5. Counter Aggregation Configuration Usage Examples
This section contains an example of the steps that may be followed by
a management station to configure the objects in the
A note about these examples:
- they do not define a standard
- an agent is not obligated to support them
- a management application is not constrained by them
- the SET(object = value [, ...]) notation is only conceptual, and
is not meant to represent an actual SNMP Set PDU.
5.1. Step 1: Unlock the Counter Aggregation Configuration
Before any write operations to the tabular objects in this group can
be made, the counter aggregation configuration must be unlocked by
setting the dsmonAggControlLocked scalar to false:
SET(dsmonAggControlLocked.0 = false(2));
5.2. Step 2: Check the Maximum number of Counter Aggregation Groups
Make sure the desired counter aggregation groups have a chance of
being configured on the agent.
maxGroups = GET(dsmonAggMaxAggGroups.0);
For this example, maxGroups is greater or equal to 64.
5.3. Step 3: Check if the counter aggregation profiles already exist
Make sure the desired counter aggregation profiles have not already
been configured, or perhaps recreated after an agent restart. The
following example is oversimplified, in that the entire counter
aggregation configuration should actually be verified.
profile1Descr = GET(dsmonAggControlDescr.1);
profile1Owner = GET(dsmonAggControlOwner.1);
profile1Status = GET(dsmonAggControlStatus.1);
For this example, none of the counter aggregation profiles already
5.4. Step 4: Create the Counter Aggregation Control Entries
The management station should create one entry in the
dsmonAggControlTable for each counter aggregation profile to be
configured on the agent.
Steps 4, 5, and 6 are repeated for each counter aggregation profile
to be configured on the agent. There are 3 example counter
aggregation profiles shown in each of these steps.
Example 1: Each DSCP in its own counter aggregation group.
SET(dsmonAggControlStatus.1 = createAndGo(4),
dsmonAggControlOwner.1 = "Example App 1",
dsmonAggControlDescr.1 = "1 DSCP Per Group");
Example 2: a collection of DIFFSERV PHBs.
SET(dsmonAggControlStatus.2 = createAndGo(4),
dsmonAggControlOwner.2 = "Example App 2",
dsmonAggControlDescr.2 = "June 2000 DIFFSERV PHBs");
Example 3: an aggregated collection of DIFFSERV PHBs.
SET(dsmonAggControlStatus.3 = createAndGo(4),
dsmonAggControlOwner.3 = "Example App 3",
dsmonAggControlDescr.3 = "Limited June 2000 PHBs");
5.5. Step 5: Create the Counter Aggregation Group Descriptions
Example 1: Each DSCP in its own counter aggregation group. One group
is created for each codepoint, for a total of 64 rows.
SET(dsmonAggGroupStatus.1.0 = createAndGo(4),
dsmonAggGroupDescr.1.0 = "DSCP 0");
SET(dsmonAggGroupStatus.1.1 = createAndGo(4),
dsmonAggGroupDescr.1.1 = "DSCP 1");
SET(dsmonAggGroupStatus.1.2 = createAndGo(4),
dsmonAggGroupDescr.1.2 = "DSCP 2");
SET(dsmonAggGroupStatus.1.3 = createAndGo(4),
dsmonAggGroupDescr.1.3 = "DSCP 3");
SET(dsmonAggGroupStatus.1.63 = createAndGo(4),
dsmonAggGroupDescr.1.63 = "DSCP 63");
Example 3: an aggregated representation of current DIFFSERV PHBs.
One group is created for each counter aggregation to be monitored (8
rows in this example).
SET(dsmonAggGroupStatus.3.0 = createAndGo(4),
dsmonAggGroupDescr.3.0 = "Zero CS");
SET(dsmonAggGroupStatus.3.1 = createAndGo(4),
dsmonAggGroupDescr.3.1 = "Nonzero CS");
SET(dsmonAggGroupStatus.3.2 = createAndGo(4),
dsmonAggGroupDescr.3.2 = "EF");
SET(dsmonAggGroupStatus.3.3 = createAndGo(4),
dsmonAggGroupDescr.3.3 = "AF1");
SET(dsmonAggGroupStatus.3.4 = createAndGo(4),
dsmonAggGroupDescr.3.4 = "AF2");
SET(dsmonAggGroupStatus.3.5 = createAndGo(4),
dsmonAggGroupDescr.3.5 = "AF3");
SET(dsmonAggGroupStatus.3.6 = createAndGo(4),
dsmonAggGroupDescr.3.6 = "AF4");
SET(dsmonAggGroupStatus.3.7 = createAndGo(4),
dsmonAggGroupDescr.3.7 = "Nonzero Default");
5.6. Step 6: Create the Counter Aggregation Profile Mappings
After the dsmonAggControlEntries are activated, the associated read-
write dsmonAggProfileEntries will be created. The management station
must create 64 entries in the dsmonAggProfileTable for each counter
aggregation profile configured in the dsmonAggControlTable.
Example 1: Each DSCP in its own counter aggregation group
SET(dsmonAggGroupIndex.1.0 = 0,
dsmonAggGroupIndex.1.1 = 1,
dsmonAggGroupIndex.1.2 = 2,
dsmonAggGroupIndex.1.3 = 3,
dsmonAggGroupIndex.1.63 = 63);
Example 2: a collection of current DIFFSERV PHBs.
SET(dsmonAggGroupIndex.2.0 = 0, -- CS0
dsmonAggGroupIndex.2.1 = 21, -- Nonzero Default
dsmonAggGroupIndex.2.2 = 21,
dsmonAggGroupIndex.2.3 = 21,
dsmonAggGroupIndex.2.4 = 21,
dsmonAggGroupIndex.2.5 = 21,
dsmonAggGroupIndex.2.6 = 21,
dsmonAggGroupIndex.2.7 = 21,
dsmonAggGroupIndex.2.8 = 1, -- CS1
dsmonAggGroupIndex.3.38 = 6,
dsmonAggGroupIndex.3.39 = 7,
dsmonAggGroupIndex.3.40 = 1,
dsmonAggGroupIndex.3.41 = 7,
dsmonAggGroupIndex.3.42 = 7,
dsmonAggGroupIndex.3.43 = 7,
dsmonAggGroupIndex.3.44 = 7,
dsmonAggGroupIndex.3.45 = 7,
dsmonAggGroupIndex.3.46 = 7,
dsmonAggGroupIndex.3.47 = 7,
dsmonAggGroupIndex.3.48 = 1,
dsmonAggGroupIndex.3.49 = 7,
dsmonAggGroupIndex.3.50 = 7,
dsmonAggGroupIndex.3.51 = 7,
dsmonAggGroupIndex.3.52 = 7,
dsmonAggGroupIndex.3.53 = 7,
dsmonAggGroupIndex.3.54 = 7,
dsmonAggGroupIndex.3.55 = 7,
dsmonAggGroupIndex.3.56 = 1,
dsmonAggGroupIndex.3.57 = 7,
dsmonAggGroupIndex.3.58 = 7,
dsmonAggGroupIndex.3.59 = 7,
dsmonAggGroupIndex.3.60 = 7,
dsmonAggGroupIndex.3.61 = 7,
dsmonAggGroupIndex.3.62 = 7,
dsmonAggGroupIndex.3.63 = 7);
5.7. Step 7: Lock the Counter Aggregation Configuration
Before any existing collections can be activated by the agent, the
counter aggregation configuration must be locked, by setting the
dsmonAggControlLocked scalar to 'true'.
SET(dsmonAggControlLocked.0 = true(1));
6. Intellectual Property
The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; neither does it represent that it
has made any effort to identify any such rights. Information on the
IETF's procedures with respect to rights in standards-track and
standards-related documentation can be found in BCP 11, RFC 2028.
Copies of claims of rights made available for publication and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementors or users of this
specification can be obtained from the IETF Secretariat.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights which may cover technology that may be required to practice
this standard. Please address the information to the IETF Executive
This memo is a product of the RMONMIB WG. It is based on an Internet
Draft that was produced with a great deal of assistance from Keith
McCloghrie and Bijendra Jain.
[RFC1155] Rose, M. and K. McCloghrie, "Structure and Identification
of Management Information for TCP/IP-based Internets", STD
16, RFC 1155, May 1990.
[RFC1157] Case, J., Fedor, M., Schoffstall, M. and C. Davin, "Simple
Network Management Protocol", STD 15, RFC 1157, May 1990.
[RFC1212] Rose, M. and K. McCloghrie, "Concise MIB Definitions", STD
16, RFC 1212, March 1991.
[RFC1215] Rose, M., "A Convention for Defining Traps for use with the
SNMP", RFC 1215, March 1991.
[RFC1901] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser,
"Introduction to Community-based SNMPv2", RFC 1901, January
[RFC1905] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser,
"Protocol Operations for Version 2 of the Simple Network
Management Protocol (SNMPv2)", RFC 1905, January 1996.
[RFC1906] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser,
"Transport Mappings for Version 2 of the Simple Network
Management Protocol (SNMPv2)", RFC 1906, January 1996.
[RFC2021] Waldbusser, S., "Remote Network Monitoring Management
Information Base Version 2 using SMIv2", RFC 2021, January
[RFC2026] Bradner, S., "The Internet Standards Process -- Revision
3", BCP 9, RFC 2026, October 1996.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2474] Nichols, K., Blake, S., Baker, F. and D. Black, "Definition
of the Differentiated Services Field (DS Field) in the IPv4
and IPv6 Headers", RFC 2474, December 1998.
[RFC2475] Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z. and
W. Weiss, "An Architecture for Differentiated Services",
RFC 2475, December 1998.
[RFC2570] Case, J., Mundy, R., Partain, D. and B. Stewart,
"Introduction to Version 3 of the Internet-standard Network
Management Framework", RFC 2570, April 1999.
[RFC2571] Wijnen, B., Harrington, D. and R. Presuhn, "An Architecture
for Describing SNMP Management Frameworks", RFC 2571, April
[RFC2572] Case, J., Harrington D., Presuhn R. and B. Wijnen, "Message
Processing and Dispatching for the Simple Network
Management Protocol (SNMP)", RFC 2572, April 1999.
[RFC2573] Levi, D., Meyer, P. and B. Stewart, "SNMPv3 Applications",
RFC 2573, April 1999.
[RFC2574] Blumenthal, U. and B. Wijnen, "User-based Security Model
(USM) for version 3 of the Simple Network Management
Protocol (SNMPv3)", RFC 2574, April 1999.
[RFC2575] Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based
Access Control Model (VACM) for the Simple Network
Management Protocol (SNMP)", RFC 2575, April 1999.
[RFC2578] McCloghrie, K., Perkins, D. and J. Schoenwaelder,
"Structure of Management Information Version 2 (SMIv2)",
STD 58, RFC 2578, April 1999.
[RFC2579] McCloghrie, K., Perkins, D.and J. Schoenwaelder, "Textual
Conventions for SMIv2", STD 58, RFC 2579, April 1999.
[RFC2580] McCloghrie, K., Perkins, D. and J. Schoenwaelder,
"Conformance Statements for SMIv2", STD 58, RFC 2580, April
[RFC2856] Bierman, A., McCloghrie, K., and R. Presuhn, "Textual
Conventions for Additional High Capacity Data Types", RFC
2856, June 2000.
[RFC2895] Bierman, A., Bucci, C. and R. Iddon, "Remote Network
Monitoring MIB Protocol Identifier Reference", RFC 2895,
[RFC3273] Waldbusser, S., "Remote Monitoring Management Information
Base for High Capacity Networks", RFC 3273, May 2002.
9. Security Considerations
In order to implement this MIB, a probe must capture all packets on
the locally-attached network, including packets between third
parties. These packets are analyzed to collect network addresses,
protocol usage information, and conversation statistics. Data of
this nature may be considered sensitive in some environments. In
such environments the administrator may wish to restrict SNMP access
to the probe.
There are a number of management objects defined in this MIB that
have a MAX-ACCESS clause of read-write and/or read-create. Such
objects may be considered sensitive or vulnerable in some network
environments. The support for SET operations in a non-secure
environment without proper protection can have a negative effect on
SNMPv1 by itself is not a secure environment. Even if the network
itself is secure (for example by using IPSec), even then, there is no
control as to who on the secure network is allowed to access and
GET/SET (read/change/create/delete) the objects in this MIB.
It is recommended that the implementors consider the security
features as provided by the SNMPv3 framework. Specifically, the use
of the User-based Security Model RFC 2574 [RFC2574] and the View-
based Access Control Model RFC 2575 [RFC2575] is recommended.
It is then a customer/user responsibility to ensure that the SNMP
entity giving access to an instance of this MIB, is properly
configured to give access to the objects only to those principals
(users) that have legitimate rights to indeed GET or SET
11. Full Copyright Statement
Copyright (C) The Internet Society (2002). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Funding for the RFC Editor function is currently provided by the