DISMAN Working Group Kenneth White INTERNET DRAFT: IBM Corp. Expiration Date: November 1999 May 1999 Definitions of Managed Objects for Remote Ping, Traceroute, and Lookup Operations Using SMIv2 Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its Areas, and its Working Groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months. Internet Drafts may be updated, replaced, or obsoleted by other documents at any time. It is not appropriate to use Internet Drafts as reference material or to cite them other than as a "working draft" or "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Please check the I-D abstract listing contained in each Internet Draft directory to learn the current status of this or any Internet Draft. Distribution of this document is unlimited. Copyright Notice Copyright (C) The Internet Society (1999). All Rights Reserved. Abstract This memo defines Management Information Bases (MIBs) for performing remote ping, traceroute and lookup operations at a remote host. When managing a network it is useful to be able to initiate and retrieve the results of ping or traceroute operations when performed at a remote host. A Lookup capability is defined in order to enable resolving of either an IP address to an DNS name or an DNS name to an IP address at a remote host. DISMAN Working Group Expires March 1999 [Page 1] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 Currently, there exists several enterprise defined MIBs for performing both remote ping or traceroute operations. The purpose of this memo is to defined a standards-based solution to enable interoperibility. Table of Contents 1.0 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 2.0 The SNMP Network Management Framework . . . . . . . . . . . . 4 3.0 Structure of the MIBs . . . . . . . . . . . . . . . . . . . . 5 3.1 Ping MIB . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 3.1.1 pingMaxConcurrentRequests . . . . . . . . . . . . . . . . 6 3.1.2 pingCtlTable . . . . . . . . . . . . . . . . . . . . . . . 6 3.1.3 pingResultsTable . . . . . . . . . . . . . . . . . . . . . 6 3.1.4 pingProbeHistoryTable . . . . . . . . . . . . . . . . . . 6 3.2 Traceroute MIB . . . . . . . . . . . . . . . . . . . . . . . . 7 3.2.1 traceRouteMaxConcurrentRequests . . . . . . . . . . . . . 7 3.2.2 traceRouteCtlTable . . . . . . . . . . . . . . . . . . . . 7 3.2.3 traceRouteResultsTable . . . . . . . . . . . . . . . . . . 8 3.2.4 traceRouteProbeHistoryTable . . . . . . . . . . . . . . . 8 3.3 Lookup MIB . . . . . . . . . . . . . . . . . . . . . . . . . . 8 4.0 Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 10 4.1 DISMAN-PING-MIB . . . . . . . . . . . . . . . . . . . . . . . 10 4.2 DISMAN-TRACEROUTE-MIB . . . . . . . . . . . . . . . . . . . . 26 4.3 DISMAN-LOOKUP-MIB . . . . . . . . . . . . . . . . . . . . . . 42 5.0 Security Considerations . . . . . . . . . . . . . . . . . . . 48 6.0 Intellectual Property . . . . . . . . . . . . . . . . . . . . 48 7.0 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 48 8.0 References . . . . . . . . . . . . . . . . . . . . . . . . . . 48 9.0 Author's Address . . . . . . . . . . . . . . . . . . . . . . . 50 10.0 Full Copyright Statement . . . . . . . . . . . . . . . . . . 50 1.0 Introduction The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119, reference [13]. This document is a product of the Distributed Management (DISMAN) Working Group. Its purpose is to define standards-based MIB modules for performing specific remote operations. The remote operations define by this document consist of the ping, traceroute and lookup functions. DISMAN Working Group Expires March 1999 [Page 2] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 Ping and traceroute are two very useful functions for managing networks. Ping is typically used to determine if a path exists between two hosts while traceroute shows an actual path. Ping is usually implemented using the InterNet Control Message Protocol (ICMP) "ECHO" facility. It is also possible to implement a ping capability using alternate methods. Some of which are: o Using the udp echo port (7), if supported. o Timing an SNMP query. o Timing an TCP connect attempt. In general, almost any request/response flow can be used to generate a round-trip time. Often many of the non-ICMP ECHO facility methods stand a better chance of yielding a good response (not timing out for example) since some routers don't honor Echo Requests (timeout situation) or they are handled at lower priority, hence possibly giving false indications of round trip times. It must be noted that almost any of the various methods used for generating a round-trip time can be considered a form of system attack when used excessively. Sending a system requests too often can negatively effect its performance. Attempting to connect to an used port can be very unpredictable. There are tools that attempt to connect to a range of TCP ports to test that any receiving server can handle erroneous connections attempts. It also can be important to the management application using a remote ping capability to know which method is being used. Different methods will yield different response times since the protocol and resulting processing will be different. It is RECOMMENDED that the ping capability defined within this memo be implemented using the ICMP Echo Facility. Traceroute is usually implemented by transmitting a series of probe packets with increasing time-to-live values. A probe packet is a UDP datagram encapsulated into an IP packet. Each hop in a path to the target (destination) host rejects the probe packet (probe's TTL too small) until its time-to-live value becomes large enough for the probe to be forwarded. Some systems use icmp probes instead of udp ones to implement traceroute. In both cases traceroute relies on the probes being rejected via an ICMP message to discover the hops taken along a path to the final destination. ;p.Implementations of the remote traceroute capability as defined within this memo MUST be done using UDP packets to a (hopefully) unused port. ICMP Echo Request packets MUST NOT be used. Many PC implementations do it incorrectly, which, in turn, causes intermediate hops to be invisible when the router either refuses to send an ICMP TTL expired in response to an incoming ICMP packet or simply tosses ICMP echo requests altogether. DISMAN Working Group Expires March 1999 [Page 3] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 Both ping and traceroute yield round-trip times measured in milliseconds. These times can be used as an rough approximation for network transit time. The Lookup operation enables the equivalent of either a gethostbyname() or a gethostbyaddr() call being performed at a remote host. The Lookup gethostbyname() capability can be used to determine the symbolic name of a hop in a traceroute path. Consider the following diagram: +----------------------------------------------------------------------+ | | | Remote ping, traceroute, Actual ping, traceroute, | | +-----+or Lookup op. +------+or Lookup op. +------+ | | |Local|---------------->|Remote|---------------->|Target| | | | Host| | Host | | Host | | | +-----+ +------+ +------+ | | | | | +----------------------------------------------------------------------+ A local host is the host from which the remote ping, traceroute, or Lookup operation is initiated from using an SNMP request. The remote host is a host where the MIBs defined by this memo are implemented that receives the remote operation via SNMP and performs the actual ping, traceroute, or lookup function. 2.0 The SNMP Network Management Framework The SNMP Management Framework presently consists of five major components: o An overall architecture, described in RFC 2271 [7]. o Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in RFC 1155 [14], RFC 1212 [15] and RFC 1215 [16]. The second version, called SMIv2, is described in RFC 2578 [3], RFC 2579 [4] and RFC 2580 [5]. o Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in RFC 1157 [1]. A second version of the SNMP message protocol, which is not an Internet standards track protocol, is called SNMPv2c and described in RFC 1901 [17] and RFC 1906 [18]. The third version of the message protocol is called SNMPv3 and described in RFC 1906 [18], RFC 2272 [8] and RFC 2274 [10]. o Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described DISMAN Working Group Expires March 1999 [Page 4] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 in RFC 1157 [1]. A second set of protocol operations and associated PDU formats is described in RFC 1905 [6]. o A set of fundamental applications described in RFC 2273 [9] and the view-based access control mechanism described in RFC 2275 [11]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the mechanisms defined in the SMI. This memo specifies a MIB module that is compliant to the SMIv2. A MIB conforming to the SMIv1 can be produced through the appropriate translations. The resulting translated MIB must be semantically equivalent, except where objects or events are omitted because no translation is possible (use of Counter64). Some machine readable information in SMIv2 will be converted into textual descriptions in SMIv1 during the translation process. However, this loss of machine readable information is not considered to change the semantics of the MIB. 3.0 Structure of the MIBs This document defines three MIB modules: o DISMAN-PING-MIB Enables the ping function at a remote host. o DISMAN-TRACEROUTE-MIB Enables the traceroute function at a remote host. o DISMAN-LOOKUP-MIB Provides access to the resolver gethostbyname() and gethostbyaddr() functions at a remote host. The ping and traceroute MIBs are structured to allow creation of ping or traceroute tests that can be setup to periodically issue a series of operations and generate NOTIFICATIONs to report on test results. Many network administrators have in the past written UNIX shell scripts or command bat files to operate in a similar fashion to the functionality provided by the ping and traceroute MIBs defined within this memo. The intent of this document is to acknowledge the importance of these functions and to provide a standards based solution. 3.1 Ping MIB The DISMAN-PING-MIB consists of the following components: o pingMaxConcurrentRequests DISMAN Working Group Expires March 1999 [Page 5] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 o pingCtlTable o pingResultsTable :li,pingProbeHistoryTable 3.1.1 pingMaxConcurrentRequests The object pingMaxConcurrentRequests enable control of the maximum number of concurrent requests that an agent implementation is structured to support. It is permissible for an agent to either limit the maximum upper range allowed for this object or to implement this object as read-only with an implementation limit expressed as its value. 3.1.2 pingCtlTable A remote ping test is started by setting pingCtlAdminStatus to up(1). The associating pingCtlEntry MUST have been created and its pingCtlRowStatus set to active(1) prior to starting the test. The 1st index element, pingCtlOwnerIndex, is of the SnmpAdminString textual convention that allows for use of the SNMPv3 View-Based Access Control Model (RFC 2275 [11], VACM) and also allows for a management application to identify its entries. The 2nd index, pingCtlTestName (also an SnmpAdminString), enables the same management application to have multiple requests outstanding. The 3rd and 4th indexes, pingCtlHostAddressType and pingCtlHostAddress, specifies the target address (ipv4, ipv6, or an dnsName) for the operation. Using the maximum value for the parameters defined within an pingEntry can result in a single remote ping test taking at most 15 minutes (pingCtlTimeOut times pingCtlProbeCount) plus whatever time it takes to send the ping request and receive its response over the network from the target host. Use of the defaults for pingCtlTimeOut and pingCtlProbeCount yields a maximum of 3 seconds to perform a "normal" ping test. A management application can delete an active remote ping request by setting the corresponding pingCtlRowStatus object to destroy(6). The contents of the pingCtlTable is preserved across reIPLs (Initial Program Loads) of its agent according the the values of each of the pingCtlStorageType objects. 3.1.3 pingResultsTable An entry in the pingResultsTable is created for a corresponding pingCtlEntry once the test defined by this entry is started. 3.1.4 pingProbeHistoryTable The results of past ping probes can be stored in this table on an per pingCtlEntry basis. This table is initially indexed by DISMAN Working Group Expires March 1999 [Page 6] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 pingCtlOwnerIndex and pingCtlTestName in order for the results of a probe to relate to the pingCtlEntry that caused it. The number of entries stored in this table per pingCtlEntry is determined by the value of pingCtlMaxRows. An implementation of this MIB will remove the oldest entry in the pingProbeHistoryTable to allow the addition of an new entry once the number of rows in the pingProbeHistoryTable reaches the value specified by pingCtlMaxRows. Entries will be removed on the basis of oldest pingProbeHistoryTime value first. 3.2 Traceroute MIB The DISMAN-TRACEROUTE-MIB consists of the following components: o traceRouteMaxConcurrentRequests o traceRouteCtlTable o traceRouteResultsTable o traceRouteProbeHistoryTable 3.2.1 traceRouteMaxConcurrentRequests The object traceRouteMaxConcurrentRequests enable control of the maximum number of concurrent requests that an agent implementation is structured to support. It is permissible for an agent to either limit the maximum upper range allowed for this object or to implement this object as read-only with an implementation limit expressed as its value. 3.2.2 traceRouteCtlTable A remote traceroute test is started by setting traceRouteCtlAdminStatus to up(1). The associating traceRouteCtlEntry MUST have been created and its traceRouteCtlRowStatus set to active(1) prior to starting the test. The 1st index element, traceRouteCtlOwnerIndex, is of the SnmpAdminString textual convention that allows for use of the SNMPv3 View-Based Access Control Model (RFC 2275 [11], VACM) and also allows for a management application to identify its entries. The 2nd index, traceRouteCtlTestName (also an SnmpAdminString), enables the same management application to have multiple requests outstanding. The 3rd and 4th indexes, traceRouteCtlHostAddressType and traceRouteCtlHostAddress, specifies the target address (ipv4, ipv6, or an dnsName) for the operation. Traceroute has a much longer theoretical maximum time for completion then ping. Basically 42 hours and 30 minutes (the product of traceRouteCtlTimeOut, traceRouteCtlProbesPerHop, and traceRouteCtlMaxTtl) plus some network transit time! Use of the defaults defined within an traceRouteCtlEntry yields a maximum of 4 DISMAN Working Group Expires March 1999 [Page 7] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 minutes and 30 seconds for a default traceroute operation. Clearly 42 plus hours is too long to wait for a traceroute operation to complete. The maximum TTL value in effect for traceroute determines how long the traceroute function will keep increasing the TTL value in the probe it transmits hoping to reach the target host. The function ends whenever the maximum TTL is exceeded or the target host is reached. The object traceRouteCtlMaxFailures was created in order to impose a throttle for how long traceroute continues to increase the TTL field in a probe without receiving any kind of response (timeouts). It is RECOMMENDED that agent implementations impose a time limit for how long it allows a traceroute operation to take relative to how the function is implemented. For example, an implemented that can't process multiple traceroute operations at the same time SHOULD impose a shorter maximum allowed time period. A management application can delete an active remote traceroute request by setting the corresponding traceRouteCtlRowStatus object to destroy(6). The contents of the traceRouteCtlTable is preserved across reIPLs (Initial Program Loads) of its agent according the the values of each of the pingCtlStorageType objects. 3.2.3 traceRouteResultsTable An entry in the traceRouteResultsTable is created for a corresponding traceRouteCtlEntry once the test defined by this entry is started. The objects traceRouteResultsCurHopCount and traceRouteResultsCurProbeCount can be examined to determine how far the current remote traceroute operation has reached. 3.2.4 traceRouteProbeHistoryTable The results of past traceroute probes can be stored in this table on an per traceRouteCtlEntry basis. This table is initially indexed by traceRouteCtlOwnerIndex and traceRouteCtlTestName in order for the results of a probe to relate to the traceRouteCtlEntry that caused it. The number of entries stored in this table per traceRouteCtlEntry is determined by the value of traceRouteCtlMaxRows. An implementation of this MIB will remove the oldest entry in the traceRouteProbeHistoryTable to allow the addition of an new entry once the number of rows in the traceRouteProbeHistoryTable reaches the value of traceRouteCtlMaxRows. Entries will be removed on the basis of oldest traceRouteProbeHistoryTime value first. 3.3 Lookup MIB The DISMAN-LOOKUP-MIB consists of the following components: o lookupMaxConcurrentRequests, and lookupPurgeTime DISMAN Working Group Expires March 1999 [Page 8] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 o lookupTable The object lookupMaxConcurrentRequests enable control of the maximum number of concurrent requests that an agent implementation is structured to support. It is permissible for an agent to either limit the maximum upper range allowed for this object or to implement this object as read-only with an implementation limit expressed as its value. The object lookupPurgeTime provides a method for entries in the lookupTable to be automatically deleted after the associating operation completes. A remote lookup operation is initiated by performing an SNMP SET request on lookupRowStatus. An lookupEntry is initially indexed by lookupOwnerIndex, which is of the SnmpAdminString textual convention that allows for use of the SNMPv3 View-Based Access Control Model (RFC 2275 [11], VACM) and also allows for a management application to identify its entries. The lookupOwnerIndex portion of the index is then followed by lookupOperationName, lookupAddressType, and lookupAddress. lookupOperationName enables the same lookupOwnerIndex entity to have multiple outstanding requests. The index element lookupAddressType preceeds lookupAddress and specifies the type of address for either performing a gethostbyname or a gethostbyaddr call at a remote host. The value of this index element determines whether to invoke either the gethostbyname or the gethostbyaddr operation. Specification of a dnsName(2) implies that gethostbyname should be called to return a numeric address. Use of a value of either ipv4(3) or ipv6(4) implies that a gethostbyaddr call should occur to return the symbolic name of a remote host. A remote lookup operation is started by transitioning its lookupRowStatus object to active(1). The object lookupOperStatus can be examined to determine the state of an lookup operation. A management application can delete an active remote lookup request by setting the corresponding lookupRowStatus object to destroy(6). An implementation SHOULD NOT retain SNMP-created entries in the lookupTable across reIPLs (Initial Program Loads) of its agent, since management applications need to see consistent behavior with respect to the persistence of the table entries that they create. DISMAN Working Group Expires March 1999 [Page 9] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 4.0 Definitions 4.1 DISMAN-PING-MIB DISMAN-PING-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, experimental, Counter32, Unsigned32, NOTIFICATION-TYPE FROM SNMPv2-SMI -- RFC1902 TEXTUAL-CONVENTION, RowStatus, StorageType, DateAndTime FROM SNMPv2-TC -- RFC1903 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF -- RFC1904 SnmpAdminString FROM SNMP-FRAMEWORK-MIB; -- RFC2271 pingMIB MODULE-IDENTITY LAST-UPDATED "9904300000Z" ORGANIZATION "IETF Distributed Management Working Group" CONTACT-INFO "Kenneth White International Business Machines Corporation Network Computing Software Division Research Triangle Park, NC, USA E-mail: wkenneth@us.ibm.com" DESCRIPTION "The Ping MIB (DISMAN-PING-MIB) provides the capability of controlling the use of the ping function at a remote host." ::= { experimental 84 1 } -- Textual Conventions HostAddressType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The textual convention for defining the type of a destination address." SYNTAX INTEGER { none(1), dnsName(2), -- Utf8string encoded DNS name ipv4(3), -- ipv4 address ipv6(4) -- ipv6 address } HostAddress ::= TEXTUAL-CONVENTION STATUS current DISMAN Working Group Expires March 1999 [Page 10] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 DESCRIPTION "The textual convention for specifying a host address. The type of address can be determined by examining the value of the preceding HostAddressType object: HostAddressType OCTETs ADDRESS TYPE none(0) 0 not specified dnsName(2) 1-255 DNS name ipv4(3) 4 ipv4 ipv6(4) 16 ipv6" SYNTAX OCTET STRING (SIZE (0..65)) IpHostAddress ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The textual convention for specifying an IP host address. The type of address can be determined by the octet string length: OCTETs ADDRESS TYPE 0 not specified 4 ipv4 16 ipv6" SYNTAX OCTET STRING (SIZE (0..16)) OperationResponseStatus ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Used to report the result of an operation: responseReceived(1) - Operation completes successfully. unknown(2) - Operation failed due to unknown error. internalError(3) - An implementation detected an error in its own processing that caused an operation to fail. requestTimedOut(4) - Operation failed to receive a valid reply within the time limit imposed on it. unknownDestinationAddress(5) - Invalid destination address. noRouteToTarget(6) - Could not find a route to target. interfaceInactiveToTarget(7) - The interface to be used in sending a probe is inactive without an alternate route existing. arpFailure(8) - Unable to resolve a target address to a media specific address. maxConcurrentLimitReached(9) - The maximum number of concurrent operations would have been exceeded if the associating operation was allowed. unableToResolveDnsName(10) - The DNS name specified was unable to be mapped to an IP address." SYNTAX INTEGER { responseReceived(1), DISMAN Working Group Expires March 1999 [Page 11] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 unknown(2), internalError(3), requestTimedOut(4), unknownDestinationAddress(5), noRouteToTarget(6), interfaceInactiveToTarget(7), arpFailure(8), maxConcurrentLimitReached(9), unableToResolveDnsName(10) } -- Top level structure of the MIB pingNotifications OBJECT IDENTIFIER ::= { pingMIB 0 } pingObjects OBJECT IDENTIFIER ::= { pingMIB 1 } pingConformance OBJECT IDENTIFIER ::= { pingMIB 2 } -- Simple Object Definitions pingMaxConcurrentRequests OBJECT-TYPE SYNTAX Integer32 (1..100) MAX-ACCESS read-write STATUS current DESCRIPTION "The maximum number of concurrent active ping requests that are allowed within an agent implementation." DEFVAL { 10 } ::= { pingObjects 1 } -- Ping Control Table pingCtlTable OBJECT-TYPE SYNTAX SEQUENCE OF PingCtlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the ping Control Table for provide, via SNMP, the capability of performing ping operations at a remote host. The results of these operations are stored in the pingResultsTable and the pingProbeHistoryTable." ::= { pingObjects 2 } pingCtlEntry OBJECT-TYPE SYNTAX PingCtlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the pingCtlTable." INDEX { pingCtlOwnerIndex, pingCtlTestName } DISMAN Working Group Expires March 1999 [Page 12] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 ::= { pingCtlTable 1 } PingCtlEntry ::= SEQUENCE { pingCtlOwnerIndex SnmpAdminString, pingCtlTestName SnmpAdminString, pingCtlHostAddressType HostAddressType, pingCtlHostAddress HostAddress, pingCtlDataSize Integer32, pingCtlTimeOut Integer32, pingCtlProbeCount Integer32, pingCtlAdminStatus INTEGER, pingCtlDataFill OCTET STRING, pingCtlFrequency Integer32, pingCtlMaxRows Integer32, pingCtlStorageType StorageType, pingCtlTrapGeneration INTEGER, pingCtlTrapFilter Integer32, pingCtlRowStatus RowStatus } pingCtlOwnerIndex OBJECT-TYPE SYNTAX SnmpAdminString (SIZE(0..32)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "To facilitate the provisioning of access control by a security administrator using the View-Based Access Control Model (RFC 2275, VACM) for tables in which multiple users may need to independently create or modify entries, the initial index is used as an 'owner index'. Such an initial index has a syntax of SnmpAdminString, and can thus be trivially mapped to a securityName or groupName as defined in VACM, in accordance with a security policy. All entries in that table belonging to a particular user will have the same value for this initial index. For a given user's entries in a particular table, the object identifiers for the information in these entries will have the same subidentifiers (except for the 'column' subidentifier) up to the end of the encoded owner index. To configure VACM to permit access to this portion of the table, one would create vacmViewTreeFamilyTable entries with the value of vacmViewTreeFamilySubtree including the owner index portion, and vacmViewTreeFamilyMask 'wildcarding' the column subidentifier. More elaborate configurations are possible." ::= { pingCtlEntry 1 } pingCtlTestName OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS not-accessible STATUS current DESCRIPTION "The name of the ping test. This is locally unique, within DISMAN Working Group Expires March 1999 [Page 13] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 the scope of an pingCtlOwnerIndex." ::= { pingCtlEntry 2 } pingCtlHostAddressType OBJECT-TYPE SYNTAX HostAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the type of host address to be used at a remote host for performing a ping operation." DEFVAL { ipv4 } ::= { pingCtlEntry 3 } pingCtlHostAddress OBJECT-TYPE SYNTAX HostAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the host address to be used at a remote host for performing a ping operation. The host address type is determined by its octet string length. Refer to the definition of the TEXTUAL-CONVENTION HostAddress." ::= { pingCtlEntry 4 } pingCtlDataSize OBJECT-TYPE SYNTAX Integer32 (0..65507) UNITS "octets" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the size of the data portion to be transmitted in a ping operation in octets. A ping request is usually an ICMP message encoded into an IP packet. An IP packet has a maximum size of 65535 octets. Subtracting the size of the ICMP header (8 octets) and the size of the IP header (20 octets) yields a maximum size of 65507 octets." DEFVAL { 0 } ::= { pingCtlEntry 5 } pingCtlTimeOut OBJECT-TYPE SYNTAX Integer32 (1..60) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the time-out value, in seconds, for an remote ping operation." DEFVAL { 3 } ::= { pingCtlEntry 6 } pingCtlProbeCount OBJECT-TYPE SYNTAX Integer32 (1..15) DISMAN Working Group Expires March 1999 [Page 14] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 UNITS "probes" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the number of times to perform a ping opertion at a remote host." DEFVAL { 1 } ::= { pingCtlEntry 7 } pingCtlAdminStatus OBJECT-TYPE SYNTAX INTEGER { up(1), -- test should be started down(2) -- test should be stop } MAX-ACCESS read-create STATUS current DESCRIPTION "Reflects the desired state that a pingCtlEntry should be in: up(1) - Attempt to active the test as defined by this pingCtlEntry. down(1) - Deactivate the test as defined by this pingCtlEntry. Refer to the corresponding pingResultsOperStatus to determine the operational state of the test defined by this entry." DEFVAL { down } ::= { pingCtlEntry 8 } pingCtlDataFill OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..1024)) MAX-ACCESS read-create STATUS current DESCRIPTION "The content of this object is used together with the correspond pingCtlDataSize value to determine how to fill the data portion of a probe packet. The option of selecting a data fill pattern can be useful when links are compressed or have data pattern sensitivities." DEFVAL { '00'H } ::= { pingCtlEntry 9 } pingCtlFrequency OBJECT-TYPE SYNTAX Integer32 UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The number of seconds to wait before repeating a ping test as defined by the value of the various objects in the corresponding row." DISMAN Working Group Expires March 1999 [Page 15] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 DEFVAL { 0 } ::= { pingCtlEntry 10 } pingCtlMaxRows OBJECT-TYPE SYNTAX Integer32 (0..1500) MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum number of entries allowed in the pingProbeHistoryTable. An implementation of this MIB will remove the oldest entry in the pingProbeHistoryTable to allow the addition of an new entry once the number of rows in the pingProbeHistoryTable reaches this value. Entries will be removed on the basis of oldest pingProbeHistoryTime value first. A value of 0 for this object disables creation of pingProbeHistoryTable entries." DEFVAL { 50 } ::= { pingCtlEntry 11 } pingCtlStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for this conceptual row. Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row." DEFVAL { nonVolatile } ::= { pingCtlEntry 12 } pingCtlTrapGeneration OBJECT-TYPE SYNTAX INTEGER { none(1), probeFailure(2), testFailure(3), testCompletion(4) } MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object determines when and if to to generation a notification for this entry: none(1) - Don't generation any notifications. probeFailure(2) - Generate a pingProbeFailed notification subject to the value of pingCtlTrapFilter. pingCtlTrapFilter can be used to specify the number of successive probe failures that are required before a pingProbeFailed notification can be generated. DISMAN Working Group Expires March 1999 [Page 16] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 testFailure(3) - Generate a pingTestFailed notification. In this instance pingCtlTrapFilter should specify the number of probe failures required in a test to have failed in order to considered the test as failed. testCompletion(4) - Generate a pingTestCompleted notification." DEFVAL { none } ::= { pingCtlEntry 13 } pingCtlTrapFilter OBJECT-TYPE SYNTAX Integer32 (0..15) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object is used to determine when to generate either a pingProbeFailed or a pingTestFailed NOTIFICATION. Which NOTIFICATION to generate is determined by the value of pingCtlTrapGeneration. Setting pingCtlTrapGeneration to probeFailure(2) implies that a pingProbeFailed NOTIFICATION is generated only when the number of successive probe failures as indicated by the value of pingCtlTrapFilter fail within a given ping test. Setting pingCtlTrapGeneration to testFailure(3) implies that a pingTestFailed NOTIFICATION is generated only when the number of ping failures within a test exceed the value of pingCtlTrapFilter." DEFVAL { 1 } ::= { pingCtlEntry 14 } pingCtlRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object allows entries to be created and deleted in the pingCtlTable. Deletion of an entry in this table results in all corresponding (same pingCtlOwnerIndex and pingCtlTestName index values) pingResultsTable and pingProbeHistoryTable entries being deleted. Activation of a remote ping operation is controlled via pingCtlAdminStatus and not by transitioning of this object's value to active(1). Transitions in and out of active(1) state are not DISMAN Working Group Expires March 1999 [Page 17] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 allowed while an entry's pingResultsOperStatus is active(1) with the exception that deletion of an entry in this table by setting its RowStatus object to destroy(6) will stop an active ping operation. The operational state of an ping operation can be determined by examination of it's pingResultsOperStatus object." REFERENCE "RFC 2579, 'Textual Conventions for SMIv2.'" ::= { pingCtlEntry 15 } -- Ping Results Table pingResultsTable OBJECT-TYPE SYNTAX SEQUENCE OF PingResultsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the Ping Results Table for providing the capability of performing ping operations at a remote host. The results of these operations are stored in the pingResultsTable and the pingPastProbeTable." ::= { pingObjects 3 } pingResultsEntry OBJECT-TYPE SYNTAX PingResultsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the pingResultsTable." INDEX { pingCtlOwnerIndex, pingCtlTestName } ::= { pingResultsTable 1 } PingResultsEntry ::= SEQUENCE { pingResultsOperStatus INTEGER, pingResultsIpHostAddress IpHostAddress, pingResultsMinRtt Unsigned32, pingResultsMaxRtt Unsigned32, pingResultsAverageRtt Unsigned32, pingResultsProbeResponses Counter32, pingResultsSentProbes Counter32, pingResultsRttSumOfSquares Unsigned32, pingResultsLastGoodProbe DateAndTime } pingResultsOperStatus OBJECT-TYPE DISMAN Working Group Expires March 1999 [Page 18] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 SYNTAX INTEGER { up(1), -- test is in progress down(2) -- test has stopped } MAX-ACCESS read-only STATUS current DESCRIPTION "Reflects the operational state of an pingCtlEntry: up(1) - Test is active. down(1) - Test has stopped." ::= { pingResultsEntry 1 } pingResultsIpHostAddress OBJECT-TYPE SYNTAX IpHostAddress MAX-ACCESS read-only STATUS current DESCRIPTION "This objects reports the IP address associated with a pingCtlHostAddress value when the destination address is specified as a DNS name. The value of this object should be a zero length octet string when a DNS name is not specified or when a specified DNS name fails to resolve." ::= { pingResultsEntry 2 } pingResultsMinRtt OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The minimum ping round-trip-time (RTT) received. A value of 0 for this object implies that no RTT has been received." ::= { pingResultsEntry 3 } pingResultsMaxRtt OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The maximum ping round-trip-time (RTT) received. A value of 0 for this object implies that no RTT has been received." ::= { pingResultsEntry 4 } pingResultsAverageRtt OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The current average ping round-trip-time (RTT)." ::= { pingResultsEntry 5 } pingResultsProbeResponses OBJECT-TYPE DISMAN Working Group Expires March 1999 [Page 19] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of responses received for the corresponding pingCtlEntry and pingResultsEntry." ::= { pingResultsEntry 6 } pingResultsSentProbes OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object reflects the number of probes sent for the corresponding pingCtlEntry and pingResultsEntry." ::= { pingResultsEntry 7 } pingResultsRttSumOfSquares OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object contains the sum of all ping responses received. Its purpose is to enable standard deviation calculation." ::= { pingResultsEntry 8 } pingResultsLastGoodProbe OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "Date and time was the last response was received for a probe." ::= { pingResultsEntry 9 } -- Ping Probe History Table pingProbeHistoryTable OBJECT-TYPE SYNTAX SEQUENCE OF PingProbeHistoryEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines a table for storing the results of a ping operation. Entries in this table is limited by the value of the corresponding pingCtlMaxRows object. An implementation of this MIB will remove the oldest entry in the pingProbeHistoryTable to allow the addition of an new entry once the number of rows in the pingProbeHistoryTable reaches the value specified by pingCtlMaxRows. Entries will be removed on the basis of oldest pingProbeHistoryTime value first." DISMAN Working Group Expires March 1999 [Page 20] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 ::= { pingObjects 4 } pingProbeHistoryEntry OBJECT-TYPE SYNTAX PingProbeHistoryEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines a table for storing the results of a ping operation. Entries in this table is limited by the value of the corresponding pingCtlMaxRows object. An implementation of this MIB will remove the oldest entry in the pingProbeHistoryTable to allow the addition of an new entry once the number of rows in the pingProbeHistoryTable reaches the value specified by pingCtlMaxRows. Entries will be removed on the basis of oldest pingProbeHistoryTime value first." INDEX { pingCtlOwnerIndex, pingCtlTestName, pingProbeHistoryIndex } ::= { pingProbeHistoryTable 1 } PingProbeHistoryEntry ::= SEQUENCE { pingProbeHistoryIndex Unsigned32, pingProbeHistoryResponse Integer32, pingProbeHistoryStatus OperationResponseStatus, pingProbeHistoryLastReplyCode Integer32, pingProbeHistoryTime DateAndTime } pingProbeHistoryIndex OBJECT-TYPE SYNTAX Unsigned32 (1..'ffffffff'h) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table is created when the results of a ping probe is determined. The initial 2 instance identifier index values identifies the pingCtlEntry that a probe result (pingProbeHistoryEntry) belongs to." ::= { pingProbeHistoryEntry 1 } pingProbeHistoryResponse OBJECT-TYPE SYNTAX Integer32 UNITS "milliseconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The amount of time measured in milliseconds from when DISMAN Working Group Expires March 1999 [Page 21] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 a probe was sent to when its response was received or when it timed out. The value of this object is reported as 0 when it is not possible to transmit a probe." ::= { pingProbeHistoryEntry 2 } pingProbeHistoryStatus OBJECT-TYPE SYNTAX OperationResponseStatus MAX-ACCESS read-only STATUS current DESCRIPTION "The result of a ping operation made by a remote host for a particular probe." ::= { pingProbeHistoryEntry 3 } pingProbeHistoryLastReplyCode OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The last implementation method specific reply code received. If the ICMP Echo capability is being used then a successful probe ends when an ICMP response is received that contains the code ICMP_ECHOREPLY(0)." ::= { pingProbeHistoryEntry 4 } pingProbeHistoryTime OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "Timestamp for when this probe results was determined." ::= { pingProbeHistoryEntry 5 } -- Notification Definition section pingProbeFailed NOTIFICATION-TYPE OBJECTS { pingCtlHostAddressType, pingCtlHostAddress, pingResultsOperStatus, pingResultsIpHostAddress, pingResultsMinRtt, pingResultsMaxRtt, pingResultsAverageRtt, pingResultsProbeResponses, pingResultsSentProbes, pingResultsRttSumOfSquares, pingResultsLastGoodProbe } STATUS current DESCRIPTION "Generated when a probe failure is detected when the DISMAN Working Group Expires March 1999 [Page 22] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 corresponding pingCtlTrapGeneration object is set to probeFailure(2) subject to the value of pingCtlTrapFilter. pingCtlTrapFilter can be used to specify the number of successive probe failures that are required before this notification can be generated." ::= { pingNotifications 1 } pingTestFailed NOTIFICATION-TYPE OBJECTS { pingCtlHostAddressType, pingCtlHostAddress, pingResultsOperStatus, pingResultsIpHostAddress, pingResultsMinRtt, pingResultsMaxRtt, pingResultsAverageRtt, pingResultsProbeResponses, pingResultsSentProbes, pingResultsRttSumOfSquares, pingResultsLastGoodProbe } STATUS current DESCRIPTION "Generated when a ping test is determined to have failed when the corresponding pingCtlTrapGeneration object is set to testFailure(3). In this instance pingCtlTrapFilter should specify the number of probe failures required in a test to have failed in order to considered the test as failed." ::= { pingNotifications 2 } pingTestCompleted NOTIFICATION-TYPE OBJECTS { pingCtlHostAddressType, pingCtlHostAddress, pingResultsOperStatus, pingResultsIpHostAddress, pingResultsMinRtt, pingResultsMaxRtt, pingResultsAverageRtt, pingResultsProbeResponses, pingResultsSentProbes, pingResultsRttSumOfSquares, pingResultsLastGoodProbe } STATUS current DESCRIPTION "Generated at the completion of a ping test when the corresponding pingCtlTrapGeneration object is set to testCompletion(4)." ::= { pingNotifications 3 } -- Conformance information DISMAN Working Group Expires March 1999 [Page 23] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 -- Compliance statements pingCompliances OBJECT IDENTIFIER ::= { pingConformance 1 } pingGroups OBJECT IDENTIFIER ::= { pingConformance 2 } -- Compliance statements pingCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for the DISMAN-PING-MIB." MODULE -- this module MANDATORY-GROUPS { pingGroup, pingNotificationsGroup } GROUP pingTimeStampGroup DESCRIPTION "This group is mandatory for implementations that have access to a system clock and are capable of setting the values for DateAndTime objects." OBJECT pingMaxConcurrentRequests MIN-ACCESS read-only DESCRIPTION "The agent is not required to support a SET operation to this object." OBJECT pingCtlStorageType MIN-ACCESS read-only DESCRIPTION "Write access is not required." ::= { pingCompliances 1 } -- MIB groupings pingGroup OBJECT-GROUP OBJECTS { pingMaxConcurrentRequests, pingCtlHostAddressType, pingCtlHostAddress, pingCtlDataSize, pingCtlTimeOut, pingCtlProbeCount, pingCtlAdminStatus, pingCtlDataFill, pingCtlFrequency, pingCtlMaxRows, pingCtlStorageType, pingCtlTrapGeneration, pingCtlTrapFilter, pingCtlRowStatus, DISMAN Working Group Expires March 1999 [Page 24] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 pingResultsOperStatus, pingResultsIpHostAddress, pingResultsMinRtt, pingResultsMaxRtt, pingResultsAverageRtt, pingResultsProbeResponses, pingResultsSentProbes, pingResultsRttSumOfSquares, pingProbeHistoryResponse, pingProbeHistoryStatus, pingProbeHistoryLastReplyCode } STATUS current DESCRIPTION "The group of objects that comprise the remote ping capability." ::= { pingGroups 1 } pingTimeStampGroup OBJECT-GROUP OBJECTS { pingResultsLastGoodProbe, pingProbeHistoryTime } STATUS current DESCRIPTION "The group of DateAndTime objects." ::= { pingGroups 2 } pingNotificationsGroup NOTIFICATION-GROUP NOTIFICATIONS { pingProbeFailed, pingTestFailed, pingTestCompleted } STATUS current DESCRIPTION "The notification which are required to be supported by implementations of this MIB." ::= { pingGroups 3 } END DISMAN Working Group Expires March 1999 [Page 25] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 4.2 DISMAN-TRACEROUTE-MIB DISMAN-TRACEROUTE-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, experimental, Gauge32, Unsigned32, Counter32, NOTIFICATION-TYPE FROM SNMPv2-SMI -- RFC1902 RowStatus, StorageType, TruthValue, DateAndTime FROM SNMPv2-TC -- RFC1903 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF -- RFC1904 SnmpAdminString FROM SNMP-FRAMEWORK-MIB -- RFC2271 InterfaceIndexOrZero -- RFC2233 FROM IF-MIB HostAddressType, HostAddress, IpHostAddress, OperationResponseStatus FROM DISMAN-PING-MIB; traceRouteMIB MODULE-IDENTITY LAST-UPDATED "9904270000Z" ORGANIZATION "IETF Distributed Management Working Group" CONTACT-INFO "Kenneth White International Business Machines Corporation Network Computing Software Division Research Triangle Park, NC, USA E-mail: wkenneth@us.ibm.com" DESCRIPTION "The Traceroute MIB (DISMAN-TRACEROUTE-MIB) provides access to the traceroute capability at a remote host." ::= { experimental 84 2 } -- Top level structure of the MIB traceRouteNotifications OBJECT IDENTIFIER ::= { traceRouteMIB 0 } traceRouteObjects OBJECT IDENTIFIER ::= { traceRouteMIB 1 } traceRouteConformance OBJECT IDENTIFIER ::= { traceRouteMIB 2 } -- Simple Object Definitions traceRouteMaxConcurrentRequests OBJECT-TYPE SYNTAX Integer32 (1..100) MAX-ACCESS read-write STATUS current DESCRIPTION "The maximum number of concurrent active traceroute requests DISMAN Working Group Expires March 1999 [Page 26] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 that are allowed within an agent implementation." DEFVAL { 10 } ::= { traceRouteObjects 1 } -- Traceroute Control Table traceRouteCtlTable OBJECT-TYPE SYNTAX SEQUENCE OF TraceRouteCtlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the Remote Operations Traceroute Control Table for providing the capability of invoking traceroute from a remote host. The results of traceroute operations are stored in the traceRouteResultsTable and traceRouteProbeHistoryTable." ::= { traceRouteObjects 2 } traceRouteCtlEntry OBJECT-TYPE SYNTAX TraceRouteCtlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the traceRouteCtlTable." INDEX { traceRouteCtlOwnerIndex, traceRouteCtlTestName } ::= { traceRouteCtlTable 1 } TraceRouteCtlEntry ::= SEQUENCE { traceRouteCtlOwnerIndex SnmpAdminString, traceRouteCtlTestName SnmpAdminString, traceRouteCtlHostAddressType HostAddressType, traceRouteCtlHostAddress HostAddress, traceRouteCtlByPassRouteTable TruthValue, traceRouteCtlDataSize Integer32, traceRouteCtlTimeOut Integer32, traceRouteCtlProbesPerHop Integer32, traceRouteCtlPort Integer32, traceRouteCtlMaxTtl Integer32, traceRouteCtlTos Integer32, traceRouteCtlSourceAddress HostAddress, traceRouteCtlIfIndex InterfaceIndexOrZero, traceRouteCtlMiscOptions SnmpAdminString, traceRouteCtlMaxFailures Integer32, traceRouteCtlDontFragment TruthValue, traceRouteCtlInitialTtl Integer32, traceRouteCtlFrequency Integer32, traceRouteCtlStorageType StorageType, traceRouteCtlAdminStatus INTEGER, traceRouteCtlMaxRows Integer32, traceRouteCtlTrapGeneration INTEGER, DISMAN Working Group Expires March 1999 [Page 27] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 traceRouteCtlRowStatus RowStatus } traceRouteCtlOwnerIndex OBJECT-TYPE SYNTAX SnmpAdminString (SIZE(0..32)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "To facilitate the provisioning of access control by a security administrator using the View-Based Access Control Model (RFC 2275, VACM) for tables in which multiple users may need to independently create or modify entries, the initial index is used as an 'owner index'. Such an initial index has a syntax of SnmpAdminString, and can thus be trivially mapped to a securityName or groupName as defined in VACM, in accordance with a security policy. All entries in this table belonging to a particular user will have the same value for this initial index. For a given user's entries in a particular table, the object identifiers for the information in these entries will have the same subidentifiers (except for the 'column' subidentifier) up to the end of the encoded owner index. To configure VACM to permit access to this portion of the table, one would create vacmViewTreeFamilyTable entries with the value of vacmViewTreeFamilySubtree including the owner index portion, and vacmViewTreeFamilyMask 'wildcarding' the column subidentifier. More elaborate configurations are possible." ::= { traceRouteCtlEntry 1 } traceRouteCtlTestName OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS not-accessible STATUS current DESCRIPTION "The name of a traceroute test. This is locally unique, within the scope of an traceRouteCtlOwnerIndex." ::= { traceRouteCtlEntry 2 } traceRouteCtlHostAddressType OBJECT-TYPE SYNTAX HostAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the type of host address to be used on the traceroute request at the remote host." DEFVAL { ipv4 } ::= { traceRouteCtlEntry 3 } traceRouteCtlHostAddress OBJECT-TYPE SYNTAX HostAddress MAX-ACCESS read-create STATUS current DESCRIPTION DISMAN Working Group Expires March 1999 [Page 28] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 "Specifies the host address used on the traceroute request at the remote host. The host address type can be determined by the examining the value of the corresponding traceRouteCtlHostAddressType index element." ::= { traceRouteCtlEntry 4 } traceRouteCtlByPassRouteTable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The purpose of this object is optionally enable bypassing the route table. If enabled bypass the normal routing tables and send directly to a host on an attached network. If the host is not on a directly-attached network, an error is returned. This option can be used to ping a local host through an interface that has no route through it (e.g., after the interface was dropped by routed)." DEFVAL { false } ::= { traceRouteCtlEntry 5 } traceRouteCtlDataSize OBJECT-TYPE SYNTAX Integer32 (0..65507) UNITS "octets" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the size of the data portion of a traceroute request in octets. A traceroute request is essentially transmitted by encoding a UDP datagram into a IP packet. So subtracting the size of a UDP header (8 octets) and the size of a IP header (20 octets) yields a maximum of 65507 octets." DEFVAL { 0 } ::= { traceRouteCtlEntry 6 } traceRouteCtlTimeOut OBJECT-TYPE SYNTAX Integer32 (1..60) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the time-out value, in seconds, for a traceroute request." DEFVAL { 3 } ::= { traceRouteCtlEntry 7 } traceRouteCtlProbesPerHop OBJECT-TYPE SYNTAX Integer32 (1..10) DISMAN Working Group Expires March 1999 [Page 29] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 UNITS "probes" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the number of times to reissue a traceroute request with the same time-to-live (TTL) value." DEFVAL { 3 } ::= { traceRouteCtlEntry 8 } traceRouteCtlPort OBJECT-TYPE SYNTAX Integer32 (1..65535) UNITS "UDP Port" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the UDP port to sent the traceroute request to. Need to specify a port that is not in use at the destination host." DEFVAL { 4096 } ::= { traceRouteCtlEntry 9 } traceRouteCtlMaxTtl OBJECT-TYPE SYNTAX Integer32 (1..255) UNITS "time-to-live value" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the maximum time-to-live value." DEFVAL { 30 } ::= { traceRouteCtlEntry 10 } traceRouteCtlTos OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the value to store in the TOS OCTET in the IP probe packet that is transmitted as the traceroute request. The value must be a decimal integer in the range 0 to 255. This option can be used to see if different types-of-service result in different paths. Not all values of TOS are legal or meaningful. TOS is often not supported by IP implementations. Useful values are probably '16' (low delay) and '8' (high throughput)." REFERENCE "RFC 1812 Section 5.3.2, Type of Service (TOS)" DEFVAL { 0 } ::= { traceRouteCtlEntry 11 } traceRouteCtlSourceAddress OBJECT-TYPE SYNTAX HostAddress MAX-ACCESS read-create DISMAN Working Group Expires March 1999 [Page 30] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 STATUS current DESCRIPTION "Use the specified IP address (which must be given as an IP number, not a hostname) as the source address in outgoing probe packets. On hosts with more than one IP address, this option can be used to force the source address to be something other than the IP address of the interface the probe packet is sent on. If the IP address is not one of this machine's interface addresses, an error is returned and nothing is sent." DEFVAL { ''H } ::= { traceRouteCtlEntry 12 } traceRouteCtlIfIndex OBJECT-TYPE SYNTAX InterfaceIndexOrZero MAX-ACCESS read-create STATUS current DESCRIPTION "Setting this object to an interface's ifIndex prior to starting a remote traceroute operation directs the traceroute probes to be transmitted over the specified interface. A value of zero for this object implies that this option is not enabled." DEFVAL { 0 } ::= { traceRouteCtlEntry 13 } traceRouteCtlMiscOptions OBJECT-TYPE SYNTAX SnmpAdminString (SIZE(0..64)) MAX-ACCESS read-create STATUS current DESCRIPTION "Enables an application to specify implementation dependent options." DEFVAL { ''H } ::= { traceRouteCtlEntry 14 } traceRouteCtlMaxFailures OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object indicates the maximum number of consecutive timeouts allowed before terminating a remote traceroute request. A value of either 255 (maximum hop count/possible TTL value) or a 0 indicates that the function of terminating a remote traceroute request when a specific number of successive timeouts are detected is disabled." DEFVAL { 5 } ::= { traceRouteCtlEntry 15 } traceRouteCtlDontFragment OBJECT-TYPE DISMAN Working Group Expires March 1999 [Page 31] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object enables setting of the don't fragment flag (DF) in the IP header for a probe. Use of this object enables performing a manual PATH MTU test." DEFVAL { false } ::= { traceRouteCtlEntry 16 } traceRouteCtlInitialTtl OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object specifies the initial TTL value to use. This enables bypassing the initial (often well known) portion of a path." DEFVAL { 1 } ::= { traceRouteCtlEntry 17 } traceRouteCtlFrequency OBJECT-TYPE SYNTAX Integer32 UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The number of seconds to wait before repeating a traceRoute test as defined by the value of the various objects in the corresponding row." DEFVAL { 0 } ::= { traceRouteCtlEntry 18 } traceRouteCtlStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for this conceptual row. Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row." DEFVAL { nonVolatile } ::= { traceRouteCtlEntry 19 } traceRouteCtlAdminStatus OBJECT-TYPE SYNTAX INTEGER { up(1), -- operation should be started down(2) -- operation should be stop } MAX-ACCESS read-create STATUS current DESCRIPTION "Reflects the desired state that an traceRouteCtlEntry DISMAN Working Group Expires March 1999 [Page 32] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 should be in: up(1) - Attempt to active the test as defined by this traceRouteCtlEntry. down(1) - Deactive the test as defined by this traceRouteCtlEntry. Refer to the corresponding traceRouteResultsOperStatus to determine the operational state of the test defined by this entry." DEFVAL { down } ::= { traceRouteCtlEntry 20 } traceRouteCtlMaxRows OBJECT-TYPE SYNTAX Integer32 (0..1500) MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum number of entries allowed in the traceRouteProbeHistoryTable. An implementation of this MIB will remove the oldest entry in the traceRouteProbeHistoryTable to allow the addition of an new entry once the number of rows in the traceRouteProbeHistoryTable reaches this value. Entries will be removed on the basis of oldest traceRouteProbeHistoryTime value first. A value of 0 for this object disables creation of traceRouteProbeHistoryTable entries." DEFVAL { 50 } ::= { traceRouteCtlEntry 21 } traceRouteCtlTrapGeneration OBJECT-TYPE SYNTAX INTEGER { none(1), pathChange(2), testFailure(3), testCompletion(4) } MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object determines when and if to to generation a notification for this entry: none(1) - Don't generation any notifications. pathChange(2) - Generate a traceRoutePathChange notification when the current path varies from a previously determined path. testFailure(3) - Generate a traceRouteTestFailed notification when the full path to a target can't be determined. testCompletion(4) - Generate a traceRouteTestCompleted DISMAN Working Group Expires March 1999 [Page 33] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 notification when the path to a target has been determined." DEFVAL { none } ::= { traceRouteCtlEntry 22 } traceRouteCtlRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object allows entries to be created and deleted in the traceRouteCtlTable. Deletion of an entry in this table results in all corresponding (same traceRouteCtlOwnerIndex and traceRouteCtlTestName index values) traceRouteResultsTable and traceRouteProbeHistoryTable entries being deleted. Activation of a remote traceroute operation is controled via traceRouteCtlAdminStatus and not by transitioning of this object's value to active(1). Transitions in and out of active(1) state are not allowed while an entry's traceRouteResultsOperStatus is active(1) with the exception that deletion of an entry in this table by setting its RowStatus object to destroy(6) will stop an active ping operation. The operational state of an traceroute operation can be determined by examination of it's traceRouteResultsOperStatus object." REFERENCE "RFC 2579, 'Textual Conventions for SMIv2.'" ::= { traceRouteCtlEntry 23 } -- Traceroute Results Table traceRouteResultsTable OBJECT-TYPE SYNTAX SEQUENCE OF TraceRouteResultsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the Remote Operations Traceroute Results Table for keeping track of the status of an traceRouteCtlEntry." ::= { traceRouteObjects 3 } traceRouteResultsEntry OBJECT-TYPE SYNTAX TraceRouteResultsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the traceRouteResultsTable." INDEX { DISMAN Working Group Expires March 1999 [Page 34] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 traceRouteCtlOwnerIndex, traceRouteCtlTestName } ::= { traceRouteResultsTable 1 } TraceRouteResultsEntry ::= SEQUENCE { traceRouteResultsOperStatus INTEGER, traceRouteResultsCurHopCount Gauge32, traceRouteResultsCurProbeCount Gauge32, traceRouteResultsIpHostAddress IpHostAddress, traceRouteResultsTestAttempts Counter32, traceRouteResultsTestSuccesses Counter32, traceRouteResultsLastGoodPath DateAndTime } traceRouteResultsOperStatus OBJECT-TYPE SYNTAX INTEGER { up(1), -- test is in progress down(2) -- test has stopped } MAX-ACCESS read-only STATUS current DESCRIPTION "Reflects the operational state of an traceRouteCtlEntry: up(1) - Test is active. down(1) - Test has stopped." ::= { traceRouteResultsEntry 1 } traceRouteResultsCurHopCount OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "Reflects the current TTL value (range from 1 to 255) for an remote traceroute operation. Maximum TTL value is determined by traceRouteCtlMaxTtl." ::= { traceRouteResultsEntry 2 } traceRouteResultsCurProbeCount OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "Reflects the current probe count (1..10) for an remote traceroute operation. The maximum probe count is determined by traceRouteCtlProbesPerHop." ::= { traceRouteResultsEntry 3 } traceRouteResultsIpHostAddress OBJECT-TYPE DISMAN Working Group Expires March 1999 [Page 35] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 SYNTAX IpHostAddress MAX-ACCESS read-only STATUS current DESCRIPTION "This objects reports the IP address associated with a traceRouteCtlHostAddress value when the destination address is specified as a DNS name. The value of this object should be a zero length octet string when a DNS name is not specified or when a specified DNS name fails to resolve." ::= { traceRouteResultsEntry 4 } traceRouteResultsTestAttempts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The current number of attempts to determine a path to a target." ::= { traceRouteResultsEntry 5 } traceRouteResultsTestSuccesses OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The current number of attempts to determine a path to a target that have succeeded." ::= { traceRouteResultsEntry 6 } traceRouteResultsLastGoodPath OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The date and time when the last path was determined." ::= { traceRouteResultsEntry 7 } -- Trace Route Probe History Table traceRouteProbeHistoryTable OBJECT-TYPE SYNTAX SEQUENCE OF TraceRouteProbeHistoryEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the Remote Operations Traceroute Results Table for storing the results of a traceroute operation." ::= { traceRouteObjects 4 } traceRouteProbeHistoryEntry OBJECT-TYPE SYNTAX TraceRouteProbeHistoryEntry MAX-ACCESS not-accessible STATUS current DISMAN Working Group Expires March 1999 [Page 36] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 DESCRIPTION "Defines a table for storing the results of a traceroute operation. Entries in this table is limited by the value of the corresponding traceRouteCtlMaxRows object. An implementation of this MIB will remove the oldest entry in the traceRouteProbeHistoryTable to allow the addition of an new entry once the number of rows in the traceRouteProbeHistoryTable reaches the value specified by traceRouteCtlMaxRows. Entries will be removed on the basis of oldest traceRouteProbeHistoryTime value first." INDEX { traceRouteCtlOwnerIndex, traceRouteCtlTestName, traceRouteProbeHistoryIndex, traceRouteProbeHistoryHopIndex, traceRouteProbeHistoryProbeIndex } ::= { traceRouteProbeHistoryTable 1 } TraceRouteProbeHistoryEntry ::= SEQUENCE { traceRouteProbeHistoryIndex Unsigned32, traceRouteProbeHistoryHopIndex Integer32, traceRouteProbeHistoryProbeIndex Integer32, traceRouteProbeHistoryHopAddress HostAddress, traceRouteProbeHistoryResponse Integer32, traceRouteProbeHistoryStatus OperationResponseStatus, traceRouteProbeHistoryLastReplyCode Integer32, traceRouteProbeHistoryTime DateAndTime } traceRouteProbeHistoryIndex OBJECT-TYPE SYNTAX Unsigned32 (1..'ffffffff'h) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table is created when the results of a traceroute probe is determined. The initial 2 instance identifier index values identifies the traceRouteCtlEntry that a probe result (traceRouteProbeHistoryEntry) belongs to." ::= { traceRouteProbeHistoryEntry 1 } traceRouteProbeHistoryHopIndex OBJECT-TYPE SYNTAX Integer32 (1..255) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Indicates which hop in a traceroute path that the probe's results is for." ::= { traceRouteProbeHistoryEntry 2 } DISMAN Working Group Expires March 1999 [Page 37] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 traceRouteProbeHistoryProbeIndex OBJECT-TYPE SYNTAX Integer32 (1..10) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Indicates the index of a probe for determining for a hop in a traceroute path. The value of this object is initially determined by the value of traceRouteCtlInitialTtl." ::= { traceRouteProbeHistoryEntry 3 } traceRouteProbeHistoryHopAddress OBJECT-TYPE SYNTAX HostAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The address of a hop in a traceroute path. This object is not allowed to be a DNS name. The length of the octet string returned determines the address type." ::= { traceRouteProbeHistoryEntry 4 } traceRouteProbeHistoryResponse OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The amount of time measured in milliseconds from when a probe was sent to when its response was received or when it timed out. The value of this object is reported as 0 when it is not possible to transmit a probe." ::= { traceRouteProbeHistoryEntry 5 } traceRouteProbeHistoryStatus OBJECT-TYPE SYNTAX OperationResponseStatus MAX-ACCESS read-only STATUS current DESCRIPTION "The result of a traceroute operation made by a remote host for a particular probe." ::= { traceRouteProbeHistoryEntry 6 } traceRouteProbeHistoryLastReplyCode OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The last implementation method specific reply code received. Traceroute is usually implemented by transmitting a series of probe packets with increasing time-to-live values. A probe packet is a UDP datagram encapsulated into an IP packet. Each hop in a path to the target (destination) host rejects the probe packets (probe's TTL too small, ICMP reply) until DISMAN Working Group Expires March 1999 [Page 38] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 either the maximum TTL is exceeded or the target host is received." ::= { traceRouteProbeHistoryEntry 7 } traceRouteProbeHistoryTime OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "Timestamp for when this probe results was determined." ::= { traceRouteProbeHistoryEntry 8 } -- Notification Definition section traceRoutePathChange NOTIFICATION-TYPE OBJECTS { traceRouteCtlHostAddressType, traceRouteCtlHostAddress, traceRouteResultsIpHostAddress } STATUS current DESCRIPTION "The path to a target has changed." ::= { traceRouteNotifications 1 } traceRouteTestFailed NOTIFICATION-TYPE OBJECTS { traceRouteCtlHostAddressType, traceRouteCtlHostAddress, traceRouteResultsIpHostAddress } STATUS current DESCRIPTION "Could not determine the path to a target." ::= { traceRouteNotifications 2 } traceRouteTestCompleted NOTIFICATION-TYPE OBJECTS { traceRouteCtlHostAddressType, traceRouteCtlHostAddress, traceRouteResultsIpHostAddress } STATUS current DESCRIPTION "The path to a target has just been determined." ::= { traceRouteNotifications 3 } -- Conformance information -- Compliance statements traceRouteCompliances OBJECT IDENTIFIER ::= { traceRouteConformance 1 } traceRouteGroups OBJECT IDENTIFIER ::= { traceRouteConformance 2 } DISMAN Working Group Expires March 1999 [Page 39] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 -- Compliance statements traceRouteCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for the DISMAN-TRACEROUTE-MIB." MODULE -- this module MANDATORY-GROUPS { traceRouteGroup, traceRouteNotificationsGroup } GROUP traceRouteTimeStampGroup DESCRIPTION "This group is mandatory for implementations that have access to a system clock and are capable of setting the values for DateAndTime objects." OBJECT traceRouteMaxConcurrentRequests MIN-ACCESS read-only DESCRIPTION "The agent is not required to support a SET operation to this object." OBJECT traceRouteCtlByPassRouteTable MIN-ACCESS read-only DESCRIPTION "This object is not required by implementations that are not capable of its implementation. The function represented by this object is implementable if the setsockopt SOL_SOCKET SO_DONTROUTE option is supported." OBJECT traceRouteCtlSourceAddress MIN-ACCESS read-only DESCRIPTION "This object is not required by implementations that are not capable of binding the send socket (udp) with a source address." ::= { traceRouteCompliances 1 } -- MIB groupings traceRouteGroup OBJECT-GROUP OBJECTS { traceRouteMaxConcurrentRequests, traceRouteCtlHostAddressType, traceRouteCtlHostAddress, traceRouteCtlByPassRouteTable, traceRouteCtlDataSize, traceRouteCtlTimeOut, traceRouteCtlProbesPerHop, traceRouteCtlPort, traceRouteCtlMaxTtl, traceRouteCtlTos, DISMAN Working Group Expires March 1999 [Page 40] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 traceRouteCtlSourceAddress, traceRouteCtlIfIndex, traceRouteCtlMiscOptions, traceRouteCtlMaxFailures, traceRouteCtlDontFragment, traceRouteCtlInitialTtl, traceRouteCtlFrequency, traceRouteCtlStorageType, traceRouteCtlAdminStatus, traceRouteCtlMaxRows, traceRouteCtlTrapGeneration, traceRouteCtlRowStatus, traceRouteResultsOperStatus, traceRouteResultsCurHopCount, traceRouteResultsCurProbeCount, traceRouteResultsIpHostAddress, traceRouteResultsTestAttempts, traceRouteResultsTestSuccesses, traceRouteProbeHistoryHopAddress, traceRouteProbeHistoryResponse, traceRouteProbeHistoryStatus, traceRouteProbeHistoryLastReplyCode } STATUS current DESCRIPTION "The group of objects that comprise the remote traceroute operation." ::= { traceRouteGroups 1 } traceRouteTimeStampGroup OBJECT-GROUP OBJECTS { traceRouteResultsLastGoodPath, traceRouteProbeHistoryTime } STATUS current DESCRIPTION "The group of DateAndTime objects." ::= { traceRouteGroups 2 } traceRouteNotificationsGroup NOTIFICATION-GROUP NOTIFICATIONS { traceRoutePathChange, traceRouteTestFailed, traceRouteTestCompleted } STATUS current DESCRIPTION "The notification which are required to be supported by implemenations of this MIB." ::= { traceRouteGroups 3 } END DISMAN Working Group Expires March 1999 [Page 41] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 4.3 DISMAN-LOOKUP-MIB DISMAN-LOOKUP-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, experimental, Unsigned32 FROM SNMPv2-SMI -- RFC1902 RowStatus FROM SNMPv2-TC -- RFC1903 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF -- RFC1904 SnmpAdminString FROM SNMP-FRAMEWORK-MIB -- RFC2271 HostAddressType, HostAddress FROM DISMAN-PING-MIB; lookupMIB MODULE-IDENTITY LAST-UPDATED "9904230000Z" ORGANIZATION "IETF Distributed Management Working Group" CONTACT-INFO "Kenneth White International Business Machines Corporation Network Computing Software Division Research Triangle Park, NC, USA E-mail: wkenneth@us.ibm.com" DESCRIPTION "The Lookup MIB (DISMAN-LOOKUP-MIB) enables determination of either the name corresponding to a host address or of the address associated with a host name at a remote host." ::= { experimental 84 3 } -- Top level structure of the MIB lookupObjects OBJECT IDENTIFIER ::= { lookupMIB 1 } lookupConformance OBJECT IDENTIFIER ::= { lookupMIB 2 } -- Simple Object Definitions lookupMaxConcurrentRequests OBJECT-TYPE SYNTAX Integer32 (1..100) MAX-ACCESS read-write STATUS current DESCRIPTION "The maximum number of concurrent active lookup requests that are allowed within an agent implementation." DEFVAL { 10 } ::= { lookupObjects 1 } lookupPurgeTime OBJECT-TYPE SYNTAX Integer32 (0..86400) DISMAN Working Group Expires March 1999 [Page 42] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The amount of time to wait before automatically deleting an entry in the lookupTable after the lookup operation represented by an lookupEntry has completed." DEFVAL { 900 } -- 15 minutes as default ::= { lookupObjects 2 } -- Lookup Table lookupTable OBJECT-TYPE SYNTAX SEQUENCE OF LookupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the Lookup Table for provide the capability of performing a lookup operation, gethostbyname or gethostbyaddr, from a remote host." ::= { lookupObjects 3 } lookupEntry OBJECT-TYPE SYNTAX LookupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the lookupTable." INDEX { lookupOwnerIndex, lookupOperationName, lookupAddressType, lookupAddress } ::= { lookupTable 1 } LookupEntry ::= SEQUENCE { lookupOwnerIndex SnmpAdminString, lookupOperationName SnmpAdminString, lookupAddressType HostAddressType, lookupAddress HostAddress, lookupOperStatus INTEGER, lookupResultType HostAddressType, lookupResult HostAddress, lookupTime Unsigned32, lookupRc Unsigned32, lookupRowStatus RowStatus } lookupOwnerIndex OBJECT-TYPE SYNTAX SnmpAdminString (SIZE(0..32)) DISMAN Working Group Expires March 1999 [Page 43] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 MAX-ACCESS not-accessible STATUS current DESCRIPTION "To facilitate the provisioning of access control by a security administrator using the View-Based Access Control Model (RFC 2275, VACM) for tables in which multiple users may need to independently create or modify entries, the initial index is used as an 'owner index'. Such an initial index has a syntax of SnmpAdminString, and can thus be trivially mapped to a securityName or groupName as defined in VACM, in accordance with a security policy. All entries in that table belonging to a particular user will have the same value for this initial index. For a given user's entries in a particular table, the object identifiers for the information in these entries will have the same subidentifiers (except for the 'column' subidentifier) up to the end of the encoded owner index. To configure VACM to permit access to this portion of the table, one would create vacmViewTreeFamilyTable entries with the value of vacmViewTreeFamilySubtree including the owner index portion, and vacmViewTreeFamilyMask 'wildcarding' the column subidentifier. More elaborate configurations are possible." ::= { lookupEntry 1 } lookupOperationName OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS not-accessible STATUS current DESCRIPTION "The name of a lookup operation. This is locally unique, within the scope of an lookupOwnerIndex." ::= { lookupEntry 2 } lookupAddressType OBJECT-TYPE SYNTAX HostAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "Specifies the type of address for either performing a gethostbyname or a gethostbyaddr call at a remote host. Specification of a dnsName(2) implies that gethostbyname should be called to return a numeric address. Use of a value of either ipv4(3) or ipv6(4) implies that a gethostbyaddr call should occur to return the symbolic name of a remote host." ::= { lookupEntry 3 } lookupAddress OBJECT-TYPE SYNTAX HostAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "Specifies the address used for a DNS Lookup at a DISMAN Working Group Expires March 1999 [Page 44] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 remote host. The corresponding lookupAddressType objects determines its type as well as the function that can be requested." ::= { lookupEntry 4 } lookupOperStatus OBJECT-TYPE SYNTAX INTEGER { up(1), -- operation is in progress down(2) -- operation has stopped } MAX-ACCESS read-only STATUS current DESCRIPTION "Reflects the operational state of an lookupEntry: up(1) - Operation is active. down(1) - Operation has stopped." ::= { lookupEntry 5 } lookupResultType OBJECT-TYPE SYNTAX HostAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the type of result of a remote lookup operation. A value of none(1) implies that either the operation hasn't been started or that it has failed." ::= { lookupEntry 6 } lookupResult OBJECT-TYPE SYNTAX HostAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Reflects the results of a remote lookup operation as per the value of lookupResultType." ::= { lookupEntry 7 } lookupTime OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "Reports the number of seconds that a lookup operation required to be completed at a remote host. Completed means operation failure as well as success." ::= { lookupEntry 8 } lookupRc OBJECT-TYPE SYNTAX Unsigned32 DISMAN Working Group Expires March 1999 [Page 45] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 MAX-ACCESS read-only STATUS current DESCRIPTION "The system specific return code from a lookup operation. All implementations must return a value of 0 for this object when the remote lookup operation succeeds. A non-zero value for this objects indicates failure. It is recommended that implementations that support errno use it as the value of this object to aid a management application in determining the cause of failure." ::= { lookupEntry 9 } lookupRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object allows entries to be created and deleted in the lookupTable. A remote DNS Lookup operation is started when an entry in this table is created via an SNMP SET request and the entry is activated. This can occur by setting the value of this object to CreateAndGo(4) during row creation or by setting this object to active(1) after the row is created. A remote lookup operation starts when its entry first becomes active(1). Transitions in and out of active(1) state have no effect on the operational behavior of a remote lookup operation, with the exception that deletion of an entry in this table by setting its RowStatus object to destroy(6) will stop an active remote DNS Lookup operation. The operational state of a remote lookup operation can be determined by examination of it's lookupOperStatus object." REFERENCE "RFC 2579, 'Textual Conventions for SMIv2.'" ::= { lookupEntry 10 } -- Conformance information -- Compliance statements lookupCompliances OBJECT IDENTIFIER ::= { lookupConformance 1 } lookupGroups OBJECT IDENTIFIER ::= { lookupConformance 2 } -- Compliance statements DISMAN Working Group Expires March 1999 [Page 46] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 lookupCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for the DISMAN-LOOKUP-MIB." MODULE -- this module MANDATORY-GROUPS { lookupGroup } OBJECT lookupMaxConcurrentRequests MIN-ACCESS read-only DESCRIPTION "The agent is not required to support a SET operation to this object." OBJECT lookupPurgeTime MIN-ACCESS read-only DESCRIPTION "The agent is not required to support a SET operation to this object." ::= { lookupCompliances 1 } -- MIB groupings lookupGroup OBJECT-GROUP OBJECTS { lookupMaxConcurrentRequests, lookupPurgeTime, lookupOperStatus, lookupResultType, lookupResult, lookupTime, lookupRc, lookupRowStatus } STATUS current DESCRIPTION "The group of objects that comprise the remote Lookup operation." ::= { lookupGroups 1 } END DISMAN Working Group Expires March 1999 [Page 47] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 5.0 Security Considerations Certain management information in the MIBs defined by this document may be considered sensitive in some network environments. Therefore, authentication of received SNMP requests and controlled access to management information SHOULD be employed in such environments. The method for this authentication is a function of the SNMP Administrative Framework, and has not been expanded by this MIB. It is RECOMMENDED that the MIBs defined within this memo not be supported in insecure environments. 6.0 Intellectual Property The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards-related documentation can be found in BCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF Secretariat. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director. 7.0 Acknowledgments This document is a product of the DISMAN Working Group. 8.0 References [1] Case, J., M. Fedor, M. Schoffstall, J. Davin, "Simple Network Management Protocol", RFC 1157, SNMP Research, Performance Systems International, MIT Laboratory for Computer Science, May 1990. [2] McCloghrie, K., and M. Rose, Editors, "Management Information Base for Network Management of TCP/IP-based internets: MIB-II", STD 17, RFC 1213, Hughes LAN Systems, Performance Systems International, March 1991. DISMAN Working Group Expires March 1999 [Page 48] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 [3] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", RFC 2578, STD 58, Cisco Systems, SNMPinfo, TU Braunschweig, SNMP Research, First Virtual Holdings, International Network Services, April 1999. [4] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", RFC 2579, STD 58, Cisco Systems, SNMPinfo, TU Braunschweig, SNMP Research, First Virtual Holdings, International Network Services, April 1999. [5] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Conformance Statements for SMIv2", RFC 2580, STD 58, Cisco Systems, SNMPinfo, TU Braunschweig, SNMP Research, First Virtual Holdings, International Network Services, April 1999. [6] Case, J., McCloghrie, K., Rose, M., and Waldbusser, S., "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, January 1996. [7] Harrington D., Presuhn, R., Wijnen, B., "An Architecture for Describing SNMP Management Frameworks", RFC 2271, Cabletron Systems, BMC Software, Inc., IBM T.J. Watson Research, January 1998. [8] Harrington D., Presuhn, R., Wijnen, B., "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2272, Cabletron Systems, BMC Software, Inc., IBM T.J. Watson Research, January 1998. [9] Levi D., Meyer P., Stewart, B., "SNMPv3 Applications", RFC 2273, SNMP Research, Inc., Secure Computing Corporation, Cisco Systems, January 1998. [10] Blumenthal, U., Wijnen, B., "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2274, IBM T. J. Watson Research, January 1998. [11] Wijnen, B., Presuhn, R., McCloghrie, K., "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2275, IBM T.J. Watson Research, BMC Software, Inc., Cisco Systems, Inc., January 1998. [12] Hovey, R., and S. Bradner, "The Organizations Involved in the IETF Standards Process", BCP 11, RFC 2028, October 1996. [13] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [14] Rose, M., and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based Internets", RFC 1155, Performance Systems International, Hughes LAN Systems, May 1990. DISMAN Working Group Expires March 1999 [Page 49] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 [15] Rose, M., and K. McCloghrie, "Concise MIB Definitions", RFC 1212, Performance Systems International, Hughes LAN Systems, March 1991. [16] M. Rose, "A Convention for Defining Traps for use with the SNMP", RFC 1215, Performance Systems International, March 1991. [17] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [18] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1906, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [19] Bradner, S., "The Internet Standards Process -- Revision 3", RFC 2026, BCP 9, Harvard University, October 1996. 9.0 Author's Address Kenneth D. White Dept. BRQA/Bldg. 501/G114 IBM Corporation P.O.Box 12195 3039 Cornwallis Research Triangle Park, NC 27709, USA E-mail: wkenneth@us.ibm.com 10.0 Full Copyright Statement Copyright (C) The Internet Society (1997). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. DISMAN Working Group Expires March 1999 [Page 50] Internet Draft Ping, Traceroute and Lookup MIBs May 3, 1999 This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. DISMAN Working Group Expires March 1999 [Page 51]