draft-ietf-opsawg-operations-and-management-00.txt   draft-ietf-opsawg-operations-and-management-01.txt 
Network Working Group D. Harrington Network Working Group D. Harrington
Internet-Draft Huawei Technologies USA Internet-Draft Huawei Technologies USA
Intended status: Best Current September 12, 2007 Intended status: Best Current November 14, 2007
Practice Practice
Expires: March 15, 2008 Expires: May 17, 2008
Guidelines for Considering Operations and Management of New Protocols Guidelines for Considering Operations and Management of New Protocols
draft-ietf-opsawg-operations-and-management-00 draft-ietf-opsawg-operations-and-management-01
Status of This Memo Status of This Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 35 skipping to change at page 1, line 35
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on March 15, 2008. This Internet-Draft will expire on May 17, 2008.
Copyright Notice Copyright Notice
Copyright (C) The IETF Trust (2007). Copyright (C) The IETF Trust (2007).
Abstract Abstract
New protocols or protocol extensions are best designed with due New protocols or protocol extensions are best designed with due
consideration of operations and management issues related to the consideration of operations and management issues related to the
protocol. Retrofitting operations and management recommendations to protocol. Retrofitting operations and management recommendations to
protocols is sub-optimal. The purpose of this document is to provide protocols is sub-optimal. The purpose of this document is to provide
guidance to authors of protocol documents about aspects to consider guidance to authors and reviewers of documents defining new protocols
related to the operations and management that should be considered or protocol extensions, covering aspects of operations and management
for inclusion in documents defining requirements or functionality of that should be considered.
new protocols or protocol extensions.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 5
2. Design for Operations and Management . . . . . . . . . . . . . 5 2. Design for Operations and Management . . . . . . . . . . . . . 5
2.1. Motivation . . . . . . . . . . . . . . . . . . . . . . . . 6 2.1. IETF Management Framework . . . . . . . . . . . . . . . . 5
3. Operational Considerations . . . . . . . . . . . . . . . . . . 7 3. Operational Considerations . . . . . . . . . . . . . . . . . . 6
3.1. Operations Model . . . . . . . . . . . . . . . . . . . . . 7 3.1. Operations Model . . . . . . . . . . . . . . . . . . . . . 7
3.2. Installation and Initial Setup . . . . . . . . . . . . . . 8 3.2. Installation and Initial Setup . . . . . . . . . . . . . . 8
3.3. Migration Path . . . . . . . . . . . . . . . . . . . . . . 8 3.3. Migration Path . . . . . . . . . . . . . . . . . . . . . . 8
3.4. Requirements on Other Protocols and Functional 3.4. Requirements on Other Protocols and Functional
Components . . . . . . . . . . . . . . . . . . . . . . . . 8 Components . . . . . . . . . . . . . . . . . . . . . . . . 8
3.5. Impact on Network Operation . . . . . . . . . . . . . . . 8 3.5. Impact on Network Operation . . . . . . . . . . . . . . . 8
3.6. Verifying Correct Operation . . . . . . . . . . . . . . . 9 3.6. Verifying Correct Operation . . . . . . . . . . . . . . . 9
4. Management Considerations . . . . . . . . . . . . . . . . . . 9 4. Management Considerations . . . . . . . . . . . . . . . . . . 9
4.1. Interoperability . . . . . . . . . . . . . . . . . . . . . 10 4.1. Interoperability . . . . . . . . . . . . . . . . . . . . . 10
4.2. Management Information . . . . . . . . . . . . . . . . . . 12 4.2. Management Information . . . . . . . . . . . . . . . . . . 12
4.3. Fault Management . . . . . . . . . . . . . . . . . . . . . 13 4.3. Fault Management . . . . . . . . . . . . . . . . . . . . . 13
4.3.1. Liveness Detection and Monitoring . . . . . . . . . . 13 4.3.1. Liveness Detection and Monitoring . . . . . . . . . . 13
4.3.2. Fault Determination . . . . . . . . . . . . . . . . . 13 4.3.2. Fault Determination . . . . . . . . . . . . . . . . . 14
4.3.3. Fault Isolation . . . . . . . . . . . . . . . . . . . 13 4.3.3. Fault Isolation . . . . . . . . . . . . . . . . . . . 14
4.3.4. Corrective Action . . . . . . . . . . . . . . . . . . 14 4.3.4. Corrective Action . . . . . . . . . . . . . . . . . . 14
4.4. Configuration Management . . . . . . . . . . . . . . . . . 14 4.4. Configuration Management . . . . . . . . . . . . . . . . . 14
4.4.1. Verifying Correct Operation . . . . . . . . . . . . . 15 4.4.1. Verifying Correct Operation . . . . . . . . . . . . . 16
4.4.2. Control of Function and Policy . . . . . . . . . . . . 15 4.4.2. Control of Function and Policy . . . . . . . . . . . . 16
4.5. Accounting Management . . . . . . . . . . . . . . . . . . 16 4.5. Accounting Management . . . . . . . . . . . . . . . . . . 16
4.6. Performance Management . . . . . . . . . . . . . . . . . . 16 4.6. Performance Management . . . . . . . . . . . . . . . . . . 16
4.7. Security Management . . . . . . . . . . . . . . . . . . . 17 4.7. Security Management . . . . . . . . . . . . . . . . . . . 18
5. Existing Protocols . . . . . . . . . . . . . . . . . . . . . . 18 5. Existing Protocols . . . . . . . . . . . . . . . . . . . . . . 19
5.1. SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 5.1. SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
5.2. SYSLOG . . . . . . . . . . . . . . . . . . . . . . . . . . 19 5.2. SYSLOG . . . . . . . . . . . . . . . . . . . . . . . . . . 21
5.3. IPFIX . . . . . . . . . . . . . . . . . . . . . . . . . . 20 5.3. IPFIX . . . . . . . . . . . . . . . . . . . . . . . . . . 22
5.4. NETCONF . . . . . . . . . . . . . . . . . . . . . . . . . 20 5.4. PSAMP . . . . . . . . . . . . . . . . . . . . . . . . . . 22
5.5. COPS-PR . . . . . . . . . . . . . . . . . . . . . . . . . 20 5.5. NETCONF . . . . . . . . . . . . . . . . . . . . . . . . . 22
5.6. RADIUS . . . . . . . . . . . . . . . . . . . . . . . . . . 21 5.6. COPS-PR . . . . . . . . . . . . . . . . . . . . . . . . . 23
5.7. Diameter . . . . . . . . . . . . . . . . . . . . . . . . . 21 5.7. RADIUS . . . . . . . . . . . . . . . . . . . . . . . . . . 23
5.8. EPP . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 5.8. Diameter . . . . . . . . . . . . . . . . . . . . . . . . . 24
5.9. XCAP . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 5.9. EPP . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
5.10. Other Protocols . . . . . . . . . . . . . . . . . . . . . 22 5.10. VCCV . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
6. Existing IETF Data Models . . . . . . . . . . . . . . . . . . 22 5.11. XCAP . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
6.1. Fault Management . . . . . . . . . . . . . . . . . . . . . 23 5.12. Other Protocols . . . . . . . . . . . . . . . . . . . . . 25
6.2. Configuration Management . . . . . . . . . . . . . . . . . 24 6. Existing IETF Data Models . . . . . . . . . . . . . . . . . . 25
6.3. Accounting Management . . . . . . . . . . . . . . . . . . 25 6.1. Fault Management . . . . . . . . . . . . . . . . . . . . . 26
6.4. Performance Management . . . . . . . . . . . . . . . . . . 26 6.2. Configuration Management . . . . . . . . . . . . . . . . . 26
6.3. Accounting Management . . . . . . . . . . . . . . . . . . 27
6.4. Performance Management . . . . . . . . . . . . . . . . . . 27
6.5. Security Management . . . . . . . . . . . . . . . . . . . 28 6.5. Security Management . . . . . . . . . . . . . . . . . . . 28
7. Documentation Guidelines . . . . . . . . . . . . . . . . . . . 29 7. Documentation Guidelines . . . . . . . . . . . . . . . . . . . 29
7.1. Recommended Discussions . . . . . . . . . . . . . . . . . 29 7.1. Recommended Discussions . . . . . . . . . . . . . . . . . 29
7.2. Null Manageability Considerations Sections . . . . . . . . 29 7.2. Null Manageability Considerations Sections . . . . . . . . 29
7.3. Placement of Operations and Manageability 7.3. Placement of Operations and Manageability
Considerations Sections . . . . . . . . . . . . . . . . . 30 Considerations Sections . . . . . . . . . . . . . . . . . 30
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 30 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 30
9. Security Considerations . . . . . . . . . . . . . . . . . . . 30 9. Security Considerations . . . . . . . . . . . . . . . . . . . 30
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 30 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 30
11. Informative References . . . . . . . . . . . . . . . . . . . . 30 11. Informative References . . . . . . . . . . . . . . . . . . . . 30
Appendix A. Operations and Management Checklist . . . . . . . . . 35 Appendix A. Operations and Management Checklist . . . . . . . . . 34
Appendix B. Additional MIB Modules on the Standards Track . . . . 35 Appendix B. Additional Data Models on the Standards Track . . . . 35
Appendix C. Change Log . . . . . . . . . . . . . . . . . . . . . 35 Appendix C. Open Issues . . . . . . . . . . . . . . . . . . . . . 37
Appendix D. Change Log . . . . . . . . . . . . . . . . . . . . . 37
1. Introduction 1. Introduction
When new protocols or protocol extensions are developed, it is often Often when new protocols or protocol extensions are developed, not
the case that not enough consideration is given to the way in which enough consideration is given to how the protocol will be deployed,
new protocols will be deployed in the network and operated and operated and managed. Retrofitting operations and management
managed once deployed. The result is that operations and management mechanisms is often hard and architecturally unpleasant, and certain
issues are only taken into consideration after the protocols have protocol design choices may make deployment, operations, and
been implemented and sometimes not until after they have been management particularly hard. Since operations and management issues
deployed. Attempts to retrofit operations and management mechanisms may impact the success of IETF protocols, this document provides
are not always easy or architecturally pleasant, and certain protocol guidelines to help protocol designers and working groups consider the
design choices may make deployment, operations, and management operations and management issues of their new IETF protocol or
particularly hard to achieve later. Since operations and management protocol extension at an earlier phase.
issues may be fundamental to the utility and success of protocols
designed within the IETF, this document provides guidelines to help
protocol designers and working groups consider the operations and
management issues of their new protocol at an earlier phase.
[DISCUSS - This document seems to be just as concerned with the This document recommends working groups consider operations and
protocol designer's "mind-set" and the protocol development process management needs, and then select appropriate standard management
as it is with the protocol as a finished product. While we all agree protocols and data models to address the relevant operations and
that it would be a good thing to imprint operational sensitivities management needs, just as the WG might consider which security
into the consciousness of the protocol developer, I do not think that threats are relevant to their protocol, and then select appropriate
this is a practical goal. The best that we can do is to set forth a standard security protocols to mitigate the relevant threats.
list of objective criteria by which a protocol designer can evaluate
whether the protocol that he/she has developed is manageable.]
[DISCUSS: - the document may attempt to cover too much ground. Maybe This document is organized to support such a progressive approach.
it will develop into a framework document, supported by documents of Section 2 discusses the importance of considering operations and
the following sort: . what makes a MIB usable? . how much protocol management. Section 3 discusses operational issues to consider.
state information needs to be exposed and how? . how much performance Section 4 discusses management issues to consider. Section 5
information needs to be exposed and how?] discusses IETF standards-track management protocols and their uses.
Section 6 discusses specific data models, such as MIB modules, that
have been designed to address specific sets of issues.
This document sets forth a list of subjective guidelines and a list
of objective criteria by which a protocol designer can evaluate
whether the protocol that he/she has developed addresses common
operations and management needs. Operations and management is highly
dependent on the environment in which it is used, so most guidelines
are subjective rather than objective. We provide objective criteria
to promote interoperability through the use of standard management
interfaces, such as "did you design counters in a MIB module for
monitoring packets in/out of an interface?", "did you write an XML-
based data model for configuring your protocol with Netconf?", and
"did you standardize syslog message content and structured data
elements for reporting events that might occur when operating your
protocol?"
A balance is needed between ensuring operations and management have
been considered, and getting a protocol specification published in a
timely fashion. IETF standards-track protocol documents should
contain enough information to understand how the protocol will be
deployed and managed. It should be expected that initial
considerations for operations and management may need to be updated
in the future, after further operational experience has been gained.
This document only provides guidelines; the (ever-changing membership
of the) IESG can make a decision about how the guidelines should be
used by the IETF over time.
1.1. Terminology 1.1. Terminology
This document deliberately does not use the (capitalized) key words This document deliberately does not use the (capitalized) key words
described in RFC 2119 [RFC2119]. RFC 2119 states the keywords must described in RFC 2119 [RFC2119]. RFC 2119 states the keywords must
only be used where it is actually required for interoperation or to only be used where it is actually required for interoperation or to
limit behavior which has potential for causing harm (e.g., limiting limit behavior which has potential for causing harm (e.g., limiting
retransmissions). For example, they must not be used to try to retransmissions). For example, they must not be used to try to
impose a particular method on implementers where the method is not impose a particular method on implementers where the method is not
required for interoperability. This document is a set of guidelines required for interoperability. This document is a set of guidelines
skipping to change at page 5, line 15 skipping to change at page 5, line 35
o "working group" represents individuals and working groups involved o "working group" represents individuals and working groups involved
in the development of new protocols. in the development of new protocols.
o [DISCUSS] markers indicate a lack of consensus on what should be o [DISCUSS] markers indicate a lack of consensus on what should be
written. written.
o [TODO] markers indicate the editor has a reasonable understanding o [TODO] markers indicate the editor has a reasonable understanding
of what needs to be (re-)written. Contributions of text would be of what needs to be (re-)written. Contributions of text would be
welcome. welcome.
o Note to RFC Editor - All [DISCUSS] or [TODO] marks should be
resolved before RFC publication. If any still exist, including in
the Terminology section, then please return the document to the
editor for resolution.
2. Design for Operations and Management 2. Design for Operations and Management
"Design for operations and management" means that the operational "Design for operations and management" means that the operational
environment and manageability of the protocol should be considered environment and manageability of the protocol should be considered
from the start when new protocols are designed. This requires a from the start when new protocols are designed.
change in mind-set. Protocol designers typically do not like to look
at the management aspects of their new protocol. They are busy
working out the details of their new protocol, and do not take time
to consider what would be necessary to make the protocol manageable
and easy to deploy. Because many of the working groups developing
protocols have no background in management or operations, they also
feel uncomfortable working on aspects of a protocol design that is
unfamiliar to them. This document provides guidelines to working
groups about what to consider.
This document seeks to educate working groups about some common
aspects of operations and management so they can design better
protocol solutions.
It is easier for a WG editor to write a document for associated
management functionality if the WG has already researched and weighed
the management options, and reached consensus on the management
requirements.
It is a noble goal to consider management from the very early start
of new protocol work, but we also have to accept that sometimes
management requirements will only be understood once a technology has
been deployed and some experience has been gained. It should be
expected that initial considerations for operations and management
may need to be updated in the future.
This document is not about requiring all internet-drafts to include a
new "Operations and Management Considerations" section. Experiments
to require such sections have had a mixed reaction from protocol
developers. The IESG has also expressed hesitation about requiring
new Considerations sections.
We should also be careful and point out that this document really
just provides guidelines and should not be misused to slow down
protocol development since sometimes it is better to get a protocol
out in a timely fashion without management considerations instead of
being delayed some years when it is too late to be successful.
Releasing IETF documents including protocol definition without any
consideration about how the protocol and networks running the
protocol will be managed and what are the operational implications of
deployment also seems wrong A balance is needed. This document tries
to find the right balance - what is the minimal information that
needs to be included in a protocol definition document that shows how
the protocol will be deployed and managed. Minimal but not less than
this.
2.1. Motivation
The IETF has indicated a desire to have operations and manageability 2.1. IETF Management Framework
considered during the development of new protocols, using a proactive
"design for operability and manageability" approach that documents
how a new protocol is expected to be operated and managed.
For years the IETF has stressed the use of the Standard Management For years the IETF has stressed the use of the IETF Standard
Framework and SMI MIB modules [RFC2578] for managing new protocols. Management Framework and SMI MIB modules [RFC2578] for managing new
The IETF designed the Standard Management Framework and SMI MIB protocols. The IETF designed the Standard Management Framework and
modules to permit multiple protocols to utilize the MIB data SMI MIB modules to permit multiple protocols to utilize the MIB data
[RFC1052], but it became a common misunderstanding that a MIB module [RFC1052], but it became a common misunderstanding that a MIB module
could only be used with the SNMP protocol.(defined in [RFC3410] and could only be used with the SNMP protocol (described in [RFC3410] and
associated documents). associated documents).
In 2001, OPS Area design teams were created to document issues and In 2001, OPS Area design teams were created to document issues and
requirements related to configuration of IP-based networks. One requirements related to configuration of IP-based networks. One
output was "Requirements for Configuration Management of IP-based output was "Requirements for Configuration Management of IP-based
Networks" [RFC3139] Networks" [RFC3139]. The COPS-PR protocol was developed to address
configuration.
In 2003, the Internet Architecture Board (IAB) held a workshop on In 2003, the Internet Architecture Board (IAB) held a workshop on
Network Management [RFC3535] that discussed the strengths and Network Management [RFC3535] that discussed the strengths and
weaknesses of some IETF network management protocols, and compared weaknesses of some IETF network management protocols, and compared
them to operational needs. Most of those needs are discussed further them to operational needs, especially configuration.
in this document.
This document recommends working groups consider operations and One issue raised was the user-unfriendliness of the binary format of
management needs, and then select appropriate standard management SNMP and COPS-PR, so it was recommended that the IETF explore and
protocols and data models to address the relevant operations and XML-based Structure of Management Information, and an XML-based
management needs, just as they consider which security threats are protocol for configuration.
relevant to their protocol, and then select appropriate standard
security protocols to mitigate the relevant threats.
For example, a working group could decide whether a MIB module, Another issue was that deployed tools for event/alarm correlation,
SYSLOG messages, an LDAP structure, an XML schema, or another root cause analysis and logging are not sufficient, and there is a
solution is the best way to monitor and manage the functionality of a need to support a human interface and a programmatic interface. The
new protocol. The protocol to use for management will follow from IETF decided to standardize aspects of the defacto standard for
this analysis rather than being SNMP by fiat. system logging, especially security and the need for better
programmatic support.
One good method that can be considered by protocol designers is to In 2006, the IETF discussed how the Management Framework should be
make an analysis of the operational environment and mode of work the updated to accommodate multiple IETF standard SMI languages, and
future protocol or extension will work in. Such an exercise needs multiple IETF standard protocols for doing network management.
not be reflected directly by text in their document, but could help
in visualizing the operational model related to the applicability of This document provides some initial guidelines for considering
the protocol in the Internet environments where it will be deployed. operations and management in this environment of multiple protocols
The operational model should take into account issues like: - what and multiple data models, with an eye toward being flexible while
type of management entities will be involved (agents, network also striving for interoperability.
management systems)? what is the possible architecture (client-
server, manager-agent, polling-driven or event-driven,
autoconfiguration, two levels or hierarchical)? what are the basic
management operations - initial configuration, dynamic configuration,
alarms and exceptions reporting, logging, performance monitoring,
performance reporting? how are these operations performed - locally,
remotely, atomic operation, scripts? what are the typical user
interfaces - Command line (CLI) or graphical user interface (GUI)?
3. Operational Considerations 3. Operational Considerations
When a new protocol is deployed in a network, it may affect the When a new protocol is deployed in a network, it may affect the
network negatively. A working group should consider deployment of a network negatively. A working group should consider deployment of a
new protocol or protocol extension in a network, impact on the new protocol or protocol extension in a network, impact on the
network operations, traffic levels and operation of other protocols network operations, traffic levels and operation of other protocols
or previous versions of the protocol, how the new protocol will be or previous versions of the protocol, how the new protocol will be
operated, and how its presence might affect the existing deployment. operated, and how its presence might affect the existing deployment.
Operations and manageability considerations should focus on Operations and manageability considerations should focus on
interoperability of externally observable behaviors. interoperability of externally observable behaviors.
3.1. Operations Model 3.1. Operations Model
Protocol designers can analyze the operational environment and mode
of work in which the new protocol or extension will work. Such an
exercise needs not be reflected directly by text in their document,
but could help in visualizing the operational model related to the
applicability of the protocol in the Internet environments where it
will be deployed. The operational model should take into account
issues like:
o what type of management entities will be involved (agents, network
management systems)?
o what is the possible architecture (client-server, manager-agent,
polling-driven or event-driven, autoconfiguration, two levels or
hierarchical)?
o what are the basic management operations - initial configuration,
dynamic configuration, alarms and exceptions reporting, logging,
performance monitoring, performance reporting?
o how are these operations performed - locally, remotely, atomic
operation, scripts?
o what are the typical user interfaces - Command line (CLI) or
graphical user interface (GUI)?
Working groups should consider how the new protocol will be managed Working groups should consider how the new protocol will be managed
in different deployment sizes. It might be sensible to use a local in different deployment scales. It might be sensible to use a local
management interface to manage the new protocol on a single device, management interface to manage the new protocol on a single device,
but in a large network, remote management using a centralized server but in a large network, remote management using a centralized server
and/or using distributed management functionality might make more and/or using distributed management functionality might make more
sense. Auto-configuration might be possible for some new protocols. sense. Auto-configuration might be possible for some new protocols.
There may be a need to support a human interface, e.g., for There may be a need to support a human interface, e.g., for
troubleshooting, and a programmatic interface, e.g., for automated troubleshooting, and a programmatic interface, e.g., for automated
monitoring and root cause analysis. It might be important that the monitoring and root cause analysis. It might be important that the
internal method routines for both interfaces should be the same to internal method routines for both interfaces should be the same to
ensure that data exchanged between these two interfaces is always ensure that data exchanged between these two interfaces is always
consistent. consistent.
Working groups should consider what management operations are Working groups should consider what management operations are
expected to be performed as result of the deployment of the protocol expected to be performed as a result of the deployment of the
- such as whether write operations will be allowed on routers and on protocol - such as whether write operations will be allowed on
hosts, or if notifications for alarms or other events will be routers and on hosts, or if notifications for alarms or other events
expected. will be expected.
3.2. Installation and Initial Setup 3.2. Installation and Initial Setup
Working groups should consider default values that make protocol Working groups should consider default values that make protocol
sense, to simplify configuration, including default modes and sense, to simplify configuration, including default modes and
parameters. For example, it could be helpful or necessary to specify parameters. For example, it could be helpful or necessary to specify
default values for modes, timers, default state of logical control default values for modes, timers, default state of logical control
variables, default transports, and so on. Even if default values are variables, default transports, and so on. Even if default values are
used, it must be possible to retrieve all the actual values or at used, it must be possible to retrieve all the actual values or at
least an indication that known default values are being used. least an indication that known default values are being used.
skipping to change at page 8, line 36 skipping to change at page 8, line 30
If the new protocol is a new version of the protocol, or is replacing If the new protocol is a new version of the protocol, or is replacing
another technology, the working group should consider how deployments another technology, the working group should consider how deployments
should transition to the new protocol. This should include co- should transition to the new protocol. This should include co-
existence with previously deployed protocols and/or previous versions existence with previously deployed protocols and/or previous versions
of the same protocol, incompatibilities between versions, translation of the same protocol, incompatibilities between versions, translation
between versions, and side effects that might occur. Are older between versions, and side effects that might occur. Are older
protocols or versions disabled or do they co-exist in the network protocols or versions disabled or do they co-exist in the network
with the new protocol? with the new protocol?
Another point to consider is extensibility of the management approach
- How open to future protocol extensions are the management
techniques you are defining?
3.4. Requirements on Other Protocols and Functional Components 3.4. Requirements on Other Protocols and Functional Components
Working groups should consider the requirements that the new protocol Working groups should consider the requirements that the new protocol
might put on other protocols and functional components, and should might put on other protocols and functional components, and should
also document the requirements from other protocols that have been also document the requirements from other protocols that have been
considered in designing the new protocol. considered in designing the new protocol.
These considerations should generally remain illustrative to avoid These considerations should generally remain illustrative to avoid
creating restrictions or dependencies, or potentially impacting the creating restrictions or dependencies, or potentially impacting the
behavior of existing protocols, or restricting the extensibility of behavior of existing protocols, or restricting the extensibility of
skipping to change at page 9, line 20 skipping to change at page 9, line 17
operating within the network. operating within the network.
The working group should consider the potential impact on the The working group should consider the potential impact on the
behavior of other protocols in the network and on the traffic levels behavior of other protocols in the network and on the traffic levels
and traffic patterns that might change, including specific types of and traffic patterns that might change, including specific types of
traffic such as multicast. Also consider the need to install new traffic such as multicast. Also consider the need to install new
components that are added to the network as result of the changes in components that are added to the network as result of the changes in
the operational model, such as servers performing auto-configuration the operational model, such as servers performing auto-configuration
operations. operations.
The working group should consider also the impact on applications and
registries, for example DNS entries, or the size of routing tables.
The impact on performance may also be noted - increased delay or
jitter in real-time traffic applications, or response time in client-
server applications when encryption or filtering are applied.
It is important to minimize the impact caused by configuration It is important to minimize the impact caused by configuration
changes. Given configuration A and configuration B, it should be changes. Given configuration A and configuration B, it should be
possible to generate the operations necessary to get from A to B with possible to generate the operations necessary to get from A to B with
minimal state changes and effects on network and systems. minimal state changes and effects on network and systems.
3.6. Verifying Correct Operation 3.6. Verifying Correct Operation
The working group should consider techniques for testing the effect The working group should consider techniques for testing the effect
that the protocol has had on the network by sending data through the that the protocol has had on the network by sending data through the
network and observing its behavior. Working groups should consider network and observing its behavior. Working groups should consider
skipping to change at page 13, line 9 skipping to change at page 13, line 15
relationship? relationship?
Do objects (such as rows in tables) share fate? For example, if a Do objects (such as rows in tables) share fate? For example, if a
row in table A must exist before a related row in table B can be row in table A must exist before a related row in table B can be
created, what happens to the row in table B if the related row in created, what happens to the row in table B if the related row in
table A is deleted? Does the existence of relationships between table A is deleted? Does the existence of relationships between
objects have an impact on fate sharing? objects have an impact on fate sharing?
4.3. Fault Management 4.3. Fault Management
The working group should consider how faults information will be
propagated. Will it be done using asynchronous notifications or
polling of health indicators?
If notifications are used to alert operators to certain conditions, If notifications are used to alert operators to certain conditions,
then the working group should discuss mechanisms to throttle then the working group should discuss mechanisms to throttle
notifications to prevent congestion. notifications to prevent congestion. Will there be a hierarchy of
faults, and will the fault reporting be done by each fault in the
hierarchy, or will only the lowest fault be reported and the higher
levels be suppressed? should there be aggregated status indicators
based on concatenation of propagated faults from a given domain or
device?
SNMP notifications and SYSLOG messages can alert an operator when an
aspect of the new protocol fails or encounters an error condition,
and SNMP is frequently used as a heartbeat monitor.
4.3.1. Liveness Detection and Monitoring 4.3.1. Liveness Detection and Monitoring
Liveness detection and monitoring applies both to the control plane Liveness detection and monitoring applies both to the control plane
and the data plane. Mechanisms for detecting faults in the control and the data plane. Mechanisms for detecting faults in the control
plane or for monitoring its liveness are usually built into the plane or for monitoring its liveness are usually built into the
control plane protocols or inherited from underlying data plane or control plane protocols or inherited from underlying data plane or
forwarding plane protocols. These mechanisms do not typically forwarding plane protocols. These mechanisms do not typically
require additional management capabilities. However, when a system require additional management capabilities. However, when a system
detects a control plane fault, there is often a requirement to detects a control plane fault, there is often a requirement to
skipping to change at page 13, line 33 skipping to change at page 14, line 5
least to record the fact in an event log. least to record the fact in an event log.
Where the protocol is responsible for establishing data or user plane Where the protocol is responsible for establishing data or user plane
connectivity, liveness detection and monitoring usually need to be connectivity, liveness detection and monitoring usually need to be
achieved through other mechanisms. In some cases, these mechanisms achieved through other mechanisms. In some cases, these mechanisms
already exist within other protocols responsible for maintaining already exist within other protocols responsible for maintaining
lower layer connectivity, but it will often be the case that new lower layer connectivity, but it will often be the case that new
procedures are required to detect failures in the data path and to procedures are required to detect failures in the data path and to
report rapidly, allowing remedial action to be taken. report rapidly, allowing remedial action to be taken.
[DISCUSS:: 'control plane' and 'data plane' are such slippery terms Protocol designers should always build in basic testing features
that I think they need to be defined.] (e.g. ICMP echo, UDP/TCP echo service, NULL RPC calls) that can be
used to test for liveness, with an option to enable and disable them.
4.3.2. Fault Determination 4.3.2. Fault Determination
It can be helpful to describe how faults can be pinpointed using It can be helpful to describe how faults can be pinpointed using
management information. For example, counters might record instances management information. For example, counters might record instances
of error conditions. Some faults might be able to be pinpointed by of error conditions. Some faults might be able to be pinpointed by
comparing the outputs of one device and the inputs of another device comparing the outputs of one device and the inputs of another device
looking for anomalies. looking for anomalies.
4.3.3. Fault Isolation 4.3.3. Fault Isolation
skipping to change at page 14, line 10 skipping to change at page 14, line 30
malformed messages necessary to coordinate connections properly. malformed messages necessary to coordinate connections properly.
Spanning tree comes to mind. This might be able to be done by Spanning tree comes to mind. This might be able to be done by
configuring next-hop devices to drop the faulty messages to prevent configuring next-hop devices to drop the faulty messages to prevent
them from entering the rest of the network. them from entering the rest of the network.
4.3.4. Corrective Action 4.3.4. Corrective Action
What sort of corrective action can be taken by an operator for each What sort of corrective action can be taken by an operator for each
of the fault conditions that are being identified? of the fault conditions that are being identified?
[DISCUSS: this should be expanded or eliminated.
4.4. Configuration Management 4.4. Configuration Management
RFC3139 [RFC3139] discusses requirements for configuration RFC3139 [RFC3139] discusses requirements for configuration
management. This document includes discussion of different levels of management. This document includes discussion of different levels of
management, including high-level-policies, network-wide configuration management, including high-level-policies, network-wide configuration
data, and device-local configuration. data, and device-local configuration.
A number of efforts have existed in the IETF to develop policy-based A number of efforts have existed in the IETF to develop policy-based
management. RFC3198 was written to standardize the terminology for management. RFC3198 was written to standardize the terminology for
policy-based management across these efforts. policy-based management across these efforts.
skipping to change at page 16, line 14 skipping to change at page 16, line 37
4.5. Accounting Management 4.5. Accounting Management
A working group should consider whether it would be appropriate to A working group should consider whether it would be appropriate to
collect usage information related to this protocol, and if so, what collect usage information related to this protocol, and if so, what
usage information would be appropriate to collect? usage information would be appropriate to collect?
RFC2975 [RFC2975] Introduction to Accounting Management discusses a RFC2975 [RFC2975] Introduction to Accounting Management discusses a
number of issues that arise when monitoring usage of protocols for number of issues that arise when monitoring usage of protocols for
purposes of capacity and trend analysis, cost allocation, auditing, purposes of capacity and trend analysis, cost allocation, auditing,
and billing. This document also discusses how some commonly used and billing. This document also discusses how RADIUS, TACACS+, and
protocols are used for these purposes. These issues should be SNMP protocols are used for these purposes. These issues should be
considered when designing a protocol whose usage might need to be considered when designing a protocol whose usage might need to be
monitored, or when recommending a protocol to do usage accounting. monitored, or when recommending a protocol to do usage accounting.
While this discussion is now dated, many of the issues remain
relevant, and new protocols might be better to address those issues.
4.6. Performance Management 4.6. Performance Management
Consider information that would be useful when trying to determine Consider information that would be useful when trying to determine
the performance characteristics of a deployed system using the target the performance characteristics of a deployed system using the target
protocol. protocol.
Consider scaling issues, such as providing information about the What are the principal performance factors that need to be looked at
maximum number of table entries that an implementation supports, the when measuring the efficiency of the protocol implementations? Is it
current number of instances, and the expected behavior when the important to measure setup times? throughput? quality versus
current instances exceed the capacity of the implementation. throughput? interruptions? end-to-end throughput? end-to-end quality?
hop-to-hop throughput?
Consider scaling issues, such as whether performance will be affected
by the number of protocol connections. If so, then it might be
useful to provide information about the maximum number of table
entries that should be expected to be modeled, how many entries an
implementation can support, the current number of instances, and the
expected behavior when the current instances exceed the capacity of
the implementation. This should be considered in a data-modeling
independent manner - what makes managed-protocol sense, not what
makes management-protocol-sense. If it is not managed-protocol-
dependent, then it should be left for the management-protocol data
modelers to decide.
For example, VLAN identifiers have a range of 1..4095 because of the
VLAN standards.
Consider operational activity, such as the number of message in and Consider operational activity, such as the number of message in and
the messages out, the number of received messages rejected due to the messages out, the number of received messages rejected due to
format problems, the expected behaviors when a malformed message is format problems, the expected behaviors when a malformed message is
received. received.
Consider the expected behaviors for counters - what is a reasonable Consider the expected behaviors for counters - what is a reasonable
maximum value for expected usage? should they stop counting at the maximum value for expected usage? should they stop counting at the
maximum value and retain the maximum value, or should they rollover? maximum value and retain the maximum value, or should they rollover?
How can users determine if a rollover has occurred, and how can users How can users determine if a rollover has occurred, and how can users
determine if more than one rollover has occurred? determine if more than one rollover has occurred?
Consider whether counters should be persistent across reboots of the What information should be maintained across reboots of the device,
device, or restarts of the management system. or restarts of the management system?
Consider what events might cause discontinuities in a counter, Could events, such as hot-swapping a blade in a chassis, cause
especially those that cause delta calculations to become meaningless. discontinuities in information? Does this make any difference in
How can a user determine that there has been one or more evaluating the performance of a protocol?
discontinuities in the counting?
Consider whether multiple management applications will share a Consider whether multiple management applications will share a
counter; if so, then no one management application should be allowed counter; if so, then no one management application should be allowed
to reset the value to zero since this will impact other applications. to reset the value to zero since this will impact other applications.
For performance monitoring, it is important to report counters and For performance monitoring, it is often important to report the time
not gauges as it is important to report the time spent in a state spent in a state rather than the current state. Snapshots are of
rather than the actual state. In other words, objects that report less value for performance monitoring.
snapshots are of less value for performance monitoring.
The Benchmarking Methodology WG (bmwg) has defined recommendations
for the measurement of the performance characteristics of various
internetworking technologies in a laboratory environment, including
the systems or services that are built from these technologies. Each
recommendation describes the class of equipment, system, or service
being addressed; discuss the performance characteristics that are
pertinent to that class; clearly identify a set of metrics that aid
in the description of those characteristics; specify the
methodologies required to collect said metrics; and lastly, present
the requirements for the common, unambiguous reporting of
benchmarking results.
4.7. Security Management 4.7. Security Management
Protocol designers should consider how to monitor and to manage Protocol designers should consider how to monitor and to manage
security aspects and vulnerabilities of the new protocol. security aspects and vulnerabilities of the new protocol.
There will be security considerations related to the new protocol. There will be security considerations related to the new protocol.
To make it possible for operators to be aware of security-related To make it possible for operators to be aware of security-related
events, is it recommended that system logs should record events, such events, it is recommended that system logs should record events, such
as failed logins? Should a system automatically notify operators of as failed logins, but the logs must be secured.
every event occurrence, or should an operator-defined threshold
control when a notification is sent to an operator? Should a system automatically notify operators of every event
occurrence, or should an operator-defined threshold control when a
notification is sent to an operator?
Should certain statistics be collected about the operation of the new Should certain statistics be collected about the operation of the new
protocol that might be useful for detecting attacks, such as the protocol that might be useful for detecting attacks, such as the
receipt of malformed messages, or messages out of order, or messages receipt of malformed messages, or messages out of order, or messages
with invalid timestamps? If such statistics are collected, is it with invalid timestamps? If such statistics are collected, is it
important to count them separately for each sender to help identify important to count them separately for each sender to help identify
the source of attacks? the source of attacks?
Manageability considerations that are security-oriented might include Manageability considerations that are security-oriented might include
discussion of the security implications when no monitoring is in discussion of the security implications when no monitoring is in
skipping to change at page 18, line 5 skipping to change at page 19, line 10
promote comparisons across devices and across vendors to permit promote comparisons across devices and across vendors to permit
checking the consistency of security configurations. checking the consistency of security configurations.
Working groups should consider how to provide a secure transport, Working groups should consider how to provide a secure transport,
authentication, identity, and access control which integrates well authentication, identity, and access control which integrates well
with existing key and credential management infrastructure. with existing key and credential management infrastructure.
Working groups should consider how ACLs (access control lists) are Working groups should consider how ACLs (access control lists) are
maintained and updated. maintained and updated.
Standard SNMP notifications or SYSLOG messages
[I-D.ietf-syslog-protocol] might already exist, or can be defined, to
alert operators to the conditions identified in the security
considerations for the new protocol. [TODO: find existing
notificiations or syslog messages related to security]
An analysis of existing counters might help operators recognize the
conditions identified in the security considerations for the new
protocol before they can impact the network.
RADIUS and DIAMETER can provide authentication and authorization. A
working group should consider which attributes would be appropriate
for their protocol.
Different protocols use different assumptions about message security
and data access controls. A working group that recommends using
different protocols should consider how security will be applied in a
balanced manner across multiple management interfaces. SNMP access
control is data-oriented, while CLI access control is usually command
(task) oriented. Depending on the management function, sometimes
data-oriented or task-oriented access control makes more sense.
Working groups should consider both data-oriented and task-oriented
access control.
5. Existing Protocols 5. Existing Protocols
[DISCUSS: Section 5 reviews which protocols the IETF has to offer for [DISCUSS: Section 5 reviews which protocols the IETF has to offer for
management and, what I really like, the text discusses for which management and, what I really like, the text discusses for which
applications they were designed or already successfully deployed. I applications they were designed or already successfully deployed. I
like to perhaps see even stronger guidelines;] like to perhaps see even stronger guidelines;]
Working groups should consider existing protocols and data models Existing protocols and data models can provide the management
that could be used to provide the management functions identified in functions identified in the previous section. WGs should consider
the previous section, and should consider how using these existing how using these existing protocols and data models might impact
protocols and data models might impact network operations. network operations.
In choosing existing protocol solutions to meet the information model In choosing existing protocol solutions to meet the information model
requirements, it is recommended that the strengths and weaknesses of requirements, it is recommended that the strengths and weaknesses of
IETF protocols, as document in [RFC3535] be considered, and working IETF protocols, as documented in [RFC3535] be considered, and working
groups should consider asking for help from the IETF directorates groups should consider asking for help from the IETF directorates
knowledgeable in available existing solutions. This is especially knowledgeable in available existing solutions. This is especially
true since some of the recommendations from the 2002 IAB workshop true since some of the recommendations from the 2002 IAB workshop
have become outdated, some have been implemented, and some are being have become outdated, some have been implemented, and some are being
realized. realized.
We want to avoid seeming to impose a solution by putting in place a We want to avoid seeming to impose a solution by putting in place a
strict terminology - for example implying that a formal data model, strict terminology - for example implying that a formal data model,
or even using a management protocol is mandatory. If a WG considers or even using a management protocol is mandatory. If a WG considers
that its technology can be managed solely by using proprietary CLIs, that its technology can be managed solely by using proprietary CLIs,
and no structured or standardized data model needs to be in place, and no structured or standardized data model needs to be in place,
this should be fine, but this is a requirement that needs to be this should be fine, but this is a requirement that needs to be
explicit in their manageability discussion, so that the WG reaches explicit in the manageability discussion, so that the WG reaches
consensus in full awareness that this is how the protocol will need consensus in full awareness that this is how the protocol will need
to be operated and managed. Working groups should avoid having to be operated and managed. Working groups should avoid having
manageability pushed for a later/never phase of the development of manageability pushed for a later/never phase of the development of
the standard. the standard.
Listed here are a number of protocols that have reached Proposed Listed here are a number of protocols that have reached Proposed
Standard status or higher within the IETF. Standard status or higher within the IETF.
5.1. SNMP 5.1. SNMP
SNMP [RFC3410] is a Full Standard, and is widely used for monitoring SNMP is widely used for monitoring fault and performance data. Some
networks. Some operators use SNMP for configuration in various operators use SNMP for configuration in various environments/
environments/technologies while others find SNMP an inappropriate technologies while others find SNMP an inappropriate choice for
choice for configuration in their environments. configuration in their environments. SNMPv1 is a Full Standard, but
is not recommended due to its lack of security features. SNMPv3 is a
Full Standard that includes security features. An overview of the
SNMPv3 document set is in [RFC3410].
SNMP relies on the MIB. MIB module support is uneven across vendors, SNMP relies on the MIB. MIB module support is uneven across vendors,
and even within devices. The lack of MIB module support for all and even within devices. The lack of standard MIB module support for
functionality in a device forces operators to use other protocols all functionality in a device forces operators to use other protocols
such as a CLI to do configuration of some aspects of their managed such as a CLI to do configuration of some aspects of their managed
devices, and it is easier to use one protocol for all configuration devices, and it is easier to use one protocol for all configuration
than to split the task across multiple protocols. than to split the task across multiple protocols.
SNMP is good at determining operational state of specific SNMP is good at determining operational state of specific
functionality, but not necessarily for the complete operational state functionality, but not necessarily for the complete operational state
of a managed device. of a managed device.
SNMP is good for statistics gathering for specific functionality. SNMP is good for statistics gathering for specific functionality.
The wide-spread use of counters in standard MIB modules permits the The wide-spread use of counters in standard MIB modules permits the
interoperable comparison of statistics across devices from different interoperable comparison of statistics across devices from different
vendors. SNMP is often used to poll a device for sysUpTime, which vendors. SNMP is often used to poll a device for sysUpTime, which
serves to check for operational liveness and discontinuity in serves to check for operational liveness and discontinuity in
counters. counters.
SNMP notifications can alert an operator or an application when an SNMP traps and informs can alert an operator or an application when
aspect of the new protocol fails or encounters an error condition, an aspect of the new protocol fails or encounters an error condition,
and the contents of a notification can be used to guide subsequent and the contents of a notification can be used to guide subsequent
SNMP polling to gather additional information about an event. SNMP polling to gather additional information about an event.
SNMPv1 and SNMPv2c lack strong security, and are not recommended by SNMPv1 and SNMPv2c lack strong security, and are not recommended by
the IETF. SNMPv3 does offer strong security and is recommended by the IETF. SNMPv3 does offer strong security and is recommended by
the IETF. the IETF.
Stardards exist to run SNMP over multiple network protocols,
including UDP, Ethernet, Appletalk, OSI, and others..
5.2. SYSLOG 5.2. SYSLOG
The SYSLOG protocol [I-D.ietf-syslog-protocol] provides a transport The SYSLOG protocol [I-D.ietf-syslog-protocol] allows a machine to
to allow a machine to send event notification messages across IP send event notification messages across networks to event message
networks to event message collectors. Since each process, collectors. The protocol is simply designed to transport these event
application and operating system was written somewhat independently, messages. No acknowledgement of the receipt is made. One of the
there has been little uniformity to the content of SYSLOG messages. fundamental tenets of the SYSLOG protocol and process is its
The protocol is simply designed to transport these event messages. simplicity. No stringent coordination is required between the
No acknowledgement of the receipt is made. One of the fundamental transmitters and the receivers. Indeed, the transmission of SYSLOG
tenets of the SYSLOG protocol and process is its simplicity. No messages may be started on a device without a receiver being
stringent coordination is required between the transmitters and the configured, or even actually physically present. Conversely, many
receivers. Indeed, the transmission of SYSLOG messages may be devices will most likely be able to receive messages without explicit
started on a device without a receiver being configured, or even configuration or definitions. This simplicity has greatly aided the
actually physically present. Conversely, many devices will most acceptance and deployment of SYSLOG.
likely be able to receive messages without explicit configuration or
definitions. This simplicity has greatly aided the acceptance and
deployment of SYSLOG.
The IETF has developed a new Proposed Standard version of the message Since each process, application and operating system was written
format and protocol that allows the use of any number of transport somewhat independently, there has been little uniformity to the
protocols for transmission of SYSLOG messages, including secure message format or content of SYSLOG messages.
transports, and allows vendor-specific extensions to be provided in a
structured way. The IETF has standardized the new format for SYSLOG The IETF has developed a new Proposed Standard version of the
messages to improve interoperability between compliant protocol that allows the use of any number of transport protocols
implementations, and standardized the application of message security including reliable transports and secure transports, and standardized
to SYSLOG messages. the application of message security to SYSLOG messages. The IETF
standardized a new message header format, including timestamp,
hostname, application, and message ID, to improve filtering, and
interoperability and correlation between compliant implementations.
SYSLOG message content has traditionally been unstructured natural
language text. This content is human-friendly, but difficult for
applications to parse and correlate across vendors, or correlate with
other event reporting such as SNMP traps. The IETF standard syslog
protocol includes structured data elements to aid application-
parsing. The structured data element design allows vendors to define
their own structured data elements to supplement standardized
elements.
Working groups are encouraged to standardize structured data
elements, extensible human-friendly text, and consistent facility/
severity values for SYSLOG to report events specific to their
protocol.
5.3. IPFIX 5.3. IPFIX
There are several applications e.g., usage-based accounting, traffic There are several applications e.g., usage-based accounting, traffic
profiling, traffic engineering, attack/intrusion detection, QoS profiling, traffic engineering, intrusion detection, QoS monitoring,
monitoring, that require flow-based IP traffic measurements. that require flow-based traffic measurements.
IPFIX [I-D.ietf-ipfix-protocol] is a Proposed Standard approach for IPFIX [I-D.ietf-ipfix-protocol] is a Proposed Standard approach for
transmitting IP traffic flow information over the network from an transmitting IP traffic flow information over the network from an
exporting process to an information collecting process. IPFIX exporting process to an information collecting process.
defines a common representation of flow data and a standard means of
communicating the data over a number of transport protocols. IPFIX IPFIX defines a common representation of flow data and a standard
is still in process and some aspects have not yet become Proposed means of communicating the data over a number of transport protocols.
Standards.
Some extensions to IPFIX are in development and have not yet become
Proposed Standards.
[TODO: update as needed] [TODO: update as needed]
5.4. NETCONF 5.4. PSAMP
Several applications require sampling packets from specific data
flows, or across multiple data flows, and reporting information about
the packets. Measurement-based network management is a prime
example. The PSAMP standard includes support for packet sampling in
IPv4, IPv6, and MPLS-based networks.
PSAMP standardizes sampling, selection, metering, and reporting
strategies for different purposes.
To simplify the solution, the IPFIX protocol is used for exporting
the reports to collector applications.
[TODO: this is in IESG review to become a PS. update as needed]
5.5. NETCONF
The NETCONF protocol [RFC4741] is a Proposed Standard that defines a The NETCONF protocol [RFC4741] is a Proposed Standard that defines a
simple mechanism through which a network device can be managed, simple mechanism through which a network device can be managed,
configuration data information can be retrieved, and new configuration data information can be retrieved, and new
configuration data can be uploaded and manipulated. The protocol configuration data can be uploaded and manipulated. The protocol
allows the device to expose a full, formal application programming allows the device to expose a full, formal application programming
interface (API). Applications can use this straightforward API to interface (API). Applications can use this straightforward API to
send and receive full and partial configuration data sets. send and receive full and partial configuration data sets.
The NETCONF protocol uses a remote procedure call (RPC) paradigm. A The NETCONF protocol uses a remote procedure call (RPC) paradigm. A
skipping to change at page 20, line 49 skipping to change at page 23, line 21
allows timely access to new features. In addition, applications can allows timely access to new features. In addition, applications can
access both the syntactic and semantic content of the device's native access both the syntactic and semantic content of the device's native
user interface. user interface.
The contents of both the request and the response can be fully The contents of both the request and the response can be fully
described in XML DTDs or XML schemas, or both, allowing both parties described in XML DTDs or XML schemas, or both, allowing both parties
to recognize the syntax constraints imposed on the exchange. As of to recognize the syntax constraints imposed on the exchange. As of
this writing, no standard has been developed for data content this writing, no standard has been developed for data content
specification. specification.
5.5. COPS-PR 5.6. COPS-PR
COPS-PR and the Structure of Policy Provisioning Information (SPPI) COPS-PR and the Structure of Policy Provisioning Information (SPPI)
have been approved as Proposed Standards. COPS-PR [RFC3084] uses the have been approved as Proposed Standards. COPS-PR [RFC3084] uses the
Common Open Policy Service (COPS) protocol for support of policy Common Open Policy Service (COPS) protocol for support of policy
provisioning. The COPS-PR specification is independent of the type provisioning. The COPS-PR specification is independent of the type
of policy being provisioned (QoS, Security, etc.) but focuses on the of policy being provisioned (QoS, Security, etc.) but focuses on the
mechanisms and conventions used to communicate provisioned mechanisms and conventions used to communicate provisioned
information between policy-decision-points (PDPs) and policy information between policy-decision-points (PDPs) and policy
enforcement points (PEPs). COPS-PR does not make any assumptions enforcement points (PEPs). COPS-PR does not make any assumptions
about the policy data model being communicated, but describes the about the policy data model being communicated, but describes the
message formats and objects that carry the modeled policy data. message formats and objects that carry the modeled policy data.
Policy data is modeled using Policy Information Base modules (PIB Policy data is modeled using Policy Information Base modules (PIB
modules). modules).
COPS-PR has not had wide deployment, and operators have stated that COPS-PR has not had wide deployment, and operators have stated that
its use of binary encoding (BER) for management data makes it its use of binary encoding (BER) for management data makes it
difficult to develop automated scripts for simple configuration difficult to develop automated scripts for simple configuration
management tasks in most text-based scripting languages. In an IAB management tasks in most text-based scripting languages. In an IAB
Workshop on Network Management [RFC3535], the consensus of operators Workshop on Network Management [RFC3535], the consensus of operators
and protocol developers indicated a lack of interest in PIB modules and protocol developers indicated a lack of interest in PIB modules
for use with COPS-PR. As a result, the IESG has not approved any for use with COPS-PR.
policy models (PIB modules) as an IETF standard.
5.6. RADIUS As a result, the IESG has not approved any policy models (PIB
modules) as an IETF standard, and the use of COPS-PR is not
recommended.
5.7. RADIUS
RADIUS [RFC2865], the remote Authentication Dial In User Service, is RADIUS [RFC2865], the remote Authentication Dial In User Service, is
a Draft Standard that describes a protocol for carrying a Draft Standard that describes a protocol for carrying
authentication, authorization, and configuration information between authentication, authorization, and configuration information between
a Network Access Server which desires to authenticate its links and a a Network Access Server which desires to authenticate its links and a
shared Authentication Server. This protocol is widely implemented shared Authentication Server.
and used.
5.7. Diameter This protocol is widely implemented and used. RADIUS is widely used
in environments, such as enterprise networks, where a single
administrative authority manages the network, and protects the
privacy of user information.
5.8. Diameter
DIAMETER [RFC3588] is a Proposed Standard that provides an DIAMETER [RFC3588] is a Proposed Standard that provides an
Authentication, Authorization and Accounting (AAA) framework for Authentication, Authorization and Accounting (AAA) framework for
applications such as network access or IP mobility. DIAMETER is also applications such as network access or IP mobility. DIAMETER is also
intended to work in both local Authentication, Authorization & intended to work in both local Authentication, Authorization &
Accounting and roaming situations. Accounting and roaming situations.
Diameter is designed to resolve a number of known problems with Diameter is designed to resolve a number of known problems with
RADIUS. Diameter supports server failover, transmission-level RADIUS. Diameter supports server failover, transmission-level
security, reliable transport over TCP, agents for proxy and redirect security, reliable transport over TCP, agents for proxy and redirect
and relay, server-initiated messages, auditability, capability and relay, server-initiated messages, auditability, capability
negotiation, peer discovery and configuration, and roaming support. negotiation, peer discovery and configuration, and roaming support.
Diameter also provides a larger attribute space than RADIUS. Diameter also provides a larger attribute space than RADIUS.
RADIUS is widely used within single administrative domains. Diameter Diameter features make it especially appropriate for environments
features make it especially appropriate for environments where the where the providers of services are in different administrative
providers of services are in different administrative domains than domains than the maintainer (protector) of confidential user
the maintainer (protector) of confidential user information. information.
5.8. EPP 5.9. EPP
The Extensible Provision Protocol [RFC4930] is a Draft Standard that The Extensible Provision Protocol [RFC4930] is a Draft Standard that
describes an application layer client-server protocol for the describes an application layer client-server protocol for the
provisioning and management of objects stored in a shared central provisioning and management of objects stored in a shared central
repository. EPP permits multiple service providers to perform object repository. EPP permits multiple service providers to perform object
provisioning operations using a shared central object repository, and provisioning operations using a shared central object repository, and
addresses the requirements for a generic registry registrar protocol. addresses the requirements for a generic registry registrar protocol.
5.9. XCAP 5.10. VCCV
VCCV is a Proposed Standard protocol that provides a control channel
associated with a Pseudowire. It is used for operations and
management functions such as connectivity verification over the
control channel. VCCV applies to all supported access circuit and
transport types currently defined for PWs.
5.11. XCAP
XCAP [RFC4825] is a Proposed Standard protocol that allows a client XCAP [RFC4825] is a Proposed Standard protocol that allows a client
to read, write, and modify application configuration data stored in to read, write, and modify application configuration data stored in
XML format on a server. XML format on a server.
5.10. Other Protocols 5.12. Other Protocols
A command line interface (CLI) might be used to provide initial A command line interface (CLI) might be used to provide initial
configuration of the target functionality. Command line interfaces configuration of the target functionality. Command line interfaces
are usually proprietary, but working groups could suggest specific are usually proprietary, but working groups could suggest specific
commands and command parameters that would be useful in configuring commands and command parameters that would be useful in configuring
the new protocol, so implementers could have similarities in their the new protocol, so implementers could have similarities in their
proprietary CLI implementations. proprietary CLI implementations.
[DISCUSS: Routing and control plane people may prefer NETCONF since [DISCUSS: Routing and control plane people may prefer NETCONF since
it is close to CLIs which seem to rule in this space. ] it is close to CLIs which seem to rule in this space. ]
skipping to change at page 23, line 37 skipping to change at page 26, line 27
appendix that lists additional MIB modules that have reached Proposed appendix that lists additional MIB modules that have reached Proposed
Standard status. Standard status.
[TODO] discuss specific MIB modules, SDEs, XML schemas that are [TODO] discuss specific MIB modules, SDEs, XML schemas that are
designed to solve generic problems. This might cover things like designed to solve generic problems. This might cover things like
Textual Conventions, RFC3415 Target tables, SYSLOG SDEs defined in Textual Conventions, RFC3415 Target tables, SYSLOG SDEs defined in
-protocol-, SYSLOG -sign-, IPFIX IEs, etc. -protocol-, SYSLOG -sign-, IPFIX IEs, etc.
6.1. Fault Management 6.1. Fault Management
SNMP notifications and SYSLOG messages can alert an operator when an
aspect of the new protocol fails or encounters an error condition,
and SNMP is frequently used as a heartbeat monitor.
The IETF standards-track version of the SYSLOG protocol
[I-D.ietf-syslog-protocol] includes a mechanism for defining
structured data elements (SDEs). The SYSLOG protocol document
defines an initial set of SDEs that relate to content time quality,
content origin, and meta-information about the message, such as
language. Proprietary SDEs can be used to supplement the IETF-
defined SDEs.
RFC 3418 [RFC3418], part of STD 62 SNMP, contains objects in the RFC 3418 [RFC3418], part of STD 62 SNMP, contains objects in the
system group that are often polled to determine if a device is still system group that are often polled to determine if a device is still
operating, and sysUpTime can be used to detect if a system has operating, and sysUpTime can be used to detect if a system has
rebooted, and counters have been reinitialized. rebooted, and counters have been reinitialized.
RFC3413 [RFC3413], part of STD 62 SNMP, includes objects designed for RFC3413 [RFC3413], part of STD 62 SNMP, includes objects designed for
managing notifications, including tables for addressing, retry managing notifications, including tables for addressing, retry
parameters, security, lists of targets for notifications, and user parameters, security, lists of targets for notifications, and user
customization filters. customization filters.
An RMON monitor [RFC2819] can be configured to recognize conditions, An RMON monitor [RFC2819] can be configured to recognize conditions,
most notably error conditions, and continuously to check for them. most notably error conditions, and continuously to check for them.
When one of these conditions occurs, the event may be logged, and When one of these conditions occurs, the event may be logged, and
management stations may be notified in a number of ways. See further management stations may be notified in a number of ways. See further
discussion of RMON under Performance Management. discussion of RMON under Performance Management.
Protocol designers should always build in basic testing features
(e.g. ICMP echo, UDP/TCP echo service, NULL RPC calls) that can be
used to test for liveness, with an option to enable and disable them.
The ALARM MIB in RFC 3877 and the Alarm Reporting Control MIB in RFC
3878 specify mechanisms for expressing state transition models for
persistent problem states. There is also a mechanism specified to
correlate a notification with subsequent state transition
notifications about the same entity/object.
Other MIB modules that may be applied to Fault Management include:
NOTIFICATION-LOG-MIB in RFC 3014
ENTITY-STATE-MIB in RFC 4268
ENTITY-SENSOR-MIB in RFC 4268
6.2. Configuration Management 6.2. Configuration Management
It is expected that standard XML-based data models will be developed It is expected that standard XML-based data models will be developed
for use with NETCONF, and working groups might identify specific for use with NETCONF, and working groups might identify specific
NETCONF data models that would be applicable to the new protocol. At NETCONF data models that would be applicable to the new protocol. At
the time of this writing, no such standard data models exist. the time of this writing, no such standard data models exist.
RFC3159 [RFC3159] discusses the Structure of Policy Provisioning
Information, an extension to the SMI standard for purposes of policy-
based provisioning, for use with the COPS-PR protocol defined in
RFC3084 [RFC3084]. RFC3317 [RFC3317] defines a DiffServ QoS PIB. At
the time of this writing, there are no standards-track PIBs. During
the IAB Workshop on Network Management, the workshop had rough
consensus from the protocol developers that the IETF should not spend
resources on SPPI PIB definitions, and the operators had rough
consensus that they do not care about SPPI PIBs.
For monitoring network configuration, such as physical and logical For monitoring network configuration, such as physical and logical
network topologies, existing MIB modules already exist that provide network topologies, existing MIB modules already exist that provide
some of the desired capabilities. New MIB modules might be developed some of the desired capabilities. New MIB modules might be developed
for the target functionality to allow operators to monitor and modify for the target functionality to allow operators to monitor and modify
the operational parameters, such as timer granularity, event the operational parameters, such as timer granularity, event
reporting thresholds, target addresses, and so on. reporting thresholds, target addresses, and so on.
RFC 3418 [RFC3418], part of STD 62 SNMPv3, contains objects in the RFC 3418 [RFC3418], part of STD 62 SNMPv3, contains objects in the
system group that are often polled to determine if a device is still system group that are often polled to determine if a device is still
operating, and sysUpTime can be used to detect if a system has operating, and sysUpTime can be used to detect if a system has
skipping to change at page 25, line 32 skipping to change at page 27, line 29
forwarding SNMP agents, which can be used to forward messages through forwarding SNMP agents, which can be used to forward messages through
firewalls and NAT devices. firewalls and NAT devices.
Draft Standard RFC2863 [RFC2863], the Interfaces MIB is used for Draft Standard RFC2863 [RFC2863], the Interfaces MIB is used for
managing Network Interfaces. This includes the 'interfaces' group of managing Network Interfaces. This includes the 'interfaces' group of
MIB-II and discusses the experience gained from the definition of MIB-II and discusses the experience gained from the definition of
numerous media-specific MIB modules for use in conjunction with the numerous media-specific MIB modules for use in conjunction with the
'interfaces' group for managing various sub-layers beneath the 'interfaces' group for managing various sub-layers beneath the
internetwork-layer. internetwork-layer.
Proposed Standard RFC4133 [RFC4133] the Entity MIB is used for Proposed Standard RFC3165 [RFC3165] supports the use of user-written
managing multiple logical and physical entities managed by a single scripts to delegate management functionality.
SNMP agent. This module provides a useful mechanism for identifying
the entities comprising a system. There are also event notifications
defined for configuration changes that may be useful to management
applications.
Informational RFC3512 [RFC3512] discusses using SNMP to do
configuration management, including policy-based configuration
management.
Proposed Standard RFC4011 [RFC4011] defines objects that enable Proposed Standard RFC4011 [RFC4011] defines objects that enable
policy-based monitoring and management of SNMP infrastructures, a policy-based monitoring using SNMP, using a scripting language, and a
scripting language, and a script execution environment. script execution environment.
6.3. Accounting Management
RFC2975 discusses how RADIUS, TACACS+, and SNMP might be used for
these purposes. While this discussion is now dated, many of the
issues remain relevant, and new protocols might be better to address
those issues.
RADIUS [RFC2865] or DIAMETER [RFC3588] accounting might be collected Few vendors have not implemented MIB modules that support scripting.
for services, and working groups might document some of the RADIUS/ Some vendors consider running user-developed scripts within the
DIAMETER attributes that could be used. managed device as a violation of support agreements.
The IPFIX protocol [I-D.ietf-ipfix-protocol] can collect information 6.3. Accounting Management
related to IP flows, and existing Information Elements (IEs) may be
appropriate to report flows of the new protocol. New IPFIX
Information Elements might be useful for collecting flow information
useful only in consideration of the new protocol. As of this
writing, no IEs have reached Proposed Standard status yet, but a base
set of IEs has been submitted to IESG for advancement. These include
IEs for Identifying the scope of reporting, Metering and Export
Process configuration, IP and Transport and Sub-IP header fields,
Packet and Flow properties, timestamps, and counters.
RFC3159 discusses the Proposed Standard Structure of Policy TODO: RADIUS Accounting MIBs are PS; are there any DS data models for
Provisioning Information (SPPI), an extension to the SMI standard for accounting? ]
purposes of policy-based provisioning, for use with the COPS-PR
protocol defined in RFC3084. Informational RFC3317 defines a
DiffServ QoS PIB, and Informational RFC3571 defines policy classes
for monitoring and reporting policy usage feedback, as well as policy
classes for controlling reporting intervals, suspension, resumption
and solicitation. At the time of this writing, there are no
standards-track PIBs During the IAB Workshop on Network Management,
the workshop had rough consensus from the protocol developers that
the IETF should not spend resources on SPPI PIB definitions, and the
operators had rough consensus that they do not care about SPPI PIBs.
6.4. Performance Management 6.4. Performance Management
Working groups should consider how performance can be monitored for Working groups should consider how performance can be monitored for
the new protocol. the new protocol.
MIB modules typically contain counters to determine the frequency and MIB modules typically contain counters to determine the frequency and
rate of an occurrence. rate of an occurrence.
RFC2819, STD 59 RMON, defines objects for managing remote network RFC2819, STD 59 RMON, defines objects for managing remote network
skipping to change at page 27, line 28 skipping to change at page 28, line 41
The RMON matrix group stores statistics for conversations between The RMON matrix group stores statistics for conversations between
sets of two addresses. The filter group allows packets to be matched sets of two addresses. The filter group allows packets to be matched
by a filter equation. These matched packets form a data stream that by a filter equation. These matched packets form a data stream that
may be captured or may generate events. The Packet Capture group may be captured or may generate events. The Packet Capture group
allows packets to be captured after they flow through a channel. The allows packets to be captured after they flow through a channel. The
event group controls the generation and notification of events from event group controls the generation and notification of events from
this device. this device.
The RMON-2 MIB [RFC4502] extends RMON by providing RMON analysis up The RMON-2 MIB [RFC4502] extends RMON by providing RMON analysis up
to the application layer. The SMON MIB [RFC2613] extends RMON by to the application layer. The SMON MIB [RFC2613] extends RMON by
providing RMON analysis for switched networks. RAQMON [RFC4710] providing RMON analysis for switched networks.
describes Real-Time Application Quality of Service Monitoring.
DISMAN-EVENT-MIB in RFC 2981 and DISMAN-EXPRESSION-MIB in RFC 2982
provide a superset of the capabilities of the RMON alarm and event
groups. These modules provide mechanisms for thresholding and
reporting anomalous events to management applications.
SIP Package for Voice Quality Reporting
[I-D.ietf-sipping-rtcp-summary] defines a SIP event package that
enables the collection and reporting of metrics that measure the
quality for Voice over Internet Protocol (VoIP) sessions.
The IPPM WG has defined metrics for accurately measuring and
reporting the quality, performance, and reliability of Internet data
delivery services. The metrics include connectivity, one-way delay
and loss, round-trip delay and loss, delay variation, loss patterns,
packet reordering, bulk transport capacity, and link bandwidth
capacity
The Benchmarking Methodology WG (bmwg) has defined recommendations
for the measurement of the performance characteristics of various
internetworking technologies in a laboratory environment, including
the systems or services that are built from these technologies. Each
recommendation describes the class of equipment, system, or service
being addressed; discuss the performance characteristics that are
pertinent to that class; clearly identify a set of metrics that aid
in the description of those characteristics; specify the
methodologies required to collect said metrics; and lastly, present
the requirements for the common, unambiguous reporting of
benchmarking results.
6.5. Security Management 6.5. Security Management
Working groups should consider existing data models that would be Working groups should consider existing data models that would be
relevant to monitoring and managing the security of the new protocol. relevant to monitoring and managing the security of the new protocol.
IPsec Security Policy IPsec Action MIB The IETF has no standard data models for managing security protocols
[I-D.ietf-ipsp-ipsecaction-mib] defines a MIB module for such as TLS and SSH.
configuration of an IPsec action within the IPsec security policy
database (SPD). [TODO: this is not yet a PS, and has dependencies on
a dead document?]
IPsec Security Policy IKE Action MIB [I-D.ietf-ipsp-ikeaction-mib]
defines a MIB module for configuration of an Internet Key Exchange
(IKE) [RFC4306] action within the IPsec security policy database
(SPD). [TODO: this is not yet a PS, and has dependencies on a dead
document?]
[DISCUSS: why are security protocols like TLS and SSH not required to
be manageable? e.g., no MIB modules exist for these protocols.]
Standard SNMP notifications or SYSLOG messages
[I-D.ietf-syslog-protocol] might already exist, or can be defined, to
alert operators to the conditions identified in the security
considerations for the new protocol.
An analysis of existing counters might help operators recognize the
conditions identified in the security considerations for the new
protocol before they can impact the network.
RADIUS and DIAMETER can provide authentication and authorization. A
working group should consider which attributes would be appropriate
for their protocol.
Different protocols use different assumptions about message security
and data access controls. A working group that recommends using
different protocols should consider how security will be applied in a
balanced manner across multiple management interfaces. SNMP access
control is data-oriented, while CLI access control is usually command
(task) oriented. Depending on the management function, sometimes
data-oriented or task-oriented access control makes more sense.
Working groups should consider both data-oriented and task-oriented
access control.
7. Documentation Guidelines 7. Documentation Guidelines
The purpose of this document is to provide guidance about what to The purpose of this document is to provide guidance about what to
consider when thinking about the management and deployment of a new consider when thinking about the management and deployment of a new
protocol, and to provide guidance about documenting the protocol, and to provide guidance about documenting the
considerations should a working group choose to do so. The following considerations should a working group choose to do so. The following
guidelines are designed to help writers provide a reasonably guidelines are designed to help writers provide a reasonably
consistent format to such documentation. Separate manageability and consistent format to such documentation. Separate manageability and
operational considerations sections are desirable in many cases, but operational considerations sections are desirable in many cases, but
skipping to change at page 31, line 7 skipping to change at page 30, line 52
Schoenwaelder, Andy Bierman, and David Harrington. Schoenwaelder, Andy Bierman, and David Harrington.
11. Informative References 11. Informative References
[I-D.ietf-ipfix-protocol] Claise, B., "Specification of the [I-D.ietf-ipfix-protocol] Claise, B., "Specification of the
IPFIX Protocol for the Exchange of IPFIX Protocol for the Exchange of
IP Traffic Flow Information", IP Traffic Flow Information",
draft-ietf-ipfix-protocol-26 (work draft-ietf-ipfix-protocol-26 (work
in progress), September 2007. in progress), September 2007.
[I-D.ietf-ipsp-ikeaction-mib] Hardaker, W., "IPsec Security Policy
IKE Action MIB",
draft-ietf-ipsp-ikeaction-mib-02
(work in progress), November 2006.
[I-D.ietf-ipsp-ipsecaction-mib] Hardaker, W., "IPsec Security Policy
IPsec Action MIB",
draft-ietf-ipsp-ipsecaction-mib-02
(work in progress), November 2006.
[I-D.ietf-sipping-rtcp-summary] Pendleton, A., "Session Initiation [I-D.ietf-sipping-rtcp-summary] Pendleton, A., "Session Initiation
Protocol Package for Voice Quality Protocol Package for Voice Quality
Reporting Event", Reporting Event",
draft-ietf-sipping-rtcp-summary-02 draft-ietf-sipping-rtcp-summary-02
(work in progress), May 2007. (work in progress), May 2007.
[I-D.ietf-syslog-protocol] Gerhards, R., "The syslog Protocol", [I-D.ietf-syslog-protocol] Gerhards, R., "The syslog Protocol",
draft-ietf-syslog-protocol-23 (work draft-ietf-syslog-protocol-23 (work
in progress), September 2007. in progress), September 2007.
skipping to change at page 32, line 44 skipping to change at page 32, line 30
Configuration Management of IP-based Configuration Management of IP-based
Networks", RFC 3139, June 2001. Networks", RFC 3139, June 2001.
[RFC3159] McCloghrie, K., Fine, M., Seligson, [RFC3159] McCloghrie, K., Fine, M., Seligson,
J., Chan, K., Hahn, S., Sahita, R., J., Chan, K., Hahn, S., Sahita, R.,
Smith, A., and F. Reichmeyer, Smith, A., and F. Reichmeyer,
"Structure of Policy Provisioning "Structure of Policy Provisioning
Information (SPPI)", RFC 3159, Information (SPPI)", RFC 3159,
August 2001. August 2001.
[RFC3165] Levi, D. and J. Schoenwaelder,
"Definitions of Managed Objects for
the Delegation of Management
Scripts", RFC 3165, August 2001.
[RFC3290] Bernet, Y., Blake, S., Grossman, D., [RFC3290] Bernet, Y., Blake, S., Grossman, D.,
and A. Smith, "An Informal and A. Smith, "An Informal
Management Model for Diffserv Management Model for Diffserv
Routers", RFC 3290, May 2002. Routers", RFC 3290, May 2002.
[RFC3317] Chan, K., Sahita, R., Hahn, S., and [RFC3317] Chan, K., Sahita, R., Hahn, S., and
K. McCloghrie, "Differentiated K. McCloghrie, "Differentiated
Services Quality of Service Policy Services Quality of Service Policy
Information Base", RFC 3317, Information Base", RFC 3317,
March 2003. March 2003.
skipping to change at page 33, line 31 skipping to change at page 33, line 22
[RFC3444] Pras, A. and J. Schoenwaelder, "On [RFC3444] Pras, A. and J. Schoenwaelder, "On
the Difference between Information the Difference between Information
Models and Data Models", RFC 3444, Models and Data Models", RFC 3444,
January 2003. January 2003.
[RFC3460] Moore, B., "Policy Core Information [RFC3460] Moore, B., "Policy Core Information
Model (PCIM) Extensions", RFC 3460, Model (PCIM) Extensions", RFC 3460,
January 2003. January 2003.
[RFC3512] MacFaden, M., Partain, D., Saperia,
J., and W. Tackabury, "Configuring
Networks and Devices with Simple
Network Management Protocol (SNMP)",
RFC 3512, April 2003.
[RFC3535] Schoenwaelder, J., "Overview of the [RFC3535] Schoenwaelder, J., "Overview of the
2002 IAB Network Management 2002 IAB Network Management
Workshop", RFC 3535, May 2003. Workshop", RFC 3535, May 2003.
[RFC3585] Jason, J., Rafalow, L., and E. [RFC3585] Jason, J., Rafalow, L., and E.
Vyncke, "IPsec Configuration Policy Vyncke, "IPsec Configuration Policy
Information Model", RFC 3585, Information Model", RFC 3585,
August 2003. August 2003.
[RFC3588] Calhoun, P., Loughney, J., Guttman, [RFC3588] Calhoun, P., Loughney, J., Guttman,
skipping to change at page 34, line 19 skipping to change at page 34, line 4
J., Westerinen, A., and W. Weiss, J., Westerinen, A., and W. Weiss,
"Information Model for Describing "Information Model for Describing
Network Device QoS Datapath Network Device QoS Datapath
Mechanisms", RFC 3670, January 2004. Mechanisms", RFC 3670, January 2004.
[RFC3805] Bergman, R., Lewis, H., and I. [RFC3805] Bergman, R., Lewis, H., and I.
McDonald, "Printer MIB v2", McDonald, "Printer MIB v2",
RFC 3805, June 2004. RFC 3805, June 2004.
[RFC4011] Waldbusser, S., Saperia, J., and T. [RFC4011] Waldbusser, S., Saperia, J., and T.
Hongal, "Policy Based Management Hongal, "Policy Based Management
MIB", RFC 4011, March 2005. MIB", RFC 4011, March 2005.
[RFC4133] Bierman, A. and K. McCloghrie, [RFC4133] Bierman, A. and K. McCloghrie,
"Entity MIB (Version 3)", RFC 4133, "Entity MIB (Version 3)", RFC 4133,
August 2005. August 2005.
[RFC4306] Kaufman, C., "Internet Key Exchange
(IKEv2) Protocol", RFC 4306,
December 2005.
[RFC4502] Waldbusser, S., "Remote Network [RFC4502] Waldbusser, S., "Remote Network
Monitoring Management Information Monitoring Management Information
Base Version 2", RFC 4502, May 2006. Base Version 2", RFC 4502, May 2006.
[RFC4668] Nelson, D., "RADIUS Authentication
Client MIB for IPv6", RFC 4668,
August 2006.
[RFC4669] Nelson, D., "RADIUS Authentication
Server MIB for IPv6", RFC 4669,
August 2006.
[RFC4710] Siddiqui, A., Romascanu, D., and E. [RFC4710] Siddiqui, A., Romascanu, D., and E.
Golovinsky, "Real-time Application Golovinsky, "Real-time Application
Quality-of-Service Monitoring Quality-of-Service Monitoring
(RAQMON) Framework", RFC 4710, (RAQMON) Framework", RFC 4710,
October 2006. October 2006.
[RFC4741] Enns, R., "NETCONF Configuration [RFC4741] Enns, R., "NETCONF Configuration
Protocol", RFC 4741, December 2006. Protocol", RFC 4741, December 2006.
[RFC4825] Rosenberg, J., "The Extensible [RFC4825] Rosenberg, J., "The Extensible
skipping to change at page 35, line 14 skipping to change at page 35, line 4
Appendix A. Operations and Management Checklist Appendix A. Operations and Management Checklist
This appendix provides a quick summary of issues to consider. This appendix provides a quick summary of issues to consider.
are configuration parameters clearly identified? are configuration parameters clearly identified?
are configuration parameters normalized? are configuration parameters normalized?
does each configuration parameter have a reasonable default value? does each configuration parameter have a reasonable default value?
is protocol state information exposed to the user? How? is protocol state information exposed to the user? How?
is protocol performance information exposed to the user? How? is protocol performance information exposed to the user? How?
are significant state transitions logged? are significant state transitions logged?
Appendix B. Additional MIB Modules on the Standards Track Appendix B. Additional Data Models on the Standards Track
Appendix C. Change Log The IETF SYSLOG protocol [I-D.ietf-syslog-protocol] is a Proposed
Standard that includes a mechanism for defining structured data
elements (SDEs). The SYSLOG protocol document defines an initial set
of SDEs that relate to content time quality, content origin, and
meta-information about the message, such as language. Proprietary
SDEs can be used to supplement the IETF-defined SDEs.
SIP Package for Voice Quality Reporting
[I-D.ietf-sipping-rtcp-summary] defines a SIP event package that
enables the collection and reporting of metrics that measure the
quality for Voice over Internet Protocol (VoIP) sessions.
DISMAN-EVENT-MIB in RFC 2981 and DISMAN-EXPRESSION-MIB in RFC 2982
provide a superset of the capabilities of the RMON alarm and event
groups. These modules provide mechanisms for thresholding and
reporting anomalous events to management applications.
RAQMON [RFC4710] describes Real-Time Application Quality of Service
Monitoring.
The IPPM WG has defined metrics for accurately measuring and
reporting the quality, performance, and reliability of Internet data
delivery services. The metrics include connectivity, one-way delay
and loss, round-trip delay and loss, delay variation, loss patterns,
packet reordering, bulk transport capacity, and link bandwidth
capacity. [TODO: detail the RFCs - 4737, 3393, 2681, 2680, 2679,
2678
The IPFIX protocol [I-D.ietf-ipfix-protocol] can collect information
related to IP flows, and existing Information Elements (IEs) may be
appropriate to report flows of the new protocol. New IPFIX
Information Elements might be useful for collecting flow information
useful only in consideration of the new protocol. As of this
writing, no IEs have reached Proposed Standard status yet, but a base
set of IEs has been submitted to IESG for advancement. These include
IEs for Identifying the scope of reporting, Metering and Export
Process configuration, IP and Transport and Sub-IP header fields,
Packet and Flow properties, timestamps, and counters.
RFC3159 discusses the Proposed Standard Structure of Policy
Provisioning Information (SPPI), an extension to the SMI standard for
purposes of policy-based provisioning, for use with the COPS-PR
protocol defined in RFC3084. Informational RFC3317 defines a
DiffServ QoS PIB, and Informational RFC3571 defines policy classes
for monitoring and reporting policy usage feedback, as well as policy
classes for controlling reporting intervals, suspension, resumption
and solicitation. At the time of this writing, there are no
standards-track PIBs During the IAB Workshop on Network Management,
the workshop had rough consensus from the protocol developers that
the IETF should not spend resources on SPPI PIB definitions, and the
operators had rough consensus that they do not care about SPPI PIBs.
Proposed Standard RFC4011 [RFC4011] defines objects that enable
policy-based monitoring and management of SNMP infrastructures, a
scripting language, and a script execution environment.
DIAMETER [RFC3588] accounting might be collected for services, and
working groups might document some of the RADIUS/DIAMETER attributes
that could be used. [TODO: what data models?]
RADIUS Authentication Client MIB [RFC4668] and RADIUS Authentication
Server MIB [RFC4669] allow the gathering of accounting data.
Proposed Standard RFC4133 [RFC4133] the Entity MIB is used for
managing multiple logical and physical entities managed by a single
SNMP agent. This module provides a useful mechanism for identifying
the entities comprising a system. There are also event notifications
defined for configuration changes that may be useful to management
applications.
RFC3159 [RFC3159] discusses the Structure of Policy Provisioning
Information, an extension to the SMI standard for purposes of policy-
based provisioning, for use with the COPS-PR protocol defined in
RFC3084 [RFC3084]. RFC3317 [RFC3317] defines a DiffServ QoS PIB. At
the time of this writing, there are no standards-track PIBs. During
the IAB Workshop on Network Management, the workshop had rough
consensus from the protocol developers that the IETF should not spend
resources on SPPI PIB definitions, and the operators had rough
consensus that they do not care about SPPI PIBs.
The ALARM MIB in RFC 3877 and the Alarm Reporting Control MIB in RFC
3878 specify mechanisms for expressing state transition models for
persistent problem states. There is also a mechanism specified to
correlate a notification with subsequent state transition
notifications about the same entity/object.
Other MIB modules that may be applied to Fault Management include:
NOTIFICATION-LOG-MIB in RFC 3014
ENTITY-STATE-MIB in RFC 4268
ENTITY-SENSOR-MIB in RFC 4268
Appendix C. Open Issues
[TODO: need to verify all citations have references (in xref
format)]
Organize data models by layer? both section 6 and appendix.
start to identify bullets for appendix checklist
Is section 2 needed?
Appendix D. Change Log
Changes from opsawg-00 to opsawg-01
moved Proposed Standard data models to appendix
moved advice out of data model survey and into considerations
section
addressed comments from Adrian and Dan
modified the Introduction and Section 2 in response to many
comments.
expanded radius and syslog discussion, added psamp and VCCV,
modified ipfix,
Changes from harrington-01 to opsawg-00 Changes from harrington-01 to opsawg-00
added text regarding operational models to be managed. added text regarding operational models to be managed.
Added checklist appendix (to be filled in after consensus is Added checklist appendix (to be filled in after consensus is
reached on main text ) reached on main text )
Changes from harrington-00 to harrington-01 Changes from harrington-00 to harrington-01
 End of changes. 81 change blocks. 
412 lines changed or deleted 513 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/