Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id SAA27709 for nmrg-outgoing; Thu, 30 Nov 2000 18:41:22 +0100 (MET) Received: from wanderer.hardakers.net (IDENT:root@dns2.hardaker.davis.ca.us [168.150.190.2]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id SAA27704; Thu, 30 Nov 2000 18:41:19 +0100 (MET) Received: (from hardaker@localhost) by wanderer.hardakers.net (8.9.3/8.9.3) id JAA12073; Thu, 30 Nov 2000 09:42:43 -0800 X-Authentication-Warning: wanderer.hardakers.net: hardaker set sender to wjhardaker@ucdavis.edu using -f To: Juergen Schoenwaelder Cc: wjhardaker@ucdavis.edu, nmrg@ibr.cs.tu-bs.de Subject: Re: [nmrg] SNMP over TCP issues References: <200011211527.QAA11071@henkell.ibr.cs.tu-bs.de> <200011211724.SAA13356@henkell.ibr.cs.tu-bs.de> <200011222323.AAA24722@henkell.ibr.cs.tu-bs.de> From: Wes Hardaker X-URL: http://dcas.ucdavis.edu/~hardaker Organization: Network Associates - NAI Labs X-Face: #qW^}a%m*T^{A:Cp}$R\"38+d}41-Z}uU8,r%F#c#s:~Nzp0G9](s?,K49KJ]s"*7gvRgA SrAvQc4@/}L7Qc=w{)]ACO\R{LF@S{pXfojjjGg6c;q6{~C}CxC^^&~(F]`1W)%9j/iS/ IM",B1M.?{w8ckLTYD'`|kTr\i\cgY)P4 Date: 30 Nov 2000 09:42:42 -0800 In-Reply-To: <200011222323.AAA24722@henkell.ibr.cs.tu-bs.de> Message-ID: User-Agent: Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.2 (Notus) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 1259 Lines: 30 >>>>> On Thu, 23 Nov 2000 00:23:34 +0100, Juergen Schoenwaelder said: Juergen> I actually believe the specification can only be reasonably Juergen> understood in one way. For example, section 3.2 says what the Juergen> default ports are where SNMP entities containing command Juergen> responders and notification receivers listen for incoming TCP Juergen> connections. It does not say where notification receivers Juergen> should listen. (In fact, I believe we would need more port Juergen> numbers to make things work if we allow notification Juergen> originators to listen as well.) Well, at least then it conforms to how I've been thinking it should work :-) Juergen> If we want to be more precise, would it be sufficient if I Juergen> just add a sentence saying that TCP connections are Juergen> established by SNMP engines on behalf of command generator or Juergen> notification originator applications? (We might need to Juergen> include proxy forwarders there as well but I need to think Juergen> about this as I usually tend to ignore proxies. ;-) I'd be tempted to add such a line simply because of the confusion that has been shown already. Anyway, sorry for the delay... -- Wes Hardaker NAI Labs Network Associates Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id SAA27366 for nmrg-outgoing; Thu, 30 Nov 2000 18:34:38 +0100 (MET) Received: from icasun1.epfl.ch (root@icasun1.epfl.ch [128.178.151.148]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id SAA27361 for ; Thu, 30 Nov 2000 18:34:37 +0100 (MET) Received: from ica.epfl.ch (jpmf@icahp2.epfl.ch [128.178.151.157]) by icasun1.epfl.ch (8.8.X/EPFL-8.1d for ICA) with ESMTP id SAA14982; Thu, 30 Nov 2000 18:34:35 +0100 (MET) Message-Id: <200011301734.SAA14982@icasun1.epfl.ch> X-Mailer: exmh version 2.1.1 10/15/1999 From: "J.P. Martin-Flatin" To: Network Management Research Group Reply-To: "J.P. Martin-Flatin" Subject: [nmrg] Feedback on open issues In-reply-to: Your message of "Fri, 24 Nov 2000 12:25:55 MET." <200011241125.MAA06031@henkell.ibr.cs.tu-bs.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 30 Nov 2000 18:34:35 +0100 Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 2615 Lines: 51 On Fri, 24 Nov 2000 12:25:55 +0100, Juergen Schoenwaelder wrote: > > Appendix A. OPEN ISSUES > > 1. The requirement to handle half-closed TCP connections causes > additional implementation complexity in event-driven > applications since a half-closed socket would need to be > excluded from Randy> poll/select lists input checking (since the > descriptor would Randy> always come up ready for read) but be > left in the write list Randy> until the application decides to > close the socket after writing Randy> the response. This may > turn out hard to implement consistently across platforms. > Perhaps it would be simpler to just disallow half-closed TCP > connections in order to enhance interoperability. This is really nit-picking. I've never seen general application-layer specs defining this sort of behavior. Only specific applications, where you control the code of both the client and the server, do this sort of optimization to reclaim resources in case of memory starvation. It is dangerous to do it in a general context, because you do not control things like: Will the OS of the other side send out-of-band data (e.g., keepalives) after I have closed my side of the TCP connection? The rule of thumb is: it's dangerous, so don't do it. In my view, it is a bad idea to specify this behavior in this I-D. If the SNMP client issues a series of requests and closes its outgoing side of the TCP connection, then the behavior is undetermined: the SNMP server is free to send the answers and later shut down its side of the connection, or it can as well tear down the connection immediately. Since it is undetermined, people shouldn't do it. If they do, it's at their own risk. Just think of HTTP: If you want to interoperate with any kind of HTTP servers on earth, you, programmer of an HTTP client, would *not* close your side of the TCP connection when you still expect to receive answers from the server. I suggest that the text be changed so that we do not not require the support for half-closed TCP connections. Implicitly, it will mean that programmers would better not use this feature. > 2. The text does not explicitely say when TCP connections are > opened and by whom. However, some people believe that only one > sensible interpretation is actually possible. The question is > how precise we have to be without interacting too deeply with > RFC 2573. I don't see any problem or ambiguity in the current text. Until convinced otherwise, I don't think we should modify it. Jean-Philippe Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id RAA22284 for nmrg-outgoing; Thu, 30 Nov 2000 17:02:36 +0100 (MET) Received: from utrhcs.cs.utwente.nl (utrhcs.cs.utwente.nl [130.89.10.247]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id RAA22280 for ; Thu, 30 Nov 2000 17:02:32 +0100 (MET) Received: from ctit.utwente.nl (utip064.cs.utwente.nl [130.89.12.90]) by utrhcs.cs.utwente.nl (8.9.3/8.9.3) with ESMTP id RAA20484; Thu, 30 Nov 2000 17:02:27 +0100 (MET) Message-ID: <3A267A00.B3B7CC24@ctit.utwente.nl> Date: Thu, 30 Nov 2000 17:02:08 +0100 From: Aiko Pras X-Mailer: Mozilla 4.72 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: "nmrg@ibr.cs.tu-bs.de" CC: Aiko Pras , bard@utexas.edu, tedgar@cc.utexas.edu, Marcus Brunner , George Pavlou , Dave Sidor , John Strassner Subject: [nmrg] IRTF-NMRG meeting next week Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 3702 Lines: 87 Hi everyone This is a reminder for our IRTF-NMRG meeting next week. The meeting will take place in Austin (TX-USA) on friday 8 and saterday 9 December. The location of the meeting is the University of Texas at Austin, J.J. Pickle Research Center, Commons Building. The address of the meeting place is: J. J. Pickle Research Campus - The Commons 10100 Burnet Road, Bldg. 137, room 1.112 R7900 Austin, TX 78758 The host of the meeting is probably offering us a breakfast between 9:00-9:30 (if this is not the case, I'll let you know asap), which means that the real meeting will start at 9:30. People staying in the Doubletree hotel may assemble in the hall around 8:15, so we can travel the 10 miles to the university together. Lunch will be from 12:30 to 13:30; I expect that we stop around 17:00. Coffee breaks will be at 11:00 and 15:00! The contact for the local host of this meeting is Allison B. Thompson , tel: 512-471-2405. More information (including map) can be downloaded from http://www.ibr.cs.tu-bs.de/projects/nmrg/meetings/2000/austin/ The purpose of this meeting is to dive into the details of network information modeling. The things we want to do at the meeting include: 1) Discuss the pros and cons of doing information modeling work. This discussion could include the relevance of this work; is it necessary to have standards and how problematic is it to have multiple standards. Are the standards being implemented? Do they reduce the costs of network device vendors and / or network management vendors? Do they help network operators? 2) Produce an overview of what has been done so far in various groups. Among the things we could look at are SMIng (including the results of the Kleinheubach meeting), SPPI, NIM, CIM, GDMO, UML, CORBA (e.g. CORBA's Generic Network and NE Level Information Model), TINA, TMN NRIM etc. Next to the overview, we should also make a comparison. 3) Discuss the key elements for a next generation information model for the Internet. The subject of this meeting is interesting and it will therefore be important to have good minutes. Probably we could, just as we did after our first meeting in Lausanne, have as result an overview / conclusion paper in, for example, the Simple-Times (I think there are already two volunteers for writing the minutes and article). Below is the current list of people who will attend the NMRG meeting. : Aiko Pras (Twente University, meeting chair) : Juergen Schoenwaelder (Technical University Braunschweig) : Bill Bard (University of Austin) : Dave Perkins (SNMPinfo) : Andrea Westerinnen (Cisco Systems) : David Harrington (Cabletron) : Jean-Philippe Martin-Flatin (AT&T Labs Research) : Bert Wijnen (Lucent) : Dave Thaler (Microsoft) : Marcus Brunner (NEC C&C Research) : Dave Durham (Intel) : George Pavlou (University Surrey) : Dave Sidor (Nortel Networks) : Robert Parhonyi (Twente University) : Szabolcs Boros (Twente University) : John Strassner (Cisco Systems) (*) John Strassner (marked with a *) is not yet sure whether he will make it in time. For those who do not yet have a hotel, many of us (including me) will stay in the Doubletree Club Hotel: Doubletree Club Hotel 1617 IH-35 North (between 15th and MLK) Austin, Texas 78702 Phone: +1-512-479-4000 Fax: +1-512-479-6400 See you next week!! Aiko Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id LAA29423 for nmrg-outgoing; Tue, 28 Nov 2000 11:39:37 +0100 (MET) Received: from utrhcs.cs.utwente.nl (utrhcs.cs.utwente.nl [130.89.10.247]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id LAA29416 for ; Tue, 28 Nov 2000 11:39:35 +0100 (MET) Received: from ctit.utwente.nl (utip064.cs.utwente.nl [130.89.12.90]) by utrhcs.cs.utwente.nl (8.9.3/8.9.3) with ESMTP id LAA23632; Tue, 28 Nov 2000 11:39:31 +0100 (MET) Message-ID: <3A238B61.870F6124@ctit.utwente.nl> Date: Tue, 28 Nov 2000 11:39:29 +0100 From: Aiko Pras X-Mailer: Mozilla 4.72 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: "Wijnen, Bert (Bert)" CC: nmrg@ibr.cs.tu-bs.de Subject: Re: [nmrg] NMRG Information Modelling Workshop References: <2413FED0DFE6D111B3F90008C7FA61FB0A3F833B@nl0006exch002u.nl.lucent.