smilint output for ./T11-FC-SP-AUTHENTICATION-MIB
| Message Severities |
|---|
| Severity | Count |
|---|
| error | 1 |
| Message Types |
|---|
| Type | Count |
|---|
| object-identifier-not-prefix (error) | 1 |
Messages:
T11-FC-SP-AUTHENTICATION-MIB
1: -- extracted from draft-kzm-imss-fc-fcsp-mib-00.txt
2: -- at Wed Jun 13 06:08:27 2007
3:
4: T11-FC-SP-AUTHENTICATION-MIB DEFINITIONS ::= BEGIN
5:
6: IMPORTS
7: MODULE-IDENTITY, OBJECT-TYPE, OBJECT-IDENTITY,
8: NOTIFICATION-TYPE,
9: mib-2, Counter32, Unsigned32
10: FROM SNMPv2-SMI -- [RFC2578]
11: MODULE-COMPLIANCE, OBJECT-GROUP,
12: NOTIFICATION-GROUP
13: FROM SNMPv2-CONF -- [RFC2580]
14: StorageType, AutonomousType,
15: TruthValue, TimeStamp FROM SNMPv2-TC -- [RFC2579]
16: InterfaceIndex FROM IF-MIB -- [RFC2863]
17: fcmInstanceIndex,
18: FcNameIdOrZero FROM FC-MGMT-MIB -- [RFC4044]
19: t11FamLocalSwitchWwn
20: FROM T11-FC-FABRIC-ADDR-MGR-MIB -- [RFC4439]
21: T11FabricIndex FROM T11-TC-MIB -- [RFC4439]
22: T11FcSpDhGroups,
23: T11FcSpHashFunctions,
24: T11FcSpSignFunctions,
25: T11FcSpAuthRejectReasonCode,
26: T11FcSpAuthRejReasonCodeExp FROM T11-FC-SP-TC-MIB;
27:
28: t11FcSpAuthenticationMIB MODULE-IDENTITY
29: LAST-UPDATED "200702190000Z"
30: ORGANIZATION "T11"
31: CONTACT-INFO
32: " Claudio DeSanti
33: Cisco Systems, Inc.
34: 170 West Tasman Drive
35: San Jose, CA 95134 USA
36: EMail: cds@cisco.com
37:
38: Keith McCloghrie
39: Cisco Systems, Inc.
40: 170 West Tasman Drive
41: San Jose, CA 95134 USA
42: Email: kzm@cisco.com"
43: DESCRIPTION
44: "This MIB module specifies the management information
45: required to manage the Authentication Protocols defined by
46: Fibre Channel's FC-SP specification.
47:
48: This MIB module defines three tables:
49:
50: - t11FcSpAuEntityTable is a table of Fibre Channel
51: entities which can be authenticated using FC-SP's
52: Authentication Protocols.
53:
54: - t11FcSpAuIfStatTable is a table with one row for each
55: mapping of an Authentication entity onto an interface,
56: containing statistics information.
57:
58: - t11FcSpAuRejectTable is a table of volatile information
59: about FC-SP Authentication Protocol transactions
60: which were most recently rejected.
61:
62: Copyright (C) The IETF Trust (2007). This version
63: of this MIB module is part of RFC yyyy; see the RFC
64: itself for full legal notices."
65: -- RFC Editor: replace yyyy with actual RFC number & remove this note
66: REVISION "200702190000Z"
67: DESCRIPTION
68: "Initial version of this MIB module, published as RFCyyyy."
69: -- RFC-Editor, replace yyyy with actual RFC number & remove this note
70: ::= { mib-2 nnn } -- to be assigned by IANA
70: error -
Object identifier element `nnn' name only allowed as first element
71: -- RFC Editor: replace nnn with IANA-assigned number & remove this note
72:
73: t11FcSpAuMIBIdentities
74: OBJECT IDENTIFIER ::= { t11FcSpAuthenticationMIB 1 }
75: t11FcSpAuMIBObjects
76: OBJECT IDENTIFIER ::= { t11FcSpAuthenticationMIB 2 }
77: t11FcSpAuMIBConformance
78: OBJECT IDENTIFIER ::= { t11FcSpAuthenticationMIB 3 }
79: t11FcSpAuMIBNotifications
80: OBJECT IDENTIFIER ::= { t11FcSpAuthenticationMIB 0 }
81:
82: --
83: -- OIDs defined for use as values of t11FcSpAuServerProtocol
84: --
85:
86: t11FcSpAuServerProtocolRadius OBJECT-IDENTITY
87: STATUS current
88: DESCRIPTION
89: "This OID identifies RADIUS as the protocol used
90: to communicate with an External Server as part of
91: the process by which identities are verified.
92: In this case, information about the RADIUS Servers
93: is likely to be provided in radiusAuthServerExtTable
94: defined in the RADIUS-AUTH-CLIENT-MIB."
95: REFERENCE
96: "radiusAuthServerExtTable in 'RADIUS Authentication
97: Client MIB', RFC 4668, August 2006."
98: ::= { t11FcSpAuMIBIdentities 1 }
99:
100: t11FcSpAuServerProtocolDiameter OBJECT-IDENTITY
101: STATUS current
102: DESCRIPTION
103: "This OID identifies Diameter as the protocol used
104: to communicate with an External Server as part of
105: the process by which identities are verified."
106: REFERENCE
107: "RFC 3588, September 2003."
108: ::= { t11FcSpAuMIBIdentities 2 }
109:
110: t11FcSpAuServerProtocolTacacs OBJECT-IDENTITY
111: STATUS current
112: DESCRIPTION
113: "This OID identifies TACACS as the protocol used
114: to communicate with an External Server as part of
115: the process by which identities are verified."
116: REFERENCE
117: "RFC 1492, July 1993."
118: ::= { t11FcSpAuMIBIdentities 3 }
119:
120: --
121: -- Configuration for the Authentication Protocols
122: --
123:
124: t11FcSpAuEntityTable OBJECT-TYPE
125: SYNTAX SEQUENCE OF T11FcSpAuEntityEntry
126: MAX-ACCESS not-accessible
127: STATUS current
128: DESCRIPTION
129: "A table of Fibre Channel entities which can be authenticated
130: using FC-SP's Authentication Protocols.
131:
132: The purpose of an FC-SP Authentication Protocol is to verify
133: that a claimed name is associated with the claiming entity.
134: The Authentication Protocols can be used to authenticate
135: Nx_Ports, B_Ports, or Switches."
136: REFERENCE
137: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
138: Fibre Channel - Security Protocols (FC-SP),
139: 13 June 2006, section 3.2.25."
140: ::= { t11FcSpAuMIBObjects 1 }
141:
142: t11FcSpAuEntityEntry OBJECT-TYPE
143: SYNTAX T11FcSpAuEntityEntry
144: MAX-ACCESS not-accessible
145: STATUS current
146: DESCRIPTION
147: "Information about the configuration and capabilities of an
148: FC-SP entity (which is managed within the Fibre Channel
149: management instance identified by fcmInstanceIndex) on a
150: particular Fabric with respect to FC-SP's Authentication
151: Protocols."
152: INDEX { fcmInstanceIndex, t11FcSpAuEntityName,
153: t11FcSpAuFabricIndex }
154: ::= { t11FcSpAuEntityTable 1 }
155:
156: T11FcSpAuEntityEntry ::= SEQUENCE {
157: t11FcSpAuEntityName FcNameIdOrZero,
158: t11FcSpAuFabricIndex T11FabricIndex,
159: t11FcSpAuServerProtocol AutonomousType,
160: -- Config parameters
161: t11FcSpAuStorageType StorageType,
162: t11FcSpAuSendRejNotifyEnable TruthValue,
163: t11FcSpAuRcvRejNotifyEnable TruthValue,
164: t11FcSpAuDefaultLifetime Unsigned32,
165: t11FcSpAuDefaultLifetimeUnits INTEGER,
166: t11FcSpAuRejectMaxRows Unsigned32,
167: -- Capabilities
168: t11FcSpAuDhChapHashFunctions T11FcSpHashFunctions,
169: t11FcSpAuDhChapDhGroups T11FcSpDhGroups,
170: t11FcSpAuFcapHashFunctions T11FcSpHashFunctions,
171: t11FcSpAuFcapCertsSignFunctions T11FcSpSignFunctions,
172: t11FcSpAuFcapDhGroups T11FcSpDhGroups,
173: t11FcSpAuFcpapHashFunctions T11FcSpHashFunctions,
174: t11FcSpAuFcpapDhGroups T11FcSpDhGroups
175: }
176:
177: t11FcSpAuEntityName OBJECT-TYPE
178: SYNTAX FcNameIdOrZero (SIZE (8))
179: MAX-ACCESS not-accessible
180: STATUS current
181: DESCRIPTION
182: "The name used to identify the FC-SP entity.
183:
184: For entities which are Fibre Channel Switches, this value
185: corresponds to the Switch's value of fcmSwitchWWN. For
186: entities other than Fibre Channel Switches, this value
187: corresponds to the value of fcmInstanceWwn for the
188: corresponding Fibre Channel management instance."
189: REFERENCE
190: "fcmInstanceWwn & fcmSwitchWWN,
191: 'Fibre Channel Management MIB', RFC 4044, May 2005."
192: ::= { t11FcSpAuEntityEntry 1 }
193:
194: t11FcSpAuFabricIndex OBJECT-TYPE
195: SYNTAX T11FabricIndex
196: MAX-ACCESS not-accessible
197: STATUS current
198: DESCRIPTION
199: "An index value which uniquely identifies a
200: particular Fabric to which the entity is attached."
201: ::= { t11FcSpAuEntityEntry 2 }
202:
203: t11FcSpAuServerProtocol OBJECT-TYPE
204: SYNTAX AutonomousType
205: MAX-ACCESS read-only
206: STATUS current
207: DESCRIPTION
208: "The protocol, if any, used by the entity to communicate
209: with a third party (i.e., an External Server) as part of
210: the process by which it verifies DH-CHAP responses. For
211: example, if the entity is using an external RADIUS server
212: to verify DH-CHAP responses, then this object will have
213: the value t11FcSpAuServerProtocolRadius.
214:
215: The value, zeroDotZero, is used to indicate that no
216: protocol is being used to communicate with a third
217: party to verify DH-CHAP responses.
218:
219: When no protocol is being used, or if the third party is
220: unreachable via the specified protocol, then locally
221: configured information (if any) may be used instead."
222: ::= { t11FcSpAuEntityEntry 3 }
223:
224: t11FcSpAuStorageType OBJECT-TYPE
225: SYNTAX StorageType
226: MAX-ACCESS read-write
227: STATUS current
228: DESCRIPTION
229: "This object specifies the memory realization of
230: configuration information related to an FC-SP
231: Entity on a particular Fabric; specifically, for
232: MIB objects in the row containing this object.
233:
234: Even if an instance of this object has the value
235: 'permanent(4)', none of the information in the
236: corresponding row of this table needs to be writable."
237: ::= { t11FcSpAuEntityEntry 4 }
238:
239: t11FcSpAuSendRejNotifyEnable OBJECT-TYPE
240: SYNTAX TruthValue
241: MAX-ACCESS read-write
242: STATUS current
243: DESCRIPTION
244: "An indication of whether or not the entity should issue
245: t11FcSpAuRejectSentNotify notifications when sending
246: AUTH_Reject/SW_RJT/LS_RJT to reject an AUTH message.
247:
248: If the value of the object is 'true', then this type of
249: notification is generated. If the value is 'false',
250: this type of notification is not generated."
251: DEFVAL { false }
252: ::= { t11FcSpAuEntityEntry 5 }
253:
254: t11FcSpAuRcvRejNotifyEnable OBJECT-TYPE
255: SYNTAX TruthValue
256: MAX-ACCESS read-write
257: STATUS current
258: DESCRIPTION
259: "An indication of whether or not the entity should issue
260: t11FcSpAuRejectReceivedNotify notifications on the receipt
261: of AUTH_Reject/SW_RJT/LS_RJT messages.
262:
263: If the value of the object is 'true', then this type of
264: notification is generated. If the value is 'false',
265: this type of notification is not generated."
266: DEFVAL { false }
267: ::= { t11FcSpAuEntityEntry 6 }
268:
269: t11FcSpAuDefaultLifetime OBJECT-TYPE
270: SYNTAX Unsigned32 (0..4294967295)
271: MAX-ACCESS read-write
272: STATUS current
273: DESCRIPTION
274: "When the value of this object is non-zero, it specifies the
275: default value of a lifetime, specified in units given by
276: the corresponding instance of t11FcSpAuDefaultLifetimeUnits.
277: This default lifetime is to be used for any Security
278: Association which has no explicitly-specified value for its
279: lifetime.
280:
281: An SA's lifetime is either the time interval or the number
282: of passed bytes, after which the SA has to be terminated and
283: (if necessary) replaced with a new SA.
284:
285: If this object is zero, then there is no default value for
286: lifetime."
287: DEFVAL { 28800 } -- 8 hours (in units of seconds)
288: ::= { t11FcSpAuEntityEntry 7 }
289:
290: t11FcSpAuDefaultLifetimeUnits OBJECT-TYPE
291: SYNTAX INTEGER {
292: seconds(1), -- seconds
293: kiloBytes(2), -- 10^^3 bytes
294: megaBytes(3), -- 10^^6 bytes
295: gigaBytes(4), -- 10^^9 bytes
296: teraBytes(5), -- 10^^12 bytes
297: petaBytes(6), -- 10^^15 bytes
298: exaBytes(7), -- 10^^18 bytes
299: zettaBytes(8), -- 10^^21 bytes
300: yottaBytes(9) -- 10^^24 bytes
301: }
302: MAX-ACCESS read-write
303: STATUS current
304: DESCRIPTION
305: "The units in which the value of the corresponding
306: instance of t11FcSpAuDefaultLifetime specifies a
307: default lifetime for a Security Association which has
308: no explicitly-specified value for its lifetime."
309: DEFVAL { seconds }
310: ::= { t11FcSpAuEntityEntry 8 }
311:
312: t11FcSpAuRejectMaxRows OBJECT-TYPE
313: SYNTAX Unsigned32 (0..1000)
314: MAX-ACCESS read-write
315: STATUS current
316: DESCRIPTION
317: "The maximum number of rows in the t11FcSpAuRejectTable for
318: this entity on this Fabric. If and when an AUTH message is
319: rejected and the t11FcSpAuRejectTable already contains this
320: maximum number of rows for the specific entity and Fabric,
321: the row containing the oldest information is discarded and
322: replaced by a row containing information about the new
323: rejection.
324:
325: There will be less than this maximum number of rows in
326: the t11FcSpAuRejectTable in exceptional circumstances,
327: e.g., after an agent restart.
328:
329: In an implementation which does not support the
330: t11FcSpAuRejectTable, this object will always be zero."
331: ::= { t11FcSpAuEntityEntry 9 }
332:
333: t11FcSpAuDhChapHashFunctions OBJECT-TYPE
334: SYNTAX T11FcSpHashFunctions
335: MAX-ACCESS read-only
336: STATUS current
337: DESCRIPTION
338: "The hash functions which the entity supports when using
339: the DH-CHAP algorithm."
340: ::= { t11FcSpAuEntityEntry 10 }
341:
342: t11FcSpAuDhChapDhGroups OBJECT-TYPE
343: SYNTAX T11FcSpDhGroups
344: MAX-ACCESS read-only
345: STATUS current
346: DESCRIPTION
347: "The DH Groups which the entity supports when using the
348: DH-CHAP algorithm in FC-SP."
349: ::= { t11FcSpAuEntityEntry 11 }
350:
351: t11FcSpAuFcapHashFunctions OBJECT-TYPE
352: SYNTAX T11FcSpHashFunctions
353: MAX-ACCESS read-only
354: STATUS current
355: DESCRIPTION
356: "The hash functions which the entity supports when
357: specified as Protocol Parameters in the AUTH_Negotiate
358: message for FCAP in FC-SP."
359: REFERENCE
360: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
361: Fibre Channel - Security Protocols (FC-SP),
362: 13 June 2006, section 5.5.2.1 and table 28."
363: ::= { t11FcSpAuEntityEntry 12 }
364:
365: t11FcSpAuFcapCertsSignFunctions OBJECT-TYPE
366: SYNTAX T11FcSpSignFunctions
367: MAX-ACCESS read-only
368: STATUS current
369: DESCRIPTION
370: "The signature functions used within certificates which
371: the entity supports when using FCAP in FC-SP."
372: REFERENCE
373: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
374: Fibre Channel - Security Protocols (FC-SP),
375: 13 June 2006, section 5.5.4.2 and tables 38 & 39."
376: ::= { t11FcSpAuEntityEntry 13 }
377:
378: t11FcSpAuFcapDhGroups OBJECT-TYPE
379: SYNTAX T11FcSpDhGroups
380: MAX-ACCESS read-only
381: STATUS current
382: DESCRIPTION
383: "The DH Groups which the entity supports when using the
384: FCAP algorithm in FC-SP."
385: ::= { t11FcSpAuEntityEntry 14 }
386:
387: t11FcSpAuFcpapHashFunctions OBJECT-TYPE
388: SYNTAX T11FcSpHashFunctions
389: MAX-ACCESS read-only
390: STATUS current
391: DESCRIPTION
392: "The hash functions which the entity supports when using
393: the FCPAP algorithm in FC-SP."
394: ::= { t11FcSpAuEntityEntry 15 }
395:
396: t11FcSpAuFcpapDhGroups OBJECT-TYPE
397: SYNTAX T11FcSpDhGroups
398: MAX-ACCESS read-only
399: STATUS current
400: DESCRIPTION
401: "The DH Groups which the entity supports when using the
402: FCPAP algorithm in FC-SP."
403: ::= { t11FcSpAuEntityEntry 16 }
404:
405:
406: --
407: -- The Mapping of Authentication Entities onto Interfaces
408: -- and Statistics
409: --
410:
411: t11FcSpAuIfStatTable OBJECT-TYPE
412: SYNTAX SEQUENCE OF T11FcSpAuIfStatEntry
413: MAX-ACCESS not-accessible
414: STATUS current
415: DESCRIPTION
416: "Each FC-SP Authentication entity can operate on one or more
417: interfaces, but at most one of them can operate on each
418: interface. A row in this table exists for each interface
419: to each Fabric on which each Authentication entity operates.
420:
421: The objects within this table contain statistics information
422: related to FC-SP's Authentication Protocols."
423: ::= { t11FcSpAuMIBObjects 2 }
424:
425: t11FcSpAuIfStatEntry OBJECT-TYPE
426: SYNTAX T11FcSpAuIfStatEntry
427: MAX-ACCESS not-accessible
428: STATUS current
429: DESCRIPTION
430: "A set of Authentication Protocols statistics for an FC-SP
431: Authentication entity (identified by t11FcSpAuEntityName) on
432: one of its interfaces to a particular Fabric, which is
433: managed within the Fibre Channel management instance
434: identified by fcmInstanceIndex."
435:
436: INDEX { fcmInstanceIndex, t11FcSpAuEntityName,
437: t11FcSpAuIfStatInterfaceIndex,
438: t11FcSpAuIfStatFabricIndex }
439: ::= { t11FcSpAuIfStatTable 1 }
440:
441: T11FcSpAuIfStatEntry ::= SEQUENCE {
442: t11FcSpAuIfStatInterfaceIndex InterfaceIndex,
443: t11FcSpAuIfStatFabricIndex T11FabricIndex,
444: t11FcSpAuIfStatTimeouts Counter32,
445: t11FcSpAuIfStatInAcceptedMsgs Counter32,
446: t11FcSpAuIfStatInLsSwRejectedMsgs Counter32,
447: t11FcSpAuIfStatInAuthRejectedMsgs Counter32,
448: t11FcSpAuIfStatOutAcceptedMsgs Counter32,
449: t11FcSpAuIfStatOutLsSwRejectedMsgs Counter32,
450: t11FcSpAuIfStatOutAuthRejectedMsgs Counter32
451: }
452:
453: t11FcSpAuIfStatInterfaceIndex OBJECT-TYPE
454: SYNTAX InterfaceIndex
455: MAX-ACCESS not-accessible
456: STATUS current
457: DESCRIPTION
458: "The interface on which the FC-SP Authentication entity
459: operates and for which the statistics are collected."
460: ::= { t11FcSpAuIfStatEntry 1 }
461:
462: t11FcSpAuIfStatFabricIndex OBJECT-TYPE
463: SYNTAX T11FabricIndex
464: MAX-ACCESS not-accessible
465: STATUS current
466: DESCRIPTION
467: "A index value identifying the particular Fabric for
468: which the statistics are collected."
469: ::= { t11FcSpAuIfStatEntry 2 }
470:
471: t11FcSpAuIfStatTimeouts OBJECT-TYPE
472: SYNTAX Counter32
473: MAX-ACCESS read-only
474: STATUS current
475: DESCRIPTION
476: "The number of FC-SP Authentication Protocol messages sent
477: by the particular entity on the particular Fabric on the
478: particular interface, for which no response was received
479: within a timeout period.
480: This counter has no discontinuities other than those
481: which all Counter32's have when sysUpTime=0."
482: REFERENCE
483: "Fibre Channel - Security Protocols (FC-SP),
484: T11/Project 1570-D/Rev 1.8, June 2006, section 5.11."
485: ::= { t11FcSpAuIfStatEntry 3 }
486:
487: t11FcSpAuIfStatInAcceptedMsgs OBJECT-TYPE
488: SYNTAX Counter32
489: MAX-ACCESS read-only
490: STATUS current
491: DESCRIPTION
492: "The number of FC-SP Authentication Protocol messages
493: received and accepted by the particular entity on the
494: particular Fabric on the particular interface.
495:
496: This counter has no discontinuities other than those
497: which all Counter32's have when sysUpTime=0."
498: REFERENCE
499: "Fibre Channel - Security Protocols (FC-SP),
500: T11/Project 1570-D/Rev 1.8, June 2006, section 5.1."
501: ::= { t11FcSpAuIfStatEntry 4 }
502:
503: t11FcSpAuIfStatInLsSwRejectedMsgs OBJECT-TYPE
504: SYNTAX Counter32
505: MAX-ACCESS read-only
506: STATUS current
507: DESCRIPTION
508: "The number of FC-SP Authentication Protocol messages
509: received by the particular entity on the particular Fabric
510: on particular interface, and rejected by a lower-level
511: (SW_RJT or LS_RJT) reject.
512:
513: This counter has no discontinuities other than those
514: which all Counter32's have when sysUpTime=0."
515: REFERENCE
516: "Fibre Channel - Security Protocols (FC-SP),
517: T11/Project 1570-D/Rev 1.8, June 2006, section 5.1."
518: ::= { t11FcSpAuIfStatEntry 5 }
519:
520: t11FcSpAuIfStatInAuthRejectedMsgs OBJECT-TYPE
521: SYNTAX Counter32
522: MAX-ACCESS read-only
523: STATUS current
524: DESCRIPTION
525: "The number of FC-SP Authentication Protocol messages
526: received by the particular entity on the particular Fabric
527: on particular interface, and rejected by an AUTH_Reject
528: message.
529:
530: This counter has no discontinuities other than those
531: which all Counter32's have when sysUpTime=0."
532: REFERENCE
533: "Fibre Channel - Security Protocols (FC-SP),
534: T11/Project 1570-D/Rev 1.8, June 2006, section 5.1."
535: ::= { t11FcSpAuIfStatEntry 6 }
536:
537: t11FcSpAuIfStatOutAcceptedMsgs OBJECT-TYPE
538: SYNTAX Counter32
539: MAX-ACCESS read-only
540: STATUS current
541: DESCRIPTION
542: "The number of FC-SP Authentication Protocol messages sent
543: by the particular entity on the particular Fabric on the
544: particular interface, which were accepted by the
545: neighbouring entity, i.e., not rejected by an AUTH_Reject
546: message, nor by a lower-level (SW_RJT or LS_RJT) reject.
547:
548: This counter has no discontinuities other than those
549: which all Counter32's have when sysUpTime=0."
550: REFERENCE
551: "Fibre Channel - Security Protocols (FC-SP),
552: T11/Project 1570-D/Rev 1.8, June 2006, section 5.1."
553: ::= { t11FcSpAuIfStatEntry 7 }
554:
555: t11FcSpAuIfStatOutLsSwRejectedMsgs OBJECT-TYPE
556: SYNTAX Counter32
557: MAX-ACCESS read-only
558: STATUS current
559: DESCRIPTION
560: "The number of FC-SP Authentication Protocol messages sent
561: by the particular entity on the particular Fabric on the
562: particular interface, which were rejected by a lower-level
563: (SW_RJT or LS_RJT) reject.
564:
565: This counter has no discontinuities other than those
566: which all Counter32's have when sysUpTime=0."
567: REFERENCE
568: "Fibre Channel - Security Protocols (FC-SP),
569: T11/Project 1570-D/Rev 1.8, June 2006, section 5.1."
570: ::= { t11FcSpAuIfStatEntry 8 }
571:
572: t11FcSpAuIfStatOutAuthRejectedMsgs OBJECT-TYPE
573: SYNTAX Counter32
574: MAX-ACCESS read-only
575: STATUS current
576: DESCRIPTION
577: "The number of FC-SP Authentication Protocol messages sent
578: by the particular entity on the particular Fabric on the
579: particular interface, which were rejected by an
580: AUTH_Reject message.
581:
582: This counter has no discontinuities other than those
583: which all Counter32's have when sysUpTime=0."
584: REFERENCE
585: "Fibre Channel - Security Protocols (FC-SP),
586: T11/Project 1570-D/Rev 1.8, June 2006, section 5.1."
587: ::= { t11FcSpAuIfStatEntry 9 }
588:
589:
590: --
591: -- Information about Authentication Protocol Transactions
592: -- which were recently rejected
593: --
594:
595: t11FcSpAuRejectTable OBJECT-TYPE
596: SYNTAX SEQUENCE OF T11FcSpAuRejectEntry
597: MAX-ACCESS not-accessible
598: STATUS current
599: DESCRIPTION
600: "A table of volatile information about FC-SP Authentication
601: Protocol transactions which were recently rejected with
602: an AUTH_Reject message, or with an SW_RJT/LS_RJT.
603:
604: The maximum number of rows in this table for a specific
605: entity on a specific Fabric is given by the value of the
606: corresponding instance of t11FcSpAuRejectMaxRows.
607:
608: The syntax of t11FcSpAuRejTimestamp is TimeStamp, and thus
609: its value rolls-over to zero after approximately 497 days.
610: To avoid any confusion due to such a roll-over, rows should
611: be deleted from this table before they are 497 days old.
612:
613: This table will be empty if no AUTH_Reject messages,
614: nor any SW_RJT/LS_RJT's rejecting an AUTH message,
615: have been sent or received since the last
616: re-initialization of the agent."
617: ::= { t11FcSpAuMIBObjects 3 }
618:
619: t11FcSpAuRejectEntry OBJECT-TYPE
620: SYNTAX T11FcSpAuRejectEntry
621: MAX-ACCESS not-accessible
622: STATUS current
623: DESCRIPTION
624: "Information about one AUTH message (either an
625: AUTH_ELS or an AUTH_ILS) which was rejected with an
626: AUTH_Reject, SW_RJT or LS_RJT message, sent/received by
627: the entity identified by values of fcmInstanceIndex and
628: t11FcSpAuEntityName, on an interface to a particular
629: Fabric."
630: INDEX { fcmInstanceIndex, t11FcSpAuEntityName,
631: t11FcSpAuRejInterfaceIndex, t11FcSpAuRejFabricIndex,
632: t11FcSpAuRejTimestamp }
633: ::= { t11FcSpAuRejectTable 1 }
634:
635: T11FcSpAuRejectEntry ::= SEQUENCE {
636: t11FcSpAuRejInterfaceIndex InterfaceIndex,
637: t11FcSpAuRejFabricIndex T11FabricIndex,
638: t11FcSpAuRejTimestamp TimeStamp,
639: t11FcSpAuRejDirection INTEGER,
640: t11FcSpAuRejType INTEGER,
641: t11FcSpAuRejAuthMsgString OCTET STRING,
642: t11FcSpAuRejReasonCode T11FcSpAuthRejectReasonCode,
643: t11FcSpAuRejReasonCodeExp T11FcSpAuthRejReasonCodeExp
644: }
645:
646: t11FcSpAuRejInterfaceIndex OBJECT-TYPE
647: SYNTAX InterfaceIndex
648: MAX-ACCESS not-accessible
649: STATUS current
650: DESCRIPTION
651: "The interface on which the rejected AUTH message was
652: sent or received."
653: ::= { t11FcSpAuRejectEntry 1 }
654:
655: t11FcSpAuRejFabricIndex OBJECT-TYPE
656: SYNTAX T11FabricIndex
657: MAX-ACCESS not-accessible
658: STATUS current
659: DESCRIPTION
660: "A index value identifying the particular Fabric on
661: which the rejected AUTH message was sent or received."
662: ::= { t11FcSpAuRejectEntry 2 }
663:
664: t11FcSpAuRejTimestamp OBJECT-TYPE
665: SYNTAX TimeStamp
666: MAX-ACCESS not-accessible
667: STATUS current
668: DESCRIPTION
669: "The time at which the AUTH message was rejected. If two
670: rows have the same value of this object for the same
671: entity on the same interface and Fabric, the value of
672: this object for the later one is incremented by one."
673: ::= { t11FcSpAuRejectEntry 3 }
674:
675: t11FcSpAuRejDirection OBJECT-TYPE
676: SYNTAX INTEGER { sent(1), received(2) }
677: MAX-ACCESS read-only
678: STATUS current
679: DESCRIPTION
680: "An indication of whether the the rejection was sent or
681: received by the identified entity.
682:
683: The value 'sent(1)' corresponds to a notification of
684: type t11FcSpAuRejectSentNotify; the value 'received(2)'
685: corresponds to t11FcSpAuRejectReceivedNotify."
686: ::= { t11FcSpAuRejectEntry 4 }
687:
688: t11FcSpAuRejType OBJECT-TYPE
689: SYNTAX INTEGER {
690: authReject(1),
691: swRjt(2),
692: lsRjt(3)
693: }
694: MAX-ACCESS read-only
695: STATUS current
696: DESCRIPTION
697: "An indication of whether the rejection was an
698: AUTH_Reject, an SW_RJT or an LS_RJT."
699: ::= { t11FcSpAuRejectEntry 5 }
700:
701: t11FcSpAuRejAuthMsgString OBJECT-TYPE
702: SYNTAX OCTET STRING (SIZE(0..255))
703: MAX-ACCESS read-only
704: STATUS current
705: DESCRIPTION
706: "The binary content of the AUTH message which was
707: rejected, formatted as an octet string (in network
708: byte order) containing the content of the message.
