1 / 9

An SNMP Usage for RELOAD draft-peng-p2psip-snmp-03 IETF #82

An SNMP Usage for RELOAD draft-peng-p2psip-snmp-03 IETF #82. Yonglin PENG, Wei WANG , Zhenwu Hao, Yu MENG {peng.yonglin,wang.wei108,hao.zhenwu,meng.yu}@zte.com.cn. Changes on draft-peng-p2psip-snmp-02. Revised to use SNMPv3 structure Show the relationship between SNMP application and RELOAD

amos
Download Presentation

An SNMP Usage for RELOAD draft-peng-p2psip-snmp-03 IETF #82

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An SNMP Usage for RELOADdraft-peng-p2psip-snmp-03IETF #82 Yonglin PENG, Wei WANG, Zhenwu Hao, Yu MENG {peng.yonglin,wang.wei108,hao.zhenwu,meng.yu}@zte.com.cn

  2. Changes on draft-peng-p2psip-snmp-02 • Revised to use SNMPv3 structure • Show the relationship between SNMP application and RELOAD • Use SNMPv3 security models • Use SNMP (D)TLS secure model • Other minor changes • Terminology • Requirements

  3. Position of SNMP Application +------------------------------------------+ | SNMP Usage | | | | +------------+ +------------+ | | | SNMP | |SNMP-RELOAD | | | |applications|<---------->|application | | | | | | | | | +------------+ +------------+ | | ^ ^ | +------|--------------------------|--------+ | | | | v v +-----------+ +------------+ | SNMP | | RELOAD | | Engine | | (M/O-Node) | |(with DTLS)| | | +-----------+ +------------+

  4. Relationship between SNMP usage and RELOAD • SNMP applications • Generates commands and receive messages • Legacy SNMP application with knowledge of RELOAD Node/Resource ID • SNMP-RELOAD application • Handles translation from RELOAD IDs to IP addresses • RELOAD protocol stack • Use AppAttach to setup links • Use Fetch to find corresponding NodeIDs. • SNMP Engine • Legacy SNMP Engine with little modifications

  5. SNMP-RELOAD Interactions +---------------------------------------+ +-----------------------+ |Entity 1 | | Entity 2 | | SNMP SNMP-RELOAD RELOAD | | RELOAD SNMP-RELOAD| |applications application M/O-Node | | O/M-Node application| +---------------------------------------+ +-----------------------+ |getAddressForNode | | | |------------->| | | | | +---------------+ | | | | |Get ICE ufrag/ | | | | | |password from | | | | | |LCD, collect | | | | | |candidate | | | | | |address list | | | | | +---------------+ | | | | |exchangeCandidateAddressList | | | |------------->| | | | | | AppAttach | exchangeCandidateAddressList | | |<------------>|<------------>| | |exchangeCandidateAddressList | | | |<-------------| | | | | ICE Check | | | | |<------------------------------------------>| | +----------------+ | | | | |Select available| | | | | |address from | | | | | |candidate list | | | | | +----------------+ | | | |returnAddressForNode | | | |<-------------| | | |

  6. Security Considerations • Use SNMPv3 (D)TLS security model RFC5953 • SnmpEngineID is derived from RELOAD NodeID or ResourceID • Use RELOAD user name and certifications for (D)TLS link setup

  7. Remaining Issues +-------------------------------------------------------------------+ | +--------------------------------------------------+ | | | Transport Subsystem | +--------+ | | | +-----+ +-----+ +-------+ +-------+ | | | | | | | UDP | | SSH | |(D)TLS | . . . | other |<--->| Cache | | | | | | | TM | | TM | | | | | | | | | +-----+ +-----+ +-------+ +-------+ | +--------+ | | +--------------------------------------------------+ ^ | | | | | | Dispatcher v | | | +--------------+ +---------------------+ +----------------+ | | | | Transport | | Message Processing | | Security | | | | | Dispatch | | Subsystem | | Subsystem | | | | | | | +------------+ | | +------------+ | | | | | | | +->| v1MP |<--->| | USM | | | | | | | | | +------------+ | | +------------+ | | | | | | | | +------------+ | | +------------+ | | | | | | | +->| v2cMP |<--->| | Transport | | | | | | Message | | | +------------+ | | | Security |<--+ | | | Dispatch <---->| +------------+ | | | Model | | | | | | | +->| v3MP |<--->| +------------+ | | | | | | | +------------+ | | +------------+ | | | | PDU Dispatch | | | +------------+ | | | Other | | | | +--------------+ | +->| otherMP |<--->| | Model(s) | | | | ^ | +------------+ | | +------------+ | | | | +---------------------+ +----------------+ | | v | | +-------+-------------------------+---------------+ | | v v v | | +-------------+ +---------+ +--------------+ +-------------+ | | | COMMAND | | ACCESS | | NOTIFICATION | | PROXY | | | | RESPONDER |<->| CONTROL |<->| ORIGINATOR | | FORWARDER | | | | application | | | | applications | | application | | | +-------------+ +---------+ +--------------+ +-------------+ | | v v | | +----------------------------------------------+ | | | MIB instrumentation | SNMP entity | +-------------------------------------------------------------------+ • AppAttach handling • Case 1: AppAttach only returns candidate IP addresses • Case 2: AppAttach handles (D)TLS links • Future MIB definitions

  8. Next Steps • Get more comments from SNMP and P2PSIP WG • Improve presentation to make it clear to both SNMP and P2PSIP community • Define RELOAD MIBs if necessary

  9. Q&A Thanks!

More Related