draft-ietf-rmonmib-rmon2-v2-02.txt   draft-ietf-rmonmib-rmon2-v2-03.txt 
Remote Network Monitoring Remote Network Monitoring
Management Information Base Management Information Base
Version 2 Version 2
<draft-ietf-rmonmib-rmon2-v2-02.txt> <draft-ietf-rmonmib-rmon2-v2-03.txt>
October 6, 2004 July 14, 2005
Steven Waldbusser Steven Waldbusser
waldbusser@nextbeacon.com waldbusser@nextbeacon.com
Status of this Memo Status of this Memo
By submitting this Internet-Draft, I certify that any applicable This document is an Internet-Draft and is subject to all
patent or other IPR claims of which I am aware have been disclosed, provisions of Section 3 of RFC 3978.
and any of which I become aware will be disclosed, in accordance with
RFC 3668.
This document is an Internet-Draft and is in full By submitting this Internet-Draft, each author represents
conformance with all provisions of Section 10 of RFC2026. that any applicable patent or other IPR claims of which he
or she is aware have been or will be disclosed, and any of
which he or she becomes aware will be disclosed, in
accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Internet-Drafts are working documents of the Internet
Engineering Task Force (IETF), its areas, and its working Engineering Task Force (IETF), its areas, and its working
groups. Note that other groups may also distribute working groups. Note that other groups may also distribute working
documents as Internet-Drafts. documents as Internet-Drafts.
This document may not be modified, and derivative works of
it may not be created, except to publish it as an RFC and
to translate it into languages other than English other
than to extract section 6 as-is for separate use.
Internet-Drafts are draft documents valid for a maximum of Internet-Drafts are draft documents valid for a maximum of
six months and may be updated, replaced, or obsoleted by six months and may be updated, replaced, or obsoleted by
other documents at any time. It is inappropriate to use other documents at any time. It is inappropriate to use
Internet- Drafts as reference material or to cite them Internet-Drafts as reference material or to cite them other
other than as "work in progress". than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be The list of Internet-Draft Shadow Directories can be
accessed at http://www.ietf.org/shadow.html. accessed at http://www.ietf.org/shadow.html.
This Internet-Draft will expire on January 14, 2006.
Distribution of this document is unlimited. Please send Distribution of this document is unlimited. Please send
comments to the RMON WG mailing list <rmonmib@ietf.org>. comments to the RMON WG mailing list <rmonmib@ietf.org>.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2004). Copyright (C) The Internet Society (2005).
Abstract Abstract
This document defines a portion of the Management This document defines a portion of the Management
Information Base (MIB) for use with network management Information Base (MIB) for use with network management
protocols in TCP/IP-based internets. In particular, it protocols in TCP/IP-based internets. In particular, it
defines objects for managing remote network monitoring defines objects for managing remote network monitoring
devices. devices.
This document obsoletes RFC 2021 and the RMON2-MIB module This document obsoletes RFC 2021 and the RMON2-MIB module
skipping to change at page 2, line ? skipping to change at page 2, line ?
RFC3273 level. RFC3273 level.
XXX Note To RFC Editor: XXX Note To RFC Editor:
Please replace the module at: Please replace the module at:
ftp://ftp.rfc-editor.org/in-notes/mibs/current.mibs/rmon2.mib ftp://ftp.rfc-editor.org/in-notes/mibs/current.mibs/rmon2.mib
with the RMON2-MIB module in this document with the RMON2-MIB module in this document
XXX XXX
Table of Contents Table of Contents
1 The Internet-Standard Management Framework ............ 3 1 The Internet-Standard Management Framework ............ 4
2 Overview .............................................. 4 2 Overview .............................................. 5
2.1 Remote Network Management Goals ..................... 4 2.1 Remote Network Management Goals ..................... 5
2.2 Structure of MIB .................................... 6 2.2 Structure of MIB .................................... 7
3 Control of Remote Network Monitoring Devices .......... 8 3 Control of Remote Network Monitoring Devices .......... 9
3.1 Resource Sharing Among Multiple Management Sta- 3.1 Resource Sharing Among Multiple Management StaĦ
tions .............................................. 8 tions .............................................. 9
3.2 Row Addition Among Multiple Management Stations ..... 10 3.2 Row Addition Among Multiple Management Stations ..... 11
4 Conventions ........................................... 12 4 Conventions ........................................... 13
5 RMON 2 Conventions .................................... 13 5 RMON 2 Conventions .................................... 14
5.1 Usage of the term Application Level ................. 13 5.1 Usage of the term Application Level ................. 14
5.2 Protocol Directory and Limited Extensibility ........ 13 5.2 Protocol Directory and Limited Extensibility ........ 14
5.3 Errors in packets ................................... 14 5.3 Errors in packets ................................... 15
6 Definitions ........................................... 14 6 Definitions ........................................... 15
7 Security Considerations ............................... 140 7 Security Considerations ............................... 142
8 Appendix - TimeFilter Implementation Notes ............ 142 8 IANA Considerations ................................... 143
9 Changes since RFC 2021 ................................ 148 9 Appendix - TimeFilter Implementation Notes ............ 144
10 Acknowledgments ...................................... 150 10 Changes since RFC 2021 ............................... 150
11 Author's Address ..................................... 150 11 Acknowledgments ...................................... 153
12 References ........................................... 151 12 Author's Address ..................................... 153
12.1 Normative References ............................... 151 13 References ........................................... 154
12.2 Informative References ............................. 151 13.1 Normative References ............................... 154
13 Full Copyright Statement ............................. 152 13.2 Informative References ............................. 154
14 Full Copyright Statement ............................. 155
1. The Internet-Standard Management Framework 1. The Internet-Standard Management Framework
For a detailed overview of the documents that describe the For a detailed overview of the documents that describe the
current Internet-Standard Management Framework, please current Internet-Standard Management Framework, please
refer to section 7 of RFC 3410 [RFC3410]. refer to section 7 of RFC 3410 [RFC3410].
Managed objects are accessed via a virtual information Managed objects are accessed via a virtual information
store, termed the Management Information Base or MIB. MIB store, termed the Management Information Base or MIB. MIB
objects are generally accessed through the Simple Network objects are generally accessed through the Simple Network
skipping to change at page 15, line 8 skipping to change at page 16, line 8
OwnerString, statistics, history, hosts, OwnerString, statistics, history, hosts,
matrix, filter, etherStatsEntry, historyControlEntry, matrix, filter, etherStatsEntry, historyControlEntry,
hostControlEntry, matrixControlEntry, filterEntry, hostControlEntry, matrixControlEntry, filterEntry,
channelEntry FROM RMON-MIB channelEntry FROM RMON-MIB
tokenRing, tokenRingMLStatsEntry, tokenRingPStatsEntry, tokenRing, tokenRingMLStatsEntry, tokenRingPStatsEntry,
ringStationControlEntry, sourceRoutingStatsEntry ringStationControlEntry, sourceRoutingStatsEntry
FROM TOKEN-RING-RMON-MIB; FROM TOKEN-RING-RMON-MIB;
-- Remote Network Monitoring MIB -- Remote Network Monitoring MIB
rmon MODULE-IDENTITY rmon MODULE-IDENTITY
LAST-UPDATED "200410051500Z" -- October 5, 2004 LAST-UPDATED "200507141500Z" -- July 14, 2005
ORGANIZATION "IETF RMON MIB Working Group" ORGANIZATION "IETF RMON MIB Working Group"
CONTACT-INFO CONTACT-INFO
"Author: "Author:
Steve Waldbusser Steve Waldbusser
Phone: +1-650-948-6500 Phone: +1-650-948-6500
Fax : +1-650-745-0671 Fax : +1-650-745-0671
Email: waldbusser@nextbeacon.com Email: waldbusser@nextbeacon.com
Working Group Chair: Working Group Chair:
Andy Bierman Andy Bierman
Cisco Systems, Inc. E-mail: ietf@andybierman.com
Postal: 170 West Tasman Drive
San Jose, CA USA 95134
Tel: +1 408 527-3711
E-mail: abierman@cisco.com
Working Group Mailing List: <rmonmib@ietf.org> Working Group Mailing List: <rmonmib@ietf.org>
To subscribe send email to: <rmonmib-request@ietf.org> " To subscribe send email to: <rmonmib-request@ietf.org> "
DESCRIPTION DESCRIPTION
"The MIB module for managing remote monitoring "The MIB module for managing remote monitoring
device implementations. This MIB module device implementations. This MIB module
extends the architecture introduced in the original extends the architecture introduced in the original
RMON MIB as specified in RFC 2819. RMON MIB as specified in RFC 2819.
Copyright (C) The Internet Society (2004). This version of Copyright (C) The Internet Society (2005). This version of
this MIB module is part of RFC yyyy; see the RFC itself for this MIB module is part of RFC yyyy; see the RFC itself for
full legal notices." full legal notices."
REVISION "200410051500Z" -- October 5, 2004 REVISION "200507141500Z" -- July 14, 2005
DESCRIPTION DESCRIPTION
"This version updates the proposed-standard version of the "This version updates the proposed-standard version of the
RMON2 MIB (published as RFC 2021) by adding 2 new enumerations RMON2 MIB (published as RFC 2021) by adding 2 new enumerations
to the nlMatrixTopNControlRateBase object and 4 new to the nlMatrixTopNControlRateBase object and 4 new
enumerations to the alMatrixTopNControlRateBase object. These enumerations to the alMatrixTopNControlRateBase object. These
new enumerations support the creation of high capacity topN new enumerations support the creation of high capacity topN
reports in the High Capacity RMON MIB [RFC3273]. reports in the High Capacity RMON MIB [RFC3273].
Additionally, the following object have been deprecated as Additionally, the following objects have been deprecated as
they have not had enough independent implementations to they have not had enough independent implementations to
demonstrate interoperability to meet the requirements of a demonstrate interoperability to meet the requirements of a
Draft Standard: Draft Standard:
probeDownloadFile probeDownloadFile
probeDownloadTFTPServer probeDownloadTFTPServer
probeDownloadAction probeDownloadAction
probeDownloadStatus probeDownloadStatus
serialMode serialMode
serialProtocol serialProtocol
skipping to change at page 16, line 39 skipping to change at page 17, line 35
netConfigStatus netConfigStatus
netDefaultGateway netDefaultGateway
tokenRingMLStats2DroppedFrames tokenRingMLStats2DroppedFrames
tokenRingMLStats2CreateTime tokenRingMLStats2CreateTime
tokenRingPStats2DroppedFrames tokenRingPStats2DroppedFrames
tokenRingPStats2CreateTime tokenRingPStats2CreateTime
ringStationControl2DroppedFrames ringStationControl2DroppedFrames
ringStationControl2CreateTime ringStationControl2CreateTime
sourceRoutingStats2DroppedFrames sourceRoutingStats2DroppedFrames
sourceRoutingStats2CreateTime sourceRoutingStats2CreateTime
trapDestIndex
trapDestCommunity
trapDestProtocol
trapDestAddress
trapDestOwner
trapDestStatus
In addition, two corrections were made. The LastCreateTime In addition, two corrections were made. The LastCreateTime
Textual Convention had been defined with a base type of Textual Convention had been defined with a base type of
another textual convention which isn't allowed in SMIv2. The another textual convention which isn't allowed in SMIv2. The
definition has been modified to use TimeTicks as the base definition has been modified to use TimeTicks as the base
type. type.
Further, the SerialConfigEntry SEQUENCE definition included Further, the SerialConfigEntry SEQUENCE definition included
sub-typing information that is not allowed in SMIv2. This sub-typing information that is not allowed in SMIv2. This
information has been deleted. Ranges were added to a number of information has been deleted. Ranges were added to a number of
objects and textual-conventions to constrain their maximum objects and textual-conventions to constrain their maximum
(and sometimes minimum) sizes: (and sometimes minimum) sizes. The addition of these ranges
documents existing practice for these objects. These objects
are:
ControlString ControlString
protocolDirID protocolDirID
protocolDirParameters protocolDirParameters
addressMapNetworkAddress addressMapNetworkAddress
nlHostAddress nlHostAddress
nlMatrixSDSourceAddress nlMatrixSDSourceAddress
nlMatrixSDDestAddress nlMatrixSDDestAddress
nlMatrixDSSourceAddress nlMatrixDSSourceAddress
nlMatrixDSDestAddress nlMatrixDSDestAddress
nlMatrixTopNSourceAddress nlMatrixTopNSourceAddress
skipping to change at page 19, line 8 skipping to change at page 21, line 8
of TimeStamp objects do not change. This can lead to of TimeStamp objects do not change. This can lead to
ambiguities in the value of TimeStamp objects." ambiguities in the value of TimeStamp objects."
SYNTAX TimeTicks SYNTAX TimeTicks
TimeFilter ::= TEXTUAL-CONVENTION TimeFilter ::= TEXTUAL-CONVENTION
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"To be used for the index to a table. Allows an application "To be used for the index to a table. Allows an application
to download only those rows changed since a particular time. to download only those rows changed since a particular time.
A row is considered changed if the value of any object in the A row is considered changed if the value of any object in the
row changes or if the row is created or deleted. row changes, if the row is created, or if any object in the
row is created or deleted. Note that deleted rows cannot be
detected or downloaded.
When sysUpTime is equal to zero, this table shall be empty. When sysUpTime is equal to zero, this table shall be empty.
One entry exists for each past value of sysUpTime, except that One entry exists for each past value of sysUpTime, except that
the whole table is purged should sysUpTime wrap. the whole table is purged should sysUpTime wrap.
As this basic row is updated new conceptual rows are created As this basic row is updated new conceptual rows are created
(which still share the now updated object values with all (which still share the now updated object values with all
other instances). The number of instances which are created other instances). The number of instances which are created
is determined by the value of sysUpTime at which the basic row is determined by the value of sysUpTime at which the basic row
skipping to change at page 41, line 19 skipping to change at page 43, line 19
-- discovered by the probe. -- discovered by the probe.
-- Note that while the hlHostControlTable also has objects that -- Note that while the hlHostControlTable also has objects that
-- control an optional alHostTable, implementation of the alHostTable is -- control an optional alHostTable, implementation of the alHostTable is
-- not required to fully implement this group. -- not required to fully implement this group.
hlHostControlTable OBJECT-TYPE hlHostControlTable OBJECT-TYPE
SYNTAX SEQUENCE OF HlHostControlEntry SYNTAX SEQUENCE OF HlHostControlEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A list of higher layer (i.e. non-MAC) host table control entries. "A list of higher layer (i.e. non-MAC) host table control
entries.
These entries will enable the collection of the network and These entries will enable the collection of the network and
application level host tables indexed by network addresses. application level host tables indexed by network addresses.
Both the network and application level host tables are Both the network and application level host tables are
controlled by this table is so that they will both be created controlled by this table is so that they will both be created
and deleted at the same time, further increasing the ease with and deleted at the same time, further increasing the ease with
which they can be implemented as a single datastore (note that which they can be implemented as a single datastore (note that
if an implementation stores application layer host records in if an implementation stores application layer host records in
memory, it can derive network layer host records from them). memory, it can derive network layer host records from them).
skipping to change at page 116, line 21 skipping to change at page 118, line 21
trapDestAddress OBJECT-TYPE trapDestAddress OBJECT-TYPE
SYNTAX OCTET STRING SYNTAX OCTET STRING
MAX-ACCESS read-create MAX-ACCESS read-create
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"The address to send traps on behalf of this entry. "The address to send traps on behalf of this entry.
If the associated trapDestProtocol object is equal to ip(1), If the associated trapDestProtocol object is equal to ip(1),
the encoding of this object is the same as the snmpUDPAddress the encoding of this object is the same as the snmpUDPAddress
textual convention in [RFC1906]: textual convention in RFC 3417 "Transport Mappings for the
Simple Network Management Protocol(SNMP)" [RFC3417]:
-- for a SnmpUDPAddress of length 6: -- for a SnmpUDPAddress of length 6:
-- --
-- octets contents encoding -- octets contents encoding
-- 1-4 IP-address network-byte order -- 1-4 IP-address network-byte order
-- 5-6 UDP-port network-byte order -- 5-6 UDP-port network-byte order
If the associated trapDestProtocol object is equal to ipx(2), If the associated trapDestProtocol object is equal to ipx(2),
the encoding of this object is the same as the snmpIPXAddress the encoding of this object is the same as the snmpIPXAddress
textual convention in [RFC1906]: textual convention in RFC 3417 "Transport Mappings for the
Simple Network Management Protocol(SNMP)" [RFC3417]:
-- for a SnmpIPXAddress of length 12: -- for a SnmpIPXAddress of length 12:
-- --
-- octets contents encoding -- octets contents encoding
-- 1-4 network-number network-byte order -- 1-4 network-number network-byte order
-- 5-10 physical-address network-byte order -- 5-10 physical-address network-byte order
-- 11-12 socket-number network-byte order -- 11-12 socket-number network-byte order
This object may not be modified if the associated This object may not be modified if the associated
trapDestStatus object is equal to active(1)." trapDestStatus object is equal to active(1)."
::= { trapDestEntry 4 } ::= { trapDestEntry 4 }
skipping to change at page 128, line 4 skipping to change at page 130, line 6
Note that, unlike the dropEvents counter, this number is the Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped." exact number of frames dropped."
::= { tokenRingMLStats2Entry 1 } ::= { tokenRingMLStats2Entry 1 }
tokenRingMLStatsCreateTime OBJECT-TYPE tokenRingMLStatsCreateTime OBJECT-TYPE
SYNTAX LastCreateTime SYNTAX LastCreateTime
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"The value of sysUpTime when this control entry was last activated. "The value of sysUpTime when this control entry was last
This can be used by the management station to ensure that the activated. This can be used by the management station to
table has not been deleted and recreated between polls." ensure that the table has not been deleted and recreated
between polls."
::= { tokenRingMLStats2Entry 2 } ::= { tokenRingMLStats2Entry 2 }
tokenRingPStats2Table OBJECT-TYPE tokenRingPStats2Table OBJECT-TYPE
SYNTAX SEQUENCE OF TokenRingPStats2Entry SYNTAX SEQUENCE OF TokenRingPStats2Entry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1. "Contains the RMON-2 augmentations to RMON-1.
This table has been deprecated as it has not had enough This table has been deprecated as it has not had enough
skipping to change at page 129, line 14 skipping to change at page 131, line 17
Note that, unlike the dropEvents counter, this number is the Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped." exact number of frames dropped."
::= { tokenRingPStats2Entry 1 } ::= { tokenRingPStats2Entry 1 }
tokenRingPStatsCreateTime OBJECT-TYPE tokenRingPStatsCreateTime OBJECT-TYPE
SYNTAX LastCreateTime SYNTAX LastCreateTime
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"The value of sysUpTime when this control entry was last activated. "The value of sysUpTime when this control entry was last
This can be used by the management station to ensure that the activated. This can be used by the management station to
table has not been deleted and recreated between polls." ensure that the table has not been deleted and recreated
between polls."
::= { tokenRingPStats2Entry 2 } ::= { tokenRingPStats2Entry 2 }
ringStationControl2Table OBJECT-TYPE ringStationControl2Table OBJECT-TYPE
SYNTAX SEQUENCE OF RingStationControl2Entry SYNTAX SEQUENCE OF RingStationControl2Entry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1. "Contains the RMON-2 augmentations to RMON-1.
This table has been deprecated as it has not had enough This table has been deprecated as it has not had enough
skipping to change at page 130, line 23 skipping to change at page 132, line 27
Note that, unlike the dropEvents counter, this number is the Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped." exact number of frames dropped."
::= { ringStationControl2Entry 1 } ::= { ringStationControl2Entry 1 }
ringStationControlCreateTime OBJECT-TYPE ringStationControlCreateTime OBJECT-TYPE
SYNTAX LastCreateTime SYNTAX LastCreateTime
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"The value of sysUpTime when this control entry was last activated. "The value of sysUpTime when this control entry was last
This can be used by the management station to ensure that the activated. This can be used by the management station to
table has not been deleted and recreated between polls." ensure that the table has not been deleted and recreated
between polls."
::= { ringStationControl2Entry 2 } ::= { ringStationControl2Entry 2 }
sourceRoutingStats2Table OBJECT-TYPE sourceRoutingStats2Table OBJECT-TYPE
SYNTAX SEQUENCE OF SourceRoutingStats2Entry SYNTAX SEQUENCE OF SourceRoutingStats2Entry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"Contains the RMON-2 augmentations to RMON-1. "Contains the RMON-2 augmentations to RMON-1.
This table has been deprecated as it has not had enough This table has been deprecated as it has not had enough
skipping to change at page 131, line 34 skipping to change at page 133, line 38
Note that, unlike the dropEvents counter, this number is the Note that, unlike the dropEvents counter, this number is the
exact number of frames dropped." exact number of frames dropped."
::= { sourceRoutingStats2Entry 1 } ::= { sourceRoutingStats2Entry 1 }
sourceRoutingStatsCreateTime OBJECT-TYPE sourceRoutingStatsCreateTime OBJECT-TYPE
SYNTAX LastCreateTime SYNTAX LastCreateTime
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"The value of sysUpTime when this control entry was last activated. "The value of sysUpTime when this control entry was last
This can be used by the management station to ensure that the activated. This can be used by the management station to
table has not been deleted and recreated between polls." ensure that the table has not been deleted and recreated
between polls."
::= { sourceRoutingStats2Entry 2 } ::= { sourceRoutingStats2Entry 2 }
filter2Table OBJECT-TYPE filter2Table OBJECT-TYPE
SYNTAX SEQUENCE OF Filter2Entry SYNTAX SEQUENCE OF Filter2Entry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Provides a variable-length packet filter feature to the "Provides a variable-length packet filter feature to the
RMON-1 filter table." RMON-1 filter table."
::= { filter 4 } ::= { filter 4 }
skipping to change at page 140, line 42 skipping to change at page 142, line 42
or passwords. It is recommended that SNMP access to these or passwords. It is recommended that SNMP access to these
functions be restricted. functions be restricted.
There are a number of management objects defined in this MIB There are a number of management objects defined in this MIB
that have a MAX-ACCESS clause of read-write and/or read- that have a MAX-ACCESS clause of read-write and/or read-
create. Such objects may be considered sensitive or create. Such objects may be considered sensitive or
vulnerable in some network environments. The support for SET vulnerable in some network environments. The support for SET
operations in a non-secure environment without proper operations in a non-secure environment without proper
protection can have a negative effect on network operations. protection can have a negative effect on network operations.
SNMPv1 by itself is not a secure environment. Even if the Some of the readable objects in this MIB module (i.e., objects
network itself is secure (for example by using IPSec), even with a MAX-ACCESS other than not-accessible) may be considered
then, there is no control as to who on the secure network is sensitive or vulnerable in some network environments. It is
allowed to access and GET/SET (read/change/create/delete) the thus important to control even GET and/or NOTIFY access to
objects in this MIB. these objects and possibly to even encrypt the values of these
objects when sending them over the network via SNMP.
It is recommended that the implementors consider the security SNMP versions prior to SNMPv3 did not include adequate
features as provided by the SNMPv3 framework. Specifically,
the use of the User-based Security Model RFC 2574 [RFC3414] security. Even if the network itself is secure (for example
and the View-based Access Control Model RFC 2575 [RFC3415] is by using IPSec), even then, there is no control as to who on
recommended. the secure network is allowed to access and GET/SET
(read/change/create/delete) the objects in this MIB module.
It is then a customer/user responsibility to ensure that the It is RECOMMENDED that implementers consider the security
SNMP entity giving access to an instance of this MIB, is features as provided by the SNMPv3 framework (see [RFC3410],
section 8), including full support for the SNMPv3
cryptographic mechanisms (for authentication and privacy).
Further, deployment of SNMP versions prior to SNMPv3 is NOT
RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and
to enable cryptographic security. It is then a
customer/operator responsibility to ensure that the SNMP
entity giving access to an instance of this MIB module is
properly configured to give access to the objects only to properly configured to give access to the objects only to
those principals (users) that have legitimate rights to indeed those principals (users) that have legitimate rights to indeed
GET or SET (change/create/delete) them. GET or SET (change/create/delete) them.
8. Appendix - TimeFilter Implementation Notes 8. IANA Considerations
No IANA actions are necessary.
9. Appendix - TimeFilter Implementation Notes
1) Theory of Operation 1) Theory of Operation
The TimeFilter mechanism allows an NMS to reduce the number of The TimeFilter mechanism allows an NMS to reduce the number of
SNMP transactions required for a 'table-update' operation. SNMP transactions required for a 'table-update' operation, by
Polling of tables that incorporate a 'TimeFilter' INDEX can be retrieving only the rows that have changed since a specified
reduced to a theoretical minimum (if used correctly). It can time (usually the last poll time). Polling of tables that
be easily implemented by an agent in a way independent of the incorporate a 'TimeFilter' INDEX can be reduced to a
number of NMS applications using the same time-filtered table. theoretical minimum (if used correctly). It can be easily
implemented by an agent in a way independent of the number of
NMS applications using the same time-filtered table.
Although the name 'TimeFilter' may imply that a history of Although the name 'TimeFilter' may imply that a history of
change events is maintained by the agent, this is not the change events is maintained by the agent, this is not the
case. A time-filtered-value represents the current value of case. A time-filtered-value represents the current value of
the object instance, not the 'saved' value at the time the object instance, not the 'saved' value at the time
indicated by the TimeFilter INDEX value. Note that TimeFilter indicated by the TimeFilter INDEX value. Note that TimeFilter
objects only appear in INDEX clauses (always not-accessible), objects only appear in INDEX clauses (always not-accessible),
so their value is never retrieved. By design, the actual value so their value is never retrieved. By design, the actual value
of a TimeFilter instance is not in itself meaningful (it's not of a TimeFilter instance is not in itself meaningful (it's not
a 'last-change-timestamp'). a 'last-change-timestamp').
The TimeFilter is a boolean filtering function applied in The TimeFilter is a boolean filtering function applied in
internal Get* PDU processing. If the 'last-change-time' of the internal Get* PDU processing. If the 'last-change-time' of the
specified instance is less than the particular TimeFilter specified instance is less than the particular TimeFilter
INDEX value, then the instance is considered 'not-present' INDEX value, then the instance is considered 'not-present',
(skipped for GetNext and GetBulk PDUs; 'noSuchInstance' or and it is skipped for GetNext and GetBulk PDUs, or a
returned to the requester. 'noSuchInstance' exception is returned for Get PDUs.
For TimeFilter purposes:
- a row is created when an accessible column is created
within
the row.
- a column that is created or deleted causes the TimeFilter
to
to update the time-stamp, only because the value of the
column
is changing (non-existent <-> some value).
- a row is deleted when all accessible columns are deleted.
This
event is not detectable with TimeFilter, and deleted rows
are
not retrievable with SNMP.
1.1) Agent Implementation of a Time-Filtered Table 1.1) Agent Implementation of a Time-Filtered Table
In implementation, the time-filtered rows (one for each tick In implementation, the time-filtered rows (one for each tick
of sysUpTime) are only conceptual. The agent simply filters a of sysUpTime) are only conceptual. The agent simply filters a
real table based on: real table based on:
* the current value of sysUpTime * the current value of sysUpTime
* the TimeFilter value passed in the varbind * the TimeFilter value passed in the varbind
* the last-update timestamp of each requested counter * the last-update timestamp of each requested row
(agent implementation requirement) (agent implementation requirement)
For example, to implement a time-filtered counter, an agent For example, to implement a time-filtered table row (e.g., set
maintains a timestamp in a 32-bit storage location, of counters), an agent maintains a timestamp in a 32-bit
initialized to zero. This is in addition to whatever storage location, initialized to zero. This is in addition to
instrumentation is needed for the counter. whatever instrumentation is needed for the set of counters.
Each time the counter is updated, the current value of Each time one of the counters is updated, the current value of
sysUpTime is recorded in the associated timestamp. If this is sysUpTime is recorded in the associated timestamp. If this is
not possible or practical, then a background polling process not possible or practical, then a background polling process
must 'refresh' the timestamp by sampling counter values and must 'refresh' the timestamp by sampling counter values and
comparing them to recorded samples. The timestamp update must comparing them to recorded samples. The timestamp update must
occur within 5 seconds of the actual change event. occur within 5 seconds of the actual change event.
When an agent receives a Get, GetNext, or GetBulk PDU When an agent receives a Get, GetNext, or GetBulk PDU
requesting a time-filtered instance, the following agent has requesting a time-filtered instance, after the agent has
determined that the instance is within the MIB view indicated determined that the instance is within the specified MIB view,
by the community string in the PDU. the following conceptual test is applied to determine if the
object is returned or filtered:
/* return TRUE if the object is present */ /* return TRUE if the object is present */
boolean time_filter_test ( boolean time_filter_test (
TimeFilter last_modified_timestamp, TimeFilter last_modified_timestamp,
TimeFilter index_value_in_pdu ) TimeFilter index_value_in_pdu )
{ {
if (last_modified_timestamp < index_value_in_pdu) if (last_modified_timestamp < index_value_in_pdu)
return FALSE; return FALSE;
else else
return TRUE; return TRUE;
skipping to change at page 143, line 32 skipping to change at page 146, line 4
else else
return TRUE; return TRUE;
} }
The agent applies this function regardless of the The agent applies this function regardless of the
lastActivationTime of the conceptual row in question. In other lastActivationTime of the conceptual row in question. In other
words, counter discontinuities are ignored (i.e. conceptual words, counter discontinuities are ignored (i.e. conceptual
row deleted and then re-created later). An agent should row deleted and then re-created later). An agent should
consider a object instance 'changed' when it is created consider a object instance 'changed' when it is created
(either at restart time for scalars and static objects, or (either at restart time for scalars and static objects, or
row-creation-time for dynamic tables). row-creation-time for dynamic tables).
Note that using a timeFilter INDEX value of zero removes the Note that using a timeFilter INDEX value of zero removes the
filtering functionality, as the instance will always be filtering functionality, as the instance will always be
'present' according to the test above.
After some deployment experience, it has been determined that
a time-filtered table is more efficient to use if the agent
stops a "MIB walk" operation after one time-filtered entry.
That is, a GetNext or GetBulk operation will provide one pass
through a given table, i.e., the agent will continue to the
next object or table, instead of incrementing a TimeMark INDEX
value, even if there exists higher TimeMark values which are
valid for the same conceptual row.
It is acceptable for an agent to implement a time-filtered
table in this manner, or in the traditional manner (i.e.,
every conceptual time-filtered instance is returned in GetNext
and GetBulk PDU responses).
1.2) NMS Implementation of a Time-Filtered Table 1.2) NMS Implementation of a Time-Filtered Table
The particular TimeFilter INDEX values used by an NMS reflect The particular TimeFilter INDEX values used by an NMS reflect
the polling interval of the NMS, relative to the particular the polling interval of the NMS, relative to the particular
agent's notion of sysUpTime. agent's notion of sysUpTime.
An NMS needs to maintain one timestamp variable per agent An NMS needs to maintain one timestamp variable per agent
(initialized to zero) for an arbitrary group of time-filtered (initialized to zero) for an arbitrary group of time-filtered
MIB objects that are gathered together in the same PDU. Each MIB objects that are gathered together in the same PDU. Each
skipping to change at page 144, line 31 skipping to change at page 147, line 16
returned beyond this point (until the last-change-time is returned beyond this point (until the last-change-time is
reached), but most likely the same values will be reached), but most likely the same values will be
returned. returned.
2) the return PDU includes instances lexigraphically greater 2) the return PDU includes instances lexigraphically greater
than the objects expected (i.e. same GetNext semantics as than the objects expected (i.e. same GetNext semantics as
if the TimeFilter wasn't there) if the TimeFilter wasn't there)
3) a noSuchName or other exception/error is returned. 3) a noSuchName or other exception/error is returned.
Note that the use of a time-filtered table in combination with Note that the use of a time-filtered table in combination with
a GetRequest PDU neutralizes any optimization that otherwise a GetRequest PDU neutralizes any optimization that otherwise
might be achieved with the TimeFilter, because no PDU might be achieved with the TimeFilter. Either the current
transactions are saved. Either the current time-filtered time-filtered object-value is returned, or, if there is no
object-value is returned, or a 'noSuchInstance' exception time-filtered object-value instance, then a 'noSuchInstance'
(SNMPv1c) or 'noSuchName' error (SNMPv1) is returned. exception (SNMPv2c or SNMPv3) or 'noSuchName' error (SNMPv1)
is returned.
If GetBulk PDUs are used, then the value selected for response
PDUs generated by the agent, since duplicate entries (one per
'tick' of sysUpTime) are likely to pad the PDU to its maximum
size. An appropriate of conceptual rows in the time-filtered
table if known, or equal to the number of instances expected
to fit in a GetResponse PDU without causing a 'tooBig' error
from the agent.
2) TimeFilter Example 2) TimeFilter Example
The following example demonstrates how an NMS and Agent might The following example demonstrates how an NMS and Agent might
use a table with a TimeFilter object in the INDEX. A static use a table with a TimeFilter object in the INDEX. A static
table is assumed to keep the example simple, but dynamic table is assumed to keep the example simple, but dynamic
tables can also be supported. tables can also be supported.
2.1) General Assumptions 2.1) General Assumptions
skipping to change at page 145, line 43 skipping to change at page 148, line 22
Time nms-1000: Time nms-1000:
# NMS baseline poll -- get everything since last agent # NMS baseline poll -- get everything since last agent
# restart - TimeFilter == 0 # restart - TimeFilter == 0
get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0, get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
fooCounts.0); fooCounts.0);
returns: returns:
sysUpTime.0 == 600 sysUpTime.0 == 600
fooCounts.0.1 == 1 # incremented at time 500 fooCounts.0.1 == 1 # incremented at time 500
fooCounts.0.2 == 0 # visible since created at time fooCounts.0.2 == 0 # visible; created at time 0
0
Time nms-2500: Time nms-2500:
# NMS 1st poll # NMS 1st poll
# TimeFilter index == 600 # TimeFilter index == 600
get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0, get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
fooCounts.600); fooCounts.600);
returns: returns:
sysUpTime.0 == 2100 sysUpTime.0 == 2100
fooCounts.600.1 == 2 # incremented at time 900 fooCounts.600.1 == 2 # incremented at time 900
fooCounts.600.2 == 2 # incremented at times
# 1100 and 1400
fooCounts.601.1 == 2 # indicates end of sweep fooCounts.601.1 == 2 # indicates end of sweep
Time nms-4000: Time nms-4000:
# NMS 2nd poll # NMS 2nd poll
# TimeFilter == 2100 # TimeFilter == 2100
get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0, get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
fooCounts.2100); fooCounts.2100);
returns: returns:
sysUpTime.0 == 3600 sysUpTime.0 == 3600
skipping to change at page 148, line 4 skipping to change at page 150, line 25
++fooCounts.1; changed.1 = 2300; ++fooCounts.1; changed.1 = 2300;
Time agt-3600: Time agt-3600:
# answer get-bulk # answer get-bulk
# get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0, # get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
# fooCounts.2100); # fooCounts.2100);
# (changed >= 2100) # (changed >= 2100)
# return only fooCounts.1 from the fooTable--twice # return only fooCounts.1 from the fooTable--twice
Time agt-5100: Time agt-5100:
# answer get-bulk # answer get-bulk
# get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0, # get-bulk(nonRptrs=1, maxReps=2, sysUpTime.0,
# fooCounts.3600); # fooCounts.3600);
# (changed >= 3600) # (changed >= 3600)
# return lexigraphically-next two MIB instances # return lexigraphically-next two MIB instances
9. Changes since RFC 2021 10. Changes since RFC 2021
This version updates the proposed-standard version of the This version updates the proposed-standard version of the
RMON2 MIB (published as RFC 2021) by adding 2 new enumerations RMON2 MIB (published as RFC 2021) by adding 2 new enumerations
to the nlMatrixTopNControlRateBase object and 4 new to the nlMatrixTopNControlRateBase object and 4 new
enumerations to the alMatrixTopNControlRateBase object. These enumerations to the alMatrixTopNControlRateBase object. These
new enumerations support the creation of high capacity topN new enumerations support the creation of high capacity topN
reports in the High Capacity RMON MIB [RFC3273]. reports in the High Capacity RMON MIB [RFC3273].
Additionally, the following object have been deprecated as Additionally, the following objects have been deprecated as
they have not had enough independent implementations to they have not had enough independent implementations to
demonstrate interoperability to meet the requirements of a demonstrate interoperability to meet the requirements of a
Draft Standard: Draft Standard:
probeDownloadFile probeDownloadFile
probeDownloadTFTPServer probeDownloadTFTPServer
probeDownloadAction probeDownloadAction
probeDownloadStatus probeDownloadStatus
serialMode serialMode
serialProtocol serialProtocol
skipping to change at page 149, line 12 skipping to change at page 151, line 34
netConfigStatus netConfigStatus
netDefaultGateway netDefaultGateway
tokenRingMLStats2DroppedFrames tokenRingMLStats2DroppedFrames
tokenRingMLStats2CreateTime tokenRingMLStats2CreateTime
tokenRingPStats2DroppedFrames tokenRingPStats2DroppedFrames
tokenRingPStats2CreateTime tokenRingPStats2CreateTime
ringStationControl2DroppedFrames ringStationControl2DroppedFrames
ringStationControl2CreateTime ringStationControl2CreateTime
sourceRoutingStats2DroppedFrames sourceRoutingStats2DroppedFrames
sourceRoutingStats2CreateTime sourceRoutingStats2CreateTime
trapDestIndex
trapDestCommunity
trapDestProtocol
trapDestAddress
trapDestOwner
trapDestStatus
In addition, two corrections were made. The LastCreateTime In addition, two corrections were made. The LastCreateTime
Textual Convention had been defined with a base type of Textual Convention had been defined with a base type of
another textual convention which isn't allowed in SMIv2. The another textual convention which isn't allowed in SMIv2. The
definition has been modified to use TimeTicks as the base definition has been modified to use TimeTicks as the base
type. type.
Further, the SerialConfigEntry SEQUENCE definition included Further, the SerialConfigEntry SEQUENCE definition included
sub-typing information that is not allowed in SMIv2. This sub-typing information that is not allowed in SMIv2. This
information has been deleted. Ranges were added to a number of information has been deleted. Ranges were added to a number of
objects and textual-conventions to constrain their maximum objects and textual-conventions to constrain their maximum
(and sometimes minimum) sizes: (and sometimes minimum) sizes. The addition of these ranges
documents existing practice for
these objects. These objects are:
ControlString ControlString
protocolDirID protocolDirID
protocolDirParameters protocolDirParameters
addressMapNetworkAddress addressMapNetworkAddress
nlHostAddress nlHostAddress
nlMatrixSDSourceAddress nlMatrixSDSourceAddress
nlMatrixSDDestAddress nlMatrixSDDestAddress
nlMatrixDSSourceAddress nlMatrixDSSourceAddress
nlMatrixDSDestAddress nlMatrixDSDestAddress
nlMatrixTopNSourceAddress nlMatrixTopNSourceAddress
nlMatrixTopNDestAddress nlMatrixTopNDestAddress
alHostEntry alHostEntry
alMatrixSDEntry alMatrixSDEntry
alMatrixDSEntry alMatrixDSEntry
alMatrixTopNSourceAddress alMatrixTopNSourceAddress
alMatrixTopNDestAddress alMatrixTopNDestAddress
10. Acknowledgments 11. Acknowledgments
This document was produced by the IETF Remote Network This document was produced by the IETF Remote Network
Monitoring Working Group. Monitoring Working Group.
The TimeFilter mechanism was invented and documented by Jeanne The TimeFilter mechanism was invented and documented by Jeanne
Haney. Haney.
The User History group was created by Andy Bierman. The User History group was created by Andy Bierman.
11. Author's Address 12. Author's Address
Steve Waldbusser Steve Waldbusser
Phone: +1 650-948-6500 Phone: +1 650-948-6500
Fax: +1 650-745-0671 Fax: +1 650-745-0671
EMail: waldbusser@nextbeacon.com EMail: waldbusser@nextbeacon.com
12. References 13. References
12.1. Normative References 13.1. Normative References
[RFC2578] [RFC2578]
McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
Rose, M. and S. Waldbusser, "Structure of Management Rose, M. and S. Waldbusser, "Structure of Management
Information Version 2 (SMIv2)", STD 58, RFC 2578, April Information Version 2 (SMIv2)", STD 58, RFC 2578, April
1999. 1999.
[RFC2579] [RFC2579]
McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
Rose, M. and S. Waldbusser, "Textual Conventions for Rose, M. and S. Waldbusser, "Textual Conventions for
skipping to change at page 151, line 33 skipping to change at page 154, line 33
SMIv2", STD 58, RFC 2580, April 1999. SMIv2", STD 58, RFC 2580, April 1999.
[RFC2819] [RFC2819]
Waldbusser, S., "Remote Network Monitoring MIB", RFC Waldbusser, S., "Remote Network Monitoring MIB", RFC
2819, Lucent Technologies, May 2000. 2819, Lucent Technologies, May 2000.
[RFC3273] [RFC3273]
Waldbusser, S., "RMON for High Capacity Networks", RFC Waldbusser, S., "RMON for High Capacity Networks", RFC
3273, July 2002. 3273, July 2002.
