Network Working Group G. Renker Request for Comments: 5097 G. Fairhurst Category: Standards Track University of Aberdeen January 2008
Network Working Group G. Renker Request for Comments: 5097 G. Fairhurst Category: Standards Track University of Aberdeen January 2008
MIB for the UDP-Lite Protocol
UDP Lite协议的MIB
Status of This Memo
关于下段备忘
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。
Abstract
摘要
This document specifies a Management Information Base (MIB) module for the Lightweight User Datagram Protocol (UDP-Lite). It defines a set of new MIB objects to characterise the behaviour and performance of transport layer endpoints deploying UDP-Lite. UDP-Lite resembles UDP, but differs from the semantics of UDP by the addition of a single option. This adds the capability for variable-length data checksum coverage, which can benefit a class of applications that prefer delivery of (partially) corrupted datagram payload data in preference to discarding the datagram.
本文档为轻量级用户数据报协议(UDP Lite)指定了管理信息库(MIB)模块。它定义了一组新的MIB对象,以描述部署UDP Lite的传输层端点的行为和性能。UDP Lite类似于UDP,但与UDP的语义不同之处在于添加了一个选项。这增加了可变长度数据校验和覆盖的功能,这可以使一类应用程序受益,这些应用程序更喜欢交付(部分)损坏的数据报有效负载数据,而不是丢弃数据报。
Table of Contents
目录
1. Introduction ....................................................2 1.1. Relationship to the UDP-MIB ................................2 1.2. Relationship to HOST-RESOURCES-MIB and SYSAPPL-MIB .........4 1.3. Interpretation of the MIB Variables ........................5 1.4. Conventions ................................................8 2. The Internet-Standard Management Framework ......................8 3. Definitions .....................................................8 4. Security Considerations ........................................19 5. IANA Considerations ............................................20 6. Acknowledgments ................................................20 7. References .....................................................20 7.1. Normative References ......................................20 7.2. Informative References ....................................21
1. Introduction ....................................................2 1.1. Relationship to the UDP-MIB ................................2 1.2. Relationship to HOST-RESOURCES-MIB and SYSAPPL-MIB .........4 1.3. Interpretation of the MIB Variables ........................5 1.4. Conventions ................................................8 2. The Internet-Standard Management Framework ......................8 3. Definitions .....................................................8 4. Security Considerations ........................................19 5. IANA Considerations ............................................20 6. Acknowledgments ................................................20 7. References .....................................................20 7.1. Normative References ......................................20 7.2. Informative References ....................................21
The Lightweight User Datagram Protocol (UDP-Lite) [RFC3828] (also known as UDPLite) is an IETF standards-track transport protocol. The operation of UDP-Lite is similar to the User Datagram Protocol (UDP) [RFC768], but can also serve applications in error-prone network environments that prefer to have partially damaged payloads delivered rather than discarded. This is achieved by changing the semantics of the UDP Length field to that of a Checksum Coverage field. If this feature is not used, UDP-Lite is semantically identical to UDP.
轻量级用户数据报协议(UDP Lite)[RFC3828](也称为UDPLite)是一种IETF标准轨道传输协议。UDP Lite的操作与用户数据报协议(UDP)[RFC768]类似,但也可以为容易出错的网络环境中的应用程序提供服务,这些网络环境中的应用程序更愿意交付部分损坏的有效负载,而不是丢弃。这是通过将UDP长度字段的语义更改为校验和覆盖率字段的语义来实现的。如果未使用此功能,UDP Lite在语义上与UDP相同。
The interface of UDP-Lite differs from that of UDP by the addition of a single option, which communicates a length value. At the sender this specifies the intended datagram checksum coverage; at the receiver it signifies a minimum coverage threshold for incoming datagrams. This length value may also be modified during the lifetime of a connection. UDP-Lite does not provide mechanisms to negotiate the checksum coverage between the sender and receiver. Where required, this needs to be communicated by another protocol. The Datagram Congestion Control Protocol (DCCP) [RFC4340] for instance includes a capability to negotiate checksum coverage values.
UDP Lite的接口与UDP的不同之处在于增加了一个选项,该选项传递一个长度值。在发送方,这指定了预期的数据报校验和覆盖范围;在接收器处,它表示传入数据报的最小覆盖阈值。此长度值也可以在连接的生存期内修改。UDP Lite不提供在发送方和接收方之间协商校验和覆盖率的机制。如果需要,这需要通过另一个协议进行通信。例如,数据报拥塞控制协议(DCCP)[RFC4340]包括协商校验和覆盖值的能力。
This document defines a set of runtime statistics (variables) that facilitate network management/monitoring as well as unified comparisons between different protocol implementations and operating environments. To provide a common interface for users and implementors of UDP-Lite modules, the definitions of these runtime statistics are provided as a MIB module using the SMIv2 format [RFC2578].
本文档定义了一组运行时统计数据(变量),以便于网络管理/监视以及不同协议实现和操作环境之间的统一比较。为了为UDP Lite模块的用户和实现者提供公共接口,这些运行时统计信息的定义作为MIB模块提供,使用SMIv2格式[RFC2578]。
The similarities between UDP and UDP-Lite suggest that the MIB module for UDP-Lite should resemble that of UDP [RFC4113], with extensions corresponding to the additional capabilities of UDP-Lite. The UDP-Lite MIB module is placed beneath the mib-2 subtree, adhering to the familiar structure of the UDP-MIB module to ease integration.
UDP和UDP Lite之间的相似性表明,UDP Lite的MIB模块应该类似于UDP[RFC4113],其扩展对应于UDP Lite的附加功能。UDP Lite MIB模块位于MIB-2子树下,遵循熟悉的UDP-MIB模块结构,以便于集成。
In particular, these well-known basic counters are supported:
特别是,支持这些众所周知的基本计数器:
o InDatagrams
o 索引图
o NoPorts
o 不运动
o InErrors
o 错误
o OutDatagrams
o 输出数据报
The following read-only variables have been added to the basic structure used in the UDP-MIB module:
以下只读变量已添加到UDP-MIB模块中使用的基本结构中:
InPartialCov: The number of received datagrams, with a valid format and checksum, whose checksum coverage is strictly less than the datagram length.
InPartialCov:接收的数据报的数量,具有有效的格式和校验和,其校验和覆盖率严格小于数据报长度。
InBadChecksum: The number of received datagrams with an invalid checksum (i.e., where the receiver-recalculated UDP-Lite checksum does not match that in the Checksum field). Unlike NoPorts, this error type also counts as InErrors.
InBadChecksum:接收到的校验和无效的数据报数(即,接收器重新计算的UDP Lite校验和与校验和字段中的不匹配)。与NoPorts不同,此错误类型也算作错误。
OutPartialCov: The number of sent datagrams with a valid format and checksum whose checksum coverage is strictly less than the datagram length.
OutpartalCov:具有有效格式且校验和覆盖率严格小于数据报长度的已发送数据报的数量。
All non-error counters used in this document are 64-bit counters. This is a departure from UDP, which traditionally used 32-bit counters and mandates 64-bit counters only on fast networks [RFC4113]. This choice is justified by the fact that UDP-Lite is a more recent protocol, and that network speeds continue to grow.
