idnits 2.17.1 draft-ietf-dhc-server-mib-09.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? == There is 1 instance of lines with non-ascii characters in the document. == The page length should not exceed 58 lines per page, but there was 46 longer pages, the longest (page 2) being 65 lines == It seems as if not all pages are separated by form feeds - found 0 form feeds but 47 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 470 instances of too long lines in the document, the longest one being 5 characters in excess of 72. ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 96: '...ftware. Servers MAY also provide addi...' RFC 2119 keyword, line 328: '... According to [RFC2131], servers SHOULD try to determine if an address...' RFC 2119 keyword, line 405: '... resolution SHOULD round this val...' RFC 2119 keyword, line 1135: '...he subnet. This MUST be the same as t...' RFC 2119 keyword, line 1282: '... The list MUST contain addresse...' (5 more instances...) Miscellaneous warnings: ---------------------------------------------------------------------------- -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (October 2003) is 7499 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC2287' is mentioned on line 97, but not defined == Missing Reference: 'RFC2119' is mentioned on line 102, but not defined == Unused Reference: 'RFC2132' is defined on line 2095, but no explicit reference was found in the text == Unused Reference: 'RFC3203' is defined on line 2111, but no explicit reference was found in the text Summary: 4 errors (**), 0 flaws (~~), 7 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group Barr Hibbs 3 INTERNET-DRAFT (no affiliation) 4 Category: Standards Track Glenn Waters 5 Nortel Networks 6 October 2003 8 Dynamic Host Configuration Protocol for IPv4 (DHCPv4) Server MIB 10 11 Saved Monday, October 27, 2003, 5:08:01 PM 13 Status of this Memo 15 This document is an Internet-Draft and is in full conformance with 16 all provisions of Section 10 of RFC2026. 18 Internet-Drafts are working documents of the Internet Engineering 19 Task Force (IETF), its areas, and its working groups. Note that 20 other groups may also distribute working documents as Internet- 21 Drafts. 23 Internet-Drafts are draft documents valid for a maximum of six months 24 and may be updated, replaced, or made obsolete by other documents at 25 any time. It is inappropriate to use Internet-Drafts as reference 26 material or to cite them other than as "work in progress." 28 The list of current Internet-Drafts can be accessed at 29 http://www.ietf.org/1id-abstracts.html. 31 The list of Internet-Draft Shadow Directories can be accessed at 32 http://www.ietf.org/shadow.html. 34 Copyright Notice 36 Copyright (C), 2003, The Internet Society. All Rights Reserved. 38 Abstract 40 This memo defines an experimental portion of the Management 41 Information Base (MIB) for use with network management protocols in 42 the Internet Community. In particular, it defines objects used for 43 the management of Dynamic Host Configuration Protocol for IPv4 44 (DHCPv4) and Bootstrap Protocol (BOOTP) servers. 46 Table of Contents 48 1. Introduction...................................................2 49 2. The Internet-Standard Management Framework.....................3 50 3. Overview.......................................................3 51 3.1. Relationship to Other MIBs.................................4 52 3.1.1. DHCP MIB Extensions...................................4 53 3.1.2. Host System MIB Extensions............................4 54 3.1.3. DHCP Client MIB Extensions............................4 55 3.1.4. DHCP Relay Agent MIB Extensions.......................5 56 3.1.5. DHCPv6 MIB Extensions.................................5 57 3.2. Textual Conventions Introduced in this MIB.................5 58 3.2.1. DhcpTimeInterval......................................5 59 3.2.2. DhcpPhysicalAddress...................................5 60 3.3. BOOTP and DHCP Counter Groups..............................5 61 3.4. BOOTP and DHCP Optional Statistics Group...................6 62 3.5. Response Times and ICMP Echo...............................8 63 4. Definitions....................................................9 64 5. Intellectual Property.........................................43 65 6. Acknowledgements..............................................43 66 7. IANA Considerations...........................................43 67 8. Security Considerations.......................................44 68 9. References....................................................45 69 9.1. Normative References......................................45 70 9.2. Informative References....................................46 71 10. Editors' Addresses...........................................46 72 11. Full Copyright Statement.....................................46 74 1. Introduction 76 This memo is a product of the DHCP Working Group and defines a 77 portion of the Management Information Base (MIB) for use with network 78 management protocols in the Internet community. In particular, it 79 describes a set of extensions that DHCPv4 and Bootstrap Protocol 80 (BOOTP) servers implement. Many implementations support both DHCPv4 81 and BOOTP within a single server and hence this memo describes the 82 MIB for both DHCPv4 and BOOTP servers. 84 This memo does not cover DHCPv4/BOOTP client nor relay agent MIB 85 extensions: these are possibly the subjects of future investigation 86 [see discussion in section 3.1.] Also excluded from this MIB 87 extension in the interest of simplicity are DHCP Dynamic DNS 88 Updating, Failover, Authentication, and Load Balancing: these 89 functions and features could be subjects of future MIB extensions. 90 Provision is also made for Standards-Track additions to the DHCP 91 Message Type (option 61.) 92 This memo is based on the Internet-standard Network Management 93 Framework as defined by documents [RFC2578, RFC2579, RFC2580]. 95 Objects defined in this MIB allow access to and control of DHCP 96 Server Software. Servers MAY also provide additional management 97 capabilities using the Applications MIB [RFC2287]. 99 The key words "MUST," "MUST NOT," "REQUIRED," "SHALL," "SHALL NOT," 100 "SHOULD," "SHOULD NOT," "RECOMMENDED," "MAY," and "OPTIONAL" in this 101 document are to be interpreted as described in [RFC2119]. 103 2. The Internet-Standard Management Framework 105 For a detailed overview of the documents that describe the current 106 Internet-Standard Management Framework, please refer to section 7 of 107 RFC 3410 [RFC3410], Managed objects are accessed via a virtual 108 information store, termed the Management Information Base or MIB. 109 MIB objects are generally accessed through the Simple Network 110 Management Protocol (SNMP). Objects in the MIB are defined using the 111 mechanisms defined in the Structure of Management Information (SMI). 112 This memo specifies a MIB module that is compliant to the SMIv2, 113 which is described in STD 58, [RFC2578], STD 58, [RFC2579] and STD 114 58, [RFC2580]. 116 3. Overview 118 In the tradition of the Simple Network Management Protocol (SNMP), 119 the minimum number of objects possible is defined in this MIB, while 120 still providing as rich a set of management information as possible. 121 An object is left out of this MIB when it can be derived from other 122 objects that are provided. Further to the tradition of the SNMP, 123 computationally intense operations are left to the domain of the 124 management station. Thus, this MIB provides a set of objects from 125 which other management information may be derived. 127 Provision for future extensions to cover DHCPv4 clients and relay 128 agents, and DHCPv6 extensions are implied by the top-level structure 129 illustrated in section 3.1.1. 131 The examples provided in sections 3.3 through 3.5 are not meant to be 132 comprehensive but are illustrative of the potential uses of the 133 objects defined by this MIB. 135 3.1. Relationship to Other MIBs 137 3.1.1. DHCP MIB Extensions 139 The DHCP MIB extensions will be the "dhcp" branch of the standard 140 MIB-2 tree, as illustrated by the following diagram: 142 +-------+ 143 | MIB-2 | 144 +---+---+ 145 | 146 | 147 +---+---+ 148 | dhcp | 149 +---+---+ 150 | 151 | 152 +--------------+---------------+----------------+ 153 | | | | 154 +-----+-----+ +-----+----+ +-------+-------+ +-----+-----+ 155 | dhcp-v4 | | dhcp-v4 | | dhcp-v4 | |dhcp-v6 MIB| 156 |Server MIB | |Client MIB| |Relay Agent MIB| |Extensions | 157 |(this memo)| | (future) | | (future work) | | (future) | 158 +-----------+ +----------+ +---------------+ +-----------+ 160 The DHCP MIBs will share a common branching point but will be 161 independently defined by individual memos. 163 3.1.2. Host System MIB Extensions 165 The Host System MIB [RFC1123] provides for information, command, and 166 control of the host computer system on which a DHCP server resides. 167 The DHCP Server MIB specifically does not include any objects that 168 may be accessible using the Host System MIB. 170 3.1.3. DHCP Client MIB Extensions 172 Development of this set of MIB extensions is a natural path given the 173 increasing interest in desktop and client system management. It will 174 share a common branch point in the MIB tree with the other DHCP MIB 175 Extensions, and may use many of the same textual conventions. 177 3.1.4. DHCP Relay Agent MIB Extensions 179 If this set of MIB extensions is ever developed, it will share a 180 common branch point in the MIB tree with the other DHCP MIB 181 Extensions, and will use many of the same textual conventions. 183 3.1.5. DHCPv6 MIB Extensions 185 If this set of MIB extensions is ever developed, it will share a 186 common branch point in the MIB tree with the other DHCP MIB 187 Extensions, and will likely use very different textual conventions as 188 the protocol differs significantly from DHCPv4. 190 3.2. Textual Conventions Introduced in this MIB 192 Several conceptual data types have been introduced as textual 193 conventions in this DHCP MIB document. These additions will 194 facilitate the common understanding of information used by the DHCP 195 server. No changes to the SMI or the SNMP are necessary to support 196 these conventions. 198 3.2.1. DhcpTimeInterval 200 This data type measures time intervals since the beginning of some 201 epoch, measured in milliseconds. DhcpTimeInterval is intended 202 exclusively for use in various statistics, such as in the subtrees 203 "bootpOptionalStatistics" and "dhcpv4OptionalStatistics." 205 3.2.2. DhcpPhysicalAddress 207 This data type contains the type of hardware address represented by 208 MacAddress, as defined for ARP messages. 210 The length in octets of MacAddress is contained in this type. 212 The actual layer 1 hardware address is contained in this data type. 214 3.3. BOOTP and DHCP Counter Groups 216 This section describes some of the management information that may be 217 derived from the objects provided in the counter groups. 219 The total number of valid DHCP packets received by the server is 220 computed as the sum of the "dhcpv4CountDiscovers," 221 "dhcpv4CountRequests," "dhcpv4CountReleases," "dhcpv4CountDeclines," 222 "dhcpv4CountInforms," and "dhcpv4CountLeaseQueries objects." The 223 total number of valid packets (BOOTP and DHCP) received is computed 224 as the total number of valid DHCP packets plus the value of the 225 "bootpCountRequests" object. The total number of packets received is 226 computed as the total number of valid packets plus the sum of 227 "bootpCountInvalids" and "dhcpv4CountInvalids." 229 Similar to the received computations, the total number of DHCP 230 packets sent by the server is computed as the sum of the 231 "dhcpv4CountOffers," "dhcpv4CountAcks," and "dhcpv4CountNaks" 232 objects. The number of packets (BOOTP and DHCP) sent by the server 233 is computed as the total number of DHCP packets sent plus the value 234 of the "bootpCountReplies" object. 236 3.4. BOOTP and DHCP Optional Statistics Group 238 This section describes some of the management information that may be 239 derived from the objects provided in the optional statistics group. 241 Given time 1 (t1) and time 2 (t2) greater than t1, the mean inter- 242 arrival time of valid DHCP messages for the interval t1 to t2 can be 243 computed as (dhcpv4StatLastArrivalTime at t2 minus 244 dhcpv4StatLastArrivalTime at t1) divided by (valid DHCP received 245 packet count at t2 minus valid DHCP received packet count at t1). 247 Under the simplifying assumption that the capture of packet counts 248 and times is discontinuous (that is, for the measurement interval the 249 captured data represents the complete set for the server) the 250 variance of the mean may be computed as 251 (dhcpv4StatSumSquaresArrivalTime at t2 less 252 dhcpv4StatSumSquaresArrivalTime at t1) divided by (valid DHCP 253 received packet count at t2 less valid DHCP received packet count at 254 t1). Standard deviation of the mean is the square root of the 255 variance. 257 Calculation of statistics for message response time is entirely 258 similar to the calculations for inter-arrival time, except that the 259 response time objects are used for the calculations. 261 Calculation of statistics for BOOTP is similar to the calculations 262 for DHCP, except that the similar objects from the 263 bootpOptionalStatistics group are used instead of the objects from 264 dhcpv4OptionalStatistics group, server Configuration Group 266 The server configuration group contains objects that describe the 267 configuration information that is contained in the server. Some of 268 the configuration information is static (e.g., a statically 269 configured IP address) and some of the configuration is dynamic 270 (e.g., an assigned DHCP lease). The intent of the server 271 configuration group is to be able to read the server's configuration. 272 Mechanisms outside of the SNMP are currently in use (e.g., vendor 273 defined solutions) and are being standardized (e.g., the Directory 274 Enabled Networks [DEN] initiative) to update a server's 275 configuration. 277 The configuration information defines a minimal set of information 278 that most servers should be able to provide. Each row of the 279 dhcpv4ServerSubnetTable lists the subnet, the subnet mask, and the 280 subnet that is equivalent to this subnet. Equivalence is defined as 281 more than one subnet being present on the same network segment as 282 some other subnet. 284 The dhcpv4ServerRangeTable lists the start and end IP addresses of 285 the ranges and the subnet of which the range is a member. The 286 dhcpv4ServerRangeInUse object indicates the amount of the range that 287 is currently in use, either through dynamic allocation or being 288 reserved. The range size can be computed by taking the difference of 289 the "dhcpv4ServerRangeStartAddress" and "dhcpv4ServerRangeEndAddress" 290 objects. 292 The dhcpv4ServerAddressTable provides information about the static 293 and dynamic addresses that the server contains in its configuration. 294 Addresses may be: 296 o Static, in which case they are predefined though the server's 297 configuration. Static addresses may or may not have been 298 previously served by the server; 300 o Dynamic, in which case the server has served the addresses and 301 it is currently in active use by a host; 303 o Expired, in which case the server had previously assigned for 304 which the lease time has expired, but is retained by the server 305 for possible future use by the same client; 307 o Configuration-reserved, in which case the address is not 308 available for the server to allocate to a client. A 309 configuration-reserved address is one that has been reserved by 310 the administrator. An example of a configuration-reserved 311 address is an address that is assigned to a client, not through 312 DHCP (e.g., statically assigned), and the address is within a 313 DHCP range; and 315 o Server-reserved, in which case the server has taken the address 316 out of use. Examples of server-reserved addresses are those 317 that have been declined (i.e., through a DHCPDECLINE) by a 318 client or those that have responded to an ICMP echo before they 319 were assigned. 321 The protocol used to allocate the address may be determined from the 322 "dhcpv4ServerAddressServedProtocol" object. This object indicates 323 whether the address has never been served, or whether BOOTP or DHCP 324 was used to allocate the address. 326 3.5. Response Times and ICMP Echo 328 According to [RFC2131], servers SHOULD try to determine if an address 329 is in use before assigning it. Some servers choose not to perform 330 this check, letting the client determine for itself if the address is 331 in use. Other servers perform an ICMP echo (Ping) just prior to 332 assigning an address. Servers that perform a Ping before responding 333 to a DHCPDISCOVER should not include in the response time the time 334 from when the Ping was transmitted until the time that either a 335 response was received or that the server timed out waiting for a 336 response. 338 4. Definitions 340 DHCP-SERVER-MIB DEFINITIONS ::= BEGIN 342 IMPORTS 343 Counter64, Counter32, Gauge32, Unsigned32, MODULE-IDENTITY, 344 OBJECT-TYPE, OBJECT-IDENTITY, NOTIFICATION-TYPE, mib-2 345 FROM SNMPv2-SMI 347 TEXTUAL-CONVENTION, DateAndTime FROM SNMPv2-TC 349 SnmpAdminString FROM SNMP-FRAMEWORK-MIB 351 InetAddressIPv4, InetAddressPrefixLength 352 FROM INET-ADDRESS-MIB 354 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP 355 FROM SNMPv2-CONF; 357 dhcp MODULE-IDENTITY 358 LAST-UPDATED "200310271708Z" 359 ORGANIZATION 360 "IETF DHC Working Group 361 General Discussion: dhcwg@ietf.org 362 Subscribe: http://www1.ietf.org/mailman/listinfo/dhcwg 363 Archive: http://www1.ietf.org/mailman/listinfo/dhcwg 364 Chair: Ralph Droms, rdroms@cisco.com" 365 CONTACT-INFO 366 " Richard Barr Hibbs 367 Postal: 952 Sanchez Street 368 San Francisco, California 94114-3362 369 USA 370 Tel: +1-(415)-648-3920 371 Fax: +1-(415)-648-9017 372 E-mail: rbhibbs@pacbell.net 374 Glenn Waters 375 Postal: Nortel Networks, Inc. 376 310-875 Carling Avenue 377 Ottawa, Ontario K1S 5P1 378 Canada 379 Tel: +1-(613)-798-4925 380 E-mail: gww@NortelNetworks.com" 381 DESCRIPTION 382 "The MIB module for entities implementing the server side of 383 the Bootstrap Protocol (BOOTP) and the Dynamic Host 384 Configuration protocol (DHCP) for Internet Protocol version 385 4(IPv4). This MIB does not include support for Dynamic DNS 386 (DDNS) updating nor for the DHCP Failover Protocol. 388 Copyright (C) The Internet Society (2003). This version of 389 this MIB module is part of RFC xxxx; see the RFC itself for 390 full legal notices." 391 -- RFC Editor assigns xxxx and removes this comment 393 REVISION "200310271708Z" -- 27 October 2003 394 DESCRIPTION "Initial Version, published as RFC xxxx." 395 -- RFC Editor assigns xxxx and removes this comment 396 ::= { mib-2 TBD } -- IANA will make official assignment 398 -- Textual conventions defined by this memo 400 DhcpTimeInterval ::= TEXTUAL-CONVENTION 401 STATUS current 402 DESCRIPTION 403 "The number of milliseconds that has elapsed since some epoch. 404 Systems that cannot measure events to the millisecond 405 resolution SHOULD round this value to the next available 406 resolution that the system supports." 407 SYNTAX Unsigned32 409 DhcpPhysicalAddress ::= TEXTUAL-CONVENTION 410 DISPLAY-HINT "1d,1d,1x:" 411 STATUS current 412 DESCRIPTION 413 "A DHCP-specific encoding of the physical address type and 414 physical address, intended to mirror the representation of 415 physical addresses in DHCP messages. The first octet of this 416 object contains the hardware type from the 'htype' field of the 417 DHCP message, the second octet of this object contains the 418 hardware length from the 'hlen' field, and the remaining octets 419 contain the hardware address from the 'chaddr' field." 420 REFERENCE "RFC 2131" 421 SYNTAX OCTET STRING (SIZE(3..18)) 423 -- declare top-level MIB objects 425 dhcpv4Server OBJECT-IDENTITY 426 STATUS current 427 DESCRIPTION 428 "DHCPv4 Server MIB objects are defined in this branch." 429 ::= { dhcp 1 } 431 -- dhcpv4Client OBJECT-IDENTITY 432 -- STATUS future 433 -- DESCRIPTION 434 -- "DHCPv4 Client MIB objects are defined in this branch." 435 -- ::= { dhcp 2 } 437 -- dhcpv4Relay OBJECT-IDENTITY 438 -- STATUS future 439 -- DESCRIPTION 440 -- "DHCPv4 Relay Agent MIB objects are defined in this branch." 441 -- ::= { dhcp 3 } 443 -- dhcpv6Server OBJECT-IDENTITY 444 -- STATUS future 445 -- DESCRIPTION 446 -- "DHCPv6 Server MIB objects are defined in this branch." 447 -- ::= { dhcp 4 } 449 dhcpv4ServerObjects OBJECT-IDENTITY 450 STATUS current 451 DESCRIPTION 452 "DHCP Server MIB server identification objects are all defined 453 in this branch." 454 ::= { dhcpv4Server 1 } 456 dhcpv4ServerSystem OBJECT-IDENTITY 457 STATUS current 458 DESCRIPTION 459 "Group of objects that are related to the overall system." 460 ::= { dhcpv4ServerObjects 1 } 462 bootpCounters OBJECT-IDENTITY 463 STATUS current 464 DESCRIPTION 465 "Group of objects that count various BOOTP events." 466 ::= { dhcpv4ServerObjects 2 } 468 dhcpv4Counters OBJECT-IDENTITY 469 STATUS current 470 DESCRIPTION 471 "Group of objects that count various DHCPv4 events." 472 ::= { dhcpv4ServerObjects 3 } 474 bootpOptionalStatistics OBJECT-IDENTITY 475 STATUS current 476 DESCRIPTION 477 "Group of objects that measure various BOOTP statistics." 478 ::= { dhcpv4ServerObjects 4 } 480 dhcpv4OptionalStatistics OBJECT-IDENTITY 481 STATUS current 482 DESCRIPTION 483 "Group of objects that measure various DHCPv4 statistics." 484 ::= { dhcpv4ServerObjects 5 } 486 dhcpv4ServerConfiguration OBJECT-IDENTITY 487 STATUS current 488 DESCRIPTION 489 "Objects that contain pre-configured and dynamic configuration 490 information." 491 ::= { dhcpv4ServerObjects 6 } 493 dhcpv4ServerNotifyObjects OBJECT-IDENTITY 494 STATUS current 495 DESCRIPTION 496 "Objects that are used only in notifications." 497 ::= { dhcpv4ServerObjects 7 } 499 -- dhcpv4ServerSystemObjects Group 501 dhcpv4ServerSystemDescr OBJECT-TYPE 502 SYNTAX SnmpAdminString (SIZE(0..255)) 503 MAX-ACCESS read-only 504 STATUS current 505 DESCRIPTION 506 "A textual description of the server. This value should 507 include the full name and version identification of the 508 server." 509 ::= { dhcpv4ServerSystem 1 } 511 dhcpv4ServerSystemObjectID OBJECT-TYPE 512 SYNTAX OBJECT IDENTIFIER 513 MAX-ACCESS read-only 514 STATUS current 515 DESCRIPTION 516 "The vendor's authoritative identification of the network 517 management subsystem contained in this entity. This value is 518 allocated within the SMI enterprise subtree (1.3.6.1.4.1) and 519 provides an easy and unambiguous means for determining what 520 kind of server is being managed. For example, if vendor Ohso 521 Soft, Inc. is assigned the subtree 1.3.6.1.4.1.4242, it may 522 assign the identifier 1.3.6.1.4.1.4242.1.1 to its Ursa DHCP 523 Server." 524 ::= { dhcpv4ServerSystem 2 } 526 -- bootpCounterObjects Group 528 bootpCountRequests OBJECT-TYPE 529 SYNTAX Counter32 530 MAX-ACCESS read-only 531 STATUS current 532 DESCRIPTION 533 "The number of packets received that contain a Message Type of 534 1 (BOOTREQUEST) in the first octet and do not contain option 535 number 53 (DHCP Message Type) in the options." 536 REFERENCE 537 "RFC-2131." 538 ::= { bootpCounters 1 } 540 bootpCountInvalids OBJECT-TYPE 541 SYNTAX Counter32 542 MAX-ACCESS read-only 543 STATUS current 544 DESCRIPTION 545 "The number of packets received that do not contain a Message 546 Type of 1 (BOOTREQUEST) in the first octet or are not valid 547 BOOTP packets (e.g., too short, invalid field in packet 548 header)." 549 ::= { bootpCounters 2 } 551 bootpCountReplies OBJECT-TYPE 552 SYNTAX Counter32 553 MAX-ACCESS read-only 554 STATUS current 555 DESCRIPTION 556 "The number of packets sent that contain a Message Type of 2 557 (BOOTREPLY) in the first octet and do not contain option number 558 53 (DHCP Message Type) in the options." 559 REFERENCE 560 "RFC-2131." 561 ::= { bootpCounters 3 } 563 bootpCountDroppedUnknownClients OBJECT-TYPE 564 SYNTAX Counter32 565 MAX-ACCESS read-only 566 STATUS current 567 DESCRIPTION 568 "The number of BOOTP packets dropped due to the server not 569 recognizing or not providing service to the hardware address 570 received in the incoming packet." 571 ::= { bootpCounters 4 } 573 bootpCountDroppedNotServingSubnet OBJECT-TYPE 574 SYNTAX Counter32 575 MAX-ACCESS read-only 576 STATUS current 577 DESCRIPTION 578 "The number of BOOTP packets dropped due to the server not 579 being configured or not otherwise able to serve addresses on 580 the subnet from which this message was received." 582 ::= { bootpCounters 5 } 584 -- DHCP Counters 586 dhcpv4RecvdPacketCounters OBJECT-IDENTITY 587 STATUS current 588 DESCRIPTION 589 "Counters for valid received DHCP message packets." 590 ::= { dhcpv4Counters 1 } 592 dhcpv4SentPacketCounters OBJECT-IDENTITY 593 STATUS current 594 DESCRIPTION 595 "Counters for valid sent DHCP message packets." 596 ::= { dhcpv4Counters 2 } 598 dhcpv4ErrorPacketCounters OBJECT-IDENTITY 599 STATUS current 600 DESCRIPTION 601 "Counters for DHCP message packets received, but not processed 602 by the server due to configuration or other errors." 603 ::= { dhcpv4Counters 3 } 605 -- dhcpv4RecvdPacketCounterObjects Group 607 dhcpv4CountDiscovers OBJECT-TYPE 608 SYNTAX Counter32 609 MAX-ACCESS read-only 610 STATUS current 611 DESCRIPTION 612 "The number of DHCPDISCOVER (option 53 with value 1) packets 613 received." 614 REFERENCE 615 "RFC2131; RFC2132, section 9.6." 616 ::= { dhcpv4RecvdPacketCounters 1 } 618 dhcpv4CountRequests OBJECT-TYPE 619 SYNTAX Counter32 620 MAX-ACCESS read-only 621 STATUS current 622 DESCRIPTION 623 "The number of DHCPREQUEST (option 53 with value 3) packets 624 received." 625 REFERENCE 626 "RFC2131; RFC2132, section 9.6." 627 ::= { dhcpv4RecvdPacketCounters 2 } 629 dhcpv4CountReleases OBJECT-TYPE 630 SYNTAX Counter32 631 MAX-ACCESS read-only 632 STATUS current 633 DESCRIPTION 634 "The number of DHCPRELEASE (option 53 with value 7) packets 635 received." 636 REFERENCE 637 "RFC2131; RFC2132, section 9.6." 638 ::= { dhcpv4RecvdPacketCounters 3 } 640 dhcpv4CountDeclines OBJECT-TYPE 641 SYNTAX Counter32 642 MAX-ACCESS read-only 643 STATUS current 644 DESCRIPTION 645 "The number of DHCPDECLINE (option 53 with value 4) packets 646 received." 647 REFERENCE 648 "RFC2131; RFC2132, section 9.6." 649 ::= { dhcpv4RecvdPacketCounters 4 } 651 dhcpv4CountInforms OBJECT-TYPE 652 SYNTAX Counter32 653 MAX-ACCESS read-only 654 STATUS current 655 DESCRIPTION 656 "The number of DHCPINFORM (option 53 with value 8) packets 657 received." 658 REFERENCE 659 "RFC2131; RFC2132, section 9.6." 660 ::= { dhcpv4RecvdPacketCounters 5 } 662 -- dhcpv4SentPacketCounterObjects Group 664 dhcpv4CountOffers OBJECT-TYPE 665 SYNTAX Counter32 666 MAX-ACCESS read-only 667 STATUS current 668 DESCRIPTION 669 "The number of DHCPOFFER (option 53 with value 2) packets 670 sent." 671 REFERENCE 672 "RFC2131; RFC2132, section 9.6." 673 ::= { dhcpv4SentPacketCounters 1 } 675 dhcpv4CountAcks OBJECT-TYPE 676 SYNTAX Counter32 677 MAX-ACCESS read-only 678 STATUS current 679 DESCRIPTION 680 "The number of DHCPACK (option 53 with value 5) packets sent." 681 REFERENCE 682 "RFC2131; RFC2132, section 9.6." 683 ::= { dhcpv4SentPacketCounters 2 } 685 dhcpv4CountNaks OBJECT-TYPE 686 SYNTAX Counter32 687 MAX-ACCESS read-only 688 STATUS current 689 DESCRIPTION 690 "The number of DHCPNACK (option 53 with value 6) packets sent." 691 REFERENCE 692 "RFC2131; RFC2132, section 9.6." 693 ::= { dhcpv4SentPacketCounters 3 } 695 dhcpv4CountForcedRenews OBJECT-TYPE 696 SYNTAX Counter32 697 MAX-ACCESS read-only 698 STATUS current 699 DESCRIPTION 700 "The number of DHCPFORCERENEW (option 53 with value 9) packets 701 sent." 702 REFERENCE 703 " RFC 3203, DHCP reconfigure extension." 704 ::= { dhcpv4SentPacketCounters 4 } 706 -- dhcpv4ErrorPacketCounterObjects Group 708 dhcpv4CountInvalids OBJECT-TYPE 709 SYNTAX Counter32 710 MAX-ACCESS read-only 711 STATUS current 712 DESCRIPTION 713 "The number of DHCP packets received whose DHCP message type 714 (i.e., option number 53) is not understood or handled by the 715 server." 716 ::= { dhcpv4ErrorPacketCounters 1 } 718 dhcpv4CountDroppedUnknownClient OBJECT-TYPE 719 SYNTAX Counter32 720 MAX-ACCESS read-only 721 STATUS current 722 DESCRIPTION 723 "The number of DHCP packets dropped due to the server not 724 recognizing or not providing service to the client-id and/or 725 hardware address received in the incoming packet." 726 ::= { dhcpv4ErrorPacketCounters 2 } 728 dhcpv4CountDroppedNotServingSubnet OBJECT-TYPE 729 SYNTAX Counter32 730 MAX-ACCESS read-only 731 STATUS current 732 DESCRIPTION 733 "The number of DHCP packets dropped due to the server not being 734 configured or not otherwise able to serve addresses on the 735 subnet from which this message was received." 736 ::= { dhcpv4ErrorPacketCounters 3 } 738 -- bootpOptionalStatisticObjects group 740 bootpStatMinArrivalInterval OBJECT-TYPE 741 SYNTAX DhcpTimeInterval 742 MAX-ACCESS read-only 743 STATUS current 744 DESCRIPTION 745 "The minimum amount of time between receiving two BOOTP 746 messages. A message is received at the server when the server 747 is able to begin processing the message. This typically occurs 748 immediately after the message is read into server memory. If 749 no messages have been received, then this object contains a 750 zero value." 751 ::= { bootpOptionalStatistics 1 } 753 bootpStatMaxArrivalInterval OBJECT-TYPE 754 SYNTAX DhcpTimeInterval 755 MAX-ACCESS read-only 756 STATUS current 757 DESCRIPTION 758 "The maximum amount of time between receiving two BOOTP 759 messages. A message is received at the server when the server 760 is able to begin processing the message. This typically occurs 761 immediately after the message is read into server memory. If 762 no messages have been received, then this object contains a 763 zero value." 764 ::= { bootpOptionalStatistics 2 } 766 bootpStatLastArrivalTime OBJECT-TYPE 767 SYNTAX DateAndTime 768 MAX-ACCESS read-only 769 STATUS current 770 DESCRIPTION 771 "The date and time that the last valid BOOTP message was 772 received by the server. Invalid messages do not cause this 773 value to change. If valid no messages have been received, then 774 this object contains a date and time that is all zero." 775 ::= { bootpOptionalStatistics 3 } 777 bootpStatSumSquaresArrivalTime OBJECT-TYPE 778 SYNTAX Counter64 779 MAX-ACCESS read-only 780 STATUS current 781 DESCRIPTION 782 "The sum of the squared BOOTP packet inter-arrival times in 783 microseconds. This value may be used to compute the variance 784 and standard deviation of the BOOTP arrival times. Note that a 785 microsecond resolution of this object requires a clock 786 resolution to the millisecond since the square of a millisecond 787 value produces a value with microsecond resolution." 