RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 1 record.

Status: Verified (1)

RFC 4807, "IPsec Security Policy Database Configuration MIB", March 2007

Source of RFC: IETF - NON WORKING GROUP
Area Assignment: sec

Errata ID: 3046

Status: Verified
Type: Editorial

Reported By: Paul Clark
Date Reported: 2011-12-08
Verifier Name: Sean Turner
Date Verified: 2012-08-15

Section 5 & 5.1.2 says:

s5:

The filter section of the MIB module is composed of the different
types of filters in the Policy Model.  It is made up of the
spdTrueFilter, spdCompoundFilterTable, spdSubfiltersTable,
spdIpHeaderFilterTable, spdIpOffsetFilterTable, spdTimeFilterTable,
spdIpsoHeaderFilterTable.

s5.1.2, paragraph 9:

SpdIpHeaderFilterEntry(spdIpHeadFiltName = "192.0.2.6")
     = (spdIpHeadFiltType            = 0x80,        -- sourceAddress
        spdIpHeadFiltIPVersion       = 1,           -- IPv4
        spdIpHeadFiltSrcAddressBegin = 0xC0000206,  -- 192.0.2.6
        spdIpHeadFiltSrcAddressEnd   = 0xC0000206,  -- 192.0.2.6
        spdIpHeadFiltRowStatus       = 4)           -- createAndGo

It should say:

s5:

The filter section of the MIB module is composed of the different
types of filters in the Policy Model.  It is made up of the
spdTrueFilter, spdCompoundFilterTable, spdSubfiltersTable,
spdIpOffsetFilterTable, spdTimeFilterTable, and spdIpsoHeaderFilterTable.

s5.1.2, paragraph 9:

SpdIpOffsetHeaderFilterEntry(ipspIpOffFiltName = "192.0.2.6")
     = (spdIpOffFiltOffset           = 0x0b         -- sourceAddress
        spdIpOffFiltType             = 1            -- valueMatch
        spdIpOffFiltValue            = 0xb0000206   -- 192.0.2.6
        spdIpOffFiltRowStatus        = 4)           -- createAndGo

Notes:

The text quoted includes spdIpHeaderFitlerTable, but it does not exist in the MIB definition in Section 6. In addition, spdIpHeaderFilterTable is referenced in the tutorial of Section 5.1.2. This oversight is either a large editorial oversight in Section 5 or a large technical oversight in Section 6.

After discussions with the authors, spdIpHeaderFitlerEntry needs to be removed from s5 and the spdIpHeaderFitlerTable example in s5.1.2 needs to be amended.

Report New Errata