📄 rfc2959.txt
字号:
OBJECT rtpSessionIfIndex
最低访问限制 只读
说明
“行的创建与删除是可选的,因而该对象的读/创建操作也是可选的。”
OBJECT rtpSessionRowStatus
最低访问限制 不可访问
说明
“行的创建与删除是可选的,因而该对象的读/创建操作也是可选的。”
OBJECT rtpSessionInverseStartTime
最低访问限制 不可访问
说明
“多点传送RTP系统应实现该可选表。”
OBJECT rtpSenderInverseStartTime
最低访问限制不可访问
说明
“多点传送RTP系统应实现该可选表。”
OBJECT rtpRcvrInverseStartTime
最低访问限制不可访问
说明
“多点传送RTP系统应实现该可选表。”
::= { rtpCompliances 1 }
rtpMonitorCompliance MODULE-COMPLIANCE
状态 当前
说明
“监视器应用必须遵循。不要求RTP监视器支持创建和删除。”
MODULE RTP-MIB
MANDATORY-GROUPS {
rtpSystemGroup,
rtpMonitorGroup
}
GROUP rtpHostGroup
说明
“监视器应用可能无法访问rtpHostGroup的值。”
GROUP rtpInverseGroup
说明
“多点传送RTP系统应实现该可选表。”
OBJECT rtpSessionLocAddr
最低访问限制 不可访问
说明
“RTP监视器追踪RTP或者RTCP包的来源是可选的,因而该对象的应用也是可选的。”
OBJECT rtpRcvrPT
最低访问限制 不可访问
说明
“RTP监视器可能不支持从RTP头中访问RTP由载荷类型(仅仅接收RTCP消息)。用于获取有效载荷类型信息。”
OBJECT rtpSenderPT
最低访问限制 不可访问
说明
"RTP monitor systems may not support
retrieval of the RTP Payload Type from the RTP
header (and may receive RTCP messages only). When
queried for the payload type information."
OBJECT rtpRcvrOctets
最低访问限制 不可访问
说明
“RTP监视器可能只接收RTCP消息,而不接收包含8位字节个数的RTP消息,因而该对象的应用是可选的。”
OBJECT rtpRcvrPackets
最低访问限制 不可访问
说明
“RTP监视器可能只接收RTCP消息,而不接收包含8位字节个数的RTP消息,因而该对象的应用是可选的。”
OBJECT rtpSessionIfIndex
最低访问限制 不可访问
说明
“行的创建和删除是可选的,因而该对象的读/创建访问也是可选的。”
OBJECT rtpSessionInverseStartTime
最低访问限制 不可访问
说明
“多点传送RTP系统应实现这个可选的表。”
OBJECT rtpSenderInverseStartTime
最低访问限制 不可访问
说明
“多点传送RTP系统应实现这个可选的表。”
OBJECT rtpRcvrInverseStartTime
最低访问限制 不可访问
说明
“多点传送RTP系统应实现这个可选的表。”
::= { rtpCompliances 2 }
END
4. 安全考虑(Security Considerations)
大多数情况下,MIB本身没有安全性风险;如果计划处理SNMP的安全性,查看系统的信息或者修改系统的某些参数时,MIB是一个工具而不是一个威胁。不过本MIB定义的管理对象中,由几个带有标明读写和/或读-创建的最高访问限制子句。这些对象可能被认为在某些网络环境下是敏感的或者说容易受到攻击。在不安全的、缺乏适当保护的环境下,对SET操作的支持可能对网络操作带来负面的影响。
本MIB中没有一个只读对象会报告密码,尽管一些SDES[RFC1889]项如CANME——规范名——可能被认为敏感地依赖于某个特定公司的安全策略。如果没有适宜的访问控制策略限制对这些对象的访问,这些对象可能造成对系统配置信息和系统服务的攻击。有些企业既查看网络和系统配置,又浏览使用和性能的信息,甚至还有企业的资产状况,这样的企业可能会希望限制对MIB中大部分对象的SNMP访问。本MIB支持对rtpSessionNewIndex的读写操作,带来的副作用是在对该项进行写操作时,需要在表rtpSessionTable中创建相应的条目。rtpSessionEntry中有5个对象可以进行读/创建访问:rtpSessionDomain、 rtpSessionRemAddr、 rtpSessionIfIndex、rtpSessionRowStatus、和rtpSessionIfAddr确定了在特定界面上(interface)监视的一个RTP会话。这些对象的值一经创建就不能改变,对这些对象的初始化仅仅影响对会话的监视,而不影响主机终端系统对RTP会话的操作。因为rtpSessionNewIndex的写操作和rtpSessionEntry中的5个对象影响监视器的操作,对这些对象的写操作应该遵从适宜的访问控制策略。
RTP和RTCP数据包的机密性在RTP规范[RTP1899]中的节9中定义。可以对RTP包或者RTCP包加密,也可以对二者都加密。对RTCP包加密可能对第三方监视器带来问题,尽管“对于RTCP,允许把混合RTCP包分解成两个低层的包,一个加密而另一个明文发送。比如,可以把SDES信息加密,而接受报告则以明文发送以适应第三方监视器[RFC1889]。”
SNMPv1本身不是一个安全的环境。即使网络本身是可靠的(比如使用了IPSec),仍然没有这样的控制,以许可这个安全的网络上的某人访问并读写(GET/SET)MIB中的对象。建议应用者考虑SNMPv3框架提供的安全特性。特别推荐使用基于用户的安全模型[RFC2574]和基于视图的访问控制模型[RFC2575]。最后,消费者/用户有责任保证用于访问本MIB实例的SNMP实体必须正确设置,以保证只有那些具有合法权限的主要用户才能访问这些对象并真正地读取(GET)或设定(SET)——更新、创建、删除——这些对象。
5. 致谢(Acknowledgements)
笔者感谢Bert Wijnen和来自ITU SG-16管理计划的同仁,他们提出了很好的建议。Intel公司的Alan Batie和Bill Lewis也为RTP MIB作出了巨大的贡献,他们审阅了多份MIB草案并致力于SNMP RTP监视器的实现。3Com的Stan Naudus 和Intel的 John Du为RTP MIB的最初设计作出了贡献,他们也参与了RTP MIB最初草案的写作;他们的工作仍然体现在现在的RTP MIB版本中。Bill Fenner为最终文本的完善提供了极好的资料。
6. 知识产权(Intellectual Property)
The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; neither does it represent that it
has made any effort to identify any such rights. Information on the
IETF's procedures with respect to rights in standards-track and
standards-related documentation can be found in BCP-11. Copies of
claims of rights made available for publication and any assurances of
licenses to be made available, or the result of an attempt made to
obtain a general license or permission for the use of such
proprietary rights by implementors or users of this specification can
be obtained from the IETF Secretariat.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights which may cover technology that may be required to practice
this standard. Please address the information to the IETF Executive
Director.
7. 引用(References)
[RFC1889] Shulzrinne, H., Casner, S., Frederick, R. and V.
Jacobson, "RTP: A Transport Protocol for real-time
applications," RFC 1889, January 1996.
[RFC2571] Harrington, D., Presuhn, R. and B. Wijnen, "An
Architecture for Describing SNMP Management Frameworks",
RFC 2571, April 1999.
[RFC1155] Rose, M. and K. McCloghrie, "Structure and Identification
of Management Information for TCP/IP-based Internets",
STD 16, RFC 1155, May 1990.
[RFC1212] Rose, M. and K. McCloghrie, "Concise MIB Definitions",
STD 16, RFC 1212, March 1991.
[RFC1215] Rose, M., "A Convention for Defining Traps for use with
the SNMP", RFC 1215, March 1991.
[RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
Rose, M. and S. Waldbusser, "Structure of Management
Information Version 2 (SMIv2)", STD 58, RFC 2578, April
1999.
[RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
Rose, M. and S. Waldbusser, "Textual Conventions for
SMIv2", STD 58, RFC 2579, April 1999.
[RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
Rose, M. and S. Waldbusser, "Conformance Statements for
SMIv2", STD 58, RFC 2580, April 1999.
[RFC1157] Case, J., Fedor, M., Schoffstall, M. and J. Davin,
"Simple Network Management Protocol", STD 15, RFC 1157,
May 1990.
[RFC1901] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser,
"Introduction to Community-based SNMPv2", RFC 1901,
January 1996.
[RFC1906] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser,
"Transport Mappings for Version 2 of the Simple Network
Management Protocol (SNMPv2)", RFC 1906, January 1996.
[RFC2572] Case, J., Harrington D., Presuhn R. and B. Wijnen,
"Message Processing and Dispatching for the Simple
Network Management Protocol (SNMP)", RFC 2572, April
1999.
[RFC2574] Blumenthal, U. and B. Wijnen, "User-based Security Model
(USM) for version 3 of the Simple Network Management
Protocol (SNMPv3)", RFC 2574, April 1999.
[RFC1905] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser,
"Protocol Operations for Version 2 of the Simple Network
Management Protocol (SNMPv2)", RFC 1905, January 1996.
[RFC2573] Levi, D., Meyer, P. and B. Stewart, "SNMPv3
Applications", RFC 2573, April 1999.
[RFC2575] Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based
Access Control Model (VACM) for the Simple Network
Management Protocol (SNMP)", RFC 2575, April 1999.
[RFC2570] Case, J., Mundy, R., Partain, D. and B. Stewart,
"Introduction to Version 3 of the Internet-standard
Network
Management Framework", RFC 2570, April 1999.
8. 作者地址(Authors' Addresses)
Mark Baugher
Intel Corporation
2111 N.E.25th Avenue
Hillsboro, Oregon 97124
U.S.A.
EMail: mbaugher@passedge.com
Bill Strahm
Intel Corporation
2111 N.E.25th Avenue
Hillsboro, Oregon 97124
U.S.A.
EMail: Bill.Strahm@intel.com
Irina Suconick
Ennovate Networks
60 Codman Hill Rd.,
Boxboro, Ma 01719
U.S.A.
EMail: irina@ennovatenetworks.com
9. 版权声明
Copyright (C) The Internet Society (2000). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
感谢
Funding for the RFC Editor function is currently provided by the
Internet Society.
RFC2959 Real-Time Transport Protocol Management Information Base
RFC2959实时传输协议管理信息库
1
2
RFC文档中文翻译计划
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -