INTERNET-DRAFT Editor of this version: Will Obsolete: 1907 R. Presuhn BMC Software, Inc. 9 January 2000 Authors of previous version: SNMPv2 Working Group J. Case SNMP Research, Inc. K. McCloghrie Cisco Systems, Inc. M. Rose Dover Beach Consulting, Inc. S. Waldbusser International Network Services Management Information Base for the Simple Network Management Protocol Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html Copyright Notice Copyright (C) The Internet Society (2000). All Rights Reserved. SNMPv3 Working Group Expires June 2000 [Page 1] Internet Draft Protocol Operations for SNMP 9 January 2000 Abstract This internet-draft, a work item of the SNMPv3 working group, is intended to obsolete RFC 1907, Management Information Base for Version 2 of the Simple Network Management Protocol (SNMPv2). Table of Contents 1. Introduction ................................................ 3 2. The SNMP Management Framework ............................... 3 3. Definitions ................................................. 4 4. Notice on Intellectual Property ............................. 23 5. Acknowledgements ............................................ 23 6. Security Considerations ..................................... 24 7. References .................................................. 25 8. Editor's Address ............................................ 26 9. Changes from RFC 1907 ....................................... 27 10. Issues ..................................................... 28 11. Full Copyright Statement ................................... 29 SNMPv3 Working Group Expires June 2000 [Page 2] Internet Draft Protocol Operations for SNMP 9 January 2000 1. Introduction It is the purpose of this document to define managed objects which describe the behavior of an SNMP entity, as defined in the SNMP architecture [RFC2571]. 2. The SNMP Management Framework The SNMP Management Framework at the time of this writing consists of five major components: - An overall architecture, described in RFC 2571 [RFC2571]. - Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in STD 16, RFC 1155 [RFC1155], STD 16, RFC 1212 [RFC1212] and RFC 1215 [RFC1215]. The second version, called SMIv2, is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580]. - Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in STD 15, RFC 1157 [RFC1157]. A second version of the SNMP message protocol, which is not an Internet standards track protocol, is called SNMPv2c and described in RFC 1901 [RFC1901] and RFC -TM [RFC-TM]. The third version of the message protocol is called SNMPv3 and described in RFC -TM [RFC-TM], RFC 2572 [RFC2572] and RFC 2574 [RFC2574]. - Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described in STD 15, RFC 1157 [RFC1157]. A second set of protocol operations and associated PDU formats is described in RFC -PROTO [RFC-PROTO]. - A set of fundamental applications described in RFC 2573 [RFC2573] and the view-based access control mechanism described in RFC 2575 [RFC2575]. A more detailed introduction to the current SNMP Management Framework can be found in RFC 2570 [RFC2570]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the mechanisms defined in the SMI. SNMPv3 Working Group Expires June 2000 [Page 3] Internet Draft Protocol Operations for SNMP 9 January 2000 This memo specifies a MIB module that is compliant to the SMIv2. A MIB conforming to the SMIv1 can be produced through the appropriate translations. The resulting translated MIB must be semantically equivalent, except where objects or events are omitted because no translation is possible (use of Counter64). Some machine readable information in SMIv2 will be converted into textual descriptions in SMIv1 during the translation process. However, this loss of machine readable information is not considered to change the semantics of the MIB. 3. Definitions SNMPv2-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, TimeTicks, Counter32, snmpModules, mib-2 FROM SNMPv2-SMI SnmpAdminString FROM SNMP-FRAMEWORK-MIB TestAndIncr, TimeStamp FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF; snmpMIB MODULE-IDENTITY LAST-UPDATED "200001100424Z" ORGANIZATION "IETF SNMPv3 Working Group" CONTACT-INFO "WG-EMail: snmpv3@tis.com Subscribe: majordomo@tis.com In message body: subscribe snmpv3 Chair: Russ Mundy