Draft SNMPv1/SNMPv2 Coexistence Oct 92 Coexistence between version 1 and version 2 of the Network Management Framework Thu Nov 12 08:51:15 1992 | Jeffrey D. Case SNMP Research, Inc. University of Tennessee, Knoxville case@cs.utk.edu Keith McCloghrie Hughes LAN Systems kzm@hls.com Marshall T. Rose Dover Beach Consulting, Inc. mrose@dbc.mtview.ca.us Steven L. Waldbusser Carnegie Mellon University waldbusser@andrew.cmu.edu 1. Status of this Memo This document is an Internet Draft. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its Areas, and its Working Groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet Drafts as reference material or to cite them other than as a "work in progress". Expires May 12, 1993 [Page 1] Draft SNMPv1/SNMPv2 Coexistence Oct 92 2. Introduction The purpose of this document is to describe coexistence | between version 2 of the Internet-standard Network Management | Framework, termed the SNMP version 2 framework (SNMPv2) [1], | and the original Internet-standard Network Management | Framework (SNMPv1): | RFC 1155 [2] which defines the Structure of Management | Information (SMI), | the mechanisms used for describing and naming objects for the purpose of management. RFC 1212 [3] defines a more | concise description mechanism, | which is wholly consistent with the SMI. RFC 1213 [4] which defines the TCP/IP Management | Information Base 2 (MIB-II), | the core set of managed objects for the Internet suite of protocols. RFC 1157 [5] which defines the Simple Network Management | Protocol (SNMP), | the protocol used for network access to managed objects. Expires May 12, 1993 [Page 2] Draft SNMPv1/SNMPv2 Coexistence Oct 92 3. Management Information - The SNMPv2 approach towards describing collections of managed objects is nearly a proper superset of the approach defined in the Internet-standard Network Management Framework. For example, both approaches use ASN.1 [6] as the basis for a formal descriptive notation. Indeed, one might note that the SNMPv2 approach largely codifies the existing practice for defining MIB modules, based on extensive experience with the current framework. The SNMPv2 documents which deal with information modules are: Structure of Management Information for SNMPv2 [7], which defines concise notations for describing managed objects, compliance statements for MIB modules, and capabilities statements for agent implementations; and, Textual Conventions for SNMPv2 [8], which defines a concise notation for describing textual conventions, and also defines some initial conventions. The following sections consider the three areas: MIB modules, compliance statements, and capabilities statements. MIB modules defined using the current framework may continue to be used with the SNMPv2 protocol. However, for the MIB modules to conform to the SNMPv2 framework, the following changes are required: 3.1. Object Definitions (1) The IMPORTS statement must reference SNMPv2-SMI, instead of RFC1155-SMI and RFC-1212. (2) The MODULE-IDENTITY macro must be invoked immediately after any IMPORTs or EXPORTs statement. (3) Object groups, which were informally defined (using ASN.1 comments), must be defined using the OBJECT-GROUP macro. (4) For any object with an integer-valued SYNTAX clause, in which the corresponding INTEGER does not have a range restriction (i.e., the INTEGER has neither a defined set Expires May 12, 1993 [Page 3] Draft SNMPv1/SNMPv2 Coexistence Oct 92 of named-number enumerations nor an assignment of lower- and upper-bounds on its value), the object must have the value of its SYNTAX clause changed to Integer32. (5) For any object with a SYNTAX clause value of Counter, the object must have the value of its SYNTAX clause changed to Counter32. (6) For any object with a SYNTAX clause value of Gauge, the object must have the value of its SYNTAX clause changed to Gauge32. (7) For all objects, the ACCESS clause must be replaced by a MAX-ACCESS clause. The value of the MAX-ACCESS clause is the same as that of the ACCESS clause unless some other value makes "protocol sense" as the maximal level of access for the object. In particular, object types for which instances can be explicitly created by a protocol set operation, will have a MAX-ACCESS clause of "read- create". (8) For any columnar object which is used solely for instance identification in a conceptual row, the object must have the value of its MAX-ACCESS clause set to "not- accessible", unless all columnar objects of the conceptual row are used for instance identification, in which case, the MAX-ACCESS clause for one of them must be something other than "not-accessible". (9) For all objects, if the value of the STATUS clause is "mandatory", the value must be replaced with "current". (10) For any object not containing a DESCRIPTION clause, the object must have a DESCRIPTION clause defined. (11) For any object corresponding to a conceptual row which does not have an INDEX clause, the object must have either an INDEX clause or an AUGMENTS clause defined. (12) For any object containing a DEFVAL clause with an OBJECT IDENTIFIER value which is expressed as a collection of sub-identifiers, change the value to reference a single ASN.1 identifier. Expires May 12, 1993 [Page 4] Draft SNMPv1/SNMPv2 Coexistence Oct 92 Other changes are desirable, but not necessary: (1) Creation and deletion of conceptual rows is inconsistent using the current framework. The SNMPv2 framework corrects this. As such, if the MIB module undergoes review early in its lifetime, and it contains conceptual tables which allow creation and deletion of conceptual rows, then it may be worthwhile to deprecate the objects relating to those tables and replacing them with objects defined using the new approach. (2) For any object with a string-valued SYNTAX clause, in which the corresponding OCTET STRING does not have a size restriction (i.e., the OCTET STRING has no assignment of lower- and upper-bounds on its length), one might consider defining the bounds for the size of the object. (3) For all textual conventions informally defined in the MIB module, one might consider redefining those conventions using the TEXTUAL-CONVENTION macro. Such a change would not necessitate deprecating objects previously defined using an informal textual convention. (4) For any object which represents a measurement in some kind of units, one might consider adding a UNITS clause to the definition of that object. (5) For any conceptual row which is an extension of another conceptual row, i.e., for which subordinate columnar objects both exist and are identified via the same semantics as the other conceptual row, one might consider using an AUGMENTS clause in place of the INDEX clause for the object corresponding to the conceptual row which is an extension. 3.2. Trap Definitions If a MIB module is changed to conform to the SNMPv2 framework, then each occurrence of the TRAP-TYPE macro must be changed to a corresponding invocation of the NOTIFICATION-TYPE macro: (1) The IMPORTS statement must not reference RFC-1215. Expires May 12, 1993 [Page 5] Draft SNMPv1/SNMPv2 Coexistence Oct 92 (2) The ENTERPRISES clause must be removed. (3) The VARIABLES clause must be renamed to the OBJECTS clause. (4) The STATUS clause must be added. (5) The value of an invocation of the NOTIFICATION-TYPE macro is an OBJECT IDENTIFIER, not an INTEGER, and must be changed accordingly. 3.3. Compliance Definitions For those information modules which are "standard", a corresponding invocation of the MODULE-COMPLIANCE macro must be included within the information module (or in a companion information module), and any commentary text in the information module which relates to compliance must be removed. Typically this editing can occur when the information module undergoes review. 3.4. Capabilities Definitions In the current framework, the informational document [9] uses the MODULE-CONFORMANCE macro to describe an agent's capabilities in comparison with one or more MIB modules. Converting such a description for use with the SNMPv2 framework requires these changes: (1) Use the macro name AGENT-CAPABILITIES instead of MODULE- CONFORMANCE. (2) The STATUS clause must be added. (3) For all occurrences of the CREATION-REQUIRES clause, note the slight change in semantics, and omit this clause if appropriate. Expires May 12, 1993 [Page 6] Draft SNMPv1/SNMPv2 Coexistence Oct 92 4. Protocol Operations The SNMPv2 documents which deal with protocol operations are: Protocol Operations for SNMPv2 [10], which defines the syntax and semantics of the operations conveyed by the protocol; and, Transport Mappings for SNMPv2 [11], which defines how the protocol operations are carried over different transport services. The following section considers two areas: the proxy behavior between an SNMPv2 entity and an SNMPv1 agent; and, the behavior of "bi-lingual" protocol entities acting in a manager role. 4.1. Proxy Agent Behavior To achieve coexistence at the protocol-level, a proxy mechanism may be used. A SNMPv2 entity acting in an agent role may be implemented and configured to act in the role of a proxy agent. 4.1.1. SNMPv2 -> SNMPv1 When converting requests from a SNMPv2 entity acting in a manager role into requests sent to a SNMPv1 entity acting in an agent role: (1) If a GetRequest-PDU, GetNextRequest-PDU, or SetRequest- PDU is received, then it is passed unaltered by the proxy agent. (2) If a GetBulkRequest-PDU is received, the proxy agent sets the non-repeaters and max-repetitions fields to zero, and sets the tag of the PDU to GetNextRequest-PDU. 4.1.2. SNMPv1 -> SNMPv2 When converting responses received from a SNMPv1 entity acting in an agent role into responses sent to a SNMPv2 entity acting Expires May 12, 1993 [Page 7] Draft SNMPv1/SNMPv2 Coexistence Oct 92 in a manager role: (1) If a GetResponse-PDU is received, then it is passed unaltered by the proxy agent. Note that even though a SNMPv2 entity will never generate a Response-PDU with a error-status field having a value of `noSuchName', or `badValue', the proxy agent must not change this field. This allows the SNMPv2 entity acting in a manager role to interpret the response correctly. If a GetResponse-PDU is received with an error-status field having a value of `tooBig', the proxy agent will remove the contents of the variable-bindings field before propagating the response. Note that even though a SNMPv2 entity will never generate a `tooBig' in response to a GetBulkRequestPDU, the proxy agent must propagate such a response. (2) If a Trap-PDU is received, then it is mapped into a SNMPv2-Trap-PDU. This is done by prepending onto the variable-bindings field two new bindings: sysUpTime.0 [4], which takes its value from the timestamp field of the Trap-PDU; and, snmpTrapOID.0 [12], which is calculated thusly: if the value of generic-trap field is `enterpriseSpecific', then the value used is the concatenation of the enterprise field from the Trap-PDU with two additional sub-identifiers, `0', and the value of the specific-trap field; otherwise, the value of the corresponding trap defined in [12] is used. (For example, if the value of the generic-trap field is `coldStart', then the coldStart trap [12] is used.) Then, one new binding is appended onto the variable-bindings field: snmpTrapEnterpriseOID.0 [12], which takes its value from the enterprise field of the Trap-PDU. To determine the destinations for the SNMPv2-Trap-PDU, the proxy agent applies the procedures defined in Section 8.5 of [7], with the exception that no check is made to see if the instances associated with this trap are present in the proxy agent's view. Expires May 12, 1993 [Page 8] Draft SNMPv1/SNMPv2 Coexistence Oct 92 4.2. Bi-lingual Manager Behavior To achieve coexistence at the protocol-level, a protocol entity acting in a manager role might support both SNMPv1 and SNMPv2. When a management application needs to contact a protocol entity acting in an agent role, the entity acting in a manager role consults a local database to select the correct management protocol to use. In order to provide transparency to management applications, the entity acting in a manager role must map operations as if it were acting as a proxy agent. Expires May 12, 1993 [Page 9] Draft SNMPv1/SNMPv2 Coexistence Oct 92 5. Acknowledgements The comments of the SNMP Version 2 working group are gratefully acknowledged: Steve Alexander, Interactive Systems Uri Blumenthal, International Business Machines Jeffrey D. Case, SNMP Research, Inc. Tracy Cox, Bellcore James R. (Chuck) Davin, Bellcore Mike Davison, FiberCom Taso N. Devetzis, Bellcore Gary W. Haney, Martin Marietta Energy Systems Matt Hecht, SNMP Research, Inc. Susan E. Hicks, Martin Marietta Energy Systems Satish Joshi, SynOptics Mark Kepke, Hewlett-Packard Ken Key, SNMP Research, Inc. Michael Kornegay, Visisoft Deidre C. Kostick, Bellcore Cheryl Krupczak, Georgia Tech Robert C. Lushbaugh, Martin Marietta Energy Systems Keith McCloghrie, Hughes LAN Systems Dave Minnich, FiberCom Dave Perkins, SynOptics Marshall T. Rose, Dover Beach Consulting, Inc. Shawn A. Routhier, Epilogue Technology Jon Saperia, Digital Equipment Corporation Bob Stewart, Xyplex (chair) Robert Synder, Cisco Systems Maurice Turcotte, Racal Datacom Steven L. Waldbusser, Carnegie Mellon University Bert Wijnen, International Business Machines Peter Wilson, 3Com Steven Wong, Digital Equipment Corporation Chris Young, Cabletron Kiho Yum, 3Com Expires May 12, 1993 [Page 10] Draft SNMPv1/SNMPv2 Coexistence Oct 92 6. References [1] J.D. Case, K. McCloghrie, M.T. Rose, S.L. Waldbusser, Introduction to version 2 of the Internet-standard Network Management Framework, Internet-Draft, (October 7, 1992). [2] M.T. Rose and K. McCloghrie, Structure and Identification of Management Information for TCP/IP-based internets. Request for Comments 1155, (May, 1990). [3] M.T. Rose and K. McCloghrie, Concise MIB Definitions. Request for Comments 1212, (March, 1991). [4] K. McCloghrie and M.T. Rose, Management Information Base for Network Management of TCP/IP-based internets: MIB-II. Request for Comments 1213, (March, 1991). [5] J.D. Case, M.S. Fedor, M.L. Schoffstall, and J.R. Davin, Simple Network Management Protocol. Request for Comments 1157, (May, 1990). [6] Information processing systems - Open Systems Interconnection - Specification of Abstract Syntax Notation One (ASN.1), International Organization for Standardization. International Standard 8824, (December, 1987). [7] J.D. Case, K. McCloghrie, M.T. Rose, S.L. Waldbusser, Structure of Management Information for version 2 of the Simple Network Management Protocol, Internet-Draft, (October 7, 1992). [8] J.D. Case, K. McCloghrie, M.T. Rose, S.L. Waldbusser, Textual Conventions for version 2 of the the Simple Network Management Protocol (SNMPv2), Internet-Draft, (October 7, 1992). [9] K. McCloghrie, M.T. Rose, A Convention for Describing SNMP-based Agents. Request for Comments 1303, (February, 1992). [10] J.D. Case, K. McCloghrie, M.T. Rose, S.L. Waldbusser, Protocol Operations for version 2 of the Simple Network Management Protocol (SNMPv2), Internet-Draft, (October 7, Expires May 12, 1993 [Page 11] Draft SNMPv1/SNMPv2 Coexistence Oct 92 1992). [11] J.D. Case, K. McCloghrie, M.T. Rose, S.L. Waldbusser, Transport Mappings for version 2 of the Simple Network Management Protocol (SNMPv2), Internet-Draft, (October 7, 1992). [12] J.D. Case, K. McCloghrie, M.T. Rose, S.L. Waldbusser, Management Information Base for version 2 of the Simple Network Management Protocol (SNMPv2), Internet-Draft, (October 7, 1992). [13] J.R. Davin, J.M. Galvin, K. McCloghrie, SNMP Administrative Model. Request for Comments 1351, (July, 1992). [14] J.M. Galvin, K. McCloghrie, J.R. Davin, SNMP Security Protocols. Request for Comments 1352, (July, 1992). [15] K. McCloghrie, J.R. Davin, J.M. Galvin, Definitions of Managed Objects for Administration of SNMP Parties. Request for Comments 1353, (July, 1992). Expires May 12, 1993 [Page 12] Draft SNMPv1/SNMPv2 Coexistence Oct 92 Table of Contents 1 Status of this Memo ................................... 1 2 Introduction .......................................... 2 3 Management Information ................................ 3 3.1 Object Definitions .................................. 3 3.2 Trap Definitions .................................... 5 3.3 Compliance Definitions .............................. 6 3.4 Capabilities Definitions ............................ 6 4 Protocol Operations ................................... 7 4.1 Proxy Agent Behavior ................................ 7 4.1.1 SNMPv2 -> SNMPv1 .................................. 7 4.1.2 SNMPv1 -> SNMPv2 .................................. 7 4.2 Bi-lingual Manager Behavior ......................... 9 5 Acknowledgements ...................................... 10 6 References ............................................ 11 Expires May 12, 1993 [Page 13]