Internet Draft Internet Engineering Task Force F. Baker Diffserv Working Group Cisco Systems INTERNET-DRAFT K. Chan Expires:September 2000 Nortel Networks A. Smith Extreme Networks Management Information Base for the Differentiated Services Architecture draft-ietf-diffserv-mib-02.txt Abstract This memo describes a proposed MIB for the Differentiated Services Architecture [Architecture] and described by the Differentiated Services Router Conceptual Model [Model]. Currently total agreement on content of this MIB has not been reached, especially in the dropping and queueing mechanism attributes. Further discussion on these topics are required for finalizing this memo. 1. Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC 2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This particular draft is being developed in the Differentiated Services Working Group. Discussion of it therefore belongs on that list. The charter for Differentiated Services may be Baker, Chan, SmithExpiration: September 2000 [Page 1] Draft Differentiated Services MIB March 2000 found at http://www.ietf.org/html.charters/diffserv- charter.html 2. The SNMP Management Framework The SNMP Management Framework presently consists of five major components: o An overall architecture, described in RFC 2571 [1]. o Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in RFC 1155 [2], RFC 1212 [3] and RFC 1215 [4]. The second version, called SMIv2, is described in RFC 2578 [5], RFC 2579 [6] and RFC 2580 [7]. o Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in RFC 1157 [8]. A second version of the SNMP message protocol, which is not an Internet standards track protocol, is called SNMPv2c and described in RFC 1901 [9] and RFC 1906 [10]. The third version of the message protocol is called SNMPv3 and described in RFC 1906 [10], RFC 2572 [11] and RFC 2574 [12]. o Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described in RFC 1157 [8]. A second set of protocol operations and associated PDU formats is described in RFC 1905 [13]. o A set of fundamental applications described in RFC 2573 [14] and the view-based access control mechanism described in RFC 2575 [15]. A more detailed introduction to the current SNMP Management Framework can be found in RFC 2570 [16]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the mechanisms defined in the SMI. This memo specifies a MIB module that is compliant to the SMIv2. A MIB conforming to the SMIv1 can be produced through Baker, Chan, SmithExpiration: September 2000 [Page 2] Draft Differentiated Services MIB March 2000 the appropriate translations. The resulting translated MIB must be semantically equivalent, except where objects or events are omitted because no translation is possible (use of Counter64). Some machine-readable information in SMIv2 will be converted into textual descriptions in SMIv1 during the translation process. However, this loss of machine readable information is not considered to change the semantics of the MIB. Baker, Chan, SmithExpiration: September 2000 [Page 3] Draft Differentiated Services MIB March 2000 3. Structure of this MIB This MIB is designed according to the Differentiated Services implementation conceptual model documented in [Model]. 3.1. Overview In principle, if one were to construct a network entirely out of two-port routers (in appropriate places connected by LANs or similar media), then it would be necessary for each router to perform exactly four QoS control functions on traffic in each direction: - Classify each message according to some set of rules - In edge devices, determine whether the data stream the message is part of is within or outside its rate - Perform some set of resulting actions, minimally including applying a drop policy appropriate to the classification and queue in question, and in edge devices perhaps additionally marking the traffic with a Differentiated Services Code Point (DSCP) as defined in [DSCP]. - Enqueue the traffic for output in the appropriate queue, which may shape the traffic or simply forward it with some minimum rate or maximum latency. If we build the network out of N-port routers, we expect the behavior of the network to be identical. We are forced, therefore, to provide essentially the same set of functions on the ingress port of a router as on the egress port of a router. Some interfaces will be "edge" interfaces and some will be "interior" to the Differentiated Services domain. The one point of difference between an ingress and an egress interface is that all traffic on an egress interface is queued, while traffic on an ingress interface will typically be queued only for shaping purposes. Hence, in this MIB, we model them identically, making the distinction between ingress and egress interfaces an index variable. The MIB therefore contains the following elements: - IP Six Tuple Multi-Field Classification Table - Classifier Table Baker, Chan, SmithExpiration: September 2000 [Page 4] Draft Differentiated Services MIB March 2000 - Meter Table - Action and Action Type Tables - Queue Set, Queue, and Queue Measurement Tables 3.2. Classifier Table The classifier table indicates how traffic is sorted out. It identifies separable classes of traffic, by reference to an appropriate classifier, which may be anything from an individual micro-flow to aggregates identified by DSCP. It then sends these classified streams to an appropriate meter or action. In a multi-stage meter, sub-classes of traffic may be sent to different stages. For example, in AF1, AF11 traffic might be sent to the first meter, AF12 traffic might be sent to the second, and AF13 traffic sent to the second meter stage's failure action. The structure of the classifier table is a sequence of unambiguous tests. Within each step in the sequence, it should not be important in which order - if order is present at all - the tests are made. This is to facilitate optimized implementations such as index trees. Sequence is present in order to resolve ambiguity. For example, one might want first to disallow certain applications from using the network at all, or to classify some individual traffic streams that are not diff-serv marked. Traffic that fails those tests might then be inspected for a DSCP. "Then" implies sequence, and the sequence must be somehow specified. An important form of classifier is "everything else". The final stage of the classifier should be configured to be complete, as the result of an incomplete classifier is not necessarily deterministic. The actual classifier definition is referenced via a RowPointer, this enable the use of any sort of classification table that one might wish to design, public or proprietary. That classifier table need not be found in this MIB. When ambiguity is present, we disambiguate by explicitly ordering the application of classification rules. The classifiers specified here are at the per interface level, they may be derived from some higher level policies, but such discussion is out- side the scope of this document. Baker, Chan, SmithExpiration: September 2000 [Page 5] Draft Differentiated Services MIB March 2000 3.2.1. IP Six Tuple Classifier Table This MIB currently specifies the IP Six Tuple Classifier, used for IP traffic classification. Entry of this Classifier Table is referenced from the entries of the diffServClassifierTable via a RowPointer, namely diffServClassifierPattern attribute of diffServClassifierEntry object. The Behavior Aggregate (BA) Classifier is a simple form of the IP Six Tuple Classifier. It is represented by having the diffServSixTupleClfrDscp attribute set to the desired DSCP, and all other classification attributes set to match-all, the default setting. Each entry in the IP Six Tuple Classifier Table defines a single Classifier, with the use of InetAddress [INETADDR] for both IPv4 and IPv6 addressing. The use of IP Six Tuple Classifiers is discussed in [Architecture] and abstract examples of how they might be configured are provided in [Model]. 3.3. Meter Table A meter, according to the conceptual model, measures the rate at which a stream of traffic passes it, compares it to some set of thresholds, and produces some number (two or more) potential results. A given message is said to "conform" to the meter if at the time that the message is being looked at the stream appears to be within the meter's limit rate. In the MIB, the structure of SNMP makes it easiest to implement this as a set of one or more simple pass/fail tests, which are cascaded. It is to be understood that the meter in a Traffic Control Block is therefore implemented as a set of if-then- else constructs. The concept of conformance to a meter bears a comment. The concept applied in several rate-control architectures, including ATM, Frame Relay, Integrated Services, and Differentiated Services, is variously described as a "leaky bucket" or a "token bucket". A leaky bucket algorithm is primarily used for traffic shaping: traffic theoretically departs from the switch at a flat rate of one bit every so many time units, and in fact departs in packets at a rate approximating that. It is also possible to build multi-rate leaky buckets, in which traffic Baker, Chan, SmithExpiration: September 2000 [Page 6] Draft Differentiated Services MIB March 2000 departs from the switch at varying rates depending on recent activity or inactivity. A token bucket is used to measure the behavior of a peer's leaky bucket, for verification purposes. It is, by definition, a relationship interval = burst/rate, or rate = burst/interval for some defined burst size, in bits, rate, in bits per second, and time interval. Multi-rate token buckets (token buckets with both a peak and a mean rate, and sometimes more rates) are commonly used. In this case, the burst size for the baseline traffic is conventionally referred to as the "committed burst", and the time interval is as specified by interval = committed burst/mean rate but additional burst sizes (each an increment over its predecessor) are defined, which are conventionally referred to as "excess" burst sizes. The peak rate therefore equals the sum of the burst sizes per interval. A data stream is said to "conform" to a simple token bucket if the switch receives at most the burst size in a given time interval. In the multi-rate case, the traffic is said to conform to the token bucket at a given level if its rate does not exceed the sum of the relevant burst sizes in a given interval. Received traffic pre-classified at one of the "excess" rates (e.g., AF12 or AF13 traffic) is only compared to the relevant excess buckets. The fact that data is organized into variable length packets introduces some uncertainty in this. For this reason, the token bucket accepts a packet if any of its bits would have been accepted, and "borrows" any excess capacity required from that allotted to equivalently classified traffic in a previous or subsequent interval. More information about this is available in [Model]. Multiple classes of traffic, as identified by the classifier table, may be presented to the same meter. Imagine, for example, that we desire to drop all traffic that uses any DSCP that has not been publicly defined. A classifier entry might exist for each such DSCP, shunting it to an "accepts everything" meter, and dropping all traffic that conforms to Baker, Chan, SmithExpiration: September 2000 [Page 7] Draft Differentiated Services MIB March 2000 only that meter. Clearly, it is necessary to identify what is to be done with messages that conform to the meter, and with messages that do not. It is also necessary for the meter to be arbitrarily extensible, as some PHBs require the successive application of an arbitrary number of meters. The approach taken in this design is to have each meter indicate what action is to be taken for conforming traffic, and what meter is to be used for traffic which fails to conform. With the definition of a special type of meter to which all traffic conforms, we now have the necessary flexibility. 3.4. Action Table Considerable discussion has taken place regarding the possible actions. Suggested actions include "no action", "mark the traffic", "drop the traffic, based on some algorithm", "shape the traffic", "count it". This MIB attempts to make the specification of the action flexible by using the Action Table to organize one Action's relationship with the Meter element before it, with the Queueing element following it, and with other Action elements to allow multiple Actions be applied to a single traffic stream. The parameters needed will depend on the type of Action to be taken. Hence there are Action Tables for the different Action Types. This MIB currently defines parameters for: 1. Mark Action, 2. Count Action, 3. Drop Action, This flexibility allows additional Actions be specified in future revisions of this MIB, or in other MIBs. And possible usage of propietary Action without impact to the Actions provided here. The Mark Action is relatively straight forward. For Count Action, when it is specified, it will always be applied first, before any other type of Actions. For example, when both Count and a Drop Action is specified, the Count Action will always count the total counts of this traffic stream, before any traffic gets dropped, even if the Action entries are chained with the Drop Action first, before the Count Action. There are counters in the Drop Actions to indicate the ammount of traffic dropped, within the drop context. The Drop Actions require close relationship with queueing, Baker, Chan, SmithExpiration: September 2000 [Page 8] Draft Differentiated Services MIB March 2000 with detail as follows: The Tail Drop Action requires the specification of a maximum queue depth, at which point any traffic exceeding the maximum queue depth gets discarded. *Editor's Note Start* There is still debates on what attributes are needed and how they may be related to queueing. The following is viewed as the complex description of how it may be done. The following set of attributes and its description may be simplified before this memo is finalized. There is a more detail discussion of why these attributes are required in [ActQMgmt]. *Editor's Note End* The Random Drop Action requires the specification of its drop characteristic with the following parameters (drop characteristic described using a plot with drop probability, P, as Y axis, and average queue length, Q, as X axis): 1. Pmin and Qmin defines the start of the characteristic plot. Normally Pmin=0, meaning with average queue length below Qmin, there will be no drops. 2. Pmax and Qmax defines a "knee" on the plot, after which point the drop probability become more progressive (greater slope). Qclip defines the average queue length at which all packets will be dropped, probability = 1. Notice this is different from Tail Drop because this uses average queue length. It is possible for Qclip = Qmax, meaning when the average queue length exceeds Qmax, all packets will be dropped. 3. The sampling interval and average weight parameters are used for calculation of average queue. These parameters are important because they can affect the behavior and outcome of the drop process. They can also be very sensitive and may have a wide range of possible values due to wide range of link speeds, hence the use of real number format for average weight. Deterministic Drop Action can be viewed as a special case of Random Drop with drop probability restricted to zero and one. Hence Deterministic Drop Action can be described as follows: 1. Pmin = 0 and Pmax = 1. 2. Qmin = Qmax = Qclip indicating the average queue length that drop occurs. Baker, Chan, SmithExpiration: September 2000 [Page 9] Draft Differentiated Services MIB March 2000 For the drop actions, each drop process specification is associated with a queue. This allows multiple drop processes (of same or different types) be associated with the same queue, as different PHB implementation may require. This setup allows the flexibility for Action specification, including multiple sequential drop processes if necessary. When counters are specified, two sizes of objects are defined. These are defined in accordance with the method found in [IFMIB]; both 32 and 64 bit counters are defined, with the expectation that the 32 bit counter is simply the least significant bits of the 64 bit counter. For interfaces that operate at 20,000,000 (20 million) bits per second or less, 32-bit byte and packet counters MUST be used. For interfaces that operate faster than 20,000,000 bits/second, and slower than 650,000,000 bits/second, 32-bit packet counters MUST be used and 64-bit octet counters MUST be used. For interfaces that operate at 650,000,000 bits/second or faster, 64-bit packet counters AND 64-bit octet counters MUST be used. Multiple Actions can be chained using the ActionNext attribute. The last Action's ActionNext attribute points to the next TCB, normally a Queue Entry for the Queue element. 3.5. Queueing Element The Queueing element consists of Queue Table and Queue Set Table. With Queue Table containing relatively simple FIFO queues. Using the Queue Set Table to allow flexibility in constructing both simple and complex queueing hierarchies. The queue entries in the Queue Table have simple attributes, it includes a reference to which queue set the queue belongs to, and a weight parameter. For Priority Queueing, the weight parameter indicates the priority of this queue with respect to all the other queues within the same queue set. A higher weight value queue will be service first over a lower weight value queue in the same queue set. For weighed queueing algorithms, the weight parameter is a percentage number. With the value of 1,000 meaning 1 percent, allowing fine control of bandwidth allocation when needed. A higher weight value queue will have higher probability of being service when compared to a lower weight value queue in the same queue set. The weight values for all the queues within a queue set must add up to less than or equal to 100,000 (100%). Each queue is capable of acting as a work-conserving queue, one which transmits as Baker, Chan, SmithExpiration: September 2000 [Page 10] Draft Differentiated Services MIB March 2000 rapidly as its weight allows, but guarantees to its class of traffic, as a side effect of its weight, a minimum rate. Or acting as a non-work-conserving "shaping" queue. The entries in the Queue Set Table describes the attributes common to all queues within the queue set. This includes the dequeueing Method, or algorithm used amongst the queues in the queue set. Currently, priority queueing, Weighed Fair Queueing, Weighed Round Robin are listed as the possible chooses, other methods/algorithms, e.g. Class Base Queueing, can be added. The rates, both minimum and maximum, are specified for the queue set instead of per queue. This allows A hierarchical tree of queue sets can be constructed using the parent/child queue set concept. The attributes QSetParentId and QSetWeight is used for this purpose, with QSetParentId indicating the parent's QSetId, and QSetWeight used as the child queue set's total weight amongst the queues in the parent queue set. There can be multiple children queue set under one parent queue set, with each child queue set looks like a queue from the parent queue set's perspective. Hence queue sets can be recursively defined, inter mixing with queues at any level. A mixed dequeue scheduling discipline can be built for an interface. For example, with the following queues and queue sets: Q Parameters Q Set Parameters QId QSetId QWeight Method MinRate ParentId QSetWeight --- ------ ------- ------ ------- -------- ---------- 11 61 100 PQ 0 0 0 12 61 99 PQ 0 0 0 21 71 50,000 WFQ 10000 61 98 22 71 30,000 WFQ 10000 61 98 23 71 20,000 WFQ 10000 61 98 31 81 70,000 WRR 500 61 97 32 81 30,000 WRR 500 61 97 Notice in this example there are three queue sets: Queue Set 61 uses Priority Queueing, it have 2 child Queue Sets. Queue Set 71 uses Weighed Fair Queueing with KBPS as RateUnit. Baker, Chan, SmithExpiration: September 2000 [Page 11] Draft Differentiated Services MIB March 2000 Queue Set 81 uses Weighed Round Robin with Packets/Sec as RateUnit. Queues 11, 12, queue sets 71 and 81 belongs to Queue Set 61. Queues 21, 22, 23 belongs to Queue Set 71. Queues 31, 32 belongs to Queue Set 81. All traffic in queue 11 will be serviced first, then all traffic in queue 12 will be serviced second. After traffic in queues 11 and 12 are serviced, queues 21, 22, 23 are serviced among themselves in a fair queueing fashion, based on their respective weight. After traffic in queues 21, 22, 23 are serviced, queues 31, 32 are serviced among themselves in a round robin fashion, based on their respective weight. Notice Queue Set 71 uses KBPS RateUnit, resulting in bit/byte fair queueing. Queue Set 81 uses Packet RateUnit, resulting in packet fair queueing. The rates for each queue can be derived: Queue 21 have minimum rate of 50% of 10000 KBPS, 5000 KBPS. Queue 31 have minimum rate of 70% of 500 Pkt/Sec, 350 Pkt/Sec. Other types of scheduling algorithms can be used in the parent or child queue sets, creating different queueing behaviors. The queue set can also operate as a traffic shaper by using the maximum rate attribute. Chains of Queues/Queue Sets can be built using the NextTCB attribute in Queue Set entry. Multiple meters may direct their traffic to the same queue. For example, the Assured Forwarding PHB suggests that all traffic marked AF11, AF12, or AF13 be placed in the same queue without reordering. 3.6. The use of RowPointer RowPointer is a textual convention used to identify a conceptual row in an SNMP Table by pointing to one of its objects. In this MIB, it is used in two ways: to indicate indirection, and to indicate succession. When used for indirection, as in the Classifier table, the idea is to allow other MIBs, including proprietary ones, to identify new and arcane classifiers - MAC headers, IP4 and IP6 Baker, Chan, SmithExpiration: September 2000 [Page 12] Draft Differentiated Services MIB March 2000 headers, BGP Communities, and all sorts of things. When used for succession, it answers the question "what happens next?". Rather than presume that the next table must be as specified in the conceptual model and providing its index, the RowPointer takes you to the MIB row representing that thing. In the Meter Table, for example, the "FailNext" RowPointer might take you to another meter, while the "SucceedNext" RowPointer would take you to an action. Baker, Chan, SmithExpiration: September 2000 [Page 13] Draft Differentiated Services MIB March 2000 4. MIB Definition DIFF-SERV-MIB DEFINITIONS ::= BEGIN IMPORTS Unsigned32, Counter32, Counter64, OBJECT-TYPE, MODULE-IDENTITY, zeroDotZero, mib-2 FROM SNMPv2-SMI TEXTUAL-CONVENTION, RowStatus, RowPointer, TestAndIncr FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF ifIndex FROM IF-MIB DisplayString FROM RFC1213-MIB InetAddressType, InetAddress FROM INET-ADDRESS-MIB; diffServMib MODULE-IDENTITY LAST-UPDATED "9907190100Z" -- Mon Jul 19 01:00:00 PDT 1999 ORGANIZATION "Cisco Systems" CONTACT-INFO " Fred Baker Postal: 519 Lado Drive Santa Barbara, California 93111 Tel: +1 (408) 526-4257 FAX: +1 (805) 681-0115 E-mail: fred@cisco.com Kwok Ho Chan Postal: 600 Technology Park Drive Billerica, Massachusetts 01821, USA Tel: +1 (978) 288-8175 FAX: +1 (978) 288-4690 E-mail: khchan@nortelnetworks.com Andrew Smith Postal: 3585 Monroe St. Santa Clara, California 95051 Tel: +1 (408) 579 2821 FAX: +1 (408) 579 3000 E-mail: andrew@extremenetworks.com" DESCRIPTION "This MIB defines the objects necessary to manage a device that uses the Differentiated Services Architecture described in RFC 2475 and the Conceptual Model for DiffServ Routers in draft-ietf-diffserv- model-01.txt." REVISION "9907190100Z" -- Mon Jul 19 01:00:00 PDT 1999 DESCRIPTION "Initial version, published as RFC xxxx." Baker, Chan, SmithExpiration: September 2000 [Page 14] Draft Differentiated Services MIB March 2000 ::= { mib-2 12345 } -- anybody who uses this unassigned -- number deserves the wrath of IANA diffServObjects OBJECT IDENTIFIER ::= { diffServMib 1 } diffServTables OBJECT IDENTIFIER ::= { diffServMib 2 } diffServAugments OBJECT IDENTIFIER ::= { diffServMib 3 } diffServMIBConformance OBJECT IDENTIFIER ::= { diffServMib 4 } -- -- These textual conventions has no effect on either the syntax -- nor the semantics of any managed object. Objects defined -- using this convention are always encoded by means of the -- rules that define their primitive type. -- Dscp ::= TEXTUAL-CONVENTION DISPLAY-HINT "d" STATUS current DESCRIPTION "The code point used for discriminating a traffic stream." SYNTAX INTEGER (-1 | 0..63) SixTupleClfrL4Port ::= TEXTUAL-CONVENTION DISPLAY-HINT "d" STATUS current DESCRIPTION "A value indicating a Layer-4 protocol port number." SYNTAX INTEGER (0..65535) Baker, Chan, SmithExpiration: September 2000 [Page 15] Draft Differentiated Services MIB March 2000 -- -- Classifiers -- -- The tools for IP Six Tuple Classification. -- This object allows a configuring system to obtain a -- unique value for diffServSixTupleClfrId for purposes -- of configuration. diffServSixTupleClfrUnique OBJECT-TYPE SYNTAX TestAndIncr MAX-ACCESS read-write STATUS current DESCRIPTION "The diffServSixTupleClfrUnique object yields a unique new value for diffServSixTupleClfrId when read and subsequently set. This value must be tested for uniqueness." ::= { diffServObjects 1 } diffServSixTupleClfrTable OBJECT-TYPE SYNTAX SEQUENCE OF DiffServSixTupleClfrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of IP Six Tuple Classifier entries that a system may use to identify traffic." ::= { diffServTables 1 } diffServSixTupleClfrEntry OBJECT-TYPE SYNTAX DiffServSixTupleClfrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An IP Six Tuple Classifier entry describes a single classifier." INDEX { diffServSixTupleClfrId } ::= { diffServSixTupleClfrTable 1 } DiffServSixTupleClfrEntry ::= SEQUENCE { diffServSixTupleClfrId Unsigned32, diffServSixTupleClfrAddrType InetAddressType, diffServSixTupleClfrDstAddr InetAddress, diffServSixTupleClfrDstAddrMask InetAddress, diffServSixTupleClfrSrcAddr InetAddress, diffServSixTupleClfrSrcAddrMask InetAddress, diffServSixTupleClfrDscp Dscp, diffServSixTupleClfrProtocol INTEGER, Baker, Chan, SmithExpiration: September 2000 [Page 16] Draft Differentiated Services MIB March 2000 diffServSixTupleClfrDstL4PortMin SixTupleClfrL4Port, diffServSixTupleClfrDstL4PortMax SixTupleClfrL4Port, diffServSixTupleClfrSrcL4PortMin SixTupleClfrL4Port, diffServSixTupleClfrSrcL4PortMax SixTupleClfrL4Port, diffServSixTupleClfrStatus RowStatus } diffServSixTupleClfrId OBJECT-TYPE SYNTAX Unsigned32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "A unique id for the classifier. This object is meant to be pointed to by a RowPointer from other tables, such as the diffServClassifierPattern." ::= { diffServSixTupleClfrEntry 1 } diffServSixTupleClfrAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-write STATUS current DESCRIPTION "The type of IP address used by this classifier entry." ::= { diffServSixTupleClfrEntry 2 } diffServSixTupleClfrDstAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-write STATUS current DESCRIPTION "The IP address to match against the packet's destination IP address." ::= { diffServSixTupleClfrEntry 3 } diffServSixTupleClfrDstAddrMask OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-write STATUS current DESCRIPTION "A mask for the matching of the destination IP address. A zero bit in the mask means that the corresponding bit in the address always matches." DEFVAL {0} ::= { diffServSixTupleClfrEntry 4 } diffServSixTupleClfrSrcAddr OBJECT-TYPE SYNTAX InetAddress Baker, Chan, SmithExpiration: September 2000 [Page 17] Draft Differentiated Services MIB March 2000 MAX-ACCESS read-write STATUS current DESCRIPTION "The IP address to match against the source IP address of each packet." ::= { diffServSixTupleClfrEntry 5 } diffServSixTupleClfrSrcAddrMask OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-write STATUS current DESCRIPTION "A mask for the matching of the source IP address. A zero bit in the mask means that the corresponding bit in the address always matches." DEFVAL {0} ::= { diffServSixTupleClfrEntry 6 } diffServSixTupleClfrDscp OBJECT-TYPE SYNTAX Dscp MAX-ACCESS read-write STATUS current DESCRIPTION "The value that the DSCP in the packet must have to match this entry. A value of -1 indicates that a specific DSCP value has not been defined and thus all DSCP values are considered a match." DEFVAL {-1} ::= { diffServSixTupleClfrEntry 7 } diffServSixTupleClfrProtocol OBJECT-TYPE SYNTAX INTEGER (0..255) MAX-ACCESS read-write STATUS current DESCRIPTION "The IP protocol to match against the IPv4 protocol number in the packet. A value of zero means match all." DEFVAL {0} ::= { diffServSixTupleClfrEntry 8 } diffServSixTupleClfrDstL4PortMin OBJECT-TYPE SYNTAX SixTupleClfrL4Port MAX-ACCESS read-create STATUS current DESCRIPTION "The minimum value that the layer-4 destination port number in the packet must have in order to match this Baker, Chan, SmithExpiration: September 2000 [Page 18] Draft Differentiated Services MIB March 2000 classifier entry." DEFVAL {0} ::= { diffServSixTupleClfrEntry 9 } diffServSixTupleClfrDstL4PortMax OBJECT-TYPE SYNTAX SixTupleClfrL4Port MAX-ACCESS read-write STATUS current DESCRIPTION "The maximum value that the layer-4 destination port number in the packet must have in order to match this classifier entry. This value must be equal to or greater that the value specified for this entry in diffServSixTupleClfrDstL4PortMin." DEFVAL {65535} ::= { diffServSixTupleClfrEntry 10 } diffServSixTupleClfrSrcL4PortMin OBJECT-TYPE SYNTAX SixTupleClfrL4Port MAX-ACCESS read-write STATUS current DESCRIPTION "The minimum value that the layer-4 source port number in the packet must have in order to match this classifier entry." DEFVAL {0} ::= { diffServSixTupleClfrEntry 11 } diffServSixTupleClfrSrcL4PortMax OBJECT-TYPE SYNTAX SixTupleClfrL4Port MAX-ACCESS read-write STATUS current DESCRIPTION "The maximum value that the layer-4 source port number in the packet must have in oder to match this classifier entry. This value must be equal to or greater that the value specified for this entry in dsSixTupleIpSrcL4PortMin." DEFVAL {65535} ::= { diffServSixTupleClfrEntry 12 } diffServSixTupleClfrStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The RowStatus variable controls the activation, Baker, Chan, SmithExpiration: September 2000 [Page 19] Draft Differentiated Services MIB March 2000 deactivation, or deletion of a classifier. Any writable variable may be modified whether the row is active or notInService." ::= { diffServSixTupleClfrEntry 13 } -- Classifier Table -- This object allows a configuring system to obtain a -- unique value for diffServClassifierNumber for purposes of -- configuration diffServClassifierUnique OBJECT-TYPE SYNTAX TestAndIncr MAX-ACCESS read-write STATUS current DESCRIPTION "The diffServClassifierUnique object yields a unique new value for diffServClassifierId when read and subsequently set. This value must be tested for uniqueness." ::= { diffServObjects 2 } -- The Classifier Table allows us to enumerate the relationship -- between arbitrary classifiers and the meters which apply -- to classified streams. diffServClassifierTable OBJECT-TYPE SYNTAX SEQUENCE OF DiffServClassifierEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The classifier table defines the classifiers that a system applies to incoming traffic. Specific classifiers are defined by RowPointers in this table which identify entries in classifier tables of specific type, e.g. Multi-field classifiers for IP are defined in diffServSixTupleClfrTable. Other classifier types may be defined elsewhere." ::= { diffServTables 2 } diffServClassifierEntry OBJECT-TYPE SYNTAX DiffServClassifierEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the classifier table describes a single Baker, Chan, SmithExpiration: September 2000 [Page 20] Draft Differentiated Services MIB March 2000 classifier." INDEX { ifIndex, diffServInterfaceDirection, diffServClassifierId } ::= { diffServClassifierTable 1 } DiffServClassifierEntry ::= SEQUENCE { diffServInterfaceDirection INTEGER, diffServClassifierId Unsigned32, diffServClassifierPattern RowPointer, diffServClassifierNext RowPointer, diffServClassifierPrecedence Unsigned32, diffServClassifierStatus RowStatus } diffServInterfaceDirection OBJECT-TYPE SYNTAX INTEGER { inbound(1), -- ingress interface outbound(2) -- egress interface } MAX-ACCESS not-accessible STATUS current DESCRIPTION "Specifies the direction for this entry on the interface. 'inbound' traffic is operated on during receipt, while 'outbound' traffic is operated on prior to transmission." ::= { diffServClassifierEntry 1 } diffServClassifierId OBJECT-TYPE SYNTAX Unsigned32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Classifier Id enumerates the classifier entry." ::= { diffServClassifierEntry 2 } diffServClassifierPattern OBJECT-TYPE SYNTAX RowPointer MAX-ACCESS read-create STATUS current DESCRIPTION "A pointer to a valid entry in another table that describes the applicable classification pattern, e.g. an entry in diffServSixTupleClfrTable. If the row pointed to does not exist, the classifier is ignored. The value zeroDotZero is interpreted to match anything Baker, Chan, SmithExpiration: September 2000 [Page 21] Draft Differentiated Services MIB March 2000 not matched by another classifier - only one such entry may exist in this table." DEFVAL { zeroDotZero } ::= { diffServClassifierEntry 3 } diffServClassifierNext OBJECT-TYPE SYNTAX RowPointer MAX-ACCESS read-create STATUS current DESCRIPTION "The 'next' variable selects the next datapath element to handle the classified flow. For example, this can points to an entry in the meter or action table." ::= { diffServClassifierEntry 4 } diffServClassifierPrecedence OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "The relative precedence in which classifiers are applied, higer numbers represent classifiers with higher precedence. Classifiers with the same precedence must be unambiguous, i.e. they must define non-overlapping patterns. Classifiers with different precedence may overlap in their patterns: the classifier with the highest precedence that matches is taken." DEFVAL { 0 } ::= { diffServClassifierEntry 5 } diffServClassifierStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The RowStatus variable controls the activation, deactivation, or deletion of a classifier. Any writable variable may be modified whether the row is active or notInService." ::= { diffServClassifierEntry 6 } Baker, Chan, SmithExpiration: September 2000 [Page 22] Draft Differentiated Services MIB March 2000 -- -- Meters -- -- This MIB includes definitions for Token-Bucket -- Meters as one example of possible meters. -- This object allows a configuring system to obtain a -- unique value for diffServTBMeterId for purposes of -- configuration diffServTBMeterUnique OBJECT-TYPE SYNTAX TestAndIncr MAX-ACCESS read-write STATUS current DESCRIPTION "The diffServTBMeterUnique object yields a unique new value for diffServTBMeterId when read and subsequently set. This value must be tested for uniqueness." ::= { diffServObjects 3 } diffServTBMeterTable OBJECT-TYPE SYNTAX SEQUENCE OF DiffServTBMeterEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Meter Table enumerates specific token bucket meters that a system may use to police a stream of classified traffic. The traffic stream is defined by the classifier. It may include all traffic." ::= { diffServTables 3 } diffServTBMeterEntry OBJECT-TYPE SYNTAX DiffServTBMeterEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the meter table describes a single token bucket meter. Note that a meter has exactly one rate, defined as the burst size each time interval. Multiple meters may be cascaded should a multi-rate token bucket be needed in a given Per-Hop Behavior. An example of such a PHB is AF." INDEX { ifIndex, diffServInterfaceDirection, diffServTBMeterId } ::= { diffServTBMeterTable 1 } Baker, Chan, SmithExpiration: September 2000 [Page 23] Draft Differentiated Services MIB March 2000 DiffServTBMeterEntry ::= SEQUENCE { diffServTBMeterId Unsigned32, diffServTBMeterRate Unsigned32, diffServTBMeterBurstSize Unsigned32, diffServTBMeterFailNext RowPointer, diffServTBMeterSucceedNext RowPointer, diffServTBMeterStatus RowStatus } diffServTBMeterId OBJECT-TYPE SYNTAX Unsigned32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "MeterId enumerates the meter entry." ::= { diffServTBMeterEntry 1 } diffServTBMeterRate OBJECT-TYPE SYNTAX Unsigned32 UNITS "KBPS" MAX-ACCESS read-create STATUS current DESCRIPTION "The token bucket rate, in kilo-bits per second (KBPS). Note that if multiple meters are cascaded onto one PHB, the peak rate of the data stream is the sum of their rates." ::= { diffServTBMeterEntry 2 } diffServTBMeterBurstSize OBJECT-TYPE SYNTAX Unsigned32 UNITS "bytes" MAX-ACCESS read-create STATUS current DESCRIPTION "The number of bytes in a single transmission burst. The interval can be derived with (BurstSizex8)/Rate." ::= { diffServTBMeterEntry 3 } diffServTBMeterFailNext OBJECT-TYPE SYNTAX RowPointer MAX-ACCESS read-create STATUS current DESCRIPTION "If the traffic does NOT conform to the meter, FailNext indicates the next datapath element to handle the traffic. For example, an Action or Meter datapath Baker, Chan, SmithExpiration: September 2000 [Page 24] Draft Differentiated Services MIB March 2000 element. The value zeroDotZero in this variable indicates no further DiffServ treatment is performed on this flow by the current interface for this interface direction." DEFVAL { zeroDotZero } ::= { diffServTBMeterEntry 4 } diffServTBMeterSucceedNext OBJECT-TYPE SYNTAX RowPointer MAX-ACCESS read-create STATUS current DESCRIPTION "If the traffic does conform to the meter, SucceedNext indicates the next datapath element to handle the traffic. For example, an Action or Meter datapath element. The value zeroDotZero in this variable indicates no further DiffServ treatment is performed on this flow by the current interface for this interface direction." DEFVAL { zeroDotZero } ::= { diffServTBMeterEntry 5 } diffServTBMeterStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The RowStatus variable controls the activation, deactivation, or deletion of a meter. Any writable variable may be modified whether the row is active or notInService." ::= { diffServTBMeterEntry 6 } Baker, Chan, SmithExpiration: September 2000 [Page 25] Draft Differentiated Services MIB March 2000 -- -- Actions -- -- Notice the Drop Action attributes are referenced by the -- action table rather than by the queue table because -- Differentiated Services PHBs, such as the Assured Service, -- permit differently classified traffic to have different -- drop parameters even though they occupy the same queue." -- -- Mark Action Table -- Rows of this table is pointed to by diffServAction to -- provide detail parameters specific to an Action Type. -- This object allows a configuring system to obtain a -- unique value for diffServMarkActId for purposes of -- configuration. diffServMarkActUnique OBJECT-TYPE SYNTAX TestAndIncr MAX-ACCESS read-write STATUS current DESCRIPTION "The diffServMarkActUnique object yields a unique new value for diffServMarkActId when read and subsequently set. This value must be tested for uniqueness." ::= { diffServObjects 4 } diffServMarkActTable OBJECT-TYPE SYNTAX SEQUENCE OF DiffServMarkActEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The mark action table enumerates specific DSCPs used for marking or remarking the DSCP field. The entries of this table is meant to be referenced by the diffServAction attribute of entries in diffServActionTable for diffServActionType = mark." ::= { diffServTables 4 } diffServMarkActEntry OBJECT-TYPE SYNTAX DiffServMarkActEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the mark action table describes a single DSCP used for marking." Baker, Chan, SmithExpiration: September 2000 [Page 26] Draft Differentiated Services MIB March 2000 INDEX { diffServMarkActId } ::= { diffServMarkActTable 1 } DiffServMarkActEntry ::= SEQUENCE { diffServMarkActId Unsigned32, diffServMarkActDscp Dscp, diffServMarkActStatus RowStatus } diffServMarkActId OBJECT-TYPE SYNTAX Unsigned32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Mark Action Id enumerates the Mark Action entry." ::= { diffServMarkActEntry 1 } diffServMarkActDSCP OBJECT-TYPE SYNTAX Dscp MAX-ACCESS read-create STATUS current DESCRIPTION "The DSCP this Action TCB uses for marking/remarking traffic with." Note that if the classifier is working from the same DSCP value, no effective change in the DSCP results. Differentiated Services may result in packet remarking both on ingress to a network and on egress, and it is quite possible that ingress and egress would occur in the same router." ::= { diffServMarkActEntry 2 } diffServMarkActStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The RowStatus variable controls the activation, deactivation, or deletion of this entry. Any writable variable may be modified whether the row is active or notInService." ::= { diffServMarkActEntry 3 } -- Count Action Table -- Rows of this table is pointed to by diffServAction to Baker, Chan, SmithExpiration: September 2000 [Page 27] Draft Differentiated Services MIB March 2000 -- provide detail parameters specific to Count Action. -- This object allows a configuring system to obtain a -- unique value for diffServCountActId for purposes of -- configuration. diffServCountActUnique OBJECT-TYPE SYNTAX TestAndIncr MAX-ACCESS read-write STATUS current DESCRIPTION "The diffServCountActUnique object yields a unique new value for diffServCountActId when read and subsequently set. This value must be tested for uniqueness." ::= { diffServObjects 5 } diffServCountActTable OBJECT-TYPE SYNTAX SEQUENCE OF DiffServCountActEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The count action table contains flow specific counters. The entries of this table is meant to be referenced by the diffServAction attribute of entries in diffServActionTable for diffServActionType = count." ::= { diffServTables 5 } diffServCountActEntry OBJECT-TYPE SYNTAX DiffServCountActEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the count action table describes a single set of flow specific counters. This counter entry is associated with a traffic flow via the diffServActionEntry pointing to it." INDEX { diffServActionId, diffServCountActId } ::= { diffServCountActTable 1 } DiffServCountActEntry ::= SEQUENCE { diffServCountActId Unsigned32, diffServCountActOctetsCnt Counter32, diffServCountActPktsCnt Counter32, diffServCountActStatus RowStatus } diffServCountActId OBJECT-TYPE Baker, Chan, SmithExpiration: September 2000 [Page 28] Draft Differentiated Services MIB March 2000 SYNTAX Unsigned32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Count Action Id enumerates the Count Action entry." ::= { diffServCountActEntry 1 } diffServCountActOctetsCnt OBJECT-TYPE SYNTAX Counter32 UNITS "octets" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Octets at the Action datapath element. Meaning the octets has been classified and possibly metered, and prior to any dropping process. This object may be used on low speed interfaces, and represents the least significant 32 bits of diffServCountActOctetsHCnt in the augmented extension. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime." ::= { diffServCountActEntry 2 } diffServCountActPktsCnt OBJECT-TYPE SYNTAX Counter32 UNITS "packets" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Packets at the Action datapath element. Meaning the packets has been classified and possibly metered, and prior to any dropping process. This object may be used on low speed interfaces, and represents the least significant 32 bits of diffServCountActPktsHCount in the augmented extension. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime." ::= { diffServCountActEntry 3 } diffServCountActStatus OBJECT-TYPE SYNTAX RowStatus Baker, Chan, SmithExpiration: September 2000 [Page 29] Draft Differentiated Services MIB March 2000 MAX-ACCESS read-create STATUS current DESCRIPTION "The RowStatus variable controls the activation, deactivation, or deletion of this entry. Any writable variable may be modified whether the row is active or notInService." ::= { diffServCountActEntry 4 } -- -- High Capacity Counter Extension for Count Action Table -- diffServCountActXTable OBJECT-TYPE SYNTAX SEQUENCE OF DiffServCountActXEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains the high capacity counters for the counters in the Count Action Table. These objects are all 64-bit versions of the basic counters, having the same basic semantics as their 32-bit counterparts, with syntax extended to 64 bits." AUGMENTS { diffServCountActEntry } ::= { diffServAugments 1 } diffServCountActXEntry OBJECT-TYPE SYNTAX DiffServCountActXEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry containing the 64 bit counters applicable to a specific drop action entry." ::= { diffServActionXTable 1 } DiffServCountActXEntry ::= SEQUENCE { diffServCountActOctetsHCnt Counter64, diffServCountActPktsHCnt Counter64 } diffServCountActOctetsHCnt OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Octets at the Action datapath element. Meaning the packets has been classified and possibly Baker, Chan, SmithExpiration: September 2000 [Page 30] Draft Differentiated Services MIB March 2000 metered, and prior to any dropping process. This object should be used on high speed interfaces. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime." ::= { diffServCountActXEntry 1 } diffServCountActPktsHCnt OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Packets at the Action datapath element. Meaning the packets has been classified and possibly metered, and prior to any dropping process. This object should be used on high speed interfaces. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime." ::= { diffServCountActXEntry 2 } -- Drop Action Table -- Rows of this table is pointed to by diffServAction to -- provide detail parameters specific to an Action Type. -- Notice the use of diffServQueueId as part of this -- table's index. Hence each entry is queue specific. -- This object allows a configuring system to obtain a -- unique value for diffServDropActId for purposes of -- configuration. diffServDropActUnique OBJECT-TYPE SYNTAX TestAndIncr MAX-ACCESS read-write STATUS current DESCRIPTION "The diffServDropActUnique object yields a unique new value for diffServDropActId when read and subsequently set. This value must be tested for uniqueness." ::= { diffServObjects 6 } Baker, Chan, SmithExpiration: September 2000 [Page 31] Draft Differentiated Services MIB March 2000 diffServDropActTable OBJECT-TYPE SYNTAX SEQUENCE OF DiffServDropActEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The drop action table enumerates sets of attributes used to represent a drop process. Each set is normally associated with a queue. The entries of this table is meant to be referenced by the diffServAction attribute of entries in diffServActionTable. The entries of this table is used for: Tail Drop Action when diffServActionType = tailDrop Random Drop Action when diffServActionType = randomDrop Deterministic Drop Action when diffServActionType = deterDrop" ::= { diffServTables 6 } diffServDropActEntry OBJECT-TYPE SYNTAX DiffServDropActEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the drop action table describes a single drop process's configuration. For Tail Drop Process: For Random Drop Process: (QMin,PMin) and (QMax,PMax) defines the drop probability used for the random drop process. Normally PMin have a value of zero. QClip defines the guaranteed average queue depth, after which the drop probability reaches 100%. For Deterministic Drop Process: QMeasure points to an entry providing Queue Measurement needed for the drop process." INDEX { diffServQueueId, diffServDropActId } ::= { diffServTable 1 } DiffServDropActEntry ::= SEQUENCE { diffServDropActId Unsigned32, diffServDropActQMin Unsigned32, diffServDropActQMax Unsigned32, diffServDropActQClip Unsigned32, diffServDropActPMin Unsigned32, diffServDropActPMax Unsigned32, diffServDropActPCur Unsigned32, diffServDropActQMeasure RowPointer, diffServDropActOctetsCnt Counter32, diffServDropActPktsCnt Counter32, diffServDropActStatus RowStatus } Baker, Chan, SmithExpiration: September 2000 [Page 32] Draft Differentiated Services MIB March 2000 diffServDropActId OBJECT-TYPE SYNTAX Unsigned32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Drop Action Id enumerates the Drop Action entry." ::= { diffServDropActEntry 1 } diffServDropActQMin OBJECT-TYPE SYNTAX Unsigned32 UNITS "Kilo Bits" MAX-ACCESS read-create STATUS current DESCRIPTION "QMin, with PMin, defines the lowerest drop probability point for this random drop process. With PMin=0, the queue may drop if a packet is presented to it and the average queue depth exceeds QMin." ::= { diffServDropActEntry 2 } diffServDropActQMax OBJECT-TYPE SYNTAX Unsigned32 UNITS "Kilo Bits" MAX-ACCESS read-create STATUS current "QMax, with PMax, defines the higher point of drop probability for random drop process. For Tail Drop Process: This represents the measure by which the queue will drop if a packet is presented to it." ::= { diffServDropActEntry 3 } diffServDropActQClip OBJECT-TYPE SYNTAX Unsigned32 UNITS "Kilo Bits" MAX-ACCESS read-create STATUS current "The average queue length at which point the drop probability reaches 100%." ::= { diffServDropActEntry 4 } diffServDropActPMin OBJECT-TYPE SYNTAX Unsigned32 (0..1000000) UNITS "per-micro-age" MAX-ACCESS read-write STATUS current "QMin, with PMin, defines the lowerest drop probability point for this random drop process. With PMin=0, the Baker, Chan, SmithExpiration: September 2000 [Page 33] Draft Differentiated Services MIB March 2000 queue may drop if a packet is presented to it and the average queue depth exceeds QMin. This drop probability is expressed in per-micro-age, the value in this attribute needs to be divided by 1,000,000 to obtain the drop probability between 0 and 1." ::= { diffServDropActEntry 5 } diffServDropActPMax OBJECT-TYPE SYNTAX Unsigned32 (0..1000000) UNITS "per-micro-age" MAX-ACCESS read-write STATUS current "QMax and PMax are part of the drop probability configuration. This drop probability is expressed in per-micro-age, the value in this attribute needs to be divided by 1,000,000 to obtain the drop probability between 0 and 1." ::= { diffServDropActEntry 6 } diffServDropActPCur OBJECT-TYPE SYNTAX Unsigned32 (0..1000000) UNITS "per-micro-age" MAX-ACCESS read-only STATUS current "The current drop probability. This drop probability is expressed in per-micro-age, the value in this attribute needs to be divided by 1,000,000 to obtain the drop probability between 0 and 1." ::= { diffServDropActEntry 7 } diffServDropActQMeasure OBJECT-TYPE SYNTAX RowPointer MAX-ACCESS read-create STATUS current "Points to an entry in the diffServQMeasureTable for queue information required by the drop process." ::= { diffServDropActEntry 8 } diffServDropActOctetsCnt OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets that have been dropped by a drop process. On high speed devices, this object implements the least significant 32 bits of diffServDropActOctetsHCnt. Baker, Chan, SmithExpiration: September 2000 [Page 34] Draft Differentiated Services MIB March 2000 Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime." ::= { diffServDropActEntry 9 } diffServDropActPktsCnt OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets that have been dropped by a drop process. On high speed devices, this object implements the least significant 32 bits of diffServDropActPktsHCnt. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime." ::= { diffServDropActEntry 10 } diffServDropActStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The RowStatus variable controls the activation, deactivation, or deletion of this entry. Any writable variable may be modified whether the row is active or notInService." ::= { diffServDropActEntry 11 } -- -- High Capacity Counter Extension for Drop Action Table -- diffServDropActXTable OBJECT-TYPE SYNTAX SEQUENCE OF DiffServDropActXEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains the high capacity counters for the counters in the Drop Action Table. These objects are all 64 bit versions of the basic counters, having the same basic semantics as their 32-bit counterparts, with syntax extended to 64 bits." Baker, Chan, SmithExpiration: September 2000 [Page 35] Draft Differentiated Services MIB March 2000 AUGMENTS { diffServDropActEntry } ::= { diffServAugments 2 } diffServDropActXEntry OBJECT-TYPE SYNTAX DiffServDropActXEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry containing the 64 bit counters applicable to a specific drop action entry." ::= { diffServDropActXTable 1 } DiffServDropActXEntry ::= SEQUENCE { diffServDropActOctetsHCnt Counter64, diffServDropActPktsHCnt Counter64 } diffServDropActOctetsHCnt OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets that have been dropped by a drop process. This object should be used on high speed interfaces. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime." ::= { diffServDropActXEntry 1 } diffServDropActPktsHCnt OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets that have been dropped by a drop process. This object should be used on high speed interfaces. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ifCounterDiscontinuityTime." ::= { diffServDropActXEntry 2 } Baker, Chan, SmithExpiration: September 2000 [Page 36] Draft Differentiated Services MIB March 2000 -- This object allows a configuring system to obtain a -- unique value for diffServActionId for purposes of -- configuration diffServActionUnique OBJECT-TYPE SYNTAX TestAndIncr MAX-ACCESS read-write STATUS current DESCRIPTION "The diffServActionUnique object yields a unique new value for diffServActionId when read and subsequently set. This value must be tested for uniqueness." ::= { diffServObjects 7 } -- The Action Table allows us to enumerate the different -- types of actions to be applied to a flow. diffServActionTable OBJECT-TYPE SYNTAX SEQUENCE OF DiffServActionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Action Table enumerates actions that can be performed to a stream of traffic. Multiple Actions can be concatenated. For example, marking of a stream of traffic exiting a meter (conforming or non-conforming), then perform a drop process with dropped traffic counts maintained. Notice counting is considered as a type of action. The set of flow specific counters in the Count Action Table maintains statistics for a flow that arrives to this Action datapath element. This count is always taken before any drop processing is performed." ::= { diffServTables 7 } diffServActionEntry OBJECT-TYPE SYNTAX DiffServActionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the action table describes the actions applied to traffic exiting a given meter." INDEX { ifIndex, diffServInterfaceDirection, diffServActionId } ::= { diffServActionTable 1 } DiffServActionEntry ::= SEQUENCE { diffServActionId Unsigned32, Baker, Chan, SmithExpiration: September 2000 [Page 37] Draft Differentiated Services MIB March 2000 diffServActionNext RowPointer, diffServActionType INTEGER, diffServAction RowPointer, diffServActionStatus RowStatus } diffServActionId OBJECT-TYPE SYNTAX Unsigned32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Action Id enumerates the Action entry." ::= { diffServActionEntry 1 } diffServActionNext OBJECT-TYPE SYNTAX RowPointer MAX-ACCESS read-create STATUS current DESCRIPTION "The Next pointer indicates the next datapath element to handle the traffic. For example, a queue datapath element. The value zeroDotZero in this variable indicates no further DiffServ treatment is performed on this flow by the current interface for this interface direction." DEFVAL { zeroDotZero } ::= { diffServActionEntry 2 } diffServActionType OBJECT-TYPE SYNTAX INTEGER { other(1), -- types not specified here. mark(2), -- mark or remark count(3), -- count alwaysDrop(4), -- disallow traffic tailDrop(5), -- fix queue size Drop randomDrop(6), -- Random Drop deterDrop(7) -- Deterministic Drop } MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the type of action diffServAction points to." ::= { diffServActionEntry 3 } diffServAction OBJECT-TYPE SYNTAX RowPointer Baker, Chan, SmithExpiration: September 2000 [Page 38] Draft Differentiated Services MIB March 2000 MAX-ACCESS read-create STATUS current DESCRIPTION "Points to a row in a Action Type Table that provides all the parameters for the type of action indicated in diffServActionType. Can also points to a row in some other MIB to provide some proprietary action type." ::= { diffServActionEntry 4 } diffServActionStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The RowStatus variable controls the activation, deactivation, or deletion of a meter. Any writable variable may be modified whether the row is active or notInService." ::= { diffServActionEntry 5 } Baker, Chan, SmithExpiration: September 2000 [Page 39] Draft Differentiated Services MIB March 2000 -- -- Queue Set Table -- The Queue Set Table is used for organizing queues -- defined in the Queue Table into Queue Sets, with -- queue scheduling defined in the queue set entry. -- Queue Set Table provides flexibility in queue -- organization and allows more complex hierarchical -- scheduling algorithms be defined. For example, -- multiple scheduling algorithms, each with multiple -- queues, used on the same logical/physical interface. -- -- This object allows a configuring system to obtain a -- unique value for diffServQSetId for purposes of -- configuration diffServQSetUnique OBJECT-TYPE SYNTAX TestAndIncr MAX-ACCESS read-write STATUS current DESCRIPTION "The diffServQSetUnique object yields a unique new value for diffServQSetId when read and subsequently set. This value must be tested for uniqueness." ::= { diffServObjects 8 } diffServQSetTable OBJECT-TYPE SYNTAX SEQUENCE OF DiffServQSetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Queue Set Table enumerates the queue sets. Queue Sets are used to organize queues based on their scheduling algorithms. Multiple sheduling algorithms can be used, with each algorithm described by one Queue Set Entry. Multiple instances of a single sheduling algorithm, each with different scheduling parameters can also be expressed, each described by its own Queue Set Entry. Relationships between Queue Sets are used to build scheduling algorithm hierarchies. For example, a weighed fair queueing queue set can be a part of a priority queueing queue set, having the weighed fair queueing queue set be a branch of the priority queueing queue set. More complex hierarchies can also be expressed using this mechanism." ::= { diffServTables 8 } Baker, Chan, SmithExpiration: September 2000 [Page 40] Draft Differentiated Services MIB March 2000 diffServQSetEntry OBJECT-TYPE SYNTAX DiffServQSetEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the Queue Set Table describes a single queue set." INDEX { ifIndex, diffServInterfaceDirection, diffServQSetId } ::= { diffServQSetTable 1 } DiffServQSetEntry ::= SEQUENCE { diffServQSetId Unsigned32, diffServQSetParentId Unsigned32, diffServQSetWeight Unsigned32, diffServQSetMethod INTEGER, diffServQSetRateUnit INTEGER, diffServQSetMinRate Unsigned32, diffServQSetMaxRate Unsigned32, diffServQSetNext RowPointer, diffServQSetStatus RowStatus } diffServQSetId OBJECT-TYPE SYNTAX Unsigned32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Queue Set Id enumerates the Queue Set entry." ::= { diffServQSetEntry 1 } diffServQSetParentId OBJECT-TYPE SYNTAX Unsigned32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Queue Set Parent Id allows the formation of hierarchical relationships between scheduling algorithms." ::= { diffServQSetEntry 2 } diffServQSetWeight OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "Used with QSetParentId in hierarchical scheduling Baker, Chan, SmithExpiration: September 2000 [Page 41] Draft Differentiated Services MIB March 2000 setup. QSetWeight represent the weight of all queues within this queue set, with respect to queues in other queue sets in hierarchical scheduling. For example, this queue set represents the weighed fair queueing scheduling amongst all the queues in this queue set. This set of weighted fair queueing queues as a whole belongs to a priority queueing queue set. QSetWeight determines this queue set's priority/weight in the parent queue set's priority queueing scheduling algorithm. There can be more than one weighed fair queueing queue sets belonging to the same priority queueing parent queue set." ::= { diffServQSetEntry 3 } diffServQSetMethod OBJECT-TYPE SYNTAX INTEGER { other(1), -- not listed here pq(2), -- Priority Queueing wfq(3), -- Weighed Fair Queueing wrr(4) -- Weighed Round Robin } MAX-ACCESS read-create STATUS current DESCRIPTION "The scheduling algorithm used by queues in this queue set." ::= { diffServQSetEntry 4 } diffServQSetRateUnit OBJECT-TYPE SYNTAX INTEGER { kbps(1), -- kilo bits per second packets(2) -- packets per second } MAX-ACCESS read-create STATUS current DESCRIPTION "The unit of measure for the MinRate and MaxRate attributes. The packet unit allows packet fair algorithms in addition to bit fair algorithms." ::= { diffServQSetEntry 5 } diffServQSetMinRate OBJECT-TYPE SYNTAX Unsigned32 UNITS "KBPS" MAX-ACCESS read-create STATUS current DESCRIPTION Baker, Chan, SmithExpiration: September 2000 [Page 42] Draft Differentiated Services MIB March 2000 "The minimum rate for the whole queue set. If the value is zero, then there is effectively no minimum rate. If the value is non-zero, the queue set will seek to assure this class of traffic at least this rate." ::= { diffServQSetEntry 6 } diffServQSetMaxRate OBJECT-TYPE SYNTAX Unsigned32 UNITS "KBPS" MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum rate for the whole queue set. If the value is zero, then there is effectively no maximum rate. If the value is non-zero, the queue set will seek to assure this class of traffic at most this rate." ::= { diffServQSetEntry 7 } diffServQSetNext OBJECT-TYPE SYNTAX RowPointer MAX-ACCESS read-create STATUS current DESCRIPTION "Selects the next data path component, which can be another Queue Set. One usage of multiple serial Queue Sets is for Class Base Queueing (CBQ). The value zeroDotZero in this variable indicates no further DiffServ treatment is performed on this flow by the current interface for this interface direction. For example, for an inbound interface the value zeroDotZero indicates that the packet flow has now completed inbound DiffServ treatment and should be forwarded on to the appropriate outbound interface." DEFVAL { zeroDotZero } ::= { diffServQSetEntry 8 } diffServQSetStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The RowStatus variable controls the activation, deactivation, or deletion of a queue. Any writable variable may be modified whether the row is active or notInService." Baker, Chan, SmithExpiration: September 2000 [Page 43] Draft Differentiated Services MIB March 2000 ::= { diffServQSetEntry 9 } Baker, Chan, SmithExpiration: September 2000 [Page 44] Draft Differentiated Services MIB March 2000 -- -- Queue Table -- -- This object allows a configuring system to obtain a -- unique value for diffServQId for purposes of -- configuration. diffServQUnique OBJECT-TYPE SYNTAX TestAndIncr MAX-ACCESS read-write STATUS current DESCRIPTION "The diffServQUnique object yields a unique new value for diffServQId when read and subsequently set. This value must be tested for uniqueness." ::= { diffServObjects 9 } -- The Queue Table allows us to describe individual queues diffServQTable OBJECT-TYPE SYNTAX SEQUENCE OF DiffServQEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Queue Table enumerates the queues on an interface." ::= { diffServTables 9 } diffServQEntry OBJECT-TYPE SYNTAX DiffServQEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the Queue Table describes a single FIFO queue." INDEX { diffServQQSetId, diffServQId } ::= { diffServQTable 1 } DiffServQEntry ::= SEQUENCE { diffServQId Unsigned32, diffServQQSetId Unsigned32, diffServQSchedulerWeight Unsigned32, diffServQStatus RowStatus } diffServQId OBJECT-TYPE Baker, Chan, SmithExpiration: September 2000 [Page 45] Draft Differentiated Services MIB March 2000 SYNTAX Unsigned32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Queue Id enumerates the Queue entry." ::= { diffServQEntry 1 } diffServQQSetId OBJECT-TYPE SYNTAX Unsigned32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Indicates the Queue Set this queue is part of." ::= { diffServQEntry 2 } diffServQSchedulerWeight OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "The weight or priority of the queue, depending on the scheduling method used. Notice only the weight of the queue is used, instead of the rate. The rate can be derived based on the rate of the queue set. This is to facilitate changing link speed and/or changing scheduling method without reconfiguring the queues." ::= { diffServQEntry 3 } diffServQStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The RowStatus variable controls the activation, deactivation, or deletion of a queue. Any writable variable may be modified whether the row is active or notInService." ::= { diffServQEntry 4 } -- Queue Measurement Table -- This object allows a configuring system to obtain a -- unique value for diffServQMeasureId for purposes of -- configuration. diffServQMeasureUnique OBJECT-TYPE SYNTAX TestAndIncr Baker, Chan, SmithExpiration: September 2000 [Page 46] Draft Differentiated Services MIB March 2000 MAX-ACCESS read-write STATUS current DESCRIPTION "The diffServQMeasureUnique object yields a unique new value for diffServQMeasureId when read and subsequently set. This value must be tested for uniqueness." ::= { diffServObjects 10 } diffServQMeasureTable OBJECT-TYPE SYNTAX SEQUENCE OF DiffServQMeasureEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Queue Measurement Table contains entries describing the state of queues, this include states for implementing traffic treatment algorithms. Notice multiple queue measurement entries for the same queue is allowed." ::= { diffServTables 10 } diffServQMeasureEntry OBJECT-TYPE SYNTAX DiffServQMeasureEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the Queue Measure Table describes a single set of measurement for a specific queue." INDEX { diffServQMeasureQId, diffServQMeasureId } ::= { diffServQMeasureTable 1 } DiffServQMeasureEntry ::= SEQUENCE { diffServQMeasureId Unsigned32, diffServQMeasureQId Unsigned32, diffServQMeasureAvgSampleInt Unsigned32, diffServQMeasureAvgWeightExp Unsigned32, diffServQMeasureAvgWeightMan Unsigned32, diffServQMeasureQAverage Unsigned32, diffServQMeasureStatus RowStatus } diffServQMeasureId OBJECT-TYPE SYNTAX Unsigned32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Queue Measure Id enumerates the Queue Measure entry." Baker, Chan, SmithExpiration: September 2000 [Page 47] Draft Differentiated Services MIB March 2000 ::= { diffServQMeasureEntry 1 } diffServQMeasureQId OBJECT-TYPE SYNTAX Unsigned32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Indicates the queue this measurement is associated with." ::= { diffServQMeasureEntry 2 } diffServQMeasureAvgSampleInt OBJECT-TYPE SYNTAX Unsigned32 UNIT millisecond MAX-ACCESS read-create STATUS current DESCRIPTION "The sampling interval for queue average calculation, in milliseconds. For queue sampling based on packet enqueueing or dequeueing intervals, this attribute should contain the value of zero." ::= { diffServQMeasureEntry 3 } diffServQMeasureAvgWeightExp OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current "The exponent part of weight (in real number format) for queue average calculation. This is a base 10 exponent, with the attribute representing a negative value. For example, with 8 in this attribute meaning 10 to the power of -8. An 8 bit value here will be sufficient." ::= { diffServQMeasureEntry 4 } diffServQMeasureAvgWeightMan OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current "The mantissa part of weight (in real number format) for queue average calculation. Always a positive number. Need 16 bits of accuracy." ::= { diffServQMeasureEntry 5 } diffServQMeasureQAverage OBJECT-TYPE SYNTAX Unsigned32 UNITS kilo-bits Baker, Chan, SmithExpiration: September 2000 [Page 48] Draft Differentiated Services MIB March 2000 MAX-ACCESS read-only STATUS current "The current queue average in kilo bits." ::= { diffServQMeasureEntry 6 } diffServQMeasureStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The RowStatus variable controls the activation, deactivation, or deletion of a queue. Any writable variable may be modified whether the row is active or notInService." ::= { diffServQMeasureEntry 7 } Baker, Chan, SmithExpiration: September 2000 [Page 49] Draft Differentiated Services MIB March 2000 -- MIB Compliance statements. Three variations of -- compliance are described, for optical, LAN, and low speed -- interfaces. The difference is the implementation of -- diffServActionOctetsHCnt, diffServActionPktsHCnt -- and diffServCountActOctetsHCnt, diffServCountActPktsHCnt. diffServMIBCompliances OBJECT IDENTIFIER ::= { diffServMIBConformance 1 } diffServMIBGroups OBJECT IDENTIFIER ::= { diffServMIBConformance 2 } diffServMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "This MIB may be implemented as a read-only or as a read-create MIB. As a result, it may be used for monitoring or for configuration. Standard compliance implies that the implementation complies for interfaces for which an interface's octet counter might wrap at most once an hour, which by the IFMIB's convention applies to interfaces under 20 MBPS. It thus applies to any device which might implement a low speed serial line, Ethernet, Token Ring." MODULE -- This Module MANDATORY-GROUPS { diffServMIBClassifierGroup, diffServMIBMeterGroup, diffServMIBQueueGroup, diffServMIBActionGroup -- note that diffServMIBHCCounterGroup is -- mandatory for medium and high speed interfaces -- note that diffServMIBVHCCounterGroup is -- mandatory for high speed interfaces -- note that the diffServMIBStaticGroup is -- mandatory for implementations that implement a -- read-write or read-create mode. } GROUP diffServMIBHCCounterGroup DESCRIPTION "This group is mandatory for those network interfaces for which the value of the corresponding instance of ifSpeed is greater than 20,000,000 bits/second." GROUP diffServMIBVHCCounterGroup DESCRIPTION "This group is mandatory for those network interfaces Baker, Chan, SmithExpiration: September 2000 [Page 50] Draft Differentiated Services MIB March 2000 for which the value of the corresponding instance of ifSpeed is greater than 650,000,000 bits/second." OBJECT diffServClassifierMatchObject MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServClassifierNext MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServClassifierSequence MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServClassifierStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServTBMeterInterval MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServTBMeterBurstSize MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServTBMeterFailNext MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServTBMeterSucceedNext MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServTBMeterStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required." Baker, Chan, SmithExpiration: September 2000 [Page 51] Draft Differentiated Services MIB March 2000 OBJECT diffServActionNext MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServActionDSCP MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServActionMinThreshold MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServActionMaxThreshold MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServActionDropPolicy MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServActionStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServQueueMinimumRate MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServQueueMaximumRate MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServQueuePriority MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServQueueNextTCB MIN-ACCESS read-only Baker, Chan, SmithExpiration: September 2000 [Page 52] Draft Differentiated Services MIB March 2000 DESCRIPTION "Write access is not required." OBJECT diffServQueueStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required." ::= { diffServMIBCompliances 1 } Baker, Chan, SmithExpiration: September 2000 [Page 53] Draft Differentiated Services MIB March 2000 diffServMIBVHCCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "This MIB may be implemented as a read-only or as a read-create MIB. As a result, it may be used for monitoring or for configuration. Very High Speed compliance implies that the implementation complies for interfaces for which an interface's packet or octet counters might wrap more than once an hour, which by the IFMIB's convention applies to interfaces over 650 MBPS, or OC-12." MODULE -- This Module MANDATORY-GROUPS { diffServMIBClassifierGroup, diffServMIBMeterGroup, diffServMIBQueueGroup, diffServMIBHCCounterGroup, diffServMIBVHCCounterGroup, diffServMIBActionGroup -- note that the diffServMIBStaticGroup is -- mandatory for implementations that implement a -- read-write or read-create mode. } OBJECT diffServClassifierMatchObject MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServClassifierNext MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServClassifierSequence MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServClassifierStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServTBMeterInterval MIN-ACCESS read-only DESCRIPTION Baker, Chan, SmithExpiration: September 2000 [Page 54] Draft Differentiated Services MIB March 2000 "Write access is not required." OBJECT diffServTBMeterBurstSize MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServTBMeterFailNext MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServTBMeterSucceedNext MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServTBMeterStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServActionNext MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServActionDSCP MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServActionMinThreshold MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServActionMaxThreshold MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServActionDropPolicy MIN-ACCESS read-only DESCRIPTION "Write access is not required." Baker, Chan, SmithExpiration: September 2000 [Page 55] Draft Differentiated Services MIB March 2000 OBJECT diffServActionStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServQueueMinimumRate MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServQueueMaximumRate MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServQueuePriority MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServQueueNextTCB MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServQueueStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required." ::= { diffServMIBCompliances 2 } Baker, Chan, SmithExpiration: September 2000 [Page 56] Draft Differentiated Services MIB March 2000 diffServMIBHCCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "This MIB may be implemented as a read-only or as a read-create MIB. As a result, it may be used for monitoring or for configuration. High Speed compliance implies that the implementation complies for interfaces for which an interface's octet counters might wrap more than once an hour, which by the IFMIB's convention applies to interfaces over 20 MBPS, but under 650 MBPS. It thus applies to devices which implement a 100 MBPS Ethernet, FDDI, E3, DS3, or SONET/SDH interface up to OC-12." MODULE -- This Module MANDATORY-GROUPS { diffServMIBClassifierGroup, diffServMIBMeterGroup, diffServMIBQueueGroup, diffServMIBHCCounterGroup, diffServMIBActionGroup -- note that diffServMIBVHCCounterGroup is -- mandatory for high speed interfaces -- note that the diffServMIBStaticGroup is -- mandatory for implementations that implement a -- read-write or read-create mode. } GROUP diffServMIBVHCCounterGroup DESCRIPTION "This group is mandatory for those network interfaces for which the value of the corresponding instance of ifSpeed is greater than 650,000,000 bits/second." OBJECT diffServClassifierMatchObject MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServClassifierNext MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServClassifierSequence MIN-ACCESS read-only DESCRIPTION Baker, Chan, SmithExpiration: September 2000 [Page 57] Draft Differentiated Services MIB March 2000 "Write access is not required." OBJECT diffServClassifierStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServTBMeterInterval MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServTBMeterBurstSize MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServTBMeterFailNext MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServTBMeterSucceedNext MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServTBMeterStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServActionNext MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServActionDSCP MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServActionMinThreshold MIN-ACCESS read-only DESCRIPTION "Write access is not required." Baker, Chan, SmithExpiration: September 2000 [Page 58] Draft Differentiated Services MIB March 2000 OBJECT diffServActionMaxThreshold MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServActionDropPolicy MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServActionStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServQueueMinimumRate MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServQueueMaximumRate MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServQueuePriority MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServQueueNextTCB MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT diffServQueueStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required." ::= { diffServMIBCompliances 3 } Baker, Chan, SmithExpiration: September 2000 [Page 59] Draft Differentiated Services MIB March 2000 diffServMIBClassifierGroup OBJECT-GROUP OBJECTS { diffServAggregateDSCP, diffServClassifierMatchObject, diffServClassifierNext, diffServClassifierSequence, diffServClassifierStatus } STATUS current DESCRIPTION "The Classifier Group defines the MIB Objects that describe a classifier." ::= { diffServMIBGroups 1 } diffServMIBMeterGroup OBJECT-GROUP OBJECTS { diffServTBMeterInterval, diffServTBMeterBurstSize, diffServTBMeterSucceedNext, diffServTBMeterFailNext, diffServTBMeterStatus } STATUS current DESCRIPTION "The Meter Group defines the objects used in describing a meter." ::= { diffServMIBGroups 2 } diffServMIBActionGroup OBJECT-GROUP OBJECTS { diffServActionDropPolicy, diffServActionRandomDrops, diffServActionTailDrops, diffServActionMinThreshold, diffServActionMaxThreshold, diffServActionDSCP, diffServActionNext, diffServActionConformingPackets, diffServActionConformingOctets, diffServActionStatus } STATUS current DESCRIPTION "The Action Group defines the objects used in describing an action." ::= { diffServMIBGroups 3 } diffServMIBHCCounterGroup OBJECT-GROUP OBJECTS { diffServActionHCConformingOctets Baker, Chan, SmithExpiration: September 2000 [Page 60] Draft Differentiated Services MIB March 2000 } STATUS current DESCRIPTION "At 20,000,000 bits per second or greater, the number of octets a given class may count can overflow a 32 bit counter in under an hour. Therefore, by convention established in the IFMIB, the 64 bit counter must be implemented as well." ::= { diffServMIBGroups 4 } diffServMIBVHCCounterGroup OBJECT-GROUP OBJECTS { diffServActionHCConformingPackets, diffServActionHCRandomDrops, diffServActionHCTailDrops } STATUS current DESCRIPTION "At 650,000,000 bits per second or greater, the number of packets a given class may count can overflow a 32 bit counter in under an hour. Therefore, by convention established in the IFMIB, the 64 bit counter must be implemented as well." ::= { diffServMIBGroups 5 } diffServMIBQueueGroup OBJECT-GROUP OBJECTS { diffServQueueMinimumRate, diffServQueueMaximumRate, diffServQueuePriority, diffServQueueStatus, diffServQueueNextTCB } STATUS current DESCRIPTION "The Queue Group contains the objects that describe an interface's queues." ::= { diffServMIBGroups 6 } diffServMIBStaticGroup OBJECT-GROUP OBJECTS { diffServClassifierUnique, diffServTBMeterUnique, diffServQueueUnique, diffServActionUnique } STATUS current DESCRIPTION "The Static Group contains scalar objects used in creating unique enumerations for classifiers, meters, Baker, Chan, SmithExpiration: September 2000 [Page 61] Draft Differentiated Services MIB March 2000 and queues." ::= { diffServMIBGroups 7 } END Baker, Chan, SmithExpiration: September 2000 [Page 62] Draft Differentiated Services MIB March 2000 5. Acknowledgments This MIB has been developed with active involvement from a number of sources, but most notably Yoram Bernet, Steve Blake, Brian Carpenter, Kwok Chan, Dave Durham, Jeremy Greene, Roch Guerin, Scott Hahn, Keith McCloghrie, Kathleen Nichols, Ping Pan, Andrew Smith, and Bert Wijnen. 6. Security Considerations It is clear that this MIB is potentially useful for configuration, and anything that can be configured can be misconfigured, with potentially disastrous effect. At this writing, no security holes have been identified beyond those that SNMP Security is itself intended to address. These relate to primarily controlled access to sensitive information and the ability to configure a device - or which might result from operator error, which is beyond the scope of any security architecture. There are a number of management objects defined in this MIB that have a MAX-ACCESS clause of read-write and/or read- create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. The use of SNMP Version 3 is recommended over prior versions, for configuration control, as its security model is improved. There are a number of managed objects in this MIB that may contain information that may be sensitive from a business perspective, in that they may represent a customer's service contract or the filters that the service provider chooses to apply to a customer's ingress or egress traffic. There are no objects which are sensitive in their own right, such as passwords or monetary amounts. It may be important to control even GET access to these objects and possibly to even encrypt the values of these object when sending them over the network via SNMP. Not all versions of SNMP provide features for such a secure environment. Baker, Chan, SmithExpiration: September 2000 [Page 63] Draft Differentiated Services MIB March 2000 7. References [1] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing SNMP Management Frameworks", RFC 2571, Cabletron Systems, Inc., BMC Software, Inc., IBM T. J. Watson Research, April 1999 [2] Rose, M., and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based Internets", RFC 1155, STD 16, Performance Systems International, Hughes LAN Systems, May 1990 [3] Rose, M., and K. McCloghrie, "Concise MIB Definitions", RFC 1212, STD 16, Performance Systems International, Hughes LAN Systems, March 1991 [4] M. Rose, "A Convention for Defining Traps for use with the SNMP", RFC 1215, Performance Systems International, March 1991 [5] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", RFC 2578, STD 58, Cisco Systems, SNMPinfo, TU Braunschweig, SNMP Research, First Virtual Holdings, International Network Services, April 1999 [6] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", RFC 2579, STD 58, Cisco Systems, SNMPinfo, TU Braunschweig, SNMP Research, First Virtual Holdings, International Network Services, April 1999 [7] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Conformance Statements for SMIv2", RFC 2580, STD 58, Cisco Systems, SNMPinfo, TU Braunschweig, SNMP Research, First Virtual Holdings, International Network Services, April 1999 [8] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network Management Protocol", RFC 1157, STD 15, SNMP Research, Performance Systems International, Performance Systems International, MIT Laboratory for Computer Science, May 1990. [9] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, SNMP Baker, Chan, SmithExpiration: September 2000 [Page 64] Draft Differentiated Services MIB March 2000 Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [10] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1906, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [11] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2572, SNMP Research, Inc., Cabletron Systems, Inc., BMC Software, Inc., IBM T. J. Watson Research, April 1999 [12] Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2574, IBM T. J. Watson Research, April 1999 [13] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [14] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC 2573, SNMP Research, Inc., Secure Computing Corporation, Cisco Systems, April 1999 [15] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2575, IBM T. J. Watson Research, BMC Software, Inc., Cisco Systems, Inc., April 1999 [16] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction to Version 3 of the Internet-standard Network Management Framework", RFC 2570, SNMP Research, Inc., TIS Labs at Network Associates, Inc., Ericsson, Cisco Systems, April 1999 [DSCP] K. Nichols, S. Blake, F. Baker, D. Black, "Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers." RFC 2474, December 1998. Baker, Chan, SmithExpiration: September 2000 [Page 65] Draft Differentiated Services MIB March 2000 [Architecture] S. Blake, D. Black, M. Carlson, E. Davies, Z. Wang, W. Weiss, "An Architecture for Differentiated Service." RFC 2475, December 1998. [AF] J. Heinanen, F. Baker, W. Weiss, J. Wroclawski, "Assured Forwarding PHB Group." RFC 2597, June 1999. [EF] V. Jacobson, K. Nichols, K. Poduri. "An Expedited Forwarding PHB." RFC 2598, June 1999. [Model] Bernet et al, "A Conceptual Model for Diffserv Routers", March 2000, draft-ietf-diffserv-model-02.txt [IFMIB] K. McCloghrie, F. Kastenholz. "The Interfaces Group MIB using SMIv2", Request for Comments 2233, November 1997. [DSPIB] M. Fine, K. McCloghrie, J. Seligson, K. Chan, S. Hahn, A. Smith "Differentiated Services Policy Information Base", March 2000, draft-ietf-diffserv-pib-00.txt [INETADDRESS] Daniele, M., Haberman, B., Routhier, S., Schoenwaelder, J. "Textual Conventions for Internet Network Addresses.", February 17, 2000, draft-ops-endpoint-mib- 07.txt [ActQMgmt] V. Firoiu, M. Borden "A Study of Active Queue Management for Congestion Control", March 2000, In IEEE Infocom 2000, http://www.ieee-infocom.org/2000/papers/405.pdf 8. Authors' Addresses: Fred Baker 519 Lado Drive Santa Barbara, California 93111 fred@cisco.com Kwok Ho Chan Nortel Networks 600 Technology Park Drive Billerica, MA 01821 khchan@nortelnetworks.com Baker, Chan, SmithExpiration: September 2000 [Page 66] Draft Differentiated Services MIB March 2000 Andrew Smith Extreme Networks 3585 Monroe Street Santa Clara, CA 95051 USA andrew@extremenetworks.com Baker, Chan, SmithExpiration: September 2000 [Page 67]