379 lines
14 KiB
Plaintext
379 lines
14 KiB
Plaintext
-- Copyright (C) 2007-2012 Aricent Group . All Rights Reserved
|
|
|
|
-- $Id: fsdhcsnp.mib,v 1.3 2012/09/07 09:52:05 siva Exp $
|
|
|
|
-- L2DHCPSNOOPING Proprietary MIB Definition
|
|
|
|
-- This MIB contains scalars and tables used to configure a switch running
|
|
-- L2 DHCP SNOOPING.
|
|
|
|
DHCP-SNOOPING-MIB DEFINITIONS ::= BEGIN
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE,
|
|
enterprises, Counter32, Integer32 FROM SNMPv2-SMI
|
|
RowStatus FROM SNMPv2-TC;
|
|
|
|
|
|
fsdhcpsnp MODULE-IDENTITY
|
|
LAST-UPDATED "201209050000Z"
|
|
ORGANIZATION "ARICENT COMMUNICATIONS SOFTWARE"
|
|
CONTACT-INFO "support@aricent.com"
|
|
|
|
DESCRIPTION
|
|
" The proprietary MIB module is for configuration of DHCP
|
|
snooping feature. DHCP snooping provides security between the
|
|
untrusted hosts and DHCP servers, by filtering the Untrusted DHCP
|
|
packets which is received from out of the network and also updates
|
|
the IP binding database present in the IPDB module. "
|
|
REVISION "201209050000Z"
|
|
DESCRIPTION
|
|
" Modifications are done in descriptions in some places to be
|
|
more clear ."
|
|
|
|
::= { enterprises aricent-communication-holding-ltd(29601)
|
|
iss(2) 3 }
|
|
|
|
-- ***************************************************************************
|
|
-- Groups in the MIB
|
|
-- ***************************************************************************
|
|
|
|
fsDhcpSnpScalars OBJECT IDENTIFIER ::= { fsdhcpsnp 1 }
|
|
fsDhcpSnpInterface OBJECT IDENTIFIER ::= { fsdhcpsnp 2 }
|
|
|
|
-- ***************************************************************************
|
|
-- SCALARS
|
|
-- ***************************************************************************
|
|
|
|
fsDhcpSnpSnoopingAdminStatus OBJECT-TYPE
|
|
SYNTAX INTEGER { enabled(1), disabled(2) }
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enables or disables Layer2 DHCP Snooping globally in the system.
|
|
When set to 'enabled', the DHCP Snooping Module will start the
|
|
protocol operation. Layer2 DHCP Snooping should be enabled on
|
|
per VLAN basis also. When set to 'disabled', the DHCP Snooping
|
|
Module will stop the protocol operation."
|
|
DEFVAL { disabled }
|
|
::= { fsDhcpSnpScalars 1 }
|
|
|
|
fsDhcpSnpMacVerifyStatus OBJECT-TYPE
|
|
SYNTAX INTEGER { enabled(1), disabled(2) }
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enables or disables the MAC address verification. If this option
|
|
is enabled, the Layer2 DHCPv4/v6 snooping module will verify the
|
|
source MAC Address against the client hardware address in the
|
|
DHCP packets received."
|
|
DEFVAL { enabled }
|
|
::= { fsDhcpSnpScalars 2 }
|
|
|
|
fsDhcpSnpV6AdminStatus OBJECT-TYPE
|
|
SYNTAX INTEGER { enabled(1), disabled(2) }
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enables or disables Layer2 DHCPv6 Snooping globally in the system.
|
|
When set to 'enabled', the DHCPv6 Snooping Module will start the
|
|
protocol operation. Layer2 DHCPv6 Snooping should be enabled on
|
|
per VLAN basis also. When set to 'disabled', the DHCP Snooping
|
|
Module will stop the protocol operation."
|
|
DEFVAL { 2 }
|
|
::= { fsDhcpSnpScalars 3 }
|
|
|
|
fsDhcpSnpTraceValue OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The mask which is used to enable selective debug levels in
|
|
DHCPv4/v6 Snooping module.Each allowed BIT in the integer, represents
|
|
a particular level of Trace.The mapping between the bit
|
|
positions & the level of trace is as follows:
|
|
1 - Entry Trace
|
|
2 - Exit Trace
|
|
3 - Debug Trace
|
|
4 - Failure Trace
|
|
6 - Packet Trace
|
|
7 - Critical Trace.
|
|
all - All trace is a combination of all traces."
|
|
|
|
DEFVAL { 7 }
|
|
|
|
::= { fsDhcpSnpScalars 4 }
|
|
|
|
fsDhcpSnpV6EnterpriseId OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to set the Enterprise Id parameter. When
|
|
the operator configures the enterprise-number, it will be used
|
|
in the enterprise-id field in DHCPV6 remote-id option (37)
|
|
By Default, enterprise number MUST be set to the Broadband Forum
|
|
enterprise code, i.e. 3561 in decimal "
|
|
|
|
DEFVAL { 3561 }
|
|
|
|
::= { fsDhcpSnpScalars 5 }
|
|
|
|
|
|
-- ***************************************************************************
|
|
-- GROUPS
|
|
-- ***************************************************************************
|
|
|
|
-- **************************** VLAN Entry ******************************
|
|
|
|
fsDhcpSnpInterfaceTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF FsDhcpSnpInterfaceEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table contains the configuration & statistics collection
|
|
parameters of DHCP snooping on a specific VLAN. "
|
|
::= { fsDhcpSnpInterface 1 }
|
|
|
|
fsDhcpSnpInterfaceEntry OBJECT-TYPE
|
|
SYNTAX FsDhcpSnpInterfaceEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each row instance gives the DHCP snooping status on VLAN and the
|
|
statistics collected in that VLAN for the DHCP snooping module"
|
|
INDEX { fsDhcpSnpVlanId }
|
|
::= { fsDhcpSnpInterfaceTable 1 }
|
|
|
|
FsDhcpSnpInterfaceEntry ::= SEQUENCE {
|
|
fsDhcpSnpVlanId Integer32,
|
|
fsDhcpSnpVlanSnpStatus INTEGER,
|
|
fsDhcpSnpRxDiscovers Counter32,
|
|
fsDhcpSnpRxRequests Counter32,
|
|
fsDhcpSnpRxReleases Counter32,
|
|
fsDhcpSnpRxDeclines Counter32,
|
|
fsDhcpSnpRxInforms Counter32,
|
|
fsDhcpSnpTxOffers Counter32,
|
|
fsDhcpSnpTxAcks Counter32,
|
|
fsDhcpSnpTxNaks Counter32,
|
|
fsDhcpSnpNoOfDiscards Counter32,
|
|
fsDhcpSnpMacDiscards Counter32,
|
|
fsDhcpSnpServerDiscards Counter32,
|
|
fsDhcpSnpOptionDiscards Counter32,
|
|
fsDhcpSnpInterfaceStatus RowStatus,
|
|
fsDhcpSnpV6VlanSnpStatus INTEGER,
|
|
fsDhcpSnpV6RxClientPkts Counter32,
|
|
fsDhcpSnpV6TxClientPkts Counter32,
|
|
fsDhcpSnpV6TxRelayForwards Counter32,
|
|
fsDhcpSnpV6RxRelayReplys Counter32,
|
|
fsDhcpSnpV6PktDrops Counter32,
|
|
fsDhcpSnpV6ClearStatistics INTEGER
|
|
|
|
}
|
|
|
|
fsDhcpSnpVlanId OBJECT-TYPE
|
|
SYNTAX Integer32 (1..4094)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Vlan ID of the VLAN to which this table-entry is associated."
|
|
::= { fsDhcpSnpInterfaceEntry 1 }
|
|
|
|
fsDhcpSnpVlanSnpStatus OBJECT-TYPE
|
|
SYNTAX INTEGER { enabled (1), disabled (2) }
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"setting this object Enables or disables Layer2 DHCP Snooping
|
|
in the given VLAN."
|
|
DEFVAL { disabled }
|
|
::= { fsDhcpSnpInterfaceEntry 2 }
|
|
|
|
fsDhcpSnpRxDiscovers OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of DHCP DISCOVERs received
|
|
from the hosts connected to this VLAN."
|
|
::= { fsDhcpSnpInterfaceEntry 3 }
|
|
|
|
fsDhcpSnpRxRequests OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of DHCP REQUESTs received from
|
|
the hosts connected to this VLAN."
|
|
::= { fsDhcpSnpInterfaceEntry 4 }
|
|
|
|
fsDhcpSnpRxReleases OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of DHCP RELEASEs received from
|
|
the hosts connected to this VLAN."
|
|
::= { fsDhcpSnpInterfaceEntry 5 }
|
|
|
|
fsDhcpSnpRxDeclines OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of DHCP DECLINEs received from
|
|
the hosts connected to this VLAN."
|
|
::= { fsDhcpSnpInterfaceEntry 6 }
|
|
|
|
fsDhcpSnpRxInforms OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of DHCP INFORMs received from
|
|
the hosts connected to this VLAN."
|
|
::= { fsDhcpSnpInterfaceEntry 7 }
|
|
|
|
fsDhcpSnpTxOffers OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of DHCP OFFERs sent out on this
|
|
VLAN to hosts."
|
|
::= { fsDhcpSnpInterfaceEntry 8 }
|
|
|
|
fsDhcpSnpTxAcks OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of DHCP ACKs sent out on this
|
|
VLAN to hosts."
|
|
::= { fsDhcpSnpInterfaceEntry 9 }
|
|
|
|
fsDhcpSnpTxNaks OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of DHCP NAKs sent out on this
|
|
VLAN to hosts."
|
|
::= { fsDhcpSnpInterfaceEntry 10 }
|
|
|
|
fsDhcpSnpNoOfDiscards OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of DHCP packets from hosts dropped
|
|
on this VLAN."
|
|
::= { fsDhcpSnpInterfaceEntry 11 }
|
|
|
|
fsDhcpSnpMacDiscards OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of DHCP packets from hosts dropped
|
|
due to failure in MAC Address verification."
|
|
::= { fsDhcpSnpInterfaceEntry 12 }
|
|
|
|
fsDhcpSnpServerDiscards OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of DHCP packets from hosts dropped
|
|
because they are supposed to be the messages from a server.
|
|
The DHCP packets so dropped will include DHCP ACK, DHCP NAK and
|
|
DHCP OFFERs received from untrusted host ports."
|
|
::= { fsDhcpSnpInterfaceEntry 13 }
|
|
|
|
fsDhcpSnpOptionDiscards OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of DHCP packets from hosts dropped
|
|
because either option-82 is present in them or giaddr field is
|
|
set."
|
|
::= { fsDhcpSnpInterfaceEntry 14 }
|
|
|
|
fsDhcpSnpInterfaceStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Row-Status of the interface entry."
|
|
::= { fsDhcpSnpInterfaceEntry 15 }
|
|
|
|
fsDhcpSnpV6VlanSnpStatus OBJECT-TYPE
|
|
SYNTAX INTEGER { enabled (1), disabled (2) }
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to enabled, Layer2 DHCPv6 Snooping will be enabled on this VLAN.
|
|
When set to disabled, Layer2 DHCPv6 Snooping will be disabled on this VLAN.."
|
|
DEFVAL { 2 }
|
|
::= { fsDhcpSnpInterfaceEntry 16 }
|
|
|
|
fsDhcpSnpV6RxClientPkts OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of DHCPv6 Client packets received
|
|
on this VLAN."
|
|
::= { fsDhcpSnpInterfaceEntry 17 }
|
|
|
|
fsDhcpSnpV6TxClientPkts OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of DHCPv6 packets sent out on this VLAN
|
|
to the client."
|
|
::= { fsDhcpSnpInterfaceEntry 18 }
|
|
|
|
fsDhcpSnpV6TxRelayForwards OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of DHCPv6 RELAY-FORWARDs sent out on this VLAN
|
|
to the server."
|
|
::= { fsDhcpSnpInterfaceEntry 19 }
|
|
|
|
fsDhcpSnpV6RxRelayReplys OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of DHCPv6 RELAY-REPLY messages received on this VLAN
|
|
from the server."
|
|
::= { fsDhcpSnpInterfaceEntry 20 }
|
|
|
|
fsDhcpSnpV6PktDrops OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of DHCPv6 packets discarded
|
|
on this vlan."
|
|
::= { fsDhcpSnpInterfaceEntry 21 }
|
|
|
|
fsDhcpSnpV6ClearStatistics OBJECT-TYPE
|
|
SYNTAX INTEGER { enabled (1), disabled (2) }
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to enabled, resets all statistics counter values to zero
|
|
on particular VLAN. After resetting the statistics counter values,
|
|
the value of this object automatically switches back to 'disabled'.
|
|
When set to disabled, this object has no effect. "
|
|
|
|
DEFVAL { 2 }
|
|
::= { fsDhcpSnpInterfaceEntry 22 }
|
|
|
|
END
|