idnits 2.17.1 draft-ietf-rmonmib-smon-07.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts -- however, there's a paragraph with a matching beginning. Boilerplate error? == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 43 longer pages, the longest (page 2) being 60 lines == It seems as if not all pages are separated by form feeds - found 0 form feeds but 44 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There is 1 instance of too long lines in the document, the longest one being 1 character in excess of 72. == There are 1 instance of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == Line 235 has weird spacing: '...tecture or by...' == Line 330 has weird spacing: '...ty than copy ...' == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords -- however, there's a paragraph with a matching beginning. Boilerplate error? (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The exact meaning of the all-uppercase expression 'MAY NOT' is not defined in RFC 2119. If it is intended as a requirements expression, it should be rewritten using one of the combinations defined in RFC 2119; otherwise it should not be all-uppercase. == The expression 'MAY NOT', while looking like RFC 2119 requirements text, is not defined in RFC 2119, and should not be used. Consider using 'MUST NOT' instead (if that is what you mean). Found 'MAY NOT' in this paragraph: The portCopyDest object MAY NOT reference an interface associated with a packet-based VLAN (smonVlanDataSource.), but this dataSource type MAY be used as a portCopySource. == The expression 'MAY NOT', while looking like RFC 2119 requirements text, is not defined in RFC 2119, and should not be used. Consider using 'MUST NOT' instead (if that is what you mean). Found 'MAY NOT' in this paragraph: This object MAY NOT be modified if the associated smonVlanStatsControlStatus object is equal to active(1)." ::= { smonVlanStatsControlEntry 2 } == The expression 'MAY NOT', while looking like RFC 2119 requirements text, is not defined in RFC 2119, and should not be used. Consider using 'MUST NOT' instead (if that is what you mean). Found 'MAY NOT' in this paragraph: An entry MAY NOT exist in the active state unless all objects in the entry have an appropriate value. == The expression 'MAY NOT', while looking like RFC 2119 requirements text, is not defined in RFC 2119, and should not be used. Consider using 'MUST NOT' instead (if that is what you mean). Found 'MAY NOT' in this paragraph: This object MAY NOT be modified if the associated smonPrioStatsControlStatus object is equal to active(1)." ::= { smonPrioStatsControlEntry 2 } == The expression 'MAY NOT', while looking like RFC 2119 requirements text, is not defined in RFC 2119, and should not be used. Consider using 'MUST NOT' instead (if that is what you mean). Found 'MAY NOT' in this paragraph: An entry MAY NOT exist in the active state unless all objects in the entry have an appropriate value. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- Couldn't find a document date in the document -- date freshness check skipped. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: '21' is defined on line 1945, but no explicit reference was found in the text == Unused Reference: '25' is defined on line 1962, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2271 (ref. '1') (Obsoleted by RFC 2571) ** Downref: Normative reference to an Informational RFC: RFC 1215 (ref. '4') ** Obsolete normative reference: RFC 1902 (ref. '5') (Obsoleted by RFC 2578) ** Obsolete normative reference: RFC 1903 (ref. '6') (Obsoleted by RFC 2579) -- Possible downref: Non-RFC (?) normative reference: ref. '7' ** Downref: Normative reference to an Historic RFC: RFC 1157 (ref. '8') ** Downref: Normative reference to an Historic RFC: RFC 1901 (ref. '9') ** Obsolete normative reference: RFC 1906 (ref. '10') (Obsoleted by RFC 3417) ** Obsolete normative reference: RFC 2272 (ref. '11') (Obsoleted by RFC 2572) ** Obsolete normative reference: RFC 2274 (ref. '12') (Obsoleted by RFC 2574) ** Obsolete normative reference: RFC 1905 (ref. '13') (Obsoleted by RFC 3416) ** Obsolete normative reference: RFC 2273 (ref. '14') (Obsoleted by RFC 2573) ** Obsolete normative reference: RFC 2275 (ref. '15') (Obsoleted by RFC 2575) ** Obsolete normative reference: RFC 2021 (ref. '16') (Obsoleted by RFC 4502) ** Obsolete normative reference: RFC 1757 (ref. '17') (Obsoleted by RFC 2819) ** Obsolete normative reference: RFC 2037 (ref. '18') (Obsoleted by RFC 2737) -- Possible downref: Non-RFC (?) normative reference: ref. '19' -- Possible downref: Non-RFC (?) normative reference: ref. '20' ** Obsolete normative reference: RFC 2233 (ref. '22') (Obsoleted by RFC 2863) ** Obsolete normative reference: RFC 1493 (ref. '23') (Obsoleted by RFC 4188) Summary: 25 errors (**), 0 flaws (~~), 15 warnings (==), 6 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 INTERNET DRAFT 3 Remote Network Monitoring MIB Extensions for Switched Networks 4 Version 1.0 6 8 Feb. 10, 1999 10 Richard Waterman 11 Allot Networks Inc. 12 rich@allot.com 14 Bill Lahaye 15 Xylan Corp. 16 Bill.Lahaye@xylan.com 18 Dan Romascanu 19 Lucent Technologies 20 dromasca@lucent.com 22 Steve Waldbusser 23 INS 24 waldbusser@ins.com 26 Status of this Memo 28 This document is an Internet-Draft and is in full conformance with 29 all provisions of Section 10 of RFC 2026. Internet-Drafts are 30 working documents of the Internet Engineering Task Force (IETF), its 31 areas, and its working groups. Note that other groups may also 32 distribute working documents as Internet-Drafts. 34 Internet-Drafts are draft documents valid for a maximum of six months 35 and may be updated, replaced, or obsoleted by other documents at any 36 time. It is inappropriate to use Internet- Drafts as reference 37 material or to cite them other than as ``work in progress.'' 39 The list of current Internet-Drafts can be accessed at 40 http://www.ietf.org/ietf/lid-abstracts.txt 42 The list of Internet-Draft Shadow Directories can be accessed at 43 http://www.ietf.org/shadow.html. 45 Copyright Notice 47 Copyright (C) The Internet Society (1999). All Rights Reserved. 49 Abstract 51 This memo defines a portion of the Management Information Base (MIB) 52 for use with network management protocols in TCP/IP-based internets. 53 In particular, it defines objects for managing remote network 54 monitoring devices in switched networks environments. 56 Table of Contents 58 Status of this Memo 1 59 Abstract 1 60 1 The Network Management Framework 2 61 2 Overview 3 62 2.1 Remote Network Management Goals 4 63 2.2 Switched Networks Monitoring 5 64 2.3 Mechanisms for Monitoring Switched Networks 6 65 2.3.1 DataSource Objects 6 66 2.3.2 Copy Port 7 67 2.3.3 VLAN Monitoring 8 68 2.4 Relationship to Other MIBs 8 69 2.4.1 The RMON and RMON 2 MIBs 8 70 2.4.2 The Interfaces Group MIB 9 71 2.4.3 The Entity MIB 9 72 2.4.4 The Bridge MIB 10 73 2.5 Relationship with IEEE 802.1 Standards 10 74 3 SMON/RMON Groups 10 75 3.1 SMON ProbeCapabilities 10 76 3.2 smonVlanStats 11 77 3.3 smonPrioStats 11 78 3.4 dataSourceCaps 11 79 3.5 portCopyConfig 11 80 4 Control of Remote Network Monitoring Devices 12 81 5 Definitions 13 82 6 References 39 83 7 Intellectual Propriety 41 84 8 Security Considerations 42 85 9 Authors' Addresses 43 86 A Full Copyright Statement 43 88 1. The Network Management Framework 90 The SNMP Management Framework presently consists of five major 91 components: 93 - An overall architecture, described in RFC 2271 [1]. 95 - Mechanisms for describing and naming objects and events for the 96 purpose of management. The first version of this Structure of 97 Management Information (SMI) is called SMIv1 and described in RFC 98 1155 [2], RFC 1212 [3] and RFC 1215 [4]. The second version, called 99 SMIv2, is described in RFC 1902 [5], RFC 1903 [6] and RFC 1904 [7]. 101 - Message protocols for transferring management information. The 102 first version of the SNMP message protocol is called SNMPv1 and 103 described in RFC 1157 [8]. A second version of the SNMP message 104 protocol, which is not an Internet standards track protocol, is 105 called SNMPv2c and described in RFC 1901 [9] and RFC 1906 [10]. 106 The third version of the message protocol is called SNMPv3 and 107 described in RFC 1906 [10], RFC 2272 [11] and RFC 2274 [12]. 109 - Protocol operations for accessing management information. The first 110 set of protocol operations and associated PDU formats is described 111 in RFC 1157 [8]. A second set of protocol operations and associated 112 PDU formats is described in RFC 1905 [13]. 114 - A set of fundamental applications described in RFC 2273 [14] and 115 the view-based access control mechanism described in RFC 2275 [15]. 117 Managed objects are accessed via a virtual information store, termed 118 the Management Information Base or MIB. Objects in the MIB are 119 defined using the mechanisms defined in the SMI. 121 This memo specifies a MIB module that is compliant to the SMIv2. A 122 MIB conforming to the SMIv1 can be produced through the appropriate 123 translations. The resulting translated MIB must be semantically 124 equivalent, except where objects or events are omitted because no 125 information in SMIv2 will be converted into textual descriptions in 126 SMIv1 during the translation process. However, this loss of machine 127 readable information is not considered to change the semantics of the 128 MIB. 130 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 131 "SHOULD", "SHOULD NOT", "RECOMMENDED","MAY", and "OPTIONAL" in this 132 document are to be interpreted as described in RFC2119 [24]. 134 2. Overview 136 This document continues the architecture created in the RMON MIB [17] 137 by providing RMON analysis for switched networks (SMON). 139 Remote network monitoring devices, often called monitors or probes, 140 are instruments that exist for the purpose of managing a network. 141 Often these remote probes are stand-alone devices and devote 142 significant internal resources for the sole purpose of managing a 143 network. An organization may employ many of these devices, one per 144 network segment, to manage its internet. In addition, these devices 145 may be used for a network management service provider to access a 146 client network, often geographically remote. 148 The objects defined in this document are intended as an interface 149 between an RMON agent and an RMON management application and are not 150 intended for direct manipulation by humans. While some users may 151 tolerate the direct display of some of these objects, few will 152 tolerate the complexity of manually manipulating objects to 153 accomplish row creation. These functions should be handled by the 154 management application. 156 2.1 Remote Network Management Goals 158 o Offline Operation 160 There are sometimes conditions when a management 161 station will not be in constant contact with its 162 remote monitoring devices. This is sometimes by 163 design in an attempt to lower communications costs 164 (especially when communicating over a WAN or 165 dialup link), or by accident as network failures 166 affect the communications between the management 167 station and the probe. 169 For this reason, this MIB allows a probe to be 170 configured to perform diagnostics and to collect 171 statistics continuously, even when communication with 172 the management station may not be possible or 173 efficient. The probe may then attempt to notify 174 the management station when an exceptional condition 175 occurs. Thus, even in circumstances where 176 communication between management station and probe is 177 not continuous, fault, performance, and configuration 178 information may be continuously accumulated and 179 communicated to the management station conveniently 180 and efficiently. 182 o Proactive Monitoring 184 Given the resources available on the monitor, it 185 is potentially helpful for it continuously to run 186 diagnostics and to log network performance. The 187 monitor is always available at the onset of any 188 failure. It can notify the management station of the 189 failure and can store historical statistical 190 information about the failure. This historical 191 information can be played back by the management 192 station in an attempt to perform further diagnosis 193 into the cause of the problem. 195 o Problem Detection and Reporting 197 The monitor can be configured to recognize 198 conditions, most notably error conditions, and 199 continuously to check for them. When one of these 200 conditions occurs, the event may be logged, and 201 management stations may be notified in a number of 202 ways. 204 o Value Added Data 206 Because a remote monitoring device represents a 207 network resource dedicated exclusively to network 208 management functions, and because it is located 209 directly on the monitored portion of the network, the 210 remote network monitoring device has the opportunity 211 to add significant value to the data it collects. 212 For instance, by highlighting those hosts on the 213 network that generate the most traffic or errors, the 214 probe can give the management station precisely the 215 information it needs to solve a class of problems. 217 o Multiple Managers 219 An organization may have multiple management stations 220 for different units of the organization, for different 221 functions (e.g. engineering and operations), and in an 222 attempt to provide disaster recovery. Because 223 environments with multiple management stations are 224 common, the remote network monitoring device has to 225 deal with more than one management station, 226 potentially using its resources concurrently. 228 2.2 Switched Networks Monitoring 230 This document addresses issues related to applying "Remote 231 Technology" to Switch Networks. Switches today differ from standard 232 shared media protocols: 234 1) Data is not, in general, broadcast. This MAY be caused by the 235 switch architecture or by the connection-oriented nature of the 236 data. This means, therefore, that monitoring non-broadcast 237 traffic needs to be considered. 239 2) Monitoring the multiple entry and exit points from a switching 240 device requires a vast amount of resources - memory and CPU, and 241 aggregation of the data in logical packets of information, 242 determined by the application needs. 244 3) Switching incorporates logical segmentation such as Virtual LANs 245 (VLANs). 247 4) Switching incorporates packet prioritization. 249 5) Data across the switch fabric can be in the form of cells. Like 250 RMON, SMON is only concerned with the monitoring of packets. 252 Differences such as these make monitoring difficult. The current 253 RMON and RMON 2 standards do not provide for things that are unique 254 to switches or switched environments. 256 In order to overcome the limitations of the existing standards, new 257 monitoring mechanisms have been implemented by vendors of switching 258 equipment. All these monitoring strategies are currently proprietary 259 in nature. 261 This document provides the framework to include different switching 262 strategies and allow for monitoring operations consistent with the 263 RMON framework. This MIB is limited to monitoring and control 264 operations aimed at providing monitoring data for RMON probes. 266 2.3 Mechanisms for Monitoring Switched Networks 268 The following mechanisms are used by SMON devices, for the purpose of 269 monitoring switched networks. 271 2.3.1 DataSource Objects 273 The RMON MIB standard [17] defines data source objects which point to 274 MIB-II interfaces, identified by instances of ifIndex objects. 276 The SMON MIB extends this concept and allows for other types of 277 objects to be defined as data sources for RMON and/or SMON data. 278 Three forms of dataSources are described: 280 ifIndex. 282 Traditional RMON dataSources. Called 'port-based' for 283 ifType. not equal to 'propVirtual(53)'. is the 284 ifIndex value (see [22]). 286 smonVlanDataSource. 288 A dataSource of this form refers to a 'Packet-based VLAN' 289 and is called a 'VLAN-based' dataSource. is the VLAN 290 ID as defined by the IEEE 802.1Q standard [19]. The 291 value is between 1 and 4094 inclusive, and it represents 292 an 802.1Q VLAN-ID with global scope within a given 293 bridged domain, as defined by [19]. 295 entPhysicalEntry. 297 A dataSource of this form refers to a physical entity 298 within the agent and is called an 'entity-based' 299 dataSource. is the value of the entPhysicalIndex in 300 the entPhysicalTable (see [18]). 302 In addition to these new dataSource types, SMON introduces a new 303 group called dataSourceCapsTable to aid an NMS in discovering 304 dataSource identity and attributes. 306 The extended data source mechanism supported by the SMON MIB allows 307 for the use of external collection points, similar to the one defined 308 and supported by the RMON and RMON 2 MIBs, as well as internal 309 collection points (e.g. propVirtual ifTable entry, entPhysicalEntry). 310 The latter reflects either data sources which MAY be the result of 311 aggregation (e.g. switch-wide) or internal channels of physical 312 entities, which have the capability of being monitored by an SMON 313 probe. 315 2.3.2 Copy Port 317 In order to make the switching devices support RMON statistics, many 318 vendors have implemented a port copy feature, allowing traffic to be 319 replicated from switch port to switch port. Several levels of 320 configuration are possible: 322 1) 1 source port to 1 destination port 323 2) N source ports to 1 destination port 324 3) N source ports to M destination ports 326 The SMON standard presents a standard MIB interface which allows for 327 the control of this function. 329 Note that this function can apply to devices that have no other SMON 330 or RMON functionality than copy port. The agent of such a device 331 would support only the portCopyCaps and the portCopyConfig MIB 332 groups, out of the whole SMON MIB. Switch vendors are encouraged to 333 implement this subset of the SMON MIB, as it would allow for standard 334 port copy configuration from the same NMS application that does RMON 335 or SMON. 337 Port copy may cause congestion problems on the SMON device. This 338 situation is more likely occur when copying from a port of higher 339 speed to a port of lower speed or copy from multiple port to a single 340 port. 342 Particular implementations MAY chose to build protection mechanisms 343 that would prevent creation of new port copy links when the capacity 344 of the destination port is exceeded. The MIB allows for 345 implementations to (if supported) instrument a destination drop count 346 on port copy to provide NMS applications a sense of the quality of 347 data presented at the destination port. 349 2.3.3 VLAN Monitoring 351 VLAN monitoring can be accomplished by using a VLAN-based dataSource 352 and/or by configuring smonVlanIdStats and/or smonPrioStats 353 collections. These functions allow VLAN-ID or user priority 354 distributions per dataSource. VLAN monitoring provides a high-level 355 view of total VLAN usages and relative non-unicast traffic usage as 356 well as a profile of VLAN priority as defined in the 3-bit 357 user_priority field. 359 NOTE: priority statistics reflect what was parsed from the packet, 360 not what priority, if any, was necessarily granted by the switch. 362 2.4 Relationship to Other MIBs 364 2.4.1 The RMON and RMON 2 MIBs 366 The Remote Monitoring MIB (RMON) [17] provides several management 367 functions that MAY be directly or indirectly applicable to switched 368 networks. 370 The port copy mechanisms defined by the SMON MIB allow for the 371 destination ports to become a data source for any RMON statistics. 372 However, an NMS application SHOULD check whether it is in the device 373 capability (portCopyCap) to filter errors from a source to a 374 destination port and whether this capability is enabled, in order to 375 provide a correct interpretation of the copied port traffic. 377 RMON host and matrix group statistics entries MAY be aggregated by 378 use of the extended dataSource capability defined in SMON. RMON 2 379 groups are similarly extended through the use of SMON's dataSource 380 definition. 382 RMON also defines a simple thresholding monitoring mechanism, event- 383 logging and event-notification for any MIB instance; SMON utilizes 384 the alarms and events groups from RMON without modification. These 385 groups SHOULD be implemented on SMON devices if a simple thresholding 386 mechanism is desired. 388 The RMON 2 usrHistory group (user-defined history collection) SHOULD 389 be implemented by an SMON device if a history collection mechanism is 390 desired for smonStats entries. 392 2.4.2 The Interfaces Group MIB 394 The SMON MIB utilizes the propVirtual(53) ifType defined in the 395 Interfaces Group MIB [22] to provide SMON and RMON with new 396 dataSources such as VLANs and internal monitoring points. NMS 397 applications SHOULD consult the SMON dataSource capabilities group 398 (dataSourceCap) for a description of these virtual interfaces. 400 2.4.3 The Entity MIB 402 The SMON MIB does not mandate Entity MIB [18] support, but allows for 403 physical entities, as defined by this MIB to be defined as SMON data 404 sources. For such cases, the support for the entPhysicalTable is 405 required. 407 2.4.4 The Bridge MIB 409 One of the important indicators for measuring the effectiveness of a 410 switching device is the ratio between the number of forwarded frames 411 and the number of dropped frames at the switch port. 413 It is out of the scope of this MIB to provide instrumentation 414 information relative to switching devices. However, such indication 415 may be part of other MIB modules. 417 For instance the Bridge MIB [23] provides such MIB objects, for the 418 802.1 bridges (dot1dTpPortInFrames, dot1dTpPortInDiscards) and 419 switches managed according to the 802.1 bridge model MAY provide this 420 information. 422 2.5 Relationship with IEEE 802.1 Standards 424 The SMON MIB provides simple statistics per VLAN and priority levels. 425 Those two categories of statistics are important to managers of 426 switched networks. Interoperability for those features is ensured by 427 the use of the IEEE 802.1 p/Q standards ([19], [20]) defined by the 428 IEEE 802.1 WG. Interoperability from the SMON MIB point of view is 429 ensured by referencing the IEEE definition of VLANs and priority 430 levels for the SMON statistics. 432 3. SMON Groups 433 3.1 SMON ProbeCapabilities 435 The SMON probeCapabilities BITS object covers the following four 436 capabilities. 438 - smonVlanStats(0) 439 The probe supports the smonVlanStats object group. 441 - smonPrioStats(1) 442 The probe supports the smonPrioStats object group. 444 - dataSource(2) 445 The probe supports the dataSourceCaps object group. 447 - portCopy(4) 448 The probe supports the portCopyConfig object group. 450 3.2 smonVlanStats 452 The smonVlanStats MIB group includes the control and statistics 453 objects related to 802.1Q VLANs. Specific statistics per 802.1Q 454 virtual LAN are supported. The group provides a high level view of 455 total VLAN usage, and relative non-unicast traffic usage. 457 It is an implementation-specific matter as to how the agent deter- 458 mines the proper default-VLAN for untagged or priority-tagged frames. 460 3.3 smonPrioStats 462 The smonPrioStatsTable provides a distribution based on the 463 user_priority field in the VLAN header. 465 Note that this table merely reports priority as encoded in VLAN 466 headers, not the priority (if any) given the frame for actual 467 switching purposes. 469 3.4 dataSourceCaps 471 The dataSourceCaps MIB group identifies all supported data sources on 472 an SMON device. An NMS MAY use this table to discover the RMON and 473 Copy Port attributes of each data source. 475 Upon restart of the agent, the dataSourceTable, ifTable and 476 entPhysicalTable are initialized for the available data sources. The 477 agent MAY modify these tables as data sources become known or are 478 removed (e.g. hot swap of interfaces, chassis cards or the discovery 479 of VLAN usage). It is understood that dataSources representing VLANs 480 may not always be instantiated immediately upon restart, but rather 481 as VLAN usage is detected by the agent. The agent SHOULD attempt to 482 create dataSource and interface entries for all dataSources as soon 483 as possible. 485 For each dataSourceCapsEntry representing a VLAN or entPhysicalEntry, 486 the agent MUST create an associated ifEntry with a ifType value of 487 'propVirtual(53)'. The assigned ifIndex value is copied into the 488 associated dataSourceCapsIfIndex object. 490 The rationale of the above derives from the fact that according to 491 [16] and [17] an RMON dataSource MUST be associated with an ifEntry. 492 Specifically, the dataSourceCapsTable allows for an agent to map 493 Entity MIB physical entities (e.g., switch backplanes) and entire 494 VLANs to ifEntries with ifType "propVirtual(53)". This ifEntry values 495 will be used as the actual values in RMON control table dataSource 496 objects. This allows for physical entities and VLANs to be treated 497 as RMON data sources, and RMON functions to be applied to this type 498 of data sources. 500 3.5 portCopyConfig 502 The portCopyConfig MIB group includes the objects defined for the 503 control of the port copy functionality in a device. 505 The standard does not place a limit on the mode in which this copy 506 function may be used: 508 Mode 1 -- 1:1 Copy 510 Single dataSource copied to a single destination dataSource. 511 Agent MAY limit configuration based on ifTypes, ifSpeeds, half- 512 duplex/full-duplex, or agent resources. In this mode the single 513 instance of the portCopyDestDropEvents object refers to dropped 514 frames on the portCopyDest interface. 516 Mode 2 -- N:1 Copy 518 Multiple dataSources copied to a single destination dataSource. 519 Agent MAY limit configuration based on ifTypes, ifSpeeds, half- 520 duplex/full-duplex, portCopyDest over-subscription, or agent 521 resources. In this mode all N instances of the 522 portCopyDestDropEvents object SHOULD contain the same value, 523 and refer to dropped frames on the portCopyDest interface. 525 Mode 3 -- N:M Copy 527 Multiple dataSources copied to multiple destination dataSources. 528 Agent MAY limit configuration based on ifTypes, ifSpeeds, half- 529 duplex/full-duplex, portCopyDest over-subscription, or agent 530 resources. Since portCopyDestDropEvents is kept per destination 531 port, all instances of the portCopyDestDropEvents object 532 associated with (indexed by) a given portCopyDest SHOULD have 533 the same value (i.e. replicated or aliased for each instance 534 associated with a given portCopyDest). 536 The rows do not have an OwnerString, since multiple rows MAY be part 537 of the same portCopy operation. The agent is expected to activate or 538 deactivate entries one at a time, based on the rowStatus for the 539 given row. This can lead to unpredictable results in Modes 2 and 3 540 in applications utilizing the portCopy target traffic, if multiple 541 PDUs are used to fully configure the operation. It is RECOMMENDED 542 that an entire portCopy operation be configured in one SetRequest PDU 543 if possible. 545 The portCopyDest object MAY NOT reference an interface associated 546 with a packet-based VLAN (smonVlanDataSource.), but this 547 dataSource type MAY be used as a portCopySource. 549 4. Control of Remote Network Monitoring Devices 551 Due to the complex nature of the available functions in these 552 devices, the functions often need user configuration. In many cases, 553 the function requires parameters to be set up for a data collection 554 operation. The operation can proceed only after these parameters are 555 fully set up. 557 Many functional groups in this MIB have one or more tables in which 558 to set up control parameters, and one or more data tables in which to 559 place the results of the operation. The control tables are typically 560 read/write in nature, while the data tables are typically read-only. 561 Because the parameters in the control table often describe resulting 562 data in the data table, many of the parameters can be modified only 563 when the control entry is not active. Thus, the method for modifying 564 these parameters is to de-activate the entry, perform the SNMP Set 565 operations to modify the entry, and then re-activate the entry. 566 Deleting the control entry causes the deletion of any associated data 567 entries, which also gives a convenient method for reclaiming the 568 resources used by the associated data. 570 Some objects in this MIB provide a mechanism to execute an action on 571 the remote monitoring device. These objects MAY execute an action as 572 a result of a change in the state of the object. For those objects 573 in this MIB, a request to set an object to the same value as it 574 currently holds would thus cause no action to occur. 576 To facilitate control by multiple managers, resources have to be 577 shared among the managers. These resources are typically the memory 578 and computation resources that a function requires. 580 The control mechanisms defined and used in this MIB are the same as 581 those defined in the RMON MIB [17], for control functionality and 582 interaction with multiple managers. 584 5. Definitions 586 SMON-MIB DEFINITIONS ::= BEGIN 588 IMPORTS 589 MODULE-IDENTITY, OBJECT-TYPE, Counter32, 590 Integer32, Counter64 591 FROM SNMPv2-SMI 592 RowStatus, TEXTUAL-CONVENTION 593 FROM SNMPv2-TC 594 rmon, OwnerString 595 FROM RMON-MIB 596 LastCreateTime, DataSource, rmonConformance, probeConfig 597 FROM RMON2-MIB 598 InterfaceIndex 599 FROM IF-MIB 600 MODULE-COMPLIANCE, OBJECT-GROUP 601 FROM SNMPv2-CONF; 603 switchRMON MODULE-IDENTITY 604 LAST-UPDATED "9812160000Z" 605 ORGANIZATION "IETF RMON MIB Working Group" 606 CONTACT-INFO 607 "IETF RMONMIB WG Mailing list: rmonmib@cisco.com 609 Rich Waterman 610 Allot Networks Inc. 611 Tel: +1-408-559-0253 612 Email: rich@allot.com 614 Bill Lahaye 615 Xylan Corp. 616 Tel: +1-800-995-2612 617 Email: lahaye@ctron.com 619 Dan Romascanu 620 Lucent Technologies 621 Tel: +972-3-645-8414 622 Email: dromasca@lucent.com 624 Steven Waldbusser 625 International Network Services 626 Tel: +1-415-254-4251 627 Email: waldbusser@ins.com" 629 DESCRIPTION 630 "The MIB module for managing remote monitoring device 631 implementations for Switched Networks" 632 ::= { rmon 22 } 634 smonMIBObjects OBJECT IDENTIFIER ::= { switchRMON 1 } 636 dataSourceCaps OBJECT IDENTIFIER ::= {smonMIBObjects 1} 637 smonStats OBJECT IDENTIFIER ::= {smonMIBObjects 2} 638 portCopyConfig OBJECT IDENTIFIER ::= {smonMIBObjects 3} 639 smonRegistrationPoints OBJECT IDENTIFIER ::= {smonMIBObjects 4} 641 -- Textual Conventions 642 -- 644 SmonDataSource ::= TEXTUAL-CONVENTION 645 STATUS current 646 DESCRIPTION 647 "Identifies the source of the data that the associated function 648 is configured to analyze. This Textual Convention 649 extends the DataSource Textual Convention defined by RMON 2 650 to the following data source types: 652 - ifIndex. 653 DataSources of this traditional form are called 'port-based', 654 but only if ifType. is not equal to 'propVirtual(53)'. 656 - smonVlanDataSource. 657 A dataSource of this form refers to a 'Packet-based VLAN' 658 and is called a 'VLAN-based' dataSource. is the VLAN 659 ID as defined by the IEEE 802.1Q standard [19]. The 660 value is between 1 and 4094 inclusive, and it represents 661 an 802.1Q VLAN-ID with global scope within a given 662 bridged domain, as defined by [19]. 664 - entPhysicalEntry. 665 A dataSource of this form refers to a physical entity within 666 the agent (e.g. entPhysicalClass = backplane(4)) and is called 667 an 'entity-based' dataSource." 668 SYNTAX OBJECT IDENTIFIER 670 -- The smonCapabilities object describes SMON agent capabilities. 672 smonCapabilities OBJECT-TYPE 673 SYNTAX BITS { 674 smonVlanStats(0), 675 smonPrioStats(1), 676 dataSource(2), 677 smonUnusedBit(3), 678 portCopy(4) 679 } 680 MAX-ACCESS read-only 681 STATUS current 682 DESCRIPTION 683 "An indication of the SMON MIB groups supported 684 by this agent." 685 ::= { probeConfig 15 } 687 -- dataSourceCaps MIB group - defines SMON data source and port 688 -- copy capabilities for devices supporting SMON. 690 -- A NMS application will check this MIB group and retrieve 691 -- information about the SMON capabilities of the device before 692 -- applying SMON control operations to the device. 694 -- dataSourceCapsTable: defines capabilities of RMON data sources 696 dataSourceCapsTable OBJECT-TYPE 697 SYNTAX SEQUENCE OF DataSourceCapsEntry 698 MAX-ACCESS not-accessible 699 STATUS current 700 DESCRIPTION 701 "This table describes RMON data sources and port copy 702 capabilities. An NMS MAY use this table to discover the 703 identity and attributes of the data sources on a given agent 704 implementation. Similar to the probeCapabilities object, 705 actual row-creation operations will succeed or fail based on 706 the resources available and parameter values used in each 707 row-creation operation. 709 Upon restart of the RMON agent, the dataSourceTable, ifTable, 710 and perhaps entPhysicalTable are initialized for the available 711 dataSources. 713 For each dataSourceCapsEntry representing a VLAN or 714 entPhysicalEntry the agent MUST create an associated ifEntry 715 with a ifType value of 'propVirtual(53)'. This ifEntry will be 716 used as the actual value in RMON control table dataSource 717 objects. The assigned ifIndex value is copied into the 718 associated dataSourceCapsIfIndex object. 720 It is understood that dataSources representing VLANs may not 721 always be instantiated immediately upon restart, but rather as 722 VLAN usage is detected by the agent. The agent SHOULD attempt 723 to create dataSource and interface entries for all dataSources 724 as soon as possible." 725 ::= { dataSourceCaps 1 } 727 dataSourceCapsEntry OBJECT-TYPE 728 SYNTAX DataSourceCapsEntry 729 MAX-ACCESS not-accessible 730 STATUS current 731 DESCRIPTION 732 "Entries per data source containing descriptions of data 733 source and port copy capabilities. This table is populated by 734 the SMON agent with one entry for each supported data 735 source." 736 INDEX { IMPLIED dataSourceCapsObject } 737 ::= { dataSourceCapsTable 1 } 739 DataSourceCapsEntry ::= SEQUENCE { 740 dataSourceCapsObject 741 SmonDataSource, 742 dataSourceRmonCaps 743 BITS, 744 dataSourceCopyCaps 745 BITS, 746 dataSourceCapsIfIndex 747 InterfaceIndex 748 } 750 dataSourceCapsObject OBJECT-TYPE 751 SYNTAX SmonDataSource 752 MAX-ACCESS not-accessible 753 STATUS current 754 DESCRIPTION 755 "Defines an object that can be a SMON data source or a 756 source or a destination for a port copy operation." 757 ::= { dataSourceCapsEntry 1 } 759 dataSourceRmonCaps OBJECT-TYPE 760 SYNTAX BITS { 761 countErrFrames(0), 762 countAllGoodFrames(1), 763 countAnyRmonTables(2), 764 babyGiantsCountAsGood(3) 765 } 766 MAX-ACCESS read-only 767 STATUS current 768 DESCRIPTION 770 " General attributes of the specified dataSource. Note that 771 these are static attributes, which SHOULD NOT be adjusted 772 because of current resources or configuration. 774 - countErrFrames(0) 775 The agent sets this bit for the dataSource if errored frames 776 received on this dataSource can actually be monitored by the 777 agent The agent clears this bit if any errored frames are 778 not visible to the RMON data collector. 780 - countAllGoodFrames(1) 781 The agent sets this bit for the dataSource if all good 782 frames received on this dataSource can actually be monitored 783 by the agent. The agent clears this bit if any good frames 784 are not visible for RMON collection, e.g., the dataSource is 785 a non-promiscuous interface or an internal switch interface 786 which may not receive frames which were switched in hardware 787 or dropped by the bridge forwarding function. 789 - countAnyRmonTables(2) 790 The agent sets this bit if this dataSource can actually be 791 used in any of the implemented RMON tables, resources 792 notwithstanding. The agent clears this bit if this 793 dataSourceCapsEntry is present simply to identify a 794 dataSource that may only be used as portCopySource and/or a 795 portCopyDest, but not the source of an actual RMON data 796 collection. 798 - babyGiantsCountAsGood(3) 799 The agent sets this bit if it can distinguish, for counting 800 purposes, between true giant frames and frames that exceed 801 Ethernet maximum frame size 1518 due to VLAN tagging ('baby 802 giants'). Specifically, this BIT means that frames up to 803 1522 octets are counted as good. 805 Agents not capable of detecting 'baby giants' will clear 806 this bit and will view all frames less than or equal to 1518 807 octets as 'good frames' and all frames larger than 1518 808 octets as 'bad frames' for the purpose of counting in the 809 smonVlanIdStats and smonPrioStats tables. 811 Agents capable of detecting 'baby giants' SHALL consider 812 them as 'good frames' for the purpose of counting in the 813 smonVlanIdStats and smonPrioStats tables." 815 ::= { dataSourceCapsEntry 2 } 817 dataSourceCopyCaps OBJECT-TYPE 818 SYNTAX BITS { 819 copySourcePort(0), 820 copyDestPort(1), 821 copySrcTxTraffic(2), 822 copySrcRxTraffic(3), 823 countDestDropEvents(4), 824 copyErrFrames(5), 825 copyUnalteredFrames(6), 826 copyAllGoodFrames(7) 827 } 828 MAX-ACCESS read-only 829 STATUS current 830 DESCRIPTION 831 "PortCopy function capabilities of the specified dataSource. 832 Note that these are static capabilities, which SHOULD NOT be 833 adjusted because of current resources or configuration. 835 - copySourcePort(0) 836 The agent sets this bit if this dataSource is capable of 837 acting as a source of a portCopy operation. The agent clears 838 this bit otherwise. 840 - copyDestPort(1) 841 The agent sets this bit if this dataSource is capable of 842 acting as a destination of a portCopy operation. The agent 843 clears this bit otherwise. 845 - copySrcTxTraffic(2) 846 If the copySourcePort bit is set: 847 The agent sets this bit if this dataSource is capable of 848 copying frames transmitted out this portCopy source. The 849 agent clears this bit otherwise. This function is needed 850 to support full-duplex ports. 851 Else: 852 this bit SHOULD be cleared. 854 - copySrcRxTraffic(3) 855 If the copySourcePort bit is set: 856 The agent sets this bit if this dataSource is capable of 857 copying frames received on this portCopy source. The agent 858 clears this bit otherwise. This function is needed to 859 support full-duplex ports. 860 Else: 861 this bit SHOULD be cleared. 863 - countDestDropEvents(4) 864 If the copyDestPort bit is set: 865 The agent sets this bit if it is capable of incrementing 866 portCopyDestDropEvents, when this dataSource is the 867 target of a portCopy operation and a frame destined to 868 this dataSource is dropped (for RMON counting purposes). 869 Else: 870 this BIT SHOULD be cleared. 872 - copyErrFrames(5) 873 If the copySourcePort bit is set: 874 The agent sets this bit if it is capable of copying all 875 errored frames from this portCopy source-port, for 876 errored frames received on this dataSource. 877 Else: 878 this BIT SHOULD be cleared. 880 - copyUnalteredFrames(6) 881 If the copySourcePort bit is set: 882 The agent sets the copyUnalteredFrames bit If it is 883 capable of copying all frames from this portCopy 884 source-port without alteration in any way; 885 Else: 886 this bit SHOULD be cleared. 888 - copyAllGoodFrames(7) 889 If the copySourcePort bit is set: 890 The agent sets this bit for the dataSource if all good 891 frames received on this dataSource are normally capable 892 of being copied by the agent. The agent clears this bit 893 if any good frames are not visible for the RMON portCopy 894 operation, e.g., the dataSource is a non-promiscuous 895 interface or an internal switch interface which may not 896 receive frames which were switched in hardware or 897 dropped by the bridge forwarding function. 898 Else: 899 this bit SHOULD be cleared." 901 ::= { dataSourceCapsEntry 3 } 903 dataSourceCapsIfIndex OBJECT-TYPE 904 SYNTAX InterfaceIndex 905 MAX-ACCESS read-only 906 STATUS current 907 DESCRIPTION 908 "This object contains the ifIndex value of the ifEntry 909 associated with this smonDataSource. The agent MUST create 910 'propVirtual' ifEntries for each dataSourceCapsEntry of type 911 VLAN or entPhysicalEntry." 913 ::= { dataSourceCapsEntry 4 } 915 -- The SMON Statistics MIB Group 917 -- aggregated statistics for IEEE 802.1Q VLAN environments. 919 -- VLAN statistics can be gathered by configuring smonVlanIdStats 920 -- and/or smonPrioStats collections. These functions allow a 921 -- VLAN-ID or user priority distributions per dataSource, 922 -- auto-populated by the agent in a manner similar to the RMON 923 -- hostTable. 925 -- Only good frames are counted in the tables described in this 926 -- section. 928 -- VLAN ID Stats 930 -- smonVlanStatsControlTable allows configuration of VLAN-ID 931 -- collections. 933 smonVlanStatsControlTable OBJECT-TYPE 934 SYNTAX SEQUENCE OF SmonVlanStatsControlEntry 935 MAX-ACCESS not-accessible 936 STATUS current 937 DESCRIPTION 939 "Controls the setup of VLAN statistics tables. 941 The statistics collected represent a distribution based on 942 the IEEE 802.1Q VLAN-ID (VID), for each good frame attributed 943 to the data source for the collection." 944 ::= { smonStats 1 } 946 smonVlanStatsControlEntry OBJECT-TYPE 947 SYNTAX SmonVlanStatsControlEntry 948 MAX-ACCESS not-accessible 949 STATUS current 950 DESCRIPTION 951 "A conceptual row in the smonVlanStatsControlTable." 952 INDEX { smonVlanStatsControlIndex } 953 ::= { smonVlanStatsControlTable 1 } 955 SmonVlanStatsControlEntry ::= SEQUENCE { 956 smonVlanStatsControlIndex Integer32, 957 smonVlanStatsControlDataSource DataSource, 958 smonVlanStatsControlCreateTime LastCreateTime, 959 smonVlanStatsControlOwner OwnerString, 960 smonVlanStatsControlStatus RowStatus 962 } 964 smonVlanStatsControlIndex OBJECT-TYPE 965 SYNTAX Integer32 (1..65535) 966 MAX-ACCESS not-accessible 967 STATUS current 968 DESCRIPTION 969 "A unique arbitrary index for this smonVlanStatsControlEntry." 970 ::= { smonVlanStatsControlEntry 1 } 972 smonVlanStatsControlDataSource OBJECT-TYPE 973 SYNTAX DataSource 974 MAX-ACCESS read-create 975 STATUS current 976 DESCRIPTION 977 "The source of data for this set of VLAN statistics. 979 This object MAY NOT be modified if the associated 980 smonVlanStatsControlStatus object is equal to active(1)." 981 ::= { smonVlanStatsControlEntry 2 } 983 smonVlanStatsControlCreateTime OBJECT-TYPE 984 SYNTAX LastCreateTime 985 MAX-ACCESS read-only 986 STATUS current 987 DESCRIPTION 988 "The value of sysUpTime when this control entry was last 989 activated. This object allows to a management station to 990 detect deletion and recreation cycles between polls." 991 ::= { smonVlanStatsControlEntry 3 } 993 smonVlanStatsControlOwner OBJECT-TYPE 995 SYNTAX OwnerString 996 MAX-ACCESS read-create 997 STATUS current 998 DESCRIPTION 999 "Administratively assigned named of the owner of this entry. 1000 It usually defines the entity that created this entry and is 1001 therefore using the resources assigned to it, though there is 1002 no enforcement mechanism, nor assurance that rows created are 1003 ever used." 1004 ::= { smonVlanStatsControlEntry 4 } 1006 smonVlanStatsControlStatus OBJECT-TYPE 1007 SYNTAX RowStatus 1008 MAX-ACCESS read-create 1009 STATUS current 1010 DESCRIPTION 1011 "The status of this row. 1013 An entry MAY NOT exist in the active state unless all 1014 objects in the entry have an appropriate value. 1016 If this object is not equal to active(1), all associated 1017 entries in the smonVlanIdStatsTable SHALL be deleted." 1018 ::= { smonVlanStatsControlEntry 5 } 1020 -- The VLAN Statistics Table 1022 smonVlanIdStatsTable OBJECT-TYPE 1023 SYNTAX SEQUENCE OF SmonVlanIdStatsEntry 1024 MAX-ACCESS not-accessible 1025 STATUS current 1026 DESCRIPTION 1027 "Contains the VLAN statistics data. 1028 The statistics collected represent a distribution based 1029 on the IEEE 802.1Q VLAN-ID (VID), for each good frame 1030 attributed to the data source for the collection. 1032 This function applies the same rules for attributing frames 1033 to VLAN-based collections. RMON VLAN statistics are collected 1034 after the Ingress Rules defined in section 3.13 of the VLAN 1035 Specification [20] are applied. 1037 It is possible that entries in this table will be 1038 garbage-collected, based on agent resources, and VLAN 1039 configuration. Agents are encouraged to support all 4094 1040 index values and not garbage collect this table." 1041 ::= { smonStats 2 } 1043 smonVlanIdStatsEntry OBJECT-TYPE 1044 SYNTAX SmonVlanIdStatsEntry 1045 MAX-ACCESS not-accessible 1046 STATUS current 1047 DESCRIPTION 1048 "A conceptual row in smonVlanIdStatsTable." 1049 INDEX { smonVlanStatsControlIndex, smonVlanIdStatsId } 1050 ::= { smonVlanIdStatsTable 1 } 1052 SmonVlanIdStatsEntry ::= SEQUENCE { 1053 smonVlanIdStatsId Integer32, 1054 smonVlanIdStatsTotalPkts Counter32, 1055 smonVlanIdStatsTotalOverflowPkts Counter32, 1056 smonVlanIdStatsTotalHCPkts Counter64, 1057 smonVlanIdStatsTotalOctets Counter32, 1058 smonVlanIdStatsTotalOverflowOctets Counter32, 1059 smonVlanIdStatsTotalHCOctets Counter64, 1060 smonVlanIdStatsNUcastPkts Counter32, 1061 smonVlanIdStatsNUcastOverflowPkts Counter32, 1062 smonVlanIdStatsNUcastHCPkts Counter64, 1063 smonVlanIdStatsNUcastOctets Counter32, 1064 smonVlanIdStatsNUcastOverflowOctets Counter32, 1065 smonVlanIdStatsNUcastHCOctets Counter64, 1066 smonVlanIdStatsCreateTime LastCreateTime 1067 } 1069 smonVlanIdStatsId OBJECT-TYPE 1070 SYNTAX Integer32 (1..4094) 1071 MAX-ACCESS not-accessible 1072 STATUS current 1073 DESCRIPTION 1074 "The unique identifier of the VLAN monitored for 1075 this specific statistics collection. 1077 Tagged packets match the VID for the range between 1 and 4094. 1078 An external RMON probe MAY detect VID=0 on an Inter Switch 1079 Link, in which case the packet belongs to a VLAN determined by 1080 the PVID of the ingress port. The VLAN to which such a packet 1081 belongs can be determined only by a RMON probe internal to the 1082 switch." 1083 REFERENCE 1084 "Draft Standard for Virtual Bridged Local Area Networks, 1085 P802.1Q/D10, chapter 3.13" 1086 ::= { smonVlanIdStatsEntry 1 } 1088 smonVlanIdStatsTotalPkts OBJECT-TYPE 1089 SYNTAX Counter32 1090 UNITS "packets" 1091 MAX-ACCESS read-only 1092 STATUS current 1093 DESCRIPTION 1094 "The total number of packets counted on this VLAN." 1095 ::= { smonVlanIdStatsEntry 2 } 1097 smonVlanIdStatsTotalOverflowPkts OBJECT-TYPE 1098 SYNTAX Counter32 1099 UNITS "packets" 1100 MAX-ACCESS read-only 1101 STATUS current 1102 DESCRIPTION 1103 "The number of times the associated smonVlanIdStatsTotalPkts 1104 counter has overflowed." 1105 ::= { smonVlanIdStatsEntry 3 } 1107 smonVlanIdStatsTotalHCPkts OBJECT-TYPE 1108 SYNTAX Counter64 1109 UNITS "packets" 1110 MAX-ACCESS read-only 1111 STATUS current 1112 DESCRIPTION 1113 "The total number of packets counted on this VLAN." 1114 ::= { smonVlanIdStatsEntry 4 } 1116 smonVlanIdStatsTotalOctets OBJECT-TYPE 1117 SYNTAX Counter32 1118 UNITS "octets" 1119 MAX-ACCESS read-only 1120 STATUS current 1121 DESCRIPTION 1122 "The total number of octets counted on this VLAN." 1123 ::= { smonVlanIdStatsEntry 5 } 1125 smonVlanIdStatsTotalOverflowOctets OBJECT-TYPE 1126 SYNTAX Counter32 1127 UNITS "octets" 1128 MAX-ACCESS read-only 1129 STATUS current 1130 DESCRIPTION 1131 "The number of times the associated smonVlanIdStatsTotalOctets 1132 counter has overflowed." 1133 ::= { smonVlanIdStatsEntry 6 } 1135 smonVlanIdStatsTotalHCOctets OBJECT-TYPE 1136 SYNTAX Counter64 1137 UNITS "octets" 1138 MAX-ACCESS read-only 1139 STATUS current 1140 DESCRIPTION 1141 "The total number of octets counted on this VLAN." 1142 ::= { smonVlanIdStatsEntry 7 } 1144 smonVlanIdStatsNUcastPkts OBJECT-TYPE 1145 SYNTAX Counter32 1146 UNITS "packets" 1147 MAX-ACCESS read-only 1148 STATUS current 1149 DESCRIPTION 1150 "The total number of non-unicast packets counted on this 1151 VLAN." 1152 ::= { smonVlanIdStatsEntry 8 } 1154 smonVlanIdStatsNUcastOverflowPkts OBJECT-TYPE 1155 SYNTAX Counter32 1156 UNITS "packets" 1157 MAX-ACCESS read-only 1158 STATUS current 1159 DESCRIPTION 1160 "The number of times the associated smonVlanIdStatsNUcastPkts 1161 counter has overflowed." 1162 ::= { smonVlanIdStatsEntry 9 } 1164 smonVlanIdStatsNUcastHCPkts OBJECT-TYPE 1165 SYNTAX Counter64 1166 UNITS "packets" 1167 MAX-ACCESS read-only 1168 STATUS current 1169 DESCRIPTION 1170 "The total number of non-unicast packets counted on 1171 this VLAN." 1172 ::= { smonVlanIdStatsEntry 10 } 1174 smonVlanIdStatsNUcastOctets OBJECT-TYPE 1175 SYNTAX Counter32 1176 UNITS "octets" 1177 MAX-ACCESS read-only 1178 STATUS current 1179 DESCRIPTION 1180 "The total number of non-unicast octets counted on 1181 this VLAN." 1182 ::= { smonVlanIdStatsEntry 11 } 1184 smonVlanIdStatsNUcastOverflowOctets OBJECT-TYPE 1185 SYNTAX Counter32 1186 UNITS "octets" 1187 MAX-ACCESS read-only 1188 STATUS current 1189 DESCRIPTION 1190 "The number of times the associated 1191 smonVlanIdStatsNUcastOctets counter has overflowed." 1192 ::= { smonVlanIdStatsEntry 12 } 1194 smonVlanIdStatsNUcastHCOctets OBJECT-TYPE 1195 SYNTAX Counter64 1196 UNITS "octets" 1197 MAX-ACCESS read-only 1198 STATUS current 1199 DESCRIPTION 1200 "The total number of Non-unicast octets counted on 1201 this VLAN." 1202 ::= { smonVlanIdStatsEntry 13 } 1204 smonVlanIdStatsCreateTime OBJECT-TYPE 1205 SYNTAX LastCreateTime 1206 MAX-ACCESS read-only 1207 STATUS current 1208 DESCRIPTION 1209 "The value of sysUpTime when this entry was last 1210 activated. This object allows to a management station to 1211 detect deletion and recreation cycles between polls." 1212 ::= { smonVlanIdStatsEntry 14 } 1214 -- smonPrioStatsControlTable 1216 smonPrioStatsControlTable OBJECT-TYPE 1217 SYNTAX SEQUENCE OF SmonPrioStatsControlEntry 1218 MAX-ACCESS not-accessible 1219 STATUS current 1220 DESCRIPTION 1221 "Controls the setup of priority statistics tables. 1223 The smonPrioStatsControlTable allows configuration of 1224 collections based on the value of the 3-bit user priority 1225 field encoded in the Tag Control Information (TCI) field 1226 according to [19],[20]. 1228 Note that this table merely reports priority as encoded in 1229 the VLAN headers, not the priority (if any) given to the 1230 frame for the actual switching purposes." 1232 ::= { smonStats 3 } 1234 smonPrioStatsControlEntry OBJECT-TYPE 1235 SYNTAX SmonPrioStatsControlEntry 1236 MAX-ACCESS not-accessible 1237 STATUS current 1238 DESCRIPTION 1239 "A conceptual row in the smonPrioStatsControlTable." 1240 INDEX { smonPrioStatsControlIndex } 1241 ::= { smonPrioStatsControlTable 1 } 1243 SmonPrioStatsControlEntry ::= SEQUENCE { 1244 smonPrioStatsControlIndex Integer32, 1245 smonPrioStatsControlDataSource DataSource, 1246 smonPrioStatsControlCreateTime LastCreateTime, 1247 smonPrioStatsControlOwner OwnerString, 1248 smonPrioStatsControlStatus RowStatus 1249 } 1250 smonPrioStatsControlIndex OBJECT-TYPE 1251 SYNTAX Integer32 (1..65535) 1252 MAX-ACCESS not-accessible 1253 STATUS current 1254 DESCRIPTION 1255 "A unique arbitrary index for this smonPrioStatsControlEntry." 1256 ::= { smonPrioStatsControlEntry 1 } 1258 smonPrioStatsControlDataSource OBJECT-TYPE 1259 SYNTAX DataSource 1260 MAX-ACCESS read-create 1261 STATUS current 1262 DESCRIPTION 1263 "The source of data for this set of VLAN statistics. 1265 This object MAY NOT be modified if the associated 1266 smonPrioStatsControlStatus object is equal to active(1)." 1267 ::= { smonPrioStatsControlEntry 2 } 1269 smonPrioStatsControlCreateTime OBJECT-TYPE 1270 SYNTAX LastCreateTime 1271 MAX-ACCESS read-only 1272 STATUS current 1273 DESCRIPTION 1274 "The value of sysUpTime when this entry was created. 1275 This object allows to a management station to 1276 detect deletion and recreation cycles between polls." 1278 ::= { smonPrioStatsControlEntry 3 } 1280 smonPrioStatsControlOwner OBJECT-TYPE 1281 SYNTAX OwnerString 1282 MAX-ACCESS read-create 1283 STATUS current 1284 DESCRIPTION 1285 "Administratively assigned named of the owner of this entry. 1286 It usually defines the entity that created this entry and is 1287 therefore using the resources assigned to it, though there is 1288 no enforcement mechanism, nor assurance that rows created are 1289 ever used." 1290 ::= { smonPrioStatsControlEntry 4 } 1292 smonPrioStatsControlStatus OBJECT-TYPE 1293 SYNTAX RowStatus 1294 MAX-ACCESS read-create 1295 STATUS current 1296 DESCRIPTION 1297 "The status of this row. 1299 An entry MAY NOT exist in the active state unless all 1300 objects in the entry have an appropriate value. 1302 If this object is not equal to active(1), all associated 1303 entries in the smonPrioStatsTable SHALL be deleted." 1304 ::= { smonPrioStatsControlEntry 5 } 1306 -- The Priority Statistics Table 1308 smonPrioStatsTable OBJECT-TYPE 1309 SYNTAX SEQUENCE OF SmonPrioStatsEntry 1310 MAX-ACCESS not-accessible 1311 STATUS current 1312 DESCRIPTION 1313 "Contains the priority statistics. The collections are based 1314 on the value of the 3-bit user priority field encoded in the 1315 Tag Control Information (TCI) field according to [19], [20]. 1316 Note that this table merely reports priority as encoded in 1317 the VLAN headers, not the priority (if any) given to the 1318 frame for the actual switching purposes. 1320 No garbage collection is designed for this table, as there 1321 always are at most eight rows per statistical set, and the 1322 low memory requirements do not justify the implementation of 1323 such a mechanism." 1324 ::= { smonStats 4 } 1326 smonPrioStatsEntry OBJECT-TYPE 1327 SYNTAX SmonPrioStatsEntry 1328 MAX-ACCESS not-accessible 1329 STATUS current 1330 DESCRIPTION 1331 "A conceptual row in smonPrioStatsTable." 1332 INDEX { smonPrioStatsControlIndex, smonPrioStatsId } 1333 ::= { smonPrioStatsTable 1 } 1335 SmonPrioStatsEntry ::= SEQUENCE { 1336 smonPrioStatsId Integer32, 1337 smonPrioStatsPkts Counter32, 1338 smonPrioStatsOverflowPkts Counter32, 1339 smonPrioStatsHCPkts Counter64, 1340 smonPrioStatsOctets Counter32, 1341 smonPrioStatsOverflowOctets Counter32, 1342 smonPrioStatsHCOctets Counter64 1343 } 1345 smonPrioStatsId OBJECT-TYPE 1346 SYNTAX Integer32 (0..7) 1347 MAX-ACCESS not-accessible 1348 STATUS current 1349 DESCRIPTION 1350 "The unique identifier of the priority level monitored for 1351 this specific statistics collection." 1352 REFERENCE 1353 " Draft Standard for Virtual Bridged Local Area Networks, 1354 P802.1Q/D10, chapter 4.3.2.1" 1355 ::= { smonPrioStatsEntry 1 } 1357 smonPrioStatsPkts OBJECT-TYPE 1358 SYNTAX Counter32 1359 UNITS "packets" 1360 MAX-ACCESS read-only 1361 STATUS current 1362 DESCRIPTION 1363 "The total number of packets counted on 1364 this priority level." 1365 ::= { smonPrioStatsEntry 2 } 1367 smonPrioStatsOverflowPkts OBJECT-TYPE 1368 SYNTAX Counter32 1369 UNITS "packets" 1370 MAX-ACCESS read-only 1371 STATUS current 1372 DESCRIPTION 1373 "The number of times the associated smonPrioStatsPkts 1374 counter has overflowed." 1375 ::= { smonPrioStatsEntry 3 } 1377 smonPrioStatsHCPkts OBJECT-TYPE 1378 SYNTAX Counter64 1379 UNITS "packets" 1380 MAX-ACCESS read-only 1381 STATUS current 1382 DESCRIPTION 1383 "The total number of packets counted on 1384 this priority level." 1385 ::= { smonPrioStatsEntry 4 } 1387 smonPrioStatsOctets OBJECT-TYPE 1388 SYNTAX Counter32 1389 UNITS "octets" 1390 MAX-ACCESS read-only 1391 STATUS current 1392 DESCRIPTION 1393 "The total number of octets counted on 1394 this priority level." 1396 ::= { smonPrioStatsEntry 5 } 1398 smonPrioStatsOverflowOctets OBJECT-TYPE 1399 SYNTAX Counter32 1400 UNITS "octets" 1401 MAX-ACCESS read-only 1402 STATUS current 1403 DESCRIPTION 1404 "The number of times the associated smonPrioStatsOctets 1405 counter has overflowed." 1406 ::= { smonPrioStatsEntry 6 } 1408 smonPrioStatsHCOctets OBJECT-TYPE 1409 SYNTAX Counter64 1410 UNITS "octets" 1411 MAX-ACCESS read-only 1412 STATUS current 1413 DESCRIPTION 1414 "The total number of octets counted on 1415 this priority level." 1416 ::= { smonPrioStatsEntry 7 } 1418 portCopyTable OBJECT-TYPE 1419 SYNTAX SEQUENCE OF PortCopyEntry 1420 MAX-ACCESS not-accessible 1421 STATUS current 1422 DESCRIPTION 1423 " Port Copy provides the ability to copy all frames from a 1424 specified source to specified destination within a switch. 1425 Source and destinations MUST be ifEntries, as defined by [22]. 1426 One to one, one to many, many to one and many to many source to 1427 destination relationships may be configured. 1429 Applicable counters on the destination will increment for all 1430 packets transiting the port, be it by normal bridging/switching 1431 or due to packet copy. 1432 Note that this table manages no RMON data collection by itself, 1433 and an agent may possibly implement no RMON objects except 1434 objects related to the port copy operation defined by the 1435 portCopyCompliance conformance macro. That allows for a switch 1436 with no other embedded RMON capability to perform port copy 1437 operations to a destination port at which a different external 1438 RMON probe is connected. 1440 One to one, many to one and one to many source to destination 1441 relationships may be configured. 1443 Each row that exists in this table defines such a 1444 relationship. By disabling a row in this table the port copy 1445 relationship no longer exists. 1447 The number of entries and the types of port copies (1-1, 1448 many-1, 1-many) are implementation specific and could 1449 possibly be dynamic due to changing resource availability. 1451 In order to configure a source to destination portCopy 1452 relationship, both source and destination interfaces MUST be 1453 present as an ifEntry in the ifTable and their respective 1454 ifAdminStatus and ifOperStatus values MUST be equal to 1455 'up(1)'. If the value of any of those two objects changes 1456 after the portCopyEntry is activated, portCopyStatus will 1457 transition to 'notReady(3)'. 1459 The capability of an interface to be source or destination of 1460 a port copy operation is described by the 'copySourcePort(0)' 1461 and 'copyDestPort(1)' bits in dataSourceCopyCaps. Those bits 1462 SHOULD be appropriately set by the agent, in order to allow 1463 for a portCopyEntry to be created. 1465 Applicable counters on the destination will increment for all 1466 packets transmitted, be it by normal bridging/switching or 1467 due to packet copy." 1468 ::= { portCopyConfig 1 } 1470 portCopyEntry OBJECT-TYPE 1471 SYNTAX PortCopyEntry 1472 MAX-ACCESS not-accessible 1473 STATUS current 1474 DESCRIPTION 1475 "Describes a particular port copy entry." 1476 INDEX { portCopySource, portCopyDest } 1477 ::= { portCopyTable 1 } 1479 PortCopyEntry ::= SEQUENCE { 1480 portCopySource 1481 InterfaceIndex, 1482 portCopyDest 1483 InterfaceIndex, 1484 portCopyDestDropEvents 1485 Counter32, 1486 portCopyDirection 1487 INTEGER, 1488 portCopyStatus 1489 RowStatus 1490 } 1492 portCopySource OBJECT-TYPE 1493 SYNTAX InterfaceIndex 1494 MAX-ACCESS not-accessible 1495 STATUS current 1496 DESCRIPTION 1497 "The ifIndex of the source which will have all packets 1498 redirected to the destination as defined by portCopyDest." 1499 ::= { portCopyEntry 1 } 1501 portCopyDest OBJECT-TYPE 1502 SYNTAX InterfaceIndex 1503 MAX-ACCESS not-accessible 1504 STATUS current 1505 DESCRIPTION 1506 "Defines the ifIndex destination for the copy operation." 1507 ::= { portCopyEntry 2 } 1509 portCopyDestDropEvents OBJECT-TYPE 1510 SYNTAX Counter32 1511 UNITS "events" 1512 MAX-ACCESS read-only 1513 STATUS current 1514 DESCRIPTION 1515 "The total number of events in which port copy packets were 1516 dropped by the switch at the destination port due to lack of 1517 resources. 1519 Note that this number is not necessarily the number of 1520 packets dropped; it is just the number of times this 1521 condition has been detected. 1523 A single dropped event counter is maintained for each 1524 portCopyDest. Thus all instances associated with a given 1525 portCopyDest will have the same portCopyDestDropEvents 1526 value." 1527 ::= { portCopyEntry 3 } 1529 portCopyDirection OBJECT-TYPE 1530 SYNTAX INTEGER { 1531 copyRxOnly(1), 1532 copyTxOnly(2), 1533 copyBoth(3) 1534 } 1535 MAX-ACCESS read-create 1536 STATUS current 1537 DESCRIPTION 1538 "This object affects the way traffic is copied from a switch 1539 source port, for the indicated port copy operation. 1541 If this object has the value 'copyRxOnly(1)', then only 1542 traffic received on the indicated source port will be copied 1543 to the indicated destination port. 1545 If this object has the value 'copyTxOnly(2)', then only 1546 traffic transmitted out the indicated source port will be 1547 copied to the indicated destination port. 1549 If this object has the value 'copyBoth(3)', then all traffic 1550 received or transmitted on the indicated source port will be 1551 copied to the indicated destination port. 1553 The creation and deletion of instances of this object is 1554 controlled by the portCopyRowStatus object. Note that there 1555 is no guarantee that changes in the value of this object 1556 performed while the associated portCopyRowStatus object is 1557 equal to active will not cause traffic discontinuities in the 1558 packet stream." 1559 DEFVAL { copyBoth } 1560 ::= { portCopyEntry 4 } 1562 portCopyStatus OBJECT-TYPE 1563 SYNTAX RowStatus 1564 MAX-ACCESS read-create 1565 STATUS current 1566 DESCRIPTION 1567 "Defines the status of the port copy entry. 1569 In order to configure a source to destination portCopy 1570 relationship, both source and destination interfaces MUST be 1571 present as an ifEntry in the ifTable and their respective 1572 ifAdminStatus and ifOperStatus values MUST be equal to 1573 'up(1)'. If the value of any of those two objects changes 1574 after the portCopyEntry is activated, portCopyStatus will 1575 transition to 'notReady(3)'. 1577 The capability of an interface to be source or destination of 1578 a port copy operation is described by the 'copySourcePort(0)' 1579 and 'copyDestPort(1)' bits in dataSourceCopyCaps. Those bits 1580 SHOULD be appropriately set by the agent, in order to allow 1581 for a portCopyEntry to be created." 1582 ::= { portCopyEntry 5 } 1584 -- smonRegistrationPoints 1585 -- defines a set of OIDs for registration purposes of entities 1586 -- supported by the SMON MIB. 1588 smonVlanDataSource 1589 OBJECT IDENTIFIER ::= { smonRegistrationPoints 1} 1591 -- Defined for use as an SmonDataSource. A single integer parameter 1592 -- is appended to the end of this OID when actually encountered in 1593 -- the dataSourceCapsTable, which represents a positive, non-zero 1594 -- VLAN identifier value. 1596 -- Conformance Macros 1598 smonMIBCompliances OBJECT IDENTIFIER ::= { rmonConformance 3} 1599 smonMIBGroups OBJECT IDENTIFIER ::= { rmonConformance 4} 1601 smonMIBCompliance MODULE-COMPLIANCE 1602 STATUS current 1603 DESCRIPTION 1604 "Describes the requirements for full conformance with the SMON 1605 MIB" 1606 MODULE -- this module 1607 MANDATORY-GROUPS {dataSourceCapsGroup, 1608 smonVlanStatsGroup, 1609 smonPrioStatsGroup, 1610 portCopyConfigGroup, 1611 smonInformationGroup} 1613 GROUP smonHcTo100mbGroup 1614 DESCRIPTION 1615 "This group of VLAN statistics counter are mandatory only for 1616 those network interfaces for which the corresponding ifSpeed 1617 can be greater than 10MB/sec and less than or equal to 1618 100MB/sec." 1620 GROUP smonHc100mbPlusGroup 1621 DESCRIPTION 1622 "This group of VLAN statistics counters are mandatory only for 1623 those network interfaces for which the corresponding ifSpeed 1624 can be more than 100MB/sec. This group of VLAN statistics is 1625 also mandatory for smonDataSources of type VLAN or 1626 entPhysicalEntry." 1628 ::= { smonMIBCompliances 1 } 1630 smonMIBVlanStatsCompliance MODULE-COMPLIANCE 1631 STATUS current 1632 DESCRIPTION 1633 "Describes the requirements for conformance with the SMON MIB 1634 with support for VLAN Statistics. Mandatory for a SMON probe 1635 in environment where IEEE 802.1Q bridging is implemented." 1637 MODULE -- this module 1638 MANDATORY-GROUPS {dataSourceCapsGroup, 1639 smonVlanStatsGroup, 1640 smonInformationGroup} 1641 GROUP hcVlanTo100mbGroup 1642 DESCRIPTION 1643 "This group of VLAN statistics counter are mandatory only 1644 for those network interfaces for which the corresponding 1645 ifSpeed can be up to and including 100MB/sec." 1647 GROUP hcVlan100mbPlusGroup 1648 DESCRIPTION 1649 "This group of VLAN statistics counters are mandatory only for 1650 those network interfaces for which the corresponding ifSpeed 1651 is greater than 100MB/sec. This group of VLAN statistics is 1652 also mandatory for smonDataSources of type VLAN or 1653 entPhysicalEntry." 1655 ::= { smonMIBCompliances 2 } 1657 smonMIBPrioStatsCompliance MODULE-COMPLIANCE 1658 STATUS current 1659 DESCRIPTION 1660 "Describes the requirements for conformance with the SMON MIB 1661 with support for priority level Statistics. Mandatory for a 1662 SMON probe in a environment where IEEE 802.1p 1663 priority-switching is implemented." 1664 MODULE -- this module 1665 MANDATORY-GROUPS {dataSourceCapsGroup, 1666 smonPrioStatsGroup, 1667 smonInformationGroup} 1669 GROUP hcPrioTo100mbGroup 1670 DESCRIPTION 1671 "This group of VLAN priority statistics counters are mandatory 1672 only for those network interfaces for which the corresponding 1673 ifSpeed can be up to and including 100MB/sec." 1675 GROUP hcPrio100mbPlusGroup 1676 DESCRIPTION 1677 "This group is mandatory only for those network 1678 interfaces for which the corresponding ifSpeed is greater 1679 than 100MB/sec. This group of VLAN priority 1680 statistics is also mandatory for smonDataSources of type 1681 VLAN or entPhysicalEntry" 1683 ::= { smonMIBCompliances 3 } 1684 portCopyCompliance MODULE-COMPLIANCE 1685 STATUS current 1686 DESCRIPTION 1687 "Describes the requirements for conformance with the port copy 1688 functionality defined by the SMON MIB" 1689 MODULE -- this module 1690 MANDATORY-GROUPS {dataSourceCapsGroup, 1691 portCopyConfigGroup, 1692 smonInformationGroup} 1694 ::= { smonMIBCompliances 4} 1696 dataSourceCapsGroup OBJECT-GROUP 1697 OBJECTS { dataSourceRmonCaps, 1698 dataSourceCopyCaps, 1699 dataSourceCapsIfIndex} 1700 STATUS current 1701 DESCRIPTION 1702 "Defines the objects that describe the capabilities of RMON 1703 data sources." 1704 ::= {smonMIBGroups 1 } 1706 smonVlanStatsGroup OBJECT-GROUP 1707 OBJECTS { smonVlanStatsControlDataSource, 1708 smonVlanStatsControlCreateTime, 1709 smonVlanStatsControlOwner, 1710 smonVlanStatsControlStatus, 1711 smonVlanIdStatsTotalPkts, 1712 smonVlanIdStatsTotalOctets, 1713 smonVlanIdStatsNUcastPkts, 1714 smonVlanIdStatsCreateTime} 1715 STATUS current 1716 DESCRIPTION 1717 "Defines the switch monitoring specific statistics - per VLAN 1718 Id on interfaces of 10MB or less." 1719 ::= { smonMIBGroups 2 } 1721 smonPrioStatsGroup OBJECT-GROUP 1722 OBJECTS { smonPrioStatsControlDataSource, 1723 smonPrioStatsControlCreateTime, 1724 smonPrioStatsControlOwner, 1725 smonPrioStatsControlStatus, 1726 smonPrioStatsPkts, 1727 smonPrioStatsOctets} 1728 STATUS current 1729 DESCRIPTION 1730 "Defines the switch monitoring specific statistics - per VLAN 1731 Id on interface." 1733 ::= { smonMIBGroups 3 } 1735 smonHcTo100mbGroup OBJECT-GROUP 1736 OBJECTS { smonVlanIdStatsTotalOverflowOctets, 1737 smonVlanIdStatsTotalHCOctets, 1738 smonPrioStatsOverflowOctets, 1739 smonPrioStatsHCOctets} 1740 STATUS current 1741 DESCRIPTION 1742 "Defines the additional high capacity statistics needed to be 1743 kept on interfaces with ifSpeed greater than 10MB/sec and 1744 less than or equal to 100MB/sec." 1745 ::= { smonMIBGroups 4 } 1747 smonHc100mbPlusGroup OBJECT-GROUP 1748 OBJECTS { smonVlanIdStatsTotalOverflowPkts, 1749 smonVlanIdStatsTotalHCPkts, 1750 smonVlanIdStatsTotalOverflowOctets, 1751 smonVlanIdStatsTotalHCOctets, 1752 smonVlanIdStatsNUcastOverflowPkts, 1753 smonVlanIdStatsNUcastHCPkts, 1754 smonPrioStatsOverflowPkts, 1755 smonPrioStatsHCPkts, 1756 smonPrioStatsOverflowOctets, 1757 smonPrioStatsHCOctets} 1758 STATUS current 1759 DESCRIPTION 1760 "Defines the additional high capacity statistics needed to be 1761 kept on interfaces with ifSpeed of more than 100MB/sec. These 1762 statistics MUST also be kept on smonDataSources of type VLAN 1763 or entPhysicalEntry." 1764 ::= { smonMIBGroups 5 } 1766 hcVlanTo100mbGroup OBJECT-GROUP 1767 OBJECTS { smonVlanIdStatsTotalOverflowOctets, 1768 smonVlanIdStatsTotalHCOctets} 1769 STATUS current 1770 DESCRIPTION 1771 "Defines the additional high capacity VLAN statistics 1772 needed to be kept on interfaces with ifSpeed greater than 1773 10MB/sec and less than or equal to 100MB/sec." 1774 ::= { smonMIBGroups 6 } 1776 hcVlan100mbPlusGroup OBJECT-GROUP 1777 OBJECTS { smonVlanIdStatsTotalOverflowPkts, 1778 smonVlanIdStatsTotalHCPkts, 1779 smonVlanIdStatsTotalOverflowOctets, 1780 smonVlanIdStatsTotalHCOctets, 1781 smonVlanIdStatsNUcastOverflowPkts, 1782 smonVlanIdStatsNUcastHCPkts} 1783 STATUS current 1784 DESCRIPTION 1785 "Defines the additional high capacity VLAN statistics 1786 needed to be kept on interfaces with ifSpeed of more than 1787 100MB/sec. These statistics MUST also be kept on 1788 smonDataSources of type VLAN or entPhysicalEntry." 1789 ::= { smonMIBGroups 7 } 1791 hcPrioTo100mbGroup OBJECT-GROUP 1792 OBJECTS { smonPrioStatsOverflowOctets, 1793 smonPrioStatsHCOctets } 1794 STATUS current 1795 DESCRIPTION 1796 "Defines the additional high capacity VLAN priority 1797 statistics needed to be kept on interfaces with 1798 ifSpeed of greater than 10MB/sec and less than or equal 1799 to 100MB/sec." 1800 ::= { smonMIBGroups 8 } 1802 hcPrio100mbPlusGroup OBJECT-GROUP 1803 OBJECTS { smonPrioStatsOverflowPkts, 1804 smonPrioStatsHCPkts, 1805 smonPrioStatsOverflowOctets, 1806 smonPrioStatsHCOctets} 1807 STATUS current 1808 DESCRIPTION 1809 "Defines the additional high capacity VLAN priority 1810 statistics needed to be kept on interfaces with 1811 ifSpeed of greater than 100MB/sec. These statistics MUST 1812 also be kept on smonDataSources of type VLAN or 1813 entPhysicalEntry." 1814 ::= { smonMIBGroups 9 } 1816 smonVlanStatsExtGroup OBJECT-GROUP 1817 OBJECTS {smonVlanIdStatsNUcastOctets, 1818 smonVlanIdStatsNUcastOverflowOctets, 1819 smonVlanIdStatsNUcastHCOctets} 1820 STATUS current 1821 DESCRIPTION 1822 "Defines the switch monitoring specific statistics for systems 1823 capable of counting non-unicast octets for a given dataSource 1824 (as described in the dataSourceRmonCaps object)." 1825 ::= { smonMIBGroups 10 } 1827 smonInformationGroup OBJECT-GROUP 1828 OBJECTS { smonCapabilities } 1829 STATUS current 1830 DESCRIPTION 1831 "An indication of the SMON capabilities supported by this 1832 agent." 1833 ::= { smonMIBGroups 11 } 1835 portCopyConfigGroup OBJECT-GROUP 1836 OBJECTS { portCopyDestDropEvents, 1837 portCopyDirection, 1838 portCopyStatus 1839 } 1840 STATUS current 1841 DESCRIPTION 1842 "Defines the control objects for copy port operations." 1843 ::= { smonMIBGroups 12 } 1845 END 1847 6. References 1849 [1] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for 1850 Describing SNMP Management Frameworks", RFC 2271, Cabletron 1851 Systems, Inc., BMC Software, Inc., IBM T. J. Watson Research, 1852 January 1998 1854 [2] Rose, M., and K. McCloghrie, "Structure and Identification of 1855 Management Information for TCP/IP-based Internets", RFC 1155, 1856 Performance Systems International, Hughes LAN Systems, May 1990 1858 [3] Rose, M., and K. McCloghrie, "Concise MIB Definitions", RFC 1212, 1859 Performance Systems International, Hughes LAN Systems, March 1991 1861 [4] M. Rose, "A Convention for Defining Traps for use with the 1862 SNMP", RFC 1215, Performance Systems International, March 1991 1864 [5] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. 1865 Waldbusser, "Structure of Management Information for Version 2 of 1866 the Simple Network Management Protocol (SNMPv2)", RFC 1902, SNMP 1867 Research,Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., 1868 International Network Services, January 1996. 1870 [6] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. 1871 Waldbusser, "Textual Conventions for Version 2 of the Simple 1872 Network Management Protocol (SNMPv2)", RFC 1903, SNMP Research, 1873 Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., 1874 International Network Services, January 1996. 1876 [7] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. 1878 Waldbusser, "Conformance Statements for Version 2 of the Simple 1879 Network Management Protocol (SNMPv2)", RFC 1904, SNMP Research, 1880 Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., 1881 International Network Services, January 1996. 1883 [8] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple 1884 Network Management Protocol", RFC 1157, SNMP Research, 1885 Performance Systems International, Performance Systems 1886 International, MIT Laboratory for Computer Science, May 1990. 1888 [9] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. 1889 Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, 1890 SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, 1891 Inc., International Network Services, January 1996. 1893 [10] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. 1894 Waldbusser, "Transport Mappings for Version 2 of the Simple Network 1895 Management Protocol (SNMPv2)", RFC 1906, SNMP Research, Inc., Cisco 1896 Systems, Inc., Dover Beach Consulting, Inc., International Network 1897 Services, January 1996. 1899 [11] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message 1900 Processing and Dispatching for the Simple Network Management 1901 Protocol (SNMP)", RFC 2272, SNMP Research, Inc., Cabletron Systems, 1902 Inc., BMC Software, Inc., IBM T. J. Watson Research, January 1998. 1904 [12] Blumenthal, U., and B. Wijnen, "User-based Security Model 1905 (USM) for version 3 of the Simple Network Management Protocol 1906 (SNMPv3)", RFC 2274, IBM T. J. Watson Research, January 1998. 1908 [13] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. 1909 Waldbusser, "Protocol Operations for Version 2 of the Simple 1910 Network Management Protocol (SNMPv2)", RFC 1905, SNMP Research, 1911 Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., 1912 International Network Services, January 1996. 1914 [14] Levi, D., Meyer, P., and B. Stewart, " SNMPv3 Applications", 1915 RFC 2273, SNMP Research, Inc., Secure Computing Corporation, 1916 Cisco Systems, January 1998. 1918 [15] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access 1919 Control Model (VACM) for the Simple Network Management Protocol 1920 (SNMP)", RFC 2275, IBM T. J. Watson Research, BMC Software, Inc., 1921 Cisco Systems, Inc., January 1998. 1923 [16] Waldbusser, S., "Remote Network Monitoring Management 1924 Information Base Version 2 using SMIv2", RFC 2021, International 1925 Network Services, January 1997. 1927 [17] Waldbusser, S., "Remote Network Monitoring Management 1928 Information Base", RFC 1757, Carnegie Mellon University, 1929 February 1995 1931 [18] McCloghrie, K., Bierman, A., "Entity MIB", RFC 2037, Cisco 1932 Systems, October1996 1934 [19] ISO/IEC Final CD 15802-3, ANSI/IEEE Std 802.1D-1998 "Information 1935 technology - Telecommunications and information exchange between 1936 systems - Local and metropolitan area networks - Common 1937 specifications - Part 3: Media Access Control (MAC) Bridges: 1938 Revision (Incorporating IEEE P802.1p: Traffic Class Expediting 1939 and Dynamic Multicast Filtering)", March 1998. 1941 [20] ANSI/IEEE Draft Standard P802.1Q/D10, "IEEE Standards for 1942 Local and Metropolitan Area Networks: Virtual Bridged Local Area 1943 Networks", March 1998. 1945 [21] De Graaf, K., Romascanu, D., McMaster, D., and K. McCloghrie, 1946 "Definition of Managed Objects for IEEE 802.3 Repeater Devices 1947 using SMIv2", RFC 2108, 3Com Corp., Madge Networks (Israel), 1948 Coloma Communications, Cisco Systems, February 1997 1950 [22] McCloghrie, K., and F. Kastenholz," The Interfaces Group MIB 1951 using SMIv2", RFC 2233, Cisco Systems, FTP Software, November 1952 1997 1954 [23] Decker, E. Langille, P., Rijsinghani, A., and K. McCloghrie.. 1955 - "Definitions of Managed Objects for Bridges", RFC 1493, Cisco 1956 Systems, Digital Equipment Corporation, Hughes LAN Systems, July 1957 1993 1959 [24] Bradner, S., "Key words for use in RFCs to Indicate Requirement 1960 Levels", BCP 14, RFC 2119, Harvard University, March 1997. 1962 [25] McCloghrie, K., and M. Rose, Editors, "Management Information 1963 Base for Network Management of TCP/IP-based internets: MIB-II", 1964 STD 17, RFC 1213, Hughes LAN Systems, Performance Systems 1965 International, March 1991. 1967 7. Intellectual Property 1969 The IETF takes no position regarding the validity or scope of any 1970 intellectual property or other rights that might be claimed to 1971 pertain to the implementation or use of the technology described in 1972 this document or the extent to which any license under such rights 1973 might or might not be available; neither does it represent that it 1974 has made any effort to identify any such rights. Information on the 1975 IETF's procedures with respect to rights in standards-track and 1976 standards-related documentation can be found in BCP-11. Copies of 1977 claims of rights made available for publication and any assurances of 1978 licenses to be made available, or the result of an attempt made to 1979 obtain a general license or permission for the use of such 1980 proprietary rights by implementors or users of this specification can 1981 be obtained from the IETF Secretariat. 1983 The IETF invites any interested party to bring to its attention any 1984 copyrights, patents or patent applications, or other proprietary 1985 rights which may cover technology that may be required to practice 1986 this standard. Please address the information to the IETF Executive 1987 Director. 1989 8. Security Considerations 1991 There are a number of management objects defined in this MIB 1992 that have a MAX-ACCESS clause of read-write and/or read-create. 1993 Such objects may be considered sensitive or vulnerable in some 1994 network environments. The support for SET operations in a 1995 non-secure environment without proper protection can have a 1996 negative effect on network operations. 1998 There are a number of managed objects in this MIB that may 1999 contain sensitive information. These are: 2000 smonCapabilities 2001 dataSourceCapsTable 2002 portCopyTable 2004 It is thus important to control even GET access to these objects 2005 and possibly to even encrypt the values of these object when 2006 sending them over the network via SNMP. Not all versions of 2007 SNMP provide features for such a secure environment. 2009 SNMPv1 by itself is not a secure environment. Even if the 2010 network itself is secure (for example by using IPSec), even then, 2011 there is no control as to who on the secure network is allowed 2012 to access and GET/SET (read/change/create/delete) the objects in 2013 this MIB. 2015 It is RECOMMENDED that the implementors consider the security 2016 features as provided by the SNMPv3 framework. Specifically, the 2017 use of the User-based Security Model RFC 2274 [12] and the 2018 View-based Access Control Model RFC 2275 [15] is RECOMMENDED. 2020 It is then a customer/user responsibility to ensure that the SNMP 2021 entity giving access to an instance of this MIB, is properly 2022 configured to give access to the objects only to those 2023 principals (users) that have legitimate rights to indeed GET or 2024 SET (change/create/delete) them. 2026 9. Authors' Addresses 2028 Richard Waterman 2029 Allot Communications 2030 292 E. Main St. 2031 Los Gatos, CA. 95030 2032 USA 2033 Tel: +1-408-399-3154 2034 Email: rich@allot.com 2036 Bill Lahaye 2037 Xylan Corporation 2038 26707 W. Agoura Rd. 2039 Calabasas, CA 91302 2040 USA 2041 Tel: +1-800-995-2612 2042 Email bill.lahaye@xylan.com 2044 Dan Romascanu 2045 Lucent Technologies 2046 Atidim Technology Park, Bldg. #3 2047 Tel Aviv, 61131 2048 Israel 2049 Tel: +972-3-645-8414 2050 Email: dromasca@lucent.com 2052 Steven Waldbusser 2053 International Network Services 2054 1213 Innsbruck Dr. 2055 Sunnyvale, CA 94089 2056 Tel: +1-415-254-4251 2057 EMail: waldbusser@ins.com 2059 A. Full Copyright Statement 2061 This document and translations of it may be copied and furnished to 2062 others, and derivative works that comment on or otherwise explain it 2063 or assist in its implementation may be prepared, copied, published 2064 and distributed, in whole or in part, without restriction of any 2065 kind, provided that the above copyright notice and this paragraph are 2066 included on all such copies and derivative works. However, this 2067 document itself may not be modified in any way, such as by removing 2068 the copyright notice or references to the Internet Society or other 2069 Internet organizations, except as needed for the purpose of 2070 developing Internet standards in which case the procedures for 2071 copyrights defined in the Internet Standards process must be 2072 followed, or as required to translate it into languages other than 2073 English. 2075 The limited permissions granted above are perpetual and will not be 2076 revoked by the Internet Society or its successors or assigns. 2078 This document and the information contained herein is provided on an 2079 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 2080 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 2081 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 2082 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 2083 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.