tech-invite   World Map     

IETF     RFCs     Groups     SIP     ABNFs    |    3GPP     Specs     Glossaries     Architecture     IMS     UICC    |    search     info

RFC 5815

 
 
 

Definitions of Managed Objects for IP Flow Information Export

Part 3 of 3, p. 40 to 64
Prev RFC Part

 


prevText      Top      Up      ToC       Page 40 
   IpfixObservationPointEntry ::=
       SEQUENCE {
           ipfixObservationPointGroupId           Unsigned32,
           ipfixObservationPointIndex             Unsigned32,
           ipfixObservationPointObservationDomainId Unsigned32,
           ipfixObservationPointPhysicalEntity    PhysicalIndexOrZero,
           ipfixObservationPointPhysicalInterface InterfaceIndexOrZero,
           ipfixObservationPointPhysicalEntityDirection INTEGER
       }

   ipfixObservationPointGroupId OBJECT-TYPE
       SYNTAX      Unsigned32 (1..4294967295)
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION
           "Locally arbitrary, but unique identifier of an entry in the
           ipfixObservationPointTable.  The value is expected to remain
           constant from a re-initialization of the entity's network
           management agent to the next re-initialization.

           This index represents a group of Observation Points.

           The special value of 0 MUST NOT be used within this table
           but is reserved for the usage in the
           ipfixMeteringProcessTable.  An index of 0 for the
           ipfixObservationPointGroupReference index in that table
           indicates that an Observation Point is unknown or
           unspecified for a Metering Process cache."
       ::= { ipfixObservationPointEntry 1 }

   ipfixObservationPointIndex OBJECT-TYPE
       SYNTAX      Unsigned32 (1..4294967295)
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION
           "Locally arbitrary, but unique identifier of an entry in the
           ipfixObservationPointTable.  The value is expected to remain
           constant from a re-initialization of the entity's network
           management agent to the next re-initialization.

           This index represents a single Observation Point in an
           Observation Point group."
       ::= { ipfixObservationPointEntry 2 }

   ipfixObservationPointObservationDomainId OBJECT-TYPE
       SYNTAX      Unsigned32
       MAX-ACCESS  read-only
       STATUS      current

Top      Up      ToC       Page 41 
       DESCRIPTION
           "The Id of the Observation Domain in which this
           Observation Point is included.

           The special value of 0 indicates that the Observation
           Points within this group cannot be applied to a single
           Observation Domain."
       REFERENCE
           "RFC 5101, Specification of the IP Flow Information Export
           (IPFIX) Protocol for the Exchange of IP
           Traffic Flow Information, Section 3.1."
       ::= { ipfixObservationPointEntry 3 }

   ipfixObservationPointPhysicalEntity OBJECT-TYPE
       SYNTAX      PhysicalIndexOrZero
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
           "This object contains the index of a physical entity in
           the ENTITY MIB.  This physical entity is the given
           Observation Point.  If such a physical entity cannot be
           specified or is not known, then the object is zero."
       ::= { ipfixObservationPointEntry 4 }

   ipfixObservationPointPhysicalInterface OBJECT-TYPE
       SYNTAX      InterfaceIndexOrZero
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
           "This object contains the index of a physical interface in
           the IF MIB.  This physical interface is the given
           Observation Point.  If such a physical interface cannot be
           specified or is not known, then the object is zero.

           This object MAY be used stand alone or in addition to
           ipfixObservationPointPhysicalEntity.  If
           ipfixObservationPointPhysicalEntity is not zero, this object
           MUST point to the same physical interface that is
           referenced in ipfixObservationPointPhysicalEntity.
           Otherwise, it may reference any interface in the IF MIB."
       ::= { ipfixObservationPointEntry 5 }

Top      Up      ToC       Page 42 
   ipfixObservationPointPhysicalEntityDirection OBJECT-TYPE
       SYNTAX      INTEGER {
                       unknown(0),
                       ingress(1),
                       egress(2),
                       both(3)
                   }
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
           "The direction of the Flow that is monitored on the given
           physical entity.  The following values are valid:

           unknown(0)
               This value MUST be used if a direction is not
               known for the given physical entity.

           ingress(1)
               This value is used for monitoring incoming Flows on the
               given physical entity.

           egress(2)
               This value is used for monitoring outgoing Flows on the
               given physical entity.

           both(3)
               This value is used for monitoring incoming and outgoing
               Flows on the given physical entity."
       ::= { ipfixObservationPointEntry 6 }

   --------------------------------------------------------------------
   -- 1.1.7: Selection Process Table
   --------------------------------------------------------------------
   ipfixSelectionProcessTable OBJECT-TYPE
       SYNTAX      SEQUENCE OF IpfixSelectionProcessEntry
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION
           "This table contains Selector Functions connected to a
           Metering Process by the index ipfixMeteringProcessCacheId.
           The Selector Functions are grouped into Selection Processes
           by the ipfixSelectionProcessIndex.  The Selector Functions
           are applied within the Selection Process to the packets
           observed for the given Metering Process cache in increasing
           order implied by the ipfixSelectionProcessSelectorIndex.
           This means Selector Functions with lower
           ipfixSelectionProcessSelectorIndex are applied first.  The
           remaining packets are accounted for in Flow Records.

Top      Up      ToC       Page 43 
           Since IPFIX does not define any Selector Function (except
           selecting every packet), this is a placeholder for future
           use and a guideline for implementing enterprise-specific
           Selector Function objects.

           The following object tree should visualize how the
           Selector Function objects should be implemented:

           ipfixSelectorFunctions
           |
           +- ipfixFuncSelectAll
           |  |
           |  +- ipfixFuncSelectAllAvail (is the function available?)
           |
           +- ipfixFuncF2
           |  |
           |  +- ipfixFuncF2Avail (is the function F2 available?)
           |  |
           |  +- ipfixFuncF2Parameters (a table with parameters)
           ...
           |
           +- ipfixFunFn...

           If a Selector Function takes parameters, the MIB should
           contain a table with an entry for each set of parameters
           used at the Exporter."
       ::= { ipfixMainObjects 7 }

   ipfixSelectionProcessEntry OBJECT-TYPE
       SYNTAX      IpfixSelectionProcessEntry
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION
           "Defines an entry in the ipfixSelectionProcessTable."
       INDEX       {
           ipfixMeteringProcessCacheId,
           ipfixSelectionProcessIndex,
           ipfixSelectionProcessSelectorIndex
       }
       ::= { ipfixSelectionProcessTable 1 }

   IpfixSelectionProcessEntry ::= SEQUENCE {
           ipfixSelectionProcessIndex            Unsigned32,
           ipfixSelectionProcessSelectorIndex    Unsigned32,
           ipfixSelectionProcessSelectorFunction OBJECT IDENTIFIER
       }

Top      Up      ToC       Page 44 
   ipfixSelectionProcessIndex OBJECT-TYPE
       SYNTAX      Unsigned32 (1..4294967295)
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION
           "Locally arbitrary, but unique identifier of an entry in the
           ipfixSelectionProcessTable.  The value is expected to remain
           constant from a re-initialization of the entity's network
           management agent to the next re-initialization."
       ::= { ipfixSelectionProcessEntry 1 }

   ipfixSelectionProcessSelectorIndex OBJECT-TYPE
       SYNTAX      Unsigned32 (1..4294967295)
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION
           "Index specifying the order in which the referenced
           ipfixSelctionProcessSelectorFunctions are applied to the
           observed packet stream within the given Selection Process
           (identified by the ipfixSelectionProcessIndex).  The
           Selector Functions are applied in increasing order, i.e.,
           Selector Functions with lower index are applied first."
       ::= { ipfixSelectionProcessEntry 2 }

   ipfixSelectionProcessSelectorFunction OBJECT-TYPE
       SYNTAX      OBJECT IDENTIFIER
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
           "The pointer to the Selector Function used at position
           ipfixSelectionProcessSelectorIndex in the list of Selector
           Functions for the Metering Process cache specified by the
           index ipfixMeteringProcessCacheId and for the given
           Selection Process (identified by the
           ipfixSelectionProcessIndex).

           This usually points to an object in the IPFIX SELECTOR MIB.
           If the Selector Function does not take parameters, then it
           MUST point to the root of the function subtree.  If the
           function takes parameters, then it MUST point to an entry
           in the parameter table of the Selector Function."
       ::= { ipfixSelectionProcessEntry 3 }

Top      Up      ToC       Page 45 
   --------------------------------------------------------------------
   -- 1.2.1: Transport Session Statistics Table
   --------------------------------------------------------------------
   ipfixTransportSessionStatsTable  OBJECT-TYPE
       SYNTAX      SEQUENCE OF IpfixTransportSessionStatsEntry
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION
           "This table lists Transport Sessions statistics between
           Exporting Processes and Collecting Processes."
       ::= { ipfixStatistics 1 }

   ipfixTransportSessionStatsEntry OBJECT-TYPE
       SYNTAX      IpfixTransportSessionStatsEntry
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION
           "Defines an entry in the ipfixTransportSessionStatsTable."
       AUGMENTS    { ipfixTransportSessionEntry }
       ::= { ipfixTransportSessionStatsTable 1 }

   IpfixTransportSessionStatsEntry ::=
       SEQUENCE {
           ipfixTransportSessionRate              Gauge32,
           ipfixTransportSessionPackets           Counter64,
           ipfixTransportSessionBytes             Counter64,
           ipfixTransportSessionMessages          Counter64,
           ipfixTransportSessionDiscardedMessages Counter64,
           ipfixTransportSessionRecords           Counter64,
           ipfixTransportSessionTemplates         Counter64,
           ipfixTransportSessionOptionsTemplates  Counter64,
           ipfixTransportSessionDiscontinuityTime TimeStamp
       }

   ipfixTransportSessionRate OBJECT-TYPE
       SYNTAX      Gauge32
       UNITS       "bytes/second"
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
           "The number of bytes per second received by the
           Collector or transmitted by the Exporter.  A
           value of zero (0) means that no packets were sent or
           received, yet.  This object is updated every second."
       ::= { ipfixTransportSessionStatsEntry 1 }

Top      Up      ToC       Page 46 
   ipfixTransportSessionPackets OBJECT-TYPE
       SYNTAX      Counter64
       UNITS       "packets"
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
           "The number of packets received by the Collector
           or transmitted by the Exporter.
           Discontinuities in the value of this counter can occur at
           re-initialization of the management system and at other
           times as indicated by the value of
           ipfixTransportSessionDiscontinuityTime."
       ::= { ipfixTransportSessionStatsEntry 2 }

   ipfixTransportSessionBytes OBJECT-TYPE
       SYNTAX      Counter64
       UNITS       "bytes"
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
           "The number of bytes received by the Collector
           or transmitted by the Exporter.
           Discontinuities in the value of this counter can occur at
           re-initialization of the management system and at other
           times as indicated by the value of
           ipfixTransportSessionDiscontinuityTime."
       ::= { ipfixTransportSessionStatsEntry 3 }

   ipfixTransportSessionMessages OBJECT-TYPE
       SYNTAX      Counter64
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
           "The number of IPFIX Messages received by the
           Collector or transmitted by the Exporter.
           Discontinuities in the value of this counter can occur at
           re-initialization of the management system and at other
           times as indicated by the value of
           ipfixTransportSessionDiscontinuityTime."
       ::= { ipfixTransportSessionStatsEntry 4 }

   ipfixTransportSessionDiscardedMessages OBJECT-TYPE
       SYNTAX      Counter64
       MAX-ACCESS  read-only
       STATUS      current

Top      Up      ToC       Page 47 
       DESCRIPTION
           "The number of received IPFIX Message that are malformed,
           cannot be decoded, are received in the wrong order, or are
           missing according to the sequence number.

           If used at the Exporter, the number of messages that could
           not be sent due to, e.g., internal buffer overflows, network
           congestion, or routing issues.
           Discontinuities in the value of this counter can occur at
           re-initialization of the management system and at other
           times as indicated by the value of
           ipfixTransportSessionDiscontinuityTime."
       ::= { ipfixTransportSessionStatsEntry 5 }

   ipfixTransportSessionRecords OBJECT-TYPE
       SYNTAX      Counter64
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
           "The number of Data Records received by the Collector or
           transmitted by the Exporter.
           Discontinuities in the value of this counter can occur at
           re-initialization of the management system and at other
           times as indicated by the value of
           ipfixTransportSessionDiscontinuityTime."
       ::= { ipfixTransportSessionStatsEntry 6 }

   ipfixTransportSessionTemplates OBJECT-TYPE
       SYNTAX      Counter64
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
           "The number of Templates received or transmitted.
           Discontinuities in the value of this counter can occur at
           re-initialization of the management system and at other
           times as indicated by the value of
           ipfixTransportSessionDiscontinuityTime."
       ::= { ipfixTransportSessionStatsEntry 7 }

   ipfixTransportSessionOptionsTemplates OBJECT-TYPE
       SYNTAX      Counter64
       MAX-ACCESS  read-only
       STATUS      current

Top      Up      ToC       Page 48 
       DESCRIPTION
           "The number of Options Templates received or transmitted.
           Discontinuities in the value of this counter can occur at
           re-initialization of the management system and at other
           times as indicated by the value of
           ipfixTransportSessionDiscontinuityTime."
       ::= { ipfixTransportSessionStatsEntry 8 }

   ipfixTransportSessionDiscontinuityTime OBJECT-TYPE
       SYNTAX       TimeStamp
       MAX-ACCESS   read-only
       STATUS       current
       DESCRIPTION
           "The value of sysUpTime at the most recent occasion at which
           one or more of the Transport Session counters suffered a
           discontinuity.
           A value of zero indicates no such discontinuity has
           occurred since the last re-initialization of the local
           management subsystem."
       ::= { ipfixTransportSessionStatsEntry 9 }

   --------------------------------------------------------------------
   -- 1.2.2: Template Statistics Table
   --------------------------------------------------------------------
   ipfixTemplateStatsTable  OBJECT-TYPE
       SYNTAX      SEQUENCE OF IpfixTemplateStatsEntry
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION
           "This table lists statistics objects per Template."
       ::= { ipfixStatistics 2 }

   ipfixTemplateStatsEntry OBJECT-TYPE
       SYNTAX      IpfixTemplateStatsEntry
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION
           "Defines an entry in the ipfixTemplateStatsTable."
       AUGMENTS    { ipfixTemplateEntry }
       ::= { ipfixTemplateStatsTable 1 }

   IpfixTemplateStatsEntry ::=
       SEQUENCE {
           ipfixTemplateDataRecords       Counter64,
           ipfixTemplateDiscontinuityTime TimeStamp
       }

Top      Up      ToC       Page 49 
   ipfixTemplateDataRecords OBJECT-TYPE
       SYNTAX      Counter64
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
           "The number of Data Records that are transmitted or received
           per Template.
           Discontinuities in the value of this counter can occur at
           re-initialization of the management system, and at other
           times as indicated by the value of
           ipfixTemplateDiscontinuityTime."
       ::= { ipfixTemplateStatsEntry 1 }

   ipfixTemplateDiscontinuityTime OBJECT-TYPE
       SYNTAX       TimeStamp
       MAX-ACCESS   read-only
       STATUS       current
       DESCRIPTION
           "The value of sysUpTime at the most recent occasion at which
           the Template counter suffered a discontinuity.
           A value of zero indicates no such discontinuity has
           occurred since the last re-initialization of the local
           management subsystem."
       ::= { ipfixTemplateStatsEntry 2 }

   --------------------------------------------------------------------
   -- 1.2.3: Metering Process Statistics Table
   --------------------------------------------------------------------
   ipfixMeteringProcessStatsTable  OBJECT-TYPE
       SYNTAX      SEQUENCE OF IpfixMeteringProcessStatsEntry
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION
           "This table lists statistic objects that have data per
           Metering Process cache.

           On Collectors, this table is not needed."
       ::= { ipfixStatistics 3 }

Top      Up      ToC       Page 50 
   ipfixMeteringProcessStatsEntry OBJECT-TYPE
       SYNTAX      IpfixMeteringProcessStatsEntry
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION
           "Defines an entry in the ipfixMeteringProcessStatsTable."
       AUGMENTS    { ipfixMeteringProcessEntry }
       ::= { ipfixMeteringProcessStatsTable 1 }

   IpfixMeteringProcessStatsEntry ::=
       SEQUENCE {
           ipfixMeteringProcessCacheActiveFlows          Gauge32,
           ipfixMeteringProcessCacheUnusedCacheEntries   Gauge32,
           ipfixMeteringProcessCacheDataRecords          Counter64,
           ipfixMeteringProcessCacheDiscontinuityTime    TimeStamp
       }

   ipfixMeteringProcessCacheActiveFlows OBJECT-TYPE
       SYNTAX      Gauge32
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
           "The number of Flows currently active at this cache."
       ::= { ipfixMeteringProcessStatsEntry 1 }

   ipfixMeteringProcessCacheUnusedCacheEntries   OBJECT-TYPE
       SYNTAX      Gauge32
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
           "The number of unused cache entries."
       ::= { ipfixMeteringProcessStatsEntry 2 }

   ipfixMeteringProcessCacheDataRecords OBJECT-TYPE
       SYNTAX      Counter64
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
           "The number of Data Records generated.
           Discontinuities in the value of this counter can occur at
           re-initialization of the management system and at other
           times as indicated by the value of
           ipfixTemplateDiscontinuityTime."
       ::= { ipfixMeteringProcessStatsEntry 3 }

Top      Up      ToC       Page 51 
   ipfixMeteringProcessCacheDiscontinuityTime OBJECT-TYPE
       SYNTAX       TimeStamp
       MAX-ACCESS   read-only
       STATUS       current
       DESCRIPTION
           "The value of sysUpTime at the most recent occasion at which
           the Metering Process counter suffered a discontinuity.
           A value of zero indicates no such discontinuity has
           occurred since the last re-initialization of the local
           management subsystem."
       ::= { ipfixMeteringProcessStatsEntry 4 }

   --------------------------------------------------------------------
   -- 1.2.4: Selection Process Statistics Table
   --------------------------------------------------------------------
   ipfixSelectionProcessStatsTable OBJECT-TYPE
       SYNTAX      SEQUENCE OF IpfixSelectionProcessStatsEntry
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION
           "This table contains statistics for the Selector Functions
           connected to Metering Process by the index
           ipfixMeteringProcessCacheId.

           The indexes MUST match an entry in the
           ipfixSelectionProcessTable."
       ::= { ipfixStatistics 4 }

   ipfixSelectionProcessStatsEntry OBJECT-TYPE
       SYNTAX      IpfixSelectionProcessStatsEntry
       MAX-ACCESS  not-accessible
       STATUS      current
       DESCRIPTION
           "Defines an entry in the ipfixSelectionProcessStatsTable."
       AUGMENTS    { ipfixSelectionProcessEntry }
       ::= { ipfixSelectionProcessStatsTable 1 }

   IpfixSelectionProcessStatsEntry ::= SEQUENCE {
           ipfixSelectionProcessStatsPacketsObserved   Counter64,
           ipfixSelectionProcessStatsPacketsDropped    Counter64,
           ipfixSelectionProcessStatsDiscontinuityTime TimeStamp
       }

   ipfixSelectionProcessStatsPacketsObserved OBJECT-TYPE
       SYNTAX      Counter64
       MAX-ACCESS  read-only
       STATUS      current

Top      Up      ToC       Page 52 
       DESCRIPTION
           "The number of packets observed at the entry point of the
           function.  The entry point may be the Observation Point or
           the exit point of another Selector Function.
           Discontinuities in the value of this counter can occur at
           re-initialization of the management system and at other
           times as indicated by the value of
           ipfixSelectionProcessStatsDiscontinuityTime."
       ::= { ipfixSelectionProcessStatsEntry 1 }

   ipfixSelectionProcessStatsPacketsDropped OBJECT-TYPE
       SYNTAX      Counter64
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
           "The number of packets dropped while selecting packets.
           Discontinuities in the value of this counter can occur at
           re-initialization of the management system and at other
           times as indicated by the value of
           ipfixSelectionProcessStatsDiscontinuityTime."
       ::= { ipfixSelectionProcessStatsEntry 2 }

   ipfixSelectionProcessStatsDiscontinuityTime OBJECT-TYPE
       SYNTAX       TimeStamp
       MAX-ACCESS   read-only
       STATUS       current
       DESCRIPTION
           "The value of sysUpTime at the most recent occasion at which
           one or more of the Selector counters suffered a
           discontinuity.
           A value of zero indicates no such discontinuity has
           occurred since the last re-initialization of the local
           management subsystem."
       ::= { ipfixSelectionProcessStatsEntry 3 }

Top      Up      ToC       Page 53 
   --==================================================================
   -- 2: Conformance Information
   --==================================================================
   ipfixCompliances OBJECT IDENTIFIER ::= { ipfixConformance 1 }
   ipfixGroups      OBJECT IDENTIFIER ::= { ipfixConformance 2 }

   --------------------------------------------------------------------
   -- 2.1: Compliance Statements
   --------------------------------------------------------------------
   ipfixCollectorCompliance MODULE-COMPLIANCE
       STATUS      current
       DESCRIPTION
           "An implementation that builds an IPFIX Collector
           that complies to this module MUST implement the objects
           defined in the mandatory group ipfixCommonGroup.

           The implementation of all objects in the other groups is
           optional and depends on the corresponding functionality
           implemented in the equipment.

           An implementation that is compliant to this MIB module
           is limited to use only the values TCP (6), UDP (17), and
           SCTP (132) in the ipfixTransportSessionProtocol object
           because these are the only protocol currently specified
           for usage within IPFIX (see RFC 5101)."
       MODULE  -- this module
       MANDATORY-GROUPS {
           ipfixCommonGroup
       }

       GROUP ipfixCommonStatsGroup
       DESCRIPTION
           "These objects should be implemented if the statistics
           function is implemented in the equipment."
       ::= { ipfixCompliances 1 }

   ipfixExporterCompliance MODULE-COMPLIANCE
       STATUS  current
       DESCRIPTION
           "An implementation that builds an IPFIX Exporter that
           complies to this module MUST implement the objects defined
           in the mandatory group ipfixCommonGroup.  The implementation
           of all other objects depends on the implementation of the
           corresponding functionality in the equipment."
       MODULE  -- this module

Top      Up      ToC       Page 54 
       MANDATORY-GROUPS {
               ipfixCommonGroup,
               ipfixExporterGroup
       }

       GROUP ipfixCommonStatsGroup
       DESCRIPTION
           "These objects should be implemented if the statistics
           function is implemented in the equipment."

       GROUP ipfixExporterStatsGroup
       DESCRIPTION
           "These objects MUST be implemented if statistical functions
           are implemented on the equipment."
       ::= { ipfixCompliances 2 }

   --------------------------------------------------------------------
   -- 2.2: MIB Grouping
   --------------------------------------------------------------------
   ipfixCommonGroup OBJECT-GROUP
       OBJECTS {
           ipfixTransportSessionProtocol,
           ipfixTransportSessionSourceAddressType,
           ipfixTransportSessionSourceAddress,
           ipfixTransportSessionDestinationAddressType,
           ipfixTransportSessionDestinationAddress,
           ipfixTransportSessionSourcePort,
           ipfixTransportSessionDestinationPort,
           ipfixTransportSessionSctpAssocId,
           ipfixTransportSessionDeviceMode,
           ipfixTransportSessionTemplateRefreshTimeout,
           ipfixTransportSessionOptionsTemplateRefreshTimeout,
           ipfixTransportSessionTemplateRefreshPacket,
           ipfixTransportSessionOptionsTemplateRefreshPacket,
           ipfixTransportSessionIpfixVersion,
           ipfixTransportSessionStatus,

           ipfixTemplateSetId,
           ipfixTemplateAccessTime,

           ipfixTemplateDefinitionIeId,
           ipfixTemplateDefinitionIeLength,
           ipfixTemplateDefinitionEnterpriseNumber,
           ipfixTemplateDefinitionFlags
       }
       STATUS      current

Top      Up      ToC       Page 55 
       DESCRIPTION
           "The main IPFIX objects."
       ::= { ipfixGroups 1 }

   ipfixCommonStatsGroup OBJECT-GROUP
       OBJECTS {
           ipfixTransportSessionRate,
           ipfixTransportSessionPackets,
           ipfixTransportSessionBytes,
           ipfixTransportSessionMessages,
           ipfixTransportSessionDiscardedMessages,
           ipfixTransportSessionRecords,
           ipfixTransportSessionTemplates,
           ipfixTransportSessionOptionsTemplates,
           ipfixTransportSessionDiscontinuityTime,

           ipfixTemplateDataRecords,
           ipfixTemplateDiscontinuityTime
       }
       STATUS      current
       DESCRIPTION
           "Common statistical objects."
       ::= { ipfixGroups 2 }

   ipfixExporterGroup OBJECT-GROUP
       OBJECTS {
           ipfixExportMemberType,

           ipfixMeteringProcessObservationPointGroupRef,
           ipfixMeteringProcessCacheActiveTimeout,
           ipfixMeteringProcessCacheInactiveTimeout,

           ipfixObservationPointObservationDomainId,
           ipfixObservationPointPhysicalEntity,
           ipfixObservationPointPhysicalInterface,
           ipfixObservationPointPhysicalEntityDirection,

           ipfixSelectionProcessSelectorFunction
       }
       STATUS      current
       DESCRIPTION
           "The main objects for Exporters."
       ::= { ipfixGroups 3 }

Top      Up      ToC       Page 56 
   ipfixExporterStatsGroup OBJECT-GROUP
       OBJECTS {
           ipfixMeteringProcessCacheActiveFlows,
           ipfixMeteringProcessCacheUnusedCacheEntries,
           ipfixMeteringProcessCacheDataRecords,
           ipfixMeteringProcessCacheDiscontinuityTime,

           ipfixSelectionProcessStatsPacketsObserved,
           ipfixSelectionProcessStatsPacketsDropped,
           ipfixSelectionProcessStatsDiscontinuityTime
       }
       STATUS      current
       DESCRIPTION
           "The statistical objects for Exporters."
       ::= { ipfixGroups 4 }

   END

8.2.  IPFIX SELECTOR MIB Definition


   IPFIX-SELECTOR-MIB DEFINITIONS ::= BEGIN

   IMPORTS
       MODULE-IDENTITY, OBJECT-TYPE, mib-2
           FROM SNMPv2-SMI                                -- RFC2578
       TruthValue
           FROM SNMPv2-TC                                 -- RFC2579
       MODULE-COMPLIANCE, OBJECT-GROUP
           FROM SNMPv2-CONF;                              -- RFC2580

   ipfixSelectorMIB MODULE-IDENTITY
       LAST-UPDATED "201003150000Z"         -- 15 March 2010
       ORGANIZATION "IETF IPFIX Working Group"
       CONTACT-INFO
           "WG charter:
             http://www.ietf.org/html.charters/ipfix-charter.html

           Mailing Lists:
             General Discussion: ipfix@ietf.org
             To Subscribe: http://www1.ietf.org/mailman/listinfo/ipfix
             Archive:
         http://www1.ietf.org/mail-archive/web/ipfix/current/index.html

Top      Up      ToC       Page 57 
           Editor:
             Thomas Dietz
             NEC Europe Ltd.
             NEC Laboratories Europe
             Network Research Division
             Kurfuersten-Anlage 36
             69115 Heidelberg
             Germany
             Phone: +49 6221 4342-128
             Email: Thomas.Dietz@nw.neclab.eu

             Atsushi Kobayashi
             NTT Information Sharing Platform Laboratories
             3-9-11 Midori-cho
             Musashino-shi
             180-8585
             Japan
             Phone: +81-422-59-3978
             Email: akoba@nttv6.net

             Benoit Claise
             Cisco Systems, Inc.
             De Kleetlaan 6a b1
             Degem 1831
             Belgium
             Phone:  +32 2 704 5622
             Email: bclaise@cisco.com

             Gerhard Muenz
             Technische Universitaet Muenchen
             Department of Informatics
             Chair for Network Architectures and Services (I8)
             Boltzmannstr. 3
             85748 Garching
             Germany
             Phone: +49 89 289-18008
             Email: muenz@net.in.tum.de
             URI:   http://www.net.in.tum.de/~muenz"
       DESCRIPTION
           "The IPFIX SELECTOR MIB module defines the standard
           filtering and sampling functions that can be referenced in
           the ipfixSelectorTable of the IPFIX MIB.  The subtree
           ipfixSelectorFunctions is a placeholder where all standard
           filtering and sampling functions should be located.

           The IPFIX SELECTOR MIB module is maintained by IANA and can
           be extended through Expert Review [RFC5226], i.e., review by
           one of a group of experts designated by an IETF Area

Top      Up      ToC       Page 58 
           Director.  The group of experts MUST check the requested MIB
           objects for completeness and accuracy of the description.
           Requests for MIB objects that duplicate the functionality of
           existing objects SHOULD be declined.  The smallest available
           OID SHOULD be assigned to a new MIB objects.  The
           specification of new MIB objects SHOULD follow the structure
           specified in RFC 5815 and MUST be published using a
           well-established and persistent publication medium.  The
           experts will initially be drawn from the Working Group
           Chairs and document editors of the IPFIX and PSAMP Working
           Groups.

           Copyright (c) 2010 IETF Trust and the persons identified as
           authors of the code. All rights reserved.

           Redistribution and use in source and binary forms, with or
           without modification, is permitted pursuant to, and subject
           to the license terms contained in, the Simplified BSD
           License set forth in Section 4.c of the IETF Trust's
           Legal Provisions Relating to IETF Documents
           (http://trustee.ietf.org/license-info)."

   --  Revision history

       REVISION     "201003150000Z"         -- 15 March 2010
       DESCRIPTION
           "Initial version, published as RFC 5815."

       ::= { mib-2 194 }

   --******************************************************************
   -- Top Level Structure of the MIB
   --******************************************************************

   ipfixSelectorObjects     OBJECT IDENTIFIER
       ::= { ipfixSelectorMIB 1 }
   ipfixSelectorConformance OBJECT IDENTIFIER
       ::= { ipfixSelectorMIB 2 }

   --==================================================================
   -- 1: Objects used by all IPFIX implementations
   --==================================================================
   --------------------------------------------------------------------
   -- 1.1: Packet Selector Functions for IPFIX
   --------------------------------------------------------------------
   ipfixSelectorFunctions OBJECT IDENTIFIER
       ::= { ipfixSelectorObjects 1 }

Top      Up      ToC       Page 59 
   --------------------------------------------------------------------
   -- 1.1.1: Function 1: Selecting All Packets
   --------------------------------------------------------------------
   ipfixFuncSelectAll OBJECT IDENTIFIER
       ::= { ipfixSelectorFunctions 1 }

   ipfixFuncSelectAllAvail OBJECT-TYPE
       SYNTAX      TruthValue
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
           "This object indicates the availability of the trivial
           function of selecting all packets.  This function is always
           available."
       ::= { ipfixFuncSelectAll 1 }

   --==================================================================
   -- 2: Conformance Information
   --==================================================================
   ipfixSelectorCompliances OBJECT IDENTIFIER
       ::= { ipfixSelectorConformance 1 }
   ipfixSelectorGroups      OBJECT IDENTIFIER
       ::= { ipfixSelectorConformance 2 }

   --------------------------------------------------------------------
   -- 2.1: Compliance Statements
   --------------------------------------------------------------------
   ipfixSelectorBasicCompliance MODULE-COMPLIANCE
       STATUS  current
       DESCRIPTION
           "An implementation that builds an IPFIX Exporter that
           complies to this module MUST implement the objects defined
           in the mandatory group ipfixBasicGroup.  The implementation
           of all other objects depends on the implementation of the
           corresponding functionality in the equipment."
       MODULE  -- this module
       MANDATORY-GROUPS {
               ipfixSelectorBasicGroup
       }
       ::= { ipfixSelectorCompliances 1 }

   --------------------------------------------------------------------
   -- 2.2: MIB Grouping
   --------------------------------------------------------------------
   ipfixSelectorBasicGroup OBJECT-GROUP
       OBJECTS {
           ipfixFuncSelectAllAvail
       }

Top      Up      ToC       Page 60 
       STATUS      current
       DESCRIPTION
           "The main IPFIX objects."
       ::= { ipfixSelectorGroups 1 }

   END

9.  Security Considerations

   There are no management objects defined in this MIB module that have
   a MAX-ACCESS clause of read-write and/or read-create.  So, if these
   MIB modules are implemented correctly, then there is no risk that an
   intruder can alter or create any management objects of these MIB
   modules via direct SNMP SET operations.

   Some of the readable objects in these MIB modules (i.e., objects with
   a MAX-ACCESS other than not-accessible) may be considered sensitive
   or vulnerable in some network environments.  It is thus important to
   control even GET and/or NOTIFY access to these objects and possibly
   to even encrypt the values of these objects when sending them over
   the network via SNMP.  These are the tables and objects and their
   sensitivity/vulnerability:

   o  ipfixTransportSessionTable - contains configuration data that
      might be sensitive because objects in this table may reveal
      information about the network infrastructure

   o  ipfixExportTable - contains configuration data that might be
      sensitive because object in this table may reveal information
      about the network infrastructure as well

   o  ipfixMeteringProcessTable - contains configuration data that might
      be sensitive because objects in this table may reveal information
      about the IPFIX Device itself

   o  ipfixObservationPointTable - contains configuration data that
      might be sensitive because objects in this table may reveal
      information about the IPFIX Device itself and the network
      infrastructure

   o  ipfixSelectorFunctions - currently contains no sensitive data but
      might want to be secured anyway since it may contain sensitive
      data in a future version

   All other objects and tables contain no data that is considered
   sensitive.

Top      Up      ToC       Page 61 
   SNMP versions prior to SNMPv3 did not include adequate security.
   Even if the network itself is secure (for example by using IPsec),
   even then, there is no control as to who on the secure network is
   allowed to access and GET/SET (read/change/create/delete) the objects
   in these MIB modules.

   It is RECOMMENDED that implementers consider the security features as
   provided by the SNMPv3 framework (see [RFC3410] Section 8), including
   full support for the SNMPv3 cryptographic mechanisms (for
   authentication and privacy).

   Further, deployment of SNMP versions prior to SNMPv3 is NOT
   RECOMMENDED.  Instead, it is RECOMMENDED to deploy SNMPv3 and to
   enable cryptographic security.  It is then a customer/operator
   responsibility to ensure that the SNMP entity giving access to an
   instance of these MIB modules is properly configured to give access
   to the objects only to those principals (users) that have legitimate
   rights to indeed GET or SET (change/create/delete) them.

10.  IANA Considerations

   The MIB module in this document uses the following IANA-assigned
   OBJECT IDENTIFIER values recorded in the SMI Numbers registry:

           Descriptor        OBJECT IDENTIFIER value
           ----------        -----------------------
           ipfixMIB          { mib-2 193 }
           ipfixSelectorMIB  { mib-2 194 }

   Further on, the whole IPFIX SELECTOR MIB module is maintained by
   IANA.  Additions to this MIB module are subject to Expert Review
   [RFC5226], i.e., review by one of a group of experts designated by an
   IETF Area Director.  The group of experts MUST check the requested
   MIB objects for completeness and accuracy of the description.
   Requests for MIB objects that duplicate the functionality of existing
   objects SHOULD be declined.  The smallest available OID SHOULD be
   assigned to new MIB objects.  The specification of new MIB objects
   SHOULD follow the structure specified in Section 6 and MUST be
   published using a well-established and persistent publication medium.
   The experts will initially be drawn from the Working Group Chairs and
   document editors of the IPFIX and PSAMP Working Groups.

11.  Acknowledgments

   This document is a product of the IPFIX Working Group.  The authors
   would like to thank the following persons: Paul Aitken for his
   detailed review, Dan Romascanu and the MIB doctors, and many more,
   for the technical reviews and feedback.

Top      Up      ToC       Page 62 
12.  References

12.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC2578]  McCloghrie, K., Ed., Perkins, D., Ed., and J.
              Schoenwaelder, Ed., "Structure of Management Information
              Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.

   [RFC2579]  McCloghrie, K., Ed., Perkins, D., Ed., and J.
              Schoenwaelder, Ed., "Textual Conventions for SMIv2",
              STD 58, RFC 2579, April 1999.

   [RFC2580]  McCloghrie, K., Perkins, D., and J. Schoenwaelder,
              "Conformance Statements for SMIv2", STD 58, RFC 2580,
              April 1999.

   [RFC4001]  Daniele, M., Haberman, B., Routhier, S., and J.
              Schoenwaelder, "Textual Conventions for Internet Network
              Addresses", RFC 4001, February 2005.

   [RFC2863]  McCloghrie, K. and F. Kastenholz, "The Interfaces Group
              MIB", RFC 2863, June 2000.

   [RFC3873]  Pastor, J. and M. Belinchon, "Stream Control Transmission
              Protocol (SCTP) Management Information Base (MIB)",
              RFC 3873, September 2004.

   [RFC4133]  Bierman, A. and K. McCloghrie, "Entity MIB (Version 3)",
              RFC 4133, August 2005.

   [RFC5101]  Claise, B., "Specification of the IP Flow Information
              Export (IPFIX) Protocol for the Exchange of IP Traffic
              Flow Information", RFC 5101, January 2008.

   [RFC5102]  Quittek, J., Bryant, S., Claise, B., Aitken, P., and J.
              Meyer, "Information Model for IP Flow Information Export",
              RFC 5102, January 2008.

   [RFC5226]  Narten, T. and H. Alvestrand, "Guidelines for Writing an
              IANA Considerations Section in RFCs", BCP 26, RFC 5226,
              May 2008.

Top      Up      ToC       Page 63 
12.2.  Informative References

   [RFC3410]  Case, J., Mundy, R., Partain, D., and B. Stewart,
              "Introduction and Applicability Statements for Internet-
              Standard Management Framework", RFC 3410, December 2002.

   [RFC3917]  Quittek, J., Zseby, T., Claise, B., and S. Zander,
              "Requirements for IP Flow Information Export (IPFIX)",
              RFC 3917, October 2004.

   [RFC5470]  Sadasivan, G., Brownlee, N., Claise, B., and J. Quittek,
              "Architecture for IP Flow Information Export", RFC 5470,
              March 2009.

   [RFC5472]  Zseby, T., Boschi, E., Brownlee, N., and B. Claise, "IP
              Flow Information Export (IPFIX) Applicability", RFC 5472,
              March 2009.

   [RFC5474]  Duffield, N., Chiou, D., Claise, B., Greenberg, A.,
              Grossglauser, M., and J. Rexford, "A Framework for Packet
              Selection and Reporting", RFC 5474, March 2009.

   [RFC5475]  Zseby, T., Molina, M., Duffield, N., Niccolini, S., and F.
              Raspall, "Sampling and Filtering Techniques for IP Packet
              Selection", RFC 5475, March 2009.

   [RFC5476]  Claise, B., Johnson, A., and J. Quittek, "Packet Sampling
              (PSAMP) Protocol Specifications", RFC 5476, March 2009.

Top      Up      ToC       Page 64 
Authors' Addresses

   Thomas Dietz (editor)
   NEC Europe, Ltd.
   NEC Laboratories Europe
   Network Research Division
   Kurfuersten-Anlage 36
   Heidelberg  69115
   DE

   Phone: +49 6221 4342-128
   EMail: Thomas.Dietz@nw.neclab.eu


   Atsushi Kobayashi
   NTT Information Sharing Platform Laboratories
   3-9-11 Midori-cho
   Musashino-shi, Tokyo  180-8585
   JA

   Phone: +81-422-59-3978
   EMail: akoba@nttv6.net


   Benoit Claise
   Cisco Systems, Inc.
   De Kleetlaan 6a b1
   Degem  1831
   BE

   Phone: +32 2 704 5622
   EMail: bclaise@cisco.com


   Gerhard Muenz
   Technische Universitaet Muenchen
   Department of Informatics
   Chair for Network Architectures and Services (I8)
   Boltzmannstr. 3
   Garching  85748
   DE

   Phone: +49 89 289-18008
   EMail: muenz@net.in.tum.de
   URI:   http://www.net.in.tum.de/~muenz