Network Working Group F. Strauss Internet-Draft J. Schoenwaelder Expires: May 11, 2001 TU Braunschweig K. McCloghrie Cisco Systems, Inc. November 10, 2000 SMIng Core Modules draft-irtf-nmrg-sming-modules-00.txt Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on May 11, 2001. Abstract This memo is a companion document for the SMIng specification [1]. It presents three core modules that contain core definitions common for all SMIng modules. Copyright Notice Copyright (C) The Internet Society (2000). All Rights Reserved. Strauss, et. al. Expires May 11, 2001 [Page 1] Internet-Draft SMIng Modules November 2000 Table of Contents 1. SMIng Core Modules . . . . . . . . . . . . . . . . . . . . . . 3 1.1 IRTF-NMRG-SMING . . . . . . . . . . . . . . . . . . . . . . . 3 1.2 IRTF-NMRG-SMING-TYPES . . . . . . . . . . . . . . . . . . . . 4 1.3 IRTF-NMRG-SMING-EXTENSIONS . . . . . . . . . . . . . . . . . . 24 2. Security Considerations . . . . . . . . . . . . . . . . . . . 26 References . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 28 Strauss, et. al. Expires May 11, 2001 [Page 2] Internet-Draft SMIng Modules November 2000 1. SMIng Core Modules MIB modules, either SMIv1, SMIv2 or SMIng, are built on top of some core definitions. These core definitions are imported from some "well-defined" core modules. In case of SMIng, there are three core modules: 1. IRTF-NMRG-SMING, which defines a special node, named `zeroDotZero' that may be used by objects of type `ObjectIdentifier' as a null value, and a core set of 18 nodes near the root of the object identifier tree. Only some of those core nodes are significant for the Internet management and have been described in [1]. 2. IRTF-NMRG-SMING-TYPES, which defines SMIng data types. Regarding to their origin, these types can be divided into two groups: those being ASN.1 application types defined as SMIv2 core types [3] and those being textual conventions in SMIv2 [4]. For use in SMIng, there is no need to care about these differences, though it might be useful in SNMP applications, to know that some types are distinguishable "on the wire" and others are not. 3. IRTF-NMRG-SMING-EXTENSIONS, which defines proposed SMIng extensions. At this moment, there is only one extension, the `agentcaps' statement. See the SMIng Language Extensibility Section of [1] for details on extensions. Opposed to SMIv2, `agentcaps' is not a core construct in SMIng, since in practice in SMIv2 AGENT-CAPABILITIES statements are rarely used and regarded as an improper technique to make agent capabilities statements available at the manager side. 1.1 IRTF-NMRG-SMING module IRTF-NMRG-SMING { // // $RCSfile: IRTF-NMRG-SMING,v $ // $Revision: 1.2 $ // $Author: strauss $ // $Date: 2000/02/13 22:11:43 $ // organization "IRTF Network Management Research Group (NMRG), Network Management Group, TU Braunschweig"; contact " Frank Strauss Postal: TU Braunschweig Bueltenweg 74/75 Strauss, et. al. Expires May 11, 2001 [Page 3] Internet-Draft SMIng Modules November 2000 38106 Braunschweig Germany Phone: +49 531 391-3266 EMail: strauss@ibr.cs.tu-bs.de"; description "Core node definitions for SMIng."; revision { date "2000-02-13"; description "SMIng grammar dropped module identity objects."; }; revision { date "1999-05-07"; description "Initial Revision."; }; node ccitt { oid 0; }; node zeroDotZero { oid 0.0; description "A value used for null identifiers."; }; node iso { oid 1; }; node org { oid iso.3; }; node dod { oid org.6; }; node internet { oid dod.1; }; node directory { oid internet.1; }; node mgmt { oid internet.2; }; node mib-2 { oid mgmt.1; }; node transmission { oid mib-2.10; }; node experimental { oid internet.3; }; node private { oid internet.4; }; node enterprises { oid private.1; }; node security { oid internet.5; }; node snmpV2 { oid internet.6; }; node snmpDomains { oid snmpV2.1; }; node snmpProxys { oid snmpV2.2; }; node snmpModules { oid snmpV2.3; }; node joint-iso-ccitt { oid 2; }; }; 1.2 IRTF-NMRG-SMING-TYPES module IRTF-NMRG-SMING-TYPES { Strauss, et. al. Expires May 11, 2001 [Page 4] Internet-Draft SMIng Modules November 2000 // // $RCSfile: IRTF-NMRG-SMING-TYPES,v $ // $Revision: 1.5 $ // $Author: strauss $ // $Date: 2000/10/19 16:11:55 $ // organization "IRTF Network Management Research Group (NMRG), Network Management Group, TU Braunschweig"; contact " Frank Strauss Postal: TU Braunschweig Bueltenweg 74/75 38106 Braunschweig Germany Phone: +49 531 391-3266 EMail: strauss@ibr.cs.tu-bs.de"; description "Core type definitions for SMIng."; revision { date "2000-10-19"; description "Special semantics and default value of 8 or 11 zero bytes for the DateAndTime type."; }; revision { date "2000-02-13"; description "SMIng grammar dropped module identity objects."; }; revision { date "1999-05-07"; description "Initial Revision."; }; typedef Gauge32 { type Unsigned32; description "The Gauge32 type represents a non-negative integer, which may increase or decrease, but shall never exceed a maximum value, nor fall below a minimum value. The maximum value can not be greater than 2^32-1 (4294967295 decimal), and the minimum value can not be smaller than 0. The value of a Gauge32 has its maximum value whenever the information being modeled is greater than or equal to its Strauss, et. al. Expires May 11, 2001 [Page 5] Internet-Draft SMIng Modules November 2000 maximum value, and has its minimum value whenever the information being modeled is smaller than or equal to its minimum value. If the information being modeled subsequently decreases below (increases above) the maximum (minimum) value, the Gauge32 also decreases (increases). (Note that despite of the use of the term `latched' in the original definition of this type, it does not become `stuck' at its maximum or minimum value.)"; reference "RFC 2578, Sections 2. and 7.1.7."; }; typedef Counter32 { type Unsigned32; description "The Counter32 type represents a non-negative integer which monotonically increases until it reaches a maximum value of 2^32-1 (4294967295 decimal), when it wraps around and starts increasing again from zero. Counters have no defined `initial' value, and thus, a single value of a Counter has (in general) no information content. Discontinuities in the monotonically increasing value normally occur at re-initialization of the management system, and at other times as specified in the description of an object using this type. If such other times can occur, for example, the creation of an object instance at times other than re-initialization, then a corresponding object should be defined, with an appropriate type, to indicate the last discontinuity. Examples of appropriate types include: TimeStamp, DateAndTime or TimeTicks (other types defined in this module). The value of the access statement for objects with a type value of Counter32 should be either `readonly' or `notifyonly'. A default statement should not be used for objects with a type value of Counter32."; reference "RFC 2578, Sections 2. and 7.1.6."; }; typedef Gauge64 { type Unsigned64; description Strauss, et. al. Expires May 11, 2001 [Page 6] Internet-Draft SMIng Modules November 2000 "The Gauge64 type represents a non-negative integer, which may increase or decrease, but shall never exceed a maximum value, nor fall below a minimum value. The maximum value can not be greater than 2^64-1 (18446744073709551615), and the minimum value can not be smaller than 0. The value of a Gauge64 has its maximum value whenever the information being modeled is greater than or equal to its maximum value, and has its minimum value whenever the information being modeled is smaller than or equal to its minimum value. If the information being modeled subsequently decreases below (increases above) the maximum (minimum) value, the Gauge64 also decreases (increases). (Note that despite of the use of the term `latched' in the original definition of this type, it does not become `stuck' at its maximum or minimum value.)"; }; typedef Counter64 { type Unsigned64; description "The Counter64 type represents a non-negative integer which monotonically increases until it reaches a maximum value of 2^64-1 (18446744073709551615), when it wraps around and starts increasing again from zero. Counters have no defined `initial' value, and thus, a single value of a Counter has (in general) no information content. Discontinuities in the monotonically increasing value normally occur at re-initialization of the management system, and at other times as specified in the description of an object using this type. If such other times can occur, for example, the creation of an object instance at times other than re-initialization, then a corresponding object should be defined, with an appropriate type, to indicate the last discontinuity. Examples of appropriate types include: TimeStamp, DateAndTime or TimeTicks (other types defined in this module). The value of the access statement for objects with a type value of Counter64 should be either `readonly' or `notifyonly'. A default statement should not be used for objects with a type value of Counter64."; reference Strauss, et. al. Expires May 11, 2001 [Page 7] Internet-Draft SMIng Modules November 2000 "RFC 2578, Sections 2. and 7.1.10."; }; typedef Opaque { type OctetString; description "The Opaque type is provided solely for backward-compatibility, and shall not be used for newly-defined object types. The Opaque type supports the capability to pass arbitrary ASN.1 syntax. A value is encoded using the ASN.1 Basic Encoding Rules into a string of octets. This, in turn, is encoded as an OctetString, in effect `double-wrapping' the original ASN.1 value. Note that a conforming implementation need only be able to accept and recognize opaquely-encoded data. It need not be able to unwrap the data and then interpret its contents. A requirement on `standard' MIB modules is that no object may have a type value of Opaque."; reference "RFC 2578, Sections 2. and 7.1.9."; }; typedef IpAddress { type OctetString (4); status deprecated; description "******* THIS TYPE DEFINITION IS DEPRECATED ******* The IpAddress type represents a 32-bit internet IPv4 address. It is represented as an OctetString of length 4, in network byte-order. Note that the IpAddress type is present for historical reasons. IPv4 and IPv6 addresses should be represented using the IpAddr type. Generic Network addresses should be represented using a pair of TDomain and TAddress types (all defined in this module)."; reference "RFC 2578, Sections 2. and 7.1.5."; }; typedef TimeTicks { Strauss, et. al. Expires May 11, 2001 [Page 8] Internet-Draft SMIng Modules November 2000 type Unsigned32; description "The TimeTicks type represents a non-negative integer which represents the time, modulo 2^32 (4294967296 decimal), in hundredths of a second between two epochs. When objects are defined which use this type, the description of the object identifies both of the reference epochs. For example, the TimeStamp type (defined in this module) is based on the TimeTicks type. With a TimeStamp, the first reference epoch is defined as the time when SNMPv2-MIB::sysUpTime was zero, and the second reference