TIS Labs at Network Associates postal: 3060 Washington Rd Glenwood MD 21738 USA EMail: mundy@tislabs.com phone: +1 301 854-6889 Editor: Randy Presuhn BMC Software, Inc. postal: 2141 North First Street San Jose, CA 95131 USA EMail: randy_presuhn@bmc.com phone: +1 408 546-1006" SNMPv3 Working Group Expires June 2000 [Page 4] Internet Draft Protocol Operations for SNMP 9 January 2000 DESCRIPTION "The MIB module for SNMP entities." REVISION "200001100424Z" DESCRIPTION "This revision of this MIB module was published as RFC 0." REVISION "199511090000Z" DESCRIPTION "This revision of this MIB module was published as RFC 1907." REVISION "199304010000Z" DESCRIPTION "The initial revision of this MIB module was published as RFC 1450." ::= { snmpModules 1 } snmpMIBObjects OBJECT IDENTIFIER ::= { snmpMIB 1 } -- ::= { snmpMIBObjects 1 } this OID is obsolete -- ::= { snmpMIBObjects 2 } this OID is obsolete -- ::= { snmpMIBObjects 3 } this OID is obsolete -- the System group -- -- a collection of objects common to all managed systems. system OBJECT IDENTIFIER ::= { mib-2 1 } sysDescr OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "A textual description of the entity. This value should include the full name and version identification of the system's hardware type, software operating-system, and networking software. This string is encoded using UTF-8. Older implementations MAY restrict the set of supported values to well-formed NVT ASCII." ::= { system 1 } SNMPv3 Working Group Expires June 2000 [Page 5] Internet Draft Protocol Operations for SNMP 9 January 2000 sysObjectID OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-only STATUS current DESCRIPTION "The vendor's authoritative identification of the network management subsystem contained in the entity. This value is allocated within the SMI enterprises subtree (1.3.6.1.4.1) and provides an easy and unambiguous means for determining `what kind of box' is being managed. For example, if vendor `Flintstones, Inc.' was assigned the subtree 1.3.6.1.4.1.4242, it could assign the identifier 1.3.6.1.4.1.4242.1.1 to its `Fred Router'." ::= { system 2 } sysUpTime OBJECT-TYPE SYNTAX TimeTicks MAX-ACCESS read-only STATUS current DESCRIPTION "The time (in hundredths of a second) since the network management portion of the system was last re-initialized." ::= { system 3 } sysContact OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (0..255)) MAX-ACCESS read-write STATUS current DESCRIPTION "The textual identification of the contact person for this managed node, together with information on how to contact this person. If no contact information is known, the value is the zero-length string. This string is encoded using UTF-8. Older implementations MAY restrict the set of supported values to well-formed NVT ASCII." ::= { system 4 } sysName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (0..255)) MAX-ACCESS read-write STATUS current SNMPv3 Working Group Expires June 2000 [Page 6] Internet Draft Protocol Operations for SNMP 9 January 2000 DESCRIPTION "An administratively-assigned name for this managed node. By convention, this is the node's fully-qualified domain name. If the name is unknown, the value is the zero-length string. This string is encoded using UTF-8. Older implementations MAY restrict the set of supported values to well-formed NVT ASCII." ::= { system 5 } sysLocation OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (0..255)) MAX-ACCESS read-write STATUS current DESCRIPTION "The physical location of this node (e.g., `telephone closet, 3rd floor'). If the location is unknown, the value is the zero-length string. This string is encoded using UTF-8. Older implementations MAY restrict the set of supported values to well-formed NVT ASCII." ::= { system 6 } SNMPv3 Working Group Expires June 2000 [Page 7] Internet Draft Protocol Operations for SNMP 9 January 2000 sysServices OBJECT-TYPE SYNTAX INTEGER (0..127) MAX-ACCESS read-only STATUS current DESCRIPTION "A value which indicates the set of services that this entity may potentially offers. The value is a sum. This sum initially takes the value zero, Then, for each layer, L, in the range 1 through 7, that this node performs transactions for, 2 raised to (L - 1) is added to the sum. For example, a node which performs only routing functions would have a value of 4 (2^(3-1)). In contrast, a node which is a host offering application services would have a value of 72 (2^(4-1) + 2^(7-1)). Note that in the context of the Internet suite of protocols, values should be calculated accordingly: layer functionality 1 physical (e.g., repeaters) 2 datalink/subnetwork (e.g., bridges) 3 internet (e.g., supports the IP) 4 end-to-end (e.g., supports the TCP) 7 applications (e.g., supports the SMTP) For systems including OSI protocols, layers 5 and 6 may also be counted." ::= { system 7 } -- object resource information -- -- a collection of objects which describe the SNMP entity's -- (statically and dynamically configurable) support of -- various MIB modules. sysORLastChange OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime at the time of the most recent change in state or value of any instance of sysORID." ::= { system 8 } SNMPv3 Working Group Expires June 2000 [Page 8] Internet Draft Protocol Operations for SNMP 9 January 2000 sysORTable OBJECT-TYPE SYNTAX SEQUENCE OF SysOREntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The (conceptual) table listing the capabilities of the local SNMP application acting as a command responder with respect to various MIB modules. SNMP entities having dynamically-configurable support of MIB modules will have a dynamically-varying number of conceptual rows." ::= { system 9 } sysOREntry OBJECT-TYPE SYNTAX SysOREntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (conceptual row) in the sysORTable." INDEX { sysORIndex } ::= { sysORTable 1 } SysOREntry ::= SEQUENCE { sysORIndex INTEGER, sysORID OBJECT IDENTIFIER, sysORDescr SnmpAdminString, sysORUpTime TimeStamp } sysORIndex OBJECT-TYPE SYNTAX INTEGER (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The auxiliary variable used for identifying instances of the columnar objects in the sysORTable." ::= { sysOREntry 1 } sysORID OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-only STATUS current DESCRIPTION "An authoritative identification of a capabilities statement with respect to various MIB modules supported by the local SNMP application acting as a command responder." ::= { sysOREntry 2 } SNMPv3 Working Group Expires June 2000 [Page 9] Internet Draft Protocol Operations for SNMP 9 January 2000 sysORDescr OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-only STATUS current DESCRIPTION "A textual description of the capabilities identified by the corresponding instance of sysORID." ::= { sysOREntry 3 } sysORUpTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime at the time this conceptual row was last instantiated." ::= { sysOREntry 4 } -- the SNMP group -- -- a collection of objects providing basic instrumentation and -- control of an SNMP entity. snmp OBJECT IDENTIFIER ::= { mib-2 11 } snmpInPkts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of messages delivered to the SNMP entity from the transport service." ::= { snmp 1 } snmpInBadVersions OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of SNMP messages which were delivered to the SNMP entity and were for an unsupported SNMP version." ::= { snmp 3 } SNMPv3 Working Group Expires June 2000 [Page 10] Internet Draft Protocol Operations for SNMP 9 January 2000 snmpInBadCommunityNames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of community-based SNMP messages (for example, SNMPv1) delivered to the SNMP entity which used an SNMP community name not known to said entity. Also, implementations which authenticate community-based SNMP messages using check(s) in addition to matching the community name (for example, by also checking whether the message originated from a transport address allowed to use a specified community name) MAY include in this value the number of messages which failed the additional check(s). It is strongly RECOMMENDED that the documentation for any security model which is used to authenticate community-based SNMP messages specify the precise conditions that contribute to this value." ::= { snmp 4 } snmpInBadCommunityUses OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of community-based SNMP messages (for example, SNMPv1) delivered to the SNMP entity which represented an SNMP operation that was not allowed for the SNMP community named in the message. The precise conditions under which this