3567N/ACORE-MIB DEFINITIONS ::= BEGIN
3349N/A internet OBJECT IDENTIFIER ::= { iso(1) org(3) dod(6) 1 }
3349N/A directory OBJECT IDENTIFIER ::= { internet 1 }
3349N/A mgmt OBJECT IDENTIFIER ::= { internet 2 }
3349N/A experimental OBJECT IDENTIFIER ::= { internet 3 }
3349N/A private OBJECT IDENTIFIER ::= { internet 4 }
3349N/A enterprises OBJECT IDENTIFIER ::= { private 1 }
3349N/A security OBJECT IDENTIFIER ::= { internet 5 }
3349N/A snmpV2 OBJECT IDENTIFIER ::= { internet 6 }
3349N/A snmpDomains OBJECT IDENTIFIER ::= { snmpV2 1 }
3349N/A snmpProxys OBJECT IDENTIFIER ::= { snmpV2 2 }
3349N/A snmpModules OBJECT IDENTIFIER ::= { snmpV2 3 }
3349N/A mib-2 OBJECT IDENTIFIER ::= { mgmt 1 }
3349N/A -- The status of a table entry.
3349N/A -- Setting this object to the value invalid(4) has the
3349N/A -- effect of invalidating the corresponding entry.
3349N/A -- That is, it effectively disassociates the mapping
3349N/A -- identified with said entry.
3349N/A -- It is an implementation-specific matter as to whether
3349N/A -- the agent removes an invalidated entry from the table.
3349N/A -- Accordingly, management stations must be prepared to
3349N/A -- receive tabular information from agents that corresponds
3349N/A -- to entries currently not in use. Proper
3349N/A -- interpretation of such entries requires examination
3349N/A -- of the relevant EntryStatus object.
3349N/A -- An existing instance of this object cannot be set to
3349N/A -- createRequest(2). This object may only be set to
3349N/A -- createRequest(2) when this instance is created. When
3349N/A -- this object is created, the agent may wish to create
3349N/A -- supplemental object instances to complete a conceptual
3349N/A -- row in this table. Immediately after completing the
3349N/A -- create operation, the agent must set this object to
3349N/A -- Entries shall exist in the underCreation(3) state until
3349N/A -- the management station is finished configuring the
3349N/A -- entry and sets this object to valid(1) or aborts,
3349N/A -- setting this object to invalid(4). If the agent
3349N/A -- determines that an entry has been in the
3349N/A -- underCreation(3) state for an abnormally long time,
3349N/A -- it may decide that the management station has
3349N/A -- crashed. If the agent makes this decision,
3349N/A -- it may set this object to invalid(4) to reclaim the
3349N/A -- entry. A prudent agent will understand that the
3349N/A -- management station may need to wait for human input
3349N/A -- and will allow for that possibility in its
3349N/A -- determination of this abnormally long period.
3349N/A [APPLICATION 0] -- in network-byte order
3349N/A IMPLICIT OCTET STRING (SIZE (4))
3349N/A IMPLICIT INTEGER (0..4294967295)
3349N/A IMPLICIT INTEGER (0..18446744073709551615)
3349N/A IMPLICIT INTEGER (0..4294967295)
3349N/A IMPLICIT INTEGER (0..4294967295)
3349N/A IMPLICIT INTEGER (0..4294967295)
3349N/A [APPLICATION 4] -- arbitrary ASN.1 value,
3349N/A IMPLICIT OCTET STRING -- "double-wrapped"
3349N/A---------------------------------------------------
3349N/A-- from RFC 1903: Textual Conventions for SNMPv2 --
3349N/A---------------------------------------------------
3349N/ADisplayString ::= TEXTUAL-CONVENTION
3349N/A "Represents textual information taken from the NVT ASCII
3349N/A character set, as defined in pages 4, 10-11 of RFC 854.
3349N/A To summarize RFC 854, the NVT ASCII repertoire specifies:
3349N/A - the use of character codes 0-127 (decimal)
3349N/A - the graphics characters (32-126) are interpreted as
3349N/A - NUL, LF, CR, BEL, BS, HT, VT and FF have the special
3349N/A meanings specified in RFC 854
3349N/A - the other 25 codes have no standard interpretation
3349N/A - the sequence 'CR LF' means newline
3349N/A - the sequence 'CR NUL' means carriage-return
3349N/A - an 'LF' not preceded by a 'CR' means moving to the
3349N/A same column on the next line.
3349N/A - the sequence 'CR x' for any x other than LF or NUL is
3349N/A illegal. (Note that this also means that a string may
3349N/A end with either 'CR LF' or 'CR NUL', but not with CR.)
3349N/A Any object defined using this syntax may not exceed 255
3349N/A SYNTAX OCTET STRING (SIZE (0..255))
3349N/APhysAddress ::= TEXTUAL-CONVENTION
3349N/A "Represents media- or physical-level addresses."
3349N/AMacAddress ::= TEXTUAL-CONVENTION
3349N/A "Represents an 802 MAC address represented in the
3349N/A `canonical' order defined by IEEE 802.1a,
i.e., as if it
3349N/A were transmitted least significant bit first, even though
3349N/A 802.5 (in contrast to other
802.x protocols) requires MAC
3349N/A addresses to be transmitted most significant bit first."
3349N/A SYNTAX OCTET STRING (SIZE (6))
3349N/ATruthValue ::= TEXTUAL-CONVENTION
3349N/A "Represents a boolean value."
3349N/A SYNTAX INTEGER { true(1), false(2) }
3349N/ATestAndIncr ::= TEXTUAL-CONVENTION
3349N/A "Represents integer-valued information used for atomic
3349N/A operations. When the management protocol is used to specify
3349N/A that an object instance having this syntax is to be
3349N/A modified, the new value supplied via the management protocol
3349N/A must precisely match the value presently held by the
3349N/A instance. If not, the management protocol set operation
3349N/A fails with an error of `inconsistentValue'. Otherwise, if
3349N/A the current value is the maximum value of 2^31-1 (2147483647
3349N/A decimal), then the value held by the instance is wrapped to
3349N/A zero; otherwise, the value held by the instance is
3349N/A incremented by one. (Note that regardless of whether the
3349N/A management protocol set operation succeeds, the variable-
3349N/A binding in the request and response PDUs are identical.)
3349N/A The value of the ACCESS clause for objects having this
3349N/A syntax is either `read-write' or `read-create'. When an
3349N/A instance of a columnar object having this syntax is created,
3349N/A any value may be supplied via the management protocol.
3349N/A When the network management portion of the system is re-
3349N/A initialized, the value of every object instance having this
3349N/A syntax must either be incremented from its value prior to
3349N/A the re-initialization, or (if the value prior to the re-
3349N/A initialization is unknown) be set to a pseudo-randomly
3349N/A SYNTAX INTEGER (0..2147483647)
3349N/AAutonomousType ::= TEXTUAL-CONVENTION
3349N/A "Represents an independently extensible type identification
3349N/A value. It may, for example, indicate a particular sub-tree
3349N/A with further MIB definitions, or define a particular type of
3349N/AInstancePointer ::= TEXTUAL-CONVENTION
3349N/A "A pointer to either a specific instance of a MIB object or
3349N/A a conceptual row of a MIB table in the managed device. In
3349N/A the latter case, by convention, it is the name of the
3349N/A particular instance of the first accessible columnar object
3349N/A The two uses of this textual convention are replaced by
3349N/A VariablePointer and RowPointer, respectively."
3349N/AVariablePointer ::= TEXTUAL-CONVENTION
3349N/A "A pointer to a specific object instance. For example,
3349N/A sysContact.0 or ifInOctets.3."
3349N/ARowPointer ::= TEXTUAL-CONVENTION
3349N/A "Represents a pointer to a conceptual row. The value is the
3349N/A name of the instance of the first accessible columnar object
3349N/A For example, ifIndex.3 would point to the 3rd row in the
3349N/A ifTable (note that if ifIndex were not-accessible, then
3349N/A ifDescr.3 would be used instead)."
3349N/ARowStatus ::= TEXTUAL-CONVENTION
3349N/A "The RowStatus textual convention is used to manage the
3349N/A creation and deletion of conceptual rows, and is used as the
3349N/A value of the SYNTAX clause for the status column of a
3349N/A conceptual row (as described in Section 7.7.1 of [2].)
3349N/A The status column has six defined values:
3349N/A - `active', which indicates that the conceptual row is
3349N/A available for use by the managed device;
3349N/A - `notInService', which indicates that the conceptual
3349N/A row exists in the agent, but is unavailable for use by
3349N/A the managed device (see NOTE below);
3349N/A - `notReady', which indicates that the conceptual row
3349N/A exists in the agent, but is missing information
3349N/A necessary in order to be available for use by the
3349N/A - `createAndGo', which is supplied by a management
3349N/A station wishing to create a new instance of a
3349N/A conceptual row and to have its status automatically set
3349N/A to active, making it available for use by the managed
3349N/A - `createAndWait', which is supplied by a management
3349N/A station wishing to create a new instance of a
3349N/A conceptual row (but not make it available for use by
3349N/A - `destroy', which is supplied by a management station
3349N/A wishing to delete all of the instances associated with
3349N/A an existing conceptual row.
3349N/A Whereas five of the six values (all except `notReady') may
3349N/A be specified in a management protocol set operation, only
3349N/A three values will be returned in response to a management
3349N/A protocol retrieval operation: `notReady', `notInService' or
3349N/A `active'. That is, when queried, an existing conceptual row
3349N/A has only three states: it is either available for use by
3349N/A the managed device (the status column has value `active');
3349N/A it is not available for use by the managed device, though
3349N/A the agent has sufficient information to make it so (the
3349N/A status column has value `notInService'); or, it is not
3349N/A available for use by the managed device, and an attempt to
3349N/A make it so would fail because the agent has insufficient
3349N/A information (the state column has value `notReady').
3349N/A This textual convention may be used for a MIB table,
3349N/A irrespective of whether the values of that table's
3349N/A conceptual rows are able to be modified while it is
3349N/A active, or whether its conceptual rows must be taken
3349N/A out of service in order to be modified. That is, it is
3349N/A the responsibility of the DESCRIPTION clause of the
3349N/A status column to specify whether the status column must
3349N/A not be `active' in order for the value of some other
3349N/A column of the same conceptual row to be modified. If
3349N/A such a specification is made, affected columns may be
3349N/A changed by an SNMP set PDU if the RowStatus would not
3349N/A be equal to `active' either immediately before or after
3349N/A processing the PDU. In other words, if the PDU also
3349N/A contained a varbind that would change the RowStatus
3349N/A value, the column in question may be changed if the
3349N/A RowStatus was not equal to `active' as the PDU was
3349N/A received, or if the varbind sets the status to a value
3349N/A Also note that whenever any elements of a row exist, the
3349N/A RowStatus column must also exist.
3349N/A To summarize the effect of having a conceptual row with a
3349N/A status column having a SYNTAX clause value of RowStatus,
3349N/A consider the following state diagram:
3349N/A +--------------+-----------+-------------+-------------
3349N/A | |status col.|status column|
3349N/A |status column | is | is |status column
3349N/A ACTION |does not exist| notReady | notInService| is active
3349N/A--------------+--------------+-----------+-------------+-------------
3349N/Aset status |noError ->D|inconsist- |inconsistent-|inconsistent-
3349N/Acolumn to | or | entValue| Value| Value
3349N/AcreateAndGo |inconsistent- | | |
3349N/A--------------+--------------+-----------+-------------+-------------
3349N/Aset status |noError see 1|inconsist- |inconsistent-|inconsistent-
3349N/Acolumn to | or | entValue| Value| Value
3349N/AcreateAndWait |wrongValue | | |
3349N/A--------------+--------------+-----------+-------------+-------------
3349N/Aset status |inconsistent- |inconsist- |noError |noError
3349N/Acolumn to | Value| entValue| |
3349N/A--------------+--------------+-----------+-------------+-------------
3349N/Aset status |inconsistent- |inconsist- |noError |noError ->C
3349N/Acolumn to | Value| entValue| |
3349N/A | |see 3 ->C| ->C|wrongValue
3349N/A--------------+--------------+-----------+-------------+-------------
3349N/Aset status |noError |noError |noError |noError
3349N/Adestroy | ->A| ->A| ->A| ->A
3349N/A--------------+--------------+-----------+-------------+-------------
3349N/Aset any other |see 4 |noError |noError |see 5
3349N/A--------------+--------------+-----------+-------------+-------------
3349N/A (1) goto B or C, depending on information available to the
3349N/ASNMPv2 Working Group Standards Track [Page 9]
3349N/ARFC 1903 Textual Conventions for SNMPv2 January 1996
3349N/A (2) if other variable bindings included in the same PDU,
3349N/A provide values for all columns which are missing but
3349N/A required, then return noError and goto D.
3349N/A (3) if other variable bindings included in the same PDU,
3349N/A provide values for all columns which are missing but
3349N/A required, then return noError and goto C.
3349N/A (4) at the discretion of the agent, the return value may be
3349N/A inconsistentName: because the agent does not choose to
3349N/A create such an instance when the corresponding
3349N/A RowStatus instance does not exist, or
3349N/A inconsistentValue: if the supplied value is
3349N/A inconsistent with the state of some other MIB object's
3349N/A noError: because the agent chooses to create the
3349N/A If noError is returned, then the instance of the status
3349N/A column must also be created, and the new state is B or C,
3349N/A depending on the information available to the agent. If
3349N/A inconsistentName or inconsistentValue is returned, the row
3349N/A either noError or inconsistentValue may be returned.
3349N/A NOTE: Other processing of the set request may result in a
3349N/A response other than noError being returned,
e.g.,
3349N/A wrongValue, noCreation, etc.
3349N/A There are four potential interactions when creating a
3349N/A conceptual row: selecting an instance-identifier which is
3349N/A not in use; creating the conceptual row; initializing any
3349N/A objects for which the agent does not supply a default; and,
3349N/A making the conceptual row available for use by the managed
3349N/A Interaction 1: Selecting an Instance-Identifier
3349N/A The algorithm used to select an instance-identifier varies
3349N/A for each conceptual row. In some cases, the instance-
3349N/A identifier is semantically significant,
e.g., the
3349N/A destination address of a route, and a management station
3349N/A selects the instance-identifier according to the semantics.
3349N/A In other cases, the instance-identifier is used solely to
3349N/A distinguish conceptual rows, and a management station
3349N/A without specific knowledge of the conceptual row might
3349N/A examine the instances present in order to determine an
3349N/A unused instance-identifier. (This approach may be used, but
3349N/A it is often highly sub-optimal; however, it is also a
3349N/A questionable practice for a naive management station to
3349N/A attempt conceptual row creation.)
3349N/A Alternately, the MIB module which defines the conceptual row
3349N/A might provide one or more objects which provide assistance
3349N/A in determining an unused instance-identifier. For example,
3349N/A if the conceptual row is indexed by an integer-value, then
3349N/A an object having an integer-valued SYNTAX clause might be
3349N/A defined for such a purpose, allowing a management station to
3349N/A issue a management protocol retrieval operation. In order
3349N/A to avoid unnecessary collisions between competing management
3349N/A stations, `adjacent' retrievals of this object should be
3349N/A Finally, the management station could select a pseudo-random
3349N/A number to use as the index. In the event that this index
3349N/A was already in use and an inconsistentValue was returned in
3349N/A response to the management protocol set operation, the
3349N/A management station should simply select a new pseudo-random
3349N/A number and retry the operation.
3349N/A A MIB designer should choose between the two latter
3349N/A algorithms based on the size of the table (and therefore the
3349N/A efficiency of each algorithm). For tables in which a large
3349N/A number of entries are expected, it is recommended that a MIB
3349N/A object be defined that returns an acceptable index for
3349N/A creation. For tables with small numbers of entries, it is
3349N/A recommended that the latter pseudo-random index mechanism be
3349N/A Interaction 2: Creating the Conceptual Row
3349N/A Once an unused instance-identifier has been selected, the
3349N/A management station determines if it wishes to create and
3349N/A activate the conceptual row in one transaction or in a
3349N/A negotiated set of interactions.
3349N/A Interaction 2a: Creating and Activating the Conceptual Row
3349N/A The management station must first determine the column
3349N/A requirements,
i.e., it must determine those columns for
3349N/A which it must or must not provide values. Depending on the
3349N/A complexity of the table and the management station's
3349N/A knowledge of the agent's capabilities, this determination
3349N/A can be made locally by the management station. Alternately,
3349N/A the management station issues a management protocol get
3349N/A operation to examine all columns in the conceptual row that
3349N/A it wishes to create. In response, for each column, there
3349N/A are three possible outcomes:
3349N/A - a value is returned, indicating that some other
3349N/A management station has already created this conceptual
3349N/A row. We return to interaction 1.
3349N/A - the exception `noSuchInstance' is returned,
3349N/A indicating that the agent implements the object-type
3349N/A associated with this column, and that this column in at
3349N/A least one conceptual row would be accessible in the MIB
3349N/A view used by the retrieval were it to exist. For those
3349N/A columns to which the agent provides read-create access,
3349N/A the `noSuchInstance' exception tells the management
3349N/A station that it should supply a value for this column
3349N/A when the conceptual row is to be created.
3349N/A - the exception `noSuchObject' is returned, indicating
3349N/A that the agent does not implement the object-type
3349N/A associated with this column or that there is no
3349N/A conceptual row for which this column would be
3349N/A accessible in the MIB view used by the retrieval. As
3349N/A such, the management station can not issue any
3349N/A management protocol set operations to create an
3349N/A Once the column requirements have been determined, a
3349N/A management protocol set operation is accordingly issued.
3349N/A This operation also sets the new instance of the status
3349N/A When the agent processes the set operation, it verifies that
3349N/A it has sufficient information to make the conceptual row
3349N/A available for use by the managed device. The information
3349N/A available to the agent is provided by two sources: the
3349N/A management protocol set operation which creates the
3349N/A conceptual row, and, implementation-specific defaults
3349N/A supplied by the agent (note that an agent must provide
3349N/A implementation-specific defaults for at least those objects
3349N/A which it implements as read-only). If there is sufficient
3349N/A information available, then the conceptual row is created, a
3349N/A `noError' response is returned, the status column is set to
3349N/A `active', and no further interactions are necessary (
i.e.,
3349N/A interactions 3 and 4 are skipped). If there is insufficient
3349N/A information, then the conceptual row is not created, and the
3349N/A set operation fails with an error of `inconsistentValue'.
3349N/A On this error, the management station can issue a management
3349N/A protocol retrieval operation to determine if this was
3349N/A because it failed to specify a value for a required column,
3349N/A or, because the selected instance of the status column
3349N/A already existed. In the latter case, we return to
3349N/A interaction 1. In the former case, the management station
3349N/A can re-issue the set operation with the additional
3349N/A information, or begin interaction 2 again using
3349N/A `createAndWait' in order to negotiate creation of the
3349N/A Regardless of the method used to determine the column
3349N/A requirements, it is possible that the management
3349N/A station might deem a column necessary when, in fact,
3349N/A the agent will not allow that particular columnar
3349N/A instance to be created or written. In this case, the
3349N/A management protocol set operation will fail with an
3349N/A error such as `noCreation' or `notWritable'. In this
3349N/A case, the management station decides whether it needs
3349N/A to be able to set a value for that particular columnar
3349N/A instance. If not, the management station re-issues the
3349N/A management protocol set operation, but without setting
3349N/A a value for that particular columnar instance;
3349N/A otherwise, the management station aborts the row
3349N/A Interaction 2b: Negotiating the Creation of the Conceptual
3349N/A The management station issues a management protocol set
3349N/A operation which sets the desired instance of the status
3349N/A column to `createAndWait'. If the agent is unwilling to
3349N/A process a request of this sort, the set operation fails with
3349N/A an error of `wrongValue'. (As a consequence, such an agent
3349N/A must be prepared to accept a single management protocol set
3349N/A operation,
i.e., interaction 2a above, containing all of the
3349N/A columns indicated by its column requirements.) Otherwise,
3349N/A the conceptual row is created, a `noError' response is
3349N/A returned, and the status column is immediately set to either
3349N/A `notInService' or `notReady', depending on whether it has
3349N/A sufficient information to make the conceptual row available
3349N/A for use by the managed device. If there is sufficient
3349N/A information available, then the status column is set to
3349N/A `notInService'; otherwise, if there is insufficient
3349N/A information, then the status column is set to `notReady'.
3349N/A Regardless, we proceed to interaction 3.
3349N/A Interaction 3: Initializing non-defaulted Objects
3349N/A The management station must now determine the column
3349N/A requirements. It issues a management protocol get operation
3349N/A to examine all columns in the created conceptual row. In
3349N/A the response, for each column, there are three possible
3349N/A - a value is returned, indicating that the agent
3349N/A implements the object-type associated with this column
3349N/A and had sufficient information to provide a value. For
3349N/A those columns to which the agent provides read-create
3349N/A access (and for which the agent allows their values to
3349N/A be changed after their creation), a value return tells
3349N/A the management station that it may issue additional
3349N/A management protocol set operations, if it desires, in
3349N/A order to change the value associated with this column.
3349N/A - the exception `noSuchInstance' is returned,
3349N/A indicating that the agent implements the object-type
3349N/A associated with this column, and that this column in at
3349N/A least one conceptual row would be accessible in the MIB
3349N/A view used by the retrieval were it to exist. However,
3349N/A the agent does not have sufficient information to
3349N/A provide a value, and until a value is provided, the
3349N/A conceptual row may not be made available for use by the
3349N/A managed device. For those columns to which the agent
3349N/A provides read-create access, the `noSuchInstance'
3349N/A exception tells the management station that it must
3349N/A issue additional management protocol set operations, in
3349N/A order to provide a value associated with this column.
3349N/A - the exception `noSuchObject' is returned, indicating
3349N/A that the agent does not implement the object-type
3349N/A associated with this column or that there is no
3349N/A conceptual row for which this column would be
3349N/A accessible in the MIB view used by the retrieval. As
3349N/A such, the management station can not issue any
3349N/A management protocol set operations to create an
3349N/A If the value associated with the status column is
3349N/A `notReady', then the management station must first deal with
3349N/A all `noSuchInstance' columns, if any. Having done so, the
3349N/A value of the status column becomes `notInService', and we
3349N/A Interaction 4: Making the Conceptual Row Available
3349N/A Once the management station is satisfied with the values
3349N/A associated with the columns of the conceptual row, it issues
3349N/A a management protocol set operation to set the status column
3349N/A to `active'. If the agent has sufficient information to
3349N/A make the conceptual row available for use by the managed
3349N/A device, the management protocol set operation succeeds (a
3349N/A `noError' response is returned). Otherwise, the management
3349N/A protocol set operation fails with an error of
3349N/A A conceptual row having a status column with value
3349N/A `notInService' or `notReady' is unavailable to the
3349N/A managed device. As such, it is possible for the
3349N/A managed device to create its own instances during the
3349N/A time between the management protocol set operation
3349N/A which sets the status column to `createAndWait' and the
3349N/A management protocol set operation which sets the status
3349N/A column to `active'. In this case, when the management
3349N/A protocol set operation is issued to set the status
3349N/A column to `active', the values held in the agent
3349N/A supersede those used by the managed device.
3349N/A If the management station is prevented from setting the
3349N/A status column to `active' (
e.g., due to management station
3349N/A or network failure) the conceptual row will be left in the
3349N/A `notInService' or `notReady' state, consuming resources
3349N/A indefinitely. The agent must detect conceptual rows that
3349N/A have been in either state for an abnormally long period of
3349N/A time and remove them. It is the responsibility of the
3349N/A DESCRIPTION clause of the status column to indicate what an
3349N/A abnormally long period of time would be. This period of
3349N/A time should be long enough to allow for human response time
3349N/A (including `think time') between the creation of the
3349N/A conceptual row and the setting of the status to `active'.
3349N/A In the absense of such information in the DESCRIPTION
3349N/A clause, it is suggested that this period be approximately 5
3349N/A minutes in length. This removal action applies not only to
3349N/A newly-created rows, but also to previously active rows which
3349N/A are set to, and left in, the notInService state for a
3349N/A prolonged period exceeding that which is considered normal
3349N/A When a conceptual row is `active', the management station
3349N/A may issue a management protocol set operation which sets the
3349N/A instance of the status column to `notInService'. If the
3349N/A agent is unwilling to do so, the set operation fails with an
3349N/A error of `wrongValue'. Otherwise, the conceptual row is
3349N/A taken out of service, and a `noError' response is returned.
3349N/A It is the responsibility of the DESCRIPTION clause of the
3349N/A status column to indicate under what circumstances the
3349N/A status column should be taken out of service (
e.g., in order
3349N/A for the value of some other column of the same conceptual
3349N/A For deletion of conceptual rows, a management protocol set
3349N/A operation is issued which sets the instance of the status
3349N/A column to `destroy'. This request may be made regardless of
3349N/A the current value of the status column (
e.g., it is possible
3349N/A to delete conceptual rows which are either `notReady',
3349N/A `notInService' or `active'.) If the operation succeeds,
3349N/A then all instances associated with the conceptual row are
3349N/A -- the following two values are states:
3349N/A -- these values may be read or written
3349N/A -- the following value is a state:
3349N/A -- this value may be read, but not written
3349N/A -- the following three values are
3349N/A -- actions: these values may be written,
3349N/ATimeStamp ::= TEXTUAL-CONVENTION
3349N/A "The value of the sysUpTime object at which a specific
3349N/A occurrence happened. The specific occurrence must be
3349N/A defined in the description of any object defined using this
3349N/ATimeInterval ::= TEXTUAL-CONVENTION
3349N/A "A period of time, measured in units of 0.01 seconds."
3349N/A SYNTAX INTEGER (0..2147483647)
3349N/ADateAndTime ::= TEXTUAL-CONVENTION
3349N/A DISPLAY-HINT "2d-1d-1d,1d:1d:1d.1d,1a1d:1d"
3349N/A "A date-time specification.
3349N/A field octets contents range
3349N/A ----- ------ -------- -----
3349N/A 8 9 direction from UTC '+' / '-'
3349N/A 10 11 minutes from UTC 0..59
3349N/A For example, Tuesday May 26, 1992 at 1:30:15 PM EDT would be
3349N/A Note that if only local time is known, then timezone
3349N/A information (fields 8-10) is not present."
3349N/A SYNTAX OCTET STRING (SIZE (8 | 11))
3349N/AStorageType ::= TEXTUAL-CONVENTION
3349N/A "Describes the memory realization of a conceptual row. A
3349N/A row which is volatile(2) is lost upon reboot. A row which
3349N/A is either nonVolatile(3), permanent(4) or readOnly(5), is
3349N/A backed up by stable storage. A row which is permanent(4)
3349N/A can be changed but not deleted. A row which is readOnly(5)
3349N/A cannot be changed nor deleted.
3349N/A If the value of an object with this syntax is either
3349N/A permanent(4) or readOnly(5), it cannot be modified.
3349N/A Conversely, if the value is either other(1), volatile(2) or
3349N/A nonVolatile(3), it cannot be modified to be permanent(4) or
3349N/A Every usage of this textual convention is required to
3349N/A specify the columnar objects which a permanent(4) row must
3349N/A at a minimum allow to be writable."
3349N/ATDomain ::= TEXTUAL-CONVENTION
3349N/A "Denotes a kind of transport service.
3349N/A Some possible values, such as snmpUDPDomain, are defined in
3349N/A 'Transport Mappings for Version 2 of the Simple Network
3349N/A Management Protocol (SNMPv2)'."
3349N/ATAddress ::= TEXTUAL-CONVENTION
3349N/A "Denotes a transport service address.
3349N/A For snmpUDPDomain, a TAddress is 6 octets long, the initial 4
3349N/A octets containing the IP-address in network-byte order and the
3349N/A last 2 containing the UDP port in network-byte order. Consult
3349N/A 'Transport Mappings for Version 2 of the Simple Network
3349N/A Management Protocol (SNMPv2)' for further information on
3349N/A SYNTAX OCTET STRING (SIZE (1..255))
3349N/A---------------------------------------------------
3349N/A-- from RFC 2571: Textual Conventions for SNMPv3 --
3349N/A---------------------------------------------------
3349N/A SnmpEngineID ::= TEXTUAL-CONVENTION
3349N/A DESCRIPTION "An SNMP engine's administratively-unique identifier.
3349N/A Objects of this type are for identification, not for
3349N/A addressing, even though it is possible that an
3349N/A address may have been used in the generation of
3349N/A The value for this object may not be all zeros or
3349N/A all 'ff'H or the empty (zero length) string.
3349N/A The initial value for this object may be configured
3349N/A via an operator console entry or via an algorithmic
3349N/A function. In the latter case, the following
3349N/A example algorithm is recommended.
3349N/A In cases where there are multiple engines on the
3349N/A same system, the use of this algorithm is NOT
3349N/A appropriate, as it would result in all of those
3349N/A engines ending up with the same ID value.
3349N/A 1) The very first bit is used to indicate how the
3349N/A rest of the data is composed.
3349N/A 0 - as defined by enterprise using former methods
3349N/A that existed before SNMPv3. See item 2 below.
3349N/A 1 - as defined by this architecture, see item 3
3349N/A Note that this allows existing uses of the
3349N/A engineID (also known as AgentID [RFC1910]) to
3349N/A co-exist with any new uses.
3349N/A 2) The snmpEngineID has a length of 12 octets.
3349N/A The first four octets are set to the binary
3349N/A equivalent of the agent's SNMP management
3349N/A private enterprise number as assigned by the
3349N/A Internet Assigned Numbers Authority (IANA).
3349N/A For example, if Acme Networks has been assigned
3349N/A { enterprises 696 }, the first four octets would
3349N/A The remaining eight octets are determined via
3349N/A one or more enterprise-specific methods. Such
3349N/A methods must be designed so as to maximize the
3349N/A possibility that the value of this object will
3349N/A be unique in the agent's administrative domain.
3349N/A For example, it may be the IP address of the SNMP
3349N/A entity, or the MAC address of one of the
3349N/A interfaces, with each address suitably padded
3349N/A with random octets. If multiple methods are
3349N/A defined, then it is recommended that the first
3349N/A octet indicate the method being used and the
3349N/A remaining octets be a function of the method.
3349N/A 3) The length of the octet strings varies.
3349N/A The first four octets are set to the binary
3349N/A equivalent of the agent's SNMP management
3349N/A private enterprise number as assigned by the
3349N/A Internet Assigned Numbers Authority (IANA).
3349N/A For example, if Acme Networks has been assigned
3349N/A { enterprises 696 }, the first four octets would
3349N/A The very first bit is set to 1. For example, the
3349N/A above value for Acme Networks now changes to be
3349N/A The fifth octet indicates how the rest (6th and
3349N/A following octets) are formatted. The values for
3349N/A 1 - IPv4 address (4 octets)
3349N/A lowest non-special IP address
3349N/A 2 - IPv6 address (16 octets)
3349N/A lowest non-special IP address
3349N/A lowest IEEE MAC address, canonical
3349N/A 4 - Text, administratively assigned
3349N/A Maximum remaining length 27
3349N/A 5 - Octets, administratively assigned
3349N/A Maximum remaining length 27
3349N/A 127-255 - as defined by the enterprise
3349N/A Maximum remaining length 27
3349N/A SYNTAX OCTET STRING (SIZE(5..32))
3349N/A SnmpSecurityModel ::= TEXTUAL-CONVENTION
3349N/A DESCRIPTION "An identifier that uniquely identifies a
3349N/A securityModel of the Security Subsystem within the
3349N/A SNMP Management Architecture.
3349N/A The values for securityModel are allocated as
3349N/A - The zero value is reserved.
3349N/A - Values between 1 and 255, inclusive, are reserved
3349N/A for standards-track Security Models and are
3349N/A managed by the Internet Assigned Numbers Authority
3349N/A - Values greater than 255 are allocated to
3349N/A enterprise-specific Security Models. An
3349N/A enterprise-specific securityModel value is defined
3349N/A enterpriseID * 256 + security model within
3349N/A For example, the fourth Security Model defined by
3349N/A the enterprise whose enterpriseID is 1 would be
3349N/A This scheme for allocation of securityModel
3349N/A values allows for a maximum of 255 standards-
3349N/A based Security Models, and for a maximum of
3349N/A 255 Security Models per enterprise.
3349N/A It is believed that the assignment of new
3349N/A securityModel values will be rare in practice
3349N/A because the larger the number of simultaneously
3349N/A utilized Security Models, the larger the
3349N/A chance that interoperability will suffer.
3349N/A Consequently, it is believed that such a range
3349N/A will be sufficient. In the unlikely event that
3349N/A the standards committee finds this number to be
3349N/A insufficient over time, an enterprise number
3349N/A can be allocated to obtain an additional 255
3349N/A Note that the most significant bit must be zero;
3349N/A hence, there are 23 bits allocated for various
3349N/A organizations to design and define non-standard
3349N/A securityModels. This limits the ability to
3349N/A define new proprietary implementations of Security
3349N/A Models to the first 8,388,608 enterprises.
3349N/A It is worthwhile to note that, in its encoded
3349N/A form, the securityModel value will normally
3349N/A require only a single byte since, in practice,
3349N/A the leftmost bits will be zero for most messages
3349N/A and sign extension is suppressed by the encoding
3349N/A As of this writing, there are several values
3349N/A of securityModel defined for use with SNMP or
3349N/A reserved for use with supporting MIB objects.
3349N/A 3 User-Based Security Model (USM)
3349N/A SYNTAX INTEGER(0 .. 2147483647)
3349N/A SnmpMessageProcessingModel ::= TEXTUAL-CONVENTION
3349N/A DESCRIPTION "An identifier that uniquely identifies a Message
3349N/A Processing Model of the Message Processing
3349N/A Subsystem within a SNMP Management Architecture.
3349N/A The values for messageProcessingModel are
3349N/A - Values between 0 and 255, inclusive, are
3349N/A reserved for standards-track Message Processing
3349N/A Models and are managed by the Internet Assigned
3349N/A - Values greater than 255 are allocated to
3349N/A enterprise-specific Message Processing Models.
3349N/A An enterprise messageProcessingModel value is
3349N/A messageProcessingModel within enterprise
3349N/A For example, the fourth Message Processing Model
3349N/A defined by the enterprise whose enterpriseID
3349N/A This scheme for allocating messageProcessingModel
3349N/A values allows for a maximum of 255 standards-
3349N/A based Message Processing Models, and for a
3349N/A maximum of 255 Message Processing Models per
3349N/A It is believed that the assignment of new
3349N/A messageProcessingModel values will be rare
3349N/A in practice because the larger the number of
3349N/A simultaneously utilized Message Processing Models,
3349N/A the larger the chance that interoperability
3349N/A will suffer. It is believed that such a range
3349N/A will be sufficient. In the unlikely event that
3349N/A the standards committee finds this number to be
3349N/A insufficient over time, an enterprise number
3349N/A can be allocated to obtain an additional 256
3349N/A Note that the most significant bit must be zero;
3349N/A hence, there are 23 bits allocated for various
3349N/A organizations to design and define non-standard
3349N/A messageProcessingModels. This limits the ability
3349N/A to define new proprietary implementations of
3349N/A Message Processing Models to the first 8,388,608
3349N/A It is worthwhile to note that, in its encoded
3349N/A form, the messageProcessingModel value will
3349N/A normally require only a single byte since, in
3349N/A practice, the leftmost bits will be zero for
3349N/A most messages and sign extension is suppressed
3349N/A As of this writing, there are several values of
3349N/A messageProcessingModel defined for use with SNMP.
3349N/A 2 reserved for SNMPv2u and SNMPv2*
3349N/A SYNTAX INTEGER(0 .. 2147483647)
3349N/A SnmpSecurityLevel ::= TEXTUAL-CONVENTION
3349N/A DESCRIPTION "A Level of Security at which SNMP messages can be
3349N/A sent or with which operations are being processed;
3349N/A noAuthNoPriv - without authentication and
3349N/A authNoPriv - with authentication but
3349N/A authPriv - with authentication and
3349N/A These three values are ordered such that
3349N/A noAuthNoPriv is less than authNoPriv and
3349N/A authNoPriv is less than authPriv.
3349N/A SYNTAX INTEGER { noAuthNoPriv(1),
3349N/A SnmpAdminString ::= TEXTUAL-CONVENTION
3349N/A DESCRIPTION "An octet string containing administrative
3349N/A information, preferably in human-readable form.
3349N/A To facilitate internationalization, this
3349N/A IS 10646-1 character set, encoded as an octet
3349N/A string using the UTF-8 transformation format
3349N/A Since additional code points are added by
3349N/A amendments to the 10646 standard from time
3349N/A to time, implementations must be prepared to
3349N/A encounter any code point from 0x00000000 to
3349N/A 0x7fffffff. Byte sequences that do not
3349N/A correspond to the valid UTF-8 encoding of a
3349N/A code point or are outside this range are
3349N/A The use of control codes should be avoided.
3349N/A When it is necessary to represent a newline,
3349N/A the control code sequence CR LF should be used.
3349N/A The use of leading or trailing white space should
3349N/A For code points not directly supported by user
3349N/A interface hardware or software, an alternative
3349N/A means of entry and display, such as hexadecimal,
3349N/A For information encoded in 7-bit US-ASCII,
3349N/A the UTF-8 encoding is identical to the
3349N/A UTF-8 may require multiple bytes to represent a
3349N/A single character / code point; thus the length
3349N/A of this object in octets may be different from
3349N/A the number of characters encoded. Similarly,
3349N/A size constraints refer to the number of encoded
3349N/A octets, not the number of characters represented
3349N/A Note that when this TC is used for an object that
3349N/A is used or envisioned to be used as an index, then
3349N/A a SIZE restriction MUST be specified so that the
3349N/A number of sub-identifiers for any object instance
3349N/A does not exceed the limit of 128, as defined by
3349N/A Note that the size of an SnmpAdminString object is
3349N/A measured in octets, not characters.
3349N/A SYNTAX DisplayString (SIZE (0..255))
3349N/A---------------------------------------------------
3349N/A-- from RFC 2574: Textual Conventions for SNMPv3 --
3349N/A---------------------------------------------------
3349N/AKeyChange ::= TEXTUAL-CONVENTION
3349N/A "Every definition of an object with this syntax must identify
3349N/A a protocol P, a secret key K, and a hash algorithm H
3349N/A that produces output of L octets.
3349N/A The object's value is a manager-generated, partially-random
3349N/A value which, when modified, causes the value of the secret
3349N/A key K, to be modified via a one-way function.
3349N/A The value of an instance of this object is the concatenation
3349N/A of two components: first a 'random' component and then a
3349N/A The lengths of the random and delta components
3349N/A are given by the corresponding value of the protocol P;
3349N/A if P requires K to be a fixed length, the length of both the
3349N/A random and delta components is that fixed length; if P
3349N/A allows the length of K to be variable up to a particular
3349N/A maximum length, the length of the random component is that
3349N/A maximum length and the length of the delta component is any
3349N/A length less than or equal to that maximum length.
3349N/A For example, usmHMACMD5AuthProtocol requires K to be a fixed
3349N/A length of 16 octets and L - of 16 octets.
3349N/A usmHMACSHAAuthProtocol requires K to be a fixed length of
3349N/A 20 octets and L - of 20 octets. Other protocols may define
3349N/A other sizes, as deemed appropriate.
3349N/A When a requester wants to change the old key K to a new
3349N/A key keyNew on a remote entity, the 'random' component is
3349N/A obtained from either a true random generator, or from a
3349N/A pseudorandom generator, and the 'delta' component is
3349N/A - a temporary variable is initialized to the existing value
3349N/A - if the length of the keyNew is greater than L octets,
3349N/A - the random component is appended to the value of the
3349N/A temporary variable, and the result is input to the
3349N/A the hash algorithm H to produce a digest value, and
3349N/A the temporary variable is set to this digest value;
3349N/A - the value of the temporary variable is XOR-ed with
3349N/A the first (next) L-octets (16 octets in case of MD5)
3349N/A of the keyNew to produce the first (next) L-octets
3349N/A (16 octets in case of MD5) of the 'delta' component.
3349N/A - the above two steps are repeated until the unused
3349N/A portion of the keyNew component is L octets or less,
3349N/A - the random component is appended to the value of the
3349N/A temporary variable, and the result is input to the
3349N/A hash algorithm H to produce a digest value;
3349N/A - this digest value, truncated if necessary to be the same
3349N/A length as the unused portion of the keyNew, is XOR-ed
3349N/A with the unused portion of the keyNew to produce the
3349N/A (final portion of the) 'delta' component.
3349N/A For example, using MD5 as the hash algorithm H:
3349N/A iterations = (lenOfDelta - 1)/16; /* integer division */
3349N/A for (i = 0; i < iterations; i++) {
3349N/A temp = MD5 (temp || random);
3349N/A temp XOR keyNew[i*16 .. (i*16)+15];
3349N/A temp = MD5 (temp || random);
3349N/A delta[i*16 .. lenOfDelta-1] =
3349N/A temp XOR keyNew[i*16 .. lenOfDelta-1];
3349N/A The 'random' and 'delta' components are then concatenated as
3349N/A described above, and the resulting octet string is sent to
3349N/A the recipient as the new value of an instance of this object.
3349N/A At the receiver side, when an instance of this object is set
3349N/A to a new value, then a new value of K is computed as follows:
3349N/A - a temporary variable is initialized to the existing value
3349N/A - if the length of the delta component is greater than L
3349N/A - the random component is appended to the value of the
3349N/A temporary variable, and the result is input to the
3349N/A hash algorithm H to produce a digest value, and the
3349N/A temporary variable is set to this digest value;
3349N/A - the value of the temporary variable is XOR-ed with
3349N/A the first (next) L-octets (16 octets in case of MD5)
3349N/A of the delta component to produce the first (next)
3349N/A L-octets (16 octets in case of MD5) of the new value
3349N/A - the above two steps are repeated until the unused
3349N/A portion of the delta component is L octets or less,
3349N/A - the random component is appended to the value of the
3349N/A temporary variable, and the result is input to the
3349N/A hash algorithm H to produce a digest value;
3349N/A - this digest value, truncated if necessary to be the same
3349N/A length as the unused portion of the delta component, is
3349N/A XOR-ed with the unused portion of the delta component to
3349N/A produce the (final portion of the) new value of K.
3349N/A For example, using MD5 as the hash algorithm H:
3349N/A iterations = (lenOfDelta - 1)/16; /* integer division */
3349N/A for (i = 0; i < iterations; i++) {
3349N/A temp = MD5 (temp || random);
3349N/A keyNew[i*16 .. (i*16)+15] =
3349N/A temp XOR delta[i*16 .. (i*16)+15];
3349N/A temp = MD5 (temp || random);
3349N/A keyNew[i*16 .. lenOfDelta-1] =
3349N/A temp XOR delta[i*16 .. lenOfDelta-1];
3349N/A The value of an object with this syntax, whenever it is
3349N/A retrieved by the management protocol, is always the zero
3349N/A Note that the keyOld and keyNew are the localized keys.
3349N/A Note that it is probably wise that when an SNMP entity sends
3349N/A a SetRequest to change a key, that it keeps a copy of the old
3349N/A key until it has confirmed that the key change actually
3349N/A sun OBJECT IDENTIFIER ::= { enterprises 42 }
3349N/A messaging OBJECT IDENTIFIER ::= { sun products(2) 8 }
3349N/A agents OBJECT IDENTIFIER ::= { messaging 1 }
3349N/A private-mibs OBJECT IDENTIFIER ::= { messaging 2 }
3349N/A snmpx400d OBJECT IDENTIFIER ::= { agents 1 }
3349N/A snmpxapiad OBJECT IDENTIFIER ::= { agents 2 }
3349N/A snmpx500d OBJECT IDENTIFIER ::= { agents 3 }
3349N/A snmpimd OBJECT IDENTIFIER ::= { agents 4 }
3349N/A snmpslapd OBJECT IDENTIFIER ::= { agents 5 }