Network Working Group // 网络工作组 S. Waldbusser
Request for Comments: 2819 //请求评论 2819 Lucent Technologies
STD: 59 May 2000
Obsoletes: 1757 // 过时的 1757
Category: Standards Track //类别:标准跟踪
Remote Network Monitoring Management Information Base
//远程网络监视管理信息库
Status of this Memo
//这个备忘录的状态
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
//这个文档指定一个网络标准踪迹协议关于网络社区,并且请求讨论和建议为了改善
//请参考现今版本网络官方协议标准研究这个协议的标准情况和状态,这个备忘录的分发是无限的。
Copyright Notice
//版权通告
Copyright (C) The Internet Society (2000). All Rights Reserved.
//版权网络社会,保留所有权利
Abstract//抽象的
This memo defines a portion of the Management Information Base (MIB)//这个备忘录定义管理信息库的一部分为的是使用网络管理协议基于TCP/IPs
for use with network management protocols in TCP/IP-based internets.
In particular, it defines objects for managing remote network //特别的,它定义了对象,为的是远程遥控管理网络和监视设备。
monitoring devices.
This memo obsoletes RFC 1757. This memo extends that specification by //这个备忘录过时的版本是RFC1757,这个备忘录
documenting the RMON MIB in SMIv2 format while remaining semantically //这个备忘录继承那个规格, 什么样的规格,通过文件编制RMON MIB
//在SMLv2格式然而保持语义相同基于SMlv1MIB
identical to the existing SMIv1-based MIB.
Waldbusser Standards Track [Page 1]
RFC 2819 Remote Network Monitoring MIB May 2000
Table of Contents //目录内容
1 The SNMP Management Framework .............................. 2 //SNMP管理框架
2 Overview ................................................... 3//综述,概述
2.1 Remote Network Management Goals .......................... 4 //远程网络管理目的
2.2 Textual Conventions ...................................... 5 //文字约定
2.3 Structure of MIB ......................................... 5//MIB的组织
2.3.1 The Ethernet Statistics Group .......................... 6 //以太网统计组
2.3.2 The History Control Group .............................. 6//历史控制组
2.3.3 The Ethernet History Group ............................. 6//以太网历史组
2.3.4 The Alarm Group ........................................ 7//报警组
2.3.5 The Host Group ......................................... 7//主机群
2.3.6 The HostTopN Group ..................................... 7//HostTopN组
2.3.7 The Matrix Group ....................................... 7//矩阵组
2.3.8 The Filter Group ....................................... 7// 滤波器组
2.3.9 The Packet Capture Group ............................... 8//包捕获组
2.3.10 The Event Group ....................................... 8//事件组
3 Control of Remote Network Monitoring Devices ............... 8//远程网络监控设备的控制
3.1 Resource Sharing Among Multiple Management Stations ... 9//资源共享在多个管理站
3.2 Row Addition Among Multiple Management Stations .......... 10//多个管理站之间的行添加
4 Conventions ................................................ 11//约定
5 Definitions ................................................ 12//定义
6 Security Considerations .................................... 94//安全性考虑事件
7 Acknowledgments ............................................ 95//感谢
8 Author's Address ........................................... 95//作者地址
9 References ................................................. 95//参考
10 Intellectual Property ..................................... 97//知识产权
11 Full Copyright Statement .................................. 98//完整的版权声明
1. The SNMP Management Framework//SNMP管理框架
The SNMP Management Framework presently consists of five major
components:
//SNMP管理框架目前组成由五个组要的组件
o An overall architecture, described in RFC 2571 [1].//RFC 2571描述的总体架构
o Mechanisms for describing and naming objects and events for the //描述机构和命名对象,事件是管理的目的
purpose of management. The first version of this Structure of //管理信息的这个结构的第一个版本的叫做SMsv1 ,并且它被描述在 STD
//16, RFC 1155 [2], STD 16, RFC 1212 [3] and RFC 1215 [4]中
Management Information (SMI) is called SMIv1 and described in STD
16, RFC 1155 [2], STD 16, RFC 1212 [3] and RFC 1215 [4]. The
second version, called SMIv2, is described in STD 58, RFC 2578
[5], RFC 2579 [6] and RFC 2580 [7].
//第二个版本叫做SMlv2,被描述在STD 58, RFC 2578 [5], RFC 2579 [6] and RFC 2580 [7]中
o Message protocols for transferring management information. The //用于传输管理信息的的消息协议
first version of the SNMP message protocol is called SNMPv1 and // SNMP信息协议的第一个版本叫做SNMPv1被描述在STD 15, RFC 1157 [8]中
described in STD 15, RFC 1157 [8]. A second version of the SNMP //SNMP的没有网上标准追踪协议的第二个版本信息协议,叫做SNMPv2被描述 //RFC 1901 [9] and RFC 1906 [10],第三个协议版本叫做SNMPv3被描述
message protocol, which is not an Internet standards track //RFC 1906 [10], RFC 2572 [11] and RFC 2574中
[12]
protocol, is called SNMPv2c and described in RFC 1901 [9] and RFC
Waldbusser Standards Track [Page 2]
RFC 2819 Remote Network Monitoring MIB May 2000
1906 [10]. The third version of the message protocol is called
SNMPv3 and described in RFC 1906 [10], RFC 2572 [11] and RFC 2574
[12].
o Protocol operations for accessing management information. The //协议操作用于进入管理信息
first set of protocol operations and associated PDU formats is //第一个协议操作和联合PDU格式是被描述在STD 15, RFC 1157 [8]中
described in STD 15, RFC 1157 [8]. A second set of protocol //第二个操作协议和关联PDU 形式 是被描述在RFC 1905中
operations and associated PDU formats is described in RFC 1905
[13].
o A set of fundamental applications described in RFC 2573 [14] and //一组基础应用被描述在RFC 2573 [14]并且基于视图的访问控制机制被描述
the view-based access control mechanism described in RFC 2575
[15].
