1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
|
ALCATEL-IND1-POLICY-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY,
OBJECT-TYPE,
NOTIFICATION-TYPE,
OBJECT-IDENTITY,
Counter32,
Integer32,
TimeTicks,
IpAddress FROM SNMPv2-SMI
RowStatus,
TEXTUAL-CONVENTION FROM SNMPv2-TC
SnmpAdminString
FROM SNMP-FRAMEWORK-MIB
MODULE-COMPLIANCE,
OBJECT-GROUP,
NOTIFICATION-GROUP FROM SNMPv2-CONF
softentIND1Policy FROM ALCATEL-IND1-BASE;
--
-- Module Identity
--
alcatelIND1PolicyMIB MODULE-IDENTITY
LAST-UPDATED "201005130000Z"
ORGANIZATION "Alcatel-Lucent"
CONTACT-INFO
"Please consult with Customer Service to ensure the most appropriate
version of this document is used with the products in question:
Alcatel-Lucent, Enterprise Solutions Division
(Formerly Alcatel Internetworking, Incorporated)
26801 West Agoura Road
Agoura Hills, CA 91301-5122
United States Of America
Telephone: North America +1 800 995 2696
Latin America +1 877 919 9526
Europe +31 23 556 0100
Asia +65 394 7933
All Other +1 818 878 4507
Electronic Mail: support@ind.alcatel.com
World Wide Web: http://alcatel-lucent.com/wps/portal/enterprise
File Transfer Protocol: ftp://ftp.ind.alcatel.com/pub/products/mibs"
DESCRIPTION
"This module describes an authoritative enterprise-specific Simple
Network Management Protocol (SNMP) Management Information Base (MIB):
For the Birds Of Prey Product Line
Configuration and monitoring of policy manager parameters
The right to make changes in specification and other information
contained in this document without prior notice is reserved.
No liability shall be assumed for any incidental, indirect, special, or
consequential damages whatsoever arising from or related to this
document or the information contained herein.
Vendors, end-users, and other interested parties are granted
non-exclusive license to use this specification in connection with
management of the products for which it is intended to be used.
Copyright (C) 1995-2007 Alcatel-Lucent
ALL RIGHTS RESERVED WORLDWIDE"
REVISION "201005130000Z"
DESCRIPTION
"Fixed the Notifications to use MIB Module OID.0 as Notifications root."
::= { softentIND1Policy 1 }
--
-- Object roots used in this MIB
--
alcatelIND1PolicyMIBNotifications OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Branch For POLICY MIB Subsystem Notifications."
::= { alcatelIND1PolicyMIB 0 }
alcatelIND1PolicyMIBObjects OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Branch for policy manager application objects"
::= { alcatelIND1PolicyMIB 1 }
alcatelIND1PolicyMIBConformance OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Branch for policy manager application conformance information"
::= { alcatelIND1PolicyMIB 2 }
alcatelIND1PolicyMIBGroups OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Branch for policy manager application units of conformance"
::= { alcatelIND1PolicyMIBConformance 1 }
alcatelIND1PolicyMIBCompliances OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Branch for policy manager application compliance statements"
::= { alcatelIND1PolicyMIBConformance 2 }
--
-- Textual Conventions
--
-- The policyEventCodes represents all possible policy events
PolicyEventCodes ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"The policyEventCodes TC describes all possible policy events
and should be used for NMS correlation."
