Internet Draft Conformance Statements for SNMPv2 March 1995 Conformance Statements for Version 2 of the Simple Network Management Protocol (SNMPv2) 19 March 1995 | draft-ietf-snmpv2-conf-ds-01.txt | Jeffrey D. Case SNMP Research, Inc. case@snmp.com Keith McCloghrie Cisco Systems, Inc. kzm@cisco.com Marshall T. Rose Dover Beach Consulting, Inc. mrose@dbc.mtview.ca.us Steven Waldbusser Carnegie Mellon University waldbusser@cmu.edu Status of this Memo This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as ``work in progress.'' To learn the current status of any Internet-Draft, please check the ``1id-abstracts.txt'' listing contained in the Internet- Drafts Shadow Directories on ds.internic.net (US East Coast), nic.nordu.net (Europe), ftp.isi.edu (US West Coast), or munnari.oz.au (Pacific Rim). Expires September 1995 [Page 1] Internet Draft Conformance Statements for SNMPv2 March 1995 1. Introduction A management system contains: several (potentially many) nodes, each with a processing entity, termed an agent, which has access to management instrumentation; at least one management station; and, a management protocol, used to convey management information between the agents and management stations. Operations of the protocol are carried out under an administrative framework which defines authentication, authorization, access control, and privacy policies. Management stations execute management applications which monitor and control managed elements. Managed elements are devices such as hosts, routers, terminal servers, etc., which are monitored and controlled via access to their management information. Management information is viewed as a collection of managed objects, residing in a virtual information store, termed the Management Information Base (MIB). Collections of related objects are defined in MIB modules. These modules are written using a subset of OSI's Abstract Syntax Notation One (ASN.1) [1], termed the Structure of Management Information (SMI) [2]. It may be useful to define the acceptable lower-bounds of implementation, along with the actual level of implementation achieved. It is the purpose of this document to define the notation used for these purposes. 1.1. A Note on Terminology For the purpose of exposition, the original Internet-standard Network Management Framework, as described in RFCs 1155, 1157, and 1212, is termed the SNMP version 1 framework (SNMPv1). The current framework is termed the SNMP version 2 framework (SNMPv2). 1.2. Change Log For the 19 March version: + - The many changes adopted by the SNMPv2 Working Group. + For the 1 November version: Expires September 1995 [Page 2] Internet Draft Conformance Statements for SNMPv2 March 1995 - recast RFC 1444 into an Internet-Draft, - fixed typos, - modified the usage examples to refer to the SNMPv2 MIB. Expires September 1995 [Page 3] Internet Draft Conformance Statements for SNMPv2 March 1995 2. Definitions SNMPv2-CONF DEFINITIONS ::= BEGIN -- definitions for conformance groups OBJECT-GROUP MACRO ::= BEGIN TYPE NOTATION ::= ObjectsPart "STATUS" Status "DESCRIPTION" Text ReferPart VALUE NOTATION ::= value(VALUE OBJECT IDENTIFIER) ObjectsPart ::= "OBJECTS" "{" Objects "}" Objects ::= Object | Objects "," Object Object ::= value(Name ObjectName) Status ::= "current" | "deprecated" + | "obsolete" ReferPart ::= "REFERENCE" Text | empty -- uses the NVT ASCII character set Text ::= """" string """" END Expires September 1995 [Page 4] Internet Draft Conformance Statements for SNMPv2 March 1995 -- more definitions for conformance groups | NOTIFICATION-GROUP MACRO ::= | BEGIN | TYPE NOTATION ::= | NotificationsPart | "STATUS" Status | "DESCRIPTION" Text | ReferPart | VALUE NOTATION ::= | value(VALUE OBJECT IDENTIFIER) | NotificationsPart ::= | "NOTIFICATIONS" "{" Notifications "}" | Notifications ::= | Notification | | Notifications "," Notification | Notification ::= | value(Name NotificationName) | Status ::= | "current" | | "deprecated" | | "obsolete" | ReferPart ::= | "REFERENCE" Text | | empty | -- uses the NVT ASCII character set | Text ::= """" string """" | END | Expires September 1995 [Page 5] Internet Draft Conformance Statements for SNMPv2 March 1995 -- definitions for compliance statements MODULE-COMPLIANCE MACRO ::= BEGIN TYPE NOTATION ::= "STATUS" Status "DESCRIPTION" Text ReferPart ModulePart VALUE NOTATION ::= value(VALUE OBJECT IDENTIFIER) Status ::= "current" | "deprecated" + | "obsolete" ReferPart ::= "REFERENCE" Text | empty ModulePart ::= Modules | empty Modules ::= Module | Modules Module Module ::= -- name of module -- "MODULE" ModuleName MandatoryPart CompliancePart ModuleName ::= modulereference ModuleIdentifier -- must not be empty unless contained -- in MIB Module | empty ModuleIdentifier ::= value(ModuleID OBJECT IDENTIFIER) | empty MandatoryPart ::= "MANDATORY-GROUPS" "{" Groups "}" Expires September 1995 [Page 6] Internet Draft Conformance Statements for SNMPv2 March 1995 | empty Groups ::= Group | Groups "," Group Group ::= value(Group OBJECT IDENTIFIER) CompliancePart ::= Compliances | empty Compliances ::= Compliance | Compliances Compliance Compliance ::= ComplianceGroup | Object ComplianceGroup ::= "GROUP" value(Name OBJECT IDENTIFIER) "DESCRIPTION" Text Object ::= "OBJECT" value(Name ObjectName) SyntaxPart WriteSyntaxPart AccessPart "DESCRIPTION" Text -- must be a refinement for object's SYNTAX clause SyntaxPart ::= "SYNTAX" type(SYNTAX) | empty -- must be a refinement for object's SYNTAX clause WriteSyntaxPart ::= "WRITE-SYNTAX" type(WriteSYNTAX) | empty AccessPart ::= "MIN-ACCESS" Access | empty Access ::= "not-accessible" Expires September 1995 [Page 7] Internet Draft Conformance Statements for SNMPv2 March 1995 | "accessible-for-notify" + | "read-only" | "read-write" | "read-create" -- uses the NVT ASCII character set Text ::= """" string """" END Expires September 1995 [Page 8] Internet Draft Conformance Statements for SNMPv2 March 1995 -- definitions for capabilities statements AGENT-CAPABILITIES MACRO ::= BEGIN TYPE NOTATION ::= "PRODUCT-RELEASE" Text "STATUS" Status "DESCRIPTION" Text ReferPart ModulePart VALUE NOTATION ::= value(VALUE OBJECT IDENTIFIER) - Status ::= "current" | "obsolete" ReferPart ::= "REFERENCE" Text | empty ModulePart ::= Modules | empty Modules ::= Module | Modules Module Module ::= -- name of module -- "SUPPORTS" ModuleName "INCLUDES" "{" Groups "}" VariationPart ModuleName ::= identifier ModuleIdentifier ModuleIdentifier ::= value(ModuleID OBJECT IDENTIFIER) | empty Groups ::= Group | Groups "," Group Group ::= value(Name OBJECT IDENTIFIER) Expires September 1995 [Page 9] Internet Draft Conformance Statements for SNMPv2 March 1995 VariationPart ::= Variations | empty Variations ::= Variation | Variations Variation Variation ::= ObjectVariation + | NotificationVariation + NotificationVariation ::= + "VARIATION" value(Name NotificationName) + "DESCRIPTION" Text + ObjectVariation ::= + "VARIATION" value(Name ObjectName) SyntaxPart WriteSyntaxPart AccessPart CreationPart DefValPart "DESCRIPTION" Text -- must be a refinement for object's SYNTAX clause SyntaxPart ::= "SYNTAX" type(SYNTAX) | empty -- must be a refinement for object's SYNTAX clause WriteSyntaxPart ::= "WRITE-SYNTAX" type(WriteSYNTAX) | empty AccessPart ::= "ACCESS" Access | empty Access ::= "not-implemented" | "accessible-for-notify" + | "read-only" | "read-write" | "read-create" -- following is for backward-compatibility only Expires September 1995 [Page 10] Internet Draft Conformance Statements for SNMPv2 March 1995 | "write-only" CreationPart ::= "CREATION-REQUIRES" "{" Cells "}" | empty Cells ::= Cell | Cells "," Cell Cell ::= value(Cell ObjectName) DefValPart ::= "DEFVAL" "{" value(Defval ObjectSyntax) "}" | empty -- uses the NVT ASCII character set Text ::= """" string """" END END Expires September 1995 [Page 11] Internet Draft Conformance Statements for SNMPv2 March 1995 3. Mapping of the OBJECT-GROUP macro For conformance purposes, it is useful to define a collection of related managed objects. The OBJECT-GROUP macro is used to define each such collection of related objects. It should be noted that the expansion of the OBJECT-GROUP macro is something which conceptually happens during implementation and not during run-time. To "implement" an object, a SNMPv2 entity acting in an agent role must return a reasonably accurate value for management protocol retrieval operations; similarly, if the object is writable, then in response to a management protocol set operation, a SNMPv2 entity must accordingly be able to reasonably influence the underlying managed entity. If a SNMPv2 entity acting in an agent role can not implement an object, the management protocol provides for the SNMPv2 entity to return an exception or error, e.g, noSuchObject [4]. Under no circumstances shall a SNMPv2 entity return a value for objects which it does not implement -- it must always return the appropriate exception or error, as described in the protocol specification [4]. 3.1. Mapping of the OBJECTS clause The OBJECTS clause, which must be present, is used to name each object contained in the conformance group. Each of the named objects must be defined in the same information module as the OBJECT-GROUP macro appears, and must have a MAX-ACCESS clause value of "accessible-for- | notify", "read-only", | "read-write", or "read-create". It is required that every object defined in an information module be + contained in at least one object group. This avoids the common error of + adding a new object to an information module and forgetting to add the + new object to a group. + 3.2. Mapping of the STATUS clause The STATUS clause, which must be present, indicates whether this definition is current or historic. The values "current", and "obsolete" are self-explanatory. The + "deprecated" value indicates that the group is obsolete, but that an + implementor may wish to support it to foster interoperability with older + implementations. + Expires September 1995 [Page 12] Internet Draft Conformance Statements for SNMPv2 March 1995 3.3. Mapping of the DESCRIPTION clause The DESCRIPTION clause, which must be present, contains a textual definition of that group, along with a description of any relations to other groups. Note that generic compliance requirements should not be stated in this clause. However, implementation relationships between this group and other groups may be defined in this clause. 