Movatterモバイル変換
[0]ホーム
[RFC Home] [TEXT|PDF|HTML] [Tracker] [IPR] [Errata] [Info page]
DRAFT STANDARD
Errata ExistNetwork Working Group S. WaldbusserRequest for Comments: 4502 May 2006Obsoletes:2021Updates:3273Category: Standards TrackRemote Network MonitoringManagement Information BaseVersion 2Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.Copyright Notice Copyright (C) The Internet Society (2006).Abstract This document defines a portion of the Management Information Base (MIB) for use with network management protocols in TCP/IP-based internets. In particular, it defines objects for managing remote network monitoring devices. This document obsoletesRFC 2021, updatesRFC 3273, and contains a new version of the RMON2-MIB module.Waldbusser Standards Track [Page 1]
RFC 4502 Remote Network Monitoring MIB May 2006Table of Contents1. The Internet-Standard Management Framework ......................22. Overview ........................................................22.1. Remote Network Management Goals ............................32.2. Structure of MIB ...........................................43. Control of Remote Network Monitoring Devices ....................63.1. Resource Sharing among Multiple Management Stations ........73.2. Row Addition among Multiple Management Stations ............84. Conventions .....................................................95. RMON 2 Conventions .............................................105.1. Usage of the Term Application Level .......................105.2. Protocol Directory and Limited Extensibility ..............105.3. Errors in Packets .........................................116. Definitions ....................................................117. Security Considerations .......................................1308. Appendix - TimeFilter Implementation Notes ....................1329. Changes sinceRFC 2021 ........................................13810. Acknowledgements .............................................14011. References ...................................................14011.1. Normative References ....................................14011.2. Informative References ..................................1401. The Internet-Standard Management Framework For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer tosection 7 of RFC 3410 [RFC3410]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58,RFC 2578 [RFC2578], STD 58,RFC 2579 [RFC2579] and STD 58,RFC 2580 [RFC2580].2. Overview The RMON2 MIB defines objects that provide RMON analysis up to the application layer. Remote network monitoring devices, often called monitors or probes, are instruments that exist for the purpose of managing a network. Often, these remote probes are stand-alone devices and devote significant internal resources for the sole purpose of managing a network. An organization may employ many of these devices, one perWaldbusser Standards Track [Page 2]
RFC 4502 Remote Network Monitoring MIB May 2006 network segment, to manage its internet. In addition, these devices may be used for a network management service provider to access a client network, which is often geographically remote. The objects defined in this document are intended to serve as an interface between an RMON agent and an RMON management application and are not intended for direct manipulation by humans. While some users may tolerate the direct display of some of these objects, few will tolerate the complexity of manually manipulating objects to accomplish row creation. The management application should handle these functions.2.1. Remote Network Management Goals o Offline Operation There are times when a management station will not be in constant contact with its remote monitoring devices. This sometimes occurs by design, in an attempt to lower communications costs (especially when communicating over a WAN or dialup link), or by accident, as network failures affect the communications between the management station and the probe. For this reason, this MIB allows a probe to be configured to perform diagnostics and to collect statistics continuously, even when communication with the management station may not be possible or efficient. The probe may then attempt to notify the management station when an exceptional condition occurs. Thus, even in circumstances where communication between the management station and probe is not continuous, fault, performance, and configuration information may be continuously accumulated and communicated to the management station conveniently and efficiently. o Proactive Monitoring Given the resources available on the monitor, it is potentially helpful for it to run diagnostics continuously and to log network performance. The monitor is always available at the onset of any failure. It can notify the management station of the failure and can store historical statistical information about the failure. This historical information can be played back by the management station in an attempt to perform further diagnosis of the cause of the problem.Waldbusser Standards Track [Page 3]
RFC 4502 Remote Network Monitoring MIB May 2006 o Problem Detection and Reporting The monitor can be configured to recognize conditions, most notably error conditions, and to check for them continuously. When one of these conditions occurs, the event may be logged, and management stations may be notified in a number of ways. o Value Added Data Because a remote monitoring device represents a network resource dedicated exclusively to network management functions, and because it is located directly on the monitored portion of the network, the remote network monitoring device has the opportunity to add significant value to the data it collects. For instance, by highlighting those hosts on the network that generate the most traffic or errors, the probe can give the management station precisely the information it needs to solve a class of problems. o Multiple Managers An organization may have multiple management stations for different units of the organization, for different functions (e.g., engineering and operations), and in order to provide disaster recovery. Because environments with multiple management stations are common, the remote network monitoring device has to deal with more than one management station, potentially using its resources concurrently.2.2. Structure of MIB The objects are arranged into the following groups: - protocol directory - protocol distribution - address mapping - network layer host - network layer matrix - application layer host - application layer matrix - user historyWaldbusser Standards Track [Page 4]
RFC 4502 Remote Network Monitoring MIB May 2006 - probe configuration These groups are the basic units of conformance. If a remote monitoring device implements a group, then it must implement all objects in that group. For example, a managed agent that implements the network layer matrix group must implement the nlMatrixSDTable and the nlMatrixDSTable. Implementations of this MIB must also implement the IF-MIB [RFC2863]. These groups are defined to provide a means of assigning object identifiers, and to provide a method for managed agents to know which objects they must implement. This document also contains AUGMENTing tables to extend some tables defined in the RMON MIB [RFC2819]. These extensions include the following: 1) Adding the DroppedFrames and LastCreateTime conventions to each table defined in the RMON MIB. 2) Augmenting the RMON filter table with a mechanism that allows filtering based on an offset from the beginning of a particular protocol, even if the protocol headers are of variable length. 3) Augmenting the RMON filter and capture status bits with additional bits for WAN media and generic media. These bits are defined here as follows: Bit Definition 6 For WAN media, this bit is set for packets coming from one direction and cleared for packets coming from the other direction. It is an implementation-specific matter as to which bit is assigned to which direction, but it must be consistent for all packets received by the agent. If the agent knows which end of the link is "local" and which end is "network", the bit should be set for packets from the "local" side and should be cleared for packets from the "network" side. 7 For any media, this bit is set for any packet with a physical layer error. This bit may be set in addition to other media-specific bits that denote the same condition.Waldbusser Standards Track [Page 5]
RFC 4502 Remote Network Monitoring MIB May 2006 8 For any media, this bit is set for any packet that is too short for the media. This bit may be set in addition to other media-specific bits that denote the same condition. 9 For any media, this bit is set for any packet that is too long for the media. This bit may be set in addition to other media-specific bits that denote the same condition. These enhancements are implemented by RMON-2 probes that also implement RMON and do not add any requirements to probes that are compliant to just RMON.3. Control of Remote Network Monitoring Devices Due to the complex nature of the available functions in these devices, the functions often need user configuration. In many cases, the function requires that parameters be set up for a data collection operation. The operation can proceed only after these parameters are fully set up. Many functional groups in this MIB have one or more tables in which to set up control parameters, and one or more data tables in which to place the results of the operation. The control tables are typically read/write in nature, while the data tables are typically read-only. Because the parameters in the control table often describe resulting data in the data table, many of the parameters can be modified only when the control entry is not active. Thus, the method for modifying these parameters is to deactivate the entry, perform the SNMP Set operations to modify the entry, and then reactivate the entry. Deleting the control entry causes the deletion of any associated data entries, which also gives a convenient method for reclaiming the resources used by the associated data. Some objects in this MIB provide a mechanism to execute an action on the remote monitoring device. These objects may execute an action as a result of a change in the state of the object. For those objects in this MIB, a request to set an object to the same value as it currently holds would thus cause no action to occur. To facilitate control by multiple managers, resources have to be shared among the managers. These resources are typically the memory and computation resources that a function requires.Waldbusser Standards Track [Page 6]
RFC 4502 Remote Network Monitoring MIB May 20063.1. Resource Sharing among Multiple Management Stations When multiple management stations wish to use functions that compete for a finite amount of resources on a device, a method to facilitate this sharing of resources is required. Potential conflicts include the following: o Two management stations wish to use resources simultaneously that together would exceed the capability of the device. o A management station uses a significant amount of resources for a long period of time. o A management station uses resources and then crashes, forgetting to free the resources so that others may use them. The OwnerString mechanism is provided for each management station- initiated function in this MIB to avoid these conflicts and to help resolve them when they occur. Each function has a label identifying the initiator (owner) of the function. This label is set by the initiator to provide for the following possibilities: o A management station may recognize resources it owns and no longer needs. o A network operator can find the management station that owns the resource and negotiate for it to be freed. o A network operator may decide unilaterally to free resources another network operator has reserved. o Upon initialization, a management station may recognize resources it had reserved in the past. With this information, it may free the resources if it no longer needs them. Management stations and probes should support any format of the owner string dictated by the local policy of the organization. It is suggested that this name contain one or more of the following: IP address, management station name, network manager's name, location, or phone number. This information will help users share the resources more effectively. There is often default functionality that the device or the administrator of the probe (often the network administrator) wishes to set up. The resources associated with this functionality are then owned by the device itself or by the network administrator, and they are intended to be long-lived. In this case, the device or the administrator will set the relevant owner object to a string startingWaldbusser Standards Track [Page 7]
RFC 4502 Remote Network Monitoring MIB May 2006 with 'monitor'. Indiscriminate modification of the monitor-owned configuration by network management stations is discouraged. In fact, a network management station should only modify these objects under the direction of the administrator of the probe. Resources on a probe are scarce and are typically allocated when control rows are created by an application. Since many applications may be using a probe simultaneously, indiscriminate allocation of resources to particular applications is very likely to cause resource shortages in the probe. When a network management station wishes to utilize a function in a monitor, it is encouraged first to scan the control table of that function to find an instance with similar parameters to share. This is especially true for those instances owned by the monitor, which can be assumed to change infrequently. If a management station decides to share an instance owned by another management station, it should understand that the management station that owns the instance may indiscriminately modify or delete it. Note that a management application should have the most trust in a monitor-owned row, because it should be changed very infrequently. A row owned by the management application is less long-lived because a network administrator is more likely to reassign resources from a row that is in use by one user than those from a monitor-owned row that is potentially in use by many users. A row owned by another application would be even less long-lived because the other application may delete or modify that row completely at its discretion.3.2. Row Addition among Multiple Management Stations The addition of new rows is achieved using the RowStatus Textual Convention [RFC2579]. In this MIB, rows are often added to a table in order to configure a function. This configuration usually involves parameters that control the operation of the function. The agent must check these parameters to make sure they are appropriate given the restrictions defined in this MIB, as well as any implementation-specific restrictions, such as lack of resources. The agent implementor may be confused as to when to check these parameters and when to signal to the management station that the parameters are invalid. There are two opportunities: o When the management station sets each parameter object. o When the management station sets the row status object to active.Waldbusser Standards Track [Page 8]
RFC 4502 Remote Network Monitoring MIB May 2006 If the latter option is chosen, it would be unclear to the management station which of the several parameters was invalid and caused the badValue error to be emitted. Thus, wherever possible, the implementor should choose the former option, as it will provide more information to the management station. A problem can arise when multiple management stations attempt to set configuration information simultaneously using SNMP. When this involves the addition of a new conceptual row in the same control table, the managers may collide, attempting to create the same entry. To guard against these collisions, each such control entry contains a status object with special semantics that help arbitrate among the managers. If an attempt is made with the row addition mechanism to create such a status object and that object already exists, an error is returned. When more than one manager simultaneously attempts to create the same conceptual row, only the first will succeed. The others will receive an error. In the RMON MIB [RFC2819], the EntryStatus textual convention was introduced to provide this mutual exclusion function. Since then, this function was added to the SNMP framework as the RowStatus textual convention. The RowStatus textual convention is used for the definition of all new tables. When a manager wishes to create a new control entry, it needs to choose an index for that row. It may choose this index in a variety of ways, hopefully minimizing the chances that the index is in use by another manager. If the index is in use, the mechanism mentioned previously will guard against collisions. Examples of schemes to choose index values include random selection or scanning the control table while looking for the first unused index. Because index values may be any valid value in the range and are chosen by the manager, the agent must allow a row to be created with any unused index value if it has the resources to create a new row. Some tables in this MIB reference other tables within this MIB. When creating or deleting entries in these tables, it is generally allowable for dangling references to exist. There is no defined order for creating or deleting entries in these tables.4. Conventions The following conventions are used throughout the RMON MIB and its companion documents.Waldbusser Standards Track [Page 9]
RFC 4502 Remote Network Monitoring MIB May 2006 Good Packets Good packets are error-free packets that have a valid frame length. For example, on Ethernet, good packets are error-free packets that are between 64 octets and 1518 octets long. They follow the form defined in IEEE 802.3section 3.2.all. Bad Packets Bad packets are packets that have proper framing and are therefore recognized as packets, but that contain errors within the packet or have an invalid length. For example, on Ethernet, bad packets have a valid preamble and SFD but have a bad CRC, or they are either shorter than 64 octets or longer than 1518 octets.5. RMON 2 Conventions The following practices and conventions are introduced in the RMON 2 MIB.5.1. Usage of the Term "Application Level" There are many cases in this MIB where the term "Application Level" is used to describe a class of protocols or a capability. This does not typically mean a protocol that is an OSI Layer 7 protocol. Rather, it is used to identify a class of protocols that is not limited to MAC-layer and network-layer protocols, but can also include transport, session, presentation, and application-layer protocols.5.2. Protocol Directory and Limited Extensibility Every RMON 2 implementation will have the capability to parse certain types of packets and identify their protocol type at multiple levels. The protocol directory presents an inventory of protocol types the probe is capable of monitoring and allows the addition, deletion, and configuration of protocol types in this list. One concept deserves special attention: the "limited extensibility" of the protocol directory table. Using the RMON 2 model, protocols are detected by static software that has been written at implementation time. Therefore, as a matter of configuration, an implementation cannot suddenly learn how to parse new packet types. However, an implementation may be written such that the software knows where the demultiplexing field is for a particular protocol, and it can be written in such a way that the decoding of the next layer up is table driven. This works when the code has been written to accommodate it and can be extended no more than one level higher.Waldbusser Standards Track [Page 10]
RFC 4502 Remote Network Monitoring MIB May 2006 This extensibility is called "limited extensibility" to highlight these limitations. However, this can be a very useful tool. For example, suppose that an implementation has C code that understands how to decode IP packets on any of several ethernet encapsulations, and also knows how to interpret the IP protocol field to recognize UDP packets and how to decode the UDP port number fields. That implementation may be table driven so that among the many different UDP port numbers possible, it is configured to recognize 161 as SNMP, port 53 as DNS, and port 69 as TFTP. The limited extensibility of the protocol directory table would allow an SNMP operation to create an entry that would create an additional table mapping for UDP that would recognize UDP port 123 as NTP and begin counting such packets. This limited extensibility is an option that an implementation can choose to allow or disallow for any protocol that has child protocols.5.3. Errors in Packets Packets with link-level errors are not counted anywhere in this MIB because most variables in this MIB require the decoding of the contents of the packet, which is meaningless if there is a link-level error. Packets in which protocol errors are detected are counted for all protocols below the layer in which the error was encountered. The implication of this is that packets in which errors are detected at the network-layer are not counted anywhere in this MIB, while packets with errors detected at the transport layer may have network-layer statistics counted.6. DefinitionsRMON2-MIB DEFINITIONS ::= BEGINIMPORTS MODULE-IDENTITY, OBJECT-TYPE, Counter32, Integer32, Gauge32, IpAddress, TimeTicks, mib-2 FROM SNMPv2-SMI TEXTUAL-CONVENTION, RowStatus, DisplayString, TimeStamp FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF ifIndex FROM IF-MIB OwnerString, statistics, history, hosts, matrix, filter, etherStatsEntry, historyControlEntry, hostControlEntry, matrixControlEntry, filterEntry, channelEntry FROM RMON-MIB tokenRing, tokenRingMLStatsEntry, tokenRingPStatsEntry,Waldbusser Standards Track [Page 11]
RFC 4502 Remote Network Monitoring MIB May 2006 ringStationControlEntry, sourceRoutingStatsEntry FROM TOKEN-RING-RMON-MIB;-- Remote Network Monitoring MIBrmon MODULE-IDENTITY LAST-UPDATED "200605020000Z" -- May 2, 2006 ORGANIZATION "IETF RMON MIB Working Group" CONTACT-INFO "Author: Steve Waldbusser Phone: +1-650-948-6500 Fax : +1-650-745-0671 Email: waldbusser@nextbeacon.com Working Group Chair: Andy Bierman E-mail: ietf@andybierman.com Working Group Mailing List: <rmonmib@ietf.org> To subscribe send email to: <rmonmib-request@ietf.org> " DESCRIPTION "The MIB module for managing remote monitoring device implementations. This MIB module extends the architecture introduced in the original RMON MIB as specified inRFC 2819. Copyright (C) The Internet Society (2006). This version of this MIB module is part ofRFC 4502; see the RFC itself for full legal notices." REVISION "200605020000Z" -- May 2, 2006 DESCRIPTION "This version updates the proposed-standard version of the RMON2 MIB (published asRFC 2021) by adding 2 new enumerations to the nlMatrixTopNControlRateBase object and 4 new enumerations to the alMatrixTopNControlRateBase object. These new enumerations support the creation of high-capacity topN reports in the High Capacity RMON MIB [RFC3273]. Additionally, the following objects have been deprecated, as they have not had enough independent implementations to demonstrate interoperability to meet the requirements of a Draft Standard: probeDownloadFile probeDownloadTFTPServer probeDownloadAction probeDownloadStatusWaldbusser Standards Track [Page 12]
RFC 4502 Remote Network Monitoring MIB May 2006 serialMode serialProtocol serialTimeout serialModemInitString serialModemHangUpString serialModemConnectResp serialModemNoConnectResp serialDialoutTimeout serialStatus serialConnectDestIpAddress serialConnectType serialConnectDialString serialConnectSwitchConnectSeq serialConnectSwitchDisconnectSeq serialConnectSwitchResetSeq serialConnectOwner serialConnectStatus netConfigIPAddress netConfigSubnetMask netConfigStatus netDefaultGateway tokenRingMLStats2DroppedFrames tokenRingMLStats2CreateTime tokenRingPStats2DroppedFrames tokenRingPStats2CreateTime ringStationControl2DroppedFrames ringStationControl2CreateTime sourceRoutingStats2DroppedFrames sourceRoutingStats2CreateTime trapDestIndex trapDestCommunity trapDestProtocol trapDestAddress trapDestOwner trapDestStatus In addition, two corrections were made. The LastCreateTime Textual Convention had been defined with a base type of another textual convention, which isn't allowed in SMIv2. The definition has been modified to use TimeTicks as the base type. Further, the SerialConfigEntry SEQUENCE definition included sub-typing information that is not allowed in SMIv2. This information has been deleted. Ranges were added to a number of objects and textual-conventions to constrain their maximum (and sometimes minimum) sizes. The addition of these ranges documents existing practice for these objects. These objectsWaldbusser Standards Track [Page 13]
RFC 4502 Remote Network Monitoring MIB May 2006 are: ControlString protocolDirID protocolDirParameters addressMapNetworkAddress nlHostAddress nlMatrixSDSourceAddress nlMatrixSDDestAddress nlMatrixDSSourceAddress nlMatrixDSDestAddress nlMatrixTopNSourceAddress nlMatrixTopNDestAddress alHostEntry alMatrixSDEntry alMatrixDSEntry alMatrixTopNSourceAddress alMatrixTopNDestAddress Finally, the TimeFilter TC has been updated to encourage agent implementations that allow a MIB walk to behave well even when performed by an application that is not aware of the special TimeFilter semantics." REVISION "200207080000Z" -- 08 July, 2002 DESCRIPTION "Added new enumerations to support the High-Capacity RMON MIB as defined inRFC 3273. Also fixed some typos and added clarifications." REVISION "199605270000Z" -- 27 May, 1996 DESCRIPTION "Original version. Published asRFC 2021." ::= { mib-2 16 }-- { rmon 1 } through { rmon 10 } are defined in RMON and-- the Token Ring RMON MIB [RFC1513] protocolDir OBJECT IDENTIFIER ::= { rmon 11 } protocolDist OBJECT IDENTIFIER ::= { rmon 12 } addressMap OBJECT IDENTIFIER ::= { rmon 13 } nlHost OBJECT IDENTIFIER ::= { rmon 14 } nlMatrix OBJECT IDENTIFIER ::= { rmon 15 } alHost OBJECT IDENTIFIER ::= { rmon 16 } alMatrix OBJECT IDENTIFIER ::= { rmon 17 } usrHistory OBJECT IDENTIFIER ::= { rmon 18 } probeConfig OBJECT IDENTIFIER ::= { rmon 19 } rmonConformance OBJECT IDENTIFIER ::= { rmon 20 }Waldbusser Standards Track [Page 14]
RFC 4502 Remote Network Monitoring MIB May 2006-- Textual ConventionsZeroBasedCounter32 ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This TC describes an object that counts events with the following semantics: objects of this type will be set to zero(0) on creation and will thereafter count appropriate events, wrapping back to zero(0) when the value 2^32 is reached. Provided that an application discovers the new object within the minimum time to wrap, it can use the initial value as a delta since it last polled the table of which this object is part. It is important for a management station to be aware of this minimum time and the actual time between polls, and to discard data if the actual time is too long or there is no defined minimum time. Typically, this TC is used in tables where the INDEX space is constantly changing and/or the TimeFilter mechanism is in use." SYNTAX Gauge32LastCreateTime ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This TC describes an object that stores the value of the sysUpTime object at the last time its entry was created. This can be used for polling applications to determine that an entry has been deleted and re-created between polls, causing an otherwise undetectable discontinuity in the data. If sysUpTime is reset to zero as a result of a re- initialization of the network management (sub)system, then the values of all LastCreateTime objects are also reset. However, after approximately 497 days without a re- initialization, the sysUpTime object will reach 2^^32-1 and then increment to zero; in this case, existing values of TimeStamp objects do not change. This can lead to ambiguities in the value of TimeStamp objects." SYNTAX TimeTicksTimeFilter ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "To be used for the index to a table. Allows an application to download only those rows changed since a particular time.Waldbusser Standards Track [Page 15]
RFC 4502 Remote Network Monitoring MIB May 2006 Note that this is not a history mechanism. Only current values of underlying objects are returned; saved instance values associated with particular values of sysUpTime are not. An entry is considered changed if the value of any object in the entry changes, if the row is created, or if any object in the entry is created or deleted. Note that deleted entries cannot be detected or downloaded. A time-filtered conceptual table is created by inserting a single object of SYNTAX TimeFilter as the first INDEX component in a copy of an existing basic conceptual table (i.e., any SEQUENCE without a TimeFilter INDEX component). Thus, for each conceptual entry 'I' in the basic table, there exists N conceptual entries in the time-filtered version, indexed N.I, where 'N' is equal to the value of sysUpTime. When an application retrieves conceptual instances from a time-filtered table, and an INDEX value is provided for the TimeFilter INDEX component 'N', the agent will only consider returning basic conceptual entries (e.g., 'fooColumn.N.I') if any column within the basic conceptual entry has changed since sysUpTime 'N'. If not, the basic conceptual entry will be ignored for the particular retrieval operation. When sysUpTime is equal to zero, this table shall be empty. One conceptual entry exists for each past value of sysUpTime, except that the whole table is purged should sysUpTime wrap. As an entry in a time-filtered table is updated (i.e., one of the columns in the basic conceptual table is changed), new conceptual entries are also created in the time-filtered version (which still shares the now updated object values with all other instances). The number of unique time-filtered instances that are created is determined by the value of sysUpTime at which the basic entry was last updated. One unique instance will exist for each value of sysUpTime at the last update time for the row. However, a new TimeFilter index instance is created for each new sysUpTime value. The TimeFilter index values not associated with entry updates are called duplicate time-filtered instances. After some deployment experience, it has been determined that a time-filtered table is more efficient if the agent stops a MIB walk operation by skipping over rows with a TimeFilter index value higher than the value in the received GetNext/GetBulk request. That is, instead of incrementing a TimeFilter index value, the agent will continue to the nextWaldbusser Standards Track [Page 16]
RFC 4502 Remote Network Monitoring MIB May 2006 object or table. As a consequence, GetNext or GetBulk operations will provide only one pass through a time-filtered table. It is suggested that an agent implement a time-filtered table in this manner to improve performance and avoid a MIB walk getting stuck in time-filtered tables. It is, however, still acceptable for an agent to implement a time-filtered table in the traditional manner (i.e., every conceptual time-filtered instance is returned in GetNext and GetBulk PDU responses), and management applications must be able to deal with such traditional implementations. See the appendix for further discussion of this textual convention. The following example is provided to demonstrate TimeFilter behavior: Consider the following basic conceptual table, basicFooTable. (Note that the basic version of a time-filtered table may not actually be defined.) basicFooTable: basicFooTable ... INDEX { fooIndex } BasicFooEntry { fooIndex Integer32, fooCounts Counter32 } For this example, the basicFooTable contains two static conceptual entries (fooIndex equals '1' and '2'), created at time zero. It also contains one dynamic conceptual entry (fooIndex equals '3'), which is created at time '3' and deleted at time '7'. The time-filtered version of the basicFooTable could be defined as follows: FooTable: fooTable ... INDEX { fooTimeMark, fooIndex } FooEntry {Waldbusser Standards Track [Page 17]
RFC 4502 Remote Network Monitoring MIB May 2006 fooTimeMark TimeFilter, fooIndex Integer32, fooCounts Counter32 } Note that entries exist in the time-filtered conceptual table only if they actually exist in the underlying (basic) table. For this example, the fooTable will have three underlying basic entries (fooIndex == 1, 2, and 3), with the following activity (for sysUpTime equal 0 to 9): - fooEntry.N.1 is created at time '0' and most recently updated at time '6' to the value '5'. - fooEntry.N.2 is created at time '0' and most recently updated at time '8' to the value '9'. - fooEntry.N.3 is created at time '3', updated at time '5' to the value '17', and deleted at time '7'. The following tables show the values that would be returned for MIB walk operations with various TimeFilter values, done at different times. An application issues a retrieval request at time 'T', with a TimeFilter value, 'N' (typically set to a lower value, such as the value of sysUpTime at the last polling cycle). The following values would be returned in a MIB walk of fooCounts.N if T equals '0' and N equals '0': fooCounts.N.I Value ========================== fooCounts.0.1 0 fooCounts.0.2 0 Note that nothing is returned for fooCounts.0.3, since that entry does not exist at sysUpTime equals '0'. The following values would be returned in a full (traditional) MIB walk of fooCounts.N if T equals '3' and N equals '0': fooCounts.N.I Value ======================= fooCounts.0.1 0 fooCounts.0.2 0 fooCounts.0.3 0 fooCounts.1.3 0 fooCounts.2.3 0 fooCounts.3.3 0Waldbusser Standards Track [Page 18]
RFC 4502 Remote Network Monitoring MIB May 2006 Note that there are no instances for T equals 1 or 2 for the first two values of N, as these entries did not change since they were created at time '0'. Note that the current value for 'fooCounts.N.3' is returned here, even for values of N less than '3' (when the entry was created). The agent only considers the current existence of an entry in the TimeFilter algorithm, not the time when the entry was created. Note that the instances 'fooCounts.0.3', 'fooCounts.1.3', and 'fooCounts.2.3' are duplicates and can be suppressed by the agent in a MIB walk. The following values would be returned in a full (traditional) MIB walk of fooCounts.N if T equals '6' and N equals '3': fooCounts.N.I Value ======================= fooCounts.3.1 5 fooCounts.3.3 17 fooCounts.4.1 5 fooCounts.4.3 17 fooCounts.5.1 5 fooCounts.5.3 17 fooCounts.6.1 5 Note that no instances for entry 'fooCounts.N.2' are returned, since it has not changed since time '3'. Note that all instances except 'fooCounts.5.3' and 'fooCounts.6.1' are duplicates and can be suppressed by the agent in a MIB walk. The following values would be returned in a full (traditional) MIB walk of fooCounts.N if T equals '9' and N equals '6': fooCounts.N.I Value ======================= fooCounts.6.1 5 fooCounts.6.2 9 fooCounts.7.2 9 fooCounts.8.2 9 Note that no instances for entry 'fooCounts.N.3' are returned, since it was deleted at time '7'. Note that instances 'fooCounts.6.2' and 'fooCounts.7.2'Waldbusser Standards Track [Page 19]
RFC 4502 Remote Network Monitoring MIB May 2006 are duplicates and can be suppressed by the agent in a MIB walk." SYNTAX TimeTicksDataSource ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Identifies the source of the data that the associated function is configured to analyze. This source can be any interface on this device. In order to identify a particular interface, this object shall identify the instance of the ifIndex object, defined in [RFC2863], for the desired interface. For example, if an entry were to receive data from interface #1, this object would be set to ifIndex.1." SYNTAX OBJECT IDENTIFIER---- Protocol Directory Group---- Lists the inventory of protocols the probe has the capability of-- monitoring and allows the addition, deletion, and configuration of-- entries in this list.protocolDirLastChange OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime at the time the protocol directory was last modified, either through insertions or deletions, or through modifications of the protocolDirAddressMapConfig, protocolDirHostConfig, or protocolDirMatrixConfig." ::= { protocolDir 1 }protocolDirTable OBJECT-TYPE SYNTAX SEQUENCE OF ProtocolDirEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists the protocols that this agent has the capability to decode and count. There is one entry in this table for each such protocol. These protocols represent different network-layer, transport-layer, and higher-layerWaldbusser Standards Track [Page 20]
RFC 4502 Remote Network Monitoring MIB May 2006 protocols. The agent should boot up with this table preconfigured with those protocols that it knows about and wishes to monitor. Implementations are strongly encouraged to support protocols higher than the network layer (at least for the protocol distribution group), even for implementations that don't support the application-layer groups." ::= { protocolDir 2 }protocolDirEntry OBJECT-TYPE SYNTAX ProtocolDirEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the protocolDirTable. An example of the indexing of this entry is protocolDirLocalIndex.8.0.0.0.1.0.0.8.0.2.0.0, which is the encoding of a length of 8, followed by 8 subids encoding the protocolDirID of 1.2048, followed by a length of 2 and the 2 subids encoding zero-valued parameters. Note that some combinations of index values may result in an index that exceeds 128 sub-identifiers in length, which exceeds the maximum for the SNMP protocol. Implementations should take care to avoid such combinations." INDEX { protocolDirID, protocolDirParameters } ::= { protocolDirTable 1 }ProtocolDirEntry ::= SEQUENCE { protocolDirID OCTET STRING, protocolDirParameters OCTET STRING, protocolDirLocalIndex Integer32, protocolDirDescr DisplayString, protocolDirType BITS, protocolDirAddressMapConfig INTEGER, protocolDirHostConfig INTEGER, protocolDirMatrixConfig INTEGER, protocolDirOwner OwnerString, protocolDirStatus RowStatus}protocolDirID OBJECT-TYPE SYNTAX OCTET STRING (SIZE (4..128)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "A unique identifier for a particular protocol. Standard identifiers will be defined in such a manner that theyWaldbusser Standards Track [Page 21]
RFC 4502 Remote Network Monitoring MIB May 2006 can often be used as specifications for new protocols - i.e., a tree-structured assignment mechanism that matches the protocol encapsulation 'tree' and that has algorithmic assignment mechanisms for certain subtrees. SeeRFC 2074 for more details. Despite the algorithmic mechanism, the probe will only place entries in here for those protocols it chooses to collect. In other words, it need not populate this table with all possible ethernet protocol types, nor need it create them on the fly when it sees them. Whether it does these things is a matter of product definition (cost/benefit, usability) and is up to the designer of the product. If an entry is written to this table with a protocolDirID that the agent doesn't understand, either directly or algorithmically, the SET request will be rejected with an inconsistentName or badValue (for SNMPv1) error." ::= { protocolDirEntry 1 }protocolDirParameters OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..32)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "A set of parameters for the associated protocolDirID. See the associated RMON2 Protocol Identifiers document for a description of the possible parameters. There will be one octet in this string for each sub-identifier in the protocolDirID, and the parameters will appear here in the same order as the associated sub-identifiers appear in the protocolDirID. Every node in the protocolDirID tree has a different, optional set of parameters defined (that is, the definition of parameters for a node is optional). The proper parameter value for each node is included in this string. Note that the inclusion of a parameter value in this string for each node is not optional. What is optional is that a node may have no parameters defined, in which case the parameter field for that node will be zero." ::= { protocolDirEntry 2 }protocolDirLocalIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTIONWaldbusser Standards Track [Page 22]
RFC 4502 Remote Network Monitoring MIB May 2006 "The locally arbitrary but unique identifier associated with this protocolDir entry. The value for each supported protocol must remain constant at least from one re-initialization of the entity's network management system to the next re-initialization, except that if a protocol is deleted and re-created, it must be re-created with a new value that has not been used since the last re-initialization. The specific value is meaningful only within a given SNMP entity. A protocolDirLocalIndex must not be re-used until the next agent restart in the event that the protocol directory entry is deleted." ::= { protocolDirEntry 3 }protocolDirDescr OBJECT-TYPE SYNTAX DisplayString (SIZE (1..64)) MAX-ACCESS read-create STATUS current DESCRIPTION "A textual description of the protocol encapsulation. A probe may choose to describe only a subset of the entire encapsulation (e.g., only the highest layer). This object is intended for human consumption only. This object may not be modified if the associated protocolDirStatus object is equal to active(1)." ::= { protocolDirEntry 4 }protocolDirType OBJECT-TYPE SYNTAX BITS { extensible(0), addressRecognitionCapable(1) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object describes 2 attributes of this protocol directory entry. The presence or absence of the 'extensible' bit describes whether this protocol directory entry can be extended by the user by creating protocol directory entries that are children of this protocol. An example of an entry that will often allow extensibility isWaldbusser Standards Track [Page 23]
RFC 4502 Remote Network Monitoring MIB May 2006 'ip.udp'. The probe may automatically populate some children of this node, such as 'ip.udp.snmp' and 'ip.udp.dns'. A probe administrator or user may also populate additional children via remote SNMP requests that create entries in this table. When a child node is added for a protocol for which the probe has no built-in support extending a parent node (for which the probe does have built-in support), that child node is not extendable. This is termed 'limited extensibility'. When a child node is added through this extensibility mechanism, the values of protocolDirLocalIndex and protocolDirType shall be assigned by the agent. The other objects in the entry will be assigned by the manager who is creating the new entry. This object also describes whether this agent can recognize addresses for this protocol, should it be a network-level protocol. That is, while a probe may be able to recognize packets of a particular network-layer protocol and count them, it takes additional logic to be able to recognize the addresses in this protocol and to populate network-layer or application-layer tables with the addresses in this protocol. If this bit is set, the agent will recognize network-layer addresses for this protocol and populate the network- and application-layer host and matrix tables with these protocols. Note that when an entry is created, the agent will supply values for the bits that match the capabilities of the agent with respect to this protocol. Note that since row creations usually exercise the limited extensibility feature, these bits will usually be set to zero." ::= { protocolDirEntry 5 }protocolDirAddressMapConfig OBJECT-TYPE SYNTAX INTEGER { notSupported(1), supportedOff(2), supportedOn(3) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object describes and configures the probe's support for address mapping for this protocol. When the probe creates entries in this table for all protocols that it understands,Waldbusser Standards Track [Page 24]
RFC 4502 Remote Network Monitoring MIB May 2006 it will set the entry to notSupported(1) if it doesn't have the capability to perform address mapping for the protocol or if this protocol is not a network-layer protocol. When an entry is created in this table by a management operation as part of the limited extensibility feature, the probe must set this value to notSupported(1), because limited extensibility of the protocolDirTable does not extend to interpreting addresses of the extended protocols. If the value of this object is notSupported(1), the probe will not perform address mapping for this protocol and shall not allow this object to be changed to any other value. If the value of this object is supportedOn(3), the probe supports address mapping for this protocol and is configured to perform address mapping for this protocol for all addressMappingControlEntries and all interfaces. If the value of this object is supportedOff(2), the probe supports address mapping for this protocol but is configured to not perform address mapping for this protocol for any addressMappingControlEntries and all interfaces. Whenever this value changes from supportedOn(3) to supportedOff(2), the probe shall delete all related entries in the addressMappingTable." ::= { protocolDirEntry 6 }protocolDirHostConfig OBJECT-TYPE SYNTAX INTEGER { notSupported(1), supportedOff(2), supportedOn(3) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object describes and configures the probe's support for the network-layer and application-layer host tables for this protocol. When the probe creates entries in this table for all protocols that it understands, it will set the entry to notSupported(1) if it doesn't have the capability to track the nlHostTable for this protocol or if the alHostTable is implemented but doesn't have the capability to track this protocol. Note that if the alHostTable is implemented, the probe may only support a protocol if it is supported in both the nlHostTable and the alHostTable. If the associated protocolDirType object has the addressRecognitionCapable bit set, then this is a network- layer protocol for which the probe recognizes addresses, andWaldbusser Standards Track [Page 25]
RFC 4502 Remote Network Monitoring MIB May 2006 thus the probe will populate the nlHostTable and alHostTable with addresses it discovers for this protocol. If the value of this object is notSupported(1), the probe will not track the nlHostTable or alHostTable for this protocol and shall not allow this object to be changed to any other value. If the value of this object is supportedOn(3), the probe supports tracking of the nlHostTable and alHostTable for this protocol and is configured to track both tables for this protocol for all control entries and all interfaces. If the value of this object is supportedOff(2), the probe supports tracking of the nlHostTable and alHostTable for this protocol but is configured to not track these tables for any control entries or interfaces. Whenever this value changes from supportedOn(3) to supportedOff(2), the probe shall delete all related entries in the nlHostTable and alHostTable. Note that since each alHostEntry references 2 protocol directory entries, one for the network address and one for the type of the highest protocol recognized, an entry will only be created in that table if this value is supportedOn(3) for both protocols." ::= { protocolDirEntry 7 }protocolDirMatrixConfig OBJECT-TYPE SYNTAX INTEGER { notSupported(1), supportedOff(2), supportedOn(3) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object describes and configures the probe's support for the network-layer and application-layer matrix tables for this protocol. When the probe creates entries in this table for all protocols that it understands, it will set the entry to notSupported(1) if it doesn't have the capability to track the nlMatrixTables for this protocol or if the alMatrixTables are implemented but don't have the capability to track this protocol. Note that if the alMatrix tables are implemented, the probe may only support a protocol if it is supported in both of the nlMatrixTables and both of the alMatrixTables. If the associated protocolDirType object has the addressRecognitionCapable bit set, then this is a network-Waldbusser Standards Track [Page 26]
RFC 4502 Remote Network Monitoring MIB May 2006 layer protocol for which the probe recognizes addresses, and thus the probe will populate both of the nlMatrixTables and both of the alMatrixTables with addresses it discovers for this protocol. If the value of this object is notSupported(1), the probe will not track either of the nlMatrixTables or the alMatrixTables for this protocol and shall not allow this object to be changed to any other value. If the value of this object is supportedOn(3), the probe supports tracking of both of the nlMatrixTables and (if implemented) both of the alMatrixTables for this protocol and is configured to track these tables for this protocol for all control entries and all interfaces. If the value of this object is supportedOff(2), the probe supports tracking of both of the nlMatrixTables and (if implemented) both of the alMatrixTables for this protocol but is configured to not track these tables for this protocol for any control entries or interfaces. Whenever this value changes from supportedOn(3) to supportedOff(2), the probe shall delete all related entries in the nlMatrixTables and the alMatrixTables. Note that since each alMatrixEntry references 2 protocol directory entries, one for the network address and one for the type of the highest protocol recognized, an entry will only be created in that table if this value is supportedOn(3) for both protocols." ::= { protocolDirEntry 8 }protocolDirOwner OBJECT-TYPE SYNTAX OwnerString MAX-ACCESS read-create STATUS current DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { protocolDirEntry 9 }protocolDirStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this protocol directory entry. An entry may not exist in the active state unless all objects in the entry have an appropriate value.Waldbusser Standards Track [Page 27]
RFC 4502 Remote Network Monitoring MIB May 2006 If this object is not equal to active(1), all associated entries in the nlHostTable, nlMatrixSDTable, nlMatrixDSTable, alHostTable, alMatrixSDTable, and alMatrixDSTable shall be deleted." ::= { protocolDirEntry 10 }---- Protocol Distribution Group (protocolDist)---- Collects the relative amounts of octets and packets for the-- different protocols detected on a network segment.-- protocolDistControlTable,-- protocolDistStatsTableprotocolDistControlTable OBJECT-TYPE SYNTAX SEQUENCE OF ProtocolDistControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Controls the setup of protocol type distribution statistics tables. Implementations are encouraged to add an entry per monitored interface upon initialization so that a default collection of protocol statistics is available. Rationale: This table controls collection of very basic statistics for any or all of the protocols detected on a given interface. An NMS can use this table to quickly determine bandwidth allocation utilized by different protocols. A media-specific statistics collection could also be configured (e.g., etherStats, trPStats) to easily obtain total frame, octet, and droppedEvents for the same interface." ::= { protocolDist 1 }protocolDistControlEntry OBJECT-TYPE SYNTAX ProtocolDistControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the protocolDistControlTable. An example of the indexing of this entry is protocolDistControlDroppedFrames.7" INDEX { protocolDistControlIndex }Waldbusser Standards Track [Page 28]
RFC 4502 Remote Network Monitoring MIB May 2006 ::= { protocolDistControlTable 1 }ProtocolDistControlEntry ::= SEQUENCE { protocolDistControlIndex Integer32, protocolDistControlDataSource DataSource, protocolDistControlDroppedFrames Counter32, protocolDistControlCreateTime LastCreateTime, protocolDistControlOwner OwnerString, protocolDistControlStatus RowStatus}protocolDistControlIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "A unique index for this protocolDistControlEntry." ::= { protocolDistControlEntry 1 }protocolDistControlDataSource OBJECT-TYPE SYNTAX DataSource MAX-ACCESS read-create STATUS current DESCRIPTION "The source of data for the this protocol distribution. The statistics in this group reflect all packets on the local network segment attached to the identified interface. This object may not be modified if the associated protocolDistControlStatus object is equal to active(1)." ::= { protocolDistControlEntry 2 }protocolDistControlDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of frames that were received by the probe and therefore not accounted for in the *StatsDropEvents, but that the probe chose not to count for this entry for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors.Waldbusser Standards Track [Page 29]
RFC 4502 Remote Network Monitoring MIB May 2006 Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { protocolDistControlEntry 3 }protocolDistControlCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this control entry was last activated. This can be used by the management station to ensure that the table has not been deleted and recreated between polls." ::= { protocolDistControlEntry 4 }protocolDistControlOwner OBJECT-TYPE SYNTAX OwnerString MAX-ACCESS read-create STATUS current DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { protocolDistControlEntry 5 }protocolDistControlStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row. An entry may not exist in the active state unless all objects in the entry have an appropriate value. If this object is not equal to active(1), all associated entries in the protocolDistStatsTable shall be deleted." ::= { protocolDistControlEntry 6 }-- per interface protocol distribution statistics tableprotocolDistStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF ProtocolDistStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry is made in this table for every protocol in the protocolDirTable that has been seen in at least one packet. Counters are updated in this table for every protocol type that is encountered when parsing a packet, but no counters areWaldbusser Standards Track [Page 30]
RFC 4502 Remote Network Monitoring MIB May 2006 updated for packets with MAC-layer errors. Note that if a protocolDirEntry is deleted, all associated entries in this table are removed." ::= { protocolDist 2 }protocolDistStatsEntry OBJECT-TYPE SYNTAX ProtocolDistStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the protocolDistStatsTable. The index is composed of the protocolDistControlIndex of the associated protocolDistControlEntry, followed by the protocolDirLocalIndex of the associated protocol that this entry represents. In other words, the index identifies the protocol distribution an entry is a part of and the particular protocol that it represents. An example of the indexing of this entry is protocolDistStatsPkts.1.18" INDEX { protocolDistControlIndex, protocolDirLocalIndex } ::= { protocolDistStatsTable 1 }ProtocolDistStatsEntry ::= SEQUENCE { protocolDistStatsPkts ZeroBasedCounter32, protocolDistStatsOctets ZeroBasedCounter32}protocolDistStatsPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets of this protocol type received without errors. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times." ::= { protocolDistStatsEntry 1 }protocolDistStatsOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets in packets of this protocol typeWaldbusser Standards Track [Page 31]
RFC 4502 Remote Network Monitoring MIB May 2006 received since it was added to the protocolDistStatsTable (excluding framing bits, but including FCS octets), except for those octets in packets that contained errors. Note that this doesn't count just those octets in the particular protocol frames but includes the entire packet that contained the protocol." ::= { protocolDistStatsEntry 2 }---- Address Map Group (addressMap)---- Lists MAC address to network address bindings discovered by the-- probe and what interface they were last seen on.-- addressMapControlTable-- addressMapTableaddressMapInserts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times an address mapping entry has been inserted into the addressMapTable. If an entry is inserted, then deleted, and then inserted, this counter will be incremented by 2. Note that the table size can be determined by subtracting addressMapDeletes from addressMapInserts." ::= { addressMap 1 }addressMapDeletes OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times an address mapping entry has been deleted from the addressMapTable (for any reason). If an entry is deleted, then inserted, and then deleted, this counter will be incremented by 2. Note that the table size can be determined by subtracting addressMapDeletes from addressMapInserts." ::= { addressMap 2 }addressMapMaxDesiredEntries OBJECT-TYPE SYNTAX Integer32 (-1..2147483647) MAX-ACCESS read-writeWaldbusser Standards Track [Page 32]
RFC 4502 Remote Network Monitoring MIB May 2006 STATUS current DESCRIPTION "The maximum number of entries that are desired in the addressMapTable. The probe will not create more than this number of entries in the table but may choose to create fewer entries in this table for any reason, including the lack of resources. If this object is set to a value less than the current number of entries, enough entries are chosen in an implementation-dependent manner and deleted so that the number of entries in the table equals the value of this object. If this value is set to -1, the probe may create any number of entries in this table. This object may be used to control how resources are allocated on the probe for the various RMON functions." ::= { addressMap 3 }addressMapControlTable OBJECT-TYPE SYNTAX SEQUENCE OF AddressMapControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table to control the collection of mappings from network layer address to physical address to interface. Note that this is not like the typical RMON controlTable and dataTable in which each entry creates its own data table. Each entry in this table enables the discovery of addresses on a new interface and the placement of address mappings into the central addressMapTable. Implementations are encouraged to add an entry per monitored interface upon initialization so that a default collection of address mappings is available." ::= { addressMap 4 }addressMapControlEntry OBJECT-TYPE SYNTAX AddressMapControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the addressMapControlTable. An example of the indexing of this entry is addressMapControlDroppedFrames.1"Waldbusser Standards Track [Page 33]
RFC 4502 Remote Network Monitoring MIB May 2006 INDEX { addressMapControlIndex } ::= { addressMapControlTable 1 }AddressMapControlEntry ::= SEQUENCE { addressMapControlIndex Integer32, addressMapControlDataSource DataSource, addressMapControlDroppedFrames Counter32, addressMapControlOwner OwnerString, addressMapControlStatus RowStatus}addressMapControlIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "A unique index for this entry in the addressMapControlTable." ::= { addressMapControlEntry 1 }addressMapControlDataSource OBJECT-TYPE SYNTAX DataSource MAX-ACCESS read-create STATUS current DESCRIPTION "The source of data for this addressMapControlEntry." ::= { addressMapControlEntry 2 }addressMapControlDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of frames that were received by the probe and therefore not accounted for in the *StatsDropEvents, but that the probe chose not to count for this entry for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { addressMapControlEntry 3 }addressMapControlOwner OBJECT-TYPE SYNTAX OwnerStringWaldbusser Standards Track [Page 34]
RFC 4502 Remote Network Monitoring MIB May 2006 MAX-ACCESS read-create STATUS current DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { addressMapControlEntry 4 }addressMapControlStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this addressMap control entry. An entry may not exist in the active state unless all objects in the entry have an appropriate value. If this object is not equal to active(1), all associated entries in the addressMapTable shall be deleted." ::= { addressMapControlEntry 5 }addressMapTable OBJECT-TYPE SYNTAX SEQUENCE OF AddressMapEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table of mappings from network layer address to physical address to interface. The probe will add entries to this table based on the source MAC and network addresses seen in packets without MAC-level errors. The probe will populate this table for all protocols in the protocol directory table whose value of protocolDirAddressMapConfig is equal to supportedOn(3), and will delete any entries whose protocolDirEntry is deleted or has a protocolDirAddressMapConfig value of supportedOff(2)." ::= { addressMap 5 }addressMapEntry OBJECT-TYPE SYNTAX AddressMapEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the addressMapTable. The protocolDirLocalIndex in the index identifies the network layer protocol of the addressMapNetworkAddress.Waldbusser Standards Track [Page 35]
RFC 4502 Remote Network Monitoring MIB May 2006 An example of the indexing of this entry is addressMapSource.783495.18.4.128.2.6.6.11.1.3.6.1.2.1.2.2.1.1.1. Note that some combinations of index values may result in an index that exceeds 128 sub-identifiers in length, which exceeds the maximum for the SNMP protocol. Implementations should take care to avoid such combinations." INDEX { addressMapTimeMark, protocolDirLocalIndex, addressMapNetworkAddress, addressMapSource } ::= { addressMapTable 1 }AddressMapEntry ::= SEQUENCE { addressMapTimeMark TimeFilter, addressMapNetworkAddress OCTET STRING, addressMapSource OBJECT IDENTIFIER, addressMapPhysicalAddress OCTET STRING, addressMapLastChange TimeStamp}addressMapTimeMark OBJECT-TYPE SYNTAX TimeFilter MAX-ACCESS not-accessible STATUS current DESCRIPTION "A TimeFilter for this entry. See the TimeFilter textual convention to see how this works." ::= { addressMapEntry 1 }addressMapNetworkAddress OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..255)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The network address for this relation. This is represented as an octet string with specific semantics and length as identified by the protocolDirLocalIndex component of the index. For example, if the protocolDirLocalIndex indicates an encapsulation of ip, this object is encoded as a length octet of 4, followed by the 4 octets of the IP address, in network byte order." ::= { addressMapEntry 2 }addressMapSource OBJECT-TYPE SYNTAX OBJECT IDENTIFIERWaldbusser Standards Track [Page 36]
RFC 4502 Remote Network Monitoring MIB May 2006 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The interface or port on which the associated network address was most recently seen. If this address mapping was discovered on an interface, this object shall identify the instance of the ifIndex object, defined in [RFC2863], for the desired interface. For example, if an entry were to receive data from interface #1, this object would be set to ifIndex.1. If this address mapping was discovered on a port, this object shall identify the instance of the rptrGroupPortIndex object, defined in [RFC2108], for the desired port. For example, if an entry were to receive data from group #1, port #1, this object would be set to rptrGroupPortIndex.1.1. Note that while the dataSource associated with this entry may only point to index objects, this object may at times point to repeater port objects. This situation occurs when the dataSource points to an interface that is a locally attached repeater and the agent has additional information about the source port of traffic seen on that repeater." ::= { addressMapEntry 3 }addressMapPhysicalAddress OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-only STATUS current DESCRIPTION "The last source physical address on which the associated network address was seen. If the protocol of the associated network address was encapsulated inside of a network-level or higher protocol, this will be the address of the next-lower protocol with the addressRecognitionCapable bit enabled and will be formatted as specified for that protocol." ::= { addressMapEntry 4 }addressMapLastChange OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime at the time this entry was last created or the values of the physical address changed.Waldbusser Standards Track [Page 37]
RFC 4502 Remote Network Monitoring MIB May 2006 This can be used to help detect duplicate address problems, in which case this object will be updated frequently." ::= { addressMapEntry 5 }---- Network Layer Host Group---- Counts the amount of traffic sent from and to each network address-- discovered by the probe.-- Note that while the hlHostControlTable also has objects that-- control an optional alHostTable, implementation of the alHostTable is-- not required to fully implement this group.hlHostControlTable OBJECT-TYPE SYNTAX SEQUENCE OF HlHostControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of higher-layer (i.e., non-MAC) host table control entries. These entries will enable the collection of the network- and application-level host tables indexed by network addresses. Both the network- and application-level host tables are controlled by this table so that they will both be created and deleted at the same time, further increasing the ease with which they can be implemented as a single datastore. (Note that if an implementation stores application-layer host records in memory, it can derive network-layer host records from them.) Entries in the nlHostTable will be created on behalf of each entry in this table. Additionally, if this probe implements the alHostTable, entries in the alHostTable will be created on behalf of each entry in this table. Implementations are encouraged to add an entry per monitored interface upon initialization so that a default collection of host statistics is available." ::= { nlHost 1 }hlHostControlEntry OBJECT-TYPE SYNTAX HlHostControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the hlHostControlTable. An example of the indexing of this entry isWaldbusser Standards Track [Page 38]
RFC 4502 Remote Network Monitoring MIB May 2006 hlHostControlNlDroppedFrames.1" INDEX { hlHostControlIndex } ::= { hlHostControlTable 1 }HlHostControlEntry ::= SEQUENCE { hlHostControlIndex Integer32, hlHostControlDataSource DataSource, hlHostControlNlDroppedFrames Counter32, hlHostControlNlInserts Counter32, hlHostControlNlDeletes Counter32, hlHostControlNlMaxDesiredEntries Integer32, hlHostControlAlDroppedFrames Counter32, hlHostControlAlInserts Counter32, hlHostControlAlDeletes Counter32, hlHostControlAlMaxDesiredEntries Integer32, hlHostControlOwner OwnerString, hlHostControlStatus RowStatus}hlHostControlIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index that uniquely identifies an entry in the hlHostControlTable. Each such entry defines a function that discovers hosts on a particular interface and places statistics about them in the nlHostTable, and optionally in the alHostTable, on behalf of this hlHostControlEntry." ::= { hlHostControlEntry 1 }hlHostControlDataSource OBJECT-TYPE SYNTAX DataSource MAX-ACCESS read-create STATUS current DESCRIPTION "The source of data for the associated host tables. The statistics in this group reflect all packets on the local network segment attached to the identified interface. This object may not be modified if the associated hlHostControlStatus object is equal to active(1)." ::= { hlHostControlEntry 2 }hlHostControlNlDroppedFrames OBJECT-TYPEWaldbusser Standards Track [Page 39]
RFC 4502 Remote Network Monitoring MIB May 2006 SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of frames that were received by the probe and therefore not accounted for in the *StatsDropEvents, but that the probe chose not to count for the associated nlHost entries for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that if the nlHostTable is inactive because no protocols are enabled in the protocol directory, this value should be 0. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { hlHostControlEntry 3 }hlHostControlNlInserts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times an nlHost entry has been inserted into the nlHost table. If an entry is inserted, then deleted, and then inserted, this counter will be incremented by 2. To allow for efficient implementation strategies, agents may delay updating this object for short periods of time. For example, an implementation strategy may allow internal data structures to differ from those visible via SNMP for short periods of time. This counter may reflect the internal data structures for those short periods of time. Note that the table size can be determined by subtracting hlHostControlNlDeletes from hlHostControlNlInserts." ::= { hlHostControlEntry 4 }hlHostControlNlDeletes OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times an nlHost entry has beenWaldbusser Standards Track [Page 40]
RFC 4502 Remote Network Monitoring MIB May 2006 deleted from the nlHost table (for any reason). If an entry is deleted, then inserted, and then deleted, this counter will be incremented by 2. To allow for efficient implementation strategies, agents may delay updating this object for short periods of time. For example, an implementation strategy may allow internal data structures to differ from those visible via SNMP for short periods of time. This counter may reflect the internal data structures for those short periods of time. Note that the table size can be determined by subtracting hlHostControlNlDeletes from hlHostControlNlInserts." ::= { hlHostControlEntry 5 }hlHostControlNlMaxDesiredEntries OBJECT-TYPE SYNTAX Integer32 (-1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum number of entries that are desired in the nlHostTable on behalf of this control entry. The probe will not create more than this number of associated entries in the table but may choose to create fewer entries in this table for any reason, including the lack of resources. If this object is set to a value less than the current number of entries, enough entries are chosen in an implementation-dependent manner and deleted so that the number of entries in the table equals the value of this object. If this value is set to -1, the probe may create any number of entries in this table. If the associated hlHostControlStatus object is equal to 'active', this object may not be modified. This object may be used to control how resources are allocated on the probe for the various RMON functions." ::= { hlHostControlEntry 6 }hlHostControlAlDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of frames that were received by the probe and therefore not accounted for in the *StatsDropEvents, but that the probe chose not to count for the associatedWaldbusser Standards Track [Page 41]
RFC 4502 Remote Network Monitoring MIB May 2006 alHost entries for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that if the alHostTable is not implemented or is inactive because no protocols are enabled in the protocol directory, this value should be 0. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { hlHostControlEntry 7 }hlHostControlAlInserts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times an alHost entry has been inserted into the alHost table. If an entry is inserted, then deleted, and then inserted, this counter will be incremented by 2. To allow for efficient implementation strategies, agents may delay updating this object for short periods of time. For example, an implementation strategy may allow internal data structures to differ from those visible via SNMP for short periods of time. This counter may reflect the internal data structures for those short periods of time. Note that the table size can be determined by subtracting hlHostControlAlDeletes from hlHostControlAlInserts." ::= { hlHostControlEntry 8 }hlHostControlAlDeletes OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times an alHost entry has been deleted from the alHost table (for any reason). If an entry is deleted, then inserted, and then deleted, this counter will be incremented by 2. To allow for efficient implementation strategies, agents may delay updating this object for short periods of time. ForWaldbusser Standards Track [Page 42]
RFC 4502 Remote Network Monitoring MIB May 2006 example, an implementation strategy may allow internal data structures to differ from those visible via SNMP for short periods of time. This counter may reflect the internal data structures for those short periods of time. Note that the table size can be determined by subtracting hlHostControlAlDeletes from hlHostControlAlInserts." ::= { hlHostControlEntry 9 }hlHostControlAlMaxDesiredEntries OBJECT-TYPE SYNTAX Integer32 (-1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum number of entries that are desired in the alHost table on behalf of this control entry. The probe will not create more than this number of associated entries in the table but may choose to create fewer entries in this table for any reason, including the lack of resources. If this object is set to a value less than the current number of entries, enough entries are chosen in an implementation-dependent manner and deleted so that the number of entries in the table equals the value of this object. If this value is set to -1, the probe may create any number of entries in this table. If the associated hlHostControlStatus object is equal to 'active', this object may not be modified. This object may be used to control how resources are allocated on the probe for the various RMON functions." ::= { hlHostControlEntry 10 }hlHostControlOwner OBJECT-TYPE SYNTAX OwnerString MAX-ACCESS read-create STATUS current DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { hlHostControlEntry 11 }hlHostControlStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTIONWaldbusser Standards Track [Page 43]
RFC 4502 Remote Network Monitoring MIB May 2006 "The status of this hlHostControlEntry. An entry may not exist in the active state unless all objects in the entry have an appropriate value. If this object is not equal to active(1), all associated entries in the nlHostTable and alHostTable shall be deleted." ::= { hlHostControlEntry 12 }nlHostTable OBJECT-TYPE SYNTAX SEQUENCE OF NlHostEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A collection of statistics for a particular network layer address that has been discovered on an interface of this device. The probe will populate this table for all network layer protocols in the protocol directory table whose value of protocolDirHostConfig is equal to supportedOn(3), and will delete any entries whose protocolDirEntry is deleted or has a protocolDirHostConfig value of supportedOff(2). The probe will add to this table all addresses seen as the source or destination address in all packets with no MAC errors, and will increment octet and packet counts in the table for all packets with no MAC errors."::= { nlHost 2 }nlHostEntry OBJECT-TYPE SYNTAX NlHostEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the nlHostTable. The hlHostControlIndex value in the index identifies the hlHostControlEntry on whose behalf this entry was created. The protocolDirLocalIndex value in the index identifies the network layer protocol of the nlHostAddress. An example of the indexing of this entry is nlHostOutPkts.1.783495.18.4.128.2.6.6. Note that some combinations of index values may result in an index that exceeds 128 sub-identifiers in length, which exceeds the maximum for the SNMP protocol. Implementations should takeWaldbusser Standards Track [Page 44]
RFC 4502 Remote Network Monitoring MIB May 2006 care to avoid such combinations." INDEX { hlHostControlIndex, nlHostTimeMark, protocolDirLocalIndex, nlHostAddress } ::= { nlHostTable 1 }NlHostEntry ::= SEQUENCE { nlHostTimeMark TimeFilter, nlHostAddress OCTET STRING, nlHostInPkts ZeroBasedCounter32, nlHostOutPkts ZeroBasedCounter32, nlHostInOctets ZeroBasedCounter32, nlHostOutOctets ZeroBasedCounter32, nlHostOutMacNonUnicastPkts ZeroBasedCounter32, nlHostCreateTime LastCreateTime}nlHostTimeMark OBJECT-TYPE SYNTAX TimeFilter MAX-ACCESS not-accessible STATUS current DESCRIPTION "A TimeFilter for this entry. See the TimeFilter textual convention to see how this works." ::= { nlHostEntry 1 }nlHostAddress OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..255)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The network address for this nlHostEntry. This is represented as an octet string with specific semantics and length as identified by the protocolDirLocalIndex component of the index. For example, if the protocolDirLocalIndex indicates an encapsulation of IP, this object is encoded as a length octet of 4, followed by the 4 octets of the IP address, in network byte order." ::= { nlHostEntry 2 }nlHostInPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets without errors transmitted toWaldbusser Standards Track [Page 45]
RFC 4502 Remote Network Monitoring MIB May 2006 this address since it was added to the nlHostTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times." ::= { nlHostEntry 3 }nlHostOutPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets without errors transmitted by this address since it was added to the nlHostTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times." ::= { nlHostEntry 4 }nlHostInOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets transmitted to this address since it was added to the nlHostTable (excluding framing bits, but including FCS octets), excluding octets in packets that contained errors. Note that this doesn't count just those octets in the particular protocol frames but includes the entire packet that contained the protocol." ::= { nlHostEntry 5 }nlHostOutOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets transmitted by this address since it was added to the nlHostTable (excluding framing bits, but including FCS octets), excluding octets in packets that contained errors. Note that this doesn't count just those octets in the particular protocol frames but includes the entire packet that contained the protocol." ::= { nlHostEntry 6 }Waldbusser Standards Track [Page 46]
RFC 4502 Remote Network Monitoring MIB May 2006nlHostOutMacNonUnicastPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets without errors transmitted by this address that were directed to any MAC broadcast addresses or to any MAC multicast addresses since this host was added to the nlHostTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times." ::= { nlHostEntry 7 }nlHostCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this entry was last activated. This can be used by the management station to ensure that the entry has not been deleted and recreated between polls." ::= { nlHostEntry 8 }---- Network Layer Matrix Group---- Counts the amount of traffic sent between each pair of network-- addresses discovered by the probe.-- Note that while the hlMatrixControlTable also has objects that-- control optional alMatrixTables, implementation of the-- alMatrixTables is not required to fully implement this group.hlMatrixControlTable OBJECT-TYPE SYNTAX SEQUENCE OF HlMatrixControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of higher-layer (i.e., non-MAC) matrix control entries. These entries will enable the collection of the network- and application-level matrix tables containing conversation statistics indexed by pairs of network addresses. Both the network- and application-level matrix tables are controlled by this table so that they will both be created and deleted at the same time, further increasing the ease with which they can be implemented as a single datastore. (Note that if an implementation stores application-layer matrix recordsWaldbusser Standards Track [Page 47]
RFC 4502 Remote Network Monitoring MIB May 2006 in memory, it can derive network-layer matrix records from them.) Entries in the nlMatrixSDTable and nlMatrixDSTable will be created on behalf of each entry in this table. Additionally, if this probe implements the alMatrix tables, entries in the alMatrix tables will be created on behalf of each entry in this table." ::= { nlMatrix 1 }hlMatrixControlEntry OBJECT-TYPE SYNTAX HlMatrixControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the hlMatrixControlTable. An example of indexing of this entry is hlMatrixControlNlDroppedFrames.1" INDEX { hlMatrixControlIndex } ::= { hlMatrixControlTable 1 }HlMatrixControlEntry ::= SEQUENCE { hlMatrixControlIndex Integer32, hlMatrixControlDataSource DataSource, hlMatrixControlNlDroppedFrames Counter32, hlMatrixControlNlInserts Counter32, hlMatrixControlNlDeletes Counter32, hlMatrixControlNlMaxDesiredEntries Integer32, hlMatrixControlAlDroppedFrames Counter32, hlMatrixControlAlInserts Counter32, hlMatrixControlAlDeletes Counter32, hlMatrixControlAlMaxDesiredEntries Integer32, hlMatrixControlOwner OwnerString, hlMatrixControlStatus RowStatus}hlMatrixControlIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index that uniquely identifies an entry in the hlMatrixControlTable. Each such entry defines a function that discovers conversations on a particular interface and places statistics about them in the nlMatrixSDTable and the nlMatrixDSTable, and optionally the alMatrixSDTable and alMatrixDSTable, on behalf of thisWaldbusser Standards Track [Page 48]
RFC 4502 Remote Network Monitoring MIB May 2006 hlMatrixControlEntry." ::= { hlMatrixControlEntry 1 }hlMatrixControlDataSource OBJECT-TYPE SYNTAX DataSource MAX-ACCESS read-create STATUS current DESCRIPTION "The source of the data for the associated matrix tables. The statistics in this group reflect all packets on the local network segment attached to the identified interface. This object may not be modified if the associated hlMatrixControlStatus object is equal to active(1)." ::= { hlMatrixControlEntry 2 }hlMatrixControlNlDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of frames that were received by the probe and therefore not accounted for in the *StatsDropEvents, but that the probe chose not to count for this entry for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that if the nlMatrixTables are inactive because no protocols are enabled in the protocol directory, this value should be 0. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { hlMatrixControlEntry 3 }hlMatrixControlNlInserts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times an nlMatrix entry has been inserted into the nlMatrix tables. If an entry is inserted,Waldbusser Standards Track [Page 49]
RFC 4502 Remote Network Monitoring MIB May 2006 then deleted, and then inserted, this counter will be incremented by 2. The addition of a conversation into both the nlMatrixSDTable and nlMatrixDSTable shall be counted as two insertions (even though every addition into one table must be accompanied by an insertion into the other). To allow for efficient implementation strategies, agents may delay updating this object for short periods of time. For example, an implementation strategy may allow internal data structures to differ from those visible via SNMP for short periods of time. This counter may reflect the internal data structures for those short periods of time. Note that the sum of then nlMatrixSDTable and nlMatrixDSTable sizes can be determined by subtracting hlMatrixControlNlDeletes from hlMatrixControlNlInserts." ::= { hlMatrixControlEntry 4 }hlMatrixControlNlDeletes OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times an nlMatrix entry has been deleted from the nlMatrix tables (for any reason). If an entry is deleted, then inserted, and then deleted, this counter will be incremented by 2. The deletion of a conversation from both the nlMatrixSDTable and nlMatrixDSTable shall be counted as two deletions (even though every deletion from one table must be accompanied by a deletion from the other). To allow for efficient implementation strategies, agents may delay updating this object for short periods of time. For example, an implementation strategy may allow internal data structures to differ from those visible via SNMP for short periods of time. This counter may reflect the internal data structures for those short periods of time. Note that the table size can be determined by subtracting hlMatrixControlNlDeletes from hlMatrixControlNlInserts." ::= { hlMatrixControlEntry 5 }hlMatrixControlNlMaxDesiredEntries OBJECT-TYPE SYNTAX Integer32 (-1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTIONWaldbusser Standards Track [Page 50]
RFC 4502 Remote Network Monitoring MIB May 2006 "The maximum number of entries that are desired in the nlMatrix tables on behalf of this control entry. The probe will not create more than this number of associated entries in the table but may choose to create fewer entries in this table for any reason, including the lack of resources. If this object is set to a value less than the current number of entries, enough entries are chosen in an implementation-dependent manner and deleted so that the number of entries in the table equals the value of this object. If this value is set to -1, the probe may create any number of entries in this table. If the associated hlMatrixControlStatus object is equal to 'active', this object may not be modified. This object may be used to control how resources are allocated on the probe for the various RMON functions." ::= { hlMatrixControlEntry 6 }hlMatrixControlAlDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of frames that were received by the probe and therefore not accounted for in the *StatsDropEvents, but that the probe chose not to count for this entry for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that if the alMatrixTables are not implemented or are inactive because no protocols are enabled in the protocol directory, this value should be 0. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { hlMatrixControlEntry 7 }hlMatrixControlAlInserts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTIONWaldbusser Standards Track [Page 51]
RFC 4502 Remote Network Monitoring MIB May 2006 "The number of times an alMatrix entry has been inserted into the alMatrix tables. If an entry is inserted, then deleted, and then inserted, this counter will be incremented by 2. The addition of a conversation into both the alMatrixSDTable and alMatrixDSTable shall be counted as two insertions (even though every addition into one table must be accompanied by an insertion into the other). To allow for efficient implementation strategies, agents may delay updating this object for short periods of time. For example, an implementation strategy may allow internal data structures to differ from those visible via SNMP for short periods of time. This counter may reflect the internal data structures for those short periods of time. Note that the table size can be determined by subtracting hlMatrixControlAlDeletes from hlMatrixControlAlInserts." ::= { hlMatrixControlEntry 8 }hlMatrixControlAlDeletes OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times an alMatrix entry has been deleted from the alMatrix tables. If an entry is deleted, then inserted, and then deleted, this counter will be incremented by 2. The deletion of a conversation from both the alMatrixSDTable and alMatrixDSTable shall be counted as two deletions (even though every deletion from one table must be accompanied by a deletion from the other). To allow for efficient implementation strategies, agents may delay updating this object for short periods of time. For example, an implementation strategy may allow internal data structures to differ from those visible via SNMP for short periods of time. This counter may reflect the internal data structures for those short periods of time. Note that the table size can be determined by subtracting hlMatrixControlAlDeletes from hlMatrixControlAlInserts." ::= { hlMatrixControlEntry 9 }hlMatrixControlAlMaxDesiredEntries OBJECT-TYPE SYNTAX Integer32 (-1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTIONWaldbusser Standards Track [Page 52]
RFC 4502 Remote Network Monitoring MIB May 2006 "The maximum number of entries that are desired in the alMatrix tables on behalf of this control entry. The probe will not create more than this number of associated entries in the table but may choose to create fewer entries in this table for any reason, including the lack of resources. If this object is set to a value less than the current number of entries, enough entries are chosen in an implementation-dependent manner and deleted so that the number of entries in the table equals the value of this object. If this value is set to -1, the probe may create any number of entries in this table. If the associated hlMatrixControlStatus object is equal to 'active', this object may not be modified. This object may be used to control how resources are allocated on the probe for the various RMON functions." ::= { hlMatrixControlEntry 10 }hlMatrixControlOwner OBJECT-TYPE SYNTAX OwnerString MAX-ACCESS read-create STATUS current DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { hlMatrixControlEntry 11 }hlMatrixControlStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this hlMatrixControlEntry. An entry may not exist in the active state unless all objects in the entry have an appropriate value. If this object is not equal to active(1), all associated entries in the nlMatrixSDTable, nlMatrixDSTable, alMatrixSDTable, and alMatrixDSTable shall be deleted by the agent." ::= { hlMatrixControlEntry 12 }nlMatrixSDTable OBJECT-TYPE SYNTAX SEQUENCE OF NlMatrixSDEntry MAX-ACCESS not-accessibleWaldbusser Standards Track [Page 53]
RFC 4502 Remote Network Monitoring MIB May 2006 STATUS current DESCRIPTION "A list of traffic matrix entries that collect statistics for conversations between two network-level addresses. This table is indexed first by the source address and then by the destination address to make it convenient to collect all conversations from a particular address. The probe will populate this table for all network layer protocols in the protocol directory table whose value of protocolDirMatrixConfig is equal to supportedOn(3), and will delete any entries whose protocolDirEntry is deleted or has a protocolDirMatrixConfig value of supportedOff(2). The probe will add to this table all pairs of addresses seen in all packets with no MAC errors and will increment octet and packet counts in the table for all packets with no MAC errors. Further, this table will only contain entries that have a corresponding entry in the nlMatrixDSTable with the same source address and destination address." ::= { nlMatrix 2 }nlMatrixSDEntry OBJECT-TYPE SYNTAX NlMatrixSDEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the nlMatrixSDTable. The hlMatrixControlIndex value in the index identifies the hlMatrixControlEntry on whose behalf this entry was created. The protocolDirLocalIndex value in the index identifies the network-layer protocol of the nlMatrixSDSourceAddress and nlMatrixSDDestAddress. An example of the indexing of this table is nlMatrixSDPkts.1.783495.18.4.128.2.6.6.4.128.2.6.7. Note that some combinations of index values may result in an index that exceeds 128 sub-identifiers in length, which exceeds the maximum for the SNMP protocol. Implementations should take care to avoid such combinations." INDEX { hlMatrixControlIndex, nlMatrixSDTimeMark, protocolDirLocalIndex, nlMatrixSDSourceAddress, nlMatrixSDDestAddress } ::= { nlMatrixSDTable 1 }Waldbusser Standards Track [Page 54]
RFC 4502 Remote Network Monitoring MIB May 2006NlMatrixSDEntry ::= SEQUENCE { nlMatrixSDTimeMark TimeFilter, nlMatrixSDSourceAddress OCTET STRING, nlMatrixSDDestAddress OCTET STRING, nlMatrixSDPkts ZeroBasedCounter32, nlMatrixSDOctets ZeroBasedCounter32, nlMatrixSDCreateTime LastCreateTime}nlMatrixSDTimeMark OBJECT-TYPE SYNTAX TimeFilter MAX-ACCESS not-accessible STATUS current DESCRIPTION "A TimeFilter for this entry. See the TimeFilter textual convention to see how this works." ::= { nlMatrixSDEntry 1 }nlMatrixSDSourceAddress OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..255)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The network source address for this nlMatrixSDEntry. This is represented as an octet string with specific semantics and length as identified by the protocolDirLocalIndex component of the index. For example, if the protocolDirLocalIndex indicates an encapsulation of IP, this object is encoded as a length octet of 4, followed by the 4 octets of the IP address, in network byte order." ::= { nlMatrixSDEntry 2 }nlMatrixSDDestAddress OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..255)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The network destination address for this nlMatrixSDEntry. This is represented as an octet string with specific semantics and length as identified by the protocolDirLocalIndex component of the index. For example, if the protocolDirLocalIndex indicates anWaldbusser Standards Track [Page 55]
RFC 4502 Remote Network Monitoring MIB May 2006 encapsulation of IP, this object is encoded as a length octet of 4, followed by the 4 octets of the IP address, in network byte order." ::= { nlMatrixSDEntry 3 }nlMatrixSDPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets without errors transmitted from the source address to the destination address since this entry was added to the nlMatrixSDTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times." ::= { nlMatrixSDEntry 4 }nlMatrixSDOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets transmitted from the source address to the destination address since this entry was added to the nlMatrixSDTable (excluding framing bits, but including FCS octets), excluding octets in packets that contained errors. Note that this doesn't count just those octets in the particular protocol frames but includes the entire packet that contained the protocol." ::= { nlMatrixSDEntry 5 }nlMatrixSDCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this entry was last activated. This can be used by the management station to ensure that the entry has not been deleted and recreated between polls." ::= { nlMatrixSDEntry 6 }-- Traffic matrix tables from destination to sourcenlMatrixDSTable OBJECT-TYPEWaldbusser Standards Track [Page 56]
RFC 4502 Remote Network Monitoring MIB May 2006 SYNTAX SEQUENCE OF NlMatrixDSEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of traffic matrix entries that collect statistics for conversations between two network-level addresses. This table is indexed first by the destination address and then by the source address to make it convenient to collect all conversations to a particular address. The probe will populate this table for all network layer protocols in the protocol directory table whose value of protocolDirMatrixConfig is equal to supportedOn(3), and will delete any entries whose protocolDirEntry is deleted or has a protocolDirMatrixConfig value of supportedOff(2). The probe will add to this table all pairs of addresses seen in all packets with no MAC errors and will increment octet and packet counts in the table for all packets with no MAC errors. Further, this table will only contain entries that have a corresponding entry in the nlMatrixSDTable with the same source address and destination address." ::= { nlMatrix 3 }nlMatrixDSEntry OBJECT-TYPE SYNTAX NlMatrixDSEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the nlMatrixDSTable. The hlMatrixControlIndex value in the index identifies the hlMatrixControlEntry on whose behalf this entry was created. The protocolDirLocalIndex value in the index identifies the network-layer protocol of the nlMatrixDSSourceAddress and nlMatrixDSDestAddress. An example of the indexing of this table is nlMatrixDSPkts.1.783495.18.4.128.2.6.7.4.128.2.6.6. Note that some combinations of index values may result in an index that exceeds 128 sub-identifiers in length, which exceeds the maximum for the SNMP protocol. Implementations should take care to avoid such combinations." INDEX { hlMatrixControlIndex, nlMatrixDSTimeMark, protocolDirLocalIndex,Waldbusser Standards Track [Page 57]
RFC 4502 Remote Network Monitoring MIB May 2006 nlMatrixDSDestAddress, nlMatrixDSSourceAddress } ::= { nlMatrixDSTable 1 }NlMatrixDSEntry ::= SEQUENCE { nlMatrixDSTimeMark TimeFilter, nlMatrixDSSourceAddress OCTET STRING, nlMatrixDSDestAddress OCTET STRING, nlMatrixDSPkts ZeroBasedCounter32, nlMatrixDSOctets ZeroBasedCounter32, nlMatrixDSCreateTime LastCreateTime}nlMatrixDSTimeMark OBJECT-TYPE SYNTAX TimeFilter MAX-ACCESS not-accessible STATUS current DESCRIPTION "A TimeFilter for this entry. See the TimeFilter textual convention to see how this works." ::= { nlMatrixDSEntry 1 }nlMatrixDSSourceAddress OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..255)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The network source address for this nlMatrixDSEntry. This is represented as an octet string with specific semantics and length as identified by the protocolDirLocalIndex component of the index. For example, if the protocolDirLocalIndex indicates an encapsulation of IP, this object is encoded as a length octet of 4, followed by the 4 octets of the IP address, in network byte order." ::= { nlMatrixDSEntry 2 }nlMatrixDSDestAddress OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..255)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The network destination address for this nlMatrixDSEntry. This is represented as an octet string with specific semantics and length as identifiedWaldbusser Standards Track [Page 58]
RFC 4502 Remote Network Monitoring MIB May 2006 by the protocolDirLocalIndex component of the index. For example, if the protocolDirLocalIndex indicates an encapsulation of IP, this object is encoded as a length octet of 4, followed by the 4 octets of the IP address, in network byte order." ::= { nlMatrixDSEntry 3 }nlMatrixDSPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets without errors transmitted from the source address to the destination address since this entry was added to the nlMatrixDSTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times." ::= { nlMatrixDSEntry 4 }nlMatrixDSOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets transmitted from the source address to the destination address since this entry was added to the nlMatrixDSTable (excluding framing bits, but including FCS octets), excluding octets in packets that contained errors. Note that this doesn't count just those octets in the particular protocol frames but includes the entire packet that contained the protocol." ::= { nlMatrixDSEntry 5 }nlMatrixDSCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this entry was last activated. This can be used by the management station to ensure that the entry has not been deleted and recreated between polls." ::= { nlMatrixDSEntry 6 }nlMatrixTopNControlTable OBJECT-TYPEWaldbusser Standards Track [Page 59]
RFC 4502 Remote Network Monitoring MIB May 2006 SYNTAX SEQUENCE OF NlMatrixTopNControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A set of parameters that control the creation of a report of the top N matrix entries according to a selected metric." ::= { nlMatrix 4 }nlMatrixTopNControlEntry OBJECT-TYPE SYNTAX NlMatrixTopNControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the nlMatrixTopNControlTable. An example of the indexing of this table is nlMatrixTopNControlDuration.3" INDEX { nlMatrixTopNControlIndex } ::= { nlMatrixTopNControlTable 1 }NlMatrixTopNControlEntry ::= SEQUENCE { nlMatrixTopNControlIndex Integer32, nlMatrixTopNControlMatrixIndex Integer32, nlMatrixTopNControlRateBase INTEGER, nlMatrixTopNControlTimeRemaining Integer32, nlMatrixTopNControlGeneratedReports Counter32, nlMatrixTopNControlDuration Integer32, nlMatrixTopNControlRequestedSize Integer32, nlMatrixTopNControlGrantedSize Integer32, nlMatrixTopNControlStartTime TimeStamp, nlMatrixTopNControlOwner OwnerString, nlMatrixTopNControlStatus RowStatus}nlMatrixTopNControlIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index that uniquely identifies an entry in the nlMatrixTopNControlTable. Each such entry defines one topN report prepared for one interface." ::= { nlMatrixTopNControlEntry 1 }nlMatrixTopNControlMatrixIndex OBJECT-TYPE SYNTAX Integer32 (1..65535)Waldbusser Standards Track [Page 60]
RFC 4502 Remote Network Monitoring MIB May 2006 MAX-ACCESS read-create STATUS current DESCRIPTION "The nlMatrix[SD/DS] table for which a topN report will be prepared on behalf of this entry. The nlMatrix[SD/DS] table is identified by the value of the hlMatrixControlIndex for that table - that value is used here to identify the particular table. This object may not be modified if the associated nlMatrixTopNControlStatus object is equal to active(1)." ::= { nlMatrixTopNControlEntry 2 }nlMatrixTopNControlRateBase OBJECT-TYPE SYNTAX INTEGER { nlMatrixTopNPkts(1), nlMatrixTopNOctets(2), nlMatrixTopNHighCapacityPkts(3), nlMatrixTopNHighCapacityOctets(4) } MAX-ACCESS read-create STATUS current DESCRIPTION "The variable for each nlMatrix[SD/DS] entry that the nlMatrixTopNEntries are sorted by, as well as a control for the table that the results will be reported in. This object may not be modified if the associated nlMatrixTopNControlStatus object is equal to active(1). If this value is less than or equal to 2, when the report is prepared, entries are created in the nlMatrixTopNTable associated with this object. If this value is greater than or equal to 3, when the report is prepared, entries are created in the nlMatrixTopNHighCapacityTable associated with this object." ::= { nlMatrixTopNControlEntry 3 }nlMatrixTopNControlTimeRemaining OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The number of seconds left in the report currently being collected. When this object is modified by the management station, a new collection is started, possibly aborting a currently running report. The new value is used as the requested duration of thisWaldbusser Standards Track [Page 61]
RFC 4502 Remote Network Monitoring MIB May 2006 report and is immediately loaded into the associated nlMatrixTopNControlDuration object. When the report finishes, the probe will automatically start another collection with the same initial value of nlMatrixTopNControlTimeRemaining. Thus, the management station may simply read the resulting reports repeatedly, checking the startTime and duration each time to ensure that a report was not missed or that the report parameters were not changed. While the value of this object is non-zero, it decrements by one per second until it reaches zero. At the time that this object decrements to zero, the report is made accessible in the nlMatrixTopNTable, overwriting any report that may be there. When this object is modified by the management station, any associated entries in the nlMatrixTopNTable shall be deleted. (Note that this is a different algorithm than the one used in the hostTopNTable)." DEFVAL { 1800 } ::= { nlMatrixTopNControlEntry 4 }nlMatrixTopNControlGeneratedReports OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of reports that have been generated by this entry." ::= { nlMatrixTopNControlEntry 5 }nlMatrixTopNControlDuration OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of seconds that this report has collected during the last sampling interval. When the associated nlMatrixTopNControlTimeRemaining object is set, this object shall be set by the probe to the same value and shall not be modified until the next time the nlMatrixTopNControlTimeRemaining is set. This value shall be zero if no reports have been requested for this nlMatrixTopNControlEntry."Waldbusser Standards Track [Page 62]
RFC 4502 Remote Network Monitoring MIB May 2006 ::= { nlMatrixTopNControlEntry 6 }nlMatrixTopNControlRequestedSize OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum number of matrix entries requested for this report. When this object is created or modified, the probe should set nlMatrixTopNControlGrantedSize as closely to this object as possible for the particular probe implementation and available resources." DEFVAL { 150 } ::= { nlMatrixTopNControlEntry 7 }nlMatrixTopNControlGrantedSize OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The maximum number of matrix entries in this report. When the associated nlMatrixTopNControlRequestedSize object is created or modified, the probe should set this object as closely to the requested value as possible for the particular implementation and available resources. The probe must not lower this value except as a side-effect of a set to the associated nlMatrixTopNControlRequestedSize object. If the value of nlMatrixTopNControlRateBase is equal to nlMatrixTopNPkts, when the next topN report is generated, matrix entries with the highest value of nlMatrixTopNPktRate shall be placed in this table in decreasing order of this rate until there is no more room or until there are no more matrix entries. If the value of nlMatrixTopNControlRateBase is equal to nlMatrixTopNOctets, when the next topN report is generated, matrix entries with the highest value of nlMatrixTopNOctetRate shall be placed in this table in decreasing order of this rate until there is no more room or until there are no more matrix entries. It is an implementation-specific matter how entries with the same value of nlMatrixTopNPktRate or nlMatrixTopNOctetRate are sorted. It is also an implementation-specific matter as toWaldbusser Standards Track [Page 63]
RFC 4502 Remote Network Monitoring MIB May 2006 whether zero-valued entries are available." ::= { nlMatrixTopNControlEntry 8 }nlMatrixTopNControlStartTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this topN report was last started. In other words, this is the time that the associated nlMatrixTopNControlTimeRemaining object was modified to start the requested report or the time the report was last automatically (re)started. This object may be used by the management station to determine whether a report was missed." ::= { nlMatrixTopNControlEntry 9 }nlMatrixTopNControlOwner OBJECT-TYPE SYNTAX OwnerString MAX-ACCESS read-create STATUS current DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { nlMatrixTopNControlEntry 10 }nlMatrixTopNControlStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this nlMatrixTopNControlEntry. An entry may not exist in the active state unless all objects in the entry have an appropriate value. If this object is not equal to active(1), all associated entries in the nlMatrixTopNTable shall be deleted by the agent." ::= { nlMatrixTopNControlEntry 11 }nlMatrixTopNTable OBJECT-TYPE SYNTAX SEQUENCE OF NlMatrixTopNEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A set of statistics for those network-layer matrix entriesWaldbusser Standards Track [Page 64]
RFC 4502 Remote Network Monitoring MIB May 2006 that have counted the highest number of octets or packets." ::= { nlMatrix 5 }nlMatrixTopNEntry OBJECT-TYPE SYNTAX NlMatrixTopNEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the nlMatrixTopNTable. The nlMatrixTopNControlIndex value in the index identifies the nlMatrixTopNControlEntry on whose behalf this entry was created. An example of the indexing of this table is nlMatrixTopNPktRate.3.10" INDEX { nlMatrixTopNControlIndex, nlMatrixTopNIndex } ::= { nlMatrixTopNTable 1 }NlMatrixTopNEntry ::= SEQUENCE { nlMatrixTopNIndex Integer32, nlMatrixTopNProtocolDirLocalIndex Integer32, nlMatrixTopNSourceAddress OCTET STRING, nlMatrixTopNDestAddress OCTET STRING, nlMatrixTopNPktRate Gauge32, nlMatrixTopNReversePktRate Gauge32, nlMatrixTopNOctetRate Gauge32, nlMatrixTopNReverseOctetRate Gauge32}nlMatrixTopNIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index that uniquely identifies an entry in the nlMatrixTopNTable among those in the same report. This index is between 1 and N, where N is the number of entries in this report. If the value of nlMatrixTopNControlRateBase is equal to nlMatrixTopNPkts, increasing values of nlMatrixTopNIndex shall be assigned to entries with decreasing values of nlMatrixTopNPktRate until index N is assigned or there are no more nlMatrixTopNEntries. If the value of nlMatrixTopNControlRateBase is equal to nlMatrixTopNOctets, increasing values of nlMatrixTopNIndexWaldbusser Standards Track [Page 65]
RFC 4502 Remote Network Monitoring MIB May 2006 shall be assigned to entries with decreasing values of nlMatrixTopNOctetRate until index N is assigned or there are no more nlMatrixTopNEntries." ::= { nlMatrixTopNEntry 1 }nlMatrixTopNProtocolDirLocalIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The protocolDirLocalIndex of the network-layer protocol of this entry's network address." ::= { nlMatrixTopNEntry 2 }nlMatrixTopNSourceAddress OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "The network-layer address of the source host in this conversation. This is represented as an octet string with specific semantics and length as identified by the associated nlMatrixTopNProtocolDirLocalIndex. For example, if the protocolDirLocalIndex indicates an encapsulation of IP, this object is encoded as a length octet of 4, followed by the 4 octets of the IP address, in network byte order." ::= { nlMatrixTopNEntry 3 }nlMatrixTopNDestAddress OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "The network-layer address of the destination host in this conversation. This is represented as an octet string with specific semantics and length as identified by the associated nlMatrixTopNProtocolDirLocalIndex. For example, if the nlMatrixTopNProtocolDirLocalIndex indicates an encapsulation of IP, this object is encoded as a length octet of 4, followed by the 4 octets of the IP address, in network byte order."Waldbusser Standards Track [Page 66]
RFC 4502 Remote Network Monitoring MIB May 2006 ::= { nlMatrixTopNEntry 4 }nlMatrixTopNPktRate OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets seen from the source host to the destination host during this sampling interval, counted using the rules for counting the nlMatrixSDPkts object. If the value of nlMatrixTopNControlRateBase is nlMatrixTopNPkts, this variable will be used to sort this report." ::= { nlMatrixTopNEntry 5 }nlMatrixTopNReversePktRate OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets seen from the destination host to the source host during this sampling interval, counted using the rules for counting the nlMatrixSDPkts object. (Note that the corresponding nlMatrixSDPkts object selected is the one whose source address is equal to nlMatrixTopNDestAddress and whose destination address is equal to nlMatrixTopNSourceAddress.) Note that if the value of nlMatrixTopNControlRateBase is equal to nlMatrixTopNPkts, the sort of topN entries is based entirely on nlMatrixTopNPktRate, and not on the value of this object." ::= { nlMatrixTopNEntry 6 }nlMatrixTopNOctetRate OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets seen from the source host to the destination host during this sampling interval, counted using the rules for counting the nlMatrixSDOctets object. If the value of nlMatrixTopNControlRateBase is nlMatrixTopNOctets, this variable will be used to sort this report." ::= { nlMatrixTopNEntry 7 }nlMatrixTopNReverseOctetRate OBJECT-TYPEWaldbusser Standards Track [Page 67]
RFC 4502 Remote Network Monitoring MIB May 2006 SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets seen from the destination host to the source host during this sampling interval, counted using the rules for counting the nlMatrixDSOctets object. (Note that the corresponding nlMatrixSDOctets object selected is the one whose source address is equal to nlMatrixTopNDestAddress and whose destination address is equal to nlMatrixTopNSourceAddress.) Note that if the value of nlMatrixTopNControlRateBase is equal to nlMatrixTopNOctets, the sort of topN entries is based entirely on nlMatrixTopNOctetRate, and not on the value of this object." ::= { nlMatrixTopNEntry 8 }-- Application Layer Functions---- The application layer host, matrix, and matrixTopN functions report-- on protocol usage at the network layer or higher. Note that the-- use of the term application layer does not imply that only-- application-layer protocols are counted, rather it means that-- protocols up to and including the application layer are supported.---- Application Layer Host Group---- Counts the amount of traffic, by protocol, sent from and to each-- network address discovered by the probe.-- Implementation of this group requires implementation of the Network-- Layer Host Group.alHostTable OBJECT-TYPE SYNTAX SEQUENCE OF AlHostEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A collection of statistics for a particular protocol from a particular network address that has been discovered on an interface of this device. The probe will populate this table for all protocols in the protocol directory table whose value of protocolDirHostConfig is equal to supportedOn(3), and will delete any entries whose protocolDirEntry is deleted or has a protocolDirHostConfig value of supportedOff(2).Waldbusser Standards Track [Page 68]
RFC 4502 Remote Network Monitoring MIB May 2006 The probe will add to this table all addresses seen as the source or destination address in all packets with no MAC errors and will increment octet and packet counts in the table for all packets with no MAC errors. Further, entries will only be added to this table if their address exists in the nlHostTable and will be deleted from this table if their address is deleted from the nlHostTable." ::= { alHost 1 }alHostEntry OBJECT-TYPE SYNTAX AlHostEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the alHostTable. The hlHostControlIndex value in the index identifies the hlHostControlEntry on whose behalf this entry was created. The first protocolDirLocalIndex value in the index identifies the network-layer protocol of the address. The nlHostAddress value in the index identifies the network- layer address of this entry. The second protocolDirLocalIndex value in the index identifies the protocol that is counted by this entry. An example of the indexing in this entry is alHostOutPkts.1.783495.18.4.128.2.6.6.34. Note that some combinations of index values may result in an index that exceeds 128 sub-identifiers in length, which exceeds the maximum for the SNMP protocol. Implementations should take care to avoid such combinations." INDEX { hlHostControlIndex, alHostTimeMark, protocolDirLocalIndex, nlHostAddress, protocolDirLocalIndex } ::= { alHostTable 1 }AlHostEntry ::= SEQUENCE { alHostTimeMark TimeFilter, alHostInPkts ZeroBasedCounter32, alHostOutPkts ZeroBasedCounter32, alHostInOctets ZeroBasedCounter32, alHostOutOctets ZeroBasedCounter32, alHostCreateTime LastCreateTime}alHostTimeMark OBJECT-TYPE SYNTAX TimeFilterWaldbusser Standards Track [Page 69]
RFC 4502 Remote Network Monitoring MIB May 2006 MAX-ACCESS not-accessible STATUS current DESCRIPTION "A TimeFilter for this entry. See the TimeFilter textual convention to see how this works." ::= { alHostEntry 1 }alHostInPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets of this protocol type without errors transmitted to this address since it was added to the alHostTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times." ::= { alHostEntry 2 }alHostOutPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets of this protocol type without errors transmitted by this address since it was added to the alHostTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times." ::= { alHostEntry 3 }alHostInOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets transmitted to this address of this protocol type since it was added to the alHostTable (excluding framing bits, but including FCS octets), excluding octets in packets that contained errors. Note that this doesn't count just those octets in the particular protocol frames but includes the entire packet that contained the protocol." ::= { alHostEntry 4 }Waldbusser Standards Track [Page 70]
RFC 4502 Remote Network Monitoring MIB May 2006alHostOutOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets transmitted by this address of this protocol type since it was added to the alHostTable (excluding framing bits, but including FCS octets), excluding octets in packets that contained errors. Note that this doesn't count just those octets in the particular protocol frames but includes the entire packet that contained the protocol." ::= { alHostEntry 5 }alHostCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this entry was last activated. This can be used by the management station to ensure that the entry has not been deleted and recreated between polls." ::= { alHostEntry 6 }---- Application Layer Matrix Group---- Counts the amount of traffic, by protocol, sent between each pair-- of network addresses discovered by the probe.-- Implementation of this group requires implementation of the Network-- Layer Matrix Group.alMatrixSDTable OBJECT-TYPE SYNTAX SEQUENCE OF AlMatrixSDEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of application traffic matrix entries that collect statistics for conversations of a particular protocol between two network-level addresses. This table is indexed first by the source address and then by the destination address to make it convenient to collect all statistics from a particular address. The probe will populate this table for all protocols in the protocol directory table whose value ofWaldbusser Standards Track [Page 71]
RFC 4502 Remote Network Monitoring MIB May 2006 protocolDirMatrixConfig is equal to supportedOn(3), and will delete any entries whose protocolDirEntry is deleted or has a protocolDirMatrixConfig value of supportedOff(2). The probe will add to this table all pairs of addresses for all protocols seen in all packets with no MAC errors and will increment octet and packet counts in the table for all packets with no MAC errors. Further, entries will only be added to this table if their address pair exists in the nlMatrixSDTable and will be deleted from this table if the address pair is deleted from the nlMatrixSDTable." ::= { alMatrix 1 }alMatrixSDEntry OBJECT-TYPE SYNTAX AlMatrixSDEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the alMatrixSDTable. The hlMatrixControlIndex value in the index identifies the hlMatrixControlEntry on whose behalf this entry was created. The first protocolDirLocalIndex value in the index identifies the network-layer protocol of the nlMatrixSDSourceAddress and nlMatrixSDDestAddress. The nlMatrixSDSourceAddress value in the index identifies the network-layer address of the source host in this conversation. The nlMatrixSDDestAddress value in the index identifies the network-layer address of the destination host in this conversation. The second protocolDirLocalIndex value in the index identifies the protocol that is counted by this entry. An example of the indexing of this entry is alMatrixSDPkts.1.783495.18.4.128.2.6.6.4.128.2.6.7.34. Note that some combinations of index values may result in an index that exceeds 128 sub-identifiers in length, which exceeds the maximum for the SNMP protocol. Implementations should take care to avoid such combinations." INDEX { hlMatrixControlIndex, alMatrixSDTimeMark, protocolDirLocalIndex, nlMatrixSDSourceAddress, nlMatrixSDDestAddress, protocolDirLocalIndex } ::= { alMatrixSDTable 1 }AlMatrixSDEntry ::= SEQUENCE { alMatrixSDTimeMark TimeFilter,Waldbusser Standards Track [Page 72]
RFC 4502 Remote Network Monitoring MIB May 2006 alMatrixSDPkts ZeroBasedCounter32, alMatrixSDOctets ZeroBasedCounter32, alMatrixSDCreateTime LastCreateTime}alMatrixSDTimeMark OBJECT-TYPE SYNTAX TimeFilter MAX-ACCESS not-accessible STATUS current DESCRIPTION "A TimeFilter for this entry. See the TimeFilter textual convention to see how this works." ::= { alMatrixSDEntry 1 }alMatrixSDPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets of this protocol type without errors transmitted from the source address to the destination address since this entry was added to the alMatrixSDTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times." ::= { alMatrixSDEntry 2 }alMatrixSDOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets in packets of this protocol type transmitted from the source address to the destination address since this entry was added to the alMatrixSDTable (excluding framing bits, but including FCS octets), excluding octets in packets that contained errors. Note that this doesn't count just those octets in the particular protocol frames but includes the entire packet that contained the protocol." ::= { alMatrixSDEntry 3 }alMatrixSDCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTIONWaldbusser Standards Track [Page 73]
RFC 4502 Remote Network Monitoring MIB May 2006 "The value of sysUpTime when this entry was last activated. This can be used by the management station to ensure that the entry has not been deleted and recreated between polls." ::= { alMatrixSDEntry 4 }-- Traffic matrix tables from destination to sourcealMatrixDSTable OBJECT-TYPE SYNTAX SEQUENCE OF AlMatrixDSEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of application traffic matrix entries that collect statistics for conversations of a particular protocol between two network-level addresses. This table is indexed first by the destination address and then by the source address to make it convenient to collect all statistics to a particular address. The probe will populate this table for all protocols in the protocol directory table whose value of protocolDirMatrixConfig is equal to supportedOn(3), and will delete any entries whose protocolDirEntry is deleted or has a protocolDirMatrixConfig value of supportedOff(2). The probe will add to this table all pairs of addresses for all protocols seen in all packets with no MAC errors and will increment octet and packet counts in the table for all packets with no MAC errors. Further, entries will only be added to this table if their address pair exists in the nlMatrixDSTable and will be deleted from this table if the address pair is deleted from the nlMatrixDSTable." ::= { alMatrix 2 }alMatrixDSEntry OBJECT-TYPE SYNTAX AlMatrixDSEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the alMatrixDSTable. The hlMatrixControlIndex value in the index identifies the hlMatrixControlEntry on whose behalf this entry was created. The first protocolDirLocalIndex value in the index identifies the network-layer protocol of the alMatrixDSSourceAddress and alMatrixDSDestAddress. The nlMatrixDSDestAddress value in the index identifies the network-layer address of the destination host in thisWaldbusser Standards Track [Page 74]
RFC 4502 Remote Network Monitoring MIB May 2006 conversation. The nlMatrixDSSourceAddress value in the index identifies the network-layer address of the source host in this conversation. The second protocolDirLocalIndex value in the index identifies the protocol that is counted by this entry. An example of the indexing of this entry is alMatrixDSPkts.1.783495.18.4.128.2.6.7.4.128.2.6.6.34. Note that some combinations of index values may result in an index that exceeds 128 sub-identifiers in length, which exceeds the maximum for the SNMP protocol. Implementations should take care to avoid such combinations." INDEX { hlMatrixControlIndex, alMatrixDSTimeMark, protocolDirLocalIndex, nlMatrixDSDestAddress, nlMatrixDSSourceAddress, protocolDirLocalIndex } ::= { alMatrixDSTable 1 }AlMatrixDSEntry ::= SEQUENCE { alMatrixDSTimeMark TimeFilter, alMatrixDSPkts ZeroBasedCounter32, alMatrixDSOctets ZeroBasedCounter32, alMatrixDSCreateTime LastCreateTime}alMatrixDSTimeMark OBJECT-TYPE SYNTAX TimeFilter MAX-ACCESS not-accessible STATUS current DESCRIPTION "A TimeFilter for this entry. See the TimeFilter textual convention to see how this works." ::= { alMatrixDSEntry 1 }alMatrixDSPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets of this protocol type without errors transmitted from the source address to the destination address since this entry was added to the alMatrixDSTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times." ::= { alMatrixDSEntry 2 }Waldbusser Standards Track [Page 75]
RFC 4502 Remote Network Monitoring MIB May 2006alMatrixDSOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets in packets of this protocol type transmitted from the source address to the destination address since this entry was added to the alMatrixDSTable (excluding framing bits, but including FCS octets), excluding octets in packets that contained errors. Note that this doesn't count just those octets in the particular protocol frames but includes the entire packet that contained the protocol." ::= { alMatrixDSEntry 3 }alMatrixDSCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this entry was last activated. This can be used by the management station to ensure that the entry has not been deleted and recreated between polls." ::= { alMatrixDSEntry 4 }alMatrixTopNControlTable OBJECT-TYPE SYNTAX SEQUENCE OF AlMatrixTopNControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A set of parameters that control the creation of a report of the top N matrix entries according to a selected metric." ::= { alMatrix 3 }alMatrixTopNControlEntry OBJECT-TYPE SYNTAX AlMatrixTopNControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the alMatrixTopNControlTable. An example of the indexing of this table is alMatrixTopNControlDuration.3" INDEX { alMatrixTopNControlIndex } ::= { alMatrixTopNControlTable 1 }Waldbusser Standards Track [Page 76]
RFC 4502 Remote Network Monitoring MIB May 2006AlMatrixTopNControlEntry ::= SEQUENCE { alMatrixTopNControlIndex Integer32, alMatrixTopNControlMatrixIndex Integer32, alMatrixTopNControlRateBase INTEGER, alMatrixTopNControlTimeRemaining Integer32, alMatrixTopNControlGeneratedReports Counter32, alMatrixTopNControlDuration Integer32, alMatrixTopNControlRequestedSize Integer32, alMatrixTopNControlGrantedSize Integer32, alMatrixTopNControlStartTime TimeStamp, alMatrixTopNControlOwner OwnerString, alMatrixTopNControlStatus RowStatus}alMatrixTopNControlIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index that uniquely identifies an entry in the alMatrixTopNControlTable. Each such entry defines one topN report prepared for one interface." ::= { alMatrixTopNControlEntry 1 }alMatrixTopNControlMatrixIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The alMatrix[SD/DS] table for which a topN report will be prepared on behalf of this entry. The alMatrix[SD/DS] table is identified by the value of the hlMatrixControlIndex for that table - that value is used here to identify the particular table. This object may not be modified if the associated alMatrixTopNControlStatus object is equal to active(1)." ::= { alMatrixTopNControlEntry 2 }alMatrixTopNControlRateBase OBJECT-TYPE SYNTAX INTEGER { alMatrixTopNTerminalsPkts(1), alMatrixTopNTerminalsOctets(2), alMatrixTopNAllPkts(3), alMatrixTopNAllOctets(4), alMatrixTopNTerminalsHighCapacityPkts(5), alMatrixTopNTerminalsHighCapacityOctets(6),Waldbusser Standards Track [Page 77]
RFC 4502 Remote Network Monitoring MIB May 2006 alMatrixTopNAllHighCapacityPkts(7), alMatrixTopNAllHighCapacityOctets(8) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object controls which alMatrix[SD/DS] entry that the alMatrixTopNEntries are sorted by, which view of the matrix table that will be used, as well as which table the results will be reported in. The values alMatrixTopNTerminalsPkts, alMatrixTopNTerminalsOctets, alMatrixTopNTerminalsHighCapacityPkts, and alMatrixTopNTerminalsHighCapacityOctets cause collection only from protocols that have no child protocols that are counted. The values alMatrixTopNAllPkts, alMatrixTopNAllOctets, alMatrixTopNAllHighCapacityPkts, and alMatrixTopNAllHighCapacityOctets cause collection from all alMatrix entries. This object may not be modified if the associated alMatrixTopNControlStatus object is equal to active(1)." ::= { alMatrixTopNControlEntry 3 }alMatrixTopNControlTimeRemaining OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The number of seconds left in the report currently being collected. When this object is modified by the management station, a new collection is started, possibly aborting a currently running report. The new value is used as the requested duration of this report and is immediately loaded into the associated alMatrixTopNControlDuration object. When the report finishes, the probe will automatically start another collection with the same initial value of alMatrixTopNControlTimeRemaining. Thus, the management station may simply read the resulting reports repeatedly, checking the startTime and duration each time to ensure that a report was not missed or that the report parameters were not changed. While the value of this object is non-zero, it decrements by one per second until it reaches zero. At the timeWaldbusser Standards Track [Page 78]
RFC 4502 Remote Network Monitoring MIB May 2006 that this object decrements to zero, the report is made accessible in the alMatrixTopNTable, overwriting any report that may be there. When this object is modified by the management station, any associated entries in the alMatrixTopNTable shall be deleted. (Note that this is a different algorithm than the one used in the hostTopNTable)." DEFVAL { 1800 } ::= { alMatrixTopNControlEntry 4 }alMatrixTopNControlGeneratedReports OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of reports that have been generated by this entry." ::= { alMatrixTopNControlEntry 5 }alMatrixTopNControlDuration OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of seconds that this report has collected during the last sampling interval. When the associated alMatrixTopNControlTimeRemaining object is set, this object shall be set by the probe to the same value and shall not be modified until the next time the alMatrixTopNControlTimeRemaining is set. This value shall be zero if no reports have been requested for this alMatrixTopNControlEntry." ::= { alMatrixTopNControlEntry 6 }alMatrixTopNControlRequestedSize OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum number of matrix entries requested for this report. When this object is created or modified, the probe should set alMatrixTopNControlGrantedSize as closely to this object as possible for the particular probe implementation and available resources."Waldbusser Standards Track [Page 79]
RFC 4502 Remote Network Monitoring MIB May 2006 DEFVAL { 150 } ::= { alMatrixTopNControlEntry 7 }alMatrixTopNControlGrantedSize OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The maximum number of matrix entries in this report. When the associated alMatrixTopNControlRequestedSize object is created or modified, the probe should set this object as closely to the requested value as possible for the particular implementation and available resources. The probe must not lower this value except as a side-effect of a set to the associated alMatrixTopNControlRequestedSize object. If the value of alMatrixTopNControlRateBase is equal to alMatrixTopNTerminalsPkts or alMatrixTopNAllPkts, when the next topN report is generated, matrix entries with the highest value of alMatrixTopNPktRate shall be placed in this table in decreasing order of this rate until there is no more room or until there are no more matrix entries. If the value of alMatrixTopNControlRateBase is equal to alMatrixTopNTerminalsOctets or alMatrixTopNAllOctets, when the next topN report is generated, matrix entries with the highest value of alMatrixTopNOctetRate shall be placed in this table in decreasing order of this rate until there is no more room or until there are no more matrix entries. It is an implementation-specific matter how entries with the same value of alMatrixTopNPktRate or alMatrixTopNOctetRate are sorted. It is also an implementation-specific matter as to whether zero-valued entries are available." ::= { alMatrixTopNControlEntry 8 }alMatrixTopNControlStartTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this topN report was last started. In other words, this is the time that the associated alMatrixTopNControlTimeRemaining object was modified to start the requested report or the time the report was last automatically (re)started.Waldbusser Standards Track [Page 80]
RFC 4502 Remote Network Monitoring MIB May 2006 This object may be used by the management station to determine whether a report was missed." ::= { alMatrixTopNControlEntry 9 }alMatrixTopNControlOwner OBJECT-TYPE SYNTAX OwnerString MAX-ACCESS read-create STATUS current DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { alMatrixTopNControlEntry 10 }alMatrixTopNControlStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this alMatrixTopNControlEntry. An entry may not exist in the active state unless all objects in the entry have an appropriate value. If this object is not equal to active(1), all associated entries in the alMatrixTopNTable shall be deleted by the agent." ::= { alMatrixTopNControlEntry 11 }alMatrixTopNTable OBJECT-TYPE SYNTAX SEQUENCE OF AlMatrixTopNEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A set of statistics for those application-layer matrix entries that have counted the highest number of octets or packets." ::= { alMatrix 4 }alMatrixTopNEntry OBJECT-TYPE SYNTAX AlMatrixTopNEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the alMatrixTopNTable. The alMatrixTopNControlIndex value in the index identifies the alMatrixTopNControlEntry on whose behalf this entry was created.Waldbusser Standards Track [Page 81]
RFC 4502 Remote Network Monitoring MIB May 2006 An example of the indexing of this table is alMatrixTopNPktRate.3.10" INDEX { alMatrixTopNControlIndex, alMatrixTopNIndex } ::= { alMatrixTopNTable 1 }AlMatrixTopNEntry ::= SEQUENCE { alMatrixTopNIndex Integer32, alMatrixTopNProtocolDirLocalIndex Integer32, alMatrixTopNSourceAddress OCTET STRING, alMatrixTopNDestAddress OCTET STRING, alMatrixTopNAppProtocolDirLocalIndex Integer32, alMatrixTopNPktRate Gauge32, alMatrixTopNReversePktRate Gauge32, alMatrixTopNOctetRate Gauge32, alMatrixTopNReverseOctetRate Gauge32 }alMatrixTopNIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index that uniquely identifies an entry in the alMatrixTopNTable among those in the same report. This index is between 1 and N, where N is the number of entries in this report. If the value of alMatrixTopNControlRateBase is equal to alMatrixTopNTerminalsPkts or alMatrixTopNAllPkts, increasing values of alMatrixTopNIndex shall be assigned to entries with decreasing values of alMatrixTopNPktRate until index N is assigned or there are no more alMatrixTopNEntries. If the value of alMatrixTopNControlRateBase is equal to alMatrixTopNTerminalsOctets or alMatrixTopNAllOctets, increasing values of alMatrixTopNIndex shall be assigned to entries with decreasing values of alMatrixTopNOctetRate until index N is assigned or there are no more alMatrixTopNEntries." ::= { alMatrixTopNEntry 1 }alMatrixTopNProtocolDirLocalIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The protocolDirLocalIndex of the network-layer protocol of this entry's network address."Waldbusser Standards Track [Page 82]
RFC 4502 Remote Network Monitoring MIB May 2006 ::= { alMatrixTopNEntry 2 }alMatrixTopNSourceAddress OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "The network-layer address of the source host in this conversation. This is represented as an octet string with specific semantics and length as identified by the associated alMatrixTopNProtocolDirLocalIndex. For example, if the alMatrixTopNProtocolDirLocalIndex indicates an encapsulation of IP, this object is encoded as a length octet of 4, followed by the 4 octets of the IP address, in network byte order." ::= { alMatrixTopNEntry 3 }alMatrixTopNDestAddress OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "The network-layer address of the destination host in this conversation. This is represented as an octet string with specific semantics and length as identified by the associated alMatrixTopNProtocolDirLocalIndex. For example, if the alMatrixTopNProtocolDirLocalIndex indicates an encapsulation of IP, this object is encoded as a length octet of 4, followed by the 4 octets of the IP address, in network byte order." ::= { alMatrixTopNEntry 4 }alMatrixTopNAppProtocolDirLocalIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The type of the protocol counted by this matrix entry." ::= { alMatrixTopNEntry 5 }alMatrixTopNPktRate OBJECT-TYPE SYNTAX Gauge32Waldbusser Standards Track [Page 83]
RFC 4502 Remote Network Monitoring MIB May 2006 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets seen of this protocol from the source host to the destination host during this sampling interval, counted using the rules for counting the alMatrixSDPkts object. If the value of alMatrixTopNControlRateBase is alMatrixTopNTerminalsPkts or alMatrixTopNAllPkts, this variable will be used to sort this report." ::= { alMatrixTopNEntry 6 }alMatrixTopNReversePktRate OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets seen of this protocol from the destination host to the source host during this sampling interval, counted using the rules for counting the alMatrixDSPkts object. (Note that the corresponding alMatrixSDPkts object selected is the one whose source address is equal to alMatrixTopNDestAddress and whose destination address is equal to alMatrixTopNSourceAddress.) Note that if the value of alMatrixTopNControlRateBase is equal to alMatrixTopNTerminalsPkts or alMatrixTopNAllPkts, the sort of topN entries is based entirely on alMatrixTopNPktRate, and not on the value of this object." ::= { alMatrixTopNEntry 7 }alMatrixTopNOctetRate OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets seen of this protocol from the source host to the destination host during this sampling interval, counted using the rules for counting the alMatrixSDOctets object. If the value of alMatrixTopNControlRateBase is alMatrixTopNTerminalsOctets or alMatrixTopNAllOctets, this variable will be used to sort this report." ::= { alMatrixTopNEntry 8 }alMatrixTopNReverseOctetRate OBJECT-TYPEWaldbusser Standards Track [Page 84]
