MIB concepts and design
All SNMP MIB modules that are defined for use by a specific device comprise the MIB for that device. The term MIB is often used to describe a single module definition but this is technically incorrect. In fact, the MIB is the combination of all of the modules used for managing a specific device, whether the device relates to hardware or software. Therefore, the more precise name for each module defined by a vendor, or in an RFC, is SNMP MIB module.
All MIB modules are eventually extensions of the root module. All released MIB modules, from individual vendors, extend from the enterprises object defined in RFC1155-SMI. Therefore, all SNMP agents must support RFC1155, and all MIB modules are extensions of RFC1155.
Structure of Management Information (SMI)
To make the SNMP management information base (MIB) extensible, related items are arranged into MIB modules that form a structured hierarchy. Each MIB module is defined inside the following construct:
ModuleName
DEFINITIONS ::= BEGIN END
The BEGIN
and END
tags
in the module enable several modules to be defined within a single
text file. MIB compilers should be able to handle any number of modules
defined in a single file, but should not require it.
There are conventions for every defined object within the module. For example, a module name must begin with an uppercase alphabetic character and contain only letters, numbers, hyphens (-), or underscores (_). An object name must start with a lowercase alphabetic character and must only contain letters, numbers, hyphens, or underscores. Comments in MIB modules are represented by two consecutive hyphens (--) and any text following this symbol, on any line, can be ignored.
The
modular, easily extensible design of MIBs makes them able to support
any new functionality or device by adding an additional module. When
a module is written as an extension of another module, it will include
an IMPORTS
section, located below the DEFINITIONS
line.
The IMPORTS
section defines the objects required
by modules higher in the MIB hierarchy and the modules in which they
in turn are defined.
include
statement
in a programming language such as C or Perl, or in a Netcool rules
file. Additionally, in order to understand the objects in the current
MIB module (RFC1157-SNMP) you must also be aware of the objects in
the previous MIB module (RFC1155-SMI). RFC1157-SNMP DEFINITIONS ::= BEGIN IMPORTS ObjectName, ObjectSyntax, NetworkAddress,
IpAddress, TimeTicks FROM RFC1155-SMI;
Typographical
errors are easily made when specifying imported MIB names. For example,
RFC1212 might be referenced as a MIB module instead of the correct
name, RFC-1212. If parsing errors are highlighted by MIB Manager, you must check the IMPORTS
section
to confirm that the MIB modules are correctly named. Some MIB modules
also contain an EXPORTS
section (which also ends
with a semicolon). This section informs the reader that the MIB author
expects other MIB modules to use the same specified objects. For our
purposes, this section is irrelevant and can be ignored.
Defined data types
SNMP MIB modules are defined in a format known as ASN.13 (Abstract Syntax Notation 1). SNMP, however, only uses a portion of ASN.14. ASN.1 is defined in ITU-T X.208 and in ISO 8824. The portions of ASN.1 that apply to SNMP are defined in RFC1155. RFC1155 defines the following valid SNMP data types:
- Primitive types: INTEGER, OCTET STRING, OBJECT IDENTIFIER, NULL
- Constructor types: SEQUENCE, SEQUENCE OF
- Defined types: NetworkAddress, IpAddress, Counter, Gauge, TimeTicks, Opaque
A defined type is the mechanism used to specify a particular format for primitive or constructor types. MIB authors can define additional types using the TEXTUAL-CONVENTION construct.
DisplayString
is
a good example of a defined type. In the SNMPv2-SMI-v1 MIB module,
the v1 version of DisplayString
has the following
definition:DisplayString ::= OCTET STRING (0..255)
DisplayString
has
the following definition: DisplayString ::= TEXTUAL-CONVENTION DISPLAY-HINT "255a" STATUS current DESCRIPTION
"Represents textual information taken from the NVT ASCII character set, as defined
in pages 4, 10-11 of RFC 854. To summarize RFC 854, the NVT ASCII repertoire
specifies: - the use of character codes 0-127 (decimal) - the graphics characters
(32-126) are interpreted as US ASCII - NUL, LF, CR, BEL, BS, HT, VT and FF have the
special meanings specified in RFC 854 - the other 25 codes have no standard
interpretation - the sequence 'CR LF' means newline - the sequence 'CR NUL' means
carriage-return - an 'LF' not preceded by a 'CR' means moving to the same column on
the next line. - the sequence 'CR x' for any x other than LF or NUL is illegal.
(Note that this also means that a string may end with either 'CR LF' or 'CR NUL',
but not with CR.) Any object defined using this syntax may not exceed 255 characters
in length." SYNTAX OCTET STRING (SIZE (0..255))
The example
above shows that a DisplayString
is an OCTET STRING
of 0 to 255 characters in length. Note that each OBJECT DESCRIPTOR
that corresponds to an object type in an internet-standard MIB must
be a unique, mnemonic, printable string.Defining objects
A common mistake made when writing MIB modules is to create an object name that is not unique. It is claimed that the RFC1155 statement means that only objects within a single MIB module must be unique. As previously discussed, the MIB is the complete set of modules which, when combined, are used to manage a particular device. Therefore, all objects defined in any MIB module must be unique, not only in its own module, but also in any other object name in any imported modules, and any modules that those modules may import. A common mechanism for ensuring that object names are unique is to pre-pend all module names with the company's ticker symbol or abbreviated company name.
When objects are defined they are mapped into a numerical hierarchy which resembles a spanning tree. Each time an object is defined, it is defined as a leaf of a parent object. The following three root objects are defined in the SNMP MIB tree:
ccitt
(root node zero)iso
(root node 1)joint-iso-ccitt
(root node 2)
internet OBJECT IDENTIFIER ::= { iso org(3) dod(6) 1 } directory OBJECT IDENTIFIER ::=
{ internet 1 } mgmt OBJECT IDENTIFIER ::= { internet 2 } experimental OBJECT IDENTIFIER
::= { internet 3 } private OBJECT IDENTIFIER ::= { internet 4 } enterprises OBJECT
IDENTIFIER ::= { private 1 }
These definitions indicate the object name, the associated object types, each object's parent name (or ordered list of parents), and the leaf number of this child to that parent (or parents). Graphically, these items take on a hierarchical form.
You move through the MIB tree view by expanding and collapsing nodes within the MIB tree. The top level branches of the MIB tree contain the names of the MIB modules, and contained within each MIB module branch are the other elements which comprise the MIB. As additional modules are added to the MIB, additional objects are added to the MIB tree. Each object can be referred to either by its object name or by its object identifier (OID). The most accurate method is to refer to its OID. Its OID is defined as its number, and each of its ancestor's numbers continuing back to the root node, concatenated together with a period (.) separating each. The OID for the enterprises object (node or leaf) is 1.3.6.1.4.1.
Many vendors do not ensure that their object names are universally unique, therefore it is possible for two vendors to have an object sharing the same name. This makes the use of the object name to identify an object a little ambiguous.