537 lines
19 KiB
Plaintext
537 lines
19 KiB
Plaintext
-- Copyright (C) 2008-2014 Super Micro Computer Inc. All Rights Reserved
|
|
|
|
-- $Id: fsipdb.mib,v 1.5 2012/09/07 09:52:05 siva Exp $
|
|
|
|
-- IP-BINDING-DATABASE Proprietary MIB Definition
|
|
|
|
-- This MIB contains scalars and tables used to configure/storing
|
|
-- (HOST, IP) binding informations.
|
|
|
|
SUPERMICRO-IPDB-MIB DEFINITIONS ::= BEGIN
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE,
|
|
enterprises, IpAddress, Counter32,
|
|
Integer32, Unsigned32 FROM SNMPv2-SMI
|
|
RowStatus, MacAddress FROM SNMPv2-TC
|
|
InterfaceIndex FROM IF-MIB;
|
|
|
|
|
|
fsipdb MODULE-IDENTITY
|
|
LAST-UPDATED "201209050000Z"
|
|
ORGANIZATION "Super Micro Computer Inc."
|
|
CONTACT-INFO "support@Supermicro.com"
|
|
|
|
DESCRIPTION
|
|
" The proprietary MIB module for IPDB module. Used to maintain
|
|
the hosts IP, MAC & VLAN in a database which will be used to
|
|
allow/drop the incoming IP traffic on a specific interface. "
|
|
REVISION "201209050000Z"
|
|
DESCRIPTION
|
|
" Inclusion of debug option for IPDB module. "
|
|
REVISION "201005240000Z"
|
|
DESCRIPTION
|
|
" Addition of 'fsIpDbSrcGuardConfigTable', which is used to
|
|
configure IP source guard status per Layer 2 interfaces basis.
|
|
IP source guard is used to restrict the IP traffic on Layer 2
|
|
interfaces by filtering traffic based on the IP binding
|
|
database."
|
|
REVISION "201005170000Z"
|
|
DESCRIPTION
|
|
"Grammatical and Spelling mistakes are removed. "
|
|
::= { enterprises supermicro-computer-inc(10876) super-switch(101)
|
|
basic(2) 2}
|
|
|
|
-- ***************************************************************************
|
|
-- Groups in the MIB
|
|
-- ***************************************************************************
|
|
fsIpDbScalars OBJECT IDENTIFIER ::= { fsipdb 1 }
|
|
fsIpDbStatic OBJECT IDENTIFIER ::= { fsipdb 2 }
|
|
fsIpDbBindings OBJECT IDENTIFIER ::= { fsipdb 3 }
|
|
fsIpDbInterface OBJECT IDENTIFIER ::= { fsipdb 4 }
|
|
fsIpDbSrcGuard OBJECT IDENTIFIER ::= { fsipdb 5 }
|
|
|
|
-- ***************************************************************************
|
|
-- SCALARS
|
|
-- ***************************************************************************
|
|
|
|
fsIpDbNoOfBindings OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of (host, IP) bindings, across
|
|
all VLAN's, at a given time. This is nothing but the total
|
|
number of entries in the IP binding database"
|
|
::= { fsIpDbScalars 1 }
|
|
|
|
fsIpDbNoOfStaticBindings OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of static (host, IP) bindings,
|
|
across all VLANS, at the given time."
|
|
::= { fsIpDbScalars 2 }
|
|
|
|
fsIpDbNoOfDHCPBindings OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of (host, IP) bindings configured
|
|
through DHCP, across all VLANS, at the given time."
|
|
::= { fsIpDbScalars 3 }
|
|
|
|
fsIpDbNoOfPPPBindings OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the total number of (host, IP) bindings configured
|
|
through PPP, across all VLANS, at the given time."
|
|
::= { fsIpDbScalars 4 }
|
|
|
|
fsIpDbTraceLevel OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to enable trace statements in IP binding
|
|
database module.
|
|
|
|
A four byte integer is used for enabling the trace level.
|
|
Each bit in the four byte integer represents a particular
|
|
trace level.
|
|
|
|
The mapping between the bit positions & the trace level is
|
|
as follows:
|
|
BIT 1 - Function entry traces
|
|
BIT 2 - Function Exit traces
|
|
BIT 3 - Debug traces
|
|
BIT 4 - Failure traces
|
|
BIT 5 - Function arguments trace
|
|
|
|
The remaining bits are unused. Combination of levels are
|
|
also allowed.
|
|
|
|
For example if the bits 1 and 2 are set, then the trace
|
|
statement related to function entry and exit will be printed.
|
|
|
|
The user has to enter the corresponding integer value for the
|
|
bits set. For example if bits 1 and 2 are to be set ,then user
|
|
has to give the value 6."
|
|
::= { fsIpDbScalars 5 }
|
|
|
|
|
|
-- ***************************************************************************
|
|
-- GROUPS
|
|
-- ***************************************************************************
|
|
|
|
-- ********************** (HOST, IP) Static Bindings *************************
|
|
|
|
fsIpDbStaticBindingTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF FsIpDbStaticBindingEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table contains the static Host IP configuration
|
|
information."
|
|
::= { fsIpDbStatic 1}
|
|
|
|
fsIpDbStaticBindingEntry OBJECT-TYPE
|
|
SYNTAX FsIpDbStaticBindingEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A single entry contains the binding information of a single
|
|
host connected to the system."
|
|
INDEX {
|
|
fsIpDbStaticHostVlanId,
|
|
fsIpDbStaticHostMac
|
|
}
|
|
::= { fsIpDbStaticBindingTable 1 }
|
|
|
|
FsIpDbStaticBindingEntry ::= SEQUENCE {
|
|
fsIpDbStaticHostVlanId Integer32,
|
|
fsIpDbStaticHostMac MacAddress,
|
|
fsIpDbStaticHostIp IpAddress,
|
|
fsIpDbStaticInIfIndex Integer32,
|
|
fsIpDbStaticGateway IpAddress,
|
|
fsIpDbStaticBindingStatus RowStatus
|
|
}
|
|
|
|
fsIpDbStaticHostVlanId OBJECT-TYPE
|
|
SYNTAX Integer32 (1..4094)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The VLAN ID to which the host belongs. This is an index of
|
|
the table."
|
|
::= { fsIpDbStaticBindingEntry 1 }
|
|
|
|
fsIpDbStaticHostMac OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"MAC address of the Host. This is an index of the table."
|
|
::= { fsIpDbStaticBindingEntry 2 }
|
|
|
|
fsIpDbStaticHostIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP address of the Host."
|
|
::= { fsIpDbStaticBindingEntry 3 }
|
|
|
|
fsIpDbStaticInIfIndex OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the interface to which the host is connected."
|
|
::= { fsIpDbStaticBindingEntry 4 }
|
|
|
|
fsIpDbStaticGateway OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the gateway to which the Host have access to."
|
|
::= { fsIpDbStaticBindingEntry 5 }
|
|
|
|
fsIpDbStaticBindingStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The rowstatus of the binding table entry. All the objects in the
|
|
table must be filled before making the rowstatus as active."
|
|
::= { fsIpDbStaticBindingEntry 6 }
|
|
|
|
-- ********************** (HOST, IP) Binding Database ************************
|
|
|
|
fsIpDbBindingTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF FsIpDbBindingEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table contains the information about all the hosts connected
|
|
to the system, their MAC Address, VLAN, IP etc."
|
|
::= { fsIpDbBindings 1}
|
|
|
|
fsIpDbBindingEntry OBJECT-TYPE
|
|
SYNTAX FsIpDbBindingEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A single entry contains the binding information of a single
|
|
host connected to the system."
|
|
INDEX {
|
|
fsIpDbHostVlanId,
|
|
fsIpDbHostMac
|
|
}
|
|
::= { fsIpDbBindingTable 1 }
|
|
|
|
FsIpDbBindingEntry ::= SEQUENCE {
|
|
fsIpDbHostVlanId Integer32,
|
|
fsIpDbHostMac MacAddress,
|
|
fsIpDbHostBindingType INTEGER,
|
|
fsIpDbHostIp IpAddress,
|
|
fsIpDbHostInIfIndex Integer32,
|
|
fsIpDbHostRemLeaseTime Integer32,
|
|
fsIpDbHostBindingID Unsigned32
|
|
}
|
|
|
|
fsIpDbHostVlanId OBJECT-TYPE
|
|
SYNTAX Integer32 (1..4094)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The VLAN ID to which the host belongs. This is an index of
|
|
the table."
|
|
::= { fsIpDbBindingEntry 1 }
|
|
|
|
fsIpDbHostMac OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"MAC address of the Host. This is an index of the table."
|
|
::= { fsIpDbBindingEntry 2 }
|
|
|
|
fsIpDbHostBindingType OBJECT-TYPE
|
|
SYNTAX INTEGER { static (1), dhcp (2), ppp (3) }
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies whether the entry was configured through static
|
|
or dynamically learnt through DHCP or PPP."
|
|
::= { fsIpDbBindingEntry 3 }
|
|
|
|
fsIpDbHostIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IP address of the Host."
|
|
::= { fsIpDbBindingEntry 4 }
|
|
|
|
fsIpDbHostInIfIndex OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Indicates the interface to which the host is connected."
|
|
::= { fsIpDbBindingEntry 5 }
|
|
|
|
fsIpDbHostRemLeaseTime OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Remaining lease time in seconds for the (host, IP) binding.
|
|
Applicable only if the fsIpDbBindingType is DHCP."
|
|
::= { fsIpDbBindingEntry 6 }
|
|
|
|
fsIpDbHostBindingID OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An integer value that identifies the binding type. For Static
|
|
Bindings, this value is 0. For DHCP Bindings, this is the
|
|
transaction ID. For PPP Bindings, this is the session ID
|
|
of PPPoE session."
|
|
::= { fsIpDbBindingEntry 7 }
|
|
|
|
|
|
|
|
-- Below is the Gateway Table corresponding to each binding entry.
|
|
-- Each binding entry will contain a table of Gateway IPs,
|
|
-- which will contain atleast one (default gateway) gateway IP entry.
|
|
|
|
fsIpDbGatewayIpTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF FsIpDbGatewayIpEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table is a part of FsDhcpSnpBindingEntry. The table
|
|
contains IP address of Gateways allowed for the host.
|
|
The host will be allowed to contact only these Gateways."
|
|
::= { fsIpDbBindings 2 }
|
|
|
|
fsIpDbGatewayIpEntry OBJECT-TYPE
|
|
SYNTAX FsIpDbGatewayIpEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry contains an IP address of Gateway allowed for
|
|
the host."
|
|
INDEX {
|
|
fsIpDbHostMac,
|
|
fsIpDbHostVlanId,
|
|
fsIpDbGatewayNetwork,
|
|
fsIpDbGatewayNetMask,
|
|
fsIpDbGatewayIp
|
|
}
|
|
::= { fsIpDbGatewayIpTable 1 }
|
|
|
|
FsIpDbGatewayIpEntry ::= SEQUENCE {
|
|
fsIpDbGatewayNetwork IpAddress,
|
|
fsIpDbGatewayNetMask IpAddress,
|
|
fsIpDbGatewayIp IpAddress,
|
|
fsIpDbGatewayIpMode INTEGER
|
|
}
|
|
|
|
fsIpDbGatewayNetwork OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The network IP address of the gateway."
|
|
::= { fsIpDbGatewayIpEntry 1 }
|
|
|
|
fsIpDbGatewayNetMask OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The mask for the network to which the gateway is given."
|
|
::= { fsIpDbGatewayIpEntry 2 }
|
|
|
|
fsIpDbGatewayIp OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Gateway IP for the given network."
|
|
::= { fsIpDbGatewayIpEntry 3 }
|
|
|
|
fsIpDbGatewayIpMode OBJECT-TYPE
|
|
SYNTAX INTEGER { active (0) }
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Gateway IP verification mode while ARP
|
|
packet processing. "
|
|
::= { fsIpDbGatewayIpEntry 4 }
|
|
|
|
-- **************************** Interface Entry ******************************
|
|
|
|
fsIpDbInterfaceTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF FsIpDbInterfaceEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table contains the interface (layer 2 VLAN) specific
|
|
informations."
|
|
::= { fsIpDbInterface 1 }
|
|
|
|
fsIpDbInterfaceEntry OBJECT-TYPE
|
|
SYNTAX FsIpDbInterfaceEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Each entry will contain statistics associated with the interface."
|
|
INDEX { fsIpDbIntfVlanId }
|
|
::= { fsIpDbInterfaceTable 1 }
|
|
|
|
FsIpDbInterfaceEntry ::= SEQUENCE {
|
|
fsIpDbIntfVlanId Integer32,
|
|
fsIpDbIntfNoOfVlanBindings Counter32,
|
|
fsIpDbIntfNoOfVlanStaticBindings Counter32,
|
|
fsIpDbIntfNoOfVlanDHCPBindings Counter32,
|
|
fsIpDbIntfNoOfVlanPPPBindings Counter32
|
|
}
|
|
|
|
fsIpDbIntfVlanId OBJECT-TYPE
|
|
SYNTAX Integer32 (1..4094)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Vlan ID of the VLAN to which this table-entry is associated."
|
|
::= { fsIpDbInterfaceEntry 1 }
|
|
|
|
fsIpDbIntfNoOfVlanBindings OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This indicates the total number of (host, IP) bindings for
|
|
a given VLAN at a given time."
|
|
::= { fsIpDbInterfaceEntry 2 }
|
|
|
|
fsIpDbIntfNoOfVlanStaticBindings OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This indicates the total number of static (host, IP) bindings
|
|
for a VLAN at a given time. "
|
|
::= { fsIpDbInterfaceEntry 3 }
|
|
|
|
fsIpDbIntfNoOfVlanDHCPBindings OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This indicates the total number of (host, IP) bindings
|
|
configured through DHCP for a VLAN at a given time. "
|
|
::= { fsIpDbInterfaceEntry 4 }
|
|
|
|
fsIpDbIntfNoOfVlanPPPBindings OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This indicates the total number of (host, IP) bindings
|
|
configured through PPP for a VLAN at a given time. "
|
|
::= { fsIpDbInterfaceEntry 5 }
|
|
|
|
-- ======================================================
|
|
-- IP source guard table
|
|
-- ======================================================
|
|
fsIpDbSrcGuardConfigTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF FsIpDbSrcGuardConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
" This table provides the objects to enable or disable
|
|
IP source guard on each non routed Layer 2 interfaces.
|
|
|
|
When DHCP Snooping is enabled at an interface, a list of
|
|
IP addresses is obtained through DHCP snooping for this
|
|
particular interface and these list of IP address are
|
|
maintained in IP binding database along with the MAC,
|
|
VLAN ID and interface index. This database can be populated
|
|
using static configuration also.
|
|
|
|
If IP source guard is enabled, incoming IP traffic on an
|
|
interface are allowed when there is a matching entry in IP
|
|
binding database. Else, all incoming IP traffic on an
|
|
interface are allowed irrespective of the IP binding database."
|
|
::= { fsIpDbSrcGuard 1 }
|
|
|
|
|
|
fsIpDbSrcGuardConfigEntry OBJECT-TYPE
|
|
SYNTAX FsIpDbSrcGuardConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Each row instance contains the configuration to enable
|
|
or disable IP source guard on a physical interface. "
|
|
INDEX { fsIpDbSrcGuardIndex }
|
|
::= { fsIpDbSrcGuardConfigTable 1 }
|
|
|
|
FsIpDbSrcGuardConfigEntry ::= SEQUENCE {
|
|
fsIpDbSrcGuardIndex InterfaceIndex,
|
|
fsIpDbSrcGuardStatus INTEGER
|
|
}
|
|
|
|
fsIpDbSrcGuardIndex OBJECT-TYPE
|
|
SYNTAX InterfaceIndex
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This indicates the interface identifier for which the IP source
|
|
guard configuration is applied."
|
|
::= { fsIpDbSrcGuardConfigEntry 1 }
|
|
|
|
fsIpDbSrcGuardStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disable(1),
|
|
ip (2),
|
|
ipMac (3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" This object indicates the IP source guard status of an
|
|
interface.
|
|
|
|
If this object is set to 'disable', IP source guard feature
|
|
is disabled and all incoming IP traffic on this interface
|
|
will be allowed.
|
|
|
|
If this object is set to 'ip', IP source guard feature is
|
|
enabled on fsIpDbSrcGuardIndex with Source IP address filtering
|
|
mode. The switch allows the IP traffic when the source IP
|
|
matches with an entry in Ip binding database.
|
|
|
|
If this object is set to 'ipMac', IP source guard is enabled on
|
|
the fsIpDbSrcGuardIndex with Source IP and MAC address filtering
|
|
mode. The switch allows the IP traffic when the source IP and MAC
|
|
address matches with an entry in Ip binding database.
|
|
|
|
When there is no IP binding entries and IP source guard is
|
|
enabled, switch drops all types of packets other than DHCP
|
|
packet. "
|
|
|
|
DEFVAL { disable }
|
|
::= { fsIpDbSrcGuardConfigEntry 2 }
|
|
|
|
|
|
END
|