rfc1856.txt

来自「<VC++网络游戏建摸与实现>源代码」· 文本 代码 · 共 956 行 · 第 1/2 页

Network Working Group                                           H. Clark
Request For Comments: 1856                                    BBN Planet
Category: Informational                                   September 1995


        The Opstat Client-Server Model for Statistics Retrieval

Status of this Memo

   This memo provides information for the Internet community.  This memo
   does not specify an Internet standard of any kind.  Distribution of
   this memo is unlimited.

Abstract

   Network administrators gather data related to the performance,
   utilization, usability and growth of their data network.  The amount
   of raw data gathered is usually quite large, typically ranging
   somewhere between several megabytes to several gigabytes of data each
   month.  Few (if any) tools exist today for the sharing of that raw
   data among network operators or between a network service provider
   (NSP) and its customers.  This document defines a model and protocol
   for a set of tools which could be used by NSPs and Network Operation
   Centers (NOCs) to share data among themselves and with customers.

1.0  Introduction

   Network administrators gather data related to the performance,
   utilization, usability and growth of their data network.  The primary
   goal of gathering the data is to facilitate near-term problem
   isolation and longer-term network planning within the organization.
   The amount of raw data gathered is usually quite large, typically
   ranging somewhere between several megabytes to several gigabytes of
   data each month.  From this raw data, the network administrator
   produces various types of reports.  Few (if any) tools exist today
   for the sharing of that raw data among network operators or between a
   network service provider (NSP) and its customers.  This document
   defines a model and protocol for a set of tools which could be used
   by NSPs and Network Operation Centers (NOCs) to share data among
   themselves and with customers.

1.1 The OPSTAT Model

   Under the Operational Statistics model [1], there exists a common
   model under which tools exist for the collection, storage, retrieval
   and presentation of network management data.





Clark                        Informational                      [Page 1]

RFC 1856               Opstat Client-Server Model           October 1995


   This document defines a protocol which would allow a client on a
   remote machine to retrieve data from a central server, which itself
   retrieves from the common statistics database.  The client then
   presents the data to the user in the form requested (maybe to a X-
   window, or to paper).

   The basic model used for the retrieval methods defined in this
   document is a client-server model.  This architecture envisions that
   each NOC (or NSP) should install a server which provides locally
   collected information for clients.  Using a query language the client
   should be able to define the network object of interest, the
   interface, the metrics and the time period to be examined.  Using a
   reliable transport-layer protocol (e.g., TCP), the server will
   transmit the requested data.  Once this data is received by the
   client it could be processed and presented by a variety of tools
   including displaying the data in a X window, sending postscript to a
   printer, or displaying the raw data on the user's terminal.

   The remainder of this document describes how the client and server
   interact, describes the protocol used between the client and server,
   and discusses a variety of other issues surrounding the sharing of
   data.

2.0  Client-Server Description

2.1  The Client

   The basic function of the client is to retrieve data from the server.
   It will accept requests from the user, translate those requests into
   the common retrieval protocol and transmit them to the server, wait
   for the server's reply, and send that reply to the user.

   Note that this document does not define how the data should be
   presented to the user.  There are many methods of doing this
   including:

    - use a X based tool that displays graphs (line, histogram, etc.)
    - generate PostScript output to be sent to a printer
    - dump the raw data to the user's terminal

   Future documents based on the Operational Statistics model may define
   standard  graphs  and variables to be displayed, but this is work yet
   to be done (as of this writing).








Clark                        Informational                      [Page 2]

RFC 1856               Opstat Client-Server Model           October 1995


2.2  The Server

   The basic function of the server is to accept connections from a
   client, accept some series of commands from the client and perform a
   series of actions based on the commands, and then close the
   connection to the client.

   The server must have some type of configuration file, which is left
   undefined in this document.  The configuration file would list users
   that could access the server along with the authentication they would
   use.  The configuration file should also allow the specification of
   the data items that the user should be permitted to access (and, by
   implication, not allowed to access).  Server security concerns are
   specifically addressed in Section 4.

3.0  Protocol Commands

   This section defines the commands which may be transmitted to the
   server and the server responses to those commands.  The available
   commands are:

    LOGIN  - accept new connection
    EXIT   - disconnect
    LIST   - show available variables
    SELECT - mark data for retrieval
    STATUS - show the state of the server
    GET    - download data to the client

   In addition, a state machine describing specific actions by the
   server is included.  Server security concerns are addressed in
   Section 4.

   Note that in some of the descriptions below, the term <ASCII-STRING>
   is used.  This refers to printable ASCII characters, defined as all
   letters, numbers, and special characters such as $, %, or *.  It
   specifically excludes all special control characters in the lower
   parts of the character set (i.e., 0x00 - 0x1F), and any such
   characters that are received by the server or client should be
   ignored.












Clark                        Informational                      [Page 3]

RFC 1856               Opstat Client-Server Model           October 1995


3.1  Command Return Codes

   The responses a server will return to a client are of the form:

    RETURN-INFO  ::=  <RETURN-CODE> " <ASCII-STRING> " | <RETURN-CODE>
    RETURN-CODE  ::=  <MAIN-CODE><COMMAND><SUB-CODE>
    MAIN-CODE    ::=  1..9
    COMMAND      ::=  1..9
    SUB-CODE     ::=  0..9

   For each command sent to the server, the server returns a series of
   three digit numeric codes which specifies the result of the
   operation, plus optional ASCII text for humans.  The value of MAIN-
   CODE specifies what happened, as in:

    1   Error
    9   Success / Informational

    The commands are encoded as:

    1   LOGIN
    2   SELECT
    3   STATUS
    4   LIST
    5   GET
    9   EXIT

   The following specific error codes must be supported by  all  servers
   and clients:

    110  Login Invalid
    113  Scanning Error during LOGIN
    120  SELECT Failed
    130  STATUS Failed
    140  LIST Failed
    141  Bad LIST encoding
    150  GET Failed
    151  GET doesn't support that type of encoding
    910  Login Accepted
    920  SELECT successful
    931  STATUS Output Starting
    932  STATUS Output Done
    941  LIST lookup successful, here comes the data!
    942  LIST dump done!
    951  GET lookup successful, here comes the data!
    952  GET dump done!
    990  Server closing connection after EXIT received




Clark                        Informational                      [Page 4]

RFC 1856               Opstat Client-Server Model           October 1995


   Other codes may be used, but may not be supported by all clients or
   servers.

3.2  The LOGIN Command

   The LOGIN command authenticates a user to the server.  The format  of
   the LOGIN command is:

    LOGIN-CMD    ::=  LOGIN <username> <auth-type>
    USERNAME     ::=  " <ASCII-STRING> "
    AUTH-TYPE    ::=  "none" | "password" | " <ASCII-STRING> "
    CHAL-CMD     ::=  CHAL " <ASCII-STRING> "
    AUTH-CMD     ::=  AUTH " <ASCII-STRING> "

   The authentication types supported by each server will vary, but must
   include "none" and "password".  Note that a server may or may not
   choose to allow logins via either of these methods, but it must
   recognize the two special authentication types.

   In processing a LOGIN command sequence, the server first checks the
   username and authentication type requested.  If the username is
   invalid (e.g., there's no such user known to the server) or the
   authentication type requested is not supported by the server, then
   the server must return a 110 error and close the connection after
   faking the challenge/authentication process (see examples below).

   After passing the username and authentication type checking, a
   challenge must be sent.  Note that the challenge will be specific to
   the type of authentication requested, and the ASCII string may be an
   empty string if no specific challenge is needed (such as in the
   password-only case). The next command the client returns must be an
   AUTH response, and if not, the server must close the connection.
   After processing the authentication information, the server must
   return a 910 code if the authentication process is successful, or a
   110 error messsage if unsuccessful. Additionally, if the
   authentication fails, the server must immediately close the
   connection.

   If, at any point, during the LOGIN sequence, a syntax error occurs (a
   client doesn't send the correct number of arguments in the LOGIN
   command, for example), the server must return a 113 error and close
   the connection.

   If the special AUTH-TYPE of "none" is used, and the server allows the
   specified username (such as anonymous) to login without
   authentication, then the server should still send a "CHAL" response
   to get additional information about the person logging in.  The
   server may then choose to allow or disallow the login based on the



Clark                        Informational                      [Page 5]

RFC 1856               Opstat Client-Server Model           October 1995


   information returned in the AUTH response.

   An example of an invalid authentication type requested:

    >LOGIN "cow" "s/key"
    <CHAL "lo35098 98"
    >AUTH "COW DOG BARK CAT MOO MEOW"
    <110 "Login invalid"

    The server didn't support S/Key, but it made it appear to the user as
    if it did.  An example of an authentication failure:

    >LOGIN "dog" "securid"
    <CHAL "enter passcode"
    >AUTH "103945"
    <110 "Login invalid"

   The user gave the wrong number for SecurID authentication.  An
   example of a successful login:

    >LOGIN "cat" "password"
    <CHAL "send the dumb clear-text password"
    >AUTH "foobar"
    <910 "Login accepted"

    or

    >LOGIN "anonymous" "none"
    <CHAL "tell me who you are anyway"
    >AUTH "bessie@barn.farm.com"
    <910 "Login accepted"

    An example of a invalid username:

    >LOGIN "mule" "skey"
    <CHAL "78 lo39065"
    >AUTH "COW DOG FRED LOG COLD WAR"
    <110 "Login invalid"

   The server should have some type of logging mechanism to record  both
   successful  and unsuccessful login attempts for a system adminstrator
   to peruse.









Clark                        Informational                      [Page 6]

RFC 1856               Opstat Client-Server Model           October 1995


3.3  The EXIT Command

   The EXIT command disconnects a current user from the server.  The
   format of the EXIT command is:

   EXIT

   Note that upon reception of an EXIT command, the server must always
   close the connection, even if it would be appropriate to return an
   ERROR return code.

    A sample EXIT command:

    >EXIT
    <990 "OK, Bye now"

3.4  The SELECT Command

   The SELECT command is the function used to tag data for retrieval
   from the server.  The SELECT command has the format:

    SELECT-COM   ::=  SELECT <NETWORK> <DEVICE> <INTERFACE> <VARNAME>
                      <GRANULARITY> <START-DATE> <START-TIME> <END-DATE>
                      <END-TIME> <AGG> <SELECT-COND>

    NETWORK      ::=  <ASCII-STRING>

    DEVICE       ::=  <ASCII-STRING>
    INTERFACE    ::=  <ASCII-STRING>
    VARNAME      ::=  <ASCII-STRING>
    GRANULARITY  ::=  <ASCII-STRING>
    START-DATE   ::=  <DATE-TYPE>
    END-DATE     ::=  <DATE-TYPE>
    DATE-TYPE    ::=  YYYY-MM-YY
    START-TIME   ::=  <TIME-TYPE>
    END-TIME     ::=  <TIME-TYPE>
    TIME-TYPE    ::=  HH:MM:SS
    AGG          ::=  <AGG-TYPE> | NULL
    AGG-TYPE     ::=  TOTAL | PEAK
    SELECT-COND  ::=  <SELECT-STMT> | NULL
    SELECT-STMT  ::=  WITH DATA <COND-TYPE> <ASCII-STRING>
    COND-TYPE    ::=  LE | GE | EQ | NE | LT | GT

   If any conditional within the SELECT does not match existing data
   within the database (such as VARNAME, the S-DATE or E-DATE, or
   GRANULARITY), the server must return an ERROR (and hopefully a
   meaningful error message).  The time values must be specified in GMT,
   and hours are specified in the range from 0-23.  The granularity



Clark                        Informational                      [Page 7]

RFC 1856               Opstat Client-Server Model           October 1995


   should always be specified in seconds. A sample query might be:

      SELECT net rtr1 eth-0 ifInOctets 900 1992-01-01 00:00:00 1992-02-
      01 23:59:59

   which would select all data from network "net" device "rtr1"
   interface "eth-0" from Jan 1, 1992 @ 00:00:00 to Feb 1, 1992 @
   23:59:59.

   Note that if the client requests some type of aggregation to be
   performed upon the data, then the aggregation field specifies how to
   perform the aggregration (i.e., total or peak) and the granularity
   specifies to what interval (in seconds) to agggregate the data to.
   For more details about the granularity types, see [1].  If the server
   cannot perform the requested action, then it must return a 120 error.
   The server may, if it wishes, use other error codes in the range
   121-129 to convey more information about the specific error that
   occured.  In either case, its recommended that the server return
   ASCII text describing the error.

   Upon completion of the data lookup, the SELECT must return the an
   indication of whether the lookup was successful and (if the search
   was successful) the tag associated with that data.  If the lookup was
   successful, then information in the return code should be encoded as:

    920 " TAG <ASCII-STRING> "

   In this case, the use of the word TAG is used as a handle for the
   selected data on the server.  Note that this single handle may refer
   to one or more specific SNMP variables (refer to [1] for a further
   explanation).

   For example, if the tag "foobar" were assigned to the select example
   above, then the OK would be as:

    920 "TAG foobar"

   It is recommended that the return tag string be less than 10 bytes
   long (this gives many tag combinations), although the server (and
   client) should be capable of handling arbitrary length strings.
   There is no requirement that the TAG have any particular meaning and
   may be composed of arbitrary strings.

   The server must keep any internal information it needs during a
   session so that all SELECT tags can be processed by GET or other
   commands.  If a server doesn't have the resources to process the
   given SELECT, it must return an error message.




Clark                        Informational                      [Page 8]

RFC 1856               Opstat Client-Server Model           October 1995


   It is the responsibility of the client to store information about the
   data that a particular tag corresponds to, i.e., if the server had
   returned a tag "1234" for ifInOctet data for October 1993, then the
   client must store that information someplace as the variables which
   correspond to that tag cannot be retrieved from the server.

3.5  The STATUS Command

   The STATUS command shows the general state of the server plus listing
   all data sets which have been tagged via the SELECT command.  The
   STATUS command has no arguments.  The output from a STATUS command
   is:

    STATUS-DATA      ::=  <SERVER-STATUS> <SERVER-TAG-LIST>
    SERVER-STATUS    ::=  "STATUS= " <STATUS-FIELDS>
    STATUS-FIELDS    ::=  "OK" | "NOT-OK"
    SERVER-TAG-LIST  ::=  <SERVER-TAG> | NULL
    SERVER-TAG       ::=  "TAG" <TAG-ID> "SIZE" <NUMBER>

   The number returned in the SIZE field represents the number of octets
   of data represented by the particular TAG.  The server must return a
   931 message before the STATUS output starts, and a 932 message at the
   end of the STATUS output.  If any type of failure occurs, then a 130
   error messages must be sent.  If the server prefers, it may send a