An Administrative Infrastructure for SNMPv2
RFC 1909

 
Document Type RFC - Historic (February 1996; No errata)
Last updated 2013-03-02
Stream Legacy
Formats plain text pdf html
Stream Legacy state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 1909 (Historic)
Telechat date
Responsible AD Bert Wijnen
IESG note and RFC1910 are now Historic
Send notices to <mduerst@w3.org>
Network Working Group                              K. McCloghrie, Editor
Request for Comments: 1909                           Cisco Systems, Inc.
Category: Experimental                                     February 1996

              An Administrative Infrastructure for SNMPv2

Status of this Memo

   This memo defines an Experimental Protocol for the Internet
   community.  This memo does not specify an Internet standard of any
   kind.  Discussion and suggestions for improvement are requested.
   Distribution of this memo is unlimited.

Table of Contents

   1. Introduction ................................................    2
   2. Overview ....................................................    2
   2.1 Contexts ...................................................    3
   2.2 Authorization: Access Rights and MIB Views .................    3
   2.3 Authentication and Privacy .................................    4
   2.4 Access Control .............................................    5
   2.5 Security Models ............................................    5
   2.6 Proxy ......................................................    5
   3. Elements of the Model .......................................    7
   3.1 SNMPv2 Entity ..............................................    7
   3.2 SNMPv2 Agent ...............................................    7
   3.3 SNMPv2 Manager .............................................    8
   3.4 SNMPv2 Dual-Role Entity ....................................    8
   3.5 View Subtree and Families ..................................    9
   3.6 MIB View ...................................................    9
   3.7 SNMPv2 Context .............................................   10
   3.7.1 Local SNMPv2 Context .....................................   11
   3.7.2 Proxy SNMPv2 Context .....................................   11
   3.8 SNMPv2 PDUs and Operations .................................   12
   3.8.1 The Report-PDU ...........................................   12
   3.9 SNMPv2 Access Control Policy ...............................   13
   4. Security Considerations .....................................   13
   5. Editor's Address ............................................   14
   6. Acknowledgements ............................................   14
   7. References ..................................................   14
   Appendix A Disambiguating the SNMPv2 Protocol Definition .......   16
   Appendix B Who Sends Inform-Requests?  .........................   17
   Appendix B.1 Management Philosophy .............................   17
   Appendix B.2 The Danger of Trap Storms .........................   17
   Appendix B.3 Inform-Requests ...................................   18

McCloghrie                    Experimental                      [Page 1]
RFC 1909        An SNMPv2 Administrative Infrastructure    February 1996

1.  Introduction

   A management system contains:  several (potentially many) nodes, each
   with a processing entity, termed an agent, which has access to
   management instrumentation; at least one management station; and, a
   management protocol, used to convey management information between
   the agents and management stations.  Operations of the protocol are
   carried out under an administrative framework which defines
   authentication, authorization, access control, and privacy policies.

   Management stations execute management applications which monitor and
   control managed elements.  Managed elements are devices such as
   hosts, routers, terminal servers, etc., which are monitored and
   controlled via access to their management information.

   It is the purpose of this document, An Administrative Infrastructure
   for SNMPv2, to define an administrative framework which realizes
   effective management in a variety of configurations and environments.
   The SNMPv2 framework is fully described in [1-6].  This framework is
   derived from the original Internet-standard Network Management
   Framework (SNMPv1), which consists of these three documents:

      STD 16, RFC 1155 [7] which defines the Structure of Management
      Information (SMI), the mechanisms used for describing and naming
      objects for the purpose of management.

      STD 16, RFC 1212 [8] which defines a more concise description
      mechanism, which is wholly consistent with the SMI.

      STD 15, RFC 1157 [9] which defines the Simple Network Management
      Protocol (SNMP), the protocol used for network access to managed
      objects.

   For information on coexistence between SNMPv1 and SNMPv2, consult
   [10].

2.  Overview

   A management domain typically contains a large amount of management
   information.  Each individual item of management information is an
   instance of a managed object type.  The definition of a related set
Show full document text