Network Operations and Control Wiki
Don't have an account?
Register
Advertisement
Register
in: All

Xx9X

Revision as of 02:04, 24 May 2013 by TELE9752 lecturer (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
 Edit

Background: Know: RMON versionsatTable, Prerequisites - addresses, ARP, duplicate IP addresses, Recognize:

Up

Previous Next
Down


RMON2 addressMap[]

RMON1[]

defines hosts by MAC addresses.

RMON2[]

1.provides nlHost(defined by IP address) and alHost(defined by protocol within IP) 2.addressMap:Lists MAC address to network address bindings discovered by the probe and what interface they were last seen on.


1.nlHost:

nlHostTable OBJECT-TYPE

SYNTAX SEQUENCE OF NlHostEntry

MAX-ACCESS not-accessible

STATUS current

DESCRIPTION "A collection of statistics for a particular network layer address that has been discovered on an interface of this device.

The probe will populate this table for all network layer protocols in the protocol directory table whose value of protocolDirHostConfig is equal to supportedOn(3), and will delete any entries whose protocolDirEntry is deleted or has a protocolDirHostConfig value of supportedOff(2).

The probe will add to this table all addresses seen as the source or destination address in all packets with no MAC errors, and will increment octet and packet counts in the table for all packets with no MAC errors."= { nlHost 2 }


nlHostEntry OBJECT-TYPE

SYNTAX NlHostEntry

MAX-ACCESS not-accessible

STATUS current

DESCRIPTION "A conceptual row in the nlHostTable.

The hlHostControlIndex value in the index identifies the hlHostControlEntry on whose behalf this entry was created. The protocolDirLocalIndex value in the index identifies the network layer protocol of the nlHostAddress.

An example of the indexing of this entry is nlHostOutPkts.1.783495.18.4.128.2.6.6.

Note that some combinations of index values may result in an index that exceeds 128 sub-identifiers in length, which exceeds the maximum for the SNMP protocol. Implementations should take

care to avoid such combinations." INDEX { hlHostControlIndex, nlHostTimeMark, protocolDirLocalIndex, nlHostAddress }= { nlHostTable 1 }

NlHostEntry ::= SEQUENCE { nlHostTimeMark TimeFilter, nlHostAddress OCTET STRING, nlHostInPkts ZeroBasedCounter32, nlHostOutPkts ZeroBasedCounter32, nlHostInOctets ZeroBasedCounter32, nlHostOutOctets ZeroBasedCounter32, nlHostOutMacNonUnicastPkts ZeroBasedCounter32, nlHostCreateTime LastCreateTime }


nlHostTimeMark OBJECT-TYPE

SYNTAX TimeFilter

MAX-ACCESS not-accessible

STATUS current

DESCRIPTION "A TimeFilter for this entry. See the TimeFilter textual convention to see how this works."= { nlHostEntry 1 }


nlHostAddress OBJECT-TYPE

SYNTAX OCTET STRING (SIZE (1..255))

MAX-ACCESS not-accessible

STATUS current

DESCRIPTION "The network address for this nlHostEntry.

This is represented as an octet string with specific semantics and length as identified by the protocolDirLocalIndex component of the index.

For example, if the protocolDirLocalIndex indicates an encapsulation of IP, this object is encoded as a length octet of 4, followed by the 4 octets of the IP address, in network byte order."= { nlHostEntry 2 }


nlHostInPkts OBJECT-TYPE

SYNTAX ZeroBasedCounter32

MAX-ACCESS read-only

STATUS current

DESCRIPTION "The number of packets without errors transmitted to this address since it was added to the nlHostTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times."= { nlHostEntry 3 }


nlHostOutPkts OBJECT-TYPE

SYNTAX ZeroBasedCounter32

MAX-ACCESS read-only

STATUS current

DESCRIPTION "The number of packets without errors transmitted by this address since it was added to the nlHostTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times."= { nlHostEntry 4 }


nlHostInOctets OBJECT-TYPE

SYNTAX ZeroBasedCounter32

MAX-ACCESS read-only

STATUS current

DESCRIPTION "The number of octets transmitted to this address since it was added to the nlHostTable (excluding framing bits, but including FCS octets), excluding octets in packets that contained errors.

Note that this doesn't count just those octets in the particular protocol frames but includes the entire packet that contained the protocol."= { nlHostEntry 5 }


nlHostOutOctets OBJECT-TYPE

SYNTAX ZeroBasedCounter32

MAX-ACCESS read-only

STATUS current

DESCRIPTION "The number of octets transmitted by this address since it was added to the nlHostTable (excluding framing bits, but including FCS octets), excluding octets in packets that contained errors.

Note that this doesn't count just those octets in the particular protocol frames but includes the entire packet that contained the protocol."= { nlHostEntry 6 }


nlHostOutMacNonUnicastPkts OBJECT-TYPE

SYNTAX ZeroBasedCounter32

MAX-ACCESS read-only

STATUS current

DESCRIPTION "The number of packets without errors transmitted by this address that were directed to any MAC broadcast addresses or to any MAC multicast addresses since this host was added to the nlHostTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times."= { nlHostEntry 7 }


nlHostCreateTime OBJECT-TYPE

SYNTAX LastCreateTime

MAX-ACCESS read-only

STATUS current

DESCRIPTION "The value of sysUpTime when this entry was last activated. This can be used by the management station to ensure that the entry has not been deleted and recreated between polls."= { nlHostEntry 8 }


2.alHostTable OBJECT-TYPE

SYNTAX SEQUENCE OF AlHostEntry

MAX-ACCESS not-accessible

STATUS current

DESCRIPTION "A collection of statistics for a particular protocol from a particular network address that has been discovered on an interface of this device.

The probe will populate this table for all protocols in the protocol directory table whose value of protocolDirHostConfig is equal to supportedOn(3), and will delete any entries whose protocolDirEntry is deleted or has a protocolDirHostConfig value of supportedOff(2).

The probe will add to this table all addresses seen as the source or destination address in all packets with no MAC errors and will increment octet and packet counts in the table for all packets with no MAC errors. Further, entries will only be added to this table if their address exists in the nlHostTable and will be deleted from this table if their address is deleted from the nlHostTable."= { alHost 1 }


alHostEntry OBJECT-TYPE

SYNTAX AlHostEntry

MAX-ACCESS not-accessible

STATUS current

DESCRIPTION "A conceptual row in the alHostTable.

The hlHostControlIndex value in the index identifies the hlHostControlEntry on whose behalf this entry was created. The first protocolDirLocalIndex value in the index identifies the network-layer protocol of the address. The nlHostAddress value in the index identifies the network- layer address of this entry. The second protocolDirLocalIndex value in the index identifies the protocol that is counted by this entry.

An example of the indexing in this entry is alHostOutPkts.1.783495.18.4.128.2.6.6.34.

Note that some combinations of index values may result in an index that exceeds 128 sub-identifiers in length, which exceeds the maximum for the SNMP protocol. Implementations should take care to avoid such combinations." INDEX { hlHostControlIndex, alHostTimeMark, protocolDirLocalIndex, nlHostAddress, protocolDirLocalIndex }= { alHostTable 1 }

AlHostEntry ::= SEQUENCE { alHostTimeMark TimeFilter, alHostInPkts ZeroBasedCounter32, alHostOutPkts ZeroBasedCounter32, alHostInOctets ZeroBasedCounter32, alHostOutOctets ZeroBasedCounter32, alHostCreateTime LastCreateTime }


alHostTimeMark OBJECT-TYPE

SYNTAX TimeFilter

MAX-ACCESS not-accessible

STATUS current

DESCRIPTION "A TimeFilter for this entry. See the TimeFilter textual convention to see how this works."= { alHostEntry 1 }


alHostInPkts OBJECT-TYPE

SYNTAX ZeroBasedCounter32

MAX-ACCESS read-only

STATUS current

DESCRIPTION "The number of packets of this protocol type without errors transmitted to this address since it was added to the alHostTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times."= { alHostEntry 2 }


alHostOutPkts OBJECT-TYPE

SYNTAX ZeroBasedCounter32

MAX-ACCESS read-only

STATUS current

DESCRIPTION "The number of packets of this protocol type without errors transmitted by this address since it was added to the alHostTable. Note that this is the number of link-layer packets, so if a single network-layer packet is fragmented into several link-layer frames, this counter is incremented several times."= { alHostEntry 3 }


alHostInOctets OBJECT-TYPE

SYNTAX ZeroBasedCounter32

MAX-ACCESS read-only

STATUS current

DESCRIPTION "The number of octets transmitted to this address of this protocol type since it was added to the alHostTable (excluding framing bits, but including FCS octets), excluding octets in packets that contained errors.

Note that this doesn't count just those octets in the particular protocol frames but includes the entire packet that contained the protocol."= { alHostEntry 4 }


alHostOutOctets OBJECT-TYPE

SYNTAX ZeroBasedCounter32

MAX-ACCESS read-only

STATUS current


DESCRIPTION "The number of octets transmitted by this address of this protocol type since it was added to the alHostTable (excluding framing bits, but including FCS octets), excluding octets in packets that contained errors.

Note that this doesn't count just those octets in the particular protocol frames but includes the entire packet that contained the protocol."= { alHostEntry 5 }


alHostCreateTime OBJECT-TYPE

SYNTAX LastCreateTime

MAX-ACCESS read-only


STATUS current

DESCRIPTION "The value of sysUpTime when this entry was last activated. This can be used by the management station to ensure that the entry has not been deleted and recreated between polls."= { alHostEntry 6 }


3.-- Address Map Group (addressMap)

-- Lists MAC address to network address bindings discovered by the

-- probe and what interface they were last seen on.

-- addressMapControlTable

-- addressMapTable


addressMapInserts OBJECT-TYPE

SYNTAX Counter32

MAX-ACCESS read-only

STATUS current

DESCRIPTION "The number of times an address mapping entry has been inserted into the addressMapTable. If an entry is inserted, then deleted, and then inserted, this counter will be incremented by 2.

Note that the table size can be determined by subtracting addressMapDeletes from addressMapInserts."= { addressMap 1 }


addressMapDeletes OBJECT-TYPE

SYNTAX Counter32

MAX-ACCESS read-only

STATUS current

DESCRIPTION "The number of times an address mapping entry has been deleted from the addressMapTable (for any reason). If an entry is deleted, then inserted, and then deleted, this counter will be incremented by 2.

Note that the table size can be determined by subtracting addressMapDeletes from addressMapInserts."= { addressMap 2 }


addressMapMaxDesiredEntries OBJECT-TYPE

SYNTAX Integer32 (-1..2147483647)

MAX-ACCESS read-write

STATUS current

DESCRIPTION "The maximum number of entries that are desired in the addressMapTable. The probe will not create more than this number of entries in the table but may choose to create fewer entries in this table for any reason, including the lack of resources.

If this object is set to a value less than the current number of entries, enough entries are chosen in an implementation-dependent manner and deleted so that the number of entries in the table equals the value of this object.

If this value is set to -1, the probe may create any number of entries in this table.

This object may be used to control how resources are allocated on the probe for the various RMON functions."= { addressMap 3 }


addressMapControlTable OBJECT-TYPE

SYNTAX SEQUENCE OF AddressMapControlEntry

MAX-ACCESS not-accessible

STATUS current

DESCRIPTION "A table to control the collection of mappings from network layer address to physical address to interface.

Note that this is not like the typical RMON controlTable and dataTable in which each entry creates its own data table. Each entry in this table enables the discovery of addresses on a new interface and the placement of address mappings into the central addressMapTable.

Implementations are encouraged to add an entry per monitored interface upon initialization so that a default collection of address mappings is available."= { addressMap 4 }


addressMapControlEntry OBJECT-TYPE

SYNTAX AddressMapControlEntry

MAX-ACCESS not-accessible

STATUS current

DESCRIPTION "A conceptual row in the addressMapControlTable.

An example of the indexing of this entry is addressMapControlDroppedFrames.1"

INDEX { addressMapControlIndex }= { addressMapControlTable 1 }

AddressMapControlEntry ::= SEQUENCE { addressMapControlIndex Integer32, addressMapControlDataSource DataSource, addressMapControlDroppedFrames Counter32, addressMapControlOwner OwnerString, addressMapControlStatus RowStatus }


addressMapControlIndex OBJECT-TYPE

SYNTAX Integer32 (1..65535)

MAX-ACCESS not-accessible

STATUS current

DESCRIPTION "A unique index for this entry in the addressMapControlTable."= { addressMapControlEntry 1 }


addressMapControlDataSource OBJECT-TYPE

SYNTAX DataSource

MAX-ACCESS read-create

STATUS current

DESCRIPTION "The source of data for this addressMapControlEntry."= { addressMapControlEntry 2 }


addressMapControlDroppedFrames OBJECT-TYPE

SYNTAX Counter32

MAX-ACCESS read-only

STATUS current

DESCRIPTION "The total number of frames that were received by the probe and therefore not accounted for in the *StatsDropEvents, but that the probe chose not to count for this entry for whatever reason. Most often, this event occurs when the probe is out of some resources and decides to shed load from this collection.

This count does not include packets that were not counted because they had MAC-layer errors.

Note that, unlike the dropEvents counter, this number is the exact number of frames dropped."= { addressMapControlEntry 3 }


addressMapControlOwner OBJECT-TYPE

SYNTAX OwnerString

MAX-ACCESS read-create

STATUS current

DESCRIPTION "The entity that configured this entry and is therefore using the resources assigned to it."= { addressMapControlEntry 4 }


addressMapControlStatus OBJECT-TYPE

SYNTAX RowStatus

MAX-ACCESS read-create


STATUS current


DESCRIPTION "The status of this addressMap control entry.

An entry may not exist in the active state unless all objects in the entry have an appropriate value.

If this object is not equal to active(1), all associated entries in the addressMapTable shall be deleted."= { addressMapControlEntry 5 }


addressMapTable OBJECT-TYPE

SYNTAX SEQUENCE OF AddressMapEntry

MAX-ACCESS not-accessible

STATUS current

DESCRIPTION "A table of mappings from network layer address to physical address to interface.

The probe will add entries to this table based on the source MAC and network addresses seen in packets without MAC-level errors. The probe will populate this table for all protocols in the protocol directory table whose value of protocolDirAddressMapConfig is equal to supportedOn(3), and will delete any entries whose protocolDirEntry is deleted or has a protocolDirAddressMapConfig value of supportedOff(2)."= { addressMap 5 }


addressMapEntry OBJECT-TYPE

SYNTAX AddressMapEntry

MAX-ACCESS not-accessible

STATUS current

DESCRIPTION "A conceptual row in the addressMapTable.

The protocolDirLocalIndex in the index identifies the network layer protocol of the addressMapNetworkAddress.


An example of the indexing of this entry is addressMapSource.783495.18.4.128.2.6.6.11.1.3.6.1.2.1.2.2.1.1.1.

Note that some combinations of index values may result in an index that exceeds 128 sub-identifiers in length, which exceeds the maximum for the SNMP protocol. Implementations should take care to avoid such combinations." INDEX { addressMapTimeMark, protocolDirLocalIndex, addressMapNetworkAddress, addressMapSource }= { addressMapTable 1 }

AddressMapEntry ::= SEQUENCE { addressMapTimeMark TimeFilter, addressMapNetworkAddress OCTET STRING, addressMapSource OBJECT IDENTIFIER, addressMapPhysicalAddress OCTET STRING, addressMapLastChange TimeStamp }


addressMapTimeMark OBJECT-TYPE

SYNTAX TimeFilter


MAX-ACCESS not-accessible


STATUS current

DESCRIPTION "A TimeFilter for this entry. See the TimeFilter textual convention to see how this works."= { addressMapEntry 1 }


addressMapNetworkAddress OBJECT-TYPE

SYNTAX OCTET STRING (SIZE (1..255))

MAX-ACCESS not-accessible

STATUS current

DESCRIPTION "The network address for this relation.

This is represented as an octet string with specific semantics and length as identified by the protocolDirLocalIndex component of the index.

For example, if the protocolDirLocalIndex indicates an encapsulation of ip, this object is encoded as a length octet of 4, followed by the 4 octets of the IP address, in network byte order."= { addressMapEntry 2 }


addressMapSource OBJECT-TYPE

SYNTAX OBJECT IDENTIFIER

MAX-ACCESS not-accessible

STATUS current

DESCRIPTION "The interface or port on which the associated network address was most recently seen.

If this address mapping was discovered on an interface, this object shall identify the instance of the ifIndex object, defined in [RFC2863], for the desired interface. For example, if an entry were to receive data from interface #1, this object would be set to ifIndex.1.

If this address mapping was discovered on a port, this object shall identify the instance of the rptrGroupPortIndex object, defined in [RFC2108], for the desired port. For example, if an entry were to receive data from group #1, port #1, this object would be set to rptrGroupPortIndex.1.1.

Note that while the dataSource associated with this entry may only point to index objects, this object may at times point to repeater port objects. This situation occurs when the dataSource points to an interface that is a locally attached repeater and the agent has additional information about the source port of traffic seen on that repeater."= { addressMapEntry 3 }


addressMapPhysicalAddress OBJECT-TYPE

SYNTAX OCTET STRING

MAX-ACCESS read-only

STATUS current

DESCRIPTION "The last source physical address on which the associated network address was seen. If the protocol of the associated network address was encapsulated inside of a network-level or higher protocol, this will be the address of the next-lower protocol with the addressRecognitionCapable bit enabled and will be formatted as specified for that protocol."= { addressMapEntry 4 }


addressMapLastChange OBJECT-TYPE

SYNTAX TimeStamp

MAX-ACCESS read-only

STATUS current

DESCRIPTION "The value of sysUpTime at the time this entry was last created or the values of the physical address changed.

This can be used to help detect duplicate address problems, in which case this object will be updated frequently."= { addressMapEntry 5 }


See alsoEdit[]

Corresponding TELE9752 lecture slide

ReferencesEdit[]

1. http://www.simpleweb.org/ietf/mibs/modules/IETF/txt/RMON2-MIB

2. RFC 2108: Definitions of Managed Objects for IEEE 802.3 Repeater Devices using SMIv2

3. RFC 2863: The Interfaces Group MIB

Community content is available under CC-BY-SA unless otherwise noted.
Advertisement

Fan Feed

More Network Operations and Control Wiki