本文档中使用的所有非错误计数器都是64位计数器。这与UDP不同,UDP传统上使用32位计数器,仅在快速网络上强制使用64位计数器[RFC4113]。UDP Lite是一种较新的协议,并且网络速度不断增长,这一事实证明了这种选择的合理性。
Another difference from the UDP MIB module is that the UDP-Lite MIB module does not support an IPv4-only listener table. This feature was present only for compatibility reasons and is superseded by the more informative endpoint table. Two columnar objects have been added to this table:
UDP MIB模块的另一个不同之处是,UDP Lite MIB模块不支持仅IPv4侦听器表。此功能仅出于兼容性原因而提供,并由信息更丰富的端点表取代。此表中添加了两个列对象:
udpliteEndpointMinCoverage: The minimum acceptable receiver checksum coverage length [RFC3828]. This value may be manipulated by the application attached to the receiving endpoint.
udpliteEndpointMinCoverage:可接受的最小接收机校验和覆盖长度[RFC3828]。该值可由连接到接收端点的应用程序操纵。
udpliteEndpointViolCoverage: This object is optional and counts the number of valid datagrams with a checksum coverage value less than the corresponding value of udpliteEndpointMinCoverage. Although being otherwise valid, such datagrams are discarded rather than passed to the application. This object thus serves to separate cases of violated coverage from other InErrors.
UdpliteEndPointViolCollege:此对象是可选的,它统计校验和覆盖率值小于相应udpliteEndpointMinCoverage值的有效数据报数。尽管这些数据报在其他方面是有效的,但它们被丢弃,而不是传递给应用程序。因此,该对象用于将违反覆盖范围的情况与其他错误区分开来。
The second entry is not required to manage the transport protocol and hence is not mandatory. It may be implemented to assist in debugging application design and configuration.
第二个条目不是管理传输协议所必需的,因此不是强制性的。它的实现可以帮助调试应用程序设计和配置。
The UDP-Lite MIB module also provides a discontinuity object to help determine whether one or more of its counters experienced a discontinuity event. This is an event, other than re-initialising the management system, that invalidates the management entity's understanding of the counter values.
UDP Lite MIB模块还提供一个中断对象,以帮助确定其一个或多个计数器是否发生中断事件。除重新初始化管理系统外,这是一个使管理实体对计数器值的理解无效的事件。
For example, if UDP-Lite is implemented as a loadable operating system module, a module load or unload would produce a discontinuity. By querying the value of udpliteStatsDiscontinuityTime, a management entity can determine whether or not a discontinuity event has occurred.
例如,如果UDP Lite实现为可加载的操作系统模块,则模块加载或卸载将产生不连续性。通过查询UDPLITESTATSINTERNACTYTIME的值,管理实体可以确定是否发生了不连续事件。
The UDP-Lite endpoint table contains one columnar object, udpliteEndpointProcess, reporting a unique value that identifies a distinct piece of software associated with this endpoint. (When more than one piece of software is associated with this endpoint, a representative is chosen, so that consecutive queries consistently refer to the same identifier. The reported value is then consistent, as long as the representative piece of software is running and still associated with the endpoint.)
UDP Lite端点表包含一个列式对象udpliteEndpointProcess,它报告一个唯一的值,该值标识与此端点关联的不同软件。(当多个软件与此端点关联时,将选择一个代表,以便连续查询一致地引用同一标识符。只要代表性软件正在运行且仍与端点关联,则报告的值将保持一致。)
The value of udpliteEndpointProcess is reported as an Unsigned32, and it shares with the hrSWRunIndex of the HOST-RESOURCES-MIB [RFC2790] and the sysApplElmtRunIndex of the SYSAPPL-MIB [RFC2287] the requirement that, wherever possible, this should be the native and unique identification number employed by the system.
udpliteEndpointProcess的值报告为Unsigned32,它与HOST-RESOURCES-MIB[RFC2790]的hrSWRunIndex和SYSAPPL-MIB[RFC2287]的sysApplElmtRunIndex共享一个要求,即在可能的情况下,这应该是系统使用的本机唯一标识号。
If the SYSAPPL-MIB module is available, the value of udpliteEndpointProcess should correspond to the appropriate value of sysApplElmtRunIndex. If not available, an alternative should be used (e.g., the hrSWRunIndex of the HOST-RESOURCES-MIB module).
如果SYSAPPL-MIB模块可用,udpliteEndpointProcess的值应与sysApplElmtRunIndex的相应值相对应。如果不可用,则应使用替代方法(例如,HOST-RESOURCES-MIB模块的hrSWRunIndex)。
Figure 1 shows an informal survey of the packet processing path, with reference to counter names in parentheses.
图1显示了对数据包处理路径的非正式调查,参考括号中的计数器名称。
Received UDP-Lite Datagrams | | +- Full Coverage ---------------------+-> Deliver | | | +- Valid Header--+ +- >= Rec. Coverage --+ | (InDatagrams) | | | +- Partial -----+ | (InPartialCov) | | +- < Rec. Coverage --+ | (EndpointViolCoverage) | | | | | +- Header Error ---+ | | | | +- Checksum Error -+-----------------------------------+-> Discard | (InBadChecksum) (InErrors) | +- Port Error -------------------------------------------> Discard (NoPorts)
Received UDP-Lite Datagrams | | +- Full Coverage ---------------------+-> Deliver | | | +- Valid Header--+ +- >= Rec. Coverage --+ | (InDatagrams) | | | +- Partial -----+ | (InPartialCov) | | +- < Rec. Coverage --+ | (EndpointViolCoverage) | | | | | +- Header Error ---+ | | | | +- Checksum Error -+-----------------------------------+-> Discard | (InBadChecksum) (InErrors) | +- Port Error -------------------------------------------> Discard (NoPorts)
Figure 1: UDP-Lite Input Processing Path
图1:UDP Lite输入处理路径
A platform-independent test of the UDP-Lite implementations in two connected end hosts may be performed as follows.
两个连接的终端主机中的UDP Lite实现的独立于平台的测试可按如下方式执行。
On the sending side, OutDatagrams and OutPartialCov are observed. The ratio OutPartialCov/OutDatagrams describes the fraction (between 0 and 1) of datagrams using partial checksum coverage.
在发送端,观察到OutDatagrams和OutpartalCov。OutPartialCov/OutDatagrams比率描述了使用部分校验和覆盖率的数据报分数(介于0和1之间)。
On the receiving side, InDatagrams, InPartialCov, and InErrors are monitored. If datagrams are received from the given sender, InErrors is close to zero, and InPartialCov is zero, no partial coverage is employed. If no datagrams are received and InErrors increases proportionally with the sending rate, a configuration error is likely (a wrong value of receiver minimum checksum coverage).
在接收端,对InDatagrams、InPartialCov和InErrors进行监控。如果从给定的发送方接收到数据报,则误差接近于零,InPartialCov为零,则不采用部分覆盖。如果未接收到数据报,且误差随发送速率成比例增加,则可能出现配置错误(接收器最小校验和覆盖率的错误值)。
The InBadChecksum counter reflects errors that may persist following end-host processing, router processing, or link processing (this includes illegal coverage values as defined in [RFC3828], since checksum and checksum coverage are mutually interdependent). In particular, InBadChecksum can serve as an indicator of the residual
InBadChecksum计数器反映在终端主机处理、路由器处理或链路处理之后可能持续存在的错误(这包括[RFC3828]中定义的非法覆盖率值,因为校验和和校验和覆盖率是相互依存的)。特别是,InBadChecksum可以作为残差的指示器
link bit error rate: on links with higher bit error rates, a lower value of the checksum coverage may help to reduce the values of both InErrors and InBadChecksum. By observing these values and adapting the configuration, a setting may then be found that is more adapted to the specific type of link, and the type of payload. In particular, a reduction in the number of discarded datagrams (InErrors), may indicate an improved performance.
链路误码率:在误码率较高的链路上,较低的校验和覆盖率值可能有助于降低InErrors和InBadChecksum的值。通过观察这些值并调整配置,可以找到更适合特定链路类型和有效负载类型的设置。具体而言,丢弃数据报(错误)数量的减少可能表明性能得到改善。
The above statistics are elementary and can be used to derive the following information:
上述统计数据是基本的,可用于得出以下信息:
o The total number of incoming datagrams is InDatagrams + InErrors + NoPorts.
o 传入数据报的总数为InDatagrams+InErrors+NoPorts。
o The number of InErrors that were discarded due to problems other than a bad checksum is InErrors - InBadChecksum.
o 由于错误校验和以外的问题而丢弃的错误数为InErrors-InBadChecksum。
o The number of InDatagrams that have full coverage is InDatagrams - InPartialCov.
o 完全覆盖的InDatagrams的数量为InDatagrams-InPartialCov。
o The number of OutDatagrams that have full coverage is OutDatagrams - OutPartialCov.
o 完全覆盖的OutDatagrams的数量为OutDatagrams-OutpartalCov。
The following Case diagram [CASE] summarises the relationships between the counters on the input processing path.
下面的案例图[Case]总结了输入处理路径上计数器之间的关系。
Transport Layer Interface ------------------------------------------------------------- /\ || ----------------------------- InDatagrams || ^ || | || | ||----------------------> InPartialCov || | || | || v || EndpointViolCoverage || | NoPorts <--------|| | || | ||------> InBadChecksum ------>| || | || | || v ||------------------------> InErrors || || ------------------------------------------------------------- Network Layer Interface
Transport Layer Interface ------------------------------------------------------------- /\ || ----------------------------- InDatagrams || ^ || | || | ||----------------------> InPartialCov || | || | || v || EndpointViolCoverage || | NoPorts <--------|| | || | ||------> InBadChecksum ------>| || | || | || v ||------------------------> InErrors || || ------------------------------------------------------------- Network Layer Interface
Figure 2: Counters for Received UDP-Lite Datagrams
图2:接收到的UDP Lite数据报的计数器
A configuration error may occur when a sender chooses a coverage value for the datagrams that it sends that is less than the minimum coverage configured by the intended recipient. The minimum coverage is set on a per-session basis by the application associated with the listening endpoint, and its current value is recorded in the udpliteEndpointTable. Reception of valid datagrams with a checksum coverage value less than this threshold results in dropping the datagram [RFC3828] and incrementing InErrors. To improve debugging of such (misconfigured) cases, an implementer may choose to support the optional udpliteEndpointViolCoverage entry in the endpoint table (Section 1.1) that specifically counts datagrams falling in this category. Without this feature, failure due to misconfiguration can not be distinguished from datagram processing failure.
当发送方为其发送的数据报选择的覆盖率值小于预期接收方配置的最小覆盖率时,可能会发生配置错误。最小覆盖率由与侦听端点关联的应用程序在每个会话的基础上设置,其当前值记录在udpliteEndpointTable中。接收校验和覆盖率值小于此阈值的有效数据报会导致数据报[RFC3828]丢失并增加错误。为了改进此类(错误配置)情况的调试,实现者可以选择在端点表(第1.1节)中支持可选的udpliteEndpointViolCoverage条目,该条目专门统计属于这一类别的数据报。如果没有此功能,由于配置错误导致的故障无法与数据报处理故障区分开来。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119].
本文件中的关键词“必须”、“不得”、“必需”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照BCP 14[RFC2119]中所述进行解释。
For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of RFC 3410 [RFC3410].
有关描述当前互联网标准管理框架的文件的详细概述,请参阅RFC 3410[RFC3410]第7节。
Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580].
托管对象通过虚拟信息存储(称为管理信息库或MIB)进行访问。MIB对象通常通过简单网络管理协议(SNMP)进行访问。MIB中的对象是使用管理信息结构(SMI)中定义的机制定义的。本备忘录规定了符合SMIv2的MIB模块,如STD 58、RFC 2578[RFC2578]、STD 58、RFC 2579[RFC2579]和STD 58、RFC 2580[RFC2580]所述。
UDPLITE-MIB DEFINITIONS ::= BEGIN
UDPLITE-MIB DEFINITIONS ::= BEGIN
IMPORTS MODULE-IDENTITY, OBJECT-TYPE, mib-2, Unsigned32, Counter32, Counter64 FROM SNMPv2-SMI -- [RFC2578]
从SNMPv2 SMI--[RFC2578]导入模块标识、对象类型、mib-2、无符号32、计数器32、计数器64
TimeStamp FROM SNMPv2-TC -- [RFC2579]
来自SNMPv2 TC的时间戳--[RFC2579]
MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF -- [RFC2580]
SNMPv2配置文件[RFC2580]中的模块合规性、对象组
InetAddress, InetAddressType, InetPortNumber FROM INET-ADDRESS-MIB; -- [RFC4001]
INET-ADDRESS-MIB中的InetAddress、InetAddressType、InetPortNumber;——[RFC4001]
udpliteMIB MODULE-IDENTITY LAST-UPDATED "200712180000Z" -- 18 December 2007 ORGANIZATION "IETF TSV Working Group (TSVWG)" CONTACT-INFO "IETF TSV Working Group http://www.ietf.org/html.charters/tsvwg-charter.html Mailing List: tsvwg@ietf.org
udpliteMIB模块标识最后更新的“200712180000Z”-2007年12月18日组织“IETF TSV工作组(TSVWG)”联系信息“IETF TSV工作组”http://www.ietf.org/html.charters/tsvwg-charter.html 邮寄名单:tsvwg@ietf.org
Gerrit Renker, Godred Fairhurst Electronics Research Group School of Engineering, University of Aberdeen Fraser Noble Building, Aberdeen AB24 3UE, UK" DESCRIPTION "The MIB module for managing UDP-Lite implementations. Copyright (C) The IETF Trust (2008). This version of this MIB module is part of RFC 5097; see the RFC itself for full legal notices."
