-- ***************************************************************** -- RBN-BIND-MIB Redback BIND Mib -- -- Copyright (c) 2002-2003 RedBack Networks, Inc. -- All rights reserved. -- -- ***************************************************************** RBN-BIND-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Unsigned32 FROM SNMPv2-SMI TEXTUAL-CONVENTION, TruthValue FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF SnmpAdminString FROM SNMP-FRAMEWORK-MIB RbnCircuitHandle, RbnSlot, RbnPort FROM RBN-TC rbnMgmt FROM RBN-SMI; rbnBindMib MODULE-IDENTITY LAST-UPDATED "200310131700Z" -- October 13, 2003 ORGANIZATION "Redback Networks, Inc." CONTACT-INFO " RedBack Networks, Inc. Postal: 300 Holger Way San Jose, CA 95134-1362 USA Phone: +1 408 750 5000 Fax: +1 408 750 5599 E-mail: mib-info@redback.com" DESCRIPTION "Defines the objects necessary to support binding circuits to interfaces." REVISION "200310131700Z" -- October 13, 2003 DESCRIPTION "Added new object rbnBindAuthDhcp. Added new MODULE-COMPLIANCE statement rbnBindCompliance2. Added new OBJECT-GROUP rbnBindConfigGroup2. Clarified DESCRIPTION clause for rbnBindName by adding multiIntfBind to the list of bind types where rbnBindName is applicable. Corrected misspelling of multiIntfBind in the DESCRIPTION clause of rbnBindAuthContext." REVISION "200303071700Z" -- March 7, 2003 DESCRIPTION "Added 'sessionBind' as one of the bind types that are applicable to rbnBindMaxSessions object. Removed reference to non-existant platform in DESCRIPTION of rbnBindMaxSessions object." REVISION "200211130000Z" -- November 13, 2002 DESCRIPTION "Updated to import RbnSlot and RbnPort from RBN-TC." REVISION "200207251700Z" -- Jul 25, 2002 DESCRIPTION "Added support for the CLIPs bind type." REVISION "200201071700Z" -- Jan 7, 2002 DESCRIPTION "Initial version." ::= { rbnMgmt 17 } rbnBindMIBObjects OBJECT IDENTIFIER ::= { rbnBindMib 1 } rbnBindMIBConformance OBJECT IDENTIFIER ::= { rbnBindMib 2 } rbnBindMIBNotifications OBJECT IDENTIFIER ::= { rbnBindMib 3 } -- -- Textual Conventions -- RbnBindType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The binding type. The comment after the enumeration label is the equivalent CLI command that would config the corresponding bind type." SYNTAX INTEGER { unbound(1), -- state on initial creation authBind(2), -- "bind authentication" bypassBind(3), -- "bind bypass" interfaceBind(4), -- "bind interface" subscriberBind(5), -- "bind subscriber" l2tptunnelBind(6), -- "bind l2tp-tunnel" sessionBind(7), -- "bind session" dot1qBind(8), -- "bind 802.1 Q" multiIntfBind(9), -- "bind multi interface" multiSubBind(10), -- "bind multi subscriber" multiClipsBind(11) -- "bind multi clips" } -- -- BIND Circuit Table -- rbnBindTable OBJECT-TYPE SYNTAX SEQUENCE OF RbnBindEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains the objects which identify and configure circuit bindings. With respect to creation and deletion of entries in this table, rows are created or deleted when a circuit is created or deleted - there is no explicit explicit creation or deletion of rows allowed or required." ::= { rbnBindMIBObjects 1 } rbnBindEntry OBJECT-TYPE SYNTAX RbnBindEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row in the rbnBindTable." INDEX { rbnBindCircuit } ::= { rbnBindTable 1 } RbnBindEntry ::= SEQUENCE { rbnBindCircuit RbnCircuitHandle, rbnBindType RbnBindType, rbnBindName SnmpAdminString, rbnBindPassword SnmpAdminString, rbnBindContext SnmpAdminString, rbnBindAuthContext SnmpAdminString, rbnBindServiceGrp SnmpAdminString, rbnBindAcl SnmpAdminString, rbnBindAuthChap TruthValue, rbnBindAuthPap TruthValue, rbnBindAuthWait TruthValue, rbnBindAuthPapFirst TruthValue, rbnBindMaxSessions Unsigned32, rbnBindPvcSlot RbnSlot, rbnBindPvcPort RbnPort, rbnBindVpn Unsigned32, rbnBindAuthDhcp TruthValue } rbnBindCircuit OBJECT-TYPE SYNTAX RbnCircuitHandle MAX-ACCESS not-accessible STATUS current DESCRIPTION "A key identifying the circuit for which the binding applies. Note the implication: this key identifies an existing circuit. A basic tenent thus evolves: the circuit must exist before it can be bound. See the definition of the RbnCircuitHandle TEXTUAL-CONVENTION for the definition of this key." ::= { rbnBindEntry 1 } rbnBindType OBJECT-TYPE SYNTAX RbnBindType MAX-ACCESS read-create STATUS current DESCRIPTION "The type of the binding. See the definition of the RbnBindType TEXTUAL-CONVENTION for the possible types. The bind type must be appropriate to the type of circuit that it is being applied to. See the AOS Command Reference Manual for a complete exposition of what circuit types may be associated with which bindings. Note that when a circuit is created, an initial binding is established of type 'unbound'. So there is always some binding in effect for a circuit; there is no concept of explicitly creating or deleting a binding, there is merely setting it's type and supplying the applicable attributes for the bind type. In other words, with respect to entries in this table, when a circuit is created, a row in this table is also created. and when a circuit is deleted, the row in this table is also deleted. If you change the bind type to a new bind type for a circuit, the previous binding is removed and any active sessions are dropped. If an existing binding on the circuit is exactly the same as specified in the new binding, the existing binding is not removed. When changing the bind type to a new bind type, all objects mandatory for the new bind type must be included in the set operation. Thus, the bind type will determine which group of objects in a row of the rbnBindTable that will be applicable for that instance of a circuit. For example, if the bind type is 'subscriberBind', then the columns in the row that are applicable will be: rbnBindType rbnBindName rbnBindContext rbnBindPassword In a set operation, if additional columns are specified for some given bind type, that is, columnar objects which are not applicable to the given bind type, an INCONSISTENT VALUE error will be returned. The DESCRIPTION clause for each of the rbnBindTable objects specifies the bind types that are applicable for that object. For a complete specification of the various bind types and the applicable columns of the rbnBindTable, please see AOS Command Reference manual." REFERENCE "Access Operating System (AOS) Command Reference Release 5.0" ::= { rbnBindEntry 2 } rbnBindName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..192)) MAX-ACCESS read-create STATUS current DESCRIPTION "A name associated with the binding. This field is only applicable when the value of rbnBindType is: bypassBind interfaceBind subscriberBind l2tptunnelBind multiIntfBind multiSubBind sessionBind If the value of rbnBindType is not one of these bind types, then rbnBindName is not instantiated for this entry. The value of rbnBindName is dependent on the value specified in rbnBindType as described below: Bind Type Value of Name --------- ------------- bypassBind the name of an existing bypass to which the circuit is to be bound interfaceBind the name of an existing interface subscriberBind the name of a subscriber l2tptunnelBind the tunnel to which the circuit is to be bound multiIntfBind the name of an existing interface multiSubBind the name of a subscriber sessionBind the name of the peer or L2TP group to which the circuit is to be bound Don't think of rbnBindName as the name of the binding. Rather, it is the name of some other attribute associated with the binding." ::= { rbnBindEntry 3 } rbnBindPassword OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..64)) MAX-ACCESS read-create STATUS current DESCRIPTION "The AAA password. This field is only applicable when the value of rbnBindType is: subscriberBind If the value of rbnBindType is not this bind type, then rbnBindPassword is not instantiated for this entry." ::= { rbnBindEntry 4 } rbnBindContext OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..64)) MAX-ACCESS read-create STATUS current DESCRIPTION "The name of the context associated with the binding. This field is applicable only when one of the following rbnBindType values is specified: Bind Type Value of Context --------- ---------------- bypassBind The name of the context where the bypass exists. interfaceBind The name of the context in which the specified interface exists. subscriberBind The name of the context used to locate the subscriber information. l2tptunnelBind The name of the context in which the tunnel is configured. sessionBind The name of the context for the peer. multiIntfBind The name of the context for the interface to which the IP over Ethernet portion of the circuit is to be bound. multiSubBind The name of the context for the interface to which the IP over Ethernet portion of the circuit is to be bound. multiClipsBind The name of the context for the interface to which the IP over Ethernet portion of the circuit is to be bound. If the value of rbnBindType is not one of these bind types, then rbnBindContext is not instantiated for this entry." ::= { rbnBindEntry 5 } rbnBindAuthContext OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..64)) MAX-ACCESS read-create STATUS current DESCRIPTION "The name of the authentication context associated with the binding. It is the name of the context to which PPP sessions on the circuits being bound are restricted. Specification of this column for a given entry is optional. When using this optional context name, all attempts to bind PPP sessions to contexts other than the one specified will fail. This object is applicable only when one of the following rbnBindType values is specified: authBind multiIntfBind multiSubBind If the value of rbnBindType is not one of these bind types, then rbnBindAuthContext is not instantiated for this entry." ::= { rbnBindEntry 6 } rbnBindServiceGrp OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..64)) MAX-ACCESS read-create STATUS current DESCRIPTION "The name of the service access list associated with the binding. It is the name of the service access list that defines the services available to the PPP-encapsulated circuit. Specification of this column for a given entry is optional. When using this optional service access list, all attempts to authenticate to contexts or domains not permitted by the named service access list fail. This object is applicable only when one of the following rbnBindType values is specified: authBind multiIntfBind multiSubBind multiClipsBind If the value of rbnBindType is not one of these bind types, then rbnBindServiceGrp is not instantiated for this entry." ::= { rbnBindEntry 7 } rbnBindAcl OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..64)) MAX-ACCESS read-create STATUS current DESCRIPTION "The name of the bridge access control list associated with the binding. It is the name of the Access control list to be applied to the session. The access control list must already have been configured in the context of the session peer. This is typically used to filter packets so that only PPPoE traffic is allowed through an Ethernet L2TP tunnel. Specification of this column for a given entry is optional. This object is applicable only when one of the following rbnBindType values is specified: sessionBind If the value of rbnBindType is not one of these bind types, then rbnBindAcl is not instantiated for this entry." ::= { rbnBindEntry 8 } rbnBindAuthChap OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "If 'true', specifies that the PPP authentication protocol to be used is Challenge Handshake Authentication Protocol. This object is applicable only when one of the following rbnBindType values is specified: authBind multiIntfBind multiSubBind If the value of rbnBindType is not one of these bind types, then rbnBindAuthChap is not instantiated for this entry. When performing a set operation on a row which involves one of these bind types, either rbnBindAuthChap or rbnBindAuthPap or both must be specified. If both rbnBindAuthChap and rbnBindAuthPap are true, then either authentication protocol may be used." ::= { rbnBindEntry 9 } rbnBindAuthPap OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "If 'true', specifies that the PPP authentication protocol to be used is Password Authentication Protocol. This object is applicable only when one of the following rbnBindType values is specified: authBind multiIntfBind multiSubBind If the value of rbnBindType is not one of these bind types, then rbnBindAuthPap is not instantiated for this entry. When performing a set operation on a row which involves one of these bind types, either rbnBindAuthChap or rbnBindAuthPap or both must be specified. If both rbnBindAuthChap and rbnBindAuthPap are true, then either authentication protocol may be used." ::= { rbnBindEntry 10 } rbnBindAuthWait OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "If 'true', specifies that the inbound CHAP authentication is completed first. In other words, after the two sides have decided to use CHAP, the SMS waits for the inbound side to initiate athentication. If 'true', rbnBindAuthChap must also be specified. This object is applicable only when one of the following rbnBindType values is specified: authBind multiIntfBind multiSubBind If the value of rbnBindType is not one of these bind types, then rbnBindAuthWait is not instantiated for this entry. When performing a set operation on a row which involves this bind type, specification of this column is optional. If not specified, this object will not be instantiated." ::= { rbnBindEntry 11 } rbnBindAuthPapFirst OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "If 'true', specifies that Password Authentication Protocol (PAP) shall be negotiated before Challenge Handshake Authentication Protocol (CHAP). IF 'false', then CHAP is negotiated before PAP. With SNMP get operations, both rbnBindAuthChap and rbnBindAuthPap must be true or this object is not instantiated. With SNMP set operations, if 'true', then both rbnBindAuthChap and rbnBindAuthPap must also be specified as 'true'. This object is applicable only when one of the following rbnBindType values is specified: authBind multiIntfBind multiSubBind If the value of rbnBindType is not one of these bind types, then rbnBindAuthPapFirst is not instantiated for this entry. When performing a set operation on a row which involves one of these bind types, specification of this column is optional. If not specified, this object will not be instantiated." ::= { rbnBindEntry 12 } rbnBindMaxSessions OBJECT-TYPE SYNTAX Unsigned32(1..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum number of concurrent sessions allowed on the circuit. Applicable only to circuits which have an encapsulation of type PPPoE. If the circuit is not of this type, then this entry is ignored. Specification of this column for a given row is optional. If not specified, this object will not be instantiated. This object is applicable only when one of the following rbnBindType values is specified: authBind sessionBind multiIntfBind multiSubBind multiClipsBind If the value of rbnBindType is not one of these bind types, then rbnBindMaxSessions is not instantiated for this entry. The maximum number of concurrent sessions allowed on the circuit depends on the platform as specified in the table below: Platform Sessions MemSize -------- -------- ------- SMS10000 65535 SMS1800/1000 10000 64MB FE SMS1800/1000 8000 48MB FE SMS1800/1000 4000 32MB FE SMS1800/1000 4000 16MB FE SMS1800/1000 4000 8MB FE SMS500 2000" ::= { rbnBindEntry 13 } rbnBindPvcSlot OBJECT-TYPE SYNTAX RbnSlot MAX-ACCESS read-create STATUS current DESCRIPTION "The chassis slot number associated with this binding. Use of the 'dot1qBind' type is for binding an ATM or Frame Relay PVC to an Ethernet port using the specified VLAN ID in rbnBindVpn. This object is applicable only when one of the following rbnBindType values is specified: dot1qBind If the value of rbnBindType is not one of these bind types, then rbnBindPvcSlot is not instantiated for this entry." ::= { rbnBindEntry 14 } rbnBindPvcPort OBJECT-TYPE SYNTAX RbnPort MAX-ACCESS read-create STATUS current DESCRIPTION "The chassis port number associated with this binding. Use of the 'dot1qBind' type is for binding an ATM or Frame Relay PVC to an Ethernet port using the specified VLAN ID in rbnBindVpn. This object is applicable only when one of the following rbnBindType values is specified: dot1qBind If the value of rbnBindType is not one of these bind types, then rbnBindPvcPort is not instantiated for this entry." ::= { rbnBindEntry 15 } rbnBindVpn OBJECT-TYPE SYNTAX Unsigned32(2..4094) MAX-ACCESS read-create STATUS current DESCRIPTION "The specific tag to which the PVC is mapped on the specified Ethernet port. Use of the 'dot1qBind' type is for binding an ATM or Frame Relay PVC to an Ethernet port using the specified VLAN ID in rbnBindVpn. This object is applicable only when one of the following rbnBindType values is specified: dot1qBind If the value of rbnBindType is not one of these bind types, then rbnBindVpn is not instantiated for this entry." ::= { rbnBindEntry 16 } rbnBindAuthDhcp OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "If 'true', specifies an authentication mechanism where the DHCP server makes a request to the authentication subsystem upon receipt of incoming DHCP discover packets. This object is applicable only when one of the following rbnBindType values is specified: multiIntfBind multiClipsBind If the value of rbnBindType is not one of these bind types, then rbnBindAuthDhcp is not instantiated for this entry. When performing a set operation on a row which involves one of these bind types, if either rbnBindAuthChap or rbnBindAuthPap or both are specified, then rbnBindAuthDhcp may not be specified." ::= { rbnBindEntry 17 } -- -- compliance statements -- rbnBindCompliances OBJECT IDENTIFIER ::= { rbnBindMIBConformance 1 } rbnBindGroups OBJECT IDENTIFIER ::= { rbnBindMIBConformance 2 } rbnBindCompliance MODULE-COMPLIANCE STATUS deprecated DESCRIPTION "The compliance statement for SNMP entities which implement the RBN-BIND-MIB." MODULE -- this module MANDATORY-GROUPS { rbnBindConfigGroup } ::= { rbnBindCompliances 1} rbnBindCompliance2 MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMP entities which implement the RBN-BIND-MIB." MODULE -- this module MANDATORY-GROUPS { rbnBindConfigGroup2 } ::= { rbnBindCompliances 2} -- -- groupings -- rbnBindConfigGroup OBJECT-GROUP OBJECTS { rbnBindType, rbnBindName, rbnBindContext, rbnBindPassword, rbnBindAuthContext, rbnBindServiceGrp, rbnBindAcl, rbnBindAuthChap, rbnBindAuthPap, rbnBindAuthWait, rbnBindAuthPapFirst, rbnBindMaxSessions, rbnBindPvcSlot, rbnBindPvcPort, rbnBindVpn } STATUS deprecated DESCRIPTION "The collection of all objects applicable for all values of rbnBindType." ::= { rbnBindGroups 1} rbnBindConfigGroup2 OBJECT-GROUP OBJECTS { rbnBindType, rbnBindName, rbnBindContext, rbnBindPassword, rbnBindAuthContext, rbnBindServiceGrp, rbnBindAcl, rbnBindAuthChap, rbnBindAuthPap, rbnBindAuthWait, rbnBindAuthPapFirst, rbnBindMaxSessions, rbnBindPvcSlot, rbnBindPvcPort, rbnBindVpn, rbnBindAuthDhcp } STATUS current DESCRIPTION "The collection of all objects applicable for all values of rbnBindType." ::= { rbnBindGroups 2} END