draft-ietf-opsawg-operations-and-management-01.txt   draft-ietf-opsawg-operations-and-management-02.txt 
Network Working Group D. Harrington Network Working Group D. Harrington
Internet-Draft Huawei Technologies USA Internet-Draft Huawei Technologies USA
Intended status: Best Current November 14, 2007 Intended status: Best Current December 17, 2007
Practice Practice
Expires: May 17, 2008 Expires: June 19, 2008
Guidelines for Considering Operations and Management of New Protocols Guidelines for Considering Operations and Management of New Protocols
draft-ietf-opsawg-operations-and-management-01 draft-ietf-opsawg-operations-and-management-02
Status of This Memo Status of This Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 35 skipping to change at page 1, line 35
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on May 17, 2008. This Internet-Draft will expire on June 19, 2008.
Copyright Notice Copyright Notice
Copyright (C) The IETF Trust (2007). Copyright (C) The IETF Trust (2007).
Abstract Abstract
New protocols or protocol extensions are best designed with due New protocols or protocol extensions are best designed with due
consideration of operations and management issues related to the consideration of functionality needed to operate and manage the
protocol. Retrofitting operations and management recommendations to protocol. Retrofitting operations and management is sub-optimal.
protocols is sub-optimal. The purpose of this document is to provide The purpose of this document is to provide guidance to authors and
guidance to authors and reviewers of documents defining new protocols reviewers of documents defining new protocols or protocol extensions,
or protocol extensions, covering aspects of operations and management covering aspects of operations and management that should be
that should be considered. considered.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 5 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
2. Design for Operations and Management . . . . . . . . . . . . . 5 2. Design for Operations and Management . . . . . . . . . . . . . 4
2.1. IETF Management Framework . . . . . . . . . . . . . . . . 5 2.1. IETF Management Framework . . . . . . . . . . . . . . . . 4
3. Operational Considerations . . . . . . . . . . . . . . . . . . 6 3. Operational Considerations . . . . . . . . . . . . . . . . . . 5
3.1. Operations Model . . . . . . . . . . . . . . . . . . . . . 7 3.1. Operations Model . . . . . . . . . . . . . . . . . . . . . 6
3.2. Installation and Initial Setup . . . . . . . . . . . . . . 8 3.2. Installation and Initial Setup . . . . . . . . . . . . . . 7
3.3. Migration Path . . . . . . . . . . . . . . . . . . . . . . 8 3.3. Migration Path . . . . . . . . . . . . . . . . . . . . . . 7
3.4. Requirements on Other Protocols and Functional 3.4. Requirements on Other Protocols and Functional
Components . . . . . . . . . . . . . . . . . . . . . . . . 8 Components . . . . . . . . . . . . . . . . . . . . . . . . 7
3.5. Impact on Network Operation . . . . . . . . . . . . . . . 8 3.5. Impact on Network Operation . . . . . . . . . . . . . . . 8
3.6. Verifying Correct Operation . . . . . . . . . . . . . . . 9 3.6. Verifying Correct Operation . . . . . . . . . . . . . . . 9
4. Management Considerations . . . . . . . . . . . . . . . . . . 9 4. Management Considerations . . . . . . . . . . . . . . . . . . 9
4.1. Interoperability . . . . . . . . . . . . . . . . . . . . . 10 4.1. Interoperability . . . . . . . . . . . . . . . . . . . . . 10
4.2. Management Information . . . . . . . . . . . . . . . . . . 12 4.2. Management Information . . . . . . . . . . . . . . . . . . 12
4.3. Fault Management . . . . . . . . . . . . . . . . . . . . . 13 4.3. Fault Management . . . . . . . . . . . . . . . . . . . . . 13
4.3.1. Liveness Detection and Monitoring . . . . . . . . . . 13 4.3.1. Liveness Detection and Monitoring . . . . . . . . . . 13
4.3.2. Fault Determination . . . . . . . . . . . . . . . . . 14 4.3.2. Fault Determination . . . . . . . . . . . . . . . . . 14
4.3.3. Fault Isolation . . . . . . . . . . . . . . . . . . . 14 4.3.3. Fault Isolation . . . . . . . . . . . . . . . . . . . 14
4.3.4. Corrective Action . . . . . . . . . . . . . . . . . . 14 4.3.4. Corrective Action . . . . . . . . . . . . . . . . . . 14
4.4. Configuration Management . . . . . . . . . . . . . . . . . 14 4.4. Configuration Management . . . . . . . . . . . . . . . . . 14
4.4.1. Verifying Correct Operation . . . . . . . . . . . . . 16 4.4.1. Verifying Correct Operation . . . . . . . . . . . . . 16
4.4.2. Control of Function and Policy . . . . . . . . . . . . 16 4.4.2. Control of Function and Policy . . . . . . . . . . . . 16
4.5. Accounting Management . . . . . . . . . . . . . . . . . . 16 4.5. Accounting Management . . . . . . . . . . . . . . . . . . 16
4.6. Performance Management . . . . . . . . . . . . . . . . . . 16 4.6. Performance Management . . . . . . . . . . . . . . . . . . 17
4.7. Security Management . . . . . . . . . . . . . . . . . . . 18 4.7. Security Management . . . . . . . . . . . . . . . . . . . 18
5. Existing Protocols . . . . . . . . . . . . . . . . . . . . . . 19 5. Documentation Guidelines . . . . . . . . . . . . . . . . . . . 20
5.1. SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 5.1. Recommended Discussions . . . . . . . . . . . . . . . . . 20
5.2. SYSLOG . . . . . . . . . . . . . . . . . . . . . . . . . . 21 5.2. Null Manageability Considerations Sections . . . . . . . . 20
5.3. IPFIX . . . . . . . . . . . . . . . . . . . . . . . . . . 22 5.3. Placement of Operations and Manageability
5.4. PSAMP . . . . . . . . . . . . . . . . . . . . . . . . . . 22 Considerations Sections . . . . . . . . . . . . . . . . . 21
5.5. NETCONF . . . . . . . . . . . . . . . . . . . . . . . . . 22 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 21
5.6. COPS-PR . . . . . . . . . . . . . . . . . . . . . . . . . 23 7. Security Considerations . . . . . . . . . . . . . . . . . . . 21
5.7. RADIUS . . . . . . . . . . . . . . . . . . . . . . . . . . 23 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 21
5.8. Diameter . . . . . . . . . . . . . . . . . . . . . . . . . 24 9. Informative References . . . . . . . . . . . . . . . . . . . . 21
5.9. EPP . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Appendix A. Operations and Management Checklist . . . . . . . . . 25
5.10. VCCV . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Appendix B. Open Issues . . . . . . . . . . . . . . . . . . . . . 25
5.11. XCAP . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Appendix C. Change Log . . . . . . . . . . . . . . . . . . . . . 26
5.12. Other Protocols . . . . . . . . . . . . . . . . . . . . . 25
6. Existing IETF Data Models . . . . . . . . . . . . . . . . . . 25
6.1. Fault Management . . . . . . . . . . . . . . . . . . . . . 26
6.2. Configuration Management . . . . . . . . . . . . . . . . . 26
6.3. Accounting Management . . . . . . . . . . . . . . . . . . 27
6.4. Performance Management . . . . . . . . . . . . . . . . . . 27
6.5. Security Management . . . . . . . . . . . . . . . . . . . 28
7. Documentation Guidelines . . . . . . . . . . . . . . . . . . . 29
7.1. Recommended Discussions . . . . . . . . . . . . . . . . . 29
7.2. Null Manageability Considerations Sections . . . . . . . . 29
7.3. Placement of Operations and Manageability
Considerations Sections . . . . . . . . . . . . . . . . . 30
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 30
9. Security Considerations . . . . . . . . . . . . . . . . . . . 30
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 30
11. Informative References . . . . . . . . . . . . . . . . . . . . 30
Appendix A. Operations and Management Checklist . . . . . . . . . 34
Appendix B. Additional Data Models on the Standards Track . . . . 35
Appendix C. Open Issues . . . . . . . . . . . . . . . . . . . . . 37
Appendix D. Change Log . . . . . . . . . . . . . . . . . . . . . 37
1. Introduction 1. Introduction
Often when new protocols or protocol extensions are developed, not Often when new protocols or protocol extensions are developed, not
enough consideration is given to how the protocol will be deployed, enough consideration is given to how the protocol will be deployed,
operated and managed. Retrofitting operations and management operated and managed. Retrofitting operations and management
mechanisms is often hard and architecturally unpleasant, and certain mechanisms is often hard and architecturally unpleasant, and certain
protocol design choices may make deployment, operations, and protocol design choices may make deployment, operations, and
management particularly hard. Since operations and management issues management particularly hard. Since the ease of operations and
may impact the success of IETF protocols, this document provides management may impact the success of IETF protocols, this document
guidelines to help protocol designers and working groups consider the provides guidelines to help protocol designers and working groups
operations and management issues of their new IETF protocol or consider the operations and management functionality needed by their
protocol extension at an earlier phase. new IETF protocol or protocol extension at an earlier phase.
This document recommends working groups consider operations and This document suggests protocol designers consider operations and
management needs, and then select appropriate standard management management needs and then recommend appropriate standard management
protocols and data models to address the relevant operations and protocols and data models to address the relevant operations and
management needs, just as the WG might consider which security management needs. This is similar to a WG considering which security
threats are relevant to their protocol, and then select appropriate threats are relevant to their protocol, and then recommending
standard security protocols to mitigate the relevant threats. appropriate standard security protocols to mitigate the relevant
threats.
This document is organized to support such a progressive approach. This document discusses the importance of considering operations and
Section 2 discusses the importance of considering operations and management. Section 3 discusses operational functionality to
management. Section 3 discusses operational issues to consider. consider. Section 4 discusses management functionality to consider.
Section 4 discusses management issues to consider. Section 5
discusses IETF standards-track management protocols and their uses.
Section 6 discusses specific data models, such as MIB modules, that
have been designed to address specific sets of issues.
This document sets forth a list of subjective guidelines and a list This document sets forth a list of subjective guidelines and a list
of objective criteria by which a protocol designer can evaluate of objective criteria by which a protocol designer can evaluate
whether the protocol that he/she has developed addresses common whether the protocol that he/she has developed addresses common
operations and management needs. Operations and management is highly operations and management needs. Operations and management is highly
dependent on the environment in which it is used, so most guidelines dependent on the environment in which it is used, so most guidelines
are subjective rather than objective. We provide objective criteria are subjective rather than objective. We provide objective criteria
to promote interoperability through the use of standard management to promote interoperability through the use of standard management
interfaces, such as "did you design counters in a MIB module for interfaces, such as "did you design counters in a MIB module for
monitoring packets in/out of an interface?", "did you write an XML- monitoring packets in/out of an interface?", "did you write an XML-
based data model for configuring your protocol with Netconf?", and based data model for configuring your protocol with Netconf?", and
"did you standardize syslog message content and structured data "did you standardize syslog message content and structured data
elements for reporting events that might occur when operating your elements for reporting events that might occur when operating your
protocol?" protocol?"
A balance is needed between ensuring operations and management have
been considered, and getting a protocol specification published in a
timely fashion. IETF standards-track protocol documents should
contain enough information to understand how the protocol will be
deployed and managed. It should be expected that initial
considerations for operations and management may need to be updated
in the future, after further operational experience has been gained.
This document only provides guidelines; the (ever-changing membership This document only provides guidelines; the (ever-changing membership
of the) IESG can make a decision about how the guidelines should be of the) IESG can make a decision about how the guidelines should be
used by the IETF over time. used by the IETF over time.
1.1. Terminology 1.1. Terminology
This document deliberately does not use the (capitalized) key words This document deliberately does not use the (capitalized) key words
described in RFC 2119 [RFC2119]. RFC 2119 states the keywords must described in RFC 2119 [RFC2119]. RFC 2119 states the keywords must
only be used where it is actually required for interoperation or to only be used where it is actually required for interoperation or to
limit behavior which has potential for causing harm (e.g., limiting limit behavior which has potential for causing harm (e.g., limiting
retransmissions). For example, they must not be used to try to retransmissions). For example, they must not be used to try to
impose a particular method on implementers where the method is not impose a particular method on implementers where the method is not
required for interoperability. This document is a set of guidelines required for interoperability. This document is a set of guidelines
based on current practices of protocol designers and operators. This based on current practices of protocol designers and operators. This
document does not describe requirements, so the key words from document does not describe requirements, so the key words from
RFC2119 have no place here. RFC2119 have no place here.
o "new protocol" includes new protocols, protocol extensions, data o "new protocol" includes new protocols, protocol extensions, data
models, or other functionality being designed. models, or other functionality being designed.
o "working group" represents individuals and working groups involved o "protocol designer" represents individuals and working groups
in the development of new protocols. involved in the development of new protocols.
o [DISCUSS] markers indicate a lack of consensus on what should be o [DISCUSS] markers indicate a lack of consensus on what should be
written. written.
o [TODO] markers indicate the editor has a reasonable understanding o [TODO] markers indicate the editor has a reasonable understanding
of what needs to be (re-)written. Contributions of text would be of what needs to be (re-)written. Contributions of text would be
welcome. welcome.
o Note to RFC Editor - All [DISCUSS] or [TODO] marks should be o Note to RFC Editor - All [DISCUSS] or [TODO] marks should be
resolved before RFC publication. If any still exist, including in resolved before RFC publication. If any still exist, including in
the Terminology section, then please return the document to the the Terminology section, then please return the document to the
editor for resolution. editor for resolution.
2. Design for Operations and Management 2. Design for Operations and Management
"Design for operations and management" means that the operational "Design for operations and management" means that the operational
environment and manageability of the protocol should be considered environment and manageability of the protocol should be considered
from the start when new protocols are designed. from the start when new protocols are designed.
When a WG considers operation and management functionality for a
protocol, the document should contain enough information to
understand how the protocol will be deployed and managed, but the WG
should expect that considerations for operations and management may
need to be updated in the future, after further operational
experience has been gained.
2.1. IETF Management Framework 2.1. IETF Management Framework
For years the IETF has stressed the use of the IETF Standard For years the IETF has stressed the use of the IETF Standard
Management Framework and SMI MIB modules [RFC2578] for managing new Management Framework and SMI MIB modules [RFC2578] for managing new
protocols. The IETF designed the Standard Management Framework and protocols. The IETF designed the Standard Management Framework and
SMI MIB modules to permit multiple protocols to utilize the MIB data SMI MIB modules to permit multiple protocols to utilize the MIB data
[RFC1052], but it became a common misunderstanding that a MIB module [RFC1052], but it became a common misunderstanding that a MIB module
could only be used with the SNMP protocol (described in [RFC3410] and could only be used with the SNMP protocol (described in [RFC3410] and
associated documents). associated documents).
In 2001, OPS Area design teams were created to document issues and In 2001, OPS Area design teams were created to document requirements
requirements related to configuration of IP-based networks. One related to configuration of IP-based networks. One output was
output was "Requirements for Configuration Management of IP-based "Requirements for Configuration Management of IP-based Networks"
Networks" [RFC3139]. The COPS-PR protocol was developed to address [RFC3139].
configuration.
In 2003, the Internet Architecture Board (IAB) held a workshop on In 2003, the Internet Architecture Board (IAB) held a workshop on
Network Management [RFC3535] that discussed the strengths and Network Management [RFC3535] that discussed the strengths and
weaknesses of some IETF network management protocols, and compared weaknesses of some IETF network management protocols, and compared
them to operational needs, especially configuration. them to operational needs, especially configuration.
One issue raised was the user-unfriendliness of the binary format of One factor discussed was the user-unfriendliness of the binary format
SNMP and COPS-PR, so it was recommended that the IETF explore and of SNMP and COPS-PR, and it was recommended that the IETF explore an
XML-based Structure of Management Information, and an XML-based XML-based Structure of Management Information, and an XML-based
protocol for configuration. protocol for configuration.
Another issue was that deployed tools for event/alarm correlation, Another factor discussed was that deployed tools for event/alarm
root cause analysis and logging are not sufficient, and there is a correlation, root cause analysis and logging are not sufficient, and
need to support a human interface and a programmatic interface. The there is a need to support a human interface and a programmatic
IETF decided to standardize aspects of the defacto standard for interface. The IETF decided to standardize aspects of the defacto
system logging, especially security and the need for better standard for system logging, especially security and the need for
programmatic support. better programmatic support.
In 2006, the IETF discussed how the Management Framework should be In 2006, the IETF discussed whether the Management Framework should
updated to accommodate multiple IETF standard SMI languages, and be updated to accommodate multiple IETF standard SMI languages, and
multiple IETF standard protocols for doing network management. multiple IETF standard protocols for doing network management.
This document provides some initial guidelines for considering This document provides some initial guidelines for considering
operations and management in this environment of multiple protocols operations and management in this environment of multiple protocols
and multiple data models, with an eye toward being flexible while and multiple data models, with an eye toward being flexible while
also striving for interoperability. also striving for interoperability.
3. Operational Considerations 3. Operational Considerations
When a new protocol is deployed in a network, it may affect the Designers of a new protocol should carefully consider the operational
network negatively. A working group should consider deployment of a aspects. A protocol that is defined very precisely in a well-written
new protocol or protocol extension in a network, impact on the document doesn't guarantee that it is going to be deployable in the
network operations, traffic levels and operation of other protocols real world. Operational aspects will have a serious impact on the
or previous versions of the protocol, how the new protocol will be actual success of a protocol. Such aspects include bad interactions
operated, and how its presence might affect the existing deployment. with existing solutions, a dififcult ugrade path, difficulty of
debugging problems, difficulty configuring from a central database,
or a complicated state diagram that operations staff will find
difficult to understand
[DISCUSS: examples, list of current protocols characteristics and
their impact on the network. e.g., burst traffic impact on network
congestion.]
Operations and manageability considerations should focus on Operations and manageability considerations should focus on
interoperability of externally observable behaviors. interoperability of externally observable behaviors. [TODO: expand
or eliminate.]
3.1. Operations Model 3.1. Operations Model
Protocol designers can analyze the operational environment and mode Protocol designers can analyze the operational environment and mode
of work in which the new protocol or extension will work. Such an of work in which the new protocol or extension will work. Such an
exercise needs not be reflected directly by text in their document, exercise needs not be reflected directly by text in their document,
but could help in visualizing the operational model related to the but could help in visualizing the operational model related to the
applicability of the protocol in the Internet environments where it applicability of the protocol in the Internet environments where it
will be deployed. The operational model should take into account will be deployed. The operational model should take into account
issues like: factors such as:
o what type of management entities will be involved (agents, network o what type of management entities will be involved (agents, network
management systems)? management systems)?
o what is the possible architecture (client-server, manager-agent, o what is the possible architecture (client-server, manager-agent,
polling-driven or event-driven, autoconfiguration, two levels or polling-driven or event-driven, autoconfiguration, two levels or
hierarchical)? hierarchical)?
o what are the basic management operations - initial configuration, o what are the basic management operations - initial configuration,
dynamic configuration, alarms and exceptions reporting, logging, dynamic configuration, alarms and exceptions reporting, logging,
performance monitoring, performance reporting? performance monitoring, performance reporting, debugging?
o how are these operations performed - locally, remotely, atomic o how are these operations performed - locally, remotely, atomic
operation, scripts? operation, scripts?
o what are the typical user interfaces - Command line (CLI) or o what are the typical user interfaces - Command line (CLI) or
graphical user interface (GUI)? graphical user interface (GUI)?
Working groups should consider how the new protocol will be managed Protocol designers should consider how the new protocol will be
in different deployment scales. It might be sensible to use a local managed in different deployment scales. It might be sensible to use
management interface to manage the new protocol on a single device, a local management interface to manage the new protocol on a single
but in a large network, remote management using a centralized server device, but in a large network, remote management using a centralized
and/or using distributed management functionality might make more server and/or using distributed management functionality might make
sense. Auto-configuration might be possible for some new protocols. more sense. Auto-configuration and default parameters might be
possible for some new protocols.
There may be a need to support a human interface, e.g., for There may be a need to support a human interface, e.g., for
troubleshooting, and a programmatic interface, e.g., for automated troubleshooting, and a programmatic interface, e.g., for automated
monitoring and root cause analysis. It might be important that the monitoring and root cause analysis. It might be important that the
internal method routines for both interfaces should be the same to internal method routines used by the application programming
ensure that data exchanged between these two interfaces is always interfaces and the human interfaces should be the same to ensure that
consistent. data exchanged between these two interfaces is always consistent.
[DISCUSS: would the example of inconsistency between non-resettable
MIB counters and CLI resettable counters be useful here? ]
Working groups should consider what management operations are Protocol designers should consider what management operations are
expected to be performed as a result of the deployment of the expected to be performed as a result of the deployment of the
protocol - such as whether write operations will be allowed on protocol - such as whether write operations will be allowed on
routers and on hosts, or if notifications for alarms or other events routers and on hosts, or if notifications for alarms or other events
will be expected. will be expected.
3.2. Installation and Initial Setup 3.2. Installation and Initial Setup
Working groups should consider default values that make protocol Protocol designers should consider default values that make protocol
sense, to simplify configuration, including default modes and sense, to simplify configuration, including default modes and
parameters. For example, it could be helpful or necessary to specify parameters. For example, it could be helpful or necessary to specify
default values for modes, timers, default state of logical control default values for modes, timers, default state of logical control
variables, default transports, and so on. Even if default values are variables, default transports, and so on. Even if default values are
used, it must be possible to retrieve all the actual values or at used, it must be possible to retrieve all the actual values or at
least an indication that known default values are being used. least an indication that known default values are being used.
Working groups should consider how to enable operators to concentrate Protocol designers should consider how to enable operators to
on the configuration of the network as a whole rather than individual concentrate on the configuration of the network as a whole rather
devices. than individual devices.
It is also desirable to discuss the background of chosen default
values, or perhaps why a range of values makes sense. In many cases,
when technology changes, the values in an RFC might make less and
less sense (for example due to increased speeds in the network). It
is very useful to understand whether defaults are based on 'best
current practice' and are expected to change as technologies advance
or whether they have a more universal value and should not be changed
lightly.
3.3. Migration Path 3.3. Migration Path
If the new protocol is a new version of the protocol, or is replacing If the new protocol is a new version of the protocol, or is replacing
another technology, the working group should consider how deployments another technology, the protocol designer should consider how
should transition to the new protocol. This should include co- deployments should transition to the new protocol. This should
existence with previously deployed protocols and/or previous versions include co-existence with previously deployed protocols and/or
of the same protocol, incompatibilities between versions, translation previous versions of the same protocol, incompatibilities between
between versions, and side effects that might occur. Are older versions, translation between versions, and side effects that might
protocols or versions disabled or do they co-exist in the network occur. Are older protocols or versions disabled or do they co-exist
with the new protocol? in the network with the new protocol?
Another point to consider is extensibility of the management approach Another point to consider is extensibility of the management approach
- How open to future protocol extensions are the management - How open to future protocol extensions are the management
techniques you are defining? techniques you are defining?
3.4. Requirements on Other Protocols and Functional Components 3.4. Requirements on Other Protocols and Functional Components
Working groups should consider the requirements that the new protocol Protocol designers should consider the requirements that the new
might put on other protocols and functional components, and should protocol might put on other protocols and functional components, and
also document the requirements from other protocols that have been should also document the requirements from other protocols that have
considered in designing the new protocol. been considered in designing the new protocol. [TODO: examples]
These considerations should generally remain illustrative to avoid These considerations should generally remain illustrative to avoid
creating restrictions or dependencies, or potentially impacting the creating restrictions or dependencies, or potentially impacting the
behavior of existing protocols, or restricting the extensibility of behavior of existing protocols, or restricting the extensibility of
other protocols, or assuming other protocols will not be extended in other protocols, or assuming other protocols will not be extended in
certain ways. certain ways. [TODO: example]
3.5. Impact on Network Operation 3.5. Impact on Network Operation
The introduction of a new protocol or extensions to an existing The introduction of a new protocol or extensions to an existing
protocol may have an impact on the operation of existing networks. protocol may have an impact on the operation of existing networks.
Protocol designers should outline such impacts (which may be Protocol designers should outline such impacts (which may be
positive) including scaling concerns and interactions with other positive) including scaling concerns and interactions with other
protocols. For example, a new protocol that doubles the number of protocols. For example, a new protocol that doubles the number of
active, reachable addresses in use within a network might need to be active, reachable addresses in use within a network might need to be
considered in the light of the impact on the scalability of the IGPs considered in the light of the impact on the scalability of the IGPs
operating within the network. operating within the network.
The working group should consider the potential impact on the The protocol designer should consider the potential impact on the
behavior of other protocols in the network and on the traffic levels behavior of other protocols in the network and on the traffic levels
and traffic patterns that might change, including specific types of and traffic patterns that might change, including specific types of
traffic such as multicast. Also consider the need to install new traffic such as multicast. Also consider the need to install new
components that are added to the network as result of the changes in components that are added to the network as result of the changes in
the operational model, such as servers performing auto-configuration the operational model, such as servers performing auto-configuration
operations. operations.
The working group should consider also the impact on applications and The protocol designer should consider also the impact on
registries, for example DNS entries, or the size of routing tables. infrastructure applications like the DNS, registries, or the size of
routing tables.
The impact on performance may also be noted - increased delay or The impact on performance may also be noted - increased delay or
jitter in real-time traffic applications, or response time in client- jitter in real-time traffic applications, or response time in client-
server applications when encryption or filtering are applied. server applications when encryption or filtering are applied.
It must be easy to do consistency checks of versions/revisions of
configurations over time. [DISCUSS: probably needs a bit more
discussion on database driven configurations. ]
It must be easy to do consistency checks of configurations between
the ends of a link in order to determine the differences between two
configurations and whether the configurations are consistent.
[DISCUSS: this needs rewording to better describe consistency
checking 1) over time, and 2) between ends of a link. probably needs
a bit more discussion on the need to be able to understand and check
what it is happening on the wire actually matches what the Operator
tried to configure. Basically, complexity is your enemy here, and
that cannot be stressed often enough (no idea how you can verify
whether for example a SIP application is actually doing what it is
supposed to do due to it's complexity).]
It is important to minimize the impact caused by configuration It is important to minimize the impact caused by configuration
changes. Given configuration A and configuration B, it should be changes. Given configuration A and configuration B, it should be
possible to generate the operations necessary to get from A to B with possible to generate the operations necessary to get from A to B with
minimal state changes and effects on network and systems. minimal state changes and effects on network and systems.
3.6. Verifying Correct Operation 3.6. Verifying Correct Operation
The working group should consider techniques for testing the effect The protocol designer should consider techniques for testing the
that the protocol has had on the network by sending data through the effect that the protocol has had on the network by sending data
network and observing its behavior. Working groups should consider through the network and observing its behavior. Protocol designers
how the correct end-to-end operation of the new protocol in the should consider how the correct end-to-end operation of the new
network can be tested, and how the correct data or forwarding plane protocol in the network can be tested, and how the correct data or
function of each network element can be verified to be working forwarding plane function of each network element can be verified to
properly with the new protocol. be working properly with the new protocol.
It must be easy to do consistency checks of configurations over time
and between the ends of a link in order to determine the changes
between two configurations and whether those configurations are
consistent.
4. Management Considerations 4. Management Considerations
The considerations of manageability should start from describing the The considerations of manageability should start from describing the
operational model, which includes identifying the entities to be operational model, which includes identifying the entities to be
managed, how the respective protocol is supposed to be installed, managed, how the respective protocol is supposed to be installed,
configured and monitored, who are the managers and what type of configured and monitored, who are the managers and what type of
management interfaces and protocols they would use. management interfaces and protocols they would use.
Considerations for management should include a discussion of what Considerations for management should include a discussion of what
needs to be managed. This document, for better or worse, talks needs to be managed, and how to achieve various management tasks.
mainly about management of a protocol endpoint on a single device. The "write a MIB module" approach to considering management often
It doesn't talk about managing the *protocol* (it manages one end at focuses on monitoring a protocol endpoint on a single device. A MIB
a time), and doesn't even come near managing the *service* (which module document typically only considers monitoring properties
includes a lot of stuff that's very far away from the box). In a observable at one end, while the document doesn't really cover
client/server protocol, it may be more important to instrument the managing the *protocol* (the coordination of multiple ends), and
server end of a protocol than the client end. doesn't even come near managing the *service* (which includes a lot
of stuff that's very far away from the box). This is exactly what
operators hate - you need to be able to manage both ends. As RFC3535
says, MIB modules can often be characterized as a list of ingredients
without a recipe.
One issue that the IETF has always struggled with (and for which we WGs should consider how to configure multiple related/co-operating
still have no good guidance) is the problem of how to configure devices and how to back off if one of those configurations fails or
multiple related/co-operating devices and how to back off if one of causes trouble. NETCONF addresses this ina generic manner by
those configurations fails or causes trouble. NETCONF addresses this allowing an operator to lock the configuration on multiple devices,
somewhat by allowing an operator to lock the configuration on perform the configuration settings/changes, check that they are OK
multiple devices, perform the configuration settings/changes, check (undo if not) and then unlock the devices.
that they are OK (undo if not) and then unlock the devices.
Protocol debugging is not part (and should not be part) of the Techniques for debugging protocol interactions in a network should be
Network Management tools/hooks in a system. Debugging is an part of the network management discussion. Implementation source
implementation-dependent issue, not a protocol standardization issue. code should be debugged before ever being added to a network, so
asserts and memory dumps do not normally belong in management data
models. However, debugging on-the-wire interactions is a protocol
issue: it is enormously helpful if a protocol has hooks to make
debugging of network interactions easy, and/or is designed in such a
way that debugging protocol behaviors is easy. Handwaving this away
is not something that operators like ...
In a client/server protocol, it may be more important to instrument
the server end of a protocol than the client end.
4.1. Interoperability 4.1. Interoperability
Just as when deploying protocols that will inter-connect devices, our Just as when deploying protocols that will inter-connect devices, our
primary goal in considering management should be interoperability, primary goal in considering management should be interoperability,
whether across devices from different vendors, across models from the whether across devices from different vendors, across models from the
same vendor, or across different releases of the same product. same vendor, or across different releases of the same product.
Some product designers and protocol designers assume that if a device Some product designers and protocol designers assume that if a device
can be managed individually using a command line interface or a web can be managed individually using a command line interface or a web
page interface, that such a solution is enough. But when equipment page interface, that such a solution is enough. But when equipment
from multiple vendors is combined into a large network, scalability from multiple vendors is combined into a large network, scalability
of management becomes a problem. It is important to have consistency of management becomes a problem. It is important to have consistency
in the management interfaces so network-wide operational processes in the management interfaces so network-wide operational processes
can be automated. can be automated. For example, a single switch might be easily
managed using an interactive web interface when installed in a single
office small business, but when, say, a fast food company installs
similar switches from multiple vendors in hundreds or thousands of
individual branches and wants to automate monitoring them from a
central location, monitoring vendor-and-model-specific web pages
would be difficult to automate.
Getting everybody to agree on a certain syntax and the protocol Getting everybody to agree on a certain syntax and the protocol
associated with that has proven to be difficult. So management associated with that has proven to be difficult. So management
systems tend to speak whatever the boxes support, whether the IETF systems tend to speak whatever the boxes support, whether the IETF
likes this or not. The IETF is moving from support for a single likes this or not. The IETF is moving from support for a single
management data modeling language and a single management protocol management data modeling language (SMI) and a single management
towards support for multiple management protocols and multiple data protocol (SNMP) towards support for additional management protocols
models suited to different purposes, such as logging (syslog), and data models suited to different purposes, such as configuration
configuration (netconf), and usage accounting (ipfix). Other (netconf), usage accounting (ipfix), and logging (syslog). Other
Standard Development Organizations (e.g. DMTF, TMF) also define Standard Development Organizations (e.g. DMTF, TMF) also define
management mechanisms and these mechanisms may be more suitable than management mechanisms and these mechanisms may be more suitable than
IETF mechanisms in some cases. IETF mechanisms in some cases.
Interoperability needs to be considered on the syntactic level and Interoperability needs to be considered on the syntactic level and
the semantic level. While it can be irritating and time-consuming, the semantic level. While it can be irritating and time-consuming,
application designers including operators who write their own scripts application designers including operators who write their own scripts
can make their processing conditional to accommodate differences can make their processing conditional to accommodate differences
across vendors or models or releases of product. across vendors or models or releases of product.
skipping to change at page 12, line 28 skipping to change at page 12, line 27
o [RFC3805] - Printer MIB v2 (contains both an IM and a DM o [RFC3805] - Printer MIB v2 (contains both an IM and a DM
Management protocol standards and management data model standards Management protocol standards and management data model standards
often contain compliance clauses to ensure interoperability. often contain compliance clauses to ensure interoperability.
Manageability considerations should include discussion of which level Manageability considerations should include discussion of which level
of compliance is expected to be supported for interoperability. of compliance is expected to be supported for interoperability.
4.2. Management Information 4.2. Management Information
A management information model should include a discussion of what is
manageable, which aspects of the protocol need to be configured, what
types of operations are allowed, what protocol-specific events might
occur, which events can be counted, and for which events should an
operator be notified.
Operators find it important to be able to make a clear distinction Operators find it important to be able to make a clear distinction
between configuration data, operational state, and statistics. They between configuration data, operational state, and statistics. They
need to determine which parameters were administrative configured and need to determine which parameters were administrative configured and
which parameters have changed since configuration as the result of which parameters have changed since configuration as the result of
mechanisms such as routing protocols. mechanisms such as routing protocols.
It is important to be able to separately fetch configuration data, It is important to be able to separately fetch configuration data,
operational state data, and statistics from devices, and to be able operational state data, and statistics from devices, and to be able
to compare current state to initial state, and to compare data to compare current state to initial state, and to compare data
between devices. between devices.
A management information model should include a discussion of what is
manageable, which aspects of the protocol need to be configured, what
types of operations are allowed, what protocol-specific events might
occur, which events can be counted, and for which events should an
operator be notified.
What is typically difficult to work through are relationships between What is typically difficult to work through are relationships between
abstract objects. Ideally an information model would describe the abstract objects. Ideally an information model would describe the
relationships between the objects and concepts in the information relationships between the objects and concepts in the information
model. model.
Is there always just one instance of this object or can there be Is there always just one instance of this object or can there be
multiple instances? Does this object relate to exactly one other multiple instances? Does this object relate to exactly one other
object or may it relate to multiple? When is it possible to change a object or may it relate to multiple? When is it possible to change a
relationship? relationship?
Do objects (such as rows in tables) share fate? For example, if a Do objects (such as rows in tables) share fate? For example, if a
row in table A must exist before a related row in table B can be row in table A must exist before a related row in table B can be
created, what happens to the row in table B if the related row in created, what happens to the row in table B if the related row in
table A is deleted? Does the existence of relationships between table A is deleted? Does the existence of relationships between
objects have an impact on fate sharing? objects have an impact on fate sharing?
4.3. Fault Management 4.3. Fault Management
The working group should consider how faults information will be The protocol designer should consider how faults information will be
propagated. Will it be done using asynchronous notifications or propagated. Will it be done using asynchronous notifications or
polling of health indicators? polling of health indicators?
If notifications are used to alert operators to certain conditions, If notifications are used to alert operators to certain conditions,
then the working group should discuss mechanisms to throttle then the protocol designer should discuss mechanisms to throttle
notifications to prevent congestion. Will there be a hierarchy of notifications to prevent congestion and duplications of event
faults, and will the fault reporting be done by each fault in the notifications. Will there be a hierarchy of faults, and will the
hierarchy, or will only the lowest fault be reported and the higher fault reporting be done by each fault in the hierarchy, or will only
levels be suppressed? should there be aggregated status indicators the lowest fault be reported and the higher levels be suppressed?
based on concatenation of propagated faults from a given domain or should there be aggregated status indicators based on concatenation
device? of propagated faults from a given domain or device?
SNMP notifications and SYSLOG messages can alert an operator when an SNMP notifications and SYSLOG messages can alert an operator when an
aspect of the new protocol fails or encounters an error condition, aspect of the new protocol fails or encounters an error condition,
and SNMP is frequently used as a heartbeat monitor. and SNMP is frequently used as a heartbeat monitor.
4.3.1. Liveness Detection and Monitoring 4.3.1. Liveness Detection and Monitoring
Liveness detection and monitoring applies both to the control plane Liveness detection and monitoring applies both to the control plane
and the data plane. Mechanisms for detecting faults in the control and the data plane. Mechanisms for detecting faults in the control
plane or for monitoring its liveness are usually built into the plane or for monitoring its liveness are usually built into the
control plane protocols or inherited from underlying data plane or control plane protocols or inherited from underlying data plane or
forwarding plane protocols. These mechanisms do not typically forwarding plane protocols. These mechanisms do not typically
require additional management capabilities. However, when a system require additional management capabilities. However, when a system
detects a control plane fault, there is often a requirement to detects a control plane fault, there is often a requirement to
coordinate recovery action through management applications or at coordinate recovery action through management applications or at
least to record the fact in an event log. least to record the fact in an event log. [TODO: example]
Where the protocol is responsible for establishing data or user plane Where the protocol is responsible for establishing data or user plane
connectivity, liveness detection and monitoring usually need to be connectivity, liveness detection and monitoring usually need to be
achieved through other mechanisms. In some cases, these mechanisms achieved through other mechanisms. In some cases, these mechanisms
already exist within other protocols responsible for maintaining already exist within other protocols responsible for maintaining
lower layer connectivity, but it will often be the case that new lower layer connectivity, but it will often be the case that new
procedures are required to detect failures in the data path and to procedures are required to detect failures in the data path and to
report rapidly, allowing remedial action to be taken. report rapidly, allowing remedial action to be taken.
Protocol designers should always build in basic testing features Protocol designers should always build in basic testing features
skipping to change at page 14, line 17 skipping to change at page 14, line 13
used to test for liveness, with an option to enable and disable them. used to test for liveness, with an option to enable and disable them.
4.3.2. Fault Determination 4.3.2. Fault Determination
It can be helpful to describe how faults can be pinpointed using It can be helpful to describe how faults can be pinpointed using
management information. For example, counters might record instances management information. For example, counters might record instances
of error conditions. Some faults might be able to be pinpointed by of error conditions. Some faults might be able to be pinpointed by
comparing the outputs of one device and the inputs of another device comparing the outputs of one device and the inputs of another device
looking for anomalies. looking for anomalies.
[DISCUSS: Ralf: While this sounds good, how do ou distinguish between
"faulty messages" and "good messages"? It might require complex
functions such as "deviation from normal", are you sure you want to
implement those at the device level?]
4.3.3. Fault Isolation 4.3.3. Fault Isolation
It might be useful to isolate faults, such as a system that emits It might be useful to isolate faults, such as a system that emits
malformed messages necessary to coordinate connections properly. malformed messages necessary to coordinate connections properly.
Spanning tree comes to mind. This might be able to be done by Spanning tree comes to mind. This might be able to be done by
configuring next-hop devices to drop the faulty messages to prevent configuring next-hop devices to drop the faulty messages to prevent
them from entering the rest of the network. them from entering the rest of the network.
4.3.4. Corrective Action 4.3.4. Corrective Action
What sort of corrective action can be taken by an operator for each What sort of corrective action can be taken by an operator for each
of the fault conditions that are being identified? of the fault conditions that are being identified?
[DISCUSS: this should be expanded or eliminated. [DISCUSS: this should be expanded or eliminated.]
4.4. Configuration Management 4.4. Configuration Management
RFC3139 [RFC3139] discusses requirements for configuration RFC3139 [RFC3139] discusses requirements for configuration
management. This document includes discussion of different levels of management. This document includes discussion of different levels of
management, including high-level-policies, network-wide configuration management, including high-level-policies, network-wide configuration
data, and device-local configuration. data, and device-local configuration.
A number of efforts have existed in the IETF to develop policy-based A number of efforts have existed in the IETF to develop policy-based
management. RFC3198 was written to standardize the terminology for management. RFC3198 was written to standardize the terminology for
skipping to change at page 15, line 4 skipping to change at page 15, line 6
It is highly desirable that text processing tools such as diff, and It is highly desirable that text processing tools such as diff, and
version management tools such as RCS or CVS or SVN, can be used to version management tools such as RCS or CVS or SVN, can be used to
process configurations. This approach simplifies comparing the process configurations. This approach simplifies comparing the
current operational state to the initial configuration. current operational state to the initial configuration.
With structured text such as XML, simple text diffs may be found to With structured text such as XML, simple text diffs may be found to
be inadequate and more sophisticated tools may be needed to make any be inadequate and more sophisticated tools may be needed to make any
useful comparison of versions. useful comparison of versions.
To simplify such configuration comparisons, devices should not To simplify such configuration comparisons, devices should not
arbitrarily reorder data such as access control lists. If a working arbitrarily reorder data such as access control lists. If a protocol
group defines mechanisms for configuration, it would be desirable to designer defines mechanisms for configuration, it would be desirable
standardize the order of elements for consistency of configuration to standardize the order of elements for consistency of configuration
and of reporting across vendors, and across releases from vendors. and of reporting across vendors, and across releases from vendors.
[DISCUSS: Ralf: Well, there are two parts to it: 1. An NMS system
could optimze ACLs for perfomance reasons 2. Unless the device/NMS
systems has corect rules/a lot of experience, reordering ACLs can
lead to a huge security issue, therefore I would rephrase this
paragraph. "
Network wide configurations are ideally stored in central master Network wide configurations are ideally stored in central master
databases and transformed into formats that can be pushed to devices, databases and transformed into formats that can be pushed to devices,
either by generating sequences of CLI commands or complete either by generating sequences of CLI commands or complete
configuration files that are pushed to devices. There is no common configuration files that are pushed to devices. There is no common
database schema for network configuration, although the models used database schema for network configuration, although the models used
by various operators are probably very similar. It is desirable to by various operators are probably very similar. It is desirable to
extract, document, and standardize the common parts of these network extract, document, and standardize the common parts of these network
wide configuration database schemas. A working group should consider wide configuration database schemas. A protocol designer should
how to standardize the common parts of configuring the new protocol, consider how to standardize the common parts of configuring the new
while recognizing the vendors will likely have proprietary aspects of protocol, while recognizing the vendors will likely have proprietary
their configurations. aspects of their configurations.
It is important to distinguish between the distribution of It is important to distinguish between the distribution of
configurations and the activation of a certain configuration. configurations and the activation of a certain configuration.
Devices should be able to hold multiple configurations. NETCONF Devices should be able to hold multiple configurations. NETCONF
[RFC4741], for example, differentiates between the "running" [RFC4741], for example, differentiates between the "running"
configuration and "candidate" configurations. configuration and "candidate" configurations.
[DISCUSS: Also add: backup configs, i.e. version n-1 and auto-
fallback solutions that automatically return to the previous "known
as good config" or adding a backdoor for the operator. One of the
worst scenarios is remote device config where the new running config
doesn't work as expected and unlocks the admin. Vendors may have
ways to avoid unlocking the operator but this doesn't have to be
vendor specific.]
It is important to enable operators to concentrate on the It is important to enable operators to concentrate on the
configuration of the network as a whole rather than individual configuration of the network as a whole rather than individual
devices. Support for configuration transactions across a number of devices. Support for configuration transactions across a number of
devices would significantly simplify network configuration devices would significantly simplify network configuration
management. The ability to distribute configurations to multiple management. The ability to distribute configurations to multiple
devices, or modify "candidate configurations on multiple devices, and devices, or modify "candidate configurations on multiple devices, and
then activate them in a near-simultaneous manner might help. then activate them in a near-simultaneous manner might help.
[DISCUSS: Ralf: This might be a good place for adding the description
of config-templates.]
Consensus of the 2002 IAB Workshop was that textual configuration Consensus of the 2002 IAB Workshop was that textual configuration
files should be able to contain international characters. Human- files should be able to contain international characters. Human-
readable strings should utilize UTF-8, and protocol elements should readable strings should utilize UTF-8, and protocol elements should
be in case insensitive ASCII. be in case insensitive ASCII.
A mechanism to dump and restore configurations is a primitive A mechanism to dump and restore configurations is a primitive
operation needed by operators. Standards for pulling and pushing operation needed by operators. Standards for pulling and pushing
configurations from/to devices are desirable. configurations from/to devices are desirable.
Given configuration A and configuration B, it should be possible to Given configuration A and configuration B, it should be possible to
skipping to change at page 16, line 22 skipping to change at page 16, line 39
devices. It may also be valuable to provide techniques for testing devices. It may also be valuable to provide techniques for testing
the effect that the protocol has had on the network by sending data the effect that the protocol has had on the network by sending data
through the network and observing its behavior. through the network and observing its behavior.
Protocol designers should consider how to test the correct end-to-end Protocol designers should consider how to test the correct end-to-end
operation of the network, and how to verify the correct data or operation of the network, and how to verify the correct data or
forwarding plane function of each network element. forwarding plane function of each network element.
4.4.2. Control of Function and Policy 4.4.2. Control of Function and Policy
A working group should consider the configurable items that exist for A protocol designer should consider the configurable items that exist
the control of function via the protocol elements described in the for the control of function via the protocol elements described in
protocol specification. For example, Sometimes the protocol requires the protocol specification. For example, Sometimes the protocol
that timers can be configured by the operator to ensure specific requires that timers can be configured by the operator to ensure
policy-based behavior by the implementation. specific policy-based behavior by the implementation.
4.5. Accounting Management 4.5. Accounting Management
A working group should consider whether it would be appropriate to A protocol designer should consider whether it would be appropriate
collect usage information related to this protocol, and if so, what to collect usage information related to this protocol, and if so,
usage information would be appropriate to collect? what usage information would be appropriate to collect?
RFC2975 [RFC2975] Introduction to Accounting Management discusses a RFC2975 [RFC2975] Introduction to Accounting Management discusses a
number of issues that arise when monitoring usage of protocols for number of factors relevant to monitoring usage of protocols for
purposes of capacity and trend analysis, cost allocation, auditing, purposes of capacity and trend analysis, cost allocation, auditing,
and billing. This document also discusses how RADIUS, TACACS+, and and billing. This document also discusses how RADIUS, TACACS+, and
SNMP protocols are used for these purposes. These issues should be SNMP protocols are used for these purposes. These factors should be
considered when designing a protocol whose usage might need to be considered when designing a protocol whose usage might need to be
monitored, or when recommending a protocol to do usage accounting. monitored, or when recommending a protocol to do usage accounting.
While this discussion is now dated, many of the issues remain
relevant, and new protocols might be better to address those issues.
4.6. Performance Management 4.6. Performance Management
Consider information that would be useful when trying to determine Consider information that would be useful when trying to determine
the performance characteristics of a deployed system using the target the performance characteristics of a deployed system using the target
protocol. protocol.
What are the principal performance factors that need to be looked at What are the principal performance factors that need to be looked at
when measuring the efficiency of the protocol implementations? Is it when measuring the efficiency of the protocol implementations? Is it
important to measure setup times? throughput? quality versus important to measure setup times? throughput? quality versus
throughput? interruptions? end-to-end throughput? end-to-end quality? throughput? interruptions? end-to-end throughput? end-to-end quality?
hop-to-hop throughput? hop-to-hop throughput?
Consider scaling issues, such as whether performance will be affected Consider scalability, such as whether performance will be affected by
by the number of protocol connections. If so, then it might be the number of protocol connections. If so, then it might be useful
useful to provide information about the maximum number of table to provide information about the maximum number of table entries that
entries that should be expected to be modeled, how many entries an should be expected to be modeled, how many entries an implementation
implementation can support, the current number of instances, and the can support, the current number of instances, and the expected
expected behavior when the current instances exceed the capacity of behavior when the current instances exceed the capacity of the
the implementation. This should be considered in a data-modeling implementation. This should be considered in a data-modeling
independent manner - what makes managed-protocol sense, not what independent manner - what makes managed-protocol sense, not what
makes management-protocol-sense. If it is not managed-protocol- makes management-protocol-sense. If it is not managed-protocol-
dependent, then it should be left for the management-protocol data dependent, then it should be left for the management-protocol data
modelers to decide. modelers to decide.
For example, VLAN identifiers have a range of 1..4095 because of the For example, VLAN identifiers have a range of 1..4095 because of the
VLAN standards. VLAN standards.
Consider operational activity, such as the number of message in and Consider operational activity, such as the number of message in and
the messages out, the number of received messages rejected due to the messages out, the number of received messages rejected due to
skipping to change at page 18, line 47 skipping to change at page 19, line 14
in enterprises, exceeding the capacity of logs, and security in enterprises, exceeding the capacity of logs, and security
exposures present in chosen / recommended management mechanisms. exposures present in chosen / recommended management mechanisms.
The granularity of access control needed on management interfaces The granularity of access control needed on management interfaces
needs to match operational needs. Typical requirements are a role- needs to match operational needs. Typical requirements are a role-
based access control model and the principle of least privilege, based access control model and the principle of least privilege,
where a user can be given only the minimum access necessary to where a user can be given only the minimum access necessary to
perform a required task. perform a required task.
It must be possible to do consistency checks of access control lists It must be possible to do consistency checks of access control lists
across devices. Working groups should consider information models to across devices. Protocol designers should consider information
promote comparisons across devices and across vendors to permit models to promote comparisons across devices and across vendors to
checking the consistency of security configurations. permit checking the consistency of security configurations.
Working groups should consider how to provide a secure transport, Protocol designers should consider how to provide a secure transport,
authentication, identity, and access control which integrates well authentication, identity, and access control which integrates well
with existing key and credential management infrastructure. with existing key and credential management infrastructure.
Working groups should consider how ACLs (access control lists) are Protocol designers should consider how ACLs (access control lists)
maintained and updated. are maintained and updated.
Standard SNMP notifications or SYSLOG messages Standard SNMP notifications or SYSLOG messages
[I-D.ietf-syslog-protocol] might already exist, or can be defined, to [I-D.ietf-syslog-protocol] might already exist, or can be defined, to
alert operators to the conditions identified in the security alert operators to the conditions identified in the security
considerations for the new protocol. [TODO: find existing considerations for the new protocol. [TODO: find existing
notificiations or syslog messages related to security] notificiations or syslog messages related to security]
An analysis of existing counters might help operators recognize the An analysis of existing counters might help operators recognize the
conditions identified in the security considerations for the new conditions identified in the security considerations for the new
protocol before they can impact the network. protocol before they can impact the network.
RADIUS and DIAMETER can provide authentication and authorization. A RADIUS and DIAMETER can provide authentication and authorization. A
working group should consider which attributes would be appropriate protocol designer should consider which attributes would be
for their protocol. appropriate for their protocol.
Different protocols use different assumptions about message security Different protocols use different assumptions about message security
and data access controls. A working group that recommends using and data access controls. A protocol designer that recommends using
different protocols should consider how security will be applied in a different protocols should consider how security will be applied in a
balanced manner across multiple management interfaces. SNMP access balanced manner across multiple management interfaces. SNMP access
control is data-oriented, while CLI access control is usually command control is data-oriented, while CLI access control is usually command
(task) oriented. Depending on the management function, sometimes (task) oriented. Depending on the management function, sometimes
data-oriented or task-oriented access control makes more sense. data-oriented or task-oriented access control makes more sense.
Working groups should consider both data-oriented and task-oriented Protocol designers should consider both data-oriented and task-
access control. oriented access control.
5. Existing Protocols
[DISCUSS: Section 5 reviews which protocols the IETF has to offer for
management and, what I really like, the text discusses for which
applications they were designed or already successfully deployed. I
like to perhaps see even stronger guidelines;]
Existing protocols and data models can provide the management
functions identified in the previous section. WGs should consider
how using these existing protocols and data models might impact
network operations.
In choosing existing protocol solutions to meet the information model
requirements, it is recommended that the strengths and weaknesses of
IETF protocols, as documented in [RFC3535] be considered, and working
groups should consider asking for help from the IETF directorates
knowledgeable in available existing solutions. This is especially
true since some of the recommendations from the 2002 IAB workshop
have become outdated, some have been implemented, and some are being
realized.
We want to avoid seeming to impose a solution by putting in place a
strict terminology - for example implying that a formal data model,
or even using a management protocol is mandatory. If a WG considers
that its technology can be managed solely by using proprietary CLIs,
and no structured or standardized data model needs to be in place,
this should be fine, but this is a requirement that needs to be
explicit in the manageability discussion, so that the WG reaches
consensus in full awareness that this is how the protocol will need
to be operated and managed. Working groups should avoid having
manageability pushed for a later/never phase of the development of
the standard.
Listed here are a number of protocols that have reached Proposed
Standard status or higher within the IETF.
5.1. SNMP
SNMP is widely used for monitoring fault and performance data. Some
operators use SNMP for configuration in various environments/
technologies while others find SNMP an inappropriate choice for
configuration in their environments. SNMPv1 is a Full Standard, but
is not recommended due to its lack of security features. SNMPv3 is a
Full Standard that includes security features. An overview of the
SNMPv3 document set is in [RFC3410].
SNMP relies on the MIB. MIB module support is uneven across vendors,
and even within devices. The lack of standard MIB module support for
all functionality in a device forces operators to use other protocols
such as a CLI to do configuration of some aspects of their managed
devices, and it is easier to use one protocol for all configuration
than to split the task across multiple protocols.
SNMP is good at determining operational state of specific
functionality, but not necessarily for the complete operational state
of a managed device.
SNMP is good for statistics gathering for specific functionality.
The wide-spread use of counters in standard MIB modules permits the
interoperable comparison of statistics across devices from different
vendors. SNMP is often used to poll a device for sysUpTime, which
serves to check for operational liveness and discontinuity in
counters.
SNMP traps and informs can alert an operator or an application when
an aspect of the new protocol fails or encounters an error condition,
and the contents of a notification can be used to guide subsequent
SNMP polling to gather additional information about an event.
SNMPv1 and SNMPv2c lack strong security, and are not recommended by
the IETF. SNMPv3 does offer strong security and is recommended by
the IETF.
Stardards exist to run SNMP over multiple network protocols,
including UDP, Ethernet, Appletalk, OSI, and others..
5.2. SYSLOG
The SYSLOG protocol [I-D.ietf-syslog-protocol] allows a machine to
send event notification messages across networks to event message
collectors. The protocol is simply designed to transport these event
messages. No acknowledgement of the receipt is made. One of the
fundamental tenets of the SYSLOG protocol and process is its
simplicity. No stringent coordination is required between the
transmitters and the receivers. Indeed, the transmission of SYSLOG
messages may be started on a device without a receiver being
configured, or even actually physically present. Conversely, many
devices will most likely be able to receive messages without explicit
configuration or definitions. This simplicity has greatly aided the
acceptance and deployment of SYSLOG.
Since each process, application and operating system was written
somewhat independently, there has been little uniformity to the
message format or content of SYSLOG messages.
The IETF has developed a new Proposed Standard version of the
protocol that allows the use of any number of transport protocols
including reliable transports and secure transports, and standardized
the application of message security to SYSLOG messages. The IETF
standardized a new message header format, including timestamp,
hostname, application, and message ID, to improve filtering, and
interoperability and correlation between compliant implementations.
SYSLOG message content has traditionally been unstructured natural
language text. This content is human-friendly, but difficult for
applications to parse and correlate across vendors, or correlate with
other event reporting such as SNMP traps. The IETF standard syslog
protocol includes structured data elements to aid application-
parsing. The structured data element design allows vendors to define
their own structured data elements to supplement standardized
elements.
Working groups are encouraged to standardize structured data
elements, extensible human-friendly text, and consistent facility/
severity values for SYSLOG to report events specific to their
protocol.
5.3. IPFIX
There are several applications e.g., usage-based accounting, traffic
profiling, traffic engineering, intrusion detection, QoS monitoring,
that require flow-based traffic measurements.
IPFIX [I-D.ietf-ipfix-protocol] is a Proposed Standard approach for
transmitting IP traffic flow information over the network from an
exporting process to an information collecting process.
IPFIX defines a common representation of flow data and a standard
means of communicating the data over a number of transport protocols.
Some extensions to IPFIX are in development and have not yet become
Proposed Standards.
[TODO: update as needed]
5.4. PSAMP
Several applications require sampling packets from specific data
flows, or across multiple data flows, and reporting information about
the packets. Measurement-based network management is a prime
example. The PSAMP standard includes support for packet sampling in
IPv4, IPv6, and MPLS-based networks.
PSAMP standardizes sampling, selection, metering, and reporting
strategies for different purposes.
To simplify the solution, the IPFIX protocol is used for exporting
the reports to collector applications.
[TODO: this is in IESG review to become a PS. update as needed]
5.5. NETCONF
The NETCONF protocol [RFC4741] is a Proposed Standard that defines a
simple mechanism through which a network device can be managed,
configuration data information can be retrieved, and new
configuration data can be uploaded and manipulated. The protocol
allows the device to expose a full, formal application programming
interface (API). Applications can use this straightforward API to
send and receive full and partial configuration data sets.
The NETCONF protocol uses a remote procedure call (RPC) paradigm. A
client encodes an RPC in XML and sends it to a server using a secure,
connection-oriented session. The server responds with a reply
encoded in XML.
A key aspect of NETCONF is that it allows the functionality of the
management protocol to closely mirror the native command line
interface of the device. This reduces implementation costs and
allows timely access to new features. In addition, applications can
access both the syntactic and semantic content of the device's native
user interface.
The contents of both the request and the response can be fully
described in XML DTDs or XML schemas, or both, allowing both parties
to recognize the syntax constraints imposed on the exchange. As of
this writing, no standard has been developed for data content
specification.
5.6. COPS-PR
COPS-PR and the Structure of Policy Provisioning Information (SPPI)
have been approved as Proposed Standards. COPS-PR [RFC3084] uses the
Common Open Policy Service (COPS) protocol for support of policy
provisioning. The COPS-PR specification is independent of the type
of policy being provisioned (QoS, Security, etc.) but focuses on the
mechanisms and conventions used to communicate provisioned
information between policy-decision-points (PDPs) and policy
enforcement points (PEPs). COPS-PR does not make any assumptions
about the policy data model being communicated, but describes the
message formats and objects that carry the modeled policy data.
Policy data is modeled using Policy Information Base modules (PIB
modules).
COPS-PR has not had wide deployment, and operators have stated that
its use of binary encoding (BER) for management data makes it
difficult to develop automated scripts for simple configuration
management tasks in most text-based scripting languages. In an IAB
Workshop on Network Management [RFC3535], the consensus of operators
and protocol developers indicated a lack of interest in PIB modules
for use with COPS-PR.
As a result, the IESG has not approved any policy models (PIB
modules) as an IETF standard, and the use of COPS-PR is not
recommended.
5.7. RADIUS
RADIUS [RFC2865], the remote Authentication Dial In User Service, is
a Draft Standard that describes a protocol for carrying
authentication, authorization, and configuration information between
a Network Access Server which desires to authenticate its links and a
shared Authentication Server.
This protocol is widely implemented and used. RADIUS is widely used
in environments, such as enterprise networks, where a single
administrative authority manages the network, and protects the
privacy of user information.
5.8. Diameter
DIAMETER [RFC3588] is a Proposed Standard that provides an
Authentication, Authorization and Accounting (AAA) framework for
applications such as network access or IP mobility. DIAMETER is also
intended to work in both local Authentication, Authorization &
Accounting and roaming situations.
Diameter is designed to resolve a number of known problems with
RADIUS. Diameter supports server failover, transmission-level
security, reliable transport over TCP, agents for proxy and redirect
and relay, server-initiated messages, auditability, capability
negotiation, peer discovery and configuration, and roaming support.
Diameter also provides a larger attribute space than RADIUS.
Diameter features make it especially appropriate for environments
where the providers of services are in different administrative
domains than the maintainer (protector) of confidential user
information.
5.9. EPP
The Extensible Provision Protocol [RFC4930] is a Draft Standard that
describes an application layer client-server protocol for the
provisioning and management of objects stored in a shared central
repository. EPP permits multiple service providers to perform object
provisioning operations using a shared central object repository, and
addresses the requirements for a generic registry registrar protocol.
5.10. VCCV
VCCV is a Proposed Standard protocol that provides a control channel
associated with a Pseudowire. It is used for operations and
management functions such as connectivity verification over the
control channel. VCCV applies to all supported access circuit and
transport types currently defined for PWs.
5.11. XCAP
XCAP [RFC4825] is a Proposed Standard protocol that allows a client
to read, write, and modify application configuration data stored in
XML format on a server.
5.12. Other Protocols
A command line interface (CLI) might be used to provide initial
configuration of the target functionality. Command line interfaces
are usually proprietary, but working groups could suggest specific
commands and command parameters that would be useful in configuring
the new protocol, so implementers could have similarities in their
proprietary CLI implementations.
[DISCUSS: Routing and control plane people may prefer NETCONF since
it is close to CLIs which seem to rule in this space. ]
[DISCUSS] Other PS-level NM protocols? SIP NM?
6. Existing IETF Data Models
[DISCUSS: JS: The weakest part of the document is IMHO section 6. It
is not clear to me what David's intention were here; sometimes he
gives general advise while at other places he kind of surveys data
models and such things. I am also not sure all the stuff listed
there is actually useful to list; for example, has anybody ever
deployed the technology which came out of the snmpconf working group?
So we need to be more selective and probably also organize our
pointers based on the protocol layer people are working on
(transmission specific MIB modules are kind of widely used, people
managing application servers usually do not use much of SNMP; the
IETF application management MIBs we have produced have not gained
large deployments as far as I can tell). ]
[DISCUSS: David: Some MIB modules may not be deployed because few
people know about them and has never tried them. Others may have
been tried and been found to be inadequate. We have very little
feedback concerning which ones are useful and which are widely
deployed, which have been found useful by operators, and which have
been found to be junk. ;-) I hesitate to make recommendations that
people should avoid a MIB unless there is real evidence that is is
unsuitable for its designed task. Even then, I hesitate because
maybe the MIB would be found useful in a different environment that
is just emerging. Maybe we need to perform a de-crufting operation
for data models, similar to that done for protocols a few years ago.
But I think that would require feedback from LOTS of operators and
application developers - and these tend to be scarce in the IETF. ]
The purpose of this section is to inform protocol designers about
solutions for which components have already been standardized in the
IETF, so they can reuse existing solutions or use those solutions to
extract information models that could be applied to new solutions.
This section discusses management data models that have reached at
least Proposed Standard status in the IETF. Because making
management information available through the MIB has long been the
IETF-preferred approach for managing the Internet, there are a large
number of MIB modules available. Rather than attempt to discuss each
here, with a discussion of the tables they contain, this section will
focus on those MIB modules that have reached at least Draft status,
and some commonly deployed MIB modules. This is supplemented by an
appendix that lists additional MIB modules that have reached Proposed
Standard status.
[TODO] discuss specific MIB modules, SDEs, XML schemas that are
designed to solve generic problems. This might cover things like
Textual Conventions, RFC3415 Target tables, SYSLOG SDEs defined in
-protocol-, SYSLOG -sign-, IPFIX IEs, etc.
6.1. Fault Management
RFC 3418 [RFC3418], part of STD 62 SNMP, contains objects in the
system group that are often polled to determine if a device is still
operating, and sysUpTime can be used to detect if a system has
rebooted, and counters have been reinitialized.
RFC3413 [RFC3413], part of STD 62 SNMP, includes objects designed for
managing notifications, including tables for addressing, retry
parameters, security, lists of targets for notifications, and user
customization filters.
An RMON monitor [RFC2819] can be configured to recognize conditions,
most notably error conditions, and continuously to check for them.
When one of these conditions occurs, the event may be logged, and
management stations may be notified in a number of ways. See further
discussion of RMON under Performance Management.
6.2. Configuration Management
It is expected that standard XML-based data models will be developed
for use with NETCONF, and working groups might identify specific
NETCONF data models that would be applicable to the new protocol. At
the time of this writing, no such standard data models exist.
For monitoring network configuration, such as physical and logical
network topologies, existing MIB modules already exist that provide
some of the desired capabilities. New MIB modules might be developed
for the target functionality to allow operators to monitor and modify
the operational parameters, such as timer granularity, event
reporting thresholds, target addresses, and so on.
RFC 3418 [RFC3418], part of STD 62 SNMPv3, contains objects in the
system group that are often polled to determine if a device is still
operating, and sysUpTime can be used to detect if a system has
rebooted and caused potential discontinuity in counters. Other
objects in the system MIB are useful for identifying the type of
device, the location of the device, the person responsible for the
device, etc.
RFC3413 [RFC3413], part of STD 62 SNMPv3, includes objects designed
for configuring notification destinations, and for configuring proxy-
forwarding SNMP agents, which can be used to forward messages through
firewalls and NAT devices.
Draft Standard RFC2863 [RFC2863], the Interfaces MIB is used for
managing Network Interfaces. This includes the 'interfaces' group of
MIB-II and discusses the experience gained from the definition of
numerous media-specific MIB modules for use in conjunction with the
'interfaces' group for managing various sub-layers beneath the
internetwork-layer.
Proposed Standard RFC3165 [RFC3165] supports the use of user-written
scripts to delegate management functionality.
Proposed Standard RFC4011 [RFC4011] defines objects that enable
policy-based monitoring using SNMP, using a scripting language, and a
script execution environment.
Few vendors have not implemented MIB modules that support scripting.
Some vendors consider running user-developed scripts within the
managed device as a violation of support agreements.
6.3. Accounting Management
TODO: RADIUS Accounting MIBs are PS; are there any DS data models for
accounting? ]
6.4. Performance Management
Working groups should consider how performance can be monitored for
the new protocol.
MIB modules typically contain counters to determine the frequency and
rate of an occurrence.
RFC2819, STD 59 RMON, defines objects for managing remote network
monitoring devices. An organization may employ many remote
management probes, one per network segment, to manage its internet.
These devices may be used for a network management service provider
to access a client network, often geographically remote. Most of the
objects in the RMON MIB module are suitable for the management of any
type of network, and there are some which are specific to managing
Ethernet networks.
RMON allows a probe to be configured to perform diagnostics and to
collect statistics continuously, even when communication with the
management station may not be possible or efficient. The alarm group
periodically takes statistical samples from variables in the probe
and compares them to previously configured thresholds. If the
monitored variable crosses a threshold, an event is generated.
The RMON host group discovers hosts on the network by keeping a list
of source and destination MAC Addresses seen in good packets
promiscuously received from the network, and contains statistics
associated with each host. The hostTopN group is used to prepare
reports that describe the hosts that top a list ordered by one of
their statistics. The available statistics are samples of one of
their base statistics over an interval specified by the management
station. Thus, these statistics are rate based. The management
station also selects how many such hosts are reported.
The RMON matrix group stores statistics for conversations between
sets of two addresses. The filter group allows packets to be matched
by a filter equation. These matched packets form a data stream that
may be captured or may generate events. The Packet Capture group
allows packets to be captured after they flow through a channel. The
event group controls the generation and notification of events from
this device.
The RMON-2 MIB [RFC4502] extends RMON by providing RMON analysis up
to the application layer. The SMON MIB [RFC2613] extends RMON by
providing RMON analysis for switched networks.
6.5. Security Management
Working groups should consider existing data models that would be
relevant to monitoring and managing the security of the new protocol.
The IETF has no standard data models for managing security protocols
such as TLS and SSH.
7. Documentation Guidelines 5. Documentation Guidelines
The purpose of this document is to provide guidance about what to The purpose of this document is to provide guidance about what to
consider when thinking about the management and deployment of a new consider when thinking about the management and deployment of a new
protocol, and to provide guidance about documenting the protocol, and to provide guidance about documenting the
considerations should a working group choose to do so. The following considerations. The following guidelines are designed to help
guidelines are designed to help writers provide a reasonably writers provide a reasonably consistent format for such
consistent format to such documentation. Separate manageability and documentation. Separate manageability and operational considerations
operational considerations sections are desirable in many cases, but sections are desirable in many cases, but their structure and
their structure and location is a decision that can be made from case location is a decision that can be made from case to case.
to case.
Making a Management Considerations section a mandatory publication Making a Management Considerations section a mandatory publication
requirement is the responsibility of the IESG, or specific area requirement is the responsibility of the IESG, or specific area
directors, or working groups, and this document avoids recommending directors, or working groups, and this document avoids recommending
any mandatory publication requirements. For a complex protocol, a any mandatory publication requirements. For a complex protocol, a
completely separate draft on operations and management might be completely separate draft on operations and management might be
appropriate, or even a completely separate WG. appropriate, or even a completely separate WG.
This document is focused on what to think about, and how to document This document is focused on what to think about, and how to document
the considerations of the working group. the considerations of the protocol designer.
7.1. Recommended Discussions 5.1. Recommended Discussions
A Manageability Considerations section should include discussion of A Manageability Considerations section should include discussion of
the management and operations topics raised in this document, and the management and operations topics raised in this document, and
when one or more of these topics is not relevant, it would be useful when one or more of these topics is not relevant, it would be useful
to contain a simple statement explaining why the topic is not to contain a simple statement explaining why the topic is not
relevant for the new protocol. Of course, additional relevant topics relevant for the new protocol. Of course, additional relevant topics
should be included as well. should be included as well.
7.2. Null Manageability Considerations Sections 5.2. Null Manageability Considerations Sections
A working group may seriously consider the manageability requirements A protocol designer may seriously consider the manageability
of a new protocol, and determine that there are no manageability requirements of a new protocol, and determine that no management
issues related to the new protocol. It would be helpful to those who functionality is needed by the new protocol. It would be helpful to
may update or write extensions to the protocol in the future or to those who may update or write extensions to the protocol in the
those deploying the new protocol to know the thinking of the working future or to those deploying the new protocol to know the thinking of
regarding the manageability of the protocol at the time of its the working regarding the manageability of the protocol at the time
design. of its design.
If there are no new manageability or deployment considerations, it is If there are no new manageability or deployment considerations, it is
recommended that a Manageability Considerations section contain a recommended that a Manageability Considerations section contain a
simple statement such as "There are no new manageability requirements simple statement such as "There are no new manageability requirements
introduced by this document," and a brief explanation of why that is introduced by this document," and a brief explanation of why that is
the case. The presence of such a Manageability Considerations the case. The presence of such a Manageability Considerations
section would indicate to the reader that due consideration has been section would indicate to the reader that due consideration has been
given to manageability and operations. given to manageability and operations.
In the case where the new protocol is an extension, and the base In the case where the new protocol is an extension, and the base
protocol discusses all the relevant operational and manageability protocol discusses all the relevant operational and manageability
considerations, it would be helpful to point out the considerations considerations, it would be helpful to point out the considerations
section in the base document. section in the base document.
7.3. Placement of Operations and Manageability Considerations Sections 5.3. Placement of Operations and Manageability Considerations Sections
If a working group develops a Manageability Considerations section If a protocol designer develops a Manageability Considerations
for a new protocol, it is recommended that the section be placed section for a new protocol, it is recommended that the section be
immediately before the Security Considerations section. Reviewers placed immediately before the Security Considerations section.
interested in such sections could find it easily, and this placement Reviewers interested in such sections could find it easily, and this
could simplify the development of tools to detect the presence of placement could simplify the development of tools to detect the
such a section. presence of such a section.
8. IANA Considerations 6. IANA Considerations
This document does not introduce any new codepoints or name spaces This document does not introduce any new codepoints or name spaces
for registration with IANA. Note to RFC Editor: this section may be for registration with IANA. Note to RFC Editor: this section may be
removed on publication as an RFC. removed on publication as an RFC.
9. Security Considerations 7. Security Considerations
This document is informational and provides guidelines for This document is informational and provides guidelines for
considering manageability and operations. It introduces no new considering manageability and operations. It introduces no new
security concerns. security concerns.
10. Acknowledgements 8. Acknowledgements
This document started from an earlier document edited by Adrian This document started from an earlier document edited by Adrian
Farrel, which itself was based on work exploring the need for Farrel, which itself was based on work exploring the need for
Manageability Considerations sections in all Internet-Drafts produced Manageability Considerations sections in all Internet-Drafts produced
within the Routing Area of the IETF. That earlier work was produced within the Routing Area of the IETF. That earlier work was produced
by Avri Doria, Loa Andersson, and Adrian Farrel, with valuable by Avri Doria, Loa Andersson, and Adrian Farrel, with valuable
feedback provided by Pekka Savola and Bert Wijnen. feedback provided by Pekka Savola and Bert Wijnen.
Some of the discussion about designing for manageability came from Some of the discussion about designing for manageability came from
private discussions between Dan Romascanu, Bert Wijnen, Juergen private discussions between Dan Romascanu, Bert Wijnen, Juergen
Schoenwaelder, Andy Bierman, and David Harrington. Schoenwaelder, Andy Bierman, and David Harrington.
11. Informative References 9. Informative References
[I-D.ietf-ipfix-protocol] Claise, B., "Specification of the
IPFIX Protocol for the Exchange of
IP Traffic Flow Information",
draft-ietf-ipfix-protocol-26 (work
in progress), September 2007.
[I-D.ietf-sipping-rtcp-summary] Pendleton, A., "Session Initiation [I-D.ietf-ipfix-protocol] Claise, B., "Specification of the IPFIX
Protocol Package for Voice Quality Protocol for the Exchange of IP Traffic
Reporting Event", Flow Information",
draft-ietf-sipping-rtcp-summary-02 draft-ietf-ipfix-protocol-26 (work in
(work in progress), May 2007. progress), September 2007.
[I-D.ietf-syslog-protocol] Gerhards, R., "The syslog Protocol", [I-D.ietf-syslog-protocol] Gerhards, R., "The syslog Protocol",
draft-ietf-syslog-protocol-23 (work draft-ietf-syslog-protocol-23 (work in
in progress), September 2007. progress), September 2007.
[RFC1052] Cerf, V., "IAB recommendations for [RFC1052] Cerf, V., "IAB recommendations for the
the development of Internet network development of Internet network
management standards", RFC 1052, management standards", RFC 1052,
April 1988. April 1988.
[RFC2119] Bradner, S., "Key words for use in [RFC2119] Bradner, S., "Key words for use in RFCs
RFCs to Indicate Requirement to Indicate Requirement Levels", BCP 14,
Levels", BCP 14, RFC 2119, RFC 2119, March 1997.
March 1997.
[RFC2578] McCloghrie, K., Ed., Perkins, D.,
Ed., and J. Schoenwaelder, Ed.,
"Structure of Management Information
Version 2 (SMIv2)", STD 58,
RFC 2578, April 1999.
[RFC2613] Waterman, R., Lahaye, B., Romascanu,
D., and S. Waldbusser, "Remote
Network Monitoring MIB Extensions
for Switched Networks Version 1.0",
RFC 2613, June 1999.
[RFC2819] Waldbusser, S., "Remote Network [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed.,
Monitoring Management Information and J. Schoenwaelder, Ed., "Structure of
Base", STD 59, RFC 2819, May 2000. Management Information Version 2
(SMIv2)", STD 58, RFC 2578, April 1999.
[RFC2863] McCloghrie, K. and F. Kastenholz, [RFC2863] McCloghrie, K. and F. Kastenholz, "The
"The Interfaces Group MIB", Interfaces Group MIB", RFC 2863,
RFC 2863, June 2000. June 2000.
[RFC2865] Rigney, C., Willens, S., Rubens, A., [RFC2865] Rigney, C., Willens, S., Rubens, A., and
and W. Simpson, "Remote W. Simpson, "Remote Authentication Dial
Authentication Dial In User Service In User Service (RADIUS)", RFC 2865,
(RADIUS)", RFC 2865, June 2000. June 2000.
[RFC2975] Aboba, B., Arkko, J., and D. [RFC2975] Aboba, B., Arkko, J., and D. Harrington,
Harrington, "Introduction to "Introduction to Accounting Management",
Accounting Management", RFC 2975, RFC 2975, October 2000.
October 2000.
[RFC3060] Moore, B., Ellesson, E., Strassner, [RFC3060] Moore, B., Ellesson, E., Strassner, J.,
J., and A. Westerinen, "Policy Core and A. Westerinen, "Policy Core
Information Model -- Version 1 Information Model -- Version 1
Specification", RFC 3060, Specification", RFC 3060, February 2001.
February 2001.
[RFC3084] Chan, K., Seligson, J., Durham, D., [RFC3084] Chan, K., Seligson, J., Durham, D., Gai,
Gai, S., McCloghrie, K., Herzog, S., S., McCloghrie, K., Herzog, S.,
Reichmeyer, F., Yavatkar, R., and A. Reichmeyer, F., Yavatkar, R., and A.
Smith, "COPS Usage for Policy Smith, "COPS Usage for Policy
Provisioning (COPS-PR)", RFC 3084, Provisioning (COPS-PR)", RFC 3084,
March 2001. March 2001.
[RFC3139] Sanchez, L., McCloghrie, K., and J. [RFC3139] Sanchez, L., McCloghrie, K., and J.
Saperia, "Requirements for Saperia, "Requirements for Configuration
Configuration Management of IP-based Management of IP-based Networks",
Networks", RFC 3139, June 2001. RFC 3139, June 2001.
[RFC3159] McCloghrie, K., Fine, M., Seligson, [RFC3159] McCloghrie, K., Fine, M., Seligson, J.,
J., Chan, K., Hahn, S., Sahita, R., Chan, K., Hahn, S., Sahita, R., Smith,
Smith, A., and F. Reichmeyer, A., and F. Reichmeyer, "Structure of
"Structure of Policy Provisioning Policy Provisioning Information (SPPI)",
Information (SPPI)", RFC 3159, RFC 3159, August 2001.
August 2001.
[RFC3165] Levi, D. and J. Schoenwaelder, [RFC3165] Levi, D. and J. Schoenwaelder,
"Definitions of Managed Objects for "Definitions of Managed Objects for the
the Delegation of Management Delegation of Management Scripts",
Scripts", RFC 3165, August 2001. RFC 3165, August 2001.
[RFC3290] Bernet, Y., Blake, S., Grossman, D., [RFC3290] Bernet, Y., Blake, S., Grossman, D., and
and A. Smith, "An Informal A. Smith, "An Informal Management Model
Management Model for Diffserv for Diffserv Routers", RFC 3290,
Routers", RFC 3290, May 2002. May 2002.
[RFC3317] Chan, K., Sahita, R., Hahn, S., and [RFC3317] Chan, K., Sahita, R., Hahn, S., and K.
K. McCloghrie, "Differentiated McCloghrie, "Differentiated Services
Services Quality of Service Policy Quality of Service Policy Information
Information Base", RFC 3317, Base", RFC 3317, March 2003.
March 2003.
[RFC3410] Case, J., Mundy, R., Partain, D., [RFC3410] Case, J., Mundy, R., Partain, D., and B.
and B. Stewart, "Introduction and Stewart, "Introduction and Applicability
Applicability Statements for Statements for Internet-Standard
Internet-Standard Management Management Framework", RFC 3410,
Framework", RFC 3410, December 2002. December 2002.
[RFC3413] Levi, D., Meyer, P., and B. Stewart, [RFC3413] Levi, D., Meyer, P., and B. Stewart,
"Simple Network Management Protocol "Simple Network Management Protocol
(SNMP) Applications", STD 62, (SNMP) Applications", STD 62, RFC 3413,
RFC 3413, December 2002. December 2002.
[RFC3418] Presuhn, R., "Management Information [RFC3418] Presuhn, R., "Management Information Base
Base (MIB) for the Simple Network (MIB) for the Simple Network Management
Management Protocol (SNMP)", STD 62, Protocol (SNMP)", STD 62, RFC 3418,
RFC 3418, December 2002. December 2002.
[RFC3444] Pras, A. and J. Schoenwaelder, "On [RFC3444] Pras, A. and J. Schoenwaelder, "On the
the Difference between Information Difference between Information Models and
Models and Data Models", RFC 3444, Data Models", RFC 3444, January 2003.
January 2003.
[RFC3460] Moore, B., "Policy Core Information [RFC3460] Moore, B., "Policy Core Information Model
Model (PCIM) Extensions", RFC 3460, (PCIM) Extensions", RFC 3460,
January 2003. January 2003.
[RFC3535] Schoenwaelder, J., "Overview of the [RFC3535] Schoenwaelder, J., "Overview of the 2002
2002 IAB Network Management IAB Network Management Workshop",
Workshop", RFC 3535, May 2003. RFC 3535, May 2003.
[RFC3585] Jason, J., Rafalow, L., and E. [RFC3585] Jason, J., Rafalow, L., and E. Vyncke,
Vyncke, "IPsec Configuration Policy "IPsec Configuration Policy Information
Information Model", RFC 3585, Model", RFC 3585, August 2003.
August 2003.
[RFC3588] Calhoun, P., Loughney, J., Guttman, [RFC3588] Calhoun, P., Loughney, J., Guttman, E.,
E., Zorn, G., and J. Arkko, Zorn, G., and J. Arkko, "Diameter Base
"Diameter Base Protocol", RFC 3588, Protocol", RFC 3588, September 2003.
September 2003.
[RFC3644] Snir, Y., Ramberg, Y., Strassner, [RFC3644] Snir, Y., Ramberg, Y., Strassner, J.,
J., Cohen, R., and B. Moore, "Policy Cohen, R., and B. Moore, "Policy Quality
Quality of Service (QoS) Information of Service (QoS) Information Model",
Model", RFC 3644, November 2003. RFC 3644, November 2003.
[RFC3670] Moore, B., Durham, D., Strassner, [RFC3670] Moore, B., Durham, D., Strassner, J.,
J., Westerinen, A., and W. Weiss, Westerinen, A., and W. Weiss,
"Information Model for Describing "Information Model for Describing Network
Network Device QoS Datapath Device QoS Datapath Mechanisms",
Mechanisms", RFC 3670, January 2004. RFC 3670, January 2004.
[RFC3805] Bergman, R., Lewis, H., and I. [RFC3805] Bergman, R., Lewis, H., and I. McDonald,
McDonald, "Printer MIB v2", "Printer MIB v2", RFC 3805, June 2004.
RFC 3805, June 2004.
[RFC4011] Waldbusser, S., Saperia, J., and T. [RFC4011] Waldbusser, S., Saperia, J., and T.
Hongal, "Policy Based Management MIB",
RFC 4011, March 2005.
Hongal, "Policy Based Management [RFC4133] Bierman, A. and K. McCloghrie, "Entity
MIB", RFC 4011, March 2005. MIB (Version 3)", RFC 4133, August 2005.
[RFC4133] Bierman, A. and K. McCloghrie,
"Entity MIB (Version 3)", RFC 4133,
August 2005.
[RFC4502] Waldbusser, S., "Remote Network [RFC4502] Waldbusser, S., "Remote Network
Monitoring Management Information Monitoring Management Information Base
Base Version 2", RFC 4502, May 2006. Version 2", RFC 4502, May 2006.
[RFC4668] Nelson, D., "RADIUS Authentication [RFC4668] Nelson, D., "RADIUS Authentication Client
Client MIB for IPv6", RFC 4668, MIB for IPv6", RFC 4668, August 2006.
August 2006.
[RFC4669] Nelson, D., "RADIUS Authentication [RFC4669] Nelson, D., "RADIUS Authentication Server
Server MIB for IPv6", RFC 4669, MIB for IPv6", RFC 4669, August 2006.
August 2006.
[RFC4710] Siddiqui, A., Romascanu, D., and E. [RFC4710] Siddiqui, A., Romascanu, D., and E.
Golovinsky, "Real-time Application Golovinsky, "Real-time Application
Quality-of-Service Monitoring Quality-of-Service Monitoring (RAQMON)
(RAQMON) Framework", RFC 4710, Framework", RFC 4710, October 2006.
October 2006.
[RFC4741] Enns, R., "NETCONF Configuration [RFC4741] Enns, R., "NETCONF Configuration
Protocol", RFC 4741, December 2006. Protocol", RFC 4741, December 2006.
[RFC4825] Rosenberg, J., "The Extensible [RFC4825] Rosenberg, J., "The Extensible Markup
Markup Language (XML) Configuration Language (XML) Configuration Access
Access Protocol (XCAP)", RFC 4825, Protocol (XCAP)", RFC 4825, May 2007.
May 2007.
[RFC4930] Hollenbeck, S., "Extensible [RFC4930] Hollenbeck, S., "Extensible Provisioning
Provisioning Protocol (EPP)", Protocol (EPP)", RFC 4930, May 2007.
RFC 4930, May 2007.
Appendix A. Operations and Management Checklist Appendix A. Operations and Management Checklist
This appendix provides a quick summary of issues to consider. This appendix provides a quick summary of issues to consider.
are configuration parameters clearly identified? are configuration parameters clearly identified?
are configuration parameters normalized? are configuration parameters normalized?
does each configuration parameter have a reasonable default value? does each configuration parameter have a reasonable default value?
skipping to change at page 35, line 4 skipping to change at page 25, line 19
Appendix A. Operations and Management Checklist Appendix A. Operations and Management Checklist
This appendix provides a quick summary of issues to consider. This appendix provides a quick summary of issues to consider.
are configuration parameters clearly identified? are configuration parameters clearly identified?
are configuration parameters normalized? are configuration parameters normalized?
does each configuration parameter have a reasonable default value? does each configuration parameter have a reasonable default value?
is protocol state information exposed to the user? How? is protocol state information exposed to the user? How?
is protocol performance information exposed to the user? How? is protocol performance information exposed to the user? How?
are significant state transitions logged? are significant state transitions logged?
Appendix B. Additional Data Models on the Standards Track Appendix B. Open Issues
The IETF SYSLOG protocol [I-D.ietf-syslog-protocol] is a Proposed
Standard that includes a mechanism for defining structured data
elements (SDEs). The SYSLOG protocol document defines an initial set
of SDEs that relate to content time quality, content origin, and
meta-information about the message, such as language. Proprietary
SDEs can be used to supplement the IETF-defined SDEs.
SIP Package for Voice Quality Reporting
[I-D.ietf-sipping-rtcp-summary] defines a SIP event package that
enables the collection and reporting of metrics that measure the
quality for Voice over Internet Protocol (VoIP) sessions.
DISMAN-EVENT-MIB in RFC 2981 and DISMAN-EXPRESSION-MIB in RFC 2982
provide a superset of the capabilities of the RMON alarm and event
groups. These modules provide mechanisms for thresholding and
reporting anomalous events to management applications.
RAQMON [RFC4710] describes Real-Time Application Quality of Service
Monitoring.
The IPPM WG has defined metrics for accurately measuring and
reporting the quality, performance, and reliability of Internet data
delivery services. The metrics include connectivity, one-way delay
and loss, round-trip delay and loss, delay variation, loss patterns,
packet reordering, bulk transport capacity, and link bandwidth
capacity. [TODO: detail the RFCs - 4737, 3393, 2681, 2680, 2679,
2678
The IPFIX protocol [I-D.ietf-ipfix-protocol] can collect information
related to IP flows, and existing Information Elements (IEs) may be
appropriate to report flows of the new protocol. New IPFIX
Information Elements might be useful for collecting flow information
useful only in consideration of the new protocol. As of this
writing, no IEs have reached Proposed Standard status yet, but a base
set of IEs has been submitted to IESG for advancement. These include
IEs for Identifying the scope of reporting, Metering and Export
Process configuration, IP and Transport and Sub-IP header fields,
Packet and Flow properties, timestamps, and counters.
RFC3159 discusses the Proposed Standard Structure of Policy
Provisioning Information (SPPI), an extension to the SMI standard for
purposes of policy-based provisioning, for use with the COPS-PR
protocol defined in RFC3084. Informational RFC3317 defines a
DiffServ QoS PIB, and Informational RFC3571 defines policy classes
for monitoring and reporting policy usage feedback, as well as policy
classes for controlling reporting intervals, suspension, resumption
and solicitation. At the time of this writing, there are no
standards-track PIBs During the IAB Workshop on Network Management,
the workshop had rough consensus from the protocol developers that
the IETF should not spend resources on SPPI PIB definitions, and the
operators had rough consensus that they do not care about SPPI PIBs.
Proposed Standard RFC4011 [RFC4011] defines objects that enable
policy-based monitoring and management of SNMP infrastructures, a
scripting language, and a script execution environment.
DIAMETER [RFC3588] accounting might be collected for services, and
working groups might document some of the RADIUS/DIAMETER attributes
that could be used. [TODO: what data models?]
RADIUS Authentication Client MIB [RFC4668] and RADIUS Authentication
Server MIB [RFC4669] allow the gathering of accounting data.
Proposed Standard RFC4133 [RFC4133] the Entity MIB is used for
managing multiple logical and physical entities managed by a single
SNMP agent. This module provides a useful mechanism for identifying
the entities comprising a system. There are also event notifications
defined for configuration changes that may be useful to management
applications.
RFC3159 [RFC3159] discusses the Structure of Policy Provisioning [TODO: need to verify all citations have references (in xref
Information, an extension to the SMI standard for purposes of policy- format)]
based provisioning, for use with the COPS-PR protocol defined in
RFC3084 [RFC3084]. RFC3317 [RFC3317] defines a DiffServ QoS PIB. At
the time of this writing, there are no standards-track PIBs. During
the IAB Workshop on Network Management, the workshop had rough
consensus from the protocol developers that the IETF should not spend
resources on SPPI PIB definitions, and the operators had rough
consensus that they do not care about SPPI PIBs.
The ALARM MIB in RFC 3877 and the Alarm Reporting Control MIB in RFC [TODO: need to remove references that are not used in the
3878 specify mechanisms for expressing state transition models for guidelines]
persistent problem states. There is also a mechanism specified to
correlate a notification with subsequent state transition
notifications about the same entity/object.
Other MIB modules that may be applied to Fault Management include: Identify bullets for appendix checklist
NOTIFICATION-LOG-MIB in RFC 3014 Is section 2 needed?
ENTITY-STATE-MIB in RFC 4268 Need more reviews and suggested text, especially on operational
considerations
ENTITY-SENSOR-MIB in RFC 4268 [DISCUSS: How much of RFC 3535 and RFC 3139 should be repeated
(and updated) in these guidelines? There are many best current
practices mentioned in those documents. Should we bring them
together into this document and expand on how they should
influence ops/mgmt considerations for a new protocol? Many of the
points relate to NM protocol design, but there are also many
points about operational and management considerations.]
Appendix C. Open Issues Appendix C. Change Log
[TODO: need to verify all citations have references (in xref Changes from opsawg-01 to opsawg-02
format)]
Organize data models by layer? both section 6 and appendix. moved survey of protocols and data models to separate document
start to identify bullets for appendix checklist changed "working group" to "protocol designer" throughout, as
applicable.
Is section 2 needed? modified wording from negative to positive spin in places.
Appendix D. Change Log updated based on comments from Ralf Wolter and David Kessens
Changes from opsawg-00 to opsawg-01 Changes from opsawg-00 to opsawg-01
moved Proposed Standard data models to appendix moved Proposed Standard data models to appendix
moved advice out of data model survey and into considerations moved advice out of data model survey and into considerations
section section
addressed comments from Adrian and Dan addressed comments from Adrian and Dan
 End of changes. 127 change blocks. 
926 lines changed or deleted 417 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/