idnits 2.17.1
draft-ietf-tsvwg-tcp-mib-extension-12.txt:
Checking boilerplate required by RFC 5378 and the IETF Trust (see
https://trustee.ietf.org/license-info):
----------------------------------------------------------------------------
** It looks like you're using RFC 3978 boilerplate. You should update this
to the boilerplate described in the IETF Trust License Policy document
(see https://trustee.ietf.org/license-info), which is required now.
-- Found old boilerplate from RFC 3978, Section 5.1 on line 17.
-- Found old boilerplate from RFC 3978, Section 5.5 on line 3774.
-- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 3750.
-- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 3757.
-- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 3763.
** This document has an original RFC 3978 Section 5.4 Copyright Line,
instead of the newer IETF Trust Copyright according to RFC 4748.
** This document has an original RFC 3978 Section 5.5 Disclaimer, instead
of the newer disclaimer which includes the IETF Trust according to RFC
4748.
Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
----------------------------------------------------------------------------
== No 'Intended status' indicated for this document; assuming Proposed
Standard
Checking nits according to https://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------
No issues found here.
Miscellaneous warnings:
----------------------------------------------------------------------------
== The copyright year in the RFC 3978 Section 5.4 Copyright Line does not
match the current year
== The document seems to use 'NOT RECOMMENDED' as an RFC 2119 keyword, but
does not include the phrase in its RFC 2119 key words list.
-- The document seems to lack a disclaimer for pre-RFC5378 work, but may
have content which was first submitted before 10 November 2008. If you
have contacted all the original authors and they are all willing to grant
the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
this comment. If not, you may need to add the pre-RFC5378 disclaimer.
(See the Legal Provisions document at
https://trustee.ietf.org/license-info for more information.)
-- The document date () is 739385 days in the past. Is this intentional?
Checking references for intended status: Proposed Standard
----------------------------------------------------------------------------
(See RFCs 3967 and 4897 for information about using normative references
to lower-maturity documents in RFCs)
== Unused Reference: 'RFC791' is defined on line 3578, but no explicit
reference was found in the text
== Unused Reference: 'RFC1122' is defined on line 3584, but no explicit
reference was found in the text
== Unused Reference: 'RFC1191' is defined on line 3587, but no explicit
reference was found in the text
== Unused Reference: 'RFC1323' is defined on line 3590, but no explicit
reference was found in the text
== Unused Reference: 'RFC2018' is defined on line 3593, but no explicit
reference was found in the text
== Unused Reference: 'RFC2883' is defined on line 3623, but no explicit
reference was found in the text
== Unused Reference: 'RFC3168' is defined on line 3630, but no explicit
reference was found in the text
== Unused Reference: 'RFC3260' is defined on line 3633, but no explicit
reference was found in the text
== Unused Reference: 'RFC3517' is defined on line 3636, but no explicit
reference was found in the text
== Unused Reference: 'RFC3540' is defined on line 3643, but no explicit
reference was found in the text
== Unused Reference: 'RFC3742' is defined on line 3646, but no explicit
reference was found in the text
** Obsolete normative reference: RFC 793 (Obsoleted by RFC 9293)
** Obsolete normative reference: RFC 1323 (Obsoleted by RFC 7323)
** Obsolete normative reference: RFC 2021 (Obsoleted by RFC 4502)
** Obsolete normative reference: RFC 2581 (Obsoleted by RFC 5681)
** Obsolete normative reference: RFC 2861 (Obsoleted by RFC 7661)
** Obsolete normative reference: RFC 2988 (Obsoleted by RFC 6298)
** Downref: Normative reference to an Informational RFC: RFC 3260
** Obsolete normative reference: RFC 3517 (Obsoleted by RFC 6675)
** Downref: Normative reference to an Experimental RFC: RFC 3522
** Downref: Normative reference to an Historic RFC: RFC 3540
** Downref: Normative reference to an Experimental RFC: RFC 3742
== Outdated reference: A later version (-05) exists of
draft-ietf-tcpm-syn-flood-00
Summary: 14 errors (**), 0 flaws (~~), 15 warnings (==), 7 comments (--).
Run idnits with the --verbose option for more detailed information about
the items above.
--------------------------------------------------------------------------------
2 Internet-Draft Matt Mathis
3 John Heffner
4 Pittsburgh Supercomputing Center
5 Rajiv Raghunarayan
6 Cisco Systems
8 TCP Extended Statistics MIB
9 draft-ietf-tsvwg-tcp-mib-extension-12.txt
10 Mon Oct 9 16:18:15 EDT 2006
12 Status of this Memo
14 By submitting this Internet-Draft, each author represents that any
15 applicable patent or other IPR claims of which he or she is aware
16 have been or will be disclosed, and any of which he or she becomes
17 aware will be disclosed, in accordance with Section 6 of BCP 79.
19 Internet-Drafts are working documents of the Internet Engineering
20 Task Force (IETF), its areas, and its working groups. Note that other
21 groups may also distribute working documents as Internet-Drafts.
23 Internet-Drafts are draft documents valid for a maximum of six months
24 and may be updated, replaced, or obsoleted by other documents at any
25 time. It is inappropriate to use Internet-Drafts as reference
26 material or to cite them other than as "work in progress."
28 The list of current Internet-Drafts can be accessed at http://
29 www.ietf.org/ietf/1id-abstracts.txt.
31 The list of Internet-Draft Shadow Directories can be accessed at
32 http://www.ietf.org/shadow.html.
34 This Internet-Draft will expire February, 2006
36 Abstract
38 This draft describes extended performance statistics for TCP. They
39 are designed to use TCP's ideal vantage point to diagnose performance
40 problems in both the network and the application. If a network based
41 application is performing poorly, TCP can determine if the bottleneck
42 is in the sender, the receiver or the network itself. If the
43 bottleneck is in the network, TCP can provide specific information
44 about its nature.
46 Table of Contents
48 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . 2
49 2. The Internet-Standard Management Framework . . . . . . . . 7
50 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . 8
51 4. TCP Extended Statistics MIB . . . . . . . . . . . . . . . . 13
52 5. Normative References . . . . . . . . . . . . . . . . . . . 74
53 6. Informative References . . . . . . . . . . . . . . . . . . 76
54 7. Security Considerations . . . . . . . . . . . . . . . . . . 77
55 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . 78
56 10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . 79
57 11. Authors' Addresses . . . . . . . . . . . . . . . . . . . . 79
58 12. Intellectual Property . . . . . . . . . . . . . . . . . . 79
59 13. Disclaimer of Validity . . . . . . . . . . . . . . . . . . 80
60 14. Copyright Statement . . . . . . . . . . . . . . . . . . . 80
62 1. Introduction
64 This draft describes extended performance statistics for TCP. They
65 are designed to use TCP's ideal vantage point to diagnose performance
66 problems in both the network and the application. If a network based
67 application is performing poorly, TCP can determine if the bottleneck
68 is in the sender, the receiver or the network itself. If the
69 bottleneck is in the network, TCP can provide specific information
70 about its nature.
72 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
73 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
74 document are to be interpreted as described in RFC 2119.
76 The SNMP objects defined in this draft extend TCP MIB, as specified
77 in RFC 4022 [RFC4022]. In addition to several new scalars and other
78 objects, it augments two tables and makes one clarification to RFC
79 4022. Existing management stations for the TCP MIB are expected to
80 be fully compatible with these clarifications.
82 X. Changes
84 RFC editor, please remove this virtual section. It contains document
85 history and some information about document version control.
87 This document is automatically generated from a database of potential
88 TCP instruments. Beware that the OIDs are still likely to change
89 with future versions. The current version can be obtained from
90 . Please send all suggestions and
91 comments to tsvwg@ietf.org so they go to the entire TSV WG.
93 Changes since draft-ietf-tsvwg-tcp-mib-extension-11.txt (3-Aug-2006):
95 Changes per comments from the transport AD, Lars Eggert: Re-organized
96 the overview to improve clarity. Moved the security section ahead of
97 the references. Various nits.
99 Changes since draft-ietf-tsvwg-tcp-mib-extension-10.txt
100 (24-May-2006):
102 These changes reflect comments received during the WGLC.
104 tcpEStatsConnTableLatency is no longer restricted to be less than 30
105 seconds.
107 Added references to the descriptions of Receiver Limited and
108 Congestion limited objects (tcpEStatsPerfSndLim*).
110 Reviewed and clarified all ECN related instruments.
112 Changes since draft-ietf-tsvwg-tcp-mib-extension-09.txt (4-Mar-2006):
114 Corrected the SYNTAX for PathNonRecovDAEpisodes,
115 PathSumOctetsReordered and AppSndNxt.
117 Clarified the relationship between tcpEStatsConnTableLatency and
118 RFC4022 (TCP-MIB).
120 Changes since draft-ietf-tsvwg-tcp-mib-extension-08.txt
121 (23-Oct-2005):
123 Changed tcpEStatsConnectIdTable to augment TCP-
124 MIB::tcpConnectionTable, rather than be a stand alone table. This
125 requires this draft to clarify vague row latency language in RFC4022
126 and deleting some text about the removed objects from the overview
127 and security sections.
129 Added row latency language to all connection tables.
131 Added DEFVAL to tcpEStatsConnTableLatency.
133 Reassigned sane OIDs under tcpEStats.
135 Careful review and several clarifications of the overview section.
137 Reviewed and cleaned up all references.
139 Restructured the tcpEStatsStackTable, by moving all of the objects
140 that describe the SYN exchange to the front of the table. These
141 objects are not permitted to change once the connection is
142 established. This permits polling the latter portion of the table in
143 a single PDU.
145 Added the TcpEStatsNegotiated TC and revised the objects that
146 describe the SYN exchange to better represent the state of the
147 negotiation without separate objects for both option values and
148 negotiated states.
150 Added tcpEStatsPathRcvRTT, which is the receiver's estimate of the
151 path RTT. Later corrected it to be gauge32.
153 Changed tcpEStatsListenerCurrConns to tcpEStatsListenerCurConns to
154 agree with other "current" object names.
156 Acknowledged the efforts of the MIB Doctor and Operations area
157 director.
159 The following changes are per the MIB doctor review:
161 Minor corrections (form feeds, copyright date, etc) to pass IDnits
162 and smilint. (Note that the unassigned root OID generates to only
163 remaining warning.)
165 Moved this mib from a subtree under experimental to a subtree under
166 mib-2 and added an IANA considerations section for the root OID.
168 Added "UNITS" and "REFERENCE" clauses as appropriate.
170 Clarified the description of tcpEStatsStackInRecovery.
172 Updated the description of tcpEStatsStackSoftErrors to mention the
173 numerical values of the errors.
175 Updated the Security considerations section with new boiler plate and
176 better descriptions.
178 Moved the document revision information to (this) virtual section.
180 Replaced the TcpEStatsOperation TC with TruthValue TC.
182 Clarified the description of tcpEStatsListenerCurBacklog. Note that
183 the text still allows for TCP variants.
185 Removed references to obsolete SNMP versions from
186 tcpEStatsConnectIdTable, but did not remove doubled or further
187 restrict address types.
189 Added a new subsection to clarify that the relationship to TCP
190 standards and indicate that the underlying TCP specifications
191 deliberately encourage diversity.
193 Updated the description of the tcpEStatsPipeSize to clarify the
194 permitted diversity in implementation.
196 Added a normative reference for RFC3517.
198 Clarified the introduction to the instruments of the window updates
199 sent by the local receiver.
201 Added 2 paragraphs to the overview about TCP non-persistence across
202 reboots, and the non-persistence of all objects in this MIB.
204 Clarified the description of tcpEStatsPathECNsignals.
206 Added explicit language about counter deltas, for objects intended to
207 be used to compute ratios.
209 Removed text permitting implementers to allocate additional
210 proprietary codes for tcpEStatsStackSoftErrorReason.
212 Added language clarifying that SND.NXT, SND.UNA, etc have Counter32
213 semantics.
215 Changes since draft-ietf-tsvwg-tcp-mib-extension-07.txt (20-Feb-2005)
217 Added tcpEStatsStackSpuriousRtoDetected. Renamed AckAfterFR to
218 tcpEStatsStackSpuriousFrDetected and clarified the description.
220 Restructure the tables yet again. The perf, path, and stack tables
221 now each start out with some required objects, followed by optional
222 objects. This permits a much more logical grouping of instruments,
223 lowers the cost for a minimal implementation and encourages
224 incremental deployment.
226 Changes since draft-ietf-tsvwg-tcp-mib-extension-06.txt (20-Feb-2005)
228 Added tcpEStatsPerfPipeSize and tcpEStatsPerfMaxPipeSize to detect
229 when TCP is unable to open the window as large as permitted.
231 Added tcpEStatsStackInRecovery to indicate if the connection is
232 currently in recovery (e.g. has outstanding retransmissions), or
233 about to enter recovery.
235 Move tcpEStatsPerfSumRTT, Tcpestatsperfhcsumrtt and
236 tcpEStatsPerfCountRTT to the path table, tcpEStatsPath.
238 Added tcpEStatsPathHCGroup.
240 Move tcpEstatsPathAckAfterFR and tcpEstatsPathSndDupAckEpisodes back
241 to the performance table, tcpEStatsPerf.
243 Move tcpEStatsPerfSampleRTT, tcpEStatsPerfSampleRTT and
244 tcpEStatsPerfSampleRTT to the stack table, tcpEStatsStack.
246 Clarified the descriptions of tcpEStatsPerfDupAckEpisodes,
247 tcpEStatsPerfDupAcksOut and tcpEStatsPerfCongSignals
249 Changes since draft-ietf-tsvwg-tcp-mib-extension-05.txt
250 (17-July-2004)
252 Many changes to object descriptions MIB comments and overview to
253 improve clarity.
255 Completely restructured the per connection tables. Seven table were
256 reduced to five. The main per connection table tcpEStatsPerfTable
257 is now mandatory. Three other new tables are focused on
258 understanding the details of the behavior of the path, internal TCP
259 algorithms and the application. In addition, there is a new tuning
260 table with per-connection writable controls to work around a number
261 of common problems. Note that due to the table restructuring, most
262 of the object names listed below have changed.
264 Restructured the Listen Table (tcpEStatsListenerTable) to better
265 instrument various SYN flood defenses.
267 Removed minimal receiver window objects, and replaced them by the
268 count of the number of transitions to zero window from non-zero
269 window.
271 Replaced tcpEStatsPathIpTos by tcpEStatsPathIpTosOut and added
272 tcpEStatsPathIpTosIn.
274 Updated the descriptions of tcpEStatsDataSndNxt, tcpEStatsDataSndMax,
275 tcpEStatsDataThruOctetsAcked, tcpEStatsDataHCThruBytesAcked,
276 tcpEStatsDataThruBytesReceived, tcpEStatsDataHCThruBytesReceived,
277 consistently use RFC793 variables (SND.NXT, etc) or refer to other
278 TCP-ESTATS-MIB objects.
280 Changed tcpEStatsSynOptsMSSSent and tcpEStatsSynOptsMSSRcvd from
281 Gauge32 to Unsigned32
283 Updated descriptions of tcpEStatsConnectLocalAddress and
284 tcpEStatsConnectRemAddress to new conventions for InetAddress
285 Changes since draft-ietf-tsvwg-tcp-mib-extension-04.txt (27-Oct-2003)
286 Updated ID boiler plate to RFC3668, ID-Guidelines and fixed some
287 formatting glitches
289 Added a Table of Contents
291 Updated the description of tcpEStatsConnectionState to indicate that
292 the listen state included only for document parallelism and should
293 not be used.
295 Explained why it is useful for tcpEStatsConnectIdTable and others to
296 remain for 30 seconds after a connection closes (so you retrieve the
297 total statistics for the entire connection).
299 Added comment about not supporting writing DeleteTcb into the TCP
300 State.
302 Explained that SndNxt is not a counter because it is non-monotonic.
304 Clarified StartTime to be row creation
306 Clarified row creation to be at the first SYN unless techniques to
307 defend against SYN floods are in effect, then at connection
308 establishment.
310 Added tcpEStatsControlNotify to control the generation of
311 notifications.
313 Changed sequence numbers from ZeroBasedCounter32 to Counter32.
315 Changes since draft-ietf-tsvwg-tcp-mib-extension-03.txt (2-Mar-2003)
317 Replaced "queued" with "buffered by TCP"
319 Changed all counters in the TCP connection tables to be ZeroBased
321 Remove tcpEStatsHCInSegs, tcpEStatsHCOutSegs, which appear in as
322 tcpHCInSegs and tcpHCOutSegs in draft-ietf-ipv6-rfc2012-update-03.txt
323 and later drafts.
325 Added changes section.
327 2. The Internet-Standard Management Framework
329 For a detailed overview of the documents that describe the current
330 Internet-Standard Management Framework, please refer to section 7 of
331 RFC 3410 [RFC3410].
333 Managed objects are accessed via a virtual information store, termed
334 the Management Information Base or MIB. MIB objects are generally
335 accessed through the Simple Network Management Protocol (SNMP).
336 Objects in the MIB are defined using the mechanisms defined in the
337 Structure of Management Information (SMI). This memo specifies a MIB
338 module that is compliant to the SMIv2, which is described in STD 58,
339 RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580
340 [RFC2580].
342 3. Overview
344 The TCP-ESTATS-MIB defined in this memo consists of two groups of
345 scalars, seven tables and two notifications:
347 * The first group of scalars contain statistics of the TCP protocol
348 engine not covered in RFC 4022. This group consists of the single
349 scalar tcpEStatsListenerTableLastChange which provides management
350 stations with an easier mechanism to validate their listener
351 caches.
353 * The second group of scalars consist of knobs to enable and disable
354 information collection by the tables containing connection-related
355 statistics/information. For example, the tcpEStatsControlPath
356 object controls the activation of the tcpEStatsPathTable. The
357 tcpEStatsConnTableLatency object determines how long connection
358 table rows are retained after a TCP connection transitions into the
359 closed state.
361 * The tcpEStatsListenerTable augments tcpListenerTable in TCP-MIB
362 [RFC4022] to provided additional information on the active TCP
363 listeners on a device. It supports objects to monitor and diagnose
364 SYN-flood denial-of-service attacks as described below.
366 * The tcpEStatsConnectIdTable augments the tcpConnectionTable in TCP-
367 MIB [RFC4022] to provide a mapping between connection 4-tuples
368 (which index tcpConnectionTable) and an integer connection index,
369 tcpEStatsConnectIndex. The connection index is used to index into
370 the five remaining tables in this MIB module, and is designed to
371 facilitate rapid polling of multiple objects associated with one
372 TCP connection.
374 * The tcpEStatsPerfTable contains objects that are useful for
375 measuring TCP performance and first check problem diagnosis.
377 * The tcpEStatsPathTable contains objects that can be used to infer
378 detailed behavior of the Internet path, such as the extent that
379 there are segment losses or reordering, etc.
381 * The tcpEStatsStackTable contains objects that are most useful for
382 determining how well the TCP control algorithms are coping with
383 this particular path.
385 * The tcpEStatsAppTable provides objects that are useful for
386 determining if the application using TCP is limiting TCP
387 performance.
389 * The tcpEStatsTuneTable provides per connection controls that can be
390 used to work around a number of common problems that plague TCP
391 over some paths.
393 * The two notifications defined in this MIB module are
394 tcpEStatsEstablishNotification, indicating that a new connection
395 has been accepted (or established, see below), and
396 tcpEStatsCloseNotification, indicating that an existing connection
397 has recently closed.
399 3.1. MIB Initialization and Persistence
401 The TCP protocol itself is specifically designed not to preserve any
402 state whatsoever across system reboots, and enforces this by
403 requiring randomized Initial Sequence numbers and ephemeral ports
404 under any conditions where segments from old connections might
405 corrupt new connections following a reboot.
407 All of the objects in the MIB MUST have the same persistence
408 properties as the underlying TCP implementation. On a reboot, all
409 zero based counters MUST be cleared, all per connection table rows
410 MUST be deleted and all read-write objects MUST be restored to their
411 default values. It is assumed that all TCP implementation have some
412 initialization code (if nothing else to set IP addresses) that has
413 the opportunity to adjust tcpEStatsConnTableLatency and other read-
414 write scalars controlling the creation of the various tables, before
415 establishing the first TCP connection. Implementations MAY also
416 choose to make these control scalars persist across reboots.
418 The ZeroBasedCounter32 and ZeroBasedCounter64 objects in the the
419 listener and connection tables are initialized to zero when the table
420 row is created.
422 The tcpEStatsConnTableLatency object determines how long connection
423 table rows are retained after a TCP connection transitions into the
424 closed state, to permit reading final connection completion
425 statistics. In RFC4022 (TCP-MIB), the discussion of
426 tcpConnectionTable row latency (page 9) the words "soon after" are
427 understood to mean after tcpEStatsConnTableLatency, such that all
428 rows of all tables associated with one connection are retained at
429 least tcpEStatsConnTableLatency after connection close. This
430 clarification to RFC4022 only applies when TCP-ESTATS-MIB is
431 implemented. If TCP-ESTATS-MIB is not implemented, RFC4022 permits
432 an unspecified delay between connection close and row deletion.
434 3.2. Relationship to TCP standards
436 There are more than 70 RFCs and other documents that specify various
437 aspects of the Transmission Control Protocol (TCP) [roadmap]. While
438 most protocols are completely specified in one or two documents, this
439 has not proven to be feasible for TCP. TCP implements a reliable
440 end-to-end data transport service over a very weakly constrained IP
441 datagram service. The essential problem that TCP has to solved is
442 balancing the applications need for fast and reliable data transport
443 against the need to make fair, efficient and equitable use of network
444 resources, with only sparse information about the state of the
445 network or its capabilities.
447 TCP maintains this balance through the use of many estimators and
448 heuristics that regulate various aspects of the protocol. For
449 example RFC2988 describes how to calculate the retransmission timer,
450 RTO, from the the average and variance of the network round-trip-time
451 as estimated from the RTT sampled on some data segments. Although
452 these algorithms are standardized, they are a compromise which is
453 optimal for only common Internet environments. Other estimators
454 might yield better results (higher performance or more efficient use
455 of the network) in some environments, particularly under uncommon
456 conditions.
458 It is the consensus of the community that nearly all of the
459 estimators and heuristics used in TCP might be improved through
460 further research and development. For this reason nearly all of TCP
461 documents leave some latitude for future improvements, for example by
462 the use of "SHOULD" instead of "MUST" [RFC2119]. Even standard
463 algorithms that are required because they critically effect fairness
464 or the dynamic stability of Internet congestion control, include some
465 latitude for evolution. As a consequence there is considerable
466 diversity in the details of the TCP implementation actually in use
467 today.
469 Since the underlying algorithms are not uniform, it makes it
470 difficult to tightly specify a MIB. We could have chosen the point
471 of view that the MIB should publish precisely defined metrics of the
472 network path, even if they are different than the estimators in use
473 by TCP. This would make the MIB more useful as a measurement tool,
474 but less useful for understanding how this specific TCP
475 implementation is interacting with the network path and upper
476 protocol layers. We chose instead to have the MIB expose the
477 estimators and important states variables of the algorithms in use,
478 without constraining the TCP implementation.
480 As a consequence the MIB objects are defined in terms of fairly
481 abstract descriptions (e.g. Round-Trip-Time) but are intended to
482 expose the actual estimators or other state variables as they are
483 used in this TCP implementation, possibly transformed (e.g. scaled or
484 otherwise adjusted) to match the spirit of the object descriptions in
485 this document.
487 This may mean that MIB objects may not be exactly comparable between
488 two different TCP implementations. A general management station can
489 only assume the the abstract descriptions, which are useful for
490 general assessment of how TCP is functioning. To a TCP implementer
491 with detailed knowledge about a specific TCP implementation this MIB
492 might be useful for debugging or evaluating the specific algorithms
493 in this implementation.
495 Under no conditions is this MIB intended to constrain TCP to use (or
496 exclude) any particular estimator, heuristic, algorithm or
497 implementation.
499 3.3. Diagnosing SYN-flood Denial-of-Service attacks
501 The tcpEStatsListenerTable is specifically designed to provide
502 information that is useful for diagnosing SYN-flood Denial-of-Service
503 attacks, where a server is overwhelmed by forged or otherwise
504 malicious connection attempts. There are several different
505 techniques that can be to defend against SYN-flooding but none are
506 standardized [Edd06]. These different techniques all have the same
507 basic characteristics which are instrumentable with a common set of
508 objects even though the techniques differ greatly in the details.
510 All SYN-flood defenses avoid allocating significant resources (memory
511 or CPU) to incoming (passive open) connections until the connections
512 meet some liveness criteria (to defend against forged IP source
513 addresses) and the server has sufficient resources to process the
514 incoming request. Note that allocating resources is an
515 implementation specific event that may not correspond to a observable
516 protocol event (e.g. segments on the wire). There are two general
517 concepts that can be applied to all known SYN-flood defenses. There
518 is generally a well defined event when a connection is allocated full
519 resources, and a "backlog" - a queue of embryonic connections that
520 have been allocated only partial resources.
522 In many implementations incoming TCP connections are allocated
523 resources as a side effect of the POSIX [POSIX] accept() call. For
524 this reason we use the terminology "accepting a connection" to refer
525 to this event: committing sufficient network resources to process the
526 incoming request. Accepting a connection typically entails
527 allocating memory for the protocol control block [RFC793], the per
528 connection table rows described in this MIB and CPU resources, such
529 as process table entries or threads.
531 Note that it is not useful to accept connections before they are
532 ESTABLISHED, because this would create an easy opportunity for
533 Denial-of-Service attacks, using forged source IP addresses.
535 The backlog consists of connections that are in SYN-RCVD or
536 ESTABLISHED states, that have not been accepted. For purposes of
537 this MIB we assume that these connections have been allocated some
538 resources (e.g. an embryonic protocol control block) but not full
539 resources (e.g. do not yet have MIB table rows).
541 Note that some SYN-Flood defenses dispense with explicit SYN-RCVD
542 state by cryptographically encoding the state in the ISS of the SYN-
543 ACK (sometimes called a syn-cookie), and then using the sequence
544 number of the first ACK to reconstruct the SYN-RCVD state before
545 transitioning to the ESTABLISHED state. For these implementations
546 there is no explicit representation of the SYN-RCVD state and the
547 backlog only consists of connections that are ESTABLISHED and are
548 waiting to be ACCEPTED.
550 Furthermore, most SYN-flood defenses have some mechanism to throttle
551 connections that might otherwise overwhelm this endpoint. They
552 generally use some combination of discarding incoming SYNs and
553 discarding connections already in the backlog. This does not cause
554 all connections from legitimate clients to fail, as long as the
555 clients retransmit the SYN or first ACK as specified in RFC793. Most
556 of the diversity in SYN flood defenses arises in variations in these
557 algorithms to limit load, and therefore they can not conveniently be
558 instrumented with a common standard MIB.
560 The Listen Table instruments all passively opened TCP connections in
561 terms of observable protocol events (e.g. sent and received segments)
562 and resource allocation events (entering the backlog and being
563 accepted). This approach eases generalization to SYN-flood
564 mechanisms that use alternate TCP state transition diagrams and
565 implicit mechanisms to encode some states.
567 4. TCP Extended Statistics MIB
569 TCP-ESTATS-MIB DEFINITIONS ::= BEGIN
570 IMPORTS
571 MODULE-IDENTITY, Counter32, Integer32, Unsigned32,
572 Gauge32, OBJECT-TYPE, mib-2,
573 NOTIFICATION-TYPE
574 FROM SNMPv2-SMI
575 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
576 FROM SNMPv2-CONF
577 ZeroBasedCounter32
578 FROM RMON2-MIB -- [RFC2021]
579 ZeroBasedCounter64
580 FROM HCNUM-TC -- [RFC2856]
581 TEXTUAL-CONVENTION,
582 DateAndTime, TruthValue, TimeStamp
583 FROM SNMPv2-TC -- [RFC2579]
584 tcpListenerEntry, tcpConnectionEntry
585 FROM TCP-MIB; -- [RFC4022]
587 tcpEStatsMIB MODULE-IDENTITY
588 LAST-UPDATED "200610091618Z" -- Oct 9, 2006
589 ORGANIZATION "IETF TSV Working Group"
590 CONTACT-INFO
591 "Matt Mathis
592 John Heffner
593 Web100 Project
594 Pittsburgh Supercomputing Center
595 4400 Fifth Ave
596 Pittsburgh, PA 15213
597 Email: mathis@psc.edu, jheffner@psc.edu
599 Rajiv Raghunarayan
600 Cisco Systems Inc.
601 San Jose, CA 95134
602 Phone: 408 853 9612
603 Email: raraghun@cisco.com
605 Jon Saperia
606 JDS Consulting, Inc.
607 174 Chapman Street
608 Watertown, MA 02472
609 Phone: 617-744-1079
610 Email: saperia@jdscons.com "
611 DESCRIPTION
612 "Documentation of TCP Extended Performance Instrumentation
613 variables from the Web100 project. [Web100]
615 Copyright (C) The Internet Society (2006). This version
616 of this MIB module is a part of RFC xxx1; see the RFC
617 itself for full legal notices."
618 -- RFC Editor: replace xxx1 with actual RFC number & remove note
620 REVISION "200610091618Z" -- Oct 9, 2006
621 DESCRIPTION
622 "Initial version, published as RFC xxx1."
623 -- RFC Editor assigns RFC xxx1
624 ::= { mib-2 xxx2 }
625 -- RFC Editor: IANA assigns base OID xxx2
627 tcpEStatsNotifications OBJECT IDENTIFIER ::= { tcpEStatsMIB 0 }
628 tcpEStatsMIBObjects OBJECT IDENTIFIER ::= { tcpEStatsMIB 1 }
629 tcpEStatsConformance OBJECT IDENTIFIER ::= { tcpEStatsMIB 2 }
630 tcpEStats OBJECT IDENTIFIER ::= { tcpEStatsMIBObjects 1 }
631 tcpEStatsControl OBJECT IDENTIFIER ::= { tcpEStatsMIBObjects 2 }
632 tcpEStatsScalar OBJECT IDENTIFIER ::= { tcpEStatsMIBObjects 3 }
634 --
635 -- Textual Conventions
636 --
638 TcpEStatsNegotiated ::= TEXTUAL-CONVENTION
639 STATUS current
640 DESCRIPTION
641 "Indicates if some optional TCP feature was negotiated.
643 Enabled(1) indicates that the feature was successfully
644 negotiated on, which generally requires both host to agree
645 to use the feature.
647 selfDisabled(2) indicates that the local host refused the
648 feature because it is not implemented, configured off or
649 refused for some other reason, such as the lack of
650 resources.
652 peerDisabled(3) indicates that the local host was willing
653 to negotiate the feature, but the remote host did not
654 do so."
655 SYNTAX INTEGER {
656 enabled(1),
657 selfDisabled(2),
658 peerDisabled(3)
659 }
661 --
662 -- TCP Extended statistics scalars
663 --
665 tcpEStatsListenerTableLastChange OBJECT-TYPE
666 SYNTAX TimeStamp
667 MAX-ACCESS read-only
668 STATUS current
669 DESCRIPTION
670 "The value of sysUpTime at the time of the last
671 creation or deletion of an entry in the tcpListenerTable.
672 If the number of entries has been unchanged since the
673 last re-initialization of the local network management
674 subsystem, then this object contains a zero value."
675 ::= { tcpEStatsScalar 3 }
677 -- ================================================================
678 --
679 -- The tcpEStatsControl Group
680 --
682 -- The scalar objects in this group are used to control the
683 -- activation and deactivation of the TCP Extended Statistics
684 -- tables and notifications in this module.
685 --
687 tcpEStatsControlPath OBJECT-TYPE
688 SYNTAX TruthValue
689 MAX-ACCESS read-write
690 STATUS current
691 DESCRIPTION
692 "Controls the activation of the TCP Path
693 Statistics table.
695 A value 'true' indicates that the TCP Path Statistics
696 table is active, while 'false' indicates that the
697 table is inactive."
698 DEFVAL { false }
699 ::= { tcpEStatsControl 1 }
701 tcpEStatsControlStack OBJECT-TYPE
702 SYNTAX TruthValue
703 MAX-ACCESS read-write
704 STATUS current
705 DESCRIPTION
706 "Controls the activation of the TCP Stack
707 Statistics table.
709 A value 'true' indicates that the TCP Path Statistics
710 table is active, while 'false' indicates that the
711 table is inactive."
712 DEFVAL { false }
713 ::= { tcpEStatsControl 2 }
715 tcpEStatsControlApp OBJECT-TYPE
716 SYNTAX TruthValue
717 MAX-ACCESS read-write
718 STATUS current
719 DESCRIPTION
720 "Controls the activation of the TCP Application
721 Statistics table.
723 A value 'true' indicates that the TCP Path Statistics
724 table is active, while 'false' indicates that the
725 table is inactive."
726 DEFVAL { false }
727 ::= { tcpEStatsControl 3 }
729 tcpEStatsControlTune OBJECT-TYPE
730 SYNTAX TruthValue
731 MAX-ACCESS read-write
732 STATUS current
733 DESCRIPTION
734 "Controls the activation of the TCP Tuning
735 table.
737 A value 'true' indicates that the TCP Path Statistics
738 table is active, while 'false' indicates that the
739 table is inactive."
740 DEFVAL { false }
741 ::= { tcpEStatsControl 4 }
743 tcpEStatsControlNotify OBJECT-TYPE
744 SYNTAX TruthValue
745 MAX-ACCESS read-write
746 STATUS current
747 DESCRIPTION
748 "Controls the generation of all notifications defined in
749 this MIB.
751 A value 'true' indicates that the TCP Path Statistics
752 table is active, while 'false' indicates that the
753 table is inactive."
754 DEFVAL { false }
755 ::= { tcpEStatsControl 5 }
757 tcpEStatsConnTableLatency OBJECT-TYPE
758 SYNTAX Integer32
759 UNITS "seconds"
760 MAX-ACCESS read-only
761 STATUS current
762 DESCRIPTION
763 "Specifies the number of seconds that the entity will
764 retain entries in the TCP connection tables, after the
765 connection first enters the closed state. The entity
766 SHOULD provide a configuration option to enable
767 customization of this value. A value of 0
768 results in entries being removed from the tables as soon as
769 the connection enters the closed state. The value of
770 this object pertains to the following tables:
771 tcpEStatsConnectIdTable
772 tcpEStatsPerfTable
773 tcpEStatsPathTable
774 tcpEStatsStackTable
775 tcpEStatsAppTable
776 tcpEStatsTuneTable"
777 DEFVAL { 0 }
778 ::= { tcpEStatsControl 6 }
780 -- ================================================================
781 --
782 -- Listener Table
783 --
785 tcpEStatsListenerTable OBJECT-TYPE
786 SYNTAX SEQUENCE OF TcpEStatsListenerEntry
787 MAX-ACCESS not-accessible
788 STATUS current
789 DESCRIPTION
790 "This table contains information about TCP Listeners,
791 in addition to the information maintained by the
792 tcpListenerTable RFC4022."
793 ::= { tcpEStats 1 }
795 tcpEStatsListenerEntry OBJECT-TYPE
796 SYNTAX TcpEStatsListenerEntry
797 MAX-ACCESS not-accessible
798 STATUS current
799 DESCRIPTION
800 "Each entry in the table contains information about
801 a specific TCP Listener."
802 AUGMENTS { tcpListenerEntry }
803 ::= { tcpEStatsListenerTable 1 }
805 TcpEStatsListenerEntry ::= SEQUENCE {
806 tcpEStatsListenerStartTime TimeStamp,
807 tcpEStatsListenerSynRcvd ZeroBasedCounter32,
808 tcpEStatsListenerInitial ZeroBasedCounter32,
809 tcpEStatsListenerEstablished ZeroBasedCounter32,
810 tcpEStatsListenerAccepted ZeroBasedCounter32,
811 tcpEStatsListenerExceedBacklog ZeroBasedCounter32,
812 tcpEStatsListenerHCSynRcvd ZeroBasedCounter64,
813 tcpEStatsListenerHCInitial ZeroBasedCounter64,
814 tcpEStatsListenerHCEstablished ZeroBasedCounter64,
815 tcpEStatsListenerHCAccepted ZeroBasedCounter64,
816 tcpEStatsListenerHCExceedBacklog ZeroBasedCounter64,
817 tcpEStatsListenerCurConns Gauge32,
818 tcpEStatsListenerMaxBacklog Integer32,
819 tcpEStatsListenerCurBacklog Gauge32,
820 tcpEStatsListenerCurEstabBacklog Gauge32
821 }
823 tcpEStatsListenerStartTime OBJECT-TYPE
824 SYNTAX TimeStamp
825 MAX-ACCESS read-only
826 STATUS current
827 DESCRIPTION
828 "The value of sysUpTime at the time this listener was
829 established. If the current state was entered prior to
830 the last re-initialization of the local network management
831 subsystem, then this object contains a zero value."
832 ::= { tcpEStatsListenerEntry 1 }
834 tcpEStatsListenerSynRcvd OBJECT-TYPE
835 SYNTAX ZeroBasedCounter32
836 MAX-ACCESS read-only
837 STATUS current
838 DESCRIPTION
839 "The number of SYNs which have been received for this
840 listener. The total number of failed connections for
841 all reasons can be estimated to be tcpEStatsListenerSynRcvd
842 minus tcpEStatsListenerAccepted and
843 tcpEStatsListenerCurBacklog."
844 ::= { tcpEStatsListenerEntry 2 }
846 tcpEStatsListenerInitial OBJECT-TYPE
847 SYNTAX ZeroBasedCounter32
848 MAX-ACCESS read-only
849 STATUS current
850 DESCRIPTION
851 "The total number of connections for which the Listener
852 has allocated initial state and placed the
853 connection in the backlog. The may happen in the
854 SYN-RCVD or ESTABLISHED states, depending on the
855 implementation."
856 ::= { tcpEStatsListenerEntry 3 }
858 tcpEStatsListenerEstablished OBJECT-TYPE
859 SYNTAX ZeroBasedCounter32
860 MAX-ACCESS read-only
861 STATUS current
862 DESCRIPTION
863 "The number of connections which have been established to
864 this endpoint. E.g. The number of first ACKs which have
865 been received for this listener."
866 ::= { tcpEStatsListenerEntry 4 }
868 tcpEStatsListenerAccepted OBJECT-TYPE
869 SYNTAX ZeroBasedCounter32
870 MAX-ACCESS read-only
871 STATUS current
872 DESCRIPTION
873 "The total number of connections for which the Listener
874 has successfully issued an accept, removing the connection
875 from the backlog."
876 ::= { tcpEStatsListenerEntry 5 }
878 tcpEStatsListenerExceedBacklog OBJECT-TYPE
879 SYNTAX ZeroBasedCounter32
880 MAX-ACCESS read-only
881 STATUS current
882 DESCRIPTION
883 "The total number of connections dropped from the
884 backlog by this listener due to all reasons. This
885 includes all connections that are allocated initial
886 resources but are not accepted for some reason."
887 ::= { tcpEStatsListenerEntry 6 }
889 tcpEStatsListenerHCSynRcvd OBJECT-TYPE
890 SYNTAX ZeroBasedCounter64
891 MAX-ACCESS read-only
892 STATUS current
893 DESCRIPTION
894 "The number of SYNs which have been received for this
895 listener on systems that can process (or reject) more
896 than 1 million connections per second. See
897 tcpEStatsListenerSynRcvd."
898 ::= { tcpEStatsListenerEntry 7 }
900 tcpEStatsListenerHCInitial OBJECT-TYPE
901 SYNTAX ZeroBasedCounter64
902 MAX-ACCESS read-only
903 STATUS current
904 DESCRIPTION
905 "The total number of connections for which the Listener
906 has allocated initial state and placed the connection
907 in the backlog on systems that can process (or reject)
908 more than 1 million connections per second. See
909 tcpEStatsListenerInitial."
910 ::= { tcpEStatsListenerEntry 8 }
912 tcpEStatsListenerHCEstablished OBJECT-TYPE
913 SYNTAX ZeroBasedCounter64
914 MAX-ACCESS read-only
915 STATUS current
916 DESCRIPTION
917 "The number of connections which have been established to
918 this endpoint on systems that can process (or reject) more
919 than 1 million connections per second. See
920 tcpEStatsListenerEstablished."
921 ::= { tcpEStatsListenerEntry 9 }
923 tcpEStatsListenerHCAccepted OBJECT-TYPE
924 SYNTAX ZeroBasedCounter64
925 MAX-ACCESS read-only
926 STATUS current
927 DESCRIPTION
928 "The total number of connections for which the Listener
929 has successfully issued an accept, removing the connection
930 from the backlog on systems that can process (or reject)
931 more than 1 million connections per second. See
932 tcpEStatsListenerAccepted."
933 ::= { tcpEStatsListenerEntry 10 }
935 tcpEStatsListenerHCExceedBacklog OBJECT-TYPE
936 SYNTAX ZeroBasedCounter64
937 MAX-ACCESS read-only
938 STATUS current
939 DESCRIPTION
940 "The total number of connections dropped from the
941 backlog by this listener due to all reasons on
942 systems that can process (or reject) more than
943 1 million connections per second. See
944 tcpEStatsListenerHCExceedBacklog."
945 ::= { tcpEStatsListenerEntry 11 }
947 tcpEStatsListenerCurConns OBJECT-TYPE
948 SYNTAX Gauge32
949 MAX-ACCESS read-only
950 STATUS current
951 DESCRIPTION
952 "The current number of connections in the ESTABLISHED
953 state, which have also been accepted. It excludes
954 connections that have been established but not accepted
955 because they are still subject to being discarded to
956 shed load without explicit action by either endpoint."
957 ::= { tcpEStatsListenerEntry 12 }
959 tcpEStatsListenerMaxBacklog OBJECT-TYPE
960 SYNTAX Integer32
961 MAX-ACCESS read-only
962 STATUS current
963 DESCRIPTION
964 "The maximum number of connections allowed in
965 backlog at one time."
966 ::= { tcpEStatsListenerEntry 13 }
968 tcpEStatsListenerCurBacklog OBJECT-TYPE
969 SYNTAX Gauge32
970 MAX-ACCESS read-only
971 STATUS current
972 DESCRIPTION
973 "The current number of connections that are in backlog.
974 This gauge includes connections in ESTABLISHED or
975 SYN-RECEIVED states for which the Listener has not yet
976 issued an accept.
978 If this listener is using some technique to implicitly
979 represent the SYN-RECEIVED states, e.g. by
980 cryptographically encoding the state information in the
981 initial sequence number (ISS), it MAY elect to exclude
982 connections in the SYN-RECEIVED state from the backlog."
983 ::= { tcpEStatsListenerEntry 14 }
985 tcpEStatsListenerCurEstabBacklog OBJECT-TYPE
986 SYNTAX Gauge32
987 MAX-ACCESS read-only
988 STATUS current
989 DESCRIPTION
990 "The current number of connections in backlog that are
991 in the ESTABLISHED state, but for which the Listener has
992 not yet issued an accept."
993 ::= { tcpEStatsListenerEntry 15 }
995 -- ================================================================
996 --
997 -- TCP Connection ID Table
998 --
1000 tcpEStatsConnectIdTable OBJECT-TYPE
1001 SYNTAX SEQUENCE OF TcpEStatsConnectIdEntry
1002 MAX-ACCESS not-accessible
1003 STATUS current
1004 DESCRIPTION
1005 "This table maps information that uniquely identifies
1006 each active TCP connection to the connection ID used by
1007 other tables in this MIB Module. It is an extention of
1008 tcpConnectionTable in RFC4022.
1010 Entries are retained in this table for the number of
1011 seconds indicated by the tcpEStatsConnTableLatency
1012 object, after the TCP connection first enters the closed
1013 state."
1014 ::= { tcpEStats 2 }
1016 tcpEStatsConnectIdEntry OBJECT-TYPE
1017 SYNTAX TcpEStatsConnectIdEntry
1018 MAX-ACCESS not-accessible
1019 STATUS current
1020 DESCRIPTION
1021 "Each entry in this table maps a TCP connection
1022 4-tuple to a connection index."
1023 AUGMENTS { tcpConnectionEntry }
1024 ::= { tcpEStatsConnectIdTable 1 }
1026 TcpEStatsConnectIdEntry ::= SEQUENCE {
1027 tcpEStatsConnectIndex Unsigned32
1028 }
1030 tcpEStatsConnectIndex OBJECT-TYPE
1031 SYNTAX Unsigned32
1032 MAX-ACCESS read-only
1033 STATUS current
1034 DESCRIPTION
1035 "A unique integer value assigned to each TCP Connection
1036 entry. Assignment will begin at 1 and increase to the
1037 maximum value and then start again at 1 skipping in use
1038 values."
1039 ::= { tcpEStatsConnectIdEntry 1 }
1041 -- ================================================================
1042 --
1043 -- Basic TCP Performance Statistics
1044 --
1046 tcpEStatsPerfTable OBJECT-TYPE
1047 SYNTAX SEQUENCE OF TcpEStatsPerfEntry
1048 MAX-ACCESS not-accessible
1049 STATUS current
1050 DESCRIPTION
1052 "This table contains objects that are useful for
1053 measuring TCP performance and first line problem
1054 diagnosis. Most objects in this table directly expose
1055 some TCP state variable or are easily implemented as
1056 simple functions (e.g. Maximum) of TCP state variables.
1058 Entries are retained in this table for the number of
1059 seconds indicated by the tcpEStatsConnTableLatency
1060 object, after the TCP connection first enters the closed
1061 state."
1062 ::= { tcpEStats 3 }
1064 tcpEStatsPerfEntry OBJECT-TYPE
1065 SYNTAX TcpEStatsPerfEntry
1066 MAX-ACCESS not-accessible
1067 STATUS current
1068 DESCRIPTION
1069 "Each entry in this table has information about the
1070 characteristics of each active and recently closed tcp
1071 connection."
1072 INDEX { tcpEStatsConnectIndex }
1073 ::= { tcpEStatsPerfTable 1 }
1075 TcpEStatsPerfEntry ::= SEQUENCE {
1077 tcpEStatsPerfSegsOut ZeroBasedCounter32,
1078 tcpEStatsPerfDataSegsOut ZeroBasedCounter32,
1079 tcpEStatsPerfDataOctetsOut ZeroBasedCounter32,
1080 tcpEStatsPerfHCDataOctetsOut ZeroBasedCounter64,
1081 tcpEStatsPerfSegsRetrans ZeroBasedCounter32,
1082 tcpEStatsPerfOctetsRetrans ZeroBasedCounter32,
1083 tcpEStatsPerfSegsIn ZeroBasedCounter32,
1084 tcpEStatsPerfDataSegsIn ZeroBasedCounter32,
1085 tcpEStatsPerfDataOctetsIn ZeroBasedCounter32,
1086 tcpEStatsPerfHCDataOctetsIn ZeroBasedCounter64,
1087 tcpEStatsPerfElapsedSecs ZeroBasedCounter32,
1088 tcpEStatsPerfElapsedMicroSecs ZeroBasedCounter32,
1089 tcpEStatsPerfStartTimeStamp DateAndTime,
1090 tcpEStatsPerfCurMSS Gauge32,
1091 tcpEStatsPerfPipeSize Gauge32,
1092 tcpEStatsPerfMaxPipeSize Gauge32,
1093 tcpEStatsPerfSmoothedRTT Gauge32,
1094 tcpEStatsPerfCurRTO Gauge32,
1095 tcpEStatsPerfCongSignals ZeroBasedCounter32,
1096 tcpEStatsPerfCurCwnd Gauge32,
1097 tcpEStatsPerfCurSsthresh Gauge32,
1098 tcpEStatsPerfTimeouts ZeroBasedCounter32,
1099 tcpEStatsPerfCurRwinSent Gauge32,
1100 tcpEStatsPerfMaxRwinSent Gauge32,
1101 tcpEStatsPerfZeroRwinSent Gauge32,
1102 tcpEStatsPerfCurRwinRcvd Gauge32,
1103 tcpEStatsPerfMaxRwinRcvd Gauge32,
1104 tcpEStatsPerfZeroRwinRcvd Gauge32,
1105 tcpEStatsPerfSndLimTransRwin ZeroBasedCounter32,
1106 tcpEStatsPerfSndLimTransCwnd ZeroBasedCounter32,
1107 tcpEStatsPerfSndLimTransSnd ZeroBasedCounter32,
1108 tcpEStatsPerfSndLimTimeRwin ZeroBasedCounter32,
1109 tcpEStatsPerfSndLimTimeCwnd ZeroBasedCounter32,
1110 tcpEStatsPerfSndLimTimeSnd ZeroBasedCounter32
1111 }
1113 --
1114 -- The following objects provide statistics on aggregate
1115 -- segments and data sent on a connection. These provide a
1116 -- direct measure of the Internet capacity consumed by a
1117 -- connection.
1118 --
1120 tcpEStatsPerfSegsOut OBJECT-TYPE
1121 SYNTAX ZeroBasedCounter32
1122 MAX-ACCESS read-only
1123 STATUS current
1124 DESCRIPTION
1125 "The total number of segments sent."
1126 ::= { tcpEStatsPerfEntry 1 }
1128 tcpEStatsPerfDataSegsOut OBJECT-TYPE
1129 SYNTAX ZeroBasedCounter32
1130 MAX-ACCESS read-only
1131 STATUS current
1132 DESCRIPTION
1133 "The number of segments sent containing a positive length
1134 data segment."
1135 ::= { tcpEStatsPerfEntry 2 }
1137 tcpEStatsPerfDataOctetsOut OBJECT-TYPE
1138 SYNTAX ZeroBasedCounter32
1139 UNITS "octets"
1140 MAX-ACCESS read-only
1141 STATUS current
1142 DESCRIPTION
1143 "The number of octets of data contained in transmitted
1144 segments, including retransmitted data. Note that this does
1145 not include TCP headers."
1146 ::= { tcpEStatsPerfEntry 3 }
1148 tcpEStatsPerfHCDataOctetsOut OBJECT-TYPE
1149 SYNTAX ZeroBasedCounter64
1150 UNITS "octets"
1151 MAX-ACCESS read-only
1152 STATUS current
1153 DESCRIPTION
1154 "The number of octets of data contained in transmitted
1155 segments, including retransmitted data, on systems that can
1156 transmit more than 10 million bits per second. Note that
1157 this does not include TCP headers."
1158 ::= { tcpEStatsPerfEntry 4 }
1160 tcpEStatsPerfSegsRetrans OBJECT-TYPE
1161 SYNTAX ZeroBasedCounter32
1162 MAX-ACCESS read-only
1163 STATUS current
1164 DESCRIPTION
1165 "The number of segments transmitted containing at least some
1166 retransmitted data."
1167 REFERENCE
1168 "RFC793, Transmission Control Protocol"
1169 ::= { tcpEStatsPerfEntry 5 }
1171 tcpEStatsPerfOctetsRetrans OBJECT-TYPE
1172 SYNTAX ZeroBasedCounter32
1173 UNITS "octets"
1174 MAX-ACCESS read-only
1175 STATUS current
1176 DESCRIPTION
1177 "The number of octets retransmitted."
1178 REFERENCE
1179 "RFC793, Transmission Control Protocol"
1180 ::= { tcpEStatsPerfEntry 6 }
1182 tcpEStatsPerfSegsIn OBJECT-TYPE
1183 SYNTAX ZeroBasedCounter32
1184 MAX-ACCESS read-only
1185 STATUS current
1186 DESCRIPTION
1187 "The total number of segments received."
1188 ::= { tcpEStatsPerfEntry 7 }
1190 tcpEStatsPerfDataSegsIn OBJECT-TYPE
1191 SYNTAX ZeroBasedCounter32
1192 MAX-ACCESS read-only
1193 STATUS current
1194 DESCRIPTION
1195 "The number of segments received containing a positive
1196 length data segment."
1197 ::= { tcpEStatsPerfEntry 8 }
1199 tcpEStatsPerfDataOctetsIn OBJECT-TYPE
1200 SYNTAX ZeroBasedCounter32
1201 UNITS "octets"
1202 MAX-ACCESS read-only
1203 STATUS current
1204 DESCRIPTION
1205 "The number of octets contained in received data segments,
1206 including retransmitted data. Note that this does not
1207 include TCP headers."
1208 ::= { tcpEStatsPerfEntry 9 }
1210 tcpEStatsPerfHCDataOctetsIn OBJECT-TYPE
1211 SYNTAX ZeroBasedCounter64
1212 UNITS "octets"
1213 MAX-ACCESS read-only
1214 STATUS current
1215 DESCRIPTION
1216 "The number of octets contained in received data segments,
1217 including retransmitted data, on systems that can receive
1218 more than 10 million bits per second. Note that this does
1219 not include TCP headers."
1220 ::= { tcpEStatsPerfEntry 10 }
1222 tcpEStatsPerfElapsedSecs OBJECT-TYPE
1223 SYNTAX ZeroBasedCounter32
1224 UNITS "seconds"
1225 MAX-ACCESS read-only
1226 STATUS current
1227 DESCRIPTION
1228 "The seconds part of the time elapsed between
1229 tcpEStatsPerfStartTimeStamp and the most recent protocol
1230 event (segment sent or received)."
1231 ::= { tcpEStatsPerfEntry 11 }
1233 tcpEStatsPerfElapsedMicroSecs OBJECT-TYPE
1234 SYNTAX ZeroBasedCounter32
1235 UNITS "microseconds"
1236 MAX-ACCESS read-only
1237 STATUS current
1238 DESCRIPTION
1239 "The micro-second part of time elapsed between
1240 tcpEStatsPerfStartTimeStamp to the most recent protocol
1241 event (segment sent or received). This may be updated in
1242 what ever time granularity is the system supports."
1243 ::= { tcpEStatsPerfEntry 12 }
1245 tcpEStatsPerfStartTimeStamp OBJECT-TYPE
1246 SYNTAX DateAndTime
1247 MAX-ACCESS read-only
1248 STATUS current
1249 DESCRIPTION
1250 "Time at which this row was created and all
1251 ZeroBasedCounters in the row were initialized to zero."
1252 ::= { tcpEStatsPerfEntry 13 }
1254 --
1255 -- The following objects can be used to fit minimal
1256 -- performance models to the TCP data rate.
1257 --
1259 tcpEStatsPerfCurMSS OBJECT-TYPE
1260 SYNTAX Gauge32
1261 UNITS "octets"
1262 MAX-ACCESS read-only
1263 STATUS current
1264 DESCRIPTION
1265 "The current maximum segment size (MSS), in octets."
1266 REFERENCE
1267 "RFC1122, Requirements for Internet Hosts - Communication
1268 Layers"
1269 ::= { tcpEStatsPerfEntry 14 }
1271 tcpEStatsPerfPipeSize OBJECT-TYPE
1272 SYNTAX Gauge32
1273 UNITS "octets"
1274 MAX-ACCESS read-only
1275 STATUS current
1276 DESCRIPTION
1277 "The TCP senders current estimate of the number of
1278 unacknowledged data octets in the network.
1280 While not in recovery (e.g. while the receiver is not
1281 reporting missing data to the sender) this is precisely the
1282 same as ``Flight size'' as defined in RFC2581, which can be
1283 computed as SND.NXT minus SND.UNA. [RFC793]
1285 During recovery the TCP sender has incomplete information
1286 about the state of the network (e.g. which segments are
1287 lost vs reordered, especially if the return path is also
1288 dropping TCP acknowledgments). Current TCP standards do not
1289 mandate any specific algorithm for estimating the number of
1290 unacknowledged data octets in the network.
1292 RFC3517 describes a conservative algorithm to use SACK
1293 information to estimate the number of unacknowledged data
1294 octets in the network. tcpEStatsPerfPipeSize object SHOULD
1295 be the the same as ``pipe'' as defined in in RFC3517 if it
1296 is implemented. (Note that while not in recovery the pipe
1297 algorithm yields the same values as flight size).
1299 If RFC3517 is not implemented, the data octets in flight
1300 SHOULD be estimated as SND.NXT minus SND.UNA adjusted by
1301 some measure of the data that has left the network and
1302 retransmitted data. For example, with Reno or NewReno style
1303 TCP, the number of duplicate acknowledgment is used to
1304 count the number of segments that have left the network.
1305 I.e.: PipeSize=SND.NXT-SND.UNA+(retransmits-dupacks)*CurMSS"
1306 REFERENCE
1307 "RFC793, RFC2581, RFC3517"
1308 ::= { tcpEStatsPerfEntry 15 }
1310 tcpEStatsPerfMaxPipeSize OBJECT-TYPE
1311 SYNTAX Gauge32
1312 UNITS "octets"
1313 MAX-ACCESS read-only
1314 STATUS current
1315 DESCRIPTION
1316 "The maximum value of tcpEStatsPerfPipeSize, for this
1317 connection."
1318 REFERENCE
1319 "RFC793, RFC2581, RFC3517"
1320 ::= { tcpEStatsPerfEntry 16 }
1322 tcpEStatsPerfSmoothedRTT OBJECT-TYPE
1323 SYNTAX Gauge32
1324 UNITS "milliseconds"
1325 MAX-ACCESS read-only
1326 STATUS current
1327 DESCRIPTION
1328 "The smoothed round trip time used in calculation of the
1329 RTO. See SRTT in [RFC2988]."
1330 REFERENCE
1331 "RFC2988, Computing TCP's Retransmission Timer"
1332 ::= { tcpEStatsPerfEntry 17 }
1334 tcpEStatsPerfCurRTO OBJECT-TYPE
1335 SYNTAX Gauge32
1336 UNITS "milliseconds"
1337 MAX-ACCESS read-only
1338 STATUS current
1339 DESCRIPTION
1340 "The current value of the retransmit timer RTO."
1341 REFERENCE
1342 "RFC2988, Computing TCP's Retransmission Timer"
1343 ::= { tcpEStatsPerfEntry 18 }
1345 tcpEStatsPerfCongSignals OBJECT-TYPE
1346 SYNTAX ZeroBasedCounter32
1347 MAX-ACCESS read-only
1348 STATUS current
1349 DESCRIPTION
1350 "The number of multiplicative downward congestion window
1351 adjustments due to all forms of congestion signals,
1352 including Fast Retransmit, ECN and timeouts. This object
1353 summarizes all events that invoke the MD portion of AIMD
1354 congestion control, and as such is the best indicator of
1355 how cwnd is being affected by congestion.
1357 Note that retransmission timeouts multiplicatively reduce
1358 the window implicitly by setting ssthresh, and SHOULD be
1359 included in tcpEStatsPerfCongSignals. In order to minimize
1360 spurious congestion indications due to out-of-order
1361 segments, tcpEStatsPerfCongSignals SHOULD be incremented in
1362 association with the Fast Retransmit algorithm."
1363 REFERENCE
1364 "RFC2581, TCP Congestion Control"
1365 ::= { tcpEStatsPerfEntry 19 }
1367 tcpEStatsPerfCurCwnd OBJECT-TYPE
1368 SYNTAX Gauge32
1369 UNITS "octets"
1370 MAX-ACCESS read-only
1371 STATUS current
1372 DESCRIPTION
1373 "The current congestion window, in octets."
1375 REFERENCE
1376 "RFC2581, TCP Congestion Control"
1377 ::= { tcpEStatsPerfEntry 20 }
1379 tcpEStatsPerfCurSsthresh OBJECT-TYPE
1380 SYNTAX Gauge32
1381 UNITS "octets"
1382 MAX-ACCESS read-only
1383 STATUS current
1384 DESCRIPTION
1385 "The current slow start threshold in octets."
1386 REFERENCE
1387 "RFC2581, TCP Congestion Control"
1388 ::= { tcpEStatsPerfEntry 21 }
1390 tcpEStatsPerfTimeouts OBJECT-TYPE
1391 SYNTAX ZeroBasedCounter32
1392 MAX-ACCESS read-only
1393 STATUS current
1394 DESCRIPTION
1395 "The number of times the retransmit timeout has expired when
1396 the RTO backoff multiplier is equal to one."
1397 REFERENCE
1398 "RFC2988, Computing TCP's Retransmission Timer"
1399 ::= { tcpEStatsPerfEntry 22 }
1401 --
1402 -- The following objects instrument receiver window updates
1403 -- sent by the local receiver to the remote sender. These can
1404 -- be used to determine if the local receiver is exerting flow
1405 -- control back pressure on the remote sender.
1406 --
1408 tcpEStatsPerfCurRwinSent OBJECT-TYPE
1409 SYNTAX Gauge32
1410 UNITS "octets"
1411 MAX-ACCESS read-only
1412 STATUS current
1413 DESCRIPTION
1414 "The most recent window advertisement sent, in octets."
1415 REFERENCE
1416 "RFC793, Transmission Control Protocol"
1417 ::= { tcpEStatsPerfEntry 23 }
1419 tcpEStatsPerfMaxRwinSent OBJECT-TYPE
1420 SYNTAX Gauge32
1421 UNITS "octets"
1422 MAX-ACCESS read-only
1423 STATUS current
1424 DESCRIPTION
1425 "The maximum window advertisement sent, in octets."
1426 REFERENCE
1427 "RFC793, Transmission Control Protocol"
1428 ::= { tcpEStatsPerfEntry 24 }
1430 tcpEStatsPerfZeroRwinSent OBJECT-TYPE
1431 SYNTAX Gauge32
1432 MAX-ACCESS read-only
1433 STATUS current
1434 DESCRIPTION
1435 "The number of acknowledgments sent announcing a zero
1436 receive window, when the previously announced window was
1437 not zero."
1438 REFERENCE
1439 "RFC793, Transmission Control Protocol"
1440 ::= { tcpEStatsPerfEntry 25 }
1442 --
1443 -- The following objects instrument receiver window updates
1444 -- from the far end-system to determine if the remote receiver
1445 -- has sufficient buffer space or is exerting flow-control
1446 -- back pressure on the local sender.
1447 --
1449 tcpEStatsPerfCurRwinRcvd OBJECT-TYPE
1450 SYNTAX Gauge32
1451 UNITS "octets"
1452 MAX-ACCESS read-only
1453 STATUS current
1454 DESCRIPTION
1455 "The most recent window advertisement received, in octets."
1456 REFERENCE
1457 "RFC793, Transmission Control Protocol"
1458 ::= { tcpEStatsPerfEntry 26 }
1460 tcpEStatsPerfMaxRwinRcvd OBJECT-TYPE
1461 SYNTAX Gauge32
1462 UNITS "octets"
1463 MAX-ACCESS read-only
1464 STATUS current
1465 DESCRIPTION
1466 "The maximum window advertisement received, in octets."
1467 REFERENCE
1468 "RFC793, Transmission Control Protocol"
1469 ::= { tcpEStatsPerfEntry 27 }
1471 tcpEStatsPerfZeroRwinRcvd OBJECT-TYPE
1472 SYNTAX Gauge32
1473 MAX-ACCESS read-only
1474 STATUS current
1475 DESCRIPTION
1476 "The number of acknowledgments received announcing a zero
1477 receive window, when the previously announced window was
1478 not zero."
1479 REFERENCE
1480 "RFC793, Transmission Control Protocol"
1481 ::= { tcpEStatsPerfEntry 28 }
1483 --
1484 -- The following optional objects can be used to quickly
1485 -- identify which subsystems are limiting TCP performance.
1486 -- There are three parallel pairs of instruments that measure
1487 -- the extent to which TCP performance is limited by the
1488 -- announced receiver window (indicating a receiver
1489 -- bottleneck), the current congestion window or
1490 -- retransmission timeout (indicating a path bottleneck) and
1491 -- all others events (indicating a sender bottleneck).
1492 --
1493 -- These instruments SHOULD be updated every time the TCP
1494 -- output routine stops sending data. The elapsed time since
1495 -- the previous stop is accumulated into the appropriate
1496 -- object as determined by the previous stop reason (e.g. stop
1497 -- state). The current stop reason determines which timer will
1498 -- be updated the next time TCP output stops.
1499 --
1500 -- Since there is no explicit stop at the beginning of a
1501 -- timeout, it is necessary to retroactively reclassify the
1502 -- previous stop as 'Congestion Limited'.
1503 --
1505 tcpEStatsPerfSndLimTransRwin OBJECT-TYPE
1506 SYNTAX ZeroBasedCounter32
1507 MAX-ACCESS read-only
1508 STATUS current
1509 DESCRIPTION
1510 "The number of transitions into the 'Receiver Limited' state
1511 from either the 'Congestion Limited' or 'Sender Limited'
1512 states. This state is entered whenever TCP transmission
1513 stops because the sender has filled the announced receiver
1514 window. I.e. when SND.NXT has advanced to SND.UNA + SND.WND
1515 - 1 as described in RFC 793."
1516 REFERENCE
1517 "RFC793, Transmission Control Protocol"
1518 ::= { tcpEStatsPerfEntry 31 }
1520 tcpEStatsPerfSndLimTransCwnd OBJECT-TYPE
1521 SYNTAX ZeroBasedCounter32
1522 MAX-ACCESS read-only
1523 STATUS current
1524 DESCRIPTION
1525 "The number of transitions into the 'Congestion Limited'
1526 state from either the 'Receiver Limited' or 'Sender
1527 Limited' states. This state is entered whenever TCP
1528 transmission stops because the sender has reached some
1529 limit defined by congestion control (e.g. cwnd) or other
1530 algorithms (retransmission timeouts) designed to control
1531 network traffic. See the definition of 'CONGESTION WINDOW'
1532 in RFC 2581."
1533 REFERENCE
1534 "RFC2581, TCP Congestion Control"
1535 ::= { tcpEStatsPerfEntry 32 }
1537 tcpEStatsPerfSndLimTransSnd OBJECT-TYPE
1538 SYNTAX ZeroBasedCounter32
1539 MAX-ACCESS read-only
1540 STATUS current
1541 DESCRIPTION
1542 "The number of transitions into the 'Sender Limited' state
1543 from either the 'Receiver Limited' or 'Congestion Limited'
1544 states. This state is entered whenever TCP transmission
1545 stops due to some sender limit such as running out of
1546 application data or other resources and the Karn algorithm.
1547 When TCP stops sending data for any reason which can not be
1548 classified as Receiver Limited or Congestion Limited it
1549 MUST be treated as Sender Limited."
1550 ::= { tcpEStatsPerfEntry 33 }
1552 tcpEStatsPerfSndLimTimeRwin OBJECT-TYPE
1553 SYNTAX ZeroBasedCounter32
1554 UNITS "milliseconds"
1555 MAX-ACCESS read-only
1556 STATUS current
1557 DESCRIPTION
1558 "The cumulative time spent in the 'Receiver Limited' state.
1559 See tcpEStatsPerfSndLimTransRwin."
1560 ::= { tcpEStatsPerfEntry 34 }
1562 tcpEStatsPerfSndLimTimeCwnd OBJECT-TYPE
1563 SYNTAX ZeroBasedCounter32
1564 UNITS "milliseconds"
1565 MAX-ACCESS read-only
1566 STATUS current
1567 DESCRIPTION
1568 "The cumulative time spent in the 'Congestion Limited'
1569 state. See tcpEStatsPerfSndLimTransCwnd. When there is a
1570 retransmission timeout, it SHOULD be counted in
1571 tcpEStatsPerfSndLimTimeCwnd (and not the cumulative time
1572 for some other state.)"
1573 ::= { tcpEStatsPerfEntry 35 }
1575 tcpEStatsPerfSndLimTimeSnd OBJECT-TYPE
1576 SYNTAX ZeroBasedCounter32
1577 UNITS "milliseconds"
1578 MAX-ACCESS read-only
1579 STATUS current
1580 DESCRIPTION
1581 "The cumulative time spent in the 'Sender Limited' state.
1582 See tcpEStatsPerfSndLimTransSnd."
1583 ::= { tcpEStatsPerfEntry 36 }
1585 -- ================================================================
1586 --
1587 -- Statistics for diagnosing path problems
1588 --
1590 tcpEStatsPathTable OBJECT-TYPE
1591 SYNTAX SEQUENCE OF TcpEStatsPathEntry
1592 MAX-ACCESS not-accessible
1593 STATUS current
1594 DESCRIPTION
1595 "This table contains objects that can be used to infer
1596 detailed behavior of the Internet path, such as the
1597 extent that there is reordering, ECN bits and if
1598 RTT fluctuations are correlated to losses.
1600 Entries are retained in this table for the number of
1601 seconds indicated by the tcpEStatsConnTableLatency
1602 object, after the TCP connection first enters the closed
1603 state."
1604 ::= { tcpEStats 4 }
1606 tcpEStatsPathEntry OBJECT-TYPE
1607 SYNTAX TcpEStatsPathEntry
1608 MAX-ACCESS not-accessible
1609 STATUS current
1610 DESCRIPTION
1611 "Each entry in this table has information about the
1612 characteristics of each active and recently closed tcp
1613 connection."
1614 INDEX { tcpEStatsConnectIndex }
1615 ::= { tcpEStatsPathTable 1 }
1617 TcpEStatsPathEntry ::= SEQUENCE {
1619 tcpEStatsPathRetranThresh Gauge32,
1620 tcpEStatsPathNonRecovDAEpisodes Counter32,
1621 tcpEStatsPathSumOctetsReordered Counter32,
1622 tcpEStatsPathNonRecovDA ZeroBasedCounter32,
1623 tcpEStatsPathSampleRTT Gauge32,
1624 tcpEStatsPathRTTVar Gauge32,
1625 tcpEStatsPathMaxRTT Gauge32,
1626 tcpEStatsPathMinRTT Gauge32,
1627 tcpEStatsPathSumRTT ZeroBasedCounter32,
1628 tcpEStatsPathHCSumRTT ZeroBasedCounter64,
1629 tcpEStatsPathCountRTT ZeroBasedCounter32,
1630 tcpEStatsPathMaxRTO Gauge32,
1631 tcpEStatsPathMinRTO Gauge32,
1632 tcpEStatsPathIpTtl Integer32,
1633 tcpEStatsPathIpTosIn Integer32,
1634 tcpEStatsPathIpTosOut Integer32,
1635 tcpEStatsPathPreCongSumCwnd ZeroBasedCounter32,
1636 tcpEStatsPathPreCongSumRTT ZeroBasedCounter32,
1637 tcpEStatsPathPostCongSumRTT ZeroBasedCounter32,
1638 tcpEStatsPathPostCongCountRTT ZeroBasedCounter32,
1639 tcpEStatsPathECNsignals ZeroBasedCounter32,
1640 tcpEStatsPathQuenchRcvd ZeroBasedCounter32,
1641 tcpEStatsPathDupAckEpisodes ZeroBasedCounter32,
1642 tcpEStatsPathRcvRTT Gauge32,
1643 tcpEStatsPathDupAcksOut ZeroBasedCounter32,
1644 tcpEStatsPathCERcvd ZeroBasedCounter32,
1645 tcpEStatsPathECESent ZeroBasedCounter32,
1646 tcpEStatsPathECNNonceRcvd ZeroBasedCounter32
1647 }
1649 --
1650 -- The following optional objects can be used to infer segment
1651 -- reordering on the path from the local sender to the remote
1652 -- receiver.
1653 --
1655 tcpEStatsPathRetranThresh OBJECT-TYPE
1656 SYNTAX Gauge32
1657 MAX-ACCESS read-only
1658 STATUS current
1659 DESCRIPTION
1660 "The number of duplicate acknowledgments required to trigger
1661 Fast Retransmit. Note that although this is constant in
1662 traditional Reno TCP implementations, it is adaptive in
1663 many newer TCPs."
1664 REFERENCE
1665 "RFC2581, TCP Congestion Control"
1666 ::= { tcpEStatsPathEntry 1 }
1668 tcpEStatsPathNonRecovDAEpisodes OBJECT-TYPE
1669 SYNTAX Counter32
1670 MAX-ACCESS read-only
1671 STATUS current
1672 DESCRIPTION
1673 "The number of duplicate acknowledgment episodes that did
1674 not trigger a Fast Retransmit because ACK advanced prior to
1675 the number of duplicate acknowledgments reaching
1676 RetranThresh.
1678 In many implementations this is the number of times the
1679 'dupacks' counter is set to zero when it is non-zero but
1680 less than RetranThresh.
1682 Note that the change in tcpEStatsPathNonRecovDAEpisodes
1683 divided by the change in tcpEStatsPerfDataSegsOut is an
1684 estimate of the frequency of data reordering on the forward
1685 path over some interval."
1686 REFERENCE
1687 "RFC2581, TCP Congestion Control"
1688 ::= { tcpEStatsPathEntry 2 }
1690 tcpEStatsPathSumOctetsReordered OBJECT-TYPE
1691 SYNTAX Counter32
1692 UNITS "octets"
1693 MAX-ACCESS read-only
1694 STATUS current
1695 DESCRIPTION
1696 "The sum of the amounts SND.UNA advances on the
1697 acknowledgment which ends a dup-ack episode without a
1698 retransmission.
1700 Note the change in tcpEStatsPathSumOctetsReordered divided
1701 by the change in tcpEStatsPathNonRecovDAEpisodes is an
1702 estimates of the average reordering distance, over some
1703 interval."
1704 ::= { tcpEStatsPathEntry 3 }
1706 tcpEStatsPathNonRecovDA OBJECT-TYPE
1707 SYNTAX ZeroBasedCounter32
1708 MAX-ACCESS read-only
1709 STATUS current
1710 DESCRIPTION
1711 "Duplicate acks (or SACKS) that did not trigger a Fast
1712 Retransmit because ACK advanced prior to the number of
1713 duplicate acknowledgments reaching RetranThresh.
1715 In many implementations, this is the sum of the 'dupacks'
1716 counter, just before it is set to zero because ACK advanced
1717 without a Fast Retransmit.
1719 Note that the change in tcpEStatsPathNonRecovDA divided by
1720 the change in tcpEStatsPathNonRecovDAEpisodes is an
1721 estimate of the average reordering distance in segments
1722 over some interval."
1723 REFERENCE
1724 "RFC2581, TCP Congestion Control"
1725 ::= { tcpEStatsPathEntry 4 }
1727 --
1728 -- The following optional objects instrument the round trip
1729 -- time estimator and the retransmission timeout timer.
1730 --
1732 tcpEStatsPathSampleRTT OBJECT-TYPE
1733 SYNTAX Gauge32
1734 UNITS "milliseconds"
1735 MAX-ACCESS read-only
1736 STATUS current
1737 DESCRIPTION
1738 "The most recent raw round trip time measurement used in
1739 calculation of the RTO."
1740 REFERENCE
1741 "RFC2988, Computing TCP's Retransmission Timer"
1742 ::= { tcpEStatsPathEntry 11 }
1744 tcpEStatsPathRTTVar OBJECT-TYPE
1745 SYNTAX Gauge32
1746 UNITS "milliseconds"
1747 MAX-ACCESS read-only
1748 STATUS current
1749 DESCRIPTION
1750 "The round trip time variation used in calculation of the
1751 RTO. See RTTVAR in [RFC2988]."
1752 REFERENCE
1753 "RFC2988, Computing TCP's Retransmission Timer"
1754 ::= { tcpEStatsPathEntry 12 }
1756 tcpEStatsPathMaxRTT OBJECT-TYPE
1757 SYNTAX Gauge32
1758 UNITS "milliseconds"
1759 MAX-ACCESS read-only
1760 STATUS current
1761 DESCRIPTION
1762 "The maximum sampled round trip time."
1763 REFERENCE
1764 "RFC2988, Computing TCP's Retransmission Timer"
1765 ::= { tcpEStatsPathEntry 13 }
1767 tcpEStatsPathMinRTT OBJECT-TYPE
1768 SYNTAX Gauge32
1769 UNITS "milliseconds"
1770 MAX-ACCESS read-only
1771 STATUS current
1772 DESCRIPTION
1773 "The minimum sampled round trip time."
1774 REFERENCE
1775 "RFC2988, Computing TCP's Retransmission Timer"
1776 ::= { tcpEStatsPathEntry 14 }
1778 tcpEStatsPathSumRTT OBJECT-TYPE
1779 SYNTAX ZeroBasedCounter32
1780 UNITS "milliseconds"
1781 MAX-ACCESS read-only
1782 STATUS current
1783 DESCRIPTION
1784 "The sum of all sampled round trip times.
1786 Note that the change in tcpEStatsPathSumRTT divided by the
1787 change in tcpEStatsPathCountRTT is the mean RTT, uniformly
1788 averaged over an enter interval."
1789 REFERENCE
1790 "RFC2988, Computing TCP's Retransmission Timer"
1791 ::= { tcpEStatsPathEntry 15 }
1793 tcpEStatsPathHCSumRTT OBJECT-TYPE
1794 SYNTAX ZeroBasedCounter64
1795 UNITS "milliseconds"
1796 MAX-ACCESS read-only
1797 STATUS current
1798 DESCRIPTION
1799 "The sum of all sampled round trip times, on all systems
1800 that implement multiple concurrent RTT measurements.
1802 Note that the change in tcpEStatsPathHCSumRTT divided by
1803 the change in tcpEStatsPathCountRTT is the mean RTT,
1804 uniformly averaged over an enter interval."
1805 REFERENCE
1806 "RFC2988, Computing TCP's Retransmission Timer"
1807 ::= { tcpEStatsPathEntry 16 }
1809 tcpEStatsPathCountRTT OBJECT-TYPE
1810 SYNTAX ZeroBasedCounter32
1811 MAX-ACCESS read-only
1812 STATUS current
1813 DESCRIPTION
1814 "The number of round trip time samples included in
1815 tcpEStatsPathSumRTT and tcpEStatsPathHCSumRTT."
1816 REFERENCE
1817 "RFC2988, Computing TCP's Retransmission Timer"
1818 ::= { tcpEStatsPathEntry 17 }
1820 tcpEStatsPathMaxRTO OBJECT-TYPE
1821 SYNTAX Gauge32
1822 UNITS "milliseconds"
1823 MAX-ACCESS read-only
1824 STATUS current
1825 DESCRIPTION
1826 "The maximum value of the retransmit timer RTO."
1827 REFERENCE
1828 "RFC2988, Computing TCP's Retransmission Timer"
1829 ::= { tcpEStatsPathEntry 18 }
1831 tcpEStatsPathMinRTO OBJECT-TYPE
1832 SYNTAX Gauge32
1833 UNITS "milliseconds"
1834 MAX-ACCESS read-only
1835 STATUS current
1836 DESCRIPTION
1837 "The minimum value of the retransmit timer RTO."
1838 REFERENCE
1839 "RFC2988, Computing TCP's Retransmission Timer"
1840 ::= { tcpEStatsPathEntry 19 }
1842 --
1843 -- The following optional objects provide information about
1844 -- how TCP is using the IP layer.
1845 --
1847 tcpEStatsPathIpTtl OBJECT-TYPE
1848 SYNTAX Integer32
1849 MAX-ACCESS read-only
1850 STATUS current
1851 DESCRIPTION
1852 "The value of the TTL field carried in the most recently
1853 received IP header. This is sometimes useful to detect
1854 changing or unstable routes."
1855 REFERENCE
1856 "RFC791, Internet Protocol"
1858 ::= { tcpEStatsPathEntry 20 }
1860 tcpEStatsPathIpTosIn OBJECT-TYPE
1861 SYNTAX Integer32
1862 MAX-ACCESS read-only
1863 STATUS current
1864 DESCRIPTION
1865 "The value of the IPv4 Type Of Service octet, or the IPv6
1866 traffic class octet, carried in the most recently received
1867 IP header.
1869 This is useful to diagnose interactions between TCP and any
1870 IP layer packet scheduling and delivery policy, which might
1871 be in effect to implement Diffserv."
1872 REFERENCE
1873 "RFC3260, New Terminology and Clarifications for Diffserv"
1874 ::= { tcpEStatsPathEntry 21 }
1876 tcpEStatsPathIpTosOut OBJECT-TYPE
1877 SYNTAX Integer32
1878 MAX-ACCESS read-only
1879 STATUS current
1880 DESCRIPTION
1881 "The value of the IPv4 Type Of Service octet, or the IPv6
1882 traffic class octet, carried in the most recently
1883 transmitted IP header.
1885 This is useful to diagnose interactions between TCP and any
1886 IP layer packet scheduling and delivery policy, which might
1887 be in effect to implement Diffserv."
1888 REFERENCE
1889 "RFC3260, New Terminology and Clarifications for Diffserv"
1890 ::= { tcpEStatsPathEntry 22 }
1892 --
1893 -- The following optional objects characterize the congestion
1894 -- feedback signals by collecting statistics on how the
1895 -- congestion events are correlated to losses, changes in RTT
1896 -- and other protocol events.
1897 --
1899 tcpEStatsPathPreCongSumCwnd OBJECT-TYPE
1900 SYNTAX ZeroBasedCounter32
1901 UNITS "octets"
1902 MAX-ACCESS read-only
1903 STATUS current
1904 DESCRIPTION
1905 "The sum of the values of the congestion window, in octets,
1906 captured each time a congestion signal is received. This
1907 MUST be updated each time tcpEStatsPerfCongSignals is
1908 incremented, such that the change in
1909 tcpEStatsPathPreCongSumCwnd divided by the change in
1910 tcpEStatsPerfCongSignals is the average window (over some
1911 interval) just prior to a congestion signal."
1912 ::= { tcpEStatsPathEntry 23 }
1914 tcpEStatsPathPreCongSumRTT OBJECT-TYPE
1915 SYNTAX ZeroBasedCounter32
1916 UNITS "milliseconds"
1917 MAX-ACCESS read-only
1918 STATUS current
1919 DESCRIPTION
1920 "Sum of the last sample of the RTT (tcpEStatsPathSampleRTT)
1921 prior to received congestion signals. This MUST be updated
1922 each time tcpEStatsPerfCongSignals is incremented, such
1923 that the change in tcpEStatsPathPreCongSumRTT divided by
1924 the change in tcpEStatsPerfCongSignals is the average RTT
1925 (over some interval) just prior to a congestion signal."
1926 ::= { tcpEStatsPathEntry 24 }
1928 tcpEStatsPathPostCongSumRTT OBJECT-TYPE
1929 SYNTAX ZeroBasedCounter32
1930 UNITS "octets"
1931 MAX-ACCESS read-only
1932 STATUS current
1933 DESCRIPTION
1934 "Sum of the first sample of the RTT (tcpEStatsPathSampleRTT)
1935 following each congestion signal. Such that the change in
1936 tcpEStatsPathPostCongSumRTT divided by the change in
1937 tcpEStatsPathPostCongCountRTT is the average RTT (over some
1938 interval) just after a congestion signal."
1939 ::= { tcpEStatsPathEntry 25 }
1941 tcpEStatsPathPostCongCountRTT OBJECT-TYPE
1942 SYNTAX ZeroBasedCounter32
1943 UNITS "milliseconds"
1944 MAX-ACCESS read-only
1945 STATUS current
1946 DESCRIPTION
1947 "The number of RTT samples included in
1948 tcpEStatsPathPostCongSumRTT such that the change in
1949 tcpEStatsPathPostCongSumRTT divided by the change in
1950 tcpEStatsPathPostCongCountRTT is the average RTT (over some
1951 interval) just after a congestion signal."
1952 ::= { tcpEStatsPathEntry 26 }
1954 --
1955 -- The following optional objects can be used to detect other
1956 -- types of non-loss congestion signals such as source quench
1957 -- or ECN.
1958 --
1960 tcpEStatsPathECNsignals OBJECT-TYPE
1961 SYNTAX ZeroBasedCounter32
1962 MAX-ACCESS read-only
1963 STATUS current
1964 DESCRIPTION
1965 "The number of congestion signals delivered to the TCP
1966 sender via explicit congestion notification (ECN). This is
1967 typically the number of segments bearing ECE bits but
1968 should also include segments failing the ECN nonce check or
1969 other explicit congestion signals."
1970 REFERENCE
1971 "RFC3168, The Addition of Explicit Congestion Notification
1972 (ECN) to IP"
1973 ::= { tcpEStatsPathEntry 27 }
1975 tcpEStatsPathQuenchRcvd OBJECT-TYPE
1976 SYNTAX ZeroBasedCounter32
1977 MAX-ACCESS read-only
1978 STATUS current
1979 DESCRIPTION
1980 "The number of ICMP quench messages that are treated as
1981 congestion signals."
1982 ::= { tcpEStatsPathEntry 28 }
1984 --
1985 -- The following optional objects are receiver side
1986 -- instruments of the path from the sender to the receiver. In
1987 -- general the receiver has less information about the state
1988 -- of the path, because the receiver does not have a robust
1989 -- mechanism to infer the sender's actions.
1990 --
1992 tcpEStatsPathDupAckEpisodes OBJECT-TYPE
1993 SYNTAX ZeroBasedCounter32
1994 MAX-ACCESS read-only
1995 STATUS current
1996 DESCRIPTION
1997 "The number of Duplicate Acks Sent when prior Ack was not
1998 duplicate. This is the number of times that a contiguous
1999 series of duplicate acknowledgments have been sent.
2001 This is an indication of the number of data segments lost
2002 or reordered on the path from the remote TCP endpoint to
2003 the near TCP endpoint."
2004 REFERENCE
2005 "RFC2581, TCP Congestion Control"
2006 ::= { tcpEStatsPathEntry 29 }
2008 tcpEStatsPathRcvRTT OBJECT-TYPE
2009 SYNTAX Gauge32
2010 MAX-ACCESS read-only
2011 STATUS current
2012 DESCRIPTION
2013 "The receiver's estimate of the Path RTT.
2015 Adaptive receiver window algorithms depend on the receiver
2016 to having a good estimate of the path RTT."
2017 ::= { tcpEStatsPathEntry 30 }
2019 tcpEStatsPathDupAcksOut OBJECT-TYPE
2020 SYNTAX ZeroBasedCounter32
2021 MAX-ACCESS read-only
2022 STATUS current
2023 DESCRIPTION
2024 "The number of duplicate ACKs sent. The ratio of the change
2025 in tcpEStatsPathDupAcksOut to the change in
2026 tcpEStatsPathDupAckEpisodes is an indication of reorder or
2027 recovery distance over some interval."
2028 REFERENCE
2029 "RFC2581, TCP Congestion Control"
2030 ::= { tcpEStatsPathEntry 31 }
2032 tcpEStatsPathCERcvd OBJECT-TYPE
2033 SYNTAX ZeroBasedCounter32
2034 MAX-ACCESS read-only
2035 STATUS current
2036 DESCRIPTION
2037 "The number of segments received with IP headers bearing
2038 Congestion Experienced (CE) markings."
2039 REFERENCE
2040 "RFC3168, The Addition of Explicit Congestion Notification
2041 (ECN) to IP"
2042 ::= { tcpEStatsPathEntry 32 }
2044 tcpEStatsPathECESent OBJECT-TYPE
2045 SYNTAX ZeroBasedCounter32
2046 MAX-ACCESS read-only
2047 STATUS current
2048 DESCRIPTION
2049 "Number of times the Echo Congestion Experienced (ECE) bit
2050 in the TCP header has been set (transitioned from 0 to 1),
2051 due to a Congestion Experienced (CE) marking on an IP
2052 header. Note that ECE can be set and reset only once per
2053 RTT, while CE can be set on many segments per RTT."
2054 REFERENCE
2055 "RFC3168, The Addition of Explicit Congestion Notification
2056 (ECN) to IP"
2057 ::= { tcpEStatsPathEntry 33 }
2059 tcpEStatsPathECNNonceRcvd OBJECT-TYPE
2060 SYNTAX ZeroBasedCounter32
2061 MAX-ACCESS read-only
2062 STATUS current
2063 DESCRIPTION
2064 "Number of ECN Nonces (NS bits) received."
2065 REFERENCE
2066 "RFC3540, Robust Explicit Congestion Notification (ECN)
2067 Signaling with Nonces"
2068 ::= { tcpEStatsPathEntry 34 }
2070 -- ================================================================
2071 --
2072 -- Statistics for diagnosing stack algorithms
2073 --
2075 tcpEStatsStackTable OBJECT-TYPE
2076 SYNTAX SEQUENCE OF TcpEStatsStackEntry
2077 MAX-ACCESS not-accessible
2078 STATUS current
2079 DESCRIPTION
2080 "This table contains objects that are most useful for
2081 determining how well some of the TCP control
2082 algorithms are coping with this particular
2083 path.
2085 Entries are retained in this table for the number of
2086 seconds indicated by the tcpEStatsConnTableLatency
2087 object, after the TCP connection first enters the closed
2088 state."
2089 ::= { tcpEStats 5 }
2091 tcpEStatsStackEntry OBJECT-TYPE
2092 SYNTAX TcpEStatsStackEntry
2093 MAX-ACCESS not-accessible
2094 STATUS current
2095 DESCRIPTION
2096 "Each entry in this table has information about the
2097 characteristics of each active and recently closed tcp
2098 connection."
2099 INDEX { tcpEStatsConnectIndex }
2100 ::= { tcpEStatsStackTable 1 }
2102 TcpEStatsStackEntry ::= SEQUENCE {
2104 tcpEStatsStackActiveOpen TruthValue,
2105 tcpEStatsStackMSSSent Unsigned32,
2106 tcpEStatsStackMSSRcvd Unsigned32,
2107 tcpEStatsStackWinScaleSent Integer32,
2108 tcpEStatsStackWinScaleRcvd Integer32,
2109 tcpEStatsStackTimeStamps TcpEStatsNegotiated,
2110 tcpEStatsStackECN TcpEStatsNegotiated,
2111 tcpEStatsStackWillSendSACK TcpEStatsNegotiated,
2112 tcpEStatsStackWillUseSACK TcpEStatsNegotiated,
2113 tcpEStatsStackState INTEGER,
2114 tcpEStatsStackNagle TruthValue,
2115 tcpEStatsStackMaxSsCwnd Gauge32,
2116 tcpEStatsStackMaxCaCwnd Gauge32,
2117 tcpEStatsStackMaxSsthresh Gauge32,
2118 tcpEStatsStackMinSsthresh Gauge32,
2119 tcpEStatsStackInRecovery INTEGER,
2120 tcpEStatsStackDupAcksIn ZeroBasedCounter32,
2121 tcpEStatsStackSpuriousFrDetected ZeroBasedCounter32,
2122 tcpEStatsStackSpuriousRtoDetected ZeroBasedCounter32,
2123 tcpEStatsStackSoftErrors ZeroBasedCounter32,
2124 tcpEStatsStackSoftErrorReason INTEGER,
2125 tcpEStatsStackSlowStart ZeroBasedCounter32,
2126 tcpEStatsStackCongAvoid ZeroBasedCounter32,
2127 tcpEStatsStackOtherReductions ZeroBasedCounter32,
2128 tcpEStatsStackCongOverCount ZeroBasedCounter32,
2129 tcpEStatsStackFastRetran ZeroBasedCounter32,
2130 tcpEStatsStackSubsequentTimeouts ZeroBasedCounter32,
2131 tcpEStatsStackCurTimeoutCount Gauge32,
2132 tcpEStatsStackAbruptTimeouts ZeroBasedCounter32,
2133 tcpEStatsStackSACKsRcvd ZeroBasedCounter32,
2134 tcpEStatsStackSACKBlocksRcvd ZeroBasedCounter32,
2135 tcpEStatsStackSendStall ZeroBasedCounter32,
2136 tcpEStatsStackDSACKDups ZeroBasedCounter32,
2137 tcpEStatsStackMaxMSS Gauge32,
2138 tcpEStatsStackMinMSS Gauge32,
2139 tcpEStatsStackSndInitial Counter32,
2140 tcpEStatsStackRecInitial Counter32,
2141 tcpEStatsStackCurRetxQueue Gauge32,
2142 tcpEStatsStackMaxRetxQueue Gauge32,
2143 tcpEStatsStackCurReasmQueue Gauge32,
2144 tcpEStatsStackMaxReasmQueue Gauge32
2145 }
2147 --
2148 -- The following objects reflect TCP options carried on the
2149 -- SYN or SYN-ACK. These options are used to provide
2150 -- additional protocol parameters or to enable various
2151 -- optional TCP features or algorithms.
2152 --
2153 -- Except as noted, the TCP protocol does not permit these
2154 -- options to change after the SYN exchange.
2155 --
2157 tcpEStatsStackActiveOpen OBJECT-TYPE
2158 SYNTAX TruthValue
2159 MAX-ACCESS read-only
2160 STATUS current
2161 DESCRIPTION
2162 "True(1) if the local connection traversed the SYN-SENT
2163 state, else false(2)."
2164 REFERENCE
2165 "RFC793, Transmission Control Protocol"
2166 ::= { tcpEStatsStackEntry 1 }
2168 tcpEStatsStackMSSSent OBJECT-TYPE
2169 SYNTAX Unsigned32
2170 MAX-ACCESS read-only
2171 STATUS current
2172 DESCRIPTION
2173 "The value sent in an MSS option, or zero if none."
2174 REFERENCE
2175 "RFC1122, Requirements for Internet Hosts - Communication
2176 Layers"
2177 ::= { tcpEStatsStackEntry 2 }
2179 tcpEStatsStackMSSRcvd OBJECT-TYPE
2180 SYNTAX Unsigned32
2181 MAX-ACCESS read-only
2182 STATUS current
2183 DESCRIPTION
2184 "The value received in an MSS option, or zero if none."
2185 REFERENCE
2186 "RFC1122, Requirements for Internet Hosts - Communication
2187 Layers"
2188 ::= { tcpEStatsStackEntry 3 }
2190 tcpEStatsStackWinScaleSent OBJECT-TYPE
2191 SYNTAX Integer32 (-1..14)
2192 MAX-ACCESS read-only
2193 STATUS current
2194 DESCRIPTION
2195 "The value of the transmitted window scale option if one was
2196 sent; otherwise, a value of -1.
2198 Note that if both tcpEStatsStackWinScaleSent and
2199 tcpEStatsStackWinScaleRcvd are not -1, then Rcv.Wind.Scale
2200 will be the same as this value and used to scale receiver
2201 window announcements from the local host to the remote
2202 host."
2203 REFERENCE
2204 "RFC1323, TCP Extensions for High Performance"
2205 ::= { tcpEStatsStackEntry 4 }
2207 tcpEStatsStackWinScaleRcvd OBJECT-TYPE
2208 SYNTAX Integer32 (-1..14)
2209 MAX-ACCESS read-only
2210 STATUS current
2211 DESCRIPTION
2212 "The value of the received window scale option if one was
2213 received; otherwise, a value of -1.
2215 Note that if both tcpEStatsStackWinScaleSent and
2216 tcpEStatsStackWinScaleRcvd are not -1, then Snd.Wind.Scale
2217 will be the same as this value and used to scale receiver
2218 window announcements from the remote host to the local
2219 host."
2220 REFERENCE
2221 "RFC1323, TCP Extensions for High Performance"
2222 ::= { tcpEStatsStackEntry 5 }
2224 tcpEStatsStackTimeStamps OBJECT-TYPE
2225 SYNTAX TcpEStatsNegotiated
2226 MAX-ACCESS read-only
2227 STATUS current
2228 DESCRIPTION
2229 "Enabled(1) if TCP timestamps have been negotiated on,
2230 selfDisabled(2) if they are disabled or not implemented on
2231 the local host, or peerDisabled(3) if not negotiated by the
2232 remote hosts."
2233 REFERENCE
2234 "RFC1323, TCP Extensions for High Performance"
2235 ::= { tcpEStatsStackEntry 6 }
2237 tcpEStatsStackECN OBJECT-TYPE
2238 SYNTAX TcpEStatsNegotiated
2239 MAX-ACCESS read-only
2240 STATUS current
2241 DESCRIPTION
2242 "Enabled(1) if Explicit Congestion Notification (ECN) has
2243 been negotiated on, selfDisabled(2) if it is disabled or
2244 not implemented on the local host, or peerDisabled(3) if
2245 not negotiated by the remote hosts."
2246 REFERENCE
2247 "RFC3168, The Addition of Explicit Congestion Notification
2248 (ECN) to IP"
2249 ::= { tcpEStatsStackEntry 7 }
2251 tcpEStatsStackWillSendSACK OBJECT-TYPE
2252 SYNTAX TcpEStatsNegotiated
2253 MAX-ACCESS read-only
2254 STATUS current
2255 DESCRIPTION
2256 "Enabled(1) if the local host will send SACK options
2257 selfDisabled(2) if SACK is disabled or not implemented on
2258 the local host, or peerDisabled(3) if the remote host did
2259 not send the SACK-permitted option.
2261 Note that SACK negotiation is not symmetrical. SACK can
2262 enabled on one side of the connection and not the other."
2263 REFERENCE
2264 "RFC2018, TCP Selective Acknowledgement Options"
2265 ::= { tcpEStatsStackEntry 8 }
2267 tcpEStatsStackWillUseSACK OBJECT-TYPE
2268 SYNTAX TcpEStatsNegotiated
2269 MAX-ACCESS read-only
2270 STATUS current
2271 DESCRIPTION
2272 "Enabled(1) if the local host will process SACK options
2273 selfDisabled(2) if SACK is disabled or not implemented on
2274 the local host, or peerDisabled(3) if the remote host sends
2275 duplicate ACKs without SACK options, or the local host
2276 otherwise decides not to process received SACK options.
2278 Unlike other TCP options, the remote data receiver can not
2279 explicitly indicate if it is able to generate SACK options.
2280 When sending data, the local host has to deduce if the
2281 remote receiver is sending SACK options. This object can
2282 transition from Enabled(1) to peerDisabled(3) after the SYN
2283 exchange.
2285 Note that SACK negotiation is not symmetrical. SACK can
2286 enabled on one side of the connection and not the other."
2287 REFERENCE
2288 "RFC2018, TCP Selective Acknowledgement Options"
2289 ::= { tcpEStatsStackEntry 9 }
2291 --
2292 -- The following two objects reflect the current state of the
2293 -- connection.
2294 --
2296 tcpEStatsStackState OBJECT-TYPE
2297 SYNTAX INTEGER {
2298 tcpESStateClosed(1),
2299 tcpESStateListen(2),
2300 tcpESStateSynSent(3),
2301 tcpESStateSynReceived(4),
2302 tcpESStateEstablished(5),
2303 tcpESStateFinWait1(6),
2304 tcpESStateFinWait2(7),
2305 tcpESStateCloseWait(8),
2306 tcpESStateLastAck(9),
2307 tcpESStateClosing(10),
2308 tcpESStateTimeWait(11),
2309 tcpESStateDeleteTcb(12)
2310 }
2311 MAX-ACCESS read-only
2312 STATUS current
2313 DESCRIPTION
2314 "An integer value representing the connection state from the
2315 TCP State Transition Diagram.
2317 The value listen(2) is included only for parallelism to the
2318 old tcpConnTable, and SHOULD NOT be used because the listen
2319 state in managed by the tcpListenerTable.
