idnits 2.17.1 draft-persson-v6ops-mib-issue-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 19. -- Found old boilerplate from RFC 3978, Section 5.5 on line 1109. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 1120. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 1127. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 1133. ** This document has an original RFC 3978 Section 5.4 Copyright Line, instead of the newer IETF Trust Copyright according to RFC 4748. ** This document has an original RFC 3978 Section 5.5 Disclaimer, instead of the newer disclaimer which includes the IETF Trust according to RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (October 5, 2006) is 6407 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 4 errors (**), 0 flaws (~~), 1 warning (==), 7 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group A. Persson 3 Internet-Draft SUN 4 Intended status: Standards Track P. Schauer 5 Expires: April 8, 2007 A. Durand 6 Comcast 7 D. Thaler 8 Microsoft 9 October 5, 2006 11 Management Information Base for TCP and UDP processes 12 draft-persson-v6ops-mib-issue-01.txt 14 Status of this Memo 16 By submitting this Internet-Draft, each author represents that any 17 applicable patent or other IPR claims of which he or she is aware 18 have been or will be disclosed, and any of which he or she becomes 19 aware will be disclosed, in accordance with Section 6 of BCP 79. 21 Internet-Drafts are working documents of the Internet Engineering 22 Task Force (IETF), its areas, and its working groups. Note that 23 other groups may also distribute working documents as Internet- 24 Drafts. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 The list of current Internet-Drafts can be accessed at 32 http://www.ietf.org/ietf/1id-abstracts.txt. 34 The list of Internet-Draft Shadow Directories can be accessed at 35 http://www.ietf.org/shadow.html. 37 This Internet-Draft will expire on April 8, 2007. 39 Copyright Notice 41 Copyright (C) The Internet Society (2006). 43 Abstract 45 In RFC 4113 and 4022 there is a set of objects that have some 46 outstanding issues. This document provides a short discussion of the 47 issues and how they can be addressed. 49 Table of Contents 51 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 52 2 Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 53 2.1 Process Objects . . . . . . . . . . . . . . . . . . . . . . 4 54 2.2 Instance Object . . . . . . . . . . . . . . . . . . . . . . 4 55 3 Suggested Approaches . . . . . . . . . . . . . . . . . . . . . 6 56 3.1 Process Objects . . . . . . . . . . . . . . . . . . . . . . 6 57 3.2 Instance Object . . . . . . . . . . . . . . . . . . . . . . 6 58 4 Process Information MIB Definitions . . . . . . . . . . . . . . 8 59 4.1 TCP Process Information MIB . . . . . . . . . . . . . . . . 8 60 4.2 UDP Process Information MIB . . . . . . . . . . . . . . . . 18 61 5 Security Considerations . . . . . . . . . . . . . . . . . . . . 26 62 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 27 63 Intellectual Property and Copyright Statements . . . . . . . . . . 28 65 1 Introduction 67 Between RFC 4113 and 4022 there are several objects that have unclear 68 behavior, or limited functionality on some platforms. Some updates 69 are needed in order to guarantee uniform behavior and functionality 70 across all entities implementing the RFCs. Specifically, the objects 71 in question are tcpConnectionProcess, tcpListenerProcess, 72 udpEndpointProcess (collectively referred to as Process objects) and 73 udpEndpointInstance (Instance object). 75 2 Issues 77 2.1 Process Objects 79 The Process objects are all described as the system process 80 associated with a particular connection. If the object has a non- 81 zero value, it is expected to correspond to a row in either HOST- 82 RESOURCES-MIB::hrSWRunIndex or SYSAPPL-MIB::sysApplElmRunIndex. An 83 object value of zero is used to identify cases where the connection 84 is not associated with a processes. 86 One of the usages for the Process objects is to track down 87 misbehaving applications. For example, if an administrator detects 88 unwanted data traffic that is sent to or from a machine under his/her 89 control, then the connection tuple could be located in either the TCP 90 or UDP connection tables. Since each entry in the table includes the 91 process id of the controlling application, the administrator can 92 force the application to stop. 94 Establishing a one-to-one association between processes and 95 connections works well on systems that only allow such behavior. 96 However, on certain platforms it is possible to have multiple 97 processes that share a single connection. An example of such 98 behavior can be seen in most UNIX environments, where a process 99 initially opens a new connection, and then uses the fork() system 100 call to create one or more child processes. Each of the child 101 processes will then have access to the connection opened by the 102 parent process. However, it would not be possible to report multiple 103 processes to the administrator using the current tables, which limits 104 the functionality. 106 2.2 Instance Object 108 The second issue is udpEndpointInstance, which is part of 109 udpEndpointTable. The table is defined in RFC 4113 and it contains 110 all connected and listening UDP endpoints. The entries in the table 111 are indexed using the connection tuple as well as an Instance object. 112 The Instance is used to distinguish between multiple identical UDP 113 endpoints, which might happen, for example, if multicast is used. 114 The assignment of instance values is implementation specific, and to 115 give flexibility for implementors, the description is very minimal. 116 Specifically, the description does not state if instance values can 117 be reused, or if the values should be allocated in any particular 118 order. In certain situations, the lack of such information can make 119 it hard for administrators to detect system issues. 121 To illustrate the issues, consider the following scenarios: 123 Scenario 1: Assume there is a process providing a service, and the 124 UDP endpoint associated with the service has an identifying tuple 125 A. Also, the system has assigned the endpoint an instance value of 126 x, and so the endpoint's index is A.x. An administrator wants to 127 ensure that the service is operating properly, and is doing so by 128 looking up A.x in udpEndpointTable at a regular interval. 129 However, the presence of A.x in udpEndpointTable does not 130 necessarily mean that the service is running properly. It could 131 be the case that the service is constantly restarting due to 132 errors, and the system is reusing the instance value x. 134 Scenario 2: Assume there are multiple UDP endpoints that are 135 receiving multicast packets from a specific sender. All the 136 endpoints will therefore have the same tuple, but different 137 instance values. However, the instance values do not give any 138 indication of how long the different endpoints have been active. 139 It would therefore be difficult to determine the status of the 140 different endpoints. 142 3 Suggested Approaches 144 3.1 Process Objects 146 Enumerating all processes associated with connections will be done by 147 introducing new tables. The tables are optional, and can be provided 148 by those platforms that want to extend the functionality of RFC 4022 149 and 4113. 151 RFC 4113 and 4022 define three connection tables: tcpConnectionTable, 152 tcpListenerTable, and udpEndpointTable, which are indexed using 153 connection tuples (the udpEndpointTable also uses the Instance 154 object, but we include that as part of the tuple in the following 155 discussion). For each connection table, we define two new tables: 156 (1) a Creation information table, and (2) a Process information 157 table, resulting in total of six new tables. 159 The Creation Information tables, which are indexed using connection 160 tuples, contains information about how and when a connection was 161 created. More specifically, it contains the id of the process that 162 created the connection, and when the creation event occurred. It is 163 possible for a connection to continue, even if the creating process 164 exits. For example, this could happen if the creating process was 165 sharing the connection with other processes. Therefore, unlike the 166 Process objects, the creator id does not have to correspond to a row 167 in HOST-RESOURCES-MIB::hrSWRunIndex or SYSAPPL- 168 MIB::sysApplElmRunIndex. The creation time can be used to determine 169 if the id corresponds to a running process. Also, the Creation 170 Information tables augment the existing connection tables, and 171 therefore share the same life-time properties. 173 The Process tables, which are indexed using the connection tuple and 174 the process id, are used to enumerate all active processes that are 175 associated with connections. For each process, a corresponding row 176 is expected to be available in either HOST-RESOURCES- 177 MIB::hrSWRunIndex or SYSAPPL-MIB::sysApplElmRunIndex, if those tables 178 are supported. Similarly, a connection tuple should only be present 179 in the Process tables if there is a corresponding row in 180 tcpConnectionTable, tcpListenerTable, or udpEndpointTable. 182 3.2 Instance Object 184 The basic description of the Instance object will remain as-is to 185 ensure flexibility for all implementations. However, in a future 186 update of RFC 4113, a clarification of the Instance object would be 187 provided by adding an example to the description. One possible 188 example would be: 190 "The instance value could be obtained from a counter that is 191 incremented each time a new UDP endpoint is created. Once the 192 counter wraps around, care must be taken to ensure that newly created 193 indexes are unique." 195 The issue regarding not being able to detect change is no longer a 196 problem, as long as the Creation Information tables are being used. 197 Detecting whether a change has occurred can then be done by examining 198 the creation time of the connection. 200 4 Process Information MIB Definitions 202 4.1 TCP Process Information MIB 204 TCP-PROC-MIB DEFINITIONS ::= BEGIN 206 IMPORTS 207 MODULE-IDENTITY, OBJECT-TYPE, Integer32, Unsigned32, 208 Gauge32, Counter32, Counter64, IpAddress, mib-2, TimeTicks 209 FROM SNMPv2-SMI 210 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF 211 InetAddress, InetAddressType, 212 InetPortNumber FROM INET-ADDRESS-MIB 213 tcpConnectionEntry, tcpListenerEntry 214 FROM TCP-MIB; 216 tcpProcMIB MODULE-IDENTITY 217 LAST-UPDATED "200610010000Z" 218 ORGANIZATION "IETF IPv6 Working Group" 219 CONTACT-INFO 220 "Alain Durand 221 Comcast Cable 222 1500 Market st 223 Philadelphia 224 PA 19102 USA 225 Email: alain_durand@cable.comcast.com 227 Anders Persson 228 SUN Microsystems inc. 229 17 Network Circle 230 Menlo Park 231 CA 94025 USA 232 Email: anders.persson@sun.com 234 Paul Schauer 235 Comcast Cable 236 183 Inverness Dr West 237 Englewood 238 CO 80112 USA 239 Email: paul_schauer@cable.comcast.com 241 David Thaler 242 Microsoft 243 One Microsoft Way 244 Redmond 245 WA 98052 USA 246 Email: dthaler@microsoft.com" 248 DESCRIPTION 249 "Test branch for proposed TCP connection process information 250 tables" 252 REVISION "200610010000Z" 253 DESCRIPTION 254 "Initial version" 256 ::= { mib-2 990 } 258 tcpProc OBJECT IDENTIFIER ::= { mib-2 992 } 260 -- 261 -- The proposed new TCP Connection Information table 262 -- 264 tcpConnectionInfoTable OBJECT-TYPE 265 SYNTAX SEQUENCE OF TcpConnectionInfoEntry 266 MAX-ACCESS not-accessible 267 STATUS current 268 DESCRIPTION 269 "A table containing additional information about existing TCP 270 connections. This table augments the existing 271 tcpConnectionTable by providing information for the process 272 that created the connection on the listed address/port, 273 not just the process currently associated with the 274 connection. This aids identifying processes sharing 275 connections on the same port." 277 ::= { tcpProc 1 } 279 tcpConnectionInfoEntry OBJECT-TYPE 280 SYNTAX TcpConnectionInfoEntry 281 MAX-ACCESS not-accessible 282 STATUS current 283 DESCRIPTION 284 "A conceptual row of the tcpConnectionInfoTable containing 285 information about a particular current TCP connection. 286 The addition of the tcpConnectionInfoCreatorPID and 287 tcpConnectionInfoProcessCreateTime data provides an operator 288 an explicit way to relate network connections with 289 running processes." 290 AUGMENTS { tcpConnectionEntry } 292 ::= { tcpConnectionInfoTable 1 } 294 TcpConnectionInfoEntry ::= SEQUENCE { 295 tcpConnectionInfoCreatorPID Unsigned32, 296 tcpConnectionInfoProcessCreateTime TimeTicks 297 } 299 tcpConnectionInfoCreatorPID OBJECT-TYPE 300 SYNTAX Unsigned32 301 MAX-ACCESS read-only 302 STATUS current 303 DESCRIPTION 304 "The system's process ID for the process that created 305 this connection, even if this process no longer exists 306 or is no longer associated with this connection." 308 ::= { tcpConnectionInfoEntry 1 } 310 tcpConnectionInfoProcessCreateTime OBJECT-TYPE 311 SYNTAX TimeTicks 312 MAX-ACCESS read-only 313 STATUS current 314 DESCRIPTION 315 "This field provides the time the process created the 316 connection on this port." 318 ::= { tcpConnectionInfoEntry 2 } 320 -- 321 -- The proposed new TCP Connection Process table 322 -- 324 tcpConnectionProcTable OBJECT-TYPE 325 SYNTAX SEQUENCE OF TcpConnectionProcEntry 326 MAX-ACCESS not-accessible 327 STATUS current 328 DESCRIPTION 329 "A table containing additional information about existing TCP 330 connections. This table delivers functionality 331 beyond the existing tcpConnectionTable 332 by providing an entry for each process that is associated 333 with the connection for operating systems that support this 334 functionality. An entry in the tcpConnectionTable implies 335 the existance of one or more entries in this table for the 336 connection, and vice-versa." 337 ::= { tcpProc 2 } 339 tcpConnectionProcEntry OBJECT-TYPE 340 SYNTAX TcpConnectionProcEntry 341 MAX-ACCESS not-accessible 342 STATUS current 343 DESCRIPTION 344 "A conceptual row of the tcpConnectionProcTable containing 345 information about a particular current TCP connection. 346 Each row of this table is transient in that it ceases to 347 exist when (or soon after) the parent connection that 348 created the connection exits." 349 INDEX { tcpConnectionProcLocalAddressType, 350 tcpConnectionProcLocalAddress, 351 tcpConnectionProcLocalPort, 352 tcpConnectionProcRemAddressType, 353 tcpConnectionProcRemAddress, 354 tcpConnectionProcRemPort, 355 tcpConnectionProcPID } 356 ::= { tcpConnectionProcTable 1 } 358 TcpConnectionProcEntry ::= SEQUENCE { 359 tcpConnectionProcLocalAddressType InetAddressType, 360 tcpConnectionProcLocalAddress InetAddress, 361 tcpConnectionProcLocalPort InetPortNumber, 362 tcpConnectionProcRemAddressType InetAddressType, 363 tcpConnectionProcRemAddress InetAddress, 364 tcpConnectionProcRemPort InetPortNumber, 365 tcpConnectionProcPID Unsigned32 366 } 368 tcpConnectionProcLocalAddressType OBJECT-TYPE 369 SYNTAX InetAddressType 370 MAX-ACCESS not-accessible 371 STATUS current 372 DESCRIPTION 373 "The address type of tcpConnectionProcLocalAddress." 374 ::= { tcpConnectionProcEntry 1 } 376 tcpConnectionProcLocalAddress OBJECT-TYPE 377 SYNTAX InetAddress 378 MAX-ACCESS not-accessible 379 STATUS current 380 DESCRIPTION 381 "The local IP address for this TCP connection. The type 382 of this address is determined by the value of 383 tcpConnectionProcLocalAddressType. 384 As this object is used in the index for the 385 tcpConnectionProcTable, implementors should be 386 careful not to create entries that would result in OIDs 387 with more than 128 subidentifiers; otherwise the information 388 cannot be accessed by using SNMPv1, SNMPv2c, or SNMPv3." 389 ::= { tcpConnectionProcEntry 2 } 391 tcpConnectionProcLocalPort OBJECT-TYPE 392 SYNTAX InetPortNumber 393 MAX-ACCESS not-accessible 394 STATUS current 395 DESCRIPTION 396 "The local port number for this TCP connection." 397 ::= { tcpConnectionProcEntry 3 } 399 tcpConnectionProcRemAddressType OBJECT-TYPE 400 SYNTAX InetAddressType 401 MAX-ACCESS not-accessible 402 STATUS current 403 DESCRIPTION 404 "The address type of tcpConnectionProcRemAddress." 405 ::= { tcpConnectionProcEntry 4 } 407 tcpConnectionProcRemAddress OBJECT-TYPE 408 SYNTAX InetAddress 409 MAX-ACCESS not-accessible 410 STATUS current 411 DESCRIPTION 412 "The remote IP address for this TCP connection. The type 413 of this address is determined by the value of 414 tcpConnectionInfoRemAddressType. 416 As this object is used in the index for the 417 tcpConnectionProcTable, implementors should be 418 careful not to create entries that would result in OIDs 419 with more than 128 subidentifiers; otherwise the information 420 cannot be accessed by using SNMPv1, SNMPv2c, or SNMPv3." 421 ::= { tcpConnectionProcEntry 5 } 423 tcpConnectionProcRemPort OBJECT-TYPE 424 SYNTAX InetPortNumber 425 MAX-ACCESS not-accessible 426 STATUS current 427 DESCRIPTION 428 "The remote port number for this TCP connection." 429 ::= { tcpConnectionProcEntry 6 } 431 tcpConnectionProcPID OBJECT-TYPE 432 SYNTAX Unsigned32 433 MAX-ACCESS read-only 434 STATUS current 435 DESCRIPTION 436 "The system's process ID for the process sharing 437 this connection. This process corresponds to a row 438 in HOST-RESOURCES-MIB::hrSWRunIndex and 439 SYSAPPL-MIB::sysApplElmRunIndex for operating systems 440 that support this functionality and the corresponding MIBs." 442 ::= { tcpConnectionProcEntry 8 } 444 -- The TCP Listener Information table 446 tcpListenerInfoTable OBJECT-TYPE 447 SYNTAX SEQUENCE OF TcpListenerInfoEntry 448 MAX-ACCESS not-accessible 449 STATUS current 450 DESCRIPTION 451 "A table containing additional information about existing TCP 452 listeners. This table augments the existing tcpListenerTable 453 by providing information for the process that created the 454 listener on the listed address/port, not just the 455 process currently associated with the listener. This 456 aids identifying multiple processes listening on the 457 same port." 458 ::= { tcpProc 3 } 460 tcpListenerInfoEntry OBJECT-TYPE 461 SYNTAX TcpListenerInfoEntry 462 MAX-ACCESS not-accessible 463 STATUS current 464 DESCRIPTION 465 "A conceptual row of the tcpListenerProcTable containing 466 information about a particular TCP listener." 467 AUGMENTS { tcpListenerEntry } 469 ::= { tcpListenerInfoTable 1 } 471 TcpListenerInfoEntry ::= SEQUENCE { 472 tcpListenerInfoCreatorPID Unsigned32, 473 tcpListenerInfoProcessCreateTime TimeTicks 474 } 476 tcpListenerInfoCreatorPID OBJECT-TYPE 477 SYNTAX Unsigned32 478 MAX-ACCESS read-only 479 STATUS current 480 DESCRIPTION 481 "The system's process ID for the process that created 482 this listener, even if this process no longer exists 483 or is no longer associated with this connection." 484 ::= { tcpListenerInfoEntry 1 } 486 tcpListenerInfoProcessCreateTime OBJECT-TYPE 487 SYNTAX TimeTicks 488 MAX-ACCESS read-only 489 STATUS current 490 DESCRIPTION 491 "This field provides the time the process started 492 listening on this port." 493 ::= { tcpListenerInfoEntry 2 } 495 -- The TCP Listener Process table 497 tcpListenerProcTable OBJECT-TYPE 498 SYNTAX SEQUENCE OF TcpListenerProcEntry 499 MAX-ACCESS not-accessible 500 STATUS current 501 DESCRIPTION 502 "A table containing additional information about existing 503 TCP listeners. This table delivers functionality beyond 504 the existing tcpListenerTable by providing an entry 505 for each process that is associated with the listener 506 for operating systems that support this functionality. 507 An entry in the tcpListenerTable implies the existance of 508 one or more entries in this table for the listener, and 509 vice-versa. A listening application can be represented 510 in three possible ways: 512 1. An application that is willing to accept both IPv4 and 513 IPv6 datagrams is represented by 514 a tcpListenerProcLocalAddressType of unknown (0) and 515 a tcpListenerProcLocalAddress of ''h (a zero-length 516 octet-string). 