A more detailed introduction to the current SNMP Management Framework //当今的SNMP管理框架更多细节说明在RFC 2570 [22]
can be found in RFC 2570 [22].
Managed objects are accessed via a virtual information store, termed //管理对象进入经过一个虚拟的信息商店,把管理信息库称作MIB
the Management Information Base or MIB. Objects in the MIB are
defined using the mechanisms defined in the SMI. //对象在MIB中是被定义使用机制定义在SMI
This memo specifies a MIB module that is compliant to the SMIv2. //这个备忘录 指定一个顺从SMlv2的MIB模块
MIB conforming to the SMIv1 can be produced through the appropriate //MIB符合SMlv1 可以生产通过适当的翻译
translations. The resulting translated MIB must be semantically //结果关联MIB一定是符合语义等效的
equivalent, except where objects or events are omitted because no//chu
translation is possible (use of Counter64). Some machine readable
information in SMIv2 will be converted into textual descriptions in
SMIv1 during the translation process. However, this loss of machine
readable information is not considered to change the semantics of the
MIB.
//一些机器可读SMIv2中的信息将被转换为in中的文本描述SMIv1在翻译过程中。然而,这是机器的损失可读的信息不会被认为改变的语义MIB。
2. Overview 综述
Remote network monitoring devices, often called monitors or probes,
are instruments that exist for the purpose of managing a network. //远程网络监控设备,通常称为监视器或探测器,
是为管理网络而存在的工具。
Often these remote probes are stand-alone devices and devote
significant internal resources for the sole purpose of managing a //通常,这些远程探测器是独立的设备和专用设备重要的内部资源,仅用于管理一个网络。
network. An organization may employ many of these devices, one per
network segment, to manage its internet. In addition, these devices
may be used for a network management service provider to access a
client network, often geographically remote.//一个组织可以使用许多这样的设备,每个设备一个网络细分,管理其互联网。此外,这些设备可用于网络管理服务提供商访问客户网络,通常地理位置遥远。
The objects defined in this document are intended as an interface
between an RMON agent and an RMON management application and are not
intended for direct manipulation by humans. While some users may
tolerate the direct display of some of these objects, few will //本文档中定义的对象是RMON代理和RMON管理应用程序之间的接口,不打算由人工直接操作。有些用户可能会能够容忍直接展示其中一些对象的人很少
Waldbusser Standards Track [Page 3]
RFC 2819 Remote Network Monitoring MIB May 2000
tolerate the complexity of manually manipulating objects to //允许手动操作的复杂性为了行创建完成。
accomplish row creation. These functions should be handled by the//这些功能应该被用来管理应用程序
management application.
While most of the objects in this document are suitable for the
management of any type of network, there are some which are specific
to managing Ethernet networks. These are the objects in the
etherStatsTable, the etherHistoryTable, and some attributes of the
filterPktStatus and capturBufferPacketStatus objects. The design of
this MIB allows similar objects to be defined for other network
types. It is intended that future versions of this document and
additional documents will define extensions for other network types.
//虽然本文档中的大多数对象都适合管理任何类型的网络,但也有一些特定于管理以太网的对象。这些是etherStatsTable、etherHistoryTable中的对象,以及filterPktStatus和capturBufferPacketStatus对象的一些属性。MIB的设计允许为其他网络类型定义类似的对象。本文档和其他文档的未来版本将定义其他网络类型的扩展。
There are a number of companion documents to the RMON MIB. The Token
Ring RMON MIB [19] provides objects specific to managing Token Ring
networks. The RMON-2 MIB [20] extends RMON by providing RMON analysis
up to the application layer层. The SMON MIB [21] extends RMON by
providing RMON analysis for switched networks.
//有一些RMON MIB的配套文件。令牌Ring RMON MIB[19]提供了特定于管理令牌环的对象网络。RMON-2 MIB[20]通过提供RMON分析扩展了RMON一直到应用层。SMON MIB[21]扩展了RMON by为交换网络提供RMON分析。
2.1. Remote Network Management Goals//远程网络管理目标
o Offline Operation //离线操作
There are sometimes conditions when a management station will
not be in constant contact with its remote monitoring devices.//有时管理站会有这样的条件不要经常与远程监控设备接触。
This is sometimes by design in an attempt to lower
communications costs (especially when communicating over a WAN
or dialup link), or by accident as network failures affect the
communications between the management station and the probe.