3.4. Mapping of the REFERENCE clause The REFERENCE clause, which need not be present, contains a textual cross-reference to a group defined in some other information module. This is useful when de-osifying a MIB module produced by some other organization. 3.5. Mapping of the OBJECT-GROUP value The value of an invocation of the OBJECT-GROUP macro is the name of the group, which is an OBJECT IDENTIFIER, an administratively assigned name. Expires September 1995 [Page 13] Internet Draft Conformance Statements for SNMPv2 March 1995 3.6. Usage Example The SNMP Statistics Group [3] is described: snmpStatsGroup OBJECT-GROUP OBJECTS { snmpStatsPackets, snmpStats30Something, snmpStatsEncodingErrors, snmpStatsUnknownDstParties, snmpStatsDstPartyMismatches, snmpStatsUnknownSrcParties, snmpStatsBadAuths, snmpStatsNotInLifetimes, snmpStatsWrongDigestValues, snmpStatsUnknownContexts, snmpStatsBadOperations, snmpStatsSilentDrops } STATUS current DESCRIPTION "A collection of objects providing basic instrumentation of the SNMPv2 entity." ::= { snmpMIBGroups 1 } According to this invocation, the conformance group named { snmpMIBGroups 1 } contains 12 objects. Expires September 1995 [Page 14] Internet Draft Conformance Statements for SNMPv2 March 1995 4. Mapping of the NOTIFICATION-GROUP macro For conformance purposes, it is useful to define a collection of + notifications. The NOTIFICATION-GROUP macro serves this purpose. It + should be noted that the expansion of the NOTIFICATION-GROUP macro is + something which conceptually happens during implementation and not + during run-time. + 4.1. Mapping of the NOTIFICATIONS clause + The NOTIFICATIONS clause, which must be present, is used to name each + notification contained in the conformance group. Each of the named + notifications must be defined in the same information module as the + NOTIFICATION-GROUP macro appears. + 4.2. Mapping of the STATUS clause + The STATUS clause, which must be present, indicates whether this + definition is current or historic. + The values "current", and "obsolete" are self-explanatory. The + "deprecated" value indicates that the group is obsolete, but that an + implementor may wish to support it to foster interoperability with older + implementations. + 4.3. Mapping of the DESCRIPTION clause + The DESCRIPTION clause, which must be present, contains a textual + definition of the group, along with a description of any relations to + other groups. Note that generic compliance requirements should not be + stated in this clause. However, implementation relationships between + this group and other groups may be defined in this clause. + 4.4. Mapping of the REFERENCE clause + The REFERENCE clause, which need not be present, contains a textual + cross-reference to a group defined in some other information module. + This is useful when de-osifying a MIB module produced by some other + organization. + Expires September 1995 [Page 15] Internet Draft Conformance Statements for SNMPv2 March 1995 4.5. Mapping of the NOTIFICATION-GROUP value + The value of an invocation of the NOTIFICATION-GROUP macro is the name + of the group, which is an OBJECT IDENTIFIER, an administratively + assigned name. + Expires September 1995 [Page 16] Internet Draft Conformance Statements for SNMPv2 March 1995 4.6. Usage Example + The SNMP Basic Notifications Group [3] is described: + snmpBasicNotificationsGroup NOTIFICATION-GROUP + NOTIFICATIONS { coldStart, authenticationFailure } + STATUS current + DESCRIPTION + "The two notifications which an SNMPv2 entity is required to + implement." + ::= { snmpNotificationGroups 1 } + According to this invocation, the conformance group named + { snmpNotificationGroups 1 } + contains 2 notifications. + Expires September 1995 [Page 17] Internet Draft Conformance Statements for SNMPv2 March 1995 5. Mapping of the MODULE-COMPLIANCE macro The MODULE-COMPLIANCE macro is used to convey a minimum set of requirements with respect to implementation of one or more MIB modules. It should be noted that the expansion of the MODULE-COMPLIANCE macro is something which conceptually happens during implementation and not during run-time. A requirement on all "standard" MIB modules is that a corresponding MODULE-COMPLIANCE specification is also defined, either in the same information module or in a companion information module. 5.1. Mapping of the STATUS clause The STATUS clause, which must be present, indicates whether this definition is current or historic. The values "current", and "obsolete" are self-explanatory. The | "deprecated" value indicates that the specification is obsolete, | but that an implementor may wish to support that object to foster interoperability with older implementations. 5.2. Mapping of the DESCRIPTION clause The DESCRIPTION clause, which must be present, contains a textual definition of this compliance statement and should embody any information which would otherwise be communicated in any ASN.1 commentary annotations associated with the statement. 5.3. Mapping of the REFERENCE clause The REFERENCE clause, which need not be present, contains a textual cross-reference to a compliance statement defined in some other information module. 5.4. Mapping of the MODULE clause The MODULE clause, which must be present, is repeatedly used to name each MIB module for which compliance requirements are being specified. Each MIB module is named by its module name, and optionally, by its associated OBJECT IDENTIFIER as well. The module name can be omitted Expires September 1995 [Page 18] Internet Draft Conformance Statements for SNMPv2 March 1995 when the MODULE-COMPLIANCE invocation occurs inside a MIB module, to refer to the encompassing MIB module. 5.4.1. Mapping of the MANDATORY-GROUPS clause The MANDATORY-GROUPS clause, which need not be present, names the one or | more object or notification groups within the correspondent MIB module | which | are unconditionally mandatory for implementation. If a SNMPv2 entity acting in an agent role claims compliance to the MIB module, then it | must implement each and every object and notification within each | conformance group listed. | That is, if a SNMPv2 entity returns a noSuchObject exception in response to a management protocol get operation [4] for any object within any mandatory conformance group for every MIB view, or if the SNMPv2 entity + cannot generate each notification listed in any conformance group under + the appropriate circumstances, + then that SNMPv2 entity is not a conformant implementation of the MIB module. 5.4.2. Mapping of the GROUP clause The GROUP clause, which need not be present, is repeatedly used to name | each object and notification group which | is conditionally mandatory or unconditionally optional for compliance to the MIB module. A group named in a GROUP clause must be absent | from the correspondent MANDATORY-GROUPS clause. Conditionally mandatory groups include those which are mandatory only if a particular protocol is implemented, or only if another group is implemented. A GROUP clause's DESCRIPTION specifies the conditions under which the group is conditionally mandatory. A group which is named in neither a MANDATORY-GROUPS clause | nor a GROUP clause, is unconditionally optional for compliance to the MIB module. 5.4.3. Mapping of the OBJECT clause The OBJECT clause, which need not be present, | is repeatedly used to name each MIB object for which compliance has a refined requirement with respect to the MIB module definition. The MIB Expires September 1995 [Page 19] Internet Draft Conformance Statements for SNMPv2 March 1995 object must be present in one of the conformance groups named in the correspondent MANDATORY-GROUPS clause or GROUP clauses. By definition, each object specified in an OBJECT clause follows a + MODULE clause which names the information module in which that object is + defined. Therefore, the use of an IMPORTS statement to specify where + the object is imported from is redundant, and is not required in an + information module. + 5.4.3.1. Mapping of the SYNTAX clause The SYNTAX clause, which need not be present, is used to provide a refined SYNTAX for the object named in the correspondent OBJECT clause. Note that if this clause and a WRITE-SYNTAX clause are both present, then this clause only applies when instances of the object named in the correspondent OBJECT clause are read. Consult Section 9 of [2] for more information on refined syntax. 5.4.3.2. Mapping of the WRITE-SYNTAX clause The WRITE-SYNTAX clause, which need not be present, is used to provide a refined SYNTAX for the object named in the correspondent OBJECT clause when instances of that object are written. Consult Section 9 of [2] for more information on refined syntax. 5.4.3.3. Mapping of the MIN-ACCESS clause The MIN-ACCESS clause, which need not be present, is used to define the minimal level of access for the object named in the correspondent OBJECT clause. If this clause is absent, the minimal level of access is the same as the maximal level specified in the correspondent invocation of the OBJECT-TYPE macro. If present, this clause must not specify a greater level of access than is specified in the correspondent invocation of the OBJECT-TYPE macro. The level of access for certain types of objects is fixed according to their syntax definition. These types are: conceptual tables and rows, auxiliary objects, and objects with the syntax of Counter32, Counter64, or certain types of textual conventions (e.g., RowStatus [5]). A MIN- ACCESS clause should not be present for such objects. Expires September 1995 [Page 20] Internet Draft Conformance Statements for SNMPv2 March 1995 An implementation is compliant if the level of access it provides is greater or equal to the minimal level in the MODULE-COMPLIANCE macro and less or equal to the maximal level in the OBJECT-TYPE macro. 5.4.3.4. Mapping of the DESCRIPTION clause The DESCRIPTION clause must be present for each use of the GROUP or OBJECT clause. For an OBJECT clause, it contains a textual description of the refined compliance requirement. For a GROUP clause, it contains a textual description of the conditions under which the group is conditionally mandatory or unconditionally optional. 