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 322 Lines: 10 Hi "Wijnen, Bert (Bert)" wrote: > > At what time do we plan to finish on Saturday the 9th? > I would like to fly to SanDiego on the Saturday evening. It depends on what people want. I assume we will not stop later than 17:00 hours. I can imagine, however, that people want to stop earlier. I have no problem with that. Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id AAA01529 for nmrg-outgoing; Tue, 28 Nov 2000 00:04:41 +0100 (MET) Received: from hoemlsrv.firewall.lucent.com (hoemail1.lucent.com [192.11.226.161]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id AAA01523 for ; Tue, 28 Nov 2000 00:04:37 +0100 (MET) Received: from hoemlsrv.firewall.lucent.com (localhost [127.0.0.1]) by hoemlsrv.firewall.lucent.com (Pro-8.9.3/8.9.3) with ESMTP id SAA00622 for ; Mon, 27 Nov 2000 18:04:36 -0500 (EST) Received: from nl0006exch001h.wins.lucent.com (h135-85-76-62.lucent.com [135.85.76.62]) by hoemlsrv.firewall.lucent.com (Pro-8.9.3/8.9.3) with ESMTP id SAA00595 for ; Mon, 27 Nov 2000 18:04:36 -0500 (EST) Received: by nl0006exch001h.nl.lucent.com with Internet Mail Service (5.5.2650.21) id ; Tue, 28 Nov 2000 00:04:30 +0100 Message-ID: <2413FED0DFE6D111B3F90008C7FA61FB0A3F833B@nl0006exch002u.nl.lucent.com> From: "Wijnen, Bert (Bert)" To: nmrg@ibr.cs.tu-bs.de, Aiko Pras Subject: RE: [nmrg] NMRG Information Modelling Workshop Date: Tue, 28 Nov 2000 00:04:23 +0100 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 2884 Lines: 63 At what time do we plan to finish on Saturday the 9th? I would like to fly to SanDiego on the Saturday evening. Bert > ---------- > From: Aiko Pras[SMTP:pras@ctit.utwente.nl] > Sent: Thursday, November 09, 2000 6:08 PM > To: nmrg@ibr.cs.tu-bs.de > Cc: Aiko Pras > Subject: [nmrg] NMRG Information Modelling Workshop > > Hi everyone > > Now that all details regarding the meeting location are known (see > , I > would like to propose an agenda for our next IRTF-NMRG meeting. As > agreed in a previous discussion on the NMRG mailinglist, the purpose of > this meeting will be to dive into the details of network information > modeling. The things we want to do at the meeting include: > > 1) Discuss the pros and cons of doing information modeling work. > This discussion could include the relevance of this work; is > it necessary to have standards and how problematic is it to > have multiple standards. Are the standards being implemented? Do > they reduce the costs of network device vendors and / or > network management vendors? Do they help network operators? > > 2) Produce an overview of what has been done so far in various > groups. Among the things we could look at are SMIng (including > the results of the Kleinheubach meeting), SPPI, NIM, CIM, GDMO, > UML, CORBA (e.g. CORBA's Generic Network and NE Level Information > Model), TINA, TMN NRIM etc. It would be nice if there were volunteers > to introduce each of these approaches. Next to the overview, > we should also make a comparison. > > 3) Discuss the key elements for a next generation information model > for the Internet. > > The subject of this meeting is interesting and I guess it will therefore > be important to have good minutes. Probably we could, just as we did > after our first meeting in Lausanne, have as result an overview / > conclusion paper in, for example, the Simple-Times (are there any Ph.D. > students participating in the meeting :-). > > I would appreciate your comments an this draft agenda. Also I would like > to ask for volunteers to introduce each of the approaches. Per > approach there will be 20 minutes (or less) available for a technical > presentation (remember this is the IRTF; political issues will be > discussed the week afterwards :-). If you have any pointers to relevant > info, please let me know; I will collect these pointers and send them in > a later email to all of you. > > Since the meeting center is about 10 miles from the Doubletree hotel, I > propose we start at 9:30 (those who want can assemble in the hall of the > hotel at 9:00, and travel together). Lunch will be from 12:30 to 13:30; > I expect that we stop around 17:30 (depending on the discussion, of > course). Coffee breaks will be at 11:00 and 15:00! > > Bye > > Aiko > Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id MAA07763 for nmrg-outgoing; Fri, 24 Nov 2000 12:31:04 +0100 (MET) Received: from henkell.ibr.cs.tu-bs.de (schoenw@henkell [134.169.34.191]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id MAA07758; Fri, 24 Nov 2000 12:31:03 +0100 (MET) Received: from schoenw@localhost by henkell.ibr.cs.tu-bs.de (8.7.6/tubsibr) id MAA06065; Fri, 24 Nov 2000 12:31:03 +0100 Date: Fri, 24 Nov 2000 12:31:03 +0100 Message-Id: <200011241131.MAA06065@henkell.ibr.cs.tu-bs.de> From: Juergen Schoenwaelder To: Network Management Research Group Subject: [nmrg] status of the snmp over tcp document Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 800 Lines: 20 I just posted a new draft. Since I heard different opinions on the two open issues, I decided to just list them as open issues and to try to get agreement on a resolution in the upcoming meetings. This means we will need another ID before this can go to the RFC editor. It would be also nice if we can get a resolution of the open issues here on the list earlier. So please continue to air your opinions. As usual, concrete proposals which portion of the text should be changed or added are more than welcome. /js -- Juergen Schoenwaelder Technical University Braunschweig Dept. Operating Systems & Computer Networks Phone: +49 531 391 3289 Bueltenweg 74/75, 38106 Braunschweig, Germany Fax: +49 531 391 5936 Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id MAA07629 for nmrg-outgoing; Fri, 24 Nov 2000 12:26:03 +0100 (MET) Received: from henkell.ibr.cs.tu-bs.de (schoenw@henkell [134.169.34.191]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id MAA07619; Fri, 24 Nov 2000 12:25:55 +0100 (MET) Received: from schoenw@localhost by henkell.ibr.cs.tu-bs.de (8.7.6/tubsibr) id MAA06031; Fri, 24 Nov 2000 12:25:55 +0100 Date: Fri, 24 Nov 2000 12:25:55 +0100 Message-Id: <200011241125.MAA06031@henkell.ibr.cs.tu-bs.de> From: Juergen Schoenwaelder To: internet-drafts@ietf.org CC: Network Management Research Group Subject: [nmrg] draft-irtf-nmrg-snmp-tcp-05.txt Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 22587 Lines: 623 Please post this document as . This document was produced by the network management research group of the IRTF. Thanks, /js Network Working Group J. Schoenwaelder Internet-Draft TU Braunschweig Expires: May 25, 2001 November 24, 2000 SNMP over TCP Transport Mapping draft-irtf-nmrg-snmp-tcp-05.txt Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." To view the entire list of Internet-Draft Shadow Directories, see http://www.ietf.org/shadow.html. The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/iid-abstracts.txt This Internet-Draft will expire on May 25, 2001. Copyright Notice Copyright (C) The Internet Society (2000). All Rights Reserved. Abstract This memo defines a transport mapping for using the Simple Network Management Protocol (SNMP) over TCP. The transport mapping can be used with any version of SNMP. This document extends the transport mappings defined in RFC 1906. Schoenwaelder Expires May 25, 2001 [Page 1] Internet-Draft SNMP over TCP Transport Mapping November 2000 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. SNMP over TCP . . . . . . . . . . . . . . . . . . . . . . . . 5 3.1 Serialization . . . . . . . . . . . . . . . . . . . . . . . . 5 3.2 Well-Known Values . . . . . . . . . . . . . . . . . . . . . . 6 3.3 Connection Management . . . . . . . . . . . . . . . . . . . . 6 3.4 Reliable Transport versus Confirmed Operations . . . . . . . . 6 4. Security Considerations . . . . . . . . . . . . . . . . . . . 7 5. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8 References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Author's Address . . . . . . . . . . . . . . . . . . . . . . . 10 A. OPEN ISSUES . . . . . . . . . . . . . . . . . . . . . . . . . 10 Full Copyright Statement . . . . . . . . . . . . . . . . . . . 11 Schoenwaelder Expires May 25, 2001 [Page 2] Internet-Draft SNMP over TCP Transport Mapping November 2000 1. Introduction The SNMP Management Framework presently consists of five major components: o An overall architecture, described in RFC 2571 [2]. o Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in STD 16, RFC 1155 [3], STD 16, RFC 1212 [4] and RFC 1215 [5]. The second version, called SMIv2, is described in STD 58, RFC 2578 [6], STD 58, RFC 2579 [7] and STD 58, RFC 2580 [8]. o Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in STD 15, RFC 1157 [9]. A second version of the SNMP message protocol, which is not an Internet standards track protocol, is called SNMPv2c and described in RFC 1901 [10] and RFC 1906 [11]. The third version of the message protocol is called SNMPv3 and described in RFC 1906 [11], RFC 2572 [12] and RFC 2574 [13]. o Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described in STD 15, RFC 1157 [9]. A second set of protocol operations and associated PDU formats is described in RFC 1905 [14]. o A set of fundamental applications described in RFC 2573 [15] and the view-based access control mechanism described in RFC 2575 [16]. A more detailed introduction to the current SNMP Management Framework can be found in RFC 2570 [17]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the mechanisms defined in the SMI. This memo defines a transport mapping for using the Simple Network Management Protocol (SNMP) over TCP. The transport mapping can be used with any version of SNMP. This document extends the transport mappings defined in RFC 1906 [11]. The SNMP over TCP transport mapping is an optional transport mapping. SNMP protocol engines that implement the SNMP over TCP transport mapping MUST also implement the SNMP over UDP transport mapping as defined in RFC 1906 [11]. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [1]. Schoenwaelder Expires May 25, 2001 [Page 3] Internet-Draft SNMP over TCP Transport Mapping November 2000 2. Definitions IRTF-NMRG-SNMP-TM DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-IDENTITY, experimental FROM SNMPv2-SMI TEXTUAL-CONVENTION FROM SNMPv2-TC; nmrgSnmpDomains MODULE-IDENTITY LAST-UPDATED "200004031800Z" ORGANIZATION "IRTF Network Management Research Group" CONTACT-INFO "Juergen Schoenwaelder TU Braunschweig Bueltenweg 74/75 38106 Braunschweig Germany Phone: +49 531 391-3283 Email: schoenw@ibr.cs.tu-bs.de" DESCRIPTION "This MIB module defines the SNMP over TCP transport mapping." REVISION "200004031800Z" DESCRIPTION "Initial version, published as RFC XXXX." ::= { experimental nmrg(91) 1 } -- SNMP over TCP over IPv4 snmpTCPDomain OBJECT-IDENTITY STATUS current DESCRIPTION "The SNMP over TCP over IPv4 transport domain. The corresponding transport address is of type SnmpTCPAddress." ::= { nmrgSnmpDomains 1 } SnmpTCPAddress ::= TEXTUAL-CONVENTION DISPLAY-HINT "1d.1d.1d.1d/2d" STATUS current DESCRIPTION "Represents a TCP/IPv4 address: octets contents encoding 1-4 IP-address network-byte order 5-6 TCP-port network-byte order " SYNTAX OCTET STRING (SIZE (6)) END Schoenwaelder Expires May 25, 2001 [Page 4] Internet-Draft SNMP over TCP Transport Mapping November 2000 3. SNMP over TCP SNMP over TCP is an experimental optional transport mapping. It is primarily defined to support more efficient bulk transfer mechanisms within the SNMP framework [20]. The originator of a request/response transaction chooses the transport protocol for the entire transaction. The transport protocol MUST NOT change during a transaction. In general, originators of request/response transactions are free to use the transport they assume is the best in a given situation. However, since TCP has a larger footprint on resource usage than UDP, engines using SNMP over TCP may choose to switch back to UDP by refusing new TCP connections whenever necessary (e.g. too many open TCP connections). When selecting the transport, it is useful to consider how SNMP interacts with TCP acknowledgements and timers. In particular, infrequent SNMP interactions over TCP may lead to additional IP packets carrying acknowledgements for SNMP responses if there is no chance to piggyback them. Furthermore, it is recommended to configure SNMP timers to fire later when using SNMP over TCP to avoid application specific timeouts before the TCP timers have expired. 3.1 Serialization Each instance of a message is serialized into a single BER-encoded message, using the algorithm specified in Section 8 of RFC 1906 [11]. The BER-encoded message is then sent over a TCP connection. An SNMP engine MUST NOT interleave SNMP messages within the TCP byte stream. All the bytes of one SNMP message must be sent before any bytes of a different SNMP message. It is possible to exchange multiple SNMP request/response pairs over a single (persistent) TCP connection. TCP connections are per default full-duplex and data can travel in both directions at different speeds. It is therefore possible to send multiple SNMP messages to a remote SNMP engine before receiving responses from the same SNMP engine. Note that an SNMP engine is not required to return responses in the same order as it received the requests. It is possible that the underlying TCP implementation delivers byte sequences that do not coincide with SNMP message boundaries. A receiving SNMP engine MUST therefore use the length field in the BER-encoded SNMP message to separate multiple requests sent over a single TCP connection. Schoenwaelder Expires May 25, 2001 [Page 5] Internet-Draft SNMP over TCP Transport Mapping November 2000 3.2 Well-Known Values It is RECOMMENDED that administrators configure their SNMP entities containing command responders to listen on TCP port 161 for incoming connections. It is also RECOMMENDED that SNMP entities containing notification receivers be configured to listen on TCP port 162 for connection requests. When an SNMP entity uses the TCP transport mapping, it MUST be capable of accepting messages that are at least 8192 octets in size. Implementation of larger values is encouraged whenever possible. 3.3 Connection Management The use of TCP connections introduces costs [18]. Connection establishment and teardown cause additional network traffic. Furthermore, maintaining open connections binds resources in the network layer of the underlying operating system. SNMP over TCP is intended to be used when the size of the transferred data is large since TCP offers flow control and efficient segmentation. The transport of large amounts of management data via SNMP over UDP requires many request/response interactions with small-sized SNMP over UDP messages, which causes latency to increase excessively. All SNMP entities (whether in an agent role or manager role) can close TCP connections at any point in time. This ensures that SNMP entities can control their resource usage and shut down TCP connections that are not used. Note that SNMP engines MUST process SNMP messages even if the incoming half of the TCP connection is closed while the outgoing half remains open. The processing of any outstanding SNMP requests when both halves of the TCP connection have been closed is implementation dependent. The sending SNMP entity SHOULD therefore not make assumptions about the processing of outstanding SNMP requests once a TCP connection is closed. A timeout error condition SHOULD be signalled for confirmed requests if the TCP connection is closed before a response has been received. 3.4 Reliable Transport versus Confirmed Operations The transport of SNMP messages over TCP results in a reliable exchange of SNMP messages between SNMP engines. In particular, TCP guarantees (in the absence of security attacks) that the delivered data is not damaged, lost, duplicated, or delivered out of order [19]. Schoenwaelder Expires May 25, 2001 [Page 6] Internet-Draft SNMP over TCP Transport Mapping November 2000 The SNMP protocol has been designed to support confirmed as well as unconfirmed operations [2]. The inform-request protocol operation is an example for a confirmed operation while the snmpV2-trap operation is an example for an unconfirmed operation. There is an important difference between an unconfirmed protocol operation sent over a reliable transport and a confirmed protocol operation. A reliable transport such as TCP only guarantees that delivered data is not damaged, lost, duplicated, or delivered out of order. It does not guarantee that the delivered data was actually processed in any way by the application process. Furthermore, even a reliable transport such as TCP can not guarantee that data sent to a remote system is eventually delivered on the remote system. Even a graceful close of the TCP connection does not guarantee that the receiving TCP engine has actually delivered all the data to an application process. With a confirmed SNMP operation, the receiving SNMP engine acknowledges that the data was actually received. Depending on the SNMP protocol operation, a confirmation may indicate that further processing was done. For example, the response to an inform-request protocol operation also indicates to the notification originator that the notification passed the security model and that it was delivered to the notification receiver application. Similarily, the response to a set-request indicates that the data passed the transport, the authentication mechanism and that the write request was actually processed by the command responder. A reliable transport is thus only a poor approximation for confirmed operations. Applications that need confirmation of delivery or processing are encouraged to use the confirmed operations, such as the inform-request, rather than using unconfirmed operations, such as snmpV2-trap, over a reliable transport. 4. Security Considerations It is recommended that implementors consider the security features as provided by the SNMPv3 framework in order to provide SNMP security. Specifically, the use of the User-based Security Model RFC 2574 [13] and the View-based Access Control Model RFC 2575 [16] is recommended. It is then a customer/user responsibility to ensure that the SNMP entity giving access to a MIB is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change) them. The SNMP over TCP transport mapping does not have any impact on the security mechanisms provided by SNMPv3. However, SNMP over TCP may Schoenwaelder Expires May 25, 2001 [Page 7] Internet-Draft SNMP over TCP Transport Mapping November 2000 introduce new vulnerabilities to denial of service attacks (such as TCP syn flooding) that do not exist in this form in other transport mappings. 5. Acknowledgments This document is the result of discussions within the Network Management Research Group (NMRG) of the Internet Research Task Force[21] (IRTF). Special thanks to Luca Deri, Jean-Philippe Martin-Flatin, Aiko Pras, Ron Sprenkels, and Bert Wijnen for their comments and suggestions. Additional useful comments have been made by Mike Ayers, Jeff Case, Mike Daniele, David Harrington, Lauren Heintz, Keith McCloghrie, and Dave Shield. Luca Deri, Wes Hardaker, Bert Helthuis, and Erik Schoenfelder helped to create prototype implementations. The SNMP over TCP transport mapping is currently supported by the NET-SNMP package[22] and the Linux CMU SNMP package[23]. References [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [2] Harrington, D., Presuhn, R. and B. Wijnen, "An Architecture for Describing SNMP Management Frameworks", RFC 2571, April 1999. [3] Rose, M. and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based Internets", STD 16, RFC 1155, May 1990. [4] Rose, M. and K. McCloghrie, "Concise MIB Definitions", STD 16, RFC 1212, March 1991. [5] Rose, M., "A Convention for Defining Traps for use with the SNMP", RFC 1215, March 1991. [6] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [7] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [8] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Conformance Statements for SMIv2", STD Schoenwaelder Expires May 25, 2001 [Page 8] Internet-Draft SNMP over TCP Transport Mapping November 2000 58, RFC 2580, April 1999. [9] Case, J., Fedor, M., Schoffstall, M. and J. Davin, "A Simple Network Management Protocol (SNMP)", STD 15, RFC 1157, May 1990. [10] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, January 1996. [11] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1906, January 1996. [12] Case, J., Harrington, D., Presuhn, R. and B. Wijnen, "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2572, April 1999. [13] Blumenthal, U. and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2574, April 1999. [14] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, January 1996. [15] Levi, D., Meyer, P. and B. Stewart, "SNMP Applications", RFC 2573, April 1999. [16] Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2575, April 1999. [17] Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction to Version 3 of the Internet-standard Network Management Framework", RFC 2570, April 1999. [18] Kastenholz, F., "SNMP Communications Services", RFC 1270, October 1991. [19] Postel, J., "Transmission Control Protocol", STD 7, RFC 793, September 1981. [20] Sprenkels, R. and J.P. Martin-Flatin, "Bulk Transfers of MIB Data", Simple Times 7(1), March 1999. [21] http://www.irtf.org/ [22] http://net-snmp.sourceforge.net/ Schoenwaelder Expires May 25, 2001 [Page 9] Internet-Draft SNMP over TCP Transport Mapping November 2000 [23] http://www.gaertner.de/snmp/ Author's Address Juergen Schoenwaelder TU Braunschweig Bueltenweg 74/75 38106 Braunschweig Germany Phone: +49 531 391-3289 EMail: schoenw@ibr.cs.tu-bs.de Appendix A. OPEN ISSUES 1. The requirement to handle half-closed TCP connections causes additional implementation complexity in event-driven applications since a half-closed socket would need to be excluded from Randy> poll/select lists input checking (since the descriptor would Randy> always come up ready for read) but be left in the write list Randy> until the application decides to close the socket after writing Randy> the response. This may turn out hard to implement consistently across platforms. Perhaps it would be simpler to just disallow half-closed TCP connections in order to enhance interoperability. 2. The text does not explicitely say when TCP connections are opened and by whom. However, some people believe that only one sensible interpretation is actually possible. The question is how precise we have to be without interacting too deeply with RFC 2573. Schoenwaelder Expires May 25, 2001 [Page 10] Internet-Draft SNMP over TCP Transport Mapping November 2000 Full Copyright Statement Copyright (C) The Internet Society (2000). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Acknowledgement Funding for the RFC Editor function is currently provided by the Internet Society. Schoenwaelder Expires May 25, 2001 [Page 11] Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id QAA16657 for nmrg-outgoing; Thu, 23 Nov 2000 16:58:21 +0100 (MET) Received: from utrhcs.cs.utwente.nl (utrhcs.cs.utwente.nl [130.89.10.247]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id QAA16650; Thu, 23 Nov 2000 16:58:20 +0100 (MET) Received: from cs.utwente.nl (utip074.cs.utwente.nl [130.89.12.43]) by utrhcs.cs.utwente.nl (8.9.3/8.9.3) with ESMTP id QAA10231; Thu, 23 Nov 2000 16:58:08 +0100 (MET) Message-ID: <3A1D3E92.102077C5@cs.utwente.nl> Date: Thu, 23 Nov 2000 16:58:10 +0100 From: Ron Sprenkels Organization: University of Twente X-Mailer: Mozilla 4.7 [en] (WinNT; I) X-Accept-Language: en MIME-Version: 1.0 To: Juergen Schoenwaelder CC: Network Management Research Group Subject: Re: [nmrg] SNMP over TCP issues References: <200011211527.QAA11071@henkell.ibr.cs.tu-bs.de> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 2433 Lines: 57 Hi Juergen, > Since the ID cutoff is next Friday, I need to get feedback within 48 > hours. I'm missing this deadline by an hour or so, but nevertheless I want to put in my 2 cents... I read through the entire draft you posted to the list. Overall, I did not find any new items that need changes, that were not already identified in the other mails of the past few days here. > (1) The current document says that half closed TCP connections are > legal and implementations have to be able to deal with them. Randy > Presuhn wrote: > > Randy> This might be a pain to implement consistently across platforms > > I think he has strong point. It will simplify implementations and > increase interoperability if we just ignore the TCP feature of > half-closed TCP connections. So my strawman is to follow Randy's > proposal. So, consensus is that dealing with half-closed sockets will make implementing this quite a bit harder. Leaving out that feature will lower the acceptance barrier for TCP, so I agree to leaving this half-closed feature out. > (2) There was a issue raised by Lauren Heintz whether it is legal to > transmit responses in a different order than the received > requests: > > Lauren> 3.1 - I gather it's OK for the responding entity to transmit > Lauren> responses in an order other than that originally received. > > I think this is legal. I already added text to the ID saying so > but I wanted to check with you whether someone disagrees. I agree, for (amongst others) the reason that in the UDP case you have to deal with this anyway. The TCP transport should not change the behaviour of what is above it, nor put new constraints on it. > (3) There were questions concerning who is responsible to open > connections and when. There were actually a number of comments > around this topic. The current text is more or less silent about > this. In one of the other mails a line of reasoning was given that identifies 'the natural side' to initiate connections. So, being silent is in my opinion safe. This will sort out itself, all by itself. Ron. -------------------------------------------------------------------------- Ron Sprenkels sprenkel@cs.utwente.nl http://www.cs.utwente.nl/~sprenkel University of Twente, Department of Computer Science, TSS Management group P.O. Box 217, 7500 AE Enschede, The Netherlands. (Tel. +31 53 489 4663) Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id AAA01262 for nmrg-outgoing; Thu, 23 Nov 2000 00:23:40 +0100 (MET) Received: from henkell.ibr.cs.tu-bs.de (schoenw@henkell [134.169.34.191]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id AAA01257; Thu, 23 Nov 2000 00:23:35 +0100 (MET) Received: from schoenw@localhost by henkell.ibr.cs.tu-bs.de (8.7.6/tubsibr) id AAA24722; Thu, 23 Nov 2000 00:23:34 +0100 Date: Thu, 23 Nov 2000 00:23:34 +0100 Message-Id: <200011222323.AAA24722@henkell.ibr.cs.tu-bs.de> From: Juergen Schoenwaelder To: wjhardaker@ucdavis.edu CC: wjhardaker@ucdavis.edu, nmrg@ibr.cs.tu-bs.de In-reply-to: (message from Wes Hardaker on 22 Nov 2000 14:59:49 -0800) Subject: Re: [nmrg] SNMP over TCP issues References: <200011211527.QAA11071@henkell.ibr.cs.tu-bs.de> <200011211724.SAA13356@henkell.ibr.cs.tu-bs.de> Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 2274 Lines: 50 >>>>> Wes Hardaker writes: Wes> I'm not sure what we do (I'll have to go look). Wes> I think we process anything we can read completely, which means Wes> any packets that come in on the input stream before the socket is Wes> broken. So if the input session closes after a given packet, we Wes> should process it and return the data through the other Wes> connection if the tcp stack allows us to submit it. It's not Wes> until we try to receive the next packet that we'd get an EOF. Randy was talking about agents that stuff the transport endpoints into an eventloop and which might send the request off to a subagent and fall back into the event loop. In this case, you might receive the EOF before the processing is complete and if you now just close the socket, then you are in trouble. So you need to fiddle around with the sockets registered in your event loop to handle this case properly. [... next issue ...] Wes> Anyway, in the case above TCP could never be used between those Wes> two implementations, which to me indicates an error in the Wes> specifications. I already *know* that we'll run into this Wes> problem, since we already had arguments on this exact subject Wes> before. I actually believe the specification can only be reasonably understood in one way. For example, section 3.2 says what the default ports are where SNMP entities containing command responders and notification receivers listen for incoming TCP connections. It does not say where notification receivers should listen. (In fact, I believe we would need more port numbers to make things work if we allow notification originators to listen as well.) If we want to be more precise, would it be sufficient if I just add a sentence saying that TCP connections are established by SNMP engines on behalf of command generator or notification originator applications? (We might need to include proxy forwarders there as well but I need to think about this as I usually tend to ignore proxies. ;-) /js -- Juergen Schoenwaelder Technical University Braunschweig Dept. Operating Systems & Computer Networks Phone: +49 531 391 3289 Bueltenweg 74/75, 38106 Braunschweig, Germany Fax: +49 531 391 5936 Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id XAA29687 for nmrg-outgoing; Wed, 22 Nov 2000 23:58:40 +0100 (MET) Received: from wanderer.hardakers.net (IDENT:root@dns2.hardaker.davis.ca.us [168.150.190.2]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id XAA29682; Wed, 22 Nov 2000 23:58:37 +0100 (MET) Received: (from hardaker@localhost) by wanderer.hardakers.net (8.9.3/8.9.3) id OAA01271; Wed, 22 Nov 2000 14:59:49 -0800 X-Authentication-Warning: wanderer.hardakers.net: hardaker set sender to wjhardaker@ucdavis.edu using -f To: Juergen Schoenwaelder Cc: wjhardaker@ucdavis.edu, nmrg@ibr.cs.tu-bs.de Subject: Re: [nmrg] SNMP over TCP issues References: <200011211527.QAA11071@henkell.ibr.cs.tu-bs.de> <200011211724.SAA13356@henkell.ibr.cs.tu-bs.de> From: Wes Hardaker X-URL: http://dcas.ucdavis.edu/~hardaker Organization: Network Associates - NAI Labs X-Face: #qW^}a%m*T^{A:Cp}$R\"38+d}41-Z}uU8,r%F#c#s:~Nzp0G9](s?,K49KJ]s"*7gvRgA SrAvQc4@/}L7Qc=w{)]ACO\R{LF@S{pXfojjjGg6c;q6{~C}CxC^^&~(F]`1W)%9j/iS/ IM",B1M.?{w8ckLTYD'`|kTr\i\cgY)P4 Date: 22 Nov 2000 14:59:49 -0800 In-Reply-To: <200011211724.SAA13356@henkell.ibr.cs.tu-bs.de> Message-ID: User-Agent: Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.2 (Notus) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 2294 Lines: 47 >>>>> On Tue, 21 Nov 2000 18:24:12 +0100, Juergen Schoenwaelder said: Juergen> No. We either require that every implementation does the Juergen> right thing when it receives an EOF while reading from a TCP Juergen> socket or we go with the much simpler solution which enhances Juergen> interoperability. I guess our Linux implementation does not Juergen> get this right. Does the UCD get this right? If not, we have Juergen> two strong data points that this is not as simple as one Juergen> might expect. I'm not sure what we do (I'll have to go look). I think we process anything we can read completely, which means any packets that come in on the input stream before the socket is broken. So if the input session closes after a given packet, we should process it and return the data through the other connection if the tcp stack allows us to submit it. It's not until we try to receive the next packet that we'd get an EOF. Wes> Well, I certainly don't want to bring that whole discussion up Wes> again, but I fail to see how we can ignore the issue. It would Wes> definitely lead to interoperability problems if my trap demon was Wes> expecting someone else to open the TCP stream, and the remote Wes> agent was expecting my trap demon to open it.... Juergen> From an architectural point of view, you end up in a sendPDU Juergen> ASI with a transport domain and a transport address. I think Juergen> it is obvious that you now either choose a matching existing Juergen> TCP connection or that you try to create a suitable one. The Juergen> other option to wait in the sendPDU ASI that someone connects Juergen> to you so that you can deliver the SNMP message really seems Juergen> strange to me and I can hardly believe that someone chooses Juergen> to implement this strategy. Well, if the stream was down I wouldn't wait... I'd fall back to UDP as everyone has mentioned previously (though if the transport domain is specified I guess you can't do that). Anyway, in the case above TCP could never be used between those two implementations, which to me indicates an error in the specifications. I already *know* that we'll run into this problem, since we already had arguments on this exact subject before. -- Wes Hardaker NAI Labs Network Associates Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id SAA12116 for nmrg-outgoing; Tue, 21 Nov 2000 18:24:24 +0100 (MET) Received: from henkell.ibr.cs.tu-bs.de (schoenw@henkell [134.169.34.191]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id SAA12111; Tue, 21 Nov 2000 18:24:13 +0100 (MET) Received: from schoenw@localhost by henkell.ibr.cs.tu-bs.de (8.7.6/tubsibr) id SAA13356; Tue, 21 Nov 2000 18:24:12 +0100 Date: Tue, 21 Nov 2000 18:24:12 +0100 Message-Id: <200011211724.SAA13356@henkell.ibr.cs.tu-bs.de> From: Juergen Schoenwaelder To: wjhardaker@ucdavis.edu CC: nmrg@ibr.cs.tu-bs.de In-reply-to: (message from Wes Hardaker on 21 Nov 2000 09:15:23 -0800) Subject: Re: [nmrg] SNMP over TCP issues References: <200011211527.QAA11071@henkell.ibr.cs.tu-bs.de> Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 2194 Lines: 51 >>>>> Wes Hardaker writes: [...] Wes> Though those are excellent points, I'd suggest that Wes> implementations that can keep a half open stream open Wes> (specifically the outgoing half) should do so, at least just long Wes> enough to return the last required responses. I do agree, Wes> however, that it shouldn't be a requirement. Maybe this is a Wes> good case for a SHOULD. No. We either require that every implementation does the right thing when it receives an EOF while reading from a TCP socket or we go with the much simpler solution which enhances interoperability. I guess our Linux implementation does not get this right. Does the UCD get this right? If not, we have two strong data points that this is not as simple as one might expect. [...] Juergen> I think that being silent is the best we can do at this point Juergen> in time. This means that it is implementation dependent Juergen> whether an agent maintains open TCP connections to deliver Juergen> notifications or whether an agent creates them when Juergen> needed. Trying to specify this behaviour does not seem too Juergen> useful to me. Wes> Well, I certainly don't want to bring that whole discussion up Wes> again, but I fail to see how we can ignore the issue. It would Wes> definitely lead to interoperability problems if my trap demon was Wes> expecting someone else to open the TCP stream, and the remote Wes> agent was expecting my trap demon to open it.... >From an architectural point of view, you end up in a sendPDU ASI with a transport domain and a transport address. I think it is obvious that you now either choose a matching existing TCP connection or that you try to create a suitable one. The other option to wait in the sendPDU ASI that someone connects to you so that you can deliver the SNMP message really seems strange to me and I can hardly believe that someone chooses to implement this strategy. /js -- Juergen Schoenwaelder Technical University Braunschweig Dept. Operating Systems & Computer Networks Phone: +49 531 391 3289 Bueltenweg 74/75, 38106 Braunschweig, Germany Fax: +49 531 391 5936 Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id SAA11547 for nmrg-outgoing; Tue, 21 Nov 2000 18:14:30 +0100 (MET) Received: from wanderer.hardakers.net (IDENT:root@dns2.hardaker.davis.ca.us [168.150.190.2]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id SAA11541; Tue, 21 Nov 2000 18:14:27 +0100 (MET) Received: (from hardaker@localhost) by wanderer.hardakers.net (8.9.3/8.9.3) id JAA16749; Tue, 21 Nov 2000 09:15:23 -0800 X-Authentication-Warning: wanderer.hardakers.net: hardaker set sender to wjhardaker@ucdavis.edu using -f To: Juergen Schoenwaelder Cc: Network Management Research Group Subject: Re: [nmrg] SNMP over TCP issues References: <200011211527.QAA11071@henkell.ibr.cs.tu-bs.de> From: Wes Hardaker X-URL: http://dcas.ucdavis.edu/~hardaker Organization: Network Associates - NAI Labs X-Face: #qW^}a%m*T^{A:Cp}$R\"38+d}41-Z}uU8,r%F#c#s:~Nzp0G9](s?,K49KJ]s"*7gvRgA SrAvQc4@/}L7Qc=w{)]ACO\R{LF@S{pXfojjjGg6c;q6{~C}CxC^^&~(F]`1W)%9j/iS/ IM",B1M.?{w8ckLTYD'`|kTr\i\cgY)P4 Date: 21 Nov 2000 09:15:23 -0800 In-Reply-To: <200011211527.QAA11071@henkell.ibr.cs.tu-bs.de> Message-ID: User-Agent: Gnus/5.0808 (Gnus v5.8.8) XEmacs/21.2 (Notus) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 2734 Lines: 55 >>>>> On Tue, 21 Nov 2000 16:27:05 +0100, Juergen Schoenwaelder said: Randy> This might be a pain to implement consistently across platforms Randy> with different TCP/IP stacks and socket libraries. Wouldn't it Randy> be simpler for applications to just close the socket if either Randy> the incoming or the outgoing half is in trouble? Otherwise, Randy> the half-closed socket would need to be excluded from Randy> poll/select lists input checking (since the descriptor would Randy> always come up ready for read) but be left in the write list Randy> until the application decides to close the socket after writing Randy> the response. Juergen> I think he has strong point. It will simplify implementations Juergen> and increase interoperability if we just ignore the TCP Juergen> feature of half-closed TCP connections. So my strawman is to Juergen> follow Randy's proposal. Though those are excellent points, I'd suggest that implementations that can keep a half open stream open (specifically the outgoing half) should do so, at least just long enough to return the last required responses. I do agree, however, that it shouldn't be a requirement. Maybe this is a good case for a SHOULD. Juergen> (2) There was a issue raised by Lauren Heintz whether it is legal to Juergen> transmit responses in a different order than the received Juergen> requests: Lauren> 3.1 - I gather it's OK for the responding entity to transmit Lauren> responses in an order other than that originally received. Juergen> I think this is legal. I already added text to the ID saying so Juergen> but I wanted to check with you whether someone disagrees. I strongly think this should be legal. Consider the agentx master agent with SNMP requests coming in talking to 2 different subagents, one fast and one slow (and the slow request one arrives first). Currently, UDP packets can be returned in any order so SNMP implementations must deal with out-of-order packets already. Juergen> I think that being silent is the best we can do at this point Juergen> in time. This means that it is implementation dependent Juergen> whether an agent maintains open TCP connections to deliver Juergen> notifications or whether an agent creates them when Juergen> needed. Trying to specify this behaviour does not seem too Juergen> useful to me. Well, I certainly don't want to bring that whole discussion up again, but I fail to see how we can ignore the issue. It would definitely lead to interoperability problems if my trap demon was expecting someone else to open the TCP stream, and the remote agent was expecting my trap demon to open it.... -- "Ninjas aren't dangerous. They're more afraid of you than you are of them." Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id QAA01128 for nmrg-outgoing; Tue, 21 Nov 2000 16:28:06 +0100 (MET) Received: from henkell.ibr.cs.tu-bs.de (schoenw@henkell [134.169.34.191]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id QAA01123; Tue, 21 Nov 2000 16:28:03 +0100 (MET) Received: from schoenw@localhost by henkell.ibr.cs.tu-bs.de (8.7.6/tubsibr) id QAA11074; Tue, 21 Nov 2000 16:28:03 +0100 Date: Tue, 21 Nov 2000 16:28:03 +0100 Message-Id: <200011211528.QAA11074@henkell.ibr.cs.tu-bs.de> From: Juergen Schoenwaelder To: Network Management Research Group Subject: [nmrg] SNMP over TCP revision Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 21462 Lines: 621 Here is the current version of the document for quick review. /js Network Working Group J. Schoenwaelder Internet-Draft TU Braunschweig Expires: May 22, 2001 November 21, 2000 SNMP over TCP Transport Mapping draft-irtf-nmrg-snmp-tcp-05.txt Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." To view the entire list of Internet-Draft Shadow Directories, see http://www.ietf.org/shadow.html. The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/iid-abstracts.txt This Internet-Draft will expire on May 22, 2001. Copyright Notice Copyright (C) The Internet Society (2000). All Rights Reserved. Abstract This memo defines a transport mapping for using the Simple Network Management Protocol (SNMP) over TCP. The transport mapping can be used with any version of SNMP. This document extends the transport mappings defined in RFC 1906. Schoenwaelder Expires May 22, 2001 [Page 1] Internet-Draft SNMP over TCP Transport Mapping November 2000 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. SNMP over TCP . . . . . . . . . . . . . . . . . . . . . . . . 5 3.1 Serialization . . . . . . . . . . . . . . . . . . . . . . . . 5 3.2 Well-Known Values . . . . . . . . . . . . . . . . . . . . . . 6 3.3 Connection Management . . . . . . . . . . . . . . . . . . . . 6 3.4 Reliable Transport versus Confirmed Operations . . . . . . . . 6 4. Security Considerations . . . . . . . . . . . . . . . . . . . 7 5. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8 References . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Author's Address . . . . . . . . . . . . . . . . . . . . . . . 10 Full Copyright Statement . . . . . . . . . . . . . . . . . . . 11 Schoenwaelder Expires May 22, 2001 [Page 2] Internet-Draft SNMP over TCP Transport Mapping November 2000 1. Introduction The SNMP Management Framework presently consists of five major components: o An overall architecture, described in RFC 2571 [2]. o Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in STD 16, RFC 1155 [3], STD 16, RFC 1212 [4] and RFC 1215 [5]. The second version, called SMIv2, is described in STD 58, RFC 2578 [6], STD 58, RFC 2579 [7] and STD 58, RFC 2580 [8]. o Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in STD 15, RFC 1157 [9]. A second version of the SNMP message protocol, which is not an Internet standards track protocol, is called SNMPv2c and described in RFC 1901 [10] and RFC 1906 [11]. The third version of the message protocol is called SNMPv3 and described in RFC 1906 [11], RFC 2572 [12] and RFC 2574 [13]. o Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described in STD 15, RFC 1157 [9]. A second set of protocol operations and associated PDU formats is described in RFC 1905 [14]. o A set of fundamental applications described in RFC 2573 [15] and the view-based access control mechanism described in RFC 2575 [16]. A more detailed introduction to the current SNMP Management Framework can be found in RFC 2570 [17]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the mechanisms defined in the SMI. This memo defines a transport mapping for using the Simple Network Management Protocol (SNMP) over TCP. The transport mapping can be used with any version of SNMP. This document extends the transport mappings defined in RFC 1906 [11]. The SNMP over TCP transport mapping is an optional transport mapping. SNMP protocol engines that implement the SNMP over TCP transport mapping MUST also implement the SNMP over UDP transport mapping as defined in RFC 1906 [11]. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [1]. Schoenwaelder Expires May 22, 2001 [Page 3] Internet-Draft SNMP over TCP Transport Mapping November 2000 2. Definitions IRTF-NMRG-SNMP-TM DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-IDENTITY, experimental FROM SNMPv2-SMI TEXTUAL-CONVENTION FROM SNMPv2-TC; nmrgSnmpDomains MODULE-IDENTITY LAST-UPDATED "200004031800Z" ORGANIZATION "IRTF Network Management Research Group" CONTACT-INFO "Juergen Schoenwaelder TU Braunschweig Bueltenweg 74/75 38106 Braunschweig Germany Phone: +49 531 391-3283 Email: schoenw@ibr.cs.tu-bs.de" DESCRIPTION "This MIB module defines the SNMP over TCP transport mapping." REVISION "200004031800Z" DESCRIPTION "Initial version, published as RFC XXXX." ::= { experimental nmrg(91) 1 } -- SNMP over TCP over IPv4 snmpTCPDomain OBJECT-IDENTITY STATUS current DESCRIPTION "The SNMP over TCP over IPv4 transport domain. The corresponding transport address is of type SnmpTCPAddress." ::= { nmrgSnmpDomains 1 } SnmpTCPAddress ::= TEXTUAL-CONVENTION DISPLAY-HINT "1d.1d.1d.1d/2d" STATUS current DESCRIPTION "Represents a TCP/IPv4 address: octets contents encoding 1-4 IP-address network-byte order 5-6 TCP-port network-byte order " SYNTAX OCTET STRING (SIZE (6)) END Schoenwaelder Expires May 22, 2001 [Page 4] Internet-Draft SNMP over TCP Transport Mapping November 2000 3. SNMP over TCP SNMP over TCP is an experimental optional transport mapping. It is primarily defined to support more efficient bulk transfer mechanisms within the SNMP framework [20]. The originator of a request/response transaction chooses the transport protocol for the entire transaction. The transport protocol MUST NOT change during a transaction. In general, originators of request/response transactions are free to use the transport they assume is the best in a given situation. However, since TCP has a larger footprint on resource usage than UDP, engines using SNMP over TCP may choose to switch back to UDP by refusing new TCP connections whenever necessary (e.g. too many open TCP connections). When selecting the transport, it is useful to consider how SNMP interacts with TCP acknowledgements and timers. In particular, infrequent SNMP interactions over TCP may lead to additional IP packets carrying acknowledgements for SNMP responses if there is no chance to piggyback them. Furthermore, it is recommended to configure SNMP timers to fire later when using SNMP over TCP to avoid application specific timeouts before the TCP timers have expired. 3.1 Serialization Each instance of a message is serialized into a single BER-encoded message, using the algorithm specified in Section 8 of RFC 1906 [11]. The BER-encoded message is then sent over a TCP connection. An SNMP engine MUST NOT interleave SNMP messages within the TCP byte stream. All the bytes of one SNMP message must be sent before any bytes of a different SNMP message. It is possible to exchange multiple SNMP request/response pairs over a single (persistent) TCP connection. TCP connections are per default full-duplex and data can travel in both directions at different speeds. It is therefore possible to send multiple SNMP messages to a remote SNMP engine before receiving responses from the same SNMP engine. Note that an SNMP engine is not required to return responses in the same order as it received the requests. It is possible that the underlying TCP implementation delivers byte sequences that do not coincide with SNMP message boundaries. A receiving SNMP engine MUST therefore use the length field in the BER-encoded SNMP message to separate multiple requests sent over a single TCP connection. Schoenwaelder Expires May 22, 2001 [Page 5] Internet-Draft SNMP over TCP Transport Mapping November 2000 3.2 Well-Known Values It is RECOMMENDED that administrators configure their SNMP entities containing command responders to listen on TCP port 161 for incoming connections. It is also RECOMMENDED that SNMP entities containing notification receivers be configured to listen on TCP port 162 for connection requests. When an SNMP entity uses the TCP transport mapping, it MUST be capable of accepting messages that are at least 8192 octets in size. Implementation of larger values is encouraged whenever possible. 3.3 Connection Management The use of TCP connections introduces costs [18]. Connection establishment and teardown cause additional network traffic. Furthermore, maintaining open connections binds resources in the network layer of the underlying operating system. SNMP over TCP is intended to be used when the size of the transferred data is large since TCP offers flow control and efficient segmentation. The transport of large amounts of management data via SNMP over UDP requires many request/response interactions with small-sized SNMP over UDP messages, which causes latency to increase excessively. All SNMP entities (whether in an agent role or manager role) can close TCP connections at any point in time. This ensures that SNMP entities can control their resource usage and shut down TCP connections that are not used. Note that SNMP engines MUST process SNMP messages even if the incoming half of the TCP connection is closed while the outgoing half remains open. The processing of any outstanding SNMP requests when both halves of the TCP connection have been closed is implementation dependent. The sending SNMP entity SHOULD therefore not make assumptions about the processing of outstanding SNMP requests once a TCP connection is closed. A timeout error condition SHOULD be signalled for confirmed requests if the TCP connection is closed before a response has been received. 3.4 Reliable Transport versus Confirmed Operations The transport of SNMP messages over TCP results in a reliable exchange of SNMP messages between SNMP engines. In particular, TCP guarantees (in the absence of security attacks) that the delivered data is not damaged, lost, duplicated, or delivered out of order [19]. Schoenwaelder Expires May 22, 2001 [Page 6] Internet-Draft SNMP over TCP Transport Mapping November 2000 The SNMP protocol has been designed to support confirmed as well as unconfirmed operations [2]. The inform-request protocol operation is an example for a confirmed operation while the snmpV2-trap operation is an example for an unconfirmed operation. There is an important difference between an unconfirmed protocol operation sent over a reliable transport and a confirmed protocol operation. A reliable transport such as TCP only guarantees that delivered data is not damaged, lost, duplicated, or delivered out of order. It does not guarantee that the delivered data was actually processed in any way by the application process. Furthermore, even a reliable transport such as TCP can not guarantee that data sent to a remote system is eventually delivered on the remote system. Even a graceful close of the TCP connection does not guarantee that the receiving TCP engine has actually delivered all the data to an application process. With a confirmed SNMP operation, the receiving SNMP engine acknowledges that the data was actually received. Depending on the SNMP protocol operation, a confirmation may indicate that further processing was done. For example, the response to an inform-request protocol operation also indicates to the notification originator that the notification passed the security model and that it was delivered to the notification receiver application. Similarily, the response to a set-request indicates that the data passed the transport, the authentication mechanism and that the write request was actually processed by the command responder. A reliable transport is thus only a poor approximation for confirmed operations. Applications that need confirmation of delivery or processing are encouraged to use the confirmed operations, such as the inform-request, rather than using unconfirmed operations, such as snmpV2-trap, over a reliable transport. 