Network Working Group T. Dietz, Ed. Internet-Draft NEC Europte Ltd. Intended status: Standards Track A. Kobayashi Expires: August 27, 2007 NTT PF Lab. B. Claise Cisco Systems, Inc. February 23, 2007 Definitions of Managed Objects for IP Flow Information Export draft-ietf-ipfix-mib-00.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on August 27, 2007. Copyright Notice Copyright (C) The IETF Trust (2007). Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 1] Internet-Draft IPFIX MIB February 2007 Abstract This document defines managed objects for IP Flow Information Export (IPFIX). These objects provide information for monitoring IPFIX Exporters and IPFIX Collectors including some minor configuration information. Table of Contents 1. Open Issues/TODOs . . . . . . . . . . . . . . . . . . . . . . 3 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 3. IPFIX Documents Overview . . . . . . . . . . . . . . . . . . . 6 4. The Internet-Standard Management Framework . . . . . . . . . . 7 5. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 8 6. Structure of the IPFIX MIB . . . . . . . . . . . . . . . . . . 12 6.1. The Transport Session Table . . . . . . . . . . . . . . . 12 6.1.1. The Transport Session Group Table . . . . . . . . . . 12 6.2. The Observation Domain Table . . . . . . . . . . . . . . . 13 6.3. The Template Table . . . . . . . . . . . . . . . . . . . . 13 6.4. The Template Definition Table . . . . . . . . . . . . . . 13 6.5. The Selector Table . . . . . . . . . . . . . . . . . . . . 13 6.6. The Selector Functions . . . . . . . . . . . . . . . . . . 14 6.6.1. Textual Convention IpfixFunctionAvailabilty . . . . . 14 6.7. The Statistical Tables . . . . . . . . . . . . . . . . . . 15 7. MIB Definitions . . . . . . . . . . . . . . . . . . . . . . . 16 8. Security Considerations . . . . . . . . . . . . . . . . . . . 42 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 43 10. Acknowledgment . . . . . . . . . . . . . . . . . . . . . . . . 44 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 45 11.1. Normative References . . . . . . . . . . . . . . . . . . . 45 11.2. Informative References . . . . . . . . . . . . . . . . . . 46 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 47 Intellectual Property and Copyright Statements . . . . . . . . . . 48 Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 2] Internet-Draft IPFIX MIB February 2007 1. Open Issues/TODOs o Check which tables and objects should be writeable. * The Transport Session Table can't be writeable (*), as the SCTP MIB is not writeable, as RFC 3873 says: It is NOT possible to create rows in any table (sctpAssocTable, sctpAssocLocalAddrTable, sctpRemAddrTable and Reverse Lookup tables) using SNMP. It is NOT possible to delete rows in any table using SNMP except in sctpAssocTable under the particular conditions explained below. Same thing for TCP (RFC 4022) (*) actually, I think it makes sense to have this table writeable. So fine with me if we can live with manually configuring the SCTP association. So I would say: configurable * transport session grouping table -> configurable * observation domain table -> read * template table -> read * template definition -> I don't think the configuration will ever be done that way. However, if this makes some people happy... At the condition that the COMPLIANCE STATEMENT says: read is the minimum. Btw, I think the COMPLIANCE STATEMENT must not say read-write for anything. * selector table -> read * statistics -> read o Elaborate security considerations, particularly concerning SET operations. For that the writeability issues must be solved. o Check the definitions once IPFIX-PROTO is a RFC. o Capitalize all terms defined in the terminology. o Do we need start/stop times for sessions/flows etc? See also next point. Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 3] Internet-Draft IPFIX MIB February 2007 o Do we want to include the following table (or something similar) for IPFIX (* indicated index) ipfixFlowCreatParameterTable *ipfixMeteringProcessId ipfixActiveTimeOut ipfixInactiveTimeOut ipfixStoreFlowEntryNumber ipfixCurrentFlowEntryNumber Double check with the objects that Benoit demands (not included here). We need to dicuss which of those are needed. o include ipfixExportVersion (or something similar) o add some examples Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 4] Internet-Draft IPFIX MIB February 2007 2. Introduction This document defines MIB modules for monitoring IP Flow Information Export (IPFIX) Devices including Exporters and Collectors. The full configuration of the IPFIX Metering Process is out of the scope this MIB. However, some configuration of the Exporting Process is specified in this document. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 5] Internet-Draft IPFIX MIB February 2007 3. IPFIX Documents Overview The IPFIX protocol provides network administrators with access to IP flow information. The architecture for the export of measured IP flow information out of an IPFIX exporting process to a collecting process is defined in [I-D.ietf-ipfix-architecture], per the requirements defined in [RFC3917]. The protocol document [I-D.ietf-ipfix-protocol] specifies how IPFIX data record and templates are carried via a congestion-aware transport protocol from IPFIX exporting processes to IPFIX collecting process. IPFIX has a formal description of IPFIX information elements, their name, type and additional semantic information, as specified in [I-D.ietf-ipfix-info]. Finally [I-D.ietf-ipfix-as] describes what type of applications can use the IPFIX protocol and how they can use the information provided. It furthermore shows how the IPFIX framework relates to other architectures and frameworks. It is assumed that flow metering, export and collection is performed according to the IPFIX architecture defined in [I-D.ietf-ipfix-architecture]. Configuration of the export and collection of flow information templates and records is modeled according to [I-D.ietf-ipfix-protocol]. Packet selection and filtering methods that may be optionally used by the IPFIX metering processare not considered in this MIB module. They are defined in the Packet Sampling (PSAMP) framework [I-D.ietf-psamp-framework] and sampling techniques [I-D.ietf-psamp-sample-tech] documents. Nevertheless the entry point for those methods [I-D.ietf-psamp-mib] is given within this MIB module since PSAMP export protocol [I-D.ietf-psamp-protocol] is based on the IPFIX protocol. Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 6] Internet-Draft IPFIX MIB February 2007 4. The Internet-Standard Management Framework For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580]. Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 7] Internet-Draft IPFIX MIB February 2007 5. Terminology The definitions of the basic terms like IP Traffic Flow, Exporting Process, Collecting Process, Observation Points, etc. are semantically identical with those found in the IPFIX protocol document [I-D.ietf-ipfix-protocol]. Observation Point An Observation Point is a location in the network where IP packets can be observed. Examples include: a line to which a probe is attached, a shared medium, such as an Ethernet-based LAN, a single port of a router, or a set of interfaces (physical or logical) of a router. Note that every Observation Point is associated with an Observation Domain (defined below), and that one Observation Point may be a superset of several other Observation Points. For example one Observation Point can be an entire line card. That would be the superset of the individual Observation Points at the line card's interfaces. Observation Domain An Observation Domain is the largest set of Observation Points for which Flow information can be aggregated by a Metering Process. For example, a router line card may be an Observation Domain if it is composed of several interfaces, each of which is an Observation Point. In the IPFIX Message it generates, the Observation Domain includes its Observation Domain ID, which is unique per Exporting Process. That way, the Collecting Process can identify the specific Observation Domain from the Exporter that sends the IPFIX Messages. Every Observation Point is associated with an Observation Domain. It is RECOMMENDED that Observation Domain IDs are also unique per IPFIX Device. IP Traffic Flow or Flow There are several definitions of the term 'flow' being used by the Internet community. Within the context of IPFIX we use the following definition: A Flow is defined as a set of IP packets passing an Observation Point in the network during a certain time interval. All packets belonging to a particular Flow have a set of common properties. Each property is defined as the result of applying a function to the values of: Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 8] Internet-Draft IPFIX MIB February 2007 1. one or more packet header field (e.g. destination IP address), transport header field (e.g. destination port number), or application header field (e.g. RTP header fields [RFC1889]) 2. one or more characteristics of the packet itself (e.g. number of MPLS labels, etc...) 3. one or more of fields derived from packet treatment (e.g. next hop IP address, the output interface, etc...) A packet is defined to belong to a Flow if it completely satisfies all the defined properties of the Flow. This definition covers the range from a Flow containing all packets observed at a network interface to a Flow consisting of just a single packet between two applications. It includes packets selected by a sampling mechanism. Flow Record A Flow Record contains information about a specific Flow that was observed at an Observation Point. A Flow Record contains measured properties of the Flow (e.g. the total number of bytes for all the Flow's packets) and usually characteristic properties of the Flow (e.g. source IP address). Metering Process The Metering Process generates Flow Records. Inputs to the process are packet headers and characteristics observed at an Observation Point, and packet treatment at the Observation Point (for example the selected output interface). The Metering Process consists of a set of functions that includes packet header capturing, timestamping, sampling, classifying, and maintaining Flow Records. The maintenance of Flow Records may include creating new records, updating existing ones, computing Flow statistics, deriving further Flow properties, detecting Flow expiration, passing Flow Records to the Exporting Process, and deleting Flow Records. Exporting Process The Exporting Process sends Flow Records to one or more Collecting Processes. The Flow Records are generated by one or more Metering Processes. Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 9] Internet-Draft IPFIX MIB February 2007 Exporter A device which hosts one or more Exporting Processes is termed an Exporter. IPFIX Device An IPFIX Device hosts at least one Exporting Process. It may host further Exporting processes and arbitrary numbers of Observation Points and Metering Process. Collecting Process A Collecting Process receives Flow Records from one or more Exporting Processes. The Collecting Process might process or store received Flow Records, but such actions are out of scope for this document. Collector A device which hosts one or more Collecting Processes is termed a Collector. Template Template is an ordered sequence of pairs, used to completely specify the structure and semantics of a particular set of information that needs to be communicated from an IPFIX Device to a Collector. Each Template is uniquely identifiable by means of a Template ID. Template Record A Template Record defines the structure and interpretation of fields in a Data Record. Data Record A Data Record is a record that contains values of the parameters corresponding to a Template Record. Options Template Record An Options Template Record is a Template Record that defines the structure and interpretation of fields in a Data Record, including defining how to scope the applicability of the Data Record. Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 10] Internet-Draft IPFIX MIB February 2007 Information Element An Information Element is a protocol and encoding independent description of an attribute which may appear in an IPFIX Record. The IPFIX information model [I-D.ietf-ipfix-info] defines the base set of Information Elements for IPFIX. The type associated with an Information Element indicates constraints on what it may contain and also determines the valid encoding mechanisms for use in IPFIX. Selector Function A sampling or filtering function used by a Metering Process. Selector Functions can be combined by passing the results from one function as the input to the next function. Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 11] Internet-Draft IPFIX MIB February 2007 6. Structure of the IPFIX MIB The IPFIX MIB consists of four main tables, the Transport Session table, the Observation Domain table, the Template table and the Template Definition table. Since the IPFIX architecture [I-D.ietf-ipfix-architecture] foresees the possibility of using filtering and/or sampling functions to reduce the data volume the MIB provides the basic objects for theses functions with the Selector Table and a subtree for hooking standard filtering and sampling functions. All remaning objects contain statistical values for the different tables contained in the MIB. Finally an entry point for extensions of the IPFIX MIB is given that can be used e.g. for the PSAMP MIB [I-D.ietf-psamp-mib]. The following subsections describe all tables in the IPFIX MIB module. 6.1. The Transport Session Table The Transport Session is the basic concept in the MIB. The Transport Session table (ipfixTransportSessionTable) contains all Transport Sessions between Exporter and Collector. The table specifies the layer 4 protocol of the Transport Session and, depending on the protocol, further parameters for the Transport Session. In case of UDP and TCP these are the source and destination address as well as the source and destination port. For SCTP the table contains the SCTP Assoc Id which is the index for the SCTP association in the SCTP MIB [RFC3873]. Finally a status of the Transport Session is given in the table. 6.1.1. The Transport Session Group Table On Exporters, the Transport Session Group table (ipfixTransportSessionGroupTable)can be used to achieve funtionalities like failover, load-balancing, duplicate export to several Collectors etc. The member type for each group member describes its functionality. For failover a Transport Session group can contain one Transport Session with member type "primary" and several Transport Sessions with type "secondary". Entries with other member types are not allowed for that group. For load-balancing or parallel export all Transport Sessions in the group MUST have the same member type either "loadBalancing" or "duplicate". The algorithms used for failover or load-balancing are Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 12] Internet-Draft IPFIX MIB February 2007 out of the scope of this document. The notion of Transport Session Grouping is only available on Exporters. Nevertheless the Transport Session Group table exists on Exporters and Collectors, for consistency reasons. Each Transport Session Group on a Collector consists of a single entry with a Transport Session. The member type for this entry must be set to unused. If the Transport Session Grouping is not supported on an Exporter the same conditions as described above for Collectors apply. 6.2. The Observation Domain Table The Observation Domain Table (ipfixObservationDomainTable) contains a reference to the ENTITY MIB [RFC4133]. The objects in the ENTITY MIB denote the Observation Point associated with the given Observation Domain Id. Since a Collector could receive the same Observation Domain Id in different sessions (thus from different exporters) the table takes the Transport Session index as first index. The Transport Session index would be typically zero (0) at an Exporter because the Observation Domain Id is usually unique per device and thus need not to be scoped by the Transport Session. 6.3. The Template Table The Template table lists all Templates (including Option Templates) that are sent (by an Exporter) or received (by a Collector). The Templates are unique per Transport Session Group and Observation Domain, thus the table is indexed by the Transport Session Index and the Observation Domain Id from the previous two tables. It contains the Set Id and an Access Time denoting the time when the template was last sent or received. 6.4. The Template Definition Table This table lists all the Information Elements contained in a Template or Option Template. Therefore it takes the same indexes as the Template table plus the Template Id. Its own index denotes the order of the Information Element inside the template if necessary. Besides the Information Element Id and the length of the encoded value the table conntains flags for each Information Element. The flags indicate if the Information Element is used for scoping or as a flow key. 6.5. The Selector Table This table supports the usage of filtering and sampling functions as described in [I-D.ietf-ipfix-architecture]. The implementation and use of this table is optional. If implemented it contains lists of Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 13] Internet-Draft IPFIX MIB February 2007 functions per Template, thus it takes the same indexes as the Template Field table. The Selector Index indicates the order of the functions i.e, the order in that the functions are applied to the packets observed at the Observation Point. The functions are refered by object identifiers pointing to the function with its parameters. If the table is implemented and no filtering or sampling is used for a template then an entry for the template should be created pointing to the Select All function (ipfixFuncSelectAll). 6.6. The Selector Functions The subtree ipfixSelectorFunctions is a placeholder where all standard filtering and sampling functions should be located (if any) and is mainly build for extensibilty in future versions. It currently contains the Select All functions (ipfixFuncSelectAll). A future extension could produce e.g., the MIB tree shown in the following figure: ipfixSelectorFunctions | +- ipfixFuncSelectAll | | | +- ipfixFuncSelectAllAvail (is the function available?) | +- ipfixFuncF2 | | | +- ipfixFuncF2Avail (is the function F2 available) | | | +- ipfixFuncF2Parameters (a table with parameters) ... | +- ipfixFunFn... If a selector function takes parameters the MIB should contain a table with an entry for each set of parameters used at the exporter. In this way a future extension could point to an entry in that table to indicate both the used selector function as well as the parameters used for that function. 6.6.1. Textual Convention IpfixFunctionAvailabilty In conjunction with the Selector Functions the textual convention IpfixFunctionAvailabilty is defined in the MIB. It must be used within all Selector Functions to indicate if a standard function is currently available at the device or not. The previous mentioned Select All function is always available. Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 14] Internet-Draft IPFIX MIB February 2007 6.7. The Statistical Tables The remaining tables are all for statistical evaluation and all of them are optional. Those table gather statistical values for a corresponding table of those described above. Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 15] Internet-Draft IPFIX MIB February 2007 7. MIB Definitions This section contains the definitions of the IPFIX-MIB module. There are different mandatory groups defined for Collector and Exporter implementations. The statistical objects are made optional. As well as such functionalities as transport session grouping which need not be supported by all IPFIX devices. IPFIX-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, mib-2, Integer32, Unsigned32, Counter32, Counter64 FROM SNMPv2-SMI -- RFC2578 TEXTUAL-CONVENTION, DateAndTime FROM SNMPv2-TC -- RFC2579 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF -- RFC2580 InetAddressType, InetAddress FROM INET-ADDRESS-MIB -- RFC3291 PhysicalIndexOrZero FROM ENTITY-MIB; -- RFC4133 ipfixMIB MODULE-IDENTITY LAST-UPDATED "200702230900Z" -- 32 February 2007 ORGANIZATION "IETF IPFIX Working Group" CONTACT-INFO "WG charter: http://www.ietf.org/html.charters/ipfix-charter.html Mailing Lists: General Discussion: ipfix@ietf.org To Subscribe: majordomo@net.doit.wisc.edu In Body: subscribe ipfix Archive: http://ipfix.doit.wisc.edu/archive/ Editor: Thomas Dietz NEC Europe Ltd. Network Laboratories Kurfuersten-Anlage 36 69115 Heidelberg Germany Phone: +49 6221 4342-128 Email: dietz@netlab.nec.de Editor: Atsushi Kobayashi Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 16] Internet-Draft IPFIX MIB February 2007 NTT Information Sharing Platform Laboratories 3-9-11 Midori-cho Musashino-shi 180-8585 Japan Phone: +81-422-59-3978 Email: akoba@nttv6.net Benoit Claise Cisco Systems, Inc. De Kleetlaan 6a b1 Degem 1831 Belgium Phone: +32 2 704 5622 Email: bclaise@cisco.com" DESCRIPTION "The IPFIX MIB defines managed objects for IP Flow Information eXport. These objects provide information about managed nodes supporting the IP Flow Information Export protocol, for exporters as well as for collectors. The objects also allow to perform some limited configuration on an IPFIX exporter. Copyright (C) The IETF Trust (2007). This version of this MIB module is part of RFC yyyy; see the RFC itself for full legal notices." -- replace yyyy with actual RFC number & remove this notice -- Revision history REVISION "200702230900Z" -- 23 February 2007 DESCRIPTION "Initial version, published as RFC yyyy." -- replace yyyy with actual RFC number & remove this notice ::= { mib-2 XXXX } -- XXXX to be assigned by IANA. --****************************************************************** -- Textual Conventions --****************************************************************** -------------------------------------------------------------------- -- Define Selector Function Availability -------------------------------------------------------------------- IpfixFunctionAvailability ::= TEXTUAL-CONVENTION STATUS current Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 17] Internet-Draft IPFIX MIB February 2007 DESCRIPTION "Used to report the availability of a selection function: available(1) the function is supported and can be used notAvailable(2) the function is not available" SYNTAX INTEGER { available(1), notAvailable(2) } --****************************************************************** -- Top Level Structure of the MIB --****************************************************************** ipfixObjects OBJECT IDENTIFIER ::= { ipfixMIB 1 } ipfixExtensions OBJECT IDENTIFIER ::= { ipfixMIB 2 } ipfixConformance OBJECT IDENTIFIER ::= { ipfixMIB 3 } --================================================================== -- 1: Objects used by all IPFIX implementations --================================================================== -------------------------------------------------------------------- -- 1.1: Transport Session Table -------------------------------------------------------------------- ipfixTransportSessionTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixTransportSessionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists the currently established transport sessions between an exporting process and a collecting process." ::= { ipfixObjects 1 } ipfixTransportSessionEntry OBJECT-TYPE SYNTAX IpfixTransportSessionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixTransportSessionTable" INDEX { ipfixTransportSessionIndex } ::= { ipfixTransportSessionTable 1 } IpfixTransportSessionEntry ::= Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 18] Internet-Draft IPFIX MIB February 2007 SEQUENCE { ipfixTransportSessionIndex Integer32, ipfixTransportSessionProtocol Integer32, ipfixTransportSessionAddressType InetAddressType, ipfixTransportSessionSourceAddress InetAddress, ipfixTransportSessionDestinationAddress InetAddress, ipfixTransportSessionSourcePort Integer32, ipfixTransportSessionDestinationPort Integer32, ipfixTransportSessionSctpAssocId Unsigned32, ipfixTransportSessionTemplateRefreshTimeout Unsigned32, ipfixTransportSessionOptionTemplateRefreshTimeout Unsigned32, ipfixTransportSessionTemplateRefreshPacket Unsigned32, ipfixTransportSessionOptionTemplateRefreshPacket Unsigned32, ipfixTransportSessionStatus INTEGER } ipfixTransportSessionIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in the ipfixTransportSessionTable. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization." ::= { ipfixTransportSessionEntry 1 } ipfixTransportSessionProtocol OBJECT-TYPE SYNTAX Integer32 (1..255) MAX-ACCESS read-only STATUS current DESCRIPTION "The transport protocol used for receiving or transmitting IPFIX Messages. The protocols currently defined for usage within IPFIX are TCP (6), UDP (17) and SCTP (132). The default protocol is SCTP." DEFVAL { 132 } ::= { ipfixTransportSessionEntry 2 } ipfixTransportSessionAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "The type of address used for source and destination address as specified in RFC4001. This object is only valid if ipfixTransportSessionProtocol has the value 6 (TCP) or 17 (UDP)." Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 19] Internet-Draft IPFIX MIB February 2007 ::= { ipfixTransportSessionEntry 3 } ipfixTransportSessionSourceAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The source address of the exporter of the IPFIX transport session. This value is interpreted according to the value of ipfixTransportSessionAddressType as specified in RFC4001. This object is only valid if ipfixTransportSessionProtocol has the value 6 (TCP) or 17 (UDP)." ::= { ipfixTransportSessionEntry 4 } ipfixTransportSessionDestinationAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The destination address of the collector of the IPFIX transport session. This value is interpreted according to the value of ipfixTransportSessionAddressType as specified in RFC4001. This object is only valid if ipfixTransportSessionProtocol has the value 6 (TCP) or 17 (UDP)." ::= { ipfixTransportSessionEntry 5 } ipfixTransportSessionSourcePort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The transport protocol port number of the exporter." ::= { ipfixTransportSessionEntry 6 } ipfixTransportSessionDestinationPort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The transport protocol port number of the collector. The default value is 4739 for all currently defined transport protocol types." DEFVAL { 4739 } ::= { ipfixTransportSessionEntry 7 } ipfixTransportSessionSctpAssocId OBJECT-TYPE SYNTAX Unsigned32 Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 20] Internet-Draft IPFIX MIB February 2007 MAX-ACCESS read-only STATUS current DESCRIPTION "The association id used for the SCTP session between the exporter and the collector of the IPFIX transport session. It is equal to the sctpAssocIdentry in the sctpAssocTable defined in the SCTP MIB. This object is only valid if ipfixTransportSessionProtocol has the value 132 (SCTP). In all other cases the value MUST be 0." DEFVAL { 0 } ::= { ipfixTransportSessionEntry 8 } ipfixTransportSessionTemplateRefreshTimeout OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The lifetime in seconds of IPFIX Templates transmitted or received in the transport session. This object contains the time after that a Template must be resend by the exporter. This object is only valid if ipfixTransportSessionProtocol has the value 17 (UDP). In all other cases the value MUST be 0." DEFVAL { 0 } ::= { ipfixTransportSessionEntry 9 } ipfixTransportSessionOptionTemplateRefreshTimeout OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The lifetime in seconds of IPFIX Option Templates transmitted or received in the transport session. This object contains the time after that an Option Template must be resend by the exporter. This object is only valid if ipfixTransportSessionProtocol has the value 17 (UDP). In all other cases the value MUST be 0." DEFVAL { 0 } ::= { ipfixTransportSessionEntry 10 } ipfixTransportSessionTemplateRefreshPacket OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The lifetime in packets of IPFIX Templates transmitted or received in the transport session. This object contains the number of packets after which a Template must be Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 21] Internet-Draft IPFIX MIB February 2007 resend by the exporter. This object is only valid if ipfixTransportSessionProtocol has the value 17 (UDP). In all other cases the value MUST be 0." DEFVAL { 0 } ::= { ipfixTransportSessionEntry 11 } ipfixTransportSessionOptionTemplateRefreshPacket OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The lifetime in packets of IPFIX Option Templates transmitted or received in the transport session. This object contains the number of packets after which an Option Template must be resend by the exporter. This object is only valid if ipfixTransportSessionProtocol has the value 17 (UDP). In all other cases the value MUST be 0." DEFVAL { 0 } ::= { ipfixTransportSessionEntry 12 } ipfixTransportSessionStatus OBJECT-TYPE SYNTAX INTEGER { unknown(0), inactive(1), active(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "The status of a transport session. This object can have the following values: unknown(0) This value muse be used if the status of the connection cannot be detected by the equipment. This value should be avoided as far as possible. inactive(1) This value must be used for transport sessions that are specified in the system but not currently connected. The value can be used e.g. for transport sessions that are backup (secondary) sessions in a transport session group. active(2) This value must be used for transport sessions that are currently connected and transmitting or receiving data." ::= { ipfixTransportSessionEntry 13 } Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 22] Internet-Draft IPFIX MIB February 2007 -------------------------------------------------------------------- -- 1.2: Transport Session Group Table -------------------------------------------------------------------- ipfixTransportSessionGroupTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixTransportSessionGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists groups of transport sessions to achieve functionalities like automatic failover, load balancing, parallel export etc. On exporters this table can group one ore more transport sessions to achieve a special functionality like failover management, load-balancing etc. If the exporter does not use Transport Session grouping then each group MUST contain a single Transport Session and this session MUST have the member type unused(5). On collectors the Transport Session grouping is not used and the same scheme must be used as described above for exporters not using Transport Session grouping." ::= { ipfixObjects 2 } ipfixTransportSessionGroupEntry OBJECT-TYPE SYNTAX IpfixTransportSessionGroupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixTransportSessionGroupTable" INDEX { ipfixTransportSessionGroupIndex, ipfixTransportSessionIndex } ::= { ipfixTransportSessionGroupTable 1 } IpfixTransportSessionGroupEntry ::= SEQUENCE { ipfixTransportSessionGroupIndex Integer32, ipfixTransportSessionGroupMemberType INTEGER } ipfixTransportSessionGroupIndex OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 23] Internet-Draft IPFIX MIB February 2007 "Locally arbitrary, but unique identifier of an entry in the ipfixTransportSessionGroupTable. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization. The special value of zero (0) is reserved for use within the ipfixObservationDomainTable and is not allowed as an index in this table. For a detailed explanation see the definition of the ipfixObservationDomainTable." ::= { ipfixTransportSessionGroupEntry 1 } ipfixTransportSessionGroupMemberType OBJECT-TYPE SYNTAX INTEGER { unknown(0), primary(1), secondary(2), parallel(3), loadBalancing(4), unused(5) } MAX-ACCESS read-only STATUS current DESCRIPTION "The type of a member transport session in its transport session group (identified by the value of ipfixTransportSessionGroupIndex). The following values are valid: unknown(0) This value muse be used if the status of the group membership cannot be detected by the equipment. This value should be avoided as far as possible. primary(1) This value is used for a group member that is used as the primary target of an exporter. Other group members (with the same ipfixTransportSessionGroupIndex) MUST NOT have the value primary(1) but MUST have the value secondary(2). secondary(2) This value is used for a group member that is used as a secondary target of an exporter. The exporter will use one of the targets specified as secondary(2) within the same transport session group when the primary target is not reachable. duplicate(3) Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 24] Internet-Draft IPFIX MIB February 2007 This value is used for a group member that is used for duplicate exporting i.e., all group members identified by the ipfixTransportSessionGroupIndex are exporting the same records in parallel. This implies that all group members MUST have the the same membertype duplicate(3). loadBalancing(4) This value is used for a group member that is used as as one target for load-balancing. This means that a record is send to one of the group members in this group identified by ipfixTransportSessionGroupIndex. This implies that all group members MUST have the same membertype load-balancing(4) unused(5) This value MUST be specified if the exporter does not support transport session grouping. It is the default value for collectors since the collector cannot decide if the received transport session uses transport session grouping or not. In this case the group MUST contain only one transport session." ::= { ipfixTransportSessionGroupEntry 2 } -------------------------------------------------------------------- -- 1.3: Observation Domain Table -------------------------------------------------------------------- ipfixObservationDomainTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixObservationDomainEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists Observation Domains used by the metering process, the exporting process or the collecting process. On exporters the index ipfixTransportSessionGroupIndex MUST always be zero (0) because the Oberservation Domain Id is unique on the exporter and can be used by any Transport Session. On collectors the index ipfixTransportSessionGroupIndex MUST NOT be zero (0) because the collector could receive records from different Transport Sessions which use the same Observation Domain Ids." ::= { ipfixObjects 3 } ipfixObservationDomainEntry OBJECT-TYPE Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 25] Internet-Draft IPFIX MIB February 2007 SYNTAX IpfixObservationDomainEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixObservationDomainTable." INDEX { ipfixTransportSessionGroupIndex, ipfixObservationDomainId } ::= { ipfixObservationDomainTable 1 } IpfixObservationDomainEntry ::= SEQUENCE { ipfixObservationDomainId Integer32, ipfixPhysicalEntity PhysicalIndexOrZero } ipfixObservationDomainId OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in the ipfixObservationDomainTable. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization. The special value of 0 MUST NOT be used within this table but is reserved for the usage in the ipfixTemplateTable and the ipfixTemplateDefinitionTable. An index of 0 for the ipfixObservationDomainId index in those tables indicates that a Template or Option Template cannot be applied to a single Observation Domain." ::= { ipfixObservationDomainEntry 1 } ipfixPhysicalEntity OBJECT-TYPE SYNTAX PhysicalIndexOrZero MAX-ACCESS read-only STATUS current DESCRIPTION "This object contains the index of a physical entity in the Entity MIB. This physical entity is the given Observation Domain. If such a physical entity cannot be specified or is not known then the object contains 0." DEFVAL { 0 } ::= { ipfixObservationDomainEntry 2 } -------------------------------------------------------------------- Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 26] Internet-Draft IPFIX MIB February 2007 -- 1.4: Template Table -------------------------------------------------------------------- ipfixTemplateTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixTemplateEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists the Templates and Option Templates that are transmitted or received by the exporting or collecting process. On an exporter the table contains the Templates and Option Templates that are used for exporting data for a given Transport Session group and Observation Domain. On an collector the table contains Templates and Option Templates that are received in the given Transport Session group per Observation Domain. If a value of zero (0) is specified for the ipfixObservationDomainId then the Template or Option Template cannot be applied to a single Observation Domain." ::= { ipfixObjects 4 } ipfixTemplateEntry OBJECT-TYPE SYNTAX IpfixTemplateEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixTemplateTable" INDEX { ipfixTransportSessionGroupIndex, ipfixObservationDomainId, ipfixTemplateId } ::= { ipfixTemplateTable 1 } IpfixTemplateEntry ::= SEQUENCE { ipfixTemplateId Integer32, ipfixTemplateSetId Integer32, ipfixTemplateAccessTime DateAndTime } ipfixTemplateId OBJECT-TYPE SYNTAX Integer32 (256..2147483647) MAX-ACCESS not-accessible Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 27] Internet-Draft IPFIX MIB February 2007 STATUS current DESCRIPTION "This number indicates the template id in the IPFIX message. Values from 0 to 255 are not allowed for Template Ids (see FIX_ME!!!!! IPFIX-PROTO)." ::= { ipfixTemplateEntry 1 } ipfixTemplateSetId OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "This number indicates the set id of the template. This object allows to easily retrieve the template type. Currently there are two values defined. The value 3 is used for Sets containing Template definitions. The value 4 is used for Sets containing Option Template definitions. A value greater than 255 is used for Sets containing Data Records for the (Option) Template Id given by the Set Id." ::= { ipfixTemplateEntry 2 } ipfixTemplateAccessTime OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The time when the template was last sent or received. On the Exporter this object contains the time when this (Option) Template was last sent to the Collector(s). This time is used if the transport protocol is UDP to know when a retransmission of the (Option) Template is needed. On the Collector this object contains the time when this (Option) Template was last received from the Exporter. This time is used if the transport protocol is UDP to know when this (Option) Template times out and thus is no longer valid." ::= { ipfixTemplateEntry 3 } -------------------------------------------------------------------- -- 1.5: Template Definition Table -------------------------------------------------------------------- ipfixTemplateDefinitionTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixTemplateDefinitionEntry MAX-ACCESS not-accessible Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 28] Internet-Draft IPFIX MIB February 2007 STATUS current DESCRIPTION "This table lists the (Option) Template Fields of which a (Option) Template is defined. It defines the (Option) Template given in the ipfixTemplateId specified in the ipfixTemplateTable." ::= { ipfixObjects 5 } ipfixTemplateDefinitionEntry OBJECT-TYPE SYNTAX IpfixTemplateDefinitionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixTemplateDefinitionTable" INDEX { ipfixTransportSessionIndex, ipfixObservationDomainId, ipfixTemplateId, ipfixTemplateDefinitionIndex } ::= { ipfixTemplateDefinitionTable 1 } IpfixTemplateDefinitionEntry ::= SEQUENCE { ipfixTemplateDefinitionIndex Integer32, ipfixTemplateDefinitionIeId Integer32, ipfixTemplateDefinitionIeLength Integer32, ipfixTemplateDefinitionFlags BITS } ipfixTemplateDefinitionIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The ipfixTemplateDefinitionIndex specifies the order in which the Information Elements are used in the (Option) Template Record if an order must be applied. For more information on the order of Information Elements see [XXXXXXXX Refernce IPFIX-PROTO]." ::= { ipfixTemplateDefinitionEntry 1 } ipfixTemplateDefinitionIeId OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 29] Internet-Draft IPFIX MIB February 2007 "This indicates the Information Element Id at position ipfixTemplateDefinitionIndex in the (Option) Template ipfixTemplateId. This implicitly specifies the data type of the Information Element. For more information about Information Elemnts see [XXXXXX Reference IPFIX-INFO] and [XXXXXXX Reference IPFIX-PROTO]." ::= { ipfixTemplateDefinitionEntry 2 } ipfixTemplateDefinitionIeLength OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "This indicates the length of the Information Element Id at position ipfixTemplateDefinitionIndex in the (Option) Template ipfixTemplateId. For more information about Information Elemnts see [XXXXXX Reference IPFIX-INFO] and [XXXXXXX Reference IPFIX-PROTO]." ::= { ipfixTemplateDefinitionEntry 3 } ipfixTemplateDefinitionFlags OBJECT-TYPE SYNTAX BITS { scope(0), flowKey(1) } MAX-ACCESS read-only STATUS current DESCRIPTION "This bitmask indicates special attributes for the Information Element: scope(0) This Information Element is used for scope. flowKey(1) This Information Element is a flow key. Thus we get the following values for an Information Element: 0 The Information Element contains record values. 1 (scope) The Information Element is used for scoping. 2 (flowKey) The Information Element is used as Flow Key. 3 (scope | flowKey) Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 30] Internet-Draft IPFIX MIB February 2007 This combination is not allowed." DEFVAL { 0 } ::= { ipfixTemplateDefinitionEntry 4 } -------------------------------------------------------------------- -- 1.6: Transport Session Statistics Table -------------------------------------------------------------------- ipfixTransportSessionStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixTransportSessionStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists transport sessions statistics between exporting process and collecting process." ::= { ipfixObjects 6 } ipfixTransportSessionStatsEntry OBJECT-TYPE SYNTAX IpfixTransportSessionStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixTransportSessionStatsTable" AUGMENTS { ipfixTransportSessionEntry } ::= { ipfixTransportSessionStatsTable 1 } IpfixTransportSessionStatsEntry ::= SEQUENCE { ipfixTransportSessionRate Integer32, ipfixTransportSessionPackets Counter32, ipfixTransportSessionBytes Counter32, ipfixTransportSessionMessages Counter32, ipfixTransportSessionDiscardedMessages Counter32, ipfixTransportSessionRecords Counter64 } ipfixTransportSessionRate OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of bytes per second received by the collector or transmitted by the exporter. A value of zero (0) means that no packets were sent or received yet." ::= { ipfixTransportSessionStatsEntry 1 } ipfixTransportSessionPackets OBJECT-TYPE Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 31] Internet-Draft IPFIX MIB February 2007 SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets received by the Collector or transmitted by the Exporter." ::= { ipfixTransportSessionStatsEntry 2 } ipfixTransportSessionBytes OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of bytes received by the Collector or transmitted by the Exporter." ::= { ipfixTransportSessionStatsEntry 3 } ipfixTransportSessionMessages OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of IPFIX messages received by the Collector or transmitted by the Exporter." ::= { ipfixTransportSessionStatsEntry 4 } ipfixTransportSessionDiscardedMessages OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of received IPFIX Message that are malformed, cannot be decoded, are received in the wrong order or are missing according to the sequence number. If used at the exporter the number of messages that could not be sent due to e.g. internal buffer overflows, network congestion, or routing issues." ::= { ipfixTransportSessionStatsEntry 5 } ipfixTransportSessionRecords OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of data records received by the Collector or transmitted by the Exporter." ::= { ipfixTransportSessionStatsEntry 6 } Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 32] Internet-Draft IPFIX MIB February 2007 -------------------------------------------------------------------- -- 1.7: Observation Domain Statistics Table -------------------------------------------------------------------- ipfixObservationDomainStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixObservationDomainStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists statistic objects that have data per observation domain." ::= { ipfixObjects 7 } ipfixObservationDomainStatsEntry OBJECT-TYPE SYNTAX IpfixObservationDomainStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixObservationDomainStatsTable." AUGMENTS { ipfixObservationDomainEntry } ::= { ipfixObservationDomainStatsTable 1 } IpfixObservationDomainStatsEntry ::= SEQUENCE { ipfixObservationDomainMessages Counter32, ipfixObservationDomainErrors Counter32, ipfixObservationDomainDataRecords Counter32, ipfixObservationDomainTemplates Counter32, ipfixObservationDomainOptionTemplates Counter32, ipfixObservationDomainSequenceNumber Integer32 } ipfixObservationDomainMessages OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of IPFIX messages received or transmitted." ::= { ipfixObservationDomainStatsEntry 1 } ipfixObservationDomainErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of received IPFIX messages that are malformed, cannot be decoded, are received in the wrong order or are missing according to the sequence number. Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 33] Internet-Draft IPFIX MIB February 2007 If used at the exporter the number of messages that could not be sent due to e.g. internal buffer overflows or network congestion." ::= { ipfixObservationDomainStatsEntry 2 } ipfixObservationDomainDataRecords OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of data records received or transmitted." ::= { ipfixObservationDomainStatsEntry 3 } ipfixObservationDomainTemplates OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of templates received or transmitted." ::= { ipfixObservationDomainStatsEntry 4 } ipfixObservationDomainOptionTemplates OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of option templates received or transmitted." ::= { ipfixObservationDomainStatsEntry 5 } ipfixObservationDomainSequenceNumber OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The latest sequence number transmitted or received." ::= { ipfixObservationDomainStatsEntry 6 } -------------------------------------------------------------------- -- 1.8: Template Statistics Table -------------------------------------------------------------------- ipfixTemplateStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixTemplateStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists statistics objects per template." ::= { ipfixObjects 8 } Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 34] Internet-Draft IPFIX MIB February 2007 ipfixTemplateStatsEntry OBJECT-TYPE SYNTAX IpfixTemplateStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixTemplateStatsTable" AUGMENTS { ipfixTemplateEntry } ::= { ipfixTemplateStatsTable 1 } IpfixTemplateStatsEntry ::= SEQUENCE { ipfixTemplateDataRecords Counter32 } ipfixTemplateDataRecords OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of data records per template received or transmitted." ::= { ipfixTemplateStatsEntry 1 } -------------------------------------------------------------------- -- 1.9: Selector Table -------------------------------------------------------------------- ipfixSelectorTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixSelectorEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains selector functions connected to a Template by the indexes ipfixTransportSessionIndex, ipfixObservationDomainId and ipfixTemplateId. The selector functions are applied to the packets observed at the given Observation Domain in the order implied by the ipfixSelectorIndex. The resulting Flow Records are then exported by using the connected Template. Since IPFIX does not define any selector function (except selecting every packet) this is a placeholder for future use and a guideline for implementing enterprise specific selector function objects. The following object tree should visualize how the selector function objects should be implemented: Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 35] Internet-Draft IPFIX MIB February 2007 ipfixSelectorFunctions | +- ipfixFuncSelectAll | | | +- ipfixFuncSelectAllAvail (is the function available?) | +- ipfixFuncF2 | | | +- ipfixFuncF2Avail (is the function F2 available) | | | +- ipfixFuncF2Parameters (a table with parameters) ... | +- ipfixFunFn... If a selector function takes parameters the MIB should table with an entry for each set of parameters used at the exporter." ::= { ipfixObjects 9 } ipfixSelectorEntry OBJECT-TYPE SYNTAX IpfixSelectorEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixSelectorTable." INDEX { ipfixTransportSessionIndex, ipfixObservationDomainId, ipfixTemplateId, ipfixSelectorIndex } ::= { ipfixSelectorTable 1 } IpfixSelectorEntry ::= SEQUENCE { ipfixSelectorIndex Integer32, ipfixSelectorFunction OBJECT IDENTIFIER } ipfixSelectorIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Locally arbitrary, but unique identifier of an entry in the ipfixSelectorTable. The value is expected to remain constant from a re-initialization of the entity's network management system to the next re-initialization." Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 36] Internet-Draft IPFIX MIB February 2007 ::= { ipfixSelectorEntry 1 } ipfixSelectorFunction OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-only STATUS current DESCRIPTION "The pointer to the Selector Function used at position ipfixSelectorIndex in the list of Selector Functions for the Template specified by the indexes ipfixTransportSessionIndex, ipfixObservationDomainId and ipfixTemplateId." ::= { ipfixSelectorEntry 2 } -------------------------------------------------------------------- -- 1.10: Packet Selector Functions for IPFIX -------------------------------------------------------------------- ipfixSelectorFunctions OBJECT IDENTIFIER ::= { ipfixObjects 10 } -------------------------------------------------------------------- -- 1.10.1: Function 1: Selecting All Packets -------------------------------------------------------------------- ipfixFuncSelectAll OBJECT IDENTIFIER ::= { ipfixSelectorFunctions 1 } ipfixFuncSelectAllAvail OBJECT-TYPE SYNTAX IpfixFunctionAvailability MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the availability of the trivial function of selecting all packets. This function is always available." DEFVAL { available } ::= { ipfixFuncSelectAll 1 } -------------------------------------------------------------------- -- 1.11: Selector Statistics Table -------------------------------------------------------------------- ipfixSelectorStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF IpfixSelectorStatsEntry MAX-ACCESS not-accessible STATUS current Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 37] Internet-Draft IPFIX MIB February 2007 DESCRIPTION "This table contains statistics for the Selector Functions connected to a Template by the indexes ipfixTransportSessionIndex, ipfixObservationDomainId and ipfixTemplateId. The indexes must match an entry in the ipfixSelectorTable." ::= { ipfixObjects 11 } ipfixSelectorStatsEntry OBJECT-TYPE SYNTAX IpfixSelectorStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the ipfixSelectorStatsTable." AUGMENTS { ipfixSelectorEntry } ::= { ipfixSelectorStatsTable 1 } IpfixSelectorStatsEntry ::= SEQUENCE { ipfixSelectorStatsPacketsObserved Integer32, ipfixSelectorStatsPacketsDropped Integer32 } ipfixSelectorStatsPacketsObserved OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets observed at the entry point of the function. The entry point may be the Observation Point or the exit point of another Selector Function." ::= { ipfixSelectorStatsEntry 1 } ipfixSelectorStatsPacketsDropped OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets dropped while selecting packets." ::= { ipfixSelectorStatsEntry 2 } --================================================================== -- 3: Conformance Information --================================================================== ipfixCompliances OBJECT IDENTIFIER ::= { ipfixConformance 1 } ipfixGroups OBJECT IDENTIFIER ::= { ipfixConformance 2 } Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 38] Internet-Draft IPFIX MIB February 2007 -------------------------------------------------------------------- -- 3.1: Compliance Statements -------------------------------------------------------------------- ipfixCollectorCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "An implementation that implements an IPFIX collector device that complies to this module must implement the objects defined in the mandatory group ipfixCommonGroup. The implementation of all objects in the other groups is optional and depends on the corresponding functionality implemented in the equipment." MODULE -- this module MANDATORY-GROUPS { ipfixCommonGroup } GROUP ipfixCommonStatsGroup DESCRIPTION "These objects should be implemented if the statistics function is implemented in the equipment." ::= { ipfixCompliances 1 } ipfixExporterCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "An implementation that implements an IPFIX exporter that complies to this module must implement the objects defined in the mandatory group ipfixCommonGroup. The implementation of all other objects depends on the implementation of the corresponding functionality in the equipment." MODULE -- this module MANDATORY-GROUPS { ipfixCommonGroup } GROUP ipfixExporterGroup DESCRIPTION "These objects must be implemented if the IPFIX exporter supports selector functions like filtering and/or sampling." GROUP ipfixExporterStatsGroup DESCRIPTION "These objects must be implemented if statistical functions are implemented on the equipment." ::= { ipfixCompliances 2 } Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 39] Internet-Draft IPFIX MIB February 2007 -------------------------------------------------------------------- -- 3.2: MIB Grouping -------------------------------------------------------------------- ipfixCommonGroup OBJECT-GROUP OBJECTS { ipfixTransportSessionProtocol, ipfixTransportSessionAddressType, ipfixTransportSessionSourceAddress, ipfixTransportSessionDestinationAddress, ipfixTransportSessionSourcePort, ipfixTransportSessionDestinationPort, ipfixTransportSessionSctpAssocId, ipfixTransportSessionTemplateRefreshTimeout, ipfixTransportSessionOptionTemplateRefreshTimeout, ipfixTransportSessionTemplateRefreshPacket, ipfixTransportSessionOptionTemplateRefreshPacket, ipfixTransportSessionStatus, ipfixTransportSessionGroupMemberType, ipfixPhysicalEntity, ipfixTemplateSetId, ipfixTemplateAccessTime, ipfixTemplateDefinitionIeId, ipfixTemplateDefinitionIeLength, ipfixTemplateDefinitionFlags } STATUS current DESCRIPTION "All objects that are mandatory for the management function of any IPFIX Device." ::= { ipfixGroups 1 } ipfixCommonStatsGroup OBJECT-GROUP OBJECTS { ipfixTransportSessionRate, ipfixTransportSessionPackets, ipfixTransportSessionBytes, ipfixTransportSessionMessages, ipfixTransportSessionDiscardedMessages, ipfixTransportSessionRecords, ipfixObservationDomainMessages, ipfixObservationDomainErrors, ipfixObservationDomainDataRecords, Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 40] Internet-Draft IPFIX MIB February 2007 ipfixObservationDomainTemplates, ipfixObservationDomainOptionTemplates, ipfixObservationDomainSequenceNumber, ipfixTemplateDataRecords } STATUS current DESCRIPTION "All statistical objects that should be common on all IPFIX devices." ::= { ipfixGroups 3 } ipfixExporterGroup OBJECT-GROUP OBJECTS { ipfixSelectorFunction, ipfixFuncSelectAllAvail } STATUS current DESCRIPTION "This group contains all objects that must be implemented for supporting selector functions like filtering and/or sampling on an device using the IPFIX procol." ::= { ipfixGroups 4 } ipfixExporterStatsGroup OBJECT-GROUP OBJECTS { ipfixSelectorStatsPacketsObserved, ipfixSelectorStatsPacketsDropped } STATUS current DESCRIPTION "This statistical objects are optional for exporters. They should be implemented if statistical functions are available on the used equipment." ::= { ipfixGroups 5 } END Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 41] Internet-Draft IPFIX MIB February 2007 8. Security Considerations There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 42] Internet-Draft IPFIX MIB February 2007 9. IANA Considerations This document requires an OID assignment to be made by IANA: Descriptor OBJECT IDENTIFIER value ---------- ----------------------- ipfixMIB { mib-2 xxxxx } Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 43] Internet-Draft IPFIX MIB February 2007 10. Acknowledgment This document is a product of the IPFIX working group. Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 44] Internet-Draft IPFIX MIB February 2007 11. References 11.1. Normative References [RFC3917] Quittek, J., Zseby, T., Claise, B., and S. Zander, "Requirements for IP Flow Information Export (IPFIX)", RFC 3917, October 2004. [I-D.ietf-ipfix-architecture] Sadasivan, G., "Architecture for IP Flow Information Export", draft-ietf-ipfix-architecture-12 (work in progress), September 2006. [I-D.ietf-ipfix-as] Zseby, T., "IPFIX Applicability", draft-ietf-ipfix-as-10 (work in progress), August 2006. [I-D.ietf-ipfix-protocol] Claise, B., "Specification of the IPFIX Protocol for the Exchange", draft-ietf-ipfix-protocol-24 (work in progress), November 2006. [I-D.ietf-ipfix-info] Quittek, J., "Information Model for IP Flow Information Export", draft-ietf-ipfix-info-14 (work in progress), October 2006. [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. [RFC3873] Pastor, J. and M. Belinchon, "Stream Control Transmission Protocol (SCTP) Management Information Base (MIB)", RFC 3873, September 2004. [RFC4133] Bierman, A. and K. McCloghrie, "Entity MIB (Version 3)", RFC 4133, August 2005. Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 45] Internet-Draft IPFIX MIB February 2007 11.2. Informative References [I-D.ietf-psamp-framework] Duffield, N., "A Framework for Packet Selection and Reporting", draft-ietf-psamp-framework-10 (work in progress), January 2005. [I-D.ietf-psamp-sample-tech] Zseby, T., "Sampling and Filtering Techniques for IP Packet Selection", draft-ietf-psamp-sample-tech-07 (work in progress), July 2005. [I-D.ietf-psamp-mib] Dietz, T. and B. Claise, "Definitions of Managed Objects for Packet Sampling", draft-ietf-psamp-mib-06 (work in progress), June 2006. [I-D.ietf-psamp-protocol] Claise, B., "Packet Sampling (PSAMP) Protocol Specifications", draft-ietf-psamp-protocol-07 (work in progress), October 2006. [RFC1889] Schulzrinne, H., Casner, S., Frederick, R., and V. Jacobson, "RTP: A Transport Protocol for Real-Time Applications", RFC 1889, January 1996. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework", RFC 3410, December 2002. Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 46] Internet-Draft IPFIX MIB February 2007 Authors' Addresses Thomas Dietz (editor) NEC Europte Ltd. Network Laboratories Kurfuersten-Anlage 36 Heidelberg 69115 DE Phone: +49 6221 4342-128 Email: dietz@netlab.nec.de Atsushi Kobayashi NTT Information Sharing Platform Laboratories 3-9-11 Midori-cho Musashino-shi, Tokyo 180-8585 JA Phone: +81-422-59-3978 Email: akoba@nttv6.net Benoit Claise Cisco Systems, Inc. De Kleetlaan 6a b1 Degem 1831 BE Phone: +32 2 704 5622 Email: bclaise@cisco.com Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 47] Internet-Draft IPFIX MIB February 2007 Full Copyright Statement Copyright (C) The IETF Trust (2007). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Acknowledgment Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA). Dietz, et al. draft-ietf-ipfix-mib-00.txt [Page 48]