Internet Draft Andy Bierman Cisco Systems, Inc. 19 November 1998 Remote Monitoring MIB Extensions for Differentiated Services Enabled Networks Status of this Memo This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as ``work in progress.'' To learn the current status of any Internet-Draft, please check the 1id-abstracts.txt listing contained in the Internet- Drafts Shadow Directories on ftp.ietf.org, nic.nordu.net, venera.isi.edu, or munnari.oz.au. Distribution of this document is unlimited. Please send comments to the author, . 1. Copyright Notice Copyright (C) The Internet Society (1998). All Rights Reserved. 2. Abstract This memo defines an experimental portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects used for monitoring Differentiated Services Codepoint usage in IP packets. Internet-Draft DS-MON MIB November 1998 3. Table of Contents 1 Copyright Notice ................................................ 1 2 Abstract ........................................................ 1 3 Table of Contents ............................................... 2 4 The SNMP Network Management Framework ........................... 2 5 Overview ........................................................ 3 5.1 Terms ......................................................... 4 5.2 Relationship to Differentiated Services ....................... 4 5.3 Relationship to the Remote Monitoring MIBs .................... 5 5.4 MIB Structure ................................................. 6 5.4.1 DS Statistics Group ......................................... 6 5.4.2 DS Protocol Distribution Group .............................. 7 5.4.3 DS Host Distribution Group .................................. 7 5.4.4 Future Work ................................................. 8 6 Definitions ..................................................... 8 7 Intellectual Property ........................................... 40 8 Acknowledgements ................................................ 40 9 References ...................................................... 40 10 Security Considerations ........................................ 43 11 Author's Address ............................................... 43 12 Full Copyright Statement ....................................... 44 4. The SNMP Network Management Framework The SNMP Management Framework presently consists of five major components: o An overall architecture, described in RFC 2271 [1]. o Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in RFC 1155 [2], RFC 1212 [3] and RFC 1215 [4]. The second version, called SMIv2, is described in RFC 1902 [5], RFC 1903 [6] and RFC 1904 [7]. o Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in RFC 1157 [8]. A second version of the SNMP message protocol, which is not an Internet standards track protocol, is called SNMPv2c and described in RFC 1901 [9] and RFC 1906 [10]. The third version of the message protocol is called SNMPv3 and described in RFC 1906 [10], RFC 2272 [11] and RFC 2274 [12]. Expires May 1999 [Page 2] Internet-Draft DS-MON MIB November 1998 o Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described in RFC 1157 [8]. A second set of protocol operations and associated PDU formats is described in RFC 1905 [13]. o A set of fundamental applications described in RFC 2273 [14] and the view-based access control mechanism described in RFC 2275 [15]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the mechanisms defined in the SMI. This memo specifies a MIB module that is compliant to the SMIv2. A MIB conforming to the SMIv1 can be produced through the appropriate translations. The resulting translated MIB must be semantically equivalent, except where objects or events are omitted because no information in SMIv2 will be converted into textual descriptions in SMIv1 during the translation process. However, this loss of machine readable information is not considered to change the semantics of the MIB. 5. Overview There is a need for a standardized way of monitoring the network traffic usage of Differentiated Services (DS) [16] codepoint values. Different codepoint values are given different preference by each forwarding device, which affects which packets get dropped during periods of network congestion. The IETF DIFFSERV working group has redefined the semantics of the Type of Service (TOS) octet in the IP header, which is now called the 'DS field'. The 6-bit Codepoint (DSCP) portion is contained in the DS field, which provides for 64 different packet treatments for the implementation of differentiated network services. The actual packet treatment, or per-hop behavior (PHB), applied by a forwarding device, is independent of a particular DS codepoint value. By polling DS codepoint usage counters, an NMS can determine the network throughput for traffic associated with different DS codepoints. This data can then be analyzed in order to 'tune' DS codepoint 'allocations' within a network. Expires May 1999 [Page 3] Internet-Draft DS-MON MIB November 1998 5.1. Terms This document uses some terms that need introduction: DataSource A source of data for monitoring purposes. This term is used exactly as defined in the RMON-2 MIB [19]. protocol A specific protocol encapsulation, as identified for monitoring purposes. This term is used exactly as defined in the RMON Protocol Identifiers document [21]. 5.2. Relationship to Differentiated Services The DS-MON MIB focuses only on the DS codepoint values used in IP packets on a monitored dataSource. The per-hop behavior (PHB) associated with each DS codepoint may be different at each DS-capable forwarding device in the network. This MIB does not address the following Differentiated Services issues in any way: - configuration and characterization of each PHB in each device - identification of the mapping between DS codepoints and PHBs in each device - identification of DS capabilities of each forwarding device - characterization of DS codepoint values or PHBs It is expected that such a MIB (targeted for DS-capable forwarding devices) will be developed by the DIFFSERV working group. It is also desirable to keep the monitoring of DS codepoint usage independent of the DS forwarding devices, in order to keep probe placement more flexible, which, in turn, enables better statistics aggregation by the probe. This document assumes the reader is somewhat familiar with the DS Framework [17] and the DS Architecture [18], but the DS-MON MIB addresses only the aspects of monitoring DS codepoint usage, and therefore is completely decoupled from the larger issues of network-wide DS configuration and performance analysis. It is expected that complex NMS applications will use the counters in this MIB to help analyze DS- Expires May 1999 [Page 4] Internet-Draft DS-MON MIB November 1998 related throughput. It is expected that other metrics, such as delay and jitter, will also be analyzed, but support for other metrics is outside the scope of this document. 5.3. Relationship to the Remote Monitoring MIBs This MIB is intended to be implemented in Remote Monitoring (RMON) probes, which implement the RMON-2 MIB [19]. Such probes may be stand- alone devices, or may not be co-located with other networking devices (e.g., ethernet switches and repeaters). The DS-MON probe must be capable of parsing the DS field in IP packets and correlating the embedded DS codepoint value with other statistics, as defined in the DS-MON MIB. The DS-MON functions are intended to be implemented in conjunction with the associated RMON functions, but the MIB is independent of all other RMON data tables. For example, an agent might wish to implement the RMON-2 protocol distribution group and the DS-MON protocol distribution group, in order to provide the fine granularity, 'per DS codepoint' statistics with the DS-MON MIB, and the 'grand total' statistics with the RMON-2 MIB. Several concepts and even MIB objects from the RMON MIBs are used in the DS-MON MIB: DataSource This textual convention is used to describe the identification of an RMON monitoring source (defined in the RMON-2 MIB [19]). The DataSource textual convention is used throughout the DS-MON MIB to identify the monitoring source for each configured collection. A DataSource MIB object is an OBJECT IDENTIFIER, which contains the particular instance of the ifIndex object associated with the monitored dataSource. Protocol Directory The RMON-2 MIB [19] defines the protocolDirTable, which is a directory of all the protocols that the RMON-2 agent is capable of decoding and counting. The DS-MON MIB utilizes this directory to identify the application protocol usage of each DS codepoint. TimeFilter The RMON-2 TimeFilter textual convention provides a mechanism to retrieve only rows which have been created or modified since the last polling interval (for a particular NMS). The DS-MON MIB uses this textual convention in the large data tables, in order to minimize polling impact. Expires May 1999 [Page 5] Internet-Draft DS-MON MIB November 1998 Zero-Based Counters Since counters are instantiated by management action, as in the RMON MIBs, the DS-MON MIB uses zero-based counters in all data collection tables. Specifically, the ZeroBasedCounter32 textual convention from the RMON-2 MIB [19] and the ZeroBasedCounter64 textual convention (defined in the HC-RMON MIB [20]) are used to define counter objects in this MIB. High Capacity Counters The DS-MON MIB uses the same 'SNMPv1 coexistence' strategy as the RMONMIB WG. That is, where 64-bit counter is provided, a 32-bit version of the counter, and a 32-bit overflow counter are also provided. 5.4. MIB Structure The DS-MON MIB contains three groups of MIB objects: - dsStatObjects group Report DS codepoint distribution statistics for a particular RMON dataSource. - dsPdistObjects group Report DS codepoint distribution statistics for each protocol detected on a particular RMON dataSource. - dsHostObjects group Report IP host address distribution statistics for each DS codepoint, detected on a particular RMON dataSource. 5.4.1. DS Statistics Group This group contains two tables, the dsStatsControlTable and the dsStatsTable, and supports codepoint distribution statistics for half and full-duplex, low and high speed interfaces. Packet and octets distributions (by DS codepoint) are maintained in the dsStatsTable for each active control row in the dsStatsControlTable. This group provides the lowest statistics granularity in the DS-MON MIB. It is expected than NMS applications will analyze certain DS deployment or performance problems by first examining the DS codepoint distribution for an entire interface with this group. Expires May 1999 [Page 6] Internet-Draft DS-MON MIB November 1998 5.4.2. DS Protocol Distribution Group This group contains two tables, the dsPdistControlTable and the dsPdistStatsTable, and supports codepoint distribution statistics for each selected protocol encapsulation in packets monitored on a particular dataSource. Packet and octets distributions (per protocol per DS codepoint) are maintained in the dsPdistStatsTable for each active control row in the dsPdistControlTable. Due the potentially large number of entries, the DS Protocol Distribution is different from the RMON-2 protocol distribution group in several ways: - maximum desired entries parameter added to the control table - inserts and deletes counters added to the control table - support for LRU garbage collection in the dsPdistStatsTable - TimeFilter index added to the dsPdistStatsTable - selection of protocols to count by a special 'collect mode' enumeration. Rather than select individual protocols to monitor, a simplified configuration mechanism is provided. Since DS codepoint usage statistics are most interesting at the network and application layers, the dsPdistControlCollectMode object selects protocols by network layer, application layer, or both. 5.4.3. DS Host Distribution Group This group contains two tables, the dsHostControlTable and the dsHostTable, and supports IP host distribution statistics for each DS codepoint detected in packets on a monitored dataSource. It is expected than NMS applications will analyze certain DS deployment or performance problems by first determining the high priority codepoint values to examine (beyond the scope of this document) and then examining the dsHostTable statistics to determine which IP hosts are using the selected codepoint(s). Packet and octets distributions (in and out, per DS codepoint per IP host) are maintained in the dsHostTable for each active control row in the dsHostControlTable. Expires May 1999 [Page 7] Internet-Draft DS-MON MIB November 1998 Ths DS Host Distribution is different from the RMON-2 network layer host group in two ways: - there is no protocolDirLocalIndex in the dsHostTable INDEX, since only IPv4 and IPv6 packets contain a DS field, the protocol (IPv4 or IPv6) is determined by the length of each dsHostAddress instance. - the dsHostControlTable supports limited IPv4 subnet aggregation by allowing the number of 'monitored address bits' in each address to be configured for each collection. The agent will zero out the selected number of rightmost IPv4 address bits for counting purposes. This configuration parameter can dramatically reduce the number of entries which must be maintained by the agent, which should reduce CPU and memory resource requirements on the agent, and reduce polling overhead on the agent and the management station. 5.4.4. Future Work There are currently no DS-MON MIB groups corresponding to the following RMON-2 features: - network layer matrix group - application layer host group - application layer matrix group - network layer matrix TopN group - application layer matrix TopN group It is expected that the CPU and memory requirements needed to support this fine level of granularity would not be acceptable or justified for the anticipated application of the DS-MON MIB. It is possible that some of these features will be added after significant implementation experience with DS deployment and monitoring have been gained. 6. Definitions -- RMON-2 Extensions for the Monitoring of Differentiated Services -- Enabled Networks Expires May 1999 [Page 8] Internet-Draft DS-MON MIB November 1998 -- -- IP DIFFSERV DS codepoint statistics -- * Per DS Codepoint -- * Per Protocol Per DS Codepoint -- * Per DS Codepoint Per IP Host Address -- -- DSMON-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, Integer32, Counter32, experimental FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF RowStatus, TEXTUAL-CONVENTION FROM SNMPv2-TC OwnerString FROM IF-MIB protocolDirLocalIndex, LastCreateTime, DataSource, ZeroBasedCounter32, TimeFilter FROM RMON2-MIB ZeroBasedCounter64 FROM HC-RMON-MIB; dsMonMIB MODULE-IDENTITY LAST-UPDATED "9811170000Z" ORGANIZATION "Cisco Systems, Inc." CONTACT-INFO " Andy Bierman Cisco Systems, Inc. Postal: 170 West Tasman Drive San Jose, CA USA 95134 Tel: +1 408 527-3711 E-mail: abierman@cisco.com" DESCRIPTION "This module defines Remote Monitoring MIB extensions for Differentiated Services enabled networks." ::= { experimental xx } dsMonObjects OBJECT IDENTIFIER ::= { dsMonMIB 1 } dsMonNotifications OBJECT IDENTIFIER ::= { dsMonMIB 2 } dsMonConformance OBJECT IDENTIFIER ::= { dsMonMIB 3 } dsStatObjects OBJECT IDENTIFIER ::= { dsMonObjects 1 } Expires May 1999 [Page 9] Internet-Draft DS-MON MIB November 1998 dsPdistObjects OBJECT IDENTIFIER ::= { dsMonObjects 2 } dsHostObjects OBJECT IDENTIFIER ::= { dsMonObjects 3 } -- -- Extensions to the RMON-2 MIB for Differentiated Services -- Monitoring -- -- In order to maintain the RMON 'look-and-feel', some of -- the text from the RMON-2 and HC-RMON MIBs by -- Steve Waldbusser have been used in this MIB. -- -- -- Textual Convention to define a DS Codepoint for -- monitoring purposes -- DSCodePoint ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This TC describes an object which identifies the Differentiated Services Codepoint value in an IPv4 or IPv6 packet header. " REFERENCE "Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers [16]." SYNTAX Integer32 (0..63) -- -- DS Codepoint Per-DataSource Statistics Control Table -- dsStatsControlTable OBJECT-TYPE SYNTAX SEQUENCE OF DsStatsControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Controls the setup of per-data source per-DS codepoint distribution statistics." ::= { dsStatObjects 1 } dsStatsControlEntry OBJECT-TYPE SYNTAX DsStatsControlEntry MAX-ACCESS not-accessible STATUS current Expires May 1999 [Page 10] Internet-Draft DS-MON MIB November 1998 DESCRIPTION "A conceptual row in the dsStatsControlTable. Entries are created and deleted from this table by management action only, using the dsStatsControlStatus RowStatus object. Activation of a control row in this table will cause an associated dsStatsTable to be created and maintained by the agent." INDEX { dsStatsControlIndex } ::= { dsStatsControlTable 1 } DsStatsControlEntry ::= SEQUENCE { dsStatsControlIndex Integer32, dsStatsControlDataSource DataSource, dsStatsControlDroppedFrames Counter32, dsStatsControlCreateTime LastCreateTime, dsStatsControlOwner OwnerString, dsStatsControlStatus RowStatus } dsStatsControlIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An arbitrary and unique index for this dsStatsControlEntry." ::= { dsStatsControlEntry 1 } dsStatsControlDataSource OBJECT-TYPE SYNTAX DataSource MAX-ACCESS read-create STATUS current DESCRIPTION "The source of data for the this per-protocol DS codepoint distribution. The statistics in this group reflect all IPv4 and IPv6 packets on the local network segment attached to the identified interface. This object may not be modified if the associated dsStatsControlStatus object is equal to active(1)." Expires May 1999 [Page 11] Internet-Draft DS-MON MIB November 1998 ::= { dsStatsControlEntry 2 } dsStatsControlDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of frames which were received by the probe and therefore not accounted for in the *StatsDropEvents, but for which the probe chose not to count for this entry for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { dsStatsControlEntry 3 } dsStatsControlCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this control entry was last activated. This can be used by the management station to ensure that the table has not been deleted and recreated between polls." ::= { dsStatsControlEntry 4 } dsStatsControlOwner OBJECT-TYPE SYNTAX OwnerString MAX-ACCESS read-create STATUS current DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { dsStatsControlEntry 5 } dsStatsControlStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current Expires May 1999 [Page 12] Internet-Draft DS-MON MIB November 1998 DESCRIPTION "The status of this row. An entry may not exist in the active state unless all objects in the entry have an appropriate value. If this object is not equal to active(1), all associated entries in the dsStatsTable shall be deleted." ::= { dsStatsControlEntry 6 } -- -- DS Codepoint Per-DataSource Statistics Table -- dsStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF DsStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of information on Per Protocol DS codepoint usage. The following table defines per-DS codepoint statistics for full and/or half-duplex links as well as high capacity links. For half-duplex links, or full-duplex-capable links operating in half-duplex mode, the dsStatsIn* objects shall be used and the dsStatsOut* objects will not increment. For full-duplex links, the dsOut* objects will be present. Whenever possible, the probe should count packets moving away from the closest terminating equipment as output packets. Failing that, the probe should count packets moving away from the DTE as output packets." ::= { dsStatObjects 2 } dsStatsEntry OBJECT-TYPE SYNTAX DsStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of information on Differentiated Services DS codepoint usage, containing inbound and outbound packet and octet counters for each DS codepoint configured for collection. Expires May 1999 [Page 13] Internet-Draft DS-MON MIB November 1998 The dsStatsControlIndex value in the index identifies the dsStatsControlEntry on whose behalf this entry was created. Only entries with non-zero statistics will be returned by the agent, in order to reduce the amount of polling required to retrieve data from this table. That is, an entry will be created when a packet with the indicated DS codepoint value is detected by the agent. Note that only protocols which are encapsulated in IPv4 or IPv6 packets will be counted in this table. An example of the indexing of this entry is dsStatsOutPkts.1.16" INDEX { dsStatsControlIndex, dsStatsDsCodept } ::= { dsStatsTable 1 } DsStatsEntry ::= SEQUENCE { dsStatsDsCodept DSCodePoint, dsStatsInPkts ZeroBasedCounter32, dsStatsInOctets ZeroBasedCounter32, dsStatsInOvflPkts ZeroBasedCounter32, dsStatsInOvflOctets ZeroBasedCounter32, dsStatsInHCPkts ZeroBasedCounter64, dsStatsInHCOctets ZeroBasedCounter64, dsStatsOutPkts ZeroBasedCounter32, dsStatsOutOctets ZeroBasedCounter32, dsStatsOutOvflPkts ZeroBasedCounter32, dsStatsOutOvflOctets ZeroBasedCounter32, dsStatsOutHCPkts ZeroBasedCounter64, dsStatsOutHCOctets ZeroBasedCounter64 } dsStatsDsCodept OBJECT-TYPE SYNTAX DSCodePoint MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Differentiated Services Codepoint value associated with the aggregated statistics for a particular data source." ::= { dsStatsEntry 1 } dsStatsInPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only Expires May 1999 [Page 14] Internet-Draft DS-MON MIB November 1998 STATUS current DESCRIPTION "The number of packets using a particular DS codepoint