counter is incremented (if at all) depend on how the SNMP entity implements its access control mechanism and how its applications interact with that access control mechanism. It is strongly RECOMMENDED that the documentation for any access control mechanism which is used to control access to and visibility of MIB instrumentation specify the precise conditions that contribute to this value." ::= { snmp 5 } snmpInASNParseErrs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of ASN.1 or BER errors encountered by the SNMP entity when decoding received SNMP messages." ::= { snmp 6 } SNMPv3 Working Group Expires June 2000 [Page 11] Internet Draft Protocol Operations for SNMP 9 January 2000 snmpEnableAuthenTraps OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates whether the SNMP entity is permitted to generate authenticationFailure traps. The value of this object overrides any configuration information; as such, it provides a means whereby all authenticationFailure traps may be disabled. Note that it is strongly recommended that this object be stored in non-volatile memory so that it remains constant across re-initializations of the network management system." ::= { snmp 30 } snmpSilentDrops OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of Confirmed Class PDUs (such as GetRequest-PDUs, GetNextRequest-PDUs, GetBulkRequest-PDUs, SetRequest-PDUs, and InformRequest-PDUs) delivered to the SNMP entity which were silently dropped because the size of a reply containing an alternate Response Class PDU (such as a Response-PDU) with an empty variable-bindings field was greater than either a local constraint or the maximum message size associated with the originator of the request." ::= { snmp 31 } snmpProxyDrops OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of GetRequest-PDUs, GetNextRequest-PDUs, GetBulkRequest-PDUs, SetRequest-PDUs, and InformRequest-PDUs delivered to the SNMP entity which were silently dropped because the transmission of the (possibly translated) message to a proxy target failed in a manner (other than a time-out) such that no Response-PDU could be returned." ::= { snmp 32 } SNMPv3 Working Group Expires June 2000 [Page 12] Internet Draft Protocol Operations for SNMP 9 January 2000 -- information for notifications -- -- a collection of objects which allow the SNMP entity, when -- supporting a notification originator application, -- to be configured to generate SNMPv2-Trap-PDUs. snmpTrap OBJECT IDENTIFIER ::= { snmpMIBObjects 4 } snmpTrapOID OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The authoritative identification of the notification currently being sent. This variable occurs as the second varbind in every SNMPv2-Trap-PDU and InformRequest-PDU." ::= { snmpTrap 1 } -- ::= { snmpTrap 2 } this OID is obsolete snmpTrapEnterprise OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The authoritative identification of the enterprise associated with the trap currently being sent. When an SNMP proxy agent is mapping an RFC1157 Trap-PDU into a SNMPv2-Trap-PDU, this variable occurs as the last varbind." ::= { snmpTrap 3 } -- ::= { snmpTrap 4 } this OID is obsolete -- well-known traps snmpTraps OBJECT IDENTIFIER ::= { snmpMIBObjects 5 } SNMPv3 Working Group Expires June 2000 [Page 13] Internet Draft Protocol Operations for SNMP 9 January 2000 coldStart NOTIFICATION-TYPE STATUS current DESCRIPTION "A coldStart trap signifies that the SNMP entity, supporting a notification originator application, is reinitializing itself and that its configuration may have been altered." ::= { snmpTraps 1 } warmStart NOTIFICATION-TYPE STATUS current DESCRIPTION "A warmStart trap signifies that the SNMP entity, supporting a notification originator application, is reinitializing itself such that its configuration is unaltered." ::= { snmpTraps 2 } -- Note the linkDown NOTIFICATION-TYPE ::= { snmpTraps 3 } -- and the linkUp NOTIFICATION-TYPE ::= { snmpTraps 4 } -- are defined in RFC 2233 [RFC2233] authenticationFailure NOTIFICATION-TYPE STATUS current DESCRIPTION "An authenticationFailure trap signifies that the SNMP entity has received a protocol message that is not properly authenticated. While all implementations of SNMP entities MAY be capable of generating this trap, the snmpEnableAuthenTraps object indicates whether this trap will be generated." ::= { snmpTraps 5 } -- Note the egpNeighborLoss notification is defined -- as { snmpTraps 6 } in RFC 1213 -- the set group -- -- a collection of objects which allow several cooperating -- command generator applications to coordinate their use of the -- set operation. snmpSet OBJECT IDENTIFIER ::= { snmpMIBObjects 6 } SNMPv3 Working Group Expires June 2000 [Page 14] Internet Draft Protocol Operations for SNMP 9 January 2000 snmpSetSerialNo OBJECT-TYPE SYNTAX TestAndIncr MAX-ACCESS read-write STATUS current DESCRIPTION "An advisory lock used to allow several cooperating command generator applications to coordinate their use of the SNMP set operation. This object is used for coarse-grain coordination. To achieve fine-grain coordination, one or more similar objects might be defined within each MIB group, as appropriate." ::= { snmpSet 1 } -- conformance information snmpMIBConformance OBJECT IDENTIFIER ::= { snmpMIB 2 } snmpMIBCompliances OBJECT IDENTIFIER ::= { snmpMIBConformance 1 } snmpMIBGroups OBJECT IDENTIFIER ::= { snmpMIBConformance 2 } -- compliance statements -- ::= { snmpMIBCompliances 1 } this OID is obsolete snmpBasicCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMP entities which implement the SNMPv2-MIB module." MODULE -- this module MANDATORY-GROUPS { snmpGroup, snmpSetGroup, systemGroup, snmpBasicNotificationsGroup } GROUP snmpCommunityGroup DESCRIPTION "This group is mandatory for SNMP entities which support community-based authentication." ::= { snmpMIBCompliances 2 } SNMPv3 Working Group Expires June 2000 [Page 15] Internet Draft Protocol Operations for SNMP 9 January 2000 -- units of conformance -- ::= { snmpMIBGroups 1 } this OID is obsolete -- ::= { snmpMIBGroups 2 } this OID is obsolete -- ::= { snmpMIBGroups 3 } this OID is obsolete -- ::= { snmpMIBGroups 4 } this OID is obsolete snmpGroup OBJECT-GROUP OBJECTS { snmpInPkts, snmpInBadVersions, snmpInASNParseErrs, snmpSilentDrops, snmpProxyDrops, snmpEnableAuthenTraps } STATUS current DESCRIPTION "A collection of objects providing basic instrumentation and control of an SNMP entity." ::= { snmpMIBGroups 8 } snmpCommunityGroup OBJECT-GROUP OBJECTS { snmpInBadCommunityNames, snmpInBadCommunityUses } STATUS current DESCRIPTION "A collection of objects providing basic instrumentation of a SNMP entity which supports community-based authentication." ::= { snmpMIBGroups 9 } snmpSetGroup OBJECT-GROUP OBJECTS { snmpSetSerialNo } STATUS current DESCRIPTION "A collection of objects which allow several cooperating command generator applications to coordinate their use of the set operation." ::= { snmpMIBGroups 5 } SNMPv3 Working Group Expires June 2000 [Page 16] Internet Draft Protocol Operations for SNMP 9 January 2000 systemGroup OBJECT-GROUP OBJECTS { sysDescr, sysObjectID, sysUpTime, sysContact, sysName, sysLocation, sysServices, sysORLastChange, sysORID, sysORUpTime, sysORDescr } STATUS current DESCRIPTION "The system group defines objects which are common to all managed systems." ::= { snmpMIBGroups 6 } snmpBasicNotificationsGroup NOTIFICATION-GROUP NOTIFICATIONS { coldStart, authenticationFailure } STATUS current DESCRIPTION "The two notifications which an SNMP entity supporting notification originator applications is required to implement." ::= { snmpMIBGroups 7 } snmpAdditionalNotificationsGroup NOTIFICATION-GROUP NOTIFICATIONS { warmStart } STATUS current DESCRIPTION "The notifications which an SNMP entity supporting notification originator applications is required to implement if it is able to reinitialize itself such that its configuration is unaltered." ::= { snmpMIBGroups 11 } notificationGroup OBJECT-GROUP OBJECTS { snmpTrapOID, snmpTrapEnterprise } STATUS current DESCRIPTION "These objects are required for entities which support notification originator applications." ::= { snmpMIBGroups 12 } -- definitions in RFC 1213 made obsolete by the inclusion of a -- subset of the snmp group in this MIB SNMPv3 Working Group Expires June 2000 [Page 17] Internet Draft Protocol Operations for SNMP 9 January 2000 snmpOutPkts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Messages which were passed from the SNMP protocol entity to the transport service." ::= { snmp 2 } -- { snmp 7 } is not used snmpInTooBigs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP PDUs which were delivered to the SNMP protocol entity and for which the value of the error-status field is `tooBig'." ::= { snmp 8 } snmpInNoSuchNames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP PDUs which were delivered to the SNMP protocol entity and for which the value of the error-status field is `noSuchName'." ::= { snmp 9 } snmpInBadValues OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP PDUs which were delivered to the SNMP protocol entity and for which the value of the error-status field is `badValue'." ::= { snmp 10 } SNMPv3 Working Group Expires June 2000 [Page 18] Internet Draft Protocol Operations for SNMP 9 January 2000 snmpInReadOnlys OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number valid SNMP PDUs which were delivered to the SNMP protocol entity and for which the value of the error-status field is `readOnly'. It should be noted that it is a protocol error to generate an SNMP PDU which contains the value `readOnly' in the error-status field, as such this object is provided as a means of detecting incorrect implementations of the SNMP." ::= { snmp 11 } snmpInGenErrs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP PDUs which were delivered to the SNMP protocol entity and for which the value of the error-status field is `genErr'." ::= { snmp 12 } snmpInTotalReqVars OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of MIB objects which have been retrieved successfully by the SNMP protocol entity as the result of receiving valid SNMP Get-Request and Get-Next PDUs." ::= { snmp 13 } snmpInTotalSetVars OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of MIB objects which have been altered successfully by the SNMP protocol entity as the result of receiving valid SNMP Set-Request PDUs." ::= { snmp 14 } SNMPv3 Working Group Expires June 2000 [Page 19] Internet Draft Protocol Operations for SNMP 9 January 2000 snmpInGetRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Get-Request PDUs which have been accepted and processed by the SNMP protocol entity." ::= { snmp 15 } snmpInGetNexts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Get-Next PDUs which have been accepted and processed by the SNMP protocol entity." ::= { snmp 16 } snmpInSetRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Set-Request PDUs which have been accepted and processed by the SNMP protocol entity." ::= { snmp 17 } snmpInGetResponses OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Get-Response PDUs which have been accepted and processed by the SNMP protocol entity." ::= { snmp 18 } snmpInTraps OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Trap PDUs which have been accepted and processed by the SNMP protocol entity." ::= { snmp 19 } SNMPv3 Working Group Expires June 2000 [Page 20] Internet Draft Protocol Operations for SNMP 9 January 2000 snmpOutTooBigs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP PDUs which were generated by the SNMP protocol entity and for which the value of the error-status field is `tooBig.'" ::= { snmp 20 } snmpOutNoSuchNames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP PDUs which were generated by the SNMP protocol entity and for which the value of the error-status is `noSuchName'." ::= { snmp 21 } snmpOutBadValues OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP PDUs which were generated by the SNMP protocol entity and for which the value of the error-status field is `badValue'." ::= { snmp 22 } -- { snmp 23 } is not used snmpOutGenErrs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP PDUs which were generated by the SNMP protocol entity and for which the value of the error-status field is `genErr'." ::= { snmp 24 } SNMPv3 Working Group Expires June 2000 [Page 21] Internet Draft Protocol Operations for SNMP 9 January 2000 snmpOutGetRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Get-Request PDUs which have been generated by the SNMP protocol entity." ::= { snmp 25 } snmpOutGetNexts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Get-Next PDUs which have been generated by the SNMP protocol entity." ::= { snmp 26 } snmpOutSetRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Set-Request PDUs which have been generated by the SNMP protocol entity." ::= { snmp 27 } snmpOutGetResponses OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Get-Response