Network Working Group R. Pang Internet Draft China Unicom Intended status: Informational C. Lin Expires: August 30, 2024 M. Chen New H3C Technologies March 3, 2024 SNMP Trap for SRv6 Policy draft-pang-srv6ops-srv6-policy-trap-00 Abstract This document defines the Simple Network Management Protocol (SNMP) trap module for SRv6 Policy. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html This Internet-Draft will expire on August 28, 2024. Copyright Notice Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents Lin, et al. Expire August 30, 2024 [Page 1] Internet-Draft SNMP Trap for SRv6 Policy March 2024 carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction...................................................2 1.1. Requirements Language.....................................2 2. Structure......................................................3 3. Definitions....................................................4 4. Security Considerations.......................................12 5. IANA Considerations...........................................12 6. References....................................................12 6.1. Normative References.....................................12 6.2. Informational References.................................12 Authors' Addresses...............................................13 1. Introduction Segment routing (SR) [RFC8402] is a source routing paradigm that explicitly indicates the forwarding path for packets at the ingress node. The ingress node steers packets into a specific path according to the Segment Routing Policy (SR Policy) as defined in [RFC9256]. The Simple Network Management Protocol (SNMP) used to be a widely deployed management protocol. The management information of SNMP is called MIB (Management Information Base) [RFC3418]. The event notifications of SNMP are called traps [RFC3416], and they can be mapped to SYSLOG messages [RFC5675]. Since the advent of NETCONF and YANG, SNMP MIB has been replaced in many networks. But the usage of SNMP traps is retained by some operators. Today, even in some SR-enabled IPv6 networks, SNMP traps are still used to collect event notifications from network devices. This document defines the SNMP trap module for SR policy on IPv6 data plane (SRv6 policy). 1.1. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. Lin, et al. Expires August 30, 2024 [Page 2] Internet-Draft SNMP Trap for SRv6 Policy March 2024 2. Structure The module includes the following notifications: o Srv6PolicyStatusChange: Signifies that there has been a change in the state of a policy. This trap should be generated when the policy state regresses (e.g., goes from active to down) or progresses to a terminal state (i.e., down). o Srv6PolicyBsidConflict & Srv6PolicyBsidConflictClear: Signifies that there have been BSID conflicts. o Srv6PolicyDown & Srv6PolicyDownClear: Signifies that there has been a change in the up/down state of a policy. o Srv6PolicyResExdUppLimit & Srv6PolicyResExceedClear: Signifies that the number of used SRv6 policy resources exceeded the upper threshold. o Srv6PathDown & Srv6PathDownClear: Signifies that there has been a change in the up/down state of a candidate path. o Srv6PolicySeglistDown & Srv6SeglistDownClear: Signifies that there has been a change in the up/down state of a segment list. Lin, et al. Expires August 30, 2024 [Page 3] Internet-Draft SNMP Trap for SRv6 Policy March 2024 3. Definitions SRV6POLICY-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, Integer32, Unsigned32,OBJECT-TYPE, NOTIFICATION-TYPE FROM SNMPv2-SMI InetAddressIPv6 FROM INET-ADDRESS-MIB Srv6Policy MODULE-IDENTITY LAST-UPDATED "202403010000Z" ORGANIZATION "IETF SRV6OPS Working Group" CONTACT-INFO "E-mail: srv6ops@ietf.org" DESCRIPTION "The MIB module for SRv6 policy." REVISION "202403010000Z" DESCRIPTION "The initial version of this MIB file." ::= { mib-2 XXX } -- Top-level structure of MIB Srv6PolicyNotifications OBJECT IDENTIFIER ::= { Srv6Policy 0 } Srv6PolicyStatusChange NOTIFICATION-TYPE OBJECTS { Srv6PolicyColor, Srv6PolicyEndPoint, Srv6PolicyStatus, Srv6PolicyDownReason } STATUS current DESCRIPTION "An Srv6PolicyStatusChange trap signifies that there has been a change in the state of a policy. This trap should be generated when the policy state regresses (e.g., goes from active to Down) or progresses to a terminal state (i.e., down)." ::= { Srv6PolicyNotifications 1 } Srv6PolicyColor OBJECT-TYPE SYNTAX Unsigned32 (0..4294967295) MAX-ACCESS accessible-for-notify STATUS current Lin, et al. Expires August 30, 2024 [Page 4] Internet-Draft SNMP Trap for SRv6 Policy March 2024 DESCRIPTION "The color associates the SRv6 policy with certain intent." ::= { Srv6PolicyStatusChange 1 } Srv6PolicyEndPoint OBJECT-TYPE SYNTAX InetAddressIPv6 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The endpoint is the destination of the SRv6 policy." ::= { Srv6PolicyStatusChange 2 } Srv6PolicyStatus OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..31)) MAX-ACCESS read-only STATUS current DESCRIPTION "Status of the SRv6 policy." ::= { Srv6PolicyStatusChange 3 } Srv6PolicyDownReason OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..51)) MAX-ACCESS read-only STATUS current DESCRIPTION "Base identity for the reasons why SRv6 policy is operationally down." ::= { Srv6PolicyStatusChange 4 } Srv6PolicyBsidConflict NOTIFICATION-TYPE OBJECTS { Srv6PolicyColor, Srv6PolicyEndPoint, Srv6PolicyBsid, Srv6PolicyBsidFailReason, Srv6PolicyBsidConflictState } STATUS current DESCRIPTION "BSID conflicts." ::= { Srv6PolicyNotifications 2 } Srv6PolicyBsid OBJECT-TYPE SYNTAX InetAddressIPv6 MAX-ACCESS read-only STATUS current DESCRIPTION "Binding segment ID value of the SRv6 policy." ::= { Srv6PolicyBsidConflict 3 } Lin, et al. Expires August 30, 2024 [Page 5] Internet-Draft SNMP Trap for SRv6 Policy March 2024 Srv6PolicyBsidFailReason OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "Reason why the binding SID is unavailable." ::= { Srv6PolicyBsidConflict 4 } Srv6PolicyBsidConflictState OBJECT-TYPE SYNTAX INTEGER { inConflict(1), conflictResolved(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "The conflict state of the binding SID." ::= { Srv6PolicyBsidConflict 5 } Srv6PolicyBsidConflictClear NOTIFICATION-TYPE OBJECTS { Srv6PolicyColor, Srv6PolicyEndPoint, Srv6PolicyBsid, Srv6PolicyBsidFailReason, Srv6PolicyBsidConflictState } STATUS current DESCRIPTION "BSID conflicts resolved" ::= { Srv6PolicyNotifications 3 } Srv6PolicyDown NOTIFICATION-TYPE OBJECTS { Srv6PolicyColor, Srv6PolicyEndPoint, Srv6PolicyDownReason } STATUS current DESCRIPTION "Policy down" ::= { Srv6PolicyNotifications 4 } Srv6PolicyDownReason OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..51)) MAX-ACCESS read-only STATUS current DESCRIPTION Lin, et al. Expires August 30, 2024 [Page 6] Internet-Draft SNMP Trap for SRv6 Policy March 2024 "Base identity for the reasons why SRv6 policy is operationally down." ::= { Srv6PolicyDown 3 } Srv6PolicyDownClear NOTIFICATION-TYPE OBJECTS { Srv6PolicyColor, Srv6PolicyEndPoint } STATUS current DESCRIPTION "Policy down cleared" ::= { Srv6PolicyNotifications 5 } Srv6PolicyResExdUppLimit NOTIFICATION-TYPE OBJECTS { Srv6PolicyResourceType, Srv6PolicyResCurrentCnt, Srv6PolicyResUpperLimit, Srv6PolicyResLowerLimit, Srv6PolicyResourceTotalCnt } STATUS current DESCRIPTION "The number of used SRv6 policy resources exceeded the upper threshold." ::= { Srv6PolicyNotifications 6 } Srv6PolicyResourceType OBJECT-TYPE SYNTAX INTEGER { unknown(1), srv6Policy(2), srv6PolicySegmentList(3), srv6PolicyGroup(4), srv6PolicyFwdPath(5) } MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "SRv6 policy resource type." ::= { Srv6PolicyResExdUppLimit 1 } Srv6PolicyResCurrentCnt OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of used SRv6 policy resources." ::= { Srv6PolicyResExdUppLimit 2 } Srv6PolicyResUpperLimit OBJECT-TYPE Lin, et al. Expires August 30, 2024 [Page 7] Internet-Draft SNMP Trap for SRv6 Policy March 2024 SYNTAX Unsigned32 (1..100) MAX-ACCESS read-only STATUS current DESCRIPTION "The upper threshold of SRv6 policy resources." ::= { Srv6PolicyResExdUppLimit 3 } Srv6PolicyResLowerLimit OBJECT-TYPE SYNTAX Unsigned32 (1..100) MAX-ACCESS read-only STATUS current DESCRIPTION "The lower threshold of SRv6 policy resources." ::= { Srv6PolicyResExdUppLimit 4 } Srv6PolicyResourceTotalCnt OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The maximum number of SRv6 policy resources that can be used." ::= { Srv6PolicyResExdUppLimit 5 } Srv6PolicyResExceedClear NOTIFICATION-TYPE OBJECTS { Srv6PolicyResourceType, Srv6PolicyResCurrentCnt, Srv6PolicyResUpperLimit, Srv6PolicyResLowerLimit, Srv6PolicyResourceTotalCnt } STATUS current DESCRIPTION "The number of used SRv6 policy resources fell below the lower threshold." ::= { Srv6PolicyNotifications 7 } Srv6PathDown NOTIFICATION-TYPE OBJECTS { Srv6PolicyColor, Srv6PolicyEndPoint, Srv6PolicyPathProto, Srv6PolicyPathInst, Srv6PolicyPathOri, Srv6PolicyPathDis, Srv6PolicyPathPref, Srv6PolicyPathPreviousRole, Srv6PolicyPathDownReason Lin, et al. Expires August 30, 2024 [Page 8] Internet-Draft SNMP Trap for SRv6 Policy March 2024 } STATUS current DESCRIPTION "An Srv6PathDown trap signifies that there has been a change in the state of a policy primary or backup path." ::= { Srv6PolicyNotifications 8 } Srv6PolicyPathProto OBJECT-TYPE SYNTAX INTEGER{ pcep(10), bgp(20), cli(30) } MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Protocol-Origin of a candidate path identifies the protocol that originates or signals the candidate path." ::= { Srv6PathDown 3 } Srv6PolicyPathInst OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The instance is a value of BGP instance number, when the candidate path is originated by BGP." ::= { Srv6PathDown 4 } Srv6PolicyPathOri OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..63)) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Originator is the identifier of the node that instantiated or signalled the candidate path on the headend." ::= { Srv6PathDown 5 } Srv6PolicyPathDis OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The discriminator uniquely identifies a candidate path from a Lin, et al. Expires August 30, 2024 [Page 9] Internet-Draft SNMP Trap for SRv6 Policy March 2024 specific Protocol-Origin." ::= { Srv6PathDown 6 } Srv6PolicyPathPref OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The preference of the SRv6 policy candidate path." ::= { Srv6PathDown 7 } Srv6PolicyPathPreviousRole OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..31)) MAX-ACCESS read-only STATUS current DESCRIPTION "The previous role of an SRv6 policy candidate path. The value may be primary or backup." ::= { Srv6PathDown 8 } Srv6PolicyPathDownReason OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..51)) MAX-ACCESS read-only STATUS current DESCRIPTION "Base identity for the reasons why SRv6 policy candidate path is operationally down." ::= { Srv6PathDown 9 } Srv6PathDownClear NOTIFICATION-TYPE OBJECTS { Srv6PolicyColor, Srv6PolicyEndPoint, Srv6PolicyPathProto, Srv6PolicyPathInst, Srv6PolicyPathOri, Srv6PolicyPathDis, Srv6PolicyPathPref, Srv6PolicyPathPreviousRole, } STATUS current DESCRIPTION "An Srv6PathDownClear trap signifies that there has been a change in the state of a policy primary or backup path." ::= { Srv6PolicyNotifications 9 } Srv6PolicySeglistDown NOTIFICATION-TYPE Lin, et al. Expires August 30, 2024 [Page 10] Internet-Draft SNMP Trap for SRv6 Policy March 2024 OBJECTS { Srv6PolicyColor, Srv6PolicyEndPoint, Srv6PolicyPathProto, Srv6PolicyPathInst, Srv6PolicyPathOri, Srv6PolicyPathDis, Srv6PolicySeglistId, Srv6PolicySeglistStatus, Srv6PolicySeglistDownReason } STATUS current DESCRIPTION "An Srv6PolicySeglistDown trap signifies that there has been a change in the state of a segment list." ::= { Srv6PolicyNotifications 10 } Srv6PolicySeglistId OBJECT-TYPE SYNTAX Unsigned32 (1..4294967295) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The ID uniquely identifies the segment list." ::= { Srv6PolicySeglistDown 7 } Srv6PolicySeglistStatus OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..31)) MAX-ACCESS read-only STATUS current DESCRIPTION "The status of segment list." ::= { Srv6PolicySeglistDown 8 } Srv6PolicySeglistDownReason OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..51)) MAX-ACCESS read-only STATUS current DESCRIPTION "Base identity for the reasons why segment list is down." ::= { Srv6PolicySeglistDown 9 } Srv6SeglistDownClear NOTIFICATION-TYPE OBJECTS { Srv6PolicyColor, Srv6PolicyEndPoint, Srv6PolicyPathProto, Srv6PolicyPathInst, Srv6PolicyPathOri, Srv6PolicyPathDis, Srv6PolicySeglistId, Lin, et al. Expires August 30, 2024 [Page 11] Internet-Draft SNMP Trap for SRv6 Policy March 2024 Srv6PolicySeglistStatus } STATUS current DESCRIPTION "An Srv6SeglistDownClear trap signifies that there has been a change in the state of a segment list." ::= { Srv6PolicyNotifications 11 } END 4. Security Considerations TBD. 5. IANA Considerations TBD. 6. References 6.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC3416] Presuhn, R., "Version 2 of the Protocol Operations for the Simple Network Management Protocol (SNMP)", STD 62, RFC 3416, December 2002. [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, May 2017. [RFC8402] Filsfils, C., Ed., Previdi, S., Ed., Ginsberg, L., Decraene, B., Litkowski, S., and R. Shakir, "Segment Routing Architecture", RFC 8402, DOI 10.17487/RFC8402, July 2018, . [RFC9256] Filsfils, C., Talaulikar, K., Ed., Voyer, D., Bogdanov, A., and P. Mattes, "Segment Routing Policy Architecture", RFC 9256, DOI 10.17487/RFC9256, July 2022, . 6.2. Informational References [RFC3418] Presuhn, R., "Management Information Base (MIB) for the Simple Network Management Protocol (SNMP)", STD 62, RFC 3418, December 2002. Lin, et al. Expires August 30, 2024 [Page 12] Internet-Draft SNMP Trap for SRv6 Policy March 2024 [RFC5675] Marinov, V. and J. Schoenwaelder, "Mapping Simple Network Management Protocol (SNMP) Notifications to SYSLOG Messages", RFC 5675, October 2009. Authors' Addresses Ran Pang China Unicom China Email: pangran@chinaunicom.cn Changwang Lin New H3C Technologies China Email: linchangwang.04414@h3c.com Mengxiao Chen New H3C Technologies China Email: chen.mengxiao@h3c.com Lin, et al. Expires August 30, 2024 [Page 13]