Internet Engineering Task Force (IETF)
Request for Comments: 7257
Category: Standards Track
ISSN: 2070-1721
T. Nadeau, Ed.
Lucid Vision
A. Kiran Koushik, Ed.
Brocade
R. Mediratta, Ed.
Cisco Systems, Inc.
July 2014

Virtual Private LAN Service (VPLS) Management Information Base

Abstract

This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects to configure and/or monitor Virtual Private LAN services. It needs to be used in conjunction with the Pseudowire (PW) Management Information Base (PW-STD-MIB from RFC 5601).

Status of This Memo

This is an Internet Standards Track document.

This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.

Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7257.

Copyright Notice

Copyright © 2014 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.

This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November 10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s) controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate it into languages other than English.

Table of Contents

   1. Introduction ....................................................3
   2. Terminology .....................................................3
      2.1. Conventions Used in This Document ..........................4
   3. The Internet-Standard Management Framework ......................4
   4. VPLS MIB Module Architecture ....................................4
      4.1. VPLS-GENERIC-MIB Module Usage ..............................5
      4.2. VPLS-LDP-MIB Module Usage ..................................6
      4.3. VPLS-BGP-MIB Module Usage ..................................6
      4.4. Relations to Other MIB Modules .............................6
   5. Example of the VPLS MIB Modules Usage ...........................6
   6. Object Definitions ..............................................8
      6.1. VPLS-GENERIC-MIB Object Definitions ........................8
      6.2. VPLS-LDP-MIB Object Definitions ...........................29
      6.3. VPLS-BGP-MIB Object Definitions ...........................35
   7. Security Considerations ........................................44
   8. IANA Considerations ............................................45
      8.1. IANA Considerations for VPLS-GENERIC-MIB ..................45
      8.2. IANA Considerations for VPLS-LDP-MIB ......................45
      8.3. IANA Considerations for VPLS-BGP-MIB ......................45
   9. References .....................................................46
      9.1. Normative References ......................................46
      9.2. Informative References ....................................47
   10. Acknowledgments ...............................................48

1. Introduction

This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it defines three MIB modules that can be used to manage VPLS (Virtual Private LAN Service) for transmission over a Packet Switched Network (PSN) using LDP [RFC4762] or BGP [RFC4761] signaling. This MIB module provides generic management of VPLS services as defined by the IETF L2VPN Working Group. Additional MIB modules are also defined for management of LDP VPLS and BGP VPLS services by the IETF L2VPN Working Group.

2. Terminology

This document adopts the definitions, acronyms, and mechanisms described in [RFC3985]. Unless otherwise stated, the mechanisms of [RFC3985] apply and will not be described again here.

2.1. Conventions Used in This Document

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].

3. The Internet-Standard Management Framework

For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410].

Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies MIB modules that are compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580].

4. VPLS MIB Module Architecture

The MIB structure for defining a VPLS service is composed from three MIB modules. (They are referred to as "VPLS MIB" in the figure below.)

The first is the VPLS-GENERIC-MIB module, which configures general parameters of the VPLS service that are common to all types of VPLS services.

The second is the VPLS-LDP-MIB module, which configures VPLS-LDP [RFC4762] specific parameters of the VPLS service.

The third is the VPLS-BGP-MIB module, which configures VPLS-BGP [RFC4761] specific parameters of the VPLS service.

The arrows in Figure 1 indicate whether we can map data from one module into another.

                           ----------     -----------------
               PW Mapping |          |   | PW-ENET-STD-MIB |
                    ----->|PW-STD-MIB|-->|       or        |
     __________    /      |          |   | PW-MPLS-STD-MIB |
    |          |  /        ----------     -----------------
    | VPLS MIB | /                        ------------
    |          |---------------------->  |            |
     ----------  MAC addr. mapping using | BRIDGE-MIB |
                 [SNMP-CONTEXT-MAP-MIB]  |            |
                                          ------------
    
                          Figure 1

Additionally, service-specific modules may be defined in other documents.

4.1. VPLS-GENERIC-MIB Module Usage

An entry in the vplsConfigTable MUST exist for every VPLS service. This table holds generic parameters that apply to a VPLS service which can be signaled via LDP or BGP.

A conceptual row can be created in the vplsConfigTable in one of the following ways:

  1. A Network Management System (NMS) creates a row in the vplsConfigTable using Simple Network Management Protocol (SNMP) Set requests, which causes the node to create and start a new VPLS service. The agent MUST support the creation of VPLS services in this way.
  1. The agent MAY create a row in the vplsConfigTable automatically due to some auto discovery application, or based on configuration that is done through non-SNMP applications. This mode is OPTIONAL.

At least one entry in the vplsPwBindTable MUST exist for each VPLS service.

This Binding table links one VPLS service with one or many pseudowires (defined in [RFC5601]). Each pseudowire may be used as a spoke or as part of a mesh based on the parameters defined in this table.

For each VPLS service, an entry in the vplsBgpAdConfigTable MUST exist if Auto-discovery has been enabled for that service. This table stores the information required for auto-discovery.

For each VPLS service, at least one entry in the vplsBgpRteTargetTable MUST exist if auto-discovery has been configured for that service. One service can import and export multiple Route Targets.

4.2. VPLS-LDP-MIB Module Usage

An entry in the vplsLdpConfigTable MUST be created by the agent for a VPLS service signaled using LDP.

4.3. VPLS-BGP-MIB Module Usage

An entry in the vplsBgpConfigTable MUST be created by the agent for a VPLS service signaled using BGP.

4.4. Relations to Other MIB Modules

  • The vplsPwBindTable links the VPLS entry to the pwTable in [RFC5601].
  • The association of Media Access Control (MAC) addresses to VPLS entries is possible by adding a turnstile function to interpret the entries in [SNMP-CONTEXT-MAP-MIB]. In [SNMP-CONTEXT-MAP-MIB], there is a mapping from the vacmContextName [RFC3415] to dot1dBasePort [RFC4188] and vplsConfigIndex. This mapping can be used to map the vplsConfigIndex to a dot1dBasePort in the BRIDGE- MIB. This resulting value of dot1dBasePort can be used to access corresponding MAC addresses that belong to a particular vplsConfigIndex.
  • Unless all the necessary entries in the applicable tables have been created and all the parameters have been consistently configured in those tables, signaling cannot be performed from the local node, and the vplsConfigRowStatus should report 'notReady'.
  • Statistics can be gathered from the PW Performance tables in [RFC5601].

5. Example of the VPLS MIB Modules Usage

In this section, we provide an example of the use of the MIB objects described in Section 6 to set up a VPLS service over MPLS. While this example is not meant to illustrate every permutation of the MIB, it is intended as an aid to understanding some of the key concepts. It is meant to be read after going through the MIB itself.

In this example, a VPLS service (VPLS-A) is set up using LDP for signaling the pseudowire. The Binding between the VPLS service and the pseudowire is reflected in the VplsPwBindTable. The pseudowire configuration is defined in RFC 5601.

In the VPLS-GENERIC-MIB module:

   Row in vplsConfigTable:
   {
        vplsConfigIndex                         10,
        vplsConfigName                          "VPLS-A"
        vplsConfigAdminStatus                   1(up),
        vplsConfigMacLearning                   1(true),
        vplsConfigDiscardUnknownDest            2(false),
        vplsConfigMacAging                      1(true),
        vplsConfigVpnId                         "100:10"
        vplsConfigRowStatus                     1(active)
   }
   
   Row in vplsStatusTable:
   {
        vplsStatusOperStatus                    1(up),
        vplsStatusPeerCount                     1
   }
   
   Row in VplsPwBindTable :
   {
              vplsPwBindConfigType             manual,
              vplsPwBindType                   spoke,
              vplsPwBindRowStatus              1(active),
              vplsPwBindStorageType            volatile
   }

In the VPLS-LDP-MIB module:

Row in vplsLdpConfigTable:
{

vplsLdpConfigMacAddrWithdraw 1(true),

   }
   
   Row in vplsLdpPwBindTable:
   {
         vplsLdpPwBindType                 1(mesh),
         vplsLdpPwBindMacAddressLimit      100
   }

6. Object Definitions

6.1. VPLS-GENERIC-MIB Object Definitions

   This MIB module mentions the following documents: [RFC2578],
   [RFC2579], [RFC2580], [RFC3411], [RFC5601], [RFC4265], [RFC4364],
   [RFC4761], [RFC4762], [RFC6074], and [RFC3413].
   
   VPLS-GENERIC-MIB DEFINITIONS ::= BEGIN
   
   IMPORTS
   
   NOTIFICATION-TYPE, MODULE-IDENTITY, OBJECT-TYPE,
   Unsigned32, Counter32, transmission
      FROM SNMPv2-SMI                    -- RFC 2578
   
   MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
      FROM SNMPv2-CONF                   -- RFC 2580
   
   TruthValue, RowStatus, StorageType, TEXTUAL-CONVENTION
      FROM SNMPv2-TC                     -- RFC 2579

SnmpAdminString

      FROM SNMP-FRAMEWORK-MIB            -- RFC 3411

pwIndex

      FROM PW-STD-MIB                    -- RFC 5601

VPNIdOrZero

      FROM VPN-TC-STD-MIB                -- RFC 4265
   
   ;

vplsGenericMIB MODULE-IDENTITY

      LAST-UPDATED "201405191200Z"  -- 19 May 2014 12:00:00 GMT
      ORGANIZATION "Layer 2 Virtual Private Networks (L2VPN)
                                 Working Group"
      CONTACT-INFO
          "
           Thomas D. Nadeau
           Email:  tnadeau@lucidvison.com
      
           The L2VPN Working Group (email distribution l2vpn@ietf.org,
           http://www.ietf.org/wg/l2vpn/charter)
           "

DESCRIPTION

"Copyright © 2014 IETF Trust and the persons

identified as authors of the code. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info).

The initial version of this MIB module was published in RFC 7257; for full legal notices see the RFC itself.

This MIB module contains generic managed object definitions for Virtual Private LAN Service as defined in RFC 4761 and RFC 4762.

This MIB module enables the use of any underlying pseudowire network."

      -- Revision history.
     REVISION
         "201405191200Z"  -- 19 May 2014 12:00:00 GMT

DESCRIPTION "Initial version published as part of RFC 7257."

        ::= { transmission 274 }

VplsBgpRouteDistinguisher ::= TEXTUAL-CONVENTION

     STATUS        current
     DESCRIPTION
         "Syntax for a route distinguisher that matches the
          definition in RFC 4364.  For a complete
          definition of a route distinguisher, see RFC 4364.
          For more details on use of a route distinguisher
          for a VPLS service, see RFC 4761."
     REFERENCE
         "RFC 4364"
     SYNTAX       OCTET STRING(SIZE (0..256))

VplsBgpRouteTarget ::= TEXTUAL-CONVENTION

      STATUS        current
      DESCRIPTION
          "Syntax for a Route Target that matches the
           definition in RFC 4364.  For a complete
           definition of a Route Target, see RFC 4364."
      REFERENCE
          "RFC 4364"
      
      SYNTAX       OCTET STRING(SIZE (0..256))

VplsBgpRouteTargetType ::= TEXTUAL-CONVENTION

      STATUS        current
      DESCRIPTION
       "Used to define the type of a Route Target usage.
        Route Targets can be specified to be imported,
        exported, or both.  For a complete definition of a
        Route Target, see RFC 4364."
      REFERENCE
        "RFC 4364"
      SYNTAX         INTEGER { import(1), export(2), both(3) }

-- Top-level components of this MIB.

   -- Notifications
   vplsNotifications OBJECT IDENTIFIER
                                 ::= { vplsGenericMIB 0 }
   -- Tables, Scalars
   vplsObjects       OBJECT IDENTIFIER
                                 ::= { vplsGenericMIB 1 }
   -- Conformance
   vplsConformance   OBJECT IDENTIFIER
                                 ::= { vplsGenericMIB 2 }
   
   -- PW Virtual Connection Table

vplsConfigIndexNext OBJECT-TYPE

      SYNTAX            Unsigned32
      MAX-ACCESS        read-only
      STATUS            current
      DESCRIPTION
          "This object contains an appropriate value to be used
           for vplsConfigIndex when creating entries in the
           vplsConfigTable.  The value 0 indicates that no
           unassigned entries are available.  To obtain the
           value of vplsConfigIndex for a new entry in the
           vplsConfigTable, the manager issues a management
           protocol retrieval operation to obtain the current
           value of vplsConfigIndex.  After each retrieval
           operation, the agent should modify the value to
           reflect the next unassigned index.  After a manager
           retrieves a value the agent will determine through
           its local policy when this index value will be made
           available for reuse."
      ::= { vplsObjects 1 }
      
      vplsConfigTable OBJECT-TYPE
          SYNTAX          SEQUENCE OF VplsConfigEntry
          MAX-ACCESS      not-accessible
          STATUS          current
          DESCRIPTION
               "This table specifies information for configuring
                and monitoring Virtual Private LAN Service (VPLS).
                "
          ::= { vplsObjects 2 }

vplsConfigEntry OBJECT-TYPE

          SYNTAX          VplsConfigEntry
          MAX-ACCESS      not-accessible
          STATUS          current
          DESCRIPTION
           "A row in this table represents a Virtual Private LAN
            Service (VPLS) in a packet network.  It is indexed by
            vplsConfigIndex, which uniquely identifies a single VPLS.

A row is created via SNMP or by the agent if a

VPLS service is created by a non-SNMP application or

due to the Auto-Discovery process.

            All of the read-create objects values except
            vplsConfigSignalingType can be changed when
            vplsConfigRowStatus is in the active(1)
            state.  Changes for vplsConfigSignalingType are only
            allowed when the vplsConfigRowStatus is in
            notInService(2) or notReady(3) states.
            "
          INDEX           { vplsConfigIndex }
          ::= { vplsConfigTable 1 }

VplsConfigEntry ::=

SEQUENCE {

         vplsConfigIndex                               Unsigned32,
         vplsConfigName                                SnmpAdminString,
         vplsConfigDescr                               SnmpAdminString,
         vplsConfigAdminStatus                         INTEGER,
         vplsConfigMacLearning                         TruthValue,
         vplsConfigDiscardUnknownDest                  TruthValue,
         vplsConfigMacAging                            TruthValue,
         vplsConfigFwdFullHighWatermark                Unsigned32,
         vplsConfigFwdFullLowWatermark                 Unsigned32,
         vplsConfigRowStatus                           RowStatus,
         vplsConfigMtu                                 Unsigned32,
         vplsConfigVpnId                               VPNIdOrZero,
         vplsConfigStorageType                         StorageType,
         vplsConfigSignalingType                       INTEGER
         
          }
      
      vplsConfigIndex  OBJECT-TYPE
          SYNTAX          Unsigned32 (1..2147483647)
          MAX-ACCESS      not-accessible
          STATUS          current
          DESCRIPTION
               "Unique index for the conceptual row identifying
                a VPLS service."
          ::= { vplsConfigEntry 1 }
      
      vplsConfigName  OBJECT-TYPE
          SYNTAX          SnmpAdminString
          MAX-ACCESS      read-create
          STATUS          current
          DESCRIPTION
               "A textual name of the VPLS.
                If there is no local name, or this object is
                otherwise not applicable, then this object MUST
                contain a zero-length octet string."
          DEFVAL           { "" }
          ::= { vplsConfigEntry 2 }
      
      vplsConfigDescr  OBJECT-TYPE
          SYNTAX          SnmpAdminString
          MAX-ACCESS      read-create
          STATUS          current
          DESCRIPTION
               "A textual string containing information about the
               VPLS service.  If there is no information for this VPLS
               service, then this object MUST contain a zero-length
               octet string."
          DEFVAL           { "" }
          ::= { vplsConfigEntry 3 }

vplsConfigAdminStatus OBJECT-TYPE

          SYNTAX          INTEGER {
                              up(1),
                              down(2),
                              testing(3)   -- in some test mode
          
                          }
          MAX-ACCESS      read-create
          STATUS          current
          DESCRIPTION
               "The desired administrative state of the VPLS
                service.  If the administrative status of the
                VPLS service is changed to enabled, then this
                service is able to utilize pseudowires to
                perform the tasks of a VPLS service.
                The testing(3) state indicates that no operational
                packets can be passed."
          DEFVAL           { down }
          ::= { vplsConfigEntry 4 }

vplsConfigMacLearning OBJECT-TYPE

          SYNTAX          TruthValue
          MAX-ACCESS      read-create
          STATUS          current
          DESCRIPTION
               "This object specifies if MAC Learning is enabled
                in this service.  If this object is true then MAC
                Learning is enabled.  If false, then MAC Learning is
                disabled."
          DEFVAL          { true }
          ::= { vplsConfigEntry 6 }

vplsConfigDiscardUnknownDest OBJECT-TYPE

          SYNTAX          TruthValue
          MAX-ACCESS      read-create
          STATUS          current
          DESCRIPTION
               "If the value of this object is 'true', then frames
                received with an unknown destination MAC are discarded
                in this VPLS.  If 'false', then the packets are
                processed."
          DEFVAL          { false }
          ::= { vplsConfigEntry 7 }

vplsConfigMacAging OBJECT-TYPE

          SYNTAX          TruthValue
          MAX-ACCESS      read-create
          STATUS          current
          DESCRIPTION
               "If the value of this object is 'true',
                then the MAC aging process is enabled in
                this VPLS.  If 'false', then the MAC aging process
                is disabled."
          DEFVAL          { true }
          ::= { vplsConfigEntry 8 }

vplsConfigFwdFullHighWatermark OBJECT-TYPE

          SYNTAX          Unsigned32 (0..100)
          UNITS           "percentage"
          MAX-ACCESS      read-create
          STATUS          current

DESCRIPTION

"This object specifies the utilization of the

forwarding database for this VPLS instance at which the vplsFwdFullAlarmRaised notification will be sent. The value of this object must be higher than vplsConfigFwdFullLowWatermark."

          DEFVAL          { 95 }
          ::= { vplsConfigEntry 10 }

vplsConfigFwdFullLowWatermark OBJECT-TYPE

          SYNTAX          Unsigned32 (0..99)
          UNITS           "percentage"
          MAX-ACCESS      read-create
          STATUS          current
          DESCRIPTION
               "This object specifies the utilization of the
                forwarding database for this VPLS instance
                at which the vplsFwdFullAlarmCleared
                notification will be sent.  The value of this
                object must be less than
                vplsConfigFwdFullHighWatermark."
          DEFVAL          { 90 }
          ::= { vplsConfigEntry 11 }

vplsConfigRowStatus OBJECT-TYPE

          SYNTAX          RowStatus
          MAX-ACCESS      read-create
          STATUS          current
          DESCRIPTION
               "For creating, modifying, and deleting this row.

All other objects in this row must be set to valid values before this object can be set to active(1).

None of the read-create objects in the

conceptual rows may be changed when this

object is in the active(1) state.

                If this object is set to destroy(6) or deleted by the
                agent, all associated entries in the vplsPwBindTable,
                vplsBgpRteTargetTable, and vplsBgpVETable shall be
                deleted."
          ::= { vplsConfigEntry 12 }

vplsConfigMtu OBJECT-TYPE

          SYNTAX          Unsigned32 (64..9192)
          MAX-ACCESS      read-create
          
          STATUS          current
          DESCRIPTION
               "The value of this object specifies the MTU of this
                VPLS instance.  This can be used to limit the MTU to a
                value lower than the MTU supported by the associated
                pseudowires."
          DEFVAL          { 1518 }
          ::= { vplsConfigEntry 13 }

vplsConfigVpnId OBJECT-TYPE

          SYNTAX          VPNIdOrZero
          MAX-ACCESS      read-create
          STATUS          current
          DESCRIPTION
               "This objects indicates the IEEE 802-1990
                VPN ID of the associated VPLS service."
          ::= { vplsConfigEntry 14 }

vplsConfigStorageType OBJECT-TYPE

          SYNTAX        StorageType
          MAX-ACCESS    read-create
          STATUS        current
          DESCRIPTION
               "This variable indicates the storage type for this row."
          DEFVAL { nonVolatile }
          ::= { vplsConfigEntry 15 }

vplsConfigSignalingType OBJECT-TYPE

          SYNTAX          INTEGER {
                              ldp(1),
                              bgp(2),
                              none(3)
          
                          }
          MAX-ACCESS      read-create
          STATUS          current
          DESCRIPTION
               "Desired signaling type of the VPLS service.

If the value of this object is ldp(1), then a corresponding entry in vplsLdpConfigTable is required.

If the value of this object is bgp(2), then a corresponding entry in vplsBgpConfigTable is required.

               If the value of this object is none(3), then it
               indicates a static configuration of PW labels."
          DEFVAL           { none }
          ::= { vplsConfigEntry 16 }

-- VPLS Status table

vplsStatusTable OBJECT-TYPE

       SYNTAX          SEQUENCE OF VplsStatusEntry
       MAX-ACCESS      not-accessible
       STATUS          current
       DESCRIPTION
             "This table provides information for monitoring
             Virtual Private LAN Service (VPLS).
             "
       ::= { vplsObjects 3 }

vplsStatusEntry OBJECT-TYPE

       SYNTAX          VplsStatusEntry
       MAX-ACCESS      not-accessible
       STATUS          current
       DESCRIPTION
       
        "A row in this table represents a Virtual Private LAN
         Service (VPLS) in a packet network.  It is indexed by
         vplsConfigIndex, which uniquely identifies a single VPLS.
       
         A row in this table is automatically created by the agent
         when a VPLS service is first set to active.
         "
       AUGMENTS           { vplsConfigEntry }
       ::= { vplsStatusTable 1 }

VplsStatusEntry ::=

SEQUENCE {

       vplsStatusOperStatus                        INTEGER,
       vplsStatusPeerCount                         Counter32
        }

vplsStatusOperStatus OBJECT-TYPE

        SYNTAX          INTEGER {
                            other(0),
                            up(1),
                            down(2)
                        }
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
             "The current operational state of this VPLS service."
        ::= { vplsStatusEntry 1 }
    
    vplsStatusPeerCount OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
             "This objects specifies the number of peers
              (pseudowires) present in this VPLS instance."
        ::= { vplsStatusEntry 2 }
    
    -- VPLS PW Binding Table
    
    vplsPwBindTable  OBJECT-TYPE
        SYNTAX          SEQUENCE OF VplsPwBindEntry
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION
             "This table provides an association between a
              VPLS service and the corresponding pseudowires.
              A service can have more than one pseudowire
              association.  Pseudowires are defined in
              the pwTable"
        ::= { vplsObjects 4 }

vplsPwBindEntry OBJECT-TYPE

        SYNTAX          VplsPwBindEntry
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION
             "Each row represents an association between a
              VPLS instance and a pseudowire
              defined in the pwTable.  Each index is unique
              in describing an entry in this table.  However,
              both indexes are required to define the one
              to many association of service to
              pseudowire.

Entries in this table may be created or deleted through SNMP, as side effects of console or other non-SNMP management commands, or upon learning via autodiscovery.

              It is optional for the agent to allow entries to be
              created that point to nonexistent entries in
              vplsConfigTable."
        INDEX  { vplsConfigIndex, pwIndex }
        ::= { vplsPwBindTable 1 }

VplsPwBindEntry ::=

        SEQUENCE {
        
            vplsPwBindConfigType              INTEGER,
            vplsPwBindType                  INTEGER,
            vplsPwBindRowStatus             RowStatus,
            vplsPwBindStorageType             StorageType
        }
    
    vplsPwBindConfigType   OBJECT-TYPE
         SYNTAX          INTEGER {
                                 manual        (1),
                                 autodiscovery (2)
                         }
         MAX-ACCESS      read-create
         STATUS          current
         DESCRIPTION
              "The value of this object indicates
               whether the pseudowire Binding was created
               via SNMP/Console or via Auto-Discovery.
    
               The value of this object must be
               specified when the row is created and cannot
               be changed while the row status is active(1)"
        ::= { vplsPwBindEntry 1 }
    
    vplsPwBindType   OBJECT-TYPE
         SYNTAX          INTEGER {
                                 mesh  (1),
                                 spoke (2)
                         }
         MAX-ACCESS      read-create
         STATUS          current
         DESCRIPTION
              "The value of this object indicates
               whether the pseudowire Binding is of
               type mesh or spoke.
    
               The value of this object must be
               specified when the row is created and cannot
               be changed while the row status is active(1)"
        ::= { vplsPwBindEntry 2 }
    
    vplsPwBindRowStatus  OBJECT-TYPE
         SYNTAX          RowStatus
         MAX-ACCESS      read-create
         STATUS          current
         DESCRIPTION
              "For creating, modifying, and deleting this row.

All other objects in this row must be set to valid values before this object can be set to active(1).

None of the read-create objects in the

conceptual rows may be changed when this

object is in the active(1) state.

               If autodiscovered entries are deleted they would
               likely re-appear in the next autodiscovery interval."
        ::= { vplsPwBindEntry 3 }

vplsPwBindStorageType OBJECT-TYPE

         SYNTAX        StorageType
         MAX-ACCESS    read-create
         STATUS        current
         DESCRIPTION
             "This variable indicates the storage type for this row."
         DEFVAL { volatile }
         ::= { vplsPwBindEntry 4 }
   
   -- vplsBgpADConfigTable

vplsBgpADConfigTable OBJECT-TYPE

         SYNTAX          SEQUENCE OF VplsBgpADConfigEntry
         MAX-ACCESS      not-accessible
         STATUS          current
         DESCRIPTION
         "This table specifies information for configuring
          BGP Auto-Discovery parameters for a given VPLS service.
         "
         ::= { vplsObjects 5 }

vplsBgpADConfigEntry OBJECT-TYPE

         SYNTAX          VplsBgpADConfigEntry
         MAX-ACCESS      not-accessible
         STATUS          current
         DESCRIPTION
         "A row in this table indicates that BGP based Auto-
          Discovery is in use for this instance of VPLS.
          A row in this table is indexed by vplsConfigIndex, which
          uniquely identifies a single VPLS.

Entries in this table may be created or deleted through SNMP, as side effects of console or other non-SNMP management commands, or upon learning via autodiscovery.

All of the read-create objects can be changed when

vplsBGPADConfigRowStatus is in active(1) state."

         INDEX      { vplsConfigIndex }
         ::= { vplsBgpADConfigTable 1 }

VplsBgpADConfigEntry ::=

      SEQUENCE {
       vplsBgpADConfigRouteDistinguisher  VplsBgpRouteDistinguisher,
       vplsBgpADConfigPrefix              Unsigned32,
       vplsBgpADConfigVplsId              VplsBgpRouteDistinguisher,
       vplsBgpADConfigRowStatus           RowStatus,
       vplsBgpADConfigStorageType         StorageType
      }

vplsBgpADConfigRouteDistinguisher OBJECT-TYPE

         SYNTAX          VplsBgpRouteDistinguisher
         MAX-ACCESS      read-create
         STATUS          current
         DESCRIPTION
         "The route distinguisher for this VPLS.  See RFC 4364
         for a complete definition of a route distinguisher.
         For more details on use of a route distinguisher
         for a VPLS service, see RFC 4761.  When not configured, the
         value is derived from the lower 6 bytes of
         vplsBgpADConfigVplsId.
         "
         ::= { vplsBgpADConfigEntry 1 }
         
         vplsBgpADConfigPrefix      OBJECT-TYPE
         SYNTAX          Unsigned32
         MAX-ACCESS      read-create
         STATUS          current
         DESCRIPTION
         "In case of auto-discovery, the default prefix advertised
         is the IP address of the loopback.  In case the user wants
         to override the loopback address, vplsBgpADConfigPrefix
         should be set.  When this value is non-zero, this value is
         used along with vplsBgpADConfigRouteDistinguisher in the
         Network Layer Reachability Information (NLRI), see RFC 6074.
         "
         DEFVAL { 0 }
         ::= { vplsBgpADConfigEntry 2 }
   
   vplsBgpADConfigVplsId          OBJECT-TYPE
         SYNTAX          VplsBgpRouteDistinguisher
         MAX-ACCESS      read-create
         STATUS          current
         DESCRIPTION
         "VplsId is a unique identifier for all Virtual Switch
          Instances (VSIs) belonging to the same VPLS.  It is

advertised as an extended community.
"
::= { vplsBgpADConfigEntry 3 }

vplsBgpADConfigRowStatus OBJECT-TYPE

         SYNTAX          RowStatus
         MAX-ACCESS      read-create
         STATUS          current
         DESCRIPTION
         "For creating, modifying, and deleting this row.

All other objects in this row must be set to valid

values before this object can be set to active(1).

None of the read-create objects in the
conceptual rows may be changed when this
object is in the active(1) state."
::= { vplsBgpADConfigEntry 4 }

vplsBgpADConfigStorageType OBJECT-TYPE

        SYNTAX        StorageType
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
        "This variable indicates the storage type for this row."
        DEFVAL { nonVolatile }
        ::= { vplsBgpADConfigEntry 5 }
   
   -- vplsBgpRteTargetTable
   
     vplsBgpRteTargetTable   OBJECT-TYPE
           SYNTAX          SEQUENCE OF VplsBgpRteTargetEntry
           MAX-ACCESS      not-accessible
           STATUS          current
           DESCRIPTION
           "This table specifies the list of Route Targets
            imported or exported by BGP during
            auto-discovery of VPLS.
           "
           ::= { vplsObjects 6 }
   
     vplsBgpRteTargetEntry   OBJECT-TYPE
           SYNTAX          VplsBgpRteTargetEntry
           MAX-ACCESS      not-accessible
           STATUS          current
           DESCRIPTION
           "An entry in this table specifies the value of the
           Route Target being used by BGP.  Depending on the value

of vplsBgpRteTargetType, a Route Target might be exported, imported, or both. Every VPLS that uses auto-discovery for finding peer nodes can import and export multiple Route Targets. This representation allows support for hierarchical VPLS.

Entries in this table may be created or deleted through SNMP, as side effects of console or other non-SNMP management commands, or upon learning via autodiscovery.

           It is optional for the agent to allow entries to be
           created that point to nonexistent entries in
           vplsConfigTable."
           INDEX     { vplsConfigIndex, vplsBgpRteTargetIndex }
           ::= { vplsBgpRteTargetTable 1 }

VplsBgpRteTargetEntry ::=

        SEQUENCE {
         vplsBgpRteTargetIndex          Unsigned32,
         vplsBgpRteTargetRTType         VplsBgpRouteTargetType,
         vplsBgpRteTargetRT             VplsBgpRouteTarget,
         vplsBgpRteTargetRowStatus      RowStatus,
         vplsBgpRteTargetStorageType    StorageType
        }
     
     vplsBgpRteTargetIndex   OBJECT-TYPE
           SYNTAX          Unsigned32
           MAX-ACCESS      not-accessible
           STATUS          current
           DESCRIPTION
           "This index, along with vplsConfigIndex, identifies one
           entry in the vplsBgpRteTargetTable.  By keeping
           vplsConfigIndex constant and using a new value of
           vplsBgpRteTargetIndex, users can configure multiple
           Route Targets for the same VPLS.
           "
           ::= { vplsBgpRteTargetEntry 1 }
     
     vplsBgpRteTargetRTType  OBJECT-TYPE
           SYNTAX          VplsBgpRouteTargetType
           MAX-ACCESS      read-create
           STATUS          current
           DESCRIPTION
           "Used to define the type of a Route Target usage.
            Route Targets can be specified to be imported,
            exported, or both.  For a complete definition of a
            Route Target, see RFC 4364."
           ::= { vplsBgpRteTargetEntry 2 }
     
     vplsBgpRteTargetRT     OBJECT-TYPE
           SYNTAX          VplsBgpRouteTarget
           MAX-ACCESS      read-create
           STATUS          current
           DESCRIPTION
           "The Route Target associated with the VPLS service.
            For more details on use of Route Targets
            for a VPLS service, see RFC 4761.
           "
           ::= { vplsBgpRteTargetEntry 3 }
     
     vplsBgpRteTargetRowStatus     OBJECT-TYPE
           SYNTAX          RowStatus
           MAX-ACCESS      read-create
           STATUS          current
           DESCRIPTION
           "This variable is used to create, modify, and/or
            delete a row in this table.

All other objects in this row must be set to valid

values before this object can be set to active(1).

When a row in this table is in active(1) state, no objects in that row can be modified.

            If autodiscovered entries are deleted they would
            likely re-appear in the next autodiscovery interval."
           ::= { vplsBgpRteTargetEntry 4 }

vplsBgpRteTargetStorageType OBJECT-TYPE

          SYNTAX        StorageType
          MAX-ACCESS    read-create
          STATUS        current
          DESCRIPTION
          "This variable indicates the storage type for this row."
          DEFVAL { volatile }
          ::= { vplsBgpRteTargetEntry 5 }
     
     vplsStatusNotifEnable  OBJECT-TYPE
           SYNTAX      TruthValue
           MAX-ACCESS  read-write
           STATUS      current
           DESCRIPTION
           "If this object is set to true(1), then it enables
            the emission of a vplsStatusChanged
            notification; otherwise, this notification is not

emitted."
REFERENCE
"See also RFC 3413 for explanation that notifications are under the ultimate control of the MIB module in this document."
DEFVAL { false }
::= { vplsObjects 7 }

      vplsNotificationMaxRate OBJECT-TYPE
         SYNTAX       Unsigned32
         MAX-ACCESS   read-write
         STATUS       current
         DESCRIPTION
          "This object indicates the maximum number of
           notifications issued per second.  If events occur
           more rapidly, the implementation may simply fail to
           emit these notifications during that period, or it may
           queue them until an appropriate time.  A value of 0
           means no throttling is applied and events may be
           notified at the rate at which they occur."
         DEFVAL       { 0 }
         ::= { vplsObjects 8 }
     -- VPLS Service Notifications

vplsStatusChanged NOTIFICATION-TYPE

         OBJECTS {
             vplsConfigVpnId,
             vplsConfigAdminStatus,
             vplsStatusOperStatus
         }
         STATUS          current
         DESCRIPTION
              "The vplsStatusChanged notification is generated
               when there is a change in the administrative or
               operating status of a VPLS service.
         
