Network Working Group                                      D. Harrington
Internet-Draft                                   Huawei Technologies USA
Intended status: Best Current                          November 14,                          December 17, 2007
Practice
Expires: May 17, June 19, 2008

 Guidelines for Considering Operations and Management of New Protocols
             draft-ietf-opsawg-operations-and-management-01
             draft-ietf-opsawg-operations-and-management-02

Status of This Memo

   By submitting this Internet-Draft, each author represents that any
   applicable patent or other IPR claims of which he or she is aware
   have been or will be disclosed, and any of which he or she becomes
   aware will be disclosed, in accordance with Section 6 of BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

   This Internet-Draft will expire on May 17, June 19, 2008.

Copyright Notice

   Copyright (C) The IETF Trust (2007).

Abstract

   New protocols or protocol extensions are best designed with due
   consideration of operations and management issues related functionality needed to operate and manage the
   protocol.  Retrofitting operations and management recommendations to
   protocols is sub-optimal.
   The purpose of this document is to provide guidance to authors and
   reviewers of documents defining new protocols or protocol extensions,
   covering aspects of operations and management that should be
   considered.

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  4  3
     1.1.  Terminology  . . . . . . . . . . . . . . . . . . . . . . .  5  3
   2.  Design for Operations and Management . . . . . . . . . . . . .  5  4
     2.1.  IETF Management Framework  . . . . . . . . . . . . . . . .  5  4
   3.  Operational Considerations . . . . . . . . . . . . . . . . . .  6  5
     3.1.  Operations Model . . . . . . . . . . . . . . . . . . . . .  7  6
     3.2.  Installation and Initial Setup . . . . . . . . . . . . . .  8  7
     3.3.  Migration Path . . . . . . . . . . . . . . . . . . . . . .  8  7
     3.4.  Requirements on Other Protocols and Functional
           Components . . . . . . . . . . . . . . . . . . . . . . . .  8  7
     3.5.  Impact on Network Operation  . . . . . . . . . . . . . . .  8
     3.6.  Verifying Correct Operation  . . . . . . . . . . . . . . .  9
   4.  Management Considerations  . . . . . . . . . . . . . . . . . .  9
     4.1.  Interoperability . . . . . . . . . . . . . . . . . . . . . 10
     4.2.  Management Information . . . . . . . . . . . . . . . . . . 12
     4.3.  Fault Management . . . . . . . . . . . . . . . . . . . . . 13
       4.3.1.  Liveness Detection and Monitoring  . . . . . . . . . . 13
       4.3.2.  Fault Determination  . . . . . . . . . . . . . . . . . 14
       4.3.3.  Fault Isolation  . . . . . . . . . . . . . . . . . . . 14
       4.3.4.  Corrective Action  . . . . . . . . . . . . . . . . . . 14
     4.4.  Configuration Management . . . . . . . . . . . . . . . . . 14
       4.4.1.  Verifying Correct Operation  . . . . . . . . . . . . . 16
       4.4.2.  Control of Function and Policy . . . . . . . . . . . . 16
     4.5.  Accounting Management  . . . . . . . . . . . . . . . . . . 16
     4.6.  Performance Management . . . . . . . . . . . . . . . . . . 16 17
     4.7.  Security Management  . . . . . . . . . . . . . . . . . . . 18
   5.  Existing Protocols . . .  Documentation Guidelines . . . . . . . . . . . . . . . . . . . 19 20
     5.1.  SNMP . . . . . . . . . .  Recommended Discussions  . . . . . . . . . . . . . . . . . 20
     5.2.  SYSLOG . . . . . . . . . . . . . . . . . .  Null Manageability Considerations Sections . . . . . . . . 21 20
     5.3.  IPFIX  . . . . . . . . . . . . . . . . . . . . . . . . . . 22
     5.4.  PSAMP  . . . . . . . . . . . . . . . . . . . . . . . . . . 22
     5.5.  NETCONF  . . . . . . . . . . . . . . . . . . . . . . . . . 22
     5.6.  COPS-PR  . . . . . . . . . . . . . . . . . . . . . . . . . 23
     5.7.  RADIUS . .  Placement of Operations and Manageability
           Considerations Sections  . . . . . . . . . . . . . . . . . 21
   6.  IANA Considerations  . . . . . . . 23
     5.8.  Diameter . . . . . . . . . . . . . . 21
   7.  Security Considerations  . . . . . . . . . . . 24
     5.9.  EPP . . . . . . . . 21
   8.  Acknowledgements . . . . . . . . . . . . . . . . . . . 24
     5.10. VCCV . . . . 21
   9.  Informative References . . . . . . . . . . . . . . . . . . . . 21
   Appendix A.  Operations and Management Checklist . . . 24
     5.11. XCAP . . . . . . 25
   Appendix B.  Open Issues . . . . . . . . . . . . . . . . . . . . . 25
     5.12. Other Protocols  . . . . . . . . . . . . . . . .
   Appendix C.  Change Log  . . . . . 25
   6.  Existing IETF Data Models . . . . . . . . . . . . . . . . . . 25
     6.1.  Fault Management . . . . . . . . . . . . . . . . . . . . . 26
     6.2.  Configuration Management . . . . . . . . . . . . . . . . . 26
     6.3.  Accounting Management  . . . . . . . . . . . . . . . . . . 27
     6.4.  Performance Management . . . . . . . . . . . . . . . . . . 27
     6.5.  Security Management  . . . . . . . . . . . . . . . . . . . 28
   7.  Documentation Guidelines . . . . . . . . . . . . . . . . . . . 29
     7.1.  Recommended Discussions  . . . . . . . . . . . . . . . . . 29
     7.2.  Null Manageability Considerations Sections . . . . . . . . 29
     7.3.  Placement of Operations and Manageability
           Considerations Sections  . . . . . . . . . . . . . . . . . 30
   8.  IANA Considerations  . . . . . . . . . . . . . . . . . . . . . 30
   9.  Security Considerations  . . . . . . . . . . . . . . . . . . . 30
   10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 30
   11. Informative References . . . . . . . . . . . . . . . . . . . . 30
   Appendix A.  Operations and Management Checklist . . . . . . . . . 34
   Appendix B.  Additional Data Models on the Standards Track . . . . 35
   Appendix C.  Open Issues . . . . . . . . . . . . . . . . . . . . . 37
   Appendix D.  Change Log  . . . . . . . . . . . . . . . . . . . . . 37

1.  Introduction

   Often when new protocols or protocol extensions are developed, not
   enough consideration is given to how the protocol will be deployed,
   operated and managed.  Retrofitting operations and management
   mechanisms is often hard and architecturally unpleasant, and certain
   protocol design choices may make deployment, operations, and
   management particularly hard.  Since operations and management issues
   may impact the success of IETF protocols, this document provides
   guidelines to help protocol designers and working groups consider the
   operations and management issues of their new IETF protocol or
   protocol extension at an earlier phase.

   This document recommends working groups consider operations and
   management needs, and then select appropriate standard management
   protocols and data models to address the relevant operations and
   management needs, just as the WG might consider which security
   threats are relevant to their protocol, and then select appropriate
   standard security protocols to mitigate the relevant threats.

   This document is organized to support such a progressive approach.
   Section 2 discusses the importance of considering operations and
   management.  Section 3 discusses operational issues to consider.
   Section 4 discusses management issues to consider.  Section 5
   discusses IETF standards-track management protocols and their uses.
   Section 6 discusses specific data models, such as MIB modules, that
   have been designed to address specific sets of issues.

   This document sets forth a list of subjective guidelines and a list
   of objective criteria by which a protocol designer can evaluate
   whether the protocol that he/she has developed addresses common
   operations and management needs.  Operations and management is highly
   dependent on the environment in which it is used, so most guidelines
   are subjective rather than objective.  We provide objective criteria
   to promote interoperability through the use of standard management
   interfaces, such as "did you design counters in a MIB module for
   monitoring packets in/out of an interface?", "did you write an XML-
   based data model for configuring your protocol with Netconf?", and
   "did you standardize syslog message content and structured data
   elements for reporting events that might occur when operating your
   protocol?"

   A balance is needed between ensuring operations and management have
   been considered, and getting a protocol specification published in a
   timely fashion.  IETF standards-track protocol documents should
   contain enough information to understand how the protocol will be
   deployed and managed.  It should be expected that initial
   considerations for operations and management may need to be updated
   in the future, after further operational experience has been gained.
   This document only provides guidelines; the (ever-changing membership
   of the) IESG can make a decision about how the guidelines should be
   used by the IETF over time.

1.1.  Terminology

   This document deliberately does not use the (capitalized) key words
   described in RFC 2119 [RFC2119].  RFC 2119 states the keywords must
   only be used where it is actually required for interoperation or to
   limit behavior which has potential for causing harm (e.g., limiting
   retransmissions).  For example, they must not be used to try to
   impose a particular method on implementers where the method is not
   required for interoperability.  This document is a set of guidelines
   based on current practices of protocol designers and operators.  This
   document does not describe requirements, so the key words from
   RFC2119 have no place here.

   o  "new protocol" includes new protocols, protocol extensions, data
      models, or other functionality being designed.

   o  "working group" represents individuals and working groups involved
      in the development of new protocols.

   o  [DISCUSS] markers indicate a lack of consensus on what should be
      written.

   o  [TODO] markers indicate the editor has a reasonable understanding
      of what needs to be (re-)written.  Contributions of text would be
      welcome.

   o  Note to RFC Editor - All [DISCUSS] or [TODO] marks should be
      resolved before RFC publication.  If any still exist, including in
      the Terminology section, then please return the document to the
      editor for resolution.

2.  Design for Operations and Management

   "Design for operations and management" means that the operational
   environment and manageability of the protocol should be considered
   from the start when new protocols are designed.

2.1.  IETF Management Framework

   For years the IETF has stressed the use of the IETF Standard
   Management Framework and SMI MIB modules [RFC2578] for managing new
   protocols.  The IETF designed the Standard Management Framework and
   SMI MIB modules to permit multiple protocols to utilize the MIB data
   [RFC1052], but it became a common misunderstanding that a MIB module
   could only be used with the SNMP protocol (described in [RFC3410] and
   associated documents).

   In 2001, OPS Area design teams were created to document issues and
   requirements related to configuration of IP-based networks.  One
   output was "Requirements for Configuration Management of IP-based
   Networks" [RFC3139].  The COPS-PR protocol was developed to address
   configuration.

   In 2003, the Internet Architecture Board (IAB) held a workshop on
   Network Management [RFC3535] that discussed the strengths and
   weaknesses of some IETF network management protocols, and compared
   them to operational needs, especially configuration.

   One issue raised was the user-unfriendliness of the binary format of
   SNMP and COPS-PR, so it was recommended that the IETF explore and
   XML-based Structure of Management Information, and an XML-based
   protocol for configuration.

   Another issue was that deployed tools for event/alarm correlation,
   root cause analysis and logging are not sufficient, and there is a
   need to support a human interface and a programmatic interface.  The
   IETF decided to standardize aspects of the defacto standard for
   system logging, especially security and the need for better
   programmatic support.

   In 2006, the IETF discussed how the Management Framework should be
   updated to accommodate multiple IETF standard SMI languages, and
   multiple IETF standard protocols for doing network management.

   This document provides some initial guidelines for considering
   operations and management in this environment of multiple protocols
   and multiple data models, with an eye toward being flexible while
   also striving for interoperability.

3.  Operational Considerations

   When a new protocol is deployed in a network, it may affect the
   network negatively.  A working group should consider deployment of a
   new protocol or protocol extension in a network, impact on the
   network operations, traffic levels and operation of other protocols
   or previous versions of the protocol, how the new protocol will be
   operated, and how its presence might affect the existing deployment.

   Operations and manageability considerations should focus on
   interoperability of externally observable behaviors.

3.1.  Operations Model

   Protocol designers can analyze the operational environment and mode
   of work in which the new protocol or extension will work.  Such an
   exercise needs not be reflected directly by text in their document,
   but could help in visualizing the operational model related to the
   applicability of the protocol in the Internet environments where it
   will be deployed.  The operational model should take into account
   issues like:

   o  what type of management entities will be involved (agents, network
      management systems)?

   o  what is the possible architecture (client-server, manager-agent,
      polling-driven or event-driven, autoconfiguration, two levels or
      hierarchical)?

   o  what are the basic management operations - initial configuration,
      dynamic configuration, alarms and exceptions reporting, logging,
      performance monitoring, performance reporting?

   o  how are these operations performed - locally, remotely, atomic
      operation, scripts?

   o  what are the typical user interfaces - Command line (CLI) or
      graphical user interface (GUI)?

   Working groups should consider how the new protocol will be managed
   in different deployment scales.  It might be sensible to use a local
   management interface to manage the new protocol on a single device,
   but in a large network, remote management using a centralized server
   and/or using distributed management functionality might make more
   sense.  Auto-configuration might be possible for some new protocols.

   There may be a need to support a human interface, e.g., for
   troubleshooting, and a programmatic interface, e.g., for automated
   monitoring and root cause analysis.  It might be important that the
   internal method routines for both interfaces should be the same to
   ensure that data exchanged between these two interfaces is always
   consistent.

   Working groups should consider what management operations are
   expected to be performed as a result of the deployment of the
   protocol - such as whether write operations will be allowed on
   routers and on hosts, or if notifications for alarms or other events
   will be expected.

