| draft-ietf-sidr-rpki-rtr-protocol-mib-04.txt | draft-ietf-sidr-rpki-rtr-protocol-mib-05.txt | |||
|---|---|---|---|---|
| Network Working Group R. Bush | Network Working Group R. Bush | |||
| Internet-Draft Internet Initiative Japan | Internet-Draft Internet Initiative Japan | |||
| Intended status: Standards Track B. Wijnen | Intended status: Standards Track B. Wijnen | |||
| Expires: June 2, 2013 RIPE NCC | Expires: August 11, 2013 RIPE NCC | |||
| K. Patel | K. Patel | |||
| Cisco Systems | Cisco Systems | |||
| M. Baer | M. Baer | |||
| SPARTA | SPARTA | |||
| November 29, 2012 | February 7, 2013 | |||
| Definitions of Managed Objects for the RPKI-Router Protocol | Definitions of Managed Objects for the RPKI-Router Protocol | |||
| draft-ietf-sidr-rpki-rtr-protocol-mib-04 | draft-ietf-sidr-rpki-rtr-protocol-mib-05 | |||
| Abstract | Abstract | |||
| This document defines a portion of the Management Information Base | This document defines a portion of the Management Information Base | |||
| (MIB) for use with network management protocols in the Internet | (MIB) for use with network management protocols in the Internet | |||
| community. In particular, it describes objects used for monitoring | community. In particular, it describes objects used for monitoring | |||
| the RPKI Router protocol. | the RPKI Router protocol. | |||
| Status of this Memo | Status of this Memo | |||
| skipping to change at page 1, line 38 | skipping to change at page 1, line 38 | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on June 2, 2013. | This Internet-Draft will expire on August 11, 2013. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2012 IETF Trust and the persons identified as the | Copyright (c) 2013 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 | 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 3 | |||
| 2. Internet-Standard Management Framework . . . . . . . . . . . . 3 | 2. Internet-Standard Management Framework . . . . . . . . . . . . 3 | |||
| 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 4 | 4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 20 | 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 21 | |||
| 6. Security Considerations . . . . . . . . . . . . . . . . . . . 21 | 6. Security Considerations . . . . . . . . . . . . . . . . . . . 21 | |||
| 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 22 | 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 22 | |||
| 7.1. Normative References . . . . . . . . . . . . . . . . . . . 22 | 7.1. Normative References . . . . . . . . . . . . . . . . . . . 22 | |||
| 7.2. Informative References . . . . . . . . . . . . . . . . . . 22 | 7.2. Informative References . . . . . . . . . . . . . . . . . . 22 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 23 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 23 | |||
| 1. Introduction | 1. Introduction | |||
| This document defines a portion of the Management Information Base | This document defines a portion of the Management Information Base | |||
| (MIB) for use with network management protocols in the Internet | (MIB) for use with network management protocols in the Internet | |||
| community. In particular, it defines objects used for monitoring the | community. In particular, it defines objects used for monitoring the | |||
| RPKI Router protocol [I-D.ietf-sidr-rpki-rtr]. | RPKI Router protocol [RFC6810]. | |||
| 1.1. Requirements Language | 1.1. Requirements Language | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| document are to be interpreted as described in RFC 2119 [RFC2119]. | "OPTIONAL" in this document are to be interpreted as described in RFC | |||
| 2119 [RFC2119]. | ||||
| 2. Internet-Standard Management Framework | 2. Internet-Standard Management Framework | |||
| For a detailed overview of the documents that describe the current | For a detailed overview of the documents that describe the current | |||
| Internet-Standard Management Framework, please refer to section 7 of | Internet-Standard Management Framework, please refer to section 7 of | |||
| [RFC3410]. Managed objects are accessed via a virtual information | [RFC3410]. Managed objects are accessed via a virtual information | |||
| store, termed the Management Information Base or MIB. MIB objects | store, termed the Management Information Base or MIB. MIB objects | |||
| are generally accessed through the Simple Network Management Protocol | are generally accessed through the Simple Network Management Protocol | |||
| (SNMP). Objects in the MIB are defined using the mechanisms defined | (SNMP). Objects in the MIB are defined using the mechanisms defined | |||
| in the Structure of Management Information (SMI). This document | in the Structure of Management Information (SMI). This document | |||
| specifies a MIB module that is compliant to the SMIv2, which is | specifies a MIB module that is compliant to the SMIv2, which is | |||
| described in STD 58, [RFC2578], STD 58, [RFC2579] and STD 58, | described in STD 58, [RFC2578], STD 58, [RFC2579] and STD 58, | |||
| [RFC2580]. | [RFC2580]. | |||
| 3. Overview | 3. Overview | |||
| The objects defined in this document are used to monitor the RPKI | The objects defined in this document are used to monitor the RPKI | |||
| Router protocol [I-D.ietf-sidr-rpki-rtr]. The MIB module defined in | Router protocol [RFC6810]. The MIB module defined in this is broken | |||
| this draft is broken into these tables: the RPKI Router Cache Server | into these tables: the RPKI Router Cache Server (connection) Table, | |||
| (connection) Table, the RPKI Router Cache Server Errors Table, and | the RPKI Router Cache Server Errors Table, and the RPKI Router Prefix | |||
| the RPKI Router Prefix Origin Table. | Origin Table. | |||
| The RPKI Router Cache Server Table contains information about state | The RPKI Router Cache Server Table contains information about state | |||
| and current activity of connections with the RPKI Router Cache | and current activity of connections with the RPKI Router Cache | |||
| Servers. It also contains counters for the number of messages | Servers. It also contains counters for the number of messages | |||
| received and sent plus the number of announcements, withdrawals and | received and sent plus the number of announcements, withdrawals and | |||
| active records. The RPKI Router Cache Server Errors Table contains | active records. The RPKI Router Cache Server Errors Table contains | |||
| counters of occurrences of errors on the connections (if any). The | counters of occurrences of errors on the connections (if any). The | |||
| RPKI Router Prefix Origin Table contains IP prefixes with their | RPKI Router Prefix Origin Table contains IP prefixes with their | |||
| minimum and maximum prefix lengths and the Origin AS. This data is | minimum and maximum prefix lengths and the Origin AS. This data is | |||
| the collective set of information received from all RPKI Cache | the collective set of information received from all RPKI Cache | |||
| skipping to change at page 4, line 16 | skipping to change at page 4, line 16 | |||
| Station (NMS) or operators about changes in the connection state of | Station (NMS) or operators about changes in the connection state of | |||
| the connections listed in the RPKI Cache Server (Connection) Table. | the connections listed in the RPKI Cache Server (Connection) Table. | |||
| 4. Definitions | 4. Definitions | |||
| The Following MIB module imports definitions from [RFC2578], STD 58, | The Following MIB module imports definitions from [RFC2578], STD 58, | |||
| [RFC2579] STD 58, [RFC2580], [RFC4001], [RFC2287]. That means we | [RFC2579] STD 58, [RFC2580], [RFC4001], [RFC2287]. That means we | |||
| have a normative reference to those documents. | have a normative reference to those documents. | |||
| The MIB module also has a normative reference to the RPKI Router | The MIB module also has a normative reference to the RPKI Router | |||
| protocol [I-D.ietf-sidr-rpki-rtr]. Furthermore, for background and | protocol [RFC6810]. Furthermore, for background and informative | |||
| informative information, the MIB module refers to [RFC1982], | information, the MIB module refers to [RFC1982], [RFC5925], | |||
| [RFC5925], [RFC4252], [RFC5246], [RFC5925]. | [RFC4252], [RFC5246], [RFC5925]. | |||
| RPKI-RTR-MIB DEFINITIONS ::= BEGIN | RPKI-RTR-MIB DEFINITIONS ::= BEGIN | |||
| IMPORTS | IMPORTS | |||
| MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, | MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, | |||
| Integer32, Unsigned32, mib-2, Gauge32, Counter32 | Integer32, Unsigned32, mib-2, Gauge32, Counter32 | |||
| FROM SNMPv2-SMI -- RFC2578 | FROM SNMPv2-SMI -- RFC2578 | |||
| InetAddressType, InetAddress, InetPortNumber, | InetAddressType, InetAddress, InetPortNumber, | |||
| skipping to change at page 4, line 43 | skipping to change at page 4, line 43 | |||
| FROM SNMPv2-TC -- RFC2579 | FROM SNMPv2-TC -- RFC2579 | |||
| MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP | MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP | |||
| FROM SNMPv2-CONF -- RFC2580 | FROM SNMPv2-CONF -- RFC2580 | |||
| LongUtf8String FROM SYSAPPL-MIB -- RFC2287 | LongUtf8String FROM SYSAPPL-MIB -- RFC2287 | |||
| ; | ; | |||
| rpkiRtrMIB MODULE-IDENTITY | rpkiRtrMIB MODULE-IDENTITY | |||
| LAST-UPDATED "201110140000Z" | LAST-UPDATED "201302050000Z" | |||
| ORGANIZATION "IETF Secure Inter-Domain Routing (SIDR) | ORGANIZATION "IETF Secure Inter-Domain Routing (SIDR) | |||
| Working Group | Working Group | |||
| " | " | |||
| CONTACT-INFO "Working Group Email: sidr@ietf.org | CONTACT-INFO "Working Group Email: sidr@ietf.org | |||
| Randy Bush | Randy Bush | |||
| Internet Initiative Japan | Internet Initiative Japan | |||
| 5147 Crystal Springs | 5147 Crystal Springs | |||
| Bainbridge Island, Washington, 98110 | Bainbridge Island, Washington, 98110 | |||
| USA | USA | |||
| skipping to change at page 5, line 36 | skipping to change at page 5, line 36 | |||
| P.O. Box 72682 | P.O. Box 72682 | |||
| Davis, CA 95617 | Davis, CA 95617 | |||
| USA | USA | |||
| Email: michael.baer@sparta.com | Email: michael.baer@sparta.com | |||
| " | " | |||
| DESCRIPTION "This MIB module contains management objects to | DESCRIPTION "This MIB module contains management objects to | |||
| support monitoring of the Resource Public Key | support monitoring of the Resource Public Key | |||
| Infrastructure (RPKI) protocol on routers. | Infrastructure (RPKI) protocol on routers. | |||
| Copyright (c) 2011 IETF Trust and the persons | Copyright (c) 2013 IETF Trust and the persons | |||
| identified as authors of the code. All rights | identified as authors of the code. All rights | |||
| reserved. | reserved. | |||
| Redistribution and use in source and binary | Redistribution and use in source and binary | |||
| forms, with or without modification, is | forms, with or without modification, is | |||
| permitted pursuant to, and subject to the | permitted pursuant to, and subject to the | |||
| license terms contained in, the Simplified BSD | license terms contained in, the Simplified BSD | |||
| License set forth in Section 4.c of the IETF | License set forth in Section 4.c of the IETF | |||
| Trust's Legal Provisions Relating to IETF | Trust's Legal Provisions Relating to IETF | |||
| Documents (http://trustee.ietf.org/license-info). | Documents (http://trustee.ietf.org/license-info). | |||
| This version of this MIB module is part of | This version of this MIB module is part of | |||
| RFCxxxx; see the RFC itself for full legal | RFCxxxx; see the RFC itself for full legal | |||
| notices. | notices. | |||
| " | " | |||
| REVISION "201110140000Z" | REVISION "201302050000Z" | |||
| DESCRIPTION "Initial version, published as RFCxxxx." | DESCRIPTION "Initial version, published as RFCxxxx." | |||
| -- Note to RFC Editor: pls fill in above (2 times) RFC | -- Note to RFC Editor: pls fill in above (2 times) RFC | |||
| -- number for xxxx and delete these 2 lines. | -- number for xxxx and delete these 2 lines. | |||
| ::= { mib-2 XXX } -- XXX to be assigned by IANA | ::= { mib-2 XXX } -- XXX to be assigned by IANA | |||
| rpkiRtrNotifications OBJECT IDENTIFIER ::= { rpkiRtrMIB 0 } | rpkiRtrNotifications OBJECT IDENTIFIER ::= { rpkiRtrMIB 0 } | |||
| rpkiRtrObjects OBJECT IDENTIFIER ::= { rpkiRtrMIB 1 } | rpkiRtrObjects OBJECT IDENTIFIER ::= { rpkiRtrMIB 1 } | |||
| rpkiRtrConformance OBJECT IDENTIFIER ::= { rpkiRtrMIB 2 } | rpkiRtrConformance OBJECT IDENTIFIER ::= { rpkiRtrMIB 2 } | |||
| -- ============================================================== | -- ============================================================== | |||
| -- Textual Conventions used in this MIB module | -- Textual Conventions used in this MIB module | |||
| -- ============================================================== | -- ============================================================== | |||
| RpkiRtrConnectionType ::= TEXTUAL-CONVENTION | RpkiRtrConnectionType ::= TEXTUAL-CONVENTION | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The connection type or transport security suite | DESCRIPTION "The connection type used between a router (as a | |||
| (transport plus security mechanism) used between | client) and a cache server. | |||
| a router (as a client) and a cache server. | ||||
| The following types have been defined in RFCnnnn: | The following types have been defined in RFC6810: | |||
| -- RFC Editor: pls fill out RFCnnnn number that will be or has | ||||
| -- been assigned to draft-ietf-sidr-rpki-rtr-nn.txt | ||||
| ssh(1) - sect 7.1, see also RFC4252. | ssh(1) - sect 7.1, see also RFC4252. | |||
| tls(2) - sect 7.2, see also RFC5246. | tls(2) - sect 7.2, see also RFC5246. | |||
| tcpMD5(3) - sect 7.3, see also RFC2385. | tcpMD5(3) - sect 7.3, see also RFC2385. | |||
| tcpAO(4) - sect 7.4, see also RFC5925. | tcpAO(4) - sect 7.4, see also RFC5925. | |||
| tcp(5) - sect 7. | tcp(5) - sect 7. | |||
| ipsec(6) - sect 7, see also RFC4301. | ipsec(6) - sect 7, see also RFC4301. | |||
| other(7) - non of the above | other(7) - none of the above | |||
| " | " | |||
| REFERENCE "The RPKI/Rtr Protocol, RFCnnnn - section 7" | REFERENCE "The RPKI/Router Protocol, RFC6810 - section 7" | |||
| -- RFC Editor: pls fill out RFCnnnn number that will be or has been | ||||
| -- assigned to draft-ietf-sidr-rpki-rtr-nn.txt | ||||
| SYNTAX INTEGER { | SYNTAX INTEGER { | |||
| ssh(1), | ssh(1), | |||
| tls(2), | tls(2), | |||
| tcpMD5(3), | tcpMD5(3), | |||
| tcpAO(4), | tcpAO(4), | |||
| tcp(5), | tcp(5), | |||
| ipsec(6), | ipsec(6), | |||
| other(7) | other(7) | |||
| } | } | |||
| -- ============================================================== | -- ============================================================== | |||
| -- Scalar objects | -- Scalar objects | |||
| -- ============================================================== | -- ============================================================== | |||
| rpkiRtrDiscontinuityTimer OBJECT-TYPE | rpkiRtrDiscontinuityTimer OBJECT-TYPE | |||
| SYNTAX TimeStamp | SYNTAX TimeStamp | |||
| MAX-ACCESS read-only | MAX-ACCESS read-only | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "This timer represents the timestamp (value | DESCRIPTION "This timer represents the timestamp (value | |||
| of sysUpTime) at which time any of the | of sysUpTime) at which time any of the | |||
| Counter32 ojects in this MIB module | Counter32 objects in this MIB module | |||
| encountered a discontinuity. | encountered a discontinuity. | |||
| In principle that should only happen if the | In principle that should only happen if the | |||
| SNMP agent or the instrumentation for this | SNMP agent or the instrumentation for this | |||
| MIB module (re-)starts." | MIB module (re-)starts." | |||
| ::= { rpkiRtrObjects 1 } | ::= { rpkiRtrObjects 1 } | |||
| -- ============================================================== | -- ============================================================== | |||
| -- RPKI Router Cache Server Connection Table | -- RPKI Router Cache Server Connection Table | |||
| -- ============================================================== | -- ============================================================== | |||
| skipping to change at page 8, line 13 | skipping to change at page 8, line 8 | |||
| rpkiRtrCacheServerDescription LongUtf8String, | rpkiRtrCacheServerDescription LongUtf8String, | |||
| rpkiRtrCacheServerMsgsReceived Counter32, | rpkiRtrCacheServerMsgsReceived Counter32, | |||
| rpkiRtrCacheServerMsgsSent Counter32, | rpkiRtrCacheServerMsgsSent Counter32, | |||
| rpkiRtrCacheServerV4ActiveRecords Gauge32, | rpkiRtrCacheServerV4ActiveRecords Gauge32, | |||
| rpkiRtrCacheServerV4Announcements Counter32, | rpkiRtrCacheServerV4Announcements Counter32, | |||
| rpkiRtrCacheServerV4Withdrawals Counter32, | rpkiRtrCacheServerV4Withdrawals Counter32, | |||
| rpkiRtrCacheServerV6ActiveRecords Gauge32, | rpkiRtrCacheServerV6ActiveRecords Gauge32, | |||
| rpkiRtrCacheServerV6Announcements Counter32, | rpkiRtrCacheServerV6Announcements Counter32, | |||
| rpkiRtrCacheServerV6Withdrawals Counter32, | rpkiRtrCacheServerV6Withdrawals Counter32, | |||
| rpkiRtrCacheServerLatestSerial Unsigned32, | rpkiRtrCacheServerLatestSerial Unsigned32, | |||
| rpkiRtrCacheServerNonce Unsigned32, | rpkiRtrCacheServerSessionID Unsigned32, | |||
| rpkiRtrCacheServerRefreshTimer Unsigned32, | rpkiRtrCacheServerRefreshTimer Unsigned32, | |||
| rpkiRtrCacheServerTimeToRefresh Integer32, | rpkiRtrCacheServerTimeToRefresh Integer32, | |||
| rpkiRtrCacheServerId Unsigned32 | rpkiRtrCacheServerId Unsigned32 | |||
| } | } | |||
| rpkiRtrCacheServerAddressType OBJECT-TYPE | rpkiRtrCacheServerAddressType OBJECT-TYPE | |||
| SYNTAX InetAddressType { ipv4(1), ipv6 (2) } | SYNTAX InetAddressType | |||
| MAX-ACCESS not-accessible | MAX-ACCESS not-accessible | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The network address type of the connection | DESCRIPTION "The network address type of the connection | |||
| to this RPKI cache server. | to this RPKI cache server. | |||
| Only IPv4 and IPv6 are supported." | Note: Only IPv4, IPv6 and DNS support are required | |||
| for RFCxxxx read only compliance." | ||||
| ::= { rpkiRtrCacheServerTableEntry 1 } | ::= { rpkiRtrCacheServerTableEntry 1 } | |||
| rpkiRtrCacheServerRemoteAddress OBJECT-TYPE | rpkiRtrCacheServerRemoteAddress OBJECT-TYPE | |||
| SYNTAX InetAddress (SIZE(4|16)) | SYNTAX InetAddress | |||
| MAX-ACCESS not-accessible | MAX-ACCESS not-accessible | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The remote network address for this connection | DESCRIPTION "The remote network address for this connection | |||
| to this RPKI cache server. | to this RPKI cache server. | |||
| The format of the address is defined by the | The format of the address is defined by the | |||
| value of the corresponding instance of | value of the corresponding instance of | |||
| rpkiRtrCacheServerAddressType." | rpkiRtrCacheServerAddressType." | |||
| ::= { rpkiRtrCacheServerTableEntry 2 } | ::= { rpkiRtrCacheServerTableEntry 2 } | |||
| skipping to change at page 9, line 22 | skipping to change at page 9, line 19 | |||
| rpkiRtrCacheServerLocalPort OBJECT-TYPE | rpkiRtrCacheServerLocalPort OBJECT-TYPE | |||
| SYNTAX InetPortNumber (1..65535) | SYNTAX InetPortNumber (1..65535) | |||
| MAX-ACCESS read-only | MAX-ACCESS read-only | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The local port number for this connection | DESCRIPTION "The local port number for this connection | |||
| to this RPKI cache server." | to this RPKI cache server." | |||
| ::= { rpkiRtrCacheServerTableEntry 5 } | ::= { rpkiRtrCacheServerTableEntry 5 } | |||
| rpkiRtrCacheServerPreference OBJECT-TYPE | rpkiRtrCacheServerPreference OBJECT-TYPE | |||
| SYNTAX Unsigned32 (0..255) | SYNTAX Unsigned32 | |||
| MAX-ACCESS read-only | MAX-ACCESS read-only | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The routers' preference for this | DESCRIPTION "The routers' preference for this RPKI cache server. | |||
| RPKI cache server. | ||||
| A lower value means more preferred. If two | A lower value means more preferred. If two | |||
| entries have the same preference, then the | entries have the same preference, then the | |||
| order is arbitrary. | order is arbitrary. | |||
| If no order is specified in the configuration | In two cases the maximum value for an Unsigned32 | |||
| then this value is set to 255." | object should be returned for this object: | |||
| REFERENCE "The RPKI/Rtr Protocol, RFCnnnn - section 8." | - If no order is specified in the RPKI Router | |||
| -- RFC-Editor: pls update RFCnnnn with the actual RFC number | configuration. | |||
| -- assigned to draft-ietf-sidr-rpki-rtr-nn.txt | - If a preference value is configured that is larger | |||
| than the max value for an Unsigned32 object." | ||||
| REFERENCE "The RPKI/Rtr Protocol, RFC6810 - section 8." | ||||
| DEFVAL { 4294967295 } | ||||
| ::= { rpkiRtrCacheServerTableEntry 6 } | ::= { rpkiRtrCacheServerTableEntry 6 } | |||
| rpkiRtrCacheServerConnectionType OBJECT-TYPE | rpkiRtrCacheServerConnectionType OBJECT-TYPE | |||
| SYNTAX RpkiRtrConnectionType | SYNTAX RpkiRtrConnectionType | |||
| MAX-ACCESS read-only | MAX-ACCESS read-only | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The connection type or transport security suite | DESCRIPTION "The connection type or transport security suite | |||
| in use for this RPKI cache server." | in use for this RPKI cache server." | |||
| ::= { rpkiRtrCacheServerTableEntry 7 } | ::= { rpkiRtrCacheServerTableEntry 7 } | |||
| skipping to change at page 12, line 10 | skipping to change at page 12, line 7 | |||
| rpkiRtrCacheServerLatestSerial OBJECT-TYPE | rpkiRtrCacheServerLatestSerial OBJECT-TYPE | |||
| SYNTAX Unsigned32 | SYNTAX Unsigned32 | |||
| MAX-ACCESS read-only | MAX-ACCESS read-only | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The latest serial number of data received from | DESCRIPTION "The latest serial number of data received from | |||
| this RPKI server on this connection. | this RPKI server on this connection. | |||
| Note: this value wraps back to zero when it | Note: this value wraps back to zero when it | |||
| reaches its maximum value." | reaches its maximum value." | |||
| REFERENCE "RFCnnnn section 2 and RFC1982" | REFERENCE "RFC6810 section 2 and RFC1982" | |||
| -- RFC-Editor: please fill out nnnn with the RFC number assigned | -- RFC-Editor: please fill out nnnn with the RFC number assigned | |||
| -- to draft-ietf-sidr-rpki-rtr-nn.txt | -- to draft-ietf-sidr-rpki-rtr-nn.txt | |||
| ::= { rpkiRtrCacheServerTableEntry 18 } | ::= { rpkiRtrCacheServerTableEntry 18 } | |||
| rpkiRtrCacheServerNonce OBJECT-TYPE | rpkiRtrCacheServerSessionID OBJECT-TYPE | |||
| SYNTAX Unsigned32 (0..65535) | SYNTAX Unsigned32 (0..65535) | |||
| MAX-ACCESS read-only | MAX-ACCESS read-only | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The nonce associated with the RPKI cache server | DESCRIPTION "The Session ID associated with the RPKI cache | |||
| at the other end of this connection." | server at the other end of this connection." | |||
| REFERENCE "RFCnnnn section 2" | REFERENCE "RFC6810 section 2" | |||
| ::= { rpkiRtrCacheServerTableEntry 19 } | ::= { rpkiRtrCacheServerTableEntry 19 } | |||
| rpkiRtrCacheServerRefreshTimer OBJECT-TYPE | rpkiRtrCacheServerRefreshTimer OBJECT-TYPE | |||
| SYNTAX Unsigned32 (60..7200) | SYNTAX Unsigned32 (60..7200) | |||
| UNITS "seconds" | UNITS "seconds" | |||
| MAX-ACCESS read-only | MAX-ACCESS read-only | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The number of seconds configured for the refresh | DESCRIPTION "The number of seconds configured for the refresh | |||
| timer for this connection to this RPKI cache | timer for this connection to this RPKI cache | |||
| server." | server." | |||
| REFERENCE "RFC6810 section 8, section 6.1" | ||||
| ::= { rpkiRtrCacheServerTableEntry 20 } | ::= { rpkiRtrCacheServerTableEntry 20 } | |||
| rpkiRtrCacheServerTimeToRefresh OBJECT-TYPE | rpkiRtrCacheServerTimeToRefresh OBJECT-TYPE | |||
| SYNTAX Integer32 | SYNTAX Integer32 | |||
| UNITS "seconds" | UNITS "seconds" | |||
| MAX-ACCESS read-only | MAX-ACCESS read-only | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The number of seconds remaining before a new | DESCRIPTION "The number of seconds remaining before a new | |||
| refresh is performed via a Serial Query to | refresh is performed via a Serial Query to | |||
| this cache server over this connection. | this cache server over this connection. | |||
| A negative value means that the refresh time | A negative value means that the refresh time has | |||
| has passed this many seconds and the refresh | passed this many seconds and the refresh has not yet | |||
| has not yet been completed. | been completed. It will stop decrementing at the | |||
| maximum negative value. | ||||
| Upon a completed refresh (i.e. a successful | Upon a completed refresh (i.e. a successful | |||
| and complete response to a Serial Query) the | and complete response to a Serial Query) the | |||
| value of this attribute will be re-initialized | value of this attribute will be re-initialized | |||
| with the value of the corresponding | with the value of the corresponding | |||
| rpkiRtrCacheServerRefreshTimer attribute." | rpkiRtrCacheServerRefreshTimer attribute." | |||
| REFERENCE "RFC6810 section 8" | ||||
| ::= { rpkiRtrCacheServerTableEntry 21 } | ::= { rpkiRtrCacheServerTableEntry 21 } | |||
| rpkiRtrCacheServerId OBJECT-TYPE | rpkiRtrCacheServerId OBJECT-TYPE | |||
| SYNTAX Unsigned32 (1..4294967295) | SYNTAX Unsigned32 (1..4294967295) | |||
| MAX-ACCESS read-only | MAX-ACCESS read-only | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The unique ID for this connection. | DESCRIPTION "The unique ID for this connection. | |||
| An implementation must make sure this ID is unique | An implementation must make sure this ID is unique | |||
| within this table. It is this ID that can be used | within this table. It is this ID that can be used | |||
| skipping to change at page 13, line 30 | skipping to change at page 13, line 28 | |||
| -- ============================================================== | -- ============================================================== | |||
| -- Errors Table | -- Errors Table | |||
| -- ============================================================== | -- ============================================================== | |||
| rpkiRtrCacheServerErrorsTable OBJECT-TYPE | rpkiRtrCacheServerErrorsTable OBJECT-TYPE | |||
| SYNTAX SEQUENCE OF RpkiRtrCacheServerErrorsTableEntry | SYNTAX SEQUENCE OF RpkiRtrCacheServerErrorsTableEntry | |||
| MAX-ACCESS not-accessible | MAX-ACCESS not-accessible | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "This table provides statistics on errors per | DESCRIPTION "This table provides statistics on errors per | |||
| RPKI peer connection. These can be used for | RPKI peer connection. These can be used for | |||
| debuging." | debugging." | |||
| ::= { rpkiRtrObjects 3 } | ::= { rpkiRtrObjects 3 } | |||
| rpkiRtrCacheServerErrorsTableEntry OBJECT-TYPE | rpkiRtrCacheServerErrorsTableEntry OBJECT-TYPE | |||
| SYNTAX RpkiRtrCacheServerErrorsTableEntry | SYNTAX RpkiRtrCacheServerErrorsTableEntry | |||
| MAX-ACCESS not-accessible | MAX-ACCESS not-accessible | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "An entry in the rpkiCacheServerErrorTable. It holds | DESCRIPTION "An entry in the rpkiCacheServerErrorTable. It holds | |||
| management objects associated with errors that | management objects associated with errors codes that | |||
| were detected for the specified connection to | were received on the specified connection to a | |||
| a specific cache server." | specific cache server." | |||
| REFERENCE "RFC6810 section 10" | ||||
| AUGMENTS { rpkiRtrCacheServerTableEntry } | AUGMENTS { rpkiRtrCacheServerTableEntry } | |||
| ::= { rpkiRtrCacheServerErrorsTable 1 } | ::= { rpkiRtrCacheServerErrorsTable 1 } | |||
| RpkiRtrCacheServerErrorsTableEntry ::= SEQUENCE { | RpkiRtrCacheServerErrorsTableEntry ::= SEQUENCE { | |||
| rpkiRtrCacheServerErrorsCorruptData Counter32, | rpkiRtrCacheServerErrorsCorruptData Counter32, | |||
| rpkiRtrCacheServerErrorsInternalError Counter32, | rpkiRtrCacheServerErrorsInternalError Counter32, | |||
| rpkiRtrCacheServerErrorsNoData Counter32, | rpkiRtrCacheServerErrorsNoData Counter32, | |||
| rpkiRtrCacheServerErrorsInvalidRequest Counter32, | rpkiRtrCacheServerErrorsInvalidRequest Counter32, | |||
| rpkiRtrCacheServerErrorsUnsupportedVersion Counter32, | rpkiRtrCacheServerErrorsUnsupportedVersion Counter32, | |||
| rpkiRtrCacheServerErrorsUnsupportedPdu Counter32, | rpkiRtrCacheServerErrorsUnsupportedPdu Counter32, | |||
| skipping to change at page 16, line 4 | skipping to change at page 15, line 51 | |||
| rpkiRtrCacheServerErrorsDuplicateAnnounce OBJECT-TYPE | rpkiRtrCacheServerErrorsDuplicateAnnounce OBJECT-TYPE | |||
| SYNTAX Counter32 | SYNTAX Counter32 | |||
| MAX-ACCESS read-only | MAX-ACCESS read-only | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The number of 'Duplicate Announcement Received' | DESCRIPTION "The number of 'Duplicate Announcement Received' | |||
| errors received from the RPKI cache server at | errors received from the RPKI cache server at | |||
| the other end of this connection. | the other end of this connection. | |||
| Discontinuities are indicated by the value | Discontinuities are indicated by the value | |||
| of rpkiRtrDiscontinuityTimer." | of rpkiRtrDiscontinuityTimer." | |||
| ::= { rpkiRtrCacheServerErrorsTableEntry 8 } | ::= { rpkiRtrCacheServerErrorsTableEntry 8 } | |||
| -- ============================================================== | -- ============================================================== | |||
| -- The rpkiRtrPrefixOriginTable (was refered to as ROATable in an | -- The rpkiRtrPrefixOriginTable | |||
| -- earlier version of this table) | ||||
| -- ============================================================== | -- ============================================================== | |||
| rpkiRtrPrefixOriginTable OBJECT-TYPE | rpkiRtrPrefixOriginTable OBJECT-TYPE | |||
| SYNTAX SEQUENCE OF RpkiRtrPrefixOriginTableEntry | SYNTAX SEQUENCE OF RpkiRtrPrefixOriginTableEntry | |||
| MAX-ACCESS not-accessible | MAX-ACCESS not-accessible | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "This table lists the prefixes that were | DESCRIPTION "This table lists the prefixes that were | |||
| announced by RPKI cache servers to this system. | announced by RPKI cache servers to this system. | |||
| That is the prefixes and their Origin ASN | That is the prefixes and their Origin ASN | |||
| as recieved by announcements via the | as received by announcements via the | |||
| rpki-rtr protocol." | rpki-rtr protocol." | |||
| ::= { rpkiRtrObjects 4 } | ::= { rpkiRtrObjects 4 } | |||
| rpkiRtrPrefixOriginTableEntry OBJECT-TYPE | rpkiRtrPrefixOriginTableEntry OBJECT-TYPE | |||
| SYNTAX RpkiRtrPrefixOriginTableEntry | SYNTAX RpkiRtrPrefixOriginTableEntry | |||
| MAX-ACCESS not-accessible | MAX-ACCESS not-accessible | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "An entry in the rpkiRtrPrefixOriginTable. | DESCRIPTION "An entry in the rpkiRtrPrefixOriginTable. | |||
| This represents one announced prefix." | This represents one announced prefix. If a Cache | |||
| Server is removed from the local configuration, any | ||||
| table rows associated with that server (indicated by | ||||
| rpkiRtrPrefixOriginCacheServerId) are also removed | ||||
| from this table." | ||||
| INDEX { rpkiRtrPrefixOriginAddressType, | INDEX { rpkiRtrPrefixOriginAddressType, | |||
| rpkiRtrPrefixOriginAddress, | rpkiRtrPrefixOriginAddress, | |||
| rpkiRtrPrefixOriginMinLength | rpkiRtrPrefixOriginMinLength, | |||
| rpkiRtrPrefixOriginMaxLength, | ||||
| rpkiRtrPrefixOriginASN, | ||||
| rpkiRtrPrefixOriginCacheServerId | ||||
| } | } | |||
| ::= { rpkiRtrPrefixOriginTable 1 } | ::= { rpkiRtrPrefixOriginTable 1 } | |||
| RpkiRtrPrefixOriginTableEntry ::= SEQUENCE { | RpkiRtrPrefixOriginTableEntry ::= SEQUENCE { | |||
| rpkiRtrPrefixOriginAddressType InetAddressType, | rpkiRtrPrefixOriginAddressType InetAddressType, | |||
| rpkiRtrPrefixOriginAddress InetAddress, | rpkiRtrPrefixOriginAddress InetAddress, | |||
| rpkiRtrPrefixOriginMinLength InetAddressPrefixLength, | rpkiRtrPrefixOriginMinLength InetAddressPrefixLength, | |||
| rpkiRtrPrefixOriginMaxLength InetAddressPrefixLength, | rpkiRtrPrefixOriginMaxLength InetAddressPrefixLength, | |||
| rpkiRtrPrefixOriginASN InetAutonomousSystemNumber, | rpkiRtrPrefixOriginASN InetAutonomousSystemNumber, | |||
| rpkiRtrPrefixOriginCacheServerId Unsigned32 | rpkiRtrPrefixOriginCacheServerId Unsigned32 | |||
| } | } | |||
| rpkiRtrPrefixOriginAddressType OBJECT-TYPE | rpkiRtrPrefixOriginAddressType OBJECT-TYPE | |||
| SYNTAX InetAddressType { ipv4(1), ipv6(2) } | SYNTAX InetAddressType | |||
| MAX-ACCESS not-accessible | MAX-ACCESS not-accessible | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The network Address Type for this prefix. | DESCRIPTION "The network Address Type for this prefix. | |||
| Only IPv4 and IPv6 are supported." | Note: Only IPv4, IPv6 and DNS support are required | |||
| for RFCxxxx read only compliance." | ||||
| ::= { rpkiRtrPrefixOriginTableEntry 1 } | ::= { rpkiRtrPrefixOriginTableEntry 1 } | |||
| rpkiRtrPrefixOriginAddress OBJECT-TYPE | rpkiRtrPrefixOriginAddress OBJECT-TYPE | |||
| SYNTAX InetAddress (SIZE(4|16)) | SYNTAX InetAddress | |||
| MAX-ACCESS not-accessible | MAX-ACCESS not-accessible | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The network Address for this prefix. | DESCRIPTION "The network Address for this prefix. | |||
| The format of the address is defined by the | The format of the address is defined by the | |||
| value of the corresponding instance of | value of the corresponding instance of | |||
| rpkiRtrCacheServerAddressType." | rpkiRtrPrefixOriginAddressType." | |||
| ::= { rpkiRtrPrefixOriginTableEntry 2 } | ::= { rpkiRtrPrefixOriginTableEntry 2 } | |||
| rpkiRtrPrefixOriginMinLength OBJECT-TYPE | rpkiRtrPrefixOriginMinLength OBJECT-TYPE | |||
| SYNTAX InetAddressPrefixLength | SYNTAX InetAddressPrefixLength | |||
| MAX-ACCESS not-accessible | MAX-ACCESS not-accessible | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The minimum prefix length allowed for this prefix." | DESCRIPTION "The minimum prefix length allowed for this prefix." | |||
| ::= { rpkiRtrPrefixOriginTableEntry 3 } | ::= { rpkiRtrPrefixOriginTableEntry 3 } | |||
| rpkiRtrPrefixOriginMaxLength OBJECT-TYPE | rpkiRtrPrefixOriginMaxLength OBJECT-TYPE | |||
| SYNTAX InetAddressPrefixLength | SYNTAX InetAddressPrefixLength | |||
| MAX-ACCESS read-only | MAX-ACCESS not-accessible | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The maximum prefix length allowed for this prefix. | DESCRIPTION "The maximum prefix length allowed for this prefix. | |||
| Note, this value must be greater or equal to the | Note, this value must be greater or equal to the | |||
| value of rpkiRtrPrefixOriginMinLength." | value of rpkiRtrPrefixOriginMinLength." | |||
| ::= { rpkiRtrPrefixOriginTableEntry 4 } | ::= { rpkiRtrPrefixOriginTableEntry 4 } | |||
| rpkiRtrPrefixOriginASN OBJECT-TYPE | rpkiRtrPrefixOriginASN OBJECT-TYPE | |||
| SYNTAX InetAutonomousSystemNumber | SYNTAX InetAutonomousSystemNumber | |||
| MAX-ACCESS read-only | MAX-ACCESS not-accessible | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The ASN that is authorized to announce the | DESCRIPTION "The ASN that is authorized to announce the | |||
| prefix or sub-prefixes covered by this entry." | prefix or sub-prefixes covered by this entry." | |||
| ::= { rpkiRtrPrefixOriginTableEntry 5 } | ::= { rpkiRtrPrefixOriginTableEntry 5 } | |||
| rpkiRtrPrefixOriginCacheServerId OBJECT-TYPE | rpkiRtrPrefixOriginCacheServerId OBJECT-TYPE | |||
| SYNTAX Unsigned32 (1..4294967295) | SYNTAX Unsigned32 (1..4294967295) | |||
| MAX-ACCESS read-only | MAX-ACCESS read-only | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The unique ID of the connection to the cache | DESCRIPTION "The unique ID of the connection to the cache | |||
| skipping to change at page 17, line 49 | skipping to change at page 18, line 4 | |||
| ::= { rpkiRtrPrefixOriginTableEntry 5 } | ::= { rpkiRtrPrefixOriginTableEntry 5 } | |||
| rpkiRtrPrefixOriginCacheServerId OBJECT-TYPE | rpkiRtrPrefixOriginCacheServerId OBJECT-TYPE | |||
| SYNTAX Unsigned32 (1..4294967295) | SYNTAX Unsigned32 (1..4294967295) | |||
| MAX-ACCESS read-only | MAX-ACCESS read-only | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The unique ID of the connection to the cache | DESCRIPTION "The unique ID of the connection to the cache | |||
| server from which this announcement was received. | server from which this announcement was received. | |||
| That connection is identified/found by a matching | That connection is identified/found by a matching | |||
| value in attribute rpkiRtrCacheServerId." | value in attribute rpkiRtrCacheServerId." | |||
| ::= { rpkiRtrPrefixOriginTableEntry 6 } | ::= { rpkiRtrPrefixOriginTableEntry 6 } | |||
| -- ============================================================== | -- ============================================================== | |||
| -- Notifications | -- Notifications | |||
| -- ============================================================== | -- ============================================================== | |||
| rpkiRtrCacheServerConnectionStateChange NOTIFICATION-TYPE | rpkiRtrCacheServerConnectionStateChange NOTIFICATION-TYPE | |||
| OBJECTS { rpkiRtrCacheServerConnectionStatus, | OBJECTS { rpkiRtrCacheServerConnectionStatus, | |||
| rpkiRtrCacheServerLatestSerial, | rpkiRtrCacheServerLatestSerial, | |||
| rpkiRtrCacheServerNonce | rpkiRtrCacheServerSessionID | |||
| } | } | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "This notification signals a change in the status | DESCRIPTION "This notification signals a change in the status | |||
| of an rpkiRtrCacheServerConnection. | of an rpkiRtrCacheServerConnection. | |||
| The SNMP agent MUST throttle the generation of | The management agent MUST throttle the generation of | |||
| consecutive rpkiRtrCacheServerConnectionStateChange | consecutive rpkiRtrCacheServerConnectionStateChange | |||
| notifications such that there is at least a | notifications such that there is at least a 5 second | |||
| 5 second gap between them. | gap between them. | |||
| " | ||||
| If more than one notification has occurred locally | ||||
| during that time, the most recent notification is | ||||
| sent at the end of the 5 second gap and the others | ||||
| are discarded." | ||||
| ::= { rpkiRtrNotifications 1 } | ::= { rpkiRtrNotifications 1 } | |||
| rpkiRtrCacheServerConnectionToGoStale NOTIFICATION-TYPE | rpkiRtrCacheServerConnectionToGoStale NOTIFICATION-TYPE | |||
| OBJECTS { rpkiRtrCacheServerV4ActiveRecords, | OBJECTS { rpkiRtrCacheServerV4ActiveRecords, | |||
| rpkiRtrCacheServerV6ActiveRecords, | rpkiRtrCacheServerV6ActiveRecords, | |||
| rpkiRtrCacheServerLatestSerial, | rpkiRtrCacheServerLatestSerial, | |||
| rpkiRtrCacheServerNonce, | rpkiRtrCacheServerSessionID, | |||
| rpkiRtrCacheServerRefreshTimer, | rpkiRtrCacheServerRefreshTimer, | |||
| rpkiRtrCacheServerTimeToRefresh | rpkiRtrCacheServerTimeToRefresh | |||
| } | } | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "This notification signals that an RPKI cache | DESCRIPTION "This notification signals that an RPKI cache | |||
| server connection is about to go stale. | server connection is about to go stale. | |||
| It is suggested that this notifiation is | It is suggested that this notification is | |||
| generated when the value of the | generated when the value of the | |||
| rpkiRtrCacheServerTimeToRefresh attribute | rpkiRtrCacheServerTimeToRefresh attribute | |||
| goes below 60 seconds. | goes below 60 seconds. | |||
| The SNMP agent MUST throttle the generation of | The SNMP agent MUST throttle the generation of | |||
| consecutive rpkiRtrCacheServerConnectionToGoStale | consecutive rpkiRtrCacheServerConnectionToGoStale | |||
| notifications such that there is at least a | notifications such that there is at least a | |||
| 5 second gap between them. | 5 second gap between them. | |||
| " | " | |||
| ::= { rpkiRtrNotifications 2 } | ::= { rpkiRtrNotifications 2 } | |||
| -- ============================================================== | -- ============================================================== | |||
| -- Module Compliance information | -- Module Compliance information | |||
| -- ============================================================== | -- ============================================================== | |||
| rpkiRtrCompliances OBJECT IDENTIFIER ::= | rpkiRtrCompliances OBJECT IDENTIFIER ::= | |||
| {rpkiRtrConformance 1} | {rpkiRtrConformance 1} | |||
| rpkiRtrGroups OBJECT IDENTIFIER ::= | rpkiRtrGroups OBJECT IDENTIFIER ::= | |||
| {rpkiRtrConformance 2} | {rpkiRtrConformance 2} | |||
| rpkiRtrReadOnlyCompliance MODULE-COMPLIANCE | rpkiRtrRFCxxxxReadOnlyCompliance MODULE-COMPLIANCE | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The compliance statement for the rpkiRtrMIB | DESCRIPTION "The compliance statement for the rpkiRtrMIB | |||
| module. There are only read-only objects in this | module. There are only read-only objects in this | |||
| MIB module, so the 'ReadOnly' in the name of this | MIB module, so the 'ReadOnly' in the name of this | |||
| compliance statement is there only for clarity | compliance statement is there only for clarity | |||
| and truth in advertising. | and truth in advertising. | |||
| In order to be compliant, the InetAddressType | ||||
| objects in this MIB, rpkiRtrCacheServerAddressType | ||||
| and rpkiRtrPrefixOriginAddressType, are only | ||||
| required to support the ipv4, ipv6, and dns types. | ||||
| " | " | |||
| MODULE -- This module | MODULE -- This module | |||
| MANDATORY-GROUPS { rpkiRtrCacheServerGroup, | MANDATORY-GROUPS { rpkiRtrCacheServerGroup, | |||
| rpkiRtrPrefixOriginGroup, | rpkiRtrPrefixOriginGroup, | |||
| rpkiRtrNotificationsGroup | rpkiRtrNotificationsGroup, | |||
| rpkiRtrCacheServerAddressType | ||||
| } | } | |||
| GROUP rpkiRtrCacheServerErrorsGroup | GROUP rpkiRtrCacheServerErrorsGroup | |||
| DESCRIPTION "Implemntation of this group is optional and | DESCRIPTION "Implementation of this group is optional and | |||
| would be useful for debugging." | would be useful for debugging." | |||
| ::= { rpkiRtrCompliances 1 } | ::= { rpkiRtrCompliances 1 } | |||
| rpkiRtrCacheServerGroup OBJECT-GROUP | rpkiRtrCacheServerGroup OBJECT-GROUP | |||
| OBJECTS { rpkiRtrDiscontinuityTimer, | OBJECTS { | |||
| rpkiRtrDiscontinuityTimer, | ||||
| rpkiRtrCacheServerLocalAddress, | rpkiRtrCacheServerLocalAddress, | |||
| rpkiRtrCacheServerLocalPort, | rpkiRtrCacheServerLocalPort, | |||
| rpkiRtrCacheServerPreference, | rpkiRtrCacheServerPreference, | |||
| rpkiRtrCacheServerConnectionType, | rpkiRtrCacheServerConnectionType, | |||
| rpkiRtrCacheServerConnectionStatus, | rpkiRtrCacheServerConnectionStatus, | |||
| rpkiRtrCacheServerDescription, | rpkiRtrCacheServerDescription, | |||
| rpkiRtrCacheServerMsgsReceived, | rpkiRtrCacheServerMsgsReceived, | |||
| rpkiRtrCacheServerMsgsSent, | rpkiRtrCacheServerMsgsSent, | |||
| rpkiRtrCacheServerV4ActiveRecords, | rpkiRtrCacheServerV4ActiveRecords, | |||
| rpkiRtrCacheServerV4Announcements, | rpkiRtrCacheServerV4Announcements, | |||
| rpkiRtrCacheServerV4Withdrawals, | rpkiRtrCacheServerV4Withdrawals, | |||
| rpkiRtrCacheServerV6ActiveRecords, | rpkiRtrCacheServerV6ActiveRecords, | |||
| rpkiRtrCacheServerV6Announcements, | rpkiRtrCacheServerV6Announcements, | |||
| rpkiRtrCacheServerV6Withdrawals, | rpkiRtrCacheServerV6Withdrawals, | |||
| rpkiRtrCacheServerLatestSerial, | rpkiRtrCacheServerLatestSerial, | |||
| rpkiRtrCacheServerNonce, | rpkiRtrCacheServerSessionID, | |||
| rpkiRtrCacheServerRefreshTimer, | rpkiRtrCacheServerRefreshTimer, | |||
| rpkiRtrCacheServerTimeToRefresh, | rpkiRtrCacheServerTimeToRefresh, | |||
| rpkiRtrCacheServerId | rpkiRtrCacheServerId | |||
| } | } | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The collection of objects to monitor the RPKI peer | DESCRIPTION "The collection of objects to monitor the RPKI peer | |||
| connections." | connections." | |||
| ::= { rpkiRtrGroups 1 } | ::= { rpkiRtrGroups 1 } | |||
| rpkiRtrCacheServerErrorsGroup OBJECT-GROUP | rpkiRtrCacheServerErrorsGroup OBJECT-GROUP | |||
| OBJECTS { rpkiRtrCacheServerErrorsCorruptData, | OBJECTS { | |||
| rpkiRtrCacheServerErrorsCorruptData, | ||||
| rpkiRtrCacheServerErrorsInternalError, | rpkiRtrCacheServerErrorsInternalError, | |||
| rpkiRtrCacheServerErrorsNoData, | rpkiRtrCacheServerErrorsNoData, | |||
| rpkiRtrCacheServerErrorsInvalidRequest, | rpkiRtrCacheServerErrorsInvalidRequest, | |||
| rpkiRtrCacheServerErrorsUnsupportedVersion, | rpkiRtrCacheServerErrorsUnsupportedVersion, | |||
| rpkiRtrCacheServerErrorsUnsupportedPdu, | rpkiRtrCacheServerErrorsUnsupportedPdu, | |||
| rpkiRtrCacheServerErrorsWithdrawalUnknown, | rpkiRtrCacheServerErrorsWithdrawalUnknown, | |||
| rpkiRtrCacheServerErrorsDuplicateAnnounce | rpkiRtrCacheServerErrorsDuplicateAnnounce | |||
| } | } | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The collection of objects that may help in | DESCRIPTION "The collection of objects that may help in | |||
| debugging the communication between rpki | debugging the communication between rpki | |||
| clients and cache servers." | clients and cache servers." | |||
| ::= { rpkiRtrGroups 2 } | ::= { rpkiRtrGroups 2 } | |||
| rpkiRtrPrefixOriginGroup OBJECT-GROUP | rpkiRtrPrefixOriginGroup OBJECT-GROUP | |||
| OBJECTS { rpkiRtrPrefixOriginMaxLength, | OBJECTS { | |||
| rpkiRtrPrefixOriginASN, | ||||
| rpkiRtrPrefixOriginCacheServerId | rpkiRtrPrefixOriginCacheServerId | |||
| } | } | |||
| STATUS current | STATUS current | |||
| DESCRIPTION "The collection of objects that represent | DESCRIPTION "The collection of objects that represent | |||
| the prefix(es) and their validated origin | the prefix(es) and their validated origin | |||
| ASes." | ASes." | |||
| ::= { rpkiRtrGroups 3 } | ::= { rpkiRtrGroups 3 } | |||
| rpkiRtrNotificationsGroup NOTIFICATION-GROUP | rpkiRtrNotificationsGroup NOTIFICATION-GROUP | |||
| NOTIFICATIONS { rpkiRtrCacheServerConnectionStateChange, | NOTIFICATIONS { rpkiRtrCacheServerConnectionStateChange, | |||
| skipping to change at page 22, line 4 | skipping to change at page 22, line 16 | |||
| Further, deployment of SNMP versions prior to SNMPv3 is NOT | Further, deployment of SNMP versions prior to SNMPv3 is NOT | |||
| RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to | RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to | |||
| enable cryptographic security. It is then a customer/operator | enable cryptographic security. It is then a customer/operator | |||
| responsibility to ensure that the SNMP entity giving access to an | responsibility to ensure that the SNMP entity giving access to an | |||
| instance of this MIB module is properly configured to give access to | instance of this MIB module is properly configured to give access to | |||
| the objects only to those principals (users) that have legitimate | the objects only to those principals (users) that have legitimate | |||
| rights to indeed GET or SET (change/create/delete) them. | rights to indeed GET or SET (change/create/delete) them. | |||
| 7. References | 7. References | |||
| 7.1. Normative References | ||||
| [I-D.ietf-sidr-rpki-rtr] | 7.1. Normative References | |||
| Bush, R. and R. Austein, "The RPKI/Router Protocol", | ||||
| draft-ietf-sidr-rpki-rtr-26 (work in progress), | ||||
| February 2012. | ||||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | Requirement Levels", BCP 14, RFC 2119, March 1997. | |||
| [RFC2287] Krupczak, C. and J. Saperia, "Definitions of System-Level | [RFC2287] Krupczak, C. and J. Saperia, "Definitions of System-Level | |||
| Managed Objects for Applications", RFC 2287, | Managed Objects for Applications", RFC 2287, | |||
| February 1998. | February 1998. | |||
| [RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder, | [RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder, | |||
| "Structure of Management Information Version 2 (SMIv2)", | "Structure of Management Information Version 2 (SMIv2)", | |||
| skipping to change at page 22, line 34 | skipping to change at page 22, line 42 | |||
| April 1999. | April 1999. | |||
| [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, | [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, | |||
| "Conformance Statements for SMIv2", STD 58, RFC 2580, | "Conformance Statements for SMIv2", STD 58, RFC 2580, | |||
| April 1999. | April 1999. | |||
| [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. | [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. | |||
| Schoenwaelder, "Textual Conventions for Internet Network | Schoenwaelder, "Textual Conventions for Internet Network | |||
| Addresses", RFC 4001, February 2005. | Addresses", RFC 4001, February 2005. | |||
| [RFC6810] Bush, R. and R. Austein, "The Resource Public Key | ||||
| Infrastructure (RPKI) to Router Protocol", RFC 6810, | ||||
| January 2013. | ||||
| 7.2. Informative References | 7.2. Informative References | |||
| [RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic", RFC 1982, | [RFC1982] Elz, R. and R. Bush, "Serial Number Arithmetic", RFC 1982, | |||
| August 1996. | August 1996. | |||
| [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, | [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, | |||
| "Introduction and Applicability Statements for Internet- | "Introduction and Applicability Statements for Internet- | |||
| Standard Management Framework", RFC 3410, December 2002. | Standard Management Framework", RFC 3410, December 2002. | |||
| [RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security Model | [RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security Model | |||
| End of changes. 63 change blocks. | ||||
| 87 lines changed or deleted | 109 lines changed or added | |||
This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||