2566 lines
88 KiB
Plaintext
2566 lines
88 KiB
Plaintext
TIMETRA-MACSEC-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
VlanIdOrNone
|
|
FROM IEEE8021-CFM-MIB
|
|
MODULE-COMPLIANCE, NOTIFICATION-GROUP,
|
|
OBJECT-GROUP
|
|
FROM SNMPv2-CONF
|
|
Counter32, Counter64, Integer32,
|
|
MODULE-IDENTITY, NOTIFICATION-TYPE,
|
|
OBJECT-TYPE, Unsigned32
|
|
FROM SNMPv2-SMI
|
|
DisplayString, MacAddress, RowStatus,
|
|
TimeStamp, TruthValue
|
|
FROM SNMPv2-TC
|
|
timetraSRMIBModules, tmnxSRConfs,
|
|
tmnxSRNotifyPrefix, tmnxSRObjs
|
|
FROM TIMETRA-GLOBAL-MIB
|
|
TItemDescription, TNamedItem,
|
|
TNamedItemOrEmpty, TmnxAdminState,
|
|
TmnxEncapVal, TmnxOperState, TmnxPortID
|
|
FROM TIMETRA-TC-MIB
|
|
;
|
|
|
|
timetraMacsecMIBModule MODULE-IDENTITY
|
|
LAST-UPDATED "201702150000Z"
|
|
ORGANIZATION "Nokia"
|
|
CONTACT-INFO
|
|
"Nokia SROS Support
|
|
Web: http://www.nokia.com"
|
|
DESCRIPTION
|
|
"This document is the SNMP MIB module for the Nokia SROS implementation
|
|
of Macsec.
|
|
|
|
Copyright (c) 2014-2018 Nokia. All rights reserved. Reproduction of
|
|
this document is authorized on the condition that the foregoing
|
|
copyright notice is included.
|
|
|
|
This SNMP MIB module (Specification) embodies Nokia's
|
|
proprietary intellectual property. Nokia retains all
|
|
title and ownership in the Specification, including any
|
|
revisions.
|
|
|
|
Nokia grants all interested parties a non-exclusive license to use and
|
|
distribute an unmodified copy of this Specification in connection with
|
|
management of Nokia products, and without fee, provided this copyright
|
|
notice and license appear on all copies.
|
|
|
|
This Specification is supplied `as is', and Nokia makes no warranty,
|
|
either express or implied, as to the use, operation, condition, or
|
|
performance of the Specification."
|
|
|
|
REVISION "201702150000Z"
|
|
DESCRIPTION
|
|
"Rev 0.1 15 Feb 2017 00:00
|
|
Initial Version of the TIMETRA-MACSEC-MIB."
|
|
|
|
::= { timetraSRMIBModules 114 }
|
|
|
|
tmnxMacsecObjects OBJECT IDENTIFIER ::= { tmnxSRObjs 114 }
|
|
|
|
tmnxMacsecConfigTimestamps OBJECT IDENTIFIER ::= { tmnxMacsecObjects 1 }
|
|
|
|
tmnxMacsecConnAssocTableLstChngd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecConnAssocTableLstChngd indicates the time,
|
|
since system startup, when tmnxMacsecConnAssocTable last changed
|
|
configuration."
|
|
::= { tmnxMacsecConfigTimestamps 1 }
|
|
|
|
tmnxMacsecStaticCakTableLstChngd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecStaticCakTableLstChngd indicates the time,
|
|
since system startup, when tmnxMacsecStaticCakTable last changed
|
|
configuration."
|
|
::= { tmnxMacsecConfigTimestamps 2 }
|
|
|
|
tmnxMacsecPreSharedKeyTblLstChng OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPreSharedKeyTblLstChng indicates the time,
|
|
since system startup, when tmnxMacsecPreSharedKeyTable last changed
|
|
configuration."
|
|
::= { tmnxMacsecConfigTimestamps 3 }
|
|
|
|
tmnxMacsecPortTableLastChanged OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortTableLastChanged indicates the time, since
|
|
system startup, when tmnxMacsecPortTable last changed configuration."
|
|
::= { tmnxMacsecConfigTimestamps 4 }
|
|
|
|
tmnxMacsecConfigurations OBJECT IDENTIFIER ::= { tmnxMacsecObjects 2 }
|
|
|
|
tmnxMacsecConfigurationObjects OBJECT IDENTIFIER ::= { tmnxMacsecConfigurations 1 }
|
|
|
|
tmnxMacsecConnAssocTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TmnxMacsecConnAssocEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tmnxMacsecConnAssocTable contains configuration information for
|
|
Connectivity Association (CA) entries."
|
|
::= { tmnxMacsecConfigurations 2 }
|
|
|
|
tmnxMacsecConnAssocEntry OBJECT-TYPE
|
|
SYNTAX TmnxMacsecConnAssocEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each tmnxMacsecConnAssocEntry represents a connectivity association in
|
|
the system and contains its configuration information.
|
|
|
|
Entries in this table are created and destroyed via SNMP set
|
|
operations to tmnxMacsecConnAssocRowStatus."
|
|
INDEX { tmnxMacsecConnAssocName }
|
|
::= { tmnxMacsecConnAssocTable 1 }
|
|
|
|
TmnxMacsecConnAssocEntry ::= SEQUENCE
|
|
{
|
|
tmnxMacsecConnAssocName TNamedItem,
|
|
tmnxMacsecConnAssocLastChanged TimeStamp,
|
|
tmnxMacsecConnAssocRowStatus RowStatus,
|
|
tmnxMacsecConnAssocAdminState TmnxAdminState,
|
|
tmnxMacsecConnAssocDescription TItemDescription,
|
|
tmnxMacsecConnAssocMacsecEncrypt TruthValue,
|
|
tmnxMacsecConnAssocClearTagMode INTEGER,
|
|
tmnxMacsecConnAssocReplayWndwSz Unsigned32,
|
|
tmnxMacsecConnAssocReplayProtect TruthValue,
|
|
tmnxMacsecConnAssocCipherSuite INTEGER,
|
|
tmnxMacsecConnAssocEncrptnOffset Unsigned32,
|
|
tmnxMacsecConnAssocDelayProtectn TruthValue
|
|
}
|
|
|
|
tmnxMacsecConnAssocName OBJECT-TYPE
|
|
SYNTAX TNamedItem
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecConnAssocName specifies the ID of the
|
|
connectivity association."
|
|
::= { tmnxMacsecConnAssocEntry 1 }
|
|
|
|
tmnxMacsecConnAssocLastChanged OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecConnAssocLastChanged indicates the time, since
|
|
system startup, that the configuration of the row was last modified."
|
|
::= { tmnxMacsecConnAssocEntry 2 }
|
|
|
|
tmnxMacsecConnAssocRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecConnAssocRowStatus specifies the status of the
|
|
row. It also controls the creation and deletion of the row."
|
|
::= { tmnxMacsecConnAssocEntry 3 }
|
|
|
|
tmnxMacsecConnAssocAdminState OBJECT-TYPE
|
|
SYNTAX TmnxAdminState
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecConnAssocAdminState specifies the admin state
|
|
of the connectivity association."
|
|
DEFVAL { outOfService }
|
|
::= { tmnxMacsecConnAssocEntry 4 }
|
|
|
|
tmnxMacsecConnAssocDescription OBJECT-TYPE
|
|
SYNTAX TItemDescription
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecConnAssocDescription specifies the description
|
|
of the connectivity association."
|
|
DEFVAL { "" }
|
|
::= { tmnxMacsecConnAssocEntry 5 }
|
|
|
|
tmnxMacsecConnAssocMacsecEncrypt OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecConnAssocMacsecEncrypt specifies whether all
|
|
PDUs will be encrypted and authenticated."
|
|
DEFVAL { true }
|
|
::= { tmnxMacsecConnAssocEntry 6 }
|
|
|
|
tmnxMacsecConnAssocClearTagMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
none (0),
|
|
single-tag (1),
|
|
dual-tag (2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecConnAssocClearTagMode specifies the clear tag
|
|
mode."
|
|
DEFVAL { none }
|
|
::= { tmnxMacsecConnAssocEntry 7 }
|
|
|
|
tmnxMacsecConnAssocReplayWndwSz OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..4294967294)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecConnAssocReplayWndwSz specifies the size of the
|
|
replay protection window."
|
|
REFERENCE
|
|
"IEEE 802.1AE-2006 'Media Access Control (MAC) Security',
|
|
Section 10.6, 'Secure frame verification', 2006."
|
|
DEFVAL { 0 }
|
|
::= { tmnxMacsecConnAssocEntry 10 }
|
|
|
|
tmnxMacsecConnAssocReplayProtect OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecConnAssocReplayProtect specifies whether replay
|
|
protection is enabled."
|
|
REFERENCE
|
|
"IEEE 802.1AE-2006 'Media Access Control (MAC) Security',
|
|
Section 10.6, 'Secure frame verification', 2006."
|
|
DEFVAL { false }
|
|
::= { tmnxMacsecConnAssocEntry 11 }
|
|
|
|
tmnxMacsecConnAssocCipherSuite OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
gcm-aes-128 (1),
|
|
gcm-aes-256 (2),
|
|
gcm-aes-xpn-128 (3),
|
|
gcm-aes-xpn-256 (4)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecConnAssocCipherSuite specifies the encryption
|
|
algorithm used for datapath PDUs when all parties in the CA have the
|
|
Security Association Key (SAK)."
|
|
DEFVAL { gcm-aes-128 }
|
|
::= { tmnxMacsecConnAssocEntry 12 }
|
|
|
|
tmnxMacsecConnAssocEncrptnOffset OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0 | 30 | 50)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecConnAssocEncrptnOffset specifies the encryption
|
|
offset of the connectivity association.
|
|
|
|
When tmnxMacsecConnAssocEncrptnOffset has a value of 0, the entire
|
|
payload will be encrypted.
|
|
|
|
When tmnxMacsecConnAssocEncrptnOffset has a value of 30, the IPv4
|
|
header will be left unencrypted.
|
|
|
|
When tmnxMacsecConnAssocEncrptnOffset has a value of 50, the IPv6
|
|
header will be left unencrypted."
|
|
DEFVAL { 0 }
|
|
::= { tmnxMacsecConnAssocEntry 13 }
|
|
|
|
tmnxMacsecConnAssocDelayProtectn OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecConnAssocDelayProtectn specifies whether data
|
|
delay protection is enabled. Data delay protection allows MKA
|
|
participants to ensure that the data frames protected by MACsec are
|
|
not delayed by more than 2 seconds"
|
|
DEFVAL { false }
|
|
::= { tmnxMacsecConnAssocEntry 14 }
|
|
|
|
tmnxMacsecStaticCakTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TmnxMacsecStaticCakEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tmnxMacsecStaticCakTable augments the tmnxMacsecConnAssocTable. It
|
|
contains configuration information for static Connectivity Association
|
|
Key (CAK)."
|
|
::= { tmnxMacsecConfigurations 3 }
|
|
|
|
tmnxMacsecStaticCakEntry OBJECT-TYPE
|
|
SYNTAX TmnxMacsecStaticCakEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each tmnxMacsecStaticCakEntry represents a static CAK in the system
|
|
and contains its configuration information.