709:
710: If the binary content is unavailable, then the
711: length is zero. Otherwise, the first octet of the
712: message identifies the type of message:
713:
714: '90'h - an AUTH_ELS, see Table 6 in FC-SP,
715: '40'h - an AUTH_ILS, see Table 3 in FC-SP, or
716: '41'h - an B_AUTH_ILS, see Table 5 in FC-SP.
717:
718: and the remainder of the message may be truncated."
719: REFERENCE
720: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
721: Fibre Channel - Security Protocols (FC-SP),
722: 13 June 2006, Tables 3, 5 and 6."
723: ::= { t11FcSpAuRejectEntry 6 }
724:
725: t11FcSpAuRejReasonCode OBJECT-TYPE
726: SYNTAX T11FcSpAuthRejectReasonCode
727: MAX-ACCESS read-only
728: STATUS current
729: DESCRIPTION
730: "The reason code with which this AUTH message was
731: rejected."
732: REFERENCE
733: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
734: Fibre Channel - Security Protocols (FC-SP),
735: 13 June 2006, Table 17, 48, 52."
736: ::= { t11FcSpAuRejectEntry 7 }
737:
738: t11FcSpAuRejReasonCodeExp OBJECT-TYPE
739: SYNTAX T11FcSpAuthRejReasonCodeExp
740: MAX-ACCESS read-only
741: STATUS current
742: DESCRIPTION
743: "The reason code explanation with which this AUTH
744: message was rejected."
745: REFERENCE
746: "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
747: Fibre Channel - Security Protocols (FC-SP),
748: 13 June 2006, Table 17, 48, 52."
749: ::= { t11FcSpAuRejectEntry 8 }
750:
751: --
752: -- Notifications
753: --
754:
755: t11FcSpAuRejectSentNotify NOTIFICATION-TYPE
756: OBJECTS { t11FamLocalSwitchWwn,
757: t11FcSpAuRejAuthMsgString,
758: t11FcSpAuRejType,
759: t11FcSpAuRejReasonCode,
760: t11FcSpAuRejReasonCodeExp }
761: STATUS current
762: DESCRIPTION
763: "This notification indicates that a Switch (identified
764: by the value of t11FamLocalSwitchWwn) has sent a reject
765: message of the type indicated by t11FcSpAuRejType in
766: response to an AUTH message.
767:
768: The content of the rejected AUTH message is given by the
769: value of t11FcSpAuRejAuthMsgString. The values of the
770: Reason Code and Reason Code Explanation in the
771: AUTH_Reject/SW_RJT/LS_RJT are indicated by the values of
772: t11FcSpAuRejReasonCode and t11FcSpAuRejReasonCodeExp."
773: ::= { t11FcSpAuMIBNotifications 1 }
774:
775: t11FcSpAuRejectReceivedNotify NOTIFICATION-TYPE
776: OBJECTS { t11FamLocalSwitchWwn,
777: t11FcSpAuRejAuthMsgString,
778: t11FcSpAuRejType,
779: t11FcSpAuRejReasonCode,
780: t11FcSpAuRejReasonCodeExp }
781: STATUS current
782: DESCRIPTION
783: "This notification indicates that a Switch (identified
784: by the value of t11FamLocalSwitchWwn) has received a
785: reject message of the type indicated by t11FcSpAuRejType
786: in response to an AUTH message.
787:
788: The content of the rejected AUTH message is given by the
789: value of t11FcSpAuRejAuthMsgString. The values of the
790: Reason Code and Reason Code Explanation in the
791: AUTH_Reject/SW_RJT/LS_RJT are indicated by the values of
792: t11FcSpAuRejReasonCode and t11FcSpAuRejReasonCodeExp."
793: ::= { t11FcSpAuMIBNotifications 2 }
794:
795: --
796: -- Conformance
797: --
798:
799: t11FcSpAuMIBCompliances
800: OBJECT IDENTIFIER ::= { t11FcSpAuMIBConformance 1 }
801: t11FcSpAuMIBGroups
802: OBJECT IDENTIFIER ::= { t11FcSpAuMIBConformance 2 }
803:
804: t11FcSpAuMIBCompliance MODULE-COMPLIANCE
805: STATUS current
806: DESCRIPTION
807: "The compliance statement for entities which
808: implement one or more of the Authentication Protocols
809: defined in FC-SP."
810:
811: MODULE -- this module
812: MANDATORY-GROUPS { t11FcSpAuGeneralGroup,
813: t11FcSpAuRejectedGroup,
814: t11FcSpAuNotificationGroup }
815:
816: GROUP t11FcSpAuIfStatsGroup
817: DESCRIPTION
818: "These counters, of particular FC-SP messages and
819: events, are mandatory only for those systems that
820: count such messages/events."
821:
822: -- Write access is not required for any objects in this MIB module:
823:
824: OBJECT t11FcSpAuStorageType
825: MIN-ACCESS read-only
826: DESCRIPTION
827: "Write access is not required."
828:
829: OBJECT t11FcSpAuSendRejNotifyEnable
830: MIN-ACCESS read-only
831: DESCRIPTION
832: "Write access is not required."
833:
834: OBJECT t11FcSpAuRcvRejNotifyEnable
835: MIN-ACCESS read-only
836: DESCRIPTION
837: "Write access is not required."
838:
839: OBJECT t11FcSpAuDefaultLifetime
840: MIN-ACCESS read-only
841: DESCRIPTION
842: "Write access is not required."
843:
844: OBJECT t11FcSpAuDefaultLifetimeUnits
845: MIN-ACCESS read-only
846: DESCRIPTION
847: "Write access is not required."
848:
849: OBJECT t11FcSpAuRejectMaxRows
850: MIN-ACCESS read-only
851: DESCRIPTION
852: "Write access is not required."
853:
854: ::= { t11FcSpAuMIBCompliances 1 }
855:
856:
857: -- Units of Conformance
858:
859: t11FcSpAuGeneralGroup OBJECT-GROUP
860: OBJECTS { t11FcSpAuServerProtocol,
861: t11FcSpAuStorageType,
862: t11FcSpAuSendRejNotifyEnable,
863: t11FcSpAuRcvRejNotifyEnable,
864: t11FcSpAuDefaultLifetime,
865: t11FcSpAuDefaultLifetimeUnits,
866: t11FcSpAuRejectMaxRows,
867: t11FcSpAuDhChapHashFunctions,
868: t11FcSpAuDhChapDhGroups,
869: t11FcSpAuFcapHashFunctions,
870: t11FcSpAuFcapCertsSignFunctions,
871: t11FcSpAuFcapDhGroups,
872: t11FcSpAuFcpapHashFunctions,
873: t11FcSpAuFcpapDhGroups,
874: t11FcSpAuIfStatTimeouts }
875: STATUS current
876: DESCRIPTION
877: "A collection of objects for the capabilities and
878: configuration parameters of FC-SP's Authentication
879: Protocols. The inclusion of t11FcSpAuIfStatTimeouts
880: in this group provides information on mappings of
881: Authentication entities onto interfaces."
882: ::= { t11FcSpAuMIBGroups 1 }
883:
884: t11FcSpAuIfStatsGroup OBJECT-GROUP
885: OBJECTS { t11FcSpAuIfStatInAcceptedMsgs,
886: t11FcSpAuIfStatInLsSwRejectedMsgs,
887: t11FcSpAuIfStatInAuthRejectedMsgs,
888: t11FcSpAuIfStatOutAcceptedMsgs,
889: t11FcSpAuIfStatOutLsSwRejectedMsgs,
890: t11FcSpAuIfStatOutAuthRejectedMsgs }
891: STATUS current
892: DESCRIPTION
893: "A collection of objects for monitoring the
894: operations of FC-SP's Authentication Protocols."
895: ::= { t11FcSpAuMIBGroups 2 }
896:
897: t11FcSpAuRejectedGroup OBJECT-GROUP
898: OBJECTS { t11FcSpAuRejDirection,
899: t11FcSpAuRejType,
900: t11FcSpAuRejAuthMsgString,
901: t11FcSpAuRejReasonCode,
902: t11FcSpAuRejReasonCodeExp }
903: STATUS current
904: DESCRIPTION
905: "A collection of objects holding information concerning
906: FC-SP Authentication Protocol transactions which were
907: recently rejected with an AUTH_Reject, with an SW_RJT,
908: or with an LS_RJT."
909: ::= { t11FcSpAuMIBGroups 3 }
910:
911: t11FcSpAuNotificationGroup NOTIFICATION-GROUP
912: NOTIFICATIONS { t11FcSpAuRejectSentNotify,
913: t11FcSpAuRejectReceivedNotify }
914: STATUS current
915: DESCRIPTION
916: "A collection of notifications for use in the management
917: of FC-SP's Authentication Protocols."
918: ::= { t11FcSpAuMIBGroups 4 }
919:
920: END
921:
922: --
923: -- Copyright (C) The IETF Trust (2007). This document is subject to the
924: -- rights, licenses and restrictions contained in BCP 78, and except as
925: -- set forth therein, the authors retain all their rights.
926: --
927: -- This document and the information contained herein are provided on an
928: -- "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
929: -- OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
930: -- THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
931: -- OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
932: -- THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
933: -- WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
934: --
935: -- Disclaimer of validity
936: --
937: -- The IETF takes no position regarding the validity or scope of any
938: -- Intellectual Property Rights or other rights that might be claimed to
939: -- pertain to the implementation or use of the technology described in
940: -- this document or the extent to which any license under such rights
941: -- might or might not be available; nor does it represent that it has
942: -- made any independent effort to identify any such rights. Information
943: -- on the procedures with respect to rights in RFC documents can be
944: -- found in BCP 78 and BCP 79.
945: --
946: -- Copies of IPR disclosures made to the IETF Secretariat and any
947: -- assurances of licenses to be made available, or the result of an
948: -- attempt made to obtain a general license or permission for the use of
949: -- such proprietary rights by implementers or users of this
950: -- specification can be obtained from the IETF on-line IPR repository at
951: -- http://www.ietf.org/ipr.
952: --
953: -- The IETF invites any interested party to bring to its attention any
954: -- copyrights, patents or patent applications, or other proprietary
955: -- rights that may cover technology that may be required to implement
956: -- this standard. Please address the information to the IETF at
957: -- ietf-ipr@ietf.org.
958: --
959: -- Acknowledgment
960: --
961: -- Funding for the RFC Editor function is currently provided by the
962: -- Internet Society.
963: