Network Working Group T. Dietz, Ed. Internet-Draft NEC Europe Ltd. Intended status: Standards Track A. Kobayashi Expires: January 15, 2009 NTT PF Lab. B. Claise Cisco Systems, Inc. July 14, 2008 Definitions of Managed Objects for IP Flow Information Export draft-ietf-ipfix-mib-04.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on January 15, 2009. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 1] Internet-Draft IPFIX MIB July 2008 Abstract This document defines managed objects for IP Flow Information Export (IPFIX). These objects provide information for monitoring IPFIX Exporters and IPFIX Collectors including the basic configuration information. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. IPFIX Documents Overview . . . . . . . . . . . . . . . . . . . 5 3. The Internet-Standard Management Framework . . . . . . . . . . 6 4. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 7 5. Structure of the IPFIX MIB . . . . . . . . . . . . . . . . . . 8 5.1. Textual Convention IpfixFunctionAvailabilty . . . . . . . 8 5.2. The Transport Session Table . . . . . . . . . . . . . . . 8 5.3. The Template Tables . . . . . . . . . . . . . . . . . . . 10 5.4. The Template Definition Tables . . . . . . . . . . . . . . 12 5.5. The Export Table . . . . . . . . . . . . . . . . . . . . . 13 5.6. The Metering Process Table . . . . . . . . . . . . . . . . 15 5.7. The Observation Point Table . . . . . . . . . . . . . . . 16 5.8. The Selector Table . . . . . . . . . . . . . . . . . . . . 16 5.9. The Selector Functions . . . . . . . . . . . . . . . . . . 17 5.10. The Transport Session Statistical Table . . . . . . . . . 17 5.11. The Exported Template Statistical Table . . . . . . . . . 18 5.12. The Collected Template Statistical Table . . . . . . . . . 18 5.13. The Metering Process Statistical Table . . . . . . . . . . 18 5.14. The Selector Statistical Table . . . . . . . . . . . . . . 18 6. Relationship to Other MIB Modules . . . . . . . . . . . . . . 19 6.1. Relationship to the ENTITY MIB . . . . . . . . . . . . . . 19 6.2. MIB modules required for IMPORTS . . . . . . . . . . . . . 19 7. MIB Definitions . . . . . . . . . . . . . . . . . . . . . . . 20 8. Security Considerations . . . . . . . . . . . . . . . . . . . 56 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 58 10. Acknowledgment . . . . . . . . . . . . . . . . . . . . . . . . 59 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 60 11.1. Normative References . . . . . . . . . . . . . . . . . . . 60 Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 2] Internet-Draft IPFIX MIB July 2008 11.2. Informative References . . . . . . . . . . . . . . . . . . 60 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 62 Intellectual Property and Copyright Statements . . . . . . . . . . 63 Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 3] Internet-Draft IPFIX MIB July 2008 1. Introduction This document defines a MIB module for monitoring IP Flow Information Export (IPFIX) Devices including Exporters and Collectors. The full configuration of the IPFIX Metering Process is out of the scope this MIB. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 4] Internet-Draft IPFIX MIB July 2008 2. IPFIX Documents Overview The IPFIX protocol provides network administrators with access to IP Flow information. The architecture for the export of measured IP Flow information out of an IPFIX Exporting Process to a Collecting Process is defined in [I-D.ietf-ipfix-architecture], per the requirements defined in [RFC3917]. The protocol document [RFC5101] specifies how IPFIX Data Record and Templates are carried via a congestion-aware transport protocol from IPFIX Exporting Processes to IPFIX Collecting Process. IPFIX has a formal description of IPFIX Information Elements, their name, type and additional semantic information, as specified in [RFC5102]. Finally [I-D.ietf-ipfix-as] describes what type of applications can use the IPFIX protocol and how they can use the information provided. It furthermore shows how the IPFIX framework relates to other architectures and frameworks. It is assumed that Flow metering, export and collection is performed according to the IPFIX architecture defined in [I-D.ietf-ipfix-architecture]. The monitored configuration parameters of the export and collection of Flow Templates and Records is modeled according to [RFC5101]. Packet selection and filtering methods that may be optionally used by the IPFIX Metering Process are not considered in this MIB module. They are defined in the Packet Sampling (PSAMP) framework [I-D.ietf-psamp-framework] and sampling techniques [I-D.ietf-psamp-sample-tech] documents. Nevertheless the entry point for those methods [I-D.ietf-psamp-mib] is given within this MIB module since PSAMP export protocol [I-D.ietf-psamp-protocol] is based on the IPFIX protocol. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 5] Internet-Draft IPFIX MIB July 2008 3. The Internet-Standard Management Framework For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580]. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 6] Internet-Draft IPFIX MIB July 2008 4. Terminology The definitions of the basic terms like IP Traffic Flow, Exporting Process, Collecting Process, Observation Points, etc. can be found in the IPFIX protocol document [RFC5101]. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 7] Internet-Draft IPFIX MIB July 2008 5. Structure of the IPFIX MIB The IPFIX MIB consists of eight main tables, the Transport Session table, the Exported and Collected Template table and the corresponding Template Definition tables, the Export table, the Metering Process table and the Observation Point table. Since the IPFIX architecture [I-D.ietf-ipfix-architecture] foresees the possibility of using filtering and/or sampling functions to reduce the data volume the MIB provides the basic objects for these functions with the Selector Table and a subtree for hooking standard filtering and sampling functions. All remaining objects contain statistical values for the different tables contained in the MIB. Finally an entry point for extensions of the IPFIX MIB is given that can be used e.g. for the PSAMP MIB [I-D.ietf-psamp-mib]. The MIB contains distinct tables for the Exported and Collected Templates as well as the Template Definitions because an IPFIX device can act as Collector and Exporter at the same time, e.g. a mediator or concentrator device. The following subsections describe all tables in the IPFIX MIB module. 5.1. Textual Convention IpfixFunctionAvailabilty In conjunction with the Selector Functions described in section 5.9 the textual convention IpfixFunctionAvailabilty is defined in the MIB. It MUST be used within all Selector Functions to indicate if a standard function is currently available at the Device or not. The Select All function described in the same section below is always available. 5.2. The Transport Session Table The Transport Session is the basis of the MIB. The Transport Session table (ipfixTransportSessionTable) contains all Transport Sessions between Exporter and Collector. The table specifies the layer 4 protocol of the Transport Session and, depending on the protocol, further parameters for the Transport Session. In case of UDP and TCP these are the source and destination address as well as the source and destination port. For SCTP the table contains the SCTP Assoc Id which is the index for the SCTP association in the SCTP MIB [RFC3873]. Further on it contains the configured refresh parameters for Templates and Option Templates that are used across unreliable connections as UDP. Finally a status of the Transport Session is given in the table. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 8] Internet-Draft IPFIX MIB July 2008 To illustrate the use of the above tables let us assume the following scenario: We have an Exporter on IP address 192.0.2.22 and a Collector on IP address 192.0.2.37. The Exporter uses TCP to export Templates and Data Records. The same Exporter also exports to a Collector with the IP address of 192.0.2.44. This would lead to the following Transport Session Table on the Exporter: ipfixTransportSessionTable (2) | +- ipfixTransportSessionEntry (1) | +- index (5) | +- ipfixTrasportSessionIndex (1) = 5 | +- ipfixTransportSessionProtocol (2) = 6 (TCP) | +- ipfixTransportSessionAddressType (3) = 1 (ipv4) | +- ipfixTransportSessionSourceAddress (4) = 192.0.2.22 | +- ipfixTransportSessionDestinationAddress (5) = 192.0.2.37 | +- ipfixTransportSessionSourcePort (6) = 7653 | +- ipfixTransportSessionDestinationPort (7) = 4739 | +- ipfixTransportSessionSctpAssocId (8) = 0 | +- ipfixTransportSessionTemplateRefreshTimeout (9) = 0 | +- ipfixTransportSessionOptionTemplateRefreshTimeout (10) = 0 | +- ipfixTransportSessionTemplateRefreshPacket (11) = 0 | +- ipfixTransportSessionOptionTemplateRefreshPacket (12) = 0 | +- ipfixTransportSessionStatus (13) = 2 (active) . . . +- index (11) +- ipfixTrasportSessionIndex (1) = 11 +- ipfixTransportSessionProtocol (2) = 17 (UDP) +- ipfixTransportSessionAddressType (3) = 1 (ipv4) +- ipfixTransportSessionSourceAddress (4) = 192.0.2.22 +- ipfixTransportSessionDestinationAddress (5) = 192.0.2.44 +- ipfixTransportSessionSourcePort (6) = 14287 +- ipfixTransportSessionDestinationPort (7) = 4739 +- ipfixTransportSessionSctpAssocId (8) = 0 +- ipfixTransportSessionTemplateRefreshTimeout (9) = 100 +- ipfixTransportSessionOptionTemplateRefreshTimeout (10) | = 100 +- ipfixTransportSessionTemplateRefreshPacket (11) = 10 +- ipfixTransportSessionOptionTemplateRefreshPacket (12) = 10 +- ipfixTransportSessionStatus (13) = 2 (active) The values in brackets are the OID numbers. The Collectors would then have the same entry except that the index would most likely differ. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 9] Internet-Draft IPFIX MIB July 2008 5.3. The Template Tables There are two Template tables, the Exported Template (ipfixExportedTemplateTable) table and the Collected Template table (ipfixCollectedTemplateTable). Those Template tables list all Templates (including Option Templates) that are sent (by an Exporter) or received (by a Collector). The (Option) Templates are unique per Transport Session and Observation Domain, thus the table is indexed by the Transport Session Index (ipfixTransportSessionIndex) and the Observation Domain Id (ipfixExportedObservationDomainId or ipfixCollectedObservationDomainId). It contains the Set Id and an Access Time denoting the time when the (Option) Template was last sent or received. To resume the above example the Exporter may want to export the a Template and an Option Template for each Transport Session defined above. This leads to the following Template Table defining Template and Option Template: Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 10] Internet-Draft IPFIX MIB July 2008 ipfixExportedTemplateTable (3) | +- ipfixExportedTemplateEntry (1) | +- index (5) | +- index (3) | + index (257) | | +- ipfixExportedObservationDomainId (1) = 3 | | +- ipfixExportedTemplateId (2) = 257 | | +- ipfixExportedTemplateSetId (3) = 2 | | +- ipfixExportedTemplateAccessTime (4) | | = 2008-7-1,12:49:11.2,+2:0 | | | + index (264) | +- ipfixExportedObservationDomainId (1) = 3 | +- ipfixExportedTemplateId (2) = 264 | +- ipfixExportedTemplateSetId (3) = 3 | +- ipfixExportedTemplateAccessTime (4) . = 2008-7-1,12:47:04.8,+2:0 . . . +- index (11) +- index (3) + index (273) | +- ipfixExportedObservationDomainId (1) = 3 | +- ipfixExportedTemplateId (2) = 273 | +- ipfixExportedTemplateSetId (3) = 2 | +- ipfixExportedTemplateAccessTime (4) | = 2008-7-1,12:49:11.2,+2:0 | + index (289) +- ipfixExportedObservationDomainId (1) = 3 +- ipfixExportedTemplateId (2) = 289 +- ipfixExportedTemplateSetId (3) = 3 +- ipfixExportedTemplateAccessTime (4) = 2008-7-1,12:47:04.8,+2:0 We assume that the Collector with index 5 in the Transport Session table of the Exporter has stored the connection to the Exporter with the Transport Session index of 17 then its Template table would look as follows: Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 11] Internet-Draft IPFIX MIB July 2008 ipfixCollectedTemplateTable (4) | +- ipfixCollectedTemplateEntry (1) | +- index (17) +- index (3) + index (257) | +- ipfixCollectedObservationDomainId (1) = 3 | +- ipfixCollectedTemplateId (2) = 257 | +- ipfixCollectedTemplateSetId (3) = 2 | +- ipfixCollectedTemplateAccessTime (4) | = 2008-7-1,12:49:11.8,+2:0 | + index (264) +- ipfixCollectedObservationDomainId (1) = 3 +- ipfixCollectedTemplateId (2) = 264 +- ipfixCollectedTemplateSetId (3) = 3 +- ipfixCollectedTemplateAccessTime (4) = 2008-7-1,12:47:05.3,+2:0 The table on the second Collector would be analog to the one shown above. 5.4. The Template Definition Tables As with the Template tables there are two Template Definition tables, the Exported Template Definition table (ipfixExportedTemplateDefinitionTable) and the Collected Template Definition table (ipfixCollectedTemplateDefinitionTable). Those tables list all the Information Elements contained in a Template or Option Template. Therefore it has the same indexes as the corresponding Template table plus the Template Id. Its own index denotes the order of the Information Element inside the Template if necessary. Besides the Information Element Id and the length of the encoded value the table contains flags for each Information Element. The flags indicate if the Information Element is used for scoping or as a Flow key. To resume the above example again the Exporter may want to export the octets received and dropped at the Observation Point since the last export of these values. In addition it exports the start and end time of the flow relative to the timestamp contained in the IPFIX header. This leads to the following Template Definition table on the Exporter: Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 12] Internet-Draft IPFIX MIB July 2008 ipfixExportedTemplateDefinitionTable (5) | +- ipfixExportedTemplateDefinitionEntry (1) | +- index (5) +- index (3) + index (257) +- index (1) | +- ipfixExportedTemplateDefinitionIndex (1) = 1 | +- ipfixExportedTemplateDefinitionIeId (2) = 158 | | (flowStartDeltaMicroseconds) | +- ipfixExportedTemplateDefinitionIeLength (3) = 4 | +- ipfixExpotedTemplateDefinitionFlags (4) = 0 | +- index (2) | +- ipfixExportedTemplateDefinitionIndex (1) = 2 | +- ipfixExportedTemplateDefinitionIeId (2) = 159 | | (flowStartDeltaMicroseconds) | +- ipfixExportedTemplateDefinitionIeLength (3) = 4 | +- ipfixExportedTemplateDefinitionFlags (4) = 0 | +- index (3) | +- ipfixExportedTemplateDefinitionIndex (1) = 3 | +- ipfixExportedTemplateDefinitionIeId (2) = 1 | | (octetDeltaCount) | +- ipfixExportedTemplateDefinitionIeLength (3) = 8 | +- ipfixExportedTemplateDefinitionFlags (4) = 0 | +- index (4) +- ipfixExportedTemplateDefinitionIndex (1) = 4 +- ipfixExportedTemplateDefinitionIeId (2) = 132 | (droppedOctetDeltaCount) +- ipfixExportedTemplateDefinitionIeLength (3) = 8 +- ipfixExportedTemplateDefinitionFlags (4) = 0 The corresponding table entry on the collector is the same except that it is in the Collected Template Definition table (ipfixCollectedTemplateDefinitionTable(6). 5.5. The Export Table On Exporters, the Export table (ipfixExportTable) can be used to support features like failover, load-balancing, duplicate export to several Collectors etc. The table has 5 indexes that link an entry with the Metering Process table (ipfixMeteringProcessCacheId, see below), the Exported Template table (ipfixExportedObservationDomainId and ipfixExportedTemplateId) and the Transport Session table (ipfixTransportSessionIndex). Those entries with the same Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 13] Internet-Draft IPFIX MIB July 2008 ipfixExportIndex, the same ipfixMeteringProcessCacheId and the same ipfixExportedObservationDomainId define a Transport Session group. This also The member type for each group member describes its functionality. If the Exporter does not use Transport Session grouping then each ipfixExportIndex contains a single ipfixMeteringProcessCacheId and thus a singe Transport Session and this session MUST have the member type primary(1). For failover a Transport Session group can contain one Transport Session with member type "primary" and several Transport Sessions with type "secondary". Entries with other member types are not allowed for that type of group. For load-balancing or parallel export all Transport Sessions in the group MUST have the same member type either "loadBalancing" or "duplicate". The algorithms used for failover or load-balancing are out of the scope of this document. To continue the example we assume that the Exporter uses the 2 connections shown in the examples above as the primary export for a session protected by a secondary backup connection. The Exporter then has the following entries in the ipfixExportTable: Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 14] Internet-Draft IPFIX MIB July 2008 ipfixExportTable (3) | +- ipfixExportEntry (1) | +- index (7) | +- index (9) | +- index (3) | +- index (257) | | +- index (5) | | +- ipfixExportIndex (1) = 7 | | +- ipfixExportMemberType (2) = 1 (primary) | | | +- index (273) | +- index (11) | +- ipfixExportIndex (1) = 7 | +- ipfixExportMemberType (2) = 2 (secondary) | +- index (8) +- index (9) +- index (3) +- index (264) | +- index (5) | +- ipfixExportIndex (1) = 8 | +- ipfixExportMemberType (2) = 2 (secondary) +- index (289) +- index (11) +- ipfixExportIndex (1) = 7 +- ipfixExportMemberType (2) = 1 (primary) 5.6. The Metering Process Table The Metering Process as defined in [RFC5101] consists of a set of function. Maintaining the Flow Records is one of them. This function is responsible for passing the Flow Records to the Exporting Process but also for detecting Flow expiration. The Flow Records that are maintained by the Metering Process can be grouped by the Observation Points they are observed. The instance that maintains such a group of Flow Records is a kind of cache. For this reason the Metering Process table (ipfixMeteringProcessTable) is grouped by cache IDs (ipfixMeteringProcessCacheId). Each cache can be maintained by a separate instance of the Metering Process which is represented by the Metering Process ID (ipfixMeteringProcessId). To specify the Observation Point(s) where the Flow Records are gathered the ipfixObservationPointGroupReference may contain the an ipfixObservationPointGroupId from the Observation Point table (ipfixObservationPointTable) described in the next section. If an Observation Point cannot be given the ipfixObservationPointGroupReference MUST be zero(0). The timeouts Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 15] Internet-Draft IPFIX MIB July 2008 (ipfixMeteringProcessCacheActiveTimeout and ipfixMeteringProcessCacheInactiveTimeout) specify when Flow Records are passed to the Exporting Process. ipfixMeteringProcessTable(8) | +- ipfixMeteringProcessEntry(1) | +- index(9) +- ipfixMeteringProcessCacheId(1) = 9 +- ipfixMeteringProcessId(2) = 287 +- ipfixObservationPointGroupReference(3) = 17 +- ipfixMeteringProcessCacheActiveTimeout(4) = 100 +- ipfixMeteringProcessCacheInactiveTimeout(5) = 100 5.7. The Observation Point Table The Observation Point Table (ipfixObservationPointTable) groups Observation Points with the ipfixObservationPointGroupId. Each entry contains a reference to the ENTITY MIB [RFC4133]. The objects in the ENTITY MIB denote the Observation Point. In addition a direction can be given to render more specific which Flow to monitor. ipfixObservationPointTable(9) | +- ipfixObservationPointEntry(1) | +- index(17) +- index(1) | +- ipfixObservationPointGroupId(1) = 17 | +- ipfixObservationPointIndex(2) = 1 | +- ipfixPhysicalEntity(3) = 6 | +- ipfixPhysicalEntityDirection(4) = 3 (both) | +- index (2) +- ipfixObservationPointGroupId(1) = 17 +- ipfixObservationPointIndex(2) = 2 +- ipfixPhysicalEntity(3) = 0 +- ipfixPhysicalEntityDirection(4) = 1 (ingress) 5.8. The Selector Table This table supports the usage of filtering and sampling functions as described in [I-D.ietf-ipfix-architecture]. The implementation and use of this table is optional. If implemented it contains lists of functions per Metering Process cache (ipfixMeteringProcessCacheId). The Selector Index indicates the order of the functions i.e, the order in that the functions are applied to the packets observed at Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 16] Internet-Draft IPFIX MIB July 2008 the Observation Points associated with the Metering Process cache. The functions are referred by object identifiers pointing to the function with its parameters. If the table is implemented and no filtering or sampling is used for a Template then an entry for the Template should be created pointing to the Select All function (ipfixFuncSelectAll). 5.9. The Selector Functions The subtree ipfixSelectorFunctions is a placeholder where all standard filtering and sampling functions should be located (if any) and is mainly built for extensibility in future versions. It currently contains the Select All functions (ipfixFuncSelectAll). A future extension could produce e.g., the MIB tree shown in the following figure: ipfixSelectorFunctions | +- ipfixFuncSelectAll | | | +- ipfixFuncSelectAllAvail (is the function available?) | +- ipfixFuncF2 | | | +- ipfixFuncF2Avail (is the function F2 available) | | | +- ipfixFuncF2Parameters (a table with parameters) ... | +- ipfixFunFn... If a Selector Function takes parameters the MIB should contain a table with an entry for each set of parameters used at the Exporter. In this way a future extension could point to an entry in that table to indicate both the used Selector Function as well as the parameters used for that function. 5.10. The Transport Session Statistical Table The Transport Session Statistical Table (ipfixTransportSessionStatsTable) augments the ipfixTransportSessionTable with statistical values. It contains the rate (in bytes per second) with which it receives or sends out IPFIX Messages, the number of bytes, packets, messages, Records, Templates and Option Templates received or sent and the number of messages that were discarded. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 17] Internet-Draft IPFIX MIB July 2008 5.11. The Exported Template Statistical Table This table contains a statistical value for each exported Template. It augments the Exported Template Table (ipfixExportedTemplateTable) and specifies the number of Data Records exported for the Template. 5.12. The Collected Template Statistical Table This table contains a statistical value for each collected Template. It augments the Collected Template Table (ipfixCollectedTemplateTable) and specifies the number of Data Records collected for the Template. 5.13. The Metering Process Statistical Table This table augments the Metering Process Table (ipfixMeteringProcessTable). It contains the statistical values for the IPFIX Messages and Data Records exported, the number of errors that occured in the Metering Process and the number of active and inactive flows that are currently observed. 5.14. The Selector Statistical Table This table augments the Selector Table (ipfixSelectorTable) and introduces two generic statistical values, the number of packets observerd and the number of packets dropped by the selector function. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 18] Internet-Draft IPFIX MIB July 2008 6. Relationship to Other MIB Modules Besides the usual imports from the SNMP Standards [RFC2578], [RFC2579] and [RFC2580] the IPFIX MIB references the ENTITY MIB [RFC4133]. 6.1. Relationship to the ENTITY MIB The Observation Point table (ipfixObservationPointTable) contains a reference to the ENTITY MIB[RFC4133] (ipfixPhysicalEntity). If the implementors of the IPFIX MIB want to specify the physical entity where Flows are observered (if that is possible at all) then they should also implement the ENTITY MIB. The implementation of the ENTITY MIB is optional. If it is not implemented then all entries in the Observation Point table contain an ipfixPhysicalEntity of zero(0). 6.2. MIB modules required for IMPORTS The IPFIX MIB requires the modules SNMPv2-SMI[RFC2578], SNMPv2- TC[RFC2579] and SNMPv2-CONF[RFC2580]. Further on it imports the textual conventions InetAddressType and InetAddress from the INET ADDRESS MIB[RFC4001]. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 19] Internet-Draft IPFIX MIB July 2008 7. MIB Definitions This section contains the definitions of the IPFIX-MIB module. There are different mandatory groups defined for Collector and Exporter implementations. The statistical objects are made optional. IPFIX-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, mib-2, Integer32, Unsigned32, Counter32, Counter64 FROM SNMPv2-SMI -- RFC2578 TEXTUAL-CONVENTION, DateAndTime FROM SNMPv2-TC -- RFC2579 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF -- RFC2580 InetAddressType, InetAddress FROM INET-ADDRESS-MIB -- RFC3291 PhysicalIndexOrZero FROM ENTITY-MIB; -- RFC4133 ipfixMIB MODULE-IDENTITY LAST-UPDATED "200807020900Z" -- 02 July 2008 ORGANIZATION "IETF IPFIX Working Group" CONTACT-INFO "WG charter: http://www.ietf.org/html.charters/ipfix-charter.html Mailing Lists: General Discussion: ipfix@ietf.org To Subscribe: http://www1.ietf.org/mailman/listinfo/ipfix Archive: http://www1.ietf.org/mail-archive/web/ipfix/current/index.html Editor: Thomas Dietz NEC Europe Ltd. NEC Laboratories Europe Network Research Division Kurfuersten-Anlage 36 69115 Heidelberg Germany Phone: +49 6221 4342-128 Email: Thomas.Dietz@nw.neclab.eu Atsushi Kobayashi NTT Information Sharing Platform Laboratories 3-9-11 Midori-cho Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 20] Internet-Draft IPFIX MIB July 2008 Musashino-shi 180-8585 Japan Phone: +81-422-59-3978 Email: akoba@nttv6.net Benoit Claise Cisco Systems, Inc. De Kleetlaan 6a b1 Degem 1831 Belgium Phone: +32 2 704 5622 Email: bclaise@cisco.com" DESCRIPTION "The IPFIX MIB defines managed objects for IP Flow Information eXport. These objects provide information about managed nodes supporting the IP Flow Information Export protocol, for Exporters as well as for Collectors. Copyright (C) The IETF Trust (2008). This version of this MIB module is part of RFC yyyy; see the RFC itself for full legal notices." -- replace yyyy with actual RFC number & remove this notice -- Revision history REVISION "200807020900Z" -- 02 July 2008 DESCRIPTION "Initial version, published as RFC yyyy." -- replace yyyy with actual RFC number & remove this notice ::= { mib-2 xxx } -- xxx to be assigned by IANA. --****************************************************************** -- Textual Conventions --****************************************************************** -------------------------------------------------------------------- -- Define Selector Function Availability -------------------------------------------------------------------- IpfixFunctionAvailability ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Used to report the availability of a selection function: available(1) Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 21] Internet-Draft IPFIX MIB July 2008 the function is supported and can be used notAvailable(2) the function is not available" SYNTAX INTEGER { available(1), notAvailable(2) } --****************************************************************** -- Top Level Structure of the MIB --****************************************************************** ipfixObjects OBJECT IDENTIFIER ::= { ipfixMIB 1 } ipfixStatistics OBJECT IDENTIFIER ::= { ipfixMIB 2 } ipfixExtensions OBJECT IDENTIFIER ::= { ipfixMIB 3 } ipfixConformance OBJECT IDENTIFIER ::= { ipfixMIB 4 } --================================================================== -- 1: Objects used by all IPFIX implementations --================================================================== -------------------------------------------------------------------- -- 1.1: Exporter Version -------------------------------------------------------------------- ipfixExportVersion OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "On Exporters the object contains the version number of the IPFIX Protocol that the Exporter uses to export its data. On Collectors the object contains the highest version number of all IPFIX Protocols understood by the Collector." ::= { ipfixObjects 1 } -------------------------------------------------------------------- -- 1.2: Transport Session Table -------------------------------------------------------------------- ipfixTransportSessionTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixTransportSessionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists the currently established Transport Sessions between an Exporting Process and a Collecting Process." ::= { ipfixObjects 2 } Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 22] Internet-Draft IPFIX MIB July 2008 ipfixTransportSessionEntry OBJECT-TYPE SYNTAX IpfixTransportSessionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixTransportSessionTable" INDEX { ipfixTransportSessionIndex } ::= { ipfixTransportSessionTable 1 } IpfixTransportSessionEntry ::= SEQUENCE { ipfixTransportSessionIndex Integer32, ipfixTransportSessionProtocol Integer32, ipfixTransportSessionAddressType InetAddressType, ipfixTransportSessionSourceAddress InetAddress, ipfixTransportSessionDestinationAddress InetAddress, ipfixTransportSessionSourcePort Integer32, ipfixTransportSessionDestinationPort Integer32, ipfixTransportSessionSctpAssocId Unsigned32, ipfixTransportSessionTemplateRefreshTimeout Unsigned32, ipfixTransportSessionOptionTemplateRefreshTimeout Unsigned32, ipfixTransportSessionTemplateRefreshPacket Unsigned32, ipfixTransportSessionOptionTemplateRefreshPacket Unsigned32, ipfixTransportSessionStatus INTEGER } ipfixTransportSessionIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in the ipfixTransportSessionTable. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization." ::= { ipfixTransportSessionEntry 1 } ipfixTransportSessionProtocol OBJECT-TYPE SYNTAX Integer32 (1..255) MAX-ACCESS read-only STATUS current DESCRIPTION "The transport protocol used for receiving or transmitting IPFIX Messages. The protocols currently defined for usage within IPFIX are TCP (6), UDP (17) and SCTP (132). The default protocol is SCTP." DEFVAL { 132 } ::= { ipfixTransportSessionEntry 2 } Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 23] Internet-Draft IPFIX MIB July 2008 ipfixTransportSessionAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "The type of address used for source and destination address as specified in RFC4001. This object is only valid if ipfixTransportSessionProtocol has the value 6 (TCP) or 17 (UDP)." ::= { ipfixTransportSessionEntry 3 } ipfixTransportSessionSourceAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The source address of the Exporter of the IPFIX Transport Session. This value is interpreted according to the value of ipfixTransportSessionAddressType as specified in RFC4001. This object is only valid if ipfixTransportSessionProtocol has the value 6 (TCP) or 17 (UDP)." ::= { ipfixTransportSessionEntry 4 } ipfixTransportSessionDestinationAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The destination address of the Collector of the IPFIX Transport Session. This value is interpreted according to the value of ipfixTransportSessionAddressType as specified in RFC4001. This object is only valid if ipfixTransportSessionProtocol has the value 6 (TCP) or 17 (UDP)." ::= { ipfixTransportSessionEntry 5 } ipfixTransportSessionSourcePort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The transport protocol port number of the Exporter." ::= { ipfixTransportSessionEntry 6 } ipfixTransportSessionDestinationPort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only STATUS current Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 24] Internet-Draft IPFIX MIB July 2008 DESCRIPTION "The transport protocol port number of the Collector. The default value is 4739 for all currently defined transport protocol types." DEFVAL { 4739 } ::= { ipfixTransportSessionEntry 7 } ipfixTransportSessionSctpAssocId OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The association id used for the SCTP session between the Exporter and the Collector of the IPFIX Transport Session. It is equal to the sctpAssocIdentry in the sctpAssocTable defined in the SCTP MIB. This object is only valid if ipfixTransportSessionProtocol has the value 132 (SCTP). In all other cases the value MUST be 0." DEFVAL { 0 } ::= { ipfixTransportSessionEntry 8 } ipfixTransportSessionTemplateRefreshTimeout OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "On Exporters this object contains the time in seconds after which IPFIX Templates MUST be resent by the Exporter. On Collectors this object contains the lifetime in seconds after which a Template becomes invalid when it is not received again within this lifetime. This object is only valid if ipfixTransportSessionProtocol has the value 17 (UDP). In all other cases the value MUST be 0." DEFVAL { 0 } ::= { ipfixTransportSessionEntry 9 } ipfixTransportSessionOptionTemplateRefreshTimeout OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "On Exporters this object contains the time in seconds after which IPFIX Option Templates MUST be resent by the Exporter. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 25] Internet-Draft IPFIX MIB July 2008 On Collectors this object contains the lifetime in seconds after which an Option Template becomes invalid when it is not received again within this lifetime. This object is only valid if ipfixTransportSessionProtocol has the value 17 (UDP). In all other cases the value MUST be 0." DEFVAL { 0 } ::= { ipfixTransportSessionEntry 10 } ipfixTransportSessionTemplateRefreshPacket OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "On Exporters this object contains the number of exported IPFIX Messages after which IPFIX Templates MUST be resent by the Exporter. On Collectors this object contains the lifetime in number of exported IPFIX Messages after which a Template becomes invalid when it is not received again within this lifetime. This object is only valid if ipfixTransportSessionProtocol has the value 17 (UDP). In all other cases the value MUST be 0." DEFVAL { 0 } ::= { ipfixTransportSessionEntry 11 } ipfixTransportSessionOptionTemplateRefreshPacket OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "On Exporters this object contains the number of exported IPFIX Messages after which IPFIX Option Templates MUST be resent by the Exporter. On Collectors this object contains the lifetime in number of exported IPFIX Messages after which an Option Template becomes invalid when it is not received again within this lifetime. This object is only valid if ipfixTransportSessionProtocol has the value 17 (UDP). In all other cases the value MUST be 0." DEFVAL { 0 } ::= { ipfixTransportSessionEntry 12 } Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 26] Internet-Draft IPFIX MIB July 2008 ipfixTransportSessionStatus OBJECT-TYPE SYNTAX INTEGER { unknown(0), inactive(1), active(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "The status of a Transport Session. This object can have the following values: unknown(0) This value muse be used if the status of the connection cannot be detected by the equipment. This value should be avoided as far as possible. inactive(1) This value MUST be used for Transport Sessions that are specified in the system but not currently connected. The value can be used e.g. for Transport Sessions that are backup (secondary) sessions in a Transport Session group. active(2) This value MUST be used for Transport Sessions that are currently connected and transmitting or receiving data." ::= { ipfixTransportSessionEntry 13 } -------------------------------------------------------------------- -- 1.3: Exported Template Table -------------------------------------------------------------------- ipfixExportedTemplateTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixExportedTemplateEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists the Templates and Option Templates that are transmitted by the Exporting Process. The table contains the Templates and Option Templates that are used for exporting data for a given Transport Session group and Observation Domain." ::= { ipfixObjects 3 } ipfixExportedTemplateEntry OBJECT-TYPE SYNTAX IpfixExportedTemplateEntry MAX-ACCESS not-accessible Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 27] Internet-Draft IPFIX MIB July 2008 STATUS current DESCRIPTION "Defines an entry in the ipfixExportedTemplateTable" INDEX { ipfixTransportSessionIndex, ipfixExportedObservationDomainId, ipfixExportedTemplateId } ::= { ipfixExportedTemplateTable 1 } IpfixExportedTemplateEntry ::= SEQUENCE { ipfixExportedObservationDomainId Integer32, ipfixExportedTemplateId Integer32, ipfixExportedTemplateSetId Integer32, ipfixExportedTemplateAccessTime DateAndTime } ipfixExportedObservationDomainId OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The ID of the Observation Domain to which the Observation Points of this group belong to. This value is used when sending IPFIX Messages. The special value of 0 indicates that the Observation Points in this group cannot be applied to a single Observation Domain." REFERENCE "[RFC5101]: Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information" ::= { ipfixExportedTemplateEntry 1 } ipfixExportedTemplateId OBJECT-TYPE SYNTAX Integer32 (256..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This number indicates the Template Id in the IPFIX message. Values from 0 to 255 are not allowed for Template Ids." REFERENCE "[RFC5101]: Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information" Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 28] Internet-Draft IPFIX MIB July 2008 ::= { ipfixExportedTemplateEntry 2 } ipfixExportedTemplateSetId OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "This number indicates the set id of the Template. This object allows to easily retrieve the Template type. Currently there are two values defined. The value 2 is used for Sets containing Template definitions. The value 3 is used for Sets containing Option Template definitions. A value greater than 255 is used for Sets containing Data Records for the (Option) Template Id given by the Set Id." ::= { ipfixExportedTemplateEntry 3 } ipfixExportedTemplateAccessTime OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The time when the Template was last sent. On the Exporter this object contains the time when this (Option) Template was last sent to the Collector(s). This time is used if the transport protocol is UDP to know when a retransmission of the (Option) Template is needed." ::= { ipfixExportedTemplateEntry 4 } -------------------------------------------------------------------- -- 1.4: Collected Template Table -------------------------------------------------------------------- ipfixCollectedTemplateTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixCollectedTemplateEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists the Templates and Option Templates that are received by the Collecting Process. The table contains Templates and Option Templates that are received in the given Transport Session group per Observation Domain." ::= { ipfixObjects 4 } ipfixCollectedTemplateEntry OBJECT-TYPE SYNTAX IpfixCollectedTemplateEntry Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 29] Internet-Draft IPFIX MIB July 2008 MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixCollectedTemplateTable" INDEX { ipfixTransportSessionIndex, ipfixCollectedObservationDomainId, ipfixCollectedTemplateId } ::= { ipfixCollectedTemplateTable 1 } IpfixCollectedTemplateEntry ::= SEQUENCE { ipfixCollectedObservationDomainId Integer32, ipfixCollectedTemplateId Integer32, ipfixCollectedTemplateSetId Integer32, ipfixCollectedTemplateAccessTime DateAndTime } ipfixCollectedObservationDomainId OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The ID of the Observation Domain to which the Observation Points of this group belong to. This value is used when sending IPFIX Messages. The special value of 0 indicates that the Observation Points in this group cannot be applied to a single Observation Domain." REFERENCE "[RFC5101]: Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information" ::= { ipfixCollectedTemplateEntry 1 } ipfixCollectedTemplateId OBJECT-TYPE SYNTAX Integer32 (256..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This number indicates the Template Id in the IPFIX message. Values from 0 to 255 are not allowed for Template Ids." REFERENCE "[RFC5101]: Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 30] Internet-Draft IPFIX MIB July 2008 Information" ::= { ipfixCollectedTemplateEntry 2 } ipfixCollectedTemplateSetId OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "This number indicates the set id of the Template. This object allows to easily retrieve the Template type. Currently there are two values defined. The value 2 is used for Sets containing Template definitions. The value 3 is used for Sets containing Option Template definitions. A value greater than 255 is used for Sets containing Data Records for the (Option) Template Id given by the Set Id." ::= { ipfixCollectedTemplateEntry 3 } ipfixCollectedTemplateAccessTime OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The time when the Template was last received. On the Collector this object contains the time when this (Option) Template was last received from the Exporter. This time is used if the transport protocol is UDP to know when this (Option) Template times out and thus is no longer valid. When an (Option) Template is no longer valid it MUST be removed from this table." ::= { ipfixCollectedTemplateEntry 4 } -------------------------------------------------------------------- -- 1.5: Exported Template Definition Table -------------------------------------------------------------------- ipfixExportedTemplateDefinitionTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixExportedTemplateDefinitionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "On Exporters this table lists the (Option) Template Fields of which a (Option) Template is defined. It defines the (Option) Template given in the ipfixExportedTemplateId specified in the ipfixExportedTemplateTable. On Collectors this table is not needed." ::= { ipfixObjects 5 } Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 31] Internet-Draft IPFIX MIB July 2008 ipfixExportedTemplateDefinitionEntry OBJECT-TYPE SYNTAX IpfixExportedTemplateDefinitionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixExportedTemplateDefinitionTable" INDEX { ipfixTransportSessionIndex, ipfixExportedObservationDomainId, ipfixExportedTemplateId, ipfixExportedTemplateDefinitionIndex } ::= { ipfixExportedTemplateDefinitionTable 1 } IpfixExportedTemplateDefinitionEntry ::= SEQUENCE { ipfixExportedTemplateDefinitionIndex Integer32, ipfixExportedTemplateDefinitionIeId Integer32, ipfixExportedTemplateDefinitionIeLength Integer32, ipfixExportedTemplateDefinitionFlags BITS } ipfixExportedTemplateDefinitionIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The ipfixExportedTemplateDefinitionIndex specifies the order in which the Information Elements are used in the (Option) Template Record." REFERENCE "[RFC5101]: Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information" ::= { ipfixExportedTemplateDefinitionEntry 1 } ipfixExportedTemplateDefinitionIeId OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "This indicates the Information Element Id at position ipfixExportedTemplateDefinitionIndex in the (Option) Template ipfixExportedTemplateId. This implicitly specifies the data type of the Information Element. The elements are registered at IANA." REFERENCE Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 32] Internet-Draft IPFIX MIB July 2008 "[RFC5101]: Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information [RFC5102]: Information Model for IP Flow Information Export IE assignment: http://www.iana.org/assignments/ipfix" ::= { ipfixExportedTemplateDefinitionEntry 2 } ipfixExportedTemplateDefinitionIeLength OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "This indicates the length of the Information Element Id at position ipfixExportedTemplateDefinitionIndex in the (Option) Template ipfixTemplateId." REFERENCE "[RFC5101]: Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information [RFC5102]: Information Model for IP Flow Information Export" ::= { ipfixExportedTemplateDefinitionEntry 3 } ipfixExportedTemplateDefinitionFlags OBJECT-TYPE SYNTAX BITS { scope(0), flowKey(1) } MAX-ACCESS read-only STATUS current DESCRIPTION "This bitmask indicates special attributes for the Information Element: scope(0) This Information Element is used for scope. flowKey(1) This Information Element is a Flow key. Thus we get the following values for an Information Element: 0 The Information Element is neither used for scoping nor as Flow Key. 1 (scope) The Information Element is used for scoping. 2 (flowKey) The Information Element is used as Flow Key. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 33] Internet-Draft IPFIX MIB July 2008 3 (scope | flowKey) This combination is not allowed." DEFVAL { { } } ::= { ipfixExportedTemplateDefinitionEntry 4 } -------------------------------------------------------------------- -- 1.6: Collected Template Definition Table -------------------------------------------------------------------- ipfixCollectedTemplateDefinitionTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixCollectedTemplateDefinitionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "On Exporters this table is not needed. On Collectors this table lists the (Option) Template Fields of which a (Option) Template is defined. It defines the (Option) Template given in the ipfixCollectedTemplateId specified in the ipfixCollectedTemplateTable." ::= { ipfixObjects 6 } ipfixCollectedTemplateDefinitionEntry OBJECT-TYPE SYNTAX IpfixCollectedTemplateDefinitionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixCollectedTemplateDefinitionTable" INDEX { ipfixTransportSessionIndex, ipfixCollectedObservationDomainId, ipfixCollectedTemplateId, ipfixCollectedTemplateDefinitionIndex } ::= { ipfixCollectedTemplateDefinitionTable 1 } IpfixCollectedTemplateDefinitionEntry ::= SEQUENCE { ipfixCollectedTemplateDefinitionIndex Integer32, ipfixCollectedTemplateDefinitionIeId Integer32, ipfixCollectedTemplateDefinitionIeLength Integer32, ipfixCollectedTemplateDefinitionFlags BITS } ipfixCollectedTemplateDefinitionIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 34] Internet-Draft IPFIX MIB July 2008 DESCRIPTION "The ipfixCollectedTemplateDefinitionIndex specifies the order in which the Information Elements are used in the (Option) Template Record." REFERENCE "[RFC5101]: Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information" ::= { ipfixCollectedTemplateDefinitionEntry 1 } ipfixCollectedTemplateDefinitionIeId OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "This indicates the Information Element Id at position ipfixCollectedTemplateDefinitionIndex in the (Option) Template ipfixCollectedTemplateId. This implicitly specifies the data type of the Information Element. The elements are registered at IANA." REFERENCE "[RFC5101]: Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information [RFC5102]: Information Model for IP Flow Information Export IE assignment: http://www.iana.org/assignments/ipfix" ::= { ipfixCollectedTemplateDefinitionEntry 2 } ipfixCollectedTemplateDefinitionIeLength OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "This indicates the length of the Information Element Id at position ipfixCollectedTemplateDefinitionIndex in the (Option) Template ipfixCollectedTemplateId." REFERENCE "[RFC5101]: Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information [RFC5102]: Information Model for IP Flow Information Export" ::= { ipfixCollectedTemplateDefinitionEntry 3 } ipfixCollectedTemplateDefinitionFlags OBJECT-TYPE SYNTAX BITS { scope(0), flowKey(1) } Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 35] Internet-Draft IPFIX MIB July 2008 MAX-ACCESS read-only STATUS current DESCRIPTION "This bitmask indicates special attributes for the Information Element: scope(0) This Information Element is used for scope. flowKey(1) This Information Element is a Flow key. Thus we get the following values for an Information Element: 0 The Information Element is neither used for scoping nor as Flow Key. 1 (scope) The Information Element is used for scoping. 2 (flowKey) The Information Element is used as Flow Key. 3 (scope | flowKey) This combination is not allowed." DEFVAL { { } } ::= { ipfixCollectedTemplateDefinitionEntry 4 } -------------------------------------------------------------------- -- 1.7: Export Table -------------------------------------------------------------------- ipfixExportTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixExportEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists all exports of an IPFIX device. On Exporters this table contains all exports grouped by Transport Session, Observation Domain Id, Exported Template Id and Metering Process represented by the ipfixMeteringProcessCacheId. Thanks to the ipfixExportIndex the exports can group one or more Transport Sessions to achieve a special functionality like failover management, load-balancing etc. The entries with the same ipfixExportIndex, the same ipfixExportedObservationDomainId and the same ipfixMeteringProcessCacheId define a Transport Session group. If the Exporter does not use Transport Session grouping then each ipfixExportIndex contains a single ipfixMeteringProcessCacheId and thus a singe Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 36] Internet-Draft IPFIX MIB July 2008 Transport Session and this session MUST have the member type primary(1). On Collectors this table is not needed." ::= { ipfixObjects 7 } ipfixExportEntry OBJECT-TYPE SYNTAX IpfixExportEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixExportTable" INDEX { ipfixExportIndex, ipfixMeteringProcessCacheId, ipfixExportedObservationDomainId, ipfixExportedTemplateId, ipfixTransportSessionIndex } ::= { ipfixExportTable 1 } IpfixExportEntry ::= SEQUENCE { ipfixExportIndex Integer32, ipfixExportMemberType INTEGER } ipfixExportIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in the ipfixExportTable. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization. A common ipfixExportIndex between two entries from this table expresses that there is a relationship between the Transport Sessions in ipfixTransportSessionIndex. The type of relationship is expressed by the value of ipfixExportMemberType." ::= { ipfixExportEntry 1 } ipfixExportMemberType OBJECT-TYPE SYNTAX INTEGER { unknown(0), primary(1), Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 37] Internet-Draft IPFIX MIB July 2008 secondary(2), parallel(3), loadBalancing(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "The type of a member Transport Session in a Transport Session group (identified by the value of ipfixExportIndex, ipfixExportedObservationDomainId and ipfixMeteringProcessCacheId). The following values are valid: unknown(0) This value MUST be used if the status of the group membership cannot be detected by the equipment. This value should be avoided as far as possible. primary(1) This value is used for a group member that is used as the primary target of an Exporter. Other group members (with the same ipfixExportIndex and ipfixMeteringProcessCacheId) MUST NOT have the value primary(1) but MUST have the value secondary(2). This value MUST also be specified if the Exporter does not support Transport Session grouping.In this case the group contains only one Transport Session. secondary(2) This value is used for a group member that is used as a secondary target of an Exporter. The Exporter will use one of the targets specified as secondary(2) within the same Transport Session group when the primary target is not reachable. duplicate(3) This value is used for a group member that is used for duplicate exporting i.e., all group members identified by the ipfixExportIndex are exporting the same Records in parallel. This implies that all group members MUST have the the same membertype duplicate(3). loadBalancing(4) This value is used for a group member that is used as as one target for load-balancing. This means that a Record is sent to one of the group members in this group identified by ipfixExportIndex. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 38] Internet-Draft IPFIX MIB July 2008 This implies that all group members MUST have the same membertype load-balancing(4)." ::= { ipfixExportEntry 2 } -------------------------------------------------------------------- -- 1.8: Metering Process Table -------------------------------------------------------------------- ipfixMeteringProcessTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixMeteringProcessEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists so called caches used at the Metering Process to store the metering data of Flows observed at the Observation Points given in the ipfixObservationPointGroupReference. The table lists the timeouts that specify when the cached metering data is exported as a Flow Record by the Templates linked to this entry. On Collectors the table is not needed." ::= { ipfixObjects 8 } ipfixMeteringProcessEntry OBJECT-TYPE SYNTAX IpfixMeteringProcessEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixMeteringProcessTable." INDEX { ipfixMeteringProcessCacheId } ::= { ipfixMeteringProcessTable 1 } IpfixMeteringProcessEntry ::= SEQUENCE { ipfixMeteringProcessCacheId Integer32, ipfixMeteringProcessId Integer32, ipfixObservationPointGroupReference Integer32, ipfixMeteringProcessCacheActiveTimeout Unsigned32, ipfixMeteringProcessCacheInactiveTimeout Unsigned32 } ipfixMeteringProcessCacheId OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in the ipfixMeterinProcessTable. The value is expected to remain Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 39] Internet-Draft IPFIX MIB July 2008 constant from a re-initialization of the entity's network management system to the next re-initialization." ::= { ipfixMeteringProcessEntry 1 } ipfixMeteringProcessId OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The Metering Process Id to which the given cache belongs to. How this value is choosen is implementation dependent." ::= { ipfixMeteringProcessEntry 2 } ipfixObservationPointGroupReference OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The Observation Point Group Id that links this table entry to the ipfixObservationPointTable. The matching ipfixObservationPointGroupId in that table gives the Observation Points used in that cache. If such a group cannot be given this value MUST be 0." ::= { ipfixMeteringProcessEntry 3 } ipfixMeteringProcessCacheActiveTimeout OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The time in seconds after which an active Flow is expired. On the Exporter this object contains the time after which a Flow is expired (and a Data Record for the template is sent) even though packets matching this Flow are still received by the Metering Process. If this value is 0 the Flow is not prematurely expired." REFERENCE "[I-D.ietf-ipfix-architecture]: Architecture for IP Flow Information Export, Section 5.1.1, Point 3." ::= { ipfixMeteringProcessEntry 4 } ipfixMeteringProcessCacheInactiveTimeout OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The time in seconds after which an inactive Flow is Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 40] Internet-Draft IPFIX MIB July 2008 expired. On the Exporter this object contains the time after which a Flow is expired (and a Data Record for the template is sent) when no packets matching this Flow are received by the Metering Process for the given number of seconds. If this value is 0 the Flow is timed out immediately i.e., a Data Record is sent for every packet received by the Metering Process." REFERENCE "[I-D.ietf-ipfix-architecture]: Architecture for IP Flow Information Export, Section 5.1.1, Point 1." ::= { ipfixMeteringProcessEntry 5 } -------------------------------------------------------------------- -- 1.9: Observation Point Table -------------------------------------------------------------------- ipfixObservationPointTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixObservationPointEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists the Observation Points used within an Exporter by the Metering Process. The index ipfixObservationPointGroupId groups Observation Points and is referenced in the Metering Process table. On Collectors this table is not needed." ::= { ipfixObjects 9 } ipfixObservationPointEntry OBJECT-TYPE SYNTAX IpfixObservationPointEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixObservationPointTable." INDEX { ipfixObservationPointGroupId, ipfixObservationPointIndex } ::= { ipfixObservationPointTable 1 } IpfixObservationPointEntry ::= SEQUENCE { ipfixObservationPointGroupId Integer32, ipfixObservationPointIndex Integer32, ipfixPhysicalEntity PhysicalIndexOrZero, ipfixPhysicalEntityDirection INTEGER Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 41] Internet-Draft IPFIX MIB July 2008 } ipfixObservationPointGroupId OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in the ipfixObservationDomainTable. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization. This index represents a group of Observation Points. The special value of 0 MUST NOT be used within this table but is reserved for the usage in the ipfixMeteringProcessTable. An index of 0 for the ipfixObservationPointGroupReference index in that table indicates that an Observation Point cannot be given for a Metering Process cache." ::= { ipfixObservationPointEntry 1 } ipfixObservationPointIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in the ipfixObservationDomainTable. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization. This index represents a single Observation Point in an Observation Point group." ::= { ipfixObservationPointEntry 2 } ipfixPhysicalEntity OBJECT-TYPE SYNTAX PhysicalIndexOrZero MAX-ACCESS read-only STATUS current DESCRIPTION "This object contains the index of a physical entity in the Entity MIB. This physical entity is the given Observation Domain. If such a physical entity cannot be specified or is not known then the object contains 0." DEFVAL { 0 } ::= { ipfixObservationPointEntry 3 } Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 42] Internet-Draft IPFIX MIB July 2008 ipfixPhysicalEntityDirection OBJECT-TYPE SYNTAX INTEGER { none(0), ingress(1), egress(2), both(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The direction of the flow that is monitored on the given physical entity. The following values are valid: none(0) This value muse be used if a direction is not applicable on the given physical entity. ingress(1) This value is used for monitoring incoming flows on the given physical entity. egress(2) This value is used for monitoring outgoing flows on the given physical entity. both(3) This value is used for monitoring incoming and outgoing flows on the given physical entity." ::= { ipfixObservationPointEntry 4 } -------------------------------------------------------------------- -- 1.10: Selector Table -------------------------------------------------------------------- ipfixSelectorTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixSelectorEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains Selector Functions connected to a Metering Process by the index ipfixMeteringProcessCacheId. The Selector Functions are applied to the packets observed at the given Metering Process cache in the order implied by the ipfixSelectorIndex. The resulting Flow Records are then exported by using the connected Templates. Since IPFIX does not define any Selector Function (except selecting every packet) this is a placeholder for future use and a guideline for implementing enterprise specific Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 43] Internet-Draft IPFIX MIB July 2008 Selector Function objects. The following object tree should visualize how the Selector Function objects should be implemented: ipfixSelectorFunctions | +- ipfixFuncSelectAll | | | +- ipfixFuncSelectAllAvail (is the function available?) | +- ipfixFuncF2 | | | +- ipfixFuncF2Avail (is the function F2 available) | | | +- ipfixFuncF2Parameters (a table with parameters) ... | +- ipfixFunFn... If a Selector Function takes parameters the MIB should contain a table with an entry for each set of parameters used at the Exporter." ::= { ipfixObjects 10 } ipfixSelectorEntry OBJECT-TYPE SYNTAX IpfixSelectorEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixSelectorTable." INDEX { ipfixMeteringProcessCacheId, ipfixSelectorIndex } ::= { ipfixSelectorTable 1 } IpfixSelectorEntry ::= SEQUENCE { ipfixSelectorIndex Integer32, ipfixSelectorFunction OBJECT IDENTIFIER } ipfixSelectorIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in the Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 44] Internet-Draft IPFIX MIB July 2008 ipfixSelectorTable. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization." ::= { ipfixSelectorEntry 1 } ipfixSelectorFunction OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-only STATUS current DESCRIPTION "The pointer to the Selector Function used at position ipfixSelectorIndex in the list of Selector Functions for the Metering Process cache specified by the index ipfixMeteringProcessCacheId." ::= { ipfixSelectorEntry 2 } -------------------------------------------------------------------- -- 1.11: Packet Selector Functions for IPFIX -------------------------------------------------------------------- ipfixSelectorFunctions OBJECT IDENTIFIER ::= { ipfixObjects 11 } -------------------------------------------------------------------- -- 1.11.1: Function 1: Selecting All Packets -------------------------------------------------------------------- ipfixFuncSelectAll OBJECT IDENTIFIER ::= { ipfixSelectorFunctions 1 } ipfixFuncSelectAllAvail OBJECT-TYPE SYNTAX IpfixFunctionAvailability MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the availability of the trivial function of selecting all packets. This function is always available." DEFVAL { available } ::= { ipfixFuncSelectAll 1 } -------------------------------------------------------------------- -- 2.1: Transport Session Statistics Table -------------------------------------------------------------------- ipfixTransportSessionStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixTransportSessionStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists Transport Sessions statistics between Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 45] Internet-Draft IPFIX MIB July 2008 Exporting Process and Collecting Process." ::= { ipfixStatistics 1 } ipfixTransportSessionStatsEntry OBJECT-TYPE SYNTAX IpfixTransportSessionStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixTransportSessionStatsTable" AUGMENTS { ipfixTransportSessionEntry } ::= { ipfixTransportSessionStatsTable 1 } IpfixTransportSessionStatsEntry ::= SEQUENCE { ipfixTransportSessionRate Integer32, ipfixTransportSessionPackets Counter32, ipfixTransportSessionBytes Counter32, ipfixTransportSessionMessages Counter32, ipfixTransportSessionDiscardedMessages Counter32, ipfixTransportSessionRecords Counter64, ipfixTransportSessionTemplates Counter32, ipfixTransportSessionOptionTemplates Counter32 } ipfixTransportSessionRate OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of bytes per second received by the Collector or transmitted by the Exporter. A value of zero (0) means that no packets were sent or received yet." ::= { ipfixTransportSessionStatsEntry 1 } ipfixTransportSessionPackets OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets received by the Collector or transmitted by the Exporter." ::= { ipfixTransportSessionStatsEntry 2 } ipfixTransportSessionBytes OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 46] Internet-Draft IPFIX MIB July 2008 DESCRIPTION "The number of bytes received by the Collector or transmitted by the Exporter." ::= { ipfixTransportSessionStatsEntry 3 } ipfixTransportSessionMessages OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of IPFIX messages received by the Collector or transmitted by the Exporter." ::= { ipfixTransportSessionStatsEntry 4 } ipfixTransportSessionDiscardedMessages OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of received IPFIX Message that are malformed, cannot be decoded, are received in the wrong order or are missing according to the sequence number. If used at the Exporter the number of messages that could not be sent due to e.g. internal buffer overflows, network congestion, or routing issues." ::= { ipfixTransportSessionStatsEntry 5 } ipfixTransportSessionRecords OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Data Records received by the Collector or transmitted by the Exporter." ::= { ipfixTransportSessionStatsEntry 6 } ipfixTransportSessionTemplates OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Templates received or transmitted." ::= { ipfixTransportSessionStatsEntry 7 } ipfixTransportSessionOptionTemplates OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 47] Internet-Draft IPFIX MIB July 2008 STATUS current DESCRIPTION "The number of Option Templates received or transmitted." ::= { ipfixTransportSessionStatsEntry 8 } -------------------------------------------------------------------- -- 2.2: Exported Template Statistics Table -------------------------------------------------------------------- ipfixExportedTemplateStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixExportedTemplateStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists statistics objects per exported Template." ::= { ipfixStatistics 2 } ipfixExportedTemplateStatsEntry OBJECT-TYPE SYNTAX IpfixExportedTemplateStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixExportedTemplateStatsTable" AUGMENTS { ipfixExportedTemplateEntry } ::= { ipfixExportedTemplateStatsTable 1 } IpfixExportedTemplateStatsEntry ::= SEQUENCE { ipfixExportedTemplateDataRecords Counter32 } ipfixExportedTemplateDataRecords OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Data Records per Template transmitted." ::= { ipfixExportedTemplateStatsEntry 1 } -------------------------------------------------------------------- -- 2.3: Collected Template Statistics Table -------------------------------------------------------------------- ipfixCollectedTemplateStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixCollectedTemplateStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists statistics objects per collected Template." Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 48] Internet-Draft IPFIX MIB July 2008 ::= { ipfixStatistics 3 } ipfixCollectedTemplateStatsEntry OBJECT-TYPE SYNTAX IpfixCollectedTemplateStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixCollectedTemplateStatsTable" AUGMENTS { ipfixCollectedTemplateEntry } ::= { ipfixCollectedTemplateStatsTable 1 } IpfixCollectedTemplateStatsEntry ::= SEQUENCE { ipfixCollectedTemplateDataRecords Counter32 } ipfixCollectedTemplateDataRecords OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Data Records per Template received." ::= { ipfixCollectedTemplateStatsEntry 1 } -------------------------------------------------------------------- -- 2.4: Metering Process Statistics Table -------------------------------------------------------------------- ipfixMeteringProcessStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixMeteringProcessStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists statistic objects that have data per Metering Process cache. On Collectors this table is not needed." ::= { ipfixStatistics 4 } ipfixMeteringProcessStatsEntry OBJECT-TYPE SYNTAX IpfixMeteringProcessStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixMeteringProcessStatsTable." AUGMENTS { ipfixMeteringProcessEntry } ::= { ipfixMeteringProcessStatsTable 1 } IpfixMeteringProcessStatsEntry ::= Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 49] Internet-Draft IPFIX MIB July 2008 SEQUENCE { ipfixMeteringProcessCacheActiveFlows Unsigned32, ipfixMeteringProcessCacheInactiveFlows Unsigned32, ipfixMeteringProcessMessages Counter32, ipfixMeteringProcessErrors Counter32, ipfixMeteringProcessDataRecords Counter32 } ipfixMeteringProcessCacheActiveFlows OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Flows currently active at this cache." ::= { ipfixMeteringProcessStatsEntry 1 } ipfixMeteringProcessCacheInactiveFlows OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Flows currently inactive at this cache." ::= { ipfixMeteringProcessStatsEntry 2 } ipfixMeteringProcessMessages OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of IPFIX messages transmitted." ::= { ipfixMeteringProcessStatsEntry 3 } ipfixMeteringProcessErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of messages that could not be sent due to e.g. internal buffer overflows or network congestion." ::= { ipfixMeteringProcessStatsEntry 4 } ipfixMeteringProcessDataRecords OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Data Records transmitted." ::= { ipfixMeteringProcessStatsEntry 5 } Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 50] Internet-Draft IPFIX MIB July 2008 -------------------------------------------------------------------- -- 2.5: Selector Statistics Table -------------------------------------------------------------------- ipfixSelectorStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixSelectorStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains statistics for the Selector Functions connected to Metering Process by the index ipfixMeteringProcessCacheId. The indexes MUST match an entry in the ipfixSelectorTable." ::= { ipfixStatistics 5 } ipfixSelectorStatsEntry OBJECT-TYPE SYNTAX IpfixSelectorStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixSelectorStatsTable." AUGMENTS { ipfixSelectorEntry } ::= { ipfixSelectorStatsTable 1 } IpfixSelectorStatsEntry ::= SEQUENCE { ipfixSelectorStatsPacketsObserved Integer32, ipfixSelectorStatsPacketsDropped Integer32 } ipfixSelectorStatsPacketsObserved OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets observed at the entry point of the function. The entry point may be the Observation Point or the exit point of another Selector Function." ::= { ipfixSelectorStatsEntry 1 } ipfixSelectorStatsPacketsDropped OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets dropped while selecting packets." ::= { ipfixSelectorStatsEntry 2 } --================================================================== Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 51] Internet-Draft IPFIX MIB July 2008 -- 3: Conformance Information --================================================================== ipfixCompliances OBJECT IDENTIFIER ::= { ipfixConformance 1 } ipfixGroups OBJECT IDENTIFIER ::= { ipfixConformance 2 } -------------------------------------------------------------------- -- 3.1: Compliance Statements -------------------------------------------------------------------- ipfixCollectorCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "An implementation that builds an IPFIX Collector that complies to this module MUST implement the objects defined in the mandatory group ipfixCommonGroup. The implementation of all objects in the other groups is optional and depends on the corresponding functionality implemented in the equipment." MODULE -- this module MANDATORY-GROUPS { ipfixCommonGroup, ipfixCollectorGroup } GROUP ipfixCommonStatsGroup DESCRIPTION "These objects should be implemented if the statistics function is implemented in the equipment." GROUP ipfixCollectorStatsGroup DESCRIPTION "These objects should be implemented if the statistics function is implemented in the equipment." ::= { ipfixCompliances 1 } ipfixExporterCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "An implementation that builds an IPFIX Exporter that complies to this module MUST implement the objects defined in the mandatory group ipfixCommonGroup. The implementation of all other objects depends on the implementation of the corresponding functionality in the equipment." MODULE -- this module MANDATORY-GROUPS { ipfixCommonGroup, ipfixExporterGroup } Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 52] Internet-Draft IPFIX MIB July 2008 GROUP ipfixCommonStatsGroup DESCRIPTION "These objects should be implemented if the statistics function is implemented in the equipment." GROUP ipfixExporterStatsGroup DESCRIPTION "These objects MUST be implemented if statistical functions are implemented on the equipment." ::= { ipfixCompliances 2 } -------------------------------------------------------------------- -- 3.2: MIB Grouping -------------------------------------------------------------------- ipfixCommonGroup OBJECT-GROUP OBJECTS { ipfixExportVersion, ipfixTransportSessionProtocol, ipfixTransportSessionAddressType, ipfixTransportSessionSourceAddress, ipfixTransportSessionDestinationAddress, ipfixTransportSessionSourcePort, ipfixTransportSessionDestinationPort, ipfixTransportSessionSctpAssocId, ipfixTransportSessionTemplateRefreshTimeout, ipfixTransportSessionOptionTemplateRefreshTimeout, ipfixTransportSessionTemplateRefreshPacket, ipfixTransportSessionOptionTemplateRefreshPacket, ipfixTransportSessionStatus } STATUS current DESCRIPTION "All objects that are mandatory for the management function of any IPFIX Device." ::= { ipfixGroups 1 } ipfixCommonStatsGroup OBJECT-GROUP OBJECTS { ipfixTransportSessionRate, ipfixTransportSessionPackets, ipfixTransportSessionBytes, ipfixTransportSessionMessages, ipfixTransportSessionDiscardedMessages, ipfixTransportSessionRecords, ipfixTransportSessionTemplates, ipfixTransportSessionOptionTemplates } Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 53] Internet-Draft IPFIX MIB July 2008 STATUS current DESCRIPTION "All statistical objects that should be common on all IPFIX Devices." ::= { ipfixGroups 3 } ipfixExporterGroup OBJECT-GROUP OBJECTS { ipfixExportedTemplateSetId, ipfixExportedTemplateAccessTime, ipfixExportedTemplateDefinitionIeId, ipfixExportedTemplateDefinitionIeLength, ipfixExportedTemplateDefinitionFlags, ipfixExportMemberType, ipfixMeteringProcessId, ipfixObservationPointGroupReference, ipfixMeteringProcessCacheActiveTimeout, ipfixMeteringProcessCacheInactiveTimeout, ipfixPhysicalEntity, ipfixPhysicalEntityDirection, ipfixSelectorFunction, ipfixFuncSelectAllAvail } STATUS current DESCRIPTION "This group contains all objects that MUST be implemented for supporting Selector Functions like filtering and/or sampling on an Device using the IPFIX procol." ::= { ipfixGroups 4 } ipfixExporterStatsGroup OBJECT-GROUP OBJECTS { ipfixExportedTemplateDataRecords, ipfixMeteringProcessMessages, ipfixMeteringProcessErrors, ipfixMeteringProcessDataRecords, ipfixMeteringProcessCacheActiveFlows, ipfixMeteringProcessCacheInactiveFlows, ipfixSelectorStatsPacketsObserved, ipfixSelectorStatsPacketsDropped Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 54] Internet-Draft IPFIX MIB July 2008 } STATUS current DESCRIPTION "This statistical objects are optional for Exporters. They should be implemented if statistical functions are available on the used equipment." ::= { ipfixGroups 5 } ipfixCollectorGroup OBJECT-GROUP OBJECTS { ipfixCollectedTemplateSetId, ipfixCollectedTemplateAccessTime, ipfixCollectedTemplateDefinitionIeId, ipfixCollectedTemplateDefinitionIeLength, ipfixCollectedTemplateDefinitionFlags } STATUS current DESCRIPTION "This group contains all objects that MUST be implemented for supporting Selector Functions like filtering and/or sampling on an Device using the IPFIX procol." ::= { ipfixGroups 6 } ipfixCollectorStatsGroup OBJECT-GROUP OBJECTS { ipfixCollectedTemplateDataRecords } STATUS current DESCRIPTION "This statistical objects are optional for Exporters. They should be implemented if statistical functions are available on the used equipment." ::= { ipfixGroups 7 } END Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 55] Internet-Draft IPFIX MIB July 2008 8. Security Considerations There are no management objects defined in this MIB module that have a MAX-ACCESS clause of read-write and/or read-create. So, if this MIB module is implemented correctly, then there is no risk that an intruder can alter or create any management objects of this MIB module via direct SNMP SET operations. Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability: o ipfixTransportSessionTable - contains configuration data that might be sensitive o ipfixExportTable - contains configuration data that might be sensitive o ipfixMeteringProcessTable - contains configuration data that might be sensitive o ipfixObservationPointTable - contains configuration data that might be sensitive o ipfixSelectorFunctions - currently contains no sensitive data but might want to be secured anyway since it may contain sensitive data in a future version All other objects and tables contain no data that is considered sensitive. SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPsec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module. It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy). Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 56] Internet-Draft IPFIX MIB July 2008 enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 57] Internet-Draft IPFIX MIB July 2008 9. IANA Considerations The MIB module in this document uses the following IANA-assigned OBJECT IDENTIFIER values recorded in the SMI Numbers registry: Descriptor OBJECT IDENTIFIER value ---------- ----------------------- ipfixMIB { mib-2 xxxxx } Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 58] Internet-Draft IPFIX MIB July 2008 10. Acknowledgment This document is a product of the IPFIX working group. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 59] Internet-Draft IPFIX MIB July 2008 11. References 11.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. Schoenwaelder, "Textual Conventions for Internet Network Addresses", RFC 4001, February 2005. [RFC3873] Pastor, J. and M. Belinchon, "Stream Control Transmission Protocol (SCTP) Management Information Base (MIB)", RFC 3873, September 2004. [RFC4133] Bierman, A. and K. McCloghrie, "Entity MIB (Version 3)", RFC 4133, August 2005. [RFC5101] Claise, B., "Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information", RFC 5101, January 2008. [RFC5102] Quittek, J., Bryant, S., Claise, B., Aitken, P., and J. Meyer, "Information Model for IP Flow Information Export", RFC 5102, January 2008. 11.2. Informative References [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework", RFC 3410, December 2002. [RFC3917] Quittek, J., Zseby, T., Claise, B., and S. Zander, "Requirements for IP Flow Information Export (IPFIX)", RFC 3917, October 2004. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 60] Internet-Draft IPFIX MIB July 2008 [I-D.ietf-ipfix-architecture] Sadasivan, G., "Architecture for IP Flow Information Export", draft-ietf-ipfix-architecture-12 (work in progress), September 2006. [I-D.ietf-ipfix-as] Zseby, T., "IPFIX Applicability", draft-ietf-ipfix-as-12 (work in progress), July 2007. [I-D.ietf-psamp-framework] Chiou, D., Claise, B., Duffield, N., Greenberg, A., Grossglauser, M., Rexford, J., and S. Goldberg, "A Framework for Packet Selection and Reporting", draft-ietf-psamp-framework-13 (work in progress), June 2008. [I-D.ietf-psamp-sample-tech] Zseby, T., "Sampling and Filtering Techniques for IP Packet Selection", draft-ietf-psamp-sample-tech-11 (work in progress), July 2008. [I-D.ietf-psamp-mib] Dietz, T. and B. Claise, "Definitions of Managed Objects for Packet Sampling", draft-ietf-psamp-mib-06 (work in progress), June 2006. [I-D.ietf-psamp-protocol] Claise, B., "Packet Sampling (PSAMP) Protocol Specifications", draft-ietf-psamp-protocol-09 (work in progress), December 2007. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 61] Internet-Draft IPFIX MIB July 2008 Authors' Addresses Thomas Dietz (editor) NEC Europe Ltd. NEC Laboratories Europe Network Research Division Kurfuersten-Anlage 36 Heidelberg 69115 DE Phone: +49 6221 4342-128 Email: Thomas.Dietz@nw.neclab.eu Atsushi Kobayashi NTT Information Sharing Platform Laboratories 3-9-11 Midori-cho Musashino-shi, Tokyo 180-8585 JA Phone: +81-422-59-3978 Email: akoba@nttv6.net Benoit Claise Cisco Systems, Inc. De Kleetlaan 6a b1 Degem 1831 BE Phone: +32 2 704 5622 Email: bclaise@cisco.com Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 62] Internet-Draft IPFIX MIB July 2008 Full Copyright Statement Copyright (C) The IETF Trust (2008). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Dietz, et al. draft-ietf-ipfix-mib-04.txt [Page 63]