mibs/MIBS/junose/Juniper-DOS-PROTECTION-MIB

1127 lines
35 KiB
Plaintext
Raw Permalink Normal View History

2023-12-05 12:25:34 +01:00
-- *****************************************************************************
-- Juniper-DOS-PROTECTION-MIB
--
-- Juniper Networks Enterprise MIB
-- DOS Protection MIB
--
-- Copyright (c) 2005-2006 Juniper Networks, Inc.
-- Copyright (c) 2008 Juniper Networks, Inc.
-- Copyright (c) 2009 Juniper Networks, Inc.
-- All Rights Reserved.
-- *****************************************************************************
Juniper-DOS-PROTECTION-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Counter32,
Unsigned32
FROM SNMPv2-SMI
JuniEnable
FROM Juniper-TC
TEXTUAL-CONVENTION, TruthValue, DisplayString, RowStatus
FROM SNMPv2-TC
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
FROM SNMPv2-CONF
InterfaceIndex
FROM IF-MIB
juniMibs
FROM Juniper-MIBs;
juniDosProtectionMIB MODULE-IDENTITY
LAST-UPDATED "200805060000Z" -- 06-May-2008 00:00
ORGANIZATION "Juniper Networks, Inc."
CONTACT-INFO
" Juniper Networks, Inc.
Postal: 10 Technology Park Drive
Westford, MA 01886-3146
USA
Tel: +1 978 589 5800
Email: mib@Juniper.net"
DESCRIPTION
"The DOS Protection MIB for the Juniper E-Series product family.
This MIB contains managed objects for the DOS Protection
application. Management objects are provided to control and
monitor the DOS protection application."
-- Revision History
REVISION "200805060000Z" -- 06-May-2008 00:00 JUNOSe 8.1
DESCRIPTION
"Updated JuniDosProtectionProtocolType TEXTUAL-CONVENTION "
REVISION "200607010000Z" -- 01-Jul-2006 00:00 JUNOSe 8.1
DESCRIPTION
"Added Dos-Protection-Group support"
REVISION "200608180400Z" -- 18-Aug-2006 00:00 AM EDT - JUNOSe 8.0
DESCRIPTION
"Added MPLS Lsp Ping support."
REVISION "200608171926Z" -- 17-Aug-2006 03:26 PM EDT - JUNOSe 7.3
DESCRIPTION
"Added new protocol type, atmDynamicIfPppData, to manage in
JuniDosProtectionProtocolType."
REVISION "200601010500Z" -- 01-Jan-2006 00:00 AM EST - JUNOSe 7.3
DESCRIPTION
"Initial version of this MIB module."
::= { juniMibs 80 }
-- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Textual conventions
-- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
JuniDosProtectionProtocolType ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The control protocols that are supported by the DOS protection
application."
SYNTAX INTEGER {
pppEchoRequest(0),
ppEchoReply(1),
pppEchoReplyFast(2),
pppControl(3),
atmControl(4),
atmOam(5),
atmDynamicIf(6),
atmInverseArp(7),
frameRelayControl(8),
frameRelayArp(9),
pppoeControl(10),
pppoePppConfig(11),
ethernetArpMiss(12),
ethernetArp(13),
ethernetFcBasedArp(14),
ethernetLacp(15),
ethernetOam(16),
ethernetDynamicIf(17),
ethernetPppTerminate(18),
slepSlarp(19),
slepSlarpReplyFast(20),
mplsTtlOnReceive(21),
mplsTtlOnTransmit(22),
mplsMtuExceeded(23),
itmL2tpControl(24),
flisInPayload(25),
flisInPayloadUpdateTable(26),
dhcpExternal(27),
ipOsi(28),
ipTtlExpired(29),
ipOptionsOther(30),
ipOptionsRouterAlert(31),
ipMulticastBroadcastOther(32),
ipMulticastDhcpSc(33),
ipMulticastControlSc(34),
ipMulticastControlIc(35),
ipMulticastVrrp(36),
ipMulticastCacheMiss(37),
ipMulticastCacheMissAutoReply(38),
ipMulticastWrongIf(39),
ipLocalDhcpSc(40),
ipLocalDhcpIc(41),
ipLocalIcmpEcho(42),
ipLocalIcmpOther(43),
ipLocalLDP(44),
ipLocalBgp(45),
ipLocalOspf(46),
ipLocalRsvp(47),
ipLocalPim(48),
ipLocalCops(49),
ipLocalL2tpControlSc(50),
ipLocalL2tpControlIc(51),
ipLocalOther(52),
ipLocalDemuxMiss(53),
ipRouteToSrpEthernet(54),
ipRouteNoRoute(55),
ipNormalPathMtu(56),
ipNeighborDiscovery(57),
ipNeighborDiscoveryMiss(58),
ipSearchError(59),
ipMld(60),
ipLocalPimAssert(61),
ipLocalBfd(62),
ipFastBfd(63),
ipLocalFastBfd(64),
ipIke(65),
ipReassembly(66),
ipLocalIcmpFragment(67),
ipLocalFragment(68),
ipAppClassifierHttpRedirect(69),
ipMulticastDhcpIc(70),
dhcpTesterIc(71),
atmDynamicIfPppData(72),
ipLocalLspPing(73) }
JuniDosProtectionPriorityType ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The control priorities that are supported by the DOS protection
application."
SYNTAX INTEGER {
hiGreenFcIc(0),
hiYellowFcIc(1),
loGreenFcIc(2),
loYellowFcIc(3),
hiGreenFcSc(4),
hiYellowFcSc(5),
loGreenFcSc(6),
loYellowFcSc(7) }
JuniDosProtectionProtocolState ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The current state of a protocol."
SYNTAX INTEGER {
ok(1),
inTrouble(2) }
JuniDosProtectionScfdsTableOverflowState ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The current state of the suspicious flow table."
SYNTAX INTEGER {
notOverflowingOrGrouping(1),
grouping(2),
overflowing(3) }
JuniDosProtectionProtocolPriorityType ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The control priorities that are supported by the DOS protection
application for each control processor"
SYNTAX INTEGER {
hiGreen(0),
hiYellow(1),
loGreen(2),
loYellow(3),
dataPath(4) }
JuniDosProtectionProtocolCannedType ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The available canned dos-protection-groups which can be used
to set defaults into a user specified group."
SYNTAX INTEGER {
default(0),
enetAccess(1),
atmAccess(2),
frame(3),
uplink(4)
}
JuniDosProtectionLayerId ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The available interface types for which a profile entry
may be defined."
SYNTAX INTEGER {
ip(0),
ppp(1),
ethernet(6),
atm1483(11),
pppoe(17),
bridge1483(19),
vlan(35),
ipv6(50)
}
JuniDosProtectionControlProcessorDestination ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The available control processors to which a control
protocol may be directed."
SYNTAX INTEGER {
ic(0),
sc(1),
dataPath(2)
}
-- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Managed objects
-- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
juniDosProtectionObjects OBJECT IDENTIFIER ::= { juniDosProtectionMIB 1 }
juniDosProtectionScfdsGroup OBJECT IDENTIFIER ::= { juniDosProtectionObjects 1 }
juniDosProtectionDpgGroup OBJECT IDENTIFIER ::= { juniDosProtectionObjects 2 }
--
-- scalars
--
juniDosProtectionScfdsGlobalState OBJECT-TYPE
SYNTAX JuniEnable
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Controls whether the suspicious control flow detection system is
enabled or disabled. Setting the value to enable(1) enables the
suspicious control flow detection system. Setting the value to
disable(0) disables the system.
When read this object returns the current state of the system."
DEFVAL { enable }
::= { juniDosProtectionScfdsGroup 1 }
juniDosProtectionScfdsGlobalGrouping OBJECT-TYPE
SYNTAX JuniEnable
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"When set to enable(1), the suspicious flow control system will
group flows when resources are unavailable to treat each
suspicious flow individually. When set to disable(0), this feature
will be inhibited and the suspicious control flow system may not
recognize all suspicious flows during a resource shortage.
When read this object will return the current state of the object."
DEFVAL { enable }
::= { juniDosProtectionScfdsGroup 2 }
juniDosProtectionScfdsGlobalClearAll OBJECT-TYPE
SYNTAX INTEGER {
ok(0),
clear(1) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"When set to clear(1), the suspicious control flow detection system
is cleared. When set to ok(0), there is no effect and the
suspicious control flow detection system is unchanged.
By clearing the suspicious control flow detection system all flows
are removed from the suspicious flow table.
When read, always returns a value of ok(0)."
::= { juniDosProtectionScfdsGroup 3 }
juniDosProtectionScfdsGlobalDiscontinuityTime OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The sysUpTime at which the counters were last re-initialized on
any slot due to a restart."
::= { juniDosProtectionScfdsGroup 4 }
juniDosProtectionScfdsGlobalTableOverflowState OBJECT-TYPE
SYNTAX JuniDosProtectionScfdsTableOverflowState
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Indicates whether any module in the system is in under a resource
shortage situation. A value of notOverflowingOrGrouping(1) indicates
that there is no resource shortage on any module. A value of
grouping(2) or overflowing(3) indicates that at least one module
is suffering from a resource shortage, and has acted according to the
state of the juniDosProtectionScfdsGlobalGrouping object."
::= { juniDosProtectionScfdsGroup 5 }
--
-- global counters
--
juniDosProtectionScfdsGlobalCurrentSuspiciousFlows OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of flows currently marked as suspicious."
::= { juniDosProtectionScfdsGroup 6 }
juniDosProtectionScfdsGlobalNumberSuspiciousFlows OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of suspicious flows seen since system restart."
::= { juniDosProtectionScfdsGroup 7 }
juniDosProtectionScfdsGlobalCurrentSuspiciousFlowGroups OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of flow groups currently marked as suspicious."
::= { juniDosProtectionScfdsGroup 8 }
juniDosProtectionScfdsGlobalNumberSuspiciousFlowGroups OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of suspicius flow groups seen since system restart."
::= { juniDosProtectionScfdsGroup 9 }
juniDosProtectionScfdsGlobalCurrentFalseNegativeFlows OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of flows currently falsely considered suspicious.
A false negative indicates that the flow was seen as possibly
suspicious, but did not pass all the tests to be considered
suspicious. This is a normal condition of the system."
::= { juniDosProtectionScfdsGroup 10 }
juniDosProtectionScfdsGlobalNumberFalseNegativeFlows OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of flows falsely considered possibly suspicious
seen since system restart."
::= { juniDosProtectionScfdsGroup 11 }
juniDosProtectionScfdsGlobalNumberTableOverflows OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of times the system had a table overflow on any slot."
::= { juniDosProtectionScfdsGroup 12 }
--
-- protocol table
--
juniDosProtectionScfdsProtocolTable OBJECT-TYPE
SYNTAX SEQUENCE OF JuniDosProtectionScfdsProtocolEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The information for the DOS protection control protocols."
::= { juniDosProtectionScfdsGroup 13 }
juniDosProtectionScfdsProtocolEntry OBJECT-TYPE
SYNTAX JuniDosProtectionScfdsProtocolEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The information for an individual DOS protection control
protocol."
INDEX { juniDosProtectionScfdsProtocolIndex }
::= { juniDosProtectionScfdsProtocolTable 1 }
JuniDosProtectionScfdsProtocolEntry ::= SEQUENCE {
juniDosProtectionScfdsProtocolIndex JuniDosProtectionProtocolType,
juniDosProtectionScfdsProtocolThreshold Unsigned32,
juniDosProtectionScfdsProtocolLowThreshold Unsigned32,
juniDosProtectionScfdsProtocolBackoffTime Unsigned32,
juniDosProtectionScfdsProtocolState JuniDosProtectionProtocolState,
juniDosProtectionScfdsProtocolTransitions Counter32}
juniDosProtectionScfdsProtocolIndex OBJECT-TYPE
SYNTAX JuniDosProtectionProtocolType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The control protocol value for this entry."
::= { juniDosProtectionScfdsProtocolEntry 1 }
juniDosProtectionScfdsProtocolThreshold OBJECT-TYPE
SYNTAX Unsigned32(0|3..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The threshold in packets per second for this control protocol.
This is the rate at which a flow for this protocol is considered
suspicious. Setting this object to zero will have the affect of
excusing this protocol from suspicious control flow detection."
::= { juniDosProtectionScfdsProtocolEntry 2 }
juniDosProtectionScfdsProtocolLowThreshold OBJECT-TYPE
SYNTAX Unsigned32(0|1..32767)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The low threshold in packets per second for this control protocol .
This is the rate at which a flow must fall below to in order return
to the normal state, after having been marked suspicious. A
low threshold of zero disables this functionality."
::= { juniDosProtectionScfdsProtocolEntry 3 }
juniDosProtectionScfdsProtocolBackoffTime OBJECT-TYPE
SYNTAX Unsigned32(0|10..1000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The backoff time in seconds. A flow which is considered suspicious will
be returned to normal after this amount of time regardless of the current
rate of the flow. A backoff time of 0 disables this functionality."
DEFVAL { 300 }
::= { juniDosProtectionScfdsProtocolEntry 4 }
juniDosProtectionScfdsProtocolState OBJECT-TYPE
SYNTAX JuniDosProtectionProtocolState
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current state of the protocol. This object will return inTrouble(2)
if any module in the system has reported that the protocol is currently
being watched for suspicious flows. If no module reports that this protocol
is being watched this object will return ok(1).
A protocol is in trouble on a module when the sum of the rate for all
flows for the protocol is over the limit for that protocol."
::= { juniDosProtectionScfdsProtocolEntry 5 }
juniDosProtectionScfdsProtocolTransitions OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of transitions to 'inTrouble' that this control protocol
has made."
::= { juniDosProtectionScfdsProtocolEntry 6 }
--
-- dos protection groups
--
juniDosProtectionDpgTable OBJECT-TYPE
SYNTAX SEQUENCE OF JuniDosProtectionDpgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The information for a dos-protection-group. A
dos-protection-group defines a set of parameters that
manage the handling of control protocols on the
router."
::= { juniDosProtectionDpgGroup 1 }
juniDosProtectionDpgEntry OBJECT-TYPE
SYNTAX JuniDosProtectionDpgEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The information for an individual dos-protection-group."
INDEX { juniDosProtectionDpgIndex }
::= { juniDosProtectionDpgTable 1 }
JuniDosProtectionDpgEntry ::= SEQUENCE {
juniDosProtectionDpgIndex DisplayString,
juniDosProtectionDpgRowStatus RowStatus,
juniDosProtectionDpgCanned
JuniDosProtectionProtocolCannedType,
juniDosProtectionDpgRevert INTEGER,
juniDosProtectionDpgModified TruthValue,
juniDosProtectionDpgReferences INTEGER}
juniDosProtectionDpgIndex OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..32))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The dos-protection-group-name for this entry."
::= { juniDosProtectionDpgEntry 1 }
juniDosProtectionDpgRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Controls creation/deletion of entries in this table.
Only the values 'createAndGo' and 'destroy' may be SET.
When read this always returns a value of active"
::= { juniDosProtectionDpgEntry 2 }
juniDosProtectionDpgCanned OBJECT-TYPE
SYNTAX JuniDosProtectionProtocolCannedType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Sets the default values based for the dos-protection-group
based on the values from the canned group. Can only be used
to set a different group. Using the current group will result
in no changes to the dos-protection-group."
DEFVAL { default }
::= { juniDosProtectionDpgEntry 3 }
juniDosProtectionDpgRevert OBJECT-TYPE
SYNTAX INTEGER {
no-revert(0),
revert(1) }
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Revert this dos-protection-group to the canned values of the
associated canned group by setting this object to
revert(1). Reading this object will always return a value
of no-revert(1)"
::= { juniDosProtectionDpgEntry 4 }
juniDosProtectionDpgModified OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"When true is returned, some protocol or priority associated
with this dos-protection-group, has been modified from the
canned values associated with the group. When false is returned
all settings associated with this dos-protection-group are
at the defaults for the associated canned group."
::= { juniDosProtectionDpgEntry 5 }
juniDosProtectionDpgReferences OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of references for this dos-protection-group.
References include the number of interfaces currently
associated with the group, as well as the number of profile
references."
::= { juniDosProtectionDpgEntry 6 }
--
-- dpg protocol information
--
juniDosProtectionDpgProtocolTable OBJECT-TYPE
SYNTAX SEQUENCE OF JuniDosProtectionDpgProtocolEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The information for the dos-protection-group control protocol
table."
::= { juniDosProtectionDpgGroup 2 }
juniDosProtectionDpgProtocolEntry OBJECT-TYPE
SYNTAX JuniDosProtectionDpgProtocolEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The information for an individual dos-protection-group control
protocol entry."
INDEX { juniDosProtectionDpgProtocolName,
juniDosProtectionDpgProtocolProtocol }
::= { juniDosProtectionDpgProtocolTable 1 }
JuniDosProtectionDpgProtocolEntry ::= SEQUENCE {
juniDosProtectionDpgProtocolName DisplayString,
juniDosProtectionDpgProtocolProtocol JuniDosProtectionProtocolType,
juniDosProtectionDpgProtocolBurst Unsigned32,
juniDosProtectionDpgProtocolDropProbability Unsigned32,
juniDosProtectionDpgProtocolRate Unsigned32,
juniDosProtectionDpgProtocolSkipPriorityRateLimiter
JuniEnable,
juniDosProtectionDpgProtocolWeight Unsigned32,
juniDosProtectionDpgProtocolPriority
JuniDosProtectionProtocolPriorityType,
juniDosProtectionDpgProtocolModified TruthValue,
juniDosProtectionDpgProtocolDestination
JuniDosProtectionControlProcessorDestination}
juniDosProtectionDpgProtocolName OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..32))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The dos-protection-group name for this entry."
::= { juniDosProtectionDpgProtocolEntry 1 }
juniDosProtectionDpgProtocolProtocol OBJECT-TYPE
SYNTAX JuniDosProtectionProtocolType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The dos-protection-group control protocol for this entry."
::= { juniDosProtectionDpgProtocolEntry 2 }
juniDosProtectionDpgProtocolBurst OBJECT-TYPE
SYNTAX Unsigned32(0|32..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The burst in packets for this control protocol in this
dos-protection-group."
::= { juniDosProtectionDpgProtocolEntry 3 }
juniDosProtectionDpgProtocolDropProbability OBJECT-TYPE
SYNTAX Unsigned32(10..100)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The drop probability for suspect packets for this
control protocol in this dos-protection-group. This is
probability that a packet belonging to a suspicious
flow will be dropped. A drop probability of less than
100 indicates that the user wishes to have some
packets from a suspect flow reach the control
processor."
::= { juniDosProtectionDpgProtocolEntry 4 }
juniDosProtectionDpgProtocolRate OBJECT-TYPE
SYNTAX Unsigned32(0|64..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The rate in packets per second for this control protocol in
this dos-protection-group."
::= { juniDosProtectionDpgProtocolEntry 5 }
juniDosProtectionDpgProtocolSkipPriorityRateLimiter OBJECT-TYPE
SYNTAX JuniEnable
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"When set to enable, this control protocol in this
dos-protection-group will skip the priority rate limiter.
When set to disable, the protocol will not skip the priority
rate-limiter."
::= { juniDosProtectionDpgProtocolEntry 6 }
juniDosProtectionDpgProtocolWeight OBJECT-TYPE
SYNTAX Unsigned32(100..500)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The weight of this control protocol against others of the
same priority in this dos-protection-group. The weight
is used to determine the minimum rate and burst
for the protocol within the priority group."
DEFVAL { 100 }
::= { juniDosProtectionDpgProtocolEntry 7 }
juniDosProtectionDpgProtocolPriority OBJECT-TYPE
SYNTAX JuniDosProtectionProtocolPriorityType
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The priority for the control protocol. Packets of this control
protocol on interfaces referencing this dos-protection-group will
be categorized into the priority indicated."
::= { juniDosProtectionDpgProtocolEntry 8 }
juniDosProtectionDpgProtocolModified OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"When true is returned, the values for this control protocol
in this dos-protection-group have been modified from the
canned values associated with the group. When false is returned
all settings associated with this control protocol in this
dos-protection-group are at the defaults for the associated
canned group."
::= { juniDosProtectionDpgProtocolEntry 9 }
juniDosProtectionDpgProtocolDestination OBJECT-TYPE
SYNTAX JuniDosProtectionControlProcessorDestination
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The destination processor for packets of this control protocol."
::= { juniDosProtectionDpgProtocolEntry 10 }
--
-- dpg priority information
--
juniDosProtectionDpgPriorityTable OBJECT-TYPE
SYNTAX SEQUENCE OF JuniDosProtectionDpgPriorityEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The information for a dos-protection-group priority table."
::= { juniDosProtectionDpgGroup 3 }
juniDosProtectionDpgPriorityEntry OBJECT-TYPE
SYNTAX JuniDosProtectionDpgPriorityEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The information for an individual dos-protection-group priority
table"
INDEX { juniDosProtectionDpgPriorityName,
juniDosProtectionDpgPriorityPriority }
::= { juniDosProtectionDpgPriorityTable 1 }
JuniDosProtectionDpgPriorityEntry ::= SEQUENCE {
juniDosProtectionDpgPriorityName DisplayString,
juniDosProtectionDpgPriorityPriority JuniDosProtectionPriorityType,
juniDosProtectionDpgPriorityBurst Unsigned32,
juniDosProtectionDpgPriorityOverSubscriptionFactor
Unsigned32,
juniDosProtectionDpgPriorityRate Unsigned32,
juniDosProtectionDpgPriorityModified TruthValue}
juniDosProtectionDpgPriorityName OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..32))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The dos-proteciton-group name for this entry."
::= { juniDosProtectionDpgPriorityEntry 1 }
juniDosProtectionDpgPriorityPriority OBJECT-TYPE
SYNTAX JuniDosProtectionPriorityType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The priority for this entry."
::= { juniDosProtectionDpgPriorityEntry 2 }
juniDosProtectionDpgPriorityBurst OBJECT-TYPE
SYNTAX Unsigned32(0|32..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The burst in packets for this priority in this
dos-protection-group."
::= { juniDosProtectionDpgPriorityEntry 3 }
juniDosProtectionDpgPriorityOverSubscriptionFactor OBJECT-TYPE
SYNTAX Unsigned32(100..1000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The over-subscription factor for this priority in this
dos-protection-group. This is used when calculating
the minimum rates for control protocols that use this priority."
::= { juniDosProtectionDpgPriorityEntry 4 }
juniDosProtectionDpgPriorityRate OBJECT-TYPE
SYNTAX Unsigned32(0|64..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The rate in packets per second for this priority in
this dos-protection-group."
::= { juniDosProtectionDpgPriorityEntry 5 }
juniDosProtectionDpgPriorityModified OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"When true is returned, the values for this priority
in this dos-protection-group have been modified from the
canned values associated with the group. When false is returned
all settings associated with this priority in this
dos-protection-group are at the defaults for the associated
canned group."
::= { juniDosProtectionDpgPriorityEntry 6 }
--
-- attachment table
--
juniDosProtectionDpgAttachTable OBJECT-TYPE
SYNTAX SEQUENCE OF JuniDosProtectionDpgAttachEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The information for the DOS protection attachment table."
::= { juniDosProtectionDpgGroup 4 }
juniDosProtectionDpgAttachEntry OBJECT-TYPE
SYNTAX JuniDosProtectionDpgAttachEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The information for an individual DOS protection attachment entry."
INDEX { juniDosProtectionDpgAttachIndex }
::= { juniDosProtectionDpgAttachTable 1 }
JuniDosProtectionDpgAttachEntry ::= SEQUENCE {
juniDosProtectionDpgAttachIndex InterfaceIndex,
juniDosProtectionDpgAttachRowStatus RowStatus,
juniDosProtectionDpgAttachName DisplayString,
juniDosProtectionDpgAttachConfigured TruthValue}
juniDosProtectionDpgAttachIndex OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The interface index for the attachment."
::= { juniDosProtectionDpgAttachEntry 1 }
juniDosProtectionDpgAttachRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Controls creation/deletion of entries in this table. Only the
values 'createAndGo' and 'destroy' may be SET.
When read this always returns a value of active"
::= { juniDosProtectionDpgAttachEntry 2 }
juniDosProtectionDpgAttachName OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The dos-protection-group for this entry. This is the
dos-protection-group that is use by the interface."
::= { juniDosProtectionDpgAttachEntry 3 }
juniDosProtectionDpgAttachConfigured OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Indicates the configured status of the attachment. This object
returns true when the attachment was statically
configured, and returns false when the attachment
was made via a profile attachment."
::= { juniDosProtectionDpgAttachEntry 4 }
--
-- profile table
--
juniDosProtectionDpgProfileTable OBJECT-TYPE
SYNTAX SEQUENCE OF JuniDosProtectionDpgProfileEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The information for the DOS protection profile table."
::= { juniDosProtectionDpgGroup 5 }
juniDosProtectionDpgProfileEntry OBJECT-TYPE
SYNTAX JuniDosProtectionDpgProfileEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The information for an individual DOS protection profile entry."
INDEX { juniDosProtectionDpgProfileProfileId,
juniDosProtectionDpgProfileLayerId}
::= { juniDosProtectionDpgProfileTable 1 }
JuniDosProtectionDpgProfileEntry ::= SEQUENCE {
juniDosProtectionDpgProfileProfileId Unsigned32,
juniDosProtectionDpgProfileLayerId JuniDosProtectionLayerId,
juniDosProtectionDpgProfileRowStatus RowStatus,
juniDosProtectionDpgProfileName DisplayString }
juniDosProtectionDpgProfileProfileId OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The profile ID for the profile entry. The profile ID
identifies which profile is being accessed. A value for this
identifier is determined by locating or creating a profile name
in the juniProfileNameTable"
::= { juniDosProtectionDpgProfileEntry 1 }
juniDosProtectionDpgProfileLayerId OBJECT-TYPE
SYNTAX JuniDosProtectionLayerId
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The layer ID for the profile entry. The layer ID indicates
which interface type is being accessed."
::= { juniDosProtectionDpgProfileEntry 2 }
juniDosProtectionDpgProfileRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Controls creation/deletion of entries in this table. Only the
values 'createAndGo' and 'destroy' may be SET. When read this
always returns a value of active"
::= { juniDosProtectionDpgProfileEntry 3 }
juniDosProtectionDpgProfileName OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The dos-protection-group that is associated with this
profile/interface-type. This profile will be attached
when dynamic instances of the interface type are
created that reference the specific profile."
::= { juniDosProtectionDpgProfileEntry 4 }
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Notifications
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
--juniDosProtectionTraps OBJECT IDENTIFIER ::= { juniDosProtectionMIB 0 }
--juniDosProtectionTrapControl OBJECT IDENTIFIER ::= { juniDosProtectionMIB 2 }
--juniDosProtectionScfdsTraps OBJECT IDENTIFIER ::= { juniDosProtectionTraps 0 }
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-- Conformance information
-- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
juniDosProtectionMIBConformance OBJECT IDENTIFIER ::= { juniDosProtectionMIB 4 }
juniDosProtectionMIBCompliances OBJECT IDENTIFIER ::= { juniDosProtectionMIBConformance 1 }
juniDosProtectionMIBGroups OBJECT IDENTIFIER ::= { juniDosProtectionMIBConformance 2 }
juniDosProtectionCompliance MODULE-COMPLIANCE
STATUS obsolete
DESCRIPTION
"The compliance statement for entities which implement the Juniper
Dos Protection MIB. This was made obsolete with the addition of
dos-protection-groups."
MODULE -- this module
MANDATORY-GROUPS {
juniDosProtectionGroup }
::= { juniDosProtectionMIBCompliances 1 }
juniDosProtectionCompliance2 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for entities which implement the Juniper
Dos Protection MIB."
MODULE -- this module
MANDATORY-GROUPS {
juniDosProtectionGroup2 }
::= { juniDosProtectionMIBCompliances 2 } -- Junos x.y
--
-- units of conformance
--
juniDosProtectionGroup OBJECT-GROUP
OBJECTS {juniDosProtectionScfdsGlobalState,
juniDosProtectionScfdsGlobalGrouping,
juniDosProtectionScfdsGlobalClearAll,
juniDosProtectionScfdsGlobalDiscontinuityTime,
juniDosProtectionScfdsGlobalTableOverflowState,
juniDosProtectionScfdsGlobalCurrentSuspiciousFlows,
juniDosProtectionScfdsGlobalNumberSuspiciousFlows,
juniDosProtectionScfdsGlobalCurrentSuspiciousFlowGroups,
juniDosProtectionScfdsGlobalNumberSuspiciousFlowGroups,
juniDosProtectionScfdsGlobalCurrentFalseNegativeFlows,
juniDosProtectionScfdsGlobalNumberFalseNegativeFlows,
juniDosProtectionScfdsGlobalNumberTableOverflows,
juniDosProtectionScfdsProtocolThreshold,
juniDosProtectionScfdsProtocolLowThreshold,
juniDosProtectionScfdsProtocolBackoffTime,
juniDosProtectionScfdsProtocolState,
juniDosProtectionScfdsProtocolTransitions }
STATUS obsolete
DESCRIPTION
"A collection of objects providing management of DOS protection
application in a Juniper product. This object became obsolete
with the addition of dos-protection-groups."
::= { juniDosProtectionMIBGroups 1 }
juniDosProtectionGroup2 OBJECT-GROUP
OBJECTS {juniDosProtectionScfdsGlobalState,
juniDosProtectionScfdsGlobalGrouping,
juniDosProtectionScfdsGlobalClearAll,
juniDosProtectionScfdsGlobalDiscontinuityTime,
juniDosProtectionScfdsGlobalTableOverflowState,
juniDosProtectionScfdsGlobalCurrentSuspiciousFlows,
juniDosProtectionScfdsGlobalNumberSuspiciousFlows,
juniDosProtectionScfdsGlobalCurrentSuspiciousFlowGroups,
juniDosProtectionScfdsGlobalNumberSuspiciousFlowGroups,
juniDosProtectionScfdsGlobalCurrentFalseNegativeFlows,
juniDosProtectionScfdsGlobalNumberFalseNegativeFlows,
juniDosProtectionScfdsGlobalNumberTableOverflows,
juniDosProtectionScfdsProtocolThreshold,
juniDosProtectionScfdsProtocolLowThreshold,
juniDosProtectionScfdsProtocolBackoffTime,
juniDosProtectionScfdsProtocolState,
juniDosProtectionScfdsProtocolTransitions,
juniDosProtectionDpgRowStatus,
juniDosProtectionDpgCanned,
juniDosProtectionDpgRevert,
juniDosProtectionDpgModified,
juniDosProtectionDpgReferences,
juniDosProtectionDpgProtocolBurst,
juniDosProtectionDpgProtocolDropProbability,
juniDosProtectionDpgProtocolRate,
juniDosProtectionDpgProtocolSkipPriorityRateLimiter,
juniDosProtectionDpgProtocolWeight,
juniDosProtectionDpgProtocolModified,
juniDosProtectionDpgPriorityBurst,
juniDosProtectionDpgPriorityOverSubscriptionFactor,
juniDosProtectionDpgPriorityRate,
juniDosProtectionDpgPriorityModified,
juniDosProtectionDpgAttachRowStatus,
juniDosProtectionDpgAttachName,
juniDosProtectionDpgProfileRowStatus,
juniDosProtectionDpgProfileName }
STATUS current
DESCRIPTION
"A collection of objects providing management of DOS protection
application in a Juniper product."
::= { juniDosProtectionMIBGroups 2 }
END