SYNTAX INTEGER {
pyEventInitLog(1),
pyEventLdapInit(2),
pyEventLdapSearch(3),
pyEventTooManyRequests(4),
pyEventServerStateChange(5),
pyEventLdapSyntaxSourceAddr(6),
pyEventLdapSyntaxDestAddr(7),
pyEventLdapSyntaxInDSByte(8),
pyEventLdapSyntaxRecDSByte(9),
pyEventLdapSyntaxPVPMonth(10),
pyEventLdapSyntaxPVPDoW(11),
pyEventLdapSyntaxPVPToD(12),
pyEventLdapSyntaxPVPTime(13),
pyEventLdapSyntaxSPort(14),
pyEventLdapSyntaxDPort(15),
pyEventLdapReferenceTP(16),
pyEventLdapReferencePVP(17),
pyEventInternalCodeError(18),
pyEventLdapSelectError(19),
pyEventLdapReferenceXYLAN(20),
pyEventDebugMemoryAlloc(21),
pyEventDebugMemoryFree(22),
pyEventPolicyCacheFlushed(23),
pyEventLdapServerDefined(24),
pyEventLdapSyntaxSourceMACAddr(25),
pyEventLdapSyntaxDestMACAddr(26),
pyEventLdapServerDeleted(27),
pyEventOptimizedPvpMonth(28),
pyEventOptimizedPvpDoW(29),
pyEventZeroPvpMonth(30),
pyEventZeroPvpDoW(31),
pyEventRuleScope(32),
pyEventRuleActivated(33),
pyEventRuleDeactivated(34),
pyEventLdapReferenceIPFilter(35),
pyEventLdapSyntaxTOSByte(36),
pyEventTimeChangeDetected(37),
pyEventPolicyWillNeverBeValid(38),
pyEventLdapSetOption(39),
pyEventLdapTLSChannelInit(40),
pyEventLdapTLSParametersOK(41),
pyEventMaxPolicyCountReached(42),
pyEventMemoryError(43),
pyEventMonitorSocketError(44),
pyEventDispositionError(45),
pyEventNameLengthError(46),
pyEventTableResize(47),
pyEvent48(48),
pyEvent49(49),
pyEvent50(50),
pyEvent51(51),
pyEvent52(52),
pyEvent53(53),
pyEvent54(54),
pyEvent55(55),
pyEvent56(56),
pyEvent57(57),
pyEventPolicyCacheLoaded(58)
}
--
-- Global parameters
--
serverPolicyDecision OBJECT-TYPE
SYNTAX INTEGER {
flushPolicies(0),
recachePolicies(1),
recacheQMMACGroup(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object allows an NMS application to influence the policy
manager's treatment of existing policy decisions that were
established by the policy manager. By setting recachePolicies,
an NMS can cause the policy manager to reload all its policies from the
current primary LDAP server. By setting flushPolicies, all the policies
are deleted by the policy manager."
::= { alcatelIND1PolicyMIBObjects 1 }
rsvpDefaultPolicy OBJECT-TYPE
SYNTAX INTEGER {
accept(1),
deny(2)
}
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION
"This object allows an NMS application to define the agent action
when there are no policy servers available to a switch. When
this object is set to accept(1), the policy manager in the switch
will allow all RSVP control message requests. When set to deny(2),
the policy manager will deny all RSVP control message requests."
::= { alcatelIND1PolicyMIBObjects 2 }
policyManagerEventTableSize OBJECT-TYPE
SYNTAX Integer32 (0..100)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the size of the policy manager event table.
When this object is set, the subagent adjusts the event table to
meet the size defined."
DEFVAL { 50 }
::= { alcatelIND1PolicyMIBObjects 3 }
--
-- The directoryServerTable provides an NMS with the ability to define and
-- control what directory servers a switch can access. The object
-- directoryServerRowStatus provides a uniform way to create and remove
-- rows (entries) of the table. The NMS can define switch access to use via
-- authenticated or unauthenticated LDAP bind operations
-- (via directoryServerAuthenticationType) and their appropriate parameters
--
directoryServerTable OBJECT-TYPE
SYNTAX SEQUENCE OF DirectoryServerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains information related to the LDAP-based
directory server from the perspective of the policy manager."
::= { alcatelIND1PolicyMIBObjects 4 }
directoryServerEntry OBJECT-TYPE
SYNTAX DirectoryServerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the directory server table. Each entry
represents a directory server instance to the policy manager."
INDEX {directoryServerAddress, directoryServerPort}
::= {directoryServerTable 1}
DirectoryServerEntry ::= SEQUENCE {
directoryServerAddress
IpAddress,
directoryServerPort
Integer32,
directoryServerPreference
Integer32,
directoryServerAuthenticationType
INTEGER,
directoryServerUserId
SnmpAdminString,
directoryServerPassword
SnmpAdminString,
directoryServerSearchbase
SnmpAdminString,
directoryServerCacheChange
INTEGER,
directoryServerLastChange
TimeTicks,
directoryServerAdminStatus
INTEGER,
directoryServerOperStatus
INTEGER,
directoryServerRowStatus
RowStatus,
directoryServerEnableSSL
INTEGER
}
directoryServerAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The IP Address of an LDAP server. The policy manager uses this
object combined with the directory server port number to uniquely
identify an LDAP server to use for directory queries and updates."
::= {directoryServerEntry 1}
directoryServerPort OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains the TCP port number, which, along with the
directory server IP address, identifies the LDAP server."
DEFVAL { 389 }
::= {directoryServerEntry 2}
directoryServerPreference OBJECT-TYPE
SYNTAX Integer32 (0..255)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object represents the relative preference of the server
entry. The higher the value of this object, the greater the
preference the policy manager places on using this server for
LDAP queries. This object is used when the policy manager uses
server selection based on the configured preference."
DEFVAL { 0 }
::= {directoryServerEntry 3}
directoryServerAuthenticationType OBJECT-TYPE
SYNTAX INTEGER {
none(0),
simplePassword(1)--,
-- kerberos(2),
-- publicKey(3)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object specifies what authentication
mechanism the LDAP server expects. For simplePassword(1),
the policy manager uses the directoryServerPassword object
for each LDAP query. kerberos and publicKey mechanisms are
currently unsupported. The none(0) value directs the policy
manager to use the 'anonymous' method for LDAP queries."
DEFVAL { none }
::= {directoryServerEntry 4}
directoryServerUserId OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(0..31))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object only has significance when the
directoryServerAuthenticationType has a value of
simplePassword(1). This simple display string is used by the
policy manager in LDAP queries and updates."
::= {directoryServerEntry 5}
directoryServerPassword OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(0..31))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object only has significance when the
directoryServerAuthenticationType has a value of
simplePassword(1). This simple display string is used by the
policy manager in LDAP queries and updates."
::= {directoryServerEntry 6}
directoryServerSearchbase OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(0..31))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object specifies the base object required for
LDAP search operations. This object represents, in
distinguished name format, the point where server
searches start. Generally, this object represents
the base object of the organization."
DEFVAL { "o=Alcatel IND, c=US" }
::= {directoryServerEntry 7}
directoryServerCacheChange OBJECT-TYPE
SYNTAX INTEGER {
none(0),
recachePolicy(1)--,
-- recacheAll(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object allows an NMS application to influence the policy
manager's cache of policy-related data when this server becomes
the primary LDAP server selected for the switch. Setting this object
to recachePolicy(1) conveys to the policy manager that the
policy class object should be obtained from the LDAP server
represented by this table entry when this server becomes the
primary LDAP server. By setting this object to 'none', the
policy manager will use the existing policy and policy rule
cache rather than reloading the policy data from this server.
In the case where there is no policy cache (for instance, when
the switch powers up) the policy manager will attempt to reload
the policy class cache even if this object is set to 'none'. "
DEFVAL { none }
::= {directoryServerEntry 8}
directoryServerLastChange OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains the value of sysUpTime at the time of
the last creation, deletion or modification of an object in
this table entry."
::= {directoryServerEntry 9}
directoryServerAdminStatus OBJECT-TYPE
SYNTAX INTEGER {
up(1),
down(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object specifies the desired administrative state of
the directory server. The up and down states control the
policy manager's decision to user the server for LDAP queries
and updates."
DEFVAL { up }
::= {directoryServerEntry 10}
directoryServerOperStatus OBJECT-TYPE
SYNTAX INTEGER {
up(1),
down(2),
unknown(3)--,
-- testing(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object identifies the current operational state of the
LDAP server. Semantics of this object closely resemble the
ifOperStatus definition, however, the LDAP application layer
is NOT modeled as an interface as defined by RFC2233."
DEFVAL { unknown }
::= {directoryServerEntry 11}
directoryServerRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object is used to create a new table entry or modify
or delete an existing table entry in this table."
DEFVAL { createAndGo }
::= {directoryServerEntry 12}
directoryServerEnableSSL OBJECT-TYPE
SYNTAX INTEGER {
disableSSL(0),
enableSSL(1)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object enables or disables SSL for the LDAP server."
DEFVAL { disableSSL }
::= {directoryServerEntry 13}
--
-- policyEventTable
--
policyEventTable OBJECT-TYPE
SYNTAX SEQUENCE OF PolicyEventEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains significant events related to the
operation of the policy manager. "
::= { alcatelIND1PolicyMIBObjects 5}
policyEventEntry OBJECT-TYPE
SYNTAX PolicyEventEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the policy manager event table."
INDEX { policyEventIndex }
::= {policyEventTable 1}
PolicyEventEntry ::= SEQUENCE {
policyEventIndex
Integer32,
policyEventCode
PolicyEventCodes,
policyEventDetailString
SnmpAdminString,
policyEventTime
TimeTicks
}
policyEventIndex OBJECT-TYPE
SYNTAX Integer32 (0..1000)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object uniquely identifies the event record."
::= {policyEventEntry 1}
policyEventCode OBJECT-TYPE
SYNTAX PolicyEventCodes
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object identifies the event that occurred. The internal
protocol error and LDAP error events are rollup events that
represent a collection of events with similar characteristics.
The internal error event occurs due to software resource or
logic problems; the LDAP error occurs because of LDAP init,
search, format, protocol or other similar errors."
::= {policyEventEntry 2}
policyEventDetailString OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object gives details about the event that took place.
Included in the string are (potentially) fields that provide
more specific fault location and isolation, context resolution,
and event (error) instance information."
::= {policyEventEntry 3}
policyEventTime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object contains the value of sysUpTime at the time
the event occurred."
::= {policyEventEntry 4}
--
-- The rule names table provides confirmation to an element manager
-- that policy rules are loaded on a switch.
--
policyRuleNamesTable OBJECT-TYPE
SYNTAX SEQUENCE OF PolicyRuleNamesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains information that identifies the LDAP-based
policy rules defined on a directory server that are pushed by
the policy manager to the QoS&F manager for making policy decisions."
::= { alcatelIND1PolicyMIBObjects 6}
policyRuleNamesEntry OBJECT-TYPE
SYNTAX PolicyRuleNamesEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the policy rules table. Each entry represents the
name of a policy rule on the directory server. The policy manager
uses these names to build the correct policy rules."
INDEX {policyRuleNamesIndex}
::= {policyRuleNamesTable 1}
PolicyRuleNamesEntry ::= SEQUENCE {
policyRuleNamesIndex
Integer32,
policyRuleNamesName
SnmpAdminString,
policyRuleNamesRowStatus
RowStatus,
policyRuleOperStatus
INTEGER
}
policyRuleNamesIndex OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object is a unique index identifying the policyRuleNames entry."
::= { policyRuleNamesEntry 1 }
policyRuleNamesName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(0..31))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object defines the name of the policyRule that the policy manager
will use to build a switch policy. The name coincides with the directory
server class name equivalent."
::= { policyRuleNamesEntry 2 }
policyRuleNamesRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Deprecated (to avoid proliferation of control planes) - rules
to be changed should be updated in LDAP and flushed/pushed to
switches accordingly."
DEFVAL { active }
::= { policyRuleNamesEntry 3 }
policyRuleOperStatus OBJECT-TYPE
SYNTAX INTEGER {
-- mip_def_values.h : MIP_ROW_STATUS_VALUES.ROWSTATUS_*
-- and these should stay in agreement
up(1),
down(2), -- invalid, POLICY_INVALID, NotInService
notReady(3) -- eg; pending PVP (POLICY ! _INVALID but ! _ACTIVE)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object is used to convey to an NMS the state of the policy.
A value of 'up' implies that the policy rule has been pushed to
the QoS / filtering manager (i.e. the PEP). A value of 'down'
means the policy is invalid, so it was not pushed to the
QoS / filtering manager. A value of 'notReady' means this
rule is valid, but not currently active (PVP not active, etc)."
DEFVAL { up }
::= { policyRuleNamesEntry 4 }
--
-- policyStatsTable
--
policyStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF PolicyStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table defines the objects maintained by the policy manager
representing statistics available on a per policy server instance.
The objects in this table correspond directly to the similarly named
objects in <draft-white-slapm-mib-00.txt>, except that the objects in
the draft are scalars. Note that the I-D is now RFC 2758, and experimental
category RFC.
There are semantic differences from RFC 2758 for some objects - the
differences are detailed in the DESCRIPTION clauses. Some objects
behave differently from the RFC because of our combined PDP/PEP
implementation. Note that RFC 2758 applies to hosts more than switches."
::= { alcatelIND1PolicyMIBObjects 7 }
policyStatsEntry OBJECT-TYPE
SYNTAX PolicyStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the policy manager stats table."
INDEX {policyStatsAddress, policyStatsServerPort }
::= {policyStatsTable 1}
PolicyStatsEntry ::= SEQUENCE {
policyStatsAddress
IpAddress,
policyStatsServerPort
Integer32,
policyStatsQueryCount
Counter32,
policyStatsAccessCount
Counter32,
policyStatsSuccessAccessCount
Counter32,
policyStatsNotFoundCount
Counter32
}
policyStatsAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"IP address of the policy server related to these statistics"
::= { policyStatsEntry 1 }
policyStatsServerPort OBJECT-TYPE
SYNTAX Integer32 (0..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"TCP port number of the policy server related to these statistics"
::= { policyStatsEntry 2 }
policyStatsQueryCount OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The query count gives the total number of times a policy repository
was queried by the policy decision point. The policy repository is the LDAP
server where policies are stored."
::= { policyStatsEntry 3 }
policyStatsAccessCount OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of times that a policy repository was
accessed with respect to a policy agent. The policy decision
point (PDP) in this implementation accesses the repository via
LDAP. The access count includes all operations required to
access the policy rules (including role evaluations and discrete
policy entry accesses.)
The value of this object will increment on repository access."
::= { policyStatsEntry 4 }
policyStatsSuccessAccessCount OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of successful policy repository accesses. This
value increments if a 'known' attribute has been discovered in
a repository search, regardless of its PDP processing status.
This object will increment less than policyStatsAccessCount
on most repository accesses, based on repository structure
and what roles match the policy decision point."
::= { policyStatsEntry 5 }
policyStatsNotFoundCount OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of policy repository accesses that resulted
in an entry not being located. Not found counts increment on
protocol search failures and other attribute lookup problems.
Generally, policyStatsNotFoundCount increments only in
error cases."
::= { policyStatsEntry 6 }
--
-- The policyNotificationTable allows an NMS to control notifications produced
-- by switch software. This table allows an NMS to "zone in" on problems
-- by singling out specific events as part of a pro-active monitoring strategy
-- by the NMS application.
--
policyNotificationTable OBJECT-TYPE
SYNTAX SEQUENCE OF PolicyNotificationEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains an association between an event ID and the
notification method that the policy manager uses to convey to an
NMS that the event occurred. "
::= { alcatelIND1PolicyMIBObjects 8 }
policyNotificationEntry OBJECT-TYPE
SYNTAX PolicyNotificationEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the policy manager notification table."
INDEX { policyNotificationIndex }
::= {policyNotificationTable 1}
PolicyNotificationEntry ::= SEQUENCE {
policyNotificationIndex
PolicyEventCodes,
policyNotificationCode
INTEGER,
policyEventCount
Counter32
}
policyNotificationIndex OBJECT-TYPE
SYNTAX PolicyEventCodes
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object is a unique index identifying the policyNotification entry.
This index corresponds to the same value as the policyEvent."
::= { policyNotificationEntry 1 }
policyNotificationCode OBJECT-TYPE
SYNTAX INTEGER {
noNotification(0),
writeToLog(1),
sendTrap(2),
logAndTrap(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object defines the notification method used to convey information
about switch events to the NMS. The notification code allows for
multiple notification methods, updated by an NMS by setting the
appropriate method corresponding to the event index."
::= { policyNotificationEntry 2 }
policyEventCount OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Total number of times that this event was recognized. This value
increments for each event occurance. No advertised management
facility exists to clear these history counters. This object is
intended to be a hint to management applications as to the past
operating history of a switch even if entries are no longer
present in the policyEventTable."
::= { policyNotificationEntry 3 }
policyManagerSwitchIdentifier OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(0..40))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The value of this object type identifies the switch
with a identifier that is unique through out the network
This identifier is stored on the switch and the Directory
Server for policies that are specific to this switch.
If this variable is changed on the switch then the Directory
Server also must be changed correspondingly.
Changing the variable on the switch and not making the
corresponding change on the Directory Server will render the
policies defined for this switch unusable.The syntax of this
variable is macAddress:Date:Time.