RFC 4502 Remote Network Monitoring MIB May 2006 SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets seen of this protocol from the destination host to the source host during this sampling interval, counted using the rules for counting the alMatrixDSOctets object. (Note that the corresponding alMatrixSDOctets object selected is the one whose source address is equal to alMatrixTopNDestAddress and whose destination address is equal to alMatrixTopNSourceAddress.) Note that if the value of alMatrixTopNControlRateBase is equal to alMatrixTopNTerminalsOctets or alMatrixTopNAllOctets, the sort of topN entries is based entirely on alMatrixTopNOctetRate, and not on the value of this object." ::= { alMatrixTopNEntry 9 }---- User History Collection Group (usrHistory)---- The usrHistory group combines mechanisms seen in the alarm and-- history groups to provide user-specified history collection,-- utilizing two additional control tables and one additional data-- table. This function has traditionally been done by NMS-- applications, via periodic polling. The usrHistory group allows-- this task to be offloaded to an RMON probe.---- Data (an ASN.1 INTEGER based object) is collected in the same-- manner as any history data table (e.g., etherHistoryTable) except-- that the user specifies the MIB instances to be collected. Objects-- are collected in bucket-groups, with the intent that all MIB-- instances in the same bucket-group are collected as atomically as-- possible by the RMON probe.---- The usrHistoryControlTable is a one-dimensional read-create table.-- Each row configures a collection of user history buckets, much-- the same as a historyControlEntry, except that the creation of a-- row in this table will cause one or more associated instances in-- the usrHistoryObjectTable to be created. The user specifies the-- number of bucket elements (rows in the usrHistoryObjectTable)-- requested, as well as the number of buckets requested.---- The usrHistoryObjectTable is a 2-d read-write table.-- Each row configures a single MIB instance to be collected.-- All rows with the same major index constitute a bucket-group.---- The usrHistoryTable is a 3-d read-only table containingWaldbusser Standards Track [Page 85]
RFC 4502 Remote Network Monitoring MIB May 2006-- the data of associated usrHistoryControlEntries. Each-- entry represents the value of a single MIB instance-- during a specific sampling interval (or the rate of-- change during the interval).---- A sample value is stored in two objects - an absolute value and-- a status object. This allows numbers from -(2G-1) to +4G to be-- stored. The status object also indicates whether a sample is-- valid. This allows data collection to continue if periodic-- retrieval of a particular instance fails for any reason.---- Row Creation Order Relationships---- The static nature of the usrHistoryObjectTable creates-- some row creation/modification issues. The rows in this-- table need to be set before the associated-- usrHistoryControlEntry can be activated.---- Note that the usrHistoryObject entries associated with a-- particular usrHistoryControlEntry are not required to-- be active before the control entry is activated. However,-- the usrHistory data entries associated with an inactive-- usrHistoryObject entry will be inactive (i.e.,-- usrHistoryValStatus == valueNotAvailable).--usrHistoryControlTable OBJECT-TYPE SYNTAX SEQUENCE OF UsrHistoryControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of data-collection configuration entries." ::= { usrHistory 1 }usrHistoryControlEntry OBJECT-TYPE SYNTAX UsrHistoryControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of parameters that set up a group of user-defined MIB objects to be sampled periodically (called a bucket-group). For example, an instance of usrHistoryControlInterval might be named usrHistoryControlInterval.1" INDEX { usrHistoryControlIndex } ::= { usrHistoryControlTable 1 }Waldbusser Standards Track [Page 86]
RFC 4502 Remote Network Monitoring MIB May 2006UsrHistoryControlEntry ::= SEQUENCE { usrHistoryControlIndex Integer32, usrHistoryControlObjects Integer32, usrHistoryControlBucketsRequested Integer32, usrHistoryControlBucketsGranted Integer32, usrHistoryControlInterval Integer32, usrHistoryControlOwner OwnerString, usrHistoryControlStatus RowStatus}usrHistoryControlIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index that uniquely identifies an entry in the usrHistoryControlTable. Each such entry defines a set of samples at a particular interval for a specified set of MIB instances available from the managed system." ::= { usrHistoryControlEntry 1 }usrHistoryControlObjects OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The number of MIB objects to be collected in the portion of usrHistoryTable associated with this usrHistoryControlEntry. This object may not be modified if the associated instance of usrHistoryControlStatus is equal to active(1)." ::= { usrHistoryControlEntry 2 }usrHistoryControlBucketsRequested OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The requested number of discrete time intervals over which data is to be saved in the part of the usrHistoryTable associated with this usrHistoryControlEntry. When this object is created or modified, the probe should set usrHistoryControlBucketsGranted as closely to this object as possible for the particular probe implementation and available resources." DEFVAL { 50 }Waldbusser Standards Track [Page 87]
RFC 4502 Remote Network Monitoring MIB May 2006 ::= { usrHistoryControlEntry 3 }usrHistoryControlBucketsGranted OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The number of discrete sampling intervals over which data shall be saved in the part of the usrHistoryTable associated with this usrHistoryControlEntry. When the associated usrHistoryControlBucketsRequested object is created or modified, the probe should set this object as closely to the requested value as possible for the particular probe implementation and available resources. The probe must not lower this value except as a result of a modification to the associated usrHistoryControlBucketsRequested object. The associated usrHistoryControlBucketsRequested object should be set before or at the same time as this object to allow the probe to accurately estimate the resources required for this usrHistoryControlEntry. There will be times when the actual number of buckets associated with this entry is less than the value of this object. In this case, at the end of each sampling interval, a new bucket will be added to the usrHistoryTable. When the number of buckets reaches the value of this object and a new bucket is to be added to the usrHistoryTable, the oldest bucket associated with this usrHistoryControlEntry shall be deleted by the agent so that the new bucket can be added. When the value of this object changes to a value less than the current value, entries are deleted from the usrHistoryTable associated with this usrHistoryControlEntry. Enough of the oldest of these entries shall be deleted by the agent so that their number remains less than or equal to the new value of this object. When the value of this object changes to a value greater than the current value, the number of associated usrHistory entries may be allowed to grow." ::= { usrHistoryControlEntry 4 }Waldbusser Standards Track [Page 88]
RFC 4502 Remote Network Monitoring MIB May 2006usrHistoryControlInterval OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The interval in seconds over which the data is sampled for each bucket in the part of the usrHistory table associated with this usrHistoryControlEntry. Because the counters in a bucket may overflow at their maximum value with no indication, a prudent manager will take into account the possibility of overflow in any of the associated counters. It is important to consider the minimum time in which any counter could overflow on a particular media type and to set the usrHistoryControlInterval object to a value less than this interval. This object may not be modified if the associated usrHistoryControlStatus object is equal to active(1)." DEFVAL { 1800 } ::= { usrHistoryControlEntry 5 }usrHistoryControlOwner OBJECT-TYPE SYNTAX OwnerString MAX-ACCESS read-create STATUS current DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { usrHistoryControlEntry 6 }usrHistoryControlStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this variable history control entry. An entry may not exist in the active state unless all objects in the entry have an appropriate value. If this object is not equal to active(1), all associated entries in the usrHistoryTable shall be deleted." ::= { usrHistoryControlEntry 7 }-- Object tableusrHistoryObjectTable OBJECT-TYPEWaldbusser Standards Track [Page 89]
RFC 4502 Remote Network Monitoring MIB May 2006 SYNTAX SEQUENCE OF UsrHistoryObjectEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of data-collection configuration entries." ::= { usrHistory 2 }usrHistoryObjectEntry OBJECT-TYPE SYNTAX UsrHistoryObjectEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of MIB instances to be sampled periodically. Entries in this table are created when an associated usrHistoryControlObjects object is created. The usrHistoryControlIndex value in the index is that of the associated usrHistoryControlEntry. For example, an instance of usrHistoryObjectVariable might be usrHistoryObjectVariable.1.3" INDEX { usrHistoryControlIndex, usrHistoryObjectIndex } ::= { usrHistoryObjectTable 1 }UsrHistoryObjectEntry ::= SEQUENCE { usrHistoryObjectIndex Integer32, usrHistoryObjectVariable OBJECT IDENTIFIER, usrHistoryObjectSampleType INTEGER}usrHistoryObjectIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index used to uniquely identify an entry in the usrHistoryObject table. Each such entry defines a MIB instance to be collected periodically." ::= { usrHistoryObjectEntry 1 }usrHistoryObjectVariable OBJECT-TYPE SYNTAX OBJECT IDENTIFIER MAX-ACCESS read-create STATUS current DESCRIPTION "The object identifier of the particular variable to beWaldbusser Standards Track [Page 90]
RFC 4502 Remote Network Monitoring MIB May 2006 sampled. Only variables that resolve to an ASN.1 primitive type of Integer32 (Integer32, Counter, Gauge, or TimeTicks) may be sampled. Because SNMP access control is articulated entirely in terms of the contents of MIB views, no access control mechanism exists that can restrict the value of this object to identify only those objects that exist in a particular MIB view. Because there is thus no acceptable means of restricting the read access that could be obtained through the user history mechanism, the probe must only grant write access to this object in those views that have read access to all objects on the probe. See USM [RFC3414] and VACM [RFC3415] for more information. During a set operation, if the supplied variable name is not available in the selected MIB view, a badValue error must be returned. This object may not be modified if the associated usrHistoryControlStatus object is equal to active(1)." ::= { usrHistoryObjectEntry 2 }usrHistoryObjectSampleType OBJECT-TYPE SYNTAX INTEGER { absoluteValue(1), deltaValue(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The method of sampling the selected variable for storage in the usrHistoryTable. If the value of this object is absoluteValue(1), the value of the selected variable will be copied directly into the history bucket. If the value of this object is deltaValue(2), the value of the selected variable at the last sample will be subtracted from the current value, and the difference will be stored in the history bucket. If the associated usrHistoryObjectVariable instance could not be obtained at the previous sample interval, then a delta sample is not possible, and the value of the associated usrHistoryValStatus object for this interval will be valueNotAvailable(1).Waldbusser Standards Track [Page 91]
RFC 4502 Remote Network Monitoring MIB May 2006 This object may not be modified if the associated usrHistoryControlStatus object is equal to active(1)." ::= { usrHistoryObjectEntry 3 }-- data tableusrHistoryTable OBJECT-TYPE SYNTAX SEQUENCE OF UsrHistoryEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of user-defined history entries." ::= { usrHistory 3 }usrHistoryEntry OBJECT-TYPE SYNTAX UsrHistoryEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A historical sample of user-defined variables. This sample is associated with the usrHistoryControlEntry that set up the parameters for a regular collection of these samples. The usrHistoryControlIndex value in the index identifies the usrHistoryControlEntry on whose behalf this entry was created. The usrHistoryObjectIndex value in the index identifies the usrHistoryObjectEntry on whose behalf this entry was created. For example, an instance of usrHistoryAbsValue, which represents the 14th sample of a variable collected as specified by usrHistoryControlEntry.1 and usrHistoryObjectEntry.1.5, would be named usrHistoryAbsValue.1.14.5" INDEX { usrHistoryControlIndex, usrHistorySampleIndex, usrHistoryObjectIndex } ::= { usrHistoryTable 1 }UsrHistoryEntry ::= SEQUENCE { usrHistorySampleIndex Integer32, usrHistoryIntervalStart TimeStamp, usrHistoryIntervalEnd TimeStamp, usrHistoryAbsValue Gauge32, usrHistoryValStatus INTEGER}usrHistorySampleIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS currentWaldbusser Standards Track [Page 92]
RFC 4502 Remote Network Monitoring MIB May 2006 DESCRIPTION "An index that uniquely identifies the particular sample this entry represents among all samples associated with the same usrHistoryControlEntry. This index starts at 1 and increases by one as each new sample is taken." ::= { usrHistoryEntry 1 }usrHistoryIntervalStart OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime at the start of the interval over which this sample was measured. If the probe keeps track of the time of day, it should start the first sample of the history at a time such that when the next hour of the day begins, a sample is started at that instant. Note that following this rule may require that the probe delay collecting the first sample of the history, as each sample must be of the same interval. Also note that the sample that is currently being collected is not accessible in this table until the end of its interval." ::= { usrHistoryEntry 2 }usrHistoryIntervalEnd OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime at the end of the interval over which this sample was measured." ::= { usrHistoryEntry 3 }usrHistoryAbsValue OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The absolute value (i.e., unsigned value) of the user-specified statistic during the last sampling period. The value during the current sampling period is not made available until the period is completed. To obtain the true value for this sampling interval, the associated instance of usrHistoryValStatus must be checked, and usrHistoryAbsValue adjusted as necessary.Waldbusser Standards Track [Page 93]
RFC 4502 Remote Network Monitoring MIB May 2006 If the MIB instance could not be accessed during the sampling interval, then this object will have a value of zero, and the associated instance of usrHistoryValStatus will be set to 'valueNotAvailable(1)'. The access control check prescribed in the definition of usrHistoryObjectVariable SHOULD be checked for each sampling interval. If this check determines that access should not be allowed, then this object will have a value of zero, and the associated instance of usrHistoryValStatus will be set to 'valueNotAvailable(1)'." ::= { usrHistoryEntry 4 }usrHistoryValStatus OBJECT-TYPE SYNTAX INTEGER { valueNotAvailable(1), valuePositive(2), valueNegative(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the validity and sign of the data in the associated instance of usrHistoryAbsValue. If the MIB instance could not be accessed during the sampling interval, then 'valueNotAvailable(1)' will be returned. If the sample is valid and the actual value of the sample is greater than or equal to zero, then 'valuePositive(2)' is returned. If the sample is valid and the actual value of the sample is less than zero, 'valueNegative(3)' will be returned. The associated instance of usrHistoryAbsValue should be multiplied by -1 to obtain the true sample value." ::= { usrHistoryEntry 5 }-- The Probe Configuration Group---- This group controls the configuration of various operating-- parameters of the probe.ControlString ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This data type is used to communicate with a modem or aWaldbusser Standards Track [Page 94]
RFC 4502 Remote Network Monitoring MIB May 2006 serial data switch. A ControlString contains embedded commands to control how the device will interact with the remote device through the serial interface. Commands are represented as two-character sequences beginning with the '^' character. The following commands are recognized by the device (note that command characters are case sensitive): ^s Send string that follows, which is terminated by the next command or the end of string. ^c Delay for the number of seconds that follows. Toss out any data received rather than store it in a buffer for parsing. ^t Set timeout to the value represented by the decimal digits that follow. The default timeout is 20 seconds. Note that this timeout may be overridden by a smaller serialTimeout configured for the associated serial interface (see serialConfigTable). ^w Wait for the reply string that follows, which is terminated by the next command or the end of string. Partial and case-insensitive matching is applied, i.e., if the reply string (any case combination) is found anywhere in the received string, then the a match is found. If the current timeout elapses without a match, then the remaining control string is ignored. ^! The ^ character. ^d Delay the number of seconds specified by the decimal digits that follow. ^b Send break for the number of milliseconds specified by the decimal digits that follow. If no digits follow, break will be enforced for 250 milliseconds by default. The following ASCII control characters may be inserted into the '^s' send string or the '^w' reply string: ^@ 0x00 ^A 0x01 .. ^M 0x0D .. ^Z 0x1A ^[ 0x1B ^ 0x1C ^] 0x1D ^^ 0x1E ^_ 0x1FWaldbusser Standards Track [Page 95]
RFC 4502 Remote Network Monitoring MIB May 2006 Binary data may also be inserted into the data stream. The control sequence for each byte of binary data is ^0x##, where ## is the hexadecimal representation of the data byte. Two ASCII characters (0-9, a-f, A-F) must follow the '^0x' control prefix. For example, '^0x0D^0x0A' is interpreted as a carriage return followed by a line feed." SYNTAX OCTET STRING (SIZE (0..255))probeCapabilities OBJECT-TYPE SYNTAX BITS { etherStats(0), historyControl(1), etherHistory(2), alarm(3), hosts(4), hostTopN(5), matrix(6), filter(7), capture(8), event(9), tokenRingMLStats(10), tokenRingPStats(11), tokenRingMLHistory(12), tokenRingPHistory(13), ringStation(14), ringStationOrder(15), ringStationConfig(16), sourceRouting(17), protocolDirectory(18), protocolDistribution(19), addressMapping(20), nlHost(21), nlMatrix(22), alHost(23), alMatrix(24), usrHistory(25), probeConfig(26) } MAX-ACCESS read-only STATUS current DESCRIPTION "An indication of the RMON MIB groups supported on at least one interface by this probe." ::= { probeConfig 1 }probeSoftwareRev OBJECT-TYPE SYNTAX DisplayString (SIZE(0..15)) MAX-ACCESS read-onlyWaldbusser Standards Track [Page 96]
RFC 4502 Remote Network Monitoring MIB May 2006 STATUS current DESCRIPTION "The software revision of this device. This string will have a zero length if the revision is unknown." ::= { probeConfig 2 }probeHardwareRev OBJECT-TYPE SYNTAX DisplayString (SIZE(0..31)) MAX-ACCESS read-only STATUS current DESCRIPTION "The hardware revision of this device. This string will have a zero length if the revision is unknown." ::= { probeConfig 3 }probeDateTime OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0 | 8 | 11)) MAX-ACCESS read-write STATUS current DESCRIPTION "Probe's current date and time. field octets contents range ----- ------ -------- -----1 1-2 year 0..655362 3 month 1..123 4 day 1..314 5 hour 0..235 6 minutes 0..596 7 seconds 0..60 (use 60 for leap-second)7 8 deci-seconds 0..9 8 9 direction from UTC '+' / '-'9 10 hours from UTC 0..1110 11 minutes from UTC 0..59 For example, Tuesday May 26, 1992 at 1:30:15 PM EDT would be displayed as: 1992-5-26,13:30:15.0,-4:0 Note that if only local time is known, then time zone information (fields 8-10) is not present, and that if no time information is known, the null string is returned." ::= { probeConfig 4 }probeResetControl OBJECT-TYPEWaldbusser Standards Track [Page 97]
RFC 4502 Remote Network Monitoring MIB May 2006 SYNTAX INTEGER { running(1), warmBoot(2), coldBoot(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this object to warmBoot(2) causes the device to restart the application software with current configuration parameters saved in non-volatile memory. Setting this object to coldBoot(3) causes the device to reinitialize configuration parameters in non-volatile memory to default values and to restart the application software. When the device is running normally, this variable has a value of running(1)." ::= { probeConfig 5 }-- The following download objects do not restrict an implementation-- from implementing additional download mechanisms (controlled in an-- implementation-specific manner). Further, in the case where the RMON-- agent shares a processor with other types of systems, the-- implementation is not required to download those non-RMON functions-- with this mechanism.probeDownloadFile OBJECT-TYPE SYNTAX DisplayString (SIZE(0..127)) MAX-ACCESS read-write STATUS deprecated DESCRIPTION "The file name to be downloaded from the TFTP server when a download is next requested via this MIB. This value is set to the zero-length string when no file name has been specified. This object has been deprecated, as it has not had enough independent implementations to demonstrate interoperability to meet the requirements of a Draft Standard." ::= { probeConfig 6 }probeDownloadTFTPServer OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS deprecated DESCRIPTION "The IP address of the TFTP server that contains the boot image to load when a download is next requested via this MIB. This value is set to '0.0.0.0' when no IP address has beenWaldbusser Standards Track [Page 98]
RFC 4502 Remote Network Monitoring MIB May 2006 specified. This object has been deprecated, as it has not had enough independent implementations to demonstrate interoperability to meet the requirements of a Draft Standard." ::= { probeConfig 7 }probeDownloadAction OBJECT-TYPE SYNTAX INTEGER { notDownloading(1), downloadToPROM(2), downloadToRAM(3) } MAX-ACCESS read-write STATUS deprecated DESCRIPTION "When this object is set to downloadToRAM(3) or downloadToPROM(2), the device will discontinue its normal operation and begin download of the image specified by probeDownloadFile from the server specified by probeDownloadTFTPServer using the TFTP protocol. If downloadToRAM(3) is specified, the new image is copied to RAM only (the old image remains unaltered in the flash EPROM). If downloadToPROM(2) is specified, the new image is written to the flash EPROM memory after its checksum has been verified to be correct. When the download process is completed, the device will warm boot to restart the newly loaded application. When the device is not downloading, this object will have a value of notDownloading(1). This object has been deprecated, as it has not had enough independent implementations to demonstrate interoperability to meet the requirements of a Draft Standard." ::= { probeConfig 8 }probeDownloadStatus OBJECT-TYPE SYNTAX INTEGER { downloadSuccess(1), downloadStatusUnknown(2), downloadGeneralError(3), downloadNoResponseFromServer(4), downloadChecksumError(5), downloadIncompatibleImage(6), downloadTftpFileNotFound(7), downloadTftpAccessViolation(8) } MAX-ACCESS read-onlyWaldbusser Standards Track [Page 99]
RFC 4502 Remote Network Monitoring MIB May 2006 STATUS deprecated DESCRIPTION "The status of the last download procedure, if any. This object will have a value of downloadStatusUnknown(2) if no download process has been performed. This object has been deprecated, as it has not had enough independent implementations to demonstrate interoperability to meet the requirements of a Draft Standard." ::= { probeConfig 9 }serialConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF SerialConfigEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "A table of serial interface configuration entries. This data will be stored in non-volatile memory and preserved across probe resets or power loss. This table has been deprecated, as it has not had enough independent implementations to demonstrate interoperability to meet the requirements of a Draft Standard." ::= { probeConfig 10 }serialConfigEntry OBJECT-TYPE SYNTAX SerialConfigEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "A set of configuration parameters for a particular serial interface on this device. If the device has no serial interfaces, this table is empty. The index is composed of the ifIndex assigned to this serial line interface." INDEX { ifIndex } ::= { serialConfigTable 1 }SerialConfigEntry ::= SEQUENCE { serialMode INTEGER, serialProtocol INTEGER, serialTimeout Integer32, serialModemInitString ControlString, serialModemHangUpString ControlString, serialModemConnectResp DisplayString, serialModemNoConnectResp DisplayString, serialDialoutTimeout Integer32,Waldbusser Standards Track [Page 100]
RFC 4502 Remote Network Monitoring MIB May 2006 serialStatus RowStatus}serialMode OBJECT-TYPE SYNTAX INTEGER { direct(1), modem(2) } MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The type of incoming connection to be expected on this serial interface." DEFVAL { direct } ::= { serialConfigEntry 1 }serialProtocol OBJECT-TYPE SYNTAX INTEGER { other(1), slip(2), ppp(3) } MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The type of data link encapsulation to be used on this serial interface." DEFVAL { slip } ::= { serialConfigEntry 2 }serialTimeout OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS read-create STATUS deprecated DESCRIPTION "This timeout value is used when the Management Station has initiated the conversation over the serial link. This variable represents the number of seconds of inactivity allowed before terminating the connection on this serial interface. Use the serialDialoutTimeout in the case where the probe has initiated the connection for the purpose of sending a trap." DEFVAL { 300 } ::= { serialConfigEntry 3 }serialModemInitString OBJECT-TYPE SYNTAX ControlString (SIZE (0..255)) MAX-ACCESS read-create STATUS deprecatedWaldbusser Standards Track [Page 101]
RFC 4502 Remote Network Monitoring MIB May 2006 DESCRIPTION "A control string that controls how a modem attached to this serial interface should be initialized. The initialization is performed once during startup and again after each connection is terminated if the associated serialMode has the value of modem(2). A control string that is appropriate for a wide variety of modems is: '^s^MATE0Q0V1X4 S0=1 S2=43^M'." ::= { serialConfigEntry 4 }serialModemHangUpString OBJECT-TYPE SYNTAX ControlString (SIZE (0..255)) MAX-ACCESS read-create STATUS deprecated DESCRIPTION "A control string that specifies how to disconnect a modem connection on this serial interface. This object is only meaningful if the associated serialMode has the value of modem(2). A control string that is appropriate for a wide variety of modems is: '^d2^s+++^d2^sATH0^M^d2'." ::= { serialConfigEntry 5 }serialModemConnectResp OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) MAX-ACCESS read-create STATUS deprecated DESCRIPTION "An ASCII string containing substrings that describe the expected modem connection response code and associated bps rate. The substrings are delimited by the first character in the string, for example: /CONNECT/300/CONNECT 1200/1200/CONNECT 2400/2400/ CONNECT 4800/4800/CONNECT 9600/9600 will be interpreted as: response code bps rate CONNECT 300 CONNECT 1200 1200 CONNECT 2400 2400 CONNECT 4800 4800 CONNECT 9600 9600 The agent will use the information in this string to adjust the bps rate of this serial interface once a modem connection is established. A value that is appropriate for a wide variety of modems is:Waldbusser Standards Track [Page 102]
RFC 4502 Remote Network Monitoring MIB May 2006 '/CONNECT/300/CONNECT 1200/1200/CONNECT 2400/2400/ CONNECT 4800/4800/CONNECT 9600/9600/CONNECT 14400/14400/ CONNECT 19200/19200/CONNECT 38400/38400/'." ::= { serialConfigEntry 6 }serialModemNoConnectResp OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) MAX-ACCESS read-create STATUS deprecated DESCRIPTION "An ASCII string containing response codes that may be generated by a modem to report the reason why a connection attempt has failed. The response codes are delimited by the first character in the string, for example: /NO CARRIER/BUSY/NO DIALTONE/NO ANSWER/ERROR/ If one of these response codes is received via this serial interface while attempting to make a modem connection, the agent will issue the hang up command as specified by serialModemHangUpString. A value that is appropriate for a wide variety of modems is: '/NO CARRIER/BUSY/NO DIALTONE/NO ANSWER/ERROR/'." ::= { serialConfigEntry 7 }serialDialoutTimeout OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS read-create STATUS deprecated DESCRIPTION "This timeout value is used when the probe initiates the serial connection with the intention of contacting a management station. This variable represents the number of seconds of inactivity allowed before terminating the connection on this serial interface." DEFVAL { 20 } ::= { serialConfigEntry 8 }serialStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The status of this serialConfigEntry. An entry may not exist in the active state unless all objects in the entry have an appropriate value." ::= { serialConfigEntry 9 }Waldbusser Standards Track [Page 103]
RFC 4502 Remote Network Monitoring MIB May 2006netConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF NetConfigEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "A table of netConfigEntries. This table has been deprecated, as it has not had enough independent implementations to demonstrate interoperability to meet the requirements of a Draft Standard." ::= { probeConfig 11 }netConfigEntry OBJECT-TYPE SYNTAX NetConfigEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "A set of configuration parameters for a particular network interface on this device. If the device has no network interface, this table is empty. The index is composed of the ifIndex assigned to the corresponding interface." INDEX { ifIndex } ::= { netConfigTable 1 }NetConfigEntry ::= SEQUENCE { netConfigIPAddress IpAddress, netConfigSubnetMask IpAddress, netConfigStatus RowStatus}netConfigIPAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The IP address of this Net interface. The default value for this object is 0.0.0.0. If either the netConfigIPAddress or netConfigSubnetMask is 0.0.0.0, then when the device boots, it may use BOOTP to try to figure out what these values should be. If BOOTP fails before the device can talk on the network, this value must be configured (e.g., through a terminal attached to the device). If BOOTP is used, care should be taken to not send BOOTP broadcasts too frequently and to eventually send them very infrequently if no replies are received." ::= { netConfigEntry 1 }Waldbusser Standards Track [Page 104]
RFC 4502 Remote Network Monitoring MIB May 2006netConfigSubnetMask OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The subnet mask of this Net interface. The default value for this object is 0.0.0.0. If either the netConfigIPAddress or netConfigSubnetMask is 0.0.0.0, then when the device boots, it may use BOOTP to try to figure out what these values should be. If BOOTP fails before the device can talk on the network, this value must be configured (e.g., through a terminal attached to the device). If BOOTP is used, care should be taken to not send BOOTP broadcasts too frequently and to eventually send them very infrequently if no replies are received." ::= { netConfigEntry 2 }netConfigStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The status of this netConfigEntry. An entry may not exist in the active state unless all objects in the entry have an appropriate value." ::= { netConfigEntry 3 }netDefaultGateway OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS deprecated DESCRIPTION "The IP Address of the default gateway. If this value is undefined or unknown, it shall have the value 0.0.0.0." ::= { probeConfig 12 }-- Trap Destination Table---- This table defines the destination addresses for traps generated-- from the device. This table maps a community to one or more trap-- destination entries.---- The same trap will be sent to all destinations specified in the-- entries that have the same trapDestCommunity as the eventCommunity-- (as defined by RMON MIB), as long as no access control mechanism-- (e.g., VACM) prohibits sending to one or more of the destinations.-- Information in this table will be stored in non-volatile memory.Waldbusser Standards Track [Page 105]
RFC 4502 Remote Network Monitoring MIB May 2006-- If the device has gone through a hard restart, this information-- will be reset to its default state.trapDestTable OBJECT-TYPE SYNTAX SEQUENCE OF TrapDestEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "A list of trap destination entries." ::= { probeConfig 13 }trapDestEntry OBJECT-TYPE SYNTAX TrapDestEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "This entry includes a destination IP address to which traps are sent for this community." INDEX { trapDestIndex } ::= { trapDestTable 1 }TrapDestEntry ::= SEQUENCE { trapDestIndex Integer32, trapDestCommunity OCTET STRING, trapDestProtocol INTEGER, trapDestAddress OCTET STRING, trapDestOwner OwnerString, trapDestStatus RowStatus}trapDestIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "A value that uniquely identifies this trapDestEntry." ::= { trapDestEntry 1 }trapDestCommunity OBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..127)) MAX-ACCESS read-create STATUS deprecated DESCRIPTION "A community to which this destination address belongs. This entry is associated with any eventEntries in the RMON MIB whose value of eventCommunity is equal to the value of this object. Every time an associated event entry sends a trap due to an event, that trap will be sent to eachWaldbusser Standards Track [Page 106]
RFC 4502 Remote Network Monitoring MIB May 2006 address in the trapDestTable with a trapDestCommunity equal to eventCommunity, as long as no access control mechanism precludes it (e.g., VACM). This object may not be modified if the associated trapDestStatus object is equal to active(1)." ::= { trapDestEntry 2 }trapDestProtocol OBJECT-TYPE SYNTAX INTEGER { ip(1), ipx(2) } MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The protocol with which this trap is to be sent." ::= { trapDestEntry 3 }trapDestAddress OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The destination address for traps on behalf of this entry. If the associated trapDestProtocol object is equal to ip(1), the encoding of this object is the same as the snmpUDPAddress textual convention inRFC 3417, 'Transport Mappings for the Simple Network Management Protocol (SNMP)' [RFC3417]: -- for a SnmpUDPAddress of length 6: -- -- octets contents encoding -- 1-4 IP-address network-byte order -- 5-6 UDP-port network-byte order If the associated trapDestProtocol object is equal to ipx(2), the encoding of this object is the same as the snmpIPXAddress textual convention inRFC 3417, 'Transport Mappings for the Simple Network Management Protocol (SNMP)' [RFC3417]: -- for a SnmpIPXAddress of length 12: -- -- octets contents encoding -- 1-4 network-number network-byte order -- 5-10 physical-address network-byte order -- 11-12 socket-number network-byte order This object may not be modified if the associatedWaldbusser Standards Track [Page 107]
RFC 4502 Remote Network Monitoring MIB May 2006 trapDestStatus object is equal to active(1)." ::= { trapDestEntry 4 }trapDestOwner OBJECT-TYPE SYNTAX OwnerString MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { trapDestEntry 5 }trapDestStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The status of this trap destination entry. An entry may not exist in the active state unless all objects in the entry have an appropriate value." ::= { trapDestEntry 6 }-- Serial Connection Table---- The device may communicate with a management station using-- SLIP. In order for the device to send traps via SLIP, it must-- be able to initiate a connection over the serial interface. The-- serialConnectionTable stores the parameters for such connection-- initiation.serialConnectionTable OBJECT-TYPE SYNTAX SEQUENCE OF SerialConnectionEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "A list of serialConnectionEntries. This table has been deprecated, as it has not had enough independent implementations to demonstrate interoperability to meet the requirements of a Draft Standard." ::= { probeConfig 14 }serialConnectionEntry OBJECT-TYPE SYNTAX SerialConnectionEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTIONWaldbusser Standards Track [Page 108]
RFC 4502 Remote Network Monitoring MIB May 2006 "Configuration for a SLIP link over a serial line." INDEX { serialConnectIndex } ::= { serialConnectionTable 1 }SerialConnectionEntry ::= SEQUENCE { serialConnectIndex Integer32, serialConnectDestIpAddress IpAddress, serialConnectType INTEGER, serialConnectDialString ControlString, serialConnectSwitchConnectSeq ControlString, serialConnectSwitchDisconnectSeq ControlString, serialConnectSwitchResetSeq ControlString, serialConnectOwner OwnerString, serialConnectStatus RowStatus}serialConnectIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "A value that uniquely identifies this serialConnection entry." ::= { serialConnectionEntry 1 }serialConnectDestIpAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The IP Address that can be reached at the other end of this serial connection. This object may not be modified if the associated serialConnectStatus object is equal to active(1)." ::= { serialConnectionEntry 2 }serialConnectType OBJECT-TYPE SYNTAX INTEGER { direct(1), modem(2), switch(3), modemSwitch(4) } MAX-ACCESS read-create STATUS deprecated DESCRIPTIONWaldbusser Standards Track [Page 109]
RFC 4502 Remote Network Monitoring MIB May 2006 "The type of outgoing connection to be made. If this object has the value direct(1), then a direct serial connection is assumed. If this object has the value modem(2), then serialConnectDialString will be used to make a modem connection. If this object has the value switch(3), then serialConnectSwitchConnectSeq will be used to establish the connection over a serial data switch, and serialConnectSwitchDisconnectSeq will be used to terminate the connection. If this object has the value modem-switch(4), then a modem connection will be made first, followed by the switch connection. This object may not be modified if the associated serialConnectStatus object is equal to active(1)." DEFVAL { direct } ::= { serialConnectionEntry 3 }serialConnectDialString OBJECT-TYPE SYNTAX ControlString (SIZE(0..255)) MAX-ACCESS read-create STATUS deprecated DESCRIPTION "A control string that specifies how to dial the phone number in order to establish a modem connection. The string should include the dialing prefix and suffix. For example: '^s^MATD9,888-1234^M' will instruct the Probe to send a carriage return, followed by the dialing prefix 'ATD', the phone number '9,888-1234', and a carriage return as the dialing suffix. This object may not be modified if the associated serialConnectStatus object is equal to active(1)." ::= { serialConnectionEntry 4 }serialConnectSwitchConnectSeq OBJECT-TYPE SYNTAX ControlString (SIZE(0..255)) MAX-ACCESS read-create STATUS deprecated DESCRIPTION "A control string that specifies how to establish a data switch connection. This object may not be modified if the associated serialConnectStatus object is equal to active(1)." ::= { serialConnectionEntry 5 }serialConnectSwitchDisconnectSeq OBJECT-TYPE SYNTAX ControlString (SIZE(0..255))Waldbusser Standards Track [Page 110]
RFC 4502 Remote Network Monitoring MIB May 2006 MAX-ACCESS read-create STATUS deprecated DESCRIPTION "A control string that specifies how to terminate a data switch connection. This object may not be modified if the associated serialConnectStatus object is equal to active(1)." ::= { serialConnectionEntry 6 }serialConnectSwitchResetSeq OBJECT-TYPE SYNTAX ControlString (SIZE(0..255)) MAX-ACCESS read-create STATUS deprecated DESCRIPTION "A control string that specifies how to reset a data switch in the event of a timeout. This object may not be modified if the associated serialConnectStatus object is equal to active(1)." ::= { serialConnectionEntry 7 }serialConnectOwner OBJECT-TYPE SYNTAX OwnerString MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { serialConnectionEntry 8 }serialConnectStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The status of this serialConnectionEntry. If the manager attempts to set this object to active(1) when the serialConnectType is set to modem(2) or modem-switch(4) and the serialConnectDialString is a zero-length string or cannot be correctly parsed as a ConnectString, the set request will be rejected with badValue(3). If the manager attempts to set this object to active(1) when the serialConnectType is set to switch(3) or modem-switch(4) and the serialConnectSwitchConnectSeq, the serialConnectSwitchDisconnectSeq, orWaldbusser Standards Track [Page 111]
RFC 4502 Remote Network Monitoring MIB May 2006 the serialConnectSwitchResetSeq is a zero-length string or cannot be correctly parsed as a ConnectString, the set request will be rejected with badValue(3). An entry may not exist in the active state unless all objects in the entry have an appropriate value." ::= { serialConnectionEntry 9 }---- Extensions to the RMON 1 MIB for RMON 2 devices---- These extensions include the standard LastCreateTime Textual-- Convention for all control tables, as well as an augmentation of-- the filter entry that provides variable-length offsets into-- packets.-- Each of the following, except for filterDroppedFrames, is a-- read-only object which, if implemented, automatically appears when-- the RMON1 row it is associated with is created.etherStats2Table OBJECT-TYPE SYNTAX SEQUENCE OF EtherStats2Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Contains the RMON-2 augmentations to RMON-1." ::= { statistics 4 }etherStats2Entry OBJECT-TYPE SYNTAX EtherStats2Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Contains the RMON-2 augmentations to RMON-1." AUGMENTS { etherStatsEntry } ::= { etherStats2Table 1 }EtherStats2Entry ::= SEQUENCE { etherStatsDroppedFrames Counter32, etherStatsCreateTime LastCreateTime}etherStatsDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTIONWaldbusser Standards Track [Page 112]
RFC 4502 Remote Network Monitoring MIB May 2006 "The total number of frames that were received by the probe and therefore not accounted for in the *StatsDropEvents, but that the probe chose not to count for this entry for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { etherStats2Entry 1 }etherStatsCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this control entry was last activated. This can be used by the management station to ensure that the table has not been deleted and recreated between polls." ::= { etherStats2Entry 2 }historyControl2Table OBJECT-TYPE SYNTAX SEQUENCE OF HistoryControl2Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Contains the RMON-2 augmentations to RMON-1." ::= { history 5 }historyControl2Entry OBJECT-TYPE SYNTAX HistoryControl2Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Contains the RMON-2 augmentations to RMON-1." AUGMENTS { historyControlEntry } ::= { historyControl2Table 1 }HistoryControl2Entry ::= SEQUENCE { historyControlDroppedFrames Counter32}historyControlDroppedFrames OBJECT-TYPE SYNTAX Counter32Waldbusser Standards Track [Page 113]
RFC 4502 Remote Network Monitoring MIB May 2006 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of frames that were received by the probe and therefore not accounted for in the *StatsDropEvents, but that the probe chose not to count for this entry for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { historyControl2Entry 1 }hostControl2Table OBJECT-TYPE SYNTAX SEQUENCE OF HostControl2Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Contains the RMON-2 augmentations to RMON-1." ::= { hosts 4 }hostControl2Entry OBJECT-TYPE SYNTAX HostControl2Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Contains the RMON-2 augmentations to RMON-1." AUGMENTS { hostControlEntry } ::= { hostControl2Table 1 }HostControl2Entry ::= SEQUENCE { hostControlDroppedFrames Counter32, hostControlCreateTime LastCreateTime}hostControlDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of frames that were received by the probe and therefore not accounted for in the *StatsDropEvents, but that the probe chose not to count for this entry for whatever reason. Most often, this event occurs when theWaldbusser Standards Track [Page 114]
RFC 4502 Remote Network Monitoring MIB May 2006 probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { hostControl2Entry 1 }hostControlCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this control entry was last activated. This can be used by the management station to ensure that the table has not been deleted and recreated between polls." ::= { hostControl2Entry 2 }matrixControl2Table OBJECT-TYPE SYNTAX SEQUENCE OF MatrixControl2Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Contains the RMON-2 augmentations to RMON-1." ::= { matrix 4 }matrixControl2Entry OBJECT-TYPE SYNTAX MatrixControl2Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Contains the RMON-2 augmentations to RMON-1." AUGMENTS { matrixControlEntry } ::= { matrixControl2Table 1 }MatrixControl2Entry ::= SEQUENCE { matrixControlDroppedFrames Counter32, matrixControlCreateTime LastCreateTime}matrixControlDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTIONWaldbusser Standards Track [Page 115]
RFC 4502 Remote Network Monitoring MIB May 2006 "The total number of frames that were received by the probe and therefore not accounted for in the *StatsDropEvents, but that the probe chose not to count for this entry for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { matrixControl2Entry 1 }matrixControlCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this control entry was last activated. This can be used by the management station to ensure that the table has not been deleted and recreated between polls." ::= { matrixControl2Entry 2 }channel2Table OBJECT-TYPE SYNTAX SEQUENCE OF Channel2Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Contains the RMON-2 augmentations to RMON-1." ::= { filter 3 }channel2Entry OBJECT-TYPE SYNTAX Channel2Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Contains the RMON-2 augmentations to RMON-1." AUGMENTS { channelEntry } ::= { channel2Table 1 }Channel2Entry ::= SEQUENCE { channelDroppedFrames Counter32, channelCreateTime LastCreateTime}channelDroppedFrames OBJECT-TYPEWaldbusser Standards Track [Page 116]
RFC 4502 Remote Network Monitoring MIB May 2006 SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of frames that were received by the probe and therefore not accounted for in the *StatsDropEvents, but that the probe chose not to count for this entry for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { channel2Entry 1 }channelCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this control entry was last activated. This can be used by the management station to ensure that the table has not been deleted and recreated between polls." ::= { channel2Entry 2 }tokenRingMLStats2Table OBJECT-TYPE SYNTAX SEQUENCE OF TokenRingMLStats2Entry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "Contains the RMON-2 augmentations to RMON-1. This table has been deprecated, as it has not had enough independent implementations to demonstrate interoperability to meet the requirements of a Draft Standard." ::= { statistics 5 }tokenRingMLStats2Entry OBJECT-TYPE SYNTAX TokenRingMLStats2Entry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "Contains the RMON-2 augmentations to RMON-1." AUGMENTS { tokenRingMLStatsEntry }Waldbusser Standards Track [Page 117]
RFC 4502 Remote Network Monitoring MIB May 2006 ::= { tokenRingMLStats2Table 1 }TokenRingMLStats2Entry ::= SEQUENCE { tokenRingMLStatsDroppedFrames Counter32, tokenRingMLStatsCreateTime LastCreateTime}tokenRingMLStatsDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS deprecated DESCRIPTION "The total number of frames that were received by the probe and therefore not accounted for in the *StatsDropEvents, but that the probe chose not to count for this entry for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { tokenRingMLStats2Entry 1 }tokenRingMLStatsCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS deprecated DESCRIPTION "The value of sysUpTime when this control entry was last activated. This can be used by the management station to ensure that the table has not been deleted and recreated between polls." ::= { tokenRingMLStats2Entry 2 }tokenRingPStats2Table OBJECT-TYPE SYNTAX SEQUENCE OF TokenRingPStats2Entry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "Contains the RMON-2 augmentations to RMON-1. This table has been deprecated, as it has not had enough independent implementations to demonstrate interoperability to meet the requirements of a Draft Standard." ::= { statistics 6 }Waldbusser Standards Track [Page 118]
RFC 4502 Remote Network Monitoring MIB May 2006tokenRingPStats2Entry OBJECT-TYPE SYNTAX TokenRingPStats2Entry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "Contains the RMON-2 augmentations to RMON-1." AUGMENTS { tokenRingPStatsEntry } ::= { tokenRingPStats2Table 1 }TokenRingPStats2Entry ::= SEQUENCE { tokenRingPStatsDroppedFrames Counter32, tokenRingPStatsCreateTime LastCreateTime}tokenRingPStatsDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS deprecated DESCRIPTION "The total number of frames that were received by the probe and therefore not accounted for in the *StatsDropEvents, but that the probe chose not to count for this entry for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { tokenRingPStats2Entry 1 }tokenRingPStatsCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS deprecated DESCRIPTION "The value of sysUpTime when this control entry was last activated. This can be used by the management station to ensure that the table has not been deleted and recreated between polls." ::= { tokenRingPStats2Entry 2 }ringStationControl2Table OBJECT-TYPE SYNTAX SEQUENCE OF RingStationControl2Entry MAX-ACCESS not-accessible STATUS deprecatedWaldbusser Standards Track [Page 119]
RFC 4502 Remote Network Monitoring MIB May 2006 DESCRIPTION "Contains the RMON-2 augmentations to RMON-1. This table has been deprecated, as it has not had enough independent implementations to demonstrate interoperability to meet the requirements of a Draft Standard." ::= { tokenRing 7 }ringStationControl2Entry OBJECT-TYPE SYNTAX RingStationControl2Entry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "Contains the RMON-2 augmentations to RMON-1." AUGMENTS { ringStationControlEntry } ::= { ringStationControl2Table 1 }RingStationControl2Entry ::= SEQUENCE { ringStationControlDroppedFrames Counter32, ringStationControlCreateTime LastCreateTime}ringStationControlDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS deprecated DESCRIPTION "The total number of frames that were received by the probe and therefore not accounted for in the *StatsDropEvents, but that the probe chose not to count for this entry for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { ringStationControl2Entry 1 }ringStationControlCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS deprecated DESCRIPTION "The value of sysUpTime when this control entry was last activated. This can be used by the management station toWaldbusser Standards Track [Page 120]
RFC 4502 Remote Network Monitoring MIB May 2006 ensure that the table has not been deleted and recreated between polls." ::= { ringStationControl2Entry 2 }sourceRoutingStats2Table OBJECT-TYPE SYNTAX SEQUENCE OF SourceRoutingStats2Entry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "Contains the RMON-2 augmentations to RMON-1. This table has been deprecated, as it has not had enough independent implementations to demonstrate interoperability to meet the requirements of a Draft Standard." ::= { tokenRing 8 }sourceRoutingStats2Entry OBJECT-TYPE SYNTAX SourceRoutingStats2Entry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "Contains the RMON-2 augmentations to RMON-1." AUGMENTS { sourceRoutingStatsEntry } ::= { sourceRoutingStats2Table 1 }SourceRoutingStats2Entry ::= SEQUENCE { sourceRoutingStatsDroppedFrames Counter32, sourceRoutingStatsCreateTime LastCreateTime}sourceRoutingStatsDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS deprecated DESCRIPTION "The total number of frames that were received by the probe and therefore not accounted for in the *StatsDropEvents, but that the probe chose not to count for this entry for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { sourceRoutingStats2Entry 1 }Waldbusser Standards Track [Page 121]
RFC 4502 Remote Network Monitoring MIB May 2006sourceRoutingStatsCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS deprecated DESCRIPTION "The value of sysUpTime when this control entry was last activated. This can be used by the management station to ensure that the table has not been deleted and recreated between polls." ::= { sourceRoutingStats2Entry 2 }filter2Table OBJECT-TYPE SYNTAX SEQUENCE OF Filter2Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Provides a variable-length packet filter feature to the RMON-1 filter table." ::= { filter 4 }filter2Entry OBJECT-TYPE SYNTAX Filter2Entry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Provides a variable-length packet filter feature to the RMON-1 filter table." AUGMENTS { filterEntry } ::= { filter2Table 1 }Filter2Entry ::= SEQUENCE { filterProtocolDirDataLocalIndex Integer32, filterProtocolDirLocalIndex Integer32}filterProtocolDirDataLocalIndex OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "When this object is set to a non-zero value, the filter that it is associated with performs the following operations on every packet: 1) If the packet doesn't match the protocol directory entry identified by this object, discard the packet and exit (i.e., discard the packet if it is not of the identified protocol).Waldbusser Standards Track [Page 122]
RFC 4502 Remote Network Monitoring MIB May 2006 2) If the associated filterProtocolDirLocalIndex is non-zero and the packet doesn't match the protocol directory entry identified by that object, discard the packet and exit. 3) If the packet matches, perform the regular filter algorithm as if the beginning of this named protocol is the beginning of the packet, potentially applying the filterOffset value to move further into the packet." DEFVAL { 0 } ::= { filter2Entry 1 }filterProtocolDirLocalIndex OBJECT-TYPE SYNTAX Integer32 (0..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "When this object is set to a non-zero value, the filter that it is associated with will discard the packet if the packet doesn't match this protocol directory entry." DEFVAL { 0 } ::= { filter2Entry 2 }-- Conformance Macrosrmon2MIBCompliances OBJECT IDENTIFIER ::= { rmonConformance 1 }rmon2MIBGroups OBJECT IDENTIFIER ::= { rmonConformance 2 }rmon2MIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "Describes the requirements for conformance to the RMON2 MIB" MODULE -- this module MANDATORY-GROUPS { protocolDirectoryGroup, protocolDistributionGroup, addressMapGroup, nlHostGroup, nlMatrixGroup, usrHistoryGroup, probeInformationGroup } OBJECT nlMatrixTopNControlRateBase SYNTAX INTEGER { nlMatrixTopNPkts(1), nlMatrixTopNOctets(2) } DESCRIPTIONWaldbusser Standards Track [Page 123]
