DISMAN Working Group Kenneth White INTERNET DRAFT: IBM Corp. Expiration Date: June 1999 December 1998 Definitions of Managed Objects for Remote Ping, Traceroute, and Lookup Operations Using SMIv2 Status of this Memo This document is an Internet Draft. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its Areas, and its Working Groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months. Internet Drafts may be updated, replaced, or obsoleted by other documents at any time. It is not appropriate to use Internet Drafts as reference material or to cite them other than as a "working draft" or "work in progress." Please check the I-D abstract listing contained in each Internet Draft directory to learn the current status of this or any Internet Draft. Distribution of this document is unlimited. Copyright Notice Copyright (C) The Internet Society (1998). All Rights Reserved. Abstract This memo defines Management Information Bases (MIBs) for performing remote ping, traceroute and lookup operations at a remote host. When managing a network it is useful to be able to retrieve the results of either a ping or traceroute operation when performed at a remote host. A Lookup capability is defined to enable resolving either a IP address to a DNS name or a DNS name to a IP address at a remote host. Currently, there exists several enterprise defined MIBs for performing both remote ping or traceroute operations. The purpose of this memo is to defined a standards-based solution to enable interoperibility. DISMAN Working Group Expires March 1999 [Page 1] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 Table of Contents 1.0 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2 2.0 The SNMP Network Management Framework . . . . . . . . . . . . 3 3.0 Structure of the MIBs . . . . . . . . . . . . . . . . . . . . 4 3.1 Ping MIB . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 3.2 Traceroute MIB . . . . . . . . . . . . . . . . . . . . . . . . 6 3.3 Lookup MIB . . . . . . . . . . . . . . . . . . . . . . . . . . 7 4.0 Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 8 5.0 Security Considerations . . . . . . . . . . . . . . . . . . . 30 6.0 Intellectual Property . . . . . . . . . . . . . . . . . . . . 30 7.0 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 31 8.0 References . . . . . . . . . . . . . . . . . . . . . . . . . . 31 9.0 Author's Address . . . . . . . . . . . . . . . . . . . . . . . 32 10.0 Full Copyright Statement . . . . . . . . . . . . . . . . . . 32 1.0 Introduction The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119, reference [13]. This document is a product of the Distributed Management (DISMAN) Working Group. Its purpose is to define standards-based MIB modules for performing specific remote operations. The remote operations define by this document consist of the ping, traceroute and lookup functions. Ping and traceroute are two very useful functions for managing networks. Ping is typically used to determine if a path exists between two hosts while traceroute shows an actual path. Ping is usually implemented using the InterNet Control Message Protocol (ICMP) "ECHO" facility. It is also possible to implement a ping capability using alternate methods. For example, if the udp echo port (7) is supported at a target host it could be used instead of the ICMP echo facility. Traceroute is usually implemented by transmitting a series of probe packets with increasing time-to-live values. A probe packet is a UDP datagram encapsulated into an IP packet. Each hop in a path to the target (destination) host rejects the probe packets (probe's TTL too small) until its time-to-live value becomes large enough for the probe to be forwarded. Some systems use icmp probes instead of udp ones to implement traceroute. In both cases traceroute relies on the probes DISMAN Working Group Expires March 1999 [Page 2] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 being rejected via an ICMP message to discover the hops taken along a path to the final destination. The actually method chosen to implement either the ping or traceroute functions at a remote host is considered to be implementation dependent. An agent implementation SHOULD use whatever method is thought to be best for its environment and document its behavior in its agent's capability statement when referring to the MIBs defined by this document. Both ping and traceroute yield the round-trip times measured in milliseconds. These times can be used as an rough approximation for network transit time. The Lookup operation enables the equivalent of either a gethostbyname() or a gethostbyaddr() call being performed at a remote host. The traceroute function provided does not provide the DNS names of the intermediate hops. The Lookup gethostbyname() capability can be used to determine the symbolic name of a hop in a traceroute path. Neither the remote ping or traceroute operations accept a DNS name as the address of the target host. The Lookup function gethostbyaddr() can be used prior to using a remote ping or traceroute operation in order to determine the numeric address of a host. Consider the following diagram: +----------------------------------------------------------------------+ | | | Remote ping, traceroute, Actual ping, traceroute, | | +-----+or Lookup op. +------+or Lookup op. +------+ | | |Local|---------------->|Remote|---------------->|Target| | | | Host| | Host | | Host | | | +-----+ +------+ +------+ | | | | | +----------------------------------------------------------------------+ A local host is the host from which the remote ping, traceroute, or Lookup operation is initiated from using an SNMP request. The remote host is a host where the MIBs defined by this memo are implemented that receives the remote operation via SNMP and performs the actual ping, traceroute, or lookup function. 2.0 The SNMP Network Management Framework The SNMP Management Framework presently consists of five major components: o An overall architecture, described in RFC 2271 [7]. o Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in RFC DISMAN Working Group Expires March 1999 [Page 3] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 1155 [14], RFC 1212 [15] and RFC 1215 [16]. The second version, called SMIv2, is described in RFC 1902 [3], RFC 1903 [4] and RFC 1904 [5]. o Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in RFC 1157 [1]. A second version of the SNMP message protocol, which is not an Internet standards track protocol, is called SNMPv2c and described in RFC 1901 [17] and RFC 1906 [18]. The third version of the message protocol is called SNMPv3 and described in RFC 1906 [18], RFC 2272 [8] and RFC 2274 [10]. o Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described in RFC 1157 [1]. A second set of protocol operations and associated PDU formats is described in RFC 1905 [6]. o A set of fundamental applications described in RFC 2273 [9] and the view-based access control mechanism described in RFC 2275 [11]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined ore, using the mechanisms defined in the SMI. This memo specifies a MIB module that is compliant to the SMIv2. A MIB conforming to the SMIv1 can be produced through the appropriate translations. The resulting translated MIB must be semantically equivalent, except where objects or events are omitted because no translation is possible (use of Counter64). Some machine readable information in SMIv2 will be converted into textual descriptions in SMIv1 during the translation process. However, this loss of machine readable information is not considered to change the semantics of the MIB. 3.0 Structure of the MIBs This document defines three MIB modules: o DISMAN-PING-MIB Enables the ping function at a remote host. o DISMAN-TRACEROUTE-MIB Enables the traceroute function at a remote host. o DISMAN-LOOKUP-MIB Provides access to the resolver gethostbyname() and gethostbyaddr() functions at a remote host. DISMAN Working Group Expires March 1999 [Page 4] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 3.1 Ping MIB The DISMAN-PING-MIB consists of the following components: o pingSpinLock, pingPingMaxConcurrentRequests, and pingPurgeTime o pingTable o pingResultsTable An agent MUST implement the pingSpinLock object to enable management applications to coordinate their use of the DISMAN-PING-MIB. Management application use of pingSpinLock is OPTIONAL. The object pingMaxConcurrentRequests enable control of the maximum number of concurrent requests that an agent implementation is structured to support. It is permissible for an agent to either limit the maximum upper range allowed for this object or to implement this object as read-only with an implementation limit expressed as its value. The object pingPurgeTime provides a method for entries in pingTable and pingResultsTable to be automatically deleted after the associating operation completes. A remote ping operation is initiated by performing an SNMP SET request on pingRowStatus. The first index element, pingOwnerIndex, is of the SnmpAdminString textual convention that allows for use of the SNMPv3 VACM security model and also allows for a management application to identify its entries. The 2nd index, pingHostAddress, specifies the target address (ipv4 or ipv6) for the operation. Using the maximum value for the parameters defined within an pingEntry can result in a remote ping operation taking at most 15 minutes (pingTimeOut times pingProbeCount) plus whatever time it takes to send the ping request and receive its response over the network. Use of the defaults for pingTimeOut and pingProbeCount yields a maximum of 3 seconds to perform the actual ping operation. The object pingOperStatus can be polled to determine when a ping operation completes prior to retrieve the results of the operation from the pingResultsTable. A management application can delete an active remote ping request by setting the corresponding pingRowStatus object to destroy(6). An implementation SHOULD NOT retain SNMP-created entries in the pingTable and the pingResultsTable across reIPLs (Initial Program Loads) of its agent, since management applications need to see consistent behavior with respect to the persistence of the table entries that they create. DISMAN Working Group Expires March 1999 [Page 5] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 3.2 Traceroute MIB The DISMAN-TRACEROUTE-MIB consists of the following components: o traceRouteSpinLock, traceRouteMaxConcurrentRequests, and traceRoutePurgeTime o traceRouteTable o traceRouteResultsTable An agent MUST implement the traceRouteSpinLock object to enable management applications to coordinate their use of the DISMAN-TRACEROUTE-MIB. Management application use of traceRouteSpinLock is OPTIONAL. The object traceRouteMaxConcurrentRequests enable control of the maximum number of concurrent requests that an agent implementation is structured to support. It is permissible for an agent to either limit the maximum upper range allowed for this object or to implement this object as read-only with an implementation limit expressed as its value. The object traceRoutePurgeTime provides a method for entries in traceRouteTable and traceRouteResultsTable to be automatically deleted after the associating operation completes. A remote traceroute operation is initiated by performing an SNMP SET request on traceRouteRowStatus. The first index element, traceRouteOwnerIndex, is of the SnmpAdminString textual convention that allows for use of the SNMPv3 VACM security model and also allows for a management application to identify its entries. The 2nd index, traceRouteHostAddress, specifies the target address (ipv4 or ipv6) for the operation. Traceroute has a much longer theoretical maximum time for completion than ping. Basically 42 hours and 30 minutes (the product of traceRouteTimeOut, traceRouteProbesPerHop, and traceRouteMaxTtl) plus some network transit time! Use of the defaults defined within an traceRouteEntry yields a maximum of 4 minutes and 30 seconds for a default traceroute operation. Clearly 42 plus hours is too long to wait for a traceroute operation to complete. The maximum TTL value in effect for traceroute route determines how long the traceroute function will keep increasing the TTL value in the probe it transmits hoping to reach the target host. The function ends whenever the maximum TTL is exceeded or the target host is reached. The object traceRouteSetupMaxFailures was created in order to impose a throttle for how long traceroute continues to increase the TTL field in a probe without receiving any kind of response (timeouts). It is RECOMMENDED that agent implementations impose a time limit for how long it allows a traceroute operation to take relative to how the function is implemented. For example, an implemented that can't process multiple DISMAN Working Group Expires March 1999 [Page 6] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 traceroute operations at the same time SHOULD impose a shorter maximum allowed time period. The object traceRouteOperStatus can be examined to determine the state of an traceroute operation. The objects traceRouteCurHopCount and traceRouteCurProbeCount can be exaimed to determine how far the remote traceroute operation has reached. A management application can delete an active remote traceroute request by setting the corresponding traceRouteRowStatus object to destroy(6). An implementation SHOULD NOT retain SNMP-created entries in the traceRouteTable and the traceRouteResultsTable across reIPLs (Initial Program Loads) of its agent, since management applications need to see consistent behavior with respect to the persistence of the table entries that they create. 3.3 Lookup MIB The DISMAN-LOOKUP-MIB consists of the following components: o lookupSpinLock, lookupMaxConcurrentRequests, and lookupPurgeTime o lookupTable An agent MUST implement the lookupSpinLock object to enable management applications to coordinate their use of the DISMAN-LOOKUP-MIB. Management application use of lookupSpinLock is OPTIONAL. The object lookupMaxConcurrentRequests enable control of the maximum number of concurrent requests that an agent implementation is structured to support. It is permissible for an agent to either limit the maximum upper range allowed for this object or to implement this object as read-only with an implementation limit expressed as its value. The object lookupPurgeTime provides a method for entries in the lookupTable to be automatically deleted after the associating operation completes. A remote lookup operation is initiated by performing an SNMP SET request on lookupRowStatus. An lookupEntry is indexed by lookupOwnerIndex, which is of the SnmpAdminString textual convention that allows for use of the SNMPv3 VACM security model and also allows for a management application to identify its entries. A remote lookup operation is started by transitioning its lookupRowStatus object to active(1). The object lookupCtl MUST be assigned a value in order for a lookupRowStatus transition to active(1) to succeed. A value of getHostByName(1) for lookupCtl requires that lookupDnsName contain the name to be used prior to activation of the function. The object lookupAddress will contain the result of a successful gethostbyname lookup operation. A value of getHostByAddr(2) for lookupCtl requires that lookupAddress contain the address to be used prior to activation of the function. The object lookupDnsName will contain the result of a successful gethostbyaddr lookup operation. DISMAN Working Group Expires March 1999 [Page 7] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 The object lookupOperStatus can be examined to determine the state of an lookup operation. A management application can delete an active remote lookup request by setting the corresponding lookupRowStatus object to destroy(6). An implementation SHOULD NOT retain SNMP-created entries in the lookupTable across reIPLs (Initial Program Loads) of its agent, since management applications need to see consistent behavior with respect to the persistence of the table entries that they create. 4.0 Definitions DISMAN-PING-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, experimental FROM SNMPv2-SMI -- RFC1902 TEXTUAL-CONVENTION, RowStatus, TestAndIncr FROM SNMPv2-TC -- RFC1903 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF -- RFC1904 SnmpAdminString FROM SNMP-FRAMEWORK-MIB; -- RFC2271 pingMIB MODULE-IDENTITY LAST-UPDATED "9812200000Z" ORGANIZATION "IETF Distributed Management Working Group" CONTACT-INFO "Kenneth White International Business Machines Corporation Network Computing Software Division Research Triangle Park, NC, USA E-mail: wkenneth@us.ibm.com" DESCRIPTION "The Ping MIB (DISMAN-PING-MIB) enables use of the ping function via use of the SNMP protocol." ::= { experimental 84 1 } -- Textual Conventions HostAddress ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The textual convention for specifying a host address. The type of address can be determined by the octet string length: OCTETs ADDRESS TYPE DISMAN Working Group Expires March 1999 [Page 8] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 0 not specified 4 ipv4 16 ipv6" SYNTAX OCTET STRING (SIZE (0..16)) OperationStatus ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The textual convention for specifying the states that an operation can be in." SYNTAX INTEGER { notStarted(1), active(2), completed(3) } -- Top-level structure of the MIB pingNotifications OBJECT IDENTIFIER ::= { pingMIB 0 } pingObjects OBJECT IDENTIFIER ::= { pingMIB 1 } pingConformance OBJECT IDENTIFIER ::= { pingMIB 2 } -- Simple Object Definitions pingSpinLock OBJECT-TYPE SYNTAX TestAndIncr MAX-ACCESS read-write STATUS current DESCRIPTION "An advisory lock used to allow cooperating ping applications to coordinate their use of the pingPingTable. This object should be used when an application seeks to create an new entry or alter an existing entry in the pingTable. A management implementation MAY utilize the pingSpinLock to serialize its changes or additions. Its usage is NOT REQUIRED." ::= { pingObjects 1 } pingMaxConcurrentRequests OBJECT-TYPE SYNTAX Integer32 (1..100) MAX-ACCESS read-write STATUS current DESCRIPTION "The maximum number of concurrent active ping requests that are allowed within an agent implementation." DEFVAL { 10 } ::= { pingObjects 2 } pingPurgeTime OBJECT-TYPE SYNTAX Integer32 (0..86400) DISMAN Working Group Expires March 1999 [Page 9] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The amount of time to wait before automatically deleting an entry in the pingTable and all dependent pingResultsTable entries after the ping operation represented by an entry in the pingTable has completed." DEFVAL { 900 } -- 15 minutes as default ::= { pingObjects 3 } -- Ping Table pingTable OBJECT-TYPE SYNTAX SEQUENCE OF PingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the Ping Table for provide via SNMP the capability of invoking ping from a remote host." ::= { pingObjects 4 } pingEntry OBJECT-TYPE SYNTAX PingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the pingTable." INDEX { pingOwnerIndex, pingHostAddress } ::= { pingTable 1 } PingEntry ::= SEQUENCE { pingOwnerIndex SnmpAdminString, pingHostAddress HostAddress, pingPacketSize Integer32, pingTimeOut Integer32, pingProbeCount Integer32, pingOperStatus OperationStatus, pingRowStatus RowStatus } pingOwnerIndex OBJECT-TYPE SYNTAX SnmpAdminString (SIZE(0..32)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "To facilitate the provisioning of access control by a security DISMAN Working Group Expires March 1999 [Page 10] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 administrator using the View-Based Access Control Model (RFC 2275, VACM) for tables in which multiple users may need to independently create or modify entries, the initial index is used as an 'owner index'. Such an initial index has a syntax of SnmpAdminString, and can thus be trivially mapped to a securityName or groupName as defined in VACM, in accordance with a security policy. All entries in that table belonging to a particular user will have the same value for this initial index. For a given user's entries in a particular table, the object identifiers for the information in these entries will have the same subidentifiers (except for the 'column' subidentifier) up to the end of the encoded owner index. To configure VACM to permit access to this portion of the table, one would create vacmViewTreeFamilyTable entries with the value of vacmViewTreeFamilySubtree including the owner index portion, and vacmViewTreeFamilyMask 'wildcarding' the column subidentifier. More elaborate configurations are possible." ::= { pingEntry 1 } pingHostAddress OBJECT-TYPE SYNTAX HostAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "Specifies the host address used on by ping request by the remote host. The host address type can be determined by its octet string length." ::= { pingEntry 2 } pingPacketSize OBJECT-TYPE SYNTAX Integer32 (0..65507) UNITS "octets" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the size of the data portion to be transmitted in a ping request in octets. A ping request is usually an ICMP message encoded into an IP packet. An IP packet has a maximum size of 65535 octets. Subtracting the size of the ICMP header (8 octets) and the size of the IP header (20 octets) yields a maximum size of 65507 octets." DEFVAL { 0 } ::= { pingEntry 3 } pingTimeOut OBJECT-TYPE SYNTAX Integer32 (1..60) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the time-out value, in seconds, for the actual PING request made by the remote host. Valid values for DISMAN Working Group Expires March 1999 [Page 11] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 time out are from 1 to 60 seconds." DEFVAL { 3 } ::= { pingEntry 4 } pingProbeCount OBJECT-TYPE SYNTAX Integer32 (1..15) MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the number of times to issue a ping request at a remote host." DEFVAL { 1 } ::= { pingEntry 5 } pingOperStatus OBJECT-TYPE SYNTAX OperationStatus MAX-ACCESS read-only STATUS current DESCRIPTION "Reflects the operational state of a remote ping operation." ::= { pingEntry 6 } pingRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object allows entries to be created and deleted in the pingTable. Deletion of an entry in this table results in all dependent pingResultsTable entries being deleted. A remote ping operation is started when an entry in this table is created via an SNMP SET request and the entry is activated. This can occur by setting the value of this object to CreateAndGo(4) during row creation or by setting this object to active(1) after the row is created. A ping request starts when its entry first becomes active(1). Transitions in and out of active(1) state have no effect on the operational behavior of a remote ping operation, with the exception that deletion of an entry in this table by setting its RowStatus object to destroy(6) will stop an active ping operation. The operational state of an ping operation can be determined by examination of it's pingOperStatus object." DISMAN Working Group Expires March 1999 [Page 12] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 REFERENCE "RFC 1903, 'Textual Conventions for version 2 of the Simple Network Management Protocol (SNMPv2).'" ::= { pingEntry 7 } -- Ping Results Table pingResultsTable OBJECT-TYPE SYNTAX SEQUENCE OF PingResultsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the Ping Results Table for storing the results of a ping operation." ::= { pingObjects 5 } pingResultsEntry OBJECT-TYPE SYNTAX PingResultsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the pingResultsTable." INDEX { pingOwnerIndex, pingHostAddress, pingResultsProbeIndex } ::= { pingResultsTable 1 } PingResultsEntry ::= SEQUENCE { pingResultsProbeIndex Integer32, pingResultsResponse Integer32 } pingResultsProbeIndex OBJECT-TYPE SYNTAX Integer32 (1..15) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table is created when the results of a ping probe is determined. The initial instance identifier value identifies the pingEntry that a probe result (pingResultsEntry) belongs to." ::= { pingResultsEntry 1 } pingResultsResponse OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The result of the ping operation made by a remote host DISMAN Working Group Expires March 1999 [Page 13] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 for a particular probe. The results of the probe is indicated as the value of this object as follows: >=0 Round-trip response time in milliseconds. -1 Internal error. -2 ICMP echo request timed out. -3 Unknown destination address. -4 No route to host. -5 Interface inactive to host. -6 Failed to resolve host name. -7 pingMaxConcurrentRequests limit reached." ::= { pingResultsEntry 2 } --------------------------------------------------------------------- -- Conformance information -- Compliance statements --------------------------------------------------------------------- pingCompliances OBJECT IDENTIFIER ::= { pingConformance 1 } pingGroups OBJECT IDENTIFIER ::= { pingConformance 2 } --------------------------------------------------------------------- -- Compliance statements --------------------------------------------------------------------- pingCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for the DISMAN-PING-MIB." MODULE -- this module MANDATORY-GROUPS { pingGroup } OBJECT pingMaxConcurrentRequests MIN-ACCESS read-only DESCRIPTION "The agent is not required to support a SET operation to this object." OBJECT pingPurgeTime MIN-ACCESS read-only DESCRIPTION "The agent is not required to support a SET operation to this object." ::= { pingCompliances 1 } --------------------------------------------------------------------- -- MIB groupings --------------------------------------------------------------------- pingGroup OBJECT-GROUP OBJECTS { DISMAN Working Group Expires March 1999 [Page 14] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 pingSpinLock, pingMaxConcurrentRequests, pingPurgeTime, pingPacketSize, pingTimeOut, pingProbeCount, pingOperStatus, pingRowStatus, pingResultsResponse } STATUS current DESCRIPTION "The group of objects that comprise the ping operation." ::= { pingGroups 1 } END DISMAN-TRACEROUTE-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, experimental FROM SNMPv2-SMI -- RFC1902 RowStatus, TestAndIncr, TruthValue FROM SNMPv2-TC -- RFC1903 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF -- RFC1904 Utf8String FROM SYSAPPL-MIB -- RFC2287 SnmpAdminString FROM SNMP-FRAMEWORK-MIB -- RFC2271 HostAddress, OperationStatus FROM DISMAN-PING-MIB; traceRouteMIB MODULE-IDENTITY LAST-UPDATED "9812200000Z" ORGANIZATION "IETF Distributed Management Working Group" CONTACT-INFO "Kenneth White International Business Machines Corporation Network Computing Software Division Research Triangle Park, NC, USA E-mail: wkenneth@us.ibm.com" DESCRIPTION "The Traceroute MIB (DISMAN-TRACEROUTE-MIB) enables use of the tracerroute via use of the SNMP protocol." ::= { experimental 84 2 } -- Top-level structure of the MIB DISMAN Working Group Expires March 1999 [Page 15] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 traceRouteNotifications OBJECT IDENTIFIER ::= { traceRouteMIB 0 } traceRouteObjects OBJECT IDENTIFIER ::= { traceRouteMIB 1 } traceRouteConformance OBJECT IDENTIFIER ::= { traceRouteMIB 2 } -- Simple Object Definitions traceRouteSpinLock OBJECT-TYPE SYNTAX TestAndIncr MAX-ACCESS read-write STATUS current DESCRIPTION "An advisory lock used to allow cooperating traceroute applications to coordinate their use of the traceRouteTable. This object should be used when an application seeks to create an new entry or alter an existing entry in the traceRouteTable. A management implementation MAY utilize the traceRouteSpinLock to serialize its changes or additions. Its usage is NOT REQUIRED." ::= { traceRouteObjects 1 } traceRouteMaxConcurrentRequests OBJECT-TYPE SYNTAX Integer32 (1..100) MAX-ACCESS read-write STATUS current DESCRIPTION "The maximum number of concurrent active traceroute requests that are allowed within an agent implementation." DEFVAL { 10 } ::= { traceRouteObjects 2 } traceRoutePurgeTime OBJECT-TYPE SYNTAX Integer32 (0..86400) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The amount of time to wait before automatically deleting an entry in traceRouteTable and all dependent traceRouteResultsTable entries after the traceroute operation represented by an traceRouteEntry has completed." DEFVAL { 900 } -- 15 minutes as default ::= { traceRouteObjects 3 } -- Traceroute Table traceRouteTable OBJECT-TYPE SYNTAX SEQUENCE OF TraceRouteEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION DISMAN Working Group Expires March 1999 [Page 16] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 "Defines the Remote Operations Traceroute Table for provide via SNMP the capability of invoking traceroute from a remote host." ::= { traceRouteObjects 4 } traceRouteEntry OBJECT-TYPE SYNTAX TraceRouteEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the traceRouteTable." INDEX { traceRouteOwnerIndex, traceRouteHostAddress } ::= { traceRouteTable 1 } TraceRouteEntry ::= SEQUENCE { traceRouteOwnerIndex SnmpAdminString, traceRouteHostAddress HostAddress, traceRouteByPassRouteTable TruthValue, traceRoutePacketSize Integer32, traceRouteTimeOut Integer32, traceRouteProbesPerHop Integer32, traceRoutePort Integer32, traceRouteMaxTtl Integer32, traceRouteTos Integer32, traceRouteSourceAddress HostAddress, traceRouteInterfaceName OCTET STRING, traceRouteMiscOptions Utf8String, traceRouteMaxFailures Integer32, traceRouteOperStatus OperationStatus, traceRouteCurHopCount Integer32, traceRouteCurProbeCount Integer32, traceRouteRowStatus RowStatus } traceRouteOwnerIndex OBJECT-TYPE SYNTAX SnmpAdminString (SIZE(0..32)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "To facilitate the provisioning of access control by a security administrator using the View-Based Access Control Model (RFC 2275, VACM) for tables in which multiple users may need to independently create or modify entries, the initial index is used as an 'owner index'. Such an initial index has a syntax of SnmpAdminString, and can thus be trivially mapped to a securityName or groupName as defined in VACM, in accordance with a security policy. All entries in this table belonging to a particular user will have the same value for this initial index. For a given user's DISMAN Working Group Expires March 1999 [Page 17] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 entries in a particular table, the object identifiers for the information in these entries will have the same subidentifiers (except for the 'column' subidentifier) up to the end of the encoded owner index. To configure VACM to permit access to this portion of the table, one would create vacmViewTreeFamilyTable entries with the value of vacmViewTreeFamilySubtree including the owner index portion, and vacmViewTreeFamilyMask 'wildcarding' the column subidentifier. More elaborate configurations are possible." ::= { traceRouteEntry 1 } traceRouteHostAddress OBJECT-TYPE SYNTAX HostAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "Specifies the host address used on the traceroute request at the remote host. The host address type can be determined by the length of the corresponding octet string." ::= { traceRouteEntry 2 } traceRouteByPassRouteTable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The purpose of this object is optionally enable bypassing the route table. If enabled bypass the normal routing tables and send directly to a host on an attached network. If the host is not on a directly-attached network, an error is returned. This option can be used to ping a local host through an interface that has no route through it (e.g., after the interface was dropped by routed)." DEFVAL { false } ::= { traceRouteEntry 3 } traceRoutePacketSize OBJECT-TYPE SYNTAX Integer32 (0..65507) UNITS "octets" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the size of the data portion of a traceroute request in octets. A traceroute request is essentially transmitted by encoding a UDP datagram into a IP packet. So subtracting the size of a UDP header (8 octets) and the size of a IP header (20 octets) yields a maximum of 65507 octets." DEFVAL { 0 } ::= { traceRouteEntry 4 } DISMAN Working Group Expires March 1999 [Page 18] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 traceRouteTimeOut OBJECT-TYPE SYNTAX Integer32 (1..60) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the time-out value, in seconds, for a traceroute request." DEFVAL { 3 } ::= { traceRouteEntry 5 } traceRouteProbesPerHop OBJECT-TYPE SYNTAX Integer32 (1..10) UNITS "count" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the number of times to reissue a traceroute request with the same time-to-live (TTL) value." DEFVAL { 3 } ::= { traceRouteEntry 6 } traceRoutePort OBJECT-TYPE SYNTAX Integer32 (1..65535) UNITS "UDP Port" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the UDP port to sent the traceroute request to. Need to specify a port that is not in use at the destination host." DEFVAL { 4096 } ::= { traceRouteEntry 7 } traceRouteMaxTtl OBJECT-TYPE SYNTAX Integer32 (1..255) UNITS "time-to-live maximum" MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the maximum time-to-live value." DEFVAL { 30 } ::= { traceRouteEntry 8 } traceRouteTos OBJECT-TYPE SYNTAX Integer32 (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the value to store in the TOS OCTET in the IP probe packet that is transmitted as the traceroute request. The value must be a decimal DISMAN Working Group Expires March 1999 [Page 19] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 integer in the range 0 to 255. This option can be used to see if different types-of-service result in different paths. Not all values of TOS are legal or meaningful. TOS is often not supported by IP implementations. Useful values are probably '16' (low delay) and '8' (high throughput)." DEFVAL { 0 } ::= { traceRouteEntry 9 } traceRouteSourceAddress OBJECT-TYPE SYNTAX HostAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Use the specified IP address (which must be given as an IP number, not a hostname) as the source address in outgoing probe packets. On hosts with more than one IP address, this option can be used to force the source address to be something other than the IP address of the interface the probe packet is sent on. If the IP address is not one of this machine's interface addresses, an error is returned and nothing is sent." DEFVAL { ''H } ::= { traceRouteEntry 10 } traceRouteInterfaceName OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "Setting this object to an interface's name prior to starting a remote traceroute operation directs the traceroute probes to be transmitted over the specified interface." DEFVAL { ''H } ::= { traceRouteEntry 11 } traceRouteMiscOptions OBJECT-TYPE SYNTAX Utf8String (SIZE(0..64)) MAX-ACCESS read-create STATUS current DESCRIPTION "Enables an application to specify implementation dependent options." DEFVAL { ''H } ::= { traceRouteEntry 12 } traceRouteMaxFailures OBJECT-TYPE SYNTAX Integer32 (1..255) MAX-ACCESS read-create STATUS current DESCRIPTION DISMAN Working Group Expires March 1999 [Page 20] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 "The value of this object indicates the maximum number of consecutive timeouts allowed before terminating a remote traceroute request. A value of 255 (maximum hop count) indicate that the function of terminating a remote traceroute request when a number of successive timeouts are detected is disabled." DEFVAL { 5 } ::= { traceRouteEntry 13 } traceRouteOperStatus OBJECT-TYPE SYNTAX OperationStatus MAX-ACCESS read-only STATUS current DESCRIPTION "Reflects the operational state of a remote traceroute operation." ::= { traceRouteEntry 14 } traceRouteCurHopCount OBJECT-TYPE SYNTAX Integer32 (1..255) MAX-ACCESS read-only STATUS current DESCRIPTION "Reflects the current TTL value for an remote traceroute operation. Maximum TTL value is determined by traceRouteMaxTtl." ::= { traceRouteEntry 15 } traceRouteCurProbeCount OBJECT-TYPE SYNTAX Integer32 (1..10) MAX-ACCESS read-only STATUS current DESCRIPTION "Reflects the current probe count for an remote traceroute operation. The maximum probe count is determined by traceRouteProbesPerHop." ::= { traceRouteEntry 16 } traceRouteRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object allows entries to be created and deleted in the traceRouteTable. A remote traceroute operation is started when an entry in this table is created via an SNMP SET request and the entry is activated. This can occur by setting the value of this object to CreateAndGo(4) during row creation or by setting this object to active(1) after the row is created. DISMAN Working Group Expires March 1999 [Page 21] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 A remote traceroute request starts when its entry first becomes active(1). Transitions in and out of active(1) state have no effect on the operational behavior of a remote traceroute operation, with the exception that deletion of an entry in this table by setting its RowStatus object to destroy(6) will stop an active remote traceroute operation." REFERENCE "RFC 1903, 'Textual Conventions for version 2 of the Simple Network Management Protocol (SNMPv2).'" ::= { traceRouteEntry 17 } -- Remote Operations Traceroute Results Table traceRouteResultsTable OBJECT-TYPE SYNTAX SEQUENCE OF TraceRouteResultsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the Remote Operations Traceroute Results Table for storing the results of a traceroute operation." ::= { traceRouteObjects 5 } traceRouteResultsEntry OBJECT-TYPE SYNTAX TraceRouteResultsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the traceRouteResultsTable." INDEX { traceRouteOwnerIndex, traceRouteHostAddress, traceRouteResultsHopIndex, traceRouteResultsProbeIndex } ::= { traceRouteResultsTable 1 } TraceRouteResultsEntry ::= SEQUENCE { traceRouteResultsHopIndex Integer32, traceRouteResultsProbeIndex Integer32, traceRouteResultsHopAddress HostAddress, traceRouteResultsResponse Integer32 } traceRouteResultsHopIndex OBJECT-TYPE SYNTAX Integer32 (1..255) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in this table has as its initial instance identifier DISMAN Working Group Expires March 1999 [Page 22] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 the value of its corresponding traceRouteEntry's instance identifier." ::= { traceRouteResultsEntry 1 } traceRouteResultsProbeIndex OBJECT-TYPE SYNTAX Integer32 (1..10) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Indicates the index of a probe for determining a hop in a traceroute path." ::= { traceRouteResultsEntry 2 } traceRouteResultsHopAddress OBJECT-TYPE SYNTAX HostAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The address of a hop in a traceroute path. This object is not allowed to be a DNS name. The length of the octet string returned determines the address type." ::= { traceRouteResultsEntry 3 } traceRouteResultsResponse OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of this object indicated the result of a traceroute probe: >=0 Round-trip response time in milliseconds. -1 Internal error. -2 probe timed out. -3 Unknown destination address. -4 No route to host. -5 Interface inactive to host. -6 Failed to resolve host name. -7 traceRouteMaxConcurrentRequests limit reached." ::= { traceRouteResultsEntry 4 } --------------------------------------------------------------------- -- Conformance information -- Compliance statements --------------------------------------------------------------------- traceRouteCompliances OBJECT IDENTIFIER ::= { traceRouteConformance 1 } traceRouteGroups OBJECT IDENTIFIER ::= { traceRouteConformance 2 } --------------------------------------------------------------------- -- Compliance statements --------------------------------------------------------------------- DISMAN Working Group Expires March 1999 [Page 23] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 traceRouteCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for the DISMAN-TRACEROUTE-MIB." MODULE -- this module MANDATORY-GROUPS { traceRouteGroup } OBJECT traceRouteMaxConcurrentRequests MIN-ACCESS read-only DESCRIPTION "The agent is not required to support a SET operation to this object." OBJECT traceRoutePurgeTime MIN-ACCESS read-only DESCRIPTION "The agent is not required to support a SET operation to this object." ::= { traceRouteCompliances 1 } --------------------------------------------------------------------- -- MIB groupings --------------------------------------------------------------------- traceRouteGroup OBJECT-GROUP OBJECTS { traceRouteSpinLock, traceRouteMaxConcurrentRequests, traceRoutePurgeTime, traceRouteByPassRouteTable, traceRoutePacketSize, traceRouteTimeOut, traceRouteProbesPerHop, traceRoutePort, traceRouteMaxTtl, traceRouteTos, traceRouteSourceAddress, traceRouteInterfaceName, traceRouteMiscOptions, traceRouteMaxFailures, traceRouteOperStatus, traceRouteCurHopCount, traceRouteCurProbeCount, traceRouteRowStatus, traceRouteResultsHopAddress, traceRouteResultsResponse } STATUS current DESCRIPTION "The group of objects that comprise the remote traceroute operation." DISMAN Working Group Expires March 1999 [Page 24] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 ::= { traceRouteGroups 1 } END DISMAN-LOOKUP-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, experimental FROM SNMPv2-SMI -- RFC1902 RowStatus, TestAndIncr FROM SNMPv2-TC -- RFC1903 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF -- RFC1904 SnmpAdminString FROM SNMP-FRAMEWORK-MIB -- RFC2271 DnsName FROM DNS-SERVER-MIB -- RFC1611 HostAddress, OperationStatus FROM DISMAN-PING-MIB; lookupMIB MODULE-IDENTITY LAST-UPDATED "9812200000Z" ORGANIZATION "IETF Distributed Management Working Group" CONTACT-INFO "Kenneth White International Business Machines Corporation Network Computing Software Division Research Triangle Park, NC, USA E-mail: wkenneth@us.ibm.com" DESCRIPTION "The Lookup MIB (DISMAN-LOOKUP-MIB) enables determination of either the name corresponding to a host address or of the address associated with a host name at a remote host via use of the SNMP protocol," ::= { experimental 84 3 } -- Top-level structure of the MIB lookupNotifications OBJECT IDENTIFIER ::= { lookupMIB 0 } lookupObjects OBJECT IDENTIFIER ::= { lookupMIB 1 } lookupConformance OBJECT IDENTIFIER ::= { lookupMIB 2 } -- Simple Object Definitions lookupSpinLock OBJECT-TYPE SYNTAX TestAndIncr MAX-ACCESS read-write STATUS current DESCRIPTION "An advisory lock used to allow cooperating applications to coordinate their use of the lookupTable. DISMAN Working Group Expires March 1999 [Page 25] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 This object should be used when an application seeks to create an new entry or alter an existing entry in the lookupTable. A management implementation MAY utilize the lookupSpinLock to serialize its changes or additions. Its usage is NOT REQUIRED." ::= { lookupObjects 1 } lookupMaxConcurrentRequests OBJECT-TYPE SYNTAX Integer32 (1..100) MAX-ACCESS read-write STATUS current DESCRIPTION "The maximum number of concurrent active Lookup requests that are allowed within an agent implementation." DEFVAL { 10 } ::= { lookupObjects 2 } lookupPurgeTime OBJECT-TYPE SYNTAX Integer32 (0..86400) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "The amount of time to wait before automatically deleting an entry in the lookupTable after the Lookup operation represented by an lookupEntry has completed." DEFVAL { 900 } -- 15 minutes as default ::= { lookupObjects 3 } -- Lookup Table lookupTable OBJECT-TYPE SYNTAX SEQUENCE OF LookupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines the Lookup Table for provide via SNMP the capability of performing a lookup operation, gethostbyname or gethostbyaddr, from a remote host." ::= { lookupObjects 4 } lookupEntry OBJECT-TYPE SYNTAX LookupEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Defines an entry in the lookupTable." INDEX { lookupOwnerIndex } ::= { lookupTable 1 } DISMAN Working Group Expires March 1999 [Page 26] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 LookupEntry ::= SEQUENCE { lookupOwnerIndex SnmpAdminString, lookupCtl INTEGER, lookupTimeOut Integer32, lookupOperStatus OperationStatus, lookupAddress HostAddress, lookupDnsName DnsName, lookupRowStatus RowStatus } lookupOwnerIndex OBJECT-TYPE SYNTAX SnmpAdminString (SIZE(0..32)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "To facilitate the provisioning of access control by a security administrator using the View-Based Access Control Model (RFC 2275, VACM) for tables in which multiple users may need to independently create or modify entries, the initial index is used as an 'owner index'. Such an initial index has a syntax of SnmpAdminString, and can thus be trivially mapped to a securityName or groupName as defined in VACM, in accordance with a security policy. All entries in that table belonging to a particular user will have the same value for this initial index. For a given user's entries in a particular table, the object identifiers for the information in these entries will have the same subidentifiers (except for the 'column' subidentifier) up to the end of the encoded owner index. To configure VACM to permit access to this portion of the table, one would create vacmViewTreeFamilyTable entries with the value of vacmViewTreeFamilySubtree including the owner index portion, and vacmViewTreeFamilyMask 'wildcarding' the column subidentifier. More elaborate configurations are possible." ::= { lookupEntry 1 } lookupCtl OBJECT-TYPE SYNTAX INTEGER { getHostByName(1), getHostByAddr(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object determines whether the getHostByName or the getHostByAddr resolver function will be invoked at a remote host." ::= { lookupEntry 2 } lookupTimeOut OBJECT-TYPE SYNTAX Integer32 (1..600) UNITS "seconds" DISMAN Working Group Expires March 1999 [Page 27] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the time-out value, in seconds, for the Lookup operation made at a remote host. Valid values for timeout are from 1 to 600 seconds." DEFVAL { 3 } ::= { lookupEntry 3 } lookupOperStatus OBJECT-TYPE SYNTAX OperationStatus MAX-ACCESS read-only STATUS current DESCRIPTION "Reflects the operational state of a Lookup operation." ::= { lookupEntry 4 } lookupAddress OBJECT-TYPE SYNTAX HostAddress MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the address used for a getHostByAddr Lookup operation at a remote host." ::= { lookupEntry 5 } lookupDnsName OBJECT-TYPE SYNTAX DnsName MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the address used for a getHostByName Lookup operation at a remote host." ::= { lookupEntry 6 } lookupRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This object allows entries to be created and deleted in the lookupTable. A remote DNS Lookup operation is started when an entry in this table is created via an SNMP SET request and the entry is activated. This can occur by setting the value of this object to CreateAndGo(4) during row creation or by setting this object to active(1) after the row is created. A remote DNS Lookup operation starts when its entry DISMAN Working Group Expires March 1999 [Page 28] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 first becomes active(1). Transitions in and out of active(1) state have no effect on the operational behavior of a remote DNS Lookup operation, with the exception that deletion of an entry in this table by setting its RowStatus object to destroy(6) will stop an active remote DNS Lookup operation. The operational state of a remote DNS Lookup operation can be determined by examination of it's lookupOperStatus object." REFERENCE "RFC 1903, 'Textual Conventions for version 2 of the Simple Network Management Protocol (SNMPv2).'" ::= { lookupEntry 7 } --------------------------------------------------------------------- -- Conformance information -- Compliance statements --------------------------------------------------------------------- lookupCompliances OBJECT IDENTIFIER ::= { lookupConformance 1 } lookupGroups OBJECT IDENTIFIER ::= { lookupConformance 2 } --------------------------------------------------------------------- -- Compliance statements --------------------------------------------------------------------- lookupCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for the DISMAN-LOOKUP-MIB." MODULE -- this module MANDATORY-GROUPS { lookupGroup } OBJECT lookupMaxConcurrentRequests MIN-ACCESS read-only DESCRIPTION "The agent is not required to support a SET operation to this object." OBJECT lookupPurgeTime MIN-ACCESS read-only DESCRIPTION "The agent is not required to support a SET operation to this object." ::= { lookupCompliances 1 } --------------------------------------------------------------------- -- MIB groupings --------------------------------------------------------------------- DISMAN Working Group Expires March 1999 [Page 29] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 lookupGroup OBJECT-GROUP OBJECTS { lookupSpinLock, lookupMaxConcurrentRequests, lookupPurgeTime, lookupCtl, lookupTimeOut, lookupOperStatus, lookupAddress, lookupDnsName, lookupRowStatus } STATUS current DESCRIPTION "The group of objects that comprise the remote Lookup operation." ::= { lookupGroups 1 } END 5.0 Security Considerations Certain management information in the MIBs defined by this document may be considered sensitive in some network environments. Therefore, authentication of received SNMP requests and controlled access to management information SHOULD be employed in such environments. The method for this authentication is a function of the SNMP Administrative Framework, and has not been expanded by this MIB. It is RECOMMENDED that this MIB not be supported in insecure environments. 6.0 Intellectual Property The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards-related documentation can be found in BCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF Secretariat. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights DISMAN Working Group Expires March 1999 [Page 30] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director. 7.0 Acknowledgments This document is a product of the DISMAN Working Group. 8.0 References [1] Case, J., M. Fedor, M. Schoffstall, J. Davin, "Simple Network Management Protocol", RFC 1157, SNMP Research, Performance Systems International, MIT Laboratory for Computer Science, May 1990. [2] McCloghrie, K., and M. Rose, Editors, "Management Information Base for Network Management of TCP/IP-based internets: MIB-II", STD 17, RFC 1213, Hughes LAN Systems, Performance Systems International, March 1991. [3] Case, J., McCloghrie, K., Rose, M., and Waldbusser S., "Structure of Management Information for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1902, January 1996. [4] Case, J., McCloghrie, K., Rose, M., and Waldbusser, S., "Textual Conventions for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1903, January 1996. [5] Case, J., McCloghrie, K., Rose, M., and Waldbusser, S., "Conformance Statements for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1904, January 1996. [6] Case, J., McCloghrie, K., Rose, M., and Waldbusser, S., "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, January 1996. [7] Harrington D., Presuhn, R., Wijnen, B., "An Architecture for Describing SNMP Management Frameworks", RFC 2271, Cabletron Systems, BMC Software, Inc., IBM T.J. Watson Research, January 1998. [8] Harrington D., Presuhn, R., Wijnen, B., "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2272, Cabletron Systems, BMC Software, Inc., IBM T.J. Watson Research, January 1998. [9] Levi D., Meyer P., Stewart, B., "SNMPv3 Applications", RFC 2273, SNMP Research, Inc., Secure Computing Corporation, Cisco Systems, January 1998. DISMAN Working Group Expires March 1999 [Page 31] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 [10] Blumenthal, U., Wijnen, B., "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2274, IBM T. J. Watson Research, January 1998. [11] Wijnen, B., Presuhn, R., McCloghrie, K., "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2275, IBM T.J. Watson Research, BMC Software, Inc., Cisco Systems, Inc., January 1998. [12] Hovey, R., and S. Bradner, "The Organizations Involved in the IETF Standards Process", BCP 11, RFC 2028, October 1996. [13] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [14] Rose, M., and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based Internets", RFC 1155, Performance Systems International, Hughes LAN Systems, May 1990. [15] Rose, M., and K. McCloghrie, "Concise MIB Definitions", RFC 1212, Performance Systems International, Hughes LAN Systems, March 1991. [16] M. Rose, "A Convention for Defining Traps for use with the SNMP", RFC 1215, Performance Systems International, March 1991. [17] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [18] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1906, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. 9.0 Author's Address Kenneth D. White Dept. BRQA/Bldg. 501/G114 IBM Corporation P.O.Box 12195 3039 Cornwallis Research Triangle Park, NC 27709, USA E-mail: wkenneth@us.ibm.com 10.0 Full Copyright Statement Copyright (C) The Internet Society (1997). All Rights Reserved. DISMAN Working Group Expires March 1999 [Page 32] Internet Draft Ping, Traceroute and Lookup MIBs December 20, 1998 This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. DISMAN Working Group Expires March 1999 [Page 33]