               The object instances included in the notification
               are the ones associated with the VPLS service
               whose status has changed."
         ::= { vplsNotifications 1 }

vplsFwdFullAlarmRaised NOTIFICATION-TYPE

         OBJECTS {
             vplsConfigVpnId,
             vplsConfigFwdFullHighWatermark,
             vplsConfigFwdFullLowWatermark
         }
         STATUS          current

DESCRIPTION

"The vplsFwdFullAlarmRaised notification is

generated when the utilization of the Forwarding database is above the value specified by vplsConfigFwdFullHighWatermark.

               The object instances included in the notification
               are the ones associated with the VPLS service
               that has exceeded the threshold."
         ::= { vplsNotifications 2 }

vplsFwdFullAlarmCleared NOTIFICATION-TYPE

         OBJECTS {
             vplsConfigVpnId,
             vplsConfigFwdFullHighWatermark,
             vplsConfigFwdFullLowWatermark
         }
         STATUS          current
         DESCRIPTION
              "The vplsFwdFullAlarmCleared notification is
               generated when the utilization of the Forwarding
               database is below the value specified by
               vplsConfigFwdFullLowWatermark.
         
               The object instances included in the notification
               are the ones associated with the VPLS service
               that has fallen below the threshold."
         ::= { vplsNotifications 3 }
   
   -- Conformance Section
   
   vplsCompliances
     OBJECT IDENTIFIER ::= { vplsConformance 1 }
   -- Compliance requirement for fully compliant implementations

vplsModuleFullCompliance MODULE-COMPLIANCE

      STATUS current
      DESCRIPTION
           "Compliance requirement for implementations that
            provide full support for VPLS-GENERIC-MIB.
            Such devices can then be monitored and configured using
            this MIB module."
      MODULE -- this module

MANDATORY-GROUPS {

vplsGroup,
vplsPwBindGroup,
vplsNotificationGroup

           }
      
      ::= { vplsCompliances 1 }

-- Compliance requirement for read-only implementations.

vplsModuleReadOnlyCompliance MODULE-COMPLIANCE

STATUS current
DESCRIPTION

"Compliance requirement for implementations that only

provide read-only support for VPLS-GENERIC-MIB.

Such devices can then be monitored but cannot be

configured using this MIB modules."

MODULE -- this module

MANDATORY-GROUPS {

               vplsGroup,
               vplsPwBindGroup,
               vplsNotificationGroup
           }
           
           OBJECT          vplsConfigName
           MIN-ACCESS      read-only
           DESCRIPTION
               "Write access is not required."
           
           OBJECT          vplsConfigDescr
           MIN-ACCESS      read-only
           DESCRIPTION
               "Write access is not required."
           
           OBJECT          vplsConfigAdminStatus
           MIN-ACCESS      read-only
           DESCRIPTION

"Write access is not required."

           OBJECT          vplsConfigMacLearning
           MIN-ACCESS      read-only
           DESCRIPTION
               "Write access is not required."
           
           OBJECT          vplsConfigDiscardUnknownDest
           MIN-ACCESS      read-only
           DESCRIPTION
               "Write access is not required."
           
           OBJECT          vplsConfigMacAging
           MIN-ACCESS      read-only
           DESCRIPTION
               "Write access is not required."
           
           OBJECT          vplsConfigFwdFullHighWatermark
           MIN-ACCESS      read-only
           DESCRIPTION

"Write access is not required."

           OBJECT          vplsConfigFwdFullLowWatermark
           MIN-ACCESS      read-only
           DESCRIPTION
               "Write access is not required."
           
           OBJECT          vplsConfigRowStatus
           MIN-ACCESS      read-only
           DESCRIPTION
               "Write access is not required."
           
           OBJECT          vplsConfigMtu
           MIN-ACCESS      read-only
           DESCRIPTION
               "Write access is not required."
           
           OBJECT          vplsPwBindConfigType
           MIN-ACCESS      read-only
           DESCRIPTION
               "Write access is not required."
           
           OBJECT          vplsPwBindType
           MIN-ACCESS      read-only
           DESCRIPTION
               "Write access is not required."
           
           OBJECT          vplsPwBindRowStatus
           MIN-ACCESS      read-only
           DESCRIPTION
               "Write access is not required."
      
      ::= { vplsCompliances 2 }

-- Units of conformance.

vplsGroups

     OBJECT IDENTIFIER ::= { vplsConformance 2 }

vplsGroup OBJECT-GROUP

       OBJECTS {
           vplsConfigName,
           vplsBgpADConfigRouteDistinguisher,
           vplsBgpRteTargetRTType,
           vplsBgpRteTargetRT,
           vplsBgpRteTargetRowStatus,
           vplsBgpRteTargetStorageType,
           vplsBgpADConfigPrefix,
           vplsBgpADConfigVplsId,
           vplsBgpADConfigRowStatus,
           vplsBgpADConfigStorageType,
           vplsConfigDescr,
           vplsConfigAdminStatus,
           vplsConfigMacLearning,
           vplsConfigDiscardUnknownDest,
           vplsConfigMacAging,
           vplsConfigVpnId,
           vplsConfigFwdFullHighWatermark,
           vplsConfigFwdFullLowWatermark,
           vplsConfigRowStatus,
           vplsConfigIndexNext,
           vplsConfigMtu,
           vplsConfigStorageType,
           vplsConfigSignalingType,
           vplsStatusOperStatus,
           vplsStatusPeerCount,
           vplsStatusNotifEnable,
           vplsNotificationMaxRate
       }
       STATUS          current
       DESCRIPTION
            "The group of objects supporting
             management of L2VPN VPLS services"
       ::= { vplsGroups 1 }

vplsPwBindGroup OBJECT-GROUP

       OBJECTS {
           vplsPwBindConfigType,
           vplsPwBindType,
           vplsPwBindRowStatus,
           vplsPwBindStorageType
       }
       STATUS          current
       DESCRIPTION
            "The group of objects supporting
             management of
             pseudowire (PW) Binding to VPLS."
       ::= { vplsGroups 2 }

vplsNotificationGroup NOTIFICATION-GROUP

       NOTIFICATIONS   {
           vplsStatusChanged,
           vplsFwdFullAlarmRaised,
           vplsFwdFullAlarmCleared
       }
       STATUS          current
       DESCRIPTION
            "The group of notifications supporting
             the Notifications generated for
             VPLS services."
       ::= { vplsGroups 3 }
    
    END

6.2. VPLS-LDP-MIB Object Definitions

   This MIB module mentions the following documents:
   [RFC2578], [RFC2579], [RFC2580], [RFC5601], and [RFC4762].
   
   VPLS-LDP-MIB DEFINITIONS ::= BEGIN
   
   IMPORTS
   
   MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
   Unsigned32, transmission
      FROM SNMPv2-SMI                    -- RFC 2578
   
   MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
      FROM SNMPv2-CONF                   -- RFC 2580

TruthValue

      FROM SNMPv2-TC                     -- RFC 2579

pwIndex, pwID

      FROM PW-STD-MIB                    -- RFC 5601

vplsConfigIndex, vplsConfigName

      FROM VPLS-GENERIC-MIB;

vplsLdpMIB MODULE-IDENTITY

      LAST-UPDATED "201405191200Z"  -- 19 May 2014 12:00:00 GMT
      ORGANIZATION "Layer 2 Virtual Private Networks (L2VPN)
                    Working Group"

CONTACT-INFO

"

           Rohit Mediratta
           Email:  romedira@cisco.com
           
           The L2VPN Working Group
           (email distribution l2vpn@ietf.org,
           http://www.ietf.org/wg/l2vpn/charter/)
           "

DESCRIPTION

"Copyright © 2014 IETF Trust and the persons

identified as authors of the code. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info).

The initial version of this MIB module was published in RFC 7257; for full legal notices see the RFC itself.

This MIB module contains managed object definitions for LDP-signaled Virtual Private LAN Services as in RFC 4762.

This MIB module enables the use of any underlying pseudowire network."

-- Revision history.
REVISION

          "201405191200Z"  -- 19 May 2014 12:00:00 GMT

DESCRIPTION "Initial version published as part of RFC 7257."

          ::= { transmission 275 }
   
   -- Top-level components of this MIB.
   -- Notifications

vplsLdpNotifications OBJECT IDENTIFIER

                                 ::= { vplsLdpMIB 0 }
   
   -- Tables, Scalars
   vplsLdpObjects       OBJECT IDENTIFIER
                                 ::= { vplsLdpMIB 1 }
   -- Conformance
   vplsLdpConformance   OBJECT IDENTIFIER
                                 ::= { vplsLdpMIB 2 }

vplsLdpConfigTable OBJECT-TYPE

          SYNTAX          SEQUENCE OF VplsLdpConfigEntry
          MAX-ACCESS      not-accessible
          STATUS          current
          DESCRIPTION
               "This table specifies information for configuring
                and monitoring LDP-specific parameters for
                Virtual Private LAN Service (VPLS)."
          ::= { vplsLdpObjects 1 }

vplsLdpConfigEntry OBJECT-TYPE

          SYNTAX          VplsLdpConfigEntry
          MAX-ACCESS      not-accessible
          STATUS          current
          DESCRIPTION
          
           "A row in this table represents LDP-specific information
           for Virtual Private LAN Service (VPLS) in a packet
           network.  It is indexed by vplsConfigIndex, which uniquely
           identifies a single VPLS.

A row is automatically created when a VPLS service is configured using LDP signaling.

           All of the writable objects values can be
           changed when vplsConfigRowStatus is in the active(1)
           state.
           "
          INDEX           { vplsConfigIndex }
          ::= { vplsLdpConfigTable 1 }

VplsLdpConfigEntry ::=

SEQUENCE {

         vplsLdpConfigMacAddrWithdraw                   TruthValue
         
          }

vplsLdpConfigMacAddrWithdraw OBJECT-TYPE

          SYNTAX          TruthValue
          MAX-ACCESS      read-write
          STATUS          current
          DESCRIPTION
               "This object specifies if MAC address withdrawal
                is enabled in this service.  If this object is 'true',
                then MAC address withdrawal is enabled.  If 'false',
                then MAC address withdrawal is disabled."
          DEFVAL          { true }
          ::= { vplsLdpConfigEntry 1 }

-- VPLS LDP PW Binding Table

vplsLdpPwBindTable OBJECT-TYPE

          SYNTAX          SEQUENCE OF VplsLdpPwBindEntry
          MAX-ACCESS      not-accessible
          STATUS          current
          DESCRIPTION
               "This table provides LDP-specific information for
                an association between a VPLS service and the
                corresponding pseudowires.  A service can have more
                than one pseudowire association.  Pseudowires are
                defined in the pwTable."
          ::= { vplsLdpObjects 2 }

vplsLdpPwBindEntry OBJECT-TYPE

          SYNTAX          VplsLdpPwBindEntry
          MAX-ACCESS      not-accessible
          STATUS          current
          DESCRIPTION
               "Each row represents an association between a
                VPLS instance and one or more pseudowires
                defined in the pwTable.  Each index is unique
                in describing an entry in this table.  However,
                both indexes are required to define the
                one-to-many association of service to pseudowire.

An entry in this table in instantiated only when LDP signaling is used to configure VPLS service.

                Each entry in this table provides LDP-specific
                information for the VPLS represented by
                vplsConfigIndex."
          INDEX  { vplsConfigIndex, pwIndex }
          ::= { vplsLdpPwBindTable 1 }

VplsLdpPwBindEntry ::=

          SEQUENCE {
              vplsLdpPwBindMacAddressLimit       Unsigned32
          }

vplsLdpPwBindMacAddressLimit OBJECT-TYPE

          SYNTAX          Unsigned32 (0..4294967295)
          MAX-ACCESS      read-write
          STATUS          current
          DESCRIPTION
               "The value of this object specifies the maximum
          
                number of learned and static entries allowed in the
                Forwarding database for this PW Binding.  The value 0
                means there is no limit for this PW Binding."
          DEFVAL          { 0 }
          ::= { vplsLdpPwBindEntry 1 }
      
      -- VPLS LDP Service Notifications

vplsLdpPwBindMacTableFull NOTIFICATION-TYPE

          OBJECTS {
              vplsConfigName,
              pwID
          }
          STATUS          current
          DESCRIPTION
               "The vplsLdpPwBindMacTableFull notification is generated
                when the number of learned MAC addresses increases to
                the value specified in vplsLdpPwBindMacAddressLimit."
          ::= { vplsLdpNotifications 1 }
   
   -- Conformance Section

vplsLdpCompliances

     OBJECT IDENTIFIER ::= { vplsLdpConformance 1 }

-- Compliance requirement for fully compliant implementations

vplsLdpModuleFullCompliance MODULE-COMPLIANCE

STATUS current
DESCRIPTION

"Compliance requirement for implementations that

provide full support for VPLS-LDP-MIB.

Such devices can then be monitored and configured using this MIB module."

MODULE -- this module

MANDATORY-GROUPS {

               vplsLdpGroup,
               vplsLdpNotificationGroup
           }
      
      ::= { vplsLdpCompliances 1 }

-- Compliance requirement for read-only implementations.

   vplsLdpModuleReadOnlyCompliance MODULE-COMPLIANCE

STATUS current
DESCRIPTION

"Compliance requirement for implementations that only

provide read-only support for VPLS-LDP-MIB.

Such devices can then be monitored but cannot be configured using this MIB modules."

MODULE -- this module

MANDATORY-GROUPS {

               vplsLdpGroup,
               vplsLdpNotificationGroup
           }
           
           OBJECT          vplsLdpConfigMacAddrWithdraw
           MIN-ACCESS      read-only
           DESCRIPTION
               "Write access is not required."
           
           OBJECT          vplsLdpPwBindMacAddressLimit
           MIN-ACCESS      read-only
           DESCRIPTION
               "Write access is not required."
        
        ::= { vplsLdpCompliances 2 }

-- Units of conformance.

vplsLdpGroups

      OBJECT IDENTIFIER ::= { vplsLdpConformance 2 }

vplsLdpGroup OBJECT-GROUP

        OBJECTS {
            vplsLdpConfigMacAddrWithdraw,
            vplsLdpPwBindMacAddressLimit
        }
        STATUS          current
        DESCRIPTION
             "The group of objects supporting
              management of L2VPN VPLS services using LDP."
        ::= { vplsLdpGroups 1 }

vplsLdpNotificationGroup NOTIFICATION-GROUP

        NOTIFICATIONS   {
            vplsLdpPwBindMacTableFull
        
        }
        STATUS          current
        DESCRIPTION
             "The group of notifications supporting
              the  Notifications generated for
              VPLS LDP Service."
        ::= { vplsLdpGroups 2 }
   
   END

6.3. VPLS-BGP-MIB Object Definitions

   This MIB module mentions the following documents:
   [RFC2578], [RFC2579], [RFC2580], [RFC3411],
   [RFC5601], and [RFC4761].
   
   VPLS-BGP-MIB DEFINITIONS ::= BEGIN
   
   IMPORTS
   
   MODULE-IDENTITY, OBJECT-TYPE,
   Unsigned32, transmission
      FROM SNMPv2-SMI                    -- RFC 2578

MODULE-COMPLIANCE, OBJECT-GROUP

      FROM SNMPv2-CONF                   -- RFC 2580

RowStatus, StorageType

      FROM SNMPv2-TC                     -- RFC 2579

SnmpAdminString

      FROM SNMP-FRAMEWORK-MIB            -- RFC 3411

pwIndex

      FROM PW-STD-MIB                    -- RFC 5601
   
   vplsConfigIndex
      FROM VPLS-GENERIC-MIB
   ;

vplsBgpMIB MODULE-IDENTITY

      LAST-UPDATED "201405191200Z"  -- 19 May 2014 12:00:00 GMT
      
      ORGANIZATION "Layer 2 Virtual Private Networks (L2VPN)
                                 Working Group"
      CONTACT-INFO
          "
           V. J. Shah
           Email: vshah@juniper.net
           The L2VPN Working Group (email distribution l2vpn@ietf.org,
           http://www.ietf.org/wg/l2vpn/charter/)
           "

DESCRIPTION

"Copyright © 2014 IETF Trust and the persons

identified as authors of the code. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info).

The initial version of this MIB module was published in RFC 7257; for full legal notices see the RFC itself.

This MIB module contains managed object definitions for BGP signaled Virtual Private LAN Service as in
RFC 4761.

This MIB module enables the use of any underlying pseudowire network."

-- Revision history.
REVISION

          "201405191200Z"  -- 19 May 2014 12:00:00 GMT

DESCRIPTION "Initial version published as part of RFC 7257."

            ::= { transmission 276 }

-- Top-level components of this MIB.

   -- Tables, Scalars
   vplsBgpObjects       OBJECT IDENTIFIER
                                 ::= { vplsBgpMIB 1 }
   -- Conformance
   vplsBgpConformance   OBJECT IDENTIFIER
                                 ::= { vplsBgpMIB 2 }
   
      -- Vpls Bgp Config Table

vplsBgpConfigTable OBJECT-TYPE

          SYNTAX          SEQUENCE OF VplsBgpConfigEntry
          MAX-ACCESS      not-accessible
          STATUS          current
          DESCRIPTION
               "This table specifies information for configuring
                and monitoring BGP-specific parameters for
                Virtual Private LAN Service (VPLS)."
          ::= { vplsBgpObjects 1 }

vplsBgpConfigEntry OBJECT-TYPE

          SYNTAX          VplsBgpConfigEntry
          MAX-ACCESS      not-accessible
          STATUS          current
          DESCRIPTION
           "A row in this table represents BGP-specific information
           for Virtual Private LAN Service (VPLS) in a packet
           network.  It is indexed by vplsConfigIndex, which uniquely
           identifies a single instance of a VPLS service.

A row is automatically created when a VPLS service is

created that is configured to use BGP signaling.

           All of the writable object values can be
           changed when vplsConfigRowStatus is in the active(1)
           state.
            "
          INDEX           { vplsConfigIndex }
          ::= { vplsBgpConfigTable 1 }
     
     VplsBgpConfigEntry ::=
     
        SEQUENCE {
         vplsBgpConfigVERangeSize         Unsigned32
        }
     
     vplsBgpConfigVERangeSize   OBJECT-TYPE
        SYNTAX        Unsigned32 (0..65535)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
            "Specifies the size of the range of VPLS Edge
             Identifier (VE ID) in this VPLS service.  This
             number controls the size of the label block
             advertised for this VE by the PE.  A value of 0
             indicates that the range is not configured and
             the PE derives the range value from received
             advertisements from other PEs.
     
             The VE ID takes 2 octets in VPLS BGP NLRI according
             to RFC 4761.  Hence we have limited the range of
             this object to 65535."
        DEFVAL           { 0 }
        ::= { vplsBgpConfigEntry 1 }
     
     -- Vpls Edge Device (VE) Identifier Table

vplsBgpVETable OBJECT-TYPE

         SYNTAX        SEQUENCE OF VplsBgpVEEntry
         MAX-ACCESS    not-accessible
         STATUS        current
         DESCRIPTION
            "This table associates VPLS Edge devices to a VPLS service"
         ::= { vplsBgpObjects 2 }

vplsBgpVEEntry OBJECT-TYPE

         SYNTAX        VplsBgpVEEntry
         MAX-ACCESS    not-accessible
         STATUS        current
         DESCRIPTION
            "An entry in this table is created for each VE ID
             configured on a PE for a particular VPLS service
             instance.

Entries in this table may be created or deleted through SNMP, as side effects of console or other non-SNMP management commands, or upon learning via autodiscovery.

             It is optional for the agent to allow entries to be
             created that point to nonexistent entries in
             vplsConfigTable."
         INDEX  { vplsConfigIndex, vplsBgpVEId }
         ::= { vplsBgpVETable 1 }

VplsBgpVEEntry ::= SEQUENCE {

          vplsBgpVEId          Unsigned32,
          vplsBgpVEName        SnmpAdminString,
          vplsBgpVEPreference  Unsigned32,
          vplsBgpVERowStatus   RowStatus,
          vplsBgpVEStorageType StorageType
        }

vplsBgpVEId OBJECT-TYPE

        SYNTAX        Unsigned32 (1..65535)
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "A secondary index identifying a VE within an
             instance of a VPLS service.
        
             The VE ID takes 2 octets in VPLS BGP NLRI according
             to RFC 4761.  Hence, we have limited the range of
             this object to 65535."
        ::= { vplsBgpVEEntry 1 }

vplsBgpVEName OBJECT-TYPE

        SYNTAX        SnmpAdminString
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Descriptive name for the site or user-facing PE
             (U-PE) associated with this VE ID."
        DEFVAL { "" }
        ::= { vplsBgpVEEntry 2 }

vplsBgpVEPreference OBJECT-TYPE

        SYNTAX        Unsigned32 (0..65535)
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Specifies the preference of the VE ID on this
             Provider Edge (PE) if the site is multihomed
             and VE ID is reused."
        DEFVAL           { 0 }
        ::= { vplsBgpVEEntry 3 }

vplsBgpVERowStatus OBJECT-TYPE

        SYNTAX        RowStatus
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "This variable is used to create, modify, and/or
             delete a row in this table.

All other objects in this row must be set to valid

values before this object can be set to active(1).

             When a row in this table is in active(1) state, no
             objects in that row can be modified except
             vplsBgpSiteRowStatus."
        ::= { vplsBgpVEEntry 5 }

vplsBgpVEStorageType OBJECT-TYPE

          SYNTAX        StorageType
          MAX-ACCESS    read-create
          STATUS        current
          DESCRIPTION
               "This variable indicates the storage type for this
          
                row."
          DEFVAL { volatile }
          ::= { vplsBgpVEEntry 6 }

-- VPLS BGP PW Binding Table

vplsBgpPwBindTable OBJECT-TYPE

          SYNTAX          SEQUENCE OF VplsBgpPwBindEntry
          MAX-ACCESS      not-accessible
          STATUS          current
          DESCRIPTION
               "This table provides BGP-specific information for
                an association between a VPLS service and the
                corresponding pseudowires.  A service can have more
                than one pseudowire association.  Pseudowires are
                defined in the pwTable."
          ::= { vplsBgpObjects 3 }

vplsBgpPwBindEntry OBJECT-TYPE

          SYNTAX          VplsBgpPwBindEntry
          MAX-ACCESS      not-accessible
          STATUS          current
          DESCRIPTION
               "Each row represents an association between a
                VPLS instance and one or more pseudowires
                defined in the pwTable.  Each index is unique
                in describing an entry in this table.  However,
                both indexes are required to define the one
                to many association of service to pseudowire.

An entry in this table in instantiated only when BGP signaling is used to configure VPLS service.

                Each entry in this table provides BGP-specific
                information for the VPLS represented by
                vplsConfigIndex."
          INDEX  { vplsConfigIndex, pwIndex }
          ::= { vplsBgpPwBindTable 1 }
      
      VplsBgpPwBindEntry ::=
          SEQUENCE {
              vplsBgpPwBindLocalVEId        Unsigned32,
              vplsBgpPwBindRemoteVEId       Unsigned32
          }
      vplsBgpPwBindLocalVEId   OBJECT-TYPE
           SYNTAX          Unsigned32 (1..65535)
           MAX-ACCESS      read-only
           STATUS          current

DESCRIPTION

"Identifies the local VE with which this pseudowire

is associated.

                 The VE ID takes 2 octets in VPLS BGP NLRI according
                 to RFC 4761.  Hence, we have limited the range of
                 this object to 65535."
          ::= { vplsBgpPwBindEntry 1 }
      
      vplsBgpPwBindRemoteVEId   OBJECT-TYPE
           SYNTAX          Unsigned32 (1..65535)
           MAX-ACCESS      read-only
           STATUS          current
           DESCRIPTION
                "Identifies the remote VE with which this pseudowire
                 is associated.
      
                 The VE ID takes 2 octets in VPLS BGP NLRI according
                 to RFC 4761.  Hence, we have limited the range of
                 this object to 65535."
          ::= { vplsBgpPwBindEntry 2 }
   
   -- Conformance Section

-- Compliance requirement for fully compliant implementations

vplsBgpCompliances

     OBJECT IDENTIFIER ::= { vplsBgpConformance 1 }

vplsBgpModuleFullCompliance MODULE-COMPLIANCE

STATUS current
DESCRIPTION

"Compliance requirement for implementations that

provide full support for VPLS-BGP-MIB.

Such devices can then be monitored and configured using this MIB module."

MODULE -- this module

          MANDATORY-GROUPS {
               vplsBgpConfigGroup,
               vplsBgpVEGroup,
               vplsBgpPwBindGroup
           }
      ::= { vplsBgpCompliances 1 }

-- Compliance requirement for read-only implementations.

vplsBgpModuleReadOnlyCompliance MODULE-COMPLIANCE

STATUS current
DESCRIPTION

"Compliance requirement for implementations that only

provide read-only support for VPLS-BGP-MIB.

Such devices can then be monitored but cannot be

configured using this MIB modules."

MODULE -- this module

MANDATORY-GROUPS {

               vplsBgpConfigGroup,
               vplsBgpVEGroup,
               vplsBgpPwBindGroup
           }
           
           OBJECT          vplsBgpConfigVERangeSize
           MIN-ACCESS      read-only
           DESCRIPTION
               "Write access is not required."
           
           OBJECT          vplsBgpVEName
           MIN-ACCESS      read-only
           DESCRIPTION
               "Write access is not required."
           
           OBJECT          vplsBgpVEPreference
           MIN-ACCESS      read-only
           DESCRIPTION
               "Write access is not required."
           
           OBJECT          vplsBgpVERowStatus
           MIN-ACCESS      read-only
           DESCRIPTION
               "Write access is not required."
      
      ::= { vplsBgpCompliances 2 }

-- Units of conformance.

    vplsBgpGroups
    
      OBJECT IDENTIFIER ::= { vplsBgpConformance 2 }

vplsBgpConfigGroup OBJECT-GROUP

        OBJECTS {
            vplsBgpConfigVERangeSize
        }
        STATUS          current
        DESCRIPTION
             "The group of objects supporting configuration
              of L2VPN VPLS services using BGP."
        ::= { vplsBgpGroups 1 }

vplsBgpVEGroup OBJECT-GROUP

        OBJECTS {
            vplsBgpVEName,
            vplsBgpVEPreference,
            vplsBgpVERowStatus,
            vplsBgpVEStorageType
        }
        STATUS          current
        DESCRIPTION
             "The group of objects supporting management of VPLS
              Edge devices for L2VPN VPLS services using BGP."
        ::= { vplsBgpGroups 2 }

vplsBgpPwBindGroup OBJECT-GROUP

        OBJECTS {
            vplsBgpPwBindLocalVEId,
            vplsBgpPwBindRemoteVEId
        }
        STATUS          current
        DESCRIPTION
             "The group of objects supporting management of
              pseudowires for L2VPN VPLS services using BGP."
        ::= { vplsBgpGroups 3 }
   
   END

7. Security Considerations

There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. These are the tables and their sensitivity/vulnerability:

o vplsConfigTable:
o vplsPwBindTable:
o vplsBgpADConfigTable:
o vplsBgpRteTargetTable:
o vplsLdpPwBindTable:
o vplsLdpConfigTable:
o vplsBgpConfigTable:
o vplsBgpVETable:

The tables listed above contain read-create/read-write objects that can be used to configure or modify a LDP/BGP VPLS service. Any improper configuration or modification of objects in these tables can disrupt VPLS services.

The use of stronger mechanisms such as SNMPv3 security should be considered where possible for configuring these objects. Specifically, SNMPv3 View-based Access Control Model (VACM) and User-based Security Model (USM) MUST be used with any v3 agent that provides SET access to these tables.

  • vplsNotificationMaxRate Setting this object to a very high value can cause a notification storm that may disrupt network service.

Most of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These readable objects are contained in the following tables:

o vplsConfigTable
o vplsStatusTable
o vplsPwBindTable
o vplsBgpADConfigTable
o vplsBgpRteTargetTable
o vplsLdpPwBindTable
o vplsLdpConfigTable
o vplsBgpConfigTable
o vplsBgpVETable
o vplsBgpPwBindTable

SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPsec), there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module.

Implementations SHOULD provide the security features described by the SNMPv3 framework (see [RFC3410]), and implementations claiming compliance to the SNMPv3 standard MUST include full support for authentication and privacy via the User-based Security Model (USM) [RFC3414] with the AES cipher algorithm [RFC3826]. Implementations MAY also provide support for the Transport Security Model (TSM) [RFC5591] in combination with a secure transport such as SSH [RFC5592] or TLS/DTLS [RFC6353].

Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them.

8. IANA Considerations

The MIB modules in this document use the following IANA-assigned OBJECT IDENTIFIER values recorded in the SMI Numbers registry.

8.1. IANA Considerations for VPLS-GENERIC-MIB

The IANA has assigned { transmission 274 } to the VPLS-GENERIC-MIB module specified in this document.

8.2. IANA Considerations for VPLS-LDP-MIB

The IANA has assigned { transmission 275 } to the VPLS-LDP-MIB module specified in this document.

8.3. IANA Considerations for VPLS-BGP-MIB

The IANA has assigned { transmission 276 } to the VPLS-BGP-MIB module specified in this document.

9. References

9.1. Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.
   
   [RFC2578]  McCloghrie, K., Ed., Perkins, D., Ed., and J.
              Schoenwaelder, Ed., "Structure of Management Information
              Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.
   
   [RFC2579]  McCloghrie, K., Ed., Perkins, D., Ed., and J.
              Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD
              58, RFC 2579, April 1999.
   
   [RFC2580]  McCloghrie, K., Ed., Perkins, D., Ed., and J.
              Schoenwaelder, Ed., "Conformance Statements for SMIv2",
              STD 58, RFC 2580, April 1999.
   
   [RFC3413]  Levi, D., Meyer, P., and B. Stewart, "Simple Network
              Management Protocol (SNMP) Applications", STD 62, RFC
              3413, December 2002.
   
   [RFC3414]  Blumenthal, U. and B. Wijnen, "User-based Security Model
              (USM) for version 3 of the Simple Network Management
              Protocol (SNMPv3)", STD 62, RFC 3414, December 2002.
   
   [RFC3415]  Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based
              Access Control Model (VACM) for the Simple Network
              Management Protocol (SNMP)", STD 62, RFC 3415, December
              2002.
   
   [RFC3826]  Blumenthal, U., Maino, F., and K. McCloghrie, "The
              Advanced Encryption Standard (AES) Cipher Algorithm in the
              SNMP User-based Security Model", RFC 3826, June 2004.
   
   [RFC4188]  Norseth, K., Ed., and E. Bell, Ed., "Definitions of
              Managed Objects for Bridges", RFC 4188, September 2005.
   
   [RFC4265]  Schliesser, B. and T. Nadeau, "Definition of Textual
              Conventions for Virtual Private Network (VPN) Management",
              RFC 4265, November 2005.
   
   [RFC4364]  Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual Private
              Networks (VPNs)", RFC 4364, February 2006.
   
   [RFC4761]  Kompella, K., Ed., and Y. Rekhter, Ed., "Virtual Private
              LAN Service (VPLS) Using BGP for Auto-Discovery and
              Signaling", RFC 4761, January 2007.
   
   [RFC4762]  Lasserre, M., Ed., and V. Kompella, Ed., "Virtual Private
              LAN Service (VPLS) Using Label Distribution Protocol (LDP)
              Signaling", RFC 4762, January 2007.
   
   [RFC5591]  Harrington, D. and W. Hardaker, "Transport Security Model
              for the Simple Network Management Protocol (SNMP)", STD
              78, RFC 5591, June 2009.
   
   [RFC5592]  Harrington, D., Salowey, J., and W. Hardaker, "Secure
              Shell Transport Model for the Simple Network Management
              Protocol (SNMP)", RFC 5592, June 2009.
   
   [RFC5601]  Nadeau, T., Ed., and D. Zelig, Ed., "Pseudowire (PW)
              Management Information Base (MIB)", RFC 5601, July 2009.
   
   [RFC6353]  Hardaker, W., "Transport Layer Security (TLS) Transport
              Model for the Simple Network Management Protocol (SNMP)",
              STD 78, RFC 6353, July 2011.

9.2. Informative References

   [RFC3410]  Case, J., Mundy, R., Partain, D., and B. Stewart,
              "Introduction and Applicability Statements for Internet-
              Standard Management Framework", RFC 3410, December 2002.
   
   [RFC3411]  Harrington, D., Presuhn, R., and B. Wijnen, "An
              Architecture for Describing Simple Network Management
              Protocol (SNMP) Management Frameworks", STD 62, RFC 3411,
              December 2002.
   
   [RFC3985]  Bryant, S., Ed., and P. Pate, Ed., "Pseudo Wire Emulation
              Edge-to-Edge (PWE3) Architecture", RFC 3985, March 2005.
   
   [RFC6074]  Rosen, E., Davie, B., Radoaca, V., and W. Luo,
              "Provisioning, Auto-Discovery, and Signaling in Layer 2
              Virtual Private Networks (L2VPNs)", RFC 6074, January
              2011.

[SNMP-CONTEXT-MAP-MIB]

Nadeau, T., and AS Kiran Koushik, "SNMP Context Mapping MIB", Work in Progress, March 2010.

10. Acknowledgments

We wish to thank Marcelo Mourier and Reva Bailey for their valuable feedback. Some portion of the work has been referenced from their original Timetra Enterprise MIB work.

We wish to thank Praveen Muley, VJ Shah, Li Wentao, Kong Yong, Luo Jian, Feng Jun, and Takeshi Usui for their feedback.

Authors' Addresses

   Thomas D. Nadeau (editor)
   Lucid Vision
   US
   EMail: tnadeau@lucidvision.com

A S Kiran Koushik (editor)
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
US
EMail: kkoushik@brocade.com

   Rohit Mediratta (editor)
   Cisco Systems, Inc.
   210 W Tasman Dr. Bldg. F,
   San Jose, CA 95134
   US
   EMail: romedira@cisco.com