idnits 2.17.1 

draft-irtf-nmrg-snmp-tcp-06.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** Looks like you're using RFC 2026 boilerplate.  This must be updated to
     follow RFC 3978/3979, as updated by RFC 4748.


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

  ** The document seems to lack a 1id_guidelines paragraph about the list of
     current Internet-Drafts -- however, there's a paragraph with a matching
     beginning. Boilerplate error?

  ** The document seems to lack a 1id_guidelines paragraph about the list of
     Shadow Directories. 

  == No 'Intended status' indicated for this document; assuming Proposed
     Standard


  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  ** The document seems to lack an IANA Considerations section.  (See Section
     2.2 of https://www.ietf.org/id-info/checklist for how to handle the case
     when there are no actions for IANA.)

  ** The document seems to lack separate sections for Informative/Normative
     References.  All references will be assumed normative when checking for
     downward references.

  ** There are 3 instances of too long lines in the document, the longest one
     being 1 character in excess of 72.


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not
     match the current year

  == Line 150 has weird spacing: '... octets   cont...'

  -- The document seems to lack a disclaimer for pre-RFC5378 work, but may
     have content which was first submitted before 10 November 2008.  If you
     have contacted all the original authors and they are all willing to grant
     the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
     this comment.  If not, you may need to add the pre-RFC5378 disclaimer. 
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- The document date (March 2, 2001) is 8455 days in the past.  Is this
     intentional?


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  ** Obsolete normative reference: RFC 2571 (ref. '1') (Obsoleted by RFC 3411)

  ** Downref: Normative reference to an Informational RFC: RFC 1215 (ref. '4')

  ** Downref: Normative reference to an Historic RFC: RFC 1157 (ref. '8')

  ** Downref: Normative reference to an Historic RFC: RFC 1901 (ref. '9')

  ** Obsolete normative reference: RFC 1906 (ref. '10') (Obsoleted by RFC
     3417)

  ** Obsolete normative reference: RFC 2572 (ref. '11') (Obsoleted by RFC
     3412)

  ** Obsolete normative reference: RFC 2574 (ref. '12') (Obsoleted by RFC
     3414)

  ** Obsolete normative reference: RFC 1905 (ref. '13') (Obsoleted by RFC
     3416)

  ** Obsolete normative reference: RFC 2573 (ref. '14') (Obsoleted by RFC
     3413)

  ** Obsolete normative reference: RFC 2575 (ref. '15') (Obsoleted by RFC
     3415)

  ** Obsolete normative reference: RFC 2570 (ref. '16') (Obsoleted by RFC
     3410)

  ** Downref: Normative reference to an Informational RFC: RFC 1270 (ref.
     '18')

  ** Obsolete normative reference: RFC  793 (ref. '19') (Obsoleted by RFC
     9293)

  -- Possible downref: Non-RFC (?) normative reference: ref. '20'

  -- Possible downref: Non-RFC (?) normative reference: ref. '21'

  -- Possible downref: Non-RFC (?) normative reference: ref. '22'

  -- Possible downref: Non-RFC (?) normative reference: ref. '23'


     Summary: 19 errors (**), 0 flaws (~~), 3 warnings (==), 6 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------


2	Network Working Group                                   J. Schoenwaelder
3	Internet-Draft                                           TU Braunschweig
4	Expires: August 31, 2001                                   March 2, 2001

6	                    SNMP over TCP Transport Mapping
7	                    draft-irtf-nmrg-snmp-tcp-06.txt

9	Status of this Memo

11	   This document is an Internet-Draft and is in full conformance with
12	   all provisions of Section 10 of RFC2026.

14	   Internet-Drafts are working documents of the Internet Engineering
15	   Task Force (IETF), its areas, and its working groups. Note that
16	   other groups may also distribute working documents as
17	   Internet-Drafts.

19	   Internet-Drafts are draft documents valid for a maximum of six
20	   months and may be updated, replaced, or obsoleted by other documents
21	   at any time. It is inappropriate to use Internet-Drafts as reference
22	   material or to cite them other than as "work in progress."

24	   To view the entire list of Internet-Draft Shadow Directories, see
25	   http://www.ietf.org/shadow.html.

27	   The list of current Internet-Drafts can be accessed at
28	   http://www.ietf.org/ietf/iid-abstracts.txt

30	   This Internet-Draft will expire on August 31, 2001.

32	Copyright Notice

34	   Copyright (C) The Internet Society (2001). All Rights Reserved.

36	Abstract

38	   This memo defines a transport mapping for using the Simple Network
39	   Management Protocol (SNMP) over TCP. The transport mapping can be
40	   used with any version of SNMP. This document extends the transport
41	   mappings defined in RFC 1906.

43	Table of Contents

45	   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  3
46	   2.  Definitions  . . . . . . . . . . . . . . . . . . . . . . . . .  4
47	   3.  SNMP over TCP  . . . . . . . . . . . . . . . . . . . . . . . .  5
48	   3.1 Serialization  . . . . . . . . . . . . . . . . . . . . . . . .  5
49	   3.2 Well-Known Values  . . . . . . . . . . . . . . . . . . . . . .  6
50	   3.3 Connection Management  . . . . . . . . . . . . . . . . . . . .  6
51	   3.4 Reliable Transport versus Confirmed Operations . . . . . . . .  7
52	   4.  Security Considerations  . . . . . . . . . . . . . . . . . . .  7
53	   5.  Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . .  8
54	       References . . . . . . . . . . . . . . . . . . . . . . . . . .  8
55	       Author's Address . . . . . . . . . . . . . . . . . . . . . . . 10
56	   A.  Connection Establishment Alternatives  . . . . . . . . . . . . 10
57	       Full Copyright Statement . . . . . . . . . . . . . . . . . . . 12

59	1. Introduction

61	   The SNMP Management Framework presently consists of five major
62	   components:

64	   o  An overall architecture, described in RFC 2571 [1].
65	   o  Mechanisms for describing and naming objects and events for the
66	      purpose of management. The first version of this Structure of
67	      Management Information (SMI) is called SMIv1 and described in STD
68	      16, RFC 1155 [2], STD 16, RFC 1212 [3] and RFC 1215 [4]. The
69	      second version, called SMIv2, is described in STD 58, RFC 2578
70	      [5], STD 58, RFC 2579 [6] and STD 58, RFC 2580 [7].
71	   o  Message protocols for transferring management information. The
72	      first version of the SNMP message protocol is called SNMPv1 and
73	      described in STD 15, RFC 1157 [8]. A second version of the SNMP
74	      message protocol, which is not an Internet standards track
75	      protocol, is called SNMPv2c and described in RFC 1901 [9] and RFC
76	      1906 [10]. The third version of the message protocol is called
77	      SNMPv3 and described in RFC 1906 [10], RFC 2572 [11] and RFC 2574
78	      [12].
79	   o  Protocol operations for accessing management information. The
80	      first set of protocol operations and associated PDU formats is
81	      described in STD 15, RFC 1157 [8]. A second set of protocol
82	      operations and associated PDU formats is described in RFC 1905
83	      [13].
84	   o  A set of fundamental applications described in RFC 2573 [14] and
85	      the view-based access control mechanism described in RFC 2575
86	      [15].

88	   A more detailed introduction to the current SNMP Management
89	   Framework can be found in RFC 2570 [16].

91	   Managed objects are accessed via a virtual information store, termed
92	   the Management Information Base or MIB. Objects in the MIB are
93	   defined using the mechanisms defined in the SMI.

95	   This memo defines a transport mapping for using the Simple Network
96	   Management Protocol (SNMP) over TCP. The transport mapping can be
97	   used with any version of SNMP. This document extends the transport
98	   mappings defined in RFC 1906 [10].

100	   The SNMP over TCP transport mapping is an optional transport
101	   mapping. SNMP protocol engines that implement the SNMP over TCP
102	   transport mapping MUST also implement the SNMP over UDP transport
103	   mapping as defined in RFC 1906 [10].

105	   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
106	   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
107	   document are to be interpreted as described in RFC 2119 [17].

109	2. Definitions

111	   IRTF-NMRG-SNMP-TM DEFINITIONS ::= BEGIN

113	   IMPORTS MODULE-IDENTITY, OBJECT-IDENTITY, experimental FROM SNMPv2-SMI
114	           TEXTUAL-CONVENTION                             FROM SNMPv2-TC;

116	   nmrgSnmpDomains MODULE-IDENTITY
117	       LAST-UPDATED "200103010000Z"
118	       ORGANIZATION "IRTF Network Management Research Group"
119	       CONTACT-INFO
120	           "Juergen Schoenwaelder
121	            TU Braunschweig
122	            Bueltenweg 74/75
123	            38106 Braunschweig
124	            Germany

126	            Phone: +49 531 391-3283
127	            Email: schoenw@ibr.cs.tu-bs.de"
128	       DESCRIPTION
129	           "This MIB module defines the SNMP over TCP transport mapping."
130	       REVISION     "200103010000Z"
131	       DESCRIPTION
132	           "Initial version, published as RFC XXXX."
133	       ::= { experimental nmrg(91) 1 }

135	   -- SNMP over TCP over IPv4

137	   snmpTCPDomain   OBJECT-IDENTITY
138	       STATUS      current
139	       DESCRIPTION
140	           "The SNMP over TCP over IPv4 transport domain. The
141	            corresponding transport address is of type SnmpTCPAddress."
142	       ::= { nmrgSnmpDomains 1 }

144	   SnmpTCPAddress ::= TEXTUAL-CONVENTION
145	       DISPLAY-HINT "1d.1d.1d.1d/2d"
146	       STATUS       current
147	       DESCRIPTION
148	               "Represents a TCP/IPv4 address:

150	                  octets   contents        encoding
151	                   1-4     IP-address      network-byte order
152	                   5-6     TCP-port        network-byte order
153	               "
154	       SYNTAX      OCTET STRING (SIZE (6))

156	   END

158	3. SNMP over TCP

160	   SNMP over TCP is an experimental optional transport mapping. It is
161	   primarily defined to support more efficient bulk transfer mechanisms
162	   within the SNMP framework [20].

164	   The originator of a request/response transaction chooses the
165	   transport protocol for the entire transaction. The transport
166	   protocol MUST NOT change during a transaction.

168	   In general, originators of request/response transactions are free to
169	   use the transport they assume is the best in a given situation.
170	   However, since TCP has a larger footprint on resource usage than
171	   UDP, engines using SNMP over TCP may choose to switch back to UDP by
172	   refusing new TCP connections whenever necessary (e.g. too many open
173	   TCP connections).

175	   When selecting the transport, it is useful to consider how SNMP
176	   interacts with TCP acknowledgements and timers. In particular,
177	   infrequent SNMP interactions over TCP may lead to additional IP
178	   packets carrying acknowledgements for SNMP responses if there is no
179	   chance to piggyback them. Furthermore, it is recommended to
180	   configure SNMP timers to fire later when using SNMP over TCP to
181	   avoid application specific timeouts before the TCP timers have
182	   expired.

184	3.1 Serialization

186	   Each instance of a message is serialized into a single BER-encoded
187	   message, using the algorithm specified in Section 8 of RFC 1906
188	   [10]. The BER-encoded message is then sent over a TCP connection. An
189	   SNMP engine MUST NOT interleave SNMP messages within the TCP byte
190	   stream. All the bytes of one SNMP message must be sent before any
191	   bytes of a different SNMP message.

193	   It is possible to exchange multiple SNMP request/response pairs over
194	   a single (persistent) TCP connection. TCP connections are per
195	   default full-duplex and data can travel in both directions at
196	   different speeds. It is therefore possible to send multiple SNMP
197	   messages to a remote SNMP engine before receiving responses from the
198	   same SNMP engine. Note that an SNMP engine is not required to return
199	   responses in the same order as it received the requests.

201	   It is possible that the underlying TCP implementation delivers byte
202	   sequences that do not coincide with SNMP message boundaries. A
203	   receiving SNMP engine MUST therefore use the length field in the
204	   BER-encoded SNMP message to separate multiple requests sent over a
205	   single TCP connection.

207	3.2 Well-Known Values

209	   It is RECOMMENDED that administrators configure their SNMP entities
210	   containing command responders to listen on TCP port 161 for incoming
211	   connections. It is also RECOMMENDED that SNMP entities containing
212	   notification receivers be configured to listen on TCP port 162 for
213	   connection requests.

215	   When an SNMP entity uses the TCP transport mapping, it MUST be
216	   capable of accepting messages that are at least 8192 octets in size.
217	   Implementation of larger values is encouraged whenever possible.

219	3.3 Connection Management

221	   The use of TCP connections introduces costs [18]. Connection
222	   establishment and teardown cause additional network traffic.
223	   Furthermore, maintaining open connections binds resources in the
224	   network layer of the underlying operating system.

226	   SNMP over TCP is intended to be used when the size of the
227	   transferred data is large since TCP offers flow control and
228	   efficient segmentation. The transport of large amounts of management
229	   data via SNMP over UDP requires many request/response interactions
230	   with small-sized SNMP over UDP messages, which causes latency to
231	   increase excessively.

233	   TCP connections are established on behalf of the SNMP applications
234	   which initiate a transaction. In particular, command generator
235	   applications are responsible for opening TCP connections to command
236	   responder applications and notification originator applications are
237	   responsible to initiate TCP connections to notification receiver
238	   applications, which are selected as described in Section 3 of RFC
239	   2573 [14]. If the TCP connection cannot be established, then
240	   transaction is aborted reported to the application as a timeout
241	   error condition. Alternative connection establishment procedures are
242	   discussed in Appendix A but are not part of this specification.

244	   All SNMP entities (whether in an agent role or manager role) can
245	   close TCP connections at any point in time. This ensures that SNMP
246	   entities can control their resource usage and shut down TCP
247	   connections that are not used. Note that SNMP engines are not
248	   required to process SNMP messages if the incoming half of the TCP
249	   connection is closed while the outgoing half remains open.

251	   The processing of any outstanding SNMP requests when both sides of
252	   the TCP connection have been closed is implementation dependent. The
253	   sending SNMP entity SHOULD therefore not make assumptions about the
254	   processing of outstanding SNMP requests once a TCP connection is
255	   closed. A timeout error condition SHOULD be signalled for confirmed
256	   requests if the TCP connection is closed before a response has been
257	   received.

259	3.4 Reliable Transport versus Confirmed Operations

261	   The transport of SNMP messages over TCP results in a reliable
262	   exchange of SNMP messages between SNMP engines. In particular, TCP
263	   guarantees (in the absence of security attacks) that the delivered
264	   data is not damaged, lost, duplicated, or delivered out of order
265	   [19].

267	   The SNMP protocol has been designed to support confirmed as well as
268	   unconfirmed operations [1]. The inform-request protocol operation is
269	   an example for a confirmed operation while the snmpV2-trap operation
270	   is an example for an unconfirmed operation.

272	   There is an important difference between an unconfirmed protocol
273	   operation sent over a reliable transport and a confirmed protocol
274	   operation. A reliable transport such as TCP only guarantees that
275	   delivered data is not damaged, lost, duplicated, or delivered out of
276	   order. It does not guarantee that the delivered data was actually
277	   processed in any way by the application process. Furthermore, even a
278	   reliable transport such as TCP cannot guarantee that data sent to a
279	   remote system is eventually delivered on the remote system. Even a
280	   graceful close of the TCP connection does not guarantee that the
281	   receiving TCP engine has actually delivered all the data to an
282	   application process.

284	   With a confirmed SNMP operation, the receiving SNMP engine
285	   acknowledges that the data was actually received. Depending on the
286	   SNMP protocol operation, a confirmation may indicate that further
287	   processing was done. For example, the response to an inform-request
288	   protocol operation also indicates to the notification originator
289	   that the notification passed the security model and that it was
290	   delivered to the notification receiver application. Similarily, the
291	   response to a set-request indicates that the data passed the
292	   transport, the authentication mechanism and that the write request
293	   was actually processed by the command responder.

295	   A reliable transport is thus only a poor approximation for confirmed
296	   operations. Applications that need confirmation of delivery or
297	   processing are encouraged to use the confirmed operations, such as
298	   the inform-request, rather than using unconfirmed operations, such
299	   as snmpV2-trap, over a reliable transport.

301	4. Security Considerations

303	   It is recommended that implementors consider the security features
304	   as provided by the SNMPv3 framework in order to provide SNMP
305	   security.  Specifically, the use of the User-based Security Model
306	   RFC 2574 [12] and the View-based Access Control Model RFC 2575 [15]
307	   is recommended.

309	   It is then a customer/user responsibility to ensure that the SNMP
310	   entity giving access to a MIB is properly configured to give access
311	   to the objects only to those principals (users) that have legitimate
312	   rights to indeed GET or SET (change) them.

314	   The SNMP over TCP transport mapping does not have any impact on the
315	   security mechanisms provided by SNMPv3. However, SNMP over TCP may
316	   introduce new vulnerabilities to denial of service attacks (such as
317	   TCP syn flooding) that do not exist in this form in other transport
318	   mappings.

320	5. Acknowledgments

322	   This document is the result of discussions within the Network
323	   Management Research Group (NMRG) of the Internet Research Task
324	   Force[21] (IRTF). Special thanks to Luca Deri, Jean-Philippe
325	   Martin-Flatin, Aiko Pras, Ron Sprenkels, and Bert Wijnen for their
326	   comments and suggestions.

328	   Additional useful comments have been made by Mike Ayers, Jeff Case,
329	   Mike Daniele, David Harrington, Lauren Heintz, Keith McCloghrie, and
330	   Dave Shield.

332	   Luca Deri, Wes Hardaker, Bert Helthuis, and Erik Schoenfelder helped
333	   to create prototype implementations. The SNMP over TCP transport
334	   mapping is currently supported by the NET-SNMP package[22] and the
335	   Linux CMU SNMP package[23].

337	References

339	   [1]  Harrington, D., Presuhn, R. and B. Wijnen, "An Architecture for
340	        Describing SNMP Management Frameworks", RFC 2571, April 1999.

342	   [2]  Rose, M. and K. McCloghrie, "Structure and Identification of
343	        Management Information for TCP/IP-based Internets", STD 16, RFC
344	        1155, May 1990.

346	   [3]  Rose, M. and K. McCloghrie, "Concise MIB Definitions", STD 16,
347	        RFC 1212, March 1991.

349	   [4]  Rose, M., "A Convention for Defining Traps for use with the
350	        SNMP", RFC 1215, March 1991.

352	   [5]  McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,
353	        M. and S. Waldbusser, "Structure of Management Information
354	        Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.

356	   [6]  McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,
357	        M. and S. Waldbusser, "Textual Conventions for SMIv2", STD 58,
358	        RFC 2579, April 1999.

360	   [7]  McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,
361	        M. and S. Waldbusser, "Conformance Statements for SMIv2", STD
362	        58, RFC 2580, April 1999.

364	   [8]  Case, J., Fedor, M., Schoffstall, M. and J. Davin, "A Simple
365	        Network Management Protocol (SNMP)", STD 15, RFC 1157, May 1990.

367	   [9]  Case, J., McCloghrie, K., Rose, M. and S. Waldbusser,
368	        "Introduction to Community-based SNMPv2", RFC 1901, January
369	        1996.

371	   [10]  Case, J., McCloghrie, K., Rose, M. and S. Waldbusser,
372	         "Transport Mappings for Version 2 of the Simple Network
373	         Management Protocol (SNMPv2)", RFC 1906, January 1996.

375	   [11]  Case, J., Harrington, D., Presuhn, R. and B. Wijnen, "Message
376	         Processing and Dispatching for the Simple Network Management
377	         Protocol (SNMP)", RFC 2572, April 1999.

379	   [12]  Blumenthal, U. and B. Wijnen, "User-based Security Model (USM)
380	         for version 3 of the Simple Network Management Protocol
381	         (SNMPv3)", RFC 2574, April 1999.

383	   [13]  Case, J., McCloghrie, K., Rose, M. and S. Waldbusser,
384	         "Protocol Operations for Version 2 of the Simple Network
385	         Management Protocol (SNMPv2)", RFC 1905, January 1996.

387	   [14]  Levi, D., Meyer, P. and B. Stewart, "SNMP Applications", RFC
388	         2573, April 1999.

390	   [15]  Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based Access
391	         Control Model (VACM) for the Simple Network Management
392	         Protocol (SNMP)", RFC 2575, April 1999.

394	   [16]  Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction
395	         to Version 3 of the Internet-standard Network Management
396	         Framework", RFC 2570, April 1999.

398	   [17]  Bradner, S., "Key words for use in RFCs to Indicate
399	         Requirement Levels", BCP 14, RFC 2119, March 1997.

401	   [18]  Kastenholz, F., "SNMP Communications Services", RFC 1270,
402	         October 1991.

404	   [19]  Postel, J., "Transmission Control Protocol", STD 7, RFC 793,
405	         September 1981.

407	   [20]  Sprenkels, R. and J.P. Martin-Flatin, "Bulk Transfers of MIB
408	         Data", Simple Times 7(1), March 1999.

410	   [21]  http://www.irtf.org/

412	   [22]  http://net-snmp.sourceforge.net/

414	   [23]  http://www.gaertner.de/snmp/

416	Author's Address

418	   Juergen Schoenwaelder
419	   TU Braunschweig
420	   Bueltenweg 74/75
421	   38106 Braunschweig
422	   Germany

424	   Phone: +49 531 391-3283
425	   EMail: schoenw@ibr.cs.tu-bs.de

427	Appendix A. Connection Establishment Alternatives

429	   This memo defines a simple connection establishment scheme where the
430	   notification originator or command generator application is
431	   responsible to establish TCP connections to notification receiver or
432	   command responder applications. The purpose of this section is to
433	   document variations or alternatives of this scheme which have been
434	   discussed during the development of this specification. The
435	   discussion below focuses on notification originator applications
436	   since this is case where people seem to have diverging viewpoints.
437	   The discussion below also assumes that the reader is familiar with
438	   the SNMPv3 notification forwarding model as defined in RFC 2573
439	   [14].

441	   The variations that have been discussed are basically driven by the
442	   idea to provide fallback mechanisms in cases where TCP connection
443	   establishment from the notification originator to the notification
444	   receiver fails. The approach specified in this memo simply drops
445	   notifications if the TCP connection cannot be established. This
446	   implies that notification originators which need reliable
447	   notification delivery must implement a local notification log in
448	   order to keep a history of notifications that could not be
449	   delivered.

451	   Another option is to deliver notifications via UDP in case TCP
452	   connection establishment fails. This might require to augment the
453	   snmpTargetTable with columns that provide information about the
454	   alternate UDP transport domain and address. In general, this
455	   approach only helps to deliver notifications in cases where the
456	   notification receiver is unable to accept more TCP connections. In
457	   other fault scenarios (e.g. routing problems in the network), the
458	   UDP packet would have no or only marginally better chances to reach
459	   the notification receiver. This implies that notification
460	   originators which need reliable notification delivery still need to
461	   implement a local notification log in order to keep a history of
462	   notifications in cases the UDP packets do not reach the destination.

464	   A generalization of this approach leads to the idea of a sparse
465	   augmentation of the snmpTargetTable which lists alternate fallback
466	   transports endpoints of arbitrary transport domains. Multiple
467	   fallbacks may be possible by using a tag list approach. This
468	   provides a generic transport independent fallback mechanism which is
469	   independent of the TCP transport mapping defined in this memo.

471	   Another alternative is to make the notification originator
472	   responsible to retry connection establishment. This could be
473	   accomplished by augmenting the snmpTargetTable with additional
474	   columns that specify retry counts and timeouts or by adapting the
475	   existing snmpTargetAddrTimeout and snmpTargetAddrRetryCount columns
476	   in the snmpTargetTable. But even this approach requires a local
477	   notification log in order to handle situations where all retries
478	   have failed.

480	   A fundamentally different approach is to make the notification
481	   receiver responsible to establish the TCP connection to the
482	   notification originator. This approach has the advantage that the
483	   notification originator does not necessarily need a list of
484	   pre-configured notification receiver transport addresses. The
485	   current notification forwarding model however relies on the
486	   snmpTargetTable to identify notification targets. So the question
487	   comes up whether (a) new entries are added to the snmpTargetTable
488	   when a connection is established or whether (b) connections are only
489	   accepted if they match pre-configured snmpTargetTable entries. Note
490	   that the target selection logic relies on a tag list which can not
491	   reasonably populated when a connection is accepted. So only option
492	   (b) seems to be compliant with the current notification forwarding
493	   logic. Another issue to consider is the volunerability to denial of
494	   service attacks. A notification originator can be easily attacked by
495	   syn-flooding attacks if it listens for incoming TCP connections.
496	   Finally, in order to let notification originator and notification
497	   receiver appplications coexist easily on a single system, it would
498	   be necessary to assign new default port numbers on which
499	   notification originators listen for incoming TCP connections.

501	Full Copyright Statement

503	   Copyright (C) The Internet Society (2001). All Rights Reserved.

505	   This document and translations of it may be copied and furnished to
506	   others, and derivative works that comment on or otherwise explain it
507	   or assist in its implementation may be prepared, copied, published
508	   and distributed, in whole or in part, without restriction of any
509	   kind, provided that the above copyright notice and this paragraph
510	   are included on all such copies and derivative works. However, this
511	   document itself may not be modified in any way, such as by removing
512	   the copyright notice or references to the Internet Society or other
513	   Internet organizations, except as needed for the purpose of
514	   developing Internet standards in which case the procedures for
515	   copyrights defined in the Internet Standards process must be
516	   followed, or as required to translate it into languages other than
517	   English.

519	   The limited permissions granted above are perpetual and will not be
520	   revoked by the Internet Society or its successors or assigns.

522	   This document and the information contained herein is provided on an
523	   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
524	   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
525	   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
526	   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
527	   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

529	Acknowledgement

531	   Funding for the RFC Editor function is currently provided by the
532	   Internet Society.