7 Network Working Group R. Austein
8 Request for Comments: 1611 Epilogue Technology Corporation
9 Category: Standards Track J. Saperia
10 Digital Equipment Corporation
13 DNS Server MIB Extensions
17 This document specifies an Internet standards track protocol for the
18 Internet community, and requests discussion and suggestions for
19 improvements. Please refer to the current edition of the "Internet
20 Official Protocol Standards" (STD 1) for the standardization state
21 and status of this protocol. Distribution of this memo is unlimited.
25 1. Introduction .............................................. 1
26 2. The SNMPv2 Network Management Framework ................... 2
27 2.1 Object Definitions ....................................... 2
28 3. Overview .................................................. 2
29 3.1 Resolvers ................................................ 3
30 3.2 Name Servers ............................................. 3
31 3.3 Selected Objects ......................................... 4
32 3.4 Textual Conventions ...................................... 4
33 4. Definitions ............................................... 5
34 5. Acknowledgements .......................................... 28
35 6. References ................................................ 28
36 7. Security Considerations ................................... 29
37 8. Authors' Addresses ........................................ 30
41 This memo defines a portion of the Management Information Base (MIB)
42 for use with network management protocols in the Internet community.
43 In particular, it describes a set of extensions which instrument DNS
44 name server functions. This memo was produced by the DNS working
47 With the adoption of the Internet-standard Network Management
48 Framework [4,5,6,7], and with a large number of vendor
49 implementations of these standards in commercially available
50 products, it became possible to provide a higher level of effective
51 network management in TCP/IP-based internets than was previously
52 available. With the growth in the use of these standards, it has
53 become possible to consider the management of other elements of the
54 infrastructure beyond the basic TCP/IP protocols. A key element of
58 Austein & Saperia [Page 1]
60 RFC 1611 DNS Server MIB Extensions May 1994
63 the TCP/IP infrastructure is the DNS.
65 Up to this point there has been no mechanism to integrate the
66 management of the DNS with SNMP-based managers. This memo provides
67 the mechanisms by which IP-based management stations can effectively
68 manage DNS name server software in an integrated fashion.
70 We have defined DNS MIB objects to be used in conjunction with the
71 Internet MIB to allow access to and control of DNS name server
72 software via SNMP by the Internet community.
74 2. The SNMPv2 Network Management Framework
76 The SNMPv2 Network Management Framework consists of four major
79 o RFC 1442 which defines the SMI, the mechanisms used for
80 describing and naming objects for the purpose of management.
82 o STD 17, RFC 1213 defines MIB-II, the core set of managed objects
83 for the Internet suite of protocols.
85 o RFC 1445 which defines the administrative and other architectural
86 aspects of the framework.
88 o RFC 1448 which defines the protocol used for network access to
91 The Framework permits new objects to be defined for the purpose of
92 experimentation and evaluation.
94 2.1. Object Definitions
96 Managed objects are accessed via a virtual information store, termed
97 the Management Information Base or MIB. Objects in the MIB are
98 defined using the subset of Abstract Syntax Notation One (ASN.1)
99 defined in the SMI. In particular, each object object type is named
100 by an OBJECT IDENTIFIER, an administratively assigned name. The
101 object type together with an object instance serves to uniquely
102 identify a specific instantiation of the object. For human
103 convenience, we often use a textual string, termed the descriptor, to
104 refer to the object type.
108 In theory, the DNS world is pretty simple. There are two kinds of
109 entities: resolvers and name servers. Resolvers ask questions. Name
110 servers answer them. The real world, however, is not so simple.
114 Austein & Saperia [Page 2]
116 RFC 1611 DNS Server MIB Extensions May 1994
119 Implementors have made widely differing choices about how to divide
120 DNS functions between resolvers and servers. They have also
121 constructed various sorts of exotic hybrids. The most difficult task
122 in defining this MIB was to accommodate this wide range of entities
123 without having to come up with a separate MIB for each.
125 We divided up the various DNS functions into two, non-overlapping
126 classes, called "resolver functions" and "name server functions." A
127 DNS entity that performs what we define as resolver functions
128 contains a resolver, and therefore must implement the MIB groups
129 required of all resolvers which are defined in a separate MIB Module.
130 A DNS entity which implements name server functions is considered to
131 be a name server, and must implement the MIB groups required for name
132 servers in this module. If the same piece of software performs both
133 resolver and server functions, we imagine that it contains both a
134 resolver and a server and would thus implement both the DNS Server
135 and DNS Resolver MIBs.
139 In our model, a resolver is a program (or piece thereof) which
140 obtains resource records from servers. Normally it does so at the
141 behest of an application, but may also do so as part of its own
142 operation. A resolver sends DNS protocol queries and receives DNS
143 protocol replies. A resolver neither receives queries nor sends
144 replies. A full service resolver is one that knows how to resolve
145 queries: it obtains the needed resource records by contacting a
146 server authoritative for the records desired. A stub resolver does
147 not know how to resolve queries: it sends all queries to a local name
148 server, setting the "recursion desired" flag to indicate that it
149 hopes that the name server will be willing to resolve the query. A
150 resolver may (optionally) have a cache for remembering previously
151 acquired resource records. It may also have a negative cache for
152 remembering names or data that have been determined not to exist.
156 A name server is a program (or piece thereof) that provides resource
157 records to resolvers. All references in this document to "a name
158 server" imply "the name server's role"; in some cases the name
159 server's role and the resolver's role might be combined into a single
160 program. A name server receives DNS protocol queries and sends DNS
161 protocol replies. A name server neither sends queries nor receives
162 replies. As a consequence, name servers do not have caches.
163 Normally, a name server would expect to receive only those queries to
164 which it could respond with authoritative information. However, if a
165 name server receives a query that it cannot respond to with purely
166 authoritative information, it may choose to try to obtain the
170 Austein & Saperia [Page 3]
172 RFC 1611 DNS Server MIB Extensions May 1994
175 necessary additional information from a resolver which may or may not
176 be a separate process.
178 3.3. Selected Objects
180 Many of the objects included in this memo have been created from
181 information contained in the DNS specifications [1,2], as amended and
182 clarified by subsequent host requirements documents [3]. Other
183 objects have been created based on experience with existing DNS
184 management tools, expected operational needs, the statistics
185 generated by existing DNS implementations, and the configuration
186 files used by existing DNS implementations. These objects have been
187 ordered into groups as follows:
189 o Server Configuration Group
191 o Server Counter Group
193 o Server Optional Counter Group
197 This information has been converted into a standard form using the
198 SNMPv2 SMI defined in [9]. For the most part, the descriptions are
199 influenced by the DNS related RFCs noted above. For example, the
200 descriptions for counters used for the various types of queries of
201 DNS records are influenced by the definitions used for the various
202 record types found in [2].
204 3.4. Textual Conventions
206 Several conceptual data types have been introduced as a textual
207 conventions in this DNS MIB document. These additions will
208 facilitate the common understanding of information used by the DNS.
209 No changes to the SMI or the SNMP are necessary to support these
212 Readers familiar with MIBs designed to manage entities in the lower
213 layers of the Internet protocol suite may be surprised at the number
214 of non-enumerated integers used in this MIB to represent values such
215 as DNS RR class and type numbers. The reason for this choice is
216 simple: the DNS itself is designed as an extensible protocol,
217 allowing new classes and types of resource records to be added to the
218 protocol without recoding the core DNS software. Using non-
219 enumerated integers to represent these data types in this MIB allows
220 the MIB to accommodate these changes as well.
226 Austein & Saperia [Page 4]
228 RFC 1611 DNS Server MIB Extensions May 1994
233 DNS-SERVER-MIB DEFINITIONS ::= BEGIN
238 MODULE-IDENTITY, OBJECT-TYPE, OBJECT-IDENTITY,
239 IpAddress, Counter32, Gauge32
241 TEXTUAL-CONVENTION, RowStatus, DisplayString, TruthValue
243 MODULE-COMPLIANCE, OBJECT-GROUP
249 "The OID assigned to DNS MIB work by the IANA."
252 dnsServMIB MODULE-IDENTITY
253 LAST-UPDATED "9401282251Z"
254 ORGANIZATION "IETF DNS Working Group"
257 Postal: Epilogue Technology Corporation
258 268 Main Street, Suite 283
259 North Reading, MA 10864
263 E-Mail: sra@epilogue.com
266 Postal: Digital Equipment Corporation
269 Nashua, NH 03062-2698
273 Email: saperia@zko.dec.com"
275 "The MIB module for entities implementing the server side
276 of the Domain Name System (DNS) protocol."
282 Austein & Saperia [Page 5]
284 RFC 1611 DNS Server MIB Extensions May 1994
287 dnsServMIBObjects OBJECT IDENTIFIER ::= { dnsServMIB 1 }
289 -- (Old-style) groups in the DNS server MIB.
291 dnsServConfig OBJECT IDENTIFIER ::= { dnsServMIBObjects 1 }
292 dnsServCounter OBJECT IDENTIFIER ::= { dnsServMIBObjects 2 }
293 dnsServOptCounter OBJECT IDENTIFIER ::= { dnsServMIBObjects 3 }
294 dnsServZone OBJECT IDENTIFIER ::= { dnsServMIBObjects 4 }
297 -- Textual conventions
299 DnsName ::= TEXTUAL-CONVENTION
300 -- A DISPLAY-HINT would be nice, but difficult to express.
303 "A DNS name is a sequence of labels. When DNS names are
304 displayed, the boundaries between labels are typically
305 indicated by dots (e.g. `Acme' and `COM' are labels in
306 the name `Acme.COM'). In the DNS protocol, however, no
307 such separators are needed because each label is encoded
308 as a length octet followed by the indicated number of
309 octets of label. For example, `Acme.COM' is encoded as
310 the octet sequence { 4, 'A', 'c', 'm', 'e', 3, 'C', 'O',
311 'M', 0 } (the final 0 is the length of the name of the
312 root domain, which appears implicitly at the end of any
313 DNS name). This MIB uses the same encoding as the DNS
316 A DnsName must always be a fully qualified name. It is
317 an error to encode a relative domain name as a DnsName
318 without first making it a fully qualified name."
320 "RFC-1034 section 3.1."
321 SYNTAX OCTET STRING (SIZE (0..255))
323 DnsNameAsIndex ::= TEXTUAL-CONVENTION
326 "This textual convention is like a DnsName, but is used
327 as an index componant in tables. Alphabetic characters
328 in names of this type are restricted to uppercase: the
329 characters 'a' through 'z' are mapped to the characters
330 'A' through 'Z'. This restriction is intended to make
331 the lexical ordering imposed by SNMP useful when applied
334 Note that it is theoretically possible for a valid DNS
338 Austein & Saperia [Page 6]
340 RFC 1611 DNS Server MIB Extensions May 1994
343 name to exceed the allowed length of an SNMP object
344 identifer, and thus be impossible to represent in tables
345 in this MIB that are indexed by DNS name. Sampling of
346 DNS names in current use on the Internet suggests that
347 this limit does not pose a serious problem in practice."
349 "RFC-1034 section 3.1, RFC-1448 section 4.1."
352 DnsClass ::= TEXTUAL-CONVENTION
356 "This data type is used to represent the class values
357 which appear in Resource Records in the DNS. A 16-bit
358 unsigned integer is used to allow room for new classes
359 of records to be defined. Existing standard classes are
360 listed in the DNS specifications."
362 "RFC-1035 section 3.2.4."
363 SYNTAX INTEGER (0..65535)
365 DnsType ::= TEXTUAL-CONVENTION
369 "This data type is used to represent the type values
370 which appear in Resource Records in the DNS. A 16-bit
371 unsigned integer is used to allow room for new record
372 types to be defined. Existing standard types are listed
373 in the DNS specifications."
375 "RFC-1035 section 3.2.2."
376 SYNTAX INTEGER (0..65535)
378 DnsQClass ::= TEXTUAL-CONVENTION
382 "This data type is used to represent the QClass values
383 which appear in Resource Records in the DNS. A 16-bit
384 unsigned integer is used to allow room for new QClass
385 records to be defined. Existing standard QClasses are
386 listed in the DNS specification."
388 "RFC-1035 section 3.2.5."
389 SYNTAX INTEGER (0..65535)
394 Austein & Saperia [Page 7]
396 RFC 1611 DNS Server MIB Extensions May 1994
399 DnsQType ::= TEXTUAL-CONVENTION
403 "This data type is used to represent the QType values
404 which appear in Resource Records in the DNS. A 16-bit
405 unsigned integer is used to allow room for new QType
406 records to be defined. Existing standard QTypes are
407 listed in the DNS specification."
409 "RFC-1035 section 3.2.3."
410 SYNTAX INTEGER (0..65535)
412 DnsTime ::= TEXTUAL-CONVENTION
416 "DnsTime values are 32-bit unsigned integers which
417 measure time in seconds."
423 DnsOpCode ::= TEXTUAL-CONVENTION
426 "This textual convention is used to represent the DNS
427 OPCODE values used in the header section of DNS
428 messages. Existing standard OPCODE values are listed in
429 the DNS specifications."
431 "RFC-1035 section 4.1.1."
432 SYNTAX INTEGER (0..15)
434 DnsRespCode ::= TEXTUAL-CONVENTION
437 "This data type is used to represent the DNS RCODE value
438 in DNS response messages. Existing standard RCODE
439 values are listed in the DNS specifications."
441 "RFC-1035 section 4.1.1."
442 SYNTAX INTEGER (0..15)
450 Austein & Saperia [Page 8]
452 RFC 1611 DNS Server MIB Extensions May 1994
455 -- Server Configuration Group
457 dnsServConfigImplementIdent OBJECT-TYPE
462 "The implementation identification string for the DNS
463 server software in use on the system, for example;
465 ::= { dnsServConfig 1 }
467 dnsServConfigRecurs OBJECT-TYPE
468 SYNTAX INTEGER { available(1),
471 MAX-ACCESS read-write
474 "This represents the recursion services offered by this
475 name server. The values that can be read or written
478 available(1) - performs recursion on requests from
481 restricted(2) - recursion is performed on requests only
482 from certain clients, for example; clients on an access
485 unavailable(3) - recursion is not available."
486 ::= { dnsServConfig 2 }
488 dnsServConfigUpTime OBJECT-TYPE
493 "If the server has a persistent state (e.g., a process),
494 this value will be the time elapsed since it started.
495 For software without persistant state, this value will
497 ::= { dnsServConfig 3 }
499 dnsServConfigResetTime OBJECT-TYPE
506 Austein & Saperia [Page 9]
508 RFC 1611 DNS Server MIB Extensions May 1994
512 "If the server has a persistent state (e.g., a process)
513 and supports a `reset' operation (e.g., can be told to
514 re-read configuration files), this value will be the
515 time elapsed since the last time the name server was
516 `reset.' For software that does not have persistence or
517 does not support a `reset' operation, this value will be
519 ::= { dnsServConfig 4 }
521 dnsServConfigReset OBJECT-TYPE
522 SYNTAX INTEGER { other(1),
526 MAX-ACCESS read-write
529 "Status/action object to reinitialize any persistant name
530 server state. When set to reset(2), any persistant
531 name server state (such as a process) is reinitialized as
532 if the name server had just been started. This value
533 will never be returned by a read operation. When read,
534 one of the following values will be returned:
535 other(1) - server in some unknown state;
536 initializing(3) - server (re)initializing;
537 running(4) - server currently running."
538 ::= { dnsServConfig 5 }
541 -- Server Counter Group
543 dnsServCounterAuthAns OBJECT-TYPE
548 "Number of queries which were authoritatively answered."
549 ::= { dnsServCounter 2 }
551 dnsServCounterAuthNoNames OBJECT-TYPE
556 "Number of queries for which `authoritative no such name'
557 responses were made."
558 ::= { dnsServCounter 3 }
562 Austein & Saperia [Page 10]
564 RFC 1611 DNS Server MIB Extensions May 1994
567 dnsServCounterAuthNoDataResps OBJECT-TYPE
572 "Number of queries for which `authoritative no such data'
573 (empty answer) responses were made."
574 ::= { dnsServCounter 4 }
576 dnsServCounterNonAuthDatas OBJECT-TYPE
581 "Number of queries which were non-authoritatively
582 answered (cached data)."
583 ::= { dnsServCounter 5 }
585 dnsServCounterNonAuthNoDatas OBJECT-TYPE
590 "Number of queries which were non-authoritatively
591 answered with no data (empty answer)."
592 ::= { dnsServCounter 6 }
594 dnsServCounterReferrals OBJECT-TYPE
599 "Number of requests that were referred to other servers."
600 ::= { dnsServCounter 7 }
602 dnsServCounterErrors OBJECT-TYPE
607 "Number of requests the server has processed that were
608 answered with errors (RCODE values other than 0 and 3)."
610 "RFC-1035 section 4.1.1."
611 ::= { dnsServCounter 8 }
613 dnsServCounterRelNames OBJECT-TYPE
618 Austein & Saperia [Page 11]
620 RFC 1611 DNS Server MIB Extensions May 1994
626 "Number of requests received by the server for names that
627 are only 1 label long (text form - no internal dots)."
628 ::= { dnsServCounter 9 }
630 dnsServCounterReqRefusals OBJECT-TYPE
635 "Number of DNS requests refused by the server."
636 ::= { dnsServCounter 10 }
638 dnsServCounterReqUnparses OBJECT-TYPE
643 "Number of requests received which were unparseable."
644 ::= { dnsServCounter 11 }
646 dnsServCounterOtherErrors OBJECT-TYPE
651 "Number of requests which were aborted for other (local)
653 ::= { dnsServCounter 12 }
655 -- DNS Server Counter Table
657 dnsServCounterTable OBJECT-TYPE
658 SYNTAX SEQUENCE OF DnsServCounterEntry
659 MAX-ACCESS not-accessible
662 "Counter information broken down by DNS class and type."
663 ::= { dnsServCounter 13 }
665 dnsServCounterEntry OBJECT-TYPE
666 SYNTAX DnsServCounterEntry
667 MAX-ACCESS not-accessible
670 "This table contains count information for each DNS class
674 Austein & Saperia [Page 12]
676 RFC 1611 DNS Server MIB Extensions May 1994
679 and type value known to the server. The index allows
680 management software to to create indices to the table to
681 get the specific information desired, e.g., number of
682 queries over UDP for records with type value `A' which
683 came to this server. In order to prevent an
684 uncontrolled expansion of rows in the table; if
685 dnsServCounterRequests is 0 and dnsServCounterResponses
686 is 0, then the row does not exist and `no such' is
687 returned when the agent is queried for such instances."
688 INDEX { dnsServCounterOpCode,
689 dnsServCounterQClass,
691 dnsServCounterTransport }
692 ::= { dnsServCounterTable 1 }
694 DnsServCounterEntry ::=
702 dnsServCounterTransport
704 dnsServCounterRequests
706 dnsServCounterResponses
710 dnsServCounterOpCode OBJECT-TYPE
712 MAX-ACCESS not-accessible
715 "The DNS OPCODE being counted in this row of the table."
716 ::= { dnsServCounterEntry 1 }
718 dnsServCounterQClass OBJECT-TYPE
720 MAX-ACCESS not-accessible
723 "The class of record being counted in this row of the
725 ::= { dnsServCounterEntry 2 }
730 Austein & Saperia [Page 13]
732 RFC 1611 DNS Server MIB Extensions May 1994
735 dnsServCounterQType OBJECT-TYPE
737 MAX-ACCESS not-accessible
740 "The type of record which is being counted in this row in
742 ::= { dnsServCounterEntry 3 }
744 dnsServCounterTransport OBJECT-TYPE
745 SYNTAX INTEGER { udp(1), tcp(2), other(3) }
746 MAX-ACCESS not-accessible
749 "A value of udp(1) indicates that the queries reported on
750 this row were sent using UDP.
752 A value of tcp(2) indicates that the queries reported on
753 this row were sent using TCP.
755 A value of other(3) indicates that the queries reported
756 on this row were sent using a transport that was neither
758 ::= { dnsServCounterEntry 4 }
760 dnsServCounterRequests OBJECT-TYPE
765 "Number of requests (queries) that have been recorded in
766 this row of the table."
767 ::= { dnsServCounterEntry 5 }
769 dnsServCounterResponses OBJECT-TYPE
774 "Number of responses made by the server since
775 initialization for the kind of query identified on this
777 ::= { dnsServCounterEntry 6 }
786 Austein & Saperia [Page 14]
788 RFC 1611 DNS Server MIB Extensions May 1994
791 -- Server Optional Counter Group
793 -- The Server Optional Counter Group is intended for those systems
794 -- which make distinctions between the different sources of the DNS
795 -- queries as defined below.
797 -- Objects in this group are implemented on servers which distinguish
798 -- between queries which originate from the same host as the server,
799 -- queries from one of an arbitrary group of hosts that are on an
800 -- access list defined by the server, and queries from hosts that do
801 -- not fit either of these descriptions.
803 -- The objects found in the Server Counter group are totals. Thus if
804 -- one wanted to identify, for example, the number of queries from
805 -- `remote' hosts which have been given authoritative answers, one
806 -- would subtract the current values of ServOptCounterFriendsAuthAns
807 -- and ServOptCounterSelfAuthAns from servCounterAuthAns.
809 -- The purpose of these distinctions is to allow for implementations
810 -- to group queries and responses on this basis. One way in which
811 -- servers may make these distinctions is by looking at the source IP
812 -- address of the DNS query. If the source of the query is `your
813 -- own' then the query should be counted as `yourself' (local host).
814 -- If the source of the query matches an `access list,' the query
815 -- came from a friend. What constitutes an `access list' is
816 -- implementation dependent and could be as simple as a rule that all
817 -- hosts on the same IP network as the DNS server are classed
820 -- In order to avoid double counting, the following rules apply:
822 -- 1. No host is in more than one of the three groups defined above.
824 -- 2. All queries from the local host are always counted in the
825 -- `yourself' group regardless of what the access list, if any,
828 -- 3. The access list should not define `your friends' in such a way
829 -- that it includes all hosts. That is, not everybody is your
832 dnsServOptCounterSelfAuthAns OBJECT-TYPE
837 "Number of requests the server has processed which
838 originated from a resolver on the same host for which
842 Austein & Saperia [Page 15]
844 RFC 1611 DNS Server MIB Extensions May 1994
847 there has been an authoritative answer."
848 ::= { dnsServOptCounter 1 }
850 dnsServOptCounterSelfAuthNoNames OBJECT-TYPE
855 "Number of requests the server has processed which
856 originated from a resolver on the same host for which
857 there has been an authoritative no such name answer
859 ::= { dnsServOptCounter 2 }
861 dnsServOptCounterSelfAuthNoDataResps OBJECT-TYPE
866 "Number of requests the server has processed which
867 originated from a resolver on the same host for which
868 there has been an authoritative no such data answer
869 (empty answer) made."
870 ::= { dnsServOptCounter 3 }
872 dnsServOptCounterSelfNonAuthDatas OBJECT-TYPE
877 "Number of requests the server has processed which
878 originated from a resolver on the same host for which a
879 non-authoritative answer (cached data) was made."
880 ::= { dnsServOptCounter 4 }
882 dnsServOptCounterSelfNonAuthNoDatas OBJECT-TYPE
887 "Number of requests the server has processed which
888 originated from a resolver on the same host for which a
889 `non-authoritative, no such data' response was made
891 ::= { dnsServOptCounter 5 }
893 dnsServOptCounterSelfReferrals OBJECT-TYPE
898 Austein & Saperia [Page 16]
900 RFC 1611 DNS Server MIB Extensions May 1994
906 "Number of queries the server has processed which
907 originated from a resolver on the same host and were
908 referred to other servers."
909 ::= { dnsServOptCounter 6 }
911 dnsServOptCounterSelfErrors OBJECT-TYPE
916 "Number of requests the server has processed which
917 originated from a resolver on the same host which have
918 been answered with errors (RCODEs other than 0 and 3)."
920 "RFC-1035 section 4.1.1."
921 ::= { dnsServOptCounter 7 }
923 dnsServOptCounterSelfRelNames OBJECT-TYPE
928 "Number of requests received for names that are only 1
929 label long (text form - no internal dots) the server has
930 processed which originated from a resolver on the same
932 ::= { dnsServOptCounter 8 }
934 dnsServOptCounterSelfReqRefusals OBJECT-TYPE
939 "Number of DNS requests refused by the server which
940 originated from a resolver on the same host."
941 ::= { dnsServOptCounter 9 }
943 dnsServOptCounterSelfReqUnparses OBJECT-TYPE
948 "Number of requests received which were unparseable and
949 which originated from a resolver on the same host."
950 ::= { dnsServOptCounter 10 }
954 Austein & Saperia [Page 17]
956 RFC 1611 DNS Server MIB Extensions May 1994
959 dnsServOptCounterSelfOtherErrors OBJECT-TYPE
964 "Number of requests which were aborted for other (local)
965 server errors and which originated on the same host."
966 ::= { dnsServOptCounter 11 }
968 dnsServOptCounterFriendsAuthAns OBJECT-TYPE
973 "Number of queries originating from friends which were
974 authoritatively answered. The definition of friends is
975 a locally defined matter."
976 ::= { dnsServOptCounter 12 }
978 dnsServOptCounterFriendsAuthNoNames OBJECT-TYPE
983 "Number of queries originating from friends, for which
984 authoritative `no such name' responses were made. The
985 definition of friends is a locally defined matter."
986 ::= { dnsServOptCounter 13 }
988 dnsServOptCounterFriendsAuthNoDataResps OBJECT-TYPE
993 "Number of queries originating from friends for which
994 authoritative no such data (empty answer) responses were
995 made. The definition of friends is a locally defined
997 ::= { dnsServOptCounter 14 }
999 dnsServOptCounterFriendsNonAuthDatas OBJECT-TYPE
1001 MAX-ACCESS read-only
1004 "Number of queries originating from friends which were
1005 non-authoritatively answered (cached data). The
1006 definition of friends is a locally defined matter."
1010 Austein & Saperia [Page 18]
1012 RFC 1611 DNS Server MIB Extensions May 1994
1015 ::= { dnsServOptCounter 15 }
1017 dnsServOptCounterFriendsNonAuthNoDatas OBJECT-TYPE
1019 MAX-ACCESS read-only
1022 "Number of queries originating from friends which were
1023 non-authoritatively answered with no such data (empty
1025 ::= { dnsServOptCounter 16 }
1027 dnsServOptCounterFriendsReferrals OBJECT-TYPE
1029 MAX-ACCESS read-only
1032 "Number of requests which originated from friends that
1033 were referred to other servers. The definition of
1034 friends is a locally defined matter."
1035 ::= { dnsServOptCounter 17 }
1037 dnsServOptCounterFriendsErrors OBJECT-TYPE
1039 MAX-ACCESS read-only
1042 "Number of requests the server has processed which
1043 originated from friends and were answered with errors
1044 (RCODE values other than 0 and 3). The definition of
1045 friends is a locally defined matter."
1047 "RFC-1035 section 4.1.1."
1048 ::= { dnsServOptCounter 18 }
1050 dnsServOptCounterFriendsRelNames OBJECT-TYPE
1052 MAX-ACCESS read-only
1055 "Number of requests received for names from friends that
1056 are only 1 label long (text form - no internal dots) the
1057 server has processed."
1058 ::= { dnsServOptCounter 19 }
1060 dnsServOptCounterFriendsReqRefusals OBJECT-TYPE
1062 MAX-ACCESS read-only
1066 Austein & Saperia [Page 19]
1068 RFC 1611 DNS Server MIB Extensions May 1994
1073 "Number of DNS requests refused by the server which were
1074 received from `friends'."
1075 ::= { dnsServOptCounter 20 }
1077 dnsServOptCounterFriendsReqUnparses OBJECT-TYPE
1079 MAX-ACCESS read-only
1082 "Number of requests received which were unparseable and
1083 which originated from `friends'."
1084 ::= { dnsServOptCounter 21 }
1086 dnsServOptCounterFriendsOtherErrors OBJECT-TYPE
1088 MAX-ACCESS read-only
1091 "Number of requests which were aborted for other (local)
1092 server errors and which originated from `friends'."
1093 ::= { dnsServOptCounter 22 }
1096 -- Server Zone Group
1098 -- DNS Management Zone Configuration Table
1100 -- This table contains zone configuration information.
1102 dnsServZoneTable OBJECT-TYPE
1103 SYNTAX SEQUENCE OF DnsServZoneEntry
1104 MAX-ACCESS not-accessible
1107 "Table of zones for which this name server provides
1108 information. Each of the zones may be loaded from stable
1109 storage via an implementation-specific mechanism or may
1110 be obtained from another name server via a zone transfer.
1112 If name server doesn't load any zones, this table is
1114 ::= { dnsServZone 1 }
1116 dnsServZoneEntry OBJECT-TYPE
1117 SYNTAX DnsServZoneEntry
1118 MAX-ACCESS not-accessible
1122 Austein & Saperia [Page 20]
1124 RFC 1611 DNS Server MIB Extensions May 1994
1129 "An entry in the name server zone table. New rows may be
1130 added either via SNMP or by the name server itself."
1131 INDEX { dnsServZoneName,
1133 ::= { dnsServZoneTable 1 }
1135 DnsServZoneEntry ::=
1141 dnsServZoneLastReloadSuccess
1143 dnsServZoneLastReloadAttempt
1145 dnsServZoneLastSourceAttempt
1153 dnsServZoneLastSourceSuccess
1157 dnsServZoneName OBJECT-TYPE
1158 SYNTAX DnsNameAsIndex
1159 MAX-ACCESS not-accessible
1162 "DNS name of the zone described by this row of the table.
1163 This is the owner name of the SOA RR that defines the
1164 top of the zone. This is name is in uppercase:
1165 characters 'a' through 'z' are mapped to 'A' through 'Z'
1166 in order to make the lexical ordering useful."
1167 ::= { dnsServZoneEntry 1 }
1169 dnsServZoneClass OBJECT-TYPE
1171 MAX-ACCESS not-accessible
1174 "DNS class of the RRs in this zone."
1178 Austein & Saperia [Page 21]
1180 RFC 1611 DNS Server MIB Extensions May 1994
1183 ::= { dnsServZoneEntry 2 }
1185 dnsServZoneLastReloadSuccess OBJECT-TYPE
1187 MAX-ACCESS read-only
1190 "Elapsed time in seconds since last successful reload of
1192 ::= { dnsServZoneEntry 3 }
1194 dnsServZoneLastReloadAttempt OBJECT-TYPE
1196 MAX-ACCESS read-only
1199 "Elapsed time in seconds since last attempted reload of
1201 ::= { dnsServZoneEntry 4 }
1203 dnsServZoneLastSourceAttempt OBJECT-TYPE
1205 MAX-ACCESS read-only
1208 "IP address of host from which most recent zone transfer
1209 of this zone was attempted. This value should match the
1210 value of dnsServZoneSourceSuccess if the attempt was
1211 succcessful. If zone transfer has not been attempted
1212 within the memory of this name server, this value should
1214 ::= { dnsServZoneEntry 5 }
1216 dnsServZoneStatus OBJECT-TYPE
1218 MAX-ACCESS read-create
1221 "The status of the information represented in this row of
1223 ::= { dnsServZoneEntry 6 }
1225 dnsServZoneSerial OBJECT-TYPE
1227 MAX-ACCESS read-only
1230 "Zone serial number (from the SOA RR) of the zone
1234 Austein & Saperia [Page 22]
1236 RFC 1611 DNS Server MIB Extensions May 1994
1239 represented by this row of the table. If the zone has
1240 not been successfully loaded within the memory of this
1241 name server, the value of this variable is zero."
1242 ::= { dnsServZoneEntry 7 }
1244 dnsServZoneCurrent OBJECT-TYPE
1246 MAX-ACCESS read-only
1249 "Whether the server's copy of the zone represented by
1250 this row of the table is currently valid. If the zone
1251 has never been successfully loaded or has expired since
1252 it was last succesfully loaded, this variable will have
1253 the value false(2), otherwise this variable will have
1255 ::= { dnsServZoneEntry 8 }
1257 dnsServZoneLastSourceSuccess OBJECT-TYPE
1259 MAX-ACCESS read-only
1262 "IP address of host which was the source of the most
1263 recent successful zone transfer for this zone. If
1264 unknown (e.g., zone has never been successfully
1265 transfered) or irrelevant (e.g., zone was loaded from
1266 stable storage), this value should be 0.0.0.0."
1267 ::= { dnsServZoneEntry 9 }
1269 -- DNS Zone Source Table
1271 dnsServZoneSrcTable OBJECT-TYPE
1272 SYNTAX SEQUENCE OF DnsServZoneSrcEntry
1273 MAX-ACCESS not-accessible
1276 "This table is a list of IP addresses from which the
1277 server will attempt to load zone information using DNS
1278 zone transfer operations. A reload may occur due to SNMP
1279 operations that create a row in dnsServZoneTable or a
1280 SET to object dnsServZoneReload. This table is only
1281 used when the zone is loaded via zone transfer."
1282 ::= { dnsServZone 2 }
1284 dnsServZoneSrcEntry OBJECT-TYPE
1285 SYNTAX DnsServZoneSrcEntry
1286 MAX-ACCESS not-accessible
1290 Austein & Saperia [Page 23]
1292 RFC 1611 DNS Server MIB Extensions May 1994
1297 "An entry in the name server zone source table."
1298 INDEX { dnsServZoneSrcName,
1299 dnsServZoneSrcClass,
1300 dnsServZoneSrcAddr }
1301 ::= { dnsServZoneSrcTable 1 }
1303 DnsServZoneSrcEntry ::=
1311 dnsServZoneSrcStatus
1315 dnsServZoneSrcName OBJECT-TYPE
1316 SYNTAX DnsNameAsIndex
1317 MAX-ACCESS not-accessible
1320 "DNS name of the zone to which this entry applies."
1321 ::= { dnsServZoneSrcEntry 1 }
1323 dnsServZoneSrcClass OBJECT-TYPE
1325 MAX-ACCESS not-accessible
1328 "DNS class of zone to which this entry applies."
1329 ::= { dnsServZoneSrcEntry 2 }
1331 dnsServZoneSrcAddr OBJECT-TYPE
1333 MAX-ACCESS not-accessible
1336 "IP address of name server host from which this zone
1337 might be obtainable."
1338 ::= { dnsServZoneSrcEntry 3 }
1340 dnsServZoneSrcStatus OBJECT-TYPE
1342 MAX-ACCESS read-create
1346 Austein & Saperia [Page 24]
1348 RFC 1611 DNS Server MIB Extensions May 1994
1353 "The status of the information represented in this row of
1355 ::= { dnsServZoneSrcEntry 4 }
1360 dnsServMIBGroups OBJECT IDENTIFIER ::= { dnsServMIB 2 }
1362 dnsServConfigGroup OBJECT-GROUP
1363 OBJECTS { dnsServConfigImplementIdent,
1364 dnsServConfigRecurs,
1365 dnsServConfigUpTime,
1366 dnsServConfigResetTime,
1367 dnsServConfigReset }
1370 "A collection of objects providing basic configuration
1371 control of a DNS name server."
1372 ::= { dnsServMIBGroups 1 }
1374 dnsServCounterGroup OBJECT-GROUP
1375 OBJECTS { dnsServCounterAuthAns,
1376 dnsServCounterAuthNoNames,
1377 dnsServCounterAuthNoDataResps,
1378 dnsServCounterNonAuthDatas,
1379 dnsServCounterNonAuthNoDatas,
1380 dnsServCounterReferrals,
1381 dnsServCounterErrors,
1382 dnsServCounterRelNames,
1383 dnsServCounterReqRefusals,
1384 dnsServCounterReqUnparses,
1385 dnsServCounterOtherErrors,
1386 dnsServCounterOpCode,
1387 dnsServCounterQClass,
1388 dnsServCounterQType,
1389 dnsServCounterTransport,
1390 dnsServCounterRequests,
1391 dnsServCounterResponses }
1394 "A collection of objects providing basic instrumentation
1395 of a DNS name server."
1396 ::= { dnsServMIBGroups 2 }
1402 Austein & Saperia [Page 25]
1404 RFC 1611 DNS Server MIB Extensions May 1994
1407 dnsServOptCounterGroup OBJECT-GROUP
1408 OBJECTS { dnsServOptCounterSelfAuthAns,
1409 dnsServOptCounterSelfAuthNoNames,
1410 dnsServOptCounterSelfAuthNoDataResps,
1411 dnsServOptCounterSelfNonAuthDatas,
1412 dnsServOptCounterSelfNonAuthNoDatas,
1413 dnsServOptCounterSelfReferrals,
1414 dnsServOptCounterSelfErrors,
1415 dnsServOptCounterSelfRelNames,
1416 dnsServOptCounterSelfReqRefusals,
1417 dnsServOptCounterSelfReqUnparses,
1418 dnsServOptCounterSelfOtherErrors,
1419 dnsServOptCounterFriendsAuthAns,
1420 dnsServOptCounterFriendsAuthNoNames,
1421 dnsServOptCounterFriendsAuthNoDataResps,
1422 dnsServOptCounterFriendsNonAuthDatas,
1423 dnsServOptCounterFriendsNonAuthNoDatas,
1424 dnsServOptCounterFriendsReferrals,
1425 dnsServOptCounterFriendsErrors,
1426 dnsServOptCounterFriendsRelNames,
1427 dnsServOptCounterFriendsReqRefusals,
1428 dnsServOptCounterFriendsReqUnparses,
1429 dnsServOptCounterFriendsOtherErrors }
1432 "A collection of objects providing extended
1433 instrumentation of a DNS name server."
1434 ::= { dnsServMIBGroups 3 }
1436 dnsServZoneGroup OBJECT-GROUP
1437 OBJECTS { dnsServZoneName,
1439 dnsServZoneLastReloadSuccess,
1440 dnsServZoneLastReloadAttempt,
1441 dnsServZoneLastSourceAttempt,
1442 dnsServZoneLastSourceSuccess,
1447 dnsServZoneSrcClass,
1449 dnsServZoneSrcStatus }
1452 "A collection of objects providing configuration control
1453 of a DNS name server which loads authoritative zones."
1454 ::= { dnsServMIBGroups 4 }
1458 Austein & Saperia [Page 26]
1460 RFC 1611 DNS Server MIB Extensions May 1994
1465 dnsServMIBCompliances OBJECT IDENTIFIER ::= { dnsServMIB 3 }
1467 dnsServMIBCompliance MODULE-COMPLIANCE
1470 "The compliance statement for agents implementing the DNS
1471 name server MIB extensions."
1472 MODULE -- This MIB module
1473 MANDATORY-GROUPS { dnsServConfigGroup, dnsServCounterGroup }
1474 GROUP dnsServOptCounterGroup
1476 "The server optional counter group is unconditionally
1478 GROUP dnsServZoneGroup
1480 "The server zone group is mandatory for any name server
1481 that acts as an authoritative server for any DNS zone."
1482 OBJECT dnsServConfigRecurs
1483 MIN-ACCESS read-only
1485 "This object need not be writable."
1486 OBJECT dnsServConfigReset
1487 MIN-ACCESS read-only
1489 "This object need not be writable."
1490 ::= { dnsServMIBCompliances 1 }
1514 Austein & Saperia [Page 27]
1516 RFC 1611 DNS Server MIB Extensions May 1994
1521 This document is the result of work undertaken the by DNS working
1522 group. The authors would particularly like to thank the following
1523 people for their contributions to this document: Philip Almquist,
1524 Frank Kastenholz (FTP Software), Joe Peck (DEC), Dave Perkins
1525 (SynOptics), Win Treese (DEC), and Mimi Zohar (IBM).
1529 [1] Mockapetris, P., "Domain Names -- Concepts and Facilities", STD
1530 13, RFC 1034, USC/Information Sciences Institute, November 1987.
1532 [2] Mockapetris, P., "Domain Names -- Implementation and
1533 Specification", STD 13, RFC 1035, USC/Information Sciences
1534 Institute, November 1987.
1536 [3] Braden, R., Editor, "Requirements for Internet Hosts --
1537 Application and Support, STD 3, RFC 1123, USC/Information
1538 Sciences Institute, October 1989.
1540 [4] Rose, M., and K. McCloghrie, "Structure and Identification of
1541 Management Information for TCP/IP-based internets", STD 16, RFC
1542 1155, Performance Systems International, Hughes LAN Systems, May
1545 [5] McCloghrie, K., and M. Rose, "Management Information Base for
1546 Network Management of TCP/IP-based internets", RFC 1156, Hughes
1547 LAN Systems, Performance Systems International, May 1990.
1549 [6] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple
1550 Network Management Protocol", STD 15, RFC 1157, SNMP Research,
1551 Performance Systems International, Performance Systems
1552 International, MIT Laboratory for Computer Science, May 1990.
1554 [7] Rose, M., and K. McCloghrie, Editors, "Concise MIB Definitions",
1555 STD 16, RFC 1212, Performance Systems International, Hughes LAN
1556 Systems, March 1991.
1558 [8] McCloghrie, K., and M. Rose, Editors, "Management Information
1559 Base for Network Management of TCP/IP-based internets: MIB-II",
1560 STD 17, RFC 1213, Hughes LAN Systems, Performance Systems
1561 International, March 1991.
1563 [9] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Structure
1564 of Management Information for version 2 of the Simple Network
1565 Management Protocol (SNMPv2)", RFC 1442, SNMP Research, Inc.,
1566 Hughes LAN Systems, Dover Beach Consulting, Inc., Carnegie Mellon
1570 Austein & Saperia [Page 28]
1572 RFC 1611 DNS Server MIB Extensions May 1994
1575 University, April 1993.
1577 [10] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Textual
1578 Conventions for version 2 of the the Simple Network Management
1579 Protocol (SNMPv2)", RFC 1443, SNMP Research, Inc., Hughes LAN
1580 Systems, Dover Beach Consulting, Inc., Carnegie Mellon
1581 University, April 1993.
1583 [11] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser,
1584 "Conformance Statements for version 2 of the the Simple Network
1585 Management Protocol (SNMPv2)", RFC 1444, SNMP Research, Inc.,
1586 Hughes LAN Systems, Dover Beach Consulting, Inc., Carnegie Mellon
1587 University, April 1993.
1589 [12] Galvin, J., and K. McCloghrie, "Administrative Model for version
1590 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1445,
1591 Trusted Information Systems, Hughes LAN Systems, April 1993.
1593 [13] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol
1594 Operations for version 2 of the Simple Network Management
1595 Protocol (SNMPv2)", RFC 1448, SNMP Research, Inc., Hughes LAN
1596 Systems, Dover Beach Consulting, Inc., Carnegie Mellon
1597 University, April 1993.
1599 [14] "Information processing systems - Open Systems Interconnection -
1600 Specification of Abstract Syntax Notation One (ASN.1)",
1601 International Organization for Standardization, International
1602 Standard 8824, December 1987.
1604 7. Security Considerations
1606 Security issues are not discussed in this memo.
1626 Austein & Saperia [Page 29]
1628 RFC 1611 DNS Server MIB Extensions May 1994
1631 8. Authors' Addresses
1634 Epilogue Technology Corporation
1635 268 Main Street, Suite 283
1636 North Reading, MA 01864
1639 Phone: +1-617-245-0804
1640 Fax: +1-617-245-8122
1641 EMail: sra@epilogue.com
1645 Digital Equipment Corporation
1648 Nashua, NH 03062-2698
1651 Phone: +1-603-881-0480
1652 Fax: +1-603-881-0120
1653 EMail: saperia@zko.dec.com
1682 Austein & Saperia [Page 30]
projects / FreeBSD / releng / 7.2.git / blob