4. Security Considerations It is recommended that implementors consider the security features as provided by the SNMPv3 framework in order to provide SNMP security. Specifically, the use of the User-based Security Model RFC 2574 [13] and the View-based Access Control Model RFC 2575 [16] is recommended. It is then a customer/user responsibility to ensure that the SNMP entity giving access to a MIB is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change) them. The SNMP over TCP transport mapping does not have any impact on the security mechanisms provided by SNMPv3. However, SNMP over TCP may Schoenwaelder Expires May 22, 2001 [Page 7] Internet-Draft SNMP over TCP Transport Mapping November 2000 introduce new vulnerabilities to denial of service attacks (such as TCP syn flooding) that do not exist in this form in other transport mappings. 5. Acknowledgments This document is the result of discussions within the Network Management Research Group (NMRG) of the Internet Research Task Force[21] (IRTF). Special thanks to Luca Deri, Jean-Philippe Martin-Flatin, Aiko Pras, Ron Sprenkels, and Bert Wijnen for their comments and suggestions. Additional useful comments have been made by Mike Ayers, Jeff Case, Mike Daniele, David Harrington, Lauren Heintz, Keith McCloghrie, and Dave Shield. Luca Deri, Wes Hardaker, Bert Helthuis, and Erik Schoenfelder helped to create prototype implementations. The SNMP over TCP transport mapping is currently supported by the NET-SNMP package[22] and the Linux CMU SNMP package[23]. References [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [2] Harrington, D., Presuhn, R. and B. Wijnen, "An Architecture for Describing SNMP Management Frameworks", RFC 2571, April 1999. [3] Rose, M. and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based Internets", STD 16, RFC 1155, May 1990. [4] Rose, M. and K. McCloghrie, "Concise MIB Definitions", STD 16, RFC 1212, March 1991. [5] Rose, M., "A Convention for Defining Traps for use with the SNMP", RFC 1215, March 1991. [6] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [7] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [8] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M. and S. Waldbusser, "Conformance Statements for SMIv2", STD Schoenwaelder Expires May 22, 2001 [Page 8] Internet-Draft SNMP over TCP Transport Mapping November 2000 58, RFC 2580, April 1999. [9] Case, J., Fedor, M., Schoffstall, M. and J. Davin, "A Simple Network Management Protocol (SNMP)", STD 15, RFC 1157, May 1990. [10] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, January 1996. [11] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1906, January 1996. [12] Case, J., Harrington, D., Presuhn, R. and B. Wijnen, "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2572, April 1999. [13] Blumenthal, U. and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2574, April 1999. [14] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, January 1996. [15] Levi, D., Meyer, P. and B. Stewart, "SNMP Applications", RFC 2573, April 1999. [16] Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2575, April 1999. [17] Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction to Version 3 of the Internet-standard Network Management Framework", RFC 2570, April 1999. [18] Kastenholz, F., "SNMP Communications Services", RFC 1270, October 1991. [19] Postel, J., "Transmission Control Protocol", STD 7, RFC 793, September 1981. [20] Sprenkels, R. and J.P. Martin-Flatin, "Bulk Transfers of MIB Data", Simple Times 7(1), March 1999. [21] http://www.irtf.org/ [22] http://net-snmp.sourceforge.net/ Schoenwaelder Expires May 22, 2001 [Page 9] Internet-Draft SNMP over TCP Transport Mapping November 2000 [23] http://www.gaertner.de/snmp/ Author's Address Juergen Schoenwaelder TU Braunschweig Bueltenweg 74/75 38106 Braunschweig Germany Phone: +49 531 391-3289 EMail: schoenw@ibr.cs.tu-bs.de Schoenwaelder Expires May 22, 2001 [Page 10] Internet-Draft SNMP over TCP Transport Mapping November 2000 Full Copyright Statement Copyright (C) The Internet Society (2000). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Acknowledgement Funding for the RFC Editor function is currently provided by the Internet Society. Schoenwaelder Expires May 22, 2001 [Page 11] Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id QAA01034 for nmrg-outgoing; Tue, 21 Nov 2000 16:27:07 +0100 (MET) Received: from henkell.ibr.cs.tu-bs.de (schoenw@henkell [134.169.34.191]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id QAA01029; Tue, 21 Nov 2000 16:27:05 +0100 (MET) Received: from schoenw@localhost by henkell.ibr.cs.tu-bs.de (8.7.6/tubsibr) id QAA11071; Tue, 21 Nov 2000 16:27:05 +0100 Date: Tue, 21 Nov 2000 16:27:05 +0100 Message-Id: <200011211527.QAA11071@henkell.ibr.cs.tu-bs.de> From: Juergen Schoenwaelder To: Network Management Research Group Subject: [nmrg] SNMP over TCP issues Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 3105 Lines: 68 Our SNMP over TCP is about to expire and I thought this is a good reason to submit an update which should then go the RFC editor for publication as Experimental RFC. I have gone through all the issues I kept from the lengthy discussion on this document earlier this year. I have made the edits for those things where I believe that the issue is not controversial. There are a few issues left where I would like to know whether someone objects to my strawman position (see below). Since the ID cutoff is next Friday, I need to get feedback within 48 hours. If I do not hear anything, then I will assume that you are happy with the strawman position and submit an updated ID by Friday. (I will post the current version of the text in a subsequent email message.) (1) The current document says that half closed TCP connections are legal and implementations have to be able to deal with them. Randy Presuhn wrote: Randy> This might be a pain to implement consistently across platforms Randy> with different TCP/IP stacks and socket libraries. Wouldn't it Randy> be simpler for applications to just close the socket if either Randy> the incoming or the outgoing half is in trouble? Otherwise, Randy> the half-closed socket would need to be excluded from Randy> poll/select lists input checking (since the descriptor would Randy> always come up ready for read) but be left in the write list Randy> until the application decides to close the socket after writing Randy> the response. I think he has strong point. It will simplify implementations and increase interoperability if we just ignore the TCP feature of half-closed TCP connections. So my strawman is to follow Randy's proposal. (2) There was a issue raised by Lauren Heintz whether it is legal to transmit responses in a different order than the received requests: Lauren> 3.1 - I gather it's OK for the responding entity to transmit Lauren> responses in an order other than that originally received. I think this is legal. I already added text to the ID saying so but I wanted to check with you whether someone disagrees. (3) There were questions concerning who is responsible to open connections and when. There were actually a number of comments around this topic. The current text is more or less silent about this. I think that being silent is the best we can do at this point in time. This means that it is implementation dependent whether an agent maintains open TCP connections to deliver notifications or whether an agent creates them when needed. Trying to specify this behaviour does not seem too useful to me. And thats it. Please let me know ASAP if you have any problems with the proposed resolutions or if there are any other bugs or typos in the revised document. /js -- Juergen Schoenwaelder Technical University Braunschweig Dept. Operating Systems & Computer Networks Phone: +49 531 391 3289 Bueltenweg 74/75, 38106 Braunschweig, Germany Fax: +49 531 391 5936 Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id GAA21587 for nmrg-outgoing; Mon, 13 Nov 2000 06:06:50 +0100 (MET) Received: from cisco.com (sigma.cisco.com [171.69.63.142]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id GAA21579 for ; Mon, 13 Nov 2000 06:06:45 +0100 (MET) Received: from andreawlap (andreaw-frame1.cisco.com [10.19.253.186]) by cisco.com (8.8.8-Cisco List Logging/8.8.8) with SMTP id VAA08484; Sun, 12 Nov 2000 21:05:34 -0800 (PST) From: "Andrea Westerinen" To: "Aiko Pras" , Subject: RE: [nmrg] NMRG Information Modelling Workshop Date: Sun, 12 Nov 2000 21:09:42 -0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 In-Reply-To: <3A0ADA1A.23068F9C@ctit.utwente.nl> Importance: Normal Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 2744 Lines: 64 I will volunteer for CIM. Andrea -----Original Message----- From: owner-nmrg@ibr.cs.tu-bs.de [mailto:owner-nmrg@ibr.cs.tu-bs.de]On Behalf Of Aiko Pras Sent: Thursday, November 09, 2000 9:09 AM To: nmrg@ibr.cs.tu-bs.de Cc: Aiko Pras Subject: [nmrg] NMRG Information Modelling Workshop Hi everyone Now that all details regarding the meeting location are known (see , I would like to propose an agenda for our next IRTF-NMRG meeting. As agreed in a previous discussion on the NMRG mailinglist, the purpose of this meeting will be to dive into the details of network information modeling. The things we want to do at the meeting include: 1) Discuss the pros and cons of doing information modeling work. This discussion could include the relevance of this work; is it necessary to have standards and how problematic is it to have multiple standards. Are the standards being implemented? Do they reduce the costs of network device vendors and / or network management vendors? Do they help network operators? 2) Produce an overview of what has been done so far in various groups. Among the things we could look at are SMIng (including the results of the Kleinheubach meeting), SPPI, NIM, CIM, GDMO, UML, CORBA (e.g. CORBA's Generic Network and NE Level Information Model), TINA, TMN NRIM etc. It would be nice if there were volunteers to introduce each of these approaches. Next to the overview, we should also make a comparison. 3) Discuss the key elements for a next generation information model for the Internet. The subject of this meeting is interesting and I guess it will therefore be important to have good minutes. Probably we could, just as we did after our first meeting in Lausanne, have as result an overview / conclusion paper in, for example, the Simple-Times (are there any Ph.D. students participating in the meeting :-). I would appreciate your comments an this draft agenda. Also I would like to ask for volunteers to introduce each of the approaches. Per approach there will be 20 minutes (or less) available for a technical presentation (remember this is the IRTF; political issues will be discussed the week afterwards :-). If you have any pointers to relevant info, please let me know; I will collect these pointers and send them in a later email to all of you. Since the meeting center is about 10 miles from the Doubletree hotel, I propose we start at 9:30 (those who want can assemble in the hall of the hotel at 9:00, and travel together). Lunch will be from 12:30 to 13:30; I expect that we stop around 17:30 (depending on the discussion, of course). Coffee breaks will be at 11:00 and 15:00! Bye Aiko Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id VAA27136 for nmrg-outgoing; Thu, 9 Nov 2000 21:59:41 +0100 (MET) Received: from henkell.ibr.cs.tu-bs.de (schoenw@henkell [134.169.34.191]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id VAA27128; Thu, 9 Nov 2000 21:59:36 +0100 (MET) Received: from schoenw@localhost by henkell.ibr.cs.tu-bs.de (8.7.6/tubsibr) id VAA25243; Thu, 9 Nov 2000 21:59:26 +0100 Date: Thu, 9 Nov 2000 21:59:26 +0100 Message-Id: <200011092059.VAA25243@henkell.ibr.cs.tu-bs.de> From: Juergen Schoenwaelder To: Network Management Research Group CC: bard@utexas.edu, brunner@ccrle.nec.de Subject: [nmrg] Austing NMRG meeting participants Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 873 Lines: 26 I need to compile the list of people who are going to show up in Austin. Here is the list I assembled from various emails. Please let me know if you are missing on the list or if you are on the list but you do not plan to attend. Aiko Pras (Twente University, meeting chair) Juergen Schoenwaelder (Technical University Braunschweig) Bill Bard (University of Austin) Dave Perkins (SNMPinfo) Andrea Westerinnen (Cisco) David Harrington (Cabletron) Jean-Philippe Martin-Flatin (EPFL Lausanne) Bert Wijnen (Lucent) Dave Thaler (Microsoft) Marcus Brunner (NEC C&C Research) /js -- Juergen Schoenwaelder Technical University Braunschweig Dept. Operating Systems & Computer Networks Phone: +49 531 391 3289 Bueltenweg 74/75, 38106 Braunschweig, Germany Fax: +49 531 391 5936 Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id VAA27045 for nmrg-outgoing; Thu, 9 Nov 2000 21:55:22 +0100 (MET) Received: from henkell.ibr.cs.tu-bs.de (schoenw@henkell [134.169.34.191]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id VAA27040; Thu, 9 Nov 2000 21:55:20 +0100 (MET) Received: from schoenw@localhost by henkell.ibr.cs.tu-bs.de (8.7.6/tubsibr) id VAA25220; Thu, 9 Nov 2000 21:55:20 +0100 Date: Thu, 9 Nov 2000 21:55:20 +0100 Message-Id: <200011092055.VAA25220@henkell.ibr.cs.tu-bs.de> From: Juergen Schoenwaelder To: pras@ctit.utwente.nl CC: nmrg@ibr.cs.tu-bs.de, pras@ctit.utwente.nl In-reply-to: <3A0ADA1A.23068F9C@ctit.utwente.nl> (message from Aiko Pras on Thu, 09 Nov 2000 18:08:42 +0100) Subject: Re: [nmrg] NMRG Information Modelling Workshop References: <3A0ADA1A.23068F9C@ctit.utwente.nl> Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 1025 Lines: 26 >>>>> Aiko Pras writes: Aiko> Since the meeting center is about 10 miles from the Doubletree Aiko> hotel, I propose we start at 9:30 (those who want can assemble Aiko> in the hall of the hotel at 9:00, and travel together). Lunch Aiko> will be from 12:30 to 13:30; I expect that we stop around 17:30 Aiko> (depending on the discussion, of course). Coffee breaks will be Aiko> at 11:00 and 15:00! The host of this meeting is probably offering free breakfast for us. In that case, I think we should plan for breakfast from 9:00-9:30 so that we can actually start at 9:30. This means we have to leave the Doubletree somewhere between 8:00 and 8:30 - which should be fine. [I am currently checking with the host regarding the breakfast.] /js -- Juergen Schoenwaelder Technical University Braunschweig Dept. Operating Systems & Computer Networks Phone: +49 531 391 3289 Bueltenweg 74/75, 38106 Braunschweig, Germany Fax: +49 531 391 5936 Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id SAA17560 for nmrg-outgoing; Thu, 9 Nov 2000 18:09:18 +0100 (MET) Received: from utrhcs.cs.utwente.nl (utrhcs.cs.utwente.nl [130.89.10.247]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id SAA17556 for ; Thu, 9 Nov 2000 18:09:17 +0100 (MET) Received: from ctit.utwente.nl (utip064.cs.utwente.nl [130.89.12.90]) by utrhcs.cs.utwente.nl (8.9.3/8.9.3) with ESMTP id SAA29742; Thu, 9 Nov 2000 18:09:11 +0100 (MET) Message-ID: <3A0ADA1A.23068F9C@ctit.utwente.nl> Date: Thu, 09 Nov 2000 18:08:42 +0100 From: Aiko Pras X-Mailer: Mozilla 4.72 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: "nmrg@ibr.cs.tu-bs.de" CC: Aiko Pras Subject: [nmrg] NMRG Information Modelling Workshop Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 2455 Lines: 50 Hi everyone Now that all details regarding the meeting location are known (see , I would like to propose an agenda for our next IRTF-NMRG meeting. As agreed in a previous discussion on the NMRG mailinglist, the purpose of this meeting will be to dive into the details of network information modeling. The things we want to do at the meeting include: 1) Discuss the pros and cons of doing information modeling work. This discussion could include the relevance of this work; is it necessary to have standards and how problematic is it to have multiple standards. Are the standards being implemented? Do they reduce the costs of network device vendors and / or network management vendors? Do they help network operators? 2) Produce an overview of what has been done so far in various groups. Among the things we could look at are SMIng (including the results of the Kleinheubach meeting), SPPI, NIM, CIM, GDMO, UML, CORBA (e.g. CORBA's Generic Network and NE Level Information Model), TINA, TMN NRIM etc. It would be nice if there were volunteers to introduce each of these approaches. Next to the overview, we should also make a comparison. 3) Discuss the key elements for a next generation information model for the Internet. The subject of this meeting is interesting and I guess it will therefore be important to have good minutes. Probably we could, just as we did after our first meeting in Lausanne, have as result an overview / conclusion paper in, for example, the Simple-Times (are there any Ph.D. students participating in the meeting :-). I would appreciate your comments an this draft agenda. Also I would like to ask for volunteers to introduce each of the approaches. Per approach there will be 20 minutes (or less) available for a technical presentation (remember this is the IRTF; political issues will be discussed the week afterwards :-). If you have any pointers to relevant info, please let me know; I will collect these pointers and send them in a later email to all of you. Since the meeting center is about 10 miles from the Doubletree hotel, I propose we start at 9:30 (those who want can assemble in the hall of the hotel at 9:00, and travel together). Lunch will be from 12:30 to 13:30; I expect that we stop around 17:30 (depending on the discussion, of course). Coffee breaks will be at 11:00 and 15:00! Bye Aiko Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id RAA15761 for nmrg-outgoing; Tue, 7 Nov 2000 17:18:04 +0100 (MET) Received: (from schoenw@localhost) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id RAA15755; Tue, 7 Nov 2000 17:18:02 +0100 (MET) Date: Tue, 7 Nov 2000 17:18:02 +0100 (MET) Message-Id: <200011071618.RAA15755@mumm.ibr.cs.tu-bs.de> X-Authentication-Warning: mumm.ibr.cs.tu-bs.de: schoenw set sender to schoenw@ibr.cs.tu-bs.de using -f From: Juergen Schoenwaelder To: Network Management Research Group Subject: [nmrg] 8th NMRG meeting in Austin Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 819 Lines: 19 I am happy to announce that the University of Austin is hosting the 8th NMRG meeting in Austin. The meeting place is The Commons Building on the J. J. Pickle Research Campus. The University is also organizing free continental breakfast, lunch and afternoon breaks for us. :-) The details can be found on the meeting web page which is located at . I expect that Aiko (who is going to chair this meeting) will soon post more information about the agenda and so on. /js -- Juergen Schoenwaelder Technical University Braunschweig Dept. Operating Systems & Computer Networks Phone: +49 531 391 3289 Bueltenweg 74/75, 38106 Braunschweig, Germany Fax: +49 531 391 5936 Return-Path: Received: by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) id QAA26978 for nmrg-outgoing; Thu, 2 Nov 2000 16:47:26 +0100 (MET) Received: from henkell.ibr.cs.tu-bs.de (schoenw@henkell [134.169.34.191]) by mumm.ibr.cs.tu-bs.de (8.9.3/8.9.3) with ESMTP id QAA26827; Thu, 2 Nov 2000 16:47:22 +0100 (MET) Received: from schoenw@localhost by henkell.ibr.cs.tu-bs.de (8.7.6/tubsibr) id QAA05239; Thu, 2 Nov 2000 16:47:22 +0100 Date: Thu, 2 Nov 2000 16:47:22 +0100 Message-Id: <200011021547.QAA05239@henkell.ibr.cs.tu-bs.de> From: Juergen Schoenwaelder To: dperkins@dsperkins.com CC: nmrg@ibr.cs.tu-bs.de In-reply-to: <4.1.20001031093257.00a6f890@mail.scruznet.com> (dperkins@dsperkins.com) Subject: Re: [nmrg] December meeting References: <39FEDD10.E5DF9127@mediaone.net> <39FEDD10.E5DF9127@mediaone.net> <4.1.20001031093257.00a6f890@mail.scruznet.com> Sender: owner-nmrg@ibr.cs.tu-bs.de Precedence: bulk Status: O Content-Length: 1322 Lines: 33 >>>>> David T Perkins writes: David> How about saturday and sunday in San Diego? Some of us are also on the IM 2001 PC which will meet directly before the NMRG meeting planned in Austin and thus there is no time left to travel to San Diego before the NMRG meeting (without moving the meeting date itself). In other words, there is only Saturday evening and Sunday left for those who want to be in San Diego for the IETF. Some people have already booked flights assuming the meeting will take place in Austin as scheduled. So moving the meeting now to San Diego will be problematic for them. Furthermore, we do not have a host in San Diego either. So this does not really make my life simpler. I therefore decided to continue with the current plan that the meeting will be held in Austin on December 8-9. We do not yet know the local host in Austin - but I hope this will be finalized in the next days as well. (Last time I had trouble to find a local host, we ended up in a nice castle. So lets see what Austin has to offer. :-) /js -- Juergen Schoenwaelder Technical University Braunschweig Dept. Operating Systems & Computer Networks Phone: +49 531 391 3289 Bueltenweg 74/75, 38106 Braunschweig, Germany Fax: +49 531 391 5936