RFC 2021
Remote Network Monitoring Management Information Base Version 2 using SMIv2
MIB whose value of eventCommunity is equal to the value of
this object. Every time an associated event entry sends a
trap due to an event, that trap will be sent to each
address in the trapDestTable with a trapDestCommunity equal to
eventCommunity.
This object may not be modified if the associated
trapDestStatus object is equal to active(1)."
::= { trapDestEntry 2 }
trapDestProtocol OBJECT-TYPE
SYNTAX INTEGER {
ip(1),
ipx(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The protocol with which to send this trap."
::= { trapDestEntry 3 }
trapDestAddress OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The address to send traps on behalf of this entry.
If the associated trapDestProtocol object is equal to ip(1),
the encoding of this object is the same as the snmpUDPAddress
textual convention in [RFC1906]:
-- for a SnmpUDPAddress of length 6:
--
-- octets contents encoding
-- 1-4 IP-address network-byte order
-- 5-6 UDP-port network-byte order
If the associated trapDestProtocol object is equal to ipx(2),
the encoding of this object is the same as the snmpIPXAddress
textual convention in [RFC1906]:
-- for a SnmpIPXAddress of length 12:
--
-- octets contents encoding
-- 1-4 network-number network-byte order
-- 5-10 physical-address network-byte order
-- 11-12 socket-number network-byte order
This object may not be modified if the associated
trapDestStatus object is equal to active(1)."
::= { trapDestEntry 4 }
trapDestOwner OBJECT-TYPE
SYNTAX OwnerString
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The entity that configured this entry and is
therefore using the resources assigned to it."
::= { trapDestEntry 5 }
trapDestStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this trap destination entry.
An entry may not exist in the active state unless all
objects in the entry have an appropriate value."
::= { trapDestEntry 6 }
-- Serial Connection Table
--
-- The device may communicate with a management station using
-- SLIP. In order for the device to send traps via SLIP, it must
-- be able to initiate a connection over the serial interface. The
-- serialConnectionTable stores the parameters for such connection
-- initiation.
serialConnectionTable OBJECT-TYPE
SYNTAX SEQUENCE OF SerialConnectionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A list of serialConnectionEntries."
::= { probeConfig 14 }
serialConnectionEntry OBJECT-TYPE
SYNTAX SerialConnectionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configuration for a SLIP link over a serial line."
INDEX { serialConnectIndex }
::= { serialConnectionTable 1 }
SerialConnectionEntry ::= SEQUENCE {
serialConnectIndex Integer32,
serialConnectDestIpAddress IpAddress,
serialConnectType INTEGER,
serialConnectDialString ControlString,
serialConnectSwitchConnectSeq ControlString,
serialConnectSwitchDisconnectSeq ControlString,
serialConnectSwitchResetSeq ControlString,
serialConnectOwner OwnerString,
serialConnectStatus RowStatus
}
serialConnectIndex OBJECT-TYPE
SYNTAX Integer32 (1..65535)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A value that uniquely identifies this serialConnection
entry."
::= { serialConnectionEntry 1 }
serialConnectDestIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IP Address that can be reached at the other end of this
serial connection.
This object may not be modified if the associated
serialConnectStatus object is equal to active(1)."
::= { serialConnectionEntry 2 }
serialConnectType OBJECT-TYPE
SYNTAX INTEGER {
direct(1),
modem(2),
switch(3),
modemSwitch(4)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of outgoing connection to make. If this object
has the value direct(1), then a direct serial connection
is assumed. If this object has the value modem(2),
then serialConnectDialString will be used to make a modem
connection. If this object has the value switch(3),
then serialConnectSwitchConnectSeq will be used to establish
the connection over a serial data switch, and
serialConnectSwitchDisconnectSeq will be used to terminate
the connection. If this object has the value
modem-switch(4), then a modem connection will be made first
followed by the switch connection.
This object may not be modified if the associated
serialConnectStatus object is equal to active(1)."
DEFVAL { direct }
::= { serialConnectionEntry 3 }
serialConnectDialString OBJECT-TYPE
SYNTAX ControlString (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"A control string which specifies how to dial the phone
number in order to establish a modem connection. The
string should include dialing prefix and suffix. For
example: ``^s^MATD9,888-1234^M'' will instruct the Probe
to send a carriage return followed by the dialing prefix
``ATD'', the phone number ``9,888-1234'', and a carriage
return as the dialing suffix.
This object may not be modified if the associated
serialConnectStatus object is equal to active(1)."
::= { serialConnectionEntry 4 }
serialConnectSwitchConnectSeq OBJECT-TYPE
SYNTAX ControlString (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"A control string which specifies how to establish a
data switch connection.
This object may not be modified if the associated
serialConnectStatus object is equal to active(1)."
::= { serialConnectionEntry 5 }
serialConnectSwitchDisconnectSeq OBJECT-TYPE
SYNTAX ControlString (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"A control string which specifies how to terminate a
data switch connection.
This object may not be modified if the associated
serialConnectStatus object is equal to active(1)."
::= { serialConnectionEntry 6 }
serialConnectSwitchResetSeq OBJECT-TYPE
SYNTAX ControlString (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"A control string which specifies how to reset a data
switch in the event of a timeout.
This object may not be modified if the associated
serialConnectStatus object is equal to active(1)."
::= { serialConnectionEntry 7 }
serialConnectOwner OBJECT-TYPE
SYNTAX OwnerString
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The entity that configured this entry and is
therefore using the resources assigned to it."
::= { serialConnectionEntry 8 }
serialConnectStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this serialConnectionEntry.
If the manager attempts to set this object to active(1) when
the serialConnectType is set to modem(2) or modem-switch(4)
and the serialConnectDialString is a zero-length string or
cannot be correctly parsed as a ConnectString, the set
request will be rejected with badValue(3).
If the manager attempts to set this object to active(1) when
the serialConnectType is set to switch(3) or modem-switch(4)
and the serialConnectSwitchConnectSeq,
the serialConnectSwitchDisconnectSeq, or
the serialConnectSwitchResetSeq are zero-length strings
or cannot be correctly parsed as ConnectStrings, the set
request will be rejected with badValue(3).
An entry may not exist in the active state unless all
objects in the entry have an appropriate value."
::= { serialConnectionEntry 9 }
--
-- Extensions to the RMON 1 MIB for RMON 2 devices
--
-- These extensions include the standard LastCreateTime Textual
-- Convention for all control tables, as well as an augmentation of
-- the filter entry that provides variable-length offsets into
-- packets.
-- Each of the following, except for filterDroppedFrames, is a
-- read-only object which, if implemented, automatically appears when
-- the RMON1 row it is associated with is created.
etherStats2Table OBJECT-TYPE
SYNTAX SEQUENCE OF EtherStats2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
::= { statistics 4 }
etherStats2Entry OBJECT-TYPE
SYNTAX EtherStats2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { etherStatsEntry }
::= { etherStats2Table 1 }
EtherStats2Entry ::= SEQUENCE {
etherStatsDroppedFrames Counter32,
etherStatsCreateTime LastCreateTime
}
etherStatsDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of frames which were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
for which the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the probe
is out of some resources and decides to shed load from this
collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { etherStats2Entry 1 }
etherStatsCreateTime OBJECT-TYPE
SYNTAX LastCreateTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when this control entry was last
activated. This can be used by the management station to
ensure that the table has not been deleted and recreated
between polls."
::= { etherStats2Entry 2 }
historyControl2Table OBJECT-TYPE
SYNTAX SEQUENCE OF HistoryControl2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
::= { history 5 }
historyControl2Entry OBJECT-TYPE
SYNTAX HistoryControl2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { historyControlEntry }
::= { historyControl2Table 1 }
HistoryControl2Entry ::= SEQUENCE {
historyControlDroppedFrames Counter32
}
historyControlDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of frames which were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
for which the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the probe
is out of some resources and decides to shed load from this
collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { historyControl2Entry 1 }
hostControl2Table OBJECT-TYPE
SYNTAX SEQUENCE OF HostControl2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
::= { hosts 4 }
hostControl2Entry OBJECT-TYPE
SYNTAX HostControl2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { hostControlEntry }
::= { hostControl2Table 1 }
HostControl2Entry ::= SEQUENCE {
hostControlDroppedFrames Counter32,
hostControlCreateTime LastCreateTime
}
hostControlDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of frames which were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
for which the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the probe
is out of some resources and decides to shed load from this
collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { hostControl2Entry 1 }
hostControlCreateTime OBJECT-TYPE
SYNTAX LastCreateTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when this control entry was last
activated. This can be used by the management station to
ensure that the table has not been deleted and recreated
between polls."
::= { hostControl2Entry 2 }
matrixControl2Table OBJECT-TYPE
SYNTAX SEQUENCE OF MatrixControl2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
::= { matrix 4 }
matrixControl2Entry OBJECT-TYPE
SYNTAX MatrixControl2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { matrixControlEntry }
::= { matrixControl2Table 1 }
MatrixControl2Entry ::= SEQUENCE {
matrixControlDroppedFrames Counter32,
matrixControlCreateTime LastCreateTime
}
matrixControlDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of frames which were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
for which the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the probe
is out of some resources and decides to shed load from this
collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { matrixControl2Entry 1 }
matrixControlCreateTime OBJECT-TYPE
SYNTAX LastCreateTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when this control entry was last
activated. This can be used by the management station to
ensure that the table has not been deleted and recreated
between polls."
::= { matrixControl2Entry 2 }
channel2Table OBJECT-TYPE
SYNTAX SEQUENCE OF Channel2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
::= { filter 3 }
channel2Entry OBJECT-TYPE
SYNTAX Channel2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { channelEntry }
::= { channel2Table 1 }
Channel2Entry ::= SEQUENCE {
channelDroppedFrames Counter32,
channelCreateTime LastCreateTime
}
channelDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of frames which were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
for which the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the probe
is out of some resources and decides to shed load from this
collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { channel2Entry 1 }
channelCreateTime OBJECT-TYPE
SYNTAX LastCreateTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when this control entry was last
activated. This can be used by the management station to
ensure that the table has not been deleted and recreated
between polls."
::= { channel2Entry 2 }
tokenRingMLStats2Table OBJECT-TYPE
SYNTAX SEQUENCE OF TokenRingMLStats2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
::= { statistics 5 }
tokenRingMLStats2Entry OBJECT-TYPE
SYNTAX TokenRingMLStats2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { tokenRingMLStatsEntry }
::= { tokenRingMLStats2Table 1 }
TokenRingMLStats2Entry ::= SEQUENCE {
tokenRingMLStatsDroppedFrames Counter32,
tokenRingMLStatsCreateTime LastCreateTime
}
tokenRingMLStatsDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of frames which were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
for which the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the probe
is out of some resources and decides to shed load from this
collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { tokenRingMLStats2Entry 1 }
tokenRingMLStatsCreateTime OBJECT-TYPE
SYNTAX LastCreateTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when this control entry was last activated.
This can be used by the management station to ensure that the
table has not been deleted and recreated between polls."
::= { tokenRingMLStats2Entry 2 }
tokenRingPStats2Table OBJECT-TYPE
SYNTAX SEQUENCE OF TokenRingPStats2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
::= { statistics 6 }
tokenRingPStats2Entry OBJECT-TYPE
SYNTAX TokenRingPStats2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { tokenRingPStatsEntry }
::= { tokenRingPStats2Table 1 }
TokenRingPStats2Entry ::= SEQUENCE {
tokenRingPStatsDroppedFrames Counter32,
tokenRingPStatsCreateTime LastCreateTime
}
tokenRingPStatsDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of frames which were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
for which the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the probe
is out of some resources and decides to shed load from this
collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { tokenRingPStats2Entry 1 }
tokenRingPStatsCreateTime OBJECT-TYPE
SYNTAX LastCreateTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when this control entry was last activated.
This can be used by the management station to ensure that the
table has not been deleted and recreated between polls."
::= { tokenRingPStats2Entry 2 }
ringStationControl2Table OBJECT-TYPE
SYNTAX SEQUENCE OF RingStationControl2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
::= { tokenRing 7 }
ringStationControl2Entry OBJECT-TYPE
SYNTAX RingStationControl2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { ringStationControlEntry }
::= { ringStationControl2Table 1 }
RingStationControl2Entry ::= SEQUENCE {
ringStationControlDroppedFrames Counter32,
ringStationControlCreateTime LastCreateTime
}
ringStationControlDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of frames which were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
for which the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the probe
is out of some resources and decides to shed load from this
collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { ringStationControl2Entry 1 }
ringStationControlCreateTime OBJECT-TYPE
SYNTAX LastCreateTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when this control entry was last activated.
This can be used by the management station to ensure that the
table has not been deleted and recreated between polls."
::= { ringStationControl2Entry 2 }
sourceRoutingStats2Table OBJECT-TYPE
SYNTAX SEQUENCE OF SourceRoutingStats2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
::= { tokenRing 8 }
sourceRoutingStats2Entry OBJECT-TYPE
SYNTAX SourceRoutingStats2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { sourceRoutingStatsEntry }
::= { sourceRoutingStats2Table 1 }
SourceRoutingStats2Entry ::= SEQUENCE {
sourceRoutingStatsDroppedFrames Counter32,
sourceRoutingStatsCreateTime LastCreateTime
}
sourceRoutingStatsDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of frames which were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
for which the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the probe
is out of some resources and decides to shed load from this
collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { sourceRoutingStats2Entry 1 }
sourceRoutingStatsCreateTime OBJECT-TYPE
SYNTAX LastCreateTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when this control entry was last activated.
This can be used by the management station to ensure that the
table has not been deleted and recreated between polls."
::= { sourceRoutingStats2Entry 2 }
filter2Table OBJECT-TYPE
SYNTAX SEQUENCE OF Filter2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Provides a variable-length packet filter feature to the
RMON-1 filter table."
::= { filter 4 }
filter2Entry OBJECT-TYPE
SYNTAX Filter2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Provides a variable-length packet filter feature to the
RMON-1 filter table."
AUGMENTS { filterEntry }
::= { filter2Table 1 }
Filter2Entry ::= SEQUENCE {
filterProtocolDirDataLocalIndex Integer32,
filterProtocolDirLocalIndex Integer32
}
filterProtocolDirDataLocalIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"When this object is set to a non-zero value, the filter that
it is associated with performs the following operations on
every packet:
1) - If the packet doesn't match the protocol directory entry
identified by this object, discard the packet and exit
(i.e., discard the packet if it is not of the identified
protocol).
2) - If the associated filterProtocolDirLocalIndex is non-zero
and the packet doesn't match the protocol directory
entry identified by that object, discard the packet and
exit
3) - If the packet matches, perform the regular filter
algorithm as if the beginning of this named protocol is
the beginning of the packet, potentially applying the
filterOffset value to move further into the packet."
DEFVAL { 0 }
::= { filter2Entry 1 }
filterProtocolDirLocalIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"When this object is set to a non-zero value, the filter that
it is associated with will discard the packet if the packet
doesn't match this protocol directory entry."
DEFVAL { 0 }
::= { filter2Entry 2 }
-- Conformance Macros
rmon2MIBCompliances OBJECT IDENTIFIER ::= { rmonConformance 1 }
rmon2MIBGroups OBJECT IDENTIFIER ::= { rmonConformance 2 }
rmon2MIBCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"Describes the requirements for conformance to
the RMON2 MIB"
MODULE -- this module
MANDATORY-GROUPS { protocolDirectoryGroup,
protocolDistributionGroup,
addressMapGroup,
nlHostGroup,
nlMatrixGroup,
usrHistoryGroup,
probeInformationGroup }
GROUP rmon1EnhancementGroup
DESCRIPTION
"The rmon1EnhancementGroup is mandatory for systems which
implement RMON [RFC1757]"
::= { rmon2MIBCompliances 1 }
rmon2MIBApplicationLayerCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"Describes the requirements for conformance to
the RMON2 MIB with Application Layer Enhancements."
MODULE -- this module
MANDATORY-GROUPS { protocolDirectoryGroup,
protocolDistributionGroup,
addressMapGroup,
nlHostGroup,
nlMatrixGroup,
alHostGroup,
alMatrixGroup,
usrHistoryGroup,
probeInformationGroup }
GROUP rmon1EnhancementGroup
DESCRIPTION
"The rmon1EnhancementGroup is mandatory for systems which
implement RMON [RFC1757]"
::= { rmon2MIBCompliances 2 }
protocolDirectoryGroup OBJECT-GROUP
OBJECTS { protocolDirLastChange,
protocolDirLocalIndex, protocolDirDescr,
protocolDirType, protocolDirAddressMapConfig,
protocolDirHostConfig, protocolDirMatrixConfig,
protocolDirOwner, protocolDirStatus }
STATUS current
DESCRIPTION
"Lists the inventory of protocols the probe has the capability
of monitoring and allows the addition, deletion, and
configuration of entries in this list."
::= { rmon2MIBGroups 1 }
protocolDistributionGroup OBJECT-GROUP
OBJECTS { protocolDistControlDataSource,
protocolDistControlDroppedFrames,
protocolDistControlCreateTime,
protocolDistControlOwner, protocolDistControlStatus,
protocolDistStatsPkts, protocolDistStatsOctets }
STATUS current
DESCRIPTION
"Collects the relative amounts of octets and packets for the
different protocols detected on a network segment."
::= { rmon2MIBGroups 2 }
addressMapGroup OBJECT-GROUP
OBJECTS { addressMapInserts, addressMapDeletes,
addressMapMaxDesiredEntries,
addressMapControlDataSource,
addressMapControlDroppedFrames,
addressMapControlOwner, addressMapControlStatus,
addressMapPhysicalAddress,
addressMapLastChange }
STATUS current
DESCRIPTION
"Lists MAC address to network address bindings discovered by
the probe and what interface they were last seen on."
::= { rmon2MIBGroups 3 }
nlHostGroup OBJECT-GROUP
OBJECTS { hlHostControlDataSource,
hlHostControlNlDroppedFrames, hlHostControlNlInserts,
hlHostControlNlDeletes,
hlHostControlNlMaxDesiredEntries,
hlHostControlAlDroppedFrames, hlHostControlAlInserts,
hlHostControlAlDeletes,
hlHostControlAlMaxDesiredEntries, hlHostControlOwner,
hlHostControlStatus, nlHostInPkts, nlHostOutPkts,
nlHostInOctets, nlHostOutOctets,
nlHostOutMacNonUnicastPkts, nlHostCreateTime }
STATUS current
DESCRIPTION
"Counts the amount of traffic sent from and to each network
address discovered by the probe. Note that while the
hlHostControlTable also has objects that control an optional
alHostTable, implementation of the alHostTable is not required
to fully implement this group."
::= { rmon2MIBGroups 4 }
nlMatrixGroup OBJECT-GROUP
OBJECTS { hlMatrixControlDataSource,
hlMatrixControlNlDroppedFrames,
hlMatrixControlNlInserts, hlMatrixControlNlDeletes,
hlMatrixControlNlMaxDesiredEntries,
hlMatrixControlAlDroppedFrames,
hlMatrixControlAlInserts, hlMatrixControlAlDeletes,
hlMatrixControlAlMaxDesiredEntries,
hlMatrixControlOwner, hlMatrixControlStatus,
nlMatrixSDPkts, nlMatrixSDOctets, nlMatrixSDCreateTime,
nlMatrixDSPkts, nlMatrixDSOctets, nlMatrixDSCreateTime,
nlMatrixTopNControlMatrixIndex,
nlMatrixTopNControlRateBase,
nlMatrixTopNControlTimeRemaining,
nlMatrixTopNControlGeneratedReports,
nlMatrixTopNControlDuration,
nlMatrixTopNControlRequestedSize,
nlMatrixTopNControlGrantedSize,
nlMatrixTopNControlStartTime,
nlMatrixTopNControlOwner, nlMatrixTopNControlStatus,
nlMatrixTopNProtocolDirLocalIndex,
nlMatrixTopNSourceAddress, nlMatrixTopNDestAddress,
nlMatrixTopNPktRate, nlMatrixTopNReversePktRate,
nlMatrixTopNOctetRate, nlMatrixTopNReverseOctetRate }
STATUS current
DESCRIPTION
"Counts the amount of traffic sent between each pair of
network addresses discovered by the probe. Note that while the
hlMatrixControlTable also has objects that control optional
alMatrixTables, implementation of the alMatrixTables is not
required to fully implement this group."
::= { rmon2MIBGroups 5 }
alHostGroup OBJECT-GROUP
OBJECTS { alHostInPkts, alHostOutPkts,
alHostInOctets, alHostOutOctets, alHostCreateTime }
STATUS current
DESCRIPTION
"Counts the amount of traffic, by protocol, sent from and to
each network address discovered by the probe. Implementation
of this group requires implementation of the Network Layer
Host Group."
::= { rmon2MIBGroups 6 }
alMatrixGroup OBJECT-GROUP
OBJECTS { alMatrixSDPkts, alMatrixSDOctets, alMatrixSDCreateTime,
alMatrixDSPkts, alMatrixDSOctets, alMatrixDSCreateTime,
alMatrixTopNControlMatrixIndex,
alMatrixTopNControlRateBase,
alMatrixTopNControlTimeRemaining,
alMatrixTopNControlGeneratedReports,
alMatrixTopNControlDuration,
alMatrixTopNControlRequestedSize,
alMatrixTopNControlGrantedSize,
alMatrixTopNControlStartTime,
alMatrixTopNControlOwner, alMatrixTopNControlStatus,
alMatrixTopNProtocolDirLocalIndex,
alMatrixTopNSourceAddress, alMatrixTopNDestAddress,
alMatrixTopNAppProtocolDirLocalIndex,
alMatrixTopNPktRate, alMatrixTopNReversePktRate,
alMatrixTopNOctetRate, alMatrixTopNReverseOctetRate }
STATUS current
DESCRIPTION
"Counts the amount of traffic, by protocol, sent between each
pair of network addresses discovered by the
probe. Implementation of this group requires implementation of
the Network Layer Matrix Group."
::= { rmon2MIBGroups 7 }
usrHistoryGroup OBJECT-GROUP
OBJECTS { usrHistoryControlObjects,
usrHistoryControlBucketsRequested,
usrHistoryControlBucketsGranted,
usrHistoryControlInterval,
usrHistoryControlOwner, usrHistoryControlStatus,
usrHistoryObjectVariable, usrHistoryObjectSampleType,
usrHistoryIntervalStart, usrHistoryIntervalEnd,
usrHistoryAbsValue, usrHistoryValStatus }
STATUS current
DESCRIPTION
"The usrHistoryGroup provides user-defined collection of
historical information from MIB objects on the probe."
::= { rmon2MIBGroups 8 }
probeInformationGroup OBJECT-GROUP
OBJECTS { probeCapabilities,
probeSoftwareRev, probeHardwareRev, probeDateTime }
STATUS current
DESCRIPTION
"This group describes various operating parameters of the
probe as well as controlling the local time of the probe."
::= { rmon2MIBGroups 9 }
probeConfigurationGroup OBJECT-GROUP
OBJECTS { probeResetControl, probeDownloadFile,
probeDownloadTFTPServer, probeDownloadAction,
probeDownloadStatus,
serialMode, serialProtocol, serialTimeout,
serialModemInitString, serialModemHangUpString,
serialModemConnectResp, serialModemNoConnectResp,
serialDialoutTimeout, serialStatus,
netConfigIPAddress, netConfigSubnetMask,
netConfigStatus, netDefaultGateway,
trapDestCommunity, trapDestProtocol, trapDestAddress,
trapDestOwner, trapDestStatus,
serialConnectDestIpAddress, serialConnectType,
serialConnectDialString, serialConnectSwitchConnectSeq,
serialConnectSwitchDisconnectSeq,
serialConnectSwitchResetSeq,
serialConnectOwner, serialConnectStatus }
STATUS current
DESCRIPTION
"This group controls the configuration of various operating
parameters of the probe."
::= { rmon2MIBGroups 10 }
rmon1EnhancementGroup OBJECT-GROUP
OBJECTS { historyControlDroppedFrames, hostControlDroppedFrames,
hostControlCreateTime, matrixControlDroppedFrames,
matrixControlCreateTime, channelDroppedFrames,
channelCreateTime, filterProtocolDirDataLocalIndex,
filterProtocolDirLocalIndex }
STATUS current
DESCRIPTION
"This group adds some enhancements to RMON-1 that help
management stations."
::= { rmon2MIBGroups 11 }
rmon1EthernetEnhancementGroup OBJECT-GROUP
OBJECTS { etherStatsDroppedFrames, etherStatsCreateTime }
STATUS current
DESCRIPTION
"This group adds some enhancements to RMON-1 that help
management stations."
::= { rmon2MIBGroups 12 }
rmon1TokenRingEnhancementGroup OBJECT-GROUP
OBJECTS { tokenRingMLStatsDroppedFrames,
tokenRingMLStatsCreateTime,
tokenRingPStatsDroppedFrames, tokenRingPStatsCreateTime,
ringStationControlDroppedFrames,
ringStationControlCreateTime,
sourceRoutingStatsDroppedFrames,
sourceRoutingStatsCreateTime }
STATUS current
DESCRIPTION
"This group adds some enhancements to RMON-1 that help
management stations."
::= { rmon2MIBGroups 13 }
END
7. Security Considerations In order to implement this MIB, a probe must capture all packets on the locally-attached network, including packets between third parties. These packets are analyzed to collect network addresses, protocol usage information, and conversation statistics. Data of this nature may be considered sensitive in some environments. In such environments the administrator may wish to restrict SNMP access to the probe. A probe implementing this MIB is likely to also implement RMON [RFC1757], which includes functions for returning the contents of captured packets, potentially including sensitive user data or passwords. It is recommended that SNMP access to these functions be restricted.
8. Appendix - TimeFilter Implementation Notes 1) Theory of Operation The TimeFilter mechanism allows an NMS to reduce the number of SNMP transactions required for a 'table-update' operation. Polling of tables that incorporate a 'TimeFilter' INDEX can be reduced to a theoretical minimum (if used correctly). It can be easily implemented by an agent in a way independent of the number of NMS applications using the same time-filtered table. Although the name 'TimeFilter' may imply that a history of change events is maintained by the agent, this is not the case. A time- filtered-value represents the current value of the object instance, not the 'saved' value at the time indicated by the TimeFilter INDEX value. Note that TimeFilter objects only appear in INDEX clauses (always not-accessible), so their value is never retrieved. By design, the actual value of a TimeFilter instance is not in itself meaningful (it's not a 'last-change-timestamp'). The TimeFilter is a boolean filtering function applied in internal Get* PDU processing. If the 'last-change-time' of the specified instance is less than the particular TimeFilter INDEX value, then the instance is considered 'not-present' (skipped for GetNext and GetBulk PDUs; 'noSuchInstance' or returned to the requester. 1.1) Agent Implementation of a Time-Filtered Table In implementation, the time-filtered rows (one for each tick of sysUpTime) are only conceptual. The agent simply filters a real table based on: * the current value of sysUpTime * the TimeFilter value passed in the varbind * the last-update timestamp of each requested counter (agent implementation requirement) For example, to implement a time-filtered counter, an agent maintains a timestamp in a 32-bit storage location, initialized to zero. This is in addition to whatever instrumentation is needed for the counter. Each time the counter is updated, the current value of sysUpTime is recorded in the associated timestamp. If this is not possible or practical, then a background polling process must 'refresh' the timestamp by sampling counter values and comparing them to recorded samples. The timestamp update must occur within 5 seconds of the actual change event.
When an agent receives a Get, GetNext, or GetBulk PDU requesting a
time-filtered instance, the following agent has determined that the
instance is within the MIB view indicated by the community string in
the PDU.
/* return TRUE if the object is present */
boolean time_filter_test (
TimeFilter last_modified_timestamp,
TimeFilter index_value_in_pdu )
{
if (last_modified_timestamp < index_value_in_pdu)
return FALSE;
else
return TRUE;
}
The agent applies this function regardless of the lastActivationTime
of the conceptual row in question. In other words, counter
discontinuities are ignored (i.e. conceptual row deleted and then
re-created later). An agent should consider a object instance
'changed' when it is created (either at restart time for scalars and
static objects, or row-creation-time for dynamic tables).
Note that using a timeFilter INDEX value of zero removes the
filtering functionality, as the instance will always be
1.2) NMS Implementation of a Time-Filtered Table
The particular TimeFilter INDEX values used by an NMS reflect the
polling interval of the NMS, relative to the particular agent's
notion of sysUpTime.
An NMS needs to maintain one timestamp variable per agent
(initialized to zero) for an arbitrary group of time-filtered MIB
objects that are gathered together in the same PDU. Each time the
Get* PDU is sent, a request for sysUpTime is included. The retrieved
sysUpTime value is used as the timeFilter value in the next polling
cycle. If a polling sweep of a time-filtered group of objects
requires more than one SNMP transaction, then the sysUpTime value
retrieved in the first GetResponse PDU of the polling sweep is saved
as the next timeFilter value.
The actual last-update time of a given object is not indicated in the
returned GetResponse instance identifier, but rather the timeFilter
value passed in the Get*Request PDU is returned.
A "time-filtered get-next/bulk-sweep", done once per polling
cycle, is a series of GetNext or GetBulk transactions, and is
over when one of the following events occurs:
1) the TimeFilter index value returned in the GetResponse is
different than the TimeFilter index value passed in the
GetNext or GetBulk request. Counter values will still be
returned beyond this point (until the last-change-time is
reached), but most likely the same values will be
returned.
2) the return PDU includes instances lexigraphically greater
than the objects expected (i.e. same GetNext semantics as
if the TimeFilter wasn't there)
3) a noSuchName or other exception/error is returned.
Note that the use of a time-filtered table in combination with a
GetRequest PDU neutralizes any optimization that otherwise might be
achieved with the TimeFilter, because no PDU transactions are saved.
Either the current time-filtered object-value is returned, or a
'noSuchInstance' exception (SNMPv1c) or 'noSuchName' error (SNMPv1)
is returned.
If GetBulk PDUs are used, then the value selected for response PDUs
generated by the agent, since duplicate entries (one per size. An
appropriate of conceptual rows in the time-filtered table if known, or
equal to the number of instances expected to fit in a GetResponse PDU
without causing a 'tooBig' error from the agent.
2) TimeFilter Example
The following example demonstrates how an NMS and Agent might use a
table with a TimeFilter object in the INDEX. A static table is
assumed to keep the example simple, but dynamic tables can also be
supported.
2.1) General Assumptions
fooEntry INDEX { fooTimeMark, fooIfIndex }
FooEntry = SEQUENCE {
fooTimeMark TimeFilter,
fooIfIndex Integer32,
fooCounts Counter32
}
The NMS polls the fooTable every 15 seconds and the
baseline
poll occurs when the agent has been up for 6 seconds,
and the NMS has been up for 10 seconds.
There are 2 static rows in this table at system
initialization
(fooCounts.0.1 and fooCounts.0.2).
Row 1 was updated as follows:
SysUpTime fooCounts.*.1 value 500
1 900 2
2300 3
Row 2 was updated as follows:
SysUpTime fooCounts.*.2 value
1100 1
1400 2
2.2) SNMP Transactions from NMS Perspective
Time nms-1000:
# NMS baseline poll -- get everything since last agent
restart
# TimeFilter == 0
get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
fooCounts.0);
returns:
sysUpTime.0 == 600
fooCounts.0.1 == 1 # incremented at time 500
fooCounts.0.2 == 0 # visible since created at time 0
Time nms-2500:
# NMS 1st poll
# TimeFilter index == 600
get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
fooCounts.600);
returns:
sysUpTime.0 == 2100
fooCounts.600.1 == 2 # incremented at time 900
fooCounts.600.2 == 2 # incremented at times 1100 and
1400
fooCounts.601.1 == 2 # indicates end of sweep
Time nms-4000:
# NMS 2nd poll
# TimeFilter == 2100
get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
fooCounts.2100);
returns:
sysUpTime.0 == 3600
fooCounts.2100.1 == 3 # incremented at time 2300
fooCounts.2102.1 == 3 # indicates end-of-sweep
# the counter value for row 2 is not returned because
# it hasn't changed since sysUpTime == 2100.
# The next timetick value for row 1 is returned instead
Time nms-5500:
# NMS 3rd poll
# TimeFilter == 3600
get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
fooCounts.3600);
returns:
sysUpTime.0 == 5100
some-instance-outside-the-fooTable == <don't care>
some-instance-outside-the-fooTable == <don't care>
# no 'fooTable' counter values at all are returned
because
# neither counter has been updated since sysUpTime ==
3600
2.3) Transactions and TimeFilter Maintenance: Agent
Perspective
Time agt-0:
# initialize fooTable
fooCounts.1 = 0; changed.1 = 0;
fooCounts.2 = 0; changed.2 = 0;
Time agt-500:
# increment fooCounts.1
++fooCounts.1; changed.1 = 500;
Time agt-600
# answer get-bulk
# get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
# fooCounts.0);
# (changed >= 0)
# return both counters
Time agt-900:
# increment fooCounts.1
++fooCounts.1; changed.1 = 900;
Time agt-1100:
# increment fooCounts.2
++fooCounts.2; changed.2 = 1100;
Time agt-1400:
# increment fooCounts.2
++fooCounts.2; changed.2 = 1400;
Time agt-2100
# answer get-bulk
# get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
# fooCounts.600);
# (changed >= 600)
# return both counters
Time agt-2300:
# increment fooCounts.1
++fooCounts.1; changed.1 = 2300;
Time agt-3600:
# answer get-bulk
# get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
# fooCounts.2100);
# (changed >= 2100)
# return only fooCounts.1 from the fooTable--twice
Time agt-5100:
# answer get-bulk
# get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
# fooCounts.3600);
# (changed >= 3600)
# return lexigraphically-next two MIB instances
9. Acknowledgments This document was produced by the IETF Remote Network Monitoring Working Group. 10. References [1] SNMPv2 Working Group, J. Case, K. McCloghrie, M. Rose, S. Waldbusser, "Structure and Identification of Management Information for Version 2 of the Simple Network Management Protocol (SNMPv2)" RFC 1902, January 1996. [2] SNMPv2 Working Group, J. Case, K. McCloghrie, M. Rose, S. Waldbusser, "Textual Conventions for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1903 January 1996. [3] McCloghrie, K., and M. Rose, "Management Information Base for Network Management of TCP/IP-based internets: MIB-II", STD 17, RFC 1213, March 1991. [4] SNMPv2 Working Group, J. Case, K. McCloghrie, M. Rose, S. Waldbusser, "Protocol Operations for version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, January 1996. [5] McCloghrie, K., and F. Kastenholz, "Evolution of the Interfaces Group of MIB-II", RFC 1573, January 1994. [6] Information processing systems -- Open Systems Interconnection -- Specification of Abstract Syntax Notation One (ASN.1), International Organization for Standardization. International Standard 8824, (December, 1987). [7] Information processing systems -- Open Systems Interconnection -- Specification of Basic Encoding Rules for Abstract Notation One (ASN.1), International Organization for Standardization. International Standard 8825, (December, 1987). [8] Rose, M., Editor, "A Convention for Defining Traps for use with the SNMP", RFC 1215, March 1991. [9] Waldbusser, S., "Remote Network Monitoring Management Information Base", RFC 1757, February 1995.
[10] Waldbusser, S., "Token Ring Extensions to the Remote Network Monitoring MIB", RFC 1513, September 1993. 11. Author's Address Steven Waldbusser International Network Services Phone: (415) 254-4251 EMail: waldbusser@ins.com