Kevin Gibbons Internet Draft Josh Tseng Charles Monia Expires: May 2002 Nishan Systems Franco Travostino Nortel November 2001 Definitions of Managed Objects For iFCP Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Copyright Notice Copyright (C) The Internet Society (2001). All Rights Reserved. Abstract This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it defines a basic set of managed objects for SNMP-based monitoring and management of the Internet Fibre Channel Protocol (iFCP). This memo specifies a MIB module in a manner that is compliant to the SMIv2. The set of objects is consistent with the SNMP framework and existing SNMP standards. This memo is a product of the IP Storage (IPS) working group Gibbons Expires May 2002 1 Internet Draft iFCP MIB November 2001 within the Internet Engineering Task Force. Comments are solicited and should be addressed to the working group's mailing list at ips@ece.cmu.edu and/or the authors. Table of Contents Status of this Memo................................................1 Copyright Notice...................................................1 Abstract...........................................................1 1. Introduction...................................................2 2. The SNMP Management Framework..................................2 3. Overview.......................................................3 4. Technical Description..........................................3 5. MIB Definition.................................................3 6. Security Considerations.......................................16 7. References....................................................17 8. AuthorsĘ Addresses............................................18 9. Full Copyright Statement......................................19 1. Introduction The iFCP protocol provides Fibre Channel fabric functionality on a IP network in which TCP/IP switching and routing elements replace Fibre Channel components. This draft provides a mechanism to manage an iFCP connection using SNMP. 2. The SNMP Management Framework The SNMP Management Framework presently consists of five major components: o An overall architecture, described in RFC 2571 [RFC2571]. o Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in STD 16, RFC 1155 [RFC1155], STD 16, RFC 1212 [RFC1212] and RFC 1215 [RFC1215]. The second version, called SMIv2, is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580]. o Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in STD 15, RFC 1157 [RFC1157]. A second version of the SNMP message protocol, which is not an Internet standards track protocol, is called SNMPv2c and described in RFC 1901 [RFC1901] and RFC 1906 [RFC1906]. The third version of the message protocol is called SNMPv3 and described in RFC 1906 [RFC1906], RFC 2572 [RFC2572] and RFC 2574 [RFC2574]. o Protocol operations for accessing management information. Gibbons Expires May 2002 2 Internet Draft iFCP MIB November 2001 The first set of protocol operations and associated PDU formats is described in STD 15, RFC 1157 [RFC1157]. A second set of protocol operations and associated PDU formats is described in RFC 1905 [RFC1905]. o A set of fundamental applications described in RFC 2573 [RFC2573] and the view-based access control mechanism described in RFC 2575 [RFC2575]. A more detailed introduction to the current SNMP Management Framework can be found in RFC 2570 [RFC2570]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the mechanisms defined in the SMI. This memo specifies a MIB module that is compliant to the SMIv2. A MIB conforming to the SMIv1 can be produced through the appropriate translations. The resulting translated MIB must be semantically equivalent, except where objects or events are omitted because no translation is possible (use of Counter64). Some machine readable information in SMIv2 will be converted into textual descriptions in SMIv1 during the translation process. However, this loss of machine readable information is not considered to change the semantics of the MIB. 3. Overview The iFCP protocol can be used by IP based storage devices for FCP compatible storage. The iFCP MIB is designed to allow SNMP to be used to monitor and manage an iFCP gateway. 4. Technical Description The MIB is divided into several sections for iFCP local device and N Port information, remote iFCP device information, iFCP sessions, and iFCP session statistics. 5. MIB Definition IFCP-MIB DEFINITIONS ::= BEGIN -- -- iFCP.mib: IETF iFCP management information -- base (MIB) -- IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Counter32, Counter64, experimental FROM SNMPv2-SMI OBJECT-GROUP, Gibbons Expires May 2002 3 Internet Draft iFCP MIB November 2001 MODULE-COMPLIANCE FROM SNMPv2-CONF TEXTUAL-CONVENTION FROM SNMPv2-TC -- From rfc 2851 InetAddressType, InetAddress FROM INET-ADDRESS-MIB -- From rfc 2837 FcNameId, FcAddressId FROM FIBRE-CHANNEL-FE-MIB ; ifcpModule MODULE-IDENTITY LAST-UPDATED "0111010000Z" ORGANIZATION "IETF IPS Working Group" CONTACT-INFO " Attn: Kevin Gibbons Nishan Systems 3850 North First Street San Jose, CA 95134 USA Tel : +1 408 519-3700 email : snmp@nishansystems.com Josh Tseng Nishan Systems 3850 North First Street San Jose, CA 95134 USA Tel : +1 408 519-3700 email : snmp@nishansystems.com Charles Monia Nishan Systems 3850 North First Street San Jose, CA 95134 USA Tel : +1 408 519-3700 email : snmp@nishansystems.com Franco Travostino Nortel Networks 3 Federal Street Billerica, MA 01821 USA Tel : +1 978 288-7708 email : travos@nortelnetworks.com " Gibbons Expires May 2002 4 Internet Draft iFCP MIB November 2001 DESCRIPTION "The MIB for internet Fibre Channel Protocol (iFCP) management." -- Revision History REVISION "0111010000Z" DESCRIPTION " v1.0 (11/01/01): the first IPS standard track version. " -- an IETF number has not yet been assigned ::= {experimental XXXX} IfIndexType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Represents the possible interface indexes that can be used on the iFCP device." SYNTAX INTEGER (0..1024) NportIdx ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Represents the count of iFCP N Ports supported." SYNTAX INTEGER (0..4294967295) IfcpVersionType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Represents the protocol version supported." SYNTAX INTEGER (0..4294967295) PortType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Represents the TCP Port being used for and iFCP connection." SYNTAX INTEGER (0..65535) IfcpSessionStateType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Represents the iFCP session state." SYNTAX INTEGER {down(0), openPending(1), open(2)} -- -- Internet Fibre Channel Protocol (iFCP) -- ifcpDeviceObj OBJECT IDENTIFIER ::= {ifcpModule 1} ifcpDeviceConformance OBJECT IDENTIFIER ::= {ifcpModule 2} -- -- iFCP Objects -------------------- -- ifcpLocalDeviceObjInfo OBJECT IDENTIFIER ::= {ifcpDeviceObj 1} -- top-level object information here Gibbons Expires May 2002 5 Internet Draft iFCP MIB November 2001 ifcpVersionMin OBJECT-TYPE SYNTAX IfcpVersionType MAX-ACCESS read-only STATUS current DESCRIPTION "The minimum iFCP protocol version supported by the local iFCP device." ::= {ifcpLocalDeviceObjInfo 1} ifcpVersionMax OBJECT-TYPE SYNTAX IfcpVersionType MAX-ACCESS read-only STATUS current DESCRIPTION "The maximum iFCP protocol version supported by the local iFCP device." ::= {ifcpLocalDeviceObjInfo 2} ifcpNumNports OBJECT-TYPE SYNTAX NportIdx MAX-ACCESS read-only STATUS current DESCRIPTION "The current total number of iFCP N Ports supported by the local iFCP device." ::= {ifcpLocalDeviceObjInfo 3} -- -- iFCP Local Interface Information -- ifcpLocalTcpIfTable OBJECT-TYPE SYNTAX SEQUENCE OF IfcpLocalTcpIfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information on the local interfaces available for iFCP connections, including the TCP port used. The maximum number of entries is based on the number of local interfaces and TCP ports configured for iFCP connections." ::= {ifcpLocalDeviceObjInfo 10} ifcpLocalTcpIfEntry OBJECT-TYPE SYNTAX IfcpLocalTcpIfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information on local TCP interfaces for iFCP connections." INDEX {ifcpInterfaceIfIndex, ifcpInterfaceTcpPort} ::= {ifcpLocalTcpIfTable 1} IfcpLocalTcpIfEntry ::= SEQUENCE { ifcpInterfaceIfIndex IfIndexType, Gibbons Expires May 2002 6 Internet Draft iFCP MIB November 2001 ifcpInterfaceTcpPort PortType, ifcpInterfaceAddrType InetAddressType, ifcpInterfaceAddr InetAddress } ifcpInterfaceIfIndex OBJECT-TYPE SYNTAX IfIndexType MAX-ACCESS read-only STATUS current DESCRIPTION "This is an interface index for local device, as described in RFC 1213. This can be used as an ifTable index to obtain additional information about the interface." ::= {ifcpLocalTcpIfEntry 1} ifcpInterfaceTcpPort OBJECT-TYPE SYNTAX PortType MAX-ACCESS read-only STATUS current DESCRIPTION "This is the TCP port number being used for iFCP access in this interface." ::= {ifcpLocalTcpIfEntry 2} ifcpInterfaceAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "This type of address in ifcpInterfaceAddr." ::= {ifcpLocalTcpIfEntry 3} ifcpInterfaceAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "This is the address of the interface being used iFCP access. This address is consistent with the address defined in the ifTable of RFC 1213 for this interface." ::= {ifcpLocalTcpIfEntry 4} -- -- iFCP Local Device N Port Information -- ifcpLocalDeviceNportInfo OBJECT IDENTIFIER ::= {ifcpDeviceObj 3} -- -- iFCP N Port Table -- ifcpDeviceNportTable OBJECT-TYPE SYNTAX SEQUENCE OF IfcpDeviceNportEntry Gibbons Expires May 2002 7 Internet Draft iFCP MIB November 2001 MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information on iFCP N Ports available in the device. This table can be used to statically configure connections between iFCP devices when a name service, such as the iSNS, is not being used. The maximum number of entries is based on the number of iFCP Ports supported." ::= {ifcpLocalDeviceNportInfo 1} ifcpDeviceNportEntry OBJECT-TYPE SYNTAX IfcpDeviceNportEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information on iFCP N Port Entries in the Device ." INDEX {ifcpDeviceNportWwpn} ::= {ifcpDeviceNportTable 1} IfcpDeviceNportEntry ::= SEQUENCE { ifcpDeviceNportWwpn FcNameId, ifcpDeviceNportID FcAddressId, ifcpDeviceNportIfIndex IfIndexType, ifcpDeviceNportTcpPort PortType } ifcpDeviceNportWwpn OBJECT-TYPE SYNTAX FcNameId MAX-ACCESS read-only STATUS current DESCRIPTION "The iFCP N Port World Wide Port Name as defined in the iFCP Specification." ::= {ifcpDeviceNportEntry 1} ifcpDeviceNportID OBJECT-TYPE SYNTAX FcAddressId MAX-ACCESS read-only STATUS current DESCRIPTION "The iFCP N Port, Port ID as defined in the iFCP Specification." ::= {ifcpDeviceNportEntry 3} ifcpDeviceNportIfIndex OBJECT-TYPE SYNTAX IfIndexType MAX-ACCESS read-only STATUS current DESCRIPTION "The interface that is being used for this N Port. This can be used along with ifcpDeviceNportTcpPort to access the ifcpLocalTcpIfTable." ::= {ifcpDeviceNportEntry 9} ifcpDeviceNportTcpPort OBJECT-TYPE Gibbons Expires May 2002 8 Internet Draft iFCP MIB November 2001 SYNTAX PortType MAX-ACCESS read-only STATUS current DESCRIPTION "The iFCP N Port TCP port number as defined in the iFCP Specification. This is the port number used to login to the N Port." ::= {ifcpDeviceNportEntry 11} -- -- iFCP remote device information ------------------------------ -- ifcpRemoteDeviceObjInfo OBJECT IDENTIFIER ::= {ifcpDeviceObj 5} -- -- iFCP remote device table -- ifcpRemoteDeviceTable OBJECT-TYPE SYNTAX SEQUENCE OF IfcpRemoteDeviceEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information on remote iFCP devices available for connections. This table can be used to statically configure connections between iFCP devices when a name service, such as the iSNS, is not being used. The maximum number of entries is based on the number of iFCP devices in the network." ::= {ifcpRemoteDeviceObjInfo 1} ifcpRemoteDeviceEntry OBJECT-TYPE SYNTAX IfcpRemoteDeviceEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information on remote iFCP devices." INDEX {ifcpRemoteDeviceIndex} ::= {ifcpRemoteDeviceTable 1} IfcpRemoteDeviceEntry ::= SEQUENCE { ifcpRemoteDeviceIndex INTEGER, ifcpRemoteDeviceIfIndex IfIndexType, ifcpRemoteDevicePort PortType, ifcpRemoteDeviceAddrType InetAddressType, ifcpRemoteDeviceAddr InetAddress, ifcpRemoteDeviceMgtAddrType InetAddressType, ifcpRemoteDeviceMgtAddr InetAddress, ifcpRemoteDeviceVersionMin IfcpVersionType, ifcpRemoteDeviceVersionMax IfcpVersionType } ifcpRemoteDeviceIndex OBJECT-TYPE Gibbons Expires May 2002 9 Internet Draft iFCP MIB November 2001 SYNTAX INTEGER (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The remote device iFCP interface index. This is a monotonically increasing value used as an index to the table. The device index is used because the length of ifcpRemoteDeviceAddr, ifcpRemoteDeviceIfIndex and ifcpRemoteDevicePort combined would be too long to be an index. This index and mappings to remote devices may be reset when the local iFCP device is rebooted." ::= {ifcpRemoteDeviceEntry 1} ifcpRemoteDeviceIfIndex OBJECT-TYPE SYNTAX IfIndexType MAX-ACCESS read-only STATUS current DESCRIPTION "The remote device interface If Index. This can also be used to index into the ifTable of RFC 1213 for the remote device to obtain additional information about the interface." ::= {ifcpRemoteDeviceEntry 2} ifcpRemoteDevicePort OBJECT-TYPE SYNTAX PortType MAX-ACCESS read-only STATUS current DESCRIPTION "The iFCP N Port, Port ID as defined in the iFCP Specification." ::= {ifcpRemoteDeviceEntry 3} ifcpRemoteDeviceAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "The type of address in ifcpRemoteDeviceAddr." ::= {ifcpRemoteDeviceEntry 4} ifcpRemoteDeviceAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The address of the remote device interface." ::= {ifcpRemoteDeviceEntry 5} ifcpRemoteDeviceMgtAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "The type of address in ifcpRemoteDeviceMgtAddr." ::= {ifcpRemoteDeviceEntry 6} Gibbons Expires May 2002 10 Internet Draft iFCP MIB November 2001 ifcpRemoteDeviceMgtAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The SNMP management address of the remote device interface." ::= {ifcpRemoteDeviceEntry 7} ifcpRemoteDeviceVersionMin OBJECT-TYPE SYNTAX IfcpVersionType MAX-ACCESS read-only STATUS current DESCRIPTION "The minimum iFCP protocol version supported by the remote iFCP device. It is important that the protocol version of the local and remote iFCP device be compatible." ::= {ifcpRemoteDeviceEntry 8} ifcpRemoteDeviceVersionMax OBJECT-TYPE SYNTAX IfcpVersionType MAX-ACCESS read-only STATUS current DESCRIPTION "The maximum iFCP protocol version supported by the remote iFCP device. It is important that the protocol version of the local and remote iFCP device be compatible." ::= {ifcpRemoteDeviceEntry 9} -- -- iFCP N Port session information ------------------------------ -- ifcpNportSessionInfo OBJECT IDENTIFIER ::= {ifcpDeviceObj 7} -- Session Attributes Table ifcpSessionAttributesTable OBJECT-TYPE SYNTAX SEQUENCE OF IfcpSessionAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An iFCP session consists of the pair of N_PORTs comprising the session endpoints joined by a single TCP/IP connection. This table provides information on each session currently communicating with the local device." ::= {ifcpNportSessionInfo 1} ifcpSessionAttributesEntry OBJECT-TYPE SYNTAX IfcpSessionAttributesEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the session table." Gibbons Expires May 2002 11 Internet Draft iFCP MIB November 2001 INDEX {ifcpSessionIndex} ::= {ifcpSessionAttributesTable 1} IfcpSessionAttributesEntry ::= SEQUENCE { ifcpSessionIndex INTEGER, ifcpSessionLocalNport FcNameId, ifcpSessionRemoteNport FcNameId, ifcpSessionLocalInterface INTEGER, ifcpSessionRemoteInterface INTEGER } ifcpSessionIndex OBJECT-TYPE SYNTAX INTEGER (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The iFCP session index. This is a monotonically increasing value used as an index to the table. The session index may change between local device reboots. The index was used because ifcpSessionLocalNport and ifcpSessionRemoteNport would create an index that would be difficult to implement." ::= {ifcpSessionAttributesEntry 1} ifcpSessionLocalNport OBJECT-TYPE SYNTAX FcNameId MAX-ACCESS read-only STATUS current DESCRIPTION "World Wide Name of the local N Port." ::= {ifcpSessionAttributesEntry 2} ifcpSessionRemoteNport OBJECT-TYPE SYNTAX FcNameId MAX-ACCESS read-only STATUS current DESCRIPTION "World Wide Name of the remote N Port." ::= {ifcpSessionAttributesEntry 3} ifcpSessionLocalInterface OBJECT-TYPE SYNTAX INTEGER (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The interface of the local device used for this session." ::= {ifcpSessionAttributesEntry 4} ifcpSessionRemoteInterface OBJECT-TYPE SYNTAX INTEGER (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION "The interface of the remote device used for this session." ::= {ifcpSessionAttributesEntry 5} Gibbons Expires May 2002 12 Internet Draft iFCP MIB November 2001 -- -- Statistics -- ifcpSessionStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF IfcpSessionStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table provides information on an iFCP session." ::= {ifcpNportSessionInfo 2} ifcpSessionStatsEntry OBJECT-TYPE SYNTAX IfcpSessionStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "iFCP specific statistics per session." AUGMENTS {ifcpSessionAttributesEntry} ::= {ifcpSessionStatsTable 1} IfcpSessionStatsEntry ::= SEQUENCE { ifcpSessionState IfcpSessionStateType, ifcpSessionTxOctets Counter64, ifcpSessionRxOctets Counter64, ifcpSessionTxFrames Counter64, ifcpSessionRxFrames Counter64, ifcpSessionStaleFrames Counter32, ifcpSessionHeaderCRCErrors Counter32, ifcpSessionPayloadCRCErrors Counter32, ifcpSessionOtherErrors Counter32 } ifcpSessionState OBJECT-TYPE SYNTAX IfcpSessionStateType MAX-ACCESS read-only STATUS current DESCRIPTION "The current session operating state." ::= {ifcpSessionStatsEntry 1} ifcpSessionTxOctets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of octets transmitted since the connection was first established." ::= {ifcpSessionStatsEntry 2} ifcpSessionRxOctets OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only Gibbons Expires May 2002 13 Internet Draft iFCP MIB November 2001 STATUS current DESCRIPTION "The total number of octets received since the connection was first established." ::= {ifcpSessionStatsEntry 3} ifcpSessionTxFrames OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of frames transmitted since the connection was first established." ::= {ifcpSessionStatsEntry 4} ifcpSessionRxFrames OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of frames received since the connection was first established." ::= {ifcpSessionStatsEntry 5} ifcpSessionStaleFrames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of received frames that were stale and discarded since the connection was first established." ::= {ifcpSessionStatsEntry 6} ifcpSessionHeaderCRCErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of CRC errors that occurred in the frame header detected since the connection was first established." ::= {ifcpSessionStatsEntry 7} ifcpSessionPayloadCRCErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of CRC errors that occurred in the frame payload detected since the connection was first established." ::= {ifcpSessionStatsEntry 8} ifcpSessionOtherErrors OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only Gibbons Expires May 2002 14 Internet Draft iFCP MIB November 2001 STATUS current DESCRIPTION "The total number of errors, other then errors explicitly measured, detected since the connection was first established." ::= {ifcpSessionStatsEntry 9} ------------------------------------------------------------ ifcpGroups OBJECT IDENTIFIER ::= {ifcpDeviceConformance 1} ifcpDeviceObjGroup OBJECT-GROUP OBJECTS { ifcpVersionMin, ifcpVersionMax, ifcpNumNports, ifcpInterfaceIfIndex, ifcpInterfaceTcpPort, ifcpInterfaceAddrType, ifcpInterfaceAddr } STATUS current DESCRIPTION "iFCP local device info group" ::= {ifcpGroups 1} ifcpDeviceNportGroup OBJECT-GROUP OBJECTS { ifcpDeviceNportWwpn, ifcpDeviceNportID, ifcpDeviceNportIfIndex, ifcpDeviceNportTcpPort } STATUS current DESCRIPTION "iFCP local device N Port group" ::= {ifcpGroups 2} ifcpRemoteDeviceGroup OBJECT-GROUP OBJECTS { ifcpRemoteDeviceIndex, ifcpRemoteDeviceIfIndex, ifcpRemoteDevicePort, ifcpRemoteDeviceAddrType, ifcpRemoteDeviceAddr, ifcpRemoteDeviceMgtAddrType, ifcpRemoteDeviceMgtAddr, ifcpRemoteDeviceVersionMin, ifcpRemoteDeviceVersionMax } STATUS current DESCRIPTION "iFCP local device N Port node group" ::= {ifcpGroups 3} Gibbons Expires May 2002 15 Internet Draft iFCP MIB November 2001 ifcpDeviceSessionGroup OBJECT-GROUP OBJECTS { ifcpSessionLocalNport, ifcpSessionRemoteNport, ifcpSessionLocalInterface, ifcpSessionRemoteInterface } STATUS current DESCRIPTION "iFCP Session group" ::= {ifcpGroups 4} ifcpDeviceSessionStatsGroup OBJECT-GROUP OBJECTS { ifcpSessionState, ifcpSessionTxOctets, ifcpSessionRxOctets, ifcpSessionTxFrames, ifcpSessionRxFrames, ifcpSessionStaleFrames, ifcpSessionHeaderCRCErrors, ifcpSessionPayloadCRCErrors, ifcpSessionOtherErrors } STATUS current DESCRIPTION "iFCP Session Statistics group" ::= {ifcpGroups 5} ifcpCompliances OBJECT IDENTIFIER ::= {ifcpDeviceConformance 2} ifcpDeviceComplianceV1 MODULE-COMPLIANCE STATUS current DESCRIPTION "Initial compliance statement for an iFCP device." MODULE -- this module MANDATORY-GROUPS { ifcpDeviceObjGroup, ifcpDeviceNportGroup, ifcpDeviceSessionGroup, ifcpDeviceSessionStatsGroup } ::= {ifcpCompliances 1} END 6. Security Considerations There are a number of management objects defined in this MIB that have a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. Gibbons Expires May 2002 16 Internet Draft iFCP MIB November 2001 SNMPv1 by itself is not a secure environment. Even if the network itself is secure (for example by using IPSec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB. It is recommended that the implementers consider the security features as provided by the SNMPv3 framework. Specifically, the use of the User-based Security Model RFC 2574 [RFC2574] and the View-based Access Control Model RFC 2575 [RFC2575] is recommended. It is then a customer/user responsibility to ensure that the SNMP entity giving access to an instance of this MIB, is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them. 7. References [RFC2851] M. Daniele, B. Haberman, S. Routhier, J. Schoenwaelder "Textual Conventions for Internet Network Addresses", RFC 2851, June 2000. [RFC2837] Rose, M., and K. McCloghrie, "Definitions of Managed Objects for the Fabric Element in Fibre Channel Standard", RFC 2837, May 2000. [RFC2571] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing SNMP Management Frameworks", RFC 2571, April 1999. [RFC1155] Rose, M., and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP- based Internets", STD 16, RFC 1155, May 1990. [RFC1212] Rose, M., and K. McCloghrie, "Concise MIB Definitions", STD 16, RFC 1212, March 1991. [RFC1215] M. Rose, "A Convention for Defining Traps for use with the SNMP", RFC 1215, March 1991. [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Conformance Statements Gibbons Expires May 2002 17 Internet Draft iFCP MIB November 2001 for SMIv2", STD 58, RFC 2580, April 1999. [RFC1157] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network Management Protocol", STD 15, RFC 1157, May 1990. [RFC1901] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, January 1996. [RFC1906] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1906, January 1996. [RFC2572] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2572, April 1999. [RFC2574] Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2574, April 1999. [RFC1905] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, January 1996. [RFC2573] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC 2573, April 1999. [RFC2575] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2575, April 1999. [RFC2570] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction to Version 3 of the Internet-standard Network Management Framework", RFC 2570, April 1999. 8. AuthorsĘ Addresses Josh Tseng Kevin Gibbons Charles Monia Postal: Nishan Systems 3850 North First Street San Jose, CA 95134-1702 USA Tel: (408) 519-3756 Fax: (408) 519-3705 E-mail: snmp@NishanSystems.com Franco Travostino Gibbons Expires May 2002 18 Internet Draft iFCP MIB November 2001 Nortel Networks 3 Federal Street Billerica, MA 01821 USA Tel: (978) 288-7708 E-mail: travos@nortelnetworks.com 9. Full Copyright Statement "Copyright (C) The Internet Society 2001. All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on An "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE." Gibbons Expires May 2002 19