2321 The value DeleteTcb(12) is included only for parallelism to
2322 the tcpConnTable mechanism for terminating connections,
2323 although this table does not permit writing."
2324 REFERENCE
2325 "RFC793, Transmission Control Protocol"
2326 ::= { tcpEStatsStackEntry 10 }
2328 tcpEStatsStackNagle OBJECT-TYPE
2329 SYNTAX TruthValue
2330 MAX-ACCESS read-only
2331 STATUS current
2332 DESCRIPTION
2333 "True(1) if the Nagle algorithm is being used, else
2334 false(2)."
2335 REFERENCE
2336 "RFC1122, Requirements for Internet Hosts - Communication
2337 Layers"
2338 ::= { tcpEStatsStackEntry 11 }
2340 --
2341 -- The following objects instrument the overall operation of
2342 -- TCP congestion control and data retransmissions. These
2343 -- instruments are sufficient to fit the actual performance to
2344 -- an updated macroscopic performance model [RFC2581] [Mat97]
2345 -- [Pad98].
2346 --
2348 tcpEStatsStackMaxSsCwnd OBJECT-TYPE
2349 SYNTAX Gauge32
2350 UNITS "octets"
2351 MAX-ACCESS read-only
2352 STATUS current
2353 DESCRIPTION
2354 "The maximum congestion window used during Slow Start, in
2355 octets."
2356 REFERENCE
2357 "RFC2581, TCP Congestion Control"
2358 ::= { tcpEStatsStackEntry 12 }
2360 tcpEStatsStackMaxCaCwnd OBJECT-TYPE
2361 SYNTAX Gauge32
2362 UNITS "octets"
2363 MAX-ACCESS read-only
2364 STATUS current
2365 DESCRIPTION
2366 "The maximum congestion window used during Congestion
2367 Avoidance, in octets."
2368 REFERENCE
2369 "RFC2581, TCP Congestion Control"
2370 ::= { tcpEStatsStackEntry 13 }
2372 tcpEStatsStackMaxSsthresh OBJECT-TYPE
2373 SYNTAX Gauge32
2374 UNITS "octets"
2375 MAX-ACCESS read-only
2376 STATUS current
2377 DESCRIPTION
2378 "The maximum slow start threshold, excluding the initial
2379 value."
2380 REFERENCE
2381 "RFC2581, TCP Congestion Control"
2382 ::= { tcpEStatsStackEntry 14 }
2384 tcpEStatsStackMinSsthresh OBJECT-TYPE
2385 SYNTAX Gauge32
2386 UNITS "octets"
2387 MAX-ACCESS read-only
2388 STATUS current
2389 DESCRIPTION
2390 "The minimum slow start threshold."
2391 REFERENCE
2392 "RFC2581, TCP Congestion Control"
2393 ::= { tcpEStatsStackEntry 15 }
2395 tcpEStatsStackInRecovery OBJECT-TYPE
2396 SYNTAX INTEGER {
2397 tcpESDataContiguous(1),
2398 tcpESDataUnordered(2),
2399 tcpESDataRecovery(3)
2400 }
2401 MAX-ACCESS read-only
2402 STATUS current
2403 DESCRIPTION
2404 "An integer value representing the state of the loss
2405 recovery for this connection.
2407 tcpESDataContiguous(1) indicates that the remote receiver
2408 is reporting contiguous data (no duplicate acknowledgments
2409 or SACK options) and that there are no unacknowledged
2410 retransmissions.
2412 tcpESDataUnordered(2) indicates that the remote receiver is
2413 reporting missing or out-of-order data (e.g. sending
2414 duplicate acknowledgments or SACK options) and that there
2415 are no unacknowledged retransmissions (because the missing
2416 data has not yet been retransmitted).
2418 tcpESDataRecovery(3) indicates that the sender has
2419 outstanding retransmitted data which is still
2420 unacknowledged."
2421 REFERENCE
2422 "RFC2581, TCP Congestion Control"
2423 ::= { tcpEStatsStackEntry 16 }
2425 tcpEStatsStackDupAcksIn OBJECT-TYPE
2426 SYNTAX ZeroBasedCounter32
2427 MAX-ACCESS read-only
2428 STATUS current
2429 DESCRIPTION
2430 "The number of duplicate ACKs received."
2431 REFERENCE
2432 "RFC2581, TCP Congestion Control"
2433 ::= { tcpEStatsStackEntry 17 }
2435 tcpEStatsStackSpuriousFrDetected OBJECT-TYPE
2436 SYNTAX ZeroBasedCounter32
2437 MAX-ACCESS read-only
2438 STATUS current
2439 DESCRIPTION
2440 "The number of acknowledgments reporting out-of-order
2441 segments after the Fast Retransmit algorithm has already
2442 retransmitted the segments. (For example as detected by the
2443 Eifel algorithm).'"
2444 REFERENCE
2445 "RFC3522, The Eifel Detection Algorithm for TCP"
2446 ::= { tcpEStatsStackEntry 18 }
2448 tcpEStatsStackSpuriousRtoDetected OBJECT-TYPE
2449 SYNTAX ZeroBasedCounter32
2450 MAX-ACCESS read-only
2451 STATUS current
2452 DESCRIPTION
2453 "The number of acknowledgments reporting segments that have
2454 already be retransmitted due to a Retransmission Timeout."
2455 ::= { tcpEStatsStackEntry 19 }
2457 --
2458 -- The following optional objects instrument unusual protocol
2459 -- events that probably indicate implementation problems in
2460 -- the protocol or path.
2461 --
2463 tcpEStatsStackSoftErrors OBJECT-TYPE
2464 SYNTAX ZeroBasedCounter32
2465 MAX-ACCESS read-only
2466 STATUS current
2467 DESCRIPTION
2468 "The number of segments that fail various consistency tests
2469 during TCP input processing. Soft errors might cause the
2470 segment to be discard but some do not. Some of these soft
2471 errors cause the generation of a TCP acknowledgment, others
2472 are silently discarded."
2473 REFERENCE
2474 "RFC793, Transmission Control Protocol"
2475 ::= { tcpEStatsStackEntry 21 }
2477 tcpEStatsStackSoftErrorReason OBJECT-TYPE
2478 SYNTAX INTEGER {
2479 belowDataWindow(1),
2480 aboveDataWindow(2),
2481 belowAckWindow(3),
2482 aboveAckWindow(4),
2483 belowTSWindow(5),
2484 aboveTSWindow(6),
2485 dataCheckSum(7),
2486 otherSoftError(8)
2487 }
2488 MAX-ACCESS read-only
2489 STATUS current
2490 DESCRIPTION
2491 "This object identifies which consistency test most recently
2492 failed during tcp input processing. This object SHOULD be
2493 set every time tcpEStatsStackSoftErrors is incremented. The
2494 codes are as follows:
2496 belowDataWindow(1) - All data in the segment is below
2497 SND.UNA. (Normal for keep-alives and zero window probes).
2499 aboveDataWindow(2) - Some data in the segment is above
2500 SND.WND. (Indicates an implementation bug or possible
2501 attack).
2503 belowAckWindow(3) - ACK below SND.UNA. (Indicates that the
2504 return path is reordering ACKs)
2506 aboveAckWindow(4) - An ACK for data that we have not sent.
2507 (Indicates an implementation bug or possible attack).
2509 belowTSWindow(5) - TSecr on the segment is older than the
2510 current TS.Recent (Normal for the rare case where PAWS
2511 detects data reordered by the network.)
2513 aboveTSWindow(6) - TSecr on the segment is newer than the
2514 current TS.Recent. (Indicates an implementation bug or
2515 possible attack).
2517 dataCheckSum(7) - Incorrect checksum. Note that this value
2518 is intrinsically fragile, because the header fields used to
2519 identify the connection may have been corrupted.
2521 otherSoftError(8) - All other soft errors not listed
2522 above.'"
2523 REFERENCE
2524 "RFC793, Transmission Control Protocol"
2525 ::= { tcpEStatsStackEntry 22 }
2527 --
2528 -- The following optional objects expose the detailed
2529 -- operation of the congestion control algorithms.
2530 --
2531 tcpEStatsStackSlowStart OBJECT-TYPE
2532 SYNTAX ZeroBasedCounter32
2533 MAX-ACCESS read-only
2534 STATUS current
2535 DESCRIPTION
2536 "The number of times the congestion window has been
2537 increased by the Slow Start algorithm."
2538 REFERENCE
2539 "RFC2581, TCP Congestion Control"
2540 ::= { tcpEStatsStackEntry 23 }
2542 tcpEStatsStackCongAvoid OBJECT-TYPE
2543 SYNTAX ZeroBasedCounter32
2544 MAX-ACCESS read-only
2545 STATUS current
2546 DESCRIPTION
2547 "The number of times the congestion window has been
2548 increased by the Congestion Avoidance algorithm."
2549 REFERENCE
2550 "RFC2581, TCP Congestion Control"
2551 ::= { tcpEStatsStackEntry 24 }
2553 tcpEStatsStackOtherReductions OBJECT-TYPE
2554 SYNTAX ZeroBasedCounter32
2555 MAX-ACCESS read-only
2556 STATUS current
2557 DESCRIPTION
2558 "The number of congestion window reductions made as a result
2559 of anything other than AIMD congestion control algorithms.
2560 Examples of non-multiplicative window reductions include
2561 Congestion Window Validation [RFC2861] and experimental
2562 algorithms such as Vegas [Bra94].
2564 All window reductions MUST be counted as either
2565 tcpEStatsPerfCongSignals or tcpEStatsStackOtherReductions."
2566 REFERENCE
2567 "RFC2861, TCP Congestion Window Validation"
2568 ::= { tcpEStatsStackEntry 25 }
2570 tcpEStatsStackCongOverCount OBJECT-TYPE
2571 SYNTAX ZeroBasedCounter32
2572 MAX-ACCESS read-only
2573 STATUS current
2574 DESCRIPTION
2575 "The number of congestion events which were 'backed out' of
2576 the congestion control state machine such that the
2577 congestion window was restored to a prior value. This can
2578 happen due to the Eifel algorithm [RFC3522] or other
2579 algorithms which can be used to detect and cancel spurious
2580 invocations of the Fast Retransmit Algorithm.
2582 Although it may be feasible to undo the effects of spurious
2583 invocation of the Fast Retransmit congestion events can not
2584 easily be backed out of tcpEStatsPerfCongSignals and
2585 tcpEStatsPathPreCongSumCwnd, etc."
2586 REFERENCE
2587 "RFC3522, The Eifel Detection Algorithm for TCP"
2588 ::= { tcpEStatsStackEntry 26 }
2590 tcpEStatsStackFastRetran OBJECT-TYPE
2591 SYNTAX ZeroBasedCounter32
2592 MAX-ACCESS read-only
2593 STATUS current
2594 DESCRIPTION
2595 "The number of invocations of the Fast Retransmit algorithm."
2596 REFERENCE
2597 "RFC2581, TCP Congestion Control"
2598 ::= { tcpEStatsStackEntry 27 }
2600 tcpEStatsStackSubsequentTimeouts OBJECT-TYPE
2601 SYNTAX ZeroBasedCounter32
2602 MAX-ACCESS read-only
2603 STATUS current
2604 DESCRIPTION
2605 "The number of times the retransmit timeout has expired
2606 after the RTO has been doubled. See section 5.5 in RFC2988."
2607 REFERENCE
2608 "RFC2988, Computing TCP's Retransmission Timer"
2609 ::= { tcpEStatsStackEntry 28 }
2611 tcpEStatsStackCurTimeoutCount OBJECT-TYPE
2612 SYNTAX Gauge32
2613 MAX-ACCESS read-only
2614 STATUS current
2615 DESCRIPTION
2616 "The current number of times the retransmit timeout has
2617 expired without receiving an acknowledgment for new data.
2618 tcpEStatsStackCurTimeoutCount is reset to zero when new
2619 data is acknowledged and incremented for each invocation of
2620 section 5.5 in RFC2988."
2621 REFERENCE
2622 "RFC2988, Computing TCP's Retransmission Timer"
2623 ::= { tcpEStatsStackEntry 29 }
2625 tcpEStatsStackAbruptTimeouts OBJECT-TYPE
2626 SYNTAX ZeroBasedCounter32
2627 MAX-ACCESS read-only
2628 STATUS current
2629 DESCRIPTION
2630 "The number of timeouts that occurred without any
2631 immediately preceding duplicate acknowledgments or other
2632 indications of congestion. Abrupt Timeouts indicate that
2633 the path lost an entire window of data or acknowledgments.
2635 Timeouts that are preceded by duplicate acknowledgments or
2636 other congestion signals (e.g. ECN) are not counted as
2637 abrupt, and might have been avoided by a more sophisticated
2638 Fast Retransmit algorithm."
2639 REFERENCE
2640 "RFC2581, TCP Congestion Control"
2641 ::= { tcpEStatsStackEntry 30 }
2643 tcpEStatsStackSACKsRcvd OBJECT-TYPE
2644 SYNTAX ZeroBasedCounter32
2645 MAX-ACCESS read-only
2646 STATUS current
2647 DESCRIPTION
2648 "The number of SACK options received."
2649 REFERENCE
2650 "RFC2018, TCP Selective Acknowledgement Options"
2651 ::= { tcpEStatsStackEntry 31 }
2653 tcpEStatsStackSACKBlocksRcvd OBJECT-TYPE
2654 SYNTAX ZeroBasedCounter32
2655 MAX-ACCESS read-only
2656 STATUS current
2657 DESCRIPTION
2658 "The number of SACK blocks received (within SACK options)."
2659 REFERENCE
2660 "RFC2018, TCP Selective Acknowledgement Options"
2661 ::= { tcpEStatsStackEntry 32 }
2663 tcpEStatsStackSendStall OBJECT-TYPE
2664 SYNTAX ZeroBasedCounter32
2665 MAX-ACCESS read-only
2666 STATUS current
2667 DESCRIPTION
2668 "The number of interface stalls or other sender local
2669 resource limitations that are treated as congestion
2670 signals."
2671 ::= { tcpEStatsStackEntry 33 }
2673 tcpEStatsStackDSACKDups OBJECT-TYPE
2674 SYNTAX ZeroBasedCounter32
2675 MAX-ACCESS read-only
2676 STATUS current
2677 DESCRIPTION
2678 "The number of duplicate segments reported to the local host
2679 by D-SACK blocks."
2680 REFERENCE
2681 "RFC2883, An Extension to the Selective Acknowledgement
2682 (SACK) Option for TCP"
2683 ::= { tcpEStatsStackEntry 34 }
2685 --
2686 -- The following optional objects instrument path MTU
2687 -- discovery.
2688 --
2690 tcpEStatsStackMaxMSS OBJECT-TYPE
2691 SYNTAX Gauge32
2692 UNITS "octets"
2693 MAX-ACCESS read-only
2694 STATUS current
2695 DESCRIPTION
2696 "The maximum MSS, in octets."
2697 REFERENCE
2698 "RFC1191, Path MTU discovery"
2699 ::= { tcpEStatsStackEntry 35 }
2701 tcpEStatsStackMinMSS OBJECT-TYPE
2702 SYNTAX Gauge32
2703 UNITS "octets"
2704 MAX-ACCESS read-only
2705 STATUS current
2706 DESCRIPTION
2707 "The minimum MSS, in octets."
2708 REFERENCE
2709 "RFC1191, Path MTU discovery"
2710 ::= { tcpEStatsStackEntry 36 }
2712 --
2713 -- The following optional initial value objects are useful for
2714 -- conformance testing instruments on application progress and
2715 -- consumed network resources.
2716 --
2718 tcpEStatsStackSndInitial OBJECT-TYPE
2719 SYNTAX Counter32
2720 MAX-ACCESS read-only
2721 STATUS current
2722 DESCRIPTION
2723 "Initial send sequence number. Note that by definition
2724 tcpEStatsStackSndInitial never changes for a given
2725 connection."
2726 REFERENCE
2727 "RFC793, Transmission Control Protocol"
2728 ::= { tcpEStatsStackEntry 37 }
2730 tcpEStatsStackRecInitial OBJECT-TYPE
2731 SYNTAX Counter32
2732 MAX-ACCESS read-only
2733 STATUS current
2734 DESCRIPTION
2735 "Initial receive sequence number. Note that by definition
2736 tcpEStatsStackRecInitial never changes for a given
2737 connection."
2738 REFERENCE
2739 "RFC793, Transmission Control Protocol"
2740 ::= { tcpEStatsStackEntry 38 }
2742 --
2743 -- The following optional objects instrument the senders
2744 -- buffer usage, including any buffering in the application
2745 -- interface to TCP and the retransmit queue. All 'buffer
2746 -- memory' instruments are assumed to include OS data
2747 -- structure overhead.
2748 --
2750 tcpEStatsStackCurRetxQueue OBJECT-TYPE
2751 SYNTAX Gauge32
2752 UNITS "octets"
2753 MAX-ACCESS read-only
2754 STATUS current
2755 DESCRIPTION
2756 "The current number of octets of data occupying the
2757 retransmit queue."
2758 ::= { tcpEStatsStackEntry 39 }
2760 tcpEStatsStackMaxRetxQueue OBJECT-TYPE
2761 SYNTAX Gauge32
2762 UNITS "octets"
2763 MAX-ACCESS read-only
2764 STATUS current
2765 DESCRIPTION
2766 "The maximum number of octets of data occupying the
2767 retransmit queue."
2768 ::= { tcpEStatsStackEntry 40 }
2770 tcpEStatsStackCurReasmQueue OBJECT-TYPE
2771 SYNTAX Gauge32
2772 UNITS "octets"
2773 MAX-ACCESS read-only
2774 STATUS current
2775 DESCRIPTION
2776 "The current number of octets of sequence space spanned by
2777 the reassembly queue. This is generally the difference
2778 between rcv.nxt and the sequence number of the right most
2779 edge of the reassembly queue."
2780 ::= { tcpEStatsStackEntry 41 }
2782 tcpEStatsStackMaxReasmQueue OBJECT-TYPE
2783 SYNTAX Gauge32
2784 MAX-ACCESS read-only
2785 STATUS current
2786 DESCRIPTION
2787 "The maximum value of tcpEStatsStackCurReasmQueue"
2788 ::= { tcpEStatsStackEntry 42 }
2790 -- ================================================================
2791 --
2792 -- Statistics for diagnosing interactions between
2793 -- applications and TCP.
2794 --
2796 tcpEStatsAppTable OBJECT-TYPE
2797 SYNTAX SEQUENCE OF TcpEStatsAppEntry
2798 MAX-ACCESS not-accessible
2799 STATUS current
2800 DESCRIPTION
2801 "This table contains objects that are useful for
2802 determining if the application using TCP is
2803 limiting TCP performance.
2805 Entries are retained in this table for the number of
2806 seconds indicated by the tcpEStatsConnTableLatency
2807 object, after the TCP connection first enters the closed
2808 state."
2809 ::= { tcpEStats 6 }
2811 tcpEStatsAppEntry OBJECT-TYPE
2812 SYNTAX TcpEStatsAppEntry
2813 MAX-ACCESS not-accessible
2814 STATUS current
2815 DESCRIPTION
2816 "Each entry in this table has information about the
2817 characteristics of each active and recently closed tcp
2818 connection."
2820 INDEX { tcpEStatsConnectIndex }
2821 ::= { tcpEStatsAppTable 1 }
2823 TcpEStatsAppEntry ::= SEQUENCE {
2825 tcpEStatsAppSndUna Counter32,
2826 tcpEStatsAppSndNxt Unsigned32,
2827 tcpEStatsAppSndMax Counter32,
2828 tcpEStatsAppThruOctetsAcked ZeroBasedCounter32,
2829 tcpEStatsAppHCThruOctetsAcked ZeroBasedCounter64,
2830 tcpEStatsAppRcvNxt Counter32,
2831 tcpEStatsAppThruOctetsReceived ZeroBasedCounter32,
2832 tcpEStatsAppHCThruOctetsReceived ZeroBasedCounter64,
2833 tcpEStatsAppCurAppWQueue Gauge32,
2834 tcpEStatsAppMaxAppWQueue Gauge32,
2835 tcpEStatsAppCurAppRQueue Gauge32,
2836 tcpEStatsAppMaxAppRQueue Gauge32
2837 }
2839 --
2840 -- The following objects provide throughput statistics for the
2841 -- connection including sequence numbers and elapsed
2842 -- application data. These permit direct observation of the
2843 -- applications progress, in terms of elapsed data delivery
2844 -- and elapsed time.
2845 --
2847 tcpEStatsAppSndUna OBJECT-TYPE
2848 SYNTAX Counter32
2849 MAX-ACCESS read-only
2850 STATUS current
2851 DESCRIPTION
2852 "The value of SND.UNA, the oldest unacknowledged sequence
2853 number.
2855 Note that SND.UNA is a TCP state variable that is congruent
2856 to Counter32 semantics."
2857 REFERENCE
2858 "RFC793, Transmission Control Protocol"
2859 ::= { tcpEStatsAppEntry 1 }
2861 tcpEStatsAppSndNxt OBJECT-TYPE
2862 SYNTAX Unsigned32
2863 MAX-ACCESS read-only
2864 STATUS current
2865 DESCRIPTION
2866 "The value of SND.NXT, the next sequence number to be sent.
2867 Note that tcpEStatsAppSndNxt is not monotonic (and thus not
2868 a counter) because TCP sometimes retransmits lost data by
2869 pulling tcpEStatsAppSndNxt back to the missing data."
2870 REFERENCE
2871 "RFC793, Transmission Control Protocol"
2872 ::= { tcpEStatsAppEntry 2 }
2874 tcpEStatsAppSndMax OBJECT-TYPE
2875 SYNTAX Counter32
2876 MAX-ACCESS read-only
2877 STATUS current
2878 DESCRIPTION
2879 "The farthest forward (right most or largest) SND.NXT value.
2880 Note that this will be equal to tcpEStatsAppSndNxt except
2881 when tcpEStatsAppSndNxt is pulled back during recovery."
2882 REFERENCE
2883 "RFC793, Transmission Control Protocol"
2884 ::= { tcpEStatsAppEntry 3 }
2886 tcpEStatsAppThruOctetsAcked OBJECT-TYPE
2887 SYNTAX ZeroBasedCounter32
2888 UNITS "octets"
2889 MAX-ACCESS read-only
2890 STATUS current
2891 DESCRIPTION
2892 "The number of octets for which cumulative acknowledgments
2893 have been received. Note that this will be the sum of
2894 changes to tcpEStatsAppSndUna."
2895 ::= { tcpEStatsAppEntry 4 }
2897 tcpEStatsAppHCThruOctetsAcked OBJECT-TYPE
2898 SYNTAX ZeroBasedCounter64
2899 UNITS "octets"
2900 MAX-ACCESS read-only
2901 STATUS current
2902 DESCRIPTION
2903 "The number of octets for which cumulative acknowledgments
2904 have been received, on systems that can receive more than
2905 10 million bits per second. Note that this will be the sum
2906 of changes in tcpEStatsAppSndUna."
2907 ::= { tcpEStatsAppEntry 5 }
2909 tcpEStatsAppRcvNxt OBJECT-TYPE
2910 SYNTAX Counter32
2911 MAX-ACCESS read-only
2912 STATUS current
2913 DESCRIPTION
2914 "The value of RCV.NXT. The next sequence number expected on
2915 an incoming segment, and the left or lower edge of the
2916 receive window.
2918 Note that RCV.NXT is a TCP state variable that is congruent
2919 to Counter32 semantics."
2920 REFERENCE
2921 "RFC793, Transmission Control Protocol"
2922 ::= { tcpEStatsAppEntry 6 }
2924 tcpEStatsAppThruOctetsReceived OBJECT-TYPE
2925 SYNTAX ZeroBasedCounter32
2926 UNITS "octets"
2927 MAX-ACCESS read-only
2928 STATUS current
2929 DESCRIPTION
2930 "The number of octets for which cumulative acknowledgments
2931 have been sent. Note that this will be the sum of changes
2932 to tcpEStatsAppRcvNxt."
2933 ::= { tcpEStatsAppEntry 7 }
2935 tcpEStatsAppHCThruOctetsReceived OBJECT-TYPE
2936 SYNTAX ZeroBasedCounter64
2937 UNITS "octets"
2938 MAX-ACCESS read-only
2939 STATUS current
2940 DESCRIPTION
2941 "The number of octets for which cumulative acknowledgments
2942 have been sent, on systems that can transmit more than 10
2943 million bits per second. Note that this will be the sum of
2944 changes in tcpEStatsAppRcvNxt."
2945 ::= { tcpEStatsAppEntry 8 }
2947 tcpEStatsAppCurAppWQueue OBJECT-TYPE
2948 SYNTAX Gauge32
2949 UNITS "octets"
2950 MAX-ACCESS read-only
2951 STATUS current
2952 DESCRIPTION
2953 "The current number of octets of application data buffered
2954 by TCP, pending first transmission, i.e. to the left of
2955 SND.NXT or SndMax. This data will generally be transmitted
2956 (and SND.NXT advanced to the left) as soon as there is
2957 available congestion window (cwnd) or receiver window
2958 (rwin). This is the amount of data readily available for
2959 transmission, without scheduling the application. TCP
2960 performance may suffer if there is insufficient queued
2961 write data."
2962 ::= { tcpEStatsAppEntry 11 }
2964 tcpEStatsAppMaxAppWQueue OBJECT-TYPE
2965 SYNTAX Gauge32
2966 UNITS "octets"
2967 MAX-ACCESS read-only
2968 STATUS current
2969 DESCRIPTION
2970 "The maximum number of octets of application data buffered
2971 by TCP, pending first transmission. This is the maximum
2972 value of tcpEStatsAppCurAppWQueue. This pair of objects can
2973 be used to determine if insufficient queued data is steady
2974 state (suggesting insufficient queue space) or transient
2975 (suggesting insufficient application performance or
2976 excessive CPU load or scheduler latency)."
2977 ::= { tcpEStatsAppEntry 12 }
2979 tcpEStatsAppCurAppRQueue OBJECT-TYPE
2980 SYNTAX Gauge32
2981 UNITS "octets"
2982 MAX-ACCESS read-only
2983 STATUS current
2984 DESCRIPTION
2985 "The current number of octets of application data that has
2986 been acknowledged by TCP but not yet delivered to the
2987 application."
2988 ::= { tcpEStatsAppEntry 13 }
2990 tcpEStatsAppMaxAppRQueue OBJECT-TYPE
2991 SYNTAX Gauge32
2992 UNITS "octets"
2993 MAX-ACCESS read-only
2994 STATUS current
2995 DESCRIPTION
2996 "The maximum number of octets of application data that has
2997 been acknowledged by TCP but not yet delivered to the
2998 application."
2999 ::= { tcpEStatsAppEntry 14 }
3001 -- ================================================================
3002 --
3003 -- Controls for Tuning TCP
3004 --
3006 tcpEStatsTuneTable OBJECT-TYPE
3007 SYNTAX SEQUENCE OF TcpEStatsTuneEntry
3008 MAX-ACCESS not-accessible
3009 STATUS current
3010 DESCRIPTION
3011 "This table contains per connection controls that can
3012 be used to work around a number of common problems that
3013 plague TCP over some paths. All can be characterized as
3014 limiting the growth of the congestion window so as to
3015 prevent TCP from overwhelming some component in the
3016 path.
3018 Entries are retained in this table for the number of
3019 seconds indicated by the tcpEStatsConnTableLatency
3020 object, after the TCP connection first enters the closed
3021 state."
3022 ::= { tcpEStats 7 }
3024 tcpEStatsTuneEntry OBJECT-TYPE
3025 SYNTAX TcpEStatsTuneEntry
3026 MAX-ACCESS not-accessible
3027 STATUS current
3028 DESCRIPTION
3029 "Each entry in this table is a control that can be used to
3030 place limits on each active tcp connection."
3031 INDEX { tcpEStatsConnectIndex }
3032 ::= { tcpEStatsTuneTable 1 }
3034 TcpEStatsTuneEntry ::= SEQUENCE {
3036 tcpEStatsTuneLimCwnd Gauge32,
3037 tcpEStatsTuneLimSsthresh Gauge32,
3038 tcpEStatsTuneLimRwin Gauge32
3039 }
3041 tcpEStatsTuneLimCwnd OBJECT-TYPE
3042 SYNTAX Gauge32
3043 UNITS "octets"
3044 MAX-ACCESS read-write
3045 STATUS current
3046 DESCRIPTION
3047 "A control to set the maximum congestion window which may be
3048 used, in octets."
3049 REFERENCE
3050 "RFC2581, TCP Congestion Control"
3051 ::= { tcpEStatsTuneEntry 1 }
3053 tcpEStatsTuneLimSsthresh OBJECT-TYPE
3054 SYNTAX Gauge32
3055 UNITS "octets"
3056 MAX-ACCESS read-write
3057 STATUS current
3058 DESCRIPTION
3059 "A control to limit the maximum queue space (in octets) that
3060 this TCP connection is likely to occupy during slowstart.
3062 It can be implemented with the algorithm described in
3063 RFC3742 by setting the max_ssthresh parameter to twice
3064 tcpEStatsTuneLimSsthresh.
3066 This algorithm can be used to overcome some TCP performance
3067 problems over network paths that do not have sufficient
3068 buffering to withstand the bursts normally present during
3069 slowstart."
3070 REFERENCE
3071 "RFC3742, Limited Slow-Start for TCP with Large Congestion
3072 Windows"
3073 ::= { tcpEStatsTuneEntry 2 }
3075 tcpEStatsTuneLimRwin OBJECT-TYPE
3076 SYNTAX Gauge32
3077 UNITS "octets"
3078 MAX-ACCESS read-write
3079 STATUS current
3080 DESCRIPTION
3081 "A control to set the maximum window advertisement which may
3082 be sent, in octets."
3083 REFERENCE
3084 "RFC793, Transmission Control Protocol"
3085 ::= { tcpEStatsTuneEntry 3 }
3087 -- ================================================================
3088 --
3089 -- TCP Extended Statistics Notifications Group
3090 --
3092 tcpEStatsEstablishNotification NOTIFICATION-TYPE
3093 OBJECTS {
3094 tcpEStatsConnectIndex
3095 }
3096 STATUS current
3097 DESCRIPTION
3098 "The indicated connection has been accepted
3099 (or alternatively entered the established state)."
3100 ::= { tcpEStatsNotifications 1 }
3102 tcpEStatsCloseNotification NOTIFICATION-TYPE
3103 OBJECTS {
3104 tcpEStatsConnectIndex
3105 }
3106 STATUS current
3107 DESCRIPTION
3108 "The indicated connection has left the
3109 established state"
3110 ::= { tcpEStatsNotifications 2 }
3112 -- ================================================================
3113 --
3114 -- Conformance Definitions
3115 --
3117 tcpEStatsCompliances OBJECT IDENTIFIER
3118 ::= { tcpEStatsConformance 1 }
3119 tcpEStatsGroups OBJECT IDENTIFIER
3120 ::= { tcpEStatsConformance 2 }
3122 --
3123 -- Compliance Statements
3124 --
3126 tcpEStatsCompliance MODULE-COMPLIANCE
3127 STATUS current
3128 DESCRIPTION
3129 "Compliance statement for all systems that implement TCP
3130 extended statistics."
3131 MODULE -- this module
3132 MANDATORY-GROUPS {
3133 tcpEStatsListenerGroup,
3134 tcpEStatsConnectIdGroup,
3135 tcpEStatsPerfGroup,
3136 tcpEStatsPathGroup,
3137 tcpEStatsStackGroup,
3138 tcpEStatsAppGroup
3139 }
3140 GROUP tcpEStatsListenerHCGroup
3141 DESCRIPTION
3142 "This group is mandatory for all systems that can
3143 wrap the values of the 32-bit counters in
3144 tcpEStatsListenerGroup in less than one hour."
3146 GROUP tcpEStatsPerfOptionalGroup
3147 DESCRIPTION
3148 "This group is optional for all systems."
3150 GROUP tcpEStatsPerfHCGroup
3151 DESCRIPTION
3152 "This group is mandatory for systems that can
3153 wrap the values of the 32-bit counters in
3154 tcpEStatsPerfGroup in less than one hour.
3156 Note that any system that can attain 10 Mb/s
3157 can potentially wrap 32-Bit Octet counters in
3158 under one hour."
3160 GROUP tcpEStatsPathOptionalGroup
3161 DESCRIPTION
3162 "This group is optional for all systems."
3164 GROUP tcpEStatsPathHCGroup
3165 DESCRIPTION
3166 "This group is mandatory for systems that can
3167 wrap the values of the 32-bit counters in
3168 tcpEStatsPathGroup in less than one hour.
3170 Note that any system that can attain 10 Mb/s
3171 can potentially wrap 32-Bit Octet counters in
3172 under one hour."
3174 GROUP tcpEStatsStackOptionalGroup
3175 DESCRIPTION
3176 "This group is optional for all systems."
3178 GROUP tcpEStatsAppHCGroup
3179 DESCRIPTION
3180 "This group is mandatory for systems that can
3181 wrap the values of the 32-bit counters in
3182 tcpEStatsStackGroup in less than one hour.
3184 Note that any system that can attain 10 Mb/s
3185 can potentially wrap 32-Bit Octet counters in
3186 under one hour."
3188 GROUP tcpEStatsAppOptionalGroup
3189 DESCRIPTION
3190 "This group is optional for all systems."
3192 GROUP tcpEStatsTuneOptionalGroup
3193 DESCRIPTION
3194 "This group is optional for all systems."
3196 GROUP tcpEStatsNotificationsGroup
3197 DESCRIPTION
3198 "This group is optional for all systems."
3200 GROUP tcpEStatsNotificationsCtlGroup
3201 DESCRIPTION
3202 "This group is mandatory for systems that include the
3203 tcpEStatsNotificationGroup."
3205 OBJECT tcpEStatsControlNotify
3206 MIN-ACCESS read-only
3207 DESCRIPTION
3208 "Write access is not required."
3210 ::= { tcpEStatsCompliances 1 }
3212 -- ================================================================
3213 --
3214 -- Units of Conformance
3215 --
3216 tcpEStatsListenerGroup OBJECT-GROUP
3217 OBJECTS {
3218 tcpEStatsListenerTableLastChange,
3219 tcpEStatsListenerStartTime,
3220 tcpEStatsListenerSynRcvd,
3221 tcpEStatsListenerInitial,
3222 tcpEStatsListenerEstablished,
3223 tcpEStatsListenerAccepted,
3224 tcpEStatsListenerExceedBacklog,
3225 tcpEStatsListenerCurConns,
3226 tcpEStatsListenerMaxBacklog,
3227 tcpEStatsListenerCurBacklog,
3228 tcpEStatsListenerCurEstabBacklog
3229 }
3230 STATUS current
3231 DESCRIPTION
3232 "The tcpEStatsListener group includes objects that
3233 provide valuable statistics and debugging
3234 information for TCP Listeners."
3235 ::= { tcpEStatsGroups 1 }
3237 tcpEStatsListenerHCGroup OBJECT-GROUP
3238 OBJECTS {
3239 tcpEStatsListenerHCSynRcvd,
3240 tcpEStatsListenerHCInitial,
3241 tcpEStatsListenerHCEstablished,
3242 tcpEStatsListenerHCAccepted,
3243 tcpEStatsListenerHCExceedBacklog
3244 }
3245 STATUS current
3246 DESCRIPTION
3247 "The tcpEStatsListenerHC group includes 64 bit
3248 counters in tcpEStatsListenerTable."
3249 ::= { tcpEStatsGroups 2 }
3251 tcpEStatsConnectIdGroup OBJECT-GROUP
3252 OBJECTS {
3253 tcpEStatsConnTableLatency,
3254 tcpEStatsConnectIndex
3255 }
3256 STATUS current
3257 DESCRIPTION
3258 "The tcpEStatsConnectId group includes objects that
3259 identify TCP connections and control how long TCP
3260 connection entries are retained in the tables."
3261 ::= { tcpEStatsGroups 3 }
3263 tcpEStatsPerfGroup OBJECT-GROUP
3264 OBJECTS {
3265 tcpEStatsPerfSegsOut, tcpEStatsPerfDataSegsOut,
3266 tcpEStatsPerfDataOctetsOut,
3267 tcpEStatsPerfSegsRetrans,
3268 tcpEStatsPerfOctetsRetrans, tcpEStatsPerfSegsIn,
3269 tcpEStatsPerfDataSegsIn,
3270 tcpEStatsPerfDataOctetsIn,
3271 tcpEStatsPerfElapsedSecs,
3272 tcpEStatsPerfElapsedMicroSecs,
3273 tcpEStatsPerfStartTimeStamp, tcpEStatsPerfCurMSS,
3274 tcpEStatsPerfPipeSize, tcpEStatsPerfMaxPipeSize,
3275 tcpEStatsPerfSmoothedRTT, tcpEStatsPerfCurRTO,
3276 tcpEStatsPerfCongSignals, tcpEStatsPerfCurCwnd,
3277 tcpEStatsPerfCurSsthresh, tcpEStatsPerfTimeouts,
3278 tcpEStatsPerfCurRwinSent,
3279 tcpEStatsPerfMaxRwinSent,
3280 tcpEStatsPerfZeroRwinSent,
3281 tcpEStatsPerfCurRwinRcvd,
3282 tcpEStatsPerfMaxRwinRcvd,
3283 tcpEStatsPerfZeroRwinRcvd
3284 }
3285 STATUS current
3286 DESCRIPTION
3287 "The tcpEStatsPerf group includes those objects that
3288 provide basic performance data for a TCP connection."
3289 ::= { tcpEStatsGroups 4 }
3291 tcpEStatsPerfOptionalGroup OBJECT-GROUP
3292 OBJECTS {
3293 tcpEStatsPerfSndLimTransRwin,
3294 tcpEStatsPerfSndLimTransCwnd,
3295 tcpEStatsPerfSndLimTransSnd,
3296 tcpEStatsPerfSndLimTimeRwin,
3297 tcpEStatsPerfSndLimTimeCwnd,
3298 tcpEStatsPerfSndLimTimeSnd
3299 }
3300 STATUS current
3301 DESCRIPTION
3302 "The tcpEStatsPerf group includes those objects that
3303 provide basic performance data for a TCP connection."
3304 ::= { tcpEStatsGroups 5 }
3306 tcpEStatsPerfHCGroup OBJECT-GROUP
3307 OBJECTS {
3308 tcpEStatsPerfHCDataOctetsOut,
3309 tcpEStatsPerfHCDataOctetsIn
3310 }
3311 STATUS current
3312 DESCRIPTION
3313 "The tcpEStatsPerfHC group includes 64 bit
3314 counters in the tcpEStatsPerfTable."
3315 ::= { tcpEStatsGroups 6 }
3317 tcpEStatsPathGroup OBJECT-GROUP
3318 OBJECTS {
3319 tcpEStatsControlPath,
3320 tcpEStatsPathRetranThresh,
3321 tcpEStatsPathNonRecovDAEpisodes,
3322 tcpEStatsPathSumOctetsReordered,
3323 tcpEStatsPathNonRecovDA
3324 }
3325 STATUS current
3326 DESCRIPTION
3327 "The tcpEStatsPath group includes objects that
3328 control the creation of the tcpEStatsPathTable,
3329 and provide information about the path
3330 for each TCP connection."
3331 ::= { tcpEStatsGroups 7 }
3333 tcpEStatsPathOptionalGroup OBJECT-GROUP
3334 OBJECTS {
3335 tcpEStatsPathSampleRTT, tcpEStatsPathRTTVar,
3336 tcpEStatsPathMaxRTT, tcpEStatsPathMinRTT,
3337 tcpEStatsPathSumRTT, tcpEStatsPathCountRTT,
3338 tcpEStatsPathMaxRTO, tcpEStatsPathMinRTO,
3339 tcpEStatsPathIpTtl, tcpEStatsPathIpTosIn,
3340 tcpEStatsPathIpTosOut,
3341 tcpEStatsPathPreCongSumCwnd,
3342 tcpEStatsPathPreCongSumRTT,
3343 tcpEStatsPathPostCongSumRTT,
3344 tcpEStatsPathPostCongCountRTT,
3345 tcpEStatsPathECNsignals, tcpEStatsPathQuenchRcvd,
3346 tcpEStatsPathDupAckEpisodes, tcpEStatsPathRcvRTT,
3347 tcpEStatsPathDupAcksOut, tcpEStatsPathCERcvd,
3348 tcpEStatsPathECESent, tcpEStatsPathECNNonceRcvd
3349 }
3350 STATUS current
3351 DESCRIPTION
3352 "The tcpEStatsPath group includes objects that
3353 provide additional information about the path
3354 for each TCP connection."
3355 ::= { tcpEStatsGroups 8 }
3357 tcpEStatsPathHCGroup OBJECT-GROUP
3358 OBJECTS {
3359 tcpEStatsPathHCSumRTT
3360 }
3361 STATUS current
3362 DESCRIPTION
3363 "The tcpEStatsPathHC group includes 64 bit
3364 counters in the tcpEStatsPathTable."
3365 ::= { tcpEStatsGroups 9 }
3367 tcpEStatsStackGroup OBJECT-GROUP
3368 OBJECTS {
3369 tcpEStatsControlStack,
3370 tcpEStatsStackActiveOpen, tcpEStatsStackMSSSent,
3371 tcpEStatsStackMSSRcvd, tcpEStatsStackWinScaleSent,
3372 tcpEStatsStackWinScaleRcvd,
3373 tcpEStatsStackTimeStamps, tcpEStatsStackECN,
3374 tcpEStatsStackWillSendSACK,
3375 tcpEStatsStackWillUseSACK, tcpEStatsStackState,
3376 tcpEStatsStackNagle, tcpEStatsStackMaxSsCwnd,
3377 tcpEStatsStackMaxCaCwnd,
3378 tcpEStatsStackMaxSsthresh,
3379 tcpEStatsStackMinSsthresh,
3380 tcpEStatsStackInRecovery, tcpEStatsStackDupAcksIn,
3381 tcpEStatsStackSpuriousFrDetected,
3382 tcpEStatsStackSpuriousRtoDetected
3383 }
3384 STATUS current
3385 DESCRIPTION
3386 "The tcpEStatsConnState group includes objects that
3387 control the creation of the tcpEStatsStackTable,
3388 and provide information about the operation of
3389 algorithms used within TCP."
3390 ::= { tcpEStatsGroups 10 }
3392 tcpEStatsStackOptionalGroup OBJECT-GROUP
3393 OBJECTS {
3394 tcpEStatsStackSoftErrors,
3395 tcpEStatsStackSoftErrorReason,
3396 tcpEStatsStackSlowStart, tcpEStatsStackCongAvoid,
3397 tcpEStatsStackOtherReductions,
3398 tcpEStatsStackCongOverCount,
3399 tcpEStatsStackFastRetran,
3400 tcpEStatsStackSubsequentTimeouts,
3401 tcpEStatsStackCurTimeoutCount,
3402 tcpEStatsStackAbruptTimeouts,
3403 tcpEStatsStackSACKsRcvd,
3404 tcpEStatsStackSACKBlocksRcvd,
3405 tcpEStatsStackSendStall, tcpEStatsStackDSACKDups,
3406 tcpEStatsStackMaxMSS, tcpEStatsStackMinMSS,
3407 tcpEStatsStackSndInitial,
3408 tcpEStatsStackRecInitial,
3409 tcpEStatsStackCurRetxQueue,
3410 tcpEStatsStackMaxRetxQueue,
3411 tcpEStatsStackCurReasmQueue,
3412 tcpEStatsStackMaxReasmQueue
3413 }
3414 STATUS current
3415 DESCRIPTION
3416 "The tcpEStatsConnState group includes objects that
3417 provide additional information about the operation of
3418 algorithms used within TCP."
3419 ::= { tcpEStatsGroups 11 }
3421 tcpEStatsAppGroup OBJECT-GROUP
3422 OBJECTS {
3423 tcpEStatsControlApp,
3424 tcpEStatsAppSndUna, tcpEStatsAppSndNxt,
3425 tcpEStatsAppSndMax, tcpEStatsAppThruOctetsAcked,
3426 tcpEStatsAppRcvNxt,
3427 tcpEStatsAppThruOctetsReceived
3428 }
3429 STATUS current
3430 DESCRIPTION
3431 "The tcpEStatsConnState group includes objects that
3432 control the creation of the tcpEStatsAppTable,
3433 and provide information about the operation of
3434 algorithms used within TCP."
3435 ::= { tcpEStatsGroups 12 }
3437 tcpEStatsAppHCGroup OBJECT-GROUP
3438 OBJECTS {
3439 tcpEStatsAppHCThruOctetsAcked,
3440 tcpEStatsAppHCThruOctetsReceived
3441 }
3442 STATUS current
3443 DESCRIPTION
3444 "The tcpEStatsStackHC group includes 64 bit
3445 counters in the tcpEStatsStackTable."
3446 ::= { tcpEStatsGroups 13 }
3448 tcpEStatsAppOptionalGroup OBJECT-GROUP
3449 OBJECTS {
3450 tcpEStatsAppCurAppWQueue,
3451 tcpEStatsAppMaxAppWQueue,
3452 tcpEStatsAppCurAppRQueue,
3453 tcpEStatsAppMaxAppRQueue
3454 }
3455 STATUS current
3456 DESCRIPTION
3457 "The tcpEStatsConnState group includes objects that
3458 provide additional information about how applications
3459 are interacting with each TCP connection."
3460 ::= { tcpEStatsGroups 14 }
3462 tcpEStatsTuneOptionalGroup OBJECT-GROUP
3463 OBJECTS {
3464 tcpEStatsControlTune,
3465 tcpEStatsTuneLimCwnd, tcpEStatsTuneLimSsthresh,
3466 tcpEStatsTuneLimRwin
3467 }
3468 STATUS current
3469 DESCRIPTION
3470 "The tcpEStatsConnState group includes objects that
3471 control the creation of the tcpEStatsConnectionTable,
3472 which can be used to set tuning parameters
3473 for each TCP connection."
3474 ::= { tcpEStatsGroups 15 }
3476 tcpEStatsNotificationsGroup NOTIFICATION-GROUP
3477 NOTIFICATIONS {
3478 tcpEStatsEstablishNotification,
3479 tcpEStatsCloseNotification
3480 }
3481 STATUS current
3482 DESCRIPTION
3483 "Notifications sent by a TCP extended statistics agent."
3484 ::= { tcpEStatsGroups 16 }
3486 tcpEStatsNotificationsCtlGroup OBJECT-GROUP
3487 OBJECTS {
3488 tcpEStatsControlNotify
3489 }
3490 STATUS current
3491 DESCRIPTION
3492 "The tcpEStatsNotificationsCtl group includes the
3493 object that controls the creation of the events
3494 in the tcpEStatsNotificationsGroup."
3495 ::= { tcpEStatsGroups 17 }
3497 END
3499 5. Security Considerations
3501 There are a number of management objects defined in this MIB module
3502 with a MAX-ACCESS clause of read-write and/or read-create. Such
3503 objects may be considered sensitive or vulnerable in some network
3504 environments. The support for SET operations in a non-secure
3505 environment without proper protection can have a negative effect on
3506 network operations. These are the tables and objects and their
3507 sensitivity/vulnerability:
3509 * Changing tcpEStatsConnTableLatency or any of the control objects in
3510 the tcpEStatsControl group (tcpEStatsControlPath,
3511 tcpEStatsControlStack, tcpEStatsControlApp, tcpEStatsControlTune)
3512 may affect the correctness of other management applications
3513 accessing this MIB. Generally local policy should only permit
3514 limited write access to these controls (e.g. only by one management
3515 station or only during system configuration).
3517 * The objects in the tcpEStatsControlTune group
3518 (tcpEStatsTuneLimCwnd, tcpEStatsTuneLimSsthresh,
3519 tcpEStatsTuneLimRwin) can be used to limit resources consumed by
3520 TCP connections or to limit TCP throughput. An attacker might
3521 manipulate these objects to reduce performance to levels below the
3522 minimum acceptable for a particular application.
3524 Some of the readable objects in this MIB module (i.e., objects with a
3525 MAX-ACCESS other than not-accessible) may be considered sensitive or
3526 vulnerable in some network environments. It is thus important to
3527 control even GET and/or NOTIFY access to these objects and possibly
3528 to even encrypt the values of these objects when sending them over
3529 the network via SNMP. These are the tables and objects and their
3530 sensitivity/vulnerability:
3532 * All objects which expose TCP sequence numbers (tcpEStatsAppSndUna,
3533 tcpEStatsAppSndNxt, tcpEStatsAppSndMax, tcpEStatsStackSndInitial,
3534 tcpEStatsAppRcvNxt, and tcpEStatsStackRecInitial) might make it
3535 easier for an attacker to forge in sequence TCP segments to disrupt
3536 TCP connections.
3538 * Nearly all object in this (or any other) MIB may be used to
3539 estimate traffic volumes, which may reveal unanticipated
3540 information about an organization to the outside world.
3542 SNMP versions prior to SNMPv3 did not include adequate security.
3543 Even if the network itself is secure (for example by using IPsec),
3544 even then, there is no control as to who on the secure network is
3545 allowed to access and GET/SET (read/change/create/delete) the objects
3546 in this MIB module.
3548 It is RECOMMENDED that implementers consider the security features as
3549 provided by the SNMPv3 framework (see [RFC3410], section 8),
3550 including full support for the SNMPv3 cryptographic mechanisms (for
3551 authentication and privacy).
3553 Further, deployment of SNMP versions prior to SNMPv3 is NOT
3554 RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
3555 enable cryptographic security. It is then a customer/operator
3556 responsibility to ensure that the SNMP entity giving access to an
3557 instance of this MIB module is properly configured to give access to
3558 the objects only to those principals (users) that have legitimate
3559 rights to indeed GET or SET (change/create/delete) them.
3561 6. IANA Considerations
3563 The MIB module in this document uses the following IANA-assigned
3564 OBJECT IDENTIFIER values recorded in the SMI Numbers registry:
3566 Descriptor OBJECT IDENTIFIER value
3567 ------------ -----------------------
3568 tcpEStatsMIB { mib-2 xxx2 }
3570 RFC Editor: The IANA is requested to assign a value for "xxx2" under
3571 the 'mib-2' subtree and to record the assignment in the SMI Numbers
3572 registry. When the assignment has been made, the RFC Editor is asked
3573 to replace "xxx2" (here and in the MIB module) with the assigned
3574 value and to remove this note.
3576 7. Normative References
3578 [RFC791] J. Postel, "Internet Protocol", RFC 791, STD 0005, September
3579 1981.
3581 [RFC793] J. Postel, "Transmission Control Protocol", RFC 793, STD 0007,
3582 September 1981.
3584 [RFC1122] R. Braden, Ed, "Requirements for Internet Hosts -
3585 Communication Layers", RFC 1122, STD 0003, October 1989.
3587 [RFC1191] J.C. Mogul, S.E. Deering, "Path MTU discovery", RFC 1191,
3588 November 1990.
3590 [RFC1323] V. Jacobson, R. Braden, D. Borman, "TCP Extensions for High
3591 Performance", RFC 1323, May 1992.
3593 [RFC2018] M. Mathis, J. Mahdavi, S. Floyd, A. Romanow, "TCP Selective
3594 Acknowledgment Options", RFC 2018, October 1996.
3596 [RFC2021] S. Waldbusser, "Remote Network Monitoring Management
3597 Information Base Version 2 using SMIv2", RFC 2021, January 1997.
3599 [RFC2119] S. Bradner, "Key words for use in RFCs to Indicate Requirement
3600 Levels", RFC 2119, BCP 0014, March 1997
3602 [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
3603 Rose, M., and S. Waldbusser, "Structure of Management Information
3604 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.
3606 [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
3607 Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", RFC
3608 2579, STD 58, April 1999.
3610 [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
3611 Rose, M., and S. Waldbusser, "Conformance Statements for SMIv2",
3612 RFC 2580, STD 58, April 1999.
3614 [RFC2581] M. Allman, V. Paxson, W. Stevens, "TCP Congestion Control",
3615 RFC 2581, April 1999.
3617 [RFC2856] A. Bierman, K. McCloghrie, R. Presuhn, "Textual Conventions
3618 for Additional High Capacity Data Types", RFC 2856, June 2000.
3620 [RFC2861] M. Handley, J. Padhye, S. Floyd, "TCP Congestion Window
3621 Validation", RFC 2861, June 2000.
3623 [RFC2883] S. Floyd, J. Mahdavi, M. Mathis, M. Podolsky, "An Extension to
3624 the Selective Acknowledgment (SACK) Option for TCP", RFC 2883, July
3625 2000.
3627 [RFC2988] V. Paxson, M. Allman, "Computing TCP's Retransmission Timer",
3628 RFC 2988, November 2000.
3630 [RFC3168] K. Ramakrishnan, S. Floyd, D. Black, "The Addition of Explicit
3631 Congestion Notification (ECN) to IP", RFC 3168, September 2001.
3633 [RFC3260] D. Grossman, "New Terminology and Clarifications for
3634 Diffserv", RFC 3260, April 2002.
3636 [RFC3517] Blanton, E., Allman, M., Fall, K., Wang. L., A Conservative
3637 Selective Acknowledgment (SACK)-based Loss Recovery Algorithm for
3638 TCP, RFC 3517, April 2003.
3640 [RFC3522] R. Ludwig, M. Meyer, "The Eifel Detection Algorithm for TCP",
3641 RFC 3522, April 2003.
3643 [RFC3540] N. Spring, D. Wetherall, D. Ely, "Robust Explicit Congestion
3644 Notification (ECN) Signaling with Nonces", RFC 3540, June 2003.
3646 [RFC3742] S. Floyd, "Limited Slow-Start for TCP with Large Congestion
3647 Windows", RFC 3742, March 2004.
3649 [RFC4022] Raghunarayan, R., "Management Information Base for the
3650 Transmission Control Protocol (TCP)", RFC 4022, March 2005.
3652 8. Informative References
3654 [Mat97] M. Mathis, J. Semke, J. Mahdavi, T. Ott, "The Macroscopic
3655 Behavior of the TCP Congestion Avoidance Algorithm", Computer
3656 Communication Review, volume 27, number3, July 1997.
3658 [Bra94] Brakmo, L., O'Malley, S., "TCP Vegas, New Techniques for
3659 Congestion Detection and Avoidance," SIGCOMM'94, London, pp 24-35,
3660 October 1994.
3662 [Edd06] Eddy, W., "TCP SYN Flooding Attacks and Common Mitigations,"
3663 Internet Draft draft-ietf-tcpm-syn-flood-00, Work in progress, July
3664 2006
3666 [POSIX] Portable Operating System Interface, IEEE Std 1003.1
3668 [Pad98] Padhye, J., Firoiu, V., Towsley, D., Kurose, J., "Modeling TCP
3669 Throughput: A Simple Model and its Empirical Validation",
3670 SIGCOMM'98
3672 [roadmap] M. Duke, R. Braden, W. Eddy, E. Blanton, "A Roadmap for TCP
3673 Specification Documents", Internet Draft draft-ietf-tcpm-tcp-
3674 roadmap-06, Work in progress, February 2005
3676 [Web100] Mathis, M., J. Heffner, R. Reddy, "Web100: Extended TCP
3677 Instrumentation for Research, Education and Diagnosis", ACM
3678 Computer Communications Review, Vol 33, Num 3, July 2003.
3680 [RFC3410] Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction
3681 and Applicability Statements for Internet-Standard Management
3682 Framework", RFC 3410, December 2002.
3684 9. Contributors
3686 The following people contributed text that was incorporated into this
3687 document:
3689 Jon Saperia converted Web100 internal
3690 documentation into a true MIB. Jon can be reached at JDS Consulting,
3691 Inc, 617-744-1079.
3693 Some of the objects in this document were moved from an early draft
3694 of the TCP-MIB, by Bill Fenner et al.
3696 Some of the object descriptions are based on an earlier unpublished
3697 document by Jeff Semke.
3699 10. Acknowledgments
3701 This document is a product of the Web100 project (www.web100.org), a
3702 joint effort of Pittsburgh Supercomputing Center (www.psc.edu),
3703 National Center for Atmospheric Research (www.ncar.ucar.edu) and
3704 National Center for Supercomputer Applications (www.ncsa.edu).
3706 It would not have been possible without all of the hard work by the
3707 the entire Web100 team, especially Peter O'Neal who read and reread
3708 the entire document several times; Janet Brown and Marla Meehl, who
3709 patiently managed the unmanageable. The Web100 project would not
3710 have been successful without all of the early adopters who suffered
3711 our bugs to provide many good suggestions and insights into their
3712 needs for TCP instrumentation.
3714 Web100 was supported by the National Science Foundation under Grant
3715 No. 0083285 and a research grant from Cisco Systems.
3717 We would also like to thank all of the people who built experimental
3718 implementations of this MIB from early versions of the Internet Draft
3719 and provided us with constructive feedback: Glenn Turner at AARnet,
3720 Kristine Adamson at IBM and Xinyan Zan at Microsoft.
3722 And last, but not least, we would like to thank Dan Romascanu, our
3723 "MIB Doctor" and Bert Wijnen the Operations Area Director, for
3724 patiently steering us through the MIB review process.
3726 11. Authors' Addresses
3727 Matt Mathis
3728 John Heffner
3729 Pittsburgh Supercomputing Center
3730 4400 Fifth Ave
3731 Pittsburgh, PA 15216
3732 Phone: 412-268-4960
3733 Email: mathis@web100.org, jheffner@psc.edu
3735 Rajiv Raghunarayan
3736 Cisco Systems Inc.
3737 San Jose, CA 95134
3738 Phone: 408 853 9612
3739 Email: raraghun@cisco.com
3741 12. Intellectual Property
3743 The IETF takes no position regarding the validity or scope of any
3744 Intellectual Property Rights or other rights that might be claimed
3745 to pertain to the implementation or use of the technology
3746 described in this document or the extent to which any license
3747 under such rights might or might not be available; nor does it
3748 represent that it has made any independent effort to identify any
3749 such rights. Information on the procedures with respect to rights
3750 in RFC documents can be found in BCP 78 and BCP 79.
3752 Copies of IPR disclosures made to the IETF Secretariat and any
3753 assurances of licenses to be made available, or the result of an
3754 attempt made to obtain a general license or permission for the use
3755 of such proprietary rights by implementers or users of this
3756 specification can be obtained from the IETF on-line IPR repository
3757 at http://www.ietf.org/ipr.
3759 The IETF invites any interested party to bring to its attention
3760 any copyrights, patents or patent applications, or other
3761 proprietary rights that may cover technology that may be required
3762 to implement this standard. Please address the information to the
3763 IETF at ietf-ipr@ietf.org.
3765 13. Disclaimer of Validity
3767 This document and the information contained herein are provided
3768 on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE
3769 REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND
3770 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES,
3771 EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT
3772 THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR
3773 ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A
3774 PARTICULAR PURPOSE.
3776 14. Copyright Statement
3778 Copyright (C) The Internet Society (2006).
3780 This document is subject to the rights, licenses and restrictions
3781 contained in BCP 78, and except as set forth therein, the authors
3782 retain all their rights.