Network Working Group R. Raghunarayan, Ed.
Request for Comments: 4022 Cisco Systems
Obsoletes: 2452, 2012 March 2005
Category: Standards Track
Network Working Group R. Raghunarayan, Ed.
Request for Comments: 4022 Cisco Systems
Obsoletes: 2452, 2012 March 2005
Category: Standards Track
Management Information Base for the Transmission Control Protocol (TCP)
传输控制协议(TCP)的管理信息库
Status of This Memo
关于下段备忘
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (2005).
版权所有(C)互联网协会(2005年)。
Abstract
摘要
This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects used for implementations of the Transmission Control Protocol (TCP) in an IP version independent manner. This memo obsoletes RFCs 2452 and 2012.
此备忘录定义了管理信息库(MIB)的一部分,用于Internet社区中的网络管理协议。特别是,它描述了用于以独立于IP版本的方式实现传输控制协议(TCP)的托管对象。本备忘录废除了RFCs 2452和2012。
Table of Contents
目录
1. The Internet-Standard Management Framework . . . . . . . . . 2
2. Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . 2
2.1. Relationship to Other MIBs. . . . . . . . . . . . . . . 2
3. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 4
4. Acknowledgements. . . . . . . . . . . . . . . . . . . . . . . 20
5. References. . . . . . . . . . . . . . . . . . . . . . . . . . 20
5.1. Normative References. . . . . . . . . . . . . . . . . . 20
5.2. Informative References. . . . . . . . . . . . . . . . . 21
6. Security Considerations . . . . . . . . . . . . . . . . . . . 21
7. Contributors. . . . . . . . . . . . . . . . . . . . . . . . . 23
Editor's Address. . . . . . . . . . . . . . . . . . . . . . . . . 23
Full Copyright Statement. . . . . . . . . . . . . . . . . . . . . 24
1. The Internet-Standard Management Framework . . . . . . . . . 2
2. Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . 2
2.1. Relationship to Other MIBs. . . . . . . . . . . . . . . 2
3. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 4
4. Acknowledgements. . . . . . . . . . . . . . . . . . . . . . . 20
5. References. . . . . . . . . . . . . . . . . . . . . . . . . . 20
5.1. Normative References. . . . . . . . . . . . . . . . . . 20
5.2. Informative References. . . . . . . . . . . . . . . . . 21
6. Security Considerations . . . . . . . . . . . . . . . . . . . 21
7. Contributors. . . . . . . . . . . . . . . . . . . . . . . . . 23
Editor's Address. . . . . . . . . . . . . . . . . . . . . . . . . 23
Full Copyright Statement. . . . . . . . . . . . . . . . . . . . . 24
For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410].
有关描述当前互联网标准管理框架的文件的详细概述,请参阅RFC 3410[RFC3410]第7节。
Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580].
托管对象通过虚拟信息存储(称为管理信息库或MIB)进行访问。MIB对象通常通过简单网络管理协议(SNMP)进行访问。MIB中的对象是使用管理信息结构(SMI)中定义的机制定义的。本备忘录规定了符合SMIv2的MIB模块,如STD 58、RFC 2578[RFC2578]、STD 58、RFC 2579[RFC2579]和STD 58、RFC 2580[RFC2580]所述。
The current TCP-MIB defined in this memo consists of two tables and a group of scalars:
本备忘录中定义的当前TCP-MIB由两个表和一组标量组成:
- The tcp group of scalars includes two sets of objects:
- tcp标量组包括两组对象:
o Parameters of a TCP protocol engine. These include parameters such as the retransmission algorithm in use (e.g., vanj [VANJ]) and the retransmission timeout values.
o TCP协议引擎的参数。这些包括参数,例如正在使用的重传算法(例如,vanj[vanj])和重传超时值。
o Statistics of a TCP protocol engine. These include counters for the number of active/passive opens, input/output segments, and errors. Discontinuities in the stats are identified identified via the sysUpTime object, defined in [RFC3418].
o TCP协议引擎的统计信息。这些包括主动/被动打开、输入/输出段和错误数的计数器。通过[RFC3418]中定义的sysUpTime对象识别统计数据中的不连续性。
- The tcpConnectionTable provides access to status information for all TCP connections handled by a TCP protocol engine. In addition, the table reports identification of the operating system level processes that handle the TCP connections.
- tcpConnectionTable提供对TCP协议引擎处理的所有TCP连接的状态信息的访问。此外,该表还报告了处理TCP连接的操作系统级进程的标识。
- The tcpListenerTable provides access to information about all TCP listening endpoints known by a TCP protocol engine. And as with the connection table, the tcpListenerTable also reports the identification of the operating system level processes that handle this listening TCP endpoint.
- tcpListenerTable提供对TCP协议引擎已知的所有TCP侦听端点的信息的访问。与连接表一样,tcpListenerTable还报告处理此侦听TCP端点的操作系统级进程的标识。
This section discusses the relationship of this TCP-MIB module to other MIB modules.
本节讨论此TCP-MIB模块与其他MIB模块的关系。
TCP related MIB objects were originally defined as part of the RFC1213-MIB defined in RFC 1213 [RFC1213]. The TCP related objects of the RFC1213-MIB were later copied into a separate MIB module and published in RFC 2012 [RFC2012] in SMIv2 format.
TCP相关MIB对象最初定义为RFC1213-MIB的一部分,RFC1213-MIB在RFC1213[RFC1213]中定义。RFC1213-MIB的TCP相关对象随后被复制到单独的MIB模块中,并以SMIv2格式发布在RFC 2012[RFC2012]中。
The previous versions of the TCP-MIB both defined the tcpConnTable, which has been deprecated basically for two reasons:
TCP-MIB的早期版本都定义了TCPConTable,基本上由于以下两个原因,TCPConTable已被弃用:
(1) The tcpConnTable only supports IPv4.
(1) TCPConTable仅支持IPv4。
The current approach in the IETF is to write IP version neutral MIBs, based on the InetAddressType and InetAddress constructs defined in [RFC4001], rather than to have different definitions for various version of IP. This reduces the amount of overhead when new objects are introduced, as there is only one place to add them. Hence, the approach taken in [RFC2452], of having separate tables, is not continued.
IETF中的当前方法是基于[RFC4001]中定义的InetAddressType和InetAddress结构编写IP版本无关的MIB,而不是对不同版本的IP有不同的定义。这减少了引入新对象时的开销,因为只有一个位置可以添加它们。因此,[RFC2452]中采用的具有单独表的方法不再继续。
(2) The tcpConnTable mixes listening endpoints with connections.
(2) TCPConTable将侦听端点与连接混合在一起。
It turns out that connections tend to have a different behaviour and management access pattern than listening endpoints. Therefore, splitting the original tcpConnTable into two tables allows for the addition of specific status and statistics objects for listening endpoints and connections.
事实证明,连接往往具有与侦听端点不同的行为和管理访问模式。因此,将原始TCPConTable拆分为两个表允许为侦听端点和连接添加特定的状态和统计对象。
The IPV6-TCP-MIB defined in RFC 2452 has been moved to Historic status because the approach of having separate IP version specific tables is not followed anymore. Implementation of RFC 2452 is no longer suggested.
RFC 2452中定义的IPV6-TCP-MIB已移到历史状态,因为不再采用单独的IP版本特定表的方法。不再建议实施RFC 2452。
The tcpConnectionTable and the tcpListenerTable report the identification of the operating system level process that handles a connection or a listening endpoint. The value is reported as an Unsigned32, which is expected to be the same as the hrSWRunIndex of the HOST-RESOURCES-MIB [RFC2790] (if the value is smaller than 2147483647) or the sysApplElmtRunIndex of the SYSAPPL-MIB [RFC2287]. This allows management applications to identify the TCP connections that belong to an operating system level process, which has proven to be valuable in operational environments.
tcpConnectionTable和tcpListenerTable报告处理连接或侦听端点的操作系统级进程的标识。该值报告为Unsigned32,该值应与HOST-RESOURCES-MIB[RFC2790]的hrSWRunIndex相同(如果该值小于2147483647)或SYSAPPL-MIB[RFC2287]的sysApplElmtRunIndex。这允许管理应用程序识别属于操作系统级进程的TCP连接,这在操作环境中被证明是有价值的。
TCP-MIB DEFINITIONS ::= BEGIN
TCP-MIB DEFINITIONS ::= BEGIN
IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, Unsigned32, Gauge32, Counter32, Counter64, IpAddress, mib-2 FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF InetAddress, InetAddressType, InetPortNumber FROM INET-ADDRESS-MIB;
从SNMPv2 SMI MODULE-COMPLIANCE导入MODULE-IDENTITY、OBJECT-TYPE、Integer32、Unsigned32、Gauge32、Counter32、Counter64、IpAddress、mib-2,从SNMPv2 CONF InetAddress导入OBJECT-GROUP,从INET-ADDRESS-mib导入InetAddressType、InetPortNumber;
tcpMIB MODULE-IDENTITY LAST-UPDATED "200502180000Z" -- 18 February 2005 ORGANIZATION "IETF IPv6 MIB Revision Team http://www.ietf.org/html.charters/ipv6-charter.html" CONTACT-INFO "Rajiv Raghunarayan (editor)
tcpMIB模块标识最后更新的“20050218000Z”-2005年2月18日组织“IETF IPv6 MIB修订团队”http://www.ietf.org/html.charters/ipv6-charter.html“联系方式”拉吉夫·拉古纳拉扬(编辑)
Cisco Systems Inc. 170 West Tasman Drive San Jose, CA 95134
思科系统公司,加利福尼亚州圣何塞西塔斯曼大道170号,邮编95134
Phone: +1 408 853 9612
Email: <raraghun@cisco.com>
Phone: +1 408 853 9612
Email: <raraghun@cisco.com>
Send comments to <ipv6@ietf.org>" DESCRIPTION "The MIB module for managing TCP implementations.
将评论发送到<ipv6@ietf.org>“描述”用于管理TCP实现的MIB模块。
Copyright (C) The Internet Society (2005). This version
of this MIB module is a part of RFC 4022; see the RFC
itself for full legal notices."
REVISION "200502180000Z" -- 18 February 2005
DESCRIPTION
"IP version neutral revision, published as RFC 4022."
REVISION "9411010000Z"
DESCRIPTION
"Initial SMIv2 version, published as RFC 2012."
REVISION "9103310000Z"
DESCRIPTION
"The initial revision of this MIB module was part of
MIB-II."
::= { mib-2 49 }
Copyright (C) The Internet Society (2005). This version
of this MIB module is a part of RFC 4022; see the RFC
itself for full legal notices."
REVISION "200502180000Z" -- 18 February 2005
DESCRIPTION
"IP version neutral revision, published as RFC 4022."
REVISION "9411010000Z"
DESCRIPTION
"Initial SMIv2 version, published as RFC 2012."
REVISION "9103310000Z"
DESCRIPTION
"The initial revision of this MIB module was part of
MIB-II."
::= { mib-2 49 }
-- the TCP base variables group
--TCP基本变量组
tcp OBJECT IDENTIFIER ::= { mib-2 6 }
tcp OBJECT IDENTIFIER ::= { mib-2 6 }
-- Scalars
--标量
tcpRtoAlgorithm OBJECT-TYPE
SYNTAX INTEGER {
other(1), -- none of the following
constant(2), -- a constant rto
rsre(3), -- MIL-STD-1778, Appendix B
vanj(4), -- Van Jacobson's algorithm
rfc2988(5) -- RFC 2988
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The algorithm used to determine the timeout value used for
retransmitting unacknowledged octets."
::= { tcp 1 }
tcpRtoAlgorithm OBJECT-TYPE
SYNTAX INTEGER {
other(1), -- none of the following
constant(2), -- a constant rto
rsre(3), -- MIL-STD-1778, Appendix B
vanj(4), -- Van Jacobson's algorithm
rfc2988(5) -- RFC 2988
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The algorithm used to determine the timeout value used for
retransmitting unacknowledged octets."
::= { tcp 1 }
tcpRtoMin OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
UNITS "milliseconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The minimum value permitted by a TCP implementation for
the retransmission timeout, measured in milliseconds.
More refined semantics for objects of this type depend
on the algorithm used to determine the retransmission
timeout; in particular, the IETF standard algorithm
rfc2988(5) provides a minimum value."
::= { tcp 2 }
tcpRtoMin OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
UNITS "milliseconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The minimum value permitted by a TCP implementation for
the retransmission timeout, measured in milliseconds.
More refined semantics for objects of this type depend
on the algorithm used to determine the retransmission
timeout; in particular, the IETF standard algorithm
rfc2988(5) provides a minimum value."
::= { tcp 2 }
tcpRtoMax OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
UNITS "milliseconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The maximum value permitted by a TCP implementation for
the retransmission timeout, measured in milliseconds.
More refined semantics for objects of this type depend
on the algorithm used to determine the retransmission
timeout; in particular, the IETF standard algorithm
rfc2988(5) provides an upper bound (as part of an
adaptive backoff algorithm)."
::= { tcp 3 }
tcpRtoMax OBJECT-TYPE
SYNTAX Integer32 (0..2147483647)
UNITS "milliseconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The maximum value permitted by a TCP implementation for
the retransmission timeout, measured in milliseconds.
More refined semantics for objects of this type depend
on the algorithm used to determine the retransmission
timeout; in particular, the IETF standard algorithm
rfc2988(5) provides an upper bound (as part of an
adaptive backoff algorithm)."
::= { tcp 3 }
tcpMaxConn OBJECT-TYPE
SYNTAX Integer32 (-1 | 0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The limit on the total number of TCP connections the entity
can support. In entities where the maximum number of
connections is dynamic, this object should contain the
value -1."
::= { tcp 4 }
tcpMaxConn OBJECT-TYPE
SYNTAX Integer32 (-1 | 0..2147483647)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The limit on the total number of TCP connections the entity
can support. In entities where the maximum number of
connections is dynamic, this object should contain the
value -1."
::= { tcp 4 }
tcpActiveOpens OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times that TCP connections have made a direct transition to the SYN-SENT state from the CLOSED state.
TCPACTIVEPONS对象类型语法计数器32 MAX-ACCESS只读状态当前描述“TCP连接从关闭状态直接转换到SYN-SENT状态的次数。
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 5 }
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 5 }
tcpPassiveOpens OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times TCP connections have made a direct transition to the SYN-RCVD state from the LISTEN state.
TCPPAP对象类型语法计数器32 MAX-ACCESS只读状态当前描述“TCP连接从侦听状态直接转换到SYN-RCVD状态的次数。
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 6 }
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 6 }
tcpAttemptFails OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times that TCP connections have made a direct transition to the CLOSED state from either the SYN-SENT state or the SYN-RCVD state, plus the number of times that TCP connections have made a direct transition to the LISTEN state from the SYN-RCVD state.
TCP对象类型语法计数器32 MAX-ACCESS只读状态当前说明“TCP连接从SYN-SENT状态或SYN-RCVD状态直接转换到关闭状态的次数,加上TCP连接从SYN-RCVD状态直接转换到侦听状态的次数。”。
Discontinuities in the value of this counter are indicated via discontinuities in the value of sysUpTime."
此计数器值的不连续性通过sysUpTime值的不连续性表示。”
::= { tcp 7 }
::= { tcp 7 }
tcpEstabResets OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of times that TCP connections have made a direct transition to the CLOSED state from either the ESTABLISHED state or the CLOSE-WAIT state.
tcpEstabResets对象类型语法计数器32 MAX-ACCESS只读状态当前描述“TCP连接从已建立状态或关闭等待状态直接转换到关闭状态的次数。
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 8 }
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 8 }
tcpCurrEstab OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of TCP connections for which the current state
is either ESTABLISHED or CLOSE-WAIT."
::= { tcp 9 }
tcpCurrEstab OBJECT-TYPE
SYNTAX Gauge32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of TCP connections for which the current state
is either ESTABLISHED or CLOSE-WAIT."
::= { tcp 9 }
tcpInSegs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of segments received, including those received in error. This count includes segments received on currently established connections.
tcpInSegs对象类型语法计数器32 MAX-ACCESS只读状态当前描述“接收的段总数,包括错误接收的段。此计数包括在当前建立的连接上接收的段。
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 10 }
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 10 }
tcpOutSegs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of segments sent, including those on current connections but excluding those containing only retransmitted octets.
tcpOutSegs对象类型语法计数器32 MAX-ACCESS只读状态当前描述“发送的段总数,包括当前连接上的段,但不包括仅包含重新传输的八位字节的段。
Discontinuities in the value of this counter are indicated via discontinuities in the value of sysUpTime."
此计数器值的不连续性通过sysUpTime值的不连续性表示。”
::= { tcp 11 }
::= { tcp 11 }
tcpRetransSegs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of segments retransmitted; that is, the number of TCP segments transmitted containing one or more previously transmitted octets.
tcpRetransSegs对象类型语法计数器32 MAX-ACCESS只读状态当前描述“重新传输的段总数;即传输的包含一个或多个先前传输的八位字节的TCP段数。
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 12 }
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 12 }
tcpInErrs OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of segments received in error (e.g., bad TCP checksums).
tcpInErrs对象类型语法计数器32 MAX-ACCESS只读状态当前描述“错误接收的段总数(例如,错误的TCP校验和)。
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 14 }
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 14 }
tcpOutRsts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of TCP segments sent containing the RST flag.
tcpOutRsts对象类型语法计数器32 MAX-ACCESS只读状态当前描述“发送的包含RST标志的TCP段数。
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 15 }
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 15 }
-- { tcp 16 } was used to represent the ipv6TcpConnTable in RFC 2452,
-- which has since been obsoleted. It MUST not be used.
-- { tcp 16 } was used to represent the ipv6TcpConnTable in RFC 2452,
-- which has since been obsoleted. It MUST not be used.
tcpHCInSegs OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of segments received, including those received in error. This count includes segments received
tcpHCInSegs对象类型语法计数器64 MAX-ACCESS只读状态当前描述“接收的段总数,包括错误接收的段。此计数包括接收的段
on currently established connections. This object is the 64-bit equivalent of tcpInSegs.
在当前建立的连接上。此对象是tcpInSegs的64位等效对象。
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 17 }
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 17 }
tcpHCOutSegs OBJECT-TYPE SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of segments sent, including those on current connections but excluding those containing only retransmitted octets. This object is the 64-bit equivalent of tcpOutSegs.
tcpHCOutSegs对象类型语法计数器64 MAX-ACCESS只读状态当前描述“发送的段总数,包括当前连接上的段,但不包括仅包含重新传输的八位字节的段。此对象是tcpOutSegs的64位等效项。
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 18 }
Discontinuities in the value of this counter are
indicated via discontinuities in the value of sysUpTime."
::= { tcp 18 }
-- The TCP Connection table
--TCP连接表
tcpConnectionTable OBJECT-TYPE
SYNTAX SEQUENCE OF TcpConnectionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table containing information about existing TCP
connections. Note that unlike earlier TCP MIBs, there
is a separate table for connections in the LISTEN state."
::= { tcp 19 }
tcpConnectionTable OBJECT-TYPE
SYNTAX SEQUENCE OF TcpConnectionEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table containing information about existing TCP
connections. Note that unlike earlier TCP MIBs, there
is a separate table for connections in the LISTEN state."
::= { tcp 19 }
tcpConnectionEntry OBJECT-TYPE SYNTAX TcpConnectionEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row of the tcpConnectionTable containing information about a particular current TCP connection. Each row of this table is transient in that it ceases to exist when (or soon after) the connection makes the transition to the CLOSED state." INDEX { tcpConnectionLocalAddressType, tcpConnectionLocalAddress, tcpConnectionLocalPort, tcpConnectionRemAddressType,
tcpConnectionEntry对象类型语法tcpConnectionEntry MAX-ACCESS不可访问状态当前描述“tcpConnectionTable的概念行,包含有关特定当前TCP连接的信息。此表的每一行都是暂时的,因为它在以下时间(或之后不久)停止存在连接转换到关闭状态。“索引{tcpConnectionLocalAddressType,tcpConnectionLocalAddress,tcpConnectionLocalPort,TCPConnectionReAddressType,
tcpConnectionRemAddress,
tcpConnectionRemPort }
::= { tcpConnectionTable 1 }
tcpConnectionRemAddress,
tcpConnectionRemPort }
::= { tcpConnectionTable 1 }
TcpConnectionEntry ::= SEQUENCE {
tcpConnectionLocalAddressType InetAddressType,
tcpConnectionLocalAddress InetAddress,
tcpConnectionLocalPort InetPortNumber,
tcpConnectionRemAddressType InetAddressType,
tcpConnectionRemAddress InetAddress,
tcpConnectionRemPort InetPortNumber,
tcpConnectionState INTEGER,
tcpConnectionProcess Unsigned32
}
TcpConnectionEntry ::= SEQUENCE {
tcpConnectionLocalAddressType InetAddressType,
tcpConnectionLocalAddress InetAddress,
tcpConnectionLocalPort InetPortNumber,
tcpConnectionRemAddressType InetAddressType,
tcpConnectionRemAddress InetAddress,
tcpConnectionRemPort InetPortNumber,
tcpConnectionState INTEGER,
tcpConnectionProcess Unsigned32
}
tcpConnectionLocalAddressType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The address type of tcpConnectionLocalAddress."
::= { tcpConnectionEntry 1 }
tcpConnectionLocalAddressType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The address type of tcpConnectionLocalAddress."
::= { tcpConnectionEntry 1 }
tcpConnectionLocalAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The local IP address for this TCP connection. The type of this address is determined by the value of tcpConnectionLocalAddressType.
tcpConnectionLocalAddress对象类型语法InetAddress MAX-ACCESS不可访问状态当前描述“此TCP连接的本地IP地址。此地址的类型由tcpConnectionLocalAddressType的值确定。
As this object is used in the index for the
tcpConnectionTable, implementors should be
careful not to create entries that would result in OIDs
with more than 128 subidentifiers; otherwise the information
cannot be accessed by using SNMPv1, SNMPv2c, or SNMPv3."
::= { tcpConnectionEntry 2 }
As this object is used in the index for the
tcpConnectionTable, implementors should be
careful not to create entries that would result in OIDs
with more than 128 subidentifiers; otherwise the information
cannot be accessed by using SNMPv1, SNMPv2c, or SNMPv3."
::= { tcpConnectionEntry 2 }
tcpConnectionLocalPort OBJECT-TYPE
SYNTAX InetPortNumber
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The local port number for this TCP connection."
::= { tcpConnectionEntry 3 }
tcpConnectionLocalPort OBJECT-TYPE
SYNTAX InetPortNumber
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The local port number for this TCP connection."
::= { tcpConnectionEntry 3 }
tcpConnectionRemAddressType OBJECT-TYPE
TCPConnectionReAddressType对象类型
SYNTAX InetAddressType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The address type of tcpConnectionRemAddress."
::= { tcpConnectionEntry 4 }
SYNTAX InetAddressType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The address type of tcpConnectionRemAddress."
::= { tcpConnectionEntry 4 }
tcpConnectionRemAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The remote IP address for this TCP connection. The type of this address is determined by the value of tcpConnectionRemAddressType.
TCPConnectionReAddress对象类型语法InetAddress MAX-ACCESS不可访问状态当前描述“此TCP连接的远程IP地址。此地址的类型由TCPConnectionReAddressType的值确定。
As this object is used in the index for the
tcpConnectionTable, implementors should be
careful not to create entries that would result in OIDs
with more than 128 subidentifiers; otherwise the information
cannot be accessed by using SNMPv1, SNMPv2c, or SNMPv3."
::= { tcpConnectionEntry 5 }
As this object is used in the index for the
tcpConnectionTable, implementors should be
careful not to create entries that would result in OIDs
with more than 128 subidentifiers; otherwise the information
cannot be accessed by using SNMPv1, SNMPv2c, or SNMPv3."
::= { tcpConnectionEntry 5 }
tcpConnectionRemPort OBJECT-TYPE
SYNTAX InetPortNumber
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The remote port number for this TCP connection."
::= { tcpConnectionEntry 6 }
tcpConnectionRemPort OBJECT-TYPE
SYNTAX InetPortNumber
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The remote port number for this TCP connection."
::= { tcpConnectionEntry 6 }
tcpConnectionState OBJECT-TYPE
SYNTAX INTEGER {
closed(1),
listen(2),
synSent(3),
synReceived(4),
established(5),
finWait1(6),
finWait2(7),
closeWait(8),
lastAck(9),
closing(10),
timeWait(11),
deleteTCB(12)
}
MAX-ACCESS read-write
STATUS current
tcpConnectionState OBJECT-TYPE
SYNTAX INTEGER {
closed(1),
listen(2),
synSent(3),
synReceived(4),
established(5),
finWait1(6),
finWait2(7),
closeWait(8),
lastAck(9),
closing(10),
timeWait(11),
deleteTCB(12)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The state of this TCP connection.
DESCRIPTION“此TCP连接的状态。
The value listen(2) is included only for parallelism to the old tcpConnTable and should not be used. A connection in LISTEN state should be present in the tcpListenerTable.
值listen(2)仅用于与旧TCPConTable并行,不应使用。tcpListenerTable中应存在处于侦听状态的连接。
The only value that may be set by a management station is deleteTCB(12). Accordingly, it is appropriate for an agent to return a `badValue' response if a management station attempts to set this object to any other value.
管理站可以设置的唯一值是deleteTCB(12)。因此,如果管理站试图将此对象设置为任何其他值,则代理返回“badValue”响应是合适的。
If a management station sets this object to the value deleteTCB(12), then the TCB (as defined in [RFC793]) of the corresponding connection on the managed node is deleted, resulting in immediate termination of the connection.
如果管理站将此对象设置为值deleteTCB(12),则删除受管节点上相应连接的TCB(如[RFC793]中所定义),从而立即终止连接。
As an implementation-specific option, a RST segment may be
sent from the managed node to the other TCP endpoint (note,
however, that RST segments are not sent reliably)."
::= { tcpConnectionEntry 7 }
As an implementation-specific option, a RST segment may be
sent from the managed node to the other TCP endpoint (note,
however, that RST segments are not sent reliably)."
::= { tcpConnectionEntry 7 }
tcpConnectionProcess OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The system's process ID for the process associated with
this connection, or zero if there is no such process. This
value is expected to be the same as HOST-RESOURCES-MIB::
hrSWRunIndex or SYSAPPL-MIB::sysApplElmtRunIndex for some
row in the appropriate tables."
::= { tcpConnectionEntry 8 }
tcpConnectionProcess OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The system's process ID for the process associated with
this connection, or zero if there is no such process. This
value is expected to be the same as HOST-RESOURCES-MIB::
hrSWRunIndex or SYSAPPL-MIB::sysApplElmtRunIndex for some
row in the appropriate tables."
::= { tcpConnectionEntry 8 }
-- The TCP Listener table
--TCP侦听器表
tcpListenerTable OBJECT-TYPE SYNTAX SEQUENCE OF TcpListenerEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing information about TCP listeners. A listening application can be represented in three possible ways:
tcpListenerTable对象类型TcpListenerEntry MAX-ACCESS的语法序列不可访问状态当前描述“包含TCP侦听器信息的表。侦听应用程序可以用三种可能的方式表示:
1. An application that is willing to accept both IPv4 and IPv6 datagrams is represented by
1. 愿意接受IPv4和IPv6数据报的应用程序表示为
a tcpListenerLocalAddressType of unknown (0) and a tcpListenerLocalAddress of ''h (a zero-length octet-string).
未知(0)的tcpListenerLocalAddressType和''h'的tcpListenerLocalAddress(零长度八位字节字符串)。
2. An application that is willing to accept only IPv4 or IPv6 datagrams is represented by a tcpListenerLocalAddressType of the appropriate address type and a tcpListenerLocalAddress of '0.0.0.0' or '::' respectively.
2. 只接受IPv4或IPv6数据报的应用程序分别由相应地址类型的tcpListenerLocalAddressType和“0.0.0.0”或“::”的tcpListenerLocalAddress表示。
3. An application that is listening for data destined only to a specific IP address, but from any remote system, is represented by a tcpListenerLocalAddressType of an appropriate address type, with tcpListenerLocalAddress as the specific local address.
3. 侦听只发送到特定IP地址但来自任何远程系统的数据的应用程序由适当地址类型的tcpListenerLocalAddressType表示,tcpListenerLocalAddress作为特定的本地地址。
NOTE: The address type in this table represents the
address type used for the communication, irrespective
of the higher-layer abstraction. For example, an
application using IPv6 'sockets' to communicate via
IPv4 between ::ffff:10.0.0.1 and ::ffff:10.0.0.2 would
use InetAddressType ipv4(1))."
::= { tcp 20 }
NOTE: The address type in this table represents the
address type used for the communication, irrespective
of the higher-layer abstraction. For example, an
application using IPv6 'sockets' to communicate via
IPv4 between ::ffff:10.0.0.1 and ::ffff:10.0.0.2 would
use InetAddressType ipv4(1))."
::= { tcp 20 }
tcpListenerEntry OBJECT-TYPE
SYNTAX TcpListenerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A conceptual row of the tcpListenerTable containing
information about a particular TCP listener."
INDEX { tcpListenerLocalAddressType,
tcpListenerLocalAddress,
tcpListenerLocalPort }
::= { tcpListenerTable 1 }
tcpListenerEntry OBJECT-TYPE
SYNTAX TcpListenerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A conceptual row of the tcpListenerTable containing
information about a particular TCP listener."
INDEX { tcpListenerLocalAddressType,
tcpListenerLocalAddress,
tcpListenerLocalPort }
::= { tcpListenerTable 1 }
TcpListenerEntry ::= SEQUENCE {
tcpListenerLocalAddressType InetAddressType,
tcpListenerLocalAddress InetAddress,
tcpListenerLocalPort InetPortNumber,
tcpListenerProcess Unsigned32
}
TcpListenerEntry ::= SEQUENCE {
tcpListenerLocalAddressType InetAddressType,
tcpListenerLocalAddress InetAddress,
tcpListenerLocalPort InetPortNumber,
tcpListenerProcess Unsigned32
}
tcpListenerLocalAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION
tcpListenerLocalAddressType对象类型语法InetAddressType MAX-ACCESS不可访问状态当前描述
"The address type of tcpListenerLocalAddress. The value
should be unknown (0) if connection initiations to all
local IP addresses are accepted."
::= { tcpListenerEntry 1 }
"The address type of tcpListenerLocalAddress. The value
should be unknown (0) if connection initiations to all
local IP addresses are accepted."
::= { tcpListenerEntry 1 }
tcpListenerLocalAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The local IP address for this TCP connection.
tcpListenerLocalAddress对象类型语法InetAddress MAX-ACCESS不可访问状态当前描述“此TCP连接的本地IP地址。
The value of this object can be represented in three possible ways, depending on the characteristics of the listening application:
根据监听应用程序的特点,此对象的值可以用三种可能的方式表示:
1. For an application willing to accept both IPv4 and IPv6 datagrams, the value of this object must be ''h (a zero-length octet-string), with the value of the corresponding tcpListenerLocalAddressType object being unknown (0).
1. 对于同时接受IPv4和IPv6数据报的应用程序,此对象的值必须为“h”(长度为零的八位字节字符串),相应的tcpListenerLocalAddressType对象的值未知(0)。
2. For an application willing to accept only IPv4 or IPv6 datagrams, the value of this object must be '0.0.0.0' or '::' respectively, with tcpListenerLocalAddressType representing the appropriate address type.
2. 对于只接受IPv4或IPv6数据报的应用程序,此对象的值必须分别为“0.0.0.0”或“::”,tcpListenerLocalAddressType表示适当的地址类型。
3. For an application which is listening for data destined only to a specific IP address, the value of this object is the specific local address, with tcpListenerLocalAddressType representing the appropriate address type.
3. 对于只侦听发送到特定IP地址的数据的应用程序,此对象的值是特定的本地地址,tcpListenerLocalAddressType表示适当的地址类型。
As this object is used in the index for the
tcpListenerTable, implementors should be
careful not to create entries that would result in OIDs
with more than 128 subidentifiers; otherwise the information
cannot be accessed, using SNMPv1, SNMPv2c, or SNMPv3."
::= { tcpListenerEntry 2 }
As this object is used in the index for the
tcpListenerTable, implementors should be
careful not to create entries that would result in OIDs
with more than 128 subidentifiers; otherwise the information
cannot be accessed, using SNMPv1, SNMPv2c, or SNMPv3."
::= { tcpListenerEntry 2 }
tcpListenerLocalPort OBJECT-TYPE
SYNTAX InetPortNumber
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The local port number for this TCP connection."
::= { tcpListenerEntry 3 }
tcpListenerLocalPort OBJECT-TYPE
SYNTAX InetPortNumber
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The local port number for this TCP connection."
::= { tcpListenerEntry 3 }
tcpListenerProcess OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The system's process ID for the process associated with
this listener, or zero if there is no such process. This
value is expected to be the same as HOST-RESOURCES-MIB::
hrSWRunIndex or SYSAPPL-MIB::sysApplElmtRunIndex for some
row in the appropriate tables."
::= { tcpListenerEntry 4 }
tcpListenerProcess OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The system's process ID for the process associated with
this listener, or zero if there is no such process. This
value is expected to be the same as HOST-RESOURCES-MIB::
hrSWRunIndex or SYSAPPL-MIB::sysApplElmtRunIndex for some
row in the appropriate tables."
::= { tcpListenerEntry 4 }
-- The deprecated TCP Connection table
--不推荐使用的TCP连接表
tcpConnTable OBJECT-TYPE
SYNTAX SEQUENCE OF TcpConnEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"A table containing information about existing IPv4-specific
TCP connections or listeners. This table has been
deprecated in favor of the version neutral
tcpConnectionTable."
::= { tcp 13 }
tcpConnTable OBJECT-TYPE
SYNTAX SEQUENCE OF TcpConnEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"A table containing information about existing IPv4-specific
TCP connections or listeners. This table has been
deprecated in favor of the version neutral
tcpConnectionTable."
::= { tcp 13 }
tcpConnEntry OBJECT-TYPE
SYNTAX TcpConnEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"A conceptual row of the tcpConnTable containing information
about a particular current IPv4 TCP connection. Each row
of this table is transient in that it ceases to exist when
(or soon after) the connection makes the transition to the
CLOSED state."
INDEX { tcpConnLocalAddress,
tcpConnLocalPort,
tcpConnRemAddress,
tcpConnRemPort }
::= { tcpConnTable 1 }
tcpConnEntry OBJECT-TYPE
SYNTAX TcpConnEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"A conceptual row of the tcpConnTable containing information
about a particular current IPv4 TCP connection. Each row
of this table is transient in that it ceases to exist when
(or soon after) the connection makes the transition to the
CLOSED state."
INDEX { tcpConnLocalAddress,
tcpConnLocalPort,
tcpConnRemAddress,
tcpConnRemPort }
::= { tcpConnTable 1 }
TcpConnEntry ::= SEQUENCE {
tcpConnState INTEGER,
tcpConnLocalAddress IpAddress,
tcpConnLocalPort Integer32,
tcpConnRemAddress IpAddress,
tcpConnRemPort Integer32
TcpConnEntry ::= SEQUENCE {
tcpConnState INTEGER,
tcpConnLocalAddress IpAddress,
tcpConnLocalPort Integer32,
tcpConnRemAddress IpAddress,
tcpConnRemPort Integer32
}
}
tcpConnState OBJECT-TYPE
SYNTAX INTEGER {
closed(1),
listen(2),
synSent(3),
synReceived(4),
established(5),
finWait1(6),
finWait2(7),
closeWait(8),
lastAck(9),
closing(10),
timeWait(11),
deleteTCB(12)
}
MAX-ACCESS read-write
STATUS deprecated
DESCRIPTION
"The state of this TCP connection.
tcpConnState OBJECT-TYPE
SYNTAX INTEGER {
closed(1),
listen(2),
synSent(3),
synReceived(4),
established(5),
finWait1(6),
finWait2(7),
closeWait(8),
lastAck(9),
closing(10),
timeWait(11),
deleteTCB(12)
}
MAX-ACCESS read-write
STATUS deprecated
DESCRIPTION
"The state of this TCP connection.
The only value that may be set by a management station is deleteTCB(12). Accordingly, it is appropriate for an agent to return a `badValue' response if a management station attempts to set this object to any other value.
管理站可以设置的唯一值是deleteTCB(12)。因此,如果管理站试图将此对象设置为任何其他值,则代理返回“badValue”响应是合适的。
If a management station sets this object to the value deleteTCB(12), then the TCB (as defined in [RFC793]) of the corresponding connection on the managed node is deleted, resulting in immediate termination of the connection.
如果管理站将此对象设置为值deleteTCB(12),则删除受管节点上相应连接的TCB(如[RFC793]中所定义),从而立即终止连接。
As an implementation-specific option, a RST segment may be
sent from the managed node to the other TCP endpoint (note,
however, that RST segments are not sent reliably)."
::= { tcpConnEntry 1 }
As an implementation-specific option, a RST segment may be
sent from the managed node to the other TCP endpoint (note,
however, that RST segments are not sent reliably)."
::= { tcpConnEntry 1 }
tcpConnLocalAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The local IP address for this TCP connection. In the case
of a connection in the listen state willing to
accept connections for any IP interface associated with the
node, the value 0.0.0.0 is used."
::= { tcpConnEntry 2 }
tcpConnLocalAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The local IP address for this TCP connection. In the case
of a connection in the listen state willing to
accept connections for any IP interface associated with the
node, the value 0.0.0.0 is used."
::= { tcpConnEntry 2 }
tcpConnLocalPort OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The local port number for this TCP connection."
::= { tcpConnEntry 3 }
tcpConnLocalPort OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The local port number for this TCP connection."
::= { tcpConnEntry 3 }
tcpConnRemAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The remote IP address for this TCP connection."
::= { tcpConnEntry 4 }
tcpConnRemAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The remote IP address for this TCP connection."
::= { tcpConnEntry 4 }
tcpConnRemPort OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The remote port number for this TCP connection."
::= { tcpConnEntry 5 }
tcpConnRemPort OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION
"The remote port number for this TCP connection."
::= { tcpConnEntry 5 }
-- conformance information
--一致性信息
tcpMIBConformance OBJECT IDENTIFIER ::= { tcpMIB 2 }
tcpMIBConformance OBJECT IDENTIFIER ::= { tcpMIB 2 }
tcpMIBCompliances OBJECT IDENTIFIER ::= { tcpMIBConformance 1 }
tcpMIBGroups OBJECT IDENTIFIER ::= { tcpMIBConformance 2 }
tcpMIBCompliances OBJECT IDENTIFIER ::= { tcpMIBConformance 1 }
tcpMIBGroups OBJECT IDENTIFIER ::= { tcpMIBConformance 2 }
-- compliance statements
--合规声明
tcpMIBCompliance2 MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for systems that implement TCP.
TCPMIBCompliance 2模块-符合性状态当前描述“实施TCP的系统的符合性声明。
A number of INDEX objects cannot be represented in the form of OBJECT clauses in SMIv2 but have the following compliance requirements, expressed in OBJECT clause form in this description clause:
许多索引对象不能在SMIv2中以对象条款的形式表示,但具有以下符合性要求,在本说明条款中以对象条款的形式表示:
-- OBJECT tcpConnectionLocalAddressType
-- SYNTAX InetAddressType { ipv4(1), ipv6(2) }
-- DESCRIPTION
-- This MIB requires support for only global IPv4
-- OBJECT tcpConnectionLocalAddressType
-- SYNTAX InetAddressType { ipv4(1), ipv6(2) }
-- DESCRIPTION
-- This MIB requires support for only global IPv4
-- and IPv6 address types.
--
-- OBJECT tcpConnectionRemAddressType
-- SYNTAX InetAddressType { ipv4(1), ipv6(2) }
-- DESCRIPTION
-- This MIB requires support for only global IPv4
-- and IPv6 address types.
--
-- OBJECT tcpListenerLocalAddressType
-- SYNTAX InetAddressType { unknown(0), ipv4(1),
-- ipv6(2) }
-- DESCRIPTION
-- This MIB requires support for only global IPv4
-- and IPv6 address types. The type unknown also
-- needs to be supported to identify a special
-- case in the listener table: a listen using
-- both IPv4 and IPv6 addresses on the device.
--
"
MODULE -- this module
MANDATORY-GROUPS { tcpBaseGroup, tcpConnectionGroup,
tcpListenerGroup }
GROUP tcpHCGroup
DESCRIPTION
"This group is mandatory for systems that are capable
of receiving or transmitting more than 1 million TCP
segments per second. 1 million segments per second will
cause a Counter32 to wrap in just over an hour."
OBJECT tcpConnectionState
SYNTAX INTEGER { closed(1), listen(2), synSent(3),
synReceived(4), established(5),
finWait1(6), finWait2(7), closeWait(8),
lastAck(9), closing(10), timeWait(11) }
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required, nor is support for the value
deleteTCB (12)."
::= { tcpMIBCompliances 2 }
-- and IPv6 address types.
--
-- OBJECT tcpConnectionRemAddressType
-- SYNTAX InetAddressType { ipv4(1), ipv6(2) }
-- DESCRIPTION
-- This MIB requires support for only global IPv4
-- and IPv6 address types.
--
-- OBJECT tcpListenerLocalAddressType
-- SYNTAX InetAddressType { unknown(0), ipv4(1),
-- ipv6(2) }
-- DESCRIPTION
-- This MIB requires support for only global IPv4
-- and IPv6 address types. The type unknown also
-- needs to be supported to identify a special
-- case in the listener table: a listen using
-- both IPv4 and IPv6 addresses on the device.
--
"
MODULE -- this module
MANDATORY-GROUPS { tcpBaseGroup, tcpConnectionGroup,
tcpListenerGroup }
GROUP tcpHCGroup
DESCRIPTION
"This group is mandatory for systems that are capable
of receiving or transmitting more than 1 million TCP
segments per second. 1 million segments per second will
cause a Counter32 to wrap in just over an hour."
OBJECT tcpConnectionState
SYNTAX INTEGER { closed(1), listen(2), synSent(3),
synReceived(4), established(5),
finWait1(6), finWait2(7), closeWait(8),
lastAck(9), closing(10), timeWait(11) }
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required, nor is support for the value
deleteTCB (12)."
::= { tcpMIBCompliances 2 }
tcpMIBCompliance MODULE-COMPLIANCE STATUS deprecated DESCRIPTION "The compliance statement for IPv4-only systems that implement TCP. In order to be IP version independent, this compliance statement is deprecated in favor of tcpMIBCompliance2. However, agents are still encouraged to implement these objects in order to interoperate with the deployed base of managers."
tcpMIBCompliance MODULE-COMPLIANCE状态已弃用说明“仅适用于实现TCP的IPv4系统的符合性声明。为了独立于IP版本,本合规性声明被弃用,取而代之的是TCPMIBCompliance 2。但是,仍然鼓励代理实现这些对象,以便与部署的管理器基础进行互操作。”
MODULE -- this module
MANDATORY-GROUPS { tcpGroup }
OBJECT tcpConnState
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
::= { tcpMIBCompliances 1 }
MODULE -- this module
MANDATORY-GROUPS { tcpGroup }
OBJECT tcpConnState
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
::= { tcpMIBCompliances 1 }
-- units of conformance
--一致性单位
tcpGroup OBJECT-GROUP
OBJECTS { tcpRtoAlgorithm, tcpRtoMin, tcpRtoMax,
tcpMaxConn, tcpActiveOpens,
tcpPassiveOpens, tcpAttemptFails,
tcpEstabResets, tcpCurrEstab, tcpInSegs,
tcpOutSegs, tcpRetransSegs, tcpConnState,
tcpConnLocalAddress, tcpConnLocalPort,
tcpConnRemAddress, tcpConnRemPort,
tcpInErrs, tcpOutRsts }
STATUS deprecated
DESCRIPTION
"The tcp group of objects providing for management of TCP
entities."
::= { tcpMIBGroups 1 }
tcpGroup OBJECT-GROUP
OBJECTS { tcpRtoAlgorithm, tcpRtoMin, tcpRtoMax,
tcpMaxConn, tcpActiveOpens,
tcpPassiveOpens, tcpAttemptFails,
tcpEstabResets, tcpCurrEstab, tcpInSegs,
tcpOutSegs, tcpRetransSegs, tcpConnState,
tcpConnLocalAddress, tcpConnLocalPort,
tcpConnRemAddress, tcpConnRemPort,
tcpInErrs, tcpOutRsts }
STATUS deprecated
DESCRIPTION
"The tcp group of objects providing for management of TCP
entities."
::= { tcpMIBGroups 1 }
tcpBaseGroup OBJECT-GROUP
OBJECTS { tcpRtoAlgorithm, tcpRtoMin, tcpRtoMax,
tcpMaxConn, tcpActiveOpens,
tcpPassiveOpens, tcpAttemptFails,
tcpEstabResets, tcpCurrEstab, tcpInSegs,
tcpOutSegs, tcpRetransSegs,
tcpInErrs, tcpOutRsts }
STATUS current
DESCRIPTION
"The group of counters common to TCP entities."
::= { tcpMIBGroups 2 }
tcpBaseGroup OBJECT-GROUP
OBJECTS { tcpRtoAlgorithm, tcpRtoMin, tcpRtoMax,
tcpMaxConn, tcpActiveOpens,
tcpPassiveOpens, tcpAttemptFails,
tcpEstabResets, tcpCurrEstab, tcpInSegs,
tcpOutSegs, tcpRetransSegs,
tcpInErrs, tcpOutRsts }
STATUS current
DESCRIPTION
"The group of counters common to TCP entities."
::= { tcpMIBGroups 2 }
tcpConnectionGroup OBJECT-GROUP
OBJECTS { tcpConnectionState, tcpConnectionProcess }
STATUS current
DESCRIPTION
"The group provides general information about TCP
connections."
::= { tcpMIBGroups 3 }
tcpConnectionGroup OBJECT-GROUP
OBJECTS { tcpConnectionState, tcpConnectionProcess }
STATUS current
DESCRIPTION
"The group provides general information about TCP
connections."
::= { tcpMIBGroups 3 }
tcpListenerGroup OBJECT-GROUP OBJECTS { tcpListenerProcess }
tcpListenerGroup对象组对象{tcpListenerProcess}
STATUS current
DESCRIPTION
"This group has objects providing general information about
TCP listeners."
::= { tcpMIBGroups 4 }
STATUS current
DESCRIPTION
"This group has objects providing general information about
TCP listeners."
::= { tcpMIBGroups 4 }
tcpHCGroup OBJECT-GROUP
OBJECTS { tcpHCInSegs, tcpHCOutSegs }
STATUS current
DESCRIPTION
"The group of objects providing for counters of high speed
TCP implementations."
::= { tcpMIBGroups 5 }
tcpHCGroup OBJECT-GROUP
OBJECTS { tcpHCInSegs, tcpHCOutSegs }
STATUS current
DESCRIPTION
"The group of objects providing for counters of high speed
TCP implementations."
::= { tcpMIBGroups 5 }
END
终止
This document contains a modified subset of RFC 1213 and updates RFC 2012 and RFC 2452. Acknowledgements are therefore due to the authors and editors of these documents for their excellent work. Several useful comments regarding usability and design were also received from Kristine Adamson. The authors would like to thank all these people for their contribution to this effort.
本文件包含RFC 1213的修改子集,并更新了RFC 2012和RFC 2452。因此,感谢这些文件的作者和编辑所做的出色工作。Kristine Adamson也对可用性和设计提出了一些有用的意见。作者要感谢所有这些人对这项工作的贡献。
[RFC793] Postel, J., "Transmission Control Protocol", STD 7, RFC 793, DARPA, September 1981.
[RFC793]Postel,J.,“传输控制协议”,STD 7,RFC 793,DARPA,1981年9月。
[RFC2287] Krupczak, C. and J. Saperia, "Definitions of System-Level Managed Objects for Applications", RFC 2287, February 1998.
[RFC2287]Krupczak,C.和J.Saperia,“应用程序系统级托管对象的定义”,RFC 2287,1998年2月。
[RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.
[RFC2578]McCloghrie,K.,Perkins,D.,和J.Schoenwaeld,“管理信息的结构版本2(SMIv2)”,STD 58,RFC 2578,1999年4月。
[RFC2579] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999.
[RFC2579]McCloghrie,K.,Perkins,D.,和J.Schoenwaeld,“SMIv2的文本约定”,STD 58,RFC 2579,1999年4月。
[RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999.
[RFC2580]McCloghrie,K.,Perkins,D.,和J.Schoenwaeld,“SMIv2的一致性声明”,STD 58,RFC 25801999年4月。
[RFC2790] Waldbusser, S. and P. Grillo, "Host Resources MIB", RFC 2790, March 2000.
[RFC2790]Waldbusser,S.和P.Grillo,“主机资源MIB”,RFC 27902000年3月。
[RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. Schoenwaelder, "Textual Conventions for Internet Network Addresses", RFC 4001, February 2005.
[RFC4001]Daniele,M.,Haberman,B.,Routhier,S.,和J.Schoenwaeld,“互联网网络地址的文本约定”,RFC 4001,2005年2月。
[RFC1213] McCloghrie, K. and M. Rose, "Management Information Base for Network Management of TCP/IP-based internets", RFC 1213, March 1991.
[RFC1213]McCloghrie,K.和M.Rose,“基于TCP/IP的互联网网络管理的管理信息库”,RFC 1213,1991年3月。
[RFC2012] McCloghrie, K., Ed., "SNMPv2 Management Information Base for the Transmission Control Protocol using SMIv2", RFC 2012, November 1996.
[RFC2012]McCloghrie,K.,Ed.“使用SMIv2的传输控制协议的SNMPv2管理信息库”,RFC 2012,1996年11月。
[RFC2452] Daniele, M., "IP Version 6 Management Information Base for the Transmission Control Protocol", RFC 2452, December 1998.
[RFC2452]Daniele,M.,“传输控制协议的IP版本6管理信息库”,RFC 2452,1998年12月。
[RFC2988] Paxson, V. and M. Allman, "Computing TCP's Retransmission Timer", RFC 2988, November 2000.
[RFC2988]Paxson,V.和M.Allman,“计算TCP的重传计时器”,RFC 2988,2000年11月。
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet-Standard Management Framework", RFC 3410, December 2002.
[RFC3410]Case,J.,Mundy,R.,Partain,D.,和B.Stewart,“互联网标准管理框架的介绍和适用性声明”,RFC 34102002年12月。
[RFC3418] Presuhn, R., Ed., "Management Information Base (MIB) for the Simple Network Management Protocol (SNMP)", RFC 3418, December 2002.
[RFC3418]Presohn,R.,Ed.“简单网络管理协议(SNMP)的管理信息库(MIB)”,RFC 3418,2002年12月。
[VANJ] Jacobson, V., "Congestion Avoidance and Control", SIGCOMM 1988, Stanford, California.
[VANJ]Jacobson,V.,“拥塞避免和控制”,SIGCOMM 1988,加利福尼亚州斯坦福。
There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. These are the tables and objects and their sensitivity/vulnerability:
此MIB模块中定义了许多管理对象,其MAX-ACCESS子句为read-write。在某些网络环境中,此类对象可能被视为敏感或易受攻击。在没有适当保护的非安全环境中支持SET操作可能会对网络操作产生负面影响。以下是表和对象及其敏感度/漏洞:
o The tcpConnectionState and tcpConnState objects have a MAX-ACCESS clause of read-write, which allows termination of an arbitrary connection. Unauthorized access could cause a denial of service.
o tcpConnectionState和tcpConnState对象有一个读写MAX-ACCESS子句,允许终止任意连接。未经授权的访问可能导致拒绝服务。
Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to
在某些网络环境中,此MIB模块中的某些可读对象(即具有MAX-ACCESS而非not ACCESS的对象)可能被视为敏感或易受攻击。因此,重要的是
control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability:
控制甚至获取和/或通知对这些对象的访问,甚至可能在通过SNMP通过网络发送这些对象时加密这些对象的值。以下是表和对象及其敏感度/漏洞:
o The tcpConnectionTable and the tcpConnTable contain objects providing information about the active connections on the device, the status of these connections, and the associated processes. This information may be used by an attacker to launch attacks against known/unknown weakness in certain protocols/applications. In addition, access to the connection table could also have privacy implications, as it provides detailed information on active connections.
o tcpConnectionTable和TCPConContable包含提供有关设备上活动连接、这些连接的状态以及相关进程的信息的对象。攻击者可利用此信息对某些协议/应用程序中的已知/未知弱点发起攻击。此外,访问连接表还可能涉及隐私,因为它提供了有关活动连接的详细信息。
o The tcpListenerTable and the tcpConnTable contain objects providing information about listeners on an entity. For example, the tcpListenerLocalPort and tcpConnLocalPort objects can be used to identify what ports are open on the machine and what attacks are likely to succeed, without the attacker having to run a port scanner.
o tcpListenerTable和tcpConnTable包含提供实体上侦听器信息的对象。例如,tcpListenerLocalPort和tcpConnLocalPort对象可用于识别计算机上打开的端口以及可能成功的攻击,而攻击者无需运行端口扫描程序。
SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPSec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module.
SNMPv3之前的SNMP版本未包含足够的安全性。即使网络本身是安全的(例如通过使用IPSec),即使如此,也无法控制安全网络上的谁可以访问和获取/设置(读取/更改/创建/删除)此MIB模块中的对象。
It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy).
建议实施者考虑SNMPv3框架所提供的安全特性(参见[RCFC310],第8节),包括对SNMPv3加密机制的完全支持(用于身份验证和隐私)。
Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them.
此外,不建议部署SNMPv3之前的SNMP版本。相反,建议部署SNMPv3并启用加密安全性。然后,客户/运营商应负责确保授予访问此MIB模块实例权限的SNMP实体已正确配置为仅授予那些拥有确实获取或设置(更改/创建/删除)对象的合法权限的主体(用户)访问对象。
This document is an output of the IPv6 MIB revision team, and contributors to earlier versions of this document include:
本文档是IPv6 MIB修订团队的输出,本文档早期版本的贡献者包括:
Bill Fenner, AT&T Labs -- Research EMail: fenner@research.att.com
比尔·芬纳,AT&T实验室——研究电子邮件:fenner@research.att.com
Brian Haberman EMail: brian@innovationslab.net
Brian Haberman电子邮件:brian@innovationslab.net
Shawn A. Routhier, Wind River EMail: shawn.routhier@windriver.com
Shawn A.Routhier,Wind River电子邮件:Shawn。routhier@windriver.com
Juergen Schoenwalder, TU Braunschweig EMail: schoenw@ibr.cs.tu-bs.de
Juergen Schoenwalder,TU Braunschweig电子邮件:schoenw@ibr.cs.tu-理学士
Dave Thaler, Microsoft EMail: dthaler@windows.microsoft.com
Dave Thaler,Microsoft电子邮件:dthaler@windows.microsoft.com
This document updates parts of the MIBs from several documents. RFC 2012 has been the base document for these updates, and RFC 2452 was the first document to define the managed objects for implementations of TCP over IPv6.
本文档更新了多个文档中的部分MIB。RFC 2012是这些更新的基础文档,RFC 2452是第一个定义通过IPv6实现TCP的托管对象的文档。
RFC 2012:
RFC 2012:
Keith McCloghrie, Cisco Systems (Editor) EMail: kzm@cisco.com
Keith McCloghrie,思科系统(编辑)电子邮件:kzm@cisco.com
RFC 2452:
RFC 2452:
Mike Daniele, Compaq Computer Corporation EMail: daniele@zk3.dec.com
康柏电脑公司Mike Daniele电子邮件:daniele@zk3.dec.com
Editor's Address
编辑地址
Rajiv Raghunarayan Cisco Systems Inc. 170 West Tasman Drive San Jose, CA 95134 USA
Rajiv Raghunarayan思科系统公司,美国加利福尼亚州圣何塞市西塔斯曼大道170号,邮编95134
EMail: raraghun@cisco.com
EMail: raraghun@cisco.com
Full Copyright Statement
完整版权声明
Copyright (C) The Internet Society (2005).
版权所有(C)互联网协会(2005年)。
This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
本文件受BCP 78中包含的权利、许可和限制的约束,除其中规定外,作者保留其所有权利。
This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件及其包含的信息是按“原样”提供的,贡献者、他/她所代表或赞助的组织(如有)、互联网协会和互联网工程任务组不承担任何明示或暗示的担保,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Intellectual Property
知识产权
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何独立努力来确定任何此类权利。有关RFC文件中权利的程序信息,请参见BCP 78和BCP 79。
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
向IETF秘书处披露的知识产权副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果,可从IETF在线知识产权存储库获取,网址为http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.
IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涵盖实施本标准所需技术的专有权利。请将信息发送至IETF的IETF-ipr@ietf.org.
Acknowledgement
确认
Funding for the RFC Editor function is currently provided by the Internet Society.
RFC编辑功能的资金目前由互联网协会提供。