INTERNET-DRAFT M. Greene
Xedia.
S. Gudur
BMC Software, Inc.
14 April 1998
Definitions of Managed Objects for
Extensible SNMP Agents
<draft-ietf-agentx-mib-02.txt>
Status of this Memo
This document is an Internet-Draft. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its Areas, and
its Working Groups. Note that other groups may also distribute working
documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference material
or to cite them other than as a "work in progress".
To view the entire list of current Internet-Drafts, please check
the "1id-abstracts.txt" listing contained in the Internet-Drafts
Shadow Directories on ftp.is.co.za (Africa), ftp.nordu.net
(Northern Europe), ftp.nis.garr.it (Southern Europe), munnari.oz.au
(Pacific Rim), ftp.ietf.org (US East Coast), or ftp.isi.edu
(US West Coast).
Copyright Notice
Copyright (C) The Internet Society (1998). All Rights Reserved.
Abstract
This memo defines an experimental portion of the Management Information
Base (MIB) for use with network management protocols in the Internet
community. In particular, it describes objects managing SNMP agents
that use the Agent Extensibility (AgentX) Protocol.
This memo specifies a MIB module in a manner that is both compliant to
the SNMPv2 SMI, and semantically identical to the peer SNMPv1
definitions.
This memo does not specify a standard for the Internet community.
AgentX Working Group Expires September 1998 [Page 1]
Internet Draft AgentX MIB 14 April 1998
1. The SNMP Network Management Framework
The SNMP Network Management Framework presently consists of three major
components. They are:
- the SMI, described in RFC 1902 [1] - the mechanisms used for
describing and naming objects for the purpose of management.
- the MIB-II, STD 17, RFC 1213 [2] - the core set of managed objects
for the Internet suite of protocols.
- the protocol, RFC 1157 [3] and/or RFC 1905 [4], - the protocol for
accessing managed objects.
The Framework permits new objects to be defined for the purpose of
experimentation and evaluation.
1.1. Object Definitions
Managed objects are accessed via a virtual information store, termed the
Management Information Base or MIB. Objects in the MIB are defined
using the subset of Abstract Syntax Notation One (ASN.1) defined in the
SMI. In particular, each object type is named by an OBJECT IDENTIFIER,
an administratively assigned name. The object type together with an
object instance serves to uniquely identify a specific instantiation of
the object. For human convenience, we often use a textual string,
termed the descriptor, to also refer to the object type.
2. Introduction
The SNMP Agent Extensibility Protocol (AgentX) is a protocol used to
distribute the implementation of an SNMP agent amongst a single "master
agent" and multiple "subagents". See [5] for details about the AgentX
protocol.
The goals of the AgentX MIB are:
- List the set of subagents that currently have logical sessions open
with the master agent.
- Identify each subagent's type, vendor, transport address, AgentX
protocol version, and other characteristics.
- Identify the set of MIB objects each subagent implements, the context
in which the objects are registered, and the priority of the
registration.
AgentX Working Group Expires September 1998 [Page 2]
Internet Draft AgentX MIB 14 April 1998
- Provide statistics about the protocol operation such as the number of
packets to and from each subagent.
- Determine protocol operational parameters such as the timeout
interval for responses from a subagent and the priority at which a
subagent registers a particular MIB region.
- Allow (but do not require) managers to be able to modify AgentX
protocol operational parameters and to explicitly close subagent
sessions with the master agent.
3. Overview
This MIB is organized into four groups. The agentxGeneral group
provides information describing the master agent's Agentx support,
including the protocol version supported and the supported transport
mechanisms. The agentxConnection group provides information describing
the current set of connections capable of carrying Agentx sessions. The
agentxSession group provides information describing the current set of
AgentX sessions. The agentxRegistration group provides information
describing the current set of registrations.
Three tables form the heart of this mib. These are the connection,
session, and registration tables.
Entries in the registration table exist in a many-to-one relationship
with entries in the session table. This relationship is represented
through the agentxSessionIndex and agentxConnIndex. Registration entries
are indexed by agentxConnIndex and agentxSessionIndex, to determine
which registration(s), a subagent session is responsible for a given
connection.
Entries in the session table exist in a many-to-one relationship with
entries in the connection table. This relationship is represented
through the agentxConnIndex in a session table. Session entries are
indexed by agentxConnIndex to determine which sessions(s), are carried
by a given connection.
AgentX Working Group Expires September 1998 [Page 3]
Internet Draft AgentX MIB 14 April 1998
4. Definitions
AGENTX-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, experimental, Counter32,
Gauge32, Unsigned32, TDomain, TAddress
FROM SNMPv2-SMI
MODULE-COMPLIANCE, OBJECT-GROUP
FROM SNMPv2-CONF
TEXTUAL-CONVENTION, TimeStamp, TruthValue
FROM SNMPv2-TC;
agentxMIB MODULE-IDENTITY
LAST-UPDATED "9804141200Z" -- April 14, 1998
ORGANIZATION "IETF AgentX Working Group"
CONTACT-INFO
"WG-email: agentx@peer.com
Subscribe: agentx-request@peer.com
http://www.ietf.org/html.charters/agentx-charter.html
Chair: Bob Natale
ACE*COMM Corporation
Email: bnatale@acec.com
Editor: Smitha Gudur
BMC Software, Inc.
965 Stewart Drive
Sunnyvale, CA 94086
Phone: +1 408-616-3100
Email: sgudur@bmc.com
"
DESCRIPTION
"This is the MIB module for the SNMP Agent Extensibility
Protocol (AgentX). This MIB module will be implemented by
the master agent."
-- For testing purposes only. Need to get an experimental id
::= { experimental 2001 }
agentxObjects OBJECT IDENTIFIER ::= { agentxMIB 1 }
--
-- Define the four groups that serve to organize the
-- objects in this MIB
--
agentxGeneral OBJECT IDENTIFIER ::= { agentxObjects 1 }
agentxConnection OBJECT IDENTIFIER ::= { agentxObjects 2 }
AgentX Working Group Expires September 1998 [Page 4]
Internet Draft AgentX MIB 14 April 1998
agentxSession OBJECT IDENTIFIER ::= { agentxObjects 3 }
agentxRegistration OBJECT IDENTIFIER ::= { agentxObjects 4 }
agentxTCPDomain OBJECT IDENTIFIER ::= {agentxObjects 5}
--
-- Textual Conventions
--
Utf8String ::= TEXTUAL-CONVENTION
DISPLAY-HINT "255a"
STATUS current
DESCRIPTION
"To facilitate internationalization, this TC represents
information taken from the ISO/IEC IS 10646-1 character set,
encoded as an octet string using the UTF-8 character encoding
scheme described in RFC 2044 [8]. For strings in 7-bit US-ASCII,
there is no impact since the UTF-8 representation is identical
to the US-ASCII encoding."
SYNTAX OCTET STRING (SIZE (0..255))
AgentxTCPAddress ::= TEXTUAL-CONVENTION
DISPLAY-HINT "1d.1d.1d.1d/2d"
STATUS current
DESCRIPTION "Represents a TCP Address."
SYNTAX OCTET STRING (SIZE (6))
agentxDefaultTimeout OBJECT-TYPE
SYNTAX INTEGER (0..255)
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The default length of time, in seconds, that the master agent
should allow to elapse after dispatching a message to a subagent
before it regards the subagent as not responding. This is a
system-wide value that may be overridden by the values
associated with a particular subagent (agentxSessionTimeout) or a
particular registered MIB region (agentxRegTimeout)."
DEFVAL { 5 }
::= { agentxGeneral 1 }
agentxMasterAgentXVer OBJECT-TYPE
SYNTAX INTEGER (1..255)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The AgentX protocol version supported by this master
agent. Current version is 1. Note that the master agent must
allow registration of earlier version subagents."
AgentX Working Group Expires September 1998 [Page 5]
Internet Draft AgentX MIB 14 April 1998
DEFVAL { 1 }
::= { agentxGeneral 2 }
--
-- The Agentx Subagent Connection Group
--
agentxConnTableLastChange OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when the last row creation or deletion
occurred in the agentxConnectionTable."
::= { agentxConnection 1 }
agentxConnNumber OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current number of entries in the agentxConnectionTable. Note
that this may be smaller than the largest value of agentxConnIndex
since index values are not reused when entries come and go from
the agentxConnectionTable."
::= { agentxConnection 2 }
agentxConnectionTable OBJECT-TYPE
SYNTAX SEQUENCE OF AgentxConnectionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The agentxConnectionTable tracks all current Agentx transport
connections. There may be zero, one, or more agentx sessions
on a given Agentx connection."
::= { agentxConnection 3 }
AgentxConnectionEntry ::= SEQUENCE {
agentxConnIndex Unsigned32,
agentxConnOpenTime TimeStamp,
agentxConnTransportDomain TDomain,
agentxConnTransportAddress TAddress,
agentxConnSessions Gauge32 }
agentxConnectionEntry OBJECT-TYPE
SYNTAX AgentxConnectionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
AgentX Working Group Expires September 1998 [Page 6]
Internet Draft AgentX MIB 14 April 1998
"An agentxConnectionEntry contains information describing a
single Agentx transport connection. A connection may be
used to support zero or more Agentx sessions. Entries come
into being when the transport connection is established,
and are not deleted unless the transport connection has
been terminated."
INDEX { agentxConnIndex }
::= { agentxConnectionTable 1 }
agentxConnIndex OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The value of agentxConnIndex uniquely identifies each
open transport connection used by this master agent
to provide AgentX service. Values of this index should
not be re-used. The value assigned to a given transport
connection is constant for the lifetime of that connection."
::= { agentxConnectionEntry 1 }
agentxConnOpenTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when this connection was established
and, therefore, its value when this entry was added to the table."
::= { agentxConnectionEntry 2 }
agentxConnTransportDomain OBJECT-TYPE
SYNTAX TDomain
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The transport protocol in use for this connection to the
master agent."
::= { agentxConnectionEntry 3 }
agentxConnTransportAddress OBJECT-TYPE
SYNTAX TAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The transport address of the remote (subagent) end of this
connection to the master agent."
::= { agentxConnectionEntry 4 }
AgentX Working Group Expires September 1998 [Page 7]
Internet Draft AgentX MIB 14 April 1998
agentxConnSessions OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current number of AgentX sessions being carried by
this transport connection. For purposes of this MIB,
an AgentX session begins when a valid agentx-Open-PDU is
received, and ends when a corresponding agentx-Close-PDU
has been sent or received by the master agent."
::= { agentxConnectionEntry 5 }
--
-- The AgentX Subagent Session Group
--
agentxSessionTableLastChange OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when the last row creation or deletion
occurred in the agentxSessionTable."
::= { agentxSession 1 }
agentxSessionNumber OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current number of entries in the
agentxSessionTable. Note that this may be smaller than
the largest value of agentxSessionIndex since index
values are not reused when entries come and go from the
agentxSessionTable."
::= { agentxSession 2 }
--
-- The AgentX Subagent Session Table
--
agentxSessionTable OBJECT-TYPE
SYNTAX SEQUENCE OF AgentxSessionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of AgentX subagents that have open sessions with the
AgentX master agent."
::= { agentxSession 3 }
AgentX Working Group Expires September 1998 [Page 8]
Internet Draft AgentX MIB 14 April 1998
agentxSessionEntry OBJECT-TYPE
SYNTAX AgentxSessionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information about a single open session between the AgentX
master agent and a subagent."
INDEX { agentxConnIndex, agentxSessionIndex }
::= { agentxSessionTable 1 }
AgentxSessionEntry ::= SEQUENCE {
agentxSessionIndex Unsigned32,
agentxSessionObjectID OBJECT IDENTIFIER,
agentxSessionDescr Utf8String,
agentxSessionAdminStatus INTEGER,
agentxSessionOpenTime TimeStamp,
agentxSessionAgentXVer INTEGER,
agentxSessionTimeout INTEGER
}
agentxSessionIndex OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A unique index for the subagent session. Note that if a
subagent's session with the master agent is closed for
any reason its index should not be re-used, therefore,
the values of agentxSessionIndex may not be contiguous and
will generally not be the same for the same subagent
across multiple sessions. Index values assigned for
a given registration are constant for the lifetime of
this table."
::= { agentxSessionEntry 1 }
agentxSessionObjectID OBJECT-TYPE
SYNTAX OBJECT IDENTIFIER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This is analogous to sysObjectID defined in MIB-2 [2] and is taken
from the o.id field of the agentx-Open-PDU."
::= { agentxSessionEntry 2 }
--
-- Issue: should we describe this more in terms of AGENT-CAPABILITIES
-- or sysORTable?
--
AgentX Working Group Expires September 1998 [Page 9]
Internet Draft AgentX MIB 14 April 1998
agentxSessionDescr OBJECT-TYPE
SYNTAX Utf8String
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A textual description of the subagent. This is analogous to
sysDescr defined in MIB-2 [2] and is taken from the o.descr
field of the agentx-Open-PDU."
::= { agentxSessionEntry 3 }
agentxSessionAdminStatus OBJECT-TYPE
SYNTAX INTEGER {
up(1),
down(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The administrative (desired) status of the subagent. Setting
the value to 'down(2)' closes the subagent session (with c.reason
set to 'reasonByManager'). When read, the value returned is always
'up(1)'."
DEFVAL { up }
::= { agentxSessionEntry 4 }
agentxSessionOpenTime OBJECT-TYPE
SYNTAX TimeStamp
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of sysUpTime when this session was opened and,
therefore, its value when this entry was added to the table."
::= { agentxSessionEntry 5 }
agentxSessionAgentXVer OBJECT-TYPE
SYNTAX INTEGER (1..255)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The version of the AgentX protocol supported by the
subagent. This will be less than or equal to the value of
agentxMasterAgentXVer."
DEFVAL { 1 }
::= { agentxSessionEntry 6 }
agentxSessionTimeout OBJECT-TYPE
SYNTAX INTEGER (0..255)
UNITS "seconds"
AgentX Working Group Expires September 1998 [Page 10]
Internet Draft AgentX MIB 14 April 1998
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The length of time, in seconds, that a master agent should
allow to elapse after dispatching a message to this subagent
before it regards the subagent as not responding. This value is
taken from the o.timeout field of the agentx-Open-PDU.
This is a subagent-specific value that may be overridden by
values associated with specific registered MIB regions (see
agentxRegTimeout). The default value of '0' indicates that the
master agent's default timeout value should be used (see
agentxDefaultTimeout)."
DEFVAL { 0 }
::= { agentxSessionEntry 7 }
--
-- The AgentX Registration Information group
--
-- The statistics in this group are maintained by the Master Agent.
--
-- Other stats have been removed. Support trap generation based
-- on certain situations for duplicate registration.
--
agentxRegisterDuplicate OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of agentx-Response-PDU messages sent by this master
agent where the res.error field was set to 'duplicateRegistration'."
::= { agentxRegistration 1 }
--
-- The AgentX Registration Table
--
agentxRegistrationTable OBJECT-TYPE
SYNTAX SEQUENCE OF AgentxRegistrationEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of registered OBJECT IDENTIFIER regions. This is the
table used to identify a registered region of a subagent.
Note that a subagent registration may be broken up into multiple
entries in this table, as described in the AgentX Protocol
specification [5]."
::= { agentxRegistration 2 }
AgentX Working Group Expires September 1998 [Page 11]
Internet Draft AgentX MIB 14 April 1998
agentxRegistrationEntry OBJECT-TYPE
SYNTAX AgentxRegistrationEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A single registered region. Regions are added by the master
agent when subagents register and are removed from the table
when the subagents unregister the region or their sessions are
closed. Note that the combination of agentxRegContext,
agentxRegStart and agentxRegDispatchOrder will be unique and
could have been used for indexing purposes, but would have
potentially resulted in excessively long OBJECT IDENTIFIERs."
INDEX { agentxConnIndex, agentxSessionIndex, agentxRegIndex }
::= { agentxRegistrationTable 1 }
AgentxRegistrationEntry ::= SEQUENCE {
agentxRegIndex Unsigned32,
agentxRegContext OCTET STRING,
agentxRegStart OBJECT IDENTIFIER,
agentxRegEnd OBJECT IDENTIFIER,
agentxRegPriority Unsigned32,
agentxRegTimeout INTEGER,
agentxRegInstance TruthValue
}
agentxRegIndex OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"AgentxRegIndex is an integer that uniquely identifies a
registration entry. Its value is constant for the lifetime
of an entry."
::= { agentxRegistrationEntry 1 }
agentxRegContext OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The context in which the subagent supports the objects in this
region. A zero-length context indicates the default context."
::= { agentxRegistrationEntry 2 }
agentxRegStart OBJECT-TYPE
SYNTAX OBJECT IDENTIFIER
MAX-ACCESS read-only
STATUS current
AgentX Working Group Expires September 1998 [Page 12]
Internet Draft AgentX MIB 14 April 1998
DESCRIPTION
"The starting OBJECT IDENTIFIER of this registration entry. The
subagent identified by agentxSessionIndex implements objects
starting at this value (inclusive). Note that this value could
identify an object type, an object instance, or a partial object
instance."
::= { agentxRegistrationEntry 3 }
agentxRegEnd OBJECT-TYPE
SYNTAX OBJECT IDENTIFIER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The ending OBJECT IDENTIFIER of this registration entry. The
subagent identified by agentxSessionIndex implements
objects up to but not including this value. Note that this
value could identify an object type, an object instance,
or a partial object instance."
::= { agentxRegistrationEntry 4 }
--
-- To support other subagent types that can be visible
-- to the manager.
--
agentxRegPriority OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The subagent's priority when exporting this OID range. Lower
values have higher priority."
DEFVAL { 255 }
::= { agentxRegistrationEntry 5 }
agentxRegTimeout OBJECT-TYPE
SYNTAX INTEGER (0..255)
UNITS "seconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The timeout value, in seconds, for subagent responses to
requests associated with this OID range. The value '0' indicates
that the default value (indicated by agentxSessionTimeout or
agentxDefaultTimeout) is to be used. This value is taken from
the r.timeout field of the agentx-Register-PDU."
DEFVAL { 0 }
::= { agentxRegistrationEntry 7 }
AgentX Working Group Expires September 1998 [Page 13]
Internet Draft AgentX MIB 14 April 1998
agentxRegInstance OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of agentxRegInstance is `true' for
registrations for which the INSTANCE_REGISTRATION
was set, and is `false' for all other registrations."
DEFVAL { false }
::= { agentxRegistrationEntry 8 }
--
-- Conformance Statements for the AgentX MIB
--
agentxConformance OBJECT IDENTIFIER ::= { agentxMIB 2 }
agentxMIBGroups OBJECT IDENTIFIER ::= { agentxConformance 1 }
agentxMIBCompliances OBJECT IDENTIFIER ::= { agentxConformance 2 }
agentxMIBCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for SNMP entities that implement the
AgentX protocol. Note that a compliant agent can implement all
objects in this MIB module as read-only."
MODULE -- this module
MANDATORY-GROUPS { agentxMIBGroup }
OBJECT agentxDefaultTimeout
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT agentxSessionAdminStatus
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
::= { agentxMIBCompliances 1 }
agentxMIBGroup OBJECT-GROUP
OBJECTS {
agentxDefaultTimeout,
agentxMasterAgentXVer,
agentxConnTableLastChange,
agentxConnNumber,
agentxConnOpenTime,
AgentX Working Group Expires September 1998 [Page 14]
Internet Draft AgentX MIB 14 April 1998
agentxConnTransportDomain,
agentxConnTransportAddress,
agentxConnSessions,
agentxSessionTableLastChange,
agentxSessionNumber,
agentxSessionTimeout,
agentxSessionObjectID,
agentxSessionDescr,
agentxSessionAdminStatus,
agentxSessionOpenTime,
agentxSessionAgentXVer,
agentxRegisterDuplicate,
agentxRegContext,
agentxRegStart,
agentxRegEnd,
agentxRegPriority,
agentxRegTimeout,
agentxRegInstance
}
STATUS current
DESCRIPTION
"All accessible objects in the AgentX MIB."
::= { agentxMIBGroups 1 }
END
5. Acknowledgments
This document is a product of the IETF's AgentX Working Group.
Special acknowledgement is made to:
Maria Greene
Xedia
119 Russell Street, Littleton MA 01460
USA
Phone: +1 978-952-6000
EMail: maria@xedia.com
This MIB is an evolution of the Subagent MIB by Bert Wijnen
(wijnen@vnet.ibm.com) which in turn was derived from the SMUX-MIB by
Marshall Rose [6].
6. References
[1] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and
S. Waldbusser, "Structure of Management Information for Version 2
AgentX Working Group Expires September 1998 [Page 15]
Internet Draft AgentX MIB 14 April 1998
of the Simple Network Management Protocol (SNMPv2)", RFC1902, SNMP
Research,Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc.,
International Network Services, January 1996.
[2] McCloghrie, K., and M. Rose, Editors, "Management Information Base
for Network Management of TCP/IP-based internets: MIB-II", STD 17,
RFC 1213, Hughes LAN Systems, Performance Systems International,
March 1991.
[3] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network
Management Protocol", RFC 1157, SNMP Research, Performance Systems
International, Performance Systems International, MIT Laboratory
for Computer Science, May 1990.
[4] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and
S. Waldbusser, "Protocol Operations for Version 2 of the Simple
Network Management Protocol (SNMPv2)", RFC1905, SNMP Research,Inc.,
Cisco Systems, Inc., Dover Beach Consulting, Inc., International
Network Services, January 1996.
[5] Daniele, M., Wijnen, B., and D. Francisco, "Agent Extensibility
(AgentX) Protocol, Version 1", draft-ietf-agentx-ext-pro-02.txt,
Digital Equipment Corporation, T.J. Watson Research Center, IBM
Corp., Cisco Systems, November, 1996.
[6] Rose, M., "SNMP MUX Protocol and MIB", RFC1227, Performance Systems
International, Inc., May 1991.
[7] Wijnen, B., Carpenter, G., Curran, K., Sehgal, A., and G. Waters,
"Simple Network Management Protocol: Distributed Protocol
Interface, Version 2.0", RFC 1592, T.J. Watson Research Center, IBM
Corp., Bell Northern Research, Ltd., March 1994.
[8] F. Yergeau, "UTF-8, a transformation format of Unicode and ISO
10646,", RFC 2044, October 1996.
7. Security Considerations
In most cases, MIBs are not themselves security risks; if SNMP
security is operating as intended, the use of a MIB to view
information about a system, or to change some parameter at the
system, is a tool, not a threat.
None of the read-only objects in this MIB reports a password, user data,
or anything else that is particularly sensitive. If access to these
objects is not limited by an appropriate access control policy, these
objects can provide an attacker with information about a system's
configuration and the services that that system is providing. Some
enterprises view their network and system configurations themselves, as
AgentX Working Group Expires September 1998 [Page 16]
Internet Draft AgentX MIB 14 April 1998
well as information about usage and performance, as corporate assets;
such enterprises may wish to restrict SNMP access to most of the objects
in the MIB.
This MIB contains two read-write objects: agentxDefaultTimeout and
agentxSessionAdminStatus. Setting agentxDefaultTimeout to an
inappropriately small value can prevent new subagent sessions from being
usable. Setting agentxSessionAdminStatus to an inappropriate value can
effectively prevent access to management information, or provide access
to inappropriate information. Since changes to either of these objects
can adversely impact the manageability of a system, write access to
these objects should be subject to an appropriate access control policy.
Such a policy may be realized in an implementation by limiting support
for these objects to read-only access.
8. Editor's Address
Smitha Gudur
BMC Software, Inc.
965 Stewart Drive
Sunnyvale, CA 94086
USA
Phone: +1 408-616-3100
EMail: sgudur@bmc.com
9. Full Copyright Statement
Copyright (C) The Internet Society (1997). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it or
assist in its implmentation may be prepared, copied, published and
distributed, in whole or in part, without restriction of any kind,
provided that the above copyright notice and this paragraph are included
on all such copies and derivative works. However, this document itself
may not be modified in any way, such as by removing the copyright notice
or references to the Internet Society or other Internet organizations,
except as needed for the purpose of developing Internet standards in
which case the procedures for copyrights defined in the Internet
Standards process must be followed, or as required to translate it into
languages other than English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an "AS
IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK
FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT
AgentX Working Group Expires September 1998 [Page 17]
Internet Draft AgentX MIB 14 April 1998
LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT
INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR
FITNESS FOR A PARTICULAR PURPOSE.
AgentX Working Group Expires September 1998 [Page 18]