788 ::= { bootpOptionalStatistics 4 } 790 bootpStatMinResponseTime OBJECT-TYPE 791 SYNTAX DhcpTimeInterval 792 MAX-ACCESS read-only 793 STATUS current 794 DESCRIPTION 795 "The smallest time interval measured as the difference between 796 the arrival of a BOOTP message at the server and the successful 797 transmission of the response to that message. A message is 798 received at the server when the server is able to begin 799 processing the message. A message is transmitted after the 800 server has no further use for the message. Note that the 801 operating system may still have the message queued internally. 803 The operating system queue time is not to be considered as part 804 of the response time. Invalid messages do not cause this value 805 to change. If no valid messages have been received, then this 806 object contains a zero value." 807 ::= { bootpOptionalStatistics 5 } 809 bootpStatMaxResponseTime OBJECT-TYPE 810 SYNTAX DhcpTimeInterval 811 MAX-ACCESS read-only 812 STATUS current 813 DESCRIPTION 814 "The largest time interval measured as the difference between 815 the arrival of a BOOTP message at the server and the successful 816 transmission of the response to that message. A message is 817 received at the server when the server is able to begin 818 processing the message. A message is transmitted after the 819 server has no further use for the message. Note that the 820 operating system may still have the message queued internally. 822 The operating system queue time is not to be considered as part 823 of the response time. Invalid messages do not cause this value 824 to change. If no valid messages have been received, then this 825 object contains a zero value." 826 ::= { bootpOptionalStatistics 6 } 828 bootpStatSumResponseTime OBJECT-TYPE 829 SYNTAX Counter32 830 MAX-ACCESS read-only 831 STATUS current 832 DESCRIPTION 833 "The sum of the response time intervals in milliseconds where a 834 response time interval is measured as the difference between 835 the arrival of a BOOTP message at the server and the successful 836 transmission of the response to that message. A message is 837 received at the server when the server is able to begin 838 processing the message. A message is transmitted after the 839 server has no further use for the message. Note that the 840 operating system may still have the message queued internally. 842 The operating system queue time is not to be considered as part 843 of the response time. Invalid messages do not cause this value 844 to change. If no valid messages have been received, then this 845 object contains a zero value." 846 ::= { bootpOptionalStatistics 7 } 848 bootpStatSumSquaresResponseTime OBJECT-TYPE 849 SYNTAX Counter64 850 MAX-ACCESS read-only 851 STATUS current 852 DESCRIPTION 853 "The sum of the squared BOOTP packet response times in micro- 854 seconds. This value may be used to compute the variance and 855 standard deviation of the BOOTP response times. Note that a 856 microsecond resolution of this object requires a clock 857 resolution to the millisecond since the square of a millisecond 858 value produces a value with microsecond resolution." 859 ::= { bootpOptionalStatistics 8 } 861 -- dhcpv4OptionalStatisticObjects group 863 dhcpv4StatMinArrivalInterval OBJECT-TYPE 864 SYNTAX DhcpTimeInterval 865 MAX-ACCESS read-only 866 STATUS current 867 DESCRIPTION 868 "The minimum amount of time between receiving two DHCPv4 869 messages. A message is received at the server when the server 870 is able to begin processing the message. This typically occurs 871 immediately after the message is read into server memory. If 872 no messages have been received, then this object contains a 873 zero value." 874 ::= { dhcpv4OptionalStatistics 1 } 876 dhcpv4StatMaxArrivalInterval OBJECT-TYPE 877 SYNTAX DhcpTimeInterval 878 MAX-ACCESS read-only 879 STATUS current 880 DESCRIPTION 881 "The maximum amount of time between receiving two DHCPv4 882 messages. A message is received at the server when the server 883 is able to begin processing the message. This typically occurs 884 immediately after the message is read into server memory. If 885 no messages have been received, then this object contains a 886 zero value." 887 ::= { dhcpv4OptionalStatistics 2 } 889 dhcpv4StatLastArrivalTime OBJECT-TYPE 890 SYNTAX DateAndTime 891 MAX-ACCESS read-only 892 STATUS current 893 DESCRIPTION 894 "The date and time that the last valid DHCPv4 message was 895 received by the server. Invalid messages do not cause this 896 value to change. If no valid messages have been received, then 897 this object contains a date and time that is all zero." 898 ::= { dhcpv4OptionalStatistics 3 } 900 dhcpv4StatSumSquaresArrivalTime OBJECT-TYPE 901 SYNTAX Counter64 902 MAX-ACCESS read-only 903 STATUS current 904 DESCRIPTION 905 "The sum of the squared DHCPv4 packet inter-arrival times in 906 microseconds. This value may be used to compute the variance 907 and standard deviation of the DHCPv4 arrival times. Note that 908 a microsecond resolution of this object requires a clock 909 resolution to the millisecond since the square of a millisecond 910 value produces a value with microsecond resolution." 911 ::= { dhcpv4OptionalStatistics 4 } 913 dhcpv4StatMinResponseTime OBJECT-TYPE 914 SYNTAX DhcpTimeInterval 915 MAX-ACCESS read-only 916 STATUS current 917 DESCRIPTION 918 "The smallest time interval measured as the difference between 919 the arrival of a DHCPv4 message at the server and the 920 successful transmission of the response to that message. A 921 message is received at the server when the server is able to 922 begin processing the message. A message is transmitted after 923 the server has no further use for the message. Note that the 924 operating system may still have the message queued internally. 925 The operating system queue time is not to be considered as part 926 of the response time. Invalid messages do not cause this value 927 to change. If no valid messages have been received, then this 928 object contains a zero value." 929 ::= { dhcpv4OptionalStatistics 5 } 931 dhcpv4StatMaxResponseTime OBJECT-TYPE 932 SYNTAX DhcpTimeInterval 933 MAX-ACCESS read-only 934 STATUS current 935 DESCRIPTION 936 "The largest time interval measured as the difference between 937 the arrival of a DHCPv4 message at the server and the 938 successful transmission of the response to that message. A 939 message is received at the server when the server is able to 940 begin processing the message. A message is transmitted after 941 the server has no further use for the message. Note that the 942 operating system may still have the message queued internally. 943 The operating system queue time is not to be considered as part 944 of the response time. Invalid messages do not cause this value 945 to change. If no valid messages have been received, then this 946 object contains a zero value." 947 ::= { dhcpv4OptionalStatistics 6 } 949 dhcpv4StatSumResponseTime OBJECT-TYPE 950 SYNTAX Counter32 951 MAX-ACCESS read-only 952 STATUS current 953 DESCRIPTION 954 "The sum of the response time intervals in milliseconds where a 955 response time interval is measured as the difference between 956 the arrival of a DHCPv4 message at the server and the 957 successful transmission of the response to that message. A 958 message is received at the server when the server is able to 959 begin processing the message. A message is transmitted after 960 the server has no further use for the message. Note that the 961 operating system may still have the message queued internally. 962 The operating system queue time is not to be considered as part 963 of the response time. Invalid messages do not cause this value 964 to change. If no valid messages have been received, then this 965 object contains a zero value." 966 ::= { dhcpv4OptionalStatistics 7 } 968 dhcpv4StatSumSquaresResponseTime OBJECT-TYPE 969 SYNTAX Counter64 970 MAX-ACCESS read-only 971 STATUS current 972 DESCRIPTION 973 "The sum of the squared DHCPv4 packet response times in micro- 974 seconds. This value may be used to compute the variance and 975 standard deviation of the DHCPv4 response times. Note that a 976 microsecond resolution of this object requires a clock 977 resolution to the millisecond since the square of a millisecond 978 value produces a value with microsecond resolution." 979 ::= { dhcpv4OptionalStatistics 8 } 981 -- DHCP Server Configuration 983 -- dhcpv4ServerSharedNetObjects Group 985 dhcpv4ServerSharedNetTable OBJECT-TYPE 986 SYNTAX SEQUENCE OF Dhcpv4ServerSharedNetEntry 987 MAX-ACCESS not-accessible 988 STATUS current 989 DESCRIPTION 990 "A list of shared networks that are configured in the server. 991 A shared network is the logical aggregation of one or more 992 subnets that share a common network segment (e.g., multi-tapped 993 coaxial cable, wiring hub, or switch). This table is present 994 ONLY for those servers that organize the ranges of addresses 995 available for assignment where a higher-level grouping (i.e., 996 the 'shared' network) exists above ranges and subnets." 997 ::= { dhcpv4ServerConfiguration 1 } 999 dhcpv4ServerSharedNetEntry OBJECT-TYPE 1000 SYNTAX Dhcpv4ServerSharedNetEntry 1001 MAX-ACCESS not-accessible 1002 STATUS current 1003 DESCRIPTION 1004 "A logical row in the dhcpv4ServerSharedNetTable." 1005 INDEX { 1006 dhcpv4ServerSharedNetName 1007 } 1008 ::= { dhcpv4ServerSharedNetTable 1} 1010 Dhcpv4ServerSharedNetEntry ::= SEQUENCE { 1011 dhcpv4ServerSharedNetName SnmpAdminString, 1012 dhcpv4ServerSharedNetFreeAddrLowThreshold Unsigned32, 1013 dhcpv4ServerSharedNetFreeAddrHighThreshold Unsigned32, 1014 dhcpv4ServerSharedNetFreeAddresses Unsigned32, 1015 dhcpv4ServerSharedNetReservedAddresses Unsigned32, 1016 dhcpv4ServerSharedNetTotalAddresses Unsigned32 1017 } 1019 dhcpv4ServerSharedNetName OBJECT-TYPE 1020 SYNTAX SnmpAdminString (SIZE(1..100)) 1021 MAX-ACCESS not-accessible 1022 STATUS current 1023 DESCRIPTION 1024 "The name of the shared network, which uniquely identifies an 1025 entry in the dhcpv4ServerSharedNetTable." 1026 ::= { dhcpv4ServerSharedNetEntry 1 } 1028 dhcpv4ServerSharedNetFreeAddrLowThreshold OBJECT-TYPE 1029 SYNTAX Unsigned32 1030 MAX-ACCESS accessible-for-notify 1031 STATUS current 1032 DESCRIPTION 1033 "The low threshold for available free addresses in this shared 1034 network. If the value for available free addresses in this 1035 shared network becomes equal to or less than this value, a 1036 dhcpv4ServerFreeAddressLow event is generated for this shared 1037 network. No more dhcpv4ServerFreeAddressLow events will be 1038 generated for this subnet during this execution of the DHCP 1039 server until the value for available free addresses has 1040 exceeded the value of 1041 dhcpv4ServerSharedNetFreeAddrHighThreshold." 1042 ::= { dhcpv4ServerSharedNetEntry 2 } 1044 dhcpv4ServerSharedNetFreeAddrHighThreshold OBJECT-TYPE 1045 SYNTAX Unsigned32 1046 MAX-ACCESS accessible-for-notify 1047 STATUS current 1048 DESCRIPTION 1049 "The high threshold for available free addresses in this shared 1050 network. If a dhcpv4ServerFreeAddressLow event was generated 1051 for this subnet, and the value for available free addresses has 1052 exceeded the value of dhcpv4ServerSubnetFreeAddrHighThreshold, 1053 then a dhcpv4ServerFreeAddressHigh event will be generated. No 1054 more dhcpv4ServerFreeAddressHigh events will be generated for 1055 this subnet during this execution of the DHCP server until the 1056 value for available free addresses becomes equal to or less 1057 than the value of dhcpv4ServerSubnetFreeAddrLowThreshold." 1058 ::= { dhcpv4ServerSharedNetEntry 3 } 1060 dhcpv4ServerSharedNetFreeAddresses OBJECT-TYPE 1061 SYNTAX Unsigned32 1062 MAX-ACCESS accessible-for-notify 1063 STATUS current 1064 DESCRIPTION 1065 "The number of IP addresses which are available within this 1066 shared network. If the server does not count free addresses by 1067 shared network segment, this value will be zero." 1068 ::= { dhcpv4ServerSharedNetEntry 4 } 1070 dhcpv4ServerSharedNetReservedAddresses OBJECT-TYPE 1071 SYNTAX Unsigned32 1072 MAX-ACCESS accessible-for-notify 1073 STATUS current 1074 DESCRIPTION 1075 "The number of IP addresses which are reserved (not available 1076 for assignment) within this shared network. If the server does 1077 not count reserved addresses by shared network segment, this 1078 value will be zero." 1079 ::= { dhcpv4ServerSharedNetEntry 5 } 1081 dhcpv4ServerSharedNetTotalAddresses OBJECT-TYPE 1082 SYNTAX Unsigned32 1083 MAX-ACCESS accessible-for-notify 1084 STATUS current 1085 DESCRIPTION 1086 "The number of IP addresses which are available within this 1087 shared network. If the server does not count total addresses 1088 by shared network segment, this value will be zero." 1089 ::= { dhcpv4ServerSharedNetEntry 6 } 1091 -- dhcpv4ServerSubnetObjects Group 1093 dhcpv4ServerSubnetTable OBJECT-TYPE 1094 SYNTAX SEQUENCE OF Dhcpv4ServerSubnetEntry 1095 MAX-ACCESS not-accessible 1096 STATUS current 1097 DESCRIPTION 1098 "A list of subnets that are configured in this server." 1099 ::= { dhcpv4ServerConfiguration 2 } 1101 dhcpv4ServerSubnetEntry OBJECT-TYPE 1102 SYNTAX Dhcpv4ServerSubnetEntry 1103 MAX-ACCESS not-accessible 1104 STATUS current 1105 DESCRIPTION 1106 "A logical row in the dhcpv4ServerSubnetTable." 1107 INDEX { 1108 dhcpv4ServerSubnetAddress 1109 } 1110 ::= { dhcpv4ServerSubnetTable 1 } 1112 Dhcpv4ServerSubnetEntry ::= SEQUENCE { 1113 dhcpv4ServerSubnetAddress InetAddressIPv4, 1114 dhcpv4ServerSubnetMask InetAddressPrefixLength, 1115 dhcpv4ServerSubnetSharedNetworkName SnmpAdminString, 1116 dhcpv4ServerSubnetFreeAddrLowThreshold Unsigned32, 1117 dhcpv4ServerSubnetFreeAddrHighThreshold Unsigned32, 1118 dhcpv4ServerSubnetFreeAddresses Unsigned32 1119 } 1121 dhcpv4ServerSubnetAddress OBJECT-TYPE 1122 SYNTAX InetAddressIPv4 1123 MAX-ACCESS not-accessible 1124 STATUS current 1125 DESCRIPTION 1126 "The IP address of the subnet entry in the 1127 dhcpv4ServerSubnetTable." 1128 ::= { dhcpv4ServerSubnetEntry 1 } 1130 dhcpv4ServerSubnetMask OBJECT-TYPE 1131 SYNTAX InetAddressPrefixLength 1132 MAX-ACCESS read-only 1133 STATUS current 1134 DESCRIPTION 1135 "The subnet mask of the subnet. This MUST be the same as the 1136 value of DHCP option 1 offered to clients on this subnet." 1137 ::= { dhcpv4ServerSubnetEntry 2 } 1139 dhcpv4ServerSubnetSharedNetworkName OBJECT-TYPE 1140 SYNTAX SnmpAdminString (SIZE(1..100)) 1141 MAX-ACCESS read-only 1142 STATUS current 1143 DESCRIPTION 1144 "The shared subnet name (used as an index into the server 1145 shared subnet table) to which this subnet belongs. This value 1146 will be null for servers that do not organize or describe 1147 networks in this manner." 1148 ::= { dhcpv4ServerSubnetEntry 3 } 1150 dhcpv4ServerSubnetFreeAddrLowThreshold OBJECT-TYPE 1151 SYNTAX Unsigned32 1152 MAX-ACCESS accessible-for-notify 1153 STATUS current 1154 DESCRIPTION 1155 "The low threshold for available free addresses in this subnet. 1156 If the value for available free addresses in this subnet 1157 becomes equal to or less than this value, a 1158 dhcpv4ServerSubnetFreeAddrLowThreshold event will be generated 1159 for this shared network. No more 1160 dhcpv4ServerSubnetFreeAddrLowThreshold events will be generated 1161 for this subnet during this execution of the DHCP server until 1162 the value for available free addresses has exceeded the value 1163 of dhcpv4ServerSubnetFreeAddrHighThreshold." 1164 ::= { dhcpv4ServerSubnetEntry 4 } 1166 dhcpv4ServerSubnetFreeAddrHighThreshold OBJECT-TYPE 1167 SYNTAX Unsigned32 1168 MAX-ACCESS accessible-for-notify 1169 STATUS current 1170 DESCRIPTION 1171 "The high threshold for available free addresses in this 1172 subnet. If a dhcpv4ServerSubnetFreeAddrLowThreshold event has 1173 been generated for this subnet, and the value for available 1174 free addresses has exceeded the value of 1175 dhcpv4ServerSubnetFreeAddrHighThreshold, then a 1176 dhcpv4ServerFreeAddressHigh event will be generated. No more 1177 dhcpv4ServerFreeAddressHigh events will be generated for this 1178 subnet during this execution of the DHCP server until the value 1179 for available free addresses becomes equal to or less than the 1180 value of dhcpv4ServerSubnetFreeAddrLowThreshold." 1181 ::= { dhcpv4ServerSubnetEntry 5 } 1183 dhcpv4ServerSubnetFreeAddresses OBJECT-TYPE 1184 SYNTAX Unsigned32 1185 MAX-ACCESS accessible-for-notify 1186 STATUS current 1187 DESCRIPTION 1188 "The number of free IP addresses which are available in this 1189 subnet." 1190 ::= { dhcpv4ServerSubnetEntry 6 } 1192 -- dhcpv4ServerRangeObjects Group 1194 dhcpv4ServerRangeTable OBJECT-TYPE 1195 SYNTAX SEQUENCE OF ServerRangeEntry 1196 MAX-ACCESS not-accessible 1197 STATUS current 1198 DESCRIPTION 1199 "A list of ranges that are configured on this server." 1200 ::= { dhcpv4ServerConfiguration 3 } 1202 dhcpv4ServerRangeEntry OBJECT-TYPE 1203 SYNTAX ServerRangeEntry 1204 MAX-ACCESS not-accessible 1205 STATUS current 1206 DESCRIPTION 1207 "A logical row in the dhcpv4ServerRangeTable." 1208 INDEX { 1209 dhcpv4ServerRangeStartAddress, 1210 dhcpv4ServerRangeEndAddress 1211 } 1212 ::= { dhcpv4ServerRangeTable 1 } 1214 ServerRangeEntry ::= SEQUENCE { 1215 dhcpv4ServerRangeStartAddress InetAddressIPv4, 1216 dhcpv4ServerRangeEndAddress InetAddressIPv4, 1217 dhcpv4ServerRangeSubnetMask InetAddressPrefixLength, 1218 dhcpv4ServerRangeInUse Gauge32, 1219 dhcpv4ServerRangeOutstandingOffers Gauge32 1220 } 1221 dhcpv4ServerRangeStartAddress OBJECT-TYPE 1222 SYNTAX InetAddressIPv4 1223 MAX-ACCESS not-accessible 1224 STATUS current 1225 DESCRIPTION 1226 "The IP address of the first address in the range. The value 1227 of dhcpv4ServerRangeStartAddress must be less than or equal to 1228 the value of dhcpv4ServerRangeEndAddress." 1229 ::= { dhcpv4ServerRangeEntry 1 } 1231 dhcpv4ServerRangeEndAddress OBJECT-TYPE 1232 SYNTAX InetAddressIPv4 1233 MAX-ACCESS not-accessible 1234 STATUS current 1235 DESCRIPTION 1236 "The IP address of the last address in the range. The value of 1237 dhcpv4ServerRangeEndAddress must be greater than or equal to 1238 the value of dhcpv4ServerRangeStartAddress." 1239 ::= { dhcpv4ServerRangeEntry 2 } 1241 dhcpv4ServerRangeSubnetMask OBJECT-TYPE 1242 SYNTAX InetAddressPrefixLength 1243 MAX-ACCESS read-only 1244 STATUS current 1245 DESCRIPTION 1246 "The subnet address mask for this range." 1247 ::= { dhcpv4ServerRangeEntry 3 } 1249 dhcpv4ServerRangeInUse OBJECT-TYPE 1250 SYNTAX Gauge32 1251 MAX-ACCESS read-only 1252 STATUS current 1253 DESCRIPTION 1254 "The number of addresses in this range that are currently in 1255 use. This number includes those addresses whose lease has not 1256 expired and addresses which have been reserved (either by the 1257 server or through configuration)." 1258 ::= { dhcpv4ServerRangeEntry 4 } 1260 dhcpv4ServerRangeOutstandingOffers OBJECT-TYPE 1261 SYNTAX Gauge32 1262 MAX-ACCESS read-only 1263 STATUS current 1264 DESCRIPTION 1265 "The number of outstanding DHCPOFFER messages for this range is 1266 reported with this value. An offer is outstanding if the 1267 server has sent a DHCPOFFER message to a client, but has not 1268 yet received a DHCPREQUEST message from the client nor has the 1269 server-specific timeout (limiting the time in which a client 1270 can respond to the offer message) for the offer message 1271 expired." 1272 ::= { dhcpv4ServerRangeEntry 5 } 1274 -- dhcpv4ServerAddressObjects Group 1276 dhcpv4ServerAddressTable OBJECT-TYPE 1277 SYNTAX SEQUENCE OF Dhcpv4ServerAddressEntry 1278 MAX-ACCESS not-accessible 1279 STATUS current 1280 DESCRIPTION 1281 "An optional list of addresses that are known by this server. 1282 The list MUST contain addresses that have not expired. The 1283 list MUST NOT contain addresses that have never been assigned 1284 by the server UNLESS the lease is pre-configured in the server 1285 (e.g., a static lease for a host). Expired leases MAY appear 1286 during the time they are 'remembered' by the server for 1287 subsequent assignment to the same host." 1288 ::= { dhcpv4ServerConfiguration 4 } 1290 dhcpv4ServerAddressEntry OBJECT-TYPE 1291 SYNTAX Dhcpv4ServerAddressEntry 1292 MAX-ACCESS not-accessible 1293 STATUS current 1294 DESCRIPTION 1295 "A logical row in the dhcpv4ServerAddressTable." 1296 INDEX { 1297 dhcpv4ServerAddress 1298 } 1299 ::= { dhcpv4ServerAddressTable 1 } 1301 Dhcpv4ServerAddressEntry ::= SEQUENCE { 1302 dhcpv4ServerAddress InetAddressIPv4, 1303 dhcpv4ServerAddressSubnetMask InetAddressPrefixLength, 1304 dhcpv4ServerAddressRange InetAddressIPv4, 1305 dhcpv4ServerAddressLeaseType INTEGER, 1306 dhcpv4ServerAddressTimeRemaining Unsigned32, 1307 dhcpv4ServerAddressAllowedProtocol INTEGER, 1308 dhcpv4ServerAddressServedProtocol INTEGER, 1309 dhcpv4ServerAddressPhysicalAddress DhcpPhysicalAddress, 1310 dhcpv4ServerAddressClientId OCTET STRING, 1311 dhcpv4ServerAddressHostName SnmpAdminString, 1312 dhcpv4ServerAddressDomainName SnmpAdminString 1313 } 1315 dhcpv4ServerAddress OBJECT-TYPE 1316 SYNTAX InetAddressIPv4 1317 MAX-ACCESS not-accessible 1318 STATUS current 1319 DESCRIPTION 1320 "The IP address of this entry in the dhcpv4ServerAddressTable." 1321 ::= { dhcpv4ServerAddressEntry 1 } 1323 dhcpv4ServerAddressSubnetMask OBJECT-TYPE 1324 SYNTAX InetAddressPrefixLength 1325 MAX-ACCESS read-only 1326 STATUS current 1327 DESCRIPTION 1328 "The subnet mask (DHCP option 1) provided to the client offered 1329 this address. The subnet, resulting from logically ANDing the 1330 subnet mask with the entry's IP address, must be configured on 1331 this server and appear as a row in the dhcpSubnetTable." 1332 ::= { dhcpv4ServerAddressEntry 2 } 1334 dhcpv4ServerAddressRange OBJECT-TYPE 1335 SYNTAX InetAddressIPv4 1336 MAX-ACCESS read-only 1337 STATUS current 1338 DESCRIPTION 1339 "The starting IP address (dhcpv4ServerRangeStartAddress object) 1340 of the range to which this address belongs. If the address 1341 does not fall into one of the configured ranges (e.g., a 1342 statically configured address on a subnet) the range may be 1343 0.0.0.0." 1344 ::= { dhcpv4ServerAddressEntry 3 } 1346 dhcpv4ServerAddressLeaseType OBJECT-TYPE 1347 SYNTAX INTEGER { 1348 static(1), 1349 dynamic(2), 1350 expired(3), 1351 configurationReserved(4), 1352 serverReserved(5) 1353 } 1354 MAX-ACCESS read-only 1355 STATUS current 1356 DESCRIPTION 1357 "The type of this address. Types are: 1358 (1) Static addresses defined by the server configuration. 1359 (2) Dynamic addresses defined by the server configuration 1360 AND actually assigned by the server. 1361 (3) Expired dynamic addresses, previously assigned by the 1362 server, and 'remembered' for subsequent assignment to 1363 the same host. 1364 (4) Addresses reserved (i.e., not assignable) by the server 1365 configuration. 1366 (5) Addresses previously assigned by the server, but 1367 temporarily or permanently removed from assignable state 1368 for some reason, e.g., the server received an ICMP 1369 ECHOREPLY for the IP address or a DHCPDECLINE message 1370 has been received for the IP address." 1371 ::= { dhcpv4ServerAddressEntry 4 } 1373 dhcpv4ServerAddressTimeRemaining OBJECT-TYPE 1374 SYNTAX Unsigned32 1375 MAX-ACCESS read-only 1376 STATUS current 1377 DESCRIPTION 1378 "The number of seconds until the lease expires. A value of 1379 4294967295 (i.e., 0xFFFFFFFF) should be used for leases that 1380 have a lease time which is 'infinite' and for BOOTP leases." 1381 ::= { dhcpv4ServerAddressEntry 5 } 1383 dhcpv4ServerAddressAllowedProtocol OBJECT-TYPE 1384 SYNTAX INTEGER { 1385 none(1), 1386 bootp(2), 1387 dhcp(3), 1388 bootpOrDhcp(4) 1389 } 1390 MAX-ACCESS read-only 1391 STATUS current 1392 DESCRIPTION 1393 "The type of protocol that is allowed to be used to serve this 1394 address. A type of none (1) indicates that the address is not 1395 available to be served (e.g., a reserved address). Type (2) 1396 are reserved for BOOTP only devices, while type (3) are 1397 reserved for DHCP only devices. A type of bootp-or-dhcp (4) 1398 may be offered to any type of client." 1399 ::= { dhcpv4ServerAddressEntry 6 } 1401 dhcpv4ServerAddressServedProtocol OBJECT-TYPE 1402 SYNTAX INTEGER { 1403 none(1), 1404 bootp(2), 1405 dhcp(3) 1406 } 1407 MAX-ACCESS read-only 1408 STATUS current 1409 DESCRIPTION 1410 "The type of protocol that was used when this address was 1411 assigned. This object will have the value of none (1) if the 1412 address has not been served." 1413 ::= { dhcpv4ServerAddressEntry 7 } 1415 dhcpv4ServerAddressPhysicalAddress OBJECT-TYPE 1416 SYNTAX DhcpPhysicalAddress 1417 MAX-ACCESS read-only 1418 STATUS current 1419 DESCRIPTION 1420 "The hardware type and hardware address of the client that has 1421 been assigned this lease. The first octet of this object 1422 contains the hardware type from the 'htype' field of the BOOTP 1423 packet and the remaining octets contain the hardware address 1424 from the 'chaddr' field of the BOOTP packet. This object may 1425 be empty if the address has not been previously served." 1426 ::= { dhcpv4ServerAddressEntry 8 } 1428 dhcpv4ServerAddressClientId OBJECT-TYPE 1429 SYNTAX OCTET STRING (SIZE(0..255)) 1430 MAX-ACCESS read-only 1431 STATUS current 1432 DESCRIPTION 1433 "The client-id of the client that has been assigned this lease. 1434 The client-id is the value specified in option 61 (client-id 1435 option) when the lease was assigned. This object may be empty 1436 if the lease has not been previously assigned or if the client- 1437 id option was not specified when the address was assigned." 1438 ::= { dhcpv4ServerAddressEntry 9 } 1440 dhcpv4ServerAddressHostName OBJECT-TYPE 1441 SYNTAX SnmpAdminString (SIZE(1..255)) 1442 MAX-ACCESS read-only 1443 STATUS current 1444 DESCRIPTION 1445 "The host name (DHCP option 12) the client is configured to 1446 use, or if no host name was configured then the host name that 1447 the client supplied when requesting an address. While this 1448 object has a maximum size of 255 octets, a Fully-Qualified 1449 Domain Name (FQDN) consisting of a Host Name part and a Domain 1450 Name part is currently limited to 255 octets. Therefore, the 1451 sum of the string lengths for this object and the 1452 dhcpv4ServerAddressDomainName must be, in practice, less than 1453 256 octets." 1454 ::= { dhcpv4ServerAddressEntry 10 } 1456 dhcpv4ServerAddressDomainName OBJECT-TYPE 1457 SYNTAX SnmpAdminString (SIZE(1..255)) 1458 MAX-ACCESS read-only 1459 STATUS current 1460 DESCRIPTION 1461 "The domain name (DHCP option 15) assigned to the client. 1462 While this object has a maximum size of 255 octets, a Fully- 1463 Qualified Domain Name (FQDN) consisting of a Host Name part and 1464 a Domain Name part is currently limited to 255 octets, less the 1465 separator ('.') character. Therefore, the sum of the string 1466 lengths for this object and the dhcpv4ServerAddressHostName 1467 must be, in practice, less than 256 octets." 1468 ::= { dhcpv4ServerAddressEntry 11 } 1470 -- dhcpv4ServerClientObjects Group 1472 dhcpv4ServerClientTable OBJECT-TYPE 1473 SYNTAX SEQUENCE OF Dhcpv4ServerClientEntry 1474 MAX-ACCESS not-accessible 1475 STATUS current 1476 DESCRIPTION 1477 "A list of clients that are known by this server. Details 1478 about the clients may be found by indexing into the 1479 dhcpv4ServerAddressTable using the 1480 dhcpv4ServerClientHardwareAddress, and 1481 dhcpv4ServerClientAddress objects. This table is indexed first 1482 by the MAC address of the client and then by the subnet address 1483 on which the client resides. The subnet is included as an 1484 index since a MAC address is only guaranteed to be unique 1485 within a subnet (i.e., a MAC address is not globally unique)." 1486 ::= { dhcpv4ServerConfiguration 5 } 1488 dhcpv4ServerClientEntry OBJECT-TYPE 1489 SYNTAX Dhcpv4ServerClientEntry 1490 MAX-ACCESS not-accessible 1491 STATUS current 1492 DESCRIPTION 1493 "A logical row in the dhcpv4ServerClientTable. An entry in 1494 this table may be a client that requested an address, but was 1495 refused (e.g., not authorized.) Servers MAY track these types 1496 of clients if desired and may choose to remove such client 1497 entries using a server-defined algorithm. As an example, a 1498 server may choose to keep client request that does not map to 1499 an address for a one hour time period before removing that 1500 entry from this table." 1501 INDEX { 1502 dhcpv4ServerClientHardwareAddress, 1503 dhcpv4ServerClientAddress 1504 } 1505 ::= { dhcpv4ServerClientTable 1 } 1507 Dhcpv4ServerClientEntry ::= SEQUENCE { 1508 dhcpv4ServerClientHardwareAddress DhcpPhysicalAddress, 1509 dhcpv4ServerClientAddress InetAddressIPv4, 1510 dhcpv4ServerClientSubnetMask InetAddressPrefixLength, 1511 dhcpv4ServerClientLastRequestTime DhcpTimeInterval, 1512 dhcpv4ServerClientLastRequestType INTEGER, 1513 dhcpv4ServerClientLastResponseType INTEGER 1514 } 1516 dhcpv4ServerClientHardwareAddress OBJECT-TYPE 1517 SYNTAX DhcpPhysicalAddress 1518 MAX-ACCESS not-accessible 1519 STATUS current 1520 DESCRIPTION 1521 "The hardware type and hardware address of the client that has 1522 been assigned this lease." 1523 ::= { dhcpv4ServerClientEntry 1 } 1525 dhcpv4ServerClientAddress OBJECT-TYPE 1526 SYNTAX InetAddressIPv4 1527 MAX-ACCESS not-accessible 1528 STATUS current 1529 DESCRIPTION 1530 "The IP address of the entry, used to index into the 1531 dhcpv4ServerAddressTable. May be 0.0.0.0 if an address is not 1532 associated with this client." 1533 ::= { dhcpv4ServerClientEntry 2 } 1535 dhcpv4ServerClientSubnetMask OBJECT-TYPE 1536 SYNTAX InetAddressPrefixLength 1537 MAX-ACCESS read-only 1538 STATUS current 1539 DESCRIPTION 1540 "The subnet mask (DHCP option 1) applied to 1541 dhcpv4ServerClientAddress." 1542 ::= { dhcpv4ServerClientEntry 3 } 1544 dhcpv4ServerClientLastRequestTime OBJECT-TYPE 1545 SYNTAX DhcpTimeInterval 1546 MAX-ACCESS read-only 1547 STATUS current 1548 DESCRIPTION 1549 "The timestamp of the last request received, to millisecond 1550 precision if available on the server." 1551 ::= { dhcpv4ServerClientEntry 4 } 1553 dhcpv4ServerClientLastRequestType OBJECT-TYPE 1554 SYNTAX INTEGER { 1555 bootprequest(0), 1556 dhcpdiscover(1), 1557 dhcprequest(3), 1558 dhcpdecline(4), 1559 dhcprelease(7), 1560 dhcpinform(8) 1561 } 1562 MAX-ACCESS read-only 1563 STATUS current 1564 DESCRIPTION 1565 "The type of the last request message received for this client. 1566 If the server does not capture this information, the value 1567 32,767 is returned." 1569 REFERENCE 1570 "RFC2131; RFC2132, section 9.6; draft-ietf-dhc-leasequery- 1571 04.txt." 1572 ::= { dhcpv4ServerClientEntry 5 } 1574 dhcpv4ServerClientLastResponseType OBJECT-TYPE 1575 SYNTAX INTEGER { 1576 bootpreply(1), 1577 dhcpoffer(2), 1578 dhcpack(5), 1579 dhcpnak(6), 1580 dhcpforcerenew(9) 1581 } 1582 MAX-ACCESS read-only 1583 STATUS current 1584 DESCRIPTION 1585 "The type of the last response message sent to this client. If 1586 the server does not capture this information, the value 32,767 1587 is returned." 1588 REFERENCE 1589 "RFC2131; RFC2132, section 9.6; draft-ietf-dhc-leasequery- 1590 04.txt" 1591 ::= { dhcpv4ServerClientEntry 6 } 1593 -- dhcpv4ServerNotifyObjects Group 1595 dhcpv4ServerNotifyDuplicateIpAddr OBJECT-TYPE 1596 SYNTAX InetAddressIPv4 1597 MAX-ACCESS accessible-for-notify 1598 STATUS current 1599 DESCRIPTION 1600 "The IP address found to be a duplicate. Duplicates are 1601 detected by servers, which issue an ICMP ECHOREQUEST prior to 1602 offering an IP address lease, or by a client issuing a 1603 gratuitous ARP message and reported through a DHCPDECLINE 1604 message." 1605 ::= { dhcpv4ServerNotifyObjects 1 } 1607 dhcpv4ServerNotifyDuplicateMac OBJECT-TYPE 1608 SYNTAX DhcpPhysicalAddress 1609 MAX-ACCESS accessible-for-notify 1610 STATUS current 1611 DESCRIPTION 1612 "The offending MAC address which caused a duplicate IP address 1613 to be detected, if captured by the server, else 00-00-00-00-00- 1614 00." 1615 ::= { dhcpv4ServerNotifyObjects 2 } 1617 dhcpv4ServerNotifyClientOrServerDetected OBJECT-TYPE 1618 SYNTAX INTEGER { 1619 client(1), 1620 server(2) 1621 } 1622 MAX-ACCESS accessible-for-notify 1623 STATUS current 1624 DESCRIPTION 1625 "Duplicate IP addresses may be detected either by a server, 1626 using an ICMP ECHO message, or by a client using ARP. This 1627 object is set by the server to (1) if the client used 1628 DHCPDECLINE to mark the offered address as in-use, or to (2) if 1629 the server discovered the address in use by some client before 1630 offering it." 1631 ::= { dhcpv4ServerNotifyObjects 3 } 1633 dhcpv4ServerNotifyServerStart OBJECT-TYPE 1634 SYNTAX DateAndTime 1635 MAX-ACCESS accessible-for-notify 1636 STATUS current 1637 DESCRIPTION 1638 "The date and time when the server began operation." 1639 ::= { dhcpv4ServerNotifyObjects 4 } 1641 dhcpv4ServerNotifyServerStop OBJECT-TYPE 1642 SYNTAX DateAndTime 1643 MAX-ACCESS accessible-for-notify 1644 STATUS current 1645 DESCRIPTION 1646 "The date and time when the server ceased operation." 1647 ::= { dhcpv4ServerNotifyObjects 5 } 1649 -- Notifications 1651 dhcpv4ServerNotificationPrefix OBJECT IDENTIFIER 1652 ::= { dhcpv4Server 2 } 1654 dhcpv4ServerNotifications OBJECT IDENTIFIER 1655 ::= { dhcpv4ServerNotificationPrefix 0 } 1657 dhcpv4ServerFreeAddressLow NOTIFICATION-TYPE 1658 OBJECTS { 1659 dhcpv4ServerSharedNetFreeAddrLowThreshold, 1660 dhcpv4ServerSharedNetFreeAddresses 1661 } 1662 STATUS current 1663 DESCRIPTION 1664 "This notification signifies that the number of available IP 1665 addresses for a particular shared network has fallen below the 1666 value of dhcpv4ServerSharedNetFreeAddrLowThreshold for that 1667 shared network." 1668 ::= { dhcpv4ServerNotifications 1 } 1670 dhcpv4ServerFreeAddressHigh NOTIFICATION-TYPE 1671 OBJECTS { 1672 dhcpv4ServerSharedNetFreeAddrHighThreshold, 1673 dhcpv4ServerSharedNetFreeAddresses 1674 } 1675 STATUS current 1676 DESCRIPTION 1677 "This notification signifies that the number of available IP 1678 addresses for a particular shared network has risen above the 1679 value of dhcpv4ServerSharedNetFreeAddrHighThreshold for that 1680 shared network." 1681 ::= { dhcpv4ServerNotifications 2 } 1683 dhcpv4ServerStartTime NOTIFICATION-TYPE 1684 OBJECTS { dhcpv4ServerNotifyServerStart } 1685 STATUS current 1686 DESCRIPTION 1687 "This notification signifies that the server of the specified 1688 type has started on the host from which this notification has 1689 been sent." 1690 ::= { dhcpv4ServerNotifications 3 } 1692 dhcpv4ServerStopTime NOTIFICATION-TYPE 1693 OBJECTS { dhcpv4ServerNotifyServerStop } 1694 STATUS current 1695 DESCRIPTION 1696 "This notification signifies that the server of the specified 1697 type has stopped normally on the host from which this 1698 notification has been sent." 1699 ::= { dhcpv4ServerNotifications 4 } 1701 dhcpv4ServerDuplicateAddress NOTIFICATION-TYPE 1702 OBJECTS { 1703 dhcpv4ServerNotifyDuplicateIpAddr, 1704 dhcpv4ServerNotifyDuplicateMac, 1705 dhcpv4ServerNotifyClientOrServerDetected 1706 } 1707 STATUS current 1708 DESCRIPTION 1709 "This notification signifies that a duplicate IP address has 1710 been detected. The DHCP server can detect this condition 1711 through the ping-before-offer mechanism. Alternatively, the 1712 client may have sent a DHCPDECLINE back to the server; this is 1713 assumed to be the result of the client detecting that the 1714 address was in use. In either case, the DHCP server marks the 1715 IP address as unavailable for leasing to clients. The 1716 dhcpv4ServerNotifyClientOrServerDetected object indicates 1717 whether the client or server detected this condition." 1718 ::= { dhcpv4ServerNotifications 5 } 1720 -- Conformance 1722 dhcpv4ServerConformance OBJECT-IDENTITY 1723 STATUS current 1724 DESCRIPTION 1725 "DHCP server conformance objects are all defined in this 1726 branch." 1727 ::= { dhcpv4Server 3 } 1729 dhcpv4ServerCompliances OBJECT IDENTIFIER 1730 ::= { dhcpv4ServerConformance 1 } 1732 dhcpv4ServerGroups OBJECT IDENTIFIER 1733 ::= { dhcpv4ServerConformance 2 } 1735 -- Compliance groups 1737 dhcpv4ServerCompliance MODULE-COMPLIANCE 1738 STATUS current 1739 DESCRIPTION 1740 "This group describes the requirements for conformance to the 1741 DHCP Server MIB. A DHCPv4 server implementation is only 1742 required to support IPv4 addresses. In particular, this 1743 comment applies to the following objects with MAX-ACCESS not- 1744 accessible: 1745 dhcpv4ServerSubnet 1746 dhcpv4ServerRangeStart 1747 dhcpv4ServerRangeEnd 1748 dhcpv4ServerAddress 1749 dhcpv4ServerClientAddress." 1750 MODULE -- this module 1751 MANDATORY-GROUPS { 1752 dhcpv4ServerSystemObjects, 1753 bootpCounterObjects, 1754 dhcpv4RecvdPacketCounterObjects, 1755 dhcpv4SentPacketCounterObjects, 1756 dhcpv4ErrorPacketCounterObjects, 1757 dhcpv4ServerSharedNetObjects, 1758 dhcpv4ServerSubnetObjects, 1759 dhcpv4ServerRangeObjects, 1760 dhcpv4ServerAddressObjects, 1761 dhcpv4ServerClientObjects, 1762 dhcpv4ServerNotifyObjectsGroup, 1763 dhcpv4ServerNotificationsGroup 1764 } 1765 GROUP bootpOptionalStatisticObjects 1766 DESCRIPTION 1767 "Mandatory only for servers that capture the optional BOOTP 1768 statistics." 1770 GROUP dhcpv4OptionalStatisticObjects 1771 DESCRIPTION 1772 "Mandatory only for servers that capture the optional DHCPv4 1773 statistics." 1775 ::= { dhcpv4ServerCompliances 1 } 1777 -- Object groups 1779 dhcpv4ServerSystemObjects OBJECT-GROUP 1780 OBJECTS { 1781 dhcpv4ServerSystemDescr, 1782 dhcpv4ServerSystemObjectID 1783 } 1784 STATUS current 1785 DESCRIPTION 1786 "Objects belonging to the dhcpv4ServerSystemObjects group." 1787 ::= { dhcpv4ServerGroups 1 } 1789 bootpCounterObjects OBJECT-GROUP 1790 OBJECTS { 1791 bootpCountRequests, 1792 bootpCountInvalids, 1793 bootpCountReplies, 1794 bootpCountDroppedUnknownClients, 1795 bootpCountDroppedNotServingSubnet 1796 } 1797 STATUS current 1798 DESCRIPTION 1799 "Objects belonging to the bootpBounterObjects group." 1800 ::= { dhcpv4ServerGroups 2 } 1802 dhcpv4RecvdPacketCounterObjects OBJECT-GROUP 1803 OBJECTS { 1804 dhcpv4CountDiscovers, 1805 dhcpv4CountRequests, 1806 dhcpv4CountReleases, 1807 dhcpv4CountDeclines, 1808 dhcpv4CountInforms 1809 } 1810 STATUS current 1811 DESCRIPTION 1812 "Objects belonging to the dhcpv4RecvdPacketCounterObjects 1813 group." 1814 ::= { dhcpv4ServerGroups 3 } 1816 dhcpv4SentPacketCounterObjects OBJECT-GROUP 1817 OBJECTS { 1818 dhcpv4CountOffers, 1819 dhcpv4CountAcks, 1820 dhcpv4CountNaks, 1821 dhcpv4CountForcedRenews 1822 } 1823 STATUS current 1824 DESCRIPTION 1825 "Objects belonging to the dhcpv4SentPacketCounterObjects 1826 group." 1827 ::= { dhcpv4ServerGroups 4 } 1829 dhcpv4ErrorPacketCounterObjects OBJECT-GROUP 1830 OBJECTS { 1831 dhcpv4CountInvalids, 1832 dhcpv4CountDroppedUnknownClient, 1833 dhcpv4CountDroppedNotServingSubnet 1834 } 1835 STATUS current 1836 DESCRIPTION 1837 "Objects belonging to the dhcpv4ErrorPacketCounterObjects 1838 group." 1839 ::= { dhcpv4ServerGroups 5 } 1841 bootpOptionalStatisticObjects OBJECT-GROUP 1842 OBJECTS { 1843 bootpStatMinArrivalInterval, 1844 bootpStatMaxArrivalInterval, 1845 bootpStatLastArrivalTime, 1846 bootpStatSumSquaresArrivalTime, 1847 bootpStatMinResponseTime, 1848 bootpStatMaxResponseTime, 1849 bootpStatSumResponseTime, 1850 bootpStatSumSquaresResponseTime 1851 } 1852 STATUS current 1853 DESCRIPTION 1854 "Objects belonging to the bootpOptionalStatisticObjects group." 1855 ::= { dhcpv4ServerGroups 6 } 1857 dhcpv4OptionalStatisticObjects OBJECT-GROUP 1858 OBJECTS { 1859 dhcpv4StatMinArrivalInterval, 1860 dhcpv4StatMaxArrivalInterval, 1861 dhcpv4StatLastArrivalTime, 1862 dhcpv4StatSumSquaresArrivalTime, 1863 dhcpv4StatMinResponseTime, 1864 dhcpv4StatMaxResponseTime, 1865 dhcpv4StatSumResponseTime, 1866 dhcpv4StatSumSquaresResponseTime 1867 } 1868 STATUS current 1869 DESCRIPTION 1870 "Objects belonging to the dhcpv4OptionalStatisticObjects 1871 group." 1872 ::= { dhcpv4ServerGroups 7 } 1874 dhcpv4ServerSharedNetObjects OBJECT-GROUP 1875 OBJECTS { 1876 dhcpv4ServerSharedNetFreeAddrLowThreshold, 1877 dhcpv4ServerSharedNetFreeAddrHighThreshold, 1878 dhcpv4ServerSharedNetFreeAddresses, 1879 dhcpv4ServerSharedNetReservedAddresses, 1880 dhcpv4ServerSharedNetTotalAddresses 1881 } 1882 STATUS current 1883 DESCRIPTION 1884 "Objects belonging to the dhcpv4ServerSharedNetObjects group." 1885 ::= { dhcpv4ServerGroups 8 } 1887 dhcpv4ServerSubnetObjects OBJECT-GROUP 1888 OBJECTS { 1889 dhcpv4ServerSubnetMask, 1890 dhcpv4ServerSubnetSharedNetworkName, 1891 dhcpv4ServerSubnetFreeAddrLowThreshold, 1892 dhcpv4ServerSubnetFreeAddrHighThreshold, 1893 dhcpv4ServerSubnetFreeAddresses 1894 } 1895 STATUS current 1896 DESCRIPTION 1897 "Objects belonging to the dhcpv4ServerSubnetObjects group." 1898 ::= { dhcpv4ServerGroups 9 } 1900 dhcpv4ServerRangeObjects OBJECT-GROUP 1901 OBJECTS { 1902 dhcpv4ServerRangeSubnetMask, 1903 dhcpv4ServerRangeInUse, 1904 dhcpv4ServerRangeOutstandingOffers 1905 } 1906 STATUS current 1907 DESCRIPTION 1908 "Objects belonging to the dhcpv4ServerRangeObjects group." 1909 ::= { dhcpv4ServerGroups 10 } 1911 dhcpv4ServerAddressObjects OBJECT-GROUP 1912 OBJECTS { 1913 dhcpv4ServerAddressSubnetMask, 1914 dhcpv4ServerAddressRange, 1915 dhcpv4ServerAddressLeaseType, 1916 dhcpv4ServerAddressTimeRemaining, 1917 dhcpv4ServerAddressAllowedProtocol, 1918 dhcpv4ServerAddressServedProtocol, 1919 dhcpv4ServerAddressPhysicalAddress, 1920 dhcpv4ServerAddressClientId, 1921 dhcpv4ServerAddressHostName, 1922 dhcpv4ServerAddressDomainName 1923 } 1924 STATUS current 1925 DESCRIPTION 1926 "Objects belonging to the dhcpv4ServerAddressObjects group." 1927 ::= { dhcpv4ServerGroups 11 } 1929 dhcpv4ServerClientObjects OBJECT-GROUP 1930 OBJECTS { 1931 dhcpv4ServerClientSubnetMask, 1932 dhcpv4ServerClientLastRequestTime, 1933 dhcpv4ServerClientLastRequestType, 1934 dhcpv4ServerClientLastResponseType 1935 } 1936 STATUS current 1937 DESCRIPTION 1938 "Objects belonging to the dhcpv4ServerClientObjects group." 1939 ::= { dhcpv4ServerGroups 12 } 1941 dhcpv4ServerNotifyObjectsGroup OBJECT-GROUP 1942 OBJECTS { 1943 dhcpv4ServerNotifyDuplicateIpAddr, 1944 dhcpv4ServerNotifyDuplicateMac, 1945 dhcpv4ServerNotifyClientOrServerDetected, 1946 dhcpv4ServerNotifyServerStart, 1947 dhcpv4ServerNotifyServerStop 1948 } 1949 STATUS current 1950 DESCRIPTION 1951 "Objects belonging to the dhcpv4ServerNotifyObjects group." 1952 ::= { dhcpv4ServerGroups 13 } 1954 dhcpv4ServerNotificationsGroup NOTIFICATION-GROUP 1955 NOTIFICATIONS { 1956 dhcpv4ServerFreeAddressLow, 1957 dhcpv4ServerFreeAddressHigh, 1958 dhcpv4ServerStartTime, 1959 dhcpv4ServerStopTime, 1960 dhcpv4ServerDuplicateAddress 1961 } 1962 STATUS current 1963 DESCRIPTION 1964 "Notifications belonging to the dhcpv4ServerNotifications 1965 group." 1966 ::= { dhcpv4ServerGroups 14 } 1968 END 1970 5. Intellectual Property 1972 The IETF takes no position regarding the validity or scope of any 1973 intellectual property or other rights that might be claimed to 1974 pertain to the implementation or use of the technology described in 1975 this document or the extent to which any license under such rights 1976 might or might not be available; neither does it represent that it 1977 has made any effort to identify any such rights. Information on the 1978 IETF's procedures with respect to rights in standards-track and 1979 standards-related documentation can be found in BCP-11. 1981 Copies of claims of rights made available for publication and any 1982 assurances of licenses to be made available, or the result of an 1983 attempt made to obtain a general license or permission for the use of 1984 such proprietary rights by implementers or users of this 1985 specification can be obtained from the IETF Secretariat. 1987 The IETF invites any interested party to bring to its attention any 1988 copyrights, patents or patent applications, or other proprietary 1989 rights that may cover technology that may be required to practice 1990 this standard. Please address the information to the IETF Executive 1991 Director. 1993 6. Acknowledgements 1995 This document is the result of work undertaken the by DHCP working 1996 group. The editors would like to particularly acknowledge the 1997 development team from Carnegie-Mellon University whose work creating 1998 a private MIB for their DHCP server inspired the development of this 1999 proposal. In particular, many thanks to Ryan Troll who provided a 2000 great deal of useful feedback during the initial development of this 2001 MIB. 2003 Thanks to Nathan Lane, Kim Kinnear, Yannick Koehler, Rick Geesen, Jin 2004 Tao, James Brister, Alan Hackert, Patrick Cosmo, Taeko Saito, and 2005 Devrapratap Baul for their review, comments, and contributions. 2006 Special thanks to Rich Woundy for his excellent suggestions that 2007 contributed to the --08 draft: any lingering errors are to be blamed 2008 solely on the editors. 2010 7. IANA Considerations 2012 IANA must fill in the value of the RFC number when it is assigned to 2013 this memo. It is represented as "xxxx" in the DESCRIPTION section of 2014 MODULE-IDENTITY. 2016 One specific value for a MIB object requires completion before this 2017 memo can advance to RFC status. It is: 2019 o OID value for "dhcp" � see MODULE-IDENTITY 2021 8. Security Considerations 2023 There are no management objects defined in this MIB that have a MAX- 2024 ACCESS clause of read-write or read-create. Such objects may be 2025 considered sensitive or vulnerable in some environments. The support 2026 for SET operations in a non-secure environment without proper 2027 protection can have a negative effect on network operations. 2028 Therefore, if this MIB is implemented correctly, there is no risk 2029 that an intruder can alter or create any management objects of this 2030 MIB via direct SNMP SET operations. 2032 Some of the readable objects in this MIB module (i.e., objects with a 2033 MAX-ACCESS other than not-accessible) may be considered sensitive or 2034 vulnerable in some network environments. It is thus important to 2035 control even GET and/or NOTIFY access to these objects and possibly 2036 to even encrypt the values of these objects when sending them over 2037 the network via SNMP. These are the tables and objects and their 2038 sensitivity/vulnerability: 2040 o dhcpv4ServerRangeTable 2042 o dhcpv4ServerAddressTable 2044 These two objects, in conjunction, provide an observer with a current 2045 view of the available and assigned addresses allocated by this 2046 server. Such knowledge can be used to manually configure a host 2047 computer with a valid IP address for the network managed by the DHCP 2048 server. This could be part of either a Theft of Service scheme or a 2049 Denial of Service attack wherein rogue (pseudo-)hosts simply claim 2050 and defend IP addresses either to subvert accounting for their use or 2051 to disrupt the network for legitimate hosts. 2053 It is thus important to control even GET access to these objects and 2054 possibly to even encrypt the values of these objects when sending 2055 them over the network via SNMP. Not all versions of SNMP provide 2056 features for such a secure environment. 2058 SNMP versions prior to SNMPv3 did not include adequate security. 2059 Even if the network itself is secure (for example by using IPSec), 2060 even then, there is no control as to who on the secure network is 2061 allowed to access and GET/SET (read/change/create/delete) the objects 2062 in this MIB. 2064 It is recommended that the implementers consider the security 2065 features as provided by the SNMPv3 framework (see [RFC3410], section 2066 8), including full support for the SNMPv3 cryptographic mechanisms 2067 (for authentication and privacy). 2069 Further, deployment of SNMP versions prior to SNMPv3 is NOT 2070 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to 2071 enable cryptographic security. It is then a customer/operator 2072 responsibility to ensure that the SNMP entity giving access to an 2073 instance of this MIB module is properly configured to give access to 2074 the objects only to those principals (users) that have legitimate 2075 rights to indeed GET or SET (change/create/delete) them. 2077 Denial of Service attacks on a DHCP server are conceivable by 2078 flooding the SNMP (sub-)agent with requests, tying up host system and 2079 server resources processing SNMP messages. The authors know of no 2080 way to wholly prevent such attacks, but have attempted to construct 2081 relatively simple tables to minimize the work required to respond to 2082 messages. 2084 9. References 2086 One normative reference is currently an Internet-Draft, nearly ready 2087 for Working Group Last Call. This reference MUST be updated when the 2088 draft advances to RFC status. 2090 9.1. Normative References 2092 [RFC2131] Droms, R., "Dynamic Host Configuration Protocol," RFC 2131, 2093 March 1997. 2095 [RFC2132] Alexander, S. and Droms, R., "DHCP Options and BOOTP Vendor 2096 Extensions," RFC 2132, March 1997. 2098 [RFC2578] Case, J., McCloghrie, K., Perkins, D., Rose, M., 2099 Schoenwaelder, J., and S. Waldbusser, "Structure of Management 2100 Information for Version 2 of the Simple Network Management Protocol 2101 (SNMPv2)," RFC 2578, April 1999. 2103 [RFC2579] Case, J., McCloghrie, K., Rose, M., Schoenwaelder, J., and 2104 S. Waldbusser, "Textual Conventions for Version 2 of the Simple 2105 Network Management Protocol (SNMPv2)," RFC 2579, April 1999. 2107 [RFC2580] Case, J., McCloghrie, K., Rose, M., Schoenwaelder, J., and 2108 S. Waldbusser, "Conformance Statements for Version 2 of the Simple 2109 Network Management Protocol (SNMPv2)," RFC 2580, April 1999. 2111 [RFC3203], Yves T'Joens and Christian Hublet, Peter De Schrijver, 2112 "The DHCP Reconfigure Extension," July 2001 2114 Rich Woundy and Kim Kinnear, "DHCP 2115 Lease Query," November 2003. 2117 9.2. Informative References 2119 [DEN] Directory Enabled Networks Working Group, 2120 http://www.universe.digex.net/~murchiso/den. 2122 [RFC1123] R. Braden, "Requirements for Internet Hosts -- Application 2123 and Support," RFC 1123, October 1989. 2125 [RFC3410] Case, J., Mundy, R., Partain, D. and B. Stewart, 2126 "Introduction and Applicability Statements for Internet-Standard 2127 Management Framework", RFC 3410, December 2002. 2129 10. Editors' Addresses 2131 Richard Barr Hibbs 2132 952 Sanchez Street 2133 San Francisco, California 94114-3362 2134 USA 2136 Phone: +1-(415)-648-3920 2137 Fax: +1-(415)-648-9017 2138 Email: rbhibbs@pacbell.net 2140 Glenn Waters 2141 Nortel Networks 2142 310-875 Carling Avenue, 2143 Ottawa, Ontario K1S 5P1 2144 Canada 2146 Phone: +1-(613)-798-4925 2147 Email: gww@NortelNetworks.com 2149 11. Full Copyright Statement 2151 Copyright (C), 2003, The Internet Society. All Rights Reserved. 2153 This document and translations of it may be copied and furnished to 2154 others, and derivative works that comment on or otherwise explain it 2155 or assist in its implementation may be prepared, copied, published 2156 and distributed, in whole or in part, without restriction of any 2157 kind, provided that the above copyright notice and this paragraph are 2158 included on all such copies and derivative works. However, this 2159 document itself may not be modified in any way, such as by removing 2160 the copyright notice or references to the Internet Society or other 2161 Internet organizations, except as needed for the purpose of 2162 developing Internet standards in which case the procedures for 2163 copyrights defined in the Internet Standards process must be 2164 followed, or as required to translate it into languages other than 2165 English. 2167 The limited permissions granted above are perpetual and will not be 2168 revoked by the Internet Society or its successors or assigns. 2170 This document and the information contained herein is provided on an 2171 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 2172 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 2173 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 2174 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 2175 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 2177 Acknowledgement 2179 Funding for the RFC Editor function is currently provided by the 2180 Internet Society.