idnits 2.17.1 draft-ietf-atommib-acct-06.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts. ** The document seems to lack a 1id_guidelines paragraph about the list of Shadow Directories. ** The document is more than 15 pages and seems to lack a Table of Contents. == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Abstract section. ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 4 instances of too long lines in the document, the longest one being 6 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (4 October 1998) is 9336 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: '20' is defined on line 1216, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2271 (ref. '1') (Obsoleted by RFC 2571) ** Downref: Normative reference to an Informational RFC: RFC 1215 (ref. '4') ** Obsolete normative reference: RFC 1902 (ref. '5') (Obsoleted by RFC 2578) ** Obsolete normative reference: RFC 1903 (ref. '6') (Obsoleted by RFC 2579) ** Obsolete normative reference: RFC 1904 (ref. '7') (Obsoleted by RFC 2580) ** Downref: Normative reference to an Historic RFC: RFC 1157 (ref. '8') ** Downref: Normative reference to an Historic RFC: RFC 1901 (ref. '9') ** Obsolete normative reference: RFC 1906 (ref. '10') (Obsoleted by RFC 3417) ** Obsolete normative reference: RFC 2272 (ref. '11') (Obsoleted by RFC 2572) ** Obsolete normative reference: RFC 2274 (ref. '12') (Obsoleted by RFC 2574) ** Obsolete normative reference: RFC 1905 (ref. '13') (Obsoleted by RFC 3416) ** Obsolete normative reference: RFC 2273 (ref. '14') (Obsoleted by RFC 2573) ** Obsolete normative reference: RFC 2275 (ref. '15') (Obsoleted by RFC 2575) ** Obsolete normative reference: RFC 1907 (ref. '16') (Obsoleted by RFC 3418) -- Possible downref: Non-RFC (?) normative reference: ref. '17' -- Possible downref: Non-RFC (?) normative reference: ref. '18' == Outdated reference: A later version (-09) exists of draft-ietf-atommib-atm2TC-08 Summary: 24 errors (**), 0 flaws (~~), 4 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Internet Engineering Task Force Keith McCloghrie 2 INTERNET DRAFT Cisco Systems, Inc. 3 Expires January 1999 Juha Heinanen 4 Telia Finland, Inc. 5 Wedge Greene 6 MCI Telecommunications Corp. 7 Anil Prasad 8 Cisco Systems, Inc. 9 4 October 1998 11 Managed Objects for Controlling the Collection 12 and Storage of Accounting Information for 13 Connection-Oriented Networks 15 draft-ietf-atommib-acct-06.txt 17 Status of this Memo 19 This document is an Internet-Draft. Internet-Drafts are working 20 documents of the Internet Engineering Task Force (IETF), its areas, and 21 its working groups. Note that other groups may also distribute working 22 documents as Internet-Drafts. 24 Internet-Drafts are draft documents valid for a maximum of six months 25 and may be updated, replaced, or obsoleted by other documents at any 26 time. It is inappropriate to use Internet- Drafts as reference material 27 or to cite them other than as ``work in progress.'' 29 To learn the current status of any Internet-Draft, please check the 30 ``1id-abstracts.txt'' listing contained in the Internet- Drafts Shadow 31 Directories on ftp.ietf.org (US East Coast), nic.nordu.net (Europe), 32 ftp.isi.edu (US West Coast), or munnari.oz.au (Pacific Rim). 34 Copyright Notice 36 Copyright (C) The Internet Society (1998). All Rights Reserved. 38 1. Introduction 40 This memo defines a portion of the Management Information Base (MIB) for 41 use with network management protocols in the Internet community. In 42 particular, it describes managed objects used for controlling the 43 collection and storage of accounting information for connection-oriented 44 networks such as ATM. The accounting data is collected into files for 45 later retrieval via a file transfer protocol. For information on data 46 which can be collected for ATM networks, see [19]. 48 2. The SNMP Network Management Framework 50 The SNMP Management Framework presently consists of five major 51 components: 53 o An overall architecture, described in RFC 2271 [1]. 55 o Mechanisms for describing and naming objects and events for the 56 purpose of management. The first version of this Structure of 57 Management Information (SMI) is called SMIv1 and described in RFC 58 1155 [2], RFC 1212 [3] and RFC 1215 [4]. The second version, 59 called SMIv2, is described in RFC 1902 [5], RFC 1903 [6] and RFC 60 1904 [7]. 62 o Message protocols for transferring management information. The 63 first version of the SNMP message protocol is called SNMPv1 and 64 described in RFC 1157 [8]. A second version of the SNMP message 65 protocol, which is not an Internet standards track protocol, is 66 called SNMPv2c and described in RFC 1901 [9] and RFC 1906 [10]. 67 The third version of the message protocol is called SNMPv3 and 68 described in RFC 1906 [10], RFC 2272 [11] and RFC 2274 [12]. 70 o Protocol operations for accessing management information. The 71 first set of protocol operations and associated PDU formats is 72 described in RFC 1157 [8]. A second set of protocol operations and 73 associated PDU formats is described in RFC 1905 [13]. 75 o A set of fundamental applications described in RFC 2273 [14] and 76 the view-based access control mechanism described in RFC 2275 [15]. 78 Managed objects are accessed via a virtual information store, termed the 79 Management Information Base or MIB. Objects in the MIB are defined 80 using the mechanisms defined in the SMI. 82 This memo specifies a MIB module that is compliant to the SMIv2. A MIB 83 conforming to the SMIv1 can be produced through the appropriate 84 translations. The resulting translated MIB must be semantically 85 equivalent, except where objects or events are omitted because no 86 translation is possible (e.g., use of Counter64). Some machine readable 87 information in SMIv2 will be converted into textual descriptions in 88 SMIv1 during the translation process. However, this loss of machine 89 readable information is not considered to change the semantics of the 90 MIB. 92 3. Overview 94 In some connection-oriented network environments, there is a need for 95 the network administrator to be able to collect accounting data on the 96 usage of bandwidth/resources by connections (e.g., ATM connections) 97 within the network. Data collection should be available for switched 98 virtual connections (SVCs and SVPs), and permanent virtual connections 99 (PVCs and PVPs), including soft-permanent virtual connections (SPVCCs 100 and SPVPCs). This need exists for ATM networks, and may well exist for 101 other connection-oriented networks, such as Frame Relay. 103 The potential quantity of such accounting information is such that it is 104 not, in general, feasible to retrieve the information via SNMP. A 105 better method is to store the collected accounting information in a file 106 which can be subsequently retrieved via a file transfer protocol. 