idnits 2.17.1 draft-ietf-ipngwg-rfc2012-update-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Introduction section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** There are 2 instances of too long lines in the document, the longest one being 7 characters in excess of 72. ** The abstract seems to contain references ([5]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (November 2001) is 8197 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Missing reference section? '5' on line 1042 looks like a reference -- Missing reference section? '7' on line 1048 looks like a reference -- Missing reference section? '8' on line 1051 looks like a reference -- Missing reference section? '9' on line 1055 looks like a reference -- Missing reference section? '10' on line 1058 looks like a reference -- Missing reference section? '11' on line 1061 looks like a reference -- Missing reference section? '12' on line 1065 looks like a reference -- Missing reference section? '13' on line 1069 looks like a reference -- Missing reference section? '14' on line 1073 looks like a reference -- Missing reference section? '15' on line 1076 looks like a reference -- Missing reference section? '16' on line 1079 looks like a reference -- Missing reference section? '17' on line 1083 looks like a reference -- Missing reference section? '18' on line 1138 looks like a reference -- Missing reference section? '19' on line 1091 looks like a reference -- Missing reference section? '20' on line 1095 looks like a reference -- Missing reference section? '21' on line 1139 looks like a reference -- Missing reference section? '22' on line 1102 looks like a reference -- Missing reference section? '1' on line 236 looks like a reference -- Missing reference section? '2' on line 1032 looks like a reference -- Missing reference section? '3' on line 1035 looks like a reference -- Missing reference section? '4' on line 1039 looks like a reference -- Missing reference section? '6' on line 1045 looks like a reference Summary: 5 errors (**), 0 flaws (~~), 2 warnings (==), 24 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 IPv6 MIB Revision Design Team Bill Fenner 2 INTERNET-DRAFT AT&T Research 3 Expires: May 2002 Brian Haberman 4 Nortel Networks 5 Keith McCloghrie 6 Cisco Systems 7 Juergen Schoenwalder 8 TU Braunschweig 9 Dave Thaler 10 Microsoft 11 November 2001 13 Management Information Base 14 for the Transmission Control Protocol (TCP) 15 draft-ietf-ipngwg-rfc2012-update-01.txt 17 Status of this Document 19 This document is an Internet-Draft and is in full conformance with all 20 provisions of Section 10 of RFC2026. 22 Internet-Drafts are working documents of the Internet Engineering Task 23 Force (IETF), its areas, and its working groups. Note that other groups 24 may also distribute working documents as Internet-Drafts. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference material 29 or to cite them other than as "work in progress." 31 The list of current Internet-Drafts can be accessed at 32 http://www.ietf.org/ietf/1id-abstracts.txt 34 The list of Internet-Draft Shadow Directories can be accessed at 35 http://www.ietf.org/shadow.html. 37 This document is a product of the IPv6 MIB Revision Design Team. 38 Comments should be addressed to the authors, or the mailing list at 39 ipng@sunroof.eng.sun.com. 41 Copyright Notice 43 Copyright (C) The Internet Society (2001). All Rights Reserved. 45 Abstract 47 This memo defines a portion of the Management Information Base (MIB) for 48 use with network management protocols in the Internet community. In 49 particular, it describes managed objects used for implementations of the 50 Transmission Control Protocol (TCP) [5] in an IP version independent 51 manner. 53 Table of Contents 55 1. The SNMP Management Framework . . . . . . . . . . . . . . . . . . 3 56 2. Revision History. . . . . . . . . . . . . . . . . . . . . . . . . 4 57 3. MIB Structure . . . . . . . . . . . . . . . . . . . . . . . . . . 5 58 4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 59 5. Open Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 60 6. Acknowledgements. . . . . . . . . . . . . . . . . . . . . . . . . 23 61 7. References. . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 62 8. Security Considerations . . . . . . . . . . . . . . . . . . . . . 25 63 9. Editor's Address. . . . . . . . . . . . . . . . . . . . . . . . . 25 64 10. Full Copyright Statement . . . . . . . . . . . . . . . . . . . . 26 66 1. The SNMP Management Framework 68 The SNMP Management Framework presently consists of five major 69 components: 71 o An overall architecture, described in RFC 2571 [7]. 73 o Mechanisms for describing and naming objects and events for the 74 purpose of management. The first version of this Structure of 75 Management Information (SMI) is called SMIv1 and described in STD 16, 76 RFC 1155 [8], STD 16, RFC 1212 [9] and RFC 1215 [10]. The second 77 version, called SMIv2, is described in STD 58, RFC 2578 [11], STD 58, 78 RFC 2579 [12] and STD 58, RFC 2580 [13]. 80 o Message protocols for transferring management information. The first 81 version of the SNMP message protocol is called SNMPv1 and described in 82 STD 15, RFC 1157 [14]. A second version of the SNMP message protocol, 83 which is not an Internet standards track protocol, is called SNMPv2c 84 and described in RFC 1901 [15] and RFC 1906 [16]. The third version of 85 the message protocol is called SNMPv3 and described in RFC 1906 [16], 86 RFC 2572 [17] and RFC 2574 [18]. 88 o Protocol operations for accessing management information. The first 89 set of protocol operations and associated PDU formats is described in 90 STD 15, RFC 1157 [14]. A second set of protocol operations and 91 associated PDU formats is described in RFC 1905 [19]. 93 o A set of fundamental applications described in RFC 2573 [20] and the 94 view-based access control mechanism described in RFC 2575 [21]. 96 A more detailed introduction to the current SNMP Management Framework 97 can be found in RFC 2570 [22]. 99 Managed objects are accessed via a virtual information store, termed the 100 Management Information Base or MIB. Objects in the MIB are defined 101 using the mechanisms defined in the SMI. 103 This memo specifies a MIB module that is compliant to the SMIv2. A MIB 104 conforming to the SMIv1 can be produced through the appropriate 105 translations. The resulting translated MIB must be semantically 106 equivalent, except where objects or events are omitted because no 107 translation is possible (use of Counter64). Some machine readable 108 information in SMIv2 will be converted into textual descriptions in 109 SMIv1 during the translation process. However, this loss of machine 110 readable information is not considered to change the semantics of the 111 MIB. 113 2. Revision History 115 Changes from draft-ietf-ipngwg-rfc2012-update-00.txt: 117 14 November 2001 119 Added HC versions of connection counters. 121 Added Listener table, with counters for accepted and timed out 122 connection attempts. 124 Added tcp{Connection,Listener}ProcessID to index into SYSAPPL-MIB 125 or HOST-RESOURCES-MIB. 127 Removed tcpConnectionRemAddrType, it must be the same as 128 tcpConnectionLocalAddrType. 130 Changes from draft-ops-rfc2012-update-00.txt 132 12 Jul 2001 134 Turned into IPNG WG document 136 Added tcpCountersGroup for per-connection counters 138 Changes from first draft posted to v6mib mailing list: 140 23 Feb 2001 142 Made threshold for HC packet counters 1Mpps 144 Added copyright statements and table of contents 146 21 Feb 2001 -- Juergen's changes 148 Renamed tcpInetConn* to tcpConnection* 150 Updated Conformance info 152 Added missing tcpConnectionState and tcpConnState objects to 153 SEQUENCEs 155 6 Feb 2001 157 Removed v6-only objects. 159 Renamed inetTcp* to tcpInet* 161 Added SIZE restriction to InetAddress index objects. (36 = 32-byte 162 addresses plus 4-byte scope, but it's just a strawman) 164 Used InetPortNumber TC from updated INET-ADDRESS-MIB 166 Updated compliance statements. 168 Added Keith to authors 170 Added open issues section. 172 Changes from RFC 2012 174 Deprecated tcpConnTable 176 Added tcpConnectionTable 178 3. MIB Structure 180 (Obviously this section needs a lot of work) 182 Addresses are as seen on the wire, not necessarily as the socket sees 183 them (e.g. IPv4 address, not IPv6-mapped IPv4) 185 Listener on in6addr_any without IPV6_V6ONLY socket option set (i.e. 186 willing to accept v4 or v6) is indicated by remote AF = unknown. 188 4. Definitions 190 TCP-MIB DEFINITIONS ::= BEGIN 191 IMPORTS 192 MODULE-IDENTITY, OBJECT-TYPE, Integer32, Unsigned32, 193 Gauge32, Counter32, Counter64, IpAddress, mib-2 194 FROM SNMPv2-SMI 195 TimeStamp FROM SNMPv2-TC 196 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF 197 InetAddress, InetAddressType, 198 InetPortNumber FROM INET-ADDRESS-MIB; 200 tcpMIB MODULE-IDENTITY 201 LAST-UPDATED "200111140000Z" 202 ORGANIZATION "IETF IPv6 MIB Revision Team" 203 CONTACT-INFO 204 "Bill Fenner (editor) 206 AT&T Labs -- Research 207 75 Willow Rd. 208 Menlo Park, CA 94025 210 Phone: +1 650 330-7893 211 Email: " 212 DESCRIPTION 213 "The MIB module for managing TCP implementations." 214 REVISION "200111140000Z" 215 DESCRIPTION 216 "IP version neutral revision, published as RFC XXXX." 217 REVISION "9411010000Z" 218 DESCRIPTION 219 "Initial SMIv2 version, published as RFC 2012." 220 REVISION "9103310000Z" 221 DESCRIPTION 222 "The initial revision of this MIB module was part of MIB-II." 223 ::= { mib-2 49 } 225 -- the TCP base variables group 227 tcp OBJECT IDENTIFIER ::= { mib-2 6 } 229 -- Scalars 231 tcpRtoAlgorithm OBJECT-TYPE 232 SYNTAX INTEGER { 233 other(1), -- none of the following 234 constant(2), -- a constant rto 235 rsre(3), -- MIL-STD-1778, Appendix B 236 vanj(4) -- Van Jacobson's algorithm [1] 237 } 239 MAX-ACCESS read-only 240 STATUS current 241 DESCRIPTION 242 "The algorithm used to determine the timeout value used for 243 retransmitting unacknowledged octets." 244 ::= { tcp 1 } 246 tcpRtoMin OBJECT-TYPE 247 SYNTAX Integer32 248 UNITS "milliseconds" 249 MAX-ACCESS read-only 250 STATUS current 251 DESCRIPTION 252 "The minimum value permitted by a TCP implementation for the 253 retransmission timeout, measured in milliseconds. More 254 refined semantics for objects of this type depend upon the 255 algorithm used to determine the retransmission timeout. In 256 particular, when the timeout algorithm is rsre(3), an object 257 of this type has the semantics of the LBOUND quantity 258 described in RFC 793." 259 ::= { tcp 2 } 261 tcpRtoMax OBJECT-TYPE 262 SYNTAX Integer32 263 UNITS "milliseconds" 264 MAX-ACCESS read-only 265 STATUS current 266 DESCRIPTION 267 "The maximum value permitted by a TCP implementation for the 268 retransmission timeout, measured in milliseconds. More 269 refined semantics for objects of this type depend upon the 270 algorithm used to determine the retransmission timeout. In 271 particular, when the timeout algorithm is rsre(3), an object 272 of this type has the semantics of the UBOUND quantity 273 described in RFC 793." 274 ::= { tcp 3 } 276 tcpMaxConn OBJECT-TYPE 277 SYNTAX Integer32 278 MAX-ACCESS read-only 279 STATUS current 280 DESCRIPTION 281 "The limit on the total number of TCP connections the entity 282 can support. In entities where the maximum number of 283 connections is dynamic, this object should contain the value 284 -1." 285 ::= { tcp 4 } 287 tcpActiveOpens OBJECT-TYPE 288 SYNTAX Counter32 289 MAX-ACCESS read-only 290 STATUS current 291 DESCRIPTION 292 "The number of times TCP connections have made a direct 293 transition to the SYN-SENT state from the CLOSED state." 294 ::= { tcp 5 } 296 tcpPassiveOpens OBJECT-TYPE 297 SYNTAX Counter32 298 MAX-ACCESS read-only 299 STATUS current 300 DESCRIPTION 301 "The number of times TCP connections have made a direct 302 transition to the SYN-RCVD state from the LISTEN state." 303 ::= { tcp 6 } 305 tcpAttemptFails OBJECT-TYPE 306 SYNTAX Counter32 307 MAX-ACCESS read-only 308 STATUS current 309 DESCRIPTION 310 "The number of times TCP connections have made a direct 311 transition to the CLOSED state from either the SYN-SENT 312 state or the SYN-RCVD state, plus the number of times TCP 313 connections have made a direct transition to the LISTEN 314 state from the SYN-RCVD state." 315 ::= { tcp 7 } 317 tcpEstabResets OBJECT-TYPE 318 SYNTAX Counter32 319 MAX-ACCESS read-only 320 STATUS current 321 DESCRIPTION 322 "The number of times TCP connections have made a direct 323 transition to the CLOSED state from either the ESTABLISHED 324 state or the CLOSE-WAIT state." 325 ::= { tcp 8 } 327 tcpCurrEstab OBJECT-TYPE 328 SYNTAX Gauge32 329 MAX-ACCESS read-only 330 STATUS current 331 DESCRIPTION 332 "The number of TCP connections for which the current state is 333 either ESTABLISHED or CLOSE-WAIT." 334 ::= { tcp 9 } 336 tcpInSegs OBJECT-TYPE 337 SYNTAX Counter32 338 MAX-ACCESS read-only 339 STATUS current 340 DESCRIPTION 341 "The total number of segments received, including those 342 received in error. This count includes segments received on 343 currently established connections." 344 ::= { tcp 10 } 346 tcpOutSegs OBJECT-TYPE 347 SYNTAX Counter32 348 MAX-ACCESS read-only 349 STATUS current 350 DESCRIPTION 351 "The total number of segments sent, including those on 352 current connections but excluding those containing only 353 retransmitted octets." 354 ::= { tcp 11 } 356 tcpRetransSegs OBJECT-TYPE 357 SYNTAX Counter32 358 MAX-ACCESS read-only 359 STATUS current 360 DESCRIPTION 361 "The total number of segments retransmitted - that is, the 362 number of TCP segments transmitted containing one or more 363 previously transmitted octets." 364 ::= { tcp 12 } 366 tcpInErrs OBJECT-TYPE 367 SYNTAX Counter32 368 MAX-ACCESS read-only 369 STATUS current 370 DESCRIPTION 371 "The total number of segments received in error (e.g., bad 372 TCP checksums)." 373 ::= { tcp 14 } 375 tcpOutRsts OBJECT-TYPE 376 SYNTAX Counter32 377 MAX-ACCESS read-only 378 STATUS current 379 DESCRIPTION 380 "The number of TCP segments sent containing the RST flag." 381 ::= { tcp 15 } 383 tcpHCInSegs OBJECT-TYPE 384 SYNTAX Counter64 385 MAX-ACCESS read-only 386 STATUS current 387 DESCRIPTION 388 "The total number of segments received, including those 389 received in error, on systems that can receive more than 1 390 million TCP packets per second. This count includes 391 segments received on currently established connections." 392 ::= { tcp 17 } 394 tcpHCOutSegs OBJECT-TYPE 395 SYNTAX Counter64 396 MAX-ACCESS read-only 397 STATUS current 398 DESCRIPTION 399 "The total number of segments sent, including those on 400 current connections but excluding those containing only 401 retransmitted octets, on systems that can transmit more than 402 1 million TCP packets per second." 403 ::= { tcp 18 } 405 -- The TCP Connection table 407 tcpConnectionTable OBJECT-TYPE 408 SYNTAX SEQUENCE OF TcpConnectionEntry 409 MAX-ACCESS not-accessible 410 STATUS current 411 DESCRIPTION 412 "A table containing information about existing TCP 413 connections. Note that unlike earlier TCP MIBs, there is a 414 seperate table for connections in the LISTEN state." 415 ::= { tcp 19 } 417 tcpConnectionEntry OBJECT-TYPE 418 SYNTAX TcpConnectionEntry 419 MAX-ACCESS not-accessible 420 STATUS current 421 DESCRIPTION 422 "A conceptual row of the tcpConnectionTable containing 423 information about a particular current TCP connection. Each 424 row of this table is transient, in that it ceases to exist 425 when (or soon after) the connection makes the transition to 426 the CLOSED state." 427 INDEX { tcpConnectionLocalAddressType, 428 tcpConnectionLocalAddress, 429 tcpConnectionLocalPort, 430 tcpConnectionRemAddress, 431 tcpConnectionRemPort } 433 ::= { tcpConnectionTable 1 } 435 TcpConnectionEntry ::= SEQUENCE { 436 tcpConnectionLocalAddressType InetAddressType, 437 tcpConnectionLocalAddress InetAddress, 438 tcpConnectionLocalPort InetPortNumber, 439 tcpConnectionRemAddress InetAddress, 440 tcpConnectionRemPort InetPortNumber, 441 tcpConnectionState INTEGER, 442 tcpConnectionInPackets Counter32, 443 tcpConnectionOutPackets Counter32, 444 tcpConnectionInOctets Counter32, 445 tcpConnectionOutOctets Counter32, 446 tcpConnectionHCInPackets Counter64, 447 tcpConnectionHCOutPackets Counter64, 448 tcpConnectionHCInOctets Counter64, 449 tcpConnectionHCOutOctets Counter64, 450 tcpConnectionStartTime TimeStamp, 451 tcpConnectionProcessID Unsigned32 452 } 454 tcpConnectionLocalAddressType OBJECT-TYPE 455 SYNTAX InetAddressType 456 MAX-ACCESS not-accessible 457 STATUS current 458 DESCRIPTION 459 "The address type of tcpConnectionLocalAddress. Only IPv4 460 and IPv6 addresses are expected." 461 ::= { tcpConnectionEntry 1 } 463 tcpConnectionLocalAddress OBJECT-TYPE 464 SYNTAX InetAddress (SIZE(0..36)) 465 MAX-ACCESS not-accessible 466 STATUS current 467 DESCRIPTION 468 "The local IP address for this TCP connection. In the case 469 of a connection in the listen state which is willing to 470 accept connections for any IP interface associated with the 471 node, a value of all zeroes is used." 472 ::= { tcpConnectionEntry 2 } 474 tcpConnectionLocalPort OBJECT-TYPE 475 SYNTAX InetPortNumber 476 MAX-ACCESS not-accessible 477 STATUS current 478 DESCRIPTION 479 "The local port number for this TCP connection." 480 ::= { tcpConnectionEntry 3 } 482 tcpConnectionRemAddress OBJECT-TYPE 483 SYNTAX InetAddress (SIZE(0..36)) 484 MAX-ACCESS not-accessible 485 STATUS current 486 DESCRIPTION 487 "The remote IP address for this TCP connection." 488 ::= { tcpConnectionEntry 4 } 490 tcpConnectionRemPort OBJECT-TYPE 491 SYNTAX InetPortNumber 492 MAX-ACCESS not-accessible 493 STATUS current 494 DESCRIPTION 495 "The remote port number for this TCP connection." 496 ::= { tcpConnectionEntry 5 } 498 tcpConnectionState OBJECT-TYPE 499 SYNTAX INTEGER { 500 closed(1), 501 listen(2), 502 synSent(3), 503 synReceived(4), 504 established(5), 505 finWait1(6), 506 finWait2(7), 507 closeWait(8), 508 lastAck(9), 509 closing(10), 510 timeWait(11), 511 deleteTCB(12) 512 } 513 MAX-ACCESS read-write 514 STATUS current 515 DESCRIPTION 516 "The state of this TCP connection. 518 The value listen(2) is included only for parallelism to the 519 old tcpConnTable, and should not be used. A connection in 520 LISTEN state should be present in the tcpListenerTable. 522 The only value which may be set by a management station is 523 deleteTCB(12). Accordingly, it is appropriate for an agent 524 to return a `badValue' response if a management station 525 attempts to set this object to any other value. 527 If a management station sets this object to the value 528 deleteTCB(12), then this has the effect of deleting the TCB 529 (as defined in RFC 793) of the corresponding connection on 530 the managed node, resulting in immediate termination of the 531 connection. 533 As an implementation-specific option, a RST segment may be 534 sent from the managed node to the other TCP endpoint (note 535 however that RST segments are not sent reliably)." 536 ::= { tcpConnectionEntry 6 } 538 tcpConnectionInPackets OBJECT-TYPE 539 SYNTAX Counter32 540 MAX-ACCESS read-only 541 STATUS current 542 DESCRIPTION 543 "The number of packets received on this connection. This 544 count includes retransmitted data." 545 ::= { tcpConnectionEntry 7 } 547 tcpConnectionOutPackets OBJECT-TYPE 548 SYNTAX Counter32 549 MAX-ACCESS read-only 550 STATUS current 551 DESCRIPTION 552 "The number of packets transmitted on this connection. This 553 count includes retransmitted data." 554 ::= { tcpConnectionEntry 8 } 556 tcpConnectionInOctets OBJECT-TYPE 557 SYNTAX Counter32 558 MAX-ACCESS read-only 559 STATUS current 560 DESCRIPTION 561 "The number of octets received on this connection. This 562 count includes retransmitted data." 563 ::= { tcpConnectionEntry 9 } 565 tcpConnectionOutOctets OBJECT-TYPE 566 SYNTAX Counter32 567 MAX-ACCESS read-only 568 STATUS current 569 DESCRIPTION 570 "The number of octets transmitted on this connection. This 571 count includes retransmitted data." 572 ::= { tcpConnectionEntry 10 } 574 tcpConnectionHCInPackets OBJECT-TYPE 575 SYNTAX Counter64 576 MAX-ACCESS read-only 577 STATUS current 578 DESCRIPTION 579 "The number of packets received on this connection. This 580 count includes retransmitted data." 581 ::= { tcpConnectionEntry 11 } 583 tcpConnectionHCOutPackets OBJECT-TYPE 584 SYNTAX Counter64 585 MAX-ACCESS read-only 586 STATUS current 587 DESCRIPTION 588 "The number of packets transmitted on this connection. This 589 count includes retransmitted data." 590 ::= { tcpConnectionEntry 12 } 592 tcpConnectionHCInOctets OBJECT-TYPE 593 SYNTAX Counter64 594 MAX-ACCESS read-only 595 STATUS current 596 DESCRIPTION 597 "The number of octets received on this connection. This 598 count includes retransmitted data." 599 ::= { tcpConnectionEntry 13 } 601 tcpConnectionHCOutOctets OBJECT-TYPE 602 SYNTAX Counter64 603 MAX-ACCESS read-only 604 STATUS current 605 DESCRIPTION 606 "The number of octets transmitted on this connection. This 607 count includes retransmitted data." 608 ::= { tcpConnectionEntry 14 } 610 tcpConnectionStartTime OBJECT-TYPE 611 SYNTAX TimeStamp 612 MAX-ACCESS read-only 613 STATUS current 614 DESCRIPTION 615 "The value of sysUpTime at the time this connection was 616 established" 617 ::= { tcpConnectionEntry 15 } 619 tcpConnectionProcessID OBJECT-TYPE 620 SYNTAX Unsigned32 621 MAX-ACCESS read-only 622 STATUS current 623 DESCRIPTION 624 "The system's process ID for the process associated with this 625 connection, or zero if there is no such process. This value 626 is expected to be the same as HOST-RESOURCES- 627 MIB::hrSWRunIndex or SYSAPPL-MIB::sysApplElmtRunIndex for 628 some row in the appropriate tables." 629 ::= { tcpConnectionEntry 16 } 631 -- The TCP Listener table 633 tcpListenerTable OBJECT-TYPE 634 SYNTAX SEQUENCE OF TcpListenerEntry 635 MAX-ACCESS not-accessible 636 STATUS current 637 DESCRIPTION 638 "A table containing information about TCP listeners." 639 ::= { tcp 20 } 641 tcpListenerEntry OBJECT-TYPE 642 SYNTAX TcpListenerEntry 643 MAX-ACCESS not-accessible 644 STATUS current 645 DESCRIPTION 646 "A conceptual row of the tcpListenerTable containing 647 information about a particular TCP listener." 648 INDEX { tcpListenerLocalAddressType, 649 tcpListenerLocalAddress, 650 tcpListenerLocalPort, 651 tcpListenerRemAddressType } 652 ::= { tcpListenerTable 1 } 654 TcpListenerEntry ::= SEQUENCE { 655 tcpListenerLocalAddressType InetAddressType, 656 tcpListenerLocalAddress InetAddress, 657 tcpListenerLocalPort InetPortNumber, 658 tcpListenerRemAddressType InetAddressType, 659 tcpListenerConnectionsTimedOut Counter32, 660 tcpListenerHCConnectionsTimedOut Counter64, 661 tcpListenerConnectionsAccepted Counter32, 662 tcpListenerHCConnectionsAccepted Counter64, 663 tcpListenerStartTime TimeStamp, 664 tcpListenerProcessID Unsigned32 665 } 667 tcpListenerLocalAddressType OBJECT-TYPE 668 SYNTAX InetAddressType 669 MAX-ACCESS not-accessible 670 STATUS current 671 DESCRIPTION 672 "The address type of tcpListenerLocalAddress. Only IPv4 and 673 IPv6 addresses are expected." 674 ::= { tcpListenerEntry 1 } 676 tcpListenerLocalAddress OBJECT-TYPE 677 SYNTAX InetAddress (SIZE(0..36)) 678 MAX-ACCESS not-accessible 679 STATUS current 680 DESCRIPTION 681 "The local IP address for this TCP connection. In the case 682 of a connection in the listen state which is willing to 683 accept connections for any IP interface associated with the 684 node, a value of all zeroes is used." 685 ::= { tcpListenerEntry 2 } 687 tcpListenerLocalPort OBJECT-TYPE 688 SYNTAX InetPortNumber 689 MAX-ACCESS not-accessible 690 STATUS current 691 DESCRIPTION 692 "The local port number for this TCP connection." 693 ::= { tcpListenerEntry 3 } 695 tcpListenerRemAddressType OBJECT-TYPE 696 SYNTAX InetAddressType 697 MAX-ACCESS read-only 698 STATUS current 699 DESCRIPTION 700 "The address type of connections that will be accepted by 701 this listener. Only IPv4 and IPv6 addresses are expected, 702 or unknown to indicate an endpoint willing to accept both 703 IPv4 and IPv6 connections." 704 ::= { tcpListenerEntry 4 } 706 tcpListenerConnectionsTimedOut OBJECT-TYPE 707 SYNTAX Counter32 708 MAX-ACCESS read-only 709 STATUS current 710 DESCRIPTION 711 "The number of connection attempts to this endpoint which 712 have failed due to timeout of the three-way handshake, i.e. 713 the row was removed from the tcpConnectionTable but 714 tcpConnectionState never moved from synReceived to 715 established." 716 ::= { tcpListenerEntry 5 } 718 tcpListenerHCConnectionsTimedOut OBJECT-TYPE 719 SYNTAX Counter64 720 MAX-ACCESS read-only 721 STATUS current 722 DESCRIPTION 723 "The number of connection attempts to this endpoint which 724 have failed due to timeout of the three-way handshake, i.e. 725 the row was removed from the tcpConnectionTable but 726 tcpConnectionState never moved from synReceived to 727 established." 728 ::= { tcpListenerEntry 6 } 730 tcpListenerConnectionsAccepted OBJECT-TYPE 731 SYNTAX Counter32 732 MAX-ACCESS read-only 733 STATUS current 734 DESCRIPTION 735 "The number of connections which have been established to 736 this endpoint." 737 ::= { tcpListenerEntry 7 } 739 tcpListenerHCConnectionsAccepted OBJECT-TYPE 740 SYNTAX Counter64 741 MAX-ACCESS read-only 742 STATUS current 743 DESCRIPTION 744 "The number of connections which have been established to 745 this endpoint." 746 ::= { tcpListenerEntry 8 } 748 tcpListenerStartTime OBJECT-TYPE 749 SYNTAX TimeStamp 750 MAX-ACCESS read-only 751 STATUS current 752 DESCRIPTION 753 "The value of sysUpTime at the time this listener was 754 established." 755 ::= { tcpListenerEntry 9 } 757 tcpListenerProcessID OBJECT-TYPE 758 SYNTAX Unsigned32 759 MAX-ACCESS read-only 760 STATUS current 761 DESCRIPTION 762 "The system's process ID for the process associated with this 763 listener, or zero if there is no such process. This value 764 is expected to be the same as HOST-RESOURCES- 765 MIB::hrSWRunIndex or SYSAPPL-MIB::sysApplElmtRunIndex for 766 some row in the appropriate tables." 767 ::= { tcpListenerEntry 10 } 769 -- The deprecated TCP Connection table 771 tcpConnTable OBJECT-TYPE 772 SYNTAX SEQUENCE OF TcpConnEntry 773 MAX-ACCESS not-accessible 774 STATUS deprecated 775 DESCRIPTION 776 "A table containing information about existing IPv4-specific 777 TCP connections or listeners. This table has been 778 deprecated in favor of the version neutral 779 tcpConnectionTable." 780 ::= { tcp 13 } 782 tcpConnEntry OBJECT-TYPE 783 SYNTAX TcpConnEntry 784 MAX-ACCESS not-accessible 785 STATUS deprecated 786 DESCRIPTION 787 "A conceptual row of the tcpConnTable containing information 788 about a particular current IPv4 TCP connection. Each row of 789 this table is transient, in that it ceases to exist when (or 790 soon after) the connection makes the transition to the 791 CLOSED state." 792 INDEX { tcpConnLocalAddress, 793 tcpConnLocalPort, 794 tcpConnRemAddress, 795 tcpConnRemPort } 796 ::= { tcpConnTable 1 } 798 TcpConnEntry ::= SEQUENCE { 799 tcpConnState INTEGER, 800 tcpConnLocalAddress IpAddress, 801 tcpConnLocalPort INTEGER, 802 tcpConnRemAddress IpAddress, 803 tcpConnRemPort INTEGER 804 } 806 tcpConnState OBJECT-TYPE 807 SYNTAX INTEGER { 808 closed(1), 809 listen(2), 810 synSent(3), 811 synReceived(4), 812 established(5), 813 finWait1(6), 814 finWait2(7), 815 closeWait(8), 816 lastAck(9), 817 closing(10), 818 timeWait(11), 819 deleteTCB(12) 820 } 821 MAX-ACCESS read-write 822 STATUS deprecated 823 DESCRIPTION 824 "The state of this TCP connection. 826 The only value which may be set by a management station is 827 deleteTCB(12). Accordingly, it is appropriate for an agent 828 to return a `badValue' response if a management station 829 attempts to set this object to any other value. 831 If a management station sets this object to the value 832 deleteTCB(12), then this has the effect of deleting the TCB 833 (as defined in RFC 793) of the corresponding connection on 834 the managed node, resulting in immediate termination of the 835 connection. 837 As an implementation-specific option, a RST segment may be 838 sent from the managed node to the other TCP endpoint (note 839 however that RST segments are not sent reliably)." 840 ::= { tcpConnEntry 1 } 842 tcpConnLocalAddress OBJECT-TYPE 843 SYNTAX IpAddress 844 MAX-ACCESS read-only 845 STATUS deprecated 846 DESCRIPTION 847 "The local IP address for this TCP connection. In the case 848 of a connection in the listen state which is willing to 849 accept connections for any IP interface associated with the 850 node, the value 0.0.0.0 is used." 851 ::= { tcpConnEntry 2 } 853 tcpConnLocalPort OBJECT-TYPE 854 SYNTAX INTEGER (0..65535) 855 MAX-ACCESS read-only 856 STATUS deprecated 857 DESCRIPTION 858 "The local port number for this TCP connection." 859 ::= { tcpConnEntry 3 } 861 tcpConnRemAddress OBJECT-TYPE 862 SYNTAX IpAddress 863 MAX-ACCESS read-only 864 STATUS deprecated 865 DESCRIPTION 866 "The remote IP address for this TCP connection." 867 ::= { tcpConnEntry 4 } 869 tcpConnRemPort OBJECT-TYPE 870 SYNTAX INTEGER (0..65535) 871 MAX-ACCESS read-only 872 STATUS deprecated 873 DESCRIPTION 874 "The remote port number for this TCP connection." 875 ::= { tcpConnEntry 5 } 877 -- conformance information 879 tcpMIBConformance OBJECT IDENTIFIER ::= { tcpMIB 2 } 881 tcpMIBCompliances OBJECT IDENTIFIER ::= { tcpMIBConformance 1 } 882 tcpMIBGroups OBJECT IDENTIFIER ::= { tcpMIBConformance 2 } 884 -- compliance statements 886 tcpMIBCompliance2 MODULE-COMPLIANCE 887 STATUS current 888 DESCRIPTION 889 "The compliance statement for systems which implement TCP." 890 MODULE -- this module 891 MANDATORY-GROUPS { tcpBaseGroup, tcpConnectionGroup, tcpListenerGroup } 892 GROUP tcpHCGroup 893 DESCRIPTION 894 "This group is mandatory for those systems which are capable 895 of receiving or transmitting more than 1 million TCP 896 packets per second. 1 million packets per second will 897 cause a Counter32 to wrap in just over an hour." 898 GROUP tcpStatisticsGroup 899 DESCRIPTION 900 "This group is optional. It provides visibility for counters 901 that some systems already implement." 902 GROUP tcpHCStatisticsGroup 903 DESCRIPTION 904 "This group is mandatory for those systems which implement 905 the tcpStatisticsGroup and are capable of receiving or 906 transmitting more than 1 million TCP packets per second. 907 1 million packets per second will cause a Counter32 to 908 wrap in just over an hour." 910 OBJECT tcpConnectionState 911 MIN-ACCESS read-only 912 DESCRIPTION 913 "Write access is not required." 914 ::= { tcpMIBCompliances 2 } 916 tcpMIBCompliance MODULE-COMPLIANCE 917 STATUS deprecated 918 DESCRIPTION 919 "The compliance statement for IPv4-only systems which 920 implement TCP. In order to be IP version independent, this 921 compliance statement is deprecated in favor of 922 tcpMIBCompliance2. However, agents are still encouraged to 923 implement these objects in order to interoperate with the 924 deployed base of managers." 925 MODULE -- this module 926 MANDATORY-GROUPS { tcpGroup } 927 OBJECT tcpConnState 928 MIN-ACCESS read-only 929 DESCRIPTION 930 "Write access is not required." 931 ::= { tcpMIBCompliances 1 } 933 -- units of conformance 935 tcpGroup OBJECT-GROUP 936 OBJECTS { tcpRtoAlgorithm, tcpRtoMin, tcpRtoMax, 937 tcpMaxConn, tcpActiveOpens, 938 tcpPassiveOpens, tcpAttemptFails, 939 tcpEstabResets, tcpCurrEstab, tcpInSegs, 940 tcpOutSegs, tcpRetransSegs, tcpConnState, 941 tcpConnLocalAddress, tcpConnLocalPort, 942 tcpConnRemAddress, tcpConnRemPort, 943 tcpInErrs, tcpOutRsts } 944 STATUS deprecated 945 DESCRIPTION 946 "The tcp group of objects providing for management of TCP 947 entities." 948 ::= { tcpMIBGroups 1 } 950 tcpBaseGroup OBJECT-GROUP 951 OBJECTS { tcpRtoAlgorithm, tcpRtoMin, tcpRtoMax, 952 tcpMaxConn, tcpActiveOpens, 953 tcpPassiveOpens, tcpAttemptFails, 954 tcpEstabResets, tcpCurrEstab, tcpInSegs, 955 tcpOutSegs, tcpRetransSegs, 956 tcpInErrs, tcpOutRsts } 957 STATUS current 958 DESCRIPTION 959 "The group of counters common to TCP entities." 960 ::= { tcpMIBGroups 2 } 962 tcpHCGroup OBJECT-GROUP 963 OBJECTS { tcpHCInSegs, tcpHCOutSegs } 964 STATUS current 965 DESCRIPTION 966 "The group of objects providing for counters of high speed 967 TCP implementations." 968 ::= { tcpMIBGroups 3 } 970 tcpConnectionGroup OBJECT-GROUP 971 OBJECTS { tcpConnectionState } 972 STATUS current 973 DESCRIPTION 974 "The table of TCP connections." 975 ::= { tcpMIBGroups 4 } 977 tcpListenerGroup OBJECT-GROUP 978 OBJECTS { tcpListenerRemAddressType } 979 STATUS current 980 DESCRIPTION 981 "The table of TCP listeners." 982 ::= { tcpMIBGroups 5 } 984 tcpStatisticsGroup OBJECT-GROUP 985 OBJECTS { tcpConnectionInPackets, tcpConnectionOutPackets, 986 tcpConnectionInOctets, tcpConnectionOutOctets, 987 tcpConnectionStartTime, tcpConnectionProcessID, 988 tcpListenerConnectionsTimedOut, 989 tcpListenerConnectionsAccepted, 990 tcpListenerStartTime, tcpListenerProcessID } 991 STATUS current 992 DESCRIPTION 993 "The packet and octet counters and other statistics specific 994 to a TCP connection or listener." 995 ::= { tcpMIBGroups 6 } 997 tcpHCStatisticsGroup OBJECT-GROUP 998 OBJECTS { tcpConnectionHCInPackets, tcpConnectionHCOutPackets, 999 tcpConnectionHCInOctets, tcpConnectionHCOutOctets, 1000 tcpListenerHCConnectionsTimedOut, 1001 tcpListenerHCConnectionsAccepted } 1002 STATUS current 1003 DESCRIPTION 1004 "The group of objects providing for statistics for listeners 1005 or connections on high speed TCP implementations." 1007 ::= { tcpMIBGroups 7 } 1009 END 1011 5. Open Issues 1013 Why is tcpListenerRemoteAddressType = unknown better than 1014 tcpListenerLocalAddressType = unknown and tcpListenerLocalAddress = ''h? 1015 Then we could get rid of tcpListenerRemoteAddressType. 1017 Is tcp*ProcessID OK? Should there be an OID pointer into a row of some 1018 *Run* table? 1020 Are the current per-connection byte/segment counters appropriate? Other 1021 stats? [in optional conformance group] ConnSRTT? 1023 More HC counters? 1025 6. Acknowledgements 1027 This document contains a modified subset of RFC 1213 and updates RFC 1028 2012 and RFC 2452. 1030 7. References 1032 [2] Rose, M. and K. McCloghrie, "Management Information Base for Network 1033 Management of TCP/IP-based internets", RFC 1213, March 1991. 1035 [3] K. McCloghrie, "SNMPv2 Management Information Base for the 1036 Transmission Control Protocol using SMIv2", RFC 2012, November 1037 1996. 1039 [4] Haskin, D. and S. Onishi, "IP Version 6 Management Information Base 1040 for the Transmission Control Protocol", RFC 2452, December 1998. 1042 [5] Postel, J., "Transmission Control Protocol - DARPA Internet Program 1043 Protocol Specification", STD 7, RFC 793, DARPA, September 1981. 1045 [6] Jacobson, V., "Congestion Avoidance and Control", SIGCOMM 1988, 1046 Stanford, California. 1048 [7] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for 1049 Describing SNMP Management Frameworks", RFC 2571, April 1999. 1051 [8] Rose, M., and K. McCloghrie, "Structure and Identification of 1052 Management Information for TCP/IP-based Internets", STD 16, RFC 1053 1155, May 1990. 1055 [9] Rose, M., and K. McCloghrie, "Concise MIB Definitions", STD 16, RFC 1056 1212, March 1991. 1058 [10] Rose, M., "A Convention for Defining Traps for use with the SNMP", 1059 RFC 1215, March 1991. 1061 [11] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., 1062 and S. Waldbusser, "Structure of Management Information Version 2 1063 (SMIv2)", STD 58, RFC 2578, April 1999. 1065 [12] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., 1066 and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 1067 2579, April 1999. 1069 [13] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., 1070 and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 1071 2580, April 1999. 1073 [14] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network 1074 Management Protocol", STD 15, RFC 1157, May 1990. 1076 [15] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, 1077 "Introduction to Community-based SNMPv2", RFC 1901, January 1996. 1079 [16] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport 1080 Mappings for Version 2 of the Simple Network Management Protocol 1081 (SNMPv2)", RFC 1906, January 1996. 1083 [17] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message 1084 Processing and Dispatching for the Simple Network Management 1085 Protocol (SNMP)", RFC 2572, April 1999. 1087 [18] Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) for 1088 version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 1089 2574, April 1999. 1091 [19] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol 1092 Operations for Version 2 of the Simple Network Management Protocol 1093 (SNMPv2)", RFC 1905, January 1996. 1095 [20] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC 1096 2573, April 1999. 1098 [21] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access 1099 Control Model (VACM) for the Simple Network Management Protocol 1100 (SNMP)", RFC 2575, April 1999. 1102 [22] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction to 1103 Version 3 of the Internet-standard Network Management Framework", 1104 RFC 2570, April 1999. 1106 8. Security Considerations 1108 There are a number of management objects defined in this MIB that have a 1109 MAX-ACCESS clause of read-write and/or read-create. Such objects may be 1110 considered sensitive or vulnerable in some network environments. The 1111 support for SET operations in a non-secure environment without proper 1112 protection can have a negative effect on network operations. 1114 There are a number of managed objects in this MIB that may contain 1115 sensitive information. These are: 1117 o The tcpConnectionLocalPort and tcpConnLocalPort objects can be used to 1118 identify what ports are open on the machine and can thus what attacks 1119 are likely to succeed, without the attacker having to run a port 1120 scanner. 1122 o The tcpConnectionState and tcpConnState objects have a MAX-ACCESS 1123 clause of read-write, which allows termination of an arbitrary 1124 connection. Unauthorized access could cause a denial of service. 1126 It is thus important to control even GET access to these objects and 1127 possibly to even encrypt the values of these object when sending them 1128 over the network via SNMP. Not all versions of SNMP provide features 1129 for such a secure environment. 1131 SNMPv1 by itself is not a secure environment. Even if the network 1132 itself is secure (for example by using IPSec), even then, there is no 1133 control as to who on the secure network is allowed to access and GET/SET 1134 (read/change/create/delete) the objects in this MIB. 1136 It is recommended that the implementers consider the security features 1137 as provided by the SNMPv3 framework. Specifically, the use of the User- 1138 based Security Model RFC 2574 [18] and the View-based Access Control 1139 Model RFC 2575 [21] is recommended. 1141 It is then a customer/user responsibility to ensure that the SNMP entity 1142 giving access to an instance of this MIB, is properly configured to give 1143 access to the objects only to those principals (users) that have 1144 legitimate rights to indeed GET or SET (change/create/delete) them. 1146 9. Editor's Address 1148 Bill Fenner 1149 AT&T Labs -- Research 1150 75 Willow Rd 1151 Menlo Park, CA 94025 1152 USA 1154 Email: fenner@research.att.com 1156 10. Full Copyright Statement 1158 Copyright (C) The Internet Society (2001). All Rights Reserved. 1160 This document and translations of it may be copied and furnished to 1161 others, and derivative works that comment on or otherwise explain it or 1162 assist in its implementation may be prepared, copied, published and 1163 distributed, in whole or in part, without restriction of any kind, 1164 provided that the above copyright notice and this paragraph are included 1165 on all such copies and derivative works. However, this document itself 1166 may not be modified in any way, such as by removing the copyright notice 1167 or references to the Internet Society or other Internet organizations, 1168 except as needed for the purpose of developing Internet standards in 1169 which case the procedures for copyrights defined in the Internet 1170 Standards process must be followed, or as required to translate it into 1171 languages other than English. 1173 The limited permissions granted above are perpetual and will not be 1174 revoked by the Internet Society or its successors or assigns. 1176 This document and the information contained herein is provided on an "AS 1177 IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK 1178 FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT 1179 LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT 1180 INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR 1181 FITNESS FOR A PARTICULAR PURPOSE.