMaxSrcActiveAdRouteFreq
         MIN-ACCESS   read-only
         DESCRIPTION "Write access is not required."
         
         ::= { mvpnCompliances 2 }

mvpnModuleAdvtStatsCompliance MODULE-COMPLIANCE

         STATUS  current
         DESCRIPTION
              "Compliance statement for agents that support
               the monitoring of the statistics pertaining
               to advertisements sent/received by a PE.
              "
         MODULE  -- this module
         
         MANDATORY-GROUPS {
             mvpnAdvtStatsGroup
         }
         
         ::= { mvpnCompliances 3 }

-- Units of Conformance

      mvpnScalarGroup    OBJECT-GROUP
          OBJECTS {
                    mvpnMvrfs,
                    mvpnV4Mvrfs,
                    mvpnV6Mvrfs,
                    mvpnPimV4Mvrfs,
                    mvpnPimV6Mvrfs,
                    mvpnSPTunnelLimit
                  }
          STATUS      current
          DESCRIPTION
              "These objects are used to monitor/manage
               global statistics and parameters.
              "
          ::= { mvpnGroups 1 }
      
      mvpnBgpScalarGroup    OBJECT-GROUP
          OBJECTS {
                    mvpnMldpMvrfs,
                    mvpnBgpV4Mvrfs,
                    mvpnBgpV6Mvrfs,
                    mvpnBgpCmcastRouteWithdrawalTimer,
                    mvpnBgpSrcSharedTreeJoinTimer
                  }
          STATUS      current
          DESCRIPTION
              "These objects are used to monitor/manage
               BGP-MVPN-specific global parameters.
              "
          ::= { mvpnGroups 2 }
      
      mvpnGenericGroup    OBJECT-GROUP
          OBJECTS {
                    mvpnGenMvrfLastAction,
                    mvpnGenMvrfLastActionTime,
                    mvpnGenMvrfCreationTime,
                    mvpnGenCmcastRouteProtocol,
                    mvpnGenIpmsiInfo,
                    mvpnGenInterAsPmsiInfo,
                    mvpnGenUmhSelection,
                    mvpnGenCustomerSiteType
                  }
          STATUS      current
          DESCRIPTION
              "These objects are used to monitor MVPNs on a PE.
              "
          ::= { mvpnGroups 3 }
      
      mvpnBgpGroup    OBJECT-GROUP
          OBJECTS {
                    mvpnBgpMode,
                    mvpnBgpVrfRouteImportExtendedCommunity,
                    mvpnBgpSrcASExtendedCommunity,
                    mvpnBgpMsgRateLimit,
                    mvpnBgpMaxSpmsiAdRoutes,
                    mvpnBgpMaxSpmsiAdRouteFreq,
                    mvpnBgpMaxSrcActiveAdRoutes,
                    mvpnBgpMaxSrcActiveAdRouteFreq
                  }
          STATUS      current
          DESCRIPTION
              "These objects are used to monitor/manage
               MVPN-wise BGP-specific parameters.
              "
          ::= { mvpnGroups 4 }
      
      mvpnPmsiGroup    OBJECT-GROUP
          OBJECTS {
                    mvpnPmsiRD,
                    mvpnPmsiTunnelType,
                    mvpnPmsiTunnelAttribute,
                    mvpnPmsiTunnelPimGroupAddrType,
                    mvpnPmsiTunnelPimGroupAddr,
                    mvpnPmsiEncapsulationType,
                    mvpnSpmsiPmsiPointer
                  }
          STATUS      current
          DESCRIPTION
              "These objects are used to monitor
               I-PMSI and S-PMSI tunnels on a PE.
              "
          ::= { mvpnGroups 5 }
      
      mvpnAdvtStatsGroup    OBJECT-GROUP
          OBJECTS {
                    mvpnAdvtSent,
                    mvpnAdvtReceived,
                    mvpnAdvtReceivedError,
                    mvpnAdvtReceivedMalformedTunnelType,
                    mvpnAdvtReceivedMalformedTunnelId,
                    mvpnAdvtLastSentTime,
                    mvpnAdvtLastReceivedTime,
                    mvpnAdvtCounterDiscontinuityTime
                  }
          STATUS      current
          DESCRIPTION
              "These objects are used to monitor
               the statistics pertaining to I-PMSI and S-PMSI
               advertisements sent/received by a PE.
              "
          ::= { mvpnGroups 6 }
      
      mvpnMrouteGroup    OBJECT-GROUP
          OBJECTS {
                    mvpnMrouteUpstreamNeighborAddrType,
                    mvpnMrouteUpstreamNeighborAddr,
                    mvpnMrouteInIfIndex,
                    mvpnMrouteExpiryTime,
                    mvpnMrouteProtocol,
                    mvpnMrouteRtProtocol,
                    mvpnMrouteRtAddrType,
                    mvpnMrouteRtAddr,
                    mvpnMrouteRtPrefixLength,
                    mvpnMrouteRtType,
                    mvpnMrouteOctets,
                    mvpnMroutePkts,
                    mvpnMrouteTtlDroppedOctets,
                    mvpnMrouteTtlDroppedPackets,
                    mvpnMrouteDroppedInOctets,
                    mvpnMrouteDroppedInPackets,
                    mvpnMroutePmsiPointer,
                    mvpnMrouteNumberOfLocalReplication,
                    mvpnMrouteNumberOfRemoteReplication,
                    mvpnMrouteCounterDiscontinuityTime
                  }
          STATUS      current
          DESCRIPTION
              "These objects are used to monitor multicast routing
               information corresponding to the MVRFs on a PE.
              "
          ::= { mvpnGroups 7 }
      
      mvpnMrouteNextHopGroup    OBJECT-GROUP
          OBJECTS {
                    mvpnMrouteNextHopState,
                    mvpnMrouteNextHopExpiryTime,
                    mvpnMrouteNextHopClosestMemberHops,
                    mvpnMrouteNextHopProtocol,
                    mvpnMrouteNextHopOctets,
                    mvpnMrouteNextHopPkts,
                    mvpnMrouteNextHopCounterDiscontinuityTime
                  }
          STATUS      current
          DESCRIPTION
              "These objects are used to monitor the information on
               next hops for routing datagrams to MVPNs on a PE.
              "
          ::= { mvpnGroups 8 }

mvpnNotificationGroup NOTIFICATION-GROUP

          NOTIFICATIONS {
                       mvpnMvrfActionTaken
                        }
          STATUS  current
          DESCRIPTION
             "Objects required for MVPN notifications."
          ::= { mvpnGroups 9 }
  
  END

4. Security Considerations

This MIB module contains some read-only objects that may be deemed sensitive. It also contains some read-write objects whose settings will change the device's MVPN-related behavior. Appropriate security procedures that are related to SNMP in general but are not specific to this MIB module need to be implemented by concerned operators.

There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection opens devices to attack. These are the tables and objects and their sensitivity/vulnerability:

  • mvpnSPTunnelLimit

The value of this object is used to control the maximum number of selective provider tunnels that a PE allows for a particular MVPN. Access to this object may be abused to impact the performance of the PE or prevent the PE from having new selective provider tunnels.

  • mvpnBgpCmcastRouteWithdrawalTimer

The value of this object is used to control the delay for the advertisement of withdrawals of C-multicast routes. Access to this object may be abused to impact the performance of a PE.

  • mvpnBgpSrcSharedTreeJoinTimer

The value of this object is used to control the delay for the advertisement of Source/Shared Tree Join C-multicast routes. Access to this object may be abused to impact the propagation of C-multicast routing information.

  • mvpnBgpMsgRateLimit

The value of this object is used to control the upper bound for the rate of BGP C-multicast routing information message exchange among PEs. Access to this object may be abused to impact the performance of the PE or disrupt the C-multicast routing information message exchange using BGP.

  • mvpnBgpMaxSpmsiAdRoutes

The value of this object is used to control the upper bound for the number of S-PMSI A-D routes. Access to this object may be abused to impact the performance of the PE or prevent the PE from receiving S-PMSI A-D routes.

  • mvpnBgpMaxSpmsiAdRouteFreq

The value of this object is used to control the upper bound for the frequency of S-PMSI A-D route generation. Access to this object may be abused to impact the performance of the PE or prevent the PE from generating new S-PMSI A-D routes.

  • mvpnBgpMaxSrcActiveAdRoutes

The value of this object is used to control the upper bound for the number of Source Active A-D routes. Access to this object may be abused to impact the performance of the PE or prevent the PE from receiving Source Active A-D routes.

  • mvpnBgpMaxSrcActiveAdRouteFreq

The value of this object is used to control the upper bound for the frequency of Source Active A-D route generation. Access to this object may be abused to impact the performance of the PE or prevent the PE from generating new Source Active A-D routes.

Some of the objects in this MIB module may be considered sensitive or vulnerable in some network environments. This includes INDEX objects with a MAX-ACCESS of not-accessible, and any indices from other modules exposed via AUGMENTS. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability:

  • The address-related objects in this MIB module may have impact on privacy and security. These objects may reveal the locations of senders and recipients.
  • mvpnPmsiTunnelPimGroupAddr
  • mvpnSpmsiCmcastGroupAddr
  • mvpnSpmsiCmcastSourceAddr
  • mvpnAdvtPeerAddr
  • mvpnMrouteCmcastGroupAddr
  • mvpnMrouteCmcastSourceAddrs
  • mvpnMrouteUpstreamNeighborAddr
  • mvpnMrouteRtAddr
  • mvpnMrouteNextHopGroupAddr
  • mvpnMrouteNextHopSourceAddrs
  • mvpnMrouteNextHopAddr

SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPsec), there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module.

Implementations SHOULD provide the security features described by the SNMPv3 framework (see [RFC3410]), and implementations claiming compliance to the SNMPv3 standard MUST include full support for authentication and privacy via the User-based Security Model (USM) [RFC3414] with the AES cipher algorithm [RFC3826]. Implementations MAY also provide support for the Transport Security Model (TSM) [RFC5591] in combination with a secure transport such as SSH [RFC5592] or TLS/DTLS [RFC6353].

Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them.

5. IANA Considerations

The MIB module in this document uses the following IANA-assigned OBJECT IDENTIFIER value recorded in the "SMI Network Management MGMT Codes Internet-standard MIB" registry:

   Name     Description                        OBJECT IDENTIFIER value
   -------  ---------------------------------  ----------------------
   mvpnMIB  BGP-MPLS-LAYER3-VPN-MULTICAST-MIB  { mib-2 243 }

6. References

6.1. Normative References

   [RFC2003]  Perkins, C., "IP Encapsulation within IP", RFC 2003,
              DOI 10.17487/RFC2003, October 1996,
              <https://www.rfc-editor.org/info/rfc2003>.
   
   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.
   
   [RFC2578]  McCloghrie, K., Ed., Perkins, D., Ed., and
              J. Schoenwaelder, Ed., "Structure of Management
              Information Version 2 (SMIv2)", STD 58, RFC 2578,
              DOI 10.17487/RFC2578, April 1999,
              <https://www.rfc-editor.org/info/rfc2578>.
   
   [RFC2579]  McCloghrie, K., Ed., Perkins, D., Ed., and
              J. Schoenwaelder, Ed., "Textual Conventions for SMIv2",
              STD 58, RFC 2579, DOI 10.17487/RFC2579, April 1999,
              <https://www.rfc-editor.org/info/rfc2579>.
   
   [RFC2580]  McCloghrie, K., Ed., Perkins, D., Ed., and
              J. Schoenwaelder, Ed., "Conformance Statements for SMIv2",
              STD 58, RFC 2580, DOI 10.17487/RFC2580, April 1999,
              <https://www.rfc-editor.org/info/rfc2580>.
   
   [RFC2784]  Farinacci, D., Li, T., Hanks, S., Meyer, D., and
              P. Traina, "Generic Routing Encapsulation (GRE)",
              RFC 2784, DOI 10.17487/RFC2784, March 2000,
              <https://www.rfc-editor.org/info/rfc2784>.
   
   [RFC2863]  McCloghrie, K. and F. Kastenholz, "The Interfaces Group
              MIB", RFC 2863, DOI 10.17487/RFC2863, June 2000,
              <https://www.rfc-editor.org/info/rfc2863>.
   
   [RFC3032]  Rosen, E., Tappan, D., Fedorkow, G., Rekhter, Y.,
              Farinacci, D., Li, T., and A. Conta, "MPLS Label Stack
              Encoding", RFC 3032, DOI 10.17487/RFC3032, January 2001,
              <https://www.rfc-editor.org/info/rfc3032>.
   
   [RFC3414]  Blumenthal, U. and B. Wijnen, "User-based Security Model
              (USM) for version 3 of the Simple Network Management
              Protocol (SNMPv3)", STD 62, RFC 3414,
              DOI 10.17487/RFC3414, December 2002,
              <https://www.rfc-editor.org/info/rfc3414>.
   
   [RFC3826]  Blumenthal, U., Maino, F., and K. McCloghrie, "The
              Advanced Encryption Standard (AES) Cipher Algorithm in the
              SNMP User-based Security Model", RFC 3826,
              DOI 10.17487/RFC3826, June 2004,
              <https://www.rfc-editor.org/info/rfc3826>.
   
   [RFC4001]  Daniele, M., Haberman, B., Routhier, S., and
              J. Schoenwaelder, "Textual Conventions for Internet
              Network Addresses", RFC 4001, DOI 10.17487/RFC4001,
              February 2005, <https://www.rfc-editor.org/info/rfc4001>.
   
   [RFC4364]  Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private
              Networks (VPNs)", RFC 4364, DOI 10.17487/RFC4364, February
              2006, <https://www.rfc-editor.org/info/rfc4364>.
   
   [RFC4382]  Nadeau, T., Ed. and H. van der Linde, Ed., "MPLS/BGP Layer
              3 Virtual Private Network (VPN) Management Information
              Base", RFC 4382, DOI 10.17487/RFC4382, February 2006,
              <https://www.rfc-editor.org/info/rfc4382>.
   
   [RFC5132]  McWalter, D., Thaler, D., and A. Kessler, "IP Multicast
              MIB", RFC 5132, DOI 10.17487/RFC5132, December 2007,
              <https://www.rfc-editor.org/info/rfc5132>.
   
   [RFC5591]  Harrington, D. and W. Hardaker, "Transport Security Model
              for the Simple Network Management Protocol (SNMP)",
              STD 78, RFC 5591, DOI 10.17487/RFC5591, June 2009,
              <https://www.rfc-editor.org/info/rfc5591>.
   
   [RFC5592]  Harrington, D., Salowey, J., and W. Hardaker, "Secure
              Shell Transport Model for the Simple Network Management
              Protocol (SNMP)", RFC 5592, DOI 10.17487/RFC5592, June
              2009, <https://www.rfc-editor.org/info/rfc5592>.
   
   [RFC6353]  Hardaker, W., "Transport Layer Security (TLS) Transport
              Model for the Simple Network Management Protocol (SNMP)",
              STD 78, RFC 6353, DOI 10.17487/RFC6353, July 2011,
              <https://www.rfc-editor.org/info/rfc6353>.
   
   [RFC6513]  Rosen, E., Ed. and R. Aggarwal, Ed., "Multicast in MPLS/
              BGP IP VPNs", RFC 6513, DOI 10.17487/RFC6513, February
              2012, <https://www.rfc-editor.org/info/rfc6513>.
   
   [RFC6514]  Aggarwal, R., Rosen, E., Morin, T., and Y. Rekhter, "BGP
              Encodings and Procedures for Multicast in MPLS/BGP IP
              VPNs", RFC 6514, DOI 10.17487/RFC6514, February 2012,
              <https://www.rfc-editor.org/info/rfc6514>.
   
   [RFC6625]  Rosen, E., Ed., Rekhter, Y., Ed., Hendrickx, W., and
              R. Qiu, "Wildcards in Multicast VPN Auto-Discovery
              Routes", RFC 6625, DOI 10.17487/RFC6625, May 2012,
              <https://www.rfc-editor.org/info/rfc6625>.
   
   [RFC7761]  Fenner, B., Handley, M., Holbrook, H., Kouvelas, I.,
              Parekh, R., Zhang, Z., and L. Zheng, "Protocol Independent
              Multicast - Sparse Mode (PIM-SM): Protocol Specification
              (Revised)", STD 83, RFC 7761, DOI 10.17487/RFC7761, March
              2016, <https://www.rfc-editor.org/info/rfc7761>.
   
   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/info/rfc8174>.
   
   [RFC8502]  Zhang, Z. and H. Tsunoda, "L2L3 VPN Multicast MIB",
              RFC 8502, DOI 10.17487/RFC8502, December 2018,
              <https://www.rfc-editor.org/info/rfc8502>.

6.2. Informative References

   [RFC3410]  Case, J., Mundy, R., Partain, D., and B. Stewart,
              "Introduction and Applicability Statements for Internet-
              Standard Management Framework", RFC 3410,
              DOI 10.17487/RFC3410, December 2002,
              <https://www.rfc-editor.org/info/rfc3410>.

Acknowledgements

An earlier draft version of this document was coauthored by Zhaohui (Jeffrey) Zhang, Saud Asif, Andy Green, Sameer Gulrajani, and Pradeep G. Jain. That document, in turn, was based on an earlier document written by Susheela Vaidya, Thomas D. Nadeau, and Harmen Van der Linde.

This document also borrows heavily from the design and descriptions of ipMcastRouteTable and ipMcastRouteNextHopTable from IPMCAST-MIB [RFC5132].

Glenn Mansfield Keeni did the MIB Doctor review and provided valuable comments.

Author's Address

   Hiroshi Tsunoda
   Tohoku Institute of Technology
   35-1, Yagiyama Kasumi-cho, Taihaku-ku
   Sendai  982-8577
   Japan
   
   Phone: +81-22-305-3411
   Email: tsuno@m.ieice.org