5.5. Mapping of the MODULE-COMPLIANCE value The value of an invocation of the MODULE-COMPLIANCE macro is an OBJECT IDENTIFIER. As such, this value may be authoritatively used when referring to the compliance statement embodied by that invocation of the macro. Expires September 1995 [Page 21] Internet Draft Conformance Statements for SNMPv2 March 1995 5.6. Usage Example The compliance statement contained in SNMPv2-MIB [3] is: snmpMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMPv2 entities which implement the SNMPv2 MIB." MODULE -- compliance to the containing MIB module MANDATORY-GROUPS { systemGroup, snmpStatsGroup, snmpORGroup, snmpTrapGroup, snmpSetGroup, | snmpBasicNotificationsGroup } | GROUP snmpV1Group DESCRIPTION "The snmpV1 group is mandatory only for those SNMPv2 entities which also implement SNMPv1." ::= { snmpMIBCompliances 1 } According to this invocation, to claim alignment with the compliance statement named { snmpMIBCompliances 1 } a system must implement the SNMPv2-MIB's systemGroup, snmpStatsGroup, snmpORGroup, snmpTrapGroup, and snmpSetGroup object conformance groups, | as well as the snmpBasicNotificationsGroup notifications group. | Furthermore, if the SNMPv2 entity also implements SNMPv1, then it must also support the SNMPv1Group group, if compliance is to be claimed. Expires September 1995 [Page 22] Internet Draft Conformance Statements for SNMPv2 March 1995 6. Mapping of the AGENT-CAPABILITIES macro The AGENT-CAPABILITIES macro is used to convey the capabilities present in a SNMPv2 entity acting in an agent role. It should be noted that the expansion of the AGENT-CAPABILITIES macro is something which conceptually happens during implementation and not during run-time. When a MIB module is written, it is divided into units of conformance termed groups. If a SNMPv2 entity acting in an agent role claims to implement a group, then it must implement each and every object within that group. Of course, for whatever reason, a SNMPv2 entity might implement only a subset of the groups within a MIB module. In addition, the definition of some MIB objects leave some aspects of the definition to the discretion of an implementor. Practical experience has demonstrated a need for concisely describing the capabilities of an agent with respect to one or more MIB modules. The AGENT-CAPABILITIES macro allows an agent implementor to describe the precise level of support which an agent claims in regards to a MIB group, and to bind that description to the value of an instance of | snmpORID [3]. | In particular, some objects may have restricted or augmented syntax or access-levels. If the AGENT-CAPABILITIES invocation is given to a management-station implementor, then that implementor can build management applications which optimize themselves when communicating with a particular agent. For example, the management-station can maintain a database of these invocations. When a management-station interacts with an agent, it | retrieves from the agent the values of all instances of sysORID [3]. | Based on this, it consults the database to locate each entry matching | one of the retrieved values of snmpORID. Using the located entries, the | management application can now optimize its behavior accordingly. | Note that the AGENT-CAPABILITIES macro specifies refinements or - variations with respect to OBJECT-TYPE macros in MIB modules, NOT with respect to MODULE-COMPLIANCE macros in compliance statements. 6.1. Mapping of the PRODUCT-RELEASE clause The PRODUCT-RELEASE clause, which must be present, contains a textual description of the product release which includes this agent. Expires September 1995 [Page 23] Internet Draft Conformance Statements for SNMPv2 March 1995 6.2. Mapping of the STATUS clause The STATUS clause, which must be present, indicates whether this definition is current ("current") or historic ("obsolete"). 6.3. Mapping of the DESCRIPTION clause The DESCRIPTION clause, which must be present, contains a textual description of this agent. 6.4. Mapping of the REFERENCE clause The REFERENCE clause, which need not be present, contains a textual cross-reference to a capability statement defined in some other information module. 6.5. Mapping of the SUPPORTS clause The SUPPORTS clause, which need not be present, is repeatedly used to name each MIB module for which the agent claims a complete or partial implementation. Each MIB module is named by its module name, and optionally, by its associated OBJECT IDENTIFIER as well. 6.5.1. Mapping of the INCLUDES clause The INCLUDES clause, which must be present for each use of the SUPPORTS clause, is used to name each MIB group associated with the SUPPORTS clause, which the agent claims to implement. 6.5.2. Mapping of the VARIATION clause The VARIATION clause, which need not be present, is repeatedly used to | name each object or notification which the agent | implements in some variant or refined fashion with respect to the correspondent invocation of the OBJECT-TYPE macro. Note that the variation concept is meant for generic implementation restrictions, e.g., if the variation for an object depends on the values of other objects, then this should be noted in the appropriate DESCRIPTION clause. Expires September 1995 [Page 24] Internet Draft Conformance Statements for SNMPv2 March 1995 By definition, each object specified in a VARIATION clause follows a + SUPPORTS clause which names the information module in which that object + is defined. Therefore, the use of an IMPORTS statement to specify where + the object is imported from is redundant, and is not required in an + information module. + 6.5.2.1. Mapping of the SYNTAX clause The SYNTAX clause, which need not be present, is used to provide a refined SYNTAX for the object named in the correspondent VARIATION clause. Note that if this clause and a WRITE-SYNTAX clause are both present, then this clause only applies when instances of the object named in the correspondent VARIATION clause are read. Consult Section 9 of [2] for more information on refined syntax. 6.5.2.2. Mapping of the WRITE-SYNTAX clause The WRITE-SYNTAX clause, which need not be present, is used to provide a refined SYNTAX for the object named in the correspondent VARIATION clause when instances of that object are written. Consult Section 9 of [2] for more information on refined syntax. 6.5.2.3. Mapping of the ACCESS clause The ACCESS clause, which need not be present, is used to indicate the agent provides less than the maximal level of access to the object named in the correspondent VARIATION clause. The value "not-implemented" indicates the agent does not implement the object, and in the ordering of possible values is equivalent to "not- accessible". The value "write-only" is provided solely for backward compatibility, and shall not be used for newly-defined object types. In the ordering of possible values, "write-only" is less than "not-accessible". Expires September 1995 [Page 25] Internet Draft Conformance Statements for SNMPv2 March 1995 6.5.2.4. Mapping of the CREATION-REQUIRES clause The CREATION-REQUIRES clause, which need not be present, is used to name the columnar objects of a conceptual row to which values must be explicitly assigned, by a management protocol set operation, before the agent will allow the instance of the status column of that row to be set to `active'. (Consult the definition of RowStatus [5].) If the conceptual row does not have a status column (i.e., the objects corresponding to the conceptual table were defined using the mechanisms in [6,7]), then the CREATION-REQUIRES clause, which need not be present, is used to name the columnar objects of a conceptual row to which values must be explicitly assigned, by a management protocol set operation, before the agent will create new instances of objects in that row. This clause must not present unless the object named in the correspondent VARIATION clause is a conceptual row, i.e., has a syntax which resolves to a SEQUENCE containing columnar objects. The objects named in the value of this clause usually will refer to columnar objects in that row. However, objects unrelated to the conceptual row may also be specified. All objects which are named in the CREATION-REQUIRES clause for a conceptual row, and which are columnar objects of that row, must have an access level of "read-create". 6.5.2.5. Mapping of the DEFVAL clause The DEFVAL clause, which need not be present, is used to provide a refined DEFVAL value for the object named in the correspondent VARIATION clause. The semantics of this value are identical to those of the OBJECT-TYPE macro's DEFVAL clause. 6.5.2.6. Mapping of the DESCRIPTION clause The DESCRIPTION clause, which must be present for each use of the VARIATION clause, contains a textual description of the variant or | refined implementation of the object or notification. | Expires September 1995 [Page 26] Internet Draft Conformance Statements for SNMPv2 March 1995 6.6. Mapping of the AGENT-CAPABILITIES value The value of an invocation of the AGENT-CAPABILITIES macro is an OBJECT IDENTIFIER, which names the value of snmpORID [3] for which | this capabilities statement is valid. Expires September 1995 [Page 27] Internet Draft Conformance Statements for SNMPv2 March 1995 6.7. Usage Example Consider how a capabilities statement for an agent might be described: exampleAgent AGENT-CAPABILITIES PRODUCT-RELEASE "ACME Agent release 1.1 for 4BSD" STATUS current DESCRIPTION "ACME agent for 4BSD" SUPPORTS SNMPv2-MIB INCLUDES { systemGroup, snmpGroup, | snmpBasicNotificationsGroup } | VARIATION coldStart + DESCRIPTION "A coldStart trap is generated on all + reboots." + SUPPORTS IF-MIB INCLUDES { ifGeneralGroup, ifPacketGroup } VARIATION ifAdminStatus SYNTAX INTEGER { up(1), down(2) } DESCRIPTION "Unable to set test mode on 4BSD" VARIATION ifOperStatus SYNTAX INTEGER { up(1), down(2) } DESCRIPTION "Information limited on 4BSD" SUPPORTS IP-MIB INCLUDES { ipGroup, icmpGroup } VARIATION ipDefaultTTL SYNTAX INTEGER (255..255) DESCRIPTION "Hard-wired on 4BSD" VARIATION ipInAddrErrors ACCESS not-implemented DESCRIPTION "Information not available on 4BSD" VARIATION ipNetToMediaEntry CREATION-REQUIRES { ipNetToMediaPhysAddress } DESCRIPTION "Address mappings on 4BSD require both protocol and media addresses" SUPPORTS TCP-MIB Expires September 1995 [Page 28] Internet Draft Conformance Statements for SNMPv2 March 1995 INCLUDES { tcpGroup } VARIATION tcpConnState ACCESS read-only DESCRIPTION "Unable to set this on 4BSD" SUPPORTS UDP-MIB INCLUDES { udpGroup } SUPPORTS EVAL-MIB INCLUDES { functionsGroup, expressionsGroup } VARIATION exprEntry CREATION-REQUIRES { evalString } DESCRIPTION "Conceptual row creation supported" ::= { acmeAgents 1 } According to this invocation, an agent with a snmpORID value of | { acmeAgents 1 } supports six MIB modules. From SNMPv2-MIB, the system and snmp conformance group are supported. From IF-MIB, the ifGeneralGroup and ifPacketGroup groups are supported. However, the objects ifAdminStatus and ifOperStatus have a restricted syntax. From IP-MIB, all objects in the ipGroup and icmpGroup are supported except ipInAddrErrors, while ipDefaultTTL has a restricted range, and when creating a new instance in the ipNetToMediaTable, the set-request must create an instance of atPhysAddress. From TCP-MIB, the tcpGroup is supported except that tcpConnState is available only for reading. From UDP-MIB, the udpGroup is fully supported. From the EVAL-MIB, all the objects contained in the functionsGroup and expressionsGroup conformance groups are supported, without variation. In addition, creation of new instances in the expr table is supported. Expires September 1995 [Page 29] Internet Draft Conformance Statements for SNMPv2 March 1995 7. Extending an Information Module As experience is gained with a published information module, it may be desirable to revise that information module. Section 10 of [2] defines the rules for extending an information module. The remainder of this section defines how conformance groups, compliance statements, and capabilities statements may be extended. 7.1. Conformance Groups If any non-editorial change is made to any clause of an object group then the OBJECT IDENTIFIER value associated with that object group must also be changed, along with its associated descriptor. 7.2. Compliance Definitions If any non-editorial change is made to any clause of a compliance definition, then the OBJECT IDENTIFIER value associated with that compliance definition must also be changed, along with its associated descriptor. 7.3. Capabilities Definitions If any non-editorial change is made to any clause of a capabilities definition, then the OBJECT IDENTIFIER value associated with that capabilities definition must also be changed, along with its associated descriptor. Expires September 1995 [Page 30] Internet Draft Conformance Statements for SNMPv2 March 1995 8. Acknowledgements The authors wish to acknowledge the contributions of the SNMPv2 Working Group in general. In particular, the following individuals Dave Arneson (Cabletron), Uri Blumenthal (IBM), Doug Book (Chipcom), Maria Greene (Ascom Timeplex), Deirdre Kostik (Bellcore), Dave Harrington (Cabletron), Jeff Johnson (Cisco Systems), Brian O'Keefe (Hewlett Packard), Dave Perkins (Bay Networks), Randy Presuhn (Peer Networks), Shawn Routhier (Epilogue), Bob Stewart (Cisco Systems), Kaj Tesink (Bellcore). deserve special thanks for their contributions. 9. References [1] Information processing systems - Open Systems Interconnection - Specification of Abstract Syntax Notation One (ASN.1), International Organization for Standardization. International Standard 8824, (December, 1987). [2] Case, J., McCloghrie, K., Rose, M., and Waldbusser, S., "Structure of Management Information for Version 2 of the Simple Network Management Protocol (SNMPv2)", Internet Draft, SNMP Research, Inc., Cisco Systems, Dover Beach Consulting, Inc., Carnegie Mellon University, March 1995. | [3] Case, J., McCloghrie, K., Rose, M., and Waldbusser, S., "Management Information Base for Version 2 of the Simple Network Management Protocol (SNMPv2)", Internet Draft, SNMP Research, Inc., Cisco Systems, Dover Beach Consulting, Inc., Carnegie Mellon University, | March 1995. | [4] Case, J., McCloghrie, K., Rose, M., and Waldbusser, S., "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", Internet Draft, SNMP Research, Inc., Cisco Systems, Dover Beach Consulting, Inc., Carnegie Mellon University, March | Expires September 1995 [Page 31] Internet Draft Conformance Statements for SNMPv2 March 1995 1995. | [5] Case, J., McCloghrie, K., Rose, M., and Waldbusser, S., "Textual Conventions for Version 2 of the the Simple Network Management Protocol (SNMPv2)", Internet Draft, SNMP Research, Inc., Cisco Systems, Dover Beach Consulting, Inc., Carnegie Mellon University, | March 1995. | [6] Rose, M., and McCloghrie, K., "Structure and Identification of Management Information for TCP/IP-based internets", STD 16, RFC 1155, May 1990. [7] Rose, M., and McCloghrie, K., "Concise MIB Definitions", STD 16, RFC 1212, March 1991. Expires September 1995 [Page 32] Internet Draft Conformance Statements for SNMPv2 March 1995 10. Security Considerations Security issues are not discussed in this memo. 11. Authors' Addresses Jeffrey D. Case SNMP Research, Inc. 3001 Kimberlin Heights Rd. Knoxville, TN 37920-9716 US Phone: +1 615 573 1434 Email: case@snmp.com Keith McCloghrie Cisco Systems, Inc. 170 West Tasman Drive, San Jose CA 95134-1706. Phone: +1 408 526 5260 Email: kzm@cisco.com Marshall T. Rose Dover Beach Consulting, Inc. 420 Whisman Court Mountain View, CA 94043-2186 US Phone: +1 415 968 1052 Email: mrose@dbc.mtview.ca.us Steven Waldbusser Carnegie Mellon University 5000 Forbes Ave Pittsburgh, PA 15213 US Phone: +1 412 268 6628 Email: waldbusser@cmu.edu Expires September 1995 [Page 33] Internet Draft Conformance Statements for SNMPv2 March 1995 Table of Contents 1 Introduction .................................................... 2 1.1 A Note on Terminology ......................................... 2 1.2 Change Log .................................................... 2 2 Definitions ..................................................... 4 2.1 The OBJECT-GROUP macro ........................................ 4 2.2 The NOTIFICATION-GROUP macro .................................. 5 2.3 The MODULE-COMPLIANCE macro ................................... 6 2.4 The AGENT-CAPABILITIES macro .................................. 9 3 Mapping of the OBJECT-GROUP macro ............................... 12 3.1 Mapping of the OBJECTS clause ................................. 12 3.2 Mapping of the STATUS clause .................................. 12 3.3 Mapping of the DESCRIPTION clause ............................. 13 3.4 Mapping of the REFERENCE clause ............................... 13 3.5 Mapping of the OBJECT-GROUP value ............................. 13 3.6 Usage Example ................................................. 14 4 Mapping of the NOTIFICATION-GROUP macro ......................... 15 4.1 Mapping of the NOTIFICATIONS clause ........................... 15 4.2 Mapping of the STATUS clause .................................. 15 4.3 Mapping of the DESCRIPTION clause ............................. 15 4.4 Mapping of the REFERENCE clause ............................... 15 4.5 Mapping of the NOTIFICATION-GROUP value ....................... 16 4.6 Usage Example ................................................. 17 5 Mapping of the MODULE-COMPLIANCE macro .......................... 18 5.1 Mapping of the STATUS clause .................................. 18 5.2 Mapping of the DESCRIPTION clause ............................. 18 5.3 Mapping of the REFERENCE clause ............................... 18 5.4 Mapping of the MODULE clause .................................. 18 5.4.1 Mapping of the MANDATORY-GROUPS clause ...................... 19 5.4.2 Mapping of the GROUP clause ................................. 19 5.4.3 Mapping of the OBJECT clause ................................ 19 5.4.3.1 Mapping of the SYNTAX clause .............................. 20 5.4.3.2 Mapping of the WRITE-SYNTAX clause ........................ 20 5.4.3.3 Mapping of the MIN-ACCESS clause .......................... 20 5.4.3.4 Mapping of the DESCRIPTION clause ......................... 21 5.5 Mapping of the MODULE-COMPLIANCE value ........................ 21 5.6 Usage Example ................................................. 22 6 Mapping of the AGENT-CAPABILITIES macro ......................... 23 6.1 Mapping of the PRODUCT-RELEASE clause ......................... 23 6.2 Mapping of the STATUS clause .................................. 24 6.3 Mapping of the DESCRIPTION clause ............................. 24 6.4 Mapping of the REFERENCE clause ............................... 24 6.5 Mapping of the SUPPORTS clause ................................ 24 Expires September 1995 [Page 34] Internet Draft Conformance Statements for SNMPv2 March 1995 6.5.1 Mapping of the INCLUDES clause .............................. 24 6.5.2 Mapping of the VARIATION clause ............................. 24 6.5.2.1 Mapping of the SYNTAX clause .............................. 25 6.5.2.2 Mapping of the WRITE-SYNTAX clause ........................ 25 6.5.2.3 Mapping of the ACCESS clause .............................. 25 6.5.2.4 Mapping of the CREATION-REQUIRES clause ................... 26 6.5.2.5 Mapping of the DEFVAL clause .............................. 26 6.5.2.6 Mapping of the DESCRIPTION clause ......................... 26 6.6 Mapping of the AGENT-CAPABILITIES value ....................... 27 6.7 Usage Example ................................................. 28 7 Extending an Information Module ................................. 30 7.1 Conformance Groups ............................................ 30 7.2 Compliance Definitions ........................................ 30 7.3 Capabilities Definitions ...................................... 30 8 Acknowledgements ................................................ 31 9 References ...................................................... 31 10 Security Considerations ........................................ 33 11 Authors' Addresses ............................................. 33 Expires September 1995 [Page 35]