//这有时是故意的,目的是降低通信成本(特别是在广域网上通信时)或拨号连接),或由于意外网络故障影响管理站和探测器之间的通信。communication通信交流
For this reason, this MIB allows a probe to be configured to//因为这个原因,这个mib允许一个探测去配置
perform diagnostics and to collect statistics continuously, even
when communication with the management station may not be
possible or efficient. The probe may then attempt to notify the
management station when an exceptional condition occurs. Thus,
even in circumstances where communication between management
station and probe is not continuous, fault, performance, and
configuration information may be continuously accumulated and
communicated to the management station conveniently and
efficiently.//因此,这个MIB允许将探测配置为执行诊断并持续收集统计信息当与管理站沟通时可能不方便可能或有效的。然后,探测可能尝试通知异常情况发生时的管理站。因此,即使在管理层沟通的情况下工位和连续、故障、性能、和配置信息可以不断累积和与管理站的沟通方便快捷高效。
o Proactive Monitoring//主动监测
Given the resources available on the monitor, it is potentially
helpful for it continuously to run diagnostics and to log
network performance. The monitor is always available at the
onset of any failure. It can notify the management station of //考虑到监视器上可用的资源,这是可能的有助于它连续运行诊断和日志网络性能。显示器总是可以用的任何失败的开始。它可以通知管理站可以存储关于故障的历史统计信息。这个历史信息可以播放由管理站返回,试图进一步执行诊断出问题的原因。
the failure and can store historical statistical information
Waldbusser Standards Track [Page 4]
RFC 2819 Remote Network Monitoring MIB May 2000
about the failure. This historical information can be played
back by the management station in an attempt to perform further
diagnosis into the cause of the problem.
o Problem Detection and Reporting //问题探测和报导
The monitor can be configured to recognize conditions, most //这个监视器可以配置辨别状况,大多数错误状况,不断的检查他们。当这些错误发生,时间可以被日志记录下来。管理站可以是通知通过各种方式。
notably error conditions, and continuously to check for them.
When one of these conditions occurs, the event may be logged,
and management stations may be notified in a number of ways.
o Value Added Data 增值数据
Because a remote monitoring device represents a network resource//因为远程监视设备代表网络资源专用于网络管理功能,以及因为它直接位于网络,远程网络监视设备具有有机会为其收集的数据增加可观的价值。
dedicated exclusively to network management functions, and
because it is located directly on the monitored portion of the
network, the remote network monitoring device has the
opportunity to add significant value to the data it collects.
For instance, by highlighting those hosts on the network that
generate the most traffic or errors, the probe can give the//产生最多的流量或错误,探测针可以正确地解决该问题所需的信息问题类别
management station precisely the information it needs to solve a
class of problems.
o Multiple Managers//多名管理者
An organization may have multiple management stations for
different units of the organization, for different functions
(e.g. engineering and operations), and in an attempt to provide
disaster recovery. Because environments with multiple
management stations are common, the remote network monitoring
device has to deal with more than own management station,
potentially using its resources concurrently.//一个组织可能有多个管理站组织的不同单位,有不同的职能(例如工程和操作),并试图提供灾难恢复。因为有多个管理站常见,对网络进行远程监控设备要处理的不仅仅是自己的管理站,可能并发地使用它的资源。
2.2. Textual Conventions
Two new data types are introduced as a textual convention in this MIB
document, OwnerString and EntryStatus.//在此MIB中引入了两种新的数据类型作为文本约定文档,OwnerString和EntryStatus。
2.3. Structure of MIB
The objects are arranged into the following groups://这对象分为一下几组
- ethernet statistics//以太网统计
- history control//历史控制
- ethernet history//以太网历史
- alarm//警报
- host//主机
Waldbusser Standards Track [Page 5]
RFC 2819 Remote Network Monitoring MIB May 2000
- hostTopN
- matrix//矩阵
- filter//过滤器
- packet capture//数据包捕捉
- event//事件
These groups are the basic unit of conformance. If a remote//这些组是基于单元的一致性。,如果远程监视装置实现一个组,他们一定实现所有的对象在哪个组。
monitoring device implements a group, then it must implement all
objects in that group. For example, a managed agent that implements
//比如一个管理的代理实现这个主机组,那么一定实现主机控制表、主机表和主机时间表
the host group must implement the hostControlTable, the hostTable and
the hostTimeTable. While this section provides an overview of//这个章节提供了一个概述组和MIB一致性的信息,权威的参考比如信息是包含模型一致和对象组宏滞后在MIB中。
grouping and conformance information for this MIB, the authoritative
reference for such information is contained in the MODULE-COMPLIANCE
and OBJECT-GROUP macros later in this MIB.
All groups in this MIB are optional. Implementations of this MIB
must also implement the system group of MIB-II [16] and the IF-MIB
[17]. MIB-II may also mandate the implementation of additional
groups.//这个MIB中的所有组都是可选的。这个MIB的实现还必须实现MIB- ii[16]的系统组和IF-MIB[17]。MIB-II也可授权执行其他小组。
These groups are defined to provide a means of assigning object
identifiers, and to provide a method for implementors of managed
agents to know which objects they must implement.//定义这些组是为了提供分配对象的方法标识符,并为托管代理的实现者提供一种方法,使其知道必须实现哪些对象。
2.3.1. The Ethernet Statistics Group//以太网统计数据组
The ethernet statistics group contains statistics measured by the
probe for each monitored Ethernet interface on this device. This
group consists of the etherStatsTable.//属性测量得到的统计信息探测此设备上的每个监视的以太网接口。这组由etherStatsTable组成。
2.3.2. The History Control Group//历史控制组
The history control group controls the periodic statistical sampling
of data from various types of networks. This group consists of the
historyControlTable.//历史控制组控制不同类型网络数据的周期性统计抽样。这个组由historyControlTable组成。
2.3.3. The Ethernet History Group//以太网历史组
The ethernet history group records periodic statistical samples from
an ethernet network and stores them for later retrieval. This group
consists of the etherHistoryTable.//以太网历史组记录来自的定期统计样本 一个以太网网络,并存储它们供以后检索。这一组由以太历史表组成。
Waldbusser Standards Track [Page 6]
RFC 2819 Remote Network Monitoring MIB May 2000
2.3.4. The Alarm Group//报警组
The alarm group periodically takes statistical samples from variables//警报组定期从探测器中的变量中获取统计样本,并将它们与之前配置的阈值进行比较。
in the probe and compares them to previously configured thresholds.
If the monitored variable crosses a threshold, an event is generated.//如果监视的变量超过阈值,就会生成一个事件。
A hysteresis mechanism is implemented to limit the generation of
alarms. This group consists of the alarmTable and requires the
implementation of the event group.//采用滞后机制来限制警报的产生。这个组由alarmTable组成,需要实现事件组。
2.3.5. The Host Group//主机群
The host group contains statistics associated with each host//这个主机组包含统计学关联
discovered on the network. This group discovers hosts on the network
by keeping a list of source and destination MAC Addresses seen in
good packets promiscuously received from the network. This group
consists of the hostControlTable, the hostTable, and the
hostTimeTable.//主机组包含与网络上发现的每个主机相关联的统计信息。这个组通过保存从网络杂乱地接收到的好包中看到的源和目标MAC地址列表来发现网络上的主机。这个组由主机控制表、主机表和主机时间表组成。
2.3.6. The HostTopN Group
The hostTopN group is used to prepare reports that describe the hosts
that top a list ordered by one of their statistics. The available
statistics are samples of one of their base statistics over an
interval specified by the management station. Thus, these statistics
are rate based. The management station also selects how many such
hosts are reported. This group consists of the hostTopNControlTable
and the hostTopNTable, and requires the implementation of the host
group.//hostTopN组用于准备报告,这些报告描述了按某个统计信息排序的列表顶部的主机。可用的统计信息是管理站指定的时间间隔内的基本统计信息之一的样本。因此,这些统计是基于速率的。管理站还选择报告多少这样的主机。这个组由hostTopNControlTable和hostTopNTable组成,需要主机组的实现。
2.3.7. The Matrix Group
The matrix group stores statistics for conversations between sets of
two addresses. As the device detects a new conversation, it creates
a new entry in its tables. This group consists of the
matrixControlTable, the matrixSDTable and the matrixDSTable.//矩阵组存储两个地址集之间的对话统计信息。当设备检测到一个新的对话时,它在其表中创建一个新的条目。这个组由matrixControlTable、matrixSDTable和matrixDSTable组成。
2.3.8. The Filter Group
The filter group allows packets to be matched by a filter equation.
These matched packets form a data stream that may be captured or may
generate events. This group consists of the filterTable and the
channelTable.//筛选器组允许用筛选器等式来匹配信息包。这些匹配的包形成一个数据流,这个数据流可以被捕获,也可以生成事件。这个组由filterTable和channelTable组成。
Waldbusser Standards Track [Page 7]
RFC 2819 Remote Network Monitoring MIB May 2000
2.3.9. The Packet Capture Group
The Packet Capture group allows packets to be captured after they
flow through a channel. This group consists of the
bufferControlTable and the captureBufferTable, and requires the
implementation of the filter group.//包捕获组允许在包流经通道后捕获它们。这个组由bufferControlTable和captureBufferTable组成,需要执行筛选器组。
2.3.10. The Event Group
The event group controls the generation and notification of events
from this device. This group consists of the eventTable and the
logTable.//事件组控制来自该设备的事件的生成和通知。该组由事件表和日志表组成。
3. Control of Remote Network Monitoring Devices
Due to the complex nature of the available functions in these
devices, the functions often need user configuration. In many cases,
the function requires parameters to be set up for a data collection
operation. The operation can proceed only after these parameters are
fully set up.//由于这些函数的复杂性设备、功能往往需要用户配置。在许多情况下,该函数需要为数据收集设置参数操作。只有在这些参数设置完成后,操作才能继续完全建立。
Many functional groups in this MIB have one or more tables in which
to set up control parameters, and one or more data tables in which to
place the results of the operation. The control tables are typically
read-write in nature, while the data tables are typically read-only.
Because the parameters in the control table often describe resulting
data in the data table, many of the parameters can be modified only
when the control entry is invalid. Thus, the method for modifying
these parameters is to invalidate the control entry, causing its
deletion and the deletion of any associated data entries, and then
create a new control entry with the proper parameters. Deleting the
control entry also gives a convenient method for reclaiming the
resources used by the associated data.//这个MIB中的许多功能组都有一个或多个表本质上是读写,而数据表通常是只读的。数据表中,许多参数只能修改控件项无效时。因此,修改的方法 这些参数将使控制项无效,从而导致其 删除和删除任何相关的数据项,然后 使用适当的参数创建一个新的控件条目。删除 控件项还提供了一种方便的回收方法 关联数据使用的资源。
Some objects in this MIB provide a mechanism to execute an action on
the remote monitoring device. These objects may execute an action as
a result of a change in the state of the object. For those objects
in this MIB, a request to set an object to the same value as it
currently holds would thus cause no action to occur.//这个MIB中的一些对象提供了在远程监控设备上执行操作的机制。这些对象可能由于对象状态的变化而执行某个操作。对这些对象
To facilitate control by multiple managers, resources have to be
shared among the managers. These resources are typically the memory
and computation resources that a function requires.//为了方便控制通过多管理者,资源不得不分享在管理者当中,这些资源通常是需要一个函数需要和计算资源。
Waldbusser Standards Track [Page 8]
RFC 2819 Remote Network Monitoring MIB May 2000
3.1. Resource Sharing Among Multiple Management Stations//多个管理站之间的资源共享
When multiple management stations wish to use functions that compete
for a finite amount of resources on a device, a method to facilitate
this sharing of resources is required. Potential conflicts include://当多个管理站点希望使用在devicea方法上竞争有限数量资源的函数来促进这种资源共享时,就需要使用这种方法。潜在的冲突包括:
o Two management stations wish to simultaneously use resources
that together would exceed the capability of the device.//两个管理站希望同时使用资源 这些加在一起将超过该设备的能力。
o A management station uses a significant amount of resources for
a long period of time.//管理站会使用大量资源 很长一段时间。
o A management station uses resources and then crashes,//管理站使用资源,然后崩溃, 忘记释放资源以便他人使用。
forgetting to free the resources so others may use them.
A mechanism is provided for each management station initiated
function in this MIB to avoid these conflicts and to help resolve
them when they occur. Each function has a label identifying the
initiator (owner) of the function. This label is set by the
initiator to provide for the following possibilities://为这个MIB中每个管理站发起的功能提供了一种机制,以避免这些冲突,并在冲突发生时帮助解决它们。每个函数都有一个标识函数的发起者(所有者)的标签。此标签由发起者设置,以提供以下可能性:
o A management station may recognize resources it owns and no
longer needs.
o A network operator can find the management station that owns
the resource and negotiate for it to be freed.
o A network operator may decide to unilaterally free resources
another network operator has reserved.
o Upon initialization, a management station may recognize
resources it had reserved in the past. With this information
it may free the resources if it no longer needs them.//管理站可以识别它所拥有的资源和编号 不再需要。 网络操作员可以找到所拥有的管理站 资源并协商释放它。 网络营办商可单方面决定免费提供资源 另一家网络运营商已经预定了。 初始化后,管理站可以识别 它过去保留的资源。根据这些信息 如果不再需要资源,它可能会释放它们。
Management stations and probes should support any format of the owner
string dictated by the local policy of the organization. It is
suggested that this name contain one or more of the following: IP
address, management station name, network manager's name, location,
or phone number. This information will help users to share the
resources more effectively.//管理站和探测应该支持组织的本地策略指定的所有者字符串的任何格式。建议该名称包含以下一个或多个名称:IP地址、管理站名称、网络管理员名称、位置或电话号码。这些信息将帮助用户更有效地共享资源。
There is often default functionality that the device or the
administrator of the probe (often the network administrator) wishes
to set up. The resources associated with this functionality are then
owned by the device itself or by the network administrator, and are
intended to be long-lived. In this case, the device or the
administrator will set the relevant owner object to a string starting
with 'monitor'. Indiscriminate modification of the monitor-owned
configuration by network management stations is discouraged. In
fact, a network management station should only modify these objects
under the direction of the administrator of the probe.//通常有设备或。的默认功能探测器的管理员(通常是网络管理员)希望设置。与此功能相关联的资源是
由设备本身或网络管理员拥有,并且是想要长存。在这种情况下,设备或管理员将相关的所有者对象设置为一个字符串开始“监控”。不加选择地修改监督人员所有的文件不鼓励通过网络管理站进行配置。在事实上,一个网管站应该只修改这些对象在探测器管理员的指导下 。
Waldbusser Standards Track [Page 9]
RFC 2819 Remote Network Monitoring MIB May 2000
Resources on a probe are scarce and are typically allocated when
control rows are created by an application. Since many applications
may be using a probe simultaneously, indiscriminate allocation of
resources to particular applications is very likely to cause resource
shortages in the probe.//探测上的资源是稀缺的,通常在应用程序创建控件行时分配。由于许多应用程序可能同时使用探测,所以不加选择地分配
When a network management station wishes to utilize a function in a
monitor, it is encouraged to first scan the control table of that
function to find an instance with similar parameters to share. This
is especially true for those instances owned by the monitor, which
can be assumed to change infrequently. If a management station
decides to share an instance owned by another management station, it
should understand that the management station that owns the instance
may indiscriminately modify or delete it.//当网管站希望在监视器中使用某个函数时,建议首先扫描该函数的控制表,以找到具有相似参数的实例来共享。对于由监视器拥有的实例尤其如此,可以假定这些实例不经常更改。如果一个管理站决定共享另一个管理站拥有的实例,它可以不加区别地修改或删除它。
It should be noted that a management application should have the most
trust in a monitor-owned row because it should be changed very
infrequently. A row owned by the management application is less
long-lived because a network administrator is more likely to re-
assign resources from a row that is in use by one user than from a
monitor-owned row that is potentially in use by many users. A row
owned by another application would be even less long-lived because
the other application may delete or modify that row completely at its
discretion.//应该注意的是,管理应用程序应该最信任监视器拥有的行,因为它应该很少更改。管理应用程序拥有的行寿命较短,因为网络管理员更可能从一个用户使用的行重新分配资源,而不是从可能由许多用户使用的监视器拥有的行重新分配资源。另一个应用程序拥有的行甚至更短,因为另一个应用程序可以完全根据自己的判断删除或修改该行。
3.2. Row Addition Among Multiple Management Stations//多个管理站之间的行添加
The addition of new rows is achieved using the method described in
RFC 1905 [13]. In this MIB, rows are often added to a table in order
to configure a function. This configuration usually involves
parameters that control the operation of the function. The agent
must check these parameters to make sure they are appropriate given
restrictions defined in this MIB as well as any implementation
specific restrictions such as lack of resources. The agent
implementor may be confused as to when to check these parameters and
when to signal to the management station that the parameters are
invalid. There are two opportunities://添加新行是使用RFC 1905[13]中描述的方法实现的。在这个MIB中,为了配置一个函数,通常会将行添加到一个表中。这种配置通常涉及控制函数操作的参数。代理必须检查这些参数,以确保它们在这个MIB中定义的限制以及任何实现中都是合适的特定的限制,如缺乏资源。代理实现者可能会混淆什么时候检查这些参数,什么时候向管理站发出这些参数无效的信号。有两个机会:
o When the management station sets each parameter object.
//当管理站设置每个参数对象时。
o When the management station sets the entry status object to
valid.//管理站将进入状态对象设置为有效的。
If the latter is chosen, it would be unclear to the management
station which of the several parameters was invalid and caused the
badValue error to be emitted. Thus, wherever possible, the
implementor should choose the former as it will provide more
information to the management station.//如果选择后者,管理站就不清楚这几个参数中哪些是无效的,从而导致发出badValue错误。因此,在可能的情况下,实现者应该选择前者,因为它将向管理站提供更多的信息。
Waldbusser Standards Track [Page 10]
RFC 2819 Remote Network Monitoring MIB May 2000
A problem can arise when multiple management stations attempt to set
configuration information simultaneously using SNMP. When this
involves the addition of a new conceptual row in the same control
table, the managers may collide, attempting to create the same entry.
To guard against these collisions, each such control entry contains a
status object with special semantics that help to arbitrate among the
managers. If an attempt is made with the row addition mechanism to
create such a status object and that object already exists, an error
is returned. When more than one manager simultaneously attempts to
create the same conceptual row, only the first can succeed. The
others will receive an error.//当多个管理站试图使用SNMP同时设置配置信息时,可能会出现问题。当这涉及到在同一个控制表中添加一个新的概念行时,管理器可能会发生冲突,试图创建相同的条目。为了防止这些冲突,每个这样的控制条目都包含一个状态对象,该对象具有特殊的语义,有助于在管理器之间仲裁。如果尝试使用行添加机制来创建这样一个状态对象,并且该对象已经存在,则返回一个错误。当多个经理同时尝试创建相同的概念行时,只有第一个经理能够成功。其他的将会收到一个错误。
When a manager wishes to create a new control entry, it needs to
choose an index for that row. It may choose this index in a variety
of ways, hopefully minimizing the chances that the index is in use by
another manager. If the index is in use, the mechanism mentioned
previously will guard against collisions. Examples of schemes to
choose index values include random selection or scanning the control
table looking for the first unused index. Because index values may
be any valid value in the range and they are chosen by the manager,
the agent must allow a row to be created with any unused index value
if it has the resources to create a new row.//当管理器希望创建一个新的控制项时,它需要为该行选择一个索引。它可以以多种方式选择这个索引,希望尽可能减少另一个经理使用该索引的机会。如果正在使用索引,则前面提到的机制将防止冲突。选择索引值的方案示例包括随机选择或扫描控制表寻找第一个未使用的索引。因为索引值可以是范围内的任何有效值,并且是由管理器选择的,所以如果代理拥有创建新行所需的资源,那么它必须允许使用任何未使用的索引值来创建行。
Some tables in this MIB reference other tables within this MIB. When
creating or deleting entries in these tables, it is generally
allowable for dangling references to exist. There is no defined
order for creating or deleting entries in these tables.//这个MIB中的一些表引用这个MIB中的其他表。在创建或删除这些表中的条目时,通常允许悬空引用存在。在这些表中没有定义创建或删除条目的顺序
4. Conventions
The following conventions are used throughout the RMON MIB and its
companion documents.//以下的约定在RMON MIB和它的相关文档中被使用。
Good Packets
Good packets are error-free packets that have a valid frame length.
For example, on Ethernet, good packets are error-free packets that
are between 64 octets long and 1518 octets long. They follow the
form defined in IEEE 802.3 section 3.2.all.//好的包是没有错误的包,具有有效的帧长度。例如,在以太网中,好的数据包是没有错误的数据包,长度在64字节到1518字节之间。他们遵循在IEEE 802.3节中定义的形式。
Bad Packets
Bad packets are packets that have proper framing and are therefore
recognized as packets, but contain errors within the packet or have
an invalid length. For example, on Ethernet, bad packets have a
valid preamble and SFD, but have a bad CRC, or are either shorter
than 64 octets or longer than 1518 octets.//坏的封包是有适当的分幅并且因此被识别为封包,但是在封包中包含错误或有无效长度的封包。例如,在以太网上,坏包有一个有效的序言和SFD,但是有一个坏的CRC,或者短于64字节或长于1518字节。
Waldbusser Standards Track [Page 11]
RFC 2819 Remote Network Monitoring MIB May 2000
5.略
6. Security Considerations//安全考虑
In order to implement this MIB, a probe must capture all packets on
the locally-attached network, including packets between third
parties. These packets are analyzed to collect network addresses,
protocol usage information, and conversation statistics. Data of this
nature may be considered sensitive in some environments. In such
environments the administrator may wish to restrict SNMP access to
the probe.//为了实现这个MIB,探测器必须捕获本地连接网络上的所有数据包,包括第三方之间的数据包。这些数据包被分析来收集网络地址, 协议使用信息和会话统计信息。在某些环境中,这种性质的数据可能被认为是敏感的。在这种环境中,管理员可能希望限制SNMP对探测的访问。
This MIB also includes functions for returning the contents of
captured packets, potentially including sensitive user data or
passwords. It is recommended that SNMP access to these functions be
restricted.// 这个MIB还包括返回捕获包内容的函数,可能包括敏感的用户数据或密码。建议限制SNMP对这些函数的访问。
There are a number of management objects defined in this MIB that
have a MAX-ACCESS clause of read-write and/or read-create. Such
objects may be considered sensitive or vulnerable in some network
environments. The support for SET operations in a non-secure
environment without proper protection can have a negative effect on
network operations.//在这个MIB中定义了许多管理对象,它们具有读写和/或读写创建的最大访问子句。在某些网络中,这些对象可能被认为是敏感的或脆弱的环境。在不安全的环境中,如果没有适当的保护,对SET操作的支持可能会对网络操作产生负面影响。
SNMPv1 by itself is not a secure environment. Even if the network
itself is secure (for example by using IPSec), even then, there is no
control as to who on the secure network is allowed to access and
GET/SET (read/change/create/delete) the objects in this MIB.//SNMPv1本身并不是一个安全的环境。即使网络本身是安全的(例如通过使用IPSec),即使这样,也无法控制安全网络上的哪些人可以访问和获取/设置(读取/更改/创建/删除)这个MIB中的对象。
It is recommended that the implementors consider the security
features as provided by the SNMPv3 framework. Specifically, the use
of the User-based Security Model RFC 2574 [12] and the View-based
Access Control Model RFC 2575 [15] is recommended.//建议实现者考虑SNMPv3框架提供的安全特性。具体来说,使用基于用户的安全模型RFC 2574和基于视图的[12]建议使用RFC 2575[15]访问控制模型。
It is then a customer/user responsibility to ensure that the SNMP
entity giving access to an instance of this MIB, is properly
configured to give access to the objects only to those principals
(users) that have legitimate rights to indeed GET or SET
(change/create/delete) them.//然后,客户/用户有责任确保授予对该MIB实例访问权的SNMP实体被正确配置为仅将对对象的访问权授予那些具有确实获取或设置(更改/创建/删除)它们的合法权限的主体(用户)。
Waldbusser Standards Track [Page 94]
RFC 2819 Remote Network Monitoring MIB May 2000
7. Acknowledgments
This document was produced by the IETF Remote Network Monitoring
Working Group.//这个文档是由IETF远程网络监控生成的 工作小组。
8. Author's Address
Steve Waldbusser
Phone: +1-650-948-6500
Fax: +1-650-745-0671
Email: waldbusser@nextbeacon.com
9. References//参考文献
[1] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for
Describing SNMP Management Frameworks", RFC 2571, April 1999.
//李建民,“网路管理架构之设计与应用”,国立中央大学管理研究所硕士论文,1999年七月。
[2] Rose, M. and K. McCloghrie, "Structure and Identification of
Management Information for TCP/IP-based Internets", STD 16, RFC
1155, May 1990.
//黄文华,“网际网路管理资讯的结构与辨识”,国立中央大学资讯工程学研究所硕士论文,1990年三月。
[3] Rose, M. and K. McCloghrie, "Concise MIB Definitions", STD 16,
RFC 1212, March 1991.
//罗斯,M.和K. McCloghrie,“简明MIB定义”,STD 16, RFC 1212, 1991年3月。
[4] Rose, M., "A Convention for Defining Traps for use with the
SNMP", RFC 1215, March 1991.
//“定义SNMP使用的陷阱的协定”,RFC 1215, 1991年3月。
[5] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,
M. and S. Waldbusser, "Structure of Management Information
Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.
//麦克洛利,K.,帕金斯,D.,舍恩韦尔德,J.,凯斯,J.,罗斯,M.。和S. Waldbusser,“管理信息结构第二版(SMIv2)”,STD 58, RFC 2578, 1999年4月。
[6] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,
M. and S. Waldbusser, "Textual Conventions for SMIv2", STD 58,
RFC 2579, April 1999.
//王建中,“史密密v2的文本规范”,国立中山大学资讯工程学研究所硕士论文,1999年三月。
[7] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,
M. and S. Waldbusser, "Conformance Statements for SMIv2", STD
58, RFC 2580, April 1999.
[8] Case, J., Fedor, M., Schoffstall, M. and J. Davin, "Simple
Network Management Protocol", STD 15, RFC 1157, May 1990.
//陈建中,“网路管理协议之研究”,国立成功大学资讯工程学研究所硕士论文,1990年三月。
[9] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser,
"Introduction to Community-based SNMPv2", RFC 1901, January
1996.
//凯斯,J., K., Rose, M.和S. Waldbusser,“基于社区的SNMPv2介绍”,RFC 1901, 1996年1月。
Waldbusser Standards Track [Page 95]
RFC 2819 Remote Network Monitoring MIB May 2000
[10] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Transport
Mappings for Version 2 of the Simple Network Management Protocol
(SNMPv2)", RFC 1906, January 1996.//吴文华,“简单网路管理协定(SNMPv2)第2版之传输映射”,国立成功大学资讯工程学研究所硕士论文,1996年三月。
[11] Case, J., Harrington D., Presuhn R. and B. Wijnen, "Message
Processing and Dispatching for the Simple Network Management
Protocol (SNMP)", RFC 2572, April 1999.
//李建民,“简单网路管理协定(SNMP)之讯息处理与调度”,国立成功大学资讯管理研究所硕士论文,国立成功大学资讯管理研究所硕士论文,1999年4月。
[12] Blumenthal, U. and B. Wijnen, "User-based Security Model (USM)
for version 3 of the Simple Network Management Protocol
(SNMPv3)", RFC 2574, April 1999.
//“基于用户的安全模型(USM)对于简单网络管理协议(SNMPv3)版本3”,RFC 2574, 1999年4月。
[13] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Protocol
Operations for Version 2 of the Simple Network Management
Protocol (SNMPv2)", RFC 1905, January 1996.
//情况下,J。,“简单网络管理协议(SNMPv2)版本2的协议操作”,RFC 1905, 1996年1月。
[14] Levi, D., Meyer, P. and B. Stewart, "SNMPv3 Applications", RFC
2573, April 1999.//李维,梅耶,P.和B.斯图尔特,“SNMPv3应用程序”,RFC 2573, 1999年4月。
[15] Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based Access
Control Model (VACM) for the Simple Network Management Protocol
(SNMP)", RFC 2575, April 1999.
//李建民,“简单网路管理协定(SNMP)之检视式存取控制模型”,国立成功大学资讯工程学研究所硕士论文,1999年4月。
[16] McCloghrie, K. and M. Rose, Editors, "Management Information
Base for Network Management of TCP/IP-based internets: MIB-II",
STD 17, RFC 1213, March 1991.
//罗世民,“网际网路网路管理之资讯基础:MIB-II”,国立台湾大学资讯工程学研究所硕士论文,台北市,1991年3月。
[17] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB
using SMIv2", RFC 2233, November 1997.
//“使用SMIv2的介面组MIB”,RFC 2233, 1997年11月。
[18] Waldbusser, S., "Remote Network Monitoring MIB", RFC 1757,
February 1995.
//“远程网络监控MIB”,RFC 1757, 1995年2月。
[19] Waldbusser, S., "Token Ring Extensions to the Remote Network
Monitoring MIB", RFC 1513, September 1993.
//“远程网络监控MIB的令牌环扩展”,RFC 1513, 1993年9月。
[20] Waldbusser, S., "Remote Network Monitoring Management
Information Base Version 2 using SMIv2", RFC 2021, January 1997.
//Waldbusser, S。,“使用SMIv2的远程网络监控管理信息库版本2”,RFC 2021, 1997年1月。
[21] Waterman, R., Lahaye, B., Romascanu, D. and S. Waldbusser,
"Remote Network Monitoring MIB Extensions for Switched Networks
Version 1.0", RFC 2613, June 1999.
//“远程网络监控MIB扩展的交换网络版本1.0”,RFC 2613, 1999年6月。
[22] Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction
to Version 3 of the Internet-standard Network Management
Framework", RFC 2570, April 1999.
//陈文文,“网际网路标准管理架构第3版导论”,国立中央大学资讯工程学研究所硕士论文,1999年4月。
Waldbusser Standards Track [Page 96]
RFC 2819 Remote Network Monitoring MIB May 2000
10. Intellectual Property//知识产权
The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; neither does it represent that it
has made any effort to identify any such rights. Information on the
IETF's procedures with respect to rights in standards-track and
standards-related documentation can be found in BCP-11. Copies of
claims of rights made available for publication and any assurances of
licenses to be made available, or the result of an attempt made to
obtain a general license or permission for the use of such
proprietary rights by implementors or users of this specification can
be obtained from the IETF Secretariat.//IETF没有立场的有效性或任何知识产权或其他权利的范围可能声称属于实现或使用本文档中描述的技术或任何许可在这种权利的程度可能会或可能不会是可用的;它也不表示它已作出任何努力来确定任何这种权利。有关IETF在标准跟踪和标准相关文档中的权限的程序的信息可以在BCP-11中找到。可用于出版的权利要求书的副本和可用于许可的任何保证,或试图获得使用这些权利要求书的一般许可或许可的结果本规范的实现者或用户的专有权利可以从IETF秘书处获得。
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights which may cover technology that may be required to practice
this standard. Please address the information to the IETF Executive
Director.//IETF邀请任何相关方提请其注意可能涉及实践所需技术的任何版权、专利或专利申请或其他专有权利这个标准。请将信息发送给IETF执行董事。
Waldbusser Standards Track [Page 97]
RFC 2819 Remote Network Monitoring MIB May 2000
11. Full Copyright Statement//完整的版权声明
Copyright (C) The Internet Society (2000). All Rights Reserved.//版权所有(C)互联网协会(2000)保留所有权利。
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.//本文件及其译文可被复制并提供给他人,对其作出评论或以其他方式解释其内容或协助其实施的派生作品可被编写、复制和出版,并在不受任何种类限制的情况下,全部或部分分发,但上述版权公告及本段须包括在所有该等复制品及衍生作品内。然而,这文件本身不得以任何方式进行修改,例如删除版权公告或对互联网协会或其他互联网组织的引用,除非出于以下目的需要制定互联网标准,在这种情况下,必须遵循互联网标准过程中定义的版权程序,或根据需要将其翻译成英语以外的其他语言。
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.//上述授予的有限权限是永久性的,互联网协会或其继任者或受让人不会撤销该等权限。
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
//这个文档,此处包含的信息是“是”的基础上提供的互联网协会和互联网工程任务组并不保证,明示或暗示,包括但不限于任何保证,使用文中的信息不会侵犯任何权利或任何隐含保证适销性或健身为特定目的。
Acknowledgement //感谢
Funding for the RFC Editor function is currently provided by the
Internet Society.//RFC编辑器功能的资金目前由互联网协会提供。
Waldbusser Standards Track [Page 98]
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools
About | IETF Datatracker | Version 6.123.1 | 2020-03-27 | Report a bug: Tracker: Email:
Python 3.6.10 | Django 1.11.29
