rfc2819.txt
来自「RFC 的详细文档!」· 文本 代码 · 共 1,642 行 · 第 1/5 页
TXT
1,642 行
an ethernet network and stores them for later retrieval. This group
consists of the etherHistoryTable.
Waldbusser Standards Track [Page 6]
RFC 2819 Remote Network Monitoring MIB May 2000
2.3.4. The Alarm Group
The alarm group periodically takes statistical samples from variables
in the probe and compares them to previously configured thresholds.
If the monitored variable crosses a threshold, an event is generated.
A hysteresis mechanism is implemented to limit the generation of
alarms. This group consists of the alarmTable and requires the
implementation of the event group.
2.3.5. The Host Group
The host group contains statistics associated with each host
discovered on the network. This group discovers hosts on the network
by keeping a list of source and destination MAC Addresses seen in
good packets promiscuously received from the network. This group
consists of the hostControlTable, the hostTable, and the
hostTimeTable.
2.3.6. The HostTopN Group
The hostTopN group is used to prepare reports that describe the hosts
that top a list ordered by one of their statistics. The available
statistics are samples of one of their base statistics over an
interval specified by the management station. Thus, these statistics
are rate based. The management station also selects how many such
hosts are reported. This group consists of the hostTopNControlTable
and the hostTopNTable, and requires the implementation of the host
group.
2.3.7. The Matrix Group
The matrix group stores statistics for conversations between sets of
two addresses. As the device detects a new conversation, it creates
a new entry in its tables. This group consists of the
matrixControlTable, the matrixSDTable and the matrixDSTable.
2.3.8. The Filter Group
The filter group allows packets to be matched by a filter equation.
These matched packets form a data stream that may be captured or may
generate events. This group consists of the filterTable and the
channelTable.
Waldbusser Standards Track [Page 7]
RFC 2819 Remote Network Monitoring MIB May 2000
2.3.9. The Packet Capture Group
The Packet Capture group allows packets to be captured after they
flow through a channel. This group consists of the
bufferControlTable and the captureBufferTable, and requires the
implementation of the filter group.
2.3.10. The Event Group
The event group controls the generation and notification of events
from this device. This group consists of the eventTable and the
logTable.
3. Control of Remote Network Monitoring Devices
Due to the complex nature of the available functions in these
devices, the functions often need user configuration. In many cases,
the function requires parameters to be set up for a data collection
operation. The operation can proceed only after these parameters are
fully set up.
Many functional groups in this MIB have one or more tables in which
to set up control parameters, and one or more data tables in which to
place the results of the operation. The control tables are typically
read-write in nature, while the data tables are typically read-only.
Because the parameters in the control table often describe resulting
data in the data table, many of the parameters can be modified only
when the control entry is invalid. Thus, the method for modifying
these parameters is to invalidate the control entry, causing its
deletion and the deletion of any associated data entries, and then
create a new control entry with the proper parameters. Deleting the
control entry also gives a convenient method for reclaiming the
resources used by the associated data.
Some objects in this MIB provide a mechanism to execute an action on
the remote monitoring device. These objects may execute an action as
a result of a change in the state of the object. For those objects
in this MIB, a request to set an object to the same value as it
currently holds would thus cause no action to occur.
To facilitate control by multiple managers, resources have to be
shared among the managers. These resources are typically the memory
and computation resources that a function requires.
Waldbusser Standards Track [Page 8]
RFC 2819 Remote Network Monitoring MIB May 2000
3.1. Resource Sharing Among Multiple Management Stations
When multiple management stations wish to use functions that compete
for a finite amount of resources on a device, a method to facilitate
this sharing of resources is required. Potential conflicts include:
o Two management stations wish to simultaneously use resources
that together would exceed the capability of the device.
o A management station uses a significant amount of resources for
a long period of time.
o A management station uses resources and then crashes,
forgetting to free the resources so others may use them.
A mechanism is provided for each management station initiated
function in this MIB to avoid these conflicts and to help resolve
them when they occur. Each function has a label identifying the
initiator (owner) of the function. This label is set by the
initiator to provide for the following possibilities:
o A management station may recognize resources it owns and no
longer needs.
o A network operator can find the management station that owns
the resource and negotiate for it to be freed.
o A network operator may decide to unilaterally free resources
another network operator has reserved.
o Upon initialization, a management station may recognize
resources it had reserved in the past. With this information
it may free the resources if it no longer needs them.
Management stations and probes should support any format of the owner
string dictated by the local policy of the organization. It is
suggested that this name contain one or more of the following: IP
address, management station name, network manager's name, location,
or phone number. This information will help users to share the
resources more effectively.
There is often default functionality that the device or the
administrator of the probe (often the network administrator) wishes
to set up. The resources associated with this functionality are then
owned by the device itself or by the network administrator, and are
intended to be long-lived. In this case, the device or the
administrator will set the relevant owner object to a string starting
with 'monitor'. Indiscriminate modification of the monitor-owned
configuration by network management stations is discouraged. In
fact, a network management station should only modify these objects
under the direction of the administrator of the probe.
Waldbusser Standards Track [Page 9]
RFC 2819 Remote Network Monitoring MIB May 2000
Resources on a probe are scarce and are typically allocated when
control rows are created by an application. Since many applications
may be using a probe simultaneously, indiscriminate allocation of
resources to particular applications is very likely to cause resource
shortages in the probe.
When a network management station wishes to utilize a function in a
monitor, it is encouraged to first scan the control table of that
function to find an instance with similar parameters to share. This
is especially true for those instances owned by the monitor, which
can be assumed to change infrequently. If a management station
decides to share an instance owned by another management station, it
should understand that the management station that owns the instance
may indiscriminately modify or delete it.
It should be noted that a management application should have the most
trust in a monitor-owned row because it should be changed very
infrequently. A row owned by the management application is less
long-lived because a network administrator is more likely to re-
assign resources from a row that is in use by one user than from a
monitor-owned row that is potentially in use by many users. A row
owned by another application would be even less long-lived because
the other application may delete or modify that row completely at its
discretion.
3.2. Row Addition Among Multiple Management Stations
The addition of new rows is achieved using the method described in
RFC 1905 [13]. In this MIB, rows are often added to a table in order
to configure a function. This configuration usually involves
parameters that control the operation of the function. The agent
must check these parameters to make sure they are appropriate given
restrictions defined in this MIB as well as any implementation
specific restrictions such as lack of resources. The agent
implementor may be confused as to when to check these parameters and
when to signal to the management station that the parameters are
invalid. There are two opportunities:
o When the management station sets each parameter object.
o When the management station sets the entry status object to
valid.
If the latter is chosen, it would be unclear to the management
station which of the several parameters was invalid and caused the
badValue error to be emitted. Thus, wherever possible, the
implementor should choose the former as it will provide more
information to the management station.
Waldbusser Standards Track [Page 10]
RFC 2819 Remote Network Monitoring MIB May 2000
A problem can arise when multiple management stations attempt to set
configuration information simultaneously using SNMP. When this
involves the addition of a new conceptual row in the same control
table, the managers may collide, attempting to create the same entry.
To guard against these collisions, each such control entry contains a
status object with special semantics that help to arbitrate among the
managers. If an attempt is made with the row addition mechanism to
create such a status object and that object already exists, an error
is returned. When more than one manager simultaneously attempts to
create the same conceptual row, only the first can succeed. The
others will receive an error.
When a manager wishes to create a new control entry, it needs to
choose an index for that row. It may choose this index in a variety
of ways, hopefully minimizing the chances that the index is in use by
another manager. If the index is in use, the mechanism mentioned
previously will guard against collisions. Examples of schemes to
choose index values include random selection or scanning the control
table looking for the first unused index. Because index values may
be any valid value in the range and they are chosen by the manager,
the agent must allow a row to be created with any unused index value
if it has the resources to create a new row.
Some tables in this MIB reference other tables within this MIB. When
creating or deleting entries in these tables, it is generally
allowable for dangling references to exist. There is no defined
order for creating or deleting entries in these tables.
4. Conventions
The following conventions are used throughout the RMON MIB and its
companion documents.
Good Packets
Good packets are error-free packets that have a valid frame length.
For example, on Ethernet, good packets are error-free packets that
are between 64 octets long and 1518 octets long. They follow the
form defined in IEEE 802.3 section 3.2.all.
Bad Packets
Bad packets are packets that have proper framing and are therefore
recognized as packets, but contain errors within the packet or have
an invalid length. For example, on Ethernet, bad packets have a
valid preamble and SFD, but have a bad CRC, or are either shorter
than 64 octets or longer than 1518 octets.
Waldbusser Standards Track [Page 11]
RFC 2819 Remote Network Monitoring MIB May 2000
5. Definitions
RMON-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, OBJECT-IDENTITY,
NOTIFICATION-TYPE, mib-2, Counter32,
Integer32, TimeTicks FROM SNMPv2-SMI
TEXTUAL-CONVENTION, DisplayString FROM SNMPv2-TC
MODULE-COMPLIANCE, OBJECT-GROUP,
NOTIFICATION-GROUP FROM SNMPv2-CONF;
-- Remote Network Monitoring MIB
rmonMibModule MODULE-IDENTITY
LAST-UPDATED "200005110000Z" -- 11 May, 2000
ORGANIZATION "IETF RMON MIB Working Group"
CONTACT-INFO
"Steve Waldbusser
Phone: +1-650-948-6500
Fax: +1-650-745-0671
Email: waldbusser@nextbeacon.com"
DESCRIPTION
"Remote network monitoring devices, often called
monitors or probes, are instruments that exist for
the purpose of managing a network. This MIB defines
objects for managing remote network monitoring devices."
REVISION "200005110000Z" -- 11 May, 2000
DESCRIPTION
"Reformatted into SMIv2 format.
This version published as RFC 2819."
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?