Management Information Base for the Session Initiation Protocol (SIP)
RFC 4780
Document | Type |
RFC
- Proposed Standard
(April 2007)
Was
draft-ietf-sip-mib
(sip WG)
|
|
---|---|---|---|
Authors | Jean-Francois Mule , Joon Maeng , Dave R. Walker , Kevin Lingle | ||
Last updated | 2015-10-14 | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Formats | |||
Additional resources | Mailing list discussion | ||
IESG | Responsible AD | Cullen Fluffy Jennings | |
Send notices to | (None) |
RFC 4780
Global Routing Operations P. Lucente Internet-Draft NTT Updates: 7854 (if approved) Y. Gu Intended status: Standards Track Huawei Expires: 19 September 2024 18 March 2024 Support for Enterprise-specific TLVs in the BGP Monitoring Protocol draft-ietf-grow-bmp-tlv-ebit-05 Abstract Message types defined by the BGP Monitoring Protocol (BMP) do provision for data in TLV - Type, Length, Value - format, either in the shape of a TLV message body, ie. Route Mirroring and Stats Reports, or optional TLVs at the end of a BMP message, ie. Peer Up and Peer Down. However the space for Type value is unique and governed by IANA. To allow the usage of vendor-specific TLVs, a mechanism to define per-vendor Type values is required. In this document we introduce an Enterprise Bit, or E-bit, for such purpose. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on 19 September 2024. Copyright Notice Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components Lucente & Gu Expires 19 September 2024 [Page 1] Internet-Draft BMP TLV EBIT March 2024 extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. TLV encoding . . . . . . . . . . . . . . . . . . . . . . . . 3 3.1. IANA-registered TLV encoding . . . . . . . . . . . . . . 3 3.2. Enterprise-specific TLV encoding . . . . . . . . . . . . 3 3.3. TLV encoding remarks . . . . . . . . . . . . . . . . . . 4 4. Security Considerations . . . . . . . . . . . . . . . . . . . 5 5. Operational Considerations . . . . . . . . . . . . . . . . . 5 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 7.1. Normative References . . . . . . . . . . . . . . . . . . 6 7.2. Informative References . . . . . . . . . . . . . . . . . 7 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 7 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7 1. Introduction The BGP Monitoring Protocol (BMP) is defined in RFC 7854 [RFC7854]. Support for TLV data is extended by TLV support for BMP Route Monitoring and Peer Down Messages [I-D.ietf-grow-bmp-tlv]. Vendors need the ability to define proprietary Information Elements for various reasons such as delivering a pre-standard product. This aligns with Section 4.1 of [RFC8126]. Also for code point assignment to be eligible, an IETF document needs to be adopted at a Working Group and in a stable condition. In this context E-bit helps during early development phases where inter- operability among vendors is tested and shipped to network operators for testing. This aligns with Section 4.2 of [RFC8126]. This document re-defines the format of IANA-registered TLVs in a backward compatible manner with respect to previous documents and existing IANA allocations; it also defines the format for newly introduced enterprise-specific TLVs. The concept of an E-bit, or Enterprise Bit, is not new. For example, such mechanism is defined in Section 3.2 of [RFC7011] for a very similar purpose. Lucente & Gu Expires 19 September 2024 [Page 2] The sipCommonCfgTable table contains some objects that may help attackers gain knowledge about the status and operations of the SIP service. In particular, the object value of sipCommonCfgServiceOperStatus may indicate that the SIP entity is in congested state and may lead attackers to build additional service attacks to overload the system. The sipCommonCfgEntityType object indicates the type of SIP entity, and the sipCommonMethodSupportedTable table contains in the SIP- COMMON-MIB MIB module list of SIP methods supported by each entity in the system. Gaining access to this information may allow attackers to build method-specific attacks or use unsupported methods to create denial-of-service attack scenarios. In the SIP-UA-MIB MIB module, the sipUACfgServerTable contains the address of the SIP servers providing services to the UA, and obtaining this information may disclose some private or sensitive information about the SIP service usage. In the SIP-SERVER-MIB MIB module, the sipServerCfgProxyAuthMethod object defines the authentication methods supported by the server and may be used to build specific denial-of-service attackers targeted at the security mechanisms employed by the SIP entity. SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPsec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this set of MIB modules. It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see RFC 3410 [RFC3410]), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy). Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsi when bility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them. Lingle, et al. Standards Track [Page 79] RFC 4780 SIP MIB Modules April 2007 10. Contributor Acknowledgments We wish to thank the members of the IETF SIP and SIPPING working groups, and the SIP-MIB Design team for their comments and suggestions. Detailed comments were provided by Tom Taylor, Kavitha Patchayappan, Dan Romascanu, Cullen Jennings, Orit Levin, AC Mahendran, Mary Barnes, Rohan Mahy, Bob Penfield, Charles Eckel, and Dean Willis. Special thanks to Bert Wijnen for his expert reviews, which have greatly improved the SIP MIB modules. 11. References 11.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, June 2002. [RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. [RFC2788] Freed, N. and S. Kille, "Network Services Monitoring MIB", RFC 2788, March 2000. [RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks", STD 62, RFC 3411, December 2002. [RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. Schoenwaelder, "Textual Conventions for Internet Network Addresses", RFC 4001, February 2005. Lingle, et al. Standards Track [Page 80] RFC 4780 SIP MIB Modules April 2007 11.2. Informative References [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework", RFC 3410, December 2002. [RFC3262] Rosenberg, J. and H. Schulzrinne, "Reliability of Provisional Responses in Session Initiation Protocol (SIP)", RFC 3262, June 2002. [RFC4168] Rosenberg, J., Schulzrinne, H., and G. Camarillo, "The Stream Control Transmission Protocol (SCTP) as a Transport for the Session Initiation Protocol (SIP)", RFC 4168, October 2005. Lingle, et al. Standards Track [Page 81] RFC 4780 SIP MIB Modules April 2007 Authors' Addresses Kevin Lingle Cisco Systems, Inc. 7025 Kit Creek Road P.O. Box 14987 Research Triangle Park, NC 27709 US Phone: +1 919 476 2029 EMail: klingle@cisco.com Jean-Francois Mule CableLabs 858 Coal Creek Circle Louisville, CO 80027 US Phone: +1 303 661 9100 EMail: jf.mule@cablelabs.com Joon Maeng 5612 Sedona Drive Austin, TX 78759 US Phone: +1 512 418 0590 EMail: jmaeng@austin.rr.com Dave Walker EMail: drwalker@rogers.com Lingle, et al. Standards Track [Page 82] RFC 4780 SIP MIB Modules April 2007 Full Copyright Statement Copyright (C) The IETF Trust (2007). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Acknowledgement Funding for the RFC Editor function is currently provided by the Internet Society. Lingle, et al. Standards Track [Page 83]