INTERNET-DRAFT                                             Elwin Stelzer
draft-ietf-ppvpn-vr-mib-02.txt                               Sam Hancock
Expires: August 2002                               Corona Networks, Inc.

                                                       Benson Schliesser
June 2002                                          SAVVIS Communications





        Virtual Router Management Information Base Using SMIv2





1.0 Status of this Memo

This document is an Internet-Draft and  is in full  conformance with all
provisions of Section 10 of RFC2026.

Internet-Drafts are  working documents of the  Internet Engineering Task
Force (IETF), its areas, and its working groups.  Note that other groups
may also distribute working documents as Internet-Drafts.

Internet-Drafts are  draft documents valid for a  maximum of  six months
and may be updated,  replaced,  or obsoleted by  other  documents at any
time.  It is inappropriate to use Internet- Drafts as reference material
or to cite them other than as "work in progress."

The list of current Internet-Drafts can be accessed at:
    http://www.ietf.org/ietf/1id-abstracts.txt

The list of Internet-Draft Shadow Directories can be accessed at:
    http://www.ietf.org/shadow.html.



2.0 Abstract

This memo defines a portion of the Management Information Base (MIB)
for use with network management protocols in TCP/IP based internets.
In particular, it defines objects for managing networks using Virtual
Routers (VR).










Elwin, Sam & Benson                                             [Page 1]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002

3.0 Table of Contents

     1.0  Status of this Memo .................................... 1
     2.0  Abstract ............................................... 1
     3.0  Table of Contents ...................................... 2
     4.0  Terminology   .......................................... 2
     5.0  Introduction ........................................... 3
     6.0  The SNMP Network Management Framework .................. 3
     7.0  Overview of the Virtual Router MIB ..................... 4
     7.1  Community based VR contexts ............................ 5
     7.2  VR Indexing ............................................ 6
     7.3  Creation and Deletion of VRs ........................... 7
     7.4  VrAdminStatus and VrOperStatus ......................... 7
     7.5  Binding interfaces to a VR ............................. 7
     7.6  Setting per VR limits .................................. 8
     7.7  Per VR Statistics ...................................... 8
     7.8  Internal Virtual Interfaces ............................ 8
     7.9  Traps .................................................. 8
     8.0  Sample VR MIB Configuration Scenario ................... 10
     8.1  Creation of a VR ....................................... 10
     8.2  Creation of an IVL and and connecting two VRs .......... 12
     9.0  Definition of the Virual Router MIB..................... 12
    10.0  Summary for Sub-IP Area ................................ 26
    10.1  Where does it fit in the Picture of the Sub-IP Work .... 26
    10.2  Why is it Targeted at this WG .......................... 27
    10.3  Justification .......................................... 27
    11.0  Security Considerations ................................ 27
    12.0  Acknowledgments ........................................ 27
    13.0  References ............................................. 27
    14.0  Authors' Addresses ..................................... 28


4.0 Terminology

This document uses terminology defined in [PPVPN-FW] and [PPVPN-VR].
Additionally, this document uses the following terms:

Internal Virtual Interface (IVI)
   IVIs are internal interfaces that are used to associate two VRs
   together.

Internal Virtual Link (IVL)
   These are virtual links that are created within a PE device primarily
   to connect two VRs together. Each IVL has two corresponding IVIs,
   representing the two endpoints of the link.







Elwin, Sam & Benson                                             [Page 2]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


5.0 Introduction

Provider Provisioned VPNs can be achieved through different models.
This MIB is designed to help providers to provision their VPNs, for the
models that emulate a physical router for a VPN subscriber, by having
separate routing and forwarding tables.

Following are the goals, in defining this MIB:

  - To have a means for Service Providers to provision VPN service for
    subscribers, at the PE device.

  - To make the agent-side implementation simple, by not modifying the
    existing standard MIBs.

  - Define all the gluing tables that are needed towards this.


6.0  The SNMP Network Management Framework

The SNMP Management Framework presently consists of five major
components:

  o  An overall architecture, described in RFC 2571 [1].


  o  Mechanisms for describing and naming objects and events for the
     purpose of management.  The first version of this Structure of
     Management Information (SMI) is called SMIv1 and described in
     STD 16, RFC 1155 [2], STD 16, RFC 1212 [3] and RFC 1215 [4].
     The second version, called SMIv2, is described in STD 58, which
     consists of RFC 2578 [5], RFC 2579 [6] and RFC 2580 [7].

  o  Message protocols for transferring management information.  The
     first version of the SNMP message protocol is called SNMPv1 and
     described in STD 15, RFC 1157 [8].  A second version of the
     SNMP message protocol, which is not an Internet standards track
     protocol, is called SNMPv2c and described in RFC 1901 [9] and
     RFC 1906 [10].  The third version of the message protocol is
     called SNMPv3 and described in RFC 1906 [10], RFC 2572 [11] and
     RFC 2574 [12].










Elwin, Sam & Benson                                             [Page 3]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


  o  Protocol operations for accessing management information.  The
     first set of protocol operations and associated PDU formats is
     described in STD 15, RFC 1157 [8].  A second set of protocol
     operations and associated PDU formats is described in RFC 1905
     [13].

  o  A set of fundamental applications described in RFC 2573 [14]
     and the view-based access control mechanism described in RFC
     2575 [15].

A more detailed introduction to the current SNMP Management Framework
can be found in RFC 2570 [22].

Managed objects are accessed via a virtual information store, termed
the Management Information Base or MIB.  Objects in the MIB are
defined using the mechanisms defined in the SMI.

This memo specifies a MIB module that is compliant to the SMIv2.  A
MIB conforming to the SMIv1 can be produced through the appropriate
translations.  The resulting translated MIB must be semantically
equivalent, except where objects or events are omitted because no
translation is possible (e.g., use of Counter64).  Some machine
readable information in SMIv2 will be converted into textual
descriptions in SMIv1 during the translation process.  However, this
loss of machine readable information is not considered to change the
semantics of the MIB.


7.0 Overview of the Virtual Router MIB

This section gives an overview of some of the underlying concepts in
this MIB.


7.1 SNMP Contexts for Management for Virtual Routers

There is a need for a single agent to manage multiple Virtual Routers.  The Architecture for describing Internet
Management Frameworks [RFC2571] provides a way to support such cases.

Managing multiple virtual routers requires that the management plane be
divided into logical management domains.  A single PE VR device
contains many virtual routers.  Different management entities can manage
the virtual routers and services.

Using SNMP contexts to group a collection of management information
provides the following benefits.




Elwin, Sam & Benson                                             [Page 4]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002



(1)   Uses a standard framework defined by the IETF, allowing the
      product to remain flexible to all implementations of virtual
      routing.

      (a) Use SNMPv2c Community String's

      (b) Use SNMPv3 contextName's

(2)   Prevents vendors from having to add an extra index into the
      standard MIBs, allowing the implementation to remain standards
      compliant.

(3)   Provides a framework that will work for RIP, OSPF, IS-IS, BGP,
      IP-FORWARDING, MPLS, and other MIB which can be administratively
      grouped with a VR.


The SNMP context for the Virtual Routing Instance can be specified in
the VrConfigTable.  The VrContextName columnar object is used to set the
SNMPv2c Community String or the SNMPv3 contextName.


A management system using the SNMP context of a particular virtual
router can manage the virtual router without disrupting other virtual
routers in the same entity.


For example, the ospfAreaTable of vr01 is different from the
ospfAreaTable of vr09.  Thus it emulates two different physical
routers supporting the OSPF-MIB.




















Elwin, Sam & Benson                                             [Page 5]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


   +-----------------------------------------------------------------+
   |  +------------------------------------------------------------+ |
   |  |  SNMP entity (including Engine, Applications)              | |
   |  |                                                            | |
   |  |  example contextNames:                                     | |
   |  |                                                            | |
   |  |  "vr01"             "vr09"                 "admin"         | |
   |  |  ---------          ---------            ------------      | |
   |  |      |                  |                   |              | |
   |  +------|------------------|-------------------|--------------+ |
   |         |                  |                   |                |
   |  +------|------------------|-------------------|--------------+ |
   |  |  MIB | instrumentation  |                   |              | |
   |  |  +---v------------+ +---v------------+ +----v-----------+  | |
   |  |  | context=vr01   | | context=vr09   | | context=admin  |  | |
   |  |  |                | |                | |                |  | |
   |  |  | +------------+ | | +------------+ | | +------------+ |  | |
   |  |  | |  OSPF MIB  | | | |  OSPF MIB  | | | |  VR  MIB   | |  | |
   |  |  | +------------+ | | +------------+ | | +------------+ |  | |
   |  |  |                | |                | |                |  | |
   |  |  | +------------+ | | +------------+ | | +------------+ |  | |
   |  |  | |  BGP MIB   | | | |  BGP MIB   | | | |   ATM MIB  | |  | |
   |  |  | +------------+ | | +------------+ | | +------------+ |  | |
   |  |  |                | |                | |                |  | |
   |  |  | +------------+ | | +------------+ | | +------------+ |  | |
   |  |  | |  IP MIB    | | | |  IP MIB    | | | | ENTITY MIB | |  | |
   |  |  | +------------+ | | +------------+ | | +------------+ |  | |
   |  |  |                | |                | |                |  | |
   |  |  | +------------+ | | +------------+ | | +------------+ |  | |
   |  |  | | other MIB  | | | | other MIB  | | | |  IF  MIB   | |  | |
   |  |  | +------------+ | | +------------+ | | +------------+ |  | |
   |  |  |       ...      | |      ...       | |      ...       |  | |
   +-----------------------------------------------------------------+



7.2 VR Indexing

While the standard protocol MIB tables are instantiated with the
context specified using SNMP contexts, there may be tables that are
defined with the VRID as index.

The VRID is of local significance to a particular PE switch, and need
not be globally unique. Thus a VRID of 100 may mean a particular VR
in one PE device and can mean a different VR in another PE device,
and both of these devices can be managed by the same SNMP manager.

The VRID is a 4-octet value, and this value is assigned by the



Elwin, Sam & Benson                                             [Page 6]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


management station. To aid the management station to assign a VRID
without conflict, the management station can get the
'NextAvailableVRID' from the PE Switch.

7.3 Creation and Deletion of VRs

The VR Config Table is used for this purpose. This is a read-create
table and adding an entry into this table will create a VR. Removing
an entry from this table marks the deletion of a VR.

VR0 is a VR that exists by default, and need not be created. Deletion
of VR0 will not be permitted.

7.4 Administrative and Operational Status of VRs

VRs can be administratively turned down. When this is done, no
packet forwarding via the VR takes place.

VrOperStatus denotes the operational status of a VR. Currently the
VrOperStatus is expected to change along the VrAdminStatus unless an
error condition exists.

7.5 Binding interfaces to a VR

Interfaces are bound to a VR, using the VR If Config Table. This is
a read-write table, and note that interfaces are not created through
this table. For each interface present in the system, this table is
used to provide the maping from IfIndex to a unique VR. An interface
can not be attached to more than one VRs.

By default, all interfaces are attached to VR0.


7.6 Setting per VR limits

VRs consume resources, and hence the following parameters defined in
the VR Config Table, are used to specify an upperbound of resource
utilization.

VrMaxRoutes
   Specify the maximum number of routes that will be permitted in this
   VR. This includes the statically configured routes, and the routes
   learnt via dynamic routing protocols.


7.7 Per VR Statistics

In addition to the regular VR instantiated MIB tables, there are some
per-VR statistics available through the VR Statistics Table. Example:


Elwin, Sam & Benson                                             [Page 7]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


VrStatFibEntries
VrStatRouteEntries

7.8 Internal Virtual Interfaces

These interfaces can be used to connect one VR to another. For this
purpose IVLs are created explicitly, through the IVL Config Table.
First an IVL needs to be defined in this table, that will generate the
two ends of the IVL as two IVIs which are IfIndex values. These two
interfaces are then attached to the two backbone VRs that are to be
connected together, using the VR If Config Table.

7.9 Traps

This memo defines that VrUp and VrDown traps are generated just after
VrOperStatus leaves, or just before it enters, the down state,
respectively.

   (1)   A transition into the down state will occur when an error is
         detected on a VR instance.

   (2)   Departing the down state generally indicates that the
         VR is going to up, which is considered a "healthy" state.

An exception to the above generation of VrUp/VrDown traps on changes
in VrOperStatus, occurs when an VR is "flapping", i.e., when it is
rapidly oscillating between the up and down states.  If traps were
generated for each such oscillation, the network and the network
management system would be flooded with unnecessary traps.  In such a
situation, the agent should limit the rate at which it generates traps.

This memo defines that enabling and disabling the VR traps is achieved
by setting the VrTrapEnable to true(1) or false(2), respectively.  By
default, this object should have the value true(1).

8.0 Sample VR MIB Configuration Scenario

8.1 Creation of a VR

Creating VR instances can be achieved using the following example.

(1) Get the next available Virtual Router Id using the
    NextAvailableVrId, to create a VR:

    Using a context with 'read' access for system level entities.
    GetRequest { NextAvailableVrId.0 }
    Response   { NextAvailableVrId.0  =  5555 }




Elwin, Sam & Benson                                             [Page 8]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


(2) In VrConfigTable, create VR Instance using VrRowStatus:

    Using a context with 'read-write' access for system level entities
    SetRequest {
        VrRowStatus.5555                   createAndGo(4),
        VrName.5555                        "BigTelcoVR",
        VrContextName.5555                 "vr5555",
        VrTrapEnable.5555                  true(1),
        VrAdminStatus.5555                 up(1)
    }


8.2 Creation of an IVL and and connecting two VRs
<TBD>

9.0 Definition of the Virtual Router MIB


-- *****************************************************************
--
-- *****************************************************************

VIRTUAL-ROUTER-MIB DEFINITIONS ::= BEGIN

    IMPORTS
        InterfaceIndex
            FROM IF-MIB
        OBJECT-GROUP, MODULE-COMPLIANCE, NOTIFICATION-GROUP
            FROM SNMPv2-CONF
        experimental, IpAddress, Unsigned32, OBJECT-TYPE,
        MODULE-IDENTITY, Gauge32, TimeTicks, NOTIFICATION-TYPE
            FROM SNMPv2-SMI
        TruthValue, DisplayString, RowStatus, TEXTUAL-CONVENTION
            FROM SNMPv2-TC;


    virtualRouterMIB MODULE-IDENTITY
        LAST-UPDATED "200206231200Z"
        ORGANIZATION
            "IETF PPVPN WG"
        CONTACT-INFO
            "Corona Networks Inc.
            630 Alder Drive
            Milpitas, CA 95035
            USA

            Tel: +1 408 519 3800
            Fax: +1 408 519 3830
            Email:  sam@coronanetworks.com


Elwin, Sam & Benson                                             [Page 9]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


                    elwinietf@yahoo.com
                    bensons@savvis.net"
        DESCRIPTION
            "The MIB is the definition of the managed
            objects for the Virtual Router."
        REVISION "200206231200Z"
        DESCRIPTION
            "VR-MIB Draft of the IETF PPVPN WG"
        ::= { experimental XXXX } -- To be assigned

--
-- Textual conventions
--

    VrIndex ::= TEXTUAL-CONVENTION
        STATUS current
        DESCRIPTION
            "Virtual Router Identifier.
             NULL VRID is '0' and cannot be used to create VR's.
            "
        SYNTAX Unsigned32

    VpnIdentifier ::= TEXTUAL-CONVENTION
        STATUS current
        DESCRIPTION
            "RFC2685:  The global VPN Identifier format is:
            3 octet VPN authority Organizationally Unique Identifier
            followed by
            4 octet VPN index identifying VPN according to OUI"
        SYNTAX OCTET STRING(SIZE (0..7))

--
-- Node definitions
--

    vrMIBObjects OBJECT IDENTIFIER ::= { virtualRouterMIB 1 }

    vrConfig OBJECT IDENTIFIER ::= { vrMIBObjects 1 }

    vrConfigScalars OBJECT IDENTIFIER ::= { vrConfig 1 }

    vrConfigNextAvailableVrId OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The next available Virtual Router Id (index).
            This object provides a hint for the vrID value
            to use when administratively creating a new
            vrConfigEntry.

Elwin, Sam & Benson                                            [Page 10]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002



            A GET of this object returns the next available vrId
            value to be used to create an entry in the associated
            vrConfigTable; or zero, if no valid vrId
            value is available. A value of zero(0) indicates that
            it is not possible to create a new vrConfigEntry
            This object also returns a value of zero when it is the
            lexicographic successor of a varbind presented in an
            SNMP GETNEXT or GETBULK request, for which circumstance
            it is assumed that ifIndex allocation is unintended.

            Successive GETs will typically return different
            values, thus avoiding collisions among cooperating
            management clients seeking to create table entries
            simultaneously.

            Unless specified otherwise by its MAX-ACCESS and DESCRIPTION
            clauses, an object of this type is read-only, and a SET of
            such an object returns a notWritable error."
        ::= { vrConfigScalars 1 }

    vrConfigTable OBJECT-TYPE
        SYNTAX SEQUENCE OF VrConfigEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "This table is for creating the new Virtual Routers."
        ::= { vrConfig 2 }

    vrConfigEntry OBJECT-TYPE
        SYNTAX VrConfigEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "The entries in this table can be added/deleted
            using the vrRowStatus."
        INDEX { vrId }
        ::= { vrConfigTable 1 }

    VrConfigEntry ::=
        SEQUENCE {
            vrId
                VrIndex,
            vrRowStatus
                RowStatus,
            vrName
                DisplayString,
            vrContextName
                DisplayString,
            vrTrapEnable

Elwin, Sam & Benson                                            [Page 11]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


                TruthValue,
            vrMaxRoutes
                Unsigned32,
            vrType
                Unsigned32,
            vrAdminStatus
                INTEGER,
            vrVpnId
                VpnIdentifier,
            vrRpTrigger
                Unsigned32,
            vrTunnelIpAddress
                IpAddress
         }

    vrId OBJECT-TYPE
        SYNTAX VrIndex
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
            "The unique id of this virtual router instance. A Virtual
             Router cannot not be created with vrId = 0.
            "
    ::= { vrConfigEntry 1 }

    vrRowStatus OBJECT-TYPE
        SYNTAX RowStatus
        MAX-ACCESS read-create
        STATUS current
        DESCRIPTION
            "The status column has three defined values:

            - `active', which indicates that the conceptual row is
            available for use by the managed device;

            - `createAndGo', which is supplied by a management
            station wishing to create a new instance of a
            conceptual row and to have its status automatically set
            to active, making it available for use by the managed
            device;

            - `destroy', which is supplied by a management station
            wishing to delete all of the instances associated with
            an existing conceptual row."
    ::= { vrConfigEntry 2 }

    vrName OBJECT-TYPE
        SYNTAX DisplayString
        MAX-ACCESS read-create
        STATUS current

Elwin, Sam & Benson                                            [Page 12]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


        DESCRIPTION
            "The Name of the Virtual Router. Default Name for
             VRID is 'VR<vrid-string>'.

             e.g.
             vrId   = 200012
             vrName = 'VR200012'
             "
        ::= { vrConfigEntry 3 }

    vrContextName OBJECT-TYPE
        SYNTAX DisplayString
        MAX-ACCESS read-create
        STATUS current
        DESCRIPTION
            "The SNMPv2 Community String or SNMPv3 contextName
            denotes the VR 'context' and is used to logically
            separate the MIB management.
            RFC2571 and RFC2737 describe this approach."
        ::= { vrConfigEntry 4 }

    vrTrapEnable OBJECT-TYPE
        SYNTAX TruthValue
        MAX-ACCESS read-create
        STATUS current
        DESCRIPTION
            "This objects is used to enable the generation
            of the VrUp and VrDown traps.
                true(1)     - VR Traps Enabled
                false(2)    - VR Traps Disabled"
        DEFVAL { true }
        ::= { vrConfigEntry 5 }

    vrMaxRoutes OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-create
        STATUS current
        DESCRIPTION
            "This object specifies the maximum number of routes that
            this VR can support. The default value is 4 Gig (meaning
            unlimited)."
        DEFVAL { 4294967295 }
        ::= { vrConfigEntry 6 }


    vrType OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-create
        STATUS current
        DESCRIPTION

Elwin, Sam & Benson                                            [Page 13]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


            "This objects is used to denote the type of the VR."
        ::= { vrConfigEntry 7 }

    vrAdminStatus OBJECT-TYPE
        SYNTAX  INTEGER {
                 up(1),
                 down(2),
                 unknown(3)
                }
        MAX-ACCESS read-create
        STATUS current
        DESCRIPTION
            "The administrative state of the Virtual Router."
        DEFVAL { down }
        ::= { vrConfigEntry 8 }

    vrVpnId OBJECT-TYPE
        SYNTAX  VpnIdentifier
        MAX-ACCESS read-create
        STATUS current
        DESCRIPTION
            "The Virtual Private Network Identifier of the Virtual
             Router."
        ::= { vrConfigEntry 9 }



    vrRpTrigger OBJECT-TYPE
        SYNTAX  Unsigned32
        MAX-ACCESS read-create
        STATUS current
        DESCRIPTION
            "The Routing Protocol Triggers on the Virtual Router.
            This can be used to initiate or shutdown routing protocols
            on a VR.
            The 32 bits are divided into:
                16 bits of RP bitmap,
                15 bits reserved (0), and 1 bit of action-code.

            The RP bitmap specify the RP that is to be initiated or
            shutdown. Multiple RPs can be acted on simultaneously.
            Also, individual RPs can be brought up in steps, which
            should not affect the RPs that were running.
            Action-code specify what needs to be done for the RPs
            in the RP bitmap.
                The actions are: initiate or shutdown.

            The running status of the RP shall be available in the
            VR stats table's vrRpStatus, which has a similar
            format, but represent the status."

Elwin, Sam & Benson                                            [Page 14]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


        ::= { vrConfigEntry 10 }


    vrTunnelIpAddress OBJECT-TYPE
        SYNTAX IpAddress
        MAX-ACCESS read-create
        STATUS current
        DESCRIPTION
            "This address will be used as the local IP address in the
             tunnels that are made to the remote peer from this VR."
        ::= { vrConfigEntry 11 }


    vrStat OBJECT IDENTIFIER ::= { vrMIBObjects 2 }

    vrStatScalars OBJECT IDENTIFIER ::= { vrStat 1 }

    vrConfiguredVRs OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of VRs configured on this network element."
        ::= { vrStatScalars 1 }

    vrActiveVRs OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of VRs that are active on the network element.
            These are VRs for which the
            vrStatOperationalStatus  = up(1)"
        ::= { vrStatScalars 2 }

    vrStatTable OBJECT-TYPE
        SYNTAX SEQUENCE OF VrStatEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "This table contains statistics for the Virtual Router."
        ::= { vrStat 2 }

    vrStatEntry OBJECT-TYPE
        SYNTAX VrStatEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "Entries in this table a per vrId."
        INDEX { vrId }

Elwin, Sam & Benson                                            [Page 15]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


        ::= { vrStatTable 1 }

    VrStatEntry ::=
        SEQUENCE {
            vrStatRouteEntries
                Unsigned32,
            vrStatFIBEntries
                Unsigned32,
            vrStatUpTime
                TimeTicks,
            vrOperStatus
                INTEGER,
            vrRpStatus
                Unsigned32,
            vrRouterId
                Unsigned32
         }

    vrStatRouteEntries OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Total number of routes for this VR."
        ::= { vrStatEntry 1 }

    vrStatFIBEntries OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Total number of FIB Entries for this VR."
        ::= { vrStatEntry 2 }

    vrStatUpTime OBJECT-TYPE
        SYNTAX TimeTicks
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The time in (in hundredths of a second) since
            this VR entry has been operational."
        ::= { vrStatEntry 3 }


    vrOperStatus OBJECT-TYPE
        SYNTAX  INTEGER {
                 up(1),
                 down(2),
                 unknown(3)
                }

Elwin, Sam & Benson                                            [Page 16]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The operational state of the Virtual Router."
        ::= { vrStatEntry 4 }

    vrRpStatus OBJECT-TYPE
        SYNTAX  Unsigned32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "List of Routing Protocols on this VR."
        ::= { vrStatEntry 5 }

    vrRouterId OBJECT-TYPE
        SYNTAX  Unsigned32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Router id of this VR. It is derived from one of the
            interfaces. If loopback interface is present, the loopback
            interface address can be used. However, loopback interface
            is optional."
        ::= { vrStatEntry 6 }



    vrIfConfig OBJECT IDENTIFIER ::= { vrMIBObjects 3 }


    vrIfConfigScalars OBJECT IDENTIFIER ::= { vrIfConfig 1 }


    vrIfConfigTable OBJECT-TYPE
        SYNTAX SEQUENCE OF VrIfConfigEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "This table is for configuring VR Interfaces."
        ::= { vrIfConfig 2 }

    vrIfConfigEntry OBJECT-TYPE
        SYNTAX VrIfConfigEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "Entries in this table correspond to the entries in
            the ifTable that apply to the Virtual Router."
        INDEX { vrIfId }
        ::= { vrIfConfigTable 1 }

Elwin, Sam & Benson                                            [Page 17]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


    VrIfConfigEntry ::=
        SEQUENCE {
            vrIfId
               InterfaceIndex,
            vrIfVrId
               VrIndex
         }

    vrIfId OBJECT-TYPE
        SYNTAX InterfaceIndex
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Virtual Router Interface Index."
        ::= { vrIfConfigEntry 1 }

    vrIfVrId OBJECT-TYPE
        SYNTAX VrIndex
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Denotes the VrIndex that this Interface is associated."
        ::= { vrIfConfigEntry 2 }



    vrIVLConfigTable OBJECT-TYPE
        SYNTAX SEQUENCE OF VrIVLConfigEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "This table is for creating Internal Virtual Links."
        ::= { vrIfConfig 3 }

    vrIVLConfigEntry OBJECT-TYPE
        SYNTAX VrIVLConfigEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "Creating/Deleting IVL in this table adds/removes
            entries in the ifTable."
        INDEX { vrIVLName }
        ::= { vrIVLConfigTable 1 }

    VrIVLConfigEntry ::=
        SEQUENCE {
            vrIVLName
                DisplayString,
            vrIVLInterfaceA


Elwin, Sam & Benson                                            [Page 18]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


                InterfaceIndex,
            vrIVLInterfaceB
                InterfaceIndex,
            vrIVLRowStatus
                RowStatus
            }

    vrIVLName OBJECT-TYPE
        SYNTAX DisplayString
        MAX-ACCESS read-create
        STATUS current
        DESCRIPTION
            "The name representing the IVL."
        ::= { vrIVLConfigEntry 1 }

    vrIVLInterfaceA OBJECT-TYPE
        SYNTAX InterfaceIndex
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Interface associated with the one endpoint
            of the IVL."
        ::= { vrIVLConfigEntry 2 }

    vrIVLInterfaceB OBJECT-TYPE
        SYNTAX InterfaceIndex
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Interface associated with the second endpoint
            of the IVL."
        ::= { vrIVLConfigEntry 3 }

    vrIVLRowStatus OBJECT-TYPE
        SYNTAX RowStatus
        MAX-ACCESS read-create
        STATUS current
        DESCRIPTION
            "See SNMPv2-TC MIB"
        ::= { vrIVLConfigEntry 4 }

    vrNotificationsPrefix OBJECT IDENTIFIER ::= { virtualRouterMIB 2 }

    vrNotifications OBJECT IDENTIFIER ::= { vrNotificationsPrefix 0 }

    vrUp NOTIFICATION-TYPE
        OBJECTS { vrId }
        STATUS current
        DESCRIPTION
            "This notification is generated when the specified

Elwin, Sam & Benson                                            [Page 19]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


            VR is about to initialized or change the status from
            down to up."
        ::= { vrNotifications 1 }

    vrDown NOTIFICATION-TYPE
        OBJECTS { vrId }
        STATUS current
        DESCRIPTION
            "This notification is generated when the specified
            VR is about to go down."
        ::= { vrNotifications 2 }

    vrMaxRoutesExceeded NOTIFICATION-TYPE
        OBJECTS { vrId, vrMaxRoutes, vrStatRouteEntries }
        STATUS current
        DESCRIPTION
            "This notification is generated when the specified VR has
            exceeded the maximum number of routes specified"
        ::= { vrNotifications 3 }


    vrConformance OBJECT IDENTIFIER ::= { virtualRouterMIB 3 }

    vrCompliances OBJECT IDENTIFIER ::= { vrConformance 1 }

    vrMIBCompliance MODULE-COMPLIANCE
        STATUS current
        DESCRIPTION
            "The compliance statement for entities that implement the
            VIRTUAL-ROUTER-MIB.  Implementation of this MIB
            is strongly recommended for any platform targeted for a
            carrier-class environment."
        MODULE -- this module
            MANDATORY-GROUPS { vrConfigGroup, vrIfGroup}
        ::= { vrCompliances 1 }

    vrGroups OBJECT IDENTIFIER ::= { vrConformance 2 }

    vrConfigGroup OBJECT-GROUP
        OBJECTS { vrId, vrRowStatus, vrName,
                  vrContextName,
                  vrTrapEnable, vrMaxRoutes,
                  vrType, vrAdminStatus,
                  vrVpnId, vrRpTrigger,
                  vrTunnelIpAddress,
                  vrNextAvailableVrId }
            STATUS current
            DESCRIPTION
                "A collection of attributes that support provisioning
                of a virtual router."

Elwin, Sam & Benson                                            [Page 20]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


            ::= { vrGroups 1 }

    vrStatGroup OBJECT-GROUP
        OBJECTS { vrConfiguredVRs, vrActiveVRs,
                  vrStatRouteEntries, vrStatFIBEntries,
                  vrStatUpTime, vrOperStatus,
                  vrRpStatus,
                  vrRouterId  }
        STATUS current
        DESCRIPTION
            "A collection of attributes that contain stats about the
            virtual router."
        ::= { vrGroups 2 }

    vrIfGroup OBJECT-GROUP
        OBJECTS { vrIfId, vrIfVrId  }
        STATUS current
        DESCRIPTION
            "A collection of attributes that support provisioning of a
            virtual router interfaces."
        ::= { vrGroups 3 }

    vrIVLGroup OBJECT-GROUP
        OBJECTS {vrIVLName, vrIVLInterfaceA,
                 vrIVLInterfaceB, vrIVLRowStatus }
        STATUS current
        DESCRIPTION
            "A collection of attributes that support provisioning of a
            virtual router IVL's."
        ::= { vrGroups 4 }

    vrNotificationGroup NOTIFICATION-GROUP
        NOTIFICATIONS { vrUp, vrDown,
                  vrMaxRoutesExceeded }
        STATUS current
        DESCRIPTION
            "A collection of traps that are supported by the VR."
        ::= { vrGroups 5 }


END

--
-- VIRTUAL-ROUTER-MIB.mib
--

10.0 Summary for Sub-IP Area

   This document defines a MIB that provides a way to provision VPNs at
   the PE devices having virtual routers.

Elwin, Sam & Benson                                            [Page 21]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002


10.1 Where does it fit in the Picture of the Sub-IP Work

   This work fits in the PPVPN Working Group.

10.2 Why is it Targeted at this WG

   The WG is chartered with developing Provider Provisioned VPN
   solutions. This draft contributes to this.

10.3 Justification

   The WG should consider this document since it provides a means to
   configure and manage Virtual Router based PPVPNs.


11.0 Security Considerations

TBD


12.0 Acknowledgments



13.0 References

[1]  Harrington, D., Presuhn, R. and B. Wijnen, "An Architecture for
     Describing SNMP Management Frameworks", RFC 2571, April 1999.

[2]  Rose, M. and K. McCloghrie, "Structure and Identification of
     Management Information for TCP/IP-based Internets", STD 16, RFC
     1155, May 1990.

[3]  Rose, M. and K. McCloghrie, "Concise MIB Definitions", STD 16,
     RFC 1212, March 1991.

[4]  Rose, M., "A Convention for Defining Traps for use with the
     SNMP", RFC 1215, March 1991.

[5]  McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,
     M.  and S. Waldbusser, "Structure of Management Information
     Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.

[6]  McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,
     M. and S. Waldbusser, "Textual Conventions for SMIv2", STD 58,
     RFC 2579, April 1999.

[7]  McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,



Elwin, Sam & Benson                                            [Page 22]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002



     M.  and S. Waldbusser, "Conformance Statements for SMIv2", STD
     58, RFC 2580, April 1999.

[8]  Case, J., Fedor, M., Schoffstall, M. and J. Davin, "Simple
     Network Management Protocol", STD 15, RFC 1157, May 1990.

[9]  Case, J., McCloghrie, K., Rose, M. and S. Waldbusser,
     "Introduction to Community-based SNMPv2", RFC 1901, January
     1996.

[10] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Transport
     Mappings for Version 2 of the Simple Network Management Protocol
     (SNMPv2)", RFC 1906, January 1996

[15] Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based Access
     Control Model (VACM) for the Simple Network Management Protocol
     (SNMP)", RFC 2575, January 1998.

[16] Bradner, S., "Key words for use in RFCs to Indicate Requirements
     Levels", BCP 14, RFC 2119, March 1997.

[17] Ouldbrahim's VR draft, "Network Based IP VPN Architecture Using
     Virtual Routers", draft-ouldbrahim-vpn-vr-01.txt

[18] RFC 2685, "Virtual Private Networks Identifier"

[19] RFC 2764, "A Framework for IP Based Vitual Private Networks"

[20] RFC 2547bis, "BGP/MPLS VPNs", draft-rosen-rfc2547bis-03.txt

[21] "BGP/IPsec VPN", draft-declercq-bgp-ipsec-vpn-00.txt

[22] RFC 2667, "IP Tunnel MIB"



14.0 Authors' Addresses

Elwin Stelzer Eliazer
Corona Networks, Inc.
630 Alder Drive
Milpitas, CA 95035
Phone: 408-519-3832
Email: elwinietf@yahoo.com






Elwin, Sam & Benson                                            [Page 23]


draft-ietf-ppvpn-vr-mib-02                VR MIB               June 2002



Samuel Hancock
Corona Networks, Inc.
630 Alder Drive
Milpitas, CA 95035
Phone: 408-519-3800 Ext 421
Email: sam@coronanetworks.com


Benson Schliesser
SAVVIS Communications
717 Office Parkway
St. Louis, MO 63141
Phone: 314-468-7036
Email: bensons@savvis.net





































Elwin, Sam & Benson                                            [Page 24]