value, received on a half-duplex link or on the inbound connection of a full-duplex link." ::= { dsStatsEntry 2 } dsStatsInOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets in packets, using a particular DS codepoint value, received on a half-duplex link or on the inbound connection of a full-duplex link." ::= { dsStatsEntry 3 } dsStatsInOvflPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsStatsInPkts counter has overflowed. Note that this object will only be instantiated if the associated dsStatsInHCPkts object is also instantiated for a particular dataSource." ::= { dsStatsEntry 4 } dsStatsInOvflOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsStatsInOctets counter has overflowed. Note that this object will only be instantiated if the associated dsStatsInHCOctets object is also instantiated for a particular dataSource." ::= { dsStatsEntry 5 } dsStatsInHCPkts OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsStatsInPkts object. Expires May 1999 [Page 15] Internet-Draft DS-MON MIB November 1998 Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsStatsEntry 6 } dsStatsInHCOctets OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsStatsInOctets object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsStatsEntry 7 } dsStatsOutPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets using a particular DS codepoint value, received on a full-duplex link in the direction of the network." ::= { dsStatsEntry 8 } dsStatsOutOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets in packets, using a particular DS codepoint value, received on a full-duplex link in the direction of the network." ::= { dsStatsEntry 9 } dsStatsOutOvflPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsStatsOutPkts counter has overflowed. Note that this object will only be instantiated if the associated dsStatsOutHCPkts object is Expires May 1999 [Page 16] Internet-Draft DS-MON MIB November 1998 also instantiated for a particular dataSource." ::= { dsStatsEntry 10 } dsStatsOutOvflOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsStatsOutOctets counter has overflowed. Note that this object will only be instantiated if the associated dsStatsOutHCOctets object is also instantiated for a particular dataSource." ::= { dsStatsEntry 11 } dsStatsOutHCPkts OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsStatsOutPkts object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsStatsEntry 12 } dsStatsOutHCOctets OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsStatsOutOctets object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsStatsEntry 13 } -- -- DS Codepoint Per-Protocol Statistics Control Table -- dsPdistControlTable OBJECT-TYPE SYNTAX SEQUENCE OF DsPdistControlEntry MAX-ACCESS not-accessible Expires May 1999 [Page 17] Internet-Draft DS-MON MIB November 1998 STATUS current DESCRIPTION "Controls the setup of per-protocol per-DS codepoint distribution statistics." ::= { dsPdistObjects 1 } dsPdistControlEntry OBJECT-TYPE SYNTAX DsPdistControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the dsPdistControlTable. Entries are created and deleted from this table by management action only, using the dsPdistControlStatus RowStatus object. Activation of a control row in this table will cause an associated dsPdistStatsTable to be created and maintained by the agent." INDEX { dsPdistControlIndex } ::= { dsPdistControlTable 1 } DsPdistControlEntry ::= SEQUENCE { dsPdistControlIndex Integer32, dsPdistControlDataSource DataSource, dsPdistControlMaxDesiredEntries Integer32, dsPdistControlCollectMode INTEGER, dsPdistControlDroppedFrames Counter32, dsPdistControlInserts Counter32, dsPdistControlDeletes Counter32, dsPdistControlCreateTime LastCreateTime, dsPdistControlOwner OwnerString, dsPdistControlStatus RowStatus } dsPdistControlIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An arbitrary and unique index for this dsPdistControlEntry." ::= { dsPdistControlEntry 1 } Expires May 1999 [Page 18] Internet-Draft DS-MON MIB November 1998 dsPdistControlDataSource OBJECT-TYPE SYNTAX DataSource MAX-ACCESS read-create STATUS current DESCRIPTION "The source of data for the this per-protocol DS codepoint distribution. The statistics in this group reflect all IPv4 and IPv6 packets on the local network segment attached to the identified interface. This object may not be modified if the associated dsPdistControlStatus object is equal to active(1)." ::= { dsPdistControlEntry 2 } dsPdistControlMaxDesiredEntries OBJECT-TYPE SYNTAX Integer32 (-1 | 1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum number of entries that are desired in the dsPdistStatsTable on behalf of this control entry. The probe will not create more than this number of associated entries in the table, but may choose to create fewer entries in this table for any reason including the lack of resources. If this value is set to -1, the probe may create any number of entries in this table. This object may not be modified if the associated dsPdistControlStatus object is equal to active(1)." ::= { dsPdistControlEntry 3 } dsPdistControlCollectMode OBJECT-TYPE SYNTAX INTEGER { netLayer(1), -- count L3 protocols appLayer(2), -- count application protocols netAndAppLayers(3) -- count L3 and app protocols } MAX-ACCESS read-create STATUS current DESCRIPTION "The packet layer(s) at which the agent should process DS codepoint information, for each monitored packet. Expires May 1999 [Page 19] Internet-Draft DS-MON MIB November 1998 If this object has a value of 'netLayer(1)', then the agent will include only network layer protocols in the associated dsPdistStatsTable. If this object has a value of 'appLayer(2)', then the agent will include only application layer protocols in the associated dsPdistStatsTable. Any 'terminal' protocol is considered to be an application protocol. If this object has a value of 'netAndAppLayers(3)', then the agent will include only network and application layer protocols in the associated dsPdistStatsTable. Note that entries for transport layer protocols (e.g., TCP) will not be created by the agent, even if detected by the agent. This object may not be modified if the associated dsPdistControlStatus object is equal to active(1)." ::= { dsPdistControlEntry 4 } dsPdistControlDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of frames which were received by the probe and therefore not accounted for in the *StatsDropEvents, but for which the probe chose not to count for this entry for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { dsPdistControlEntry 5 } dsPdistControlInserts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times a dsPdist entry has been inserted into the dsPdistTable. If an entry is inserted, then deleted, Expires May 1999 [Page 20] Internet-Draft DS-MON MIB November 1998 and then inserted, this counter will be incremented by 2. To allow for efficient implementation strategies, agents may delay updating this object for short periods of time. For example, an implementation strategy may allow internal data structures to differ from those visible via SNMP for short periods of time. This counter may reflect the internal data structures for those short periods of time. Note that the table size can be determined by subtracting dsPdistControlDeletes from dsPdistControlInserts." ::= { dsPdistControlEntry 6 } dsPdistControlDeletes OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times a dsPdist entry has been deleted from the dsPdist table (for any reason). If an entry is deleted, then inserted, and then deleted, this counter will be incremented by 2. To allow for efficient implementation strategies, agents may delay updating this object for short periods of time. For example, an implementation strategy may allow internal data structures to differ from those visible via SNMP for short periods of time. This counter may reflect the internal data structures for those short periods of time. Note that the table size can be determined by subtracting dsPdistControlDeletes from dsPdistControlInserts." ::= { dsPdistControlEntry 7 } dsPdistControlCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this control entry was last activated. This can be used by the management station to ensure that the table has not been deleted and recreated between polls." ::= { dsPdistControlEntry 8 } Expires May 1999 [Page 21] Internet-Draft DS-MON MIB November 1998 dsPdistControlOwner OBJECT-TYPE SYNTAX OwnerString MAX-ACCESS read-create STATUS current DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { dsPdistControlEntry 9 } dsPdistControlStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this row. An entry may not exist in the active state unless all objects in the entry have an appropriate value. If this object is not equal to active(1), all associated entries in the dsPdistStatsTable shall be deleted." ::= { dsPdistControlEntry 10 } -- -- DS Codepoint Per-Protocol Statistics Table -- dsPdistStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF DsPdistStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of information on Per Protocol DS codepoint usage." ::= { dsPdistObjects 2 } dsPdistStatsEntry OBJECT-TYPE SYNTAX DsPdistStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of information on Differentiated Services DS codepoint usage, containing packet and octet counters for each DS codepoint configured for collection, and each protocol (as identified by the protocolDirLocalIndex for the protocol) identified in each monitored packet. Expires May 1999 [Page 22] Internet-Draft DS-MON MIB November 1998 The dsPdistControlIndex value in the index identifies the dsPdistControlEntry on whose behalf this entry was created. Only entries with non-zero statistics will be returned by the agent, in order to reduce the amount of polling required to retrieve data from this table. That is, an entry will be created when a packet of that type and DS codepoint value is detected by the agent. Note that only protocols which are encapsulated in IPv4 or IPv6 packets will be counted in this table, as indicated by the protocolDirTable configuration. An example of the indexing of this entry is dsPdistStatsPkts.9.29943.42.16." INDEX { dsPdistControlIndex, dsPdistTimeMark, protocolDirLocalIndex, dsPdistDsCodept } ::= { dsPdistStatsTable 1 } DsPdistStatsEntry ::= SEQUENCE { dsPdistTimeMark TimeFilter, dsPdistDsCodept DSCodePoint, dsPdistStatsPkts ZeroBasedCounter32, dsPdistStatsOctets ZeroBasedCounter32, dsPdistStatsOvflPkts ZeroBasedCounter32, dsPdistStatsOvflOctets ZeroBasedCounter32, dsPdistStatsHCPkts ZeroBasedCounter64, dsPdistStatsHCOctets ZeroBasedCounter64, dsPdistStatsCreateTime LastCreateTime } dsPdistTimeMark OBJECT-TYPE SYNTAX TimeFilter MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Time Filter index for this table. This object may be used by a management station to retrieve only rows which have been created or modified since a particular time. Note that the current value for a row are always returned and the TimeFilter is not a historical data archiving mechanism. Refer to RFC 2021 [19] for a detailed description of TimeFilter operation." Expires May 1999 [Page 23] Internet-Draft DS-MON MIB November 1998 ::= { dsPdistStatsEntry 1 } dsPdistDsCodept OBJECT-TYPE SYNTAX DSCodePoint MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Differentiated Services Codepoint value associated with the aggregated statistics for a particular protocol." ::= { dsPdistStatsEntry 2 } dsPdistStatsPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets, monitored by this agent, and identified to be using a particular DS codepoint value in the DS header, on behalf of the protocol identified by the associated protocolDirLocalIndex value." ::= { dsPdistStatsEntry 3 } dsPdistStatsOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets in packets, monitored by this agent and identified to be using a particular DS codepoint value in the DS header, on behalf of the protocol identified by the associated protocolDirLocalIndex value. Note that this object doesn't count just those octets in the particular protocol frames, but includes the entire packet that contained the protocol." ::= { dsPdistStatsEntry 4 } dsPdistStatsOvflPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsPdistStatsPkts counter has overflowed. Note that this object will only be instantiated if the associated dsPdistStatsHCPkts object is Expires May 1999 [Page 24] Internet-Draft DS-MON MIB November 1998 also instantiated for a particular dataSource." ::= { dsPdistStatsEntry 5 } dsPdistStatsOvflOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsPdistStatsOctets counter has overflowed. Note that this object will only be instantiated if the associated dsPdistStatsHCOctets object is also instantiated for a particular dataSource." ::= { dsPdistStatsEntry 6 } dsPdistStatsHCPkts OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsPdistStatsPkts object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsPdistStatsEntry 7 } dsPdistStatsHCOctets OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsPdistStatsOctets object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsPdistStatsEntry 8 } dsPdistStatsCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this dsPdistStats entry was last instantiated by the agent. This can be used by the Expires May 1999 [Page 25] Internet-Draft DS-MON MIB November 1998 management station to ensure that the entry has not been deleted and recreated between polls." ::= { dsPdistStatsEntry 9 } -- -- IP Host Per DS Codepoint Statistics Control Table -- dsHostControlTable OBJECT-TYPE SYNTAX SEQUENCE OF DsHostControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Controls setup of per DS codepoint per IP host distribution statistics." ::= { dsHostObjects 1 } dsHostControlEntry OBJECT-TYPE SYNTAX DsHostControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the dsHostControlTable. Entries are created and deleted from this table by management action only, using the dsHostControlStatus RowStatus object. Activation of a control row in this table will cause an associated dsHostTable to be created and maintained by the agent." INDEX { dsHostControlIndex } ::= { dsHostControlTable 1 } DsHostControlEntry ::= SEQUENCE { dsHostControlIndex Integer32, dsHostControlDataSource DataSource, dsHostControlMaxDesiredEntries Integer32, dsHostControlNumAddrBits Integer32, dsHostControlDroppedFrames Counter32, dsHostControlInserts Counter32, dsHostControlDeletes Counter32, dsHostControlCreateTime LastCreateTime, dsHostControlOwner OwnerString, dsHostControlStatus RowStatus Expires May 1999 [Page 26] Internet-Draft DS-MON MIB November 1998 } dsHostControlIndex OBJECT-TYPE SYNTAX Integer32 (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "An arbitrary and unique index for this dsHostControlEntry." ::= { dsHostControlEntry 1 } dsHostControlDataSource OBJECT-TYPE SYNTAX DataSource MAX-ACCESS read-create STATUS current DESCRIPTION "The source of data for the associated dsHostTable. The statistics in this group reflect all IPv4 and IPv6 packets on the local network segment attached to the identified interface. This object may not be modified if the associated dsHostControlStatus object is equal to active(1)." ::= { dsHostControlEntry 2 } dsHostControlMaxDesiredEntries OBJECT-TYPE SYNTAX Integer32 (-1 | 1..2147483647) MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum number of entries that are desired in the dsHostTable on behalf of this control entry. The probe will not create more than this number of associated entries in the table, but may choose to create fewer entries in this table for any reason including the lack of resources. If this value is set to -1, the probe may create any number of entries in this table. This object may not be modified if the associated dsHostControlStatus object is equal to active(1)." ::= { dsHostControlEntry 3 } dsHostControlNumAddrBits OBJECT-TYPE SYNTAX Integer32 (8..32) Expires May 1999 [Page 27] Internet-Draft DS-MON MIB November 1998 MAX-ACCESS read-create STATUS current DESCRIPTION "The number of 'leftmost' contiguous bits in the IPv4 host address (as identified by the dsHostAddress object) that should be maintained in this collection. If this object has a value less than '32', then 'm' rightmost bits, where 'm' is equal to '32 - dsHostControlNumAddrBits', will be cleared to zero for counting purposes only. The 'leftmost' bit is the most significant bit of the first network-byte-order octet of the address. Note that this object only affects IPv4 host entries in the associated dsHostTable. IPv6 entries are not affected by this object. This object may not be modified if the associated dsHostControlStatus object is equal to active(1)." DEFVAL { 32 } ::= { dsHostControlEntry 4 } dsHostControlDroppedFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of frames which were received by the probe and therefore not accounted for in the *StatsDropEvents, but for which the probe chose not to count for the associated dsHost entries for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection. This count does not include packets that were not counted because they had MAC-layer errors. Note that if the dsHostTable is inactive because no appropriate protocols are enabled in the protocol directory, this value should be 0. Note that, unlike the dropEvents counter, this number is the exact number of frames dropped." ::= { dsHostControlEntry 5 } Expires May 1999 [Page 28] Internet-Draft DS-MON MIB November 1998 dsHostControlInserts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times a dsHost entry has been inserted into the dsHost table. If an entry is inserted, then deleted, and then inserted, this counter will be incremented by 2. To allow for efficient implementation strategies, agents may delay updating this object for short periods of time. For example, an implementation strategy may allow internal data structures to differ from those visible via SNMP for short periods of time. This counter may reflect the internal data structures for those short periods of time. Note that the table size can be determined by subtracting dsHostControlDeletes from dsHostControlInserts." ::= { dsHostControlEntry 6 } dsHostControlDeletes OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times a dsHost entry has been deleted from the dsHost table (for any reason). If an entry is deleted, then inserted, and then deleted, this counter will be incremented by 2. To allow for efficient implementation strategies, agents may delay updating this object for short periods of time. For example, an implementation strategy may allow internal data structures to differ from those visible via SNMP for short periods of time. This counter may reflect the internal data structures for those short periods of time. Note that the table size can be determined by subtracting dsHostControlDeletes from dsHostControlInserts." ::= { dsHostControlEntry 7 } dsHostControlCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current Expires May 1999 [Page 29] Internet-Draft DS-MON MIB November 1998 DESCRIPTION "The value of sysUpTime when this control entry was last activated. This can be used by the management station to ensure that the table has not been deleted and recreated between polls." ::= { dsHostControlEntry 8 } dsHostControlOwner OBJECT-TYPE SYNTAX OwnerString MAX-ACCESS read-create STATUS current DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it." ::= { dsHostControlEntry 9 } dsHostControlStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this dsHostControlEntry. An entry may not exist in the active state unless all objects in the entry have an appropriate value. If this object is not equal to active(1), all associated entries in the dsHostTable shall be deleted." ::= { dsHostControlEntry 10 } -- -- DS Codepoint Per IP Host Statistics Table -- dsHostTable OBJECT-TYPE SYNTAX SEQUENCE OF DsHostEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A collection of statistics for a particular IPv4 or IPv6 address that has been discovered on an interface of this device. The probe will add to this table all IP addresses seen as the source or destination address in all packets with no MAC Expires May 1999 [Page 30] Internet-Draft DS-MON MIB November 1998 errors, and will increment octet and packet counts in the table for all packets with no MAC errors." ::= { dsHostObjects 2 } dsHostEntry OBJECT-TYPE SYNTAX DsHostEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of information on Differentiated Services DS codepoint usage, containing packet and octet counters for each DS codepoint configured for collection per host address, as identified in each monitored packet. The dsHostControlIndex value in the index identifies the dsHostControlEntry on whose behalf this entry was created. The length of the dsHostAddress field identifies the network layer protocol as either IPv4 or IPv6. Only entries with non-zero statistics will be returned by the agent, in order to reduce the amount of polling required to retrieve data from this table. An entry will be created when a packet of that type and DS codepoint value is detected by the agent. An example of the indexing of this entry is dsHostOutPkts.1.24873.7.4.171.69.120.0" INDEX { dsHostControlIndex, dsHostTimeMark, dsHostDsCodept, dsHostAddress } ::= { dsHostTable 1 } DsHostEntry ::= SEQUENCE { dsHostTimeMark TimeFilter, dsHostDsCodept DSCodePoint, dsHostAddress OCTET STRING, dsHostInPkts ZeroBasedCounter32, dsHostInOctets ZeroBasedCounter32, dsHostInOvflPkts ZeroBasedCounter32, dsHostInOvflOctets ZeroBasedCounter32, dsHostInHCPkts ZeroBasedCounter64, dsHostInHCOctets ZeroBasedCounter64, dsHostOutPkts ZeroBasedCounter32, dsHostOutOctets ZeroBasedCounter32, Expires May 1999 [Page 31] Internet-Draft DS-MON MIB November 1998 dsHostOutOvflPkts ZeroBasedCounter32, dsHostOutOvflOctets ZeroBasedCounter32, dsHostOutHCPkts ZeroBasedCounter64, dsHostOutHCOctets ZeroBasedCounter64, dsHostCreateTime LastCreateTime } dsHostTimeMark OBJECT-TYPE SYNTAX TimeFilter MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Time Filter index for this table. This object may be used by a management station to retrieve only rows which have been created or modified since a particular time. Note that the current value for a row are always returned and the TimeFilter is not a historical data archiving mechanism. Refer to RFC 2021 [19] for a detailed description of TimeFilter operation." ::= { dsHostEntry 1 } dsHostDsCodept OBJECT-TYPE SYNTAX DSCodePoint MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Differentiated Services Codepoint value associated with the aggregated statistics for a particular IP host." ::= { dsHostEntry 2 } dsHostAddress OBJECT-TYPE SYNTAX OCTET STRING MAX-ACCESS not-accessible STATUS current DESCRIPTION "The network address for this dsHostEntry. The length of the address string is used to determine if this entry represents an IPv4 or IPv6 address. For example, if the length of this object is '4', then this object is encoded as an IPv4 address in network byte order. Note that IPv4 addresses may have some 'rightmost' bits cleared to zero for counting purposes, as specified by the associated dsHostControlNumHostBits object." Expires May 1999 [Page 32] Internet-Draft DS-MON MIB November 1998 ::= { dsHostEntry 3 } dsHostInPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets without errors, using the identified DS codepoint and transmitted to this address, since it was added to the dsHostTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times." ::= { dsHostEntry 4 } dsHostInOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets, transmitted to this address and using the identified DS codepoint, since it was added to the dsHostTable (excluding framing bits but including FCS octets), excluding those octets in packets that contained errors. Note this doesn't count just those octets in the particular protocol frames, but includes the entire packet that contained the protocol." ::= { dsHostEntry 5 } dsHostInOvflPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsHostInPkts counter has overflowed. Note that this object will only be instantiated if the associated dsHostInHCPkts object is also instantiated for a particular dataSource." ::= { dsHostEntry 6 } dsHostInOvflOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only Expires May 1999 [Page 33] Internet-Draft DS-MON MIB November 1998 STATUS current DESCRIPTION "The number of times the associated dsHostInOctets counter has overflowed. Note that this object will only be instantiated if the associated dsHostInHCOctets object is also instantiated for a particular dataSource." ::= { dsHostEntry 7 } dsHostInHCPkts OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsHostInPkts object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsHostEntry 8 } dsHostInHCOctets OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsHostInOctets object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsHostEntry 9 } dsHostOutPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of packets without errors, using the identified DS codepoint and transmitted by this address, since it was added to the dsHostTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times." ::= { dsHostEntry 10 } Expires May 1999 [Page 34] Internet-Draft DS-MON MIB November 1998 dsHostOutOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of octets, transmitted by this address and using the identified DS codepoint, since it was added to the dsHostTable (excluding framing bits but including FCS octets), excluding those octets in packets that contained errors. Note this doesn't count just those octets in the particular protocol frames, but includes the entire packet that contained the protocol." ::= { dsHostEntry 11 } dsHostOutOvflPkts OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsHostOutPkts counter has overflowed. Note that this object will only be instantiated if the associated dsHostOutHCPkts object is also instantiated for a particular dataSource." ::= { dsHostEntry 12 } dsHostOutOvflOctets OBJECT-TYPE SYNTAX ZeroBasedCounter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times the associated dsHostOutOctets counter has overflowed. Note that this object will only be instantiated if the associated dsHostOutHCOctets object is also instantiated for a particular dataSource." ::= { dsHostEntry 13 } dsHostOutHCPkts OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsHostOutPkts object. Expires May 1999 [Page 35] Internet-Draft DS-MON MIB November 1998 Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsHostEntry 14 } dsHostOutHCOctets OBJECT-TYPE SYNTAX ZeroBasedCounter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The 64-bit version of the dsHostOutOctets object. Note that this object will only be instantiated if the RMON agent supports High Capacity RMON for a particular dataSource." ::= { dsHostEntry 15 } dsHostCreateTime OBJECT-TYPE SYNTAX LastCreateTime MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when this dsHost entry was last instantiated by the agent. This can be used by the management station to ensure that the entry has not been deleted and recreated between polls." ::= { dsHostEntry 16 } -- -- Notifications Section -- (none defined) -- -- -- Conformance Section -- dsMonCompliances OBJECT IDENTIFIER ::= { dsMonConformance 1 } dsMonGroups OBJECT IDENTIFIER ::= { dsMonConformance 2 } dsMonCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "Describes the requirements for conformance to the Differentiated Services Monitoring MIB." Expires May 1999 [Page 36] Internet-Draft DS-MON MIB November 1998 MODULE -- this module MANDATORY-GROUPS { dsStatsGroup, dsHostGroup } GROUP dsStatsHCGroup DESCRIPTION "The dsStatsHCGroup is mandatory for systems which implement the dsStatsGroup and also implement High Capacity monitoring." GROUP dsPdistGroup DESCRIPTION "The dsPdistGroup is mandatory for systems which implement DS codepoint monitoring and the protocolDirTable from the RMON-2 MIB [19]." GROUP dsPdistHCGroup DESCRIPTION "The dsPdistHCGroup is mandatory for systems which implement the dsPdistGroup and also implement High Capacity monitoring." GROUP dsHostHCGroup DESCRIPTION "The dsHostHCGroup is mandatory for systems which implement the dsHostGroup and also implement High Capacity monitoring." ::= { dsMonCompliances 1 } dsStatsGroup OBJECT-GROUP OBJECTS { dsStatsControlDataSource, dsStatsControlDroppedFrames, dsStatsControlCreateTime, dsStatsControlOwner, dsStatsControlStatus, dsStatsInPkts, dsStatsInOctets, dsStatsOutPkts, dsStatsOutOctets } STATUS current DESCRIPTION "A collection of objects providing per DS codepoint statistics." ::= { dsMonGroups 1 } dsStatsHCGroup OBJECT-GROUP OBJECTS { dsStatsInOvflPkts, Expires May 1999 [Page 37] Internet-Draft DS-MON MIB November 1998 dsStatsInOvflOctets, dsStatsInHCPkts, dsStatsInHCOctets, dsStatsOutOvflPkts, dsStatsOutOvflOctets, dsStatsOutHCPkts, dsStatsOutHCOctets } STATUS current DESCRIPTION "A collection of objects providing per DS codepoint statistics for high capacity data sources." ::= { dsMonGroups 2 } dsPdistGroup OBJECT-GROUP OBJECTS { dsPdistControlDataSource, dsPdistControlMaxDesiredEntries, dsPdistControlCollectMode, dsPdistControlDroppedFrames, dsPdistControlInserts, dsPdistControlDeletes, dsPdistControlCreateTime, dsPdistControlOwner, dsPdistControlStatus, dsPdistStatsPkts, dsPdistStatsOctets, dsPdistStatsCreateTime } STATUS current DESCRIPTION "A collection of objects providing per protocol DS codepoint monitoring extensions to the RMON-2 MIB." ::= { dsMonGroups 3 } dsPdistHCGroup OBJECT-GROUP OBJECTS { dsPdistStatsOvflPkts, dsPdistStatsOvflOctets, dsPdistStatsHCPkts, dsPdistStatsHCOctets } STATUS current DESCRIPTION "A collection of objects providing per protocol High Expires May 1999 [Page 38] Internet-Draft DS-MON MIB November 1998 Capacity DS codepoint monitoring extensions to the RMON-2 MIB." ::= { dsMonGroups 4 } dsHostGroup OBJECT-GROUP OBJECTS { dsHostControlDataSource, dsHostControlMaxDesiredEntries, dsHostControlNumAddrBits, dsHostControlDroppedFrames, dsHostControlInserts, dsHostControlDeletes, dsHostControlCreateTime, dsHostControlOwner, dsHostControlStatus, dsHostInPkts, dsHostInOctets, dsHostOutPkts, dsHostOutOctets, dsHostCreateTime } STATUS current DESCRIPTION "A collection of objects providing per IP Host DS codepoint monitoring functions." ::= { dsMonGroups 5 } dsHostHCGroup OBJECT-GROUP OBJECTS { dsHostInOvflPkts, dsHostInOvflOctets, dsHostInHCPkts, dsHostInHCOctets, dsHostOutOvflPkts, dsHostOutOvflOctets, dsHostOutHCPkts, dsHostOutHCOctets } STATUS current DESCRIPTION "A collection of objects providing per IP Host High Capacity DS codepoint monitoring functions." ::= { dsMonGroups 6 } END Expires May 1999 [Page 39] Internet-Draft DS-MON MIB November 1998 7. Intellectual Property The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards- related documentation can be found in BCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification can be obtained from the IETF Secretariat." The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director. 8. Acknowledgements This memo has been produced with a great deal of assistance from Keith McCloghrie and Bijendra Jain. 9. References [1] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing SNMP Management Frameworks", RFC 2271, Cabletron Systems, Inc., BMC Software, Inc., IBM T. J. Watson Research, January 1998. [2] Rose, M., and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based Internets", RFC 1155, Performance Systems International, Hughes LAN Systems, May 1990. [3] Rose, M., and K. McCloghrie, "Concise MIB Definitions", RFC 1212, Performance Systems International, Hughes LAN Systems, March 1991. [4] M. Rose, "A Convention for Defining Traps for use with the SNMP", RFC 1215, Performance Systems International, March 1991. Expires May 1999 [Page 40] Internet-Draft DS-MON MIB November 1998 [5] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Structure of Management Information for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1902, SNMP Research,Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [6] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Textual Conventions for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1903, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [7] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Conformance Statements for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1904, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [8] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network Management Protocol", RFC 1157, SNMP Research, Performance Systems International, Performance Systems International, MIT Laboratory for Computer Science, May 1990. [9] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [10] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1906, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [11] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2272, SNMP Research, Inc., Cabletron Systems, Inc., BMC Software, Inc., IBM T. J. Watson Research, January 1998. [12] Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2274, IBM T. J. Watson Research, January 1998. [13] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol Operations for Version 2 of the Simple Expires May 1999 [Page 41] Internet-Draft DS-MON MIB November 1998 Network Management Protocol (SNMPv2)", RFC 1905, SNMP Research, Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., International Network Services, January 1996. [14] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC 2273, SNMP Research, Inc., Secure Computing Corporation, Cisco Systems, January 1998. [15] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2275, IBM T. J. Watson Research, BMC Software, Inc., Cisco Systems, Inc., January 1998. [16] Nichols, K., Blake, S., Baker, F., and D. L. Black, "Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers", draft-ietf-diffserv-header-04.txt, Cisco Systems, Torrent Networking Technologies, EMC Corporation, October, 1998. [17] Bernet, Y., Binder, J., Blake, S., Carlson, M., Keshav, S., Davies, E., Ohlman, B., Verma, D., Wang, Z., and W. Weiss, "A Framework for Differentiated Services", draft-ietf-diffserv-framework-01.txt, 3- Com, Torrent Networking Technologies, Redscape Software, Cornell University, Nortel UK, Ericsson, IBM, Lucent Technologies, October, 1998. [18] Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z., and W. Weiss, "An Architecture for Differentiated Services", draft-ietf- diffserv-arch-02.txt, Torrent Networking Technologies, EMC Corporation, Sun Microsystems, Nortel UK, Bell Labs Lucent Technologies, Lucent Technologies, October, 1998. [19] S. Waldbusser, "Remote Network Monitoring MIB (RMON-2)", RFC 2021, International Network Services, January 1997. [20] S. Waldbusser, "Remote Network Monitoring Management Information Base for High Capacity Networks", draft-ietf-rmonmib-hcrmon-04.txt International Network Services, October 1998. [21] Bierman, A., and R. Iddon, "Remote Network Monitoring MIB Protocol Identifiers", RFC 2074, Cisco Systems, AXON Networks, Inc., January 1997. Expires May 1999 [Page 42] Internet-Draft DS-MON MIB November 1998 10. Security Considerations In order to implement this MIB, an agent must make certain management information available about protocols and network addresses used within a managed system, which may be considered sensitive in some network environments. Therefore, a network administrator may wish to employ instance-level access control, and configure the DS-MON MIB access (e.g., community strings in SNMPv1 and SNMPv2C), such that certain instances within this MIB (e.g., dsHostInPkts or dsPdistStatsPkts), are excluded from particular MIB views. 11. Author's Address Andy Bierman Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA USA 95134 Phone: +1 408-527-3711 Email: abierman@cisco.com Expires May 1999 [Page 43] Internet-Draft DS-MON MIB November 1998 12. Full Copyright Statement Copyright (C) The Internet Society (1998). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE." Expires May 1999 [Page 44]