3.2.  Installation and Initial Setup

   Working groups should consider default values that make protocol
   sense, to simplify configuration, including default modes and
   parameters.  For example, it could be helpful or necessary to specify
   default values for modes, timers, default state of logical control
   variables, default transports, and so on.  Even if default values are
   used, it must be possible to retrieve all the actual values or at
   least an indication that known default values are being used.

   Working groups should consider how to enable operators to concentrate
   on the configuration of the network as a whole rather than individual
   devices.

3.3.  Migration Path

   If the new protocol is a new version of the protocol, or is replacing
   another technology, the working group should consider how deployments
   should transition to the new protocol.  This should include co-
   existence with previously deployed protocols and/or previous versions
   of the same protocol, incompatibilities between versions, translation
   between versions, and side effects that might occur.  Are older
   protocols or versions disabled or do they co-exist in the network
   with the new protocol?

   Another point to consider is extensibility of the management approach
   - How open to future protocol extensions are the management
   techniques you are defining?

3.4.  Requirements on Other Protocols and Functional Components

   Working groups should consider the requirements that the new protocol
   might put on other protocols and functional components, and should
   also document the requirements from other protocols that have been
   considered in designing the new protocol.

   These considerations should generally remain illustrative to avoid
   creating restrictions or dependencies, or potentially impacting the
   behavior of existing protocols, or restricting the extensibility of
   other protocols, or assuming other protocols will not be extended in
   certain ways.

3.5.  Impact on Network Operation

   The introduction of a new protocol or extensions to an existing
   protocol may have an impact on the operation of existing networks.
   Protocol designers should outline such impacts (which may be
   positive) including scaling concerns and interactions with other
   protocols.  For example, a new protocol that doubles the number of
   active, reachable addresses in use within a network might need to be
   considered in the light of the impact on the scalability of the IGPs
   operating within the network.

   The working group should consider the potential impact on the
   behavior of other protocols in the network and on the traffic levels
   and traffic patterns that might change, including specific types of
   traffic such as multicast.  Also consider the need to install new
   components that are added to the network as result of the changes in
   the operational model, such as servers performing auto-configuration
   operations.

   The working group should consider also the impact on applications and
   registries, for example DNS entries, or the size of routing tables.

   The impact on performance may also be noted - increased delay or
   jitter in real-time traffic applications, or response time in client-
   server applications when encryption or filtering are applied.

   It is important to minimize the impact caused by configuration
   changes.  Given configuration A and configuration B, it should be
   possible to generate the operations necessary to get from A to B with
   minimal state changes and effects on network and systems.

3.6.  Verifying Correct Operation

   The working group should consider techniques for testing the effect
   that the protocol has had on the network by sending data through the
   network and observing its behavior.  Working groups should consider
   how the correct end-to-end operation of the new protocol in the
   network can be tested, and how the correct data or forwarding plane
   function of each network element can be verified to be working
   properly with the new protocol.

   It must be easy to do consistency checks of configurations over time
   and between the ends of a link in order to determine the changes
   between two configurations and whether those configurations are
   consistent.

4.  Management Considerations

   The considerations of manageability should start from describing the
   operational model, which includes identifying the entities to be
   managed, how the respective protocol is supposed to be installed,
   configured and monitored, who are the managers and what type of
   management interfaces and protocols they would use.

   Considerations for management should include a discussion of what
   needs to be managed.  This document, for better or worse, talks
   mainly about management of a protocol endpoint on a single device.
   It doesn't talk about managing the *protocol* (it manages one end at
   a time), and doesn't even come near managing the *service* (which
   includes a lot of stuff that's very far away from the box).  In a
   client/server protocol, it may be more important to instrument the
   server end of a protocol than the client end.

   One issue that the IETF has always struggled with (and for which we
   still have no good guidance) is the problem of how to configure
   multiple related/co-operating devices and how to back off if one of
   those configurations fails or causes trouble.  NETCONF addresses this
   somewhat by allowing an operator to lock the configuration on
   multiple devices, perform the configuration settings/changes, check
   that they are OK (undo if not) and then unlock the devices.

   Protocol debugging is not part (and should not be part) of the
   Network Management tools/hooks in a system.  Debugging is an
   implementation-dependent issue, not a protocol standardization issue.

4.1.  Interoperability

   Just as when deploying protocols that will inter-connect devices, our
   primary goal in considering management should be interoperability,
   whether across devices from different vendors, across models from the
   same vendor, or across different releases of the same product.

   Some product designers and protocol designers assume that if a device
   can be managed individually using a command line interface or a web
   page interface, that such a solution is enough.  But when equipment
   from multiple vendors is combined into a large network, scalability
   of management becomes a problem.  It is important to have consistency
   in the management interfaces so network-wide operational processes
   can be automated.

   Getting everybody to agree on a certain syntax and the protocol
   associated with that has proven to be difficult.  So management
   systems tend to speak whatever the boxes support, whether the IETF
   likes this or not.  The IETF is moving from support for a single
   management data modeling language and a single management protocol
   towards support for multiple management protocols and multiple data
   models suited to different purposes, such as logging (syslog),
   configuration (netconf), and usage accounting (ipfix).  Other
   Standard Development Organizations (e.g.  DMTF, TMF) also define
   management mechanisms and these mechanisms may be more suitable than
   IETF mechanisms in some cases.

   Interoperability needs to be considered on the syntactic level and
   the semantic level.  While it can be irritating and time-consuming,
   application designers including operators who write their own scripts
   can make their processing conditional to accommodate differences
   across vendors or models or releases of product.

   Semantic differences are much harder to deal with on the manager side
   - once you have the data, its meaning is a function of the managed
   entity.  For example, if a single counter provided by vendor A counts
   three types of error conditions, while the corresponding counter
   provided by vendor B counts seven types of error conditions, these
   counters cannot be compared effectively - they are not interoperable
   counters.

   Information models are helpful to try to focus interoperability on
   the semantic level - they establish standards for what information
   should be gathered, and how gathered information might be used
   regardless of which management interface carries the data or which
   vendor produces the product.  The use of an information model might
   help improve the ability of operators to correlate messages in
   different protocols where the data overlaps, such as a SYSLOG message
   and an SNMP notification about the same event.  An information model
   might identify which error conditions should be counted separately,
   and which error conditions can be counted together in a single
   counter.  Then, whether the counter is gathered via SNMP or a CLI
   command or a SYSLOG message, the counter will have similar meaning.

   Protocol designers should consider which information might be useful
   for managing the new protocol or protocol extensions.

                IM                --> conceptual/abstract model
                 |                    for designers and operators
      +----------+---------+
      |          |         |
      DM        DM         DM     --> concrete/detailed model
                                      for implementers

   Information Models and Data Models

                                 Figure 1

   On the Difference between Information Models and Data Models
   [RFC3444] may be useful in determining what information to consider
   regarding information models, as compared to data models.

   Information models should come from the protocol WGs and include
   lists of events, counters and configuration parameters that are
   relevant.  There are a number of information models contained in
   protocol WG RFCs.  Some examples:

   o  [RFC3060] - Policy Core Information Model version 1

   o  [RFC3290] - An Informal Management Model for DiffServ Routers

   o  [RFC3460] - Policy Core Information Model Extensions

   o  [RFC3585] - IPsec Configuration Policy Information Model

   o  [RFC3644] - Policy Quality of Service Information Model

   o  [RFC3670] - Information Model for Describing Network Device QoS
      Datapath Mechanisms

   o  [RFC3805] - Printer MIB v2 (contains both an IM and a DM

   Management protocol standards and management data model standards
   often contain compliance clauses to ensure interoperability.
   Manageability considerations should include discussion of which level
   of compliance is expected to be supported for interoperability.

4.2.  Management Information

   Operators find it important to be able to make a clear distinction
   between configuration data, operational state, and statistics.  They
   need to determine which parameters were administrative configured and
   which parameters have changed since configuration as the result of
   mechanisms such as routing protocols.

   It is important to be able to separately fetch configuration data,
   operational state data, and statistics from devices, and to be able
   to compare current state to initial state, and to compare data
   between devices.

   A management information model should include a discussion of what is
   manageable, which aspects of the protocol need to be configured, what
   types of operations are allowed, what protocol-specific events might
   occur, which events can be counted, and for which events should an
   operator be notified.

   What is typically difficult to work through are relationships between
   abstract objects.  Ideally an information model would describe the
   relationships between the objects and concepts in the information
   model.

   Is there always just one instance of this object or can there be
   multiple instances?  Does this object relate to exactly one other
   object or may it relate to multiple?  When is it possible to change a
   relationship?

   Do objects (such as rows in tables) share fate?  For example, if a
   row in table A must exist before a related row in table B can be
   created, what happens to the row in table B if the related row in
   table A is deleted?  Does the existence of relationships between
   objects have an impact on fate sharing?

4.3.  Fault Management

   The working group should consider how faults information will be
   propagated.  Will it be done using asynchronous notifications or
   polling of health indicators?

   If notifications are used to alert operators to certain conditions,
   then the working group should discuss mechanisms to throttle
   notifications to prevent congestion.  Will there be a hierarchy of
   faults, and will the fault reporting be done by each fault in the
   hierarchy, or will only the lowest fault be reported and the higher
   levels be suppressed? should there be aggregated status indicators
   based on concatenation of propagated faults from a given domain or
   device?

   SNMP notifications and SYSLOG messages can alert an operator when an
   aspect of the new protocol fails or encounters an error condition,
   and SNMP is frequently used as a heartbeat monitor.

4.3.1.  Liveness Detection and Monitoring

   Liveness detection and monitoring applies both to the control plane
   and the data plane.  Mechanisms for detecting faults in the control
   plane or for monitoring its liveness are usually built into the
   control plane protocols or inherited from underlying data plane or
   forwarding plane protocols.  These mechanisms do not typically
   require additional management capabilities.  However, when a system
   detects a control plane fault, there is often a requirement to
   coordinate recovery action through management applications or at
   least to record the fact in an event log.

   Where the protocol is responsible for establishing data or user plane
   connectivity, liveness detection and monitoring usually need to be
   achieved through other mechanisms.  In some cases, these mechanisms
   already exist within other protocols responsible for maintaining
   lower layer connectivity, but it will often be the case that new
   procedures are required to detect failures in the data path and to
   report rapidly, allowing remedial action to be taken.

   Protocol designers should always build in basic testing features
   (e.g.  ICMP echo, UDP/TCP echo service, NULL RPC calls) that can be
   used to test for liveness, with an option to enable and disable them.

4.3.2.  Fault Determination

   It can be helpful to describe how faults can be pinpointed using
   management information.  For example, counters might record instances
   of error conditions.  Some faults might be able to be pinpointed by
   comparing the outputs of one device and the inputs of another device
   looking for anomalies.

4.3.3.  Fault Isolation

   It might be useful to isolate faults, such as a system that emits
   malformed messages necessary to coordinate connections properly.
   Spanning tree comes to mind.  This might be able to be done by
   configuring next-hop devices to drop the faulty messages to prevent
   them from entering the rest of the network.

4.3.4.  Corrective Action

   What sort of corrective action can be taken by an operator for each
   of the fault conditions that are being identified?

   [DISCUSS: this should be expanded or eliminated.

4.4.  Configuration Management

   RFC3139 [RFC3139] discusses requirements for configuration
   management.  This document includes discussion of different levels of
   management, including high-level-policies, network-wide configuration
   data, and device-local configuration.

   A number of efforts have existed in the IETF to develop policy-based
   management.  RFC3198 was written to standardize the terminology for
   policy-based management across these efforts.

   It is highly desirable that text processing tools such as diff, and
   version management tools such as RCS or CVS or SVN, can be used to
   process configurations.  This approach simplifies comparing the
   current operational state to the initial configuration.

   With structured text such as XML, simple text diffs may be found to
   be inadequate and more sophisticated tools may be needed to make any
   useful comparison of versions.

   To simplify such configuration comparisons, devices should not
   arbitrarily reorder data such as access control lists.  If a working
   group defines mechanisms for configuration, it would be desirable to
   standardize the order of elements for consistency of configuration
   and of reporting across vendors, and across releases from vendors.

   Network wide configurations are ideally stored in central master
   databases and transformed into formats that can be pushed to devices,
   either by generating sequences of CLI commands or complete
   configuration files that are pushed to devices.  There is no common
   database schema for network configuration, although the models used
   by various operators are probably very similar.  It is desirable to
   extract, document, and standardize the common parts of these network
   wide configuration database schemas.  A working group should consider
   how to standardize the common parts of configuring the new protocol,
   while recognizing the vendors will likely have proprietary aspects of
   their configurations.

   It is important to distinguish between the distribution of
   configurations and the activation of a certain configuration.
   Devices should be able to hold multiple configurations.  NETCONF
   [RFC4741], for example, differentiates between the "running"
   configuration and "candidate" configurations.

   It is important to enable operators to concentrate on the
   configuration of the network as a whole rather than individual
   devices.  Support for configuration transactions across a number of
   devices would significantly simplify network configuration
   management.  The ability to distribute configurations to multiple
   devices, 26

1.  Introduction

   Often when new protocols or modify "candidate configurations on multiple devices, and
   then activate them in a near-simultaneous manner might help.

