Forwarding and Control Element                                   R. Haas
Separation (forces)                                                  IBM

Expires: October 3, 2006 January 5, 2007

                               ForCES MIB
                        draft-ietf-forces-mib-02
                        draft-ietf-forces-mib-03

Status of this Memo

   By submitting this Internet-Draft, each author represents that any
   applicable patent or other IPR claims of which he or she is aware
   have been or will be disclosed, and any of which he or she becomes
   aware will be disclosed, in accordance with Section 6 of BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on October 3, 2006. January 5, 2007.

Copyright Notice

   Copyright (C) The Internet Society (2006).

Abstract

   This memo defines a Management Information Base (MIB) for use with
   network management protocols in the Internet community.  In
   particular, it defines a MIB for the Forwarding and Control Element
   Separation (ForCES) Network Element (NE).  The ForCES working group
   is defining a protocol to allow a Control Element (CE) to control the
   behavior of a Forwarding Element (FE).

Table of Contents

   1.  Requirements notation  . . . . . . . . . . . . . . . . . . . .  3
   2.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
   3.  Design of the ForCES MIB . . . . . . . . . . . . . . . . . . .  3
   4.  Association State  . . . . . . . . . . . . . . . . . . . . . .  3
   5.  ForCES MIB Definition  . . . . . . . . . . . . . . . . . . . .  4
   6.  Security Considerations  . . . . . . . . . . . . . . . . . . .  9 10
   7.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 10 11
   8.  Changes from Previous Draft Revisions  . . . . . . . . . . . . 10 11
   9.  References . . . . . . . . . . . . . . . . . . . . . . . . . . 10 12
     9.1.  Normative References . . . . . . . . . . . . . . . . . . . 10 12
     9.2.  Informative References . . . . . . . . . . . . . . . . . . 11 12
   Appendix A.  Acknowledgments . . . . . . . . . . . . . . . . . . . 11 12
   Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 12 13
   Intellectual Property and Copyright Statements . . . . . . . . . . 13 14

1.  Requirements notation

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

2.  Introduction

   The ForCES MIB is a primarily read-only MIB that captures information
   related to the ForCES protocol ([RFC3654], [RFC3746], [forces-
   applicability-draft] and [forces-protocol-draft]).

   The ForCES MIB does not include information that is specified in
   other MIBs, such as packet counters for interfaces, etc.

   More specifically, the information in the ForCES MIB relative to
   associations that are up includes:

   o  identifiers of the elements in the association,

   o  configuration parameters of the association, and

   o  statistics of the association.

3.  Design of the ForCES MIB

   In an NE composed of one or more FEs and a single CE, the CE is
   clearly aware of all associations and hence can provide this
   information in a single ForCES MIB.  In contrast, in an NE composed
   of more than one CE, such association information is distributed and
   hence more than one ForCES MIB may be necessary, unless this
   information is aggregated into a single ForCES MIB by some means
   beyond the scope of this document.  Nevertheless, the ForCES MIB
   design is compatible with both the single-CE and the multiple-CE
   case.

4.  Association State

   Only associations that are UP are shown in the MIB.  Associations
   enter the UP state as soon as the CE has sent to the FE an
   Association Setup Response message containing a successful
   Association Setup Result.

   Associations are removed from the MIB as soon as they leave the UP
   state, i.e., if the CE has not received any message (Heartbeat or
   other protocol message) from the FE within a given time period or if
   an Association Teardown message has been sent by the CE.

5.  ForCES MIB Definition

   The MIB contains the latest ForCES protocol version supported by the
   CE.  Note that the CE must also allow interaction with FEs supporting
   earlier versions.

