📄 rfc2262.txt
字号:
For incoming messages, the contextEngineID is used to determine to
which application the scopedPDU will be sent for processing.
For outgoing messages, the v3MP sets the contextEngineID to the value
provided by the application in the request for a message to be sent.
6.8.2. contextName
The contextName field in an SNMPv3 message, in conjunction with the
contextEngineID field, identifies the particular context associated
with the management information contained in the PDU portion of the
message. The contextName is unique within the SNMP entity specified
by the contextEngineID, which may realize the managed objects
referenced within the PDU. An application which originates a message
provides the value for the contextName field and this value may be
used during processing by an application at the receiving SNMP
Engine.
6.8.3. data
The data field of the SNMPv3 Message contains the PDU. Among other
things, the PDU contains the PDU type that is used by the v3MP to
determine the type of the incoming SNMP message. The v3MP specifies
that the PDU must be one of those specified in [RFC1905].
7. Elements of Procedure for v3MP
This section describes the procedures followed by an SNMP engine when
generating and processing SNMP messages according to the SNMPv3
Message Processing Model.
Please note, that for the sake of clarity and to prevent the text
from being even longer and more complicated, some details were
omitted from the steps below.
a) Some steps specify that when some error conditions are
encountered when processing a received message, a message
containing a Report PDU is generated and the received message
is discarded without further processing. However, a Report-PDU
must not be generated unless the reportableFlag is set in the
received message.
b) The elements of procedure do not always explicitly indicate
when state information needs to be released. The general rule
is that if state information is available when a message is to
be "discarded without further processing", then the state
information must also be released at that same time.
Case, et. al. Standards Track [Page 23]
RFC 2262 SNMPv3 Management Protocol January 1998
7.1. Prepare an Outgoing SNMP Message
This section describes the procedure followed to prepare an SNMPv3
message from the data elements passed by the Message Dispatcher.
1) The Message Dispatcher may request that an SNMPv3 message
containing a GetRequest-PDU, GetNextRequest-PDU, GetBulkRequest-
PDU, SetRequest-PDU, InformRequest-PDU, or SNMPv2-Trap-PDU be
prepared for sending.
a) It makes such a request according to the abstract service
primitive:
statusInformation = -- success or errorIndication
prepareOutgoingMessage(
IN transportDomain -- requested transport domain
IN transportAddress -- requested destination address
IN messageProcessingModel -- typically, SNMP version
IN securityModel -- Security Model to use
IN securityName -- on behalf of this principal
IN securityLevel -- Level of Security requested
IN contextEngineID -- data from/at this entity
IN contextName -- data from/in this context
IN pduVersion -- version of the PDU
IN PDU -- SNMP Protocol Data Unit
IN expectResponse -- TRUE or FALSE
IN sendPduHandle -- the handle for matching
-- incoming responses
OUT destTransportDomain -- destination transport domain
OUT destTransportAddress -- destination transport address
OUT outgoingMessage -- the message to send
OUT outgoingMessageLength -- the length of the message
)
b) A unique msgID is generated. The number used for msgID should
not have been used recently, and must not be the same as was
used for any outstanding request.
* SNMPv3 does not use the values of expectResponse or
pduVersion.
2) The Message Dispatcher may request that an SNMPv3 message
containing a Response-PDU or Report-PDU be prepared for sending.
a) It makes such a request according to the abstract service
primitive:
Case, et. al. Standards Track [Page 24]
RFC 2262 SNMPv3 Management Protocol January 1998
result = -- SUCCESS or FAILURE
prepareResponseMessage(
IN messageProcessingModel -- typically, SNMP version
IN securityModel -- same as on incoming request
IN securityName -- same as on incoming request
IN securityLevel -- same as on incoming request
IN contextEngineID -- data from/at this SNMP entity
IN contextName -- data from/in this context
IN pduVersion -- version of the PDU
IN PDU -- SNMP Protocol Data Unit
IN maxSizeResponseScopedPDU -- maximum size of Response PDU
IN stateReference -- reference to state
-- information presented with
-- the request
IN statusInformation -- success or errorIndication
-- error counter OID and value
-- when errorIndication
OUT transportDomain -- destination transport domain
OUT transportAddress -- destination transport address
OUT outgoingMessage -- the message to send
OUT outgoingMessageLength -- the length of the message
)
b) The cached information for the original request is retrieved
via the stateReference, including
- msgID,
- contextEngineID,
- contextName,
- securityModel,
- securityName,
- securityLevel,
- securityStateReference,
- reportableFlag,
- transportDomain, and
- transportAddress.
The SNMPv3 Message Processing Model does not allow cached data
to be overridden, except by error indications as detailed in
(3) below.
3) If statusInformation contains values for an OID/value combination
(potentially also containing a securityLevel value,
contextEngineID value, or contextName value), then
a) If reportableFlag is zero, then the original message is
discarded, and no further processing is done. A result of
FAILURE is returned. SNMPv3 Message Processing is complete.
Case, et. al. Standards Track [Page 25]
RFC 2262 SNMPv3 Management Protocol January 1998
b) If a PDU is provided, it is the PDU from the original request.
If possible, extract the request-id.
c) A Report PDU is prepared:
1) the varBindList is set to contain the OID and value from the
statusInformation
2) error-status is set to 0
3) error-index is set to 0.
4) request-id is set to the value extracted in step b)
Otherwise, request-id is set to 0
d) The errorIndication in statusInformation may be accompanied by
a securityLevel value, a contextEngineID value, or a
contextName value.
1) If statusInformation contains a value for securityLevel,
then securityLevel is set to that value, otherwise it is set
to noAuthNoPriv.
2) If statusInformation contains a value for contextEngineID,
then contextEngineID is set to that value, otherwise it is
set to the value of this entity's snmpEngineID.
3) If statusInformation contains a value for contextName, then
contextName is set to that value, otherwise it is set to the
default context of "" (zero-length string).
e) PDU is set to refer to the new Report-PDU. The old PDU is
discarded.
f) Processing continues with step 6) below.
4) If contextEngineID is not yet determined, then the contextEngineID
is determined, in an implementation-dependent manner, possibly
using the transportDomain and transportAddress.
5) If the contextName is not yet determined, the contextName is set
to the default context.
6) A scopedPDU is prepared from the contextEngineID, contextName, and
PDU.
Case, et. al. Standards Track [Page 26]
RFC 2262 SNMPv3 Management Protocol January 1998
7) msgGlobalData is constructed as follows
a) The msgVersion field is set to snmpv3(3).
b) msgID is set as determined in step 1 or 2 above.
c) msgMaxSize is set to an implementation-dependent value.
d) msgFlags are set as follows:
- If securityLevel specifies noAuthNoPriv, then authFlag and
privFlag are both set to zero.
- If securityLevel specifies authNoPriv, then authFlag is set
to one and privFlag is set to zero.
- If securityLevel specifies authPriv, then authFlag is set to
one and privFlag is set to one.
- If the PDU is a Response-PDU, Report-PDU or SNMPv2-Trap-PDU,
then the reportableFlag is set to zero.
- If the PDU is a GetRequest-PDU, GetNextRequest-PDU,
GetBulkRequest-PDU, SetRequest-PDU, or InformRequest-PDU
then the reportableFlag is set to one.
- All other msgFlags bits are set to zero.
e) msgSecurityModel is set to the value of securityModel
8) If the PDU is a Response-PDU or Report-PDU, then
a) The specified Security Model is called to generate the message
according to the primitive:
statusInformation =
generateResponseMsg(
IN messageProcessingModel -- SNMPv3 Message Processing
-- Model
IN globalData -- msgGlobalData from step 7
IN maxMessageSize -- from msgMaxSize (step 7c)
IN securityModel -- as determined in step 7e
IN securityEngineID -- the value of snmpEngineID
IN securityName -- on behalf of this principal
IN securityLevel -- for the outgoing message
IN scopedPDU -- as prepared in step 6)
IN securityStateReference -- as determined in step 2
OUT securityParameters -- filled in by Security Module
Case, et. al. Standards Track [Page 27]
RFC 2262 SNMPv3 Management Protocol January 1998
OUT wholeMsg -- complete generated message
OUT wholeMsgLength -- length of generated message
)
If, upon return from the Security Model, the statusInformation
includes an errorIndication, then any cached information about
the outstanding request message is discarded, and an
errorIndication is returned, so it can be returned to the
calling application. SNMPv3 Message Processing is complete.
b) A SUCCESS result is returned. SNMPv3 Message Processing is
complete.
9) If the PDU is a GetRequest-PDU, GetNextRequest-PDU,
GetBulkRequest-PDU, SetRequest-PDU, InformRequest-PDU, or or
SNMPv2-Trap-PDU, then
a) If the PDU is an SNMPv2-Trap-PDU, then securityEngineID is set
to the value of this entity's snmpEngineID.
Otherwise, the snmpEngineID of the target entity is determined,
in an implementation-dependent manner, possibly using
transportDomain and transportAddress. The value of
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -