Internet Draft
INTERNET-DRAFT                                   Editor of this version:
Request for Comments: -MIB                                    R. Presuhn
STD: XXX                                              BMC Software, Inc.
Obsoletes: 1907                             Authors of previous version:
Category: Standards Track                                        J. Case
                                                     SNMP Research, Inc.
                                                           K. McCloghrie
                                                     Cisco Systems, Inc.
                                                                 M. Rose
                                            Dover Beach Consulting, Inc.
                                                           S. Waldbusser
                                          International Network Services
                                                            14 July 2000


                      Management Information Base
                                for the
                   Simple Network Management Protocol
                 <draft-ietf-snmpv3-update-mib-04.txt>


Status of this Memo

   This document is an Internet-Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.  Internet-Drafts are working
   documents of the Internet Engineering Task Force (IETF), its areas,
   and its working groups.  Note that other groups may also distribute
   working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html

Copyright Notice

   Copyright (C) The Internet Society (2000).  All Rights Reserved.








SNMPv3 Working Group      Expires December 2001                 [Page 1]

Internet Draft        Protocol Operations for SNMP          14 July 2000


Abstract

   This document defines managed objects which describe the behavior of
   an SNMP entity.  This document obsoletes RFC 1907, Management
   Information Base for Version 2 of the Simple Network Management
   Protocol (SNMPv2).

Table of Contents

   1. Introduction ................................................    3
   2. The SNMP Management Framework ...............................    3
   3. Definitions .................................................    4
   4. Notice on Intellectual Property .............................   22
   5. Acknowledgments .............................................   22
   6. Security Considerations .....................................   24
   7. References ..................................................   24
   8. Editor's Address ............................................   26
   9. Changes from RFC 1907 .......................................   26
   10. Issues .....................................................   27
   11. Full Copyright Statement ...................................   28































SNMPv3 Working Group      Expires December 2001                 [Page 2]

Internet Draft        Protocol Operations for SNMP          14 July 2000


1.  Introduction

   It is the purpose of this document to define managed objects which
   describe the behavior of an SNMP entity, as defined in the SNMP
   architecture [RFC2571].

2.  The SNMP Management Framework

   The SNMP Management Framework at the time of this writing consists of
   five major components:

        -    An overall architecture, described in RFC 2571 [RFC2571].

        -    Mechanisms for describing and naming objects and events for
             the purpose of management.  The first version of this
             Structure of Management Information (SMI) is called SMIv1
             and described in STD 16, RFC 1155 [RFC1155], STD 16, RFC
             1212 [RFC1212] and RFC 1215 [RFC1215].  The second version,
             called SMIv2, is described in STD 58, RFC 2578 [RFC2578],
             STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 [RFC2580].

        -    Message protocols for transferring management information.
             The first version of the SNMP message protocol is called
             SNMPv1 and described in STD 15, RFC 1157 [RFC1157].  A
             second version of the SNMP message protocol, which is not
             an Internet standards track protocol, is called SNMPv2c and
             described in RFC 1901 [RFC1901] and RFC -TM [RFC-TM].  The
             third version of the message protocol is called SNMPv3 and
             described in RFC -TM [RFC-TM], RFC 2572 [RFC2572] and RFC
             2574 [RFC2574].

        -    Protocol operations for accessing management information.
             The first set of protocol operations and associated PDU
             formats is described in STD 15, RFC 1157 [RFC1157].  A
             second set of protocol operations and associated PDU
             formats is described in RFC -PROTO [RFC-PROTO].

        -    A set of fundamental applications described in RFC 2573
             [RFC2573] and the view-based access control mechanism
             described in RFC 2575 [RFC2575].

        A more detailed introduction to the current SNMP Management
        Framework can be found in RFC 2570 [RFC2570].

        Managed objects are accessed via a virtual information store,
        termed the Management Information Base or MIB.  Objects in the
        MIB are defined using the mechanisms defined in the SMI.




SNMPv3 Working Group      Expires December 2001                 [Page 3]

Internet Draft        Protocol Operations for SNMP          14 July 2000


        This memo specifies a MIB module that is compliant to the SMIv2.
        A MIB conforming to the SMIv1 can be produced through the
        appropriate translations.  The resulting translated MIB must be
        semantically equivalent, except where objects or events are
        omitted because no translation is possible (use of Counter64).
        Some machine readable information in SMIv2 will be converted
        into textual descriptions in SMIv1 during the translation
        process.  However, this loss of machine readable information is
        not considered to change the semantics of the MIB.

3.  Definitions

   SNMPv2-MIB DEFINITIONS ::= BEGIN

   IMPORTS
       MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
       TimeTicks, Counter32, snmpModules, mib-2
           FROM SNMPv2-SMI
       DisplayString, TestAndIncr, TimeStamp
           FROM SNMPv2-TC
       MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
           FROM SNMPv2-CONF;

   snmpMIB MODULE-IDENTITY
       LAST-UPDATED "200007141730Z"
       ORGANIZATION "IETF SNMPv3 Working Group"
       CONTACT-INFO
               "WG-EMail:   snmpv3@tis.com
                Subscribe:  majordomo@tis.com
                            In message body:  subscribe snmpv3

                Chair:      Russ Mundy
                            TIS Labs at Network Associates
                postal:     3060 Washington Rd
                            Glenwood MD 21738
                            USA
                EMail:      mundy@tislabs.com
                phone:      +1 301 854-6889

                Editor:     Randy Presuhn
                            BMC Software, Inc.
                postal:     2141 North First Street
                            San Jose, CA 95131
                            USA
                EMail:      randy_presuhn@bmc.com
                phone:      +1 408 546-1006"
       DESCRIPTION
               "The MIB module for SNMP entities."



SNMPv3 Working Group      Expires December 2001                 [Page 4]

Internet Draft        Protocol Operations for SNMP          14 July 2000


       REVISION      "200007141730Z"
       DESCRIPTION
               "This revision of this MIB module was published as
                ."
       REVISION      "199511090000Z"
       DESCRIPTION
               "This revision of this MIB module was published as
                RFC 1907."
       REVISION      "199304010000Z"
       DESCRIPTION
               "The initial revision of this MIB module was published
               as RFC 1450."
       ::= { snmpModules 1 }


   snmpMIBObjects OBJECT IDENTIFIER ::= { snmpMIB 1 }

   --  ::= { snmpMIBObjects 1 }        this OID is obsolete
   --  ::= { snmpMIBObjects 2 }        this OID is obsolete
   --  ::= { snmpMIBObjects 3 }        this OID is obsolete


   -- the System group
   --
   -- a collection of objects common to all managed systems.

   system   OBJECT IDENTIFIER ::= { mib-2 1 }

   sysDescr OBJECT-TYPE
       SYNTAX      DisplayString (SIZE (0..255))
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
               "A textual description of the entity.  This value should
               include the full name and version identification of
               the system's hardware type, software operating-system,
               and networking software."
       ::= { system 1 }













SNMPv3 Working Group      Expires December 2001                 [Page 5]

Internet Draft        Protocol Operations for SNMP          14 July 2000


   sysObjectID OBJECT-TYPE
       SYNTAX      OBJECT IDENTIFIER
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
               "The vendor's authoritative identification of the
               network management subsystem contained in the entity.
               This value is allocated within the SMI enterprises
               subtree (1.3.6.1.4.1) and provides an easy and
               unambiguous means for determining `what kind of box' is
               being managed.  For example, if vendor `Flintstones,
               Inc.' was assigned the subtree 1.3.6.1.4.1.424242,
               it could assign the identifier 1.3.6.1.4.1.424242.1.1
               to its `Fred Router'."
       ::= { system 2 }

   sysUpTime OBJECT-TYPE
       SYNTAX      TimeTicks
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
               "The time (in hundredths of a second) since the
               network management portion of the system was last
               re-initialized."
       ::= { system 3 }

   sysContact OBJECT-TYPE
       SYNTAX      DisplayString (SIZE (0..255))
       MAX-ACCESS  read-write
       STATUS      current
       DESCRIPTION
               "The textual identification of the contact person for
               this managed node, together with information on how
               to contact this person.  If no contact information is
               known, the value is the zero-length string."
       ::= { system 4 }

   sysName OBJECT-TYPE
       SYNTAX      DisplayString (SIZE (0..255))
       MAX-ACCESS  read-write
       STATUS      current
       DESCRIPTION
               "An administratively-assigned name for this managed
               node.  By convention, this is the node's fully-qualified
               domain name.  If the name is unknown, the value is
               the zero-length string."
       ::= { system 5 }




SNMPv3 Working Group      Expires December 2001                 [Page 6]

Internet Draft        Protocol Operations for SNMP          14 July 2000


   sysLocation OBJECT-TYPE
       SYNTAX      DisplayString (SIZE (0..255))
       MAX-ACCESS  read-write
       STATUS      current
       DESCRIPTION
               "The physical location of this node (e.g., 'telephone
               closet, 3rd floor').  If the location is unknown, the
               value is the zero-length string."
       ::= { system 6 }

   sysServices OBJECT-TYPE
       SYNTAX      INTEGER (0..127)
       MAX-ACCESS  read-only
       STATUS      current
       DESCRIPTION
               "A value which indicates the set of services that this
               entity may potentially offer.  The value is a sum.
               This sum initially takes the value zero. Then, for
               each layer, L, in the range 1 through 7, that this node
               performs transactions for, 2 raised to (L - 1) is added
               to the sum.  For example, a node which performs only
               routing functions would have a value of 4 (2^(3-1)).
               In contrast, a node which is a host offering application
               services would have a value of 72 (2^(4-1) + 2^(7-1)).
               Note that in the context of the Internet suite of
               protocols, values should be calculated accordingly:

                    layer      functionality
                      1        physical (e.g., repeaters)
                      2        datalink/subnetwork (e.g., bridges)
                      3        internet (e.g., supports the IP)
                      4        end-to-end  (e.g., supports the TCP)
                      7        applications (e.g., supports the SMTP)

               For systems including OSI protocols, layers 5 and 6
               may also be counted."
       ::= { system 7 }


   -- object resource information
   --
   -- a collection of objects which describe the SNMP entity's
   -- (statically and dynamically configurable) support of
   -- various MIB modules.







SNMPv3 Working Group      Expires December 2001                 [Page 7]

Internet Draft        Protocol Operations for SNMP          14 July 2000


   sysORLastChange OBJECT-TYPE
       SYNTAX     TimeStamp
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
               "The value of sysUpTime at the time of the most recent
               change in state or value of any instance of sysORID."
       ::= { system 8 }

   sysORTable OBJECT-TYPE
       SYNTAX     SEQUENCE OF SysOREntry
       MAX-ACCESS not-accessible
       STATUS     current
       DESCRIPTION
               "The (conceptual) table listing the capabilities of
               the local SNMP application acting as a command
               responder with respect to various MIB modules.
               SNMP entities having dynamically-configurable support
               of MIB modules will have a dynamically-varying number
               of conceptual rows."
       ::= { system 9 }

   sysOREntry OBJECT-TYPE
       SYNTAX     SysOREntry
       MAX-ACCESS not-accessible
       STATUS     current
       DESCRIPTION
               "An entry (conceptual row) in the sysORTable."
       INDEX      { sysORIndex }
       ::= { sysORTable 1 }

   SysOREntry ::= SEQUENCE {
       sysORIndex     INTEGER,
       sysORID        OBJECT IDENTIFIER,
       sysORDescr     DisplayString,
       sysORUpTime    TimeStamp
   }

   sysORIndex OBJECT-TYPE
       SYNTAX     INTEGER (1..2147483647)
       MAX-ACCESS not-accessible
       STATUS     current
       DESCRIPTION
               "The auxiliary variable used for identifying instances
               of the columnar objects in the sysORTable."
       ::= { sysOREntry 1 }





SNMPv3 Working Group      Expires December 2001                 [Page 8]

Internet Draft        Protocol Operations for SNMP          14 July 2000


   sysORID OBJECT-TYPE
       SYNTAX     OBJECT IDENTIFIER
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
               "An authoritative identification of a capabilities
               statement with respect to various MIB modules supported
               by the local SNMP application acting as a command
               responder."
       ::= { sysOREntry 2 }

   sysORDescr OBJECT-TYPE
       SYNTAX     DisplayString
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
               "A textual description of the capabilities identified
               by the corresponding instance of sysORID."
       ::= { sysOREntry 3 }

   sysORUpTime OBJECT-TYPE
       SYNTAX     TimeStamp
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
               "The value of sysUpTime at the time this conceptual
               row was last instantiated."
       ::= { sysOREntry 4 }


   -- the SNMP group
   --
   -- a collection of objects providing basic instrumentation and
   -- control of an SNMP entity.

   snmp     OBJECT IDENTIFIER ::= { mib-2 11 }

   snmpInPkts OBJECT-TYPE
       SYNTAX     Counter32
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
               "The total number of messages delivered to the SNMP
               entity from the transport service."
       ::= { snmp 1 }






SNMPv3 Working Group      Expires December 2001                 [Page 9]

Internet Draft        Protocol Operations for SNMP          14 July 2000


   snmpInBadVersions OBJECT-TYPE
       SYNTAX     Counter32
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
               "The total number of SNMP messages which were delivered
               to the SNMP entity and were for an unsupported SNMP
               version."
       ::= { snmp 3 }

   snmpInBadCommunityNames OBJECT-TYPE
       SYNTAX     Counter32
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
              "The total number of community-based SNMP messages (for
              example,  SNMPv1) delivered to the SNMP entity which
              used an SNMP community name not known to said entity.
              Also, implementations which authenticate community-based
              SNMP messages using check(s) in addition to matching
              the community name (for example, by also checking
              whether the message originated from a transport address
              allowed to use a specified community name) MAY include
              in this value the number of messages which failed the
              additional check(s).  It is strongly RECOMMENDED that
              the documentation for any security model which is used
              to authenticate community-based SNMP messages specify
              the precise conditions that contribute to this value."
       ::= { snmp 4 }

   snmpInBadCommunityUses OBJECT-TYPE
       SYNTAX     Counter32
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
              "The total number of community-based SNMP messages (for
              example, SNMPv1) delivered to the SNMP entity which
              represented an SNMP operation that was not allowed for
              the SNMP community named in the message.  The precise
              conditions under which this counter is incremented
              (if at all) depend on how the SNMP entity implements
              its access control mechanism and how its applications
              interact with that access control mechanism.  It is
              strongly RECOMMENDED that the documentation for any
              access control mechanism which is used to control access
              to and visibility of MIB instrumentation specify the
              precise conditions that contribute to this value."
       ::= { snmp 5 }



SNMPv3 Working Group      Expires December 2001                [Page 10]

Internet Draft        Protocol Operations for SNMP          14 July 2000


   snmpInASNParseErrs OBJECT-TYPE
       SYNTAX     Counter32
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
               "The total number of ASN.1 or BER errors encountered by
               the SNMP entity when decoding received SNMP messages."
       ::= { snmp 6 }

   snmpEnableAuthenTraps OBJECT-TYPE
       SYNTAX      INTEGER { enabled(1), disabled(2) }
       MAX-ACCESS  read-write
       STATUS      current
       DESCRIPTION
               "Indicates whether the SNMP entity is permitted to
               generate authenticationFailure traps.  The value of this
               object overrides any configuration information; as such,
               it provides a means whereby all authenticationFailure
               traps may be disabled.

               Note that it is strongly recommended that this object
               be stored in non-volatile memory so that it remains
               constant across re-initializations of the network
               management system."
       ::= { snmp 30 }

   snmpSilentDrops OBJECT-TYPE
       SYNTAX     Counter32
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
              "The total number of Confirmed Class PDUs (such as
              GetRequest-PDUs, GetNextRequest-PDUs,
              GetBulkRequest-PDUs, SetRequest-PDUs, and
              InformRequest-PDUs) delivered to the SNMP entity which
              were silently dropped because the size of a reply
              containing an alternate Response Class PDU (such as a
              Response-PDU) with an empty variable-bindings field
              was greater than either a local constraint or the
              maximum message size associated with the originator of
              the request."
       ::= { snmp 31 }









SNMPv3 Working Group      Expires December 2001                [Page 11]

Internet Draft        Protocol Operations for SNMP          14 July 2000


   snmpProxyDrops OBJECT-TYPE
       SYNTAX     Counter32
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
               "The total number of Confirmed Class PDUs
               (such as GetRequest-PDUs, GetNextRequest-PDUs,
               GetBulkRequest-PDUs, SetRequest-PDUs, and
               InformRequest-PDUs) delivered to the SNMP entity which
               were silently dropped because the transmission of
               the (possibly translated) message to a proxy target
               failed in a manner (other than a time-out) such that
               no Response Class PDU (such as a Response-PDU) could
               be returned."
       ::= { snmp 32 }


   -- information for notifications
   --
   -- a collection of objects which allow the SNMP entity, when
   -- supporting a notification originator application,
   -- to be configured to generate SNMPv2-Trap-PDUs.

   snmpTrap       OBJECT IDENTIFIER ::= { snmpMIBObjects 4 }


   snmpTrapOID OBJECT-TYPE
       SYNTAX     OBJECT IDENTIFIER
       MAX-ACCESS accessible-for-notify
       STATUS     current
       DESCRIPTION
               "The authoritative identification of the notification
               currently being sent.  This variable occurs as
               the second varbind in every SNMPv2-Trap-PDU and
               InformRequest-PDU."
       ::= { snmpTrap 1 }

   --  ::= { snmpTrap 2 }   this OID is obsolete

   snmpTrapEnterprise OBJECT-TYPE
       SYNTAX     OBJECT IDENTIFIER
       MAX-ACCESS accessible-for-notify
       STATUS     current
       DESCRIPTION
               "The authoritative identification of the enterprise
               associated with the trap currently being sent.  When an
               SNMP proxy agent is mapping an RFC1157 Trap-PDU
               into a SNMPv2-Trap-PDU, this variable occurs as the



SNMPv3 Working Group      Expires December 2001                [Page 12]

Internet Draft        Protocol Operations for SNMP          14 July 2000


               last varbind."
       ::= { snmpTrap 3 }

   --  ::= { snmpTrap 4 }   this OID is obsolete


   -- well-known traps

   snmpTraps      OBJECT IDENTIFIER ::= { snmpMIBObjects 5 }

   coldStart NOTIFICATION-TYPE
       STATUS  current
       DESCRIPTION
               "A coldStart trap signifies that the SNMP entity,
               supporting a notification originator application, is
               reinitializing itself and that its configuration may
               have been altered."
       ::= { snmpTraps 1 }

   warmStart NOTIFICATION-TYPE
       STATUS  current
       DESCRIPTION
               "A warmStart trap signifies that the SNMP entity,
               supporting a notification originator application,
               is reinitializing itself such that its configuration
               is unaltered."
       ::= { snmpTraps 2 }

   -- Note the linkDown NOTIFICATION-TYPE ::= { snmpTraps 3 }
   -- and the linkUp NOTIFICATION-TYPE ::= { snmpTraps 4 }
   -- are defined in RFC 2233 [RFC2233]

   authenticationFailure NOTIFICATION-TYPE
       STATUS  current
       DESCRIPTION
               "An authenticationFailure trap signifies that the SNMP
                entity has received a protocol message that is not
                properly authenticated.  While all implementations
                of SNMP entities MAY be capable of generating this
                trap, the snmpEnableAuthenTraps object indicates
                whether this trap will be generated."
       ::= { snmpTraps 5 }

   -- Note the egpNeighborLoss notification is defined
   -- as { snmpTraps 6 } in RFC 1213

   -- the set group
   --



SNMPv3 Working Group      Expires December 2001                [Page 13]

Internet Draft        Protocol Operations for SNMP          14 July 2000


   -- a collection of objects which allow several cooperating
   -- command generator applications to coordinate their use of the
   -- set operation.

   snmpSet        OBJECT IDENTIFIER ::= { snmpMIBObjects 6 }

   snmpSetSerialNo OBJECT-TYPE
       SYNTAX     TestAndIncr
       MAX-ACCESS read-write
       STATUS     current
       DESCRIPTION
               "An advisory lock used to allow several cooperating
               command generator applications to coordinate their
               use of the SNMP set operation.

               This object is used for coarse-grain coordination.
               To achieve fine-grain coordination, one or more similar
               objects might be defined within each MIB group, as
               appropriate."
       ::= { snmpSet 1 }


   -- conformance information

   snmpMIBConformance
                  OBJECT IDENTIFIER ::= { snmpMIB 2 }

   snmpMIBCompliances
                  OBJECT IDENTIFIER ::= { snmpMIBConformance 1 }
   snmpMIBGroups  OBJECT IDENTIFIER ::= { snmpMIBConformance 2 }


   -- compliance statements

   --    ::= { snmpMIBCompliances 1 }      this OID is obsolete

   snmpBasicCompliance MODULE-COMPLIANCE
       STATUS  current
       DESCRIPTION
               "The compliance statement for SNMP entities which
               implement this MIB module."
       MODULE  -- this module
           MANDATORY-GROUPS { snmpGroup, snmpSetGroup, systemGroup,
                              snmpBasicNotificationsGroup }

           GROUP   snmpCommunityGroup
           DESCRIPTION
               "This group is mandatory for SNMP entities which



SNMPv3 Working Group      Expires December 2001                [Page 14]

Internet Draft        Protocol Operations for SNMP          14 July 2000


               support community-based authentication."

       ::= { snmpMIBCompliances 2 }


   -- units of conformance

   --  ::= { snmpMIBGroups 1 }           this OID is obsolete
   --  ::= { snmpMIBGroups 2 }           this OID is obsolete
   --  ::= { snmpMIBGroups 3 }           this OID is obsolete
   --  ::= { snmpMIBGroups 4 }           this OID is obsolete

   snmpGroup OBJECT-GROUP
       OBJECTS { snmpInPkts,
                 snmpInBadVersions,
                 snmpInASNParseErrs,
                 snmpSilentDrops,
                 snmpProxyDrops,
                 snmpEnableAuthenTraps }
       STATUS  current
       DESCRIPTION
               "A collection of objects providing basic instrumentation
               and control of an SNMP entity."
       ::= { snmpMIBGroups 8 }

   snmpCommunityGroup OBJECT-GROUP
       OBJECTS { snmpInBadCommunityNames,
                 snmpInBadCommunityUses }
       STATUS  current
       DESCRIPTION
               "A collection of objects providing basic instrumentation
               of a SNMP entity which supports community-based
               authentication."
       ::= { snmpMIBGroups 9 }

   snmpSetGroup OBJECT-GROUP
       OBJECTS { snmpSetSerialNo }
       STATUS  current
       DESCRIPTION
               "A collection of objects which allow several cooperating
               command generator applications to coordinate their
               use of the set operation."
       ::= { snmpMIBGroups 5 }








SNMPv3 Working Group      Expires December 2001                [Page 15]

Internet Draft        Protocol Operations for SNMP          14 July 2000


   systemGroup OBJECT-GROUP
       OBJECTS { sysDescr, sysObjectID, sysUpTime,
                 sysContact, sysName, sysLocation,
                 sysServices,
                 sysORLastChange, sysORID,
                 sysORUpTime, sysORDescr }
       STATUS  current
       DESCRIPTION
               "The system group defines objects which are common to all
               managed systems."
       ::= { snmpMIBGroups 6 }

   snmpBasicNotificationsGroup NOTIFICATION-GROUP
       NOTIFICATIONS { coldStart, authenticationFailure }
       STATUS        current
       DESCRIPTION
               "The two notifications which an SNMP entity
               supporting notification originator applications
               is required to implement."
       ::= { snmpMIBGroups 7 }

   snmpAdditionalNotificationsGroup NOTIFICATION-GROUP
       NOTIFICATIONS { warmStart }
       STATUS        current
       DESCRIPTION
               "The notifications which an SNMP entity
               supporting notification originator applications
               is required to implement if it is able to
               reinitialize itself such that its configuration
               is unaltered."
       ::= { snmpMIBGroups 11 }

   notificationGroup OBJECT-GROUP
       OBJECTS { snmpTrapOID, snmpTrapEnterprise }
       STATUS  current
       DESCRIPTION
               "These objects are required for entities
               which support notification originator applications."
       ::= { snmpMIBGroups 12 }

   -- definitions in RFC 1213 made obsolete by the inclusion of a
   -- subset of the snmp group in this MIB









SNMPv3 Working Group      Expires December 2001                [Page 16]

Internet Draft        Protocol Operations for SNMP          14 July 2000


   snmpOutPkts OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Messages which were
               passed from the SNMP protocol entity to the
               transport service."
       ::= { snmp 2 }

   -- { snmp 7 } is not used

   snmpInTooBigs OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP PDUs which were
               delivered to the SNMP protocol entity and for
               which the value of the error-status field was
               `tooBig'."
       ::= { snmp 8 }

   snmpInNoSuchNames OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP PDUs which were
               delivered to the SNMP protocol entity and for
               which the value of the error-status field was
               `noSuchName'."
       ::= { snmp 9 }

   snmpInBadValues OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP PDUs which were
               delivered to the SNMP protocol entity and for
               which the value of the error-status field was
               `badValue'."
       ::= { snmp 10 }







SNMPv3 Working Group      Expires December 2001                [Page 17]

Internet Draft        Protocol Operations for SNMP          14 July 2000


   snmpInReadOnlys OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number valid SNMP PDUs which were delivered
               to the SNMP protocol entity and for which the value
               of the error-status field was `readOnly'.  It should
               be noted that it is a protocol error to generate an
               SNMP PDU which contains the value `readOnly' in the
               error-status field, as such this object is provided
               as a means of detecting incorrect implementations of
               the SNMP."
       ::= { snmp 11 }

   snmpInGenErrs OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP PDUs which were delivered
               to the SNMP protocol entity and for which the value
               of the error-status field was `genErr'."
       ::= { snmp 12 }

   snmpInTotalReqVars OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of MIB objects which have been
               retrieved successfully by the SNMP protocol entity
               as the result of receiving valid SNMP Get-Request
               and Get-Next PDUs."
       ::= { snmp 13 }

   snmpInTotalSetVars OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of MIB objects which have been
               altered successfully by the SNMP protocol entity as
               the result of receiving valid SNMP Set-Request PDUs."
       ::= { snmp 14 }






SNMPv3 Working Group      Expires December 2001                [Page 18]

Internet Draft        Protocol Operations for SNMP          14 July 2000


   snmpInGetRequests OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Get-Request PDUs which
               have been accepted and processed by the SNMP
               protocol entity."
       ::= { snmp 15 }

   snmpInGetNexts OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Get-Next PDUs which have been
               accepted and processed by the SNMP protocol entity."
       ::= { snmp 16 }

   snmpInSetRequests OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Set-Request PDUs which
               have been accepted and processed by the SNMP protocol
               entity."
       ::= { snmp 17 }

   snmpInGetResponses OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Get-Response PDUs which
               have been accepted and processed by the SNMP protocol
               entity."
       ::= { snmp 18 }

   snmpInTraps OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Trap PDUs which have been
               accepted and processed by the SNMP protocol entity."
       ::= { snmp 19 }




SNMPv3 Working Group      Expires December 2001                [Page 19]

Internet Draft        Protocol Operations for SNMP          14 July 2000


   snmpOutTooBigs OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP PDUs which were generated
               by the SNMP protocol entity and for which the value
               of the error-status field was `tooBig.'"
       ::= { snmp 20 }

   snmpOutNoSuchNames OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP PDUs which were generated
               by the SNMP protocol entity and for which the value
               of the error-status was `noSuchName'."
       ::= { snmp 21 }

   snmpOutBadValues OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP PDUs which were generated
               by the SNMP protocol entity and for which the value
               of the error-status field was `badValue'."
       ::= { snmp 22 }

   -- { snmp 23 } is not used

   snmpOutGenErrs OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP PDUs which were generated
               by the SNMP protocol entity and for which the value
               of the error-status field was `genErr'."
       ::= { snmp 24 }










SNMPv3 Working Group      Expires December 2001                [Page 20]

Internet Draft        Protocol Operations for SNMP          14 July 2000


   snmpOutGetRequests OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Get-Request PDUs which
               have been generated by the SNMP protocol entity."
       ::= { snmp 25 }

   snmpOutGetNexts OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Get-Next PDUs which have
               been generated by the SNMP protocol entity."
       ::= { snmp 26 }

   snmpOutSetRequests OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Set-Request PDUs which
               have been generated by the SNMP protocol entity."
       ::= { snmp 27 }

   snmpOutGetResponses OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Get-Response PDUs which
               have been generated by the SNMP protocol entity."
       ::= { snmp 28 }

   snmpOutTraps OBJECT-TYPE
       SYNTAX      Counter32
       MAX-ACCESS  read-only
       STATUS      obsolete
       DESCRIPTION
               "The total number of SNMP Trap PDUs which have
               been generated by the SNMP protocol entity."
       ::= { snmp 29 }







SNMPv3 Working Group      Expires December 2001                [Page 21]

Internet Draft        Protocol Operations for SNMP          14 July 2000


   snmpObsoleteGroup OBJECT-GROUP
       OBJECTS { snmpOutPkts, snmpInTooBigs, snmpInNoSuchNames,
                 snmpInBadValues, snmpInReadOnlys, snmpInGenErrs,
                 snmpInTotalReqVars, snmpInTotalSetVars,
                 snmpInGetRequests, snmpInGetNexts, snmpInSetRequests,
                 snmpInGetResponses, snmpInTraps, snmpOutTooBigs,
                 snmpOutNoSuchNames, snmpOutBadValues,
                 snmpOutGenErrs, snmpOutGetRequests, snmpOutGetNexts,
                 snmpOutSetRequests, snmpOutGetResponses, snmpOutTraps
                 }
       STATUS  obsolete
       DESCRIPTION
               "A collection of objects from RFC 1213 made obsolete
               by this MIB module."
       ::= { snmpMIBGroups 10 }

   END

4.  Notice on Intellectual Property

   The IETF takes no position regarding the validity or scope of any
   intellectual property or other rights that might be claimed to
   pertain to the implementation or use of the technology described in
   this document or the extent to which any license under such rights
   might or might not be available; neither does it represent that it
   has made any effort to identify any such rights.  Information on the
   IETF's procedures with respect to rights in standards-track and
   standards-related documentation can be found in BCP-11.  Copies of
   claims of rights made available for publication and any assurances of
   licenses to be made available, or the result of an attempt made to
   obtain a general license or permission for the use of such
   proprietary rights by implementors or users of this specification can
   be obtained from the IETF Secretariat.

   The IETF invites any interested party to bring to its attention any
   copyrights, patents or patent applications, or other proprietary
   rights which may cover technology that may be required to practice
   this standard.  Please address the information to the IETF Executive
   Director.

5.  Acknowledgments

   This document is the product of the SNMPv3 Working Group.  Some
   special thanks are in order to the following Working Group members:

        Randy Bush
        Jeffrey D. Case
        Mike Daniele



SNMPv3 Working Group      Expires December 2001                [Page 22]

Internet Draft        Protocol Operations for SNMP          14 July 2000


        Rob Frye
        Lauren Heintz
        Keith McCloghrie
        Russ Mundy
        David T. Perkins
        Randy Presuhn
        Aleksey Romanov
        Juergen Schoenwaelder
        Bert Wijnen

   This version of the document, edited by Randy Presuhn, was initially
   based on the work of a design team whose members were:

        Jeffrey D. Case
        Keith McCloghrie
        David T. Perkins
        Randy Presuhn
        Juergen Schoenwaelder

   The  previous versions of this document, edited by Keith McCloghrie,
   was the result of significant work by four major contributors:

        Jeffrey D. Case
        Keith McCloghrie
        Marshall T. Rose
        Steven Waldbusser

   Additionally, the contributions of the SNMPv2 Working Group to the
   previous versions are also acknowledged.  In particular, a special
   thanks is extended for the contributions of:

        Alexander I. Alten
        Dave Arneson
        Uri Blumenthal
        Doug Book
        Kim Curran
        Jim Galvin
        Maria Greene
        Iain Hanson
        Dave Harrington
        Nguyen Hien
        Jeff Johnson
        Michael Kornegay
        Deirdre Kostick
        David Levi
        Daniel Mahoney
        Bob Natale
        Brian O'Keefe



SNMPv3 Working Group      Expires December 2001                [Page 23]

Internet Draft        Protocol Operations for SNMP          14 July 2000


        Andrew Pearson
        Dave Perkins
        Randy Presuhn
        Aleksey Romanov
        Shawn Routhier
        Jon Saperia
        Juergen Schoenwaelder
        Bob Stewart
        Kaj Tesink
        Glenn Waters
        Bert Wijnen

6.  Security Considerations

   There are a number of management objects defined in this MIB that
   have a MAX-ACCESS clause of read-write.  Such objects may be
   considered sensitive or vulnerable in some network environments.  The
   support for SET operations in a non-secure environment without proper
   protection can have a negative effect on network operations.

   SNMPv1 by itself is not a secure environment.  Even if the network
   itself is secure (for example by using IPSec), even then, there is no
   control as to who on the secure network is allowed to access and
   GET/SET (read/change) the objects in this MIB.

   It is recommended that the implementors consider the security
   features as provided by the SNMPv3 framework.  Specifically, the use
   of the User-based Security Model RFC 2574 [RFC2574] and the View-
   based Access Control Model RFC 2575 [RFC2575] is recommended.

   It is then a customer/user responsibility to ensure that the SNMP
   entity giving access to an instance of this MIB, is properly
   configured to give access to the objects only to those principals
   (users) that have legitimate rights to indeed GET or SET (change)
   them.

7.  References

   [RFC1155]   Rose, M., and K. McCloghrie, "Structure and
               Identification of Management Information for TCP/IP-based
               Internets", STD 16, RFC 1155, May 1990.

   [RFC1157]   Case, J., Fedor, M., Schoffstall, M., and J. Davin,
               "Simple Network Management Protocol", STD 15, RFC 1157,
               May 1990.

   [RFC1212]   Rose, M., and K. McCloghrie, "Concise MIB Definitions",
               STD 16, RFC 1212, March 1991.



SNMPv3 Working Group      Expires December 2001                [Page 24]

Internet Draft        Protocol Operations for SNMP          14 July 2000


   [RFC1213]   McCloghrie, K., and M. Rose, "Management Information Base
               for Network Management of TCP/IP-based internets: MIB-
               II", STD 16, RFC 1213, March 1991.

   [RFC1215]   Rose, M., "A Convention for Defining Traps for use with
               the SNMP", RFC 1215, March 1991.

   [RFC1901]   Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
               "Introduction to Community-based SNMPv2", RFC 1901,
               January 1996.

   [RFC2233]   McCloghrie, K., and F.  Kastenholz, "The Interfaces Group
               MIB using SMIv2", RFC 2233, November 1997.

   [RFC2570]   Case, J., Mundy, R., Partain, D., and B. Stewart,
               "Introduction to Version 3 of the Internet-standard
               Network Management Framework", RFC 2570, April 1999.

   [RFC2571]   Harrington, D., Presuhn, R., and B. Wijnen, "An
               Architecture for Describing SNMP Management Frameworks",
               RFC 2571, April 1999.

   [RFC2572]   Case, J., Harrington D., Presuhn R., and B. Wijnen,
               "Message Processing and Dispatching for the Simple
               Network Management Protocol (SNMP)", RFC 2572, April
               1999.

   [RFC2573]   Levi, D., Meyer, P., and B. Stewart, "SNMPv3
               Applications", RFC 2573, April 1999.

   [RFC2574]   Blumenthal, U., and B. Wijnen, "User-based Security Model
               (USM) for version 3 of the Simple Network Management
               Protocol (SNMPv3)", RFC 2574, April 1999.

   [RFC2575]   Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based
               Access Control Model (VACM) for the Simple Network
               Management Protocol (SNMP)", RFC 2575, April 1999.

   [RFC2578]   McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
               Rose, M., and S. Waldbusser, "Structure of Management
               Information Version 2 (SMIv2)", STD 58, RFC 2578, April
               1999.

   [RFC2579]   McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
               Rose, M., and S. Waldbusser, "Textual Conventions for
               SMIv2", STD 58, RFC 2579, April 1999.

   [RFC2580]   McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,



SNMPv3 Working Group      Expires December 2001                [Page 25]

Internet Draft        Protocol Operations for SNMP          14 July 2000


               Rose, M., and S. Waldbusser, "Conformance Statements for
               SMIv2", STD 58, RFC 2580, April 1999.

   [RFC-TM]    Presuhn, R., Case, J., McCloghrie, K., Rose, M., and S.
               Waldbusser, "Transport Mappings for the Simple Network
               Management Protocol",
               <draft-ietf-snmpv3-update-transmap-04.txt>, July 2000.

   [RFC-PROTO] Presuhn, R., Case, J., McCloghrie, K., Rose, M., and S.
               Waldbusser, "Protocol Operations for the Simple Network
               Management Protocol",
               <draft-ietf-snmpv3-update-proto-04.txt>, July 2000.

8.  Editor's Address

   Randy Presuhn
   BMC Software, Inc.
   2141 North First Street
   San Jose, CA  95131
   USA

   Phone: +1 408 546 1006
   EMail: randy_presuhn@bmc.com

9.  Changes from RFC 1907

   These are the changes from RFC 1907:

        -    Corrected typo in copyright statement;

        -    Updated copyright date;

        -    Updated with new editor's name and contact information;

        -    Cosmetic fixes to layout and typography;

        -    Changed title;

        -    Replace introduction with current MIB boilerplate;

        -    Updated references;

        -    Fixed typo in sysORUpTime;

        -    Re-worded description of snmpSilentDrops;

        -    Updated reference to RFC 1573 to 2233;




SNMPv3 Working Group      Expires December 2001                [Page 26]

Internet Draft        Protocol Operations for SNMP          14 July 2000


        -    Added IPR boilerplate as required by RFC 2026;

        -    Weakened authenticationFailure description from MUST to
             MAY, clarified that it pertains to all SNMP entities;

        -    Clarified descriptions of snmpInBadCommunityNames and
             snmpInBadCommunityUses;

        -    Updated module-identity and contact information;

        -    Updated the acknowledgements section;

        -    Replaced references to "manager role", "agent role" and
             "SNMPv2 entity" with appropriate terms from RFC 2571;

        -    Updated document headers and footers;

        -    Added security considerations, based on current
             recommendations for MIB modules.

        -    Added NOTIFICATION-GROUP and OBJECT-GROUP constructs for
             NOTIFICATION-TYPEs and OBJECT-TYPEs that were left
             unreferenced in RFC 1907.

        -    Fixed typos in sysServices DESCRIPTION.

        -    Changed description of snmpProxyDrops to use terms from
             architecture.

        -    Changed value used in example for sysObjectID.

        -    Added an abstract.

10.  Issues

   This section is to be deleted when it is time to publish this
   document as an RFC.  The issue labels are the same as those used in
   the on-line issues list at
   ftp://amethyst.bmc.com/pub/snmpv3/Update567/rfc1907/index.html

        1907-01   Done; title changed.

        1907-02   Done; replaced introduction with current MIB
                  boilerplate.

        1907-03   Done; resolution was to make no change.

        1907-04   Done; replaced occurrences of "SNMPv2 entity",



SNMPv3 Working Group      Expires December 2001                [Page 27]

Internet Draft        Protocol Operations for SNMP          14 July 2000


                  "manager role", and "agent role" with appropriate
                  terms from architecture.

        1907-05   Done; typo fixed.

        1907-06   Done; resolution was to make no change.

        1907-07   Done; description of snmpSilentDrops updated.

        1907-08   Done; reference to RFC 1573 replaced with reference to
                  RFC 2233.

        1907-9   Done; resolution was to make no change.

        1907-10   Done; resolution was to make no change.

        1907-11   Done; resolution was to make no change.

        1907-12   Done; added security considerations based on
                  recommended text from http://www.ops.ietf.org/

        1907-13   Done; references and acknowledgements updated.

        1907-14   Done; IPR boilerplate aligned with RFC 2026.

        1907-15   Done; authenticationFailure weakened to MAY but
                  permitted for all protocol versions.

        1907-16   Done; resolution was to make no change.

        1907-17   Done; clarified descriptions of
                  snmpInBadCommunityNames and snmpInBadCommunityUses.

        1907-18   Done; resolution was to make no change.

        1907-19   Done; conformance material added.

        1907-20   Done; resolution was to make no change.

11.  Full Copyright Statement

   Copyright (C) The Internet Society (2000).  All Rights Reserved.

   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are



SNMPv3 Working Group      Expires December 2001                [Page 28]

Internet Draft        Protocol Operations for SNMP          14 July 2000


   included on all such copies and derivative works.  However, this
   document itself may not be modified in any way, such as by removing
   the copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of
   developing Internet standards in which case the procedures for
   copyrights defined in the Internet Standards process must be
   followed, or as required to translate it into languages other than
   English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assigns.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
   MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

































SNMPv3 Working Group      Expires December 2001                [Page 29]