rfc3413.txt

开发snmp的开发包有两个开放的SNMP开发库

       value from the original forwarded request (as extracted from the
       cache).  All other values are identical to those in the received
       Response-Class PDU, unless the incoming SNMP version and the
       outgoing SNMP version support different PDU versions, in which
       case the proxy forwarder may need to perform a translation on the
       PDU.  (A method for performing such a translation is described in
       [RFC2576].)

   (4) The proxy forwarder calls the Dispatcher using the
       returnResponsePdu abstract service interface.  Parameters are:

       - The messageProcessingModel indicates the Message Processing
         Model by which the original incoming message was processed.

       - The securityModel is that of the original incoming management
         target extracted from the cache.

       - The securityName is that of the original incoming management
         target extracted from the cache.

       - The securityLevel is that of the original incoming management
         target extracted from the cache.

       - The contextEngineID is the value extracted from the cache.

       - The contextName is the value extracted from the cache.

       - The pduVersion indicates the version of the PDU to be returned.

       - The PDU is the (possibly translated) Response PDU.



Levi, et. al.               Standards Track                    [Page 24]

RFC 3413                   SNMP Applications               December 2002


       - The maxSizeResponseScopedPDU is a local value indicating the
         maximum size of a ScopedPDU that the application can accept.

       - The stateReference is the value extracted from the cache.

       - The statusInformation indicates that no error occurred and that
         a Response PDU message should be generated.

3.5.1.3. Processing an Incoming Internal-Class PDU

   A proxy forwarder follows the following procedure when an incoming
   Internal-Class PDU is received:

   (1) The incoming Internal-Class PDU is received using the
       processResponsePdu interface.  The proxy forwarder uses the
       received parameters to locate an entry in its cache of pending
       forwarded requests.  This is done by matching the received
       parameters with the cached values of sendPduHandle.  If an
       appropriate cache entry cannot be found, processing of the
       Internal-Class PDU is halted.  Otherwise:

   (2) The cache information is extracted, and removed from the cache.

   (3) If the original incoming management target information indicates
       an SNMP version which does not support Report PDUs, processing of
       the Internal-Class PDU is halted.

   (4) The proxy forwarder calls the Dispatcher using the
       returnResponsePdu abstract service interface.  Parameters are:

       - The messageProcessingModel indicates the Message Processing
         Model by which the original incoming message was processed.

       - The securityModel is that of the original incoming management
         target extracted from the cache.

       - The securityName is that of the original incoming management
         target extracted from the cache.

       - The securityLevel is that of the original incoming management
         target extracted from the cache.

       - The contextEngineID is the value extracted from the cache.

       - The contextName is the value extracted from the cache.

       - The pduVersion indicates the version of the PDU to be returned.




Levi, et. al.               Standards Track                    [Page 25]

RFC 3413                   SNMP Applications               December 2002


       - The PDU is unused.

       - The maxSizeResponseScopedPDU is a local value indicating the
         maximum size of a ScopedPDU that the application can accept.

       - The stateReference is the value extracted from the cache.

       - The statusInformation contains values specific to the
         Internal-Class PDU type (for example, for a Report PDU, the
         statusInformation contains the contextEngineID, contextName,
         counter OID, and counter value received in the incoming Report
         PDU).

3.5.2. Notification Forwarding

   A proxy forwarder receives notifications in the same manner as a
   notification receiver application, using the processPdu abstract
   service interface.  The following procedure is used when a
   notification is received:

   (1) The incoming management target information received from the
       processPdu interface is translated into outgoing management
       target information.  Note that this translation may vary for
       different values of contextEngineID and/or contextName.  The
       translation may result in multiple management targets.

   (2) If appropriate outgoing management target information cannot be
       found and the notification was an Unconfirmed-Class PDU,
       processing of the notification is halted.  If appropriate
       outgoing management target information cannot be found and the
       notification was a Confirmed-Class PDU, the proxy forwarder
       increments the snmpProxyDrops object, and calls the Dispatcher
       using the returnResponsePdu abstract service interface.  The
       parameters are:

       - The messageProcessingModel is the value from the processPdu
         call.

       - The securityModel is the value from the processPdu call.

       - The securityName is the value from the processPdu call.

       - The securityLevel is the value from the processPdu call.

       - The contextEngineID is the value from the processPdu call.

       - The contextName is the value from the processPdu call.




Levi, et. al.               Standards Track                    [Page 26]

RFC 3413                   SNMP Applications               December 2002


       - The pduVersion is the value from the processPdu call.

       - The PDU is an undefined and unused value.

       - The maxSizeResponseScopedPDU is a local value indicating the
         maximum size of a ScopedPDU that the application can accept.

       - The stateReference is the value from the processPdu call.

       - The statusInformation indicates that an error occurred and that
         a Report message should be generated.

         Processing of the message stops at this point.  Otherwise,

   (3) The proxy forwarder generates a notification using the procedures
       described in the preceding section on Notification Originators,
       with the following exceptions:

       - The contextEngineID and contextName values from the original
         received notification are used.

       - The outgoing management targets previously determined are used.

       - No filtering mechanisms are applied.

       - The variable-bindings from the original received notification
         are used, rather than retrieving variable-bindings from local
         MIB instrumentation.  In particular, no access-control is
         applied to these variable-bindings, nor to the value of the
         variable-binding containing snmpTrapOID.0.

       - If the original notification contains a Confirmed-Class PDU,
         then any outgoing management targets for which the outgoing
         SNMP version does not support any PDU types that are both
         Notification-Class and Confirmed-Class PDUs will not be used
         when generating the forwarded notifications.

       - If, for any of the outgoing management targets, the incoming
         SNMP version and the outgoing SNMP version support different
         PDU versions, the proxy forwarder may need to perform a
         translation on the PDU.  (A method for performing such a
         translation is described in [RFC2576].)

   (4) If the original received notification contains an
       Unconfirmed-Class PDU, processing of the notification is now
       completed.  Otherwise, the original received notification must
       contain Confirmed-Class PDU, and processing continues.




Levi, et. al.               Standards Track                    [Page 27]

RFC 3413                   SNMP Applications               December 2002


   (5) If the forwarded notifications included any Confirmed-Class PDUs,
       processing continues when the procedures described in the section
       for Notification Originators determine that either:

       - None of the generated notifications containing Confirmed-Class
         PDUs have been successfully acknowledged within the longest of
         the time intervals, in which case processing of the original
         notification is halted, or,

       - At least one of the generated notifications containing
         Confirmed-Class PDUs is successfully acknowledged, in which
         case a response to the original received notification
         containing an Confirmed-Class PDU is generated as described in
         the following steps.

   (6) A Response-Class PDU is constructed, using the values of
       request-id and variable-bindings from the original received
       Notification-Class PDU, and error-status and error-index values
       of 0.

   (7) The Dispatcher is called using the returnResponsePdu abstract
       service interface.  Parameters are:

       - The messageProcessingModel is the value from the processPdu
         call.

       - The securityModel is the value from the processPdu call.

       - The securityName is the value from the processPdu call.

       - The securityLevel is the value from the processPdu call.

       - The contextEngineID is the value from the processPdu call.

       - The contextName is the value from the processPdu call.

       - The pduVersion indicates the version of the PDU constructed in
         step (6) above.

       - The PDU is the value constructed in step (6) above.

       - The maxSizeResponseScopedPDU is a local value indicating the
         maximum size of a ScopedPDU that the application can accept.

       - The stateReference is the value from the processPdu call.

       - The statusInformation indicates that no error occurred and that
         a Response-Class PDU message should be generated.



Levi, et. al.               Standards Track                    [Page 28]

RFC 3413                   SNMP Applications               December 2002


4. The Structure of the MIB Modules

   There are three separate MIB modules described in this document, the
   management target MIB, the notification MIB, and the proxy MIB.  The
   following sections describe the structure of these three MIB modules.

   The use of these MIBs by particular types of applications is
   described later in this document:

   - The use of the management target MIB and the notification MIB in
     notification originator applications is described in section 5.

   - The use of the notification MIB for filtering notifications in
     notification originator applications is described in section 6.

   - The use of the management target MIB and the proxy MIB in proxy
     forwarding applications is described in section 7.

4.1. The Management Target MIB Module

   The SNMP-TARGET-MIB module contains objects for defining management
   targets.  It consists of two tables and conformance/compliance
   statements.

   The first table, the snmpTargetAddrTable, contains information about
   transport domains and addresses.  It also contains an object,
   snmpTargetAddrTagList, which provides a mechanism for grouping
   entries.

   The second table, the snmpTargetParamsTable, contains information
   about SNMP version and security information to be used when sending
   messages to particular transport domains and addresses.

   The Management Target MIB is intended to provide a general-purpose
   mechanism for specifying transport address, and for specifying
   parameters of SNMP messages generated by an SNMP entity.  It is used
   within this document for generation of notifications and for proxy
   forwarding.  However, it may be used for other purposes.  If another
   document makes use of this MIB, that document is responsible for
   specifying how it is used.  For example, [RFC2576] uses this MIB for
   source address validation of SNMPv1 messages.

4.1.1. Tag Lists

   The snmpTargetAddrTagList object is used for grouping entries in the
   snmpTargetAddrTable.  The value of this object contains a list of tag
   values which are used to select target addresses to be used for a
   particular operation.



Levi, et. al.               Standards Track                    [Page 29]

RFC 3413                   SNMP Applications               December 2002


   A tag value, which may also be used in MIB objects other than
   snmpTargetAddrTagList, is an arbitrary string of octets, but may not
   contain a delimiter character.  Delimiter characters are defined to
   be one of the following characters:

   - An ASCII space character (0x20).

   - An ASCII TAB character (0x09).

   - An ASCII carriage return (CR) characte