Network Working Group H. Lam Request for Comments: 3878 Lucent Technologies Category: Standards Track A. Huynh Cetus Networks D. Perkins SNMPinfo September 2004
Alarm Reporting Control Management Information Base (MIB)
Status of this Memo
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2004).
Abstract
This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in TCP/IP-based internets. In particular, it defines objects for controlling the reporting of alarm conditions.
The scope of this MIB is targeted for network operators responsible for managing the operations of network resources. This document defines an alarm reporting control (ARC) MIB module, which provides a mechanism for a manager to suppress or defer the reporting of alarm conditions based on the resource ID and alarm condition type.
For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410].
Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580].
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14, RFC 2119 [RFC2119].
There is a need to provide a mechanism for controlling the reporting of alarm conditions of resources in a network device. For example, (a) inhibiting the reporting of alarm conditions of a resource until the resource is problem-free, (b) inhibiting the reporting of alarm conditions of a resource for a specified time period, or (c) inhibiting the reporting of alarm conditions of a resource indefinitely until explicitly allowed by the managing system at a later time.
The alarm reporting control (ARC) feature provides an automatic in- service provisioning capability. It allows sufficient time for service setup, customer testing, and other maintenance activities in an "alarm-free" state. Once a resource is "problem-free", alarm reporting can be automatically or manually turned on (i.e., allowed).
Lam, et al. Standards Track [Page 2]
RFC 3878 Alarm Reporting Control MIB September 2004
By putting a network resource in ARC mode, (i.e., in nalm, nalmTI, nalmQI, or nalmQICD states, as described in the MIB), the technicians and managing systems will not be flooded with unnecessary work items during operations activities such as service provisioning and network setup/teardown. This will reduce maintenance costs and improve the operation and maintenance of these systems. Putting a network resource in ARC mode shall not affect the availability of active alarm condition information for potential retrieval.
ITU-T Recommendation M.3100 Amendment 3 [M.3100 Amd3] provides the business requirements, analysis, and design of the Alarm Reporting Control feature.
This document defines the MIB objects to support a subset of the ARC functions described in M.3100 Amd3. In particular, it defines a table that can be used to specify the ARC settings for the resources in a system.
Defined in M.3100 Amendment 3 [M.3100 Amd3], there are five ARC states: alm, nalm, nalmQI, nalmQICD and nalmTI. In the ARC MIB module, the arcState object is defined to model the M.3100 ARC states. Note that the state alm (alarm reporting is allowed) is not listed in the enumeration of the value of this object. However, this state is implicitly supported by the mib. Once a resource enters the normal reporting mode (i.e., into the alm state) for the specified alarm type, the corresponding row will be automatically deleted from the arc table. Also the manual setting of arcState to alm can be achieved through setting the RowStatus object to 'destroy'.
The ARC MIB module defined in this document provides a way to control the reporting of alarm conditions. A set of applicable alarm conditions is defined in ITU-T Recommendation M.3100 [M.3100] and is named "probable causes". These probable causes (alarm conditions) have been included in the IANAItuProbableCause TC, which is defined in the IANA-ITU-ALARM-TC MIB module [RFC3877]. The IANA-ITU-ALARM-TC MIB module is maintained in the IANA web-site [ITUALARMTC]. [RFC3877].
The ARC MIB module defines an IANAItuProbableCauseOrZero TC which can take any value of IANAItuProbableCause or 0. The ARC MIB module further uses IANAItuProbableCauseOrZero to define the ARC settings for the managed resource in the network elements. Specification of objects for defining and storing alarms, including active and history alarms, standing and transient alarms, and alarm notifications are out of the scope of this document.
Lam, et al. Standards Track [Page 3]
RFC 3878 Alarm Reporting Control MIB September 2004
4.1. Relationship between ARC mode and alarm reporting
When the ARC MIB module is used in a managed system, the following rules apply:
For alarm condition raised prior to entering ARC mode, reporting of alarm raised and alarm cleared will be sent as usual.
For alarm condition raised after entering ARC mode and also cleared before exiting ARC mode, no reporting of alarm raised will be sent and no reporting of alarm cleared will be sent.
For alarm condition raised after entering ARC mode and not cleared when exiting ARC mode, the reporting of alarm raised will be deferred until the moment of exiting ARC mode. The reporting of alarm cleared will be sent as usual (i.e., at the time of alarm cleared).
Further details of the ARC function can be found in M.3100 Amd3 [M.3100 Amd3].
IANAItuProbableCauseOrZero ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This TC can take any value of IANAItuProbableCause or 0. IANAItuProbableCause is defined in the IANA-ITU-ALARM-TC module, which is maintained at the IANA web site and published in the Alarm MIB document (see RFC 3877)." REFERENCE "IANA-ITU-ALARM-TC MIB module as maintained at the IANA web site. The initial module was also published in RFC 3877." -- SYNTAX INTEGER (0..2147483647)
arcTITimeInterval OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION
Lam, et al. Standards Track [Page 5]
RFC 3878 Alarm Reporting Control MIB September 2004
"This variable indicates the time interval used for the nalmTI state, in units of second. It is a pre-defined length of time in which the resource will stay in the nalmTI state before transition into the alm state.
Instances of this object SHOULD persist across agent restarts." ::= { arcTimeIntervals 1 }
arcCDTimeInterval OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "This variable indicates the time interval used for the nalmQICD state, in units of second. It is a pre-defined length of time in which the resource will stay in the nalmQICD state before transition into the alm state after it is problem-free.
Instances of this object SHOULD persist across agent restarts." ::= { arcTimeIntervals 2 }
arcTable OBJECT-TYPE SYNTAX SEQUENCE OF ArcEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of Alarm Reporting Control (ARC) settings on the system.
Alarm Reporting Control is a feature that provides an automatic in-service provisioning capability. Alarm reporting is turned off on a per-resource basis for a selective set of potential alarm conditions to allow sufficient time for customer testing and other maintenance activities in an 'alarm free' state. Once a resource is ready for service, alarm reporting is automatically or manually turned on.
Functional description and requirements of Alarm Reporting Control are defined in ITU-T Recommendation M.3100 Amendment 3 [M.3100 Amd3]."
REFERENCE "ITU Recommendation M.3100 Amendment 3, 'Generic Network Information Model', January 2001." ::= { arcObjects 1 }
arcEntry OBJECT-TYPE SYNTAX ArcEntry
Lam, et al. Standards Track [Page 6]
RFC 3878 Alarm Reporting Control MIB September 2004
MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row that contains information about an ARC setting of a resource in the system.
Implementation need to be aware that if the total size of arcIndex and arcNotificationId exceeds 114 sub-IDs, then OIDs of column instances in this table will have more than 128 sub-IDs and cannot be access using SNMPv1, SNMPv2c, or snmpv3."
arcIndex OBJECT-TYPE SYNTAX ResourceId MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object uniquely identifies a resource, which is under the arcState's control for the associated arcAlarmType.
For example, if the resource is an interface, this object will point to an instance of interface, e.g., ifIndex.1." ::= { arcEntry 1 }
arcAlarmType OBJECT-TYPE SYNTAX IANAItuProbableCauseOrZero MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object identifies the alarm condition type controlled by the arcState. It specifies the value 0 or a value of IANAItuProbableCause that is applicable to the resource. IANAItuProbableCause is defined in the IANA-ITU-ALARM-TC module in the Alarm MIB document.
Lam, et al. Standards Track [Page 7]
RFC 3878 Alarm Reporting Control MIB September 2004
The value of zero (0) implies any probable causes that are applicable to the resource. Usually, the applicable probable causes of a resource are specified in the resource-specific mib." ::= { arcEntry 2 }
arcNotificationId OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object identifies the type of notification to be suppressed. The notification type identified should be the one normally used by the resource for reporting its alarms. When the value of 0.0 is specified for this object, it implies all applicable notification types." ::= { arcEntry 3 }
arcState OBJECT-TYPE SYNTAX INTEGER { nalm (1), nalmQI (2), nalmTI (3), nalmQICD (4) } MAX-ACCESS read-create STATUS current DESCRIPTION "Defined in M.3100 Amendment 3 [M.3100 Amd3], there are five ARC states: alm, nalm, nalmQI, nalmQICD, and nalmTI.
alm: Alarm reporting is turned on (i.e., is allowed). nalm: Alarm reporting is turned off (i.e., not allowed). nalmQI: nalm - Qualified Inhibit. Alarm reporting is turned off until the managed entity is qualified problem-free for an optional persistence interval. Problem-free means that the condition corresponding to the specified alarm type is cleared. nalmQICD: nalmQI - Count down. This is a substate of nalmQI and performs the persistence timing countdown function after the managed entity is qualified problem-free. nalmTI: nalm - Timed Inhibit. Alarm reporting is turned off for a specified time interval.
alm may transition to nalm, nalmQI or nalmTI by management request.
nalm may transition to alm, nalmQI or nalmTI by management request.
Lam, et al. Standards Track [Page 8]
RFC 3878 Alarm Reporting Control MIB September 2004
nalmQI may transition to nalm or alm by management request.
nalmQI may transition to alm automatically if qualified problem-free (if nalmQICD is not supported) or if the CD timer expired (if nalmQICD is supported)
nalmTI may transition to alm or nalm by management request.
nalmTI may transition to alm automatically if the TI timer expired.
Further details of ARC state transitions are defined in Figure 3 of M.3100 Amd3 [M.3100 Amd3].
According to the requirements in M.3100 Amd3, a resource supporting the ARC feature shall support the alm state and at least one of the nalm, nalmTI, and nalmQI states. The nalmQICD state is an optional substate of nalmQI.
The arcState object controls the alarm reporting state of a resource. Note that the state alm (alarm reporting is allowed) is not listed in the enumeration of the value of this object. However, this state is implicitly supported by the mib. Once a resource enters the normal reporting mode (i.e., in the alm state) for the specified alarm type, the corresponding row will be automatically deleted from the arc table. Also the manual setting of arcState to alm can be achieved through setting the RowStatus object to 'destroy'.
The nalamQICD state is a transitional state from nalmQI to alm. It is optional depending on the resource type and the implementation of the resource. If it is supported, before the state transitions from nalmQI to alm, a count down period is activated for a duration set by the object arcNalmCDTimeInterval. When the time is up, the arcState transitions to alm."
::= { arcEntry 4 }
arcNalmTimeRemaining OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "This variable indicates the time remaining in the nalmTI state or the nalmQICD state, in units of second.
At the moment the resource enters the nalmTI state, this variable will have the initial value equal to the value of
Lam, et al. Standards Track [Page 9]
RFC 3878 Alarm Reporting Control MIB September 2004
arcNalmTITimeInterval and then starts decrementing as time goes by.
Similarly at the moment the resource enters the nalmQICD state, this variable will have the initial value equal to the value of arcNalmCDTimeInterval and then starts decrementing as time goes by.
This variable is read-create and thus will allow the manager to write (extend or shorten), as needed, the remaining time when the resource is in the nalmTI or nalmQICD state.
If this variable is supported and the resource is currently not in the nalmTI nor nalmQICD state, the value of this variable shall equal to zero." ::= { arcEntry 5 }
arcRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This columnar object is used for creating and deleting a conceptual row of the arcTable. It is used to create and delete an arc setting.
Setting RowStatus to createAndGo or createAndWait implies creating a new ARC setting for the specified resource and alarm type. Setting RowStatus to destroy implies removing the ARC setting and thus has the effect of resuming normal reporting behaviour of the resource for the alarm type.
Only the objects arcState, arcNalmTimeRemaining, and arcRowStatus can be updated when a row is active. All the objects, except arcNalmTimeRemaining, must be set before the row can be activated." ::= { arcEntry 6 }
arcStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for this conceptual row. Conceptual rows having the value 'permanent' must allow write-access at a minimum to arcState. Note that arcState must allow change by management request. Therefore, no row can be created with 'readOnly'. If a set operation tries to set the value to 'readOnly', then an 'inconsistentValue' error must be returned." DEFVAL { nonVolatile }
Lam, et al. Standards Track [Page 10]
RFC 3878 Alarm Reporting Control MIB September 2004
::= { arcEntry 7}
-------------------------- -- conformance information --------------------------
arcCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for systems supporting the ARC MIB module."
MODULE -- this module MANDATORY-GROUPS { arcSettingGroup }
OBJECT arcStorageType WRITE-SYNTAX StorageType { volatile(2), nonVolatile(3), permanent(4) } DESCRIPTION "Support for value 'other' is not required. The arcState object must allow change by management request. Therefore, no row can be created with 'readOnly'."
GROUP arcTIGroup DESCRIPTION "This group is REQUIRED for ARC settings that provide the Time Inhibit (TI) function."
GROUP arcQICDGroup DESCRIPTION "This group is REQUIRED for ARC settings that provide the Quality Inhibit (QI) Count Down (CD) function."
RFC 3878 Alarm Reporting Control MIB September 2004
arcSettingGroup OBJECT-GROUP OBJECTS { arcState, arcRowStatus, arcStorageType } STATUS current DESCRIPTION "A collection of objects applicable to basic ARC setting." ::= { arcGroups 1}
arcTIGroup OBJECT-GROUP OBJECTS { arcTITimeInterval, arcNalmTimeRemaining } STATUS current DESCRIPTION "A collection of objects applicable to ARC setting that support the Time Inhibit (TI) function." ::= { arcGroups 2}
arcQICDGroup OBJECT-GROUP OBJECTS { arcCDTimeInterval, arcNalmTimeRemaining } STATUS current DESCRIPTION "A collection of objects applicable to ARC setting that support the Quality Inhibit (QI) Count Down (CD) function." ::= { arcGroups 3}
END
Lam, et al. Standards Track [Page 12]
RFC 3878 Alarm Reporting Control MIB September 2004
There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. These are the tables and objects and their sensitivity/vulnerability:
Setting these objects may have disruptive effects on network operation that range from omission of alarm notifications to flooding of unwanted alarm notifications from the network. The consequence of suppressing or deferring the reporting of an alarm can prevent the timely delivery of important diagnostic information, including information that can help identify an attack.
Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability:
Reading these objects will provide information about the setting which affects alarm notification generation.
SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPSec), there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module.
Lam, et al. Standards Track [Page 13]
RFC 3878 Alarm Reporting Control MIB September 2004
It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy).
Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them.
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet-Standard Management Framework", RFC 3410, December 2002.
Copyright (C) The Internet Society (2004). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf- ipr@ietf.org.
Acknowledgement
Funding for the RFC Editor function is currently provided by the Internet Society.