[dhcwg] Re: draft-bakke-dhc-snmp-trap-00.txt
Mark Bakke <mbakke@cisco.com> Mon, 16 September 2002 19:28 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA15068 for <dhcwg-archive@odin.ietf.org>; Mon, 16 Sep 2002 15:28:26 -0400 (EDT)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id g8GJTkk18984 for dhcwg-archive@odin.ietf.org; Mon, 16 Sep 2002 15:29:46 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id g8GJTkv18981 for <dhcwg-web-archive@optimus.ietf.org>; Mon, 16 Sep 2002 15:29:46 -0400
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA15030 for <dhcwg-web-archive@ietf.org>; Mon, 16 Sep 2002 15:27:56 -0400 (EDT)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id g8GJ79v17988; Mon, 16 Sep 2002 15:07:09 -0400
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id g8GJ3rv17612 for <dhcwg@optimus.ietf.org>; Mon, 16 Sep 2002 15:03:53 -0400
Received: from sj-msg-core-1.cisco.com (sj-msg-core-1.cisco.com [171.71.163.11]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id PAA14378 for <dhcwg@ietf.org>; Mon, 16 Sep 2002 15:02:03 -0400 (EDT)
Received: from sj-msg-av-1.cisco.com (sj-msg-av-1.cisco.com [171.69.11.151]) by sj-msg-core-1.cisco.com (8.12.2/8.12.2) with ESMTP id g8GJ3IKB008588; Mon, 16 Sep 2002 12:03:18 -0700 (PDT)
Received: from nisser.cisco.com (localhost [127.0.0.1]) by sj-msg-av-1.cisco.com (8.12.2/8.12.2) with ESMTP id g8GJ3Hwt024281; Mon, 16 Sep 2002 12:03:17 -0700 (PDT)
Received: from cisco.com (mbakke-lnx.cisco.com [64.101.211.87]) by nisser.cisco.com (8.8.6 (PHNE_14041)/CISCO.SERVER.1.2) with ESMTP id MAA25980; Mon, 16 Sep 2002 12:03:15 -0700 (PDT)
Message-ID: <3D862F76.CAA63701@cisco.com>
Date: Mon, 16 Sep 2002 14:22:30 -0500
From: Mark Bakke <mbakke@cisco.com>
X-Mailer: Mozilla 4.72 [en] (X11; U; Linux 2.2.16-3.uid32 i686)
X-Accept-Language: en, de
MIME-Version: 1.0
To: "'dhcwg@ietf.org'" <dhcwg@ietf.org>, "snmpv3@lists. tislabs. com (E-mail)" <snmpv3@lists.tislabs.com>, mibs@ops.ietf.org
References: <6D745637A7E0F94DA070743C55CDA9BA0757E3@NHROCMBX1.ets.enterasys.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
Subject: [dhcwg] Re: draft-bakke-dhc-snmp-trap-00.txt
Sender: dhcwg-admin@ietf.org
Errors-To: dhcwg-admin@ietf.org
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Id: <dhcwg.ietf.org>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
Here's another try at the snmp notification option for DHCP. It's not a formal draft; just a rough idea of what it might look like. If this seems to be the right approach, I'll issue another revision of the draft. I also changed this from a binary structure to a text format, since it needed to be fairly flexible. -- Mark DHCP snmp-trap-host option Here's a quick sketch of what the new trap-host option could look like. I realize I need to add better detail in the final draft. This list of configuration attributes is from RFC 2573 appendix A, which lists trap configuration examples. I'm assuming that in a DHCP environment, that the only address domain supported is UDP. I've also assumed that some other configuration info must exist to make the security name meaningful, but that this information does not belong directly in a list of notification hosts, and might be placed in some other, more general SNMP configuration option. snmp-notification-list option is a UTF-8 string consisting of a comma-separated list of notification targets. Each notification target is a colon-separated list of parameters in the following order: <proc-model>:<addr>[:<security-params>] <proc-model> is a decimal field which must match one of the message processing model values defined in RFC 2571 in the SnmpMessageProcessingModel TC: 0 - SNMPv1 1 - SNMPv2c 2 - SNMPv2u and SNMPv2* (I'm not sure what this is for) 3 - SNMPv3 <addr> This is the IP address and UDP port number of the target. I wouldn't expect anyone to set up SNMP notifications over a non-IP protocol such as OSI or DDP using DHCP, so I didn't include a domain. We could add it back in if there's good reason. IPv4 addresses are specified as dotted decimal with optional port: nn.nn.nn.nn/port Example: 10.1.50.100/162 with the "/port" optional. IPv6 addresses are specified as a bracketed hexadecimal address, as specified in RFC2732, followed by the optional "/port". Example: [1080:0:0:0:8:800:200C:417A]/162. <security-params> is optional and depends on the processing model used. For v1 and v2c, this consists of a community string <community-string> - The community string to use when sending notifications to this target. If not specified, the default is "public". For v3, this specifies the security model and its paramters, and consists of: <security-model>:<security-level>:<security-name> <security-model> This is the security model number from the RFC 2571 SnmpSecurityModel TC. The current (decimal) values are: 1 - SNMPv1 2 - SNMPv2c 3 - User-Based Security Model (USM) <security-level> This is the decimal security level number as specified in the RFC 2571 SnmpSecurityLevel TC: 1 - noAuthNoPriv 2 - authNoPriv 3 - authPriv <security-name> This is the UTF-8 security name to be used with notifications to this target. Examples: A group of two v3 targets, both using USM with authentication but no privacy: 3:128.1.2.3/162:3:2:joe,3:128.2.4.6/162:3:2:joe A single v3 target, using USM with both authentication and privacy: 3:128.1.5.9/162:3:3:bob A single address that wants both v1 and v2c notifications with the default community string and UDP port: 0:10.1.1.1,1:10.1.1.1 An SNMPv2 address that uses a different community string: 1:10.50.2.100:my-community BTW, using 0 for v1, 1 for v2c, and 3 for v3 is confusing, and these strings have to be typed in by DHCP adminstrators. We could go with text tags "v1", "v2c", and "v3" instead for message processing models, and allow "usm" for the security model as well: v3:128.1.2.3/162:usm:authNoPriv:joe,3:128.2.4.6/162:usm:authNoPriv:joe v3:128.1.5.9/162:usm:authPriv:bob v1:10.1.1.1,v2c:10.1.1.1 v2c:10.50.2.100:my-community Any preferences? _______________________________________________ dhcwg mailing list dhcwg@ietf.org https://www1.ietf.org/mailman/listinfo/dhcwg
- [dhcwg] Re: draft-bakke-dhc-snmp-trap-00.txt Mark Bakke
- [dhcwg] draft-bakke-dhc-snmp-trap-00.txt Harrington, David
- [dhcwg] Re: draft-bakke-dhc-snmp-trap-00.txt Mark Bakke
- [dhcwg] RE: draft-bakke-dhc-snmp-trap-00.txt Harrington, David
- [dhcwg] RE: draft-bakke-dhc-snmp-trap-00.txt Wijnen, Bert (Bert)
- Re: [dhcwg] RE: draft-bakke-dhc-snmp-trap-00.txt Mark Bakke
- [dhcwg] Re: draft-bakke-dhc-snmp-trap-00.txt Mark Bakke
- [dhcwg] RE: draft-bakke-dhc-snmp-trap-00.txt Wijnen, Bert (Bert)
- Re: [dhcwg] RE: draft-bakke-dhc-snmp-trap-00.txt Mark Bakke
- RE: [dhcwg] RE: draft-bakke-dhc-snmp-trap-00.txt Wijnen, Bert (Bert)
- RE: [dhcwg] RE: draft-bakke-dhc-snmp-trap-00.txt Randy Presuhn
- RE: [dhcwg] RE: draft-bakke-dhc-snmp-trap-00.txt Andrea Westerinen