ForCES Internet Draft R. Haas Document: draft-haas-forces-mib-00.txt IBM Expires: April 18, 2006 October 2005 ForCES MIB Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.html. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on April 18, 2006. Copyright Notice Copyright (C) The Internet Society (2005). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE Haas Expires – April 18, 2006 [Page 1] ForCES MIB October 15, 2005 INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Abstract This memo defines a Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it defines a MIB for the Forwarding and Control Element Separation (ForCES) Network Element (NE). The ForCES working group is defining a protocol to allow a Control Element (CE) to control the behavior of a Forwarding Element (FE). Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 [RFC2119]i. Table of Contents 1. Introduction...................................................2 2. Design of ForCES MIB...........................................4 3. Capturing State Before Association Establishment...............4 4. MIB Definition(s)..............................................5 Security Considerations...........................................5 References........................................................6 Acknowledgments...................................................6 Author's Addresses................................................6 1. Introduction The ForCES MIB is a read-only MIB that captures information related to the ForCES protocol. This includes state information about the associations between CE(s) and FE(s) in the NE. The ForCES MIB does not include information that is specified in other MIBs, such as packet counters for interfaces, etc. The information in the ForCES MIB relative to associations includes more specifically: - identifiers of the elements in the association Haas Expires – April 18, 2006 [Page 2] ForCES MIB October 15, 2005 - state of the association - configuration parameters of the association - statistics of the association The relevant references from the ForCES requirements and architecture documents are repeated below: From the ForCES requirements RFC [RFC 3654], Section 4, point 4: “A NE MUST support the appearance of a single functional device. For example, in a router, the TTL of the packet should be decremented only once as it traverses the NE regardless of how many FEs through which it passes. However, external entities (e.g., FE managers and CE managers) MAY have direct access to individual ForCES protocol elements for providing information to transition them from the pre-association to post-association phase.” And [RFC 3654], Section 4, point 14: “1. The ability for a management tool (e.g., SNMP) to be used to read(but not change) the state of FE SHOULD NOT be precluded. 2. It MUST NOT be possible for management tools (e.g., SNMP, etc) to change the state of a FE in a manner that affects overall NE behavior without the CE being notified.” According to the ForCES architecture RFC [RFC 3746], Section 3.3: “CE managers may be physically and logically separate entities that configure the CE with FE information via such mechanisms as COPS-PR [7] or SNMP [5].” and [RFC 3746], Section 5.7: “RFC 1812 [2] also dictates that "Routers MUST be manageable by SNMP". In general, for the post-association phase, most external management tasks (including SNMP) should be done through interaction with the CE in order to support the appearance of a single functional device. Therefore, it is recommended that an SNMP agent be implemented by CEs and that the SNMP messages received by FEs be redirected to their CEs. AgentX framework defined in RFC 2741 ([6]) may be applied here such that CEs act in the role of master agent to process SNMP protocol messages while FEs act in the role of subagent to provide access to the MIB objects residing on FEs. AgentX protocol messages between the master agent (CE) and the subagent (FE) are encapsulated and transported via ForCES, just like data packets from any other application layer protocols.” Haas Expires – April 18, 2006 [Page 3] ForCES MIB October 15, 2005 2. Design of ForCES MIB As state information is distributed across FEs and CEs, the following alternatives may be considered: 1) CE MIBs Each CE in the NE implements a CE MIB. The external SNMP-based management tool must therefore be aware of each CE in order to obtain a complete view of the NE by collecting state information obtained from each CE MIB. [Note: this may or may not comply with requirement #4 ("A NE MUST support the appearance of a single functional device")] 2) single NE MIB An entity in the NE implements an NE MIB that aggregates state information collected from each CE (CEs are possibly from various vendors). This requires a standard protocol in order to support multi-vendor environment. AgentX with the NE as the master and the CE(s) as the agent(s) may be considered here. [Note: comments on the suitability of AgentX] [Note: must choose between the two alternatives] 3. Capturing State Before Association Establishment The ForCES protocol may be used by the CE to query the FE Protocol LFB about some of the configuration parameters. But such queries may obviously be issued only once the association is established. In the ForCES protocol, the FE first issues an Association Setup Request message to the CE which in turns responds with an Association Setup Response message. It may be useful to capture in the MIB in which state the association is seen from each of the FE and the CE sides, as a means to detect PL-level communication anomalies. For instance, from the FE side, the association is in the ATTEMPT state as long as no response to the Association Setup message has been received from the CE. Similarly, the association is in the ESTABLISHING state as long as no message has been received from the FE after the CE has issued a positive Association Setup Response message (this is because configuration mistakes in the FE may cause messages from the CE to be ignored, and the MIB could help in tracing such errors). The transient state in the FE until the association is established cannot be queried using ForCES. [Note: If such information is critical, then an FE MIB has to be provided that can be queried separately] Haas Expires – April 18, 2006 [Page 4] ForCES MIB October 15, 2005 4. MIB Definition(s) For each association identified by the pair CE ID and FE ID, the following information is included in the MIB: [Note: the MIB includes all associations for the particular CE in the case of a CE MIB, same for FE MIBs (if any), or all associations in the NE in the case of a NE MIB] - Current state of the association: UP: the CE(s) indicated by the CE ID and FE(s) indicated by the FE ID are associated. ESTABLISHING/ATTEMPT: transient state unitl the association is established. See section 3 above for details. Note that associations that are not UP and for which no association setup is in progress are NOT listed in the MIB. [Note: otherwise how do we decide which old associations to remove from the MIB ?] - Hearbeat timers values of the FE and CE for this association. - Heartbeat timer settings of the FE and CE for this association: ENABLED: hearbeats are transmitted (by default virtual piggybacking is used) DISABLED: heartbeats are not transmitted - Backup information: the FE(s)/CE(s) that are configured to work as backups for this association. [Note: is this necessary, useful ?] - Association statistics: Date/time when the association came to the UP state. [Note: what about the Number of commands executed or some indications of the ForCES control traffic ?] [Note: add actual MIB specification] Security Considerations Some of the readable objects in this MIB module may be considered sensitive or vulnerable in some network environment. Haas Expires – April 18, 2006 [Page 5] ForCES MIB October 15, 2005 [Note: expand on this if necessary] SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPSec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module. It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy). Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them. References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC3654] Khosravi, H,, and Anderson, T., “Requirements for Separation of IP Control and Forwarding”, RFC 3654, November 2003. [RFC3746] Yang, L., Dantu, R., Anderson, T., Gopal, R., “Forwarding and Control Element Separation (ForCES) Framework”, RFC 3746, April 2004. [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework", RFC 3410, December 2002. Acknowledgments Author's Addresses Robert Haas Haas Expires – April 18, 2006 [Page 6] ForCES MIB October 15, 2005 IBM Research Zurich Research Lab Saeumerstrasse 4 8803 Rueschlikon Switzerland Email: rha@zurich.ibm.com Haas Expires – April 18, 2006 [Page 7]