-- ***************************************************************** -- FS-PRIVATE-VLAN-MIB -- -- March 2009, linjia -- -- Copyright (c) 2009 by FS.COM Inc.. -- All rights reserved. -- -- ***************************************************************** FS-PRIVATE-VLAN-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE FROM SNMPv2-SMI TEXTUAL-CONVENTION, TruthValue FROM SNMPv2-TC fsMgmt FROM FS-SMI ifIndex FROM IF-MIB MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF; fsPrivateVlanMIB MODULE-IDENTITY LAST-UPDATED "200903230000Z" ORGANIZATION "FS.COM Inc.." CONTACT-INFO " Tel: 400-865-2852 E-mail: https://www.fs.com/live_chat_service_mail.html" DESCRIPTION "The MIB module to support Private VLAN feature on switching devices." REVISION "200903010000Z" DESCRIPTION " The Initial version of this MIB module." ::= { fsMgmt 44 } -- -- Textual Conventions -- PrivateVlanType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The VLAN type as defined for Private VLAN feature. 'normal' -- this VLAN is a normal VLAN (i.e., not a private VLAN or private group). 'primary' -- this VLAN is the primary VLAN as defined for Private VLAN feature. 'isolated' -- this VLAN is the isolated VLAN as defined for Private VLAN feature. All the ports in the isolated VLAN can only talk to the specifically designated ports configured as promiscuous ports, i.e., the ports even in the same isolated VLAN can not talk to each other. 'community' -- this VLAN is the community VLAN as defined for Private VLAN feature. All the ports in this community VLAN can behave like ports in normal VLAN type except that they can also receive egress packets tagged with its associated primary VLAN ID. A VLAN of isolated(3), community(4) type is also called a secondary VLAN." SYNTAX INTEGER { normal(1), primary(2), isolated(3), community(4) } VlanIndexOrZero ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The VLAN ID or zero as defined for Private VLAN feature. If the value is between 1 and 4095 inclusive, it represents an IEEE 802.1Q VLAN-ID. If the value is zero, it is object-specific and must therefore be defined as part of the description of any object which uses this syntax." SYNTAX INTEGER(0..4095) --VlanIndexBitmap ::= TEXTUAL-CONVENTION -- STATUS current -- DESCRIPTION "A string of octets containing one bit per VLAN for a -- total of 1024 VLANs in the management domain. -- The most significant bit of the octet string is the -- lowest value VLAN of 1024 VLANs. -- -- Refer to the description on the MIB object that -- uses this textual convention to determine the meaning -- of bits that are set ('1') or cleared ('0'). -- The most significant bit of the bitmap is transmitted -- first. Note that if the length of this string is less than -- 128 octets, any 'missing' octets are assumed to contain -- the value zero. An NMS may omit any zero-valued octets -- from the end of this string in order to reduce SetPDU -- size, and the agent may also omit zero-valued trailing -- octets, to reduce the size of GetResponse PDUs." -- SYNTAX OCTET STRING (SIZE (0..128)) fspvlanMIBObjects OBJECT IDENTIFIER ::= { fsPrivateVlanMIB 1 } fspvlanVlanObjects OBJECT IDENTIFIER ::= { fspvlanMIBObjects 1 } fspvlanPortObjects OBJECT IDENTIFIER ::= { fspvlanMIBObjects 2 } fspvlanSVIObjects OBJECT IDENTIFIER ::= { fspvlanMIBObjects 3 } -- -- VLAN tables for Private VLAN feature -- fspvlanVlanTable OBJECT-TYPE SYNTAX SEQUENCE OF FSPvlanVlanEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing Private VLAN information on the VLANs which currently exist." ::= { fspvlanVlanObjects 1 } fspvlanVlanEntry OBJECT-TYPE SYNTAX FSPvlanVlanEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row containing the Private VLAN information on the VLANs for a particular management domain." INDEX { fspvlanVlanIndex} ::= { fspvlanVlanTable 1 } FSPvlanVlanEntry ::= SEQUENCE { fspvlanVlanIndex VlanIndexOrZero, fspvlanVlanPrivateVlanType PrivateVlanType, fspvlanVlanAssociatedPrimaryVlan VlanIndexOrZero, fspvlanIfAssociatedPrimaryVlan TruthValue } fspvlanVlanIndex OBJECT-TYPE SYNTAX VlanIndexOrZero MAX-ACCESS read-only STATUS current DESCRIPTION "Indicated the VLAN id." ::= { fspvlanVlanEntry 1 } fspvlanVlanPrivateVlanType OBJECT-TYPE SYNTAX PrivateVlanType MAX-ACCESS read-create STATUS current DESCRIPTION "Indicated the VLAN type as defined for Private VLAN feature." ::= { fspvlanVlanEntry 2 } fspvlanVlanAssociatedPrimaryVlan OBJECT-TYPE SYNTAX VlanIndexOrZero MAX-ACCESS read-create STATUS current DESCRIPTION "The VLAN ID of The associated primary VLAN used for the Private VLAN feature if pvlanVlanPrivateVlanType has the value of isolated(3), community(4). If pvlanVlanPrivateVlanType has the value of normal(1) or primary(2), then this object has the value of 0. The value should be 0 when configuring 'private-vlan type'. When configuring 'private-vlan association',the value of 0 means deleting the association, otherwise means configure association on this primary vlan." ::= { fspvlanVlanEntry 3 } fspvlanIfAssociatedPrimaryVlan OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "It indicate if the vlan assiociate with primary vlan when get the mib, and indicate if setting the assiociate with primary vlan when set the mib, 0 means configure 'private-vlan type', not 0 means configure 'private-vlan association'." ::= { fspvlanVlanEntry 4 } -- -- Table for configuring host-association on host ports -- fspvlanPrivatePortTable OBJECT-TYPE SYNTAX SEQUENCE OF FSPvlanPrivatePortEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing information of the configuration of VLAN on the host ports of the device." ::= { fspvlanPortObjects 1 } fspvlanPrivatePortEntry OBJECT-TYPE SYNTAX FSPvlanPrivatePortEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row containing information of the configuration of VLAN for each host port. When pvlanPrivatePortSecondaryVlan and pvlanPrivatePortPrimaryVlan are both zero, it means deleting the configuration on the port, when they are both nonzero, it means configuring the host port, otherwise are invalid input. This table is valid only for host port." INDEX { ifIndex } ::= { fspvlanPrivatePortTable 1 } FSPvlanPrivatePortEntry ::= SEQUENCE { fspvlanPrivatePortPrimaryVlan VlanIndexOrZero, fspvlanPrivatePortSecondaryVlan VlanIndexOrZero } fspvlanPrivatePortPrimaryVlan OBJECT-TYPE SYNTAX VlanIndexOrZero MAX-ACCESS read-write STATUS current DESCRIPTION "The VLAN ID of the primary VLAN configured on this private port. If fspvlanPrivatePortPrimaryVlan and fspvlanPrivatePortSecondaryVlan are both zero when set the mib, it means delete the private-vlan configuration on the host port." ::= { fspvlanPrivatePortEntry 1 } fspvlanPrivatePortSecondaryVlan OBJECT-TYPE SYNTAX VlanIndexOrZero MAX-ACCESS read-write STATUS current DESCRIPTION "The VLAN ID of the secondary VLAN configured on this private port.If fspvlanPrivatePortPrimaryVlan and fspvlanPrivatePortSecondaryVlan are both zero when set the mib, it means delete the private-vlan configuration on the host port." ::= { fspvlanPrivatePortEntry 2 } -- -- Table for remapping secondary VLAN to primary VLAN on promiscuous -- ports for Private VLAN feature -- fspvlanPromPortTable OBJECT-TYPE SYNTAX SEQUENCE OF FSPvlanPromPortEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing information of secondary VLAN to primary VLAN remapping on ports of the device." ::= { fspvlanPortObjects 2 } fspvlanPromPortEntry OBJECT-TYPE SYNTAX FSPvlanPromPortEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row containing information of secondary VLAN to primary VLAN remapping for each port. An entry is created by the managed system for each interface which can be configured as a promiscuous port for Private VLAN feature.This table is valid only for promiscuous port." INDEX { ifIndex } ::= { fspvlanPromPortTable 1 } FSPvlanPromPortEntry ::= SEQUENCE { fspvlanPrivatePortPrimaryVlanId VlanIndexOrZero, fspvlanPromPortSecondaryRemap OCTET STRING, fspvlanPromPortSecondaryRemap2k OCTET STRING, fspvlanPromPortSecondaryRemap3k OCTET STRING, fspvlanPromPortSecondaryRemap4k OCTET STRING } fspvlanPrivatePortPrimaryVlanId OBJECT-TYPE SYNTAX VlanIndexOrZero MAX-ACCESS read-write STATUS current DESCRIPTION "Primary Vlan Id configured on the promiscuous port, it is zero when delete the remapping on the port." ::= { fspvlanPromPortEntry 1 } fspvlanPromPortSecondaryRemap OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..128)) MAX-ACCESS read-write STATUS current DESCRIPTION "A string of octets containing one bit per VLAN in the management domain on this port. The first octet corresponds to VLANs with VlanIndexOrZero values of 0 through 7; the second octet to VLANs 8 through 15; etc. The most significant bit of each octet corresponds to the lowest value VlanIndexOrZero in that octet. A bit can only be set to '1' when the bit is corresponding to a VLAN of Private VLAN isolated, community type which has already been associated with a