Harald Tveit Alvestrand wrote:
--On 6. september 2005 11:00 -0700 Dave Crocker <dhc2@xxxxxxxxxxxx> wrote:
(By the way, I am awestruck at the potential impact of changing SNMP from
UDP-based to TCP-based, given the extensive debates that took place about
this when SNMP was originally developed. Has THIS decision been subject
to adequate external review, preferably including a pass by the IAB?)
just a formality note (and dropping nanog and the IESG):
I believe that the ISMS WG's proposal is about ADDING the possibility of
SNMP over TCP, not about CHANGING SNMP to use TCP.
UDP will still work.
And I believe Eliot's concern is about letting the TCP session that
carries the SNMP PDUs be opened from the agent to the manager, rather
than from the manager to the agent (yes I know - this is SNMPv1
terminology, but I've forgotten the SNMPv3 terminology); that is another
feature that comes in addition to what the group is apparently currently
working on.
And just BTW: I find "call home" reasonable to specify too, once you've
done TCP. It's obvious enough that I think it will be added to
implementations whether or not we specify it, so we should have very
strong reasons not to do so.
"Call home" is IMHO a fairly radical departure for SNMP and
raises trust model questions that I don't find easy to get
hold of. It seems quite distinct from both firewall traversal
and NAT traversal, conceptually, even if they might be
a side-effect of calling home.
I don't even believe you need to "turn" the session, since SNMPv3
doesn't recognize the concept of a "direction" for a session.... just
let the PDUs flow....
Disclaimer: I, too, have not seen the charter being proposed,
It should be on the ietf-announce list sometime today.
and I have
not followed the ISMS group. I have, however, once upon a time been
responsible AD for the SNMPv3 WG.
Brian
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf