RFC 2263
SNMPv3 Applications
3.5. Proxy Forwarder Applications A proxy forwarder application deals with forwarding SNMP messages. There are four basic types of messages which a proxy forwarder application may need to forward. These are grouped according to the PDU type contained in a message, or according to whether a report indication is contained in the message. The four basic types of messages are: - Those containing PDU types which were generated by a command generator application (for example, Get, GetNext, GetBulk, and Set PDU types). These deal with requesting or modifying information located within a particular context. - Those containing PDU types which were generated by a notification originator application (for example, SNMPv2-Trap and Inform PDU types). These deal with notifications concerning information located within a particular context. - Those containing a Response PDU type. Forwarding of Response PDUs always occurs as a result of receiving a response to a previously forwarded message. - Those containing a report indication. Forwarding of report indications always occurs as a result of receiving a report indication for a previously forwarded message. For the first type, the proxy forwarder's role is to deliver a request for management information to an SNMP engine which is "closer" or "downstream in the path" to the SNMP engine which has access to that information, and to deliver the response containing the information back to the SNMP engine from which the request was received. The context information in a request is used to determine which SNMP engine has access to the requested information, and this is used to determine where and how to forward the request.
For the second type, the proxy forwarder's role is to determine which SNMP engines should receive notifications about management information from a particular location. The context information in a notification message determines the location to which the information contained in the notification applies. This is used to determine which SNMP engines should receive notification about this information. For the third type, the proxy forwarder's role is to determine which previously forwarded request or notification (if any) the response matches, and to forward the response back to the initiator of the request or notification. For the fourth type, the proxy forwarder's role is to determine which previously forwarded request or notification (if any) the report indication matches, and to forward the report indication back to the initiator of the request or notification. When forwarding messages, a proxy forwarder application must perform a translation of incoming management target information into outgoing management target information. How this translation is performed is implementation specific. In many cases, this will be driven by a preconfigured translation table. If a proxy forwarder application makes the contents of this table SNMP manageable, it MUST use the SNMP-PROXY-MIB module defined in this document. 3.5.1. Request Forwarding There are two phases for request forwarding. First, the incoming request needs to be passed through the proxy application. Then, the resulting response needs to be passed back. These phases are described in the following two sections. 3.5.1.1. Processing an Incoming Request A proxy forwarder application that wishes to forward request messages must first register with the Dispatcher using the registerContextEngineID abstract service interface. The proxy forwarder must register each contextEngineID for which it wishes to forward messages, as well as for each pduType. Note that as the configuration of a proxy forwarder is changed, the particular contextEngineID values for which it is forwarding may change. The proxy forwarder should call the registerContextEngineID and unregisterContextEngineID abstract service interfaces as needed to reflect its current configuration.
A proxy forwarder application should never attempt to register a
value of contextEngineID which is equal to the snmpEngineID of the
SNMP engine to which the proxy forwarder is associated.
Once the proxy forwarder has registered for the appropriate
contextEngineId values, it can start processing messages. The
following procedure is used:
(1) A message is received using the processPdu abstract service
interface. The incoming management target information received
from the processPdu interface is translated into outgoing
management target information. Note that this translation may vary
for different values of contextEngineID and/or contextName. The
translation should result in a single management target.
(2) If appropriate outgoing management target information cannot be
found, the proxy forwarder increments the snmpProxyDrops counter
[RFC1907], and then calls the Dispatcher using the
returnResponsePdu abstract service interface. Parameters are:
- The messageProcessingModel is the value from the processPdu
call.
- The securityModel is the value from the processPdu call.
- The securityName is the value from the processPdu call.
- The securityLevel is the value from the processPdu call.
- The contextEngineID is the value from the processPdu call.
- The contextName is the value from the processPdu call.
- The pduVersion is the value from the processPdu call.
- The PDU is an undefined value.
- The maxSizeResponseScopedPDU is a local value indicating the
maximum size of a ScopedPDU that the application can accept.
- The stateReference is the value from the processPdu call.
- The statusInformation indicates that an error occurred and
includes the OID and value of the snmpProxyDrops object.
Processing of the message stops at this point. Otherwise,
(3) A new PDU is constructed. A unique value of request-id should be
used in the new PDU (this value will enable a subsequent response
message to be correlated with this request). The remainder of the
new PDU is identical to the received PDU, unless the incoming SNMP
version is SNMPv2 or SNMPv3 and the outgoing SNMP version is
SNMPv1, in which case the proxy forwarder must apply the
translation rules as documented in [RFC1908].
(4) The proxy forwarder calls the Dispatcher to generate the forwarded
message, using the sendPdu abstract service interface. The
parameters are:
- The transportDomain is that of the outgoing management target.
- The transportAddress is that of the outgoing management
target.
- The messageProcessingModel is that of the outgoing management
target.
- The securityModel is that of the outgoing management target.
- The securityName is that of the outgoing management target.
- The securityLevel is that of the outgoing management target.
- The contextEngineID is the value originally received.
- The contextName is the value originally received.
- The pduVersion is the version of the PDU to be sent.
- The PDU is the value constructed in step (3) above.
- The expectResponse argument indicates that a response is
expected. If the sendPdu call is unsuccessful, the proxy
forwarder performs the steps described in (2) above.
Otherwise:
(5) The proxy forwarder caches the following information in order to
match an incoming response to the forwarded request:
- The sendPduHandle returned from the call to sendPdu,
- The request-id from the received PDU.
- the contextEngineID,
- the contextName,
- the stateReference,
- the incoming management target information,
- the outgoing management information,
- any other information needed to match an incoming response to
the forwarded request.
If this information cannot be cached (possibly due to a lack of
resources), the proxy forwarder performs the steps described in (2)
above. Otherwise:
(6) Processing of the request stops until a response to the forwarded
request is received, or until an appropriate time interval has
expired. If this time interval expires before a response has been
received, the cached information about this request is removed.
3.5.1.2. Processing an Incoming Response
A proxy forwarder follows the following procedure when an incoming
response is received:
(1) The incoming response is received using the processResponsePdu
interface. The proxy forwarder uses the received parameters to
locate an entry in its cache of pending forwarded requests. This
is done by matching the received parameters with the cached values
of sendPduHandle, contextEngineID, contextName, outgoing management
target information, and the request-id contained in the received
PDU (the proxy forwarder must extract the request-id for this
purpose). If an appropriate cache entry cannot be found,
processing of the response is halted. Otherwise:
(2) The cache information is extracted, and removed from the cache.
(3) A new Response PDU is constructed, using the request-id value from
the original forwarded request (as extracted from the cache). All
other values are identical to those in the received Response PDU.
(4) If the incoming SNMP version is SNMPv1 and the outgoing SNMP
version is SNMPv2 or SNMPv3, the proxy forwarder must apply the
translation rules documented in [RFC1908].
(5) The proxy forwarder calls the Dispatcher using the
returnResponsePdu abstract service interface. Parameters are:
- The messageProcessingModel indicates the Message Processing
Model by which the original incoming message was processed.
- The securityModel is that of the original incoming management
target extracted from the cache.
- The securityName is that of the original incoming management
target extracted from the cache.
- The securityLevel is that of the original incoming management
target extracted from the cache.
- The contextEngineID is the value extracted from the cache.
- The contextName is the value extracted from the cache.
- The pduVersion indicates the version of the PDU to be
returned.
- The PDU is the (possibly translated) Response PDU.
- The maxSizeResponseScopedPDU is a local value indicating the
maximum size of a ScopedPDU that the application can accept.
- The stateReference is the value extracted from the cache.
- The statusInformation indicates that no error occurred and
that a Response PDU message should be generated.
3.5.1.3. Processing an Incoming Report Indication
A proxy forwarder follows the following procedure when an incoming
report indication is received:
(1) The incoming report indication is received using the
processResponsePdu interface. The proxy forwarder uses the
received parameters to locate an entry in its cache of pending
forwarded requests. This is done by matching the received
parameters with the cached values of sendPduHandle. If an
appropriate cache entry cannot be found, processing of the report
indication is halted. Otherwise:
(2) The cache information is extracted, and removed from the cache.
(3) If the original incoming management target information indicates
SNMPv1, processing of the report indication is halted.
(4) The proxy forwarder calls the Dispatcher using the
returnResponsePdu abstract service interface. Parameters are:
- The messageProcessingModel indicates the Message Processing
Model by which the original incoming message was processed.
- The securityModel is that of the original incoming management
target extracted from the cache.
- The securityName is that of the original incoming management
target extracted from the cache.
- The securityLevel is that of the original incoming management
target extracted from the cache.
- The contextEngineID is the value extracted from the cache.
- The contextName is the value extracted from the cache.
- The pduVersion indicates the version of the PDU to be
returned.
- The PDU is unused.
- The maxSizeResponseScopedPDU is a local value indicating the
maximum size of a ScopedPDU that the application can accept.
- The stateReference is the value extracted from the cache.
- The statusInformation contain the contextEngineID,
contextName, counter OID, and counter value received in the
report indication.
3.5.2. Notification Forwarding
A proxy forwarder receives notifications in the same manner as a
notification receiver application, using the processPdu abstract
service interface. The following procedure is used when a
notification is received:
(1) The incoming management target information received from the
processPdu interface is translated into outgoing management target
information. Note that this translation may vary for different
values of contextEngineId and/or contextName. The translation may
result in multiple management targets.
(2) If appropriate outgoing management target information cannot be
found and the notification was a Trap, processing of the
notification is halted. If appropriate outgoing management target
information cannot be found and the notification was an Inform, the
proxy forwarder increments the snmpProxyDrops object, and calls the
Dispatcher using the returnResponsePdu abstract service interface.
The parameters are:
- The messageProcessingModel is the received value.
- The securityModel is the received value.
- The securityName is the received value.
- The securityLevel is the received value.
- The contextEngineID is the received value.
- The contextName is the received value.
- The pduVersion is the received value.
- The PDU is an undefined and unused value.
- The maxSizeResponseScopedPDU is a local value indicating the
maximum size of a ScopedPDU that the application can accept.
- The stateReference is the received value.
- The statusInformation indicates that an error occurred and
that a Report message should be generated.
Processing of the message stops at this point. Otherwise,
(3) The proxy forwarder generates a notification using the procedures
described in the preceding section on Notification Originators,
with the following exceptions:
- The contextEngineID and contextName values from the original
received notification are used.
- The outgoing management targets previously determined are
used.
- No filtering mechanisms are applied.
- The variable-bindings from the original received notification
are used, rather than retrieving variable-bindings from local
MIB instrumentation. In particular, no access-control is
applied to these variable-bindings.
- If for any of the outgoing management targets, the incoming
SNMP version is SNMPv1 and the outgoing SNMP version is SNMPv2
or SNMPv3, the proxy forwarder must apply the translation
rules as documented in [RFC1908].
- If for any of the outgoing management targets, the incoming
SNMP version is SNMPv2 or SNMPv3, and the outgoing SNMP
version is SNMPv1, this outgoing management target is not used
when generating the forwarded notifications.
(4) If the original received notification contains an SNMPv2-Trap PDU,
processing of the notification is now completed. Otherwise, the
original received notification must contain an Inform PDU, and
processing continues.
(5) If the forwarded notifications included any Inform PDUs, processing
continues when the procedures described in the section for
Notification Originators determine that either:
- None of the generated notifications containing Inform PDUs
have been successfully acknowledged within the longest of the
time intervals, in which case processing of the original
notification is halted, or,
- At least one of the generated notifications containing Inform
PDUs is successfully acknowledged, in which case a response to
the original received notification containing an Inform PDU is
generated as described in the following steps.
(6) A Response PDU is constructed, using the values of request-id and
variable-bindings from the original received Inform PDU, and
error-status and error-index values of 0.
(7) The Dispatcher is called using the returnResponsePdu abstract
service interface. Parameters are:
- The messageProcessingModel is the originally received value.
- The securityModel is the originally received value.
- The securityName is the originally received value.
- The securityLevel is the originally received value.
- The contextEngineID is the originally received value.
- The contextName is the originally received value.
- The pduVersion indicates the version of the PDU constructed in
step (6) above.
- The PDU is the value constructed in step (6) above.
- The maxSizeResponseScopedPDU is a local value indicating the
maximum size of a ScopedPDU that the application can accept.
- The stateReference is the originally received value.
- The statusInformation indicates that no error occurred and
that a Response PDU message should be generated.
4. The Structure of the MIB Modules
There are three separate MIB modules described in this document, the
management target MIB, the notification MIB, and the proxy MIB. The
following sections describe the structure of these three MIB modules.
The use of these MIBs by particular types of applications is
described later in this document:
- The use of the management target MIB and the notification MIB
in notification originator applications is described in
section 6.
- The use of the notification MIB for filtering notifications in
notification originator applications is described in section
7.
- The use of the management target MIB and the proxy MIB in
proxy forwarding applications is described in section 8.
4.1. The Management Target MIB Module
The SNMP-TARGET-MIB module contains objects for defining management
targets. It consists of two tables and conformance/compliance
statements.
The first table, the snmpTargetAddrTable, contains information about
transport domains and addresses. It also contains an object,
snmpTargetAddrTagList, which provides a mechanism for grouping
entries.
The second table, the snmpTargetParamsTable, contains information about SNMP version and security information to be used when sending messages to particular transport domains and addresses. 4.1.1. Tag Lists The snmpTargetAddrTagList object is used for grouping entries in the snmpTargetAddrTable. The value of this object contains a list of tag values which are used to select target addresses to be used for a particular operation. A tag value, which may also be used in MIB objects other than snmpTargetAddrTagList, is an arbitrary string of octets, but may not contain a delimiter character. Delimiter characters are defined to be one of the following characters: - An ASCII space character (0x20). - An ASCII TAB character (0x09). - An ASCII carriage return (CR) character (0x0D). - An ASCII line feed (LF) character (0x0B). In addition, a tag value may not have a zero length. Generally, a particular MIB object may contain either - a single tag value, in which case the value of the MIB object may not contain a delimiter character, or: - a MIB object may contain a list of tag values, separated by single delimiter characters. For a list of tag values, these constraints imply certain restrictions on the value of a MIB object: - There cannot be a leading or trailing delimiter character. - There cannot be multiple adjacent delimiter charaters. 4.1.2. Definitions SNMP-TARGET-MIB DEFINITIONS ::= BEGIN IMPORTS TEXTUAL-CONVENTION, MODULE-IDENTITY, OBJECT-TYPE,
snmpModules,
Integer32
FROM SNMPv2-SMI
TDomain,
TAddress,
TimeInterval,
RowStatus,
StorageType,
TestAndIncr
FROM SNMPv2-TC
SnmpSecurityModel,
SnmpMessageProcessingModel,
SnmpSecurityLevel,
SnmpAdminString
FROM SNMP-FRAMEWORK-MIB
OBJECT-GROUP
FROM SNMPv2-CONF;
snmpTargetMIB MODULE-IDENTITY
LAST-UPDATED "9711210000Z"
ORGANIZATION "IETF SNMPv3 Working Group"
CONTACT-INFO
"WG-email: snmpv3@tis.com
Subscribe: majordomo@tis.com
In message body: subscribe snmpv3
Chair: Russ Mundy
Trusted Information Systems
Postal: 3060 Washington Rd
Glenwood MD 21738
USA
Email: mundy@tis.com
Phone: +1-301-854-6889
Co-editor: David B. Levi
SNMP Research, Inc.
Postal: 3001 Kimberlin Heights Road
Knoxville, TN 37920-9716
E-mail: levi@snmp.com
Phone: +1 423 573 1434
Co-editor: Paul Meyer
Secure Computing Corporation
Postal: 2675 Long Lake Road
Roseville, MN 55113
E-mail: paul_meyer@securecomputing.com
Phone: +1 612 628 1592
Co-editor: Bob Stewart
Cisco Systems, Inc.
Postal: 170 West Tasman Drive
San Jose, CA 95134-1706
E-mail: bstewart@cisco.com
Phone: +1 603 654 6923"
DESCRIPTION
"This MIB module defines MIB objects which provide
mechanisms to remotely configure the parameters used
by an SNMP entity for the generation of SNMP messages."
REVISION "9707140000Z"
DESCRIPTION
"The initial revision."
::= { snmpModules 7 }
snmpTargetObjects OBJECT IDENTIFIER ::= { snmpTargetMIB 1 }
snmpTargetConformance OBJECT IDENTIFIER ::= { snmpTargetMIB 3 }
SnmpTagValue ::= TEXTUAL-CONVENTION
DISPLAY-HINT "255a"
STATUS current
DESCRIPTION
"An octet string containing a tag value.
Tag values are preferably in human-readable form.
To facilitate internationalization, this information
is represented using the ISO/IEC IS 10646-1 character
set, encoded as an octet string using the UTF-8
character encoding scheme described in RFC 2044.
Since additional code points are added by amendments
to the 10646 standard from time to time,
implementations must be prepared to encounter any code
point from 0x00000000 to 0x7fffffff.
The use of control codes should be avoided, and certain
control codes are not allowed as described below.
For code points not directly supported by user
interface hardware or software, an alternative means
of entry and display, such as hexadecimal, may be
provided.
For information encoded in 7-bit US-ASCII, the UTF-8
representation is identical to the US-ASCII encoding.
Note that when this TC is used for an object that
is used or envisioned to be used as an index, then a
SIZE restriction must be specified so that the number
sub-identifiers for any object instance do not exceed
the limit of 128, as defined by [RFC1905].
An object of this type contains a single tag value
which is used to select a set of entries in a table.
A tag value is an arbitrary string of octets, but
may not contain a delimiter character. Delimiter
characters are defined to be one of the following:
- An ASCII space character (0x20).
- An ASCII TAB character (0x09).
- An ASCII carriage return (CR) character (0x0D).
- An ASCII line feed (LF) character (0x0B).
Delimiter characters are used to separate tag values
in a tag list. An object of this type may only
contain a single tag value, and so delimiter
characters are not allowed in a value of this type.
Some examples of valid tag values are:
- 'acme'
- 'router'
- 'host'
The use of a tag value to select table entries is
application and MIB specific."
SYNTAX OCTET STRING (SIZE (0..255))
SnmpTagList ::= TEXTUAL-CONVENTION
DISPLAY-HINT "255a"
STATUS current
DESCRIPTION
"An octet string containing a list of tag values.
Tag values are preferably in human-readable form.
To facilitate internationalization, this information
is represented using the ISO/IEC IS 10646-1 character
set, encoded as an octet string using the UTF-8
character encoding scheme described in RFC 2044.
Since additional code points are added by amendments
to the 10646 standard from time to time,
implementations must be prepared to encounter any code
point from 0x00000000 to 0x7fffffff.
The use of control codes should be avoided, except as
described below.
For code points not directly supported by user
interface hardware or software, an alternative means
of entry and display, such as hexadecimal, may be
provided.
For information encoded in 7-bit US-ASCII, the UTF-8
representation is identical to the US-ASCII encoding.
An object of this type contains a list of tag values
which are used to select a set of entries in a table.
A tag value is an arbitrary string of octets, but
may not contain a delimiter character. Delimiter
characters are defined to be one of the following:
- An ASCII space character (0x20).
- An ASCII TAB character (0x09).
- An ASCII carriage return (CR) character (0x0D).
- An ASCII line feed (LF) character (0x0B).
Delimiter characters are used to separate tag values
in a tag list. Only a single delimiter character may
occur between two tag values. A tag value may not
have a zero length. These constraints imply certain
restrictions on the contents of this object:
- There cannot be a leading or trailing delimiter
character.
- There cannot be multiple adjacent delimiter
characters.
Some examples of valid tag lists are:
- An empty string
- 'acme router'
- 'host managerStation'
Note that although a tag value may not have a length of
zero, an empty string is still valid. This indicates
an empty list (i.e. there are no tag values in the list).
The use of the tag list to select table entries is
application and MIB specific. Typically, an application
will provide one or more tag values, and any entry
which contains some combination of these tag values
will be selected."
SYNTAX OCTET STRING (SIZE (0..255))
--
--
-- The snmpTargetObjects group
--
--
snmpTargetSpinLock OBJECT-TYPE
SYNTAX TestAndIncr
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to facilitate modification of table
entries in the SNMP-TARGET-MIB module by multiple
managers. In particular, it is useful when modifying
the value of the snmpTargetAddrTagList object.
The procedure for modifying the snmpTargetAddrTagList
object is as follows:
1. Retrieve the value of snmpTargetSpinLock and
of snmpTargetAddrTagList.
2. Generate a new value for snmpTargetAddrTagList.
3. Set the value of snmpTargetSpinLock to the
retrieved value, and the value of
snmpTargetAddrTagList to the new value. If
the set fails for the snmpTargetSpinLock
object, go back to step 1."
::= { snmpTargetObjects 1 }
snmpTargetAddrTable OBJECT-TYPE
SYNTAX SEQUENCE OF SnmpTargetAddrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of transport addresses to be used in the generation
of SNMP messages."
::= { snmpTargetObjects 2 }
snmpTargetAddrEntry OBJECT-TYPE
SYNTAX SnmpTargetAddrEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A transport address to be used in the generation
of SNMP operations.
Entries in the snmpTargetAddrTable are created and
deleted using the snmpTargetAddrRowStatus object."
INDEX { IMPLIED snmpTargetAddrName }
::= { snmpTargetAddrTable 1 }
SnmpTargetAddrEntry ::= SEQUENCE {
snmpTargetAddrName SnmpAdminString,
snmpTargetAddrTDomain TDomain,
snmpTargetAddrTAddress TAddress,
snmpTargetAddrTimeout TimeInterval,
snmpTargetAddrRetryCount Integer32,
snmpTargetAddrTagList SnmpTagList,
snmpTargetAddrParams SnmpAdminString,
snmpTargetAddrStorageType StorageType,
snmpTargetAddrRowStatus RowStatus
}
snmpTargetAddrName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..32))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The locally arbitrary, but unique identifier associated
with this snmpTargetAddrEntry."
::= { snmpTargetAddrEntry 1 }
snmpTargetAddrTDomain OBJECT-TYPE
SYNTAX TDomain
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the transport type of the address
contained in the snmpTargetAddrTAddress object."
::= { snmpTargetAddrEntry 2 }
snmpTargetAddrTAddress OBJECT-TYPE
SYNTAX TAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object contains a transport address. The format of
this address depends on the value of the
snmpTargetAddrTDomain object."
::= { snmpTargetAddrEntry 3 }
snmpTargetAddrTimeout OBJECT-TYPE
SYNTAX TimeInterval
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object should reflect the expected maximum round
trip time for communicating with the transport address
defined by this row. When a message is sent to this
address, and a response (if one is expected) is not
received within this time period, an implementation
may assume that the response will not be delivered.
Note that the time interval that an application waits
for a response may actually be derived from the value
of this object. The method for deriving the actual time
interval is implementation dependent. One such method
is to derive the expected round trip time based on a
particular retransmission algorithm and on the number
of timeouts which have occurred. The type of message may
also be considered when deriving expected round trip
times for retransmissions. For example, if a message is
being sent with a securityLevel that indicates both
authentication and privacy, the derived value may be
increased to compensate for extra processing time spent
during authentication and encryption processing."
DEFVAL { 1500 }
::= { snmpTargetAddrEntry 4 }
snmpTargetAddrRetryCount OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object specifies a default number of retries to be
attempted when a response is not received for a generated
message. An application may provide its own retry count,
in which case the value of this object is ignored."
DEFVAL { 3 }
::= { snmpTargetAddrEntry 5 }
snmpTargetAddrTagList OBJECT-TYPE
SYNTAX SnmpTagList
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object contains a list of tag values which are
used to select target addresses for a particular
operation."
::= { snmpTargetAddrEntry 6 }
snmpTargetAddrParams OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object identifies an entry in the
snmpTargetParamsTable. The identified entry
contains SNMP parameters to be used when generating
messages to be sent to this transport address."
::= { snmpTargetAddrEntry 7 }
snmpTargetAddrStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The storage type for this conceptual row."
::= { snmpTargetAddrEntry 8 }
snmpTargetAddrRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this conceptual row.
To create a row in this table, a manager must
set this object to either createAndGo(4) or
createAndWait(5).
Until instances of all corresponding columns are
appropriately configured, the value of the
corresponding instance of the snmpTargetAddrRowStatus
column is 'notReady'.
In particular, a newly created row cannot be made
active until the corresponding snmpTargetAddrTDomain
and snmpTargetAddrTAddress have both been set.
The following objects may not be modified while the
value of this object is active(1):
- snmpTargetAddrTDomain
- snmpTargetAddrTAddress"
::= { snmpTargetAddrEntry 9 }
snmpTargetParamsTable OBJECT-TYPE
SYNTAX SEQUENCE OF SnmpTargetParamsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of SNMP target information to be used
in the generation of SNMP messages."
::= { snmpTargetObjects 3 }
snmpTargetParamsEntry OBJECT-TYPE
SYNTAX SnmpTargetParamsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A set of SNMP target information.
Entries in the snmpTargetParamsTable are created and
deleted using the snmpTargetParamsRowStatus object."
INDEX { IMPLIED snmpTargetParamsName }
::= { snmpTargetParamsTable 1 }
SnmpTargetParamsEntry ::= SEQUENCE {
snmpTargetParamsName SnmpAdminString,
snmpTargetParamsMPModel SnmpMessageProcessingModel,
snmpTargetParamsSecurityModel SnmpSecurityModel,
snmpTargetParamsSecurityName SnmpAdminString,
snmpTargetParamsSecurityLevel SnmpSecurityLevel,
snmpTargetParamsStorageType StorageType,
snmpTargetParamsRowStatus RowStatus
}
snmpTargetParamsName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(1..32))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The locally arbitrary, but unique identifier associated
with this snmpTargetParamsEntry."
::= { snmpTargetParamsEntry 1 }
snmpTargetParamsMPModel OBJECT-TYPE
SYNTAX SnmpMessageProcessingModel
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Message Processing Model to be used when generating
SNMP messages using this entry."
::= { snmpTargetParamsEntry 2 }
snmpTargetParamsSecurityModel OBJECT-TYPE
SYNTAX SnmpSecurityModel (0..254 | 256..2147483647)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Security Model to be used when generating SNMP
messages using this entry."
::= { snmpTargetParamsEntry 3 }
snmpTargetParamsSecurityName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The securityName which identifies the Principal on
whose behalf SNMP messages will be generated using
this entry."
::= { snmpTargetParamsEntry 4 }
snmpTargetParamsSecurityLevel OBJECT-TYPE
SYNTAX SnmpSecurityLevel
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Level of Security to be used when generating
SNMP messages using this entry."
::= { snmpTargetParamsEntry 5 }
snmpTargetParamsStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The storage type for this conceptual row."
::= { snmpTargetParamsEntry 6 }
snmpTargetParamsRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this conceptual row.
To create a row in this table, a manager must
set this object to either createAndGo(4) or
createAndWait(5).
Until instances of all corresponding columns are
appropriately configured, the value of the
corresponding instance of the snmpTargetParamsRowStatus
column is 'notReady'.
In particular, a newly created row cannot be made
active until the corresponding
snmpTargetParamsMPModel,
snmpTargetParamsSecurityModel,
snmpTargetParamsSecurityName,
and snmpTargetParamsSecurityLevel have all been set.
The following objects may not be modified while the
value of this object is active(1):
- snmpTargetParamsMPModel
- snmpTargetParamsSecurityModel
- snmpTargetParamsSecurityName
- snmpTargetParamsSecurityLevel"
::= { snmpTargetParamsEntry 7 }
snmpUnavailableContexts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets received by the SNMP
engine which were dropped because the context
contained in the mesage was unavailable."
::= { snmpTargetObjects 4 }
snmpUnknownContexts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of packets received by the SNMP
engine which were dropped because the context
contained in the mesage was unknown."
::= { snmpTargetObjects 5 }
--
--
-- Conformance information
--
--
snmpTargetCompliances OBJECT IDENTIFIER ::=
{ snmpTargetConformance 1 }
snmpTargetGroups OBJECT IDENTIFIER ::=
{ snmpTargetConformance 2 }
--
--
-- Compliance statements
--
--
snmpTargetCommandResponderCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities which include
a command responder application."
MODULE -- This Module
MANDATORY-GROUPS { snmpTargetCommandResponderGroup }
::= { snmpTargetCompliances 1 }
snmpTargetBasicGroup OBJECT-GROUP
OBJECTS {
snmpTargetSpinLock,
snmpTargetAddrTDomain,
snmpTargetAddrTAddress,
snmpTargetAddrTagList,
snmpTargetAddrParams,
snmpTargetAddrStorageType,
snmpTargetAddrRowStatus,
snmpTargetParamsMPModel,
snmpTargetParamsSecurityModel,
snmpTargetParamsSecurityName,
snmpTargetParamsSecurityLevel,
snmpTargetParamsStorageType,
snmpTargetParamsRowStatus
}
STATUS current
DESCRIPTION
"A collection of objects providing basic remote
configuration of management targets."
::= { snmpTargetGroups 1 }
snmpTargetResponseGroup OBJECT-GROUP
OBJECTS {
snmpTargetAddrTimeout,
snmpTargetAddrRetryCount
}
STATUS current
DESCRIPTION
"A collection of objects providing remote configuration
of management targets for applications which generate
SNMP messages for which a response message would be
expected."
::= { snmpTargetGroups 2 }
snmpTargetCommandResponderGroup OBJECT-GROUP
OBJECTS {
snmpUnavailableContexts,
snmpUnknownContexts
}
STATUS current
DESCRIPTION
"A collection of objects required for command responder
applications, used for counting error conditions."
::= { snmpTargetGroups 3 }
END
(page 41 continued on part 3)