518 2. An application that is willing to accept only IPv4 or 519 IPv6 datagrams is represented by a 520 tcpListenerProcLocalAddressType of the appropriate 521 address type and a tcpListenerProcLocalAddress of 522 '0.0.0.0' or '::' respectively. 524 3. An application that is listening for data destined 525 only to a specific IP address, but from any remote 526 system, is represented by a 527 tcpListenerProcLocalAddressType of an appropriate 528 address type, with tcpListenerProcLocalAddress 529 as the specific local address. 531 NOTE: The address type in this table represents the 532 address type used for the communication, irrespective 533 of the higher-layer abstraction. For example, an 534 application using IPv6 'sockets' to communicate via 535 IPv4 between ::ffff:10.0.0.1 and ::ffff:10.0.0.2 would 536 use InetAddressType ipv4(1))." 537 ::= { tcpProc 4 } 539 tcpListenerProcEntry OBJECT-TYPE 540 SYNTAX TcpListenerProcEntry 541 MAX-ACCESS not-accessible 542 STATUS current 543 DESCRIPTION 544 "A conceptual row of the tcpListenerProcTable containing 545 information about a particular TCP listener." 546 INDEX { tcpListenerProcLocalAddressType, 547 tcpListenerProcLocalAddress, 548 tcpListenerProcLocalPort, 549 tcpListenerProcPID } 550 ::= { tcpListenerProcTable 1 } 552 TcpListenerProcEntry ::= SEQUENCE { 553 tcpListenerProcLocalAddressType InetAddressType, 554 tcpListenerProcLocalAddress InetAddress, 555 tcpListenerProcLocalPort InetPortNumber, 556 tcpListenerProcPID Unsigned32 557 } 559 tcpListenerProcLocalAddressType OBJECT-TYPE 560 SYNTAX InetAddressType 561 MAX-ACCESS not-accessible 562 STATUS current 563 DESCRIPTION 564 "The address type of tcpListenerProcLocalAddress. The value 565 should be unknown (0) if connection initiations to all 566 local IP addresses are accepted." 567 ::= { tcpListenerProcEntry 1 } 569 tcpListenerProcLocalAddress OBJECT-TYPE 570 SYNTAX InetAddress 571 MAX-ACCESS not-accessible 572 STATUS current 573 DESCRIPTION 574 "The local IP address for this TCP connection. 575 The value of this object can be represented in three 576 possible ways, depending on the characteristics of the 577 listening application: 579 1. For an application willing to accept both IPv4 and 580 IPv6 datagrams, the value of this object must be 581 ''h (a zero-length octet-string), with the value 582 of the corresponding tcpListenerProcLocalAddressType 583 object being unknown (0). 585 2. For an application willing to accept only IPv4 or 586 IPv6 datagrams, the value of this object must be 587 '0.0.0.0' or '::' respectively, with 588 tcpListenerProcLocalAddressType representing the 589 appropriate address type. 591 3. For an application which is listening for data 592 destined only to a specific IP address, the value 593 of this object is the specific local address, with 594 tcpListenerProcLocalAddressType representing the 595 appropriate address type. 597 As this object is used in the index for the 598 tcpListenerProcTable, implementors should be 599 careful not to create entries that would result in OIDs 600 with more than 128 subidentifiers; otherwise the information 601 cannot be accessed, using SNMPv1, SNMPv2c, or SNMPv3." 602 ::= { tcpListenerProcEntry 2 } 604 tcpListenerProcLocalPort OBJECT-TYPE 605 SYNTAX InetPortNumber 606 MAX-ACCESS not-accessible 607 STATUS current 608 DESCRIPTION 609 "The local port number for this TCP connection." 610 ::= { tcpListenerProcEntry 3 } 612 tcpListenerProcPID OBJECT-TYPE 613 SYNTAX Unsigned32 614 MAX-ACCESS read-only 615 STATUS current 616 DESCRIPTION 617 "The system's process ID for the process associated with 618 this listener." 619 ::= { tcpListenerProcEntry 4 } 621 -- compliance statements 622 tcpProcMIBConformance OBJECT IDENTIFIER ::= { tcpProcMIB 1 } 624 tcpProcMIBCompliances OBJECT IDENTIFIER ::= { tcpProcMIBConformance 1 } 625 tcpProcMIBGroup OBJECT IDENTIFIER ::= { tcpProcMIBConformance 2 } 627 tcpProcMIBConnectionCompliance MODULE-COMPLIANCE 628 STATUS current 629 DESCRIPTION 630 "The compliance statement for systems that implement the 631 TCP process MIB." 632 MODULE -- this module 633 MANDATORY-GROUPS { tcpProcInfoGroup } 634 GROUP tcpProcProcessGroup 635 DESCRIPTION 636 "This group should be implemented for operating systems that 637 support multiple processes sharing a single connection. It 638 is left as optional to accommodate operating systems that do 639 not provide sufficient information to express this data." 641 ::= { tcpProcMIBCompliances 1 } 643 tcpProcMIBListenerCompliance MODULE-COMPLIANCE 644 STATUS current 645 DESCRIPTION 646 "The compliance statement for systems that implement the 647 TCP process MIB." 648 MODULE -- this module 649 MANDATORY-GROUPS { tcpProcListenerInfoGroup } 650 GROUP tcpProcListenerProcessGroup 651 DESCRIPTION 652 "This group should be implemented for operating systems that 653 support multiple processes sharing a single listener. It is 654 left as optional to accommodate operating systems that do 655 not provide sufficient information to express this data." 657 ::= { tcpProcMIBCompliances 2 } 659 -- units of conformance 661 tcpProcInfoGroup OBJECT-GROUP 662 OBJECTS { tcpConnectionInfoCreatorPID, 663 tcpConnectionInfoProcessCreateTime } 664 STATUS current 665 DESCRIPTION 666 "The tcpProcInfoGroup providing basic information about 667 processes associated with a specific connection" 669 ::= { tcpProcMIBGroups 1 } 671 tcpProcProcessGroup OBJECT-GROUP 672 OBJECTS { tcpConnectionProcPID } 673 STATUS current 674 DESCRIPTION 675 "The tcpProcProcessGroup providing specific process 676 information about processes associated with a specific 677 connection." 