Tech-invite3GPPspaceIETFspace
959493929190898887868584838281807978777675747372717069686766656463626160595857565554535251504948474645444342414039383736353433323130292827262524232221201918171615141312111009080706050403020100
in Index   Prev   Next

RFC 1592

Simple Network Management Protocol Distributed Protocol Interface Version 2.0

Pages: 54
Experimental
Obsoletes:  1228
Part 1 of 3 – Pages 1 to 10
None   None   Next

Top   ToC   RFC1592 - Page 1
Network Working Group                                          B. Wijnen
Request for Comments: 1592                                  G. Carpenter
Obsoletes: 1228                   T.J. Watson Research Center, IBM Corp.
Category: Experimental                                         K. Curran
                                                               A. Sehgal
                                                               G. Waters
                                            Bell Northern Research, Ltd.
                                                              March 1994


                   Simple Network Management Protocol
                     Distributed Protocol Interface
                              Version 2.0

Status of this Memo

   This memo defines an Experimental Protocol for the Internet
   community.  This memo does not specify an Internet standard of any
   kind.  Discussion and suggestions for improvement are requested.
   Distribution of this memo is unlimited.

Table of Contents

     1. INTRODUCTION  . . . . . . . . . . . . . . . . . . . . . . . .  2
     1.1  Motivation  . . . . . . . . . . . . . . . . . . . . . . . .  3
     1.2  Summary of Changes  . . . . . . . . . . . . . . . . . . . .  4
     2. THEORY OF OPERATION . . . . . . . . . . . . . . . . . . . . .  5
     2.1  Connection Establishment and Termination  . . . . . . . . .  5
     2.2  Registration  . . . . . . . . . . . . . . . . . . . . . . .  6
     2.3  Normal Operation  . . . . . . . . . . . . . . . . . . . . .  6
     2.4  DPI Architecture  . . . . . . . . . . . . . . . . . . . . .  6
     3. SNMP DPI PROTOCOL . . . . . . . . . . . . . . . . . . . . .   10
     3.1  Connection Establishment  . . . . . . . . . . . . . . . .   10
     3.1.1  SNMP PDU to GET the Agent's DPI port  . . . . . . . . .   11
     3.1.2  SNMP PDU Containing the RESPONSE to the GET   . . . . .   13
     3.2  SNMP DPI Packet Formats   . . . . . . . . . . . . . . . .   15
     3.2.1  DPI Packet Header   . . . . . . . . . . . . . . . . . .   15
     3.2.2  OPEN  . . . . . . . . . . . . . . . . . . . . . . . . .   16
     3.2.3  CLOSE   . . . . . . . . . . . . . . . . . . . . . . . .   18
     3.2.4  ARE_YOU_THERE   . . . . . . . . . . . . . . . . . . . .   19
     3.2.5  REGISTER  . . . . . . . . . . . . . . . . . . . . . . .   20
     3.2.6  UNREGISTER  . . . . . . . . . . . . . . . . . . . . . .   22
     3.2.7  GET   . . . . . . . . . . . . . . . . . . . . . . . . .   23
     3.2.8  GETNEXT   . . . . . . . . . . . . . . . . . . . . . . .   24
     3.2.9  GETBULK   . . . . . . . . . . . . . . . . . . . . . . .   25
     3.2.10  SET, COMMIT and UNDO   . . . . . . . . . . . . . . . .   26
     3.2.11  RESPONSE   . . . . . . . . . . . . . . . . . . . . . .   29
     3.2.12  TRAP   . . . . . . . . . . . . . . . . . . . . . . . .   31
     3.3  Constants and Values  . . . . . . . . . . . . . . . . . .   33
Top   ToC   RFC1592 - Page 2
     3.3.1  Protocol Version and Release Values   . . . . . . . . .   33
     3.3.2  Packet Type Values  . . . . . . . . . . . . . . . . . .   34
     3.3.3  Variable Type Values  . . . . . . . . . . . . . . . . .   35
     3.3.4  Value Representation  . . . . . . . . . . . . . . . . .   36
     3.3.5  Character set selection   . . . . . . . . . . . . . . .   36
     3.3.6  Error Code Values for SNMP DPI RESPONSE packets   . . .   37
     3.3.7  UNREGISTER Reason Codes   . . . . . . . . . . . . . . .   40
     3.3.8  CLOSE Reason Codes  . . . . . . . . . . . . . . . . . .   41
     4. DPI 2.0 MIB DEFINITION  . . . . . . . . . . . . . . . . . .   41
     5. SUBAGENT CONSIDERATIONS . . . . . . . . . . . . . . . . . .   42
     5.1  DPI API   . . . . . . . . . . . . . . . . . . . . . . . .   43
     5.2  Overview of Request Processing  . . . . . . . . . . . . .   44
     5.2.1  GET Processing  . . . . . . . . . . . . . . . . . . . .   44
     5.2.2  SET Processing  . . . . . . . . . . . . . . . . . . . .   44
     5.2.3  GETNEXT Processing  . . . . . . . . . . . . . . . . . .   46
     5.2.4  GETBULK Processing  . . . . . . . . . . . . . . . . . .   47
     5.2.5  OPEN Request  . . . . . . . . . . . . . . . . . . . . .   48
     5.2.6  CLOSE Request   . . . . . . . . . . . . . . . . . . . .   49
     5.2.7  REGISTER Request  . . . . . . . . . . . . . . . . . . .   49
     5.2.8  UNREGISTER Request  . . . . . . . . . . . . . . . . . .   50
     5.2.9  TRAP Request  . . . . . . . . . . . . . . . . . . . . .   51
     5.2.10  ARE_YOU_THERE request  . . . . . . . . . . . . . . . .   51
     5.2.11  How to query the DPI port.   . . . . . . . . . . . . .   51
     6. REFERENCES  . . . . . . . . . . . . . . . . . . . . . . . .   51
     7. SECURITY CONSIDERATIONS . . . . . . . . . . . . . . . . . .   52
     8. AUTHORS' ADDRESSES  . . . . . . . . . . . . . . . . . . . .   53
     9. SAMPLE SOURCES FOR ANONYMOUS FTP  . . . . . . . . . . . . .   54

1.  INTRODUCTION

   This RFC describes version 2.0 of a protocol that International
   Business Machines Corporation (IBM) has been implementing in most of
   its SNMP agents to allow dynamic extension of supported MIBs.  Bell
   Northern Research (BNR) has also implemented a version of this
   protocol in some of its SNMP agents for the same reason.

   The Simple Network Management Protocol (SNMP [1]) Distributed
   Protocol Interface (DPI) is an extension to SNMP agents that permits
   end-users to dynamically add, delete or replace management variables
   in the local Management Information Base without requiring
   recompilation of the SNMP agent.  This is achieved by writing a so-
   called sub-agent that communicates with the agent via the SNMP-DPI.

   For the author of a sub-agent, the SNMP-DPI eliminates the need to
   know the details of ASN.1 [2] or SNMP PDU (Protocol Data Unit)
   encoding/decoding [1, 3].

   Versions 1.0 and 1.1 of this protocol have been in use within IBM
Top   ToC   RFC1592 - Page 3
   since 1989 and is included in the SNMP agents for VM, MVS and OS/2.
   Version 1.2 of this protocol has been in use within BNR since 1992.

1.1  MOTIVATION

   The Simple Network Management Protocol [1] defines a protocol that
   permits operations on a collection of variables.  This set of
   variables is called the Management Information Base (MIB) and a core
   set of variables has previously been defined [4, 5]; however, the
   design of the MIB makes provision for extension of this core set.
   Thus, an enterprise or individual can define variables of their own
   which represent information of use to them.  An example of a
   potentially interesting variable which is not in the core MIB would
   be CPU utilization (percent busy).  Unfortunately, conventional SNMP
   agent implementations provide no means for an end-user to make
   available new variables.

   Besides this, today there are many MIBs that people want to implement
   on a system.  Without a capability for sub-agents, this requires all
   the MIBs to be implemented in one big monolithic agent, which is in
   many cases undesirable.

   The SNMP DPI addresses these issues by providing a light-weight
   mechanism by which a process can register the existence of a MIB
   variable or a MIB sub-tree with the SNMP agent.  Requests for the
   variable(s) that are received by the SNMP agent are passed to the
   process acting as a sub-agent.  The sub-agent then returns an
   appropriate answer to the SNMP agent.  The SNMP agent eventually
   packages an SNMP response packet and sends the answer back to the
   remote network management station that initiated the request.

   Remote network management stations have no knowledge that the SNMP
   agent calls on other processes to obtain an answer.  As far as they
   can tell, there is only one network management application (agent)
   running on the host.

   At the San Diego IETF (March 1992) a BOF was held on multiplexing
   SNMP agent's requirements.  Both the SMUX [6] and DPI [7] protocols
   were discussed, as well as other unpublished approaches.  There was
   also discussion regarding a need for a standard for multiplexing SNMP
   agents or sub-agent support.  At the end of the BOF, however, there
   was not enough support for defining a standard.  This was due, at
   least partially, to a few well known SNMP authors who stated that the
   proxy and party support for SNMPv2 (SMP at the time) would solve the
   problem.
Top   ToC   RFC1592 - Page 4
   Nevertheless, questions continue to be raised about sub-agent support
   (both in SNMP and SNMP2 mail lists) in spite of both SNMPv2 [8] being
   on the standard's track and SMUX being changed to a historic RFC.
   Furthermore, within IBM and BNR we continue to see a substantial and
   expanding use of the DPI protocol.  with positive results.

   Therefore, we believe that there is a place for a sub-agent protocol
   and we again offer this new version as an experimental protocol.  We
   encourage people to try it and send us feedback.  Depending on that
   feedback, we may decide to try to get onto the standards track at a
   later time.

   During discussions about sub-agent interfaces at the San Diego BOF it
   also became clear that we should reduce the focus on the API for the
   sub-agent programmers.  This RFC, therefore, specifies only the
   protocol to distribute SNMP requests from the main SNMP agent to the
   sub-agents.  Programmers can build one or more Programming APIs on
   top of that protocol as needed, and sample API code is available from
   the authors of this document.

1.2  SUMMARY OF CHANGES

   The following changes have been made since the initial definition of
   SNMP-DPI [7].  Some of these resulted from comparing the SMUX [6] and
   DPI [7] protocols.

     o   Documentation changes to cleanup and be more specific in some
         areas.  Among other things, this includes:

         -   Defining that integers are in network byte order
         -   Defining the character set used for strings
         -   Defining how DisplayStrings are handled.
         -   Including DPI20 MIB definition.

     o   Removal of the Programming API from the document.

     o   Addition of new DPI packet types:

         -   SNMP_DPI_OPEN for a sub-agent to open a "connection" with
             the DPI SNMP capable agent.  The sub-agent must now
             identify itself and optionally provide a "password" for the
             connection.
         -   SNMP_DPI_CLOSE for the agent or sub-agent to close the
             connection in a graceful way.
         -   SNMP_DPI_ARE_YOU_THERE for the sub-agent to verify that the
             agent still knows about the sub-agent.
         -   SNMP_DPI_UNREGISTER for the agent or sub-agent to terminate
             the registration of a MIB variable or MIB sub-tree.
Top   ToC   RFC1592 - Page 5
         -   SNMP_DPI_COMMIT which instructs the sub-agent to actually
             commit a previous SNMP_DPI_SET request.  This, together
             with the UNDO, allows DPI sub-agents to be compliant with
             SNMP in the sense that we can now handle the "as if
             simultaneous" requirement.
         -   SNMP_DPI_UNDO which instructs the sub-agent to UNDO a SET
             or COMMIT if such is needed.

     o   Changes to DPI packets:

         -   Multiple varBinds can now be exchanged in one DPI packet
             (for GET, GETNEXT, SET, TRAP).  The sub-agent can specify
             the maximum it wants to handle per packet.
         -   The packet headers now contain a packet-ID (similar to SNMP
             request ID in SNMP PDU).  This allows to match RESPONSE
             packets to REQUESTS, which is important for UDP based
             DPI-connections.
         -   The SNMP_DPI_REGISTER packet has new fields for time_out
             and for requested priority.
         -   The SNMP_DPI_TRAP packet allows to specify an enterprise
             OID.  In addition, the generic and specific trap types are
             now 4 octets, so that we can pass the types correctly.
         -   In general, the packets have a more consistent layout.

     o   The agent now sends a RESPONSE to a REGISTER request

     o   Addition of SNMPv2 error codes and value types.

2.  THEORY OF OPERATION

2.1  CONNECTION ESTABLISHMENT AND TERMINATION

   Communication between the SNMP Agent and its clients (sub-agents)
   takes place via a communication mechanism.  The communication type
   can be either a logical stream connection (via TCP, for instance) or
   an unreliable datagram connection (UDP, for instance).  It should be
   noted that other stream oriented transport communication mechanisms
   can also be used.  For example, the VM SNMP agent allows DPI
   connections over IUCV (Inter-User Communications Vehicle) [9, 10].
   Other than the connection establishment procedure, the protocol used
   is identical in these environments.

   In Unix the number of processes is limited by the number of file-
   descriptors that can be opened.  Since each TCP socket represents a
   file-descriptor, restricting SNMP-DPI protocol to TCP only
   connections would limit the number of sub-agents an agent could
   support.  As a result, the some SNMP-DPI agents support both TCP and
   UDP socket type communication mechanisms for the SNMP-DPI protocol.
Top   ToC   RFC1592 - Page 6
   Please note that in the following portion of this text the SNMP-DPI
   agent is referred simply as the agent.

   Once the transport connection has been set up, the sub-agent must
   also initialize the logical connection with the agent.  To do so it
   issues an OPEN request to the agent in which the sub-agent uniquely
   identifies itself and passes some other parameters to the agent, such
   as, the maximum number of varBinds per interaction it is prepared to
   handle, and the timeout the agent should use when waiting for a
   response from the sub-agent.

   When the sub-agent prepares to stop or cease operations, it first
   issues a CLOSE to shut down the logical connection with the agent,
   and then closes the transport connection.

2.2  REGISTRATION

   A sub-agent supports a collection of MIB variables or object
   identifiers (object IDs) that constitute its MIB (sub)tree.  Each of
   these object IDs consists of a group ID and an instance ID.  The
   group ID is the root of the sub-agent's MIB tree that it supports and
   the point of registration to the agent's MIB tree.  The instance ID
   is the piece of the Object Identifier that follows the group ID
   (registration point), so it is not an instance in the terms of the
   SNMP definition of an instance.

   Regardless of the transport mechanism used, after establishing a
   connection to the agent, the sub-agent registers a branch (group ID)
   to the Agent's MIB tree.  With the registration request, the sub-
   agent passes some parameters, such as, requested priority and a
   timeout value for this specific sub-tree.

   The agent sends back a response to indicate success or failure of the
   registration request.

2.3  NORMAL OPERATION

   Once the sub-agent has set up both the physical and logical
   connection to the agent, and once it has successfully registered the
   sub-tree(s) of the MIB(s) that it supports, it waits for requests
   from the SNMP agent or generates traps as required.

2.4  DPI ARCHITECTURE

   These are the requests that can be initiated by the SNMP agent:

       GET, GETNEXT, GETBULK, SET, COMMIT, UNDO, UNREGISTER, and CLOSE.
Top   ToC   RFC1592 - Page 7
   The first four of these correspond directly to SNMP requests that a
   network management station can make (By default a GETBULK request
   will be translated into multiple GETNEXT requests by the agent, but a
   sub-agent may request that the GETBULK be passed to it).  The COMMIT,
   UNDO, UNREGISTER, ARE_YOU_THERE and CLOSE requests are specific
   SNMP-DPI requests.  The sub-agent normally responds to a request with
   a RESPONSE packet.  The CLOSE request is an exception for which the
   sub-agent only closes the physical connection.

   These are the requests that can be initiated by a sub-agent:

       OPEN, REGISTER, TRAP, UNREGISTER, ARE_YOU_THERE and CLOSE.

   The agent responds to OPEN, REGISTER, UNREGISTER and ARE_YOU_THERE
   with a RESPONSE packet.  The TRAP packet is just accepted and
   forwarded by the agent without returning any information to the sub-
   agent.  The CLOSE packet is also just accepted by the agent upon
   which it closes the physical connection.

   See Figure 1 for an overview of the DPI packet flow.
Top   ToC   RFC1592 - Page 8
     -------------------------------------------------------------------

     *---------------------------------*
     |                                 |
     |  SNMP Network                   |
     |  Management Station             |
     |                                 |
     |---------------------------------|
     |  SNMP Protocol                  |
     *---------------------------------*
           A      | Get         A
           |      | GetNext     |  GetResponse
      Trap |      | GetBulk     |
           |      | Set         |
           |      V             |
     *------------------------------*             *-------------------*
     |     SNMP Protocol            |             |   DPI Interface   |
     |------------------------------|  Response   |    *--------------|
     |                       |      |<----------->|    |              |
     |                       |      |             |    |              |
     |    SNMP Agent         |      |             |    |              |
     |                       |      | Get,GetNext |    |              |
     |                       |      | (GetBulk)   |    |   Client     |
     |                       |      | Set,Commit  |    |              |
     |     A     *-----------+->    |  Undo       |    |              |
     |     |     | Get/Set   |      |------------>|    |     or       |
     | Trap|     | info      |      |             |    |              |
     |     |     |           | SNMP |             |    |              |
     |-----+-----+-------*   |      |  trap       |    |   SNMP       |
     |     |     V       |   | DPI  |<------------|    |   Sub-Agent  |
     |                   |   |      |             |    |              |
     | Statically Linked |   |      |             |    |              |
     | Instrumentation   |   |      |             |    |              |
     |   (like MIB II)   |   |      |             |    |              |
     |                   |   |      |   close     |    |              |
     |       A           |   |      | unregister  |    |              |
     |-------+-----------|   |      |<----------->|    |              |
     |       V           |   |      |             |    |              |
     |                   |   |      |             |    |              |
     |                   |   |      | AreYouThere |    |              |
     | TCP/IP layers     |   |      |    open     |    |              |
     | Kernel            |   |      |  register   |    |              |
     |                   |   |      |<------------|    |              |
     *------------------------------*             *-------------------*

     -------------------------------------------------------------------
     Figure 1. SNMP DPI overview
Top   ToC   RFC1592 - Page 9
     Remarks for Figure 1:

     o   The SNMP agent communicates with the SNMP manager via the
         standard SNMP protocol.
     o   The SNMP agent communicates with some statically linked-in
         instrumentation (potentially for the MIB II), which in turn
         talks to the TCP/IP layers and kernel (operating system) in an
         implementation-dependent manner.
     o   An SNMP sub-agent, running as a separate process (potentially
         on another machine), can set up a connection with the agent.
         The sub-agent has an option to communicate with the SNMP agent
         through UDP or TCP sockets, or even through other mechanisms.
     o   Once the connection is established, the sub-agent issues a DPI
         OPEN and one or more REGISTER requests to register one or more
         MIB sub-trees with the SNMP agent.
     o   The SNMP agent responds to DPI OPEN and REGISTER requests with
         a RESPONSE packet, indicating success or failure.
     o   The SNMP agent will decode SNMP packets.
         If such a packet contains a Get or GetNext request for an
         object in a sub-tree registered by a sub-agent, it sends a
         corresponding DPI packet to the sub-agent.
         If the request is for a GetBulk, then the agent translates it
         into multiple DPI GETNEXT packets and sends those to the
         sub-agent.  However, the sub-agent can request (in the REGISTER
         packet) that a GETBULK be passed to the sub-agent.
         If the request is for a Set, then the agent uses a 2-phase
         commit scheme and sends the sub-agent a sequence of SET/COMMIT,
         SET/UNDO or SET/COMMIT/UNDO DPI packets.
     o   The SNMP sub-agent sends responses back via a RESPONSE packet.
     o   The SNMP agent then encodes the reply into an SNMP packet and
         sends it back to the requesting SNMP manager.
     o   If the sub-agent wants to report an important state change, it
         sends a DPI TRAP packet to the SNMP agent which will encode it
         into an SNMP trap packet and send it to the manager(s).
     o   If the sub-agent wants to stop operations, it sends a DPI
         UNREGISTER and a DPI CLOSE packet to the agent.  The agent
         sends a response to an UNREGISTER request.
     o   There is no RESPONSE to a CLOSE, the agent just closes the DPI
         connection.  A CLOSE implies an UNREGISTER for all
         registrations that exist for the DPI connection being CLOSED.
     o   An agent can send DPI UNREGISTER (if a higher priority
         registration comes in or for other reasons) to the sub-agent,
         the sub-agent then responds with a DPI RESPONSE packet.
     o   An agent can also (for whatever reason) send a DPI CLOSE to
         indicate it is terminating the DPI connection.
     o   A sub-agent can send an ARE_YOU_THERE to verify that the
         "connection" is still open. If so, the agent sends a RESPONSE
         with no error, otherwise, it may send a RESPONSE with an error
Top   ToC   RFC1592 - Page 10
         indication, or not react at all.



(page 10 continued on part 2)

Next Section