smilint output for ./T11-FC-SP-AUTHENTICATION-MIB


Message Severities
SeverityCount
error1
Message Types
TypeCount
object-identifier-not-prefix (error)1

Messages:

T11-FC-SP-AUTHENTICATION-MIB

   1: -- extracted from draft-kzm-imss-fc-fcsp-mib-00.txt
   2: -- at Wed Jun 13 06:08:27 2007
   3: 
   4: T11-FC-SP-AUTHENTICATION-MIB  DEFINITIONS ::= BEGIN
   5: 
   6: IMPORTS
   7:     MODULE-IDENTITY, OBJECT-TYPE, OBJECT-IDENTITY,
   8:     NOTIFICATION-TYPE,
   9:     mib-2, Counter32, Unsigned32
  10:                                       FROM SNMPv2-SMI  -- [RFC2578]
  11:     MODULE-COMPLIANCE, OBJECT-GROUP,
  12:     NOTIFICATION-GROUP
  13:                                       FROM SNMPv2-CONF -- [RFC2580]
  14:     StorageType, AutonomousType,
  15:     TruthValue, TimeStamp             FROM SNMPv2-TC   -- [RFC2579]
  16:     InterfaceIndex                    FROM IF-MIB      -- [RFC2863]
  17:     fcmInstanceIndex,
  18:     FcNameIdOrZero                    FROM FC-MGMT-MIB -- [RFC4044]
  19:     t11FamLocalSwitchWwn
  20:                        FROM T11-FC-FABRIC-ADDR-MGR-MIB -- [RFC4439]
  21:     T11FabricIndex                    FROM T11-TC-MIB  -- [RFC4439]
  22:     T11FcSpDhGroups,
  23:     T11FcSpHashFunctions,
  24:     T11FcSpSignFunctions,
  25:     T11FcSpAuthRejectReasonCode,
  26:     T11FcSpAuthRejReasonCodeExp       FROM T11-FC-SP-TC-MIB;
  27: 
  28: t11FcSpAuthenticationMIB  MODULE-IDENTITY
  29:     LAST-UPDATED  "200702190000Z"
  30:     ORGANIZATION  "T11"
  31:     CONTACT-INFO
  32:             "     Claudio DeSanti
  33:                   Cisco Systems, Inc.
  34:                   170 West Tasman Drive
  35:                   San Jose, CA 95134 USA
  36:                   EMail: cds@cisco.com
  37: 
  38:                   Keith McCloghrie
  39:                   Cisco Systems, Inc.
  40:                   170 West Tasman Drive
  41:                   San Jose, CA 95134 USA
  42:                   Email: kzm@cisco.com"
  43:     DESCRIPTION
  44:            "This MIB module specifies the management information
  45:            required to manage the Authentication Protocols defined by
  46:            Fibre Channel's FC-SP specification.
  47: 
  48:            This MIB module defines three tables:
  49: 
  50:             - t11FcSpAuEntityTable is a table of Fibre Channel
  51:               entities which can be authenticated using FC-SP's
  52:               Authentication Protocols.
  53: 
  54:             - t11FcSpAuIfStatTable is a table with one row for each
  55:               mapping of an Authentication entity onto an interface,
  56:               containing statistics information.
  57: 
  58:             - t11FcSpAuRejectTable is a table of volatile information
  59:               about FC-SP Authentication Protocol transactions
  60:               which were most recently rejected.
  61: 
  62:            Copyright (C) The IETF Trust (2007).  This version
  63:            of this MIB module is part of RFC yyyy;  see the RFC
  64:            itself for full legal notices."
  65: -- RFC Editor: replace yyyy with actual RFC number & remove this note
  66:     REVISION  "200702190000Z"
  67:     DESCRIPTION
  68:            "Initial version of this MIB module, published as RFCyyyy."
  69: -- RFC-Editor, replace yyyy with actual RFC number & remove this note
  70:     ::= { mib-2 nnn }  -- to be assigned by IANA
  70: error - Object identifier element `nnn' name only allowed as first element
  71: -- RFC Editor: replace nnn with IANA-assigned number & remove this note
  72: 
  73: t11FcSpAuMIBIdentities
  74:                    OBJECT IDENTIFIER ::= { t11FcSpAuthenticationMIB 1 }
  75: t11FcSpAuMIBObjects
  76:                    OBJECT IDENTIFIER ::= { t11FcSpAuthenticationMIB 2 }
  77: t11FcSpAuMIBConformance
  78:                    OBJECT IDENTIFIER ::= { t11FcSpAuthenticationMIB 3 }
  79: t11FcSpAuMIBNotifications
  80:                    OBJECT IDENTIFIER ::= { t11FcSpAuthenticationMIB 0 }
  81: 
  82: --
  83: -- OIDs defined for use as values of t11FcSpAuServerProtocol
  84: --
  85: 
  86: t11FcSpAuServerProtocolRadius OBJECT-IDENTITY
  87:     STATUS       current
  88:     DESCRIPTION
  89:            "This OID identifies RADIUS as the protocol used
  90:            to communicate with an External Server as part of
  91:            the process by which identities are verified.
  92:            In this case, information about the RADIUS Servers
  93:            is likely to be provided in radiusAuthServerExtTable
  94:            defined in the RADIUS-AUTH-CLIENT-MIB."
  95:     REFERENCE
  96:            "radiusAuthServerExtTable in 'RADIUS Authentication
  97:             Client MIB', RFC 4668, August 2006."
  98:     ::= { t11FcSpAuMIBIdentities 1 }
  99: 
 100: t11FcSpAuServerProtocolDiameter OBJECT-IDENTITY
 101:     STATUS       current
 102:     DESCRIPTION
 103:            "This OID identifies Diameter as the protocol used
 104:            to communicate with an External Server as part of
 105:            the process by which identities are verified."
 106:     REFERENCE
 107:            "RFC 3588, September 2003."
 108:     ::= { t11FcSpAuMIBIdentities 2 }
 109: 
 110: t11FcSpAuServerProtocolTacacs OBJECT-IDENTITY
 111:     STATUS       current
 112:     DESCRIPTION
 113:            "This OID identifies TACACS as the protocol used
 114:            to communicate with an External Server as part of
 115:            the process by which identities are verified."
 116:     REFERENCE
 117:            "RFC 1492, July 1993."
 118:     ::= { t11FcSpAuMIBIdentities 3 }
 119: 
 120: --
 121: -- Configuration for the Authentication Protocols
 122: --
 123: 
 124: t11FcSpAuEntityTable OBJECT-TYPE
 125:     SYNTAX       SEQUENCE OF T11FcSpAuEntityEntry
 126:     MAX-ACCESS   not-accessible
 127:     STATUS       current
 128:     DESCRIPTION
 129:            "A table of Fibre Channel entities which can be authenticated
 130:            using FC-SP's Authentication Protocols.
 131: 
 132:            The purpose of an FC-SP Authentication Protocol is to verify
 133:            that a claimed name is associated with the claiming entity.
 134:            The Authentication Protocols can be used to authenticate
 135:            Nx_Ports, B_Ports, or Switches."
 136:     REFERENCE
 137:            "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
 138:             Fibre Channel - Security Protocols (FC-SP),
 139:             13 June 2006, section 3.2.25."
 140:     ::= { t11FcSpAuMIBObjects 1 }
 141: 
 142: t11FcSpAuEntityEntry OBJECT-TYPE
 143:     SYNTAX       T11FcSpAuEntityEntry
 144:     MAX-ACCESS   not-accessible
 145:     STATUS       current
 146:     DESCRIPTION
 147:            "Information about the configuration and capabilities of an
 148:            FC-SP entity (which is managed within the Fibre Channel
 149:            management instance identified by fcmInstanceIndex) on a
 150:            particular Fabric with respect to FC-SP's Authentication
 151:            Protocols."
 152:     INDEX   { fcmInstanceIndex, t11FcSpAuEntityName,
 153:               t11FcSpAuFabricIndex }
 154:     ::= { t11FcSpAuEntityTable 1 }
 155: 
 156: T11FcSpAuEntityEntry ::= SEQUENCE {
 157:     t11FcSpAuEntityName             FcNameIdOrZero,
 158:     t11FcSpAuFabricIndex            T11FabricIndex,
 159:     t11FcSpAuServerProtocol         AutonomousType,
 160:                                                    -- Config parameters
 161:     t11FcSpAuStorageType            StorageType,
 162:     t11FcSpAuSendRejNotifyEnable    TruthValue,
 163:     t11FcSpAuRcvRejNotifyEnable     TruthValue,
 164:     t11FcSpAuDefaultLifetime        Unsigned32,
 165:     t11FcSpAuDefaultLifetimeUnits   INTEGER,
 166:     t11FcSpAuRejectMaxRows          Unsigned32,
 167:                                                    -- Capabilities
 168:     t11FcSpAuDhChapHashFunctions    T11FcSpHashFunctions,
 169:     t11FcSpAuDhChapDhGroups         T11FcSpDhGroups,
 170:     t11FcSpAuFcapHashFunctions      T11FcSpHashFunctions,
 171:     t11FcSpAuFcapCertsSignFunctions T11FcSpSignFunctions,
 172:     t11FcSpAuFcapDhGroups           T11FcSpDhGroups,
 173:     t11FcSpAuFcpapHashFunctions     T11FcSpHashFunctions,
 174:     t11FcSpAuFcpapDhGroups          T11FcSpDhGroups
 175: }
 176: 
 177: t11FcSpAuEntityName OBJECT-TYPE
 178:     SYNTAX     FcNameIdOrZero (SIZE (8))
 179:     MAX-ACCESS not-accessible
 180:     STATUS     current
 181:     DESCRIPTION
 182:            "The name used to identify the FC-SP entity.
 183: 
 184:            For entities which are Fibre Channel Switches, this value
 185:            corresponds to the Switch's value of fcmSwitchWWN.  For
 186:            entities other than Fibre Channel Switches, this value
 187:            corresponds to the value of fcmInstanceWwn for the
 188:            corresponding Fibre Channel management instance."
 189:     REFERENCE
 190:            "fcmInstanceWwn & fcmSwitchWWN,
 191:             'Fibre Channel Management MIB', RFC 4044, May 2005."
 192:     ::= { t11FcSpAuEntityEntry 1 }
 193: 
 194: t11FcSpAuFabricIndex OBJECT-TYPE
 195:     SYNTAX       T11FabricIndex
 196:     MAX-ACCESS   not-accessible
 197:     STATUS       current
 198:     DESCRIPTION
 199:            "An index value which uniquely identifies a
 200:            particular Fabric to which the entity is attached."
 201:     ::= { t11FcSpAuEntityEntry 2 }
 202: 
 203: t11FcSpAuServerProtocol OBJECT-TYPE
 204:     SYNTAX       AutonomousType
 205:     MAX-ACCESS   read-only
 206:     STATUS       current
 207:     DESCRIPTION
 208:            "The protocol, if any, used by the entity to communicate
 209:            with a third party (i.e., an External Server) as part of
 210:            the process by which it verifies DH-CHAP responses.  For
 211:            example, if the entity is using an external RADIUS server
 212:            to verify DH-CHAP responses, then this object will have
 213:            the value t11FcSpAuServerProtocolRadius.
 214: 
 215:            The value, zeroDotZero, is used to indicate that no
 216:            protocol is being used to communicate with a third
 217:            party to verify DH-CHAP responses.
 218: 
 219:            When no protocol is being used, or if the third party is
 220:            unreachable via the specified protocol, then locally
 221:            configured information (if any) may be used instead."
 222:     ::= { t11FcSpAuEntityEntry 3 }
 223: 
 224: t11FcSpAuStorageType OBJECT-TYPE
 225:     SYNTAX       StorageType
 226:     MAX-ACCESS   read-write
 227:     STATUS       current
 228:     DESCRIPTION
 229:            "This object specifies the memory realization of
 230:            configuration information related to an FC-SP
 231:            Entity on a particular Fabric; specifically, for
 232:            MIB objects in the row containing this object.
 233: 
 234:            Even if an instance of this object has the value
 235:            'permanent(4)', none of the information in the
 236:            corresponding row of this table needs to be writable."
 237:     ::= { t11FcSpAuEntityEntry 4 }
 238: 
 239: t11FcSpAuSendRejNotifyEnable OBJECT-TYPE
 240:     SYNTAX     TruthValue
 241:     MAX-ACCESS read-write
 242:     STATUS     current
 243:     DESCRIPTION
 244:            "An indication of whether or not the entity should issue
 245:            t11FcSpAuRejectSentNotify notifications when sending
 246:            AUTH_Reject/SW_RJT/LS_RJT to reject an AUTH message.
 247: 
 248:            If the value of the object is 'true', then this type of
 249:            notification is generated.  If the value is 'false',
 250:            this type of notification is not generated."
 251:     DEFVAL { false }
 252:     ::= { t11FcSpAuEntityEntry 5 }
 253: 
 254: t11FcSpAuRcvRejNotifyEnable OBJECT-TYPE
 255:     SYNTAX     TruthValue
 256:     MAX-ACCESS read-write
 257:     STATUS     current
 258:     DESCRIPTION
 259:            "An indication of whether or not the entity should issue
 260:            t11FcSpAuRejectReceivedNotify notifications on the receipt
 261:            of AUTH_Reject/SW_RJT/LS_RJT messages.
 262: 
 263:            If the value of the object is 'true', then this type of
 264:            notification is generated.  If the value is 'false',
 265:            this type of notification is not generated."
 266:     DEFVAL { false }
 267:     ::= { t11FcSpAuEntityEntry 6 }
 268: 
 269: t11FcSpAuDefaultLifetime OBJECT-TYPE
 270:     SYNTAX       Unsigned32 (0..4294967295)
 271:     MAX-ACCESS   read-write
 272:     STATUS       current
 273:     DESCRIPTION
 274:            "When the value of this object is non-zero, it specifies the
 275:            default value of a lifetime, specified in units given by
 276:            the corresponding instance of t11FcSpAuDefaultLifetimeUnits.
 277:            This default lifetime is to be used for any Security
 278:            Association which has no explicitly-specified value for its
 279:            lifetime.
 280: 
 281:            An SA's lifetime is either the time interval or the number
 282:            of passed bytes, after which the SA has to be terminated and
 283:            (if necessary) replaced with a new SA.
 284: 
 285:            If this object is zero, then there is no default value for
 286:            lifetime."
 287:     DEFVAL       { 28800 }         -- 8 hours (in units of seconds)
 288:      ::= { t11FcSpAuEntityEntry 7 }
 289: 
 290: t11FcSpAuDefaultLifetimeUnits OBJECT-TYPE
 291:     SYNTAX       INTEGER {
 292:                      seconds(1),      -- seconds
 293:                      kiloBytes(2),    -- 10^^3 bytes
 294:                      megaBytes(3),    -- 10^^6 bytes
 295:                      gigaBytes(4),    -- 10^^9 bytes
 296:                      teraBytes(5),    -- 10^^12 bytes
 297:                      petaBytes(6),    -- 10^^15 bytes
 298:                      exaBytes(7),     -- 10^^18 bytes
 299:                      zettaBytes(8),   -- 10^^21 bytes
 300:                      yottaBytes(9)    -- 10^^24 bytes
 301:                  }
 302:     MAX-ACCESS   read-write
 303:     STATUS       current
 304:     DESCRIPTION
 305:            "The units in which the value of the corresponding
 306:            instance of t11FcSpAuDefaultLifetime specifies a
 307:            default lifetime for a Security Association which has
 308:            no explicitly-specified value for its lifetime."
 309:     DEFVAL       { seconds }
 310:     ::= { t11FcSpAuEntityEntry 8 }
 311: 
 312: t11FcSpAuRejectMaxRows OBJECT-TYPE
 313:     SYNTAX       Unsigned32 (0..1000)
 314:     MAX-ACCESS   read-write
 315:     STATUS       current
 316:     DESCRIPTION
 317:            "The maximum number of rows in the t11FcSpAuRejectTable for
 318:            this entity on this Fabric.  If and when an AUTH message is
 319:            rejected and the t11FcSpAuRejectTable already contains this
 320:            maximum number of rows for the specific entity and Fabric,
 321:            the row containing the oldest information is discarded and
 322:            replaced by a row containing information about the new
 323:            rejection.
 324: 
 325:            There will be less than this maximum number of rows in
 326:            the t11FcSpAuRejectTable in exceptional circumstances,
 327:            e.g., after an agent restart.
 328: 
 329:            In an implementation which does not support the
 330:            t11FcSpAuRejectTable, this object will always be zero."
 331:     ::= { t11FcSpAuEntityEntry 9 }
 332: 
 333: t11FcSpAuDhChapHashFunctions OBJECT-TYPE
 334:     SYNTAX     T11FcSpHashFunctions
 335:     MAX-ACCESS read-only
 336:     STATUS     current
 337:     DESCRIPTION
 338:            "The hash functions which the entity supports when using
 339:            the DH-CHAP algorithm."
 340:     ::= { t11FcSpAuEntityEntry 10 }
 341: 
 342: t11FcSpAuDhChapDhGroups OBJECT-TYPE
 343:     SYNTAX     T11FcSpDhGroups
 344:     MAX-ACCESS read-only
 345:     STATUS     current
 346:     DESCRIPTION
 347:            "The DH Groups which the entity supports when using the
 348:            DH-CHAP algorithm in FC-SP."
 349:     ::= { t11FcSpAuEntityEntry 11 }
 350: 
 351: t11FcSpAuFcapHashFunctions OBJECT-TYPE
 352:     SYNTAX     T11FcSpHashFunctions
 353:     MAX-ACCESS read-only
 354:     STATUS     current
 355:     DESCRIPTION
 356:            "The hash functions which the entity supports when
 357:            specified as Protocol Parameters in the AUTH_Negotiate
 358:            message for FCAP in FC-SP."
 359:     REFERENCE
 360:            "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
 361:             Fibre Channel - Security Protocols (FC-SP),
 362:             13 June 2006, section 5.5.2.1 and table 28."
 363:     ::= { t11FcSpAuEntityEntry 12 }
 364: 
 365: t11FcSpAuFcapCertsSignFunctions OBJECT-TYPE
 366:     SYNTAX     T11FcSpSignFunctions
 367:     MAX-ACCESS read-only
 368:     STATUS     current
 369:     DESCRIPTION
 370:            "The signature functions used within certificates which
 371:            the entity supports when using FCAP in FC-SP."
 372:     REFERENCE
 373:            "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
 374:             Fibre Channel - Security Protocols (FC-SP),
 375:             13 June 2006, section 5.5.4.2 and tables 38 & 39."
 376:     ::= { t11FcSpAuEntityEntry 13 }
 377: 
 378: t11FcSpAuFcapDhGroups OBJECT-TYPE
 379:     SYNTAX     T11FcSpDhGroups
 380:     MAX-ACCESS read-only
 381:     STATUS     current
 382:     DESCRIPTION
 383:            "The DH Groups which the entity supports when using the
 384:            FCAP algorithm in FC-SP."
 385:     ::= { t11FcSpAuEntityEntry 14 }
 386: 
 387: t11FcSpAuFcpapHashFunctions OBJECT-TYPE
 388:     SYNTAX     T11FcSpHashFunctions
 389:     MAX-ACCESS read-only
 390:     STATUS     current
 391:     DESCRIPTION
 392:            "The hash functions which the entity supports when using
 393:            the FCPAP algorithm in FC-SP."
 394:     ::= { t11FcSpAuEntityEntry 15 }
 395: 
 396: t11FcSpAuFcpapDhGroups OBJECT-TYPE
 397:     SYNTAX     T11FcSpDhGroups
 398:     MAX-ACCESS read-only
 399:     STATUS     current
 400:     DESCRIPTION
 401:            "The DH Groups which the entity supports when using the
 402:            FCPAP algorithm in FC-SP."
 403:     ::= { t11FcSpAuEntityEntry 16 }
 404: 
 405: 
 406: --
 407: -- The Mapping of Authentication Entities onto Interfaces
 408: -- and Statistics
 409: --
 410: 
 411: t11FcSpAuIfStatTable OBJECT-TYPE
 412:     SYNTAX       SEQUENCE OF T11FcSpAuIfStatEntry
 413:     MAX-ACCESS   not-accessible
 414:     STATUS       current
 415:     DESCRIPTION
 416:            "Each FC-SP Authentication entity can operate on one or more
 417:            interfaces, but at most one of them can operate on each
 418:            interface.  A row in this table exists for each interface
 419:            to each Fabric on which each Authentication entity operates.
 420: 
 421:            The objects within this table contain statistics information
 422:            related to FC-SP's Authentication Protocols."
 423:     ::= { t11FcSpAuMIBObjects 2 }
 424: 
 425: t11FcSpAuIfStatEntry OBJECT-TYPE
 426:     SYNTAX       T11FcSpAuIfStatEntry
 427:     MAX-ACCESS   not-accessible
 428:     STATUS       current
 429:     DESCRIPTION
 430:            "A set of Authentication Protocols statistics for an FC-SP
 431:            Authentication entity (identified by t11FcSpAuEntityName) on
 432:            one of its interfaces to a particular Fabric, which is
 433:            managed within the Fibre Channel management instance
 434:            identified by fcmInstanceIndex."
 435: 
 436:     INDEX   { fcmInstanceIndex, t11FcSpAuEntityName,
 437:               t11FcSpAuIfStatInterfaceIndex,
 438:               t11FcSpAuIfStatFabricIndex }
 439:     ::= { t11FcSpAuIfStatTable 1 }
 440: 
 441: T11FcSpAuIfStatEntry ::= SEQUENCE {
 442:     t11FcSpAuIfStatInterfaceIndex        InterfaceIndex,
 443:     t11FcSpAuIfStatFabricIndex           T11FabricIndex,
 444:     t11FcSpAuIfStatTimeouts              Counter32,
 445:     t11FcSpAuIfStatInAcceptedMsgs        Counter32,
 446:     t11FcSpAuIfStatInLsSwRejectedMsgs    Counter32,
 447:     t11FcSpAuIfStatInAuthRejectedMsgs    Counter32,
 448:     t11FcSpAuIfStatOutAcceptedMsgs       Counter32,
 449:     t11FcSpAuIfStatOutLsSwRejectedMsgs   Counter32,
 450:     t11FcSpAuIfStatOutAuthRejectedMsgs   Counter32
 451: }
 452: 
 453: t11FcSpAuIfStatInterfaceIndex OBJECT-TYPE
 454:     SYNTAX       InterfaceIndex
 455:     MAX-ACCESS   not-accessible
 456:     STATUS       current
 457:     DESCRIPTION
 458:            "The interface on which the FC-SP Authentication entity
 459:            operates and for which the statistics are collected."
 460:     ::= { t11FcSpAuIfStatEntry 1 }
 461: 
 462: t11FcSpAuIfStatFabricIndex OBJECT-TYPE
 463:     SYNTAX       T11FabricIndex
 464:     MAX-ACCESS   not-accessible
 465:     STATUS       current
 466:     DESCRIPTION
 467:            "A index value identifying the particular Fabric for
 468:            which the statistics are collected."
 469:     ::= { t11FcSpAuIfStatEntry 2 }
 470: 
 471: t11FcSpAuIfStatTimeouts OBJECT-TYPE
 472:     SYNTAX       Counter32
 473:     MAX-ACCESS   read-only
 474:     STATUS       current
 475:     DESCRIPTION
 476:            "The number of FC-SP Authentication Protocol messages sent
 477:            by the particular entity on the particular Fabric on the
 478:            particular interface, for which no response was received
 479:            within a timeout period.
 480:            This counter has no discontinuities other than those
 481:            which all Counter32's have when sysUpTime=0."
 482:     REFERENCE
 483:            "Fibre Channel - Security Protocols (FC-SP),
 484:            T11/Project 1570-D/Rev 1.8, June 2006, section 5.11."
 485:     ::= { t11FcSpAuIfStatEntry 3 }
 486: 
 487: t11FcSpAuIfStatInAcceptedMsgs OBJECT-TYPE
 488:     SYNTAX       Counter32
 489:     MAX-ACCESS   read-only
 490:     STATUS       current
 491:     DESCRIPTION
 492:            "The number of FC-SP Authentication Protocol messages
 493:            received and accepted by the particular entity on the
 494:            particular Fabric on the particular interface.
 495: 
 496:            This counter has no discontinuities other than those
 497:            which all Counter32's have when sysUpTime=0."
 498:     REFERENCE
 499:            "Fibre Channel - Security Protocols (FC-SP),
 500:            T11/Project 1570-D/Rev 1.8, June 2006, section 5.1."
 501:     ::= { t11FcSpAuIfStatEntry 4 }
 502: 
 503: t11FcSpAuIfStatInLsSwRejectedMsgs OBJECT-TYPE
 504:     SYNTAX       Counter32
 505:     MAX-ACCESS   read-only
 506:     STATUS       current
 507:     DESCRIPTION
 508:            "The number of FC-SP Authentication Protocol messages
 509:            received by the particular entity on the particular Fabric
 510:            on particular interface, and rejected by a lower-level
 511:            (SW_RJT or LS_RJT) reject.
 512: 
 513:            This counter has no discontinuities other than those
 514:            which all Counter32's have when sysUpTime=0."
 515:     REFERENCE
 516:            "Fibre Channel - Security Protocols (FC-SP),
 517:            T11/Project 1570-D/Rev 1.8, June 2006, section 5.1."
 518:     ::= { t11FcSpAuIfStatEntry 5 }
 519: 
 520: t11FcSpAuIfStatInAuthRejectedMsgs OBJECT-TYPE
 521:     SYNTAX       Counter32
 522:     MAX-ACCESS   read-only
 523:     STATUS       current
 524:     DESCRIPTION
 525:            "The number of FC-SP Authentication Protocol messages
 526:            received by the particular entity on the particular Fabric
 527:            on particular interface, and rejected by an AUTH_Reject
 528:            message.
 529: 
 530:            This counter has no discontinuities other than those
 531:            which all Counter32's have when sysUpTime=0."
 532:     REFERENCE
 533:            "Fibre Channel - Security Protocols (FC-SP),
 534:            T11/Project 1570-D/Rev 1.8, June 2006, section 5.1."
 535:     ::= { t11FcSpAuIfStatEntry 6 }
 536: 
 537: t11FcSpAuIfStatOutAcceptedMsgs OBJECT-TYPE
 538:     SYNTAX       Counter32
 539:     MAX-ACCESS   read-only
 540:     STATUS       current
 541:     DESCRIPTION
 542:            "The number of FC-SP Authentication Protocol messages sent
 543:            by the particular entity on the particular Fabric on the
 544:            particular interface, which were accepted by the
 545:            neighbouring entity, i.e., not rejected by an AUTH_Reject
 546:            message, nor by a lower-level (SW_RJT or LS_RJT) reject.
 547: 
 548:            This counter has no discontinuities other than those
 549:            which all Counter32's have when sysUpTime=0."
 550:     REFERENCE
 551:            "Fibre Channel - Security Protocols (FC-SP),
 552:            T11/Project 1570-D/Rev 1.8, June 2006, section 5.1."
 553:     ::= { t11FcSpAuIfStatEntry 7 }
 554: 
 555: t11FcSpAuIfStatOutLsSwRejectedMsgs OBJECT-TYPE
 556:     SYNTAX       Counter32
 557:     MAX-ACCESS   read-only
 558:     STATUS       current
 559:     DESCRIPTION
 560:            "The number of FC-SP Authentication Protocol messages sent
 561:            by the particular entity on the particular Fabric on the
 562:            particular interface, which were rejected by a lower-level
 563:            (SW_RJT or LS_RJT) reject.
 564: 
 565:            This counter has no discontinuities other than those
 566:            which all Counter32's have when sysUpTime=0."
 567:     REFERENCE
 568:            "Fibre Channel - Security Protocols (FC-SP),
 569:            T11/Project 1570-D/Rev 1.8, June 2006, section 5.1."
 570:     ::= { t11FcSpAuIfStatEntry 8 }
 571: 
 572: t11FcSpAuIfStatOutAuthRejectedMsgs OBJECT-TYPE
 573:     SYNTAX       Counter32
 574:     MAX-ACCESS   read-only
 575:     STATUS       current
 576:     DESCRIPTION
 577:            "The number of FC-SP Authentication Protocol messages sent
 578:            by the particular entity on the particular Fabric on the
 579:            particular interface, which were rejected by an
 580:            AUTH_Reject message.
 581: 
 582:            This counter has no discontinuities other than those
 583:            which all Counter32's have when sysUpTime=0."
 584:     REFERENCE
 585:            "Fibre Channel - Security Protocols (FC-SP),
 586:            T11/Project 1570-D/Rev 1.8, June 2006, section 5.1."
 587:     ::= { t11FcSpAuIfStatEntry 9 }
 588: 
 589: 
 590: --
 591: -- Information about Authentication Protocol Transactions
 592: -- which were recently rejected
 593: --
 594: 
 595: t11FcSpAuRejectTable OBJECT-TYPE
 596:     SYNTAX       SEQUENCE OF T11FcSpAuRejectEntry
 597:     MAX-ACCESS   not-accessible
 598:     STATUS       current
 599:     DESCRIPTION
 600:            "A table of volatile information about FC-SP Authentication
 601:            Protocol transactions which were recently rejected with
 602:            an AUTH_Reject message, or with an SW_RJT/LS_RJT.
 603: 
 604:            The maximum number of rows in this table for a specific
 605:            entity on a specific Fabric is given by the value of the
 606:            corresponding instance of t11FcSpAuRejectMaxRows.
 607: 
 608:            The syntax of t11FcSpAuRejTimestamp is TimeStamp, and thus
 609:            its value rolls-over to zero after approximately 497 days.
 610:            To avoid any confusion due to such a roll-over, rows should
 611:            be deleted from this table before they are 497 days old.
 612: 
 613:            This table will be empty if no AUTH_Reject messages,
 614:            nor any SW_RJT/LS_RJT's rejecting an AUTH message,
 615:            have been sent or received since the last
 616:            re-initialization of the agent."
 617:     ::= { t11FcSpAuMIBObjects 3 }
 618: 
 619: t11FcSpAuRejectEntry OBJECT-TYPE
 620:     SYNTAX       T11FcSpAuRejectEntry
 621:     MAX-ACCESS   not-accessible
 622:     STATUS       current
 623:     DESCRIPTION
 624:            "Information about one AUTH message (either an
 625:            AUTH_ELS or an AUTH_ILS) which was rejected with an
 626:            AUTH_Reject, SW_RJT or LS_RJT message, sent/received by
 627:            the entity identified by values of fcmInstanceIndex and
 628:            t11FcSpAuEntityName, on an interface to a particular
 629:            Fabric."
 630:     INDEX   { fcmInstanceIndex, t11FcSpAuEntityName,
 631:               t11FcSpAuRejInterfaceIndex, t11FcSpAuRejFabricIndex,
 632:               t11FcSpAuRejTimestamp }
 633:     ::= { t11FcSpAuRejectTable 1 }
 634: 
 635: T11FcSpAuRejectEntry ::= SEQUENCE {
 636:     t11FcSpAuRejInterfaceIndex        InterfaceIndex,
 637:     t11FcSpAuRejFabricIndex           T11FabricIndex,
 638:     t11FcSpAuRejTimestamp             TimeStamp,
 639:     t11FcSpAuRejDirection             INTEGER,
 640:     t11FcSpAuRejType                  INTEGER,
 641:     t11FcSpAuRejAuthMsgString         OCTET STRING,
 642:     t11FcSpAuRejReasonCode            T11FcSpAuthRejectReasonCode,
 643:     t11FcSpAuRejReasonCodeExp         T11FcSpAuthRejReasonCodeExp
 644: }
 645: 
 646: t11FcSpAuRejInterfaceIndex OBJECT-TYPE
 647:     SYNTAX       InterfaceIndex
 648:     MAX-ACCESS   not-accessible
 649:     STATUS       current
 650:     DESCRIPTION
 651:            "The interface on which the rejected AUTH message was
 652:            sent or received."
 653:     ::= { t11FcSpAuRejectEntry 1 }
 654: 
 655: t11FcSpAuRejFabricIndex OBJECT-TYPE
 656:     SYNTAX       T11FabricIndex
 657:     MAX-ACCESS   not-accessible
 658:     STATUS       current
 659:     DESCRIPTION
 660:            "A index value identifying the particular Fabric on
 661:            which the rejected AUTH message was sent or received."
 662:     ::= { t11FcSpAuRejectEntry 2 }
 663: 
 664: t11FcSpAuRejTimestamp OBJECT-TYPE
 665:     SYNTAX       TimeStamp
 666:     MAX-ACCESS   not-accessible
 667:     STATUS       current
 668:     DESCRIPTION
 669:            "The time at which the AUTH message was rejected.  If two
 670:            rows have the same value of this object for the same
 671:            entity on the same interface and Fabric, the value of
 672:            this object for the later one is incremented by one."
 673:     ::= { t11FcSpAuRejectEntry 3 }
 674: 
 675: t11FcSpAuRejDirection OBJECT-TYPE
 676:     SYNTAX       INTEGER { sent(1), received(2) }
 677:     MAX-ACCESS   read-only
 678:     STATUS       current
 679:     DESCRIPTION
 680:            "An indication of whether the the rejection was sent or
 681:            received by the identified entity.
 682: 
 683:            The value 'sent(1)' corresponds to a notification of
 684:            type t11FcSpAuRejectSentNotify; the value 'received(2)'
 685:            corresponds to t11FcSpAuRejectReceivedNotify."
 686:     ::= { t11FcSpAuRejectEntry 4 }
 687: 
 688: t11FcSpAuRejType OBJECT-TYPE
 689:     SYNTAX       INTEGER {
 690:                      authReject(1),
 691:                      swRjt(2),
 692:                      lsRjt(3)
 693:                  }
 694:     MAX-ACCESS   read-only
 695:     STATUS       current
 696:     DESCRIPTION
 697:            "An indication of whether the rejection was an
 698:            AUTH_Reject, an SW_RJT or an LS_RJT."
 699:     ::= { t11FcSpAuRejectEntry 5 }
 700: 
 701: t11FcSpAuRejAuthMsgString OBJECT-TYPE
 702:     SYNTAX       OCTET STRING (SIZE(0..255))
 703:     MAX-ACCESS   read-only
 704:     STATUS       current
 705:     DESCRIPTION
 706:            "The binary content of the AUTH message which was
 707:            rejected, formatted as an octet string (in network
 708:            byte order) containing the content of the message.
 709: 
 710:            If the binary content is unavailable, then the
 711:            length is zero.  Otherwise, the first octet of the
 712:            message identifies the type of message:
 713: 
 714:               '90'h - an AUTH_ELS, see Table 6 in FC-SP,
 715:               '40'h - an AUTH_ILS, see Table 3 in FC-SP, or
 716:               '41'h - an B_AUTH_ILS, see Table 5 in FC-SP.
 717: 
 718:            and the remainder of the message may be truncated."
 719:     REFERENCE
 720:            "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
 721:             Fibre Channel - Security Protocols (FC-SP),
 722:             13 June 2006, Tables 3, 5 and 6."
 723:     ::= { t11FcSpAuRejectEntry 6 }
 724: 
 725: t11FcSpAuRejReasonCode OBJECT-TYPE
 726:     SYNTAX       T11FcSpAuthRejectReasonCode
 727:     MAX-ACCESS   read-only
 728:     STATUS       current
 729:     DESCRIPTION
 730:            "The reason code with which this AUTH message was
 731:            rejected."
 732:     REFERENCE
 733:            "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
 734:             Fibre Channel - Security Protocols (FC-SP),
 735:             13 June 2006, Table 17, 48, 52."
 736:     ::= { t11FcSpAuRejectEntry 7 }
 737: 
 738: t11FcSpAuRejReasonCodeExp OBJECT-TYPE
 739:     SYNTAX       T11FcSpAuthRejReasonCodeExp
 740:     MAX-ACCESS   read-only
 741:     STATUS       current
 742:     DESCRIPTION
 743:            "The reason code explanation with which this AUTH
 744:            message was rejected."
 745:     REFERENCE
 746:            "INCITS xxx/200x, T11/Project 1570-D/Rev 1.8,
 747:             Fibre Channel - Security Protocols (FC-SP),
 748:             13 June 2006, Table 17, 48, 52."
 749:     ::= { t11FcSpAuRejectEntry 8 }
 750: 
 751: --
 752: -- Notifications
 753: --
 754: 
 755: t11FcSpAuRejectSentNotify NOTIFICATION-TYPE
 756:     OBJECTS   { t11FamLocalSwitchWwn,
 757:                 t11FcSpAuRejAuthMsgString,
 758:                 t11FcSpAuRejType,
 759:                 t11FcSpAuRejReasonCode,
 760:                 t11FcSpAuRejReasonCodeExp }
 761:     STATUS       current
 762:     DESCRIPTION
 763:            "This notification indicates that a Switch (identified
 764:            by the value of t11FamLocalSwitchWwn) has sent a reject
 765:            message of the type indicated by t11FcSpAuRejType in
 766:            response to an AUTH message.
 767: 
 768:            The content of the rejected AUTH message is given by the
 769:            value of t11FcSpAuRejAuthMsgString.  The values of the
 770:            Reason Code and Reason Code Explanation in the
 771:            AUTH_Reject/SW_RJT/LS_RJT are indicated by the values of
 772:            t11FcSpAuRejReasonCode and t11FcSpAuRejReasonCodeExp."
 773:     ::= { t11FcSpAuMIBNotifications 1 }
 774: 
 775: t11FcSpAuRejectReceivedNotify NOTIFICATION-TYPE
 776:     OBJECTS   { t11FamLocalSwitchWwn,
 777:                 t11FcSpAuRejAuthMsgString,
 778:                 t11FcSpAuRejType,
 779:                 t11FcSpAuRejReasonCode,
 780:                 t11FcSpAuRejReasonCodeExp }
 781:     STATUS       current
 782:     DESCRIPTION
 783:            "This notification indicates that a Switch (identified
 784:            by the value of t11FamLocalSwitchWwn) has received a
 785:            reject message of the type indicated by t11FcSpAuRejType
 786:            in response to an AUTH message.
 787: 
 788:            The content of the rejected AUTH message is given by the
 789:            value of t11FcSpAuRejAuthMsgString.  The values of the
 790:            Reason Code and Reason Code Explanation in the
 791:            AUTH_Reject/SW_RJT/LS_RJT are indicated by the values of
 792:            t11FcSpAuRejReasonCode and t11FcSpAuRejReasonCodeExp."
 793:     ::= { t11FcSpAuMIBNotifications 2 }
 794: 
 795: --
 796: -- Conformance
 797: --
 798: 
 799: t11FcSpAuMIBCompliances
 800:                   OBJECT IDENTIFIER ::= { t11FcSpAuMIBConformance 1 }
 801: t11FcSpAuMIBGroups
 802:                   OBJECT IDENTIFIER ::= { t11FcSpAuMIBConformance 2 }
 803: 
 804: t11FcSpAuMIBCompliance MODULE-COMPLIANCE
 805:     STATUS       current
 806:     DESCRIPTION
 807:            "The compliance statement for entities which
 808:            implement one or more of the Authentication Protocols
 809:            defined in FC-SP."
 810: 
 811:     MODULE  -- this module
 812:         MANDATORY-GROUPS { t11FcSpAuGeneralGroup,
 813:                            t11FcSpAuRejectedGroup,
 814:                            t11FcSpAuNotificationGroup }
 815: 
 816:         GROUP      t11FcSpAuIfStatsGroup
 817:         DESCRIPTION
 818:                "These counters, of particular FC-SP messages and
 819:                events, are mandatory only for those systems that
 820:                count such messages/events."
 821: 
 822: -- Write access is not required for any objects in this MIB module:
 823: 
 824:         OBJECT     t11FcSpAuStorageType
 825:         MIN-ACCESS read-only
 826:         DESCRIPTION
 827:                "Write access is not required."
 828: 
 829:         OBJECT     t11FcSpAuSendRejNotifyEnable
 830:         MIN-ACCESS read-only
 831:         DESCRIPTION
 832:                "Write access is not required."
 833: 
 834:         OBJECT     t11FcSpAuRcvRejNotifyEnable
 835:         MIN-ACCESS read-only
 836:         DESCRIPTION
 837:                "Write access is not required."
 838: 
 839:         OBJECT     t11FcSpAuDefaultLifetime
 840:         MIN-ACCESS read-only
 841:         DESCRIPTION
 842:                "Write access is not required."
 843: 
 844:         OBJECT     t11FcSpAuDefaultLifetimeUnits
 845:         MIN-ACCESS read-only
 846:         DESCRIPTION
 847:                "Write access is not required."
 848: 
 849:         OBJECT     t11FcSpAuRejectMaxRows
 850:         MIN-ACCESS read-only
 851:         DESCRIPTION
 852:                "Write access is not required."
 853: 
 854:         ::= { t11FcSpAuMIBCompliances 1 }
 855: 
 856: 
 857: -- Units of Conformance
 858: 
 859: t11FcSpAuGeneralGroup OBJECT-GROUP
 860:     OBJECTS  { t11FcSpAuServerProtocol,
 861:                t11FcSpAuStorageType,
 862:                t11FcSpAuSendRejNotifyEnable,
 863:                t11FcSpAuRcvRejNotifyEnable,
 864:                t11FcSpAuDefaultLifetime,
 865:                t11FcSpAuDefaultLifetimeUnits,
 866:                t11FcSpAuRejectMaxRows,
 867:                t11FcSpAuDhChapHashFunctions,
 868:                t11FcSpAuDhChapDhGroups,
 869:                t11FcSpAuFcapHashFunctions,
 870:                t11FcSpAuFcapCertsSignFunctions,
 871:                t11FcSpAuFcapDhGroups,
 872:                t11FcSpAuFcpapHashFunctions,
 873:                t11FcSpAuFcpapDhGroups,
 874:                t11FcSpAuIfStatTimeouts }
 875:     STATUS   current
 876:     DESCRIPTION
 877:            "A collection of objects for the capabilities and
 878:            configuration parameters of FC-SP's Authentication
 879:            Protocols.  The inclusion of t11FcSpAuIfStatTimeouts
 880:            in this group provides information on mappings of
 881:            Authentication entities onto interfaces."
 882:     ::= { t11FcSpAuMIBGroups 1 }
 883: 
 884: t11FcSpAuIfStatsGroup OBJECT-GROUP
 885:     OBJECTS  { t11FcSpAuIfStatInAcceptedMsgs,
 886:                t11FcSpAuIfStatInLsSwRejectedMsgs,
 887:                t11FcSpAuIfStatInAuthRejectedMsgs,
 888:                t11FcSpAuIfStatOutAcceptedMsgs,
 889:                t11FcSpAuIfStatOutLsSwRejectedMsgs,
 890:                t11FcSpAuIfStatOutAuthRejectedMsgs }
 891:     STATUS   current
 892:     DESCRIPTION
 893:            "A collection of objects for monitoring the
 894:            operations of FC-SP's Authentication Protocols."
 895:     ::= { t11FcSpAuMIBGroups 2 }
 896: 
 897: t11FcSpAuRejectedGroup OBJECT-GROUP
 898:     OBJECTS  { t11FcSpAuRejDirection,
 899:                t11FcSpAuRejType,
 900:                t11FcSpAuRejAuthMsgString,
 901:                t11FcSpAuRejReasonCode,
 902:                t11FcSpAuRejReasonCodeExp }
 903:     STATUS   current
 904:     DESCRIPTION
 905:            "A collection of objects holding information concerning
 906:            FC-SP Authentication Protocol transactions which were
 907:            recently rejected with an AUTH_Reject, with an SW_RJT,
 908:            or with an LS_RJT."
 909:     ::= { t11FcSpAuMIBGroups 3 }
 910: 
 911: t11FcSpAuNotificationGroup NOTIFICATION-GROUP
 912:     NOTIFICATIONS  { t11FcSpAuRejectSentNotify,
 913:                      t11FcSpAuRejectReceivedNotify }
 914:     STATUS   current
 915:     DESCRIPTION
 916:            "A collection of notifications for use in the management
 917:            of FC-SP's Authentication Protocols."
 918:     ::= { t11FcSpAuMIBGroups 4 }
 919: 
 920: END
 921: 
 922: -- 
 923: --    Copyright (C) The IETF Trust (2007).  This document is subject to the
 924: --    rights, licenses and restrictions contained in BCP 78, and except as
 925: --    set forth therein, the authors retain all their rights.
 926: -- 
 927: --    This document and the information contained herein are provided on an
 928: --    "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
 929: --    OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
 930: --    THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
 931: --    OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
 932: --    THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
 933: --    WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
 934: -- 
 935: -- Disclaimer of validity
 936: -- 
 937: --    The IETF takes no position regarding the validity or scope of any
 938: --    Intellectual Property Rights or other rights that might be claimed to
 939: --    pertain to the implementation or use of the technology described in
 940: --    this document or the extent to which any license under such rights
 941: --    might or might not be available; nor does it represent that it has
 942: --    made any independent effort to identify any such rights.  Information
 943: --    on the procedures with respect to rights in RFC documents can be
 944: --    found in BCP 78 and BCP 79.
 945: -- 
 946: --    Copies of IPR disclosures made to the IETF Secretariat and any
 947: --    assurances of licenses to be made available, or the result of an
 948: --    attempt made to obtain a general license or permission for the use of
 949: --    such proprietary rights by implementers or users of this
 950: --    specification can be obtained from the IETF on-line IPR repository at
 951: --    http://www.ietf.org/ipr.
 952: -- 
 953: --    The IETF invites any interested party to bring to its attention any
 954: --    copyrights, patents or patent applications, or other proprietary
 955: --    rights that may cover technology that may be required to implement
 956: --    this standard.  Please address the information to the IETF at
 957: --    ietf-ipr@ietf.org.
 958: -- 
 959: -- Acknowledgment
 960: -- 
 961: --    Funding for the RFC Editor function is currently provided by the
 962: --    Internet Society.
 963: