Network Working Group J. Mulik Internet-Draft P. Conrad Expires: November 6, 2002 K. Pinzhoffer Temple University May 8, 2002 Reliable Server Pooling : Management Information Base using SMIv2 draft-ietf-rserpool-mib-00.txt Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http:// www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on November 6, 2002. Copyright Notice Copyright (C) The Internet Society (2002). All Rights Reserved. Abstract RserPool [20] is a framework to provide reliable server pooling. This document defines a SMIv2 compliant Management Information Base (MIB) providing access to managed object in an RSerPool implementation. Mulik, et al. Expires November 6, 2002 [Page 1] Internet-Draft RSerPool MIB May 2002 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. The SNMP Management Framework . . . . . . . . . . . . . . . . 4 3. Structure of the MIB . . . . . . . . . . . . . . . . . . . . . 6 3.1 Access to managed objects on an ENRP nameserver . . . . . . . 7 3.2 Access to managed objects on Pool Elements . . . . . . . . . . 8 4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 9 5. Security Considerations . . . . . . . . . . . . . . . . . . . 15 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16 References . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 19 Full Copyright Statement . . . . . . . . . . . . . . . . . . . 20 Mulik, et al. Expires November 6, 2002 [Page 2] Internet-Draft RSerPool MIB May 2002 1. Introduction This memo defines a Management Information Base (MIB) module which describes managed objects for RserPool implementations. The MIB defined in this memo is described using the Structure of Management Information version 2, as defined in RFC1902 [6], RFC1903 [7], and RFC1904 [8]. Mulik, et al. Expires November 6, 2002 [Page 3] Internet-Draft RSerPool MIB May 2002 2. The SNMP Management Framework The SNMP Management Framework presently consists of five major components: o An overall architecture, described in RFC 2571 [12]. o Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in STD 16, RFC 1155 [1], STD 16, RFC 1212 [3] and RFC 1215 [4]. The second version, called SMIv2, is described in STD 58, RFC 2578 [17], STD 58, RFC 2579 [18] and STD 58, RFC 2580 [19]. o Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in STD 15, RFC 1157 [2]. A second version of the SNMP message protocol, which is not an Internet standards track protocol, is called SNMPv2c and described in RFC 1901 [5] and RFC 1906 [10]. The third version of the message protocol is called SNMPv3 and described in RFC 1906 [10], RFC 2572 [13] and RFC 2574 [15]. o Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described in STD 15, RFC 1157 [2]. A second set of protocol operations and associated PDU formats is described in RFC 1905 [9]. o A set of fundamental applications described in RFC 2573 [14] and the view-based access control mechanism described in RFC 2575 [16]. A more detailed introduction to the current SNMP Management Framework can be found in RFC 2570 [11]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the mechanisms defined in the SMI. This memo specifies a MIB module that is compliant to the SMIv2. A MIB conforming to the SMIv1 can be produced through the appropriate translations. The resulting translated MIB must be semantically equivalent, except where objects or events are omitted because no translation is possible (use of Counter64). Some machine readable information in SMIv2 will be converted into textual descriptions in SMIv1 during the translation process. However, this loss of machine readable information is not considered to change the semantics of the Mulik, et al. Expires November 6, 2002 [Page 4] Internet-Draft RSerPool MIB May 2002 MIB. Mulik, et al. Expires November 6, 2002 [Page 5] Internet-Draft RSerPool MIB May 2002 3. Structure of the MIB The following diagram illustrates the structure of the MIB. Structure of MIB rserpoolMIB | +----------------+-------------------+ | | nameserver poolElements | | |--poolHandleCount |--poolHandleCount | | |--poolHandleTable |--poolHandleTable | | | | | +--poolHandleEntry | +--poolHandleEntry | | | | | |--poolHandleIndex | |--poolHandleIndex | | | | | |--poolElementCount | |--poolElementCount | | | | | +--poolHandle | +--poolHandle | | | | |--poolElementTable |--poolElementTable | | | | | +--poolElementEntry | +--poolElementEntry | | | | | |--poolElementIndex | |--poolElementIndex | | | | | |--poolElementIPAddrCount | |--poolElementIPAddrCount | | | | | |--poolElementHostname | |--poolElementHostname | | | | | |--policyType | |--policyType | | | | | |--policyValue | |--policyValue | | | | | |--noOfRequests | |--noOfRequests | | | | | |--noOfRequestsInQueue | |--noOfRequestsInQueue | | | | | |--SCTPPort | |--SCTPPort | | | | | +--uptimePE | +--uptimePE | | Mulik, et al. Expires November 6, 2002 [Page 6] Internet-Draft RSerPool MIB May 2002 |--addrListTable +--addrListTable | | | | +--addrListTableEntry +--addrListTableEntry | | | | |--addrListTableIndex |--addrListTableIndex | | | | +--hostIPAddress +--hostIPAddress | +--uptimeNS As the figure shows, the MIB is in two main branches. The first branch, "nameserver" is used to access managed objects at an ENRP server. The second branch, "poolElements" is used to access managed objects in the set of Pool Elements that are running on a given host. In fact, the structure of the two branches is identical, except for one detail: the nameserver branch has an extra element called uptimeNS, which indicates the uptime of the ENRP server process itself. We now proceed with a separate description of the two branches. Because the two branches are so similar, we describe only the first branch in detail, and provide a summary description of the second branch. 