RFC 4502
Remote Network Monitoring Management Information Base Version 2
netConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF NetConfigEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"A table of netConfigEntries.
This table has been deprecated, as it has not had enough
independent implementations to demonstrate interoperability to
meet the requirements of a Draft Standard."
::= { probeConfig 11 }
netConfigEntry OBJECT-TYPE
SYNTAX NetConfigEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"A set of configuration parameters for a particular
network interface on this device. If the device has no network
interface, this table is empty.
The index is composed of the ifIndex assigned to the
corresponding interface."
INDEX { ifIndex }
::= { netConfigTable 1 }
NetConfigEntry ::= SEQUENCE {
netConfigIPAddress IpAddress,
netConfigSubnetMask IpAddress,
netConfigStatus RowStatus
}
netConfigIPAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The IP address of this Net interface. The default value
for this object is 0.0.0.0. If either the netConfigIPAddress
or netConfigSubnetMask is 0.0.0.0, then when the device
boots, it may use BOOTP to try to figure out what these
values should be. If BOOTP fails before the device
can talk on the network, this value must be configured
(e.g., through a terminal attached to the device). If BOOTP is
used, care should be taken to not send BOOTP broadcasts too
frequently and to eventually send them very infrequently if no
replies are received."
::= { netConfigEntry 1 }
netConfigSubnetMask OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The subnet mask of this Net interface. The default value
for this object is 0.0.0.0. If either the netConfigIPAddress
or netConfigSubnetMask is 0.0.0.0, then when the device
boots, it may use BOOTP to try to figure out what these
values should be. If BOOTP fails before the device
can talk on the network, this value must be configured
(e.g., through a terminal attached to the device). If BOOTP is
used, care should be taken to not send BOOTP broadcasts too
frequently and to eventually send them very infrequently if no
replies are received."
::= { netConfigEntry 2 }
netConfigStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The status of this netConfigEntry.
An entry may not exist in the active state unless all
objects in the entry have an appropriate value."
::= { netConfigEntry 3 }
netDefaultGateway OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS deprecated
DESCRIPTION
"The IP Address of the default gateway. If this value is
undefined or unknown, it shall have the value 0.0.0.0."
::= { probeConfig 12 }
-- Trap Destination Table
--
-- This table defines the destination addresses for traps generated
-- from the device. This table maps a community to one or more trap
-- destination entries.
--
-- The same trap will be sent to all destinations specified in the
-- entries that have the same trapDestCommunity as the eventCommunity
-- (as defined by RMON MIB), as long as no access control mechanism
-- (e.g., VACM) prohibits sending to one or more of the destinations.
-- Information in this table will be stored in non-volatile memory.
-- If the device has gone through a hard restart, this information
-- will be reset to its default state.
trapDestTable OBJECT-TYPE
SYNTAX SEQUENCE OF TrapDestEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"A list of trap destination entries."
::= { probeConfig 13 }
trapDestEntry OBJECT-TYPE
SYNTAX TrapDestEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"This entry includes a destination IP address to which
traps are sent for this community."
INDEX { trapDestIndex }
::= { trapDestTable 1 }
TrapDestEntry ::= SEQUENCE {
trapDestIndex Integer32,
trapDestCommunity OCTET STRING,
trapDestProtocol INTEGER,
trapDestAddress OCTET STRING,
trapDestOwner OwnerString,
trapDestStatus RowStatus
}
trapDestIndex OBJECT-TYPE
SYNTAX Integer32 (1..65535)
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"A value that uniquely identifies this trapDestEntry."
::= { trapDestEntry 1 }
trapDestCommunity OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..127))
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"A community to which this destination address belongs.
This entry is associated with any eventEntries in the RMON
MIB whose value of eventCommunity is equal to the value of
this object. Every time an associated event entry sends a
trap due to an event, that trap will be sent to each
address in the trapDestTable with a trapDestCommunity equal
to eventCommunity, as long as no access control mechanism
precludes it (e.g., VACM).
This object may not be modified if the associated
trapDestStatus object is equal to active(1)."
::= { trapDestEntry 2 }
trapDestProtocol OBJECT-TYPE
SYNTAX INTEGER {
ip(1),
ipx(2)
}
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The protocol with which this trap is to be sent."
::= { trapDestEntry 3 }
trapDestAddress OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The destination address for traps on behalf of this entry.
If the associated trapDestProtocol object is equal to ip(1),
the encoding of this object is the same as the snmpUDPAddress
textual convention in RFC 3417, 'Transport Mappings for the
Simple Network Management Protocol (SNMP)' [RFC3417]:
-- for a SnmpUDPAddress of length 6:
--
-- octets contents encoding
-- 1-4 IP-address network-byte order
-- 5-6 UDP-port network-byte order
If the associated trapDestProtocol object is equal to ipx(2),
the encoding of this object is the same as the snmpIPXAddress
textual convention in RFC 3417, 'Transport Mappings for the
Simple Network Management Protocol (SNMP)' [RFC3417]:
-- for a SnmpIPXAddress of length 12:
--
-- octets contents encoding
-- 1-4 network-number network-byte order
-- 5-10 physical-address network-byte order
-- 11-12 socket-number network-byte order
This object may not be modified if the associated
trapDestStatus object is equal to active(1)."
::= { trapDestEntry 4 }
trapDestOwner OBJECT-TYPE
SYNTAX OwnerString
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The entity that configured this entry and is
therefore using the resources assigned to it."
::= { trapDestEntry 5 }
trapDestStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The status of this trap destination entry.
An entry may not exist in the active state unless all
objects in the entry have an appropriate value."
::= { trapDestEntry 6 }
-- Serial Connection Table
--
-- The device may communicate with a management station using
-- SLIP. In order for the device to send traps via SLIP, it must
-- be able to initiate a connection over the serial interface. The
-- serialConnectionTable stores the parameters for such connection
-- initiation.
serialConnectionTable OBJECT-TYPE
SYNTAX SEQUENCE OF SerialConnectionEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"A list of serialConnectionEntries.
This table has been deprecated, as it has not had enough
independent implementations to demonstrate interoperability
to meet the requirements of a Draft Standard."
::= { probeConfig 14 }
serialConnectionEntry OBJECT-TYPE
SYNTAX SerialConnectionEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"Configuration for a SLIP link over a serial line."
INDEX { serialConnectIndex }
::= { serialConnectionTable 1 }
SerialConnectionEntry ::= SEQUENCE {
serialConnectIndex Integer32,
serialConnectDestIpAddress IpAddress,
serialConnectType INTEGER,
serialConnectDialString ControlString,
serialConnectSwitchConnectSeq ControlString,
serialConnectSwitchDisconnectSeq ControlString,
serialConnectSwitchResetSeq ControlString,
serialConnectOwner OwnerString,
serialConnectStatus RowStatus
}
serialConnectIndex OBJECT-TYPE
SYNTAX Integer32 (1..65535)
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"A value that uniquely identifies this serialConnection
entry."
::= { serialConnectionEntry 1 }
serialConnectDestIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The IP Address that can be reached at the other end of this
serial connection.
This object may not be modified if the associated
serialConnectStatus object is equal to active(1)."
::= { serialConnectionEntry 2 }
serialConnectType OBJECT-TYPE
SYNTAX INTEGER {
direct(1),
modem(2),
switch(3),
modemSwitch(4)
}
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The type of outgoing connection to be made. If this object
has the value direct(1), then a direct serial connection
is assumed. If this object has the value modem(2),
then serialConnectDialString will be used to make a modem
connection. If this object has the value switch(3),
then serialConnectSwitchConnectSeq will be used to establish
the connection over a serial data switch, and
serialConnectSwitchDisconnectSeq will be used to terminate
the connection. If this object has the value
modem-switch(4), then a modem connection will be made first,
followed by the switch connection.
This object may not be modified if the associated
serialConnectStatus object is equal to active(1)."
DEFVAL { direct }
::= { serialConnectionEntry 3 }
serialConnectDialString OBJECT-TYPE
SYNTAX ControlString (SIZE(0..255))
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"A control string that specifies how to dial the phone
number in order to establish a modem connection. The
string should include the dialing prefix and suffix. For
example: '^s^MATD9,888-1234^M' will instruct the Probe
to send a carriage return, followed by the dialing prefix
'ATD', the phone number '9,888-1234', and a carriage
return as the dialing suffix.
This object may not be modified if the associated
serialConnectStatus object is equal to active(1)."
::= { serialConnectionEntry 4 }
serialConnectSwitchConnectSeq OBJECT-TYPE
SYNTAX ControlString (SIZE(0..255))
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"A control string that specifies how to establish a
data switch connection.
This object may not be modified if the associated
serialConnectStatus object is equal to active(1)."
::= { serialConnectionEntry 5 }
serialConnectSwitchDisconnectSeq OBJECT-TYPE
SYNTAX ControlString (SIZE(0..255))
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"A control string that specifies how to terminate a
data switch connection.
This object may not be modified if the associated
serialConnectStatus object is equal to active(1)."
::= { serialConnectionEntry 6 }
serialConnectSwitchResetSeq OBJECT-TYPE
SYNTAX ControlString (SIZE(0..255))
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"A control string that specifies how to reset a data
switch in the event of a timeout.
This object may not be modified if the associated
serialConnectStatus object is equal to active(1)."
::= { serialConnectionEntry 7 }
serialConnectOwner OBJECT-TYPE
SYNTAX OwnerString
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The entity that configured this entry and is
therefore using the resources assigned to it."
::= { serialConnectionEntry 8 }
serialConnectStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS deprecated
DESCRIPTION
"The status of this serialConnectionEntry.
If the manager attempts to set this object to active(1) when
the serialConnectType is set to modem(2) or modem-switch(4)
and the serialConnectDialString is a zero-length string or
cannot be correctly parsed as a ConnectString, the set
request will be rejected with badValue(3).
If the manager attempts to set this object to active(1) when
the serialConnectType is set to switch(3) or modem-switch(4)
and the serialConnectSwitchConnectSeq,
the serialConnectSwitchDisconnectSeq, or
the serialConnectSwitchResetSeq is a zero-length string
or cannot be correctly parsed as a ConnectString, the set
request will be rejected with badValue(3).
An entry may not exist in the active state unless all
objects in the entry have an appropriate value."
::= { serialConnectionEntry 9 }
--
-- Extensions to the RMON 1 MIB for RMON 2 devices
--
-- These extensions include the standard LastCreateTime Textual
-- Convention for all control tables, as well as an augmentation of
-- the filter entry that provides variable-length offsets into
-- packets.
-- Each of the following, except for filterDroppedFrames, is a
-- read-only object which, if implemented, automatically appears when
-- the RMON1 row it is associated with is created.
etherStats2Table OBJECT-TYPE
SYNTAX SEQUENCE OF EtherStats2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
::= { statistics 4 }
etherStats2Entry OBJECT-TYPE
SYNTAX EtherStats2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { etherStatsEntry }
::= { etherStats2Table 1 }
EtherStats2Entry ::= SEQUENCE {
etherStatsDroppedFrames Counter32,
etherStatsCreateTime LastCreateTime
}
etherStatsDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of frames that were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
that the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the
probe is out of some resources and decides to shed load from
this collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { etherStats2Entry 1 }
etherStatsCreateTime OBJECT-TYPE
SYNTAX LastCreateTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when this control entry was last
activated. This can be used by the management station to
ensure that the table has not been deleted and recreated
between polls."