   Consensus of the 2002 IAB Workshop was that textual configuration
   files should be able to contain international characters.  Human-
   readable strings should utilize UTF-8, and protocol elements should
   be in case insensitive ASCII.

   A mechanism to dump and restore configurations is a primitive
   operation needed by operators.  Standards for pulling and pushing
   configurations from/to devices are desirable.

   Given configuration A and configuration B, it should be possible to
   generate the operations necessary to get from A to B with minimal
   state changes and effects on network and systems.  It is important to
   minimize the impact caused by configuration changes.

   Many protocol specifications include timers that extensions are used as part of
   operation of the protocol.  These timers may need default values
   suggested in the protocol specification and do developed, not need to be
   otherwise configurable.

4.4.1.  Verifying Correct Operation

   An important function that might be provided
   enough consideration is a tool set for
   verifying the correct operation of a protocol.  This may be achieved
   to some extent through access to information and data models that
   report the status of the protocol and the state installed on network
   devices.  It may also be valuable given to provide techniques for testing
   the effect that how the protocol has had on the network by sending data
   through the network will be deployed,
   operated and observing its behavior.

   Protocol designers should consider how to test managed.  Retrofitting operations and management
   mechanisms is often hard and architecturally unpleasant, and certain
   protocol design choices may make deployment, operations, and
   management particularly hard.  Since the correct end-to-end
   operation ease of the network, operations and how to verify
   management may impact the correct data or
   forwarding plane function of each network element.

4.4.2.  Control success of Function IETF protocols, this document
   provides guidelines to help protocol designers and Policy

   A working group should groups
   consider the configurable items that exist for
   the control of function via the operations and management functionality needed by their
   new IETF protocol elements described in the or protocol specification.  For example, Sometimes the extension at an earlier phase.

   This document suggests protocol requires
   that timers can be configured by the operator to ensure specific
   policy-based behavior by the implementation.

4.5.  Accounting Management

   A working group should designers consider whether it would be appropriate to
   collect usage information related to this protocol, operations and if so, what
   usage information would be
   management needs and then recommend appropriate to collect?

   RFC2975 [RFC2975] Introduction to Accounting Management discusses a
   number of issues that arise when monitoring usage of standard management
   protocols for
   purposes of capacity and trend analysis, cost allocation, auditing, data models to address the relevant operations and billing.
   management needs.  This document also discusses how RADIUS, TACACS+, and
   SNMP protocols are used for these purposes.  These issues should be
   considered when designing is similar to a protocol whose usage might need WG considering which security
   threats are relevant to be
   monitored, or when their protocol, and then recommending a protocol
   appropriate standard security protocols to do usage accounting.
   While this discussion is now dated, many of mitigate the issues remain
   relevant, relevant
   threats.

   This document discusses the importance of considering operations and new protocols might be better
   management.  Section 3 discusses operational functionality to address those issues.

4.6.  Performance Management

   Consider information that would be useful when trying
   consider.  Section 4 discusses management functionality to determine
   the performance characteristics consider.

   This document sets forth a list of subjective guidelines and a deployed system using the target
   protocol.

   What are the principal performance factors that need to be looked at
   when measuring the efficiency list
   of objective criteria by which a protocol designer can evaluate
   whether the protocol implementations?  Is that he/she has developed addresses common
   operations and management needs.  Operations and management is highly
   dependent on the environment in which it
   important is used, so most guidelines
   are subjective rather than objective.  We provide objective criteria
   to measure setup times? throughput? quality versus
   throughput? interruptions? end-to-end throughput? end-to-end quality?
   hop-to-hop throughput?

   Consider scaling issues, promote interoperability through the use of standard management
   interfaces, such as whether performance will be affected
   by the number "did you design counters in a MIB module for
   monitoring packets in/out of an interface?", "did you write an XML-
   based data model for configuring your protocol connections.  If so, then it with Netconf?", and
   "did you standardize syslog message content and structured data
   elements for reporting events that might be
   useful to provide information occur when operating your
   protocol?"

   This document only provides guidelines; the (ever-changing membership
   of the) IESG can make a decision about how the maximum number of table
   entries that guidelines should be expected
   used by the IETF over time.

1.1.  Terminology

   This document deliberately does not use the (capitalized) key words
   described in RFC 2119 [RFC2119].  RFC 2119 states the keywords must
   only be used where it is actually required for interoperation or to
   limit behavior which has potential for causing harm (e.g., limiting
   retransmissions).  For example, they must not be modeled, how many entries an
   implementation can support, used to try to
   impose a particular method on implementers where the method is not
   required for interoperability.  This document is a set of guidelines
   based on current number practices of instances, protocol designers and operators.  This
   document does not describe requirements, so the
   expected behavior when the current instances exceed key words from
   RFC2119 have no place here.

   o  "new protocol" includes new protocols, protocol extensions, data
      models, or other functionality being designed.

   o  "protocol designer" represents individuals and working groups
      involved in the capacity development of
   the implementation.  This should be considered in new protocols.

   o  [DISCUSS] markers indicate a data-modeling
   independent manner - what makes managed-protocol sense, not lack of consensus on what
   makes management-protocol-sense.  If it is not managed-protocol-
   dependent, then it should be left for
      written.

   o  [TODO] markers indicate the management-protocol data
   modelers to decide.

   For example, VLAN identifiers have editor has a range reasonable understanding
      of 1..4095 because what needs to be (re-)written.  Contributions of text would be
      welcome.

   o  Note to RFC Editor - All [DISCUSS] or [TODO] marks should be
      resolved before RFC publication.  If any still exist, including in
      the Terminology section, then please return the
   VLAN standards.

   Consider operational activity, such as document to the number of message in
      editor for resolution.

2.  Design for Operations and Management

   "Design for operations and management" means that the messages out, the number operational
   environment and manageability of received messages rejected due to
   format problems, the expected behaviors protocol should be considered
   from the start when new protocols are designed.

   When a malformed message is
   received.

   Consider the expected behaviors WG considers operation and management functionality for counters - what is a reasonable
   maximum value for expected usage?
   protocol, the document should they stop counting at contain enough information to
   understand how the
   maximum value protocol will be deployed and retain managed, but the maximum value, or WG
   should they rollover?
   How can users determine if a rollover has occurred, expect that considerations for operations and how can users
   determine if more than one rollover has occurred?

   What information should management may
   need to be maintained across reboots updated in the future, after further operational
   experience has been gained.

2.1.  IETF Management Framework

   For years the IETF has stressed the use of the device,
   or restarts IETF Standard
   Management Framework and SMI MIB modules [RFC2578] for managing new
   protocols.  The IETF designed the Standard Management Framework and
   SMI MIB modules to permit multiple protocols to utilize the MIB data
   [RFC1052], but it became a common misunderstanding that a MIB module
   could only be used with the SNMP protocol (described in [RFC3410] and
   associated documents).

   In 2001, OPS Area design teams were created to document requirements
   related to configuration of IP-based networks.  One output was
   "Requirements for Configuration Management of IP-based Networks"
   [RFC3139].

   In 2003, the management system?

   Could events, such as hot-swapping a blade in Internet Architecture Board (IAB) held a chassis, cause
   discontinuities in information?  Does this make any difference in
   evaluating workshop on
   Network Management [RFC3535] that discussed the performance strengths and
   weaknesses of a protocol?

   Consider whether multiple management applications will share a
   counter; if so, then no one some IETF network management application should be allowed protocols, and compared
   them to reset operational needs, especially configuration.

   One factor discussed was the value to zero since this will impact other applications.

   For performance monitoring, user-unfriendliness of the binary format
   of SNMP and COPS-PR, and it was recommended that the IETF explore an
   XML-based Structure of Management Information, and an XML-based
   protocol for configuration.

   Another factor discussed was that deployed tools for event/alarm
   correlation, root cause analysis and logging are not sufficient, and
   there is often important a need to report the time
   spent in support a state rather than the current state.  Snapshots are human interface and a programmatic
   interface.  The IETF decided to standardize aspects of
   less value the defacto
   standard for performance monitoring.

   The Benchmarking Methodology WG (bmwg) has defined recommendations system logging, especially security and the need for
   better programmatic support.

   In 2006, the measurement of IETF discussed whether the performance characteristics of various
   internetworking technologies Management Framework should
   be updated to accommodate multiple IETF standard SMI languages, and
   multiple IETF standard protocols for doing network management.

   This document provides some initial guidelines for considering
   operations and management in a laboratory environment, including
   the systems or services that are built from these technologies.  Each
   recommendation describes the class of equipment, system, or service this environment of multiple protocols
   and multiple data models, with an eye toward being addressed; discuss flexible while
   also striving for interoperability.

3.  Operational Considerations

   Designers of a new protocol should carefully consider the performance characteristics that are
   pertinent to operational
   aspects.  A protocol that class; clearly identify is defined very precisely in a set of metrics well-written
   document doesn't guarantee that aid it is going to be deployable in the description of those characteristics; specify
   real world.  Operational aspects will have a serious impact on the
   methodologies required
   actual success of a protocol.  Such aspects include bad interactions
   with existing solutions, a dififcult ugrade path, difficulty of
   debugging problems, difficulty configuring from a central database,
   or a complicated state diagram that operations staff will find
   difficult to collect said metrics; understand

   [DISCUSS: examples, list of current protocols characteristics and lastly, present
   the requirements for
   their impact on the common, unambiguous reporting network. e.g., burst traffic impact on network
   congestion.]

   Operations and manageability considerations should focus on
   interoperability of
   benchmarking results.

4.7.  Security Management externally observable behaviors.  [TODO: expand
   or eliminate.]

3.1.  Operations Model

   Protocol designers should consider how to monitor and to manage
   security aspects can analyze the operational environment and vulnerabilities mode
   of work in which the new protocol.

   There protocol or extension will work.  Such an
   exercise needs not be security considerations related to the new protocol.
   To make it possible for operators to be aware of security-related
   events, it is recommended that system logs should record events, such
   as failed logins, reflected directly by text in their document,
   but could help in visualizing the logs must be secured.

   Should a system automatically notify operators of every event
   occurrence, or should an operator-defined threshold control when a
   notification is sent to an operator?

   Should certain statistics be collected about operational model related to the operation
   applicability of the new protocol that might in the Internet environments where it
   will be useful for detecting attacks, deployed.  The operational model should take into account
   factors such as the
   receipt as:

   o  what type of malformed messages, management entities will be involved (agents, network
      management systems)?

   o  what is the possible architecture (client-server, manager-agent,
      polling-driven or messages out of order, event-driven, autoconfiguration, two levels or messages
   with invalid timestamps?  If such statistics
      hierarchical)?

   o  what are collected, is it
   important to count them separately for each sender to help identify the source of attacks?

   Manageability considerations that basic management operations - initial configuration,
      dynamic configuration, alarms and exceptions reporting, logging,
      performance monitoring, performance reporting, debugging?

   o  how are these operations performed - locally, remotely, atomic
      operation, scripts?

   o  what are security-oriented might include
   discussion of the security implications when no monitoring is in
   place, the regulatory implications of absence of audit-trail typical user interfaces - Command line (CLI) or logs
   in enterprises, exceeding
      graphical user interface (GUI)?

   Protocol designers should consider how the capacity of logs, and security
   exposures present new protocol will be
   managed in chosen / recommended different deployment scales.  It might be sensible to use
   a local management mechanisms.

   The granularity of access control needed interface to manage the new protocol on a single
   device, but in a large network, remote management interfaces
   needs to match operational needs.  Typical requirements are using a role-
   based access control model centralized
   server and/or using distributed management functionality might make
   more sense.  Auto-configuration and the principle of least privilege,
   where a user can default parameters might be
   possible for some new protocols.

   There may be given only the minimum access necessary a need to
   perform support a required task. human interface, e.g., for
   troubleshooting, and a programmatic interface, e.g., for automated
   monitoring and root cause analysis.  It must might be possible important that the
   internal method routines used by the application programming
   interfaces and the human interfaces should be the same to do consistency checks ensure that
   data exchanged between these two interfaces is always consistent.
   [DISCUSS: would the example of access control lists
   across devices.  Working groups inconsistency between non-resettable
   MIB counters and CLI resettable counters be useful here? ]

   Protocol designers should consider information models to
   promote comparisons across devices and across vendors what management operations are
   expected to permit
   checking be performed as a result of the consistency deployment of security configurations.

   Working groups the
   protocol - such as whether write operations will be allowed on
   routers and on hosts, or if notifications for alarms or other events
   will be expected.

3.2.  Installation and Initial Setup

   Protocol designers should consider how default values that make protocol
   sense, to provide a secure transport,
   authentication, identity, simplify configuration, including default modes and access
   parameters.  For example, it could be helpful or necessary to specify
   default values for modes, timers, default state of logical control which integrates well
   with existing key
   variables, default transports, and credential management infrastructure.

   Working groups so on.  Even if default values are
   used, it must be possible to retrieve all the actual values or at
   least an indication that known default values are being used.

   Protocol designers should consider how ACLs (access control lists) are
   maintained and updated.

   Standard SNMP notifications or SYSLOG messages
   [I-D.ietf-syslog-protocol] might already exist, or can be defined, to
   alert enable operators to
   concentrate on the conditions identified in configuration of the security
   considerations for network as a whole rather
   than individual devices.

   It is also desirable to discuss the new protocol.  [TODO: find existing
   notificiations background of chosen default
   values, or syslog messages related to security]

   An analysis perhaps why a range of existing counters might help operators recognize values makes sense.  In many cases,
   when technology changes, the
   conditions identified values in an RFC might make less and
   less sense (for example due to increased speeds in the security considerations for network).  It
   is very useful to understand whether defaults are based on 'best
   current practice' and are expected to change as technologies advance
   or whether they have a more universal value and should not be changed
   lightly.

3.3.  Migration Path

   If the new protocol before they can impact is a new version of the network.

   RADIUS and DIAMETER can provide authentication and authorization.  A
   working group protocol, or is replacing
   another technology, the protocol designer should consider which attributes would be appropriate
   for their how
   deployments should transition to the new protocol.

   Different  This should
   include co-existence with previously deployed protocols use different assumptions about message security and/or
   previous versions of the same protocol, incompatibilities between
   versions, translation between versions, and data access controls.  A working group side effects that recommends using
   different might
   occur.  Are older protocols should consider how security will be applied in a
   balanced manner across multiple management interfaces.  SNMP access
   control is data-oriented, while CLI access control is usually command
   (task) oriented.  Depending on the management function, sometimes
   data-oriented or task-oriented access control makes more sense.
   Working groups should consider both data-oriented and task-oriented
   access control.

5.  Existing Protocols

   [DISCUSS: Section 5 reviews which protocols versions disabled or do they co-exist
   in the IETF has to offer for
   management and, what I really like, network with the text discusses for which
   applications they were designed or already successfully deployed.  I
   like new protocol?

   Another point to perhaps see even stronger guidelines;]

   Existing protocols and data models can provide consider is extensibility of the management
   functions identified in approach
   - How open to future protocol extensions are the previous section.  WGs management
   techniques you are defining?

3.4.  Requirements on Other Protocols and Functional Components

   Protocol designers should consider
   how using these existing protocols and data models might impact
   network operations.

   In choosing existing protocol solutions to meet the information model
   requirements, it is recommended requirements that the strengths new
   protocol might put on other protocols and weaknesses of
   IETF protocols, as documented in [RFC3535] be considered, functional components, and working
   groups
   should consider asking for help from the IETF directorates
   knowledgeable in available existing solutions.  This is especially
   true since some of also document the recommendations requirements from the 2002 IAB workshop
   have become outdated, some other protocols that have
   been implemented, and some are being
   realized.

   We want considered in designing the new protocol.  [TODO: examples]

   These considerations should generally remain illustrative to avoid seeming to impose a solution by putting in place a
   strict terminology - for example implying that a formal data model,
   creating restrictions or even using dependencies, or potentially impacting the
   behavior of existing protocols, or restricting the extensibility of
   other protocols, or assuming other protocols will not be extended in
   certain ways.  [TODO: example]

3.5.  Impact on Network Operation

   The introduction of a management new protocol is mandatory.  If a WG considers
   that its technology can be managed solely by using proprietary CLIs,
   and no structured or standardized data model needs extensions to be in place,
   this an existing
   protocol may have an impact on the operation of existing networks.
   Protocol designers should outline such impacts (which may be fine, but this is
   positive) including scaling concerns and interactions with other
   protocols.  For example, a requirement new protocol that needs doubles the number of
   active, reachable addresses in use within a network might need to be
   explicit
   considered in the manageability discussion, so that light of the WG reaches
   consensus in full awareness that this is how impact on the scalability of the IGPs
   operating within the network.

   The protocol will need
   to be operated and managed.  Working groups designer should avoid having
   manageability pushed for a later/never phase consider the potential impact on the
   behavior of other protocols in the development network and on the traffic levels
   and traffic patterns that might change, including specific types of
   traffic such as multicast.  Also consider the standard.

   Listed here need to install new
   components that are a number added to the network as result of protocols that have reached Proposed
   Standard status the changes in
   the operational model, such as servers performing auto-configuration
   operations.

   The protocol designer should consider also the impact on
   infrastructure applications like the DNS, registries, or higher within the IETF.

5.1.  SNMP

   SNMP is widely used for monitoring fault and size of
   routing tables.

   The impact on performance data.  Some
   operators use SNMP for configuration may also be noted - increased delay or
   jitter in various environments/
   technologies while others find SNMP an inappropriate choice for
   configuration real-time traffic applications, or response time in their environments.  SNMPv1 is client-
   server applications when encryption or filtering are applied.

   It must be easy to do consistency checks of versions/revisions of
   configurations over time.  [DISCUSS: probably needs a bit more
   discussion on database driven configurations. ]

   It must be easy to do consistency checks of configurations between
   the ends of a Full Standard, but
   is not recommended due link in order to its lack determine the differences between two
   configurations and whether the configurations are consistent.
   [DISCUSS: this needs rewording to better describe consistency
   checking 1) over time, and 2) between ends of security features.  SNMPv3 is a
   Full Standard that includes security features.  An overview of link. probably needs
   a bit more discussion on the
   SNMPv3 document set need to be able to understand and check
   what it is in [RFC3410].

   SNMP relies happening on the MIB.  MIB module support wire actually matches what the Operator
   tried to configure.  Basically, complexity is uneven across vendors, your enemy here, and even within devices.  The lack of standard MIB module support
   that cannot be stressed often enough (no idea how you can verify
   whether for
   all functionality in a device forces operators to use other protocols
   such as example a CLI SIP application is actually doing what it is
   supposed to do configuration of some aspects of their managed
   devices, and it due to it's complexity).]

   It is easier important to use one protocol for all minimize the impact caused by configuration
   than
   changes.  Given configuration A and configuration B, it should be
   possible to split generate the task across multiple protocols.

   SNMP is good at determining operational operations necessary to get from A to B with
   minimal state of specific
   functionality, but not necessarily changes and effects on network and systems.

3.6.  Verifying Correct Operation

   The protocol designer should consider techniques for testing the complete operational state
   of a managed device.

   SNMP is good for statistics gathering for specific functionality.
   The wide-spread use of counters in standard MIB modules permits
   effect that the
   interoperable comparison of statistics across devices from different
   vendors.  SNMP is often used to poll a device for sysUpTime, which
   serves to check for operational liveness and discontinuity in
   counters.

   SNMP traps protocol has had on the network by sending data
   through the network and informs can alert an operator or an application when
   an aspect observing its behavior.  Protocol designers
   should consider how the correct end-to-end operation of the new
   protocol fails or encounters an error condition, in the network can be tested, and how the contents correct data or
   forwarding plane function of a notification each network element can be used verified to guide subsequent
   SNMP polling
   be working properly with the new protocol.

4.  Management Considerations

   The considerations of manageability should start from describing the
   operational model, which includes identifying the entities to gather additional information about an event.

   SNMPv1 and SNMPv2c lack strong security, be
   managed, how the respective protocol is supposed to be installed,
   configured and monitored, who are not recommended by the IETF.  SNMPv3 does offer strong security managers and is recommended by
   the IETF.

   Stardards exist to run SNMP over multiple network protocols,
   including UDP, Ethernet, Appletalk, OSI, what type of
   management interfaces and others..

5.2.  SYSLOG

   The SYSLOG protocol [I-D.ietf-syslog-protocol] allows protocols they would use.

   Considerations for management should include a machine discussion of what
   needs to
   send event notification messages across networks be managed, and how to event message
   collectors. achieve various management tasks.
   The protocol is simply designed "write a MIB module" approach to transport these event
   messages.  No acknowledgement of the receipt is made.  One of considering management often
   focuses on monitoring a protocol endpoint on a single device.  A MIB
   module document typically only considers monitoring properties
   observable at one end, while the
   fundamental tenets of document doesn't really cover
   managing the SYSLOG protocol and process is its
   simplicity.  No stringent *protocol* (the coordination is required between the
   transmitters of multiple ends), and
   doesn't even come near managing the receivers.  Indeed, the transmission *service* (which includes a lot
   of SYSLOG
   messages may stuff that's very far away from the box).  This is exactly what
   operators hate - you need to be able to manage both ends.  As RFC3535
   says, MIB modules can often be started on characterized as a device list of ingredients
   without a receiver being
   configured, or even actually physically present.  Conversely, many
   devices will most likely be able recipe.

   WGs should consider how to receive messages without explicit
   configuration or definitions.  This simplicity has greatly aided the
   acceptance configure multiple related/co-operating
   devices and deployment how to back off if one of SYSLOG.

   Since each process, application and operating system was written
   somewhat independently, there has been little uniformity those configurations fails or
   causes trouble.  NETCONF addresses this ina generic manner by
   allowing an operator to lock the
   message format or content of SYSLOG messages.

   The IETF has developed a new Proposed Standard version of configuration on multiple devices,
   perform the
   protocol configuration settings/changes, check that allows the use of any number of transport protocols
   including reliable transports and secure transports, they are OK
   (undo if not) and standardized then unlock the application devices.

   Techniques for debugging protocol interactions in a network should be
   part of message security the network management discussion.  Implementation source
   code should be debugged before ever being added to SYSLOG messages.  The IETF
   standardized a new message header format, including timestamp,
   hostname, application, and message ID, to improve filtering, and
   interoperability network, so
   asserts and correlation between compliant implementations.

   SYSLOG message content has traditionally been unstructured natural
   language text.  This content memory dumps do not normally belong in management data
   models.  However, debugging on-the-wire interactions is human-friendly, but difficult for
   applications to parse and correlate across vendors, or correlate with
   other event reporting such as SNMP traps.  The IETF standard syslog a protocol includes structured data elements to aid application-
   parsing.  The structured data element design allows vendors to define
   their own structured data elements to supplement standardized
   elements.

   Working groups are encouraged to standardize structured data
   elements, extensible human-friendly text, and consistent facility/
   severity values for SYSLOG to report events specific
   issue: it is enormously helpful if a protocol has hooks to their
   protocol.

5.3.  IPFIX

   There are several applications e.g., usage-based accounting, traffic
   profiling, traffic engineering, intrusion detection, QoS monitoring, make
   debugging of network interactions easy, and/or is designed in such a
   way that require flow-based traffic measurements.

   IPFIX [I-D.ietf-ipfix-protocol] debugging protocol behaviors is easy.  Handwaving this away
   is not something that operators like ...

   In a Proposed Standard approach for
   transmitting IP traffic flow information over the network from an
   exporting process client/server protocol, it may be more important to an information collecting process.

   IPFIX defines a common representation instrument
   the server end of flow data and a standard
   means protocol than the client end.

4.1.  Interoperability

   Just as when deploying protocols that will inter-connect devices, our
   primary goal in considering management should be interoperability,
   whether across devices from different vendors, across models from the
   same vendor, or across different releases of communicating the data over same product.

   Some product designers and protocol designers assume that if a number device
   can be managed individually using a command line interface or a web
   page interface, that such a solution is enough.  But when equipment
   from multiple vendors is combined into a large network, scalability
   of transport protocols.

   Some extensions management becomes a problem.  It is important to IPFIX are in development and have not yet become
   Proposed Standards.

   [TODO: update as needed]

5.4.  PSAMP

   Several applications require sampling packets consistency
   in the management interfaces so network-wide operational processes
   can be automated.  For example, a single switch might be easily
   managed using an interactive web interface when installed in a single
   office small business, but when, say, a fast food company installs
   similar switches from specific data
   flows, or across multiple data flows, vendors in hundreds or thousands of
   individual branches and wants to automate monitoring them from a
   central location, monitoring vendor-and-model-specific web pages
   would be difficult to automate.

   Getting everybody to agree on a certain syntax and reporting information about the packets.  Measurement-based network protocol
   associated with that has proven to be difficult.  So management is a prime
   example.
   systems tend to speak whatever the boxes support, whether the IETF
   likes this or not.  The PSAMP standard includes IETF is moving from support for packet sampling in
   IPv4, IPv6, and MPLS-based networks.

   PSAMP standardizes sampling, selection, metering, a single
   management data modeling language (SMI) and reporting
   strategies for different purposes.

   To simplify the solution, the IPFIX a single management
   protocol is used (SNMP) towards support for exporting
   the reports to collector applications.

   [TODO: this is in IESG review additional management protocols
   and data models suited to become a PS. update different purposes, such as needed]

5.5.  NETCONF

   The NETCONF protocol [RFC4741] is a Proposed configuration
   (netconf), usage accounting (ipfix), and logging (syslog).  Other
   Standard that defines a
   simple mechanism through which a network device can Development Organizations (e.g.  DMTF, TMF) also define
   management mechanisms and these mechanisms may be managed,
   configuration data information can more suitable than
   IETF mechanisms in some cases.

   Interoperability needs to be retrieved, considered on the syntactic level and new
   configuration data
   the semantic level.  While it can be uploaded irritating and manipulated.  The protocol
   allows the device to expose a full, formal time-consuming,
   application programming
   interface (API).  Applications designers including operators who write their own scripts
   can use this straightforward API make their processing conditional to
   send and receive full and partial configuration data sets.

   The NETCONF protocol uses a remote procedure call (RPC) paradigm.  A
   client encodes an RPC in XML and sends it accommodate differences
   across vendors or models or releases of product.

   Semantic differences are much harder to a server using a secure,
   connection-oriented session.  The server responds deal with on the manager side
   - once you have the data, its meaning is a reply
   encoded in XML. function of the managed
   entity.  For example, if a single counter provided by vendor A key aspect counts
   three types of NETCONF is that it allows error conditions, while the corresponding counter
   provided by vendor B counts seven types of error conditions, these
   counters cannot be compared effectively - they are not interoperable
   counters.

   Information models are helpful to try to focus interoperability on
   the functionality semantic level - they establish standards for what information
   should be gathered, and how gathered information might be used
   regardless of the which management protocol to closely mirror the native command line interface of carries the device.  This reduces implementation costs and
   allows timely access to new features.  In addition, applications can
   access both data or which
   vendor produces the syntactic and semantic content product.  The use of an information model might
   help improve the device's native
   user interface.

   The contents ability of both operators to correlate messages in
   different protocols where the request data overlaps, such as a SYSLOG message
   and an SNMP notification about the response same event.  An information model
   might identify which error conditions should be counted separately,
   and which error conditions can be fully
   described counted together in XML DTDs a single
   counter.  Then, whether the counter is gathered via SNMP or XML schemas, a CLI
   command or both, allowing both parties
   to recognize the syntax constraints imposed on the exchange.  As of
   this writing, no standard has been developed for data content
   specification.

5.6.  COPS-PR

   COPS-PR and a SYSLOG message, the Structure of Policy Provisioning Information (SPPI) counter will have been approved as Proposed Standards.  COPS-PR [RFC3084] uses similar meaning.

   Protocol designers should consider which information might be useful
   for managing the
   Common Open Policy Service (COPS) new protocol or protocol extensions.

                IM                --> conceptual/abstract model
                 |                    for support of policy
   provisioning.  The COPS-PR specification is independent of the type
   of policy being provisioned (QoS, Security, etc.) but focuses on designers and operators
      +----------+---------+
      |          |         |
      DM        DM         DM     --> concrete/detailed model
                                      for implementers

   Information Models and Data Models

                                 Figure 1

   On the
   mechanisms Difference between Information Models and conventions used Data Models
   [RFC3444] may be useful in determining what information to communicate provisioned consider
   regarding information between policy-decision-points (PDPs) and policy
   enforcement points (PEPs).  COPS-PR does not make any assumptions
   about the policy models, as compared to data model being communicated, but describes models.

   Information models should come from the
   message formats protocol WGs and objects include
   lists of events, counters and configuration parameters that carry the modeled policy data. are
   relevant.  There are a number of information models contained in
   protocol WG RFCs.  Some examples:

   o  [RFC3060] - Policy data is modeled using Core Information Model version 1

   o  [RFC3290] - An Informal Management Model for DiffServ Routers

   o  [RFC3460] - Policy Core Information Base modules (PIB
   modules).

   COPS-PR has not had wide deployment, and operators have stated that
   its use Model Extensions

   o  [RFC3585] - IPsec Configuration Policy Information Model

   o  [RFC3644] - Policy Quality of binary encoding (BER) Service Information Model

   o  [RFC3670] - Information Model for Describing Network Device QoS
      Datapath Mechanisms

   o  [RFC3805] - Printer MIB v2 (contains both an IM and a DM

   Management protocol standards and management data makes it
   difficult model standards
   often contain compliance clauses to develop automated scripts for simple configuration
   management tasks in most text-based scripting languages.  In an IAB
   Workshop on Network Management [RFC3535], the consensus ensure interoperability.
   Manageability considerations should include discussion of operators
   and protocol developers indicated a lack which level
   of interest in PIB modules compliance is expected to be supported for use with COPS-PR.

   As interoperability.

4.2.  Management Information

   A management information model should include a result, the IESG has not approved any policy models (PIB
   modules) as an IETF standard, and the use discussion of COPS-PR what is not
   recommended.

5.7.  RADIUS

   RADIUS [RFC2865],
   manageable, which aspects of the remote Authentication Dial In User Service, is
   a Draft Standard that describes a protocol for carrying
   authentication, authorization, need to be configured, what
   types of operations are allowed, what protocol-specific events might
   occur, which events can be counted, and configuration information between
   a Network Access Server for which desires events should an
   operator be notified.

   Operators find it important to be able to authenticate its links and make a
   shared Authentication Server.

   This protocol is widely implemented clear distinction
   between configuration data, operational state, and used.  RADIUS is widely used
   in environments, such as enterprise networks, where a single statistics.  They
   need to determine which parameters were administrative authority manages the network, configured and protects
   which parameters have changed since configuration as the
   privacy result of user information.

5.8.  Diameter

   DIAMETER [RFC3588] is a Proposed Standard that provides an
   Authentication, Authorization and Accounting (AAA) framework for
   applications
   mechanisms such as network access or IP mobility.  DIAMETER routing protocols.

   It is also
   intended important to work in both local Authentication, Authorization &
   Accounting and roaming situations.

   Diameter is designed be able to resolve a number of known problems with
   RADIUS.  Diameter supports server failover, transmission-level
   security, reliable transport over TCP, agents for proxy and redirect separately fetch configuration data,
   operational state data, and relay, server-initiated messages, auditability, capability
   negotiation, peer discovery statistics from devices, and configuration, to be able
   to compare current state to initial state, and roaming support.
   Diameter also provides a larger attribute space than RADIUS.

   Diameter features make it especially appropriate for environments
   where the providers of services to compare data
   between devices.

   What is typically difficult to work through are relationships between
   abstract objects.  Ideally an information model would describe the
   relationships between the objects and concepts in different administrative
   domains than the maintainer (protector) information
   model.

   Is there always just one instance of confidential user
   information.

5.9.  EPP

   The Extensible Provision Protocol [RFC4930] this object or can there be
   multiple instances?  Does this object relate to exactly one other
   object or may it relate to multiple?  When is it possible to change a Draft Standard that
   describes an application layer client-server protocol for
   relationship?
   Do objects (such as rows in tables) share fate?  For example, if a
   row in table A must exist before a related row in table B can be
   created, what happens to the row in table B if the related row in
   table A is deleted?  Does the
   provisioning and management existence of relationships between
   objects stored in a shared central
   repository.  EPP permits multiple service providers to perform object
   provisioning operations using a shared central object repository, and
   addresses the requirements for a generic registry registrar protocol.

5.10.  VCCV

   VCCV is a Proposed Standard have an impact on fate sharing?

4.3.  Fault Management

   The protocol that provides a control channel
   associated with a Pseudowire.  It is designer should consider how faults information will be
   propagated.  Will it be done using asynchronous notifications or
   polling of health indicators?

   If notifications are used for operations and
   management functions such as connectivity verification over the
   control channel.  VCCV applies to all supported access circuit and
   transport types currently defined for PWs.

5.11.  XCAP

   XCAP [RFC4825] is a Proposed Standard alert operators to certain conditions,
   then the protocol that allows a client designer should discuss mechanisms to read, write, throttle
   notifications to prevent congestion and modify application configuration data stored in
   XML format on a server.

5.12.  Other Protocols

   A command line interface (CLI) might duplications of event
   notifications.  Will there be used to provide initial
   configuration a hierarchy of the target functionality.  Command line interfaces
   are usually proprietary, but working groups could suggest specific
   commands faults, and command parameters that would will the
   fault reporting be useful done by each fault in configuring the new protocol, so implementers could have similarities in their
   proprietary CLI implementations.

   [DISCUSS: Routing hierarchy, or will only
   the lowest fault be reported and control plane people may prefer NETCONF since
   it is close to CLIs which seem to rule in this space. ]

   [DISCUSS] Other PS-level NM protocols?  SIP NM?

6.  Existing IETF Data Models

   [DISCUSS: JS: The weakest part the higher levels be suppressed?
   should there be aggregated status indicators based on concatenation
   of propagated faults from a given domain or device?

   SNMP notifications and SYSLOG messages can alert an operator when an
   aspect of the document is IMHO section 6.  It
   is not clear to me what David's intention were here; sometimes he
   gives general advise while at other places he kind of surveys data
   models new protocol fails or encounters an error condition,
   and such things.  I am also not sure all the stuff listed
   there SNMP is actually useful frequently used as a heartbeat monitor.

4.3.1.  Liveness Detection and Monitoring

   Liveness detection and monitoring applies both to list; for example, has anybody ever
   deployed the technology which came out of the snmpconf working group?
   So we need to be more selective control plane
   and probably also organize our
   pointers based on the protocol layer people are working on
   (transmission specific MIB modules data plane.  Mechanisms for detecting faults in the control
   plane or for monitoring its liveness are kind of widely used, people
   managing application servers usually built into the
   control plane protocols or inherited from underlying data plane or
   forwarding plane protocols.  These mechanisms do not use much of SNMP; the
   IETF application typically
   require additional management MIBs we have produced have not gained
   large deployments as far as I can tell). ]

   [DISCUSS: David: Some MIB modules may not be deployed because few
   people know about them and has never tried them.  Others may have
   been tried capabilities.  However, when a system
   detects a control plane fault, there is often a requirement to
   coordinate recovery action through management applications or at
   least to record the fact in an event log.  [TODO: example]

   Where the protocol is responsible for establishing data or user plane
   connectivity, liveness detection and been found monitoring usually need to be inadequate.  We have very little
   feedback concerning which ones are useful and which
   achieved through other mechanisms.  In some cases, these mechanisms
   already exist within other protocols responsible for maintaining
   lower layer connectivity, but it will often be the case that new
   procedures are widely
   deployed, which have been found useful by operators, required to detect failures in the data path and which have
   been found to be junk. ;-) I hesitate
   report rapidly, allowing remedial action to make recommendations that
   people should avoid a MIB unless there is real evidence that is is
   unsuitable for its designed task.  Even then, I hesitate because
   maybe the MIB would be found useful taken.

   Protocol designers should always build in a different environment basic testing features
   (e.g.  ICMP echo, UDP/TCP echo service, NULL RPC calls) that
   is just emerging.  Maybe we need can be
   used to perform a de-crufting operation test for data models, similar liveness, with an option to that done for protocols a few years ago.
   But I think that would require feedback from LOTS of operators and
   application developers - enable and these tend disable them.

4.3.2.  Fault Determination

   It can be helpful to describe how faults can be scarce in pinpointed using
   management information.  For example, counters might record instances
   of error conditions.  Some faults might be able to be pinpointed by
   comparing the IETF. ]
   The purpose outputs of one device and the inputs of another device
   looking for anomalies.

   [DISCUSS: Ralf: While this section is sounds good, how do ou distinguish between
   "faulty messages" and "good messages"?  It might require complex
   functions such as "deviation from normal", are you sure you want to inform protocol designers about
   solutions for which components have already been standardized in the
   IETF, so they can reuse existing solutions or use
   implement those solutions at the device level?]

4.3.3.  Fault Isolation

   It might be useful to
   extract information models isolate faults, such as a system that could emits
   malformed messages necessary to coordinate connections properly.
   Spanning tree comes to mind.  This might be applied able to be done by
   configuring next-hop devices to new solutions.

   This section discusses management data models that have reached at
   least Proposed Standard status in the IETF.  Because making
   management information available through drop the MIB has long been faulty messages to prevent
   them from entering the
   IETF-preferred approach for managing rest of the Internet, there are a large
   number network.

4.3.4.  Corrective Action

   What sort of MIB modules available.  Rather than attempt to discuss corrective action can be taken by an operator for each
   here, with a discussion
   of the tables they contain, this section will
   focus on those MIB modules that have reached at least Draft status,
   and some commonly deployed MIB modules.  This is supplemented by an
   appendix that lists additional MIB modules that have reached Proposed
   Standard status.

   [TODO] discuss specific MIB modules, SDEs, XML schemas fault conditions that are
   designed to solve generic problems.  This might cover things like
   Textual Conventions, RFC3415 Target tables, SYSLOG SDEs defined in
   -protocol-, SYSLOG -sign-, IPFIX IEs, etc.

6.1.  Fault being identified?

   [DISCUSS: this should be expanded or eliminated.]

4.4.  Configuration Management

   RFC 3418 [RFC3418], part

   RFC3139 [RFC3139] discusses requirements for configuration
   management.  This document includes discussion of STD 62 SNMP, contains objects different levels of
   management, including high-level-policies, network-wide configuration
   data, and device-local configuration.

   A number of efforts have existed in the
   system group that are often polled IETF to determine if a device is still
   operating, and sysUpTime can be used develop policy-based
   management.  RFC3198 was written to detect if a system has
   rebooted, and counters have been reinitialized.

   RFC3413 [RFC3413], part of STD 62 SNMP, includes objects designed for
   managing notifications, including tables for addressing, retry
   parameters, security, lists of targets standardize the terminology for notifications,
   policy-based management across these efforts.

   It is highly desirable that text processing tools such as diff, and user
   customization filters.

   An RMON monitor [RFC2819]
   version management tools such as RCS or CVS or SVN, can be configured used to recognize conditions,
   most notably error conditions, and continuously
   process configurations.  This approach simplifies comparing the
   current operational state to check for them.
   When one of these conditions occurs, the event initial configuration.

   With structured text such as XML, simple text diffs may be logged, found to
   be inadequate and
   management stations more sophisticated tools may be notified in a number of ways.  See further
   discussion needed to make any
   useful comparison of RMON under Performance Management.

6.2.  Configuration Management

   It is expected that standard XML-based versions.

   To simplify such configuration comparisons, devices should not
   arbitrarily reorder data models will be developed such as access control lists.  If a protocol
   designer defines mechanisms for use with NETCONF, and working groups might identify specific
   NETCONF data models that configuration, it would be applicable desirable
   to standardize the new protocol.  At
   the time of this writing, no such standard data models exist.

   For monitoring network configuration, such as physical and logical
   network topologies, existing MIB modules already exist that provide
   some order of the desired capabilities.  New MIB modules might be developed elements for the target functionality to allow operators to monitor consistency of configuration
   and modify
   the operational parameters, such as timer granularity, event of reporting thresholds, target addresses, across vendors, and so on.

   RFC 3418 [RFC3418], part of STD 62 SNMPv3, contains objects in the
   system group that across releases from vendors.

   [DISCUSS: Ralf: Well, there are often polled to determine if a device is still
   operating, and sysUpTime can be used two parts to detect if a system has
   rebooted and caused potential discontinuity in counters.  Other
   objects in the it: 1.  An NMS system MIB are useful for identifying the type of
   device, the location of the device, the person responsible
   could optimze ACLs for perfomance reasons 2.  Unless the
   device, etc.

   RFC3413 [RFC3413], part device/NMS
   systems has corect rules/a lot of STD 62 SNMPv3, includes objects designed
   for configuring notification destinations, experience, reordering ACLs can
   lead to a huge security issue, therefore I would rephrase this
   paragraph.  "

   Network wide configurations are ideally stored in central master
   databases and for configuring proxy-
   forwarding SNMP agents, which transformed into formats that can be used pushed to devices,
   either by generating sequences of CLI commands or complete
   configuration files that are pushed to forward messages through
   firewalls and NAT devices.

   Draft Standard RFC2863 [RFC2863], the Interfaces MIB  There is used for
   managing Network Interfaces.  This includes the 'interfaces' group of
   MIB-II and discusses the experience gained from the definition of
   numerous media-specific MIB modules no common
   database schema for use in conjunction with network configuration, although the
   'interfaces' group for managing models used
   by various sub-layers beneath the
   internetwork-layer.

   Proposed Standard RFC3165 [RFC3165] supports the use of user-written
   scripts operators are probably very similar.  It is desirable to delegate management functionality.

   Proposed Standard RFC4011 [RFC4011] defines objects that enable
   policy-based monitoring using SNMP, using a scripting language,
   extract, document, and a
   script execution environment.

   Few vendors have not implemented MIB modules that support scripting.
   Some vendors consider running user-developed scripts within standardize the
   managed device as a violation common parts of support agreements.

6.3.  Accounting Management

   TODO: RADIUS Accounting MIBs are PS; are there any DS data models for
   accounting? ]

6.4.  Performance Management

   Working groups these network
   wide configuration database schemas.  A protocol designer should
   consider how performance can be monitored for
   the new protocol.

   MIB modules typically contain counters to determine standardize the frequency and
   rate of an occurrence.

   RFC2819, STD 59 RMON, defines objects for managing remote network
   monitoring devices.  An organization may employ many remote
   management probes, one per network segment, to manage its internet.
   These devices may be used for a network management service provider
   to access a client network, often geographically remote.  Most common parts of configuring the
   objects in the RMON MIB module are suitable for new
   protocol, while recognizing the management of any
   type vendors will likely have proprietary
   aspects of network, and there are some which are specific to managing
   Ethernet networks.

   RMON allows a probe to be configured their configurations.

   It is important to perform diagnostics distinguish between the distribution of
   configurations and to
   collect statistics continuously, even when communication with the
   management station may not activation of a certain configuration.
   Devices should be possible or efficient.  The alarm group
   periodically takes statistical samples from variables in able to hold multiple configurations.  NETCONF
   [RFC4741], for example, differentiates between the probe "running"
   configuration and compares them "candidate" configurations.

   [DISCUSS: Also add: backup configs, i.e. version n-1 and auto-
   fallback solutions that automatically return to previously configured thresholds.  If the
   monitored variable crosses previous "known
   as good config" or adding a threshold, an event is generated.

   The RMON host group discovers hosts on backdoor for the network by keeping a list operator.  One of source and destination MAC Addresses seen in good packets
   promiscuously received from the network,
   worst scenarios is remote device config where the new running config
   doesn't work as expected and contains statistics
   associated with each host.  The hostTopN group unlocks the admin.  Vendors may have
   ways to avoid unlocking the operator but this doesn't have to be
   vendor specific.]

   It is used important to prepare
   reports that describe enable operators to concentrate on the hosts that top a list ordered by one of
   their statistics.  The available statistics are samples of one
   configuration of
   their base statistics over an interval specified by the management
   station.  Thus, these statistics are rate based.  The management
   station also selects how many such hosts are reported.

   The RMON matrix group stores statistics network as a whole rather than individual
   devices.  Support for conversations between
   sets configuration transactions across a number of two addresses.
   devices would significantly simplify network configuration
   management.  The filter group allows packets ability to be matched
   by distribute configurations to multiple
   devices, or modify "candidate configurations on multiple devices, and
   then activate them in a filter equation.  These matched packets form near-simultaneous manner might help.

   [DISCUSS: Ralf: This might be a data stream good place for adding the description
   of config-templates.]
   Consensus of the 2002 IAB Workshop was that
   may textual configuration
   files should be captured or may generate events.  The Packet Capture group
   allows packets able to be captured after they flow through a channel.  The
   event group controls the generation contain international characters.  Human-
   readable strings should utilize UTF-8, and notification of events from
   this device.

   The RMON-2 MIB [RFC4502] extends RMON by providing RMON analysis up protocol elements should
   be in case insensitive ASCII.

   A mechanism to the application layer.  The SMON MIB [RFC2613] extends RMON dump and restore configurations is a primitive
   operation needed by
   providing RMON analysis operators.  Standards for switched networks.

6.5.  Security Management

   Working groups pulling and pushing
   configurations from/to devices are desirable.

   Given configuration A and configuration B, it should consider existing data models that would be
   relevant possible to monitoring and managing the security of
   generate the new protocol.

   The IETF has no standard data models for managing security protocols
   such as TLS and SSH.

7.  Documentation Guidelines

   The purpose of this document is operations necessary to provide guidance about what get from A to
   consider when thinking about the management B with minimal
   state changes and deployment of a new
   protocol, effects on network and systems.  It is important to provide guidance about documenting
   minimize the
   considerations should a working group choose to do so.  The following
   guidelines are designed to help writers provide a reasonably
   consistent format to such documentation.  Separate manageability and
   operational considerations sections impact caused by configuration changes.

   Many protocol specifications include timers that are desirable used as part of
   operation of the protocol.  These timers may need default values
   suggested in many cases, but
   their structure the protocol specification and location is a decision do not need to be
   otherwise configurable.

4.4.1.  Verifying Correct Operation

   An important function that can might be made from case
   to case.

   Making a Management Considerations section a mandatory publication
   requirement provided is a tool set for
   verifying the responsibility correct operation of the IESG, or specific area
   directors, or working groups, and this document avoids recommending
   any mandatory publication requirements.  For a complex protocol, a
   completely separate draft on operations protocol.  This may be achieved
   to some extent through access to information and data models that
   report the status of the protocol and management might be
   appropriate, or even a completely separate WG.

   This document is focused the state installed on what network
   devices.  It may also be valuable to think about, provide techniques for testing
   the effect that the protocol has had on the network by sending data
   through the network and observing its behavior.

   Protocol designers should consider how to document test the considerations correct end-to-end
   operation of the working group.

7.1.  Recommended Discussions network, and how to verify the correct data or
   forwarding plane function of each network element.

4.4.2.  Control of Function and Policy

   A Manageability Considerations section protocol designer should include discussion consider the configurable items that exist
   for the control of function via the management and operations topics raised protocol elements described in
   the protocol specification.  For example, Sometimes the protocol
   requires that timers can be configured by the operator to ensure
   specific policy-based behavior by the implementation.

4.5.  Accounting Management

   A protocol designer should consider whether it would be appropriate
   to collect usage information related to this document, protocol, and
   when one or more of these topics is not relevant, it if so,
   what usage information would be useful appropriate to contain collect?

   RFC2975 [RFC2975] Introduction to Accounting Management discusses a simple statement explaining why the topic is not
   number of factors relevant to monitoring usage of protocols for the new protocol.  Of course, additional relevant topics
   purposes of capacity and trend analysis, cost allocation, auditing,
   and billing.  This document also discusses how RADIUS, TACACS+, and
   SNMP protocols are used for these purposes.  These factors should be included as well.

7.2.  Null Manageability Considerations Sections

   A working group may seriously consider the manageability requirements
   of
   considered when designing a new protocol, and determine that there are no manageability
   issues related protocol whose usage might need to the new protocol.  It would be helpful to those who
   may update
   monitored, or write extensions to the when recommending a protocol in the future or to
   those deploying the new protocol do usage accounting.

4.6.  Performance Management

   Consider information that would be useful when trying to know determine
   the thinking performance characteristics of a deployed system using the working
   regarding the manageability of target
   protocol.

   What are the protocol principal performance factors that need to be looked at
   when measuring the time efficiency of its
   design.

   If there are no new manageability or deployment considerations, the protocol implementations?  Is it is
   recommended that a Manageability Considerations section contain a
   simple statement
   important to measure setup times? throughput? quality versus
   throughput? interruptions? end-to-end throughput? end-to-end quality?
   hop-to-hop throughput?

   Consider scalability, such as "There are no new manageability requirements
   introduced whether performance will be affected by this document," and a brief explanation of why that is
   the case.  The presence number of such a Manageability Considerations
   section would indicate protocol connections.  If so, then it might be useful
   to provide information about the reader maximum number of table entries that due consideration has been
   given
   should be expected to manageability be modeled, how many entries an implementation
   can support, the current number of instances, and operations.

   In the case where expected
   behavior when the new protocol is an extension, and current instances exceed the base
   protocol discusses all capacity of the relevant operational and manageability
   considerations,
   implementation.  This should be considered in a data-modeling
   independent manner - what makes managed-protocol sense, not what
   makes management-protocol-sense.  If it is not managed-protocol-
   dependent, then it would should be helpful to point out the considerations
   section in the base document.

7.3.  Placement of Operations and Manageability Considerations Sections

   If a working group develops a Manageability Considerations section left for the management-protocol data
   modelers to decide.

   For example, VLAN identifiers have a new protocol, it is recommended that range of 1..4095 because of the section be placed
   immediately before
   VLAN standards.

   Consider operational activity, such as the Security Considerations section.  Reviewers
   interested number of message in such sections could find it easily, and this placement
   could simplify
   the development messages out, the number of tools received messages rejected due to detect
   format problems, the presence of
   such expected behaviors when a section.

8.  IANA Considerations

   This document does not introduce any new codepoints or name spaces
   for registration with IANA.  Note to RFC Editor: this section may be
   removed on publication as an RFC.

9.  Security Considerations

   This document malformed message is informational and provides guidelines for
   considering manageability and operations.  It introduces no new
   security concerns.

10.  Acknowledgements

   This document started from an earlier document edited by Adrian
   Farrel, which itself was based on work exploring
   received.

   Consider the need expected behaviors for
   Manageability Considerations sections in all Internet-Drafts produced
   within the Routing Area of counters - what is a reasonable
   maximum value for expected usage? should they stop counting at the IETF.  That earlier work was produced
   by Avri Doria, Loa Andersson,
   maximum value and Adrian Farrel, with valuable
   feedback provided by Pekka Savola retain the maximum value, or should they rollover?
   How can users determine if a rollover has occurred, and Bert Wijnen.

   Some how can users
   determine if more than one rollover has occurred?

   What information should be maintained across reboots of the discussion about designing for manageability came from
   private discussions between Dan Romascanu, Bert Wijnen, Juergen
   Schoenwaelder, Andy Bierman, and David Harrington.

11.  Informative References

   [I-D.ietf-ipfix-protocol]        Claise, B., "Specification device,
   or restarts of the
                                    IPFIX Protocol for management system?
   Could events, such as hot-swapping a blade in a chassis, cause
   discontinuities in information?  Does this make any difference in
   evaluating the Exchange performance of
                                    IP Traffic Flow  Information",
                                    draft-ietf-ipfix-protocol-26 (work a protocol?

   Consider whether multiple management applications will share a
   counter; if so, then no one management application should be allowed
   to reset the value to zero since this will impact other applications.

   For performance monitoring, it is often important to report the time
   spent in progress), September 2007.

   [I-D.ietf-sipping-rtcp-summary]  Pendleton, A., "Session Initiation
                                    Protocol Package a state rather than the current state.  Snapshots are of
   less value for Voice Quality
                                    Reporting Event",
                                    draft-ietf-sipping-rtcp-summary-02
                                    (work in progress), May 2007.

   [I-D.ietf-syslog-protocol]       Gerhards, R., "The syslog Protocol",
                                    draft-ietf-syslog-protocol-23 (work
                                    in progress), September 2007.

   [RFC1052]                        Cerf, V., "IAB performance monitoring.

   The Benchmarking Methodology WG (bmwg) has defined recommendations
   for the development measurement of Internet network
                                    management standards", RFC 1052,
                                    April 1988.

   [RFC2119]                        Bradner, S., "Key words for use the performance characteristics of various
   internetworking technologies in
                                    RFCs a laboratory environment, including
   the systems or services that are built from these technologies.  Each
   recommendation describes the class of equipment, system, or service
   being addressed; discuss the performance characteristics that are
   pertinent to Indicate Requirement
                                    Levels", BCP 14, RFC 2119,
                                    March 1997.

   [RFC2578]                        McCloghrie, K., Ed., Perkins, D.,
                                    Ed., and J. Schoenwaelder, Ed.,
                                    "Structure that class; clearly identify a set of Management Information
                                    Version 2 (SMIv2)", STD 58,
                                    RFC 2578, April 1999.

   [RFC2613]                        Waterman, R., Lahaye, B., Romascanu,
                                    D., metrics that aid
   in the description of those characteristics; specify the
   methodologies required to collect said metrics; and S. Waldbusser, "Remote
                                    Network Monitoring MIB Extensions lastly, present
   the requirements for Switched Networks Version 1.0",
                                    RFC 2613, June 1999.

   [RFC2819]                        Waldbusser, S., "Remote Network
                                    Monitoring the common, unambiguous reporting of
   benchmarking results.

4.7.  Security Management Information
                                    Base", STD 59, RFC 2819, May 2000.

   [RFC2863]                        McCloghrie, K. and F. Kastenholz,
                                    "The Interfaces Group MIB",
                                    RFC 2863, June 2000.

   [RFC2865]                        Rigney, C., Willens, S., Rubens, A.,
                                    and W. Simpson, "Remote
                                    Authentication Dial In User Service
                                    (RADIUS)", RFC 2865, June 2000.

   [RFC2975]                        Aboba, B., Arkko, J., and D.
                                    Harrington, "Introduction

   Protocol designers should consider how to
                                    Accounting Management", RFC 2975,
                                    October 2000.

   [RFC3060]                        Moore, B., Ellesson, E., Strassner,
                                    J., monitor and A. Westerinen, "Policy Core
                                    Information Model -- Version 1
                                    Specification", RFC 3060,
                                    February 2001.

   [RFC3084]                        Chan, K., Seligson, J., Durham, D.,
                                    Gai, S., McCloghrie, K., Herzog, S.,
                                    Reichmeyer, F., Yavatkar, R., to manage
   security aspects and A.
                                    Smith, "COPS Usage vulnerabilities of the new protocol.

   There will be security considerations related to the new protocol.
   To make it possible for operators to be aware of security-related
   events, it is recommended that system logs should record events, such
   as failed logins, but the logs must be secured.

   Should a system automatically notify operators of every event
   occurrence, or should an operator-defined threshold control when a
   notification is sent to an operator?

   Should certain statistics be collected about the operation of the new
   protocol that might be useful for Policy
                                    Provisioning (COPS-PR)", RFC 3084,
                                    March 2001.

   [RFC3139]                        Sanchez, L., McCloghrie, K., and J.
                                    Saperia, "Requirements detecting attacks, such as the
   receipt of malformed messages, or messages out of order, or messages
   with invalid timestamps?  If such statistics are collected, is it
   important to count them separately for
                                    Configuration Management each sender to help identify
   the source of IP-based
                                    Networks", RFC 3139, June 2001.

   [RFC3159]                        McCloghrie, K., Fine, M., Seligson,
                                    J., Chan, K., Hahn, S., Sahita, R.,
                                    Smith, A., attacks?

   Manageability considerations that are security-oriented might include
   discussion of the security implications when no monitoring is in
   place, the regulatory implications of absence of audit-trail or logs
   in enterprises, exceeding the capacity of logs, and F. Reichmeyer,
                                    "Structure security
   exposures present in chosen / recommended management mechanisms.

   The granularity of Policy Provisioning
                                    Information (SPPI)", RFC 3159,
                                    August 2001.

   [RFC3165]                        Levi, D. access control needed on management interfaces
   needs to match operational needs.  Typical requirements are a role-
   based access control model and J. Schoenwaelder,
                                    "Definitions the principle of Managed Objects least privilege,
   where a user can be given only the minimum access necessary to
   perform a required task.

   It must be possible to do consistency checks of access control lists
   across devices.  Protocol designers should consider information
   models to promote comparisons across devices and across vendors to
   permit checking the consistency of security configurations.

   Protocol designers should consider how to provide a secure transport,
   authentication, identity, and access control which integrates well
   with existing key and credential management infrastructure.

   Protocol designers should consider how ACLs (access control lists)
   are maintained and updated.

   Standard SNMP notifications or SYSLOG messages
   [I-D.ietf-syslog-protocol] might already exist, or can be defined, to
   alert operators to the conditions identified in the security
   considerations for the Delegation new protocol.  [TODO: find existing
   notificiations or syslog messages related to security]

   An analysis of Management
                                    Scripts", RFC 3165, August 2001.

   [RFC3290]                        Bernet, Y., Blake, S., Grossman, D.,
                                    and A. Smith, "An Informal
                                    Management Model existing counters might help operators recognize the
   conditions identified in the security considerations for Diffserv
                                    Routers", RFC 3290, May 2002.

   [RFC3317]                        Chan, K., Sahita, R., Hahn, S., and
                                    K. McCloghrie, "Differentiated
                                    Services Quality of Service Policy
                                    Information Base", RFC 3317,
                                    March 2003.

   [RFC3410]                        Case, J., Mundy, R., Partain, D.,
                                    and B. Stewart, "Introduction the new
   protocol before they can impact the network.

   RADIUS and
                                    Applicability Statements for
                                    Internet-Standard Management
                                    Framework", RFC 3410, December 2002.

   [RFC3413]                        Levi, D., Meyer, P., DIAMETER can provide authentication and B. Stewart,
                                    "Simple Network Management Protocol
                                    (SNMP) Applications", STD 62,
                                    RFC 3413, December 2002.

   [RFC3418]                        Presuhn, R., "Management Information
                                    Base (MIB) authorization.  A
   protocol designer should consider which attributes would be
   appropriate for the Simple Network
                                    Management Protocol (SNMP)", STD 62,
                                    RFC 3418, December 2002.

   [RFC3444]                        Pras, A. their protocol.

   Different protocols use different assumptions about message security
   and J. Schoenwaelder, "On data access controls.  A protocol designer that recommends using
   different protocols should consider how security will be applied in a
   balanced manner across multiple management interfaces.  SNMP access
   control is data-oriented, while CLI access control is usually command
   (task) oriented.  Depending on the Difference between Information
                                    Models management function, sometimes
   data-oriented or task-oriented access control makes more sense.
   Protocol designers should consider both data-oriented and Data Models", RFC 3444,
                                    January 2003.

   [RFC3460]                        Moore, B., "Policy Core Information
                                    Model (PCIM) Extensions", RFC 3460,
                                    January 2003.

   [RFC3535]                        Schoenwaelder, J., "Overview task-
   oriented access control.

5.  Documentation Guidelines

   The purpose of this document is to provide guidance about what to
   consider when thinking about the
                                    2002 IAB Network Management
                                    Workshop", RFC 3535, May 2003.

   [RFC3585]                        Jason, J., Rafalow, L., and E.
                                    Vyncke, "IPsec Configuration Policy
                                    Information Model", RFC 3585,
                                    August 2003.

   [RFC3588]                        Calhoun, P., Loughney, J., Guttman,
                                    E., Zorn, G., and J. Arkko,
                                    "Diameter Base Protocol", RFC 3588,
                                    September 2003.

   [RFC3644]                        Snir, Y., Ramberg, Y., Strassner,
                                    J., Cohen, R., management and B. Moore, "Policy
                                    Quality deployment of Service (QoS) Information
                                    Model", RFC 3644, November 2003.

   [RFC3670]                        Moore, B., Durham, D., Strassner,
                                    J., Westerinen, A., and W. Weiss,
                                    "Information Model for Describing
                                    Network Device QoS Datapath
                                    Mechanisms", RFC 3670, January 2004.

   [RFC3805]                        Bergman, R., Lewis, H., and I.
                                    McDonald, "Printer MIB v2",
                                    RFC 3805, June 2004.

   [RFC4011]                        Waldbusser, S., Saperia, J., and T.

                                    Hongal, "Policy Based Management
                                    MIB", RFC 4011, March 2005.

   [RFC4133]                        Bierman, A. a new
   protocol, and K. McCloghrie,
                                    "Entity MIB (Version 3)", RFC 4133,
                                    August 2005.

   [RFC4502]                        Waldbusser, S., "Remote Network
                                    Monitoring Management Information
                                    Base Version 2", RFC 4502, May 2006.

   [RFC4668]                        Nelson, D., "RADIUS Authentication
                                    Client MIB for IPv6", RFC 4668,
                                    August 2006.

   [RFC4669]                        Nelson, D., "RADIUS Authentication
                                    Server MIB for IPv6", RFC 4669,
                                    August 2006.

   [RFC4710]                        Siddiqui, A., Romascanu, D., to provide guidance about documenting the
   considerations.  The following guidelines are designed to help
   writers provide a reasonably consistent format for such
   documentation.  Separate manageability and E.
                                    Golovinsky, "Real-time Application
                                    Quality-of-Service Monitoring
                                    (RAQMON) Framework", RFC 4710,
                                    October 2006.

   [RFC4741]                        Enns, R., "NETCONF Configuration
                                    Protocol", RFC 4741, December 2006.

   [RFC4825]                        Rosenberg, J., "The Extensible
                                    Markup Language (XML) Configuration
                                    Access Protocol (XCAP)", RFC 4825,
                                    May 2007.

   [RFC4930]                        Hollenbeck, S., "Extensible
                                    Provisioning Protocol (EPP)",
                                    RFC 4930, May 2007.

Appendix A.  Operations operational considerations
   sections are desirable in many cases, but their structure and
   location is a decision that can be made from case to case.

   Making a Management Checklist Considerations section a mandatory publication
   requirement is the responsibility of the IESG, or specific area
   directors, or working groups, and this document avoids recommending
   any mandatory publication requirements.  For a complex protocol, a
   completely separate draft on operations and management might be
   appropriate, or even a completely separate WG.

   This appendix provides document is focused on what to think about, and how to document
   the considerations of the protocol designer.

5.1.  Recommended Discussions

   A Manageability Considerations section should include discussion of
   the management and operations topics raised in this document, and
   when one or more of these topics is not relevant, it would be useful
   to contain a quick summary simple statement explaining why the topic is not
   relevant for the new protocol.  Of course, additional relevant topics
   should be included as well.

5.2.  Null Manageability Considerations Sections

   A protocol designer may seriously consider the manageability
   requirements of issues a new protocol, and determine that no management
   functionality is needed by the new protocol.  It would be helpful to
   those who may update or write extensions to the protocol in the
   future or to consider. those deploying the new protocol to know the thinking of
   the working regarding the manageability of the protocol at the time
   of its design.

   If there are configuration parameters clearly identified? no new manageability or deployment considerations, it is
   recommended that a Manageability Considerations section contain a
   simple statement such as "There are configuration parameters normalized?

      does each configuration parameter have no new manageability requirements
   introduced by this document," and a reasonable default value? brief explanation of why that is protocol state information exposed
   the case.  The presence of such a Manageability Considerations
   section would indicate to the user?  How? reader that due consideration has been
   given to manageability and operations.

   In the case where the new protocol is an extension, and the base
   protocol performance information exposed discusses all the relevant operational and manageability
   considerations, it would be helpful to point out the user?  How?

      are significant state transitions logged?

Appendix B.  Additional Data Models on considerations
   section in the Standards Track

   The IETF SYSLOG base document.

5.3.  Placement of Operations and Manageability Considerations Sections

   If a protocol [I-D.ietf-syslog-protocol] designer develops a Manageability Considerations
   section for a new protocol, it is recommended that the section be
   placed immediately before the Security Considerations section.
   Reviewers interested in such sections could find it easily, and this
   placement could simplify the development of tools to detect the
   presence of such a section.

6.  IANA Considerations

   This document does not introduce any new codepoints or name spaces
   for registration with IANA.  Note to RFC Editor: this section may be
   removed on publication as an RFC.

7.  Security Considerations

   This document is a Proposed
   Standard that includes a mechanism informational and provides guidelines for defining structured data
   elements (SDEs).  The SYSLOG protocol
   considering manageability and operations.  It introduces no new
   security concerns.

8.  Acknowledgements

   This document defines started from an initial set earlier document edited by Adrian
   Farrel, which itself was based on work exploring the need for
   Manageability Considerations sections in all Internet-Drafts produced
   within the Routing Area of SDEs that relate to content time quality, content origin, the IETF.  That earlier work was produced
   by Avri Doria, Loa Andersson, and Adrian Farrel, with valuable
   feedback provided by Pekka Savola and
   meta-information Bert Wijnen.

   Some of the discussion about designing for manageability came from
   private discussions between Dan Romascanu, Bert Wijnen, Juergen
   Schoenwaelder, Andy Bierman, and David Harrington.

9.  Informative References

   [I-D.ietf-ipfix-protocol]   Claise, B., "Specification of the message, such as language.  Proprietary
   SDEs can be used to supplement IPFIX
                               Protocol for the IETF-defined SDEs.

   SIP Package Exchange of IP Traffic
                               Flow  Information",
                               draft-ietf-ipfix-protocol-26 (work in
                               progress), September 2007.

   [I-D.ietf-syslog-protocol]  Gerhards, R., "The syslog Protocol",
                               draft-ietf-syslog-protocol-23 (work in
                               progress), September 2007.

   [RFC1052]                   Cerf, V., "IAB recommendations for Voice Quality Reporting
   [I-D.ietf-sipping-rtcp-summary] defines a SIP event package that
   enables the collection
                               development of Internet network
                               management standards", RFC 1052,
                               April 1988.

   [RFC2119]                   Bradner, S., "Key words for use in RFCs
                               to Indicate Requirement Levels", BCP 14,
                               RFC 2119, March 1997.

   [RFC2578]                   McCloghrie, K., Ed., Perkins, D., Ed.,
                               and J. Schoenwaelder, Ed., "Structure of
                               Management Information Version 2
                               (SMIv2)", STD 58, RFC 2578, April 1999.

   [RFC2863]                   McCloghrie, K. and F. Kastenholz, "The
                               Interfaces Group MIB", RFC 2863,
                               June 2000.

   [RFC2865]                   Rigney, C., Willens, S., Rubens, A., and
                               W. Simpson, "Remote Authentication Dial
                               In User Service (RADIUS)", RFC 2865,
                               June 2000.

   [RFC2975]                   Aboba, B., Arkko, J., and reporting of metrics that measure the
   quality for Voice over Internet Protocol (VoIP) sessions.

   DISMAN-EVENT-MIB in D. Harrington,
                               "Introduction to Accounting Management",
                               RFC 2981 2975, October 2000.

   [RFC3060]                   Moore, B., Ellesson, E., Strassner, J.,
                               and DISMAN-EXPRESSION-MIB in A. Westerinen, "Policy Core
                               Information Model -- Version 1
                               Specification", RFC 2982
   provide a superset of the capabilities of the RMON alarm 3060, February 2001.

   [RFC3084]                   Chan, K., Seligson, J., Durham, D., Gai,
                               S., McCloghrie, K., Herzog, S.,
                               Reichmeyer, F., Yavatkar, R., and event
   groups.  These modules provide mechanisms A.
                               Smith, "COPS Usage for thresholding Policy
                               Provisioning (COPS-PR)", RFC 3084,
                               March 2001.

   [RFC3139]                   Sanchez, L., McCloghrie, K., and
   reporting anomalous events to management applications.

   RAQMON [RFC4710] describes Real-Time Application Quality of Service
   Monitoring.

   The IPPM WG has defined metrics J.
                               Saperia, "Requirements for accurately measuring and
   reporting the quality, performance, and reliability Configuration
                               Management of Internet data
   delivery services.  The metrics include connectivity, one-way delay
   and loss, round-trip delay and loss, delay variation, loss patterns,
   packet reordering, bulk transport capacity, and link bandwidth
   capacity.  [TODO: detail the RFCs - 4737, 3393, 2681, 2680, 2679,
   2678

   The IPFIX protocol [I-D.ietf-ipfix-protocol] can collect information
   related to IP flows, IP-based Networks",
                               RFC 3139, June 2001.

   [RFC3159]                   McCloghrie, K., Fine, M., Seligson, J.,
                               Chan, K., Hahn, S., Sahita, R., Smith,
                               A., and existing Information Elements (IEs) may be
   appropriate to report flows F. Reichmeyer, "Structure of the new protocol.  New IPFIX
                               Policy Provisioning Information Elements might be useful for collecting flow information
   useful only in consideration of the new protocol.  As of this
   writing, no IEs have reached Proposed Standard status yet, but a base
   set (SPPI)",
                               RFC 3159, August 2001.

   [RFC3165]                   Levi, D. and J. Schoenwaelder,
                               "Definitions of IEs has been submitted to IESG for advancement.  These include
   IEs Managed Objects for Identifying the scope
                               Delegation of reporting, Metering and Export
   Process configuration, IP and Transport and Sub-IP header fields,
   Packet Management Scripts",
                               RFC 3165, August 2001.

   [RFC3290]                   Bernet, Y., Blake, S., Grossman, D., and Flow properties, timestamps,
                               A. Smith, "An Informal Management Model
                               for Diffserv Routers", RFC 3290,
                               May 2002.

   [RFC3317]                   Chan, K., Sahita, R., Hahn, S., and counters.

   RFC3159 discusses the Proposed Standard Structure K.
                               McCloghrie, "Differentiated Services
                               Quality of Service Policy
   Provisioning Information (SPPI), an extension to the SMI standard for
   purposes of policy-based provisioning, for use with the COPS-PR
   protocol defined in RFC3084.  Informational RFC3317 defines a
   DiffServ QoS PIB,
                               Base", RFC 3317, March 2003.

   [RFC3410]                   Case, J., Mundy, R., Partain, D., and Informational RFC3571 defines policy classes B.
                               Stewart, "Introduction and Applicability
                               Statements for monitoring Internet-Standard
                               Management Framework", RFC 3410,
                               December 2002.

   [RFC3413]                   Levi, D., Meyer, P., and reporting policy usage feedback, as well as policy
   classes B. Stewart,
                               "Simple Network Management Protocol
                               (SNMP) Applications", STD 62, RFC 3413,
                               December 2002.

   [RFC3418]                   Presuhn, R., "Management Information Base
                               (MIB) for controlling reporting intervals, suspension, resumption the Simple Network Management
                               Protocol (SNMP)", STD 62, RFC 3418,
                               December 2002.

   [RFC3444]                   Pras, A. and solicitation.  At J. Schoenwaelder, "On the time
                               Difference between Information Models and
                               Data Models", RFC 3444, January 2003.

   [RFC3460]                   Moore, B., "Policy Core Information Model
                               (PCIM) Extensions", RFC 3460,
                               January 2003.

   [RFC3535]                   Schoenwaelder, J., "Overview of this writing, there are no
   standards-track PIBs During the 2002
                               IAB Workshop on Network Management,
   the workshop had rough consensus from the protocol developers that
   the IETF should not spend resources on SPPI PIB definitions, Management Workshop",
                               RFC 3535, May 2003.

   [RFC3585]                   Jason, J., Rafalow, L., and the
   operators had rough consensus that they do not care about SPPI PIBs.

   Proposed Standard RFC4011 [RFC4011] defines objects that enable
   policy-based monitoring E. Vyncke,
                               "IPsec Configuration Policy Information
                               Model", RFC 3585, August 2003.

   [RFC3588]                   Calhoun, P., Loughney, J., Guttman, E.,
                               Zorn, G., and management J. Arkko, "Diameter Base
                               Protocol", RFC 3588, September 2003.

   [RFC3644]                   Snir, Y., Ramberg, Y., Strassner, J.,
                               Cohen, R., and B. Moore, "Policy Quality
                               of SNMP infrastructures, a
   scripting language, Service (QoS) Information Model",
                               RFC 3644, November 2003.

   [RFC3670]                   Moore, B., Durham, D., Strassner, J.,
                               Westerinen, A., and a script execution environment.

   DIAMETER [RFC3588] accounting might be collected W. Weiss,
                               "Information Model for services, Describing Network
                               Device QoS Datapath Mechanisms",
                               RFC 3670, January 2004.

   [RFC3805]                   Bergman, R., Lewis, H., and
   working groups might document some of the RADIUS/DIAMETER attributes
   that could be used.  [TODO: what data models?]

   RADIUS Authentication Client I. McDonald,
                               "Printer MIB [RFC4668] v2", RFC 3805, June 2004.

   [RFC4011]                   Waldbusser, S., Saperia, J., and RADIUS T.
                               Hongal, "Policy Based Management MIB",
                               RFC 4011, March 2005.

   [RFC4133]                   Bierman, A. and K. McCloghrie, "Entity
                               MIB (Version 3)", RFC 4133, August 2005.

   [RFC4502]                   Waldbusser, S., "Remote Network
                               Monitoring Management Information Base
                               Version 2", RFC 4502, May 2006.

   [RFC4668]                   Nelson, D., "RADIUS Authentication
   Server Client
                               MIB for IPv6", RFC 4668, August 2006.

   [RFC4669] allow the gathering of accounting data.

   Proposed Standard RFC4133 [RFC4133] the Entity                   Nelson, D., "RADIUS Authentication Server
                               MIB is used for
   managing multiple logical and physical entities managed by a single
   SNMP agent.  This module provides a useful mechanism for identifying
   the entities comprising a system.  There are also event notifications
   defined for configuration changes that may be useful to management
   applications.

   RFC3159 [RFC3159] discusses the Structure of Policy Provisioning
   Information, an extension to the SMI standard for purposes of policy-
   based provisioning, for use with the COPS-PR protocol defined in
   RFC3084 [RFC3084].  RFC3317 [RFC3317] defines a DiffServ QoS PIB.  At
   the time of this writing, there are no standards-track PIBs.  During
   the IAB Workshop on Network Management, the workshop had rough
   consensus from the protocol developers that the IETF should not spend
   resources on SPPI PIB definitions, and the operators had rough
   consensus that they do not care about SPPI PIBs.

   The ALARM MIB in IPv6", RFC 3877 4669, August 2006.

   [RFC4710]                   Siddiqui, A., Romascanu, D., and the Alarm Reporting Control MIB in E.
                               Golovinsky, "Real-time Application
                               Quality-of-Service Monitoring (RAQMON)
                               Framework", RFC
   3878 specify mechanisms for expressing state transition models for
   persistent problem states.  There is also 4710, October 2006.

   [RFC4741]                   Enns, R., "NETCONF Configuration
                               Protocol", RFC 4741, December 2006.

   [RFC4825]                   Rosenberg, J., "The Extensible Markup
                               Language (XML) Configuration Access
                               Protocol (XCAP)", RFC 4825, May 2007.

   [RFC4930]                   Hollenbeck, S., "Extensible Provisioning
                               Protocol (EPP)", RFC 4930, May 2007.

Appendix A.  Operations and Management Checklist

   This appendix provides a mechanism specified quick summary of issues to
   correlate consider.

      are configuration parameters clearly identified?

      are configuration parameters normalized?

      does each configuration parameter have a notification with subsequent reasonable default value?

      is protocol state transition
   notifications about information exposed to the same entity/object.

   Other MIB modules that may be applied user?  How?

      is protocol performance information exposed to Fault Management include:

      NOTIFICATION-LOG-MIB in RFC 3014

      ENTITY-STATE-MIB in RFC 4268

      ENTITY-SENSOR-MIB in RFC 4268 the user?  How?

      are significant state transitions logged?

Appendix C. B.  Open Issues

      [TODO: need to verify all citations have references (in xref
      format)]

      Organize data models by layer? both section 6 and appendix.

      start

      [TODO: need to identify remove references that are not used in the
      guidelines]

      Identify bullets for appendix checklist

      Is section 2 needed?

      Need more reviews and suggested text, especially on operational
      considerations

      [DISCUSS: How much of RFC 3535 and RFC 3139 should be repeated
      (and updated) in these guidelines?  There are many best current
      practices mentioned in those documents.  Should we bring them
      together into this document and expand on how they should
      influence ops/mgmt considerations for a new protocol?  Many of the
      points relate to NM protocol design, but there are also many
      points about operational and management considerations.]

Appendix D. C.  Change Log

   Changes from opsawg-01 to opsawg-02

      moved survey of protocols and data models to separate document

      changed "working group" to "protocol designer" throughout, as
      applicable.

      modified wording from negative to positive spin in places.

      updated based on comments from Ralf Wolter and David Kessens

   Changes from opsawg-00 to opsawg-01

      moved Proposed Standard data models to appendix

      moved advice out of data model survey and into considerations
      section

      addressed comments from Adrian and Dan

      modified the Introduction and Section 2 in response to many
      comments.

      expanded radius and syslog discussion, added psamp and VCCV,
      modified ipfix,

   Changes from harrington-01 to opsawg-00

      added text regarding operational models to be managed.

      Added checklist appendix (to be filled in after consensus is
      reached on main text )

   Changes from harrington-00 to harrington-01

      modified unclear text in "Design for Operations and Management"

      Expanded discussion of counters

      Removed some redundant text

      Added ACLs to Security Management

      Expanded discussion of the status of COPS-PR, SPPI, and PIBs.

      Expanded comparison of RADIUS and Diameter.

      Added placeholders for EPP and XCAP protocols.

      Added Change Log and Open Issues

Author's Address

   David Harrington
   Huawei Technologies USA
   1700 Alma Dr, Suite 100
   Plano, TX  75075
   USA

   Phone: +1 603 436 8634
   Fax:
   EMail: dharrington@huawei.com
   URI:

Full Copyright Statement

   Copyright (C) The IETF Trust (2007).

   This document is subject to the rights, licenses and restrictions
   contained in BCP 78, and except as set forth therein, the authors
   retain all their rights.

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
   OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
   THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Intellectual Property

   The IETF takes no position regarding the validity or scope of any
   Intellectual Property Rights or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; nor does it represent that it has
   made any independent effort to identify any such rights.  Information
   on the procedures with respect to rights in RFC documents can be
   found in BCP 78 and BCP 79.

   Copies of IPR disclosures made to the IETF Secretariat and any
   assurances of licenses to be made available, or the result of an
   attempt made to obtain a general license or permission for the use of
   such proprietary rights by implementers or users of this
   specification can be obtained from the IETF on-line IPR repository at
   http://www.ietf.org/ipr.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights that may cover technology that may be required to implement
   this standard.  Please address the information to the IETF at
   ietf-ipr@ietf.org.

Acknowledgement

   Funding for the RFC Editor function is provided by the IETF
   Administrative Support Activity (IASA).