   For each association identified by the pair CE ID and FE ID, the
   following associated information is provided by the MIB:

   o  Version number of the ForCES protocol running in this association.

   o  Time when the association entered the UP state.

   o  Time when the association left the UP state.  Note that this is
      only used for notification purposes as the association is removed
      from the MIB immediately after it leaves the UP state.

   o  Number of ForCES Heartbeat messages sent from the CE and received
      by the CE since the association is UP.

   o  Number of other ForCES messages sent from the CE and received by
      the CE since the association is UP.  Only messages other than
      Heartbeat, Association Setup, Association Setup Response, and
      Association Teardown are counted.

   Finally, the MIB defines the following notifications:

   o  Whenever an association enters the UP state, a notification is
      issued containing the version of the ForCES protocol running.
      Note that as CE ID and FE IDs. ID are indexes, they appear in the OID
      of the ForCES-protocol running-version object.

   o  Whenever an association leaves the UP state, a notification is
      issued containing the CE and FE IDs as well as all other associated information for this association.
      The reason is that the association and all its associated
      information will be removed from the MIB immediately after this
      notification has been issued.

         FORCES-MIB DEFINITIONS ::= BEGIN

         IMPORTS
             MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
               Counter32
               FROM SNMPv2-SMI

             TEXTUAL-CONVENTION, TimeStamp
               FROM SNMPv2-TC;

         forcesMIB SNMPv2-TC

             MODULE-COMPLIANCE, OBJECT-GROUP,
             NOTIFICATION-GROUP
               FROM SNMPv2-CONF;

         forcesMib MODULE-IDENTITY
             LAST-UPDATED "200606261200Z" "200607041200Z"  -- Jun 26, Jul 4, 2006
             ORGANIZATION "Forwarding and Control Element Separation
                           (ForCES) Working Group"
             CONTACT-INFO
                 "Robert Haas (rha@zurich.ibm.com), IBM"
             DESCRIPTION
                 "Initial version, published as RFC yyyy. This
                 "This MIB contains managed object definitions for the
                  ForCES Protocol."
             REVISION "200607041200Z"  -- Jul 4, 2006
             DESCRIPTION
               "Initial version, published as RFC yyyy."
    -- RFC Ed.: replace yyyy with actual RFC number & remove this note
             ::= { mib-2 XXX }
    -- RFC Ed.: replace XXX with IANA-assigned number & remove this note

    --****************************************************************

         forcesMibNotifications OBJECT IDENTIFIER ::= { forcesMib 0 }
         forcesMibObjects       OBJECT IDENTIFIER ::= { forcesMib 1 }
         forcesMibConformance   OBJECT IDENTIFIER ::= { forcesMib 2 }

         ForcesID ::= TEXTUAL-CONVENTION
             STATUS      current
             DESCRIPTION
                 "The ForCES identifier is a four octet quantity."
             SYNTAX      OCTET STRING (SIZE (4))

         ForcesProtocolVersion ::= TEXTUAL-CONVENTION
             STATUS      current
             DESCRIPTION
                 "ForCES protocol version number."
             SYNTAX      INTEGER (1..255)

   -- Notifications

         forcesAssociationEntryUp NOTIFICATION-TYPE
            OBJECTS     {
               forcesAssociationRunningProtocolVersion
            }
            STATUS      current
            DESCRIPTION
                 "This notification is generated when a
                   forcesAssociationEntry object is created."
            ::= { forcesMibNotifications 1 }

          forcesAssociationEntryDown NOTIFICATION-TYPE
            OBJECTS     {
               forcesAssociationRunningProtocolVersion,
               forcesAssociationTimeUp,
               forcesAssociationTimeDown,
               forcesAssociationHBMsgSent,
               forcesAssociationHBMsgReceived,
               forcesAssociationOtherMsgSent,
               forcesAssociationOtherMsgReceived                }
            STATUS      current
            DESCRIPTION
                 "This notification is generated when a
                   forcesAssociationEntry object is destroyed."
            ::= { forcesMibNotifications 2 }

   -- Objects

         forcesLatestProtocolVersionSupported OBJECT-TYPE
             SYNTAX      ForcesProtocolVersion
             MAX-ACCESS  read-only
             STATUS      current
             DESCRIPTION
                    "The ForCES protocol version supported by the CE.
                     The current protocol version is 1.
                     Note that the CE must also allow interaction
                     with FEs supporting earlier versions."
             ::= { forcesMIB forcesMibObjects 1 }

         forcesAssociations OBJECT IDENTIFIER ::= { forcesMIB forcesMibObjects 2 }

         forcesAssociationTable OBJECT-TYPE
             SYNTAX SEQUENCE OF ForcesAssociationEntry
             MAX-ACCESS not-accessible
             STATUS current
             DESCRIPTION
                    "The (conceptual) table of associations."
             ::= { forcesAssociations 1 }

         forcesAssociationEntry OBJECT-TYPE
             SYNTAX ForcesAssociationEntry
             MAX-ACCESS not-accessible
             STATUS current
             DESCRIPTION
                    "A (conceptual) entry for one association."
             INDEX { forcesAssociationCEID, forcesAssociationFEID }
             ::= { forcesAssociationTable 1 }

         ForcesAssociationEntry ::= SEQUENCE {
                 forcesAssociationCEID             ForcesID,
                 forcesAssociationFEID             ForcesID,

                 forcesAssociationRunningProtocolVersion
                                             ForcesProtocolVersion,

                 forcesAssociationTimeUp           TimeStamp,
                 forcesAssociationTimeDown         TimeStamp,

                 forcesAssociationHBMsgSent        Counter32,
                 forcesAssociationHBMsgReceived    Counter32,
                 forcesAssociationOtherMsgSent     Counter32,
                 forcesAssociationOtherMsgReceived Counter32     }

         forcesAssociationCEID OBJECT-TYPE
             SYNTAX ForcesID
             MAX-ACCESS read-only not-accessible
             STATUS current
             DESCRIPTION
                    "The ForCES ID of the CE."
             ::= { forcesAssociationEntry 1 2 }

         forcesAssociationFEID OBJECT-TYPE
             SYNTAX ForcesID
             MAX-ACCESS read-only not-accessible
             STATUS current
             DESCRIPTION
                    "The ForCES ID of the FE."
             ::= { forcesAssociationEntry 2 3 }

         forcesAssociationRunningProtocolVersion OBJECT-TYPE
             SYNTAX      ForcesProtocolVersion
             MAX-ACCESS  read-only
             STATUS      current
             DESCRIPTION
             "The current ForCES protocol version used in this
              association.
              The current protocol version is 1."
             ::= { forcesAssociationEntry 3 4 }
         forcesAssociationTimeUp OBJECT-TYPE
             SYNTAX TimeStamp
             MAX-ACCESS read-only
             STATUS current
             DESCRIPTION
                    "The value of sysUpTime at the time this
                     association entered the UP state.
                     If this association started prior to the last
                     initialization of the network subsystem, then
                     this object contains a zero value."
             ::= { forcesAssociationEntry 4 5 }

         forcesAssociationTimeDown OBJECT-TYPE
             SYNTAX TimeStamp
             MAX-ACCESS read-only
             STATUS current
             DESCRIPTION
                    "The value of sysUpTime at the time this
                     association left the UP state."
             ::= { forcesAssociationEntry 5 6 }

         forcesAssociationHBMsgSent OBJECT-TYPE
             SYNTAX Counter32
             MAX-ACCESS read-only
             STATUS current
             DESCRIPTION
                    "A counter of how many heartbeat messages have
                     have been sent by the CE on this association
                     since it is up.
                     If this association started prior to the last
                     initialization of the network subsystem, then
                     this object contains the value since the
                     initialization."
             ::= { forcesAssociationEntry 6} 7}

         forcesAssociationHBMsgReceived OBJECT-TYPE
             SYNTAX Counter32
             MAX-ACCESS read-only
             STATUS current
             DESCRIPTION
                    "A counter of how many heartbeat messages
                     have been received by the CE on this association
                     since it is up.
                     If this association started prior to the last
                     initialization of the network subsystem, then
                     this object contains the value since the
                     initialization."
             ::= { forcesAssociationEntry 7} 8}
         forcesAssociationOtherMsgSent OBJECT-TYPE
             SYNTAX Counter32
             MAX-ACCESS read-only
             STATUS current
             DESCRIPTION
                    "A counter of how many messages other than
                     heartbeat (i.e., config and query)
                     have been sent by the CE on this association
                     since it is up.
                     If this association started prior to the last
                     initialization of the network subsystem, then
                     this object contains the value since the
                     initialization."
             ::= { forcesAssociationEntry 8} 9}

         forcesAssociationOtherMsgReceived OBJECT-TYPE
             SYNTAX Counter32
             MAX-ACCESS read-only
             STATUS current
             DESCRIPTION
                    "A counter of how many messages other than
                     heartbeat (i.e., config response, query response,
                     event notification, and packet redirect)
                     have been received by the CE on this association
                     since it is up.
                     If this association started prior to the last
                     initialization of the network subsystem, then
                     this object contains the value since the
                     initialization."
             ::= { forcesAssociationEntry 9}

         forcesAssociationEntryUp NOTIFICATION-TYPE 10}

   -- Conformance

         forcesMibCompliances   OBJECT IDENTIFIER
                                  ::= { forcesMibConformance 1 }
         forcesMibGroups        OBJECT IDENTIFIER
                                  ::= { forcesMibConformance 2 }

   -- Compliance statements

         forcesMibCompliance  MODULE-COMPLIANCE
             STATUS current
             DESCRIPTION
               "The compliance statement for routers running ForCES and
               implementing the ForCES MIB."
             MODULE  -- this module
             MANDATORY-GROUPS { forcesMibGroup, forcesNotificationGroup}
             ::= { forcesMibCompliances 1 }

   -- Units of conformance

         forcesNotificationGroup NOTIFICATION-GROUP
             NOTIFICATIONS { forcesAssociationEntryUp,
                             forcesAssociationEntryDown
                           }
             STATUS  current
             DESCRIPTION

               "A collection of notifications for signaling important
                ForCES events."
             ::= { forcesMibGroups 1 }

         forcesMibGroup OBJECT-GROUP
             OBJECTS {
               forcesAssociationCEID,
               forcesAssociationFEID forcesAssociationRunningProtocolVersion }
             STATUS  current
             DESCRIPTION
                 "This notification is generated when a
                   forcesAssociationEntry object is created."
               "A collection of objects to support management of ForCES
                routers."
           ::= { forcesAssociations forcesMibGroups 2 }

          forcesAssociationEntryDown NOTIFICATION-TYPE

         forcesStatsGroup OBJECT-GROUP
             OBJECTS {
               forcesAssociationCEID,
               forcesAssociationFEID,
               forcesAssociationRunningProtocolVersion, forcesAssociationTimeUp,
                       forcesAssociationTimeDown,
                       forcesAssociationHBMsgSent,
                       forcesAssociationHBMsgReceived,
                       forcesAssociationOtherMsgSent,
                       forcesAssociationOtherMsgReceived
                     }
             STATUS  current
             DESCRIPTION
                 "This notification is generated when a
                   forcesAssociationEntry object
               "A collection of optional objects to provide extra
                information about the associations. There is destroyed." no protocol
                reason to keep such information, but these objects can
                be very useful in debugging connectivity problems."
           ::= { forcesAssociations forcesMibGroups 3 }

         END

6.  Security Considerations

   Some of the readable objects in this MIB module may be considered
   sensitive or vulnerable in some network environment.

   SNMP versions prior to SNMPv3 did not include adequate security.

   Even if the network itself is secure (for example by using IPSec),
   even then, there is no control as to who on the secure network is
   allowed to access and GET/SET (read/change/create/delete) the objects
   in this MIB module.

   It is RECOMMENDED that implementers consider the security features as
   provided by the SNMPv3 framework (see [RFC3410], section 8),
   including full support for the SNMPv3 cryptographic mechanisms (for
   authentication and privacy).

   Further, deployment of SNMP versions prior to SNMPv3 is NOT
   RECOMMENDED.  Instead, it is RECOMMENDED to deploy SNMPv3 and to
   enable cryptographic security.  It is then a customer/operator
   responsibility to ensure that the SNMP entity giving access to an
   instance of this MIB module is properly configured to give access to
   the objects only to those principals (users) that have legitimate
   rights to indeed GET or SET (change/create/delete) them.

7.  IANA Considerations

   IANA will need to assign a number to this MIB.

8.  Changes from Previous Draft Revisions

   Changes from draft-ietf-forces-mib-02.  They are refinements of the
   MIB:

   o  Changed forcesAssociationCEID and forcesAssociationFEID from read-
      only to not-accessible to conform with Section 7.7 in [RFC2578].

   o  Removed forcesAssociationCEID and forcesAssociationFEID from the
      notifications.  This information is conveyed in the OID anyway.

   o  Added MIB conformance information.

   Changes from draft-ietf-forces-mib-01.  The changes are in response
   to the Working Group Last Call:

   o  Addition of two traps/notifications to signal the associations
      that enter or leave the UP state.

   o  Suppression of the DOWN and ESTABLISHING states.  Only
      associations in the UP state are kept in the table.

   o  Split of the Message counters into Heartbeat and other messages.

   o  Addition of the current running version of ForCES protocol for
      each association in the UP state.

   o  Addition of the latest version of the ForCES protocol supported by
      the CE.

9.  References

9.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC2578]  McCloghrie, K., Ed., Perkins, D., Ed., and J.
              Schoenwaelder, Ed., "Structure of Management Information
              Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.

   [RFC3410]  Case, J., Mundy, R., Partain, D., and B. Stewart,
              "Introduction and Applicability Statements for Internet-
              Standard Management Framework", RFC 3410, December 2002.

   [RFC3654]  Khosravi, H. and T. Anderson, "Requirements for Separation
              of IP Control and Forwarding", RFC 3654, November 2003.

   [RFC3746]  Yang, L., Dantu, R., Anderson, T., and R. Gopal,
              "Forwarding and Control Element Separation (ForCES)
              Framework", RFC 3746, April 2004.

   [forces-protocol-draft]
              Doria, A., Haas, R., Hadi Salim, J., Khosravi, H., and W.
              Wang, "ForCES Protocol Specification", ID Document:
              draft-ietf-forces-protocol-08.txt, March 2006.

9.2.  Informative References

   [forces-applicability-draft]
              Crouch, A., Khosravi, H., Handley, M., and A. Doria,
              "ForCES Applicability Statement", ID Document:
              draft-ietf-forces-applicability-04.txt, February 2006.

Appendix A.  Acknowledgments

   The author gratefully acknowledges the contributions of: Jinrong
   Fenggen, Xiaoyi Guo, Joel Halpern, Tom Petch, and Jamal Hadi Salim.

Author's Address

   Robert Haas
   IBM
   Saeumerstrasse 4
   Rueschlikon  8803
   CH

   Email: rha@zurich.ibm.com
   URI:   http://www.zurich.ibm.com/~rha

Intellectual Property Statement

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at
   ietf-ipr@ietf.org.

Disclaimer of Validity

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
   ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
   INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
   INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Copyright Statement

   Copyright (C) The Internet Society (2006).  This document is subject
   to the rights, licenses and restrictions contained in BCP 78, and
   except as set forth therein, the authors retain all their rights.

Acknowledgment

   Funding for the RFC Editor function is currently provided by the
   Internet Society.