PDUs which have been generated by the SNMP protocol entity." ::= { snmp 28 } snmpOutTraps OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Trap PDUs which have been generated by the SNMP protocol entity." ::= { snmp 29 } SNMPv3 Working Group Expires June 2000 [Page 22] Internet Draft Protocol Operations for SNMP 9 January 2000 snmpObsoleteGroup OBJECT-GROUP OBJECTS { snmpOutPkts, snmpInTooBigs, snmpInNoSuchNames, snmpInBadValues, snmpInReadOnlys, snmpInGenErrs, snmpInTotalReqVars, snmpInTotalSetVars, snmpInGetRequests, snmpInGetNexts, snmpInSetRequests, snmpInGetResponses, snmpInTraps, snmpOutTooBigs, snmpOutNoSuchNames, snmpOutBadValues, snmpOutGenErrs, snmpOutGetRequests, snmpOutGetNexts, snmpOutSetRequests, snmpOutGetResponses, snmpOutTraps } STATUS obsolete DESCRIPTION "A collection of objects from RFC 1213 made obsolete by this MIB." ::= { snmpMIBGroups 10 } END 4. Notice on Intellectual Property The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards-related documentation can be found in BCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification can be obtained from the IETF Secretariat. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director. SNMPv3 Working Group Expires June 2000 [Page 23] Internet Draft Protocol Operations for SNMP 9 January 2000 5. Acknowledgements The previous versions of this document, edited by Keith McCloghrie, was the result of significant work by four major contributors: Jeffrey D. Case (SNMP Research, case@snmp.com) Keith McCloghrie (Cisco Systems, kzm@cisco.com) Marshall T. Rose (Dover Beach Consulting, mrose@dbc.mtview.ca.us) Steven Waldbusser (International Network Services, stevew@uni.ins.com) In addition, the contributions of the SNMPv2 and SNMPv3 Working Groups are acknowledged. In particular, a special thanks is extended for the contributions of: Alexander I. Alten (Novell) Dave Arneson (Cabletron) Uri Blumenthal (IBM) Doug Book (Chipcom) Kim Curran (Bell-Northern Research) Jim Galvin (Trusted Information Systems) Maria Greene (Ascom Timeplex) Iain Hanson (Digital) Dave Harrington (Cabletron) Nguyen Hien (IBM) Jeff Johnson (Cisco Systems) Michael Kornegay (Object Quest) Deirdre Kostick (AT&T Bell Labs) David Levi (SNMP Research) Daniel Mahoney (Cabletron) Russ Mundy (TIS Labs at Network Associates, Chair) Bob Natale (ACE*COMM) Brian O'Keefe (Hewlett Packard) Andrew Pearson (SNMP Research) Dave Perkins (Peer Networks) Aleksey Romanov (Quality Quorum) Shawn Routhier (Epilogue) Jon Saperia (BGS Systems) Juergen Schoenwaelder (TU Braunschweig) Bob Stewart (Cisco Systems) Kaj Tesink (Bellcore) Glenn Waters (Bell-Northern Research) Bert Wijnen (IBM) 6. Security Considerations There are a number of management objects defined in this MIB that have a MAX-ACCESS clause of read-write. Such objects may be SNMPv3 Working Group Expires June 2000 [Page 24] Internet Draft Protocol Operations for SNMP 9 January 2000 considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. SNMPv1 by itself is not a secure environment. Even if the network itself is secure (for example by using IPSec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change) the objects in this MIB. It is recommended that the implementors consider the security features as provided by the SNMPv3 framework. Specifically, the use of the User-based Security Model RFC 2574 [RFC2574] and the View- based Access Control Model RFC 2575 [RFC2575] is recommended. It is then a customer/user responsibility to ensure that the SNMP entity giving access to an instance of this MIB, is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change) them. 7. References [RFC2571] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing SNMP Management Frameworks", RFC 2571, April 1999. [RFC1155] Rose, M., and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based Internets", STD 16, RFC 1155, May 1990. [RFC1212] Rose, M., and K. McCloghrie, "Concise MIB Definitions", STD 16, RFC 1212, March 1991. [RFC1215] Rose, M., "A Convention for Defining Traps for use with the SNMP", RFC 1215, March 1991. [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. SNMPv3 Working Group Expires June 2000 [Page 25] Internet Draft Protocol Operations for SNMP 9 January 2000 [RFC1157] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network Management Protocol", STD 15, RFC 1157, May 1990. [RFC1901] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, January 1996. [RFC-TM] Presuhn, R., SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport Mappings for the Simple Network Management Protocol", , January 2000. [RFC2572] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2572, April 1999. [RFC2574] Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2574, April 1999. [RFC-PROTO] Presuhn, R., SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol Operations for the Simple Network Management Protocol", , January 2000. [RFC2573] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC 2573, April 1999. [RFC2575] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2575, April 1999. [RFC2570] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction to Version 3 of the Internet-standard Network Management Framework", RFC 2570, April 1999. [RFC2233] McCloghrie, K., and F. Kastenholz, "The Interfaces Group MIB using SMIv2", RFC 2233, November 1997. 8. Editor's Address Randy Presuhn BMC Software, Inc. 2141 North First Street San Jose, CA 95131 USA SNMPv3 Working Group Expires June 2000 [Page 26] Internet Draft Protocol Operations for SNMP 9 January 2000 Phone: +1 408 546 1006 EMail: randy_presuhn@bmc.com 9. Changes from RFC 1907 These are the changes from RFC 1907: - Corrected typo in copyright statement; - Updated copyright date; - Updated with new editor's name and contact information; - Cosmetic fixes to layout and typography; - Changed title; - Replace introduction with current MIB boilerplate; - Updated references; - Fixed typo in sysORUpTime; - Re-worded description of snmpSilentDrops; - Updated reference to RFC 1573 to 2233; - Added IPR boilerplate as required by RFC 2026; - Weakened authenticationFailure description from MUST to MAY, clarified that it pertains to all SNMP entities; - Clarified descriptions of snmpInBadCommunityNames and snmpInBadCommunityUses; - Updated module-identity and contact information; - Updated the acknowledgements section; - Replaced references to "manager role", "agent role" and "SNMPv2 entity" with appropriate terms from RFC 2571; - Updated document headers and footers; - Added security considerations, based on current recommendations for MIB modules. - Added NOTIFICATION-GROUP and OBJECT-GROUP constructs for SNMPv3 Working Group Expires June 2000 [Page 27] Internet Draft Protocol Operations for SNMP 9 January 2000 NOTIFICATION-TYPEs and OBJECT-TYPEs that were left unreferenced in RFC 1907. - Replaced references to DisplayString with SnmpAdminString, with additional text on compatibility concerns. 10. Issues This section is to be deleted when it is time to publish this document as an RFC. The issue labels are the same as those used in the on-line issues list at ftp://amethyst.bmc.com/pub/snmpv3/Update567/rfc1907/index.html 1907-01 Done; title changed. 1907-02 Done; replaced introduction with current MIB boilerplate. 1907-03 Done; resolution was to make no change. 1907-04 Done; replaced occurrences of "SNMPv2 entity", "manager role", and "agent role" with appropriate terms from architecture. 1907-05 Done; typo fixed. 1907-06 Done; resolution was to make no change. 1907-07 Done; description of snmpSilentDrops updated. 1907-08 Done; reference to RFC 1573 replaced with reference to RFC 2233. 1907-09 Done; resolution was to make no change. 1907-10 Done; resolution was to make no change. 1907-11 Done; resolution was to make no change. 1907-12 Done; added security considerations based on recommended text from http://www.ops.ietf.org/ 1907-13 NOT COMPLETE; references updated, acknowledgements need more work. 1907-14 Done; IPR boilerplate aligned with RFC 2026. 1907-15 Done; authenticationFailure weakened to MAY but SNMPv3 Working Group Expires June 2000 [Page 28] Internet Draft Protocol Operations for SNMP 9 January 2000 permitted for all protocol versions. 1907-16 Done; resolution was to make no change. 1907-17 Done; clarified descriptions of snmpInBadCommunityNames and snmpInBadCommunityUses. 1907-18 Done; replaced DisplayString with SnmpAdminString and added DESCRIPTION text for compatibility. 11. Full Copyright Statement Copyright (C) The Internet Society (2000). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SNMPv3 Working Group Expires June 2000 [Page 29]