epoch is defined as the current value of sysUpTime. The TimeTicks type should not be sub-typed."; reference "RFC 2578, Sections 2. and 7.1.8."; }; // // The following type definitions are // conversions of the textual conventions from // the SNMPv2-TC module (RFC 2579), except for // TAddressOrZero, which is not present in // SNMPv2-TC. // typedef DisplayString { type OctetString (0..255); format "255a"; description "Represents textual information taken from the NVT ASCII character set, as defined in pages 4, 10-11 of RFC 854. To summarize RFC 854, the NVT ASCII repertoire specifies: - the use of character codes 0-127 (decimal) - the graphics characters (32-126) are interpreted as US ASCII - NUL, LF, CR, BEL, BS, HT, VT and FF have the special meanings specified in RFC 854 - the other 25 codes have no standard interpretation Strauss, et. al. Expires May 11, 2001 [Page 9] Internet-Draft SMIng Modules November 2000 - the sequence 'CR LF' means newline - the sequence 'CR NUL' means carriage-return - an 'LF' not preceded by a 'CR' means moving to the same column on the next line. - the sequence 'CR x' for any x other than LF or NUL is illegal. (Note that this also means that a string may end with either 'CR LF' or 'CR NUL', but not with CR.) Any object defined using this syntax may not exceed 255 characters in length."; }; typedef PhysAddress { type OctetString; format "1x:"; description "Represents media- or physical-level addresses."; }; typedef MacAddress { type OctetString (6); format "1x:"; description "Represents an 802 MAC address represented in the `canonical' order defined by IEEE 802.1a, i.e., as if it were transmitted least significant bit first, even though 802.5 (in contrast to other 802.x protocols) requires MAC addresses to be transmitted most significant bit first."; }; typedef TruthValue { type Enumeration (true(1), false(2)); description "Represents a boolean value."; }; typedef TestAndIncr { type Integer32 (0..2147483647); description "Represents integer-valued information used for atomic operations. When the management protocol is used to specify that an object instance having this syntax is to be modified, the new value supplied via the management protocol must precisely match the value presently held by the instance. If not, the management protocol set operation fails with an error of `inconsistentValue'. Otherwise, if Strauss, et. al. Expires May 11, 2001 [Page 10] Internet-Draft SMIng Modules November 2000 the current value is the maximum value of 2^31-1 (2147483647 decimal), then the value held by the instance is wrapped to zero; otherwise, the value held by the instance is incremented by one. (Note that regardless of whether the management protocol set operation succeeds, the variable- binding in the request and response PDUs are identical.) The value of the ACCESS clause for objects having this syntax is either `read-write' or `read-create'. When an instance of a columnar object having this syntax is created, any value may be supplied via the management protocol. When the network management portion of the system is re- initialized, the value of every object instance having this syntax must either be incremented from its value prior to the re-initialization, or (if the value prior to the re- initialization is unknown) be set to a pseudo-randomly generated value."; }; typedef AutonomousType { type ObjectIdentifier; description "Represents an independently extensible type identification value. It may, for example, indicate a particular sub-tree with further MIB definitions, or define a particular type of protocol or hardware."; }; typedef InstancePointer { type ObjectIdentifier; status obsolete; description "A pointer to either a specific instance of a MIB object or a conceptual row of a MIB table in the managed device. In the latter case, by convention, it is the name of the particular instance of the first accessible columnar object in the conceptual row. The two uses of this textual convention are replaced by VariablePointer and RowPointer, respectively."; }; typedef VariablePointer { type ObjectIdentifier; description "A pointer to a specific object instance. For example, sysContact.0 or ifInOctets.3."; }; Strauss, et. al. Expires May 11, 2001 [Page 11] Internet-Draft SMIng Modules November 2000 typedef RowPointer { type ObjectIdentifier; description "Represents a pointer to a conceptual row. The value is the name of the instance of the first accessible columnar object in the conceptual row. For example, ifIndex.3 would point to the 3rd row in the ifTable (note that if ifIndex were not-accessible, then ifDescr.3 would be used instead)."; }; typedef RowStatus { type Enumeration (active(1), notInService(2), notReady(3), createAndGo(4), createAndWait(5), destroy(6)); description "The RowStatus textual convention is used to manage the creation and deletion of conceptual rows, and is used as the value of the SYNTAX clause for the status column of a conceptual row (as described in Section 7.7.1 of [2].) The status column has six defined values: - `active', which indicates that the conceptual row is available for use by the managed device; - `notInService', which indicates that the conceptual row exists in the agent, but is unavailable for use by the managed device (see NOTE below); - `notReady', which indicates that the conceptual row exists in the agent, but is missing information necessary in order to be available for use by the managed device; - `createAndGo', which is supplied by a management station wishing to create a new instance of a conceptual row and to