Internet Draft Andy Bierman Cisco Systems, Inc. 11 June 1999 Remote Monitoring MIB Extensions for Differentiated Services Enabled Networks Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026 [RFC2026]. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Distribution of this document is unlimited. Please send comments to the author, . 1. Copyright Notice Copyright (C) The Internet Society (1999). All Rights Reserved. Internet-Draft DS-MON MIB June 1999 2. Abstract This memo defines an experimental portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects used for monitoring Differentiated Services Codepoint usage in IP packets, utilizing the monitoring framework defined in the RMON-2 MIB [RFC2021]. 3. Table of Contents 1 Copyright Notice ................................................ 1 2 Abstract ........................................................ 2 3 Table of Contents ............................................... 2 4 The SNMP Network Management Framework ........................... 2 5 Overview ........................................................ 3 5.1 Terms ......................................................... 4 5.2 Relationship to Differentiated Services ....................... 4 5.3 Relationship to the Remote Monitoring MIBs .................... 5 5.4 MIB Structure ................................................. 6 5.4.1 DS Statistics Group ......................................... 7 5.4.2 DS Protocol Distribution Group .............................. 7 5.4.3 DS Host Distribution Group .................................. 8 6 Definitions ..................................................... 9 7 Intellectual Property ........................................... 59 8 Acknowledgements ................................................ 59 9 References ...................................................... 59 10 Security Considerations ........................................ 62 11 Author's Address ............................................... 63 12 Full Copyright Statement ....................................... 63 4. The SNMP Network Management Framework The SNMP Management Framework presently consists of five major components: o An overall architecture, described in RFC 2571 [RFC2571]. o Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in RFC 1155 [RFC1155], RFC 1212 [RFC1212] and RFC 1215 [RFC1215]. The second version, called SMIv2, is described in RFC 2578 [RFC2578], RFC 2579 [RFC2579] and RFC 2580 [RFC2580]. Expires December 1999 [Page 2] Internet-Draft DS-MON MIB June 1999 o Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in RFC 1157 [RFC1157]. A second version of the SNMP message protocol, which is not an Internet standards track protocol, is called SNMPv2c and described in RFC 1901 [RFC1901] and RFC 1906 [RFC1906]. The third version of the message protocol is called SNMPv3 and described in RFC 1906 [RFC1906], RFC 2572 [RFC2572] and RFC 2574 [RFC2574]. o Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described in RFC 1157 [RFC1157]. A second set of protocol operations and associated PDU formats is described in RFC 1905 [RFC1905]. o A set of fundamental applications described in RFC 2573 [RFC2573] and the view-based access control mechanism described in RFC 2575 [RFC2575]. A more detailed introduction to the current SNMP Management Framework can be found in RFC 2570 [RFC2570]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the mechanisms defined in the SMI. This memo specifies a MIB module that is compliant to the SMIv2. A MIB conforming to the SMIv1 can be produced through the appropriate translations. The resulting translated MIB must be semantically equivalent, except where objects or events are omitted because no translation is possible (use of Counter64). Some machine readable information in SMIv2 will be converted into textual descriptions in SMIv1 during the translation process. However, this loss of machine readable information is not considered to change the semantics of the MIB. 5. Overview There is a need for a standardized way of monitoring the network traffic usage of Differentiated Services (DS) [RFC2474] codepoint values. Each DS codepoint (DSCP) value may be given a different preference by a forwarding device, and this affects which packets get dropped or delayed during periods of network congestion. Expires December 1999 [Page 3] Internet-Draft DS-MON MIB June 1999 The IETF DIFFSERV working group has redefined the semantics of the Type of Service (TOS) octet in the IP header, which is now called the 'DS field'. The 6-bit Codepoint (DSCP) portion is contained in the DS field, which provides for 64 different packet treatments for the implementation of differentiated network services. The actual packet treatment, or per- hop behavior (PHB), applied by a forwarding device, is independent of a particular DSCP value. By polling DSCP usage counters, an NMS can determine the network throughput for traffic associated with different DSCPs. This data can then be analyzed in order to 'tune' DSCP 'allocations' within a network, based on the Quality of Service (QoS) policies for that network. 5.1. Terms This document uses some terms that need introduction: DataSource A source of data for monitoring purposes. This term is used exactly as defined in the RMON-2 MIB [RFC2021]. protocol A specific protocol encapsulation, as identified for monitoring purposes. This term is used exactly as defined in the RMON Protocol Identifiers document [RFC2074]. 5.2. Relationship to Differentiated Services The DS-MON MIB focuses only on the DSCP values used in IP packets on a monitored dataSource. The per-hop behavior (PHB) associated with each DSCP may be different at each DS-capable forwarding device in the network. This MIB does not address the following Differentiated Services issues in any way: - configuration and characterization of each PHB in each device - identification of the mapping between DSCPs and PHBs in each device - identification of DS capabilities of each forwarding device - characterization of DSCP values or PHBs, as they relate to standard or proprietary QoS policy and deployment strategy. Expires December 1999 [Page 4] Internet-Draft DS-MON MIB June 1999 It is expected that such a MIB (targeted for DS-capable forwarding devices) will be developed by the DIFFSERV working group to address these issues. It is also desirable to keep the monitoring of DSCP usage independent of the DS forwarding devices, in order to keep probe placement more flexible, which, in turn, enables better statistics aggregation by the probe. This document assumes the reader is somewhat familiar with the DS Architecture [RFC2475], but the DS-MON MIB addresses only the aspects of monitoring DSCP usage, and therefore is completely decoupled from the larger issues of network-wide DS configuration and performance analysis. It is expected that complex NMS applications will use the counters in this MIB to help analyze DS-related throughput. It is expected that other metrics, such as delay and jitter, will also be analyzed, but support for other metrics is outside the scope of this document. 5.3. Relationship to the Remote Monitoring MIBs This MIB is intended to be implemented in Remote Monitoring (RMON) probes, which implement the RMON-2 MIB [RFC2021]. Such probes may be stand-alone devices, or may not be co-located with other networking devices (e.g., ethernet switches and repeaters). The DS-MON probe must be capable of parsing the DS field in IP packets and correlating the embedded DSCP value with other statistics, as defined in the DS-MON MIB. The DS-MON functions are intended to be implemented in conjunction with the associated RMON functions, but the MIB is independent of all other RMON data tables. For example, an agent might wish to implement the RMON-2 protocol distribution group and the DS-MON protocol distribution group, in order to provide the fine granularity, 'per DSCP' statistics with the DS-MON MIB, and the 'grand total' statistics with the RMON-2 MIB. Several concepts and even MIB objects from the RMON MIBs are used in the DS-MON MIB: DataSource This textual convention is used to describe the identification of an RMON monitoring source (defined in the RMON-2 MIB [RFC2021]). The DataSource textual convention is used throughout the DS-MON MIB to identify the monitoring source for each configured collection. A DataSource MIB object is an OBJECT IDENTIFIER, which contains the particular instance of the ifIndex object associated with the Expires December 1999 [Page 5] Internet-Draft DS-MON MIB June 1999 monitored dataSource. Protocol Directory The RMON-2 MIB [RFC2021] defines the protocolDirTable, which is a directory of all the protocols that the RMON-2 agent is capable of decoding and counting. The DS-MON MIB utilizes this directory to identify the protocols detected in monitored packets. TimeFilter The RMON-2 TimeFilter textual convention provides a mechanism to retrieve only rows which have been created or modified since the last polling interval (for a particular NMS). The DS-MON MIB uses this textual convention in the large data tables, in order to minimize polling impact. Zero-Based Counters Since counters are instantiated by management action, as in the RMON MIBs, the DS-MON MIB uses zero-based counters in all data collection tables. Specifically, the ZeroBasedCounter32 textual convention from the RMON-2 MIB [RFC2021] and the ZeroBasedCounter64 textual convention (defined in the HC-RMON MIB [HC-RMON]) are used to define counter objects in this MIB. High Capacity Counters The DS-MON MIB uses the same 'SNMPv1 coexistence' strategy as the RMONMIB WG. That is, where a 64-bit counter is provided, a 32-bit version of the counter, and a 32-bit overflow counter are also provided. TopN Reports The DS-MON MIB uses the same TopN reporting MIB structure as the RMON-2 MIB [RFC2021]. TopN reporting can greatly reduce the polling overhead required to analyze DSCP usage patterns. 5.4. MIB Structure The DS-MON MIB contains three groups of MIB objects: - dsStatObjects group Report DSCP distribution statistics for a particular RMON dataSource. - dsPdistObjects group Report DSCP distribution statistics for each protocol detected on a Expires December 1999 [Page 6] Internet-Draft DS-MON MIB June 1999 particular RMON dataSource. - dsHostObjects group Report IP host address distribution statistics for each DSCP, detected on a particular RMON dataSource. 5.4.1. DS Statistics Group This group contains two tables, the dsStatsControlTable and the dsStatsTable, and supports DSCP distribution statistics for half and full-duplex, low and high speed interfaces. Packet and octets distributions (by DSCP) are maintained in the dsStatsTable for each active control row in the dsStatsControlTable. This group provides the lowest statistics granularity in the DS-MON MIB. It is expected than NMS applications will analyze certain DS deployment or performance problems by first examining the DSCP distribution for an entire interface with this group. 5.4.2. DS Protocol Distribution Group This group contains two tables for statistics collection, (dsPdistControlTable and dsPdistStatsTable), and two tables for a 'Top N' reporting function for the collected statistics (dsPdistTopNControlTable and dsPdistTopNTable). The dsPdistControlTable and dsPdistStatsTable tables provide DSCP distribution statistics for each selected protocol encapsulation in packets monitored on a particular dataSource. Packet and octets distributions (per protocol per DSCP) are maintained in the dsPdistStatsTable for each active control row in the dsPdistControlTable. Due the potentially large number of entries, the DS Protocol Distribution is different from the RMON-2 protocol distribution group in several ways: - maximum desired entries parameter added to the control table - inserts and deletes counters added to the control table - support for LRU garbage collection in the dsPdistStatsTable Expires December 1999 [Page 7] Internet-Draft DS-MON MIB June 1999 - TimeFilter index added to the dsPdistStatsTable - selection of protocols to count by a special 'collect mode' enumeration. Rather than select individual protocols to monitor, a simplified configuration mechanism is provided. Since DSCP usage statistics are most interesting at the network and application layers, the dsPdistControlCollectMode object selects protocols by network layer, application layer, or both. The TopN feature requires two additional tables: the dsPdistTopNControlTable and the dsPdistTopNTable, and supports periodic usage reporting for the statistics maintained in the dsPdistStatsTable. This feature allows for simple periodic retrieval of the most used protocol/DSCP combinations. 5.4.3. DS Host Distribution Group This group contains two tables for statistics collection, (dsHostControlTable and dsHostTable), and two tables for a 'Top N' reporting function for the collected statistics (dsHostTopNControlTable and dsHostTopNTable). The dsHostControlTable and dsHostTables provide IP host distribution statistics for each DSCP detected in packets monitored on a particular dataSource. It is expected than NMS applications will analyze certain DS deployment or performance problems by first determining the high priority DSCP values to examine (beyond the scope of this document) and then examining the dsHostTable statistics to determine which IP hosts are using the selected DSCP(s). Packet and octets distributions (in and out, per DSCP per IP host) are maintained in the dsHostTable for each active control row in the dsHostControlTable. The DS Host Distribution is different from the RMON-2 network layer host group in two ways: - there is no protocolDirLocalIndex in the dsHostTable INDEX, since only IPv4 and IPv6 packets contain a DS field, the protocol (IPv4 or IPv6) is determined by the length of each dsHostAddress instance. Expires December 1999 [Page 8] Internet-Draft DS-MON MIB June 1999 - the dsHostControlTable supports limited IPv4 subnet aggregation by allowing the number of 'monitored address bits' in each address to be configured for each collection. The agent will zero out the selected number of rightmost IPv4 address bits for counting purposes. This configuration parameter can dramatically reduce the number of entries which must be maintained by the agent, which should reduce CPU and memory resource requirements on the agent, and reduce polling overhead on the network and the management station. The TopN feature requires two additional tables: the dsHostTopNControlTable and the dsHostTopNTable. and supports periodic usage reporting for the statistics maintained in the dsHostTable. This feature allows for simple periodic retrieval of the most used IP- host/DSCP combinations. 6. Definitions -- RMON-2 Extensions for the Monitoring of Differentiated Services -- Enabled Networks -- -- IP DIFFSERV DSCP statistics -- * Per DSCP -- * Per Protocol Per DSCP -- * Per DSCP Per IP Host Address -- -- DSMON-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, Counter32, Gauge32, Counter64, experimental FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF RowStatus, TimeStamp, TEXTUAL-CONVENTION FROM SNMPv2-TC OwnerString FROM IF-MIB protocolDirLocalIndex, LastCreateTime, DataSource, ZeroBasedCounter32, TimeFilter FROM RMON2-MIB ZeroBasedCounter64 Expires December 1999 [Page 9] Internet-Draft DS-MON MIB June 1999 FROM HC-RMON-MIB; dsMonMIB MODULE-IDENTITY LAST-UPDATED "9906100000Z" ORGANIZATION "Cisco Systems, Inc." CONTACT-INFO " Andy Bierman Cisco Systems, Inc. Postal: 170 West Tasman Drive San Jose, CA USA 95134 Tel: +1 408 527-3711 E-mail: abierman@cisco.com" DESCRIPTION "This module defines Remote Monitoring MIB extensions for Differentiated Services enabled networks." ::= { experimental 999999 } dsMonObjects OBJECT IDENTIFIER ::= { dsMonMIB 1 } dsMonNotifications OBJECT IDENTIFIER ::= { dsMonMIB 2 } dsMonConformance OBJECT IDENTIFIER ::= { dsMonMIB 3 } dsStatObjects OBJECT IDENTIFIER ::= { dsMonObjects 1 } dsPdistObjects OBJECT IDENTIFIER ::= { dsMonObjects 2 } dsHostObjects OBJECT IDENTIFIER ::= { dsMonObjects 3 } -- -- Extensions to the RMON-2 MIB for Differentiated Services -- Monitoring -- -- In order to maintain the RMON 'look-and-feel', some of -- the text from the RMON-2 and HC-RMON MIBs by -- Steve Waldbusser have been used in this MIB. -- -- -- Textual Convention to define a DSCP for -- monitoring purposes -- DSCodePoint ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This TC describes an object which identifies the Differentiated Services Codepoint (DSCP) value in an IPv4 or IPv6 packet header." Expires December 1999 [Page 10] Internet-Draft DS-MON MIB June 1999 REFERENCE "Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers [RFC2474]." SYNTAX Integer32 (0..63) -- *********************************************************** -- * * -- * P E R - D A T A S O U C E C O L L E C T I O N S * -- * * -- *********************************************************** -- -- DSCP Per-DataSource Statistics Control Table -- dsStatsControlTable OBJECT-TYPE SYNTAX SEQUENCE OF DsStatsControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Controls the setup of per-data source per-DSCP distribution statistics." ::= { dsStatObjects 1 } dsStatsControlEntry OBJECT-TYPE SYNTAX DsStatsControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the dsStatsControlTable. Entries are created and deleted from this table by management action only, using the dsStatsControlStatus RowStatus object. Activation of a control row in this table will cause an associated dsStatsTable to be created and maintained by the agent." INDEX { dsStatsControlIndex } ::= { dsStatsControlTable 1 } DsStatsControlEntry ::= SEQUENCE { dsStatsControlIndex Integer32, Expires December 1999 [Page 11] Internet-Draft DS-MON MIB June 1999 dsStatsControlDataSource DataSource, dsStatsControlDroppedFrames Counter32, dsStatsControlCreateTime LastCreateTime, dsStatsControlOwner OwnerString, dsStatsControlStatus RowStatus } dsStatsControlIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An arbitrary and unique index for this dsStatsControlEntry." ::= { dsStatsControlEntry 1 } dsStatsControlDataSource OBJECT-TYPE SYNTAX DataSource MAX-ACCESS read-create STATUS current DESCRIPTION "The source of data for the this per-protocol DSCP distribution. The statistics in this group reflect all IPv4 and IPv6 packets on the local network segment attached to the identified interface. This object may not be modified if the associated dsStatsControlStatus object is equal to active(1)." ::= { dsStatsControlEntry 2 } dsStatsControlDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of frames which were received by the probe and therefore not accounted for in the *StatsDropEvents, but for which the probe chose not to count for this entry for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted Expires December 1999 [Page 12] Internet-Draft DS-MON MIB June 1999 because they had MAC-layer errors. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { dsStatsControlEntry 3 } dsStatsControlCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this control entry was last activated. This can be used by the management station to ensure that the table has not been deleted and recreated between polls." ::= { dsStatsControlEntry 4 } dsStatsControlOwner OBJECT-TYPE SYNTAX OwnerString MAX-ACCESS read-create STATUS current DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { dsStatsControlEntry 5 } dsStatsControlStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row. An entry may not exist in the active state unless all objects in the entry have an appropriate value. If this object is not equal to active(1), all associated entries in the dsStatsTable shall be deleted." ::= { dsStatsControlEntry 6 } -- -- DSCP Per-DataSource Statistics Table -- dsStatsTable OBJECT-TYPE Expires December 1999 [Page 13] Internet-Draft DS-MON MIB June 1999 SYNTAX SEQUENCE OF DsStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of information on Per Protocol DSCP usage. The following table defines per-DSCP statistics for full and/or half-duplex links as well as high capacity links. For half-duplex links, or full-duplex-capable links operating in half-duplex mode, the dsStatsIn* objects shall be used and the dsStatsOut* objects will not increment. For full-duplex links, the dsOut* objects will be present. Whenever possible, the probe should count packets moving away from the closest terminating equipment as output packets. Failing that, the probe should count packets moving away from the DTE as output packets." ::= { dsStatObjects 2 } dsStatsEntry OBJECT-TYPE SYNTAX DsStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of information on Differentiated Services DSCP usage, containing inbound and outbound packet and octet counters for each DSCP configured for collection. The dsStatsControlIndex value in the index identifies the dsStatsControlEntry on whose behalf this entry was created. Only entries with non-zero statistics will be returned by the agent, in order to reduce the amount of polling required to retrieve data from this table. That is, an entry will be created when a packet with the indicated DSCP value is detected by the agent. Note that only protocols which are encapsulated in IPv4 or IPv6 packets will be counted in this table. An example of the indexing of this entry is dsStatsOutPkts.1.16" INDEX { dsStatsControlIndex, dsStatsDsCodept } ::= { dsStatsTable 1 } Expires December 1999 [Page 14] Internet-Draft DS-MON MIB June 1999 DsStatsEntry ::= SEQUENCE { dsStatsDsCodept DSCodePoint, dsStatsInPkts ZeroBasedCounter32, dsStatsInOctets ZeroBasedCounter32, dsStatsInOvflPkts ZeroBasedCounter32, dsStatsInOvflOctets ZeroBasedCounter32, dsStatsInHCPkts ZeroBasedCounter64, dsStatsInHCOctets ZeroBasedCounter64, dsStatsOutPkts ZeroBasedCounter32, dsStatsOutOctets ZeroBasedCounter32, dsStatsOutOvflPkts ZeroBasedCounter32, dsStatsOutOvflOctets ZeroBasedCounter32, dsStatsOutHCPkts ZeroBasedCounter64, dsStatsOutHCOctets ZeroBasedCounter64 } dsStatsDsCodept OBJECT-TYPE SYNTAX DSCodePoint MAX-ACCESS not-accessible STATUS current DESCRIPTION "The DSCP value associated with the aggregated statistics for a particular data source." ::= { dsStatsEntry 1 } dsStatsInPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets using a particular DSCP value, received on a half-duplex link or on the inbound connection of a full-duplex link." ::= { dsStatsEntry 2 } dsStatsInOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets in packets, using a particular DSCP value, received on a half-duplex link or on the inbound connection of a full-duplex link." ::= { dsStatsEntry 3 } Expires December 1999 [Page 15] Internet-Draft DS-MON MIB June 1999 dsStatsInOvflPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsStatsInPkts counter has overflowed. Note that this object will only be instantiated if the associated dsStatsInHCPkts object is also instantiated for a particular dataSource." ::= { dsStatsEntry 4 } dsStatsInOvflOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsStatsInOctets counter has overflowed. Note that this object will only be instantiated if the associated dsStatsInHCOctets object is also instantiated for a particular dataSource." ::= { dsStatsEntry 5 } dsStatsInHCPkts OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsStatsInPkts object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsStatsEntry 6 } dsStatsInHCOctets OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsStatsInOctets object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsStatsEntry 7 } Expires December 1999 [Page 16] Internet-Draft DS-MON MIB June 1999 dsStatsOutPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets using a particular DSCP value, received on a full-duplex link in the direction of the network." ::= { dsStatsEntry 8 } dsStatsOutOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets in packets, using a particular DSCP value, received on a full-duplex link in the direction of the network." ::= { dsStatsEntry 9 } dsStatsOutOvflPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsStatsOutPkts counter has overflowed. Note that this object will only be instantiated if the associated dsStatsOutHCPkts object is also instantiated for a particular dataSource." ::= { dsStatsEntry 10 } dsStatsOutOvflOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsStatsOutOctets counter has overflowed. Note that this object will only be instantiated if the associated dsStatsOutHCOctets object is also instantiated for a particular dataSource." ::= { dsStatsEntry 11 } dsStatsOutHCPkts OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only Expires December 1999 [Page 17] Internet-Draft DS-MON MIB June 1999 STATUS current DESCRIPTION "The 64-bit version of the dsStatsOutPkts object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsStatsEntry 12 } dsStatsOutHCOctets OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsStatsOutOctets object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsStatsEntry 13 } -- *********************************************************** -- * * -- * P E R - P R O T O C O L C O L L E C T I O N S * -- * * -- *********************************************************** -- -- DSCP Per-Protocol Statistics Control Table -- dsPdistControlTable OBJECT-TYPE SYNTAX SEQUENCE OF DsPdistControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Controls the setup of per-protocol per-DSCP distribution statistics." ::= { dsPdistObjects 1 } dsPdistControlEntry OBJECT-TYPE SYNTAX DsPdistControlEntry MAX-ACCESS not-accessible STATUS current Expires December 1999 [Page 18] Internet-Draft DS-MON MIB June 1999 DESCRIPTION "A conceptual row in the dsPdistControlTable. Entries are created and deleted from this table by management action only, using the dsPdistControlStatus RowStatus object. Activation of a control row in this table will cause an associated dsPdistStatsTable to be created and maintained by the agent." INDEX { dsPdistControlIndex } ::= { dsPdistControlTable 1 } DsPdistControlEntry ::= SEQUENCE { dsPdistControlIndex Integer32, dsPdistControlDataSource DataSource, dsPdistControlMaxDesiredEntries Integer32, dsPdistControlCollectMode INTEGER, dsPdistControlDroppedFrames Counter32, dsPdistControlInserts Counter32, dsPdistControlDeletes Counter32, dsPdistControlCreateTime LastCreateTime, dsPdistControlOwner OwnerString, dsPdistControlStatus RowStatus } dsPdistControlIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An arbitrary and unique index for this dsPdistControlEntry." ::= { dsPdistControlEntry 1 } dsPdistControlDataSource OBJECT-TYPE SYNTAX DataSource MAX-ACCESS read-create STATUS current DESCRIPTION "The source of data for the this per-protocol DSCP distribution. The statistics in this group reflect all IPv4 and IPv6 packets on the local network segment attached to the Expires December 1999 [Page 19] Internet-Draft DS-MON MIB June 1999 identified interface. This object may not be modified if the associated dsPdistControlStatus object is equal to active(1)." ::= { dsPdistControlEntry 2 } dsPdistControlMaxDesiredEntries OBJECT-TYPE SYNTAX Integer32 (-1 | 1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum number of entries that are desired in the dsPdistStatsTable on behalf of this control entry. The probe will not create more than this number of associated entries in the table, but may choose to create fewer entries in this table for any reason including the lack of resources. If this value is set to -1, the probe may create any number of entries in this table. This object may not be modified if the associated dsPdistControlStatus object is equal to active(1)." ::= { dsPdistControlEntry 3 } dsPdistControlCollectMode OBJECT-TYPE SYNTAX INTEGER { netLayer(1), -- count L3 protocols appLayer(2), -- count application protocols netAndAppLayers(3) -- count L3 and app protocols } MAX-ACCESS read-create STATUS current DESCRIPTION "The packet layer(s) at which the agent should process DSCP information, for each monitored packet. If this object has a value of 'netLayer(1)', then the agent will include only network layer protocols in the associated dsPdistStatsTable. If this object has a value of 'appLayer(2)', then the agent will include only application layer protocols in the associated dsPdistStatsTable. Any 'terminal' protocol is considered to be an application protocol. Expires December 1999 [Page 20] Internet-Draft DS-MON MIB June 1999 If this object has a value of 'netAndAppLayers(3)', then the agent will include only network and application layer protocols in the associated dsPdistStatsTable. Note that entries for transport layer protocols (e.g., TCP) will not be created by the agent, even if detected by the agent. This object may not be modified if the associated dsPdistControlStatus object is equal to active(1)." ::= { dsPdistControlEntry 4 } dsPdistControlDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of frames which were received by the probe and therefore not accounted for in the *StatsDropEvents, but for which the probe chose not to count for this entry for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { dsPdistControlEntry 5 } dsPdistControlInserts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times a dsPdist entry has been inserted into the dsPdistTable. If an entry is inserted, then deleted, and then inserted, this counter will be incremented by 2. To allow for efficient implementation strategies, agents may delay updating this object for short periods of time. For example, an implementation strategy may allow internal data structures to differ from those visible via SNMP for short periods of time. This counter may reflect the internal data structures for those short periods of time. Expires December 1999 [Page 21] Internet-Draft DS-MON MIB June 1999 Note that the table size can be determined by subtracting dsPdistControlDeletes from dsPdistControlInserts." ::= { dsPdistControlEntry 6 } dsPdistControlDeletes OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times a dsPdist entry has been deleted from the dsPdist table (for any reason). If an entry is deleted, then inserted, and then deleted, this counter will be incremented by 2. To allow for efficient implementation strategies, agents may delay updating this object for short periods of time. For example, an implementation strategy may allow internal data structures to differ from those visible via SNMP for short periods of time. This counter may reflect the internal data structures for those short periods of time. Note that the table size can be determined by subtracting dsPdistControlDeletes from dsPdistControlInserts." ::= { dsPdistControlEntry 7 } dsPdistControlCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this control entry was last activated. This can be used by the management station to ensure that the table has not been deleted and recreated between polls." ::= { dsPdistControlEntry 8 } dsPdistControlOwner OBJECT-TYPE SYNTAX OwnerString MAX-ACCESS read-create STATUS current DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { dsPdistControlEntry 9 } Expires December 1999 [Page 22] Internet-Draft DS-MON MIB June 1999 dsPdistControlStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row. An entry may not exist in the active state unless all objects in the entry have an appropriate value. If this object is not equal to active(1), all associated entries in the dsPdistStatsTable shall be deleted." ::= { dsPdistControlEntry 10 } -- -- Per-Protocol Statistics Table -- dsPdistStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF DsPdistStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of information on Per Protocol DSCP usage." ::= { dsPdistObjects 2 } dsPdistStatsEntry OBJECT-TYPE SYNTAX DsPdistStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of information on Differentiated Services DSCP usage, containing packet and octet counters for each DSCP configured for collection, and each protocol (as identified by the protocolDirLocalIndex for the protocol) identified in each monitored packet. The dsPdistControlIndex value in the index identifies the dsPdistControlEntry on whose behalf this entry was created. Only entries with non-zero statistics will be returned by the agent, in order to reduce the amount of polling required to retrieve data from this table. That is, an entry will be created when a packet of that type and DSCP value is detected by the agent. Expires December 1999 [Page 23] Internet-Draft DS-MON MIB June 1999 Note that only protocols which are encapsulated in IPv4 or IPv6 packets will be counted in this table, as indicated by the protocolDirTable configuration. An example of the indexing of this entry is dsPdistStatsPkts.9.29943.42.16." INDEX { dsPdistControlIndex, dsPdistTimeMark, protocolDirLocalIndex, dsPdistDsCodept } ::= { dsPdistStatsTable 1 } DsPdistStatsEntry ::= SEQUENCE { dsPdistTimeMark TimeFilter, dsPdistDsCodept DSCodePoint, dsPdistStatsPkts ZeroBasedCounter32, dsPdistStatsOctets ZeroBasedCounter32, dsPdistStatsOvflPkts ZeroBasedCounter32, dsPdistStatsOvflOctets ZeroBasedCounter32, dsPdistStatsHCPkts ZeroBasedCounter64, dsPdistStatsHCOctets ZeroBasedCounter64, dsPdistStatsCreateTime LastCreateTime } dsPdistTimeMark OBJECT-TYPE SYNTAX TimeFilter MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Time Filter index for this table. This object may be used by a management station to retrieve only rows which have been created or modified since a particular time. Note that the current value for a row are always returned and the TimeFilter is not a historical data archiving mechanism. Refer to RFC 2021 [RFC2021] for a detailed description of TimeFilter operation." ::= { dsPdistStatsEntry 1 } dsPdistDsCodept OBJECT-TYPE SYNTAX DSCodePoint MAX-ACCESS not-accessible STATUS current DESCRIPTION "The DSCP value associated with the aggregated statistics for a particular protocol." Expires December 1999 [Page 24] Internet-Draft DS-MON MIB June 1999 ::= { dsPdistStatsEntry 2 } dsPdistStatsPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets, monitored by this agent, and identified to be using a particular DSCP value in the DS header, on behalf of the protocol identified by the associated protocolDirLocalIndex value." ::= { dsPdistStatsEntry 3 } dsPdistStatsOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets in packets, monitored by this agent and identified to be using a particular DSCP value in the DS header, on behalf of the protocol identified by the associated protocolDirLocalIndex value. Note that this object doesn't count just those octets in the particular protocol frames, but includes the entire packet that contained the protocol." ::= { dsPdistStatsEntry 4 } dsPdistStatsOvflPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsPdistStatsPkts counter has overflowed. Note that this object will only be instantiated if the associated dsPdistStatsHCPkts object is also instantiated for a particular dataSource." ::= { dsPdistStatsEntry 5 } dsPdistStatsOvflOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsPdistStatsOctets Expires December 1999 [Page 25] Internet-Draft DS-MON MIB June 1999 counter has overflowed. Note that this object will only be instantiated if the associated dsPdistStatsHCOctets object is also instantiated for a particular dataSource." ::= { dsPdistStatsEntry 6 } dsPdistStatsHCPkts OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsPdistStatsPkts object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsPdistStatsEntry 7 } dsPdistStatsHCOctets OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsPdistStatsOctets object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsPdistStatsEntry 8 } dsPdistStatsCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this dsPdistStats entry was last instantiated by the agent. This can be used by the management station to ensure that the entry has not been deleted and recreated between polls." ::= { dsPdistStatsEntry 9 } -- -- Per-Protocol Statistics TopN Control Table -- Expires December 1999 [Page 26] Internet-Draft DS-MON MIB June 1999 dsPdistTopNControlTable OBJECT-TYPE SYNTAX SEQUENCE OF DsPdistTopNControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A set of parameters that control the creation of a report of the top N dsPdist entries according to a selected metric." ::= { dsPdistObjects 3 } dsPdistTopNControlEntry OBJECT-TYPE SYNTAX DsPdistTopNControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the dsPdistTopNControlTable. Entries are created and deleted from this table by management action only, using the dsPdistTopNControlStatus RowStatus object. Activation of a control row in this table will cause an associated dsPdistTopNTable to be created and maintained by the agent." INDEX { dsPdistTopNControlIndex } ::= { dsPdistTopNControlTable 1 } DsPdistTopNControlEntry ::= SEQUENCE { dsPdistTopNControlIndex Integer32, dsPdistTopNControlPdistIndex Integer32, dsPdistTopNControlRateBase INTEGER, dsPdistTopNControlTimeRemaining Integer32, dsPdistTopNControlGeneratedReports Counter32, dsPdistTopNControlDuration Integer32, dsPdistTopNControlRequestedSize Integer32, dsPdistTopNControlGrantedSize Integer32, dsPdistTopNControlStartTime TimeStamp, dsPdistTopNControlOwner OwnerString, dsPdistTopNControlStatus RowStatus } dsPdistTopNControlIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current Expires December 1999 [Page 27] Internet-Draft DS-MON MIB June 1999 DESCRIPTION "An index that uniquely identifies an entry in the dsPdistTopNControlTable. Each such entry defines one Top N report prepared for one RMON dataSource." ::= { dsPdistTopNControlEntry 1 } dsPdistTopNControlPdistIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The dsPdistTable for which a top N report will be prepared on behalf of this entry. The dsPdistTable is identified by the value of the dsPdistControlIndex for that table - that value is used here to identify the particular table. This object may not be modified if the associated dsPdistTopNControlStatus object is equal to active(1)." ::= { dsPdistTopNControlEntry 2 } dsPdistTopNControlRateBase OBJECT-TYPE SYNTAX INTEGER { dsPdistTopNPkts(1), dsPdistTopNOctets(2), dsPdistTopNHCPkts(3), dsPdistTopNHCOctets(4) } MAX-ACCESS read-create STATUS current DESCRIPTION "The variable for each dsPdist that the dsPdistTopNRate and dsPdistTopNHCRate variables are based upon. Each dsPdistTopN report generated on behalf of this control entry will be ranked in descending order, based on the associated dsPdistStatsTable counter, identified by this object. The following table identifies the dsPdistTable counter associated with each enumeration: Enumeration RateBase MIB Object ----------- ------------------- dsPdistTopNPkts dsPdistStatsPkts dsPdistTopNOctets dsPdistStatsOctets dsPdistTopNHCPkts dsPdistStatsHCPkts dsPdistTopNHCOctets dsPdistStatsHCOctets Expires December 1999 [Page 28] Internet-Draft DS-MON MIB June 1999 Note that the dsPdistTopNHCPkts and dsPdistTopNHCOctets enumerations are only available if the agent supports High Capacity RMON collection. This object may not be modified if the associated dsPdistTopNControlStatus object is equal to active(1)." ::= { dsPdistTopNControlEntry 3 } dsPdistTopNControlTimeRemaining OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The number of seconds left in the report currently being collected. When this object is modified by the management station, a new collection is started, possibly aborting a currently running report. The new value is used as the requested duration of this report, and is immediately loaded into the associated dsPdistTopNControlDuration object. When the report finishes, the probe will automatically start another collection with the same initial value of dsPdistTopNControlTimeRemaining. Thus the management station may simply read the resulting reports repeatedly, checking the startTime and duration each time to ensure that a report was not missed or that the report parameters were not changed. While the value of this object is non-zero, it decrements by one per second until it reaches zero. At the time that this object decrements to zero, the report is made accessible in the dsPdistTopNTable, overwriting any report that may be there. When this object is modified by the management station, any associated entries in the dsPdistTopNTable shall be deleted." DEFVAL { 1800 } ::= { dsPdistTopNControlEntry 4 } dsPdistTopNControlGeneratedReports OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION Expires December 1999 [Page 29] Internet-Draft DS-MON MIB June 1999 "The number of reports that have been generated by this entry." ::= { dsPdistTopNControlEntry 5 } dsPdistTopNControlDuration OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of seconds that this report has collected during the last sampling interval. When the associated dsPdistTopNControlTimeRemaining object is set, this object shall be set by the probe to the same value and shall not be modified until the next time the dsPdistTopNControlTimeRemaining is set. This value shall be zero if no reports have been requested for this dsPdistTopNControlEntry." ::= { dsPdistTopNControlEntry 6 } dsPdistTopNControlRequestedSize OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum number of dsPdist entries requested for this report. When this object is created or modified, the probe should set dsPdistTopNControlGrantedSize as closely to this object as is possible for the particular probe implementation and available resources." DEFVAL { 150 } ::= { dsPdistTopNControlEntry 7 } dsPdistTopNControlGrantedSize OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The maximum number of dsPdist entries in this report. When the associated dsPdistTopNControlRequestedSize object is created or modified, the probe should set this object as Expires December 1999 [Page 30] Internet-Draft DS-MON MIB June 1999 closely to the requested value as is possible for the particular implementation and available resources. The probe must not lower this value except as a result of a set to the associated dsPdistTopNControlRequestedSize object. When the associated dsPdistTopNControlRequestedSize object is created or modified, the probe should set this object as closely to the requested value as is possible for the particular implementation and available resources. The probe must not lower this value except as a result of a set to the associated dsPdistTopNControlRequestedSize object. Protocol entries with the highest value of dsPdistTopNRate or dsPdistTopNHCRate (depending on the value of the associated dsPdistTopNControlRateBase object) shall be placed in this table in decreasing order of this rate until there is no more room or until there are no more dsPdist entries." ::= { dsPdistTopNControlEntry 8 } dsPdistTopNControlStartTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this top N report was last started. In other words, this is the time that the associated dsPdistTopNControlTimeRemaining object was modified to start the requested report or the time the report was last automatically (re)started. This object may be used by the management station to determine if a report was missed or not." ::= { dsPdistTopNControlEntry 9 } dsPdistTopNControlOwner OBJECT-TYPE SYNTAX OwnerString MAX-ACCESS read-create STATUS current DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { dsPdistTopNControlEntry 10 } dsPdistTopNControlStatus OBJECT-TYPE Expires December 1999 [Page 31] Internet-Draft DS-MON MIB June 1999 SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this dsPdistTopNControlEntry. An entry may not exist in the active state unless all objects in the entry have an appropriate value. If this object is not equal to active(1), all associated entries in the dsPdistTopNTable shall be deleted by the agent." ::= { dsPdistTopNControlEntry 11 } -- -- dsPdist TopN Table -- dsPdistTopNTable OBJECT-TYPE SYNTAX SEQUENCE OF DsPdistTopNEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A set of statistics for those protocol distribution entries that have counted the highest number of octets or packets. Note that dsPdist entries which did not increment at all during the report interval are not included in dsPdistTopN reports." ::= { dsPdistObjects 4 } dsPdistTopNEntry OBJECT-TYPE SYNTAX DsPdistTopNEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the dsPdistTopNTable. The dsPdistTopNControlIndex value in the index identifies the dsPdistTopNControlEntry on whose behalf this entry was created." INDEX { dsPdistTopNControlIndex, dsPdistTopNIndex } ::= { dsPdistTopNTable 1 } DsPdistTopNEntry ::= SEQUENCE { Expires December 1999 [Page 32] Internet-Draft DS-MON MIB June 1999 dsPdistTopNIndex Integer32, dsPdistTopNProtocolDirLocalIndex Integer32, dsPdistTopNDsCodept DSCodePoint, dsPdistTopNRate Gauge32, dsPdistTopNRateOvfl Gauge32, dsPdistTopNHCRate Counter64 -- Gauge64 } dsPdistTopNIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index that uniquely identifies an entry in the dsPdistTopNTable among those in the same report. This index is between 1 and N, where N is the number of entries in this report." ::= { dsPdistTopNEntry 1 } dsPdistTopNProtocolDirLocalIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The protocolDirLocalIndex value which identifies the protocol associated with this entry." ::= { dsPdistTopNEntry 2 } dsPdistTopNDsCodept OBJECT-TYPE SYNTAX DSCodePoint MAX-ACCESS read-only STATUS current DESCRIPTION "The DSCP value associated with protocol identified in this entry." ::= { dsPdistTopNEntry 3 } dsPdistTopNRate OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The amount of change in the selected variable during this sampling interval. The selected variable is this protocol's instance of the object selected by Expires December 1999 [Page 33] Internet-Draft DS-MON MIB June 1999 dsPdistTopNControlRateBase. If the associated dsPdistTopNControlRateBase is equal to 'dsPdistTopNHCPkts' or 'dsPdistTopNHCOctets', then this object will contain the the least significant 32 bits of the associated dsPdistTopNHCRate object." ::= { dsPdistTopNEntry 4 } dsPdistTopNRateOvfl OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The most significant 32 bits of the associated dsPdistTopNHCRate object. If the associated dsPdistTopNControlRateBase is equal to 'dsPdistTopNHCPkts' or 'dsPdistTopNHCOctets', then this object will contain the upper 32 bits of the associated dsPdistTopNHCRate object. If the associated dsPdistTopNControlRateBase is equal to 'dsPdistTopNPkts' or 'dsPdistTopNOctets', then this object will contain the value zero. The agent may choose not to instantiate this object if High Capacity RMON collection is not supported." ::= { dsPdistTopNEntry 5 } dsPdistTopNHCRate OBJECT-TYPE SYNTAX Counter64 -- Gauge64 MAX-ACCESS read-only STATUS current DESCRIPTION "The amount of change in the selected variable during this sampling interval. The selected variable is this protocol's instance of the object selected by dsPdistTopNControlRateBase. If the associated dsPdistTopNControlRateBase is equal to 'dsPdistTopNPkts' or 'dsPdistTopNOctets', then this object will contain the value zero, and the associated dsPdistTopNRate object will contain the change in the selected variable during the sampling interval. Expires December 1999 [Page 34] Internet-Draft DS-MON MIB June 1999 The agent may choose not to instantiate this object if High Capacity RMON collection is not supported." ::= { dsPdistTopNEntry 6 } -- *********************************************************** -- * * -- * P E R - H O S T C O L L E C T I O N S * -- * * -- *********************************************************** -- -- IP Host Statistics Control Table -- dsHostControlTable OBJECT-TYPE SYNTAX SEQUENCE OF DsHostControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Controls setup of per DSCP, per IP host distribution statistics." ::= { dsHostObjects 1 } dsHostControlEntry OBJECT-TYPE SYNTAX DsHostControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the dsHostControlTable. Entries are created and deleted from this table by management action only, using the dsHostControlStatus RowStatus object. Activation of a control row in this table will cause an associated dsHostTable to be created and maintained by the agent." INDEX { dsHostControlIndex } ::= { dsHostControlTable 1 } DsHostControlEntry ::= SEQUENCE { dsHostControlIndex Integer32, dsHostControlDataSource DataSource, Expires December 1999 [Page 35] Internet-Draft DS-MON MIB June 1999 dsHostControlMaxDesiredEntries Integer32, dsHostControlNumAddrBits Integer32, dsHostControlDroppedFrames Counter32, dsHostControlInserts Counter32, dsHostControlDeletes Counter32, dsHostControlCreateTime LastCreateTime, dsHostControlOwner OwnerString, dsHostControlStatus RowStatus } dsHostControlIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An arbitrary and unique index for this dsHostControlEntry." ::= { dsHostControlEntry 1 } dsHostControlDataSource OBJECT-TYPE SYNTAX DataSource MAX-ACCESS read-create STATUS current DESCRIPTION "The source of data for the associated dsHostTable. The statistics in this group reflect all IPv4 and IPv6 packets on the local network segment attached to the identified interface. This object may not be modified if the associated dsHostControlStatus object is equal to active(1)." ::= { dsHostControlEntry 2 } dsHostControlMaxDesiredEntries OBJECT-TYPE SYNTAX Integer32 (-1 | 1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum number of entries that are desired in the dsHostTable on behalf of this control entry. The probe will not create more than this number of associated entries in the table, but may choose to create fewer entries in this table for any reason including the lack of resources. If this value is set to -1, the probe may create any number Expires December 1999 [Page 36] Internet-Draft DS-MON MIB June 1999 of entries in this table. This object may not be modified if the associated dsHostControlStatus object is equal to active(1)." ::= { dsHostControlEntry 3 } dsHostControlNumAddrBits OBJECT-TYPE SYNTAX Integer32 (8..32) MAX-ACCESS read-create STATUS current DESCRIPTION "The number of 'leftmost' contiguous bits in the IPv4 host address (as identified by the dsHostAddress object) that should be maintained in this collection. If this object has a value less than '32', then 'm' rightmost bits, where 'm' is equal to '32 - dsHostControlNumAddrBits', will be cleared to zero for counting purposes only. The 'leftmost' bit is the most significant bit of the first network-byte-order octet of the address. Note that this object only affects IPv4 host entries in the associated dsHostTable. IPv6 entries are not affected by this object. This object may not be modified if the associated dsHostControlStatus object is equal to active(1)." DEFVAL { 32 } ::= { dsHostControlEntry 4 } dsHostControlDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of frames which were received by the probe and therefore not accounted for in the *StatsDropEvents, but for which the probe chose not to count for the associated dsHost entries for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Expires December 1999 [Page 37] Internet-Draft DS-MON MIB June 1999 Note that if the dsHostTable is inactive because no appropriate protocols are enabled in the protocol directory, this value should be 0. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { dsHostControlEntry 5 } dsHostControlInserts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times a dsHost entry has been inserted into the dsHost table. If an entry is inserted, then deleted, and then inserted, this counter will be incremented by 2. To allow for efficient implementation strategies, agents may delay updating this object for short periods of time. For example, an implementation strategy may allow internal data structures to differ from those visible via SNMP for short periods of time. This counter may reflect the internal data structures for those short periods of time. Note that the table size can be determined by subtracting dsHostControlDeletes from dsHostControlInserts." ::= { dsHostControlEntry 6 } dsHostControlDeletes OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times a dsHost entry has been deleted from the dsHost table (for any reason). If an entry is deleted, then inserted, and then deleted, this counter will be incremented by 2. To allow for efficient implementation strategies, agents may delay updating this object for short periods of time. For example, an implementation strategy may allow internal data structures to differ from those visible via SNMP for short periods of time. This counter may reflect the internal data structures for those short periods of time. Expires December 1999 [Page 38] Internet-Draft DS-MON MIB June 1999 Note that the table size can be determined by subtracting dsHostControlDeletes from dsHostControlInserts." ::= { dsHostControlEntry 7 } dsHostControlCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this control entry was last activated. This can be used by the management station to ensure that the table has not been deleted and recreated between polls." ::= { dsHostControlEntry 8 } dsHostControlOwner OBJECT-TYPE SYNTAX OwnerString MAX-ACCESS read-create STATUS current DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { dsHostControlEntry 9 } dsHostControlStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this dsHostControlEntry. An entry may not exist in the active state unless all objects in the entry have an appropriate value. If this object is not equal to active(1), all associated entries in the dsHostTable shall be deleted." ::= { dsHostControlEntry 10 } -- -- IP Host Statistics Table -- dsHostTable OBJECT-TYPE SYNTAX SEQUENCE OF DsHostEntry MAX-ACCESS not-accessible Expires December 1999 [Page 39] Internet-Draft DS-MON MIB June 1999 STATUS current DESCRIPTION "A collection of statistics for a particular IPv4 or IPv6 address that has been discovered on a particular dataSource. The probe will add to this table all IP addresses seen as the source or destination address in all packets with no MAC errors, and will increment octet and packet counts in the table for all packets with no MAC errors." ::= { dsHostObjects 2 } dsHostEntry OBJECT-TYPE SYNTAX DsHostEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of information on Differentiated Services DSCP usage, containing packet and octet counters for each DSCP configured for collection per host address, as identified in each monitored packet. The dsHostControlIndex value in the index identifies the dsHostControlEntry on whose behalf this entry was created. The length of the dsHostAddress field identifies the network layer protocol as either IPv4 or IPv6. Only entries with non-zero statistics will be returned by the agent, in order to reduce the amount of polling required to retrieve data from this table. An entry will be created when a packet of that type, IP address, and DSCP value is detected by the agent. An example of the indexing of this entry is dsHostOutPkts.1.24873.32.4.171.69.120.0" INDEX { dsHostControlIndex, dsHostTimeMark, dsHostDsCodept, dsHostAddress } ::= { dsHostTable 1 } DsHostEntry ::= SEQUENCE { dsHostTimeMark TimeFilter, dsHostDsCodept DSCodePoint, dsHostAddress OCTET STRING, dsHostInPkts ZeroBasedCounter32, Expires December 1999 [Page 40] Internet-Draft DS-MON MIB June 1999 dsHostInOctets ZeroBasedCounter32, dsHostInOvflPkts ZeroBasedCounter32, dsHostInOvflOctets ZeroBasedCounter32, dsHostInHCPkts ZeroBasedCounter64, dsHostInHCOctets ZeroBasedCounter64, dsHostOutPkts ZeroBasedCounter32, dsHostOutOctets ZeroBasedCounter32, dsHostOutOvflPkts ZeroBasedCounter32, dsHostOutOvflOctets ZeroBasedCounter32, dsHostOutHCPkts ZeroBasedCounter64, dsHostOutHCOctets ZeroBasedCounter64, dsHostCreateTime LastCreateTime } dsHostTimeMark OBJECT-TYPE SYNTAX TimeFilter MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Time Filter index for this table. This object may be used by a management station to retrieve only rows which have been created or modified since a particular time. Note that the current value for a row are always returned and the TimeFilter is not a historical data archiving mechanism. Refer to RFC 2021 [RFC2021] for a detailed description of TimeFilter operation." ::= { dsHostEntry 1 } dsHostDsCodept OBJECT-TYPE SYNTAX DSCodePoint MAX-ACCESS not-accessible STATUS current DESCRIPTION "The DSCP value associated with the aggregated statistics for a particular IP host." ::= { dsHostEntry 2 } dsHostAddress OBJECT-TYPE SYNTAX OCTET STRING (SIZE (4 | 16)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The network address for this dsHostEntry. The length of the address string is used to determine if Expires December 1999 [Page 41] Internet-Draft DS-MON MIB June 1999 this entry represents an IPv4 or IPv6 address. For example, if the length of this object is '4', then this object is encoded as an IPv4 address in network byte order. Note that IPv4 addresses may have some 'rightmost' bits cleared to zero for counting purposes, as specified by the associated dsHostControlNumHostBits object." ::= { dsHostEntry 3 } dsHostInPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets without errors, using the identified DSCP and transmitted to this address, since it was added to the dsHostTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times." ::= { dsHostEntry 4 } dsHostInOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets, transmitted to this address and using the identified DSCP, since it was added to the dsHostTable (excluding framing bits but including FCS octets), excluding those octets in packets that contained errors. Note this doesn't count just those octets in the particular protocol frames, but includes the entire packet that contained the protocol." ::= { dsHostEntry 5 } dsHostInOvflPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsHostInPkts counter has overflowed. Note that this object will only be instantiated if the associated dsHostInHCPkts object is also instantiated Expires December 1999 [Page 42] Internet-Draft DS-MON MIB June 1999 for a particular dataSource." ::= { dsHostEntry 6 } dsHostInOvflOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsHostInOctets counter has overflowed. Note that this object will only be instantiated if the associated dsHostInHCOctets object is also instantiated for a particular dataSource." ::= { dsHostEntry 7 } dsHostInHCPkts OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsHostInPkts object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsHostEntry 8 } dsHostInHCOctets OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsHostInOctets object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsHostEntry 9 } dsHostOutPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets without errors, using the identified DSCP and transmitted by this address, since it was added to Expires December 1999 [Page 43] Internet-Draft DS-MON MIB June 1999 the dsHostTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times." ::= { dsHostEntry 10 } dsHostOutOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets, transmitted by this address and using the identified DSCP, since it was added to the dsHostTable (excluding framing bits but including FCS octets), excluding those octets in packets that contained errors. Note this doesn't count just those octets in the particular protocol frames, but includes the entire packet that contained the protocol." ::= { dsHostEntry 11 } dsHostOutOvflPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsHostOutPkts counter has overflowed. Note that this object will only be instantiated if the associated dsHostOutHCPkts object is also instantiated for a particular dataSource." ::= { dsHostEntry 12 } dsHostOutOvflOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsHostOutOctets counter has overflowed. Note that this object will only be instantiated if the associated dsHostOutHCOctets object is also instantiated for a particular dataSource." ::= { dsHostEntry 13 } dsHostOutHCPkts OBJECT-TYPE SYNTAX ZeroBasedCounter64 Expires December 1999 [Page 44] Internet-Draft DS-MON MIB June 1999 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsHostOutPkts object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsHostEntry 14 } dsHostOutHCOctets OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsHostOutOctets object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsHostEntry 15 } dsHostCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this dsHost entry was last instantiated by the agent. This can be used by the management station to ensure that the entry has not been deleted and recreated between polls." ::= { dsHostEntry 16 } -- -- DSCP Per-Protocol Per-Host Statistics TopN Control Table -- dsHostTopNControlTable OBJECT-TYPE SYNTAX SEQUENCE OF DsHostTopNControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A set of parameters that control the creation of a report of the top N dsHost entries according to a selected metric." Expires December 1999 [Page 45] Internet-Draft DS-MON MIB June 1999 ::= { dsHostObjects 3 } dsHostTopNControlEntry OBJECT-TYPE SYNTAX DsHostTopNControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the dsHostTopNControlTable. Entries are created and deleted from this table by management action only, using the dsHostTopNControlStatus RowStatus object. Activation of a control row in this table will cause an associated dsHostTopNTable to be created and maintained by the agent." INDEX { dsHostTopNControlIndex } ::= { dsHostTopNControlTable 1 } DsHostTopNControlEntry ::= SEQUENCE { dsHostTopNControlIndex Integer32, dsHostTopNControlHostIndex Integer32, dsHostTopNControlRateBase INTEGER, dsHostTopNControlTimeRemaining Integer32, dsHostTopNControlGeneratedReports Counter32, dsHostTopNControlDuration Integer32, dsHostTopNControlRequestedSize Integer32, dsHostTopNControlGrantedSize Integer32, dsHostTopNControlStartTime TimeStamp, dsHostTopNControlOwner OwnerString, dsHostTopNControlStatus RowStatus } dsHostTopNControlIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index that uniquely identifies an entry in the dsHostTopNControlTable. Each such entry defines one Top N report prepared for one RMON dataSource." ::= { dsHostTopNControlEntry 1 } dsHostTopNControlHostIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) Expires December 1999 [Page 46] Internet-Draft DS-MON MIB June 1999 MAX-ACCESS read-create STATUS current DESCRIPTION "The dsHostTable for which a top N report will be prepared on behalf of this entry. The dsHostTable is identified by the value of the dsHostControlIndex for that table - that value is used here to identify the particular table. This object may not be modified if the associated dsHostTopNControlStatus object is equal to active(1)." ::= { dsHostTopNControlEntry 2 } dsHostTopNControlRateBase OBJECT-TYPE SYNTAX INTEGER { dsHostTopNInPkts(1), dsHostTopNInOctets(2), dsHostTopNOutPkts(3), dsHostTopNOutOctets(4), dsHostTopNTotalPkts(5), dsHostTopNTotalOctets(6), dsHostTopNInHCPkts(7), dsHostTopNInHCOctets(8), dsHostTopNOutHCPkts(9), dsHostTopNOutHCOctets(10), dsHostTopNTotalHCPkts(11), dsHostTopNTotalHCOctets(12) } MAX-ACCESS read-create STATUS current DESCRIPTION "The variable(s) for each dsHost that the dsHostTopNRate and dsHostTopNHCRate variables are based upon. Each dsHostTopN report generated on behalf of this control entry will be ranked in descending order, based on the associated dsHostTable counter(s), identified by this object. The following table identifies the dsHostTable counters associated with each enumeration: Enumeration RateBase MIB Objects ----------- -------------------- dsHostTopNInPkts dsHostInPkts dsHostTopNInOctets dsHostInOctets dsHostTopNOutPkts dsHostOutPkts dsHostTopNOutOctets dsHostOutOctets Expires December 1999 [Page 47] Internet-Draft DS-MON MIB June 1999 dsHostTopNTotalPkts dsHostInPkts + dsHostOutPkts dsHostTopNTotalOctets dsHostInOctets + dsHostOutOctets dsHostTopNInHCPkts dsHostInHCPkts dsHostTopNInHCOctets dsHostInHCOctets dsHostTopNOutHCPkts dsHostOutHCPkts dsHostTopNOutHCOctets dsHostOutHCPkts dsHostTopNTotalHCPkts dsHostInHCPkts + dsHostOutHCPkts dsHostTopNTotalHCOctets dsHostInHCOctets + dsHostOutHCOctets The following enumerations are only available if the agent supports High Capacity RMON collection: dsHostTopNInHCPkts dsHostTopNInHCOctets dsHostTopNOutHCPkts dsHostTopNOutHCOctets dsHostTopNTotalHCPkts dsHostTopNTotalHCOctets It is an implementation-specific matter whether an agent can detect an overflow condition resulting from the addition of two counter delta values for the following enumerations: dsHostTopNTotalPkts dsHostTopNTotalOctets dsHostTopNTotalHCPkts dsHostTopNTotalHCOctets In the event such an overflow condition can be detected by the agent, the associated dsHostTopNRate, dsHostTopNRateOvfl, and/or dsHostTopNHCRate objects should be set to their maximum value. This object may not be modified if the associated dsHostTopNControlStatus object is equal to active(1)." ::= { dsHostTopNControlEntry 3 } dsHostTopNControlTimeRemaining OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-create STATUS current Expires December 1999 [Page 48] Internet-Draft DS-MON MIB June 1999 DESCRIPTION "The number of seconds left in the report currently being collected. When this object is modified by the management station, a new collection is started, possibly aborting a currently running report. The new value is used as the requested duration of this report, and is immediately loaded into the associated dsHostTopNControlDuration object. When the report finishes, the probe will automatically start another collection with the same initial value of dsHostTopNControlTimeRemaining. Thus the management station may simply read the resulting reports repeatedly, checking the startTime and duration each time to ensure that a report was not missed or that the report parameters were not changed. While the value of this object is non-zero, it decrements by one per second until it reaches zero. At the time that this object decrements to zero, the report is made accessible in the dsHostTopNTable, overwriting any report that may be there. When this object is modified by the management station, any associated entries in the dsHostTopNTable shall be deleted." DEFVAL { 1800 } ::= { dsHostTopNControlEntry 4 } dsHostTopNControlGeneratedReports OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of reports that have been generated by this entry." ::= { dsHostTopNControlEntry 5 } dsHostTopNControlDuration OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of seconds that this report has collected during the last sampling interval. When the associated dsHostTopNControlTimeRemaining object is Expires December 1999 [Page 49] Internet-Draft DS-MON MIB June 1999 set, this object shall be set by the probe to the same value and shall not be modified until the next time the dsHostTopNControlTimeRemaining is set. This value shall be zero if no reports have been requested for this dsHostTopNControlEntry." ::= { dsHostTopNControlEntry 6 } dsHostTopNControlRequestedSize OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum number of dsHost entries requested for this report. When this object is created or modified, the probe should set dsHostTopNControlGrantedSize as closely to this object as is possible for the particular probe implementation and available resources." DEFVAL { 150 } ::= { dsHostTopNControlEntry 7 } dsHostTopNControlGrantedSize OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The maximum number of dsHost entries in this report. When the associated dsHostTopNControlRequestedSize object is created or modified, the probe should set this object as closely to the requested value as is possible for the particular implementation and available resources. The probe must not lower this value except as a result of a set to the associated dsHostTopNControlRequestedSize object. When the associated dsHostTopNControlRequestedSize object is created or modified, the probe should set this object as closely to the requested value as is possible for the particular implementation and available resources. The probe must not lower this value except as a result of a set to the associated dsHostTopNControlRequestedSize object. Protocol entries with the highest value of dsHostTopNRate or Expires December 1999 [Page 50] Internet-Draft DS-MON MIB June 1999 dsHostTopNHCRate (depending on the value of the associated dsHostTopNControlRateBase object) shall be placed in this table in decreasing order of this rate until there is no more room or until there are no more dsHost entries." ::= { dsHostTopNControlEntry 8 } dsHostTopNControlStartTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this top N report was last started. In other words, this is the time that the associated dsHostTopNControlTimeRemaining object was modified to start the requested report or the time the report was last automatically (re)started. This object may be used by the management station to determine if a report was missed or not." ::= { dsHostTopNControlEntry 9 } dsHostTopNControlOwner OBJECT-TYPE SYNTAX OwnerString MAX-ACCESS read-create STATUS current DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { dsHostTopNControlEntry 10 } dsHostTopNControlStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this dsHostTopNControlEntry. An entry may not exist in the active state unless all objects in the entry have an appropriate value. If this object is not equal to active(1), all associated entries in the dsHostTopNTable shall be deleted by the agent." ::= { dsHostTopNControlEntry 11 } Expires December 1999 [Page 51] Internet-Draft DS-MON MIB June 1999 -- -- dsHost TopN Table -- dsHostTopNTable OBJECT-TYPE SYNTAX SEQUENCE OF DsHostTopNEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A set of statistics for those dsHost entries that have counted the highest number of octets or packets. Note that dsHost entries which did not increment at all during the report interval are not included in dsHostTopN reports." ::= { dsHostObjects 4 } dsHostTopNEntry OBJECT-TYPE SYNTAX DsHostTopNEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the dsHostTopNTable. The dsHostTopNControlIndex value in the index identifies the dsHostTopNControlEntry on whose behalf this entry was created." INDEX { dsHostTopNControlIndex, dsHostTopNIndex } ::= { dsHostTopNTable 1 } DsHostTopNEntry ::= SEQUENCE { dsHostTopNIndex Integer32, dsHostTopNAddress OCTET STRING, dsHostTopNDsCodept DSCodePoint, dsHostTopNRate Gauge32, dsHostTopNRateOvfl Gauge32, dsHostTopNHCRate Counter64 -- Gauge64 } dsHostTopNIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index that uniquely identifies an entry in the Expires December 1999 [Page 52] Internet-Draft DS-MON MIB June 1999 dsHostTopNTable among those in the same report. This index is between 1 and N, where N is the number of entries in this report." ::= { dsHostTopNEntry 1 } dsHostTopNAddress OBJECT-TYPE SYNTAX OCTET STRING (SIZE (4 | 16)) MAX-ACCESS read-only STATUS current DESCRIPTION "The network address of the IP host identified in this entry. The length of this field identifies the network layer protocol as either IPv4 or IPv6. Addresses are encoded in network byte order." ::= { dsHostTopNEntry 2 } dsHostTopNDsCodept OBJECT-TYPE SYNTAX DSCodePoint MAX-ACCESS read-only STATUS current DESCRIPTION "The DSCP value associated with host identified in this entry." ::= { dsHostTopNEntry 3 } dsHostTopNRate OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The amount of change in the selected variable during this sampling interval. The selected variable is this host's instance of the object selected by dsHostTopNControlRateBase. If the associated dsHostTopNControlRateBase indicates a High Capacity RMON enumeration, (e.g. 'dsHostTopNInHCPkts'), then this object will contain the the least significant 32 bits of the associated dsHostTopNHCRate object." ::= { dsHostTopNEntry 4 } dsHostTopNRateOvfl OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current Expires December 1999 [Page 53] Internet-Draft DS-MON MIB June 1999 DESCRIPTION "The most significant 32 bits of the associated dsHostTopNHCRate object. If the associated dsHostTopNControlRateBase is equal to any of the High Capacity RMON enumerations (e.g. 'dsHostTopNInHCPkts'), then this object will contain the upper 32 bits of the associated dsHostTopNHCRate object. If the associated dsHostTopNControlRateBase is not equal to any of High Capacity RMON enumerations, then this object will contain the value zero. The agent may choose not to instantiate this object if High Capacity RMON collection is not supported." ::= { dsHostTopNEntry 5 } dsHostTopNHCRate OBJECT-TYPE SYNTAX Counter64 -- Gauge64 MAX-ACCESS read-only STATUS current DESCRIPTION "The amount of change in the selected variable during this sampling interval. The selected variable is this host's instance of the object selected by dsHostTopNControlRateBase. If the associated dsHostTopNControlRateBase is not equal to any of the High Capacity RMON enumerations (e.g., 'dsHostTopNInPkts'), then this object will contain the value zero, and the associated dsHostTopNRate object will contain the change in the selected variable during the sampling interval. The agent may choose not to instantiate this object if High Capacity RMON collection is not supported." ::= { dsHostTopNEntry 6 } -- -- Notifications Section -- (none defined) -- -- Expires December 1999 [Page 54] Internet-Draft DS-MON MIB June 1999 -- Conformance Section -- dsMonCompliances OBJECT IDENTIFIER ::= { dsMonConformance 1 } dsMonGroups OBJECT IDENTIFIER ::= { dsMonConformance 2 } dsMonCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "Describes the requirements for conformance to the Differentiated Services Monitoring MIB." MODULE -- this module MANDATORY-GROUPS { dsStatsGroup, dsHostGroup } GROUP dsStatsHCGroup DESCRIPTION "The dsStatsHCGroup is mandatory for systems which implement the dsStatsGroup and also implement High Capacity RMON monitoring." GROUP dsPdistGroup DESCRIPTION "The dsPdistGroup is mandatory for systems which implement DSCP monitoring and the protocolDirTable from the RMON-2 MIB [RFC2021]." GROUP dsPdistHCGroup DESCRIPTION "The dsPdistHCGroup is mandatory for systems which implement the dsPdistGroup and also implement High Capacity RMON monitoring." GROUP dsHostHCGroup DESCRIPTION "The dsHostHCGroup is mandatory for systems which implement the dsHostGroup and also implement High Capacity RMON monitoring." ::= { dsMonCompliances 1 } dsStatsGroup OBJECT-GROUP OBJECTS { dsStatsControlDataSource, dsStatsControlDroppedFrames, dsStatsControlCreateTime, dsStatsControlOwner, dsStatsControlStatus, dsStatsInPkts, dsStatsInOctets, dsStatsOutPkts, Expires December 1999 [Page 55] Internet-Draft DS-MON MIB June 1999 dsStatsOutOctets } STATUS current DESCRIPTION "A collection of objects providing per DSCP statistics." ::= { dsMonGroups 1 } dsStatsHCGroup OBJECT-GROUP OBJECTS { dsStatsInOvflPkts, dsStatsInOvflOctets, dsStatsInHCPkts, dsStatsInHCOctets, dsStatsOutOvflPkts, dsStatsOutOvflOctets, dsStatsOutHCPkts, dsStatsOutHCOctets } STATUS current DESCRIPTION "A collection of objects providing per DSCP statistics for high capacity data sources." ::= { dsMonGroups 2 } dsPdistGroup OBJECT-GROUP OBJECTS { dsPdistControlDataSource, dsPdistControlMaxDesiredEntries, dsPdistControlCollectMode, dsPdistControlDroppedFrames, dsPdistControlInserts, dsPdistControlDeletes, dsPdistControlCreateTime, dsPdistControlOwner, dsPdistControlStatus, dsPdistStatsPkts, dsPdistStatsOctets, dsPdistStatsCreateTime, dsPdistTopNControlPdistIndex, dsPdistTopNControlRateBase, dsPdistTopNControlTimeRemaining, dsPdistTopNControlGeneratedReports, dsPdistTopNControlDuration, dsPdistTopNControlRequestedSize, dsPdistTopNControlGrantedSize, Expires December 1999 [Page 56] Internet-Draft DS-MON MIB June 1999 dsPdistTopNControlStartTime, dsPdistTopNControlOwner, dsPdistTopNControlStatus, dsPdistTopNProtocolDirLocalIndex, dsPdistTopNDsCodept, dsPdistTopNRate } STATUS current DESCRIPTION "A collection of objects providing per protocol DSCP monitoring extensions to the RMON-2 MIB." ::= { dsMonGroups 3 } dsPdistHCGroup OBJECT-GROUP OBJECTS { dsPdistStatsOvflPkts, dsPdistStatsOvflOctets, dsPdistStatsHCPkts, dsPdistStatsHCOctets, dsPdistTopNRateOvfl, dsPdistTopNHCRate } STATUS current DESCRIPTION "A collection of objects providing per protocol DSCP monitoring extensions to the RMON-2 MIB for High Capacicy networks." ::= { dsMonGroups 4 } dsHostGroup OBJECT-GROUP OBJECTS { dsHostControlDataSource, dsHostControlMaxDesiredEntries, dsHostControlNumAddrBits, dsHostControlDroppedFrames, dsHostControlInserts, dsHostControlDeletes, dsHostControlCreateTime, dsHostControlOwner, dsHostControlStatus, dsHostInPkts, dsHostInOctets, dsHostOutPkts, dsHostOutOctets, dsHostCreateTime, Expires December 1999 [Page 57] Internet-Draft DS-MON MIB June 1999 dsHostTopNControlHostIndex, dsHostTopNControlRateBase, dsHostTopNControlTimeRemaining, dsHostTopNControlGeneratedReports, dsHostTopNControlDuration, dsHostTopNControlRequestedSize, dsHostTopNControlGrantedSize, dsHostTopNControlStartTime, dsHostTopNControlOwner, dsHostTopNControlStatus, dsHostTopNAddress, dsHostTopNDsCodept, dsHostTopNRate } STATUS current DESCRIPTION "A collection of objects providing per IP Host DSCP monitoring functions." ::= { dsMonGroups 5 } dsHostHCGroup OBJECT-GROUP OBJECTS { dsHostInOvflPkts, dsHostInOvflOctets, dsHostInHCPkts, dsHostInHCOctets, dsHostOutOvflPkts, dsHostOutOvflOctets, dsHostOutHCPkts, dsHostOutHCOctets, dsHostTopNRateOvfl, dsHostTopNHCRate } STATUS current DESCRIPTION "A collection of objects providing per IP Host DSCP monitoring functions for High Capacity networks." ::= { dsMonGroups 6 } END Expires December 1999 [Page 58] Internet-Draft DS-MON MIB June 1999 7. Intellectual Property The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards- related documentation can be found in BCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification can be obtained from the IETF Secretariat." The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director. 8. Acknowledgements This memo has been produced with a great deal of assistance from Keith McCloghrie and Bijendra Jain. 9. References [HC-RMON] S. Waldbusser, "Remote Network Monitoring Management Information Base for High Capacity Networks", draft-ietf-rmonmib-hcrmon-05.txt, International Network Services, February 1999. [RFC1155] Rose, M., and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based Internets", RFC 1155, Performance Systems International, Hughes LAN Systems, May 1990. [RFC1157] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network Management Protocol", RFC 1157, SNMP Research, Performance Systems International, Performance Systems International, MIT Laboratory for Computer Science, May 1990. Expires December 1999 [Page 59] Internet-Draft DS-MON MIB June 1999 [RFC1212] Rose, M., and K. McCloghrie, "Concise MIB Definitions", RFC 1212, Performance Systems International, Hughes LAN Systems, March 1991. [RFC1215] M. Rose, "A Convention for Defining Traps for use with the SNMP", RFC 1215, Performance Systems International, March 1991. [RFC1901] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [RFC1905] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [RFC1906] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1906, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [RFC2021] S. Waldbusser, "Remote Network Monitoring MIB (RMON-2)", RFC 2021, International Network Services, January 1997. [RFC2026] Bradner, S., "The Internet Standards Process -- Revision 3", RFC 2026, Harvard University, October, 1996. [RFC2074] Bierman, A., and R. Iddon, "Remote Network Monitoring MIB Protocol Identifiers", RFC 2074, Cisco Systems, AXON Networks, Inc., January 1997. [RFC2474] Nichols, K., Blake, S., Baker, F., and D. L. Black, "Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers", RFC 2474, Cisco Systems, Torrent Networking Technologies, Expires December 1999 [Page 60] Internet-Draft DS-MON MIB June 1999 EMC Corporation, December, 1998. [RFC2475] Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z., and W. Weiss, "An Architecture for Differentiated Services", RFC 2475, Torrent Networking Technologies, EMC Corporation, Sun Microsystems, Nortel UK, Bell Labs Lucent Technologies, Lucent Technologies, December, 1998. [RFC2570] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction to Version 3 of the Internet-standard Network Management Framework", RFC 2570, SNMP Research, Inc., TIS Labs at Network Associates, Inc., Ericsson, Cisco Systems, April 1999. [RFC2571] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing SNMP Management Frameworks", RFC 2571, Cabletron Systems, Inc., BMC Software, Inc., IBM T. J. Watson Research, April 1999. [RFC2572] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2572, SNMP Research, Inc., Cabletron Systems, Inc., BMC Software, Inc., IBM T. J. Watson Research, April 1999. [RFC2573] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC 2573, SNMP Research, Inc., Secure Computing Corporation, Cisco Systems, April 1999. [RFC2574] Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2574, IBM T. J. Watson Research, April 1999. [RFC2575] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2575, IBM T. J. Watson Research, BMC Software, Inc., Cisco Systems, Inc., April 1999. [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., Expires December 1999 [Page 61] Internet-Draft DS-MON MIB June 1999 and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", RFC 2578, STD 58, Cisco Systems, SNMPinfo, TU Braunschweig, SNMP Research, First Virtual Holdings, International Network Services, April 1999. [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", RFC 2579, STD 58, Cisco Systems, SNMPinfo, TU Braunschweig, SNMP Research, First Virtual Holdings, International Network Services, April 1999. [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Conformance Statements for SMIv2", RFC 2580, STD 58, Cisco Systems, SNMPinfo, TU Braunschweig, SNMP Research, First Virtual Holdings, International Network Services, April 1999. 10. Security Considerations There are a number of management objects defined in this MIB that have a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. There are a number of managed objects in this MIB that may contain sensitive information. These are: dsPdistStatsPkts dsPdistStatsOctets dsPdistStatsHCPkts dsPdistStatsHCOctets These objects expose some basic statistics about the DCSP distribution for each protocol detected on a particular network interface. dsHostInPkts dsHostInOctets dsHostInHCPkts dsHostInHCOctets dsHostOutPkts dsHostOutOctets dsHostOutHCPkts dsHostOutHCOctets Expires December 1999 [Page 62] Internet-Draft DS-MON MIB June 1999 These objects expose some basic statistics about the DCSP distribution for each IP host detected on a particular network interface. It is thus important to control even GET access to these objects and possibly to even encrypt the values of these object when sending them over the network via SNMP. Not all versions of SNMP provide features for such a secure environment. SNMPv1 by itself is not a secure environment. Even if the network itself is secure (for example by using IPSec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB. It is recommended that the implementers consider the security features as provided by the SNMPv3 framework. Specifically, the use of the User- based Security Model RFC 2574 [RFC2574] and the View-based Access Control Model RFC 2575 [RFC2575] is recommended. It is then a customer/user responsibility to ensure that the SNMP entity giving access to an instance of this MIB, is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them. 11. Author's Address Andy Bierman Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA USA 95134 Phone: +1 408-527-3711 Email: abierman@cisco.com 12. Full Copyright Statement Copyright (C) The Internet Society (1999). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in Expires December 1999 [Page 63] Internet-Draft DS-MON MIB June 1999 which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE." Expires December 1999 [Page 64]