idnits 2.17.1 draft-ietf-madman-netsm-mib-06.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Abstract section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack an Authors' Addresses Section. ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. -- The draft header indicates that this document obsoletes RFC1565, but the abstract doesn't seem to mention this, which it should. -- The draft header indicates that this document obsoletes RFC2248, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == Line 994 has weird spacing: '...rnished to...' == Line 995 has weird spacing: '...herwise expla...' == Line 997 has weird spacing: '...without restr...' == Line 998 has weird spacing: '... notice and t...' == Line 999 has weird spacing: '...ivative works...' == (4 more instances...) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (December 1999) is 8889 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: '18' is defined on line 920, but no explicit reference was found in the text == Unused Reference: '19' is defined on line 924, but no explicit reference was found in the text == Unused Reference: '20' is defined on line 927, but no explicit reference was found in the text == Unused Reference: '21' is defined on line 930, but no explicit reference was found in the text == Unused Reference: '29' is defined on line 939, but no explicit reference was found in the text ** Obsolete normative reference: RFC 1514 (ref. '1') (Obsoleted by RFC 2790) ** Obsolete normative reference: RFC 2571 (ref. '3') (Obsoleted by RFC 3411) ** Downref: Normative reference to an Informational RFC: RFC 1215 (ref. '6') ** Downref: Normative reference to an Historic RFC: RFC 1157 (ref. '10') ** Downref: Normative reference to an Historic RFC: RFC 1901 (ref. '11') ** Obsolete normative reference: RFC 1906 (ref. '12') (Obsoleted by RFC 3417) ** Obsolete normative reference: RFC 2572 (ref. '13') (Obsoleted by RFC 3412) ** Obsolete normative reference: RFC 2574 (ref. '14') (Obsoleted by RFC 3414) ** Obsolete normative reference: RFC 1905 (ref. '15') (Obsoleted by RFC 3416) ** Obsolete normative reference: RFC 2573 (ref. '16') (Obsoleted by RFC 3413) ** Obsolete normative reference: RFC 2575 (ref. '17') (Obsoleted by RFC 3415) ** Obsolete normative reference: RFC 2253 (ref. '18') (Obsoleted by RFC 4510, RFC 4514) ** Obsolete normative reference: RFC 1738 (ref. '20') (Obsoleted by RFC 4248, RFC 4266) ** Obsolete normative reference: RFC 2368 (ref. '21') (Obsoleted by RFC 6068) ** Obsolete normative reference: RFC 2248 (ref. '22') (Obsoleted by RFC 2788) ** Obsolete normative reference: RFC 1565 (ref. '23') (Obsoleted by RFC 2248) ** Downref: Normative reference to an Unknown state RFC: RFC 852 (ref. '29') Summary: 24 errors (**), 0 flaws (~~), 13 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group Ned Freed, Innosoft 2 Internet Draft Steve Kille, ISODE Consortium 3 Obsoletes: 1565, 2248 5 Network Services Monitoring MIB 7 December 1999 9 Status of this Memo 11 This document is an Internet-Draft and is in full conformance with all 12 provisions of Section 10 of RFC 2026. 14 Internet-Drafts are working documents of the Internet Engineering Task 15 Force (IETF), its areas, and its working groups. Note that other groups 16 may also distribute working documents as Internet-Drafts. 18 Internet-Drafts are draft documents valid for a maximum of six months 19 and may be updated, replaced, or obsoleted by other documents at any 20 time. It is inappropriate to use Internet- Drafts as reference material 21 or to cite them other than as "work in progress." 23 The list of current Internet-Drafts can be accessed at 24 http://www.ietf.org/ietf/1id-abstracts.txt 26 The list of Internet-Draft Shadow Directories can be accessed at 27 http://www.ietf.org/shadow.html. 29 Copyright Notice 31 Copyright (C) The Internet Society (1999). All Rights Reserved. 33 1. Introduction 35 A networked application is a realization of some well-defined service on 36 one or more host computers that is accessible via some network, uses 37 some network for its internal operations, or both. 39 There are a wide range of networked applications for which it is 40 appropriate to provide SNMP monitoring of their network usage. This 41 includes applications using both TCP/IP and OSI networking. This 42 document defines a MIB which contains the elements common to the 43 monitoring of any network service application. This information 44 includes a table of all monitorable network service applications, a 45 count of the associations (connections) to each application, and basic 46 information about the parameters and status of each application-related 47 association. 49 This MIB may be used on its own for any application, and for most simple 50 applications this will suffice. This MIB is also designed to serve as a 51 building block which can be used in conjunction with application- 52 specific monitoring and management. Two examples of this are MIBs 53 defining additional variables for monitoring a Message Transfer Agent 54 (MTA) service or a Directory Service Agent (DSA) service. It is expected 55 that further MIBs of this nature will be specified. 57 This MIB does not attempt to provide facilities for management of the 58 host or hosts the network service application runs on, nor does it 59 provide facilities for monitoring applications that provide something 60 other than a network service. Host resource and general application 61 monitoring is handled by either the Host Resources MIB [1] or the 62 application MIB [2]. 64 2. Table of Contents 66 1 Introduction .................................................... 1 67 2 Table of Contents ............................................... 2 68 3 The SNMP Network Management Framework ........................... 3 69 4 Rationale for having a Network Services Monitoring MIB .......... 4 70 4.1 General Relationship to Other MIBs ............................ 4 71 4.2 Restriction of Scope .......................................... 4 72 4.3 Configuration Information ..................................... 5 73 5 Application Objects ............................................. 5 74 6 Definitions ..................................................... 6 75 7 Changes made since RFC 2248 ..................................... 22 76 8 Acknowledgements ................................................ 22 77 9 References ...................................................... 22 78 10 Security Considerations ........................................ 24 79 11 Author and Chair Addresses ..................................... 25 80 12 Full Copyright Statement ....................................... 25 81 3. The SNMP Network Management Framework 83 The SNMP Management Framework presently consists of five major 84 components: 86 o An overall architecture, described in RFC 2571 [3]. 88 o Mechanisms for describing and naming objects and events for the 89 purpose of management. The first version of this Structure of 90 Management Information (SMI) is called SMIv1 and described in 91 RFC 1155 [4], RFC 1212 [5] and RFC 1215 [6]. The second version, 92 called SMIv2, is described in RFC 2578 [7], RFC 2579 [8] and RFC 93 2580 [9]. 95 o Message protocols for transferring management information. The 96 first version of the SNMP message protocol is called SNMPv1 and 97 described in RFC 1157 [10]. A second version of the SNMP message 98 protocol, which is not an Internet standards track protocol, is 99 called SNMPv2c and described in RFC 1901 [11] and RFC 1906 [12]. 100 The third version of the message protocol is called SNMPv3 and 101 described in RFC 1906 [12], RFC 2572 [13] and RFC 2574 [14]. 103 o Protocol operations for accessing management information. The 104 first set of protocol operations and associated PDU formats is 105 described in RFC 1157 [10]. A second set of protocol operations 106 and associated PDU formats is described in RFC 1905 [15]. 108 o A set of fundamental applications described in RFC 2573 [16] and 109 the view-based access control mechanism described in RFC 2575 110 [17]. 112 Managed objects are accessed via a virtual information store, termed the 113 Management Information Base or MIB. Objects in the MIB are defined 114 using the mechanisms defined in the SMI. 116 This memo specifies a MIB module that is compliant to the SMIv2. A MIB 117 conforming to the SMIv1 can be produced through the appropriate 118 translations. The resulting translated MIB must be semantically 119 equivalent, except where objects or events are omitted because no 120 translation is possible (use of Counter64). Some machine readable 121 information in SMIv2 will be converted into textual descriptions in 122 SMIv1 during the translation process. However, this loss of machine 123 readable information is not considered to change the semantics of the 124 MIB. 126 4. Rationale for having a Network Services Monitoring MIB 128 Much effort has been expended in developing tools to manage lower layer 129 network facilities. However, relatively little work has been done on 130 managing application layer entities. It is neither efficient nor 131 reasonable to manage all aspects of application layer entities using 132 only lower layer information. Moreover, the difficulty of managing 133 application entities in this way increases dramatically as application 134 entities become more complex. 136 This leads to a substantial need to monitor applications which provide 137 network services, particularly distributed components such as MTAs and 138 DSAs, by monitoring specific aspects of the application itself. Reasons 139 to monitor such components include but are not limited to measuring 140 load, detecting broken connectivity, isolating system failures, and 141 locating congestion. 143 In order to manage network service applications effectively two 144 requirements must be met: 146 (1) It must be possible to monitor a large number of components 147 (typical for a large organization). 149 (2) Application monitoring must be integrated into general network 150 management. 152 This specification defines simple read-only access; this is sufficient 153 to determine up/down status and provide an indication of a broad class 154 of operational problems. 156 4.1. General Relationship to Other MIBs 158 This MIB is intended to only provide facilities common to the monitoring 159 of any network service application. It does not provide all the 160 facilities necessary to monitor any specific application. Each specific 161 type of network service application is expected to have a MIB of its own 162 that makes use of these common facilities. 164 4.2. Restriction of Scope 166 The framework provided here is very minimal; there is a lot more that 167 could be done. For example: 169 (1) General network service application configuration monitoring and 170 control. 172 (2) Detailed examination and modification of individual entries in 173 service-specific request queues. 175 (3) Probing to determine the status of a specific request (e.g., the 176 location of a mail message with a specific message-id). 178 (4) Requesting that certain actions be performed (e.g., forcing an 179 immediate connection and transfer of pending messages to some 180 specific system). 182 All these capabilities are both impressive and useful. However, these 183 capabilities would require provisions for strict security checking. 184 These capabilities would also mandate a much more complex design, with 185 many characteristics likely to be fairly implementation-specific. As a 186 result such facilities are likely to be both contentious and difficult 187 to implement. 189 This document religiously keeps things simple and focuses on the basic 190 monitoring aspect of managing applications providing network services. 191 The goal here is to provide a framework which is simple, useful, and 192 widely implementable. 194 4.3. Configuration Information 196 This MIB attempts to provide information about the operational aspects 197 of an application. Further information about the actual configuration of 198 a given application may be kept in other places; the applDirectoryName 199 or applURL may be used to point to places where such information is 200 kept. 202 5. Application Objects 204 This MIB defines a set of general purpose attributes which would be 205 appropriate for a range of applications that provide network services. 206 Both OSI and non-OSI services can be accommodated. Additional tables 207 defined in extensions to this MIB provide attributes specific to 208 specific network services. 210 A table is defined which will have one row for each operational network 211 service application on the system. The only static information held on 212 the application is its name. All other static information should be 213 obtained from various directory services. The applDirectoryName is an 214 external key, which allows an SNMP MIB entry to be cleanly related to 215 the X.500 Directory. In SNMP terms, the applications are grouped in a 216 table called applTable, which is indexed by an integer key applIndex. 218 The type of the application will be determined by one or both of: 220 (1) Additional MIB variables specific to the applications. 222 (2) An association to the application of a specific protocol. 224 6. Definitions 226 NETWORK-SERVICES-MIB DEFINITIONS ::= BEGIN 228 IMPORTS 229 OBJECT-TYPE, Counter32, Gauge32, MODULE-IDENTITY, mib-2 230 FROM SNMPv2-SMI 231 TimeStamp, TEXTUAL-CONVENTION 232 FROM SNMPv2-TC 233 MODULE-COMPLIANCE, OBJECT-GROUP 234 FROM SNMPv2-CONF 235 SnmpAdminString 236 FROM SNMP-FRAMEWORK-MIB; 238 application MODULE-IDENTITY 239 LAST-UPDATED "9912220000Z" 240 ORGANIZATION "IETF Mail and Directory Management Working Group" 241 CONTACT-INFO 242 " Ned Freed 244 Postal: Innosoft International, Inc. 245 1050 Lakes Drive 246 West Covina, CA 91790 247 US 249 Tel: +1 626 919 3600 250 Fax: +1 626 919 3614 252 E-Mail: ned.freed@innosoft.com" 253 DESCRIPTION 254 "The MIB module describing network service applications" 255 REVISION "9912220000Z" 256 DESCRIPTION 257 "This revision, published in RFC XXXX, changes a number of 258 DisplayStrings to SnmpAdminStrings. Note that this change 259 is not strictly supported by SMIv2. However, the alternative 260 of deprecating the old objects and defining new objects 261 would have a more adverse impact on backward compatibility 262 and interoperability, given the particular semantics of 263 these objects. The defining reference for distinguished 264 names has also been updated from RFC 1779 to RFC 2253." 265 REVISION "9905120000Z" 266 DESCRIPTION 267 "This revision fixes a few small technical problems found 268 in previous versions, mostly in regards to the conformance 269 groups for different versions of this MIB. No changes have 270 been made to the objects this MIB defines since RFC 2248." 271 REVISION "9708170000Z" 272 DESCRIPTION 273 "This revision, published in RFC 2248, adds the 274 applDescription and applURL objects, adds the quiescing 275 state to the applOperStatus object and renames the MIB 276 from the APPLICATION-MIB to the NETWORK-SERVICE-MIB." 277 REVISION "9311280000Z" 278 DESCRIPTION 279 "The original version of this MIB was published in RFC 1565" 280 ::= {mib-2 27} 282 -- Textual conventions 284 -- DistinguishedName is used to refer to objects in the 285 -- directory. 287 DistinguishedName ::= TEXTUAL-CONVENTION 288 DISPLAY-HINT "255a" 289 STATUS current 290 DESCRIPTION 291 "A Distinguished Name represented in accordance with 292 RFC 2253, presented in the UTF-8 charset defined in 293 RFC 2279." 294 SYNTAX OCTET STRING (SIZE (0..255)) 296 -- Uniform Resource Locators are stored in URLStrings. 298 URLString ::= TEXTUAL-CONVENTION 299 DISPLAY-HINT "255a" 300 STATUS current 301 DESCRIPTION 302 "A Uniform Resource Locator represented in accordance 303 with RFCs 1738 and 2368, presented in the NVT ASCII 304 charset defined in RFC 854." 305 SYNTAX OCTET STRING (SIZE (0..255)) 307 -- The basic applTable contains a list of the application 308 -- entities. 310 applTable OBJECT-TYPE 311 SYNTAX SEQUENCE OF ApplEntry 312 MAX-ACCESS not-accessible 313 STATUS current 314 DESCRIPTION 315 "The table holding objects which apply to all different 316 kinds of applications providing network services. 317 Each network service application capable of being 318 monitored should have a single entry in this table." 319 ::= {application 1} 321 applEntry OBJECT-TYPE 322 SYNTAX ApplEntry 323 MAX-ACCESS not-accessible 324 STATUS current 325 DESCRIPTION 326 "An entry associated with a single network service 327 application." 328 INDEX {applIndex} 329 ::= {applTable 1} 331 ApplEntry ::= SEQUENCE { 332 applIndex 333 INTEGER, 334 applName 335 SnmpAdminString, 336 applDirectoryName 337 DistinguishedName, 338 applVersion 339 SnmpAdminString, 340 applUptime 341 TimeStamp, 342 applOperStatus 343 INTEGER, 344 applLastChange 345 TimeStamp, 346 applInboundAssociations 347 Gauge32, 348 applOutboundAssociations 349 Gauge32, 350 applAccumulatedInboundAssociations 351 Counter32, 352 applAccumulatedOutboundAssociations 353 Counter32, 354 applLastInboundActivity 355 TimeStamp, 356 applLastOutboundActivity 357 TimeStamp, 358 applRejectedInboundAssociations 359 Counter32, 360 applFailedOutboundAssociations 361 Counter32, 362 applDescription 363 SnmpAdminString, 364 applURL 365 URLString 366 } 367 applIndex OBJECT-TYPE 368 SYNTAX INTEGER (1..2147483647) 369 MAX-ACCESS not-accessible 370 STATUS current 371 DESCRIPTION 372 "An index to uniquely identify the network service 373 application. This attribute is the index used for 374 lexicographic ordering of the table." 375 ::= {applEntry 1} 377 applName OBJECT-TYPE 378 SYNTAX SnmpAdminString 379 MAX-ACCESS read-only 380 STATUS current 381 DESCRIPTION 382 "The name the network service application chooses to be 383 known by." 384 ::= {applEntry 2} 386 applDirectoryName OBJECT-TYPE 387 SYNTAX DistinguishedName 388 MAX-ACCESS read-only 389 STATUS current 390 DESCRIPTION 391 "The Distinguished Name of the directory entry where 392 static information about this application is stored. 393 An empty string indicates that no information about 394 the application is available in the directory." 395 ::= {applEntry 3} 397 applVersion OBJECT-TYPE 398 SYNTAX SnmpAdminString 399 MAX-ACCESS read-only 400 STATUS current 401 DESCRIPTION 402 "The version of network service application software. 403 This field is usually defined by the vendor of the 404 network service application software." 405 ::= {applEntry 4} 407 applUptime OBJECT-TYPE 408 SYNTAX TimeStamp 409 MAX-ACCESS read-only 410 STATUS current 411 DESCRIPTION 412 "The value of sysUpTime at the time the network service 413 application was last initialized. If the application was 414 last initialized prior to the last initialization of the 415 network management subsystem, then this object contains 416 a zero value." 417 ::= {applEntry 5} 419 applOperStatus OBJECT-TYPE 420 SYNTAX INTEGER { 421 up(1), 422 down(2), 423 halted(3), 424 congested(4), 425 restarting(5), 426 quiescing(6) 427 } 428 MAX-ACCESS read-only 429 STATUS current 430 DESCRIPTION 431 "Indicates the operational status of the network service 432 application. 'down' indicates that the network service is 433 not available. 'up' indicates that the network service 434 is operational and available. 'halted' indicates that the 435 service is operational but not available. 'congested' 436 indicates that the service is operational but no additional 437 inbound associations can be accommodated. 'restarting' 438 indicates that the service is currently unavailable but is 439 in the process of restarting and will be available soon. 440 'quiescing' indicates that service is currently operational 441 but is in the process of shutting down. Additional inbound 442 associations may be rejected by applications in the 443 'quiescing' state." 444 ::= {applEntry 6} 446 applLastChange OBJECT-TYPE 447 SYNTAX TimeStamp 448 MAX-ACCESS read-only 449 STATUS current 450 DESCRIPTION 451 "The value of sysUpTime at the time the network service 452 application entered its current operational state. If 453 the current state was entered prior to the last 454 initialization of the local network management subsystem, 455 then this object contains a zero value." 456 ::= {applEntry 7} 458 applInboundAssociations OBJECT-TYPE 459 SYNTAX Gauge32 460 MAX-ACCESS read-only 461 STATUS current 462 DESCRIPTION 463 "The number of current associations to the network service 464 application, where it is the responder. An inbound 465 association occurs when another application successfully 466 connects to this one." 467 ::= {applEntry 8} 469 applOutboundAssociations OBJECT-TYPE 470 SYNTAX Gauge32 471 MAX-ACCESS read-only 472 STATUS current 473 DESCRIPTION 474 "The number of current associations to the network service 475 application, where it is the initiator. An outbound 476 association occurs when this application successfully 477 connects to another one." 478 ::= {applEntry 9} 480 applAccumulatedInboundAssociations OBJECT-TYPE 481 SYNTAX Counter32 482 MAX-ACCESS read-only 483 STATUS current 484 DESCRIPTION 485 "The total number of associations to the application entity 486 since application initialization, where it was the responder." 487 ::= {applEntry 10} 489 applAccumulatedOutboundAssociations OBJECT-TYPE 490 SYNTAX Counter32 491 MAX-ACCESS read-only 492 STATUS current 493 DESCRIPTION 494 "The total number of associations to the application entity 495 since application initialization, where it was the initiator." 496 ::= {applEntry 11} 498 applLastInboundActivity OBJECT-TYPE 499 SYNTAX TimeStamp 500 MAX-ACCESS read-only 501 STATUS current 502 DESCRIPTION 503 "The value of sysUpTime at the time this application last 504 had an inbound association. If the last association 505 occurred prior to the last initialization of the network 506 subsystem, then this object contains a zero value." 507 ::= {applEntry 12} 509 applLastOutboundActivity OBJECT-TYPE 510 SYNTAX TimeStamp 511 MAX-ACCESS read-only 512 STATUS current 513 DESCRIPTION 514 "The value of sysUpTime at the time this application last 515 had an outbound association. If the last association 516 occurred prior to the last initialization of the network 517 subsystem, then this object contains a zero value." 518 ::= {applEntry 13} 520 applRejectedInboundAssociations OBJECT-TYPE 521 SYNTAX Counter32 522 MAX-ACCESS read-only 523 STATUS current 524 DESCRIPTION 525 "The total number of inbound associations the application 526 entity has rejected, since application initialization. 527 Rejected associations are not counted in the accumulated 528 association totals. Note that this only counts 529 associations the application entity has rejected itself; 530 it does not count rejections that occur at lower layers 531 of the network. Thus, this counter may not reflect the 532 true number of failed inbound associations." 533 ::= {applEntry 14} 535 applFailedOutboundAssociations OBJECT-TYPE 536 SYNTAX Counter32 537 MAX-ACCESS read-only 538 STATUS current 539 DESCRIPTION 540 "The total number associations where the application entity 541 is initiator and association establishment has failed, 542 since application initialization. Failed associations are 543 not counted in the accumulated association totals." 544 ::= {applEntry 15} 546 applDescription OBJECT-TYPE 547 SYNTAX SnmpAdminString 548 MAX-ACCESS read-only 549 STATUS current 550 DESCRIPTION 551 "A text description of the application. This information 552 is intended to identify and briefly describe the 553 application in a status display." 554 ::= {applEntry 16} 556 applURL OBJECT-TYPE 557 SYNTAX URLString 558 MAX-ACCESS read-only 559 STATUS current 560 DESCRIPTION 561 "A URL pointing to a description of the application. 562 This information is intended to identify and describe 563 the application in a status display." 564 ::= {applEntry 17} 566 -- The assocTable augments the information in the applTable 567 -- with information about associations. Note that two levels 568 -- of compliance are specified below, depending on whether 569 -- association monitoring is mandated. 571 assocTable OBJECT-TYPE 572 SYNTAX SEQUENCE OF AssocEntry 573 MAX-ACCESS not-accessible 574 STATUS current 575 DESCRIPTION 576 "The table holding a set of all active application 577 associations." 578 ::= {application 2} 580 assocEntry OBJECT-TYPE 581 SYNTAX AssocEntry 582 MAX-ACCESS not-accessible 583 STATUS current 584 DESCRIPTION 585 "An entry associated with an association for a network 586 service application." 587 INDEX {applIndex, assocIndex} 588 ::= {assocTable 1} 590 AssocEntry ::= SEQUENCE { 591 assocIndex 592 INTEGER, 593 assocRemoteApplication 594 SnmpAdminString, 595 assocApplicationProtocol 596 OBJECT IDENTIFIER, 597 assocApplicationType 598 INTEGER, 599 assocDuration 600 TimeStamp 601 } 603 assocIndex OBJECT-TYPE 604 SYNTAX INTEGER (1..2147483647) 605 MAX-ACCESS not-accessible 606 STATUS current 607 DESCRIPTION 608 "An index to uniquely identify each association for a network 609 service application. This attribute is the index that is 610 used for lexicographic ordering of the table. Note that the 611 table is also indexed by the applIndex." 612 ::= {assocEntry 1} 614 assocRemoteApplication OBJECT-TYPE 615 SYNTAX SnmpAdminString 616 MAX-ACCESS read-only 617 STATUS current 618 DESCRIPTION 619 "The name of the system running remote network service 620 application. For an IP-based application this should be 621 either a domain name or IP address. For an OSI application 622 it should be the string encoded distinguished name of the 623 managed object. For X.400(1984) MTAs which do not have a 624 Distinguished Name, the RFC 2156 syntax 'mta in 625 globalid' used in X400-Received: fields can be used. Note, 626 however, that not all connections an MTA makes are 627 necessarily to another MTA." 628 ::= {assocEntry 2} 630 assocApplicationProtocol OBJECT-TYPE 631 SYNTAX OBJECT IDENTIFIER 632 MAX-ACCESS read-only 633 STATUS current 634 DESCRIPTION 635 "An identification of the protocol being used for the 636 application. For an OSI Application, this will be the 637 Application Context. For Internet applications, the IANA 638 maintains a registry of the OIDs which correspond to 639 well-known applications. If the application protocol is 640 not listed in the registry, an OID value of the form 641 {applTCPProtoID port} or {applUDPProtoID port} are used for 642 TCP-based and UDP-based protocols, respectively. In either 643 case 'port' corresponds to the primary port number being 644 used by the protocol." 645 ::= {assocEntry 3} 647 assocApplicationType OBJECT-TYPE 648 SYNTAX INTEGER { 649 uainitiator(1), 650 uaresponder(2), 651 peerinitiator(3), 652 peerresponder(4)} 653 MAX-ACCESS read-only 654 STATUS current 655 DESCRIPTION 656 "This indicates whether the remote application is some type of 657 client making use of this network service (e.g., a Mail User 658 Agent) or a server acting as a peer. Also indicated is whether 659 the remote end initiated an incoming connection to the network 660 service or responded to an outgoing connection made by the 661 local application. MTAs and messaging gateways are 662 considered to be peers for the purposes of this variable." 663 ::= {assocEntry 4} 665 assocDuration OBJECT-TYPE 666 SYNTAX TimeStamp 667 MAX-ACCESS read-only 668 STATUS current 669 DESCRIPTION 670 "The value of sysUpTime at the time this association was 671 started. If this association started prior to the last 672 initialization of the network subsystem, then this 673 object contains a zero value." 674 ::= {assocEntry 5} 676 -- Conformance information 678 applConformance OBJECT IDENTIFIER ::= {application 3} 680 applGroups OBJECT IDENTIFIER ::= {applConformance 1} 681 applCompliances OBJECT IDENTIFIER ::= {applConformance 2} 682 -- Compliance statements 684 applCompliance MODULE-COMPLIANCE 685 STATUS obsolete 686 DESCRIPTION 687 "The compliance statement for RFC 1565 implementations 688 which support the Network Services Monitoring MIB 689 for basic monitoring of network service applications. 690 This is the basic compliance statement for RFC 1565." 691 MODULE 692 MANDATORY-GROUPS {applRFC1565Group} 693 ::= {applCompliances 1} 695 assocCompliance MODULE-COMPLIANCE 696 STATUS obsolete 697 DESCRIPTION 698 "The compliance statement for RFC 1565 implementations 699 which support the Network Services Monitoring MIB 700 for basic monitoring of network service applications 701 and their associations." 702 MODULE 703 MANDATORY-GROUPS {applRFC1565Group, assocRFC1565Group} 704 ::= {applCompliances 2} 706 applRFC2248Compliance MODULE-COMPLIANCE 707 STATUS deprecated 708 DESCRIPTION 709 "The compliance statement for RFC 2248 implementations 710 which support the Network Services Monitoring MIB 711 for basic monitoring of network service applications." 712 MODULE 713 MANDATORY-GROUPS {applRFC2248Group} 714 ::= {applCompliances 3} 716 assocRFC2248Compliance MODULE-COMPLIANCE 717 STATUS deprecated 718 DESCRIPTION 719 "The compliance statement for RFC 2248 implementations 720 which support the Network Services Monitoring MIB for 721 basic monitoring of network service applications and 722 their associations." 723 MODULE 724 MANDATORY-GROUPS {applRFC2248Group, assocRFC2248Group} 725 ::= {applCompliances 4} 727 applRFCXXXXCompliance MODULE-COMPLIANCE 728 STATUS current 729 DESCRIPTION 730 "The compliance statement for RFC XXXX implementations 731 which support the Network Services Monitoring MIB 732 for basic monitoring of network service applications." 733 MODULE 734 MANDATORY-GROUPS {applRFCXXXXGroup} 735 ::= {applCompliances 5} 737 assocRFCXXXXCompliance MODULE-COMPLIANCE 738 STATUS current 739 DESCRIPTION 740 "The compliance statement for RFC XXXX implementations 741 which support the Network Services Monitoring MIB for 742 basic monitoring of network service applications and 743 their associations." 744 MODULE 745 MANDATORY-GROUPS {applRFCXXXXGroup, assocRFCXXXXGroup} 746 ::= {applCompliances 6} 748 -- Units of conformance 750 applRFC1565Group OBJECT-GROUP 751 OBJECTS { 752 applName, applVersion, applUptime, applOperStatus, 753 applLastChange, applInboundAssociations, 754 applOutboundAssociations, applAccumulatedInboundAssociations, 755 applAccumulatedOutboundAssociations, applLastInboundActivity, 756 applLastOutboundActivity, applRejectedInboundAssociations, 757 applFailedOutboundAssociations} 758 STATUS obsolete 759 DESCRIPTION 760 "A collection of objects providing basic monitoring of 761 network service applications. This is the original set 762 of such objects defined in RFC 1565." 763 ::= {applGroups 7} 765 assocRFC1565Group OBJECT-GROUP 766 OBJECTS { 767 assocRemoteApplication, assocApplicationProtocol, 768 assocApplicationType, assocDuration} 769 STATUS obsolete 770 DESCRIPTION 771 "A collection of objects providing basic monitoring of 772 network service applications' associations. This is the 773 original set of such objects defined in RFC 1565." 774 ::= {applGroups 2} 776 applRFC2248Group OBJECT-GROUP 777 OBJECTS { 778 applName, applVersion, applUptime, applOperStatus, 779 applLastChange, applInboundAssociations, 780 applOutboundAssociations, applAccumulatedInboundAssociations, 781 applAccumulatedOutboundAssociations, applLastInboundActivity, 782 applLastOutboundActivity, applRejectedInboundAssociations, 783 applFailedOutboundAssociations, applDescription, applURL} 784 STATUS deprecated 785 DESCRIPTION 786 "A collection of objects providing basic monitoring of 787 network service applications. This group was originally 788 defined in RFC 2248; note that applDirectoryName is 789 missing." 790 ::= {applGroups 3} 792 assocRFC2248Group OBJECT-GROUP 793 OBJECTS { 794 assocRemoteApplication, assocApplicationProtocol, 795 assocApplicationType, assocDuration} 796 STATUS deprecated 797 DESCRIPTION 798 "A collection of objects providing basic monitoring of 799 network service applications' associations. This group 800 was originally defined by RFC 2248." 801 ::= {applGroups 4} 803 applRFCXXXXGroup OBJECT-GROUP 804 OBJECTS { 805 applName, applDirectoryName, applVersion, applUptime, 806 applOperStatus, applLastChange, applInboundAssociations, 807 applOutboundAssociations, applAccumulatedInboundAssociations, 808 applAccumulatedOutboundAssociations, applLastInboundActivity, 809 applLastOutboundActivity, applRejectedInboundAssociations, 810 applFailedOutboundAssociations, applDescription, applURL} 811 STATUS current 812 DESCRIPTION 813 "A collection of objects providing basic monitoring of 814 network service applications. This is the appropriate 815 group for RFC XXXX -- it adds the applDirectoryName object 816 missing in RFC 2248." 817 ::= {applGroups 5} 819 assocRFCXXXXGroup OBJECT-GROUP 820 OBJECTS { 821 assocRemoteApplication, assocApplicationProtocol, 822 assocApplicationType, assocDuration} 823 STATUS current 824 DESCRIPTION 825 "A collection of objects providing basic monitoring of 826 network service applications' associations. This is 827 the appropriate group for RFC XXXX." 828 ::= {applGroups 6} 830 -- OIDs of the form {applTCPProtoID port} are intended to be used 831 -- for TCP-based protocols that don't have OIDs assigned by other 832 -- means. {applUDPProtoID port} serves the same purpose for 833 -- UDP-based protocols. In either case 'port' corresponds to 834 -- the primary port number being used by the protocol. For example, 835 -- assuming no other OID is assigned for SMTP, an OID of 836 -- {applTCPProtoID 25} could be used, since SMTP is a TCP-based 837 -- protocol that uses port 25 as its primary port. 839 applTCPProtoID OBJECT IDENTIFIER ::= {application 4} 840 applUDPProtoID OBJECT IDENTIFIER ::= {application 5} 842 END 843 7. Changes made since RFC 2248 845 This revision corrects a few minor technical errors in the construction 846 of the network services MIB in RFC 2248 [22]. In addition, the applName, 847 applVersion, and applDescription fields have been changed from 848 DisplayStrings to SnmpAdminStrings. The reference to RFC 1779 has also 849 been updated to RFC 2253, which in turn adds the ability for 850 distinguished names to be in the UTF-8 character set. 852 8. Acknowledgements 854 This document is a product of the Mail and Directory Management (MADMAN) 855 Working Group. It is based on an earlier MIB designed by S. Kille, T. 856 Lenggenhager, D. Partain, and W. Yeong. The Electronic Mail 857 Association's TSC committee was instrumental in providing feedback on 858 and suggesting enhancements to RFC 1565 [23] that have led to the 859 present document. 861 9. References 863 [1] Grillo, P. and Waldbusser, S., "Host Resources MIB", RFC 1514, 864 September 1993. 866 [2] Krupczak, C. and Saperia, J., "Definitions of System-Level Managed 867 Objects for Applications", RFC 2287, February 1998. 869 [3] Wijnen, B., Harrington, D., and Presuhn, R., "An Architecture for 870 Describing SNMP Management Frameworks", RFC 2571, April 1999. 872 [4] Rose, M. and McCloghrie, K., "Structure and Identification of 873 Management Information for TCP/IP-based Internets", RFC 1155, May 874 1990. 876 [5] Rose, M. and McCloghrie, K., "Concise MIB Definitions", RFC 1212, 877 March 1991. 879 [6] Rose, M., "A Convention for Defining Traps for use with the SNMP", 880 RFC 1215, March 1991. 882 [7] McCloghrie, K., Perkins, D., and Schoenwaelder, J., "Structure of 883 Management Information Version 2 (SMIv2)", RFC 2578, April 1999. 885 [8] McCloghrie, K., Perkins, D., and Schoenwaelder, J., "Textual 886 Conventions for SMIv2", RFC 2579, April 1999. 888 [9] McCloghrie, K., Perkins, D., and Schoenwaelder, J., "Conformance 889 Statements for SMIv2", RFC 2580, April 1999. 891 [10] Case, J., Fedor, M., Schoffstall, M., and Davin, J., "Simple 892 Network Management Protocol", RFC 1157, May 1990. 894 [11] Case, J., McCloghrie, K., Rose, M., and Waldbusser, S., 895 "Introduction to Community-based SNMPv2", RFC 1901, January 1996. 897 [12] Case, J., McCloghrie, K., Rose, M., and Waldbusser, S., "Transport 898 Mappings for Version 2 of the Simple Network Management Protocol 899 (SNMPv2)", RFC 1906, January 1996. 901 [13] Case, J., Harrington D., Presuhn R., and Wijnen, B., "Message 902 Processing and Dispatching for the Simple Network Management 903 Protocol (SNMP)", RFC 2572, April 1999. 905 [14] Blumenthal, U. and Wijnen, B., "User-based Security Model (USM) for 906 version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 907 2574, April 1999. 909 [15] Case, J., McCloghrie, K., Rose, M., and Waldbusser, S., "Protocol 910 Operations for Version 2 of the Simple Network Management Protocol 911 (SNMPv2)", RFC 1905, January 1996. 913 [16] Levi, D., Meyer, P., and Stewart, B., "SNMPv3 Applications", RFC 914 2573, April 1999. 916 [17] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access 917 Control Model (VACM) for the Simple Network Management Protocol 918 (SNMP)", RFC 2575, April 1999. 920 [18] Wahl, M., Kille, S., Howes, T., "Lightweight Directory Access 921 Protocol (v3): UTF-8 String Representation of Distinguished Names", 922 RFC 2253, December 1997. 924 [19] Kille, S., "Mapping between X.400(1988) and RFC 822/MIME", RFC 925 2156, January 1998. 927 [20] Berners-Lee, T., Masinter, L., McCahill, M., "Uniform Resource 928 Locators (URL)", RFC 1738, December 1994. 930 [21] Hoffman, P., Masinter, L., Zawinski, J, "The mailto URL Scheme", 931 RFC 2368, July 1998. 933 [22] Freed, N. and Kille, S., "Network Services Monitoring MIB", RFC 934 2248, January 1998. 936 [23] Freed, N. and Kille, S., "Network Services Monitoring MIB", RFC 937 1565, January 1994. 939 [29] Postel, J. and Reynolds, J., "Telnet Protocol specification", RFC 940 852, May 1983. 942 10. Security Considerations 944 There are no management objects defined in this MIB that have a MAX- 945 ACCESS clause of read-write and/or read-create. So, if this MIB is 946 implemented correctly, then there is no risk that an intruder can alter 947 or create any management objects of this MIB via direct SNMP SET 948 operations. 950 However, this MIB does provide passive information about the existence, 951 type, and configuration of applications on a given host that could 952 potentially indicate some sort of vulnerability. Finally, the 953 information MIB provides about network usage could be used to analyze 954 network traffic patterns. 956 SNMPv1 by itself is not a secure environment. Even if the network 957 itself is secure (for example by using IPSec), even then, there is no 958 control as to who on the secure network is allowed to access and GET/SET 959 (read/change/create/delete) the objects in this MIB. 961 It is recommended that the implementers consider the security features 962 as provided by the SNMPv3 framework. Specifically, the use of the 963 User-based Security Model RFC 2574 [14] and the View-based Access 964 Control Model RFC 2575 [17] is recommended. 966 It is then a customer/user responsibility to ensure that the SNMP entity 967 giving access to an instance of this MIB, is properly configured to give 968 access to the objects only to those principals (users) that have 969 legitimate rights to indeed GET or SET (change/create/delete) them. 971 11. Author and Chair Addresses 973 Ned Freed 974 Innosoft International, Inc. 975 1050 Lakes Drive 976 West Covina, CA 91790 977 USA 978 tel: +1 626 919 3600 979 fax: +1 626 919 3614 980 email: ned.freed@innosoft.com 982 Steve Kille, MADMAN WG Chair 983 ISODE Consortium 984 The Dome, The Square 985 Richmond TW9 1DT 986 UK 987 tel: +44 181 332 9091 988 email: S.Kille@isode.com 990 12. Full Copyright Statement 992 Copyright (C) The Internet Society (1999). All Rights Reserved. 994 This document and translations of it may be copied and furnished to 995 others, and derivative works that comment on or otherwise explain it or 996 assist in its implementation may be prepared, copied, published and 997 distributed, in whole or in part, without restriction of any kind, 998 provided that the above copyright notice and this paragraph are 999 included on all such copies and derivative works. However, this 1000 document itself may not be modified in any way, such as by removing the 1001 copyright notice or references to the Internet Society or other 1002 Internet organizations, except as needed for the purpose of developing 1003 Internet standards in which case the procedures for copyrights defined 1004 in the Internet Standards process must be followed, or as required to 1005 translate it into languages other than English. 1007 The limited permissions granted above are perpetual and will not be 1008 revoked by the Internet Society or its successors or assigns. 1010 This document and the information contained herein is provided on an 1011 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 1012 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT 1013 NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL 1014 NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR 1015 FITNESS FOR A PARTICULAR PURPOSE.