TIMETRA-RPKI-MIB DEFINITIONS ::= BEGIN IMPORTS InetAddress, InetAddressPrefixLength, InetAddressType, InetAutonomousSystemNumber FROM INET-ADDRESS-MIB MODULE-COMPLIANCE, NOTIFICATION-GROUP, OBJECT-GROUP FROM SNMPv2-CONF MODULE-IDENTITY, NOTIFICATION-TYPE, OBJECT-TYPE, Unsigned32 FROM SNMPv2-SMI DisplayString, RowStatus, TimeStamp, TruthValue FROM SNMPv2-TC timetraSRMIBModules, tmnxSRConfs, tmnxSRNotifyPrefix, tmnxSRObjs FROM TIMETRA-GLOBAL-MIB BgpConnectRetryTime, BgpHoldTime, TmnxAdminState, TmnxVRtrID FROM TIMETRA-TC-MIB vRtrID FROM TIMETRA-VRTR-MIB ; timetraRpkiOriginValidMIBModule MODULE-IDENTITY LAST-UPDATED "201403100000Z" ORGANIZATION "Nokia" CONTACT-INFO "Nokia 7xxx Support Web: http://www.nokia.com" DESCRIPTION "This document is the SNMP MIB module for the Nokia SROS implementation of origin validation for rpki session. Copyright 2003-2018 Nokia. All rights reserved. Reproduction of this document is authorized on the condition that the foregoing copyright notice is included. This SNMP MIB module (Specification) embodies Nokia's proprietary intellectual property. Nokia retains all title and ownership in the Specification, including any revisions. Nokia grants all interested parties a non-exclusive license to use and distribute an unmodified copy of this Specification in connection with management of Nokia products, and without fee, provided this copyright notice and license appear on all copies. This Specification is supplied 'as is', and Nokia makes no warranty, either express or implied, as to the use, operation, condition, or performance of the Specification." REVISION "201403100000Z" DESCRIPTION "Rev 0.1 10 March 2014 00:00 Initial version of the TIMETRA-RPKI-MIB." ::= { timetraSRMIBModules 96 } tmnxRpkiObjs OBJECT IDENTIFIER ::= { tmnxSRObjs 96 } vRtrRpkiSessInstanceTable OBJECT-TYPE SYNTAX SEQUENCE OF VRtrRpkiSessInstanceEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "vRtrRpkiSessInstanceTable consists of information about each running instance of Rpki-Session." ::= { tmnxRpkiObjs 1 } vRtrRpkiSessInstanceEntry OBJECT-TYPE SYNTAX VRtrRpkiSessInstanceEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (conceptual row) in the vRtrRpkiSessInstanceTable. Each entry represents an instance of Rpki-Session running on the virtual router." INDEX { vRtrID, vRtrRpkiSessInstanceAddressType, vRtrRpkiSessInstanceAddress } ::= { vRtrRpkiSessInstanceTable 1 } VRtrRpkiSessInstanceEntry ::= SEQUENCE { vRtrRpkiSessInstanceAddressType InetAddressType, vRtrRpkiSessInstanceAddress InetAddress, vRtrRpkiSessInstanceRowStatus RowStatus, vRtrRpkiSessInstanceConnectRetry BgpConnectRetryTime, vRtrRpkiSessInstanceDescription DisplayString, vRtrRpkiSessInstanceHoldTime BgpHoldTime, vRtrRpkiSessLocalAddressType InetAddressType, vRtrRpkiSessLocalAddress InetAddress, vRtrRpkiSessInstancePort Unsigned32, vRtrRpkiSessInstanceRefreshTime Unsigned32, vRtrRpkiSessInstanceAdminState TmnxAdminState, vRtrRpkiSessInstanceStaleRoutTim Unsigned32, vRtrRpkiSessInstanceSessionState INTEGER, vRtrRpkiSessInstanceSessionFlaps Unsigned32, vRtrRpkiSessInstanceUptime TimeStamp, vRtrRpkiSessInstanceActIpv4Rec Unsigned32, vRtrRpkiSessInstanceActIpv6Rec Unsigned32, vRtrRpkiSessInstanceSerialId Unsigned32, vRtrRpkiSessInstanceSessionId Unsigned32, vRtrRpkiSessInstanceLastChange TimeStamp } vRtrRpkiSessInstanceAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of vRtrRpkiSessInstanceAddressType indicates the IP address type of the RPKI session configuration. vRtrRpkiSessInstanceAddressType supports InetAddressType values 'ipv4 (1)','ipv6 (2)' and 'ipv6z(4)'." ::= { vRtrRpkiSessInstanceEntry 1 } vRtrRpkiSessInstanceAddress OBJECT-TYPE SYNTAX InetAddress (SIZE (4|16|20)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of vRtrRpkiSessInstanceAddress indicates the IPv4,IPv6 or a link local address of a local cache server." ::= { vRtrRpkiSessInstanceEntry 2 } vRtrRpkiSessInstanceRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The value of vRtrRpkiSessInstanceRowStatus specifies the row status for this RPKI instance for the virtual router. It is used to create and delete row entries in this table." ::= { vRtrRpkiSessInstanceEntry 3 } vRtrRpkiSessInstanceConnectRetry OBJECT-TYPE SYNTAX BgpConnectRetryTime UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The value of vRtrRpkiSessInstanceConnectRetry specifies the value (in seconds) for the RPKI Connect Retry timer." REFERENCE "BGP4-MIB.bgpPeerConnectRetryInterval" DEFVAL { 120 } ::= { vRtrRpkiSessInstanceEntry 4 } vRtrRpkiSessInstanceDescription OBJECT-TYPE SYNTAX DisplayString (SIZE (0..80)) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of vRtrRpkiSessInstanceDescription specifies the textual description of this RPKI instance." DEFVAL { ''H } ::= { vRtrRpkiSessInstanceEntry 5 } vRtrRpkiSessInstanceHoldTime OBJECT-TYPE SYNTAX BgpHoldTime UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The value of vRtrRpkiSessInstanceHoldTime specifies the length of time in seconds that the session is to be considered UP without any indication that the cache server is alive and reachable. The default value of vRtrRpkiSessInstanceHoldTime is 600 seconds and must be set to a value at least 2 times the value of vRtrRpkiSessInstanceRefreshTime. When object vRtrRpkiSessInstanceHoldTime is set, object vRtrRpkiSessInstanceRefreshTime needs to be set as well. Reception of any PDU from the cache server resets the hold timer. When the hold-time expires the session is considered to be DOWN and the stale timer is started." DEFVAL { 600 } ::= { vRtrRpkiSessInstanceEntry 6 } vRtrRpkiSessLocalAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-create STATUS current DESCRIPTION "The value of vRtrRpkiSessLocalAddressType specifies the type of vRtrRpkiSessLocalAddress." DEFVAL { unknown } ::= { vRtrRpkiSessInstanceEntry 7 } vRtrRpkiSessLocalAddress OBJECT-TYPE SYNTAX InetAddress (SIZE (0|4|16)) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of vRtrRpkiSessLocalAddress specifies the address of the local end of the Rpki session. In order for Rpki to function at least one peer must be configured. This address is used to validate incoming connections to the peer and to establish connections to the remote peer. The default value of vRtrRpkiSessLocalAddress is the system IP address." DEFVAL { ''H } ::= { vRtrRpkiSessInstanceEntry 8 } vRtrRpkiSessInstancePort OBJECT-TYPE SYNTAX Unsigned32 (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The value of vRtrRpkiSessInstancePort specifies the destination port number to be used to connect the cache server. The default port number is 323." DEFVAL { 323 } ::= { vRtrRpkiSessInstanceEntry 9 } vRtrRpkiSessInstanceRefreshTime OBJECT-TYPE SYNTAX Unsigned32 (30..32767) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The value of vRtrRpkiSessInstanceRefreshTime triggers the sending of periodic Serial Query PDUs for purposes of liveness detection. The default value of vRtrRpkiSessInstanceRefreshTime is 300 seconds. and is reset whenever a Reset Query or Serial Query PDU is sent to the cache server. When the timer expires a new Serial Query PDU is sent with the last known serial number. When object vRtrRpkiSessInstanceRefreshTime is set, object vRtrRpkiSessInstanceHoldTime needs to be set as well." DEFVAL { 300 } ::= { vRtrRpkiSessInstanceEntry 10 } vRtrRpkiSessInstanceAdminState OBJECT-TYPE SYNTAX TmnxAdminState MAX-ACCESS read-create STATUS current DESCRIPTION "The value of vRtrRpkiSessInstanceAdminState specifies the administrative state of Rpki session in this virtual router instance." DEFVAL { outOfService } ::= { vRtrRpkiSessInstanceEntry 11 } vRtrRpkiSessInstanceStaleRoutTim OBJECT-TYPE SYNTAX Unsigned32 (60..3600) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The value of vRtrRpkiSessInstanceStaleRoutTim specifies the maximum length of time that prefix origin records learned from the cache server remain valid after the session with the cache server goes down. The default value of vRtrRpkiSessInstanceStaleRoutTim is 3600 seconds (1 hour). When the timer expires all remaining stale entries associated with the session are deleted." DEFVAL { 3600 } ::= { vRtrRpkiSessInstanceEntry 12 } vRtrRpkiSessInstanceSessionState OBJECT-TYPE SYNTAX INTEGER { idle (0), connect (1), established (2), cleanup (3) } MAX-ACCESS read-only STATUS current DESCRIPTION "The value of vRtrRpkiSessInstanceSessionState indicates the current state of a particular session." ::= { vRtrRpkiSessInstanceEntry 13 } vRtrRpkiSessInstanceSessionFlaps OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of vRtrRpkiSessInstanceSessionFlaps indicates the number of times the session has transitioned from 'established' state to 'idle' state." ::= { vRtrRpkiSessInstanceEntry 14 } vRtrRpkiSessInstanceUptime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of vRtrRpkiSessInstanceUptime indicates the time since this session is active." ::= { vRtrRpkiSessInstanceEntry 15 } vRtrRpkiSessInstanceActIpv4Rec OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of vRtrRpkiSessInstanceActIpv4Rec indicates the number of active, non-withdrawn IPv4 records." ::= { vRtrRpkiSessInstanceEntry 16 } vRtrRpkiSessInstanceActIpv6Rec OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of vRtrRpkiSessInstanceActIpv6Rec indicates the number of active, non-withdrawn IPv6 records." ::= { vRtrRpkiSessInstanceEntry 17 } vRtrRpkiSessInstanceSerialId OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of vRtrRpkiSessInstanceSerialId indicates the serial id associated with this session." ::= { vRtrRpkiSessInstanceEntry 18 } vRtrRpkiSessInstanceSessionId OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The value of vRtrRpkiSessInstanceSessionId indicates the session id of this session." ::= { vRtrRpkiSessInstanceEntry 19 } vRtrRpkiSessInstanceLastChange OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of vRtrRpkiSessInstanceLastChange indicates the sysUpTime when this row was last modified." ::= { vRtrRpkiSessInstanceEntry 20 } vRtrOriginValStaticTable OBJECT-TYPE SYNTAX SEQUENCE OF VRtrOriginValStaticEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "vRtrOriginValStaticTable consists of information about static-entry under origin-validation. A static-entry can express validity or invalidity information about an entry." ::= { tmnxRpkiObjs 2 } vRtrOriginValStaticEntry OBJECT-TYPE SYNTAX VRtrOriginValStaticEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (conceptual row) in the vRtrOriginValStaticTable.Each entry represents a static-entry about the AS numbers that are authorized to originate routes for different prefixes." INDEX { vRtrID, vRtrOrigValStaticIpPrefixType, vRtrOrigValStaticIpPrefix, vRtrOrigValStaticMinPrefixLen, vRtrOrigValStaticMaxPrefixLen, vRtrOrigValStaticAS4Byte } ::= { vRtrOriginValStaticTable 1 } VRtrOriginValStaticEntry ::= SEQUENCE { vRtrOrigValStaticIpPrefixType InetAddressType, vRtrOrigValStaticIpPrefix InetAddress, vRtrOrigValStaticMinPrefixLen InetAddressPrefixLength, vRtrOrigValStaticMaxPrefixLen InetAddressPrefixLength, vRtrOrigValStaticAS4Byte InetAutonomousSystemNumber, vRtrOrigValStaticRowStatus RowStatus, vRtrOrigValStaticASValidity TruthValue } vRtrOrigValStaticIpPrefixType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of vRtrOrigValStaticIpPrefixType specifies the address type of vRtrOrigValStaticIpPrefix address." ::= { vRtrOriginValStaticEntry 1 } vRtrOrigValStaticIpPrefix OBJECT-TYPE SYNTAX InetAddress (SIZE (0|4|16)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of vRtrOrigValStaticIpPrefix specifies the IP address prefix to match for the origin validation." DEFVAL { ''H } ::= { vRtrOriginValStaticEntry 2 } vRtrOrigValStaticMinPrefixLen OBJECT-TYPE SYNTAX InetAddressPrefixLength (0..128) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of vRtrOrigValStaticMinPrefixLen specifies the min value of the prefix length for vRtrOrigValStaticIpPrefix, to match for the aggregation." DEFVAL { 0 } ::= { vRtrOriginValStaticEntry 3 } vRtrOrigValStaticMaxPrefixLen OBJECT-TYPE SYNTAX InetAddressPrefixLength (0..128) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of vRtrOrigValStaticMaxPrefixLen specifies the max value of the prefix length for vRtrOrigValStaticIpPrefix, to match for the aggregation." DEFVAL { 0 } ::= { vRtrOriginValStaticEntry 4 } vRtrOrigValStaticAS4Byte OBJECT-TYPE SYNTAX InetAutonomousSystemNumber MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of vRtrOrigValStaticAS4Byte specifies the autonomous system number to be advertised to this peer." DEFVAL { 0 } ::= { vRtrOriginValStaticEntry 5 } vRtrOrigValStaticRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The value of vRtrOrigValStaticRowStatus specifies the row status for this static entry instance for the virtual router. It is used to create and delete row entries in this table." ::= { vRtrOriginValStaticEntry 6 } vRtrOrigValStaticASValidity OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The value of vRtrOrigValStaticASValidity specifies whether the route entry corresponding to the autonomous number is valid (true) or invalid (false)." DEFVAL { true } ::= { vRtrOriginValStaticEntry 7 } vRtrOriginValRouteTable OBJECT-TYPE SYNTAX SEQUENCE OF VRtrOriginValRouteEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "vRtrOriginValRouteTable consists of information about the route database which includes both static and dynamic route information under origin-validation rpki." ::= { tmnxRpkiObjs 3 } vRtrOriginValRouteEntry OBJECT-TYPE SYNTAX VRtrOriginValRouteEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (conceptual row) in the vRtrOriginValRouteTable. Each entry represents the AS numbers that are authorized to originate routes for different prefixes. Entries cannot be created or deleted via a SNMP SET operation." INDEX { vRtrID, vRtrOrigValRouteIpPrefixType, vRtrOrigValRouteIpPrefix, vRtrOrigValRouteMinPrefixLen, vRtrOrigValRouteMaxPrefixLen, vRtrOrigValRouteAS4Byte, vRtrOrigValRouteType, vRtrOrigValRouteRpkiVrId, vRtrOrigValRouteRpkiAddrType, vRtrOrigValRouteRpkiAddress } ::= { vRtrOriginValRouteTable 1 } VRtrOriginValRouteEntry ::= SEQUENCE { vRtrOrigValRouteIpPrefixType InetAddressType, vRtrOrigValRouteIpPrefix InetAddress, vRtrOrigValRouteMinPrefixLen InetAddressPrefixLength, vRtrOrigValRouteMaxPrefixLen InetAddressPrefixLength, vRtrOrigValRouteAS4Byte InetAutonomousSystemNumber, vRtrOrigValRouteType INTEGER, vRtrOrigValRouteRpkiVrId TmnxVRtrID, vRtrOrigValRouteRpkiAddrType InetAddressType, vRtrOrigValRouteRpkiAddress InetAddress, vRtrOrigValASRouteValidity TruthValue } vRtrOrigValRouteIpPrefixType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of vRtrOrigValRouteIpPrefixType specify the address type of vRtrOrigValRouteIpPrefix address." ::= { vRtrOriginValRouteEntry 1 } vRtrOrigValRouteIpPrefix OBJECT-TYPE SYNTAX InetAddress (SIZE (4|16)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of vRtrOrigValRouteIpPrefix specify the IP address prefix to match for the origin validation." ::= { vRtrOriginValRouteEntry 2 } vRtrOrigValRouteMinPrefixLen OBJECT-TYPE SYNTAX InetAddressPrefixLength (0..128) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of vRtrOrigValRouteMinPrefixLen specify the min value of the prefix length for vRtrOrigValRouteIpPrefix, to match for the aggregation." ::= { vRtrOriginValRouteEntry 3 } vRtrOrigValRouteMaxPrefixLen OBJECT-TYPE SYNTAX InetAddressPrefixLength (0..128) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of vRtrOrigValRouteMaxPrefixLen specify the max value of the prefix length for vRtrOrigValRouteIpPrefix, to match for the aggregation." ::= { vRtrOriginValRouteEntry 4 } vRtrOrigValRouteAS4Byte OBJECT-TYPE SYNTAX InetAutonomousSystemNumber MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of vRtrOrigValRouteAS4Byte specify the autonomous system number to be advertised to this peer." ::= { vRtrOriginValRouteEntry 5 } vRtrOrigValRouteType OBJECT-TYPE SYNTAX INTEGER { static (1), dynamic (2) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The vRtrOrigValRouteType is an enumerated value that specifies whether type of the route entry is static or dynamic." ::= { vRtrOriginValRouteEntry 6 } vRtrOrigValRouteRpkiVrId OBJECT-TYPE SYNTAX TmnxVRtrID MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of vRtrOrigValRouteRpkiVrId specify if the type of the Rpki Session is base or management." ::= { vRtrOriginValRouteEntry 7 } vRtrOrigValRouteRpkiAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of vRtrOrigValRouteRpkiAddrType specify the type of vRtrRpkiSessLocalAddress." ::= { vRtrOriginValRouteEntry 8 } vRtrOrigValRouteRpkiAddress OBJECT-TYPE SYNTAX InetAddress (SIZE (4|16|20)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The value of vRtrOrigValRouteRpkiAddress specify the address of the local end of the Rpki session. In order for Rpki to function at least one peer must be configured. This address is used to validate incoming connections to the peer and to establish connections to the remote peer. When the value of vRtrOrigValRouteType is static the value of vRtrOrigValRouteRpkiAddress is null." ::= { vRtrOriginValRouteEntry 9 } vRtrOrigValASRouteValidity OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "The value of vRtrOrigValASRouteValidity indicates whether the route entry corresponding to the autonomous number is valid (true) or invalid (false) if the route is static. Default value for this object is valid(true)." ::= { vRtrOriginValRouteEntry 10 } tmnxRpkiNotificationObjs OBJECT IDENTIFIER ::= { tmnxRpkiObjs 4 } tmnxRpkiPeerAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The value of tmnxRpkiPeerAddrType indicates the type of address for the BGP peer represented by tmnxRpkiPeerAddr." ::= { tmnxRpkiNotificationObjs 1 } tmnxRpkiPeerAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The value of tmnxRpkiPeerAddr indicates the address for the Rpki peer." ::= { tmnxRpkiNotificationObjs 2 } tmnxRpkiErrorType OBJECT-TYPE SYNTAX INTEGER { holdTimerExpired (1), tcpConnectionFailure (2), sessionIdMismatch (3), fatalErrorCode (4), sessionEstablished (5), adminDown (6) } MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The value of tmnxRpkiErrorType indicates the type of the error message seen on the Rpki session." ::= { tmnxRpkiNotificationObjs 3 } tmnxRpkiTrapStatus OBJECT-TYPE SYNTAX INTEGER { up (1), down (2) } MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "The value of tmnxRpkiTrapStatus indicates the state of the trap." ::= { tmnxRpkiNotificationObjs 4 } tmnxRpkiConformance OBJECT IDENTIFIER ::= { tmnxSRConfs 96 } tmnxRpkiCompliances OBJECT IDENTIFIER ::= { tmnxRpkiConformance 1 } tmnxOriginValidV12v0Compliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for management of origin validation instances on Nokia SROS series systems release R12.0." MODULE MANDATORY-GROUPS { tmnxRpkiOriginValidGroup, tmnxRpkiNotificationGroup } ::= { tmnxRpkiCompliances 1 } tmnxRpkiGroups OBJECT IDENTIFIER ::= { tmnxRpkiConformance 2 } tmnxRpkiOriginValidGroup OBJECT-GROUP OBJECTS { vRtrRpkiSessInstanceRowStatus, vRtrRpkiSessInstanceConnectRetry, vRtrRpkiSessInstanceDescription, vRtrRpkiSessInstanceHoldTime, vRtrRpkiSessLocalAddressType, vRtrRpkiSessLocalAddress, vRtrRpkiSessInstancePort, vRtrRpkiSessInstanceRefreshTime, vRtrRpkiSessInstanceAdminState, vRtrRpkiSessInstanceStaleRoutTim, vRtrRpkiSessInstanceSessionState, vRtrRpkiSessInstanceSessionFlaps, vRtrRpkiSessInstanceUptime, vRtrRpkiSessInstanceActIpv4Rec, vRtrRpkiSessInstanceActIpv6Rec, vRtrOrigValStaticRowStatus, vRtrOrigValStaticASValidity, vRtrOrigValASRouteValidity, vRtrRpkiSessInstanceSerialId, vRtrRpkiSessInstanceSessionId, vRtrRpkiSessInstanceLastChange } STATUS current DESCRIPTION "The group of additional objects supporting the management of RPKI session in version 12.0 of Nokia SROS series systems." ::= { tmnxRpkiGroups 1 } tmnxRpkiNotifyObjsGroup OBJECT-GROUP OBJECTS { tmnxRpkiErrorType, tmnxRpkiPeerAddr, tmnxRpkiPeerAddrType, tmnxRpkiTrapStatus } STATUS current DESCRIPTION "The group of objects supporting extended MPLS notifications on Nokia SROS series systems." ::= { tmnxRpkiGroups 2 } tmnxRpkiNotificationGroup NOTIFICATION-GROUP NOTIFICATIONS { tmnxRpkiNotifySession, tmnxRpkiStaleTimerExpiry } STATUS current DESCRIPTION "The group of notifications supporting the RPKI feature on Nokia SROS series systems 12.0 Release." ::= { tmnxRpkiGroups 3 } tmnxRpkiNotifyPrefix OBJECT IDENTIFIER ::= { tmnxSRNotifyPrefix 96 } tmnxRpkiNotifications OBJECT IDENTIFIER ::= { tmnxRpkiNotifyPrefix 0 } tmnxRpkiNotifySession NOTIFICATION-TYPE OBJECTS { tmnxRpkiPeerAddrType, tmnxRpkiPeerAddr, tmnxRpkiErrorType, tmnxRpkiTrapStatus } STATUS current DESCRIPTION "[CAUSE] A tmnxRpkiNotifySession notification is generated when a rpki session either comes up or goes down. Possible reasons for this to happen is listed below: (a) a session goes down due to hold-timer expiry. (b) a session goes down due to failure of the TCP connection. (c) a session goes down due to session ID mismatch. (d) a session goes down due to sent or received Error Report PDU containing fatal error code (e) a session comes up (established state) [EFFECT] This may remove the routes learned from a particular rpki server if session goes down. Or start learning routes from a rpki session which was newly established. [RECOVERY] There is no recovery required for this notification." ::= { tmnxRpkiNotifications 1 } tmnxRpkiStaleTimerExpiry NOTIFICATION-TYPE OBJECTS { tmnxRpkiPeerAddrType, tmnxRpkiPeerAddr } STATUS current DESCRIPTION "[CAUSE] This notification is generated when a stale timer expires. The stale timer expires due to the following reasons: 1) The peer goes down, and never comes up within the stale timer interval 2) Peer goes down and comes back up and refreshes the databases. The stale timer is expired to remove unrefreshed entries in the database. 3) The peer goes down and comes back again and again goes down before refreshing any entries. Here again the stale timer is expired due to unstable connection. 4) The RPKI server sends a Cache Reset in response to a Serial Query instead of doing an incremental update. [EFFECT] This may remove the routes learned from a particular rpki server if session goes down. Or start learning routes from a rpki session which was newly established. [RECOVERY] There is no recovery required for this notification." ::= { tmnxRpkiNotifications 2 } END