RFC 3273
Remote Network Monitoring Management Information Base for High Capacity Networks
Network Working Group S. Waldbusser Request for Comments: 3273 July 2002 Category: Standards Track Remote Network Monitoring Management Information Base for High Capacity Networks Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2002). All Rights Reserved.Abstract
This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in TCP/IP-based internets. In particular, it defines objects for managing remote network monitoring (RMON) devices for use on high speed networks. This document contains a MIB Module that defines these new objects and also contains definitions of some updated objects from the RMON-MIB in RFC 2819 and the RMON2-MIB in RFC 2021.Table of Contents
1 The SNMP Management Framework ............................... 2 2 Overview .................................................... 3 2.1 Structure of MIB .......................................... 3 3 Updates to RMON MIB and RMON2 MIB objects ................... 4 4 Conventions ................................................. 6 5 Definitions ................................................. 7 6 Security Considerations .....................................73 7 Acknowledgments .............................................73 8 References ..................................................73 9 Notices .....................................................75 10 Author's Address.............................................76 11 Full Copyright Statement.....................................77
1. The SNMP Management Framework
The SNMP Management Framework presently consists of five major components: o An overall architecture, described in RFC 2571 [1]. o Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in STD 16, RFC 1155 [2], STD 16, RFC 1212 [3], and RFC 1215 [4]. The second version, called SMIv2, is described in STD 58, RFC 2578 [5], RFC 2579 [6], and RFC 2580 [7]. o Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and is described in STD 15, RFC 1157 [8]. A second version of the SNMP message protocol, which is not an Internet standards track protocol, is called SNMPv2c and is described in RFC 1901 [9], and RFC 1906 [10]. The third version of the message protocol is called SNMPv3 and is described in RFC 1906 [10], RFC 2572 [11], and RFC 2574 [12]. o Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described in STD 15, RFC 1157 [8]. A second set of protocol operations and associated PDU formats is described in RFC 1905 [13]. o A set of fundamental applications described in RFC 2573 [14] and the view-based access control mechanism described in RFC 2575 [15]. A more detailed introduction to the current SNMP Management Framework can be found in RFC 2570 [22]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the mechanisms defined in the SMI. This memo specifies a MIB module that is compliant to the SMIv2. A MIB conforming to the SMIv1 can be produced through the appropriate translations. The resulting translated MIB must be semantically equivalent, except where objects or events are omitted because no translation is possible (use of Counter64). Some machine readable information in SMIv2 will be converted into textual descriptions in
SMIv1 during the translation process. However, this loss of machine readable information is not considered to change the semantics of the MIB.2. Overview
This document continues the architecture created in the RMON MIB [RFC 2819] by supporting high speed networks. Remote network monitoring devices, often called monitors or probes, are instruments that exist for the purpose of managing a network. Often these remote probes are stand-alone devices and devote significant internal resources for the sole purpose of managing a network. An organization may employ many of these devices, one per network segment, to manage its internet. In addition, these devices may be used for a network management service provider to access a client network, often geographically remote. The objects defined in this document are intended as an interface between an RMON agent and an RMON management application and are not intended for direct manipulation by humans. While some users may tolerate the direct display of some of these objects, few will tolerate the complexity of manually manipulating objects to accomplish row creation. These functions should be handled by the management application.2.1 Structure of MIB
Except for the mediaIndependentTable, each of the tables in this MIB adds high capacity capability to an associated table in the RMON-1 MIB or RMON-2 MIB. The objects are arranged into the following groups: - mediaIndependentGroup - etherStatsHighCapacityGroup - etherHistoryHighCapacityGroup - hostHighCapacityGroup - hostTopNHighCapacityGroup - matrixHighCapacityGroup - captureBufferHighCapacityGroup
- protocolDistributionHighCapacityGroup
- nlHostHighCapacityGroup
- nlMatrixHighCapacityGroup
- nlMatrixTopNHighCapacityGroup
- alHostHighCapacityGroup
- alMatrixHighCapacityGroup
- alMatrixTopNHighCapacityGroup
- usrHistoryHighCapacityGroup
These groups are the basic units of conformance. If a remote
monitoring device implements a group, then it must implement all
objects in that group. For example, a managed agent that implements
the network layer matrix group must implement the
nlMatrixSDHighCapacityTable and the nlMatrixDSHighCapacityTable.
Implementations of this MIB must also implement the system and
interfaces group of MIB-II [16,17]. MIB-II may also mandate the
implementation of additional groups.
These groups are defined to provide a means of assigning object
identifiers, and to provide a method for agent implementors to know
which objects they must implement.
3. Updates to RMON MIB and RMON2 MIB objects
This document extends the enumerations in the following objects from
the RMON MIB [18] and the RMON2 MIB [20].
From the RMON MIB:
hostTopNRateBase OBJECT-TYPE
SYNTAX INTEGER {
hostTopNInPkts(1),
hostTopNOutPkts(2),
hostTopNInOctets(3),
hostTopNOutOctets(4),
hostTopNOutErrors(5),
hostTopNOutBroadcastPkts(6),
hostTopNOutMulticastPkts(7),
hostTopNHCInPkts(8),
hostTopNHCOutPkts(9),
hostTopNHCInOctets(10),
hostTopNHCOutOctets(11)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The variable for each host that the hostTopNRate
variable is based upon, as well as a control
for the table that the results will be reported in.
This object may not be modified if the associated
hostTopNStatus object is equal to valid(1).
If this value is less than or equal to 7, when the report
is prepared, entries are created in the hostTopNTable
associated with this object.
If this value is greater than or equal to 8, when the report
is prepared, entries are created in the
hostTopNHighCapacityTable associated with this object."
::= { hostTopNControlEntry 3 }
From the RMON2 MIB:
nlMatrixTopNControlRateBase OBJECT-TYPE
SYNTAX INTEGER {
nlMatrixTopNPkts(1),
nlMatrixTopNOctets(2),
nlMatrixTopNHighCapacityPkts(3),
nlMatrixTopNHighCapacityOctets(4)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The variable for each nlMatrix[SD/DS] entry that the
nlMatrixTopNEntries are sorted by, as well as a control
for the table that the results will be reported in.
This object may not be modified if the associated
nlMatrixTopNControlStatus object is equal to active(1).
If this value is less than or equal to 2, when the report
is prepared, entries are created in the nlMatrixTopNTable
associated with this object.
If this value is greater than or equal to 3, when the report
is prepared, entries are created in the
nlMatrixTopNHighCapacityTable associated with this object."
::= { nlMatrixTopNControlEntry 3 }
From the RMON2 MIB:
alMatrixTopNControlRateBase OBJECT-TYPE
SYNTAX INTEGER {
alMatrixTopNTerminalsPkts(1),
alMatrixTopNTerminalsOctets(2),
alMatrixTopNAllPkts(3),
alMatrixTopNAllOctets(4),
alMatrixTopNTerminalsHighCapacityPkts(5),
alMatrixTopNTerminalsHighCapacityOctets(6),
alMatrixTopNAllHighCapacityPkts(7),
alMatrixTopNAllHighCapacityOctets(8)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The variable for each alMatrix[SD/DS] entry that the
alMatrixTopNEntries are sorted by, as well as the
selector of the view of the matrix table that will be
used, as well as a control for the table that the results
will be reported in.
The values alMatrixTopNTerminalsPkts,
alMatrixTopNTerminalsOctets,
alMatrixTopNTerminalsHighCapacityPkts, and
alMatrixTopNTerminalsHighCapacityOctets cause collection
only from protocols that have no child protocols that are
counted. The values alMatrixTopNAllPkts,
alMatrixTopNAllOctets, alMatrixTopNAllHighCapacityPkts, and
alMatrixTopNAllHighCapacityOctets cause collection from all
alMatrix entries.
This object may not be modified if the associated
alMatrixTopNControlStatus object is equal to active(1)."
::= { alMatrixTopNControlEntry 3 }
For convenience, updated MIB modules containing these objects may be
found at:
ftp://ftp.rfc-editor.org/in-notes/mibs/current.mibs/rmon.mib
ftp://ftp.rfc-editor.org/in-notes/mibs/current.mibs/rmon2.mib
4. Conventions
The following conventions are used throughout the RMON MIB and its
companion documents.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119. Good Packets Good packets are error-free packets that have a valid frame length. For example, on Ethernet, good packets are error-free packets that are between 64 octets long and 1518 octets long. They follow the form defined in IEEE 802.3 section 3.2.all. Implementors are urged to consult the appropriate media-specific specifications. Bad Packets Bad packets are packets that have proper framing and are therefore recognized as packets, but contain errors within the packet or have an invalid length. For example, on Ethernet, bad packets have a valid preamble and SFD (Start of Frame Delimiter), but have a bad FCS (Frame Check Sequence), or are either shorter than 64 octets or longer than 1518 octets. Implementors are urged to consult the appropriate media-specific specifications.
(page 7 continued on part 2)
