idnits 2.17.1 draft-ietf-radius-clientmib-00.txt: ** The Abstract section seems to be numbered Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Cannot find the required boilerplate sections (Copyright, IPR, etc.) in this document. Expected boilerplate is as follows today (2024-04-24) according to https://trustee.ietf.org/license-info : IETF Trust Legal Provisions of 28-dec-2009, Section 6.a: This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. IETF Trust Legal Provisions of 28-dec-2009, Section 6.b(i), paragraph 2: Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. IETF Trust Legal Provisions of 28-dec-2009, Section 6.b(i), paragraph 3: This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts. ** The document seems to lack a 1id_guidelines paragraph about the list of Shadow Directories. == Mismatching filename: the document gives the document name as 'draft-ietf-radius-clientmib-01', but the file name used is 'draft-ietf-radius-clientmib-00' == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 9 longer pages, the longest (page 2) being 66 lines == It seems as if not all pages are separated by form feeds - found 0 form feeds but 9 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 88 instances of too long lines in the document, the longest one being 13 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == Line 12 has weird spacing: '...), its areas...' == Line 13 has weird spacing: '... its worki...' == Line 17 has weird spacing: '... and may ...' == Line 18 has weird spacing: '...afts as refer...' == Line 21 has weird spacing: '... To learn...' == (27 more instances...) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- Couldn't find a document date in the document -- date freshness check skipped. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: '1' is defined on line 346, but no explicit reference was found in the text == Unused Reference: '2' is defined on line 350, but no explicit reference was found in the text == Unused Reference: '3' is defined on line 353, but no explicit reference was found in the text == Unused Reference: '4' is defined on line 356, but no explicit reference was found in the text == Unused Reference: '5' is defined on line 361, but no explicit reference was found in the text == Unused Reference: '6' is defined on line 366, but no explicit reference was found in the text == Unused Reference: '7' is defined on line 372, but no explicit reference was found in the text == Unused Reference: '8' is defined on line 377, but no explicit reference was found in the text == Unused Reference: '9' is defined on line 383, but no explicit reference was found in the text == Unused Reference: '10' is defined on line 388, but no explicit reference was found in the text == Unused Reference: '11' is defined on line 393, but no explicit reference was found in the text == Unused Reference: '12' is defined on line 399, but no explicit reference was found in the text == Unused Reference: '13' is defined on line 405, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2058 (ref. '1') (Obsoleted by RFC 2138) ** Obsolete normative reference: RFC 2059 (ref. '2') (Obsoleted by RFC 2139) == Outdated reference: A later version (-06) exists of draft-ietf-radius-ext-00 ** Downref: Normative reference to an Informational draft: draft-ietf-radius-ext (ref. '3') -- Possible downref: Non-RFC (?) normative reference: ref. '4' ** Downref: Normative reference to an Historic RFC: RFC 1901 (ref. '5') ** Obsolete normative reference: RFC 1902 (ref. '6') (Obsoleted by RFC 2578) ** Obsolete normative reference: RFC 1903 (ref. '7') (Obsoleted by RFC 2579) ** Obsolete normative reference: RFC 1904 (ref. '8') (Obsoleted by RFC 2580) ** Obsolete normative reference: RFC 1905 (ref. '9') (Obsoleted by RFC 3416) ** Obsolete normative reference: RFC 1906 (ref. '10') (Obsoleted by RFC 3417) ** Obsolete normative reference: RFC 1907 (ref. '11') (Obsoleted by RFC 3418) ** Obsolete normative reference: RFC 1908 (ref. '12') (Obsoleted by RFC 2576) ** Downref: Normative reference to an Historic RFC: RFC 1909 (ref. '13') Summary: 22 errors (**), 0 flaws (~~), 24 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 RADIUS Working Group Bernard Aboba 3 INTERNET-DRAFT Microsoft 4 Glen Zorn 5 21 March 1997 Microsoft 7 RADIUS Client MIB 9 1. Status of this Memo 11 This document is an Internet-Draft. Internet-Drafts are working docu- 12 ments of the Internet Engineering Task Force (IETF), its areas, and 13 its working groups. Note that other groups may also distribute work- 14 ing documents as Internet-Drafts. 16 Internet-Drafts are draft documents valid for a maximum of six months 17 and may be updated, replaced, or obsoleted by other documents at any 18 time. It is inappropriate to use Internet-Drafts as reference mate- 19 rial or to cite them other than as ``work in progress.'' 21 To learn the current status of any Internet-Draft, please check the 22 ``1id-abstracts.txt'' listing contained in the Internet-Drafts Shadow 23 Directories on ds.internic.net (US East Coast), nic.nordu.net 24 (Europe), ftp.isi.edu (US West Coast), or munnari.oz.au (Pacific Rim). 26 The distribution of this memo is unlimited. It is filed as , and expires September 16, 1997. Please 28 send comments to the authors. 30 2. Abstract 32 This memo defines a set of extensions which instrument RADIUS client 33 functions. These extensions represent a portion of the Management 34 Information Base (MIB) for use with network management protocols in 35 the Internet community. Using these extensions IP-based management 36 stations can manage RADIUS clients. 38 3. Introduction 40 This memo defines a portion of the Management Information Base (MIB) 41 for use with network management protocols in the Internet community. 42 In particular, it describes managed objects used for managing RADIUS 43 clients. 45 Today a wide range of network devices, including routers and NASes, 46 act as RADIUS clients in order to provide authentication, authoriza- 47 tion, and accounting services. As a result, the effective management 48 of RADIUS clients is of considerable importance. 50 4. The SNMPv2 Network Management Framework 52 The SNMPv2 Network Management Framework consists of four major compo- 53 nents. They are: 55 o RFC 1902 which defines the SMI, the mechanisms used for 56 describing and naming objects for the purpose of management. 58 o RFC 1905 which defines the protocol used for network access to 59 managed objects. 61 o RFC 1907 defines the core set of managed objects for the 62 Internet suite of protocols. 64 o RFC 1909 which defines the administrative aspects of the 65 framework. 67 The Framework permits new objects to be defined for the purpose of 68 experimentation and evaluation. 70 4.1. Object Definitions 72 Managed objects are accessed via a virtual information store, termed 73 the Management Information Base or MIB. Objects in the MIB are 74 defined using the subset of Abstract Syntax Notation One (ASN.1) 75 defined in the SMI. In particular, each object object type is named by 76 an OBJECT IDENTIFIER, an administratively assigned name. The object 77 type together with an object instance serves to uniquely identify a 78 specific instantiation of the object. For human convenience, we often 79 use a textual string, termed the descriptor, to refer to the object 80 type. 82 5. Overview 84 This MIB module contains a scalar as well as a single table: 86 (1) the RADIUS Server Table contains one row for each 87 RADIUS server that the client shares a secret with. 89 Each entry in the RADIUS Server Table includes twelve counts present- 90 ing a view of the activity of the RADIUS client. 92 6. Definitions 94 RADIUS-CLIENT-MIB DEFINITIONS ::= BEGIN 96 IMPORTS 97 MODULE-IDENTITY, OBJECT-TYPE, 98 OBJECT-IDENTITY, experimental, 99 Counter32, Gauge32, Integer32, 100 IpAddress, TimeTicks FROM SNMPv2-SMI 101 RowStatus, TruthValue, 102 DisplayString FROM SNMPv2-TC 103 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF; 105 radius OBJECT-IDENTITY 106 STATUS current 107 DESCRIPTION 108 "The OID assigned to RADIUS MIB work by the IANA." 109 ::= { not-assigned-yet } 111 radiusClientMIB MODULE-IDENTITY 112 LAST-UPDATED "9703021659Z" 113 ORGANIZATION "IETF RADIUS Working Group." 114 CONTACT-INFO 115 " Bernard Aboba 116 Microsoft 117 One Microsoft Way 118 Redmond, WA 98052 119 US 121 Phone: +1 206 936 6605 122 EMail: bernarda@microsoft.com" 123 DESCRIPTION 124 "The MIB module for RADIUS Client Management." 125 ::= { radius 2 } 127 radiusClientMIBObjects OBJECT IDENTIFIER ::= { radiusClientMIB 1 } 129 radiusClient OBJECT IDENTIFIER ::= { radiusClientMIBObjects 1 } 131 radiusClientInvalidServerAddresses OBJECT-TYPE 132 SYNTAX Counter32 133 MAX-ACCESS read-only 134 STATUS current 135 DESCRIPTION 136 "The total number of RADIUS Access-Response messages received 137 from unknown addresses since client start-up" 138 ::= { radiusClient 1 } 140 radiusServerTable OBJECT-TYPE 141 SYNTAX SEQUENCE OF RadiusServerEntry 142 MAX-ACCESS not-accessible 143 STATUS current 144 DESCRIPTION 145 "The (conceptual) table listing the RADIUS servers with 146 which the client shares a secret." 147 ::= { radiusClient 2 } 149 radiusServerEntry OBJECT-TYPE 150 SYNTAX RadiusServerEntry 151 MAX-ACCESS not-accessible 152 STATUS current 153 DESCRIPTION 154 "An entry (conceptual row) representing a RADIUS server 155 with which the client shares a secret." 156 INDEX { radiusServerIndex } 157 ::= { radiusServerTable 1 } 159 RadiusServerEntry ::= SEQUENCE { 160 radiusServerIndex Integer32, 161 radiusClientAccessRequests Counter32, 162 radiusClientAccessRetransmissions Counter32, 163 radiusClientAccessAccepts Counter32, 164 radiusClientAccessChallenges Counter32, 165 radiusClientMalformedAccessResponses Counter32, 166 radiusClientAuthenticationBadAuthenticators Counter32, 167 radiusClientAccessRejects Counter32, 168 radiusClientTimeouts Counter32, 169 radiusClientAccountingRequests Counter32, 170 radiusClientAccountingRetransmissions Counter32, 171 radiusClientAccountingResponses Counter32, 172 radiusClientAccountingBadAuthenticators Counter32 173 } 175 radiusServerIndex OBJECT-TYPE 176 SYNTAX Integer32 177 MAX-ACCESS not-accessible 178 STATUS current 179 DESCRIPTION 180 "The RADIUS server with whom the client interacts." 181 ::= { radiusServerEntry 1 } 183 radiusClientAccessRequests OBJECT-TYPE 184 SYNTAX Counter32 185 MAX-ACCESS read-only 186 STATUS current 187 DESCRIPTION 188 "The total number of RADIUS Access-Request messages sent 189 since client start-up" 190 ::= { radiusServerEntry 2 } 192 radiusClientAccessRetransmissions OBJECT-TYPE 193 SYNTAX Counter32 194 MAX-ACCESS read-only 195 STATUS current 196 DESCRIPTION 197 "The total number of RADIUS Access-Request messages retransmitted 198 since client start-up" 199 ::= { radiusServerEntry 3 } 201 radiusClientAccessAccepts OBJECT-TYPE 202 SYNTAX Counter32 203 MAX-ACCESS read-only 204 STATUS current 205 DESCRIPTION 206 "The total number of RADIUS Access-Accept messages received 207 since client start-up" 208 ::= { radiusServerEntry 4 } 210 radiusClientAccessChallenges OBJECT-TYPE 211 SYNTAX Counter32 212 MAX-ACCESS read-only 213 STATUS current 214 DESCRIPTION 215 "The total number of RADIUS Access-Challenge messages received 216 since client start-up" 217 ::= { radiusServerEntry 5 } 219 radiusClientMalformedAccessResponses OBJECT-TYPE 220 SYNTAX Counter32 221 MAX-ACCESS read-only 222 STATUS current 223 DESCRIPTION 224 "The total number of malformed RADIUS Access-Response messages received 225 since client start-up" 226 ::= { radiusServerEntry 6 } 228 radiusClientAuthenticationBadAuthenticators OBJECT-TYPE 229 SYNTAX Counter32 230 MAX-ACCESS read-only 231 STATUS current 232 DESCRIPTION 233 "The total number of RADIUS Access-Response messages containing invalid 234 authenticators received since client start-up" 235 ::= { radiusServerEntry 7 } 237 radiusClientAccessRejects OBJECT-TYPE 238 SYNTAX Counter32 239 MAX-ACCESS read-only 240 STATUS current 241 DESCRIPTION 242 "The total number of RADIUS Access-Reject messages sent since client start-up" 243 ::= { radiusServerEntry 8 } 245 radiusClientTimeouts OBJECT-TYPE 246 SYNTAX Counter32 247 MAX-ACCESS read-only 248 STATUS current 249 DESCRIPTION 250 "The total number of timeouts since client startup" 251 ::= { radiusServerEntry 9 } 253 radiusClientAccountingRequests OBJECT-TYPE 254 SYNTAX Counter32 255 MAX-ACCESS read-only 256 STATUS current 257 DESCRIPTION 258 "The total number of RADIUS Accounting-Request messages sent 259 since client start-up" 260 ::= { radiusServerEntry 10 } 262 radiusClientAccountingRetransmissions OBJECT-TYPE 263 SYNTAX Counter32 264 MAX-ACCESS read-only 265 STATUS current 266 DESCRIPTION 267 "The total number of RADIUS Accounting-Request messages retransmitted 268 since client start-up" 269 ::= { radiusServerEntry 11} 271 radiusClientAccountingResponses OBJECT-TYPE 272 SYNTAX Counter32 273 MAX-ACCESS read-only 274 STATUS current 275 DESCRIPTION 276 "The total number of RADIUS Accounting-Response messages received 277 since client start-up" 278 ::= { radiusServerEntry 12} 280 radiusClientAccountingBadAuthenticators OBJECT-TYPE 281 SYNTAX Counter32 282 MAX-ACCESS read-only 283 STATUS current 284 DESCRIPTION 285 "The total number of RADIUS Accounting-Response messages which 286 contained invalid authenticators received since client start-up" 287 ::= { radiusServerEntry 13} 289 -- conformance information 291 radiusClientMIBConformance 292 OBJECT IDENTIFIER ::= { radiusClientMIB 2 } 293 radiusClientMIBCompliances 294 OBJECT IDENTIFIER ::= { radiusClientMIBConformance 1 } 295 radiusClientMIBGroups OBJECT IDENTIFIER ::= { radiusClientMIBConformance 2 } 297 -- compliance statements 299 radiusClientMIBCompliance MODULE-COMPLIANCE 300 STATUS current 301 DESCRIPTION 302 "The compliance statement for Clients implementing the RADIUS Client 303 MIB." 304 MODULE -- this module 305 MANDATORY-GROUPS { radiusClientMIBGroup } 307 ::= { radiusClientMIBCompliances 1 } 309 -- units of conformance 311 radiusClientMIBGroup OBJECT-GROUP 312 OBJECTS { radiusClientInvalidServerAddresses, 313 radiusClientAccessRequests, 314 radiusClientAccessRetransmissions, 315 radiusClientAccessAccepts, 316 radiusClientAccessChallenges, 317 radiusClientMalformedAccessResponses, 318 radiusClientAuthenticationBadAuthenticators, 319 radiusClientAccessRejects, 320 radiusClientTimeouts, 321 radiusClientAccountingRequests, 322 radiusClientAccountingRetransmissions, 323 radiusClientAccountingResponses, 324 radiusClientAccountingBadAuthenticators 325 } 326 STATUS current 327 DESCRIPTION 328 "The basic collection of objects providing management of 329 RADIUS Clients." 330 ::= { radiusClientMIBGroups 1 } 332 END 334 7. Security considerations 336 All MIB variables described in this document are read-only. 338 8. Acknowledgments 340 Thanks to Narendra Gidwani of Microsoft, Allan C. Rubens of MERIT, and 341 Peter Heitman of American Internet Corporation for useful discussions 342 of this problem space. 344 9. References 346 [1] C. Rigney, A. Rubens, W. Simpson, S. Willens. "Remote Authenti- 347 cation Dial In User Service (RADIUS)." RFC 2058, Livingston, Merit, 348 Daydreamer, January, 1997. 350 [2] C. Rigney. "RADIUS Accounting." RFC 2059, Livingston, January, 351 1997. 353 [3] C. Rigney, W. Willats. "RADIUS Extensions." draft-ietf-radius- 354 ext-00.txt, Livingston, January, 1997. 356 [4] "Information processing systems - Open Systems Interconnection - 357 Specification of Abstract Syntax Notation One (ASN.1)", International 358 Organization for Standardization, International Standard 8824, Decem- 359 ber 1987. 361 [5] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Introduc- 362 tion to Community-based SNMPv2", RFC 1901, SNMP Research, Inc., Cisco 363 Systems, Dover Beach Consulting, Inc., International Network Services, 364 January, 1996. 366 [6] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Structure 367 of Management Information for Version 2 of the Simple Network Manage- 368 ment Protocol (SNMPv2)", RFC 1902, SNMP Research, Inc., Cisco Systems, 369 Dover Beach Consulting, Inc., International Network Services, January, 370 1996. 372 [7] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Textual 373 Conventions for version 2 of the the Simple Network Management Proto- 374 col (SNMPv2)", RFC 1903, SNMP Research, Inc., Cisco Systems, Dover 375 Beach Consulting, Inc., International Network Services, January, 1996. 377 [8] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Confor- 378 mance Statements for version 2 of the the Simple Network Management 379 Protocol (SNMPv2)", RFC 1904, SNMP Research, Inc., Cisco Systems, 380 Dover Beach Consulting, Inc., International Network Services, January, 381 1996. 383 [9] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol 384 Operations for Version 2 of the Simple Network Management Protocol 385 (SNMPv2)", RFC 1905, SNMP Research, Inc., Cisco Systems, Dover Beach 386 Consulting, Inc., International Network Services, January, 1996. 388 [10] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport 389 Mappings for Version 2 of the Simple Network Management Protocol 390 (SNMPv2)", RFC 1906, SNMP Research, Inc., Cisco Systems, Dover Beach 391 Consulting, Inc., International Network Services, January, 1996. 393 [11] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Manage- 394 ment Information Base for Version 2 of the Simple Network Management 395 Protocol (SNMPv2)", RFC 1907, SNMP Research, Inc., Cisco Systems, 396 Dover Beach Consulting, Inc., International Network Services, January, 397 1996. 399 [12] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Coexis- 400 tence between Version 1 and Version 2 of the Internet-standard Network 401 Management Framework", RFC 1908, SNMP Research, Inc., Cisco Systems, 402 Dover Beach Consulting, Inc., International Network Services, January, 403 1996. 405 [13] McCloghrie, K., "An Administrative Infrastructure for SNMPv2", 406 RFC 1909, Cisco Systems, February, 1996. 408 10. Authors' Addresses 410 Bernard Aboba 411 Microsoft Corporation 412 One Microsoft Way 413 Redmond, WA 98052 415 Phone: 206-936-6605 416 EMail: bernarda@microsoft.com 417 Glen Zorn 418 Microsoft Corporation 419 One Microsoft Way 420 Redmond, WA 98052 422 Phone: 206-703-1559 423 EMail: glennz@microsoft.com