have its status automatically set to active, making it available for use by the managed device; - `createAndWait', which is supplied by a management station wishing to create a new instance of a conceptual row (but not make it available for use by the managed device); and, - `destroy', which is supplied by a management station wishing to delete all of the instances associated with Strauss, et. al. Expires May 11, 2001 [Page 12] Internet-Draft SMIng Modules November 2000 an existing conceptual row. Whereas five of the six values (all except `notReady') may be specified in a management protocol set operation, only three values will be returned in response to a management protocol retrieval operation: `notReady', `notInService' or `active'. That is, when queried, an existing conceptual row has only three states: it is either available for use by the managed device (the status column has value `active'); it is not available for use by the managed device, though the agent has sufficient information to make it so (the status column has value `notInService'); or, it is not available for use by the managed device, and an attempt to make it so would fail because the agent has insufficient information (the state column has value `notReady'). NOTE WELL This textual convention may be used for a MIB table, irrespective of whether the values of that table's conceptual rows are able to be modified while it is active, or whether its conceptual rows must be taken out of service in order to be modified. That is, it is the responsibility of the DESCRIPTION clause of the status column to specify whether the status column must not be `active' in order for the value of some other column of the same conceptual row to be modified. If such a specification is made, affected columns may be changed by an SNMP set PDU if the RowStatus would not be equal to `active' either immediately before or after processing the PDU. In other words, if the PDU also contained a varbind that would change the RowStatus value, the column in question may be changed if the RowStatus was not equal to `active' as the PDU was received, or if the varbind sets the status to a value other than 'active'. Also note that whenever any elements of a row exist, the RowStatus column must also exist. To summarize the effect of having a conceptual row with a status column having a SYNTAX clause value of RowStatus, consider the following state diagram: STATE +--------------+-----------+-------------+------------- Strauss, et. al. Expires May 11, 2001 [Page 13] Internet-Draft SMIng Modules November 2000 | A | B | C | D | |status col.|status column| |status column | is | is |status column ACTION |does not exist| notReady | notInService| is active --------------+--------------+-----------+-------------+------------- set status |noError ->D|inconsist- |inconsistent-|inconsistent- column to | or | entValue| Value| Value createAndGo |inconsistent- | | | | Value| | | --------------+--------------+-----------+-------------+------------- set status |noError see 1|inconsist- |inconsistent-|inconsistent- column to | or | entValue| Value| Value createAndWait |wrongValue | | | --------------+--------------+-----------+-------------+------------- set status |inconsistent- |inconsist- |noError |noError column to | Value| entValue| | active | | | | | | or | | | | | | | |see 2 ->D|see 8 ->D| ->D --------------+--------------+-----------+-------------+------------- set status |inconsistent- |inconsist- |noError |noError ->C column to | Value| entValue| | notInService | | | | | | or | | or | | | | | |see 3 ->C| ->C|see 6 --------------+--------------+-----------+-------------+------------- set status |noError |noError |noError |noError ->A column to | | | | or destroy | ->A| ->A| ->A|see 7 --------------+--------------+-----------+-------------+------------- set any other |see 4 |noError |noError |see 5 column to some| | | | value | | see 1| ->C| ->D --------------+--------------+-----------+-------------+------------- (1) goto B or C, depending on information available to the agent. (2) if other variable bindings included in the same PDU, provide values for all columns which are missing but required, then return noError and goto D. (3) if other variable bindings included in the same PDU, provide values for all columns which are missing but required, then return noError and goto C. Strauss, et. al. Expires May 11, 2001 [Page 14] Internet-Draft SMIng Modules November 2000 (4) at the discretion of the agent, the return value may be either: inconsistentName: because the agent does not choose to create such an instance when the corresponding RowStatus instance does not exist, or inconsistentValue: if the supplied value is inconsistent with the state of some other MIB object's value, or noError: because the agent chooses to create the instance. If noError is returned, then the instance of the status column must also be created, and the new state is B or C, depending on the information available to the agent. If inconsistentName or inconsistentValue is returned, the row remains in state A. (5) depending on the MIB definition for the column/table, either noError or inconsistentValue may be returned. (6) the return value can indicate one of the following errors: wrongValue: because the agent does not support createAndWait, or inconsistentValue: because the agent is unable to take the row out of service at this time, perhaps because it is in use and cannot be de-activated. (7) the return value can indicate the following error: inconsistentValue: because the agent is unable to remove the row at this time, perhaps because it is in use and cannot be de-activated. NOTE: Other processing of the set request may result in a response other than noError being returned, e.g., wrongValue, noCreation, etc. Conceptual Row Creation There are four potential interactions when creating a conceptual row: selecting an instance-identifier which is not in use; creating the conceptual row; initializing any Strauss, et. al. Expires May 11, 2001 [Page 15] Internet-Draft SMIng Modules November 2000 objects for which the agent does not supply a default; and, making the conceptual row available for use by the managed device. Interaction 1: Selecting an Instance-Identifier The algorithm used to select an instance-identifier varies for each conceptual row. In some cases, the instance- identifier is semantically significant, e.g., the destination address of a route, and a management station selects the instance-identifier according to the semantics. In other cases, the instance-identifier is used solely to distinguish conceptual rows, and a management station without specific knowledge of the conceptual row might examine the instances present in order to determine an unused instance-identifier. (This approach may be used, but it is often highly sub-optimal; however, it is also a questionable practice for a naive management station to attempt conceptual row creation.) Alternately, the MIB module which defines the conceptual row might provide one or more objects which provide assistance in determining an unused instance-identifier. For example, if the conceptual row is indexed by an integer-value, then an object having an integer-valued SYNTAX clause might be defined for such a purpose, allowing a management station to issue a management protocol retrieval operation. In order to avoid unnecessary collisions between competing management stations, `adjacent' retrievals of this object should be different. Finally, the management station could select a pseudo-random number to use as the index. In the event that this index was already in use and an inconsistentValue was returned in response to the management protocol set operation, the management station should simply select a new pseudo-random number and retry the operation. A MIB designer should choose between the two latter algorithms based on the size of the table (and therefore the efficiency of each algorithm). For tables in which a large number of entries are expected, it is recommended that a MIB object be defined that returns an acceptable index for creation. For tables with small numbers of entries, it is recommended that the latter pseudo-random index mechanism be used. Strauss, et. al. Expires May 11, 2001 [Page 16] Internet-Draft SMIng Modules November 2000 Interaction 2: Creating the Conceptual Row Once an unused instance-identifier has been selected, the management station determines if it wishes to create and activate the conceptual row in one transaction or in a negotiated set of interactions. Interaction 2a: Creating and Activating the Conceptual Row The management station must first determine the column requirements, i.e., it must determine those columns for which it must or must not provide values. Depending on the complexity of the table and the management station's knowledge of the agent's capabilities, this determination can be made locally by the management station. Alternately, the management station issues a management protocol get operation to examine all columns in the conceptual row that it wishes to create. In response, for each column, there are three possible outcomes: - a value is returned, indicating that some other management station has already created this conceptual row. We return to interaction 1. - the exception `noSuchInstance' is returned, indicating that the agent implements the object-type associated with this column, and that this column in at least one conceptual row would be accessible in the MIB view used by the retrieval were it to exist. For those columns to which the agent provides read-create access, the `noSuchInstance' exception tells the management station that it should supply a value for this column when the conceptual row is to be created. - the exception `noSuchObject' is returned, indicating that the agent does not implement the object-type associated with this column or that there is no conceptual row for which this column would be accessible in the MIB view used by the retrieval. As such, the management station can not issue any management protocol set operations to create an instance of this column. Once the column requirements have been determined, a management protocol set operation is accordingly issued. This operation also sets the new instance of the status column to `createAndGo'. Strauss, et. al. Expires May 11, 2001 [Page 17] Internet-Draft SMIng Modules November 2000 When the agent processes the set operation, it verifies that it has sufficient information to make the conceptual row available for use by the managed device. The information available to the agent is provided by two sources: the management protocol set operation which creates the conceptual row, and, implementation-specific defaults supplied by the agent (note that an agent must provide implementation-specific defaults for at least those objects which it implements as read-only). If there is sufficient information available, then the conceptual row is created, a `noError' response is returned, the status column is set to `active', and no further interactions are necessary (i.e., interactions 3 and 4 are skipped). If there is insufficient information, then the conceptual row is not created, and the set operation fails with an error of `inconsistentValue'. On this error, the management station can issue a management protocol retrieval operation to determine if this was because it failed to specify a value for a required column, or, because the selected instance of the status column already existed. In the latter case, we return to interaction 1. In the former case, the management station can re-issue the set operation with the additional information, or begin interaction 2 again using `createAndWait' in order to negotiate creation of the conceptual row. NOTE WELL Regardless of the method used to determine the column requirements, it is possible that the management station might deem a column necessary when, in fact, the agent will not allow that particular columnar instance to be created or written. In this case, the management protocol set operation will fail with an error such as `noCreation' or `notWritable'. In this case, the management station decides whether it needs to be able to set a value for that particular columnar instance. If not, the management station re-issues the management protocol set operation, but without setting a value for that particular columnar instance; otherwise, the management station aborts the row creation algorithm. Interaction 2b: Negotiating the Creation of the Conceptual Row Strauss, et. al. Expires May 11, 2001 [Page 18] Internet-Draft SMIng Modules November 2000 The management station issues a management protocol set operation which sets the desired instance of the status column to `createAndWait'. If the agent is unwilling to process a request of this sort, the set operation fails with an error of `wrongValue'. (As a consequence, such an agent must be prepared to accept a single management protocol set operation, i.e., interaction 2a above, containing all of the columns indicated by its column requirements.) Otherwise, the conceptual row is created, a `noError' response is returned, and the status column is immediately set to either `notInService' or `notReady', depending on whether it has sufficient information to make the conceptual row available for use by the managed device. If there is sufficient information available, then the status column is set to `notInService'; otherwise, if there is insufficient information, then the status column is set to `notReady'. Regardless, we proceed to interaction 3. Interaction 3: Initializing non-defaulted Objects The management station must now determine the column requirements. It issues a management protocol get operation to examine all columns in the created conceptual row. In the response, for each column, there are three possible outcomes: - a value is returned, indicating that the agent implements the object-type associated with this column and had sufficient information to provide a value. For those columns to which the agent provides read-create access (and for which the agent allows their values to be changed after their creation), a value return tells the management station that it may issue additional management protocol set operations, if it desires, in order to change the value associated with this column. - the exception `noSuchInstance' is returned, indicating that the agent implements the object-type associated with this column, and that this column in at least one conceptual row would be accessible in the MIB view used by the retrieval were it to exist. However, the agent does not have sufficient information to provide a value, and until a value is provided, the conceptual row may not be made available for use by the managed device. For those columns to which the agent provides read-create access, the `noSuchInstance' exception tells the management station that it must issue additional management protocol set operations, in Strauss, et. al. Expires May 11, 2001 [Page 19] Internet-Draft SMIng Modules November 2000 order to provide a value associated with this column. - the exception `noSuchObject' is returned, indicating that the agent does not implement the object-type associated with this column or that there is no conceptual row for which this column would be accessible in the MIB view used by the retrieval. As such, the management station can not issue any management protocol set operations to create an instance of this column. If the value associated with the status column is `notReady', then the management station must first deal with all `noSuchInstance' columns, if any. Having done so, the value of the status column becomes `notInService', and we proceed to interaction 4. Interaction 4: Making the Conceptual Row Available Once the management station is satisfied with the values associated with the columns of the conceptual row, it issues a management protocol set operation to set the status column to `active'. If the agent has sufficient information to make the conceptual row available for use by the managed device, the management protocol set operation succeeds (a `noError' response is returned). Otherwise, the management protocol set operation fails with an error of `inconsistentValue'. NOTE WELL A conceptual row having a status column with value `notInService' or `notReady' is unavailable to the managed device. As such, it is possible for the managed device to create its own instances during the time between the management protocol set operation which sets the status column to `createAndWait' and the management protocol set operation which sets the status column to `active'. In this case, when the management protocol set operation is issued to set the status column to `active', the values held in the agent supersede those used by the managed device. If the management station is prevented from setting the status column to `active' (e.g., due to management station or network failure) the conceptual row will be left in the `notInService' or `notReady' state, consuming resources indefinitely. The agent must detect conceptual rows that Strauss, et. al. Expires May 11, 2001 [Page 20] Internet-Draft SMIng Modules November 2000 have been in either state for an abnormally long period of time and remove them. It is the responsibility of the DESCRIPTION clause of the status column to indicate what an abnormally long period of time would be. This period of time should be long enough to allow for human response time (including `think time') between the creation of the conceptual row and the setting of the status to `active'. In the absence of such information in the DESCRIPTION clause, it is suggested that this period be approximately 5 minutes in length. This removal action applies not only to newly- created rows, but also to previously active rows which are set to, and left in, the notInService state for a prolonged period exceeding that which is considered normal for such a conceptual row. Conceptual Row Suspension When a conceptual row is `active', the management station may issue a management protocol set operation which sets the instance of the status column to `notInService'. If the agent is unwilling to do so, the set operation fails with an error of `wrongValue' or `inconsistentValue'. Otherwise, the conceptual row is taken out of service, and a `noError' response is returned. It is the responsibility of the DESCRIPTION clause of the status column to indicate under what circumstances the status column should be taken out of service (e.g., in order for the value of some other column of the same conceptual row to be modified). Conceptual Row Deletion For deletion of conceptual rows, a management protocol set operation is issued which sets the instance of the status column to `destroy'. This request may be made regardless of the current value of the status column (e.g., it is possible to delete conceptual rows which are either `notReady', `notInService' or `active'.) If the operation succeeds, then all instances associated with the conceptual row are immediately removed."; }; typedef TimeStamp { type TimeTicks; description "The value of the sysUpTime object at which a specific occurrence happened. The specific occurrence must be defined in the description of any object defined using this Strauss, et. al. Expires May 11, 2001 [Page 21] Internet-Draft SMIng Modules November 2000 type. When the specific occurrence occurred prior to the last time sysUpTime was zero, then the TimeStamp value is zero. Note that this requires all TimeStamp values to be reset to zero when the value of sysUpTime reaches 497+ days and wraps around to zero."; }; typedef TimeInterval { type Integer32 (0..2147483647); description "A period of time, measured in units of 0.01 seconds."; }; typedef DateAndTime { type OctetString (8 | 11); default 0x0000000000000000000000; format "2d-1d-1d,1d:1d:1d.1d,1a1d:1d"; description "A date-time specification. field octets contents range ----- ------ -------- ----- 1 1-2 year* 0..65536 2 3 month 1..12 3 4 day 1..31 4 5 hour 0..23 5 6 minutes 0..59 6 7 seconds 0..60 (use 60 for leap-second) 7 8 deci-seconds 0..9 8 9 direction from UTC '+' / '-' 9 10 hours from UTC* 0..13 10 11 minutes from UTC 0..59 * Notes: - the value of year is in big-endian encoding - daylight saving time in New Zealand is +13 For example, Tuesday May 26, 1992 at 1:30:15 PM EDT would be displayed as: 1992-5-26,13:30:15.0,-4:0 Note that if only local time is known, then timezone information (fields 8-10) is not present. The two special values of 8 or 11 zero bytes denote an unknown date-time specification."; }; Strauss, et. al. Expires May 11, 2001 [Page 22] Internet-Draft SMIng Modules November 2000 typedef StorageType { type Enumeration (other(1), volatile(2), nonVolatile(3), permanent(4), readOnly(5)); description "Describes the memory realization of a conceptual row. A row which is volatile(2) is lost upon reboot. A row which is either nonVolatile(3), permanent(4) or readOnly(5), is backed up by stable storage. A row which is permanent(4) can be changed but not deleted. A row which is readOnly(5) cannot be changed nor deleted. If the value of an object with this syntax is either permanent(4) or readOnly(5), it cannot be modified. Conversely, if the value is either other(1), volatile(2) or nonVolatile(3), it cannot be modified to be permanent(4) or readOnly(5). (All illegal modifications result in a 'wrongValue' error.) Every usage of this textual convention is required to specify the columnar objects which a permanent(4) row must at a minimum allow to be writable."; }; typedef TDomain { type ObjectIdentifier; description "Denotes a kind of transport service. Some possible values, such as snmpUDPDomain, are defined in the SNMPv2-TM MIB module. Other possible values are defined in other MIB modules." reference "The SNMPv2-TM MIB module is defined in RFC 1906." }; typedef TAddressOrZero { type OctetString (0..255); description "Denotes a transport service address. A TAddress value is always interpreted within the context of a TDomain value. Thus, each definition of a TDomain value must be accompanied by a definition of a textual convention for use with that TDomain. Some possible textual conventions, such as SnmpUDPAddress for snmpUDPDomain, are defined in the SNMPv2-TM MIB module. Other possible textual conventions are defined in other MIB modules. Strauss, et. al. Expires May 11, 2001 [Page 23] Internet-Draft SMIng Modules November 2000 A zero-length TAddress value denotes an unknown transport service address." reference "The SNMPv2-TM MIB module is defined in RFC 1906." }; typedef TAddress { type TAddressOrZero (1..255); description "Denotes a transport service address. This type does not allow a zero-length TAddress value." }; }; 1.3 IRTF-NMRG-SMING-EXTENSIONS module IRTF-NMRG-SMING-EXTENSIONS { // // $RCSfile: IRTF-NMRG-SMING-EXTENSIONS,v $ // $Revision: 1.3 $ // $Author: strauss $ // $Date: 2000/02/13 22:11:43 $ // organization "IRTF Network Management Research Group (NMRG), Network Management Group, TU Braunschweig"; contact " Frank Strauss Postal: TU Braunschweig Bueltenweg 74/75 38106 Braunschweig Germany Phone: +49 531 391-3266 EMail: strauss@ibr.cs.tu-bs.de"; description "Core extension definitions for SMIng."; revision { date "2000-02-13"; description "SMIng grammar dropped module identity objects."; }; revision { date "1999-05-07"; Strauss, et. al. Expires May 11, 2001 [Page 24] Internet-Draft SMIng Modules November 2000 description "Initial Revision."; }; extension agentcaps { status current; description "The agentcaps extension statement is used to describe an agent's deviation from the compliance statements of the modules it implements. It is designed to be compatible with the SMIv2 AGENT-CAPABILITIES macro. The agentcaps extension statement should only be used in the statement body of a module that does not contain any other type or node definitions that do not correspond to an agent implementation."; reference "RFC 2580, Section 6 describes the SMIv2 compatible AGENT-CAPABILITIES macro."; abnf "agentcapsStatement = 'agentcaps' sep lcIdentifier optsep '{' stmtsep oidStatement stmtsep releaseStatement stmtsep *1(statusStatement stmtsep) descriptionStatement stmtsep *1(referenceStatement stmtsep) *(includesStatement stmtsep) '}' optsep ';' includesStatement = 'includes' sep qlcIdentifier optsep '{' stmtsep *(variationStatement stmtsep) '}' optsep ';' variationStatement = 'variation' sep qlcIdentifier optsep '{' stmtsep typeStatement stmtsep writetypeStatement stmtsep accessStatement stmtsep createStatement stmtsep '}' optsep ';' "; }; }; Strauss, et. al. Expires May 11, 2001 [Page 25] Internet-Draft SMIng Modules November 2000 2. Security Considerations This document is a companion of [1] See the security considerations of that document for further information. Strauss, et. al. Expires May 11, 2001 [Page 26] Internet-Draft SMIng Modules November 2000 References [1] Strauss, F., "SMIng - A new Structure of Management Information", November 2000. [2] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", RFC 2119, BCP 14, March 1997. [3] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., Waldbusser, S., "Structure of Management Information Version 2 (SMIv2)", RFC 2578, STD 58, April 1999. [4] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., Waldbusser, S., "Textual Conventions for SMIv2", RFC 2579, STD 59, April 1999. [5] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., Waldbusser, S., "Conformance Statements for SMIv2", RFC 2580, STD 60, April 1999. [6] Rose, M., McCloghrie, K., "Structure and Identification of Management Information for TCP/IP-based Internets", RFC 1155, STD 16, May 1990. [7] Rose, M., McCloghrie, K., "Concise MIB Definitions", RFC 1212, STD 16, March 1991. [8] Rose, M., "A Convention for Defining Traps for use with the SNMP", RFC 1215, March 1991. [9] Crocker, D., Overell, P., "Augmented BNF for Syntax Specifications: ABNF", RFC 2234, November 1997. [10] International Organization for Standardization, "Specification of Abstract Syntax Notation One (ASN.1)", International Standard 8824, December 1987. [11] Harrington, D., Presuhn, R., Wijnen, B., "An Architecture for Describing SNMP Management Frameworks", RFC 2271, January 1999. [12] Institute of Electrical and Electronics Engineers, "IEEE Standard for Binary Floating-Point Arithmetic", ANSI/IEEE Standard 754-1985, August 1985. [13] Yergeau, F., "UTF-8, a transformation format of ISO 10646", RFC 2279, January 1998. [14] Case, J., McCloghrie, K., Rose, M., Waldbusser, S., "Management Information Base for Version 2 of the Simple Strauss, et. al. Expires May 11, 2001 [Page 27] Internet-Draft SMIng Modules November 2000 Network Management Protocol (SNMPv2)", RFC 1907, January 1996. [15] Wijnen, B., Levi, D., "V2ToV1 - Mapping SNMPv2 onto SNMPv1 within a bi-lingual SNMP agent", RFC 2089, January 1997. [16] Rose, M., "Writing I-Ds and RFCs using XML", RFC 2629, June 1999. Authors' Addresses Frank Strauss TU Braunschweig Bueltenweg 74/75 38106 Braunschweig Germany Phone: +49 531 391-3266 EMail: strauss@ibr.cs.tu-bs.de URI: http://www.ibr.cs.tu-bs.de/ Juergen Schoenwaelder TU Braunschweig Bueltenweg 74/75 38106 Braunschweig Germany Phone: +49 531 391-3266 EMail: schoenw@ibr.cs.tu-bs.de URI: http://www.ibr.cs.tu-bs.de/ Keith McCloghrie Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA Phone: +1 408 526 5260 EMail: kzm@cisco.com URI: http://www.cisco.com/ Strauss, et. al. Expires May 11, 2001 [Page 28] Internet-Draft SMIng Modules November 2000 Full Copyright Statement Copyright (C) The Internet Society (2000). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implmentation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Strauss, et. al. Expires May 11, 2001 [Page 29]