DISMAN Working Group Kenneth White INTERNET DRAFT: IBM Corp. Expiration Date: March 1999 September 1998 Definitions of Managed Objects for Remote Operations Using SMIv2 Status of this Memo This document is an Internet Draft. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its Areas, and its Working Groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months. Internet Drafts may be updated, replaced, or obsoleted by other documents at any time. It is not appropriate to use Internet Drafts as reference material or to cite them other than as a "working draft" or "work in progress." Please check the I-D abstract listing contained in each Internet Draft directory to learn the current status of this or any Internet Draft. Distribution of this document is unlimited. Copyright Notice Copyright (C) The Internet Society (1998). All Rights Reserved. Abstract This memo defines a Management Information Base (MIB) for performing remote operations (ping, traceroute and DNS Lookup) at a remote host. When managing a network it is useful to be able to retrieve the results of either a ping or traceroute operation when performed at a remote host. A DNS Lookup capability is defined to determine the DNS of an address at a remote host. Currently, there exists several enterprise defined MIBs for performing both a remote ping or traceroute operation. The purpose of this memo is to defined a standards-based solution to enable interoperibility. Table of Contents 1.0 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 DISMAN Working Group Expires December 1998 [Page 1] Internet Draft REMOPS-MIB September 1, 1998 2.0 The SNMP Network Management Framework . . . . . . . . . . . . 3 3.0 Structure of the MIB . . . . . . . . . . . . . . . . . . . . . 4 4.0 Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 6 5.0 Security Considerations . . . . . . . . . . . . . . . . . . . 26 6.0 Intellectual Property . . . . . . . . . . . . . . . . . . . . 26 7.0 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 27 8.0 References . . . . . . . . . . . . . . . . . . . . . . . . . . 27 9.0 Author's Address . . . . . . . . . . . . . . . . . . . . . . . 28 10.0 Full Copyright Statement . . . . . . . . . . . . . . . . . . 28 1.0 Introduction The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119, reference [13]. This document is a product of the Distributed Management (DISMAN) Working Group. Its purpose is to define a standards-based MIB module for performing remote operations. The remote operations consist of the ping, traceroute and DNS Lookup functions. Ping and traceroute are two very useful functions for managing networks. Ping is typically used to determine if a path exists between two hosts while traceroute shows an actual path. Ping is usually implemented using the InterNet Control Message Protocol (ICMP) "ECHO" facility. It is also possible to implement a ping capability using alternate methods. For example, if the udp echo port (7) is supported at a target host it could be used instead of the ICMP echo facility. Traceroute is usually implemented by transmitting a series of probe packets with increasing time-to-live values. A probe packet is a UDP datagram encapsulated into an IP packet. Each hop in a path to the target (destination) host rejects the probe packets (probe's TTL too small) until its time-to-live value becomes large enough for the probe to be forwarded. Some systems use icmp probes instead of udp ones to implement traceroute. In both cases traceroute relies on the probes being rejected via an ICMP message to discover the hops taken along a path to the final destination. The actually method chosen to implement either the ping or traceroute functions at a remote host is considered to be implementation dependent. An agent implementation SHOULD use whatever method is thought to be best for its environment and document its behavior in its agent's capability statement when referring to the REMOPS-MIB. DISMAN Working Group Expires December 1998 [Page 2] Internet Draft REMOPS-MIB September 1, 1998 Both ping and traceroute yield the round-trip times measured in milliseconds. These times can be used as an rough approximation for network transit time. The DNS Lookup operation enables the equivalent of either a gethostbyname or a gethostbyaddr call being performed at a remote host. The traceroute function as provided by REMOP-MIB does not provide the DNS names of the intermediate hops. The DNS Lookup gethostbyname capability can be used to determine the symbolic name of a hop in a traceroute path. Neither the remote ping or traceroute operations accept a DNS name as the address of the target host. The DNS Lookup function gethostbyaddr can be used prior to using a remote ping or traceroute operation in order to determine the numeric address of a host. Consider the following diagram: +----------------------------------------------------------------------+ | | | Remote ping, traceroute, Actual ping, traceroute, | | +-----+or DNS Lookup op.+------+or DNS Lookup op.+------+ | | §Local§---------------->§Remote§---------------->§Target§ | | § Host§ § Host § § Host § | | +-----+ +------+ +------+ | | | | | +----------------------------------------------------------------------+ A local host is the host from which the remote ping, traceroute, or DNS Lookup operation is initiated from using an SNMP request. The remote host is a host where the MIB defined by this memo (REMOPS-MIB) is implemented that receives the remote operation via SNMP and performs the actual ping, traceroute, or DNS lookup function to the target (destination) host. 2.0 The SNMP Network Management Framework The SNMP Management Framework presently consists of five major components: o An overall architecture, described in RFC 2271 [7]. o Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in RFC 1155 [14], RFC 1212 [15] and RFC 1215 [16]. The second version, called SMIv2, is described in RFC 1902 [3], RFC 1903 [4] and RFC 1904 [5]. o Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in RFC 1157 [1]. A second version of the SNMP message protocol, which is not an Internet standards track protocol, is DISMAN Working Group Expires December 1998 [Page 3] Internet Draft REMOPS-MIB September 1, 1998 called SNMPv2c and described in RFC 1901 [17] and RFC 1906 [18]. The third version of the message protocol is called SNMPv3 and described in RFC 1906 [18], RFC 2272 [8] and RFC 2274 [10]. o Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described in RFC 1157 [1]. A second set of protocol operations and associated PDU formats is described in RFC 1905 [6]. o A set of fundamental applications described in RFC 2273 [9] and the view-based access control mechanism described in RFC 2275 [11]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined ore, using the mechanisms defined in the SMI. This memo specifies a MIB module that is compliant to the SMIv2. A MIB conforming to the SMIv1 can be produced through the appropriate translations. The resulting translated MIB must be semantically equivalent, except where objects or events are omitted because no translation is possible (use of Counter64). Some machine readable information in SMIv2 will be converted into textual descriptions in SMIv1 during the translation process. However, this loss of machine readable information is not considered to change the semantics of the MIB. 3.0 Structure of the MIB The REMOPS-MIB consists of the following components: o remopsSpinLock, remopsPingMaxConcurrentRequests, remopsTraceRouteMaxConcurrentRequests, remopsDnsLookupMaxConcurrentRequests, remopsPingPurgeTime, remopsTraceRoutePurgeTime, and remopsDnsLookupPurgeTime o remopsPingTable and remopsPingResultsTable o remopsTraceRouteTable and remopsTraceRouteResultsTable o remopsDnsLookupTable An agent MUST implement the remopsSpinLock object to enable management applications to coordinate their use of the REMOPS-MIB. Management application use of remopsSpinLock is OPTIONAL. The objects remopsPingMaxConcurrentRequests, remopsTraceRouteMaxConcurrentRequests, and remopsDnsLookupMaxConcurrentRequests enable control of the maximum number of concurrent requests that an agent implementation is structured to support. It is permissible for an agent to either limit the maximum upper range allowed for these objects or to implement these objects as read-only with implementation limits expressed as their values. DISMAN Working Group Expires December 1998 [Page 4] Internet Draft REMOPS-MIB September 1, 1998 The objects remopsPingPurgeTime, remopsTraceRoutePurgeTime, and remopsDnsLookupPurgeTime provide a method for entries in either remopsPingTable and remopsPingResultsTable; remopsTraceRouteTable and remopsTraceRouteResultsTable; or remopsDnsLookupTable to be automatically deleted after operations complete. A remote ping, traceroute or DNS Lookup operation is initiated by performing an SNMP SET request on either remopsPingRowStatus, remopsTraceRouteRowStatus, or remopsDnsLookupRowStatus.. The first index (either remopsPingOwnerIndex, remopsTraceRouteOwnerIndex, or remopsDnsLookupOwnerIndex) is of the SnmpAdminString textual convention that allows for use of the SNMPv3 VACM security model and also allows for a management application to identify its entries in either table. Remote ping and traceroute have a 2nd index that specifies the target address (ipv4 or ipv6) for the operation. DNS Lookup has two indexes. First, a RemopsDnsAddressType value that indicates the type of address being used: dnsName(1), ipv4(2), or ipv6(4). The last index is an RemopsDnsAddress value to specify the actual address. Remote ping, traceroute, and DNS Lookup require that an entry be created and activated in either remopsPingTable, remopsTraceRouteTable, or remopsDnsLookupTable. Using the maximum value for the parameters defined within an remopsPingEntry can result in a remote ping operation taking at most 15 minutes (remopsPingTimeOut times remopsPingProbeCount) plus whatever time it takes to send the ping request and receive its response over the network. Use of the defaults for remopsPingTimeOut and remopsProbeCount yields a maximum of 3 seconds to perform the actual ping operation. The object remopsPingOperStatus can be polled to determine when a ping operation completes prior to retrieve the results of the operation from the remopsPingResultsTable. Traceroute has a much longer theoretical maximum time for completion. Basically 42 hours and 30 minutes (the product of remopsTraceRouteTimeOut, remopsTraceRouteProbesPerHop, and remopsTraceRouteMaxTtl) plus some network transit time! Use of the defaults defined within an remopsTraceRouteEntry yields a maximum of 4 minutes and 30 seconds for a default traceroute operation. Clearly 42 plus hours is too long to wait for a traceroute operation to complete. The maximum TTL value in effect for traceroute route determines how long the traceroute function will keep increasing the TTL value in the probe it transmits hoping to reach the target host. The function ends whenever the maximum TTL is exceeded or the target host is reached. The object remopsTraceRouteSetupMaxFailures was created in order to impose a throttle for how long traceroute continues to increase the TTL field in a probe without receiving any kind of response (timeouts). It is RECOMMENDED that agent implementations impose a time limit for how long it allows a traceroute operation to take relative to how the function is implemented. For example, an implemented that can't process multiple traceroute operations at the same time SHOULD impose a shorter maximum allowed time period. The object remopsTraceRouteOperStatus can be DISMAN Working Group Expires December 1998 [Page 5] Internet Draft REMOPS-MIB September 1, 1998 examined to determine the state of a traceroute operation. The objects remopsTraceRouteResultsHopIndex and remopsTraceRouteResultsProbeIndex can be exaimed to determine how far the remote traceroute operation has reached. A management application can delete a active remote ping traceroute, or DNS Lookup request by setting its remopsPingRowStatus, remopsTraceRouteRowStatus, or remopsDnsLookupRowStatis object to destroy(6). An implementation SHOULD NOT retain SNMP-created entries in either the remopsPingTable, remopsTraceRouteTable or remopsDnsLookupTable across reIPLs (Initial Program Loads) of its agent, since management applications need to see consistent behavior with respect to the persistence of the table entries that they create. 