T11-FC-SP-AUTHENTICATION-MIB
File:
T11-FC-SP-AUTHENTICATION-MIB.mib (35991 bytes)
Imported modules
Imported symbols
Defined Types
T11FcSpAuEntityEntry |
|
SEQUENCE |
|
|
|
|
t11FcSpAuEntityName |
FcNameIdOrZero |
|
|
t11FcSpAuFabricIndex |
T11FabricIndex |
|
|
t11FcSpAuServerProtocol |
AutonomousType |
|
|
t11FcSpAuStorageType |
StorageType |
|
|
t11FcSpAuSendRejNotifyEnable |
TruthValue |
|
|
t11FcSpAuRcvRejNotifyEnable |
TruthValue |
|
|
t11FcSpAuDefaultLifetime |
T11FcSpLifetimeLeft |
|
|
t11FcSpAuDefaultLifetimeUnits |
T11FcSpLifetimeLeftUnits |
|
|
t11FcSpAuRejectMaxRows |
Unsigned32 |
|
|
t11FcSpAuDhChapHashFunctions |
T11FcSpHashFunctions |
|
|
t11FcSpAuDhChapDhGroups |
T11FcSpDhGroups |
|
|
t11FcSpAuFcapHashFunctions |
T11FcSpHashFunctions |
|
|
t11FcSpAuFcapCertsSignFunctions |
T11FcSpSignFunctions |
|
|
t11FcSpAuFcapDhGroups |
T11FcSpDhGroups |
|
|
t11FcSpAuFcpapHashFunctions |
T11FcSpHashFunctions |
|
|
t11FcSpAuFcpapDhGroups |
T11FcSpDhGroups |
|
T11FcSpAuIfStatEntry |
|
SEQUENCE |
|
|
|
|
t11FcSpAuIfStatInterfaceIndex |
InterfaceIndex |
|
|
t11FcSpAuIfStatFabricIndex |
T11FabricIndex |
|
|
t11FcSpAuIfStatTimeouts |
Counter32 |
|
|
t11FcSpAuIfStatInAcceptedMsgs |
Counter32 |
|
|
t11FcSpAuIfStatInLsSwRejectedMsgs |
Counter32 |
|
|
t11FcSpAuIfStatInAuthRejectedMsgs |
Counter32 |
|
|
t11FcSpAuIfStatOutAcceptedMsgs |
Counter32 |
|
|
t11FcSpAuIfStatOutLsSwRejectedMsgs |
Counter32 |
|
|
t11FcSpAuIfStatOutAuthRejectedMsgs |
Counter32 |
|
T11FcSpAuRejectEntry |
|
SEQUENCE |
|
|
|
|
t11FcSpAuRejInterfaceIndex |
InterfaceIndex |
|
|
t11FcSpAuRejFabricIndex |
T11FabricIndex |
|
|
t11FcSpAuRejTimestamp |
TimeStamp |
|
|
t11FcSpAuRejDirection |
INTEGER |
|
|
t11FcSpAuRejType |
INTEGER |
|
|
t11FcSpAuRejAuthMsgString |
OCTET STRING |
|
|
t11FcSpAuRejReasonCode |
T11FcSpAuthRejectReasonCode |
|
|
t11FcSpAuRejReasonCodeExp |
T11FcSpAuthRejReasonCodeExp |
|
Defined Values
t11FcSpAuthenticationMIB |
1.3.6.1.2.1.176 |
This MIB module specifies the management information
required to manage the Authentication Protocols defined by
Fibre Channel's FC-SP specification.
This MIB module defines three tables:
- t11FcSpAuEntityTable is a table of Fibre Channel
entities that can be authenticated using FC-SP's
Authentication Protocols.
- t11FcSpAuIfStatTable is a table with one row for each
mapping of an Authentication entity onto an interface,
containing statistics information.
- t11FcSpAuRejectTable is a table of volatile information
about FC-SP Authentication Protocol transactions
that were most recently rejected.
Copyright (C) The IETF Trust (2008). This version
of this MIB module is part of RFC 5324; see the RFC
itself for full legal notices. |
MODULE-IDENTITY |
|
|
|
t11FcSpAuServerProtocolRadius |
1.3.6.1.2.1.176.3.1 |
This OID identifies RADIUS as the protocol used
to communicate with an External Server as part of
the process by which identities are verified.
In this case, information about the RADIUS Servers
is likely to be provided in radiusAuthServerExtTable
defined in the RADIUS-AUTH-CLIENT-MIB. |
Status: current |
Access: read-only |
OBJECT-IDENTITY |
|
|
|
t11FcSpAuServerProtocolDiameter |
1.3.6.1.2.1.176.3.2 |
This OID identifies Diameter as the protocol used
to communicate with an External Server as part of
the process by which identities are verified. |
Status: current |
Access: read-only |
OBJECT-IDENTITY |
|
|
|
t11FcSpAuServerProtocolTacacs |
1.3.6.1.2.1.176.3.3 |
This OID identifies TACACS as the protocol used
to communicate with an External Server as part of
the process by which identities are verified. |
Status: current |
Access: read-only |
OBJECT-IDENTITY |
|
|
|
t11FcSpAuEntityTable |
1.3.6.1.2.1.176.1.1 |
A table of Fibre Channel entities that can be authenticated
using FC-SP's Authentication Protocols.
The purpose of an FC-SP Authentication Protocol is to verify
that a claimed name is associated with the claiming entity.
The Authentication Protocols can be used to authenticate
Nx_Ports, B_Ports, or Switches. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
T11FcSpAuEntityEntry |
|
t11FcSpAuEntityEntry |
1.3.6.1.2.1.176.1.1.1 |
Information about the configuration and capabilities of an
FC-SP entity (which is managed within the Fibre Channel
management instance identified by fcmInstanceIndex) on a
particular Fabric with respect to FC-SP's Authentication
Protocols. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
T11FcSpAuEntityEntry |
|
|
t11FcSpAuEntityName |
1.3.6.1.2.1.176.1.1.1.1 |
The name used to identify the FC-SP entity.
For entities that are Fibre Channel Switches, this value
corresponds to the Switch's value of fcmSwitchWWN. For
entities other than Fibre Channel Switches, this value
corresponds to the value of fcmInstanceWwn for the
corresponding Fibre Channel management instance. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
FcNameIdOrZero |
Size(8) |
|
t11FcSpAuFabricIndex |
1.3.6.1.2.1.176.1.1.1.2 |
An index value that uniquely identifies a
particular Fabric to which the entity is attached. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
T11FabricIndex |
|
|
t11FcSpAuServerProtocol |
1.3.6.1.2.1.176.1.1.1.3 |
The protocol, if any, used by the entity to communicate
with a third party (i.e., an External Server) as part of
the process by which it verifies DH-CHAP responses. For
example, if the entity is using an external RADIUS server
to verify DH-CHAP responses, then this object will have
the value t11FcSpAuServerProtocolRadius.
The value, zeroDotZero, is used to indicate that no
protocol is being used to communicate with a third
party to verify DH-CHAP responses.
When no protocol is being used, or if the third party is
unreachable via the specified protocol, then locally
configured information (if any) may be used instead. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
AutonomousType |
|
|
t11FcSpAuStorageType |
1.3.6.1.2.1.176.1.1.1.4 |
This object specifies the memory realization of
configuration information related to an FC-SP
Entity on a particular Fabric: specifically, for
MIB objects in the row containing this object.
Even if an instance of this object has the value
'permanent(4)', none of the information in the
corresponding row of this table needs to be writable. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
StorageType |
|
|
t11FcSpAuSendRejNotifyEnable |
1.3.6.1.2.1.176.1.1.1.5 |
An indication of whether or not the entity should issue
t11FcSpAuRejectSentNotify notifications when sending
AUTH_Reject/SW_RJT/LS_RJT to reject an AUTH message.
If the value of the object is 'true', then this type of
notification is generated. If the value is 'false',
this type of notification is not generated. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
t11FcSpAuRcvRejNotifyEnable |
1.3.6.1.2.1.176.1.1.1.6 |
An indication of whether or not the entity should issue
t11FcSpAuRejectReceivedNotify notifications on the receipt
of AUTH_Reject/SW_RJT/LS_RJT messages.
If the value of the object is 'true', then this type of
notification is generated. If the value is 'false',
this type of notification is not generated. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
t11FcSpAuDefaultLifetime |
1.3.6.1.2.1.176.1.1.1.7 |
When the value of this object is non-zero, it specifies the
default value of a lifetime, specified in units given by
the corresponding instance of t11FcSpAuDefaultLifetimeUnits.
This default lifetime is to be used for any Security
Association that has no explicitly specified value for its
lifetime.
An SA's lifetime is either the time interval or the number
of passed bytes, after which the SA has to be terminated and
(if necessary) replaced with a new SA.
If this object is zero, then there is no default value for
lifetime. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
T11FcSpLifetimeLeft |
|
|
t11FcSpAuDefaultLifetimeUnits |
1.3.6.1.2.1.176.1.1.1.8 |
The units in which the value of the corresponding
instance of t11FcSpAuDefaultLifetime specifies a
default lifetime for a Security Association that has
no explicitly-specified value for its lifetime. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
T11FcSpLifetimeLeftUnits |
|
|
t11FcSpAuRejectMaxRows |
1.3.6.1.2.1.176.1.1.1.9 |
The maximum number of rows in the t11FcSpAuRejectTable for
this entity on this Fabric. If and when an AUTH message is
rejected, and the t11FcSpAuRejectTable already contains this
maximum number of rows for the specific entity and Fabric,
the row containing the oldest information is discarded and
replaced by a row containing information about the new
rejection.
There will be less than this maximum number of rows in
the t11FcSpAuRejectTable in exceptional circumstances,
e.g., after an agent restart.
In an implementation that does not support the
t11FcSpAuRejectTable, this object will always be zero. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
0..1000 |
|
t11FcSpAuDhChapDhGroups |
1.3.6.1.2.1.176.1.1.1.11 |
The DH Groups that the entity supports when using the
DH-CHAP algorithm in FC-SP. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
T11FcSpDhGroups |
|
|
t11FcSpAuFcapHashFunctions |
1.3.6.1.2.1.176.1.1.1.12 |
The hash functions that the entity supports when
specified as Protocol Parameters in the AUTH_Negotiate
message for FCAP in FC-SP. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
T11FcSpHashFunctions |
|
|
t11FcSpAuFcapDhGroups |
1.3.6.1.2.1.176.1.1.1.14 |
The DH Groups that the entity supports when using the
FCAP algorithm in FC-SP. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
T11FcSpDhGroups |
|
|
t11FcSpAuFcpapDhGroups |
1.3.6.1.2.1.176.1.1.1.16 |
The DH Groups that the entity supports when using the
FCPAP algorithm in FC-SP. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
T11FcSpDhGroups |
|
|
t11FcSpAuIfStatTable |
1.3.6.1.2.1.176.1.2 |
Each FC-SP Authentication entity can operate on one or more
interfaces, but at most one of them can operate on each
interface. A row in this table exists for each interface
to each Fabric on which each Authentication entity operates.
The objects within this table contain statistics information
related to FC-SP's Authentication Protocols. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
T11FcSpAuIfStatEntry |
|
t11FcSpAuIfStatEntry |
1.3.6.1.2.1.176.1.2.1 |
A set of Authentication Protocols statistics for an FC-SP
Authentication entity (identified by t11FcSpAuEntityName) on
one of its interfaces to a particular Fabric, which is
managed within the Fibre Channel management instance
identified by fcmInstanceIndex. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
T11FcSpAuIfStatEntry |
|
|
t11FcSpAuIfStatInterfaceIndex |
1.3.6.1.2.1.176.1.2.1.1 |
The interface on which the FC-SP Authentication entity
operates and for which the statistics are collected. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
InterfaceIndex |
|
|
t11FcSpAuIfStatFabricIndex |
1.3.6.1.2.1.176.1.2.1.2 |
An index value identifying the particular Fabric for
which the statistics are collected. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
T11FabricIndex |
|
|
t11FcSpAuIfStatTimeouts |
1.3.6.1.2.1.176.1.2.1.3 |
The number of FC-SP Authentication Protocol messages sent
by the particular entity on the particular Fabric on the
particular interface, for which no response was received
within a timeout period.
This counter has no discontinuities other than those
that all Counter32's have when sysUpTime=0. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
t11FcSpAuIfStatInAcceptedMsgs |
1.3.6.1.2.1.176.1.2.1.4 |
The number of FC-SP Authentication Protocol messages
received and accepted by the particular entity on the
particular Fabric on the particular interface.
This counter has no discontinuities other than those
that all Counter32's have when sysUpTime=0. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
t11FcSpAuIfStatInLsSwRejectedMsgs |
1.3.6.1.2.1.176.1.2.1.5 |
The number of FC-SP Authentication Protocol messages
received by the particular entity on the particular Fabric
on the particular interface, and rejected by a lower-level
(SW_RJT or LS_RJT) reject.
This counter has no discontinuities other than those
that all Counter32's have when sysUpTime=0. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
t11FcSpAuIfStatInAuthRejectedMsgs |
1.3.6.1.2.1.176.1.2.1.6 |
The number of FC-SP Authentication Protocol messages
received by the particular entity on the particular Fabric
on the particular interface, and rejected by an AUTH_Reject
message.
This counter has no discontinuities other than those
that all Counter32's have when sysUpTime=0. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
t11FcSpAuIfStatOutAcceptedMsgs |
1.3.6.1.2.1.176.1.2.1.7 |
The number of FC-SP Authentication Protocol messages sent
by the particular entity on the particular Fabric on the
particular interface, which were accepted by the
neighboring entity, i.e., not rejected by an AUTH_Reject
message, nor by a lower-level (SW_RJT or LS_RJT) reject.
This counter has no discontinuities other than those
that all Counter32's have when sysUpTime=0. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
t11FcSpAuIfStatOutLsSwRejectedMsgs |
1.3.6.1.2.1.176.1.2.1.8 |
The number of FC-SP Authentication Protocol messages sent
by the particular entity on the particular Fabric on the
particular interface, which were rejected by a lower-level
(SW_RJT or LS_RJT) reject.
This counter has no discontinuities other than those
that all Counter32's have when sysUpTime=0. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
t11FcSpAuIfStatOutAuthRejectedMsgs |
1.3.6.1.2.1.176.1.2.1.9 |
The number of FC-SP Authentication Protocol messages sent
by the particular entity on the particular Fabric on the
particular interface, which were rejected by an
AUTH_Reject message.
This counter has no discontinuities other than those
that all Counter32's have when sysUpTime=0. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
t11FcSpAuRejectTable |
1.3.6.1.2.1.176.1.3 |
A table of volatile information about FC-SP Authentication
Protocol transactions that were recently rejected with
an AUTH_Reject message, or with an SW_RJT/LS_RJT.
The maximum number of rows in this table for a specific
entity on a specific Fabric is given by the value of the
corresponding instance of t11FcSpAuRejectMaxRows.
The syntax of t11FcSpAuRejTimestamp is TimeStamp, and thus
its value rolls over to zero after approximately 497 days.
To avoid any confusion due to such a rollover, rows should
be deleted from this table before they are 497 days old.
This table will be empty if no AUTH_Reject messages,
nor any SW_RJT/LS_RJT's rejecting an AUTH message,
have been sent or received since the last
re-initialization of the agent. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
T11FcSpAuRejectEntry |
|
t11FcSpAuRejectEntry |
1.3.6.1.2.1.176.1.3.1 |
Information about one AUTH message (either an
AUTH_ELS or an AUTH_ILS) that was rejected with an
AUTH_Reject, SW_RJT or LS_RJT message, sent/received by
the entity identified by values of fcmInstanceIndex and
t11FcSpAuEntityName, on an interface to a particular
Fabric. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
T11FcSpAuRejectEntry |
|
|
t11FcSpAuRejFabricIndex |
1.3.6.1.2.1.176.1.3.1.2 |
An index value identifying the particular Fabric on
which the rejected AUTH message was sent or received. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
T11FabricIndex |
|
|
t11FcSpAuRejTimestamp |
1.3.6.1.2.1.176.1.3.1.3 |
The time at which the AUTH message was rejected. If two
rows have the same value of this object for the same
entity on the same interface and Fabric, the value of
this object for the later one is incremented by one. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
TimeStamp |
|
|
t11FcSpAuRejDirection |
1.3.6.1.2.1.176.1.3.1.4 |
An indication of whether the rejection was sent or
received by the identified entity.
