[Docs] [txt|pdf] [Tracker] [WG] [Email] [Nits]

Versions: 00 01 02 03 04 05 06 RFC 3418

INTERNET-DRAFT                                   Editor of this version:
Will Obsolete: 1907                                           R. Presuhn
                                                      BMC Software, Inc.
                                                          9 January 2000

                                            Authors of previous version:
                                                    SNMPv2 Working Group
                                                                 J. Case
                                                     SNMP Research, Inc.
                                                           K. McCloghrie
                                                     Cisco Systems, Inc.
                                                                 M. Rose
                                            Dover Beach Consulting, Inc.
                                                           S. Waldbusser
                                          International Network Services


                      Management Information Base
                                for the
                   Simple Network Management Protocol
                 <draft-ietf-snmpv3-update-mib-00.txt>


Status of this Memo

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.  Internet-Drafts are working
   documents of the Internet Engineering Task Force (IETF), its areas,
   and its working groups.  Note that other groups may also distribute
   working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html

Copyright Notice

   Copyright (C) The Internet Society (2000).  All Rights Reserved.






SNMPv3 Working Group        Expires June 2000                   [Page 1]

Internet Draft        Protocol Operations for SNMP        9 January 2000


Abstract

   This internet-draft, a work item of the SNMPv3 working group, is
   intended to obsolete RFC 1907, Management Information Base for
   Version 2 of the Simple Network Management Protocol (SNMPv2).

Table of Contents

   1. Introduction ................................................    3
   2. The SNMP Management Framework ...............................    3
   3. Definitions .................................................    4
   4. Notice on Intellectual Property .............................   23
   5. Acknowledgements ............................................   23
   6. Security Considerations .....................................   24
   7. References ..................................................   25
   8. Editor's Address ............................................   26
   9. Changes from RFC 1907 .......................................   27
   10. Issues .....................................................   28
   11. Full Copyright Statement ...................................   29
































SNMPv3 Working Group        Expires June 2000                   [Page 2]

Internet Draft        Protocol Operations for SNMP        9 January 2000


1.  Introduction

   It is the purpose of this document to define managed objects which
   describe the behavior of an SNMP entity, as defined in the SNMP
   architecture [RFC2571].

2.  The SNMP Management Framework

   The SNMP Management Framework at the time of this writing consists of
   five major components:

        -    An overall architecture, described in RFC 2571 [RFC2571].

        -    Mechanisms for describing and naming objects and events for
             the purpose of management.  The first version of this
             Structure of Management Information (SMI) is called SMIv1
             and described in STD 16, RFC 1155 [RFC1155], STD 16, RFC
             1212 [RFC1212] and RFC 1215 [RFC1215].  The second version,
             called SMIv2, is described in STD 58, RFC 2578 [RFC2578],
             STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580].

        -    Message protocols for transferring management information.
             The first version of the SNMP message protocol is called
             SNMPv1 and described in STD 15, RFC 1157 [RFC1157].  A
             second version of the SNMP message protocol, which is not
             an Internet standards track protocol, is called SNMPv2c and
             described in RFC 1901 [RFC1901] and RFC -TM [RFC-TM].  The
             third version of the message protocol is called SNMPv3 and
             described in RFC -TM [RFC-TM], RFC 2572 [RFC2572] and RFC
             2574 [RFC2574].

        -    Protocol operations for accessing management information.
             The first set of protocol operations and associated PDU
             formats is described in STD 15, RFC 1157 [RFC1157].  A
             second set of protocol operations and associated PDU
             formats is described in RFC -PROTO [RFC-PROTO].

        -    A set of fundamental applications described in RFC 2573
             [RFC2573] and the view-based access control mechanism
             described in RFC 2575 [RFC2575].

        A more detailed introduction to the current SNMP Management
        Framework can be found in RFC 2570 [RFC2570].

        Managed objects are accessed via a virtual information store,
        termed the Management Information Base or MIB.  Objects in the
        MIB are defined using the mechanisms defined in the SMI.




SNMPv3 Working Group        Expires June 2000                   [Page 3]

Internet Draft        Protocol Operations for SNMP        9 January 2000


        This memo specifies a MIB module that is compliant to the SMIv2.
        A MIB conforming to the SMIv1 can be produced through the
        appropriate translations.  The resulting translated MIB must be
        semantically equivalent, except where objects or events are
        omitted because no translation is possible (use of Counter64).
        Some machine readable information in SMIv2 will be converted
        into textual descriptions in SMIv1 during the translation
        process.  However, this loss of machine readable information is
        not considered to change the semantics of the MIB.

3.  Definitions

   SNMPv2-MIB DEFINITIONS ::= BEGIN

   IMPORTS
       MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
       TimeTicks, Counter32, snmpModules, mib-2
           FROM SNMPv2-SMI
       SnmpAdminString
           FROM SNMP-FRAMEWORK-MIB
       TestAndIncr, TimeStamp
           FROM SNMPv2-TC
       MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
           FROM SNMPv2-CONF;

   snmpMIB MODULE-IDENTITY
       LAST-UPDATED "200001100424Z"
       ORGANIZATION "IETF SNMPv3 Working Group"
       CONTACT-INFO
               "WG-EMail:   snmpv3@tis.com
                Subscribe:  majordomo@tis.com
                            In message body:  subscribe snmpv3

                Chair:      Russ Mundy
                            TIS Labs at Network Associates
                postal:     3060 Washington Rd
                            Glenwood MD 21738
                            USA
                EMail:      mundy@tislabs.com
                phone:      +1 301 854-6889

                Editor:     Randy Presuhn
                            BMC Software, Inc.
                postal:     2141 North First Street
                            San Jose, CA 95131
                            USA
                EMail:      randy_presuhn@bmc.com
                phone:      +1 408 546-1006"



SNMPv3 Working Group        Expires June 2000                   [Page 4]

Internet Draft        Protocol Operations for SNMP        9 January 2000


       DESCRIPTION
               "The MIB module for SNMP entities."
       REVISION      "200001100424Z"
       DESCRIPTION
               "This revision of this MIB module was published as
                RFC 0."
       REVISION      "199511090000Z"
       DESCRIPTION
               "This revision of this MIB module was published as
                RFC 1907."
       REVISION      "199304010000Z"
       DESCRIPTION
               "The initial revision of this MIB module was published
               as RFC 1450."
       ::= { snmpModules 1 }


   snmpMIBObjects OBJECT IDENTIFIER ::= { snmpMIB 1 }

   --  ::= { snmpMIBObjects 1 }        this OID is obsolete
   --  ::= { snmpMIBObjects 2 }        this OID is obsolete
   --  ::= { snmpMIBObjects 3 }        this OID is obsolete


   -- the System group
   --
   -- a collection of objects common to all managed systems.

   system   OBJECT IDENTIFIER ::= { mib-2 1 }

   sysDescr OBJECT-TYPE
       SYNTAX      SnmpAdminString (SIZE (0..255))
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
               "A textual description of the entity.  This value should
               include the full name and version identification of
               the system's hardware type, software operating-system,
               and networking software.

               This string is encoded using UTF-8.  Older
               implementations MAY restrict the set of supported
               values to well-formed NVT ASCII."
       ::= { system 1 }







SNMPv3 Working Group        Expires June 2000                   [Page 5]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   sysObjectID OBJECT-TYPE
       SYNTAX      OBJECT IDENTIFIER
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
               "The vendor's authoritative identification of the
               network management subsystem contained in the entity.
               This value is allocated within the SMI enterprises
               subtree (1.3.6.1.4.1) and provides an easy and
               unambiguous means for determining `what kind of box' is
               being managed.  For example, if vendor `Flintstones,
               Inc.' was assigned the subtree 1.3.6.1.4.1.4242, it
               could assign the identifier 1.3.6.1.4.1.4242.1.1 to its
               `Fred Router'."
       ::= { system 2 }

   sysUpTime OBJECT-TYPE
       SYNTAX      TimeTicks
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
               "The time (in hundredths of a second) since the
               network management portion of the system was last
               re-initialized."
       ::= { system 3 }

   sysContact OBJECT-TYPE
       SYNTAX      SnmpAdminString (SIZE (0..255))
       MAX-ACCESS  read-write
       STATUS      current
       DESCRIPTION
               "The textual identification of the contact person for
               this managed node, together with information on how
               to contact this person.  If no contact information is
               known, the value is the zero-length string.

               This string is encoded using UTF-8.  Older
               implementations MAY restrict the set of supported
               values to well-formed NVT ASCII."
       ::= { system 4 }

   sysName OBJECT-TYPE
       SYNTAX      SnmpAdminString (SIZE (0..255))
       MAX-ACCESS  read-write
       STATUS      current






SNMPv3 Working Group        Expires June 2000                   [Page 6]

Internet Draft        Protocol Operations for SNMP        9 January 2000


       DESCRIPTION
               "An administratively-assigned name for this managed
               node.  By convention, this is the node's fully-qualified
               domain name.  If the name is unknown, the value is
               the zero-length string.

               This string is encoded using UTF-8.  Older
               implementations MAY restrict the set of supported
               values to well-formed NVT ASCII."
       ::= { system 5 }

   sysLocation OBJECT-TYPE
       SYNTAX      SnmpAdminString (SIZE (0..255))
       MAX-ACCESS  read-write
       STATUS      current
       DESCRIPTION
               "The physical location of this node (e.g., `telephone
               closet, 3rd floor').  If the location is unknown, the
               value is the zero-length string.

               This string is encoded using UTF-8.  Older
               implementations MAY restrict the set of supported
               values to well-formed NVT ASCII."
       ::= { system 6 }



























SNMPv3 Working Group        Expires June 2000                   [Page 7]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   sysServices OBJECT-TYPE
       SYNTAX      INTEGER (0..127)
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
               "A value which indicates the set of services that this
               entity may potentially offers.  The value is a sum.
               This sum initially takes the value zero, Then, for
               each layer, L, in the range 1 through 7, that this node
               performs transactions for, 2 raised to (L - 1) is added
               to the sum.  For example, a node which performs only
               routing functions would have a value of 4 (2^(3-1)).
               In contrast, a node which is a host offering application
               services would have a value of 72 (2^(4-1) + 2^(7-1)).
               Note that in the context of the Internet suite of
               protocols, values should be calculated accordingly:

                    layer      functionality
                      1        physical (e.g., repeaters)
                      2        datalink/subnetwork (e.g., bridges)
                      3        internet (e.g., supports the IP)
                      4        end-to-end  (e.g., supports the TCP)
                      7        applications (e.g., supports the SMTP)

               For systems including OSI protocols, layers 5 and 6
               may also be counted."
       ::= { system 7 }


   -- object resource information
   --
   -- a collection of objects which describe the SNMP entity's
   -- (statically and dynamically configurable) support of
   -- various MIB modules.

   sysORLastChange OBJECT-TYPE
       SYNTAX     TimeStamp
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
               "The value of sysUpTime at the time of the most recent
               change in state or value of any instance of sysORID."
       ::= { system 8 }








SNMPv3 Working Group        Expires June 2000                   [Page 8]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   sysORTable OBJECT-TYPE
       SYNTAX     SEQUENCE OF SysOREntry
       MAX-ACCESS not-accessible
       STATUS     current
       DESCRIPTION
               "The (conceptual) table listing the capabilities of
               the local SNMP application acting as a command
               responder with respect to various MIB modules.
               SNMP entities having dynamically-configurable support
               of MIB modules will have a dynamically-varying number
               of conceptual rows."
       ::= { system 9 }

   sysOREntry OBJECT-TYPE
       SYNTAX     SysOREntry
       MAX-ACCESS not-accessible
       STATUS     current
       DESCRIPTION
               "An entry (conceptual row) in the sysORTable."
       INDEX      { sysORIndex }
       ::= { sysORTable 1 }

   SysOREntry ::= SEQUENCE {
       sysORIndex     INTEGER,
       sysORID        OBJECT IDENTIFIER,
       sysORDescr     SnmpAdminString,
       sysORUpTime    TimeStamp
   }

   sysORIndex OBJECT-TYPE
       SYNTAX     INTEGER (1..2147483647)
       MAX-ACCESS not-accessible
       STATUS     current
       DESCRIPTION
               "The auxiliary variable used for identifying instances
               of the columnar objects in the sysORTable."
       ::= { sysOREntry 1 }

   sysORID OBJECT-TYPE
       SYNTAX     OBJECT IDENTIFIER
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
               "An authoritative identification of a capabilities
               statement with respect to various MIB modules supported
               by the local SNMP application acting as a command
               responder."
       ::= { sysOREntry 2 }



SNMPv3 Working Group        Expires June 2000                   [Page 9]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   sysORDescr OBJECT-TYPE
       SYNTAX     SnmpAdminString
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
               "A textual description of the capabilities identified
               by the corresponding instance of sysORID."
       ::= { sysOREntry 3 }

   sysORUpTime OBJECT-TYPE
       SYNTAX     TimeStamp
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
               "The value of sysUpTime at the time this conceptual
               row was last instantiated."
       ::= { sysOREntry 4 }


   -- the SNMP group
   --
   -- a collection of objects providing basic instrumentation and
   -- control of an SNMP entity.

   snmp     OBJECT IDENTIFIER ::= { mib-2 11 }

   snmpInPkts OBJECT-TYPE
       SYNTAX     Counter32
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
               "The total number of messages delivered to the SNMP
               entity from the transport service."
       ::= { snmp 1 }

   snmpInBadVersions OBJECT-TYPE
       SYNTAX     Counter32
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
               "The total number of SNMP messages which were delivered
               to the SNMP entity and were for an unsupported SNMP
               version."
       ::= { snmp 3 }







SNMPv3 Working Group        Expires June 2000                  [Page 10]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   snmpInBadCommunityNames OBJECT-TYPE
       SYNTAX     Counter32
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
              "The total number of community-based SNMP messages (for
              example,  SNMPv1) delivered to the SNMP entity which
              used an SNMP community name not known to said entity.
              Also, implementations which authenticate community-based
              SNMP messages using check(s) in addition to matching
              the community name (for example, by also checking
              whether the message originated from a transport address
              allowed to use a specified community name) MAY include
              in this value the number of messages which failed the
              additional check(s).  It is strongly RECOMMENDED that
              the documentation for any security model which is used
              to authenticate community-based SNMP messages specify
              the precise conditions that contribute to this value."
       ::= { snmp 4 }

   snmpInBadCommunityUses OBJECT-TYPE
       SYNTAX     Counter32
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
              "The total number of community-based SNMP messages (for
              example, SNMPv1) delivered to the SNMP entity which
              represented an SNMP operation that was not allowed for
              the SNMP community named in the message.  The precise
              conditions under which this counter is incremented
              (if at all) depend on how the SNMP entity implements
              its access control mechanism and how its applications
              interact with that access control mechanism.  It is
              strongly RECOMMENDED that the documentation for any
              access control mechanism which is used to control access
              to and visibility of MIB instrumentation specify the
              precise conditions that contribute to this value."
       ::= { snmp 5 }

   snmpInASNParseErrs OBJECT-TYPE
       SYNTAX     Counter32
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
               "The total number of ASN.1 or BER errors encountered by
               the SNMP entity when decoding received SNMP messages."
       ::= { snmp 6 }




SNMPv3 Working Group        Expires June 2000                  [Page 11]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   snmpEnableAuthenTraps OBJECT-TYPE
       SYNTAX      INTEGER { enabled(1), disabled(2) }
       MAX-ACCESS  read-write
       STATUS      current
       DESCRIPTION
               "Indicates whether the SNMP entity is permitted to
               generate authenticationFailure traps.  The value of this
               object overrides any configuration information; as such,
               it provides a means whereby all authenticationFailure
               traps may be disabled.

               Note that it is strongly recommended that this object
               be stored in non-volatile memory so that it remains
               constant across re-initializations of the network
               management system."
       ::= { snmp 30 }

   snmpSilentDrops OBJECT-TYPE
       SYNTAX     Counter32
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
              "The total number of Confirmed Class PDUs (such as
              GetRequest-PDUs, GetNextRequest-PDUs,
              GetBulkRequest-PDUs, SetRequest-PDUs, and
              InformRequest-PDUs) delivered to the SNMP entity which
              were silently dropped because the size of a reply
              containing an alternate Response Class PDU (such as a
              Response-PDU) with an empty variable-bindings field
              was greater than either a local constraint or the
              maximum message size associated with the originator of
              the request."
       ::= { snmp 31 }

   snmpProxyDrops OBJECT-TYPE
       SYNTAX     Counter32
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
               "The total number of GetRequest-PDUs,
               GetNextRequest-PDUs, GetBulkRequest-PDUs,
               SetRequest-PDUs, and InformRequest-PDUs delivered to
               the SNMP entity which were silently dropped because
               the transmission of the (possibly translated) message
               to a proxy target failed in a manner (other than a
               time-out) such that no Response-PDU could be returned."
       ::= { snmp 32 }




SNMPv3 Working Group        Expires June 2000                  [Page 12]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   -- information for notifications
   --
   -- a collection of objects which allow the SNMP entity, when
   -- supporting a notification originator application,
   -- to be configured to generate SNMPv2-Trap-PDUs.

   snmpTrap       OBJECT IDENTIFIER ::= { snmpMIBObjects 4 }


   snmpTrapOID OBJECT-TYPE
       SYNTAX     OBJECT IDENTIFIER
       MAX-ACCESS accessible-for-notify
       STATUS     current
       DESCRIPTION
               "The authoritative identification of the notification
               currently being sent.  This variable occurs as
               the second varbind in every SNMPv2-Trap-PDU and
               InformRequest-PDU."
       ::= { snmpTrap 1 }

   --  ::= { snmpTrap 2 }   this OID is obsolete

   snmpTrapEnterprise OBJECT-TYPE
       SYNTAX     OBJECT IDENTIFIER
       MAX-ACCESS accessible-for-notify
       STATUS     current
       DESCRIPTION
               "The authoritative identification of the enterprise
               associated with the trap currently being sent.  When an
               SNMP proxy agent is mapping an RFC1157 Trap-PDU
               into a SNMPv2-Trap-PDU, this variable occurs as the
               last varbind."
       ::= { snmpTrap 3 }

   --  ::= { snmpTrap 4 }   this OID is obsolete


   -- well-known traps

   snmpTraps      OBJECT IDENTIFIER ::= { snmpMIBObjects 5 }











SNMPv3 Working Group        Expires June 2000                  [Page 13]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   coldStart NOTIFICATION-TYPE
       STATUS  current
       DESCRIPTION
               "A coldStart trap signifies that the SNMP entity,
               supporting a notification originator application, is
               reinitializing itself and that its configuration may
               have been altered."
       ::= { snmpTraps 1 }

   warmStart NOTIFICATION-TYPE
       STATUS  current
       DESCRIPTION
               "A warmStart trap signifies that the SNMP entity,
               supporting a notification originator application,
               is reinitializing itself such that its configuration
               is unaltered."
       ::= { snmpTraps 2 }

   -- Note the linkDown NOTIFICATION-TYPE ::= { snmpTraps 3 }
   -- and the linkUp NOTIFICATION-TYPE ::= { snmpTraps 4 }
   -- are defined in RFC 2233 [RFC2233]

   authenticationFailure NOTIFICATION-TYPE
       STATUS  current
       DESCRIPTION
               "An authenticationFailure trap signifies that the SNMP
                entity has received a protocol message that is not
                properly authenticated.  While all implementations
                of SNMP entities MAY be capable of generating this
                trap, the snmpEnableAuthenTraps object indicates
                whether this trap will be generated."
       ::= { snmpTraps 5 }

   -- Note the egpNeighborLoss notification is defined
   -- as { snmpTraps 6 } in RFC 1213

   -- the set group
   --
   -- a collection of objects which allow several cooperating
   -- command generator applications to coordinate their use of the
   -- set operation.

   snmpSet        OBJECT IDENTIFIER ::= { snmpMIBObjects 6 }








SNMPv3 Working Group        Expires June 2000                  [Page 14]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   snmpSetSerialNo OBJECT-TYPE
       SYNTAX     TestAndIncr
       MAX-ACCESS read-write
       STATUS     current
       DESCRIPTION
               "An advisory lock used to allow several cooperating
               command generator applications to coordinate their
               use of the SNMP set operation.

               This object is used for coarse-grain coordination.
               To achieve fine-grain coordination, one or more similar
               objects might be defined within each MIB group, as
               appropriate."
       ::= { snmpSet 1 }


   -- conformance information

   snmpMIBConformance
                  OBJECT IDENTIFIER ::= { snmpMIB 2 }

   snmpMIBCompliances
                  OBJECT IDENTIFIER ::= { snmpMIBConformance 1 }
   snmpMIBGroups  OBJECT IDENTIFIER ::= { snmpMIBConformance 2 }


   -- compliance statements

   --    ::= { snmpMIBCompliances 1 }      this OID is obsolete

   snmpBasicCompliance MODULE-COMPLIANCE
       STATUS  current
       DESCRIPTION
               "The compliance statement for SNMP entities which
               implement the SNMPv2-MIB module."
       MODULE  -- this module
           MANDATORY-GROUPS { snmpGroup, snmpSetGroup, systemGroup,
                              snmpBasicNotificationsGroup }

           GROUP   snmpCommunityGroup
           DESCRIPTION
               "This group is mandatory for SNMP entities which
               support community-based authentication."

       ::= { snmpMIBCompliances 2 }






SNMPv3 Working Group        Expires June 2000                  [Page 15]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   -- units of conformance

   --  ::= { snmpMIBGroups 1 }           this OID is obsolete
   --  ::= { snmpMIBGroups 2 }           this OID is obsolete
   --  ::= { snmpMIBGroups 3 }           this OID is obsolete
   --  ::= { snmpMIBGroups 4 }           this OID is obsolete

   snmpGroup OBJECT-GROUP
       OBJECTS { snmpInPkts,
                 snmpInBadVersions,
                 snmpInASNParseErrs,
                 snmpSilentDrops,
                 snmpProxyDrops,
                 snmpEnableAuthenTraps }
       STATUS  current
       DESCRIPTION
               "A collection of objects providing basic instrumentation
               and control of an SNMP entity."
       ::= { snmpMIBGroups 8 }

   snmpCommunityGroup OBJECT-GROUP
       OBJECTS { snmpInBadCommunityNames,
                 snmpInBadCommunityUses }
       STATUS  current
       DESCRIPTION
               "A collection of objects providing basic instrumentation
               of a SNMP entity which supports community-based
               authentication."
       ::= { snmpMIBGroups 9 }

   snmpSetGroup OBJECT-GROUP
       OBJECTS { snmpSetSerialNo }
       STATUS  current
       DESCRIPTION
               "A collection of objects which allow several cooperating
               command generator applications to coordinate their
               use of the set operation."
       ::= { snmpMIBGroups 5 }













SNMPv3 Working Group        Expires June 2000                  [Page 16]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   systemGroup OBJECT-GROUP
       OBJECTS { sysDescr, sysObjectID, sysUpTime,
                 sysContact, sysName, sysLocation,
                 sysServices,
                 sysORLastChange, sysORID,
                 sysORUpTime, sysORDescr }
       STATUS  current
       DESCRIPTION
               "The system group defines objects which are common to all
               managed systems."
       ::= { snmpMIBGroups 6 }

   snmpBasicNotificationsGroup NOTIFICATION-GROUP
       NOTIFICATIONS { coldStart, authenticationFailure }
       STATUS        current
       DESCRIPTION
               "The two notifications which an SNMP entity
               supporting notification originator applications
               is required to implement."
       ::= { snmpMIBGroups 7 }

   snmpAdditionalNotificationsGroup NOTIFICATION-GROUP
       NOTIFICATIONS { warmStart }
       STATUS        current
       DESCRIPTION
               "The notifications which an SNMP entity
               supporting notification originator applications
               is required to implement if it is able to
               reinitialize itself such that its configuration
               is unaltered."
       ::= { snmpMIBGroups 11 }

   notificationGroup OBJECT-GROUP
       OBJECTS { snmpTrapOID, snmpTrapEnterprise }
       STATUS  current
       DESCRIPTION
               "These objects are required for entities
               which support notification originator applications."
       ::= { snmpMIBGroups 12 }

   -- definitions in RFC 1213 made obsolete by the inclusion of a
   -- subset of the snmp group in this MIB









SNMPv3 Working Group        Expires June 2000                  [Page 17]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   snmpOutPkts OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Messages which were
               passed from the SNMP protocol entity to the
               transport service."
       ::= { snmp 2 }

   -- { snmp 7 } is not used

   snmpInTooBigs OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP PDUs which were
               delivered to the SNMP protocol entity and for
               which the value of the error-status field is
               `tooBig'."
       ::= { snmp 8 }

   snmpInNoSuchNames OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP PDUs which were
               delivered to the SNMP protocol entity and for
               which the value of the error-status field is
               `noSuchName'."
       ::= { snmp 9 }

   snmpInBadValues OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP PDUs which were
               delivered to the SNMP protocol entity and for
               which the value of the error-status field is
               `badValue'."
       ::= { snmp 10 }







SNMPv3 Working Group        Expires June 2000                  [Page 18]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   snmpInReadOnlys OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number valid SNMP PDUs which were delivered
               to the SNMP protocol entity and for which the value
               of the error-status field is `readOnly'.  It should
               be noted that it is a protocol error to generate an
               SNMP PDU which contains the value `readOnly' in the
               error-status field, as such this object is provided
               as a means of detecting incorrect implementations of
               the SNMP."
       ::= { snmp 11 }

   snmpInGenErrs OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP PDUs which were delivered
               to the SNMP protocol entity and for which the value
               of the error-status field is `genErr'."
       ::= { snmp 12 }

   snmpInTotalReqVars OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of MIB objects which have been
               retrieved successfully by the SNMP protocol entity
               as the result of receiving valid SNMP Get-Request
               and Get-Next PDUs."
       ::= { snmp 13 }

   snmpInTotalSetVars OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of MIB objects which have been
               altered successfully by the SNMP protocol entity as
               the result of receiving valid SNMP Set-Request PDUs."
       ::= { snmp 14 }






SNMPv3 Working Group        Expires June 2000                  [Page 19]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   snmpInGetRequests OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Get-Request PDUs which
               have been accepted and processed by the SNMP
               protocol entity."
       ::= { snmp 15 }

   snmpInGetNexts OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Get-Next PDUs which have been
               accepted and processed by the SNMP protocol entity."
       ::= { snmp 16 }

   snmpInSetRequests OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Set-Request PDUs which
               have been accepted and processed by the SNMP protocol
               entity."
       ::= { snmp 17 }

   snmpInGetResponses OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Get-Response PDUs which
               have been accepted and processed by the SNMP protocol
               entity."
       ::= { snmp 18 }

   snmpInTraps OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Trap PDUs which have been
               accepted and processed by the SNMP protocol entity."
       ::= { snmp 19 }




SNMPv3 Working Group        Expires June 2000                  [Page 20]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   snmpOutTooBigs OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP PDUs which were generated
               by the SNMP protocol entity and for which the value
               of the error-status field is `tooBig.'"
       ::= { snmp 20 }

   snmpOutNoSuchNames OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP PDUs which were generated
               by the SNMP protocol entity and for which the value
               of the error-status is `noSuchName'."
       ::= { snmp 21 }

   snmpOutBadValues OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP PDUs which were generated
               by the SNMP protocol entity and for which the value
               of the error-status field is `badValue'."
       ::= { snmp 22 }

   -- { snmp 23 } is not used

   snmpOutGenErrs OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP PDUs which were generated
               by the SNMP protocol entity and for which the value
               of the error-status field is `genErr'."
       ::= { snmp 24 }










SNMPv3 Working Group        Expires June 2000                  [Page 21]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   snmpOutGetRequests OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Get-Request PDUs which
               have been generated by the SNMP protocol entity."
       ::= { snmp 25 }

   snmpOutGetNexts OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Get-Next PDUs which have
               been generated by the SNMP protocol entity."
       ::= { snmp 26 }

   snmpOutSetRequests OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Set-Request PDUs which
               have been generated by the SNMP protocol entity."
       ::= { snmp 27 }

   snmpOutGetResponses OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Get-Response PDUs which
               have been generated by the SNMP protocol entity."
       ::= { snmp 28 }

   snmpOutTraps OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Trap PDUs which have
               been generated by the SNMP protocol entity."
       ::= { snmp 29 }







SNMPv3 Working Group        Expires June 2000                  [Page 22]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   snmpObsoleteGroup OBJECT-GROUP
       OBJECTS { snmpOutPkts, snmpInTooBigs, snmpInNoSuchNames,
                 snmpInBadValues, snmpInReadOnlys, snmpInGenErrs,
                 snmpInTotalReqVars, snmpInTotalSetVars,
                 snmpInGetRequests, snmpInGetNexts, snmpInSetRequests,
                 snmpInGetResponses, snmpInTraps, snmpOutTooBigs,
                 snmpOutNoSuchNames, snmpOutBadValues,
                 snmpOutGenErrs, snmpOutGetRequests, snmpOutGetNexts,
                 snmpOutSetRequests, snmpOutGetResponses, snmpOutTraps
                 }
       STATUS  obsolete
       DESCRIPTION
               "A collection of objects from RFC 1213 made obsolete
               by this MIB."
       ::= { snmpMIBGroups 10 }

   END

4.  Notice on Intellectual Property

   The IETF takes no position regarding the validity or scope of any
   intellectual property or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; neither does it represent that it
   has made any effort to identify any such rights.  Information on the
   IETF's procedures with respect to rights in standards-track and
   standards-related documentation can be found in BCP-11.  Copies of
   claims of rights made available for publication and any assurances of
   licenses to be made available, or the result of an attempt made to
   obtain a general license or permission for the use of such
   proprietary rights by implementors or users of this specification can
   be obtained from the IETF Secretariat.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights which may cover technology that may be required to practice
   this standard.  Please address the information to the IETF Executive
   Director.












SNMPv3 Working Group        Expires June 2000                  [Page 23]

Internet Draft        Protocol Operations for SNMP        9 January 2000



5.  Acknowledgements

   The previous versions of this document, edited by Keith McCloghrie,
   was the result of significant work by four major contributors:

        Jeffrey D. Case (SNMP Research, case@snmp.com)
        Keith McCloghrie (Cisco Systems, kzm@cisco.com)
        Marshall T. Rose (Dover Beach Consulting, mrose@dbc.mtview.ca.us)
        Steven Waldbusser (International Network Services, stevew@uni.ins.com)

   In addition, the contributions of the SNMPv2 and SNMPv3 Working
   Groups are acknowledged.  In particular, a special thanks is extended
   for the contributions of:

        Alexander I. Alten (Novell)
        Dave Arneson (Cabletron)
        Uri Blumenthal (IBM)
        Doug Book (Chipcom)
        Kim Curran (Bell-Northern Research)
        Jim Galvin (Trusted Information Systems)
        Maria Greene (Ascom Timeplex)
        Iain Hanson (Digital)
        Dave Harrington (Cabletron)
        Nguyen Hien (IBM)
        Jeff Johnson (Cisco Systems)
        Michael Kornegay (Object Quest)
        Deirdre Kostick (AT&T Bell Labs)
        David Levi (SNMP Research)
        Daniel Mahoney (Cabletron)
        Russ Mundy (TIS Labs at Network Associates, Chair)
        Bob Natale (ACE*COMM)
        Brian O'Keefe (Hewlett Packard)
        Andrew Pearson (SNMP Research)
        Dave Perkins (Peer Networks)
        Aleksey Romanov (Quality Quorum)
        Shawn Routhier (Epilogue)
        Jon Saperia (BGS Systems)
        Juergen Schoenwaelder (TU Braunschweig)
        Bob Stewart (Cisco Systems)
        Kaj Tesink (Bellcore)
        Glenn Waters (Bell-Northern Research)
        Bert Wijnen (IBM)

6.  Security Considerations

   There are a number of management objects defined in this MIB that
   have a MAX-ACCESS clause of read-write.  Such objects may be



SNMPv3 Working Group        Expires June 2000                  [Page 24]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   considered sensitive or vulnerable in some network environments.  The
   support for SET operations in a non-secure environment without proper
   protection can have a negative effect on network operations.

   SNMPv1 by itself is not a secure environment.  Even if the network
   itself is secure (for example by using IPSec), even then, there is no
   control as to who on the secure network is allowed to access and
   GET/SET (read/change) the objects in this MIB.

   It is recommended that the implementors consider the security
   features as provided by the SNMPv3 framework.  Specifically, the use
   of the User-based Security Model RFC 2574 [RFC2574] and the View-
   based Access Control Model RFC 2575 [RFC2575] is recommended.

   It is then a customer/user responsibility to ensure that the SNMP
   entity giving access to an instance of this MIB, is properly
   configured to give access to the objects only to those principals
   (users) that have legitimate rights to indeed GET or SET (change)
   them.

7.  References

   [RFC2571]   Harrington, D., Presuhn, R., and B. Wijnen, "An
               Architecture for Describing SNMP Management Frameworks",
               RFC 2571, April 1999.

   [RFC1155]   Rose, M., and K. McCloghrie, "Structure and
               Identification of Management Information for TCP/IP-based
               Internets", STD 16, RFC 1155, May 1990.

   [RFC1212]   Rose, M., and K. McCloghrie, "Concise MIB Definitions",
               STD 16, RFC 1212, March 1991.

   [RFC1215]   Rose, M., "A Convention for Defining Traps for use with
               the SNMP", RFC 1215, March 1991.

   [RFC2578]   McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
               Rose, M., and S. Waldbusser, "Structure of Management
               Information Version 2 (SMIv2)", STD 58, RFC 2578, April
               1999.

   [RFC2579]   McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
               Rose, M., and S. Waldbusser, "Textual Conventions for
               SMIv2", STD 58, RFC 2579, April 1999.

   [RFC2580]   McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
               Rose, M., and S. Waldbusser, "Conformance Statements for
               SMIv2", STD 58, RFC 2580, April 1999.



SNMPv3 Working Group        Expires June 2000                  [Page 25]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   [RFC1157]   Case, J., Fedor, M., Schoffstall, M., and J. Davin,
               "Simple Network Management Protocol", STD 15, RFC 1157,
               May 1990.

   [RFC1901]   Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
               "Introduction to Community-based SNMPv2", RFC 1901,
               January 1996.

   [RFC-TM]    Presuhn, R., SNMPv2 Working Group, Case, J., McCloghrie,
               K., Rose, M., and S. Waldbusser, "Transport Mappings for
               the Simple Network Management Protocol",
               <draft-ietf-snmpv3-update-transmap-00.txt>, January 2000.

   [RFC2572]   Case, J., Harrington D., Presuhn R., and B. Wijnen,
               "Message Processing and Dispatching for the Simple
               Network Management Protocol (SNMP)", RFC 2572, April
               1999.

   [RFC2574]   Blumenthal, U., and B. Wijnen, "User-based Security Model
               (USM) for version 3 of the Simple Network Management
               Protocol (SNMPv3)", RFC 2574, April 1999.

   [RFC-PROTO] Presuhn, R., SNMPv2 Working Group, Case, J., McCloghrie,
               K., Rose, M., and S. Waldbusser, "Protocol Operations for
               the Simple Network Management Protocol",
               <draft-ietf-snmpv3-update-proto-00.txt>, January 2000.

   [RFC2573]   Levi, D., Meyer, P., and B. Stewart, "SNMPv3
               Applications", RFC 2573, April 1999.

   [RFC2575]   Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based
               Access Control Model (VACM) for the Simple Network
               Management Protocol (SNMP)", RFC 2575, April 1999.

   [RFC2570]   Case, J., Mundy, R., Partain, D., and B. Stewart,
               "Introduction to Version 3 of the Internet-standard
               Network Management Framework", RFC 2570, April 1999.

   [RFC2233]   McCloghrie, K., and F.  Kastenholz, "The Interfaces Group
               MIB using SMIv2", RFC 2233, November 1997.

8.  Editor's Address

   Randy Presuhn
   BMC Software, Inc.
   2141 North First Street
   San Jose, CA  95131
   USA



SNMPv3 Working Group        Expires June 2000                  [Page 26]

Internet Draft        Protocol Operations for SNMP        9 January 2000


   Phone: +1 408 546 1006
   EMail: randy_presuhn@bmc.com

9.  Changes from RFC 1907

   These are the changes from RFC 1907:

        -    Corrected typo in copyright statement;

        -    Updated copyright date;

        -    Updated with new editor's name and contact information;

        -    Cosmetic fixes to layout and typography;

        -    Changed title;

        -    Replace introduction with current MIB boilerplate;

        -    Updated references;

        -    Fixed typo in sysORUpTime;

        -    Re-worded description of snmpSilentDrops;

        -    Updated reference to RFC 1573 to 2233;

        -    Added IPR boilerplate as required by RFC 2026;

        -    Weakened authenticationFailure description from MUST to
             MAY, clarified that it pertains to all SNMP entities;

        -    Clarified descriptions of snmpInBadCommunityNames and
             snmpInBadCommunityUses;

        -    Updated module-identity and contact information;

        -    Updated the acknowledgements section;

        -    Replaced references to "manager role", "agent role" and
             "SNMPv2 entity" with appropriate terms from RFC 2571;

        -    Updated document headers and footers;

        -    Added security considerations, based on current
             recommendations for MIB modules.

        -    Added NOTIFICATION-GROUP and OBJECT-GROUP constructs for



SNMPv3 Working Group        Expires June 2000                  [Page 27]

Internet Draft        Protocol Operations for SNMP        9 January 2000


             NOTIFICATION-TYPEs and OBJECT-TYPEs that were left
             unreferenced in RFC 1907.

        -    Replaced references to DisplayString with SnmpAdminString,
             with additional text on compatibility concerns.

10.  Issues

   This section is to be deleted when it is time to publish this
   document as an RFC.  The issue labels are the same as those used in
   the on-line issues list at
   ftp://amethyst.bmc.com/pub/snmpv3/Update567/rfc1907/index.html

        1907-01   Done; title changed.

        1907-02   Done; replaced introduction with current MIB
                  boilerplate.

        1907-03   Done; resolution was to make no change.

        1907-04   Done; replaced occurrences of "SNMPv2 entity",
                  "manager role", and "agent role" with appropriate
                  terms from architecture.

        1907-05   Done; typo fixed.

        1907-06   Done; resolution was to make no change.

        1907-07   Done; description of snmpSilentDrops updated.

        1907-08   Done; reference to RFC 1573 replaced with reference to
                  RFC 2233.

        1907-09   Done; resolution was to make no change.

        1907-10   Done; resolution was to make no change.

        1907-11   Done; resolution was to make no change.

        1907-12   Done; added security considerations based on
                  recommended text from http://www.ops.ietf.org/

        1907-13   NOT COMPLETE; references updated, acknowledgements
                  need more work.

        1907-14   Done; IPR boilerplate aligned with RFC 2026.

        1907-15   Done; authenticationFailure weakened to MAY but



SNMPv3 Working Group        Expires June 2000                  [Page 28]

Internet Draft        Protocol Operations for SNMP        9 January 2000


                  permitted for all protocol versions.

        1907-16   Done; resolution was to make no change.

        1907-17   Done; clarified descriptions of
                  snmpInBadCommunityNames and snmpInBadCommunityUses.

        1907-18   Done; replaced DisplayString with SnmpAdminString and
                  added DESCRIPTION text for compatibility.

11.  Full Copyright Statement

   Copyright (C) The Internet Society (2000).  All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works.  However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assigns.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.














SNMPv3 Working Group        Expires June 2000                  [Page 29]


Html markup produced by rfcmarkup 1.108, available from http://tools.ietf.org/tools/rfcmarkup/