Internet Draft Steve Waldbusser
R.G. Cole
AT&T
C. Kalbfleisch
Verio, Inc.
D. Romascanu
Avaya Inc.
25 August 2002
RMON Framework
<draft-ietf-rmonmib-framework-01.txt>
Status of this Memo
This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026 [RFC2026].
Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF), its areas, and its working groups. Note that other groups
may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet- Drafts as reference material
or to cite them other than as "work in progress".
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
Distribution of this document is unlimited. Please send comments to the
SMIng WG mailing list <sming@ops.ietf.org>.
Internet Draft RMON Framework August 25, 2002
1. Copyright Notice
Copyright (C) The Internet Society (2002). All Rights Reserved.
2. Abstract
The RMON Framework consists of a number of interrelated standards. This
memo describes these standards and how they relate to one another.
3. Table of Contents
Table of Contents
1 Copyright Notice ................................................ 2
2 Abstract ........................................................ 2
3 Table of Contents ............................................... 2
4 The SNMP Network Management Framework ........................... 2
5 Definition of RMON .............................................. 3
6 Goals of RMON ................................................... 4
7 RMON Standards .................................................. 6
7.1 RMON-1 ........................................................ 6
7.2 Token Ring Extensions to RMON MIB ............................. 7
7.3 The RMON-2 MIB ................................................ 9
7.4 RMON MIB Protocol Identifiers ................................. 10
7.5 Remote Network Monitoring MIB Extensions for Switched Net-
works ........................................................ 10
7.6 RMON MIB Extensions for Interface Parameters Monitoring ....... 11
7.7 RMON for High Capacity Networks ............................... 12
7.8 Application Performance Measurement MIB ....................... 12
7.9 Transport Performance Metrics MIB ............................. 13
7.10 Synthetic Sources for Performance Monitoring MIB ............. 14
8 RMON Framework Components ....................................... 15
8.1 MediaIndependent Table ........................................ 15
8.2 Protocol Directory ............................................ 15
8.3 Application Directory ......................................... 15
8.4 Data Source ................................................... 15
9 Relationship of APM, TPM, and SSPM MIBs ......................... 16
10 Acknowledgements ............................................... 18
11 Informative References ......................................... 18
12 Security Considerations ........................................ 21
13 Author's Address ............................................... 21
Expires December 21, 2002 [Page 2]
Internet Draft RMON Framework August 25, 2002
14 Full Copyright Statement ....................................... 23
4. The SNMP Network Management Framework
The SNMP Management Framework presently consists of five major
components:
o An overall architecture, described in RFC 2571 [RFC2571].
o Mechanisms for describing and naming objects and events for the
purpose of management. The first version of this Structure of
Management Information (SMI) is called SMIv1 and described in
RFC 1155 [RFC1155], RFC 1212 [RFC1212] and RFC 1215 [RFC1215].
The second version, called SMIv2, is described in RFC 2578
[RFC2578], RFC 2579 [RFC2579] and RFC 2580 [RFC2580].
o Message protocols for transferring management information. The
first version of the SNMP message protocol is called SNMPv1 and
described in RFC 1157 [RFC1157]. A second version of the SNMP
message protocol, which is not an Internet standards track
protocol, is called SNMPv2c and described in RFC 1901 [RFC1901]
and RFC 1906 [RFC1906]. The third version of the message
protocol is called SNMPv3 and described in RFC 1906 [RFC1906],
RFC 2572 [RFC2572] and RFC 2574 [RFC2574].
o Protocol operations for accessing management information. The
first set of protocol operations and associated PDU formats is
described in RFC 1157 [RFC1157]. A second set of protocol
operations and associated PDU formats is described in RFC 1905
[RFC1905].
o A set of fundamental applications described in RFC 2573
[RFC2573] and the view-based access control mechanism described
in RFC 2575 [RFC2575].
A more detailed introduction to the current SNMP Management Framework
can be found in RFC 2570 [RFC2570].
Managed objects are accessed via a virtual information store, termed
the Management Information Base or MIB. Objects in the MIB are
defined using the mechanisms defined in the SMI.
Expires December 21, 2002 [Page 3]
Internet Draft RMON Framework August 25, 2002
5. Definition of RMON
Remote network monitoring devices, often called monitors or probes, are
instruments that exist for the purpose of managing a network. Often
these remote probes are stand-alone devices and devote significant
internal resources for the sole purpose of managing a network. An
organization may employ many of these devices, one per network segment,
to manage its internet. In addition, these devices may be used for a
network management service provider to access a client network, often
geographically remote.
When the RMON standard was young, this device-oriented definition of
RMON was taken quite literally, as RMON devices were probes purpose-
built and dedicated to running the RMON MIBs. Soon, cards were
introduced that added RMON capability into a network hub, switch or
router. RMON also began to appear as a software capability that was
added to the software of certain network equipment, as well as software
applications that could run on servers or clients. Despite the variety
of these approaches, the RMON capability in each serves as a dedicated
network management resource available for activities ranging from long-
term data collection and analysis or for ad-hoc firefighting.
In the beginning, most, but not all, of RMON's capabilities were based
on the promiscuous capture of packets on a network segment or segments.
Over time, that mixture included more and more capabilities that didn't
depend on promiscuous packet capture. Today, the some of the newest
standards added to the RMON framework allow multiple techniques of data
gathering, one of which is promiscuous packet capture.
6. Goals of RMON
o Offline Operation
There are sometimes conditions when a management
station will not be in constant contact with its
remote monitoring devices. This is sometimes by
design in an attempt to lower communications costs
(especially when communicating over a WAN or
dialup link), or by accident as network failures
affect the communications between the management
station and the probe.
For this reason, this MIB allows a probe to be
configured to perform diagnostics and to collect
statistics continuously, even when communication with
Expires December 21, 2002 [Page 4]
Internet Draft RMON Framework August 25, 2002
the management station may not be possible or
efficient. The probe may then attempt to notify
the management station when an exceptional condition
occurs. Thus, even in circumstances where
communication between management station and probe is
not continuous, fault, performance, and configuration
information may be continuously accumulated and
communicated to the management station conveniently
and efficiently.
o Proactive Monitoring
Given the resources available on the monitor, it
is potentially helpful for it continuously to run
diagnostics and to log network performance. The
monitor is always available at the onset of any
failure. It can notify the management station of the
failure and can store historical statistical
information about the failure. This historical
information can be played back by the management
station in an attempt to perform further diagnosis
into the cause of the problem.
o Problem Detection and Reporting
The monitor can be configured to recognize
conditions, most notably error conditions, and
continuously to check for them. When one of these
conditions occurs, the event may be logged, and
management stations may be notified in a number of
ways.
o Value Added Data
Because a remote monitoring device represents a
network resource dedicated exclusively to network
management functions, and because it is located
directly on the monitored portion of the network, the
remote network monitoring device has the opportunity
to add significant value to the data it collects.
For instance, by highlighting those hosts on the
network that generate the most traffic or errors, the
probe can give the management station precisely the
information it needs to solve a class of problems.
o Multiple Managers
An organization may have multiple management stations
for different units of the organization, for different
Expires December 21, 2002 [Page 5]
Internet Draft RMON Framework August 25, 2002
functions (e.g. engineering and operations), and in an
attempt to provide disaster recovery. Because
environments with multiple management stations are
common, the remote network monitoring device has to
deal with more than own management station,
potentially using its resources concurrently.
7. RMON Standards
The RMON Framework includes a number of standards. Each standard that
makes up the RMON framework defines some new useful behavior (i.e. an
application) and managed objects that configure, control and montitor
that behavior. This section lists those standards and described the role
of each.
Figure 1 shows how many of the components of the RMON framework relate
to one another.
Network Application Diff. Monitoring Sorting
Topology Perf. Monitoring Svcs. Mon. Methods Methods
|<---------->| |<----------------->| |<-------->| |<------->| |<--->|
+------------+ +--------+ +--------+ +----------+ +----+ +---+ +---+ +---+
|Application | | APM | | TPM | | DSMON | | | | P | | S | | |
|Layer | | | | | | | | | | A | | S | | I |
+------------+ +--------+ +--------+ +----------+ | | | S | | P | | F |
| | | S | | M | | T |
+------------+ +----------------------------------+ | | I | | | | O |
| Network | | RMON2 | | V | | A | | P |
| Layer | | | | E | | C | | N |
+------------+ +---------------------------------------+ | | | T | | |
| M | | I | | |
+------------+ +----------+ +--------+ | O | | V | | |
| Data Link | | RMON1 | | SMON | | N | | E | | |
| Layer | | | | | | | | | | |
+------------+ +----------+ +--------+ +---+ +---+ +---+
Figure 1
7.1. RMON-1
The RMON-1 standard is focused at layer 2 and provides link-layer
statistics aggregated in a variety of ways. In addition, it provides
Expires December 21, 2002 [Page 6]
Internet Draft RMON Framework August 25, 2002
generation of alarms when thresholds are crossed as well as the ability
to filter and capture packet contents. The components of RMON-1 are:
The Ethernet Statistics Group
The ethernet statistics group contains statistics measured by the
probe for each monitored Ethernet interface on this device.
The History Control Group
The history control group controls the periodic statistical
sampling of data from various types of networks.
The Ethernet History Group
The ethernet history group records periodic statistical samples
from an ethernet network and stores them for later retrieval.
The Alarm Group
The alarm group periodically takes statistical samples from
variables in the probe and compares them to previously configured
thresholds. If the monitored variable crosses a threshold, an
event is generated. A hysteresis mechanism is implemented to
limit the generation of alarms.
The Host Group
The host group contains statistics associated with each host
discovered on the network. This group discovers hosts on the
network by keeping a list of source and destination MAC Addresses
seen in good packets promiscuously received from the network.
The HostTopN Group
The hostTopN group is used to prepare reports that describe the
hosts that top a list ordered by one of their statistics. The
available statistics are samples of one of their base statistics
over an interval specified by the management station. Thus, these
statistics are rate based. The management station also selects
how many such hosts are reported.
The Matrix Group
The matrix group stores statistics for conversations between sets
Expires December 21, 2002 [Page 7]
Internet Draft RMON Framework August 25, 2002
of two addresses. As the device detects a new conversation, it
creates a new entry in its tables.
The Filter Group
The filter group allows packets to be matched by a filter
equation. These matched packets form a data stream that may be
captured or may generate events.
The Packet Capture Group
The Packet Capture group allows packets to be captured after they
flow through a channel.
The Event Group
The event group controls the generation and notification of events
from this device.
7.2. Token Ring Extensions to RMON MIB
Some of the functions defined in the RMON-1 MIB were defined specific to
Ethernet media. In order to operate the functions on Token Ring Media,
new objects needed to be defined in the Token Ring Extensions to RMON
MIB. In addition, this MIB defines additional objects that provide
monitoring functions unique to Token Ring.
The components of the Token Ring Extensions to RMON MIB are:
The Token Ring Statistics Groups
The Token Ring statistics groups contain current utilization and
error statistics. The statistics are broken down into two groups,
the Token Ring Mac-Layer Statistics Group and the Token Ring
Promiscuous Statistics Group. The Token Ring Mac-Layer Statistics
Group collects information from Mac Layer, including error reports
for the ring and ring utilization of the Mac Layer. The Token
Ring Promiscuous Statistics Group collects utilization statistics
from data packets collected promiscuously.
The Token Ring History Groups
The Token Ring History Groups contain historical utilization and
error statistics. The statistics are broken down into two groups,
Expires December 21, 2002 [Page 8]
Internet Draft RMON Framework August 25, 2002
the Token Ring Mac-Layer History Group and the Token Ring
Promiscuous History Group. The Token Ring Mac-Layer History Group
collects information from Mac Layer, including error reports for
the ring and ring utilization of the Mac Layer. The Token Ring
Promiscuous History Group collects utilization statistics from
data packets collected promiscuously.
The Token Ring Ring Station Group
The Token Ring Ring Station Group contains statistics and status
information associated with each Token Ring station on the local
ring. In addition, this group provides status information for
each ring being monitored.
The Token Ring Ring Station Order Group
The Token Ring Ring Station Order Group provides the order of the
stations on monitored rings.
The Token Ring Ring Station Config Group
The Token Ring Ring Station Config Group manages token ring
stations through active means. Any station on a monitored ring
may be removed or have configuration information downloaded from
it.
The Token Ring Source Routing Group
The Token Ring Source Routing Group contains utilization
statistics derived from source routing information optionally
present in token ring packets.
7.3. The RMON-2 MIB
The RMON-2 MIB extends the architecture defined in RMON-1 primarily by
extending RMON analysis up to the application layer.
The components of the RMON-2 MIB are:
The Protocol Directory Group
Every RMON 2 implementation will have the capability to parse
certain types of packets and identify their protocol type at
multiple levels, The protocol directory presents an inventory of
Expires December 21, 2002 [Page 9]
Internet Draft RMON Framework August 25, 2002
those protocol types the probe is capable of monitoring, and
allows the addition, deletion, and configuration of protocol types
in this list.
Protocol Distribution Group
This function controls collection of packet and octet counts for
any or all of the protocols detected on a given interface. An NMS
can use this table to quickly determine bandwidth allocation
utilized by different protocols.
Address Mapping Group
This function lists MAC address to network address bindings
discovered by the probe and what interface they were last seen on.
Network Layer Host Group
This function counts the amount of traffic sent from and to each
network address discovered by the probe.
Network Layer Matrix Group
This function counts the amount of traffic sent between each pair
of network addresses discovered by the probe.
Application Layer Host Group
This function counts the amount of traffic, by protocol, sent from
and to each network address discovered by the probe.
Application Layer Matrix
This function counts the amount of traffic, by protocol, sent
between each pair of network addresses discovered by the probe.
User History
This function allows an NMS to request that certain variables on
the probe be periodically polled and for a time-series to be
stored of the polled values.
Probe Configuration
This group contains configuration objects that configure many
Expires December 21, 2002 [Page 10]
Internet Draft RMON Framework August 25, 2002
aspects of the probe including the software downloaded to the
probe, the out of band serial connection and the network
connection.
7.4. RMON MIB Protocol Identifiers
The RMON-2 MIB identifies protocols at any layer of the 7 layer
hierarchy with an identifier called a Protocol Identifier, or ProtocolID
for short.. ProtocolIDs also identify the particular configuration of
layering in use including any arbitrary encapsulations. The RMON MIB
Protocol Identifiers document is a companion document to the RMON-2 MIB
that defines a number of well-known protocols.
As the RMON Framwork has grown, other standards have been added to the
framework that utilize ProtocolIDs.
7.5. Remote Network Monitoring MIB Extensions for Switched Networks
Switches have become pervasive in today's networks as a form of
broadcast media. SMON provides RMON-like functions for the monitoring of
switched networks.
Switches today differ from standard shared media protocols because:
1) Data is not, in general, broadcast. This MAY be caused by the
switch architecture or by the connection-oriented nature of the
data. This means, therefore, that monitoring non-broadcast
traffic needs to be considered.
2) Monitoring the multiple entry and exit points from a switching
device requires a vast amount of resources - memory and CPU, and
aggregation of the data in logical packets of information,
determined by the application needs.
3) Switching incorporates logical segmentation such as Virtual LANs
(VLANs).
4) Switching incorporates packet prioritization.
5) Data across the switch fabric can be in the form of cells. Like
RMON, SMON is only concerned with the monitoring of packets.
Differences such as these make monitoring difficult. The SMON MIB
Expires December 21, 2002 [Page 11]
Internet Draft RMON Framework August 25, 2002
provides the following functions that help to manage switched networks:
smonVlanStats
This function provides traffic statistics per Virtual LAN for
802.1q VLANs.
smonPrioStats
This function provides traffic statistics per priority level for
802.1q VLANS.
dataSourceCaps
This function identifies all supported data sources on an SMON
device. An NMS MAY use this table to discover the RMON and Copy
Port attributes of each data source.
portCopyConfig
Many network switches provide the capability to make a copy of
traffic seen on one port and send it out another port for
management purposes. This occurs in addition to any copying
performed during the normal forwarding behavior of the switch.
The portCopyConfig function provides control of the port copy
functionality in a device.
7.6. RMON MIB Extensions for Interface Parameters Monitoring
Many network switches contain hundreds of ports, many with only one
attached device. A common operation when managing such a switch is to
sort the interfaces by one of the parameters (e.g. to the find the most
highly utilized interface). If the switch contains many interfaces it
can be expensive and time consuming to download information for all
interfaces to sort it on the NMS. Instead, the ifTopN MIB allows the
sorting to occur on the switch and for only the top interfaces to be
downloaded.
7.7. RMON Extensions for Differentiated Services (DSMON MIB)
This MIB defines extensions of RMON for monitoring the traffic usage of
Differentiated Services [RFC2474] codepoint values. The 6-bit DiffServ
Expires December 21, 2002 [Page 12]
Internet Draft RMON Framework August 25, 2002
codepoint portion (DSCP) of the Type of Service (TOS) octet in the IP
header provides for 64 different packet treatments for the
implementation of differentiated network devices. DSMON-capable RMON
probes collect and aggregate statistics based on the inspection of the
DSCP value in monitored packets.
The DSMON MIB defines a DSCP counter aggregation mechanism to reduce the
total number of counters by configuring the agent to internally
aggregate counters based on the DSCP value. This mechanism is designed
to overcome the agent data collection limitation, performs data
reduction at the agent and applications level, and optimizes the
application for cases when some codepoint values are not used, or lead
to similar packet treatment in the monitored network domain.
The components of the DSMON MIB are:
The Aggregate Control Group
The aggregate Control Group enables the configuration of the
counter aggregation groups.
The DSMON Statistics Group
The DSMON Statistics Group contains per counter aggregation group
distribution statistics for a particular RMON data source.
The DSMON Protocol Distribution Group
The DSMON Protocol Distribution Group reports per counter
aggregation distribution statistics for each application protocol
detected on a particular RMON data source.
The DSMON Host Group
The DSMON Host Group contains host address distribution statistics
for each counter aggregation group, detected on a particular RMON
data source.
The DSMON Capabilities Group
The DSMON Capabilities Group reports the DSMON MIB functional
capabilities of the agent implementation.
The DSMON Matrix Group
Expires December 21, 2002 [Page 13]
Internet Draft RMON Framework August 25, 2002
The DSMON Matrix Group contains host address pair distribution
statistics for each counter aggregation group, detected on a
particular RMON data source.
7.8. RMON for High Capacity Networks
This MIB defines extensions to RMON for use on high capacity networks.
Except for the mediaIndependentTable, each of the tables in this MIB
adds high capacity capability to an associated table in the RMON-1 MIB
or RMON-2 MIB.
The mediaIndependentTable provides media independent utilization and
error statistics for full-duplex and half-duplex media. Prior to the
existence of the HCRMON MIB, a new table needed to be created for RMON
monitoring of each data-link layer media. These tables included many
statistical attributes of the media including packet and octet counters
that are independent of the media type. This wasn't optimal because
there was no way to monitor media types for which a media-specific table
had not been defined. Further, there were no common objects to monitor
media-independent attributes between media types.
In the future, for media other than ethernet and token ring, the
mediaIndependentTable will be the source for media-independent
statistics. Additional media-specific tables may be created to provide
attributes unique to particular media such as error counters.
The HC-RMON MIB contains a number of groups that each extend a group in
the original RMON-1 and RMON-2 MIBs. In addition, the
mediaIndependentGroup contains objects that allow media independent
monitoring.
7.9. Application Performance Measurement MIB
The APM MIB provides analysis of application performance as experienced
by end-users.
Application performance measurement measures the quality of service
delivered to end-users by applications. With this perspective, a true
end-to-end view of the IT infrastructure results, combining the
performance of the application, desktop, network, and server, as well as
any positive or negative interactions between these components.
Expires December 21, 2002 [Page 14]
Internet Draft RMON Framework August 25, 2002
Despite all the technically sophisticated ways in which networking and
system resources can be measured, human end-users perceive only two
things about an application: availability and responsiveness.
Availability - The percentage of the time that the application is
ready to give a user service.
Responsiveness - The speed at which the application delivers the
requested service.
The APM MIB includes the following functions:
The APM Application Directory Group
The APM Application Directory group contains configuration objects
for every application or application verb monitored on this
system.
The APM User Defined Applications Group
The APM User Defined Applications Group contains objects that
allow for the tracking of applications or application verbs that
aren't registered in the protocolDirectoryTable.
The APM Report Group
The APM Report Group is used to prepare regular reports that
aggregate application performance by flow, by client, by server,
or by application.
The APM Transaction Group
The APM Transaction Group is used to show transactions that are
currently in progress and ones that have ended recently, along
with their responsiveness metric.
Because many transactions last a very short time, they will exist
in this table for a very short time. Thus, polling this table is
not an effective mechanism for retrieving all transactions.
This table is designed to allow a management station to check on
the status of long-lived transactions. Because the apmReport and
apmException mechanisms act only on transactions that have
finished, a network manager may not have visibility for some time
into the performance of long-lived transactions such as streaming
Expires December 21, 2002 [Page 15]
Internet Draft RMON Framework August 25, 2002
applications, large data transfers, or (very) poorly performing
transactions. In fact, by their very definition, the apmReport and
apmException mechanisms only provide visibility into a problem
after nothing can be done about it. The apmTransactionTable
provides visibility into transactions that are currently executing
and will allow a management station to find status of long-lived
transactions.
The APM Exception Group
The APM Exception Group is used to generate immediate
notifications of transactions that cross certain thresholds. The
apmExceptionTable is used to configure which thresholds are to be
checked for which types of transactions. The
apmTransactionResponsivenessAlarm notification is sent when a
transaction occurs with a responsiveness that crosses a threshold.
The apmTransactionUnsuccessfulAlarm notification is sent when a
transaction fails for which exception checking was configured.
The APM Notification Group
The APM Notification Group contains 2 notifications that are sent
when thresholds in the APM Exception Table are exceeded.
7.10. RMON MIB Protocol Identifier Reference Extensions
The protocol identifier defined in RMON2 [RFC2021] can identify any
protocol at any layer and its encapsulation. The protocol identifier
macro document [RFC2896] defines a convenient human readable and machine
parseable format for documenting well-known protocols.
For the most part the protocol identifiers used by RMON2 implementations
have described protocols at any layer including the application layer
but haven't gone any deeper into the application. In order to
differentiate an application's behavior while performing different tasks
(logging in vs. downloading, for example) it is important to have a
separate protocol identifier for each application "verb". The macro
defined in [RFC2896] is inconvenient for defining application verbs
because it assumes that most protocols are identified by an integer type
field and many or most applications use other means for identifying
verbs, including character strings.
These extensions define another macro for defining application verbs
that are children of an application. The parent application can be
Expires December 21, 2002 [Page 16]
Internet Draft RMON Framework August 25, 2002
defined with the original protocol identifier macro and the application
verbs are defined with the new macro.
7.11. Transport Performance Metrics MIB
The TPM MIB monitors selectable performance metrics and statistics
derived from the monitoring of network packets and sub-application level
transactions. The metrics are defined through reference to existing
IETF, ITU and other standards organizations' documents. The monitoring
covers both passive and active traffic generation sources.
The TPM MIB includes the following functions:
The tpmCapabilities Group
The tpmCapabilitiesGroup contains objects and tables which show
the measurement protocol and metric capabilities of the agent.
The tpmAggregateReports Group
The tpmAggregateReportsGroup is used to provide the collection of
aggregated statistical measurements for the configured report
intervals.
The tpmCurrentReports Group
The tpmCurrentReportsGroup is used to provide the collection of
uncompleted measurements for the current configured report for
those transactions caught in progress. A history of these
transactions is also maintained once the current transaction has
completed.
The tpmExceptionReports Group
The tpmExceptionReportsGroup is used to link immediate
notifications of transactions that exceed certain thresholds
defined in the apmExceptionGroup [APM]. This group reports the
aggregated sub-application measurements for those applications
exceeding thresholds.
Expires December 21, 2002 [Page 17]
Internet Draft RMON Framework August 25, 2002
7.12. Synthetic Sources for Performance Monitoring MIB
The Synthetic Sources for Performance Monitoring MIB [SSPM] covers the
artificial generation of a) application-level, b) transport-level, and
c) link-level traffic for the purpose of monitoring system performance.
There are situations where it is useful to be able to control the
generation of synthetic traffic when evaluating system performance.
There are other situations where system performance evaluation can rely
upon naturally generated application-level traffic, in which case one
needs only monitor existing traffic and not instrument synthetic
traffic. The SSPM MIB provides the ability to configure and control the
generation of this synthetic traffic.
7.13. RMON MIB Extensions for High Capacity Alarms
There is a need for a standardized way of providing the same type of
alarm thresholding capabilities for Counter64 objects, as already exists
for Counter32 objects. The RMON-1 alarmTable objects and RMON-1
notification types are specific to 32-bit objects, and cannot be used to
properly monitor Counter64-based objects. Extensions to these existing
constructs are needed which explicitly support Counter64-based objects.
These extensions are completely independent of the existing RMON-1 alarm
mechanisms.
This MIB contains 3 functions:
The hcAlarmControlObjects group
Controls the configuration of alarms for high capacity MIB object
instances.
The hcAlarmCapabilities group
Describes the high capacity alarm capabilities provided by the
agent.
The hcAlarmNotifications group
Provide new rising and falling threshold notifications for high
capacity objects.
Expires December 21, 2002 [Page 18]
Internet Draft RMON Framework August 25, 2002
8. RMON Framework Components
The collection of standards in the RMON Framework are associated by 1. A
common purpose and similar collection methodologies; and, 2. Use of
common infrastrure components
These common infrastructure components are:
- MediaIndependent Table
- Protocol Directory
- appDirectory
- DataSource
8.1. MediaIndependent Table
While many ata-link media types exist and they each have unique
features, there are many statistics that are common across most media.
For example, counts of packets and octets are interesting for most
media. The media independent table contains the most common such
statistics and forms a super class from which specific interface types
are inherited. This means that the common statistics can be monitored
even for media types that are unknown.
For example, if the mediaindependentTable had existed prior to the
definition of the etherStatsTable, the etherStatsTable could have
ommitted the etherStatsDropEvents, etherStatsOctets, etherStatsPkts.
The Media Independent Table is defined in the High Capacity RMON MIB
[RFC3287].
8.2. Protocol Directory
The second of the RMON infrastructure components is the Protocol
Directory Group defined in the RMON2 MIB [RFC2021]. The main objective
of RMON2 was to extend the remote network monitoring agents capabilities
beyond link layer to higher level protocol monitoring. This required a
means to globally identify individual protocol encapsulations. This
capability is provided by the Protocol Directory Group and specifically
the protocolDirID found in the protocolDirTable in the RMON2 MIB.
The Protocol Directory allows the agent to provide an inventory of the
protocols that the agent can decode, count, categorize and time. The
directory and its objects are designed to allow for the addition,
deletion and configuration of the protocol encapsulations in the
Expires December 21, 2002 [Page 19]
Internet Draft RMON Framework August 25, 2002
directory list. The Protocol Directory Group consists of the
protocolDirLastChange object and the protocolDirTable. The
protocolDirLastChange identifies the time at which the last change to
the protocolDirTable was made. The entries in the protocolDirTable are
shown in Figure XX.
+--------------------+
| protocolDirGroup |
+--------------------+
|
| +-------------------------+
+--> | protocolDirLastChange |
| +-------------------------+
|
| +------------------+
+--> | protocolDirEntry |
+------------------+
|
| +-------------------------------+
+--> | protocolDirID |
| +-------------------------------+
|
| +-------------------------------+
+--> | protocolDirLocalIndex |
| +-------------------------------+
|
| +-------------------------------+
+--> | protocolDirDesc |
| +-------------------------------+
|
| +-------------------------------+
+--> | protocolDirType |
| +-------------------------------+
|
| +-------------------------------+
+--> | protocolDirAddressMapConfig |
| +-------------------------------+
|
| +-------------------------------+
+--> | protocolDirHostConfig |
| +-------------------------------+
|
| +-------------------------------+
+--> | protocolDirMatrixConfig |
| +-------------------------------+
Expires December 21, 2002 [Page 20]
Internet Draft RMON Framework August 25, 2002
|
| +-------------------------------+
+--> | protocolDirOwner |
| +-------------------------------+
|
| +-------------------------------+
+--> | protocolDirStatus |
+-------------------------------+
Figure XX: The protocolDirEntries.
The protocolDirID is the index into the table, it globally identifies a
protocol encapsulation and is discussed below. The
protocolDirLocalIndex is an index of local significance pointing back to
the protocolDirTable and hence the protocol encapsulation and the other
capabilities and configuration of the agent related to the
encapsulation. The protocolDirType identifies the agent's capability to
'extend' the table one level up and to recognize the address for this
protocol encapsulation. The protocolDirAddressMapConfig identifies the
agent's ability to map the protocol address to a MAC-level address. The
protocolDirHostConfig identifies the agent's capability in building a
network-layer and application-layer host table for the protocol
encapsulation. The protocolDirMatrixConfig identifies the agent's
capabilities with respect to building the RMON2 matrix tables, e.g.,
alMatrix and nlMatrix tables.
As mentioned, the protocolDirID is a hierarchically formatted OCTET
STRING to globally identify individual protocol encapsulations. A
protocol descriptor macro has been defined in RFC 2895 [RFC2895] to
describe the various protocol layers supported in the protocolDirID
protocol hierarchy. The protocolDirID is defined as a tree built up
from successive protocol encapsulations. Each layer is identified by 4
octet sub-identifiers constructed from the protocol identifier fields at
the various layers of the encapsulation. The number of layers (actually
the number of octets in the total encapsulation string) in the specific
encapsulation is identified by a 1 octet count field prepending the
string of protocol sub-identifiers.
Associated with each protocol layer in the protocolDirID is a 1 octet
parameter field. The collection of these protocol parameters is
referred to as the protocolDirParameters. These 1 octet parameters
Expires December 21, 2002 [Page 21]
Internet Draft RMON Framework August 25, 2002
identify the agents capability to count fragmented packets correctly and
to track sessions for port mapped protocols, e.g., TFTP. A 1 octet
count of the number of octets in the protocolDirParameters is prepended
to the protocolDirParameters.
The protocolDirTable index is comprised of the protocolDirID, the
protocolDirParameters and their associated length fields. The index
format is shown in Figure XX.
+---+--------------------------+---+---------------+
| c ! | c ! protocolDir |
| n ! protocolDirID | n ! Parameters |
| t ! | t ! |
+---+--------------------------+---+---------------+
Figure XX: the protocolDirTable INDEX format.
An example protocolDirTable INDEX for SNMP over UDP over IP over
Ethernet is:
16.0.0.0.1.0.0.8.0.0.0.0.17.0.0.0.161.4.0.0.0.0
| | | | | | | |
+--+-------+-------+--------+---------+-+-------+
c ether2 ip udp snmp c param.
c = 1 octet count field
Figure XX: A protocolDirTable INDEX example for
SNMP over UDP over IP over Ethernet.
The set of defined protocol layers currently described is found in
RFC2896 [RFC2896]. RFC2895 [RFC2895] defines a process for suggesting
new protocols to add to the currently defined set. If accepted, then
RFC2896 would be updated to reflect these additions. In fact, RFC2896
is the second version of the defined protocol macros, obsoleting RFC2074
[RFC2074]. RFC2895 also defines how to handle protocols that do not map
into this well defined tree hierarchy built up from encapsulation
Expires December 21, 2002 [Page 22]
Internet Draft RMON Framework August 25, 2002
protocol identifiers. An example of such a protocol encapsulation is
RTP which is mapped to specific UDP ports through a separate signalling
mechanism. These are handled by the ianaAssigned protocols, as
described in RFC2895.
The protocolDirTable is defined (and used) in the RMON2 MIB [RFC2021],
and is being used in other RMONMIB WG MIBs as well as other IETF defined
MIBs. Examples include the APM MIB, the TPM MIB and the SSPM MIB
[KAL2002].
The protocolDirID is recently being extended in two ways. First, work
is underway on a new set of protocol descriptor macros which extend the
protocol encapsulation model to application layer verbs [BIE2002]. For
example, this allows the protocolDirID to point to the HTTP verb GET.
This extension was motivated by the work on the APM MIB [WAL2002] and
the TPM MIB [DIE2002]. Second, the APM MIB [WAL2002] defines the
apmAppDirectoryTable which provides a directory of applications that the
agent can process. This is discussed further in the following section.
Combined, these extensions allow:
+ The APM MIB to define and monitor end-user's view of application
performance.
+ The TPM MIB to clearly specify the sub-transactions that
comprise the application it monitors through the
tpmTransMetricDirTable.
+ The SSPM MIB [KAL2002] to generate synthetic application
transactions by importing the appLocalIndex from the APM MIB.
8.3. Application Directory and appLocalIndex
APM, TPM and related applications collect certain types of statistics
for each application or application verb they are decoding. Some
applications and application verbs are defined in the protocol directory
and thus get their own protocolID and a corresponding
protocolDirLocalIndex. Other application verbs are defined more
dynamically by entries in the apmHttpFilterTable or
apmUserDefinedAppTable. These dynamically defined applications don't
have protocolDirID's assigned to them
The APM MIB defines an important index called the appLocalIndex. For all
application monitoring in the APM and TPM MIBs, applications are
identified by integer values of the appLocalIndex. However, there is no
Expires December 21, 2002 [Page 23]
Internet Draft RMON Framework August 25, 2002
single registry of applications (as there is for protocols) because
there are a few different mechanisms through which an application may be
registered. For each value of appLocalIndex, a corresponding entry will
exist in one of several tables:
1. The protocolDirTable - Some values of appLocalIndex
correspond to protocolDirLocalIndex values assigned in the
protocolDirTable. Each of these correspond to a protocol defined
by a protocolID.
2. The apmHttpFilterTable - Some values of appLocalIndex correspond
to apmHttpFilterAppLocalindex values assigned in the
apmHttpFilterTable. Each of these correspond to an application
verb defined as a set of HTTP transactions that match a set of
filters.
3. The apmUserDefinedAppTable - Some values of appLocalIndex
correspond to index values of the apmUserDefinedAppTable. Each
of them correspond to an application or application verb defined
in a user-defined way.
Each value of appLocalIndex will only be registered in one of these
tables. In effect, the appLocalIndex number space is the union of these
number spaces, where these tables must work together to avoid assigning
overlapping (duplicate) appLocalIndexes.
Each unique appLocalIndex value is also registered in the
apmAppDirectoryTable where a number of attributes of the application may
be configured.
8.4. Data Source
Most RMON functions use a DataSource as a pointer to the entity from
which data is to be collected. The DataSource is an object identifier
which identifies one of three types of data sources:
ifIndex.<I>
Traditional RMON dataSources. Called 'port-based' for ifType.<I>
not equal to 'propVirtual(53)'. <I> is the ifIndex value (see
[22]).
smonVlanDataSource.<V>
A dataSource of this form refers to a 'Packet-based VLAN' and is
called a 'VLAN-based' dataSource. <V> is the VLAN ID as defined by
Expires December 21, 2002 [Page 24]
Internet Draft RMON Framework August 25, 2002
the IEEE 802.1Q standard [19]. The value is between 1 and 4094
inclusive, and it represents an 802.1Q VLAN-ID with global scope
within a given bridged domain, as defined by [19].
entPhysicalEntry.<N>
A dataSource of this form refers to a physical entity within the
agent and is called an 'entity-based' dataSource. <N> is the value
of the entPhysicalIndex in the entPhysicalTable (see [18]).
Expires December 21, 2002 [Page 25]
Internet Draft RMON Framework August 25, 2002
9. Relationship of APM, TPM, and SSPM MIBs
Figure 5 below shows an overiew of the components of the performance
monitoring system. On the far left of the diagram are the "Traffic
Generation Control" and the "Traffic Generation Instrumentation". The
underlying instrumentation is implementation dependent and outside the
domain of the RMONMIB specifications. The focus of the SSPM
specification within the RMONMIB is the traffic generation control
aspects shown in the figure.
+----------------+
+-------------| Application |-------------+
| +----------------+ |
| | |
+--------------------------------+ |
| Synchronization Control | |
+--------------------------------+ |
| | |
V V V
+------------------+ +------------------+ +--------------+
|Traffic Generation| |Monitoring Metrics| |Data Reduction|
| Control | | Control | | Control |
+------------------+ +------------------+ +--------------+
| ^ | ^ | ^
| | | | | |
V | V | V |
+------------------+ +------------------+ +---------------+
|Traffic Generation| |Monitoring Metrics| |Data Reduction |
| Instrumentation| | Instrumentation| +-->|Instrumentation|
+------------------+ +------------------+ | +---------------+
| |
| |
Various levels | |
and span +-----------|
|
|
V
Reports
Figure 5: A performance monitoring system
Expires December 21, 2002 [Page 26]
Internet Draft RMON Framework August 25, 2002
It is the responsibility of the network management application to
coordinate the individual aspects of the performance management
system. For example, within the RMONMIB framework:
+ SSPMMIB [1] is responsible for the traffic generation control,
+ APMMIB [2] is responsible for the aspects of the "Monitoring
Metrics Control" directly related to the end-user's perceived
application-level performance, and
+ TPMMIB [3] is responsible for the aspecys of the monitoring
metrics control related to sub-application-level transactions.
The testing model then is to first configure the traffic generation
instrumentation through the SSPMMIB control function. This defines
aspects of the synthetic traffic such as application type, targets,
etc. Once the traffic generation is configured, the network
management application can setup the monitoring instrumentation
through the APMMIB and TPMMIB. These control the reporting periods,
the type of data aggregation, etc. Once the tests are complete, the
network management application retrieves the reports from the
monitoring metrics control MIBs, e.g., APMMIB and TPMMIB.
In order to instrument the traffic generation, SSPMMIB provides
various types of information for the tests.
+ Protocol Information - the protocol information is specified
through the appLocalIndex from the APMMIB [2]. The appLocalIndex
supports standard application specification and user-defined
application specification. For more information on the
appLocalIndex see the APMMIB[1].
+ Transaction Timing Models - the SSPMMIB controls the timing
generation of the sythentic traffic. Possible timing models
include deterministic transation generation and random transaction
generation. The SSPMMIB should support traffic generation models
as specified by the IPPM Working Group within the IETF [4].
+ Request Packet Configuration - the SSPMMIB supports three levels
of packet configuration, i.e., Common Part, Link Level and
Application Level.
- The Common Part packet configuration covers aspects of the
packet configuration common to all transactions. These include
the appLocalIndex, source and destination network addresses,
Expires December 21, 2002 [Page 27]
Internet Draft RMON Framework August 25, 2002
timing model information, packet timeouts, packet fill, packet
sequence number information, etc.
- The Link Layer Configuration - the SSPMMIB contains a
LinkLevelExtensionTable to configure aspects of the various
link-level headers. Examples of link-level header information
includes media QOS parameters, etc.
- The Application Level Configuration - the SSPMMIB contains an
ApplicationLayerExtentionTable to configure application
specific aspects of the synthetic transactions. These include
parameters such as username and password for application-layer
authentication, application target information such as a URL in
an HTTP transation, and other target information for other
applications, e.g., hostname in an DNS transaction.
Finally, the SSPMMIB presupposes the need for source and sink
configuration in the context of one-way traffic generation for one-
way measurements. In this case, the SSPMMIB has seperate source and
sink configuration tables. For roundtrip measurements, the source
and sink tables reside on the same device. For one-way measurements,
the source and sink tables reside on seperate remote devices. This
distinction may or may not be necessary, see, e.g., the One-Way Delay
Protocol (OWDP) draft [5].
10. Acknowledgements
This memo is a product of the RMON MIB working group.
11. Informative References
[RFC1905]
SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S.
Waldbusser, "Protocol Operations for Version 2 of the Simple
Network Management Protocol (SNMPv2)", RFC 1905, SNMP Research,
Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc.,
International Network Services, January 1996.
[RFC1906]
SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S.
Waldbusser, "Transport Mappings for Version 2 of the Simple Network
Management Protocol (SNMPv2)", RFC 1906, SNMP Research, Inc., Cisco
Systems, Inc., Dover Beach Consulting, Inc., International Network
Services, January 1996.
Expires December 21, 2002 [Page 28]
Internet Draft RMON Framework August 25, 2002
[RFC2026]
Bradner, S., "The Internet Standards Process -- Revision 3", RFC
2026, Harvard University, October, 1996.
[RFC2119]
S. Bradner, "Key words for use in RFCs to Indicate Requirement
Levels" RFC 2119, Harvard University, March 1997.
[RFC2571]
Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for
Describing SNMP Management Frameworks", RFC 2571, Cabletron
Systems, Inc., BMC Software, Inc., IBM T. J. Watson Research, April
1999.
[RFC2572]
Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message
Processing and Dispatching for the Simple Network Management
Protocol (SNMP)", RFC 2572, SNMP Research, Inc., Cabletron Systems,
Inc., BMC Software, Inc., IBM T. J. Watson Research, April 1999.
[RFC2573]
Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC
2573, SNMP Research, Inc., Secure Computing Corporation, Cisco
Systems, April 1999.
[RFC2574]
Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) for
version 3 of the Simple Network Management Protocol (SNMPv3)", RFC
2574, IBM T. J. Watson Research, April 1999.
[RFC2575]
Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access
Control Model (VACM) for the Simple Network Management Protocol
(SNMP)", RFC 2575, IBM T. J. Watson Research, BMC Software, Inc.,
Cisco Systems, Inc., April 1999.
[RFC2578]
McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M.,
and S. Waldbusser, "Structure of Management Information Version 2
(SMIv2)", RFC 2578, STD 58, Cisco Systems, SNMPinfo, TU
Braunschweig, SNMP Research, First Virtual Holdings, International
Network Services, April 1999.
[RFC2579]
McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M.,
Expires December 21, 2002 [Page 29]
Internet Draft RMON Framework August 25, 2002
and S. Waldbusser, "Textual Conventions for SMIv2", RFC 2579, STD
58, Cisco Systems, SNMPinfo, TU Braunschweig, SNMP Research, First
Virtual Holdings, International Network Services, April 1999.
[RFC2580]
McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M.,
and S. Waldbusser, "Conformance Statements for SMIv2", RFC 2580,
STD 58, Cisco Systems, SNMPinfo, TU Braunschweig, SNMP Research,
First Virtual Holdings, International Network Services, April 1999.
[RFC1155]
Rose, M., and K. McCloghrie, "Structure and Identification of
Management Information for TCP/IP-based Internets", RFC 1155,
Performance Systems International, Hughes LAN Systems, May 1990.
[RFC1157]
Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network
Management Protocol", RFC 1157, SNMP Research, Performance Systems
International, Performance Systems International, MIT Laboratory
for Computer Science, May 1990.
[RFC1212]
Rose, M., and K. McCloghrie, "Concise MIB Definitions", RFC 1212,
Performance Systems International, Hughes LAN Systems, March 1991.
[RFC1215]
M. Rose, "A Convention for Defining Traps for use with the SNMP",
RFC 1215, Performance Systems International, March 1991.
[RFC1901]
SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S.
Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901,
SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting,
Inc., International Network Services, January 1996.
[RFC1907]
SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S.
Waldbusser, "Management Information Base for Version 2 of the
Simple Network Management Protocol (SNMPv2)", RFC 1907, SNMP
Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc.,
International Network Services, January 1996.
[RFC2570]
Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction to
Version 3 of the Internet-standard Network Management Framework",
Expires December 21, 2002 [Page 30]
Internet Draft RMON Framework August 25, 2002
RFC 2570, SNMP Research, Inc., TIS Labs at Network Associates,
Inc., Ericsson, Cisco Systems, April 1999.
[RFC2819]
Waldbusser, S., Remote Network Monitoring Management Information
Base, RFC 2819, May 2000.
[RFC2021]
Waldbusser, S., Remote Network Monitoring Management Information
Base - Version 2 using SMIv2, RFC 2021, January 1997.
[RFC2074]
Bierman, A., and R. Iddon, Remote Network Monitoring Management
Information Base Protocol Identifiers, RFC 2074, January 1997.
[RFC2895]
Bierman, A., Bucci, C., and R. Iddon, Remote Network Monitoring
Management Information Base Protocol Identification Reference, RFC
2895, August 2000.
[RFC2896]
Bierman, A., Bucci, C., and R. Iddon, Remote Network Monitoring
Management Information Base Protocol Identifier Macros, RFC 2896,
August 2000.
[RFC2613]
Waterman, R., Lahaye, B., Romascanu, D., and S. Waldbusser, Remote
Network Monitoring MIB Extensions for Switched Networks Version
1.0, RFC 2613, June 1999.
[RFC3144]
Waldbusser, S., Remote Monitoring MIB Extensions for Interface
Parameters Monitoring, RFC 3144, August 2001.
[RFC3287]
Bierman, A., Remote Monitoring MIB Extensions for Differentiated
Services, RFC 3287, July 2002.
[RFC3273]
Waldbusser, S., Remote Network Monitoring Management Information
Base for High Capacity Networks, RFC 3273, July 2002.
[APM]
Waldbusser, S., "Application performance measurement MIB", <draft-
ietf-rmonmib-apm-mib-07.txt>, 20 July 2001.
Expires December 21, 2002 [Page 31]
Internet Draft RMON Framework August 25, 2002
[APPVERBS]
Bierman, A., Bucci, C., Dietz, R. and A. Warth, Remote Network
Monitoring Management Information Base Protocol Identifier
Reference Extensions, <draft-ietf-rmonmib-appverbs-04.txt>, August
2002. August 2000.
[TPM]
Dietz, R. and R.G.Cole, "Application Performance Measurement
Framework Transport Performance Metrics MIB", Internet Draft,
<draft-ietf-rmonmib-tpm-mib-07.txt>, 16 July 2001.
[SSPM]
Kalbfleisch, K., Cole, R.G. and D. Romascanu, "Definition of
Managed Objects for Synthetic Sources for Performance Monitoring
Algorithms, <draft-ietf-rmonmib-sspm-mib-05.txt>, August 2002.
[HCALARM]
Bierman, A., and K. McCloghrie, "Remote Monitoring MIB Extensions
for High Capacity Alarms", <draft-ietf-rmonmib-hc-alarm-
mib-01.txt>, April 2002.
[RFC2233]
McCloghrie, K., and F. Kastenholz, "The Interfaces Group MIB Using
SMIv2", RFC 2233, Cisco Systems, FTP Software, November, 1997.
[RFC2863]
McCloghrie, K., and F. Kastenholz, "The Interfaces Group MIB", RFC
2863, Cisco Systems, Argon Networks, June, 2000.
[RFC2330]
Paxson, V., Almes, G., Mahdavi, J. and M. Mathis, "Framework for IP
Performance Metrics", RFC 2330, May 1998.
[OWDP]
Shalunov, S., Teitelbaum, B. and M. Zekauskas, "A One-Way Delay
Protocol for IP Performance Measurements", <draft-ietf-ippm-
owdp-02.txt>, February 2001.
12. Security Considerations
This document is a description of existing standards and as such it does
not have any security impact.
Expires December 21, 2002 [Page 32]
Internet Draft RMON Framework August 25, 2002
13. Author's Address
Steve Waldbusser
Phone: +1 650-948-6500
Fax: +1 650-745-0671
Email: waldbusser@nextbeacon.com
Carl W. Kalbfleisch
NTT/VERIO
8700 Stemmons Freeway, Suite 211
Dallas, TX 75247
USA
Tel: +1 972-906-2034
Email: cwk@verio.net
Robert G. Cole
AT&T Labs
Network Design and Performance Analysis Department
330 Saint John Street, 2nd Floor
Havre de Grace, MD 21078
Phone: +1 410-939-8732
Fax: +1 410-939-8732
Email: rgcole@att.com
Dan Romascanu
Avaya Communication
Atidim Technology Park, Bldg. #3
Tel Aviv, 61131
Israel
Tel: +972-3-645-8414
Email: dromasca@avaya.com
Expires December 21, 2002 [Page 33]
Internet Draft RMON Framework August 25, 2002
14. Full Copyright Statement
Copyright (C) The Internet Society (2002). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it or
assist in its implementation may be prepared, copied, published and
distributed, in whole or in part, without restriction of any kind,
provided that the above copyright notice and this paragraph are included
on all such copies and derivative works. However, this document itself
may not be modified in any way, such as by removing the copyright notice
or references to the Internet Society or other Internet organizations,
except as needed for the purpose of developing Internet standards in
which case the procedures for copyrights defined in the Internet
Standards process must be followed, or as required to translate it into
languages other than English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an "AS
IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK
FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT
LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT
INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR
FITNESS FOR A PARTICULAR PURPOSE.
Expires December 21, 2002 [Page 34]
Internet Draft RMON Framework August 25, 2002
Table of Contents
1 Copyright Notice ................................................ 2
2 Abstract ........................................................ 2
3 Table of Contents ............................................... 2
4 The SNMP Network Management Framework ........................... 3
5 Definition of RMON .............................................. 4
6 Goals of RMON ................................................... 4
7 RMON Standards .................................................. 6
7.1 RMON-1 ........................................................ 6
7.2 Token Ring Extensions to RMON MIB ............................. 8
7.3 The RMON-2 MIB ................................................ 9
7.4 RMON MIB Protocol Identifiers ................................. 11
7.5 Remote Network Monitoring MIB Extensions for Switched Net-
works ........................................................ 11
7.6 RMON MIB Extensions for Interface Parameters Monitoring ....... 12
7.7 RMON Extensions for Differentiated Services (DSMON MIB) ....... 12
7.8 RMON for High Capacity Networks ............................... 14
7.9 Application Performance Measurement MIB ....................... 14
7.10 RMON MIB Protocol Identifier Reference Extensions ............ 16
7.11 Transport Performance Metrics MIB ............................ 17
7.12 Synthetic Sources for Performance Monitoring MIB ............. 18
7.13 RMON MIB Extensions for High Capacity Alarms ................. 18
8 RMON Framework Components ....................................... 19
8.1 MediaIndependent Table ........................................ 19
8.2 Protocol Directory ............................................ 19
8.3 Application Directory and appLocalIndex ....................... 23
8.4 Data Source ................................................... 24
9 Relationship of APM, TPM, and SSPM MIBs ......................... 26
10 Acknowledgements ............................................... 28
11 Informative References ......................................... 28
12 Security Considerations ........................................ 32
13 Author's Address ............................................... 33
14 Full Copyright Statement ....................................... 34
Expires December 21, 2002 [Page 35]