12.2. Informative References [RFC3417]
Presuhn, R., "Transport Mappings for the Simple Network
[RFC3410] Management Protocol (SNMP)", STD 62, RFC 3417, December
Case, J., Mundy, R., Partain, D. and B. Stewart, 2002.
"Introduction and Applicability Statements for Internet
Standard Management Framework", RFC 3410, December 2002.
[RFC3411]
Harrington, D., Presuhn, R., and B. Wijnen, "An
Architecture for Describing SNMP Management Frameworks",
STD 62. RFC 3411, December 2002.
[RFC2863] [RFC2863]
McCloghrie, K. and F. Kastenholz, "The Interfaces Group McCloghrie, K. and F. Kastenholz, "The Interfaces Group
MIB", RFC 2863, Cisco Systems, Argon Networks, June 2000. MIB", RFC 2863, Cisco Systems, Argon Networks, June 2000.
[RFC1513] [RFC1513]
Waldbusser, S., "Token Ring Extensions to the Remote Waldbusser, S., "Token Ring Extensions to the Remote
Network Monitoring MIB", RFC 1513, September 1993. Network Monitoring MIB", RFC 1513, September 1993.
13.2. Informative References
[RFC3410]
Case, J., Mundy, R., Partain, D. and B. Stewart,
"Introduction and Applicability Statements for Internet
Standard Management Framework", RFC 3410, December 2002.
[RFC2108] [RFC2108]
De Graaf, K., Romascanu, D., McMaster, D. and K. De Graaf, K., Romascanu, D., McMaster, D. and K.
McCloghrie, "Definition of Managed Objects for IEEE 802.3 McCloghrie, "Definition of Managed Objects for IEEE 802.3
Repeater Devices using SMIv2", RFC 2108, February 1997. Repeater Devices using SMIv2", RFC 2108, February 1997.
[RFC3414] [RFC3414]
Blumenthal, U. and B. Wijnen, "The User-Based Security Blumenthal, U. and B. Wijnen, "The User-Based Security
Model (USM) for Version 3 of the Simple Network Model (USM) for Version 3 of the Simple Network
Management Protocol (SNMPv3)", STD 62, RFC 3414, December Management Protocol (SNMPv3)", STD 62, RFC 3414, December
2002. 2002.
[RFC3415] [RFC3415]
Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based
Access Control Model (VACM) for the Simple Network Access Control Model (VACM) for the Simple Network
Management Protocol (SNMP)", STD 62, RFC 3415, December Management Protocol (SNMP)", STD 62, RFC 3415, December
2002. 2002.
13. Full Copyright Statement 14. Full Copyright Statement
Copyright (C) The Internet Society (2004). Copyright (C) The Internet Society (2005).
This document is subject to the rights, licenses and This document is subject to the rights, licenses and
restrictions contained in BCP 78, and except as set forth restrictions contained in BCP 78, and except as set forth
therein, the authors retain all their rights. therein, the authors retain all their rights.
This document and the information contained herein are This document and the information contained herein are
provided on an "AS IS" basis and THE CONTRIBUTOR, THE provided on an "AS IS" basis and THE CONTRIBUTOR, THE
ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY),
THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE
DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT
skipping to change at page 154, line 7 skipping to change at page 157, line 7
repository at http://www.ietf.org/ipr. repository at http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its The IETF invites any interested party to bring to its
attention any copyrights, patents or patent applications, or attention any copyrights, patents or patent applications, or
other proprietary rights that may cover technology that may be other proprietary rights that may cover technology that may be
required to implement this standard. Please address the required to implement this standard. Please address the
information to the IETF at ietf-ipr@ietf.org. information to the IETF at ietf-ipr@ietf.org.
Table of Contents Table of Contents
1 The Internet-Standard Management Framework ............ 3 1 The Internet-Standard Management Framework ............ 4
2 Overview .............................................. 4 2 Overview .............................................. 5
2.1 Remote Network Management Goals ..................... 4 2.1 Remote Network Management Goals ..................... 5
2.2 Structure of MIB .................................... 6 2.2 Structure of MIB .................................... 7
3 Control of Remote Network Monitoring Devices .......... 8 3 Control of Remote Network Monitoring Devices .......... 9
3.1 Resource Sharing Among Multiple Management Sta- 3.1 Resource Sharing Among Multiple Management StaĦ
tions .............................................. 8 tions .............................................. 9
3.2 Row Addition Among Multiple Management Stations ..... 10 3.2 Row Addition Among Multiple Management Stations ..... 11
4 Conventions ........................................... 12 4 Conventions ........................................... 13
5 RMON 2 Conventions .................................... 13 5 RMON 2 Conventions .................................... 14
5.1 Usage of the term Application Level ................. 13 5.1 Usage of the term Application Level ................. 14
5.2 Protocol Directory and Limited Extensibility ........ 13 5.2 Protocol Directory and Limited Extensibility ........ 14
5.3 Errors in packets ................................... 14 5.3 Errors in packets ................................... 15
6 Definitions ........................................... 14 6 Definitions ........................................... 15
7 Security Considerations ............................... 140 7 Security Considerations ............................... 142
8 Appendix - TimeFilter Implementation Notes ............ 142 8 IANA Considerations ................................... 143
9 Changes since RFC 2021 ................................ 148 9 Appendix - TimeFilter Implementation Notes ............ 144
10 Acknowledgments ...................................... 150 10 Changes since RFC 2021 ............................... 150
11 Author's Address ..................................... 150 11 Acknowledgments ...................................... 153
12 References ........................................... 151 12 Author's Address ..................................... 153
12.1 Normative References ............................... 151 13 References ........................................... 154
12.2 Informative References ............................. 151 13.1 Normative References ............................... 154
13 Full Copyright Statement ............................. 152 13.2 Informative References ............................. 154
14 Full Copyright Statement ............................. 155
 End of changes. 

This html diff was produced by rfcdiff 1.25, available from http://www.levkowetz.com/ietf/tools/rfcdiff/