rfc2452.txt

著名的RFC文档,其中有一些文档是已经翻译成中文的的.


RFC 2452                    TCP MIB for IPv6               December 1998


         (ipv6TcpConnLocalAddress) is not a link-local address, this
         object identifies a local interface on the same link as
         the connection's remote link-local address.

         Otherwise, this object identifies the local interface that
         is associated with the ipv6TcpConnLocalAddress for this
         TCP connection.  If such a local interface cannot be determined,
         this object should take on the value 0.  (A possible example
         of this would be if the value of ipv6TcpConnLocalAddress is ::0.)

         The interface identified by a particular non-0 value of this
         index is the same interface as identified by the same value
         of ipv6IfIndex.

         The value of this object must remain constant during the life
         of the TCP connection."
   ::= { ipv6TcpConnEntry 5 }

ipv6TcpConnState OBJECT-TYPE
   SYNTAX     INTEGER {
        closed(1),
        listen(2),
        synSent(3),
        synReceived(4),
        established(5),
        finWait1(6),
        finWait2(7),
        closeWait(8),
        lastAck(9),
        closing(10),
        timeWait(11),
        deleteTCB(12) }
   MAX-ACCESS read-write
   STATUS     current
   DESCRIPTION
        "The state of this TCP connection.

         The only value which may be set by a management station is
         deleteTCB(12).  Accordingly, it is appropriate for an agent
         to return an error response (`badValue' for SNMPv1, 'wrongValue'
         for SNMPv2) if a management station attempts to set this
         object to any other value.

         If a management station sets this object to the value
         deleteTCB(12), then this has the effect of deleting the TCB
         (as defined in RFC 793) of the corresponding connection on
         the managed node, resulting in immediate termination of the
         connection.



Daniele                     Standards Track                     [Page 6]

RFC 2452                    TCP MIB for IPv6               December 1998


         As an implementation-specific option, a RST segment may be
         sent from the managed node to the other TCP endpoint (note
         however that RST segments are not sent reliably)."
   ::= { ipv6TcpConnEntry 6 }

--
-- conformance information
--

ipv6TcpConformance OBJECT IDENTIFIER ::= { ipv6TcpMIB 2 }

ipv6TcpCompliances OBJECT IDENTIFIER ::= { ipv6TcpConformance 1 }
ipv6TcpGroups      OBJECT IDENTIFIER ::= { ipv6TcpConformance 2 }

-- compliance statements

ipv6TcpCompliance MODULE-COMPLIANCE
   STATUS  current
   DESCRIPTION
        "The compliance statement for SNMPv2 entities which
         implement TCP over IPv6."
   MODULE  -- this module
   MANDATORY-GROUPS { ipv6TcpGroup }
   ::= { ipv6TcpCompliances 1 }

ipv6TcpGroup OBJECT-GROUP
   OBJECTS   { -- these are defined in this module
               -- ipv6TcpConnLocalAddress (not-accessible)
               -- ipv6TcpConnLocalPort (not-accessible)
               -- ipv6TcpConnRemAddress (not-accessible)
               -- ipv6TcpConnRemPort (not-accessible)
               -- ipv6TcpConnIfIndex (not-accessible)
               ipv6TcpConnState }
   STATUS    current
   DESCRIPTION
        "The group of objects providing management of
         TCP over IPv6."
   ::= { ipv6TcpGroups 1 }

END











Daniele                     Standards Track                     [Page 7]

RFC 2452                    TCP MIB for IPv6               December 1998


7.  Acknowledgments

   This memo is a product of the IPng work group, and benefited
   especially from the contributions of the following working group
   members:

      Dimitry Haskin          Bay Networks
      Margaret Forsythe       Epilogue
      Tim Hartrick            Mentat
      Frank Solensky          FTP
      Jack McCann             DEC

8.  References

   [1]           Information processing systems - Open Systems
                 Interconnection - Specification of Abstract Syntax
                 Notation One (ASN.1), International Organization for
                 Standardization.  International Standard 8824,
                 (December, 1987).

   [2]           McCloghrie, K., Editor, "Structure of Management
                 Information for version 2 of the Simple Network
                 Management Protocol (SNMPv2)", RFC 1902, January 1996.

   [TCP MIB]     SNMPv2 Working Group, McCloghrie, K., Editor, "SNMPv2
                 Management Information Base for the Transmission
                 Control Protocol using SMIv2", RFC 2012, November 1996.

   [IPV6 MIB TC] Haskin, D., and S. Onishi, "Management Information
                 Base for IP Version 6: Textual Conventions and General
                 Group", RFC 2465, December 1998.

   [IPV6]        Deering, S., and R. Hinden, "Internet Protocol, Version
                 6 (IPv6) Specification", RFC 2460, December 1998.

   [RFC2274]     Blumenthal, U., and B. Wijnen, "The User-Based Security
                 Model for Version 3 of the Simple Network Management
                 Protocol (SNMPv3)", RFC 2274, January 1998.

   [RFC2275]     Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based
                 Access Control Model for the Simple Network Management
                 Protocol (SNMP)", RFC 2275, January 1998.

9.  Security Considerations

   This MIB contains a management object that has a MAX-ACCESS clause of
   read-write and/or read-create.  In particular, it is possible to
   delete individual TCP control blocks (i.e., connections).



Daniele                     Standards Track                     [Page 8]

RFC 2452                    TCP MIB for IPv6               December 1998


   Consequently, anyone having the ability to issue a SET on this object
   can impact the operation of the node.

   There are a number of managed objects in this MIB that may be
   considered to contain sensitive information in some environments.
   For example, the MIB identifies the active TCP connections on the
   node.  Although this information might be considered sensitive in
   some environments (i.e., to identify ports on which to launch
   denial-of-service or other attacks), there are already other ways of
   obtaining similar information.  For example, sending a random TCP
   packet to an unused port prompts the generation of a TCP reset
   message.

   Therefore, it may be important in some environments to control read
   and/or write access to these objects and possibly to even encrypt the
   values of these object when sending them over the network via SNMP.
   Not all versions of SNMP provide features for such a secure
   environment.  SNMPv1 by itself does not provide encryption or strong
   authentication.

   It is recommended that the implementors consider the security
   features as provided by the SNMPv3 framework.  Specifically, the use
   of the User-based Security Model [RFC2274] and the View-based Access
   Control Model [RFC2275] is recommended.

   It is then a customer/user responsibility to ensure that the SNMP
   entity giving access to an instance of this MIB, is properly
   configured to give access to those objects only to those principals
   (users) that have legitimate rights to access them.

10. Author's Address

   Mike Daniele
   Compaq Computer Corporation
   110 Spit Brook Rd
   Nashua, NH 03062

   Phone: +1-603-884-1423
   EMail: daniele@zk3.dec.com












Daniele                     Standards Track                     [Page 9]

RFC 2452                    TCP MIB for IPv6               December 1998


11.  Full Copyright Statement

   Copyright (C) The Internet Society (1998).  All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works.  However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assigns.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
























Daniele                     Standards Track                    [Page 10]