::= { etherStats2Entry 2 }
historyControl2Table OBJECT-TYPE
SYNTAX SEQUENCE OF HistoryControl2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
::= { history 5 }
historyControl2Entry OBJECT-TYPE
SYNTAX HistoryControl2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { historyControlEntry }
::= { historyControl2Table 1 }
HistoryControl2Entry ::= SEQUENCE {
historyControlDroppedFrames Counter32
}
historyControlDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of frames that were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
that the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the
probe is out of some resources and decides to shed load from
this collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { historyControl2Entry 1 }
hostControl2Table OBJECT-TYPE
SYNTAX SEQUENCE OF HostControl2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
::= { hosts 4 }
hostControl2Entry OBJECT-TYPE
SYNTAX HostControl2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { hostControlEntry }
::= { hostControl2Table 1 }
HostControl2Entry ::= SEQUENCE {
hostControlDroppedFrames Counter32,
hostControlCreateTime LastCreateTime
}
hostControlDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of frames that were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
that the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the
probe is out of some resources and decides to shed load from
this collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { hostControl2Entry 1 }
hostControlCreateTime OBJECT-TYPE
SYNTAX LastCreateTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when this control entry was last
activated. This can be used by the management station to
ensure that the table has not been deleted and recreated
between polls."
::= { hostControl2Entry 2 }
matrixControl2Table OBJECT-TYPE
SYNTAX SEQUENCE OF MatrixControl2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
::= { matrix 4 }
matrixControl2Entry OBJECT-TYPE
SYNTAX MatrixControl2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { matrixControlEntry }
::= { matrixControl2Table 1 }
MatrixControl2Entry ::= SEQUENCE {
matrixControlDroppedFrames Counter32,
matrixControlCreateTime LastCreateTime
}
matrixControlDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of frames that were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
that the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the
probe is out of some resources and decides to shed load from
this collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { matrixControl2Entry 1 }
matrixControlCreateTime OBJECT-TYPE
SYNTAX LastCreateTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when this control entry was last
activated. This can be used by the management station to
ensure that the table has not been deleted and recreated
between polls."
::= { matrixControl2Entry 2 }
channel2Table OBJECT-TYPE
SYNTAX SEQUENCE OF Channel2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
::= { filter 3 }
channel2Entry OBJECT-TYPE
SYNTAX Channel2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { channelEntry }
::= { channel2Table 1 }
Channel2Entry ::= SEQUENCE {
channelDroppedFrames Counter32,
channelCreateTime LastCreateTime
}
channelDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of frames that were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
that the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the
probe is out of some resources and decides to shed load from
this collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { channel2Entry 1 }
channelCreateTime OBJECT-TYPE
SYNTAX LastCreateTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when this control entry was last
activated. This can be used by the management station to
ensure that the table has not been deleted and recreated
between polls."
::= { channel2Entry 2 }
tokenRingMLStats2Table OBJECT-TYPE
SYNTAX SEQUENCE OF TokenRingMLStats2Entry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1.
This table has been deprecated, as it has not had enough
independent implementations to demonstrate interoperability
to meet the requirements of a Draft Standard."
::= { statistics 5 }
tokenRingMLStats2Entry OBJECT-TYPE
SYNTAX TokenRingMLStats2Entry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { tokenRingMLStatsEntry }
::= { tokenRingMLStats2Table 1 }
TokenRingMLStats2Entry ::= SEQUENCE {
tokenRingMLStatsDroppedFrames Counter32,
tokenRingMLStatsCreateTime LastCreateTime
}
tokenRingMLStatsDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The total number of frames that were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
that the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the
probe is out of some resources and decides to shed load from
this collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { tokenRingMLStats2Entry 1 }
tokenRingMLStatsCreateTime OBJECT-TYPE
SYNTAX LastCreateTime
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The value of sysUpTime when this control entry was last
activated. This can be used by the management station to
ensure that the table has not been deleted and recreated
between polls."
::= { tokenRingMLStats2Entry 2 }
tokenRingPStats2Table OBJECT-TYPE
SYNTAX SEQUENCE OF TokenRingPStats2Entry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1.
This table has been deprecated, as it has not had enough
independent implementations to demonstrate interoperability
to meet the requirements of a Draft Standard."
::= { statistics 6 }
tokenRingPStats2Entry OBJECT-TYPE
SYNTAX TokenRingPStats2Entry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { tokenRingPStatsEntry }
::= { tokenRingPStats2Table 1 }
TokenRingPStats2Entry ::= SEQUENCE {
tokenRingPStatsDroppedFrames Counter32,
tokenRingPStatsCreateTime LastCreateTime
}
tokenRingPStatsDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The total number of frames that were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
that the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the
probe is out of some resources and decides to shed load from
this collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { tokenRingPStats2Entry 1 }
tokenRingPStatsCreateTime OBJECT-TYPE
SYNTAX LastCreateTime
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The value of sysUpTime when this control entry was last
activated. This can be used by the management station to
ensure that the table has not been deleted and recreated
between polls."
::= { tokenRingPStats2Entry 2 }
ringStationControl2Table OBJECT-TYPE
SYNTAX SEQUENCE OF RingStationControl2Entry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1.
This table has been deprecated, as it has not had enough
independent implementations to demonstrate interoperability
to meet the requirements of a Draft Standard."
::= { tokenRing 7 }
ringStationControl2Entry OBJECT-TYPE
SYNTAX RingStationControl2Entry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { ringStationControlEntry }
::= { ringStationControl2Table 1 }
RingStationControl2Entry ::= SEQUENCE {
ringStationControlDroppedFrames Counter32,
ringStationControlCreateTime LastCreateTime
}
ringStationControlDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The total number of frames that were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
that the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the
probe is out of some resources and decides to shed load from
this collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { ringStationControl2Entry 1 }
ringStationControlCreateTime OBJECT-TYPE
SYNTAX LastCreateTime
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The value of sysUpTime when this control entry was last
activated. This can be used by the management station to
ensure that the table has not been deleted and recreated
between polls."
::= { ringStationControl2Entry 2 }
sourceRoutingStats2Table OBJECT-TYPE
SYNTAX SEQUENCE OF SourceRoutingStats2Entry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1.
This table has been deprecated, as it has not had enough
independent implementations to demonstrate interoperability
to meet the requirements of a Draft Standard."
::= { tokenRing 8 }
sourceRoutingStats2Entry OBJECT-TYPE
SYNTAX SourceRoutingStats2Entry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1."
AUGMENTS { sourceRoutingStatsEntry }
::= { sourceRoutingStats2Table 1 }
SourceRoutingStats2Entry ::= SEQUENCE {
sourceRoutingStatsDroppedFrames Counter32,
sourceRoutingStatsCreateTime LastCreateTime
}
sourceRoutingStatsDroppedFrames OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The total number of frames that were received by the probe
and therefore not accounted for in the *StatsDropEvents, but
that the probe chose not to count for this entry for
whatever reason. Most often, this event occurs when the
probe is out of some resources and decides to shed load from
this collection.
This count does not include packets that were not counted
because they had MAC-layer errors.
Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped."
::= { sourceRoutingStats2Entry 1 }
sourceRoutingStatsCreateTime OBJECT-TYPE
SYNTAX LastCreateTime
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The value of sysUpTime when this control entry was last
activated. This can be used by the management station to
ensure that the table has not been deleted and recreated
between polls."
::= { sourceRoutingStats2Entry 2 }
filter2Table OBJECT-TYPE
SYNTAX SEQUENCE OF Filter2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Provides a variable-length packet filter feature to the
RMON-1 filter table."
::= { filter 4 }
filter2Entry OBJECT-TYPE
SYNTAX Filter2Entry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Provides a variable-length packet filter feature to the
RMON-1 filter table."
AUGMENTS { filterEntry }
::= { filter2Table 1 }
Filter2Entry ::= SEQUENCE {
filterProtocolDirDataLocalIndex Integer32,
filterProtocolDirLocalIndex Integer32
}
filterProtocolDirDataLocalIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"When this object is set to a non-zero value, the filter that
it is associated with performs the following operations on
every packet:
1) If the packet doesn't match the protocol directory entry
identified by this object, discard the packet and exit
(i.e., discard the packet if it is not of the identified
protocol).
2) If the associated filterProtocolDirLocalIndex is non-zero
and the packet doesn't match the protocol directory
entry identified by that object, discard the packet and
exit.
3) If the packet matches, perform the regular filter
algorithm as if the beginning of this named protocol is
the beginning of the packet, potentially applying the
filterOffset value to move further into the packet."
DEFVAL { 0 }
::= { filter2Entry 1 }
filterProtocolDirLocalIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"When this object is set to a non-zero value, the filter that
it is associated with will discard the packet if the packet
doesn't match this protocol directory entry."
DEFVAL { 0 }
::= { filter2Entry 2 }
-- Conformance Macros
rmon2MIBCompliances OBJECT IDENTIFIER ::= { rmonConformance 1 }
rmon2MIBGroups OBJECT IDENTIFIER ::= { rmonConformance 2 }
rmon2MIBCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"Describes the requirements for conformance to
the RMON2 MIB"
MODULE -- this module
MANDATORY-GROUPS { protocolDirectoryGroup,
protocolDistributionGroup,
addressMapGroup,
nlHostGroup,
nlMatrixGroup,
usrHistoryGroup,
probeInformationGroup }
OBJECT nlMatrixTopNControlRateBase
SYNTAX INTEGER {
nlMatrixTopNPkts(1),
nlMatrixTopNOctets(2)
}
DESCRIPTION
"Conformance to RMON2 requires only support for these
values of nlMatrixTopNControlRateBase."
GROUP rmon1EnhancementGroup
DESCRIPTION
"The rmon1EnhancementGroup is mandatory for systems
that implement RMON [RFC2819]."
GROUP rmon1EthernetEnhancementGroup
DESCRIPTION
"The rmon1EthernetEnhancementGroup is optional and is
appropriate for systems that implement the Ethernet
group of RMON [RFC2819]."
::= { rmon2MIBCompliances 1 }
rmon2MIBApplicationLayerCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"Describes the requirements for conformance to
the RMON2 MIB with Application-Layer Enhancements."
MODULE -- this module
MANDATORY-GROUPS { protocolDirectoryGroup,
protocolDistributionGroup,
addressMapGroup,
nlHostGroup,
nlMatrixGroup,
alHostGroup,
alMatrixGroup,
usrHistoryGroup,
probeInformationGroup }
OBJECT nlMatrixTopNControlRateBase
SYNTAX INTEGER {
nlMatrixTopNPkts(1),
nlMatrixTopNOctets(2)
}
DESCRIPTION
"Conformance to RMON2 requires only support for these
values of nlMatrixTopNControlRateBase."
OBJECT alMatrixTopNControlRateBase
SYNTAX INTEGER {
alMatrixTopNTerminalsPkts(1),
alMatrixTopNTerminalsOctets(2),
alMatrixTopNAllPkts(3),
alMatrixTopNAllOctets(4)
}
DESCRIPTION
"Conformance to RMON2 requires only support for these
values of alMatrixTopNControlRateBase."
GROUP rmon1EnhancementGroup
DESCRIPTION
"The rmon1EnhancementGroup is mandatory for systems
that implement RMON [RFC2819]."
GROUP rmon1EthernetEnhancementGroup
DESCRIPTION
"The rmon1EthernetEnhancementGroup is optional and is
appropriate for systems that implement the Ethernet
group of RMON [RFC2819]."
::= { rmon2MIBCompliances 2 }
protocolDirectoryGroup OBJECT-GROUP
OBJECTS { protocolDirLastChange,
protocolDirLocalIndex, protocolDirDescr,
protocolDirType, protocolDirAddressMapConfig,
protocolDirHostConfig, protocolDirMatrixConfig,
protocolDirOwner, protocolDirStatus }
STATUS current
DESCRIPTION
"Lists the inventory of protocols the probe has the
capability of monitoring and allows the addition, deletion,
and configuration of entries in this list."