4.0 Definitions REMOPS-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, experimental, Unsigned32 FROM SNMPv2-SMI -- RFC1902 TEXTUAL-CONVENTION, RowStatus, TestAndIncr, TruthValue FROM SNMPv2-TC -- RFC1903 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF -- RFC1904 Utf8String FROM SYSAPPL-MIB -- RFC2287 SnmpAdminString FROM SNMP-FRAMEWORK-MIB; -- RFC2271 remopsMIB MODULE-IDENTITY LAST-UPDATED "9809010000Z" ORGANIZATION "IETF Distributed Management Working Group" CONTACT-INFO "Kenneth White International Business Machines Corporation Network Computing Software Division Research Triangle Park, NC, USA E-mail: kennethw@vnet.ibm.com" DESCRIPTION "The Remote Operations MIB (REMOPS-MIB) enables use of the ping, traceroute, and the DNS Lookup functions, gethostbyname and gethostbyaddr, via use of the SNMP protocol." ::= { experimental 84 } -- Textual Conventions DISMAN Working Group Expires December 1998 [Page 6] Internet Draft REMOPS-MIB September 1, 1998 RemopsHostAddress ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The textual convention for specifying a host address. The type of address can be determined by the octet string length: OCTETs ADDRESS TYPE 0 not specified 4 ipv4 16 ipv6" SYNTAX OCTET STRING (SIZE (0..16)) RemopsDnsAddressType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The textual convention for defining the type of an address for a DNS Lookup operation." SYNTAX INTEGER { none(1), dnsName(2), -- Utf8string encoded DNS name ipv4(3), -- ipv4 address ipv6(4) -- ipv6 address } RemopsDnsAddress ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The textual convention for specifying a host address. The type of address is determined by the corresponding RemopsDnsAddressType object." SYNTAX OCTET STRING (SIZE (0..65)) RemopsStatus ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The textual convention for specifying the states that a remops operation can be in." SYNTAX INTEGER { notStarted(1), active(2), completed(3) } -- Top-level structure of the MIB remopsNotifications OBJECT IDENTIFIER ::= { remopsMIB 0 } remopsObjects OBJECT IDENTIFIER ::= { remopsMIB 1 } remopsConformance OBJECT IDENTIFIER ::= { remopsMIB 2 } -- All simple objects DISMAN Working Group Expires December 1998 [Page 7] Internet Draft REMOPS-MIB September 1, 1998 remopsBaseObjects OBJECT IDENTIFIER ::= { remopsObjects 1 } -- SpinLock Definition remopsSpinLock OBJECT-TYPE SYNTAX TestAndIncr MAX-ACCESS read-write STATUS current DESCRIPTION "An advisory lock used to allow cooperating remops applications to coordinate their use of the remopsPingTable or the remopsTraceRouteTable. This object should be used when an application seeks to create an new entry or alter an existing entry in either the remopsPingTable, remopsTraceRouteTable, or remopsDnsLookupTable. A management implementation MAY utilize the remopsSpinLock to serialize its changes or additions. Its usage is NOT REQUIRED." ::= { remopsBaseObjects 1 } remopsPingMaxConcurrentRequests OBJECT-TYPE SYNTAX Unsigned32 (1..100) MAX-ACCESS read-write STATUS current DESCRIPTION "The maximum number of concurrent active ping requests that are allowed within an agent implementation." DEFVAL { 10 } ::= { remopsBaseObjects 2 } remopsTraceRouteMaxConcurrentRequests OBJECT-TYPE SYNTAX Unsigned32 (1..100) MAX-ACCESS read-write STATUS current DESCRIPTION "The maximum number of concurrent active traceroute requests that are allowed within an agent implementation." DEFVAL { 10 } ::= { remopsBaseObjects 3 } remopsDnsLookupMaxConcurrentRequests OBJECT-TYPE SYNTAX Unsigned32 (1..100) MAX-ACCESS read-write STATUS current DESCRIPTION "The maximum number of concurrent active DNS Lookup requests that are allowed within an agent implementation." DEFVAL { 10 } ::= { remopsBaseObjects 4 } remopsPingPurgeTime OBJECT-TYPE SYNTAX Unsigned32 (0..86400) UNITS "seconds" DISMAN Working Group Expires December 1998 [Page 8] Internet Draft REMOPS-MIB September 1, 1998 MAX-ACCESS read-write STATUS current DESCRIPTION "The amount of time to wait before automatically deleting an entry in remopsPingTable and all remopsPingResultsTable entries after the ping operation represented by an entry in the remopsPingTable has completed." DEFVAL { 900 } -- 15 minutes as default ::= { remopsBaseObjects 5 } remopsTraceRoutePurgeTime OBJECT-TYPE SYNTAX Unsigned32 (0..86400) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The amount of time to wait before automatically deleting an entry in remopsTraceRouteTable and all dependent remopsTraceRouteResultsTable entries after the traceroute operation represented by an remopsTraceRouteEntry has completed." DEFVAL { 900 } -- 15 minutes as default ::= { remopsBaseObjects 6 } remopsDnsLookupPurgeTime OBJECT-TYPE SYNTAX Unsigned32 (0..86400) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The amount of time to wait before automatically deleting an entry in the remopsDnsLookupTable after the DNS Lookup operation represented by an remopsDnsLookupEntry has completed." DEFVAL { 900 } -- 15 minutes as default ::= { remopsBaseObjects 7 } -- Remote Operations Ping Table remopsPingTable OBJECT-TYPE SYNTAX SEQUENCE OF RemopsPingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the Remote Operations Ping Table for provide via SNMP the capability of invoking ping from a remote host." ::= { remopsObjects 2 } remopsPingEntry OBJECT-TYPE SYNTAX RemopsPingEntry MAX-ACCESS not-accessible STATUS current DISMAN Working Group Expires December 1998 [Page 9] Internet Draft REMOPS-MIB September 1, 1998 DESCRIPTION "Defines an entry in the remopsPingTable." INDEX { remopsPingOwnerIndex, remopsPingHostAddress } ::= { remopsPingTable 1 } RemopsPingEntry ::= SEQUENCE { remopsPingOwnerIndex SnmpAdminString, remopsPingHostAddress RemopsHostAddress, remopsPingPacketSize Unsigned32, remopsPingTimeOut Unsigned32, remopsPingProbeCount Unsigned32, remopsPingOperStatus RemopsStatus, remopsPingRowStatus RowStatus } remopsPingOwnerIndex OBJECT-TYPE SYNTAX SnmpAdminString (SIZE(0..32)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "To facilitate the provisioning of access control by a security administrator using the View-Based Access Control Model (RFC 2275, VACM) for tables in which multiple users may need to independently create or modify entries, the initial index is used as an 'owner index'. Such an initial index has a syntax of SnmpAdminString, and can thus be trivially mapped to a securityName or groupName as defined in VACM, in accordance with a security policy. All entries in that table belonging to a particular user will have the same value for this initial index. For a given user's entries in a particular table, the object identifiers for the information in these entries will have the same subidentifiers (except for the 'column' subidentifier) up to the end of the encoded owner index. To configure VACM to permit access to this portion of the table, one would create vacmViewTreeFamilyTable entries with the value of vacmViewTreeFamilySubtree including the owner index portion, and vacmViewTreeFamilyMask 'wildcarding' the column subidentifier. More elaborate configurations are possible." ::= { remopsPingEntry 1 } remopsPingHostAddress OBJECT-TYPE SYNTAX RemopsHostAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "Specifies the host address used on by ping request by the remote host. The host address type can be determined by its octet string length." ::= { remopsPingEntry 2 } DISMAN Working Group Expires December 1998 [Page 10] Internet Draft REMOPS-MIB September 1, 1998 remopsPingPacketSize OBJECT-TYPE SYNTAX Unsigned32 (0..65507) UNITS "octets" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the size of the data portion to be transmitted in a ping request in octets. A ping request is usually an ICMP message encoded into an IP packet. An IP packet has a maximum size of 65535 octets. Subtracting the size of the ICMP header (8 octets) and the size of the IP header (20 octets) yields a maximum size of 65507 octets." DEFVAL { 0 } ::= { remopsPingEntry 3 } remopsPingTimeOut OBJECT-TYPE SYNTAX Unsigned32 (1..60) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the time-out value, in seconds, for the actual PING request made by the remote host. Valid values for time out are from 1 to 60 seconds." DEFVAL { 3 } ::= { remopsPingEntry 4 } remopsPingProbeCount OBJECT-TYPE SYNTAX Unsigned32 (1..15) MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the number of times to issue a ping request at a remote host." DEFVAL { 1 } ::= { remopsPingEntry 5 } remopsPingOperStatus OBJECT-TYPE SYNTAX RemopsStatus MAX-ACCESS read-only STATUS current DESCRIPTION "Reflects the operational state of a remote ping operation." ::= { remopsPingEntry 6 } remopsPingRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object allows entries to be created and deleted in the remopsPingTable. Deletion of an entry in this DISMAN Working Group Expires December 1998 [Page 11] Internet Draft REMOPS-MIB September 1, 1998 table results in all remopsPingResultsTable entries being deleted. A remote ping operation is started when an entry in this table is created via an SNMP SET request and the entry is activated. This can occur by setting the value of this object to CreateAndGo(4) during row creation or by setting this object to active(1) after the row is created. A remote ping request starts when its entry first becomes active(1). Transitions in and out of active(1) state have no effect on the operational behavior of a remote ping operation, with the exception that deletion of an entry in this table by setting its RowStatus object to destroy(6) will stop an active remote ping operation. The operational state of an remote ping operation can be determined by examination of it's remopsPingOperStatus object." REFERENCE "RFC 1903, 'Textual Conventions for version 2 of the Simple Network Management Protocol (SNMPv2).'" ::= { remopsPingEntry 7 } -- Remote Operations Ping Results Table remopsPingResultsTable OBJECT-TYPE SYNTAX SEQUENCE OF RemopsPingResultsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the Remote Operations Result Ping Table for storing the results of a ping operation." ::= { remopsObjects 3 } remopsPingResultsEntry OBJECT-TYPE SYNTAX RemopsPingResultsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the remopsPingResultsTable." INDEX { remopsPingOwnerIndex, remopsPingHostAddress, remopsPingResultsProbeIndex } ::= { remopsPingResultsTable 1 } RemopsPingResultsEntry ::= SEQUENCE { DISMAN Working Group Expires December 1998 [Page 12] Internet Draft REMOPS-MIB September 1, 1998 remopsPingResultsProbeIndex Unsigned32, remopsPingResultsResponse Integer32 } remopsPingResultsProbeIndex OBJECT-TYPE SYNTAX Unsigned32 (1..15) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table is created when the results of a ping probe is determined. The initial instance identifier value identifies the remopsPingEntry that a probe result (remopsPingResultsEntry) belongs to." ::= { remopsPingResultsEntry 1 } remopsPingResultsResponse OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The result of the ping operation made by a remote host for a particular probe. The results of the probe is indicated as the value of this object as follows: >=0 Round-trip response time in milliseconds. -1 Internal error. -2 ICMP echo request timed out. -3 Unknown destination address. -4 No route to host. -5 Interface inactive to host. -6 Failed to resolve host name. -7 remopsPingMaxConcurrentRequests limit reached." ::= { remopsPingResultsEntry 2 } -- Remote Operations Traceroute Table remopsTraceRouteTable OBJECT-TYPE SYNTAX SEQUENCE OF RemopsTraceRouteEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the Remote Operations Traceroute Table for provide via SNMP the capability of invoking traceroute from a remote host." ::= { remopsObjects 4 } remopsTraceRouteEntry OBJECT-TYPE SYNTAX RemopsTraceRouteEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the remopsTraceRouteTable." INDEX { DISMAN Working Group Expires December 1998 [Page 13] Internet Draft REMOPS-MIB September 1, 1998 remopsTraceRouteOwnerIndex, remopsTraceRouteHostAddress } ::= { remopsTraceRouteTable 1 } RemopsTraceRouteEntry ::= SEQUENCE { remopsTraceRouteOwnerIndex SnmpAdminString, remopsTraceRouteHostAddress RemopsHostAddress, remopsTraceRouteByPassRouteTable TruthValue, remopsTraceRoutePacketSize Unsigned32, remopsTraceRouteTimeOut Unsigned32, remopsTraceRouteProbesPerHop Unsigned32, remopsTraceRoutePort Unsigned32, remopsTraceRouteMaxTtl Unsigned32, remopsTraceRouteTos Unsigned32, remopsTraceRouteSourceAddress RemopsHostAddress, remopsTraceRouteInterfaceName OCTET STRING, remopsTraceRouteMiscOptions Utf8String, remopsTraceRouteMaxFailures Unsigned32, remopsTraceRouteOperStatus RemopsStatus, remopsTraceRouteCurHopCount Unsigned32, remopsTraceRouteCurProbeCount Unsigned32, remopsTraceRouteRowStatus RowStatus } remopsTraceRouteOwnerIndex OBJECT-TYPE SYNTAX SnmpAdminString (SIZE(0..32)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "To facilitate the provisioning of access control by a security administrator using the View-Based Access Control Model (RFC 2275, VACM) for tables in which multiple users may need to independently create or modify entries, the initial index is used as an 'owner index'. Such an initial index has a syntax of SnmpAdminString, and can thus be trivially mapped to a securityName or groupName as defined in VACM, in accordance with a security policy. All entries in this table belonging to a particular user will have the same value for this initial index. For a given user's entries in a particular table, the object identifiers for the information in these entries will have the same subidentifiers (except for the 'column' subidentifier) up to the end of the encoded owner index. To configure VACM to permit access to this portion of the table, one would create vacmViewTreeFamilyTable entries with the value of vacmViewTreeFamilySubtree including the owner index portion, and vacmViewTreeFamilyMask 'wildcarding' the column subidentifier. More elaborate configurations are possible." ::= { remopsTraceRouteEntry 1 } remopsTraceRouteHostAddress OBJECT-TYPE SYNTAX RemopsHostAddress MAX-ACCESS not-accessible DISMAN Working Group Expires December 1998 [Page 14] Internet Draft REMOPS-MIB September 1, 1998 STATUS current DESCRIPTION "Specifies the host address used on the traceroute request at the remote host. The host address type can be determined by the length of the corresponding octet string." ::= { remopsTraceRouteEntry 2 } remopsTraceRouteByPassRouteTable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The purpose of this object is optionally enable bypassing the route table. If enabled bypass the normal routing tables and send directly to a host on an attached network. If the host is not on a directly-attached network, an error is returned. This option can be used to ping a local host through an interface that has no route through it (e.g., after the interface was dropped by routed)." DEFVAL { false } ::= { remopsTraceRouteEntry 3 } remopsTraceRoutePacketSize OBJECT-TYPE SYNTAX Unsigned32 (0..65507) UNITS "octets" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the size of the data portion of a traceroute request in octets. A traceroute request is essentially transmitted by encoding a UDP datagram into a IP packet. So subtracting the size of a UDP header (8 octets) and the size of a IP header (20 octets) yields a maximum of 65507 octets." DEFVAL { 0 } ::= { remopsTraceRouteEntry 4 } remopsTraceRouteTimeOut OBJECT-TYPE SYNTAX Unsigned32 (1..60) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the time-out value, in seconds, for a traceroute request." DEFVAL { 3 } ::= { remopsTraceRouteEntry 5 } remopsTraceRouteProbesPerHop OBJECT-TYPE SYNTAX Unsigned32 (1..10) DISMAN Working Group Expires December 1998 [Page 15] Internet Draft REMOPS-MIB September 1, 1998 UNITS "count" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the number of times to reissue a traceroute request with the same time-to-live (TTL) value." DEFVAL { 3 } ::= { remopsTraceRouteEntry 6 } remopsTraceRoutePort OBJECT-TYPE SYNTAX Unsigned32 (1..65535) UNITS "UDP Port" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the UDP port to sent the traceroute request to. Need to specify a port that is not in use at the destination host." DEFVAL { 4096 } ::= { remopsTraceRouteEntry 7 } remopsTraceRouteMaxTtl OBJECT-TYPE SYNTAX Unsigned32 (1..255) UNITS "time-to-live maximum" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the maximum time-to-live value." DEFVAL { 30 } ::= { remopsTraceRouteEntry 8 } remopsTraceRouteTos OBJECT-TYPE SYNTAX Unsigned32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the value to store in the TOS OCTET in the IP probe packet that is transmitted as the traceroute request. The value must be a decimal integer in the range 0 to 255. This option can be used to see if different types-of-service result in different paths. Not all values of TOS are legal or meaningful. TOS is often not supported by IP implementations. Useful values are probably '16' (low delay) and '8' (high throughput)." DEFVAL { 0 } ::= { remopsTraceRouteEntry 9 } remopsTraceRouteSourceAddress OBJECT-TYPE SYNTAX RemopsHostAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Use the specified IP address DISMAN Working Group Expires December 1998 [Page 16] Internet Draft REMOPS-MIB September 1, 1998 (which must be given as an IP number, not a hostname) as the source address in outgoing probe packets. On hosts with more than one IP address, this option can be used to force the source address to be something other than the IP address of the interface the probe packet is sent on. If the IP address is not one of this machine's interface addresses, an error is returned and nothing is sent." DEFVAL { ''H } ::= { remopsTraceRouteEntry 10 } remopsTraceRouteInterfaceName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "Setting this object to an interface's name prior to starting a remote traceroute operation directs the traceroute probes to be transmitted over the specified interface." DEFVAL { ''H } ::= { remopsTraceRouteEntry 11 } remopsTraceRouteMiscOptions OBJECT-TYPE SYNTAX Utf8String (SIZE(0..64)) MAX-ACCESS read-create STATUS current DESCRIPTION "Enables an application to specify implementation dependent options." DEFVAL { ''H } ::= { remopsTraceRouteEntry 12 } remopsTraceRouteMaxFailures OBJECT-TYPE SYNTAX Unsigned32 (1..255) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object indicates the maximum number of consecutive timeouts allowed before terminating a remote traceroute request. A value of 255 (maximum hop count) indicate that the function of terminating a remote traceroute request when a number of successive timeouts are detected is disabled." DEFVAL { 5 } ::= { remopsTraceRouteEntry 13 } remopsTraceRouteOperStatus OBJECT-TYPE SYNTAX RemopsStatus MAX-ACCESS read-only STATUS current DESCRIPTION "Reflects the operational state of a remote traceroute operation." DISMAN Working Group Expires December 1998 [Page 17] Internet Draft REMOPS-MIB September 1, 1998 ::= { remopsTraceRouteEntry 14 } remopsTraceRouteCurHopCount OBJECT-TYPE SYNTAX Unsigned32 (1..255) MAX-ACCESS read-only STATUS current DESCRIPTION "Reflects the current TTL value for an remote traceroute operation. Maximum TTL value is determined by remopsTraceRouteMaxTtl." ::= { remopsTraceRouteEntry 15 } remopsTraceRouteCurProbeCount OBJECT-TYPE SYNTAX Unsigned32 (1..10) MAX-ACCESS read-only STATUS current DESCRIPTION "Reflects the current probe count for an remote traceroute operation. The maximum probe count is determined by remopsTraceRouteProbesPerHop." ::= { remopsTraceRouteEntry 16 } remopsTraceRouteRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object allows entries to be created and deleted in the remopsTraceRouteTable. A remote traceroute operation is started when an entry in this table is created via an SNMP SET request and the entry is activated. This can occur by setting the value of this object to CreateAndGo(4) during row creation or by setting this object to active(1) after the row is created. A remote traceroute request starts when its entry first becomes active(1). Transitions in and out of active(1) state have no effect on the operational behavior of a remote traceroute operation, with the exception that deletion of an entry in this table by setting its RowStatus object to destroy(6) will stop an active remote traceroute operation." REFERENCE "RFC 1903, 'Textual Conventions for version 2 of the Simple Network Management Protocol (SNMPv2).'" ::= { remopsTraceRouteEntry 17 } -- Remote Operations Traceroute Results Table remopsTraceRouteResultsTable OBJECT-TYPE DISMAN Working Group Expires December 1998 [Page 18] Internet Draft REMOPS-MIB September 1, 1998 SYNTAX SEQUENCE OF RemopsTraceRouteResultsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the Remote Operations Traceroute Results Table for storing the results of a traceroute operation." ::= { remopsObjects 5 } remopsTraceRouteResultsEntry OBJECT-TYPE SYNTAX RemopsTraceRouteResultsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the remopsTraceRouteResultsTable." INDEX { remopsTraceRouteOwnerIndex, remopsTraceRouteHostAddress, remopsTraceRouteResultsHopIndex, remopsTraceRouteResultsProbeIndex } ::= { remopsTraceRouteResultsTable 1 } RemopsTraceRouteResultsEntry ::= SEQUENCE { remopsTraceRouteResultsHopIndex Unsigned32, remopsTraceRouteResultsProbeIndex Unsigned32, remopsTraceRouteResultsHopAddress RemopsHostAddress, remopsTraceRouteResultsResponse Integer32 } remopsTraceRouteResultsHopIndex OBJECT-TYPE SYNTAX Unsigned32 (1..255) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table has as its initial instance identifier the value of its corresponding remopsTraceRouteEntry's instance identifier." ::= { remopsTraceRouteResultsEntry 1 } remopsTraceRouteResultsProbeIndex OBJECT-TYPE SYNTAX Unsigned32 (1..10) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Indicates the index of a probe for determining a hop in a traceroute path." ::= { remopsTraceRouteResultsEntry 2 } remopsTraceRouteResultsHopAddress OBJECT-TYPE SYNTAX RemopsHostAddress MAX-ACCESS read-only STATUS current DESCRIPTION DISMAN Working Group Expires December 1998 [Page 19] Internet Draft REMOPS-MIB September 1, 1998 "The address of a hop in a traceroute path. This object is not allowed to be a DNS name. The length of the octet string returned determines the address type." ::= { remopsTraceRouteResultsEntry 3 } remopsTraceRouteResultsResponse OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object indicated the result of a traceroute probe: >=0 Round-trip response time in milliseconds. -1 Internal error. -2 probe timed out. -3 Unknown destination address. -4 No route to host. -5 Interface inactive to host. -6 Failed to resolve host name. -7 remopsTraceRouteMaxConcurrentRequests limit reached." ::= { remopsTraceRouteResultsEntry 4 } -- Remote Operations DNS Lookup Table remopsDnsLookupTable OBJECT-TYPE SYNTAX SEQUENCE OF RemopsDnsLookupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the Remote Operations DnsLookup Table for provide via SNMP the capability of performing a DNS Lookup, gethostbyname or gethostbyaddr, from a remote host." ::= { remopsObjects 6 } remopsDnsLookupEntry OBJECT-TYPE SYNTAX RemopsDnsLookupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the remopsDnsLookupTable." INDEX { remopsDnsLookupOwnerIndex, remopsDnsLookupAddressType, remopsDnsLookupAddress } ::= { remopsDnsLookupTable 1 } RemopsDnsLookupEntry ::= SEQUENCE { remopsDnsLookupOwnerIndex SnmpAdminString, remopsDnsLookupAddressType RemopsDnsAddressType, remopsDnsLookupAddress RemopsDnsAddress, remopsDnsLookupTimeOut Unsigned32, DISMAN Working Group Expires December 1998 [Page 20] Internet Draft REMOPS-MIB September 1, 1998 remopsDnsLookupRetryLimit Unsigned32, remopsDnsLookupOperStatus RemopsStatus, remopsDnsLookupRetryCount Unsigned32, remopsDnsLookupResultType RemopsDnsAddressType, remopsDnsLookupResult RemopsDnsAddress, remopsDnsLookupRowStatus RowStatus } remopsDnsLookupOwnerIndex OBJECT-TYPE SYNTAX SnmpAdminString (SIZE(0..32)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "To facilitate the provisioning of access control by a security administrator using the View-Based Access Control Model (RFC 2275, VACM) for tables in which multiple users may need to independently create or modify entries, the initial index is used as an 'owner index'. Such an initial index has a syntax of SnmpAdminString, and can thus be trivially mapped to a securityName or groupName as defined in VACM, in accordance with a security policy. All entries in that table belonging to a particular user will have the same value for this initial index. For a given user's entries in a particular table, the object identifiers for the information in these entries will have the same subidentifiers (except for the 'column' subidentifier) up to the end of the encoded owner index. To configure VACM to permit access to this portion of the table, one would create vacmViewTreeFamilyTable entries with the value of vacmViewTreeFamilySubtree including the owner index portion, and vacmViewTreeFamilyMask 'wildcarding' the column subidentifier. More elaborate configurations are possible." ::= { remopsDnsLookupEntry 1 } remopsDnsLookupAddressType OBJECT-TYPE SYNTAX RemopsDnsAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "Specifies the type of address for either performing a gethostbyname or a gethostbyaddr call at a remote host. Specification of a dnsName(2) implies that gethostbyname should be called to return a numeric address. Use of a value of either ipv4(3) or ipv6(4) implies that a gethostbyaddr call should occur to return the symbolic name of a remote host." ::= { remopsDnsLookupEntry 2 } remopsDnsLookupAddress OBJECT-TYPE SYNTAX RemopsDnsAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "Specifies the address used for a DNS Lookup at a remote host. The corresponding remopsDnsLookupAddressType DISMAN Working Group Expires December 1998 [Page 21] Internet Draft REMOPS-MIB September 1, 1998 objects determines its type as well as the function that can be requested." ::= { remopsDnsLookupEntry 3 } remopsDnsLookupTimeOut OBJECT-TYPE SYNTAX Unsigned32 (1..60) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the time-out value, in seconds, for the DNS Lookup operation made at a remote host. Valid values for timeout are from 1 to 60 seconds." DEFVAL { 3 } ::= { remopsDnsLookupEntry 4 } remopsDnsLookupRetryLimit OBJECT-TYPE SYNTAX Unsigned32 (1..15) MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the number of times to reattempt to perform an DNS Lookup on encountering a timeout." DEFVAL { 1 } ::= { remopsDnsLookupEntry 5 } remopsDnsLookupOperStatus OBJECT-TYPE SYNTAX RemopsStatus MAX-ACCESS read-only STATUS current DESCRIPTION "Reflects the operational state of a remote DNS Lookup operation." ::= { remopsDnsLookupEntry 6 } remopsDnsLookupRetryCount OBJECT-TYPE SYNTAX Unsigned32 (1..15) MAX-ACCESS read-only STATUS current DESCRIPTION "The current retry number." ::= { remopsDnsLookupEntry 7 } remopsDnsLookupResultType OBJECT-TYPE SYNTAX RemopsDnsAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "The type of address being returned. The value of this object is none(0) when either the operation hasn't completed or when the operation fails." ::= { remopsDnsLookupEntry 8 } DISMAN Working Group Expires December 1998 [Page 22] Internet Draft REMOPS-MIB September 1, 1998 remopsDnsLookupResult OBJECT-TYPE SYNTAX RemopsDnsAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The results of a remote DNS Lookup. The value of this object is the zero length octet string when either the operation hasn't completed or when the operation fails." ::= { remopsDnsLookupEntry 9 } remopsDnsLookupRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object allows entries to be created and deleted in the remopsDnsLookupTable. A remote DNS Lookup operation is started when an entry in this table is created via an SNMP SET request and the entry is activated. This can occur by setting the value of this object to CreateAndGo(4) during row creation or by setting this object to active(1) after the row is created. A remote DNS Lookup operation starts when its entry first becomes active(1). Transitions in and out of active(1) state have no effect on the operational behavior of a remote DNS Lookup operation, with the exception that deletion of an entry in this table by setting its RowStatus object to destroy(6) will stop an active remote DNS Lookup operation. The operational state of a remote DNS Lookup operation can be determined by examination of it's remopsDnsLookupOperStatus object." REFERENCE "RFC 1903, 'Textual Conventions for version 2 of the Simple Network Management Protocol (SNMPv2).'" ::= { remopsDnsLookupEntry 10 } --------------------------------------------------------------------- -- Conformance information -- Compliance statements --------------------------------------------------------------------- remopsCompliances OBJECT IDENTIFIER ::= { remopsConformance 1 } remopsGroups OBJECT IDENTIFIER ::= { remopsConformance 2 } --------------------------------------------------------------------- -- Compliance statements --------------------------------------------------------------------- DISMAN Working Group Expires December 1998 [Page 23] Internet Draft REMOPS-MIB September 1, 1998 remopsCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for the REMOPS-MIB." MODULE -- this module MANDATORY-GROUPS { remopsBaseGroup, remopsPingGroup, remopsTraceRouteGroup, remopsDnsLookupGroup } OBJECT remopsPingMaxConcurrentRequests MIN-ACCESS read-only DESCRIPTION "The agent is not required to support a SET operation to this object." OBJECT remopsPingPurgeTime MIN-ACCESS read-only DESCRIPTION "The agent is not required to support a SET operation to this object." OBJECT remopsTraceRouteMaxConcurrentRequests MIN-ACCESS read-only DESCRIPTION "The agent is not required to support a SET operation to this object." OBJECT remopsTraceRoutePurgeTime MIN-ACCESS read-only DESCRIPTION "The agent is not required to support a SET operation to this object." OBJECT remopsDnsLookupMaxConcurrentRequests MIN-ACCESS read-only DESCRIPTION "The agent is not required to support a SET operation to this object." OBJECT remopsDnsLookupPurgeTime MIN-ACCESS read-only DESCRIPTION "The agent is not required to support a SET operation to this object." ::= { remopsCompliances 1 } --------------------------------------------------------------------- -- MIB groupings --------------------------------------------------------------------- DISMAN Working Group Expires December 1998 [Page 24] Internet Draft REMOPS-MIB September 1, 1998 remopsBaseGroup OBJECT-GROUP OBJECTS { remopsSpinLock } STATUS current DESCRIPTION "The group of objects common to both the remote ping and remote traceroute operations." ::= { remopsGroups 1 } remopsPingGroup OBJECT-GROUP OBJECTS { remopsPingMaxConcurrentRequests, remopsPingPurgeTime, remopsPingPacketSize, remopsPingTimeOut, remopsPingProbeCount, remopsPingOperStatus, remopsPingRowStatus, remopsPingResultsResponse } STATUS current DESCRIPTION "The group of objects that comprise the remote ping operation." ::= { remopsGroups 2 } remopsTraceRouteGroup OBJECT-GROUP OBJECTS { remopsTraceRouteMaxConcurrentRequests, remopsTraceRoutePurgeTime, remopsTraceRouteByPassRouteTable, remopsTraceRoutePacketSize, remopsTraceRouteTimeOut, remopsTraceRouteProbesPerHop, remopsTraceRoutePort, remopsTraceRouteMaxTtl, remopsTraceRouteTos, remopsTraceRouteSourceAddress, remopsTraceRouteInterfaceName, remopsTraceRouteMiscOptions, remopsTraceRouteMaxFailures, remopsTraceRouteOperStatus, remopsTraceRouteCurHopCount, remopsTraceRouteCurProbeCount, remopsTraceRouteRowStatus, remopsTraceRouteResultsHopAddress, remopsTraceRouteResultsResponse } STATUS current DESCRIPTION "The group of objects that comprise the remote traceroute operation." ::= { remopsGroups 3 } DISMAN Working Group Expires December 1998 [Page 25] Internet Draft REMOPS-MIB September 1, 1998 remopsDnsLookupGroup OBJECT-GROUP OBJECTS { remopsDnsLookupMaxConcurrentRequests, remopsDnsLookupPurgeTime, remopsDnsLookupTimeOut, remopsDnsLookupRetryLimit, remopsDnsLookupOperStatus, remopsDnsLookupRetryCount, remopsDnsLookupResultType, remopsDnsLookupResult, remopsDnsLookupRowStatus } STATUS current DESCRIPTION "The group of objects that comprise the remote DNS Lookup operation." ::= { remopsGroups 4 } END 5.0 Security Considerations Certain management information defined in this MIB may be considered sensitive in some network environments. Therefore, authentication of received SNMP requests and controlled access to management information SHOULD be employed in such environments. The method for this authentication is a function of the SNMP Administrative Framework, and has not been expanded by this MIB. It is RECOMMENDED that this MIB not be supported in insecure environments. 6.0 Intellectual Property The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards-related documentation can be found in BCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF Secretariat. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this DISMAN Working Group Expires December 1998 [Page 26] Internet Draft REMOPS-MIB September 1, 1998 standard. Please address the information to the IETF Executive Director. 7.0 Acknowledgments This document is a product of the DISMAN Working Group. 8.0 References [1] Case, J., M. Fedor, M. Schoffstall, J. Davin, "Simple Network Management Protocol", RFC 1157, SNMP Research, Performance Systems International, MIT Laboratory for Computer Science, May 1990. [2] McCloghrie, K., and M. Rose, Editors, "Management Information Base for Network Management of TCP/IP-based internets: MIB-II", STD 17, RFC 1213, Hughes LAN Systems, Performance Systems International, March 1991. [3] Case, J., McCloghrie, K., Rose, M., and Waldbusser S., "Structure of Management Information for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1902, January 1996. [4] Case, J., McCloghrie, K., Rose, M., and Waldbusser, S., "Textual Conventions for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1903, January 1996. [5] Case, J., McCloghrie, K., Rose, M., and Waldbusser, S., "Conformance Statements for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1904, January 1996. [6] Case, J., McCloghrie, K., Rose, M., and Waldbusser, S., "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, January 1996. [7] Harrington D., Presuhn, R., Wijnen, B., "An Architecture for Describing SNMP Management Frameworks", RFC 2271, Cabletron Systems, BMC Software, Inc., IBM T.J. Watson Research, January 1998. [8] Harrington D., Presuhn, R., Wijnen, B., "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2272, Cabletron Systems, BMC Software, Inc., IBM T.J. Watson Research, January 1998. [9] Levi D., Meyer P., Stewart, B., "SNMPv3 Applications", RFC 2273, SNMP Research, Inc., Secure Computing Corporation, Cisco Systems, January 1998. [10] Blumenthal, U., Wijnen, B., "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2274, IBM T. J. Watson Research, January 1998. DISMAN Working Group Expires December 1998 [Page 27] Internet Draft REMOPS-MIB September 1, 1998 [11] Wijnen, B., Presuhn, R., McCloghrie, K., "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2275, IBM T.J. Watson Research, BMC Software, Inc., Cisco Systems, Inc., January 1998. [12] Hovey, R., and S. Bradner, "The Organizations Involved in the IETF Standards Process", BCP 11, RFC 2028, October 1996. [13] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [14] Rose, M., and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based Internets", RFC 1155, Performance Systems International, Hughes LAN Systems, May 1990. [15] Rose, M., and K. McCloghrie, "Concise MIB Definitions", RFC 1212, Performance Systems International, Hughes LAN Systems, March 1991. [16] M. Rose, "A Convention for Defining Traps for use with the SNMP", RFC 1215, Performance Systems International, March 1991. [17] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [18] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1906, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. 9.0 Author's Address Kenneth D. White Dept. BRQA/Bldg. 501/G114 IBM Corporation P.O.Box 12195 3039 Cornwallis Research Triangle Park, NC 27709, USA E-mail: kennethw@vnet.ibm.com 10.0 Full Copyright Statement Copyright (C) The Internet Society (1997). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself DISMAN Working Group Expires December 1998 [Page 28] Internet Draft REMOPS-MIB September 1, 1998 may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. DISMAN Working Group Expires December 1998 [Page 29]