primary VLAN. Note that if the length of this string is less than 128 octets, any 'missing' octets are assumed to contain the value zero. An NMS may omit any zero-valued octets from the end of this string in order to reduce SetPDU size, and the agent may also omit zero-valued trailing octets, to reduce the size of GetResponse PDUs." ::= { fspvlanPromPortEntry 2 } fspvlanPromPortSecondaryRemap2k OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..128)) MAX-ACCESS read-write STATUS current DESCRIPTION "A string of octets containing one bit per VLAN for VLANs with VlanIndexOrZero values of 1024 through 2047 in the management domain on this port. The first octet corresponds to VLANs with VlanIndexOrZero values of 1024 through 1031; the second octet to VLANs 1032 through 1039; etc. The most significant bit of each octet corresponds to the lowest value VlanIndexOrZero in that octet. A bit can only be set to '1' when the bit is corresponding to a VLAN of Private VLAN isolated or community type which has already been associated with a primary VLAN. Note that if the length of this string is less than 128 octets, any 'missing' octets are assumed to contain the value zero. An NMS may omit any zero-valued octets from the end of this string in order to reduce SetPDU size, and the agent may also omit zero-valued trailing octets, to reduce the size of GetResponse PDUs. This object is only instantiated on devices which support the range of VlanIndexOrZero up to 4095." ::= { fspvlanPromPortEntry 3 } fspvlanPromPortSecondaryRemap3k OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..128)) MAX-ACCESS read-write STATUS current DESCRIPTION "A string of octets containing one bit per VLAN for VLANs with VlanIndexOrZero values of 2048 through 3071 in the management domain on this port. The first octet corresponds to VLANs with VlanIndexOrZero values of 2048 through 2055; the second octet to VLANs 2056 through 2063; etc. The most significant bit of each octet corresponds to the lowest value VlanIndexOrZero in that octet. A bit can only be set to '1' when the bit is corresponding to a VLAN of Private VLAN isolated or community type which has already been associated with a primary VLAN. Note that if the length of this string is less than 128 octets, any 'missing' octets are assumed to contain the value zero. An NMS may omit any zero-valued octets from the end of this string in order to reduce SetPDU size, and the agent may also omit zero-valued trailing octets, to reduce the size of GetResponse PDUs. This object is only instantiated on devices which support the range of VlanIndexOrZero up to 4095." ::= { fspvlanPromPortEntry 4 } fspvlanPromPortSecondaryRemap4k OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..128)) MAX-ACCESS read-write STATUS current DESCRIPTION "A string of octets containing one bit per VLAN for VLANs with VlanIndexOrZero values of 3072 through 4095 in the management domain on this port. The first octet corresponds to VLANs with VlanIndexOrZero values of 3072 through 3079; the second octet to VLANs 3080 through 3087; etc. The most significant bit of each octet corresponds to the lowest value VlanIndexOrZero in that octet. A bit can only be set to '1' when the bit is corresponding to a VLAN of Private VLAN isolated or community type which has already been associated with a primary VLAN. Note that if the length of this string is less than 128 octets, any 'missing' octets are assumed to contain the value zero. An NMS may omit any zero-valued octets from the end of this string in order to reduce SetPDU size, and the agent may also omit zero-valued trailing octets, to reduce the size of GetResponse PDUs. This object is only instantiated on devices which support the range of VlanIndexOrZero up to 4095." ::= { fspvlanPromPortEntry 5 } -- -- Table for configuring port mode for Private VLAN feature -- fspvlanPortModeTable OBJECT-TYPE SYNTAX SEQUENCE OF FSPvlanPortModeEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing information of the configuration of port mode for the Private VLAN feature." ::= { fspvlanPortObjects 3 } fspvlanPortModeEntry OBJECT-TYPE SYNTAX FSPvlanPortModeEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row containing information of the configuration of port mode on each port for the Private VLAN feature. An entry of this table is created by the managed system when the capability to be a Private VLAN port is detected on an interface." INDEX { ifIndex } ::= { fspvlanPortModeTable 1 } FSPvlanPortModeEntry ::= SEQUENCE { fspvlanPortMode INTEGER } fspvlanPortMode OBJECT-TYPE SYNTAX INTEGER { nonPrivateVlan(1), host(2), promiscuous(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "The Private VLAN port mode on this port. nonPrivateVlan(1) -- this port is configured to be a non-Private-VLAN port. host(2) -- this port is configured to be a Private-VLAN host port, i.e., private port. promiscuous(3) -- this port is configured to be a Private-VLAN promiscuous port." ::= { fspvlanPortModeEntry 1 } -- -- Private VLAN mapping for the Switch Virtual Interfaces -- fspvlanSVIMappingTable OBJECT-TYPE SYNTAX SEQUENCE OF FSPvlanSVIMappingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing the configuration of primary VLAN SVI (Switch Virtual Interfaces) mapping for the secondary VLANs for the Private VLAN feature." ::= { fspvlanSVIObjects 1 } fspvlanSVIMappingEntry OBJECT-TYPE SYNTAX FSPvlanSVIMappingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A conceptual row containing the Primary VLAN SVI mapping configuration for the existing secondary VLANs. An entry is created by the managed system for each VLAN with corresponding VLAN's pvlanVlanPrivateVlanType of isolated(3), community(4)." INDEX { fspvlanSVIMappingVlanIndex } ::= { fspvlanSVIMappingTable 1 } FSPvlanSVIMappingEntry ::= SEQUENCE { fspvlanSVIMappingVlanIndex VlanIndexOrZero, fspvlanSVIMappingPrimarySVI VlanIndexOrZero } fspvlanSVIMappingVlanIndex OBJECT-TYPE SYNTAX VlanIndexOrZero MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index value that uniquely identifies the Virtual LAN associated with this information." ::= { fspvlanSVIMappingEntry 1 } fspvlanSVIMappingPrimarySVI OBJECT-TYPE SYNTAX VlanIndexOrZero MAX-ACCESS read-write STATUS current DESCRIPTION "The Vlan ID of the primary VLAN SVI this secondary VLAN is mapped to for the Private VLAN feature. This object has the value of zero if this secondary VLAN is not mapped to any primary VLAN SVI." ::= { fspvlanSVIMappingEntry 2 } -- -- Conformance Information -- fspvlanMIBConformance OBJECT IDENTIFIER ::= { fsPrivateVlanMIB 2 } fspvlanMIBCompliances OBJECT IDENTIFIER ::= { fspvlanMIBConformance 1 } fspvlanMIBGroups OBJECT IDENTIFIER ::= { fspvlanMIBConformance 2} -- -- compliance statements -- fspvlanMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for Private VLAN feature implementation." MODULE -- this module -- no MANDATORY-GROUPS GROUP fspvlanVlanGroup DESCRIPTION "This group must be implemented on devices which has Private VLAN feature support." GROUP fspvlanPrivatePortGroup DESCRIPTION "This group must be implemented on devices which has Private VLAN feature support." GROUP fspvlanPromPortGroup DESCRIPTION "This group must be implemented on devices which has support for promiscuous port of Private VLAN feature." GROUP fspvlanPortModeGroup DESCRIPTION "A collection of objects providing basic port mode configuration for Private VLAN feature." GROUP fspvlanSVIGroup DESCRIPTION "A collection of objects providing svi mapping configuration for Private VLAN feature." ::= { fspvlanMIBCompliances 1 } -- -- units of conformance -- fspvlanVlanGroup OBJECT-GROUP OBJECTS { fspvlanVlanIndex, fspvlanVlanPrivateVlanType, fspvlanVlanAssociatedPrimaryVlan, fspvlanIfAssociatedPrimaryVlan } STATUS current DESCRIPTION "A collection of objects providing basic VLAN configuration for Private VLAN feature." ::= { fspvlanMIBGroups 1 } fspvlanPrivatePortGroup OBJECT-GROUP OBJECTS { fspvlanPrivatePortPrimaryVlan, fspvlanPrivatePortSecondaryVlan } STATUS current DESCRIPTION "A collection of objects providing basic private port configuration for Private VLAN feature." ::= { fspvlanMIBGroups 2 } fspvlanPromPortGroup OBJECT-GROUP OBJECTS { fspvlanPrivatePortPrimaryVlan, fspvlanPromPortSecondaryRemap, fspvlanPromPortSecondaryRemap2k, fspvlanPromPortSecondaryRemap3k, fspvlanPromPortSecondaryRemap4k } STATUS current DESCRIPTION "A collection of objects providing basic promiscuous port configuration for Private VLAN feature." ::= { fspvlanMIBGroups 3 } fspvlanPortModeGroup OBJECT-GROUP OBJECTS { fspvlanPortMode } STATUS current DESCRIPTION "A collection of objects providing basic port mode configuration for Private VLAN feature." ::= { fspvlanMIBGroups 4 } fspvlanSVIGroup OBJECT-GROUP OBJECTS { fspvlanSVIMappingPrimarySVI } STATUS current DESCRIPTION "A collection of objects providing svi mapping configuration for Private VLAN feature." ::= { fspvlanMIBGroups 5 } END