Gerrit Renker,GoRead FelHurt电子学研究小组工程学院,阿伯丁大学弗雷泽诺贝尔大厦,阿伯丁Ab24 3UE,英国“描述”MIB模块管理UDP Lite实现。版权所有(C)IETF信托基金(2008年)。此版本的MIB模块是RFC 5097的一部分;有关完整的法律通知,请参见RFC本身。”
REVISION "200712180000Z" -- 18 December 2007 DESCRIPTION "Initial SMIv2 revision, based on the format of the UDP MIB module (RFC 4113) and published as RFC 5097." ::= { mib-2 170 }
REVISION "200712180000Z" -- 18 December 2007 DESCRIPTION "Initial SMIv2 revision, based on the format of the UDP MIB module (RFC 4113) and published as RFC 5097." ::= { mib-2 170 }
udplite OBJECT IDENTIFIER ::= { udpliteMIB 1 }
udplite OBJECT IDENTIFIER ::= { udpliteMIB 1 }
udpliteInDatagrams OBJECT-TYPE -- as in UDP-MIB SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of UDP-Lite datagrams that were delivered to UDP-Lite users. Discontinuities in the value of this counter can occur at re-initialisation of the management system, and at other times as indicated by the value of udpliteStatsDiscontinuityTime." ::= { udplite 1 }
udpliteInDatagrams OBJECT-TYPE -- as in UDP-MIB SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of UDP-Lite datagrams that were delivered to UDP-Lite users. Discontinuities in the value of this counter can occur at re-initialisation of the management system, and at other times as indicated by the value of udpliteStatsDiscontinuityTime." ::= { udplite 1 }
udpliteInPartialCov OBJECT-TYPE -- new in UDP-Lite SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of UDP-Lite datagrams that were delivered to UDP-Lite users (applications) and whose checksum coverage was strictly less than the datagram length. Discontinuities in the value of this counter can occur at re-initialisation of the management system, and at other times as indicated by the value of udpliteStatsDiscontinuityTime." ::= { udplite 2 }
udpliteInPartialCov OBJECT-TYPE -- new in UDP-Lite SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of UDP-Lite datagrams that were delivered to UDP-Lite users (applications) and whose checksum coverage was strictly less than the datagram length. Discontinuities in the value of this counter can occur at re-initialisation of the management system, and at other times as indicated by the value of udpliteStatsDiscontinuityTime." ::= { udplite 2 }
udpliteNoPorts OBJECT-TYPE -- as in UDP-MIB SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of received UDP-Lite datagrams for which there was no listener at the destination port. Discontinuities in the value of this counter can occur at re-initialisation of the management system, and at other times as indicated by the value of udpliteStatsDiscontinuityTime." ::= { udplite 3 }
udpliteNoPorts OBJECT-TYPE -- as in UDP-MIB SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of received UDP-Lite datagrams for which there was no listener at the destination port. Discontinuities in the value of this counter can occur at re-initialisation of the management system, and at other times as indicated by the value of udpliteStatsDiscontinuityTime." ::= { udplite 3 }
udpliteInErrors OBJECT-TYPE -- as in UDP-MIB SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of received UDP-Lite datagrams that could not be delivered for reasons other than the lack of an application at the destination port. Discontinuities in the value of this counter can occur at re-initialisation of the management system, and at other times as indicated by the value of udpliteStatsDiscontinuityTime." ::= { udplite 4 }
udpliteInErrors OBJECT-TYPE -- as in UDP-MIB SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of received UDP-Lite datagrams that could not be delivered for reasons other than the lack of an application at the destination port. Discontinuities in the value of this counter can occur at re-initialisation of the management system, and at other times as indicated by the value of udpliteStatsDiscontinuityTime." ::= { udplite 4 }
udpliteInBadChecksum OBJECT-TYPE -- new in UDP-Lite SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of received UDP-Lite datagrams whose checksum could not be validated. This includes illegal checksum coverage values, as their use would lead to incorrect checksums. Discontinuities in the value of this counter can occur at re-initialisation of the management system, and at other times as indicated by the value of udpliteStatsDiscontinuityTime." REFERENCE "RFC 3828, section 3.1" ::= { udplite 5 }
udpliteInBadChecksum OBJECT-TYPE -- new in UDP-Lite SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of received UDP-Lite datagrams whose checksum could not be validated. This includes illegal checksum coverage values, as their use would lead to incorrect checksums. Discontinuities in the value of this counter can occur at re-initialisation of the management system, and at other times as indicated by the value of udpliteStatsDiscontinuityTime." REFERENCE "RFC 3828, section 3.1" ::= { udplite 5 }
udpliteOutDatagrams OBJECT-TYPE -- as in UDP-MIB SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION
udpliteOutDatagrams对象类型——与UDP-MIB语法计数器64 MAX-ACCESS只读状态当前描述相同
"The total number of UDP-Lite datagrams sent from this entity. Discontinuities in the value of this counter can occur at re-initialisation of the management system, and at other times as indicated by the value of udpliteStatsDiscontinuityTime." ::= { udplite 6 }
"The total number of UDP-Lite datagrams sent from this entity. Discontinuities in the value of this counter can occur at re-initialisation of the management system, and at other times as indicated by the value of udpliteStatsDiscontinuityTime." ::= { udplite 6 }
udpliteOutPartialCov OBJECT-TYPE -- new in UDP-Lite SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of udpliteOutDatagrams whose checksum coverage was strictly less than the datagram length. Discontinuities in the value of this counter can occur at re-initialisation of the management system, and at other times as indicated by the value of udpliteStatsDiscontinuityTime." ::= { udplite 7 }
udpliteOutPartialCov OBJECT-TYPE -- new in UDP-Lite SYNTAX Counter64 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of udpliteOutDatagrams whose checksum coverage was strictly less than the datagram length. Discontinuities in the value of this counter can occur at re-initialisation of the management system, and at other times as indicated by the value of udpliteStatsDiscontinuityTime." ::= { udplite 7 }
udpliteEndpointTable OBJECT-TYPE SYNTAX SEQUENCE OF UdpLiteEndpointEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing information about this entity's UDP-Lite endpoints on which a local application is currently accepting or sending datagrams.
udpliteEndpointTable UdpLiteEndpointEntry的对象类型语法序列MAX-ACCESS not ACCESS not ACCESS STATUS current DESCRIPTION“包含有关此实体的UDP Lite端点(本地应用程序当前正在其上接受或发送数据报)的信息的表。
The address type in this table represents the address type used for the communication, irrespective of the higher-layer abstraction. For example, an application using IPv6 'sockets' to communicate via IPv4 between ::ffff:10.0.0.1 and ::ffff:10.0.0.2 would use InetAddressType ipv4(1).
此表中的地址类型表示用于通信的地址类型,与高层抽象无关。例如,使用IPv6“套接字”在::ffff:10.0.0.1和::ffff:10.0.0.2之间通过IPv4进行通信的应用程序将使用InetAddressType IPv4(1)。
Like the udpTable in RFC 4113, this table also allows the representation of an application that completely specifies both local and remote addresses and ports. A listening application is represented in three possible ways:
与RFC 4113中的udpTable一样,此表也允许表示完全指定本地和远程地址和端口的应用程序。侦听应用程序以三种可能的方式表示:
1) An application that is willing to accept both IPv4 and IPv6 datagrams is represented by a udpliteEndpointLocalAddressType of unknown(0) and a udpliteEndpointLocalAddress of ''h (a zero-length
1) 愿意接受IPv4和IPv6数据报的应用程序由unknown(0)的udpliteEndpointLocalAddressType和''h(零长度)的udpliteEndpointLocalAddress表示
octet-string).
八位字节字符串)。
2) An application that is willing to accept only IPv4 or only IPv6 datagrams is represented by a udpliteEndpointLocalAddressType of the appropriate address type and a udpliteEndpointLocalAddress of '0.0.0.0' or '::' respectively.
2) 愿意只接受IPv4或IPv6数据报的应用程序分别由相应地址类型的udpliteEndpointLocalAddressType和“0.0.0.0”或“::”的udpliteEndpointLocalAddressType表示。
3) An application that is listening for datagrams only for a specific IP address but from any remote system is represented by a udpliteEndpointLocalAddressType of the appropriate address type, with udpliteEndpointLocalAddress specifying the local address.
3) 仅侦听特定IP地址但来自任何远程系统的数据报的应用程序由相应地址类型的udpliteEndpointLocalAddressType表示,udpliteEndpointLocalAddress指定本地地址。
In all cases where the remote address is a wildcard, the udpliteEndpointRemoteAddressType is unknown(0), the udpliteEndpointRemoteAddress is ''h (a zero-length octet-string), and the udpliteEndpointRemotePort is 0.
在远程地址为通配符的所有情况下,udpliteEndpointRemoteAddressType为未知(0),udpliteEndpointRemoteAddress为''h(长度为零的八位字节字符串),udpliteEndpointRemotePort为0。
If the operating system is demultiplexing UDP-Lite packets by remote address/port, or if the application has 'connected' the socket specifying a default remote address/port, the udpliteEndpointRemote* values should be used to reflect this." ::= { udplite 8 }
If the operating system is demultiplexing UDP-Lite packets by remote address/port, or if the application has 'connected' the socket specifying a default remote address/port, the udpliteEndpointRemote* values should be used to reflect this." ::= { udplite 8 }
udpliteEndpointEntry OBJECT-TYPE SYNTAX UdpLiteEndpointEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information about a particular current UDP-Lite endpoint. Implementers need to pay attention to the sizes of udpliteEndpointLocalAddress/RemoteAddress, as Object Identifiers (OIDs) of column instances in this table must have no more than 128 sub-identifiers in order to remain accessible with SNMPv1, SNMPv2c, and SNMPv3." INDEX { udpliteEndpointLocalAddressType, udpliteEndpointLocalAddress, udpliteEndpointLocalPort, udpliteEndpointRemoteAddressType, udpliteEndpointRemoteAddress, udpliteEndpointRemotePort, udpliteEndpointInstance } ::= { udpliteEndpointTable 1 }
udpliteEndpointEntry OBJECT-TYPE SYNTAX UdpLiteEndpointEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information about a particular current UDP-Lite endpoint. Implementers need to pay attention to the sizes of udpliteEndpointLocalAddress/RemoteAddress, as Object Identifiers (OIDs) of column instances in this table must have no more than 128 sub-identifiers in order to remain accessible with SNMPv1, SNMPv2c, and SNMPv3." INDEX { udpliteEndpointLocalAddressType, udpliteEndpointLocalAddress, udpliteEndpointLocalPort, udpliteEndpointRemoteAddressType, udpliteEndpointRemoteAddress, udpliteEndpointRemotePort, udpliteEndpointInstance } ::= { udpliteEndpointTable 1 }
UdpLiteEndpointEntry ::= SEQUENCE {
UdpLiteEndpointEntry ::= SEQUENCE {
udpliteEndpointLocalAddressType InetAddressType, udpliteEndpointLocalAddress InetAddress, udpliteEndpointLocalPort InetPortNumber, udpliteEndpointRemoteAddressType InetAddressType, udpliteEndpointRemoteAddress InetAddress, udpliteEndpointRemotePort InetPortNumber, udpliteEndpointInstance Unsigned32, udpliteEndpointProcess Unsigned32, udpliteEndpointMinCoverage Unsigned32, udpliteEndpointViolCoverage Counter32 }
udpliteEndpointLocalAddressType InetAddressType、udpliteEndpointLocalAddress InetAddress、udpliteEndpointLocalPort InetPortNumber、udpliteEndpointRemoteAddressType InetAddressType、udpliteEndpointRemoteAddress InetAddress、udpliteEndpointRemotePort InetPortNumber、udpliteEndpointInstance Unsigned32、udpliteEndpointProcess Unsigned32、,udpliteEndpointMinCoverage Unsigned32,UdpliteEndPointViolCollege计数器32}
udpliteEndpointLocalAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The address type of udpliteEndpointLocalAddress. Only IPv4, IPv4z, IPv6, and IPv6z addresses are expected, or unknown(0) if datagrams for all local IP addresses are accepted." ::= { udpliteEndpointEntry 1 }
udpliteEndpointLocalAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The address type of udpliteEndpointLocalAddress. Only IPv4, IPv4z, IPv6, and IPv6z addresses are expected, or unknown(0) if datagrams for all local IP addresses are accepted." ::= { udpliteEndpointEntry 1 }
udpliteEndpointLocalAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The local IP address for this UDP-Lite endpoint.
udpliteEndpointLocalAddress对象类型语法InetAddress MAX-ACCESS不可访问状态当前描述“此UDP Lite端点的本地IP地址。
The value of this object can be represented in three possible ways, depending on the characteristics of the listening application:
根据监听应用程序的特点,此对象的值可以用三种可能的方式表示:
1. For an application that is willing to accept both IPv4 and IPv6 datagrams, the value of this object must be ''h (a zero-length octet-string), with the value of the corresponding instance of the EndpointLocalAddressType object being unknown(0).
1. 对于愿意接受IPv4和IPv6数据报的应用程序,此对象的值必须为“h”(长度为零的八位字节字符串),EndpointLocalAddressType对象的对应实例的值未知(0)。
2. For an application that is willing to accept only IPv4 or only IPv6 datagrams, the value of this object must be '0.0.0.0' or '::', respectively, while the corresponding instance of the EndpointLocalAddressType object represents the appropriate address type.
2. 对于只接受IPv4或IPv6数据报的应用程序,此对象的值必须分别为“0.0.0.0”或“::”,而EndpointLocalAddressType对象的相应实例表示适当的地址类型。
3. For an application that is listening for data
3. 对于正在侦听数据的应用程序
destined only to a specific IP address, the value of this object is the specific IP address for which this node is receiving packets, with the corresponding instance of the EndpointLocalAddressType object representing the appropriate address type.
该对象的值是该节点接收数据包的特定IP地址,EndpointLocalAddressType对象的相应实例表示适当的地址类型。
As this object is used in the index for the udpliteEndpointTable, implementors should be careful not to create entries that would result in OIDs with more than 128 sub-identifiers; this is because of SNMP and SMI limitations." ::= { udpliteEndpointEntry 2 }
As this object is used in the index for the udpliteEndpointTable, implementors should be careful not to create entries that would result in OIDs with more than 128 sub-identifiers; this is because of SNMP and SMI limitations." ::= { udpliteEndpointEntry 2 }
udpliteEndpointLocalPort OBJECT-TYPE SYNTAX InetPortNumber MAX-ACCESS not-accessible STATUS current DESCRIPTION "The local port number for this UDP-Lite endpoint." ::= { udpliteEndpointEntry 3 }
udpliteEndpointLocalPort OBJECT-TYPE SYNTAX InetPortNumber MAX-ACCESS not-accessible STATUS current DESCRIPTION "The local port number for this UDP-Lite endpoint." ::= { udpliteEndpointEntry 3 }
udpliteEndpointRemoteAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The address type of udpliteEndpointRemoteAddress. Only IPv4, IPv4z, IPv6, and IPv6z addresses are expected, or unknown(0) if datagrams for all remote IP addresses are accepted. Also, note that some combinations of udpliteEndpointLocalAdressType and udpliteEndpointRemoteAddressType are not supported. In particular, if the value of this object is not unknown(0), it is expected to always refer to the same IP version as udpliteEndpointLocalAddressType." ::= { udpliteEndpointEntry 4 }
udpliteEndpointRemoteAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The address type of udpliteEndpointRemoteAddress. Only IPv4, IPv4z, IPv6, and IPv6z addresses are expected, or unknown(0) if datagrams for all remote IP addresses are accepted. Also, note that some combinations of udpliteEndpointLocalAdressType and udpliteEndpointRemoteAddressType are not supported. In particular, if the value of this object is not unknown(0), it is expected to always refer to the same IP version as udpliteEndpointLocalAddressType." ::= { udpliteEndpointEntry 4 }
udpliteEndpointRemoteAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The remote IP address for this UDP-Lite endpoint. If datagrams from any remote system are to be accepted, this value is ''h (a zero-length octet-string). Otherwise, it has the type described by udpliteEndpointRemoteAddressType and is the address of
udpliteEndpointRemoteAddress对象类型语法InetAddress MAX-ACCESS不可访问状态当前描述“此UDP Lite端点的远程IP地址。如果要接受来自任何远程系统的数据报,则此值为“”h(零长度八位字节字符串)。否则,它具有udpliteEndpointRemoteAddressType描述的类型,并且是的地址
the remote system from which datagrams are to be accepted (or to which all datagrams will be sent).
接收数据报(或向其发送所有数据报)的远程系统。
As this object is used in the index for the udpliteEndpointTable, implementors should be careful not to create entries that would result in OIDs with more than 128 sub-identifiers; this is because of SNMP and SMI limitations." ::= { udpliteEndpointEntry 5 }
As this object is used in the index for the udpliteEndpointTable, implementors should be careful not to create entries that would result in OIDs with more than 128 sub-identifiers; this is because of SNMP and SMI limitations." ::= { udpliteEndpointEntry 5 }
udpliteEndpointRemotePort OBJECT-TYPE SYNTAX InetPortNumber MAX-ACCESS not-accessible STATUS current DESCRIPTION "The remote port number for this UDP-Lite endpoint. If datagrams from any remote system are to be accepted, this value is zero." ::= { udpliteEndpointEntry 6 }
udpliteEndpointRemotePort OBJECT-TYPE SYNTAX InetPortNumber MAX-ACCESS not-accessible STATUS current DESCRIPTION "The remote port number for this UDP-Lite endpoint. If datagrams from any remote system are to be accepted, this value is zero." ::= { udpliteEndpointEntry 6 }
udpliteEndpointInstance OBJECT-TYPE SYNTAX Unsigned32 (1..'ffffffff'h) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The instance of this tuple. This object is used to distinguish among multiple processes 'connected' to the same UDP-Lite endpoint. For example, on a system implementing the BSD sockets interface, this would be used to support the SO_REUSEADDR and SO_REUSEPORT socket options." ::= { udpliteEndpointEntry 7 }
udpliteEndpointInstance OBJECT-TYPE SYNTAX Unsigned32 (1..'ffffffff'h) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The instance of this tuple. This object is used to distinguish among multiple processes 'connected' to the same UDP-Lite endpoint. For example, on a system implementing the BSD sockets interface, this would be used to support the SO_REUSEADDR and SO_REUSEPORT socket options." ::= { udpliteEndpointEntry 7 }
udpliteEndpointProcess OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "A unique value corresponding to a piece of software running on this endpoint.
udpliteEndpointProcess对象类型语法Unsigned32 MAX-ACCESS只读状态当前描述“与此端点上运行的软件相对应的唯一值。
If this endpoint is associated with more than one piece of software, the agent should choose one of these. As long as the representative piece of software is running and still associated with the endpoint, subsequent reads will consistently return the same value. The implementation may use any algorithm satisfying these constraints (e.g., choosing the entity
如果此端点与多个软件关联,则代理应选择其中一个。只要代表性的软件正在运行并且仍然与端点关联,后续读取将始终返回相同的值。实现可以使用满足这些约束的任何算法(例如,选择实体)
with the oldest start time).
具有最早的开始时间)。
This identifier is platform-specific. Wherever possible, it should use the system's native, unique identification number as the value.
此标识符是特定于平台的。尽可能使用系统的本地唯一标识号作为值。
If the SYSAPPL-MIB module is available, the value should be the same as sysApplElmtRunIndex. If not available, an alternative should be used (e.g., the hrSWRunIndex of the HOST-RESOURCES-MIB module).
如果SYSAPPL-MIB模块可用,则该值应与sysApplElmtRunIndex相同。如果不可用,则应使用替代方法(例如,HOST-RESOURCES-MIB模块的hrSWRunIndex)。
If it is not possible to uniquely identify the pieces of software associated with this endpoint, then the value zero should be used. (Note that zero is otherwise a valid value for sysApplElmtRunIndex.)" ::= { udpliteEndpointEntry 8 }
If it is not possible to uniquely identify the pieces of software associated with this endpoint, then the value zero should be used. (Note that zero is otherwise a valid value for sysApplElmtRunIndex.)" ::= { udpliteEndpointEntry 8 }
udpliteEndpointMinCoverage OBJECT-TYPE -- new in UDP-Lite SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The minimum checksum coverage expected by this endpoint. A value of 0 indicates that only fully covered datagrams are accepted." REFERENCE "RFC 3828, section 3.1" ::= { udpliteEndpointEntry 9 }
udpliteEndpointMinCoverage OBJECT-TYPE -- new in UDP-Lite SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The minimum checksum coverage expected by this endpoint. A value of 0 indicates that only fully covered datagrams are accepted." REFERENCE "RFC 3828, section 3.1" ::= { udpliteEndpointEntry 9 }
udpliteEndpointViolCoverage OBJECT-TYPE -- new / optional in UDP-Lite SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of datagrams received by this endpoint whose checksum coverage violated the minimum coverage threshold set for this connection (i.e., all valid datagrams whose checksum coverage was strictly smaller than the minimum, as defined in RFC 3828). Discontinuities in the value of this counter can occur at re-initialisation of the management system, and at other times as indicated by the value of udpliteStatsDiscontinuityTime." ::= { udpliteEndpointEntry 10 }
udpliteEndpointViolCoverage OBJECT-TYPE -- new / optional in UDP-Lite SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of datagrams received by this endpoint whose checksum coverage violated the minimum coverage threshold set for this connection (i.e., all valid datagrams whose checksum coverage was strictly smaller than the minimum, as defined in RFC 3828). Discontinuities in the value of this counter can occur at re-initialisation of the management system, and at other times as indicated by the value of udpliteStatsDiscontinuityTime." ::= { udpliteEndpointEntry 10 }
udpliteStatsDiscontinuityTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime at the most recent occasion at which one or more of the UDP-Lite counters suffered a discontinuity. A value of zero indicates no such discontinuity has occurred since the last re-initialisation of the local management subsystem." ::= { udplite 9 }
udpliteStatsDiscontinuityTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime at the most recent occasion at which one or more of the UDP-Lite counters suffered a discontinuity. A value of zero indicates no such discontinuity has occurred since the last re-initialisation of the local management subsystem." ::= { udplite 9 }
-- Conformance Information
--一致性信息
udpliteMIBConformance OBJECT IDENTIFIER ::= { udpliteMIB 2 }
udpliteMIBConformance OBJECT IDENTIFIER ::= { udpliteMIB 2 }
udpliteMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for systems that implement UDP-Lite.
udpliteMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION“实现UDP Lite的系统的符合性声明。
There are a number of INDEX objects that cannot be represented in the form of OBJECT clauses in SMIv2, but for which we have the following compliance requirements, expressed in OBJECT clause form in this description clause:
有许多索引对象无法在SMIv2中以对象条款的形式表示,但我们对其有以下符合性要求,在本说明条款中以对象条款的形式表示:
-- OBJECT udpliteEndpointLocalAddressType -- SYNTAX InetAddressType { unknown(0), ipv4(1), -- ipv6(2), ipv4z(3), -- ipv6z(4) } -- DESCRIPTION -- Support for dns(16) is not required. -- OBJECT udpliteEndpointLocalAddress -- SYNTAX InetAddress (SIZE(0|4|8|16|20)) -- DESCRIPTION -- Support is only required for zero-length -- octet-strings, and for scoped and unscoped -- IPv4 and IPv6 addresses. -- OBJECT udpliteEndpointRemoteAddressType -- SYNTAX InetAddressType { unknown(0), ipv4(1), -- ipv6(2), ipv4z(3), -- ipv6z(4) } -- DESCRIPTION -- Support for dns(16) is not required. -- OBJECT udpliteEndpointRemoteAddress
-- OBJECT udpliteEndpointLocalAddressType -- SYNTAX InetAddressType { unknown(0), ipv4(1), -- ipv6(2), ipv4z(3), -- ipv6z(4) } -- DESCRIPTION -- Support for dns(16) is not required. -- OBJECT udpliteEndpointLocalAddress -- SYNTAX InetAddress (SIZE(0|4|8|16|20)) -- DESCRIPTION -- Support is only required for zero-length -- octet-strings, and for scoped and unscoped -- IPv4 and IPv6 addresses. -- OBJECT udpliteEndpointRemoteAddressType -- SYNTAX InetAddressType { unknown(0), ipv4(1), -- ipv6(2), ipv4z(3), -- ipv6z(4) } -- DESCRIPTION -- Support for dns(16) is not required. -- OBJECT udpliteEndpointRemoteAddress
-- SYNTAX InetAddress (SIZE(0|4|8|16|20)) -- DESCRIPTION -- Support is only required for zero-length -- octet-strings, and for scoped and unscoped -- IPv4 and IPv6 addresses. " MODULE -- this module MANDATORY-GROUPS { udpliteBaseGroup, udplitePartialCsumGroup, udpliteEndpointGroup } GROUP udpliteAppGroup DESCRIPTION "This group is optional and provides supplementary information about the effectiveness of using minimum checksum coverage thresholds on endpoints." ::= { udpliteMIBConformance 1 }
-- SYNTAX InetAddress (SIZE(0|4|8|16|20)) -- DESCRIPTION -- Support is only required for zero-length -- octet-strings, and for scoped and unscoped -- IPv4 and IPv6 addresses. " MODULE -- this module MANDATORY-GROUPS { udpliteBaseGroup, udplitePartialCsumGroup, udpliteEndpointGroup } GROUP udpliteAppGroup DESCRIPTION "This group is optional and provides supplementary information about the effectiveness of using minimum checksum coverage thresholds on endpoints." ::= { udpliteMIBConformance 1 }
udpliteMIBGroups OBJECT IDENTIFIER ::= { udpliteMIBConformance 2 }
udpliteMIBGroups OBJECT IDENTIFIER ::= { udpliteMIBConformance 2 }
udpliteBaseGroup OBJECT-GROUP -- as in UDP OBJECTS { udpliteInDatagrams, udpliteNoPorts, udpliteInErrors, udpliteOutDatagrams, udpliteStatsDiscontinuityTime } STATUS current DESCRIPTION "The group of objects providing for counters of basic UDP-like statistics." ::= { udpliteMIBGroups 1 }
udpliteBaseGroup OBJECT-GROUP -- as in UDP OBJECTS { udpliteInDatagrams, udpliteNoPorts, udpliteInErrors, udpliteOutDatagrams, udpliteStatsDiscontinuityTime } STATUS current DESCRIPTION "The group of objects providing for counters of basic UDP-like statistics." ::= { udpliteMIBGroups 1 }
udplitePartialCsumGroup OBJECT-GROUP -- specific to UDP-Lite OBJECTS { udpliteInPartialCov, udpliteInBadChecksum, udpliteOutPartialCov } STATUS current DESCRIPTION "The group of objects providing for counters of transport layer statistics exclusive to UDP-Lite." ::= { udpliteMIBGroups 2 }
udplitePartialCsumGroup OBJECT-GROUP -- specific to UDP-Lite OBJECTS { udpliteInPartialCov, udpliteInBadChecksum, udpliteOutPartialCov } STATUS current DESCRIPTION "The group of objects providing for counters of transport layer statistics exclusive to UDP-Lite." ::= { udpliteMIBGroups 2 }
udpliteEndpointGroup OBJECT-GROUP OBJECTS { udpliteEndpointProcess, udpliteEndpointMinCoverage } STATUS current DESCRIPTION "The group of objects providing for the IP version independent management of UDP-Lite 'endpoints'." ::= { udpliteMIBGroups 3 }
udpliteEndpointGroup OBJECT-GROUP OBJECTS { udpliteEndpointProcess, udpliteEndpointMinCoverage } STATUS current DESCRIPTION "The group of objects providing for the IP version independent management of UDP-Lite 'endpoints'." ::= { udpliteMIBGroups 3 }
udpliteAppGroup OBJECT-GROUP OBJECTS { udpliteEndpointViolCoverage } STATUS current DESCRIPTION "The group of objects that provide application-level information for the configuration management of UDP-Lite 'endpoints'." ::= { udpliteMIBGroups 4 }
udpliteAppGroup OBJECT-GROUP OBJECTS { udpliteEndpointViolCoverage } STATUS current DESCRIPTION "The group of objects that provide application-level information for the configuration management of UDP-Lite 'endpoints'." ::= { udpliteMIBGroups 4 }
END
终止
There are no management objects defined in this MIB module that have a MAX-ACCESS clause of read-write and/or read-create. So, if this MIB module is implemented correctly, then there is no risk that an intruder can alter or create any management objects of this MIB module via direct SNMP SET operations.
此MIB模块中未定义具有读写和/或读创建MAX-ACCESS子句的管理对象。因此,如果此MIB模块实现正确,则入侵者不会通过直接的SNMP集操作更改或创建此MIB模块的任何管理对象。
Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability:
在某些网络环境中,此MIB模块中的某些可读对象(即具有MAX-ACCESS而非not ACCESS的对象)可能被视为敏感或易受攻击。因此,在通过SNMP通过网络发送这些对象时,控制甚至获取和/或通知对这些对象的访问,甚至可能加密这些对象的值,这一点非常重要。以下是表和对象及其敏感度/漏洞:
The indices of the udpliteEndpointTable contain information about the listeners on an entity. In particular, the udpliteEndpointLocalPort index objects can be used to identify ports that are open on the machine and which attacks are likely to succeed, without the attacker having to run a port scanner. The table also identifies the currently listening UDP-Lite ports.
udpliteEndpointTable的索引包含有关实体上侦听器的信息。特别是,udpliteEndpointLocalPort索引对象可用于识别计算机上打开的端口以及哪些攻击可能成功,而攻击者无需运行端口扫描程序。该表还标识了当前正在侦听的UDP Lite端口。
The udpliteEndpointMinCoverage provides information about the requirements of the transport service associated with a specific UDP-Lite port. This provides additional detail concerning the type of application associated with the port at the receiver.
udpliteEndpointMinCoverage提供了有关与特定UDP Lite端口关联的传输服务的要求的信息。这提供了与接收器处的端口相关联的应用程序类型的附加细节。
Since UDP-Lite permits the delivery of (partially) corrupted data to an end host, the counters defined in this MIB module may be used to infer information about the characteristics of the end-to-end path over which the datagrams are communicated. This information could be used to infer the type of application associated with the port at the receiver.
由于UDP Lite允许将(部分)损坏的数据传送到终端主机,因此此MIB模块中定义的计数器可用于推断有关数据报通过其进行通信的端到端路径特征的信息。此信息可用于推断与接收器端口关联的应用程序类型。
SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPsec),
SNMPv3之前的SNMP版本未包含足够的安全性。即使网络本身是安全的(例如通过使用IPsec),
even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module.
即使如此,也无法控制安全网络上的谁可以访问和获取/设置(读取/更改/创建/删除)此MIB模块中的对象。
It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see RFC 3410 [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy).
建议实施者考虑SNMPv3框架提供的安全特性(参见RFC 3410 [RFC340],第8节),包括对SNMPv3加密机制的完全支持(用于身份验证和隐私)。
Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them.
此外,不建议部署SNMPv3之前的SNMP版本。相反,建议部署SNMPv3并启用加密安全性。然后,客户/运营商应负责确保授予访问此MIB模块实例权限的SNMP实体已正确配置为仅授予那些拥有确实获取或设置(更改/创建/删除)对象的合法权限的主体(用户)访问对象。
The MIB module in this document uses the following IANA-assigned OBJECT IDENTIFIER values recorded in the SMI Numbers registry:
本文档中的MIB模块使用SMI编号注册表中记录的以下IANA分配的对象标识符值:
+------------+-------------------------+ | Descriptor | OBJECT IDENTIFIER value | +------------+-------------------------+ | udpliteMIB | { mib-2 170 } | +------------+-------------------------+
+------------+-------------------------+ | Descriptor | OBJECT IDENTIFIER value | +------------+-------------------------+ | udpliteMIB | { mib-2 170 } | +------------+-------------------------+
The design of the MIB module presented in this document owes much to the format of the module presented in [RFC4113].
本文介绍的MIB模块的设计在很大程度上归功于[RFC4113]中介绍的模块格式。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.
[RFC2578]McCloghrie,K.,Perkins,D.,Schoenwaeld,J.,Case,J.,Rose,M.,和S.Waldbusser,“管理信息的结构版本2(SMIv2)”,STD 58,RFC 2578,1999年4月。
[RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999.
[RFC2579]McCloghrie,K.,Perkins,D.,Schoenwaeld,J.,Case,J.,Rose,M.,和S.Waldbusser,“SMIv2的文本约定”,STD 58,RFC 2579,1999年4月。
[RFC2580] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999.
[RFC2580]McCloghrie,K.,Perkins,D.,Schoenwaeld,J.,Case,J.,Rose,M.,和S.Waldbusser,“SMIv2的一致性声明”,STD 58,RFC 25801999年4月。
[RFC3828] Larzon, L-A., Degermark, M., Pink, S., Jonsson, L-E., and G. Fairhurst, "The Lightweight User Datagram Protocol (UDP-Lite)", RFC 3828, July 2004.
[RFC3828]Larzon,L-A.,Degermark,M.,Pink,S.,Jonsson,L-E.,和G.Fairhurst,“轻量级用户数据报协议(UDP Lite)”,RFC 38282004年7月。
[RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. Schoenwaelder, "Textual Conventions for Internet Network Addresses", RFC 4001, February 2005.
[RFC4001]Daniele,M.,Haberman,B.,Routhier,S.,和J.Schoenwaeld,“互联网网络地址的文本约定”,RFC 4001,2005年2月。
[CASE] Case, J. and C. Partridge, "Case Diagrams: A First Step to Diagrammed Management Information Bases", ACM Computer Communications Review, 19(1):13-16, January 1989.
[CASE]CASE,J.和C.Partridge,“案例图:图表化管理信息库的第一步”,ACM计算机通信评论,19(1):13-16,1989年1月。
[RFC768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, August 1980.
[RFC768]Postel,J.,“用户数据报协议”,STD 6,RFC 768,1980年8月。
[RFC2287] Krupczak, C. and J. Saperia, "Definitions of System-Level Managed Objects for Applications", RFC 2287, February 1998.
[RFC2287]Krupczak,C.和J.Saperia,“应用程序系统级托管对象的定义”,RFC 2287,1998年2月。
[RFC2790] Waldbusser, S. and P. Grillo, "Host Resources MIB", RFC 2790, March 2000.
[RFC2790]Waldbusser,S.和P.Grillo,“主机资源MIB”,RFC 27902000年3月。
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet-Standard Management Framework", RFC 3410, December 2002.
[RFC3410]Case,J.,Mundy,R.,Partain,D.,和B.Stewart,“互联网标准管理框架的介绍和适用性声明”,RFC 34102002年12月。
[RFC4113] Fenner, B. and J. Flick, "Management Information Base for the User Datagram Protocol (UDP)", RFC 4113, June 2005.
[RFC4113]Fenner,B.和J.Flick,“用户数据报协议(UDP)的管理信息库”,RFC41132005年6月。
[RFC4340] Kohler, E., Handley, M., and S. Floyd, "Datagram Congestion Control Protocol (DCCP)", RFC 4340, March 2006.
[RFC4340]Kohler,E.,Handley,M.和S.Floyd,“数据报拥塞控制协议(DCCP)”,RFC 43402006年3月。
Authors' Addresses
作者地址
Gerrit Renker University of Aberdeen School of Engineering Fraser Noble Building Aberdeen AB24 3UE Scotland
苏格兰阿伯丁大学工程学院弗雷泽贵族大厦阿伯丁
EMail: gerrit@erg.abdn.ac.uk URI: http://www.erg.abdn.ac.uk
EMail: gerrit@erg.abdn.ac.uk URI: http://www.erg.abdn.ac.uk
Godred Fairhurst University of Aberdeen School of Engineering Fraser Noble Building Aberdeen AB24 3UE Scotland
GoRead FelHurt阿伯丁大学工程学院弗雷泽贵族大厦阿伯丁Ab24 3UE苏格兰
EMail: gorry@erg.abdn.ac.uk URI: http://www.erg.abdn.ac.uk
EMail: gorry@erg.abdn.ac.uk URI: http://www.erg.abdn.ac.uk
Full Copyright Statement
完整版权声明
Copyright (C) The IETF Trust (2008).
版权所有(C)IETF信托基金(2008年)。
This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
本文件受BCP 78中包含的权利、许可和限制的约束,除其中规定外,作者保留其所有权利。
This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件及其包含的信息以“原样”为基础提供,贡献者、他/她所代表或赞助的组织(如有)、互联网协会、IETF信托基金和互联网工程任务组不承担任何明示或暗示的担保,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Intellectual Property
知识产权
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何独立努力来确定任何此类权利。有关RFC文件中权利的程序信息,请参见BCP 78和BCP 79。
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
向IETF秘书处披露的知识产权副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果,可从IETF在线知识产权存储库获取,网址为http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.
IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涵盖实施本标准所需技术的专有权利。请将信息发送至IETF的IETF-ipr@ietf.org.