3.1 Access to managed objects on an ENRP nameserver The first branch describes managed objects at an ENRP nameserver. Any given ENRP server will, at a certain moment in time, have registration information for a set of active poolHandles. Each of these poolHandles in turn may have a list of poolElements that are registered under that poolHandle. To allow this information to be retrieved via SNMP, the nameserver branch of the RSerPool MIB uses the table-in-table technique described in [21]. Specifically, the nameserver branch creates three levels of nesting, as indicated in the following diagram: Nesting of Nameserver Branch Nesting Structure: Level 1: poolHandleTable Level 2: poolElementTable Level 3: addrListTable The nameserver branch contains five elements. The first element is the poolHandleCount, which indicates the total number of server pools Mulik, et al. Expires November 6, 2002 [Page 7] Internet-Draft RSerPool MIB May 2002 currently registered with this name server. It is mainly used as a means of indexing into the poolHandleTable, which is the second element on this branch. The poolHandleTable contains a single entry for each poolHandle that is currently registered. Each "conceptual row" in the poolHandleTable consists of a poolHandleEntry, with three elements: a poolHandleIndex, a poolElementCount, and an OCTET STRING representation of the pool handle itself. The poolElementCount is the number of pool elements registered with this pool handle. The poolHandleIndex is simply an integer that is used to index into the poolHandleTable and the poolElementTable. The value of this integer is between zero and (poolHandleCount - 1). Note that the value of poolHandleIndex is defined as "not-accessible" in the MAX-ACCESS clause; this is a standard technique used when defining a table-in- table data structure. The third element on the nameserver branch is the poolElementTable. Because the poolElementTable is the "inner" table of the table-in-table structure, its index consists of a pair, as indicated in the clause "INDEX { poolHandleIndex, poolElementIndex }". The fourth element of the nameserver branch takes the nesting to one additional level, listing the various IP addresses associated with a particular poolElement, and thus is indexed by a triple: "INDEX { poolHandleIndex, poolElementIndex, addrListTableIndex }". The fifth and final element on the nameserver branch is the uptimeNS, which simply provides the uptime of the ENRP server since the last restart of the ENRP server process. 3.2 Access to managed objects on Pool Elements Note that on a given host, there may be an ENRP server process along with a set of pool element processes. The nameserver branch provides access to information about pool elements that has been communicated to an ENRP server via the ASAP protocol. By contrast, the "poolElements" branch of the MIB provides direct access to managed objects in the pool elements themselves. It is anticipated that a manager may want to query the pool elements directly when investigating network problems related to communication between an ENRP server and a pool element. Any given host may have, at a certain point in time, several active pool element processes. These processes might or might not all have unique poolHandles. Clearly, it is feasible that a given host may be running multiple servers, each with a separate poolHandle. What may be less obvious is that there may also be multiple servers with the same poolhandle; consider, for example, a host with multiple CPUs that might have one server process per CPU, all providing the same service and thus sharing the same pool handle, but with distinct poolElement characteristics such as load, SCTPPort, policy value, etc. Therefore, as on the nameserver branch, the table-in-table technique is indicated. For simplicity, we use the exact same structure. Mulik, et al. Expires November 6, 2002 [Page 8] Internet-Draft RSerPool MIB May 2002 4. Definitions RSERPOOL--MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, TimeTicks, Unsigned32 FROM SNMPv2-SMI; rserpoolMIB MODULE-IDENTITY LAST-UPDATED "200111120000Z" ORGANIZATION "Netlab, TEMPLE UNIVERSITY" CONTACT-INFO " JAIWANT-MULIK PHILLIP-CONRAD KEVIN-PINZHOFFER Postal: 1805, N Broad St. Philadelphia, PA USA 19121 Phones: +1 215 204 7910 Emails: jmulik@temple.edu conrad@acm.org kpinzhof@temple.edu" DESCRIPTION "The MIB module