Example: xx:xx:xx:xx:xx:xx:yyyymmdd:hhmmss "
::= { alcatelIND1PolicyMIBObjects 9 }
--
-- Traps definitions
--
policyManagerTrapObjs OBJECT IDENTIFIER ::= { alcatelIND1PolicyMIBObjects 10 }
--
-- Trap description
--
policyEventNotification NOTIFICATION-TYPE
OBJECTS {
policyTrapEventDetailString,
policyTrapEventCode
}
STATUS current
DESCRIPTION
"The policyEventNotification allows the switch to notify an NMS when
significant events happen. The NMS can then investigate and perform
appropriate control functions. Other tables allow the NMS app to
zone in on the problem as part of a proactive monitoring system by the
NMS application. "
::= { alcatelIND1PolicyMIBNotifications 1 }
--
-- Trap objects
--
policyTrapEventDetailString OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE(0..255))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Details about the event that took place"
::= { policyManagerTrapObjs 1 }
policyTrapEventCode OBJECT-TYPE
SYNTAX PolicyEventCodes
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The code of the event"
::= { policyManagerTrapObjs 2 }
--
-- compliance statements
--
alcatelIND1PolicyMIBCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The policy manager compliance statement"
MODULE -- this module
MANDATORY-GROUPS {
policyMIBGlobalGroup,
policyMIBDirectoryServerGroup,
policyMIBEventTableGroup,
policyMIBRuleNamesGroup,
policyMIBStatsGroup,
policyMIBNotificationGroup
}
::= { alcatelIND1PolicyMIBCompliances 1 }
--
-- units of conformance
--
policyMIBGlobalGroup OBJECT-GROUP
OBJECTS {
serverPolicyDecision,
policyManagerEventTableSize,
policyManagerSwitchIdentifier
}
STATUS current
DESCRIPTION
"A collection of objects providing information on global
policy manager state"
::= { alcatelIND1PolicyMIBGroups 1 }
policyMIBDirectoryServerGroup OBJECT-GROUP
OBJECTS {
directoryServerAddress,
directoryServerPort,
directoryServerPreference,
directoryServerAuthenticationType,
directoryServerUserId,
directoryServerPassword,
directoryServerSearchbase,
directoryServerCacheChange,
directoryServerLastChange,
directoryServerAdminStatus,
directoryServerOperStatus,
directoryServerRowStatus,
directoryServerEnableSSL
}
STATUS current
DESCRIPTION
"A collection of objects for managing LDAP directory
servers"
::= { alcatelIND1PolicyMIBGroups 2 }
policyMIBEventTableGroup OBJECT-GROUP
OBJECTS {
policyEventIndex,
policyEventCode,
policyEventDetailString,
policyEventTime
}
STATUS current
DESCRIPTION
"A collection of objects detailling the events that
occurred during policy manager operation"
::= { alcatelIND1PolicyMIBGroups 3 }
policyMIBRuleNamesGroup OBJECT-GROUP
OBJECTS {
policyRuleNamesIndex,
policyRuleNamesName,
policyRuleNamesRowStatus,
policyRuleOperStatus
}
STATUS current
DESCRIPTION
"A collection of object to know which policy rules have
been retrieved from a directory server"
::= { alcatelIND1PolicyMIBGroups 4 }
policyMIBStatsGroup OBJECT-GROUP
OBJECTS {
policyStatsAddress,
policyStatsServerPort,
policyStatsAccessCount,
policyStatsSuccessAccessCount,
policyStatsNotFoundCount,
policyStatsQueryCount
}
STATUS current
DESCRIPTION
"A collection of object to keep a trace of how directory
servers are accessed by the policy manager"
::= { alcatelIND1PolicyMIBGroups 5 }
policyMIBNotificationGroup OBJECT-GROUP
OBJECTS {
policyNotificationIndex,
policyNotificationCode,
policyEventCount,
policyTrapEventDetailString,
policyTrapEventCode
}
STATUS current
DESCRIPTION
"A collection of object to configure what the policy manager
must do when specific events happen"
::= { alcatelIND1PolicyMIBGroups 6 }
policyMIBTrapEventGroup OBJECT-GROUP
OBJECTS {
policyTrapEventDetailString,
policyTrapEventCode
}
STATUS current
DESCRIPTION
"A collection of objects that appear in policy manager
event notifications."
::= { alcatelIND1PolicyMIBGroups 7 }
policyMIBTrapsGroup NOTIFICATION-GROUP
NOTIFICATIONS {
policyEventNotification
}
STATUS current
DESCRIPTION
"Collection of traps for management of Policy Manager"
::= { alcatelIND1PolicyMIBGroups 8 }
END
|