::= { rmon2MIBGroups 1 }
protocolDistributionGroup OBJECT-GROUP
OBJECTS { protocolDistControlDataSource,
protocolDistControlDroppedFrames,
protocolDistControlCreateTime,
protocolDistControlOwner, protocolDistControlStatus,
protocolDistStatsPkts, protocolDistStatsOctets }
STATUS current
DESCRIPTION
"Collects the relative amounts of octets and packets for the
different protocols detected on a network segment."
::= { rmon2MIBGroups 2 }
addressMapGroup OBJECT-GROUP
OBJECTS { addressMapInserts, addressMapDeletes,
addressMapMaxDesiredEntries,
addressMapControlDataSource,
addressMapControlDroppedFrames,
addressMapControlOwner, addressMapControlStatus,
addressMapPhysicalAddress,
addressMapLastChange }
STATUS current
DESCRIPTION
"Lists MAC address to network address bindings discovered by
the probe and what interface they were last seen on."
::= { rmon2MIBGroups 3 }
nlHostGroup OBJECT-GROUP
OBJECTS { hlHostControlDataSource,
hlHostControlNlDroppedFrames, hlHostControlNlInserts,
hlHostControlNlDeletes,
hlHostControlNlMaxDesiredEntries,
hlHostControlAlDroppedFrames, hlHostControlAlInserts,
hlHostControlAlDeletes,
hlHostControlAlMaxDesiredEntries, hlHostControlOwner,
hlHostControlStatus, nlHostInPkts, nlHostOutPkts,
nlHostInOctets, nlHostOutOctets,
nlHostOutMacNonUnicastPkts, nlHostCreateTime }
STATUS current
DESCRIPTION
"Counts the amount of traffic sent from and to each network
address discovered by the probe. Note that while the
hlHostControlTable also has objects that control an optional
alHostTable, implementation of the alHostTable is not
required to fully implement this group."
::= { rmon2MIBGroups 4 }
nlMatrixGroup OBJECT-GROUP
OBJECTS { hlMatrixControlDataSource,
hlMatrixControlNlDroppedFrames,
hlMatrixControlNlInserts, hlMatrixControlNlDeletes,
hlMatrixControlNlMaxDesiredEntries,
hlMatrixControlAlDroppedFrames,
hlMatrixControlAlInserts, hlMatrixControlAlDeletes,
hlMatrixControlAlMaxDesiredEntries,
hlMatrixControlOwner, hlMatrixControlStatus,
nlMatrixSDPkts, nlMatrixSDOctets, nlMatrixSDCreateTime,
nlMatrixDSPkts, nlMatrixDSOctets, nlMatrixDSCreateTime,
nlMatrixTopNControlMatrixIndex,
nlMatrixTopNControlRateBase,
nlMatrixTopNControlTimeRemaining,
nlMatrixTopNControlGeneratedReports,
nlMatrixTopNControlDuration,
nlMatrixTopNControlRequestedSize,
nlMatrixTopNControlGrantedSize,
nlMatrixTopNControlStartTime,
nlMatrixTopNControlOwner, nlMatrixTopNControlStatus,
nlMatrixTopNProtocolDirLocalIndex,
nlMatrixTopNSourceAddress, nlMatrixTopNDestAddress,
nlMatrixTopNPktRate, nlMatrixTopNReversePktRate,
nlMatrixTopNOctetRate, nlMatrixTopNReverseOctetRate }
STATUS current
DESCRIPTION
"Counts the amount of traffic sent between each pair of
network addresses discovered by the probe. Note that while
the hlMatrixControlTable also has objects that control
optional alMatrixTables, implementation of the
alMatrixTables is not required to fully implement this
group."
::= { rmon2MIBGroups 5 }
alHostGroup OBJECT-GROUP
OBJECTS { alHostInPkts, alHostOutPkts,
alHostInOctets, alHostOutOctets, alHostCreateTime }
STATUS current
DESCRIPTION
"Counts the amount of traffic, by protocol, sent from and to
each network address discovered by the probe. Implementation
of this group requires implementation of the Network-Layer
Host Group."
::= { rmon2MIBGroups 6 }
alMatrixGroup OBJECT-GROUP
OBJECTS { alMatrixSDPkts, alMatrixSDOctets, alMatrixSDCreateTime,
alMatrixDSPkts, alMatrixDSOctets, alMatrixDSCreateTime,
alMatrixTopNControlMatrixIndex,
alMatrixTopNControlRateBase,
alMatrixTopNControlTimeRemaining,
alMatrixTopNControlGeneratedReports,
alMatrixTopNControlDuration,
alMatrixTopNControlRequestedSize,
alMatrixTopNControlGrantedSize,
alMatrixTopNControlStartTime,
alMatrixTopNControlOwner, alMatrixTopNControlStatus,
alMatrixTopNProtocolDirLocalIndex,
alMatrixTopNSourceAddress, alMatrixTopNDestAddress,
alMatrixTopNAppProtocolDirLocalIndex,
alMatrixTopNPktRate, alMatrixTopNReversePktRate,
alMatrixTopNOctetRate, alMatrixTopNReverseOctetRate }
STATUS current
DESCRIPTION
"Counts the amount of traffic, by protocol, sent between each
pair of network addresses discovered by the
probe. Implementation of this group requires implementation
of the Network-Layer Matrix Group."
::= { rmon2MIBGroups 7 }
usrHistoryGroup OBJECT-GROUP
OBJECTS { usrHistoryControlObjects,
usrHistoryControlBucketsRequested,
usrHistoryControlBucketsGranted,
usrHistoryControlInterval,
usrHistoryControlOwner, usrHistoryControlStatus,
usrHistoryObjectVariable, usrHistoryObjectSampleType,
usrHistoryIntervalStart, usrHistoryIntervalEnd,
usrHistoryAbsValue, usrHistoryValStatus }
STATUS current
DESCRIPTION
"The usrHistoryGroup provides user-defined collection of
historical information from MIB objects on the probe."
::= { rmon2MIBGroups 8 }
probeInformationGroup OBJECT-GROUP
OBJECTS { probeCapabilities,
probeSoftwareRev, probeHardwareRev, probeDateTime }
STATUS current
DESCRIPTION
"This group describes various operating parameters of the
probe and controls the local time of the probe."
::= { rmon2MIBGroups 9 }
probeConfigurationGroup OBJECT-GROUP
OBJECTS { probeResetControl, probeDownloadFile,
probeDownloadTFTPServer, probeDownloadAction,
probeDownloadStatus,
serialMode, serialProtocol, serialTimeout,
serialModemInitString, serialModemHangUpString,
serialModemConnectResp, serialModemNoConnectResp,
serialDialoutTimeout, serialStatus,
netConfigIPAddress, netConfigSubnetMask,
netConfigStatus, netDefaultGateway,
trapDestCommunity, trapDestProtocol, trapDestAddress,
trapDestOwner, trapDestStatus,
serialConnectDestIpAddress, serialConnectType,
serialConnectDialString, serialConnectSwitchConnectSeq,
serialConnectSwitchDisconnectSeq,
serialConnectSwitchResetSeq,
serialConnectOwner, serialConnectStatus }
STATUS deprecated
DESCRIPTION
"This group controls the configuration of various operating
parameters of the probe. This group is not referenced by any
MODULE-COMPLIANCE macro because it is 'grandfathered' from
more recent MIB review rules that would require it."
::= { rmon2MIBGroups 10 }
rmon1EnhancementGroup OBJECT-GROUP
OBJECTS { historyControlDroppedFrames, hostControlDroppedFrames,
hostControlCreateTime, matrixControlDroppedFrames,
matrixControlCreateTime, channelDroppedFrames,
channelCreateTime, filterProtocolDirDataLocalIndex,
filterProtocolDirLocalIndex }
STATUS current
DESCRIPTION
"This group adds some enhancements to RMON-1 that help
management stations."
::= { rmon2MIBGroups 11 }
rmon1EthernetEnhancementGroup OBJECT-GROUP
OBJECTS { etherStatsDroppedFrames, etherStatsCreateTime }
STATUS current
DESCRIPTION
"This group adds some enhancements to RMON-1 that help
management stations."
::= { rmon2MIBGroups 12 }
rmon1TokenRingEnhancementGroup OBJECT-GROUP
OBJECTS { tokenRingMLStatsDroppedFrames,
tokenRingMLStatsCreateTime,
tokenRingPStatsDroppedFrames, tokenRingPStatsCreateTime,
ringStationControlDroppedFrames,
ringStationControlCreateTime,
sourceRoutingStatsDroppedFrames,
sourceRoutingStatsCreateTime }
STATUS deprecated
DESCRIPTION
"This group adds some enhancements to RMON-1 that help
management stations. This group is not referenced by any
MODULE-COMPLIANCE macro because it is 'grandfathered' from
more recent MIB review rules that would require it."
::= { rmon2MIBGroups 13 }
END
7. Security Considerations
In order to implement this MIB, a probe must capture all packets on the locally-attached network, including packets between third parties. These packets are analyzed to collect network addresses, protocol usage information, and conversation statistics. Data of this nature may be considered sensitive in some environments. In such environments, the administrator may wish to restrict SNMP access to the probe. The usrHistoryGroup periodically samples the values of user-specified variables on the probe and stores them in another table. Since the access-control specified for a stored snapshot may be different from the access-control for the sampled variable, the agent MUST ensure that usrHistoryObjectVariable is not writable in MIB views that don't already have read access to the entire agent. Because the access control configuration can change over time, information could later be deemed sensitive that would still be accessible to this function. For this reason, an agent SHOULD check the access control on every sample. If an agent doesn't implement the latter check, there is potential for sensitive information to be revealed. A probe implementing this MIB is likely to also implement RMON [RFC2819], which includes functions for returning the contents of captured packets, potentially including sensitive user data or passwords. It is recommended that SNMP access to these functions be restricted. There are a number of management objects defined in this MIB that have a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPSec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module.
It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy). Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them.
8. Appendix - TimeFilter Implementation Notes
1) Theory of Operation The TimeFilter mechanism allows an NMS to reduce the number of SNMP transactions required for a 'table-update' operation, by retrieving only the rows that have changed since a specified time (usually the last poll time). Polling of tables that incorporate a 'TimeFilter' INDEX can be reduced to a theoretical minimum (if used correctly). It can be easily implemented by an agent in a way independent of the number of NMS applications using the same time-filtered table. Although the name 'TimeFilter' may imply that a history of change events is maintained by the agent, this is not the case. A time- filtered-value represents the current value of the object instance, not the 'saved' value at the time indicated by the TimeFilter INDEX value. Note that TimeFilter objects only appear in INDEX clauses (always not-accessible), so their value is never retrieved. By design, the actual value of a TimeFilter instance is not in itself meaningful (it's not a 'last-change-timestamp'). The TimeFilter is a boolean filtering function applied in internal Get* PDU processing. If the 'last-change-time' of the specified instance is less than the particular TimeFilter INDEX value, then the instance is considered 'not-present', and either it is skipped for GetNext and GetBulk PDUs, or a 'noSuchInstance' exception is returned for Get PDUs. For TimeFilter purposes: - a row is created when an accessible column is created within the row. - a column that is created or deleted causes the TimeFilter to update the time-stamp, only because the value of the column is changing (non-existent <-> some value). - a row is deleted when all accessible columns are deleted. This event is not detectable with TimeFilter, and deleted rows are not retrievable with SNMP. 1.1) Agent Implementation of a Time-Filtered Table In implementation, the time-filtered rows (one for each tick of sysUpTime) are only conceptual. The agent simply filters a real table based on: * the current value of sysUpTime,
* the TimeFilter value passed in the varbind, and
* the last-update timestamp of each requested row (agent
implementation requirement).
