Re: Special protocol contraints expressed in MIBs

["Jon Saperia <saperia>" <saperia@jdscons.com>]

On Monday 18 February 2002 09:16 am, Wijnen, Bert (Bert) wrote:
> implementations can always specify in an AGENT-CAPABILITIES taht they
> do not support specific objects or that they do not support write
> access for certain objects. But... the way that a lot of systems are
> build, it seems to me that at the object level, you do not know
> if access was made by a specific SNMP version or under a specific
> security level. That control is at the (master) agent.


I have not disagreement with Bert on anything he wrote here, but I would 
like to suggest something that may help. When I work with vendors on 
private MIB objects, including NOTIFICATIONs we have somewhat more control 
over the initial configuration sent out with the system. Of course Bert is 
right in that the user could cause our default of an INFORM to be a TRAP.  
In the private modules we put in a good deal of explanation about the hows 
and whys of the various objects to explain different defaults and agent 
behaviors.

For standard MIB Modules, perhaps a section for those with concerns about 
TRAP and INFORM not unlike the security section could be added. In this 
short section, those that wish to comment about INFORM and TRAP 
utilization and make operational 'suggestions' could do so. Certainly 
there is nothing to prohibit this and it is a long-standing practice to 
write about operational issues in standard MIB Modules, often prior to the 
module itself in the RFC.

/jon
-- 
Jon Saperia                         
				
saperia@jdscons.com
Phone: 617-744-1079
Fax:   617-249-0874
http://www.jdscons.com/