[Docs] [txt|pdf] [Tracker] [Email] [Diff1] [Diff2] [Nits]

Versions: 00 01 02 03 04 05 06 07 08 09 10 11 12

SAVI                                                               C. An
Internet-Draft                                                   J. Yang
Intended status: Experimental                                      J. Wu
Expires: June 18, 2017                                             J. Bi
                                                                  CERNET
                                                       December 15, 2016


            Definition of Managed Objects for SAVI Protocol
                          draft-an-savi-mib-12

Abstract

   This memo defines a portion of the Management Information Base (MIB)
   for use with network management protocols in the Internet community.
   In particular, it defines objects for managing SAVI (Source Address
   Validation Improvements) protocol instance.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on June 18, 2017.

Copyright Notice

   Copyright (c) 2016 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of




An, et al.                Expires June 18, 2017                 [Page 1]


Internet-Draft                  SAVI-MIB                   December 2016


   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  The Internet-Standard Management Framework  . . . . . . . . .   3
   3.  Conventions . . . . . . . . . . . . . . . . . . . . . . . . .   3
   4.  Overview  . . . . . . . . . . . . . . . . . . . . . . . . . .   3
   5.  Structure of the MIB Module . . . . . . . . . . . . . . . . .   4
     5.1.  The SAVI System Table . . . . . . . . . . . . . . . . . .   4
     5.2.  The SAVI Port Table . . . . . . . . . . . . . . . . . . .   5
     5.3.  The SAVI Binding Table  . . . . . . . . . . . . . . . . .   6
     5.4.  The SAVI Filtering Table  . . . . . . . . . . . . . . . .   7
     5.5.  The SAVI Counting Table . . . . . . . . . . . . . . . . .   7
   6.  Textual Conventions . . . . . . . . . . . . . . . . . . . . .   8
   7.  Relationship to Other MIB Modules . . . . . . . . . . . . . .   8
     7.1.  Relationship to the INET-ADDRESS-MIB  . . . . . . . . . .   8
     7.2.  Relationship to the IF-MIB  . . . . . . . . . . . . . . .   9
     7.3.  MIB modules required for IMPORTS  . . . . . . . . . . . .   9
   8.  Definitions . . . . . . . . . . . . . . . . . . . . . . . . .   9
   9.  Security Considerations . . . . . . . . . . . . . . . . . . .  26
   10. IANA Considerations . . . . . . . . . . . . . . . . . . . . .  28
   11. Contributors  . . . . . . . . . . . . . . . . . . . . . . . .  28
   12. References  . . . . . . . . . . . . . . . . . . . . . . . . .  28
     12.1.  Normative References . . . . . . . . . . . . . . . . . .  28
     12.2.  Informative References . . . . . . . . . . . . . . . . .  29
     12.3.  URL References . . . . . . . . . . . . . . . . . . . . .  30
   Appendix A.  Change Log . . . . . . . . . . . . . . . . . . . . .  31
   Appendix B.  Open Issues  . . . . . . . . . . . . . . . . . . . .  32
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  32

1.  Introduction

   The Source Address Validation Improvement protocol was developed to
   complement ingress filtering with finer-grained, standardized IP
   source address validation(refer to [RFC7039]).A SAVI protocol
   instance is located on the path of hosts' packets, enforcing the
   hosts' use of legitimate IP source addresses.

   SAVI protocol determines whether the IP address obtaining process is
   legitimate according to IP address assignment method.  For links with
   Stateless Address Auto Configuration (SLAAC), Dynamic Host
   Configuration Protocol (DHCP), and Secure Neighbor Discovery (SEND),
   the process is defined in separate documents of SAVI Working Group
   (refer to [RFC6620], [RFC7513], [RFC7219].)





An, et al.                Expires June 18, 2017                 [Page 2]


Internet-Draft                  SAVI-MIB                   December 2016


   This document defines a MIB module that can be used to manage the
   SAVI protocol instance.  It covers both configuration and status
   monitoring aspects of SAVI implementations.

   This document uses terminology from the SAVI Protocol specification.

2.  The Internet-Standard Management Framework

   For a detailed overview of the documents that describe the current
   Internet-Standard Management Framework, please refer to section 7 of
   RFC 3410 [RFC3410].

   Managed objects are accessed via a virtual information store, termed
   the Management Information Base or MIB.  MIB objects are generally
   accessed through the Simple Network Management Protocol (SNMP).
   Objects in the MIB are defined using the mechanisms defined in the
   Structure of Management Information (SMI).  This memo specifies a MIB
   module that is compliant to the SMIv2, which is described in STD 58,
   RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580
   [RFC2580].

3.  Conventions

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [RFC2119].

4.  Overview

   The SAVI Protocol MIB module (SAVI-MIB) is conformant to SAVI
   protocol, and is designed to:

   o  Support centralized management and monitoring of SAVI protocol
      instance by standard SNMP protocol.

   o  Support configuration and querying of SAVI protocol parameters.

   o  Support configuration and querying of binding entries.  Operators
      may insert and delete manual binding entries.

   o  Support querying of filtering entries.

   o  Support querying of the count of packets dropped because of
      validation failure for each interface.

   Based on SAVI protocol, attributes and objects of a SAVI protocol
   instance can be classified into five categories:




An, et al.                Expires June 18, 2017                 [Page 3]


Internet-Draft                  SAVI-MIB                   December 2016


   o  System attributes.  These attributes are corresponding to a SAVI
      protocol instance, such as IP Address Assignment Methods and some
      constants.

   o  Anchor attributes.  These attributes are corresponding to a SAVI
      anchor.  Anchor is defined in [RFC7039].

   o  Binding Status Table.  This table contains the state of binding
      between source address and binding anchor (refer to [RFC6620],
      [RFC7513], [RFC7219]).

   o  Filtering Table.  This table contains the bindings between binding
      anchor and address, which is used to filter packets (refer to
      [RFC6620], [RFC7513], [RFC7219]).

   o  Counting Table.  This table contains the count of fail packets for
      each interface.

   A table is designed for each category of objects.

5.  Structure of the MIB Module

   This section presents the structure of the SAVI-MIB module.  The MIB
   objects are derived from the SAVI protocol specification.

   This MIB is composed of a series of tables meant to form the base for
   managing SAVI entities.  The following subsections describe all
   tables in the SAVI MIB module.

5.1.  The SAVI System Table

   The SAVI System Table (saviObjectsSystemTable) contains the objects
   which are corresponding to SAVI system-wide parameters.  It supports
   the configuration and collection of SAVI system-wide parameters.

   There is an entry for each IP stack, IPv4 and IPv6.  The table is
   indexed by:

   o  saviObjectsSystemIPVersion - The IP Version.  A textual convention
      InetVersion defined in RFC4001 is used to represent the different
      version of IP protocol.

   It contains the following objects:

   o  saviObjectsSystemSlaacEnable - If SAVI for SlAAC is enabled.

   o  saviObjectsSystemDhcpEnable - If SAVI for DHCP is enabled.




An, et al.                Expires June 18, 2017                 [Page 4]


Internet-Draft                  SAVI-MIB                   December 2016


   o  saviObjectsSystemSendEnable - If SAVI for SEND is enabled.

   o  saviObjectsSystemManualEnable - If SAVI for MANUAL is enabled.

   o  saviObjectsSystemMaxDhcpResponseTime - A constant defined in SAVI
      protocol (refer to [RFC7513]).

   o  saviObjectsSystemDataSnoopingInterval - A constant defined in SAVI
      protocol (refer to [RFC7513]).

   o  saviObjectsSystemMaxLeaseQueryDelay - A constant defined in SAVI
      protocol (refer to [RFC7513]).

   o  saviObjectsSystemOffLinkDelay - A constant defined in SAVI
      protocol (refer to [RFC7513]).

   o  saviObjectsSystemDetectionTimeout - A constant defined in SAVI
      protocol (refer to [RFC7513]).

   o  saviObjectsSystemTentLT - A constant defined in SAVI protocol
      (refer to [RFC6620]).

   o  saviObjectsSystemDefaultLT - A constant defined in SAVI protocol
      (refer to [RFC6620]).

   o  saviObjectsSystemTWAIT - A constant defined in SAVI protocol
      (refer to [RFC6620]).

   The MAX-ACCESS of these objects is READ-WRITE.  Network Operators may
   do configuration by setting these objects.

5.2.  The SAVI Port Table

   The SAVI Port Table (saviObjectsPortTable) contains the objects which
   are corresponding to SAVI running parameters of each anchor.  It
   supports the configuration and collection of SAVI parameters of each
   anchor.

   There is an entry for each IP stack, IPv4 and IPv6.  The table is
   indexed by:

   o  saviObjectsPortIPVersion - The IP Version.

   o  saviObjectsPortIfIndex - The index value that uniquely identifies
      the interface to which this entry is applicable.

   It contains the following objects:




An, et al.                Expires June 18, 2017                 [Page 5]


Internet-Draft                  SAVI-MIB                   December 2016


   o  saviObjectsPortValidatingAttr - An attribute defined in SAVI
      protocol (refer to [RFC7513]).

   o  saviObjectsPortDhcpTrustAttr - An attribute defined in SAVI
      protocol (refer to [RFC7513]).

   o  saviObjectsPortTrustAttr - An attribute defined in SAVI protocol
      (refer to [RFC7513]).

   o  saviObjectsPortDhcpSnoopingAttr - An attribute defined in SAVI
      protocol (refer to [RFC7513]).

   o  saviObjectsPortDataSnoopingAttr - An attribute defined in SAVI
      protocol (refer to [RFC7513]).

   o  saviObjectsPortFilteringNum - The max filtering number of the
      Port.

   The MAX-ACCESS of these objects is READ-WRITE.  Network Operators may
   configure by setting these objects.

5.3.  The SAVI Binding Table

   The SAVI Binding Table (saviObjectsBindingTable) contains the objects
   which are corresponding to Binding State Table (BST) defined in SAVI
   protocol.  It contains the binding parameters and state of each
   binding entry.  It supports the collection of binding entries.  And
   an entry can be inserted or deleted if it is a manual binding entry.

   The table is indexed by:

   o  saviObjectsBindingIpAddressType - IP address type.  A textual
      convention InetAddressType defined in RFC4001 is used to represent
      the different kind of IP address.

   o  saviObjectsBindingMethod - which IP address assignment method is
      used to create the binding entry - manual(1), slaac(2), dhcp(3),
      send(4).

   o  saviObjectsBindingIfIndex - The index value that uniquely
      identifies the interface to which this entry is applicable.

   o  saviObjectsBindingIpAddress - The binding source IP address.  A
      textual convention InetAddress defined in RFC4001 is used to
      define this object.

   The SAVI Binding Table contains the following objects:




An, et al.                Expires June 18, 2017                 [Page 6]


Internet-Draft                  SAVI-MIB                   December 2016


   o  saviObjectsBindingMacAddr - The binding source mac address.

   o  saviObjectsBindingState - The state of the binding entry.

   o  saviObjectsBindingLifetime - The remaining lifetime of the entry.

   o  saviObjectsBindingCreationtime - The value of the local clock when
      the entry was firstly created.

   o  saviObjectsBindingTID - The Transaction ID (TID) (refer to RFC2131
      and RFC3315) of the corresponding DHCP transaction.

   o  saviObjectsBindingRowStatus - The status of this row, by which new
      entries may be created, or old entries be deleted from this table.
      As defined in RFC2579, the RowStatus textual convention is used to
      manage the creation and deletion of conceptual rows.  For SAVI
      Binding Table, an entry can be created or deleted only when
      saviObjectsBindingMethod=manual.

   The MAX-ACCESS of these objects is READ-CREATE.  Network Operators
   may create or delete an entry by setting these objects.

5.4.  The SAVI Filtering Table

   The SAVI Filtering Table (saviObjectsFilteringTable) contains the
   objects which are corresponding to Filtering Table (FT) defined in
   SAVI protocol.  It supports the collection of filtering entries.

   The table is indexed by:

   o  saviObjectsFilteringIpAddressType - IP address type.

   o  saviObjectsFilteringIfIndex - The index value that uniquely
      identifies the interface to which this entry is applicable.

   o  saviObjectsFilteringIpAddress - The source IP address.

   It contains the following objects:

   o  saviObjectsFilteringMacAddr - The source mac address.

   The MAX-ACCESS of the object is READ-ONLY.

5.5.  The SAVI Counting Table

   The SAVI Counting Table (saviObjectsCountTable) contains the objects
   counting packets dropped because of validation failure for each
   interface.



An, et al.                Expires June 18, 2017                 [Page 7]


Internet-Draft                  SAVI-MIB                   December 2016


   The table is indexed by:

   o  saviObjectsCountIPVersion - IP Version.

   o  saviObjectsCountIfIndex - The index value that uniquely identifies
      the interface to which this entry is applicable.

   It contains the following objects:

   o  saviObjectsCountFilterPkts - The count of packets dropped because
      of validation failure.

   The MAX-ACCESS of the object is READ-ONLY.

6.  Textual Conventions

   The textual conventions used in the SAVI-MIB are as follows.

   The MODULE-COMPLIANCE,OBJECT-GROUP textual convention is imported
   from SNMPv2-CONF [RFC2580].  The MODULE-IDENTITY, OBJECT-IDENTITY,
   OBJECT-TYPE, Unsigned32 textual convention is imported from
   SNMPv2-SMI [RFC2578].

   The MacAddress,TimeInterval,RowStatus textual convention is imported
   from SNMPv2-TC [RFC2579].

   The InetVersion,InetAddressType,InetAddress textual convention is
   imported from INET-ADDRESS-MIB [RFC4001].

   The InterfaceIndex textual convention is imported from IF-MIB
   [RFC2863].

   The ip textual convention is imported from IP-MIB [RFC4293].

7.  Relationship to Other MIB Modules

7.1.  Relationship to the INET-ADDRESS-MIB

   To support extensibility, IETF defined new textual conventions to
   represent different IP protocol and different IP address in a unified
   formation in RFC4001.  To support different IP version, a textual
   convention InetVersion is defined to represent the different version
   of IP protocol.  To support different IP address, a generic Internet
   address is defined.  It consists of two objects: The first one has
   the syntax InetAddressType, and the second object have the syntax
   InetAddress.  The value of the first object determines how the value
   of the second is encoded.




An, et al.                Expires June 18, 2017                 [Page 8]


Internet-Draft                  SAVI-MIB                   December 2016


   Since SAVI running mode and parameter is independent of IPv4 and
   IPv6, so different OID instances should be defined for each protocol.
   In SAVI-MIB definition, when IP address is used as a part of binding
   table, it is defined using textual conventions described in INET-
   ADDRESS-MIB.

7.2.  Relationship to the IF-MIB

   The Interfaces MIB [RFC2863] defines generic managed objects for
   managing interfaces.  This document contains the interface-specific
   extensions for managing SAVI anchors that are modeled as interfaces.

   The IF-MIB module is required to be supported on the SAVI device.
   The interface MUST be modeled as an ifEntry, and ifEntry objects such
   as ifIndex are to be used as per [RFC2863].

   An ifIndex [RFC2863] is used as a common index for interfaces in the
   SAVI-MIB modules.

7.3.  MIB modules required for IMPORTS

   The SAVI MIB module IMPORTS objects from SNMPv2-SMI [RFC2578],
   SNMPv2-TC [RFC2579],SNMPv2-CONF [RFC2580], IF-MIB [RFC2863] and INET-
   ADDRESS-MIB [RFC4001] .

8.  Definitions

SAVI-MIB DEFINITIONS ::=BEGIN

IMPORTS
    MODULE-COMPLIANCE,OBJECT-GROUP
        FROM SNMPv2-CONF                    --RFC2580
    MODULE-IDENTITY, OBJECT-IDENTITY, OBJECT-TYPE, Unsigned32
        FROM SNMPv2-SMI                     --RFC2578
    TEXTUAL-CONVENTION,MacAddress,TimeInterval,RowStatus
        FROM SNMPv2-TC                      --RFC2579
    InterfaceIndex
        FROM IF-MIB                         --RFC2863
    InetVersion,InetAddressType,InetAddress
        FROM INET-ADDRESS-MIB               --RFC4001
    ip
        FROM IP-MIB                         --RFC4293
    ;

saviMIB MODULE-IDENTITY
    LAST-UPDATED "2016012150000Z"
    ORGANIZATION
        "IETF SAVI Working Group"



An, et al.                Expires June 18, 2017                 [Page 9]


Internet-Draft                  SAVI-MIB                   December 2016


    CONTACT-INFO
        "WG charter:
           http://datatracker.ietf.org/wg/savi/charter/

         Editor:
           Changqing An
           CERNET
           Postal:  Network Research Center, Tsinghua University
           Beijing 100084
           China
           Email: acq@cernet.edu.cn
        "

    DESCRIPTION
        "This MIB Module is designed to support configuration
        and monitoring of SAVI  protocol.
        "
    REVISION    "201612150000Z"
    DESCRIPTION
        "Initial version"
    ::= {ip XXX}

saviObjects OBJECT IDENTIFIER ::= { saviMIB 1 }

-- System parameters for SAVI protocol

saviObjectsSystemTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF SaviObjectsSystemEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "The table containing savi system-wide parameters."
    ::= { saviObjects 1 }

saviObjectsSystemEntry OBJECT-TYPE
    SYNTAX     SaviObjectsSystemEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "An entry  containing savi system-wide parameters for a
            particular IP version.
           "
    INDEX { saviObjectsSystemIPVersion  }
    ::=   { saviObjectsSystemTable 1 }

SaviObjectsSystemEntry ::=
    SEQUENCE {
        saviObjectsSystemIPVersion              InetVersion,



An, et al.                Expires June 18, 2017                [Page 10]


Internet-Draft                  SAVI-MIB                   December 2016


        saviObjectsSystemSlaacEnable            INTEGER,
        saviObjectsSystemDhcpEnable             INTEGER,
        saviObjectsSystemSendEnable             INTEGER,
        saviObjectsSystemManualEnable           INTEGER,
        saviObjectsSystemMaxDhcpResponseTime    TimeInterval,
        saviObjectsSystemDataSnoopingInterval   TimeInterval,
        saviObjectsSystemMaxLeaseQueryDelay     TimeInterval,
        saviObjectsSystemOffLinkDelay           TimeInterval,
        saviObjectsSystemDetectionTimeout       TimeInterval,
        saviObjectsSystemTentLT                 TimeInterval,
        saviObjectsSystemDefaultLT              TimeInterval,
        saviObjectsSystemTWAIT                  TimeInterval
    }

saviObjectsSystemIPVersion OBJECT-TYPE
    SYNTAX     InetVersion
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "The IP version "
    ::= { saviObjectsSystemEntry 1 }


saviObjectsSystemSlaacEnable OBJECT-TYPE
    SYNTAX     INTEGER {
                 enable(1),
                 disable(2)
               }
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
           "If SAVI for SlAAC is enabled. "
    ::= { saviObjectsSystemEntry 2 }

saviObjectsSystemDhcpEnable OBJECT-TYPE
    SYNTAX     INTEGER {
                 enable(1),
                 disable(2)
               }
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
           "If SAVI for DHCP is enabled. "
    ::= { saviObjectsSystemEntry 3 }

saviObjectsSystemSendEnable OBJECT-TYPE
    SYNTAX     INTEGER {
                 enable(1),



An, et al.                Expires June 18, 2017                [Page 11]


Internet-Draft                  SAVI-MIB                   December 2016


                 disable(2)
               }
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
           "If SAVI for SEND is enabled. "
    ::= { saviObjectsSystemEntry 4 }


saviObjectsSystemManualEnable OBJECT-TYPE
    SYNTAX     INTEGER {
                 enable(1),
                 disable(2)
               }
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
           "If SAVI for MANUAL is enabled. "
    ::= { saviObjectsSystemEntry 5 }


saviObjectsSystemMaxDhcpResponseTime OBJECT-TYPE
    SYNTAX     TimeInterval
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
           "A constant.
            TimeInterval is defined in RFC 2579, it's a period of time,
            measured in units of 0.01 seconds,
            and the value is (0..2147483647).
           "
    ::= { saviObjectsSystemEntry 6 }

saviObjectsSystemDataSnoopingInterval OBJECT-TYPE
    SYNTAX     TimeInterval
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
           "A constant.
            TimeInterval is defined in RFC 2579, it's a period of time,
            measured in units of 0.01 seconds,
            and the value is (0..2147483647).
           "
    ::= { saviObjectsSystemEntry 7 }

saviObjectsSystemMaxLeaseQueryDelay OBJECT-TYPE
    SYNTAX     TimeInterval
    MAX-ACCESS read-write



An, et al.                Expires June 18, 2017                [Page 12]


Internet-Draft                  SAVI-MIB                   December 2016


    STATUS     current
    DESCRIPTION
           "A constant.
            TimeInterval is defined in RFC 2579, it's a period of time,
            measured in units of 0.01 seconds,
            and the value is (0..2147483647).
           "
    ::= { saviObjectsSystemEntry 8 }

saviObjectsSystemOffLinkDelay OBJECT-TYPE
    SYNTAX     TimeInterval
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
           "A constant.
            TimeInterval is defined in RFC 2579, it's a period of time,
            measured in units of 0.01 seconds,
            and the value is (0..2147483647).
           "
    ::= { saviObjectsSystemEntry 9 }

saviObjectsSystemDetectionTimeout OBJECT-TYPE
    SYNTAX     TimeInterval
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
           "A constant.
            TimeInterval is defined in RFC 2579, it's a period of time,
            measured in units of 0.01 seconds,
            and the value is (0..2147483647).
           "
    ::= { saviObjectsSystemEntry 10 }

saviObjectsSystemTentLT OBJECT-TYPE
    SYNTAX     TimeInterval
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
           "A constant.
            TimeInterval is defined in RFC 2579, it's a period of time,
            measured in units of 0.01 seconds,
            and the value is (0..2147483647).
           "
    ::= { saviObjectsSystemEntry 11 }

saviObjectsSystemDefaultLT OBJECT-TYPE
    SYNTAX     TimeInterval
    MAX-ACCESS read-write



An, et al.                Expires June 18, 2017                [Page 13]


Internet-Draft                  SAVI-MIB                   December 2016


    STATUS     current
    DESCRIPTION
           "A constant.
            TimeInterval is defined in RFC 2579, it's a period of time,
            measured in units of 0.01 seconds,
            and the value is (0..2147483647).
           "
    ::= { saviObjectsSystemEntry 12 }

saviObjectsSystemTWAIT OBJECT-TYPE
    SYNTAX     TimeInterval
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
           "A constant.
            TimeInterval is defined in RFC 2579, it's a period of time,
            measured in units of 0.01 seconds,
            and the value is (0..2147483647).
           "
    ::= { saviObjectsSystemEntry 13 }

-- Preference parameters for SAVI protocol

saviObjectsPreferenceTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF SaviObjectsPreferenceEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "The table containing savi preference parameters."
    ::= { saviObjects 2 }

saviObjectsPreferenceEntry OBJECT-TYPE
    SYNTAX     SaviObjectsPreferenceEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "An entry  containing savi system-wide parameters for a
            particular IP version.
           "
    INDEX { saviObjectsPreferenceIPVersion  }
    ::=   { saviObjectsPreferenceTable 1 }

SaviObjectsPreferenceEntry ::=
    SEQUENCE {
        saviObjectsPreferenceIPVersion        InetVersion,
        saviObjectsPreferenceSlaac            INTEGER,
        saviObjectsPreferenceDhcp             INTEGER,
        saviObjectsPreferenceSend             INTEGER,



An, et al.                Expires June 18, 2017                [Page 14]


Internet-Draft                  SAVI-MIB                   December 2016


        saviObjectsPreferenceManual           INTEGER
    }

saviObjectsPreferenceIPVersion OBJECT-TYPE
    SYNTAX     InetVersion
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "The IP version "
    ::= { saviObjectsPreferenceEntry 1 }


saviObjectsPreferenceSlaac OBJECT-TYPE
    SYNTAX     INTEGER
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
           "Preference of SAVI-SLAAC. "
    ::= { saviObjectsPreferenceEntry 2 }

saviObjectsPreferenceDhcp OBJECT-TYPE
    SYNTAX     INTEGER
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
           "Preference of SAVI-DHCP."
    ::= { saviObjectsPreferenceEntry 3 }

saviObjectsPreferenceSend OBJECT-TYPE
    SYNTAX     INTEGER
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
           "Preference of SAVI-SEND. "
    ::= { saviObjectsPreferenceEntry 4 }


saviObjectsPreferenceManual OBJECT-TYPE
    SYNTAX     INTEGER
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
           "Preference of SAVI-MANUAL. "
    ::= { saviObjectsPreferenceEntry 5 }







An, et al.                Expires June 18, 2017                [Page 15]


Internet-Draft                  SAVI-MIB                   December 2016


-- Port parameters for SAVI protocol

saviObjectsPortTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF SaviObjectsPortEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "The table containing SAVI parameters of each anchor."
    ::= { saviObjects 3 }

saviObjectsPortEntry OBJECT-TYPE
    SYNTAX     SaviObjectsPortEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "An entry containing SAVI running parameters of an anchor."
    INDEX {
            saviObjectsPortIPVersion,
            saviObjectsPortIfIndex
          }
    ::= { saviObjectsPortTable 1 }


SaviObjectsPortEntry ::=
    SEQUENCE {
        saviObjectsPortIPVersion          InetVersion,
        saviObjectsPortIfIndex            InterfaceIndex,
        saviObjectsPortValidatingAttr     INTEGER,
        saviObjectsPortDhcpTrustAttr      INTEGER,
        saviObjectsPortTrustAttr          INTEGER,
        saviObjectsPortDhcpSnoopingAttr   INTEGER,
        saviObjectsPortDataSnoopingAttr   INTEGER,
        saviObjectsPortFilteringNum       Unsigned32
    }


saviObjectsPortIPVersion      OBJECT-TYPE
    SYNTAX     InetVersion
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "The IP version "
    ::= { saviObjectsPortEntry 1 }

saviObjectsPortIfIndex  OBJECT-TYPE
    SYNTAX     InterfaceIndex
    MAX-ACCESS not-accessible
    STATUS     current



An, et al.                Expires June 18, 2017                [Page 16]


Internet-Draft                  SAVI-MIB                   December 2016


    DESCRIPTION
           "The index value that uniquely identifies the interface to
            which this entry is applicable.  The interface identified by
            a particular value of this index is the same interface as
            identified by the same value of the IF-MIB's ifIndex.
           "
    ::= { saviObjectsPortEntry 2 }

saviObjectsPortValidatingAttr OBJECT-TYPE
    SYNTAX     INTEGER {
                 enable(1),
                 disable(2)
               }
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
           "An attribute defined in SAVI protocol.
            enable(1), the attribute is set.
            disable(2), the attribute is not set.
           "
    ::= { saviObjectsPortEntry 3 }

saviObjectsPortDhcpTrustAttr OBJECT-TYPE
    SYNTAX     INTEGER  {
                 enable(1),
                 disable(2)
               }
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
          "An attribute defined in SAVI protocol.
            enable(1), the attribute is set.
            disable(2), the attribute is not set.
          "
    ::= { saviObjectsPortEntry 4 }

saviObjectsPortTrustAttr OBJECT-TYPE
    SYNTAX     INTEGER  {
                 enable(1),
                 disable(2)
               }
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
          "An attribute defined in SAVI protocol.
            enable(1), the attribute is set.
            disable(2), the attribute is not set.
          "



An, et al.                Expires June 18, 2017                [Page 17]


Internet-Draft                  SAVI-MIB                   December 2016


    ::= { saviObjectsPortEntry 5 }

saviObjectsPortDhcpSnoopingAttr OBJECT-TYPE
    SYNTAX     INTEGER  {
                 enable(1),
                 disable(2)
               }
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
          "An attribute defined in SAVI protocol.
            enable(1), the attribute is set.
            disable(2), the attribute is not set.
          "
    ::= { saviObjectsPortEntry 6 }

saviObjectsPortDataSnoopingAttr OBJECT-TYPE
    SYNTAX     INTEGER  {
                 enable(1),
                 disable(2)
               }
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
          "An attribute defined in SAVI protocol.
            enable(1), the attribute is set.
            disable(2), the attribute is not set.
          "
    ::= { saviObjectsPortEntry 7 }


    saviObjectsPortFilteringNum OBJECT-TYPE
    SYNTAX     Unsigned32
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
           "The max filtering number of the Port."
    ::= { saviObjectsPortEntry 8 }


-- Binding Status Table for SAVI protocol

saviObjectsBindingTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF SaviObjectsBindingEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "The table containing the state of binding



An, et al.                Expires June 18, 2017                [Page 18]


Internet-Draft                  SAVI-MIB                   December 2016


            between source address and anchor.
           "
    ::= { saviObjects 4 }

saviObjectsBindingEntry OBJECT-TYPE
    SYNTAX     SaviObjectsBindingEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "An entry containing the state of binding between source
            address and anchor.
            Entries are keyed on the source IP address type,
            binding type, anchor, and source IP address.
           "
    INDEX {
            saviObjectsBindingIpAddressType,
            saviObjectsBindingMethod,
            saviObjectsBindingIfIndex,
            saviObjectsBindingIpAddress
          }
    ::= { saviObjectsBindingTable 1 }

SaviObjectsBindingEntry ::=
    SEQUENCE {
        saviObjectsBindingIpAddressType  InetAddressType,
        saviObjectsBindingMethod         INTEGER,
        saviObjectsBindingIfIndex        InterfaceIndex,
        saviObjectsBindingIpAddress      InetAddress,
        saviObjectsBindingMacAddr        MacAddress,
        saviObjectsBindingState          INTEGER,
        saviObjectsBindingLifetime       TimeInterval,
        saviObjectsBindingCreationtime   DateAndTime,
        saviObjectsBindingTID            INTEGER,
        saviObjectsBindingRowStatus      RowStatus
     }

saviObjectsBindingIpAddressType OBJECT-TYPE
    SYNTAX     InetAddressType
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "IP address type of the  binding source IP."
    ::= { saviObjectsBindingEntry 1 }

saviObjectsBindingMethod OBJECT-TYPE
    SYNTAX     INTEGER {
                 manual(1),
                 slaac(2),



An, et al.                Expires June 18, 2017                [Page 19]


Internet-Draft                  SAVI-MIB                   December 2016


                 dhcp(3),
                 send(4)
               }
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "IP address assignment methods."
    ::= { saviObjectsBindingEntry 2 }

saviObjectsBindingIfIndex OBJECT-TYPE
    SYNTAX     InterfaceIndex
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "The index value that uniquely identifies the interface to
            which this entry is applicable.  The interface identified by
            a particular value of this index is the same interface as
            identified by the same value of the IF-MIB's ifIndex.
           "
    ::= { saviObjectsBindingEntry 3 }

saviObjectsBindingIpAddress OBJECT-TYPE
    SYNTAX     InetAddress
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "The binding source IP address"
    ::= { saviObjectsBindingEntry 4 }

saviObjectsBindingMacAddr OBJECT-TYPE
    SYNTAX     MacAddress
    MAX-ACCESS read-create
    STATUS     current
    DESCRIPTION
           "The binding source mac address."
    ::= { saviObjectsBindingEntry 5 }

saviObjectsBindingState OBJECT-TYPE
    SYNTAX     INTEGER {
                   NO_BIND(1),
                   INIT_BIND(2),
                   BOUND(3),
                   DETECTION(4),
                   RECOVERY(5),
                   VERIFY(6),
                   TENTATIVE(7),
                   VALID(8),
                   TESTING_TP-LT(9),



An, et al.                Expires June 18, 2017                [Page 20]


Internet-Draft                  SAVI-MIB                   December 2016


                   TESTING_VP(10),
                   TESTING_VP-1(11),
                   TENTATIVE_NUD(12),
                   TENTATIVE_DAD(13)
              }
    MAX-ACCESS read-create
    STATUS     current
    DESCRIPTION
           "The state of the binding entry. "
    ::= { saviObjectsBindingEntry 6 }

saviObjectsBindingLifetime OBJECT-TYPE
    SYNTAX     TimeInterval
    MAX-ACCESS read-create
    STATUS     current
    DESCRIPTION
           "The remaining lifetime of the entry.
            TimeInterval is defined in RFC 2579, it's a period of time,
            measured in units of 0.01 seconds,
            and the value is (0..2147483647).
            If saviObjectsBindingMethod=manual, a value of 2147483647
            represents infinity.
           "
    ::= { saviObjectsBindingEntry 7 }

saviObjectsBindingCreationtime OBJECT-TYPE
    SYNTAX     DateAndTime
    MAX-ACCESS read-create
    STATUS     current
    DESCRIPTION
           "The value of the local clock when the entry was firstly created.
           "
    ::= { saviObjectsBindingEntry 8 }


 saviObjectsBindingTID OBJECT-TYPE
    SYNTAX     INTEGER
    MAX-ACCESS read-create
    STATUS     current
    DESCRIPTION
           "The Transaction ID (TID) (refer to RFC2131 and RFC3315) of  the corresponding DHCP transaction.
           "
    ::= { saviObjectsBindingEntry 9 }



saviObjectsBindingRowStatus OBJECT-TYPE
       SYNTAX     RowStatus



An, et al.                Expires June 18, 2017                [Page 21]


