idnits 2.17.1
draft-ietf-tsvwg-tcp-mib-extension-15.txt:
Checking boilerplate required by RFC 5378 and the IETF Trust (see
https://trustee.ietf.org/license-info):
----------------------------------------------------------------------------
** It looks like you're using RFC 3978 boilerplate. You should update this
to the boilerplate described in the IETF Trust License Policy document
(see https://trustee.ietf.org/license-info), which is required now.
-- Found old boilerplate from RFC 3978, Section 5.1 on line 17.
-- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on
line 3846.
-- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 3821.
-- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 3828.
-- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 3834.
Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
----------------------------------------------------------------------------
== No 'Intended status' indicated for this document; assuming Proposed
Standard
Checking nits according to https://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------
No issues found here.
Miscellaneous warnings:
----------------------------------------------------------------------------
== The copyright year in the IETF Trust Copyright Line does not match the
current year
== The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but
does not include the phrase in its RFC 2119 key words list.
-- The document seems to lack a disclaimer for pre-RFC5378 work, but may
have content which was first submitted before 10 November 2008. If you
have contacted all the original authors and they are all willing to grant
the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
this comment. If not, you may need to add the pre-RFC5378 disclaimer.
(See the Legal Provisions document at
https://trustee.ietf.org/license-info for more information.)
-- The document date () is 739376 days in the past. Is this intentional?
Checking references for intended status: Proposed Standard
----------------------------------------------------------------------------
(See RFCs 3967 and 4897 for information about using normative references
to lower-maturity documents in RFCs)
== Unused Reference: 'RFC791' is defined on line 3652, but no explicit
reference was found in the text
== Unused Reference: 'RFC1122' is defined on line 3658, but no explicit
reference was found in the text
== Unused Reference: 'RFC1191' is defined on line 3661, but no explicit
reference was found in the text
== Unused Reference: 'RFC1323' is defined on line 3664, but no explicit
reference was found in the text
== Unused Reference: 'RFC2018' is defined on line 3667, but no explicit
reference was found in the text
== Unused Reference: 'RFC2883' is defined on line 3694, but no explicit
reference was found in the text
== Unused Reference: 'RFC3168' is defined on line 3701, but no explicit
reference was found in the text
== Unused Reference: 'RFC3517' is defined on line 3704, but no explicit
reference was found in the text
== Unused Reference: 'RFC3260' is defined on line 3738, but no explicit
reference was found in the text
== Unused Reference: 'RFC3742' is defined on line 3748, but no explicit
reference was found in the text
** Obsolete normative reference: RFC 793 (Obsoleted by RFC 9293)
** Obsolete normative reference: RFC 1323 (Obsoleted by RFC 7323)
** Obsolete normative reference: RFC 2021 (Obsoleted by RFC 4502)
** Obsolete normative reference: RFC 2581 (Obsoleted by RFC 5681)
** Obsolete normative reference: RFC 2988 (Obsoleted by RFC 6298)
** Obsolete normative reference: RFC 3517 (Obsoleted by RFC 6675)
== Outdated reference: A later version (-05) exists of
draft-ietf-tcpm-syn-flood-01
-- Obsolete informational reference (is this intentional?): RFC 2861
(Obsoleted by RFC 7661)
-- Obsolete informational reference (is this intentional?): RFC 4614
(Obsoleted by RFC 7414)
Summary: 7 errors (**), 0 flaws (~~), 14 warnings (==), 9 comments (--).
Run idnits with the --verbose option for more detailed information about
the items above.
--------------------------------------------------------------------------------
2 Internet-Draft Matt Mathis
3 John Heffner
4 Pittsburgh Supercomputing Center
5 Rajiv Raghunarayan
6 Cisco Systems
8 TCP Extended Statistics MIB
9 draft-ietf-tsvwg-tcp-mib-extension-15.txt
10 Fri Mar 2 16:25:20 EST 2007
12 Status of this Memo
14 By submitting this Internet-Draft, each author represents that any
15 applicable patent or other IPR claims of which he or she is aware
16 have been or will be disclosed, and any of which he or she becomes
17 aware will be disclosed, in accordance with Section 6 of BCP 79.
19 Internet-Drafts are working documents of the Internet Engineering
20 Task Force (IETF), its areas, and its working groups. Note that other
21 groups may also distribute working documents as Internet-Drafts.
23 Internet-Drafts are draft documents valid for a maximum of six months
24 and may be updated, replaced, or obsoleted by other documents at any
25 time. It is inappropriate to use Internet-Drafts as reference
26 material or to cite them other than as "work in progress."
28 The list of current Internet-Drafts can be accessed at http://
29 www.ietf.org/ietf/1id-abstracts.txt.
31 The list of Internet-Draft Shadow Directories can be accessed at
32 http://www.ietf.org/shadow.html.
34 This Internet-Draft will expire July, 2007
36 Abstract
38 This draft describes extended performance statistics for TCP. They
39 are designed to use TCP's ideal vantage point to diagnose performance
40 problems in both the network and the application. If a network based
41 application is performing poorly, TCP can determine if the bottleneck
42 is in the sender, the receiver or the network itself. If the
43 bottleneck is in the network, TCP can provide specific information
44 about its nature.
46 Table of Contents
48 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . .2
49 2. The Internet-Standard Management Framework . . . . . . . . .9
50 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . .9
51 4. TCP Extended Statistics MIB . . . . . . . . . . . . . . . . 14
52 5. Security Considerations . . . . . . . . . . . . . . . . . . 75
53 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . 77
54 7. Normative References . . . . . . . . . . . . . . . . . . . .77
55 8. Informative References . . . . . . . . . . . . . . . . . . .79
56 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . .80
57 11. Authors' Addresses . . . . . . . . . . . . . . . . . . . . 81
58 12. Intellectual Property . . . . . . . . . . . . . . . . . . .81
59 13. Disclaimer of Validity . . . . . . . . . . . . . . . . . . 82
60 14. Copyright Statement . . . . . . . . . . . . . . . . . . . .82
62 1. Introduction
64 This draft describes extended performance statistics for TCP. They
65 are designed to use TCP's ideal vantage point to diagnose performance
66 problems in both the network and the application. If a network based
67 application is performing poorly, TCP can determine if the bottleneck
68 is in the sender, the receiver or the network itself. If the
69 bottleneck is in the network, TCP can provide specific information
70 about its nature.
72 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
73 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
74 document are to be interpreted as described in RFC 2119.
76 The SNMP objects defined in this draft extend TCP MIB, as specified
77 in RFC 4022 [RFC4022]. In addition to several new scalars and other
78 objects, it augments two tables and makes one clarification to RFC
79 4022. Existing management stations for the TCP MIB are expected to
80 be fully compatible with these clarifications.
82 X. Changes
84 RFC editor, please remove this virtual section. It contains document
85 history and some information about document version control.
87 This document is automatically generated from a database of potential
88 TCP instruments. Beware that the OIDs are still likely to change
89 with future versions. The current version can be obtained from
90 . Please send all suggestions and
91 comments to tsvwg@ietf.org so they go to the entire TSV WG.
93 Changes since draft-ietf-tsvwg-tcp-mib-extension-14.txt (3-Jan-2007):
95 Corrected types for tcpEStatsPerfZeroRwinSent,
96 tcpEStatsPerfZeroRwinRcvd, tcpEStatsPathNonRecovDAEpisodes,
97 tcpEStatsPathSumOctetsReordered (now all ZeroBasedCounter32).
99 Changed tcpEStatsStackSndInitial, tcpEStatsStackRecInitial,
100 tcpEStatsConnTableLatency, tcpEStatsListenerMaxBacklog,
101 tcpEStatsPathIpTtl and the controls in tcpEStatsTuneTable to be
102 Unsigned32, to be more consistent with usage conventions.
104 Changed tcpEStatsPathIpTosIn and tcpEStatsPathIpTosOut to OCTET-
105 STRING SIZE(1).
107 Added a range to tcpEStatsConnectIndex and slightly relaxed the
108 description.
110 Changed the conformance statements to require read-wite access to
111 tcpEStatsControlNotify if the notification group is implemented.
113 Added persistency language to the MIB itself, in addition to the
114 overview.
116 Removed tcpEStatsPathQuenchRcvd, since ICMP source quence has been
117 all but formally deprecated.
119 Added tcpEStatsTuneLimMSS, to provide a manual mechanism to work
120 around MTU discovery failures.
122 Hey, Bill Fenner, can't you read everything just a little bit earlier
123 in the review cycle?
125 Changes since draft-ietf-tsvwg-tcp-mib-extension-13.txt (7-Dec-2006):
127 Updated the copyright dates to 2007. Updated versions for referenced
128 documents in progress.
130 Downgrade references to RFCs 2861, 3260, 3522 and 3742 to
131 informative.
133 Removed tcpEStatsPathECNNonceRcvd, which instruments the algorithm
134 described in RFC 3540, an experimental RFC that has recently come
135 into question. There are no known, widely deployed implementations,
136 and RFC 3540 conflicts with a recent proposal for a better use of the
137 remaining IP header bits.
139 Removed a duplicate incorrect address for Jon Saperia.
141 Updated TOC.
143 Updated copyright language within the MIB (and comments within in the
144 nroff source) to reflect RFC 4748.
146 Many automatically detected nits, per Lars Eggert.
148 Changes since draft-ietf-tsvwg-tcp-mib-extension-12.txt (9-Oct-2006):
150 These changes reflect comments from the Gen-ART, Last Call Review.
152 Clarified "this implementation" language in section 3.2.
154 Corrected cut and paste errors in the descriptions of the table
155 controls.
157 Several minor wording nits.
159 Changes since draft-ietf-tsvwg-tcp-mib-extension-11.txt (3-Aug-2006):
161 Changed Matt's email address to mathis@psc.edu.
163 Changes per comments from the transport AD, Lars Eggert: Re-organized
164 the overview to improve clarity. Moved the security section ahead of
165 the references. Various nits.
167 Changes since draft-ietf-tsvwg-tcp-mib-extension-10.txt
168 (24-May-2006):
170 These changes reflect comments received during the WGLC.
172 tcpEStatsConnTableLatency is no longer restricted to be less than 30
173 seconds.
175 Added references to the descriptions of Receiver Limited and
176 Congestion limited objects (tcpEStatsPerfSndLim*).
178 Reviewed and clarified all ECN related instruments.
180 Changes since draft-ietf-tsvwg-tcp-mib-extension-09.txt (4-Mar-2006):
182 Corrected the SYNTAX for PathNonRecovDAEpisodes,
183 PathSumOctetsReordered and AppSndNxt.
185 Clarified the relationship between tcpEStatsConnTableLatency and
186 RFC4022 (TCP-MIB).
188 Changes since draft-ietf-tsvwg-tcp-mib-extension-08.txt
189 (23-Oct-2005):
191 Changed tcpEStatsConnectIdTable to augment TCP-
192 MIB::tcpConnectionTable, rather than be a stand alone table. This
193 requires this draft to clarify vague row latency language in RFC4022
194 and deleting some text about the removed objects from the overview
195 and security sections.
197 Added row latency language to all connection tables.
199 Added DEFVAL to tcpEStatsConnTableLatency.
201 Reassigned sane OIDs under tcpEStats.
203 Careful review and several clarifications of the overview section.
205 Reviewed and cleaned up all references.
207 Restructured the tcpEStatsStackTable, by moving all of the objects
208 that describe the SYN exchange to the front of the table. These
209 objects are not permitted to change once the connection is
210 established. This permits polling the latter portion of the table in
211 a single PDU.
213 Added the TcpEStatsNegotiated TC and revised the objects that
214 describe the SYN exchange to better represent the state of the
215 negotiation without separate objects for both option values and
216 negotiated states.
218 Added tcpEStatsPathRcvRTT, which is the receiver's estimate of the
219 path RTT. Later corrected it to be gauge32.
221 Changed tcpEStatsListenerCurrConns to tcpEStatsListenerCurConns to
222 agree with other "current" object names.
224 Acknowledged the efforts of the MIB Doctor and Operations area
225 director.
227 The following changes are per the MIB doctor review:
229 Minor corrections (form feeds, copyright date, etc) to pass IDnits
230 and smilint. (Note that the unassigned root OID generates to only
231 remaining warning.)
233 Moved this mib from a subtree under experimental to a subtree under
234 mib-2 and added an IANA considerations section for the root OID.
236 Added "UNITS" and "REFERENCE" clauses as appropriate.
238 Clarified the description of tcpEStatsStackInRecovery.
240 Updated the description of tcpEStatsStackSoftErrors to mention the
241 numerical values of the errors.
243 Updated the Security considerations section with new boiler plate and
244 better descriptions.
246 Moved the document revision information to (this) virtual section.
248 Replaced the TcpEStatsOperation TC with TruthValue TC.
250 Clarified the description of tcpEStatsListenerCurBacklog. Note that
251 the text still allows for TCP variants.
253 Removed references to obsolete SNMP versions from
254 tcpEStatsConnectIdTable, but did not remove doubled or further
255 restrict address types.
257 Added a new subsection to clarify that the relationship to TCP
258 standards and indicate that the underlying TCP specifications
259 deliberately encourage diversity.
261 Updated the description of the tcpEStatsPipeSize to clarify the
262 permitted diversity in implementation.
264 Added a normative reference for RFC3517.
266 Clarified the introduction to the instruments of the window updates
267 sent by the local receiver.
269 Added 2 paragraphs to the overview about TCP non-persistence across
270 reboots, and the non-persistence of all objects in this MIB.
272 Clarified the description of tcpEStatsPathECNsignals.
274 Added explicit language about counter deltas, for objects intended to
275 be used to compute ratios.
277 Removed text permitting implementers to allocate additional
278 proprietary codes for tcpEStatsStackSoftErrorReason.
280 Added language clarifying that SND.NXT, SND.UNA, etc have Counter32
281 semantics.
283 Changes since draft-ietf-tsvwg-tcp-mib-extension-07.txt (20-Feb-2005)
285 Added tcpEStatsStackSpuriousRtoDetected. Renamed AckAfterFR to
286 tcpEStatsStackSpuriousFrDetected and clarified the description.
288 Restructure the tables yet again. The perf, path, and stack tables
289 now each start out with some required objects, followed by optional
290 objects. This permits a much more logical grouping of instruments,
291 lowers the cost for a minimal implementation and encourages
292 incremental deployment.
294 Changes since draft-ietf-tsvwg-tcp-mib-extension-06.txt (20-Feb-2005)
296 Added tcpEStatsPerfPipeSize and tcpEStatsPerfMaxPipeSize to detect
297 when TCP is unable to open the window as large as permitted.
299 Added tcpEStatsStackInRecovery to indicate if the connection is
300 currently in recovery (e.g., has outstanding retransmissions), or
301 about to enter recovery.
303 Move tcpEStatsPerfSumRTT, Tcpestatsperfhcsumrtt and
304 tcpEStatsPerfCountRTT to the path table, tcpEStatsPath.
306 Added tcpEStatsPathHCGroup.
308 Move tcpEstatsPathAckAfterFR and tcpEstatsPathSndDupAckEpisodes back
309 to the performance table, tcpEStatsPerf.
311 Move tcpEStatsPerfSampleRTT, tcpEStatsPerfSampleRTT and
312 tcpEStatsPerfSampleRTT to the stack table, tcpEStatsStack.
314 Clarified the descriptions of tcpEStatsPerfDupAckEpisodes,
315 tcpEStatsPerfDupAcksOut and tcpEStatsPerfCongSignals
317 Changes since draft-ietf-tsvwg-tcp-mib-extension-05.txt
318 (17-July-2004)
320 Many changes to object descriptions MIB comments and overview to
321 improve clarity.
323 Completely restructured the per connection tables. Seven table were
324 reduced to five. The main per connection table tcpEStatsPerfTable
325 is now mandatory. Three other new tables are focused on
326 understanding the details of the behavior of the path, internal TCP
327 algorithms and the application. In addition, there is a new tuning
328 table with per-connection writable controls to work around a number
329 of common problems. Note that due to the table restructuring, most
330 of the object names listed below have changed.
332 Restructured the Listen Table (tcpEStatsListenerTable) to better
333 instrument various SYN flood defenses.
335 Removed minimal receiver window objects, and replaced them by the
336 count of the number of transitions to zero window from non-zero
337 window.
339 Replaced tcpEStatsPathIpTos by tcpEStatsPathIpTosOut and added
340 tcpEStatsPathIpTosIn.
342 Updated the descriptions of tcpEStatsDataSndNxt, tcpEStatsDataSndMax,
343 tcpEStatsDataThruOctetsAcked, tcpEStatsDataHCThruBytesAcked,
344 tcpEStatsDataThruBytesReceived, tcpEStatsDataHCThruBytesReceived,
345 consistently use RFC793 variables (SND.NXT, etc) or refer to other
346 TCP-ESTATS-MIB objects.
348 Changed tcpEStatsSynOptsMSSSent and tcpEStatsSynOptsMSSRcvd from
349 Gauge32 to Unsigned32
351 Updated descriptions of tcpEStatsConnectLocalAddress and
352 tcpEStatsConnectRemAddress to new conventions for InetAddress
354 Changes since draft-ietf-tsvwg-tcp-mib-extension-04.txt (27-Oct-2003)
355 Updated ID boiler plate to RFC3668, ID-Guidelines and fixed some
356 formatting glitches
358 Added a Table of Contents
360 Updated the description of tcpEStatsConnectionState to indicate that
361 the listen state included only for document parallelism and should
362 not be used.
364 Explained why it is useful for tcpEStatsConnectIdTable and others to
365 remain for 30 seconds after a connection closes (so you retrieve the
366 total statistics for the entire connection).
368 Added comment about not supporting writing DeleteTcb into the TCP
369 State.
371 Explained that SndNxt is not a counter because it is non-monotonic.
373 Clarified StartTime to be row creation
375 Clarified row creation to be at the first SYN unless techniques to
376 defend against SYN floods are in effect, then at connection
377 establishment.
379 Added tcpEStatsControlNotify to control the generation of
380 notifications.
382 Changed sequence numbers from ZeroBasedCounter32 to Counter32.
384 Changes since draft-ietf-tsvwg-tcp-mib-extension-03.txt (2-Mar-2003)
386 Replaced "queued" with "buffered by TCP"
388 Changed all counters in the TCP connection tables to be ZeroBased
390 Remove tcpEStatsHCInSegs, tcpEStatsHCOutSegs, which appear in as
391 tcpHCInSegs and tcpHCOutSegs in draft-ietf-ipv6-rfc2012-update-03.txt
392 and later drafts.
394 Added changes section.
396 2. The Internet-Standard Management Framework
398 For a detailed overview of the documents that describe the current
399 Internet-Standard Management Framework, please refer to section 7 of
400 RFC 3410 [RFC3410].
402 Managed objects are accessed via a virtual information store, termed
403 the Management Information Base or MIB. MIB objects are generally
404 accessed through the Simple Network Management Protocol (SNMP).
405 Objects in the MIB are defined using the mechanisms defined in the
406 Structure of Management Information (SMI). This memo specifies a MIB
407 module that is compliant to the SMIv2, which is described in STD 58,
408 RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580
409 [RFC2580].
411 3. Overview
413 The TCP-ESTATS-MIB defined in this memo consists of two groups of
414 scalars, seven tables and two notifications:
416 * The first group of scalars contain statistics of the TCP protocol
417 engine not covered in RFC 4022. This group consists of the single
418 scalar tcpEStatsListenerTableLastChange which provides management
419 stations with an easier mechanism to validate their listener
420 caches.
422 * The second group of scalars consist of knobs to enable and disable
423 information collection by the tables containing connection-related
424 statistics/information. For example, the tcpEStatsControlPath
425 object controls the activation of the tcpEStatsPathTable. The
426 tcpEStatsConnTableLatency object determines how long connection
427 table rows are retained after a TCP connection transitions into the
428 closed state.
430 * The tcpEStatsListenerTable augments tcpListenerTable in TCP-MIB
431 [RFC4022] to provided additional information on the active TCP
432 listeners on a device. It supports objects to monitor and diagnose
433 SYN-flood denial-of-service attacks as described below.
435 * The tcpEStatsConnectIdTable augments the tcpConnectionTable in TCP-
436 MIB [RFC4022] to provide a mapping between connection 4-tuples
437 (which index tcpConnectionTable) and an integer connection index,
438 tcpEStatsConnectIndex. The connection index is used to index into
439 the five remaining tables in this MIB module, and is designed to
440 facilitate rapid polling of multiple objects associated with one
441 TCP connection.
443 * The tcpEStatsPerfTable contains objects that are useful for
444 measuring TCP performance and first check problem diagnosis.
446 * The tcpEStatsPathTable contains objects that can be used to infer
447 detailed behavior of the Internet path, such as the extent that
448 there are segment losses or reordering, etc.
450 * The tcpEStatsStackTable contains objects that are most useful for
451 determining how well the TCP control algorithms are coping with
452 this particular path.
454 * The tcpEStatsAppTable provides objects that are useful for
455 determining if the application using TCP is limiting TCP
456 performance.
458 * The tcpEStatsTuneTable provides per connection controls that can be
459 used to work around a number of common problems that plague TCP
460 over some paths.
462 * The two notifications defined in this MIB module are
463 tcpEStatsEstablishNotification, indicating that a new connection
464 has been accepted (or established, see below), and
465 tcpEStatsCloseNotification, indicating that an existing connection
466 has recently closed.
468 3.1. MIB Initialization and Persistence
469 The TCP protocol itself is specifically designed not to preserve any
470 state whatsoever across system reboots, and enforces this by
471 requiring randomized Initial Sequence numbers and ephemeral ports
472 under any conditions where segments from old connections might
473 corrupt new connections following a reboot.
475 All of the objects in the MIB MUST have the same persistence
476 properties as the underlying TCP implementation. On a reboot, all
477 zero based counters MUST be cleared, all per connection table rows
478 MUST be deleted and all read-write objects MUST be restored to their
479 default values. It is assumed that all TCP implementation have some
480 initialization code (if nothing else to set IP addresses) that has
481 the opportunity to adjust tcpEStatsConnTableLatency and other read-
482 write scalars controlling the creation of the various tables, before
483 establishing the first TCP connection. Implementations MAY also
484 choose to make these control scalars persist across reboots.
486 The ZeroBasedCounter32 and ZeroBasedCounter64 objects in the listener
487 and connection tables are initialized to zero when the table row is
488 created.
490 The tcpEStatsConnTableLatency object determines how long connection
491 table rows are retained after a TCP connection transitions into the
492 closed state, to permit reading final connection completion
493 statistics. In RFC4022 (TCP-MIB), the discussion of
494 tcpConnectionTable row latency (page 9) the words "soon after" are
495 understood to mean after tcpEStatsConnTableLatency, such that all
496 rows of all tables associated with one connection are retained at
497 least tcpEStatsConnTableLatency after connection close. This
498 clarification to RFC4022 only applies when TCP-ESTATS-MIB is
499 implemented. If TCP-ESTATS-MIB is not implemented, RFC4022 permits
500 an unspecified delay between connection close and row deletion.
502 3.2. Relationship to TCP standards
504 There are more than 70 RFCs and other documents that specify various
505 aspects of the Transmission Control Protocol (TCP) [RFC4614]. While
506 most protocols are completely specified in one or two documents, this
507 has not proven to be feasible for TCP. TCP implements a reliable
508 end-to-end data transport service over a very weakly constrained IP
509 datagram service. The essential problem that TCP has to solve is
510 balancing the applications need for fast and reliable data transport
511 against the need to make fair, efficient and equitable use of network
512 resources, with only sparse information about the state of the
513 network or its capabilities.
515 TCP maintains this balance through the use of many estimators and
516 heuristics that regulate various aspects of the protocol. For
517 example RFC2988 describes how to calculate the retransmission timer,
518 RTO, from the average and variance of the network round-trip-time as
519 estimated from the RTT sampled on some data segments. Although these
520 algorithms are standardized, they are a compromise which is optimal
521 for only common Internet environments. Other estimators might yield
522 better results (higher performance or more efficient use of the
523 network) in some environments, particularly under uncommon
524 conditions.
526 It is the consensus of the community that nearly all of the
527 estimators and heuristics used in TCP might be improved through
528 further research and development. For this reason nearly all of TCP
529 documents leave some latitude for future improvements, for example by
530 the use of "SHOULD" instead of "MUST" [RFC2119]. Even standard
531 algorithms that are required because they critically effect fairness
532 or the dynamic stability of Internet congestion control, include some
533 latitude for evolution. As a consequence there is considerable
534 diversity in the details of the TCP implementations actually in use
535 today.
537 The fact that the underlying algorithms are not uniform makes it
538 difficult to tightly specify a MIB. We could have chosen the point
539 of view that the MIB should publish precisely defined metrics of the
540 network path, even if they are different from the estimators in use
541 by TCP. This would make the MIB more useful as a measurement tool,
542 but less useful for understanding how any specific TCP implementation
543 is interacting with the network path and upper protocol layers. We
544 chose instead to have the MIB expose the estimators and important
545 states variables of the algorithms in use, without constraining the
546 TCP implementation.
548 As a consequence the MIB objects are defined in terms of fairly
549 abstract descriptions (e.g., Round-Trip-Time) but are intended to
550 expose the actual estimators or other state variables as they are
551 used in TCP implementations, possibly transformed (e.g., scaled or
552 otherwise adjusted) to match the spirit of the object descriptions in
553 this document.
555 This may mean that MIB objects may not be exactly comparable between
556 two different TCP implementations. A general management station can
557 only assume the abstract descriptions, which are useful for general
558 assessment of how TCP is functioning. To a TCP implementer with
559 detailed knowledge about the TCP implementation on a specific host,
560 this MIB might be useful for debugging or evaluating the algorithms
561 in their implementation.
563 Under no conditions is this MIB intended to constrain TCP to use (or
564 exclude) any particular estimator, heuristic, algorithm or
565 implementation.
567 3.3. Diagnosing SYN-flood Denial-of-Service attacks
569 The tcpEStatsListenerTable is specifically designed to provide
570 information that is useful for diagnosing SYN-flood Denial-of-Service
571 attacks, where a server is overwhelmed by forged or otherwise
572 malicious connection attempts. There are several different
573 techniques that can be used to defend against SYN-flooding but none
574 are standardized [Edd06]. These different techniques all have the
575 same basic characteristics which are instrumentable with a common set
576 of objects even though the techniques differ greatly in the details.
578 All SYN-flood defenses avoid allocating significant resources (memory
579 or CPU) to incoming (passive open) connections until the connections
580 meet some liveness criteria (to defend against forged IP source
581 addresses) and the server has sufficient resources to process the
582 incoming request. Note that allocating resources is an
583 implementation specific event that may not correspond to an
584 observable protocol event (e.g., segments on the wire). There are
585 two general concepts that can be applied to all known SYN-flood
586 defenses. There is generally a well defined event when a connection
587 is allocated full resources, and a "backlog" - a queue of embryonic
588 connections that have been allocated only partial resources.
590 In many implementations incoming TCP connections are allocated
591 resources as a side effect of the POSIX [POSIX] accept() call. For
592 this reason we use the terminology "accepting a connection" to refer
593 to this event: committing sufficient network resources to process the
594 incoming request. Accepting a connection typically entails
595 allocating memory for the protocol control block [RFC793], the per
596 connection table rows described in this MIB and CPU resources, such
597 as process table entries or threads.
599 Note that it is not useful to accept connections before they are
600 ESTABLISHED, because this would create an easy opportunity for
601 Denial-of-Service attacks, using forged source IP addresses.
603 The backlog consists of connections that are in SYN-RCVD or
604 ESTABLISHED states, that have not been accepted. For purposes of
605 this MIB we assume that these connections have been allocated some
606 resources (e.g., an embryonic protocol control block) but not full
607 resources (e.g., do not yet have MIB table rows).
609 Note that some SYN-Flood defenses dispense with explicit SYN-RCVD
610 state by cryptographically encoding the state in the ISS of the SYN-
611 ACK (sometimes called a syn-cookie), and then using the sequence
612 number of the first ACK to reconstruct the SYN-RCVD state before
613 transitioning to the ESTABLISHED state. For these implementations
614 there is no explicit representation of the SYN-RCVD state and the
615 backlog only consists of connections that are ESTABLISHED and are
616 waiting to be ACCEPTED.
618 Furthermore, most SYN-flood defenses have some mechanism to throttle
619 connections that might otherwise overwhelm this endpoint. They
620 generally use some combination of discarding incoming SYNs and
621 discarding connections already in the backlog. This does not cause
622 all connections from legitimate clients to fail, as long as the
623 clients retransmit the SYN or first ACK as specified in RFC793. Most
624 diversity in SYN flood defenses arise from variations in these
625 algorithms to limit load, and therefore cannot be instrumented with a
626 common standard MIB.
628 The Listen Table instruments all passively opened TCP connections in
629 terms of observable protocol events (e.g., sent and received
630 segments) and resource allocation events (entering the backlog and
631 being accepted). This approach eases generalization to SYN-flood
632 mechanisms that use alternate TCP state transition diagrams and
633 implicit mechanisms to encode some states.
635 4. TCP Extended Statistics MIB
637 TCP-ESTATS-MIB DEFINITIONS ::= BEGIN
638 IMPORTS
639 MODULE-IDENTITY, Counter32, Integer32, Unsigned32,
640 Gauge32, OBJECT-TYPE, mib-2,
641 NOTIFICATION-TYPE
642 FROM SNMPv2-SMI
643 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
644 FROM SNMPv2-CONF
645 ZeroBasedCounter32
646 FROM RMON2-MIB -- [RFC2021]
647 ZeroBasedCounter64
648 FROM HCNUM-TC -- [RFC2856]
649 TEXTUAL-CONVENTION,
650 DateAndTime, TruthValue, TimeStamp
651 FROM SNMPv2-TC -- [RFC2579]
652 tcpListenerEntry, tcpConnectionEntry
653 FROM TCP-MIB; -- [RFC4022]
655 tcpEStatsMIB MODULE-IDENTITY
656 LAST-UPDATED "200703021625Z" -- Mar 2, 2007
657 ORGANIZATION "IETF TSV Working Group"
658 CONTACT-INFO
659 "Matt Mathis
660 John Heffner
661 Web100 Project
662 Pittsburgh Supercomputing Center
663 4400 Fifth Ave
664 Pittsburgh, PA 15213
665 Email: mathis@psc.edu, jheffner@psc.edu
667 Rajiv Raghunarayan
668 Cisco Systems Inc.
669 San Jose, CA 95134
670 Phone: 408 853 9612
671 Email: raraghun@cisco.com
673 Jon Saperia
674 84 Kettell Plain Road
675 Stow, MA 01775
676 Phone: 617-201-2655
677 Email: saperia@jdscons.com "
678 DESCRIPTION
679 "Documentation of TCP Extended Performance Instrumentation
680 variables from the Web100 project. [Web100]
682 All of the objects in this MIB MUST have the same
683 persistence properties as the underlying TCP implementation.
684 On a reboot, all zero based counters MUST be cleared, all
685 per table rows MUST be deleted and all read-write objects
686 MUST be restored to their default values.
688 It is assumed that all TCP implementation have some
689 initialization code (if nothing else to set IP addresses)
690 that has the opportunity to adjust tcpEStatsConnTableLatency
691 and other read-write scalars controlling the creation of the
692 various tables, before establishing the first TCP
693 connection. Implementations MAY also choose to make these
694 control scalars persist across reboots.
696 Copyright (C) The IETF Trust (2007). This version
697 of this MIB module is a part of RFC xxx1; see the RFC
698 itself for full legal notices."
699 -- RFC Editor: replace xxx1 with actual RFC number & remove note
701 REVISION "200703021625Z" -- Mar 2, 2007
702 DESCRIPTION
703 "Initial version, published as RFC xxx1."
704 -- RFC Editor assigns RFC xxx1
705 ::= { mib-2 xxx2 }
706 -- RFC Editor: IANA assigns base OID xxx2
707 tcpEStatsNotifications OBJECT IDENTIFIER ::= { tcpEStatsMIB 0 }
708 tcpEStatsMIBObjects OBJECT IDENTIFIER ::= { tcpEStatsMIB 1 }
709 tcpEStatsConformance OBJECT IDENTIFIER ::= { tcpEStatsMIB 2 }
710 tcpEStats OBJECT IDENTIFIER ::= { tcpEStatsMIBObjects 1 }
711 tcpEStatsControl OBJECT IDENTIFIER ::= { tcpEStatsMIBObjects 2 }
712 tcpEStatsScalar OBJECT IDENTIFIER ::= { tcpEStatsMIBObjects 3 }
714 --
715 -- Textual Conventions
716 --
718 TcpEStatsNegotiated ::= TEXTUAL-CONVENTION
719 STATUS current
720 DESCRIPTION
721 "Indicates if some optional TCP feature was negotiated.
723 Enabled(1) indicates that the feature was successfully
724 negotiated on, which generally requires both host to agree
725 to use the feature.
727 selfDisabled(2) indicates that the local host refused the
728 feature because it is not implemented, configured off or
729 refused for some other reason, such as the lack of
730 resources.
732 peerDisabled(3) indicates that the local host was willing
733 to negotiate the feature, but the remote host did not
734 do so."
735 SYNTAX INTEGER {
736 enabled(1),
737 selfDisabled(2),
738 peerDisabled(3)
739 }
741 --
742 -- TCP Extended statistics scalars
743 --
745 tcpEStatsListenerTableLastChange OBJECT-TYPE
746 SYNTAX TimeStamp
747 MAX-ACCESS read-only
748 STATUS current
749 DESCRIPTION
750 "The value of sysUpTime at the time of the last
751 creation or deletion of an entry in the tcpListenerTable.
752 If the number of entries has been unchanged since the
753 last re-initialization of the local network management
754 subsystem, then this object contains a zero value."
756 ::= { tcpEStatsScalar 3 }
758 -- ================================================================
759 --
760 -- The tcpEStatsControl Group
761 --
763 -- The scalar objects in this group are used to control the
764 -- activation and deactivation of the TCP Extended Statistics
765 -- tables and notifications in this module.
766 --
768 tcpEStatsControlPath OBJECT-TYPE
769 SYNTAX TruthValue
770 MAX-ACCESS read-write
771 STATUS current
772 DESCRIPTION
773 "Controls the activation of the TCP Path Statistics
774 table.
776 A value 'true' indicates that the TCP Path Statistics
777 table is active, while 'false' indicates that the
778 table is inactive."
779 DEFVAL { false }
780 ::= { tcpEStatsControl 1 }
782 tcpEStatsControlStack OBJECT-TYPE
783 SYNTAX TruthValue
784 MAX-ACCESS read-write
785 STATUS current
786 DESCRIPTION
787 "Controls the activation of the TCP Stack Statistics
788 table.
790 A value 'true' indicates that the TCP Stack Statistics
791 table is active, while 'false' indicates that the
792 table is inactive."
793 DEFVAL { false }
794 ::= { tcpEStatsControl 2 }
796 tcpEStatsControlApp OBJECT-TYPE
797 SYNTAX TruthValue
798 MAX-ACCESS read-write
799 STATUS current
800 DESCRIPTION
801 "Controls the activation of the TCP Application
802 Statistics table.
804 A value 'true' indicates that the TCP Application
805 Statistics table is active, while 'false' indicates
806 that the table is inactive."
807 DEFVAL { false }
808 ::= { tcpEStatsControl 3 }
810 tcpEStatsControlTune OBJECT-TYPE
811 SYNTAX TruthValue
812 MAX-ACCESS read-write
813 STATUS current
814 DESCRIPTION
815 "Controls the activation of the TCP Tuning table.
817 A value 'true' indicates that the TCP Tuning
818 table is active, while 'false' indicates that the
819 table is inactive."
820 DEFVAL { false }
821 ::= { tcpEStatsControl 4 }
823 tcpEStatsControlNotify OBJECT-TYPE
824 SYNTAX TruthValue
825 MAX-ACCESS read-write
826 STATUS current
827 DESCRIPTION
828 "Controls the generation of all notifications defined in
829 this MIB.
831 A value 'true' indicates that the notifications
832 are active, while 'false' indicates that the
833 notifications are inactive."
834 DEFVAL { false }
835 ::= { tcpEStatsControl 5 }
837 tcpEStatsConnTableLatency OBJECT-TYPE
838 SYNTAX Unsigned32
839 UNITS "seconds"
840 MAX-ACCESS read-only
841 STATUS current
842 DESCRIPTION
843 "Specifies the number of seconds that the entity will
844 retain entries in the TCP connection tables, after the
845 connection first enters the closed state. The entity
846 SHOULD provide a configuration option to enable
847 customization of this value. A value of 0
848 results in entries being removed from the tables as soon as
849 the connection enters the closed state. The value of
850 this object pertains to the following tables:
851 tcpEStatsConnectIdTable
852 tcpEStatsPerfTable
853 tcpEStatsPathTable
854 tcpEStatsStackTable
855 tcpEStatsAppTable
856 tcpEStatsTuneTable"
857 DEFVAL { 0 }
858 ::= { tcpEStatsControl 6 }
860 -- ================================================================
861 --
862 -- Listener Table
863 --
865 tcpEStatsListenerTable OBJECT-TYPE
866 SYNTAX SEQUENCE OF TcpEStatsListenerEntry
867 MAX-ACCESS not-accessible
868 STATUS current
869 DESCRIPTION
870 "This table contains information about TCP Listeners,
871 in addition to the information maintained by the
872 tcpListenerTable RFC4022."
873 ::= { tcpEStats 1 }
875 tcpEStatsListenerEntry OBJECT-TYPE
876 SYNTAX TcpEStatsListenerEntry
877 MAX-ACCESS not-accessible
878 STATUS current
879 DESCRIPTION
880 "Each entry in the table contains information about
881 a specific TCP Listener."
882 AUGMENTS { tcpListenerEntry }
883 ::= { tcpEStatsListenerTable 1 }
885 TcpEStatsListenerEntry ::= SEQUENCE {
886 tcpEStatsListenerStartTime TimeStamp,
887 tcpEStatsListenerSynRcvd ZeroBasedCounter32,
888 tcpEStatsListenerInitial ZeroBasedCounter32,
889 tcpEStatsListenerEstablished ZeroBasedCounter32,
890 tcpEStatsListenerAccepted ZeroBasedCounter32,
891 tcpEStatsListenerExceedBacklog ZeroBasedCounter32,
892 tcpEStatsListenerHCSynRcvd ZeroBasedCounter64,
893 tcpEStatsListenerHCInitial ZeroBasedCounter64,
894 tcpEStatsListenerHCEstablished ZeroBasedCounter64,
895 tcpEStatsListenerHCAccepted ZeroBasedCounter64,
896 tcpEStatsListenerHCExceedBacklog ZeroBasedCounter64,
897 tcpEStatsListenerCurConns Gauge32,
898 tcpEStatsListenerMaxBacklog Unsigned32,
899 tcpEStatsListenerCurBacklog Gauge32,
900 tcpEStatsListenerCurEstabBacklog Gauge32
901 }
903 tcpEStatsListenerStartTime OBJECT-TYPE
904 SYNTAX TimeStamp
905 MAX-ACCESS read-only
906 STATUS current
907 DESCRIPTION
908 "The value of sysUpTime at the time this listener was
909 established. If the current state was entered prior to
910 the last re-initialization of the local network management
911 subsystem, then this object contains a zero value."
912 ::= { tcpEStatsListenerEntry 1 }
914 tcpEStatsListenerSynRcvd OBJECT-TYPE
915 SYNTAX ZeroBasedCounter32
916 MAX-ACCESS read-only
917 STATUS current
918 DESCRIPTION
919 "The number of SYNs which have been received for this
920 listener. The total number of failed connections for
921 all reasons can be estimated to be tcpEStatsListenerSynRcvd
922 minus tcpEStatsListenerAccepted and
923 tcpEStatsListenerCurBacklog."
924 ::= { tcpEStatsListenerEntry 2 }
926 tcpEStatsListenerInitial OBJECT-TYPE
927 SYNTAX ZeroBasedCounter32
928 MAX-ACCESS read-only
929 STATUS current
930 DESCRIPTION
931 "The total number of connections for which the Listener
932 has allocated initial state and placed the
933 connection in the backlog. The may happen in the
934 SYN-RCVD or ESTABLISHED states, depending on the
935 implementation."
936 ::= { tcpEStatsListenerEntry 3 }
938 tcpEStatsListenerEstablished OBJECT-TYPE
939 SYNTAX ZeroBasedCounter32
940 MAX-ACCESS read-only
941 STATUS current
942 DESCRIPTION
943 "The number of connections which have been established to
944 this endpoint. (e.g., The number of first ACKs which have
945 been received for this listener)."
946 ::= { tcpEStatsListenerEntry 4 }
948 tcpEStatsListenerAccepted OBJECT-TYPE
949 SYNTAX ZeroBasedCounter32
950 MAX-ACCESS read-only
951 STATUS current
952 DESCRIPTION
953 "The total number of connections for which the Listener
954 has successfully issued an accept, removing the connection
955 from the backlog."
956 ::= { tcpEStatsListenerEntry 5 }
958 tcpEStatsListenerExceedBacklog OBJECT-TYPE
959 SYNTAX ZeroBasedCounter32
960 MAX-ACCESS read-only
961 STATUS current
962 DESCRIPTION
963 "The total number of connections dropped from the
964 backlog by this listener due to all reasons. This
965 includes all connections that are allocated initial
966 resources but are not accepted for some reason."
967 ::= { tcpEStatsListenerEntry 6 }
969 tcpEStatsListenerHCSynRcvd OBJECT-TYPE
970 SYNTAX ZeroBasedCounter64
971 MAX-ACCESS read-only
972 STATUS current
973 DESCRIPTION
974 "The number of SYNs which have been received for this
975 listener on systems that can process (or reject) more
976 than 1 million connections per second. See
977 tcpEStatsListenerSynRcvd."
978 ::= { tcpEStatsListenerEntry 7 }
980 tcpEStatsListenerHCInitial OBJECT-TYPE
981 SYNTAX ZeroBasedCounter64
982 MAX-ACCESS read-only
983 STATUS current
984 DESCRIPTION
985 "The total number of connections for which the Listener
986 has allocated initial state and placed the connection
987 in the backlog on systems that can process (or reject)
988 more than 1 million connections per second. See
989 tcpEStatsListenerInitial."
990 ::= { tcpEStatsListenerEntry 8 }
992 tcpEStatsListenerHCEstablished OBJECT-TYPE
993 SYNTAX ZeroBasedCounter64
994 MAX-ACCESS read-only
995 STATUS current
996 DESCRIPTION
997 "The number of connections which have been established to
998 this endpoint on systems that can process (or reject) more
999 than 1 million connections per second. See
1000 tcpEStatsListenerEstablished."
1001 ::= { tcpEStatsListenerEntry 9 }
1003 tcpEStatsListenerHCAccepted OBJECT-TYPE
1004 SYNTAX ZeroBasedCounter64
1005 MAX-ACCESS read-only
1006 STATUS current
1007 DESCRIPTION
1008 "The total number of connections for which the Listener
1009 has successfully issued an accept, removing the connection
1010 from the backlog on systems that can process (or reject)
1011 more than 1 million connections per second. See
1012 tcpEStatsListenerAccepted."
1013 ::= { tcpEStatsListenerEntry 10 }
1015 tcpEStatsListenerHCExceedBacklog OBJECT-TYPE
1016 SYNTAX ZeroBasedCounter64
1017 MAX-ACCESS read-only
1018 STATUS current
1019 DESCRIPTION
1020 "The total number of connections dropped from the
1021 backlog by this listener due to all reasons on
1022 systems that can process (or reject) more than
1023 1 million connections per second. See
1024 tcpEStatsListenerHCExceedBacklog."
1025 ::= { tcpEStatsListenerEntry 11 }
1027 tcpEStatsListenerCurConns OBJECT-TYPE
1028 SYNTAX Gauge32
1029 MAX-ACCESS read-only
1030 STATUS current
1031 DESCRIPTION
1032 "The current number of connections in the ESTABLISHED
1033 state, which have also been accepted. It excludes
1034 connections that have been established but not accepted
1035 because they are still subject to being discarded to
1036 shed load without explicit action by either endpoint."
1037 ::= { tcpEStatsListenerEntry 12 }
1039 tcpEStatsListenerMaxBacklog OBJECT-TYPE
1040 SYNTAX Unsigned32
1041 MAX-ACCESS read-only
1042 STATUS current
1043 DESCRIPTION
1044 "The maximum number of connections allowed in
1045 backlog at one time."
1046 ::= { tcpEStatsListenerEntry 13 }
1048 tcpEStatsListenerCurBacklog OBJECT-TYPE
1049 SYNTAX Gauge32
1050 MAX-ACCESS read-only
1051 STATUS current
1052 DESCRIPTION
1053 "The current number of connections that are in backlog.
1054 This gauge includes connections in ESTABLISHED or
1055 SYN-RECEIVED states for which the Listener has not yet
1056 issued an accept.
1058 If this listener is using some technique to implicitly
1059 represent the SYN-RECEIVED states (e.g., by
1060 cryptographically encoding the state information in the
1061 initial sequence number, ISS), it MAY elect to exclude
1062 connections in the SYN-RECEIVED state from the backlog."
1063 ::= { tcpEStatsListenerEntry 14 }
1065 tcpEStatsListenerCurEstabBacklog OBJECT-TYPE
1066 SYNTAX Gauge32
1067 MAX-ACCESS read-only
1068 STATUS current
1069 DESCRIPTION
1070 "The current number of connections in backlog that are
1071 in the ESTABLISHED state, but for which the Listener has
1072 not yet issued an accept."
1073 ::= { tcpEStatsListenerEntry 15 }
1075 -- ================================================================
1076 --
1077 -- TCP Connection ID Table
1078 --
1080 tcpEStatsConnectIdTable OBJECT-TYPE
1081 SYNTAX SEQUENCE OF TcpEStatsConnectIdEntry
1082 MAX-ACCESS not-accessible
1083 STATUS current
1084 DESCRIPTION
1085 "This table maps information that uniquely identifies
1086 each active TCP connection to the connection ID used by
1087 other tables in this MIB Module. It is an extention of
1088 tcpConnectionTable in RFC4022.
1090 Entries are retained in this table for the number of
1091 seconds indicated by the tcpEStatsConnTableLatency
1092 object, after the TCP connection first enters the closed
1093 state."
1094 ::= { tcpEStats 2 }
1096 tcpEStatsConnectIdEntry OBJECT-TYPE
1097 SYNTAX TcpEStatsConnectIdEntry
1098 MAX-ACCESS not-accessible
1099 STATUS current
1100 DESCRIPTION
1101 "Each entry in this table maps a TCP connection
1102 4-tuple to a connection index."
1103 AUGMENTS { tcpConnectionEntry }
1104 ::= { tcpEStatsConnectIdTable 1 }
1106 TcpEStatsConnectIdEntry ::= SEQUENCE {
1107 tcpEStatsConnectIndex Unsigned32
1108 }
1110 tcpEStatsConnectIndex OBJECT-TYPE
1111 SYNTAX Unsigned32 (1..4294967295)
1112 MAX-ACCESS read-only
1113 STATUS current
1114 DESCRIPTION
1115 "A unique integer value assigned to each TCP Connection
1116 entry.
1118 The RECOMMENDED algorithm is to begin at 1 and increase to
1119 some implementation specific maximum value and then start
1120 again at 1 skipping values already in use."
1121 ::= { tcpEStatsConnectIdEntry 1 }
1123 -- ================================================================
1124 --
1125 -- Basic TCP Performance Statistics
1126 --
1128 tcpEStatsPerfTable OBJECT-TYPE
1129 SYNTAX SEQUENCE OF TcpEStatsPerfEntry
1130 MAX-ACCESS not-accessible
1131 STATUS current
1132 DESCRIPTION
1134 "This table contains objects that are useful for
1135 measuring TCP performance and first line problem
1136 diagnosis. Most objects in this table directly expose
1137 some TCP state variable or are easily implemented as
1138 simple functions (e.g., the maximum value) of TCP
1139 state variables.
1141 Entries are retained in this table for the number of
1142 seconds indicated by the tcpEStatsConnTableLatency
1143 object, after the TCP connection first enters the closed
1144 state."
1145 ::= { tcpEStats 3 }
1147 tcpEStatsPerfEntry OBJECT-TYPE
1148 SYNTAX TcpEStatsPerfEntry
1149 MAX-ACCESS not-accessible
1150 STATUS current
1151 DESCRIPTION
1152 "Each entry in this table has information about the
1153 characteristics of each active and recently closed tcp
1154 connection."
1155 INDEX { tcpEStatsConnectIndex }
1156 ::= { tcpEStatsPerfTable 1 }
1158 TcpEStatsPerfEntry ::= SEQUENCE {
1160 tcpEStatsPerfSegsOut ZeroBasedCounter32,
1161 tcpEStatsPerfDataSegsOut ZeroBasedCounter32,
1162 tcpEStatsPerfDataOctetsOut ZeroBasedCounter32,
1163 tcpEStatsPerfHCDataOctetsOut ZeroBasedCounter64,
1164 tcpEStatsPerfSegsRetrans ZeroBasedCounter32,
1165 tcpEStatsPerfOctetsRetrans ZeroBasedCounter32,
1166 tcpEStatsPerfSegsIn ZeroBasedCounter32,
1167 tcpEStatsPerfDataSegsIn ZeroBasedCounter32,
1168 tcpEStatsPerfDataOctetsIn ZeroBasedCounter32,
1169 tcpEStatsPerfHCDataOctetsIn ZeroBasedCounter64,
1170 tcpEStatsPerfElapsedSecs ZeroBasedCounter32,
1171 tcpEStatsPerfElapsedMicroSecs ZeroBasedCounter32,
1172 tcpEStatsPerfStartTimeStamp DateAndTime,
1173 tcpEStatsPerfCurMSS Gauge32,
1174 tcpEStatsPerfPipeSize Gauge32,
1175 tcpEStatsPerfMaxPipeSize Gauge32,
1176 tcpEStatsPerfSmoothedRTT Gauge32,
1177 tcpEStatsPerfCurRTO Gauge32,
1178 tcpEStatsPerfCongSignals ZeroBasedCounter32,
1179 tcpEStatsPerfCurCwnd Gauge32,
1180 tcpEStatsPerfCurSsthresh Gauge32,
1181 tcpEStatsPerfTimeouts ZeroBasedCounter32,
1182 tcpEStatsPerfCurRwinSent Gauge32,
1183 tcpEStatsPerfMaxRwinSent Gauge32,
1184 tcpEStatsPerfZeroRwinSent ZeroBasedCounter32,
1185 tcpEStatsPerfCurRwinRcvd Gauge32,
1186 tcpEStatsPerfMaxRwinRcvd Gauge32,
1187 tcpEStatsPerfZeroRwinRcvd ZeroBasedCounter32,
1188 tcpEStatsPerfSndLimTransRwin ZeroBasedCounter32,
1189 tcpEStatsPerfSndLimTransCwnd ZeroBasedCounter32,
1190 tcpEStatsPerfSndLimTransSnd ZeroBasedCounter32,
1191 tcpEStatsPerfSndLimTimeRwin ZeroBasedCounter32,
1192 tcpEStatsPerfSndLimTimeCwnd ZeroBasedCounter32,
1193 tcpEStatsPerfSndLimTimeSnd ZeroBasedCounter32
1194 }
1196 --
1197 -- The following objects provide statistics on aggregate
1198 -- segments and data sent on a connection. These provide a
1199 -- direct measure of the Internet capacity consumed by a
1200 -- connection.
1201 --
1203 tcpEStatsPerfSegsOut OBJECT-TYPE
1204 SYNTAX ZeroBasedCounter32
1205 MAX-ACCESS read-only
1206 STATUS current
1207 DESCRIPTION
1208 "The total number of segments sent."
1209 ::= { tcpEStatsPerfEntry 1 }
1211 tcpEStatsPerfDataSegsOut OBJECT-TYPE
1212 SYNTAX ZeroBasedCounter32
1213 MAX-ACCESS read-only
1214 STATUS current
1215 DESCRIPTION
1216 "The number of segments sent containing a positive length
1217 data segment."
1218 ::= { tcpEStatsPerfEntry 2 }
1220 tcpEStatsPerfDataOctetsOut OBJECT-TYPE
1221 SYNTAX ZeroBasedCounter32
1222 UNITS "octets"
1223 MAX-ACCESS read-only
1224 STATUS current
1225 DESCRIPTION
1226 "The number of octets of data contained in transmitted
1227 segments, including retransmitted data. Note that this does
1228 not include TCP headers."
1229 ::= { tcpEStatsPerfEntry 3 }
1231 tcpEStatsPerfHCDataOctetsOut OBJECT-TYPE
1232 SYNTAX ZeroBasedCounter64
1233 UNITS "octets"
1234 MAX-ACCESS read-only
1235 STATUS current
1236 DESCRIPTION
1237 "The number of octets of data contained in transmitted
1238 segments, including retransmitted data, on systems that can
1239 transmit more than 10 million bits per second. Note that
1240 this does not include TCP headers."
1241 ::= { tcpEStatsPerfEntry 4 }
1243 tcpEStatsPerfSegsRetrans OBJECT-TYPE
1244 SYNTAX ZeroBasedCounter32
1245 MAX-ACCESS read-only
1246 STATUS current
1247 DESCRIPTION
1248 "The number of segments transmitted containing at least some
1249 retransmitted data."
1250 REFERENCE
1251 "RFC793, Transmission Control Protocol"
1252 ::= { tcpEStatsPerfEntry 5 }
1254 tcpEStatsPerfOctetsRetrans OBJECT-TYPE
1255 SYNTAX ZeroBasedCounter32
1256 UNITS "octets"
1257 MAX-ACCESS read-only
1258 STATUS current
1259 DESCRIPTION
1260 "The number of octets retransmitted."
1261 REFERENCE
1262 "RFC793, Transmission Control Protocol"
1263 ::= { tcpEStatsPerfEntry 6 }
1265 tcpEStatsPerfSegsIn OBJECT-TYPE
1266 SYNTAX ZeroBasedCounter32
1267 MAX-ACCESS read-only
1268 STATUS current
1269 DESCRIPTION
1270 "The total number of segments received."
1271 ::= { tcpEStatsPerfEntry 7 }
1273 tcpEStatsPerfDataSegsIn OBJECT-TYPE
1274 SYNTAX ZeroBasedCounter32
1275 MAX-ACCESS read-only
1276 STATUS current
1277 DESCRIPTION
1278 "The number of segments received containing a positive
1279 length data segment."
1280 ::= { tcpEStatsPerfEntry 8 }
1282 tcpEStatsPerfDataOctetsIn OBJECT-TYPE
1283 SYNTAX ZeroBasedCounter32
1284 UNITS "octets"
1285 MAX-ACCESS read-only
1286 STATUS current
1287 DESCRIPTION
1288 "The number of octets contained in received data segments,
1289 including retransmitted data. Note that this does not
1290 include TCP headers."
1291 ::= { tcpEStatsPerfEntry 9 }
1293 tcpEStatsPerfHCDataOctetsIn OBJECT-TYPE
1294 SYNTAX ZeroBasedCounter64
1295 UNITS "octets"
1296 MAX-ACCESS read-only
1297 STATUS current
1298 DESCRIPTION
1299 "The number of octets contained in received data segments,
1300 including retransmitted data, on systems that can receive
1301 more than 10 million bits per second. Note that this does
1302 not include TCP headers."
1303 ::= { tcpEStatsPerfEntry 10 }
1305 tcpEStatsPerfElapsedSecs OBJECT-TYPE
1306 SYNTAX ZeroBasedCounter32
1307 UNITS "seconds"
1308 MAX-ACCESS read-only
1309 STATUS current
1310 DESCRIPTION
1311 "The seconds part of the time elapsed between
1312 tcpEStatsPerfStartTimeStamp and the most recent protocol
1313 event (segment sent or received)."
1314 ::= { tcpEStatsPerfEntry 11 }
1316 tcpEStatsPerfElapsedMicroSecs OBJECT-TYPE
1317 SYNTAX ZeroBasedCounter32
1318 UNITS "microseconds"
1319 MAX-ACCESS read-only
1320 STATUS current
1321 DESCRIPTION
1322 "The micro-second part of time elapsed between
1323 tcpEStatsPerfStartTimeStamp to the most recent protocol
1324 event (segment sent or received). This may be updated in
1325 whatever time granularity is the system supports."
1326 ::= { tcpEStatsPerfEntry 12 }
1328 tcpEStatsPerfStartTimeStamp OBJECT-TYPE
1329 SYNTAX DateAndTime
1330 MAX-ACCESS read-only
1331 STATUS current
1332 DESCRIPTION
1333 "Time at which this row was created and all
1334 ZeroBasedCounters in the row were initialized to zero."
1335 ::= { tcpEStatsPerfEntry 13 }
1337 --
1338 -- The following objects can be used to fit minimal
1339 -- performance models to the TCP data rate.
1340 --
1342 tcpEStatsPerfCurMSS OBJECT-TYPE
1343 SYNTAX Gauge32
1344 UNITS "octets"
1345 MAX-ACCESS read-only
1346 STATUS current
1347 DESCRIPTION
1348 "The current maximum segment size (MSS), in octets."
1349 REFERENCE
1350 "RFC1122, Requirements for Internet Hosts - Communication
1351 Layers"
1352 ::= { tcpEStatsPerfEntry 14 }
1354 tcpEStatsPerfPipeSize OBJECT-TYPE
1355 SYNTAX Gauge32
1356 UNITS "octets"
1357 MAX-ACCESS read-only
1358 STATUS current
1359 DESCRIPTION
1360 "The TCP senders current estimate of the number of
1361 unacknowledged data octets in the network.
1363 While not in recovery (e.g., while the receiver is not
1364 reporting missing data to the sender) this is precisely the
1365 same as ``Flight size'' as defined in RFC2581, which can be
1366 computed as SND.NXT minus SND.UNA. [RFC793]
1368 During recovery the TCP sender has incomplete information
1369 about the state of the network (e.g., which segments are
1370 lost vs reordered, especially if the return path is also
1371 dropping TCP acknowledgments). Current TCP standards do not
1372 mandate any specific algorithm for estimating the number of
1373 unacknowledged data octets in the network.
1375 RFC3517 describes a conservative algorithm to use SACK
1376 information to estimate the number of unacknowledged data
1377 octets in the network. tcpEStatsPerfPipeSize object SHOULD
1378 be the same as ``pipe'' as defined in RFC3517 if it is
1379 implemented. (Note that while not in recovery the pipe
1380 algorithm yields the same values as flight size).
1382 If RFC3517 is not implemented, the data octets in flight
1383 SHOULD be estimated as SND.NXT minus SND.UNA adjusted by
1384 some measure of the data that has left the network and
1385 retransmitted data. For example, with Reno or NewReno style
1386 TCP, the number of duplicate acknowledgment is used to
1387 count the number of segments that have left the network.
1388 I.e., PipeSize=SND.NXT-SND.UNA+(retransmits-dupacks)*CurMSS"
1389 REFERENCE
1390 "RFC793, RFC2581, RFC3517"
1391 ::= { tcpEStatsPerfEntry 15 }
1393 tcpEStatsPerfMaxPipeSize OBJECT-TYPE
1394 SYNTAX Gauge32
1395 UNITS "octets"
1396 MAX-ACCESS read-only
1397 STATUS current
1398 DESCRIPTION
1399 "The maximum value of tcpEStatsPerfPipeSize, for this
1400 connection."
1401 REFERENCE
1402 "RFC793, RFC2581, RFC3517"
1403 ::= { tcpEStatsPerfEntry 16 }
1405 tcpEStatsPerfSmoothedRTT OBJECT-TYPE
1406 SYNTAX Gauge32
1407 UNITS "milliseconds"
1408 MAX-ACCESS read-only
1409 STATUS current
1410 DESCRIPTION
1411 "The smoothed round trip time used in calculation of the
1412 RTO. See SRTT in [RFC2988]."
1413 REFERENCE
1414 "RFC2988, Computing TCP's Retransmission Timer"
1415 ::= { tcpEStatsPerfEntry 17 }
1417 tcpEStatsPerfCurRTO OBJECT-TYPE
1418 SYNTAX Gauge32
1419 UNITS "milliseconds"
1420 MAX-ACCESS read-only
1421 STATUS current
1422 DESCRIPTION
1423 "The current value of the retransmit timer RTO."
1424 REFERENCE
1425 "RFC2988, Computing TCP's Retransmission Timer"
1426 ::= { tcpEStatsPerfEntry 18 }
1428 tcpEStatsPerfCongSignals OBJECT-TYPE
1429 SYNTAX ZeroBasedCounter32
1430 MAX-ACCESS read-only
1431 STATUS current
1432 DESCRIPTION
1433 "The number of multiplicative downward congestion window
1434 adjustments due to all forms of congestion signals,
1435 including Fast Retransmit, ECN and timeouts. This object
1436 summarizes all events that invoke the MD portion of AIMD
1437 congestion control, and as such is the best indicator of
1438 how cwnd is being affected by congestion.
1440 Note that retransmission timeouts multiplicatively reduce
1441 the window implicitly by setting ssthresh, and SHOULD be
1442 included in tcpEStatsPerfCongSignals. In order to minimize
1443 spurious congestion indications due to out-of-order
1444 segments, tcpEStatsPerfCongSignals SHOULD be incremented in
1445 association with the Fast Retransmit algorithm."
1446 REFERENCE
1447 "RFC2581, TCP Congestion Control"
1448 ::= { tcpEStatsPerfEntry 19 }
1450 tcpEStatsPerfCurCwnd OBJECT-TYPE
1451 SYNTAX Gauge32
1452 UNITS "octets"
1453 MAX-ACCESS read-only
1454 STATUS current
1455 DESCRIPTION
1456 "The current congestion window, in octets."
1457 REFERENCE
1458 "RFC2581, TCP Congestion Control"
1459 ::= { tcpEStatsPerfEntry 20 }
1461 tcpEStatsPerfCurSsthresh OBJECT-TYPE
1462 SYNTAX Gauge32
1463 UNITS "octets"
1464 MAX-ACCESS read-only
1465 STATUS current
1466 DESCRIPTION
1467 "The current slow start threshold in octets."
1468 REFERENCE
1469 "RFC2581, TCP Congestion Control"
1470 ::= { tcpEStatsPerfEntry 21 }
1472 tcpEStatsPerfTimeouts OBJECT-TYPE
1473 SYNTAX ZeroBasedCounter32
1474 MAX-ACCESS read-only
1475 STATUS current
1476 DESCRIPTION
1477 "The number of times the retransmit timeout has expired when
1478 the RTO backoff multiplier is equal to one."
1479 REFERENCE
1480 "RFC2988, Computing TCP's Retransmission Timer"
1481 ::= { tcpEStatsPerfEntry 22 }
1483 --
1484 -- The following objects instrument receiver window updates
1485 -- sent by the local receiver to the remote sender. These can
1486 -- be used to determine if the local receiver is exerting flow
1487 -- control back pressure on the remote sender.
1488 --
1490 tcpEStatsPerfCurRwinSent OBJECT-TYPE
1491 SYNTAX Gauge32
1492 UNITS "octets"
1493 MAX-ACCESS read-only
1494 STATUS current
1495 DESCRIPTION
1496 "The most recent window advertisement sent, in octets."
1497 REFERENCE
1498 "RFC793, Transmission Control Protocol"
1499 ::= { tcpEStatsPerfEntry 23 }
1501 tcpEStatsPerfMaxRwinSent OBJECT-TYPE
1502 SYNTAX Gauge32
1503 UNITS "octets"
1504 MAX-ACCESS read-only
1505 STATUS current
1506 DESCRIPTION
1507 "The maximum window advertisement sent, in octets."
1508 REFERENCE
1509 "RFC793, Transmission Control Protocol"
1510 ::= { tcpEStatsPerfEntry 24 }
1512 tcpEStatsPerfZeroRwinSent OBJECT-TYPE
1513 SYNTAX ZeroBasedCounter32
1514 MAX-ACCESS read-only
1515 STATUS current
1516 DESCRIPTION
1517 "The number of acknowledgments sent announcing a zero
1518 receive window, when the previously announced window was
1519 not zero."
1520 REFERENCE
1521 "RFC793, Transmission Control Protocol"
1522 ::= { tcpEStatsPerfEntry 25 }
1524 --
1525 -- The following objects instrument receiver window updates
1526 -- from the far end-system to determine if the remote receiver
1527 -- has sufficient buffer space or is exerting flow-control
1528 -- back pressure on the local sender.
1529 --
1531 tcpEStatsPerfCurRwinRcvd OBJECT-TYPE
1532 SYNTAX Gauge32
1533 UNITS "octets"
1534 MAX-ACCESS read-only
1535 STATUS current
1536 DESCRIPTION
1537 "The most recent window advertisement received, in octets."
1538 REFERENCE
1539 "RFC793, Transmission Control Protocol"
1540 ::= { tcpEStatsPerfEntry 26 }
1542 tcpEStatsPerfMaxRwinRcvd OBJECT-TYPE
1543 SYNTAX Gauge32
1544 UNITS "octets"
1545 MAX-ACCESS read-only
1546 STATUS current
1547 DESCRIPTION
1548 "The maximum window advertisement received, in octets."
1549 REFERENCE
1550 "RFC793, Transmission Control Protocol"
1551 ::= { tcpEStatsPerfEntry 27 }
1553 tcpEStatsPerfZeroRwinRcvd OBJECT-TYPE
1554 SYNTAX ZeroBasedCounter32
1555 MAX-ACCESS read-only
1556 STATUS current
1557 DESCRIPTION
1558 "The number of acknowledgments received announcing a zero
1559 receive window, when the previously announced window was
1560 not zero."
1561 REFERENCE
1562 "RFC793, Transmission Control Protocol"
1563 ::= { tcpEStatsPerfEntry 28 }
1565 --
1566 -- The following optional objects can be used to quickly
1567 -- identify which subsystems are limiting TCP performance.
1568 -- There are three parallel pairs of instruments that measure
1569 -- the extent to which TCP performance is limited by the
1570 -- announced receiver window (indicating a receiver
1571 -- bottleneck), the current congestion window or
1572 -- retransmission timeout (indicating a path bottleneck) and
1573 -- all others events (indicating a sender bottleneck).
1574 --
1575 -- These instruments SHOULD be updated every time the TCP
1576 -- output routine stops sending data. The elapsed time since
1577 -- the previous stop is accumulated into the appropriate
1578 -- object as determined by the previous stop reason (e.g.,
1579 -- stop state). The current stop reason determines which timer
1580 -- will be updated the next time TCP output stops.
1581 --
1582 -- Since there is no explicit stop at the beginning of a
1583 -- timeout, it is necessary to retroactively reclassify the
1584 -- previous stop as 'Congestion Limited'.
1585 --
1587 tcpEStatsPerfSndLimTransRwin OBJECT-TYPE
1588 SYNTAX ZeroBasedCounter32
1589 MAX-ACCESS read-only
1590 STATUS current
1591 DESCRIPTION
1592 "The number of transitions into the 'Receiver Limited' state
1593 from either the 'Congestion Limited' or 'Sender Limited'
1594 states. This state is entered whenever TCP transmission
1595 stops because the sender has filled the announced receiver
1596 window. I.e., when SND.NXT has advanced to SND.UNA +
1597 SND.WND - 1 as described in RFC 793."
1598 REFERENCE
1599 "RFC793, Transmission Control Protocol"
1600 ::= { tcpEStatsPerfEntry 31 }
1602 tcpEStatsPerfSndLimTransCwnd OBJECT-TYPE
1603 SYNTAX ZeroBasedCounter32
1604 MAX-ACCESS read-only
1605 STATUS current
1606 DESCRIPTION
1607 "The number of transitions into the 'Congestion Limited'
1608 state from either the 'Receiver Limited' or 'Sender
1609 Limited' states. This state is entered whenever TCP
1610 transmission stops because the sender has reached some
1611 limit defined by congestion control (e.g., cwnd) or other
1612 algorithms (retransmission timeouts) designed to control
1613 network traffic. See the definition of 'CONGESTION WINDOW'
1614 in RFC 2581."
1615 REFERENCE
1616 "RFC2581, TCP Congestion Control"
1617 ::= { tcpEStatsPerfEntry 32 }
1619 tcpEStatsPerfSndLimTransSnd OBJECT-TYPE
1620 SYNTAX ZeroBasedCounter32
1621 MAX-ACCESS read-only
1622 STATUS current
1623 DESCRIPTION
1624 "The number of transitions into the 'Sender Limited' state
1625 from either the 'Receiver Limited' or 'Congestion Limited'
1626 states. This state is entered whenever TCP transmission
1627 stops due to some sender limit such as running out of
1628 application data or other resources and the Karn algorithm.
1629 When TCP stops sending data for any reason which cannot be
1630 classified as Receiver Limited or Congestion Limited it
1631 MUST be treated as Sender Limited."
1632 ::= { tcpEStatsPerfEntry 33 }
1634 tcpEStatsPerfSndLimTimeRwin OBJECT-TYPE
1635 SYNTAX ZeroBasedCounter32
1636 UNITS "milliseconds"
1637 MAX-ACCESS read-only
1638 STATUS current
1639 DESCRIPTION
1640 "The cumulative time spent in the 'Receiver Limited' state.
1641 See tcpEStatsPerfSndLimTransRwin."
1642 ::= { tcpEStatsPerfEntry 34 }
1644 tcpEStatsPerfSndLimTimeCwnd OBJECT-TYPE
1645 SYNTAX ZeroBasedCounter32
1646 UNITS "milliseconds"
1647 MAX-ACCESS read-only
1648 STATUS current
1649 DESCRIPTION
1650 "The cumulative time spent in the 'Congestion Limited'
1651 state. See tcpEStatsPerfSndLimTransCwnd. When there is a
1652 retransmission timeout, it SHOULD be counted in
1653 tcpEStatsPerfSndLimTimeCwnd (and not the cumulative time
1654 for some other state.)"
1655 ::= { tcpEStatsPerfEntry 35 }
1657 tcpEStatsPerfSndLimTimeSnd OBJECT-TYPE
1658 SYNTAX ZeroBasedCounter32
1659 UNITS "milliseconds"
1660 MAX-ACCESS read-only
1661 STATUS current
1662 DESCRIPTION
1663 "The cumulative time spent in the 'Sender Limited' state.
1664 See tcpEStatsPerfSndLimTransSnd."
1665 ::= { tcpEStatsPerfEntry 36 }
1667 -- ================================================================
1668 --
1669 -- Statistics for diagnosing path problems
1670 --
1672 tcpEStatsPathTable OBJECT-TYPE
1673 SYNTAX SEQUENCE OF TcpEStatsPathEntry
1674 MAX-ACCESS not-accessible
1675 STATUS current
1676 DESCRIPTION
1677 "This table contains objects that can be used to infer
1678 detailed behavior of the Internet path, such as the
1679 extent that there is reordering, ECN bits and if
1680 RTT fluctuations are correlated to losses.
1682 Entries are retained in this table for the number of
1683 seconds indicated by the tcpEStatsConnTableLatency
1684 object, after the TCP connection first enters the closed
1685 state."
1686 ::= { tcpEStats 4 }
1688 tcpEStatsPathEntry OBJECT-TYPE
1689 SYNTAX TcpEStatsPathEntry
1690 MAX-ACCESS not-accessible
1691 STATUS current
1692 DESCRIPTION
1693 "Each entry in this table has information about the
1694 characteristics of each active and recently closed tcp
1695 connection."
1696 INDEX { tcpEStatsConnectIndex }
1697 ::= { tcpEStatsPathTable 1 }
1699 TcpEStatsPathEntry ::= SEQUENCE {
1701 tcpEStatsPathRetranThresh Gauge32,
1702 tcpEStatsPathNonRecovDAEpisodes ZeroBasedCounter32,
1703 tcpEStatsPathSumOctetsReordered ZeroBasedCounter32,
1704 tcpEStatsPathNonRecovDA ZeroBasedCounter32,
1705 tcpEStatsPathSampleRTT Gauge32,
1706 tcpEStatsPathRTTVar Gauge32,
1707 tcpEStatsPathMaxRTT Gauge32,
1708 tcpEStatsPathMinRTT Gauge32,
1709 tcpEStatsPathSumRTT ZeroBasedCounter32,
1710 tcpEStatsPathHCSumRTT ZeroBasedCounter64,
1711 tcpEStatsPathCountRTT ZeroBasedCounter32,
1712 tcpEStatsPathMaxRTO Gauge32,
1713 tcpEStatsPathMinRTO Gauge32,
1714 tcpEStatsPathIpTtl Unsigned32,
1715 tcpEStatsPathIpTosIn OCTET STRING,
1716 tcpEStatsPathIpTosOut OCTET STRING,
1717 tcpEStatsPathPreCongSumCwnd ZeroBasedCounter32,
1718 tcpEStatsPathPreCongSumRTT ZeroBasedCounter32,
1719 tcpEStatsPathPostCongSumRTT ZeroBasedCounter32,
1720 tcpEStatsPathPostCongCountRTT ZeroBasedCounter32,
1721 tcpEStatsPathECNsignals ZeroBasedCounter32,
1722 tcpEStatsPathDupAckEpisodes ZeroBasedCounter32,
1723 tcpEStatsPathRcvRTT Gauge32,
1724 tcpEStatsPathDupAcksOut ZeroBasedCounter32,
1725 tcpEStatsPathCERcvd ZeroBasedCounter32,
1726 tcpEStatsPathECESent ZeroBasedCounter32
1727 }
1729 --
1730 -- The following optional objects can be used to infer segment
1731 -- reordering on the path from the local sender to the remote
1732 -- receiver.
1733 --
1735 tcpEStatsPathRetranThresh OBJECT-TYPE
1736 SYNTAX Gauge32
1737 MAX-ACCESS read-only
1738 STATUS current
1739 DESCRIPTION
1740 "The number of duplicate acknowledgments required to trigger
1741 Fast Retransmit. Note that although this is constant in
1742 traditional Reno TCP implementations, it is adaptive in
1743 many newer TCPs."
1744 REFERENCE
1745 "RFC2581, TCP Congestion Control"
1746 ::= { tcpEStatsPathEntry 1 }
1748 tcpEStatsPathNonRecovDAEpisodes OBJECT-TYPE
1749 SYNTAX ZeroBasedCounter32
1750 MAX-ACCESS read-only
1751 STATUS current
1752 DESCRIPTION
1753 "The number of duplicate acknowledgment episodes that did
1754 not trigger a Fast Retransmit because ACK advanced prior to
1755 the number of duplicate acknowledgments reaching
1756 RetranThresh.
1758 In many implementations this is the number of times the
1759 'dupacks' counter is set to zero when it is non-zero but
1760 less than RetranThresh.
1762 Note that the change in tcpEStatsPathNonRecovDAEpisodes
1763 divided by the change in tcpEStatsPerfDataSegsOut is an
1764 estimate of the frequency of data reordering on the forward
1765 path over some interval."
1766 REFERENCE
1767 "RFC2581, TCP Congestion Control"
1768 ::= { tcpEStatsPathEntry 2 }
1770 tcpEStatsPathSumOctetsReordered OBJECT-TYPE
1771 SYNTAX ZeroBasedCounter32
1772 UNITS "octets"
1773 MAX-ACCESS read-only
1774 STATUS current
1775 DESCRIPTION
1776 "The sum of the amounts SND.UNA advances on the
1777 acknowledgment which ends a dup-ack episode without a
1778 retransmission.
1780 Note the change in tcpEStatsPathSumOctetsReordered divided
1781 by the change in tcpEStatsPathNonRecovDAEpisodes is an
1782 estimates of the average reordering distance, over some
1783 interval."
1784 ::= { tcpEStatsPathEntry 3 }
1786 tcpEStatsPathNonRecovDA OBJECT-TYPE
1787 SYNTAX ZeroBasedCounter32
1788 MAX-ACCESS read-only
1789 STATUS current
1790 DESCRIPTION
1791 "Duplicate acks (or SACKS) that did not trigger a Fast
1792 Retransmit because ACK advanced prior to the number of
1793 duplicate acknowledgments reaching RetranThresh.
1795 In many implementations, this is the sum of the 'dupacks'
1796 counter, just before it is set to zero because ACK advanced
1797 without a Fast Retransmit.
1799 Note that the change in tcpEStatsPathNonRecovDA divided by
1800 the change in tcpEStatsPathNonRecovDAEpisodes is an
1801 estimate of the average reordering distance in segments
1802 over some interval."
1803 REFERENCE
1804 "RFC2581, TCP Congestion Control"
1805 ::= { tcpEStatsPathEntry 4 }
1807 --
1808 -- The following optional objects instrument the round trip
1809 -- time estimator and the retransmission timeout timer.
1810 --
1811 tcpEStatsPathSampleRTT OBJECT-TYPE
1812 SYNTAX Gauge32
1813 UNITS "milliseconds"
1814 MAX-ACCESS read-only
1815 STATUS current
1816 DESCRIPTION
1817 "The most recent raw round trip time measurement used in
1818 calculation of the RTO."
1819 REFERENCE
1820 "RFC2988, Computing TCP's Retransmission Timer"
1821 ::= { tcpEStatsPathEntry 11 }
1823 tcpEStatsPathRTTVar OBJECT-TYPE
1824 SYNTAX Gauge32
1825 UNITS "milliseconds"
1826 MAX-ACCESS read-only
1827 STATUS current
1828 DESCRIPTION
1829 "The round trip time variation used in calculation of the
1830 RTO. See RTTVAR in [RFC2988]."
1831 REFERENCE
1832 "RFC2988, Computing TCP's Retransmission Timer"
1833 ::= { tcpEStatsPathEntry 12 }
1835 tcpEStatsPathMaxRTT OBJECT-TYPE
1836 SYNTAX Gauge32
1837 UNITS "milliseconds"
1838 MAX-ACCESS read-only
1839 STATUS current
1840 DESCRIPTION
1841 "The maximum sampled round trip time."
1842 REFERENCE
1843 "RFC2988, Computing TCP's Retransmission Timer"
1844 ::= { tcpEStatsPathEntry 13 }
1846 tcpEStatsPathMinRTT OBJECT-TYPE
1847 SYNTAX Gauge32
1848 UNITS "milliseconds"
1849 MAX-ACCESS read-only
1850 STATUS current
1851 DESCRIPTION
1852 "The minimum sampled round trip time."
1853 REFERENCE
1854 "RFC2988, Computing TCP's Retransmission Timer"
1855 ::= { tcpEStatsPathEntry 14 }
1857 tcpEStatsPathSumRTT OBJECT-TYPE
1858 SYNTAX ZeroBasedCounter32
1859 UNITS "milliseconds"
1860 MAX-ACCESS read-only
1861 STATUS current
1862 DESCRIPTION
1863 "The sum of all sampled round trip times.
1865 Note that the change in tcpEStatsPathSumRTT divided by the
1866 change in tcpEStatsPathCountRTT is the mean RTT, uniformly
1867 averaged over an enter interval."
1868 REFERENCE
1869 "RFC2988, Computing TCP's Retransmission Timer"
1870 ::= { tcpEStatsPathEntry 15 }
1872 tcpEStatsPathHCSumRTT OBJECT-TYPE
1873 SYNTAX ZeroBasedCounter64
1874 UNITS "milliseconds"
1875 MAX-ACCESS read-only
1876 STATUS current
1877 DESCRIPTION
1878 "The sum of all sampled round trip times, on all systems
1879 that implement multiple concurrent RTT measurements.
1881 Note that the change in tcpEStatsPathHCSumRTT divided by
1882 the change in tcpEStatsPathCountRTT is the mean RTT,
1883 uniformly averaged over an enter interval."
1884 REFERENCE
1885 "RFC2988, Computing TCP's Retransmission Timer"
1886 ::= { tcpEStatsPathEntry 16 }
1888 tcpEStatsPathCountRTT OBJECT-TYPE
1889 SYNTAX ZeroBasedCounter32
1890 MAX-ACCESS read-only
1891 STATUS current
1892 DESCRIPTION
1893 "The number of round trip time samples included in
1894 tcpEStatsPathSumRTT and tcpEStatsPathHCSumRTT."
1895 REFERENCE
1896 "RFC2988, Computing TCP's Retransmission Timer"
1897 ::= { tcpEStatsPathEntry 17 }
1899 tcpEStatsPathMaxRTO OBJECT-TYPE
1900 SYNTAX Gauge32
1901 UNITS "milliseconds"
1902 MAX-ACCESS read-only
1903 STATUS current
1904 DESCRIPTION
1905 "The maximum value of the retransmit timer RTO."
1906 REFERENCE
1907 "RFC2988, Computing TCP's Retransmission Timer"
1908 ::= { tcpEStatsPathEntry 18 }
1910 tcpEStatsPathMinRTO OBJECT-TYPE
1911 SYNTAX Gauge32
1912 UNITS "milliseconds"
1913 MAX-ACCESS read-only
1914 STATUS current
1915 DESCRIPTION
1916 "The minimum value of the retransmit timer RTO."
1917 REFERENCE
1918 "RFC2988, Computing TCP's Retransmission Timer"
1919 ::= { tcpEStatsPathEntry 19 }
1921 --
1922 -- The following optional objects provide information about
1923 -- how TCP is using the IP layer.
1924 --
1926 tcpEStatsPathIpTtl OBJECT-TYPE
1927 SYNTAX Unsigned32
1928 MAX-ACCESS read-only
1929 STATUS current
1930 DESCRIPTION
1931 "The value of the TTL field carried in the most recently
1932 received IP header. This is sometimes useful to detect
1933 changing or unstable routes."
1934 REFERENCE
1935 "RFC791, Internet Protocol"
1936 ::= { tcpEStatsPathEntry 20 }
1938 tcpEStatsPathIpTosIn OBJECT-TYPE
1939 SYNTAX OCTET STRING (SIZE(1))
1940 MAX-ACCESS read-only
1941 STATUS current
1942 DESCRIPTION
1943 "The value of the IPv4 Type Of Service octet, or the IPv6
1944 traffic class octet, carried in the most recently received
1945 IP header.
1947 This is useful to diagnose interactions between TCP and any
1948 IP layer packet scheduling and delivery policy, which might
1949 be in effect to implement Diffserv."
1950 REFERENCE
1951 "RFC3260, New Terminology and Clarifications for Diffserv"
1952 ::= { tcpEStatsPathEntry 21 }
1954 tcpEStatsPathIpTosOut OBJECT-TYPE
1955 SYNTAX OCTET STRING (SIZE(1))
1956 MAX-ACCESS read-only
1957 STATUS current
1958 DESCRIPTION
1959 "The value of the IPv4 Type Of Service octet, or the IPv6
1960 traffic class octet, carried in the most recently
1961 transmitted IP header.
1963 This is useful to diagnose interactions between TCP and any
1964 IP layer packet scheduling and delivery policy, which might
1965 be in effect to implement Diffserv."
1966 REFERENCE
1967 "RFC3260, New Terminology and Clarifications for Diffserv"
1968 ::= { tcpEStatsPathEntry 22 }
1970 --
1971 -- The following optional objects characterize the congestion
1972 -- feedback signals by collecting statistics on how the
1973 -- congestion events are correlated to losses, changes in RTT
1974 -- and other protocol events.
1975 --
1977 tcpEStatsPathPreCongSumCwnd OBJECT-TYPE
1978 SYNTAX ZeroBasedCounter32
1979 UNITS "octets"
1980 MAX-ACCESS read-only
1981 STATUS current
1982 DESCRIPTION
1983 "The sum of the values of the congestion window, in octets,
1984 captured each time a congestion signal is received. This
1985 MUST be updated each time tcpEStatsPerfCongSignals is
1986 incremented, such that the change in
1987 tcpEStatsPathPreCongSumCwnd divided by the change in
1988 tcpEStatsPerfCongSignals is the average window (over some
1989 interval) just prior to a congestion signal."
1990 ::= { tcpEStatsPathEntry 23 }
1992 tcpEStatsPathPreCongSumRTT OBJECT-TYPE
1993 SYNTAX ZeroBasedCounter32
1994 UNITS "milliseconds"
1995 MAX-ACCESS read-only
1996 STATUS current
1997 DESCRIPTION
1998 "Sum of the last sample of the RTT (tcpEStatsPathSampleRTT)
1999 prior to received congestion signals. This MUST be updated
2000 each time tcpEStatsPerfCongSignals is incremented, such
2001 that the change in tcpEStatsPathPreCongSumRTT divided by
2002 the change in tcpEStatsPerfCongSignals is the average RTT
2003 (over some interval) just prior to a congestion signal."
2004 ::= { tcpEStatsPathEntry 24 }
2006 tcpEStatsPathPostCongSumRTT OBJECT-TYPE
2007 SYNTAX ZeroBasedCounter32
2008 UNITS "octets"
2009 MAX-ACCESS read-only
2010 STATUS current
2011 DESCRIPTION
2012 "Sum of the first sample of the RTT (tcpEStatsPathSampleRTT)
2013 following each congestion signal. Such that the change in
2014 tcpEStatsPathPostCongSumRTT divided by the change in
2015 tcpEStatsPathPostCongCountRTT is the average RTT (over some
2016 interval) just after a congestion signal."
2017 ::= { tcpEStatsPathEntry 25 }
2019 tcpEStatsPathPostCongCountRTT OBJECT-TYPE
2020 SYNTAX ZeroBasedCounter32
2021 UNITS "milliseconds"
2022 MAX-ACCESS read-only
2023 STATUS current
2024 DESCRIPTION
2025 "The number of RTT samples included in
2026 tcpEStatsPathPostCongSumRTT such that the change in
2027 tcpEStatsPathPostCongSumRTT divided by the change in
2028 tcpEStatsPathPostCongCountRTT is the average RTT (over some
2029 interval) just after a congestion signal."
2030 ::= { tcpEStatsPathEntry 26 }
2032 --
2033 -- The following optional objects can be used to detect other
2034 -- types of non-loss congestion signals such as source quench
2035 -- or ECN.
2036 --
2038 tcpEStatsPathECNsignals OBJECT-TYPE
2039 SYNTAX ZeroBasedCounter32
2040 MAX-ACCESS read-only
2041 STATUS current
2042 DESCRIPTION
2043 "The number of congestion signals delivered to the TCP
2044 sender via explicit congestion notification (ECN). This is
2045 typically the number of segments bearing ECE bits but
2046 should also include segments failing the ECN nonce check or
2047 other explicit congestion signals."
2048 REFERENCE
2049 "RFC3168, The Addition of Explicit Congestion Notification
2050 (ECN) to IP"
2052 ::= { tcpEStatsPathEntry 27 }
2054 --
2055 -- The following optional objects are receiver side
2056 -- instruments of the path from the sender to the receiver. In
2057 -- general the receiver has less information about the state
2058 -- of the path, because the receiver does not have a robust
2059 -- mechanism to infer the sender's actions.
2060 --
2062 tcpEStatsPathDupAckEpisodes OBJECT-TYPE
2063 SYNTAX ZeroBasedCounter32
2064 MAX-ACCESS read-only
2065 STATUS current
2066 DESCRIPTION
2067 "The number of Duplicate Acks Sent when prior Ack was not
2068 duplicate. This is the number of times that a contiguous
2069 series of duplicate acknowledgments have been sent.
2071 This is an indication of the number of data segments lost
2072 or reordered on the path from the remote TCP endpoint to
2073 the near TCP endpoint."
2074 REFERENCE
2075 "RFC2581, TCP Congestion Control"
2076 ::= { tcpEStatsPathEntry 28 }
2078 tcpEStatsPathRcvRTT OBJECT-TYPE
2079 SYNTAX Gauge32
2080 MAX-ACCESS read-only
2081 STATUS current
2082 DESCRIPTION
2083 "The receiver's estimate of the Path RTT.
2085 Adaptive receiver window algorithms depend on the receiver
2086 to having a good estimate of the path RTT."
2087 ::= { tcpEStatsPathEntry 29 }
2089 tcpEStatsPathDupAcksOut OBJECT-TYPE
2090 SYNTAX ZeroBasedCounter32
2091 MAX-ACCESS read-only
2092 STATUS current
2093 DESCRIPTION
2094 "The number of duplicate ACKs sent. The ratio of the change
2095 in tcpEStatsPathDupAcksOut to the change in
2096 tcpEStatsPathDupAckEpisodes is an indication of reorder or
2097 recovery distance over some interval."
2098 REFERENCE
2099 "RFC2581, TCP Congestion Control"
2101 ::= { tcpEStatsPathEntry 30 }
2103 tcpEStatsPathCERcvd OBJECT-TYPE
2104 SYNTAX ZeroBasedCounter32
2105 MAX-ACCESS read-only
2106 STATUS current
2107 DESCRIPTION
2108 "The number of segments received with IP headers bearing
2109 Congestion Experienced (CE) markings."
2110 REFERENCE
2111 "RFC3168, The Addition of Explicit Congestion Notification
2112 (ECN) to IP"
2113 ::= { tcpEStatsPathEntry 31 }
2115 tcpEStatsPathECESent OBJECT-TYPE
2116 SYNTAX ZeroBasedCounter32
2117 MAX-ACCESS read-only
2118 STATUS current
2119 DESCRIPTION
2120 "Number of times the Echo Congestion Experienced (ECE) bit
2121 in the TCP header has been set (transitioned from 0 to 1),
2122 due to a Congestion Experienced (CE) marking on an IP
2123 header. Note that ECE can be set and reset only once per
2124 RTT, while CE can be set on many segments per RTT."
2125 REFERENCE
2126 "RFC3168, The Addition of Explicit Congestion Notification
2127 (ECN) to IP"
2128 ::= { tcpEStatsPathEntry 32 }
2130 -- ================================================================
2131 --
2132 -- Statistics for diagnosing stack algorithms
2133 --
2135 tcpEStatsStackTable OBJECT-TYPE
2136 SYNTAX SEQUENCE OF TcpEStatsStackEntry
2137 MAX-ACCESS not-accessible
2138 STATUS current
2139 DESCRIPTION
2140 "This table contains objects that are most useful for
2141 determining how well some of the TCP control
2142 algorithms are coping with this particular
2143 path.
2145 Entries are retained in this table for the number of
2146 seconds indicated by the tcpEStatsConnTableLatency
2147 object, after the TCP connection first enters the closed
2148 state."
2150 ::= { tcpEStats 5 }
2152 tcpEStatsStackEntry OBJECT-TYPE
2153 SYNTAX TcpEStatsStackEntry
2154 MAX-ACCESS not-accessible
2155 STATUS current
2156 DESCRIPTION
2157 "Each entry in this table has information about the
2158 characteristics of each active and recently closed tcp
2159 connection."
2160 INDEX { tcpEStatsConnectIndex }
2161 ::= { tcpEStatsStackTable 1 }
2163 TcpEStatsStackEntry ::= SEQUENCE {
2165 tcpEStatsStackActiveOpen TruthValue,
2166 tcpEStatsStackMSSSent Unsigned32,
2167 tcpEStatsStackMSSRcvd Unsigned32,
2168 tcpEStatsStackWinScaleSent Integer32,
2169 tcpEStatsStackWinScaleRcvd Integer32,
2170 tcpEStatsStackTimeStamps TcpEStatsNegotiated,
2171 tcpEStatsStackECN TcpEStatsNegotiated,
2172 tcpEStatsStackWillSendSACK TcpEStatsNegotiated,
2173 tcpEStatsStackWillUseSACK TcpEStatsNegotiated,
2174 tcpEStatsStackState INTEGER,
2175 tcpEStatsStackNagle TruthValue,
2176 tcpEStatsStackMaxSsCwnd Gauge32,
2177 tcpEStatsStackMaxCaCwnd Gauge32,
2178 tcpEStatsStackMaxSsthresh Gauge32,
2179 tcpEStatsStackMinSsthresh Gauge32,
2180 tcpEStatsStackInRecovery INTEGER,
2181 tcpEStatsStackDupAcksIn ZeroBasedCounter32,
2182 tcpEStatsStackSpuriousFrDetected ZeroBasedCounter32,
2183 tcpEStatsStackSpuriousRtoDetected ZeroBasedCounter32,
2184 tcpEStatsStackSoftErrors ZeroBasedCounter32,
2185 tcpEStatsStackSoftErrorReason INTEGER,
2186 tcpEStatsStackSlowStart ZeroBasedCounter32,
2187 tcpEStatsStackCongAvoid ZeroBasedCounter32,
2188 tcpEStatsStackOtherReductions ZeroBasedCounter32,
2189 tcpEStatsStackCongOverCount ZeroBasedCounter32,
2190 tcpEStatsStackFastRetran ZeroBasedCounter32,
2191 tcpEStatsStackSubsequentTimeouts ZeroBasedCounter32,
2192 tcpEStatsStackCurTimeoutCount Gauge32,
2193 tcpEStatsStackAbruptTimeouts ZeroBasedCounter32,
2194 tcpEStatsStackSACKsRcvd ZeroBasedCounter32,
2195 tcpEStatsStackSACKBlocksRcvd ZeroBasedCounter32,
2196 tcpEStatsStackSendStall ZeroBasedCounter32,
2197 tcpEStatsStackDSACKDups ZeroBasedCounter32,
2198 tcpEStatsStackMaxMSS Gauge32,
2199 tcpEStatsStackMinMSS Gauge32,
2200 tcpEStatsStackSndInitial Unsigned32,
2201 tcpEStatsStackRecInitial Unsigned32,
2202 tcpEStatsStackCurRetxQueue Gauge32,
2203 tcpEStatsStackMaxRetxQueue Gauge32,
2204 tcpEStatsStackCurReasmQueue Gauge32,
2205 tcpEStatsStackMaxReasmQueue Gauge32
2206 }
2208 --
2209 -- The following objects reflect TCP options carried on the
2210 -- SYN or SYN-ACK. These options are used to provide
2211 -- additional protocol parameters or to enable various
2212 -- optional TCP features or algorithms.
2213 --
2214 -- Except as noted, the TCP protocol does not permit these
2215 -- options to change after the SYN exchange.
2216 --
2218 tcpEStatsStackActiveOpen OBJECT-TYPE
2219 SYNTAX TruthValue
2220 MAX-ACCESS read-only
2221 STATUS current
2222 DESCRIPTION
2223 "True(1) if the local connection traversed the SYN-SENT
2224 state, else false(2)."
2225 REFERENCE
2226 "RFC793, Transmission Control Protocol"
2227 ::= { tcpEStatsStackEntry 1 }
2229 tcpEStatsStackMSSSent OBJECT-TYPE
2230 SYNTAX Unsigned32
2231 MAX-ACCESS read-only
2232 STATUS current
2233 DESCRIPTION
2234 "The value sent in an MSS option, or zero if none."
2235 REFERENCE
2236 "RFC1122, Requirements for Internet Hosts - Communication
2237 Layers"
2238 ::= { tcpEStatsStackEntry 2 }
2240 tcpEStatsStackMSSRcvd OBJECT-TYPE
2241 SYNTAX Unsigned32
2242 MAX-ACCESS read-only
2243 STATUS current
2244 DESCRIPTION
2245 "The value received in an MSS option, or zero if none."
2247 REFERENCE
2248 "RFC1122, Requirements for Internet Hosts - Communication
2249 Layers"
2250 ::= { tcpEStatsStackEntry 3 }
2252 tcpEStatsStackWinScaleSent OBJECT-TYPE
2253 SYNTAX Integer32 (-1..14)
2254 MAX-ACCESS read-only
2255 STATUS current
2256 DESCRIPTION
2257 "The value of the transmitted window scale option if one was
2258 sent; otherwise, a value of -1.
2260 Note that if both tcpEStatsStackWinScaleSent and
2261 tcpEStatsStackWinScaleRcvd are not -1, then Rcv.Wind.Scale
2262 will be the same as this value and used to scale receiver
2263 window announcements from the local host to the remote
2264 host."
2265 REFERENCE
2266 "RFC1323, TCP Extensions for High Performance"
2267 ::= { tcpEStatsStackEntry 4 }
2269 tcpEStatsStackWinScaleRcvd OBJECT-TYPE
2270 SYNTAX Integer32 (-1..14)
2271 MAX-ACCESS read-only
2272 STATUS current
2273 DESCRIPTION
2274 "The value of the received window scale option if one was
2275 received; otherwise, a value of -1.
2277 Note that if both tcpEStatsStackWinScaleSent and
2278 tcpEStatsStackWinScaleRcvd are not -1, then Snd.Wind.Scale
2279 will be the same as this value and used to scale receiver
2280 window announcements from the remote host to the local
2281 host."
2282 REFERENCE
2283 "RFC1323, TCP Extensions for High Performance"
2284 ::= { tcpEStatsStackEntry 5 }
2286 tcpEStatsStackTimeStamps OBJECT-TYPE
2287 SYNTAX TcpEStatsNegotiated
2288 MAX-ACCESS read-only
2289 STATUS current
2290 DESCRIPTION
2291 "Enabled(1) if TCP timestamps have been negotiated on,
2292 selfDisabled(2) if they are disabled or not implemented on
2293 the local host, or peerDisabled(3) if not negotiated by the
2294 remote hosts."
2296 REFERENCE
2297 "RFC1323, TCP Extensions for High Performance"
2298 ::= { tcpEStatsStackEntry 6 }
2300 tcpEStatsStackECN OBJECT-TYPE
2301 SYNTAX TcpEStatsNegotiated
2302 MAX-ACCESS read-only
2303 STATUS current
2304 DESCRIPTION
2305 "Enabled(1) if Explicit Congestion Notification (ECN) has
2306 been negotiated on, selfDisabled(2) if it is disabled or
2307 not implemented on the local host, or peerDisabled(3) if
2308 not negotiated by the remote hosts."
2309 REFERENCE
2310 "RFC3168, The Addition of Explicit Congestion Notification
2311 (ECN) to IP"
2312 ::= { tcpEStatsStackEntry 7 }
2314 tcpEStatsStackWillSendSACK OBJECT-TYPE
2315 SYNTAX TcpEStatsNegotiated
2316 MAX-ACCESS read-only
2317 STATUS current
2318 DESCRIPTION
2319 "Enabled(1) if the local host will send SACK options
2320 selfDisabled(2) if SACK is disabled or not implemented on
2321 the local host, or peerDisabled(3) if the remote host did
2322 not send the SACK-permitted option.
2324 Note that SACK negotiation is not symmetrical. SACK can
2325 enabled on one side of the connection and not the other."
2326 REFERENCE
2327 "RFC2018, TCP Selective Acknowledgement Options"
2328 ::= { tcpEStatsStackEntry 8 }
2330 tcpEStatsStackWillUseSACK OBJECT-TYPE
2331 SYNTAX TcpEStatsNegotiated
2332 MAX-ACCESS read-only
2333 STATUS current
2334 DESCRIPTION
2335 "Enabled(1) if the local host will process SACK options
2336 selfDisabled(2) if SACK is disabled or not implemented on
2337 the local host, or peerDisabled(3) if the remote host sends
2338 duplicate ACKs without SACK options, or the local host
2339 otherwise decides not to process received SACK options.
2341 Unlike other TCP options, the remote data receiver cannot
2342 explicitly indicate if it is able to generate SACK options.
2343 When sending data, the local host has to deduce if the
2344 remote receiver is sending SACK options. This object can
2345 transition from Enabled(1) to peerDisabled(3) after the SYN
2346 exchange.
2348 Note that SACK negotiation is not symmetrical. SACK can
2349 enabled on one side of the connection and not the other."
2350 REFERENCE
2351 "RFC2018, TCP Selective Acknowledgement Options"
2352 ::= { tcpEStatsStackEntry 9 }
2354 --
2355 -- The following two objects reflect the current state of the
2356 -- connection.
2357 --
2359 tcpEStatsStackState OBJECT-TYPE
2360 SYNTAX INTEGER {
2361 tcpESStateClosed(1),
2362 tcpESStateListen(2),
2363 tcpESStateSynSent(3),
2364 tcpESStateSynReceived(4),
2365 tcpESStateEstablished(5),
2366 tcpESStateFinWait1(6),
2367 tcpESStateFinWait2(7),
2368 tcpESStateCloseWait(8),
2369 tcpESStateLastAck(9),
2370 tcpESStateClosing(10),
2371 tcpESStateTimeWait(11),
2372 tcpESStateDeleteTcb(12)
2373 }
2374 MAX-ACCESS read-only
2375 STATUS current
2376 DESCRIPTION
2377 "An integer value representing the connection state from the
2378 TCP State Transition Diagram.
2380 The value listen(2) is included only for parallelism to the
2381 old tcpConnTable, and SHOULD NOT be used because the listen
2382 state in managed by the tcpListenerTable.
2384 The value DeleteTcb(12) is included only for parallelism to
2385 the tcpConnTable mechanism for terminating connections,
2386 although this table does not permit writing."
2387 REFERENCE
2388 "RFC793, Transmission Control Protocol"
2389 ::= { tcpEStatsStackEntry 10 }
2391 tcpEStatsStackNagle OBJECT-TYPE
2392 SYNTAX TruthValue
2393 MAX-ACCESS read-only
2394 STATUS current
2395 DESCRIPTION
2396 "True(1) if the Nagle algorithm is being used, else
2397 false(2)."
2398 REFERENCE
2399 "RFC1122, Requirements for Internet Hosts - Communication
2400 Layers"
2401 ::= { tcpEStatsStackEntry 11 }
2403 --
2404 -- The following objects instrument the overall operation of
2405 -- TCP congestion control and data retransmissions. These
2406 -- instruments are sufficient to fit the actual performance to
2407 -- an updated macroscopic performance model [RFC2581] [Mat97]
2408 -- [Pad98].
2409 --
2411 tcpEStatsStackMaxSsCwnd OBJECT-TYPE
2412 SYNTAX Gauge32
2413 UNITS "octets"
2414 MAX-ACCESS read-only
2415 STATUS current
2416 DESCRIPTION
2417 "The maximum congestion window used during Slow Start, in
2418 octets."
2419 REFERENCE
2420 "RFC2581, TCP Congestion Control"
2421 ::= { tcpEStatsStackEntry 12 }
2423 tcpEStatsStackMaxCaCwnd OBJECT-TYPE
2424 SYNTAX Gauge32
2425 UNITS "octets"
2426 MAX-ACCESS read-only
2427 STATUS current
2428 DESCRIPTION
2429 "The maximum congestion window used during Congestion
2430 Avoidance, in octets."
2431 REFERENCE
2432 "RFC2581, TCP Congestion Control"
2433 ::= { tcpEStatsStackEntry 13 }
2435 tcpEStatsStackMaxSsthresh OBJECT-TYPE
2436 SYNTAX Gauge32
2437 UNITS "octets"
2438 MAX-ACCESS read-only
2439 STATUS current
2440 DESCRIPTION
2441 "The maximum slow start threshold, excluding the initial
2442 value."
2443 REFERENCE
2444 "RFC2581, TCP Congestion Control"
2445 ::= { tcpEStatsStackEntry 14 }
2447 tcpEStatsStackMinSsthresh OBJECT-TYPE
2448 SYNTAX Gauge32
2449 UNITS "octets"
2450 MAX-ACCESS read-only
2451 STATUS current
2452 DESCRIPTION
2453 "The minimum slow start threshold."
2454 REFERENCE
2455 "RFC2581, TCP Congestion Control"
2456 ::= { tcpEStatsStackEntry 15 }
2458 tcpEStatsStackInRecovery OBJECT-TYPE
2459 SYNTAX INTEGER {
2460 tcpESDataContiguous(1),
2461 tcpESDataUnordered(2),
2462 tcpESDataRecovery(3)
2463 }
2464 MAX-ACCESS read-only
2465 STATUS current
2466 DESCRIPTION
2467 "An integer value representing the state of the loss
2468 recovery for this connection.
2470 tcpESDataContiguous(1) indicates that the remote receiver
2471 is reporting contiguous data (no duplicate acknowledgments
2472 or SACK options) and that there are no unacknowledged
2473 retransmissions.
2475 tcpESDataUnordered(2) indicates that the remote receiver is
2476 reporting missing or out-of-order data (e.g., sending
2477 duplicate acknowledgments or SACK options) and that there
2478 are no unacknowledged retransmissions (because the missing
2479 data has not yet been retransmitted).
2481 tcpESDataRecovery(3) indicates that the sender has
2482 outstanding retransmitted data which is still
2483 unacknowledged."
2484 REFERENCE
2485 "RFC2581, TCP Congestion Control"
2486 ::= { tcpEStatsStackEntry 16 }
2488 tcpEStatsStackDupAcksIn OBJECT-TYPE
2489 SYNTAX ZeroBasedCounter32
2490 MAX-ACCESS read-only
2491 STATUS current
2492 DESCRIPTION
2493 "The number of duplicate ACKs received."
2494 REFERENCE
2495 "RFC2581, TCP Congestion Control"
2496 ::= { tcpEStatsStackEntry 17 }
2498 tcpEStatsStackSpuriousFrDetected OBJECT-TYPE
2499 SYNTAX ZeroBasedCounter32
2500 MAX-ACCESS read-only
2501 STATUS current
2502 DESCRIPTION
2503 "The number of acknowledgments reporting out-of-order
2504 segments after the Fast Retransmit algorithm has already
2505 retransmitted the segments. (For example as detected by the
2506 Eifel algorithm).'"
2507 REFERENCE
2508 "RFC3522, The Eifel Detection Algorithm for TCP"
2509 ::= { tcpEStatsStackEntry 18 }
2511 tcpEStatsStackSpuriousRtoDetected OBJECT-TYPE
2512 SYNTAX ZeroBasedCounter32
2513 MAX-ACCESS read-only
2514 STATUS current
2515 DESCRIPTION
2516 "The number of acknowledgments reporting segments that have
2517 already been retransmitted due to a Retransmission Timeout."
2518 ::= { tcpEStatsStackEntry 19 }
2520 --
2521 -- The following optional objects instrument unusual protocol
2522 -- events that probably indicate implementation problems in
2523 -- the protocol or path.
2524 --
2526 tcpEStatsStackSoftErrors OBJECT-TYPE
2527 SYNTAX ZeroBasedCounter32
2528 MAX-ACCESS read-only
2529 STATUS current
2530 DESCRIPTION
2531 "The number of segments that fail various consistency tests
2532 during TCP input processing. Soft errors might cause the
2533 segment to be discard but some do not. Some of these soft
2534 errors cause the generation of a TCP acknowledgment, others
2535 are silently discarded."
2537 REFERENCE
2538 "RFC793, Transmission Control Protocol"
2539 ::= { tcpEStatsStackEntry 21 }
2541 tcpEStatsStackSoftErrorReason OBJECT-TYPE
2542 SYNTAX INTEGER {
2543 belowDataWindow(1),
2544 aboveDataWindow(2),
2545 belowAckWindow(3),
2546 aboveAckWindow(4),
2547 belowTSWindow(5),
2548 aboveTSWindow(6),
2549 dataCheckSum(7),
2550 otherSoftError(8)
2551 }
2552 MAX-ACCESS read-only
2553 STATUS current
2554 DESCRIPTION
2555 "This object identifies which consistency test most recently
2556 failed during tcp input processing. This object SHOULD be
2557 set every time tcpEStatsStackSoftErrors is incremented. The
2558 codes are as follows:
2560 belowDataWindow(1) - All data in the segment is below
2561 SND.UNA. (Normal for keep-alives and zero window probes).
2563 aboveDataWindow(2) - Some data in the segment is above
2564 SND.WND. (Indicates an implementation bug or possible
2565 attack).
2567 belowAckWindow(3) - ACK below SND.UNA. (Indicates that the
2568 return path is reordering ACKs)
2570 aboveAckWindow(4) - An ACK for data that we have not sent.
2571 (Indicates an implementation bug or possible attack).
2573 belowTSWindow(5) - TSecr on the segment is older than the
2574 current TS.Recent (Normal for the rare case where PAWS
2575 detects data reordered by the network.)
2577 aboveTSWindow(6) - TSecr on the segment is newer than the
2578 current TS.Recent. (Indicates an implementation bug or
2579 possible attack).
2581 dataCheckSum(7) - Incorrect checksum. Note that this value
2582 is intrinsically fragile, because the header fields used to
2583 identify the connection may have been corrupted.
2585 otherSoftError(8) - All other soft errors not listed
2586 above.'"
2587 REFERENCE
2588 "RFC793, Transmission Control Protocol"
2589 ::= { tcpEStatsStackEntry 22 }
2591 --
2592 -- The following optional objects expose the detailed
2593 -- operation of the congestion control algorithms.
2594 --
2596 tcpEStatsStackSlowStart OBJECT-TYPE
2597 SYNTAX ZeroBasedCounter32
2598 MAX-ACCESS read-only
2599 STATUS current
2600 DESCRIPTION
2601 "The number of times the congestion window has been
2602 increased by the Slow Start algorithm."
2603 REFERENCE
2604 "RFC2581, TCP Congestion Control"
2605 ::= { tcpEStatsStackEntry 23 }
2607 tcpEStatsStackCongAvoid OBJECT-TYPE
2608 SYNTAX ZeroBasedCounter32
2609 MAX-ACCESS read-only
2610 STATUS current
2611 DESCRIPTION
2612 "The number of times the congestion window has been
2613 increased by the Congestion Avoidance algorithm."
2614 REFERENCE
2615 "RFC2581, TCP Congestion Control"
2616 ::= { tcpEStatsStackEntry 24 }
2618 tcpEStatsStackOtherReductions OBJECT-TYPE
2619 SYNTAX ZeroBasedCounter32
2620 MAX-ACCESS read-only
2621 STATUS current
2622 DESCRIPTION
2623 "The number of congestion window reductions made as a result
2624 of anything other than AIMD congestion control algorithms.
2625 Examples of non-multiplicative window reductions include
2626 Congestion Window Validation [RFC2861] and experimental
2627 algorithms such as Vegas [Bra94].
2629 All window reductions MUST be counted as either
2630 tcpEStatsPerfCongSignals or tcpEStatsStackOtherReductions."
2631 REFERENCE
2632 "RFC2861, TCP Congestion Window Validation"
2634 ::= { tcpEStatsStackEntry 25 }
2636 tcpEStatsStackCongOverCount OBJECT-TYPE
2637 SYNTAX ZeroBasedCounter32
2638 MAX-ACCESS read-only
2639 STATUS current
2640 DESCRIPTION
2641 "The number of congestion events which were 'backed out' of
2642 the congestion control state machine such that the
2643 congestion window was restored to a prior value. This can
2644 happen due to the Eifel algorithm [RFC3522] or other
2645 algorithms which can be used to detect and cancel spurious
2646 invocations of the Fast Retransmit Algorithm.
2648 Although it may be feasible to undo the effects of spurious
2649 invocation of the Fast Retransmit congestion events cannot
2650 easily be backed out of tcpEStatsPerfCongSignals and
2651 tcpEStatsPathPreCongSumCwnd, etc."
2652 REFERENCE
2653 "RFC3522, The Eifel Detection Algorithm for TCP"
2654 ::= { tcpEStatsStackEntry 26 }
2656 tcpEStatsStackFastRetran OBJECT-TYPE
2657 SYNTAX ZeroBasedCounter32
2658 MAX-ACCESS read-only
2659 STATUS current
2660 DESCRIPTION
2661 "The number of invocations of the Fast Retransmit algorithm."
2662 REFERENCE
2663 "RFC2581, TCP Congestion Control"
2664 ::= { tcpEStatsStackEntry 27 }
2666 tcpEStatsStackSubsequentTimeouts OBJECT-TYPE
2667 SYNTAX ZeroBasedCounter32
2668 MAX-ACCESS read-only
2669 STATUS current
2670 DESCRIPTION
2671 "The number of times the retransmit timeout has expired
2672 after the RTO has been doubled. See section 5.5 in RFC2988."
2673 REFERENCE
2674 "RFC2988, Computing TCP's Retransmission Timer"
2675 ::= { tcpEStatsStackEntry 28 }
2677 tcpEStatsStackCurTimeoutCount OBJECT-TYPE
2678 SYNTAX Gauge32
2679 MAX-ACCESS read-only
2680 STATUS current
2681 DESCRIPTION
2682 "The current number of times the retransmit timeout has
2683 expired without receiving an acknowledgment for new data.
2684 tcpEStatsStackCurTimeoutCount is reset to zero when new
2685 data is acknowledged and incremented for each invocation of
2686 section 5.5 in RFC2988."
2687 REFERENCE
2688 "RFC2988, Computing TCP's Retransmission Timer"
2689 ::= { tcpEStatsStackEntry 29 }
2691 tcpEStatsStackAbruptTimeouts OBJECT-TYPE
2692 SYNTAX ZeroBasedCounter32
2693 MAX-ACCESS read-only
2694 STATUS current
2695 DESCRIPTION
2696 "The number of timeouts that occurred without any
2697 immediately preceding duplicate acknowledgments or other
2698 indications of congestion. Abrupt Timeouts indicate that
2699 the path lost an entire window of data or acknowledgments.
2701 Timeouts that are preceded by duplicate acknowledgments or
2702 other congestion signals (e.g., ECN) are not counted as
2703 abrupt, and might have been avoided by a more sophisticated
2704 Fast Retransmit algorithm."
2705 REFERENCE
2706 "RFC2581, TCP Congestion Control"
2707 ::= { tcpEStatsStackEntry 30 }
2709 tcpEStatsStackSACKsRcvd OBJECT-TYPE
2710 SYNTAX ZeroBasedCounter32
2711 MAX-ACCESS read-only
2712 STATUS current
2713 DESCRIPTION
2714 "The number of SACK options received."
2715 REFERENCE
2716 "RFC2018, TCP Selective Acknowledgement Options"
2717 ::= { tcpEStatsStackEntry 31 }
2719 tcpEStatsStackSACKBlocksRcvd OBJECT-TYPE
2720 SYNTAX ZeroBasedCounter32
2721 MAX-ACCESS read-only
2722 STATUS current
2723 DESCRIPTION
2724 "The number of SACK blocks received (within SACK options)."
2725 REFERENCE
2726 "RFC2018, TCP Selective Acknowledgement Options"
2727 ::= { tcpEStatsStackEntry 32 }
2729 tcpEStatsStackSendStall OBJECT-TYPE
2730 SYNTAX ZeroBasedCounter32
2731 MAX-ACCESS read-only
2732 STATUS current
2733 DESCRIPTION
2734 "The number of interface stalls or other sender local
2735 resource limitations that are treated as congestion
2736 signals."
2737 ::= { tcpEStatsStackEntry 33 }
2739 tcpEStatsStackDSACKDups OBJECT-TYPE
2740 SYNTAX ZeroBasedCounter32
2741 MAX-ACCESS read-only
2742 STATUS current
2743 DESCRIPTION
2744 "The number of duplicate segments reported to the local host
2745 by D-SACK blocks."
2746 REFERENCE
2747 "RFC2883, An Extension to the Selective Acknowledgement
2748 (SACK) Option for TCP"
2749 ::= { tcpEStatsStackEntry 34 }
2751 --
2752 -- The following optional objects instrument path MTU
2753 -- discovery.
2754 --
2756 tcpEStatsStackMaxMSS OBJECT-TYPE
2757 SYNTAX Gauge32
2758 UNITS "octets"
2759 MAX-ACCESS read-only
2760 STATUS current
2761 DESCRIPTION
2762 "The maximum MSS, in octets."
2763 REFERENCE
2764 "RFC1191, Path MTU discovery"
2765 ::= { tcpEStatsStackEntry 35 }
2767 tcpEStatsStackMinMSS OBJECT-TYPE
2768 SYNTAX Gauge32
2769 UNITS "octets"
2770 MAX-ACCESS read-only
2771 STATUS current
2772 DESCRIPTION
2773 "The minimum MSS, in octets."
2774 REFERENCE
2775 "RFC1191, Path MTU discovery"
2776 ::= { tcpEStatsStackEntry 36 }
2778 --
2779 -- The following optional initial value objects are useful for
2780 -- conformance testing instruments on application progress and
2781 -- consumed network resources.
2782 --
2784 tcpEStatsStackSndInitial OBJECT-TYPE
2785 SYNTAX Unsigned32
2786 MAX-ACCESS read-only
2787 STATUS current
2788 DESCRIPTION
2789 "Initial send sequence number. Note that by definition
2790 tcpEStatsStackSndInitial never changes for a given
2791 connection."
2792 REFERENCE
2793 "RFC793, Transmission Control Protocol"
2794 ::= { tcpEStatsStackEntry 37 }
2796 tcpEStatsStackRecInitial OBJECT-TYPE
2797 SYNTAX Unsigned32
2798 MAX-ACCESS read-only
2799 STATUS current
2800 DESCRIPTION
2801 "Initial receive sequence number. Note that by definition
2802 tcpEStatsStackRecInitial never changes for a given
2803 connection."
2804 REFERENCE
2805 "RFC793, Transmission Control Protocol"
2806 ::= { tcpEStatsStackEntry 38 }
2808 --
2809 -- The following optional objects instrument the senders
2810 -- buffer usage, including any buffering in the application
2811 -- interface to TCP and the retransmit queue. All 'buffer
2812 -- memory' instruments are assumed to include OS data
2813 -- structure overhead.
2814 --
2816 tcpEStatsStackCurRetxQueue OBJECT-TYPE
2817 SYNTAX Gauge32
2818 UNITS "octets"
2819 MAX-ACCESS read-only
2820 STATUS current
2821 DESCRIPTION
2822 "The current number of octets of data occupying the
2823 retransmit queue."
2824 ::= { tcpEStatsStackEntry 39 }
2826 tcpEStatsStackMaxRetxQueue OBJECT-TYPE
2827 SYNTAX Gauge32
2828 UNITS "octets"
2829 MAX-ACCESS read-only
2830 STATUS current
2831 DESCRIPTION
2832 "The maximum number of octets of data occupying the
2833 retransmit queue."
2834 ::= { tcpEStatsStackEntry 40 }
2836 tcpEStatsStackCurReasmQueue OBJECT-TYPE
2837 SYNTAX Gauge32
2838 UNITS "octets"
2839 MAX-ACCESS read-only
2840 STATUS current
2841 DESCRIPTION
2842 "The current number of octets of sequence space spanned by
2843 the reassembly queue. This is generally the difference
2844 between rcv.nxt and the sequence number of the right most
2845 edge of the reassembly queue."
2846 ::= { tcpEStatsStackEntry 41 }
2848 tcpEStatsStackMaxReasmQueue OBJECT-TYPE
2849 SYNTAX Gauge32
2850 MAX-ACCESS read-only
2851 STATUS current
2852 DESCRIPTION
2853 "The maximum value of tcpEStatsStackCurReasmQueue"
2854 ::= { tcpEStatsStackEntry 42 }
2856 -- ================================================================
2857 --
2858 -- Statistics for diagnosing interactions between
2859 -- applications and TCP.
2860 --
2862 tcpEStatsAppTable OBJECT-TYPE
2863 SYNTAX SEQUENCE OF TcpEStatsAppEntry
2864 MAX-ACCESS not-accessible
2865 STATUS current
2866 DESCRIPTION
2867 "This table contains objects that are useful for
2868 determining if the application using TCP is
2869 limiting TCP performance.
2871 Entries are retained in this table for the number of
2872 seconds indicated by the tcpEStatsConnTableLatency
2873 object, after the TCP connection first enters the closed
2874 state."
2875 ::= { tcpEStats 6 }
2877 tcpEStatsAppEntry OBJECT-TYPE
2878 SYNTAX TcpEStatsAppEntry
2879 MAX-ACCESS not-accessible
2880 STATUS current
2881 DESCRIPTION
2882 "Each entry in this table has information about the
2883 characteristics of each active and recently closed tcp
2884 connection."
2885 INDEX { tcpEStatsConnectIndex }
2886 ::= { tcpEStatsAppTable 1 }
2888 TcpEStatsAppEntry ::= SEQUENCE {
2890 tcpEStatsAppSndUna Counter32,
2891 tcpEStatsAppSndNxt Unsigned32,
2892 tcpEStatsAppSndMax Counter32,
2893 tcpEStatsAppThruOctetsAcked ZeroBasedCounter32,
2894 tcpEStatsAppHCThruOctetsAcked ZeroBasedCounter64,
2895 tcpEStatsAppRcvNxt Counter32,
2896 tcpEStatsAppThruOctetsReceived ZeroBasedCounter32,
2897 tcpEStatsAppHCThruOctetsReceived ZeroBasedCounter64,
2898 tcpEStatsAppCurAppWQueue Gauge32,
2899 tcpEStatsAppMaxAppWQueue Gauge32,
2900 tcpEStatsAppCurAppRQueue Gauge32,
2901 tcpEStatsAppMaxAppRQueue Gauge32
2902 }
2904 --
2905 -- The following objects provide throughput statistics for the
2906 -- connection including sequence numbers and elapsed
2907 -- application data. These permit direct observation of the
2908 -- applications progress, in terms of elapsed data delivery
2909 -- and elapsed time.
2910 --
2912 tcpEStatsAppSndUna OBJECT-TYPE
2913 SYNTAX Counter32
2914 MAX-ACCESS read-only
2915 STATUS current
2916 DESCRIPTION
2917 "The value of SND.UNA, the oldest unacknowledged sequence
2918 number.
2920 Note that SND.UNA is a TCP state variable that is congruent
2921 to Counter32 semantics."
2923 REFERENCE
2924 "RFC793, Transmission Control Protocol"
2925 ::= { tcpEStatsAppEntry 1 }
2927 tcpEStatsAppSndNxt OBJECT-TYPE
2928 SYNTAX Unsigned32
2929 MAX-ACCESS read-only
2930 STATUS current
2931 DESCRIPTION
2932 "The value of SND.NXT, the next sequence number to be sent.
2933 Note that tcpEStatsAppSndNxt is not monotonic (and thus not
2934 a counter) because TCP sometimes retransmits lost data by
2935 pulling tcpEStatsAppSndNxt back to the missing data."
2936 REFERENCE
2937 "RFC793, Transmission Control Protocol"
2938 ::= { tcpEStatsAppEntry 2 }
2940 tcpEStatsAppSndMax OBJECT-TYPE
2941 SYNTAX Counter32
2942 MAX-ACCESS read-only
2943 STATUS current
2944 DESCRIPTION
2945 "The farthest forward (right most or largest) SND.NXT value.
2946 Note that this will be equal to tcpEStatsAppSndNxt except
2947 when tcpEStatsAppSndNxt is pulled back during recovery."
2948 REFERENCE
2949 "RFC793, Transmission Control Protocol"
2950 ::= { tcpEStatsAppEntry 3 }
2952 tcpEStatsAppThruOctetsAcked OBJECT-TYPE
2953 SYNTAX ZeroBasedCounter32
2954 UNITS "octets"
2955 MAX-ACCESS read-only
2956 STATUS current
2957 DESCRIPTION
2958 "The number of octets for which cumulative acknowledgments
2959 have been received. Note that this will be the sum of
2960 changes to tcpEStatsAppSndUna."
2961 ::= { tcpEStatsAppEntry 4 }
2963 tcpEStatsAppHCThruOctetsAcked OBJECT-TYPE
2964 SYNTAX ZeroBasedCounter64
2965 UNITS "octets"
2966 MAX-ACCESS read-only
2967 STATUS current
2968 DESCRIPTION
2969 "The number of octets for which cumulative acknowledgments
2970 have been received, on systems that can receive more than
2971 10 million bits per second. Note that this will be the sum
2972 of changes in tcpEStatsAppSndUna."
2973 ::= { tcpEStatsAppEntry 5 }
2975 tcpEStatsAppRcvNxt OBJECT-TYPE
2976 SYNTAX Counter32
2977 MAX-ACCESS read-only
2978 STATUS current
2979 DESCRIPTION
2980 "The value of RCV.NXT. The next sequence number expected on
2981 an incoming segment, and the left or lower edge of the
2982 receive window.
2984 Note that RCV.NXT is a TCP state variable that is congruent
2985 to Counter32 semantics."
2986 REFERENCE
2987 "RFC793, Transmission Control Protocol"
2988 ::= { tcpEStatsAppEntry 6 }
2990 tcpEStatsAppThruOctetsReceived OBJECT-TYPE
2991 SYNTAX ZeroBasedCounter32
2992 UNITS "octets"
2993 MAX-ACCESS read-only
2994 STATUS current
2995 DESCRIPTION
2996 "The number of octets for which cumulative acknowledgments
2997 have been sent. Note that this will be the sum of changes
2998 to tcpEStatsAppRcvNxt."
2999 ::= { tcpEStatsAppEntry 7 }
3001 tcpEStatsAppHCThruOctetsReceived OBJECT-TYPE
3002 SYNTAX ZeroBasedCounter64
3003 UNITS "octets"
3004 MAX-ACCESS read-only
3005 STATUS current
3006 DESCRIPTION
3007 "The number of octets for which cumulative acknowledgments
3008 have been sent, on systems that can transmit more than 10
3009 million bits per second. Note that this will be the sum of
3010 changes in tcpEStatsAppRcvNxt."
3011 ::= { tcpEStatsAppEntry 8 }
3013 tcpEStatsAppCurAppWQueue OBJECT-TYPE
3014 SYNTAX Gauge32
3015 UNITS "octets"
3016 MAX-ACCESS read-only
3017 STATUS current
3018 DESCRIPTION
3019 "The current number of octets of application data buffered
3020 by TCP, pending first transmission, i.e. to the left of
3021 SND.NXT or SndMax. This data will generally be transmitted
3022 (and SND.NXT advanced to the left) as soon as there is
3023 available congestion window (cwnd) or receiver window
3024 (rwin). This is the amount of data readily available for
3025 transmission, without scheduling the application. TCP
3026 performance may suffer if there is insufficient queued
3027 write data."
3028 ::= { tcpEStatsAppEntry 11 }
3030 tcpEStatsAppMaxAppWQueue OBJECT-TYPE
3031 SYNTAX Gauge32
3032 UNITS "octets"
3033 MAX-ACCESS read-only
3034 STATUS current
3035 DESCRIPTION
3036 "The maximum number of octets of application data buffered
3037 by TCP, pending first transmission. This is the maximum
3038 value of tcpEStatsAppCurAppWQueue. This pair of objects can
3039 be used to determine if insufficient queued data is steady
3040 state (suggesting insufficient queue space) or transient
3041 (suggesting insufficient application performance or
3042 excessive CPU load or scheduler latency)."
3043 ::= { tcpEStatsAppEntry 12 }
3045 tcpEStatsAppCurAppRQueue OBJECT-TYPE
3046 SYNTAX Gauge32
3047 UNITS "octets"
3048 MAX-ACCESS read-only
3049 STATUS current
3050 DESCRIPTION
3051 "The current number of octets of application data that has
3052 been acknowledged by TCP but not yet delivered to the
3053 application."
3054 ::= { tcpEStatsAppEntry 13 }
3056 tcpEStatsAppMaxAppRQueue OBJECT-TYPE
3057 SYNTAX Gauge32
3058 UNITS "octets"
3059 MAX-ACCESS read-only
3060 STATUS current
3061 DESCRIPTION
3062 "The maximum number of octets of application data that has
3063 been acknowledged by TCP but not yet delivered to the
3064 application."
3065 ::= { tcpEStatsAppEntry 14 }
3067 -- ================================================================
3068 --
3069 -- Controls for Tuning TCP
3070 --
3072 tcpEStatsTuneTable OBJECT-TYPE
3073 SYNTAX SEQUENCE OF TcpEStatsTuneEntry
3074 MAX-ACCESS not-accessible
3075 STATUS current
3076 DESCRIPTION
3077 "This table contains per connection controls that can
3078 be used to work around a number of common problems that
3079 plague TCP over some paths. All can be characterized as
3080 limiting the growth of the congestion window so as to
3081 prevent TCP from overwhelming some component in the
3082 path.
3084 Entries are retained in this table for the number of
3085 seconds indicated by the tcpEStatsConnTableLatency
3086 object, after the TCP connection first enters the closed
3087 state."
3088 ::= { tcpEStats 7 }
3090 tcpEStatsTuneEntry OBJECT-TYPE
3091 SYNTAX TcpEStatsTuneEntry
3092 MAX-ACCESS not-accessible
3093 STATUS current
3094 DESCRIPTION
3095 "Each entry in this table is a control that can be used to
3096 place limits on each active tcp connection."
3097 INDEX { tcpEStatsConnectIndex }
3098 ::= { tcpEStatsTuneTable 1 }
3100 TcpEStatsTuneEntry ::= SEQUENCE {
3102 tcpEStatsTuneLimCwnd Unsigned32,
3103 tcpEStatsTuneLimSsthresh Unsigned32,
3104 tcpEStatsTuneLimRwin Unsigned32,
3105 tcpEStatsTuneLimMSS Unsigned32
3106 }
3108 tcpEStatsTuneLimCwnd OBJECT-TYPE
3109 SYNTAX Unsigned32
3110 UNITS "octets"
3111 MAX-ACCESS read-write
3112 STATUS current
3113 DESCRIPTION
3114 "A control to set the maximum congestion window which may be
3115 used, in octets."
3116 REFERENCE
3117 "RFC2581, TCP Congestion Control"
3118 ::= { tcpEStatsTuneEntry 1 }
3120 tcpEStatsTuneLimSsthresh OBJECT-TYPE
3121 SYNTAX Unsigned32
3122 UNITS "octets"
3123 MAX-ACCESS read-write
3124 STATUS current
3125 DESCRIPTION
3126 "A control to limit the maximum queue space (in octets) that
3127 this TCP connection is likely to occupy during slowstart.
3129 It can be implemented with the algorithm described in
3130 RFC3742 by setting the max_ssthresh parameter to twice
3131 tcpEStatsTuneLimSsthresh.
3133 This algorithm can be used to overcome some TCP performance
3134 problems over network paths that do not have sufficient
3135 buffering to withstand the bursts normally present during
3136 slowstart."
3137 REFERENCE
3138 "RFC3742, Limited Slow-Start for TCP with Large Congestion
3139 Windows"
3140 ::= { tcpEStatsTuneEntry 2 }
3142 tcpEStatsTuneLimRwin OBJECT-TYPE
3143 SYNTAX Unsigned32
3144 UNITS "octets"
3145 MAX-ACCESS read-write
3146 STATUS current
3147 DESCRIPTION
3148 "A control to set the maximum window advertisement which may
3149 be sent, in octets."
3150 REFERENCE
3151 "RFC793, Transmission Control Protocol"
3152 ::= { tcpEStatsTuneEntry 3 }
3154 tcpEStatsTuneLimMSS OBJECT-TYPE
3155 SYNTAX Unsigned32
3156 UNITS "octets"
3157 MAX-ACCESS read-write
3158 STATUS current
3159 DESCRIPTION
3160 "A control to limit the maximum segment size in octets, that
3161 this TCP connection can use."
3162 REFERENCE
3163 "RFC1191, Path MTU discovery"
3164 ::= { tcpEStatsTuneEntry 4 }
3166 -- ================================================================
3167 --
3168 -- TCP Extended Statistics Notifications Group
3169 --
3171 tcpEStatsEstablishNotification NOTIFICATION-TYPE
3172 OBJECTS {
3173 tcpEStatsConnectIndex
3174 }
3175 STATUS current
3176 DESCRIPTION
3177 "The indicated connection has been accepted
3178 (or alternatively entered the established state)."
3179 ::= { tcpEStatsNotifications 1 }
3181 tcpEStatsCloseNotification NOTIFICATION-TYPE
3182 OBJECTS {
3183 tcpEStatsConnectIndex
3184 }
3185 STATUS current
3186 DESCRIPTION
3187 "The indicated connection has left the
3188 established state"
3189 ::= { tcpEStatsNotifications 2 }
3191 -- ================================================================
3192 --
3193 -- Conformance Definitions
3194 --
3196 tcpEStatsCompliances OBJECT IDENTIFIER
3197 ::= { tcpEStatsConformance 1 }
3198 tcpEStatsGroups OBJECT IDENTIFIER
3199 ::= { tcpEStatsConformance 2 }
3201 --
3202 -- Compliance Statements
3203 --
3205 tcpEStatsCompliance MODULE-COMPLIANCE
3206 STATUS current
3207 DESCRIPTION
3208 "Compliance statement for all systems that implement TCP
3209 extended statistics."
3210 MODULE -- this module
3211 MANDATORY-GROUPS {
3212 tcpEStatsListenerGroup,
3213 tcpEStatsConnectIdGroup,
3214 tcpEStatsPerfGroup,
3215 tcpEStatsPathGroup,
3216 tcpEStatsStackGroup,
3217 tcpEStatsAppGroup
3218 }
3219 GROUP tcpEStatsListenerHCGroup
3220 DESCRIPTION
3221 "This group is mandatory for all systems that can
3222 wrap the values of the 32-bit counters in
3223 tcpEStatsListenerGroup in less than one hour."
3225 GROUP tcpEStatsPerfOptionalGroup
3226 DESCRIPTION
3227 "This group is optional for all systems."
3229 GROUP tcpEStatsPerfHCGroup
3230 DESCRIPTION
3231 "This group is mandatory for systems that can
3232 wrap the values of the 32-bit counters in
3233 tcpEStatsPerfGroup in less than one hour.
3235 Note that any system that can attain 10 Mb/s
3236 can potentially wrap 32-Bit Octet counters in
3237 under one hour."
3239 GROUP tcpEStatsPathOptionalGroup
3240 DESCRIPTION
3241 "This group is optional for all systems."
3243 GROUP tcpEStatsPathHCGroup
3244 DESCRIPTION
3245 "This group is mandatory for systems that can
3246 wrap the values of the 32-bit counters in
3247 tcpEStatsPathGroup in less than one hour.
3249 Note that any system that can attain 10 Mb/s
3250 can potentially wrap 32-Bit Octet counters in
3251 under one hour."
3253 GROUP tcpEStatsStackOptionalGroup
3254 DESCRIPTION
3255 "This group is optional for all systems."
3257 GROUP tcpEStatsAppHCGroup
3258 DESCRIPTION
3259 "This group is mandatory for systems that can
3260 wrap the values of the 32-bit counters in
3261 tcpEStatsStackGroup in less than one hour.
3263 Note that any system that can attain 10 Mb/s
3264 can potentially wrap 32-Bit Octet counters in
3265 under one hour."
3267 GROUP tcpEStatsAppOptionalGroup
3268 DESCRIPTION
3269 "This group is optional for all systems."
3271 GROUP tcpEStatsTuneOptionalGroup
3272 DESCRIPTION
3273 "This group is optional for all systems."
3275 GROUP tcpEStatsNotificationsGroup
3276 DESCRIPTION
3277 "This group is optional for all systems."
3279 GROUP tcpEStatsNotificationsCtlGroup
3280 DESCRIPTION
3281 "This group is mandatory for systems that include the
3282 tcpEStatsNotificationGroup."
3284 ::= { tcpEStatsCompliances 1 }
3286 -- ================================================================
3287 --
3288 -- Units of Conformance
3289 --
3290 tcpEStatsListenerGroup OBJECT-GROUP
3291 OBJECTS {
3292 tcpEStatsListenerTableLastChange,
3293 tcpEStatsListenerStartTime,
3294 tcpEStatsListenerSynRcvd,
3295 tcpEStatsListenerInitial,
3296 tcpEStatsListenerEstablished,
3297 tcpEStatsListenerAccepted,
3298 tcpEStatsListenerExceedBacklog,
3299 tcpEStatsListenerCurConns,
3300 tcpEStatsListenerMaxBacklog,
3301 tcpEStatsListenerCurBacklog,
3302 tcpEStatsListenerCurEstabBacklog
3303 }
3304 STATUS current
3305 DESCRIPTION
3306 "The tcpEStatsListener group includes objects that
3307 provide valuable statistics and debugging
3308 information for TCP Listeners."
3309 ::= { tcpEStatsGroups 1 }
3311 tcpEStatsListenerHCGroup OBJECT-GROUP
3312 OBJECTS {
3313 tcpEStatsListenerHCSynRcvd,
3314 tcpEStatsListenerHCInitial,
3315 tcpEStatsListenerHCEstablished,
3316 tcpEStatsListenerHCAccepted,
3317 tcpEStatsListenerHCExceedBacklog
3318 }
3319 STATUS current
3320 DESCRIPTION
3321 "The tcpEStatsListenerHC group includes 64 bit
3322 counters in tcpEStatsListenerTable."
3323 ::= { tcpEStatsGroups 2 }
3325 tcpEStatsConnectIdGroup OBJECT-GROUP
3326 OBJECTS {
3327 tcpEStatsConnTableLatency,
3328 tcpEStatsConnectIndex
3329 }
3330 STATUS current
3331 DESCRIPTION
3332 "The tcpEStatsConnectId group includes objects that
3333 identify TCP connections and control how long TCP
3334 connection entries are retained in the tables."
3335 ::= { tcpEStatsGroups 3 }
3337 tcpEStatsPerfGroup OBJECT-GROUP
3338 OBJECTS {
3339 tcpEStatsPerfSegsOut, tcpEStatsPerfDataSegsOut,
3340 tcpEStatsPerfDataOctetsOut,
3341 tcpEStatsPerfSegsRetrans,
3342 tcpEStatsPerfOctetsRetrans, tcpEStatsPerfSegsIn,
3343 tcpEStatsPerfDataSegsIn,
3344 tcpEStatsPerfDataOctetsIn,
3345 tcpEStatsPerfElapsedSecs,
3346 tcpEStatsPerfElapsedMicroSecs,
3347 tcpEStatsPerfStartTimeStamp, tcpEStatsPerfCurMSS,
3348 tcpEStatsPerfPipeSize, tcpEStatsPerfMaxPipeSize,
3349 tcpEStatsPerfSmoothedRTT, tcpEStatsPerfCurRTO,
3350 tcpEStatsPerfCongSignals, tcpEStatsPerfCurCwnd,
3351 tcpEStatsPerfCurSsthresh, tcpEStatsPerfTimeouts,
3352 tcpEStatsPerfCurRwinSent,
3353 tcpEStatsPerfMaxRwinSent,
3354 tcpEStatsPerfZeroRwinSent,
3355 tcpEStatsPerfCurRwinRcvd,
3356 tcpEStatsPerfMaxRwinRcvd,
3357 tcpEStatsPerfZeroRwinRcvd
3358 }
3359 STATUS current
3360 DESCRIPTION
3361 "The tcpEStatsPerf group includes those objects that
3362 provide basic performance data for a TCP connection."
3363 ::= { tcpEStatsGroups 4 }
3365 tcpEStatsPerfOptionalGroup OBJECT-GROUP
3366 OBJECTS {
3367 tcpEStatsPerfSndLimTransRwin,
3368 tcpEStatsPerfSndLimTransCwnd,
3369 tcpEStatsPerfSndLimTransSnd,
3370 tcpEStatsPerfSndLimTimeRwin,
3371 tcpEStatsPerfSndLimTimeCwnd,
3372 tcpEStatsPerfSndLimTimeSnd
3373 }
3374 STATUS current
3375 DESCRIPTION
3376 "The tcpEStatsPerf group includes those objects that
3377 provide basic performance data for a TCP connection."
3378 ::= { tcpEStatsGroups 5 }
3380 tcpEStatsPerfHCGroup OBJECT-GROUP
3381 OBJECTS {
3382 tcpEStatsPerfHCDataOctetsOut,
3383 tcpEStatsPerfHCDataOctetsIn
3384 }
3385 STATUS current
3386 DESCRIPTION
3387 "The tcpEStatsPerfHC group includes 64 bit
3388 counters in the tcpEStatsPerfTable."
3389 ::= { tcpEStatsGroups 6 }
3391 tcpEStatsPathGroup OBJECT-GROUP
3392 OBJECTS {
3393 tcpEStatsControlPath,
3394 tcpEStatsPathRetranThresh,
3395 tcpEStatsPathNonRecovDAEpisodes,
3396 tcpEStatsPathSumOctetsReordered,
3397 tcpEStatsPathNonRecovDA
3398 }
3399 STATUS current
3400 DESCRIPTION
3401 "The tcpEStatsPath group includes objects that
3402 control the creation of the tcpEStatsPathTable,
3403 and provide information about the path
3404 for each TCP connection."
3405 ::= { tcpEStatsGroups 7 }
3407 tcpEStatsPathOptionalGroup OBJECT-GROUP
3408 OBJECTS {
3409 tcpEStatsPathSampleRTT, tcpEStatsPathRTTVar,
3410 tcpEStatsPathMaxRTT, tcpEStatsPathMinRTT,
3411 tcpEStatsPathSumRTT, tcpEStatsPathCountRTT,
3412 tcpEStatsPathMaxRTO, tcpEStatsPathMinRTO,
3413 tcpEStatsPathIpTtl, tcpEStatsPathIpTosIn,
3414 tcpEStatsPathIpTosOut,
3415 tcpEStatsPathPreCongSumCwnd,
3416 tcpEStatsPathPreCongSumRTT,
3417 tcpEStatsPathPostCongSumRTT,
3418 tcpEStatsPathPostCongCountRTT,
3419 tcpEStatsPathECNsignals,
3420 tcpEStatsPathDupAckEpisodes, tcpEStatsPathRcvRTT,
3421 tcpEStatsPathDupAcksOut, tcpEStatsPathCERcvd,
3422 tcpEStatsPathECESent
3423 }
3424 STATUS current
3425 DESCRIPTION
3426 "The tcpEStatsPath group includes objects that
3427 provide additional information about the path
3428 for each TCP connection."
3429 ::= { tcpEStatsGroups 8 }
3431 tcpEStatsPathHCGroup OBJECT-GROUP
3432 OBJECTS {
3433 tcpEStatsPathHCSumRTT
3434 }
3435 STATUS current
3436 DESCRIPTION
3437 "The tcpEStatsPathHC group includes 64 bit
3438 counters in the tcpEStatsPathTable."
3439 ::= { tcpEStatsGroups 9 }
3441 tcpEStatsStackGroup OBJECT-GROUP
3442 OBJECTS {
3443 tcpEStatsControlStack,
3444 tcpEStatsStackActiveOpen, tcpEStatsStackMSSSent,
3445 tcpEStatsStackMSSRcvd, tcpEStatsStackWinScaleSent,
3446 tcpEStatsStackWinScaleRcvd,
3447 tcpEStatsStackTimeStamps, tcpEStatsStackECN,
3448 tcpEStatsStackWillSendSACK,
3449 tcpEStatsStackWillUseSACK, tcpEStatsStackState,
3450 tcpEStatsStackNagle, tcpEStatsStackMaxSsCwnd,
3451 tcpEStatsStackMaxCaCwnd,
3452 tcpEStatsStackMaxSsthresh,
3453 tcpEStatsStackMinSsthresh,
3454 tcpEStatsStackInRecovery, tcpEStatsStackDupAcksIn,
3455 tcpEStatsStackSpuriousFrDetected,
3456 tcpEStatsStackSpuriousRtoDetected
3457 }
3458 STATUS current
3459 DESCRIPTION
3460 "The tcpEStatsConnState group includes objects that
3461 control the creation of the tcpEStatsStackTable,
3462 and provide information about the operation of
3463 algorithms used within TCP."
3464 ::= { tcpEStatsGroups 10 }
3466 tcpEStatsStackOptionalGroup OBJECT-GROUP
3467 OBJECTS {
3468 tcpEStatsStackSoftErrors,
3469 tcpEStatsStackSoftErrorReason,
3470 tcpEStatsStackSlowStart, tcpEStatsStackCongAvoid,
3471 tcpEStatsStackOtherReductions,
3472 tcpEStatsStackCongOverCount,
3473 tcpEStatsStackFastRetran,
3474 tcpEStatsStackSubsequentTimeouts,
3475 tcpEStatsStackCurTimeoutCount,
3476 tcpEStatsStackAbruptTimeouts,
3477 tcpEStatsStackSACKsRcvd,
3478 tcpEStatsStackSACKBlocksRcvd,
3479 tcpEStatsStackSendStall, tcpEStatsStackDSACKDups,
3480 tcpEStatsStackMaxMSS, tcpEStatsStackMinMSS,
3481 tcpEStatsStackSndInitial,
3482 tcpEStatsStackRecInitial,
3483 tcpEStatsStackCurRetxQueue,
3484 tcpEStatsStackMaxRetxQueue,
3485 tcpEStatsStackCurReasmQueue,
3486 tcpEStatsStackMaxReasmQueue
3487 }
3488 STATUS current
3489 DESCRIPTION
3490 "The tcpEStatsConnState group includes objects that
3491 provide additional information about the operation of
3492 algorithms used within TCP."
3493 ::= { tcpEStatsGroups 11 }
3495 tcpEStatsAppGroup OBJECT-GROUP
3496 OBJECTS {
3497 tcpEStatsControlApp,
3498 tcpEStatsAppSndUna, tcpEStatsAppSndNxt,
3499 tcpEStatsAppSndMax, tcpEStatsAppThruOctetsAcked,
3500 tcpEStatsAppRcvNxt,
3501 tcpEStatsAppThruOctetsReceived
3502 }
3503 STATUS current
3504 DESCRIPTION
3505 "The tcpEStatsConnState group includes objects that
3506 control the creation of the tcpEStatsAppTable,
3507 and provide information about the operation of
3508 algorithms used within TCP."
3509 ::= { tcpEStatsGroups 12 }
3511 tcpEStatsAppHCGroup OBJECT-GROUP
3512 OBJECTS {
3513 tcpEStatsAppHCThruOctetsAcked,
3514 tcpEStatsAppHCThruOctetsReceived
3515 }
3516 STATUS current
3517 DESCRIPTION
3518 "The tcpEStatsStackHC group includes 64 bit
3519 counters in the tcpEStatsStackTable."
3520 ::= { tcpEStatsGroups 13 }
3522 tcpEStatsAppOptionalGroup OBJECT-GROUP
3523 OBJECTS {
3524 tcpEStatsAppCurAppWQueue,
3525 tcpEStatsAppMaxAppWQueue,
3526 tcpEStatsAppCurAppRQueue,
3527 tcpEStatsAppMaxAppRQueue
3528 }
3529 STATUS current
3530 DESCRIPTION
3531 "The tcpEStatsConnState group includes objects that
3532 provide additional information about how applications
3533 are interacting with each TCP connection."
3534 ::= { tcpEStatsGroups 14 }
3536 tcpEStatsTuneOptionalGroup OBJECT-GROUP
3537 OBJECTS {
3538 tcpEStatsControlTune,
3539 tcpEStatsTuneLimCwnd, tcpEStatsTuneLimSsthresh,
3540 tcpEStatsTuneLimRwin, tcpEStatsTuneLimMSS
3541 }
3542 STATUS current
3543 DESCRIPTION
3544 "The tcpEStatsConnState group includes objects that
3545 control the creation of the tcpEStatsConnectionTable,
3546 which can be used to set tuning parameters
3547 for each TCP connection."
3548 ::= { tcpEStatsGroups 15 }
3550 tcpEStatsNotificationsGroup NOTIFICATION-GROUP
3551 NOTIFICATIONS {
3552 tcpEStatsEstablishNotification,
3553 tcpEStatsCloseNotification
3554 }
3555 STATUS current
3556 DESCRIPTION
3557 "Notifications sent by a TCP extended statistics agent."
3558 ::= { tcpEStatsGroups 16 }
3560 tcpEStatsNotificationsCtlGroup OBJECT-GROUP
3561 OBJECTS {
3562 tcpEStatsControlNotify
3563 }
3564 STATUS current
3565 DESCRIPTION
3566 "The tcpEStatsNotificationsCtl group includes the
3567 object that controls the creation of the events
3568 in the tcpEStatsNotificationsGroup."
3569 ::= { tcpEStatsGroups 17 }
3571 END
3573 5. Security Considerations
3575 There are a number of management objects defined in this MIB module
3576 with a MAX-ACCESS clause of read-write and/or read-create. Such
3577 objects may be considered sensitive or vulnerable in some network
3578 environments. The support for SET operations in a non-secure
3579 environment without proper protection can have a negative effect on
3580 network operations. These are the tables and objects and their
3581 sensitivity/vulnerability:
3583 * Changing tcpEStatsConnTableLatency or any of the control objects in
3584 the tcpEStatsControl group (tcpEStatsControlPath,
3585 tcpEStatsControlStack, tcpEStatsControlApp, tcpEStatsControlTune)
3586 may affect the correctness of other management applications
3587 accessing this MIB. Generally local policy should only permit
3588 limited write access to these controls (e.g., only by one
3589 management station or only during system configuration).
3591 * The objects in the tcpEStatsControlTune group
3592 (tcpEStatsTuneLimCwnd, tcpEStatsTuneLimSsthresh,
3593 tcpEStatsTuneLimRwin) can be used to limit resources consumed by
3594 TCP connections or to limit TCP throughput. An attacker might
3595 manipulate these objects to reduce performance to levels below the
3596 minimum acceptable for a particular application.
3598 Some of the readable objects in this MIB module (i.e., objects with a
3599 MAX-ACCESS other than not-accessible) may be considered sensitive or
3600 vulnerable in some network environments. It is thus important to
3601 control even GET and/or NOTIFY access to these objects and possibly
3602 to even encrypt the values of these objects when sending them over
3603 the network via SNMP. These are the tables and objects and their
3604 sensitivity/vulnerability:
3606 * All objects which expose TCP sequence numbers (tcpEStatsAppSndUna,
3607 tcpEStatsAppSndNxt, tcpEStatsAppSndMax, tcpEStatsStackSndInitial,
3608 tcpEStatsAppRcvNxt, and tcpEStatsStackRecInitial) might make it
3609 easier for an attacker to forge in sequence TCP segments to disrupt
3610 TCP connections.
3612 * Nearly all object in this (or any other) MIB may be used to
3613 estimate traffic volumes, which may reveal unanticipated
3614 information about an organization to the outside world.
3616 SNMP versions prior to SNMPv3 did not include adequate security.
3617 Even if the network itself is secure (for example by using IPsec),
3618 even then, there is no control as to who on the secure network is
3619 allowed to access and GET/SET (read/change/create/delete) the objects
3620 in this MIB module.
3622 It is RECOMMENDED that implementers consider the security features as
3623 provided by the SNMPv3 framework (see [RFC3410], section 8),
3624 including full support for the SNMPv3 cryptographic mechanisms (for
3625 authentication and privacy).
3627 Further, deployment of SNMP versions prior to SNMPv3 is NOT
3628 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
3629 enable cryptographic security. It is then a customer/operator
3630 responsibility to ensure that the SNMP entity giving access to an
3631 instance of this MIB module is properly configured to give access to
3632 the objects only to those principals (users) that have legitimate
3633 rights to indeed GET or SET (change/create/delete) them.
3635 6. IANA Considerations
3637 The MIB module in this document uses the following IANA-assigned
3638 OBJECT IDENTIFIER values recorded in the SMI Numbers registry:
3640 Descriptor OBJECT IDENTIFIER value
3641 ------------ -----------------------
3642 tcpEStatsMIB { mib-2 xxx2 }
3644 RFC Editor: The IANA is requested to assign a value for "xxx2" under
3645 the 'mib-2' subtree and to record the assignment in the SMI Numbers
3646 registry. When the assignment has been made, the RFC Editor is asked
3647 to replace "xxx2" (here and in the MIB module) with the assigned
3648 value and to remove this note.
3650 7. Normative References
3652 [RFC791] J. Postel, "Internet Protocol", RFC 791, STD 0005, September
3653 1981.
3655 [RFC793] J. Postel, "Transmission Control Protocol", RFC 793, STD 0007,
3656 September 1981.
3658 [RFC1122] R. Braden, Ed, "Requirements for Internet Hosts -
3659 Communication Layers", RFC 1122, STD 0003, October 1989.
3661 [RFC1191] J.C. Mogul, S.E. Deering, "Path MTU discovery", RFC 1191,
3662 November 1990.
3664 [RFC1323] V. Jacobson, R. Braden, D. Borman, "TCP Extensions for High
3665 Performance", RFC 1323, May 1992.
3667 [RFC2018] M. Mathis, J. Mahdavi, S. Floyd, A. Romanow, "TCP Selective
3668 Acknowledgment Options", RFC 2018, October 1996.
3670 [RFC2021] S. Waldbusser, "Remote Network Monitoring Management
3671 Information Base Version 2 using SMIv2", RFC 2021, January 1997.
3673 [RFC2119] S. Bradner, "Key words for use in RFCs to Indicate Requirement
3674 Levels", RFC 2119, BCP 0014, March 1997
3676 [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
3677 Rose, M., and S. Waldbusser, "Structure of Management Information
3678 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.
3680 [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
3681 Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", RFC
3682 2579, STD 58, April 1999.
3684 [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
3685 Rose, M., and S. Waldbusser, "Conformance Statements for SMIv2",
3686 RFC 2580, STD 58, April 1999.
3688 [RFC2581] M. Allman, V. Paxson, W. Stevens, "TCP Congestion Control",
3689 RFC 2581, April 1999.
3691 [RFC2856] A. Bierman, K. McCloghrie, R. Presuhn, "Textual Conventions
3692 for Additional High Capacity Data Types", RFC 2856, June 2000.
3694 [RFC2883] S. Floyd, J. Mahdavi, M. Mathis, M. Podolsky, "An Extension to
3695 the Selective Acknowledgment (SACK) Option for TCP", RFC 2883, July
3696 2000.
3698 [RFC2988] V. Paxson, M. Allman, "Computing TCP's Retransmission Timer",
3699 RFC 2988, November 2000.
3701 [RFC3168] K. Ramakrishnan, S. Floyd, D. Black, "The Addition of Explicit
3702 Congestion Notification (ECN) to IP", RFC 3168, September 2001.
3704 [RFC3517] Blanton, E., Allman, M., Fall, K., Wang. L., A Conservative
3705 Selective Acknowledgment (SACK)-based Loss Recovery Algorithm for
3706 TCP, RFC 3517, April 2003.
3708 [RFC4022] Raghunarayan, R., "Management Information Base for the
3709 Transmission Control Protocol (TCP)", RFC 4022, March 2005.
3711 8. Informative References
3713 [Mat97] M. Mathis, J. Semke, J. Mahdavi, T. Ott, "The Macroscopic
3714 Behavior of the TCP Congestion Avoidance Algorithm", Computer
3715 Communication Review, volume 27, number3, July 1997.
3717 [Bra94] Brakmo, L., O'Malley, S., "TCP Vegas, New Techniques for
3718 Congestion Detection and Avoidance," SIGCOMM'94, London, pp 24-35,
3719 October 1994.
3721 [Edd06] Eddy, W., "TCP SYN Flooding Attacks and Common Mitigations,"
3722 Internet Draft draft-ietf-tcpm-syn-flood-01, Work in progress, Dec
3723 2006
3725 [POSIX] Portable Operating System Interface, IEEE Std 1003.1
3727 [Pad98] Padhye, J., Firoiu, V., Towsley, D., Kurose, J., "Modeling TCP
3728 Throughput: A Simple Model and its Empirical Validation",
3729 SIGCOMM'98
3731 [Web100] Mathis, M., J. Heffner, R. Reddy, "Web100: Extended TCP
3732 Instrumentation for Research, Education and Diagnosis", ACM
3733 Computer Communications Review, Vol 33, Num 3, July 2003.
3735 [RFC2861] M. Handley, J. Padhye, S. Floyd, "TCP Congestion Window
3736 Validation", RFC 2861, June 2000.
3738 [RFC3260] D. Grossman, "New Terminology and Clarifications for
3739 Diffserv", RFC 3260, April 2002.
3741 [RFC3410] Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction
3742 and Applicability Statements for Internet-Standard Management
3743 Framework", RFC 3410, December 2002.
3745 [RFC3522] R. Ludwig, M. Meyer, "The Eifel Detection Algorithm for TCP",
3746 RFC 3522, April 2003.
3748 [RFC3742] S. Floyd, "Limited Slow-Start for TCP with Large Congestion
3749 Windows", RFC 3742, March 2004.
3751 [RFC4614] Duke M., Braden, R., Eddy, W., Blanton, E. "A Roadmap for
3752 Transmission Control Protocol (TCP) Specification Documents", RFC
3753 4614, September 2006.
3755 9. Contributors
3757 The following people contributed text that was incorporated into this
3758 document:
3760 Jon Saperia converted Web100 internal
3761 documentation into a true MIB.
3763 Some of the objects in this document were moved from an early draft
3764 of the TCP-MIB, by Bill Fenner et al.
3766 Some of the object descriptions are based on an earlier unpublished
3767 document by Jeff Semke.
3769 10. Acknowledgments
3771 This document is a product of the Web100 project (www.web100.org), a
3772 joint effort of Pittsburgh Supercomputing Center (www.psc.edu),
3773 National Center for Atmospheric Research (www.ncar.ucar.edu) and
3774 National Center for Supercomputer Applications (www.ncsa.edu).
3776 It would not have been possible without all of the hard work by the
3777 the entire Web100 team, especially Peter O'Neal who read and reread
3778 the entire document several times; Janet Brown and Marla Meehl, who
3779 patiently managed the unmanageable. The Web100 project would not
3780 have been successful without all of the early adopters who suffered
3781 our bugs to provide many good suggestions and insights into their
3782 needs for TCP instrumentation.
3784 Web100 was supported by the National Science Foundation under Grant
3785 No. 0083285 and a research grant from Cisco Systems.
3787 We would also like to thank all of the people who built experimental
3788 implementations of this MIB from early versions of the Internet Draft
3789 and provided us with constructive feedback: Glenn Turner at AARnet,
3790 Kristine Adamson at IBM and Xinyan Zan at Microsoft.
3792 And last, but not least, we would like to thank Dan Romascanu, our
3793 "MIB Doctor" and Bert Wijnen the Operations Area Director, for
3794 patiently steering us through the MIB review process.
3796 11. Authors' Addresses
3798 Matt Mathis
3799 John Heffner
3800 Pittsburgh Supercomputing Center
3801 4400 Fifth Ave
3802 Pittsburgh, PA 15216
3803 Phone: 412-268-4960
3804 Email: mathis@psc.edu, jheffner@psc.edu
3806 Rajiv Raghunarayan
3807 Cisco Systems Inc.
3808 San Jose, CA 95134
3809 Phone: 408 853 9612
3810 Email: raraghun@cisco.com
3812 12. Intellectual Property
3814 The IETF takes no position regarding the validity or scope of any
3815 Intellectual Property Rights or other rights that might be claimed
3816 to pertain to the implementation or use of the technology
3817 described in this document or the extent to which any license
3818 under such rights might or might not be available; nor does it
3819 represent that it has made any independent effort to identify any
3820 such rights. Information on the procedures with respect to rights
3821 in RFC documents can be found in BCP 78 and BCP 79.
3823 Copies of IPR disclosures made to the IETF Secretariat and any
3824 assurances of licenses to be made available, or the result of an
3825 attempt made to obtain a general license or permission for the use
3826 of such proprietary rights by implementers or users of this
3827 specification can be obtained from the IETF on-line IPR repository
3828 at http://www.ietf.org/ipr.
3830 The IETF invites any interested party to bring to its attention
3831 any copyrights, patents or patent applications, or other
3832 proprietary rights that may cover technology that may be required
3833 to implement this standard. Please address the information to the
3834 IETF at ietf-ipr@ietf.org.
3836 13. Disclaimer of Validity
3838 This document and the information contained herein are provided
3839 on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE
3840 REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY,
3841 THE IETF TRUST AND
3842 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES,
3843 EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT
3844 THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR
3845 ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A
3846 PARTICULAR PURPOSE.
3848 14. Copyright Statement
3850 Copyright (C) The IETF Trust (2007).
3852 This document is subject to the rights, licenses and restrictions
3853 contained in BCP 78, and except as set forth therein, the authors
3854 retain all their rights.