3.2. Processing a Received Communication

This section describes the procedure followed by a SNMPv2 entity whenever a management communication is received.

1. The snmpStatsPackets counter [7] is incremented. If the received message is not the serialization (according to the conventions of [5]) of an SnmpPrivMsg value, then that message is discarded without further processing. (If the first octet of the packet has the value hexadecimal 30, then the snmpStats30Something counter [7] is incremented prior to discarding the message; otherwise the snmpStatsEncodingErrors counter [7] is incremented.)

2. The local database of party information is consulted for information about the receiving SNMPv2 party identified by the privDst component of the SnmpPrivMsg value.

3. If information about the receiving SNMPv2 party is absent from the local database of party information, or indicates that the receiving party's operation is not realized by the local SNMPv2 entity, then the received message is discarded without further processing, after the snmpStatsUnknownDstParties counter [7] is incremented.

4. An ASN.1 OCTET STRING value is constructed (possibly by decryption, according to the privacy protocol in use) from the privData component of said SnmpPrivMsg value.

   In particular, if the privacy protocol recorded for the party is noPriv, then the OCTET STRING value corresponds exactly to the privData component of the SnmpPrivMsg value.

5. If the OCTET STRING value is not the serialization (according to the conventions of [5]) of an SnmpAuthMsg value, then the received message is discarded without further processing, after the snmpStatsEncodingErrors counter [7] is incremented.

6. If the dstParty component of the authData component of the obtained SnmpAuthMsg value is not the same as the privDst component of the SnmpPrivMsg value, then the received message is discarded without further processing, after the snmpStatsDstPartyMismatches counter [7] is incremented.

7. The local database of party information is consulted for information about the originating SNMPv2 party identified by the srcParty component of the authData component of the SnmpAuthMsg value.

8. If information about the originating SNMPv2 party is absent from the local database of party information, then the received message is discarded without further processing, after the snmpStatsUnknownSrcParties counter [7] is incremented.

9. The obtained SnmpAuthMsg value is evaluated according to the authentication protocol and other relevant information associated with the originating and receiving SNMPv2 parties in the local database of party information.

   In particular, if the authentication protocol is identified as noAuth, then the SnmpAuthMsg value is always evaluated as authentic.

10. If the SnmpAuthMsg value is evaluated as unauthentic, then the received message is discarded without further processing, and if the snmpV2EnableAuthenTraps object [7] is enabled, then the SNMPv2 entity sends authorizationFailure traps [7] according to its configuration (Section 4.2.6 of[2]).

11. The SnmpMgmtCom value is extracted from the authData component of the SnmpAuthMsg value.

12. The local database of context information is consulted for information about the SNMPv2 context identified by the context component of the SnmpMgmtCom value.

13. If information about the SNMPv2 context is absent from the local database of context information, then the received message is discarded without further processing, after the snmpStatsUnknownContexts counter [7] is incremented.

14. The local database of access policy information is consulted for access privileges permitted by the local access policy to the originating SNMPv2 party with respect to the receiving SNMPv2 party and the indicated SNMPv2 context.

15. The management communication class is determined from the ASN.1 tag value associated with the PDUs component of the SnmpMgmtCom value. If the management information class of the received message is either 32, 8, 2, or 1 (i.e., GetBulk, Set, GetNext or Get) and the SNMPv2 context is not realized by the local SNMPv2 entity, then the received message is discarded without further processing, after the snmpStatsUnknownContexts counter [7] is incremented.

16. If the management communication class of the received message is either 128, 64 or 4 (i.e., SNMPv2-Trap, Inform, or Response) and this class is not among the access privileges, then the received message is discarded without further processing, after the snmpStatsBadOperations counter [7] is incremented.

17. If the management communication class of the received message is not among the access privileges, then the received message is discarded without further processing after generation and transmission of a response message. This response message is directed to the originating SNMPv2 party on behalf of the receiving SNMPv2 party. Its context, var-bind-list and request-id components are identical to those of the received request. Its error- index component is zero and its error-status component is authorizationError [2].

18. If the SNMPv2 context refers to local object resources, then the management operation represented by the SnmpMgmtCom value is performed by the receiving SNMPv2 entity with respect to the MIB view identified by the SNMPv2 context according to the procedures set forth in [2].

19. If the SNMPv2 context refers to remote object resources, then the management operation represented by the SnmpMgmtCom value is performed through the appropriate proxy relationship.