MALLOC Working Group Dave Thaler INTERNET-DRAFT Microsoft Expires December 1999 18 June 1999 Multicast Address Allocation MIB Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Copyright Notice Copyright (C) The Internet Society (1999). All Rights Reserved. 1. Abstract This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects used for managing multicast address allocation. Expires December 1999 [Page 1] Draft Multicast Address Allocation MIB June 1999 2. Introduction This document defines a Management Information Base (MIB) used for managing multicast address allocation in a protocol-independent manner, as well as managing specific protocols used in allocating multicast addresses. The protocol-independent objects in this MIB apply to all multicast address allocation servers (MAASs) and clients, as described in [20]. The protocol-specific objects in this MIB include objects related to the Multicast Address Dynamic Client Allocation Protocol (MADCAP) [17], and the multicast Address Allocation Protocol (AAP) [18]. Interactions with the Multicast-scope Zone Announcement Protocol (MZAP) [19] are also noted where appropriate. 3. The SNMP Network Management Framework The SNMP Management Framework presently consists of five major components: o An overall architecture, described in RFC 2571 [1]. o Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in RFC 1155 [2], RFC 1212 [3] and RFC 1215 [4]. The second version, called SMIv2, is described in RFC 2578 [5], RFC 2579 [6] and RFC 2580 [7]. o Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in RFC 1157 [8]. A second version of the SNMP message protocol, which is not an Internet standards track protocol, is called SNMPv2c and described in RFC 1901 [9] and RFC 1906 [10]. The third version of the message protocol is called SNMPv3 and described in RFC 1906 [10], RFC 2572 [11] and RFC 2574 [12]. o Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described in RFC 1157 [8]. A second set of protocol operations and associated PDU formats is described in RFC 1905 [13]. o A set of fundamental applications described in RFC 2573 [14] and the view-based access control mechanism described in RFC 2575 [15]. Expires December 1999 [Page 2] Draft Multicast Address Allocation MIB June 1999 Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the mechanisms defined in the SMI. This memo specifies a MIB module that is compliant to the SMIv2. A MIB conforming to the SMIv1 can be produced through the appropriate translations. The resulting translated MIB must be semantically equivalent, except where objects or events are omitted because no translation is possible (use of Counter64). Some machine readable information in SMIv2 will be converted into textual descriptions in SMIv1 during the translation process. However, this loss of machine readable information is not considered to change the semantics of the MIB. 3.1. Object Definitions Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the subset of Abstract Syntax Notation One (ASN.1) defined in the SMI. In particular, each object type is named by an OBJECT IDENTIFIER, an administratively assigned name. The object type together with an object instance serves to uniquely identify a specific instantiation of the object. For human convenience, we often use a textual string, termed the descriptor, to refer to the object type. 4. Overview The purpose of this MIB is to provide the ability to configure and monitor the status of multicast address allocation within the local domain. Some important monitoring questions which can be answered by this MIB include: o How full is scope X? o Who's using up the space? o Who allocated the address A.B.C.D? o Are requests being met? This MIB module is divided into three primary sections: Expires December 1999 [Page 3] Draft Multicast Address Allocation MIB June 1999 o Protocol-independent objects relevant to all multicast address allocation servers and clients. o Protocol-specific objects related to the MADCAP client-server protocol. o Protocol-specific objects related to the AAP server-server protocol. 4.1. Protocol-independent objects The protocol-independent objects consist of one scalar and six tables. The tables are: o The Scope Table contains information on the multicast scopes known to a multicast address allocation server. This table allows configuring scopes, and viewing what scopes are known to the local system after being configured elsewhere. o The Scope Name Table contains the names of the multicast scopes. This table logically extends the Scope Table with the list of scope names for each scope. o The Allocation Range Table contains the address ranges out of which the local machine may allocate addresses. It also allows answering the questions "How full is scope X?" and "Are requests being met?" o The Exclusion Table contains sub-ranges which are excluded from being allocated. o The Request Table contains the requests for address allocations, and allows answering the question "Who's using up the space?" o The Address Table contains the blocks of addresses which have been allocated, and together with the Request Table, allows answering the question "Who allocated the address A.B.C.D?" 4.2. Protocol-specific objects The MADCAP objects consist of a group of (scalar) configuration parameters, and a group of (scalar) statistics. The AAP objects consist of a group of (scalar) configuration parameters, Expires December 1999 [Page 4] Draft Multicast Address Allocation MIB June 1999 a trap, and the Public Key Table, which contains the public keys of other trusted servers. 5. Definitions MALLOC-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, OBJECT-IDENTITY, mib-2, NOTIFICATION-TYPE, BITS, Unsigned32, Gauge32, Counter32 FROM SNMPv2-SMI RowStatus, DisplayString, TruthValue, TEXTUAL-CONVENTION FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF SnmpAdminString FROM SNMP-FRAMEWORK-MIB; mallocMIB MODULE-IDENTITY LAST-UPDATED "9906181200Z" -- June 18, 1999 ORGANIZATION "IETF MALLOC Working Group" CONTACT-INFO " Dave Thaler Microsoft Corporation One Microsoft Way Redmond, WA 98052-6399 EMail: dthaler@dthaler.microsoft.com" DESCRIPTION "The MIB module for management of Multicast Address Allocation Servers." REVISION "9906181200Z" -- June 18, 1999 DESCRIPTION "Initial version." ::= { mib-2 XXX } -- to be assigned by IANA mallocMIBObjects OBJECT IDENTIFIER ::= { mallocMIB 1 } malloc OBJECT IDENTIFIER ::= { mallocMIBObjects 1 } madcap OBJECT IDENTIFIER ::= { mallocMIBObjects 2 } Expires December 1999 [Page 5] Draft Multicast Address Allocation MIB June 1999 aap OBJECT IDENTIFIER ::= { mallocMIBObjects 3 } -- -- Textual Conventions -- GenericIpAddress ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The textual convention for specifying an IP host address. The type of address can be determined by the octet string length: OCTETs ADDRESS TYPE 4 ipv4 16 ipv6" SYNTAX OCTET STRING (SIZE (4|16)) -- -- scalars -- mallocCapabilities OBJECT-TYPE SYNTAX BITS { startTime(0), serverMobility(1), retryAfter(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object describes the capabilities which a client or server supports. The startTime bit indicates that allocations with a future start time are supported. The serverMobility bit indicates that allocations can be renewed or released from a server other than the one granting the original allocation. The retryAfter bit indicates support for a waiting state whether the client may check back at a later time to get the status of its request." ::= { malloc 1 } -- -- the Scope Table -- -- Entries in this table may be dynamically discovered via -- some other protocol, such as MZAP, or may be statically Expires December 1999 [Page 6] Draft Multicast Address Allocation MIB June 1999 -- configured, such as in an isolated network environment. -- mallocScopeTable OBJECT-TYPE SYNTAX SEQUENCE OF MallocScopeEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The (conceptual) table containing information on multicast scopes from which addresses may be allocated." ::= { malloc 2 } mallocScopeEntry OBJECT-TYPE SYNTAX MallocScopeEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (conceptual row) containing the information on a particular multicast scope." INDEX { mallocScopeFirstAddress } ::= { mallocScopeTable 1 } MallocScopeEntry ::= SEQUENCE { mallocScopeFirstAddress GenericIpAddress, mallocScopeLastAddress GenericIpAddress, mallocScopeTTL INTEGER, mallocScopeStatus RowStatus, mallocScopeSource INTEGER, mallocScopeDivisible TruthValue, mallocScopeServerAddress GenericIpAddress } mallocScopeFirstAddress OBJECT-TYPE SYNTAX GenericIpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The first address in the multicast scope range." ::= { mallocScopeEntry 1 } mallocScopeLastAddress OBJECT-TYPE SYNTAX GenericIpAddress MAX-ACCESS read-create STATUS current DESCRIPTION Expires December 1999 [Page 7] Draft Multicast Address Allocation MIB June 1999 "The last address in the multicast scope range." ::= { mallocScopeEntry 2 } mallocScopeTTL OBJECT-TYPE SYNTAX INTEGER (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The IPv4 TTL (or IPv6 hop limit) which applications should use for groups within the scope." DEFVAL { 255 } ::= { mallocScopeEntry 3 } mallocScopeStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row, by which new entries may be created, or old entries deleted from this table." ::= { mallocScopeEntry 9 } mallocScopeSource OBJECT-TYPE SYNTAX INTEGER { other(1), manual(2), mzap(3), madcap(4) } MAX-ACCESS read-only STATUS current DESCRIPTION "The method by which this entry was learned." ::= { mallocScopeEntry 12 } mallocScopeDivisible OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "If false, the server may allocate addresses out of the entire range. If true, the server must not allocate addresses out of the entire range, but may only allocate addresses out of a subrange learned via another method such as AAP. Creating or deleting a scope which is not divisible Expires December 1999 [Page 8] Draft Multicast Address Allocation MIB June 1999 has the side effect of creating or deleting the corresponding entry in the mallocAllocRangeTable." DEFVAL { false } ::= { mallocScopeEntry 13 } mallocScopeServerAddress OBJECT-TYPE SYNTAX GenericIpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The address of a multicast address allocation server to which a request may be sent. The default value is an address of all zeros, indicating that no server is known." ::= { mallocScopeEntry 14 } -- -- the Scope Name Table -- -- Entries in this table may be dynamically discovered via -- some other protocol, such as MZAP, or may be statically -- configured, such as in an isolated network environment. -- mallocScopeNameTable OBJECT-TYPE SYNTAX SEQUENCE OF MallocScopeNameEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The (conceptual) table containing information on multicast scope names." ::= { malloc 3 } mallocScopeNameEntry OBJECT-TYPE SYNTAX MallocScopeNameEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (conceptual row) containing the information on a particular multicast scope name." INDEX { mallocScopeFirstAddress, IMPLIED mallocScopeNameLangName } ::= { mallocScopeNameTable 1 } Expires December 1999 [Page 9] Draft Multicast Address Allocation MIB June 1999 MallocScopeNameEntry ::= SEQUENCE { mallocScopeNameLangName DisplayString, mallocScopeNameScopeName SnmpAdminString, mallocScopeNameDefault INTEGER, mallocScopeNameStatus RowStatus } mallocScopeNameLangName OBJECT-TYPE SYNTAX DisplayString (SIZE(1..255)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The RFC 1766 language tag for the language of the scope name." ::= { mallocScopeNameEntry 1 } mallocScopeNameScopeName OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "The UTF-8 encoding of the scope name." ::= { mallocScopeNameEntry 2 } mallocScopeNameDefault OBJECT-TYPE SYNTAX INTEGER { true(1), false(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates whether this name should be used if no scope name exists in a client's preferred language." DEFVAL { false } ::= { mallocScopeNameEntry 3 } mallocScopeNameStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row, by which new entries may be created, or old entries deleted from this table." ::= { mallocScopeNameEntry 4 } Expires December 1999 [Page 10] Draft Multicast Address Allocation MIB June 1999 -- -- the Allocation Range Table -- mallocAllocRangeTable OBJECT-TYPE SYNTAX SEQUENCE OF MallocAllocRangeEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The (conceptual) table containing information on subranges of addresses from which the local machine may allocate addresses." ::= { malloc 4 } mallocAllocRangeEntry OBJECT-TYPE SYNTAX MallocAllocRangeEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (conceptual row) containing the information on a particular allocation range." INDEX { mallocScopeFirstAddress, mallocAllocRangeFirstAddress } ::= { mallocAllocRangeTable 1 } MallocAllocRangeEntry ::= SEQUENCE { mallocAllocRangeFirstAddress GenericIpAddress, mallocAllocRangeLastAddress GenericIpAddress, mallocAllocRangeStatus RowStatus, mallocAllocRangeSource INTEGER, mallocAllocRangeLifetime Unsigned32, mallocAllocRangeMaxLeaseAddrs Unsigned32, mallocAllocRangeMaxLeaseTime Unsigned32, mallocAllocRangeNumAllocatedAddrs Gauge32, mallocAllocRangeNumOfferedAddrs Gauge32, mallocAllocRangeNumWaitingAddrs Gauge32, mallocAllocRangeNumTryingAddrs Gauge32 } mallocAllocRangeFirstAddress OBJECT-TYPE SYNTAX GenericIpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The first address in the allocation range." ::= { mallocAllocRangeEntry 1 } Expires December 1999 [Page 11] Draft Multicast Address Allocation MIB June 1999 mallocAllocRangeLastAddress OBJECT-TYPE SYNTAX GenericIpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The last address in the allocation range." ::= { mallocAllocRangeEntry 2 } mallocAllocRangeStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row, by which new entries may be created, or old entries deleted from this table." ::= { mallocAllocRangeEntry 3 } mallocAllocRangeSource OBJECT-TYPE SYNTAX INTEGER { other(1), manual(2), aap(3) } MAX-ACCESS read-create STATUS current DESCRIPTION "The means by which this entry was learned." ::= { mallocAllocRangeEntry 4 } mallocAllocRangeLifetime OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The number of seconds remaining in the lifetime of the (sub)range out of which addresses are being allocated. A value of 0 indicates that the range is not subject to aging." DEFVAL { 0 } ::= { mallocAllocRangeEntry 5 } mallocAllocRangeMaxLeaseAddrs OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum number of addresses which the server is willing to grant for a single lease in this range. A value of 0 Expires December 1999 [Page 12] Draft Multicast Address Allocation MIB June 1999 means that no specific limit is enforced, as long as the server has valid addresses to allocate." DEFVAL { 0 } ::= { mallocAllocRangeEntry 6 } mallocAllocRangeMaxLeaseTime OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum lifetime for which the server will grant for an lease in this range. A value of 0 means that no additional limit is enforced beyond that of mallocAllocRangeLifetime." DEFVAL { 0 } ::= { mallocAllocRangeEntry 7 } mallocAllocRangeNumAllocatedAddrs OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of addresses in the range which have been allocated. This value can be used to determine the current address space utilization within the scoped range. This should match the total number of addresses for this scope covered by entries in the mallocAddressTable." ::= { mallocAllocRangeEntry 8 } mallocAllocRangeNumOfferedAddrs OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of addresses in the range which have been offered. This number should match the sum of mallocRequestNumAddrs for all entries in the mallocRequestTable in the offered state. Together with mallocAllocRangeNumAllocatedAddrs and mallocAllocRangeNumTryingAddrs, this can be used to determine the address space utilization within the scoped range in the immediate future." ::= { mallocAllocRangeEntry 9 } mallocAllocRangeNumWaitingAddrs OBJECT-TYPE Expires December 1999 [Page 13] Draft Multicast Address Allocation MIB June 1999 SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of addresses in the range which have been requested, but whose state is waiting, while the server attempts to acquire more address space." ::= { mallocAllocRangeEntry 10 } mallocAllocRangeNumTryingAddrs OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of addresses in the scope covered by entries in the mallocRequestTable in the trying state." ::= { mallocAllocRangeEntry 11 } -- -- the Exclusion Table -- -- Entries in this table may be dynamically discovered via -- some other protocol, such as AAP, or may be statically -- configured, such as in an isolated network environment. -- mallocScopeExclusionTable OBJECT-TYPE SYNTAX SEQUENCE OF MallocScopeExclusionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The (conceptual) table containing information on subranges of addresses which are excluded from allocation from within scoped ranges." ::= { malloc 5 } Expires December 1999 [Page 14] Draft Multicast Address Allocation MIB June 1999 mallocScopeExclusionEntry OBJECT-TYPE SYNTAX MallocScopeExclusionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (conceptual row) containing the information on a particular exclusion range for a particular scope." INDEX { mallocScopeFirstAddress, mallocScopeExclusionFirstAddress } ::= { mallocScopeExclusionTable 1 } MallocScopeExclusionEntry::= SEQUENCE { mallocScopeExclusionFirstAddress GenericIpAddress, mallocScopeExclusionLastAddress GenericIpAddress, mallocScopeExclusionStatus RowStatus, mallocScopeExclusionSource INTEGER } mallocScopeExclusionFirstAddress OBJECT-TYPE SYNTAX GenericIpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The first address in the excluded range." ::= { mallocScopeExclusionEntry 1 } mallocScopeExclusionLastAddress OBJECT-TYPE SYNTAX GenericIpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The last address in the excluded range." ::= { mallocScopeExclusionEntry 2 } mallocScopeExclusionStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row, by which new entries may be created, or old entries deleted from this table." ::= { mallocScopeExclusionEntry 3 } mallocScopeExclusionSource OBJECT-TYPE SYNTAX INTEGER { Expires December 1999 [Page 15] Draft Multicast Address Allocation MIB June 1999 other(1), manual(2), aapaitu(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The means by which this entry was learned. A value of aapaitu means the range is excluded because the range was specified in an AAP AITU message received." ::= { mallocScopeExclusionEntry 4 } -- -- the Request Table -- -- Entries in this table reflect requests dynamically received -- by an address allocation protocol. -- mallocRequestTable OBJECT-TYPE SYNTAX SEQUENCE OF MallocRequestEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The (conceptual) table containing information on allocation requests, whether allocated or in progress. This table may also be used to determine which clients are responsible for high address space utilization within a given scope." ::= { malloc 6 } mallocRequestEntry OBJECT-TYPE SYNTAX MallocRequestEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (conceptual row) containing the information on a particular allocation request." INDEX { IMPLIED mallocRequestGuid } ::= { mallocRequestTable 1 } MallocRequestEntry ::= SEQUENCE { mallocRequestGuid OCTET STRING, mallocRequestScopeFirstAddress GenericIpAddress, mallocRequestStartTime Unsigned32, mallocRequestEndTime Unsigned32, Expires December 1999 [Page 16] Draft Multicast Address Allocation MIB June 1999 mallocRequestNumAddrs Unsigned32, mallocRequestState INTEGER, mallocRequestClientAddress GenericIpAddress, mallocRequestServerAddress GenericIpAddress } mallocRequestGuid OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..255)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The unique Lease Identifier of this request." ::= { mallocRequestEntry 1 } mallocRequestScopeFirstAddress OBJECT-TYPE SYNTAX GenericIpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The first address of the scope to which the request applies. This must match mallocScopeFirstAddress for some row in the mallocScopeTable." ::= { mallocRequestEntry 2 } mallocRequestStartTime OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of seconds remaining before the start time of the request. A value of 0 means that the allocation is currently in effect." ::= { mallocRequestEntry 3 } mallocRequestEndTime OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of seconds remaining before the end time of the request." ::= { mallocRequestEntry 4 } Expires December 1999 [Page 17] Draft Multicast Address Allocation MIB June 1999 mallocRequestNumAddrs OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of addresses requested. If the addresses have been allocated, this number should match the total number of addresses for this request covered by entries in the mallocAddressTable." ::= { mallocRequestEntry 5 } mallocRequestState OBJECT-TYPE SYNTAX INTEGER { allocated(1), offered(2), -- tentatively allocated waiting(3), -- waiting for more space trying(4) -- working on allocating } MAX-ACCESS read-only STATUS current DESCRIPTION "The state of the request. A value of allocated indicates that one or more entries for this request are present in the mallocAddressTable. A value of offered indicates that addresses have been offered to the client (e.g. via a MADCAP OFFER message), but the allocation has not been committed. A value of waiting indicates that the allocation is blocked while the server attempts to acquire more space from which it can allocate addresses. A value of trying means that no addresses have been offered to the client, but that an attempt to allocate is in progress (e.g. via an AAP ACLM message for a server, or a