449 lines
16 KiB
Plaintext
449 lines
16 KiB
Plaintext
CT-FASTPATH-DHCPSNOOPING-MIB DEFINITIONS ::= BEGIN
|
|
|
|
-- LVL7 FASTPATH DHCP Server MIB
|
|
-- Copyright LVL7 Systems (2002-2008) All rights reserved.
|
|
|
|
-- This SNMP Management Information Specification
|
|
-- embodies LVL7 System's confidential and proprietary
|
|
-- intellectual property. LVL7 Systems retains all title
|
|
-- and ownership in the Specification including any revisions.
|
|
|
|
-- This Specification is supplied "AS IS", LVL7 Systems
|
|
-- makes no warranty, either expressed or implied,
|
|
-- as to the use, operation, condition, or performance of the
|
|
-- Specification.
|
|
|
|
-- This module provides authoritative definitions for Cabletron's
|
|
-- CT-FASTPATH-DHCPSNOOPING-MIB.
|
|
--
|
|
-- This module will be extended, as needed.
|
|
--
|
|
-- Enterasys Networks reserves the right to make changes in
|
|
-- specification and other information contained in this document
|
|
-- without prior notice. The reader should consult Enterasys Networks
|
|
-- to determine whether any such changes have been made.
|
|
--
|
|
-- In no event shall Enterasys Networks be liable for any incidental,
|
|
-- indirect, special, or consequential damages whatsoever (including
|
|
-- but not limited to lost profits) arising out of or related to this
|
|
-- document or the information contained in it, even if Enterasys
|
|
-- Networks has been advised of, known, or should have known, the
|
|
-- possibility of such damages.
|
|
--
|
|
-- Enterasys grants vendors, end-users, and other interested parties
|
|
-- a non-exclusive license to use this Specification in connection
|
|
-- with the management of Enterasys and Cabletron products.
|
|
--
|
|
-- Copyright July 2008 Enterasys Networks, Inc.
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
|
|
IpAddress, Integer32, Unsigned32, TimeTicks, Counter32
|
|
FROM SNMPv2-SMI
|
|
VlanIndex
|
|
FROM Q-BRIDGE-MIB
|
|
InterfaceIndex, ifIndex
|
|
FROM IF-MIB
|
|
TEXTUAL-CONVENTION, RowStatus, RowPointer, MacAddress,
|
|
StorageType, TruthValue, DisplayString, PhysAddress
|
|
FROM SNMPv2-TC
|
|
ctDhcpSnoopingExpMib
|
|
FROM CTRON-MIB-NAMES;
|
|
|
|
ctFastPathDHCPSnoopingMIB MODULE-IDENTITY
|
|
LAST-UPDATED "200807231519Z" -- Wed Jul 23 15:19 UTC 2008
|
|
ORGANIZATION "Enterasys Networks, Inc."
|
|
CONTACT-INFO
|
|
"Postal: Enterasys Networks
|
|
50 Minuteman Rd.
|
|
Andover, MA 01810-1008
|
|
USA
|
|
Phone: +1 978 684 1000
|
|
E-mail: support@enterasys.com
|
|
WWW: http://www.enterasys.com"
|
|
DESCRIPTION
|
|
"The Enterasys MIB for FASTPATH DHCP Snooping"
|
|
::= { ctDhcpSnoopingExpMib 1 }
|
|
|
|
--**************************************************************************************
|
|
-- ctAgentDhcpSnoopingConfigGroup -> contains MIB objects for DHCP Snooping
|
|
--
|
|
--**************************************************************************************
|
|
--************ The DHCP SNOOPING Global Config Table ********
|
|
|
|
ctAgentDhcpSnoopingConfigGroup OBJECT IDENTIFIER ::= {ctFastPathDHCPSnoopingMIB 1}
|
|
|
|
ctAgentDhcpSnoopingAdminMode OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates whether DHCP Snooping
|
|
is enabled globally.
|
|
|
|
If this object is set to 'true',admin mode
|
|
is enabled globally.
