draft-ietf-snmpv3-update-proto-00.txt   draft-ietf-snmpv3-update-proto-01.txt 
INTERNET-DRAFT Editor of this version: INTERNET-DRAFT Editor of this version:
Will Obsolete: 1905 R. Presuhn Request for Comments: -PROTO R. Presuhn
BMC Software, Inc. STD: XXX BMC Software, Inc.
9 January 2000 Obsoletes: 1905 Authors of previous version:
Category: Standards Track J. Case
Authors of previous version:
SNMPv2 Working Group
J. Case
SNMP Research, Inc. SNMP Research, Inc.
K. McCloghrie K. McCloghrie
Cisco Systems, Inc. Cisco Systems, Inc.
M. Rose M. Rose
Dover Beach Consulting, Inc. Dover Beach Consulting, Inc.
S. Waldbusser S. Waldbusser
International Network Services International Network Services
23 January 2000
Version 2 of the Protocol Operations for Version 2 of the Protocol Operations for
the Simple Network Management Protocol the Simple Network Management Protocol
<draft-ietf-snmpv3-update-proto-00.txt> <draft-ietf-snmpv3-update-proto-01.txt>
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. Internet-Drafts are working all provisions of Section 10 of RFC2026. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas, documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts. working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
skipping to change at page 2, line 33 skipping to change at page 2, line 31
4.2.2.1. Example of Table Traversal ............................ 14 4.2.2.1. Example of Table Traversal ............................ 14
4.2.3. The GetBulkRequest-PDU .................................. 16 4.2.3. The GetBulkRequest-PDU .................................. 16
4.2.3.1. Another Example of Table Traversal .................... 19 4.2.3.1. Another Example of Table Traversal .................... 19
4.2.4. The Response-PDU ........................................ 20 4.2.4. The Response-PDU ........................................ 20
4.2.5. The SetRequest-PDU ...................................... 21 4.2.5. The SetRequest-PDU ...................................... 21
4.2.6. The SNMPv2-Trap-PDU ..................................... 24 4.2.6. The SNMPv2-Trap-PDU ..................................... 24
4.2.7. The InformRequest-PDU ................................... 24 4.2.7. The InformRequest-PDU ................................... 24
5. Notice on Intellectual Property ............................. 25 5. Notice on Intellectual Property ............................. 25
6. Acknowledgments ............................................. 26 6. Acknowledgments ............................................. 26
7. Security Considerations ..................................... 27 7. Security Considerations ..................................... 27
8. References .................................................. 27 8. References .................................................. 28
9. Editor's Address ............................................ 29 9. Editor's Address ............................................ 30
10. Changes from RFC 1905 ...................................... 29 10. Changes from RFC 1905 ...................................... 30
11. Issues ..................................................... 31 11. Issues ..................................................... 31
12. Full Copyright Statement ................................... 33 12. Full Copyright Statement ................................... 33
1. Introduction 1. Introduction
The SNMP Management Framework at the time of this writing consists of The SNMP Management Framework at the time of this writing consists of
five major components: five major components:
- An overall architecture, described in RFC 2571 [RFC2571]. - An overall architecture, described in RFC 2571 [RFC2571].
skipping to change at page 6, line 24 skipping to change at page 6, line 24
bit, are placed in bits 8 to 1 of the first octet, followed by bits 8 bit, are placed in bits 8 to 1 of the first octet, followed by bits 8
to 1 of each subsequent octet in turn, followed by as many bits as to 1 of each subsequent octet in turn, followed by as many bits as
are needed of the final subsequent octet, commencing with bit 8. are needed of the final subsequent octet, commencing with bit 8.
Remaining bits, if any, of the final octet are set to zero on Remaining bits, if any, of the final octet are set to zero on
generation and ignored on receipt. generation and ignored on receipt.
3. Definitions 3. Definitions
SNMPv2-PDU DEFINITIONS ::= BEGIN SNMPv2-PDU DEFINITIONS ::= BEGIN
ObjectName ::= OBJECT IDENTIFIER ObjectName ::= OBJECT IDENTIFIER !
ObjectSyntax ::= ObjectSyntax ::= !
CHOICE { CHOICE { !
simple simple !
SimpleSyntax, SimpleSyntax, !
application-wide application-wide !
ApplicationSyntax ApplicationSyntax !
} } !
SimpleSyntax ::= SimpleSyntax ::= !
CHOICE { CHOICE { !
integer-value integer-value !
INTEGER (-2147483648..2147483647), INTEGER (-2147483648..2147483647), !
string-value string-value !
OCTET STRING (SIZE (0..65535)), OCTET STRING (SIZE (0..65535)), !
objectID-value objectID-value !
OBJECT IDENTIFIER OBJECT IDENTIFIER !
} } !
ApplicationSyntax ::= ApplicationSyntax ::=
CHOICE { CHOICE {
ipAddress-value ipAddress-value
IpAddress, IpAddress,
counter-value counter-value
Counter32, Counter32,
timeticks-value timeticks-value
TimeTicks, TimeTicks,
skipping to change at page 7, line 25 skipping to change at page 7, line 25
arbitrary-value arbitrary-value
Opaque, Opaque,
big-counter-value big-counter-value
Counter64, Counter64,
unsigned-integer-value unsigned-integer-value
Unsigned32 Unsigned32
} }
IpAddress ::= [APPLICATION 0] IMPLICIT OCTET STRING (SIZE (4)) IpAddress ::= [APPLICATION 0] IMPLICIT OCTET STRING (SIZE (4)) !
Counter32 ::= [APPLICATION 1] IMPLICIT INTEGER (0..4294967295) Counter32 ::= [APPLICATION 1] IMPLICIT INTEGER (0..4294967295) !
Unsigned32 ::= [APPLICATION 2] IMPLICIT INTEGER (0..4294967295) Unsigned32 ::= [APPLICATION 2] IMPLICIT INTEGER (0..4294967295) !
Gauge32 ::= Unsigned32 Gauge32 ::= Unsigned32 !
TimeTicks ::= [APPLICATION 3] IMPLICIT INTEGER (0..4294967295) TimeTicks ::= [APPLICATION 3] IMPLICIT INTEGER (0..4294967295) !
Opaque ::= [APPLICATION 4] IMPLICIT OCTET STRING Opaque ::= [APPLICATION 4] IMPLICIT OCTET STRING !
Counter64 ::= [APPLICATION 6] Counter64 ::= [APPLICATION 6] !
IMPLICIT INTEGER (0..18446744073709551615) IMPLICIT INTEGER (0..18446744073709551615) !
-- protocol data units -- protocol data units
PDUs ::= PDUs ::=
CHOICE { CHOICE {
get-request get-request
GetRequest-PDU, GetRequest-PDU,
get-next-request get-next-request
GetNextRequest-PDU, GetNextRequest-PDU,
skipping to change at page 9, line 21 skipping to change at page 9, line 21
Report-PDU ::= Report-PDU ::=
[8] [8]
IMPLICIT PDU IMPLICIT PDU
max-bindings max-bindings
INTEGER ::= 2147483647 INTEGER ::= 2147483647
PDU ::= PDU ::=
SEQUENCE { SEQUENCE {
request-id request-id
INTEGER (-214783648..214783647), INTEGER (-214783648..214783647), !
error-status -- sometimes ignored error-status -- sometimes ignored
INTEGER { INTEGER {
noError(0), noError(0),
tooBig(1), tooBig(1),
noSuchName(2), -- for proxy compatibility noSuchName(2), -- for proxy compatibility
badValue(3), -- for proxy compatibility badValue(3), -- for proxy compatibility
readOnly(4), -- for proxy compatibility readOnly(4), -- for proxy compatibility
genErr(5), genErr(5),
noAccess(6), noAccess(6),
skipping to change at page 10, line 7 skipping to change at page 10, line 7
error-index -- sometimes ignored error-index -- sometimes ignored
INTEGER (0..max-bindings), INTEGER (0..max-bindings),
variable-bindings -- values are sometimes ignored variable-bindings -- values are sometimes ignored
VarBindList VarBindList
} }
BulkPDU ::= -- must be identical in BulkPDU ::= -- must be identical in
SEQUENCE { -- structure to PDU SEQUENCE { -- structure to PDU
request-id request-id
INTEGER (-214783648..214783647), INTEGER (-214783648..214783647), !
non-repeaters non-repeaters
INTEGER (0..max-bindings), INTEGER (0..max-bindings),
max-repetitions max-repetitions
INTEGER (0..max-bindings), INTEGER (0..max-bindings),
variable-bindings -- values are ignored variable-bindings -- values are ignored
VarBindList VarBindList
} }
skipping to change at page 26, line 19 skipping to change at page 26, line 19
be obtained from the IETF Secretariat. be obtained from the IETF Secretariat.
The IETF invites any interested party to bring to its attention any The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary copyrights, patents or patent applications, or other proprietary
rights which may cover technology that may be required to practice rights which may cover technology that may be required to practice
this standard. Please address the information to the IETF Executive this standard. Please address the information to the IETF Executive
Director. Director.
6. Acknowledgments 6. Acknowledgments
This document is the product of the SNMPv3 Working Group. Some
special thanks are in order to the following Working Group members:
Randy Bush
Jeffrey D. Case
Mike Daniele
Rob Frye
Lauren Heintz
Keith McCloghrie
Russ Mundy
David T. Perkins
Randy Presuhn
Aleksey Romanov
Juergen Schoenwaelder
Bert Wijnen
This version of the document, edited by Randy Presuhn, was initially
based on the work of a design team whose members were:
Jeffrey D. Case
Keith McCloghrie
David T. Perkins
Randy Presuhn
Juergen Schoenwaelder
The previous versions of this document, edited by Keith McCloghrie, The previous versions of this document, edited by Keith McCloghrie,
was the result of significant work by four major contributors: was the result of significant work by four major contributors:
Jeffrey D. Case (SNMP Research, case@snmp.com) Jeffrey D. Case
Keith McCloghrie (Cisco Systems, kzm@cisco.com) Keith McCloghrie
Marshall T. Rose (Dover Beach Consulting, mrose@dbc.mtview.ca.us) Marshall T. Rose
Steven Waldbusser (International Network Services, stevew@uni.ins.com) Steven Waldbusser
Additionally, the contributions of the SNMPv2 Working Group to the
In addition, the contributions of the SNMPv2 Working Group are previous versions are also acknowledged. In particular, a special
acknowledged. In particular, a special thanks is extended for the thanks is extended for the contributions of:
contributions of:
Alexander I. Alten (Novell) Alexander I. Alten
Dave Arneson (Cabletron) Dave Arneson
Uri Blumenthal (IBM) Uri Blumenthal
Doug Book (Chipcom) Doug Book
Kim Curran (Bell-Northern Research) Kim Curran
Jim Galvin (Trusted Information Systems) Jim Galvin
Maria Greene (Ascom Timeplex) Maria Greene
Iain Hanson (Digital) Iain Hanson
Dave Harrington (Cabletron) Dave Harrington
Nguyen Hien (IBM) Nguyen Hien
Jeff Johnson (Cisco Systems) Jeff Johnson
Michael Kornegay (Object Quest) Michael Kornegay
Deirdre Kostick (AT&T Bell Labs) Deirdre Kostick
David Levi (SNMP Research) David Levi
Daniel Mahoney (Cabletron) Daniel Mahoney
Russ Mundy (TIS Labs at Network Associates, Chair) Bob Natale
Bob Natale (ACE*COMM) Brian O'Keefe
Brian O'Keefe (Hewlett Packard) Andrew Pearson
Andrew Pearson (SNMP Research) Dave Perkins
Dave Perkins (Peer Networks) Randy Presuhn
Randy Presuhn (Peer Networks) Aleksey Romanov
Aleksey Romanov (Quality Quorum) Shawn Routhier
Shawn Routhier (Epilogue) Jon Saperia
Jon Saperia (BGS Systems) Juergen Schoenwaelder
Juergen Schoenwaelder (TU Braunschweig) Bob Stewart
Bob Stewart (Cisco Systems) Kaj Tesink
Kaj Tesink (Bellcore) Glenn Waters
Glenn Waters (Bell-Northern Research) Bert Wijnen
Bert Wijnen (IBM)
7. Security Considerations 7. Security Considerations
The protocol defined in this document by itself does not provide a The protocol defined in this document by itself does not provide a !
secure environment. Even if the network itself is secure (for secure environment. Even if the network itself is secure (for !
example by using IPSec), there is no control as to who on the secure example by using IPSec), there is no control as to who on the secure !
network is allowed to access and GET/SET (read/change) MIB network is allowed to access and GET/SET (read/change) MIB !
information. information. !
It is recommended that the implementors consider the security
features as provided by the SNMPv3 framework. Specifically, the use
of the User-based Security Model RFC 2574 [RFC2574] and the
View-based Access Control Model RFC 2575 [RFC2575] is recommended.
It is then a customer/user responsibility to ensure that the SNMP It is recommended that the implementors consider the security !
entity is properly configured so that: features as provided by the SNMPv3 framework. Specifically, the use !
of the User-based Security Model RFC 2574 [RFC2574] and the !
View-based Access Control Model RFC 2575 [RFC2575] is recommended. !
- only those principals (users) having legitimate rights can It is then a customer/user responsibility to ensure that the SNMP !
access or modify the values of any MIB objects supported by entity is properly configured so that: !
that entity; - only those principals (users) having legitimate rights can !
access or modify the values of any MIB objects supported by !
that entity; !
- the occurrence of particular events on the entity will be - the occurrence of particular events on the entity will be !
communicated appropriately; communicated appropriately; !
- the entity responds appropriately and with due credence to - the entity responds appropriately and with due credence to !
events and information that have been communicated to it. events and information that have been communicated to it. !
8. References 8. References
[ASN1] Information processing systems - Open Systems [ASN1] Information processing systems - Open Systems
Interconnection - Specification of Abstract Syntax Interconnection - Specification of Abstract Syntax
Notation One (ASN.1), International Organization for Notation One (ASN.1), International Organization for
Standardization. International Standard 8824, December Standardization. International Standard 8824, December
1987. 1987.
[FRAG] Kent, C., and J. Mogul, Fragmentation Considered Harmful, [FRAG] Kent, C., and J. Mogul, Fragmentation Considered Harmful,
skipping to change at page 29, line 22 skipping to change at page 29, line 47
[RFC2570] Case, J., Mundy, R., Partain, D., and B. Stewart, [RFC2570] Case, J., Mundy, R., Partain, D., and B. Stewart,
"Introduction to Version 3 of the Internet-standard "Introduction to Version 3 of the Internet-standard
Network Management Framework", RFC 2570, April 1999. Network Management Framework", RFC 2570, April 1999.
[RFC2233] McCloghrie, K., and F. Kastenholz, "The Interfaces Group [RFC2233] McCloghrie, K., and F. Kastenholz, "The Interfaces Group
MIB using SMIv2", RFC 2233, November 1997. MIB using SMIv2", RFC 2233, November 1997.
[RFC-COEX] Frye, R., Levi, D., Routhier, S., and B. Wijnen, [RFC-COEX] Frye, R., Levi, D., Routhier, S., and B. Wijnen,
"Coexistence between Version 1, Version 2, and Version 3 "Coexistence between Version 1, Version 2, and Version 3
of the Internet-standard Network Management Framework", of the Internet-standard Network Management Framework",
<draft-ietf-snmpv3-coex-06.txt>, December 1999. <draft-ietf-snmpv3-coex-07.txt>, January, 2000.
[RFC-TM] Presuhn, R., SNMPv2 Working Group, Case, J., McCloghrie, [RFC-TM] Presuhn, R., Case, J., McCloghrie, K., Rose, M., and S.
K., Rose, M., and S. Waldbusser, "Transport Mappings for Waldbusser, "Transport Mappings for the Simple Network
the Simple Network Management Protocol", Management Protocol",
<draft-ietf-snmpv3-update-transmap-00.txt>, January 2000. <draft-ietf-snmpv3-update-transmap-01.txt>, January 2000.
[RFC-MIB] Presuhn, R., SNMPv2 Working Group, Case, J., McCloghrie, [RFC-MIB] Presuhn, R., Case, J., McCloghrie, K., Rose, M., and S.
K., Rose, M., and S. Waldbusser, "Management Information Waldbusser, "Management Information Base for the Simple
Base for the Simple Network Management Protocol", Network Management Protocol",
<draft-ietf-snmpv3-update-mib-00.txt>, January 2000. <draft-ietf-snmpv3-update-mib-01.txt>, January 2000.
9. Editor's Address 9. Editor's Address
Randy Presuhn Randy Presuhn
BMC Software, Inc. BMC Software, Inc.
2141 North First Street 2141 North First Street
San Jose, CA 95131 San Jose, CA 95131
USA USA
Phone: +1 408 546 1006 Phone: +1 408 546 1006
skipping to change at page 31, line 22 skipping to change at page 31, line 47
- Added notes calling attention to two different - Added notes calling attention to two different
manifestations of reaching the end of a table in the table manifestations of reaching the end of a table in the table
walk examples. walk examples.
- Added content to security considerations clause. - Added content to security considerations clause.
- Updated ASN.1 comment on use of Report-PDU. This does not - Updated ASN.1 comment on use of Report-PDU. This does not
affect the protocol in any way. affect the protocol in any way.
- Updated acknowledgements section.
11. Issues 11. Issues
This clause will be deleted when this material is published as an This clause will be deleted when this material is published as an
RFC. The issue labels are the same as those used in the on-line RFC. The issue labels are the same as those used in the on-line
issues list at issues list at
ftp://amethyst.bmc.com/pub/snmpv3/Update567/rfc1905/index.html ftp://amethyst.bmc.com/pub/snmpv3/Update567/rfc1905/index.html
1905-1 Done; table of contents added. 1905-1 Done; table of contents added.
1905-2 Done; new title put in. 1905-2 Done; new title put in.
skipping to change at page 32, line 47 skipping to change at page 33, line 27
1905-26 Done; resolution was "no change". 1905-26 Done; resolution was "no change".
1905-27 Done; resolution was "no change". 1905-27 Done; resolution was "no change".
1905-28 Done; replaced first paragraph of old clause 4.2.6. 1905-28 Done; replaced first paragraph of old clause 4.2.6.
1905-29 Done; replaced first paragraph of old clause 4.2.7. 1905-29 Done; replaced first paragraph of old clause 4.2.7.
1905-30 Done; added content to security considerations clause. 1905-30 Done; added content to security considerations clause.
1905-31 PARTIAL; references update; more work needed on 1905-31 Done; references updated; acknowledgments updated.
acknowledgments.
1905-32 Done; added clarifying text. 1905-32 Done; added clarifying text.
1905-33 Done; IPR and copyright material updated. 1905-33 Done; IPR and copyright material updated.
1905-34 Done; headers and footers updated appropriately. 1905-34 Done; headers and footers updated appropriately.
1905-35 Done; resolution was "no change". 1905-35 Done; resolution was "no change".
1905-36 Done; though original resolution was "no change", this 1905-36 Done; though original resolution was "no change", this
 End of changes. 32 change blocks. 
105 lines changed or deleted 126 lines changed or added

This html diff was produced by rfcdiff 1.33. The latest version is available from http://tools.ietf.org/tools/rfcdiff/