900 lines
33 KiB
Plaintext
900 lines
33 KiB
Plaintext
ENTERASYS-MAC-LOCKING-MIB DEFINITIONS ::= BEGIN
|
|
|
|
-- enterasys-mac-locking-mib.txt
|
|
--
|
|
-- Part Number: <TBD>
|
|
--
|
|
--
|
|
|
|
-- This module provides authoritative definitions for Extreme
|
|
-- Networks' MAC Locking MIB.
|
|
|
|
--
|
|
-- This module will be extended, as needed.
|
|
|
|
-- Extreme Networks reserves the right to make changes in this
|
|
-- specification and other information contained in this document
|
|
-- without prior notice. The reader should consult Extreme Networks
|
|
-- to determine whether any such changes have been made.
|
|
--
|
|
-- In no event shall Extreme Networks be liable for any incidental,
|
|
-- indirect, special, or consequential damages whatsoever (including
|
|
-- but not limited to lost profits) arising out of or related to this
|
|
-- document or the information contained in it, even if Extreme
|
|
-- Networks has been advised of, known, or should have known, the
|
|
-- possibility of such damages.
|
|
--
|
|
-- Extreme Networks grants vendors, end-users, and other interested
|
|
-- parties a non-exclusive license to use this Specification in
|
|
-- connection with the management of Extreme Networks products.
|
|
|
|
-- Copyright July, (2002-2014) Extreme Networks, Inc.
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Unsigned32
|
|
FROM SNMPv2-SMI
|
|
MacAddress, RowStatus, TruthValue
|
|
FROM SNMPv2-TC
|
|
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
|
|
FROM SNMPv2-CONF
|
|
InterfaceIndex
|
|
FROM IF-MIB
|
|
EnabledStatus
|
|
FROM P-BRIDGE-MIB
|
|
etsysModules
|
|
FROM ENTERASYS-MIB-NAMES;
|
|
|
|
etsysMACLockingMIB MODULE-IDENTITY
|
|
LAST-UPDATED "201407071331Z" -- Mon Jul 7 13:31 UTC 2014
|
|
ORGANIZATION "Extreme Networks, Inc."
|
|
CONTACT-INFO
|
|
"Postal: Extreme Networks, Inc.
|
|
145 Rio Robles
|
|
San Jose, CA 95134 USA
|
|
|
|
Phone: +1 408 579-2800
|
|
E-mail: support@extremenetworks.com
|
|
WWW: http://www.extremenetworks.com"
|
|
|
|
DESCRIPTION
|
|
"This MIB module defines the portion of the SNMP enterprise
|
|
MIBs under Enterasys Networks' enterprise OID pertaining to
|
|
MAC Locking.
|
|
|
|
This MIB is designed to provide configuration and status
|
|
objects pertaining to per port MAC Locking."
|
|
|
|
REVISION "201407071331Z" -- Mon Jul 7 13:31 UTC 2014
|
|
DESCRIPTION
|
|
"Modified DESCRIPTION clause of etsysMACLockingThresholdShutdown
|
|
to reflect correct behavior of disabling the port when the
|
|
threshold has been exceeded."
|
|
|
|
REVISION "201406021121Z" -- Mon Jun 2 11:21 UTC 2014
|
|
DESCRIPTION
|
|
"Changed the default value of etsysMACLockingShutdownState (of
|
|
type TruthValue) from disabled to false. Updated the
|
|
CONTACT-INFO clause with new corporate information and added
|
|
a new MODULE-COMPLIANCE statement."
|
|
|
|
REVISION "201108031825Z" -- Wed Aug 3 18:25 UTC 2011
|
|
DESCRIPTION
|
|
"Added the etsysMACLockingClearOnLink object."
|
|
|
|
REVISION "201106081238Z" -- Wed Jun 8 12:38 UTC 2011
|
|
DESCRIPTION
|
|
"Added the etsMACLockingThresholdShutdown and
|
|
etsysMACLockingShutdownState leaves to facilitate the
|
|
shutdown of bridge ports when the MAC address table
|
|
threshold (etsysMACLockingFirstArrivialStationsAllocated)
|
|
has been exceeded."
|
|
|
|
REVISION "201103081947Z" -- March 08, 2011, 7:47PM UTC
|
|
DESCRIPTION
|
|
"Added the etsysMACLockingThresholdEnable leaf and
|
|
etsysMACLockingMACThresholdNotification notification so that an
|
|
administrator can take appropriate action upon the MAC address
|
|
table threshold (etsysMACLockingFirstArrivalStationsAllocated)
|
|
being reached."
|
|
|
|
REVISION "200705211304Z" -- Mon May 21 13:04 UTC 2007
|
|
DESCRIPTION
|
|
"Added the etsysMACLockingViolationSyslogEnable leaf
|
|
to control the sending of syslog messages for violating
|
|
MAC addresses."
|
|
|
|
REVISION "200705171255Z" -- Thu May 17 12:55 UTC 2007
|
|
DESCRIPTION
|
|
"Clarify that only static MAC lock entries that are in the
|
|
active(1) state, should be represented in the
|
|
etsysMACLockingStationTable."
|
|
|
|
REVISION "200705091924Z" -- Wed May 9 19:24 UTC 2007
|
|
DESCRIPTION
|
|
"Added the etsysMACLockingRemoveStation object to allow for the
|
|
removal of any current locked MAC address.
|
|
|
|
Added the agingFirstArrival enumeration to represent first
|
|
arrival entries that are aging."
|
|
|
|
REVISION "200704161526Z" -- Mon Apr 16 15:26 UTC 2007
|
|
DESCRIPTION
|
|
"Added the etsysMACLockingFirstArrivalAging object to control the
|
|
aging of first arrival entries on a per-port basis."
|
|
|
|
REVISION "200307301545Z" -- Wed Jul 30 15:45 GMT 2003
|
|
DESCRIPTION
|
|
"Updated the description clause for the
|
|
etsysMACLockingMoveFirstArrivalToStatic object."
|
|
|
|
REVISION "200301172114Z" -- Fri Jan 17 21:14 GMT 2003
|
|
DESCRIPTION
|
|
"Added objects to support the transition of dynamically
|
|
locked MAC addresses to statically locked addresses."
|
|
|
|
REVISION "200208052030Z" -- Mon Aug 5 20:30 GMT 2002
|
|
DESCRIPTION
|
|
"Added more descriptive text and corrected two range
|
|
issues in the description of the allocated objects."
|
|
|
|
REVISION "200208011445Z" -- Thu Aug 1 14:45 GMT 2002
|
|
DESCRIPTION
|
|
"The initial version of this MIB module."
|
|
|
|
::= { etsysModules 21 }
|
|
|
|
|
|
etsysMACLockingObjects
|
|
OBJECT IDENTIFIER ::= { etsysMACLockingMIB 1 }
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Textual Conventions
|
|
-- -------------------------------------------------------------
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Branches of the Enterasys MAC Locking MIB
|
|
-- -------------------------------------------------------------
|
|
|
|
etsysMACLockingSystemBranch
|
|
OBJECT IDENTIFIER ::= { etsysMACLockingObjects 1 }
|
|
|
|
etsysMACLockingPortConfigBranch
|
|
OBJECT IDENTIFIER ::= { etsysMACLockingObjects 2 }
|
|
|
|
etsysMACLockingStaticStationBranch
|
|
OBJECT IDENTIFIER ::= { etsysMACLockingObjects 3 }
|
|
|
|
etsysMACLockingStationBranch
|
|
OBJECT IDENTIFIER ::= { etsysMACLockingObjects 4 }
|
|
|
|
etsysMACLockingTrapBranch
|
|
OBJECT IDENTIFIER ::= { etsysMACLockingObjects 0 }
|
|
|
|
-- -------------------------------------------------------------
|
|
-- MAC Locking System Branch
|
|
-- -------------------------------------------------------------
|
|
|
|
etsysMACLockingSystemEnable OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is a configuration convenience.
|
|
While disabled(2), all per port configuration is
|
|
ignored, but changeable. When set to enabled(1),
|
|
the per port configuration becomes active."
|
|
DEFVAL { disabled }
|
|
::= { etsysMACLockingSystemBranch 1 }
|
|
|
|
|
|
-- -------------------------------------------------------------
|
|
-- The Port Based Configuration MAC Locking Table
|
|
-- -------------------------------------------------------------
|
|
|
|
etsysMACLockingPortTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF EtsysMACLockingPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table that provides for the configuration
|
|
of MAC Locking for each port. Regardless of
|
|
the value of etsysMACLockingSystemEnable,
|
|
this table is automatically populated with
|
|
one row per supported port.
|
|
MAC Locking is not supported on media types
|
|
whose addresses cannot be adequately
|
|
represented by the MacAddress convention"
|
|
::= { etsysMACLockingPortConfigBranch 1 }
|
|
|
|
etsysMACLockingPortEntry OBJECT-TYPE
|
|
SYNTAX EtsysMACLockingPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each conceptual row allows control over whether MAC
|
|
locking is enabled for the port corresponding to the
|
|
row. Similarly, each row provides control over whether
|
|
violation traps are sent. Information in this table
|
|
is persistent."
|
|
INDEX { etsysMACLockingPort }
|
|
::= { etsysMACLockingPortTable 1 }
|
|
|
|
EtsysMACLockingPortEntry::=
|
|
SEQUENCE {
|
|
etsysMACLockingPort InterfaceIndex,
|
|
etsysMACLockingEnable EnabledStatus,
|
|
etsysMACLockingViolationEnable EnabledStatus,
|
|
etsysMACLockingLastViolationAddress MacAddress,
|
|
etsysMACLockingFirstArrivalStationsAllowed Unsigned32,
|
|
etsysMACLockingFirstArrivalStationsAllocated Unsigned32,
|
|
etsysMACLockingStaticStationsAllowed Unsigned32,
|
|
etsysMACLockingStaticStationsAllocated Unsigned32,
|
|
etsysMACLockingMoveFirstArrivalToStatic TruthValue,
|
|
etsysMACLockingStaticStationsCount Unsigned32,
|
|
etsysMACLockingClearStaticStations TruthValue,
|
|
etsysMACLockingFirstArrivalAging TruthValue,
|
|
etsysMACLockingViolationSyslogEnable EnabledStatus,
|
|
etsysMACLockingThresholdEnable EnabledStatus,
|
|
etsysMACLockingThresholdSyslogEnable EnabledStatus,
|
|
etsysMACLockingThresholdShutdown EnabledStatus,
|
|
etsysMACLockingShutdownState TruthValue,
|
|
etsysMACLockingClearOnLink TruthValue
|
|
}
|
|
|
|
etsysMACLockingPort OBJECT-TYPE
|
|
SYNTAX InterfaceIndex
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interface number for this row."
|
|
::= { etsysMACLockingPortEntry 1 }
|
|
|
|
etsysMACLockingEnable OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to enabled(1) any static entries currently created
|
|
on this port become active and the first n MACs which are
|
|
received on this port are locked, where n is equal to
|
|
etsysMACLockingFirstArrivalStationsAllocated.
|
|
|
|
When set to disabled(2), all entries in the
|
|
etsysMACLockingStationTable are cleared, and
|
|
the port forwards without regard to MAC locking."
|
|
DEFVAL { disabled }
|
|
::= { etsysMACLockingPortEntry 2 }
|
|
|
|
etsysMACLockingViolationEnable OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to enabled(1), the agent issues violation traps
|
|
for violations detected by the agent.
|
|
|
|
Arrival of violation traps at the management station is not
|
|
guaranteed and the trap generation rate is not required to
|
|
match the violation detection rate. A best effort delivery is
|
|
acceptable.
|
|
|
|
When disabled(2), no traps are sent."
|
|
DEFVAL { disabled }
|
|
::= { etsysMACLockingPortEntry 3 }
|
|
|
|
etsysMACLockingLastViolationAddress OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The last source MAC received on this port which was a
|
|
violation. A violation is defined to be when the maximum
|
|
number of firstArrival entries exists for this port in the
|
|
etsysMACLockingStationTable and the source MAC address of
|
|
the received packet differs from all entries found for this
|
|
port in the etsysMACLockingStationTable."
|
|
::= { etsysMACLockingPortEntry 4 }
|
|
|
|
etsysMACLockingFirstArrivalStationsAllowed OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The agent sets this number for the benefit of management
|
|
to use when determining the permissible range of values
|
|
for the etsysMACLockingFirstArrivalStationsAllocated object.
|
|
The default value of this object is device dependent."
|
|
::= { etsysMACLockingPortEntry 5 }
|
|
|
|
etsysMACLockingFirstArrivalStationsAllocated OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Management sets this number in the range of 0 to
|
|
etsysMACLockingFirstArrivalStationsAllowed. This number
|
|
limits the number of locked MACs on this port using the
|
|
first arrival method. The default value of this object
|
|
SHOULD be the same as the default value of
|
|
etsysMACLockingFirstArrivalStationsAllowed."
|
|
::= { etsysMACLockingPortEntry 6 }
|
|
|
|
etsysMACLockingStaticStationsAllowed OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The agent sets this number for the benefit of management
|
|
to use when determining the permissible range of values
|
|
for the etsysMACLockingStaticStationsAllocated object.
|
|
The default value of this object is device dependent."
|
|
::= { etsysMACLockingPortEntry 7 }
|
|
|
|
etsysMACLockingStaticStationsAllocated OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Management sets this number in the range of 0 to
|
|
etsysMACLockingStaticStationsAllowed. This limits
|
|
the number of statically provisioned, locked MACs on
|
|
this port. The default value of this object SHOULD
|
|
be the same as the default value of
|
|
etsysMACLockingStaticStationsAllowed."
|
|
::= { etsysMACLockingPortEntry 8 }
|
|
|
|
etsysMACLockingMoveFirstArrivalToStatic OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to true(1), moves First Arrival MACs locked on
|
|
the port, in lexicographical order, into Statically Locked
|
|
MACs on the port. The move continues until all First
|
|
Arrival MACs are moved or until the number of allowable
|
|
static entries (etsysMACLockingStaticStationsAllocated)
|
|
has been exhausted. If there is an insufficient number
|
|
Static entries available to accommodate all the First
|
|
Arrival MACs, then only the First Arrival MACs already
|
|
moved to statically locked MACs will be static entries,
|
|
the remaining First Arrival MACs will remain as First
|
|
Arrival entries and a MIB_ERROR is returned. When read this
|
|
object will always return false(2)."
|
|
::= { etsysMACLockingPortEntry 9 }
|
|
|
|
etsysMACLockingStaticStationsCount OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Returns the number of Statically Locked MACs currently
|
|
locked on the port."
|
|
::= { etsysMACLockingPortEntry 10 }
|
|
|
|
etsysMACLockingClearStaticStations OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to true(1), clears out all the Statically
|
|
Locked MACs on this port. When read this object will
|
|
always return false(2)."
|
|
::= { etsysMACLockingPortEntry 11 }
|
|
|
|
etsysMACLockingFirstArrivalAging OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to true(1), firstArrival MACs that have aged
|
|
out of the forwarding database will be removed for the
|
|
associated port lock."
|
|
::= { etsysMACLockingPortEntry 12 }
|
|
|
|
etsysMACLockingViolationSyslogEnable OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to enabled(1), the agent issues syslog messages
|
|
for violations detected by the agent.
|
|
|
|
Arrival of violation syslog messages at the management
|
|
station is not guaranteed and the messages generation rate is
|
|
not required to match the violation detection rate. A best
|
|
effort delivery is acceptable. When disabled(2), no syslog
|
|
messages are sent as a result of MAC locking violations."
|
|
DEFVAL { disabled }
|
|
::= { etsysMACLockingPortEntry 13 }
|
|
|
|
etsysMACLockingThresholdEnable OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to enabled(1), the agent issues a trap when the MAC
|
|
address threshold as defined in the
|
|
etsysMACLockingFirstArrivalStationsAllocated object has been
|
|
reached.
|
|
|
|
Arrival of these traps at the management station is not
|
|
guaranteed and the trap generation rate is not required to
|
|
match the detection rate. A best effort delivery is acceptable.
|
|
|
|
When disabled(2), no traps are sent as a result of the
|
|
threshold being reached."
|
|
DEFVAL { disabled }
|
|
::= { etsysMACLockingPortEntry 14 }
|
|
|
|
etsysMACLockingThresholdSyslogEnable OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to enabled(1), the agent issues a syslog message
|
|
when the MAC address threshold as defined in the
|
|
etsysMACLockingFirstArrivalStationsAllocated object has been
|
|
reached.
|
|
|
|
Arrival of these messages is not guaranteed and the message
|
|
generation rate is not required to match the detection rate.
|
|
A best effort delivery is acceptable.
|
|
|
|
When disabled(2), no messages are sent as a result of the
|
|
threshold being reached."
|
|
DEFVAL { disabled }
|
|
::= { etsysMACLockingPortEntry 15 }
|
|
|
|
etsysMACLockingThresholdShutdown OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to enabled(1), the agent attempts to disable the
|
|
port when the MAC address threshold as defined in the
|
|
etsysMACLockingFirstArrivalStationsAllocated object has been
|
|
exceeded.
|
|
|
|
When set to disabled(2), the agent will not attempt to disable
|
|
the port."
|
|
DEFVAL { disabled }
|
|
::= { etsysMACLockingPortEntry 16 }
|
|
|
|
etsysMACLockingShutdownState OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When read as true(1), this value indicates that the port
|
|
has been disabled due to a threshold being exceeded.
|
|
|
|
When read as false(2), this value indicates that the port
|
|
has not been disabled due to a threshold being exceeded.
|
|
|
|
Setting this leaf with a value of false(2) will clear
|
|
the port disabled state.
|
|
|
|
Setting this leaf with a value of true(1) will be ignored."
|
|
DEFVAL { false }
|
|
::= { etsysMACLockingPortEntry 17 }
|
|
|
|
etsysMACLockingClearOnLink OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to true(1), firstArrival MACs SHOULD be removed
|
|
from the associated port on a link state change."
|
|
DEFVAL { true }
|
|
::= { etsysMACLockingPortEntry 18 }
|
|
|
|
|
|
-- -------------------------------------------------------------
|
|
-- The Station Based Static MAC Locking Table
|
|
-- -------------------------------------------------------------
|
|
|
|
etsysMACLockingStaticStationTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF EtsysMACLockingStaticStationEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table lists all statically locked MAC addresses for
|
|
each port. When MAC locking is enabled on a
|
|
port, all active rows in this table will appear in
|
|
the etsysMACLockingStationTable with the object
|
|
etsysMACLockingLockedEntryCause set to static(2).
|
|
Rows in this table are persistent between resets."
|
|
::= { etsysMACLockingStaticStationBranch 1 }
|
|
|
|
etsysMACLockingStaticStationEntry OBJECT-TYPE
|
|
SYNTAX EtsysMACLockingStaticStationEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each conceptual row contains a user specified
|
|
locked MAC address."
|
|
INDEX { etsysMACLockingPort, etsysMACLockingLockedAddress }
|
|
::= { etsysMACLockingStaticStationTable 1 }
|
|
|
|
EtsysMACLockingStaticStationEntry::=
|
|
SEQUENCE {
|
|
etsysMACLockingLockedAddress MacAddress,
|
|
etsysMACLockingStaticEntryRowStatus RowStatus
|
|
}
|
|
|
|
etsysMACLockingLockedAddress OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The MAC that has been locked to this port."
|
|
::= { etsysMACLockingStaticStationEntry 1 }
|
|
|
|
etsysMACLockingStaticEntryRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status column has six defined values:
|
|
|
|
- 'active', which indicates that a row shall
|
|
also exist or be created in etsysMACLockingStationTable
|
|
with the same index and the object
|
|
etsysMACLockingLockedEntryCause in that row
|
|
shall be static(1);
|
|
|
|
- 'notInService', which indicates the existence or causes
|
|
the creation of a row in this table. However, no
|
|
corresponding row shall exist or be created in
|
|
etsysMACLockingStationTable;
|
|
|
|
- 'notReady', will never be read in any row of
|
|
this table since existence is the only
|
|
requirement for this tables rows;
|
|
|
|
- 'createAndGo', which causes a new row to be
|
|
created in both this table and in the
|
|
etsysMACLockingStationTable with the same index
|
|
and the object etsysMACLockingLockedEntryCause
|
|
shall have the value static(1);
|
|
|
|
- 'createAndWait', which causes a new row to be
|
|
created in this table. However, no corresponding row
|
|
shall be created in etsysMACLockingStationTable;
|
|
and,
|
|
|
|
- 'destroy', which causes the agent to remove
|
|
this tables row along with the corresponding
|
|
row in etsysMACLockingStationTable."
|
|
::= { etsysMACLockingStaticStationEntry 2 }
|
|
|
|
|
|
-- -------------------------------------------------------------
|
|
-- The Station Based MAC Locking Table
|
|
-- -------------------------------------------------------------
|
|
|
|
etsysMACLockingStationTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF EtsysMACLockingStationEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table lists any locked MAC address for each
|
|
port along with their entry types. On each port in
|
|
the system, MACs can be locked. For each MAC locked
|
|
to a port, a row appears in this table.
|
|
|
|
When MAC locking is enabled on a port, the first
|
|
n packets received by the port has its source MAC
|
|
locked to the port and the locked cause displays
|
|
firstArrival(2) The value n is equal to the
|
|
etsysMACLockingFirstArrivalStationsAllocated object.
|
|
|
|
Additionally, management may explicitly lock a MAC to
|
|
a port by using the etsysMACLockingStationStaticTable.
|
|
For each entry in the static table that is active(1),
|
|
a corresponding entry appears in this table with its
|
|
etsysMACLockingLockedEntryCause object set to static(1)."
|
|
::= { etsysMACLockingStationBranch 1 }
|
|
|
|
etsysMACLockingStationEntry OBJECT-TYPE
|
|
SYNTAX EtsysMACLockingStationEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each conceptual row contains a locked cause which
|
|
describes how the MAC was locked on the port.
|
|
If etsysMACLockingSystemEnable is disabled(2), then
|
|
this table will be empty. This table contains entries
|
|
for those ports which have MAC locking enabled and
|
|
have locked MACs."
|
|
INDEX { etsysMACLockingPort, etsysMACLockingLockedAddress }
|
|
::= { etsysMACLockingStationTable 1 }
|
|
|
|
EtsysMACLockingStationEntry::=
|
|
SEQUENCE {
|
|
etsysMACLockingLockedEntryCause INTEGER,
|
|
etsysMACLockingRemoveStation TruthValue
|
|
}
|
|
|
|
etsysMACLockingLockedEntryCause OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
static(1),
|
|
firstArrival(2),
|
|
agingFirstArrival(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When management statically provisions a MAC onto this
|
|
port, then this object is returns static(1). If
|
|
this MAC was dynamically locked, then this object returns
|
|
firstArrival(2). If first arrival aging is enabled
|
|
on the port and the MAC address is dynamically locked, then
|
|
this object returns agingFirstArrival(3)."
|
|
::= { etsysMACLockingStationEntry 1 }
|
|
|
|
etsysMACLockingRemoveStation OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When this is object is set to true(1) the MAC
|
|
address specified by the indexing will be removed from
|
|
etsysMACLockingStationTable. If the
|
|
etsysMACLockingLockedEntryCause leaf for this table entry
|
|
is of type static(1), then the associated entry will also be
|
|
removed from the etsysMACLockingStaticStationTable.
|
|
A set to false(2) will have no effect. This object will
|
|
always return false(2)."
|
|
DEFVAL { false }
|
|
::= { etsysMACLockingStationEntry 2 }
|
|
|
|
-- -------------------------------------------------------------
|
|
-- MAC Locking Trap Branch
|
|
-- -------------------------------------------------------------
|
|
|
|
etsysMACLockingMACViolation NOTIFICATION-TYPE
|
|
OBJECTS { etsysMACLockingLastViolationAddress }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If MAC Locking is globally enabled and specifically
|
|
enabled for this port, then this trap is sent when
|
|
a packet is received with a source MAC that differs
|
|
from all the currently locked MACs for the port
|
|
specified in this instance of the notification."
|
|
::= { etsysMACLockingTrapBranch 1 }
|
|
|
|
etsysMACLockingMACThreshold NOTIFICATION-TYPE
|
|
OBJECTS { etsysMACLockingFirstArrivalStationsAllocated }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"MAC database threshold notification. The device will send this
|
|
notification when the MAC address threshold configured in the
|
|
etsysMACLockingFirstArrivalStationsAllocated object has been
|
|
reached so that the administrator can take appropriate action."
|
|
::= { etsysMACLockingTrapBranch 2 }
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Conformance Information
|
|
-- -------------------------------------------------------------
|
|
|
|
etsysMACLockingConformance
|
|
OBJECT IDENTIFIER ::= { etsysMACLockingMIB 2 }
|
|
|
|
etsysMACLockingGroups
|
|
OBJECT IDENTIFIER ::= { etsysMACLockingConformance 1 }
|
|
|
|
etsysMACLockingCompliances
|
|
OBJECT IDENTIFIER ::= { etsysMACLockingConformance 2 }
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Units of Conformance
|
|
-- -------------------------------------------------------------
|
|
|
|
etsysMACLockingSystemGroup OBJECT-GROUP
|
|
OBJECTS { etsysMACLockingSystemEnable }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects providing global configuration
|
|
for the MAC Locking feature."
|
|
::= { etsysMACLockingGroups 1 }
|
|
|
|
etsysMACLockingPortGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
etsysMACLockingEnable,
|
|
etsysMACLockingViolationEnable,
|
|
etsysMACLockingLastViolationAddress,
|
|
etsysMACLockingFirstArrivalStationsAllowed,
|
|
etsysMACLockingFirstArrivalStationsAllocated,
|
|
etsysMACLockingStaticStationsAllowed,
|
|
etsysMACLockingStaticStationsAllocated,
|
|
etsysMACLockingMoveFirstArrivalToStatic,
|
|
etsysMACLockingStaticStationsCount,
|
|
etsysMACLockingClearStaticStations
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects providing port based
|
|
configuration and status of MAC Locking."
|
|
::= { etsysMACLockingGroups 2 }
|
|
|
|
etsysMACLockingStationGroup OBJECT-GROUP
|
|
OBJECTS { etsysMACLockingLockedEntryCause }
|
|
STATUS deprecated
|
|
DESCRIPTION
|
|
"********* THIS GROUP IS DEPRECATED **********
|
|
|
|
A list of currently locked MACs."
|
|
::= { etsysMACLockingGroups 3 }
|
|
|
|
etsysMACLockingStaticStationGroup OBJECT-GROUP
|
|
OBJECTS { etsysMACLockingStaticEntryRowStatus }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A list of statically provisioned locked MACs.
|
|
This group is mandatory if static MAC locking
|
|
is supported, otherwise it is optional."
|
|
::= { etsysMACLockingGroups 4 }
|
|
|
|
etsysMACLockingPortFirstArrivalGroup OBJECT-GROUP
|
|
OBJECTS { etsysMACLockingFirstArrivalAging }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects providing port based
|
|
configuration of firstArrival MAC Locking."
|
|
::= { etsysMACLockingGroups 5 }
|
|
|
|
etsysMACLockingStationGroup2 OBJECT-GROUP
|
|
OBJECTS {
|
|
etsysMACLockingLockedEntryCause,
|
|
etsysMACLockingRemoveStation
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects providing status and configuration of
|
|
all currently locked MAC addresses."
|
|
::= { etsysMACLockingGroups 6 }
|
|
|
|
etsysMACLockingNotificationGroup NOTIFICATION-GROUP
|
|
NOTIFICATIONS {
|
|
etsysMACLockingMACViolation,
|
|
etsysMACLockingMACThreshold
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The MAC Locking notifications."
|
|
::= { etsysMACLockingGroups 7 }
|
|
|
|
etsysMACLockingPortMessageGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
etsysMACLockingViolationSyslogEnable,
|
|
etsysMACLockingThresholdEnable,
|
|
etsysMACLockingThresholdSyslogEnable
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects providing port based
|
|
configuration and status for MAC Locking syslog
|
|
messages and notifications."
|
|
::= { etsysMACLockingGroups 8 }
|
|
|
|
etsysMACLockingShutdownGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
etsysMACLockingThresholdShutdown,
|
|
etsysMACLockingShutdownState
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects providing port based
|
|
configuration and status for MAC Locking port shutdown."
|
|
::= { etsysMACLockingGroups 9 }
|
|
|
|
etsysMACLockingLinkGroup OBJECT-GROUP
|
|
OBJECTS { etsysMACLockingClearOnLink }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects providing port based
|
|
configuration of MAC Locking behavior based link state
|
|
changes."
|
|
::= { etsysMACLockingGroups 10 }
|
|
|
|
-- -------------------------------------------------------------
|
|
-- Compliance Statements
|
|
-- -------------------------------------------------------------
|
|
|
|
etsysMACLockingCompliance MODULE-COMPLIANCE
|
|
STATUS deprecated
|
|
DESCRIPTION
|
|
"******** THIS COMPLIANCE IS DEPRECATED ********
|
|
|
|
The compliance statement for devices that support MAC
|
|
Locking."
|
|
MODULE
|
|
MANDATORY-GROUPS
|
|
{
|
|
etsysMACLockingSystemGroup,
|
|
etsysMACLockingPortGroup,
|
|
etsysMACLockingStationGroup
|
|
}
|
|
::= { etsysMACLockingCompliances 1 }
|
|
|
|
etsysMACLockingPortFirstArrivalCompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for all devices that support
|
|
aging first arrival mac lock entries on a per port basis."
|
|
|
|
MODULE
|
|
GROUP etsysMACLockingPortFirstArrivalGroup
|
|
DESCRIPTION
|
|
"This group is mandatory for all devices that support
|
|
aging first arrival mac lock entries on a per port basis."
|
|
::= { etsysMACLockingCompliances 2 }
|
|
|
|
etsysMACLockingCompliance2 MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for devices that support MAC
|
|
Locking."
|
|
MODULE
|
|
MANDATORY-GROUPS
|
|
{
|
|
etsysMACLockingSystemGroup,
|
|
etsysMACLockingPortGroup,
|
|
etsysMACLockingStationGroup2
|
|
}
|
|
::= { etsysMACLockingCompliances 3 }
|
|
|
|
etsysMACLockingNotificationCompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for all devices that support
|
|
notifications and syslog messages for MAC Locking events."
|
|
MODULE
|
|
MANDATORY-GROUPS
|
|
{
|
|
etsysMACLockingNotificationGroup,
|
|
etsysMACLockingPortMessageGroup
|
|
}
|
|
::= { etsysMACLockingCompliances 4 }
|
|
|
|
etsysMACLockingShutdownCompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for all devices that support
|
|
port shutdown for MAC Locking events."
|
|
MODULE
|
|
MANDATORY-GROUPS
|
|
{
|
|
etsysMACLockingShutdownGroup
|
|
}
|
|
::= { etsysMACLockingCompliances 5 }
|
|
|
|
etsysMACLockingLinkCompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for all devices that support
|
|
per port MAC locking behaviors based on the link state of
|
|
the port."
|
|
MODULE
|
|
MANDATORY-GROUPS
|
|
{
|
|
etsysMACLockingLinkGroup
|
|
}
|
|
::= { etsysMACLockingCompliances 6 }
|
|
|
|
etsysMACLockingStaticStationCompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for all devices that support
|
|
static mac lock entries on a per port basis."
|
|
|
|
MODULE
|
|
GROUP etsysMACLockingStaticStationGroup
|
|
DESCRIPTION
|
|
"This group is mandatory for all devices that support
|
|
static mac lock entries on a per port basis."
|
|
::= { etsysMACLockingCompliances 7 }
|
|
|
|
END
|