rfc2272.txt

著名的RFC文档,其中有一些文档是已经翻译成中文的的.

   This section describes the procedures followed by an SNMP engine when
   generating and processing SNMP messages according to the SNMPv3
   Message Processing Model.

   Please note, that for the sake of clarity and to prevent the text
   from being even longer and more complicated, some details were
   omitted from the steps below.

      a) Some steps specify that when some error conditions are
         encountered when processing a received message, a message
         containing a Report PDU is generated and the received message
         is discarded without further processing.  However, a Report-PDU
         must not be generated unless the reportableFlag is set in the
         received message.

      b) The elements of procedure do not always explicitly indicate
         when state information needs to be released. The general rule
         is that if state information is available when a message is to
         be "discarded without further processing", then the state
         information must also be released at that same time.




Case, et. al.               Standards Track                    [Page 23]

RFC 2272               SNMPv3 Management Protocol           January 1998


7.1.  Prepare an Outgoing SNMP Message

   This section describes the procedure followed to prepare an SNMPv3
   message from the data elements passed by the Message Dispatcher.

   1) The Message Dispatcher may request that an SNMPv3 message
      containing a GetRequest-PDU, GetNextRequest-PDU, GetBulkRequest-
      PDU, SetRequest-PDU, InformRequest-PDU, or SNMPv2-Trap-PDU be
      prepared for sending.

      a) It makes such a request according to the abstract service
         primitive:

         statusInformation =           -- success or errorIndication
           prepareOutgoingMessage(
           IN   transportDomain        -- requested transport domain
           IN   transportAddress       -- requested destination address
           IN   messageProcessingModel -- typically, SNMP version
           IN   securityModel          -- Security Model to use
           IN   securityName           -- on behalf of this principal
           IN   securityLevel          -- Level of Security requested
           IN   contextEngineID        -- data from/at this entity
           IN   contextName            -- data from/in this context
           IN   pduVersion             -- version of the PDU
           IN   PDU                    -- SNMP Protocol Data Unit
           IN   expectResponse         -- TRUE or FALSE
           IN   sendPduHandle          -- the handle for matching
                                       -- incoming responses
           OUT  destTransportDomain    -- destination transport domain
           OUT  destTransportAddress   -- destination transport address
           OUT  outgoingMessage        -- the message to send
           OUT  outgoingMessageLength  -- the length of the message
           )

      b) A unique msgID is generated.  The number used for msgID should
         not have been used recently, and must not be the same as was
         used for any outstanding request.

         * SNMPv3 does not use the values of expectResponse or
         pduVersion.

   2) The Message Dispatcher may request that an SNMPv3 message
      containing a Response-PDU or Report-PDU be prepared for sending.

      a) It makes such a request according to the abstract service
         primitive:





Case, et. al.               Standards Track                    [Page 24]

RFC 2272               SNMPv3 Management Protocol           January 1998


         result =                        -- SUCCESS or FAILURE
         prepareResponseMessage(
          IN   messageProcessingModel   -- typically, SNMP version
          IN   securityModel            -- same as on incoming request
          IN   securityName             -- same as on incoming request
          IN   securityLevel            -- same as on incoming request
          IN   contextEngineID          -- data from/at this SNMP entity
          IN   contextName              -- data from/in this context
          IN   pduVersion               -- version of the PDU
          IN   PDU                      -- SNMP Protocol Data Unit
          IN   maxSizeResponseScopedPDU -- maximum size of Response PDU
          IN   stateReference           -- reference to state
                                        -- information presented with
                                        -- the request
          IN   statusInformation        -- success or errorIndication
                                        -- error counter OID and value
                                        -- when errorIndication
          OUT  transportDomain          -- destination transport domain
          OUT  transportAddress         -- destination transport address
          OUT  outgoingMessage          -- the message to send
          OUT  outgoingMessageLength    -- the length of the message
          )

      b) The cached information for the original request is retrieved
         via the stateReference, including

                  - msgID,
                  - contextEngineID,
                  - contextName,
                  - securityModel,
                  - securityName,
                  - securityLevel,
                  - securityStateReference,
                  - reportableFlag,
                  - transportDomain, and
                  - transportAddress.

         The SNMPv3 Message Processing Model does not allow cached data
         to be overridden, except by error indications as detailed in
         (3) below.

   3) If statusInformation contains values for an OID/value combination
      (potentially also containing a securityLevel value,
      contextEngineID value, or contextName value), then

      a) If reportableFlag is zero, then the original message is
         discarded, and no further processing is done. A result of
         FAILURE is returned. SNMPv3 Message Processing is complete.



Case, et. al.               Standards Track                    [Page 25]

RFC 2272               SNMPv3 Management Protocol           January 1998


      b) If a PDU is provided, it is the PDU from the original request.
         If possible, extract the request-id.

      c) A Report PDU is prepared:

         1) the varBindList is set to contain the OID and value from the
            statusInformation

         2) error-status is set to 0

         3) error-index is set to 0.

         4) request-id is set to the value extracted in step b)
            Otherwise, request-id is set to 0

      d) The errorIndication in statusInformation may be accompanied by
         a securityLevel value, a contextEngineID value, or a
         contextName value.

         1) If statusInformation contains a value for securityLevel,
            then securityLevel is set to that value, otherwise it is set
            to noAuthNoPriv.

         2) If statusInformation contains a value for contextEngineID,
            then contextEngineID is set to that value, otherwise it is
            set to the value of this entity's snmpEngineID.

         3) If statusInformation contains a value for contextName, then
            contextName is set to that value, otherwise it is set to the
            default context of "" (zero-length string).

      e) PDU is set to refer to the new Report-PDU.  The old PDU is
         discarded.

      f) Processing continues with step 6) below.

   4) If contextEngineID is not yet determined, then the contextEngineID
      is determined, in an implementation-dependent manner, possibly
      using the transportDomain and transportAddress.

   5) If the contextName is not yet determined, the contextName is set
      to the default context.

   6) A scopedPDU is prepared from the contextEngineID, contextName, and
      PDU.






Case, et. al.               Standards Track                    [Page 26]

RFC 2272               SNMPv3 Management Protocol           January 1998


   7) msgGlobalData is constructed as follows

      a) The msgVersion field is set to snmpv3(3).

      b) msgID is set as determined in step 1 or 2 above.

      c) msgMaxSize is set to an implementation-dependent value.

      d) msgFlags are set as follows:

         -  If securityLevel specifies noAuthNoPriv, then authFlag and
            privFlag are both set to zero.

         -  If securityLevel specifies authNoPriv, then authFlag is set
            to one and privFlag is set to zero.

         -  If securityLevel specifies authPriv, then authFlag is set to
            one and privFlag is set to one.

         -  If the PDU is a Response-PDU, Report-PDU or SNMPv2-Trap-PDU,
            then the reportableFlag is set to zero.

         -  If the PDU is a GetRequest-PDU, GetNextRequest-PDU,
            GetBulkRequest-PDU, SetRequest-PDU, or InformRequest-PDU
            then the reportableFlag is set to one.

         -  All other msgFlags bits are set to zero.

      e) msgSecurityModel is set to the value of securityModel

   8) If the PDU is a Response-PDU or Report-PDU, then

      a) The specified Security Model is called to generate the message
         according to the primitive:

         statusInformation =
           generateResponseMsg(
           IN   messageProcessingModel -- SNMPv3 Message Processing
                                       -- Model
           IN   globalData             -- msgGlobalData from step 7
           IN   maxMessageSize         -- from msgMaxSize (step 7c)
           IN   securityModel          -- as determined in step 7e
           IN   securityEngineID       -- the value of snmpEngineID
           IN   securityName           -- on behalf of this principal
           IN   securityLevel          -- for the outgoing message
           IN   scopedPDU              -- as prepared in step 6)
           IN   securityStateReference -- as determined in step 2
           OUT  securityParameters     -- filled in by Security Module



Case, et. al.               Standards Track                    [Page 27]

RFC 2272               SNMPv3 Management Protocol           January 1998


           OUT  wholeMsg               -- complete generated message
           OUT  wholeMsgLength         -- length of generated message
           )

         If, upon return from the Security Model, the statusInformation
         includes an errorIndication, then any cached information about
         the outstanding request message is discarded, and an
         errorIndication is returned, so it can be returned to the
         calling application. SNMPv3 Message Processing is complete.

      b) A SUCCESS result is returned. SNMPv3 Message Processing is
         complete.

   9) If the PDU is a GetRequest-PDU, GetNextRequest-PDU,
      GetBulkRequest-PDU, SetRequest-PDU, InformRequest-PDU, or or
      SNMPv2-Trap-PDU, then

      a) If the PDU is an SNMPv2-Trap-PDU, then securityEngineID is set
         to the value of this entity's snmpEngineID.

         Otherwise, the snmpEngineID of the target entity is determined,
         in an implementation-dependent manner, possibly using
         transportDomain and transportAddress.  The value of
         securityEngineID is set to the value of the target entity's
         snmpEngineID.

      b) The specified Security Model is called to generate the message
         according to the primitive:

         statusInformation =
          generateRequestMsg(
          IN  messageProcessingModel -- SNMPv3 Message Processing Model
          IN  globalData             -- msgGlobalData, from step 7
          IN  maxMessageSize         -- from msgMaxSize in step 7 c)
          IN  securityModel          -- as provided by caller
          IN  securityEngineID       -- authoritative SNMP entity
          IN  securityName           -- as provided by caller
          IN  securityLevel          -- as provided by caller
          IN  snmpEngineID           -- as determined in step 9 a)
          IN  scopedPDU              -- as prepared in step 6
          OUT securityParameters     -- filled in by Security Module
          OUT wholeMsg               -- complete generated message
          OUT wholeMsgLength         -- length of the generated message
          )







Case, et. al.               Standards Track                    [Page 28]

RFC 2272               SNMPv3 Management Protocol           January 1998


         If, upon return from the Security Model, the statusInformation
         includes an errorIndication, then the mess