RFC 2737
Entity MIB (Version 2)
not to return a community string which allows more
privileges than the community string used to access this
object.
A compliant SNMP agent may wish to conserve naming scopes by
representing multiple logical entities in a single 'default'
naming scope. This is possible when the logical entities
represented by the same value of entLogicalCommunity have no
object instances in common. For example, 'bridge1' and
'repeater1' may be part of the main naming scope, but at
least one additional community string is needed to represent
'bridge2' and 'repeater2'.
Logical entities 'bridge1' and 'repeater1' would be
represented by sysOREntries associated with the 'default'
naming scope.
For agents not accessible via SNMPv1 or SNMPv2C, the value
of this object is the empty string. This object may also
contain an empty string if a community string has not yet
been assigned by the agent, or no community string with
suitable access rights can be returned for a particular SNMP
request.
Note that this object is deprecated. Agents which implement
SNMPv3 access should use the entLogicalContextEngineID and
entLogicalContextName objects to identify the context
associated with each logical entity. SNMPv3 agents may
return a zero-length string for this object, or may continue
to return a community string (e.g., tri-lingual agent
support)."
::= { entLogicalEntry 4 }
entLogicalTAddress OBJECT-TYPE
SYNTAX TAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The transport service address by which the logical entity
receives network management traffic, formatted according to
the corresponding value of entLogicalTDomain.
For snmpUDPDomain, a TAddress is 6 octets long, the initial
4 octets containing the IP-address in network-byte order and
the last 2 containing the UDP port in network-byte order.
Consult 'Transport Mappings for Version 2 of the Simple
Network Management Protocol' (RFC 1906 [RFC1906]) for
further information on snmpUDPDomain."
::= { entLogicalEntry 5 }
entLogicalTDomain OBJECT-TYPE
SYNTAX TDomain
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates the kind of transport service by which the
logical entity receives network management traffic.
Possible values for this object are presently found in the
Transport Mappings for SNMPv2 document (RFC 1906
[RFC1906])."
::= { entLogicalEntry 6 }
entLogicalContextEngineID OBJECT-TYPE
SYNTAX SnmpEngineIdOrNone
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The authoritative contextEngineID that can be used to send
an SNMP message concerning information held by this logical
entity, to the address specified by the associated
'entLogicalTAddress/entLogicalTDomain' pair.
This object, together with the associated
entLogicalContextName object, defines the context associated
with a particular logical entity, and allows access to SNMP
engines identified by a contextEngineId and contextName
pair.
If no value has been configured by the agent, a zero-length
string is returned, or the agent may choose not to
instantiate this object at all."
::= { entLogicalEntry 7 }
entLogicalContextName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The contextName that can be used to send an SNMP message
concerning information held by this logical entity, to the
address specified by the associated
'entLogicalTAddress/entLogicalTDomain' pair.
This object, together with the associated
entLogicalContextEngineID object, defines the context
associated with a particular logical entity, and allows
access to SNMP engines identified by a contextEngineId and
contextName pair.
If no value has been configured by the agent, a zero-length
string is returned, or the agent may choose not to
instantiate this object at all."
::= { entLogicalEntry 8 }
entLPMappingTable OBJECT-TYPE
SYNTAX SEQUENCE OF EntLPMappingEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains zero or more rows of logical entity to
physical equipment associations. For each logical entity
known by this agent, there are zero or more mappings to the
physical resources which are used to realize that logical
entity.
An agent should limit the number and nature of entries in
this table such that only meaningful and non-redundant
information is returned. For example, in a system which
contains a single power supply, mappings between logical
entities and the power supply are not useful and should not
be included.
Also, only the most appropriate physical component which is
closest to the root of a particular containment tree should
be identified in an entLPMapping entry.
For example, suppose a bridge is realized on a particular
module, and all ports on that module are ports on this
bridge. A mapping between the bridge and the module would be
useful, but additional mappings between the bridge and each
of the ports on that module would be redundant (since the
entPhysicalContainedIn hierarchy can provide the same
information). If, on the other hand, more than one bridge
was utilizing ports on this module, then mappings between
each bridge and the ports it used would be appropriate.
Also, in the case of a single backplane repeater, a mapping
for the backplane to the single repeater entity is not
necessary."
::= { entityMapping 1 }
entLPMappingEntry OBJECT-TYPE
SYNTAX EntLPMappingEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about a particular logical entity to physical
equipment association. Note that the nature of the
association is not specifically identified in this entry.
It is expected that sufficient information exists in the
MIBs used to manage a particular logical entity to infer how
physical component information is utilized."
INDEX { entLogicalIndex, entLPPhysicalIndex }
::= { entLPMappingTable 1 }
EntLPMappingEntry ::= SEQUENCE {
entLPPhysicalIndex PhysicalIndex
}
entLPPhysicalIndex OBJECT-TYPE
SYNTAX PhysicalIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object identifies the index value of a
particular entPhysicalEntry associated with the indicated
entLogicalEntity."
::= { entLPMappingEntry 1 }
-- logical entity/component to alias table
entAliasMappingTable OBJECT-TYPE
SYNTAX SEQUENCE OF EntAliasMappingEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains zero or more rows, representing
mappings of logical entity and physical component to
external MIB identifiers. Each physical port in the system
may be associated with a mapping to an external identifier,
which itself is associated with a particular logical
entity's naming scope. A 'wildcard' mechanism is provided
to indicate that an identifier is associated with more than
one logical entity."
::= { entityMapping 2 }
entAliasMappingEntry OBJECT-TYPE
SYNTAX EntAliasMappingEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about a particular physical equipment, logical
entity to external identifier binding. Each logical
entity/physical component pair may be associated with one
alias mapping. The logical entity index may also be used as
a 'wildcard' (refer to the entAliasLogicalIndexOrZero object
DESCRIPTION clause for details.)
Note that only entPhysicalIndex values which represent
physical ports (i.e. associated entPhysicalClass value is
'port(10)') are permitted to exist in this table."
INDEX { entPhysicalIndex, entAliasLogicalIndexOrZero }
::= { entAliasMappingTable 1 }
EntAliasMappingEntry ::= SEQUENCE {
entAliasLogicalIndexOrZero INTEGER,
entAliasMappingIdentifier RowPointer
}
entAliasLogicalIndexOrZero OBJECT-TYPE
SYNTAX INTEGER (0..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The value of this object identifies the logical entity
which defines the naming scope for the associated instance
of the 'entAliasMappingIdentifier' object.
If this object has a non-zero value, then it identifies the
logical entity named by the same value of entLogicalIndex.
If this object has a value of zero, then the mapping between
the physical component and the alias identifier for this
entAliasMapping entry is associated with all unspecified
logical entities. That is, a value of zero (the default
mapping) identifies any logical entity which does not have
an explicit entry in this table for a particular
entPhysicalIndex/entAliasMappingIdentifier pair.
For example, to indicate that a particular interface (e.g.,
physical component 33) is identified by the same value of
ifIndex for all logical entities, the following instance
might exist:
entAliasMappingIdentifier.33.0 = ifIndex.5
In the event an entPhysicalEntry is associated differently
for some logical entities, additional entAliasMapping
entries may exist, e.g.:
entAliasMappingIdentifier.33.0 = ifIndex.6
entAliasMappingIdentifier.33.4 = ifIndex.1
entAliasMappingIdentifier.33.5 = ifIndex.1
entAliasMappingIdentifier.33.10 = ifIndex.12
Note that entries with non-zero entAliasLogicalIndexOrZero
index values have precedence over any zero-indexed entry. In
this example, all logical entities except 4, 5, and 10,
associate physical entity 33 with ifIndex.6."
::= { entAliasMappingEntry 1 }
entAliasMappingIdentifier OBJECT-TYPE
SYNTAX RowPointer
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object identifies a particular conceptual
row associated with the indicated entPhysicalIndex and
entLogicalIndex pair.
Since only physical ports are modeled in this table, only
entries which represent interfaces or ports are allowed. If
an ifEntry exists on behalf of a particular physical port,
then this object should identify the associated 'ifEntry'.
For repeater ports, the appropriate row in the
'rptrPortGroupTable' should be identified instead.
For example, suppose a physical port was represented by
entPhysicalEntry.3, entLogicalEntry.15 existed for a
repeater, and entLogicalEntry.22 existed for a bridge. Then
there might be two related instances of
entAliasMappingIdentifier:
entAliasMappingIdentifier.3.15 == rptrPortGroupIndex.5.2
entAliasMappingIdentifier.3.22 == ifIndex.17
It is possible that other mappings (besides interfaces and
repeater ports) may be defined in the future, as required.
Bridge ports are identified by examining the Bridge MIB and
appropriate ifEntries associated with each 'dot1dBasePort',
and are thus not represented in this table."
::= { entAliasMappingEntry 2 }
-- physical mapping table
entPhysicalContainsTable OBJECT-TYPE
SYNTAX SEQUENCE OF EntPhysicalContainsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table which exposes the container/'containee'
relationships between physical entities. This table provides
all the information found by constructing the virtual
containment tree for a given entPhysicalTable, but in a more
direct format.
In the event a physical entity is contained by more than one
other physical entity (e.g., double-wide modules), this
table should include these additional mappings, which cannot
be represented in the entPhysicalTable virtual containment
tree."
::= { entityMapping 3 }
entPhysicalContainsEntry OBJECT-TYPE
SYNTAX EntPhysicalContainsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A single container/'containee' relationship."
INDEX { entPhysicalIndex, entPhysicalChildIndex }
::= { entPhysicalContainsTable 1 }
EntPhysicalContainsEntry ::= SEQUENCE {
entPhysicalChildIndex PhysicalIndex
}
entPhysicalChildIndex OBJECT-TYPE
SYNTAX PhysicalIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of entPhysicalIndex for the contained physical
entity."
::= { entPhysicalContainsEntry 1 }
-- last change time stamp for the whole MIB
entLastChangeTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime at the time a conceptual row is
created, modified, or deleted in any of these tables:
- entPhysicalTable
- entLogicalTable
- entLPMappingTable
- entAliasMappingTable
- entPhysicalContainsTable
"
::= { entityGeneral 1 }
-- Entity MIB Trap Definitions
entityMIBTraps OBJECT IDENTIFIER ::= { entityMIB 2 }
entityMIBTrapPrefix OBJECT IDENTIFIER ::= { entityMIBTraps 0 }
entConfigChange NOTIFICATION-TYPE
STATUS current
DESCRIPTION
"An entConfigChange notification is generated when the value
of entLastChangeTime changes. It can be utilized by an NMS
to trigger logical/physical entity table maintenance polls.
An agent should not generate more than one entConfigChange
'notification-event' in a given time interval (five seconds
is the suggested default). A 'notification-event' is the
transmission of a single trap or inform PDU to a list of
notification destinations.
If additional configuration changes occur within the
throttling period, then notification-events for these
changes should be suppressed by the agent until the current
throttling period expires. At the end of a throttling
period, one notification-event should be generated if any
configuration changes occurred since the start of the
throttling period. In such a case, another throttling period
is started right away.
An NMS should periodically check the value of
entLastChangeTime to detect any missed entConfigChange
notification-events, e.g., due to throttling or transmission
loss."
::= { entityMIBTrapPrefix 1 }
-- conformance information
entityConformance OBJECT IDENTIFIER ::= { entityMIB 3 }
entityCompliances OBJECT IDENTIFIER ::= { entityConformance 1 }
entityGroups OBJECT IDENTIFIER ::= { entityConformance 2 }
-- compliance statements
entityCompliance MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for SNMP entities which implement
version 1 of the Entity MIB."
MODULE -- this module
MANDATORY-GROUPS {
entityPhysicalGroup,
entityLogicalGroup,
entityMappingGroup,
entityGeneralGroup,
entityNotificationsGroup
}
::= { entityCompliances 1 }
entity2Compliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities which implement
version 2 of the Entity MIB."
MODULE -- this module
MANDATORY-GROUPS {
entityPhysicalGroup,
entityPhysical2Group,
entityGeneralGroup,
entityNotificationsGroup
}
GROUP entityLogical2Group
DESCRIPTION
"Implementation of this group is not mandatory for agents
which model all MIB object instances within a single naming
scope."
GROUP entityMappingGroup
DESCRIPTION
"Implementation of the entPhysicalContainsTable is mandatory
for all agents. Implementation of the entLPMappingTable and
entAliasMappingTables are not mandatory for agents which
model all MIB object instances within a single naming scope.
