summaryrefslogtreecommitdiff
path: root/mibs/SNMP-FRAMEWORK-MIB.txt
blob: aa273c2858406630b179ddcc5711bc9f04e56a6a (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
SNMP-FRAMEWORK-MIB DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE,
    OBJECT-IDENTITY,
    snmpModules                           FROM SNMPv2-SMI
    TEXTUAL-CONVENTION                    FROM SNMPv2-TC
    MODULE-COMPLIANCE, OBJECT-GROUP       FROM SNMPv2-CONF;

snmpFrameworkMIB MODULE-IDENTITY
    LAST-UPDATED "200210140000Z"
    ORGANIZATION "SNMPv3 Working Group"
    CONTACT-INFO "WG-EMail:   snmpv3@lists.tislabs.com
                  Subscribe:  snmpv3-request@lists.tislabs.com

                  Co-Chair:   Russ Mundy
                              Network Associates Laboratories
                  postal:     15204 Omega Drive, Suite 300
                              Rockville, MD 20850-4601
                              USA
                  EMail:      mundy@tislabs.com
                  phone:      +1 301-947-7107

                  Co-Chair &
                  Co-editor:  David Harrington
                              Enterasys Networks
                  postal:     35 Industrial Way
                              P. O. Box 5005
                              Rochester, New Hampshire 03866-5005
                              USA
                  EMail:      dbh@enterasys.com
                  phone:      +1 603-337-2614

                  Co-editor:  Randy Presuhn
                              BMC Software, Inc.
                  postal:     2141 North First Street
                              San Jose, California 95131
                              USA
                  EMail:      randy_presuhn@bmc.com
                  phone:      +1 408-546-1006

                  Co-editor:  Bert Wijnen
                              Lucent Technologies
                  postal:     Schagen 33
                              3461 GL Linschoten
                              Netherlands

                  EMail:      bwijnen@lucent.com
                  phone:      +31 348-680-485
                    "
       DESCRIPTION  "The SNMP Management Architecture MIB

                     Copyright (C) The Internet Society (2002). This
                     version of this MIB module is part of RFC 3411;
                     see the RFC itself for full legal notices.
                    "

       REVISION     "200210140000Z"         -- 14 October 2002
       DESCRIPTION  "Changes in this revision:
                     - Updated various administrative information.
                     - Corrected some typos.
                     - Corrected typo in description of SnmpEngineID
                       that led to range overlap for 127.
                     - Changed '255a' to '255t' in definition of
                       SnmpAdminString to align with current SMI.
                     - Reworded 'reserved' for value zero in
                       DESCRIPTION of SnmpSecurityModel.
                     - The algorithm for allocating security models
                       should give 256 per enterprise block, rather
                       than 255.
                     - The example engine ID of 'abcd' is not
                       legal. Replaced with '800002b804616263'H based
                       on example enterprise 696, string 'abc'.
                     - Added clarification that engineID should
                       persist across re-initializations.
                     This revision published as RFC 3411.
                    "
       REVISION     "199901190000Z"         -- 19 January 1999
       DESCRIPTION  "Updated editors' addresses, fixed typos.
                     Published as RFC 2571.
                    "
       REVISION     "199711200000Z"         -- 20 November 1997
       DESCRIPTION  "The initial version, published in RFC 2271.
                    "
       ::= { snmpModules 10 }

   -- Textual Conventions used in the SNMP Management Architecture ***

SnmpEngineID ::= TEXTUAL-CONVENTION
    STATUS       current
    DESCRIPTION "An SNMP engine's administratively-unique identifier.
                 Objects of this type are for identification, not for
                 addressing, even though it is possible that an
                 address may have been used in the generation of
                 a specific value.

                 The value for this object may not be all zeros or
                 all 'ff'H or the empty (zero length) string.

                 The initial value for this object may be configured
                 via an operator console entry or via an algorithmic
                 function.  In the latter case, the following
                 example algorithm is recommended.

                 In cases where there are multiple engines on the
                 same system, the use of this algorithm is NOT
                 appropriate, as it would result in all of those
                 engines ending up with the same ID value.

                 1) The very first bit is used to indicate how the
                    rest of the data is composed.

                    0 - as defined by enterprise using former methods
                        that existed before SNMPv3. See item 2 below.

                    1 - as defined by this architecture, see item 3
                        below.

                    Note that this allows existing uses of the
                    engineID (also known as AgentID [RFC1910]) to
                    co-exist with any new uses.

                 2) The snmpEngineID has a length of 12 octets.

                    The first four octets are set to the binary
                    equivalent of the agent's SNMP management
                    private enterprise number as assigned by the
                    Internet Assigned Numbers Authority (IANA).
                    For example, if Acme Networks has been assigned
                    { enterprises 696 }, the first four octets would
                    be assigned '000002b8'H.

                    The remaining eight octets are determined via
                    one or more enterprise-specific methods. Such
                    methods must be designed so as to maximize the
                    possibility that the value of this object will
                    be unique in the agent's administrative domain.
                    For example, it may be the IP address of the SNMP
                    entity, or the MAC address of one of the
                    interfaces, with each address suitably padded
                    with random octets.  If multiple methods are
                    defined, then it is recommended that the first
                    octet indicate the method being used and the
                    remaining octets be a function of the method.

                 3) The length of the octet string varies.

                    The first four octets are set to the binary
                    equivalent of the agent's SNMP management
                    private enterprise number as assigned by the
                    Internet Assigned Numbers Authority (IANA).
                    For example, if Acme Networks has been assigned
                    { enterprises 696 }, the first four octets would
                    be assigned '000002b8'H.

                    The very first bit is set to 1. For example, the
                    above value for Acme Networks now changes to be
                    '800002b8'H.

                    The fifth octet indicates how the rest (6th and
                    following octets) are formatted. The values for
                    the fifth octet are:

                      0     - reserved, unused.

                      1     - IPv4 address (4 octets)
                              lowest non-special IP address

                      2     - IPv6 address (16 octets)
                              lowest non-special IP address

                      3     - MAC address (6 octets)
                              lowest IEEE MAC address, canonical
                              order

                      4     - Text, administratively assigned
                              Maximum remaining length 27

                      5     - Octets, administratively assigned
                              Maximum remaining length 27

                      6-127 - reserved, unused

                    128-255 - as defined by the enterprise
                              Maximum remaining length 27
                "
    SYNTAX       OCTET STRING (SIZE(5..32))

SnmpSecurityModel ::= TEXTUAL-CONVENTION
    STATUS       current
    DESCRIPTION "An identifier that uniquely identifies a
                 Security Model of the Security Subsystem within
                 this SNMP Management Architecture.

                 The values for securityModel are allocated as
                 follows:

                 - The zero value does not identify any particular
                   security model.

                 - Values between 1 and 255, inclusive, are reserved
                   for standards-track Security Models and are
                   managed by the Internet Assigned Numbers Authority
                   (IANA).
                 - Values greater than 255 are allocated to
                   enterprise-specific Security Models.  An
                   enterprise-specific securityModel value is defined
                   to be:

                   enterpriseID * 256 + security model within
                   enterprise

                   For example, the fourth Security Model defined by
                   the enterprise whose enterpriseID is 1 would be
                   259.

                 This scheme for allocation of securityModel
                 values allows for a maximum of 255 standards-
                 based Security Models, and for a maximum of
                 256 Security Models per enterprise.

                 It is believed that the assignment of new
                 securityModel values will be rare in practice
                 because the larger the number of simultaneously
                 utilized Security Models, the larger the
                 chance that interoperability will suffer.
                 Consequently, it is believed that such a range
                 will be sufficient.  In the unlikely event that
                 the standards committee finds this number to be
                 insufficient over time, an enterprise number
                 can be allocated to obtain an additional 256
                 possible values.

                 Note that the most significant bit must be zero;
                 hence, there are 23 bits allocated for various
                 organizations to design and define non-standard

                 securityModels.  This limits the ability to
                 define new proprietary implementations of Security
                 Models to the first 8,388,608 enterprises.

                 It is worthwhile to note that, in its encoded
                 form, the securityModel value will normally
                 require only a single byte since, in practice,
                 the leftmost bits will be zero for most messages
                 and sign extension is suppressed by the encoding
                 rules.

                 As of this writing, there are several values
                 of securityModel defined for use with SNMP or
                 reserved for use with supporting MIB objects.
                 They are as follows:

                     0  reserved for 'any'
                     1  reserved for SNMPv1
                     2  reserved for SNMPv2c
                     3  User-Based Security Model (USM)
                "
    SYNTAX       INTEGER(0 .. 2147483647)

SnmpMessageProcessingModel ::= TEXTUAL-CONVENTION
    STATUS       current
    DESCRIPTION "An identifier that uniquely identifies a Message
                 Processing Model of the Message Processing
                 Subsystem within this SNMP Management Architecture.

                 The values for messageProcessingModel are
                 allocated as follows:

                 - Values between 0 and 255, inclusive, are
                   reserved for standards-track Message Processing
                   Models and are managed by the Internet Assigned
                   Numbers Authority (IANA).

                 - Values greater than 255 are allocated to
                   enterprise-specific Message Processing Models.
                   An enterprise messageProcessingModel value is
                   defined to be:

                   enterpriseID * 256 +
                        messageProcessingModel within enterprise

                   For example, the fourth Message Processing Model
                   defined by the enterprise whose enterpriseID

                   is 1 would be 259.

                 This scheme for allocating messageProcessingModel
                 values allows for a maximum of 255 standards-
                 based Message Processing Models, and for a
                 maximum of 256 Message Processing Models per
                 enterprise.

                 It is believed that the assignment of new
                 messageProcessingModel values will be rare
                 in practice because the larger the number of
                 simultaneously utilized Message Processing Models,
                 the larger the chance that interoperability
                 will suffer. It is believed that such a range
                 will be sufficient.  In the unlikely event that
                 the standards committee finds this number to be
                 insufficient over time, an enterprise number
                 can be allocated to obtain an additional 256
                 possible values.

                 Note that the most significant bit must be zero;
                 hence, there are 23 bits allocated for various
                 organizations to design and define non-standard
                 messageProcessingModels.  This limits the ability
                 to define new proprietary implementations of
                 Message Processing Models to the first 8,388,608
                 enterprises.

                 It is worthwhile to note that, in its encoded
                 form, the messageProcessingModel value will
                 normally require only a single byte since, in
                 practice, the leftmost bits will be zero for
                 most messages and sign extension is suppressed
                 by the encoding rules.

                 As of this writing, there are several values of
                 messageProcessingModel defined for use with SNMP.
                 They are as follows:

                     0  reserved for SNMPv1
                     1  reserved for SNMPv2c
                     2  reserved for SNMPv2u and SNMPv2*
                     3  reserved for SNMPv3
                "
    SYNTAX       INTEGER(0 .. 2147483647)

SnmpSecurityLevel ::= TEXTUAL-CONVENTION
    STATUS       current
    DESCRIPTION "A Level of Security at which SNMP messages can be
                 sent or with which operations are being processed;
                 in particular, one of:

                   noAuthNoPriv - without authentication and
                                  without privacy,
                   authNoPriv   - with authentication but
                                  without privacy,
                   authPriv     - with authentication and
                                  with privacy.

                 These three values are ordered such that
                 noAuthNoPriv is less than authNoPriv and
                 authNoPriv is less than authPriv.
                "
    SYNTAX       INTEGER { noAuthNoPriv(1),
                           authNoPriv(2),
                           authPriv(3)
                         }

SnmpAdminString ::= TEXTUAL-CONVENTION
    DISPLAY-HINT "255t"
    STATUS       current
    DESCRIPTION "An octet string containing administrative
                 information, preferably in human-readable form.

                 To facilitate internationalization, this
                 information is represented using the ISO/IEC
                 IS 10646-1 character set, encoded as an octet
                 string using the UTF-8 transformation format
                 described in [RFC2279].

                 Since additional code points are added by
                 amendments to the 10646 standard from time
                 to time, implementations must be prepared to
                 encounter any code point from 0x00000000 to
                 0x7fffffff.  Byte sequences that do not
                 correspond to the valid UTF-8 encoding of a
                 code point or are outside this range are
                 prohibited.

                 The use of control codes should be avoided.

                 When it is necessary to represent a newline,
                 the control code sequence CR LF should be used.

                 The use of leading or trailing white space should
                 be avoided.

                 For code points not directly supported by user
                 interface hardware or software, an alternative
                 means of entry and display, such as hexadecimal,
                 may be provided.

                 For information encoded in 7-bit US-ASCII,
                 the UTF-8 encoding is identical to the
                 US-ASCII encoding.

                 UTF-8 may require multiple bytes to represent a
                 single character / code point; thus the length
                 of this object in octets may be different from
                 the number of characters encoded.  Similarly,
                 size constraints refer to the number of encoded
                 octets, not the number of characters represented
                 by an encoding.

                 Note that when this TC is used for an object that
                 is used or envisioned to be used as an index, then
                 a SIZE restriction MUST be specified so that the
                 number of sub-identifiers for any object instance
                 does not exceed the limit of 128, as defined by
                 [RFC3416].

                 Note that the size of an SnmpAdminString object is
                 measured in octets, not characters.
                "
    SYNTAX       OCTET STRING (SIZE (0..255))

-- Administrative assignments ***************************************

snmpFrameworkAdmin
    OBJECT IDENTIFIER ::= { snmpFrameworkMIB 1 }
snmpFrameworkMIBObjects
    OBJECT IDENTIFIER ::= { snmpFrameworkMIB 2 }
snmpFrameworkMIBConformance
    OBJECT IDENTIFIER ::= { snmpFrameworkMIB 3 }

-- the snmpEngine Group ********************************************

snmpEngine OBJECT IDENTIFIER ::= { snmpFrameworkMIBObjects 1 }

snmpEngineID     OBJECT-TYPE
    SYNTAX       SnmpEngineID
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION "An SNMP engine's administratively-unique identifier.

                 This information SHOULD be stored in non-volatile
                 storage so that it remains constant across
                 re-initializations of the SNMP engine.
                "
    ::= { snmpEngine 1 }

snmpEngineBoots  OBJECT-TYPE
    SYNTAX       INTEGER (1..2147483647)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION "The number of times that the SNMP engine has
                 (re-)initialized itself since snmpEngineID
                 was last configured.
                "
    ::= { snmpEngine 2 }

snmpEngineTime   OBJECT-TYPE
    SYNTAX       INTEGER (0..2147483647)
    UNITS        "seconds"
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION "The number of seconds since the value of
                 the snmpEngineBoots object last changed.
                 When incrementing this object's value would
                 cause it to exceed its maximum,
                 snmpEngineBoots is incremented as if a
                 re-initialization had occurred, and this
                 object's value consequently reverts to zero.
                "
    ::= { snmpEngine 3 }

snmpEngineMaxMessageSize OBJECT-TYPE
    SYNTAX       INTEGER (484..2147483647)
    MAX-ACCESS   read-only
    STATUS       current
    DESCRIPTION "The maximum length in octets of an SNMP message
                 which this SNMP engine can send or receive and
                 process, determined as the minimum of the maximum
                 message size values supported among all of the
                 transports available to and supported by the engine.
                "
    ::= { snmpEngine 4 }

-- Registration Points for Authentication and Privacy Protocols **

snmpAuthProtocols OBJECT-IDENTITY
    STATUS        current
    DESCRIPTION  "Registration point for standards-track
                  authentication protocols used in SNMP Management
                  Frameworks.
                 "
    ::= { snmpFrameworkAdmin 1 }

snmpPrivProtocols OBJECT-IDENTITY
    STATUS        current
    DESCRIPTION  "Registration point for standards-track privacy
                  protocols used in SNMP Management Frameworks.
                 "
    ::= { snmpFrameworkAdmin 2 }

-- Conformance information ******************************************

snmpFrameworkMIBCompliances
               OBJECT IDENTIFIER ::= {snmpFrameworkMIBConformance 1}
snmpFrameworkMIBGroups
               OBJECT IDENTIFIER ::= {snmpFrameworkMIBConformance 2}

-- compliance statements

snmpFrameworkMIBCompliance MODULE-COMPLIANCE
    STATUS       current
    DESCRIPTION "The compliance statement for SNMP engines which
                 implement the SNMP Management Framework MIB.
                "
    MODULE    -- this module
        MANDATORY-GROUPS { snmpEngineGroup }
    ::= { snmpFrameworkMIBCompliances 1 }

-- units of conformance

snmpEngineGroup OBJECT-GROUP
    OBJECTS {
              snmpEngineID,
              snmpEngineBoots,
              snmpEngineTime,
              snmpEngineMaxMessageSize
            }
    STATUS       current
    DESCRIPTION "A collection of objects for identifying and
                 determining the configuration and current timeliness

                 values of an SNMP engine.
                "
    ::= { snmpFrameworkMIBGroups 1 }

END