draft-ietf-ipv6-rfc2013-update-02.txt   draft-ietf-ipv6-rfc2013-update-03.txt 
IPv6 MIB Revision Design Team Bill Fenner IPv6 MIB Revision Design Team Bill Fenner
INTERNET-DRAFT AT&T Research INTERNET-DRAFT AT&T Research
Expires: May 2004 John Flick Expires: October 2004 John Flick
Hewlett-Packard Company Hewlett-Packard Company
November 2003 April 2004
Management Information Base Management Information Base
for the User Datagram Protocol (UDP) for the User Datagram Protocol (UDP)
draft-ietf-ipv6-rfc2013-update-02.txt draft-ietf-ipv6-rfc2013-update-03.txt
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 1, line 39 skipping to change at page 1, line 40
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This document is a product of the IPv6 MIB Revision Design Team. This document is a product of the IPv6 MIB Revision Design Team.
Comments should be addressed to the authors, or to the mailing list Comments should be addressed to the authors, or to the mailing list
at ipv6@ietf.org. at ipv6@ietf.org.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2003). All Rights Reserved. Copyright (C) The Internet Society (2004). All Rights Reserved.
Abstract Abstract
This memo defines a portion of the Management Information Base (MIB) This memo defines a portion of the Management Information Base (MIB)
for use with network management protocols in the Internet community. for use with network management protocols in the Internet community.
In particular, it describes managed objects used for implementations In particular, it describes managed objects used for implementations
of the User Datagram Protocol (UDP) in an IP version independent of the User Datagram Protocol (UDP) in an IP version independent
manner. This memo obsoletes RFCs 2013 and 2454. manner. This memo obsoletes RFCs 2013 and 2454.
Table of Contents Table of Contents
1. The Internet-Standard Management Framework ................. 4 1. The Internet-Standard Management Framework ................. 5
2. Overview ................................................... 5 2. Overview ................................................... 6
2.1. Relationship to Other MIBs ............................... 5 2.1. Relationship to Other MIBs ............................... 6
2.1.1. Relationship to RFC1213-MIB ............................ 5 2.1.1. Relationship to RFC1213-MIB ............................ 6
2.1.2. Relationship to the IPV6-UDP-MIB ....................... 6 2.1.2. Relationship to the IPV6-UDP-MIB ....................... 7
2.1.3. Relationship to HOST-RESOURCES-MIB and SYSAPPL-MIB ..... 6 2.1.3. Relationship to HOST-RESOURCES-MIB and SYSAPPL-MIB ..... 7
3. Definitions ................................................ 6 3. Definitions ................................................ 7
4. Intellectual Property ...................................... 15 4. Intellectual Property ...................................... 18
5. Acknowledgements ........................................... 16 5. Acknowledgements ........................................... 18
6. Contributers ............................................... 16 6. Contributers ............................................... 18
7. Normative References ....................................... 16 7. Normative References ....................................... 19
8. Informative References ..................................... 17 8. Informative References ..................................... 19
9. Security Considerations .................................... 17 9. Security Considerations .................................... 20
10. Editors Addresses ......................................... 18 10. Editors Addresses ......................................... 21
11. Full Copyright Statement .................................. 19 11. Full Copyright Statement .................................. 21
Revision History Revision History
[Note to RFC Editor: Please remove prior to publication] [Note to RFC Editor: Please remove prior to publication]
Changes from draft-ietf-ipv6-rfc2013-update-02.txt
27 April 2004
Added text to section 2.1.2 to clarify why an equivalent to RFC
2454's ipv6UdpIfIndex is not required.
Changed the text of the Security Considerations so that it no
longer implies that udpEndpointLocalPort is readable, but is
instead only returned as part of an index.
Added an explicit reference to sysUpTime as a discontinuity
indicator to the counter objects in the mib.
Reworded the description of udpEndpointLocalAddress to indicate
that it can be used to represent any address that the local
system is listening to, not just addresses assigned to the
system.
Updated the description of InetAddress objects used as index
elements to indicate the 128 octet limit.
Added a note to the description of udpEndpointRemoteAddressType
to indicate that some combinations of
udpEndpointLocalAddressType and udpEndpointRemoteAddressType are
not legal.
Reverted udpEndpointInstance to not-accessible, since
udpEndpointProcess is now a mandatory to implement object (to
align with the TCP-MIB).
Added text to the udpEndpointInstance description to describe
why it is needed.
Added pseudo OBJECT clauses to the description of
udpMIBCompliance2 for udpEndpointLocalAddressType and
udpEndpointRemoteAddressType.
Removed udpEndpointInstance from the udpEndpointGroup, since it
is now not-accessible, and added udpEndpointProcess to the
udpEndpointGroup, since it is now mandatory. Removed the
udpEndpointProcessGroup.
Changes from draft-ietf-ipv6-rfc2013-update-00.txt Changes from draft-ietf-ipv6-rfc2013-update-00.txt
24 October 2003 24 October 2003
Dropped udpEndpointInDatagrams, udpEndpointHCInDatagrams, Dropped udpEndpointInDatagrams, udpEndpointHCInDatagrams,
udpEndpointOutDatagrams, udpEndpointHCOutDatagrams, udpEndpointOutDatagrams, udpEndpointHCOutDatagrams,
udpEndpointInOctets, udpEndpointHCInOctets, udpEndpointInOctets, udpEndpointHCInOctets,
udpEndpointOutOctets, udpEndpointHCOutOctets, and udpEndpointOutOctets, udpEndpointHCOutOctets, and
udpEndpointStartTime. udpEndpointStartTime.
skipping to change at page 5, line 28 skipping to change at page 6, line 22
udpHCOutDatagrams have been added to this group since the udpHCOutDatagrams have been added to this group since the
publication of RFC 2013 in order to provide high-capacity publication of RFC 2013 in order to provide high-capacity
counters for fast networks. counters for fast networks.
- The udpEndpointTable provides access to status information for - The udpEndpointTable provides access to status information for
all UDP endpoints handled by a UDP protocol engine. The table all UDP endpoints handled by a UDP protocol engine. The table
provides for strictly listening endpoints, as with the provides for strictly listening endpoints, as with the
historical udpTable, and also for "connected" UDP endpoints, historical udpTable, and also for "connected" UDP endpoints,
which only accept packets from a given remote system. It also which only accept packets from a given remote system. It also
reports identification of the operating system level processes reports identification of the operating system level processes
which handles UDP connections. which handle UDP connections.
2.1. Relationship to Other MIBs 2.1. Relationship to Other MIBs
This section discusses the relationship of this UDP-MIB module to This section discusses the relationship of this UDP-MIB module to
other MIB modules. other MIB modules.
2.1.1. Relationship to RFC1213-MIB 2.1.1. Relationship to RFC1213-MIB
UDP related MIB objects were originally defined as part of the UDP related MIB objects were originally defined as part of the
RFC1213-MIB defined in RFC 1213 [RFC1213]. The UDP related objects of RFC1213-MIB defined in RFC 1213 [RFC1213]. The UDP related objects of
skipping to change at page 6, line 23 skipping to change at page 7, line 15
udpEndpointTable thus allows for the addition of specific status udpEndpointTable thus allows for the addition of specific status
and statistic objects for "connected" endpoints and connections. and statistic objects for "connected" endpoints and connections.
2.1.2. Relationship to the IPV6-UDP-MIB 2.1.2. Relationship to the IPV6-UDP-MIB
The IPV6-UDP-MIB defined in RFC 2454 has been moved to Historic since The IPV6-UDP-MIB defined in RFC 2454 has been moved to Historic since
the approach of having separate IP version specific tables is not the approach of having separate IP version specific tables is not
followed anymore. Implementation of RFC 2454 is thus not suggested followed anymore. Implementation of RFC 2454 is thus not suggested
anymore. anymore.
Note that since scoped addresses are now represented using the ipv4z
and ipv6z address types, there is no longer a need to explicitly
include the ifIndex in the index clause of the udpEndpointTable.
This is a change from the use of ipv6UdpIfIndex in RFC 2454.
2.1.3. Relationship to HOST-RESOURCES-MIB and SYSAPPL-MIB 2.1.3. Relationship to HOST-RESOURCES-MIB and SYSAPPL-MIB
The udpEndpointTable reports the identification of the operating The udpEndpointTable reports the identification of the operating
system level process which handles a connection or a listening system level process which handles a connection or a listening
endpoint. The value is reported as an Unsigned32 which is expected to endpoint. The value is reported as an Unsigned32 which is expected to
be the same as the hrSWRunIndex of the HOST-RESOURCES-MIB [RFC2790] be the same as the hrSWRunIndex of the HOST-RESOURCES-MIB [RFC2790]
(if the value is smaller than 2147483647) or the sysApplElmtRunIndex (if the value is smaller than 2147483647) or the sysApplElmtRunIndex
of the SYSAPPL-MIB [RFC2287]. This allows managment applications to of the SYSAPPL-MIB [RFC2287]. This allows managment applications to
identify the UDP connections that belong to an operating system level identify the UDP connections that belong to an operating system level
process, which has proven to be valuable in operational environments. process, which has proven to be valuable in operational environments.
skipping to change at page 6, line 46 skipping to change at page 7, line 43
UDP-MIB DEFINITIONS ::= BEGIN UDP-MIB DEFINITIONS ::= BEGIN
IMPORTS IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Integer32, Counter32, Counter64, MODULE-IDENTITY, OBJECT-TYPE, Integer32, Counter32, Counter64,
Unsigned32, IpAddress, mib-2 FROM SNMPv2-SMI Unsigned32, IpAddress, mib-2 FROM SNMPv2-SMI
MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF
InetAddress, InetAddressType, InetAddress, InetAddressType,
InetPortNumber FROM INET-ADDRESS-MIB; InetPortNumber FROM INET-ADDRESS-MIB;
udpMIB MODULE-IDENTITY udpMIB MODULE-IDENTITY
LAST-UPDATED "200310240000Z" -- October 24, 2003 LAST-UPDATED "200404270000Z" -- April 27, 2004
ORGANIZATION "IETF IPv6 Working Group ORGANIZATION
http://www.ietf.org/htmp.charters/ipv6-charter.html" "IETF IPv6 Working Group
http://www.ietf.org/htmp.lharters/ipv6-charter.html"
CONTACT-INFO CONTACT-INFO
"Bill Fenner (editor) "Bill Fenner (editor)
AT&T Labs -- Research AT&T Labs -- Research
75 Willow Rd. 75 Willow Rd.
Menlo Park, CA 94025 Menlo Park, CA 94025
Phone: +1 650 330-7893 Phone: +1 650 330-7893
Email: <fenner@research.att.com> Email: <fenner@research.att.com>
John Flick (editor) John Flick (editor)
Hewlett-Packard Company Hewlett-Packard Company
skipping to change at page 7, line 18 skipping to change at page 8, line 17
Phone: +1 650 330-7893 Phone: +1 650 330-7893
Email: <fenner@research.att.com> Email: <fenner@research.att.com>
John Flick (editor) John Flick (editor)
Hewlett-Packard Company Hewlett-Packard Company
8000 Foothills Blvd. M/S 5557 8000 Foothills Blvd. M/S 5557
Roseville, CA 95747 Roseville, CA 95747
Phone: +1 916 785 4018 Phone: +1 916 785 4018
Email: <johnf@rose.hp.com>" Email: <johnf@rose.hp.com>
Send comments to <ipv6@ietf.org>"
DESCRIPTION DESCRIPTION
"The MIB module for managing UDP implementations. "The MIB module for managing UDP implementations.
Copyright (C) The Internet Society (2003). This Copyright (C) The Internet Society (2004). This
version of this MIB module is part of RFC XXXX; version of this MIB module is part of RFC XXXX;
see the RFC itself for full legal notices. see the RFC itself for full legal notices."
-- RFC Ed.: Replace XXXX with the actual RFC number & remove -- RFC Ed.: Replace XXXX with actual RFC number & remove note
-- this note" REVISION "200404270000Z" -- April 27, 2004
REVISION "200310240000Z" -- October 24, 2003
DESCRIPTION DESCRIPTION
"IP version neutral revision, published as RFC XXXX." "IP version neutral revision, published as RFC XXXX."
-- RFC Ed.: Replace XXXX with the actual RFC number & remove -- RFC Ed.: Replace XXXX with actual RFC number & remove note
-- this note"
REVISION "199411010000Z" -- November 1, 1994 REVISION "199411010000Z" -- November 1, 1994
DESCRIPTION DESCRIPTION
"Initial SMIv2 version, published as RFC 2013." "Initial SMIv2 version, published as RFC 2013."
REVISION "199103310000Z" -- March 31, 1991 REVISION "199103310000Z" -- March 31, 1991
DESCRIPTION DESCRIPTION
"The initial revision of this MIB module was part of MIB-II." "The initial revision of this MIB module was part of
MIB-II."
::= { mib-2 50 } ::= { mib-2 50 }
-- the UDP group -- the UDP group
udp OBJECT IDENTIFIER ::= { mib-2 7 } udp OBJECT IDENTIFIER ::= { mib-2 7 }
udpInDatagrams OBJECT-TYPE udpInDatagrams OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The total number of UDP datagrams delivered to UDP users." "The total number of UDP datagrams delivered to UDP
users.
Discontinuities in the value of this counter can occur
at re-initialization of the management system, and at
other times as indicated by discontinuities in the
value of sysUpTime."
::= { udp 1 } ::= { udp 1 }
udpNoPorts OBJECT-TYPE udpNoPorts OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The total number of received UDP datagrams for which there "The total number of received UDP datagrams for which
was no application at the destination port." there was no application at the destination port.
Discontinuities in the value of this counter can occur
at re-initialization of the management system, and at
other times as indicated by discontinuities in the
value of sysUpTime."
::= { udp 2 } ::= { udp 2 }
udpInErrors OBJECT-TYPE udpInErrors OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of received UDP datagrams that could not be "The number of received UDP datagrams that could not be
delivered for reasons other than the lack of an application delivered for reasons other than the lack of an
at the destination port." application at the destination port.
Discontinuities in the value of this counter can occur
at re-initialization of the management system, and at
other times as indicated by discontinuities in the
value of sysUpTime."
::= { udp 3 } ::= { udp 3 }
udpOutDatagrams OBJECT-TYPE udpOutDatagrams OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The total number of UDP datagrams sent from this entity." "The total number of UDP datagrams sent from this
::= { udp 4 } entity.
Discontinuities in the value of this counter can occur
at re-initialization of the management system, and at
other times as indicated by discontinuities in the
value of sysUpTime."
::= { udp 4 }
udpHCInDatagrams OBJECT-TYPE udpHCInDatagrams OBJECT-TYPE
SYNTAX Counter64 SYNTAX Counter64
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The total number of UDP datagrams delivered to UDP users, "The total number of UDP datagrams delivered to UDP
for devices which can receive more than 1 million UDP users, for devices which can receive more than 1
datagrams per second." million UDP datagrams per second.
Discontinuities in the value of this counter can occur
at re-initialization of the management system, and at
other times as indicated by discontinuities in the
value of sysUpTime."
::= { udp 8 } ::= { udp 8 }
udpHCOutDatagrams OBJECT-TYPE udpHCOutDatagrams OBJECT-TYPE
SYNTAX Counter64 SYNTAX Counter64
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The total number of UDP datagrams sent from this entity, for "The total number of UDP datagrams sent from this
devices which can transmit more than 1 million UDP datagrams entity, for devices which can transmit more than 1
per second." million UDP datagrams per second.
Discontinuities in the value of this counter can occur
at re-initialization of the management system, and at
other times as indicated by discontinuities in the
value of sysUpTime."
::= { udp 9 } ::= { udp 9 }
-- --
-- { udp 6 } was defined as the ipv6UdpTable in RFC2454's IPV6-UDP-MIB. -- { udp 6 } was defined as the ipv6UdpTable in RFC2454's
-- This RFC obsoletes RFC 2454, so { udp 6 } is obsoleted. -- IPV6-UDP-MIB. This RFC obsoletes RFC 2454, so { udp 6 } is
-- obsoleted.
-- --
-- The UDP "Endpoint" table. -- The UDP "Endpoint" table.
udpEndpointTable OBJECT-TYPE udpEndpointTable OBJECT-TYPE
SYNTAX SEQUENCE OF UdpEndpointEntry SYNTAX SEQUENCE OF UdpEndpointEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A table containing information about this entity's UDP "A table containing information about this entity's UDP
endpoints on which a local application is currently endpoints on which a local application is currently
accepting or sending datagrams. accepting or sending datagrams.
The address type in this table represents the address type The address type in this table represents the address
used for the communication, irrespective of the higher-layer type used for the communication, irrespective of the
abstraction. For example, an application using IPv6 higher-layer abstraction. For example, an application
'sockets' to communicate via IPv4 between ::ffff:10.0.0.1 using IPv6 'sockets' to communicate via IPv4 between
and ::ffff:10.0.0.2 would use InetAddressType ipv4(1). ::ffff:10.0.0.1 and ::ffff:10.0.0.2 would use
InetAddressType ipv4(1).
Unlike the udpTable in RFC 2013, this table also allows the Unlike the udpTable in RFC 2013, this table also allows
representation of an application which completely specifies the representation of an application which completely
both local and remote addresses and ports. A listening specifies both local and remote addresses and ports. A
application is represented in three possible ways: listening application is represented in three possible
ways:
1) an application which is willing to accept both IPv4 and 1) an application which is willing to accept both IPv4
IPv6 datagrams is represented by a and IPv6 datagrams is represented by a
udpEndpointLocalAddressType of unknown(0) and udpEndpointLocalAddressType of unknown(0) and
udpEndpointLocalAddress of ''h (a zero-length udpEndpointLocalAddress of ''h (a zero-length
octet-string). octet-string).
2) an application which is willing to accept only IPv4 or 2) an application which is willing to accept only IPv4
only IPv6 datagrams is represented by a or only IPv6 datagrams is represented by a
udpEndpointLocalAddressType of the appropriate address udpEndpointLocalAddressType of the appropriate
type, and udpEndpointLocalAddress of ''h (a zero-length address type, and udpEndpointLocalAddress of ''h (a
octet-string). zero-length octet-string).
3) an application which is listening for datagrams only for 3) an application which is listening for datagrams only
a specific IP address, but from any remote system, is for a specific IP address, but from any remote
repesented by a udpEndpointLocalAddressType of the system, is repesented by a
appropriate address type, udpEndpointLocalAddress udpEndpointLocalAddressType of the appropriate
specifying the local address. address type, udpEndpointLocalAddress specifying the
local address.
In all cases where the remote is a wildcard, the In all cases where the remote is a wildcard, the
udpEndpointRemoteAddressType is unknown(0), the udpEndpointRemoteAddressType is unknown(0), the
udpEndpointRemoteAdderess is ''h (a zero-length udpEndpointRemoteAddress is ''h (a zero-length
octet-string), and the udpEndpointRemotePort is 0. octet-string), and the udpEndpointRemotePort is 0.
If the operating system is demultiplexing UDP packets by If the operating system is demultiplexing UDP packets
remote address and port, or if the application has by remote address and port, or if the application has
'connected' the socket specifying a default remote address 'connected' the socket specifying a default remote
and port, the udpEndpointRemote* values should be used to address and port, the udpEndpointRemote* values should
reflect this." be used to reflect this."
::= { udp 7 } ::= { udp 7 }
udpEndpointEntry OBJECT-TYPE udpEndpointEntry OBJECT-TYPE
SYNTAX UdpEndpointEntry SYNTAX UdpEndpointEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Information about a particular current UDP endpoint. "Information about a particular current UDP endpoint.
Implementers need to be aware that if the total number Implementers need to be aware that if the total number
skipping to change at page 10, line 50 skipping to change at page 12, line 37
udpEndpointRemotePort InetPortNumber, udpEndpointRemotePort InetPortNumber,
udpEndpointInstance Unsigned32, udpEndpointInstance Unsigned32,
udpEndpointProcess Unsigned32 udpEndpointProcess Unsigned32
} }
udpEndpointLocalAddressType OBJECT-TYPE udpEndpointLocalAddressType OBJECT-TYPE
SYNTAX InetAddressType SYNTAX InetAddressType
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The address type of udpEndpointLocalAddress. Only IPv4, "The address type of udpEndpointLocalAddress. Only
IPv4z, IPv6 and IPv6z addresses are expected, or IPv4, IPv4z, IPv6 and IPv6z addresses are expected, or
unknown(0) if datagrams for all local IP addresses are unknown(0) if datagrams for all local IP addresses are
accepted." accepted."
::= { udpEndpointEntry 1 } ::= { udpEndpointEntry 1 }
udpEndpointLocalAddress OBJECT-TYPE udpEndpointLocalAddress OBJECT-TYPE
SYNTAX InetAddress SYNTAX InetAddress
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The local IP address for this UDP endpoint. This is either "The local IP address for this UDP endpoint. This is
one of the IP addresses assigned to the system, or a null either one of the IP addresses for which this node is
octet-string (''h) to represent that datagrams destined to receiving packets, or a null octet-string (''h) to
any address assigned to the system of an IP version represent that datagrams destined to any address to
which the system is listening of an IP version
consistent with udpEndpointLocalAddressType (or any IP consistent with udpEndpointLocalAddressType (or any IP
version, if udpEndpointLocalAddressType is unknown(0)) will version, if udpEndpointLocalAddressType is unknown(0))
be accepted." will be accepted.
As this object is used in the index for the
udpEndpointTable, implementors of this table should be
careful not to create entries that would result in OIDs
with more than 128 subidentifiers; else the information
cannot be accessed using SNMPv1, SNMPv2c or SNMPv3."
::= { udpEndpointEntry 2 } ::= { udpEndpointEntry 2 }
udpEndpointLocalPort OBJECT-TYPE udpEndpointLocalPort OBJECT-TYPE
SYNTAX InetPortNumber SYNTAX InetPortNumber
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The local port number for this UDP endpoint." "The local port number for this UDP endpoint."
::= { udpEndpointEntry 3 } ::= { udpEndpointEntry 3 }
udpEndpointRemoteAddressType OBJECT-TYPE udpEndpointRemoteAddressType OBJECT-TYPE
SYNTAX InetAddressType SYNTAX InetAddressType
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The address type of udpEndpointRemoteAddress. Only IPv4, "The address type of udpEndpointRemoteAddress. Only
IPv4z, IPv6 and IPv6 addresses are expected, or IPv4, IPv4z, IPv6 and IPv6z addresses are expected, or
unknown(0) if datagrams for all remote IP addresses are unknown(0) if datagrams for all remote IP addresses are
accepted." accepted. Also, note that some combinations of
udpEndpointLocalAdressType and
udpEndpointRemoteAddressType are not supported. In
particular, if the value of this object is not
unknown(0), it is expected to always refer to the
same IP version as udpEndpointLocalAddressType."
::= { udpEndpointEntry 4 } ::= { udpEndpointEntry 4 }
udpEndpointRemoteAddress OBJECT-TYPE udpEndpointRemoteAddress OBJECT-TYPE
SYNTAX InetAddress SYNTAX InetAddress
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The remote IP address for this UDP endpoint. If datagrams "The remote IP address for this UDP endpoint. If
from any remote system are to be accepted, this value is ''h datagrams from any remote system are to be accepted,
(a zero-length octet-string). Otherwise, it has the type this value is ''h (a zero-length octet-string).
described by udpEndpointRemoteAddressType, and is the Otherwise, it has the type described by
address of the remote system from which datagrams are to be udpEndpointRemoteAddressType, and is the address of the
accepted (or to which all datagrams will be sent)." remote system from which datagrams are to be accepted
(or to which all datagrams will be sent).
As this object is used in the index for the
udpEndpointTable, implementors of this table should be
careful not to create entries that would result in OIDs
with more than 128 subidentifiers; else the information
cannot be accessed using SNMPv1, SNMPv2c or SNMPv3."
::= { udpEndpointEntry 5 } ::= { udpEndpointEntry 5 }
udpEndpointRemotePort OBJECT-TYPE udpEndpointRemotePort OBJECT-TYPE
SYNTAX InetPortNumber SYNTAX InetPortNumber
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The remote port number for this UDP endpoint. If datagrams "The remote port number for this UDP endpoint. If
from any remote system are to be accepted, this value is datagrams from any remote system are to be accepted,
zero." this value is zero."
::= { udpEndpointEntry 6 } ::= { udpEndpointEntry 6 }
udpEndpointInstance OBJECT-TYPE udpEndpointInstance OBJECT-TYPE
SYNTAX Unsigned32 (1..'ffffffff'h) SYNTAX Unsigned32 (1..'ffffffff'h)
MAX-ACCESS read-only MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The instance of this tuple. This object is used to "The instance of this tuple. This object is used to
distinguish between multiple processes 'connected' to the distinguish between multiple processes 'connected' to
same UDP endpoint." the same UDP endpoint. For example, on a system
implementing the BSD sockets interface, this would be
used to support the SO_REUSEADDR and SO_REUSEPORT
socket options."
::= { udpEndpointEntry 7 } ::= { udpEndpointEntry 7 }
udpEndpointProcess OBJECT-TYPE udpEndpointProcess OBJECT-TYPE
SYNTAX Unsigned32 SYNTAX Unsigned32
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The system's process ID for the process associated with this "The system's process ID for the process associated with
endpoint, or zero if there is no such process. This value this endpoint, or zero if there is no such process.
is expected to be the same as This value is expected to be the same as
HOST-RESOURCES-MIB::hrSWRunIndex or HOST-RESOURCES-MIB::hrSWRunIndex or SYSAPPL-MIB::
SYSAPPL-MIB::sysApplElmtRunIndex for some row in the sysApplElmtRunIndex for some row in the appropriate
appropriate tables." tables."
::= { udpEndpointEntry 8 } ::= { udpEndpointEntry 8 }
-- The deprecated UDP Listener table -- The deprecated UDP Listener table
-- The deprecated UDP listener table only contains information about this -- The deprecated UDP listener table only contains information
-- entity's IPv4 UDP end-points on which a local application is -- about this entity's IPv4 UDP end-points on which a local
-- currently accepting datagrams. It does not provide more detailed -- application is currently accepting datagrams. It does not
-- connection information, or information about IPv6 endpoints. -- provide more detailed connection information, or information
-- about IPv6 endpoints.
udpTable OBJECT-TYPE udpTable OBJECT-TYPE
SYNTAX SEQUENCE OF UdpEntry SYNTAX SEQUENCE OF UdpEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"A table containing IPv4-specific UDP listener information. "A table containing IPv4-specific UDP listener
It contains information about all local IPv4 UDP end-points information. It contains information about all local
on which an application is currently accepting datagrams. IPv4 UDP end-points on which an application is
currently accepting datagrams. This table has been
This table has been deprecated in favor of the version deprecated in favor of the version neutral
neutral udpEndpointTable." udpEndpointTable."
::= { udp 5 } ::= { udp 5 }
udpEntry OBJECT-TYPE udpEntry OBJECT-TYPE
SYNTAX UdpEntry SYNTAX UdpEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"Information about a particular current UDP listener." "Information about a particular current UDP listener."
INDEX { udpLocalAddress, udpLocalPort } INDEX { udpLocalAddress, udpLocalPort }
::= { udpTable 1 } ::= { udpTable 1 }
skipping to change at page 13, line 28 skipping to change at page 15, line 39
UdpEntry ::= SEQUENCE { UdpEntry ::= SEQUENCE {
udpLocalAddress IpAddress, udpLocalAddress IpAddress,
udpLocalPort Integer32 udpLocalPort Integer32
} }
udpLocalAddress OBJECT-TYPE udpLocalAddress OBJECT-TYPE
SYNTAX IpAddress SYNTAX IpAddress
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"The local IP address for this UDP listener. In the case of "The local IP address for this UDP listener. In the
a UDP listener which is willing to accept datagrams for any case of a UDP listener which is willing to accept
IP interface associated with the node, the value 0.0.0.0 is datagrams for any IP interface associated with the
used." node, the value 0.0.0.0 is used."
::= { udpEntry 1 } ::= { udpEntry 1 }
udpLocalPort OBJECT-TYPE udpLocalPort OBJECT-TYPE
SYNTAX Integer32 (0..65535) SYNTAX Integer32 (0..65535)
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"The local port number for this UDP listener." "The local port number for this UDP listener."
::= { udpEntry 2 } ::= { udpEntry 2 }
-- conformance information -- conformance information
udpMIBConformance OBJECT IDENTIFIER ::= { udpMIB 2 } udpMIBConformance OBJECT IDENTIFIER ::= { udpMIB 2 }
udpMIBCompliances OBJECT IDENTIFIER ::= { udpMIBConformance 1 } udpMIBCompliances OBJECT IDENTIFIER ::= { udpMIBConformance 1 }
udpMIBGroups OBJECT IDENTIFIER ::= { udpMIBConformance 2 } udpMIBGroups OBJECT IDENTIFIER ::= { udpMIBConformance 2 }
-- compliance statements -- compliance statements
udpMIBCompliance2 MODULE-COMPLIANCE udpMIBCompliance2 MODULE-COMPLIANCE
skipping to change at page 14, line 5 skipping to change at page 16, line 16
udpMIBConformance OBJECT IDENTIFIER ::= { udpMIB 2 } udpMIBConformance OBJECT IDENTIFIER ::= { udpMIB 2 }
udpMIBCompliances OBJECT IDENTIFIER ::= { udpMIBConformance 1 } udpMIBCompliances OBJECT IDENTIFIER ::= { udpMIBConformance 1 }
udpMIBGroups OBJECT IDENTIFIER ::= { udpMIBConformance 2 } udpMIBGroups OBJECT IDENTIFIER ::= { udpMIBConformance 2 }
-- compliance statements -- compliance statements
udpMIBCompliance2 MODULE-COMPLIANCE udpMIBCompliance2 MODULE-COMPLIANCE
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The compliance statement for systems which implement UDP." "The compliance statement for systems which implement
UDP.
There are a number of INDEX objects that cannot be
represented in the form of OBJECT clauses in SMIv2, but
for which we have the following compliance
requirements, expressed in OBJECT clause form in this
description clause:
-- OBJECT udpEndpointLocalAddressType
-- SYNTAX InetAddressType { unknown(0), ipv4(1),
-- ipv6(2), ipv4z(3),
-- ipv6z(4) }
-- DESCRIPTION
-- Support for dns(5) is not required.
-- OBJECT udpEndpointRemoteAddressType
-- SYNTAX InetAddressType { unknown(0), ipv4(1),
-- ipv6(2), ipv4z(3),
-- ipv6z(4) }
-- DESCRIPTION
-- Support for dns(5) is not required.
"
MODULE -- this module MODULE -- this module
MANDATORY-GROUPS { udpBaseGroup, udpEndpointGroup } MANDATORY-GROUPS { udpBaseGroup, udpEndpointGroup }
GROUP udpHCGroup GROUP udpHCGroup
DESCRIPTION DESCRIPTION
"This group is mandatory for those systems which are "This group is mandatory for those systems which
capable of receiving or transmitting more than 1 are capable of receiving or transmitting more than
million UDP datagrams per second. 1 million datagrams 1 million UDP datagrams per second. 1 million
per second will cause a Counter32 to wrap in just over datagrams per second will cause a Counter32 to
an hour." wrap in just over an hour."
GROUP udpEndpointProcessGroup
DESCRIPTION
"This group is mandatory for systems which implement a
'process ID' concept, in particular those that also
implement the HOST-RESOURCES-MIB or SYSAPPL-MIB."
::= { udpMIBCompliances 2 } ::= { udpMIBCompliances 2 }
udpMIBCompliance MODULE-COMPLIANCE udpMIBCompliance MODULE-COMPLIANCE
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"The compliance statement for IPv4-only systems which "The compliance statement for IPv4-only systems which
implement UDP. For IP version independence, this compliance implement UDP. For IP version independence, this
statement is deprecated in favor of udpMIBCompliance2. compliance statement is deprecated in favor of
However, agents are still encouraged to implement these udpMIBCompliance2. However, agents are still
objects in order to interoperate with the deployed base encouraged to implement these objects in order to
of managers." interoperate with the deployed base of managers."
MODULE -- this module MODULE -- this module
MANDATORY-GROUPS { udpGroup } MANDATORY-GROUPS { udpGroup }
::= { udpMIBCompliances 1 } ::= { udpMIBCompliances 1 }
-- units of conformance -- units of conformance
udpGroup OBJECT-GROUP udpGroup OBJECT-GROUP
OBJECTS { udpInDatagrams, udpNoPorts, OBJECTS { udpInDatagrams, udpNoPorts,
udpInErrors, udpOutDatagrams, udpInErrors, udpOutDatagrams,
udpLocalAddress, udpLocalPort } udpLocalAddress, udpLocalPort }
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"The deprecated group of objects providing for management of "The deprecated group of objects providing for
UDP over IPv4." management of UDP over IPv4."
::= { udpMIBGroups 1 } ::= { udpMIBGroups 1 }
udpBaseGroup OBJECT-GROUP udpBaseGroup OBJECT-GROUP
OBJECTS { udpInDatagrams, udpNoPorts, udpInErrors, udpOutDatagrams } OBJECTS { udpInDatagrams, udpNoPorts, udpInErrors,
udpOutDatagrams }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The group of objects providing for counters of UDP "The group of objects providing for counters of UDP
statistics." statistics."
::= { udpMIBGroups 2 } ::= { udpMIBGroups 2 }
udpHCGroup OBJECT-GROUP udpHCGroup OBJECT-GROUP
OBJECTS { udpHCInDatagrams, udpHCOutDatagrams } OBJECTS { udpHCInDatagrams, udpHCOutDatagrams }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The group of objects providing for counters of high speed "The group of objects providing for counters of high
UDP implementations." speed UDP implementations."
::= { udpMIBGroups 3 } ::= { udpMIBGroups 3 }
udpEndpointGroup OBJECT-GROUP udpEndpointGroup OBJECT-GROUP
OBJECTS { udpEndpointInstance } OBJECTS { udpEndpointProcess }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The group of objects providing for the IP version "The group of objects providing for the IP version
independent management of UDP 'endpoints'." independent management of UDP 'endpoints'."
::= { udpMIBGroups 4 } ::= { udpMIBGroups 4 }
udpEndpointProcessGroup OBJECT-GROUP
OBJECTS { udpEndpointProcess }
STATUS current
DESCRIPTION
"The object mapping a UDP 'endpoint' to a system process."
::= { udpMIBGroups 5 }
END END
4. Intellectual Property 4. Intellectual Property
The IETF takes no position regarding the validity or scope of any The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to intellectual property or other rights that might be claimed to
pertain to the implementation or use of the technology described in pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights this document or the extent to which any license under such rights
might or might not be available; neither does it represent that it might or might not be available; neither does it represent that it
has made any effort to identify any such rights. Information on the has made any effort to identify any such rights. Information on the
skipping to change at page 17, line 25 skipping to change at page 19, line 42
J., Rose, M. and S. Waldbusser, "Conformance Statements J., Rose, M. and S. Waldbusser, "Conformance Statements
for SMIv2", STD 58, RFC 2580, April 1999. for SMIv2", STD 58, RFC 2580, April 1999.
[RFC2790] Waldbusser, S. and P. Grillo, "Host Resources MIB", RFC [RFC2790] Waldbusser, S. and P. Grillo, "Host Resources MIB", RFC
2790, March 2000. 2790, March 2000.
[RFC3291] Daniele, M., Haberman, B., Routhier, S., and J. [RFC3291] Daniele, M., Haberman, B., Routhier, S., and J.
Schoenwaelder, "Textual Conventions for Internet Network Schoenwaelder, "Textual Conventions for Internet Network
Addresses", RFC 3291, May 2002. Addresses", RFC 3291, May 2002.
8. Informative References [RFC3418] Presuhn, R., "Management Information Base (MIB) for the
Simple Network Management Protocol (SNMP)", RFC 3418,
December 2002.
[RFC3410] Case, J., Mundy, R., Partain, D. and B. Stewart, 8. Informative References
"Introduction and Applicability Statements for Internet-
Standard Management Framework", RFC 3410, December 2002.
[RFC1213] McCloghrie, K. and M. Rose, Editors, "Management [RFC1213] McCloghrie, K. and M. Rose, Editors, "Management
Information Base for Network Management of TCP/IP-based Information Base for Network Management of TCP/IP-based
internets: MIB-II", STD 17, RFC 1213, March 1991. internets: MIB-II", STD 17, RFC 1213, March 1991.
[RFC2013] McCloghrie, K., "Management Information Base for the [RFC2013] McCloghrie, K., "Management Information Base for the
User Datagram Protocol using SMIv2", RFC 2013, November User Datagram Protocol using SMIv2", RFC 2013, November
1996. 1996.
[RFC2454] Daniele, M., "IP Version 6 Management Information Base [RFC2454] Daniele, M., "IP Version 6 Management Information Base
for the User Datagram Protocol", RFC 2454, December for the User Datagram Protocol", RFC 2454, December
1998. 1998.
[RFC3410] Case, J., Mundy, R., Partain, D. and B. Stewart,
"Introduction and Applicability Statements for Internet-
Standard Management Framework", RFC 3410, December 2002.
9. Security Considerations 9. Security Considerations
There are no management objects defined in this MIB that have a MAX- There are no management objects defined in this MIB that have a MAX-
ACCESS clause of read-write and/or read-create. So, if this MIB is ACCESS clause of read-write and/or read-create. So, if this MIB is
implemented correctly, then there is no risk that an intruder can implemented correctly, then there is no risk that an intruder can
alter or create any management objects of this MIB module via direct alter or create any management objects of this MIB module via direct
SNMP SET operations. SNMP SET operations.
Some of the readable objects in this MIB module (i.e., objects with a Some of the readable objects in this MIB module (i.e., objects with a
MAX-ACCESS other than not-accessible) may be considered sensitive or MAX-ACCESS other than not-accessible) may be considered sensitive or
vulnerable in some network environments. It is thus important to vulnerable in some network environments. It is thus important to
control even GET and/or NOTIFY access to these objects and possibly control even GET and/or NOTIFY access to these objects and possibly
to even encrypt the values of these objects when sending them over to even encrypt the values of these objects when sending them over
the network via SNMP. These are the tables and objects and their the network via SNMP. These are the tables and objects and their
sensitivity/vulnerability: sensitivity/vulnerability:
The udpEndpointLocalPort and udpLocalPort objects can be used to The indices of the udpEndpointTable and udpTable contain information
identify what ports are open on the machine and can thus what attacks on the listeners on an entity. In particular, the
are likely to succeed, without the attacker having to run a port udpEndpointLocalPort and udpLocalPort objects in the indices can be
scanner. used to identify what ports are open on the machine and can thus what
attacks are likely to succeed, without the attacker having to run a
port scanner.
SNMP versions prior to SNMPv3 did not include adequate security. SNMP versions prior to SNMPv3 did not include adequate security.
Even if the network itself is secure (for example by using IPSec), Even if the network itself is secure (for example by using IPSec),
even then, there is no control as to who on the secure network is even then, there is no control as to who on the secure network is
allowed to access and GET/SET (read/change/create/delete) the objects allowed to access and GET/SET (read/change/create/delete) the objects
in this MIB module. in this MIB module.
It is recommended that the implementors consider the security It is recommended that the implementors consider the security
features as provided by the SNMPv3 framework (see [RFC3410], section features as provided by the SNMPv3 framework (see [RFC3410], section
8), including full support for the SNMPv3 cryptographic mechanisms 8), including full support for the SNMPv3 cryptographic mechanisms
skipping to change at page 19, line 7 skipping to change at page 21, line 30
John Flick John Flick
Hewlett-Packard Company Hewlett-Packard Company
8000 Foothills Blvd. M/S 5557 8000 Foothills Blvd. M/S 5557
Roseville, CA 95747-5557 Roseville, CA 95747-5557
USA USA
Email: johnf@rose.hp.com Email: johnf@rose.hp.com
11. Full Copyright Statement 11. Full Copyright Statement
Copyright (C) The Internet Society (2003). All Rights Reserved. Copyright (C) The Internet Society (2004). All Rights Reserved.
This document and translations of it may be copied and furnished to This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of Internet organizations, except as needed for the purpose of
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/