Note that the entAliasMappingTable may be useful for all
agents, however implementation of the entityLogicalGroup or
entityLogical2Group is required to support this table."
OBJECT entPhysicalSerialNum
MIN-ACCESS not-accessible
DESCRIPTION
"Read and write access is not required for agents which
cannot identify serial number information for physical
entities, and/or cannot provide non-volatile storage for
NMS-assigned serial numbers.
Write access is not required for agents which can identify
serial number information for physical entities, but cannot
provide non-volatile storage for NMS-assigned serial
numbers.
Write access is not required for physical entities for
physical entities for which the associated value of the
entPhysicalIsFRU object is equal to 'false(2)'."
OBJECT entPhysicalAlias
MIN-ACCESS read-only
DESCRIPTION
"Write access is required only if the associated
entPhysicalClass value is equal to 'chassis(3)'."
OBJECT entPhysicalAssetID
MIN-ACCESS not-accessible
DESCRIPTION
"Read and write access is not required for agents which
cannot provide non-volatile storage for NMS-assigned asset
identifiers.
Write access is not required for physical entities for which
the associated value of entPhysicalIsFRU is equal to
'false(2)'."
::= { entityCompliances 2 }
-- MIB groupings
entityPhysicalGroup OBJECT-GROUP
OBJECTS {
entPhysicalDescr,
entPhysicalVendorType,
entPhysicalContainedIn,
entPhysicalClass,
entPhysicalParentRelPos,
entPhysicalName
}
STATUS current
DESCRIPTION
"The collection of objects which are used to represent
physical system components, for which a single agent
provides management information."
::= { entityGroups 1 }
entityLogicalGroup OBJECT-GROUP
OBJECTS {
entLogicalDescr,
entLogicalType,
entLogicalCommunity,
entLogicalTAddress,
entLogicalTDomain
}
STATUS deprecated
DESCRIPTION
"The collection of objects which are used to represent the
list of logical entities for which a single agent provides
management information."
::= { entityGroups 2 }
entityMappingGroup OBJECT-GROUP
OBJECTS {
entLPPhysicalIndex,
entAliasMappingIdentifier,
entPhysicalChildIndex
}
STATUS current
DESCRIPTION
"The collection of objects which are used to represent the
associations between multiple logical entities, physical
components, interfaces, and port identifiers for which a
single agent provides management information."
::= { entityGroups 3 }
entityGeneralGroup OBJECT-GROUP
OBJECTS {
entLastChangeTime
}
STATUS current
DESCRIPTION
"The collection of objects which are used to represent
general entity information for which a single agent provides
management information."
::= { entityGroups 4 }
entityNotificationsGroup NOTIFICATION-GROUP
NOTIFICATIONS { entConfigChange }
STATUS current
DESCRIPTION
"The collection of notifications used to indicate Entity MIB
data consistency and general status information."
::= { entityGroups 5 }
entityPhysical2Group OBJECT-GROUP
OBJECTS {
entPhysicalHardwareRev,
entPhysicalFirmwareRev,
entPhysicalSoftwareRev,
entPhysicalSerialNum,
entPhysicalMfgName,
entPhysicalModelName,
entPhysicalAlias,
entPhysicalAssetID,
entPhysicalIsFRU
}
STATUS current
DESCRIPTION
"The collection of objects which are used to represent
physical system components, for which a single agent
provides management information. This group augments the
objects contained in the entityPhysicalGroup."
::= { entityGroups 6 }
entityLogical2Group OBJECT-GROUP
OBJECTS {
entLogicalDescr,
entLogicalType,
entLogicalTAddress,
entLogicalTDomain,
entLogicalContextEngineID,
entLogicalContextName
}
STATUS current
DESCRIPTION
"The collection of objects which are used to represent the
list of logical entities for which a single SNMP entity
provides management information."
::= { entityGroups 7 }
END
4. Usage Examples
The following sections iterate the instance values for two example
networking devices. These examples are kept simple to make them more
understandable. Auxiliary components, such as fans, sensors, empty
slots, and sub-modules are not shown, but might be modeled in real
implementations.
4.1. Router/Bridge
A router containing two slots. Each slot contains a 3 port
router/bridge module. Each port is represented in the ifTable. There
are two logical instances of OSPF running and two logical bridges:
Physical entities -- entPhysicalTable:
1 Field-replaceable physical chassis:
entPhysicalDescr.1 == 'Acme Chassis Model 100'
entPhysicalVendorType.1 == acmeProducts.chassisTypes.1
entPhysicalContainedIn.1 == 0
entPhysicalClass.1 == chassis(3)
entPhysicalParentRelPos.1 == 0
entPhysicalName.1 == '100-A'
entPhysicalHardwareRev.1 == 'A(1.00.02)'
entPhysicalSoftwareRev.1 == ''
entPhysicalFirmwareRev.1 == ''
entPhysicalSerialNum.1 == 'C100076544'
entPhysicalMfgName.1 == 'Acme'
entPhysicalModelName.1 == '100'
entPhysicalAlias.1 == 'cl-SJ17-3-006:rack1:rtr-U3'
entPhysicalAssetID.1 == '0007372293'
entPhysicalIsFRU.1 == true(1)
2 slots within the chassis:
entPhysicalDescr.2 == 'Acme Chassis Slot Type AA'
entPhysicalVendorType.2 == acmeProducts.slotTypes.1
entPhysicalContainedIn.2 == 1
entPhysicalClass.2 == container(5)
entPhysicalParentRelPos.2 == 1
entPhysicalName.2 == 'S1'
entPhysicalHardwareRev.2 == 'B(1.00.01)'
entPhysicalSoftwareRev.2 == ''
entPhysicalFirmwareRev.2 == ''
entPhysicalSerialNum.2 == ''
entPhysicalMfgName.2 == 'Acme'
entPhysicalModelName.2 == 'AA'
entPhysicalAlias.2 == ''
entPhysicalAssetID.2 == ''
entPhysicalIsFRU.2 == false(2)
entPhysicalDescr.3 == 'Acme Chassis Slot Type AA'
entPhysicalVendorType.3 = acmeProducts.slotTypes.1
entPhysicalContainedIn.3 == 1
entPhysicalClass.3 == container(5)
entPhysicalParentRelPos.3 == 2
entPhysicalName.3 == 'S2'
entPhysicalHardwareRev.3 == '1.00.07'
entPhysicalSoftwareRev.3 == ''
entPhysicalFirmwareRev.3 == ''
entPhysicalSerialNum.3 == ''
entPhysicalMfgName.3 == 'Acme'
entPhysicalModelName.3 == 'AA'
entPhysicalAlias.3 == ''
entPhysicalAssetID.3 == ''
entPhysicalIsFRU.3 == false(2)
2 Field-replaceable modules:
Slot 1 contains a module with 3 ports:
entPhysicalDescr.4 == 'Acme Router-100'
entPhysicalVendorType.4 == acmeProducts.moduleTypes.14
entPhysicalContainedIn.4 == 2
entPhysicalClass.4 == module(9)
entPhysicalParentRelPos.4 == 1
entPhysicalName.4 == 'M1'
entPhysicalHardwareRev.4 == '1.00.07'
entPhysicalSoftwareRev.4 == '1.4.1'
entPhysicalFirmwareRev.4 == 'A(1.1)'
entPhysicalSerialNum.4 == 'C100087363'
entPhysicalMfgName.4 == 'Acme'
entPhysicalModelName.4 == 'R100-FE'
entPhysicalAlias.4 == 'rtr-U3:m1:SJ17-3-eng'
entPhysicalAssetID.4 == '0007372462'
entPhysicalIsFRU.4 == true(1)
entPhysicalDescr.5 == 'Acme Ethernet-100 Port'
entPhysicalVendorType.5 == acmeProducts.portTypes.2
entPhysicalContainedIn.5 == 4
entPhysicalClass.5 == port(10)
entPhysicalParentRelPos.5 == 1
entPhysicalName.5 == 'P1'
entPhysicalHardwareRev.5 == 'G(1.02)'
entPhysicalSoftwareRev.5 == ''
entPhysicalFirmwareRev.5 == '1.1'
entPhysicalSerialNum.5 == ''
entPhysicalMfgName.5 == 'Acme'
entPhysicalModelName.5 == 'FE-100'
entPhysicalAlias.5 == ''
entPhysicalAssetID.5 == ''
entPhysicalIsFRU.5 == false(2)
entPhysicalDescr.6 == 'Acme Ethernet-100 Port'
entPhysicalVendorType.6 == acmeProducts.portTypes.2
entPhysicalContainedIn.6 == 4
entPhysicalClass.6 == port(10)
entPhysicalParentRelPos.6 == 2
entPhysicalName.6 == 'P2'
entPhysicalHardwareRev.6 == 'G(1.02)'
entPhysicalSoftwareRev.6 == ''
entPhysicalFirmwareRev.6 == '1.1'
entPhysicalSerialNum.6 == ''
entPhysicalMfgName.6 == 'Acme'
entPhysicalModelName.6 == 'FE-100'
entPhysicalAlias.6 == ''
entPhysicalAssetID.6 == ''
entPhysicalIsFRU.6 == false(2)
entPhysicalDescr.7 == 'Acme Router-100 FDDI-Port'
entPhysicalVendorType.7 == acmeProducts.portTypes.3
entPhysicalContainedIn.7 == 4
entPhysicalClass.7 == port(10)
entPhysicalParentRelPos.7 == 3
entPhysicalName.7 == 'P3'
entPhysicalHardwareRev.7 == 'B(1.03)'
entPhysicalSoftwareRev.7 == '2.5.1'
entPhysicalFirmwareRev.7 == '2.5F'
entPhysicalSerialNum.7 == ''
entPhysicalMfgName.7 == 'Acme'
entPhysicalModelName.7 == 'FDDI-100'
entPhysicalAlias.7 == ''
entPhysicalAssetID.7 == ''
entPhysicalIsFRU.7 == false(2)
Slot 2 contains another 3-port module:
entPhysicalDescr.8 == 'Acme Router-100 Comm Module'
entPhysicalVendorType.8 == acmeProducts.moduleTypes.15
entPhysicalContainedIn.8 == 3
entPhysicalClass.8 == module(9)
entPhysicalParentRelPos.8 == 1
entPhysicalName.8 == 'M2'
entPhysicalHardwareRev.8 == '2.01.00'
entPhysicalSoftwareRev.8 == '3.0.7'
entPhysicalFirmwareRev.8 == 'A(1.2)'
entPhysicalSerialNum.8 == 'C100098732'
entPhysicalMfgName.8 == 'Acme'
entPhysicalModelName.8 == 'C100'
entPhysicalAlias.8 == 'rtr-U3:m2:SJ17-2-eng'
entPhysicalAssetID.8 == '0007373982'
entPhysicalIsFRU.8 == true(1)
entPhysicalDescr.9 == 'Acme Fddi-100 Port'
entPhysicalVendorType.9 == acmeProducts.portTypes.5
entPhysicalContainedIn.9 == 8
entPhysicalClass.9 == port(10)
entPhysicalParentRelPos.9 == 1
entPhysicalName.9 == 'FDDI Primary'
entPhysicalHardwareRev.9 == 'CC(1.07)'
entPhysicalSoftwareRev.9 == '2.0.34'
entPhysicalFirmwareRev.9 == '1.1'
entPhysicalSerialNum.9 == ''
entPhysicalMfgName.9 == 'Acme'
entPhysicalModelName.9 == 'FDDI-100'
entPhysicalAlias.9 == ''
entPhysicalAssetID.9 == ''
entPhysicalIsFRU.9 == false(2)
entPhysicalDescr.10 == 'Acme Ethernet-100 Port'
entPhysicalVendorType.10 == acmeProducts.portTypes.2
entPhysicalContainedIn.10 == 8
entPhysicalClass.10 == port(10)
entPhysicalParentRelPos.10 == 2
entPhysicalName.10 == 'Ethernet A'
entPhysicalHardwareRev.10 == 'G(1.04)'
entPhysicalSoftwareRev.10 == ''
entPhysicalFirmwareRev.10 == '1.3'
entPhysicalSerialNum.10 == ''
entPhysicalMfgName.10 == 'Acme'
entPhysicalModelName.10 == 'FE-100'
entPhysicalAlias.10 == ''
entPhysicalAssetID.10 == ''
entPhysicalIsFRU.10 == false(2)
entPhysicalDescr.11 == 'Acme Ethernet-100 Port'
entPhysicalVendorType.11 == acmeProducts.portTypes.2
entPhysicalContainedIn.11 == 8
entPhysicalClass.11 == port(10)
entPhysicalParentRelPos.11 == 3
entPhysicalName.11 == 'Ethernet B'
entPhysicalHardwareRev.11 == 'G(1.04)'
entPhysicalSoftwareRev.11 == ''
entPhysicalFirmwareRev.11 == '1.3'
entPhysicalSerialNum.11 == ''
entPhysicalMfgName.11 == 'Acme'
entPhysicalModelName.11 == 'FE-100'
entPhysicalAlias.11 == ''
entPhysicalAssetID.11 == ''
entPhysicalIsFRU.11 == false(2)
Logical entities -- entLogicalTable; no SNMPv3 support
2 OSPF instances:
entLogicalDescr.1 == 'Acme OSPF v1.1'
entLogicalType.1 == ospf
entLogicalCommunity.1 == 'public-ospf1'
entLogicalTAddress.1 == 124.125.126.127:161
entLogicalTDomain.1 == snmpUDPDomain
entLogicalContextEngineID.1 == ''
entLogicalContextName.1 == ''
entLogicalDescr.2 == 'Acme OSPF v1.1'
entLogicalType.2 == ospf
entLogicalCommunity.2 == 'public-ospf2'
entLogicalTAddress.2 == 124.125.126.127:161
entLogicalTDomain.2 == snmpUDPDomain
entLogicalContextEngineID.2 == ''
entLogicalContextName.2 == ''
2 logical bridges:
entLogicalDescr.3 == 'Acme Bridge v2.1.1'
entLogicalType.3 == dot1dBridge
entLogicalCommunity.3 == 'public-bridge1'
entLogicalTAddress.3 == 124.125.126.127:161
entLogicalTDomain.3 == snmpUDPDomain
entLogicalContextEngineID.3 == ''
entLogicalContextName.3 == ''
entLogicalDescr.4 == 'Acme Bridge v2.1.1'
entLogicalType.4 == dot1dBridge
entLogicalCommunity.4 == 'public-bridge2'
entLogicalTAddress.4 == 124.125.126.127:161
entLogicalTDomain.4 == snmpUDPDomain
entLogicalContextEngineID.4 == ''
entLogicalContextName.4 == ''
Logical to Physical Mappings:
1st OSPF instance: uses module 1-port 1
entLPPhysicalIndex.1.5 == 5
2nd OSPF instance: uses module 2-port 1
entLPPhysicalIndex.2.9 == 9
1st bridge group: uses module 1, all ports
[ed. -- Note that these mappings are included in the table since
another logical entity (1st OSPF) utilizes one of the
ports. If this were not the case, then a single mapping
to the module (e.g., entLPPhysicalIndex.3.4) would be
present instead. ]
entLPPhysicalIndex.3.5 == 5
entLPPhysicalIndex.3.6 == 6
entLPPhysicalIndex.3.7 == 7
2nd bridge group: uses module 2, all ports
entLPPhysicalIndex.4.9 == 9
entLPPhysicalIndex.4.10 == 10
entLPPhysicalIndex.4.11 == 11
Physical to Logical to MIB Alias Mappings -- entAliasMappingTable:
Example 1: ifIndex values are global to all logical entities
entAliasMappingIdentifier.5.0 == ifIndex.1
entAliasMappingIdentifier.6.0 == ifIndex.2
entAliasMappingIdentifier.7.0 == ifIndex.3
entAliasMappingIdentifier.9.0 == ifIndex.4
entAliasMappingIdentifier.10.0 == ifIndex.5
entAliasMappingIdentifier.11.0 == ifIndex.6
Example 2: ifIndex values are not shared by all logical entities
entAliasMappingIdentifier.5.0 == ifIndex.1
entAliasMappingIdentifier.5.3 == ifIndex.101
entAliasMappingIdentifier.6.0 == ifIndex.2
entAliasMappingIdentifier.6.3 == ifIndex.102
entAliasMappingIdentifier.7.0 == ifIndex.3
entAliasMappingIdentifier.7.3 == ifIndex.103
entAliasMappingIdentifier.9.0 == ifIndex.4
entAliasMappingIdentifier.9.3 == ifIndex.204
entAliasMappingIdentifier.10.0 == ifIndex.5
entAliasMappingIdentifier.10.3 == ifIndex.205
entAliasMappingIdentifier.11.0 == ifIndex.6
entAliasMappingIdentifier.11.3 == ifIndex.206
Physical Containment Tree -- entPhysicalContainsTable
chassis has two containers:
entPhysicalChildIndex.1.2 == 2
entPhysicalChildIndex.1.3 == 3
container 1 has a module:
entPhysicalChildIndex.2.4 == 4
container 2 has a module:
entPhysicalChildIndex.3.8 == 8
module 1 has 3 ports:
entPhysicalChildIndex.4.5 == 5
entPhysicalChildIndex.4.6 == 6
entPhysicalChildIndex.4.7 == 7
module 2 has 3 ports:
entPhysicalChildIndex.8.9 == 9
entPhysicalChildIndex.8.10 == 10
entPhysicalChildIndex.1.11 == 11
4.2. Repeaters
A 3-slot Hub with 2 backplane ethernet segments. Slot three is
empty, and the remaining slots contain ethernet repeater modules.
Note that this example assumes an older Repeater MIB implementation,
(RFC 1516 [RFC1516]) rather than the new Repeater MIB (RFC 2108
[RFC2108]). The new version contains an object called '
rptrPortRptrId', which should be used to identify repeater port
groupings, rather than with community strings or contexts.
Physical entities -- entPhysicalTable:
1 Field-replaceable physical chassis:
entPhysicalDescr.1 == 'Acme Chassis Model 110'
entPhysicalVendorType.1 == acmeProducts.chassisTypes.2
entPhysicalContainedIn.1 == 0
entPhysicalClass.1 == chassis(3)
entPhysicalParentRelPos.1 == 0
entPhysicalName.1 == '110-B'
entPhysicalHardwareRev.1 == 'A(1.02.00)'
entPhysicalSoftwareRev.1 == ''
entPhysicalFirmwareRev.1 == ''
entPhysicalSerialNum.1 == 'C100079294'
entPhysicalMfgName.1 == 'Acme'
entPhysicalModelName.1 == '110'
entPhysicalAlias.1 == 'bldg09:floor1:rptr18:0067eea0229f'
entPhysicalAssetID.1 == '0007386327'
entPhysicalIsFRU.1 == true(1)
2 Chassis Ethernet Backplanes:
entPhysicalDescr.2 == 'Acme Ethernet Backplane Type A'
entPhysicalVendorType.2 == acmeProducts.backplaneTypes.1
entPhysicalContainedIn.2 == 1
entPhysicalClass.2 == backplane(4)
entPhysicalParentRelPos.2 == 1
entPhysicalName.2 == 'B1'
entPhysicalHardwareRev.2 == 'A(2.04.01)'
entPhysicalSoftwareRev.2 == ''
entPhysicalFirmwareRev.2 == ''
entPhysicalSerialNum.2 == ''
entPhysicalMfgName.2 == 'Acme'
entPhysicalModelName.2 == 'BK-A'
entPhysicalAlias.2 == ''
entPhysicalAssetID.2 == ''
entPhysicalIsFRU.2 == false(2)
entPhysicalDescr.3 == 'Acme Ethernet Backplane Type A'
entPhysicalVendorType.3 == acmeProducts.backplaneTypes.1
entPhysicalContainedIn.3 == 1
entPhysicalClass.3 == backplane(4)
entPhysicalParentRelPos.3 == 2
entPhysicalName.3 == 'B2'
entPhysicalHardwareRev.3 == 'A(2.04.01)'
entPhysicalSoftwareRev.3 == ''
entPhysicalFirmwareRev.3 == ''
entPhysicalSerialNum.3 == ''
entPhysicalMfgName.3 == 'Acme'
entPhysicalModelName.3 == 'BK-A'
entPhysicalAlias.3 == ''
entPhysicalAssetID.3 == ''
entPhysicalIsFRU.3 == false(2)
3 slots within the chassis:
entPhysicalDescr.4 == 'Acme Hub Slot Type RB'
entPhysicalVendorType.4 == acmeProducts.slotTypes.5
entPhysicalContainedIn.4 == 1
entPhysicalClass.4 == container(5)
entPhysicalParentRelPos.4 == 1
entPhysicalName.4 == 'Slot 1'
entPhysicalHardwareRev.4 == 'B(1.00.03)'
entPhysicalSoftwareRev.4 == ''
entPhysicalFirmwareRev.4 == ''
entPhysicalSerialNum.4 == ''
entPhysicalMfgName.4 == 'Acme'
entPhysicalModelName.4 == 'RB'
entPhysicalAlias.4 == ''
entPhysicalAssetID.4 == ''
entPhysicalIsFRU.4 == false(2)
entPhysicalDescr.5 == 'Acme Hub Slot Type RB'
entPhysicalVendorType.5 == acmeProducts.slotTypes.5
entPhysicalContainedIn.5 == 1
entPhysicalClass.5 == container(5)
entPhysicalParentRelPos.5 == 2
entPhysicalName.5 == 'Slot 2'
entPhysicalHardwareRev.5 == 'B(1.00.03)'
entPhysicalSoftwareRev.5 == ''
entPhysicalFirmwareRev.5 == ''
entPhysicalSerialNum.5 == ''
entPhysicalMfgName.5 == 'Acme'
entPhysicalModelName.5 == 'RB'
entPhysicalAlias.5 == ''
entPhysicalAssetID.5 == ''
entPhysicalIsFRU.5 == false(2)
entPhysicalDescr.6 == 'Acme Hub Slot Type RB'
entPhysicalVendorType.6 == acmeProducts.slotTypes.5
entPhysicalContainedIn.6 == 1
entPhysicalClass.6 == container(5)
entPhysicalParentRelPos.6 == 3
entPhysicalName.6 == 'Slot 3'
entPhysicalHardwareRev.6 == 'B(1.00.03)'
entPhysicalSoftwareRev.6 == ''
entPhysicalFirmwareRev.6 == ''
entPhysicalSerialNum.6 == ''
entPhysicalMfgName.6 == 'Acme'
entPhysicalModelName.6 == 'RB'
entPhysicalAlias.6 == ''
entPhysicalAssetID.6 == ''
entPhysicalIsFRU.6 == false(2)
Slot 1 contains a plug-in module with 4 10-BaseT ports:
entPhysicalDescr.7 == 'Acme 10Base-T Module 114'
entPhysicalVendorType.7 == acmeProducts.moduleTypes.32
entPhysicalContainedIn.7 == 4
entPhysicalClass.7 == module(9)
entPhysicalParentRelPos.7 == 1
entPhysicalName.7 == 'M1'
entPhysicalHardwareRev.7 == 'A(1.02.01)'
entPhysicalSoftwareRev.7 == '1.7.2'
entPhysicalFirmwareRev.7 == 'A(1.5)'
entPhysicalSerialNum.7 == 'C100096244'
entPhysicalMfgName.7 == 'Acme'
entPhysicalModelName.7 = '114'
entPhysicalAlias.7 == 'bldg09:floor1:eng'
entPhysicalAssetID.7 == '0007962951'
entPhysicalIsFRU.7 == true(1)
entPhysicalDescr.8 == 'Acme 10Base-T Port RB'
entPhysicalVendorType.8 == acmeProducts.portTypes.10
entPhysicalContainedIn.8 == 7
entPhysicalClass.8 == port(10)
entPhysicalParentRelPos.8 == 1
entPhysicalName.8 == 'Ethernet-A'
entPhysicalHardwareRev.8 == 'A(1.04F)'
entPhysicalSoftwareRev.8 == ''
entPhysicalFirmwareRev.8 == '1.4'
entPhysicalSerialNum.8 == ''
entPhysicalMfgName.8 == 'Acme'
entPhysicalModelName.8 == 'RB'
entPhysicalAlias.8 == ''
entPhysicalAssetID.8 == ''
entPhysicalIsFRU.8 == false(2)
entPhysicalDescr.9 == 'Acme 10Base-T Port RB'
entPhysicalVendorType.9 == acmeProducts.portTypes.10
entPhysicalContainedIn.9 == 7
entPhysicalClass.9 == port(10)
entPhysicalParentRelPos.9 == 2
entPhysicalName.9 == 'Ethernet-B'
entPhysicalHardwareRev.9 == 'A(1.04F)'
entPhysicalSoftwareRev.9 == ''
entPhysicalFirmwareRev.9 == '1.4'
entPhysicalSerialNum.9 == ''
entPhysicalMfgName.9 == 'Acme'
entPhysicalModelName.9 = 'RB'
entPhysicalAlias.9 == ''
entPhysicalAssetID.9 == ''
entPhysicalIsFRU.9 == false(2)
entPhysicalDescr.10 == 'Acme 10Base-T Port RB'
entPhysicalVendorType.10 == acmeProducts.portTypes.10
entPhysicalContainedIn.10 == 7
entPhysicalClass.10 == port(10)
entPhysicalParentRelPos.10 == 3
entPhysicalName.10 == 'Ethernet-C'
entPhysicalHardwareRev.10 == 'B(1.02.07)'
entPhysicalSoftwareRev.10 == ''
entPhysicalFirmwareRev.10 == '1.4'
entPhysicalSerialNum.10 == ''
entPhysicalMfgName.10 == 'Acme'
entPhysicalModelName.10 == 'RB'
entPhysicalAlias.10 == ''
entPhysicalAssetID.10 == ''
entPhysicalIsFRU.10 == false(2)
entPhysicalDescr.11 == 'Acme 10Base-T Port RB'
entPhysicalVendorType.11 == acmeProducts.portTypes.10
entPhysicalContainedIn.11 == 7
entPhysicalClass.11 == port(10)
entPhysicalParentRelPos.11 == 4
entPhysicalName.11 == 'Ethernet-D'
entPhysicalHardwareRev.11 == 'B(1.02.07)'
entPhysicalSoftwareRev.11 == ''
entPhysicalFirmwareRev.11 == '1.4'
entPhysicalSerialNum.11 == ''
entPhysicalMfgName.11 == 'Acme'
entPhysicalModelName.11 == 'RB'
entPhysicalAlias.11 == ''
entPhysicalAssetID.11 == ''
entPhysicalIsFRU.11 == false(2)
Slot 2 contains another ethernet module with 2 ports.
entPhysicalDescr.12 == 'Acme 10Base-T Module Model 4'
entPhysicalVendorType.12 == acmeProducts.moduleTypes.30
entPhysicalContainedIn.12 = 5
entPhysicalClass.12 == module(9)
entPhysicalParentRelPos.12 == 1
entPhysicalName.12 == 'M2'
entPhysicalHardwareRev.12 == 'A(1.01.07)'
entPhysicalSoftwareRev.12 == '1.8.4'
entPhysicalFirmwareRev.12 == 'A(1.8)'
entPhysicalSerialNum.12 == 'C100102384'
entPhysicalMfgName.12 == 'Acme'
entPhysicalModelName.12 == '4'
entPhysicalAlias.12 == 'bldg09:floor1:devtest'
entPhysicalAssetID.12 == '0007968462'
entPhysicalIsFRU.12 == true(1)
entPhysicalDescr.13 == 'Acme 802.3 AUI Port'
entPhysicalVendorType.13 == acmeProducts.portTypes.11
entPhysicalContainedIn.13 == 12
entPhysicalClass.13 == port(10)
entPhysicalParentRelPos.13 == 1
entPhysicalName.13 == 'AUI'
entPhysicalHardwareRev.13 == 'A(1.06F)'
entPhysicalSoftwareRev.13 == ''
entPhysicalFirmwareRev.13 == '1.5'
entPhysicalSerialNum.13 == ''
entPhysicalMfgName.13 == 'Acme'
entPhysicalModelName.13 == ''
entPhysicalAlias.13 == ''
entPhysicalAssetID.13 == ''
entPhysicalIsFRU.13 == false(2)
entPhysicalDescr.14 == 'Acme 10Base-T Port RD'
entPhysicalVendorType.14 == acmeProducts.portTypes.14
entPhysicalContainedIn.14 == 12
entPhysicalClass.14 == port(10)
entPhysicalParentRelPos.14 == 2
entPhysicalName.14 == 'E2'
entPhysicalHardwareRev.14 == 'B(1.01.02)'
entPhysicalSoftwareRev.14 == ''
entPhysicalFirmwareRev.14 == '2.1'
entPhysicalSerialNum.14 == ''
entPhysicalMfgName.14 == 'Acme'
entPhysicalModelName.14 == ''
entPhysicalAlias.14 == ''
entPhysicalAssetID.14 == ''
entPhysicalIsFRU.14 == false(2)
Logical entities -- entLogicalTable; with SNMPv3 support
Repeater 1--comprised of any ports attached to backplane 1
entLogicalDescr.1 == 'Acme repeater v3.1'
entLogicalType.1 == snmpDot3RptrMgt
entLogicalCommunity.1 'public-repeater1'
entLogicalTAddress.1 == 124.125.126.127:161
entLogicalTDomain.1 == snmpUDPDomain
entLogicalContextEngineID.1 == '80000777017c7d7e7f'H
entLogicalContextName.1 == 'repeater1'
Repeater 2--comprised of any ports attached to backplane 2:
entLogicalDescr.2 == 'Acme repeater v3.1'
entLogicalType.2 == snmpDot3RptrMgt
entLogicalCommunity.2 == 'public-repeater2'
entLogicalTAddress.2 == 124.125.126.127:161
entLogicalTDomain.2 == snmpUDPDomain
entLogicalContextEngineID.2 == '80000777017c7d7e7f'H
entLogicalContextName.2 == 'repeater2'
Logical to Physical Mappings -- entLPMappingTable:
repeater1 uses backplane 1, slot 1-ports 1 & 2, slot 2-port 1
[ed. -- Note that a mapping to the module is not included,
since in this example represents a port-switchable hub.
Even though all ports on the module could belong to the
same repeater as a matter of configuration, the LP port
mappings should not be replaced dynamically with a single
mapping for the module (e.g., entLPPhysicalIndex.1.7).
If all ports on the module shared a single backplane connection,
then a single mapping for the module would be more appropriate. ]
entLPPhysicalIndex.1.2 == 2
entLPPhysicalIndex.1.8 == 8
entLPPhysicalIndex.1.9 == 9
entLPPhysicalIndex.1.13 == 13
repeater2 uses backplane 2, slot 1-ports 3 & 4, slot 2-port 2
entLPPhysicalIndex.2.3 == 3
entLPPhysicalIndex.2.10 == 10
entLPPhysicalIndex.2.11 == 11
entLPPhysicalIndex.2.14 == 14
Physical to Logical to MIB Alias Mappings -- entAliasMappingTable:
Repeater Port Identifier values are shared by both repeaters:
entAliasMappingIdentifier.8.0 == rptrPortGroupIndex.1.1
entAliasMappingIdentifier.9.0 == rptrPortGroupIndex.1.2
entAliasMappingIdentifier.10.0 == rptrPortGroupIndex.1.3
entAliasMappingIdentifier.11.0 == rptrPortGroupIndex.1.4
entAliasMappingIdentifier.13.0 == rptrPortGroupIndex.2.1
entAliasMappingIdentifier.14.0 == rptrPortGroupIndex.2.2
Physical Containment Tree -- entPhysicalContainsTable
chassis has two backplanes and three containers:
entPhysicalChildIndex.1.2 == 2
entPhysicalChildIndex.1.3 == 3
entPhysicalChildIndex.1.4 == 4
entPhysicalChildIndex.1.5 == 5
entPhysicalChildIndex.1.6 == 6
container 1 has a module:
entPhysicalChildIndex.4.7 == 7
container 2 has a module
entPhysicalChildIndex.5.12 == 12
[ed. - in this example, container 3 is empty.]
module 1 has 4 ports:
entPhysicalChildIndex.7.8 == 8
entPhysicalChildIndex.7.9 == 9
entPhysicalChildIndex.7.10 == 10
entPhysicalChildIndex.7.11 == 11
module 2 has 2 ports:
entPhysicalChildIndex.12.13 == 13
entPhysicalChildIndex.12.14 == 14
5. Intellectual Property
The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; neither does it represent that it
has made any effort to identify any such rights. Information on the
IETF's procedures with respect to rights in standards-track and
standards-related documentation can be found in BCP-11. Copies of
claims of rights made available for publication and any assurances of
licenses to be made available, or the result of an attempt made to
obtain a general license or permission for the use of such
proprietary rights by implementors or users of this specification can
be obtained from the IETF Secretariat.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights which may cover technology that may be required to practice
this standard. Please address the information to the IETF Executive
Director.
6. Acknowledgements
This memo has been produced by the IETF's Entity MIB working group.
7. References
[RFC1155] Rose, M. and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based Internets", STD 16, RFC 1155, May 1990. [RFC1157] Case, J., Fedor, M., Schoffstall, M. and J. Davin, "Simple Network Management Protocol", STD 15, RFC 1157, May 1990. [RFC1212] Rose, M. and K. McCloghrie, "Concise MIB Definitions", STD 16, RFC 1212, March 1991. [RFC1215] Rose, M., "A Convention for Defining Traps for use with the SNMP", RFC 1215, March 1991. [RFC1493] Decker, E., Langille, P., Rijsinghani, A. and K. McCloghrie, "Definitions of Managed Objects for Bridges", RFC 1493, July 1993. [RFC1516] McMaster, D. and K. McCloghrie, "Definitions of Managed Objects for IEEE 802.3 Repeater Devices", RFC 1516, September 1993. [RFC1901] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, January 1996. [RFC1905] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, January 1996. [RFC1906] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1906, January 1996. [RFC2026] Bradner, S., "The Internet Standards Process -- Revision 3", BCP 9, RFC 2026, October 1996. [RFC2037] McCloghrie, K. and A. Bierman, "Entity MIB using SMIv2", RFC 2037, October 1996. [RFC2108] de Graaf, K., Romascanu, D., McMaster, D. and K. McCloghrie, "Definitions of Managed Objects for IEEE 802.3 Repeater Devices using SMIv2", RFC 2108, February 1997. [RFC2233] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB Using SMIv2", RFC 2233, November 1997.
[RFC2570] Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction to Version 3 of the Internet-standard Network Management Framework", RFC 2570, April 1999. [RFC2571] Harrington, D., Presuhn, R. and B. Wijnen, "An Architecture for Describing SNMP Management Frameworks", RFC 2571, April 1999. [RFC2572] Case, J., Harrington D., Presuhn R. and B. Wijnen, "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2572, April 1999. [RFC2573] Levi, D., Meyer, P. and B. Stewart, "SNMPv3 Applications", RFC 2573, April 1999. [RFC2574] Blumenthal, U. and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2574, April 1999. [RFC2575] Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2575, April 1999. [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. 8. Security Considerations There are a number of management objects defined in this MIB that have a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. There are a number of managed objects in this MIB that may contain sensitive information. These are:
entPhysicalDescr
entPhysicalVendorType
entPhysicalHardwareRev
entPhysicalFirmwareRev
entPhysicalSoftwareRev
entPhysicalSerialNum
entPhysicalMfgName
entPhysicalModelName
These objects expose information about the physical entities within a
managed system, which may be used to identify the vendor, model, and
version information of each system component.
entPhysicalAssetID
This object can allow asset identifiers for various system components
to be exposed, in the event this MIB object is actually configured by
an NMS application.
entLogicalDescr
entLogicalType
These objects expose the type of logical entities present in the
managed system.
entLogicalCommunity
This object exposes community names associated with particular
logical entites within the system.
entLogicalTAddress
entLogicalTDomain
These objects expose network addresses that can be used to
communicate with an SNMP agent on behalf of particular logical
entities within the system.
entLogicalContextEngineID
entLogicalContextName
These objects identify the authoritative SNMP engine that contains
information on behalf of particular logical entities within the
system.
It is thus important to control even GET access to these objects and
possibly to even encrypt the values of these object when sending them
over the network via SNMP. Not all versions of SNMP provide features
for such a secure environment.
SNMPv1 by itself is not a secure environment. Even if the network itself is secure (for example by using IPSec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB. It is recommended that the implementers consider the security features as provided by the SNMPv3 framework. Specifically, the use of the User-based Security Model RFC 2574 [RFC2574] and the View- based Access Control Model RFC 2575 [RFC2575] is recommended. It is then a customer/user responsibility to ensure that the SNMP entity giving access to an instance of this MIB, is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them. 9. Authors' Addresses Keith McCloghrie Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA Phone: +1 408-526-5260 EMail: kzm@cisco.com Andy Bierman Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA Phone: +1 408-527-3711 EMail: abierman@cisco.com
10. Full Copyright Statement Copyright (C) The Internet Society (1999). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Acknowledgement Funding for the RFC Editor function is currently provided by the Internet Society.