108 It is, however, appropriate to provide management control of the 109 selection and collection of such accounting data via SNMP. This memo 110 describes a MIB module which provides such control in a manner 111 independent of the type of network. One or more other documents provide 112 definitions of particular items of accounting data which can be 113 selected; for example, a particular set of data items which can be 114 collected for ATM networks is specified in [19]. 116 3.1. Operational Model 118 The requirement is for switches (e.g., ATM switches) to collect data 119 concerning the connections which are routed across some subset of their 120 interfaces (e.g., ATM UNI and/or NNI interfaces). The collected data is 121 stored into one or more "files". The use of multiple files allows, for 122 example, the data collected for PVCs to be different from that collected 123 for SVCs. 125 In order to retrieve the data currently being stored in a file, the 126 administrator instructs the switch to terminate the collection of data 127 into that file, and start collecting data into a new file. After this 128 operation, the data in the old file is available for retrieval via file 129 transfer. 131 A collection file is defined to have a maximum size. When the size of 132 the file currently being collected exceeds a threshold percentage of 133 that maximum size, an SNMP notification (e.g., a trap) can be optionally 134 generated. An SNMP notification might also be generated if the file 135 reaches its maximum size. 137 The accounting data collected for each connection consists of a set of 138 objects and their values. The set of objects and their values are 139 collected on one or more of the following occasions: 141 (1) on the release (termination) of a connection optionally including 142 failed connection attempts; 144 (2) for each active connection (having a particular minimum age) on a 145 periodic basis; 147 (3) for each active connection (having a particular minimum age) when 148 so commanded by a management application. 150 While collecting data to be stored in a particular file, the same set of 151 objects is collected for each connection on each occasion. Having the 152 same set of objects stored on each occasion allows the optimization of 153 storing only the values of those objects. This results in a 154 significantly smaller file size, since it allows the names of the 155 objects to be stored once and only once at the beginning of the file, 156 rather than having to store every value as a (name, value) pair. 158 Two modes of agent behaviour are allowed on the event of a file reaching 159 its maximum size: 161 (1) management application in control: 163 The agent does not automatically swap to a new file; rather, it 164 discards newly collected data until the management application 165 subsequently instructs it to swap to a new file. Before swapping 166 to a new file, the name of the file into which data is currently 167 being collected is an implementation issue of no concern to an NM 168 application; after swapping to a new file, the name of the file 169 available for retrieval is as specified by the controlling MIB 170 objects. This behaviour allows the application to know exactly how 171 many files need to be retrieved and their names without having to 172 perform any type of file directory operation, but also results in 173 the possibility that data will be discarded if the application does 174 not instruct the agent to swap within the required time frame. 176 (2) agent automatically swaps to new file: 178 The agent terminates collection into the current (full) file, and 179 begins collecting data into a new version of the same base file 180 name. This behaviour aims to avoid loss of data by assuming that 181 additional storage space is actually available to create a new 182 version of the file. To support this behaviour, files are named 183 using suffixes, such that when the current version of the file 184 becomes full, the agent begins collecting data into a file with the 185 same base file-name but with an incremented (or otherwise modified) 186 suffix. This requires the application to perform file directory 187 operations prior to retrieving completed files in order to know how 188 many and which suffixes have been used. 190 With either behaviour, any completed file must be an integral number of 191 connection records (see below). When a file reaches its maximum size, 192 collection into that file is terminated either immediately before or 193 immediately after storing the whole of the current connection record 194 into the file. The former causes the file to be just less than its 195 maximum size, and the latter causes the file to be just greater than its 196 maximum size. 198 3.2. Selection of Accounting Data 200 The items of accounting data to be collected are specified as a set of 201 objects. Which objects are contained in such a set is selectable by an 202 administrator through the specification of one or more (subtree, list) 203 tuples, where the set of objects to be collected is the union of the 204 subsets specified by each tuple: 206 'subtree' specifies an OBJECT IDENTIFIER value such that every 207 object in the subset is named by the subtree's value appended 208 with a single additional sub-identifier. 210 'list' specifies an OCTET STRING value, such that if the N-th bit of 211 the string's value is set then the the subset contains the 212 object named by appending N as a single additional sub- 213 identifier to the subtree. 215 The rationale for defining each subset as a (subtree,list) tuple is that 216 one and only one OBJECT IDENTIFIER and one OCTET STRING is needed to 217 define the subset of objects. This simplifies the MIB mechanisms needed 218 for selection: an NM application needs to create only one conceptual row 219 in a MIB table for each subset (rather than needing to create a 220 conceptual row in a table for each and every object in the set). 222 The number of tuples supported by a particular switch is an 223 implementation choice. One possibility is to support two (subtree, 224 list) tuples so that one such tuple can specify a standard 'subtree' 225 (e.g., the atmAcctngDataObjects subtree defined in [19]), and the second 226 tuple can specify an enterprise-specific 'subtree'; this would allow the 227 selected set of objects to be the union of a set of standard objects and 228 a set of enterprise-defined objects. 230 3.3. Format of Collection File 232 A collection file generated by this process contains the values of MIB 233 objects defined using the SMIv2. The standard way to encode the values 234 of SNMP MIB objects in a device-independent manner is through the use of 235 ASN.1's Basic Encoding Rules (BER) [18]. Thus, the standard format of 236 an accounting file is defined here using the same adapted subset of 237 ASN.1 [17] as the SMIv2. 239 The file consists of a set of header information followed by a sequence 240 of zero or more collection records. The header information identifies 241 (via sysName [16]) the switch which collected the data, the date and 242 time at which the collection in to this file started, and the sequence 243 of one or more (subtree, list) tuples identifying the objects whose 244 values are contained in each connection record. The header information 245 also includes a textual description of the data contained in the file. 247 Each connection record contains a sequence of values for each identified 248 tuple, in the same order as the tuples are identified in the header 249 information. For each tuple, the sequence of values are in ascending 250 order of the sub-identifier which identifies them within the subtree. 252 Formally, an accounting file is an ASN.1 value with the following 253 syntax: 255 File ::= 256 [1] 257 IMPLICIT SEQUENCE { 258 -- header information 259 sysName -- name of the switch 260 DisplayString, 262 description -- textual description of the collection 263 DisplayString, 265 startTime -- start time of the collection 266 DateAndTime, 268 SEQUENCE OF { -- sequence of (subtree, list) tuples 269 SEQUENCE { 270 subtree 271 OBJECT IDENTIFIER, 272 list 273 OCTET STRING 274 } 275 } 276 -- sequence of connection records 277 SEQUENCE OF { 278 -- each record containing a sequence 279 SEQUENCE OF { -- per identified tuple 281 SEQUENCE OF { -- each per-tuple sequence containing 282 value -- a sequence of object values 283 ObjectSyntax 284 } 285 } 286 } 287 } 289 where: 291 (1) the value of the sysName component is that of the sysName object in 292 the System group [16]. 294 (2) each (subtree, list) specifies the set of objects contained in that 295 tuple's sequence within each and every connection record. 297 (3) the tuples' sequences within each connection record occur in the 298 same order as the (subtree, list) tuples occur in the header 299 information. 301 (4) the object values within each connection record occur in the same 302 order as they are represented by the bits in the corresponding list 303 value. 305 (5) ObjectSyntax is defined by the SMIv2 [5]. 307 (6) One particular category of object values deserves special 308 attention: an object defined to hold the checksum value of an 309 accounting record (e.g., atmAcctngRecordCrc16, defined in [19]). 310 An object in this category will generally have a SYNTAX of a 311 fixed-length OCTET STRING, and have its value initialized to the 312 string of all zeros when composing the accounting record containing 313 it, with the location of these zeros being saved. Once the record 314 is generated, the checksum is calculated over the whole connection 315 record (including the starting SEQUENCE OF and the trailing end- 316 of-contents octets, if used), and then the zeros are overwritten 317 (at the saved location) by the calculated value of the checksum. 319 The encoding of the above syntax using the Basic Encoding Rules is the 320 same as defined by the SNMPv2 [10], with the following exception: 322 - when encoding the length field for a structured type, i.e., a 323 SEQUENCE or SEQUENCE OF, the indefinite form encoding is permitted. 325 For example, the file containing the data: 327 [1] IMPLICIT SEQUENCE a1 80 328 OCTET STRING 04 09 73 77 69 74 63 68 2d 31 32 329 OCTET STRING 04 0a 41 63 63 6f 75 6e 74 69 6e 67 330 OCTET STRING 04 08 07 cc 07 14 10 05 00 00 331 SEQUENCE OF 30 0e 332 SEQUENCE 30 0c 333 OBJECT IDENTIFIER 06 07 2b 06 01 03 7f 01 01 334 OCTET STRING 04 01 c0 335 SEQUENCE OF 30 80 336 SEQUENCE OF 30 08 337 SEQUENCE OF 30 06 338 INTEGER 02 01 00 339 INTEGER 02 01 21 340 SEQUENCE OF 30 08 341 SEQUENCE OF 30 06 342 INTEGER 02 01 00 343 INTEGER 02 01 22 344 end-of-contents 00 00 345 end-of-contents 00 00 347 contains two connection records, each containing one tuple listing two 348 (integer) data items in a (fictitious) subtree: 1.3.6.1.3.127.1.1. Its 349 header indicates it's for "switch-12", with description "Accounting", 350 and was collected at 16:05:00 on 20 July 1996. 352 As well as the standard format defined above, the MIB allows other 353 enterprise-specific formats to be used. 355 4. Definitions 357 ACCOUNTING-CONTROL-MIB DEFINITIONS ::= BEGIN 359 IMPORTS 360 MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, 361 mib-2, Integer32 FROM SNMPv2-SMI 362 TEXTUAL-CONVENTION, RowStatus, TestAndIncr, 363 DisplayString, TruthValue FROM SNMPv2-TC 364 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP 365 FROM SNMPv2-CONF 366 ifIndex FROM IF-MIB; 368 accountingControlMIB MODULE-IDENTITY 369 LAST-UPDATED "9809281000Z" 370 ORGANIZATION "IETF AToM MIB Working Group" 371 CONTACT-INFO "Keith McCloghrie 372 Cisco Systems, Inc. 373 170 West Tasman Drive, 374 San Jose CA 95134-1706. 375 Phone: +1 408 526 5260 376 Email: kzm@cisco.com" 377 DESCRIPTION 378 "The MIB module for managing the collection and storage of 379 accounting information for connections in a connection- 380 oriented network such as ATM." 381 ::= { mib-2 xx } -- to be filled in by IANA 383 acctngMIBObjects OBJECT IDENTIFIER ::= { accountingControlMIB 1 } 385 acctngSelectionControl OBJECT IDENTIFIER ::= { acctngMIBObjects 1 } 386 acctngFileControl OBJECT IDENTIFIER ::= { acctngMIBObjects 2 } 387 acctngInterfaceControl OBJECT IDENTIFIER ::= { acctngMIBObjects 3 } 388 acctngTrapControl OBJECT IDENTIFIER ::= { acctngMIBObjects 4 } 389 -- Textual Conventions 391 DataCollectionSubtree ::= TEXTUAL-CONVENTION 392 STATUS current 393 DESCRIPTION 394 "The subtree component of a (subtree, list) tuple. Such a 395 (subtree, list) tuple defines a set of objects and their 396 values to be collected as accounting data for a connection. 397 The subtree specifies a single OBJECT IDENTIFIER value such 398 that each object in the set is named by the subtree value 399 appended with a single additional sub-identifier." 400 SYNTAX OBJECT IDENTIFIER 402 DataCollectionList ::= TEXTUAL-CONVENTION 403 STATUS current 404 DESCRIPTION 405 "The list component of a (subtree, list) tuple. Such a 406 (subtree, list) tuple defines a set of objects and their 407 values to be collected as accounting data for a connection. 408 The subtree specifies a single OBJECT IDENTIFIER value such 409 that each object in the set is named by the subtree value 410 appended with a single additional sub-identifier. The list 411 specifies a set of data items, where the presence of an item 412 in the list indicates that the item is (to be) present in 413 the data collected for a connection; the absence of an item 414 from the list indicates that the item is not (to be) present 415 in the data collected for a connection. Each data item is 416 represented by an integer which when appended (as as 417 additional sub-identifier) to the OBJECT IDENTIFIER value of 418 the subtree identified by the tuple, is the name of an 419 object defining that data item (its description and its 420 syntax). 422 The list is specified as an OCTET STRING in which each data 423 item is represented by a single bit, where data items 1 424 through 8 are represented by the bits in the first octet, 425 data items 9 through 16 by the bits in the second octet, 426 etc. In each octet, the lowest numbered data item is 427 represented by the most significant bit, and the highest 428 numbered data item by the least significant bit. A data 429 item is present in the list when its bit is set, and absent 430 when its bit is reset. If the length of an OCTET STRING 431 value is too short to represent one or more data items 432 defined in a subtree, then those data items are absent from 433 the set identified by the tuple of that subtree and that 434 OCTET STRING value." 435 SYNTAX OCTET STRING (SIZE(0..8)) 437 FileIndex ::= TEXTUAL-CONVENTION 438 STATUS current 439 DESCRIPTION 440 "An arbitrary integer value identifying a file into which 441 accounting data is being collected." 442 SYNTAX Integer32 (1..65535) 444 -- The Accounting Information Selection table 446 acctngSelectionTable OBJECT-TYPE 447 SYNTAX SEQUENCE OF AcctngSelectionEntry 448 MAX-ACCESS not-accessible 449 STATUS current 450 DESCRIPTION 451 "A list of accounting information selection entries. 453 Note that additions, modifications and deletions of entries 454 in this table can occur at any time, but such changes only 455 take effect on the next occasion when collection begins into 456 a new file. Thus, between modification and the next 'swap', 457 the content of this table does not reflect the current 458 selection." 459 ::= { acctngSelectionControl 1 } 461 acctngSelectionEntry OBJECT-TYPE 462 SYNTAX AcctngSelectionEntry 463 MAX-ACCESS not-accessible 464 STATUS current 465 DESCRIPTION 466 "An entry identifying an (subtree, list) tuple used to 467 select a set of accounting information which is to be 468 collected." 469 INDEX { acctngSelectionIndex } 470 ::= { acctngSelectionTable 1 } 472 AcctngSelectionEntry ::= 473 SEQUENCE { 474 acctngSelectionIndex Integer32, 475 acctngSelectionSubtree DataCollectionSubtree, 476 acctngSelectionList DataCollectionList, 477 acctngSelectionFile FileIndex, 478 acctngSelectionType BITS, 479 acctngSelectionRowStatus RowStatus 480 } 482 acctngSelectionIndex OBJECT-TYPE 483 SYNTAX Integer32 (1..65535) 484 MAX-ACCESS not-accessible 485 STATUS current 486 DESCRIPTION 487 "An arbitrary integer value which uniquely identifies a 488 tuple stored in this table. This value is required to be 489 the permanent 'handle' for an entry in this table for as 490 long as that entry exists, including across restarts and 491 power outages." 492 ::= { acctngSelectionEntry 1 } 494 acctngSelectionSubtree OBJECT-TYPE 495 SYNTAX DataCollectionSubtree 496 MAX-ACCESS read-create 497 STATUS current 498 DESCRIPTION 499 "The combination of acctngSelectionSubtree and 500 acctngSelectionList specifies one (subtree, list) tuple 501 which is to be collected." 502 ::= { acctngSelectionEntry 2 } 504 acctngSelectionList OBJECT-TYPE 505 SYNTAX DataCollectionList 506 MAX-ACCESS read-create 507 STATUS current 508 DESCRIPTION 509 "The combination of acctngSelectionSubtree and 510 acctngSelectionList specifies one (subtree, list) tuple 511 which is to be collected." 512 ::= { acctngSelectionEntry 3 } 514 acctngSelectionFile OBJECT-TYPE 515 SYNTAX FileIndex 516 MAX-ACCESS read-create 517 STATUS current 518 DESCRIPTION 519 "An indication of the file into which the accounting 520 information identified by this entry is to be stored. If 521 there is no conceptual row in the acctngFileTable for which 522 the value of acctngFileIndex has the same value as this 523 object, then the information selected by this entry is not 524 collected." 525 ::= { acctngSelectionEntry 4 } 527 acctngSelectionType OBJECT-TYPE 528 SYNTAX BITS { svcIncoming(0), 529 svcOutgoing(1), 530 svpIncoming(2), 531 svpOutgoing(3), 532 pvc(4), 533 pvp(5), 534 spvcOriginator(6), 535 spvcTarget(7), 536 spvpOriginator(8), 537 spvpTarget(9) } 538 MAX-ACCESS read-create 539 STATUS current 540 DESCRIPTION 541 "Indicates the types of connections for which the 542 information selected by this entry are to be collected." 543 DEFVAL { { svcIncoming, svcOutgoing, 544 svpIncoming, svpOutgoing } } 545 ::= { acctngSelectionEntry 5 } 547 acctngSelectionRowStatus OBJECT-TYPE 548 SYNTAX RowStatus 549 MAX-ACCESS read-create 550 STATUS current 551 DESCRIPTION 552 "The status of this conceptual row. An agent may refuse to 553 create new conceptual rows and/or modify existing conceptual 554 rows, if such creation/modification would cause multiple 555 rows to have the same values of acctngSelectionSubtree and 556 acctngSelectionList. 558 A conceptual row can not have the status of 'active' until 559 values have been assigned to the acctngSelectionSubtree, 560 acctngSelectionList and acctngSelectionFile columnar objects 561 within that row. 563 An agent must not refuse to change the values of the 564 acctngSelectionSubtree, acctngSelectionList and 565 acctngSelectionFile columnar objects within a conceptual row 566 even while that row's status is 'active'. Similarly, an 567 agent must not refuse to destroy an existing conceptual row 568 while the file referenced by that row's instance of 569 acctngSelectionFile is in active use, i.e., while the 570 corresponding instance of acctngFileRowStatus has the value 571 'active'. However, such changes only take effect upon the 572 next occasion when collection begins into a new (version of 573 the) file." 574 ::= { acctngSelectionEntry 6 } 576 -- The Accounting File table 578 acctngFileTable OBJECT-TYPE 579 SYNTAX SEQUENCE OF AcctngFileEntry 580 MAX-ACCESS not-accessible 581 STATUS current 582 DESCRIPTION 583 "A list of files into which accounting information is to be 584 stored." 585 ::= { acctngFileControl 1 } 587 acctngFileEntry OBJECT-TYPE 588 SYNTAX AcctngFileEntry 589 MAX-ACCESS not-accessible 590 STATUS current 591 DESCRIPTION 592 "An entry identifying a file into which accounting 593 information is to be collected." 594 INDEX { acctngFileIndex } 595 ::= { acctngFileTable 1 } 597 AcctngFileEntry ::= 598 SEQUENCE { 599 acctngFileIndex FileIndex, 600 acctngFileName DisplayString, 601 acctngFileNameSuffix DisplayString, 602 acctngFileDescription DisplayString, 603 acctngFileCommand INTEGER, 604 acctngFileMaximumSize Integer32, 605 acctngFileCurrentSize Integer32, 606 acctngFileFormat INTEGER, 607 acctngFileCollectMode BITS, 608 acctngFileCollectFailedAttempts BITS, 609 acctngFileInterval Integer32, 610 acctngFileMinAge Integer32, 611 acctngFileRowStatus RowStatus 612 } 614 acctngFileIndex OBJECT-TYPE 615 SYNTAX FileIndex 616 MAX-ACCESS not-accessible 617 STATUS current 618 DESCRIPTION 619 "A unique value identifying a file into which accounting 620 data is to be stored. This value is required to be the 621 permanent 'handle' for an entry in this table for as long as 622 that entry exists, including across restarts and power 623 outages." 624 ::= { acctngFileEntry 1 } 626 acctngFileName OBJECT-TYPE 627 SYNTAX DisplayString (SIZE(1..32)) 628 MAX-ACCESS read-create 629 STATUS current 630 DESCRIPTION 631 "The name of the file into which accounting data is to be 632 stored. If files are named using suffixes, then the name of 633 the current file is the concatenation of acctngFileName and 634 acctngFileNameSuffix. 636 An agent will respond with an error (e.g., 'wrongValue') to 637 a management set operation which attempts to modify the 638 value of this object to the same value as already held by 639 another instance of acctngFileName. An agent will also 640 respond with an error (e.g., 'wrongValue') if the new value 641 is invalid for use as a file name on the local file system 642 (e.g., many file systems do not support white space embedded 643 in file names). 645 The value of this object can not be modified while the 646 corresponding instance of acctngFileRowStatus is 'active'." 647 ::= { acctngFileEntry 2 } 649 acctngFileNameSuffix OBJECT-TYPE 650 SYNTAX DisplayString (SIZE(0..8)) 651 MAX-ACCESS read-only 652 STATUS current 653 DESCRIPTION 654 "The suffix, if any, of the name of a file into which 655 accounting data is currently being stored. If suffixes are 656 not used, then the value of this object is the zero-length 657 string. Note that if a separator, such as a period, is used 658 in appending the suffix to the file name, then that 659 separator appears as the first character of this value." 660 ::= { acctngFileEntry 3 } 662 acctngFileDescription OBJECT-TYPE 663 SYNTAX DisplayString 664 MAX-ACCESS read-create 665 STATUS current 666 DESCRIPTION 667 "The textual description of the accounting data which will 668 be stored (on the next occasion) when header information is 669 stored in the file. The value of this object may be 670 modified at any time." 671 DEFVAL { "" } 672 ::= { acctngFileEntry 4 } 674 acctngFileCommand OBJECT-TYPE 675 SYNTAX INTEGER { 676 -- the following two values are states: 677 -- they may be read but not written 678 idle(1), 679 cmdInProgress(2), 680 -- the following two values are actions: 681 -- they may be written, but are never read 682 swapToNewFile(3), 683 collectNow(4) 684 } 685 MAX-ACCESS read-create 686 STATUS current 687 DESCRIPTION 688 "A control object for the collection of accounting data. 689 When read the value is either 'idle' or 'cmdInProgress'. 690 Writing a value is only allowed when the current value is 691 'idle'. When a value is successfully written, the value 692 changes to 'cmdInProgress' until completion of the action, 693 at which time the value reverts to 'idle'. Actions are 694 invoked by writing the following values: 696 'swapToNewFile' - the collection of data into the current 697 file is terminated, and collection continues into 698 a new (version of the) file. 700 'collectNow' - the agent creates and stores a connection 701 record into the current file for each active 702 connection having a type matching 703 acctngSelectionType and an age greater than 704 acctngFileMinAge." 705 DEFVAL { idle } 706 ::= { acctngFileEntry 5 } 708 acctngFileMaximumSize OBJECT-TYPE 709 SYNTAX Integer32 (100..2147483647) 710 UNITS "bytes" 711 MAX-ACCESS read-create 712 STATUS current 713 DESCRIPTION 714 "The maximum size of the file (including header 715 information). When the file of collected data reaches this 716 size, either the agent automatically swaps to a new version 717 (i.e., a new value acctngFileNameSuffix) of the file, or new 718 records are discarded. Since a file must contain an 719 integral number of connection records, the actual maximum 720 size of the file may be just less OR Just greater than the 721 value of this object. 723 The value of this object can not be modified while the 724 corresponding instance of acctngFileRowStatus is 'active'. 725 The largest value of the maximum file size in some agents 726 will be less than 2147483647 bytes." 727 DEFVAL { 5000000 } 728 ::= { acctngFileEntry 6 } 730 acctngFileCurrentSize OBJECT-TYPE 731 SYNTAX Integer32 (0..2147483647) 732 UNITS "bytes" 733 MAX-ACCESS read-only 734 STATUS current 735 DESCRIPTION 736 "The current size of the file into which data is currently 737 being collected, including header information." 738 ::= { acctngFileEntry 7 } 740 acctngFileFormat OBJECT-TYPE 741 SYNTAX INTEGER { other(1), ber(2) } 742 MAX-ACCESS read-create 743 STATUS current 744 DESCRIPTION 745 "An indication of the format in which the accounting data is 746 to be stored in the file. If the value is modified, the new 747 value takes effect after the next 'swap' to a new file. The 748 value ber(2) indicates the standard format." 749 DEFVAL { ber } 750 ::= { acctngFileEntry 8 } 752 acctngFileCollectMode OBJECT-TYPE 753 SYNTAX BITS { onRelease(0), periodically(1) } 754 MAX-ACCESS read-create 755 STATUS current 756 DESCRIPTION 757 "An indication of when accounting data is to be written into 758 this file. Note that in addition to the occasions indicated 759 by the value of this object, an agent always writes 760 information on appropriate connections to the file when the 761 corresponding instance of acctngFileCommand is set to 762 'collectNow'. 764 - 'onRelease' - whenever a connection (or possibly, 765 connection attempt) is terminated, either through 766 a Release message or through management removal, 767 information on that connection is written. 769 - 'periodically' - information on appropriate connections 770 is written on the expiry of a periodic timer, 772 This value may be modified at any time." 773 DEFVAL { { onRelease } } 774 ::= { acctngFileEntry 9 } 776 acctngFileCollectFailedAttempts OBJECT-TYPE 777 SYNTAX BITS { soft(0), regular(1) } 778 MAX-ACCESS read-create 779 STATUS current 780 DESCRIPTION 781 "An indication of whether connection data is to be collected 782 for failed connection attempts when the value of the 783 corresponding instance of acctngFileCollectMode includes 784 'onRelease'. The individual values have the following 785 meaning: 787 'soft' - indicates that connection data is to be collected 788 for failed Soft PVCs/PVPs which originate or terminate at 789 the relevant interface. 791 'regular' - indicates that connection data is to be 792 collected for failed SVCs, including Soft PVCs/PVPs not 793 originating or terminating at the relevant interface. 795 This value may be modified at any time." 796 DEFVAL { { soft, regular } } 797 ::= { acctngFileEntry 10 } 799 acctngFileInterval OBJECT-TYPE 800 SYNTAX Integer32 (60..86400) 801 UNITS "seconds" 802 MAX-ACCESS read-create 803 STATUS current 804 DESCRIPTION 805 "The number of seconds between the periodic collections of 806 accounting data when the value of the corresponding instance 807 of acctngFileCollectMode includes 'periodically'. Some 808 agents may impose restrictions on the range of this 809 interval. This value may be modified at any time." 810 DEFVAL { 3600 } 811 ::= { acctngFileEntry 11 } 813 acctngFileMinAge OBJECT-TYPE 814 SYNTAX Integer32 (60..86400) 815 UNITS "seconds" 816 MAX-ACCESS read-create 817 STATUS current 818 DESCRIPTION 819 "The minimum age of a connection, as used to determine the 820 set of connections for which data is to be collected at the 821 periodic intervals and/or when acctngFileCommand is set to 822 'collectNow'. The age of a connection is the elapsed time 823 since it was last installed. 825 When the periodic interval expires for a file or when 826 acctngFileCommand is set to 'collectNow', accounting data is 827 collected and stored in the file for each connection having 828 a type matching acctngSelectionType and whose age at that 829 time is greater than the value of acctngFileMinAge 830 associated with the file. This value may be modified at any 831 time." 832 DEFVAL { 3600 } 833 ::= { acctngFileEntry 12 } 835 acctngFileRowStatus OBJECT-TYPE 836 SYNTAX RowStatus 837 MAX-ACCESS read-create 838 STATUS current 839 DESCRIPTION 840 "The status of this conceptual row. 842 This object can not be set to 'active' until a value has 843 been assigned to the corresponding instance of 844 acctngFileName. Collection of data into the file does not 845 begin until this object has the value 'active' and one or 846 more (active) instances of acctngSelectionFile refer to it. 847 If this value is modified after a collection has begun, 848 collection into this file terminates and a new (or new 849 version of the) file is immediately made ready for future 850 collection (as if acctngFileCommand had been set to 851 'swapToNewFile'), but collection into the new (or new 852 version of the) file does not begin until the value is 853 subsequently set back to active." 854 ::= { acctngFileEntry 13 } 856 -- Overall Control 858 acctngAdminStatus OBJECT-TYPE 859 SYNTAX INTEGER { enabled(1), disabled(2) } 860 MAX-ACCESS read-write 861 STATUS current 862 DESCRIPTION 863 "A control object to indicate the administratively desired 864 state of the collection of accounting records across all 865 interfaces. 867 Modifying the value of acctngAdminStatus to 'disabled' does 868 not remove or change the current configuration as 869 represented by the active rows in the acctngSelectionTable, 870 acctngFileTable and acctngInterfaceTable tables." 871 ::= { acctngInterfaceControl 1 } 873 acctngOperStatus OBJECT-TYPE 874 SYNTAX INTEGER { enabled(1), disabled(2) } 875 MAX-ACCESS read-only 876 STATUS current 877 DESCRIPTION 878 "A status object to indicate the operational state of the 879 collection of accounting records across all interfaces. 881 When the value of acctngAdminStatus is modified to be 882 'enabled', the value of this object will change to 'enabled' 883 providing it is possible to begin collecting accounting 884 records. 886 When the value of acctngAdminStatus is modified to be 887 'disabled', the value of this object will change to 888 'disabled' as soon as the collection of accounting records 889 has terminated." 890 ::= { acctngInterfaceControl 2 } 892 acctngProtection OBJECT-TYPE 893 SYNTAX TestAndIncr 894 MAX-ACCESS read-write 895 STATUS current 896 DESCRIPTION 897 "A control object to protect against duplication of control 898 commands. Over some transport/network protocols, it is 899 possible for SNMP messages to get duplicated. Such 900 duplication, if it occurred at just the wrong time could 901 cause serious disruption to the collection and retrieval of 902 accounting data, e.g., if a SNMP message setting 903 acctngFileCommand to 'swapToNewFile' were to be duplicated, 904 a whole file of accounting data could be lost. 906 To protect against such duplication, a management 907 application should retrieve the value of this object, and 908 include in the Set operation needing protection, a variable 909 binding which sets this object to the retrieved value." 910 ::= { acctngInterfaceControl 3 } 912 acctngAgentMode OBJECT-TYPE 913 SYNTAX INTEGER { swapOnCommand(1), swapOnFull(2) } 914 MAX-ACCESS read-only 915 STATUS current 916 DESCRIPTION 917 "An indication of the behaviour mode of the agent when a 918 file becomes full: 920 'swapOnCommand' - the agent does not automatically swap 921 to a new file; rather, it discards newly collected 922 data until a management application subsequently 923 instructs it to swap to a new file. 925 'swapOnFull' - the agent terminates collection into the 926 current file as and when that file becomes full." 927 ::= { acctngInterfaceControl 4 } 929 -- Per-interface control table 931 acctngInterfaceTable OBJECT-TYPE 932 SYNTAX SEQUENCE OF AcctngInterfaceEntry 933 MAX-ACCESS not-accessible 934 STATUS current 935 DESCRIPTION 936 "A table controlling the collection of accounting data on 937 specific interfaces of the switch." 938 ::= { acctngInterfaceControl 5 } 940 acctngInterfaceEntry OBJECT-TYPE 941 SYNTAX AcctngInterfaceEntry 942 MAX-ACCESS not-accessible 943 STATUS current 944 DESCRIPTION 945 "An entry which controls whether accounting data is to be 946 collected on an interface. The types of interfaces which 947 are represented in this table is implementation-specific." 948 INDEX { ifIndex } 949 ::= { acctngInterfaceTable 1 } 951 AcctngInterfaceEntry ::= 952 SEQUENCE { 953 acctngInterfaceEnable TruthValue 954 } 956 acctngInterfaceEnable OBJECT-TYPE 957 SYNTAX TruthValue 958 MAX-ACCESS read-write 959 STATUS current 960 DESCRIPTION 961 "Indicates whether the collection of accounting data is 962 enabled on this interface." 963 ::= { acctngInterfaceEntry 1 } 965 -- Objects for controlling the use of Notifications 967 acctngControlTrapThreshold OBJECT-TYPE 968 SYNTAX INTEGER (0..99) 969 MAX-ACCESS read-write 970 STATUS current 971 DESCRIPTION 972 "A percentage of the maximum file size at which a 'nearly- 973 full' trap is generated. The value of 0 indicates that no 974 'nearly-full' trap is to be generated." 975 ::= { acctngTrapControl 1 } 977 acctngControlTrapEnable OBJECT-TYPE 978 SYNTAX TruthValue 979 MAX-ACCESS read-write 980 STATUS current 981 DESCRIPTION 982 "An indication of whether the acctngFileNearlyFull and 983 acctngFileFull traps are enabled." 