-- ################################################################################ EXTREME-IDMGR-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY FROM SNMPv2-SMI OBJECT-TYPE FROM SNMPv2-SMI NOTIFICATION-TYPE FROM SNMPv2-SMI Integer32 FROM SNMPv2-SMI MacAddress FROM SNMPv2-TC InetAddress, InetAddressType FROM INET-ADDRESS-MIB InterfaceIndex FROM IF-MIB extremeAgent FROM EXTREME-BASE-MIB DateAndTime, AutonomousType FROM SNMPv2-TC; extremeIdMgr MODULE-IDENTITY LAST-UPDATED "201312180000Z" ORGANIZATION "Extreme Networks, Inc." CONTACT-INFO "www.extremenetworks.com" DESCRIPTION "Extreme Identity Management MIB" ::= { extremeAgent 36 } extremeIdMgrTraps OBJECT IDENTIFIER ::= { extremeIdMgr 1 } extremeIdMgrTrapPrefix OBJECT IDENTIFIER ::= { extremeIdMgrTraps 0 } extremeIdMgrObjects OBJECT IDENTIFIER ::= { extremeIdMgr 2 } extremeIdMgrConformance OBJECT IDENTIFIER ::= { extremeIdMgr 3 } -- -- Textual conventions -- ExtremeIdMgrInetAddrDetectMethod ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Represents the method by which the IP address of a location was detected by the device." SYNTAX BITS { ipArp(1), dhcpSnooping(2) } ExtremeIdMgrInetAddrSecViolation ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Represents the security violations that have been detected on an IP address." SYNTAX BITS { arp(1), dos(2), garp(3), srcIpLockdown(4), dhcpSnooping(5) } -- -- Notifications -- extremeIdMgrMemLevelChange NOTIFICATION-TYPE OBJECTS { extremeIdMgrTrapSeverity, extremeIdMgrMemUsageLevel, extremeIdMgrMemUsage, extremeIdMgrMemMaxSize, extremeIdMgrEffectiveStaleAgingTime } STATUS current DESCRIPTION "If Identity Management feature is enabled, this trap will be generated when the memory usage level changes." ::= { extremeIdMgrTrapPrefix 1 } -- internal object extremeIdMgrTrapSeverity OBJECT-TYPE SYNTAX INTEGER { critical(1), error(2), warning(3), notice(4), info(5), debug-summary(6), debug-verbose(7), debug-data(8) } MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Severity of Identity Management Trap" ::= { extremeIdMgrTraps 1} extremeIdMgrMemUsageLevel OBJECT-TYPE SYNTAX INTEGER { normal(1), high(2), critical(3), maximum(4) } MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The current memory usage level -normal(1) The Memory usage is within normal usage limits, <= 80% of configured maximum database size. -high(2) The memory usage level is high. Memory usage is more than 80% and less than or equal to 90% of configured maximum database size. -critical(3) The memory usage level is at critical level. Memory usage is more than 90% of configured maximum database size. -maximum(4) The memory usage level reached to maximum. Memory usage almost at 98% or more of configured maximum database size." ::= { extremeIdMgrTraps 2 } extremeIdMgrMemUsage OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The current memory usage (in KBytes)." ::= { extremeIdMgrTraps 3} extremeIdMgrMemMaxSize OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Configured identity management maximum database memory size (in KBytes)." ::= { extremeIdMgrTraps 4} extremeIdMgrEffectiveStaleAgingTime OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The effective stale aging time because of memory usage level change (in seconds)." ::= { extremeIdMgrTraps 5} -- -- Identity manager location table -- -- Limitations for EXOS: -- 1. Blackhole and static FDB entries are not displayed in this table extremeLocationTable OBJECT-TYPE SYNTAX SEQUENCE OF ExtremeLocationEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists all locations known to the device. A location is identified by its MAC address and the port on which the location was detected. A location may be discovered by the device via different methods like ARP, LLDP etc. The object extremeLocationDetectMethods lists the methods by which the device discovered the location. Entries are added or removed from this table automatically by the device whenever a location is found or lost." ::= { extremeIdMgrObjects 1 } extremeLocationEntry OBJECT-TYPE SYNTAX ExtremeLocationEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the extreme location table." INDEX { extremeLocationMacAddress, extremeLocationInterface } ::= { extremeLocationTable 1 } ExtremeLocationEntry ::= SEQUENCE { extremeLocationMacAddress MacAddress, extremeLocationInterface InterfaceIndex, extremeLocationDetectMethods BITS, extremeLocationDetectTime DateAndTime } extremeLocationMacAddress OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The MAC address of the location." ::= { extremeLocationEntry 1 } extremeLocationInterface OBJECT-TYPE SYNTAX InterfaceIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "The ifIndex of the interface on which the location was detected." ::= { extremeLocationEntry 2 } extremeLocationDetectMethods OBJECT-TYPE SYNTAX BITS { fdbLearn(1), ipArp(2), dhcpSnooping(3), lldp(4), kerberos(5), netloginMac(6), netloginWeb(7), netloginDot1x(8) } MAX-ACCESS read-only STATUS current DESCRIPTION "The methods by which the location was detected by the device." ::= { extremeLocationEntry 3 } extremeLocationDetectTime OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The time at which the location was detected by the device." ::= { extremeLocationEntry 4 } -- -- Locations detection method table -- extremeLocationDetectMethodTable OBJECT-TYPE SYNTAX SEQUENCE OF ExtremeLocationDetectMethodEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists the locations known to the device indexed by the detection method." ::= { extremeIdMgrObjects 2 } extremeLocationDetectMethodEntry OBJECT-TYPE SYNTAX ExtremeLocationDetectMethodEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the extreme location detection method table." INDEX { extremeLocationDetectMethod, extremeLocationMacAddress, extremeLocationInterface } ::= { extremeLocationDetectMethodTable 1 } ExtremeLocationDetectMethodEntry ::= SEQUENCE { extremeLocationDetectMethod INTEGER, extremeLocationDetectMethodData AutonomousType } extremeLocationDetectMethod OBJECT-TYPE SYNTAX INTEGER { fdbLearn(1), ipArp(2), dhcpSnooping(3), lldp(4), kerberos(5), netloginMac(6), netloginWeb(7), netloginDot1x(8) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The method by which the location was detected." ::= { extremeLocationDetectMethodEntry 1 } extremeLocationDetectMethodData OBJECT-TYPE SYNTAX AutonomousType MAX-ACCESS read-only STATUS current DESCRIPTION "Provides additional information regarding the location. The value of this object depends on the detection method: If extremeLocationDetectMethod is lldp, extremeLocationDetectMethodData shall be a pointer (rowPointer) to the entry in lldpRemTable corresponding to this location. For all other values of extremeLocationDetectMethod this object shall be 0.0." ::= { extremeLocationDetectMethodEntry 2 } -- -- Location VLAN table -- extremeLocationVlanTable OBJECT-TYPE SYNTAX SEQUENCE OF ExtremeLocationVlanEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists the VLANs associated with a location." ::= { extremeIdMgrObjects 3 } extremeLocationVlanEntry OBJECT-TYPE SYNTAX ExtremeLocationVlanEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the extreme location VLAN table." INDEX { extremeLocationMacAddress, extremeLocationInterface, extremeLocationVlanIfIndex } ::= { extremeLocationVlanTable 1 } ExtremeLocationVlanEntry ::= SEQUENCE { extremeLocationVlanIfIndex InterfaceIndex } extremeLocationVlanIfIndex OBJECT-TYPE SYNTAX InterfaceIndex MAX-ACCESS read-only STATUS current DESCRIPTION "The interface index of the VLAN on which the location was detected." ::= { extremeLocationVlanEntry 1 } -- -- Location IP address table -- extremeLocationInetAddrTable OBJECT-TYPE SYNTAX SEQUENCE OF ExtremeLocationInetAddrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists the IP addresses associated with a location." ::= { extremeIdMgrObjects 4 } extremeLocationInetAddrEntry OBJECT-TYPE SYNTAX ExtremeLocationInetAddrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the extreme location IP addresses table." INDEX { extremeLocationMacAddress, extremeLocationInterface, extremeLocationVlanIfIndex, extremeLocationInetAddrType, extremeLocationInetAddr } ::= { extremeLocationInetAddrTable 1 } ExtremeLocationInetAddrEntry ::= SEQUENCE { extremeLocationInetAddrType InetAddressType, extremeLocationInetAddr InetAddress, extremeLocationInetAddrDetectMethod ExtremeIdMgrInetAddrDetectMethod, extremeLocationInetAddrSecViolations ExtremeIdMgrInetAddrSecViolation } extremeLocationInetAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object indicates the type of IP address contained by extremeLocationInetAddr." ::= { extremeLocationInetAddrEntry 1 } extremeLocationInetAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The IP address detected at the location." ::= { extremeLocationInetAddrEntry 2 } extremeLocationInetAddrDetectMethod OBJECT-TYPE SYNTAX ExtremeIdMgrInetAddrDetectMethod MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the method by which the IP address was detected on this location by the device." ::= { extremeLocationInetAddrEntry 3 } extremeLocationInetAddrSecViolations OBJECT-TYPE SYNTAX ExtremeIdMgrInetAddrSecViolation MAX-ACCESS read-only STATUS current DESCRIPTION "The object lists the security violations that were detected on the IP address." ::= { extremeLocationInetAddrEntry 4 } -- -- Inverse location IP address table -- extremeLocationInetAddrInvTable OBJECT-TYPE SYNTAX SEQUENCE OF ExtremeLocationInetAddrInvEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table lists the locations associated with an IP address." ::= { extremeIdMgrObjects 5 } extremeLocationInetAddrInvEntry OBJECT-TYPE SYNTAX ExtremeLocationInetAddrInvEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in the extreme inverse location IP addresses table." INDEX { extremeLocationInetAddrType, extremeLocationInetAddr, extremeLocationVlanIfIndex, extremeLocationInterface, extremeLocationMacAddress } ::= { extremeLocationInetAddrInvTable 1 } ExtremeLocationInetAddrInvEntry ::= SEQUENCE { extremeLocationInetAddrInvDetectMethod ExtremeIdMgrInetAddrDetectMethod, extremeLocationInetAddrInvSecViolations ExtremeIdMgrInetAddrSecViolation } extremeLocationInetAddrInvDetectMethod OBJECT-TYPE SYNTAX ExtremeIdMgrInetAddrDetectMethod MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the method by which the IP address was detected on this location by the device." ::= { extremeLocationInetAddrInvEntry 1 } extremeLocationInetAddrInvSecViolations OBJECT-TYPE SYNTAX ExtremeIdMgrInetAddrSecViolation MAX-ACCESS read-only STATUS current DESCRIPTION "The object lists the security violations that were detected on the IP address." ::= { extremeLocationInetAddrInvEntry 2 } END