-- ***************************************************************** -- CISCO-SNMP-TARGET-EXT-MIB.my -- -- Cisco Extension to SNMP-TARGET-MIB (RFC 3413) -- -- April 2004, Radhika Dharwadkar, Sanjeev C Joshi -- -- Copyright (c) 2004, 2007, 2008 by cisco Systems Inc. -- All rights reserved. -- -- **************************************************************** CISCO-SNMP-TARGET-EXT-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF InterfaceIndexOrZero FROM IF-MIB InetAddressType, InetAddress FROM INET-ADDRESS-MIB RowStatus, StorageType, TruthValue FROM SNMPv2-TC SnmpAdminString FROM SNMP-FRAMEWORK-MIB snmpTargetAddrEntry, snmpTargetAddrName FROM SNMP-TARGET-MIB ciscoMgmt FROM CISCO-SMI; ciscoSnmpTargetExtMIB MODULE-IDENTITY LAST-UPDATED "200811070000Z" ORGANIZATION "Cisco Systems, Inc." CONTACT-INFO "Cisco Systems Customer Service Postal: 170 W. Tasman Drive San Jose, CA 95134 USA Tel: +1 800 553-NETS E-mail: cs-snmp@cisco.com" DESCRIPTION "This MIB is an extension of the SNMP-TARGET-MIB specified in RFC3413. This MIB module contains Cisco-defined extension to the snmpTargetAddrTable to represent information required for IPv6 Address. When Target has Link local or Multicast IPv6 address, the information of the interface on which the notification has to be sent is required. This additional information is provided by this extension MIB. This module also contains definition for set of new variable to hold the address of the host that had sent an unauthentic SNMP message to agent. Glossary of the terms used in this MIB: -------------------------------------- VRF - Virtual Routing and Forwarding. An IP technology that allows multiple instances of routing table to exist in a system and work simultaneously. A VRF consists of an IP routing table, a forwarding table, a set of interfaces that use the forwarding table, and a set of rules and routing protocol parameters that control the information that is included into the routing table." REVISION "200811070000Z" DESCRIPTION "-Added 'cExtSnmpNotifGblTrapSrcIfIndex' and 'cExtSnmpNotifGblInformSrcIfIndex' for supporting source interface configuration for the SNMP notifications. -Added OBJECT-GROUP 'ciscoSnmpTargetNotifSrcIntGroup' and MODULE-COMPLIANCE 'ciscoSnmpTargetExtMIBComplianceRev2'." REVISION "200708200000Z" DESCRIPTION "Added the following to support management of VRF based reachability and filtering for SNMP targets: - cExtSnmpTargetVrfTable for VRF related configuration of SNMP targets." REVISION "200404010000Z" DESCRIPTION "Initial version of this MIB module." ::= { ciscoMgmt 412 } ciscoSnmpTargetExtMIBObjects OBJECT IDENTIFIER ::= { ciscoSnmpTargetExtMIB 1 } -- Scalar variables cExtSnmpTargetAuthAddr OBJECT IDENTIFIER ::= { ciscoSnmpTargetExtMIBObjects 1 } cExtSnmpTargetAuthInetType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "This contains the type of address cExtSnmpTargetAuthInetAddr holds when a host sends an unauthentic SNMP message." ::= { cExtSnmpTargetAuthAddr 1 } cExtSnmpTargetAuthInetAddr OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "This contains the address of the host from which snmp-agent has received a SNMP message that is not authentic." ::= { cExtSnmpTargetAuthAddr 2 } -- cExtSnmpTargetAddrTable cExtSnmpTargetAddrTable OBJECT-TYPE SYNTAX SEQUENCE OF CExtSnmpTargetAddrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The cExtSnmpTargetAddrTable extends the SNMP-TARGET-MIB's snmpTargetAddrTable for providing info on the type of interface for Link Local or Multicast IPv6 Target Address." REFERENCE "RFC2737: Section 4.1" ::= { ciscoSnmpTargetExtMIBObjects 2 } cExtSnmpTargetAddrEntry OBJECT-TYPE SYNTAX CExtSnmpTargetAddrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A cExtSnmpTargetAddrTable entry extends snmpTargetAddrTable to provide a new variable to hold the value of interface type. A target which has a link local or a multicast address the variable of this table is valid. Entries are removed when the corresponding entry in the snmpTargetAddrTable is removed." AUGMENTS { snmpTargetAddrEntry } ::= { cExtSnmpTargetAddrTable 1 } CExtSnmpTargetAddrEntry ::= SEQUENCE { cExtSnmpTargetAddrIntIfIndex InterfaceIndexOrZero } cExtSnmpTargetAddrIntIfIndex OBJECT-TYPE SYNTAX InterfaceIndexOrZero MAX-ACCESS read-write STATUS current DESCRIPTION "Holds valid ifIndex value of the interface through which the notifications for the target with Multicast/Link local address specified in the snmpTargetAddrTAddress, is sent. If snmpTargetAddrTAddress doesn't hold a Linklocal or a Multicast target address then the value of this object will be zero. For the entries with snmpTargetAddrTAddress having Link Local or Multicast address the snmpTargetAddrStatus cannot be set to valid unless the value for this object holds a valid ifIndex value." ::= { cExtSnmpTargetAddrEntry 1 } -- VRF related configuration for SNMP targets cExtSnmpTargetVrfTable OBJECT-TYPE SYNTAX SEQUENCE OF CExtSnmpTargetVrfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The cExtSnmpTargetVrfTable extends the snmpTargetAddrTable of the SNMP-TARGET-MIB for providing: - VRF reachability criterion for the SNMP target - VRF filtering criterion for the SNMP target This table is indexed by the target entity snmpTargetAddrName and the associated VRF name cExtSnmpTargetVrfName. Each entry of this table forms a tuple of target and VRF name for which all the VRF related configuration parameters can be specified by corresponding instances of the columnar objects. The reachability of the SNMP target is qualified by the routing context by way of associating VRF Name(s) with it. Restricting only those SNMP notifications that are generated within the context of a VRF to a specific SNMP target is VRF based filtering of notifications. A row in this table cannot be created prior to the creation of row it extends." REFERENCE "D. Levi, P. Meyer and B. Stewart, Section 4.1 'The Management Target MIB Module', RFC-3413, December 2002." ::= { ciscoSnmpTargetExtMIBObjects 3 } cExtSnmpTargetVrfEntry OBJECT-TYPE SYNTAX CExtSnmpTargetVrfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (conceptual row) in the cExtSnmpTargetVrfTable. When an entry in the snmpTargetAddrTable is deleted the corresponding entries in this table are also deleted. A row needs to exist in the cExtSnmpTargetVrfTable for each VRF for which SNMP notifications are to be sent to a particular target address, so that when the same target address is the destination for multiple VRFs, then multiple rows in this table will reference the same target address. However, only one of such multiple rows can be used for routing the SNMP notifications to that target address, i.e., only one of them can have an instance of cExtSnmpTargetVrfRoute with the value 'true'. Thus, any management operation which sets an instance of cExtSnmpTargetVrfRoute to 'true' must also have the effect of setting any other instance of cExtSnmpTargetVrfRoute for the same target address to 'false'." INDEX { snmpTargetAddrName, cExtSnmpTargetVrfName } ::= { cExtSnmpTargetVrfTable 1 } CExtSnmpTargetVrfEntry ::= SEQUENCE { cExtSnmpTargetVrfName SnmpAdminString, cExtSnmpTargetVrfRoute TruthValue, cExtSnmpTargetVrfFilter TruthValue, cExtSnmpTargetVrfStorage StorageType, cExtSnmpTargetVrfStatus RowStatus } cExtSnmpTargetVrfName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..32)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object identifies a human readable string representing the name of the VRF." ::= { cExtSnmpTargetVrfEntry 1 } cExtSnmpTargetVrfRoute OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies whether this VRF (identified by the corresponding instance identifier of cExtSnmpTargetVrfName) should be used for routing the SNMP notifications sent to this target address specified in the value of the corresponding instance of snmpTargetAddrTAddress. The value 'true' indicates that this VRF should be used. The value 'false' indicates that this VRF should not be used." DEFVAL { false } ::= { cExtSnmpTargetVrfEntry 2 } cExtSnmpTargetVrfFilter OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies whether SNMP notifications generated in this VRF (identified by the corresponding instance identifier of cExtSnmpTargetVrfName) context should be sent to this target address specified in the value of the corresponding instance of snmpTargetAddrTAddress. By default, the notifications generated in any of the VRFs are allowed to be sent to the configured targets. Setting the value of this object to 'true' defines 'inclusive' filtering policy to allow notifications of a specific VRF while excluding notifications of all other VRFs. The value 'true' indicates that the notifications of this VRF should be sent. The value 'false' indicates that the notifications of this VRF should not be sent." DEFVAL { true } ::= { cExtSnmpTargetVrfEntry 3 } cExtSnmpTargetVrfStorage OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "The storage type for this conceptual row. When the value of an instance of this object is 'permanent', the value of the corresponding instance of all the other objects of this table except cExtSnmpTargetVrfStatus are read-writable. The 'permanent' rows can not be deleted by setting value of the corresponding instance of cExtSnmpTargetVrfStatus to 'destroy'." DEFVAL { nonVolatile } ::= { cExtSnmpTargetVrfEntry 4 } cExtSnmpTargetVrfStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The status of this conceptual row. There are no specific restrictions for setting the value of this object to 'active'. Once the value of this object is set to 'active', the value of the corresponding instance of all other objects of this table can still be modified." ::= { cExtSnmpTargetVrfEntry 5 } cExtSnmpNotifGblTrapSrcIfIndex OBJECT-TYPE SYNTAX InterfaceIndexOrZero MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the ifIdex value of the source interface to be used for sending TRAP notifications. The value of this object should be a valid 'ifIndex' value. This is a global configuration applied for all TRAP notifications sent by this agent to all the targets. If the source interface is configured for a specific target using the value of corresponding instance of 'cExtSnmpTargetAddrIntIfIndex', then that value takes precedence and will be used for sending the notification. The value of this object being 'zero' implies that there is no source interface configuration for the TRAP notifications at a global level." ::= { ciscoSnmpTargetExtMIBObjects 4} cExtSnmpNotifGblInformSrcIfIndex OBJECT-TYPE SYNTAX InterfaceIndexOrZero MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the ifIdex value of the source interface to be used for sending INFORM notifications. The value of this object should be a valid 'ifIndex' value. This is a global configuration applied for all INFORM notifications sent by this agent to all the targets. If the source interface is configured for a specific target using the value of corresponding instance of 'cExtSnmpTargetAddrIntIfIndex', then that value takes precedence and will be used for sending the notification. The value of this object being 'zero' implies that there is no source interface configuration for the INFORM notifications at a global level." ::= { ciscoSnmpTargetExtMIBObjects 5} -- Conformance information ciscoSnmpTargetExtMIBConformance OBJECT IDENTIFIER ::= { ciscoSnmpTargetExtMIB 2 } ciscoSnmpTargetExtMIBCompliances OBJECT IDENTIFIER ::= { ciscoSnmpTargetExtMIBConformance 1 } ciscoSnmpTargetExtMIBGroups OBJECT IDENTIFIER ::= { ciscoSnmpTargetExtMIBConformance 2 } -- compliance statements ciscoSnmpTargetExtMIBCompliance MODULE-COMPLIANCE STATUS deprecated DESCRIPTION "Compliance for IPv6 address supported by snmpTargetAddrTAddress for Link-Local or Multicast and for holding the recent host address that sent an unauthentic SNMP message in cExtSnmpTargetAuthInetAddr and cExtSnmpTargetAuthInetType." MODULE -- this module MANDATORY-GROUPS { ciscoSnmpTargetExtMIBGroup } GROUP ciscoSnmpTargetAuthFailureGroup DESCRIPTION "The ciscoSnmpTargetAuthFailureGroup is an optional group containing objects that provide information about the host that has sent a packet which is not authentic." ::= { ciscoSnmpTargetExtMIBCompliances 1 } ciscoSnmpTargetExtMIBComplianceRev1 MODULE-COMPLIANCE STATUS deprecated -- superseded by -- ciscoSnmpTargetExtMIBComplianceRev2 DESCRIPTION "The compliance statement for entities which implement the CISCO-SNMP-TARGET-EXT-MIB." MODULE -- this module MANDATORY-GROUPS { ciscoSnmpTargetExtMIBGroup } GROUP ciscoSnmpTargetAuthFailureGroup DESCRIPTION "The ciscoSnmpTargetAuthFailureGroup is an optional group containing objects that provide information about the host that has sent a packet which is not authentic." GROUP ciscoSnmpTargetExtVrfMIBGroup DESCRIPTION "This group is conditionally mandatory and must be implemented by the agent of the managed entity only if the implementation supports VRF based reachability and filtering for SNMP targets." OBJECT cExtSnmpTargetVrfStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "Only 'createAndGo', 'destroy' and 'active' need to be supported." ::= { ciscoSnmpTargetExtMIBCompliances 2 } ciscoSnmpTargetExtMIBComplianceRev2 MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities which implement the CISCO-SNMP-TARGET-EXT-MIB." MODULE -- this module MANDATORY-GROUPS { ciscoSnmpTargetExtMIBGroup } GROUP ciscoSnmpTargetAuthFailureGroup DESCRIPTION "The ciscoSnmpTargetAuthFailureGroup is an optional group containing objects that provide information about the host that has sent a packet which is not authentic." GROUP ciscoSnmpTargetExtVrfMIBGroup DESCRIPTION "This group is conditionally mandatory and must be implemented by the agent of the managed entity only if the implementation supports VRF based reachability and filtering for SNMP targets." OBJECT cExtSnmpTargetVrfStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "Only 'createAndGo', 'destroy' and 'active' need to be supported." GROUP ciscoSnmpTargetNotifSrcIntGroup DESCRIPTION "This group is conditionally mandatory and must be implemented by the agent of the managed entity only if the implementation supports source interface configuration globally for all the notifications." ::= { ciscoSnmpTargetExtMIBCompliances 3 } -- units of conformance ciscoSnmpTargetAuthFailureGroup OBJECT-GROUP OBJECTS { cExtSnmpTargetAuthInetType, cExtSnmpTargetAuthInetAddr } STATUS current DESCRIPTION "The collection of objects which gives information about the recent host that has sent a SNMP message to the agent that is not authentic." ::= { ciscoSnmpTargetExtMIBGroups 1 } ciscoSnmpTargetExtMIBGroup OBJECT-GROUP OBJECTS { cExtSnmpTargetAddrIntIfIndex } STATUS current DESCRIPTION "The collection of objects which give information about the interface through which the notifications are sent out for IPv6 Link-local and Multicast Target address." ::= { ciscoSnmpTargetExtMIBGroups 2 } ciscoSnmpTargetExtVrfMIBGroup OBJECT-GROUP OBJECTS { cExtSnmpTargetVrfRoute, cExtSnmpTargetVrfFilter, cExtSnmpTargetVrfStorage, cExtSnmpTargetVrfStatus } STATUS current DESCRIPTION "The collection of objects for supporting VRF based configuration for the SNMP targets." ::= { ciscoSnmpTargetExtMIBGroups 3 } ciscoSnmpTargetNotifSrcIntGroup OBJECT-GROUP OBJECTS { cExtSnmpNotifGblTrapSrcIfIndex, cExtSnmpNotifGblInformSrcIfIndex } STATUS current DESCRIPTION "The collection of objects which give information about the interface through which SNMP TRAP and INFORM notifications are sent for all target addresses globally." ::= { ciscoSnmpTargetExtMIBGroups 4} END