rfc1447.txt
来自「RFC 的详细文档!」· 文本 代码 · 共 2,326 行 · 第 1/5 页
TXT
2,326 行
Network Working Group K. McCloghrie
Request for Comments: 1447 Hughes LAN Systems
J. Galvin
Trusted Information Systems
April 1993
Party MIB
for version 2 of the
Simple Network Management Protocol (SNMPv2)
Status of this Memo
This RFC specifes an IAB standards track protocol for the
Internet community, and requests discussion and suggestions
for improvements. Please refer to the current edition of the
"IAB Official Protocol Standards" for the standardization
state and status of this protocol. Distribution of this memo
is unlimited.
Table of Contents
1 Introduction .......................................... 2
1.1 A Note on Terminology ............................... 2
2 Definitions ........................................... 3
3.1 Textual Conventions ................................. 4
3.2 Administrative Assignments .......................... 7
3.2.1 Initial Party and Context Identifiers ............. 8
3.3 Object Assignments .................................. 16
3.4 The SNMPv2 Party Database Group ..................... 16
3.5 The SNMPv2 Contexts Database Group .................. 29
3.5 The SNMPv2 Access Privileges Database Group ......... 36
3.6 The MIB View Database Group ......................... 40
3.7 Conformance Information ............................. 45
3.7.1 Compliance Statements ............................. 45
3.7.2 Units of Conformance .............................. 47
3 Acknowledgments ....................................... 48
4 References ............................................ 49
5 Security Considerations ............................... 50
6 Authors' Addresses .................................... 50
Galvin & McCloghrie [Page 1]
RFC 1447 Party MIB for SNMPv2 April 1993
1. Introduction
A network management system contains: several (potentially
many) nodes, each with a processing entity, termed an agent,
which has access to management instrumentation; at least one
management station; and, a management protocol, used to convey
management information between the agents and management
stations. Operations of the protocol are carried out under an
administrative framework which defines both authentication and
authorization policies.
Network management stations execute management applications
which monitor and control network elements. Network elements
are devices such as hosts, routers, terminal servers, etc.,
which are monitored and controlled through access to their
management information.
Management information is viewed as a collection of managed
objects, residing in a virtual information store, termed the
Management Information Base (MIB). Collections of related
objects are defined in MIB modules. These modules are written
using a subset of OSI's Abstract Syntax Notation One (ASN.1)
[1], termed the Structure of Management Information (SMI) [2].
The Administrative Model for SNMPv2 document [3] defines the
properties associated with SNMPv2 parties, SNMPv2 contexts,
and access control policies. It is the purpose of this
document, the Party MIB for SNMPv2, to define managed objects
which correspond to these properties.
1.1. A Note on Terminology
For the purpose of exposition, the original Internet-standard
Network Management Framework, as described in RFCs 1155, 1157,
and 1212, is termed the SNMP version 1 framework (SNMPv1).
The current framework is termed the SNMP version 2 framework
(SNMPv2).
Galvin & McCloghrie [Page 2]
RFC 1447 Party MIB for SNMPv2 April 1993
2. Definitions
SNMPv2-PARTY-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, snmpModules,
UInteger32
FROM SNMPv2-SMI
TEXTUAL-CONVENTION, RowStatus, TruthValue
FROM SNMPv2-TC
MODULE-COMPLIANCE, OBJECT-GROUP
FROM SNMPv2-CONF;
partyMIB MODULE-IDENTITY
LAST-UPDATED "9304010000Z"
ORGANIZATION "IETF SNMP Security Working Group"
CONTACT-INFO
" Keith McCloghrie
Postal: Hughes LAN Systems
1225 Charleston Road
Mountain View, CA 94043
US
Tel: +1 415 966 7934
Fax: +1 415 960 3738
E-mail: kzm@hls.com"
DESCRIPTION
"The MIB module describing SNMPv2 parties."
::= { snmpModules 3 }
Galvin & McCloghrie [Page 3]
RFC 1447 Party MIB for SNMPv2 April 1993
-- textual conventions
Party ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Denotes a SNMPv2 party identifier.
Note that agents may impose implementation
limitations on the length of OIDs used to identify
Parties. As such, management stations creating
new parties should be aware that using an
excessively long OID may result in the agent
refusing to perform the set operation and instead
returning the appropriate error response, e.g.,
noCreation."
SYNTAX OBJECT IDENTIFIER
TAddress ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Denotes a transport service address.
For snmpUDPDomain, a TAddress is 6 octets long,
the initial 4 octets containing the IP-address in
network-byte order and the last 2 containing the
UDP port in network-byte order. Consult [5] for
further information on snmpUDPDomain."
SYNTAX OCTET STRING
Galvin & McCloghrie [Page 4]
RFC 1447 Party MIB for SNMPv2 April 1993
Clock ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"A party's authentication clock - a non-negative
integer which is incremented as specified/allowed
by the party's Authentication Protocol.
For noAuth, a party's authentication clock is
unused and its value is undefined.
For v2md5AuthProtocol, a party's authentication
clock is a relative clock with 1-second
granularity."
SYNTAX UInteger32
Context ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Denotes a SNMPv2 context identifier.
Note that agents may impose implementation
limitations on the length of OIDs used to identify
Contexts. As such, management stations creating new
contexts should be aware that using an excessively
long OID may result in the agent refusing to
perform the set operation and instead returning
the appropriate error response, e.g., noCreation."
SYNTAX OBJECT IDENTIFIER
Galvin & McCloghrie [Page 5]
RFC 1447 Party MIB for SNMPv2 April 1993
StorageType ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Describes the memory realization of a conceptual
row. A row which is volatile(2) is lost upon
reboot. A row which is nonVolatile(3) is backed
up by stable storage. A row which is permanent(4)
cannot be changed nor deleted."
SYNTAX INTEGER {
other(1), -- eh?
volatile(2), -- e.g., in RAM
nonVolatile(3), -- e.g., in NVRAM
permanent(4) -- e.g., in ROM
}
Galvin & McCloghrie [Page 6]
RFC 1447 Party MIB for SNMPv2 April 1993
-- administrative assignments
partyAdmin OBJECT IDENTIFIER ::= { partyMIB 1 }
-- definitions of security protocols
partyProtocols OBJECT IDENTIFIER ::= { partyAdmin 1 }
-- the protocol without authentication
noAuth OBJECT IDENTIFIER ::= { partyProtocols 1 }
-- the protocol without privacy
noPriv OBJECT IDENTIFIER ::= { partyProtocols 2 }
-- the DES Privacy Protocol [4]
desPrivProtocol
OBJECT IDENTIFIER ::= { partyProtocols 3 }
-- the MD5 Authentication Protocol [4]
v2md5AuthProtocol
OBJECT IDENTIFIER ::= { partyProtocols 4 }
-- definitions of temporal domains
temporalDomains
OBJECT IDENTIFIER ::= { partyAdmin 2 }
-- this temporal domain refers to management information
-- at the current time
currentTime OBJECT IDENTIFIER ::= { temporalDomains 1 }
-- this temporal domain refers to management information
-- upon the next re-initialization of the managed device
restartTime OBJECT IDENTIFIER ::= { temporalDomains 2 }
-- the temporal domain { cacheTime N } refers to management
-- information that is cached and guaranteed to be at most
-- N seconds old
cacheTime OBJECT IDENTIFIER ::= { temporalDomains 3 }
Galvin & McCloghrie [Page 7]
RFC 1447 Party MIB for SNMPv2 April 1993
-- Definition of Initial Party and Context Identifiers
-- When devices are installed, they need to be configured
-- with an initial set of SNMPv2 parties and contexts. The
-- configuration of SNMPv2 parties and contexts requires (among
-- other things) the assignment of several OBJECT IDENTIFIERs.
-- Any local network administration can obtain the delegated
-- authority necessary to assign its own OBJECT IDENTIFIERs.
-- However, to provide for those administrations who have not
-- obtained the necessary authority, this document allocates a
-- branch of the naming tree for use with the following
-- conventions.
initialPartyId OBJECT IDENTIFIER ::= { partyAdmin 3 }
initialContextId
OBJECT IDENTIFIER ::= { partyAdmin 4 }
-- Note these are identified as "initial" party and context
-- identifiers since these allow secure SNMPv2 communication
-- to proceed, thereby allowing further SNMPv2 parties to be
-- configured through use of the SNMPv2 itself.
-- The following definitions identify a party identifier, and
-- specify the initial values of various object instances
-- indexed by that identifier. In addition, the SNMPv2
-- context, access control policy, and MIB view information
-- assigned, by convention, are identified.
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?