Internet-Draft                  SAVI-MIB                   December 2016


       MAX-ACCESS read-create
       STATUS     current
       DESCRIPTION
             "The status of this row, by which new entries may be
              created, or old entries deleted from this table.
              An Entry can be created or deleted only when
              saviObjectsBindingMethod=manual.
             "
    ::= { saviObjectsBindingEntry 10 }


-- Filtering Table for SAVI protocol

saviObjectsFilteringTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF SaviObjectsFilteringEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "The table containing the filtering entries."
    ::= { saviObjects 5 }

saviObjectsFilteringEntry OBJECT-TYPE
    SYNTAX     SaviObjectsFilteringEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "An entry containing the filtering parameters.
            Entries are keyed on the source IP address type,
            anchor, and source IP address.
           "
    INDEX { saviObjectsFilteringIpAddressType,
            saviObjectsFilteringIfIndex,
            saviObjectsFilteringIpAddress
          }
    ::= { saviObjectsFilteringTable 1 }

SaviObjectsFilteringEntry ::=
    SEQUENCE {
        saviObjectsFilteringIpAddressType  InetAddressType,
        saviObjectsFilteringIfIndex        InterfaceIndex,
        saviObjectsFilteringIpAddress      InetAddress,
        saviObjectsFilteringMacAddr        MacAddress
    }

saviObjectsFilteringIpAddressType OBJECT-TYPE
    SYNTAX     InetAddressType
    MAX-ACCESS not-accessible
    STATUS     current



An, et al.                Expires June 18, 2017                [Page 22]


Internet-Draft                  SAVI-MIB                   December 2016


    DESCRIPTION
           "IP address type of the  filtering source IP"
    ::= { saviObjectsFilteringEntry 1 }

saviObjectsFilteringIfIndex OBJECT-TYPE
    SYNTAX     InterfaceIndex
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "The index value that uniquely identifies the interface to
            which this entry is applicable.  The interface identified by
            a particular value of this index is the same interface as
            identified by the same value of the IF-MIB's ifIndex.
           "
    ::= { saviObjectsFilteringEntry 2 }

saviObjectsFilteringIpAddress OBJECT-TYPE
    SYNTAX     InetAddress
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "The filtering source IP address."
    ::= { saviObjectsFilteringEntry 3 }

saviObjectsFilteringMacAddr OBJECT-TYPE
    SYNTAX     MacAddress
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
           "The filtering source mac address."
    ::= { saviObjectsFilteringEntry 4 }


--Count of packets dropped because of validation failure for each interface.

saviObjectsCountTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF saviObjectsCountEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "The table containing count of packets dropped because of validation failure."
    ::= { saviObjects 6 }

saviObjectsCountEntry OBJECT-TYPE
    SYNTAX     saviObjectsCountEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION



An, et al.                Expires June 18, 2017                [Page 23]


Internet-Draft                  SAVI-MIB                   December 2016


           "An entry containing count of packets dropped because of validation failure for each interface."
    INDEX { saviObjectsCountIPVersion,
            saviObjectsCountIfIndex
          }
    ::= { saviObjectsCountTable 1 }



saviObjectsCountEntry ::=
    SEQUENCE {
        saviObjectsCountIPVersion          InetVersion,
        saviObjectsCountIfIndex            InterfaceIndex,
        saviObjectsCountFilterPkts         Counter64
    }

saviObjectsCountIPVersion      OBJECT-TYPE
    SYNTAX     InetVersion
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
           "The IP version "
    ::= { saviObjectsCountEntry 1 }


saviObjectsCountIfIndex            OBJECT-TYPE
    SYNTAX      InterfaceIndex
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
           "The Interface."
    ::= { saviObjectsCountEntry 2 }


saviObjectsCountFilterPkts OBJECT-TYPE
    SYNTAX     Counter64
    MAX-ACCESS read-write
    STATUS     current
    DESCRIPTION
           "The count of Pkts dropped."
    ::= { saviObjectsCountEntry 3 }



-- Conformance information
saviConformance OBJECT IDENTIFIER ::= { saviMIB 2 }
saviCompliances OBJECT IDENTIFIER ::= { saviConformance 1 }

-- Compliance statements



An, et al.                Expires June 18, 2017                [Page 24]


Internet-Draft                  SAVI-MIB                   December 2016


saviCompliance MODULE-COMPLIANCE
    STATUS current
    DESCRIPTION
           "The compliance statement for entities which implement SAVI
            protocol.
           "
    MODULE
    MANDATORY-GROUPS {
        systemGroup,
        portGroup,
        bindingGroup,
        filteringGroup
    }
    ::= { saviCompliances 1}

saviGroups OBJECT IDENTIFIER ::= { saviConformance 2 }

--Units of conformance

systemGroup OBJECT-GROUP
    OBJECTS {
        saviObjectsSystemSlaacEnable,
        saviObjectsSystemDhcpEnable,
        saviObjectsSystemSendEnable,
        saviObjectsSystemManualEnable,
        saviObjectsSystemMaxDhcpResponseTime,
        saviObjectsSystemDataSnoopingInterval,
        saviObjectsSystemMaxLeaseQueryDelay,
        saviObjectsSystemOffLinkDelay,
        saviObjectsSystemDetectionTimeout,
        saviObjectsSystemTentLT,
        saviObjectsSystemDefaultLT,
        saviObjectsSystemTWAIT
    }
    STATUS current
    DESCRIPTION
           "The system group contains objects corrsponding to savi system
            parameters.
           "
    ::= {saviGroups 1}

portGroup OBJECT-GROUP
    OBJECTS {
        saviObjectsPortValidatingAttr,
        saviObjectsPortDhcpTrustAttr,
        saviObjectsPortTrustAttr,
        saviObjectsPortDhcpSnoopingAttr,
        saviObjectsPortDataSnoopingAttr,



An, et al.                Expires June 18, 2017                [Page 25]


Internet-Draft                  SAVI-MIB                   December 2016


        saviObjectsPortFilteringNum
    }
    STATUS current
    DESCRIPTION
           "The if group contains objects corresponding to the savi running
            parameters of each anchor.
           "
    ::= {saviGroups 2}

bindingGroup OBJECT-GROUP
    OBJECTS {
        saviObjectsBindingMacAddr,
        saviObjectsBindingState,
        saviObjectsBindingLifetime,
        saviObjectsBindingCreationtime,
        saviObjectsBindingTID,
        saviObjectsBindingRowStatus
    }
    STATUS current
    DESCRIPTION
           "The binding group contains the binding
            information of anchor and soure ip address.
           "
    ::= {saviGroups 3}

filteringGroup OBJECT-GROUP
    OBJECTS {
          saviObjectsFilteringMacAddr
    }
    STATUS current
    DESCRIPTION
           "The filtering group contains the filtering
            information of anchor and soure ip address.
           "
    ::= {saviGroups 4}

END



9.  Security Considerations

   There are a number of management objects defined in this MIB module
   with a MAX-ACCESS clause of read-write and/or read-create.  Such
   objects may be considered sensitive or vulnerable in some network
   environments.  The support for SET operations in a non-secure
   environment without proper protection can have a negative effect on




An, et al.                Expires June 18, 2017                [Page 26]


Internet-Draft                  SAVI-MIB                   December 2016


   network operations.  These are the tables and objects and their
   sensitivity/vulnerability:

   o  saviObjectsSystemTable - Unauthorized changes to the writable
      objects under saviObjectsSystemTable MAY disrupt allocation of
      resources in the network.  For example, a device's SAVI system
      mode be changed by set operation to SAVI-DISABLE will give chance
      to IP source address spoofing.

   o  saviObjectsPortTable - Unauthorized changes to the writable
      objects under saviObjectsPortTable MAY disrupt allocation of
      resources in the network.  For example, an anchor's ValidatingAttr
      be changed by set operation to DISABLE will give chance to IP
      source address spoofing.

   o  saviObjectsBindingTable - Unauthorized changes to the writable
      objects under this table MAY disrupt allocation of resources in
      the network.  For example, a manual binding entry is inserted to
      the BST will give chance to IP source address spoofing.

   Some of the readable objects in this MIB module (i.e., objects with a
   MAX-ACCESS other than not-accessible) may be considered sensitive or
   vulnerable in some network environments.  It is thus important to
   control even GET and/or NOTIFY access to these objects and possibly
   to even encrypt the values of these objects when sending them over
   the network via SNMP.  These are the tables and objects and their
   sensitivity/vulnerability:

   o  saviObjectsBindingTable, saviObjectsFilteringTable - The IP
      address and binding anchor information will be helpful to some
      attacks.

   SNMP versions prior to SNMPv3 did not include adequate security.
   Even if the network itself is secure (for example by using IPsec),
   there is no control as to who on the secure network is allowed to
   access and GET/SET (read/change/create/delete) the objects in this
   MIB module.

   It is RECOMMENDED that implementers consider the security features as
   provided by the SNMPv3 framework (see [RFC3410], section 8),
   including full support for the SNMPv3 cryptographic mechanisms (for
   authentication and privacy).

   Further, deployment of SNMP versions prior to SNMPv3 is NOT
   RECOMMENDED.  Instead, it is RECOMMENDED to deploy SNMPv3 and to
   enable cryptographic security.  It is then a customer/operator
   responsibility to ensure that the SNMP entity giving access to an
   instance of this MIB module is properly configured to give access to



An, et al.                Expires June 18, 2017                [Page 27]


Internet-Draft                  SAVI-MIB                   December 2016


   the objects only to those principals (users) that have legitimate
   rights to indeed GET or SET (change/create/delete) them.

10.  IANA Considerations

        The MIB module in this document uses the following IANA-assigned
        OBJECT IDENTIFIER values recorded in the SMI Numbers registry:

        Descriptor        OBJECT IDENTIFIER value
        ----------        -----------------------
        SAVI-MIB         { ip XXX }

11.  Contributors

12.  References

12.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <http://www.rfc-editor.org/info/rfc2119>.

   [RFC2578]  McCloghrie, K., Ed., Perkins, D., Ed., and J.
              Schoenwaelder, Ed., "Structure of Management Information
              Version 2 (SMIv2)", STD 58, RFC 2578,
              DOI 10.17487/RFC2578, April 1999,
              <http://www.rfc-editor.org/info/rfc2578>.

   [RFC2579]  McCloghrie, K., Ed., Perkins, D., Ed., and J.
              Schoenwaelder, Ed., "Textual Conventions for SMIv2",
              STD 58, RFC 2579, DOI 10.17487/RFC2579, April 1999,
              <http://www.rfc-editor.org/info/rfc2579>.

   [RFC2580]  McCloghrie, K., Ed., Perkins, D., Ed., and J.
              Schoenwaelder, Ed., "Conformance Statements for SMIv2",
              STD 58, RFC 2580, DOI 10.17487/RFC2580, April 1999,
              <http://www.rfc-editor.org/info/rfc2580>.

   [RFC4001]  Daniele, M., Haberman, B., Routhier, S., and J.
              Schoenwaelder, "Textual Conventions for Internet Network
              Addresses", RFC 4001, DOI 10.17487/RFC4001, February 2005,
              <http://www.rfc-editor.org/info/rfc4001>.








An, et al.                Expires June 18, 2017                [Page 28]


Internet-Draft                  SAVI-MIB                   December 2016


   [RFC6620]  Nordmark, E., Bagnulo, M., and E. Levy-Abegnoli, "FCFS
              SAVI: First-Come, First-Served Source Address Validation
              Improvement for Locally Assigned IPv6 Addresses",
              RFC 6620, DOI 10.17487/RFC6620, May 2012,
              <http://www.rfc-editor.org/info/rfc6620>.

   [RFC2131]  Droms, R., "Dynamic Host Configuration Protocol",
              RFC 2131, DOI 10.17487/RFC2131, March 1997,
              <http://www.rfc-editor.org/info/rfc2131>.

   [RFC3315]  Droms, R., Ed., Bound, J., Volz, B., Lemon, T., Perkins,
              C., and M. Carney, "Dynamic Host Configuration Protocol
              for IPv6 (DHCPv6)", RFC 3315, DOI 10.17487/RFC3315, July
              2003, <http://www.rfc-editor.org/info/rfc3315>.

   [RFC7039]  Wu, J., Bi, J., Bagnulo, M., Baker, F., and C. Vogt, Ed.,
              "Source Address Validation Improvement (SAVI) Framework",
              RFC 7039, DOI 10.17487/RFC7039, October 2013,
              <http://www.rfc-editor.org/info/rfc7039>.

   [RFC7219]  Bagnulo, M. and A. Garcia-Martinez, "SEcure Neighbor
              Discovery (SEND) Source Address Validation Improvement
              (SAVI)", RFC 7219, DOI 10.17487/RFC7219, May 2014,
              <http://www.rfc-editor.org/info/rfc7219>.

   [RFC7513]  Bi, J., Wu, J., Yao, G., and F. Baker, "Source Address
              Validation Improvement (SAVI) Solution for DHCP",
              RFC 7513, DOI 10.17487/RFC7513, May 2015,
              <http://www.rfc-editor.org/info/rfc7513>.

12.2.  Informative References

   [RFC2223]  Postel, J. and J. Reynolds, "Instructions to RFC Authors",
              RFC 2223, DOI 10.17487/RFC2223, October 1997,
              <http://www.rfc-editor.org/info/rfc2223>.

   [RFC3410]  Case, J., Mundy, R., Partain, D., and B. Stewart,
              "Introduction and Applicability Statements for Internet-
              Standard Management Framework", RFC 3410,
              DOI 10.17487/RFC3410, December 2002,
              <http://www.rfc-editor.org/info/rfc3410>.

   [RFC2629]  Rose, M., "Writing I-Ds and RFCs using XML", RFC 2629,
              DOI 10.17487/RFC2629, June 1999,
              <http://www.rfc-editor.org/info/rfc2629>.






An, et al.                Expires June 18, 2017                [Page 29]


Internet-Draft                  SAVI-MIB                   December 2016


   [RFC4181]  Heard, C., Ed., "Guidelines for Authors and Reviewers of
              MIB Documents", BCP 111, RFC 4181, DOI 10.17487/RFC4181,
              September 2005, <http://www.rfc-editor.org/info/rfc4181>.

   [RFC2863]  McCloghrie, K. and F. Kastenholz, "The Interfaces Group
              MIB", RFC 2863, DOI 10.17487/RFC2863, June 2000,
              <http://www.rfc-editor.org/info/rfc2863>.

   [RFC4293]  Routhier, S., Ed., "Management Information Base for the
              Internet Protocol (IP)", RFC 4293, DOI 10.17487/RFC4293,
              April 2006, <http://www.rfc-editor.org/info/rfc4293>.

12.3.  URL References

   [idguidelines]
              IETF Internet Drafts editor,
              "http://www.ietf.org/ietf/1id-guidelines.txt".

   [idnits]   IETF Internet Drafts editor,
              "http://www.ietf.org/ID-Checklist.html".

   [xml2rfc]  XML2RFC tools and documentation,
              "http://xml.resource.org".

   [ops]      the IETF OPS Area, "http://www.ops.ietf.org".

   [ietf]     IETF Tools Team, "http://tools.ietf.org".
























An, et al.                Expires June 18, 2017                [Page 30]


Internet-Draft                  SAVI-MIB                   December 2016


Appendix A.  Change Log

   From draft 00 to draft 01

   o  Change the value range of object saviObjectsSystemMode and add a
      new value savi-send(6).

   From draft 01 to draft 02

   o  Change saviObjectsTrustStatus into two booleans, one is
      saviObjectsDhcpTrustStatus, another is saviObjectsRaTrustStatus.

   o  Change the character string saviObjectsIf to saviObjectsPort
      globally.

   o  Change saviObjectsBindingState according to the latest version of
      solution drafts.

   From draft 02 to draft 03

   o  Add a new object saviObjectsPortBindRecoveryAttr, and change the
      object saviObjectsPortRaTrustStatus to saviObjectsPortTrustAttr
      according to the latest version of solution drafts and RFC.

   o  Change the value range and meaning of saviObjectsBindingState
      according to the latest version of solution drafts and RFC.

   o  Change the value range of object saviObjectsBindingType, add a new
      value send(4), and change the value static(1) to manual(1).

   From draft 03 to draft 04

   o  Add three new objects according to the latest version of solution
      drafts and RFC, i.e. saviObjectsSystemTentLT,
      saviObjectsSystemDefaultLT, saviObjectsSystemTWAIT.

   From draft 04 to draft 05

   o  Add two new objects according to the latest version of solution
      drafts and RFC, i.e. saviObjectsBindingCreationtime,
      saviObjectsBindingTID.

   From draft 05 to draft 06

   o  Add three new objects, saviObjectsSystemDadTimeout,
      saviObjectsPortDhcpSnoopingAttr and
      saviObjectsPortDataSnoopingAttr.




An, et al.                Expires June 18, 2017                [Page 31]


Internet-Draft                  SAVI-MIB                   December 2016


   o  Replace object saviObjectsSystemBindRecoveryInterval with
      saviObjectsSystemDataSnoopingInterval.

   o  Replace object saviObjectsPortSAVISAVIAttr with
      saviObjectsPortTrustAttr.

   o  Delete object saviObjectsPortBindRecoveryAttr.

   From draft 06 to draft 07

   o  Replace object saviObjectsSystemDadTimeout with
      saviObjectsSystemDetectionTimeout.

   From draft 07 to draft 08

   o  Add a new table to count the fail packets of each interface.

   From draft 08 to draft 09

   o  Change the value range and meaning of saviObjectsBindingState
      according to the latest version of solution RFC.

   From draft 09 to draft 10

   o  Replace object saviObjectsSystemMode with
      saviObjectsSystemSlaacEnable, saviObjectsSystemDhcpEnable,
      saviObjectsSystemSendEnable, saviObjectsManualEnable.

   From draft 10 to draft 11

   o  Add a new table SaviObjectsPreferenceTable to reflect the
      preference of each savi method.

   From draft 11 to draft 12

   o  Replace object saviObjectsBindingType with
      saviObjectsBindingMethod.

Appendix B.  Open Issues

   Note to RFC Editor: please remove this appendix before publication as
   an RFC.

Authors' Addresses







An, et al.                Expires June 18, 2017                [Page 32]


Internet-Draft                  SAVI-MIB                   December 2016


   Changqing An
   CERNET
   Network Research Center, Tsinghua University
   Beijing  100084
   China

   Phone: +86 10 62603113
   EMail: acq@cernet.edu.cn


   Jiahai Yang
   CERNET
   Network Research Center, Tsinghua University
   Beijing  100084
   China

   Phone: +86 10 62783492
   EMail: yang@cernet.edu.cn


   Jianping Wu
   CERNET
   Network Research Center, Tsinghua University
   Beijing  100084
   China

   EMail: jianping@cernet.edu.cn


   Jun Bi
   CERNET
   Network Research Center, Tsinghua University
   Beijing  100084
   China

   EMail: junbi@cernet.edu.cn















An, et al.                Expires June 18, 2017                [Page 33]


Html markup produced by rfcmarkup 1.122, available from https://tools.ietf.org/tools/rfcmarkup/