338 lines
13 KiB
Plaintext
338 lines
13 KiB
Plaintext
TUNNEL-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE, transmission,
|
|
Integer32, IpAddress FROM SNMPv2-SMI
|
|
RowStatus FROM SNMPv2-TC
|
|
MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF
|
|
ifIndex, InterfaceIndexOrZero FROM IF-MIB;
|
|
|
|
tunnelMIB MODULE-IDENTITY
|
|
LAST-UPDATED "9908241200Z" -- August 24, 1999
|
|
ORGANIZATION "IETF Interfaces MIB Working Group"
|
|
CONTACT-INFO
|
|
" Dave Thaler
|
|
Microsoft Corporation
|
|
One Microsoft Way
|
|
Redmond, WA 98052-6399
|
|
EMail: dthaler@dthaler.microsoft.com"
|
|
DESCRIPTION
|
|
"The MIB module for management of IP Tunnels, independent of
|
|
the specific encapsulation scheme in use."
|
|
REVISION "9908241200Z" -- August 24, 1999
|
|
DESCRIPTION
|
|
"Initial version, published as RFC 2667."
|
|
::= { transmission 131 }
|
|
|
|
tunnelMIBObjects OBJECT IDENTIFIER ::= { tunnelMIB 1 }
|
|
|
|
tunnel OBJECT IDENTIFIER ::= { tunnelMIBObjects 1 }
|
|
|
|
-- the IP Tunnel MIB-Group
|
|
--
|
|
-- a collection of objects providing information about
|
|
-- IP Tunnels
|
|
|
|
tunnelIfTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TunnelIfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The (conceptual) table containing information on configured
|
|
tunnels."
|
|
::= { tunnel 1 }
|
|
|
|
tunnelIfEntry OBJECT-TYPE
|
|
SYNTAX TunnelIfEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (conceptual row) containing the information on a
|
|
particular configured tunnel."
|
|
INDEX { ifIndex }
|
|
::= { tunnelIfTable 1 }
|
|
|
|
TunnelIfEntry ::= SEQUENCE {
|
|
tunnelIfLocalAddress IpAddress,
|
|
tunnelIfRemoteAddress IpAddress,
|
|
tunnelIfEncapsMethod INTEGER,
|
|
tunnelIfHopLimit Integer32,
|
|
tunnelIfSecurity INTEGER,
|
|
tunnelIfTOS Integer32
|
|
}
|
|
|
|
tunnelIfLocalAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The address of the local endpoint of the tunnel (i.e., the
|
|
source address used in the outer IP header), or 0.0.0.0 if
|
|
unknown."
|
|
::= { tunnelIfEntry 1 }
|
|
|
|
tunnelIfRemoteAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The address of the remote endpoint of the tunnel (i.e., the
|
|
destination address used in the outer IP header), or 0.0.0.0
|
|
if unknown."
|
|
::= { tunnelIfEntry 2 }
|
|
|
|
tunnelIfEncapsMethod OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other(1), -- none of the following
|
|
direct(2), -- no intermediate header
|
|
gre(3), -- GRE encapsulation
|
|
minimal(4), -- Minimal encapsulation
|
|
l2tp(5), -- L2TP encapsulation
|
|
pptp(6), -- PPTP encapsulation
|
|
l2f(7), -- L2F encapsulation
|
|
udp(8), -- UDP encapsulation
|
|
atmp(9) -- ATMP encapsulation
|
|
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The encapsulation method used by the tunnel. The value
|
|
direct indicates that the packet is encapsulated directly
|
|
within a normal IPv4 header, with no intermediate header,
|
|
and unicast to the remote tunnel endpoint (e.g., an RFC 2003
|
|
IP-in-IP tunnel, or an RFC 1933 IPv6-in-IPv4 tunnel). The
|
|
value minimal indicates that a Minimal Forwarding Header
|
|
(RFC 2004) is inserted between the outer header and the
|
|
payload packet. The value UDP indicates that the payload
|
|
packet is encapsulated within a normal UDP packet (e.g., RFC
|
|
1234). The remaining protocol-specific values indicate that
|
|
a header of the protocol of that name is inserted between
|
|
the outer header and the payload header."
|
|
::= { tunnelIfEntry 3 }
|
|
|
|
tunnelIfHopLimit OBJECT-TYPE
|
|
SYNTAX Integer32 (0..255)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The TTL to use in the outer IP header. A value of 0
|
|
indicates that the value is copied from the payload's
|
|
header."
|
|
::= { tunnelIfEntry 4 }
|
|
|
|
tunnelIfSecurity OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
none(1), -- no security
|
|
ipsec(2), -- IPSEC security
|
|
other(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The method used by the tunnel to secure the outer IP
|
|
header. The value ipsec indicates that IPsec is used
|
|
between the tunnel endpoints for authentication or
|
|
encryption or both. More specific security-related
|
|
information may be available in a MIB for the security
|
|
protocol in use."
|
|
::= { tunnelIfEntry 5 }
|
|
|
|
tunnelIfTOS OBJECT-TYPE
|
|
SYNTAX Integer32 (-2..63)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The method used to set the high 6 bits of the TOS in the
|
|
outer IP header. A value of -1 indicates that the bits are
|
|
copied from the payload's header. A value of -2 indicates
|
|
that a traffic conditioner is invoked and more information
|
|
may be available in a traffic conditioner MIB. A value
|
|
between 0 and 63 inclusive indicates that the bit field is
|
|
set to the indicated value."
|
|
::= { tunnelIfEntry 6 }
|
|
|
|
tunnelConfigTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF TunnelConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The (conceptual) table containing information on configured
|
|
tunnels. This table can be used to map a set of tunnel
|
|
endpoints to the associated ifIndex value. It can also be
|
|
used for row creation. Note that every row in the
|
|
tunnelIfTable with a fixed destination address should have a
|
|
corresponding row in the tunnelConfigTable, regardless of
|
|
whether it was created via SNMP."
|
|
::= { tunnel 2 }
|
|
|
|
tunnelConfigEntry OBJECT-TYPE
|
|
SYNTAX TunnelConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (conceptual row) containing the information on a
|
|
particular configured tunnel."
|
|
INDEX { tunnelConfigLocalAddress,
|
|
tunnelConfigRemoteAddress,
|
|
tunnelConfigEncapsMethod,
|
|
tunnelConfigID }
|
|
::= { tunnelConfigTable 1 }
|
|
|
|
TunnelConfigEntry ::= SEQUENCE {
|
|
tunnelConfigLocalAddress IpAddress,
|
|
tunnelConfigRemoteAddress IpAddress,
|
|
tunnelConfigEncapsMethod INTEGER,
|
|
tunnelConfigID Integer32,
|
|
tunnelConfigIfIndex InterfaceIndexOrZero,
|
|
tunnelConfigStatus RowStatus
|
|
}
|
|
|
|
tunnelConfigLocalAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The address of the local endpoint of the tunnel, or 0.0.0.0
|
|
if the device is free to choose any of its addresses at
|
|
tunnel establishment time."
|
|
::= { tunnelConfigEntry 1 }
|
|
|
|
tunnelConfigRemoteAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The address of the remote endpoint of the tunnel."
|
|
::= { tunnelConfigEntry 2 }
|
|
|
|
tunnelConfigEncapsMethod OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
other(1), -- none of the following
|
|
direct(2), -- no intermediate header
|
|
gre(3), -- GRE encapsulation
|
|
minimal(4), -- Minimal encapsulation
|
|
l2tp(5), -- L2TP encapsulation
|
|
pptp(6), -- PPTP encapsulation
|
|
l2f(7), -- L2F encapsulation
|
|
udp(8), -- UDP encapsulation
|
|
atmp(9)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The encapsulation method used by the tunnel."
|
|
::= { tunnelConfigEntry 3 }
|
|
|
|
tunnelConfigID OBJECT-TYPE
|
|
SYNTAX Integer32 (1..2147483647)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An identifier used to distinguish between multiple tunnels
|
|
of the same encapsulation method, with the same endpoints.
|
|
If the encapsulation protocol only allows one tunnel per set
|
|
of endpoint addresses (such as for GRE or IP-in-IP), the
|
|
value of this object is 1. For encapsulation methods (such
|
|
as L2F) which allow multiple parallel tunnels, the manager
|
|
is responsible for choosing any ID which does not conflict
|
|
with an existing row, such as choosing a random number."
|
|
::= { tunnelConfigEntry 4 }
|
|
|
|
tunnelConfigIfIndex OBJECT-TYPE
|
|
SYNTAX InterfaceIndexOrZero
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If the value of tunnelConfigStatus for this row is active,
|
|
then this object contains the value of ifIndex corresponding
|
|
to the tunnel interface. A value of 0 is not legal in the
|
|
active state, and means that the interface index has not yet
|
|
been assigned."
|
|
::= { tunnelConfigEntry 5 }
|
|
|
|
tunnelConfigStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status of this row, by which new entries may be
|
|
created, or old entries deleted from this table. The agent
|
|
need not support setting this object to createAndWait or
|
|
notInService since there are no other writable objects in
|
|
this table, and writable objects in rows of corresponding
|
|
tables such as the tunnelIfTable may be modified while this
|
|
row is active.
|
|
|
|
To create a row in this table for an encapsulation method
|
|
which does not support multiple parallel tunnels with the
|
|
same endpoints, the management station should simply use a
|
|
tunnelConfigID of 1, and set tunnelConfigStatus to
|
|
createAndGo. For encapsulation methods such as L2F which
|
|
allow multiple parallel tunnels, the management station may
|
|
select a pseudo-random number to use as the tunnelConfigID
|
|
and set tunnelConfigStatus to createAndGo. In the event
|
|
that this ID is already in use and an inconsistentValue is
|
|
returned in response to the set operation, the management
|
|
station should simply select a new pseudo-random number and
|
|
retry the operation.
|
|
|
|
Creating a row in this table will cause an interface index
|
|
to be assigned by the agent in an implementation-dependent
|
|
manner, and corresponding rows will be instantiated in the
|
|
ifTable and the tunnelIfTable. The status of this row will
|
|
become active as soon as the agent assigns the interface
|
|
index, regardless of whether the interface is operationally
|
|
up.
|
|
|
|
Deleting a row in this table will likewise delete the
|
|
corresponding row in the ifTable and in the tunnelIfTable."
|
|
::= { tunnelConfigEntry 6 }
|
|
|
|
-- conformance information
|
|
|
|
tunnelMIBConformance
|
|
OBJECT IDENTIFIER ::= { tunnelMIB 2 }
|
|
tunnelMIBCompliances
|
|
OBJECT IDENTIFIER ::= { tunnelMIBConformance 1 }
|
|
tunnelMIBGroups OBJECT IDENTIFIER ::= { tunnelMIBConformance 2 }
|
|
|
|
-- compliance statements
|
|
|
|
tunnelMIBCompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for the IP Tunnel MIB."
|
|
MODULE -- this module
|
|
MANDATORY-GROUPS { tunnelMIBBasicGroup }
|
|
|
|
OBJECT tunnelIfHopLimit
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required."
|
|
|
|
OBJECT tunnelIfTOS
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required."
|
|
|
|
OBJECT tunnelConfigStatus
|
|
MIN-ACCESS read-only
|
|
DESCRIPTION
|
|
"Write access is not required."
|
|
::= { tunnelMIBCompliances 1 }
|
|
|
|
-- units of conformance
|
|
|
|
tunnelMIBBasicGroup OBJECT-GROUP
|
|
OBJECTS { tunnelIfLocalAddress, tunnelIfRemoteAddress,
|
|
tunnelIfEncapsMethod, tunnelIfHopLimit, tunnelIfTOS,
|
|
tunnelIfSecurity, tunnelConfigIfIndex, tunnelConfigStatus }
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A collection of objects to support basic management of IP
|
|
Tunnels."
|
|
::= { tunnelMIBGroups 1 }
|
|
|
|
END
|