MADCAP REQUEST message without a previous OFFER for a client)." ::= { mallocRequestEntry 6 } mallocRequestClientAddress OBJECT-TYPE SYNTAX GenericIpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The address of the client to which this allocation was (last) granted." ::= { mallocRequestEntry 7 } mallocRequestServerAddress OBJECT-TYPE Expires December 1999 [Page 18] Draft Multicast Address Allocation MIB June 1999 SYNTAX GenericIpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The address of the server to which the request was (last) sent." ::= { mallocRequestEntry 8 } -- -- the Address Table -- mallocAddressTable OBJECT-TYPE SYNTAX SEQUENCE OF MallocAddressEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The (conceptual) table containing information on blocks of allocated addresses. This table may be used to map a given multicast group address to the associated request." ::= { malloc 7 } mallocAddressEntry OBJECT-TYPE SYNTAX MallocAddressEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (conceptual row) containing the information on a particular block of allocated addresses." INDEX { mallocAddressFirstAddress } ::= { mallocAddressTable 1 } MallocAddressEntry ::= SEQUENCE { mallocAddressFirstAddress GenericIpAddress, mallocAddressNumAddrs Unsigned32, mallocAddressRequestGuid OCTET STRING } mallocAddressFirstAddress OBJECT-TYPE SYNTAX GenericIpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The first address in the allocated block." ::= { mallocAddressEntry 1 } Expires December 1999 [Page 19] Draft Multicast Address Allocation MIB June 1999 mallocAddressNumAddrs OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of addresses in the allocated block." ::= { mallocAddressEntry 2 } mallocAddressRequestGuid OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "The unique identifier of the request which caused this block of addresses to be allocated. This value must match the value of mallocRequestGuid for some entry in the mallocRequestTable." ::= { mallocAddressEntry 3 } -- -- MADCAP-specific objects -- madcapConfig OBJECT-IDENTITY STATUS current DESCRIPTION "Group of objects that count various MADCAP events." ::= { madcap 1 } madcapConfigExtraAllocationTime OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The amount of extra time on either side of a lease which the MADCAP server allocates to allow for clock skew among clients." ::= { madcapConfig 1 } madcapConfigNoResponseDelay OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-write STATUS current Expires December 1999 [Page 20] Draft Multicast Address Allocation MIB June 1999 DESCRIPTION "The amount of time the MADCAP client allows for receiving a response from a MADCAP server." ::= { madcapConfig 2 } madcapConfigOfferHold OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The amount of time the MADCAP server will reserve an address for after sending an OFFER message in anticipation of receiving a REQUEST message." ::= { madcapConfig 3 } madcapConfigResponseCacheInterval OBJECT-TYPE SYNTAX INTEGER (0..300) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The amount of time the MADCAP server uses to detect duplicate messages." ::= { madcapConfig 4 } madcapConfigClockSkewAllowance OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The clock skew threshold used by the MADCAP server to generate Excessive Clock Skew errors." ::= { madcapConfig 5 } madcapCounters OBJECT-IDENTITY STATUS current DESCRIPTION "A group of objects that count various MADCAP events." ::= { madcap 2 } madcapCountTotalErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only Expires December 1999 [Page 21] Draft Multicast Address Allocation MIB June 1999 STATUS current DESCRIPTION "The total number of transactions for which the MADCAP server has detected an error of any type, regardless of whether the server ignored the request or generated a NAK." ::= { madcapCounters 1 } madcapCountRequestsDenied OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of valid requests for which the MADCAP server could not complete an allocation, regardless of whether NAKs were sent. This corresponds to the Valid Request Could Not Be Completed error code in MADCAP." ::= { madcapCounters 2 } madcapCountInvalidRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of invalid requests received by the MADCAP server, regardless of whether NAKs were sent. This corresponds to the Invalid Request error code in MADCAP." ::= { madcapCounters 3 } madcapCountExcessiveClockSkews OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of requests received by the MADCAP server with an excessive clock skew, regardless of whether NAKs were sent. This corresponds to the Excessive Clock Skew error code in MADCAP." ::= { madcapCounters 4 } madcapCountBadLeaseIds OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of requests received by the MADCAP server with Expires December 1999 [Page 22] Draft Multicast Address Allocation MIB June 1999 an unrecognized Lease Identifier, regardless of whether NAKs were sent. This corresponds to the Lease Identifier Not Recognized error code in MADCAP." ::= { madcapCounters 5 } madcapCountDiscovers OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of DISCOVER messages received by the MADCAP server." ::= { madcapCounters 6 } madcapCountInforms OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of INFORM messages received by the MADCAP server." ::= { madcapCounters 7 } madcapCountRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of REQUEST messages received by the MADCAP server." ::= { madcapCounters 8 } madcapCountRenews OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RENEW messages received by the MADCAP server." ::= { madcapCounters 9 } madcapCountReleases OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current Expires December 1999 [Page 23] Draft Multicast Address Allocation MIB June 1999 DESCRIPTION "The number of RELEASE messages received by the MADCAP server." ::= { madcapCounters 10 } aapConfig OBJECT-IDENTITY STATUS current DESCRIPTION "A group of objects that for configuring various AAP parameters." ::= { aap 1 } aapConfigSetRepeatInterval OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "SET-REPEAT-INTERVAL" ::= { aapConfig 1 } aapConfigDefaultRTT OBJECT-TYPE SYNTAX Unsigned32 UNITS "milliseconds" MAX-ACCESS read-write STATUS current DESCRIPTION "An approximation of the largest propagation delay across the domain and back. This is the DEFAULT-RTT parameter in AAP." ::= { aapConfig 2 } aapConfigASAInterval OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The rate at which the AAP speaker will send ASA messages containing address ranges for use by allocation servers in the local domain. This is the ASA-INTERVAL parameter in AAP. A value of 0 means that ASA messages will not be sent." ::= { aapConfig 3 } aapConfigBaseRate OBJECT-TYPE Expires December 1999 [Page 24] Draft Multicast Address Allocation MIB June 1999 SYNTAX Unsigned32 UNITS "bytes per second" MAX-ACCESS read-write STATUS current DESCRIPTION "The approximate background rate for announcement traffic within a domain with a significant number of addresses allocated. This is the BASE-RATE parameter used by AAP." ::= { aapConfig 4 } aapConfigPoolSize OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "The number of addresses the AAP speaker will attempt to keep in an Intent-to-Use state." ::= { aapConfig 5 } aapConfigPrivateKey OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-write STATUS current DESCRIPTION "The private key used to sign AAP messages. This object is intended solely for the purpose of setting the private key, and MUST be accessible only via requests using both authentication and privacy. The agent MAY report an empty string in response to get, get-next, and get-bulk requests." ::= { aapConfig 6 } aapConfigSSIGInterval OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The rate at which the AAP speaker will send SSIG messages containing public keys. A value of 0 means that no SSIG messages will be sent." ::= { aapConfig 7 } -- -- AAP Public Key Table -- Expires December 1999 [Page 25] Draft Multicast Address Allocation MIB June 1999 aapPublicKeyTable OBJECT-TYPE SYNTAX SEQUENCE OF AapPublicKeyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The (conceptual) table containing information on AAP public keys." ::= { aap 2 } aapPublicKeyEntry OBJECT-TYPE SYNTAX AapPublicKeyEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (conceptual row) containing the information on an AAP public key." INDEX { aapPublicKeyAddress } ::= { aapPublicKeyTable 1 } AapPublicKeyEntry ::= SEQUENCE { aapPublicKeyAddress GenericIpAddress, aapPublicKeyKey OCTET STRING, aapPublicKeyExpiryTime Unsigned32, aapPublicKeySource INTEGER, aapPublicKeyStatus RowStatus } aapPublicKeyAddress OBJECT-TYPE SYNTAX GenericIpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The address of the machine with which to associate the public key." ::= { aapPublicKeyEntry 1 } aapPublicKeyKey OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-create STATUS current DESCRIPTION "The actual public key." ::= { aapPublicKeyEntry 2 } aapPublicKeyExpiryTime OBJECT-TYPE Expires December 1999 [Page 26] Draft Multicast Address Allocation MIB June 1999 SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The time remaining in the lifetime of the key. A value of 0 indicates that the key is not subject to aging." DEFVAL { 0 } ::= { aapPublicKeyEntry 3 } aapPublicKeySource OBJECT-TYPE SYNTAX INTEGER { other(1), manual(2), aap(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The method by which this entry was learned." ::= { aapPublicKeyEntry 4 } aapPublicKeyStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row, by which new entries may be created, or old entries deleted from this table." ::= { aapPublicKeyEntry 5 } -- AAP Traps aapTraps OBJECT IDENTIFIER ::= { aap 3 } aapASALoss NOTIFICATION-TYPE OBJECTS { mallocScopeLastAddress } STATUS current DESCRIPTION "This trap is sent when an ASA is expired due to no ASA message being received for the scope indicated within the ASA expiry time." ::= { aapTraps 1 } -- conformance information Expires December 1999 [Page 27] Draft Multicast Address Allocation MIB June 1999 mallocConformance OBJECT IDENTIFIER ::= { mallocMIB 2 } mallocCompliances OBJECT IDENTIFIER ::= { mallocConformance 1 } mallocGroups OBJECT IDENTIFIER ::= { mallocConformance 2 } -- compliance statements mallocServerCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for multicast address allocation servers implementing the MALLOC MIB." MODULE -- this module MANDATORY-GROUPS { mallocBasicGroup, mallocServerGroup } OBJECT mallocScopeLastAddress MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mallocScopeTTL MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mallocAllocRangeLifetime MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mallocScopeStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mallocAllocRangeMaxLeaseAddrs MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mallocAllocRangeMaxLeaseTime MIN-ACCESS read-only DESCRIPTION "Write access is not required." Expires December 1999 [Page 28] Draft Multicast Address Allocation MIB June 1999 OBJECT mallocScopeDivisible MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mallocScopeNameScopeName MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mallocScopeNameDefault MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mallocScopeNameStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mallocScopeExclusionLastAddress MIN-ACCESS read-only DESCRIPTION "Write access is not required." OBJECT mallocScopeExclusionStatus MIN-ACCESS read-only DESCRIPTION "Write access is not required." GROUP madcapServerGroup DESCRIPTION "This group is mandatory for servers which implement the MADCAP client-server protocol." GROUP aapServerGroup DESCRIPTION "This group is mandatory for servers which implement the AAP server-server protocol." ::= { mallocCompliances 1 } mallocClientCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for hosts implementing the MALLOC Expires December 1999 [Page 29] Draft Multicast Address Allocation MIB June 1999 MIB." MODULE -- this module MANDATORY-GROUPS { mallocBasicGroup, mallocClientGroup } GROUP madcapClientGroup DESCRIPTION "This group is mandatory for clients which implement the MADCAP client-server protocol." ::= { mallocCompliances 2 } -- units of conformance mallocBasicGroup OBJECT-GROUP OBJECTS { mallocCapabilities, mallocRequestScopeFirstAddress, mallocRequestStartTime, mallocRequestEndTime, mallocRequestNumAddrs, mallocRequestState, mallocAddressNumAddrs, mallocAddressRequestGuid } STATUS current DESCRIPTION "The basic collection of objects providing management of IP multicast address allocation." ::= { mallocGroups 1 } mallocServerGroup OBJECT-GROUP OBJECTS { mallocScopeLastAddress, mallocScopeTTL, mallocAllocRangeLastAddress, mallocAllocRangeLifetime, mallocAllocRangeNumAllocatedAddrs, mallocAllocRangeNumOfferedAddrs, mallocAllocRangeNumWaitingAddrs, mallocAllocRangeNumTryingAddrs, mallocScopeStatus, mallocAllocRangeMaxLeaseAddrs, mallocAllocRangeMaxLeaseTime, mallocAllocRangeStatus, mallocAllocRangeSource, mallocScopeDivisible, mallocScopeSource, mallocScopeExclusionLastAddress, mallocScopeExclusionStatus, mallocScopeExclusionSource, mallocScopeNameScopeName, mallocScopeNameDefault, mallocScopeNameStatus, mallocRequestClientAddress } STATUS current DESCRIPTION Expires December 1999 [Page 30] Draft Multicast Address Allocation MIB June 1999 "A collection of objects providing management of multicast address allocation in servers." ::= { mallocGroups 2 } mallocClientGroup OBJECT-GROUP OBJECTS { mallocRequestServerAddress } STATUS current DESCRIPTION "The basic collection of objects providing management of IP multicast address allocation." ::= { mallocGroups 3 } madcapServerGroup OBJECT-GROUP OBJECTS { madcapConfigClockSkewAllowance, madcapConfigExtraAllocationTime, madcapConfigOfferHold, madcapConfigResponseCacheInterval, madcapCountTotalErrors, madcapCountRequestsDenied, madcapCountInvalidRequests, madcapCountBadLeaseIds, madcapCountExcessiveClockSkews, madcapCountDiscovers, madcapCountInforms, madcapCountRequests, madcapCountRenews, madcapCountReleases } STATUS current DESCRIPTION "A collection of objects providing management of MADCAP servers." ::= { mallocGroups 4 } madcapClientGroup OBJECT-GROUP OBJECTS { madcapConfigNoResponseDelay } STATUS current DESCRIPTION "A collection of objects providing management of MADCAP clients." ::= { mallocGroups 5 } mallocClientScopeGroup OBJECT-GROUP OBJECTS { mallocScopeLastAddress, mallocScopeTTL, mallocScopeSource, mallocScopeServerAddress } STATUS current DESCRIPTION "A collection of objects providing management of MADCAP clients." ::= { mallocGroups 6 } aapServerGroup OBJECT-GROUP Expires December 1999 [Page 31] Draft Multicast Address Allocation MIB June 1999 OBJECTS { aapConfigDefaultRTT, aapConfigSetRepeatInterval, aapConfigBaseRate, aapConfigPoolSize, aapPublicKeyKey, aapPublicKeyExpiryTime, aapPublicKeySource, aapPublicKeyStatus, aapConfigPrivateKey } STATUS current DESCRIPTION "A collection of objects providing management of MAAS's which implement AAP." ::= { mallocGroups 7 } aapKeyServerGroup OBJECT-GROUP OBJECTS { aapConfigSSIGInterval } STATUS current DESCRIPTION "A collection of notifications for managing AAP speakers which send SSIG messages advertising public keys." ::= { mallocGroups 8 } aapRangeServerGroup OBJECT-GROUP OBJECTS { aapConfigASAInterval } STATUS current DESCRIPTION "A collection of notifications for managing AAP speakers which send ASA messages advertising address ranges to allocation servers." ::= { mallocGroups 9 } aapNotificationGroup NOTIFICATION-GROUP NOTIFICATIONS { aapASALoss } STATUS current DESCRIPTION "A collection of notifications for signaling important AAP events." ::= { mallocGroups 10 } END 6. Security Considerations This MIB contains readable objects whose values provide information related to multicast address allocation. There are also a number of objects that have a MAX-ACCESS clause of read-write and/or read-create, such as those which allow an administrator to dynamically configure Expires December 1999 [Page 32] Draft Multicast Address Allocation MIB June 1999 ranges from which to allocate addresses. If address allocation servers are configured to allow renewal or release purely on the basis of knowledge of the Guid contained in the Request and Address tables, then unauthorized read access to these objects can be used in a denial-of-service attack. While unauthorized read access to the remaining objects is relatively innocuous, unauthorized write access to these objects could cause a denial-of-service, or could cause unauthorized creation and/or manipulation of scope ranges. Hence, the support for SNMP operations in a non-secure environment without proper protection can have a negative effect on network operations. SNMPv1 by itself is such an insecure environment. Even if the network itself is secure (for example by using IPSec [16]), even then, there is no control as to who on the secure network is allowed to access and SET (change/create/delete) the objects in this MIB. It is recommended that the implementers consider the security features as provided by the SNMPv3 framework. Specifically, the use of the User-based Security Model RFC 2274 [12] and the View-based Access Control Model RFC 2275 [15] is recommended. It is then a customer/user responsibility to ensure that the SNMP entity giving access to this MIB, is properly configured to give access to those objects only to those principals (users) that have legitimate rights to access them. 7. Author's Address Dave Thaler Microsoft Corporation One Microsoft Way Redmond, WA 98052-6399 Phone: +1 425 703 8835 EMail: dthaler@dthaler.microsoft.com Expires December 1999 [Page 33] Draft Multicast Address Allocation MIB June 1999 8. References [1] Wijnen, B., Harrington, D., and R. Presuhn, "An Architecture for Describing SNMP Management Frameworks", RFC 2571, Cabletron Systems, Inc., BMC Software, Inc., IBM T. J. Watson Research, April 1999. [2] Rose, M., and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based Internets", RFC 1155, STD 16, Performance Systems International, Hughes LAN Systems, May 1990. [3] Rose, M., and K. McCloghrie, "Concise MIB Definitions", RFC 1212, STD 16, Performance Systems International, Hughes LAN Systems, March 1991. [4] M. Rose, "A Convention for Defining Traps for use with the SNMP", RFC 1215, Performance Systems International, March 1991. [5] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", RFC 2578, STD 58, Cisco Systems, SNMPinfo, TU Braunschweig, SNMP Research, First Virtual Holdings, International Network Services, April 1999. [6] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", RFC 2579, STD 58, Cisco Systems, SNMPinfo, TU Braunschweig, SNMP Research, First Virtual Holdings, International Network Services, April 1999. [7] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Conformance Statements for SMIv2", RFC 2580, STD 58, Cisco Systems, SNMPinfo, TU Braunschweig, SNMP Research, First Virtual Holdings, International Network Services, April 1999. [8] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network Management Protocol", RFC 1157, STD 15, SNMP Research, Performance Systems International, Performance Systems International, MIT Laboratory for Computer Science, May 1990. [9] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. Expires December 1999 [Page 34] Draft Multicast Address Allocation MIB June 1999 [10] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1906, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [11] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2572, SNMP Research, Inc., Cabletron Systems, Inc., BMC Software, Inc., IBM T. J. Watson Research, April 1999. [12] Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2574, IBM T. J. Watson Research, April 1999. [13] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [14] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC 2573, SNMP Research, Inc., Secure Computing Corporation, Cisco Systems, April 1999. [15] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2575, IBM T. J. Watson Research, BMC Software, Inc., Cisco Systems, Inc., April 1999. [16] R. Atkinson. "Security architecture for the internet protocol", RFC 1825, August 1995. [17] Patel, B., Shah, M., and S. Hanna. "Multicast Address Dynamic Client Allocation Protocol (MADCAP)", Work in progress, May 1999. [18] M. Handley. "Multicast Address Allocation Protocol (AAP)", Work in progress, August 1998. [19] Handley, M., Thaler, D., and R. Kermode. "Multicast-Scope Zone Announcement Protocol (MZAP)", Work in progress, February 1999. [20] Handley, M., Thaler, D., and D. Estrin. "The Internet Multicast Address Allocation Architecture", Work in progress, April 1999. Expires December 1999 [Page 35] Draft Multicast Address Allocation MIB June 1999 9. Full Copyright Statement Copyright (C) The Internet Society (1999). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implmentation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE." Table of Contents 1 Abstract ........................................................ 1 2 Introduction .................................................... 2 3 The SNMP Network Management Framework ........................... 2 3.1 Object Definitions ............................................ 3 4 Overview ........................................................ 3 4.1 Protocol-independent objects .................................. 4 4.2 Protocol-specific objects ..................................... 4 5 Definitions ..................................................... 5 6 Security Considerations ......................................... 32 7 Author's Address ................................................ 33 8 References ...................................................... 34 9 Full Copyright Statement ........................................ 36 Expires December 1999 [Page 36]