Network Working Group J. Case Request for Comments: 1448 SNMP Research, Inc. K. McCloghrie Hughes LAN Systems M. Rose Dover Beach Consulting, Inc. S. Waldbusser Carnegie Mellon University April 1993 Protocol Operations for version 2 of the Simple Network Management Protocol (SNMPv2) Status of this Memo This RFC specifes an IAB standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "IAB Official Protocol Standards" for the standardization state and status of this protocol. Distribution of this memo is unlimited. Table of Contents 1 Introduction .......................................... 2 1.1 A Note on Terminology ............................... 2 2 Overview .............................................. 3 2.1 Roles of Protocol Entities .......................... 3 2.2 Management Information .............................. 3 2.3 Access to Management Information .................... 4 2.4 Retransmission of Requests .......................... 4 2.5 Message Sizes ....................................... 5 2.6 Transport Mappings .................................. 6 3 Definitions ........................................... 7 4 Protocol Specification ................................ 12 4.1 Common Constructs ................................... 12 4.2 PDU Processing ...................................... 12 4.2.1 The GetRequest-PDU ................................ 13 4.2.2 The GetNextRequest-PDU ............................ 15 4.2.2.1 Example of Table Traversal ...................... 16 4.2.3 The GetBulkRequest-PDU ............................ 18 4.2.3.1 Another Example of Table Traversal .............. 21 4.2.4 The Response-PDU .................................. 22 4.2.5 The SetRequest-PDU ................................ 23 4.2.6 The SNMPv2-Trap-PDU ............................... 26 4.2.7 The InformRequest-PDU ............................. 27 Case, McCloghrie, Rose & Waldbusser [Page i] RFC 1448 Protocol Operations for SNMPv2 April 1993 5 Acknowledgements ...................................... 29 6 References ............................................ 33 7 Security Considerations ............................... 35 8 Authors' Addresses .................................... 35 Case, McCloghrie, Rose & Waldbusser [Page 1] RFC 1448 Protocol Operations for SNMPv2 April 1993 1. Introduction A network management system contains: several (potentially many) nodes, each with a processing entity, termed an agent, which has access to management instrumentation; at least one management station; and, a management protocol, used to convey management information between the agents and management stations. Operations of the protocol are carried out under an administrative framework which defines both authentication and authorization policies. Network management stations execute management applications which monitor and control network elements. Network elements are devices such as hosts, routers, terminal servers, etc., which are monitored and controlled through access to their management information. Management information is viewed as a collection of managed objects, residing in a virtual information store, termed the Management Information Base (MIB). Collections of related objects are defined in MIB modules. These modules are written using a subset of OSI's Abstract Syntax Notation One (ASN.1) [1], termed the Structure of Management Information (SMI) [2]. The management protocol, version 2 of the Simple Network Management Protocol, provides for the exchange of messages which convey management information between the agents and the management stations. The form of these messages is a message "wrapper" which encapsulates a Protocol Data Unit (PDU). The form and meaning of the "wrapper" is determined by an administrative framework which defines both authentication and authorization policies. It is the purpose of this document, Protocol Operations for SNMPv2, to define the operations of the protocol with respect to the sending and receiving of the PDUs. 1.1. A Note on Terminology For the purpose of exposition, the original Internet-standard Network Management Framework, as described in RFCs 1155, 1157, and 1212, is termed the SNMP version 1 framework (SNMPv1). The current framework is termed the SNMP version 2 framework (SNMPv2). Case, McCloghrie, Rose & Waldbusser [Page 2] RFC 1448 Protocol Operations for SNMPv2 April 1993 2. Overview 2.1. Roles of Protocol Entities A SNMPv2 entity may operate in a manager role or an agent role. A SNMPv2 entity acts in an agent role when it performs SNMPv2 management operations in response to received SNMPv2 protocol messages (other than an inform notification) or when it sends trap notifications. A SNMPv2 entity acts in a manager role when it initiates SNMPv2 management operations by the generation of SNMPv2 protocol messages or when it performs SNMPv2 management operations in response to received trap or inform notifications. A SNMPv2 entity may support either or both roles, as dictated by its implementation and configuration. Further, a SNMPv2 entity can also act in the role of a proxy agent, in which it appears to be acting in an agent role, but satisfies management requests by acting in a manager role with a remote entity. The use of proxy agents and the transparency principle that defines their behavior is described in [3]. 2.2. Management Information The term, variable, refers to an instance of a non-aggregate object type defined according to the conventions set forth in the SMI [2] or the textual conventions based on the SMI [4]. The term, variable binding, normally refers to the pairing of the name of a variable and its associated value. However, if certain kinds of exceptional conditions occur during processing of a retrieval request, a variable binding will pair a name and an indication of that exception. A variable-binding list is a simple list of variable bindings. The name of a variable is an OBJECT IDENTIFIER which is the concatenation of the OBJECT IDENTIFIER of the corresponding object-type together with an OBJECT IDENTIFIER fragment identifying the instance. The OBJECT IDENTIFIER of the corresponding object-type is called the OBJECT IDENTIFIER Case, McCloghrie, Rose & Waldbusser [Page 3] RFC 1448 Protocol Operations for SNMPv2 April 1993 prefix of the variable. 2.3. Access to Management Information Three types of access to management information are provided by the protocol. One type is a request-response interaction, in which a SNMPv2 entity, acting in a manager role, sends a request to a SNMPv2 entity, acting in an agent role, and the latter SNMPv2 entity then responds to the request. This type is used to retrieve or modify management information associated with the managed device. A second type is also a request-response interaction, in which a SNMPv2 entity, acting in a manager role, sends a request to a SNMPv2 entity, also acting in a manager role, and the latter SNMPv2 entity then responds to the request. This type is used to notify a SNMPv2 entity, acting in a manager role, of management information associated with another SNMPv2 entity, also acting in a manager role. The third type of access is an unconfirmed interaction, in which a SNMPv2 entity, acting in an agent role, sends a unsolicited message, termed a trap, to a SNMPv2 entity, acting in a manager role, and no response is returned. This type is used to notify a SNMPv2 entity, acting in a manager role, of an exceptional situation, which has resulted in changes to management information associated with the managed device. 2.4. Retransmission of Requests For all types of request in this protocol, the receiver is required under normal circumstances, to generate and transmit a response to the originator of the request. Whether or not a request should be retransmitted if no corresponding response is received in an appropriate time interval, is at the discretion of the application originating the request. This will normally depend on the urgency of the request. However, such an application needs to act responsibly in respect to the frequency and duration of re-transmissions. Case, McCloghrie, Rose & Waldbusser [Page 4] RFC 1448 Protocol Operations for SNMPv2 April 1993 2.5. Message Sizes The maximum size of a SNMPv2 message is limited the minimum of: (1) the maximum message size which the destination SNMPv2 entity can accept; and, (2) the maximum message size which the source SNMPv2 entity can generate. The former is indicated by partyMaxMessageSize[5] of the destination party. The latter is imposed by implementation- specific local constraints. Each transport mapping for the SNMPv2 indicates the minimum message size which a SNMPv2 implementation must be able to produce or consume. Although implementations are encouraged to support larger values whenever possible, a conformant implementation must never generate messages larger than allowed by the receiving SNMPv2 entity. One of the aims of the GetBulkRequest-PDU, specified in this protocol, is to minimize the number of protocol exchanges required to retrieve a large amount of management information. As such, this PDU type allows a SNMPv2 entity acting in a manager role to request that the response be as large as possible given the constraints on message sizes. These constraints include the limits on the size of messages which the SNMPv2 entity acting in an agent role can generate, and the SNMPv2 entity acting in a manager role can receive. However, it is possible that such maximum sized messages may be larger than the Path MTU of the path across the network traversed by the messages. In this situation, such messages are subject to fragmentation. Fragmentation is generally considered to be harmful [6], since among other problems, it leads to a decrease in the reliability of the transfer of the messages. Thus, a SNMPv2 entity which sends a GetBulkRequest-PDU must take care to set its parameters accordingly, so as to reduce the risk of fragmentation. In particular, under conditions of network stress, only small values should be used for max-repetitions. Case, McCloghrie, Rose & Waldbusser [Page 5] RFC 1448 Protocol Operations for SNMPv2 April 1993 2.6. Transport Mappings It is important to note that the exchange of SNMPv2 messages requires only an unreliable datagram service, with every message being entirely and independently contained in a single transport datagram. Specific transport mappings and encoding rules are specified elsewhere [7]. However, the preferred mapping is the use of the User Datagram Protocol [8]. Case, McCloghrie, Rose & Waldbusser [Page 6] RFC 1448 Protocol Operations for SNMPv2 April 1993 3. Definitions SNMPv2-PDU DEFINITIONS ::= BEGIN IMPORTS ObjectName, ObjectSyntax, Integer32 FROM SNMPv2-SMI; -- protocol data units PDUs ::= CHOICE { get-request GetRequest-PDU, get-next-request GetNextRequest-PDU, get-bulk-request GetBulkRequest-PDU, response Response-PDU, set-request SetRequest-PDU, inform-request InformRequest-PDU, snmpV2-trap SNMPv2-Trap-PDU } Case, McCloghrie, Rose & Waldbusser [Page 7] RFC 1448 Protocol Operations for SNMPv2 April 1993 -- PDUs GetRequest-PDU ::= [0] IMPLICIT PDU GetNextRequest-PDU ::= [1] IMPLICIT PDU Response-PDU ::= [2] IMPLICIT PDU SetRequest-PDU ::= [3] IMPLICIT PDU -- [4] is obsolete GetBulkRequest-PDU ::= [5] IMPLICIT BulkPDU InformRequest-PDU ::= [6] IMPLICIT PDU SNMPv2-Trap-PDU ::= [7] IMPLICIT PDU Case, McCloghrie, Rose & Waldbusser [Page 8] RFC 1448 Protocol Operations for SNMPv2 April 1993 max-bindings INTEGER ::= 2147483647 PDU ::= SEQUENCE { request-id Integer32, error-status -- sometimes ignored INTEGER { noError(0), tooBig(1), noSuchName(2), -- for proxy compatibility badValue(3), -- for proxy compatibility readOnly(4), -- for proxy compatibility