for managing a RserPool implementation" ::= { xxxx } -- IANA Assigned -- Top level definitions nameServer OBJECT IDENTIFIER ::= { rserpoolMIB 1 } poolElements OBJECT IDENTIFIER ::= { rserpoolMIB 2 } -- Definition of the pool handle table poolHandleCount OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of pool handles supported by this name server" ::= { nameServer 1 } poolHandleTable OBJECT-TYPE Mulik, et al. Expires November 6, 2002 [Page 9] Internet-Draft RSerPool MIB May 2002 SYNTAX SEQUENCE OF poolHandleEntry MAX-ACCESS read-only STATUS current DESCRIPTION "The conceptual table listing the pool handles served by this name server" ::= { nameServer 2 } poolHandleEntry OBJECT-TYPE SYNTAX PoolHandleEntry MAX-ACCESS read-only STATUS current DESCRIPTION "The conceptual row in poolHandleTable." INDEX { poolHandleIndex } ::= { poolHandleTable 1 } PoolHandleEntry ::= SEQUENCE { poolHandleIndex Unsigned32, poolElementCount Unsigned32, poolHandle OCTET STRING } poolHandleIndex OBJECT-TYPE SYNTAX UNSIGNED32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "Index to the poolHandleTable. This value is between, 0 and (poolHandleCount-1)" ::= { poolHandleEntry 1} poolElementCount OBJECT-TYPE SYNTAX UNSIGNED32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of pool elements that belong to this pool handle" ::= { poolHandleEntry 2 } poolHandle OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "The pool handle of this row" ::= { poolHandleEntry 3 } Mulik, et al. Expires November 6, 2002 [Page 10] Internet-Draft RSerPool MIB May 2002 -- Definition of pool element table poolElementTable OBJECT-TYPE SYNTAX SEQUENCE OF poolElementEntry MAX-ACCESS read-only STATUS current DESCRIPTION "The conceptual table listing the PEs per pool handle" ::= { nameServer 3 } poolElementEntry OBJECT-TYPE SYNTAX PoolELementEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The conceptual row in poolElementTable. Note the compound index element. We are using the table-in-table idea here." INDEX { poolHandleIndex, poolElementIndex } ::= { poolElementTable 1 } PoolElementEntry ::= SEQUENCE { poolElementIndex Unsigned32, poolElementIPAddressCount Unsigned32, poolElementHostname OCTET STRING, policyType Unsigned32, policyValue Unsigned32, noOfRequests Unsigned32, noOfRequestsInQueue Unsigned32, sctpPort INTEGER, upTimePE TimeTicks } poolElementIndex OBJECT-TYPE SYNTAX UNSIGNED32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "Indexes into the poolElementTable. This value is between, 0 and (poolElementCount-1) of the corresponding poolHandleTable" ::={ poolElementEntry 1 } poolElementIPAddressCount OBJECT-TYPE SYNTAX UNSIGNED32 MAX-ACCESS read-only STATUS current DESCRIPTION Mulik, et al. Expires November 6, 2002 [Page 11] Internet-Draft RSerPool MIB May 2002 "Counts the number of IP addresses assigned to a hostname" ::= { poolElementEntry 2 } poolElementHostname OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "Hostname of a pool element" ::= { poolElementEntry 3 } policyType OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The policy type for this pool element" ::= { poolElementEntry 4 } policyValue OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The policy value for this pool element" ::= { poolElementEntry 5 } noOfRequests OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of service requests that this PE is currenly processing" ::= { poolElementEntry 6} noOfRequestsInQueue OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of service requests currently queued by the PE" ::= { poolElementEntry 7 } Mulik, et al. Expires November 6, 2002 [Page 12] Internet-Draft RSerPool MIB May 2002 sctpPort OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The SCTP port from this pool elements PE parameter" ::= { poolElementEntry 8 } upTimePE OBJECT-TYPE SYNTAX TimeTicks MAX-ACCESS read-only STATUS current DESCRIPTION "Time since last start of the PE" ::= { poolElementEntry 9 } --- Definition of addresslist Table addrListTable OBJECT-TYPE SYNTAX SEQUENCE OF addrListTableEntry MAX-ACCESS read-only STATUS current DESCRIPTION "This table holds all the IP addresses of a multi-homed host" ::= { nameServer 4 } addrListTableEntry OBJECT-TYPE SYNTAX AddrListTableEntry MAX-ACCESS read-only STATUS current INDEX { poolHandleIndex, poolElementIndex, addrListTableIndex } DESCRIPTION "A row in the addrList table" ::= { addrListTable 1 } AddrListTableEntry ::= SEQUENCE { addrListTableIndex Unsigned32, hostIPAddress IpAddress } addrListTableIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "Indexes into the addrListTable. This values is between 0 and (poolElementIPAddressCount-1)." Mulik, et al. Expires November 6, 2002 [Page 13] Internet-Draft RSerPool MIB May 2002 ::= { addrListTableEntry 1} hostIPAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION " The address column in the addrListTable " ::= { addrListTableEntry 2 } -- uptimeNS OBJECT-TYPE SYNTAX TimeTicks MAX-ACCESS read-only STATUS current DESCRIPTION "Time since the last start of this service" ::= { nameServer 5 } END The definitions of the managed objects under the "poolElements" branch are identical to those under the nameserver branch with the single exception that the uptimeNS element is not present. Therefore, for sake of brevity and to avoid inadvertant inconsistencies due to typos, we omit the full elaboration of the poolElement branch. However, we repeat for emphasis that the semantics of the two branches are different, as noted earlier in this memo. Mulik, et al. Expires November 6, 2002 [Page 14] Internet-Draft RSerPool MIB May 2002 5. Security Considerations SNMPv1 by itself is not a secure environment. Even if the network itself is secure (for example by using IPSec), even then, there is no control as to who on the secure network is allowed to access and GET/ SET (read/change/create/delete) the objects in this MIB. It is recommended that the implementers consider the security features as provided by the SNMPv3 framework. Specifically, the use of the User-based Security Model RFC 2574 [15] and the View-based Access Control Model RFC 2575 [16] is recommended. It is then a customer/user responsibility to ensure that the SNMP entity giving access to an instance of this MIB, is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/ create/delete) them. Mulik, et al. Expires November 6, 2002 [Page 15] Internet-Draft RSerPool MIB May 2002 6. IANA Considerations IANA will need to assign an OID prefix for the RSerPool MIB. Mulik, et al. Expires November 6, 2002 [Page 16] Internet-Draft RSerPool MIB May 2002 References [1] Rose, M. and K. McCloghrie, "Structure and identification of management information for TCP/IP-based internets", STD 16, RFC 1155, May 1990. [2] Case, J., Fedor, M., Schoffstall, M. and J. Davin, "Simple Network Management Protocol (SNMP)", STD 15, RFC 1157, May 1990. [3] Rose, M. and K. McCloghrie, "Concise MIB definitions", STD 16, RFC 1212, March 1991. [4] Rose, M., "Convention for defining traps for use with the SNMP", RFC 1215, March 1991. [5] McCloghrie, K., Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, January 1996. [6] McCloghrie, K., Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Structure of Management Information for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1902, January 1996. [7] McCloghrie, K., Case, J., Rose, M. and S. Waldbusser, "Textual Conventions for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1903, January 1996. [8] McCloghrie, K., Case, J., Rose, M. and S. Waldbusser, "Conformance Statements for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1904, January 1996. [9] McCloghrie, K., Case, J., Rose, M. and S. Waldbusser, "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, January 1996. [10] McCloghrie, K., Case, J., Rose, M. and S. Waldbusser, "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1906, January 1996. [11] Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction to Version 3 of the Internet-standard Network Management Framework", RFC 2570, April 1999. [12] Wijnen, B., Harrington, D. and R. Presuhn, "An Architecture for Describing SNMP Management Frameworks", RFC 2571, May 1999. Mulik, et al. Expires November 6, 2002 [Page 17] Internet-Draft RSerPool MIB May 2002 [13] Case, J., Harrington, D., Presuhn, R. and B. Wijnen, "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2572, May 1999. [14] Levi, D., Meyer, P. and B. Stewart, "SNMP Applications", RFC 2573, April 1999. [15] Blumenthal, U. and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2574, April 1999. [16] Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2575, April 1999. [17] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [18] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [19] McCloghrie, K., Perkins, D. and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. [20] Ong, L., Shore, M., Stillman, M., Xie, Q., Loughney, J., Tuexen, M. and M. Stewart, "Architecture for Reliable Server Pooling", draft-ietf-rserpool-arch-02 (work in progress), April 2002. [21] Perkins, D. and E. McGinnis, "Understanding SNMP MIBs", 1997, . Mulik, et al. Expires November 6, 2002 [Page 18] Internet-Draft RSerPool MIB May 2002 Authors' Addresses Jaiwant Mulik Temple University CIS Department Room 303, Computer Building (038-24) 1805 N. Broad St. Philadelphia, PA 19122 US Phone: +1 215 204 3197 EMail: jmulik@temple.edu URI: http://unix.temple.edu/~jmulik Phillip T. Conrad Temple University CIS Department Room 303, Computer Building (038-24) 1805 N. Broad St. Philadelphia, PA 19122 US Phone: +1 215 204 7910 EMail: conrad@joda.cis.temple.edu URI: http://www.cis.temple.edu/~conrad Kevin Pinzhoffer Temple University CIS Department Room 303, Computer Building (038-24) 1805 N. Broad St. Philadelphia, PA 19122 US Phone: +1 215 204 3197 EMail: kpinzhof@temple.edu Mulik, et al. Expires November 6, 2002 [Page 19] Internet-Draft RSerPool MIB May 2002 Full Copyright Statement Copyright (C) The Internet Society (2002). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Acknowledgement Funding for the RFC Editor function is currently provided by the Internet Society. Mulik, et al. Expires November 6, 2002 [Page 20]