RFC 4502 Remote Network Monitoring MIB May 2006 "Conformance to RMON2 requires only support for these values of nlMatrixTopNControlRateBase." GROUP rmon1EnhancementGroup DESCRIPTION "The rmon1EnhancementGroup is mandatory for systems that implement RMON [RFC2819]." GROUP rmon1EthernetEnhancementGroup DESCRIPTION "The rmon1EthernetEnhancementGroup is optional and is appropriate for systems that implement the Ethernet group of RMON [RFC2819]." ::= { rmon2MIBCompliances 1 }rmon2MIBApplicationLayerCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "Describes the requirements for conformance to the RMON2 MIB with Application-Layer Enhancements." MODULE -- this module MANDATORY-GROUPS { protocolDirectoryGroup, protocolDistributionGroup, addressMapGroup, nlHostGroup, nlMatrixGroup, alHostGroup, alMatrixGroup, usrHistoryGroup, probeInformationGroup } OBJECT nlMatrixTopNControlRateBase SYNTAX INTEGER { nlMatrixTopNPkts(1), nlMatrixTopNOctets(2) } DESCRIPTION "Conformance to RMON2 requires only support for these values of nlMatrixTopNControlRateBase." OBJECT alMatrixTopNControlRateBase SYNTAX INTEGER { alMatrixTopNTerminalsPkts(1), alMatrixTopNTerminalsOctets(2), alMatrixTopNAllPkts(3), alMatrixTopNAllOctets(4) } DESCRIPTION "Conformance to RMON2 requires only support for theseWaldbusser Standards Track [Page 124]
RFC 4502 Remote Network Monitoring MIB May 2006 values of alMatrixTopNControlRateBase." GROUP rmon1EnhancementGroup DESCRIPTION "The rmon1EnhancementGroup is mandatory for systems that implement RMON [RFC2819]." GROUP rmon1EthernetEnhancementGroup DESCRIPTION "The rmon1EthernetEnhancementGroup is optional and is appropriate for systems that implement the Ethernet group of RMON [RFC2819]." ::= { rmon2MIBCompliances 2 }protocolDirectoryGroup OBJECT-GROUP OBJECTS { protocolDirLastChange, protocolDirLocalIndex, protocolDirDescr, protocolDirType, protocolDirAddressMapConfig, protocolDirHostConfig, protocolDirMatrixConfig, protocolDirOwner, protocolDirStatus } STATUS current DESCRIPTION "Lists the inventory of protocols the probe has the capability of monitoring and allows the addition, deletion, and configuration of entries in this list." ::= { rmon2MIBGroups 1 }protocolDistributionGroup OBJECT-GROUP OBJECTS { protocolDistControlDataSource, protocolDistControlDroppedFrames, protocolDistControlCreateTime, protocolDistControlOwner, protocolDistControlStatus, protocolDistStatsPkts, protocolDistStatsOctets } STATUS current DESCRIPTION "Collects the relative amounts of octets and packets for the different protocols detected on a network segment." ::= { rmon2MIBGroups 2 }addressMapGroup OBJECT-GROUP OBJECTS { addressMapInserts, addressMapDeletes, addressMapMaxDesiredEntries, addressMapControlDataSource, addressMapControlDroppedFrames, addressMapControlOwner, addressMapControlStatus, addressMapPhysicalAddress, addressMapLastChange } STATUS currentWaldbusser Standards Track [Page 125]
RFC 4502 Remote Network Monitoring MIB May 2006 DESCRIPTION "Lists MAC address to network address bindings discovered by the probe and what interface they were last seen on." ::= { rmon2MIBGroups 3 }nlHostGroup OBJECT-GROUP OBJECTS { hlHostControlDataSource, hlHostControlNlDroppedFrames, hlHostControlNlInserts, hlHostControlNlDeletes, hlHostControlNlMaxDesiredEntries, hlHostControlAlDroppedFrames, hlHostControlAlInserts, hlHostControlAlDeletes, hlHostControlAlMaxDesiredEntries, hlHostControlOwner, hlHostControlStatus, nlHostInPkts, nlHostOutPkts, nlHostInOctets, nlHostOutOctets, nlHostOutMacNonUnicastPkts, nlHostCreateTime } STATUS current DESCRIPTION "Counts the amount of traffic sent from and to each network address discovered by the probe. Note that while the hlHostControlTable also has objects that control an optional alHostTable, implementation of the alHostTable is not required to fully implement this group." ::= { rmon2MIBGroups 4 }nlMatrixGroup OBJECT-GROUP OBJECTS { hlMatrixControlDataSource, hlMatrixControlNlDroppedFrames, hlMatrixControlNlInserts, hlMatrixControlNlDeletes, hlMatrixControlNlMaxDesiredEntries, hlMatrixControlAlDroppedFrames, hlMatrixControlAlInserts, hlMatrixControlAlDeletes, hlMatrixControlAlMaxDesiredEntries, hlMatrixControlOwner, hlMatrixControlStatus, nlMatrixSDPkts, nlMatrixSDOctets, nlMatrixSDCreateTime, nlMatrixDSPkts, nlMatrixDSOctets, nlMatrixDSCreateTime, nlMatrixTopNControlMatrixIndex, nlMatrixTopNControlRateBase, nlMatrixTopNControlTimeRemaining, nlMatrixTopNControlGeneratedReports, nlMatrixTopNControlDuration, nlMatrixTopNControlRequestedSize, nlMatrixTopNControlGrantedSize, nlMatrixTopNControlStartTime, nlMatrixTopNControlOwner, nlMatrixTopNControlStatus, nlMatrixTopNProtocolDirLocalIndex, nlMatrixTopNSourceAddress, nlMatrixTopNDestAddress, nlMatrixTopNPktRate, nlMatrixTopNReversePktRate,Waldbusser Standards Track [Page 126]
RFC 4502 Remote Network Monitoring MIB May 2006 nlMatrixTopNOctetRate, nlMatrixTopNReverseOctetRate } STATUS current DESCRIPTION "Counts the amount of traffic sent between each pair of network addresses discovered by the probe. Note that while the hlMatrixControlTable also has objects that control optional alMatrixTables, implementation of the alMatrixTables is not required to fully implement this group." ::= { rmon2MIBGroups 5 }alHostGroup OBJECT-GROUP OBJECTS { alHostInPkts, alHostOutPkts, alHostInOctets, alHostOutOctets, alHostCreateTime } STATUS current DESCRIPTION "Counts the amount of traffic, by protocol, sent from and to each network address discovered by the probe. Implementation of this group requires implementation of the Network-Layer Host Group." ::= { rmon2MIBGroups 6 }alMatrixGroup OBJECT-GROUP OBJECTS { alMatrixSDPkts, alMatrixSDOctets, alMatrixSDCreateTime, alMatrixDSPkts, alMatrixDSOctets, alMatrixDSCreateTime, alMatrixTopNControlMatrixIndex, alMatrixTopNControlRateBase, alMatrixTopNControlTimeRemaining, alMatrixTopNControlGeneratedReports, alMatrixTopNControlDuration, alMatrixTopNControlRequestedSize, alMatrixTopNControlGrantedSize, alMatrixTopNControlStartTime, alMatrixTopNControlOwner, alMatrixTopNControlStatus, alMatrixTopNProtocolDirLocalIndex, alMatrixTopNSourceAddress, alMatrixTopNDestAddress, alMatrixTopNAppProtocolDirLocalIndex, alMatrixTopNPktRate, alMatrixTopNReversePktRate, alMatrixTopNOctetRate, alMatrixTopNReverseOctetRate } STATUS current DESCRIPTION "Counts the amount of traffic, by protocol, sent between each pair of network addresses discovered by the probe. Implementation of this group requires implementation of the Network-Layer Matrix Group." ::= { rmon2MIBGroups 7 }usrHistoryGroup OBJECT-GROUPWaldbusser Standards Track [Page 127]
RFC 4502 Remote Network Monitoring MIB May 2006 OBJECTS { usrHistoryControlObjects, usrHistoryControlBucketsRequested, usrHistoryControlBucketsGranted, usrHistoryControlInterval, usrHistoryControlOwner, usrHistoryControlStatus, usrHistoryObjectVariable, usrHistoryObjectSampleType, usrHistoryIntervalStart, usrHistoryIntervalEnd, usrHistoryAbsValue, usrHistoryValStatus } STATUS current DESCRIPTION "The usrHistoryGroup provides user-defined collection of historical information from MIB objects on the probe." ::= { rmon2MIBGroups 8 }probeInformationGroup OBJECT-GROUP OBJECTS { probeCapabilities, probeSoftwareRev, probeHardwareRev, probeDateTime } STATUS current DESCRIPTION "This group describes various operating parameters of the probe and controls the local time of the probe." ::= { rmon2MIBGroups 9 }probeConfigurationGroup OBJECT-GROUP OBJECTS { probeResetControl, probeDownloadFile, probeDownloadTFTPServer, probeDownloadAction, probeDownloadStatus, serialMode, serialProtocol, serialTimeout, serialModemInitString, serialModemHangUpString, serialModemConnectResp, serialModemNoConnectResp, serialDialoutTimeout, serialStatus, netConfigIPAddress, netConfigSubnetMask, netConfigStatus, netDefaultGateway, trapDestCommunity, trapDestProtocol, trapDestAddress, trapDestOwner, trapDestStatus, serialConnectDestIpAddress, serialConnectType, serialConnectDialString, serialConnectSwitchConnectSeq, serialConnectSwitchDisconnectSeq, serialConnectSwitchResetSeq, serialConnectOwner, serialConnectStatus } STATUS deprecated DESCRIPTION "This group controls the configuration of various operating parameters of the probe. This group is not referenced by any MODULE-COMPLIANCE macro because it is 'grandfathered' from more recent MIB review rules that would require it." ::= { rmon2MIBGroups 10 }Waldbusser Standards Track [Page 128]
RFC 4502 Remote Network Monitoring MIB May 2006rmon1EnhancementGroup OBJECT-GROUP OBJECTS { historyControlDroppedFrames, hostControlDroppedFrames, hostControlCreateTime, matrixControlDroppedFrames, matrixControlCreateTime, channelDroppedFrames, channelCreateTime, filterProtocolDirDataLocalIndex, filterProtocolDirLocalIndex } STATUS current DESCRIPTION "This group adds some enhancements to RMON-1 that help management stations." ::= { rmon2MIBGroups 11 }rmon1EthernetEnhancementGroup OBJECT-GROUP OBJECTS { etherStatsDroppedFrames, etherStatsCreateTime } STATUS current DESCRIPTION "This group adds some enhancements to RMON-1 that help management stations." ::= { rmon2MIBGroups 12 }rmon1TokenRingEnhancementGroup OBJECT-GROUP OBJECTS { tokenRingMLStatsDroppedFrames, tokenRingMLStatsCreateTime, tokenRingPStatsDroppedFrames, tokenRingPStatsCreateTime, ringStationControlDroppedFrames, ringStationControlCreateTime, sourceRoutingStatsDroppedFrames, sourceRoutingStatsCreateTime } STATUS deprecated DESCRIPTION "This group adds some enhancements to RMON-1 that help management stations. This group is not referenced by any MODULE-COMPLIANCE macro because it is 'grandfathered' from more recent MIB review rules that would require it." ::= { rmon2MIBGroups 13 }ENDWaldbusser Standards Track [Page 129]
RFC 4502 Remote Network Monitoring MIB May 20067. Security Considerations In order to implement this MIB, a probe must capture all packets on the locally-attached network, including packets between third parties. These packets are analyzed to collect network addresses, protocol usage information, and conversation statistics. Data of this nature may be considered sensitive in some environments. In such environments, the administrator may wish to restrict SNMP access to the probe. The usrHistoryGroup periodically samples the values of user-specified variables on the probe and stores them in another table. Since the access-control specified for a stored snapshot may be different from the access-control for the sampled variable, the agent MUST ensure that usrHistoryObjectVariable is not writable in MIB views that don't already have read access to the entire agent. Because the access control configuration can change over time, information could later be deemed sensitive that would still be accessible to this function. For this reason, an agent SHOULD check the access control on every sample. If an agent doesn't implement the latter check, there is potential for sensitive information to be revealed. A probe implementing this MIB is likely to also implement RMON [RFC2819], which includes functions for returning the contents of captured packets, potentially including sensitive user data or passwords. It is recommended that SNMP access to these functions be restricted. There are a number of management objects defined in this MIB that have a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPSec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module.Waldbusser Standards Track [Page 130]
RFC 4502 Remote Network Monitoring MIB May 2006 It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see[RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy). Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them.Waldbusser Standards Track [Page 131]
RFC 4502 Remote Network Monitoring MIB May 20068. Appendix - TimeFilter Implementation Notes 1) Theory of Operation The TimeFilter mechanism allows an NMS to reduce the number of SNMP transactions required for a 'table-update' operation, by retrieving only the rows that have changed since a specified time (usually the last poll time). Polling of tables that incorporate a 'TimeFilter' INDEX can be reduced to a theoretical minimum (if used correctly). It can be easily implemented by an agent in a way independent of the number of NMS applications using the same time-filtered table. Although the name 'TimeFilter' may imply that a history of change events is maintained by the agent, this is not the case. A time- filtered-value represents the current value of the object instance, not the 'saved' value at the time indicated by the TimeFilter INDEX value. Note that TimeFilter objects only appear in INDEX clauses (always not-accessible), so their value is never retrieved. By design, the actual value of a TimeFilter instance is not in itself meaningful (it's not a 'last-change-timestamp'). The TimeFilter is a boolean filtering function applied in internal Get* PDU processing. If the 'last-change-time' of the specified instance is less than the particular TimeFilter INDEX value, then the instance is considered 'not-present', and either it is skipped for GetNext and GetBulk PDUs, or a 'noSuchInstance' exception is returned for Get PDUs. For TimeFilter purposes: - a row is created when an accessible column is created within the row. - a column that is created or deleted causes the TimeFilter to update the time-stamp, only because the value of the column is changing (non-existent <-> some value). - a row is deleted when all accessible columns are deleted. This event is not detectable with TimeFilter, and deleted rows are not retrievable with SNMP. 1.1) Agent Implementation of a Time-Filtered Table In implementation, the time-filtered rows (one for each tick of sysUpTime) are only conceptual. The agent simply filters a real table based on: * the current value of sysUpTime,Waldbusser Standards Track [Page 132]
RFC 4502 Remote Network Monitoring MIB May 2006 * the TimeFilter value passed in the varbind, and * the last-update timestamp of each requested row (agent implementation requirement). For example, to implement a time-filtered table row (e.g., set of counters), an agent maintains a timestamp in a 32-bit storage location, initialized to zero. This is in addition to whatever instrumentation is needed for the set of counters. Each time one of the counters is updated, the current value of sysUpTime is recorded in the associated timestamp. If this is not possible or practical, then a background polling process must 'refresh' the timestamp by sampling counter values and comparing them to recorded samples. The timestamp update must occur within 5 seconds of the actual change event. When an agent receives a Get, GetNext, or GetBulk PDU requesting a time-filtered instance, after the agent has determined that the instance is within the specified MIB view, the following conceptual test is applied to determine if the object is returned or filtered: /* return TRUE if the object is present */ boolean time_filter_test ( TimeFilter last_modified_timestamp, TimeFilter index_value_in_pdu ) { if (last_modified_timestamp < index_value_in_pdu) return FALSE; else return TRUE; } The agent applies this function regardless of the lastActivationTime of the conceptual row in question. In other words, counter discontinuities are ignored (i.e., a conceptual row is deleted and then re-created later). An agent should consider an object instance 'changed' when it is created (either at restart time for scalars and static objects, or row-creation-time for dynamic tables). Note that using a timeFilter INDEX value of zero removes the filtering functionality, as the instance will always be 'present' according to the test above. After some deployment experience, it has been determined that a time-filtered table is more efficient to use if the agent stops a MIB walk operation after one time-filtered entry. That is, a GetNext or GetBulk operation will provide one pass through a given table (i.e.,Waldbusser Standards Track [Page 133]
RFC 4502 Remote Network Monitoring MIB May 2006 the agent will continue to the next object or table) instead of incrementing a TimeMark INDEX value, even if there exist higher TimeMark values that are valid for the same conceptual row. It is acceptable for an agent to implement a time-filtered table in this manner or in the traditional manner (i.e., every conceptual time-filtered instance is returned in GetNext and GetBulk PDU responses). 1.2) NMS Implementation of a Time-Filtered Table The particular TimeFilter INDEX values used by an NMS reflect the polling interval of the NMS, relative to the particular agent's notion of sysUpTime. An NMS needs to maintain one timestamp variable per agent (initialized to zero) for an arbitrary group of time-filtered MIB objects that are gathered together in the same PDU. Each time the Get* PDU is sent, a request for sysUpTime is included. The retrieved sysUpTime value is used as the timeFilter value in the next polling cycle. If a polling sweep of a time-filtered group of objects requires more than one SNMP transaction, then the sysUpTime value retrieved in the first GetResponse PDU of the polling sweep is saved as the next timeFilter value. The actual last-update time of a given object is not indicated in the returned GetResponse instance identifier, but rather the timeFilter value passed in the Get*Request PDU is returned. A "time-filtered get-next/bulk-sweep", done once per polling cycle, is a series of GetNext or GetBulk transactions and is over when one of the following events occurs: 1) the TimeFilter index value returned in the GetResponse is different from the TimeFilter index value passed in the GetNext or GetBulk request. Counter values will still be returned beyond this point (until the last-change-time is reached), but most likely the same values will be returned. 2) the return PDU includes instances lexigraphically greater than the objects expected (i.e., same GetNext semantics as if the TimeFilter weren't there). 3) a noSuchName or other exception/error is returned. Note that the use of a time-filtered table in combination with a GetRequest PDU neutralizes any optimization that otherwise might be achieved with the TimeFilter. Either the current time-filteredWaldbusser Standards Track [Page 134]
RFC 4502 Remote Network Monitoring MIB May 2006 object-value is returned, or, if there is no time-filtered object- value instance, then a 'noSuchInstance' exception (SNMPv2c or SNMPv3) or 'noSuchName' error (SNMPv1) is returned. 2) TimeFilter Example The following example demonstrates how an NMS and Agent might use a table with a TimeFilter object in the INDEX. A static table is assumed to keep the example simple, but dynamic tables can also be supported. 2.1) General Assumptions fooEntry INDEX { fooTimeMark, fooIfIndex } FooEntry = SEQUENCE { fooTimeMark TimeFilter, fooIfIndex Integer32, fooCounts Counter32 } The NMS polls the fooTable every 15 seconds, and the baseline poll occurs when the agent has been up for 6 seconds, and when the NMS has been up for 10 seconds. There are 2 static rows in this table at system initialization (fooCounts.0.1 and fooCounts.0.2). Row 1 was updated as follows: SysUpTime fooCounts.*.1 value 500 1 900 2 2300 3 Row 2 was updated as follows: SysUpTime fooCounts.*.2 value 1100 1 1400 2 2.2) SNMP Transactions from NMS Perspective Time nms-1000: # NMS baseline poll -- get everything since last agent # restart - TimeFilter == 0 get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0, fooCounts.0);Waldbusser Standards Track [Page 135]
RFC 4502 Remote Network Monitoring MIB May 2006 returns: sysUpTime.0 == 600 fooCounts.0.1 == 1 # incremented at time 500 fooCounts.0.2 == 0 # visible; created at time 0 Time nms-2500: # NMS 1st poll # TimeFilter index == 600 get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0, fooCounts.600); returns: sysUpTime.0 == 2100 fooCounts.600.1 == 2 # incremented at time 900 fooCounts.601.1 == 2 # indicates end of sweep Time nms-4000: # NMS 2nd poll # TimeFilter == 2100 get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0, fooCounts.2100); returns: sysUpTime.0 == 3600 fooCounts.2100.1 == 3 # incremented at time 2300 fooCounts.2102.1 == 3 # indicates end-of-sweep # the counter value for row 2 is not returned because # it hasn't changed since sysUpTime == 2100. # The next timetick value for row 1 is returned instead Time nms-5500: # NMS 3rd poll # TimeFilter == 3600 get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0, fooCounts.3600); returns: sysUpTime.0 == 5100 some-instance-outside-the-fooTable == <don't care> some-instance-outside-the-fooTable == <don't care> # no 'fooTable' counter values at all are returned # because neither counter has been updated since # sysUpTime == 3600Waldbusser Standards Track [Page 136]
RFC 4502 Remote Network Monitoring MIB May 2006 2.3) Transactions and TimeFilter Maintenance: Agent Perspective Time agt-0: # initialize fooTable fooCounts.1 = 0; changed.1 = 0; fooCounts.2 = 0; changed.2 = 0; Time agt-500: # increment fooCounts.1 ++fooCounts.1; changed.1 = 500; Time agt-600 # answer get-bulk # get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0, # fooCounts.0); # (changed >= 0) # return both counters Time agt-900: # increment fooCounts.1 ++fooCounts.1; changed.1 = 900; Time agt-1100: # increment fooCounts.2 ++fooCounts.2; changed.2 = 1100; Time agt-1400: # increment fooCounts.2 ++fooCounts.2; changed.2 = 1400; Time agt-2100 # answer get-bulk # get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0, # fooCounts.600); # (changed >= 600) # return both counters Time agt-2300: # increment fooCounts.1 ++fooCounts.1; changed.1 = 2300; Time agt-3600: # answer get-bulk # get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0, # fooCounts.2100); # (changed >= 2100) # return only fooCounts.1 from the fooTable--twiceWaldbusser Standards Track [Page 137]
RFC 4502 Remote Network Monitoring MIB May 2006 Time agt-5100: # answer get-bulk # get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0, # fooCounts.3600); # (changed >= 3600) # return lexigraphically-next two MIB instances9. Changes sinceRFC 2021 This version obsoletes the proposed-standard version of the RMON2 MIB (published asRFC 2021) by adding 2 new enumerations to the nlMatrixTopNControlRateBase object and 4 new enumerations to the alMatrixTopNControlRateBase object. These new enumerations support the creation of high capacity top N reports in the High Capacity RMON MIB [RFC3273]. Additionally, the following objects have been deprecated, as they have not had enough independent implementations to demonstrate interoperability to meet the requirements of a Draft Standard: probeDownloadFile probeDownloadTFTPServer probeDownloadAction probeDownloadStatus serialMode serialProtocol serialTimeout serialModemInitString serialModemHangUpString serialModemConnectResp serialModemNoConnectResp serialDialoutTimeout serialStatus serialConnectDestIpAddress serialConnectType serialConnectDialString serialConnectSwitchConnectSeq serialConnectSwitchDisconnectSeq serialConnectSwitchResetSeq serialConnectOwner serialConnectStatus netConfigIPAddress netConfigSubnetMask netConfigStatus netDefaultGateway tokenRingMLStats2DroppedFrames tokenRingMLStats2CreateTime tokenRingPStats2DroppedFramesWaldbusser Standards Track [Page 138]
RFC 4502 Remote Network Monitoring MIB May 2006 tokenRingPStats2CreateTime ringStationControl2DroppedFrames ringStationControl2CreateTime sourceRoutingStats2DroppedFrames sourceRoutingStats2CreateTime trapDestIndex trapDestCommunity trapDestProtocol trapDestAddress trapDestOwner trapDestStatus In addition, two corrections were made. The LastCreateTime Textual Convention had been defined with a base type of another textual convention, which isn't allowed in SMIv2. The definition has been modified to use TimeTicks as the base type. Further, the SerialConfigEntry SEQUENCE definition included sub- typing information that is not allowed in SMIv2. This information has been deleted. Ranges were added to a number of objects and textual-conventions to constrain their maximum (and sometimes minimum) sizes. The addition of these ranges documents existing practice for these objects. These objects are: ControlString protocolDirID protocolDirParameters addressMapNetworkAddress nlHostAddress nlMatrixSDSourceAddress nlMatrixSDDestAddress nlMatrixDSSourceAddress nlMatrixDSDestAddress nlMatrixTopNSourceAddress nlMatrixTopNDestAddress alHostEntry alMatrixSDEntry alMatrixDSEntry alMatrixTopNSourceAddress alMatrixTopNDestAddress Finally, the TimeFilter TC has been updated to encourage agent implementations that allow a MIB walk to behave well even when performed by an application that is not aware of the special TimeFilter semantics.Waldbusser Standards Track [Page 139]
RFC 4502 Remote Network Monitoring MIB May 200610. Acknowledgements This document was produced by the IETF Remote Network Monitoring Working Group. The TimeFilter mechanism was invented and documented by Jeanne Haney and further documented by Andy Bierman. The User History group was created by Andy Bierman.11. References11.1. Normative References [RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Structure of Management Information Version 2 (SMIv2)", STD 58,RFC 2578, April 1999. [RFC2579] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Textual Conventions for SMIv2", STD 58,RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58,RFC 2580, April 1999. [RFC2819] Waldbusser, S., "Remote Network Monitoring Management Information Base", STD 59,RFC 2819, May 2000. [RFC3273] Waldbusser, S., "Remote Network Monitoring Management Information Base for High Capacity Networks",RFC 3273, July 2002. [RFC3417] Presuhn, R., "Transport Mappings for the Simple Network Management Protocol (SNMP)", STD 62,RFC 3417, December 2002. [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB",RFC 2863, June 2000. [RFC1513] Waldbusser, S., "Token Ring Extensions to the Remote Network Monitoring MIB",RFC 1513, September 1993.11.2. Informative References [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet- Standard Management Framework",RFC 3410, December 2002.Waldbusser Standards Track [Page 140]
RFC 4502 Remote Network Monitoring MIB May 2006 [RFC2108] de Graaf, K., Romascanu, D., McMaster, D., and K. McCloghrie, "Definitions of Managed Objects for IEEE 802.3 Repeater Devices using SMIv2",RFC 2108, February 1997. [RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", STD 62,RFC 3414, December 2002. [RFC3415] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", STD 62,RFC 3415, December 2002.Author's Address Steve Waldbusser Phone: +1 650-948-6500 Fax: +1 650-745-0671 EMail: waldbusser@nextbeacon.comWaldbusser Standards Track [Page 141]
RFC 4502 Remote Network Monitoring MIB May 2006Full Copyright Statement Copyright (C) The Internet Society (2006). This document is subject to the rights, licenses and restrictions contained inBCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found inBCP 78 andBCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository athttp://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.Acknowledgement Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA).Waldbusser Standards Track [Page 142]
[8]ページ先頭