-- Network Working Group R. Frye
-- Request for Comments: 3584 Vibrant Solutions
-- BCP: 74 D. Levi
-- Obsoletes: 2576 Nortel Networks
-- Category: Best Current Practice S. Routhier
-- Wind River Systems, Inc.
-- B. Wijnen
-- Lucent Technologies
-- August 2003-- Coexistence between Version 1, Version 2, and Version 3
-- of the Internet-standard Network Management Framework
SNMP-COMMUNITY-MIB DEFINITIONS::=BEGINIMPORTSIpAddress,MODULE-IDENTITY,OBJECT-TYPE,Integer32,snmpModules
FROM SNMPv2-SMI
RowStatus,StorageTypeFROM SNMPv2-TC
SnmpAdminString,SnmpEngineIDFROM SNMP-FRAMEWORK-MIB
SnmpTagValue,snmpTargetAddrEntry
FROM SNMP-TARGET-MIB
MODULE-COMPLIANCE,OBJECT-GROUPFROM SNMPv2-CONF;snmpCommunityMIB MODULE-IDENTITYLAST-UPDATED"200308060000Z"-- 06 Aug 2003, midnightORGANIZATION"SNMPv3 Working Group"CONTACT-INFO"WG-email: snmpv3@lists.tislabs.com
Subscribe: majordomo@lists.tislabs.com
In msg body: subscribe snmpv3
Co-Chair: Russ Mundy
SPARTA, Inc
Postal: 7075 Samuel Morse Drive
Columbia, MD 21045
USA
EMail: mundy@tislabs.com
Phone: +1 410-872-1515
Co-Chair: David Harrington
Enterasys Networks
Postal: 35 Industrial Way
P. O. Box 5005
Rochester, New Hampshire 03866-5005
USA
EMail: dbh@enterasys.com
Phone: +1 603-337-2614
Co-editor: Rob Frye
Vibrant Solutions
Postal: 2711 Prosperity Ave
Fairfax, Virginia 22031
USA
E-mail: rfrye@vibrant-1.com
Phone: +1-703-270-2000
Co-editor: David B. Levi
Nortel Networks
Postal: 3505 Kesterwood Drive
Knoxville, Tennessee 37918
E-mail: dlevi@nortelnetworks.com
Phone: +1 865 686 0432
Co-editor: Shawn A. Routhier
Wind River Systems, Inc.
Postal: 500 Wind River Way
Alameda, CA 94501
E-mail: sar@epilogue.com
Phone: +1 510 749 2095
Co-editor: Bert Wijnen
Lucent Technologies
Postal: Schagen 33
3461 GL Linschoten
Netherlands
Email: bwijnen@lucent.com
Phone: +31-348-407-775
"DESCRIPTION"This MIB module defines objects to help support
coexistence between SNMPv1, SNMPv2c, and SNMPv3.
Copyright (C) The Internet Society (2003) This
version of this MIB module is part of RFC 3584;
see the RFC itself for full legal notices."REVISION"200308060000Z"-- 06 Aug 2003
DESCRIPTION"Updated the LAST-UPDATED, CONTACT-INFO, and REVISION
clauses and added a copyright notice to the
DESCRIPTION clause of the MIB module's
MODULE-IDENTITY invocation.
Updated the description of snmpCommunityTransportTag
to make it consistent with the rest of the document.
Updated the description of `snmpTargetAddrMMS' to
clarify that a value of 0 means that the maximum
message size is unknown.
Changed the name of 'snmpCommunityGroup' to
snmpCommunityTableGroup to avoid a name conflict
with the SNMPv2-MIB.
Updated DESCRIPTION of snmpCommunityName.
Updated DESCRIPTION of snmpTrapCommunity.
Added snmpCommunityMIBFullCompliance.
This version published as RFC 3584."REVISION"200003060000Z"-- 6 Mar 2000DESCRIPTION"This version published as RFC 2576."::={ snmpModules 18}-- Administrative assignments ************************************snmpCommunityMIBObjects
OBJECTIDENTIFIER::={ snmpCommunityMIB 1}snmpCommunityMIBConformance
OBJECTIDENTIFIER::={ snmpCommunityMIB 2}--
-- The snmpCommunityTable contains a database of community
-- strings. This table provides mappings between community
-- strings, and the parameters required for View-based Access
-- Control.
--snmpCommunityTable OBJECT-TYPESYNTAXSEQUENCEOF SnmpCommunityEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"The table of community strings configured in the SNMP
engine's Local Configuration Datastore (LCD)."::={ snmpCommunityMIBObjects 1}snmpCommunityEntry OBJECT-TYPESYNTAX SnmpCommunityEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"Information about a particular community string."INDEX{IMPLIED snmpCommunityIndex }::={ snmpCommunityTable 1}
SnmpCommunityEntry ::=SEQUENCE{
snmpCommunityIndex SnmpAdminString,
snmpCommunityName OCTETSTRING,
snmpCommunitySecurityName SnmpAdminString,
snmpCommunityContextEngineID SnmpEngineID,
snmpCommunityContextName SnmpAdminString,
snmpCommunityTransportTag SnmpTagValue,
snmpCommunityStorageType StorageType,
snmpCommunityStatus RowStatus}snmpCommunityIndex OBJECT-TYPESYNTAXSnmpAdminString(SIZE(1..32))MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"The unique index value of a row in this table."::={ snmpCommunityEntry 1}snmpCommunityName OBJECT-TYPESYNTAXOCTETSTRINGMAX-ACCESSread-createSTATUScurrentDESCRIPTION"The community string for which a row in this table
represents a configuration. There is no SIZE constraint
specified for this object because RFC 1157 does not
impose any explicit limitation on the length of community
strings (their size is constrained indirectly by the
SNMP message size)."::={ snmpCommunityEntry 2}snmpCommunitySecurityName OBJECT-TYPESYNTAXSnmpAdminString(SIZE(1..32))MAX-ACCESSread-create
STATUScurrentDESCRIPTION"A human readable string representing the corresponding
value of snmpCommunityName in a Security Model
independent format."::={ snmpCommunityEntry 3}snmpCommunityContextEngineID OBJECT-TYPESYNTAXSnmpEngineIDMAX-ACCESSread-createSTATUScurrentDESCRIPTION"The contextEngineID indicating the location of the
context in which management information is accessed
when using the community string specified by the
corresponding instance of snmpCommunityName.
The default value is the snmpEngineID of the entity in
which this object is instantiated."::={ snmpCommunityEntry 4}snmpCommunityContextName OBJECT-TYPESYNTAXSnmpAdminString(SIZE(0..32))MAX-ACCESSread-createSTATUScurrentDESCRIPTION"The context in which management information is accessed
when using the community string specified by the
corresponding instance of snmpCommunityName."DEFVAL{ ''H }-- the empty string
::={ snmpCommunityEntry 5}snmpCommunityTransportTag OBJECT-TYPESYNTAXSnmpTagValueMAX-ACCESSread-createSTATUScurrentDESCRIPTION"This object specifies a set of transport endpoints
which are used in two ways:
- to specify the transport endpoints from which an
SNMP entity will accept management requests, and
- to specify the transport endpoints to which a
notification may be sent using the community
string matching the corresponding instance of
snmpCommunityName.
In either case, if the value of this object has
zero-length, transport endpoints are not checked when
either authenticating messages containing this community
string, nor when generating notifications.
The transports identified by this object are specified
in the snmpTargetAddrTable. Entries in that table
whose snmpTargetAddrTagList contains this tag value
are identified.
If a management request containing a community string
that matches the corresponding instance of
snmpCommunityName is received on a transport endpoint
other than the transport endpoints identified by this
object the request is deemed unauthentic.
When a notification is to be sent using an entry in
this table, if the destination transport endpoint of
the notification does not match one of the transport
endpoints selected by this object, the notification
is not sent."DEFVAL{ ''H }-- the empty string::={ snmpCommunityEntry 6}
snmpCommunityStorageType OBJECT-TYPESYNTAXStorageTypeMAX-ACCESSread-createSTATUScurrentDESCRIPTION"The storage type for this conceptual row in the
snmpCommunityTable. Conceptual rows having the value
'permanent' need not allow write-access to any
columnar object in the row."::={ snmpCommunityEntry 7}snmpCommunityStatus OBJECT-TYPESYNTAXRowStatusMAX-ACCESSread-createSTATUScurrentDESCRIPTION"The status of this conceptual row in the
snmpCommunityTable.
An entry in this table is not qualified for activation
until instances of all corresponding columns have been
initialized, either through default values, or through
Set operations. The snmpCommunityName and
snmpCommunitySecurityName objects must be explicitly set.
There is no restriction on setting columns in this table
when the value of snmpCommunityStatus is active(1)."::={ snmpCommunityEntry 8}--
-- The snmpTargetAddrExtTable
--snmpTargetAddrExtTable OBJECT-TYPESYNTAXSEQUENCEOF SnmpTargetAddrExtEntry
MAX-ACCESSnot-accessible
STATUScurrentDESCRIPTION"The table of mask and maximum message size (mms) values
associated with the snmpTargetAddrTable.
The snmpTargetAddrExtTable augments the
snmpTargetAddrTable with a transport address mask value
and a maximum message size value. The transport address
mask allows entries in the snmpTargetAddrTable to define
a set of addresses instead of just a single address.
The maximum message size value allows the maximum
message size of another SNMP entity to be configured for
use in SNMPv1 (and SNMPv2c) transactions, where the
message format does not specify a maximum message size."::={ snmpCommunityMIBObjects 2}snmpTargetAddrExtEntry OBJECT-TYPESYNTAX SnmpTargetAddrExtEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"Information about a particular mask and mms value."AUGMENTS{ snmpTargetAddrEntry }::={ snmpTargetAddrExtTable 1}
SnmpTargetAddrExtEntry ::=SEQUENCE{
snmpTargetAddrTMask OCTETSTRING,
snmpTargetAddrMMS Integer32}snmpTargetAddrTMask OBJECT-TYPESYNTAXOCTETSTRING(SIZE(0..255))
MAX-ACCESSread-createSTATUScurrentDESCRIPTION"The mask value associated with an entry in the
snmpTargetAddrTable. The value of this object must
have the same length as the corresponding instance of
snmpTargetAddrTAddress, or must have length 0. An
attempt to set it to any other value will result in
an inconsistentValue error.
The value of this object allows an entry in the
snmpTargetAddrTable to specify multiple addresses.
The mask value is used to select which bits of
a transport address must match bits of the corresponding
instance of snmpTargetAddrTAddress, in order for the
transport address to match a particular entry in the
snmpTargetAddrTable. Bits which are 1 in the mask
value indicate bits in the transport address which
must match bits in the snmpTargetAddrTAddress value.
Bits which are 0 in the mask indicate bits in the
transport address which need not match. If the
length of the mask is 0, the mask should be treated
as if all its bits were 1 and its length were equal
to the length of the corresponding value of
snmpTargetAddrTable.
This object may not be modified while the value of the
corresponding instance of snmpTargetAddrRowStatus is
active(1). An attempt to set this object in this case
will result in an inconsistentValue error."DEFVAL{ ''H }::={ snmpTargetAddrExtEntry 1}
snmpTargetAddrMMS OBJECT-TYPESYNTAXInteger32(0|484..2147483647)MAX-ACCESSread-createSTATUScurrentDESCRIPTION"The maximum message size value associated with an entry
in the snmpTargetAddrTable. Note that a value of 0 means
that the maximum message size is unknown."DEFVAL{484}::={ snmpTargetAddrExtEntry 2}--
-- The snmpTrapAddress and snmpTrapCommunity objects are included
-- in notifications that are forwarded by a proxy, which were
-- originally received as SNMPv1 Trap messages.
--snmpTrapAddress OBJECT-TYPESYNTAXIpAddressMAX-ACCESSaccessible-for-notifySTATUScurrentDESCRIPTION"The value of the agent-addr field of a Trap PDU which
is forwarded by a proxy forwarder application using
an SNMP version other than SNMPv1. The value of this
object SHOULD contain the value of the agent-addr field
from the original Trap PDU as generated by an SNMPv1
agent."::={ snmpCommunityMIBObjects 3}snmpTrapCommunity OBJECT-TYPESYNTAXOCTETSTRING
MAX-ACCESSaccessible-for-notifySTATUScurrentDESCRIPTION"The value of the community string field of an SNMPv1
message containing a Trap PDU which is forwarded by a
a proxy forwarder application using an SNMP version
other than SNMPv1. The value of this object SHOULD
contain the value of the community string field from
the original SNMPv1 message containing a Trap PDU as
generated by an SNMPv1 agent. There is no SIZE
constraint specified for this object because RFC 1157
does not impose any explicit limitation on the length
of community strings (their size is constrained
indirectly by the SNMP message size)."::={ snmpCommunityMIBObjects 4}-- Conformance Information **************************************snmpCommunityMIBCompliances OBJECTIDENTIFIER::={ snmpCommunityMIBConformance 1}snmpCommunityMIBGroups OBJECTIDENTIFIER::={ snmpCommunityMIBConformance 2}-- Compliance statementssnmpCommunityMIBCompliance MODULE-COMPLIANCESTATUScurrentDESCRIPTION"The compliance statement for SNMP engines which
implement the SNMP-COMMUNITY-MIB."MODULE-- this module
MANDATORY-GROUPS{ snmpCommunityTableGroup }OBJECT snmpCommunityName
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."OBJECT snmpCommunitySecurityName
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."OBJECT snmpCommunityContextEngineID
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."OBJECT snmpCommunityContextName
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."OBJECT snmpCommunityTransportTag
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."OBJECT snmpCommunityStorageType
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."OBJECT snmpCommunityStatus
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."::={ snmpCommunityMIBCompliances 1}
snmpProxyTrapForwardCompliance MODULE-COMPLIANCESTATUScurrentDESCRIPTION"The compliance statement for SNMP engines which
contain a proxy forwarding application which is
capable of forwarding SNMPv1 traps using SNMPv2c
or SNMPv3."MODULE-- this moduleMANDATORY-GROUPS{ snmpProxyTrapForwardGroup }::={ snmpCommunityMIBCompliances 2}snmpCommunityMIBFullCompliance MODULE-COMPLIANCESTATUScurrentDESCRIPTION"The compliance statement for SNMP engines which
implement the SNMP-COMMUNITY-MIB with full read-create
access."MODULE-- this moduleMANDATORY-GROUPS{ snmpCommunityTableGroup }::={ snmpCommunityMIBCompliances 3}snmpCommunityTableGroup OBJECT-GROUPOBJECTS{
snmpCommunityName,
snmpCommunitySecurityName,
snmpCommunityContextEngineID,
snmpCommunityContextName,
snmpCommunityTransportTag,
snmpCommunityStorageType,
snmpCommunityStatus,
snmpTargetAddrTMask,
snmpTargetAddrMMS
}
STATUScurrentDESCRIPTION"A collection of objects providing for configuration
of community strings for SNMPv1 (and SNMPv2c) usage."::={ snmpCommunityMIBGroups 1}snmpProxyTrapForwardGroup OBJECT-GROUPOBJECTS{
snmpTrapAddress,
snmpTrapCommunity
}STATUScurrentDESCRIPTION"Objects which are used by proxy forwarding applications
when translating traps between SNMP versions. These are
used to preserve SNMPv1-specific information when
translating to SNMPv2c or SNMPv3."::={ snmpCommunityMIBGroups 3}END