INTERNET-DRAFT Editor of this version: Request for Comments: -MIB R. Presuhn STD: XXX BMC Software, Inc. Obsoletes: 1907 Authors of previous version: Category: Standards Track J. Case SNMP Research, Inc. K. McCloghrie Cisco Systems, Inc. M. Rose Dover Beach Consulting, Inc. S. Waldbusser International Network Services 14 July 2000 Management Information Base for the Simple Network Management Protocol Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html Copyright Notice Copyright (C) The Internet Society (2000). All Rights Reserved. SNMPv3 Working Group Expires December 2001 [Page 1] Internet Draft Protocol Operations for SNMP 14 July 2000 Abstract This document defines managed objects which describe the behavior of an SNMP entity. This document obsoletes RFC 1907, Management Information Base for Version 2 of the Simple Network Management Protocol (SNMPv2). Table of Contents 1. Introduction ................................................ 3 2. The SNMP Management Framework ............................... 3 3. Definitions ................................................. 4 4. Notice on Intellectual Property ............................. 22 5. Acknowledgments ............................................. 22 6. Security Considerations ..................................... 24 7. References .................................................. 24 8. Editor's Address ............................................ 26 9. Changes from RFC 1907 ....................................... 26 10. Issues ..................................................... 27 11. Full Copyright Statement ................................... 28 SNMPv3 Working Group Expires December 2001 [Page 2] Internet Draft Protocol Operations for SNMP 14 July 2000 1. Introduction It is the purpose of this document to define managed objects which describe the behavior of an SNMP entity, as defined in the SNMP architecture [RFC2571]. 2. The SNMP Management Framework The SNMP Management Framework at the time of this writing consists of five major components: - An overall architecture, described in RFC 2571 [RFC2571]. - Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in STD 16, RFC 1155 [RFC1155], STD 16, RFC 1212 [RFC1212] and RFC 1215 [RFC1215]. The second version, called SMIv2, is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580]. - Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in STD 15, RFC 1157 [RFC1157]. A second version of the SNMP message protocol, which is not an Internet standards track protocol, is called SNMPv2c and described in RFC 1901 [RFC1901] and RFC -TM [RFC-TM]. The third version of the message protocol is called SNMPv3 and described in RFC -TM [RFC-TM], RFC 2572 [RFC2572] and RFC 2574 [RFC2574]. - Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described in STD 15, RFC 1157 [RFC1157]. A second set of protocol operations and associated PDU formats is described in RFC -PROTO [RFC-PROTO]. - A set of fundamental applications described in RFC 2573 [RFC2573] and the view-based access control mechanism described in RFC 2575 [RFC2575]. A more detailed introduction to the current SNMP Management Framework can be found in RFC 2570 [RFC2570]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the mechanisms defined in the SMI. SNMPv3 Working Group Expires December 2001 [Page 3] Internet Draft Protocol Operations for SNMP 14 July 2000 This memo specifies a MIB module that is compliant to the SMIv2. A MIB conforming to the SMIv1 can be produced through the appropriate translations. The resulting translated MIB must be semantically equivalent, except where objects or events are omitted because no translation is possible (use of Counter64). Some machine readable information in SMIv2 will be converted into textual descriptions in SMIv1 during the translation process. However, this loss of machine readable information is not considered to change the semantics of the MIB. 3. Definitions SNMPv2-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, TimeTicks, Counter32, snmpModules, mib-2 FROM SNMPv2-SMI DisplayString, TestAndIncr, TimeStamp FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF; snmpMIB MODULE-IDENTITY LAST-UPDATED "200007141730Z" ORGANIZATION "IETF SNMPv3 Working Group" CONTACT-INFO "WG-EMail: snmpv3@tis.com Subscribe: majordomo@tis.com In message body: subscribe snmpv3 Chair: Russ Mundy TIS Labs at Network Associates postal: 3060 Washington Rd Glenwood MD 21738 USA EMail: mundy@tislabs.com phone: +1 301 854-6889 Editor: Randy Presuhn BMC Software, Inc. postal: 2141 North First Street San Jose, CA 95131 USA EMail: randy_presuhn@bmc.com phone: +1 408 546-1006" DESCRIPTION "The MIB module for SNMP entities." SNMPv3 Working Group Expires December 2001 [Page 4] Internet Draft Protocol Operations for SNMP 14 July 2000 REVISION "200007141730Z" DESCRIPTION "This revision of this MIB module was published as ." REVISION "199511090000Z" DESCRIPTION "This revision of this MIB module was published as RFC 1907." REVISION "199304010000Z" DESCRIPTION "The initial revision of this MIB module was published as RFC 1450." ::= { snmpModules 1 } snmpMIBObjects OBJECT IDENTIFIER ::= { snmpMIB 1 } -- ::= { snmpMIBObjects 1 } this OID is obsolete -- ::= { snmpMIBObjects 2 } this OID is obsolete -- ::= { snmpMIBObjects 3 } this OID is obsolete -- the System group -- -- a collection of objects common to all managed systems. system OBJECT IDENTIFIER ::= { mib-2 1 } sysDescr OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "A textual description of the entity. This value should include the full name and version identification of the system's hardware type, software operating-system, and networking software." ::= { system 1 } SNMPv3 Working Group Expires December 2001 [Page 5] Internet Draft Protocol Operations for SNMP 14 July 2000 sysObjectID OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-only STATUS current DESCRIPTION "The vendor's authoritative identification of the network management subsystem contained in the entity. This value is allocated within the SMI enterprises subtree (1.3.6.1.4.1) and provides an easy and unambiguous means for determining `what kind of box' is being managed. For example, if vendor `Flintstones, Inc.' was assigned the subtree 1.3.6.1.4.1.424242, it could assign the identifier 1.3.6.1.4.1.424242.1.1 to its `Fred Router'." ::= { system 2 } sysUpTime OBJECT-TYPE SYNTAX TimeTicks MAX-ACCESS read-only STATUS current DESCRIPTION "The time (in hundredths of a second) since the network management portion of the system was last re-initialized." ::= { system 3 } sysContact OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) MAX-ACCESS read-write STATUS current DESCRIPTION "The textual identification of the contact person for this managed node, together with information on how to contact this person. If no contact information is known, the value is the zero-length string." ::= { system 4 } sysName OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) MAX-ACCESS read-write STATUS current DESCRIPTION "An administratively-assigned name for this managed node. By convention, this is the node's fully-qualified domain name. If the name is unknown, the value is the zero-length string." ::= { system 5 } SNMPv3 Working Group Expires December 2001 [Page 6] Internet Draft Protocol Operations for SNMP 14 July 2000 sysLocation OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) MAX-ACCESS read-write STATUS current DESCRIPTION "The physical location of this node (e.g., 'telephone closet, 3rd floor'). If the location is unknown, the value is the zero-length string." ::= { system 6 } sysServices OBJECT-TYPE SYNTAX INTEGER (0..127) MAX-ACCESS read-only STATUS current DESCRIPTION "A value which indicates the set of services that this entity may potentially offer. The value is a sum. This sum initially takes the value zero. Then, for each layer, L, in the range 1 through 7, that this node performs transactions for, 2 raised to (L - 1) is added to the sum. For example, a node which performs only routing functions would have a value of 4 (2^(3-1)). In contrast, a node which is a host offering application services would have a value of 72 (2^(4-1) + 2^(7-1)). Note that in the context of the Internet suite of protocols, values should be calculated accordingly: layer functionality 1 physical (e.g., repeaters) 2 datalink/subnetwork (e.g., bridges) 3 internet (e.g., supports the IP) 4 end-to-end (e.g., supports the TCP) 7 applications (e.g., supports the SMTP) For systems including OSI protocols, layers 5 and 6 may also be counted." ::= { system 7 } -- object resource information -- -- a collection of objects which describe the SNMP entity's -- (statically and dynamically configurable) support of -- various MIB modules. SNMPv3 Working Group Expires December 2001 [Page 7] Internet Draft Protocol Operations for SNMP 14 July 2000 sysORLastChange OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime at the time of the most recent change in state or value of any instance of sysORID." ::= { system 8 } sysORTable OBJECT-TYPE SYNTAX SEQUENCE OF SysOREntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The (conceptual) table listing the capabilities of the local SNMP application acting as a command responder with respect to various MIB modules. SNMP entities having dynamically-configurable support of MIB modules will have a dynamically-varying number of conceptual rows." ::= { system 9 } sysOREntry OBJECT-TYPE SYNTAX SysOREntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (conceptual row) in the sysORTable." INDEX { sysORIndex } ::= { sysORTable 1 } SysOREntry ::= SEQUENCE { sysORIndex INTEGER, sysORID OBJECT IDENTIFIER, sysORDescr DisplayString, sysORUpTime TimeStamp } sysORIndex OBJECT-TYPE SYNTAX INTEGER (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The auxiliary variable used for identifying instances of the columnar objects in the sysORTable." ::= { sysOREntry 1 } SNMPv3 Working Group Expires December 2001 [Page 8] Internet Draft Protocol Operations for SNMP 14 July 2000 sysORID OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-only STATUS current DESCRIPTION "An authoritative identification of a capabilities statement with respect to various MIB modules supported by the local SNMP application acting as a command responder." ::= { sysOREntry 2 } sysORDescr OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "A textual description of the capabilities identified by the corresponding instance of sysORID." ::= { sysOREntry 3 } sysORUpTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime at the time this conceptual row was last instantiated." ::= { sysOREntry 4 } -- the SNMP group -- -- a collection of objects providing basic instrumentation and -- control of an SNMP entity. snmp OBJECT IDENTIFIER ::= { mib-2 11 } snmpInPkts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of messages delivered to the SNMP entity from the transport service." ::= { snmp 1 } SNMPv3 Working Group Expires December 2001 [Page 9] Internet Draft Protocol Operations for SNMP 14 July 2000 snmpInBadVersions OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of SNMP messages which were delivered to the SNMP entity and were for an unsupported SNMP version." ::= { snmp 3 } snmpInBadCommunityNames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of community-based SNMP messages (for example, SNMPv1) delivered to the SNMP entity which used an SNMP community name not known to said entity. Also, implementations which authenticate community-based SNMP messages using check(s) in addition to matching the community name (for example, by also checking whether the message originated from a transport address allowed to use a specified community name) MAY include in this value the number of messages which failed the additional check(s). It is strongly RECOMMENDED that the documentation for any security model which is used to authenticate community-based SNMP messages specify the precise conditions that contribute to this value." ::= { snmp 4 } snmpInBadCommunityUses OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of community-based SNMP messages (for example, SNMPv1) delivered to the SNMP entity which represented an SNMP operation that was not allowed for the SNMP community named in the message. The precise conditions under which this counter is incremented (if at all) depend on how the SNMP entity implements its access control mechanism and how its applications interact with that access control mechanism. It is strongly RECOMMENDED that the documentation for any access control mechanism which is used to control access to and visibility of MIB instrumentation specify the precise conditions that contribute to this value." ::= { snmp 5 } SNMPv3 Working Group Expires December 2001 [Page 10] Internet Draft Protocol Operations for SNMP 14 July 2000 snmpInASNParseErrs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of ASN.1 or BER errors encountered by the SNMP entity when decoding received SNMP messages." ::= { snmp 6 } snmpEnableAuthenTraps OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates whether the SNMP entity is permitted to generate authenticationFailure traps. The value of this object overrides any configuration information; as such, it provides a means whereby all authenticationFailure traps may be disabled. Note that it is strongly recommended that this object be stored in non-volatile memory so that it remains constant across re-initializations of the network management system." ::= { snmp 30 } snmpSilentDrops OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of Confirmed Class PDUs (such as GetRequest-PDUs, GetNextRequest-PDUs, GetBulkRequest-PDUs, SetRequest-PDUs, and InformRequest-PDUs) delivered to the SNMP entity which were silently dropped because the size of a reply containing an alternate Response Class PDU (such as a Response-PDU) with an empty variable-bindings field was greater than either a local constraint or the maximum message size associated with the originator of the request." ::= { snmp 31 } SNMPv3 Working Group Expires December 2001 [Page 11] Internet Draft Protocol Operations for SNMP 14 July 2000 snmpProxyDrops OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of Confirmed Class PDUs (such as GetRequest-PDUs, GetNextRequest-PDUs, GetBulkRequest-PDUs, SetRequest-PDUs, and InformRequest-PDUs) delivered to the SNMP entity which were silently dropped because the transmission of the (possibly translated) message to a proxy target failed in a manner (other than a time-out) such that no Response Class PDU (such as a Response-PDU) could be returned." ::= { snmp 32 } -- information for notifications -- -- a collection of objects which allow the SNMP entity, when -- supporting a notification originator application, -- to be configured to generate SNMPv2-Trap-PDUs. snmpTrap OBJECT IDENTIFIER ::= { snmpMIBObjects 4 } snmpTrapOID OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The authoritative identification of the notification currently being sent. This variable occurs as the second varbind in every SNMPv2-Trap-PDU and InformRequest-PDU." ::= { snmpTrap 1 } -- ::= { snmpTrap 2 } this OID is obsolete snmpTrapEnterprise OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The authoritative identification of the enterprise associated with the trap currently being sent. When an SNMP proxy agent is mapping an RFC1157 Trap-PDU into a SNMPv2-Trap-PDU, this variable occurs as the SNMPv3 Working Group Expires December 2001 [Page 12] Internet Draft Protocol Operations for SNMP 14 July 2000 last varbind." ::= { snmpTrap 3 } -- ::= { snmpTrap 4 } this OID is obsolete -- well-known traps snmpTraps OBJECT IDENTIFIER ::= { snmpMIBObjects 5 } coldStart NOTIFICATION-TYPE STATUS current DESCRIPTION "A coldStart trap signifies that the SNMP entity, supporting a notification originator application, is reinitializing itself and that its configuration may have been altered." ::= { snmpTraps 1 } warmStart NOTIFICATION-TYPE STATUS current DESCRIPTION "A warmStart trap signifies that the SNMP entity, supporting a notification originator application, is reinitializing itself such that its configuration is unaltered." ::= { snmpTraps 2 } -- Note the linkDown NOTIFICATION-TYPE ::= { snmpTraps 3 } -- and the linkUp NOTIFICATION-TYPE ::= { snmpTraps 4 } -- are defined in RFC 2233 [RFC2233] authenticationFailure NOTIFICATION-TYPE STATUS current DESCRIPTION "An authenticationFailure trap signifies that the SNMP entity has received a protocol message that is not properly authenticated. While all implementations of SNMP entities MAY be capable of generating this trap, the snmpEnableAuthenTraps object indicates whether this trap will be generated." ::= { snmpTraps 5 } -- Note the egpNeighborLoss notification is defined -- as { snmpTraps 6 } in RFC 1213 -- the set group -- SNMPv3 Working Group Expires December 2001 [Page 13] Internet Draft Protocol Operations for SNMP 14 July 2000 -- a collection of objects which allow several cooperating -- command generator applications to coordinate their use of the -- set operation. snmpSet OBJECT IDENTIFIER ::= { snmpMIBObjects 6 } snmpSetSerialNo OBJECT-TYPE SYNTAX TestAndIncr MAX-ACCESS read-write STATUS current DESCRIPTION "An advisory lock used to allow several cooperating command generator applications to coordinate their use of the SNMP set operation. This object is used for coarse-grain coordination. To achieve fine-grain coordination, one or more similar objects might be defined within each MIB group, as appropriate." ::= { snmpSet 1 } -- conformance information snmpMIBConformance OBJECT IDENTIFIER ::= { snmpMIB 2 } snmpMIBCompliances OBJECT IDENTIFIER ::= { snmpMIBConformance 1 } snmpMIBGroups OBJECT IDENTIFIER ::= { snmpMIBConformance 2 } -- compliance statements -- ::= { snmpMIBCompliances 1 } this OID is obsolete snmpBasicCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMP entities which implement this MIB module." MODULE -- this module MANDATORY-GROUPS { snmpGroup, snmpSetGroup, systemGroup, snmpBasicNotificationsGroup } GROUP snmpCommunityGroup DESCRIPTION "This group is mandatory for SNMP entities which SNMPv3 Working Group Expires December 2001 [Page 14] Internet Draft Protocol Operations for SNMP 14 July 2000 support community-based authentication." ::= { snmpMIBCompliances 2 } -- units of conformance -- ::= { snmpMIBGroups 1 } this OID is obsolete -- ::= { snmpMIBGroups 2 } this OID is obsolete -- ::= { snmpMIBGroups 3 } this OID is obsolete -- ::= { snmpMIBGroups 4 } this OID is obsolete snmpGroup OBJECT-GROUP OBJECTS { snmpInPkts, snmpInBadVersions, snmpInASNParseErrs, snmpSilentDrops, snmpProxyDrops, snmpEnableAuthenTraps } STATUS current DESCRIPTION "A collection of objects providing basic instrumentation and control of an SNMP entity." ::= { snmpMIBGroups 8 } snmpCommunityGroup OBJECT-GROUP OBJECTS { snmpInBadCommunityNames, snmpInBadCommunityUses } STATUS current DESCRIPTION "A collection of objects providing basic instrumentation of a SNMP entity which supports community-based authentication." ::= { snmpMIBGroups 9 } snmpSetGroup OBJECT-GROUP OBJECTS { snmpSetSerialNo } STATUS current DESCRIPTION "A collection of objects which allow several cooperating command generator applications to coordinate their use of the set operation." ::= { snmpMIBGroups 5 } SNMPv3 Working Group Expires December 2001 [Page 15] Internet Draft Protocol Operations for SNMP 14 July 2000 systemGroup OBJECT-GROUP OBJECTS { sysDescr, sysObjectID, sysUpTime, sysContact, sysName, sysLocation, sysServices, sysORLastChange, sysORID, sysORUpTime, sysORDescr } STATUS current DESCRIPTION "The system group defines objects which are common to all managed systems." ::= { snmpMIBGroups 6 } snmpBasicNotificationsGroup NOTIFICATION-GROUP NOTIFICATIONS { coldStart, authenticationFailure } STATUS current DESCRIPTION "The two notifications which an SNMP entity supporting notification originator applications is required to implement." ::= { snmpMIBGroups 7 } snmpAdditionalNotificationsGroup NOTIFICATION-GROUP NOTIFICATIONS { warmStart } STATUS current DESCRIPTION "The notifications which an SNMP entity supporting notification originator applications is required to implement if it is able to reinitialize itself such that its configuration is unaltered." ::= { snmpMIBGroups 11 } notificationGroup OBJECT-GROUP OBJECTS { snmpTrapOID, snmpTrapEnterprise } STATUS current DESCRIPTION "These objects are required for entities which support notification originator applications." ::= { snmpMIBGroups 12 } -- definitions in RFC 1213 made obsolete by the inclusion of a -- subset of the snmp group in this MIB SNMPv3 Working Group Expires December 2001 [Page 16] Internet Draft Protocol Operations for SNMP 14 July 2000 snmpOutPkts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Messages which were passed from the SNMP protocol entity to the transport service." ::= { snmp 2 } -- { snmp 7 } is not used snmpInTooBigs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP PDUs which were delivered to the SNMP protocol entity and for which the value of the error-status field was `tooBig'." ::= { snmp 8 } snmpInNoSuchNames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP PDUs which were delivered to the SNMP protocol entity and for which the value of the error-status field was `noSuchName'." ::= { snmp 9 } snmpInBadValues OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP PDUs which were delivered to the SNMP protocol entity and for which the value of the error-status field was `badValue'." ::= { snmp 10 } SNMPv3 Working Group Expires December 2001 [Page 17] Internet Draft Protocol Operations for SNMP 14 July 2000 snmpInReadOnlys OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number valid SNMP PDUs which were delivered to the SNMP protocol entity and for which the value of the error-status field was `readOnly'. It should be noted that it is a protocol error to generate an SNMP PDU which contains the value `readOnly' in the error-status field, as such this object is provided as a means of detecting incorrect implementations of the SNMP." ::= { snmp 11 } snmpInGenErrs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP PDUs which were delivered to the SNMP protocol entity and for which the value of the error-status field was `genErr'." ::= { snmp 12 } snmpInTotalReqVars OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of MIB objects which have been retrieved successfully by the SNMP protocol entity as the result of receiving valid SNMP Get-Request and Get-Next PDUs." ::= { snmp 13 } snmpInTotalSetVars OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of MIB objects which have been altered successfully by the SNMP protocol entity as the result of receiving valid SNMP Set-Request PDUs." ::= { snmp 14 } SNMPv3 Working Group Expires December 2001 [Page 18] Internet Draft Protocol Operations for SNMP 14 July 2000 snmpInGetRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Get-Request PDUs which have been accepted and processed by the SNMP protocol entity." ::= { snmp 15 } snmpInGetNexts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Get-Next PDUs which have been accepted and processed by the SNMP protocol entity." ::= { snmp 16 } snmpInSetRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Set-Request PDUs which have been accepted and processed by the SNMP protocol entity." ::= { snmp 17 } snmpInGetResponses OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Get-Response PDUs which have been accepted and processed by the SNMP protocol entity." ::= { snmp 18 } snmpInTraps OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Trap PDUs which have been accepted and processed by the SNMP protocol entity." ::= { snmp 19 } SNMPv3 Working Group Expires December 2001 [Page 19] Internet Draft Protocol Operations for SNMP 14 July 2000 snmpOutTooBigs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP PDUs which were generated by the SNMP protocol entity and for which the value of the error-status field was `tooBig.'" ::= { snmp 20 } snmpOutNoSuchNames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP PDUs which were generated by the SNMP protocol entity and for which the value of the error-status was `noSuchName'." ::= { snmp 21 } snmpOutBadValues OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP PDUs which were generated by the SNMP protocol entity and for which the value of the error-status field was `badValue'." ::= { snmp 22 } -- { snmp 23 } is not used snmpOutGenErrs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP PDUs which were generated by the SNMP protocol entity and for which the value of the error-status field was `genErr'." ::= { snmp 24 } SNMPv3 Working Group Expires December 2001 [Page 20] Internet Draft Protocol Operations for SNMP 14 July 2000 snmpOutGetRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Get-Request PDUs which have been generated by the SNMP protocol entity." ::= { snmp 25 } snmpOutGetNexts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Get-Next PDUs which have been generated by the SNMP protocol entity." ::= { snmp 26 } snmpOutSetRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Set-Request PDUs which have been generated by the SNMP protocol entity." ::= { snmp 27 } snmpOutGetResponses OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Get-Response PDUs which have been generated by the SNMP protocol entity." ::= { snmp 28 } snmpOutTraps OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS obsolete DESCRIPTION "The total number of SNMP Trap PDUs which have been generated by the SNMP protocol entity." ::= { snmp 29 } SNMPv3 Working Group Expires December 2001 [Page 21] Internet Draft Protocol Operations for SNMP 14 July 2000 snmpObsoleteGroup OBJECT-GROUP OBJECTS { snmpOutPkts, snmpInTooBigs, snmpInNoSuchNames, snmpInBadValues, snmpInReadOnlys, snmpInGenErrs, snmpInTotalReqVars, snmpInTotalSetVars, snmpInGetRequests, snmpInGetNexts, snmpInSetRequests, snmpInGetResponses, snmpInTraps, snmpOutTooBigs, snmpOutNoSuchNames, snmpOutBadValues, snmpOutGenErrs, snmpOutGetRequests, snmpOutGetNexts, snmpOutSetRequests, snmpOutGetResponses, snmpOutTraps } STATUS obsolete DESCRIPTION "A collection of objects from RFC 1213 made obsolete by this MIB module." ::= { snmpMIBGroups 10 } END 4. Notice on Intellectual Property The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards-related documentation can be found in BCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification can be obtained from the IETF Secretariat. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director. 5. Acknowledgments This document is the product of the SNMPv3 Working Group. Some special thanks are in order to the following Working Group members: Randy Bush Jeffrey D. Case Mike Daniele SNMPv3 Working Group Expires December 2001 [Page 22] Internet Draft Protocol Operations for SNMP 14 July 2000 Rob Frye Lauren Heintz Keith McCloghrie Russ Mundy David T. Perkins Randy Presuhn Aleksey Romanov Juergen Schoenwaelder Bert Wijnen This version of the document, edited by Randy Presuhn, was initially based on the work of a design team whose members were: Jeffrey D. Case Keith McCloghrie David T. Perkins Randy Presuhn Juergen Schoenwaelder The previous versions of this document, edited by Keith McCloghrie, was the result of significant work by four major contributors: Jeffrey D. Case Keith McCloghrie Marshall T. Rose Steven Waldbusser Additionally, the contributions of the SNMPv2 Working Group to the previous versions are also acknowledged. In particular, a special thanks is extended for the contributions of: Alexander I. Alten Dave Arneson Uri Blumenthal Doug Book Kim Curran Jim Galvin Maria Greene Iain Hanson Dave Harrington Nguyen Hien Jeff Johnson Michael Kornegay Deirdre Kostick David Levi Daniel Mahoney Bob Natale Brian O'Keefe SNMPv3 Working Group Expires December 2001 [Page 23] Internet Draft Protocol Operations for SNMP 14 July 2000 Andrew Pearson Dave Perkins Randy Presuhn Aleksey Romanov Shawn Routhier Jon Saperia Juergen Schoenwaelder Bob Stewart Kaj Tesink Glenn Waters Bert Wijnen 6. Security Considerations There are a number of management objects defined in this MIB that have a MAX-ACCESS clause of read-write. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. SNMPv1 by itself is not a secure environment. Even if the network itself is secure (for example by using IPSec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change) the objects in this MIB. It is recommended that the implementors consider the security features as provided by the SNMPv3 framework. Specifically, the use of the User-based Security Model RFC 2574 [RFC2574] and the View- based Access Control Model RFC 2575 [RFC2575] is recommended. It is then a customer/user responsibility to ensure that the SNMP entity giving access to an instance of this MIB, is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change) them. 7. References [RFC1155] Rose, M., and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based Internets", STD 16, RFC 1155, May 1990. [RFC1157] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network Management Protocol", STD 15, RFC 1157, May 1990. [RFC1212] Rose, M., and K. McCloghrie, "Concise MIB Definitions", STD 16, RFC 1212, March 1991. SNMPv3 Working Group Expires December 2001 [Page 24] Internet Draft Protocol Operations for SNMP 14 July 2000 [RFC1213] McCloghrie, K., and M. Rose, "Management Information Base for Network Management of TCP/IP-based internets: MIB- II", STD 16, RFC 1213, March 1991. [RFC1215] Rose, M., "A Convention for Defining Traps for use with the SNMP", RFC 1215, March 1991. [RFC1901] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, January 1996. [RFC2233] McCloghrie, K., and F. Kastenholz, "The Interfaces Group MIB using SMIv2", RFC 2233, November 1997. [RFC2570] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction to Version 3 of the Internet-standard Network Management Framework", RFC 2570, April 1999. [RFC2571] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing SNMP Management Frameworks", RFC 2571, April 1999. [RFC2572] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2572, April 1999. [RFC2573] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC 2573, April 1999. [RFC2574] Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2574, April 1999. [RFC2575] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2575, April 1999. [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., SNMPv3 Working Group Expires December 2001 [Page 25] Internet Draft Protocol Operations for SNMP 14 July 2000 Rose, M., and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. [RFC-TM] Presuhn, R., Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport Mappings for the Simple Network Management Protocol", , July 2000. [RFC-PROTO] Presuhn, R., Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol Operations for the Simple Network Management Protocol", , July 2000. 8. Editor's Address Randy Presuhn BMC Software, Inc. 2141 North First Street San Jose, CA 95131 USA Phone: +1 408 546 1006 EMail: randy_presuhn@bmc.com 9. Changes from RFC 1907 These are the changes from RFC 1907: - Corrected typo in copyright statement; - Updated copyright date; - Updated with new editor's name and contact information; - Cosmetic fixes to layout and typography; - Changed title; - Replace introduction with current MIB boilerplate; - Updated references; - Fixed typo in sysORUpTime; - Re-worded description of snmpSilentDrops; - Updated reference to RFC 1573 to 2233; SNMPv3 Working Group Expires December 2001 [Page 26] Internet Draft Protocol Operations for SNMP 14 July 2000 - Added IPR boilerplate as required by RFC 2026; - Weakened authenticationFailure description from MUST to MAY, clarified that it pertains to all SNMP entities; - Clarified descriptions of snmpInBadCommunityNames and snmpInBadCommunityUses; - Updated module-identity and contact information; - Updated the acknowledgements section; - Replaced references to "manager role", "agent role" and "SNMPv2 entity" with appropriate terms from RFC 2571; - Updated document headers and footers; - Added security considerations, based on current recommendations for MIB modules. - Added NOTIFICATION-GROUP and OBJECT-GROUP constructs for NOTIFICATION-TYPEs and OBJECT-TYPEs that were left unreferenced in RFC 1907. - Fixed typos in sysServices DESCRIPTION. - Changed description of snmpProxyDrops to use terms from architecture. - Changed value used in example for sysObjectID. - Added an abstract. 10. Issues This section is to be deleted when it is time to publish this document as an RFC. The issue labels are the same as those used in the on-line issues list at ftp://amethyst.bmc.com/pub/snmpv3/Update567/rfc1907/index.html 1907-01 Done; title changed. 1907-02 Done; replaced introduction with current MIB boilerplate. 1907-03 Done; resolution was to make no change. 1907-04 Done; replaced occurrences of "SNMPv2 entity", SNMPv3 Working Group Expires December 2001 [Page 27] Internet Draft Protocol Operations for SNMP 14 July 2000 "manager role", and "agent role" with appropriate terms from architecture. 1907-05 Done; typo fixed. 1907-06 Done; resolution was to make no change. 1907-07 Done; description of snmpSilentDrops updated. 1907-08 Done; reference to RFC 1573 replaced with reference to RFC 2233. 1907-09 Done; resolution was to make no change. 1907-10 Done; resolution was to make no change. 1907-11 Done; resolution was to make no change. 1907-12 Done; added security considerations based on recommended text from http://www.ops.ietf.org/ 1907-13 Done; references and acknowledgements updated. 1907-14 Done; IPR boilerplate aligned with RFC 2026. 1907-15 Done; authenticationFailure weakened to MAY but permitted for all protocol versions. 1907-16 Done; resolution was to make no change. 1907-17 Done; clarified descriptions of snmpInBadCommunityNames and snmpInBadCommunityUses. 1907-18 Done; resolution was to make no change. 1907-19 Done; conformance material added. 1907-20 Done; resolution was to make no change. 11. Full Copyright Statement Copyright (C) The Internet Society (2000). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are SNMPv3 Working Group Expires December 2001 [Page 28] Internet Draft Protocol Operations for SNMP 14 July 2000 included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SNMPv3 Working Group Expires December 2001 [Page 29]