Network Working Group C. DeSanti Request for Comments: 4625 K. McCloghrie Category: Standards Track Cisco Systems S. Kode Consultant S. Gai Retired September 2006
Network Working Group C. DeSanti Request for Comments: 4625 K. McCloghrie Category: Standards Track Cisco Systems S. Kode Consultant S. Gai Retired September 2006
Fibre Channel Routing Information MIB
光纤通道路由信息MIB
Status of This Memo
关于下段备忘
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (2006).
版权所有(C)互联网协会(2006年)。
Abstract
摘要
This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects for information related to routing within a Fibre Channel fabric, which is independent of the usage of a particular routing protocol.
此备忘录定义了管理信息库(MIB)的一部分,用于Internet社区中的网络管理协议。特别是,它描述了与光纤通道结构内的路由相关的信息的托管对象,该结构独立于特定路由协议的使用。
Table of Contents
目录
1. Introduction ....................................................3 2. The Internet-Standard Management Framework ......................3 3. Short Overview of Fibre Channel .................................3 3.1. Introduction ...............................................3 3.2. Routing Protocols ..........................................4 3.3. Virtual Fabrics ............................................4 4. Relationship to Other MIBs ......................................5 5. MIB Overview ....................................................5 5.1. Fibre Channel Management Instance ..........................5 5.2. Switch Index ...............................................6 5.3. Fabric Index ...............................................6 5.4. The t11FcRouteGroup Group ..................................6 5.5. The t11FcRouteTable's INDEX ................................6 6. The T11-FC-ROUTE-MIB Module .....................................7 7. Acknowledgements ...............................................17 8. IANA Considerations ............................................17 9. Security Considerations ........................................17 10. Normative References ..........................................19 11. Informative References ........................................20
1. Introduction ....................................................3 2. The Internet-Standard Management Framework ......................3 3. Short Overview of Fibre Channel .................................3 3.1. Introduction ...............................................3 3.2. Routing Protocols ..........................................4 3.3. Virtual Fabrics ............................................4 4. Relationship to Other MIBs ......................................5 5. MIB Overview ....................................................5 5.1. Fibre Channel Management Instance ..........................5 5.2. Switch Index ...............................................6 5.3. Fabric Index ...............................................6 5.4. The t11FcRouteGroup Group ..................................6 5.5. The t11FcRouteTable's INDEX ................................6 6. The T11-FC-ROUTE-MIB Module .....................................7 7. Acknowledgements ...............................................17 8. IANA Considerations ............................................17 9. Security Considerations ........................................17 10. Normative References ..........................................19 11. Informative References ........................................20
This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects for information related to the Fibre Channel network's Routing Table for routing within a Fabric. Managed objects specific to particular routing protocols, such as the Fabric Shortest Path First (FSPF) protocol [FC-SW-4], are not specified in this MIB module.
此备忘录定义了管理信息库(MIB)的一部分,用于Internet社区中的网络管理协议。特别是,它描述了与光纤通道网络的路由表相关的信息的托管对象,以便在结构内进行路由。此MIB模块中未指定特定于特定路由协议的托管对象,例如结构最短路径优先(FSPF)协议[FC-SW-4]。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119[RFC2119]中所述进行解释。
For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410].
有关描述当前互联网标准管理框架的文件的详细概述,请参阅RFC 3410[RFC3410]第7节。
Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580].
托管对象通过虚拟信息存储(称为管理信息库或MIB)进行访问。MIB对象通常通过简单网络管理协议(SNMP)进行访问。MIB中的对象是使用管理信息结构(SMI)中定义的机制定义的。本备忘录规定了符合SMIv2的MIB模块,如STD 58、RFC 2578[RFC2578]、STD 58、RFC 2579[RFC2579]和STD 58、RFC 2580[RFC2580]所述。
The Fibre Channel (FC) is logically a bidirectional point-to-point serial data channel, structured for high performance. Fibre Channel provides a general transport vehicle for higher-level protocols, such as Small Computer System Interface (SCSI) command sets, the High-Performance Parallel Interface (HIPPI) data framing, IP (Internet Protocol), IEEE 802.2, and others.
The Fibre Channel (FC) is logically a bidirectional point-to-point serial data channel, structured for high performance. Fibre Channel provides a general transport vehicle for higher-level protocols, such as Small Computer System Interface (SCSI) command sets, the High-Performance Parallel Interface (HIPPI) data framing, IP (Internet Protocol), IEEE 802.2, and others.translate error, please retry
Physically, Fibre Channel is an interconnection of multiple communication points, called N_Ports, interconnected either by a switching network, called a Fabric, or by a point-to-point link. A Fibre Channel "node" consists of one or more N_Ports. A Fabric may consist of multiple Interconnect Elements, some of which are switches. An N_Port connects to the Fabric via a port on a switch called an F_Port. When multiple FC nodes are connected to a single port on a switch via an "Arbitrated Loop" topology, the switch port
从物理上讲,光纤通道是多个通信点(称为N_端口)的互连,这些通信点通过交换网络(称为结构)或点到点链路互连。光纤通道“节点”由一个或多个N_端口组成。一个结构可以由多个互连元件组成,其中一些是交换机。N_端口通过交换机上称为F_端口的端口连接到结构。当多个FC节点通过“仲裁环路”拓扑连接到交换机上的单个端口时,交换机端口
is called an FL_Port, and the nodes' ports are called NL_Ports. The term Nx_Port is used to refer to either an N_Port or an NL_Port. The term Fx_Port is used to refer to either an F_Port or an FL_Port. A switch port, which is interconnected to another switch port via an Inter-Switch Link (ISL), is called an E_Port. A B_Port connects a bridge device with an E_Port on a switch; a B_Port provides a subset of E_Port functionality.
称为FL_端口,节点的端口称为NL_端口。术语Nx_端口用于指N_端口或NL_端口。术语Fx_端口用于指F_端口或FL_端口。通过交换机间链路(ISL)与另一个交换机端口互连的交换机端口称为E_端口。B_端口将桥接设备与交换机上的E_端口连接起来;B_端口提供E_端口功能的子集。
Many Fibre Channel components, including the fabric, each node, and most ports, have globally-unique names. These globally-unique names are typically formatted as World Wide Names (WWNs). More information on WWNs can be found in [FC-FS]. WWNs are expected to be persistent across agent and unit resets.
