-- Copyright (C) 2008-2014 Super Micro Computer Inc. All Rights Reserved -- $Id: fsipdb.mib,v 1.5 2012/09/07 09:52:05 siva Exp $ -- IP-BINDING-DATABASE Proprietary MIB Definition -- This MIB contains scalars and tables used to configure/storing -- (HOST, IP) binding informations. SUPERMICRO-IPDB-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, enterprises, IpAddress, Counter32, Integer32, Unsigned32 FROM SNMPv2-SMI RowStatus, MacAddress FROM SNMPv2-TC InterfaceIndex FROM IF-MIB; fsipdb MODULE-IDENTITY LAST-UPDATED "201209050000Z" ORGANIZATION "Super Micro Computer Inc." CONTACT-INFO "support@Supermicro.com" DESCRIPTION " The proprietary MIB module for IPDB module. Used to maintain the hosts IP, MAC & VLAN in a database which will be used to allow/drop the incoming IP traffic on a specific interface. " REVISION "201209050000Z" DESCRIPTION " Inclusion of debug option for IPDB module. " REVISION "201005240000Z" DESCRIPTION " Addition of 'fsIpDbSrcGuardConfigTable', which is used to configure IP source guard status per Layer 2 interfaces basis. IP source guard is used to restrict the IP traffic on Layer 2 interfaces by filtering traffic based on the IP binding database." REVISION "201005170000Z" DESCRIPTION "Grammatical and Spelling mistakes are removed. " ::= { enterprises supermicro-computer-inc(10876) super-switch(101) basic(2) 2} -- *************************************************************************** -- Groups in the MIB -- *************************************************************************** fsIpDbScalars OBJECT IDENTIFIER ::= { fsipdb 1 } fsIpDbStatic OBJECT IDENTIFIER ::= { fsipdb 2 } fsIpDbBindings OBJECT IDENTIFIER ::= { fsipdb 3 } fsIpDbInterface OBJECT IDENTIFIER ::= { fsipdb 4 } fsIpDbSrcGuard OBJECT IDENTIFIER ::= { fsipdb 5 } -- *************************************************************************** -- SCALARS -- *************************************************************************** fsIpDbNoOfBindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the total number of (host, IP) bindings, across all VLAN's, at a given time. This is nothing but the total number of entries in the IP binding database" ::= { fsIpDbScalars 1 } fsIpDbNoOfStaticBindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the total number of static (host, IP) bindings, across all VLANS, at the given time." ::= { fsIpDbScalars 2 } fsIpDbNoOfDHCPBindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the total number of (host, IP) bindings configured through DHCP, across all VLANS, at the given time." ::= { fsIpDbScalars 3 } fsIpDbNoOfPPPBindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the total number of (host, IP) bindings configured through PPP, across all VLANS, at the given time." ::= { fsIpDbScalars 4 } fsIpDbTraceLevel OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "This object is used to enable trace statements in IP binding database module. A four byte integer is used for enabling the trace level. Each bit in the four byte integer represents a particular trace level. The mapping between the bit positions & the trace level is as follows: BIT 1 - Function entry traces BIT 2 - Function Exit traces BIT 3 - Debug traces BIT 4 - Failure traces BIT 5 - Function arguments trace The remaining bits are unused. Combination of levels are also allowed. For example if the bits 1 and 2 are set, then the trace statement related to function entry and exit will be printed. The user has to enter the corresponding integer value for the bits set. For example if bits 1 and 2 are to be set ,then user has to give the value 6." ::= { fsIpDbScalars 5 } -- *************************************************************************** -- GROUPS -- *************************************************************************** -- ********************** (HOST, IP) Static Bindings ************************* fsIpDbStaticBindingTable OBJECT-TYPE SYNTAX SEQUENCE OF FsIpDbStaticBindingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains the static Host IP configuration information." ::= { fsIpDbStatic 1} fsIpDbStaticBindingEntry OBJECT-TYPE SYNTAX FsIpDbStaticBindingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A single entry contains the binding information of a single host connected to the system." INDEX { fsIpDbStaticHostVlanId, fsIpDbStaticHostMac } ::= { fsIpDbStaticBindingTable 1 } FsIpDbStaticBindingEntry ::= SEQUENCE { fsIpDbStaticHostVlanId Integer32, fsIpDbStaticHostMac MacAddress, fsIpDbStaticHostIp IpAddress, fsIpDbStaticInIfIndex Integer32, fsIpDbStaticGateway IpAddress, fsIpDbStaticBindingStatus RowStatus } fsIpDbStaticHostVlanId OBJECT-TYPE SYNTAX Integer32 (1..4094) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The VLAN ID to which the host belongs. This is an index of the table." ::= { fsIpDbStaticBindingEntry 1 } fsIpDbStaticHostMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "MAC address of the Host. This is an index of the table." ::= { fsIpDbStaticBindingEntry 2 } fsIpDbStaticHostIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "IP address of the Host." ::= { fsIpDbStaticBindingEntry 3 } fsIpDbStaticInIfIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the interface to which the host is connected." ::= { fsIpDbStaticBindingEntry 4 } fsIpDbStaticGateway OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the gateway to which the Host have access to." ::= { fsIpDbStaticBindingEntry 5 } fsIpDbStaticBindingStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-write STATUS current DESCRIPTION "The rowstatus of the binding table entry. All the objects in the table must be filled before making the rowstatus as active." ::= { fsIpDbStaticBindingEntry 6 } -- ********************** (HOST, IP) Binding Database ************************ fsIpDbBindingTable OBJECT-TYPE SYNTAX SEQUENCE OF FsIpDbBindingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains the information about all the hosts connected to the system, their MAC Address, VLAN, IP etc." ::= { fsIpDbBindings 1} fsIpDbBindingEntry OBJECT-TYPE SYNTAX FsIpDbBindingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A single entry contains the binding information of a single host connected to the system." INDEX { fsIpDbHostVlanId, fsIpDbHostMac } ::= { fsIpDbBindingTable 1 } FsIpDbBindingEntry ::= SEQUENCE { fsIpDbHostVlanId Integer32, fsIpDbHostMac MacAddress, fsIpDbHostBindingType INTEGER, fsIpDbHostIp IpAddress, fsIpDbHostInIfIndex Integer32, fsIpDbHostRemLeaseTime Integer32, fsIpDbHostBindingID Unsigned32 } fsIpDbHostVlanId OBJECT-TYPE SYNTAX Integer32 (1..4094) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The VLAN ID to which the host belongs. This is an index of the table." ::= { fsIpDbBindingEntry 1 } fsIpDbHostMac OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "MAC address of the Host. This is an index of the table." ::= { fsIpDbBindingEntry 2 } fsIpDbHostBindingType OBJECT-TYPE SYNTAX INTEGER { static (1), dhcp (2), ppp (3) } MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies whether the entry was configured through static or dynamically learnt through DHCP or PPP." ::= { fsIpDbBindingEntry 3 } fsIpDbHostIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "IP address of the Host." ::= { fsIpDbBindingEntry 4 } fsIpDbHostInIfIndex OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates the interface to which the host is connected." ::= { fsIpDbBindingEntry 5 } fsIpDbHostRemLeaseTime OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "The Remaining lease time in seconds for the (host, IP) binding. Applicable only if the fsIpDbBindingType is DHCP." ::= { fsIpDbBindingEntry 6 } fsIpDbHostBindingID OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "An integer value that identifies the binding type. For Static Bindings, this value is 0. For DHCP Bindings, this is the transaction ID. For PPP Bindings, this is the session ID of PPPoE session." ::= { fsIpDbBindingEntry 7 } -- Below is the Gateway Table corresponding to each binding entry. -- Each binding entry will contain a table of Gateway IPs, -- which will contain atleast one (default gateway) gateway IP entry. fsIpDbGatewayIpTable OBJECT-TYPE SYNTAX SEQUENCE OF FsIpDbGatewayIpEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table is a part of FsDhcpSnpBindingEntry. The table contains IP address of Gateways allowed for the host. The host will be allowed to contact only these Gateways." ::= { fsIpDbBindings 2 } fsIpDbGatewayIpEntry OBJECT-TYPE SYNTAX FsIpDbGatewayIpEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry contains an IP address of Gateway allowed for the host." INDEX { fsIpDbHostMac, fsIpDbHostVlanId, fsIpDbGatewayNetwork, fsIpDbGatewayNetMask, fsIpDbGatewayIp } ::= { fsIpDbGatewayIpTable 1 } FsIpDbGatewayIpEntry ::= SEQUENCE { fsIpDbGatewayNetwork IpAddress, fsIpDbGatewayNetMask IpAddress, fsIpDbGatewayIp IpAddress, fsIpDbGatewayIpMode INTEGER } fsIpDbGatewayNetwork OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The network IP address of the gateway." ::= { fsIpDbGatewayIpEntry 1 } fsIpDbGatewayNetMask OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The mask for the network to which the gateway is given." ::= { fsIpDbGatewayIpEntry 2 } fsIpDbGatewayIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The Gateway IP for the given network." ::= { fsIpDbGatewayIpEntry 3 } fsIpDbGatewayIpMode OBJECT-TYPE SYNTAX INTEGER { active (0) } MAX-ACCESS read-only STATUS current DESCRIPTION "The Gateway IP verification mode while ARP packet processing. " ::= { fsIpDbGatewayIpEntry 4 } -- **************************** Interface Entry ****************************** fsIpDbInterfaceTable OBJECT-TYPE SYNTAX SEQUENCE OF FsIpDbInterfaceEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains the interface (layer 2 VLAN) specific informations." ::= { fsIpDbInterface 1 } fsIpDbInterfaceEntry OBJECT-TYPE SYNTAX FsIpDbInterfaceEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry will contain statistics associated with the interface." INDEX { fsIpDbIntfVlanId } ::= { fsIpDbInterfaceTable 1 } FsIpDbInterfaceEntry ::= SEQUENCE { fsIpDbIntfVlanId Integer32, fsIpDbIntfNoOfVlanBindings Counter32, fsIpDbIntfNoOfVlanStaticBindings Counter32, fsIpDbIntfNoOfVlanDHCPBindings Counter32, fsIpDbIntfNoOfVlanPPPBindings Counter32 } fsIpDbIntfVlanId OBJECT-TYPE SYNTAX Integer32 (1..4094) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Vlan ID of the VLAN to which this table-entry is associated." ::= { fsIpDbInterfaceEntry 1 } fsIpDbIntfNoOfVlanBindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This indicates the total number of (host, IP) bindings for a given VLAN at a given time." ::= { fsIpDbInterfaceEntry 2 } fsIpDbIntfNoOfVlanStaticBindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This indicates the total number of static (host, IP) bindings for a VLAN at a given time. " ::= { fsIpDbInterfaceEntry 3 } fsIpDbIntfNoOfVlanDHCPBindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This indicates the total number of (host, IP) bindings configured through DHCP for a VLAN at a given time. " ::= { fsIpDbInterfaceEntry 4 } fsIpDbIntfNoOfVlanPPPBindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "This indicates the total number of (host, IP) bindings configured through PPP for a VLAN at a given time. " ::= { fsIpDbInterfaceEntry 5 } -- ====================================================== -- IP source guard table -- ====================================================== fsIpDbSrcGuardConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF FsIpDbSrcGuardConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " This table provides the objects to enable or disable IP source guard on each non routed Layer 2 interfaces. When DHCP Snooping is enabled at an interface, a list of IP addresses is obtained through DHCP snooping for this particular interface and these list of IP address are maintained in IP binding database along with the MAC, VLAN ID and interface index. This database can be populated using static configuration also. If IP source guard is enabled, incoming IP traffic on an interface are allowed when there is a matching entry in IP binding database. Else, all incoming IP traffic on an interface are allowed irrespective of the IP binding database." ::= { fsIpDbSrcGuard 1 } fsIpDbSrcGuardConfigEntry OBJECT-TYPE SYNTAX FsIpDbSrcGuardConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION " Each row instance contains the configuration to enable or disable IP source guard on a physical interface. " INDEX { fsIpDbSrcGuardIndex } ::= { fsIpDbSrcGuardConfigTable 1 } FsIpDbSrcGuardConfigEntry ::= SEQUENCE { fsIpDbSrcGuardIndex InterfaceIndex, fsIpDbSrcGuardStatus INTEGER } fsIpDbSrcGuardIndex OBJECT-TYPE SYNTAX InterfaceIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "This indicates the interface identifier for which the IP source guard configuration is applied." ::= { fsIpDbSrcGuardConfigEntry 1 } fsIpDbSrcGuardStatus OBJECT-TYPE SYNTAX INTEGER { disable(1), ip (2), ipMac (3) } MAX-ACCESS read-write STATUS current DESCRIPTION " This object indicates the IP source guard status of an interface. If this object is set to 'disable', IP source guard feature is disabled and all incoming IP traffic on this interface will be allowed. If this object is set to 'ip', IP source guard feature is enabled on fsIpDbSrcGuardIndex with Source IP address filtering mode. The switch allows the IP traffic when the source IP matches with an entry in Ip binding database. If this object is set to 'ipMac', IP source guard is enabled on the fsIpDbSrcGuardIndex with Source IP and MAC address filtering mode. The switch allows the IP traffic when the source IP and MAC address matches with an entry in Ip binding database. When there is no IP binding entries and IP source guard is enabled, switch drops all types of packets other than DHCP packet. " DEFVAL { disable } ::= { fsIpDbSrcGuardConfigEntry 2 } END