984 ::= { acctngTrapControl 2 } 986 -- notifications 988 acctngNotifications OBJECT IDENTIFIER ::= { accountingControlMIB 2 } 990 acctngNotifyPrefix OBJECT IDENTIFIER ::= { acctngNotifications 0 } 992 acctngFileNearlyFull NOTIFICATION-TYPE 993 OBJECTS { acctngFileName, 994 acctngFileMaximumSize, 995 acctngControlTrapThreshold, 996 acctngFileNameSuffix } 997 STATUS current 998 DESCRIPTION 999 "An indication that the size of the file into which 1000 accounting information is currently being collected has 1001 exceeded the threshold percentage of its maximum file size. 1002 This notification is generated only at the time of the 1003 transition from not-exceeding to exceeding." 1004 ::= { acctngNotifyPrefix 1 } 1006 acctngFileFull NOTIFICATION-TYPE 1007 OBJECTS { acctngFileName, 1008 acctngFileMaximumSize, 1009 acctngFileNameSuffix } 1010 STATUS current 1011 DESCRIPTION 1012 "An indication that the size of the file into which 1013 accounting information is currently being collected has 1014 transistioned to its maximum file size. This notification 1015 is generated (for all values of acctngAgentMode) at the time 1016 of the transition from not-full to full. If acctngAgentMode 1017 has the value 'swapOnCommand', it is also generated 1018 periodically thereafter until such time as collection of 1019 data is no longer inhibited by the file full condition." 1020 ::= { acctngNotifyPrefix 2 } 1022 -- conformance information 1024 acctngConformance OBJECT IDENTIFIER ::= { accountingControlMIB 3 } 1025 acctngGroups OBJECT IDENTIFIER ::= { acctngConformance 1 } 1026 acctngCompliances OBJECT IDENTIFIER ::= { acctngConformance 2 } 1028 acctngCompliance MODULE-COMPLIANCE 1029 STATUS current 1030 DESCRIPTION 1031 "The compliance statement for switches which implement the 1032 Accounting Control MIB." 1034 MODULE -- this module 1035 MANDATORY-GROUPS { acctngBasicGroup, 1036 acctngNotificationsGroup } 1038 OBJECT acctngSelectionType 1039 SYNTAX BITS { svcIncoming(0), svcOutgoing(1) } 1040 DESCRIPTION "The minimal requirement is collection for SVCs." 1042 OBJECT acctngSelectionRowStatus 1043 MIN-ACCESS read-only 1044 DESCRIPTION "Write access is not required." 1046 OBJECT acctngFileName 1047 MIN-ACCESS read-only 1048 DESCRIPTION "Write access is not required." 1050 OBJECT acctngFileCommand 1051 MIN-ACCESS read-only 1052 DESCRIPTION "Write access is not required." 1054 OBJECT acctngFileFormat 1055 SYNTAX INTEGER { ber(2) } 1056 MIN-ACCESS read-only 1057 DESCRIPTION "Only the standard format is required, and write 1058 access is not required." 1060 OBJECT acctngFileMaximumSize 1061 MIN-ACCESS read-only 1062 DESCRIPTION "Write access is not required." 1064 OBJECT acctngFileCollectMode 1065 SYNTAX BITS { onRelease(0) } 1066 MIN-ACCESS read-only 1067 DESCRIPTION "The minimal requirement is for collection on 1068 connection release." 1070 OBJECT acctngFileInterval 1071 MIN-ACCESS read-only 1072 DESCRIPTION "Write access is not required." 1074 OBJECT acctngFileCollectFailedAttempts 1075 MIN-ACCESS read-only 1076 DESCRIPTION "Write access is not required." 1078 OBJECT acctngFileRowStatus 1079 MIN-ACCESS read-only 1080 DESCRIPTION "Write access is not required." 1082 ::= { acctngCompliances 1 } 1084 -- units of conformance 1086 acctngBasicGroup OBJECT-GROUP 1087 OBJECTS { acctngSelectionSubtree, acctngSelectionList, 1088 acctngSelectionFile, acctngSelectionType, 1089 acctngSelectionRowStatus, acctngFileName, 1090 acctngFileNameSuffix, acctngFileDescription, 1091 acctngFileCommand, acctngFileMaximumSize, 1092 acctngFileCurrentSize, acctngFileRowStatus, 1093 acctngFileFormat, acctngFileCollectMode, 1094 acctngFileCollectFailedAttempts, acctngFileInterval, 1095 acctngFileMinAge, 1096 acctngAdminStatus, acctngOperStatus, 1097 acctngProtection, acctngAgentMode, 1098 acctngInterfaceEnable, 1099 acctngControlTrapThreshold, 1100 acctngControlTrapEnable 1101 } 1102 STATUS current 1103 DESCRIPTION 1104 "A collection of objects providing control of the basic 1105 collection of accounting data for connection-oriented 1106 networks." 1107 ::= { acctngGroups 1 } 1109 acctngNotificationsGroup NOTIFICATION-GROUP 1110 NOTIFICATIONS { acctngFileNearlyFull, acctngFileFull } 1111 STATUS current 1112 DESCRIPTION 1113 "The notifications of events relating to controlling the 1114 collection of accounting data." 1115 ::= { acctngGroups 2 } 1117 END 1118 5. Acknowledgements 1120 The comments of the IETF's AToM MIB Working Group are acknowledged. 1122 6. References 1124 [1] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for 1125 Describing SNMP Management Frameworks", RFC 2271, Cabletron 1126 Systems, Inc., BMC Software, Inc., IBM T. J. Watson Research, 1127 January 1998 1129 [2] Rose, M., and K. McCloghrie, "Structure and Identification of 1130 Management Information for TCP/IP-based Internets", RFC 1155, 1131 Performance Systems International, Hughes LAN Systems, May 1990 1133 [3] Rose, M., and K. McCloghrie, "Concise MIB Definitions", RFC 1212, 1134 Performance Systems International, Hughes LAN Systems, March 1991 1136 [4] M. Rose, "A Convention for Defining Traps for use with the SNMP", 1137 RFC 1215, Performance Systems International, March 1991 1139 [5] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. 1140 Waldbusser, "Structure of Management Information for Version 2 of 1141 the Simple Network Management Protocol (SNMPv2)", RFC 1902, SNMP 1142 Research,Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., 1143 International Network Services, January 1996. 1145 [6] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. 1146 Waldbusser, "Textual Conventions for Version 2 of the Simple 1147 Network Management Protocol (SNMPv2)", RFC 1903, SNMP Research, 1148 Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., 1149 International Network Services, January 1996. 1151 [7] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. 1152 Waldbusser, "Conformance Statements for Version 2 of the Simple 1153 Network Management Protocol (SNMPv2)", RFC 1904, SNMP Research, 1154 Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., 1155 International Network Services, January 1996. 1157 [8] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network 1158 Management Protocol", RFC 1157, SNMP Research, Performance Systems 1159 International, Performance Systems International, MIT Laboratory 1160 for Computer Science, May 1990. 1162 [9] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. 1163 Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, 1164 SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, 1165 Inc., International Network Services, January 1996. 1167 [10] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. 1168 Waldbusser, "Transport Mappings for Version 2 of the Simple Network 1169 Management Protocol (SNMPv2)", RFC 1906, SNMP Research, Inc., Cisco 1170 Systems, Inc., Dover Beach Consulting, Inc., International Network 1171 Services, January 1996. 1173 [11] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message 1174 Processing and Dispatching for the Simple Network Management 1175 Protocol (SNMP)", RFC 2272, SNMP Research, Inc., Cabletron Systems, 1176 Inc., BMC Software, Inc., IBM T. J. Watson Research, January 1998. 1178 [12] Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) for 1179 version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 1180 2274, IBM T. J. Watson Research, January 1998. 1182 [13] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. 1183 Waldbusser, "Protocol Operations for Version 2 of the Simple 1184 Network Management Protocol (SNMPv2)", RFC 1905, SNMP Research, 1185 Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., 1186 International Network Services, January 1996. 1188 [14] Levi, D., Meyer, P., and B. Stewart, MPv3 Applications", RFC 2273, 1189 SNMP Research, Inc., Secure Computing Corporation, Cisco Systems, 1190 January 1998. 1192 [15] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access 1193 Control Model (VACM) for the Simple Network Management Protocol 1194 (SNMP)", RFC 2275, IBM T. J. Watson Research, BMC Software, Inc., 1195 Cisco Systems, Inc., January 1998. 1197 [16] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and 1198 S. Waldbusser, "Management Information Base for version 2 of the 1199 Simple Network Management Protocol (SNMPv2)", RFC 1907, January 1200 1996. 1202 [17] Information processing systems - Open Systems Interconnection, 1203 "Specification of Abstract Syntax Notation One (ASN.1)", 1204 International Organization for Standardization, Internation 1205 Standard 8824, December 1987. 1207 [18] Information processing systems - Open Systems Interconnection, 1208 "Specification of Basic Encoding Rules for Abstract Syntax Notation 1209 One (ASN.1)", International Organization for Standardization, 1210 Internation Standard 8825, December 1987. 1212 [19] McCloghrie, K., Heinanen, J., Greene, W., and A. Prasad, 1213 "Accounting Information for ATM Networks", Internet Draft, draft- 1214 ietf-atommib-atmacct-03.txt, October 1998. 1216 [20] Noto, M., Spiegel, E., and K. Tesink, "Definitions of Textual 1217 Conventions and OBJECT-IDENTITIES for ATM Management", Internet 1218 Draft, draft-ietf-atommib-atm2TC-08.txt, August 1998. 1220 7. Security Considerations 1222 The MIB defined in this memo controls and monitors the collection of 1223 accounting data. Care should be taken to prohibit unauthorized access 1224 to this control capability in order to prevent the disruption of data 1225 collection, possibly with fraudulent intent. Example of such disruption 1226 are disabling the collection of data, or causing the wrong set of data 1227 items to be collected. 1229 SNMPv1 by itself is not a secure environment. Even if the network 1230 itself is secure (for example by using IPSec), even then, there is no 1231 control as to who on the secure network is allowed to access and GET/SET 1232 (read/change/create/delete) the objects in this MIB. 1234 It is recommended that the implementers consider the security features 1235 as provided by the SNMPv3 framework. Specifically, the use of the 1236 User-based Security Model RFC 2274 [12] and the View-based Access 1237 Control Model RFC 2275 [15] is recommended. 1239 It is then a customer/user responsibility to ensure that the SNMP entity 1240 giving access to an instance of this MIB, is properly configured to give 1241 access to the objects only to those principals (users) that have 1242 legitimate rights to indeed GET or SET (change/create/delete) them. 1244 8. IANA Considerations 1246 Prior to publication of this memo as an RFC, IANA is requested to make a 1247 suitable OBJECT IDENTIFIER assignment and update the following line in 1248 the MIB: 1250 ::= { mib-2 xx } -- to be filled in by IANA 1252 9. Authors' Addresses 1254 Keith McCloghrie 1255 Cisco Systems, Inc. 1256 170 West Tasman Drive, 1257 San Jose CA 95134 1258 Phone: +1 408 526 5260 1259 Email: kzm@cisco.com 1261 Juha Heinanen 1262 Telia Finland, Inc. 1263 Myyrmaentie 2 1264 01600 VANTAA 1265 Finland 1266 Phone +358 303 944 808 1267 Email: jh@telia.fi 1269 Wedge Greene 1270 MCI Telecommunications Corporation 1271 901 International Parkway 1272 Richardson, Texas 75081 1273 Phone: 214-498-1232 or 972-729-1232 1274 Email: wedge.greene@mci.com 1276 Anil Prasad 1277 Cisco Systems, Inc. 1278 170 West Tasman Drive, 1279 San Jose CA 95134 1280 Phone: 408 525-7209 1281 E-mail: aprasad@cisco.com 1283 10. Full Copyright Statement 1285 Copyright (C) The Internet Society (1998). All Rights Reserved. 1287 This document and translations of it may be copied and furnished to 1288 others, and derivative works that comment on or otherwise explain it or 1289 assist in its implmentation may be prepared, copied, published and 1290 distributed, in whole or in part, without restriction of any kind, 1291 provided that the above copyright notice and this paragraph are included 1292 on all such copies and derivative works. However, this document itself 1293 may not be modified in any way, such as by removing the copyright notice 1294 or references to the Internet Society or other Internet organizations, 1295 except as needed for the purpose of developing Internet standards in 1296 which case the procedures for copyrights defined in the Internet 1297 Standards process must be followed, or as required to translate it into 1298 languages other than English. 1300 The limited permissions granted above are perpetual and will not be 1301 revoked by the Internet Society or its successors or assigns. 1303 This document and the information contained herein is provided on an "AS 1304 IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK 1305 FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT 1306 LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT 1307 INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR 1308 FITNESS FOR A PARTICULAR PURPOSE." 1309 Table of Contents 1311 1 Introduction .................................................... 2 1312 2 The SNMP Network Management Framework ........................... 2 1313 3 Overview ........................................................ 3 1314 3.1 Operational Model ............................................. 3 1315 3.2 Selection of Accounting Data .................................. 5 1316 3.3 Format of Collection File ..................................... 6 1317 4 Definitions ..................................................... 10 1318 5 Acknowledgements ................................................ 31 1319 6 References ...................................................... 31 1320 7 Security Considerations ......................................... 34 1321 8 IANA Considerations ............................................. 34 1322 9 Authors' Addresses .............................................. 34 1323 10 Full Copyright Statement ....................................... 36