From 5a75472f645a2bc748784d0104fd9459c28e1193 Mon Sep 17 00:00:00 2001 From: Andreas Gustafsson Date: Mon, 5 Jun 2000 22:23:30 +0000 Subject: [PATCH] added DNS MIB RFCs --- doc/rfc/rfc1611.txt | 1683 ++++++++++++++++++++++++++++++++++++++++ doc/rfc/rfc1612.txt | 1795 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 3478 insertions(+) create mode 100644 doc/rfc/rfc1611.txt create mode 100644 doc/rfc/rfc1612.txt diff --git a/doc/rfc/rfc1611.txt b/doc/rfc/rfc1611.txt new file mode 100644 index 0000000000..ed5b93a83d --- /dev/null +++ b/doc/rfc/rfc1611.txt @@ -0,0 +1,1683 @@ + + + + + + +Network Working Group R. Austein +Request for Comments: 1611 Epilogue Technology Corporation +Category: Standards Track J. Saperia + Digital Equipment Corporation + May 1994 + + DNS Server MIB Extensions + +Status of this Memo + + This document specifies an Internet standards track protocol for the + Internet community, and requests discussion and suggestions for + improvements. Please refer to the current edition of the "Internet + Official Protocol Standards" (STD 1) for the standardization state + and status of this protocol. Distribution of this memo is unlimited. + +Table of Contents + + 1. Introduction .............................................. 1 + 2. The SNMPv2 Network Management Framework ................... 2 + 2.1 Object Definitions ....................................... 2 + 3. Overview .................................................. 2 + 3.1 Resolvers ................................................ 3 + 3.2 Name Servers ............................................. 3 + 3.3 Selected Objects ......................................... 4 + 3.4 Textual Conventions ...................................... 4 + 4. Definitions ............................................... 5 + 5. Acknowledgements .......................................... 28 + 6. References ................................................ 28 + 7. Security Considerations ................................... 29 + 8. Authors' Addresses ........................................ 30 + +1. Introduction + + This memo defines a portion of the Management Information Base (MIB) + for use with network management protocols in the Internet community. + In particular, it describes a set of extensions which instrument DNS + name server functions. This memo was produced by the DNS working + group. + + With the adoption of the Internet-standard Network Management + Framework [4,5,6,7], and with a large number of vendor + implementations of these standards in commercially available + products, it became possible to provide a higher level of effective + network management in TCP/IP-based internets than was previously + available. With the growth in the use of these standards, it has + become possible to consider the management of other elements of the + infrastructure beyond the basic TCP/IP protocols. A key element of + + + +Austein & Saperia [Page 1] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + the TCP/IP infrastructure is the DNS. + + Up to this point there has been no mechanism to integrate the + management of the DNS with SNMP-based managers. This memo provides + the mechanisms by which IP-based management stations can effectively + manage DNS name server software in an integrated fashion. + + We have defined DNS MIB objects to be used in conjunction with the + Internet MIB to allow access to and control of DNS name server + software via SNMP by the Internet community. + +2. The SNMPv2 Network Management Framework + + The SNMPv2 Network Management Framework consists of four major + components. They are: + + o RFC 1442 which defines the SMI, the mechanisms used for + describing and naming objects for the purpose of management. + + o STD 17, RFC 1213 defines MIB-II, the core set of managed objects + for the Internet suite of protocols. + + o RFC 1445 which defines the administrative and other architectural + aspects of the framework. + + o RFC 1448 which defines the protocol used for network access to + managed objects. + + The Framework permits new objects to be defined for the purpose of + experimentation and evaluation. + +2.1. Object Definitions + + Managed objects are accessed via a virtual information store, termed + the Management Information Base or MIB. Objects in the MIB are + defined using the subset of Abstract Syntax Notation One (ASN.1) + defined in the SMI. In particular, each object object type is named + by an OBJECT IDENTIFIER, an administratively assigned name. The + object type together with an object instance serves to uniquely + identify a specific instantiation of the object. For human + convenience, we often use a textual string, termed the descriptor, to + refer to the object type. + +3. Overview + + In theory, the DNS world is pretty simple. There are two kinds of + entities: resolvers and name servers. Resolvers ask questions. Name + servers answer them. The real world, however, is not so simple. + + + +Austein & Saperia [Page 2] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + Implementors have made widely differing choices about how to divide + DNS functions between resolvers and servers. They have also + constructed various sorts of exotic hybrids. The most difficult task + in defining this MIB was to accommodate this wide range of entities + without having to come up with a separate MIB for each. + + We divided up the various DNS functions into two, non-overlapping + classes, called "resolver functions" and "name server functions." A + DNS entity that performs what we define as resolver functions + contains a resolver, and therefore must implement the MIB groups + required of all resolvers which are defined in a separate MIB Module. + A DNS entity which implements name server functions is considered to + be a name server, and must implement the MIB groups required for name + servers in this module. If the same piece of software performs both + resolver and server functions, we imagine that it contains both a + resolver and a server and would thus implement both the DNS Server + and DNS Resolver MIBs. + +3.1. Resolvers + + In our model, a resolver is a program (or piece thereof) which + obtains resource records from servers. Normally it does so at the + behest of an application, but may also do so as part of its own + operation. A resolver sends DNS protocol queries and receives DNS + protocol replies. A resolver neither receives queries nor sends + replies. A full service resolver is one that knows how to resolve + queries: it obtains the needed resource records by contacting a + server authoritative for the records desired. A stub resolver does + not know how to resolve queries: it sends all queries to a local name + server, setting the "recursion desired" flag to indicate that it + hopes that the name server will be willing to resolve the query. A + resolver may (optionally) have a cache for remembering previously + acquired resource records. It may also have a negative cache for + remembering names or data that have been determined not to exist. + +3.2. Name Servers + + A name server is a program (or piece thereof) that provides resource + records to resolvers. All references in this document to "a name + server" imply "the name server's role"; in some cases the name + server's role and the resolver's role might be combined into a single + program. A name server receives DNS protocol queries and sends DNS + protocol replies. A name server neither sends queries nor receives + replies. As a consequence, name servers do not have caches. + Normally, a name server would expect to receive only those queries to + which it could respond with authoritative information. However, if a + name server receives a query that it cannot respond to with purely + authoritative information, it may choose to try to obtain the + + + +Austein & Saperia [Page 3] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + necessary additional information from a resolver which may or may not + be a separate process. + +3.3. Selected Objects + + Many of the objects included in this memo have been created from + information contained in the DNS specifications [1,2], as amended and + clarified by subsequent host requirements documents [3]. Other + objects have been created based on experience with existing DNS + management tools, expected operational needs, the statistics + generated by existing DNS implementations, and the configuration + files used by existing DNS implementations. These objects have been + ordered into groups as follows: + + o Server Configuration Group + + o Server Counter Group + + o Server Optional Counter Group + + o Server Zone Group + + This information has been converted into a standard form using the + SNMPv2 SMI defined in [9]. For the most part, the descriptions are + influenced by the DNS related RFCs noted above. For example, the + descriptions for counters used for the various types of queries of + DNS records are influenced by the definitions used for the various + record types found in [2]. + +3.4. Textual Conventions + + Several conceptual data types have been introduced as a textual + conventions in this DNS MIB document. These additions will + facilitate the common understanding of information used by the DNS. + No changes to the SMI or the SNMP are necessary to support these + conventions. + + Readers familiar with MIBs designed to manage entities in the lower + layers of the Internet protocol suite may be surprised at the number + of non-enumerated integers used in this MIB to represent values such + as DNS RR class and type numbers. The reason for this choice is + simple: the DNS itself is designed as an extensible protocol, + allowing new classes and types of resource records to be added to the + protocol without recoding the core DNS software. Using non- + enumerated integers to represent these data types in this MIB allows + the MIB to accommodate these changes as well. + + + + + +Austein & Saperia [Page 4] + +RFC 1611 DNS Server MIB Extensions May 1994 + + +4. Definitions + + DNS-SERVER-MIB DEFINITIONS ::= BEGIN + + IMPORTS + mib-2 + FROM RFC-1213 + MODULE-IDENTITY, OBJECT-TYPE, OBJECT-IDENTITY, + IpAddress, Counter32, Gauge32 + FROM SNMPv2-SMI + TEXTUAL-CONVENTION, RowStatus, DisplayString, TruthValue + FROM SNMPv2-TC + MODULE-COMPLIANCE, OBJECT-GROUP + FROM SNMPv2-CONF; + + dns OBJECT-IDENTITY + STATUS current + DESCRIPTION + "The OID assigned to DNS MIB work by the IANA." + ::= { mib-2 32 } + + dnsServMIB MODULE-IDENTITY + LAST-UPDATED "9401282251Z" + ORGANIZATION "IETF DNS Working Group" + CONTACT-INFO + " Rob Austein + Postal: Epilogue Technology Corporation + 268 Main Street, Suite 283 + North Reading, MA 10864 + US + Tel: +1 617 245 0804 + Fax: +1 617 245 8122 + E-Mail: sra@epilogue.com + + Jon Saperia + Postal: Digital Equipment Corporation + 110 Spit Brook Road + ZKO1-3/H18 + Nashua, NH 03062-2698 + US + Tel: +1 603 881 0480 + Fax: +1 603 881 0120 + Email: saperia@zko.dec.com" + DESCRIPTION + "The MIB module for entities implementing the server side + of the Domain Name System (DNS) protocol." + ::= { dns 1 } + + + + +Austein & Saperia [Page 5] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + dnsServMIBObjects OBJECT IDENTIFIER ::= { dnsServMIB 1 } + + -- (Old-style) groups in the DNS server MIB. + + dnsServConfig OBJECT IDENTIFIER ::= { dnsServMIBObjects 1 } + dnsServCounter OBJECT IDENTIFIER ::= { dnsServMIBObjects 2 } + dnsServOptCounter OBJECT IDENTIFIER ::= { dnsServMIBObjects 3 } + dnsServZone OBJECT IDENTIFIER ::= { dnsServMIBObjects 4 } + + + -- Textual conventions + + DnsName ::= TEXTUAL-CONVENTION + -- A DISPLAY-HINT would be nice, but difficult to express. + STATUS current + DESCRIPTION + "A DNS name is a sequence of labels. When DNS names are + displayed, the boundaries between labels are typically + indicated by dots (e.g. `Acme' and `COM' are labels in + the name `Acme.COM'). In the DNS protocol, however, no + such separators are needed because each label is encoded + as a length octet followed by the indicated number of + octets of label. For example, `Acme.COM' is encoded as + the octet sequence { 4, 'A', 'c', 'm', 'e', 3, 'C', 'O', + 'M', 0 } (the final 0 is the length of the name of the + root domain, which appears implicitly at the end of any + DNS name). This MIB uses the same encoding as the DNS + protocol. + + A DnsName must always be a fully qualified name. It is + an error to encode a relative domain name as a DnsName + without first making it a fully qualified name." + REFERENCE + "RFC-1034 section 3.1." + SYNTAX OCTET STRING (SIZE (0..255)) + + DnsNameAsIndex ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "This textual convention is like a DnsName, but is used + as an index componant in tables. Alphabetic characters + in names of this type are restricted to uppercase: the + characters 'a' through 'z' are mapped to the characters + 'A' through 'Z'. This restriction is intended to make + the lexical ordering imposed by SNMP useful when applied + to DNS names. + + Note that it is theoretically possible for a valid DNS + + + +Austein & Saperia [Page 6] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + name to exceed the allowed length of an SNMP object + identifer, and thus be impossible to represent in tables + in this MIB that are indexed by DNS name. Sampling of + DNS names in current use on the Internet suggests that + this limit does not pose a serious problem in practice." + REFERENCE + "RFC-1034 section 3.1, RFC-1448 section 4.1." + SYNTAX DnsName + + DnsClass ::= TEXTUAL-CONVENTION + DISPLAY-HINT "2d" + STATUS current + DESCRIPTION + "This data type is used to represent the class values + which appear in Resource Records in the DNS. A 16-bit + unsigned integer is used to allow room for new classes + of records to be defined. Existing standard classes are + listed in the DNS specifications." + REFERENCE + "RFC-1035 section 3.2.4." + SYNTAX INTEGER (0..65535) + + DnsType ::= TEXTUAL-CONVENTION + DISPLAY-HINT "2d" + STATUS current + DESCRIPTION + "This data type is used to represent the type values + which appear in Resource Records in the DNS. A 16-bit + unsigned integer is used to allow room for new record + types to be defined. Existing standard types are listed + in the DNS specifications." + REFERENCE + "RFC-1035 section 3.2.2." + SYNTAX INTEGER (0..65535) + + DnsQClass ::= TEXTUAL-CONVENTION + DISPLAY-HINT "2d" + STATUS current + DESCRIPTION + "This data type is used to represent the QClass values + which appear in Resource Records in the DNS. A 16-bit + unsigned integer is used to allow room for new QClass + records to be defined. Existing standard QClasses are + listed in the DNS specification." + REFERENCE + "RFC-1035 section 3.2.5." + SYNTAX INTEGER (0..65535) + + + + +Austein & Saperia [Page 7] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + DnsQType ::= TEXTUAL-CONVENTION + DISPLAY-HINT "2d" + STATUS current + DESCRIPTION + "This data type is used to represent the QType values + which appear in Resource Records in the DNS. A 16-bit + unsigned integer is used to allow room for new QType + records to be defined. Existing standard QTypes are + listed in the DNS specification." + REFERENCE + "RFC-1035 section 3.2.3." + SYNTAX INTEGER (0..65535) + + DnsTime ::= TEXTUAL-CONVENTION + DISPLAY-HINT "4d" + STATUS current + DESCRIPTION + "DnsTime values are 32-bit unsigned integers which + measure time in seconds." + REFERENCE + "RFC-1035." + SYNTAX Gauge32 + + + DnsOpCode ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "This textual convention is used to represent the DNS + OPCODE values used in the header section of DNS + messages. Existing standard OPCODE values are listed in + the DNS specifications." + REFERENCE + "RFC-1035 section 4.1.1." + SYNTAX INTEGER (0..15) + + DnsRespCode ::= TEXTUAL-CONVENTION + STATUS current + DESCRIPTION + "This data type is used to represent the DNS RCODE value + in DNS response messages. Existing standard RCODE + values are listed in the DNS specifications." + REFERENCE + "RFC-1035 section 4.1.1." + SYNTAX INTEGER (0..15) + + + + + + + +Austein & Saperia [Page 8] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + -- Server Configuration Group + + dnsServConfigImplementIdent OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The implementation identification string for the DNS + server software in use on the system, for example; + `FNS-2.1'" + ::= { dnsServConfig 1 } + + dnsServConfigRecurs OBJECT-TYPE + SYNTAX INTEGER { available(1), + restricted(2), + unavailable(3) } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "This represents the recursion services offered by this + name server. The values that can be read or written + are: + + available(1) - performs recursion on requests from + clients. + + restricted(2) - recursion is performed on requests only + from certain clients, for example; clients on an access + control list. + + unavailable(3) - recursion is not available." + ::= { dnsServConfig 2 } + + dnsServConfigUpTime OBJECT-TYPE + SYNTAX DnsTime + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "If the server has a persistent state (e.g., a process), + this value will be the time elapsed since it started. + For software without persistant state, this value will + be zero." + ::= { dnsServConfig 3 } + + dnsServConfigResetTime OBJECT-TYPE + SYNTAX DnsTime + MAX-ACCESS read-only + STATUS current + + + +Austein & Saperia [Page 9] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + DESCRIPTION + "If the server has a persistent state (e.g., a process) + and supports a `reset' operation (e.g., can be told to + re-read configuration files), this value will be the + time elapsed since the last time the name server was + `reset.' For software that does not have persistence or + does not support a `reset' operation, this value will be + zero." + ::= { dnsServConfig 4 } + + dnsServConfigReset OBJECT-TYPE + SYNTAX INTEGER { other(1), + reset(2), + initializing(3), + running(4) } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Status/action object to reinitialize any persistant name + server state. When set to reset(2), any persistant + name server state (such as a process) is reinitialized as + if the name server had just been started. This value + will never be returned by a read operation. When read, + one of the following values will be returned: + other(1) - server in some unknown state; + initializing(3) - server (re)initializing; + running(4) - server currently running." + ::= { dnsServConfig 5 } + + + -- Server Counter Group + + dnsServCounterAuthAns OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries which were authoritatively answered." + ::= { dnsServCounter 2 } + + dnsServCounterAuthNoNames OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries for which `authoritative no such name' + responses were made." + ::= { dnsServCounter 3 } + + + +Austein & Saperia [Page 10] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + dnsServCounterAuthNoDataResps OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries for which `authoritative no such data' + (empty answer) responses were made." + ::= { dnsServCounter 4 } + + dnsServCounterNonAuthDatas OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries which were non-authoritatively + answered (cached data)." + ::= { dnsServCounter 5 } + + dnsServCounterNonAuthNoDatas OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries which were non-authoritatively + answered with no data (empty answer)." + ::= { dnsServCounter 6 } + + dnsServCounterReferrals OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests that were referred to other servers." + ::= { dnsServCounter 7 } + + dnsServCounterErrors OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests the server has processed that were + answered with errors (RCODE values other than 0 and 3)." + REFERENCE + "RFC-1035 section 4.1.1." + ::= { dnsServCounter 8 } + + dnsServCounterRelNames OBJECT-TYPE + SYNTAX Counter32 + + + +Austein & Saperia [Page 11] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests received by the server for names that + are only 1 label long (text form - no internal dots)." + ::= { dnsServCounter 9 } + + dnsServCounterReqRefusals OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of DNS requests refused by the server." + ::= { dnsServCounter 10 } + + dnsServCounterReqUnparses OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests received which were unparseable." + ::= { dnsServCounter 11 } + + dnsServCounterOtherErrors OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests which were aborted for other (local) + server errors." + ::= { dnsServCounter 12 } + + -- DNS Server Counter Table + + dnsServCounterTable OBJECT-TYPE + SYNTAX SEQUENCE OF DnsServCounterEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Counter information broken down by DNS class and type." + ::= { dnsServCounter 13 } + + dnsServCounterEntry OBJECT-TYPE + SYNTAX DnsServCounterEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table contains count information for each DNS class + + + +Austein & Saperia [Page 12] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + and type value known to the server. The index allows + management software to to create indices to the table to + get the specific information desired, e.g., number of + queries over UDP for records with type value `A' which + came to this server. In order to prevent an + uncontrolled expansion of rows in the table; if + dnsServCounterRequests is 0 and dnsServCounterResponses + is 0, then the row does not exist and `no such' is + returned when the agent is queried for such instances." + INDEX { dnsServCounterOpCode, + dnsServCounterQClass, + dnsServCounterQType, + dnsServCounterTransport } + ::= { dnsServCounterTable 1 } + + DnsServCounterEntry ::= + SEQUENCE { + dnsServCounterOpCode + DnsOpCode, + dnsServCounterQClass + DnsClass, + dnsServCounterQType + DnsType, + dnsServCounterTransport + INTEGER, + dnsServCounterRequests + Counter32, + dnsServCounterResponses + Counter32 + } + + dnsServCounterOpCode OBJECT-TYPE + SYNTAX DnsOpCode + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The DNS OPCODE being counted in this row of the table." + ::= { dnsServCounterEntry 1 } + + dnsServCounterQClass OBJECT-TYPE + SYNTAX DnsClass + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The class of record being counted in this row of the + table." + ::= { dnsServCounterEntry 2 } + + + + +Austein & Saperia [Page 13] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + dnsServCounterQType OBJECT-TYPE + SYNTAX DnsType + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The type of record which is being counted in this row in + the table." + ::= { dnsServCounterEntry 3 } + + dnsServCounterTransport OBJECT-TYPE + SYNTAX INTEGER { udp(1), tcp(2), other(3) } + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A value of udp(1) indicates that the queries reported on + this row were sent using UDP. + + A value of tcp(2) indicates that the queries reported on + this row were sent using TCP. + + A value of other(3) indicates that the queries reported + on this row were sent using a transport that was neither + TCP nor UDP." + ::= { dnsServCounterEntry 4 } + + dnsServCounterRequests OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests (queries) that have been recorded in + this row of the table." + ::= { dnsServCounterEntry 5 } + + dnsServCounterResponses OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of responses made by the server since + initialization for the kind of query identified on this + row of the table." + ::= { dnsServCounterEntry 6 } + + + + + + + + +Austein & Saperia [Page 14] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + -- Server Optional Counter Group + + -- The Server Optional Counter Group is intended for those systems + -- which make distinctions between the different sources of the DNS + -- queries as defined below. + -- + -- Objects in this group are implemented on servers which distinguish + -- between queries which originate from the same host as the server, + -- queries from one of an arbitrary group of hosts that are on an + -- access list defined by the server, and queries from hosts that do + -- not fit either of these descriptions. + -- + -- The objects found in the Server Counter group are totals. Thus if + -- one wanted to identify, for example, the number of queries from + -- `remote' hosts which have been given authoritative answers, one + -- would subtract the current values of ServOptCounterFriendsAuthAns + -- and ServOptCounterSelfAuthAns from servCounterAuthAns. + -- + -- The purpose of these distinctions is to allow for implementations + -- to group queries and responses on this basis. One way in which + -- servers may make these distinctions is by looking at the source IP + -- address of the DNS query. If the source of the query is `your + -- own' then the query should be counted as `yourself' (local host). + -- If the source of the query matches an `access list,' the query + -- came from a friend. What constitutes an `access list' is + -- implementation dependent and could be as simple as a rule that all + -- hosts on the same IP network as the DNS server are classed + -- `friends.' + -- + -- In order to avoid double counting, the following rules apply: + -- + -- 1. No host is in more than one of the three groups defined above. + -- + -- 2. All queries from the local host are always counted in the + -- `yourself' group regardless of what the access list, if any, + -- says. + -- + -- 3. The access list should not define `your friends' in such a way + -- that it includes all hosts. That is, not everybody is your + -- `friend.' + + dnsServOptCounterSelfAuthAns OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests the server has processed which + originated from a resolver on the same host for which + + + +Austein & Saperia [Page 15] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + there has been an authoritative answer." + ::= { dnsServOptCounter 1 } + + dnsServOptCounterSelfAuthNoNames OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests the server has processed which + originated from a resolver on the same host for which + there has been an authoritative no such name answer + given." + ::= { dnsServOptCounter 2 } + + dnsServOptCounterSelfAuthNoDataResps OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests the server has processed which + originated from a resolver on the same host for which + there has been an authoritative no such data answer + (empty answer) made." + ::= { dnsServOptCounter 3 } + + dnsServOptCounterSelfNonAuthDatas OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests the server has processed which + originated from a resolver on the same host for which a + non-authoritative answer (cached data) was made." + ::= { dnsServOptCounter 4 } + + dnsServOptCounterSelfNonAuthNoDatas OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests the server has processed which + originated from a resolver on the same host for which a + `non-authoritative, no such data' response was made + (empty answer)." + ::= { dnsServOptCounter 5 } + + dnsServOptCounterSelfReferrals OBJECT-TYPE + SYNTAX Counter32 + + + +Austein & Saperia [Page 16] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries the server has processed which + originated from a resolver on the same host and were + referred to other servers." + ::= { dnsServOptCounter 6 } + + dnsServOptCounterSelfErrors OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests the server has processed which + originated from a resolver on the same host which have + been answered with errors (RCODEs other than 0 and 3)." + REFERENCE + "RFC-1035 section 4.1.1." + ::= { dnsServOptCounter 7 } + + dnsServOptCounterSelfRelNames OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests received for names that are only 1 + label long (text form - no internal dots) the server has + processed which originated from a resolver on the same + host." + ::= { dnsServOptCounter 8 } + + dnsServOptCounterSelfReqRefusals OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of DNS requests refused by the server which + originated from a resolver on the same host." + ::= { dnsServOptCounter 9 } + + dnsServOptCounterSelfReqUnparses OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests received which were unparseable and + which originated from a resolver on the same host." + ::= { dnsServOptCounter 10 } + + + +Austein & Saperia [Page 17] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + dnsServOptCounterSelfOtherErrors OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests which were aborted for other (local) + server errors and which originated on the same host." + ::= { dnsServOptCounter 11 } + + dnsServOptCounterFriendsAuthAns OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries originating from friends which were + authoritatively answered. The definition of friends is + a locally defined matter." + ::= { dnsServOptCounter 12 } + + dnsServOptCounterFriendsAuthNoNames OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries originating from friends, for which + authoritative `no such name' responses were made. The + definition of friends is a locally defined matter." + ::= { dnsServOptCounter 13 } + + dnsServOptCounterFriendsAuthNoDataResps OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries originating from friends for which + authoritative no such data (empty answer) responses were + made. The definition of friends is a locally defined + matter." + ::= { dnsServOptCounter 14 } + + dnsServOptCounterFriendsNonAuthDatas OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries originating from friends which were + non-authoritatively answered (cached data). The + definition of friends is a locally defined matter." + + + +Austein & Saperia [Page 18] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + ::= { dnsServOptCounter 15 } + + dnsServOptCounterFriendsNonAuthNoDatas OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries originating from friends which were + non-authoritatively answered with no such data (empty + answer)." + ::= { dnsServOptCounter 16 } + + dnsServOptCounterFriendsReferrals OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests which originated from friends that + were referred to other servers. The definition of + friends is a locally defined matter." + ::= { dnsServOptCounter 17 } + + dnsServOptCounterFriendsErrors OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests the server has processed which + originated from friends and were answered with errors + (RCODE values other than 0 and 3). The definition of + friends is a locally defined matter." + REFERENCE + "RFC-1035 section 4.1.1." + ::= { dnsServOptCounter 18 } + + dnsServOptCounterFriendsRelNames OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests received for names from friends that + are only 1 label long (text form - no internal dots) the + server has processed." + ::= { dnsServOptCounter 19 } + + dnsServOptCounterFriendsReqRefusals OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + + + +Austein & Saperia [Page 19] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + STATUS current + DESCRIPTION + "Number of DNS requests refused by the server which were + received from `friends'." + ::= { dnsServOptCounter 20 } + + dnsServOptCounterFriendsReqUnparses OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests received which were unparseable and + which originated from `friends'." + ::= { dnsServOptCounter 21 } + + dnsServOptCounterFriendsOtherErrors OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests which were aborted for other (local) + server errors and which originated from `friends'." + ::= { dnsServOptCounter 22 } + + + -- Server Zone Group + + -- DNS Management Zone Configuration Table + + -- This table contains zone configuration information. + + dnsServZoneTable OBJECT-TYPE + SYNTAX SEQUENCE OF DnsServZoneEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Table of zones for which this name server provides + information. Each of the zones may be loaded from stable + storage via an implementation-specific mechanism or may + be obtained from another name server via a zone transfer. + + If name server doesn't load any zones, this table is + empty." + ::= { dnsServZone 1 } + + dnsServZoneEntry OBJECT-TYPE + SYNTAX DnsServZoneEntry + MAX-ACCESS not-accessible + + + +Austein & Saperia [Page 20] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + STATUS current + DESCRIPTION + "An entry in the name server zone table. New rows may be + added either via SNMP or by the name server itself." + INDEX { dnsServZoneName, + dnsServZoneClass } + ::= { dnsServZoneTable 1 } + + DnsServZoneEntry ::= + SEQUENCE { + dnsServZoneName + DnsNameAsIndex, + dnsServZoneClass + DnsClass, + dnsServZoneLastReloadSuccess + DnsTime, + dnsServZoneLastReloadAttempt + DnsTime, + dnsServZoneLastSourceAttempt + IpAddress, + dnsServZoneStatus + RowStatus, + dnsServZoneSerial + Counter32, + dnsServZoneCurrent + TruthValue, + dnsServZoneLastSourceSuccess + IpAddress + } + + dnsServZoneName OBJECT-TYPE + SYNTAX DnsNameAsIndex + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "DNS name of the zone described by this row of the table. + This is the owner name of the SOA RR that defines the + top of the zone. This is name is in uppercase: + characters 'a' through 'z' are mapped to 'A' through 'Z' + in order to make the lexical ordering useful." + ::= { dnsServZoneEntry 1 } + + dnsServZoneClass OBJECT-TYPE + SYNTAX DnsClass + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "DNS class of the RRs in this zone." + + + +Austein & Saperia [Page 21] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + ::= { dnsServZoneEntry 2 } + + dnsServZoneLastReloadSuccess OBJECT-TYPE + SYNTAX DnsTime + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Elapsed time in seconds since last successful reload of + this zone." + ::= { dnsServZoneEntry 3 } + + dnsServZoneLastReloadAttempt OBJECT-TYPE + SYNTAX DnsTime + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Elapsed time in seconds since last attempted reload of + this zone." + ::= { dnsServZoneEntry 4 } + + dnsServZoneLastSourceAttempt OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "IP address of host from which most recent zone transfer + of this zone was attempted. This value should match the + value of dnsServZoneSourceSuccess if the attempt was + succcessful. If zone transfer has not been attempted + within the memory of this name server, this value should + be 0.0.0.0." + ::= { dnsServZoneEntry 5 } + + dnsServZoneStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The status of the information represented in this row of + the table." + ::= { dnsServZoneEntry 6 } + + dnsServZoneSerial OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Zone serial number (from the SOA RR) of the zone + + + +Austein & Saperia [Page 22] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + represented by this row of the table. If the zone has + not been successfully loaded within the memory of this + name server, the value of this variable is zero." + ::= { dnsServZoneEntry 7 } + + dnsServZoneCurrent OBJECT-TYPE + SYNTAX TruthValue + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Whether the server's copy of the zone represented by + this row of the table is currently valid. If the zone + has never been successfully loaded or has expired since + it was last succesfully loaded, this variable will have + the value false(2), otherwise this variable will have + the value true(1)." + ::= { dnsServZoneEntry 8 } + + dnsServZoneLastSourceSuccess OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "IP address of host which was the source of the most + recent successful zone transfer for this zone. If + unknown (e.g., zone has never been successfully + transfered) or irrelevant (e.g., zone was loaded from + stable storage), this value should be 0.0.0.0." + ::= { dnsServZoneEntry 9 } + + -- DNS Zone Source Table + + dnsServZoneSrcTable OBJECT-TYPE + SYNTAX SEQUENCE OF DnsServZoneSrcEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table is a list of IP addresses from which the + server will attempt to load zone information using DNS + zone transfer operations. A reload may occur due to SNMP + operations that create a row in dnsServZoneTable or a + SET to object dnsServZoneReload. This table is only + used when the zone is loaded via zone transfer." + ::= { dnsServZone 2 } + + dnsServZoneSrcEntry OBJECT-TYPE + SYNTAX DnsServZoneSrcEntry + MAX-ACCESS not-accessible + + + +Austein & Saperia [Page 23] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + STATUS current + DESCRIPTION + "An entry in the name server zone source table." + INDEX { dnsServZoneSrcName, + dnsServZoneSrcClass, + dnsServZoneSrcAddr } + ::= { dnsServZoneSrcTable 1 } + + DnsServZoneSrcEntry ::= + SEQUENCE { + dnsServZoneSrcName + DnsNameAsIndex, + dnsServZoneSrcClass + DnsClass, + dnsServZoneSrcAddr + IpAddress, + dnsServZoneSrcStatus + RowStatus + } + + dnsServZoneSrcName OBJECT-TYPE + SYNTAX DnsNameAsIndex + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "DNS name of the zone to which this entry applies." + ::= { dnsServZoneSrcEntry 1 } + + dnsServZoneSrcClass OBJECT-TYPE + SYNTAX DnsClass + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "DNS class of zone to which this entry applies." + ::= { dnsServZoneSrcEntry 2 } + + dnsServZoneSrcAddr OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "IP address of name server host from which this zone + might be obtainable." + ::= { dnsServZoneSrcEntry 3 } + + dnsServZoneSrcStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + + + +Austein & Saperia [Page 24] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + STATUS current + DESCRIPTION + "The status of the information represented in this row of + the table." + ::= { dnsServZoneSrcEntry 4 } + + + -- SNMPv2 groups. + + dnsServMIBGroups OBJECT IDENTIFIER ::= { dnsServMIB 2 } + + dnsServConfigGroup OBJECT-GROUP + OBJECTS { dnsServConfigImplementIdent, + dnsServConfigRecurs, + dnsServConfigUpTime, + dnsServConfigResetTime, + dnsServConfigReset } + STATUS current + DESCRIPTION + "A collection of objects providing basic configuration + control of a DNS name server." + ::= { dnsServMIBGroups 1 } + + dnsServCounterGroup OBJECT-GROUP + OBJECTS { dnsServCounterAuthAns, + dnsServCounterAuthNoNames, + dnsServCounterAuthNoDataResps, + dnsServCounterNonAuthDatas, + dnsServCounterNonAuthNoDatas, + dnsServCounterReferrals, + dnsServCounterErrors, + dnsServCounterRelNames, + dnsServCounterReqRefusals, + dnsServCounterReqUnparses, + dnsServCounterOtherErrors, + dnsServCounterOpCode, + dnsServCounterQClass, + dnsServCounterQType, + dnsServCounterTransport, + dnsServCounterRequests, + dnsServCounterResponses } + STATUS current + DESCRIPTION + "A collection of objects providing basic instrumentation + of a DNS name server." + ::= { dnsServMIBGroups 2 } + + + + + +Austein & Saperia [Page 25] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + dnsServOptCounterGroup OBJECT-GROUP + OBJECTS { dnsServOptCounterSelfAuthAns, + dnsServOptCounterSelfAuthNoNames, + dnsServOptCounterSelfAuthNoDataResps, + dnsServOptCounterSelfNonAuthDatas, + dnsServOptCounterSelfNonAuthNoDatas, + dnsServOptCounterSelfReferrals, + dnsServOptCounterSelfErrors, + dnsServOptCounterSelfRelNames, + dnsServOptCounterSelfReqRefusals, + dnsServOptCounterSelfReqUnparses, + dnsServOptCounterSelfOtherErrors, + dnsServOptCounterFriendsAuthAns, + dnsServOptCounterFriendsAuthNoNames, + dnsServOptCounterFriendsAuthNoDataResps, + dnsServOptCounterFriendsNonAuthDatas, + dnsServOptCounterFriendsNonAuthNoDatas, + dnsServOptCounterFriendsReferrals, + dnsServOptCounterFriendsErrors, + dnsServOptCounterFriendsRelNames, + dnsServOptCounterFriendsReqRefusals, + dnsServOptCounterFriendsReqUnparses, + dnsServOptCounterFriendsOtherErrors } + STATUS current + DESCRIPTION + "A collection of objects providing extended + instrumentation of a DNS name server." + ::= { dnsServMIBGroups 3 } + + dnsServZoneGroup OBJECT-GROUP + OBJECTS { dnsServZoneName, + dnsServZoneClass, + dnsServZoneLastReloadSuccess, + dnsServZoneLastReloadAttempt, + dnsServZoneLastSourceAttempt, + dnsServZoneLastSourceSuccess, + dnsServZoneStatus, + dnsServZoneSerial, + dnsServZoneCurrent, + dnsServZoneSrcName, + dnsServZoneSrcClass, + dnsServZoneSrcAddr, + dnsServZoneSrcStatus } + STATUS current + DESCRIPTION + "A collection of objects providing configuration control + of a DNS name server which loads authoritative zones." + ::= { dnsServMIBGroups 4 } + + + +Austein & Saperia [Page 26] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + -- Compliances. + + dnsServMIBCompliances OBJECT IDENTIFIER ::= { dnsServMIB 3 } + + dnsServMIBCompliance MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "The compliance statement for agents implementing the DNS + name server MIB extensions." + MODULE -- This MIB module + MANDATORY-GROUPS { dnsServConfigGroup, dnsServCounterGroup } + GROUP dnsServOptCounterGroup + DESCRIPTION + "The server optional counter group is unconditionally + optional." + GROUP dnsServZoneGroup + DESCRIPTION + "The server zone group is mandatory for any name server + that acts as an authoritative server for any DNS zone." + OBJECT dnsServConfigRecurs + MIN-ACCESS read-only + DESCRIPTION + "This object need not be writable." + OBJECT dnsServConfigReset + MIN-ACCESS read-only + DESCRIPTION + "This object need not be writable." + ::= { dnsServMIBCompliances 1 } + + END + + + + + + + + + + + + + + + + + + + + + +Austein & Saperia [Page 27] + +RFC 1611 DNS Server MIB Extensions May 1994 + + +5. Acknowledgements + + This document is the result of work undertaken the by DNS working + group. The authors would particularly like to thank the following + people for their contributions to this document: Philip Almquist, + Frank Kastenholz (FTP Software), Joe Peck (DEC), Dave Perkins + (SynOptics), Win Treese (DEC), and Mimi Zohar (IBM). + +6. References + + [1] Mockapetris, P., "Domain Names -- Concepts and Facilities", STD + 13, RFC 1034, USC/Information Sciences Institute, November 1987. + + [2] Mockapetris, P., "Domain Names -- Implementation and + Specification", STD 13, RFC 1035, USC/Information Sciences + Institute, November 1987. + + [3] Braden, R., Editor, "Requirements for Internet Hosts -- + Application and Support, STD 3, RFC 1123, USC/Information + Sciences Institute, October 1989. + + [4] Rose, M., and K. McCloghrie, "Structure and Identification of + Management Information for TCP/IP-based internets", STD 16, RFC + 1155, Performance Systems International, Hughes LAN Systems, May + 1990. + + [5] McCloghrie, K., and M. Rose, "Management Information Base for + Network Management of TCP/IP-based internets", RFC 1156, Hughes + LAN Systems, Performance Systems International, May 1990. + + [6] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple + Network Management Protocol", STD 15, RFC 1157, SNMP Research, + Performance Systems International, Performance Systems + International, MIT Laboratory for Computer Science, May 1990. + + [7] Rose, M., and K. McCloghrie, Editors, "Concise MIB Definitions", + STD 16, RFC 1212, Performance Systems International, Hughes LAN + Systems, March 1991. + + [8] McCloghrie, K., and M. Rose, Editors, "Management Information + Base for Network Management of TCP/IP-based internets: MIB-II", + STD 17, RFC 1213, Hughes LAN Systems, Performance Systems + International, March 1991. + + [9] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Structure + of Management Information for version 2 of the Simple Network + Management Protocol (SNMPv2)", RFC 1442, SNMP Research, Inc., + Hughes LAN Systems, Dover Beach Consulting, Inc., Carnegie Mellon + + + +Austein & Saperia [Page 28] + +RFC 1611 DNS Server MIB Extensions May 1994 + + + University, April 1993. + + [10] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Textual + Conventions for version 2 of the the Simple Network Management + Protocol (SNMPv2)", RFC 1443, SNMP Research, Inc., Hughes LAN + Systems, Dover Beach Consulting, Inc., Carnegie Mellon + University, April 1993. + + [11] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, + "Conformance Statements for version 2 of the the Simple Network + Management Protocol (SNMPv2)", RFC 1444, SNMP Research, Inc., + Hughes LAN Systems, Dover Beach Consulting, Inc., Carnegie Mellon + University, April 1993. + + [12] Galvin, J., and K. McCloghrie, "Administrative Model for version + 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1445, + Trusted Information Systems, Hughes LAN Systems, April 1993. + + [13] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol + Operations for version 2 of the Simple Network Management + Protocol (SNMPv2)", RFC 1448, SNMP Research, Inc., Hughes LAN + Systems, Dover Beach Consulting, Inc., Carnegie Mellon + University, April 1993. + + [14] "Information processing systems - Open Systems Interconnection - + Specification of Abstract Syntax Notation One (ASN.1)", + International Organization for Standardization, International + Standard 8824, December 1987. + +7. Security Considerations + + Security issues are not discussed in this memo. + + + + + + + + + + + + + + + + + + + +Austein & Saperia [Page 29] + +RFC 1611 DNS Server MIB Extensions May 1994 + + +8. Authors' Addresses + + Rob Austein + Epilogue Technology Corporation + 268 Main Street, Suite 283 + North Reading, MA 01864 + USA + + Phone: +1-617-245-0804 + Fax: +1-617-245-8122 + EMail: sra@epilogue.com + + + Jon Saperia + Digital Equipment Corporation + 110 Spit Brook Road + ZKO1-3/H18 + Nashua, NH 03062-2698 + USA + + Phone: +1-603-881-0480 + Fax: +1-603-881-0120 + EMail: saperia@zko.dec.com + + + + + + + + + + + + + + + + + + + + + + + + + + + + +Austein & Saperia [Page 30] + diff --git a/doc/rfc/rfc1612.txt b/doc/rfc/rfc1612.txt new file mode 100644 index 0000000000..4ef23b0c65 --- /dev/null +++ b/doc/rfc/rfc1612.txt @@ -0,0 +1,1795 @@ + + + + + + +Network Working Group R. Austein +Request for Comments: 1612 Epilogue Technology Corporation +Category: Standards Track J. Saperia + Digital Equipment Corporation + May 1994 + + + DNS Resolver MIB Extensions + +Status of this Memo + + This document specifies an Internet standards track protocol for the + Internet community, and requests discussion and suggestions for + improvements. Please refer to the current edition of the "Internet + Official Protocol Standards" (STD 1) for the standardization state + and status of this protocol. Distribution of this memo is unlimited. + +Table of Contents + + 1. Introduction .............................................. 1 + 2. The SNMPv2 Network Management Framework ................... 2 + 2.1 Object Definitions ....................................... 2 + 3. Overview .................................................. 2 + 3.1 Resolvers ................................................ 3 + 3.2 Name Servers ............................................. 3 + 3.3 Selected Objects ......................................... 4 + 3.4 Textual Conventions ...................................... 4 + 4. Definitions ............................................... 5 + 5. Acknowledgements .......................................... 30 + 6. References ................................................ 30 + 7. Security Considerations ................................... 32 + 8. Authors' Addresses ........................................ 32 + +1. Introduction + + This memo defines a portion of the Management Information Base (MIB) + for use with network management protocols in the Internet community. + In particular, it describes a set of extensions which instrument DNS + resolver functions. This memo was produced by the DNS working group. + + With the adoption of the Internet-standard Network Management + Framework [4,5,6,7], and with a large number of vendor + implementations of these standards in commercially available + products, it became possible to provide a higher level of effective + network management in TCP/IP-based internets than was previously + available. With the growth in the use of these standards, it has + become possible to consider the management of other elements of the + infrastructure beyond the basic TCP/IP protocols. A key element of + + + +Austein & Saperia [Page 1] + +RFC 1612 DNS Resolver MIB May 1994 + + + the TCP/IP infrastructure is the DNS. + + Up to this point there has been no mechanism to integrate the + management of the DNS with SNMP-based managers. This memo provides + the mechanisms by which IP-based management stations can effectively + manage DNS resolver software in an integrated fashion. + + We have defined DNS MIB objects to be used in conjunction with the + Internet MIB to allow access to and control of DNS resolver software + via SNMP by the Internet community. + +2. The SNMPv2 Network Management Framework + + The SNMPv2 Network Management Framework consists of four major + components. They are: + + o RFC 1442 which defines the SMI, the mechanisms used for + describing and naming objects for the purpose of management. + + o STD 17, RFC 1213 defines MIB-II, the core set of managed + objects for the Internet suite of protocols. + + o RFC 1445 which defines the administrative and other + architectural aspects of the framework. + + o RFC 1448 which defines the protocol used for network access to + managed objects. + + The Framework permits new objects to be defined for the purpose of + experimentation and evaluation. + +2.1. Object Definitions + + Managed objects are accessed via a virtual information store, termed + the Management Information Base or MIB. Objects in the MIB are + defined using the subset of Abstract Syntax Notation One (ASN.1) + defined in the SMI. In particular, each object object type is named + by an OBJECT IDENTIFIER, an administratively assigned name. The + object type together with an object instance serves to uniquely + identify a specific instantiation of the object. For human + convenience, we often use a textual string, termed the descriptor, to + refer to the object type. + +3. Overview + + In theory, the DNS world is pretty simple. There are two kinds of + entities: resolvers and name servers. Resolvers ask questions. Name + servers answer them. The real world, however, is not so simple. + + + +Austein & Saperia [Page 2] + +RFC 1612 DNS Resolver MIB May 1994 + + + Implementors have made widely differing choices about how to divide + DNS functions between resolvers and servers. They have also + constructed various sorts of exotic hybrids. The most difficult task + in defining this MIB was to accommodate this wide range of entities + without having to come up with a separate MIB for each. + + We divided up the various DNS functions into two, non-overlapping + classes, called "resolver functions" and "name server functions." A + DNS entity that performs what we define as resolver functions + contains a resolver, and therefore must implement the MIB groups + required of all resolvers which are defined in this module. Some + resolvers also implement "optional" functions such as a cache, in + which case they must also implement the cache group contained in this + MIB. A DNS entity which implements name server functions is + considered to be a name server, and must implement the MIB groups + required for name servers which are defined in a separate module. If + the same piece of software performs both resolver and server + functions, we imagine that it contains both a resolver and a server + and would thus implement both the DNS Server and DNS Resolver MIBs. + +3.1. Resolvers + + In our model, a resolver is a program (or piece thereof) which + obtains resource records from servers. Normally it does so at the + behest of an application, but may also do so as part of its own + operation. A resolver sends DNS protocol queries and receives DNS + protocol replies. A resolver neither receives queries nor sends + replies. A full service resolver is one that knows how to resolve + queries: it obtains the needed resource records by contacting a + server authoritative for the records desired. A stub resolver does + not know how to resolve queries: it sends all queries to a local name + server, setting the "recursion desired" flag to indicate that it + hopes that the name server will be willing to resolve the query. A + resolver may (optionally) have a cache for remembering previously + acquired resource records. It may also have a negative cache for + remembering names or data that have been determined not to exist. + +3.2. Name Servers + + A name server is a program (or piece thereof) that provides resource + records to resolvers. All references in this document to "a name + server" imply "the name server's role"; in some cases the name + server's role and the resolver's role might be combined into a single + program. A name server receives DNS protocol queries and sends DNS + protocol replies. A name server neither sends queries nor receives + replies. As a consequence, name servers do not have caches. + Normally, a name server would expect to receive only those queries to + which it could respond with authoritative information. However, if a + + + +Austein & Saperia [Page 3] + +RFC 1612 DNS Resolver MIB May 1994 + + + name server receives a query that it cannot respond to with purely + authoritative information, it may choose to try to obtain the + necessary additional information from a resolver which may or may not + be a separate process. + +3.3. Selected Objects + + Many of the objects included in this memo have been created from + information contained in the DNS specifications [1,2], as amended and + clarified by subsequent host requirements documents [3]. Other + objects have been created based on experience with existing DNS + management tools, expected operational needs, the statistics + generated by existing DNS implementations, and the configuration + files used by existing DNS implementations. These objects have been + ordered into groups as follows: + + o Resolver Configuration Group + + o Resolver Counter Group + + o Resolver Lame Delegation Group + + o Resolver Cache Group + + o Resolver Negative Cache Group + + o Resolver Optional Counter Group + + This information has been converted into a standard form using the + SNMPv2 SMI defined in [9]. For the most part, the descriptions are + influenced by the DNS related RFCs noted above. For example, the + descriptions for counters used for the various types of queries of + DNS records are influenced by the definitions used for the various + record types found in [2]. + +3.4. Textual Conventions + + Several conceptual data types have been introduced as a textual + conventions in the DNS Server MIB document and have been imported + into this MIB module. These additions will facilitate the common + understanding of information used by the DNS. No changes to the SMI + or the SNMP are necessary to support these conventions. + + Readers familiar with MIBs designed to manage entities in the lower + layers of the Internet protocol suite may be surprised at the number + of non-enumerated integers used in this MIB to represent values such + as DNS RR class and type numbers. The reason for this choice is + simple: the DNS itself is designed as an extensible protocol, + + + +Austein & Saperia [Page 4] + +RFC 1612 DNS Resolver MIB May 1994 + + + allowing new classes and types of resource records to be added to the + protocol without recoding the core DNS software. Using non- + enumerated integers to represent these data types in this MIB allows + the MIB to accommodate these changes as well. + +4. Definitions + + DNS-RESOLVER-MIB DEFINITIONS ::= BEGIN + + IMPORTS + MODULE-IDENTITY, OBJECT-TYPE, IpAddress, Counter32, Integer32 + FROM SNMPv2-SMI + TEXTUAL-CONVENTION, RowStatus, DisplayString + FROM SNMPv2-TC + MODULE-COMPLIANCE, OBJECT-GROUP + FROM SNMPv2-CONF + dns, DnsName, DnsNameAsIndex, DnsClass, DnsType, DnsQClass, + DnsQType, DnsTime, DnsOpCode, DnsRespCode + FROM DNS-SERVER-MIB; + + -- DNS Resolver MIB + + dnsResMIB MODULE-IDENTITY + LAST-UPDATED "9401282250Z" + ORGANIZATION "IETF DNS Working Group" + CONTACT-INFO + " Rob Austein + Postal: Epilogue Technology Corporation + 268 Main Street, Suite 283 + North Reading, MA 10864 + US + Tel: +1 617 245 0804 + Fax: +1 617 245 8122 + E-Mail: sra@epilogue.com + + Jon Saperia + Postal: Digital Equipment Corporation + 110 Spit Brook Road + ZKO1-3/H18 + Nashua, NH 03062-2698 + US + Tel: +1 603 881 0480 + Fax: +1 603 881 0120 + E-mail: saperia@zko.dec.com" + DESCRIPTION + "The MIB module for entities implementing the client + (resolver) side of the Domain Name System (DNS) + protocol." + + + +Austein & Saperia [Page 5] + +RFC 1612 DNS Resolver MIB May 1994 + + + ::= { dns 2 } + + dnsResMIBObjects OBJECT IDENTIFIER ::= { dnsResMIB 1 } + + -- (Old-style) groups in the DNS resolver MIB. + + dnsResConfig OBJECT IDENTIFIER ::= { dnsResMIBObjects 1 } + dnsResCounter OBJECT IDENTIFIER ::= { dnsResMIBObjects 2 } + dnsResLameDelegation OBJECT IDENTIFIER ::= { dnsResMIBObjects 3 } + dnsResCache OBJECT IDENTIFIER ::= { dnsResMIBObjects 4 } + dnsResNCache OBJECT IDENTIFIER ::= { dnsResMIBObjects 5 } + dnsResOptCounter OBJECT IDENTIFIER ::= { dnsResMIBObjects 6 } + + + -- Resolver Configuration Group + + dnsResConfigImplementIdent OBJECT-TYPE + SYNTAX DisplayString + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The implementation identification string for the + resolver software in use on the system, for example; + `RES-2.1'" + ::= { dnsResConfig 1 } + + dnsResConfigService OBJECT-TYPE + SYNTAX INTEGER { recursiveOnly(1), + iterativeOnly(2), + recursiveAndIterative(3) } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Kind of DNS resolution service provided: + + recursiveOnly(1) indicates a stub resolver. + + iterativeOnly(2) indicates a normal full service + resolver. + + recursiveAndIterative(3) indicates a full-service + resolver which performs a mix of recursive and iterative + queries." + ::= { dnsResConfig 2 } + + dnsResConfigMaxCnames OBJECT-TYPE + SYNTAX INTEGER (0..2147483647) + MAX-ACCESS read-write + + + +Austein & Saperia [Page 6] + +RFC 1612 DNS Resolver MIB May 1994 + + + STATUS current + DESCRIPTION + "Limit on how many CNAMEs the resolver should allow + before deciding that there's a CNAME loop. Zero means + that resolver has no explicit CNAME limit." + REFERENCE + "RFC-1035 section 7.1." + ::= { dnsResConfig 3 } + + -- DNS Resolver Safety Belt Table + + dnsResConfigSbeltTable OBJECT-TYPE + SYNTAX SEQUENCE OF DnsResConfigSbeltEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Table of safety belt information used by the resolver + when it hasn't got any better idea of where to send a + query, such as when the resolver is booting or is a stub + resolver." + ::= { dnsResConfig 4 } + + dnsResConfigSbeltEntry OBJECT-TYPE + SYNTAX DnsResConfigSbeltEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry in the resolver's Sbelt table. + Rows may be created or deleted at any time by the DNS + resolver and by SNMP SET requests. Whether the values + changed via SNMP are saved in stable storage across + `reset' operations is implementation-specific." + INDEX { dnsResConfigSbeltAddr, + dnsResConfigSbeltSubTree, + dnsResConfigSbeltClass } + ::= { dnsResConfigSbeltTable 1 } + + DnsResConfigSbeltEntry ::= + SEQUENCE { + dnsResConfigSbeltAddr + IpAddress, + dnsResConfigSbeltName + DnsName, + dnsResConfigSbeltRecursion + INTEGER, + dnsResConfigSbeltPref + INTEGER, + dnsResConfigSbeltSubTree + + + +Austein & Saperia [Page 7] + +RFC 1612 DNS Resolver MIB May 1994 + + + DnsNameAsIndex, + dnsResConfigSbeltClass + DnsClass, + dnsResConfigSbeltStatus + RowStatus + } + + dnsResConfigSbeltAddr OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The IP address of the Sbelt name server identified by + this row of the table." + ::= { dnsResConfigSbeltEntry 1 } + + dnsResConfigSbeltName OBJECT-TYPE + SYNTAX DnsName + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "The DNS name of a Sbelt nameserver identified by this + row of the table. A zero-length string indicates that + the name is not known by the resolver." + ::= { dnsResConfigSbeltEntry 2 } + + dnsResConfigSbeltRecursion OBJECT-TYPE + SYNTAX INTEGER { iterative(1), + recursive(2), + recursiveAndIterative(3) } + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Kind of queries resolver will be sending to the name + server identified in this row of the table: + + iterative(1) indicates that resolver will be directing + iterative queries to this name server (RD bit turned + off). + + recursive(2) indicates that resolver will be directing + recursive queries to this name server (RD bit turned + on). + + recursiveAndIterative(3) indicates that the resolver + will be directing both recursive and iterative queries + to the server identified in this row of the table." + ::= { dnsResConfigSbeltEntry 3 } + + + +Austein & Saperia [Page 8] + +RFC 1612 DNS Resolver MIB May 1994 + + + dnsResConfigSbeltPref OBJECT-TYPE + SYNTAX INTEGER (0..2147483647) + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "This value identifies the preference for the name server + identified in this row of the table. The lower the + value, the more desirable the resolver considers this + server." + ::= { dnsResConfigSbeltEntry 4 } + + dnsResConfigSbeltSubTree OBJECT-TYPE + SYNTAX DnsNameAsIndex + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Queries sent to the name server identified by this row + of the table are limited to those for names in the name + subtree identified by this variable. If no such + limitation applies, the value of this variable is the + name of the root domain (a DNS name consisting of a + single zero octet)." + ::= { dnsResConfigSbeltEntry 5 } + + dnsResConfigSbeltClass OBJECT-TYPE + SYNTAX DnsClass + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The class of DNS queries that will be sent to the server + identified by this row of the table." + ::= { dnsResConfigSbeltEntry 6 } + + dnsResConfigSbeltStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-create + STATUS current + DESCRIPTION + "Row status column for this row of the Sbelt table." + ::= { dnsResConfigSbeltEntry 7 } + + dnsResConfigUpTime OBJECT-TYPE + SYNTAX DnsTime + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "If the resolver has a persistent state (e.g., a + process), this value will be the time elapsed since it + + + +Austein & Saperia [Page 9] + +RFC 1612 DNS Resolver MIB May 1994 + + + started. For software without persistant state, this + value will be 0." + ::= { dnsResConfig 5 } + + dnsResConfigResetTime OBJECT-TYPE + SYNTAX DnsTime + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "If the resolver has a persistent state (e.g., a process) + and supports a `reset' operation (e.g., can be told to + re-read configuration files), this value will be the + time elapsed since the last time the resolver was + `reset.' For software that does not have persistence or + does not support a `reset' operation, this value will be + zero." + ::= { dnsResConfig 6 } + + dnsResConfigReset OBJECT-TYPE + SYNTAX INTEGER { other(1), + reset(2), + initializing(3), + running(4) } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Status/action object to reinitialize any persistant + resolver state. When set to reset(2), any persistant + resolver state (such as a process) is reinitialized as if + the resolver had just been started. This value will + never be returned by a read operation. When read, one of + the following values will be returned: + other(1) - resolver in some unknown state; + initializing(3) - resolver (re)initializing; + running(4) - resolver currently running." + ::= { dnsResConfig 7 } + + + -- Resolver Counters Group + + -- Resolver Counter Table + + dnsResCounterByOpcodeTable OBJECT-TYPE + SYNTAX SEQUENCE OF DnsResCounterByOpcodeEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Table of the current count of resolver queries and + + + +Austein & Saperia [Page 10] + +RFC 1612 DNS Resolver MIB May 1994 + + + answers." + ::= { dnsResCounter 3 } + + dnsResCounterByOpcodeEntry OBJECT-TYPE + SYNTAX DnsResCounterByOpcodeEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Entry in the resolver counter table. Entries are + indexed by DNS OpCode." + INDEX { dnsResCounterByOpcodeCode } + ::= { dnsResCounterByOpcodeTable 1 } + + DnsResCounterByOpcodeEntry ::= + SEQUENCE { + dnsResCounterByOpcodeCode + DnsOpCode, + dnsResCounterByOpcodeQueries + Counter32, + dnsResCounterByOpcodeResponses + Counter32 + } + + dnsResCounterByOpcodeCode OBJECT-TYPE + SYNTAX DnsOpCode + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The index to this table. The OpCodes that have already + been defined are found in RFC-1035." + REFERENCE + "RFC-1035 section 4.1.1." + ::= { dnsResCounterByOpcodeEntry 1 } + + dnsResCounterByOpcodeQueries OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Total number of queries that have sent out by the + resolver since initialization for the OpCode which is + the index to this row of the table." + ::= { dnsResCounterByOpcodeEntry 2 } + + dnsResCounterByOpcodeResponses OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + + + +Austein & Saperia [Page 11] + +RFC 1612 DNS Resolver MIB May 1994 + + + DESCRIPTION + "Total number of responses that have been received by the + resolver since initialization for the OpCode which is + the index to this row of the table." + ::= { dnsResCounterByOpcodeEntry 3 } + + -- Resolver Response Code Counter Table + + dnsResCounterByRcodeTable OBJECT-TYPE + SYNTAX SEQUENCE OF DnsResCounterByRcodeEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Table of the current count of responses to resolver + queries." + ::= { dnsResCounter 4 } + + dnsResCounterByRcodeEntry OBJECT-TYPE + SYNTAX DnsResCounterByRcodeEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Entry in the resolver response table. Entries are + indexed by DNS response code." + INDEX { dnsResCounterByRcodeCode } + ::= { dnsResCounterByRcodeTable 1 } + + DnsResCounterByRcodeEntry ::= + SEQUENCE { + dnsResCounterByRcodeCode + DnsRespCode, + dnsResCounterByRcodeResponses + Counter32 + } + + dnsResCounterByRcodeCode OBJECT-TYPE + SYNTAX DnsRespCode + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "The index to this table. The Response Codes that have + already been defined are found in RFC-1035." + REFERENCE + "RFC-1035 section 4.1.1." + ::= { dnsResCounterByRcodeEntry 1 } + + + + + + +Austein & Saperia [Page 12] + +RFC 1612 DNS Resolver MIB May 1994 + + + dnsResCounterByRcodeResponses OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of responses the resolver has received for the + response code value which identifies this row of the + table." + ::= { dnsResCounterByRcodeEntry 2 } + + -- Additional DNS Resolver Counter Objects + + dnsResCounterNonAuthDataResps OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests made by the resolver for which a + non-authoritative answer (cached data) was received." + ::= { dnsResCounter 5 } + + dnsResCounterNonAuthNoDataResps OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests made by the resolver for which a + non-authoritative answer - no such data response (empty + answer) was received." + ::= { dnsResCounter 6 } + + dnsResCounterMartians OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of responses received which were received from + servers that the resolver does not think it asked." + ::= { dnsResCounter 7 } + + dnsResCounterRecdResponses OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of responses received to all queries." + ::= { dnsResCounter 8 } + + + + +Austein & Saperia [Page 13] + +RFC 1612 DNS Resolver MIB May 1994 + + + dnsResCounterUnparseResps OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of responses received which were unparseable." + ::= { dnsResCounter 9 } + + dnsResCounterFallbacks OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of times the resolver had to fall back to its + seat belt information." + ::= { dnsResCounter 10 } + + + -- Lame Delegation Group + + dnsResLameDelegationOverflows OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of times the resolver attempted to add an entry + to the Lame Delegation table but was unable to for some + reason such as space constraints." + ::= { dnsResLameDelegation 1 } + + -- Lame Delegation Table + + dnsResLameDelegationTable OBJECT-TYPE + SYNTAX SEQUENCE OF DnsResLameDelegationEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Table of name servers returning lame delegations. + + A lame delegation has occured when a parent zone + delegates authority for a child zone to a server that + appears not to think that it is authoritative for the + child zone in question." + ::= { dnsResLameDelegation 2 } + + dnsResLameDelegationEntry OBJECT-TYPE + SYNTAX DnsResLameDelegationEntry + MAX-ACCESS not-accessible + + + +Austein & Saperia [Page 14] + +RFC 1612 DNS Resolver MIB May 1994 + + + STATUS current + DESCRIPTION + "Entry in lame delegation table. Only the resolver may + create rows in this table. SNMP SET requests may be used + to delete rows." + INDEX { dnsResLameDelegationSource, + dnsResLameDelegationName, + dnsResLameDelegationClass } + ::= { dnsResLameDelegationTable 1 } + + DnsResLameDelegationEntry ::= + SEQUENCE { + dnsResLameDelegationSource + IpAddress, + dnsResLameDelegationName + DnsNameAsIndex, + dnsResLameDelegationClass + DnsClass, + dnsResLameDelegationCounts + Counter32, + dnsResLameDelegationStatus + RowStatus + } + + dnsResLameDelegationSource OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Source of lame delegation." + ::= { dnsResLameDelegationEntry 1 } + + dnsResLameDelegationName OBJECT-TYPE + SYNTAX DnsNameAsIndex + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "DNS name for which lame delegation was received." + ::= { dnsResLameDelegationEntry 2 } + + dnsResLameDelegationClass OBJECT-TYPE + SYNTAX DnsClass + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "DNS class of received lame delegation." + ::= { dnsResLameDelegationEntry 3 } + + + + +Austein & Saperia [Page 15] + +RFC 1612 DNS Resolver MIB May 1994 + + + dnsResLameDelegationCounts OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "How many times this lame delegation has been received." + ::= { dnsResLameDelegationEntry 4 } + + dnsResLameDelegationStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Status column for the lame delegation table. Since only + the agent (DNS resolver) creates rows in this table, the + only values that a manager may write to this variable + are active(1) and destroy(6)." + ::= { dnsResLameDelegationEntry 5 } + + + -- Resolver Cache Group + + dnsResCacheStatus OBJECT-TYPE + SYNTAX INTEGER { enabled(1), disabled(2), clear(3) } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Status/action for the resolver's cache. + + enabled(1) means that the use of the cache is allowed. + Query operations can return this state. + + disabled(2) means that the cache is not being used. + Query operations can return this state. + + Setting this variable to clear(3) deletes the entire + contents of the resolver's cache, but does not otherwise + change the resolver's state. The status will retain its + previous value from before the clear operation (i.e., + enabled(1) or disabled(2)). The value of clear(3) can + NOT be returned by a query operation." + ::= { dnsResCache 1 } + + dnsResCacheMaxTTL OBJECT-TYPE + SYNTAX DnsTime + MAX-ACCESS read-write + STATUS current + DESCRIPTION + + + +Austein & Saperia [Page 16] + +RFC 1612 DNS Resolver MIB May 1994 + + + "Maximum Time-To-Live for RRs in this cache. If the + resolver does not implement a TTL ceiling, the value of + this field should be zero." + ::= { dnsResCache 2 } + + dnsResCacheGoodCaches OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of RRs the resolver has cached successfully." + ::= { dnsResCache 3 } + + dnsResCacheBadCaches OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of RRs the resolver has refused to cache because + they appear to be dangerous or irrelevant. E.g., RRs + with suspiciously high TTLs, unsolicited root + information, or that just don't appear to be relevant to + the question the resolver asked." + ::= { dnsResCache 4 } + + -- Resolver Cache Table + + dnsResCacheRRTable OBJECT-TYPE + SYNTAX SEQUENCE OF DnsResCacheRREntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "This table contains information about all the resource + records currently in the resolver's cache." + ::= { dnsResCache 5 } + + dnsResCacheRREntry OBJECT-TYPE + SYNTAX DnsResCacheRREntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry in the resolvers's cache. Rows may be created + only by the resolver. SNMP SET requests may be used to + delete rows." + INDEX { dnsResCacheRRName, + dnsResCacheRRClass, + dnsResCacheRRType, + dnsResCacheRRIndex } + + + +Austein & Saperia [Page 17] + +RFC 1612 DNS Resolver MIB May 1994 + + + ::= { dnsResCacheRRTable 1 } + + DnsResCacheRREntry ::= + SEQUENCE { + dnsResCacheRRName + DnsNameAsIndex, + dnsResCacheRRClass + DnsClass, + dnsResCacheRRType + DnsType, + dnsResCacheRRTTL + DnsTime, + dnsResCacheRRElapsedTTL + DnsTime, + dnsResCacheRRSource + IpAddress, + dnsResCacheRRData + OCTET STRING, + dnsResCacheRRStatus + RowStatus, + dnsResCacheRRIndex + Integer32, + dnsResCacheRRPrettyName + DnsName + } + + dnsResCacheRRName OBJECT-TYPE + SYNTAX DnsNameAsIndex + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "Owner name of the Resource Record in the cache which is + identified in this row of the table. As described in + RFC-1034, the owner of the record is the domain name + were the RR is found." + REFERENCE + "RFC-1034 section 3.6." + ::= { dnsResCacheRREntry 1 } + + dnsResCacheRRClass OBJECT-TYPE + SYNTAX DnsClass + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "DNS class of the Resource Record in the cache which is + identified in this row of the table." + ::= { dnsResCacheRREntry 2 } + + + + +Austein & Saperia [Page 18] + +RFC 1612 DNS Resolver MIB May 1994 + + + dnsResCacheRRType OBJECT-TYPE + SYNTAX DnsType + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "DNS type of the Resource Record in the cache which is + identified in this row of the table." + ::= { dnsResCacheRREntry 3 } + + dnsResCacheRRTTL OBJECT-TYPE + SYNTAX DnsTime + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Time-To-Live of RR in DNS cache. This is the initial + TTL value which was received with the RR when it was + originally received." + ::= { dnsResCacheRREntry 4 } + + dnsResCacheRRElapsedTTL OBJECT-TYPE + SYNTAX DnsTime + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Elapsed seconds since RR was received." + ::= { dnsResCacheRREntry 5 } + + dnsResCacheRRSource OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Host from which RR was received, 0.0.0.0 if unknown." + ::= { dnsResCacheRREntry 6 } + + dnsResCacheRRData OBJECT-TYPE + SYNTAX OCTET STRING + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "RDATA portion of a cached RR. The value is in the + format defined for the particular DNS class and type of + the resource record." + REFERENCE + "RFC-1035 section 3.2.1." + ::= { dnsResCacheRREntry 7 } + + + + + +Austein & Saperia [Page 19] + +RFC 1612 DNS Resolver MIB May 1994 + + + dnsResCacheRRStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Status column for the resolver cache table. Since only + the agent (DNS resolver) creates rows in this table, the + only values that a manager may write to this variable + are active(1) and destroy(6)." + ::= { dnsResCacheRREntry 8 } + + dnsResCacheRRIndex OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "A value which makes entries in the table unique when the + other index values (dnsResCacheRRName, + dnsResCacheRRClass, and dnsResCacheRRType) do not + provide a unique index." + ::= { dnsResCacheRREntry 9 } + + dnsResCacheRRPrettyName OBJECT-TYPE + SYNTAX DnsName + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Name of the RR at this row in the table. This is + identical to the dnsResCacheRRName variable, except that + character case is preserved in this variable, per DNS + conventions." + REFERENCE + "RFC-1035 section 2.3.3." + ::= { dnsResCacheRREntry 10 } + + -- Resolver Negative Cache Group + + dnsResNCacheStatus OBJECT-TYPE + SYNTAX INTEGER { enabled(1), disabled(2), clear(3) } + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Status/action for the resolver's negative response + cache. + + enabled(1) means that the use of the negative response + cache is allowed. Query operations can return this + state. + + + +Austein & Saperia [Page 20] + +RFC 1612 DNS Resolver MIB May 1994 + + + disabled(2) means that the negative response cache is + not being used. Query operations can return this state. + + Setting this variable to clear(3) deletes the entire + contents of the resolver's negative response cache. The + status will retain its previous value from before the + clear operation (i.e., enabled(1) or disabled(2)). The + value of clear(3) can NOT be returned by a query + operation." + ::= { dnsResNCache 1 } + + dnsResNCacheMaxTTL OBJECT-TYPE + SYNTAX DnsTime + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Maximum Time-To-Live for cached authoritative errors. + If the resolver does not implement a TTL ceiling, the + value of this field should be zero." + ::= { dnsResNCache 2 } + + dnsResNCacheGoodNCaches OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of authoritative errors the resolver has cached + successfully." + ::= { dnsResNCache 3 } + + dnsResNCacheBadNCaches OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of authoritative errors the resolver would have + liked to cache but was unable to because the appropriate + SOA RR was not supplied or looked suspicious." + REFERENCE + "RFC-1034 section 4.3.4." + ::= { dnsResNCache 4 } + + -- Resolver Negative Cache Table + + dnsResNCacheErrTable OBJECT-TYPE + SYNTAX SEQUENCE OF DnsResNCacheErrEntry + MAX-ACCESS not-accessible + STATUS current + + + +Austein & Saperia [Page 21] + +RFC 1612 DNS Resolver MIB May 1994 + + + DESCRIPTION + "The resolver's negative response cache. This table + contains information about authoritative errors that + have been cached by the resolver." + ::= { dnsResNCache 5 } + + dnsResNCacheErrEntry OBJECT-TYPE + SYNTAX DnsResNCacheErrEntry + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "An entry in the resolver's negative response cache + table. Only the resolver can create rows. SNMP SET + requests may be used to delete rows." + INDEX { dnsResNCacheErrQName, + dnsResNCacheErrQClass, + dnsResNCacheErrQType, + dnsResNCacheErrIndex } + ::= { dnsResNCacheErrTable 1 } + + DnsResNCacheErrEntry ::= + SEQUENCE { + dnsResNCacheErrQName + DnsNameAsIndex, + dnsResNCacheErrQClass + DnsQClass, + dnsResNCacheErrQType + DnsQType, + dnsResNCacheErrTTL + DnsTime, + dnsResNCacheErrElapsedTTL + DnsTime, + dnsResNCacheErrSource + IpAddress, + dnsResNCacheErrCode + INTEGER, + dnsResNCacheErrStatus + RowStatus, + dnsResNCacheErrIndex + Integer32, + dnsResNCacheErrPrettyName + DnsName + } + + dnsResNCacheErrQName OBJECT-TYPE + SYNTAX DnsNameAsIndex + MAX-ACCESS not-accessible + STATUS current + + + +Austein & Saperia [Page 22] + +RFC 1612 DNS Resolver MIB May 1994 + + + DESCRIPTION + "QNAME associated with a cached authoritative error." + REFERENCE + "RFC-1034 section 3.7.1." + ::= { dnsResNCacheErrEntry 1 } + + dnsResNCacheErrQClass OBJECT-TYPE + SYNTAX DnsQClass + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "DNS QCLASS associated with a cached authoritative + error." + ::= { dnsResNCacheErrEntry 2 } + + dnsResNCacheErrQType OBJECT-TYPE + SYNTAX DnsQType + MAX-ACCESS not-accessible + STATUS current + DESCRIPTION + "DNS QTYPE associated with a cached authoritative error." + ::= { dnsResNCacheErrEntry 3 } + + dnsResNCacheErrTTL OBJECT-TYPE + SYNTAX DnsTime + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Time-To-Live of a cached authoritative error at the time + of the error, it should not be decremented by the number + of seconds since it was received. This should be the + TTL as copied from the MINIMUM field of the SOA that + accompanied the authoritative error, or a smaller value + if the resolver implements a ceiling on negative + response cache TTLs." + REFERENCE + "RFC-1034 section 4.3.4." + ::= { dnsResNCacheErrEntry 4 } + + dnsResNCacheErrElapsedTTL OBJECT-TYPE + SYNTAX DnsTime + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Elapsed seconds since authoritative error was received." + ::= { dnsResNCacheErrEntry 5 } + + + + + +Austein & Saperia [Page 23] + +RFC 1612 DNS Resolver MIB May 1994 + + + dnsResNCacheErrSource OBJECT-TYPE + SYNTAX IpAddress + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Host which sent the authoritative error, 0.0.0.0 if + unknown." + ::= { dnsResNCacheErrEntry 6 } + + dnsResNCacheErrCode OBJECT-TYPE + SYNTAX INTEGER { nonexistantName(1), noData(2), other(3) } + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "The authoritative error that has been cached: + + nonexistantName(1) indicates an authoritative name error + (RCODE = 3). + + noData(2) indicates an authoritative response with no + error (RCODE = 0) and no relevant data. + + other(3) indicates some other cached authoritative + error. At present, no such errors are known to exist." + ::= { dnsResNCacheErrEntry 7 } + + dnsResNCacheErrStatus OBJECT-TYPE + SYNTAX RowStatus + MAX-ACCESS read-write + STATUS current + DESCRIPTION + "Status column for the resolver negative response cache + table. Since only the agent (DNS resolver) creates rows + in this table, the only values that a manager may write + to this variable are active(1) and destroy(6)." + ::= { dnsResNCacheErrEntry 8 } + + dnsResNCacheErrIndex OBJECT-TYPE + SYNTAX Integer32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "A value which makes entries in the table unique when the + other index values (dnsResNCacheErrQName, + dnsResNCacheErrQClass, and dnsResNCacheErrQType) do not + provide a unique index." + ::= { dnsResNCacheErrEntry 9 } + + + + +Austein & Saperia [Page 24] + +RFC 1612 DNS Resolver MIB May 1994 + + + dnsResNCacheErrPrettyName OBJECT-TYPE + SYNTAX DnsName + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "QNAME associated with this row in the table. This is + identical to the dnsResNCacheErrQName variable, except + that character case is preserved in this variable, per + DNS conventions." + REFERENCE + "RFC-1035 section 2.3.3." + ::= { dnsResNCacheErrEntry 10 } + + + -- Resolver Optional Counters Group + + dnsResOptCounterReferals OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of responses which were received from servers + redirecting query to another server." + ::= { dnsResOptCounter 1 } + + dnsResOptCounterRetrans OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number requests retransmitted for all reasons." + ::= { dnsResOptCounter 2 } + + dnsResOptCounterNoResponses OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries that were retransmitted because of no + response." + ::= { dnsResOptCounter 3 } + + dnsResOptCounterRootRetrans OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of queries that were retransmitted that were to + + + +Austein & Saperia [Page 25] + +RFC 1612 DNS Resolver MIB May 1994 + + + root servers." + ::= { dnsResOptCounter 4 } + + dnsResOptCounterInternals OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests internally generated by the + resolver." + ::= { dnsResOptCounter 5 } + + dnsResOptCounterInternalTimeOuts OBJECT-TYPE + SYNTAX Counter32 + MAX-ACCESS read-only + STATUS current + DESCRIPTION + "Number of requests internally generated which timed + out." + ::= { dnsResOptCounter 6 } + + + -- SNMPv2 groups. + + dnsResMIBGroups OBJECT IDENTIFIER ::= { dnsResMIB 2 } + + dnsResConfigGroup OBJECT-GROUP + OBJECTS { dnsResConfigImplementIdent, + dnsResConfigService, + dnsResConfigMaxCnames, + dnsResConfigSbeltAddr, + dnsResConfigSbeltName, + dnsResConfigSbeltRecursion, + dnsResConfigSbeltPref, + dnsResConfigSbeltSubTree, + dnsResConfigSbeltClass, + dnsResConfigSbeltStatus, + dnsResConfigUpTime, + dnsResConfigResetTime } + STATUS current + DESCRIPTION + "A collection of objects providing basic configuration + information for a DNS resolver implementation." + ::= { dnsResMIBGroups 1 } + + dnsResCounterGroup OBJECT-GROUP + OBJECTS { dnsResCounterByOpcodeCode, + dnsResCounterByOpcodeQueries, + + + +Austein & Saperia [Page 26] + +RFC 1612 DNS Resolver MIB May 1994 + + + dnsResCounterByOpcodeResponses, + dnsResCounterByRcodeCode, + dnsResCounterByRcodeResponses, + dnsResCounterNonAuthDataResps, + dnsResCounterNonAuthNoDataResps, + dnsResCounterMartians, + dnsResCounterRecdResponses, + dnsResCounterUnparseResps, + dnsResCounterFallbacks } + STATUS current + DESCRIPTION + "A collection of objects providing basic instrumentation + of a DNS resolver implementation." + ::= { dnsResMIBGroups 2 } + + dnsResLameDelegationGroup OBJECT-GROUP + OBJECTS { dnsResLameDelegationOverflows, + dnsResLameDelegationSource, + dnsResLameDelegationName, + dnsResLameDelegationClass, + dnsResLameDelegationCounts, + dnsResLameDelegationStatus } + STATUS current + DESCRIPTION + "A collection of objects providing instrumentation of + `lame delegation' failures." + ::= { dnsResMIBGroups 3 } + + + dnsResCacheGroup OBJECT-GROUP + OBJECTS { dnsResCacheStatus, + dnsResCacheMaxTTL, + dnsResCacheGoodCaches, + dnsResCacheBadCaches, + dnsResCacheRRName, + dnsResCacheRRClass, + dnsResCacheRRType, + dnsResCacheRRTTL, + dnsResCacheRRElapsedTTL, + dnsResCacheRRSource, + dnsResCacheRRData, + dnsResCacheRRStatus, + dnsResCacheRRIndex, + dnsResCacheRRPrettyName } + STATUS current + DESCRIPTION + "A collection of objects providing access to and control + of a DNS resolver's cache." + + + +Austein & Saperia [Page 27] + +RFC 1612 DNS Resolver MIB May 1994 + + + ::= { dnsResMIBGroups 4 } + + dnsResNCacheGroup OBJECT-GROUP + OBJECTS { dnsResNCacheStatus, + dnsResNCacheMaxTTL, + dnsResNCacheGoodNCaches, + dnsResNCacheBadNCaches, + dnsResNCacheErrQName, + dnsResNCacheErrQClass, + dnsResNCacheErrQType, + dnsResNCacheErrTTL, + dnsResNCacheErrElapsedTTL, + dnsResNCacheErrSource, + dnsResNCacheErrCode, + dnsResNCacheErrStatus, + dnsResNCacheErrIndex, + dnsResNCacheErrPrettyName } + STATUS current + DESCRIPTION + "A collection of objects providing access to and control + of a DNS resolver's negative response cache." + ::= { dnsResMIBGroups 5 } + + dnsResOptCounterGroup OBJECT-GROUP + OBJECTS { dnsResOptCounterReferals, + dnsResOptCounterRetrans, + dnsResOptCounterNoResponses, + dnsResOptCounterRootRetrans, + dnsResOptCounterInternals, + dnsResOptCounterInternalTimeOuts } + STATUS current + DESCRIPTION + "A collection of objects providing further + instrumentation applicable to many but not all DNS + resolvers." + ::= { dnsResMIBGroups 6 } + + + -- Compliances. + + dnsResMIBCompliances OBJECT IDENTIFIER ::= { dnsResMIB 3 } + + dnsResMIBCompliance MODULE-COMPLIANCE + STATUS current + DESCRIPTION + "The compliance statement for agents implementing the DNS + resolver MIB extensions." + MODULE -- This MIB module + + + +Austein & Saperia [Page 28] + +RFC 1612 DNS Resolver MIB May 1994 + + + MANDATORY-GROUPS { dnsResConfigGroup, dnsResCounterGroup } + GROUP dnsResCacheGroup + DESCRIPTION + "The resolver cache group is mandatory for resolvers that + implement a cache." + GROUP dnsResNCacheGroup + DESCRIPTION + "The resolver negative cache group is mandatory for + resolvers that implement a negative response cache." + GROUP dnsResLameDelegationGroup + DESCRIPTION + "The lame delegation group is unconditionally optional." + GROUP dnsResOptCounterGroup + DESCRIPTION + "The optional counters group is unconditionally + optional." + OBJECT dnsResConfigMaxCnames + MIN-ACCESS read-only + DESCRIPTION + "This object need not be writable." + OBJECT dnsResConfigSbeltName + MIN-ACCESS read-only + DESCRIPTION + "This object need not be writable." + OBJECT dnsResConfigSbeltRecursion + MIN-ACCESS read-only + DESCRIPTION + "This object need not be writable." + OBJECT dnsResConfigSbeltPref + MIN-ACCESS read-only + DESCRIPTION + "This object need not be writable." + OBJECT dnsResConfigReset + MIN-ACCESS read-only + DESCRIPTION + "This object need not be writable." + OBJECT dnsResCacheStatus + MIN-ACCESS read-only + DESCRIPTION + "This object need not be writable." + OBJECT dnsResCacheMaxTTL + MIN-ACCESS read-only + DESCRIPTION + "This object need not be writable." + OBJECT dnsResNCacheStatus + MIN-ACCESS read-only + DESCRIPTION + "This object need not be writable." + + + +Austein & Saperia [Page 29] + +RFC 1612 DNS Resolver MIB May 1994 + + + OBJECT dnsResNCacheMaxTTL + MIN-ACCESS read-only + DESCRIPTION + "This object need not be writable." + ::= { dnsResMIBCompliances 1 } + + END + +5. Acknowledgements + + This document is the result of work undertaken the by DNS working + group. The authors would particularly like to thank the following + people for their contributions to this document: Philip Almquist, + Frank Kastenholz (FTP Software), Joe Peck (DEC), Dave Perkins + (SynOptics), Win Treese (DEC), and Mimi Zohar (IBM). + +6. References + + [1] Mockapetris, P., "Domain Names -- Concepts and Facilities", STD + 13, RFC 1034, USC/Information Sciences Institute, November 1987. + + [2] Mockapetris, P., "Domain Names -- Implementation and + Specification", STD 13, RFC 1035, USC/Information Sciences + Institute, November 1987. + + [3] Braden, R., Editor, "Requirements for Internet Hosts -- + Application and Support, STD 3, RFC 1123, USC/Information + Sciences Institute, October 1989. + + [4] Rose, M., and K. McCloghrie, "Structure and Identification of + Management Information for TCP/IP-based internets", STD 16, RFC + 1155, Performance Systems International, Hughes LAN Systems, May + 1990. + + [5] McCloghrie, K., and M. Rose, "Management Information Base for + Network Management of TCP/IP-based internets", RFC 1156, Hughes + LAN Systems, Performance Systems International, May 1990. + + [6] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple + Network Management Protocol", STD 15, RFC 1157, SNMP Research, + Performance Systems International, Performance Systems + International, MIT Laboratory for Computer Science, May 1990. + + [7] Rose, M., and K. McCloghrie, Editors, "Concise MIB Definitions", + STD 16, RFC 1212, Performance Systems International, Hughes LAN + Systems, March 1991. + + + + + +Austein & Saperia [Page 30] + +RFC 1612 DNS Resolver MIB May 1994 + + + [8] McCloghrie, K., and M. Rose, "Management Information Base for + Network Management of TCP/IP-based internets: MIB-II", STD 17, + RFC 1213, Hughes LAN Systems, Performance Systems International, + March 1991. + + [9] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Structure + of Management Information for version 2 of the Simple Network + Management Protocol (SNMPv2)", RFC 1442, SNMP Research, Inc., + Hughes LAN Systems, Dover Beach Consulting, Inc., Carnegie Mellon + University, April 1993. + + [10] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Textual + Conventions for version 2 of the the Simple Network Management + Protocol (SNMPv2)", RFC 1443, SNMP Research, Inc., Hughes LAN + Systems, Dover Beach Consulting, Inc., Carnegie Mellon + University, April 1993. + + [11] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, + "Conformance Statements for version 2 of the the Simple Network + Management Protocol (SNMPv2)", RFC 1444, SNMP Research, Inc., + Hughes LAN Systems, Dover Beach Consulting, Inc., Carnegie Mellon + University, April 1993. + + [12] Galvin, J., and K. McCloghrie, "Administrative Model for version + 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1445, + Trusted Information Systems, Hughes LAN Systems, April 1993. + + [13] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol + Operations for version 2 of the Simple Network Management + Protocol (SNMPv2)", RFC 1448, SNMP Research, Inc., Hughes LAN + Systems, Dover Beach Consulting, Inc., Carnegie Mellon + University, April 1993. + + [14] "Information processing systems - Open Systems Interconnection - + Specification of Abstract Syntax Notation One (ASN.1)", + International Organization for Standardization, International + Standard 8824, December 1987. + + + + + + + + + + + + + + +Austein & Saperia [Page 31] + +RFC 1612 DNS Resolver MIB May 1994 + + +7. Security Considerations + + Security issues are not discussed in this memo. + +8. Authors' Addresses + + Rob Austein + Epilogue Technology Corporation + 268 Main Street, Suite 283 + North Reading, MA 01864 + USA + + Phone: +1-617-245-0804 + Fax: +1-617-245-8122 + EMail: sra@epilogue.com + + + Jon Saperia + Digital Equipment Corporation + 110 Spit Brook Road + ZKO1-3/H18 + Nashua, NH 03062-2698 + USA + + Phone: +1-603-881-0480 + Fax: +1-603-881-0120 + EMail: saperia@zko.dec.com + + + + + + + + + + + + + + + + + + + + + + + + +Austein & Saperia [Page 32] +