The value 'sent(1)' corresponds to a notification of
type t11FcSpAuRejectSentNotify; the value 'received(2)'
corresponds to t11FcSpAuRejectReceivedNotify. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
sent(1), received(2) |
|
t11FcSpAuRejType |
1.3.6.1.2.1.176.1.3.1.5 |
An indication of whether the rejection was an
AUTH_Reject, an SW_RJT or an LS_RJT. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
authReject(1), swRjt(2), lsRjt(3) |
|
t11FcSpAuRejAuthMsgString |
1.3.6.1.2.1.176.1.3.1.6 |
The binary content of the AUTH message that was
rejected, formatted as an octet string (in network
byte order) containing the content of the message.
If the binary content is unavailable, then the
length is zero. Otherwise, the first octet of the
message identifies the type of message:
'90'h - an AUTH_ELS, see Table 6 in FC-SP,
'40'h - an AUTH_ILS, see Table 3 in FC-SP, or
'41'h - an B_AUTH_ILS, see Table 5 in FC-SP.
and the remainder of the message may be truncated. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
OCTET STRING |
Size(0..255) |
|
t11FcSpAuRejectSentNotify |
1.3.6.1.2.1.176.0.1 |
This notification indicates that a Switch (identified
by the value of t11FamLocalSwitchWwn) has sent a reject
message of the type indicated by t11FcSpAuRejType in
response to an AUTH message.
The content of the rejected AUTH message is given by the
value of t11FcSpAuRejAuthMsgString. The values of the
Reason Code and Reason Code Explanation in the
AUTH_Reject/SW_RJT/LS_RJT are indicated by the values of
t11FcSpAuRejReasonCode and t11FcSpAuRejReasonCodeExp. |
Status: current |
Access: read-only |
NOTIFICATION-TYPE |
|
|
|
t11FcSpAuRejectReceivedNotify |
1.3.6.1.2.1.176.0.2 |
This notification indicates that a Switch (identified
by the value of t11FamLocalSwitchWwn) has received a
reject message of the type indicated by t11FcSpAuRejType
in response to an AUTH message.
The content of the rejected AUTH message is given by the
value of t11FcSpAuRejAuthMsgString. The values of the
Reason Code and Reason Code Explanation in the
AUTH_Reject/SW_RJT/LS_RJT are indicated by the values of
t11FcSpAuRejReasonCode and t11FcSpAuRejReasonCodeExp. |
Status: current |
Access: read-only |
NOTIFICATION-TYPE |
|
|
|
t11FcSpAuMIBCompliance |
1.3.6.1.2.1.176.2.1.1 |
The compliance statement for entities that
implement one or more of the Authentication Protocols
defined in FC-SP. |
Status: current |
Access: read-only |
MODULE-COMPLIANCE |
|
|
|
t11FcSpAuGeneralGroup |
1.3.6.1.2.1.176.2.2.1 |
A collection of objects for the capabilities and
configuration parameters of FC-SP's Authentication
Protocols. The inclusion of t11FcSpAuIfStatTimeouts
in this group provides information on mappings of
Authentication entities onto interfaces. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
t11FcSpAuIfStatsGroup |
1.3.6.1.2.1.176.2.2.2 |
A collection of objects for monitoring the
operations of FC-SP's Authentication Protocols. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
t11FcSpAuRejectedGroup |
1.3.6.1.2.1.176.2.2.3 |
A collection of objects holding information concerning
FC-SP Authentication Protocol transactions that were
recently rejected with an AUTH_Reject, with an SW_RJT,
or with an LS_RJT. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
t11FcSpAuNotificationGroup |
1.3.6.1.2.1.176.2.2.4 |
A collection of notifications for use in the management
of FC-SP's Authentication Protocols. |
Status: current |
Access: read-only |
NOTIFICATION-GROUP |
|
|
|