draft-ietf-rtfm-meter-mib-09.txt   draft-ietf-rtfm-meter-mib-10.txt 
Internet Engineering Task Force Nevil Brownlee Internet Engineering Task Force Nevil Brownlee
INTERNET-DRAFT The University of Auckland INTERNET-DRAFT The University of Auckland
Expires December 1999
August 1999
Expires February 2000
Traffic Flow Measurement: Meter MIB Traffic Flow Measurement: Meter MIB
<draft-ietf-rtfm-meter-mib-09.txt> <draft-ietf-rtfm-meter-mib-10.txt>
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with all This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026. provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Task Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF), its areas, and its working groups. Note that other groups Force (IETF), its areas, and its working groups. Note that other groups
may also distribute working documents as Internet-Drafts. may also distribute working documents as Internet-Drafts.
skipping to change at page 2, line ? skipping to change at page 2, line ?
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet Draft is a product of the Realtime Traffic Flow This Internet Draft is a product of the Realtime Traffic Flow
Measurement Working Group of the IETF. Measurement Working Group of the IETF.
Abstract Abstract
A 'Traffic Meter' collects data relating to traffic flows within a The RTFM Traffic Measurement Architecture provides a general framework
network. This document defines a Management Information Base (MIB) for for describing and measuring network traffic flows. Flows are defined
use in controlling a traffic meter, in particular for specifying the in terms of their Address Attribute values and measured by a 'Traffic
Meter.'
This document defines a Management Information Base (MIB) for use in
controlling an RTFM Traffic Meter, in particular for specifying the
flows to be measured. It also provides an efficient mechanism for flows to be measured. It also provides an efficient mechanism for
retrieving flow data from the meter using SNMP. Security issues retrieving flow data from the meter using SNMP. Security issues
concerning the operation of traffic meters are summarised. concerning the operation of traffic meters are summarised.
Contents Contents
1 Introduction 2 1 Introduction 2
2 The Network Management Framework 3 2 The SNMP Management Framework 2
3 Objects 3
3.1 Format of Definitions . . . . . . . . . . . . . . . . . . . . 4
4 Overview 4 3 Overview 3
4.1 Scope of Definitions, Textual Conventions . . . . . . . . . . 5 3.1 Scope of Definitions, Textual Conventions . . . . . . . . . . 4
4.2 Usage of the MIB variables . . . . . . . . . . . . . . . . . . 5 3.2 Usage of the MIB variables . . . . . . . . . . . . . . . . . 4
5 Definitions 7 4 Definitions 6
6 Security Considerations 45 5 Security Considerations 44
6.1 SNMP Concerns . . . . . . . . . . . . . . . . . . . . . . . . 45 5.1 SNMP Concerns . . . . . . .. . . . . . . . . . . . . . . . . 44
6.2 Traffic Meter Concerns . . . . . . . . . . . . . . . . . . . . 45 5.2 Traffic Meter Concerns . .. . . . . . . . . . . . . . . . . 45
7 IANA Considerations 47 6 IANA Considerations 46
8 Appendix A: Changes Introduced Since RFC 2064 47 7 Appendix A: Changes Introduced Since RFC 2064 47
9 Acknowledgements 48 8 Acknowledgements 48
10 References 49 9 References 48
11 Author's Address 50 10 Author's Address 50
1 Introduction 1 Introduction
This memo defines a portion of the Management Information Base (MIB) for This memo defines a portion of the Management Information Base (MIB) for
use with network management protocols in the Internet community. In use with network management protocols in the Internet community. In
particular, it describes objects for managing and collecting data from particular, it describes objects for managing and collecting data from
network Realtime Traffic Flow Meters, as described in [1]. network Realtime Traffic Flow Meters, as described in [RTFM-ARC].
The MIB is 'basic' in the sense that it provides more than enough The MIB is 'basic' in the sense that it provides more than enough
information for everyday traffic measurment. Furthermore, it can be information for everyday traffic measurment. Furthermore, it can be
easily extended by adding new attributes as required. The RTFM Working easily extended by adding new attributes as required. The RTFM Working
group is actively pursuing the development of the meter in this way. group is actively pursuing the development of the meter in this way.
2 The Network Management Framework 2 The SNMP Management Framework
The Internet-standard Network Management Framework consists of three
components. They are:
RFC 1155 defines the SMI, the mechanisms used for describing
and naming objects for the purpose of management. RFC 1212
defines a more concise description mechanism, which is wholly
consistent with the SMI.
RFC 1156 defines MIB-I, the core set of managed objects for the The SNMP Management Framework presently consists of five major
Internet suite of protocols. RFC 1213 [2] defines MIB-II, an components:
evolution of MIB-I based on implementation experience and new
operational requirements.
RFC 1157 defines the SNMP, the protocol used for network access - An overall architecture, described in RFC 2571 [RFC2571].
to managed objects.
RFC 1902 [3] defines the SMI for version 2 of the Simple - Mechanisms for describing and naming objects and events for the
Network Management Protocol. purpose of management. The first version of this Structure of
Management Information (SMI) is called SMIv1 and described in STD
16, RFC 1155 [RFC1155], STD 16, RFC 1212 [RFC1212] and RFC 1215
[RFC1215]. The second version, called SMIv2, is described in STD
58, RFC 2578 [RFC2578], RFC 2579 [RFC2579] and RFC 2580 [RFC2580].
RFCs 1903 and 1904 [4,5] define Textual Conventions and - Message protocols for transferring management information. The
Conformance Statements for version 2 of the Simple Network first version of the SNMP message protocol is called SNMPv1 and
Management Protocol. described in STD 15, RFC 1157 [RFC1157]. A second version of the
SNMP message protocol, which is not an Internet standards track
protocol, is called SNMPv2c and described in RFC 1901 [RFC1901] and
RFC 1906 [RFC1906]. The third version of the message protocol is
called SNMPv3 and described in RFC 1906 [RFC1906], RFC 2572
[RFC2572] and RFC 2574 [RFC2574].
RFC 1908 [6] describes how versions 1 and 2 of the Simple - Protocol operations for accessing management information. The
Network Management Protocol should coexist. first set of protocol operations and associated PDU formats is
described in STD 15, RFC 1157 [RFC1157]. A second set of protocol
operations and associated PDU formats is described in RFC 1905
[RFC1905].
The Framework permits new objects to be defined for the purpose of - A set of fundamental applications described in RFC 2573 [RFC2573]
experimentation and evaluation. and the view-based access control mechanism described in RFC 2575
[RFC2575].
3 Objects A more detailed introduction to the current SNMP Management Framework
can be found in [RFC2570].
Managed objects are accessed via a virtual information store, termed the Managed objects are accessed via a virtual information store, termed the
Management Information Base or MIB. Objects in the MIB are defined using Management Information Base or MIB. Objects in the MIB are defined using
the subset of Abstract Syntax Notation One (ASN.1) [7] defined in the the mechanisms defined in the SMI.
SMI. In particular, each object has a name, a syntax, and an encoding.
The name is an object identifier, an administratively assigned name,
which specifies an object type. The object type together with an object
instance serves to uniquely identify a specific instantiation of the
object. For human convenience, we often use a textual string, termed
the OBJECT DESCRIPTOR, to also refer to the object type.
The syntax of an object type defines the abstract data structure
corresponding to that object type. The ASN.1 language is used for this
purpose. However, the SMI [3] purposely restricts the ASN.1 constructs
which may be used. These restrictions are explicitly made for
simplicity.
The encoding of an object type is simply how that object type is
represented using the object type's syntax. Implicitly tied to the
notion of an object type's syntax and encoding is how the object type is
represented when being transmitted on the network.
The SMI specifies the use of the basic encoding rules of ASN.1 [8],
subject to the additional requirements imposed by the SNMP.
3.1 Format of Definitions
Section 4 contains the specification of all object types contained in This memo specifies a MIB module that is compliant to the SMIv2. A
this MIB module. These object types are specified using the conventions MIB conforming to the SMIv1 can be produced through the appropriate
defined in [3] and [4]. translations. The resulting translated MIB must be semantically
equivalent, except where objects or events are omitted because no
translation is possible (use of Counter64). Some machine readable
information in SMIv2 will be converted into textual descriptions in
SMIv1 during the translation process. However, this loss of machine
readable information is not considered to change the semantics of the
MIB.
4 Overview 3 Overview
Traffic Flow Measurement seeks to provide a well-defined method for Traffic Flow Measurement seeks to provide a well-defined method for
gathering traffic flow information from networks and internetworks. The gathering traffic flow information from networks and internetworks. The
background for this is given in "Traffic Flow Measurement: Background" background for this is given in "Internet Accounting Background"
[9]. The Realtime Traffic Flow Measurement (rtfm) Working Group has [ACT-BKG]. The Realtime Traffic Flow Measurement (rtfm) Working Group
produced a measurement architecture to achieve this goal; this is
documented in "Traffic Flow Measurement: Architecture" [1]. The has produced a measurement architecture to achieve this goal; this is
documented in "Traffic Flow Measurement: Architecture" [RTFM-ARC]. The
architecture defines three entities: architecture defines three entities:
- METERS, which observe network traffic flows and build up a table of - METERS, which observe network traffic flows and build up a table of
flow data records for them, flow data records for them,
- METER READERS, which collect traffic flow data from meters, and - METER READERS, which collect traffic flow data from meters, and
- MANAGERS, which oversee the operation of meters and meter readers. - MANAGERS, which oversee the operation of meters and meter readers.
This memo defines the SNMP management information for a Traffic Flow This memo defines the SNMP management information for a Traffic Flow
Meter (TFM). Work in this field was begun by the Internet Accounting Meter (TFM). Work in this field was begun by the Internet Accounting
Working Group. It has been further developed and expanded by the Working Group. It has been further developed and expanded by the
Realtime Traffic Flow Measurement Working Group. Realtime Traffic Flow Measurement Working Group.
4.1 Scope of Definitions, Textual Conventions 3.1 Scope of Definitions, Textual Conventions
All objects defined in this memo are registered in a single subtree All objects defined in this memo are registered in a single subtree
within the mib-2 namespace [2,3], and are for use in network devices within the mib-2 namespace [MIB-II, RFC2578], and are for use in network
which may perform a PDU forwarding or monitoring function. For these devices which may perform a PDU forwarding or monitoring function. For
devices, the value of the ifSpecific variable in the MIB-II [2] has the these devices, this MIB defines a group of objects with an SMI Network
OBJECT IDENTIFIER value: Management MGMT Code [ASG-NBR] of 40, i.e.
flowMIB OBJECT IDENTIFIER ::= mib-2 40 flowMIB OBJECT IDENTIFIER ::= mib-2 40
as defined below. as defined below.
The RTFM Meter MIB was first produced and tested using SNMPv1. It was The RTFM Meter MIB was first produced and tested using SNMPv1. It was
converted into SNMPv2 following the guidelines in RFC 1908 [6]. converted into SNMPv2 following the guidelines in [RFC1908].
4.2 Usage of the MIB variables 3.2 Usage of the MIB variables
The MIB is organised in four parts - control, data, rules and The MIB is organised in four parts - control, data, rules and
conformance statements. conformance statements.
The rules implement the set of packet-matching actions, as described in The rules implement the set of packet-matching actions, as described in
the "Traffic Flow Measurment: Architecture" document [1]. In addition the "Traffic Flow Measurment: Architecture" document [RTFM-ARC]. In
they provide for BASIC-style subroutines, allowing a network manager to addition they provide for BASIC-style subroutines, allowing a network
dramatically reduce the number of rules required to monitor a large manager to dramatically reduce the number of rules required to monitor a
network. large network.
Traffic flows are identified by a set of attributes for each of their Traffic flows are identified by a set of attributes for each of their
end-points. Attributes include network addresses for each layer of the end-points. Attributes include network addresses for each layer of the
network protocol stack, and 'subscriber ids,' which may be used to network protocol stack, and 'subscriber ids,' which may be used to
identify an accountable entity for the flow. identify an accountable entity for the flow.
The conformance statements are set out as defined in [5]. They explain The conformance statements are set out as defined in [RFC2580]. They
what must be implemented in a meter which claims to conform to this MIB. explain what must be implemented in a meter which claims to conform to
this MIB.
To retrieve flow data one could simply do a linear scan of the flow To retrieve flow data one could simply do a linear scan of the flow
table. This would certainly work, but would require a lot of protocol table. This would certainly work, but would require a lot of protocol
exchanges. To reduce the overhead in retrieving flow data the flow exchanges. To reduce the overhead in retrieving flow data the flow
table uses a TimeFilter variable, defined as a Textual Convention in the table uses a TimeFilter variable, defined as a Textual Convention in the
RMON2 MIB [10]. RMON2 MIB [RMON2-MIB].
As an alternative method of reading flow data, the MIB provides a view As an alternative method of reading flow data, the MIB provides a view
of the flow table called the flowDataPackageTable. This is (logically) of the flow table called the flowDataPackageTable. This is (logically)
a four-dimensional array, subscripted by package selector, ruleset, a four-dimensional array, subscripted by package selector, RuleSet,
activity time and starting flow number. The package selector is a activity time and starting flow number. The package selector is a
sequence of bytes which specifies a list of flow attributes. sequence of bytes which specifies a list of flow attributes.
A data package (as returned by the meter) is a sequence of values for A data package (as returned by the meter) is a sequence of values for
the attributes specified in its selector, encoded using the Basic the attributes specified in its selector, encoded using the Basic
Encoding Rules [8]. It allows a meter reader to retrieve all the Encoding Rules [ASN-BER]. It allows a meter reader to retrieve all the
attribute values it requires in a single MIB object. This, when used attribute values it requires in a single MIB object. This, when used
together with SNMPv2's GetBulk request, allows a meter reader to scan together with SNMPv2's GetBulk request, allows a meter reader to scan
the flow table and upload a specified set of attribute values for flows the flow table and upload a specified set of attribute values for flows
which have changed since the last reading, and which were created by a which have changed since the last reading, and which were created by a
specified rule set. specified rule set.
One aspect of data collection which needs emphasis is that all the MIB One aspect of data collection which needs emphasis is that all the MIB
variables are set up to allow multiple independent meter readers to work variables are set up to allow multiple independent meter readers to work
properly, i.e. the flow table indexes are stateless. An alternative properly, i.e. the flow table indexes are stateless. An alternative
approach would have been to 'snapshot' the flow table, which would mean approach would have been to 'snapshot' the flow table, which would mean
skipping to change at page 6, line 36 skipping to change at page 5, line 52
The control variables are the minimum set required for a meter reader. The control variables are the minimum set required for a meter reader.
Their number has been whittled down as experience has been gained with Their number has been whittled down as experience has been gained with
the MIB implementation. A few of them are 'general,' i.e. they control the MIB implementation. A few of them are 'general,' i.e. they control
the overall behaviour of the meter. These are set by a single 'master' the overall behaviour of the meter. These are set by a single 'master'
manager, and no other manager should attempt to change their values. manager, and no other manager should attempt to change their values.
The decision as to which manager is the 'master' must be made by the The decision as to which manager is the 'master' must be made by the
network operations personnel responsible; this MIB does not attempt to network operations personnel responsible; this MIB does not attempt to
define any interaction between managers. define any interaction between managers.
There are three other groups of control variables, arranged into tables There are three other groups of control variables, arranged into tables
in the same way as in the RMON2 MIB [10]. They are used as follows: in the same way as in the RMON2 MIB [RMON2-MIB]. They are used as
follows:
- RULE SET INFO: Before attempting to download a RuleSet, a manager - RULE SET INFO: Before attempting to download a RuleSet, a manager
must create a row in the flowRuleSetInfoTable and set its must create a row in the flowRuleSetInfoTable and set its
flowRuleInfoSize to a value large enough to hold the RuleSet. When flowRuleInfoSize to a value large enough to hold the RuleSet. When
the rule set is ready the manager must set flowRuleInfoRulesReady the rule set is ready the manager must set flowRuleInfoRulesReady
to 'true,' indicating that the rule set is ready for use (but not to 'true,' indicating that the rule set is ready for use (but not
yet 'running'). yet 'running').
- METER READER INFO: Any meter reader wishing to collect data - METER READER INFO: Any meter reader wishing to collect data
reliably for all flows from a RuleSet should first create a row in reliably for all flows from a RuleSet should first create a row in
the flowReaderInfoTable with flowReaderRuleSet set to that the flowReaderInfoTable with flowReaderRuleSet set to that
RuleSet's index in the flowRuleSetInfoTable. It should write that RuleSet's index in the flowRuleSetInfoTable. It should write that
row's flowReaderLastTime object each time it starts a collection row's flowReaderLastTime object each time it starts a collection
pass through the flow table. The meter will not recover a flow's pass through the flow table. The meter will not recover a flow's
memory until every meter reader holding a row for that flow's memory until every meter reader holding a row for that flow's
RuleSet has collected the flow's data. RuleSet has collected the flow's data.
- MANAGER INFO: Any manager wishing to run a RuleSet in the meter - MANAGER INFO: Any manager wishing to run a RuleSet in the meter
must create a row in the flowManagerInfo table, specifying the must create a row in the flowManagerInfo table, specifying the
desired RuleSet to run and its corresponding 'standby' Ruleset (if desired RuleSet to run and its corresponding 'standby' RuleSet (if
one is desired). A current RuleSet is 'running' if its one is desired). A current RuleSet is 'running' if its
flowManagerRunningStandby value is false(2), similarly a standby flowManagerRunningStandby value is false(2), similarly a standby
RuleSet is 'running' if flowManagerRunningStandby is true(1). RuleSet is 'running' if flowManagerRunningStandby is true(1).
Times within the meter are in terms of its Uptime, i.e. centiseconds Times within the meter are in terms of its Uptime, i.e. centiseconds
since the meter started. For meters implemented as self-contained SNMP since the meter started. For meters implemented as self-contained SNMP
agents this will be the same as sysUptime, but this may not be true for agents this will be the same as sysUptime, but this may not be true for
meters implemented as subagents. Managers can read the meter's Uptime meters implemented as subagents. Managers can read the meter's Uptime
when neccessary (e.g. to set a TimeFilter value) by setting when neccessary (e.g. to set a TimeFilter value) by setting
flowReaderLastTime, then reading its new value. flowReaderLastTime, then reading its new value.
5 Definitions 4 Definitions
FLOW-METER-MIB DEFINITIONS ::= BEGIN FLOW-METER-MIB DEFINITIONS ::= BEGIN
IMPORTS IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Counter32, Counter64, Integer32 MODULE-IDENTITY, OBJECT-TYPE,
Counter32, Counter64, Integer32, mib-2
FROM SNMPv2-SMI FROM SNMPv2-SMI
TEXTUAL-CONVENTION, RowStatus, TimeStamp, TruthValue TEXTUAL-CONVENTION, RowStatus, TimeStamp, TruthValue
FROM SNMPv2-TC FROM SNMPv2-TC
OBJECT-GROUP, MODULE-COMPLIANCE OBJECT-GROUP, MODULE-COMPLIANCE
FROM SNMPv2-CONF FROM SNMPv2-CONF
mib-2, ifIndex ifIndex
FROM RFC1213-MIB FROM RFC1213-MIB
OwnerString OwnerString
FROM RMON-MIB FROM RMON-MIB
TimeFilter TimeFilter
FROM RMON2-MIB; FROM RMON2-MIB;
flowMIB MODULE-IDENTITY flowMIB MODULE-IDENTITY
LAST-UPDATED "9906141620Z" LAST-UPDATED "9908191010Z"
ORGANIZATION "IETF Realtime Traffic Flow Measurement Working Group" ORGANIZATION "IETF Realtime Traffic Flow Measurement Working Group"
CONTACT-INFO CONTACT-INFO
"Nevil Brownlee, The University of Auckland "Nevil Brownlee, The University of Auckland
Postal: Information Technology Sytems & Services Postal: Information Technology Sytems & Services
The University of Auckland The University of Auckland
Private Bag 92-019 Private Bag 92-019
Auckland, New Zealand Auckland, New Zealand
Phone: +64 9 373 7599 x8941 Phone: +64 9 373 7599 x8941
E-mail: n.brownlee@auckland.ac.nz" E-mail: n.brownlee@auckland.ac.nz"
DESCRIPTION DESCRIPTION
"MIB for the RTFM Traffic Flow Meter." "MIB for the RTFM Traffic Flow Meter."
REVISION "9908191010Z"
DESCRIPTION
"Changes to SIZE specification for two variables:
- flowRuleInfoName SIZE specified as (0..127)
- flowRuleIndex SIZE increased to (1..2147483647)"
REVISION "9712230937Z" REVISION "9712230937Z"
DESCRIPTION DESCRIPTION
"Two further variables deprecated: "Two further variables deprecated:
- flowRuleInfoRulesReady (use flowRuleInfoStatus intead) - flowRuleInfoRulesReady (use flowRuleInfoStatus intead)
- flowDataStatus (contains no useful information)" - flowDataStatus (contains no useful information)"
REVISION "9707071715Z" REVISION "9707071715Z"
DESCRIPTION DESCRIPTION
"Significant changes since RFC 2064 include: "Significant changes since RFC 2064 include:
- flowDataPackageTable added - flowDataPackageTable added
skipping to change at page 8, line 37 skipping to change at page 8, line 13
flowMIBConformance OBJECT IDENTIFIER ::= { flowMIB 4 } flowMIBConformance OBJECT IDENTIFIER ::= { flowMIB 4 }
-- Textual Conventions -- Textual Conventions
MediumType ::= TEXTUAL-CONVENTION MediumType ::= TEXTUAL-CONVENTION
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Specifies the type of a MediumAddress (see below). The "Specifies the type of a MediumAddress (see below). The
values used for IEEE 802 media are from the 'Network values used for IEEE 802 media are from the 'Network
Management Parameters (ifType definitions)' section of the Management Parameters (ifType definitions)' section of the
Assigned Numbers RFC [11]. Other medium types may also Assigned Numbers RFC [ASG-NBR]. Other medium types may also
be used, provided only that they are identified by their be used, provided only that they are identified by their
assigned ifType numbers." assigned ifType numbers."
SYNTAX INTEGER { SYNTAX INTEGER {
ethernet(7), ethernet(7), -- ethernet-like [ENET-OBJ],
-- includes ethernet-csmacd(6)
tokenring(9), tokenring(9),
fddi(15) } fddi(15) }
MediumAddress ::= TEXTUAL-CONVENTION MediumAddress ::= TEXTUAL-CONVENTION
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Specifies the value of a Medium Access Control (MAC) address. "Specifies the value of a Medium Access Control (MAC) address.
Address format depends on the actual medium, as follows: Address format depends on the actual medium, as follows:
Ethernet: ethernet(7) Ethernet: ethernet(7)
skipping to change at page 9, line 4 skipping to change at page 8, line 30
fddi(15) } fddi(15) }
MediumAddress ::= TEXTUAL-CONVENTION MediumAddress ::= TEXTUAL-CONVENTION
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Specifies the value of a Medium Access Control (MAC) address. "Specifies the value of a Medium Access Control (MAC) address.
Address format depends on the actual medium, as follows: Address format depends on the actual medium, as follows:
Ethernet: ethernet(7) Ethernet: ethernet(7)
6-octet 802.3 MAC address in 'canonical' order 6-octet 802.3 MAC address in 'canonical' order
Token Ring: tokenring(9) Token Ring: tokenring(9)
6-octet 802.5 MAC address in 'canonical' order 6-octet 802.5 MAC address in 'canonical' order
FDDI: fddi(15) FDDI: fddi(15)
FddiMACLongAddress, i.e. a 6-octet MAC address FddiMACLongAddress, i.e. a 6-octet MAC address
in 'canonical' order (defined in the FDDI MIB [12]) in 'canonical' order (defined in [FDDI-MIB])
" "
SYNTAX OCTET STRING (SIZE (6..20)) SYNTAX OCTET STRING (SIZE (6..20))
PeerType ::= TEXTUAL-CONVENTION PeerType ::= TEXTUAL-CONVENTION
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Indicates the type of a PeerAddress (see below). The values "Indicates the type of a PeerAddress (see below). The values
used are from the 'Address Family Numbers' section of the used are from the 'Address Family Numbers' section of the
Assigned Numbers RFC [11]. Peer types from other address Assigned Numbers RFC [ASG-NBR]. Peer types from other address
families may also be used, provided only that they are families may also be used, provided only that they are
identified by their assigned Address Family numbers." identified by their assigned Address Family numbers."
SYNTAX INTEGER { SYNTAX INTEGER {
ipv4(1), ipv4(1),
ipv6(2), ipv6(2),
nsap(3), nsap(3),
ipx(11), ipx(11),
appletalk(12), appletalk(12),
decnet(13) } decnet(13) }
PeerAddress ::= TEXTUAL-CONVENTION PeerAddress ::= TEXTUAL-CONVENTION
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Specifies the value of a peer address for various network "Specifies the value of a peer address for various network
protocols. Address format depends on the actual protocol, protocols. Address format depends on the actual protocol,
as indicated below: as indicated below:
IPv4: ipv4(1) IPv4: ipv4(1)
4-octet IpAddress (defined in the SNMPv2 SMI [3]) 4-octet IpAddress (defined in the SNMPv2 SMI [RFC2578])
IPv6: ipv6(2) IPv6: ipv6(2)
16-octet IpAddress (defined in the 16-octet IpAddress (defined in the
IPv6 Addressing RFC [13]) IPv6 Addressing RFC [V6-ADDR])
CLNS: nsap(3) CLNS: nsap(3)
NsapAddress (defined in the SNMPv2 SMI [3]) NsapAddress (defined in the SNMPv2 SMI [RFC2578])
Novell: ipx(11) Novell: ipx(11)
4-octet Network number, 4-octet Network number,
6-octet Host number (MAC address) 6-octet Host number (MAC address)
AppleTalk: appletalk(12) AppleTalk: appletalk(12)
2-octet Network number (sixteen bits), 2-octet Network number (sixteen bits),
1-octet Host number (eight bits) 1-octet Host number (eight bits)
DECnet: decnet(13) DECnet: decnet(13)
1-octet Area number (in low-order six bits), 1-octet Area number (in low-order six bits),
2-octet Host number (in low-order ten bits) 2-octet Host number (in low-order ten bits)
" "
SYNTAX OCTET STRING (SIZE (3..20)) SYNTAX OCTET STRING (SIZE (3..20))
AdjacentType ::= TEXTUAL-CONVENTION AdjacentType ::= TEXTUAL-CONVENTION
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Indicates the type of an adjacent address. "Indicates the type of an adjacent address.
skipping to change at page 10, line 38 skipping to change at page 10, line 15
"Specifies the value of an adjacent address. "Specifies the value of an adjacent address.
Is a superset of MediumAddress and PeerAddress." Is a superset of MediumAddress and PeerAddress."
SYNTAX OCTET STRING (SIZE (3..20)) SYNTAX OCTET STRING (SIZE (3..20))
TransportType ::= TEXTUAL-CONVENTION TransportType ::= TEXTUAL-CONVENTION
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Indicates the type of a TransportAddress (see below). Values "Indicates the type of a TransportAddress (see below). Values
will depend on the actual protocol; for IP they will be those will depend on the actual protocol; for IP they will be those
given in the 'Protocol Numbers' section of the Assigned Numbers given in the 'Protocol Numbers' section of the Assigned Numbers
RFC [11], including icmp(1), tcp(6) and udp(17)." RFC [ASG-NBR], including icmp(1), tcp(6) and udp(17)."
SYNTAX Integer32 (1..255) SYNTAX Integer32 (1..255)
TransportAddress ::= TEXTUAL-CONVENTION TransportAddress ::= TEXTUAL-CONVENTION
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Specifies the value of a transport address for various "Specifies the value of a transport address for various
network protocols. Format as follows: network protocols. Format as follows:
IP: IP:
2-octet UDP or TCP port number 2-octet UDP or TCP port number
skipping to change at page 13, line 12 skipping to change at page 12, line 42
v3(53), v3(53),
v4(54), v4(54),
v5(55) } v5(55) }
ActionNumber ::= TEXTUAL-CONVENTION ActionNumber ::= TEXTUAL-CONVENTION
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Uniquely identifies the action of a rule, i.e. the Pattern "Uniquely identifies the action of a rule, i.e. the Pattern
Matching Engine's opcode number. Details of the opcodes Matching Engine's opcode number. Details of the opcodes
are given in the 'Traffic Flow Measurement: Architecture' are given in the 'Traffic Flow Measurement: Architecture'
document [1]." document [RTFM-ARC]."
SYNTAX INTEGER { SYNTAX INTEGER {
ignore(1), ignore(1),
noMatch(2), noMatch(2),
count(3), count(3),
countPkt(4), countPkt(4),
return(5), return(5),
gosub(6), gosub(6),
gosubAct(7), gosubAct(7),
assign(8), assign(8),
assignAct(9), assignAct(9),
skipping to change at page 13, line 41 skipping to change at page 13, line 21
-- --
-- Control Group: Rule Set Info Table -- Control Group: Rule Set Info Table
-- --
flowRuleSetInfoTable OBJECT-TYPE flowRuleSetInfoTable OBJECT-TYPE
SYNTAX SEQUENCE OF FlowRuleSetInfoEntry SYNTAX SEQUENCE OF FlowRuleSetInfoEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An array of information about the rule sets held in the "An array of information about the RuleSets held in the
meter. meter.
Any manager may configure a new rule set for the meter by Any manager may configure a new RuleSet for the meter by
creating a row in this table with status active(1), and setting creating a row in this table with status active(1), and setting
values for all the objects in its rules. At this stage the new values for all the objects in its rules. At this stage the new
rule set is available but not 'running,' i.e. it is not being RuleSet is available but not 'running,' i.e. it is not being
used by the meter to produce entries in the flow table. used by the meter to produce entries in the flow table.
To actually 'run' a rule set a manager must create a row in To actually 'run' a RuleSet a manager must create a row in
the flowManagerInfoTable, set it's flowManagerStatus to the flowManagerInfoTable, set it's flowManagerStatus to
active(1), and set either its CurrentRuleSet or StandbyRuleSet active(1), and set either its CurrentRuleSet or StandbyRuleSet
to point to the rule set to be run. to point to the RuleSet to be run.
Once a rule set is running a manager may not change any of the Once a RuleSet is running a manager may not change any of the
objects within the rule set itself. Any attempt to do so should objects within the RuleSet itself. Any attempt to do so should
result in a notWritable(17) SNMP error-status for such objects. result in a notWritable(17) SNMP error-status for such objects.
A manager may stop a rule set running by removing all A manager may stop a RuleSet running by removing all
references to it in the flowManagerInfoTable (i.e. by setting references to it in the flowManagerInfoTable (i.e. by setting
CurrentRuleSet and StandbyRuleSet values to 0). This provides CurrentRuleSet and StandbyRuleSet values to 0). This provides
a way to stop rule sets left running if a manager fails. a way to stop RuleSets left running if a manager fails.
For example, when a manager is started, it could search the For example, when a manager is started, it could search the
meter's flowManager table and stop all rule sets having a meter's flowManager table and stop all RuleSets having a
specified value of flowRuleInfoOwner. specified value of flowRuleInfoOwner.
To prevent a manager from interfering with variables belonging To prevent a manager from interfering with variables belonging
to another manager, the meter should use SNMP views so as to to another manager, the meter should use MIB views [RFC2575] so
limit each manager's access to the meter's variables, as to limit each manager's access to the meter's variables,
effectively dividing the single meter into several virtual effectively dividing the single meter into several virtual
meters, one for each independent manager." meters, one for each independent manager."
::= { flowControl 1 } ::= { flowControl 1 }
flowRuleSetInfoEntry OBJECT-TYPE flowRuleSetInfoEntry OBJECT-TYPE
SYNTAX FlowRuleSetInfoEntry SYNTAX FlowRuleSetInfoEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Information about a particular rule set." "Information about a particular RuleSet."
INDEX { flowRuleInfoIndex } INDEX { flowRuleInfoIndex }
::= { flowRuleSetInfoTable 1 } ::= { flowRuleSetInfoTable 1 }
FlowRuleSetInfoEntry ::= SEQUENCE { FlowRuleSetInfoEntry ::= SEQUENCE {
flowRuleInfoIndex Integer32, flowRuleInfoIndex Integer32,
flowRuleInfoSize Integer32, flowRuleInfoSize Integer32,
flowRuleInfoOwner OwnerString, flowRuleInfoOwner OwnerString,
flowRuleInfoTimeStamp TimeStamp, flowRuleInfoTimeStamp TimeStamp,
flowRuleInfoStatus RowStatus, flowRuleInfoStatus RowStatus,
flowRuleInfoName OCTET STRING, flowRuleInfoName OCTET STRING,
skipping to change at page 14, line 52 skipping to change at page 14, line 32
flowRuleInfoFlowRecords Integer32 flowRuleInfoFlowRecords Integer32
} }
flowRuleInfoIndex OBJECT-TYPE flowRuleInfoIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647) SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An index which selects an entry in the flowRuleSetInfoTable. "An index which selects an entry in the flowRuleSetInfoTable.
Each such entry contains control information for a particular Each such entry contains control information for a particular
rule set which the meter may run." RuleSet which the meter may run."
::= { flowRuleSetInfoEntry 1 } ::= { flowRuleSetInfoEntry 1 }
flowRuleInfoSize OBJECT-TYPE flowRuleInfoSize OBJECT-TYPE
SYNTAX Integer32 SYNTAX Integer32
MAX-ACCESS read-create MAX-ACCESS read-create
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Number of rules in this rule set. Setting this variable will "Number of rules in this RuleSet. Setting this variable will
cause the meter to allocate space for these rules." cause the meter to allocate space for these rules."
::= { flowRuleSetInfoEntry 2 } ::= { flowRuleSetInfoEntry 2 }
flowRuleInfoOwner OBJECT-TYPE flowRuleInfoOwner OBJECT-TYPE
SYNTAX OwnerString SYNTAX OwnerString
MAX-ACCESS read-create MAX-ACCESS read-create
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Identifies the manager which 'owns' this rule set. A manager "Identifies the manager which 'owns' this RuleSet. A manager
must set this variable when creating a row in this table." must set this variable when creating a row in this table."
::= { flowRuleSetInfoEntry 3 } ::= { flowRuleSetInfoEntry 3 }
flowRuleInfoTimeStamp OBJECT-TYPE flowRuleInfoTimeStamp OBJECT-TYPE
SYNTAX TimeStamp SYNTAX TimeStamp
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Time this row's associated rule set was last changed." "Time this row's associated RuleSet was last changed."
::= { flowRuleSetInfoEntry 4 } ::= { flowRuleSetInfoEntry 4 }
flowRuleInfoStatus OBJECT-TYPE flowRuleInfoStatus OBJECT-TYPE
SYNTAX RowStatus SYNTAX RowStatus
MAX-ACCESS read-create MAX-ACCESS read-create
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The status of this flowRuleSetInfoEntry. If this value is "The status of this flowRuleSetInfoEntry. If this value is
not active(1) the meter must not attempt to use the row's not active(1) the meter must not attempt to use the row's
associated rule set. Once its value has been set to active(1) associated RuleSet. Once its value has been set to active(1)
a manager may not change any of the other variables in the a manager may not change any of the other variables in the
row, nor the contents of the associated rule set. Any attempt row, nor the contents of the associated uleSet. Any attempt
to do so should result in a notWritable(17) SNMP error-status to do so should result in a notWritable(17) SNMP error-status
for such variables or objects. for such variables or objects.
To download a rule set, a manger could: To download a RuleSet, a manger could:
- Locate an open slot in the RuleSetInfoTable. - Locate an open slot in the RuleSetInfoTable.
- Create a RuleSetInfoEntry by setting the status for this - Create a RuleSetInfoEntry by setting the status for this
open slot to createAndWait(5). open slot to createAndWait(5).
- Set flowRuleInfoSize and flowRuleInfoName as required. - Set flowRuleInfoSize and flowRuleInfoName as required.
- Download the rules into the row's rule table. - Download the rules into the row's rule table.
- Set flowRuleInfoStatus to active(1). - Set flowRuleInfoStatus to active(1).
The rule set would then be ready to run. The manager is not The RuleSet would then be ready to run. The manager is not
allowed to change the value of flowRuleInfoStatus from allowed to change the value of flowRuleInfoStatus from
active(1) if the associated RuleSet is being referenced by any active(1) if the associated RuleSet is being referenced by any
of the entries in the flowManagerInfoTable. of the entries in the flowManagerInfoTable.
Setting RuleInfoStatus to destroy(6) destroys the associated Setting RuleInfoStatus to destroy(6) destroys the associated
rule set together with any flow data collected by it." RuleSet together with any flow data collected by it."
::= { flowRuleSetInfoEntry 5 } ::= { flowRuleSetInfoEntry 5 }
flowRuleInfoName OBJECT-TYPE flowRuleInfoName OBJECT-TYPE
SYNTAX OCTET STRING SYNTAX OCTET STRING (SIZE (0..127))
MAX-ACCESS read-create MAX-ACCESS read-create
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An alphanumeric identifier used by managers and readers to "An alphanumeric identifier used by managers and readers to
identify a rule set. For example, a manager wishing to run a identify a RuleSet. For example, a manager wishing to run a
rule set named WWW-FLOWS could search the flowRuleSetInfoTable RuleSet named WWW-FLOWS could search the flowRuleSetInfoTable
to see whether the WWW-FLOWS rule set is already available on to see whether the WWW-FLOWS RuleSet is already available on
the meter. the meter.
Note that references to rule sets in the flowManagerInfoTable Note that references to RuleSets in the flowManagerInfoTable
use indexes for their flowRuleSetInfoTable entries. These may use indexes for their flowRuleSetInfoTable entries. These may
be different each time the rule set is loaded into a meter." be different each time the RuleSet is loaded into a meter."
::= { flowRuleSetInfoEntry 6 } ::= { flowRuleSetInfoEntry 6 }
flowRuleInfoRulesReady OBJECT-TYPE flowRuleInfoRulesReady OBJECT-TYPE
SYNTAX TruthValue SYNTAX TruthValue
MAX-ACCESS read-create MAX-ACCESS read-create
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"Indicates whether the rules for this row's associated rule set "Indicates whether the rules for this row's associated RuleSet
are ready for use. The meter will refuse to 'run' the rule set are ready for use. The meter will refuse to 'run' the RuleSet
unless this variable has been set to true(1). unless this variable has been set to true(1).
While RulesReady is false(2), the manager may modify the rule While RulesReady is false(2), the manager may modify the
set, for example by downloading rules into it." RuleSet, for example by downloading rules into it."
::= { flowRuleSetInfoEntry 7 } ::= { flowRuleSetInfoEntry 7 }
flowRuleInfoFlowRecords OBJECT-TYPE flowRuleInfoFlowRecords OBJECT-TYPE
SYNTAX Integer32 SYNTAX Integer32
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of entries in the flow table for this rule set. "The number of entries in the flow table for this RuleSet.
These may be current (waiting for collection by one or more These may be current (waiting for collection by one or more
meter readers) or idle (waiting for the meter to recover meter readers) or idle (waiting for the meter to recover
their memory)." their memory)."
::= { flowRuleSetInfoEntry 8 } ::= { flowRuleSetInfoEntry 8 }
-- --
-- Control Group: Interface Info Table -- Control Group: Interface Info Table
-- --
flowInterfaceTable OBJECT-TYPE flowInterfaceTable OBJECT-TYPE
skipping to change at page 17, line 34 skipping to change at page 17, line 17
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The parameter N for statistical counting on this interface. "The parameter N for statistical counting on this interface.
Set to N to count 1/Nth of the packets appearing at this Set to N to count 1/Nth of the packets appearing at this
interface. A sampling rate of 1 counts all packets. interface. A sampling rate of 1 counts all packets.
A sampling rate of 0 results in the interface being ignored A sampling rate of 0 results in the interface being ignored
by the meter. by the meter.
A meter should choose its own algorithm to introduce variance A meter should choose its own algorithm to introduce variance
into the sampling so that exactly every Nth packet is not into the sampling so that exactly every Nth packet is counted.
counted. The IPPM Working Group's RFC 'Framework for IP The IPPM Working Group's RFC 'Framework for IP Performance
Performance Metrics' [16] explains why this should be done, Metrics' [IPPM-FRM] explains why this should be done, and sets
and sets out an algorithm for doing it." out an algorithm for doing it."
DEFVAL { 1 } DEFVAL { 1 }
::= { flowInterfaceEntry 1 } ::= { flowInterfaceEntry 1 }
flowInterfaceLostPackets OBJECT-TYPE flowInterfaceLostPackets OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of packets the meter has lost for this interface. "The number of packets the meter has lost for this interface.
Such losses may occur because the meter has been unable to Such losses may occur because the meter has been unable to
skipping to change at page 18, line 11 skipping to change at page 17, line 44
-- --
-- Control Group: Meter Reader Info Table -- Control Group: Meter Reader Info Table
-- --
-- Any meter reader wishing to collect data reliably for flows -- Any meter reader wishing to collect data reliably for flows
-- should first create a row in this table. It should write that -- should first create a row in this table. It should write that
-- row's flowReaderLastTime object each time it starts a collection -- row's flowReaderLastTime object each time it starts a collection
-- pass through the flow table. -- pass through the flow table.
-- If a meter reader (MR) does not create a row in this table, e.g. -- If a meter reader (MR) does not create a row in this table, e.g.
-- because its MIB view [RFC2575] did not allow MR create access to
-- flowReaderStatus, collection can still proceed but the meter will
-- not be aware of meter reader MR. This could lead the meter to
-- recover flows before they have been collected by MR.
flowReaderInfoTable OBJECT-TYPE flowReaderInfoTable OBJECT-TYPE
SYNTAX SEQUENCE OF FlowReaderInfoEntry SYNTAX SEQUENCE OF FlowReaderInfoEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An array of information about meter readers which have "An array of information about meter readers which have
registered their intent to collect flow data from this meter." registered their intent to collect flow data from this meter."
::= { flowControl 3 } ::= { flowControl 3 }
skipping to change at page 20, line 15 skipping to change at page 19, line 50
from the meter. Once this variable has been set to active(1) from the meter. Once this variable has been set to active(1)
a manager may only change this row's flowReaderLastTime and a manager may only change this row's flowReaderLastTime and
flowReaderTimeout variables." flowReaderTimeout variables."
::= { flowReaderInfoEntry 6 } ::= { flowReaderInfoEntry 6 }
flowReaderRuleSet OBJECT-TYPE flowReaderRuleSet OBJECT-TYPE
SYNTAX Integer32 (1..2147483647) SYNTAX Integer32 (1..2147483647)
MAX-ACCESS read-create MAX-ACCESS read-create
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An index to the array of rule sets. Specifies a set of rules "An index to the array of RuleSets. Specifies a set of rules
of interest to this meter reader. The reader will attempt to of interest to this meter reader. The reader will attempt to
collect any data generated by the meter for this rule set, and collect any data generated by the meter for this RuleSet, and
the meter will not recover the memory of any of the rule set's the meter will not recover the memory of any of the RuleSet's
flows until this collection has taken place. Note that a flows until this collection has taken place. Note that a
reader may have entries in this table for several rule sets." reader may have entries in this table for several RuleSets."
::= { flowReaderInfoEntry 7 } ::= { flowReaderInfoEntry 7 }
-- --
-- Control Group: Manager Info Table -- Control Group: Manager Info Table
-- --
-- Any manager wishing to run a RuleSet must create a row in this
-- table. Once it has a table row, the manager may set the control -- table. Once it has a table row, the manager may set the control
-- variables in its row so as to cause the meter to run any valid -- variables in its row so as to cause the meter to run any valid
-- RuleSet held by the meter.
-- A single manager may run several RuleSets; it must create a row
-- in this table for each of them. In short, each row of this table -- in this table for each of them. In short, each row of this table
-- describes (and controls) a 'task' which the meter is executing. -- describes (and controls) a 'task' which the meter is executing.
flowManagerInfoTable OBJECT-TYPE flowManagerInfoTable OBJECT-TYPE
SYNTAX SEQUENCE OF FlowManagerInfoEntry SYNTAX SEQUENCE OF FlowManagerInfoEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An array of information about managers which have "An array of information about managers which have
registered their intent to run rule sets on this meter." registered their intent to run RuleSets on this meter."
::= { flowControl 4 } ::= { flowControl 4 }
flowManagerInfoEntry OBJECT-TYPE flowManagerInfoEntry OBJECT-TYPE
SYNTAX FlowManagerInfoEntry SYNTAX FlowManagerInfoEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Information about a particular meter 'task.' By creating "Information about a particular meter 'task.' By creating
an entry in this table and activating it, a manager requests an entry in this table and activating it, a manager requests
that the meter 'run' the indicated rule set. that the meter 'run' the indicated RuleSet.
The entry also specifies a HighWaterMark and a StandbyRuleSet. The entry also specifies a HighWaterMark and a StandbyRuleSet.
If the meter's flow table usage exceeds this task's If the meter's flow table usage exceeds this task's
HighWaterMark the meter will stop running the task's HighWaterMark the meter will stop running the task's
CurrentRuleSet and switch to its StandbyRuleSet. CurrentRuleSet and switch to its StandbyRuleSet.
If the value of the task's StandbyRuleSet is 0 when its If the value of the task's StandbyRuleSet is 0 when its
HighWaterMark is exceeded, the meter simply stops running the HighWaterMark is exceeded, the meter simply stops running the
task's CurrentRuleSet. By careful selection of HighWaterMarks task's CurrentRuleSet. By careful selection of HighWaterMarks
for the various tasks a manager can ensure that the most for the various tasks a manager can ensure that the most
critical rule sets are the last to stop running as the number critical RuleSets are the last to stop running as the number
of flows increases. of flows increases.
When a manager has determined that the demand for flow table When a manager has determined that the demand for flow table
space has abated, it may cause the task to switch back to its space has abated, it may cause the task to switch back to its
CurrentRuleSet by setting its flowManagerRunningStandby CurrentRuleSet by setting its flowManagerRunningStandby
variable to false(2)." variable to false(2)."
INDEX { flowManagerIndex } INDEX { flowManagerIndex }
::= { flowManagerInfoTable 1 } ::= { flowManagerInfoTable 1 }
FlowManagerInfoEntry ::= SEQUENCE { FlowManagerInfoEntry ::= SEQUENCE {
skipping to change at page 21, line 48 skipping to change at page 21, line 32
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An index which selects an entry in the flowManagerInfoTable." "An index which selects an entry in the flowManagerInfoTable."
::= { flowManagerInfoEntry 1 } ::= { flowManagerInfoEntry 1 }
flowManagerCurrentRuleSet OBJECT-TYPE flowManagerCurrentRuleSet OBJECT-TYPE
SYNTAX Integer32 SYNTAX Integer32
MAX-ACCESS read-create MAX-ACCESS read-create
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Index to the array of rule sets. Specifies which set of "Index to the array of RuleSets. Specifies which set of
rules is the 'current' one for this task. The meter will rules is the 'current' one for this task. The meter will
be 'running' the current ruleset if this row's be 'running' the current RuleSet if this row's
flowManagerRunningStandby value is false(2). flowManagerRunningStandby value is false(2).
When the manager sets this variable the meter will stop using When the manager sets this variable the meter will stop using
the task's old current rule set and start using the new one. the task's old current RuleSet and start using the new one.
Specifying rule set 0 (the empty set) stops flow measurement Specifying RuleSet 0 (the empty set) stops flow measurement
for this task." for this task."
::= { flowManagerInfoEntry 2 } ::= { flowManagerInfoEntry 2 }
flowManagerStandbyRuleSet OBJECT-TYPE flowManagerStandbyRuleSet OBJECT-TYPE
SYNTAX Integer32 SYNTAX Integer32
MAX-ACCESS read-create MAX-ACCESS read-create
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Index to the array of rule sets. After reaching HighWaterMark "Index to the array of RuleSets. After reaching HighWaterMark
(see below) the manager will switch to using the task's (see below) the manager will switch to using the task's
StandbyRuleSet in place of its CurrentRuleSet. For this to be StandbyRuleSet in place of its CurrentRuleSet. For this to be
effective the designated StandbyRuleSet should have a coarser effective the designated StandbyRuleSet should have a coarser
reporting granularity then the CurrentRuleSet. The manager may reporting granularity then the CurrentRuleSet. The manager may
also need to decrease the meter reading interval so that the also need to decrease the meter reading interval so that the
meter can recover flows measured by this task's CurrentRuleSet." meter can recover flows measured by this task's CurrentRuleSet."
DEFVAL { 0 } -- No standby DEFVAL { 0 } -- No standby
::= { flowManagerInfoEntry 3 } ::= { flowManagerInfoEntry 3 }
flowManagerHighWaterMark OBJECT-TYPE flowManagerHighWaterMark OBJECT-TYPE
SYNTAX Integer32 (0..100) SYNTAX Integer32 (0..100)
MAX-ACCESS read-create MAX-ACCESS read-create
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A value expressed as a percentage, interpreted by the meter "A value expressed as a percentage, interpreted by the meter
as an indication of how full the flow table should be before as an indication of how full the flow table should be before
it should switch to the standby rule set (if one has been it should switch to the standby RuleSet (if one has been
specified) for this task. Values of 0% or 100% disable the specified) for this task. Values of 0% or 100% disable the
checking represented by this variable." checking represented by this variable."
::= { flowManagerInfoEntry 4 } ::= { flowManagerInfoEntry 4 }
flowManagerCounterWrap OBJECT-TYPE flowManagerCounterWrap OBJECT-TYPE
SYNTAX INTEGER { wrap(1), scale(2) } SYNTAX INTEGER { wrap(1), scale(2) }
MAX-ACCESS read-create MAX-ACCESS read-create
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"Specifies whether PDU and octet counters should wrap when "Specifies whether PDU and octet counters should wrap when
skipping to change at page 23, line 51 skipping to change at page 23, line 38
flowFloodMark OBJECT-TYPE flowFloodMark OBJECT-TYPE
SYNTAX Integer32 (0..100) SYNTAX Integer32 (0..100)
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A value expressed as a percentage, interpreted by the meter "A value expressed as a percentage, interpreted by the meter
as an indication of how full the flow table should be before as an indication of how full the flow table should be before
it should take some action to avoid running out of resources it should take some action to avoid running out of resources
to handle new flows, as discussed in section 4.6 (Handling to handle new flows, as discussed in section 4.6 (Handling
Increasing Traffic Levels) of the RTFM Architecture RFC [1]. Increasing Traffic Levels) of the RTFM Architecture RFC
[RTFM-ARC].
Values of 0% or 100% disable the checking represented by Values of 0% or 100% disable the checking represented by
this variable." this variable."
DEFVAL { 95 } -- Enabled by default. DEFVAL { 95 } -- Enabled by default.
::= { flowControl 5 } ::= { flowControl 5 }
flowInactivityTimeout OBJECT-TYPE flowInactivityTimeout OBJECT-TYPE
SYNTAX Integer32 SYNTAX Integer32
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
skipping to change at page 25, line 4 skipping to change at page 24, line 43
not running in its normal mode. not running in its normal mode.
When the manager notices this it should take action to remedy When the manager notices this it should take action to remedy
the problem which caused the flooding. It should then monitor the problem which caused the flooding. It should then monitor
flowActiveFlows so as to determine when the flood has receded. flowActiveFlows so as to determine when the flood has receded.
At that point the manager may set flowFloodMode to false(2) to At that point the manager may set flowFloodMode to false(2) to
resume normal operation." resume normal operation."
::= { flowControl 9 } ::= { flowControl 9 }
-- --
-- The Flow Table -- The Flow Table
-- --
-- This is a table kept by a meter, with one flow data entry for every -- This is a table kept by a meter, with one flow data entry for every
-- flow being measured. Each flow data entry stores the attribute -- flow being measured. Each flow data entry stores the attribute
-- values for a traffic flow. Details of flows and their attributes -- values for a traffic flow. Details of flows and their attributes
-- are given in the 'Traffic Flow Measurement: Architecture' -- are given in the 'Traffic Flow Measurement: Architecture'
-- document [RTFM-ARC].
-- From time to time a meter reader may sweep the flow table so as -- From time to time a meter reader may sweep the flow table so as
-- to read counts. This is most effectively achieved by using the -- to read counts. This is most effectively achieved by using the
-- TimeMark variable together with successive GetBulk requests to -- TimeMark variable together with successive GetBulk requests to
-- retrieve the values of the desired flow attribute variables. -- retrieve the values of the desired flow attribute variables.
-- This scheme allows multiple meter readers to independently use the -- This scheme allows multiple meter readers to independently use the
-- same meter; the meter readers do not have to be synchronised and -- same meter; the meter readers do not have to be synchronised and
-- they may use different collection intervals. -- they may use different collection intervals.
-- If identical sets of counts are required from a meter, a manager -- If identical sets of counts are required from a meter, a manager
-- could achieve this using two identical copies of a RuleSet in that
-- meter and switching back and forth between them. This is discussed -- meter and switching back and forth between them. This is discussed
-- further in the RTFM Architecture document [RTFM-ARC].
flowDataTable OBJECT-TYPE flowDataTable OBJECT-TYPE
SYNTAX SEQUENCE OF FlowDataEntry SYNTAX SEQUENCE OF FlowDataEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The list of all flows being measured." "The list of all flows being measured."
::= { flowData 1 } ::= { flowData 1 }
flowDataEntry OBJECT-TYPE flowDataEntry OBJECT-TYPE
skipping to change at page 27, line 35 skipping to change at page 27, line 28
"Index of the interface associated with the source address "Index of the interface associated with the source address
for this flow. It's value is one of those contained in the for this flow. It's value is one of those contained in the
ifIndex field of the meter's interfaces table." ifIndex field of the meter's interfaces table."
::= { flowDataEntry 4 } ::= { flowDataEntry 4 }
flowDataSourceAdjacentType OBJECT-TYPE flowDataSourceAdjacentType OBJECT-TYPE
SYNTAX AdjacentType SYNTAX AdjacentType
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Adjacent address type of the source for this flow. If "Adjacent address type of the source for this flow.
metering is being performed at the network level this will
probably be an 802 MAC address, and the adjacent type will If metering is being performed at the network level,
indicate the medium being used. If traffic is being metered AdjacentType will indicate the medium for the interface on
inside a tunnel, its adjacent address type will be the peer which the flow was observed and AdjacentAddress will be the
type of the host at the end of the tunnel." MAC address for that interface. This is the usual case.
If traffic is being metered inside a tunnel, AdjacentType will
be the peer type of the host at the end of the tunnel and
AdjacentAddress will be the peer address for that host."
::= { flowDataEntry 5 } ::= { flowDataEntry 5 }
flowDataSourceAdjacentAddress OBJECT-TYPE flowDataSourceAdjacentAddress OBJECT-TYPE
SYNTAX AdjacentAddress SYNTAX AdjacentAddress
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Address of the adjacent device on the path for the source "Address of the adjacent device on the path for the source
for this flow." for this flow."
::= { flowDataEntry 6 } ::= { flowDataEntry 6 }
skipping to change at page 29, line 43 skipping to change at page 29, line 41
"Address of the adjacent device on the path for the "Address of the adjacent device on the path for the
destination for this flow." destination for this flow."
::= { flowDataEntry 16 } ::= { flowDataEntry 16 }
flowDataDestAdjacentMask OBJECT-TYPE flowDataDestAdjacentMask OBJECT-TYPE
SYNTAX AdjacentAddress SYNTAX AdjacentAddress
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"1-bits in this mask indicate which bits must match when "1-bits in this mask indicate which bits must match when
comparing the adjacent dest address for this flow." comparing the adjacent destination address for this flow."
::= { flowDataEntry 17 } ::= { flowDataEntry 17 }
flowDataDestPeerType OBJECT-TYPE flowDataDestPeerType OBJECT-TYPE
SYNTAX PeerType SYNTAX PeerType
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Peer address type of the destination for this flow." "Peer address type of the destination for this flow."
::= { flowDataEntry 18 } ::= { flowDataEntry 18 }
skipping to change at page 30, line 17 skipping to change at page 30, line 16
DESCRIPTION DESCRIPTION
"Address of the peer device for the destination of this flow." "Address of the peer device for the destination of this flow."
::= { flowDataEntry 19 } ::= { flowDataEntry 19 }
flowDataDestPeerMask OBJECT-TYPE flowDataDestPeerMask OBJECT-TYPE
SYNTAX PeerAddress SYNTAX PeerAddress
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"1-bits in this mask indicate which bits must match when "1-bits in this mask indicate which bits must match when
comparing the dest peer type for this flow." comparing the destination peer type for this flow."
::= { flowDataEntry 20 } ::= { flowDataEntry 20 }
flowDataDestTransType OBJECT-TYPE flowDataDestTransType OBJECT-TYPE
SYNTAX TransportType SYNTAX TransportType
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Transport address type of the destination for this flow. The "Transport address type of the destination for this flow. The
value of this attribute will depend on the peer address type." value of this attribute will depend on the peer address type."
::= { flowDataEntry 21 } ::= { flowDataEntry 21 }
skipping to change at page 31, line 20 skipping to change at page 31, line 20
"The scale factor applied to this particular flow. Indicates "The scale factor applied to this particular flow. Indicates
the number of bits the octet counter values should be moved the number of bits the octet counter values should be moved
left to obtain the actual values." left to obtain the actual values."
::= { flowDataEntry 25 } ::= { flowDataEntry 25 }
flowDataRuleSet OBJECT-TYPE flowDataRuleSet OBJECT-TYPE
SYNTAX Integer32 (1..255) SYNTAX Integer32 (1..255)
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The RuleSet number of the rule set which created this flow. "The RuleSet number of the RuleSet which created this flow.
Allows a manager to use GetNext or GetBulk requests to find Allows a manager to use GetNext or GetBulk requests to find
flows belonging to a particular RuleSet." flows belonging to a particular RuleSet."
::= { flowDataEntry 26 } ::= { flowDataEntry 26 }
flowDataToOctets OBJECT-TYPE flowDataToOctets OBJECT-TYPE
SYNTAX Counter64 SYNTAX Counter64
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The count of octets flowing from source to destination "The count of octets flowing from source to destination
skipping to change at page 36, line 23 skipping to change at page 36, line 27
-- The Data Package Table -- The Data Package Table
-- --
flowDataPackageTable OBJECT-TYPE flowDataPackageTable OBJECT-TYPE
SYNTAX SEQUENCE OF FlowDataPackageEntry SYNTAX SEQUENCE OF FlowDataPackageEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Index into the Flow Table. Allows a meter reader to retrieve "Index into the Flow Table. Allows a meter reader to retrieve
a sequence containing the values of a specified set of a sequence containing the values of a specified set of
attributes for a flow which came from a specified rule set and attributes for a flow which came from a specified RuleSet and
which was last active at or after a given time." which was last active at or after a given time."
::= { flowData 3 } ::= { flowData 3 }
flowDataPackageEntry OBJECT-TYPE flowDataPackageEntry OBJECT-TYPE
SYNTAX FlowDataPackageEntry SYNTAX FlowDataPackageEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The data package containing selected variables from "The data package containing selected variables from
active rows in the flow table." active rows in the flow table."
skipping to change at page 37, line 43 skipping to change at page 37, line 48
a specified flowPackageTime." a specified flowPackageTime."
::= { flowDataPackageEntry 4 } ::= { flowDataPackageEntry 4 }
flowPackageData OBJECT-TYPE flowPackageData OBJECT-TYPE
SYNTAX OCTET STRING SYNTAX OCTET STRING
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A collection of attribute values for a single flow, as "A collection of attribute values for a single flow, as
specified by this row's indexes. The attribute values are specified by this row's indexes. The attribute values are
contained within a BER-encoded sequence [8], in the order contained within a BER-encoded sequence [ASN-1, ASN-BER],
they appear in their flowPackageSelector. in the order they appear in their flowPackageSelector.
For example, to retrieve a flowPackage containing values for For example, to retrieve a flowPackage containing values for
attributes 11, 18 and 29, for a flow in rule set 7, with flow attributes 11, 18 and 29, for a flow in RuleSet 7, with flow
index 3447, one would GET the package whose Object Identifier index 3447, one would GET the package whose Object Identifier
(OID) is (OID) is
flowPackageData . 3.11.18.29 . 7. 0 . 3447 flowPackageData . 3.11.18.29 . 7. 0 . 3447
To get a package for the next such flow which had been To get a package for the next such flow which had been
active since time 12345 one would GETNEXT the package whose active since time 12345 one would GETNEXT the package whose
Object Identifier (OID) is Object Identifier (OID) is
flowPackageData . 3.11.18.29 . 7. 12345 . 3447" flowPackageData . 3.11.18.29 . 7. 12345 . 3447"
::= { flowDataPackageEntry 5 } ::= { flowDataPackageEntry 5 }
-- --
-- The Rule Table -- The Rule Table
-- --
-- This is an array of RuleSets; the 'running' ones are indicated
-- by the entries in the meter's flowManagerInfoTable. Several
-- RuleSets can be held in a meter so that the manager can change the
-- running RuleSets easily, for example with time of day. Note that
-- a manager may not change the rules in any RuleSet currently
-- referenced within the flowManagerInfoTable (either as 'current' or -- referenced within the flowManagerInfoTable (either as 'current' or
-- 'standby')! See the 'Traffic Flow Measurement: Architecture' -- 'standby')! See the 'Traffic Flow Measurement: Architecture'
-- document [RTFM-ARC] for details of rules and how they are used.
-- Space for a RuleSet is allocated by setting the value of
-- flowRuleInfoSize in the rule table's flowRuleSetInfoTable row. -- flowRuleInfoSize in the rule table's flowRuleSetInfoTable row.
-- Values for each row in the RuleSet (Selector, Mask, MatchedValue,
-- Action and Parameter) can then be set by the meter. -- Action and Parameter) can then be set by the meter.
-- Although an individual rule within a RuleSet could be modified,
-- it is much safer to simply download a complete new RuleSet.
flowRuleTable OBJECT-TYPE flowRuleTable OBJECT-TYPE
SYNTAX SEQUENCE OF FlowRuleEntry SYNTAX SEQUENCE OF FlowRuleEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Contains all the rule sets which may be used by the meter." "Contains all the RuleSets which may be used by the meter."
::= { flowRules 1 } ::= { flowRules 1 }
flowRuleEntry OBJECT-TYPE flowRuleEntry OBJECT-TYPE
SYNTAX FlowRuleEntry SYNTAX FlowRuleEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The rule record itself." "The rule record itself."
INDEX { flowRuleSet, flowRuleIndex } INDEX { flowRuleSet, flowRuleIndex }
::= { flowRuleTable 1 } ::= { flowRuleTable 1 }
skipping to change at page 39, line 10 skipping to change at page 39, line 16
flowRuleMatchedValue RuleAddress, flowRuleMatchedValue RuleAddress,
flowRuleAction ActionNumber, flowRuleAction ActionNumber,
flowRuleParameter Integer32 flowRuleParameter Integer32
} }
flowRuleSet OBJECT-TYPE flowRuleSet OBJECT-TYPE
SYNTAX Integer32 (1..2147483647) SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Selects a rule set from the array of rule sets." "Selects a RuleSet from the array of RuleSets."
::= { flowRuleEntry 1 } ::= { flowRuleEntry 1 }
flowRuleIndex OBJECT-TYPE flowRuleIndex OBJECT-TYPE
SYNTAX Integer32 (1..65535) SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The index into the Rule table. N.B: These values will "The index into the Rule table. N.B: These values will
normally be consecutive, given the fall-through semantics normally be consecutive, given the fall-through semantics
of processing the table." of processing the table."
::= { flowRuleEntry 2 } ::= { flowRuleEntry 2 }
flowRuleSelector OBJECT-TYPE flowRuleSelector OBJECT-TYPE
SYNTAX RuleAttributeNumber SYNTAX RuleAttributeNumber
skipping to change at page 39, line 37 skipping to change at page 39, line 43
DESCRIPTION DESCRIPTION
"Indicates the attribute to be matched. "Indicates the attribute to be matched.
null(0) is a special case; null rules always succeed. null(0) is a special case; null rules always succeed.
matchingStoD(50) is set by the meter's Packet Matching Engine. matchingStoD(50) is set by the meter's Packet Matching Engine.
Its value is true(1) if the PME is attempting to match the Its value is true(1) if the PME is attempting to match the
packet with its addresses in Source-to-Destination order (i.e. packet with its addresses in Source-to-Destination order (i.e.
as they appear in the packet), and false(2) otherwise. as they appear in the packet), and false(2) otherwise.
Details of how packets are matched are given in the 'Traffic Details of how packets are matched are given in the 'Traffic
Flow Measurement: Architecture' document [1]. Flow Measurement: Architecture' document [RTFM-ARC].
v1(51), v2(52), v3(53), v4(54) and v5(55) select meter v1(51), v2(52), v3(53), v4(54) and v5(55) select meter
variables, each of which can hold the name (i.e. selector variables, each of which can hold the name (i.e. selector
value) of an address attribute. When one of these is used value) of an address attribute. When one of these is used
as a selector, its value specifies the attribute to be as a selector, its value specifies the attribute to be
tested. Variable values are set by an Assign action." tested. Variable values are set by an Assign action."
::= { flowRuleEntry 3 } ::= { flowRuleEntry 3 }
flowRuleMask OBJECT-TYPE flowRuleMask OBJECT-TYPE
SYNTAX RuleAddress SYNTAX RuleAddress
skipping to change at page 40, line 25 skipping to change at page 40, line 33
::= { flowRuleEntry 5 } ::= { flowRuleEntry 5 }
flowRuleAction OBJECT-TYPE flowRuleAction OBJECT-TYPE
SYNTAX ActionNumber SYNTAX ActionNumber
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The action to be taken if this rule's test succeeds, or if "The action to be taken if this rule's test succeeds, or if
the meter's 'test' flag is off. Actions are opcodes for the the meter's 'test' flag is off. Actions are opcodes for the
meter's Packet Matching Engine; details are given in the meter's Packet Matching Engine; details are given in the
'Traffic Flow Measurement: Architecture' document [1]." 'Traffic Flow Measurement: Architecture' document [RTFM-ARC]."
::= { flowRuleEntry 6 } ::= { flowRuleEntry 6 }
flowRuleParameter OBJECT-TYPE flowRuleParameter OBJECT-TYPE
SYNTAX Integer32 (1..65535) SYNTAX Integer32 (1..65535)
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A parameter value providing extra information for the "A parameter value providing extra information for this rule's
rule's action." action. Most of the actions use the parameter value to specify
which rule to excute after this rule's test has failed; details
are given in the 'Traffic Flow Measurement: Architecture'
document [RTFM-ARC]."
::= { flowRuleEntry 7 } ::= { flowRuleEntry 7 }
-- --
-- Traffic Flow Meter conformance statement -- Traffic Flow Meter conformance statement
-- --
flowMIBCompliances flowMIBCompliances
OBJECT IDENTIFIER ::= { flowMIBConformance 1 } OBJECT IDENTIFIER ::= { flowMIBConformance 1 }
flowMIBGroups flowMIBGroups
skipping to change at page 41, line 11 skipping to change at page 41, line 23
flowRuleInfoName, flowRuleInfoName,
flowRuleInfoRulesReady, flowRuleInfoRulesReady,
flowRuleInfoFlowRecords, flowRuleInfoFlowRecords,
flowInterfaceSampleRate, flowInterfaceSampleRate,
flowInterfaceLostPackets, flowInterfaceLostPackets,
flowReaderTimeout, flowReaderOwner, flowReaderTimeout, flowReaderOwner,
flowReaderLastTime, flowReaderPreviousTime, flowReaderLastTime, flowReaderPreviousTime,
flowReaderStatus, flowReaderRuleSet, flowReaderStatus, flowReaderRuleSet,
flowManagerCurrentRuleSet, flowManagerStandbyRuleSet, flowManagerCurrentRuleSet, flowManagerStandbyRuleSet,
flowManagerHighWaterMark, flowManagerHighWaterMark,
flowManagerCounterWrap,
flowManagerOwner, flowManagerTimeStamp, flowManagerOwner, flowManagerTimeStamp,
flowManagerStatus, flowManagerRunningStandby, flowManagerStatus, flowManagerRunningStandby,
flowFloodMark, flowFloodMark,
flowInactivityTimeout, flowActiveFlows, flowInactivityTimeout, flowActiveFlows,
flowMaxFlows, flowFloodMode } flowMaxFlows, flowFloodMode }
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"The control group defines objects which are used to control "The control group defines objects which are used to control
an accounting meter." an accounting meter."
::= {flowMIBGroups 1 } ::= {flowMIBGroups 1 }
flowDataTableGroup OBJECT-GROUP flowDataTableGroup OBJECT-GROUP
OBJECTS { OBJECTS {
-- flowDataIndex, <- INDEX, not-accessible
flowDataStatus, flowDataStatus,
flowDataSourceInterface, flowDataSourceInterface,
flowDataSourceAdjacentType, flowDataSourceAdjacentType,
flowDataSourceAdjacentAddress, flowDataSourceAdjacentMask, flowDataSourceAdjacentAddress, flowDataSourceAdjacentMask,
flowDataSourcePeerType, flowDataSourcePeerType,
flowDataSourcePeerAddress, flowDataSourcePeerMask, flowDataSourcePeerAddress, flowDataSourcePeerMask,
flowDataSourceTransType, flowDataSourceTransType,
flowDataSourceTransAddress, flowDataSourceTransMask, flowDataSourceTransAddress, flowDataSourceTransMask,
flowDataDestInterface, flowDataDestInterface,
flowDataDestAdjacentType, flowDataDestAdjacentType,
flowDataDestAdjacentAddress, flowDataDestAdjacentMask, flowDataDestAdjacentAddress, flowDataDestAdjacentMask,
flowDataDestPeerType, flowDataDestPeerType,
flowDataDestPeerAddress, flowDataDestPeerMask, flowDataDestPeerAddress, flowDataDestPeerMask,
flowDataDestTransType, flowDataDestTransType,
flowDataDestTransAddress, flowDataDestTransMask, flowDataDestTransAddress, flowDataDestTransMask,
-- flowDataRuleSet, <- INDEX, not-accessible
flowDataToOctets, flowDataToPDUs, flowDataToOctets, flowDataToPDUs,
flowDataFromOctets, flowDataFromPDUs, flowDataFromOctets, flowDataFromPDUs,
flowDataFirstTime, flowDataLastActiveTime, flowDataFirstTime, flowDataLastActiveTime,
flowDataSourceClass, flowDataDestClass, flowDataClass, flowDataSourceClass, flowDataDestClass, flowDataClass,
flowDataSourceKind, flowDataDestKind, flowDataKind flowDataSourceKind, flowDataDestKind, flowDataKind
} }
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"The flow table group defines objects which provide the "The flow table group defines objects which provide the
structure for the flow table, including the creation time structure for the flow table, including the creation time
skipping to change at page 42, line 47 skipping to change at page 43, line 9
} }
STATUS deprecated STATUS deprecated
DESCRIPTION DESCRIPTION
"The flow column table group defines objects which can be used "The flow column table group defines objects which can be used
to collect part of a column of attribute values from the flow to collect part of a column of attribute values from the flow
table." table."
::= {flowMIBGroups 5 } ::= {flowMIBGroups 5 }
flowDataPackageGroup OBJECT-GROUP flowDataPackageGroup OBJECT-GROUP
OBJECTS { OBJECTS {
flowPackageData flowPackageData
} }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The data package group defines objects which can be used "The data package group defines objects which can be used
to collect a specified set of attribute values from a row of to collect a specified set of attribute values from a row of
the flow table." the flow table."
::= {flowMIBGroups 6 } ::= {flowMIBGroups 6 }
flowRuleTableGroup OBJECT-GROUP flowRuleTableGroup OBJECT-GROUP
skipping to change at page 43, line 47 skipping to change at page 44, line 7
flowRuleInfoName, flowRuleInfoName,
-- flowRuleInfoRulesReady, <- Deprecated -- flowRuleInfoRulesReady, <- Deprecated
flowRuleInfoFlowRecords, flowRuleInfoFlowRecords,
flowInterfaceSampleRate, flowInterfaceSampleRate,
flowInterfaceLostPackets, flowInterfaceLostPackets,
flowReaderTimeout, flowReaderOwner, flowReaderTimeout, flowReaderOwner,
flowReaderLastTime, flowReaderPreviousTime, flowReaderLastTime, flowReaderPreviousTime,
flowReaderStatus, flowReaderRuleSet, flowReaderStatus, flowReaderRuleSet,
flowManagerCurrentRuleSet, flowManagerStandbyRuleSet, flowManagerCurrentRuleSet, flowManagerStandbyRuleSet,
flowManagerHighWaterMark, flowManagerHighWaterMark,
-- flowManagerCounterWrap, <- Moved to DataScaleGroup
flowManagerOwner, flowManagerTimeStamp, flowManagerOwner, flowManagerTimeStamp,
flowManagerStatus, flowManagerRunningStandby, flowManagerStatus, flowManagerRunningStandby,
flowFloodMark, flowFloodMark,
flowInactivityTimeout, flowActiveFlows, flowInactivityTimeout, flowActiveFlows,
flowMaxFlows, flowFloodMode } flowMaxFlows, flowFloodMode }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The control group defines objects which are used to control "The control group defines objects which are used to control
an accounting meter. It replaces the earlier version of an accounting meter. It replaces the earlier version of
flowControlGroup above (now deprecated)." flowControlGroup above (now deprecated)."
::= {flowMIBGroups 9 } ::= {flowMIBGroups 9 }
flowDataTableGroup2 OBJECT-GROUP
OBJECTS {
flowDataSourceInterface,
flowDataSourceAdjacentType,
flowDataSourceAdjacentAddress, flowDataSourceAdjacentMask,
flowDataSourcePeerType,
flowDataSourcePeerAddress, flowDataSourcePeerMask,
flowDataSourceTransType,
flowDataSourceTransAddress, flowDataSourceTransMask,
flowDataDestInterface,
flowDataDestAdjacentType,
flowDataDestAdjacentAddress, flowDataDestAdjacentMask,
flowDataDestPeerType,
flowDataDestPeerAddress, flowDataDestPeerMask,
flowDataDestTransType,
flowDataDestTransAddress, flowDataDestTransMask,
flowDataToOctets, flowDataToPDUs,
flowDataFromOctets, flowDataFromPDUs,
flowDataFirstTime, flowDataLastActiveTime,
flowDataSourceClass, flowDataDestClass, flowDataClass,
flowDataSourceKind, flowDataDestKind, flowDataKind
}
STATUS current
DESCRIPTION
"This flow table group defines objects which provide the
structure for the flow table. It replaces the earlier
version of flowDataTableGroup above (now deprecated)."
::= {flowMIBGroups 10 }
flowMIBCompliance MODULE-COMPLIANCE flowMIBCompliance MODULE-COMPLIANCE
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The compliance statement for a Traffic Flow Meter." "The compliance statement for a Traffic Flow Meter."
MODULE MODULE
MANDATORY-GROUPS { MANDATORY-GROUPS {
flowControlGroup2, flowControlGroup2,
flowDataTableGroup2, flowDataTableGroup,
flowDataPackageGroup, flowDataPackageGroup,
flowRuleTableGroup flowRuleTableGroup
} }
::= { flowMIBCompliances 1 } ::= { flowMIBCompliances 1 }
END END
6 Security Considerations 5 Security Considerations
6.1 SNMP Concerns 5.1 SNMP Concerns
There are a number of management objects defined in this MIB that have a There are a number of management objects defined in this MIB that have a
MAX-ACCESS clause of read-write and/or read-create. Such objects may be MAX-ACCESS clause of read-write and/or read-create. Such objects may be
considered sensitive or vulnerable in some network environments. The considered sensitive or vulnerable in some network environments. The
support for SET operations in a non-secure environment without proper support for SET operations in a non-secure environment without proper
protection can have a negative effect on network operations. protection can have a negative effect on network operations.
There are a number of managed objects in this MIB that may contain There are a number of managed objects in this MIB that may contain
sensitive information. These include all the objects in the Control sensitive information. These include all the objects in the Control
Group (since they control access to meter resources by Managers and Group (since they control access to meter resources by Managers and
skipping to change at page 45, line 35 skipping to change at page 45, line 17
over the network via SNMP. Not all versions of SNMP provide features for over the network via SNMP. Not all versions of SNMP provide features for
such a secure environment. such a secure environment.
SNMPv1 by itself is not a secure environment. Even if the network SNMPv1 by itself is not a secure environment. Even if the network
itself is secure (for example by using IPSec), even then, there is no itself is secure (for example by using IPSec), even then, there is no
control as to who on the secure network is allowed to access and GET/SET control as to who on the secure network is allowed to access and GET/SET
(read/change/create/delete) the objects in this MIB. (read/change/create/delete) the objects in this MIB.
It is recommended that the implementers consider the security features It is recommended that the implementers consider the security features
as provided by the SNMPv3 framework. Specifically, the use of the as provided by the SNMPv3 framework. Specifically, the use of the
User-based Security Model [14] and the View-based Access Control Model User-based Security Model [RFC2574] and the View-based Access Control
[15] is recommended. Model [RFC2575] is recommended.
It is then a customer/user responsibility to ensure that the SNMP entity It is then a customer/user responsibility to ensure that the SNMP entity
giving access to an instance of this MIB is properly configured to give giving access to an instance of this MIB is properly configured to give
access to the objects only to those principals (users) that have access to the objects only to those principals (users) that have
legitimate rights to indeed GET or SET (change/create/delete) them. legitimate rights to indeed GET or SET (change/create/delete) them.
6.2 Traffic Meter Concerns 5.2 Traffic Meter Concerns
This MIB describes how an RTFM traffic meter is controlled, and provides This MIB describes how an RTFM traffic meter is controlled, and provides
a way for traffic flow data to be retrieved from it by a meter reader. a way for traffic flow data to be retrieved from it by a meter reader.
This is essentially an application using SNMP as a method of This is essentially an application using SNMP as a method of
communication between co-operating hosts; it does not - in itself - have communication between co-operating hosts; it does not - in itself - have
any inherent security risks. any inherent security risks.
Since, however, the traffic flow data can be extremely valuable for Since, however, the traffic flow data can be extremely valuable for
network management purposes it is vital that sensible precautions be network management purposes it is vital that sensible precautions be
taken to keep the meter and its data secure. In particular, an attacker taken to keep the meter and its data secure. In particular, an attacker
must not be permitted to write any of the meter's variables! This must not be permitted to write any of the meter's variables! This
requires that access to the meter for control purposes (e.g. loading requires that access to the meter for control purposes (e.g. loading
RuleSets and reading flow data) be restricted. Such restriction could RuleSets and reading flow data) be restricted. Such restriction could
be achieved in many ways, for example: be achieved in many ways, for example:
- Physical Separation. Meter(s) and meter reader(s) could be - Physical Separation. Meter(s) and meter reader(s) could be
deployed so that control capabilities are kept within a separate deployed so that control capabilities are kept within a separate
network, access to which is carefully controlled. network, access to which is carefully controlled.
- Application-layer Security. A minimal level of security for SNMP - Application-layer Security. A minimal level of security for SNMP
is provided by using 'community' strings, which are essentially can be provided by using 'community' strings (which are essentially
clear-text passwords. Stronger security for SNMP is being clear-text passwords) with SNMPv2C [RFC1157]. Where stronger
developed within the IETF (see above); when this becomes available security is needed, users should consider using the User-based
it should be used to protect managed network equipment. Security Model [RFC2574] and the View-based Access Control Model
[RFC2575].
- Lower-layer Security. Access to the meter can be protected using - Lower-layer Security. Access to the meter can be protected using
encryption at the network layer. For example, one could run SNMP encryption at the network layer. For example, one could run SNMP
to the meter through an encrypted TCP tunnel. to the meter through an encrypted TCP tunnel.
When implementing a meter it may be sensible to use separate network When implementing a meter it may be sensible to use separate network
interfaces for control and for metering. If this is done the control interfaces for control and for metering. If this is done the control
network can be set up so that it doesn't carry any 'user' traffic, and network can be set up so that it doesn't carry any 'user' traffic, and
the metering interfaces can ignore any user attempts to take control of the metering interfaces can ignore any user attempts to take control of
the meter. the meter.
skipping to change at page 47, line 16 skipping to change at page 46, line 39
the counters in a flow to wrap several times between meter the counters in a flow to wrap several times between meter
readings, thus causing the counts to be artificially low. The readings, thus causing the counts to be artificially low. The
change to using 64-bit counters in this MIB reduces this problem change to using 64-bit counters in this MIB reduces this problem
significantly. significantly.
Users can reduce the severity of both the above attacks by ensuring that Users can reduce the severity of both the above attacks by ensuring that
their meters are read often enough to prevent them being flooded. The their meters are read often enough to prevent them being flooded. The
resulting flow data will contain a record of the attacking packets, resulting flow data will contain a record of the attacking packets,
which may well be useful in determining where any attack came from. which may well be useful in determining where any attack came from.
7 IANA Considerations 6 IANA Considerations
The RTFM Architecture document [1], has two sets of assigned numbers: The RTFM Architecture document [RTFM-ARC], has two sets of assigned
Opcodes for the PME (Pattern Matching Engine) and RTFM Attribute numbers: Opcodes for the PME (Pattern Matching Engine) and RTFM
numbers. All the assigned numbers used in the Meter MIB appear in Attribute numbers. All the assigned numbers used in the Meter MIB
Textual Conventions. The numbers they use are derived as follows: appear in Textual Conventions. The numbers they use are derived as
follows:
The MIB's 'Type' textual conventions use names and numbers from the The MIB's 'Type' textual conventions use names and numbers from the
Assigned Numbers RFC [11]: Assigned Numbers RFC [ASG-NBR]:
MediumType Uses ifType Definitions MediumType Uses ifType Definitions
PeerType Uses Address Family Numbers PeerType Uses Address Family Numbers
TransportType Uses Protocol Numbers TransportType Uses Protocol Numbers
The MIB's 'AttributeNumber' textual conventions use RTFM Attribute names The MIB's 'AttributeNumber' textual conventions use RTFM Attribute
and numbers from the RTFM Architecture document [1], or other numbers names and numbers from the RTFM Architecture document [RTFM-ARC], or
allocated according to that document's IANA Considerations section: other numbers allocated according to that document's IANA
Considerations section:
FlowAttributeNumber Have values stored in a flow table row FlowAttributeNumber Have values stored in a flow table row
RuleAttributeNumber May be tested in a rule RuleAttributeNumber May be tested in a rule
The MIB's ActionNumber textual convention uses RTFM PME Opcode names and The MIB's ActionNumber textual convention uses RTFM PME Opcode names and
numbers from the RTFM Architecture document [1], or other numbers numbers from the RTFM Architecture document [RTFM-ARC], or other numbers
allocated according to that document's IANA Considerations section. allocated according to that document's IANA Considerations section.
8 Appendix A: Changes Introduced Since RFC 2064 7 Appendix A: Changes Introduced Since RFC 2064
The first version of the Meter MIB was published as RFC 2064 in January The first version of the Meter MIB was published as RFC 2064 in January
1997. The most significant changes since then are summarised below. 1997. The most significant changes since then are summarised below.
- TEXTUAL CONVENTIONS: Greater use is made of textual conventions to - TEXTUAL CONVENTIONS: Greater use is made of textual conventions to
describe the various types of addresses used by the meter. describe the various types of addresses used by the meter.
- PACKET MATCHING ATTRIBUTES: Computed attributes (e.g. FlowClass - PACKET MATCHING ATTRIBUTES: Computed attributes (e.g. FlowClass and
and FlowKind) may now be tested. This allows one to use these FlowKind) may now be tested. This allows one to use these
variables to store information during packet matching. variables to store information during packet matching.
A new attribute, MatchingStoD, has been added. Its value is 1 A new attribute, MatchingStoD, has been added. Its value is 1
while a packet is being matched with its adresses in 'wire' while a packet is being matched with its adresses in 'wire'
(source-to-destination) order. (source-to-destination) order.
- FLOOD MODE: This is now a read-write variable. Setting it to - FLOOD MODE: This is now a read-write variable. Setting it to
false(2) switches the meter out of flood mode and back to normal false(2) switches the meter out of flood mode and back to normal
operation. operation.
- CONTROL TABLES: Several variables have been added to the RuleSet, - CONTROL TABLES: Several variables have been added to the RuleSet,
Reader and Manager tables to provide more effective control of the Reader and Manager tables to provide more effective control of the
skipping to change at page 48, line 24 skipping to change at page 47, line 47
false(2) switches the meter out of flood mode and back to normal false(2) switches the meter out of flood mode and back to normal
operation. operation.
- CONTROL TABLES: Several variables have been added to the RuleSet, - CONTROL TABLES: Several variables have been added to the RuleSet,
Reader and Manager tables to provide more effective control of the Reader and Manager tables to provide more effective control of the
meter's activities. meter's activities.
- FLOW TABLE: 64-bit counters are used for octet and PDU counts. - FLOW TABLE: 64-bit counters are used for octet and PDU counts.
This reduces the problems caused by the wrap-around of 32-bit This reduces the problems caused by the wrap-around of 32-bit
counters in earlier versions. counters in earlier versions.
flowDataRuleSet is now used as an index to the flow table. This flowDataRuleSet is now used as an index to the flow table. This
allows a meter reader to collect only those flow table rows created allows a meter reader to collect only those flow table rows created
by a specified RuleSet. by a specified RuleSet.
- DATA PACKAGES: This is a new table, allowing a meter reader to - DATA PACKAGES: This is a new table, allowing a meter reader to
retrieve values for a list of attributes from a flow as a single retrieve values for a list of attributes from a flow as a single
object. When used with SNMP GetBulk requests it provides an object (a BER-encoded sequence [ASN-1, ASN-BER]). It provides an
efficient way to recover flow data. efficient way to recover flow data, particularly when used with
SNMP GetBulk requests.
Earlier versions had a 'Column Activity Table;' using this it was Earlier versions had a 'Column Activity Table;' using this it was
difficult to collect all data for a flow efficiently in a single difficult to collect all data for a flow efficiently in a single
SNMP request. SNMP request.
9 Acknowledgements 8 Acknowledgements
An early draft of this document was produced under the auspices of the An early draft of this document was produced under the auspices of the
IETF's Accounting Working Group with assistance from the SNMP Working IETF's Accounting Working Group with assistance from the SNMP Working
Group and the Security Area Advisory Group. Particular thanks are due Group and the Security Area Advisory Group. Particular thanks are due
to Jim Barnes, Sig Handelman and Stephen Stibler for their support and to Jim Barnes, Sig Handelman and Stephen Stibler for their support and
their assistance with checking early versions of the MIB. their assistance with checking early versions of the MIB.
Stephen Stibler shared the development workload of producing the MIB Stephen Stibler shared the development workload of producing the MIB
changes summarized in chapter 5 (above). changes summarized in chapter 5 (above).
10 References 9 References
[1] Brownlee, N., Mills, C. and G. Ruth, "Traffic Flow [ACT-BKG] Mills, C., Hirsch, G. and Ruth, G., "Internet Accounting
Measurement: Architecture", RFC 2063, The University of Background," RFC 1272, November 1991.
Auckland, GTE Laboratories, Inc, January 1997.
[2] McCloghrie, K. and Rose, M., Editors, "Management [ASG-NBR] Reynolds, J., Postel, J., "Assigned Numbers,"
RFC 1700, ISI, October 1994.
[ASN-1] Information processing systems - Open Systems
Interconnection - Specification of Abstract Syntax Notation
One (ASN.1), International Organization for Standardization,
International Standard 8824, December 1987.
[ASN-BER] Information processing systems - Open Systems
Interconnection - Specification of Basic Encoding Rules for
Abstract Notation One (ASN.1), International Organization
for Standardization, International Standard 8825,
December 1987.
[ENET-OBJ] Kastenholz., F., "Definitions of Managed Objects for the
[FDDI-MIB] Case, J. and Rijsinghani., A., "FDDI Management
Information Base," September 1993.
[IPPM-FRM] Paxson, V., Almes, G., Mahdavi, J. and Mathis, M.,
"Framework for IP Performance Metrics," RFC 2330, May 1998.
[MIB-II] McCloghrie, K. and Rose, M., Editors, "Management
Information Base for Network Management of TCP/IP-based Information Base for Network Management of TCP/IP-based
internets," RFC 1213, Performance Systems International, internets: MIB-II," RFC 1213, March 1991.
March 1991.
[3] Case J., McCloghrie K., Rose M. and Waldbusser S., [RFC1155] Rose, M., and K. McCloghrie, "Structure and Identification
"Structure of Management Information for version 2 of the of Management Information for TCP/IP-based Internets",
Simple Network Managemenet Protocol," RFC 1902, SNMP
Research Inc., Hughes LAN Systems, Dover Beach Consulting,
Carnegie Mellon University, January 1996.
[4] Case J., McCloghrie, K., Rose, M. and Waldbusser, S., [RFC1157] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple
"Textual Conventions for version 2 of the Simple Network Network Management Protocol", STD 15, RFC 1157, May 1990.
Managemenet Protocol SNMPv2", RFC 1903, SNMP Research Inc.,
Hughes LAN Systems, Dover Beach Consulting, Carnegie Mellon
University, January 1996.
[5] Case, J., McCloghrie, K., Rose, M. and Waldbusser, S., [RFC1212] Rose, M., and K. McCloghrie, "Concise MIB Definitions",
"Conformance Statements for version 2 of the Simple Network
Managemenet Protocol (SNMPv2)," RFC 1904, SNMP Research Inc.,
Hughes LAN Systems, Dover Beach Consulting, Carnegie Mellon
University, January 1996.
[6] Case, J., McCloghrie, K., Rose, M. and Waldbusser, S., [RFC1215] M. Rose, "A Convention for Defining Traps for use with
"Coexistence between version 1 and version 2 of the
Internet-standard Network Management Framework," RFC 1908,
SNMP Research Inc., Hughes LAN Systems, Dover Beach Consulting,
Carnegie Mellon University, January 1996.
[7] Information processing systems - Open Systems [RFC1901] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
Interconnection - Specification of Abstract Syntax Notation One "Introduction to Community-based SNMPv2",
(ASN.1), International Organization for Standardization, RFC 1901, January 1996.
International Standard 8824, December 1987.
[8] Information processing systems - Open Systems [RFC1905] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
Interconnection - Specification of Basic Encoding Rules for "Protocol Operations for Version 2 of the Simple Network
Abstract Notation One (ASN.1), International Organization for Management Protocol (SNMPv2)", RFC 1905, January 1996.
Standardization, International Standard 8825, December 1987.
[9] Mills, C., Hirsch, G. and Ruth, G., "Internet Accounting [RFC1906] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
Background," RFC 1272, Bolt Beranek and Newman Inc., "Transport Mappings for Version 2 of the Simple Network
Meridian Technology Corporation, November 1991. Management Protocol (SNMPv2)", RFC 1906, January 1996.
[10] Waldbusser, S., "Remote Network Monitoring Management [RFC1908] Case, J., McCloghrie, K., Rose, M. and Waldbusser, S.,
Information Base Version 2 using SMIv2," RFC 2021, INS, "Coexistence between version 1 and version 2 of the
January 1997. Internet-standard Network Management Framework," RFC 1908
[11] Reynolds, J., Postel, J., "Assigned Numbers," RFC 1700, [RFC2570] Case, J., Mundy, R., Partain, D., and B. Stewart,
ISI, October 1994. "Introduction to Version 3 of the Internet-standard Network
[12] Case, J., "FDDI Management Information Base," RFC 1285, [RFC2571] Harrington, D., Presuhn, R., and Wijnen, B.,
SNMP Research Incorporated, January 1992. "An Architecture for Describing SNMP Management Frameworks",
[13] Hinden, R.and Deering, S., "IP Version 6 Addressing [RFC2572] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message
Architecture," RFC 2373, Ipsilon Networks, Xerox PARC, Processing and Dispatching for the Simple Network Management
July 1998.
[14] Blumenthal, U, and B. Wijnen, "User-based Security Model [RFC2573] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications",
[RFC2574] Blumenthal, U., and B. Wijnen, "User-based Security Model
(USM) for version 3 of the Simple Network Management (USM) for version 3 of the Simple Network Management
Protocol (SNMPv3)", RFC 2274, January 1998.
[15] Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based [RFC2575] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based
Access Control Model for the Simple Network Management Access Control Model (VACM) for the Simple Network
Protocol (SNMP)", RFC 2275, January 1998.
[16] Paxson, V., Almes, G., Mahdavi, J. and Mathis, M., [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
"Framework for IP Performance Metrics," RFC 2330, May 1998. Rose, M., and S. Waldbusser, "Structure of Management
Information Version 2 (SMIv2)",
11 Author's Address [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
Rose, M., and S. Waldbusser, "Textual Conventions for
[RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
Rose, M., and S. Waldbusser, "Conformance Statements for
[RMON2-MIB] Waldbusser, S., "Remote Network Monitoring Management
Information Base Version 2 using SMIv2," RFC 2021,
January 1997.
[RTFM-ARC] Brownlee, N., Mills, C. and G. Ruth, "Traffic Flow
Measurement: Architecture", RFC 2063, January 1997.
[V6-ADDR] Hinden, R.and Deering, S., "IP Version 6 Addressing
Architecture," RFC 2373, July 1998.
10 Author's Address
Nevil Brownlee Nevil Brownlee
Information Technology Systems & Services Information Technology Systems & Services
The University of Auckland The University of Auckland
Private Bag 92-019
Auckland, New Zealand
Phone: +64 9 373 7599 x8941 Phone: +64 9 373 7599 x8941
E-mail: n.brownlee@auckland.ac.nz E-mail: n.brownlee@auckland.ac.nz
Expires December 1999 Expires February 2000
 End of changes. 165 change blocks. 
297 lines changed or deleted 324 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/