For example, to implement a time-filtered table row (e.g., set of
counters), an agent maintains a timestamp in a 32-bit storage
location, initialized to zero. This is in addition to whatever
instrumentation is needed for the set of counters.
Each time one of the counters is updated, the current value of
sysUpTime is recorded in the associated timestamp. If this is not
possible or practical, then a background polling process must
'refresh' the timestamp by sampling counter values and comparing them
to recorded samples. The timestamp update must occur within 5
seconds of the actual change event.
When an agent receives a Get, GetNext, or GetBulk PDU requesting a
time-filtered instance, after the agent has determined that the
instance is within the specified MIB view, the following conceptual
test is applied to determine if the object is returned or filtered:
/* return TRUE if the object is present */
boolean time_filter_test (
TimeFilter last_modified_timestamp,
TimeFilter index_value_in_pdu )
{
if (last_modified_timestamp < index_value_in_pdu)
return FALSE;
else
return TRUE;
}
The agent applies this function regardless of the lastActivationTime
of the conceptual row in question. In other words, counter
discontinuities are ignored (i.e., a conceptual row is deleted and
then re-created later). An agent should consider an object instance
'changed' when it is created (either at restart time for scalars and
static objects, or row-creation-time for dynamic tables).
Note that using a timeFilter INDEX value of zero removes the
filtering functionality, as the instance will always be 'present'
according to the test above.
After some deployment experience, it has been determined that a
time-filtered table is more efficient to use if the agent stops a MIB
walk operation after one time-filtered entry. That is, a GetNext or
GetBulk operation will provide one pass through a given table (i.e.,
the agent will continue to the next object or table) instead of
incrementing a TimeMark INDEX value, even if there exist higher
TimeMark values that are valid for the same conceptual row.
It is acceptable for an agent to implement a time-filtered table in
this manner or in the traditional manner (i.e., every conceptual
time-filtered instance is returned in GetNext and GetBulk PDU
responses).
1.2) NMS Implementation of a Time-Filtered Table
The particular TimeFilter INDEX values used by an NMS reflect the
polling interval of the NMS, relative to the particular agent's
notion of sysUpTime.
An NMS needs to maintain one timestamp variable per agent
(initialized to zero) for an arbitrary group of time-filtered MIB
objects that are gathered together in the same PDU. Each time the
Get* PDU is sent, a request for sysUpTime is included. The retrieved
sysUpTime value is used as the timeFilter value in the next polling
cycle. If a polling sweep of a time-filtered group of objects
requires more than one SNMP transaction, then the sysUpTime value
retrieved in the first GetResponse PDU of the polling sweep is saved
as the next timeFilter value.
The actual last-update time of a given object is not indicated in the
returned GetResponse instance identifier, but rather the timeFilter
value passed in the Get*Request PDU is returned.
A "time-filtered get-next/bulk-sweep", done once per polling cycle,
is a series of GetNext or GetBulk transactions and is over when one
of the following events occurs:
1) the TimeFilter index value returned in the GetResponse is
different from the TimeFilter index value passed in the GetNext
or GetBulk request. Counter values will still be returned
beyond this point (until the last-change-time is reached), but
most likely the same values will be returned.
2) the return PDU includes instances lexigraphically greater than
the objects expected (i.e., same GetNext semantics as if the
TimeFilter weren't there).
3) a noSuchName or other exception/error is returned.
Note that the use of a time-filtered table in combination with a
GetRequest PDU neutralizes any optimization that otherwise might be
achieved with the TimeFilter. Either the current time-filtered
object-value is returned, or, if there is no time-filtered object-
value instance, then a 'noSuchInstance' exception (SNMPv2c or SNMPv3)
or 'noSuchName' error (SNMPv1) is returned.
2) TimeFilter Example
The following example demonstrates how an NMS and Agent might use a
table with a TimeFilter object in the INDEX. A static table is
assumed to keep the example simple, but dynamic tables can also be
supported.
2.1) General Assumptions
fooEntry INDEX { fooTimeMark, fooIfIndex }
FooEntry = SEQUENCE {
fooTimeMark TimeFilter,
fooIfIndex Integer32,
fooCounts Counter32
}
The NMS polls the fooTable every 15 seconds, and the baseline poll
occurs when the agent has been up for 6 seconds, and when the NMS has
been up for 10 seconds.
There are 2 static rows in this table at system initialization
(fooCounts.0.1 and fooCounts.0.2).
Row 1 was updated as follows:
SysUpTime fooCounts.*.1 value
500 1
900 2
2300 3
Row 2 was updated as follows:
SysUpTime fooCounts.*.2 value
1100 1
1400 2
2.2) SNMP Transactions from NMS Perspective
Time nms-1000:
# NMS baseline poll -- get everything since last agent
# restart - TimeFilter == 0
get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
fooCounts.0);
returns:
sysUpTime.0 == 600
fooCounts.0.1 == 1 # incremented at time 500
fooCounts.0.2 == 0 # visible; created at time 0
Time nms-2500:
# NMS 1st poll
# TimeFilter index == 600
get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
fooCounts.600);
returns:
sysUpTime.0 == 2100
fooCounts.600.1 == 2 # incremented at time 900
fooCounts.601.1 == 2 # indicates end of sweep
Time nms-4000:
# NMS 2nd poll
# TimeFilter == 2100
get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
fooCounts.2100);
returns:
sysUpTime.0 == 3600
fooCounts.2100.1 == 3 # incremented at time 2300
fooCounts.2102.1 == 3 # indicates end-of-sweep
# the counter value for row 2 is not returned because
# it hasn't changed since sysUpTime == 2100.
# The next timetick value for row 1 is returned instead
Time nms-5500:
# NMS 3rd poll
# TimeFilter == 3600
get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
fooCounts.3600);
returns:
sysUpTime.0 == 5100
some-instance-outside-the-fooTable == <don't care>
some-instance-outside-the-fooTable == <don't care>
# no 'fooTable' counter values at all are returned
# because neither counter has been updated since
# sysUpTime == 3600
2.3) Transactions and TimeFilter Maintenance: Agent Perspective
Time agt-0:
# initialize fooTable
fooCounts.1 = 0; changed.1 = 0;
fooCounts.2 = 0; changed.2 = 0;
Time agt-500:
# increment fooCounts.1
++fooCounts.1; changed.1 = 500;
Time agt-600
# answer get-bulk
# get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
# fooCounts.0);
# (changed >= 0)
# return both counters
Time agt-900:
# increment fooCounts.1
++fooCounts.1; changed.1 = 900;
Time agt-1100:
# increment fooCounts.2
++fooCounts.2; changed.2 = 1100;
Time agt-1400:
# increment fooCounts.2
++fooCounts.2; changed.2 = 1400;
Time agt-2100
# answer get-bulk
# get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
# fooCounts.600);
# (changed >= 600)
# return both counters
Time agt-2300:
# increment fooCounts.1
++fooCounts.1; changed.1 = 2300;
Time agt-3600:
# answer get-bulk
# get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
# fooCounts.2100);
# (changed >= 2100)
# return only fooCounts.1 from the fooTable--twice
Time agt-5100:
# answer get-bulk
# get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
# fooCounts.3600);
# (changed >= 3600)
# return lexigraphically-next two MIB instances
9. Changes since RFC 2021
This version obsoletes the proposed-standard version of the RMON2 MIB
(published as RFC 2021) by adding 2 new enumerations to the
nlMatrixTopNControlRateBase object and 4 new enumerations to the
alMatrixTopNControlRateBase object. These new enumerations support
the creation of high capacity top N reports in the High Capacity RMON
MIB [RFC3273].
Additionally, the following objects have been deprecated, as they
have not had enough independent implementations to demonstrate
interoperability to meet the requirements of a Draft Standard:
probeDownloadFile
probeDownloadTFTPServer
probeDownloadAction
probeDownloadStatus
serialMode
serialProtocol
serialTimeout
serialModemInitString
serialModemHangUpString
serialModemConnectResp
serialModemNoConnectResp
serialDialoutTimeout
serialStatus
serialConnectDestIpAddress
serialConnectType
serialConnectDialString
serialConnectSwitchConnectSeq
serialConnectSwitchDisconnectSeq
serialConnectSwitchResetSeq
serialConnectOwner
serialConnectStatus
netConfigIPAddress
netConfigSubnetMask
netConfigStatus
netDefaultGateway
tokenRingMLStats2DroppedFrames
tokenRingMLStats2CreateTime
tokenRingPStats2DroppedFrames
tokenRingPStats2CreateTime
ringStationControl2DroppedFrames
ringStationControl2CreateTime
sourceRoutingStats2DroppedFrames
sourceRoutingStats2CreateTime
trapDestIndex
trapDestCommunity
trapDestProtocol
trapDestAddress
trapDestOwner
trapDestStatus
In addition, two corrections were made. The LastCreateTime Textual
Convention had been defined with a base type of another textual
convention, which isn't allowed in SMIv2. The definition has been
modified to use TimeTicks as the base type.
Further, the SerialConfigEntry SEQUENCE definition included sub-
typing information that is not allowed in SMIv2. This information
has been deleted. Ranges were added to a number of objects and
textual-conventions to constrain their maximum (and sometimes
minimum) sizes. The addition of these ranges documents existing
practice for these objects. These objects are:
ControlString
protocolDirID
protocolDirParameters
addressMapNetworkAddress
nlHostAddress
nlMatrixSDSourceAddress
nlMatrixSDDestAddress
nlMatrixDSSourceAddress
nlMatrixDSDestAddress
nlMatrixTopNSourceAddress
nlMatrixTopNDestAddress
alHostEntry
alMatrixSDEntry
alMatrixDSEntry
alMatrixTopNSourceAddress
alMatrixTopNDestAddress
Finally, the TimeFilter TC has been updated to encourage agent
implementations that allow a MIB walk to behave well even when
performed by an application that is not aware of the special
TimeFilter semantics.
10. Acknowledgements
This document was produced by the IETF Remote Network Monitoring Working Group. The TimeFilter mechanism was invented and documented by Jeanne Haney and further documented by Andy Bierman. The User History group was created by Andy Bierman.11. References
11.1. Normative References
[RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. [RFC2819] Waldbusser, S., "Remote Network Monitoring Management Information Base", STD 59, RFC 2819, May 2000. [RFC3273] Waldbusser, S., "Remote Network Monitoring Management Information Base for High Capacity Networks", RFC 3273, July 2002. [RFC3417] Presuhn, R., "Transport Mappings for the Simple Network Management Protocol (SNMP)", STD 62, RFC 3417, December 2002. [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB", RFC 2863, June 2000. [RFC1513] Waldbusser, S., "Token Ring Extensions to the Remote Network Monitoring MIB", RFC 1513, September 1993.11.2. Informative References
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework", RFC 3410, December 2002.
[RFC2108] de Graaf, K., Romascanu, D., McMaster, D., and K. McCloghrie, "Definitions of Managed Objects for IEEE 802.3 Repeater Devices using SMIv2", RFC 2108, February 1997. [RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", STD 62, RFC 3414, December 2002. [RFC3415] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", STD 62, RFC 3415, December 2002.Author's Address
Steve Waldbusser Phone: +1 650-948-6500 Fax: +1 650-745-0671 EMail: waldbusser@nextbeacon.com
Full Copyright Statement Copyright (C) The Internet Society (2006). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Acknowledgement Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA).