[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [midcom] MIDCOM MIB design question
Hi Tom,
I didn't understand this comment. Can you explain further what boxes you
are referring to, and which functionality would be implemented on each?
Thanks,
dbh
> -----Original Message-----
> From: Tom Taylor [mailto:taylor@nortelnetworks.com]
> Sent: Wednesday, December 10, 2003 1:13 PM
> To: Juergen Quittek
> Cc: mibs@ops.ietf.org; midcom@ietf.org
> Subject: Re: [midcom] MIDCOM MIB design question
>
>
> I'd say they should be in separate modules because they are
> likely to be
> implemented on separate boxes on the SNMP client side.
>
> Juergen Quittek wrote:
>
> > Dear all,
> >
> > In the MIDCOM working group we are developing a protocol
> for dynamically
> > requesting pinholes in firewalls and bindings/sessions on NATs.
> >
> > The working group decided to use SNMP as basic protocol and
> now we are
> > defining a MIDCOM MIB module. While doing this, we found
> that we are
> > defining two separate groups of objects: Objects
> implementing the MIDCOM
> > protocol (for which we already have a protocol semantics
> document, see
> > draft-ietf-midcom-semantics-06.txt) and objects serving management
> > purposes.
> > Management purposes include for example configurations, such as
> > - the priority with which requested pinholes are configured in the
> > firewall,
> > - a table showing the mapping of MIDCOM pinholes to
> firewall resources
> > or of MIDCOM NAT sessions/bindings to NAT resources
> > - a protocol statistics table listing the set of active
> MIDCOM sessions,
> > protocol errors, etc.
> >
> > For these two groups of objects there are also two separate
> groups of
> > users:
> > - middlebox controllers sending requests for dynamic
> pinholes and NAT
> > sessions/bindings
> > - network managers configuring the middlebox (firewall or NAT) and
> > monitoring its operation
> >
> > The middlebox controllers only need access to the objects
> implementing
> > the MIDCOM protocol.
> >
> > The network managers would rather use the objects serving
> management
> > purposes
> > although in some cases they might need to access the other
> group also.
> >
> > Now, we have a draft defining these objects and the
> following question:
> >
> > Does someone have an opinion about whether these two groups
> of objects
> > should be contained in a single MIB module or in two separate ones?
> >
> > Usually, this problem does not occur, because most control protocol,
> > say GSMP are not defined on top of SNMP. Therefore in GSMP there is
> > a clear separation between the protocol and the MIB with
> objects serving
> > network management purposes. But in our case, SNMP is used for both
> > purposes.
> >
> > Thanks,
> >
> > Juergen
>
>
>