|
|
|
|
Entries in this table are created and destroyed automatically by the
|
|
system."
|
|
AUGMENTS { tmnxMacsecConnAssocEntry }
|
|
::= { tmnxMacsecStaticCakTable 1 }
|
|
|
|
TmnxMacsecStaticCakEntry ::= SEQUENCE
|
|
{
|
|
tmnxMacsecStaticCakLastChanged TimeStamp,
|
|
tmnxMacsecStaticCakKeyServerPrio Unsigned32,
|
|
tmnxMacsecStaticCakActivePsk Unsigned32,
|
|
tmnxMacsecStaticCakMkaHelloInt Unsigned32
|
|
}
|
|
|
|
tmnxMacsecStaticCakLastChanged OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecStaticCakLastChanged indicates the time, since
|
|
system startup, that the configuration of the row was last modified."
|
|
::= { tmnxMacsecStaticCakEntry 1 }
|
|
|
|
tmnxMacsecStaticCakKeyServerPrio OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..255)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecStaticCakKeyServerPrio specifies the
|
|
key server priority used by the MACsec Key Agreement (MKA)
|
|
protocol to select the key server when MACsec is enabled
|
|
using static CAK security mode."
|
|
DEFVAL { 16 }
|
|
::= { tmnxMacsecStaticCakEntry 2 }
|
|
|
|
tmnxMacsecStaticCakActivePsk OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..2)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecStaticCakActivePsk specifies the active
|
|
pre-shared-key for encrypting outgoing MKA PDUs.
|
|
|
|
Pre-shared-keys are defined in the tmnxMacsecPreSharedKeyTable."
|
|
DEFVAL { 1 }
|
|
::= { tmnxMacsecStaticCakEntry 3 }
|
|
|
|
tmnxMacsecStaticCakMkaHelloInt OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..6 | 500)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecStaticCakMkaHelloInt specifies the time
|
|
interval between each MKA hello.
|
|
|
|
When the value is 1 to 6, the time interval is specified in seconds.
|
|
When the value is 500, the time interval is 500 milliseconds."
|
|
DEFVAL { 2 }
|
|
::= { tmnxMacsecStaticCakEntry 4 }
|
|
|
|
tmnxMacsecPreSharedKeyTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TmnxMacsecPreSharedKeyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tmnxMacsecPreSharedKeyTable contains configuration information for
|
|
preshared keys."
|
|
::= { tmnxMacsecConfigurations 4 }
|
|
|
|
tmnxMacsecPreSharedKeyEntry OBJECT-TYPE
|
|
SYNTAX TmnxMacsecPreSharedKeyEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each tmnxMacsecPreSharedKeyEntry represents a preshared key in the
|
|
system and contains its configuration information.
|
|
|
|
Entries in this table are created and destroyed via SNMP set
|
|
operations to the tmnxMacsecPreSharedKeyRowStatus."
|
|
INDEX {
|
|
tmnxMacsecConnAssocName,
|
|
tmnxMacsecPreSharedKeyIndex
|
|
}
|
|
::= { tmnxMacsecPreSharedKeyTable 1 }
|
|
|
|
TmnxMacsecPreSharedKeyEntry ::= SEQUENCE
|
|
{
|
|
tmnxMacsecPreSharedKeyIndex Unsigned32,
|
|
tmnxMacsecPreSharedKeyLastChangd TimeStamp,
|
|
tmnxMacsecPreSharedKeyRowStatus RowStatus,
|
|
tmnxMacsecPreSharedKeyEncrptType INTEGER,
|
|
tmnxMacsecPreSharedKeyCak DisplayString,
|
|
tmnxMacsecPreSharedKeyCakName DisplayString
|
|
}
|
|
|
|
tmnxMacsecPreSharedKeyIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..2)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPreSharedKeyIndex specifies the index of this
|
|
pre-shared-key."
|
|
::= { tmnxMacsecPreSharedKeyEntry 1 }
|
|
|
|
tmnxMacsecPreSharedKeyLastChangd OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPreSharedKeyLastChangd indicates the time,
|
|
since system startup, that the configuration of the row was last
|
|
modified."
|
|
::= { tmnxMacsecPreSharedKeyEntry 2 }
|
|
|
|
tmnxMacsecPreSharedKeyRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPreSharedKeyRowStatus specifies the status of
|
|
the row. It also controls the creation and deletion of the row."
|
|
::= { tmnxMacsecPreSharedKeyEntry 3 }
|
|
|
|
tmnxMacsecPreSharedKeyEncrptType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
aes-128-cmac (1),
|
|
aes-256-cmac (2)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPreSharedKeyEncrptType specifies the encryption
|
|
type used for encrypting the MKA packets."
|
|
DEFVAL { aes-128-cmac }
|
|
::= { tmnxMacsecPreSharedKeyEntry 4 }
|
|
|
|
tmnxMacsecPreSharedKeyCak OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (0..64))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPreSharedKeyCak specifies the CAK for this
|
|
pre-shared-key. This value is used to derive the KEK (key encryption
|
|
key) and the ICK (integrity check value).
|
|
|
|
This value is write-only and will appear empty when checking from
|
|
SNMP."
|
|
DEFVAL { ''H }
|
|
::= { tmnxMacsecPreSharedKeyEntry 5 }
|
|
|
|
tmnxMacsecPreSharedKeyCakName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (0..64))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPreSharedKeyCakName specifies the name of the
|
|
CAK (CKN) for this pre-shared-key."
|
|
DEFVAL { ''H }
|
|
::= { tmnxMacsecPreSharedKeyEntry 6 }
|
|
|
|
tmnxMacsecPortTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TmnxMacsecPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tmnxMacsecPortTable contains the configuration information for
|
|
MACsec on Ethernet ports in the system."
|
|
::= { tmnxMacsecConfigurations 5 }
|
|
|
|
tmnxMacsecPortEntry OBJECT-TYPE
|
|
SYNTAX TmnxMacsecPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each tmnxMacsecPortEntry represents a subport on an Ethernet port in
|
|
the system and contains its MACsec configuration information.
|
|
|
|
Entries in this table are created and destroyed via SNMP set
|
|
operations to tmnxMacsecPortRowStatus."
|
|
INDEX {
|
|
tmnxMacsecPortId,
|
|
tmnxMacsecVlanId
|
|
}
|
|
::= { tmnxMacsecPortTable 1 }
|
|
|
|
TmnxMacsecPortEntry ::= SEQUENCE
|
|
{
|
|
tmnxMacsecPortId TmnxPortID,
|
|
tmnxMacsecVlanId Integer32,
|
|
tmnxMacsecPortLastChanged TimeStamp,
|
|
tmnxMacsecPortEapolDestAddress MacAddress,
|
|
tmnxMacsecPortCaName TNamedItemOrEmpty,
|
|
tmnxMacsecPortAdminState TmnxAdminState,
|
|
tmnxMacsecPortMaxPeers Unsigned32,
|
|
tmnxMacsecPortExcludeLacp TruthValue,
|
|
tmnxMacsecPortExcludeLldp TruthValue,
|
|
tmnxMacsecPortExcludeCdp TruthValue,
|
|
tmnxMacsecPortExcludeEapolStart TruthValue,
|
|
tmnxMacsecPortRxTrafficEncrption TruthValue,
|
|
tmnxMacsecPortRowStatus RowStatus,
|
|
tmnxMacsecPortEncapType INTEGER,
|
|
tmnxMacsecPortEncapMatch TmnxEncapVal
|
|
}
|
|
|
|
tmnxMacsecPortId OBJECT-TYPE
|
|
SYNTAX TmnxPortID
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortId specifies the port identifier of the
|
|
MACsec port."
|
|
::= { tmnxMacsecPortEntry 1 }
|
|
|
|
tmnxMacsecVlanId OBJECT-TYPE
|
|
SYNTAX Integer32 (1..1023)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecVlanId specifies ID of the sub port on the
|
|
system.
|
|
|
|
Only a value of '1' is supported in SROS release 16.0."
|
|
::= { tmnxMacsecPortEntry 2 }
|
|
|
|
tmnxMacsecPortLastChanged OBJECT-TYPE
|
|
SYNTAX TimeStamp
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortLastChanged indicates the time, since
|
|
system startup, that the confirmation of the row was last modified."
|
|
::= { tmnxMacsecPortEntry 3 }
|
|
|
|
tmnxMacsecPortEapolDestAddress OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortEapolDestAddress specifies the MAC address
|
|
of the destination Extensible Authentication Protocol over LAN
|
|
(EAPoL)."
|
|
DEFVAL { '000000000000'H }
|
|
::= { tmnxMacsecPortEntry 4 }
|
|
|
|
tmnxMacsecPortCaName OBJECT-TYPE
|
|
SYNTAX TNamedItemOrEmpty
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortCaName specifies the connectivity
|
|
association (CA) name in use on this port."
|
|
DEFVAL { ''H }
|
|
::= { tmnxMacsecPortEntry 5 }
|
|
|
|
tmnxMacsecPortAdminState OBJECT-TYPE
|
|
SYNTAX TmnxAdminState
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortAdminState specifies the operational state
|
|
of MACsec on this port."
|
|
DEFVAL { outOfService }
|
|
::= { tmnxMacsecPortEntry 6 }
|
|
|
|
tmnxMacsecPortMaxPeers OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..32)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortMaxPeers specifies the maximum number of
|
|
peers supported on this port."
|
|
DEFVAL { 0 }
|
|
::= { tmnxMacsecPortEntry 7 }
|
|
|
|
tmnxMacsecPortExcludeLacp OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortExcludeLacp specifies whether packets with
|
|
Link Aggregation Control Protocol will be excluded from MACsec on this
|
|
port."
|
|
DEFVAL { false }
|
|
::= { tmnxMacsecPortEntry 8 }
|
|
|
|
tmnxMacsecPortExcludeLldp OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortExcludeLldp specifies whether packets with
|
|
Link Layer Discovery Protocol will be excluded from MACsec on this
|
|
port."
|
|
DEFVAL { false }
|
|
::= { tmnxMacsecPortEntry 9 }
|
|
|
|
tmnxMacsecPortExcludeCdp OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortExcludeCdp specifies whether packets with
|
|
Cisco Discovery Protocol will be excluded from MACsec on this port."
|
|
DEFVAL { false }
|
|
::= { tmnxMacsecPortEntry 10 }
|
|
|
|
tmnxMacsecPortExcludeEapolStart OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortExcludeEapolStart specifies whether packets
|
|
with Extensible Authentication Protocol over Lan will be excluded from
|
|
MACsec on this port."
|
|
DEFVAL { false }
|
|
::= { tmnxMacsecPortEntry 11 }
|
|
|
|
tmnxMacsecPortRxTrafficEncrption OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortRxTrafficEncrption specifies whether
|
|
received traffic must be encrypted.
|
|
|
|
When the value of tmnxMacsecPortRxTrafficEncrption is 'true', all
|
|
received traffic that is not MACsec-secured will be dropped.
|
|
|
|
When the value of tmnxMacsecPortRxTrafficEncrption is 'false', all
|
|
received traffic will be accepted whether MACsec secured or not."
|
|
DEFVAL { false }
|
|
::= { tmnxMacsecPortEntry 12 }
|
|
|
|
tmnxMacsecPortRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortRowStatus specifies the status of the row.
|
|
It also controls the creation and deletion of the row."
|
|
::= { tmnxMacsecPortEntry 13 }
|
|
|
|
tmnxMacsecPortEncapType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
all-match (1),
|
|
untagged (2),
|
|
single-tag (3),
|
|
double-tag (4)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortEncapType specifies the type of the encap
|
|
value."
|
|
DEFVAL { all-match }
|
|
::= { tmnxMacsecPortEntry 14 }
|
|
|
|
tmnxMacsecPortEncapMatch OBJECT-TYPE
|
|
SYNTAX TmnxEncapVal
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortEncapMatch specifies the encapsulateion
|
|
value of this subport.
|
|
|
|
This value is only used when tmnxMacsecPortEncapType is set to
|
|
single-tag (3) or double-tag (4)."
|
|
::= { tmnxMacsecPortEntry 15 }
|
|
|
|
tmnxMacsecPortGlobalTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TmnxMacsecPortGlobalEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tmnxMacsecPortGlobalTable contains the configuration information
|
|
for MACsec on Ethernet ports in the system."
|
|
::= { tmnxMacsecConfigurations 6 }
|
|
|
|
tmnxMacsecPortGlobalEntry OBJECT-TYPE
|
|
SYNTAX TmnxMacsecPortGlobalEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each tmnxMacsecPortGlobalEntry represents a port in the sytem and
|
|
contains its MACsec configuration information.
|
|
|
|
Entries in this table are created automaticall by the system and
|
|
cannot be created or destroyed via SNMP SET operations."
|
|
INDEX { tmnxMacsecPortId }
|
|
::= { tmnxMacsecPortGlobalTable 1 }
|
|
|
|
TmnxMacsecPortGlobalEntry ::= SEQUENCE
|
|
{
|
|
tmnxMacsecPortGlobalRxTrafEncrpt TruthValue,
|
|
tmnxMacsecPortGlobalExcludeLacp TruthValue,
|
|
tmnxMacsecPortGlobalExcludeLldp TruthValue,
|
|
tmnxMacsecPortGlobalExcludeCdp TruthValue,
|
|
tmnxMacsecPortGlblExcldEaplStart TruthValue,
|
|
tmnxMacsecPortGlobalExcldeEfmOam TruthValue,
|
|
tmnxMacsecPortGlobalExcldeEthCfm TruthValue,
|
|
tmnxMacsecPortGlobalExcludePtp TruthValue,
|
|
tmnxMacsecPortGlobalExcludeUbfd TruthValue,
|
|
tmnxMacsecPortGlblExcldMacPolicy Unsigned32
|
|
}
|
|
|
|
tmnxMacsecPortGlobalRxTrafEncrpt OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortGlobalRxTrafEncrpt specifies whether
|
|
received traffic must be encrypted.
|
|
|
|
When the value of tmnxMacsecPortGlobalRxTrafEncrpt is 'true', all
|
|
received traffic that is not MACsec-secured will be dropped.
|
|
|
|
When the value of tmnxMacsecPortGlobalRxTrafEncrpt is 'false', all
|
|
received traffic will be accepted whether MACsec secured or not."
|
|
DEFVAL { false }
|
|
::= { tmnxMacsecPortGlobalEntry 1 }
|
|
|
|
tmnxMacsecPortGlobalExcludeLacp OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortGlobalExcludeLacp specifies whether packets
|
|
with Link Aggregation Control Protocol will be excluded from MACsec on
|
|
this port."
|
|
DEFVAL { false }
|
|
::= { tmnxMacsecPortGlobalEntry 2 }
|
|
|
|
tmnxMacsecPortGlobalExcludeLldp OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortGlobalExcludeLldp specifies whether packets
|
|
with Link Layer Discovery Protocol will be excluded from MACsec on
|
|
this port."
|
|
DEFVAL { false }
|
|
::= { tmnxMacsecPortGlobalEntry 3 }
|
|
|
|
tmnxMacsecPortGlobalExcludeCdp OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortGlobalExcludeCdp specifies whether packets
|
|
with Cisco Discovery Protocol will be excluded from MACsec on this
|
|
port."
|
|
DEFVAL { false }
|
|
::= { tmnxMacsecPortGlobalEntry 4 }
|
|
|
|
tmnxMacsecPortGlblExcldEaplStart OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortGlblExcldEaplStart specifies whether
|
|
packets with Extensible Authentication Protocol over Lan will be
|
|
excluded from MACsec on this port."
|
|
DEFVAL { false }
|
|
::= { tmnxMacsecPortGlobalEntry 5 }
|
|
|
|
tmnxMacsecPortGlobalExcldeEfmOam OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortGlobalExcldeEfmOam specifies whether
|
|
packets with ethernet OAM will be excluded from MACsec on this port."
|
|
DEFVAL { false }
|
|
::= { tmnxMacsecPortGlobalEntry 6 }
|
|
|
|
tmnxMacsecPortGlobalExcldeEthCfm OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortGlobalExcldeEthCfm specifies whether
|
|
packets with Ethernet Connectivity Fault Management will be excluded
|
|
from MACsec on this port."
|
|
DEFVAL { false }
|
|
::= { tmnxMacsecPortGlobalEntry 7 }
|
|
|
|
tmnxMacsecPortGlobalExcludePtp OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortGlobalExcludePtp specifies whether peer to
|
|
peer packets will be excluded from MACsec on this port."
|
|
DEFVAL { false }
|
|
::= { tmnxMacsecPortGlobalEntry 8 }
|
|
|
|
tmnxMacsecPortGlobalExcludeUbfd OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortGlobalExcludeUbfd specifies whether packets
|
|
with micro Bidirectional Forwarding Detection protocol will be
|
|
excluded from MACsec on this port."
|
|
DEFVAL { false }
|
|
::= { tmnxMacsecPortGlobalEntry 9 }
|
|
|
|
tmnxMacsecPortGlblExcldMacPolicy OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0 | 1..1024)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortGlblExcldMacPolicy specifies the mac policy
|
|
to be used for excluding destination mac addresses for MACsec on this
|
|
port."
|
|
DEFVAL { 0 }
|
|
::= { tmnxMacsecPortGlobalEntry 10 }
|
|
|
|
tmnxMacsecMacPolicyGroupTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TmnxMacsecMacPolicyGroupEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tmnxMacsecMacPolicyGroupTable contains the configuration
|
|
information for MACsec mac address policy groups in the system"
|
|
::= { tmnxMacsecConfigurations 7 }
|
|
|
|
tmnxMacsecMacPolicyGroupEntry OBJECT-TYPE
|
|
SYNTAX TmnxMacsecMacPolicyGroupEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each tmnxMacsecMacPolicyGroupEntry represents a mac policy group in
|
|
the system.
|
|
|
|
Entries in this table are created and destroyed via SNMP set
|
|
operations to tmnxMacsecPortRowStatus."
|
|
INDEX { tmnxMacsecMacPolicyId }
|
|
::= { tmnxMacsecMacPolicyGroupTable 1 }
|
|
|
|
TmnxMacsecMacPolicyGroupEntry ::= SEQUENCE
|
|
{
|
|
tmnxMacsecMacPolicyId Unsigned32,
|
|
tmnxMacsecMacPolicyGrpRowStatus RowStatus
|
|
}
|
|
|
|
tmnxMacsecMacPolicyId OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..1024)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMacPolicyId specifies the policy ID of this row
|
|
and is referenced by tmnxMacsecPortGlblExcldMacPolicy."
|
|
::= { tmnxMacsecMacPolicyGroupEntry 1 }
|
|
|
|
tmnxMacsecMacPolicyGrpRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMacPolicyGrpRowStatus specifies the status of
|
|
the row. It also controls the creation and deletion of the row."
|
|
::= { tmnxMacsecMacPolicyGroupEntry 2 }
|
|
|
|
tmnxMacsecDestMacAddressTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TmnxMacsecDestMacAddressEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tmnxMacsecDestMacAddressTable contains the configuration
|
|
information for destination mac addresses in mac policies."
|
|
::= { tmnxMacsecConfigurations 8 }
|
|
|
|
tmnxMacsecDestMacAddressEntry OBJECT-TYPE
|
|
SYNTAX TmnxMacsecDestMacAddressEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each tmnxMacsecDestMacAddressEntry represents a destination mac
|
|
address in a policy group in the system.
|
|
|
|
Entries in this table are created and destroyed via SNMP set
|
|
operations to tmnxMacsecPortRowStatus."
|
|
INDEX {
|
|
tmnxMacsecMacPolicyId,
|
|
tmnxMacsecDestMacAddress
|
|
}
|
|
::= { tmnxMacsecDestMacAddressTable 2 }
|
|
|
|
TmnxMacsecDestMacAddressEntry ::= SEQUENCE
|
|
{
|
|
tmnxMacsecDestMacAddress MacAddress,
|
|
tmnxMacsecDestMacAddrRowStatus RowStatus
|
|
}
|
|
|
|
tmnxMacsecDestMacAddress OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecDestMacAddress specifies the destination mac
|
|
address of this row."
|
|
::= { tmnxMacsecDestMacAddressEntry 1 }
|
|
|
|
tmnxMacsecDestMacAddrRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecDestMacAddrRowStatus specifies the status of
|
|
the row. It also controls the creation and deletion of the row."
|
|
::= { tmnxMacsecDestMacAddressEntry 2 }
|
|
|
|
tmnxMacsecStats OBJECT IDENTIFIER ::= { tmnxMacsecObjects 3 }
|
|
|
|
tmnxMacsecStatsObjects OBJECT IDENTIFIER ::= { tmnxMacsecStats 1 }
|
|
|
|
tmnxMacsecMkaStatsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TmnxMacsecMkaStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tmnxMacsecMkaStatsTable contains stats information for MKA on a
|
|
subport on a port in the system."
|
|
::= { tmnxMacsecStats 2 }
|
|
|
|
tmnxMacsecMkaStatsEntry OBJECT-TYPE
|
|
SYNTAX TmnxMacsecMkaStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each tmnxMacsecMkaStatsEntry represents an MKA for a subport on a port
|
|
in the system and contains MKA statistical information for that MKA.
|
|
|
|
Entries in this table are created automatically by the system and
|
|
cannot be created or destroyed via SNMP SET operations."
|
|
INDEX {
|
|
tmnxMacsecPortId,
|
|
tmnxMacsecVlanId,
|
|
tmnxMacsecCkn
|
|
}
|
|
::= { tmnxMacsecMkaStatsTable 1 }
|
|
|
|
TmnxMacsecMkaStatsEntry ::= SEQUENCE
|
|
{
|
|
tmnxMacsecCkn OCTET STRING,
|
|
tmnxMacsecMkaStatsMemberId OCTET STRING,
|
|
tmnxMacsecMkaStatsCakName DisplayString,
|
|
tmnxMacsecMkaStatsTransmitInt Unsigned32,
|
|
tmnxMacsecMkaStatsOutboundSci OCTET STRING,
|
|
tmnxMacsecMkaStatsMessageNumber Unsigned32,
|
|
tmnxMacsecMkaStatsKeyNumber Unsigned32,
|
|
tmnxMacsecMkaStatsKeyServer TruthValue,
|
|
tmnxMacsecMkaStatsKeyServerPrio Unsigned32,
|
|
tmnxMacsecMkaStatsLatestSakAn Unsigned32,
|
|
tmnxMacsecMkaStatsLatestSakKi OCTET STRING,
|
|
tmnxMacsecMkaStatsPreviousSakAn Unsigned32,
|
|
tmnxMacsecMkaStatsPreviousSakKi OCTET STRING,
|
|
tmnxMacsecMkaStatsPeerRemTimeout Counter64,
|
|
tmnxMacsecMkaStatsCknNotFound Counter64,
|
|
tmnxMacsecMkaStatsNewLivePeer Counter64,
|
|
tmnxMacsecMkaStatsSakGenerated Counter64,
|
|
tmnxMacsecMkaStatsSakInstalledTx Counter64,
|
|
tmnxMacsecMkaStatsSakInstalledRx Counter64,
|
|
tmnxMacsecMkaStatsPduTooSmall Counter64,
|
|
tmnxMacsecMkaStatsPduTooBig Counter64,
|
|
tmnxMacsecMkaStatsPduNotQuadSize Counter64,
|
|
tmnxMacsecMkaStatsPduInvalidNum Counter64,
|
|
tmnxMacsecMkaStatsParamSzInvalid Counter64,
|
|
tmnxMacsecMkaStatsLvnessChckFail Counter64,
|
|
tmnxMacsecMkaStatsParamNotQuadSz Counter64,
|
|
tmnxMacsecMkaStatsUnsupportedAgi Counter64,
|
|
tmnxMacsecMkaStatsInvldCknLength Counter64,
|
|
tmnxMacsecMkaStatsIcvCheckFailed Counter64,
|
|
tmnxMacsecMkaStatsPeerSameMid Counter64,
|
|
tmnxMacsecMkaStatsSakNonLivePeer Counter64,
|
|
tmnxMacsecMkaStatsSakNoKeyServer Counter64,
|
|
tmnxMacsecMkaStatsSakDecryptFail Counter64,
|
|
tmnxMacsecMkaStatsSakEncryptFail Counter64,
|
|
tmnxMacsecMkaStatsKeyNumInvalid Counter64,
|
|
tmnxMacsecMkaStatsSakInstallFail Counter64,
|
|
tmnxMacsecMkaStatsCakInfoMissing Counter64,
|
|
tmnxMacsecMkaStatsMxPeersSetZero Counter64,
|
|
tmnxMacsecMkaStatsOperState TmnxOperState,
|
|
tmnxMacsecMkaStatsOperOffset Unsigned32,
|
|
tmnxMacsecMkaStatsOperCipher INTEGER,
|
|
tmnxMacsecMkaStatsLatestSakLpn Counter64,
|
|
tmnxMacsecMkaStatsPreviousSakLpn Counter64,
|
|
tmnxMacsecMkaStatsEncapType INTEGER,
|
|
tmnxMacsecMkaStatsEncapMatch TmnxEncapVal
|
|
}
|
|
|
|
tmnxMacsecCkn OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (1..32))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecCkn specifies the CKN information for this MKA."
|
|
REFERENCE
|
|
"IEEE 802.1X Clause 9.16, Figure 12-3"
|
|
::= { tmnxMacsecMkaStatsEntry 1 }
|
|
|
|
tmnxMacsecMkaStatsMemberId OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (12))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsMemberId indicates the Member
|
|
Identifier (MI) for the MKA instance."
|
|
REFERENCE
|
|
"IEEE 802.1X Clause 9.4.2"
|
|
::= { tmnxMacsecMkaStatsEntry 2 }
|
|
|
|
tmnxMacsecMkaStatsCakName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (0..64))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsCakName indicates the name of the CAK
|
|
in use by this MKA."
|
|
::= { tmnxMacsecMkaStatsEntry 3 }
|
|
|
|
tmnxMacsecMkaStatsTransmitInt OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
UNITS "milliseconds"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsTransmitInt indicates the time interval
|
|
at which the MKA broadcasts its liveliness to its peers."
|
|
::= { tmnxMacsecMkaStatsEntry 4 }
|
|
|
|
tmnxMacsecMkaStatsOutboundSci OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (8))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsOutboundSci indicates the Secure
|
|
Channel Identifier (SCI) information for transmitting MACsec frames."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 7.1.2, 10.7.1 and figure 7.7"
|
|
::= { tmnxMacsecMkaStatsEntry 5 }
|
|
|
|
tmnxMacsecMkaStatsMessageNumber OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsMessageNumber indicates the current
|
|
count of MKA messages that is attached to MKA PDUs."
|
|
::= { tmnxMacsecMkaStatsEntry 6 }
|
|
|
|
tmnxMacsecMkaStatsKeyNumber OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsKeyNumber indicates the number of the
|
|
currently assigned CAK. When a new CAK is generated, this number is
|
|
incremented."
|
|
::= { tmnxMacsecMkaStatsEntry 7 }
|
|
|
|
tmnxMacsecMkaStatsKeyServer OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsKeyServer indicates whether this server
|
|
is the highest priority server in the peer group."
|
|
::= { tmnxMacsecMkaStatsEntry 8 }
|
|
|
|
tmnxMacsecMkaStatsKeyServerPrio OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsKeyServerPrio indicates the priority of
|
|
this MKA."
|
|
::= { tmnxMacsecMkaStatsEntry 9 }
|
|
|
|
tmnxMacsecMkaStatsLatestSakAn OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsLatestSakAn indicates the Association
|
|
Number (AN) of the latest Secure Association Key (SAK). This number is
|
|
concatenated with an SCI to identify a Secure Association (SA)."
|
|
::= { tmnxMacsecMkaStatsEntry 10 }
|
|
|
|
tmnxMacsecMkaStatsLatestSakKi OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (16))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsLatestSakKi indicates the Key
|
|
Identifier (KI) of the latest SAK. This number is derived from the MI
|
|
of the key server and the key number."
|
|
::= { tmnxMacsecMkaStatsEntry 11 }
|
|
|
|
tmnxMacsecMkaStatsPreviousSakAn OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsPreviousSakAn indicates the AN of the
|
|
previous SAK. This number is concatenated with an SCI to identify an
|
|
SA."
|
|
::= { tmnxMacsecMkaStatsEntry 12 }
|
|
|
|
tmnxMacsecMkaStatsPreviousSakKi OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (16))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsPreviousSakKi indicates the KI of the
|
|
previous SAK. This number is derived from the MI of the key server and
|
|
the key number."
|
|
::= { tmnxMacsecMkaStatsEntry 13 }
|
|
|
|
tmnxMacsecMkaStatsPeerRemTimeout OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsPeerRemTimeout indicates the number of
|
|
peers removed from the live/potential peer list due to not receiving
|
|
an MKPDU within the MKA Live Time (6.0 sec)."
|
|
::= { tmnxMacsecMkaStatsEntry 14 }
|
|
|
|
tmnxMacsecMkaStatsCknNotFound OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsCknNotFound indicates the number of
|
|
MKPDUs received with a CKN that does not match the CA configured for
|
|
the port."
|
|
::= { tmnxMacsecMkaStatsEntry 15 }
|
|
|
|
tmnxMacsecMkaStatsNewLivePeer OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsNewLivePeer indicates the number of
|
|
validated peers that have been added to the live peer list."
|
|
::= { tmnxMacsecMkaStatsEntry 16 }
|
|
|
|
tmnxMacsecMkaStatsSakGenerated OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsSakGenerated indicates the number of
|
|
SAKs generated by this MKA instance."
|
|
::= { tmnxMacsecMkaStatsEntry 17 }
|
|
|
|
tmnxMacsecMkaStatsSakInstalledTx OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsSakInstalledTx indicates the number of
|
|
SAKs installed for transmitting."
|
|
::= { tmnxMacsecMkaStatsEntry 18 }
|
|
|
|
tmnxMacsecMkaStatsSakInstalledRx OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsSakInstalledRx indicates the number of
|
|
SAKs installed for receiving."
|
|
::= { tmnxMacsecMkaStatsEntry 19 }
|
|
|
|
tmnxMacsecMkaStatsPduTooSmall OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsPduTooSmall indicates the number of
|
|
MKPDUs received that are less than 32 octets."
|
|
::= { tmnxMacsecMkaStatsEntry 20 }
|
|
|
|
tmnxMacsecMkaStatsPduTooBig OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsPduTooBig indicates the number of
|
|
MKPDUs received where the EAPOL header indicates a size larger than
|
|
the received packet."
|
|
::= { tmnxMacsecMkaStatsEntry 21 }
|
|
|
|
tmnxMacsecMkaStatsPduNotQuadSize OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsPduNotQuadSize indicates the number of
|
|
MKPDUs received with a size that is not a multiple of 4 octets long."
|
|
::= { tmnxMacsecMkaStatsEntry 22 }
|
|
|
|
tmnxMacsecMkaStatsPduInvalidNum OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsPduInvalidNum indicates the number of
|
|
MKPDUs received out of order as indicated by the Message Number."
|
|
::= { tmnxMacsecMkaStatsEntry 23 }
|
|
|
|
tmnxMacsecMkaStatsParamSzInvalid OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsParamSzInvalid indicates the number of
|
|
MKPDUs received which contain a parameter set body length that exceeds
|
|
the remaining length of the MKPDU."
|
|
::= { tmnxMacsecMkaStatsEntry 24 }
|
|
|
|
tmnxMacsecMkaStatsLvnessChckFail OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsLvnessChckFail indicates the number of
|
|
MKPDUs received which contain an MN that is not acceptably recent."
|
|
::= { tmnxMacsecMkaStatsEntry 25 }
|
|
|
|
tmnxMacsecMkaStatsParamNotQuadSz OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsParamNotQuadSz indicates the number of
|
|
MKPDUs received which contain a parameter set that is not a multiple
|
|
of 4 octets long."
|
|
::= { tmnxMacsecMkaStatsEntry 26 }
|
|
|
|
tmnxMacsecMkaStatsUnsupportedAgi OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsUnsupportedAgi indicates the number of
|
|
MKPDUs received which contain an unsupported Algorithm Agility value."
|
|
::= { tmnxMacsecMkaStatsEntry 27 }
|
|
|
|
tmnxMacsecMkaStatsInvldCknLength OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsInvldCknLength indicates the number of
|
|
MKPDUs received which contain a CAK name that exceeds the maximum CAK
|
|
name length."
|
|
::= { tmnxMacsecMkaStatsEntry 28 }
|
|
|
|
tmnxMacsecMkaStatsIcvCheckFailed OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsIcvCheckFailed indicates the number of
|
|
MKPDUs received which contain an ICV value that does not authenticate."
|
|
::= { tmnxMacsecMkaStatsEntry 29 }
|
|
|
|
tmnxMacsecMkaStatsPeerSameMid OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsPeerSameMid indicates the number of
|
|
MKPDUs received which contain a peerlist with an MI entry which
|
|
conflicts with the local MI."
|
|
::= { tmnxMacsecMkaStatsEntry 30 }
|
|
|
|
tmnxMacsecMkaStatsSakNonLivePeer OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsSakNonLivePeer indicates the number of
|
|
SAKs received from peer that is not a member of the Live Peers List."
|
|
::= { tmnxMacsecMkaStatsEntry 31 }
|
|
|
|
tmnxMacsecMkaStatsSakNoKeyServer OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsSakNoKeyServer indicates the number of
|
|
SAKs received from an MKA participant that has not been designated as
|
|
the Key Server."
|
|
::= { tmnxMacsecMkaStatsEntry 32 }
|
|
|
|
tmnxMacsecMkaStatsSakDecryptFail OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsSakDecryptFail indicates the number of
|
|
AES Key Wrap SAK decryption failures that have occurred."
|
|
::= { tmnxMacsecMkaStatsEntry 33 }
|
|
|
|
tmnxMacsecMkaStatsSakEncryptFail OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsSakEncryptFail indicates the number of
|
|
AES Key Wrap SAK encryption failures that have occurred."
|
|
::= { tmnxMacsecMkaStatsEntry 34 }
|
|
|
|
tmnxMacsecMkaStatsKeyNumInvalid OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsKeyNumInvalid indicates the number of
|
|
SAKs received with an invalid Key Number."
|
|
::= { tmnxMacsecMkaStatsEntry 35 }
|
|
|
|
tmnxMacsecMkaStatsSakInstallFail OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsSakInstallFail indicates the number of
|
|
Secy SAK installation failures that have occurred."
|
|
::= { tmnxMacsecMkaStatsEntry 36 }
|
|
|
|
tmnxMacsecMkaStatsCakInfoMissing OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsCakInfoMissing indicates the number of
|
|
times internal CAK data is not available for the generation of the
|
|
SAK."
|
|
::= { tmnxMacsecMkaStatsEntry 37 }
|
|
|
|
tmnxMacsecMkaStatsMxPeersSetZero OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsMxPeersSetZero indicates the number of
|
|
Secy SAK installations that have failed due to the max peer entry
|
|
being set to 0."
|
|
::= { tmnxMacsecMkaStatsEntry 38 }
|
|
|
|
tmnxMacsecMkaStatsOperState OBJECT-TYPE
|
|
SYNTAX TmnxOperState
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsOperState indicates the operational
|
|
state of the MKA participant on this port."
|
|
::= { tmnxMacsecMkaStatsEntry 39 }
|
|
|
|
tmnxMacsecMkaStatsOperOffset OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0 | 30 | 50)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsOperOffset indicates the operational
|
|
encryption offset used for the datapath PDUs when all parties in the
|
|
CA have the SAK. This value is specified by the key server."
|
|
::= { tmnxMacsecMkaStatsEntry 40 }
|
|
|
|
tmnxMacsecMkaStatsOperCipher OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
gcm-aes-128 (1),
|
|
gcm-aes-256 (2),
|
|
gcm-aes-xpn-128 (3),
|
|
gcm-aes-xpn-256 (4)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsOperCipher indicates the operational
|
|
encryption algorithm used for datapath PDUs when all parties in the CA
|
|
have the (SAK). This value is specified by the key server."
|
|
::= { tmnxMacsecMkaStatsEntry 41 }
|
|
|
|
tmnxMacsecMkaStatsLatestSakLpn OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsLatestSakLpn indicates the Lowest
|
|
Acceptable Packet Number of the latest SAK."
|
|
::= { tmnxMacsecMkaStatsEntry 42 }
|
|
|
|
tmnxMacsecMkaStatsPreviousSakLpn OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsPreviousSakLpn indicates the Lowest
|
|
Acceptable Packet Number of the latest SAK."
|
|
::= { tmnxMacsecMkaStatsEntry 43 }
|
|
|
|
tmnxMacsecMkaStatsEncapType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
all-match (1),
|
|
untagged (2),
|
|
single-tag (3),
|
|
double-tag (4)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsEncapType indicates the type of the
|
|
encap value."
|
|
::= { tmnxMacsecMkaStatsEntry 44 }
|
|
|
|
tmnxMacsecMkaStatsEncapMatch OBJECT-TYPE
|
|
SYNTAX TmnxEncapVal
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaStatsEncapMatch indicates the encapsulation
|
|
value.
|
|
|
|
This value is only used when tmnxMacsecMkaStatsEncapType is set to
|
|
single-tag (3) or double-tag (4)."
|
|
::= { tmnxMacsecMkaStatsEntry 45 }
|
|
|
|
tmnxMacsecMkaPeerListTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TmnxMacsecMkaPeerListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tmnxMacsecMkaPeerListTable contains information for MKA peer lists
|
|
on a subport or a port in the system."
|
|
::= { tmnxMacsecStats 3 }
|
|
|
|
tmnxMacsecMkaPeerListEntry OBJECT-TYPE
|
|
SYNTAX TmnxMacsecMkaPeerListEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each tmnxMacsecMkaPeerListEntry represents a peer of the MKA instance
|
|
for a subport or a port in the system."
|
|
INDEX {
|
|
tmnxMacsecPortId,
|
|
tmnxMacsecVlanId,
|
|
tmnxMacsecCkn,
|
|
tmnxMacsecMkaPeerListMi
|
|
}
|
|
::= { tmnxMacsecMkaPeerListTable 1 }
|
|
|
|
TmnxMacsecMkaPeerListEntry ::= SEQUENCE
|
|
{
|
|
tmnxMacsecMkaPeerListMi OCTET STRING,
|
|
tmnxMacsecMkaPeerListMn Counter64,
|
|
tmnxMacsecMkaPeerListType INTEGER,
|
|
tmnxMacsecMkaPeerListSci OCTET STRING,
|
|
tmnxMacsecMkaPeerListKeyServPrio Counter64,
|
|
tmnxMacsecMkaPeerListLowstAcptPn Counter64
|
|
}
|
|
|
|
tmnxMacsecMkaPeerListMi OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (12))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaPeerListMi specifies the MI of the peer
|
|
entry."
|
|
REFERENCE
|
|
"IEEE 802.1X Clause 9.16, Figure 12-3"
|
|
::= { tmnxMacsecMkaPeerListEntry 1 }
|
|
|
|
tmnxMacsecMkaPeerListMn OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaPeerListMn indicates the latest Member
|
|
Number of the peer entry."
|
|
REFERENCE
|
|
"IEEE 802.1X Clause 9.16, Figure 12-3"
|
|
::= { tmnxMacsecMkaPeerListEntry 2 }
|
|
|
|
tmnxMacsecMkaPeerListType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
livePeerList (1),
|
|
potentialPeerList (2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaPeerListType indicates the type of the peer
|
|
entry.
|
|
|
|
livePeerList : the peer entry is in the Live Peer List.
|
|
|
|
potentialPeerList : the peer entry is in the Potential
|
|
Peer List."
|
|
REFERENCE
|
|
"IEEE 802.1X Clause 9.16, Figure 12-3"
|
|
::= { tmnxMacsecMkaPeerListEntry 3 }
|
|
|
|
tmnxMacsecMkaPeerListSci OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (8))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaPeerListSci indicates the SCI information of
|
|
this peer list entry."
|
|
REFERENCE
|
|
"IEEE 802.1X Clause 9.16, Figure 12-3"
|
|
::= { tmnxMacsecMkaPeerListEntry 4 }
|
|
|
|
tmnxMacsecMkaPeerListKeyServPrio OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaPeerListKeyServPrio indicates the priority
|
|
of this MKA peer."
|
|
::= { tmnxMacsecMkaPeerListEntry 5 }
|
|
|
|
tmnxMacsecMkaPeerListLowstAcptPn OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecMkaPeerListLowstAcptPn indicates the lowest
|
|
acceptable packet number of this MKA peer."
|
|
::= { tmnxMacsecMkaPeerListEntry 6 }
|
|
|
|
tmnxMacsecPortStatsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TmnxMacsecPortStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tmnxMacsecPortStatsTable augments the tmnxMacsecPortTable and
|
|
contains MACsec statistic information for subportss or ports in the
|
|
system."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.9, 10.7.18, figure 10.4, 10.5"
|
|
::= { tmnxMacsecStats 4 }
|
|
|
|
tmnxMacsecPortStatsEntry OBJECT-TYPE
|
|
SYNTAX TmnxMacsecPortStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each tmnxMacsecPortStatsEntry represents a subport or an Ethernet port
|
|
in the system and contains its MACsec statistic information.
|
|
|
|
Entries in this table are created automatically by the system and
|
|
cannot be created or destroyed via SNMP SET operations."
|
|
AUGMENTS { tmnxMacsecPortEntry }
|
|
::= { tmnxMacsecPortStatsTable 1 }
|
|
|
|
TmnxMacsecPortStatsEntry ::= SEQUENCE
|
|
{
|
|
tmnxMacsecPortStatsTxUntaggdPkts Counter64,
|
|
tmnxMacsecPortStatsTxTooLongPkts Counter64,
|
|
tmnxMacsecPortStatsRxNoTagPkts Counter64,
|
|
tmnxMacsecPortStatsRxBadTagPkts Counter64,
|
|
tmnxMacsecPortStatsRxNoSciPkts Counter64,
|
|
tmnxMacsecPortStatsRxOverrunPkts Counter64
|
|
}
|
|
|
|
tmnxMacsecPortStatsTxUntaggdPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortStatsTxUntaggdPkts indicates the number of
|
|
transmitted packets without the MAC security tag (SecTAG) when the
|
|
value of tmnxMacsecConnAssocReplayProtect for the configured CA is set
|
|
to 'false'."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.18, figure 10.4"
|
|
::= { tmnxMacsecPortStatsEntry 1 }
|
|
|
|
tmnxMacsecPortStatsTxTooLongPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortStatsTxTooLongPkts indicates the number of
|
|
transmitted packets discarded because the packet length is greater
|
|
than the Maximum Transmission Unit (MTU) of the Ethernet physical
|
|
interface."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.18, figure 10.4"
|
|
::= { tmnxMacsecPortStatsEntry 2 }
|
|
|
|
tmnxMacsecPortStatsRxNoTagPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortStatsRxNoTagPkts indicates the number of
|
|
received packets discarded without the MAC security tag (SecTAG)."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.9 , figure 10.5"
|
|
::= { tmnxMacsecPortStatsEntry 3 }
|
|
|
|
tmnxMacsecPortStatsRxBadTagPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The the value of tmnxMacsecPortStatsRxBadTagPkts indicates the number
|
|
of received packets discarded with an invalid SecTAG or a zero value
|
|
Packet Number (PN) or an invalid Integrity Check Value (ICV)."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.9 , figure 10.5"
|
|
::= { tmnxMacsecPortStatsEntry 4 }
|
|
|
|
tmnxMacsecPortStatsRxNoSciPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortStatsRxNoSciPkts indicates the number of
|
|
received packets discarded with unknown SCI information when the C bit
|
|
in the SecTAG is set."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.9 , figure 10.5"
|
|
::= { tmnxMacsecPortStatsEntry 7 }
|
|
|
|
tmnxMacsecPortStatsRxOverrunPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecPortStatsRxOverrunPkts indicates the number of
|
|
packets discarded because the number of received packets exceeded the
|
|
cryptographic performance capabilities."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.9 , figure 10.5"
|
|
::= { tmnxMacsecPortStatsEntry 8 }
|
|
|
|
tmnxMacsecTxSAStatsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TmnxMacsecTxSAStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tmnxMacsecTxSAStatsTable contains the stats information for each
|
|
transmitting SA in the subport or port in the system."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.18, figure 10.4"
|
|
::= { tmnxMacsecStats 5 }
|
|
|
|
tmnxMacsecTxSAStatsEntry OBJECT-TYPE
|
|
SYNTAX TmnxMacsecTxSAStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each tmnxMacsecTxSAStatsEntry represents a transmitting SA on a
|
|
subport or a port in the system and contains statistical information
|
|
for that transmitting SA.
|
|
|
|
Entries in this table are created automatically by the system and
|
|
cannot be created or destroyed via SNMP SET operations."
|
|
INDEX {
|
|
tmnxMacsecPortId,
|
|
tmnxMacsecVlanId,
|
|
tmnxMacsecTxSAAn
|
|
}
|
|
::= { tmnxMacsecTxSAStatsTable 1 }
|
|
|
|
TmnxMacsecTxSAStatsEntry ::= SEQUENCE
|
|
{
|
|
tmnxMacsecTxSAAn Unsigned32,
|
|
tmnxMacsecTxSAStatsProtectedPkts Counter32,
|
|
tmnxMacsecTxSAStatsEncryptedPkts Counter32
|
|
}
|
|
|
|
tmnxMacsecTxSAAn OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecTxSAAn indicates the AN for identifying the
|
|
transmitting SA."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.21"
|
|
::= { tmnxMacsecTxSAStatsEntry 1 }
|
|
|
|
tmnxMacsecTxSAStatsProtectedPkts OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecTxSAStatsProtectedPkts indicates the number of
|
|
packets that are integrity protected but not encrypted for this
|
|
transmitting SA."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.18, figure 10.4"
|
|
::= { tmnxMacsecTxSAStatsEntry 2 }
|
|
|
|
tmnxMacsecTxSAStatsEncryptedPkts OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecTxSAStatsEncryptedPkts indicates the number of
|
|
packets that are integrity protected and encrypted for this
|
|
transmitting SA."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.18, figure 10.4"
|
|
::= { tmnxMacsecTxSAStatsEntry 3 }
|
|
|
|
tmnxMacsecTxSCStatsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TmnxMacsecTxSCStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tmnxMacsecTxSCStatsTable contains transmitting Secure Channel (SC)
|
|
MACsec statistic information for subports or ports in the system."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.18, 10.7.19, figure 10.4"
|
|
::= { tmnxMacsecStats 6 }
|
|
|
|
tmnxMacsecTxSCStatsEntry OBJECT-TYPE
|
|
SYNTAX TmnxMacsecTxSCStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each tmnxMacsecTxSCStatsEntry represents a transmitting SC and
|
|
contains its counters.
|
|
|
|
Entries in this table are created automatically by the system and
|
|
cannot be created or destroyed via SNMP SET operations."
|
|
INDEX {
|
|
tmnxMacsecPortId,
|
|
tmnxMacsecVlanId
|
|
}
|
|
::= { tmnxMacsecTxSCStatsTable 1 }
|
|
|
|
TmnxMacsecTxSCStatsEntry ::= SEQUENCE
|
|
{
|
|
tmnxMacsecTxSCStatsProtectedPkts Counter64,
|
|
tmnxMacsecTxSCStatsEncryptedPkts Counter64,
|
|
tmnxMacsecTxSCStatsOctetsProtctd Counter64,
|
|
tmnxMacsecTxSCStatsOctetsEncrptd Counter64
|
|
}
|
|
|
|
tmnxMacsecTxSCStatsProtectedPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecTxSCStatsProtectedPkts indicates the number of
|
|
integrity protected but not encrypted packets for this transmitting
|
|
SC."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.18, figure 10.4"
|
|
::= { tmnxMacsecTxSCStatsEntry 1 }
|
|
|
|
tmnxMacsecTxSCStatsEncryptedPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecTxSCStatsEncryptedPkts indicates the number of
|
|
integrity protected and encrypted packets for this transmitting SC."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.18, figure 10.4"
|
|
::= { tmnxMacsecTxSCStatsEntry 4 }
|
|
|
|
tmnxMacsecTxSCStatsOctetsProtctd OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Octets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecTxSCStatsOctetsProtctd indicates the number of
|
|
plain text octets that are integrity protected but not encrypted on
|
|
the transmitting SC."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.19, figure 10.4"
|
|
::= { tmnxMacsecTxSCStatsEntry 5 }
|
|
|
|
tmnxMacsecTxSCStatsOctetsEncrptd OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Octets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecTxSCStatsOctetsEncrptd indicates the number of
|
|
plain text octets that are integrity protected and encrypted on the
|
|
transmitting SC."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.19, figure 10.4"
|
|
::= { tmnxMacsecTxSCStatsEntry 6 }
|
|
|
|
tmnxMacsecRxSAStatsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TmnxMacsecRxSAStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tmnxMacsecRxSAStatsTable contains the stats information for each
|
|
receiving SA in the subport or port in the system."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.9, figure 10.5"
|
|
::= { tmnxMacsecStats 7 }
|
|
|
|
tmnxMacsecRxSAStatsEntry OBJECT-TYPE
|
|
SYNTAX TmnxMacsecRxSAStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each tmnxMacsecRxSAStatsEntry represents a receiving SA on a subport
|
|
or a port in the system and contains statistical information for that
|
|
receiving SA.
|
|
|
|
Entries in this table are created automatically by the system and
|
|
cannot be created or destroyed via SNMP SET operations."
|
|
INDEX {
|
|
tmnxMacsecPortId,
|
|
tmnxMacsecVlanId,
|
|
tmnxMacsecRxSci,
|
|
tmnxMacsecRxSAAn
|
|
}
|
|
::= { tmnxMacsecRxSAStatsTable 1 }
|
|
|
|
TmnxMacsecRxSAStatsEntry ::= SEQUENCE
|
|
{
|
|
tmnxMacsecRxSci OCTET STRING,
|
|
tmnxMacsecRxSAAn Unsigned32,
|
|
tmnxMacsecRxSAStatsNoUsingSAPkts Counter32,
|
|
tmnxMacsecRxSAStatsNotValidPkts Counter32,
|
|
tmnxMacsecRxSAStatsOKPkts Counter32
|
|
}
|
|
|
|
tmnxMacsecRxSci OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (8))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecRxSci indicates the SCI for identifying the
|
|
receiving SC."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.11"
|
|
::= { tmnxMacsecRxSAStatsEntry 1 }
|
|
|
|
tmnxMacsecRxSAAn OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecRxSAAn indicates the AN for identifying the
|
|
receiving SA."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.13"
|
|
::= { tmnxMacsecRxSAStatsEntry 2 }
|
|
|
|
tmnxMacsecRxSAStatsNoUsingSAPkts OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecRxSAStatsNoUsingSAPkts indicates the number of
|
|
received packets that have been discarded on this SA which is not
|
|
currently in use."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.9, figure 10.5"
|
|
::= { tmnxMacsecRxSAStatsEntry 3 }
|
|
|
|
tmnxMacsecRxSAStatsNotValidPkts OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecRxSAStatsNotValidPkts indicates the number of
|
|
not valid packets that have been discarded on this active SA."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.9, figure 10.5"
|
|
::= { tmnxMacsecRxSAStatsEntry 4 }
|
|
|
|
tmnxMacsecRxSAStatsOKPkts OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecRxSAStatsOKPkts indicates the number of
|
|
validated packets on this SA."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.9, figure 10.5"
|
|
::= { tmnxMacsecRxSAStatsEntry 5 }
|
|
|
|
tmnxMacsecRxSCStatsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TmnxMacsecRxSCStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The tmnxMacsecRxSCStatsTable contains the stats information for each
|
|
receiving SC supported by the subport or port in the system."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.9, 10.7.10, figure 10.5"
|
|
::= { tmnxMacsecStats 8 }
|
|
|
|
tmnxMacsecRxSCStatsEntry OBJECT-TYPE
|
|
SYNTAX TmnxMacsecRxSCStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each tmnxMacsecRxSCStatsEntry represents a receiving SC. Some counters
|
|
in the receiving SA will be reset while the SA is reused, and in order
|
|
to maintain complete statistical information for the SC, some counter
|
|
information on the SAs are kept in the SC.
|
|
|
|
Each counter for an SC is a summation of the corresponding counter
|
|
information for all the SAs, current and prior, belonging to this SC."
|
|
INDEX {
|
|
tmnxMacsecPortId,
|
|
tmnxMacsecVlanId,
|
|
tmnxMacsecRxSci
|
|
}
|
|
::= { tmnxMacsecRxSCStatsTable 1 }
|
|
|
|
TmnxMacsecRxSCStatsEntry ::= SEQUENCE
|
|
{
|
|
tmnxMacsecRxSCStatsNoUsingSAPkts Counter64,
|
|
tmnxMacsecRxSCStatsLatePkts Counter64,
|
|
tmnxMacsecRxSCStatsNotValidPkts Counter64,
|
|
tmnxMacsecRxSCStatsDelayedPkts Counter64,
|
|
tmnxMacsecRxSCStatsUncheckedPkts Counter64,
|
|
tmnxMacsecRxSCStatsOKPkts Counter64,
|
|
tmnxMacsecRxSCStatsOctsValidated Counter64,
|
|
tmnxMacsecRxSCStatsOctsDecrypted Counter64
|
|
}
|
|
|
|
tmnxMacsecRxSCStatsNoUsingSAPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecRxSCStatsNoUsingSAPkts indicates the summation
|
|
of counter tmnxMacsecRxSAStatsNoUsingSAPkts information for all the
|
|
SAs which belong to this SC."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.9, figure 10.5"
|
|
::= { tmnxMacsecRxSCStatsEntry 1 }
|
|
|
|
tmnxMacsecRxSCStatsLatePkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecRxSCStatsLatePkts indicates the number of
|
|
received packets that have been discarded due to replay window
|
|
protection on this SC."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.9, figure 10.5"
|
|
::= { tmnxMacsecRxSCStatsEntry 2 }
|
|
|
|
tmnxMacsecRxSCStatsNotValidPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecRxSCStatsNotValidPkts indicates the summation
|
|
of counter tmnxMacsecRxSAStatsNotValidPkts information for all the SAs
|
|
which belong to this SC."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.9, figure 10.5"
|
|
::= { tmnxMacsecRxSCStatsEntry 3 }
|
|
|
|
tmnxMacsecRxSCStatsDelayedPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecRxSCStatsDelayedPkts indicates the number of
|
|
received packets with the condition a PN lower than the lower bound of
|
|
the replay protection on this SC."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.9, figure 10.5"
|
|
::= { tmnxMacsecRxSCStatsEntry 4 }
|
|
|
|
tmnxMacsecRxSCStatsUncheckedPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecRxSCStatsUncheckedPkts indicates the number of
|
|
packets that have failed the integrity check on this SC."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.9, figure 10.5"
|
|
::= { tmnxMacsecRxSCStatsEntry 5 }
|
|
|
|
tmnxMacsecRxSCStatsOKPkts OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Packets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecRxSCStatsOKPkts indicates the summation of
|
|
counter tmnxMacsecRxSAStatsOKPkts information for all the SAs which
|
|
belong to this SC."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.9, figure 10.5"
|
|
::= { tmnxMacsecRxSCStatsEntry 6 }
|
|
|
|
tmnxMacsecRxSCStatsOctsValidated OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Octets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecRxSCStatsOctsValidated indicate the number of
|
|
octets of plain text recovered from received packets that were
|
|
integrity protected but not encrypted."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.10, figure 10.5"
|
|
::= { tmnxMacsecRxSCStatsEntry 7 }
|
|
|
|
tmnxMacsecRxSCStatsOctsDecrypted OBJECT-TYPE
|
|
SYNTAX Counter64
|
|
UNITS "Octets"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value of tmnxMacsecRxSCStatsOctsDecrypted indicates the number of
|
|
octets of plain text recovered from received packets that were
|
|
integrity protected and encrypted."
|
|
REFERENCE
|
|
"IEEE 802.1AE Clause 10.7.10, figure 10.5"
|
|
::= { tmnxMacsecRxSCStatsEntry 8 }
|
|
|
|
tmnxMacsecNotifyObjects OBJECT IDENTIFIER ::= { tmnxMacsecObjects 4 }
|
|
|
|
tmnxMacsecNotifyPortId OBJECT-TYPE
|
|
SYNTAX TmnxPortID
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Used by traps to indicated the port identifier of the MACsec port."
|
|
::= { tmnxMacsecNotifyObjects 1 }
|
|
|
|
tmnxMacsecNotifyVlanId OBJECT-TYPE
|
|
SYNTAX VlanIdOrNone
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Used by traps to indicated the subport ID on the MACsec port."
|
|
::= { tmnxMacsecNotifyObjects 2 }
|
|
|
|
tmnxMacsecNotifyPeerMi OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE (12))
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Used by traps to indicated the MI of the peer entry."
|
|
REFERENCE
|
|
"IEEE 802.1X Clause 9.16, Figure 12-3"
|
|
::= { tmnxMacsecNotifyObjects 3 }
|
|
|
|
tmnxMacsecNotifySecurityZone OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Used by traps to indicated the Security Zone."
|
|
::= { tmnxMacsecNotifyObjects 4 }
|
|
|
|
tmnxMacsecNotifyAssociationNum OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Used by traps to indicate the Association Number of the SAK."
|
|
::= { tmnxMacsecNotifyObjects 5 }
|
|
|
|
tmnxMacsecConformance OBJECT IDENTIFIER ::= { tmnxSRConfs 114 }
|
|
|
|
tmnxMacsecCompliances OBJECT IDENTIFIER ::= { tmnxMacsecConformance 1 }
|
|
|
|
tmnxMacsecComplianceV15v0 MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for management of MACsec features for SROS
|
|
release 15.0 in the timetra-macsec-mib."
|
|
MODULE
|
|
MANDATORY-GROUPS {
|
|
tmnxMacsecGroup,
|
|
tmnxMacsecStatsGroup,
|
|
tmnxMacsecNotificationObjsGroup,
|
|
tmnxMacsecNotificationGroup
|
|
}
|
|
::= { tmnxMacsecCompliances 1 }
|
|
|
|
tmnxMacsecComplianceV19v0 MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
""
|
|
MODULE
|
|
MANDATORY-GROUPS {
|
|
tmnxMacsecDestMacAddrGroup
|
|
}
|
|
::= { tmnxMacsecCompliances 2 }
|
|
|
|
tmnxMacsecComplianceV20v0 MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for management of MACsec features for SROS
|
|
release 20 in the timetra-macsec-mib."
|
|
MODULE
|
|
MANDATORY-GROUPS {
|
|
tmnxMacsecNiapsNotificationGroup,
|
|
tmnxMacsecDdpObjectGroup
|
|
}
|
|
::= { tmnxMacsecCompliances 3 }
|
|
|
|
tmnxMacsecGroups OBJECT IDENTIFIER ::= { tmnxMacsecConformance 2 }
|
|
|
|
tmnxMacsecGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
tmnxMacsecConnAssocLastChanged,
|
|
tmnxMacsecConnAssocRowStatus,
|
|
tmnxMacsecConnAssocAdminState,
|
|
tmnxMacsecConnAssocDescription,
|
|
tmnxMacsecConnAssocMacsecEncrypt,
|
|
tmnxMacsecConnAssocClearTagMode,
|
|
tmnxMacsecConnAssocReplayWndwSz,
|
|
tmnxMacsecConnAssocCipherSuite,
|
|
tmnxMacsecConnAssocReplayProtect,
|
|
tmnxMacsecConnAssocEncrptnOffset,
|
|
tmnxMacsecStaticCakLastChanged,
|
|
tmnxMacsecStaticCakKeyServerPrio,
|
|
tmnxMacsecStaticCakActivePsk,
|
|
tmnxMacsecPreSharedKeyLastChangd,
|
|
tmnxMacsecPreSharedKeyRowStatus,
|
|
tmnxMacsecPreSharedKeyEncrptType,
|
|
tmnxMacsecPreSharedKeyCak,
|
|
tmnxMacsecPreSharedKeyCakName,
|
|
tmnxMacsecConnAssocTableLstChngd,
|
|
tmnxMacsecStaticCakTableLstChngd,
|
|
tmnxMacsecPreSharedKeyTblLstChng,
|
|
tmnxMacsecPortTableLastChanged,
|
|
tmnxMacsecPortLastChanged,
|
|
tmnxMacsecPortEapolDestAddress,
|
|
tmnxMacsecPortCaName,
|
|
tmnxMacsecPortAdminState,
|
|
tmnxMacsecPortMaxPeers,
|
|
tmnxMacsecPortRowStatus,
|
|
tmnxMacsecPortGlobalRxTrafEncrpt,
|
|
tmnxMacsecPortGlobalExcludeLacp,
|
|
tmnxMacsecPortGlobalExcludeLldp,
|
|
tmnxMacsecPortGlobalExcludeCdp,
|
|
tmnxMacsecPortGlblExcldEaplStart,
|
|
tmnxMacsecPortGlobalExcldeEfmOam,
|
|
tmnxMacsecPortGlobalExcldeEthCfm,
|
|
tmnxMacsecPortEncapType,
|
|
tmnxMacsecPortEncapMatch,
|
|
tmnxMacsecStaticCakMkaHelloInt,
|
|
tmnxMacsecPortGlobalExcludePtp,
|
|
tmnxMacsecPortGlobalExcludeUbfd,
|
|
tmnxMacsecPortGlblExcldMacPolicy
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group of objects for MACsec support on Nokia systems."
|
|
::= { tmnxMacsecGroups 1 }
|
|
|
|
tmnxMacsecStatsGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
tmnxMacsecMkaStatsMemberId,
|
|
tmnxMacsecMkaStatsCakName,
|
|
tmnxMacsecMkaStatsTransmitInt,
|
|
tmnxMacsecMkaStatsOutboundSci,
|
|
tmnxMacsecMkaStatsMessageNumber,
|
|
tmnxMacsecMkaStatsKeyNumber,
|
|
tmnxMacsecMkaStatsKeyServer,
|
|
tmnxMacsecMkaStatsKeyServerPrio,
|
|
tmnxMacsecMkaStatsLatestSakAn,
|
|
tmnxMacsecMkaStatsLatestSakKi,
|
|
tmnxMacsecMkaStatsPreviousSakAn,
|
|
tmnxMacsecMkaStatsPreviousSakKi,
|
|
tmnxMacsecMkaStatsPeerRemTimeout,
|
|
tmnxMacsecMkaStatsCknNotFound,
|
|
tmnxMacsecMkaStatsNewLivePeer,
|
|
tmnxMacsecMkaStatsSakGenerated,
|
|
tmnxMacsecMkaStatsSakInstalledTx,
|
|
tmnxMacsecMkaStatsSakInstalledRx,
|
|
tmnxMacsecMkaStatsPduTooSmall,
|
|
tmnxMacsecMkaStatsPduTooBig,
|
|
tmnxMacsecMkaStatsPduNotQuadSize,
|
|
tmnxMacsecMkaStatsPduInvalidNum,
|
|
tmnxMacsecMkaStatsParamSzInvalid,
|
|
tmnxMacsecMkaStatsLvnessChckFail,
|
|
tmnxMacsecMkaStatsParamNotQuadSz,
|
|
tmnxMacsecMkaStatsUnsupportedAgi,
|
|
tmnxMacsecMkaStatsInvldCknLength,
|
|
tmnxMacsecMkaStatsIcvCheckFailed,
|
|
tmnxMacsecMkaStatsPeerSameMid,
|
|
tmnxMacsecMkaStatsSakNonLivePeer,
|
|
tmnxMacsecMkaStatsSakNoKeyServer,
|
|
tmnxMacsecMkaStatsSakDecryptFail,
|
|
tmnxMacsecMkaStatsSakEncryptFail,
|
|
tmnxMacsecMkaStatsKeyNumInvalid,
|
|
tmnxMacsecMkaStatsSakInstallFail,
|
|
tmnxMacsecMkaStatsCakInfoMissing,
|
|
tmnxMacsecMkaStatsMxPeersSetZero,
|
|
tmnxMacsecMkaStatsOperState,
|
|
tmnxMacsecMkaStatsOperOffset,
|
|
tmnxMacsecMkaStatsOperCipher,
|
|
tmnxMacsecMkaPeerListMn,
|
|
tmnxMacsecMkaPeerListType,
|
|
tmnxMacsecMkaPeerListSci,
|
|
tmnxMacsecMkaPeerListKeyServPrio,
|
|
tmnxMacsecMkaPeerListLowstAcptPn,
|
|
tmnxMacsecPortStatsTxUntaggdPkts,
|
|
tmnxMacsecPortStatsTxTooLongPkts,
|
|
tmnxMacsecPortStatsRxNoTagPkts,
|
|
tmnxMacsecPortStatsRxBadTagPkts,
|
|
tmnxMacsecPortStatsRxNoSciPkts,
|
|
tmnxMacsecPortStatsRxOverrunPkts,
|
|
tmnxMacsecTxSAStatsProtectedPkts,
|
|
tmnxMacsecTxSAStatsEncryptedPkts,
|
|
tmnxMacsecTxSCStatsProtectedPkts,
|
|
tmnxMacsecTxSCStatsEncryptedPkts,
|
|
tmnxMacsecTxSCStatsOctetsProtctd,
|
|
tmnxMacsecTxSCStatsOctetsEncrptd,
|
|
tmnxMacsecRxSAStatsNoUsingSAPkts,
|
|
tmnxMacsecRxSAStatsNotValidPkts,
|
|
tmnxMacsecRxSAStatsOKPkts,
|
|
tmnxMacsecRxSCStatsNoUsingSAPkts,
|
|
tmnxMacsecRxSCStatsLatePkts,
|
|
tmnxMacsecRxSCStatsNotValidPkts,
|
|
tmnxMacsecRxSCStatsDelayedPkts,
|
|
tmnxMacsecRxSCStatsUncheckedPkts,
|
|
tmnxMacsecRxSCStatsOKPkts,
|
|
tmnxMacsecRxSCStatsOctsValidated,
|
|
tmnxMacsecRxSCStatsOctsDecrypted,
|
|
tmnxMacsecMkaStatsLatestSakLpn,
|
|
tmnxMacsecMkaStatsPreviousSakLpn,
|
|
tmnxMacsecMkaStatsEncapType,
|
|
tmnxMacsecMkaStatsEncapMatch
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group of objects for MACsec stats support on Nokia systems."
|
|
::= { tmnxMacsecGroups 2 }
|
|
|
|
tmnxMacsecNotificationObjsGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
tmnxMacsecNotifyPortId,
|
|
tmnxMacsecNotifyVlanId,
|
|
tmnxMacsecNotifyPeerMi,
|
|
tmnxMacsecNotifySecurityZone,
|
|
tmnxMacsecNotifyAssociationNum
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group of objects for MACsec notifications on Nokia systems."
|
|
::= { tmnxMacsecGroups 3 }
|
|
|
|
tmnxMacsecNotificationGroup NOTIFICATION-GROUP
|
|
NOTIFICATIONS {
|
|
tmnxMacsecConfiguredPortCA,
|
|
tmnxMacsecUnconfiguredPortCA,
|
|
tmnxMacsecEnabledPort,
|
|
tmnxMacsecDisabledPort,
|
|
tmnxMacsecMaxPeerLimitExceeded,
|
|
tmnxMkaSessionEstablished,
|
|
tmnxMkaPskRollover,
|
|
tmnxMkaSessionEnded,
|
|
tmnxMkaOperStateChanged,
|
|
tmnxMacsecMaxPeerLimitCleared
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group of notifications for MACsec on Nokia systems."
|
|
::= { tmnxMacsecGroups 4 }
|
|
|
|
tmnxMacsecObsoletedObjectsGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
tmnxMacsecPortRxTrafficEncrption,
|
|
tmnxMacsecPortExcludeLacp,
|
|
tmnxMacsecPortExcludeLldp,
|
|
tmnxMacsecPortExcludeCdp,
|
|
tmnxMacsecPortExcludeEapolStart
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group of MACsec objects obsoleted on Nokia systems."
|
|
::= { tmnxMacsecGroups 5 }
|
|
|
|
tmnxMacsecDestMacAddrGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
tmnxMacsecMacPolicyGrpRowStatus,
|
|
tmnxMacsecDestMacAddrRowStatus
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
""
|
|
::= { tmnxMacsecGroups 6 }
|
|
|
|
tmnxMacsecNiapsNotificationGroup NOTIFICATION-GROUP
|
|
NOTIFICATIONS {
|
|
tmnxMacsecCaCreate,
|
|
tmnxMacsecSakCreate,
|
|
tmnxMacsecSakInstalledRx,
|
|
tmnxMacsecSakInstalledTx,
|
|
tmnxMacsecMkaReplayAttemptDisc,
|
|
tmnxMacsecDpReplayAttempt,
|
|
tmnxMacsecSakDelete
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group of notifications for MACsec NIAPs support on Nokia systems."
|
|
::= { tmnxMacsecGroups 8 }
|
|
|
|
tmnxMacsecDdpObjectGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
tmnxMacsecConnAssocDelayProtectn
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The group of objects for MACsec data delay protection support on Nokia
|
|
systems."
|
|
::= { tmnxMacsecGroups 9 }
|
|
|
|
tmnxMacsecNotifyPrefix OBJECT IDENTIFIER ::= { tmnxSRNotifyPrefix 114 }
|
|
|
|
tmnxMacsecNofitications OBJECT IDENTIFIER ::= { tmnxMacsecNotifyPrefix 1 }
|
|
|
|
tmnxMacsecConfiguredPortCA NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxMacsecNotifyPortId,
|
|
tmnxMacsecNotifyVlanId,
|
|
tmnxMacsecPreSharedKeyCakName
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE] A tmnxMacsecConfiguredPortCA notification is generated when a
|
|
CA is associated with a port."
|
|
::= { tmnxMacsecNofitications 1 }
|
|
|
|
tmnxMacsecUnconfiguredPortCA NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxMacsecNotifyPortId,
|
|
tmnxMacsecNotifyVlanId,
|
|
tmnxMacsecPreSharedKeyCakName
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE] A tmnxMacsecUnconfiguredPortCA notification is generated when
|
|
a CA is unassociated from a port."
|
|
::= { tmnxMacsecNofitications 2 }
|
|
|
|
tmnxMacsecEnabledPort NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxMacsecNotifyPortId,
|
|
tmnxMacsecNotifyVlanId,
|
|
tmnxMacsecPortCaName
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE] A tmnxMacsecEnabledPort notification is generated when a port
|
|
is admin enabled and the associated CA is enabled."
|
|
::= { tmnxMacsecNofitications 3 }
|
|
|
|
tmnxMacsecDisabledPort NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxMacsecNotifyPortId,
|
|
tmnxMacsecNotifyVlanId,
|
|
tmnxMacsecPortCaName
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE] A tmnxMacsecDisabledPort notification is generated when a port
|
|
is admin disabled or the associated CA is disabled."
|
|
::= { tmnxMacsecNofitications 4 }
|
|
|
|
tmnxMacsecMaxPeerLimitExceeded NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxMacsecNotifySecurityZone,
|
|
tmnxMacsecNotifyPeerMi,
|
|
tmnxMacsecMkaPeerListSci
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE] A tmnxMacsecMaxPeerLimitExceeded notification is generated
|
|
when an MKA session exceeds the maximum number of allowable peers."
|
|
::= { tmnxMacsecNofitications 5 }
|
|
|
|
tmnxMkaSessionEstablished NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxMacsecMkaPeerListSci,
|
|
tmnxMacsecPortCaName,
|
|
tmnxMacsecPortEapolDestAddress,
|
|
tmnxMacsecMkaStatsKeyServerPrio,
|
|
tmnxMacsecStaticCakKeyServerPrio,
|
|
tmnxMacsecConnAssocCipherSuite,
|
|
tmnxMacsecConnAssocEncrptnOffset
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE] A tmnxMkaSessionEstablished notification is generated when an
|
|
MKA session is established."
|
|
::= { tmnxMacsecNofitications 6 }
|
|
|
|
tmnxMkaPskRollover NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxMacsecNotifyPortId,
|
|
tmnxMacsecNotifyVlanId,
|
|
tmnxMacsecStaticCakActivePsk
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE] A tmnxMkaPskRollover notification is generated when a PSK
|
|
rollover occurs."
|
|
::= { tmnxMacsecNofitications 7 }
|
|
|
|
tmnxMkaSessionEnded NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxMacsecMkaPeerListSci,
|
|
tmnxMacsecPortCaName
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE] A tmnxMkaSessionEnded notification is generated when an MKA
|
|
session is ended."
|
|
::= { tmnxMacsecNofitications 8 }
|
|
|
|
tmnxMkaOperStateChanged NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxMacsecMkaStatsOperState,
|
|
tmnxMacsecPortCaName
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE] A tmnxMkaOperStateChanged notification is generated when an
|
|
MKA changes operational state."
|
|
::= { tmnxMacsecNofitications 9 }
|
|
|
|
tmnxMacsecMaxPeerLimitCleared NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxMacsecNotifySecurityZone,
|
|
tmnxMacsecNotifyPeerMi,
|
|
tmnxMacsecMkaPeerListSci
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE] A tmnxMacsecMaxPeerLimitCleared notification is generated when
|
|
an MKA session no longer exceeds the maximum number of allowable
|
|
peers."
|
|
::= { tmnxMacsecNofitications 10 }
|
|
|
|
tmnxMacsecCaCreate NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxMacsecPreSharedKeyCakName
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE] A tmnxMacsecCaCreate notification is generated when a
|
|
connectivity association is created."
|
|
::= { tmnxMacsecNofitications 11 }
|
|
|
|
tmnxMacsecSakCreate NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxMacsecNotifyAssociationNum,
|
|
tmnxMacsecPreSharedKeyCakName,
|
|
tmnxMacsecNotifyPortId,
|
|
tmnxMacsecNotifyVlanId
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE] A tmnxMacsecSakCreate notification is generated when a SAK has
|
|
been created as a key server."
|
|
::= { tmnxMacsecNofitications 12 }
|
|
|
|
tmnxMacsecSakInstalledRx NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxMacsecNotifyAssociationNum,
|
|
tmnxMacsecPreSharedKeyCakName,
|
|
tmnxMacsecNotifyPortId,
|
|
tmnxMacsecNotifyVlanId
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE] A tmnxMacsecSakInstalledRx notification is generated when a
|
|
new SAK is installed for receiving"
|
|
::= { tmnxMacsecNofitications 13 }
|
|
|
|
tmnxMacsecSakInstalledTx NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxMacsecNotifyAssociationNum,
|
|
tmnxMacsecPreSharedKeyCakName,
|
|
tmnxMacsecNotifyPortId,
|
|
tmnxMacsecNotifyVlanId
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE] A tmnxMacsecSakInstalledTx notification is generated when a
|
|
new SAK is installed for transmitting"
|
|
::= { tmnxMacsecNofitications 14 }
|
|
|
|
tmnxMacsecMkaReplayAttemptDisc NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxMacsecPortCaName,
|
|
tmnxMacsecMkaStatsPduInvalidNum
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE] A tmnxMacsecMkaReplayAttemptDisc notification is generated
|
|
when the replay packet counter increments"
|
|
::= { tmnxMacsecNofitications 15 }
|
|
|
|
tmnxMacsecDpReplayAttempt NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxMacsecRxSCStatsLatePkts
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE] A tmnxMacsecDpReplayAttempt notification is generated every 10
|
|
seconds if the counter for detected replay attempts is different from
|
|
the last time this notification was raised. If the counter has not
|
|
changed, it will be checked again in 10 seconds."
|
|
::= { tmnxMacsecNofitications 16 }
|
|
|
|
tmnxMacsecSakDelete NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
tmnxMacsecNotifyAssociationNum,
|
|
tmnxMacsecPreSharedKeyCakName,
|
|
tmnxMacsecNotifyPortId,
|
|
tmnxMacsecNotifyVlanId
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"[CAUSE] A tmnxMacsecSakDelete notification is generated when a SAK has
|
|
been deleted."
|
|
::= { tmnxMacsecNofitications 17 }
|
|
|
|
END
|