Draft Structure of Management Information for SMP Jul 92 Structure of Management Information for the Simple Management Protocol (SMP) Framework Sat Jul 4 17:76:02 1992 Jeffrey D. Case SNMP Research, Inc. University of Tennessee, Knoxville case@cs.utk.edu Keith McCloghrie Hughes LAN Systems kzm@hls.com Marshall T. Rose Dover Beach Consulting, Inc. mrose@dbc.mtview.ca.us Steven L. Waldbusser Carnegie Mellon University waldbusser@andrew.cmu.edu 1. Status of this Memo This document is an Internet Draft. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its Areas, and its Working Groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months. Internet Drafts may be updated, replaced, or obsoleted by other documents at any time. It is not appropriate to use Internet Drafts as reference material or to cite them other than as a "working draft" or "work in Expires January 4, 1993 [Page 1] Draft Structure of Management Information for SMP Jul 92 progress". Please check the 1id-abstracts.txt listing contained in the internet-drafts Shadow Directories on nic.ddn.mil, nnsc.nsf.net, nic.nordu.net, ftp.nisc.sri.com, or munnari.oz.au to learn the current status of any Internet Draft. Please send comments to the SNMP discussion group, . Expires January 4, 1993 [Page 2] Draft Structure of Management Information for SMP Jul 92 2. Introduction A network management system contains: several (potentially many) nodes, each with a processing entity, termed an agent, which has access to management instrumentation; at least one management station; and, a management protocol, used to convey management information between the agents and management stations. Operations of the management protocol are carried out under an administrative framework which defines both authentication and authorization policies. Network management stations execute management applications which monitor and control network elements. Network elements are devices such as hosts, routers, terminal servers, etc., which are monitored and controlled through access to their management information. Management information is viewed as a collection of managed objects, residing in a virtual information store, termed the Management Information Base (MIB). Collections of related objects are defined in MIB modules. These modules are written using a subset of OSI's Abstract Syntax Notation One (ASN.1) [1]. It is the purpose of this document, the Structure of Management Information (SMI), to define that subset. The SMI is divided into four parts: object definitions, trap definitions, compliance definitions, and capabilities definitions. (1) Object definitions are used when describing managed objects. An ASN.1 macro, OBJECT-TYPE, is used to concisely convey the syntax and semantics of a managed object. Collections of related objects are grouped together to form a unit of conformance. An ASN.1 macro, OBJECT-GROUP, is used to concisely convey the syntax and semantics of such a group. (2) Trap definitions are used when describing extraordinary events. An ASN.1 macro, TRAP-DEFINITION, is used to concisely convey the syntax and semantics of a trap. (3) Compliance definitions are used when describing requirements for agents with respect to object definitions. An ASN.1 macro, MODULE-COMPLIANCE, is used to concisely convey such requirements. Expires January 4, 1993 [Page 3] Draft Structure of Management Information for SMP Jul 92 (4) Capability definitions are used when describing the capabilities of agents with respect to object definitions. An ASN.1 macro, AGENT-CAPABILITIES, is used to concisely convey such capabilities. Expires January 4, 1993 [Page 4] Draft Structure of Management Information for SMP Jul 92 3. Definitions SMP-SMI DEFINITIONS ::= BEGIN -- the path to the root internet OBJECT IDENTIFIER ::= { iso org(3) dod(6) 1 } directory OBJECT IDENTIFIER ::= { internet 1 } mgmt OBJECT IDENTIFIER ::= { internet 2 } experimental OBJECT IDENTIFIER ::= { internet 3 } private OBJECT IDENTIFIER ::= { internet 4 } enterprises OBJECT IDENTIFIER ::= { private 1 } smp OBJECT IDENTIFIER ::= { joint-iso-ccitt mhs(6) group(6) mtr(200) 4 } smpMappings OBJECT IDENTIFIER ::= { smp 1 } smpObjects OBJECT IDENTIFIER ::= { smp 2 } smpProtocols OBJECT IDENTIFIER ::= { smp 3 } smpMD5AuthProtocol OBJECT IDENTIFIER ::= { smpProtocols 1 } Expires January 4, 1993 [Page 5] Draft Structure of Management Information for SMP Jul 92 -- definition for objects OBJECT-TYPE MACRO ::= BEGIN TYPE NOTATION ::= "SYNTAX" type(ObjectSyntax) UnitsPart "MAX-ACCESS" Access "STATUS" Status "DESCRIPTION" value(description Text) ReferPart IndexPart NumPart DefValPart VALUE NOTATION ::= value(VALUE ObjectName) UnitsPart ::= "UNITS" value(units Text) | empty Access ::= "read-only" | "read-write" | "read-create" | "not-accessible" Status ::= "mandatory" | "obsolete" | "deprecated" ReferPart ::= "REFERENCE" value(reference Text) | empty IndexPart ::= "INDEX" "{" IndexTypes "}" | "AUGMENTS" "{" Entry "}" | empty IndexTypes ::= IndexType | IndexTypes "," IndexType Expires January 4, 1993 [Page 6] Draft Structure of Management Information for SMP Jul 92 IndexType ::= "IMPLIED" Index | Index Index ::= -- use the SYNTAX value of the -- correspondent OBJECT-TYPE invocation value(indexobject ObjectName) Entry ::= -- use the INDEX value of the -- correspondent OBJECT-TYPE invocation value(entryobject ObjectName) NumPart ::= "NUM-ENTRIES" "{" NumType "}" | empty NumType ::= value(numobject ObjectName) DefValPart ::= "DEFVAL" "{" value(defval ObjectSyntax) "}" | empty -- uses the NVT ASCII character set Text ::= OCTET STRING END Expires January 4, 1993 [Page 7] Draft Structure of Management Information for SMP Jul 92 -- names of objects ObjectName ::= OBJECT IDENTIFIER -- syntax of objects ObjectSyntax ::= CHOICE { simple SimpleSyntax, -- note that SEQUENCEs for conceptual tables and -- rows are not mentioned here... application-wide ApplicationSyntax } -- built-in ASN.1 types SimpleSyntax ::= CHOICE { -- INTEGERs with a more restrictive range -- may also be used integer-value INTEGER (-2147483648..2147483647), string-value OCTET STRING, objectID-value OBJECT IDENTIFIER, -- only the enumerated form is allowed bit-value BIT STRING } Expires January 4, 1993 [Page 8] Draft Structure of Management Information for SMP Jul 92 -- indistinguishable from INTEGER, but never needs more than -- 32-bits for a two's complement representation Integer32 ::= [UNIVERSAL 2] IMPLICIT INTEGER (-2147483648..2147483647) -- application-wide types ApplicationSyntax ::= CHOICE { ipAddress-value IpAddress, counter-value Counter32, gauge-value Gauge32, timeticks-value TimeTicks, arbitrary-value Opaque, nsapAddress-value NsapAddress, big-counter-value Counter64 } -- in network-byte order IpAddress ::= [APPLICATION 0] IMPLICIT OCTET STRING (SIZE (4)) -- this wraps Counter32 ::= [APPLICATION 1] IMPLICIT INTEGER (0..4294967295) Expires January 4, 1993 [Page 9] Draft Structure of Management Information for SMP Jul 92 -- this doesn't wrap Gauge32 ::= [APPLICATION 2] IMPLICIT INTEGER (0..4294967295) -- hundredths of seconds since an epoch TimeTicks ::= [APPLICATION 3] IMPLICIT INTEGER (0..4294967295) -- for backward-compatibility only Opaque ::= [APPLICATION 4] IMPLICIT OCTET STRING -- for OSI NSAP addresses NsapAddress ::= [APPLICATION 5] IMPLICIT OCTET STRING (SIZE (1..21)) -- for counters that wrap in less than one hour Counter64 ::= [APPLICATION 6] IMPLICIT INTEGER (0..18446744073709551615) Expires January 4, 1993 [Page 10] Draft Structure of Management Information for SMP Jul 92 -- definitions for object groups (a unit of conformance) OBJECT-GROUP MACRO ::= BEGIN TYPE NOTATION ::= ObjectPart "DESCRIPTION" value(description Text) VALUE NOTATION ::= value(VALUE OBJECT IDENTIFIER) ObjectPart ::= "OBJECTS" "{" Objects "}" Objects ::= Object | Objects "," Object Object ::= value(object ObjectName) -- uses the NVT ASCII character set Text ::= OCTET STRING END Expires January 4, 1993 [Page 11] Draft Structure of Management Information for SMP Jul 92 -- definitions for traps TRAP-DEFINITION MACRO ::= BEGIN TYPE NOTATION ::= ObjectsPart "DESCRIPTION" value(description Text) ReferPart VALUE NOTATION ::= value (VALUE OBJECT IDENTIFIER) ObjectPart ::= "OBJECTS" "{" Objects "}" | empty Objects ::= Object | Objects "," Object Object ::= value(object ObjectName) ReferPart ::= "REFERENCE" value (reference DisplayString) | empty -- uses the NVT ASCII character set Text ::= OCTET STRING END Expires January 4, 1993 [Page 12] Draft Structure of Management Information for SMP Jul 92 -- definitions for compliance MODULE-COMPLIANCE MACRO ::= BEGIN TYPE NOTATION ::= ModulePart VALUE NOTATION ::= value(VALUE OBJECT IDENTIFIER) ModulePart ::= Modules | empty Modules ::= Module | Modules Module Module ::= -- name of module -- "MODULE" ModuleName MandatoryPart CompliancePart ModuleName ::= identifier ModuleIdentifier -- must not be empty unless contained -- in MIB Module | empty ModuleIdentifier ::= value (moduleID OBJECT IDENTIFIER) | empty MandatoryPart ::= "MANDATORY-GROUPS" "{" Groups "}" | empty Groups ::= Group | Groups "," Group Group ::= value(group OBJECT IDENTIFIER) CompliancePart ::= Compliances | empty Expires January 4, 1993 [Page 13] Draft Structure of Management Information for SMP Jul 92 Compliances ::= Compliance | Compliances Compliance Compliance ::= Group | Object Group ::= "GROUP" value(object OBJECT IDENTIFIER) "DESCRIPTION" value(description Text) Object ::= "OBJECT" value(object ObjectName) SyntaxPart WriteSyntaxPart AccessPart "DESCRIPTION" value(description Text) -- must be a refinement for object's SYNTAX clause SyntaxPart ::= "SYNTAX" type(SYNTAX) | empty -- must be a refinement for object's SYNTAX clause WriteSyntaxPart ::= "WRITE-SYNTAX" type(WriteSYNTAX) | empty AccessPart ::= "MIN-ACCESS" Access | empty Access ::= "read-only" | "read-write" | "read-create" | "not-accessible" -- uses the NVT ASCII character set Text ::= OCTET STRING END Expires January 4, 1993 [Page 14] Draft Structure of Management Information for SMP Jul 92 -- definitions for agent capabilities AGENT-CAPABILITIES MACRO ::= BEGIN TYPE NOTATION ::= "LAST-UPDATED" value(update UTCTime) "PRODUCT-RELEASE" value(release Text) "DESCRIPTION" value(description Text) ModulePart VALUE NOTATION ::= -- agent's sysObjectID [2] or smpORID [3] value(VALUE OBJECT IDENTIFIER) ModulePart ::= Modules | empty Modules ::= Module | Modules Module Module ::= -- name of module -- "SUPPORTS" ModuleName "INCLUDES" "{" Groups "}" VariationPart ModuleName ::= identifier ModuleIdentifier ModuleIdentifier ::= value (moduleID OBJECT IDENTIFIER) | empty Groups ::= Group | Groups "," Group Group ::= value(group OBJECT IDENTIFIER) VariationPart ::= Variations | empty Variations ::= Variation | Variations Variation Expires January 4, 1993 [Page 15] Draft Structure of Management Information for SMP Jul 92 Variation ::= "VARIATION" value(object ObjectName) SyntaxPart WriteSyntaxPart AccessPart CreationPart DefValPart "DESCRIPTION" value(description Text) -- must be a refinement for object's SYNTAX clause SyntaxPart ::= "SYNTAX" type(SYNTAX) | empty -- must be a refinement for object's SYNTAX clause WriteSyntaxPart ::= "WRITE-SYNTAX" type(WriteSYNTAX) | empty AccessPart ::= "ACCESS" Access | empty Access ::= "read-only" | "read-write" | "read-create" | "not-implemented" -- for backward-compatibility only | "write-only" CreationPart ::= "CREATION-REQUIRES" "{" Cells "}" | empty Cells ::= Cell | Cells "," Cell Cell ::= value(cell ObjectName) DefValPart ::= "DEFVAL" "{" value (defval ObjectSyntax) "}" | empty Expires January 4, 1993 [Page 16] Draft Structure of Management Information for SMP Jul 92 -- uses the NVT ASCII character set Text ::= OCTET STRING END END Expires January 4, 1993 [Page 17] Draft Structure of Management Information for SMP Jul 92 4. Mapping of the OBJECT-TYPE macro The OBJECT-TYPE macro is used to define a managed object. It should be noted that the expansion of the OBJECT-TYPE macro is something which conceptually happens during implementation and not during run-time. The OBJECT-TYPE macro is invoked as: descriptor OBJECT-TYPE clauses ::= value For all descriptor names appearing with a MIB module, the descriptor shall be a unique, but mnemonic, printable string. This promotes a common language for humans to use when discussing the MIB module and also facilitates simple table mappings for user-interfaces. (Consult Section 10 for information on importing objects from other MIB modules.) A requirement on "standard" MIB modules is that the hyphen character is not allowed as a part of the descriptor name. 4.1. Mapping of the SYNTAX clause The SYNTAX clause, which must be present, defines the abstract data structure corresponding to that object. The data structure must be one of the alternatives defined in the ObjectSyntax CHOICE. Any restriction on size, range, enumerations or repertoire specified in this clause represents the maximal level of support which makes "protocol sense". A requirement on "standard" MIB modules is that if the SYNTAX clause is either Counter32 or Counter64, then the last character of the descriptor must be `s'. The semantics of ObjectSyntax are now described. 4.1.1. Integer32 and INTEGER The Integer32 type represents integer-valued information between -2^31 and 2^31-1 inclusive (-2147483648 to 2147483647 decimal). This type is indistinguishable from the INTEGER type. Expires January 4, 1993 [Page 18] Draft Structure of Management Information for SMP Jul 92 The INTEGER type may also be used to represent integer-valued information, if it contains named-number enumerations, or if it is subtyped to be more constrained than the Integer32 type. In the former case, only those named-numbers so enumerated may be present as a value. Further, the enumerated values must all be positive. A requirement on "standard" MIB modules is that the hyphen character is not allowed as a part of the label name for any named-number enumeration. 4.1.2. OCTET STRING The OCTET STRING type represents arbitrary binary or textual data. Although there is no SMI-specified size limitation for this type, MIB designers should realize that there may be implementation and interoperability limitations for sizes in excess of 255 octets. 4.1.3. OBJECT IDENTIFIER The OBJECT IDENTIFIER type represents administratively assigned names. Any instance of this type may have at most 128 sub-identifiers. Further, each sub-identifier must not exceed the value 2^32-1 (4294967295 decimal). 4.1.4. BIT STRING The BIT STRING type represents an enumeration of named bits. This collection is assigned non-negative, contiguous values, starting at zero. Only those named-bits so enumerated may be present in a value. A requirement on "standard" MIB modules is that the hyphen character is not allowed as a part of the label name for any named-bit enumeration. 4.1.5. IpAddress The IpAddress type represents a 32-bit internet address. It is represented as an OCTET STRING of length 4, in network Expires January 4, 1993 [Page 19] Draft Structure of Management Information for SMP Jul 92 byte-order. 4.1.6. Counter32 The Counter32 type represents a non-negative integer which monotonically increases until it reaches a maximum value of 2^32-1 (4294967295 decimal), when it wraps around and starts increasing again from zero. Counters have no defined "initial" value, and thus, a single value of a Counter has (in general) no information content. Discontinuities in the monotonically increasing value normally occur at re-initialization of the management system, and at other times as specified in the description of an object-type using this ASN.1 type. If such other times can occur, for example, the creation of an object instance at times other than re-initialization, then a corresponding object should be defined with a SYNTAX clause value of TimeStamp (a textual convention defined in [5]) indicating the time of the last discontinuity. The value of the MAX-ACCESS clause for objects with a SYNTAX clause value of Counter32 is always "read-only". 4.1.7. Gauge32 The Gauge32 type represents a non-negative integer, which may increase or decrease, but shall never exceed a maximum value. The maximum value can not be greater than 2^32-1 (4294967295 decimal). The value of a Gauge has its maximum value whenever the information being modeled is greater or equal to that maximum value; if the information being modeled subsequently decreases below the maximum value, the Gauge also decreases. 4.1.8. TimeTicks The TimeTicks type represents a non-negative integer which represents the time, modulo 2^32 (4294967296 decimal), in hundredths of a second between two epochs. When objects are defined which use this ASN.1 type, the description of the object identifies both of the reference epochs. Expires January 4, 1993 [Page 20] Draft Structure of Management Information for SMP Jul 92 4.1.9. Opaque The Opaque type is provided solely for backward-compatibility, and shall not be used for newly-defined object types. The Opaque type supports the capability to pass arbitrary ASN.1 syntax. A value is encoded using the ASN.1 Basic Encoding Rules [4] into a string of octets. This, in turn, is encoded as an OCTET STRING, in effect "double-wrapping" the original ASN.1 value. Note that a conforming implementation need only be able to accept and recognize opaquely-encoded data. It need not be able to unwrap the data and then interpret its contents. Further note that by use of the ASN.1 EXTERNAL type, non-ASN.1 types may be used in opaquely-encoded data. A requirement on "standard" MIB modules is that no object may have a SYNTAX clause value of Opaque. 4.1.10. Counter64 The Counter64 type represents a non-negative integer which monotonically increases until it reaches a maximum value of 2^64-1 (18446744073709551615 decimal), when it wraps around and starts increasing again from zero. Counters have no defined "initial" value, and thus, a single value of a Counter has (in general) no information content. Discontinuities in the monotonically increasing value normally occur at re-initialization of the management system, and at other times as specified in the description of an object-type using this ASN.1 type. If such other times can occur, for example, the creation of an object instance at times other than re-initialization, then a corresponding object should be defined with a SYNTAX clause value of TimeStamp (a textual convention defined in [5]) indicating the time of the last discontinuity. The value of the MAX-ACCESS clause for objects with a SYNTAX clause value of Counter64 is always "read-only". Expires January 4, 1993 [Page 21] Draft Structure of Management Information for SMP Jul 92 A requirement on "standard" MIB modules is that this type may be used only if the information being modeled wraps in less than one hour. 4.1.11. NsapAddress The NsapAddress type represents an OSI address as a variable- length OCTET STRING. The first octet of the string contains a binary value in the range of 0..20, and indicates the length in octets of the NSAP. Following the first octet, is the NSAP, expressed in concrete binary notation, starting with the most significant octet. A zero-length NSAP is used as a "special" address meaning "the default NSAP" (analogous to the IP address of 0.0.0.0). Such an NSAP is encoded as a single octet, containing the value 0. All other NSAPs are encoded in at least 4 octets. 4.2. Mapping of the UNITS clause This UNITS clause, which need not be present, contains a textual definition of the units associated with that object. Note that, in order to conform to the ASN.1 syntax, the entire value of this clause must be enclosed in double quotation marks, and therefore cannot itself contain double quotation marks, although the value may be multi-line. 4.3. Mapping of the MAX-ACCESS clause The MAX-ACCESS clause, which must be present, defines whether it makes "protocol sense" to read, write and/or create an instance of the object. This is the maximal level of access for the object. (This maximal level of access is independent of any administrative authorization policy.) The value "read-write" indicates that read and write access make "protocol sense", but create does not. The value "read- create" indicates that read, write and create access make "protocol sense". These values are ordered, from least to greatest: "not- accessible", "read-only", "read-write", "read-create". Expires January 4, 1993 [Page 22] Draft Structure of Management Information for SMP Jul 92 If any columnar object in a conceptual row has "read-create" as its maximal level of access, then no other columnar object of the same conceptual row may have a maximal access of "read-write". 4.4. Mapping of the STATUS clause The STATUS clause, which must be present, defines the implementation support required for that object. The values "mandatory", and "obsolete" are self-explanatory. The "deprecated" value indicates that that object is obsolete, but that an implementor may wish to support that object to foster interoperability with older implementations. 4.5. Mapping of the DESCRIPTION clause The DESCRIPTION clause, which must be present, contains a textual definition of that object which provides all semantic definitions necessary for implementation, and should embody any information which would otherwise be communicated in any ASN.1 commentary annotations associated with the object. Note that, in order to conform to the ASN.1 syntax, the entire value of this clause must be enclosed in double quotation marks, and therefore cannot itself contain double quotation marks, although the value may be multi-line. 4.6. Mapping of the REFERENCE clause The REFERENCE clause, which need not be present, contains a textual cross-reference to an object defined in some other MIB module. This is useful when de-osifying a MIB produced by some other organization. Note that, in order to conform to the ASN.1 syntax, the entire value of this clause must be enclosed in double quotation marks, and therefore cannot itself contain double quotation marks, although the value may be multi-line. Expires January 4, 1993 [Page 23] Draft Structure of Management Information for SMP Jul 92 4.7. Mapping of the INDEX clause The INDEX clause, which must be present if that object corresponds to a conceptual row (unless an AUGMENTS clause is present instead), and must be absent otherwise, defines instance identification information for the columnar objects subordinate to that object. Management operations apply exclusively to scalar objects. However, it is convenient for developers of management applications to impose imaginary, tabular structures on the ordered collection of objects that constitute the MIB. Each such conceptual table contains zero or more rows, and each row may contain one or more scalar objects, termed columnar objects. This conceptualization is formalized by using the OBJECT-TYPE macro to define both an object which corresponds to a table and an object which corresponds to a row in that table. A conceptual table has SYNTAX of the form: SEQUENCE OF where refers to its subordinate conceptual row. A conceptual row has SYNTAX of the form: SEQUENCE { , ... , } where there is one for each subordinate object, and each is of the form: where is the descriptor name of a subordinate object, and has the value of that subordinate object's SYNTAX clause, optionally omitting the sub-typing information. Further, these ASN.1 types are always present (the DEFAULT and OPTIONAL clauses are disallowed in the SEQUENCE definition). The MAX-ACCESS clause for conceptual tables and rows is "not-accessible". For leaf objects which are not columnar objects, instances of the object are identified by appending a sub-identifier of zero to the name of that object. Otherwise, the INDEX clause of the conceptual row object superior to a columnar object defines instance identification information. Expires January 4, 1993 [Page 24] Draft Structure of Management Information for SMP Jul 92 The instance identification information in an INDEX clause must specify object(s) such that value(s) of those object(s) will unambiguously distinguish a conceptual row. The syntax of those objects indicate how to form the instance-identifier: (1) integer-valued: a single sub-identifier taking the integer value (this works only for non-negative integers); (2) string-valued, fixed-length strings (or variable-length preceded by the IMPLIED keyword): `n' sub-identifiers, where `n' is the length of the string (each octet of the string is encoded in a separate sub-identifier); (3) string-valued, variable-length strings (not preceded by the IMPLIED keyword): `n+1' sub-identifiers, where `n' is the length of the string (the first sub-identifier is `n' itself, following this, each octet of the string is encoded in a separate sub-identifier); (4) object identifier-valued: `n+1' sub-identifiers, where `n' is the number of sub-identifiers in the value (the first sub-identifier is `n' itself, following this, each sub-identifier in the value is copied); (5) IpAddress-valued: 4 sub-identifiers, in the familiar a.b.c.d notation. (6) NsapAddress-valued: `n' sub-identifiers, where `n' is the length of the value (each octet of the value is encoded in a separate sub-identifier); Note that the IMPLIED keyword can only be present for string- valued objects, excluding IpAddress- and NsapAddress-valued objects. Instances identified by use of integer-valued objects should be numbered starting from one (i.e., not from zero). The use of zero as a value for an integer-valued index object should be avoided, except in special cases. Objects which are both specified in the INDEX clause of a conceptual row and also columnar objects of the same conceptual row are termed auxiliary objects. The MAX-ACCESS clause for newly-defined auxiliary objects is "not- Expires January 4, 1993 [Page 25] Draft Structure of Management Information for SMP Jul 92 accessible". However, a conceptual row must contain at least one columnar object which is not an auxiliary object (i.e., the value of the MAX-ACCESS clause for such an object is something other than "not-accessible"). Note that objects specified in a conceptual row's INDEX clause need not be columnar objects of that conceptual row. In this situation, the DESCRIPTION clause of the conceptual row must include a textual explanation of how the objects which are included in the INDEX clause but not columnar objects of that conceptual row, are used in uniquely identifying instances of the conceptual row's columnar objects. 4.7.1. Creation and Deletion of Conceptual Rows For newly-defined conceptual rows which allow the creation of new object instances and the deletion of existing object instances, there must be one columnar object with a SYNTAX clause value of RowStatus (a textual convention defined in [5]) and a MAX-ACCESS clause value of read-create. By convention, this is termed the status column for the conceptual row. 4.8. Mapping of the AUGMENTS clause The AUGMENTS clause, which must not be present unless the object corresponds to a conceptual row, is an alternative to the INDEX clause. Every object corresponding to a conceptual row has either an INDEX clause or an AUGMENTS clause. If an object corresponding to a conceptual row has an INDEX clause, that row is termed a base conceptual row; alternatively, if the object has an AUGMENTS clause, the row is said to be a conceptual row augmentation, where the AUGMENTS clause names the object corresponding to the base conceptual row which is augmented by this conceptual row extension. Instances of subordinate columnar objects of a conceptual row extension are identified according to the INDEX clause of the base conceptual row corresponding to the object named in the AUGMENTS clause. Further, instances of subordinate columnar objects of a conceptual row extension exist according to the same semantics as instances of subordinate columnar objects of the base conceptual row being Expires January 4, 1993 [Page 26] Draft Structure of Management Information for SMP Jul 92 augmented. Note that a base conceptual row may be augmented by multiple conceptual row extensions. 4.9. Mapping of the NUM-ENTRIES clause The NUM-ENTRIES clause, which may be present if that object corresponds to a conceptual row, and must be absent otherwise, names a non-columnar object with an integer-valued syntax. The value of an instance of the named object is the (exact or approximate) number of conceptual rows. The value of the ACCESS clause for the named object is always `read-only'. 4.10. Mapping of the DEFVAL clause The DEFVAL clause, which need not be present, defines an acceptable default value which may be used when an object instance is created at the discretion of the SMP entity acting in an agent role. During conceptual row creation, if an instance of a columnar object is not present as one of the operands in the correspondent management protocol set operation, then the value of the DEFVAL clause, if present, indicates an acceptable default value that a SMP entity acting in an agent role might use. The value of the DEFVAL clause must, of course, correspond to the SYNTAX clause for the object. Note that if an operand to the management protocol set operation is an instance of a read-only object, then the error `notWritable' [6] will be returned. As such, the DEFVAL clause can be used to provide an acceptable default value that a SMP entity acting in an agent role might use. By way of example, consider the following possible DEFVAL clauses: ObjectSyntax DEFVAL clause ----------------- ------------ Expires January 4, 1993 [Page 27] Draft Structure of Management Information for SMP Jul 92 Integer32 1 -- same for Gauge32, TimeTicks INTEGER valid -- enumerated value OCTET STRING 'ffffffffffff'h OBJECT IDENTIFIER sysDescr OBJECT IDENTIFIER { system 2 } BIT STRING { primary, secondary } -- enumerated values IpAddress 'c0210415'h -- 192.33.4.21 Object types with SYNTAX of Counter32 and Counter64 may not have DEFVAL clauses, since they do not have defined initial values. However, it is recommended that they be initialized to zero. 4.11. Mapping of the OBJECT-TYPE value The value of an invocation of the OBJECT-TYPE macro is the name of the object, which is an OBJECT IDENTIFIER, an administratively assigned name. When an OBJECT IDENTIFIER is assigned to an object: (1) If the object corresponds to a conceptual table, then only a single assignment, that for a conceptual row, is present immediately beneath that object. The administratively assigned name for the conceptual row object is derived by appending a sub-identifier of "1" to the administratively assigned name for the conceptual table. (2) If the object corresponds to a conceptual row, then at least one assignment, one for each column in the conceptual row, is present beneath that object. The administratively assigned name for each column is derived by appending a unique, positive sub-identifier to the administratively assigned name for the conceptual row. (3) Otherwise, no other OBJECT IDENTIFIERs which are subordinate to the object may be assigned. Note that the final sub-identifier of any administratively assigned name for an object shall be positive. A zero-valued final sub-identifier is reserved for future use. Expires January 4, 1993 [Page 28] Draft Structure of Management Information for SMP Jul 92 Further note that although conceptual tables and rows are given administratively assigned names, these conceptual objects may not be manipulated in aggregate form by the management protocol. 4.11.1. Naming Hierarchy The root of the subtree administered by the Internet Assigned Numbers Authority (IANA) for the Internet is: internet OBJECT IDENTIFIER ::= { iso org(3) dod(6) 1 } That is, the Internet subtree of OBJECT IDENTIFIERs starts with the prefix: 1.3.6.1. Several branches underneath this subtree are used for network management: mgmt OBJECT IDENTIFIER ::= { internet 2 } experimental OBJECT IDENTIFIER ::= { internet 3 } private OBJECT IDENTIFIER ::= { internet 4 } enterprises OBJECT IDENTIFIER ::= { private 1 } However, the SMI does not prohibit the definition of objects in other portions of the object tree. The mgmt(2) subtree is used to identify "standard" objects. The experimental(3) subtree is used to identify objects used in Internet experiments. As a part of the assignment process, the IANA may make requirements as to how that subtree is used. The private(4) subtree is used to identify objects defined unilaterally. The enterprises(1) subtree beneath private is used, among other things, to permit providers of networking subsystems to register models of their products. The snmpParties(5) and snmpSecrets(6) subtrees are used to identify objects associated with the administrative framework of the management protocol. Expires January 4, 1993 [Page 29] Draft Structure of Management Information for SMP Jul 92 4.12. Usage Example Consider how one might define a conceptual table and its subordinates. evalSlot OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS mandatory DESCRIPTION "The index number of the first unassigned entry in the evaluation table. A management station should create new entries in the evaluation table using this algorithm: first, issue a management protocol retrieval operation to determine the value of evalSlot; and, second, issue a management protocol set operation to create an instance of the evalStatus object setting its value to underCreation(1). If this latter operation succeeds, then the management station may continue modifying the instances corresponding to the newly created conceptual row, without fear of collision with other management stations." ::= { eval 1 } evalTable OBJECT-TYPE SYNTAX SEQUENCE OF EvalEntry MAX-ACCESS not-accessible STATUS mandatory DESCRIPTION "The (conceptual) evaluation table." ::= { eval 2 } evalEntry OBJECT-TYPE SYNTAX EvalEntry MAX-ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry (conceptual row) in the evaluation table." INDEX { evalIndex } ::= { evalTable 1 } Expires January 4, 1993 [Page 30] Draft Structure of Management Information for SMP Jul 92 EvalEntry ::= SEQUENCE { evalIndex Integer32, evalString OCTET STRING, evalValue Integer32, evalStatus RowStatus } evalIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS not-accessible STATUS mandatory DESCRIPTION "The auxiliary variable used for identifying instances of the columnar objects in the evaluation table." ::= { evalEntry 1 } evalString OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS read-create STATUS mandatory DESCRIPTION "The string to evaluate." ::= { evalEntry 2 } evalValue OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS mandatory DESCRIPTION "The value when evalString was last executed." DEFVAL { 0 } ::= { evalEntry 3 } evalStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS mandatory DESCRIPTION "The status column used for creating, modifying, and deleting instances of the columnar objects in the evaluation table." DEFVAL { active } ::= { evalEntry 4 } Expires January 4, 1993 [Page 31] Draft Structure of Management Information for SMP Jul 92 5. Mapping of the OBJECT-GROUP macro When a MIB module is written, each collection of related managed objects defined within the module is combined into a unit of conformance termed a MIB group. The OBJECT-GROUP macro is used to define each such collection of related objects. It should be noted that the expansion of the OBJECT-GROUP macro is something which conceptually happens during implementation and not during run-time. To "implement" an object, a SMP entity acting in an agent role must return an reasonably accurate value for management protocol retrieval operations; similarly, if the object is writable, then in response to a management protocol set operation, a SMP entity must accordingly be able to reasonably influence the underlying managed entity. If a SMP entity acting in an agent role can not implement an object, the management protocol provides for the SMP entity to return an exception or error, e.g, noSuchObject [6]. Under no circumstances shall a SMP entity return a value for objects which it does not implement -- it must always return the appropriate exception or error, as described in the protocol specification [6]. 5.1. Mapping of the OBJECTS clause The OBJECTS clause which must be present, is used to name each object contained in the group. Each of the named objects must be defined in the same MIB module as the OBJECT-GROUP macro appears, and must have a MAX-ACCESS clause value of "read- only", "read-write", or "read-create". 5.2. Mapping of the DESCRIPTION clause The DESCRIPTION clause, which must be present, contains a textual definition of that group, along with a description of any relations to other groups. Note that generic compliance requirements should not be stated in this clause. However, implementation relationships between this group and other groups may be defined in this clause. Note that, in order to conform to the ASN.1 syntax, the entire value of this clause must be enclosed in double quotation Expires January 4, 1993 [Page 32] Draft Structure of Management Information for SMP Jul 92 marks, and therefore cannot itself contain double quotation marks, although the value may be multi-line. 5.3. Mapping of the OBJECT-GROUP value The value of an invocation of the OBJECT-GROUP macro is the name of the group, which is an OBJECT IDENTIFIER, an administratively assigned name. Expires January 4, 1993 [Page 33] Draft Structure of Management Information for SMP Jul 92 5.4. Usage Example Consider how the system group from MIB-II [2] might be described: system OBJECT-GROUP OBJECTS { sysDescr, sysObjectID, sysUpTime, sysContact, sysName, sysLocation, sysServices } DESCRIPTION "The system group defines objects which are common to all managed systems." ::= { mib-2 1 } Expires January 4, 1993 [Page 34] Draft Structure of Management Information for SMP Jul 92 6. Mapping of the TRAP-DEFINITION macro The TRAP-DEFINITIONS macro is used to define the information sent by a SMP entity acting in an agent role when it encounters an extraordinary situation. It should be noted that the expansion of the TRAP-DEFINITION macro is something which conceptually happens during implementation and not during run-time. It must be emphasized that the use of traps is STRONGLY discouraged in the SMP Framework. 6.1. Mapping of the OBJECTS clause The OBJECTS clause, which need not be present, defines the ordered sequence of MIB objects which are contained within every instance of the trap type. 6.2. Mapping of the DESCRIPTION clause The DESCRIPTION clause, which must be present, contains a textual definition of that trap which provides all semantic definitions necessary for implementation, and should embody any information which would otherwise be communicated in any ASN.1 commentary annotations associated with the object. In particular, the DESCRIPTION clause should document which instances of the objects mentioned in the OBJECTS clause should be contained within traps of this type. Note that, in order to conform to the ASN.1 syntax, the entire value of this clause must be enclosed in double quotation marks, and therefore cannot itself contain double quotation marks, although the value may be multi-line. 6.3. Mapping of the REFERENCE clause The REFERENCE clause, which need not be present, contains a textual cross-reference to an event or trap defined in some other MIB module. This is useful when de-osifying a MIB produced by some other organization. Expires January 4, 1993 [Page 35] Draft Structure of Management Information for SMP Jul 92 Note that, in order to conform to the ASN.1 syntax, the entire value of this clause must be enclosed in double quotation marks, and therefore cannot itself contain double quotation marks, although the value may be multi-line. 6.4. Mapping of the TRAP-DEFINITION value The value of an invocation of the TRAP-DEFINITION macro is the name of the trap, which is an OBJECT IDENTIFIER, an administratively assigned name. When a SMP protocol entity acting in an agent role determines that a trap of this type is to be sent, it consults the aclTable [9] and finds all entries satisfying the following conditions: (1) The value of aclSubject refers to the SMP protocol entity. (2) The value of aclPrivileges allows for the SMP-Trap-PDU. (3) The trap's administratively assigned name is present in aclSubject's view. (That is, the set of entries in the viewTable [9] for which the instance of viewParty has the same value as aclSubject, define a MIB view which contains the trap's administratively assigned name.) (4) The instances associated with this trap, as defined in the OBJECTS clause (if present), are all present in aclSubject's view. Then, for each entry satisfying these conditions, a SMP-Trap- PDU is sent from aclSubject to aclTarget. The instance of smpTrapNumbers [3] corresponding to aclTarget is incremented, and is used as the request-id field of the SMP-Trap-PDU. Then, the variable-bindings field are constructed as: (1) The first variable is sysUpTime.0 [2]. (2) The second variable is smpTrapOID.0 [3], which contains the administratively assigned name of the trap. (3) If the OBJECTS clause is present, then each corresponding variable, as instantiated by this trap, is copied, in Expires January 4, 1993 [Page 36] Draft Structure of Management Information for SMP Jul 92 order, to the variable-bindings field. (4) At the option of the SMP entity acting in an agent role, additional variables may follow in the variable-bindings field. Expires January 4, 1993 [Page 37] Draft Structure of Management Information for SMP Jul 92 6.5. Usage Example Consider how a linkUp trap might be described: linkUp TRAP-DEFINITION OBJECTS { ifIndex } DESCRIPTION "A linkUp trap signifies that the SMP entity, acting in an agent role, recognizes that one of the communication links represented in its configuration has come up." ::= { smpTraps 4 } According to this invocation, the trap authoritatively identified as { smpTrap 4 } is used to report the extraordinary event of a link coming up. The instance of ifIndex corresponding to this link will be present as the third variable in the variable-bindings field. Note that a SMP entity acting in an agent role can be configured to send this trap to zero or more SMP entities acting in a manager role, depending on the contents of the aclTable and viewTable [9] tables. For example, by judicious use of the viewTable, a SMP entity acting in an agent role might be configured to send all linkUp traps to one particular SMP entity, and linkUp traps for only certain interfaces to other SMP entities. Expires January 4, 1993 [Page 38] Draft Structure of Management Information for SMP Jul 92 7. Mapping of the MODULE-COMPLIANCE macro The MODULE-COMPLIANCE macro is used to convey a minimum set of requirements with respect to implementation of one or more MIB modules. It should be noted that the expansion of the MODULE-COMPLIANCE macro is something which conceptually happens during implementation and not during run-time. A requirement on all (newly-defined) standard MIBs is that they include a MODULE-COMPLIANCE specification. 7.1. Mapping of the MODULE clause The MODULE clause, which must be present, is repeatedly used to name each MIB module for which compliance requirements are being specified. Each MIB module is named by its module name, and optionally, by its associated OBJECT IDENTIFIER as well. The module name can be omitted when the MODULE-COMPLIANCE invocation occurs inside a MIB module, to refer to the encompassing MIB module. 7.1.1. Mapping of the MANDATORY-GROUPS clause The MANDATORY-GROUPS clause, which need not be present, names the one or more groups within the correspondent MIB module which are unconditionally mandatory for implementation. If a SMP entity acting in an agent role claims compliance to the MIB module, then it must implement each and every object within each group listed. That is, if a SMP entity returns a noSuchObject exception in response to a management protocol get operation [6] for any object within any mandatory group for every MIB view, then that SMP entity is not a conformant implementation of the MIB module. 7.1.2. Mapping of the GROUP clause The GROUP clause which need not be present, is repeatedly used to name each MIB group which is conditionally mandatory or unconditionally optional for compliance to the MIB module. A MIB group named in a GROUP clause must be absent from the correspondent MANDATORY-GROUPS clause. Expires January 4, 1993 [Page 39] Draft Structure of Management Information for SMP Jul 92 Conditionally mandatory groups include those which are mandatory only if a particular protocol is implemented, or only if another group is implemented. A GROUP clause's DESCRIPTION specifies the conditions under which the group is conditionally mandatory. A MIB group which is named in neither a MANDATORY-GROUPS clause nor a GROUP clause, is unconditionally optional for compliance to the MIB module. 7.1.3. Mapping of the OBJECT clause The OBJECT clause which need not be present, is repeatedly used to name each MIB object for which compliance has a refined requirement with respect to the MIB module definition. The MIB object must be present in one of the groups named in the correspondent MANDATORY-GROUPS clause or GROUP clauses. 7.1.3.1. Mapping of the SYNTAX clause The SYNTAX clause, which need not be present, is used to provide a refined SYNTAX for the object named in the correspondent OBJECT clause. Note that if this clause and a WRITE-SYNTAX clause are both present, then this clause only applies when instances of the object named in the correspondent OBJECT clause are read. Consult Section 9 for more information on refined syntax. 7.1.3.2. Mapping of the WRITE-SYNTAX clause The WRITE-SYNTAX clause, which need not be present, is used to provide a refined SYNTAX for the object named in the correspondent OBJECT clause when instances of that object are written. Consult Section 9 for more information on refined syntax. Expires January 4, 1993 [Page 40] Draft Structure of Management Information for SMP Jul 92 7.1.3.3. Mapping of the MIN-ACCESS clause The MIN-ACCESS clause, which need not be present, is used to define the minimal level of access for the object named in the correspondent OBJECT clause. If this clause is absent, the minimal level of access is the same as the maximal level specified in the correspondent invocation of the OBJECT-TYPE macro. If present, this clause must not specify a greater level of access than is specified in the correspondent invocation of the OBJECT-TYPE macro. The level of access for certain types of objects is fixed according to their syntax definition. These types are: conceptual tables and rows, auxiliary objects, and objects with the syntax of Counter32, Counter64, or certain types of Textual Conventions (e.g., RowStatus, see [5]). A MIN-ACCESS clause should not be present for such objects. An implementation is compliant if the level of access it provides is greater or equal to the minimal level in the MODULE-COMPLIANCE macro and less or equal to the maximal level in the OBJECT-TYPE macro. 7.1.3.4. Mapping of the DESCRIPTION clause The DESCRIPTION clause must be present for each use of the GROUP or OBJECT clause. For an OBJECT clause, it contains a textual description of the refined compliance requirement. For a GROUP clause, it contains a textual description of the conditions under which the group is conditionally mandatory or unconditionally optional. Note that, in order to conform to the ASN.1 syntax, the entire value of this clause must be enclosed in double quotation marks, and therefore cannot itself contain double quotation marks, although the value may be multi-line. 7.2. Mapping of the MODULE-COMPLIANCE value The value of an invocation of the MODULE-COMPLIANCE macro is an OBJECT IDENTIFIER. As such, this value may be authoritatively used when referring to the compliance requirements embodied by that invocation of the macro. Expires January 4, 1993 [Page 41] Draft Structure of Management Information for SMP Jul 92 7.3. Usage Example Consider how a compliance statement might be included at the end of the MIB-II document [2]: rfc1213-compliance MODULE-COMPLIANCE MODULE -- compliance to the containing MIB Module MANDATORY-GROUPS { system, snmp } GROUP interfaces DESCRIPTION "The interfaces group is mandatory for systems with network interfaces." GROUP ip DESCRIPTION "The ip group is mandatory for systems which implement IP." GROUP icmp DESCRIPTION "The icmp group is mandatory for systems which implement ICMP." GROUP tcp DESCRIPTION "The tcp group is mandatory for systems which implement TCP." OBJECT tcpConnState MIN-ACCESS read-only DESCRIPTION "A compliant system need not allow write-access to this object." GROUP udp DESCRIPTION "The udp group is mandatory for systems which implement UDP." GROUP egp DESCRIPTION "The egp group is mandatory for systems which implement EGP." ::= { mib-2-compliance 1 } Expires January 4, 1993 [Page 42] Draft Structure of Management Information for SMP Jul 92 According to this invocation, to claim compliance with the specification named { mib-2-compliance 1 } a system must implement RFC1213's system and snmp groups. If the system implements any network interfaces, then RFC1213's interfaces group must be implemented. Further, if the system implements any of the IP, ICMP, TCP, UDP, or EGP protocols, then the correspondent group in RFC1213 must be implemented, if compliance is to be claimed. Finally, although RFC1213 specifies that it makes "protocol sense" for the tcpConnState object to be writable, this specification allows the system to permit only read-only access and still claim compliance. Expires January 4, 1993 [Page 43] Draft Structure of Management Information for SMP Jul 92 8. Mapping of the AGENT-CAPABILITIES macro The AGENT-CAPABILITIES macro is used to convey the capabilities present in a SMP protocol entity acting in an agent role. It should be noted that the expansion of the AGENT-CAPABILITIES macro is something which conceptually happens during implementation and not during run-time. When a MIB module is written, it is divided into units of conformance termed groups. If a SMP entity acting in an agent role claims to implement a group, then it must implement each and every object within that group. Of course, for whatever reason, a SMP entity might implement only a subset of the groups within a MIB module. In addition, the definition of some MIB objects leave some aspects of the definition to the discretion of an implementor. Practical experience has demonstrated a need for concisely describing the capabilities of an agent with regards to the MIB groups that it implements. The AGENT-CAPABILITIES macro allows an agent implementor to describe the precise level of support which an agent claims in regards to a MIB group, and to bind that description to the value of sysObjectID [2] associated with the agent, or to the value of an instance of the smpORID object in the smpORTable [3]. In particular, some objects may have restricted or augmented syntax or access- levels. If the AGENT-CAPABILITIES invocation is given to a management-station implementor, then that implementor can build management applications which optimize themselves when communicating with a particular agent. For example, the management-station can maintain a database of these invocations. When a management-station interacts with an agent, it retrieves the agent's sysObjectID [2]. Based on this, it consults the database. If an entry is found, then the management application can optimize its behavior accordingly. Note that this binding to sysObjectID may not always suffice to define all MIB objects to which an agent can provide access. In particular, this situation occurs where the agent dynamically learns of the objects it supports. In these cases, the smpORID column of smpORTable [3] contains information which should be used in addition to sysObjectID. Expires January 4, 1993 [Page 44] Draft Structure of Management Information for SMP Jul 92 Note that the AGENT-CAPABILITIES macro specifies refinements or variations with respect to OBJECT-TYPE macros in MIB modules, NOT with respect to MODULE-COMPLIANCE macros. 8.1. Mapping of the LAST-UPDATED clause The LAST-UPDATED clause, which must be present, contains the date and time that this definition was last edited. 8.2. Mapping of the PRODUCT-RELEASE clause The PRODUCT-RELEASE clause, which must be present, contains a textual description of the product release which includes this agent. Note that, in order to conform to the ASN.1 syntax, the entire value of this clause must be enclosed in double quotation marks, and therefore cannot itself contain double quotation marks, although the value may be multi-line. 8.3. Mapping of the DESCRIPTION clause The DESCRIPTION clause, which must be present, contains a textual description of this agent. Note that, in order to conform to the ASN.1 syntax, the entire value of this clause must be enclosed in double quotation marks, and therefore cannot itself contain double quotation marks, although the value may be multi-line. 8.4. Mapping of the SUPPORTS clause The SUPPORTS clause, which need not be present, is repeatedly used to name each MIB module for which the agent claims a complete or partial implementation. Each MIB module is named by its module name, and optionally, by its associated OBJECT IDENTIFIER as well. Expires January 4, 1993 [Page 45] Draft Structure of Management Information for SMP Jul 92 8.4.1. Mapping of the INCLUDES clause The INCLUDES clause, which must be present for each use of the SUPPORTS clause, is used to name each MIB group associated with the SUPPORT clause, which the agent claims to implement. 8.4.2. Mapping of the VARIATION clause The VARIATION clause, which need not be present, is repeatedly used to name each MIB object which the agent implements in some variant or refined fashion with respect to the correspondent invocation of the OBJECT-TYPE macro. Note that the variation concept is meant for generic implementation restrictions, e.g., if the variation for an object depends on the values of other objects, then this should be noted in the appropriate DESCRIPTION clause. 8.4.2.1. Mapping of the SYNTAX clause The SYNTAX clause, which need not be present, is used to provide a refined SYNTAX for the object named in the correspondent VARIATION clause. Note that if this clause and a WRITE-SYNTAX clause are both present, then this clause only applies when instances of the object named in the correspondent VARIATION clause are read. Consult Section 9 for more information on refined syntax. 8.4.2.2. Mapping of the WRITE-SYNTAX clause The WRITE-SYNTAX clause, which need not be present, is used to provide a refined SYNTAX for the object named in the correspondent VARIATION clause when instances of that object are written. Consult Section 9 for more information on refined syntax. Expires January 4, 1993 [Page 46] Draft Structure of Management Information for SMP Jul 92 8.4.2.3. Mapping of the ACCESS clause The ACCESS clause, which need not be present, is used to indicate the agent provides less than the maximal level of access to the object named in the correspondent VARIATION clause. The value "not-implemented" indicates the agent does not implement the object, and in the ordering of possible values is equivalent to "not-accessible". The value "write-only" is provided solely for backward compatibility, and shall not be used for newly-defined object types. In the ordering of possible values, "write-only" is less than "not-accessible". 8.4.2.4. Mapping of the CREATION-REQUIRES clause The CREATION-REQUIRES clause, which need not be present, is used to name the columnar objects of a conceptual row to which values must be explicitly assigned, by a management protocol set operation, before the agent will allow the instance of the status column of that row to be set to `active(4)'. (Consult the definition of RowStatus in [5].) If the conceptual row does not have a status column (i.e., the objects corresponding to the conceptual table were defined using the mechanisms in [7,8]), then the CREATION-REQUIRES clause, which need not be present, is used to name the columnar objects of a conceptual row to which values must be explicitly assigned, by a management protocol set operation, before the agent will create new instances of objects in that row. This clause must not present unless the object named in the correspondent VARIATION clause is a conceptual row, i.e., has a syntax which resolves to a SEQUENCE containing columnar objects. The objects named in the value of this clause usually will refer to columnar objects in that row. However, objects unrelated to the conceptual row may also be specified. All objects which are named in the CREATION-REQUIRES clause for a conceptual row, and which are columnar objects of that row, must have an access level of "read-create". Expires January 4, 1993 [Page 47] Draft Structure of Management Information for SMP Jul 92 8.4.2.5. Mapping of the DEFVAL clause The DEFVAL clause, which need not be present, is used to provide a refined DEFVAL value for the object named in the correspondent VARIATION clause. The semantics of this value are identical to those of the OBJECT-TYPE macro's DEFVAL clause. 8.4.2.6. Mapping of the DESCRIPTION clause The DESCRIPTION clause, which must be present for each use of the VARIATION clause, contains a textual description of the variant or refined implementation. Note that, in order to conform to the ASN.1 syntax, the entire value of this clause must be enclosed in double quotation marks, and therefore cannot itself contain double quotation marks, although the value may be multi-line. 8.5. Mapping of the AGENT-CAPABILITIES value The value of an invocation of the AGENT-CAPABILITIES macro is an OBJECT IDENTIFIER, which names the value of sysObjectID [2] or smpORID [3] for which this capabilities statement is valid. Expires January 4, 1993 [Page 48] Draft Structure of Management Information for SMP Jul 92 8.6. Usage Example Consider how a capabilities statement for an agent might be described: example-agent AGENT-CAPABILITIES LAST-UPDATED "9205170259Z" PRODUCT-RELEASE "ACME Agent release 1.1 for 4BSD" DESCRIPTION "ACME agent for 4BSD" SUPPORTS RFC1213-MIB INCLUDES { system, interfaces, at, ip, icmp, tcp, udp, snmp } VARIATION ifAdminStatus SYNTAX INTEGER { up(1), down(2) } DESCRIPTION "Unable to set test mode on 4BSD" VARIATION ifOperStatus SYNTAX INTEGER { up(1), down(2) } DESCRIPTION "Information limited on 4BSD" VARIATION atEntry CREATION-REQUIRES { atPhysAddress } DESCRIPTION "Address mappings on 4BSD require both protocol and media addresses" VARIATION ipDefaultTTL SYNTAX INTEGER { maxttl(255) } DESCRIPTION "Hard-wired on 4BSD" VARIATION ipInAddrErrors ACCESS not-implemented DESCRIPTION "Information not available on 4BSD" VARIATION ipRouteType SYNTAX INTEGER { direct(3), indirect(4) } WRITE-SYNTAX INTEGER { invalid(2), direct(3), indirect(4) } DESCRIPTION "Information limited on 4BSD" VARIATION tcpConnState ACCESS read-only DESCRIPTION "Unable to set this on 4BSD" Expires January 4, 1993 [Page 49] Draft Structure of Management Information for SMP Jul 92 SUPPORTS EVAL-MIB INCLUDES { functions, expressions } VARIATION exprEntry CREATION-REQUIRES { evalString } DESCRIPTION "Conceptual row creation supported" ::= { acme-agents 1 } According to this invocation, an agent with a sysObjectID (or smpORID) value of { acme-agents 1 } supports two MIB modules. From MIB-II, all groups except the egp group are supported. However, the object ipInAddrErrors is not implemented, whilst the objects ifAdminStatus ifOperStatus ipDefaultTTL ipRouteType have a restricted syntax, and the object tcpConnState is available only for reading. Note that in the case of the object ipRouteType the set of values which may be read is different than the set of values which may be written. Finally, when creating a new instance in the atTable, the set-request must create an instance of atPhysAddress. From the EVAL-MIB, all the objects contained in the functions and expressions groups are supported, without variation. In addition, creation of new instances in the expr table is supported. Expires January 4, 1993 [Page 50] Draft Structure of Management Information for SMP Jul 92 9. Refined Syntax The SYNTAX and WRITE-SYNTAX clauses in the MODULE-COMPLIANCE and AGENT-CAPABILITIES macros allow an object's syntax to be refined. However, not all refinements of syntax are appropriate. In particular, the object's primitive or application type must not be changed. Further, the following restrictions apply: Restrictions to Refinement on object syntax range enumeration size repertoire ----------------- ----- ----------- ---- ---------- INTEGER (1) (2) - - OCTET STRING - - (3) (4) OBJECT IDENTIFIER - - - - BIT STRING - (2) - - IpAddress - - - - Counter32 - - - - Gauge32 (1) - - - TimeTicks - - - - Counter64 - - - - NsapAddress - - - - where: (1) the range of permitted values may be refined by raising the lower-bounds, by reducing the upper-bounds, and/or by reducing the alternative value/range choices; (2) the enumeration of named-values may be refined by removing one or more named-values; (3) the size in characters of the value may be refined by raising the lower-bounds, by reducing the upper-bounds, and/or by reducing the alternative size choices; or, (4) the repertoire of characters in the value may be reduced by further sub-typing. Otherwise no refinements are possible. Note that when refining an object with a SYNTAX clause value of Integer32, then the refined SYNTAX is expressed as an INTEGER and the restrictions of the table above are used. Expires January 4, 1993 [Page 51] Draft Structure of Management Information for SMP Jul 92 10. IMPORTing objects from other MIB modules Within an ASN.1 module, all ASN.1 objects must have a unique textual name (which we term a descriptor). However, when objects from different modules are referenced, there is the possibility of collision. To reference an external object, two methods are available: (1) The descriptor is named by prefixing a string consisting of the name of the module which defines the descriptor and a dot ("."), i.e., "module.descriptor"; or, (2) The descriptor is included in the IMPORTS statement. The latter method is often used because it is more convenient. However, if two different modules define the same descriptor for an object, at most one of those objects may be IMPORTed (if the MIB module itself defines an object with the same descriptor, then neither object may be IMPORTed). In contrast, with the former method, no ambiguity is possible owing to the unique names chosen for modules. Expires January 4, 1993 [Page 52] Draft Structure of Management Information for SMP Jul 92 11. Extending a MIB module As experience is gained with a published MIB module, it may be desirable to revise that module. 11.1. Object Definitions An object definition may be revised in any of the following ways: (1) Existing objects with a status of "mandatory" may be revised as "deprecated" or "obsolete". Similarly, objects with a status of "deprecated" may be revised as "obsolete". (2) A DEFVAL clause may be added or updated. (3) A REFERENCE clause may be added or updated. (4) A UNITS clause may be added. (5) A conceptual row may be augmented by adding new columnar objects at the end of the row. (6) Entirely new objects may be defined, named with previously unassigned OBJECT IDENTIFIER values. However, if the semantics of any previously defined object are changed (i.e., if a non-editorial change is made to any clause other those specifically allowed above), then the OBJECT IDENTIFIER value associated with that object must also be changed. Finally, note that changing the descriptor associated with an existing object, is not considered a semantic change, as these strings are used solely for local use, and are not passed via the management protocol. 11.2. Trap Definitions A trap definition may be revised in any of the following ways: Expires January 4, 1993 [Page 53] Draft Structure of Management Information for SMP Jul 92 (1) A REFERENCE clause may be added or updated. However, if the semantics of any previously defined trap are changed (i.e., if a non-editorial change is made to any clause other those specifically allowed above), then the OBJECT IDENTIFIER value associated with that trap must also be changed. Finally, note that changing the descriptor associated with an existing trap, is not considered a semantic change, as these strings are used solely for local use, and are not passed via the management protocol. 11.3. Compliance Definitions If any non-editorial change is made to any clause of a compliance definition, then the OBJECT IDENTIFIER value associated with that compliance definition must also be changed, along with its associated descriptor. 11.4. Capabilities Definitions If any non-editorial change is made to any clause of a capabilities definition, then the OBJECT IDENTIFIER value associated with that capabilities definition must also be changed, along with its associated descriptor. Expires January 4, 1993 [Page 54] Draft Structure of Management Information for SMP Jul 92 12. Appendix: de-OSIfying a MIB module There has been an increasing amount of work recently on taking MIBs defined by other organizations (e.g., the IEEE) and de- osifying them for use with the Internet-standard network management framework. The steps to achieve this are straight-forward, though tedious. Of course, it is helpful to already be experienced in writing MIB modules for use with the Internet-standard network management framework. The first step is to construct a skeletal MIB module, e.g., RFCxxxx-MIB DEFINITIONS ::= BEGIN IMPORTS OBJECT-TYPE, OBJECT-GROUP, experimental FROM SMP-SMI; -- contact IANA for actual number root OBJECT IDENTIFIER ::= { experimental xx } END The next step is to categorize the objects into groups. Optional objects are not permitted. Thus, when a MIB module is created, optional objects must be placed in a optional group, which, if implemented, all objects in the group must be implemented. For the first pass, it is wisest to simply ignore any optional objects in the original MIB: experience shows it is better to define a core MIB module first, containing only essential objects; later, if experience demands, other objects can be added. 12.1. Managed Object Mapping Next for each managed object class, determine whether there can exist multiple instances of that managed object class. If not, then for each of its attributes, use the OBJECT-TYPE macro to make an equivalent definition. Otherwise, if multiple instances of the managed object class can exist, then define a conceptual table having conceptual Expires January 4, 1993 [Page 55] Draft Structure of Management Information for SMP Jul 92 rows each containing a columnar object for each of the managed object class's attributes. If the managed object class is contained within the containment tree of another managed object class, then the assignment of an object is normally required for each of the "distinguished attributes" of the containing managed object class. If they do not already exist within the MIB module, then they can be added via the definition of additional columnar objects in the conceptual row corresponding to the contained managed object class. In defining a conceptual row, it is useful to consider the optimization of network management operations which will act upon its columnar objects. In particular, it is wisest to avoid defining more columnar objects within a conceptual row, than can fit in a single PDU. As a rule of thumb, a conceptual row should contain no more than approximately 20 objects. Similarly, or as a way to abide by the "20 object guideline", columnar objects should be grouped into tables according to the expected grouping of network management operations upon them. As such, the content of conceptual rows should reflect typical access scenarios, e.g., they should be organized along functional lines such as one row for statistics and another row for parameters, or along usage lines such as commonly-needed objects versus rarely-needed objects. On the other hand, the definition of conceptual rows where the number of columnar objects used as indexes outnumbers the number used to hold information, should also be avoided. In particular, the splitting of a managed object class's attributes into many conceptual tables should not be used as a way to obtain the same degree of flexibility/complexity as is often found in MIBs with a myriad of optionals. 12.1.1. Mapping to the SYNTAX clause When mapping to the SYNTAX clause of the OBJECT-type macro: (1) An object with BOOLEAN syntax becomes a TruthValue [5]. (2) An object with INTEGER syntax becomes an Integer32. (3) An object with ENUMERATED syntax becomes an INTEGER with enumerations, taking any of the values given which can be Expires January 4, 1993 [Page 56] Draft Structure of Management Information for SMP Jul 92 represented with an Integer32. (4) An object with BIT STRING syntax but no enumerations becomes an OCTET STRING. (5) An object with a character string syntax becomes either an OCTET STRING, or a DisplayString [5], depending on the repertoire of the character string. (6) A non-tabular object with a complex syntax, such as REAL or EXTERNAL, must be decomposed, usually into an OCTET STRING (if sensible). As a rule, any object with a complicated syntax should be avoided. (7) Tabular objects must be decomposed into rows of columnar objects. 12.1.2. Mapping to the UNITS clause If the description of this managed object defines a unit- basis, then mapping to this clause is straight-forward. 12.1.3. Mapping to the MAX-ACCESS clause This is straight-forward. 12.1.4. Mapping to the STATUS clause This is straight-forward. 12.1.5. Mapping to the DESCRIPTION clause This is straight-forward: simply copy the text, making sure that any embedded double quotation marks are sanitized (i.e., replaced with single-quotes or removed). 12.1.6. Mapping to the REFERENCE clause This is straight-forward: simply include a textual reference to the object being mapped, the document which defines the Expires January 4, 1993 [Page 57] Draft Structure of Management Information for SMP Jul 92 object, and perhaps a page number in the document. 12.1.7. Mapping to the INDEX clause If necessary, decide how instance-identifiers for columnar objects are to be formed and define this clause accordingly. 12.1.8. Mapping to the DEFVAL clause Decide if a meaningful default value can be assigned to the object being mapped, and if so, define the DEFVAL clause accordingly. 12.2. Action Mapping Actions are modeled as read-write objects, in which writing a particular value results in a state change. (Usually, as a part of this state change, some action might take place.) 12.2.1. Mapping to the SYNTAX clause Usually the Integer32 syntax is used with a distinguished value provided for each action that the object provides access to. In addition, there is usually one other distinguished value, which is the one returned when the object is read. 12.2.2. Mapping to the MAX-ACCESS clause Always use read-write or read-create. 12.2.3. Mapping to the STATUS clause This is straight-forward. 12.2.4. Mapping to the DESCRIPTION clause This is straight-forward: simply copy the text, making sure that any embedded double quotation marks are sanitized (i.e., Expires January 4, 1993 [Page 58] Draft Structure of Management Information for SMP Jul 92 replaced with single-quotes or removed). 12.2.5. Mapping to the REFERENCE clause This is straight-forward: simply include a textual reference to the action being mapped, the document which defines the action, and perhaps a page number in the document. 12.3. Event Mapping Events are modeled as SMP traps using TRAP-DEFINITION macro. However, recall that the SMP framework emphasizes trap- directed polling. As such, few, and usually no, traps, need be defined for any MIB module. 12.3.1. Mapping to the DESCRIPTION clause This is straight-forward: simply copy the text, making sure that any embedded double quotation marks are sanitized (i.e., replaced with single-quotes or removed). 12.3.2. Mapping to the REFERENCE clause This is straight-forward: simply include a textual reference to the event being mapped, the document which defines the event, and perhaps a page number in the document. Expires January 4, 1993 [Page 59] Draft Structure of Management Information for SMP Jul 92 13. Acknowledgements The section on object definitions (and MIB de-osification) is based, in part, on RFCs 1155 and 1212. The IMPLIED keyword is based on a conversation with David T. Perkins in December, 1991. The section on trap definitions is based, in part, on RFC 1215. The section on compliance definitions is based, in part, on a conversation with James R. Davin in December, 1990. The section on capabilities definitions is based, in part, on RFC 1303. Expires January 4, 1993 [Page 60] Draft Structure of Management Information for SMP Jul 92 14. References [1] Information processing systems - Open Systems Interconnection - Specification of Abstract Syntax Notation One (ASN.1), International Organization for Standardization. International Standard 8824, (December, 1987). [2] K. McCloghrie and M.T. Rose, Management Information Base for Network Management of TCP/IP-based internets: MIB-II. Request for Comments 1213, (March, 1991). [3] J.D. Case, K. McCloghrie, M.T. Rose, S.L. Waldbusser, Management Information Base for the Simple Management Protocol (SMP) Framework, (July, 1992). [4] Information processing systems - Open Systems Interconnection - Specification of Basic Encoding Rules for Abstract Syntax Notation One (ASN.1), International Organization for Standardization. International Standard 8825, (December, 1987). [5] J.D. Case, K. McCloghrie, M.T. Rose, S.L. Waldbusser, Textual Conventions for the Simple Management Protocol (SMP) Framework, (July, 1992). [6] J.D. Case, K. McCloghrie, M.T. Rose, S.L. Waldbusser, Protocol Operations for the Simple Management Protocol (SMP) Framework, (July, 1992). [7] M.T. Rose and K. McCloghrie, Structure and Identification of Management Information for TCP/IP-based internets. Request for Comments 1155, (May, 1990). [8] M.T. Rose and K. McCloghrie, Concise MIB Definitions. Request for Comments 1212, (March, 1991). [9] K. McCloghrie, J.R. Davin, J.M. Galvin, Definitions of Managed Objects for Administration of SNMP Parties. Request for Comments 1353, (July, 1992). Expires January 4, 1993 [Page 61] Draft Structure of Management Information for SMP Jul 92 Table of Contents 1 Status of this Memo ................................... 1 2 Introduction .......................................... 3 3 Definitions ........................................... 5 3.1 The OBJECT-TYPE macro ............................... 6 3.2 Object Names and Syntaxes ........................... 8 3.3 The OBJECT-GROUP macro .............................. 11 3.4 The TRAP-DEFINITION macro ........................... 12 3.5 The MODULE-COMPLIANCE macro ......................... 13 3.6 The AGENT-CAPABILITIES macro ........................ 15 4 Mapping of the OBJECT-TYPE macro ...................... 18 4.1 Mapping of the SYNTAX clause ........................ 18 4.1.1 Integer32 and INTEGER ............................. 18 4.1.2 OCTET STRING ...................................... 19 4.1.3 OBJECT IDENTIFIER ................................. 19 4.1.4 BIT STRING ........................................ 19 4.1.5 IpAddress ......................................... 19 4.1.6 Counter32 ......................................... 20 4.1.7 Gauge32 ........................................... 20 4.1.8 TimeTicks ......................................... 20 4.1.9 Opaque ............................................ 21 4.1.10 Counter64 ........................................ 21 4.1.11 NsapAddress ...................................... 22 4.2 Mapping of the UNITS clause ......................... 22 4.3 Mapping of the MAX-ACCESS clause .................... 22 4.4 Mapping of the STATUS clause ........................ 23 4.5 Mapping of the DESCRIPTION clause ................... 23 4.6 Mapping of the REFERENCE clause ..................... 23 4.7 Mapping of the INDEX clause ......................... 24 4.7.1 Creation and Deletion of Conceptual Rows .......... 26 4.8 Mapping of the AUGMENTS clause ...................... 26 4.9 Mapping of the NUM-ENTRIES clause ................... 27 4.10 Mapping of the DEFVAL clause ....................... 27 4.11 Mapping of the OBJECT-TYPE value ................... 28 4.11.1 Naming Hierarchy ................................. 29 4.12 Usage Example ...................................... 30 5 Mapping of the OBJECT-GROUP macro ..................... 32 5.1 Mapping of the OBJECTS clause ....................... 32 5.2 Mapping of the DESCRIPTION clause ................... 32 5.3 Mapping of the OBJECT-GROUP value ................... 33 5.4 Usage Example ....................................... 34 6 Mapping of the TRAP-DEFINITION macro .................. 35 6.1 Mapping of the OBJECTS clause ....................... 35 Expires January 4, 1993 [Page 62] Draft Structure of Management Information for SMP Jul 92 6.2 Mapping of the DESCRIPTION clause ................... 35 6.3 Mapping of the REFERENCE clause ..................... 35 6.4 Mapping of the TRAP-DEFINITION value ................ 36 6.5 Usage Example ....................................... 38 7 Mapping of the MODULE-COMPLIANCE macro ................ 39 7.1 Mapping of the MODULE clause ........................ 39 7.1.1 Mapping of the MANDATORY-GROUPS clause ............ 39 7.1.2 Mapping of the GROUP clause ....................... 39 7.1.3 Mapping of the OBJECT clause ...................... 40 7.1.3.1 Mapping of the SYNTAX clause .................... 40 7.1.3.2 Mapping of the WRITE-SYNTAX clause .............. 40 7.1.3.3 Mapping of the MIN-ACCESS clause ................ 41 7.1.3.4 Mapping of the DESCRIPTION clause ............... 41 7.2 Mapping of the MODULE-COMPLIANCE value .............. 41 7.3 Usage Example ....................................... 42 8 Mapping of the AGENT-CAPABILITIES macro ............... 44 8.1 Mapping of the LAST-UPDATED clause .................. 45 8.2 Mapping of the PRODUCT-RELEASE clause ............... 45 8.3 Mapping of the DESCRIPTION clause ................... 45 8.4 Mapping of the SUPPORTS clause ...................... 45 8.4.1 Mapping of the INCLUDES clause .................... 46 8.4.2 Mapping of the VARIATION clause ................... 46 8.4.2.1 Mapping of the SYNTAX clause .................... 46 8.4.2.2 Mapping of the WRITE-SYNTAX clause .............. 46 8.4.2.3 Mapping of the ACCESS clause .................... 47 8.4.2.4 Mapping of the CREATION-REQUIRES clause ......... 47 8.4.2.5 Mapping of the DEFVAL clause .................... 48 8.4.2.6 Mapping of the DESCRIPTION clause ............... 48 8.5 Mapping of the AGENT-CAPABILITIES value ............. 48 8.6 Usage Example ....................................... 49 9 Refined Syntax ........................................ 51 10 IMPORTing objects from other MIB modules ............. 52 11 Extending a MIB module ............................... 53 11.1 Object Definitions ................................. 53 11.2 Trap Definitions ................................... 53 11.3 Compliance Definitions ............................. 54 11.4 Capabilities Definitions ........................... 54 12 Appendix: de-OSIfying a MIB module ................... 55 12.1 Managed Object Mapping ............................. 55 12.1.1 Mapping to the SYNTAX clause ..................... 56 12.1.2 Mapping to the UNITS clause ...................... 57 12.1.3 Mapping to the MAX-ACCESS clause ................. 57 12.1.4 Mapping to the STATUS clause ..................... 57 12.1.5 Mapping to the DESCRIPTION clause ................ 57 12.1.6 Mapping to the REFERENCE clause .................. 57 Expires January 4, 1993 [Page 63] Draft Structure of Management Information for SMP Jul 92 12.1.7 Mapping to the INDEX clause ...................... 58 12.1.8 Mapping to the DEFVAL clause ..................... 58 12.2 Action Mapping ..................................... 58 12.2.1 Mapping to the SYNTAX clause ..................... 58 12.2.2 Mapping to the MAX-ACCESS clause ................. 58 12.2.3 Mapping to the STATUS clause ..................... 58 12.2.4 Mapping to the DESCRIPTION clause ................ 58 12.2.5 Mapping to the REFERENCE clause .................. 59 12.3 Event Mapping ...................................... 59 12.3.1 Mapping to the DESCRIPTION clause ................ 59 12.3.2 Mapping to the REFERENCE clause .................. 59 13 Acknowledgements ..................................... 60 14 References ........................................... 61 Expires January 4, 1993 [Page 64]