-- Copyright (C) 2007-2012 Aricent Group . All Rights Reserved -- $Id: fsipdb.mib,v 1.5 2012/09/07 09:52:05 siva Exp $ -- IP-BINDING-DATABASE Proprietary MIB Definition -- This MIB contains scalars and tables used to configure/storing -- (HOST, IP) binding informations. ARICENT-IPDB-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, enterprises, IpAddress, Counter32, Integer32, Unsigned32 FROM SNMPv2-SMI RowStatus, MacAddress, TruthValue FROM SNMPv2-TC InterfaceIndex FROM IF-MIB; fsipdb MODULE-IDENTITY LAST-UPDATED "201209050000Z" ORGANIZATION "ARICENT COMMUNICATIONS SOFTWARE" CONTACT-INFO "support@aricent.com" DESCRIPTION " The proprietary MIB module for IPDB module. Used to maintain the hosts IP, MAC & VLAN in a database which will be used to allow/drop the incoming IP traffic on a specific interface. " REVISION "201209050000Z" DESCRIPTION " Inclusion of debug option for IPDB module. " REVISION "201005240000Z" DESCRIPTION " Addition of 'fsIpDbSrcGuardConfigTable', which is used to configure IP source guard status per Layer 2 interfaces basis. IP source guard is used to restrict the IP traffic on Layer 2 interfaces by filtering traffic based on the IP binding database." REVISION "201005170000Z" DESCRIPTION "Grammatical and Spelling mistakes are removed. " ::= { enterprises aricent-communication-holding-ltd(29601) iss(2) 2} -- ------------------------------------------------------------- -- Textual Conventions -- ------------------------------------------------------------- Ipv6Address ::= TEXTUAL-CONVENTION DISPLAY-HINT "2x:" STATUS current DESCRIPTION "This data type is used to model IPv6 addresses. This is a binary string of 16 octets in network byte-order." SYNTAX OCTET STRING (SIZE (16)) -- *************************************************************************** -- Groups in the MIB -- *************************************************************************** fsIpDbScalars OBJECT IDENTIFIER ::= { fsipdb 1 } fsIpDbStatic OBJECT IDENTIFIER ::= { fsipdb 2 } fsIpDbBindings OBJECT IDENTIFIER ::= { fsipdb 3 } fsIpDbInterface OBJECT IDENTIFIER ::= { fsipdb 4 } fsIpDbSrcGuard OBJECT IDENTIFIER ::= { fsipdb 5 } fsIpArpInspect OBJECT IDENTIFIER ::= { fsipdb 6 } fsIpDbv6Static OBJECT IDENTIFIER ::= { fsipdb 7 } fsIpDbv6Bindings OBJECT IDENTIFIER ::= { fsipdb 8 } -- *************************************************************************** -- SCALARS -- *************************************************************************** fsIpDbNoOfBindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the total number of (host, IP) bindings, across all VLAN's, at a given time. This is nothing but the total number of entries in the IP binding database" ::= { fsIpDbScalars 1 } fsIpDbNoOfStaticBindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the total number of static (host, IP) bindings, across all VLANS, at the given time." ::= { fsIpDbScalars 2 } fsIpDbNoOfDHCPBindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the total number of (host, IP) bindings configured through DHCP, across all VLANS, at the given time." ::= { fsIpDbScalars 3 } fsIpDbNoOfPPPBindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the total number of (host, IP) bindings configured through PPP, across all VLANS, at the given time." ::= { fsIpDbScalars 4 } fsIpDbTraceLevel OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "This object is used to enable trace statements in IP binding database module. A four byte integer is used for enabling the trace level. Each bit in the four byte integer represents a particular trace level. The mapping between the bit positions & the trace level is as follows: BIT 1 - Function entry traces BIT 2 - Function Exit traces BIT 3 - Debug traces BIT 4 - Failure traces BIT 5 - Function arguments trace The remaining bits are unused. Combination of levels are also allowed. For example if the bits 1 and 2 are set, then the trace statement related to function entry and exit will be printed. The user has to enter the corresponding integer value for the bits set. For example if bits 1 and 2 are to be set ,then user has to give the value 6." ::= { fsIpDbScalars 5 } fsIpDbv6DynamicDbSaveStatus OBJECT-TYPE SYNTAX INTEGER { enable(1), disable (2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object indicates whether the dynamic binding entries present in the binding table can be saved and restored upon system reboot. If this object is set to 'enable', the dynamic entries in the binding table will be saved in addition to the static binding entries. If this object is set to 'disable', the dynamic entries in the binding table will not be saved. The default value is enable If dynamic binding entries need not be saved, then this object should be configured as 'disabled' before initiating the configuration save opertion in the system. This object is supported for IPV6 binding database and not for IPV4 binding database." DEFVAL { enable } ::= { fsIpDbScalars 6 } fsIpDbClearBindingStatus OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object removes all dynamically learnt (host, IP) Binding entries from the binding table fsIpDbBindingTable, when it is set as 'true'. After flush/clear, this object is set to 'false'" DEFVAL { false } ::= { fsIpDbScalars 7 } fsIpDbv6ClearBindingStatus OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object removes all dynamically learnt (host, IPv6) Binding entries from the binding table fsIpDbv6BindingTable, when it is set as 'true'. After flush/clear, this object is set to 'false'" DEFVAL { false } ::= { fsIpDbScalars 8 } -- *************************************************************************** -- GROUPS -- *************************************************************************** -- ********************** (HOST, IP) Static Bindings ************************* fsIpDbStaticBindingTable OBJECT-TYPE SYNTAX SEQUENCE OF FsIpDbStaticBindingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains the static Host IP configuration information." ::= { fsIpDbStatic 1} fsIpDbStaticBindingEntry OBJECT-TYPE SYNTAX FsIpDbStaticBindingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A single entry contains the binding information of a single host connected to the system." INDEX { fsIpDbStaticHostVlanId, fsIpDbStaticHostMac } ::= { fsIpDbStaticBindingTable 1 } FsIpDbStaticBindingEntry ::= SEQUENCE { fsIpDbStaticHostVlanId Integer32, fsIpDbStaticHostMac MacAddress, fsIpDbStaticHostIp IpAddress, fsIpDbStaticInIfIndex Integer32, fsIpDbStaticGateway IpAddress, fsIpDbStaticBindingStatus RowStatus } fsIpDbStaticHostVlanId OBJECT-TYPE SYNTAX Integer32 (1..4094) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The VLAN ID to which the host belongs. This is an index of the table." ::= { fsIpDbStaticBindingEntry 1 } fsIpDbStaticHostMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "MAC address of the Host. This is an index of the table." ::= { fsIpDbStaticBindingEntry 2 } fsIpDbStaticHostIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "IP address of the Host." ::= { fsIpDbStaticBindingEntry 3 } fsIpDbStaticInIfIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the interface to which the host is connected." ::= { fsIpDbStaticBindingEntry 4 } fsIpDbStaticGateway OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the gateway to which the Host have access to." ::= { fsIpDbStaticBindingEntry 5 } fsIpDbStaticBindingStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-write STATUS current DESCRIPTION "The rowstatus of the binding table entry. All the objects in the table must be filled before making the rowstatus as active." ::= { fsIpDbStaticBindingEntry 6 } -- ********************** (HOST, IP) Binding Database ************************ fsIpDbBindingTable OBJECT-TYPE SYNTAX SEQUENCE OF FsIpDbBindingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains the information about all the hosts connected to the system, their MAC Address, VLAN, IP etc." ::= { fsIpDbBindings 1} fsIpDbBindingEntry OBJECT-TYPE SYNTAX FsIpDbBindingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A single entry contains the binding information of a single host connected to the system." INDEX { fsIpDbHostVlanId, fsIpDbHostMac } ::= { fsIpDbBindingTable 1 } FsIpDbBindingEntry ::= SEQUENCE { fsIpDbHostVlanId Integer32, fsIpDbHostMac MacAddress, fsIpDbHostBindingType INTEGER, fsIpDbHostIp IpAddress, fsIpDbHostInIfIndex Integer32, fsIpDbHostRemLeaseTime Integer32, fsIpDbHostBindingID Unsigned32 } fsIpDbHostVlanId OBJECT-TYPE SYNTAX Integer32 (1..4094) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The VLAN ID to which the host belongs. This is an index of the table." ::= { fsIpDbBindingEntry 1 } fsIpDbHostMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "MAC address of the Host. This is an index of the table." ::= { fsIpDbBindingEntry 2 } fsIpDbHostBindingType OBJECT-TYPE SYNTAX INTEGER { static (1), dhcp (2), ppp (3) } MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies whether the entry was configured through static or dynamically learnt through DHCP or PPP." ::= { fsIpDbBindingEntry 3 } fsIpDbHostIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "IP address of the Host." ::= { fsIpDbBindingEntry 4 } fsIpDbHostInIfIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the interface to which the host is connected." ::= { fsIpDbBindingEntry 5 } fsIpDbHostRemLeaseTime OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The Remaining lease time in seconds for the (host, IP) binding. Applicable only if the fsIpDbBindingType is DHCP." ::= { fsIpDbBindingEntry 6 } fsIpDbHostBindingID OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "An integer value that identifies the binding type. For Static Bindings, this value is 0. For DHCP Bindings, this is the transaction ID. For PPP Bindings, this is the session ID of PPPoE session." ::= { fsIpDbBindingEntry 7 } -- Below is the Gateway Table corresponding to each binding entry. -- Each binding entry will contain a table of Gateway IPs, -- which will contain atleast one (default gateway) gateway IP entry. fsIpDbGatewayIpTable OBJECT-TYPE SYNTAX SEQUENCE OF FsIpDbGatewayIpEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table is a part of FsDhcpSnpBindingEntry. The table contains IP address of Gateways allowed for the host. The host will be allowed to contact only these Gateways." ::= { fsIpDbBindings 2 } fsIpDbGatewayIpEntry OBJECT-TYPE SYNTAX FsIpDbGatewayIpEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains an IP address of Gateway allowed for the host." INDEX { fsIpDbHostMac, fsIpDbHostVlanId, fsIpDbGatewayNetwork, fsIpDbGatewayNetMask, fsIpDbGatewayIp } ::= { fsIpDbGatewayIpTable 1 } FsIpDbGatewayIpEntry ::= SEQUENCE { fsIpDbGatewayNetwork IpAddress, fsIpDbGatewayNetMask IpAddress, fsIpDbGatewayIp IpAddress, fsIpDbGatewayIpMode INTEGER } fsIpDbGatewayNetwork OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The network IP address of the gateway." ::= { fsIpDbGatewayIpEntry 1 } fsIpDbGatewayNetMask OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The mask for the network to which the gateway is given." ::= { fsIpDbGatewayIpEntry 2 } fsIpDbGatewayIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Gateway IP for the given network." ::= { fsIpDbGatewayIpEntry 3 } fsIpDbGatewayIpMode OBJECT-TYPE SYNTAX INTEGER { active (0) } MAX-ACCESS read-only STATUS current DESCRIPTION "The Gateway IP verification mode while ARP packet processing. " ::= { fsIpDbGatewayIpEntry 4 } -- **************************** Interface Entry ****************************** fsIpDbInterfaceTable OBJECT-TYPE SYNTAX SEQUENCE OF FsIpDbInterfaceEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains the interface (layer 2 VLAN) specific informations." ::= { fsIpDbInterface 1 } fsIpDbInterfaceEntry OBJECT-TYPE SYNTAX FsIpDbInterfaceEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry will contain statistics associated with the interface." INDEX { fsIpDbIntfVlanId } ::= { fsIpDbInterfaceTable 1 } FsIpDbInterfaceEntry ::= SEQUENCE { fsIpDbIntfVlanId Integer32, fsIpDbIntfNoOfVlanBindings Counter32, fsIpDbIntfNoOfVlanStaticBindings Counter32, fsIpDbIntfNoOfVlanDHCPBindings Counter32, fsIpDbIntfNoOfVlanPPPBindings Counter32, fsIpDbIntfNoOfVlanDHCPv6Bindings Counter32, fsIpDbIntfNoOfVlanStaticv6Bindings Counter32 } fsIpDbIntfVlanId OBJECT-TYPE SYNTAX Integer32 (1..4094) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Vlan ID of the VLAN to which this table-entry is associated." ::= { fsIpDbInterfaceEntry 1 } fsIpDbIntfNoOfVlanBindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This indicates the total number of (host, IP) bindings for a given VLAN at a given time." ::= { fsIpDbInterfaceEntry 2 } fsIpDbIntfNoOfVlanStaticBindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This indicates the total number of static (host, IP) bindings for a VLAN at a given time. " ::= { fsIpDbInterfaceEntry 3 } fsIpDbIntfNoOfVlanDHCPBindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This indicates the total number of (host, IP) bindings configured through DHCP for a VLAN at a given time. " ::= { fsIpDbInterfaceEntry 4 } fsIpDbIntfNoOfVlanPPPBindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This indicates the total number of (host, IP) bindings configured through PPP for a VLAN at a given time. " ::= { fsIpDbInterfaceEntry 5 } fsIpDbIntfNoOfVlanDHCPv6Bindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This indicates the total number of (host, IPv6) bindings learnt through DHCPv6 for a VLAN at a given time. " ::= { fsIpDbInterfaceEntry 6 } fsIpDbIntfNoOfVlanStaticv6Bindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This indicates the total number of static (host, IPv6) bindings for a VLAN at a given time. " ::= { fsIpDbInterfaceEntry 7 } -- ====================================================== -- IP source guard table -- ====================================================== fsIpDbSrcGuardConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF FsIpDbSrcGuardConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " This table provides the objects to enable or disable IP/IPv6 source guard on each non routed Layer 2 interfaces. When DHCP/DHCPv6 Snooping is enabled at an interface, a list of IP addresses is obtained through DHCP snooping for this particular interface and these list of IP address are maintained in IP/IPv6 binding database along with the MAC, VLAN ID and interface index. This database can be populated using static configuration also. If IP/IPv6 source guard is enabled, incoming IP traffic on an interface are allowed when there is a matching entry in IP/IPv6 binding database. Else, all incoming IP traffic on an interface are allowed irrespective of the IP/IPv6 binding database." ::= { fsIpDbSrcGuard 1 } fsIpDbSrcGuardConfigEntry OBJECT-TYPE SYNTAX FsIpDbSrcGuardConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " Each row instance contains the configuration to enable or disable IP/IPv6 source guard on a physical interface. " INDEX { fsIpDbSrcGuardIndex } ::= { fsIpDbSrcGuardConfigTable 1 } FsIpDbSrcGuardConfigEntry ::= SEQUENCE { fsIpDbSrcGuardIndex InterfaceIndex, fsIpDbSrcGuardStatus INTEGER, fsIpDbv6SrcGuardStatus INTEGER } fsIpDbSrcGuardIndex OBJECT-TYPE SYNTAX InterfaceIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "This indicates the interface identifier for which the IP/IPv6 source guard configuration is applied." ::= { fsIpDbSrcGuardConfigEntry 1 } fsIpDbSrcGuardStatus OBJECT-TYPE SYNTAX INTEGER { disable(1), ip (2), ipMac (3) } MAX-ACCESS read-write STATUS current DESCRIPTION " This object indicates the IP source guard status of an interface. If this object is set to 'disable', IP source guard feature is disabled and all incoming IP traffic on this interface will be allowed. If this object is set to 'ip', IP source guard feature is enabled on fsIpDbSrcGuardIndex with Source IP address filtering mode. The switch allows the IP traffic when the source IP matches with an entry in Ip binding database. If this object is set to 'ipMac', IP source guard is enabled on the fsIpDbSrcGuardIndex with Source IP and MAC address filtering mode. The switch allows the IP traffic when the source IP and MAC address matches with an entry in Ip binding database. When there is no IP binding entries and IP source guard is enabled, switch drops all types of packets other than DHCP packet. " DEFVAL { disable } ::= { fsIpDbSrcGuardConfigEntry 2 } fsIpDbv6SrcGuardStatus OBJECT-TYPE SYNTAX INTEGER { enable(1), disable (2) } MAX-ACCESS read-write STATUS current DESCRIPTION " This object indicates the IPv6 source guard status of an interface. If this object is set to 'disable', IPv6 source guard feature is disabled and all incoming IPv6 traffic on this interface will be allowed. If this object is set to 'enable', IPv6 source guard is enabled on the fsIpDbSrcGuardIndex with Source IPv6 and MAC address filtering mode. The switch allows the IPv6 traffic when the source IPv6 and MAC address matches with an entry in Ipv6 binding database. When there is no IPv6 binding entries and IPv6 source guard is enabled, switch drops all types of packets other than DHCP packet. " DEFVAL { disable } ::= { fsIpDbSrcGuardConfigEntry 3 } -- ====================================================== -- ARP Inspection related objects -- ====================================================== fsIpArpInspectionStatus OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Contains the informations whether ARP Inspection is enabled/disabled in the switch" DEFVAL { 2 } ::= { fsIpArpInspect 1 } fsIpArpInsValidateOption OBJECT-TYPE SYNTAX BITS { srcmac(1), dstmac(2), ip(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object contains configuration support to enable/disable additional validation of ARP packets. This configuration is applicable when ARP inspection status is enabled in the switch. src-mac: This checks the source MAC address in the Ethernet header against the sender MAC address in the ARP body for both ARP requests and responses. dst-mac: This checks the destination MAC address in the Ethernet header against the target MAC address in ARP body for ARP responses. ip addr: This checks the ARP body for invalid and unexpected IP addresses i,e 0.0.0.0, 255.255.255.255, and all IP multicast addresses. Sender IP addresses are checked in all ARP requests and responses, and target IP addresses are checked only in ARP responses." DEFVAL { 0 } ::= { fsIpArpInspect 2 } fsIpArpInsArpPktsForwarded OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the total number of ARP packets forwarded after dynamic ARP inspection. When ARP inspection is configured on specific VLANs, then the statistics in the ARP inspection VLAN table alone is applicable. " ::= { fsIpArpInspect 3 } fsIpArpInsArpPktsDropped OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the total number of ARP packets dropped as a result of dynamic ARP inspection. When ARP inspection is configured on specific VLANs, then the statistics in the ARP inspection VLAN table alone is applicable. " ::= { fsIpArpInspect 4 } fsIpArpInsIPValidFailures OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the total number of ARP packets dropped due to IP validation failures. When ARP inspection is configured on specific VLANs, then the statistics in the ARP inspection VLAN table alone is applicable. " ::= { fsIpArpInspect 5 } fsIpArpInsDestMACFailures OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the total number of ARP packets dropped due to Destination MAC validation failures. When ARP inspection is configured on specific VLANs, then the statistics in the ARP inspection VLAN table alone is applicable. " ::= { fsIpArpInspect 6 } fsIpArpInsSrcMACFailures OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the total number of ARP packets dropped due to Source MAC validation failures. When ARP inspection is configured on specific VLANs, then the statistics in the ARP inspection VLAN table alone is applicable. " ::= { fsIpArpInspect 7 } fsIpArpInsGlobalStatsClear OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object is used to clear Dynamic ARP inspection global statistics. Setting this object to true will cause the statistics to be reset and setting this object to false will have no effect. This object reverts back to false after clearing the statistics." DEFVAL { false } ::= { fsIpArpInspect 8 } fsIpArpInsVlanTable OBJECT-TYPE SYNTAX SEQUENCE OF FsIpArpInsVlanEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " This table contains information of arp inspection status(enable/disable) and drop and forwarded statistics on each vlan" ::= { fsIpArpInspect 9 } fsIpArpInsVlanEntry OBJECT-TYPE SYNTAX FsIpArpInsVlanEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains the informations whether ARP Inspection is enabled/disabled on the given Vlan." INDEX { fsIpArpInsVlanId } ::= { fsIpArpInsVlanTable 1 } FsIpArpInsVlanEntry ::= SEQUENCE { fsIpArpInsVlanId Integer32, fsIpArpInsVlanStatus INTEGER, fsIpArpInsVlanArpPktsForwarded Integer32, fsIpArpInsVlanArpPktsDropped Integer32, fsIpArpInsVlanIPValidFailures Integer32, fsIpArpInsVlanDestMACFailures Integer32, fsIpArpInsVlanSrcMACFailures Integer32, fsIpArpInsVlanClearStats TruthValue, fsIpArpInsVlanRowStatus RowStatus } fsIpArpInsVlanId OBJECT-TYPE SYNTAX Integer32 (1..4094) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Vlan ID of the VLAN to which this table-entry is associated." ::= { fsIpArpInsVlanEntry 1 } fsIpArpInsVlanStatus OBJECT-TYPE SYNTAX INTEGER { enabled (1), disabled (2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this object Enables or disables IP ARP Inspection status in the given VLAN. This configuration is applicable only when ARP inspecion status is enabled in the switch globally" DEFVAL { 2 } ::= { fsIpArpInsVlanEntry 2 } fsIpArpInsVlanArpPktsForwarded OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object specifies the total number of arp packets forwarded on this VLAN." ::= { fsIpArpInsVlanEntry 3 } fsIpArpInsVlanArpPktsDropped OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object specifies the total number of arp packets dropped on this VLAN." ::= { fsIpArpInsVlanEntry 4 } fsIpArpInsVlanIPValidFailures OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object specifies the total number of arp packets dropped due to IP validation failures on this VLAN." ::= { fsIpArpInsVlanEntry 5 } fsIpArpInsVlanDestMACFailures OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object specifies the total number of arp packets dropped due to DEST MAC validation failures on this VLAN." ::= { fsIpArpInsVlanEntry 6 } fsIpArpInsVlanSrcMACFailures OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "This object specifies the total number of arp packets dropped due to SRC MAC validation failures." ::= { fsIpArpInsVlanEntry 7 } fsIpArpInsVlanClearStats OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object is used to clear all Dynamic ARP inspection statistics of this VLAN. Setting this object to true will cause the statistics to be reset and setting this object to false will have no effect. This object revert backs to false after clearing the statistics." DEFVAL { false } ::= { fsIpArpInsVlanEntry 8 } fsIpArpInsVlanRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies Row-Status of VLAN entry" ::= { fsIpArpInsVlanEntry 9 } -- ********************** (HOST, IPv6) Static Bindings ************************* fsIpDbv6StaticBindingTable OBJECT-TYPE SYNTAX SEQUENCE OF FsIpDbv6StaticBindingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains the static Host IPv6 configuration information." ::= { fsIpDbv6Static 1} fsIpDbv6StaticBindingEntry OBJECT-TYPE SYNTAX FsIpDbv6StaticBindingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A single entry contains the binding information of a single host connected to the system." INDEX { fsIpDbv6StaticHostVlanId, fsIpDbv6StaticHostMac } ::= { fsIpDbv6StaticBindingTable 1 } FsIpDbv6StaticBindingEntry ::= SEQUENCE { fsIpDbv6StaticHostVlanId Integer32, fsIpDbv6StaticHostMac MacAddress, fsIpDbv6StaticHostIp Ipv6Address, fsIpDbv6StaticInIfIndex Integer32, fsIpDbv6StaticBindingStatus RowStatus } fsIpDbv6StaticHostVlanId OBJECT-TYPE SYNTAX Integer32 (1..4094) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The VLAN ID to which the host belongs. This is an index of the table." ::= { fsIpDbv6StaticBindingEntry 1 } fsIpDbv6StaticHostMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "MAC address of the Host. This is an index of the table." ::= { fsIpDbv6StaticBindingEntry 2 } fsIpDbv6StaticHostIp OBJECT-TYPE SYNTAX Ipv6Address MAX-ACCESS read-write STATUS current DESCRIPTION "IPv6 address of the Host." ::= { fsIpDbv6StaticBindingEntry 3 } fsIpDbv6StaticInIfIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the interface to which the host is connected." ::= { fsIpDbv6StaticBindingEntry 4 } fsIpDbv6StaticBindingStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-write STATUS current DESCRIPTION "The rowstatus of the Ipv6 binding table entry. All the objects in the table must be filled before making the rowstatus as active." ::= { fsIpDbv6StaticBindingEntry 6 } -- ********************** (HOST, IPv6) Binding Database ************************ fsIpDbv6BindingTable OBJECT-TYPE SYNTAX SEQUENCE OF FsIpDbv6BindingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains the information about all the hosts connected to the system, their MAC Address, VLAN, IPv6 address" ::= { fsIpDbv6Bindings 1} fsIpDbv6BindingEntry OBJECT-TYPE SYNTAX FsIpDbv6BindingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A single entry contains the binding information of a single host connected to the system." INDEX { fsIpDbv6HostVlanId, fsIpDbv6HostMac } ::= { fsIpDbv6BindingTable 1 } FsIpDbv6BindingEntry ::= SEQUENCE { fsIpDbv6HostVlanId Integer32, fsIpDbv6HostMac MacAddress, fsIpDbv6HostBindingType INTEGER, fsIpDbv6HostIp Ipv6Address, fsIpDbv6HostInIfIndex Integer32, fsIpDbv6HostRemLeaseTime Integer32 } fsIpDbv6HostVlanId OBJECT-TYPE SYNTAX Integer32 (1..4094) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The VLAN ID to which the host belongs. This is an index of the table." ::= { fsIpDbv6BindingEntry 1 } fsIpDbv6HostMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "MAC address of the Host. This is an index of the table." ::= { fsIpDbv6BindingEntry 2 } fsIpDbv6HostBindingType OBJECT-TYPE SYNTAX INTEGER { static (1), dhcp (2)} MAX-ACCESS read-write STATUS current DESCRIPTION "Specifies whether the entry was configured through static configuration or dynamically learnt through DHCPv6. This object is in read-write mode for dynamic entry configuration save purpose. This object cannot be configured by user." ::= { fsIpDbv6BindingEntry 3 } fsIpDbv6HostIp OBJECT-TYPE SYNTAX Ipv6Address MAX-ACCESS read-write STATUS current DESCRIPTION "IPv6 address of the Host. This object is in read-write mode for dynamic entry configuration save purpose. This object cannot be configured by user." ::= { fsIpDbv6BindingEntry 4 } fsIpDbv6HostInIfIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the interface to which the host is connected. This object is in read-write mode for dynamic entry configuration save purpose. This object cannot be configured by user." ::= { fsIpDbv6BindingEntry 5 } fsIpDbv6HostRemLeaseTime OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "The Remaining lease time in seconds for the (host, IPv6) binding. Applicable only if the fsIpDbv6BindingType is DHCPv6. This object is in read-write mode for dynamic entry configuration save purpose. This object cannot be configured by user." ::= { fsIpDbv6BindingEntry 6 } END