许多光纤通道组件(包括光纤网、每个节点和大多数端口)具有全局唯一的名称。这些全局唯一的名称通常格式化为全球通用名称(WWN)。有关WWN的更多信息,请参见[FC-FS]。WWN预计将在代理和单元重置之间保持不变。
Fibre Channel frames contain 24-bit address identifiers that identify the frame's source and destination ports. Each FC port has both an address identifier and a WWN. When a fabric is in use, the FC address identifiers are dynamic and are assigned by a switch. Each octet of a 24-bit address represents a level in an address hierarchy, a Domain_ID being the highest level of the hierarchy.
光纤通道帧包含24位地址标识符,用于标识帧的源端口和目标端口。每个FC端口都有地址标识符和WWN。在使用结构时,FC地址标识符是动态的,由交换机分配。24位地址的每个八位字节表示地址层次结构中的一个级别,域ID是层次结构的最高级别。
The routing of frames within the Fabric is normally based on the standard routing protocol, called the Fabric Shortest Path First (FSPF) protocol. The operation of FSPF (or of any other routing protocol) allows a switch to generate and maintain its own routing table of how to forward frames it receives; i.e., a table in which to look up the destination address of a received frame in order to determine the best link by which to forward that frame towards its destination.
结构内的帧路由通常基于标准路由协议,称为结构最短路径优先(FSPF)协议。FSPF(或任何其他路由协议)的操作允许交换机生成并维护其自身的路由表,该路由表说明如何转发其接收的帧;i、 例如,一种表,在该表中查找所接收帧的目的地址,以确定向其目的地转发该帧的最佳链路。
The latest standard for an interconnecting Fabric containing multiple Fabric Switch elements is [FC-SW-4] (which replaces the previous revision, [FC-SW-3]). [FC-SW-4] carries forward the existing specification for the operation of a single Fabric in a physical infrastructure, augmenting it with the definition of Virtual Fabrics and with the specification of how multiple Virtual Fabrics can operate within one (or more) physical infrastructures. The use of Virtual Fabrics provides for each frame to be tagged in its header to indicate which one of several Virtual Fabrics that frame is being transmitted on. All frames entering a particular "Core Switch" [FC-SW-4] (i.e., a physical switch) on the same Virtual Fabric are processed by the same "Virtual Switch" within that Core switch.
包含多个结构交换机元件的互连结构的最新标准为[FC-SW-4](取代先前版本[FC-SW-3])。[FC-SW-4]继承了物理基础设施中单个结构操作的现有规范,通过虚拟结构的定义以及多个虚拟结构如何在一个(或多个)物理基础设施中操作的规范对其进行了补充。虚拟结构的使用为每个帧提供了在其标头中标记的功能,以指示该帧在多个虚拟结构中的哪一个上传输。进入同一虚拟结构上特定“核心交换机”[FC-SW-4](即物理交换机)的所有帧都由该核心交换机内的同一“虚拟交换机”处理。
The first standardized MIB for Fibre Channel [RFC2837] was focussed on Fibre Channel switches. It is being replaced by the more generic Fibre Channel Management MIB [FC-MGMT], which defines basic information for Fibre Channel hosts and switches, including extensions to the standard IF-MIB [RFC2863] for Fibre Channel interfaces.
光纤通道的第一个标准化MIB[RFC2837]集中在光纤通道交换机上。它正被更通用的光纤通道管理MIB[FC-MGMT]所取代,它定义了光纤通道主机和交换机的基本信息,包括光纤通道接口标准IF-MIB[RFC2863]的扩展。
This MIB extends beyond [FC-MGMT] to cover the routing of traffic within a Fabric of a Fibre Channel network. The standard routing protocol for Fibre Channel is FSPF [FC-SW-4]. Another MIB [RFC4626] specifies management information specific to FSPF. This MIB contains routing information that is independent of FSPF (i.e., it would still apply even if a routing protocol other than FSPF were in use in the network).
此MIB扩展到[FC-MGMT]之外,以覆盖光纤通道网络结构内的流量路由。光纤通道的标准路由协议是FSPF[FC-SW-4]。另一个MIB[RFC4626]指定特定于FSPF的管理信息。此MIB包含独立于FSPF的路由信息(即,即使网络中使用了FSPF以外的路由协议,它仍将适用)。
This MIB imports some common Textual Conventions from T11-TC-MIB, defined in [RFC4439].
此MIB从[RFC4439]中定义的T11-TC-MIB中导入一些常见的文本约定。
This MIB module provides the means for monitoring the operation of, and configuring some parameters of, one or more instances of the FSPF protocol. (Note that there are no definitions in this MIB module of "managed actions" that can be invoked via SNMP.)
该MIB模块提供监控FSPF协议一个或多个实例的操作和配置其某些参数的方法。(请注意,此MIB模块中没有可通过SNMP调用的“托管操作”定义。)
A Fibre Channel management instance is defined in [FC-MGMT] as a separable managed instance of Fibre Channel functionality. Fibre Channel functionality may be grouped into Fibre Channel management instances in whatever way is most convenient for the implementation(s). For example, one such grouping accommodates a single SNMP agent with multiple AgentX [RFC2741] sub-agents, each sub-agent implementing a different Fibre Channel management instance.
光纤通道管理实例在[FC-MGMT]中定义为光纤通道功能的可分离托管实例。光纤通道功能可以以对实施最方便的方式分组到光纤通道管理实例中。例如,一个这样的分组容纳一个SNMP代理和多个AgentX[RFC2741]子代理,每个子代理实现不同的光纤通道管理实例。
The object, fcmInstanceIndex, is IMPORTed from the FC-MGMT-MIB [FC-MGMT] as the index value that uniquely identifies each Fibre Channel management instance within the same SNMP context ([RFC3411], Section 3.3.1).
对象fcmInstanceIndex作为索引值从FC-MGMT-MIB[FC-MGMT]导入,该索引值唯一标识同一SNMP上下文中的每个光纤通道管理实例([RFC3411],第3.3.1节)。
The FC-MGMT-MIB [FC-MGMT] defines the fcmSwitchTable as a table of information about Fibre Channel switches that are managed by Fibre Channel management instances. Each Fibre Channel management instance can manage one or more Fibre Channel switches. The Switch Index, fcmSwitchIndex, is IMPORTed from the FC-MGMT-MIB as the index value that uniquely identifies a Fibre Channel switch among those (one or more) managed by the same Fibre Channel management instance.
FC-MGMT-MIB[FC-MGMT]将fcmSwitchTable定义为有关由光纤通道管理实例管理的光纤通道交换机的信息表。每个光纤通道管理实例都可以管理一个或多个光纤通道交换机。交换机索引fcmSwitchIndex作为索引值从FC-MGMT-MIB导入,该索引值唯一标识由同一光纤通道管理实例管理的那些(一个或多个)中的光纤通道交换机。
Whether operating on a physical Fabric (i.e., without Virtual Fabrics) or within a Virtual Fabric, the operation of FSPF within a Fabric is identical. Therefore, this MIB defines all Fabric-related information in tables that are INDEX-ed by an arbitrary integer, named a "Fabric Index", the syntax of which is IMPORTed from the T11-TC-MIB. When a device is connected to a single physical Fabric, without use of any virtual Fabrics, the value of this Fabric Index will always be 1. In an environment of multiple virtual and/or physical Fabrics, this index provides a means to distinguish one Fabric from another.
无论是在物理结构(即没有虚拟结构)上还是在虚拟结构内操作,结构内FSPF的操作都是相同的。因此,此MIB在表中定义了所有结构相关信息,这些信息由一个名为“结构索引”的任意整数索引,其语法从T11-TC-MIB导入。当设备连接到单个物理结构而不使用任何虚拟结构时,此结构索引的值将始终为1。在包含多个虚拟和/或物理结构的环境中,此索引提供了一种将一个结构与另一个结构区分开来的方法。
It is quite possible, and may even be likely, that a Fibre Channel switch will have ports connected to multiple virtual and/or physical Fabrics. Thus, in order to simplify a management protocol query concerning all the Fabrics to which a single switch is connected, fcmSwitchIndex will be listed before t11FcRouteFabricIndex when they both appear in the same INDEX clause.
光纤通道交换机很可能(甚至可能)将端口连接到多个虚拟和/或物理结构。因此,为了简化有关单个交换机连接到的所有结构的管理协议查询,当fcmSwitchIndex和T11FCrouteFabriciIndex出现在同一个INDEX子句中时,它们将列在T11FCrouteFabriciIndex之前。
This MIB contains one object group, the t11FcRouteGroup, which contains objects to allow the displaying and the configuring of routes in the Fibre Channel Routing tables for the locally managed switches.
此MIB包含一个对象组t11FcRouteGroup,它包含允许在本地管理交换机的光纤通道路由表中显示和配置路由的对象。
It is normally valuable for a MIB table that contains routes to be ordered such that a management application is able to query the table based on some attribute, without having to read every row in the MIB table. This requires that the rows in the table be ordered according to such attributes, and thus that those attributes be represented by objects included in the table's INDEX clause. Examples of this can be seen in the ipCidrRouteTable [RFC2096] and, more recently, the inetCidrRouteTable in [RFC4292].
对于包含要排序的路由的MIB表来说,它通常很有价值,这样管理应用程序就能够基于某个属性查询该表,而不必读取MIB表中的每一行。这要求表中的行根据这些属性排序,因此这些属性由表的INDEX子句中包含的对象表示。这方面的示例可以在ipCidrRouteTable[RFC2096]中看到,最近,在[RFC4292]中可以看到InetCidErrorOutTable。
While this useful feature results in an unusually large number (ten) of objects in the t11FcRouteTable's INDEX clause, all ten are either integers or strings of 3 (or zero) octet length, so the resulting OIDs are not unusually large. (Specifically, the aggregate number of sub-identifiers to be appended to an OBJECT-TYPE's OID, when naming an instance of an object in the t11FcRouteTable, is at most 22 sub-identifiers; i.e., less than the *minimum* number to be appended for the inetCidrRouteTable table.)
虽然这一有用的特性导致t11FcRouteTable的INDEX子句中的对象数量异常多(十个),但所有十个对象都是整数或长度为3(或零)个八位字节的字符串,因此生成的OID并不异常大。(具体地说,在命名t11FcRouteTable中的对象实例时,要附加到对象类型的OID的子标识符的总数最多为22个子标识符;即,小于inetCidrRouteTable表要附加的*最小*数。)
T11-FC-ROUTE-MIB DEFINITIONS ::= BEGIN
T11-FC-ROUTE-MIB DEFINITIONS ::= BEGIN
IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, mib-2 FROM SNMPv2-SMI -- [RFC2578] MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF -- [RFC2580] RowStatus, TimeStamp, StorageType FROM SNMPv2-TC -- [RFC2579] InterfaceIndex, InterfaceIndexOrZero FROM IF-MIB -- [RFC2863] fcmInstanceIndex, fcmSwitchIndex, FcAddressIdOrZero, FcDomainIdOrZero FROM FC-MGMT-MIB -- [FC-MGMT] T11FabricIndex FROM T11-TC-MIB; -- [RFC4439]
IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, mib-2 FROM SNMPv2-SMI -- [RFC2578] MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF -- [RFC2580] RowStatus, TimeStamp, StorageType FROM SNMPv2-TC -- [RFC2579] InterfaceIndex, InterfaceIndexOrZero FROM IF-MIB -- [RFC2863] fcmInstanceIndex, fcmSwitchIndex, FcAddressIdOrZero, FcDomainIdOrZero FROM FC-MGMT-MIB -- [FC-MGMT] T11FabricIndex FROM T11-TC-MIB; -- [RFC4439]
t11FcRouteMIB MODULE-IDENTITY LAST-UPDATED "200608140000Z" ORGANIZATION "T11" CONTACT-INFO " Claudio DeSanti Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA EMail: cds@cisco.com
T11CROUTEMIB模块标识最后更新的“200608140000Z”组织“T11”联系信息“Claudio DeSanti Cisco Systems,Inc.170 West Tasman Drive San Jose,CA 95134 USA电子邮件:cds@cisco.com
Keith McCloghrie Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA USA 95134 Email: kzm@cisco.com" DESCRIPTION "The MIB module for configuring and displaying Fibre Channel Route Information.
Keith McCloghrie Cisco Systems,Inc.美国加利福尼亚州圣何塞西塔斯曼大道170号95134电子邮件:kzm@cisco.com配置“光纤通道MIB”模块并显示“路由信息”。
Copyright (C) The Internet Society (2006). This version of this MIB module is part of RFC 4625; see the RFC itself for full legal notices." REVISION "200608140000Z"
版权所有(C)互联网协会(2006年)。此版本的MIB模块是RFC 4625的一部分;有关完整的法律通知,请参见RFC本身。“修订版”200608140000Z
DESCRIPTION "Initial version of this MIB module, published as RFC4625."
描述“此MIB模块的初始版本,发布为RFC4625。”
::= {mib-2 144 }
::= {mib-2 144 }
t11FcRouteNotifications OBJECT IDENTIFIER ::= { t11FcRouteMIB 0 } t11FcRouteObjects OBJECT IDENTIFIER ::= { t11FcRouteMIB 1 } t11FcRouteConformance OBJECT IDENTIFIER ::= { t11FcRouteMIB 2 }
t11FcRouteNotifications OBJECT IDENTIFIER ::= { t11FcRouteMIB 0 } t11FcRouteObjects OBJECT IDENTIFIER ::= { t11FcRouteMIB 1 } t11FcRouteConformance OBJECT IDENTIFIER ::= { t11FcRouteMIB 2 }
-- -- Per-Fabric routing information -- t11FcRouteFabricTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcRouteFabricEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table containing Fibre Channel Routing information that is specific to a Fabric." ::= { t11FcRouteObjects 1 }
-- -- Per-Fabric routing information -- t11FcRouteFabricTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcRouteFabricEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The table containing Fibre Channel Routing information that is specific to a Fabric." ::= { t11FcRouteObjects 1 }
t11FcRouteFabricEntry OBJECT-TYPE SYNTAX T11FcRouteFabricEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains routing information specific to a particular Fabric on a particular switch (identified by values of fcmInstanceIndex and fcmSwitchIndex)." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11FcRouteFabricIndex } ::= { t11FcRouteFabricTable 1 }
t11FcRouteFabricEntry OBJECT-TYPE SYNTAX T11FcRouteFabricEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains routing information specific to a particular Fabric on a particular switch (identified by values of fcmInstanceIndex and fcmSwitchIndex)." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11FcRouteFabricIndex } ::= { t11FcRouteFabricTable 1 }
T11FcRouteFabricEntry ::= SEQUENCE { t11FcRouteFabricIndex T11FabricIndex, t11FcRouteFabricLastChange TimeStamp }
T11FcRouteFabricEntry ::= SEQUENCE { t11FcRouteFabricIndex T11FabricIndex, t11FcRouteFabricLastChange TimeStamp }
t11FcRouteFabricIndex OBJECT-TYPE SYNTAX T11FabricIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "A unique index value that uniquely identifies a particular Fabric.
T11FROUTEFABRICINDEX对象类型语法T11FabricIndex MAX-ACCESS不可访问状态当前描述“唯一标识特定结构的唯一索引值。
In a Fabric conformant to FC-SW-3, only a single Fabric
在符合FC-SW-3的结构中,只有一个结构
can operate within a physical infrastructure, and thus the value of this Fabric Index will always be 1.
可以在物理基础结构中运行,因此此结构索引的值始终为1。
In a Fabric conformant to FC-SW-4, multiple Virtual Fabrics can operate within one (or more) physical infrastructures. In such a case, index value is used to uniquely identify a particular Fabric within a physical infrastructure." ::= { t11FcRouteFabricEntry 1 }
In a Fabric conformant to FC-SW-4, multiple Virtual Fabrics can operate within one (or more) physical infrastructures. In such a case, index value is used to uniquely identify a particular Fabric within a physical infrastructure." ::= { t11FcRouteFabricEntry 1 }
t11FcRouteFabricLastChange OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime at the most recent time when any corresponding row in the t11FcRouteTable was created, modified, or deleted. A corresponding row in the t11FcRouteTable is for the same management instance, the same switch, and same Fabric as the row in this table.
T11FROUTEFABRICLASTCHANGE对象类型语法时间戳MAX-ACCESS只读状态当前说明创建、修改或删除t11FcRouteTable中任何对应行时的最新sysUpTime值。t11FcRouteTable中的对应行用于与此表中的行相同的管理实例、相同的交换机和相同的结构。
If no change has occurred since the last restart of the management system, then the value of this object is 0." ::= { t11FcRouteFabricEntry 2 }
If no change has occurred since the last restart of the management system, then the value of this object is 0." ::= { t11FcRouteFabricEntry 2 }
-- -- Fibre Channel Routing table -- t11FcRouteTable OBJECT-TYPE SYNTAX SEQUENCE OF T11FcRouteEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Fibre Channel Routing tables for the locally managed switches. This table lists all the routes that are configured in and/or computed by any local switch for any Fabric.
----光纤通道路由表--t11FcRouteTable T11FcRouteEntry MAX-ACCESS的对象类型语法序列不可访问状态当前描述“本地管理交换机的光纤通道路由表。此表列出了在任何本地交换机中为任何结构配置和/或由任何本地交换机计算的所有路由。
Such routes are used by a switch to forward frames (of user data) on a Fabric. The conceptual process is based on extracting the Destination Fibre Channel Address Identifier (D_ID) out of a received frame (of user data) and comparing it to each entry of this table that is applicable to the given switch and Fabric. Such comparison consists of first performing a logical-AND of the extracted D_ID with a mask (the value of t11FcRouteDestMask) and second comparing the result of that 'AND' operation to the value of t11FcRouteDestAddrId. A similar comparison is made of the Source Fibre Channel Address Identifier (S_ID) of a frame
交换机使用这些路由转发结构上的(用户数据)帧。概念过程基于从(用户数据的)接收帧中提取目标光纤通道地址标识符(D_ID),并将其与此表中适用于给定交换机和结构的每个条目进行比较。这种比较包括首先使用掩码(t11FcRouteDestMask的值)对提取的D_ID执行逻辑“与”,然后将该“与”操作的结果与t11FcRouteDestAddrId的值进行比较。对帧的源光纤通道地址标识符(S_ID)进行类似的比较
against the t11FcRouteSrcAddrId and t11FcRouteSrcMask values of an entry. If an entry's value of t11FcRouteInInterface is non-zero, then a further comparison determines if the frame was received on the appropriate interface. If all of these comparisons for a particular entry are successful, then that entry represents a potential route for forwarding the received frame.
针对条目的T11FCrouteSrcAddressId和t11FcRouteSrcMask值。如果条目的T11FCrouteInTerface值为非零,则进一步比较确定是否在适当的接口上接收到帧。如果对特定条目的所有这些比较都成功,则该条目表示转发接收到的帧的潜在路由。
For entries configured by a user, t11FcRouteProto has the value 'netmgmt'; only entries of this type can be deleted by the user." ::= { t11FcRouteObjects 2 }
For entries configured by a user, t11FcRouteProto has the value 'netmgmt'; only entries of this type can be deleted by the user." ::= { t11FcRouteObjects 2 }
t11FcRouteEntry OBJECT-TYPE SYNTAX T11FcRouteEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains a route to a particular destination, possibly from a particular subset of source addresses, on a particular Fabric via a particular output interface and learned in a particular manner." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11FcRouteFabricIndex, t11FcRouteDestAddrId, t11FcRouteDestMask, t11FcRouteSrcAddrId, t11FcRouteSrcMask, t11FcRouteInInterface, t11FcRouteProto, t11FcRouteOutInterface } ::= { t11FcRouteTable 1 } T11FcRouteEntry ::= SEQUENCE { t11FcRouteDestAddrId FcAddressIdOrZero, t11FcRouteDestMask FcAddressIdOrZero, t11FcRouteSrcAddrId FcAddressIdOrZero, t11FcRouteSrcMask FcAddressIdOrZero, t11FcRouteInInterface InterfaceIndexOrZero, t11FcRouteProto INTEGER, t11FcRouteOutInterface InterfaceIndex, t11FcRouteDomainId FcDomainIdOrZero, t11FcRouteMetric Unsigned32, t11FcRouteType INTEGER, t11FcRouteIfDown INTEGER, t11FcRouteStorageType StorageType, t11FcRouteRowStatus RowStatus }
t11FcRouteEntry OBJECT-TYPE SYNTAX T11FcRouteEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains a route to a particular destination, possibly from a particular subset of source addresses, on a particular Fabric via a particular output interface and learned in a particular manner." INDEX { fcmInstanceIndex, fcmSwitchIndex, t11FcRouteFabricIndex, t11FcRouteDestAddrId, t11FcRouteDestMask, t11FcRouteSrcAddrId, t11FcRouteSrcMask, t11FcRouteInInterface, t11FcRouteProto, t11FcRouteOutInterface } ::= { t11FcRouteTable 1 } T11FcRouteEntry ::= SEQUENCE { t11FcRouteDestAddrId FcAddressIdOrZero, t11FcRouteDestMask FcAddressIdOrZero, t11FcRouteSrcAddrId FcAddressIdOrZero, t11FcRouteSrcMask FcAddressIdOrZero, t11FcRouteInInterface InterfaceIndexOrZero, t11FcRouteProto INTEGER, t11FcRouteOutInterface InterfaceIndex, t11FcRouteDomainId FcDomainIdOrZero, t11FcRouteMetric Unsigned32, t11FcRouteType INTEGER, t11FcRouteIfDown INTEGER, t11FcRouteStorageType StorageType, t11FcRouteRowStatus RowStatus }
t11FcRouteDestAddrId OBJECT-TYPE SYNTAX FcAddressIdOrZero (SIZE (3))
T11FlutedStatAddressId对象类型语法FcAddressIdOrZero(大小(3))
MAX-ACCESS not-accessible STATUS current DESCRIPTION "The destination Fibre Channel Address Identifier of this route. A zero-length string for this field is not allowed." ::= { t11FcRouteEntry 1 }
MAX-ACCESS not-accessible STATUS current DESCRIPTION "The destination Fibre Channel Address Identifier of this route. A zero-length string for this field is not allowed." ::= { t11FcRouteEntry 1 }
t11FcRouteDestMask OBJECT-TYPE SYNTAX FcAddressIdOrZero MAX-ACCESS not-accessible STATUS current DESCRIPTION "The mask to be logical-ANDed with a destination Fibre Channel Address Identifier before it is compared to the value in the t11FcRouteDestAddrId field. Allowed values are 255.255.255, 255.255.0, or 255.0.0. FSPF's definition generates routes to a Domain_ID, so the mask for all FSPF-generated routes is 255.0.0. The zero-length value has the same meaning as 0.0.0." ::= { t11FcRouteEntry 2 }
t11FcRouteDestMask OBJECT-TYPE SYNTAX FcAddressIdOrZero MAX-ACCESS not-accessible STATUS current DESCRIPTION "The mask to be logical-ANDed with a destination Fibre Channel Address Identifier before it is compared to the value in the t11FcRouteDestAddrId field. Allowed values are 255.255.255, 255.255.0, or 255.0.0. FSPF's definition generates routes to a Domain_ID, so the mask for all FSPF-generated routes is 255.0.0. The zero-length value has the same meaning as 0.0.0." ::= { t11FcRouteEntry 2 }
t11FcRouteSrcAddrId OBJECT-TYPE SYNTAX FcAddressIdOrZero MAX-ACCESS not-accessible STATUS current DESCRIPTION "The source Fibre Channel Address Identifier of this route. Note that if this object and the corresponding instance of t11FcRouteSrcMask both have a value of 0.0.0, then this route matches all source addresses. The zero-length value has the same meaning as 0.0.0." ::= { t11FcRouteEntry 3 }
t11FcRouteSrcAddrId OBJECT-TYPE SYNTAX FcAddressIdOrZero MAX-ACCESS not-accessible STATUS current DESCRIPTION "The source Fibre Channel Address Identifier of this route. Note that if this object and the corresponding instance of t11FcRouteSrcMask both have a value of 0.0.0, then this route matches all source addresses. The zero-length value has the same meaning as 0.0.0." ::= { t11FcRouteEntry 3 }
t11FcRouteSrcMask OBJECT-TYPE SYNTAX FcAddressIdOrZero MAX-ACCESS not-accessible STATUS current DESCRIPTION "The mask to be logical-ANDed with a source Fibre Channel Address Identifier before it is compared to the value in the t11FcRouteSrcAddrId field. Allowed values are 255.255.255, 255.255.0, 255.0.0, or 0.0.0. The zero-length value has the same meaning as 0.0.0." ::= { t11FcRouteEntry 4 }
t11FcRouteSrcMask OBJECT-TYPE SYNTAX FcAddressIdOrZero MAX-ACCESS not-accessible STATUS current DESCRIPTION "The mask to be logical-ANDed with a source Fibre Channel Address Identifier before it is compared to the value in the t11FcRouteSrcAddrId field. Allowed values are 255.255.255, 255.255.0, 255.0.0, or 0.0.0. The zero-length value has the same meaning as 0.0.0." ::= { t11FcRouteEntry 4 }
t11FcRouteInInterface OBJECT-TYPE SYNTAX InterfaceIndexOrZero
T11F Croudeinterface对象类型语法接口IndexorZero
MAX-ACCESS not-accessible STATUS current DESCRIPTION "If the value of this object is non-zero, it is the value of ifIndex that identifies the local Fibre Channel interface through which a frame must have been received in order to match with this entry. If the value of this object is zero, the matching does not require that the frame be received on any specific interface." ::= { t11FcRouteEntry 5 }
MAX-ACCESS not-accessible STATUS current DESCRIPTION "If the value of this object is non-zero, it is the value of ifIndex that identifies the local Fibre Channel interface through which a frame must have been received in order to match with this entry. If the value of this object is zero, the matching does not require that the frame be received on any specific interface." ::= { t11FcRouteEntry 5 }
t11FcRouteProto OBJECT-TYPE SYNTAX INTEGER { other(1), local(2), netmgmt(3), fspf(4) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The mechanism via which this route was learned: other(1) - not specified local(2) - local interface netmgmt(3)- static route fspf(4) - Fibre Shortest Path First " ::= { t11FcRouteEntry 6 }
t11FcRouteProto OBJECT-TYPE SYNTAX INTEGER { other(1), local(2), netmgmt(3), fspf(4) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The mechanism via which this route was learned: other(1) - not specified local(2) - local interface netmgmt(3)- static route fspf(4) - Fibre Shortest Path First " ::= { t11FcRouteEntry 6 }
t11FcRouteOutInterface OBJECT-TYPE SYNTAX InterfaceIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of ifIndex that identifies the local Fibre Channel interface through which the next hop of this route is to be reached." ::= { t11FcRouteEntry 7 }
t11FcRouteOutInterface OBJECT-TYPE SYNTAX InterfaceIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of ifIndex that identifies the local Fibre Channel interface through which the next hop of this route is to be reached." ::= { t11FcRouteEntry 7 }
t11FcRouteDomainId OBJECT-TYPE SYNTAX FcDomainIdOrZero MAX-ACCESS read-create STATUS current DESCRIPTION "The domain_ID of next hop switch.
T11CroudeTomainId对象类型语法FcDomainIdOrZero MAX-ACCESS读取创建状态当前描述“下一跳交换机的域ID”。
This object can have a value of zero if the value
如果该值
of t11FcRouteProto is 'local'." ::= { t11FcRouteEntry 8 }
of t11FcRouteProto is 'local'." ::= { t11FcRouteEntry 8 }
t11FcRouteMetric OBJECT-TYPE SYNTAX Unsigned32 (0..65536) MAX-ACCESS read-create STATUS current DESCRIPTION "The routing metric for this route.
t11FcRouteMetric对象类型语法Unsigned32(0..65536)MAX-ACCESS read create STATUS current DESCRIPTION“此路由的路由度量。
The use of this object is dependent on t11FcRouteProto." ::= { t11FcRouteEntry 9 }
The use of this object is dependent on t11FcRouteProto." ::= { t11FcRouteEntry 9 }
t11FcRouteType OBJECT-TYPE SYNTAX INTEGER { local(1), remote(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The type of route.
t11FcRouteType OBJECT-TYPE SYNTAX INTEGER { local(1), remote(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The type of route.
local(1) - a route for which the next Fibre Channel port is the final destination; remote(2) - a route for which the next Fibre Channel port is not the final destination." DEFVAL {local} ::= { t11FcRouteEntry 10 }
local(1) - a route for which the next Fibre Channel port is the final destination; remote(2) - a route for which the next Fibre Channel port is not the final destination." DEFVAL {local} ::= { t11FcRouteEntry 10 }
t11FcRouteIfDown OBJECT-TYPE SYNTAX INTEGER { remove(1), retain(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object indicates what happens to this route when the output interface (given by the corresponding value of t11FcRouteOutInterface) is operationally 'down'. If this object's value is 'retain', the route is to be retained in this table. If this object's value is 'remove', the route is to be removed from this table." DEFVAL { retain } ::= { t11FcRouteEntry 11 }
t11FcRouteIfDown OBJECT-TYPE SYNTAX INTEGER { remove(1), retain(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The value of this object indicates what happens to this route when the output interface (given by the corresponding value of t11FcRouteOutInterface) is operationally 'down'. If this object's value is 'retain', the route is to be retained in this table. If this object's value is 'remove', the route is to be removed from this table." DEFVAL { retain } ::= { t11FcRouteEntry 11 }
t11FcRouteStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for this conceptual row. Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row." DEFVAL { nonVolatile } ::= { t11FcRouteEntry 12 }
t11FcRouteStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for this conceptual row. Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row." DEFVAL { nonVolatile } ::= { t11FcRouteEntry 12 }
t11FcRouteRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this conceptual row. The only rows that can be deleted by setting this object to 'destroy' are those for which t11FcRouteProto has the value 'netmgmt'." ::= { t11FcRouteEntry 13 }
t11FcRouteRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this conceptual row. The only rows that can be deleted by setting this object to 'destroy' are those for which t11FcRouteProto has the value 'netmgmt'." ::= { t11FcRouteEntry 13 }
-- -- Conformance -- t11FcRouteCompliances OBJECT IDENTIFIER ::= { t11FcRouteConformance 1 } t11FcRouteGroups OBJECT IDENTIFIER ::= { t11FcRouteConformance 2 }
-- -- Conformance -- t11FcRouteCompliances OBJECT IDENTIFIER ::= { t11FcRouteConformance 1 } t11FcRouteGroups OBJECT IDENTIFIER ::= { t11FcRouteConformance 2 }
t11FcRouteCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities that implement the T11-FC-ROUTE-MIB. -- -- Note: The next four OBJECT clauses are for auxiliary objects, and the -- SMIv2 does not permit inclusion of objects that are not accessible -- in an OBJECT clause (see Sections 3.1 & 5.4.3 in STD 58, RFC 2580). -- Thus, these four clauses cannot be included below in the normal -- location for OBJECT clauses. -- -- OBJECT t11FcRouteSrcAddrId -- SYNTAX FcAddressIdOrZero (SIZE (0)) -- DESCRIPTION -- 'Support is not required for routes that -- match only a subset of possible source
t11FcRouteCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities that implement the T11-FC-ROUTE-MIB. -- -- Note: The next four OBJECT clauses are for auxiliary objects, and the -- SMIv2 does not permit inclusion of objects that are not accessible -- in an OBJECT clause (see Sections 3.1 & 5.4.3 in STD 58, RFC 2580). -- Thus, these four clauses cannot be included below in the normal -- location for OBJECT clauses. -- -- OBJECT t11FcRouteSrcAddrId -- SYNTAX FcAddressIdOrZero (SIZE (0)) -- DESCRIPTION -- 'Support is not required for routes that -- match only a subset of possible source
-- addresses.' -- -- OBJECT t11FcRouteSrcMask -- SYNTAX FcAddressIdOrZero (SIZE (0)) -- DESCRIPTION -- 'Support is not required for routes that -- match only a subset of possible source -- addresses.' -- -- OBJECT t11FcRouteDestMask -- DESCRIPTION -- 'Support is mandatory only for FSPF-generated -- routes. Since FSPF's definition generates -- routes to a Domain_ID, the mask for all -- FSPF-generated routes is 255.0.0. Thus, -- support is only required for 255.0.0.' -- -- OBJECT t11FcRouteInInterface -- SYNTAX InterfaceIndexOrZero (0) -- DESCRIPTION -- 'Support for routes specific to particular -- source interfaces is not required.' "
-- addresses.' -- -- OBJECT t11FcRouteSrcMask -- SYNTAX FcAddressIdOrZero (SIZE (0)) -- DESCRIPTION -- 'Support is not required for routes that -- match only a subset of possible source -- addresses.' -- -- OBJECT t11FcRouteDestMask -- DESCRIPTION -- 'Support is mandatory only for FSPF-generated -- routes. Since FSPF's definition generates -- routes to a Domain_ID, the mask for all -- FSPF-generated routes is 255.0.0. Thus, -- support is only required for 255.0.0.' -- -- OBJECT t11FcRouteInInterface -- SYNTAX InterfaceIndexOrZero (0) -- DESCRIPTION -- 'Support for routes specific to particular -- source interfaces is not required.' "
MODULE -- this module MANDATORY-GROUPS { t11FcRouteGroup }
MODULE——此模块为强制组{t11FcRouteGroup}
OBJECT t11FcRouteIfDown MIN-ACCESS read-only DESCRIPTION "Write access is not required."
对象t11FcRouteIfDown最小访问只读描述“不需要写访问。”
OBJECT t11FcRouteDomainId MIN-ACCESS read-only DESCRIPTION "Write access is not required."
对象t11FcRouteDomainId最小访问只读描述“不需要写访问。”
OBJECT t11FcRouteMetric MIN-ACCESS read-only DESCRIPTION "Write access is not required."
对象t11FcRouteMetric最小访问只读描述“不需要写访问。”
OBJECT t11FcRouteType MIN-ACCESS read-only DESCRIPTION "Write access is not required."
对象t11FcRouteType MIN-ACCESS只读说明“不需要写访问权限。”
OBJECT t11FcRouteStorageType
对象T11F CroudTestOrageType
MIN-ACCESS read-only DESCRIPTION "Write access is not required."
MIN-ACCESS只读说明“不需要写访问。”
OBJECT t11FcRouteRowStatus SYNTAX INTEGER { active(1) } MIN-ACCESS read-only DESCRIPTION "Write access is not required."
对象t11FcRouteRowStatus语法整数{active(1)}MIN-ACCESS只读说明“不需要写访问。”
::= { t11FcRouteCompliances 1 } t11FcRouteGroup OBJECT-GROUP OBJECTS { t11FcRouteFabricLastChange, t11FcRouteDomainId, t11FcRouteMetric, t11FcRouteType, t11FcRouteIfDown, t11FcRouteStorageType, t11FcRouteRowStatus } STATUS current DESCRIPTION "A collection of objects for displaying and configuring routes." ::= { t11FcRouteGroups 1 }
::= { t11FcRouteCompliances 1 } t11FcRouteGroup OBJECT-GROUP OBJECTS { t11FcRouteFabricLastChange, t11FcRouteDomainId, t11FcRouteMetric, t11FcRouteType, t11FcRouteIfDown, t11FcRouteStorageType, t11FcRouteRowStatus } STATUS current DESCRIPTION "A collection of objects for displaying and configuring routes." ::= { t11FcRouteGroups 1 }
END
终止
This document was originally developed and approved by the INCITS Task Group T11.5 (http://www.t11.org) as the SM-RTM project. We wish to acknowledge the contributions and comments from the INCITS Technical Committee T11, including the following:
本文件最初由INCITS任务组T11.5编制和批准(http://www.t11.org)作为SM-RTM项目。我们希望感谢INCITS技术委员会T11的贡献和评论,包括以下内容:
T11 Chair: Robert Snively, Brocade T11 Vice Chair: Claudio DeSanti, Cisco Systems T11.5 Chair: Roger Cummings, Symantec T11.5 members, especially: Ken Hirata, Emulex Scott Kipp, McData Elizabeth G. Rodriguez, Dot Hill
T11主席:Robert Snifly,Brocade T11副主席:Claudio DeSanti,思科系统T11.5主席:罗杰·卡明斯,赛门铁克T11.5成员,特别是肯·平田,Emulex Scott Kipp,McData伊丽莎白G.罗德里格斯,多特·希尔
The document was subsequently approved by the IETF's IMSS Working Group, chaired by David Black (EMC Corporation). We also wish to acknowledge Bert Wijnen (Lucent Technologies), the IETF Area Director, for his review of the document.
该文件随后由IETF的IMSS工作组批准,该工作组由David Black(EMC公司)担任主席。我们还要感谢IETF区域总监Bert Wijnen(朗讯科技)对本文件的审阅。
The IANA has assigned a MIB OID for the T11-FC-ROUTE-MIB module under the appropriate subtree.
IANA已在相应子树下为T11-FC-ROUTE-MIB模块分配了MIB OID。
There are several management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. These objects and their sensitivity/vulnerability are:
此MIB模块中定义了多个管理对象,其MAX-ACCESS子句为read-write和/或read create。在某些网络环境中,此类对象可能被视为敏感或易受攻击。在没有适当保护的非安全环境中支持SET操作可能会对网络操作产生负面影响。这些对象及其敏感性/脆弱性包括:
t11FcRouteDomainId, t11FcRouteMetric, t11FcRouteType, t11FcRouteIfDown, t11FcRouteRowStatus -- configure new routes and/or modify existing routes.
t11FcRouteDomainId、t11FcRouteMetric、t11FcRouteType、t11FcRouteIfDown、t11FcRouteRowStatus—配置新路由和/或修改现有路由。
Such objects may be considered sensitive or vulnerable in some network environments. For example, the ability to change network topology or network speed may afford an attacker the ability to obtain better performance at the expense of other network users. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations.
在某些网络环境中,此类对象可能被视为敏感或易受攻击。例如,更改网络拓扑或网络速度的能力可能使攻击者能够以牺牲其他网络用户为代价获得更好的性能。在没有适当保护的非安全环境中支持SET操作可能会对网络操作产生负面影响。
Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. The objects and their sensitivity/vulnerability are: the write-able objects listed above plus one other:
在某些网络环境中,此MIB模块中的某些可读对象(即具有MAX-ACCESS而非not ACCESS的对象)可能被视为敏感或易受攻击。因此,在通过SNMP通过网络发送这些对象时,控制甚至获取和/或通知对这些对象的访问,甚至可能加密这些对象的值,这一点非常重要。对象及其敏感度/漏洞为:上面列出的可写对象加上一个:
t11FcRouteLastChangeTime -- the time of the last routing table change.
T11FCroutellastChangeTime—上次路由表更改的时间。
SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPSec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module.
SNMPv3之前的SNMP版本未包含足够的安全性。即使网络本身是安全的(例如通过使用IPSec),即使如此,也无法控制安全网络上的谁可以访问和获取/设置(读取/更改/创建/删除)此MIB模块中的对象。
It is RECOMMENDED that implementors consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy).
建议执行者考虑SNMPv3框架所提供的安全特性(参见[RCFC310],第8节),包括对SNMPv3加密机制的完全支持(用于身份验证和隐私)。
Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them.
此外,不建议部署SNMPv3之前的SNMP版本。相反,建议部署SNMPv3并启用加密安全性。然后,客户/运营商应负责确保授予访问此MIB模块实例权限的SNMP实体已正确配置为仅授予那些拥有确实获取或设置(更改/创建/删除)对象的合法权限的主体(用户)访问对象。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.
[RFC2578]McCloghrie,K.,Perkins,D.,Schoenwaeld,J.,Case,J.,Rose,M.,和S.Waldbusser,“管理信息的结构版本2(SMIv2)”,STD 58,RFC 2578,1999年4月。
[RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999.
[RFC2579]McCloghrie,K.,Perkins,D.,Schoenwaeld,J.,Case,J.,Rose,M.,和S.Waldbusser,“SMIv2的文本约定”,STD 58,RFC 2579,1999年4月。
[RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999.
[RFC2580]McCloghrie,K.,Perkins,D.,Schoenwaeld,J.,Case,J.,Rose,M.,和S.Waldbusser,“SMIv2的一致性声明”,STD 58,RFC 25801999年4月。
[RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB", RFC 2863, June 2000.
[RFC2863]McCloghrie,K.和F.Kastenholz,“接口组MIB”,RFC 28632000年6月。
[RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks", STD 62, RFC 3411, December 2002.
[RFC3411]Harrington,D.,Presohn,R.,和B.Wijnen,“描述简单网络管理协议(SNMP)管理框架的体系结构”,STD 62,RFC 3411,2002年12月。
[RFC4439] DeSanti, C., Gaonkar, V., McCloghrie, K., and S. Gai, "Fibre Channel Fabric Address Manager MIB", RFC 4439, March 2006.
[RFC4439]DeSanti,C.,Gaonkar,V.,McCloghrie,K.,和S.Gai,“光纤通道结构地址管理器MIB”,RFC 4439,2006年3月。
[RFC4626] DeSanti, C., Gaonkar, V., McCloghrie, K., and S. Gai, "MIB for Fibre Channel's Fabric Shortest Path First (FSPF) Protocol", RFC 4626, September 2006.
[RFC4626]DeSanti,C.,Gaonkar,V.,McCloghrie,K.,和S.Gai,“光纤通道结构最短路径优先(FSPF)协议的MIB”,RFC 46262006年9月。
[FC-FS] "Fibre Channel - Framing and Signaling (FC-FS)", ANSI INCITS 373-2003, April 2003.
[FC-FS]“光纤通道-帧和信令(FC-FS)”,ANSI INCITS 373-2003,2003年4月。
[FC-SW-3] "Fibre Channel - Switch Fabric - 3 (FC-SW-3)", ANSI INCITS 384-2004, 2004.
[FC-SW-3]“光纤通道-交换机结构-3(FC-SW-3)”,ANSI INCITS 384-2004,2004年。
[FC-SW-4] "Fibre Channel - Switch Fabric - 4 (FC-SW-4)", ANSI INCITS 418-2006, 2006.
[FC-SW-4]“光纤通道-交换机结构-4(FC-SW-4)”,ANSI INCITS 418-2006,2006年。
[FC-MGMT] McCloghrie, K., "Fibre Channel Management MIB", RFC 4044, May 2005.
[FC-MGMT]McCloghrie,K.,“光纤通道管理MIB”,RFC 4044,2005年5月。
[RFC2096] Baker, F., "IP Forwarding Table MIB", RFC 2096, January 1997.
[RFC2096]Baker,F.,“IP转发表MIB”,RFC 2096,1997年1月。
[RFC2741] Daniele, M., Wijnen, B., Ellison, M., and D. Francisco, "Agent Extensibility (AgentX) Protocol Version 1", RFC 2741, January 2000.
[RFC2741]Daniele,M.,Wijnen,B.,Ellison,M.,和D.Francisco,“代理可扩展性(AgentX)协议版本1”,RFC 27412000年1月。
[RFC2837] Teow, K., "Definitions of Managed Objects for the Fabric Element in Fibre Channel Standard", RFC 2837, May 2000.
[RFC2837]Teow,K.,“光纤通道标准中结构元素的托管对象定义”,RFC 2837,2000年5月。
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet-Standard Management Framework", RFC 3410, December 2002.
[RFC3410]Case,J.,Mundy,R.,Partain,D.,和B.Stewart,“互联网标准管理框架的介绍和适用性声明”,RFC 34102002年12月。
[RFC4292] Haberman, B., "IP Forwarding Table MIB", RFC 4292, April 2006.
[RFC4292]Haberman,B.,“IP转发表MIB”,RFC 42922006年4月。
Authors' Addresses
作者地址
Claudio DeSanti Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA
Claudio DeSanti Cisco Systems,Inc.美国加利福尼亚州圣何塞西塔斯曼大道170号,邮编95134
Phone: +1 408 853-9172 EMail: cds@cisco.com
Phone: +1 408 853-9172 EMail: cds@cisco.com
Srini Kode Consultant
斯里尼科德顾问公司
Phone: 408-348-5343 EMail: srinikode@yahoo.com
电话:408-348-5343电子邮件:srinikode@yahoo.com
Keith McCloghrie Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA USA 95134
Keith McCloghrie Cisco Systems,Inc.美国加利福尼亚州圣何塞西塔斯曼大道170号,邮编95134
Phone: +1 408-526-5260 EMail: kzm@cisco.com
Phone: +1 408-526-5260 EMail: kzm@cisco.com
Silvano Gai Retired
西尔瓦诺·盖退休了
Full Copyright Statement
完整版权声明
Copyright (C) The Internet Society (2006).
版权所有(C)互联网协会(2006年)。
This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
本文件受BCP 78中包含的权利、许可和限制的约束,除其中规定外,作者保留其所有权利。
This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件及其包含的信息是按“原样”提供的,贡献者、他/她所代表或赞助的组织(如有)、互联网协会和互联网工程任务组不承担任何明示或暗示的担保,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Intellectual Property
知识产权
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何独立努力来确定任何此类权利。有关RFC文件中权利的程序信息,请参见BCP 78和BCP 79。
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
向IETF秘书处披露的知识产权副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果,可从IETF在线知识产权存储库获取,网址为http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.
IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涵盖实施本标准所需技术的专有权利。请将信息发送至IETF的IETF-ipr@ietf.org.
Acknowledgement
确认
Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA).
RFC编辑器功能的资金由IETF行政支持活动(IASA)提供。