FDRY-DAI-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, IpAddress FROM SNMPv2-SMI snSwitch FROM FOUNDRY-SN-SWITCH-GROUP-MIB MacAddress, TruthValue, RowStatus, TEXTUAL-CONVENTION FROM SNMPv2-TC VlanIndex FROM Q-BRIDGE-MIB DisplayString FROM FOUNDRY-SN-AGENT-MIB ifIndex FROM IF-MIB; fdryDaiMIB MODULE-IDENTITY LAST-UPDATED "201007260000Z" -- July 26, 2010 ORGANIZATION "Brocade Communications Systems, Inc." CONTACT-INFO "Technical Support Center 130 Holger Way, San Jose, CA 95134 Email: ipsupport@brocade.com Phone: 1-800-752-8061 URL: www.brocade.com" DESCRIPTION "Management Information for configuration of Dynamic ARP Inspection feature. Dynamic ARP Inspection is a security mechanism which validates all ARP packets in a subnet and discard those packets with invalid IP to MAC address bindings. Copyright 1996-2010 Brocade Communications Systems, Inc. All rights reserved. This Brocade Communications Systems SNMP Management Information Base Specification embodies Brocade Communications Systems' confidential and proprietary intellectual property. Brocade Communications Systems retains all title and ownership in the Specification, including any revisions. This Specification is supplied AS IS, and Brocade Communications Systems makes no warranty, either express or implied, as to the use, operation, condition, or performance of the specification, and any unintended consequence it may on the user environment." REVISION "201007260000Z" -- July 26, 2010 DESCRIPTION "Changed the ORGANIZATION, CONTACT-INFO and DESCRIPTION fields." REVISION "201002220000Z" -- February 22, 2010 DESCRIPTION "" ::= { snSwitch 35} -- -- Textual Conventions -- ArpType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Represents type of ARP entry to be used." SYNTAX INTEGER{ other(1), static(2), dynamic(3), inspect(4), dhcp(5), dynamicDhcp(6), staticDhcp(7), host(8) } ArpState ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Represents state of ARP entry to be used." SYNTAX INTEGER{ other(1), valid(2), pend(3) } fdryDaiVlan OBJECT IDENTIFIER ::= { fdryDaiMIB 1 } fdryDaiInterface OBJECT IDENTIFIER ::= { fdryDaiMIB 2 } fdryDaiArpInspect OBJECT IDENTIFIER ::= { fdryDaiMIB 3 } -- -- Dynamic ARP Inspection VLAN configuration table -- fdryDaiVlanConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF FdryDaiVlanConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table provides the mechanism to control Dynamic ARP Inspection per VLAN. When a VLAN is created in a device supporting this table, a corresponding entry of this table will be added." ::= { fdryDaiVlan 1 } fdryDaiVlanConfigEntry OBJECT-TYPE SYNTAX FdryDaiVlanConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A row instance contains the configuration to enable or disable Dynamic ARP Inspection at the existing VLAN." INDEX { fdryDaiVlanVLanId } ::= { fdryDaiVlanConfigTable 1 } FdryDaiVlanConfigEntry ::= SEQUENCE { fdryDaiVlanVLanId VlanIndex, fdryDaiVlanDynArpInspEnable TruthValue } fdryDaiVlanVLanId OBJECT-TYPE SYNTAX VlanIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object indicates the VLAN number on which Dynamic ARP Inspection feature is configured." ::= { fdryDaiVlanConfigEntry 1 } fdryDaiVlanDynArpInspEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object indicates whether Dynamic ARP Inspection is enabled in this VLAN. If this object is set to 'true', Dynamic ARP Inspection is enabled. If this object is set to 'false', Dynamic ARP Inspection is disabled." ::= { fdryDaiVlanConfigEntry 2 } -- -- Dynamic ARP Inspection Interface configuration table -- fdryDaiIfConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF FdryDaiIfConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table provides the mechanism to configure the trust state for Dynamic ARP Inspection purpose at each physical interface." ::= { fdryDaiInterface 1 } fdryDaiIfConfigEntry OBJECT-TYPE SYNTAX FdryDaiIfConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A row instance contains the configuration to enable or disable trust state for Dynamic ARP Inspection at each physical interface capable of this feature." INDEX { ifIndex } ::= { fdryDaiIfConfigTable 1 } FdryDaiIfConfigEntry ::= SEQUENCE { fdryDaiIfTrustValue TruthValue } fdryDaiIfTrustValue OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object indicates whether the interface is trusted for Dynamic ARP Inspection. If this object is set to 'true', the interface is trusted. ARP packets coming to this interface will be forwarded without checking. If this object is set to 'false', the interface is not trusted. ARP packets received on this interface will be subjected to ARP inspection." ::= { fdryDaiIfConfigEntry 1 } -- -- Dynamic ARP Inspection entry table -- Use this table to configure and display the inspection ARP entries -- fdryDaiArpInspectTable OBJECT-TYPE SYNTAX SEQUENCE OF FdryDaiArpInspectEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table provides the mechanism to control Dynamic ARP Inspection entries. When an IP-MAC mapping entry is created in a device supporting this table, a corresponding entry of this table will be added." ::= { fdryDaiArpInspect 1 } fdryDaiArpInspectEntry OBJECT-TYPE SYNTAX FdryDaiArpInspectEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A row instance contains the configuration to map a device IP address with its MAC address." INDEX { fdryDaiArpInspectIpAddr } ::= { fdryDaiArpInspectTable 1 } FdryDaiArpInspectEntry ::= SEQUENCE { fdryDaiArpInspectIpAddr IpAddress, fdryDaiArpInspectMacAddr MacAddress, fdryDaiArpInspectRowStatus RowStatus, fdryDaiArpInspectType ArpType, fdryDaiArpInspectState ArpState, fdryDaiArpInspectAge Unsigned32, fdryDaiArpInspectPort DisplayString } fdryDaiArpInspectIpAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The device IP address." ::= { fdryDaiArpInspectEntry 1} fdryDaiArpInspectMacAddr OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The device MAC address." ::= { fdryDaiArpInspectEntry 2 } fdryDaiArpInspectRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This variable is used to create, or delete a row in this table. When a row in this table is in active(1) state, no objects in that row can be modified except this object." ::= { fdryDaiArpInspectEntry 3 } fdryDaiArpInspectType OBJECT-TYPE SYNTAX ArpType MAX-ACCESS read-only STATUS current DESCRIPTION "The type of the ARP entry" ::= { fdryDaiArpInspectEntry 4 } fdryDaiArpInspectState OBJECT-TYPE SYNTAX ArpState MAX-ACCESS read-only STATUS current DESCRIPTION "The state of the ARP entry" ::= { fdryDaiArpInspectEntry 5 } fdryDaiArpInspectAge OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The timer of the ARP entry" ::= { fdryDaiArpInspectEntry 6 } fdryDaiArpInspectPort OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "The port of the ARP entry" ::= { fdryDaiArpInspectEntry 7 } END