Internet Draft Andy Bierman
Cisco Systems, Inc.
25 November 2000
Remote Monitoring MIB Extensions for Virtual Data Sources
<draft-bierman-rmonmib-vds-mib-01.txt>
Status of this Memo
This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026 [RFC2026].
Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF), its areas, and its working groups. Note that other groups
may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet- Drafts as reference material
or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
Distribution of this document is unlimited. Please send comments to the
authors.
1. Copyright Notice
Copyright (C) The Internet Society (2000). All Rights Reserved.
2. Abstract
This memo defines a portion of the Management Information Base (MIB) for
use with network management protocols in the Internet community. In
Internet Draft VDS MIB November 2000
particular, it describes managed objects used for defining virtual data
monitoring sources for use with existing RMON MIBs.
3. Table of Contents
1 Copyright Notice ................................................ 1
2 Abstract ........................................................ 1
3 Table of Contents ............................................... 2
4 The SNMP Management Framework ................................... 3
5 Overview ........................................................ 4
5.1 Relationship to the RMON-2 MIB ................................ 4
5.2 Relationship to the SMON MIB .................................. 4
5.3 Relationship to the Interfaces MIB ............................ 5
6 Virtual Data Sources ............................................ 5
6.1 Data Source Framework ......................................... 5
6.2 Virtual Data Source Components ................................ 7
6.3 Packet Selection Mechanisms ................................... 9
6.4 High Capacity Interface Monitoring ............................ 11
6.5 Configuration Restrictions .................................... 11
6.6 Interfaces MIB Implementation Requirements .................... 12
6.6.1 Mapping of the ifIndex object ............................... 12
6.6.2 Mapping of the ifDescr object ............................... 12
6.6.3 Mapping of the ifType object ................................ 12
6.6.4 Mapping of the ifSpeed object ............................... 12
6.6.5 Mapping of the ifPhysAddress object ......................... 12
6.6.6 Mapping of the ifAdminStatus object ......................... 13
6.6.7 Mapping of the ifOperStatus object .......................... 13
6.6.8 Mapping of the ifLastChange object .......................... 13
6.6.9 Mapping of the ifLinkUpDownTrapEnable object ................ 13
6.6.10 Mapping of the ifConnectorPresent object ................... 13
6.6.11 Mapping of the ifHighSpeed object .......................... 13
6.6.12 Mapping of the ifName object ............................... 13
6.6.13 Mapping of the ifNumber object ............................. 14
6.6.14 Mapping of the ifAlias object .............................. 14
6.6.15 Mapping of the ifTableLastChange object .................... 14
6.6.16 Mapping of the ifStackStatus object ........................ 14
6.6.17 Mapping of the ifStackLastChange object .................... 15
6.6.18 Mapping of the ifCounterDiscontinuityTime object ........... 15
7 MIB Description ................................................. 15
7.1 Virtual Data Source Control Group ............................. 15
7.2 Virtual Data Source Packet Selection Algorithms ............... 15
7.2.1 Virtual LAN Based Packet Selection .......................... 15
7.2.2 Network Address Based Packet Selection ...................... 16
7.2.3 Quality of Service Based Packet Selection ................... 16
7.2.4 Protocol Based Packet Selection ............................. 16
Expires May 25, 2001 [Page 2]
Internet Draft VDS MIB November 2000
7.2.5 Content (channelTable) Based Packet Selection ............... 16
7.2.6 URL Based Packet Selection .................................. 16
7.3 Changes in the '01' Version ................................... 17
8 Definitions ..................................................... 17
9 Intellectual Property ........................................... 60
10 References ..................................................... 60
11 Security Considerations ........................................ 64
12 Author's Address ............................................... 64
13 Full Copyright Statement ....................................... 65
4. The SNMP Management Framework
The SNMP Management Framework presently consists of five major
components:
o An overall architecture, described in RFC 2571 [RFC2571].
o Mechanisms for describing and naming objects and events for the
purpose of management. The first version of this Structure of
Management Information (SMI) is called SMIv1 and described in
RFC 1155 [RFC1155], RFC 1212 [RFC1212] and RFC 1215 [RFC1215].
The second version, called SMIv2, is described in RFC 2578
[RFC2578], RFC 2579 [RFC2579] and RFC 2580 [RFC2580].
o Message protocols for transferring management information. The
first version of the SNMP message protocol is called SNMPv1 and
described in RFC 1157 [RFC1157]. A second version of the SNMP
message protocol, which is not an Internet standards track
protocol, is called SNMPv2c and described in RFC 1901 [RFC1901]
and RFC 1906 [RFC1906]. The third version of the message
protocol is called SNMPv3 and described in RFC 1906 [RFC1906],
RFC 2572 [RFC2572] and RFC 2574 [RFC2574].
o Protocol operations for accessing management information. The
first set of protocol operations and associated PDU formats is
described in RFC 1157 [RFC1157]. A second set of protocol
operations and associated PDU formats is described in RFC 1905
[RFC1905].
o A set of fundamental applications described in RFC 2573
[RFC2573] and the view-based access control mechanism described
in RFC 2575 [RFC2575].
A more detailed introduction to the current SNMP Management Framework
can be found in RFC 2570 [RFC2570].
Expires May 25, 2001 [Page 3]
Internet Draft VDS MIB November 2000
Managed objects are accessed via a virtual information store, termed
the Management Information Base or MIB. Objects in the MIB are
defined using the mechanisms defined in the SMI.
This memo specifies a MIB module that is compliant to the SMIv2. A
MIB conforming to the SMIv1 can be produced through the appropriate
translations. The resulting translated MIB must be semantically
equivalent, except where objects or events are omitted because no
translation is possible (use of Counter64). Some machine readable
information in SMIv2 will be converted into textual descriptions in
SMIv1 during the translation process. However, this loss of machine
readable information is not considered to change the semantics of the
MIB.
5. Overview
There is a need for a standardized way of defining additional data
source capabilities for remote monitoring purposes. It is often
desirable to monitor only a subset of the actual network traffic
selected by existing RMON data sources. This subset is selected via
configuration of various packet classification algorithms.
This memo addresses the specific requirements of defining virtual
dataSources for use with existing RMON collections, such as those
defined in the RMON-1 [STD59], RMON-2 [RFC2021], SMON [RFC2613], and HC-
RMON [HC-RMON] MIBs. It also specifies how these virtual data sources
should be modeled as 'proprietary virtual' interfaces in the Interfaces
MIB [RFC2863].
5.1. Relationship to the RMON-2 MIB
This MIB uses the protocolDirTable [RFC2021] to identify the protocols
which are relevant to a particular virtual dataSource. Implementation of
the protocolDirectoryGroup is required if protocol-based packet
selection is implemented.
5.2. Relationship to the SMON MIB
This MIB uses the SmonDataSource textual convention from the SMON MIB
[RFC2613]. The virtual data source design specified in this MIB is an
extension of the data source architecture defined in the RMON-1 [STD59]
and SMON [RFC2613] MIBs.
Expires May 25, 2001 [Page 4]
Internet Draft VDS MIB November 2000
5.3. Relationship to the Interfaces MIB
This MIB uses the Interfaces MIB to model virtual interfaces for remote
monitoring purposes. An agent must implement the basic compliance level
'ifConformance2', for each virtual interface. There is one virtual
interface for each active virtual data source.
6. Virtual Data Sources
Most RMON control tables contain a read-create object that indicates the
source of network traffic data for the associated collection. This is in
the form of an OBJECT IDENTIFIER, which contains an instance of ifIndex
[RFC2863], identifying the interface in the ifTable to monitor.
6.1. Data Source Framework
The definition of an 'RMON data source' has evolved over the years. The
SmonDataSource [RFC2613] allows physical entities (e.g., backplanes,
repeater ports) defined in the Entity MIB [RFC2737] and global VLANs
(i.e., all packets on all interfaces with the same VLAN ID) to be used
as interfaces, for remote monitoring purposes.
In order to preserve backward compatibility with existing RMON MIB
definitions, all MIB objects of type DataSource must identify an
instance of the ifIndex object. Therefore, a data source control table
(dataSourceCapsTable) is used to create extended data sources (of type
SmonDataSource). iIf needed, a virtual interface (i.e, ifEntry) is
created on behalf of an SmonDataSource entry, to provide an ifEntry to
use just for RMON collections.
Expires May 25, 2001 [Page 5]
Internet Draft VDS MIB November 2000
Figure 1: Current Data Source Framework
---------------------------------------
+---------+ +---------+ +---------+
| | | | | |
| Real | | ENTMIB | | global |
| ifEntry | | PHY | | VLAN |
| | | Entity | | |
| | | | | |
+---------+ +---------+ +---------+
| | |
| | |
+-----------------+-----------------+
|
V
+---------+
| |
| Smon |
| Data |
| Source |
| |
+---------+
|
|
| for entPhysicalEntries
+---------+ | and global VLANs
| | |
| prop. |<-----------+
| virtual |
| ifEntry |
| |
+---------+
The remote monitoring data source framework needs to be expanded to
allow for a more refined form of network traffic selection. A new
'classification-based traffic pre-filter' mechanism is needed. This
will allow a network administrator to better focus the monitoring
capacity of a given agent implementation, which in turn can reduce the
number of MIB objects a management station application needs to
retrieve, for a given function.
Expires May 25, 2001 [Page 6]
Internet Draft VDS MIB November 2000
Figure 2: Proposed Data Source Framework
----------------------------------------
+---------+ +---------+ +---------+
| | | | | |
| Real | | ENTMIB | | global |
| ifEntry | | PHY | | VLAN |
| | | Entity | | |
| | | | | |
+---------+ +---------+ +---------+
| | |
| | |
+-----------------+-----------------+
|
V
+---------+ +---------+
| | | |
| Smon | | Virtual |
| Data |---------------->| Data |
| Source | | Source |
| | | |
+---------+ +---------+
| |
| |
| for entPhysicalEntries |
+---------+ | and global VLANs |
| | | |
| prop. |<-----------+ |
| virtual |<---------------------------------------+
| ifEntry | for all virtual data sources
| |
+---------+
6.2. Virtual Data Source Components
A virtual data source is conceptually identical to the existing
SmonDataSource mode for global VLANs. Some packet classification is
performed on traffic detected on a real packet source, and a portion of
that traffic (selected by the classification mechanism) is presented to
RMON collections via a propVirtual [IANATYPE] interface.
Expires May 25, 2001 [Page 7]
Internet Draft VDS MIB November 2000
Figure 3: Virtual Data Source Components
----------------------------------------
+---------+
| |
| SMON | Parent Data Source
| Data |
| Source |
| |
+---------+
|
|
|
|
V
+---------+
| |
| Packet | Boolean expression based;
| Select | combination of one or more
| Methods | packet classification methods
| |
+---------+
|
|
|
|
V
+---------+
| |
| Prop | ifEntry created by the agent
| Virtual | for RMON monitoring purposes
| ifEntry |
| |
+---------+
A virtual data source consists of three components:
- Parent Data Source
Any valid SmonDataSource can be used as the real source of packets.
- Packet Selection
Several types of packet classification mechanisms are provided to
pre-filter traffic from the parent data source. Packets which do
not meet the selection criteria are silently dropped by the agent.
Expires May 25, 2001 [Page 8]
Internet Draft VDS MIB November 2000
- Interface Table Entry
The agent creates a single proprietary virtual interface on behalf
of each virtual data source. The packets which are selected by the
configured pre-filters are passed to this virtual interface. If the
parent interface is a full-duplex interface, then the agent should
preserve the packet direction information derived from the parent
interface.
6.3. Packet Selection Mechanisms
An agent must support one or more packet selection mechanisms, and may
choose to limit the extent to which selection mechanisms can be combined
to form complex packet classifiers. An agent may also choose to limit
the number of expressions of the same type, within a single virtual data
source.
The outcome of the high level packet selection process is a single
boolean result (i.e., 'selected' or 'not selected'), for each packet
detected on the parent interface.
Expires May 25, 2001 [Page 9]
Internet Draft VDS MIB November 2000
Figure 4: Packet Selection Framework
------------------------------------
+---------+ +---------+ +---------+ Individual
| | | | | | boolean
+-+-------+ | +-+-------+ | +-+-------+ | expressions
| | | | | | | | | are evaluated
| Packet | | | Packet | | | Packet | | in groups,
| Select | | | Select | | .. | Select | | forming an
| Type 1 +-+ | Type 2 +-+ | Type N +-+ OR expression
| | | | | | for each packet
+---------+ +---------+ +---------+ selection type
| | |
| | |
| | |
V V V
+---------+ +---------+ +---------+
| | | | | | The boolean
| NOT | | NOT | | NOT | result for each
| Type 1 | | Type 2 | .. | Type N | selection type
| OR | | OR | | OR | can be inverted
| Type 1 | | Type 2 | | Type N | independently
+---------+ +---------+ +---------+
| | |
| +-----+ | +-----+ |
| | AND | | | AND | |
+---->| --- |-----+-----| --- |-----+
| OR | | | OR |
+-----+ | +-----+
|
V
+---------+
| |
| Boolean | The intersection (AND expression)
| Result | or the union (OR expression) of
| for the | all results forms the final
| packet | boolean result for the packet
| |
+---------+
Each packet selection mechanism control table shares the same simple
indexing structure (e.g., Packet Select Type 1..N above). The major
index is an arbitrary integer which defines a particular group of
selection expressions, and the minor index is an arbitrary integer which
Expires May 25, 2001 [Page 10]
Internet Draft VDS MIB November 2000
identifies an individual selection expression within a particular
selection group. Entries with the same index values in different packet
selection control tables do not share any semantics whatsoever.
If the agent allows multiple expressions per selection type, then an
expression group is evaluated to produce a boolean result which is the
union (OR expression) of all expressions within the group. The boolean
result for each packet selection type can be inverted.
If the agent allows multiple packet selection types for a single virtual
data source, then the results of each selection type are combined to
form an AND expression or an OR expression. The result of this boolean
expression is used to determine if the packet being evaluated should be
presented to the virtual data source for counting purposes. If the
result is 'true', then the packet is passed on to the virtual data
source, otherwise it is silently dropped.
6.4. High Capacity Interface Monitoring
There is a need to standardize the manner in which classification-based
pre-filtering is performed on high capacity interfaces, for remote
monitoring purposes.
It is possible that existing and future probe implementations have the
ability to perform some sort of classification based pre-filtering at a
much faster rate (e.g., line-rate) than the processing and collecting of
arbitrary RMON configurations.
It is also possible that management station applications can reduce the
NMS and agent resources required to acquire the data relevant to a given
monitoring task. This can be realized by reducing both the memory and
SNMP polling transactions required.
6.5. Configuration Restrictions
A balance is needed between flexibility and complexity, in order to
increase the chance of multi-vendor interoperability. Therefore, the
following constraints are applied to virtual data sources:
- A virtual datasource must be derived directly from a single 'real'
dataSource, i.e., any data source other than another virtual
dataSource.
- Each packet selection mechanism is optional, except that the
implementation of at least one of these mechanisms is required.
Expires May 25, 2001 [Page 11]
Internet Draft VDS MIB November 2000
- The combination and number of configured selection mechanisms is
implementation-dependent.
6.6. Interfaces MIB Implementation Requirements
The agent is required to maintain certain objects in the Interfaces MIB
[RFC2863], on behalf of each active virtual data source. Specifically,
minimum conformance to the 'ifConformance2' MODULE-COMPLIANCE is
required. One 'proprietary virtual' interface in maintained for each
active virtual data source.
6.6.1. Mapping of the ifIndex object
The ifIndex value for a virtual data source is chosen by the agent and
is simply an arbitrary integer. This value will be stored (as a read-
only object) in each virtual data source control entry (in the
vdsControlIfIndex object).
6.6.2. Mapping of the ifDescr object
The ifDescr value for a virtual data source is chosen by the management
station and is a textual description of the virtual data source. This
value will be configured in each virtual data source control entry (in
the vdsControlIfDescr object). The agent will use this supplied value
for the instance of the ifDescr object associated with the entry.
6.6.3. Mapping of the ifType object
The interface type for virtual data sources shall be the IANAifType
enumeration value 'propVirtual(53)'. [IANATYPE]
[Open Issue: should a new IANAifType enumeration be defined for RMON
virtual data sources?]
6.6.4. Mapping of the ifSpeed object
The ifSpeed object for virtual data sources shall be set to zero.
6.6.5. Mapping of the ifPhysAddress object
The ifPhysAddress object for virtual data sources shall be set to a zero
length octet string.
Expires May 25, 2001 [Page 12]
Internet Draft VDS MIB November 2000
6.6.6. Mapping of the ifAdminStatus object
The ifAdminStatus object for virtual data sources shall have the value
'up(1)', while the corresponding virtual data source control entry is
active, and shall contain the value 'down(2)' otherwise. However, the
ifAdminStatus object is not required to be instantiated unless the
control entry is active.
6.6.7. Mapping of the ifOperStatus object
The ifOperStatus object for virtual data sources shall have the value
'up(1)', while the corresponding virtual data source control entry is
active, and shall contain the value 'down(2)' otherwise. However, the
ifOperStatus object is not required to be instantiated unless the
control entry is active.
6.6.8. Mapping of the ifLastChange object
The ifLastChange object for virtual data sources shall have the value of
sysUpTime at the time the corresponding virtual data source control
entry (i.e., vdsControlStatus) last transitioned to the 'active' state.
However, the ifLastChange object is not required to be instantiated
unless the control entry is active.
6.6.9. Mapping of the ifLinkUpDownTrapEnable object
The ifLinkUpDownTrapEnable object for virtual data sources shall contain
the value 'disabled(2)'. Write access to this object is not required
(or recommended).
6.6.10. Mapping of the ifConnectorPresent object
The ifConnectorPresent object for virtual data sources shall contain the
value 'false(2)'.
6.6.11. Mapping of the ifHighSpeed object
The ifHighSpeed object for virtual data sources shall contain the value
zero.
6.6.12. Mapping of the ifName object
The ifName value for a virtual data source is chosen by the management
station and is a textual name for the virtual data source. This value
will be configured in each virtual data source control entry (in the
Expires May 25, 2001 [Page 13]
Internet Draft VDS MIB November 2000
vdsControlIfName object). The agent will use this supplied value for
the instance of the ifName object associated with the entry.
6.6.13. Mapping of the ifNumber object
Implementation of the ifNumber is required. Instantiation of a virtual
interface on behalf of a virtual data source control entry shall cause
ifNumber to be incremented by one. Destruction of a virtual interface
upon the destruction of a virtual data source control entry shall cause
ifNumber to be decremented by one.
6.6.14. Mapping of the ifAlias object
The ifAlias value for a virtual data source is chosen by the management
station and is a textual alias, intended to be saved in non-volatile
storage, for the virtual data source. This value will be configured in
each virtual data source control entry (in the vdsControlIfAlias
object). The agent will use this supplied value for the instance of the
ifAlias object associated with the entry.
6.6.15. Mapping of the ifTableLastChange object
Implementation of the ifTableLastChange object is required. Creation or
deletion of virtual interfaces on behalf of virtual data sources shall
cause the ifTableLastChange object to be updated with the current
sysUpTime.
6.6.16. Mapping of the ifStackStatus object
Implementation of the ifStackTable is required. For each virtual
interface maintained on behalf of a virtual data source control entry,
an instance of the ifStackStatus object shall exist, with the following
form:
ifStackStatus.x.y=active
where:
x = ifIndex value of the virtual interface
for the virtual data source
y = ifIndex value of the parent interface
configured in the virtual data source
Expires May 25, 2001 [Page 14]
Internet Draft VDS MIB November 2000
6.6.17. Mapping of the ifStackLastChange object
Implementation of the ifStackLastChange object is required. Creation or
deletion of virtual interfaces on behalf of virtual data sources shall
cause the ifStackLastChange object to be updated with the current
sysUpTime.
6.6.18. Mapping of the ifCounterDiscontinuityTime object
Implementation of any Interfaces MIB counters is not required. However,
if such counters are instantiated for a virtual interface (on behalf of
a virtual data source), then this object should be implemented.
Otherwise, the agent shall set this object to zero.
7. MIB Description
The MIB contains a common control table for each virtual data source
maintained by the agent, and a table for each type of pre-filter packet
selection algorithm supported by the agent. There is also a scalar
object to identify the packet selection capabilities of the agent.
7.1. Virtual Data Source Control Group
This group contains the vdsControlTable and the vdsSelectCaps scalar
object. Each vdsControlEntry contains a group of packet selection 'index
pointers'. These pointers either contain a value of zero to indicate
that a mechanism is not used, or a non-zero value to indicate the 'major
index' into the appropriate packet selection control table.
7.2. Virtual Data Source Packet Selection Algorithms
There are several mechanisms provided, within the framework defined in
section x.x:
- Virtual LAN Based Packet Selection
- Network Address Based Packet Selection
- Quality of Service Based Packet Selection
- Protocol Based Packet Selection
- Content (channelTable) Based Packet Selection
- URL Based Packet Selection
7.2.1. Virtual LAN Based Packet Selection
The vdsVlanSelTable is used to specify one or more IEEE 802.1Q Virtual
LAN IDs as part or all of a virtual dataSource.
Expires May 25, 2001 [Page 15]
Internet Draft VDS MIB November 2000
7.2.2. Network Address Based Packet Selection
The vdsAddrSelTable is used to specify one or more masked network
address or address-pair filters to isolate traffic by host or
conversation for individual interfaces or groupings (e.g., subnets) of
addresses.
7.2.3. Quality of Service Based Packet Selection
The vdsQosSelTable is used to specify one or more numeric 'Quality of
Service' identifiers, as part or all of a virtual dataSource. There are
three QoS mechanisms supported:
- IP Precedence value
- DIFFSERV Codepoint
- IEEE 802.1p user_priority
7.2.4. Protocol Based Packet Selection
The vdsProtoSelTable is used to specify one or more protocol
encapsulations, as part or all of a virtual dataSource. The RMON-2
protocolDirTable is used to identify these encapsulations.
7.2.5. Content (channelTable) Based Packet Selection
The vdsChanSelTable is used to specify one or more channelEntries, as
part or all of a virtual dataSource. The RMON-1 filter and channel
groups must be implemented to support this feature.
This selection mechanism should only be used if none of the other
classification mechanisms is appropriate, or if content based packet
selection is required.
Refer to the RMON-1 MIB [STD59] for details on configuring the
filterTable and channelTable.
7.2.6. URL Based Packet Selection
The vdsUrlSelTable is used to specify one or more Uniform Resource
Locator strings, as part or all of a virtual dataSource. This mechanism
first selects all all encapsulations of the HyperText Transfer Protocol
(HTTP), then selects all packets associated with HTTP GET or POST
transactions for specific 'URL strings'.
Expires May 25, 2001 [Page 16]
Internet Draft VDS MIB November 2000
7.3. Changes in the '01' Version
The following changes have been made in this revision of the VDS MIB
module:
- Virtual Circuit (DLCI) selection mechanism removed since DLCIs
will be monitored via individual ifIndex assignments
- StorageType object added to each control table
- IP Precedence support added to the vdsQosSelTable, by defining a
new 'ipPrecedence' enumeration for the vdsQosSelType object
- URL Query String selection support added to the vdsUrlSelTable,
by defining a new 'urlQueryString' BIT field for the
vdsUrlSelMatchFields object
8. Definitions
VDS-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Integer32, experimental
FROM SNMPv2-SMI
TruthValue, DisplayString, RowStatus, StorageType
FROM SNMPv2-TC
MODULE-COMPLIANCE, OBJECT-GROUP
FROM SNMPv2-CONF
OwnerString
FROM RMON-MIB
SmonDataSource
FROM SMON-MIB
InterfaceIndexOrZero
FROM IF-MIB;
vdsMIB MODULE-IDENTITY
LAST-UPDATED "200011250000Z"
ORGANIZATION "Cisco Systems, Inc."
CONTACT-INFO
" Andy Bierman
Cisco Systems Inc.
170 West Tasman Drive
San Jose, CA 95134
+1 408-527-3711
abierman@cisco.com"
Expires May 25, 2001 [Page 17]
Internet Draft VDS MIB November 2000
DESCRIPTION
"The MIB module for representing Virtual Data Source
Extensions to the Remote Monitoring MIB."
REVISION "200011250000Z"
DESCRIPTION
"Initial Version of the Virtual Data Source MIB."
::= { experimental xxx } -- no number assigned
vdsMIBObjects OBJECT IDENTIFIER ::= { vdsMIB 1 }
vdsControl OBJECT IDENTIFIER ::= { vdsMIBObjects 1 }
vdsSelect OBJECT IDENTIFIER ::= { vdsMIBObjects 2 }
--
-- scalar identifying packet selection capabilities
--
vdsSelectCaps OBJECT-TYPE
SYNTAX BITS {
vlanSelect(0),
vlanMulti(1),
addrSelect(2),
addrMulti(3),
qosSelect(4),
qosMulti(5),
protoSelect(6),
protoMulti(7),
chanSelect(8),
chanMulti(9),
urlSelect(10),
urlMulti(11),
comboSelect(12)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"An indication of the virtual data source packet selection
capabilities of this agent. This object should be set during
system initialization, and should remain stable until the
next re-initialization of the agent.
If this agent supports virtual LAN based packet selection,
and therefore allows entries to be created in the
vdsVlanSelTable, then the 'vlanSelect' BIT will be set. If
Expires May 25, 2001 [Page 18]
Internet Draft VDS MIB November 2000
this agent allows multiple vdsVlanSelEntries to be
configured for a single virtual data source, then the
'vlanMulti' BIT will be set.
If this agent supports network address based packet
selection, and therefore allows entries to be created in the
vdsAddrSelTable, then the 'addrSelect' BIT will be set. If
this agent allows multiple vdsAddrSelEntries to be
configured for a single virtual data source, then the
'addrMulti' BIT will be set.
If this agent supports protocol based packet selection, and
therefore allows entries to be created in the
vdsProtoSelTable, then the 'protoSelect' BIT will be set.
If this agent allows multiple vdsProtoSelEntries to be
configured for a single virtual data source, then the
'protoMulti' BIT will be set.
If this agent supports QoS based packet selection, and
therefore allows entries to be created in the
vdsQosSelTable, then the 'qosSelect' BIT will be set. If
this agent allows multiple vdsQosSelEntries to be configured
for a single virtual data source, then the 'qosMulti' BIT
will be set.
If this agent supports channelTable based packet selection,
and therefore allows entries to be created in the
vdsChanSelTable, then the 'chanSelect' BIT will be set. If
this agent allows multiple vdsChanSelEntries to be
configured for a single virtual data source, then the
'chanMulti' BIT will be set.
If this agent supports URL based HTTP packet selection, and
therefore allows entries to be created in the
vdsUrlSelTable, then the 'urlSelect' BIT will be set. If
this agent allows multiple vdsUrlSelEntries to be configured
for a single virtual data source, then the 'urlMulti' BIT
will be set.
If this agent supports combinations of packet selection
mechanisms to be used within the same virtual data source,
and therefore allows entries to be created in at least two
of the vds*SelTables, then the 'comboSelect' BIT will be
set."
::= { vdsControl 1 }
Expires May 25, 2001 [Page 19]
Internet Draft VDS MIB November 2000
--
-- Virtual Data Source Control Table
--
vdsControlTable OBJECT-TYPE
SYNTAX SEQUENCE OF VdsControlEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains one row per virtual data source, as
configured by NMS application(s). It is used to control the
overall configuration of each virtual data source.
The agent will maintain a proprietary virtual interface, on
behalf of each active vdsControlEntry. All packets which
are monitored on the 'parent' interface (identified by the
vdsControlParent object) will be classified and processed
according to the configuration for each relevant
vdsControlEntry and associated vds*SelEntries.
Each of the selection algorithms produces a boolean result
(i.e., 'selected' or 'not selected'), and these results are
combined (i.e., logical AND/OR expression) to produce a
single boolean result for the packet.
If a packet is selected, then it will be somehow presented
for monitoring on the associated virtual interface
maintained by the agent. Since a virtual interface only
exists in the RMON agent, it is expected that the same agent
will be supporting an implementation of one or more RMON
MIBs, which will allow RMON control table dataSource objects
to reference the ifEntry created on behalf of a
vdsControlEntry. The implementation details of this
'linkage', or any use of this ifEntry other than remote
monitoring, is outside the scope of this document.
Additional entries in the vdsVlanSelTable, vdsAddrSelTable,
vdsProtoSelTable, vdsQosSelTable, vdsChanSelTable, and/or
vdsUrlSelTable will be required, depending on the
configuration of this entry.
At least one selection mechanism must be configured per
vdsControlEntry. The initial state of all packet selection
algorithms is 'not selected', therefore a virtual data
source will have no effect unless a vds*SelEntry is properly
Expires May 25, 2001 [Page 20]
Internet Draft VDS MIB November 2000
configured (in addition to this entry).
NMS applications must configure the appropriate
vds*SelEntries before activated this control entry, and
those vds*SelEntries may not be modified while this entry is
active.
It is an implementation-specific manner as to the complexity
and capacity of the entries allowed in this table. Actual
configurations will be constrained by agent functionality
and platform resources."
::= { vdsControl 2 }
vdsControlEntry OBJECT-TYPE
SYNTAX VdsControlEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about a particular virtual data source."
INDEX { vdsControlIndex }
::= { vdsControlTable 1 }
VdsControlEntry ::= SEQUENCE {
vdsControlIndex Integer32,
vdsControlParent SmonDataSource,
vdsControlIfDescr DisplayString,
vdsControlIfName DisplayString,
vdsControlIfAlias DisplayString,
vdsControlVlanSelIndex Integer32,
vdsControlVlanSelNegate TruthValue,
vdsControlAddrSelIndex Integer32,
vdsControlAddrSelNegate TruthValue,
vdsControlProtoSelIndex Integer32,
vdsControlProtoSelNegate TruthValue,
vdsControlQosSelIndex Integer32,
vdsControlQosSelNegate TruthValue,
vdsControlChanSelIndex Integer32,
vdsControlUrlSelIndex Integer32,
vdsControlUrlSelNegate TruthValue,
vdsControlExprType INTEGER,
vdsControlIfIndex InterfaceIndexOrZero,
vdsControlOwner OwnerString,
vdsControlStorageType StorageType,
vdsControlStatus RowStatus
}
Expires May 25, 2001 [Page 21]
Internet Draft VDS MIB November 2000
vdsControlIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary and unique index for this vdsControlEntry."
::= { vdsControlEntry 1 }
vdsControlParent OBJECT-TYPE
SYNTAX SmonDataSource
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object identifies the actual data source to be used as
the source of all packets for this virtual data source. A
valid dataSourceCapsEntry must be maintained by the agent on
behalf of this 'parent' interface.
If the ifOperStatus for the parent's ifEntry is not equal to
'up', then no packets will be available to this virtual data
source.
This object must identify a valid SmonDataSource. Virtual
data sources cannot be represented in the SMON
dataSourceCapsTable. However, the dataSourceRmonCaps object
in the dataSourceCapsEntry for this entry can be used to
identify most of the attributes that a virtual data source
inherits from its parent. The 'countErrFrames',
'countAllGoodFrames', and 'babyGiantsCountAsGood' BITs are
all inherited from the parent data source. The
'countAnyRmonTables' BIT is not inherited, as it is assumed
to be set for virtual data sources. An agent is required to
support at least one RMON collection type for each virtual
data source.
This object may not be modified if the associated
vdsControlStatus object is equal to active(1)."
REFERENCE
"Remote Network Monitoring MIB Extensions for Switched
Networks, RFC 2613, section 2.3.1, and section 5."
::= { vdsControlEntry 2 }
vdsControlIfDescr OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..255))
MAX-ACCESS read-create
Expires May 25, 2001 [Page 22]
Internet Draft VDS MIB November 2000
STATUS current
DESCRIPTION
"A textual string describing this virtual data source. This
configured value is used for the value of the ifDescr
instance created on behalf of this control entry."
::= { vdsControlEntry 3 }
vdsControlIfName OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"A textual string naming this virtual data source. This
configured value is used for the value of the ifName
instance created on behalf of this control entry."
::= { vdsControlEntry 4 }
vdsControlIfAlias OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..64))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"A textual string specifying an alias name for this virtual
data source. This configured value is used for the value of
the ifAlias instance created on behalf of this control
entry."
::= { vdsControlEntry 5 }
vdsControlVlanSelIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object controls whether any Virtual LAN traffic
selection is performed on behalf of this vdsControlEntry,
and is used in conjunction with the vdsControlVlanSelNegate
object.
If this object contains the value zero, then no Virtual LAN
based traffic selection is performed on behalf of this
vdsControlEntry. Otherwise, this object identifies one or
more rows in the vdsVlanSelTable, (i.e., with the same
vdsVlanSelIndex value as identified by this object) which
specify the Virtual LANs to select for monitoring, from the
parent data source.
Expires May 25, 2001 [Page 23]
Internet Draft VDS MIB November 2000
This object may not be modified if the associated
vdsControlStatus object is equal to active(1)."
::= { vdsControlEntry 6 }
vdsControlVlanSelNegate OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object controls the boolean sense of the result of the
Virtual LAN based packet selection algorithm, and has no
effect if the associated vdsControlVlanSelIndex object is
equal to zero.
If a packet that is 'tested' against the selection list
(specified by the vdsControlVlanSelIndex) would be selected,
and this object equals 'true', then the packet is not
selected.
This object may not be modified if the associated
vdsControlStatus object is equal to active(1)."
DEFVAL { false }
::= { vdsControlEntry 7 }
vdsControlAddrSelIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object controls whether any network address based
traffic selection is performed on behalf of this
vdsControlEntry, and is used in conjunction with the
vdsControlAddrSelNegate object.
If this object contains the value zero, then no network
address based traffic selection is performed on behalf of
this vdsControlEntry. Otherwise, this object identifies one
or more rows in the vdsAddrSelTable, (i.e., with the same
vdsAddrSelIndex value as identified by this object) which
specify the hosts and/or host-pairs to select for
monitoring, from the parent data source.
This object may not be modified if the associated
vdsControlStatus object is equal to active(1)."
::= { vdsControlEntry 8 }
Expires May 25, 2001 [Page 24]
Internet Draft VDS MIB November 2000
vdsControlAddrSelNegate OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object controls the boolean sense of the result of the
network address based packet selection algorithm, and has no
effect if the associated vdsControlAddrSelIndex object is
equal to zero.
If a packet that is 'tested' against the selection list
(specified by the vdsControlAddrSelIndex) would be selected,
and this object equals 'true', then the packet is not
selected.
This object may not be modified if the associated
vdsControlStatus object is equal to active(1)."
DEFVAL { false }
::= { vdsControlEntry 9 }
vdsControlProtoSelIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object controls whether any protocol based traffic
selection is performed on behalf of this vdsControlEntry,
and is used in conjunction with the vdsControlProtoSelNegate
object.
If this object contains the value zero, then no protocol
based traffic selection is performed on behalf of this
vdsControlEntry. Otherwise, this object identifies one or
more rows in the vdsProtoSelTable, (i.e., with the same
vdsProtoSelIndex value as identified by this object) which
specify the protocol encapsulations to select for
monitoring, from the parent data source.
This object may not be modified if the associated
vdsControlStatus object is equal to active(1)."
::= { vdsControlEntry 10 }
vdsControlProtoSelNegate OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
Expires May 25, 2001 [Page 25]
Internet Draft VDS MIB November 2000
STATUS current
DESCRIPTION
"This object controls the boolean sense of the result of the
protocol based packet selection algorithm, and has no effect
if the associated vdsControlProtoSelIndex object is equal to
zero.
If a packet that is 'tested' against the selection list
(specified by the vdsControlProtoSelIndex) would be
selected, and this object equals 'true', then the packet is
not selected.
This object may not be modified if the associated
vdsControlStatus object is equal to active(1)."
DEFVAL { false }
::= { vdsControlEntry 11 }
vdsControlQosSelIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object controls whether any quality of service based
traffic selection is performed on behalf of this
vdsControlEntry, and is used in conjunction with the
vdsControlQosSelNegate object.
If this object contains the value zero, then no quality of
service based traffic selection is performed on behalf of
this vdsControlEntry. Otherwise, this object identifies one
or more rows in the vdsQosSelTable, (i.e., with the same
vdsQosSelIndex value as identified by this object) which
specify the QoS classifications to select for monitoring,
from the parent data source.
This object may not be modified if the associated
vdsControlStatus object is equal to active(1)."
::= { vdsControlEntry 12 }
vdsControlQosSelNegate OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object controls the boolean sense of the result of the
Expires May 25, 2001 [Page 26]
Internet Draft VDS MIB November 2000
quality of service based packet selection algorithm, and has
no effect if the associated vdsControlQosSelIndex object is
equal to zero.
If a packet that is 'tested' against the selection list
(specified by the vdsControlQosSelIndex) would be selected,
and this object equals 'true', then the packet is not
selected.
This object may not be modified if the associated
vdsControlStatus object is equal to active(1)."
DEFVAL { false }
::= { vdsControlEntry 13 }
vdsControlChanSelIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object controls whether any content (channelTable)
based traffic selection is performed on behalf of this
vdsControlEntry.
If this object contains the value zero, then no content
based traffic selection is performed on behalf of this
vdsControlEntry. Otherwise, this object identifies one or
more rows in the vdsChanSelTable, (i.e., with the same
vdsChanSelIndex value as identified by this object) which
specify the RMON channels to select for monitoring, from the
parent data source.
This object may not be modified if the associated
vdsControlStatus object is equal to active(1)."
::= { vdsControlEntry 14 }
vdsControlUrlSelIndex OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object controls whether any URL based traffic
selection is performed on behalf of this vdsControlEntry,
and is used in conjunction with the vdsControlUrlSelNegate
object.
Expires May 25, 2001 [Page 27]
Internet Draft VDS MIB November 2000
If this object contains the value zero, then no URL based
traffic selection is performed on behalf of this
vdsControlEntry. Otherwise, this object identifies one or
more rows in the vdsUrlSelTable, (i.e., with the same
vdsUrlSelIndex value as identified by this object) which
specify the URL classifications to select for monitoring,
from the parent data source.
This object may not be modified if the associated
vdsControlStatus object is equal to active(1)."
::= { vdsControlEntry 15 }
vdsControlUrlSelNegate OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object controls the boolean sense of the result of the
URL based packet selection algorithm, and has no effect if
the associated vdsControlUrlSelIndex object is equal to
zero.
If a packet that is 'tested' against the selection list
(specified by the vdsControlUrlSelIndex) would be selected,
and this object equals 'true', then the packet is not
selected.
This object may not be modified if the associated
vdsControlStatus object is equal to active(1)."
DEFVAL { false }
::= { vdsControlEntry 16 }
vdsControlExprType OBJECT-TYPE
SYNTAX INTEGER {
union(1),
intersect(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object controls how the various packet selection
mechanisms are combined, on behalf of this vdsControlEntry.
Each vds*SelTable group configured on behalf of this entry
will be evaluated according to the rules specified in each
Expires May 25, 2001 [Page 28]
Internet Draft VDS MIB November 2000
table.
If combinations of packet selection sources are supported,
then this object can be used to control how the boolean
results from each selection process are combined.
If this object contains the value 'union(1)', then the
packets contained in this virtual data source are selected
by the union of all packet selection mechanisms specified in
this entry. I.e., any configured selection mechanism that
produces a 'selected' result will cause a packet to be
selected for the virtual data source.
If this object contains the value 'intersect(1)', then the
packets contained in this virtual data source are selected
by the intersection of all packet selection mechanisms
specified in this entry. I.e., all configured selection
mechanisms must produce a 'selected' result, for a packet to
be selected for the virtual data source.
This object may not be modified if the associated
vdsControlStatus object is equal to active(1)."
::= { vdsControlEntry 17 }
vdsControlIfIndex OBJECT-TYPE
SYNTAX InterfaceIndexOrZero
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object identifies the virtual interface that has been
created on behalf of this vdsControlEntry.
Unless this entry is activated, this object will contain the
value zero.
Upon row activation, the agent will set this object to the
ifIndex value assigned on behalf of this vdsControlEntry.
The associated ifEntry (with an ifType of 'propVirtual')
will exist in the ifTable as long as this entry is active."
::= { vdsControlEntry 18 }
vdsControlOwner OBJECT-TYPE
SYNTAX OwnerString
MAX-ACCESS read-create
STATUS current
Expires May 25, 2001 [Page 29]
Internet Draft VDS MIB November 2000
DESCRIPTION
"The entity that configured this entry and is therefore
using the resources assigned to it."
::= { vdsControlEntry 19 }
vdsControlStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The non-volatile storage behavior for this entry."
::= { vdsControlEntry 20 }
vdsControlStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this virtual data source entry.
An entry may not exist in the active state unless all
objects in the entry have an appropriate value.
If this object is not equal to active(1), any RMON
collection data in progress, for which the dataSource object
references the ifEntry associated with this virtual data
source, and the ifEntry itself, shall be deleted."
::= { vdsControlEntry 21 }
--
-- Virtual LAN Select Table
--
vdsVlanSelTable OBJECT-TYPE
SYNTAX SEQUENCE OF VdsVlanSelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table controls how Virtual LAN based packet selection
is performed on behalf of particular vdsControlEntries
configured on this agent.
For each vdsControlEntry that references this table, the
vdsControlParent object must specify a data source in the
Expires May 25, 2001 [Page 30]
Internet Draft VDS MIB November 2000
form 'ifIndex.<I>', where 'I' represents an ifIndex value of
an interface which supports IEEE 802.1Q VLAN encapsulation.
VLAN data sources are identified by the IEEE VLAN ID field
[DOT1Q]. All packets which belong to the VLAN identified by
the vdsVlanSelVID object shall be selected.
All entries with the same vdsControlVlanSelIndex are
evaluated as a group, and an individual packet is selected
if the evaluation of any row within the group produces a
'selected' result. There is no evaluation ordering defined
for each row within a group, and an agent may choose to stop
evaluation after the first 'selected' result.
It is an implementation-specific manner as to the complexity
and capacity of the entries allowed in this table. Actual
configurations will be constrained by agent functionality
and platform resources."
REFERENCE
"Draft Standard for Virtual Bridged Local Area Networks,
P802.1Q/D10, chapter 3.13"
::= { vdsSelect 1 }
vdsVlanSelEntry OBJECT-TYPE
SYNTAX VdsVlanSelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about a particular Virtual LAN based packet
selection control entry."
INDEX { vdsVlanSelIndex, vdsVlanSelSubIndex }
::= { vdsVlanSelTable 1 }
VdsVlanSelEntry ::= SEQUENCE {
vdsVlanSelIndex Integer32,
vdsVlanSelSubIndex Integer32,
vdsVlanSelVID Integer32,
vdsVlanSelStorageType StorageType,
vdsVlanSelStatus RowStatus
}
vdsVlanSelIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
Expires May 25, 2001 [Page 31]
Internet Draft VDS MIB November 2000
DESCRIPTION
"An arbitrary and unique group index for this
vdsVlanSelEntry. All entries in this table, for which this
object contains the same value, will be evaluated together
as a group, on behalf of particular vdsControlEntries."
::= { vdsVlanSelEntry 1 }
vdsVlanSelSubIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary and unique index for this vdsVlanSelEntry.
Note that no packet selection algorithm evaluation order is
implied by the value of this object."
::= { vdsVlanSelEntry 2 }
vdsVlanSelVID OBJECT-TYPE
SYNTAX Integer32 (1..4094)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The VLAN ID value to be used for packet selection. Packets
determined to belong to the VLAN identified by this object
will be included for selection.
The packets selected are based on the IEEE 802.1Q VLAN-ID
(VID), for each good frame attributed to the data source for
the collection.
Tagged packets match the VID for the range between 1 and
4094. An external RMON probe MAY detect VID=0 on an Inter
Switch Link, in which case the packet belongs to a VLAN
determined by the PVID of the ingress port.
This object may not be modified if the associated
vdsVlanSelStatus object is equal to active(1)."
::= { vdsVlanSelEntry 3 }
vdsVlanSelStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The non-volatile storage behavior for this entry."
Expires May 25, 2001 [Page 32]
Internet Draft VDS MIB November 2000
::= { vdsVlanSelEntry 4 }
vdsVlanSelStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this Virtual LAN selection entry.
An entry may not exist in the active state unless all
objects in the entry have an appropriate value.
This object may not be modified while any vdsControlEntry
that references this entry is active."
::= { vdsVlanSelEntry 5 }
--
-- Network Address Select Table
--
vdsAddrSelTable OBJECT-TYPE
SYNTAX SEQUENCE OF VdsAddrSelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table controls how network address based packet
selection is performed on behalf of particular
vdsControlEntries configured on this agent.
Packet selection can be based on a single host address, or a
host-address pair, and is determined only by the Source and
Destination addresses found in each packet, not by the
'packet direction' on the network. One address or address-
pair is specified in each vdsAddrSelEntry.
All entries with the same vdsControlAddrSelIndex are
evaluated as a group, and an individual packet is selected
if the evaluation of any row within the group produces a
'selected' result. There is no evaluation ordering defined
for each row within a group, and an agent may choose to stop
evaluation after the first 'selected' result.
It is an implementation-specific manner as to the complexity
and capacity of the entries allowed in this table. Actual
Expires May 25, 2001 [Page 33]
Internet Draft VDS MIB November 2000
configurations will be constrained by agent functionality
and platform resources."
::= { vdsSelect 2 }
vdsAddrSelEntry OBJECT-TYPE
SYNTAX VdsAddrSelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about a particular address based packet
selection control entry."
INDEX { vdsAddrSelIndex, vdsAddrSelSubIndex }
::= { vdsAddrSelTable 1 }
VdsAddrSelEntry ::= SEQUENCE {
vdsAddrSelIndex Integer32,
vdsAddrSelSubIndex Integer32,
vdsAddrSelType INTEGER,
vdsAddrSelNetProtoID OCTET STRING,
vdsAddrSelNetProtoParms OCTET STRING,
vdsAddrSelHost1Addr OCTET STRING,
vdsAddrSelHost1Mask OCTET STRING,
vdsAddrSelHost2Addr OCTET STRING,
vdsAddrSelHost2Mask OCTET STRING,
vdsAddrSelStorageType StorageType,
vdsAddrSelStatus RowStatus
}
vdsAddrSelIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary and unique group index for this
vdsAddrSelEntry. All entries in this table, for which this
object contains the same value, will be evaluated together
as a group, on behalf of particular vdsControlEntries."
::= { vdsAddrSelEntry 1 }
vdsAddrSelSubIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary and unique index for this vdsAddrSelEntry.
Expires May 25, 2001 [Page 34]
Internet Draft VDS MIB November 2000
Note that no packet selection algorithm evaluation order is
implied by the value of this object."
::= { vdsAddrSelEntry 2 }
vdsAddrSelType OBJECT-TYPE
SYNTAX INTEGER {
host(1),
conversation(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object controls the way vdsAddrSelEntries are
evaluated, for packet selection purposes.
If this object has a value of 'host(1)', then this entry
selects all packets addressed to or from 'host1', and only
the vdsAddrSelHost1 and vdsAddrSelHost1Mask objects are used
in this packet selection process. Refer to the description
clauses for these objects for details on the packet
selection algorithm.
If this object has a value of 'conversation(2)', then this
entry selects all packets addressed from 'host1' to 'host2',
and all packets addressed from 'host2' to 'host1'. The
vdsAddrSelHost1, vdsAddrSelHost1Mask, vdsAddrSelHost2 and
vdsAddrSelHost2Mask objects are used in the packet selection
process. Refer to the description clauses for these objects
for details on the packet selection algorithm.
This object may not be modified if the associated
vdsAddrSelStatus object is equal to active(1)."
::= { vdsAddrSelEntry 3 }
vdsAddrSelNetProtoID OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object is used in conjunction with the
vdsAddrSelNetProtoParms object to specify the
protocolDirEntry which identifies the network layer protocol
used in this entry. Only packets which contain a network
layer protocol which matches the protocol identified by this
entry will be considered in the address based packet
Expires May 25, 2001 [Page 35]
Internet Draft VDS MIB November 2000
selection algorithms defined in this table.
If an 'exact' encapsulation of a network protocol is
specified, (e.g., a specific base layer encapsulation is
present instead of a 'wild-card' base layer, or a tunneled
network encapsulation is present) then only packets which
match the same encapsulation (i.e., same protocols up to and
including the last protocol layer specified in this entry)
will be considered in the address based packet selection
algorithms defined in this table.
The associated vdsAddrSelHost1, vdsAddrSelHostMask,
vdsAddrSelHost2, and vdsAddrSelHost2Mask objects will be
interpreted according to the value of this object and the
associated vdsAddrSelNetProtoParms object.
This object may not be modified if the associated
vdsAddrSelStatus object is equal to active(1)."
::= { vdsAddrSelEntry 4 }
vdsAddrSelNetProtoParms OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object is used in conjunction with the
vdsAddrSelNetProtoID object to specify the protocolDirEntry
which identifies the network layer protocol used in this
entry.
The associated vdsAddrSelHost1, vdsAddrSelHostMask,
vdsAddrSelHost2, and vdsAddrSelHost2Mask objects will be
interpreted according to the value of this object and the
associated vdsAddrSelNetProtoID object.
Refer to the vdsAddrSelNetProtoID description clause for
more details pertaining to this object.
This object may not be modified if the associated
vdsAddrSelStatus object is equal to active(1)."
::= { vdsAddrSelEntry 5 }
vdsAddrSelHost1Addr OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-create
Expires May 25, 2001 [Page 36]
Internet Draft VDS MIB November 2000
STATUS current
DESCRIPTION
"This object identifies a network address to be used as a
parameter in the address based packet selection process. It
must be a well-formed address according to the encoding
rules defined for the network protocol for this entry
(identified by the vdsAddrSelNetProtoID and
vdsAddrSelNetProtoParms objects).
For each examined packet which matches the network type
(according to the algorithm defined in the
vdsAddrSelNetProtoID object):
1) 'Bitwise AND' each octet of this object with
each octet of the associated vdsAddrSelHost1Mask
value. Note that the result of this step is
a constant value, and may be used for all relevant
packets, rather than re-computing this value each
time a packet is processed.
2) 'Bitwise AND' each octet of the network source
address in the packet with each octet of the
associated vdsAddrSelHost1Mask value
3) Compare the results of step (1) and step (2);
if equal, the packet is selected;
otherwise continue to step (4)
4) 'Bitwise AND' each octet of the network
destination address in the packet with each
octet of the associated vdsAddrSelHost1Mask value
5) Compare the results of step (1) and step (4);
if equal, the packet is selected, otherwise it is
not selected.
This object may not be modified if the associated
vdsAddrSelStatus object is equal to active(1)."
::= { vdsAddrSelEntry 7 }
vdsAddrSelHost1Mask OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object identifies a mask that may be applied during
network address packet selection. It is used differently,
depending on the value of the associated vdsAddrSelType
object.
Expires May 25, 2001 [Page 37]
Internet Draft VDS MIB November 2000
It must be a well-formed address mask, according to the
encoding rules defined for the network protocol for this
entry (identified by the vdsAddrSelNetProtoID and
vdsAddrSelNetProtoParms objects).
If this object is smaller in length than the
vdsAddrSelHost1Addr object, then this object shall be
conceptually extended with 'one' bits. If this object is
larger in length than the vdsAddrSelHost1Addr object, then
the extra bits in this object shall be ignored during packet
processing on behalf of this entry.
Refer to the vdsAddrSelHost1Addr description clause for more
details pertaining to this object.
This object may not be modified if the associated
vdsAddrSelStatus object is equal to active(1)."
::= { vdsAddrSelEntry 8 }
vdsAddrSelHost2Addr OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object identifies a network address to be used as a
parameter in the address based packet selection process.
If the associated vdsAddrSelType object is equal to
'host(1)', then this object is ignored by the agent.
Otherwise, this object must identify a well-formed address
according to the encoding rules defined for the network
protocol for this entry (identified by the
vdsAddrSelNetProtoID and vdsAddrSelNetProtoParms objects),
and the following algorithm is used to select packets on
behalf of this entry:
For each examined packet which matches the network type
(according to the algorithm defined in the
vdsAddrSelNetProtoID object):
1) 'Bitwise AND' each octet of the vdsAddrSelHost1Addr
object with each octet of the associated
vdsAddrSelHost1Mask value. Note that the result of
this step is a constant value, and may be used for
Expires May 25, 2001 [Page 38]
Internet Draft VDS MIB November 2000
all relevant packets, rather than re-computing this
value each time a packet is processed.
2) 'Bitwise AND' this each octet of object object with
each octet of the associated vdsAddrSelHost2Mask
value. Note that the result of this step is a
constant value, and may be used for all relevant
packets, rather than re-computing this value each
time a packet is processed.
3) 'Bitwise AND' each octet of the network source
address in the packet with each octet of the
associated vdsAddrSelHost1Mask value
4) 'Bitwise AND' the each octet of the network
destination address in the packet with each octet
of the associated vdsAddrSelHost2Mask value
5) (Check if host1 is sending to host2)
Compare the results of step (1) and step (3);
Compare the results of step (2) and step (4);
If the results of step (1) equals the results of
step (3), and the results of step (2) equals the
results of step (4), then the packet is selected;
Otherwise continue to step (6)
6) (Check if host2 is sending to host1)
Compare the results of step (1) and step (4);
Compare the results of step (2) and step (3);
If the results of step (1) equals the results of
step (4), and the results of step (2) equals the
results of step (3), then the packet is selected;
Otherwise the packet is not selected.
This object may not be modified if the associated
vdsAddrSelStatus object is equal to active(1)."
::= { vdsAddrSelEntry 9 }
vdsAddrSelHost2Mask OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object identifies a mask that may be applied during
network address packet selection.
If the associated vdsAddrSelType object is equal to
'host(1)', then this object is ignored by the agent.
Expires May 25, 2001 [Page 39]
Internet Draft VDS MIB November 2000
Otherwise, this object must identify a well-formed address
mask, according to the encoding rules defined for the
network protocol for this entry (identified by the
vdsAddrSelNetProtoID and vdsAddrSelNetProtoParms objects),
and the algorithm defined in the vdsAddrSelHost2Addr object
is used to select packets on behalf of this entry.
If this object is smaller in length than the
vdsAddrSelHost2Addr object, then this object shall be
conceptually extended with 'one' bits. If this object is
larger in length than the vdsAddrSelHost2Addr object, then
the extra bits in this object shall be ignored during packet
processing on behalf of this entry.
Refer to the vdsAddrSelHost2Addr description clause for more
details pertaining to this object.
This object may not be modified if the associated
vdsAddrSelStatus object is equal to active(1)."
::= { vdsAddrSelEntry 10 }
vdsAddrSelStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The non-volatile storage behavior for this entry."
::= { vdsAddrSelEntry 11 }
vdsAddrSelStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this address based packet selection entry.
An entry may not exist in the active state unless all
objects in the entry have an appropriate value.
This object may not be modified while any vdsControlEntry
that references this entry is active."
::= { vdsAddrSelEntry 12 }
--
Expires May 25, 2001 [Page 40]
Internet Draft VDS MIB November 2000
-- Protocol Select Table
--
vdsProtoSelTable OBJECT-TYPE
SYNTAX SEQUENCE OF VdsProtoSelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table controls how protocol based packet selection is
performed on behalf of particular vdsControlEntries
configured on this agent.
A packet is selected if its protocol encapsulations match
all of those specified by the vdsProtoSelID and
vdsProtoSelParms objects in this entry. Note that the
specified encapsulation may identify an internal protocol or
a leaf (application) protocol, and the base layer may
contain wild-card or exact encapsulations.
All entries with the same vdsControlProtoSelIndex are
evaluated as a group, and an individual packet is selected
if the evaluation of any row within the group produces a
'selected' result. There is no evaluation ordering defined
for each row within a group, and an agent may choose to stop
evaluation after the first 'selected' result.
It is an implementation-specific manner as to the complexity
and capacity of the entries allowed in this table. Actual
configurations will be constrained by agent functionality
and platform resources."
REFERENCE
"Remote Network Monitoring Management Information Base
Version 2 using SMIv2, RFC 2021, section 6."
::= { vdsSelect 3 }
vdsProtoSelEntry OBJECT-TYPE
SYNTAX VdsProtoSelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about a particular protocol based packet
selection control entry."
INDEX { vdsProtoSelIndex, vdsProtoSelSubIndex }
::= { vdsProtoSelTable 1 }
Expires May 25, 2001 [Page 41]
Internet Draft VDS MIB November 2000
VdsProtoSelEntry ::= SEQUENCE {
vdsProtoSelIndex Integer32,
vdsProtoSelSubIndex Integer32,
vdsProtoSelID OCTET STRING,
vdsProtoSelParms OCTET STRING,
vdsProtoSelStorageType StorageType,
vdsProtoSelStatus RowStatus
}
vdsProtoSelIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary and unique group index for this
vdsProtoSelEntry. All entries in this table, for which this
object contains the same value, will be evaluated together
as a group, on behalf of particular vdsControlEntries."
::= { vdsProtoSelEntry 1 }
vdsProtoSelSubIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary and unique index for this vdsProtoSelEntry.
Note that no packet selection algorithm evaluation order is
implied by the value of this object."
::= { vdsProtoSelEntry 2 }
vdsProtoSelID OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object identifies the protocolDirID portion of the
index value which identifies the protocol encapsulation used
in this entry. It is used in conjunction with the
vdsProtoSelParms object to specify the protocolDirEntry
associated with this entry.
Packets which match all the protocol encapsulations
identified by this entry are selected for processing, on
behalf of a particular vdsControlEntry.
Expires May 25, 2001 [Page 42]
Internet Draft VDS MIB November 2000
Only the protocol layers identified by this entry are
compared, even if additional protocol layers are present in
the packet.
This object may not be modified if the associated
vdsProtoSelStatus object is equal to active(1)."
::= { vdsProtoSelEntry 3 }
vdsProtoSelParms OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object identifies the protocolDirParameters portion of
the index value which identifies the protocol encapsulation
used in this entry. It is used in conjunction with the
vdsProtoSelID object to specify the protocolDirEntry
associated with this entry.
Refer to the vdsProtoSelID description clause for more
details pertaining to this object.
This object may not be modified if the associated
vdsProtoSelStatus object is equal to active(1)."
::= { vdsProtoSelEntry 4 }
vdsProtoSelStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The non-volatile storage behavior for this entry."
::= { vdsProtoSelEntry 5 }
vdsProtoSelStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this protocol based packet selection entry.
An entry may not exist in the active state unless all
objects in the entry have an appropriate value.
This object may not be modified while any vdsControlEntry
Expires May 25, 2001 [Page 43]
Internet Draft VDS MIB November 2000
that references this entry is active."
::= { vdsProtoSelEntry 6 }
--
-- Quality of Service Packet Select Table
--
vdsQosSelTable OBJECT-TYPE
SYNTAX SEQUENCE OF VdsQosSelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table controls how Quality of Service based packet
selection is performed on behalf of particular
vdsControlEntries configured on this agent.
QoS data sources are identified by the type of QoS
classification mechanism, and particular QoS classification
values. All packets which match the configured QoS
classifications are selected.
Packet selection can be based on the following types of QoS:
- DIFFSERV CodePoint (DSCP)
- IEEE 802.1p user_priority field
All entries with the same vdsControlQosSelIndex are
evaluated as a group, and an individual packet is selected
if the evaluation of any row within the group produces a
'selected' result. There is no evaluation ordering defined
for each row within a group, and an agent may choose to stop
evaluation after the first 'selected' result.
It is an implementation-specific manner as to the complexity
and capacity of the entries allowed in this table. Actual
configurations will be constrained by agent functionality
and platform resources."
::= { vdsSelect 4 }
vdsQosSelEntry OBJECT-TYPE
SYNTAX VdsQosSelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about a particular QoS based packet selection
Expires May 25, 2001 [Page 44]
Internet Draft VDS MIB November 2000
control entry."
INDEX { vdsQosSelIndex, vdsQosSelSubIndex }
::= { vdsQosSelTable 1 }
VdsQosSelEntry ::= SEQUENCE {
vdsQosSelIndex Integer32,
vdsQosSelSubIndex Integer32,
vdsQosSelType INTEGER,
vdsQosSelValue Integer32,
vdsQosSelStorageType StorageType,
vdsQosSelStatus RowStatus
}
vdsQosSelIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary and unique group index for this
vdsQosSelEntry. All entries in this table, for which this
object contains the same value, will be evaluated together
as a group, on behalf of particular vdsControlEntries."
::= { vdsQosSelEntry 1 }
vdsQosSelSubIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary and unique index for this vdsQosSelEntry.
Note that no packet selection algorithm evaluation order is
implied by the value of this object."
::= { vdsQosSelEntry 2 }
vdsQosSelType OBJECT-TYPE
SYNTAX INTEGER {
ipPrecedence(1),
dscp(2),
dot1qPrio(3)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object controls the way vdsQosSelEntries are
evaluated, for packet selection purposes.
Expires May 25, 2001 [Page 45]
Internet Draft VDS MIB November 2000
If this object has a value of 'ipPrecedence(1)', then this
entry selects all packets with the same IP header Precedence
field value.
If this object has a value of 'dscp(2)', then this entry
selects all IPv4 and IPv6 packets with the same DIFFSERV
CodePoint value as that specified in the associated
vdsQosSelValue object.
If this object has a value of 'dot1qPrio(3)', then this
entry selects all IEEE 802.1Q VLAN based packets with the
same 'user_priority' value as that specified in the
associated vdsQosSelValue object.
This object may not be modified if the associated
vdsQosSelStatus object is equal to active(1)."
::= { vdsQosSelEntry 3 }
vdsQosSelValue OBJECT-TYPE
SYNTAX Integer32 (0..63)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object contains the numeric comparison value to be
used in the QoS based packet selection algorithm on behalf
of this entry.
If the associated vdsQosSelType object has a value of
'ipPrecedence(1)', then this object must contain a value in
the range of '0' to '7'.
If the associated vdsQosSelType object has a value of
'dscp(2)', then this object must contain a value in the
range of '0' to '63'.
If the associated vdsQosSelType object has a value of
'dot1qPrio(3)', then this object must contain a value in the
range of '0' to '7'.
All packets which match the QoS classification type
identified in the associated vdsQoSSelType object, and the
QoS classification value identified by this object are
selected.
This object may not be modified if the associated
Expires May 25, 2001 [Page 46]
Internet Draft VDS MIB November 2000
vdsQosSelStatus object is equal to active(1)."
::= { vdsQosSelEntry 4 }
vdsQosSelStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The non-volatile storage behavior for this entry."
::= { vdsQosSelEntry 5 }
vdsQosSelStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this QoS based packet selection entry.
An entry may not exist in the active state unless all
objects in the entry have an appropriate value.
This object may not be modified while any vdsControlEntry
that references this entry is active."
::= { vdsQosSelEntry 6 }
--
-- ChannelTable Based Packet Select Table
--
vdsChanSelTable OBJECT-TYPE
SYNTAX SEQUENCE OF VdsChanSelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table controls how channelTable based packet selection
is performed on behalf of particular vdsControlEntries
configured on this agent.
All packets which would be accepted by an RMON channel and
(potentially) processed by one or more bufferEntries, (i.e.,
the output of the channel function, after the
channelAcceptType is applied) are selected for processing.
Note that the channelIfIndex object in the specified
channelEntry must identify the same interface as indicated
by the vdsControlParent object in vdsControlEntries which
Expires May 25, 2001 [Page 47]
Internet Draft VDS MIB November 2000
reference this table. An agent will ignore entries in this
table during the selection process, unless this condition is
true.
All entries with the same vdsControlChanSelIndex are
evaluated as a group, and an individual packet is selected
if the evaluation of any row within the group produces a
'selected' result. There is no evaluation ordering defined
for each row within a group, and an agent may choose to stop
evaluation after the first 'selected' result.
It is an implementation-specific manner as to the complexity
and capacity of the entries allowed in this table. Actual
configurations will be constrained by agent functionality
and platform resources."
REFERENCE
"Remote Network Monitoring Management Information Base, STD
59, RFC 2819, section 5."
::= { vdsSelect 5 }
vdsChanSelEntry OBJECT-TYPE
SYNTAX VdsChanSelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about a particular channelTable based packet
selection control entry."
INDEX { vdsChanSelIndex, vdsChanSelSubIndex }
::= { vdsChanSelTable 1 }
VdsChanSelEntry ::= SEQUENCE {
vdsChanSelIndex Integer32,
vdsChanSelSubIndex Integer32,
vdsChanSelChanIdx Integer32,
vdsChanSelStorageType StorageType,
vdsChanSelStatus RowStatus
}
vdsChanSelIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary and unique group index for this
vdsChanSelEntry. All entries in this table, for which this
Expires May 25, 2001 [Page 48]
Internet Draft VDS MIB November 2000
object contains the same value, will be evaluated together
as a group, on behalf of particular vdsControlEntries."
::= { vdsChanSelEntry 1 }
vdsChanSelSubIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary and unique index for this vdsChanSelEntry.
Note that no packet selection algorithm evaluation order is
implied by the value of this object."
::= { vdsChanSelEntry 2 }
vdsChanSelChanIdx OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object identifies the channelIndex value associated
with the channelEntry to use on behalf of this entry.
If this object does not reference a valid and active
channelEntry, then this entry is ignored in the packet
selection algorithm. Otherwise, the packets selected by the
identified channelEntry are selected by this entry.
This object may not be modified if the associated
vdsChanSelStatus object is equal to active(1)."
::= { vdsChanSelEntry 3 }
vdsChanSelStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The non-volatile storage behavior for this entry."
::= { vdsChanSelEntry 4 }
vdsChanSelStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
Expires May 25, 2001 [Page 49]
Internet Draft VDS MIB November 2000
"The status of this channelTable based packet selection
entry.
An entry may not exist in the active state unless all
objects in the entry have an appropriate value.
This object may not be modified while any vdsControlEntry
that references this entry is active."
::= { vdsChanSelEntry 5 }
--
-- URL Based Packet Select Table
--
vdsUrlSelTable OBJECT-TYPE
SYNTAX SEQUENCE OF VdsUrlSelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table controls how URL based packet selection is
performed on behalf of particular vdsControlEntries
configured on this agent.
All packets which match some encapsulation of HTTP are
considered for selection. The agent must be capable of
associating the URL that identifies some amount of HTTP
based content, to individual packets on a network. If a
packet is part of the content associated with a URL that
matches any of the 'URL strings' within a group (defined
below), then it is selected.
All entries with the same vdsControlUrlSelIndex are
evaluated as a group, and an individual packet is selected
if the evaluation of any row within the group produces a
'selected' result. There is no evaluation ordering defined
for each row within a group, and an agent may choose to stop
evaluation after the first 'selected' result.
It is an implementation-specific manner as to the complexity
and capacity of the entries allowed in this table. Actual
configurations will be constrained by agent functionality
and platform resources."
::= { vdsSelect 6 }
Expires May 25, 2001 [Page 50]
Internet Draft VDS MIB November 2000
vdsUrlSelEntry OBJECT-TYPE
SYNTAX VdsUrlSelEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about a particular URL based packet selection
control entry."
INDEX { vdsUrlSelIndex, vdsUrlSelSubIndex }
::= { vdsUrlSelTable 1 }
VdsUrlSelEntry ::= SEQUENCE {
vdsUrlSelIndex Integer32,
vdsUrlSelSubIndex Integer32,
vdsUrlSelString OCTET STRING,
vdsUrlSelMatchFields BITS,
vdsUrlSelPathMatchType INTEGER,
vdsUrlSelStorageType StorageType,
vdsUrlSelStatus RowStatus
}
vdsUrlSelIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary and unique group index for this
vdsUrlSelEntry. All entries in this table, for which this
object contains the same value, will be evaluated together
as a group, on behalf of particular vdsControlEntries."
::= { vdsUrlSelEntry 1 }
vdsUrlSelSubIndex OBJECT-TYPE
SYNTAX Integer32 (1..2147483647)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An arbitrary and unique index for this vdsUrlSelEntry.
Note that no packet selection algorithm evaluation order is
implied by the value of this object."
::= { vdsUrlSelEntry 2 }
vdsUrlSelString OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (1..2048))
MAX-ACCESS read-create
STATUS current
Expires May 25, 2001 [Page 51]
Internet Draft VDS MIB November 2000
DESCRIPTION
"This object identifies the URL to match against HTTP
packets, to use on behalf of this entry.
A packet is selected if the URL string value associated with
the packet matches this entry. The match algorithm is
specified by and the associated vdsUrlSelMatchFields and
vdsUrlSelPathMatchType objects.
This object may not be modified if the associated
vdsUrlSelStatus object is equal to active(1)."
::= { vdsUrlSelEntry 3 }
vdsUrlSelMatchFields OBJECT-TYPE
SYNTAX BITS {
urlScheme(0),
urlUser(1),
urlPasswd(2),
urlHost(3),
urlPort(4),
urlPath(5),
urlQueryString(6)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object identifies the individual URL fields which
should be considered in the pattern match algorithm executed
on behalf of this entry. It is used with the associated
vdsUrlSelString and vdsUrlSelPathMatchType objects to select
particular HTTP packets for processing on behalf of each
relevant virtual data source.
If the URL 'scheme' field (e.g., http, https, ftp) should be
considered in the URL match algorithm for this entry, then
the 'urlScheme' bit should be set in this mask. This bit
has no affect if the URL scheme field is not present in the
associated vdsUrlSelString.
If the URL 'user' field (e.g., joe) should be considered in
the URL match algorithm for this entry, then the 'urlUser'
bit should be set in this mask. This bit has no affect if
the URL user field is not present in the associated
vdsUrlSelString.
Expires May 25, 2001 [Page 52]
Internet Draft VDS MIB November 2000
If the URL 'password' field (e.g., bonelesschickenranch)
should be considered in the URL match algorithm for this
entry, then the 'urlPasswd' bit should be set in this mask.
This bit has no affect if the URL password field is not
present in the associated vdsUrlSelString.
If the URL 'host' field (e.g., acme.com) should be
considered in the URL match algorithm for this entry, then
the 'urlHost' bit should be set in this mask. This bit has
no affect if the URL host field is not present in the
associated vdsUrlSelString.
If the URL 'port' field (e.g., :443 or :8080) should be
considered in the URL match algorithm for this entry, then
the 'urlPort' bit should be set in this mask. This bit has
no affect if the URL port field is not present in the
associated vdsUrlSelString.
If the URL 'path' field (e.g., /, /sales/reports/, or
/sales/reports/jun2000/index.html) should be considered in
the URL match algorithm for this entry, then the 'urlPath'
bit should be set in this mask. This bit has no affect if
the URL path field is not present in the associated
vdsUrlSelString.
If the URL 'query-string' field, which is considered to be
all characters after the question mark ('?') character to
indicate the start of the optional query string field (e.g.
'partno=104' or 'fname=john&lname=doe') should be considered
in the URL match algorithm for this entry, then the
'urlQueryString' bit should be set in this mask. This bit
has no affect if the URL query string field is not present
in the associated vdsUrlSelString.
This object may not be modified if the associated
vdsUrlSelStatus object is equal to active(1)."
REFERENCE
"Uniform Resource Identifiers, RFC 1738, section 3."
::= { vdsUrlSelEntry 4 }
vdsUrlSelPathMatchType OBJECT-TYPE
SYNTAX INTEGER {
urlPrefixMatch(1),
urlExactMatch(2)
}
Expires May 25, 2001 [Page 53]
Internet Draft VDS MIB November 2000
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of URL path field string match algorithm that
should be performed on behalf of this entry. This object has
no affect if the 'urlPath(5)' bit is not set in the
associated vdsUrlSelMatchFields object.
If this object is equal to 'urlPrefixMatch(1)', then the
associated vdsUrlString object may contain a partial URL
path field. The first 'N' characters of the URL path field
associated with each packet must exactly match all
characters of the URL path field in the associated
vdsUrlSelString object (i.e., 'N' equals the length of the
URL path field in the vdsUrlSelString object).
If this object is equal to 'urlExactMatch(2)', then the
associated vdsUrlString object must contain a complete URL
path field. All of the characters of the URL path field
associated with each packet must exactly match the all
characters of the URL path field in the associated
vdsUrlSelString object.
This object may not be modified if the associated
vdsUrlSelStatus object is equal to active(1)."
::= { vdsUrlSelEntry 5 }
vdsUrlSelStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The non-volatile storage behavior for this entry."
::= { vdsUrlSelEntry 6 }
vdsUrlSelStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this URL based packet selection entry.
An entry may not exist in the active state unless all
objects in the entry have an appropriate value.
Expires May 25, 2001 [Page 54]
Internet Draft VDS MIB November 2000
This object may not be modified while any vdsControlEntry
that references this entry is active."
::= { vdsUrlSelEntry 7 }
-- placeholder
vdsNotifications OBJECT IDENTIFIER ::= { vdsMIB 2 }
-- conformance information
vdsConformance OBJECT IDENTIFIER ::= { vdsMIB 3 }
vdsCompliances OBJECT IDENTIFIER ::= { vdsConformance 1 }
vdsGroups OBJECT IDENTIFIER ::= { vdsConformance 2 }
-- compliance statements
vdsCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities which implement
version 1 of the Virtual Data Source MIB."
MODULE -- this module
MANDATORY-GROUPS {
vdsControlGroup
}
GROUP vdsVlanSelectGroup
DESCRIPTION
"This group is mandatory for agents which support Virtual
LAN based packet selection."
GROUP vdsAddrSelectGroup
DESCRIPTION
"This group is mandatory for agents which support network
address based packet selection."
GROUP vdsProtoSelectGroup
DESCRIPTION
"This group is mandatory for agents which support protocol
based packet selection."
GROUP vdsQosSelectGroup
DESCRIPTION
"This group is mandatory for agents which support quality of
service based packet selection."
GROUP vdsChanSelectGroup
DESCRIPTION
"This group is mandatory for agents which implement content
(channelTable) based packet selection."
Expires May 25, 2001 [Page 55]
Internet Draft VDS MIB November 2000
GROUP vdsUrlSelectGroup
DESCRIPTION
"This group is mandatory for agents which implement URL
based (HTTP) packet selection."
OBJECT vdsControlVlanSelIndex
MIN-ACCESS read-only
DESCRIPTION
"Write access is required if Virtual LAN based packet
selection is supported."
OBJECT vdsControlAddrSelIndex
MIN-ACCESS read-only
DESCRIPTION
"Write access is required if network address based packet
selection is supported."
OBJECT vdsControlProtoSelIndex
MIN-ACCESS read-only
DESCRIPTION
"Write access is required if protocol based packet selection
is supported."
OBJECT vdsControlQosSelIndex
MIN-ACCESS read-only
DESCRIPTION
"Write access is required if quality of service based packet
selection is supported."
OBJECT vdsControlChanSelIndex
MIN-ACCESS read-only
DESCRIPTION
"Write access is required if content (channelTable) based
packet selection is supported."
OBJECT vdsControlUrlSelIndex
MIN-ACCESS read-only
DESCRIPTION
"Write access is required if URL based HTTP packet selection
is supported."
::= { vdsCompliances 1 }
-- MIB groupings
vdsControlGroup OBJECT-GROUP
OBJECTS {
vdsSelectCaps,
vdsControlParent,
vdsControlIfDescr,
vdsControlIfName,
vdsControlIfAlias,
Expires May 25, 2001 [Page 56]
Internet Draft VDS MIB November 2000
vdsControlVlanSelIndex,
vdsControlVlanSelNegate,
vdsControlAddrSelIndex,
vdsControlAddrSelNegate,
vdsControlProtoSelIndex,
vdsControlProtoSelNegate,
vdsControlQosSelIndex,
vdsControlQosSelNegate,
vdsControlChanSelIndex,
vdsControlUrlSelIndex,
vdsControlUrlSelNegate,
vdsControlExprType,
vdsControlIfIndex,
vdsControlOwner,
vdsControlStorageType,
vdsControlStatus
}
STATUS current
DESCRIPTION
"The collection of objects which are used to represent
Virtual Data Source common configuration support, for which
a single agent provides management information."
::= { vdsGroups 1 }
vdsVlanSelectGroup OBJECT-GROUP
OBJECTS {
vdsVlanSelVID,
vdsVlanSelStatus
}
STATUS current
DESCRIPTION
"The collection of objects which are used to represent
Virtual LAN based packet selection support, for which a
single agent provides management information."
::= { vdsGroups 2 }
vdsAddrSelectGroup OBJECT-GROUP
OBJECTS {
vdsAddrSelType,
vdsAddrSelNetProtoID,
vdsAddrSelNetProtoParms,
vdsAddrSelHost1Addr,
vdsAddrSelHost1Mask,
vdsAddrSelHost2Addr,
vdsAddrSelHost2Mask,
Expires May 25, 2001 [Page 57]
Internet Draft VDS MIB November 2000
vdsAddrSelStorageType,
vdsAddrSelStatus
}
STATUS current
DESCRIPTION
"The collection of objects which are used to represent
Address based packet selection support, for which a single
agent provides management information."
::= { vdsGroups 3 }
vdsProtoSelectGroup OBJECT-GROUP
OBJECTS {
vdsProtoSelID,
vdsProtoSelParms,
vdsProtoSelStorageType,
vdsProtoSelStatus
}
STATUS current
DESCRIPTION
"The collection of objects which are used to represent
protocol based packet selection support, for which a single
agent provides management information."
::= { vdsGroups 4 }
vdsQosSelectGroup OBJECT-GROUP
OBJECTS {
vdsQosSelType,
vdsQosSelValue,
vdsQosSelStorageType,
vdsQosSelStatus
}
STATUS current
DESCRIPTION
"The collection of objects which are used to represent
quality of service based packet selection support, for which
a single agent provides management information."
::= { vdsGroups 5 }
vdsChanSelectGroup OBJECT-GROUP
OBJECTS {
vdsChanSelChanIdx,
vdsChanSelStorageType,
vdsChanSelStatus
}
STATUS current
Expires May 25, 2001 [Page 58]
Internet Draft VDS MIB November 2000
DESCRIPTION
"The collection of objects which are used to represent
channelTable based packet selection support, for which a
single agent provides management information."
::= { vdsGroups 6 }
vdsUrlSelectGroup OBJECT-GROUP
OBJECTS {
vdsUrlSelString,
vdsUrlSelMatchFields,
vdsUrlSelPathMatchType,
vdsUrlSelStorageType,
vdsUrlSelStatus
}
STATUS current
DESCRIPTION
"The collection of objects which are used to represent URL
based packet selection support, for which a single agent
provides management information."
::= { vdsGroups 7 }
END
Expires May 25, 2001 [Page 59]
Internet Draft VDS MIB November 2000
9. Intellectual Property
The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to pertain
to the implementation or use of the technology described in this
document or the extent to which any license under such rights might or
might not be available; neither does it represent that it has made any
effort to identify any such rights. Information on the IETF's
procedures with respect to rights in standards-track and standards-
related documentation can be found in BCP-11. Copies of claims of
rights made available for publication and any assurances of licenses to
be made available, or the result of an attempt made to obtain a general
license or permission for the use of such proprietary rights by
implementors or users of this specification can be obtained from the
IETF Secretariat.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary rights
which may cover technology that may be required to practice this
standard. Please address the information to the IETF Executive
Director.
10. References
[DOT1Q]
ANSI/IEEE Draft Standard P802.1Q/D10, "IEEE Standards for Local and
Metropolitan Area Networks: Virtual Bridged Local Area Networks",
March 1998.
[HC-RMON]
Waldbusser, S., "Remote Network Monitoring Management Information
Base for High Capacity Networks", draft-ietf-rmonmib-hcrmon-06.txt,
International Network Services, June 1999.
[IANATYPE]
Internet Assigned Numbers Authority, "IANAIfType Textual Convention
Definition", ftp://ftp//ftp.isi.edu/mib/ianaiftype.mib.
[RFC1155]
Rose, M., and K. McCloghrie, "Structure and Identification of
Management Information for TCP/IP-based Internets", RFC 1155, STD
16, Performance Systems International, Hughes LAN Systems, May
1990.
Expires May 25, 2001 [Page 60]
Internet Draft VDS MIB November 2000
[RFC1157]
Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network
Management Protocol", RFC 1157, STD 15, SNMP Research, Performance
Systems International, Performance Systems International, MIT
Laboratory for Computer Science, May 1990.
[RFC1212]
Rose, M., and K. McCloghrie, "Concise MIB Definitions", RFC 1212,
STD 16, Performance Systems International, Hughes LAN Systems,
March 1991.
[RFC1215]
M. Rose, "A Convention for Defining Traps for use with the SNMP",
RFC 1215, Performance Systems International, March 1991.
[RFC1901]
Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
"Introduction to Community-based SNMPv2", RFC 1901, SNMP Research,
Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc.,
International Network Services, January 1996.
[RFC1905]
Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol
Operations for Version 2 of the Simple Network Management Protocol
(SNMPv2)", RFC 1905, SNMP Research, Inc., Cisco Systems, Inc.,
Dover Beach Consulting, Inc., International Network Services,
January 1996.
[RFC1906]
Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport
Mappings for Version 2 of the Simple Network Management Protocol
(SNMPv2)", RFC 1906, SNMP Research, Inc., Cisco Systems, Inc.,
Dover Beach Consulting, Inc., International Network Services,
January 1996.
[RFC2021]
S. Waldbusser, "Remote Network Monitoring MIB (RMON-2)", RFC 2021,
International Network Services, January 1997.
[RFC2026]
Bradner, S., "The Internet Standards Process -- Revision 3", RFC
2026, Harvard University, October, 1996.
[RFC2570]
Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction to
Expires May 25, 2001 [Page 61]
Internet Draft VDS MIB November 2000
Version 3 of the Internet-standard Network Management Framework",
RFC 2570, SNMP Research, Inc., TIS Labs at Network Associates,
Inc., Ericsson, Cisco Systems, April 1999.
[RFC2571]
Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for
Describing SNMP Management Frameworks", RFC 2571, Cabletron
Systems, Inc., BMC Software, Inc., IBM T. J. Watson Research, April
1999.
[RFC2572]
Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message
Processing and Dispatching for the Simple Network Management
Protocol (SNMP)", RFC 2572, SNMP Research, Inc., Cabletron Systems,
Inc., BMC Software, Inc., IBM T. J. Watson Research, April 1999.
[RFC2573]
Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC
2573, SNMP Research, Inc., Secure Computing Corporation, Cisco
Systems, April 1999.
[RFC2574]
Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) for
version 3 of the Simple Network Management Protocol (SNMPv3)", RFC
2574, IBM T. J. Watson Research, April 1999.
[RFC2575]
Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access
Control Model (VACM) for the Simple Network Management Protocol
(SNMP)", RFC 2575, IBM T. J. Watson Research, BMC Software, Inc.,
Cisco Systems, Inc., April 1999.
[RFC2578]
McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M.,
and S. Waldbusser, "Structure of Management Information Version 2
(SMIv2)", RFC 2578, STD 58, Cisco Systems, SNMPinfo, TU
Braunschweig, SNMP Research, First Virtual Holdings, International
Network Services, April 1999.
[RFC2579]
McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M.,
and S. Waldbusser, "Textual Conventions for SMIv2", RFC 2579, STD
58, Cisco Systems, SNMPinfo, TU Braunschweig, SNMP Research, First
Virtual Holdings, International Network Services, April 1999.
Expires May 25, 2001 [Page 62]
Internet Draft VDS MIB November 2000
[RFC2580]
McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M.,
and S. Waldbusser, "Conformance Statements for SMIv2", RFC 2580,
STD 58, Cisco Systems, SNMPinfo, TU Braunschweig, SNMP Research,
First Virtual Holdings, International Network Services, April 1999.
[RFC2613]
Waterman, R., Lahaye, B., Romascanu, D., and S. Waldbusser, "Remote
Network Monitoring MIB Extensions for Switched Networks Version
1.0", RFC 2613, Allot Networks, Xylan Corp., Lucent Technologies,
INS, June 1999.
[RFC2737]
McCloghrie, K., and A. Bierman, "Entity MIB (Version 2)", RFC 2737,
Cisco Systems, December 1999.
[RFC2863]
McCloghrie, K., and F. Kastenholz, "The Interfaces Group MIB", RFC
2863, Cisco Systems, FTP Software, June 2000.
[STD59]
S. Waldbusser, "Remote Network Monitoring Management Information
Base", STD 59, RFC 2819, Lucent Technologies, May 2000.
Expires May 25, 2001 [Page 63]
Internet Draft VDS MIB November 2000
11. Security Considerations
There are a number of management objects defined in this MIB that have a
MAX-ACCESS clause of read-write and/or read-create. Such objects may be
considered sensitive or vulnerable in some network environments. The
support for SET operations in a non-secure environment without proper
protection can have a negative effect on network operations.
SNMPv1 by itself is not a secure environment. Even if the network
itself is secure (for example by using IPSec), even then, there is no
control as to who on the secure network is allowed to access and GET/SET
(read/change/create/delete) the objects in this MIB.
It is recommended that the implementers consider the security features
as provided by the SNMPv3 framework. Specifically, the use of the User-
based Security Model RFC 2574 [RFC2574] and the View- based Access
Control Model RFC 2575 [RFC2575] is recommended.
It is then a customer/user responsibility to ensure that the SNMP entity
giving access to an instance of this MIB, is properly configured to give
access to the objects only to those principals (users) that have
legitimate rights to indeed GET or SET (change/create/delete) them.
12. Author's Address
Andy Bierman
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134 USA
Phone: +1 408-527-3711
Email: abierman@cisco.com
Expires May 25, 2001 [Page 64]
Internet Draft VDS MIB November 2000
13. Full Copyright Statement
Copyright (C) The Internet Society (2000). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it or
assist in its implementation may be prepared, copied, published and
distributed, in whole or in part, without restriction of any kind,
provided that the above copyright notice and this paragraph are included
on all such copies and derivative works. However, this document itself
may not be modified in any way, such as by removing the copyright notice
or references to the Internet Society or other Internet organizations,
except as needed for the purpose of developing Internet standards in
which case the procedures for copyrights defined in the Internet
Standards process must be followed, or as required to translate it into
languages other than English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an "AS
IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK
FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT
LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT
INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR
FITNESS FOR A PARTICULAR PURPOSE.
Expires May 25, 2001 [Page 65]