679 ::= { tcpProcMIBGroups 2 } 681 tcpProcListenerInfoGroup OBJECT-GROUP 682 OBJECTS { tcpListenerInfoCreatorPID, 683 tcpListenerInfoProcessCreateTime } 684 STATUS current 685 DESCRIPTION 686 "The tcpProcListenerInfoGroup providing basic information 687 about processes associated with a specific listener." 689 ::= { tcpProcMIBGroups 3 } 691 tcpProcListenerProcessGroup OBJECT-GROUP 692 OBJECTS { tcpListenerProcPID } 693 STATUS current 694 DESCRIPTION 695 "The tcpProcListenerProcessGroup providing specific process 696 information about processes associated with a specific 697 listener." 699 ::= { tcpProcMIBGroups 4 } 700 END 702 4.2 UDP Process Information MIB 704 UDP-PROC-MIB DEFINITIONS ::= BEGIN 706 IMPORTS 707 MODULE-IDENTITY, OBJECT-TYPE, 708 Integer32, Counter32, Counter64, 709 TimeTicks, Unsigned32,IpAddress, 710 mib-2 FROM SNMPv2-SMI 712 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF 713 InetAddress, InetAddressType, 714 InetPortNumber FROM INET-ADDRESS-MIB 715 udpEndpointEntry 716 FROM UDP-MIB; 718 udpProcMIB MODULE-IDENTITY 719 LAST-UPDATED "200610010000Z" 720 ORGANIZATION "IETF IPv6 Working Group" 721 CONTACT-INFO 722 "Alain Durand 723 Comcast Cable 724 1500 Market st 725 Philadelphia 726 PA 19102 USA 727 Email: alain_durand@cable.comcast.com 729 Anders Persson 730 SUN Microsystems inc. 731 17 Network Circle 732 Menlo Park 733 CA 94025 USA 734 Email: anders.persson@sun.com 736 Paul Schauer 737 Comcast Cable 738 183 Inverness Dr West 739 Englewood 740 CO 80112 USA 741 Email: paul_schauer@cable.comcast.com 743 David Thaler 744 Microsoft 745 One Microsoft Way 746 Redmond 747 WA 98052 USA 748 Email: dthaler@microsoft.com" 750 DESCRIPTION 751 "Test branch for proposed UDP listener information tables" 753 REVISION "200610010000Z" 754 DESCRIPTION 755 "Initial version" 757 ::= { mib-2 994 } 759 udpProc OBJECT IDENTIFIER ::= { mib-2 996 } 761 -- 762 -- The proposed new UDP Endpoint Info table. 763 -- 765 udpEndpointInfoTable OBJECT-TYPE 766 SYNTAX SEQUENCE OF UdpEndpointInfoEntry 767 MAX-ACCESS not-accessible 768 STATUS current 769 DESCRIPTION 770 "A table containing additional information about existing UDP 771 endpoints. This table augments the existing udpEndpointTable 772 by providing information for the process that created the 773 endpoint on the listed address/port, not just the 774 process currently associated with the endpoint. This 775 aids identifying processes sharing connections on the same 776 port." 778 ::= { udpProc 1 } 780 udpEndpointInfoEntry OBJECT-TYPE 781 SYNTAX UdpEndpointInfoEntry 782 MAX-ACCESS not-accessible 783 STATUS current 785 DESCRIPTION 786 "The additional time field allows an operator to identify 787 when a partcular UDP endpoint came into existance." 789 AUGMENTS { udpEndpointEntry } 791 ::= { udpEndpointInfoTable 1 } 793 UdpEndpointInfoEntry ::= SEQUENCE { 794 udpEndpointInfoCreatorPID Unsigned32, 795 udpEndpointInfoProcessCreateTime TimeTicks 796 } 798 udpEndpointInfoCreatorPID OBJECT-TYPE 799 SYNTAX Unsigned32 800 MAX-ACCESS read-only 801 STATUS current 802 DESCRIPTION 803 "The system's process ID for the process that created 804 this endpoint, even if this process no longer exists 805 or is no longer associated with this connection." 807 ::= { udpEndpointInfoEntry 1 } 809 udpEndpointInfoProcessCreateTime OBJECT-TYPE 810 SYNTAX TimeTicks 811 MAX-ACCESS read-only 812 STATUS current 813 DESCRIPTION 814 "This field provides the time the process created the 815 endpoint on this port. 816 " 817 ::= { udpEndpointInfoEntry 2 } 819 -- 820 -- The proposed new UDP Endpoint process table. 822 -- 824 udpEndpointProcTable OBJECT-TYPE 825 SYNTAX SEQUENCE OF UdpEndpointProcEntry 826 MAX-ACCESS not-accessible 827 STATUS current 828 DESCRIPTION 829 "A table containing information about this entity's UDP 830 endpoints on which a local application is currently 831 accepting or sending datagrams. 832 This table delivers functionality beyond the existing 833 udpEndpointTable by providing an entry for each process that 834 creates a shared endpoint on the same port for operating systems 835 that support this functionality. An entry in the 836 udpEndpointTable implies the existance of one or more entries in 837 this table for the connection, and vice-versa." 839 ::= { udpProc 2 } 841 udpEndpointProcEntry OBJECT-TYPE 842 SYNTAX UdpEndpointProcEntry 843 MAX-ACCESS not-accessible 844 STATUS current 846 DESCRIPTION 847 "Information about a particular current UDP endpoint. 849 Implementers need to be aware that if the total number 850 of elements (octets or sub-identifiers) in 851 udpEndpointProcLocalAddress and udpEndpointProcRemoteAddress 852 exceeds 111, then OIDs of column instances in this table 853 will have more than 128 sub-identifiers and cannot be 854 accessed using SNMPv1, SNMPv2c, or SNMPv3." 855 INDEX { udpEndpointProcLocalAddressType, 856 udpEndpointProcLocalAddress, 857 udpEndpointProcLocalPort, 858 udpEndpointProcRemoteAddressType, 859 udpEndpointProcRemoteAddress, 860 udpEndpointProcRemotePort, 861 udpEndpointProcInstance, 862 udpEndpointProcPID 863 } 864 ::= { udpEndpointProcTable 1 } 866 UdpEndpointProcEntry ::= SEQUENCE { 867 udpEndpointProcLocalAddressType InetAddressType, 868 udpEndpointProcLocalAddress InetAddress, 869 udpEndpointProcLocalPort InetPortNumber, 870 udpEndpointProcRemoteAddressType InetAddressType, 871 udpEndpointProcRemoteAddress InetAddress, 872 udpEndpointProcRemotePort InetPortNumber, 873 udpEndpointProcInstance Unsigned32, 874 udpEndpointProcPID Unsigned32 875 } 877 udpEndpointProcLocalAddressType OBJECT-TYPE 878 SYNTAX InetAddressType 879 MAX-ACCESS not-accessible 880 STATUS current 881 DESCRIPTION 882 "The address type of udpEndpointProcLocalAddress. Only 883 IPv4, IPv4z, IPv6, and IPv6z addresses are expected, or 884 unknown(0) if datagrams for all local IP addresses are 885 accepted." 887 ::= { udpEndpointProcEntry 1 } 889 udpEndpointProcLocalAddress OBJECT-TYPE 890 SYNTAX InetAddress 891 MAX-ACCESS not-accessible 892 STATUS current 893 DESCRIPTION 894 "The local IP address for this UDP endpoint. 896 The value of this object can be represented in three 897 possible ways, depending on the characteristics of the 898 listening application: 900 1. For an application that is willing to accept both 901 IPv4 and IPv6 datagrams, the value of this object 902 must be ''h (a zero-length octet-string), with 903 the value of the corresponding instance of the 904 udpEndpointLocalAddressType object being unknown(0). 906 2. For an application that is willing to accept only IPv4 907 or only IPv6 datagrams, the value of this object 908 must be '0.0.0.0' or '::', respectively, while the 909 corresponding instance of the 910 udpEndpointLocalAddressType object represents the 911 appropriate address type. 913 3. For an application that is listening for data 914 destined only to a specific IP address, the value 915 of this object is the specific IP address for which 916 this node is receiving packets, with the 917 corresponding instance of the 918 udpEndpointLocalAddressType object representing the 919 appropriate address type. 921 As this object is used in the index for the 922 udpEndpointProcTable, implementors of this table should be 923 careful not to create entries that would result in OIDs 924 with more than 128 subidentifiers; else the information 925 cannot be accessed using SNMPv1, SNMPv2c, or SNMPv3." 927 ::= { udpEndpointProcEntry 2 } 929 udpEndpointProcLocalPort OBJECT-TYPE 930 SYNTAX InetPortNumber 931 MAX-ACCESS not-accessible 932 STATUS current 933 DESCRIPTION 934 "The local port number for this UDP endpoint." 936 ::= { udpEndpointProcEntry 3 } 938 udpEndpointProcRemoteAddressType OBJECT-TYPE 939 SYNTAX InetAddressType 940 MAX-ACCESS not-accessible 941 STATUS current 942 DESCRIPTION 943 "The address type of udpEndpointProcRemoteAddress. Only 944 IPv4, IPv4z, IPv6, and IPv6z addresses are expected, or 945 unknown(0) if datagrams for all remote IP addresses are 946 accepted. Also, note that some combinations of 947 udpEndpointProcLocalAddressType and 948 udpEndpointProcRemoteAddressType are not supported. In 949 particular, if the value of this object is not 950 unknown(0), it is expected to always refer to the 951 same IP version as udpEndpointProcLocalAddressType." 953 ::= { udpEndpointProcEntry 4 } 955 udpEndpointProcRemoteAddress OBJECT-TYPE 956 SYNTAX InetAddress 957 MAX-ACCESS not-accessible 958 STATUS current 959 DESCRIPTION 960 "The remote IP address for this UDP endpoint. If 961 datagrams from any remote system are to be accepted, 962 this value is ''h (a zero-length octet-string). 963 Otherwise, it has the type described by 964 udpEndpointProcRemoteAddressType and is the address of the 965 remote system from which datagrams are to be accepted 966 (or to which all datagrams will be sent). 968 As this object is used in the index for the 969 udpEndpointProcTable, implementors of this table should be 970 careful not to create entries that would result in OIDs 971 with more than 128 subidentifiers; else the information 972 cannot be accessed using SNMPv1, SNMPv2c, or SNMPv3." 974 ::= { udpEndpointProcEntry 5 } 976 udpEndpointProcRemotePort OBJECT-TYPE 977 SYNTAX InetPortNumber 978 MAX-ACCESS not-accessible 979 STATUS current 980 DESCRIPTION 981 "The remote port number for this UDP endpoint. If 982 datagrams from any remote system are to be accepted, 983 this value is zero." 985 ::= { udpEndpointProcEntry 6 } 987 udpEndpointProcInstance OBJECT-TYPE 988 SYNTAX Unsigned32 (1..'ffffffff'h) 989 MAX-ACCESS not-accessible 990 STATUS current 991 DESCRIPTION 992 "The instance of this tuple. This object is used to 993 distinguish among multiple processes 'connected' to 994 the same UDP endpoint. For example, on a system 995 implementing the BSD sockets interface, this would be 996 used to support the SO_REUSEADDR and SO_REUSEPORT 997 socket options." 999 ::= { udpEndpointProcEntry 7 } 1001 udpEndpointProcPID OBJECT-TYPE 1002 SYNTAX Unsigned32 1003 MAX-ACCESS read-only 1004 STATUS current 1005 DESCRIPTION 1006 "The system's process ID for the process associated with 1007 this endpoint. 1008 This value corresponds to a row in 1009 HOST-RESOURCES-MIB::hrSWRunIndex and SYSAPPL-MIB:: 1010 sysApplElmtRunIndex for operating systems that 1011 support this functionality and the corresponding MIBs." 1013 ::= { udpEndpointProcEntry 8 } 1015 -- compliance statements 1016 udpProcMIBConformance OBJECT IDENTIFIER ::= { udpProcMIB 1 } 1018 udpProcMIBCompliances OBJECT IDENTIFIER ::= { udpProcMIBConformance 1 } 1019 udpProcMIBGroup OBJECT IDENTIFIER ::= { udpProcMIBConformance 2 } 1021 udpProcMIBCompliance MODULE-COMPLIANCE 1022 STATUS current 1023 DESCRIPTION 1024 "The compliance statement for systems that implement the 1025 UDP Process MIB." 1026 MODULE -- this module 1027 MANDATORY-GROUPS { udpEndpointInfoGroup } 1028 GROUP udpEndpointProcessGroup 1029 DESCRIPTION 1030 "This group should be implemented for operating systems that 1031 support multiple listening processes sharing a single 1032 address/port. It is left as optional to accommodate 1033 operating systems that do not provide sufficient information 1034 to express this data." 1036 ::= { udpProcMIBCompliances 1 } 1038 -- units of conformance 1040 udpEndpointInfoGroup OBJECT-GROUP 1041 OBJECTS { udpEndpointInfoCreatorPID, 1042 udpEndpointInfoProcessCreateTime } 1043 STATUS current 1044 DESCRIPTION 1045 "" 1046 ::= { udpProcMIBGroups 1 } 1048 udpEndpointProcessGroup OBJECT-GROUP 1049 OBJECTS { udpEndpointProcPID } 1050 STATUS current 1051 DESCRIPTION 1052 "" 1053 ::= { udpProcMIBGroups 2 } 1055 END 1056 5 Security Considerations 1058 The security considerations discussed in RFC 4113 and RFC 4022 apply 1059 here. 1061 Authors' Addresses 1063 Anders Persson 1064 SUN Microsystems Inc. 1065 17 Network Circle 1066 Menlo Park, CA 94025 1067 USA 1069 Email: anders.persson@sun.com 1071 Paul Schauer 1072 Comcast 1073 183 Inverness Dr West 1074 Englewood, CO 80112 1075 USA 1077 Email: Paul_Schauer@cable.comcast.com 1079 Alain Durand 1080 Comcast 1081 1500 Market St 1082 Philadelphia, PA 19102 1083 USA 1085 Email: Alain_Durand@cable.comcast.com 1087 Dave Thaler 1088 Microsoft 1089 One Microsoft Way 1090 Redmond, WA 98052 1091 USA 1093 Email: dthaler@microsoft.com 1095 Full Copyright Statement 1097 Copyright (C) The Internet Society (2006). 1099 This document is subject to the rights, licenses and restrictions 1100 contained in BCP 78, and except as set forth therein, the authors 1101 retain all their rights. 1103 This document and the information contained herein are provided on an 1104 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 1105 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET 1106 ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, 1107 INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE 1108 INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 1109 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 1111 Intellectual Property 1113 The IETF takes no position regarding the validity or scope of any 1114 Intellectual Property Rights or other rights that might be claimed to 1115 pertain to the implementation or use of the technology described in 1116 this document or the extent to which any license under such rights 1117 might or might not be available; nor does it represent that it has 1118 made any independent effort to identify any such rights. Information 1119 on the procedures with respect to rights in RFC documents can be 1120 found in BCP 78 and BCP 79. 1122 Copies of IPR disclosures made to the IETF Secretariat and any 1123 assurances of licenses to be made available, or the result of an 1124 attempt made to obtain a general license or permission for the use of 1125 such proprietary rights by implementers or users of this 1126 specification can be obtained from the IETF on-line IPR repository at 1127 http://www.ietf.org/ipr. 1129 The IETF invites any interested party to bring to its attention any 1130 copyrights, patents or patent applications, or other proprietary 1131 rights that may cover technology that may be required to implement 1132 this standard. Please address the information to the IETF at 1133 ietf-ipr@ietf.org. 1135 Acknowledgment 1137 Funding for the RFC Editor function is provided by the IETF 1138 Administrative Support Activity (IASA).