|
|
|
|
If this object is set to 'false',admin mode
|
|
is disabled globally."
|
|
DEFVAL { false }
|
|
::= { ctAgentDhcpSnoopingConfigGroup 1 }
|
|
|
|
ctAgentDhcpSnoopingVerifyMac OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates whether source Mac address
|
|
in the received DHCP Message needs to be verified or not.
|
|
|
|
If this object is set to 'true',verifyMac
|
|
is enabled globally.
|
|
|
|
If this object is set to 'false',verifyMac
|
|
is disabled globally."
|
|
DEFVAL { false }
|
|
::= { ctAgentDhcpSnoopingConfigGroup 2 }
|
|
|
|
ctAgentDhcpSnoopingVlanConfigTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CtAgentDhcpSnoopingVlanConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table provides the mechanism to control DHCP SNOOPING
|
|
per VLAN. When a VLAN is created in a device
|
|
supporting this table, a corresponding entry of this table
|
|
will be added."
|
|
::= { ctAgentDhcpSnoopingConfigGroup 3 }
|
|
|
|
|
|
ctAgentDhcpSnoopingVlanConfigEntry OBJECT-TYPE
|
|
SYNTAX CtAgentDhcpSnoopingVlanConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A row instance contains the configuration for DHCP
|
|
SNOOPING at each existing VLAN."
|
|
INDEX { ctAgentDhcpSnoopingVlanIndex }
|
|
::= { ctAgentDhcpSnoopingVlanConfigTable 1 }
|
|
|
|
CtAgentDhcpSnoopingVlanConfigEntry ::= SEQUENCE {
|
|
ctAgentDhcpSnoopingVlanIndex VlanIndex,
|
|
ctAgentDhcpSnoopingVlanEnable TruthValue
|
|
}
|
|
|
|
ctAgentDhcpSnoopingVlanIndex OBJECT-TYPE
|
|
SYNTAX VlanIndex
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the VLAN number on which DHCP SNOOPING
|
|
Inspection feature is configured."
|
|
::= { ctAgentDhcpSnoopingVlanConfigEntry 1 }
|
|
|
|
ctAgentDhcpSnoopingVlanEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates whether DHCP SNOOPING is
|
|
enabled in this VLAN.
|
|
|
|
If this object is set to 'true', DHCP SNOOPING
|
|
is enabled.
|
|
|
|
If this object is set to 'false', DHCP SNOOPING
|
|
is disabled."
|
|
DEFVAL { false }
|
|
::= { ctAgentDhcpSnoopingVlanConfigEntry 2 }
|
|
|
|
|
|
--************ The DHCP snooping Interface Config Table ********
|
|
|
|
ctAgentDhcpSnoopingIfConfigTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CtAgentDhcpSnoopingIfConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table provides the mechanism to configure the trust
|
|
state for DHCP snooping purpose at each physical
|
|
interface capable of this feature."
|
|
::= { ctAgentDhcpSnoopingConfigGroup 4 }
|
|
|
|
ctAgentDhcpSnoopingIfConfigEntry OBJECT-TYPE
|
|
SYNTAX CtAgentDhcpSnoopingIfConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A row instance contains the configuration for
|
|
DHCP snooping at each physical interface capable of this feature."
|
|
INDEX { ifIndex }
|
|
::= { ctAgentDhcpSnoopingIfConfigTable 1 }
|
|
|
|
CtAgentDhcpSnoopingIfConfigEntry ::= SEQUENCE {
|
|
ctAgentDhcpSnoopingIfTrustEnable TruthValue,
|
|
ctAgentDhcpSnoopingIfLogEnable TruthValue,
|
|
ctAgentDhcpSnoopingIfRateLimit Unsigned32,
|
|
ctAgentDhcpSnoopingIfBurstInterval Unsigned32
|
|
}
|
|
|
|
ctAgentDhcpSnoopingIfTrustEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates whether the interface is trusted for
|
|
DHCP snooping purpose."
|
|
|
|
DEFVAL { false }
|
|
::= { ctAgentDhcpSnoopingIfConfigEntry 1 }
|
|
|
|
ctAgentDhcpSnoopingIfLogEnable OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates whether the Logging needs on DHCP snooping validations
|
|
or not"
|
|
|
|
DEFVAL { false }
|
|
::= { ctAgentDhcpSnoopingIfConfigEntry 2 }
|
|
|
|
ctAgentDhcpSnoopingIfRateLimit OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..300)
|
|
UNITS "packets per second"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates rate limit value for DHCP
|
|
Snooping purpose. If the incoming rate of DHCP packets
|
|
exceeds the value of this object for consecutively
|
|
burst interval seconds, DHCP packets will be
|
|
dropped. "
|
|
DEFVAL { 15 }
|
|
::= { ctAgentDhcpSnoopingIfConfigEntry 3 }
|
|
|
|
ctAgentDhcpSnoopingIfBurstInterval OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..15)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the burst interval value
|
|
for rate limiting purpose on this interface."
|
|
DEFVAL { 1 }
|
|
::= { ctAgentDhcpSnoopingIfConfigEntry 4 }
|
|
|
|
|
|
--************ The DHCP snooping Statistics Table ********
|
|
|
|
ctAgentDhcpSnoopingStatsReset OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
none(0),
|
|
reset(1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Clear the DHCP snooping statistics on all ports. A value of reset(1)
|
|
is used to reset the statistics. A read on this object will
|
|
always return the value none(0). The value none(0) cannot
|
|
be forcibly set by the administrator."
|
|
::= { ctAgentDhcpSnoopingConfigGroup 6 }
|
|
|
|
ctAgentDhcpSnoopingStatsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CtAgentDhcpSnoopingStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table provides the mechanism for statics of DHCP snooping."
|
|
::= { ctAgentDhcpSnoopingConfigGroup 7 }
|
|
|
|
ctAgentDhcpSnoopingStatsEntry OBJECT-TYPE
|
|
SYNTAX CtAgentDhcpSnoopingStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A row instance contains the DHCP snooping statistics per VLAN."
|
|
INDEX { ifIndex }
|
|
::= { ctAgentDhcpSnoopingStatsTable 1 }
|
|
|
|
CtAgentDhcpSnoopingStatsEntry ::= SEQUENCE {
|
|
|
|
ctAgentDhcpSnoopingMacVerifyFailures Counter32,
|
|
ctAgentDhcpSnoopingInvalidClientMessages Counter32,
|
|
ctAgentDhcpSnoopingInvalidServerMessages Counter32
|
|
}
|
|
|
|
ctAgentDhcpSnoopingMacVerifyFailures OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the number of failure verifications of client mac address with
|
|
source mac address"
|
|
::= { ctAgentDhcpSnoopingStatsEntry 1 }
|
|
|
|
ctAgentDhcpSnoopingInvalidClientMessages OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the number of invalid DHCP releases and denay messages"
|
|
::= { ctAgentDhcpSnoopingStatsEntry 2 }
|
|
|
|
ctAgentDhcpSnoopingInvalidServerMessages OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the number of invalid DHCP server mesaages"
|
|
::= { ctAgentDhcpSnoopingStatsEntry 3 }
|
|
|
|
--*********************** DHCP SNOOPING static bindings Config Table ***********************
|
|
|
|
ctAgentStaticDsBindingTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CtAgentStaticDsBinding
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of the DHCP SNOOPING static entries"
|
|
::= { ctAgentDhcpSnoopingConfigGroup 10 }
|
|
|
|
ctAgentStaticDsBinding OBJECT-TYPE
|
|
SYNTAX CtAgentStaticDsBinding
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents a binding in DHCP SNOOPING table"
|
|
INDEX {
|
|
ctAgentStaticDsBindingMacAddr
|
|
}
|
|
::= { ctAgentStaticDsBindingTable 1 }
|
|
|
|
|
|
CtAgentStaticDsBinding ::= SEQUENCE {
|
|
|
|
ctAgentStaticDsBindingIfIndex InterfaceIndex,
|
|
ctAgentStaticDsBindingVlanId VlanIndex,
|
|
ctAgentStaticDsBindingMacAddr MacAddress,
|
|
ctAgentStaticDsBindingIpAddr IpAddress,
|
|
ctAgentStaticDsBindingRowStatus RowStatus
|
|
}
|
|
|
|
ctAgentStaticDsBindingIfIndex OBJECT-TYPE
|
|
SYNTAX InterfaceIndex
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Interface on which this DHCP SNOOPING binding is going to be added."
|
|
::= { ctAgentStaticDsBinding 1 }
|
|
|
|
ctAgentStaticDsBindingVlanId OBJECT-TYPE
|
|
SYNTAX VlanIndex
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
" VLAN to whcig this DHCP SNOOPING binding is going to be added."
|
|
::= { ctAgentStaticDsBinding 2 }
|
|
|
|
ctAgentStaticDsBindingMacAddr OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"MAC address match value for the DHCP SNOOPING Binding."
|
|
::= { ctAgentStaticDsBinding 3 }
|
|
|
|
ctAgentStaticDsBindingIpAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP address match value for the DHCP SNOOPING Binding."
|
|
::= { ctAgentStaticDsBinding 4 }
|
|
|
|
ctAgentStaticDsBindingRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of this conceptual row.
|
|
|
|
active(1) - this DHCP SNOOPING Binding is active
|
|
createAndGo(4) - set to this value to create an instance
|
|
destroy(6) - set to this value to delete an instance"
|
|
::= { ctAgentStaticDsBinding 5 }
|
|
|
|
--*********************** DHCP SNOOPING Dynamic bindings Config Table ***********************
|
|
|
|
ctAgentDynamicDsBindingTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CtAgentDynamicDsBinding
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table of the DHCP SNOOPING Dynamic entries"
|
|
::= { ctAgentDhcpSnoopingConfigGroup 11 }
|
|
|
|
ctAgentDynamicDsBinding OBJECT-TYPE
|
|
SYNTAX CtAgentDynamicDsBinding
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Represents a binding in DHCP SNOOPING table"
|
|
INDEX { ctAgentDynamicDsBindingMacAddr }
|
|
::= { ctAgentDynamicDsBindingTable 11 }
|
|
|
|
CtAgentDynamicDsBinding ::= SEQUENCE {
|
|
|
|
ctAgentDynamicDsBindingIfIndex InterfaceIndex,
|
|
ctAgentDynamicDsBindingVlanId VlanIndex,
|
|
ctAgentDynamicDsBindingMacAddr MacAddress,
|
|
ctAgentDynamicDsBindingIpAddr IpAddress
|
|
|
|
}
|
|
|
|
ctAgentDynamicDsBindingIfIndex OBJECT-TYPE
|
|
SYNTAX InterfaceIndex
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Interface on which this DHCP SNOOPING binding is going to be added."
|
|
::= { ctAgentDynamicDsBinding 1 }
|
|
|
|
ctAgentDynamicDsBindingVlanId OBJECT-TYPE
|
|
SYNTAX VlanIndex
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
" VLAN to whcig this DHCP SNOOPING binding is going to be added."
|
|
::= { ctAgentDynamicDsBinding 2 }
|
|
|
|
ctAgentDynamicDsBindingMacAddr OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"MAC address match value for the DHCP SNOOPING Binding."
|
|
::= { ctAgentDynamicDsBinding 3 }
|
|
|
|
ctAgentDynamicDsBindingIpAddr OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP address match value for the DHCP SNOOPING Binding."
|
|
::= { ctAgentDynamicDsBinding 4 }
|
|
|
|
ctDhcpSnoopingIntfErrorDisabledTrap NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
ifIndex
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Trap is sent once an interface is error disabled by DHCP Snooping when the
|
|
incoming packet rate exceeded configured rate limit during a
|
|
burst-interval."
|
|
::= { ctAgentDhcpSnoopingConfigGroup 12 }
|
|
|
|
END
|