Mobile IP Working Group R. Rathi INTERNET DRAFT K. Leung October 2003 The Definitions of Managed Objects for IP Mobility Support using SMIv2, revised draft-ietf-mip4-rfc2006bis-01.txt Status of this Memo This document is an Internet Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and working groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Abstract This memo defines the Management Information Base (MIB) for use with network management protocols in TCP/IP-based internets. In particular, it describes managed objects used for managing the Mobile Node, Foreign Agent and Home Agent of the Mobile IP Protocol. This memo is intended to update and possibly obsolete RFC 2006, however, it is designed to be backward compatible. Rathi [Page 1] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 Table of Contents 1. The Network Management Framework . . . . . . . . . . . . . . . . 2 2. Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.1. Object Definitions . . . . . . . . . . . . . . . . . . . . . . 3 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3.1. Object Selection Criteria . . . . . . . . . . . . . . . . . . . 3 3.2. Structure of the Mobile IP . . . . . . . . . . . . . . . . . . 4 3.3. MIB Groups . . . . . . . . . . . . . . . . . . . . . . . . . . 4 3.4. Protocol Extensions . . . . . . . . . . . . . . . . . . . . . . 5 4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 76 6. Security Considerations . . . . . . . . . . . . . . . . . . . . . 77 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . . 78 A. Changes from RFC 2006 . . . . . . . . . . . . . . . . . . . . . . 80 B. Chair and Editor Addresses . . . . . . . . . . . . . . . . . . . 85 C. Full Copyright Statement . . . . . . . . . . . . . . . . . . . . 86 1. The SNMP Network Management Framework The SNMP Management Framework presently consists of five major components: o An overall architecture, described in RFC 2571 [2]. o Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in STD 16, RFC 1155 [11], STD 16, RFC 1212 [12] and RFC 1215 [13]. The second version, called SMIv2, is described in STD 58, RFC 2578 [1], STD 58, RFC 2579 [3] and STD 58, RFC 2580 [4]. o Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in STD 15, RFC 1157 [6]. A second version of the SNMP message protocol, which is not an Internet standards track pro- tocol, is called SNMPv2c and described in RFC 1901 [14] and RFC 1906 [15]. The third version of the message protocol is called SNMPv3 and described in RFC 1906 [15], RFC 2572 [16] and RFC 2574 [8]. o Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described in STD 15, RFC 1157 [6]. A second set of protocol operations and associated PDU formats is described in RFC 1905 [7]. Rathi [Page 2] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 o A set of fundamental applications described in RFC 2573 [17] and the view-based access control mechanism described in RFC 2575 [9]. A more detailed introduction to the current SNMP Management Framework can be found in RFC 2570 [10]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the mechanisms defined in the SMI. This memo specifies a MIB module that is compliant to the SMIv2. A MIB conforming to the SMIv1 can be produced through the appropriate translations. The resulting translated MIB must be semantically equivalent, except where objects or events are omitted because no translation is possible (use of Counter64). Some machine readable information in SMIv2 will be converted into textual descriptions in SMIv1 during the translation process. However, this loss of machine readable information is not considered to change the semantics of the MIB. 2. Objects 2.1. Object Definitions Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the subset of Abstract Syntax Notation One (ASN.1) defined in the SMI. In particular, each object type is named by an OBJECT IDENTIFIER, an administratively assigned name. The object type together with an object instance serves to uniquely identify a specific instantiation of the object. For human convenience, we often use a textual string, termed the descriptor, to refer to the object type. 3. Overview 3.1. Object Selection Criteria To be consistent with IAB directives and good engineering practice, the authors have applied some criteria to select managed objects for the Mobile IP Protocol. (1) Partition management functionality among the Mobile Node, Home Agent, and Foreign Agent according to the partitioning seen in the Mobile IP Protocol. Rathi [Page 3] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 (2) Require that objects be essential for either fault or configura- tion management. (3) Limit the total number of objects. (4) Exclude objects which are simply derivable from others in this or other MIBs. 3.2. Structure of the Mobile IP This section describes the basic model of Mobile IP used in develop- ing the Mobile IP MIB. This information should be useful to the implementor in understanding some of the basic design decisions of the MIB. The Mobile IP Protocol introduces these new functional entities: Mobile Node A host or router that changes its point of attachment from one network or subnetwork to another. A mobile node may change its location without losing connectivity and without changing its IP address; it may continue to communicate with other Internet nodes at any location using its (constant) IP address, assuming link- layer connectivity to a point of attachment is available. Home Agent A router on a mobile node's home network which tunnels packets for delivery to the mobile node when it is away from home, and maintains current location information for the mobile node. Foreign Agent A router on a mobile node's visited network which provides rout- ing services to the mobile node while registered. The foreign agent detunnels and delivers packets to the mobile node that were tunneled by the mobile node's home agent. For datagrams sent by a mobile node, the foreign agent may serve as a default router for registered mobile nodes. This document specifies the objects used in managing these entities; namely, the Mobile Node, the Home Agent, and the Foreign Agent. 3.3. MIB Groups Objects in this MIB are arranged into groups. Each group is orga- nized as a set of related objects. The overall structure and the Rathi [Page 4] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 relationship between groups and the Mobile IP entities are shown below: Groups Mobile Node Foreign Agent Home Agent mipSystemGroup X X X mipSecAssociationGroup X X X mipSecViolationGroup X X X mnSystemGroup X mnDiscoveryGroup X mnRegistrationGroup X maAdvertisementGroup X X faSystemGroup X faAdvertisementGroup X faRegistrationGroup X haRegistrationGroup X haRegNodeCountersGroup X 3.4. Protocol Extensions Apart from changes to base specification of Mobile IP [24], it has been enhanced in number of ways through its ability for added capa- bilities. Implementations of those capabilities have not been able to have any management capabilities present in RFC 2006 compliant MIB module agents, since the capabilities themselves postdated the adop- tion of RFC 2006. For several significant capabilities, in the form of NAI extension [21], Challenge/Response Extensions [22], Reverse Tunneling [23], and Vendor/Organization-Specific Extensions [25], the MIB Module defined in this document exposes object types to manage those extended capabilities and their operation. NAI extension requires a thorough redefinition of MIB table row indices from the RFC 2006 state since it provides a one more way to identify the mobile nodes apart from home address. The functional differences between this memo and RFC 2006 are explained in Appendix A. MIP-MIB DEFINITIONS ::= BEGIN IMPORTS Counter32, Gauge32, Integer32, IpAddress, Unsigned32, MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, mib-2 FROM SNMPv2-SMI RowStatus, TruthValue, TimeStamp, TEXTUAL-CONVENTION FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF; Rathi [Page 5] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 mipMIB MODULE-IDENTITY LAST-UPDATED "200309250000Z" ORGANIZATION "IETF Mobile IP Working Group" CONTACT-INFO " Kent Leung Postal: Cisco Systems 170 West Tasman Drive San Jose, CA 95134 USA Phone: +1 408-526-5030 Email: kleung@cisco.com" DESCRIPTION "The MIB Module for the Mobile IP." REVISION "200309250000Z" DESCRIPTION "Updated for latest changes to Mobile IP." REVISION "199606040000Z" DESCRIPTION "Initial revision, published as part of RFC 2006." ::= { mib-2 44 } mipMIBObjects OBJECT IDENTIFIER ::= { mipMIB 1 } -- Groups under mipMIBObjects mipSystem OBJECT IDENTIFIER ::= { mipMIBObjects 1 } mipSecurity OBJECT IDENTIFIER ::= { mipMIBObjects 2 } mipMN OBJECT IDENTIFIER ::= { mipMIBObjects 3 } mipMA OBJECT IDENTIFIER ::= { mipMIBObjects 4 } mipFA OBJECT IDENTIFIER ::= { mipMIBObjects 5 } mipHA OBJECT IDENTIFIER ::= { mipMIBObjects 6 } mnSystem OBJECT IDENTIFIER ::= { mipMN 1 } mnDiscovery OBJECT IDENTIFIER ::= { mipMN 2 } mnRegistration OBJECT IDENTIFIER ::= { mipMN 3 } maAdvertisement OBJECT IDENTIFIER ::= { mipMA 2 } faSystem OBJECT IDENTIFIER ::= { mipFA 1 } faAdvertisement OBJECT IDENTIFIER ::= { mipFA 2 } faRegistration OBJECT IDENTIFIER ::= { mipFA 3 } haRegistration OBJECT IDENTIFIER ::= { mipHA 3 } -- All deprecated definitions are put towards the end of the MIB. -- Textual convention Rathi [Page 6] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 RegistrationFlags ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This data type is used to define the registration flags for Mobile IP registration extension: reserved1 -- Reserved reverseTunnel -- Request to support reverse tunneling reserved2 -- Reserved gre -- Request to use GRE minEnc -- Request to use minimal encapsulation decapsulationByMN -- Decapsulation by mobile node broadcastDatagram -- Request to receive broadcasts simultaneousBindings -- Request to retain prior binding(s) reverseTunnel -- Request to support reverse tunneling." SYNTAX BITS { reserved1(1), reverseTunnel(2), reserved2(3), gre(4), minEnc(5), decapsulationbyMN(6), broadcastDatagram(7), simultaneousBindings(8) } MipEntityIdentifierType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "A value that represents a type of Mobile IP entity identifier. other(1) Indicates identifier which is not in one of the formats defined below. ipaddress(2) IP address as defined by InetAddressIPv4 textual convention in INET-ADDRESS-MIB. nai(3) A network access identifier as defined by the MipEntityIdentifierNAI textual convention." Rathi [Page 7] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 REFERENCE "RFC2851 - Textual Conventions for Internet Network Addresses" SYNTAX INTEGER { other(1), ipaddress(2), nai(3) } MipEntityIdentifier ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Represents the generic identifier for Mobile IP entities. A MipEntityIdentifier value is always interpreted within the context of a MipEntityIdentifierType value. Foreign agents and Home agents are identified by the IP addresses. Mobile nodes can be identified in more than one way e.g. IP addresses, network access identifiers (NAI). If mobile node is identified by something other than IP address say by NAI and it gets IP address dynamically from the home agent then value of object of this type should be same as NAI. This is because IP address is not tied with mobile node and it can change across registrations over period of time. Note that the first 64 octets are used as index element." SYNTAX OCTET STRING (SIZE (1..64)) MipEntityIdentifierNAI ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Represents a Network Access Identifier (NAI). Mobile nodes may use NAI to authenticate themselves to the foreign agent and home agent and to get the home address dynamically from the home agent." REFERENCE "RFC2794 - Mobile IP Network Access Identifier Extension for IPv4" SYNTAX OCTET STRING (SIZE (1..255)) MipDeliveryStyle ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "This data type is used to indicate the delivery style requested by the mobile node in its registration request." REFERENCE "RFC3024 - Reverse Tunneling for Mobile IP" SYNTAX INTEGER { direct(1), encapsulating(2) } Rathi [Page 8] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 -- mipSystem Group mipEntities OBJECT-TYPE SYNTAX BITS { mobileNode(0), foreignAgent(1), homeAgent(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object describes which Mobile IP entities are supported by this managed entity. The entity may support more than one Mobile IP entities. For example, the entity supports both Foreign Agent (FA) and Home Agent (HA). Therefore, bit 1 and bit 2 are set to 1 for this object." ::= { mipSystem 1 } mipEnable OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates whether the Mobile IP protocol should be enabled for the managed entity. If it is disabled, the entity should disable both agent discovery and registration functions." ::= { mipSystem 2 } mipEncapsulationSupported OBJECT-TYPE SYNTAX BITS { ipInIp(0), gre(1), minEnc(2), other(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "Encapsulation methods supported by the Mobile IP entity. The entity may support multiple encapsulation methods or none of them: ipInIp(0), -- IP Encapsulation within IP gre(1), -- Generic Routing Encapsulation, -- refers to RFC1701 minEnc(2), -- Minimal Encapsulation within IP." ::= { mipSystem 3 } Rathi [Page 9] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 -- mipSecurity Group -- Mobile IP security violation total counter mipSecTotalViolations OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of security violations in the entity." ::= { mipSecurity 2 } mipSecurityAssocsCount OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of mobility security associations known to the entity i.e. the number of entries in the mipSecurityAssocTable." ::= { mipSecurity 4 } -- Mobile IP security association table mipSecurityAssocTable OBJECT-TYPE SYNTAX SEQUENCE OF MipSecurityAssocEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing Mobility Security Associations." ::= { mipSecurity 5 } mipSecurityAssocEntry OBJECT-TYPE SYNTAX MipSecurityAssocEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "One particular Mobility Security Association." INDEX { mipSecurityPeerIdType, mipSecurityPeerId, mipSecuritySPI } ::= { mipSecurityAssocTable 1 } MipSecurityAssocEntry ::= SEQUENCE { mipSecurityPeerIdType MipEntityIdentifierType, mipSecurityPeerId MipEntityIdentifier, mipSecuritySPI Unsigned32, mipSecurityAlgorithmType INTEGER, Rathi [Page 10] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 mipSecurityAlgorithmMode INTEGER, mipSecurityKey OCTET STRING, mipSecurityReplayMethod INTEGER, mipSecurityReplayTime Unsigned32, mipSecurityStatus RowStatus } mipSecurityPeerIdType OBJECT-TYPE SYNTAX MipEntityIdentifierType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The type of the peer entity's identifier." ::= { mipSecurityAssocEntry 1 } mipSecurityPeerId OBJECT-TYPE SYNTAX MipEntityIdentifier MAX-ACCESS not-accessible STATUS current DESCRIPTION "The identifier of the peer entity with which this node shares the mobility security association." ::= { mipSecurityAssocEntry 2 } mipSecuritySPI OBJECT-TYPE SYNTAX Unsigned32 (0..4294967295) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The SPI is the 4-byte opaque index within the Mobility Security Association which selects the specific security parameters to be used to authenticate the peer, i.e. the rest of the variables in this mipSecurityAssocEntry." ::= { mipSecurityAssocEntry 3 } mipSecurityAlgorithmType OBJECT-TYPE SYNTAX INTEGER { other(1), md5(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Type of security algorithm." DEFVAL { md5 } ::= { mipSecurityAssocEntry 4 } Rathi [Page 11] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 mipSecurityAlgorithmMode OBJECT-TYPE SYNTAX INTEGER { other(1), prefixSuffix(2), hmac(3) } MAX-ACCESS read-create STATUS current DESCRIPTION "Security mode used by this algorithm." DEFVAL { hmac } ::= { mipSecurityAssocEntry 5 } mipSecurityKey OBJECT-TYPE SYNTAX OCTET STRING (SIZE(16)) MAX-ACCESS read-create STATUS current DESCRIPTION "The shared secret key for the security associations. Reading this object will always return zero length value." ::= { mipSecurityAssocEntry 6 } mipSecurityReplayMethod OBJECT-TYPE SYNTAX INTEGER { other(1), timestamps(2), nonces(3) } MAX-ACCESS read-create STATUS current DESCRIPTION "The replay-protection method supported for this SPI within this Mobility Security Association." DEFVAL { timestamps } ::= { mipSecurityAssocEntry 7 } mipSecurityReplayTime OBJECT-TYPE SYNTAX Unsigned32 (3..255) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The replay-protection time difference that is acceptable for this Mobility Security Association when MipSecurityReplayMethod is set to timestamps." DEFVAL { 7 } ::= { mipSecurityAssocEntry 8 } Rathi [Page 12] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 mipSecurityStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The row status for this table." ::= { mipSecurityAssocEntry 9 } -- Mobile IP security violation table mipSecurityViolationTable OBJECT-TYPE SYNTAX SEQUENCE OF MipSecurityViolationEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing information about security violations." ::= { mipSecurity 6 } mipSecurityViolationEntry OBJECT-TYPE SYNTAX MipSecurityViolationEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information about one particular security violation." INDEX { mipSecurityViolatorIdType, mipSecurityViolatorId } ::= { mipSecurityViolationTable 1 } MipSecurityViolationEntry ::= SEQUENCE { mipSecurityViolatorIdType MipEntityIdentifierType, mipSecurityViolatorId MipEntityIdentifier, mipSecurityViolationCounter Counter32, mipSecurityRecentViolationSPI Unsigned32, mipSecurityRecentViolationTime TimeStamp, mipSecurityRecentViolationIDLow Unsigned32, mipSecurityRecentViolationIDHigh Unsigned32, mipSecurityRecentViolationReason INTEGER } mipSecurityViolatorIdType OBJECT-TYPE SYNTAX MipEntityIdentifierType MAX-ACCESS not-accessible Rathi [Page 13] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 STATUS current DESCRIPTION "The type of Violator's identifier." ::= { mipSecurityViolationEntry 1 } mipSecurityViolatorId OBJECT-TYPE SYNTAX MipEntityIdentifier MAX-ACCESS not-accessible STATUS current DESCRIPTION "Violator's identifier. The violator is not necessary in the mipSecurityAssocTable." ::= { mipSecurityViolationEntry 2 } mipSecurityViolationCounter OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of security violations for this peer." ::= { mipSecurityViolationEntry 3 } mipSecurityRecentViolationSPI OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "SPI of the most recent security violation for this peer. If the security violation is due to an identification mismatch, then this is the SPI from the Mobile-Home Authentication Extension. If the security violation is due to an invalid authenticator, then this is the SPI from the offending authentication extension. In all other cases, it should be set to zero." ::= { mipSecurityViolationEntry 4 } mipSecurityRecentViolationTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "Time of the most recent security violation for this peer." ::= { mipSecurityViolationEntry 5 } mipSecurityRecentViolationIDLow OBJECT-TYPE SYNTAX Unsigned32 (0..4294967295) Rathi [Page 14] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 MAX-ACCESS read-only STATUS current DESCRIPTION "Low-order 32 bits of identification used in request or reply of the most recent security violation for this peer." ::= { mipSecurityViolationEntry 6 } mipSecurityRecentViolationIDHigh OBJECT-TYPE SYNTAX Unsigned32 (0..4294967295) MAX-ACCESS read-only STATUS current DESCRIPTION "High-order 32 bits of identification used in request or reply of the most recent security violation for this peer." ::= { mipSecurityViolationEntry 7 } mipSecurityRecentViolationReason OBJECT-TYPE SYNTAX INTEGER { noMobilitySecurityAssociation(1), badAuthenticator(2), badIdentifier(3), badSPI(4), missingSecurityExtension(5), other(6) } MAX-ACCESS read-only STATUS current DESCRIPTION "Reason for the most recent security violation for this peer." ::= { mipSecurityViolationEntry 8 } -- mipMN Group -- mipSystem Group mnState OBJECT-TYPE SYNTAX INTEGER { home(1), registered(2), pending(3), isolated(4), unknown(5) } MAX-ACCESS read-only STATUS current Rathi [Page 15] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 DESCRIPTION "Indicates mobile node's state of Mobile IP: home, -- MN is connected to home network. registered, -- MN has registered on foreign network pending, -- MN has sent registration request and is waiting for the reply isolated, -- MN is isolated from network unknown -- MN can not determine its state." ::= { mnSystem 1 } mnHomeAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "An IP address that is assigned for an extended period of time to the mobile node. It remains unchanged regardless of the mobile node's current point of attachment. If mobile node doesn't have home address assigned yet then this object will take the default value." DEFVAL { '00000000'H } ::= { mnSystem 2 } -- Mobile node's home agent list mnHATable OBJECT-TYPE SYNTAX SEQUENCE OF MnHAEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing all of the mobile node's potential home agents." ::= { mnSystem 3 } mnHAEntry OBJECT-TYPE SYNTAX MnHAEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information for a particular Home Agent." INDEX { mnHAAddress } ::= { mnHATable 1 } Rathi [Page 16] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 MnHAEntry ::= SEQUENCE { mnHAAddress IpAddress, mnCurrentHA TruthValue, mnHAStatus RowStatus } mnHAAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "IP address of mobile node's Home Agent." ::= { mnHAEntry 1 } mnCurrentHA OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "Whether this home agent is the current home agent for the mobile node. If it is true, the mobile node is registered with that home agent." ::= { mnHAEntry 2 } mnHAStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The row status for this home agent entry. If the status is set to 'createAndGo' or 'active', then the mobile node can use mnHAAddress as a valid candidate for a home agent. If the status is set to 'destroy', then the mobile node should delete this row, and deregister from that home agent." ::= { mnHAEntry 3 } mnIdentifierType OBJECT-TYPE SYNTAX MipEntityIdentifierType MAX-ACCESS read-only STATUS current DESCRIPTION "The type of the identifier of the mobile node." ::= { mnSystem 4 } mnIdentifier OBJECT-TYPE SYNTAX MipEntityIdentifier MAX-ACCESS read-only Rathi [Page 17] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 STATUS current DESCRIPTION "The identifier of the mobile node." ::= { mnSystem 5 } mnFATable OBJECT-TYPE SYNTAX SEQUENCE OF MnFAEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing all foreign agents that the mobile node knows about and their corresponding COA (care-of address). This COA is an address of a foreign agent with which the mobile node is registered. The table is updated when advertisements are received by the mobile node. If an advertisement expires, its entry(s) should be deleted from the table. One foreign agent can provide more than one COA in its advertisements." ::= { mnDiscovery 1 } mnFAEntry OBJECT-TYPE SYNTAX MnFAEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "One pair of foreign agent IP address and COA for that foreign agent." INDEX { mnFAAddress, mnCOA } ::= { mnFATable 1 } MnFAEntry ::= SEQUENCE { mnFAAddress IpAddress, mnCOA IpAddress } mnFAAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Foreign agent's IP address." ::= { mnFAEntry 1 } mnCOA OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current Rathi [Page 18] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 DESCRIPTION "A care-of address being offered by this foreign agent or a co-located care-of address which the mobile node has associated with one of its own network interfaces." ::= { mnFAEntry 2 } -- Mobile node could store multiple agent advertisements, however, -- only the most recently received agent advertisement information -- is required to be made available to the manager station. mnRecentAdvReceived OBJECT IDENTIFIER ::= { mnDiscovery 2 } mnAdvSourceAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The source IP address of the most recently received Agent Advertisement. This address could be the address of a home agent or a foreign agent." ::= { mnRecentAdvReceived 1 } mnAdvSequence OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "The sequence number of the most recently received advertisement. The sequence number ranges from 0 to 0xffff. After the sequence number attains the value 0xffff, it will roll over to 256." ::= { mnRecentAdvReceived 2 } mnAdvFlags OBJECT-TYPE SYNTAX BITS { gre(1), minEnc(2), foreignAgent(3), homeAgent(4), busy(5), regRequired(6), reverseTunnel(7) } MAX-ACCESS read-only STATUS current Rathi [Page 19] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 DESCRIPTION "The flags are contained in the 7th byte in the extension of the most recently received mobility agent advertisement: gre -- Agent offers Generic Routing Encapsulation minEnc, -- Agent offers Minimal Encapsulation foreignAgent, -- Agent is a Foreign Agent homeAgent, -- Agent is a Home Agent busy, -- Foreign Agent is busy regRequired, -- FA registration is required reverseTunnel, -- Agent supports reverse tunneling." ::= { mnRecentAdvReceived 3 } mnAdvMaxRegLifetime OBJECT-TYPE SYNTAX Integer32 (1..65535) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The longest lifetime in seconds that the agent is willing to accept in any registration request." ::= { mnRecentAdvReceived 4 } mnAdvMaxAdvLifetime OBJECT-TYPE SYNTAX Integer32 (1..65535) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The maximum length of time that the Advertisement is considered valid in the absence of further Advertisements." REFERENCE "AdvertisementLifeTime in RFC1256." ::= { mnRecentAdvReceived 5 } mnAdvTimeReceived OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current Rathi [Page 20] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 DESCRIPTION "The time at which the most recently received advertisement was received." ::= { mnRecentAdvReceived 6 } -- Mobile Node Discovery Group Counter mnSolicitationsSent OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Solicitation sent by the mobile node." ::= { mnDiscovery 3 } mnAdvertisementsReceived OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of advertisements received by the mobile node." ::= { mnDiscovery 4 } mnAdvsDroppedInvalidExtension OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of advertisements dropped by the mobile node due to both poorly formed extensions and unrecognized extensions with extension number in the range 0-127." ::= { mnDiscovery 5 } mnAdvsIgnoredUnknownExtension OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of unrecognized extensions in the range 128-255 that were ignored by the mobile node." ::= { mnDiscovery 6 } mnMoveFromHAToFA OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only Rathi [Page 21] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 STATUS current DESCRIPTION "Number of times that the mobile node has decided to move from its home network to a foreign network." ::= { mnDiscovery 7 } mnMoveFromFAToFA OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of times that the mobile node has decided to move from one foreign network to another foreign network." ::= { mnDiscovery 8 } mnMoveFromFAToHA OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of times that the mobile node has decided to move from a foreign network to its home network." ::= { mnDiscovery 9 } mnGratuitousARPsSend OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Gratuitous ARPs sent by mobile node in order to clear out any stale ARP entries in the ARP caches of nodes on the home network." ::= { mnDiscovery 10 } mnAgentRebootsDectected OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of agent reboots detected by the mobile node through sequence number of the advertisement." ::= { mnDiscovery 11 } -- Mobile Node Registration Group -- Registration table of mobile node Rathi [Page 22] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 mnRegistrationTable OBJECT-TYPE SYNTAX SEQUENCE OF MnRegistrationEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing information about the mobile node's attempted registration(s). The mobile node updates this table based upon Registration Requests sent and Registration Replies received in response to these requests. Certain variables within this table are also updated if when Registration Requests are retransmitted." ::= { mnRegistration 1 } mnRegistrationEntry OBJECT-TYPE SYNTAX MnRegistrationEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information about one registration attempt." INDEX { mnRegAgentAddress, mnRegCOA} ::= { mnRegistrationTable 1 } MnRegistrationEntry ::= SEQUENCE { mnRegAgentAddress IpAddress, mnRegCOA IpAddress, mnRegFlags RegistrationFlags, mnRegIDLow Unsigned32, mnRegIDHigh Unsigned32, mnRegTimeRequested Unsigned32, mnRegTimeRemaining Gauge32, mnRegTimeSent TimeStamp, mnRegIsAccepted TruthValue, mnCOAIsLocal TruthValue, mnRegDeliveryStyle MipDeliveryStyle } mnRegAgentAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "IP address of the agent as used in the destination IP address of the Registration Request. The agent may be a home agent or a foreign agent." ::= { mnRegistrationEntry 1 } Rathi [Page 23] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 mnRegCOA OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Care-of address for the registration." ::= { mnRegistrationEntry 2 } mnRegFlags OBJECT-TYPE SYNTAX RegistrationFlags MAX-ACCESS read-only STATUS current DESCRIPTION "Registration flags sent by the mobile node. It is the second byte in the Mobile IP Registration Request message." ::= { mnRegistrationEntry 3 } mnRegIDLow OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Low-order 32 bits of the Identification used in that registration by the mobile node." ::= { mnRegistrationEntry 4 } mnRegIDHigh OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "High-order 32 bits of the Identification used in that registration by the mobile node." ::= { mnRegistrationEntry 5 } mnRegTimeRequested OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "If the registration is pending, then this is the lifetime requested by the mobile node (in seconds). If the registration has been accepted, then this is the lifetime actually granted by the home agent in the reply." ::= { mnRegistrationEntry 6 } Rathi [Page 24] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 mnRegTimeRemaining OBJECT-TYPE SYNTAX Gauge32 UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of seconds remaining until this registration expires. It has the same initial value as mnRegTimeRequested and is only valid if mnRegIsAccepted is TRUE." ::= { mnRegistrationEntry 7 } mnRegTimeSent OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The time when the last (re-)transmission occurred." ::= { mnRegistrationEntry 8 } mnRegIsAccepted OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "true(1) if the mobile node has received a Registration Reply indicating that service has been accepted; false(2) otherwise. false(2) implies that the registration is still pending." ::= { mnRegistrationEntry 9 } mnCOAIsLocal OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "Whether the COA is local to (dynamically acquired by) the mobile node or not. If it is false(2), the COA is an address of the foreign agent." ::= { mnRegistrationEntry 10 } mnRegDeliveryStyle OBJECT-TYPE SYNTAX MipDeliveryStyle MAX-ACCESS read-only STATUS current DESCRIPTION "Delivery style requested by the mobile node in the registration request. If mobile node is operating with a co-located care-of address i.e. when mnCOAIsLocal is true(1), this object should not be instantiated." Rathi [Page 25] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 DEFVAL { direct } ::= { mnRegistrationEntry 11 } -- Mobile Node Registration Group Counters mnRegRequestsSent OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of registration requests sent by the mobile node. This does not include deregistrations (those with Lifetime equal to zero)." ::= { mnRegistration 2 } mnDeRegRequestsSent OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of deregistration requests sent by the mobile node (those with Lifetime equal to zero)." ::= { mnRegistration 3 } mnRegRepliesRecieved OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of registration replies received by the mobile node in which the Lifetime is greater than zero." ::= { mnRegistration 4 } mnDeRegRepliesRecieved OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of (de)registration replies received by the mobile node in which the Lifetime is equal to zero." ::= { mnRegistration 5 } mnRepliesInvalidHomeAddress OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current Rathi [Page 26] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 DESCRIPTION "Total number of replies with invalid home address for the mobile node." ::= { mnRegistration 6 } mnRepliesUnknownHA OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of replies with unknown home agents (not in home agent table)." ::= { mnRegistration 7 } mnRepliesUnknownFA OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of replies with unknown foreign agents if replies relayed through foreign agent." ::= { mnRegistration 8 } mnRepliesInvalidID OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of replies with invalid Identification fields." ::= { mnRegistration 9 } mnRepliesDroppedInvalidExtension OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Replies dropped by the mobile node due to both poorly formed extensions and unrecognized extensions with extension number in the range 0-127." ::= { mnRegistration 10 } mnRepliesIgnoredUnknownExtension OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current Rathi [Page 27] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 DESCRIPTION "Total number of Registration Replies that contained one or more unrecognized extensions in the range 128-255 that were ignored by the mobile node." ::= { mnRegistration 11 } mnRepliesHAAuthenticationFailure OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of replies without a valid Home Agent to Mobile Node authenticator." ::= { mnRegistration 12 } mnRepliesFAAuthenticationFailure OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of replies without a valid Foreign Agent to Mobile Node authenticator." ::= { mnRegistration 13 } mnRegRequestsAccepted OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of registration requests accepted by the mobile node's home agent (Code 0 and Code 1)." ::= { mnRegistration 14 } mnRegRequestsDeniedByHA OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of registration requests denied by mobile node's home agent (Sum of Code 128 through Code 191)." ::= { mnRegistration 15 } mnRegRequestsDeniedByFA OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current Rathi [Page 28] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 DESCRIPTION "Total number of registration requests denied by the foreign agent (Sum of Codes 64 through Code 127)." ::= { mnRegistration 16 } mnRegRequestsDeniedByHADueToID OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Request denied by home agent due to identification mismatch." ::= { mnRegistration 17 } mnRegRequestsWithDirectedBroadcast OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests sent by mobile node with a directed broadcast address in the home agent field." ::= { mnRegistration 18 } -- MA Advertisement Group -- MA Advertisement Group Counters maAdvertisementsSent OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of advertisements sent by the mobility agent." ::= { maAdvertisement 2 } maAdvsSentForSolicitation OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of advertisements sent by mobility agent in response to mobile node solicitations." ::= { maAdvertisement 3 } maSolicitationsReceived OBJECT-TYPE SYNTAX Counter32 Rathi [Page 29] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of solicitations received by the mobility agent." ::= { maAdvertisement 4 } -- Mobility agent advertisement configuration table maAdvertConfTable OBJECT-TYPE SYNTAX SEQUENCE OF MaAdvertConfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing configurable advertisement parameters for all advertisement interfaces in the mobility agent." ::= { maAdvertisement 5 } maAdvertConfEntry OBJECT-TYPE SYNTAX MaAdvertConfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Advertisement parameters for one advertisement interface." INDEX { maAdvertIfIndex } ::= { maAdvertConfTable 1 } MaAdvertConfEntry ::= SEQUENCE { maAdvertIfIndex Integer32, maAdvertMaxRegLifetime Integer32, maAdvertPrefixLengthInclusion TruthValue, maAdvertAddress IpAddress, maAdvertMaxInterval Integer32, maAdvertMinInterval Integer32, maAdvertMaxAdvLifetime Integer32, maAdvertResponseSolicitationOnly TruthValue, maAdvertService BITS, maAdvertStatus RowStatus } maAdvertIfIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "The ifIndex value from Interfaces table of MIB II for advertisement interface." ::= { maAdvertConfEntry 1 } Rathi [Page 30] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 maAdvertMaxRegLifetime OBJECT-TYPE SYNTAX Integer32 (1..65535) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The longest lifetime in seconds that mobility agent is willing to accept in any Registration Request." ::= { maAdvertConfEntry 2 } maAdvertPrefixLengthInclusion OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Whether the advertisement should include the Prefix- Lengths Extension. If it is true, all advertisements sent over this interface should include the Prefix-Lengths Extension." ::= { maAdvertConfEntry 3 } maAdvertAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The IP destination address to be used for advertisements sent from the interface. The only permissible values are the all-systems multicast address (224.0.0.1) or the limited-broadcast address (255.255.255.255)." REFERENCE "AdvertisementAddress in RFC1256." ::= { maAdvertConfEntry 4 } maAdvertMaxInterval OBJECT-TYPE SYNTAX Integer32 (4..1800) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The maximum time in seconds between successive transmissions of Agent Advertisements from this interface." REFERENCE "MaxAdvertisementInterval in RFC1256." ::= { maAdvertConfEntry 5 } maAdvertMinInterval OBJECT-TYPE SYNTAX Integer32 (3..1800) Rathi [Page 31] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The minimum time in seconds between successive transmissions of Agent Advertisements from this interface." REFERENCE "MinAdvertisementInterval in RFC1256." ::= { maAdvertConfEntry 6 } maAdvertMaxAdvLifetime OBJECT-TYPE SYNTAX Integer32 (4..9000) UNITS "seconds" MAX-ACCESS read-create STATUS current DESCRIPTION "The time (in seconds) to be placed in the Lifetime field of the RFC 1256-portion of the Agent Advertisements sent over this interface." REFERENCE "AdvertisementLifetime in RFC1256." ::= { maAdvertConfEntry 7 } maAdvertResponseSolicitationOnly OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "The flag indicates whether the advertisement from that interface should be sent only in response to an Agent Solicitation message." DEFVAL { false } ::= { maAdvertConfEntry 8 } maAdvertService OBJECT-TYPE SYNTAX BITS { foreignAgent(0), homeAgent(1) } MAX-ACCESS read-create STATUS current DESCRIPTION "Indicates which mobility services are offered on this interface." ::= { maAdvertConfEntry 9 } maAdvertStatus OBJECT-TYPE SYNTAX RowStatus Rathi [Page 32] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 MAX-ACCESS read-create STATUS current DESCRIPTION "The row status for the agent advertisement table. If this column status is 'active', the manager should not change any column in the row." ::= { maAdvertConfEntry 10 } -- Foreign Agent Group -- Foreign Agent System Group faCOATable OBJECT-TYPE SYNTAX SEQUENCE OF FaCOAEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing all of the care-of addresses (COAs) supported by the foreign agent. New entries can be added to the table. The order of entries in the faCOATAble is also the order in which the COAs are listed in the Agent Advertisement." ::= { faSystem 1 } faCOAEntry OBJECT-TYPE SYNTAX FaCOAEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Entry of COA" INDEX { faSupportedCOA } ::= { faCOATable 1 } FaCOAEntry ::= SEQUENCE { faSupportedCOA IpAddress, faCOAStatus RowStatus } faSupportedCOA OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "Care-of-address supported by this foreign agent." ::= { faCOAEntry 1 } Rathi [Page 33] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 faCOAStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The row status for COA entry." ::= { faCOAEntry 2 } -- Foreign Agent Advertisement Group -- FA needs to implement MA Advertisement Group plus that group -- Foreign agent advertisement configuration table. faAdvertConfTable OBJECT-TYPE SYNTAX SEQUENCE OF FaAdvertConfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing additional configurable advertisement parameters beyond that provided by maAdvertConfTable for all advertisement interfaces in the foreign agent." ::= { faAdvertisement 3 } faAdvertConfEntry OBJECT-TYPE SYNTAX FaAdvertConfEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Additional advertisement parameters beyond that provided by maAdvertConfEntry for one advertisement interface." INDEX { maAdvertIfIndex } ::= { faAdvertConfTable 1 } FaAdvertConfEntry ::= SEQUENCE { faAdvertIsBusy TruthValue, faAdvertRegRequired TruthValue, faAdvertChallengeWindow Integer32 } faAdvertIsBusy OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "If true(1), the agent is busy and any Agent advertisements sent from the agent on this interface should have the 'B' bit set to 1." ::= { faAdvertConfEntry 1 } Rathi [Page 34] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 faAdvertRegRequired OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "If true(1), registration is required and any Agent Advertisements sent from the agent on this interface should have the 'R' bit set to 1." ::= { faAdvertConfEntry 2 } faAdvertChallengeWindow OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the number of last challenge values which can be used by mobile node in the registration request sent to the foreign agent on this interface." REFERENCE "RFC3012 - Mobile IPv4 Challenge/Response Extensions" DEFVAL { 2 } ::= { faAdvertConfEntry 3 } -- Foreign Agent Registration Group -- Foreign Agent Registration Group Counters faRegRequestsReceived OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of valid Registration Requests received." ::= { faRegistration 2 } faRegRequestsRelayed OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests relayed to home agent by foreign agent." ::= { faRegistration 3 } faReasonUnspecified OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only Rathi [Page 35] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 STATUS current DESCRIPTION "Total number of Registration Requests denied by foreign agent -- reason unspecified (Code 64)." ::= { faRegistration 4 } faAdmProhibited OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by foreign agent -- administratively prohibited (Code 65)." ::= { faRegistration 5 } faInsufficientResource OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by foreign agent -- insufficient resources (Code 66)." ::= { faRegistration 6 } faMNAuthenticationFailure OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by foreign agent -- mobile node failed authentication (Code 67)." ::= { faRegistration 7 } faRegLifetimeTooLong OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by foreign agent -- requested lifetime too long (Code 69)." ::= { faRegistration 8 } faPoorlyFormedRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current Rathi [Page 36] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 DESCRIPTION "Total number of Registration Requests denied by foreign agent -- poorly formed request (Code 70)." ::= { faRegistration 9 } faEncapsulationUnavailable OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by foreign agent -- requested encapsulation unavailable (Code 72)." ::= { faRegistration 10 } faHAUnreachable OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by foreign agent -- home agent unreachable (Codes 80-95)." ::= { faRegistration 12 } faRegRepliesRecieved OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of well-formed Registration Replies received by foreign agent." ::= { faRegistration 13 } faRegRepliesRelayed OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of valid Registration Replies relayed to the mobile node by foreign agent." ::= { faRegistration 14 } faHAAuthenticationFailure OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION Rathi [Page 37] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 "Total number of Registration Replies denied by foreign agent -- home agent failed authentication (Code 68)." ::= { faRegistration 15 } faPoorlyFormedReplies OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Replies denied by foreign agent -- poorly formed reply (Code 71)." ::= { faRegistration 16 } faReverseTunnelUnavailable OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by foreign agent -- requested reverse tunnel unavailable (Code 74)." REFERENCE "RFC3024 - Reverse Tunneling for Mobile IP" ::= { faRegistration 17 } faReverseTunnelBitNotSet OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by foreign agent -- reverse tunnel is mandatory and 'T' bit not set (Code 75)." REFERENCE "RFC3024 - Reverse Tunneling for Mobile IP" ::= { faRegistration 18 } faMnTooDistant OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by foreign agent -- mobile node too distant (Code 76)." REFERENCE "RFC3024 - Reverse Tunneling for Mobile IP" ::= { faRegistration 19 } Rathi [Page 38] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 faDeliveryStyleUnsupported OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by foreign agent -- delivery style not supported (Code 79)." REFERENCE "RFC3024 - Reverse Tunneling for Mobile IP" ::= { faRegistration 20 } faNonZeroHomeAddressRequired OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by foreign agent -- non zero home address is required (Code 96)." REFERENCE "RFC2794 - Mobile IP Network Access Identifier Extension for IPv4" ::= { faRegistration 21 } faUnknownChallenge OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by foreign agent -- challenge was unknown (code 104)." REFERENCE "RFC3012 - Mobile IPv4 Challenge/Response Extensions" ::= { faRegistration 22 } faMissingChallenge OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by foreign agent -- challenge was missing (code 105)." REFERENCE "RFC3012 - Mobile IPv4 Challenge/Response Extensions" ::= { faRegistration 23 } faStaleChallenge OBJECT-TYPE SYNTAX Counter32 Rathi [Page 39] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by foreign agent -- challenge was stale (code 106)." REFERENCE "RFC3012 - Mobile IPv4 Challenge/Response Extensions" ::= { faRegistration 24 } faCvsesFromMnUnsupported OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by foreign agent -- Unsupported Vendor-ID or unable to interpret Vendor-CVSE-Type in the CVSE sent by the mobile node to the foreign agent (code 100)." REFERENCE "RFC3025 - Mobile IP Vendor/Organization-Specific Extensions" ::= { faRegistration 25 } faCvsesFromHaUnsupported OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Replies denied by foreign agent -- Unsupported Vendor-ID or unable to interpret Vendor-CVSE-Type in the CVSE sent by the home agent to the foreign agent (code 101)." REFERENCE "RFC3025 - Mobile IP Vendor/Organization-Specific Extensions" ::= { faRegistration 26 } faNvsesFromMnIgnored OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests which contained one or more NVSEs from the mobile node that were ignored by the foreign agent." REFERENCE "RFC3025 - Mobile IP Vendor/Organization-Specific Extensions" ::= { faRegistration 27 } Rathi [Page 40] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 faNvsesFromHaIgnored OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Replies which contained one or more NVSEs from the home agent that were ignored by the foreign agent." REFERENCE "RFC3025 - Mobile IP Vendor/Organization-Specific Extensions" ::= { faRegistration 28 } faRegVisitorCount OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The current number of entries in faRegVisitorTable." ::= { faRegistration 29 } -- Foreign Agent Visitors List faRegVisitorTable OBJECT-TYPE SYNTAX SEQUENCE OF FaRegVisitorEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing the foreign agent's visitor list. The foreign agent updates this table in response to registration events from mobile nodes." ::= { faRegistration 30 } faRegVisitorEntry OBJECT-TYPE SYNTAX FaRegVisitorEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information for one visitor." INDEX { faRegVisitorIdType, faRegVisitorId } ::= { faRegVisitorTable 1 } FaRegVisitorEntry ::= SEQUENCE { faRegVisitorIdType MipEntityIdentifierType, faRegVisitorId MipEntityIdentifier, faRegVisitorHomeAddress IpAddress, faRegVisitorHomeAgentAddress IpAddress, faRegVisitorTimeGranted Integer32, faRegVisitorTimeRemaining Gauge32, Rathi [Page 41] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 faRegVisitorRegFlags RegistrationFlags, faRegVisitorRegIDLow Unsigned32, faRegVisitorRegIDHigh Unsigned32, faRegVisitorRegIsAccepted TruthValue, faRegVisitorDeliveryStyle MipDeliveryStyle } faRegVisitorIdType OBJECT-TYPE SYNTAX MipEntityIdentifierType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The type of the visitor's identifier." ::= { faRegVisitorEntry 1 } faRegVisitorId OBJECT-TYPE SYNTAX MipEntityIdentifier MAX-ACCESS not-accessible STATUS current DESCRIPTION "The identifier of the visitor." ::= { faRegVisitorEntry 2 } faRegVisitorHomeAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Home (IP) address of visiting mobile node." ::= { faRegVisitorEntry 3 } faRegVisitorHomeAgentAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Home agent IP address for that visiting mobile node." ::= { faRegVisitorEntry 4 } faRegVisitorTimeGranted OBJECT-TYPE SYNTAX Integer32 UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The lifetime in seconds granted to the mobile node for this registration. Only valid if faRegVisitorRegIsAccepted is true(1)." Rathi [Page 42] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 ::= { faRegVisitorEntry 5 } faRegVisitorTimeRemaining OBJECT-TYPE SYNTAX Gauge32 UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of seconds remaining until the registration is expired. It has the same initial value as faRegVisitorTimeGranted, and is counted down by the foreign agent." ::= { faRegVisitorEntry 6 } faRegVisitorRegFlags OBJECT-TYPE SYNTAX RegistrationFlags MAX-ACCESS read-only STATUS current DESCRIPTION "Registration flags sent by mobile node." ::= { faRegVisitorEntry 7 } faRegVisitorRegIDLow OBJECT-TYPE SYNTAX Unsigned32 (0..4294967295) MAX-ACCESS read-only STATUS current DESCRIPTION "Low 32 bits of Identification used in that registration by the mobile node." ::= { faRegVisitorEntry 8 } faRegVisitorRegIDHigh OBJECT-TYPE SYNTAX Unsigned32 (0..4294967295) MAX-ACCESS read-only STATUS current DESCRIPTION "High 32 bits of Identification used in that registration by the mobile node." ::= { faRegVisitorEntry 9 } faRegVisitorRegIsAccepted OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "Whether the registration has been accepted or not. If it is false(2), this registration is still pending for reply." ::= { faRegVisitorEntry 10 } Rathi [Page 43] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 faRegVisitorDeliveryStyle OBJECT-TYPE SYNTAX MipDeliveryStyle MAX-ACCESS read-only STATUS current DESCRIPTION "Delivery style requested by the mobile node in its registration request." DEFVAL { direct } ::= { faRegVisitorEntry 11 } -- Home Agent Group -- Home Agent Registration Group -- Home agent mobility binding list haMobilityBindingTable OBJECT-TYPE SYNTAX SEQUENCE OF HaMobilityBindingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing the home agent's mobility binding list. The home agent updates this table in response to registration events from mobile nodes." ::= { haRegistration 1 } haMobilityBindingEntry OBJECT-TYPE SYNTAX HaMobilityBindingEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry on the mobility binding list." INDEX { haMobilityBindingMN, haMobilityBindingCOA } ::= { haMobilityBindingTable 1 } HaMobilityBindingEntry ::= SEQUENCE { haMobilityBindingMN IpAddress, haMobilityBindingCOA IpAddress, haMobilityBindingSourceAddress IpAddress, haMobilityBindingRegFlags RegistrationFlags, haMobilityBindingRegIDLow Unsigned32, haMobilityBindingRegIDHigh Unsigned32, haMobilityBindingTimeGranted Unsigned32, haMobilityBindingTimeRemaining Gauge32, haMobilityBindingMnIdType MipEntityIdentifierType, haMobilityBindingMnId MipEntityIdentifier } Rathi [Page 44] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 haMobilityBindingMN OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Mobile node's home (IP) address." ::= { haMobilityBindingEntry 1 } haMobilityBindingCOA OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Mobile node's care-of-address. One mobile node can have multiple bindings with different care-of-addresses." ::= { haMobilityBindingEntry 2 } haMobilityBindingSourceAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "IP source address of the Registration Request as received by the home agent. Will be either a mobile node's co-located care-of address or an address of the foreign agent." ::= { haMobilityBindingEntry 3 } haMobilityBindingRegFlags OBJECT-TYPE SYNTAX RegistrationFlags MAX-ACCESS read-only STATUS current DESCRIPTION "Registration flags sent by mobile node." ::= { haMobilityBindingEntry 4 } haMobilityBindingRegIDLow OBJECT-TYPE SYNTAX Unsigned32 (0..4294967295) MAX-ACCESS read-only STATUS current DESCRIPTION "Low 32 bits of Identification used in that binding by the mobile node." ::= { haMobilityBindingEntry 5 } haMobilityBindingRegIDHigh OBJECT-TYPE SYNTAX Unsigned32 (0..4294967295) Rathi [Page 45] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 MAX-ACCESS read-only STATUS current DESCRIPTION "High 32 bits of Identification used in that binding by the mobile node." ::= { haMobilityBindingEntry 6 } haMobilityBindingTimeGranted OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The lifetime in seconds granted to the mobile node for this registration." ::= { haMobilityBindingEntry 7 } haMobilityBindingTimeRemaining OBJECT-TYPE SYNTAX Gauge32 UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of seconds remaining until the registration is expired. It has the same initial value as haMobilityBindingTimeGranted, and is counted down by the home agent." ::= { haMobilityBindingEntry 8 } haMobilityBindingMnIdType OBJECT-TYPE SYNTAX MipEntityIdentifierType MAX-ACCESS read-only STATUS current DESCRIPTION "The type of the mobile node's identifier." ::= { haMobilityBindingEntry 9 } haMobilityBindingMnId OBJECT-TYPE SYNTAX MipEntityIdentifier MAX-ACCESS read-only STATUS current DESCRIPTION "The identifier of the mobile node." ::= { haMobilityBindingEntry 10 } -- Home Agent Registration Group Counters -- Home agent registration Counters for all mobile nodes. Rathi [Page 46] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 haRegistrationAccepted OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests accepted by home agent (Code 0)." ::= { haRegistration 3 } haMultiBindingUnsupported OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests accepted by home agent -- simultaneous mobility bindings unsupported (Code 1)." ::= { haRegistration 4 } haReasonUnspecified OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by home agent -- reason unspecified (Code 128)." ::= { haRegistration 5 } haAdmProhibited OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by home agent -- administratively prohibited (Code 129)." ::= { haRegistration 6 } haInsufficientResource OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by home agent -- insufficient resources (Code 130)." ::= { haRegistration 7 } haMNAuthenticationFailure OBJECT-TYPE SYNTAX Counter32 Rathi [Page 47] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by home agent -- mobile node failed authentication (Code 131)." ::= { haRegistration 8 } haFAAuthenticationFailure OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by home agent -- foreign agent failed authentication (Code 132)." ::= { haRegistration 9 } haIDMismatch OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by home agent -- Identification mismatch (Code 133)." ::= { haRegistration 10 } haPoorlyFormedRequest OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by home agent -- poorly formed request (Code 134)." ::= { haRegistration 11 } haTooManyBindings OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by home agent -- too many simultaneous mobility bindings (Code 135)." ::= { haRegistration 12 } haUnknownHA OBJECT-TYPE SYNTAX Counter32 Rathi [Page 48] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by home agent -- unknown home agent address (Code 136)." ::= { haRegistration 13 } haGratuitiousARPsSent OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of gratuition ARPs sent by the home agent on behalf of mobile nodes." ::= { haRegistration 14 } haProxyARPsSent OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of proxy ARPs sent by the home agent on behalf of mobile nodes." ::= { haRegistration 15 } haRegRequestsReceived OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests received by home agent." ::= { haRegistration 16 } haDeRegRequestsReceived OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests received by the home agent with a Lifetime of zero (requests to deregister)." ::= { haRegistration 17 } haRegRepliesSent OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current Rathi [Page 49] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 DESCRIPTION "Total number of Registration Replies sent by the home agent." ::= { haRegistration 18 } haDeRegRepliesSent OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Replies sent by the home agent in response to requests to deregister." ::= { haRegistration 19 } haReverseTunnelUnavailable OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by the home agent -- requested reverse tunnel unavailable (Code 137)." REFERENCE "RFC3024 - Reverse Tunneling for Mobile IP" ::= { haRegistration 20 } haReverseTunnelBitNotSet OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by the home agent -- reverse tunnel is mandatory and 'T' bit not set (Code 138)." REFERENCE "RFC3024 - Reverse Tunneling for Mobile IP" ::= { haRegistration 21 } haEncapsulationUnavailable OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by the home agent -- requested encapsulation unavailable (Code 72)." REFERENCE "RFC3024 - Reverse Tunneling for Mobile IP" Rathi [Page 50] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 ::= { haRegistration 22 } haCvsesFromMnUnsupported OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by the home agent -- Unsupported Vendor-ID or unable to interpret Vendor-CVSE-Type in the CVSE sent by the mobile node to the home agent (code 140)." REFERENCE "RFC3025 - Mobile IP Vendor/Organization-Specific Extensions" ::= { haRegistration 23 } haCvsesFromFaUnsupported OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests denied by the home agent -- Unsupported Vendor-ID or unable to interpret Vendor-CVSE-Type in the CVSE sent by the foreign agent to the home agent (code 141)." REFERENCE "RFC3025 - Mobile IP Vendor/Organization-Specific Extensions" ::= { haRegistration 24 } haNvsesFromMnIgnored OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests which contained one or more NVSEs from the mobile node that were ignored by the home agent." REFERENCE "RFC3025 - Mobile IP Vendor/Organization-Specific Extensions" ::= { haRegistration 25 } haNvsesFromFaIgnored OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of Registration Requests which contained one or more NVSEs from the foreign agent that were ignored by the home agent." REFERENCE "RFC3025 - Mobile IP Vendor/Organization-Specific Extensions" ::= { haRegistration 26 } haRegMobilityBindingCount OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The current number of entries in haMobilityBindingTable." ::= { haRegistration 27 } -- Home agent registration Counters per node haRegCounterTable OBJECT-TYPE SYNTAX SEQUENCE OF HaRegCounterEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table containing registration statistics for all mobile nodes authorized to use this home agent." ::= { haRegistration 28 } haRegCounterEntry OBJECT-TYPE SYNTAX HaRegCounterEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Registration statistics for one mobile node." INDEX { haMobilityBindingMnIdType, haMobilityBindingMnId } ::= { haRegCounterTable 1 } HaRegCounterEntry ::= SEQUENCE { haRegServiceRequestsAccepted Counter32, haRegServiceRequestsDenied Counter32, haRegOverallServiceTime Gauge32, haRegRecentServiceAcceptedTime TimeStamp, haRegRecentServiceDeniedTime TimeStamp, haRegRecentServiceDeniedCode INTEGER } haRegServiceRequestsAccepted OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of service requests for the mobile node accepted by the home agent (Code 0 + Code 1)." ::= { haRegCounterEntry 1 } haRegServiceRequestsDenied OBJECT-TYPE SYNTAX Counter32 Rathi [Page 51] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 MAX-ACCESS read-only STATUS current DESCRIPTION "Total number of service requests for the mobile node denied by the home agent (sum of all registrations denied with Code 128 through Code 159)." ::= { haRegCounterEntry 2 } haRegOverallServiceTime OBJECT-TYPE SYNTAX Gauge32 UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "Overall service time (in seconds) that has accumulated for the mobile node since the home agent last rebooted." ::= { haRegCounterEntry 3 } haRegRecentServiceAcceptedTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The time at which the most recent Registration Request was accepted by the home agent for this mobile node." ::= { haRegCounterEntry 4 } haRegRecentServiceDeniedTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The time at which the most recent Registration Request was denied by the home agent for this mobile node." ::= { haRegCounterEntry 5 } haRegRecentServiceDeniedCode OBJECT-TYPE SYNTAX INTEGER { reasonUnspecified(128), admProhibited(129), insufficientResource(130), mnAuthenticationFailure(131), faAuthenticationFailure(132), idMismatch(133), poorlyFormedRequest(134), Rathi [Page 52] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 tooManyBindings(135), unknownHA(136), reverseTunnelUnavailable(137), reverseTunnelBitNotSet(138), encapsulationUnavailable(139), mnCvseUnsupported(140), faCvseUnsupported(141) } MAX-ACCESS read-only STATUS current DESCRIPTION "The Code indicating the reason why the most recent Registration Request for this mobile node was rejected by the home agent." ::= { haRegCounterEntry 6 } mipMIBNotificationPrefix OBJECT IDENTIFIER ::= { mipMIB 2 } mipMIBNotifications OBJECT IDENTIFIER ::= { mipMIBNotificationPrefix 0 } mipAuthFailure2 NOTIFICATION-TYPE OBJECTS { mipSecurityRecentViolationSPI, mipSecurityRecentViolationIDLow, mipSecurityRecentViolationIDHigh, mipSecurityRecentViolationReason } STATUS current DESCRIPTION "The mipAuthFailure2 indicates that the Mobile IP entity has an authentication failure when it validates the mobile Registration Request or Reply." ::= { mipMIBNotifications 2 } mipMIBConformance OBJECT IDENTIFIER ::= { mipMIB 3 } mipGroups OBJECT IDENTIFIER ::= { mipMIBConformance 1 } mipCompliances OBJECT IDENTIFIER ::= { mipMIBConformance 2 } -- compliance statements mipCompliance2 MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for SNMPv2 entities which implement the Mobile IP MIB." MODULE Rathi [Page 53] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 MANDATORY-GROUPS { mipSystemGroup } GROUP mipSecAssociationGroup2 DESCRIPTION "This group is mandatory for Mobile IP entities (MN, FA, and HA) which support security associations. Mobile Nodes and Home Agents must implement this group. Foreign Agents must implement this group if they maintain any security associations." GROUP mipSecViolationGroup2 DESCRIPTION "This group is mandatory for Mobile IP entities (MN, FA, and HA) that can log security violations." GROUP mnSystemGroup2 DESCRIPTION "This group is mandatory for mobile node." GROUP mnDiscoveryGroup DESCRIPTION "This group is mandatory for mobile nodes which implement the Agent Discovery function." GROUP mnRegistrationGroup2 DESCRIPTION "This group is mandatory for mobile nodes." GROUP maAdvertisementGroup2 DESCRIPTION "This group is mandatory for the mobility agents (HA and FA) since they must implement Agent Advertisement." GROUP faSystemGroup DESCRIPTION "This group is mandatory for foreign agents." GROUP faAdvertisementGroup2 DESCRIPTION "This group is mandatory for foreign agents." GROUP faRegistrationGroup2 DESCRIPTION "This group is mandatory for foreign agents." GROUP haRegistrationGroup2 DESCRIPTION Rathi [Page 54] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 "This group is mandatory for home agents." GROUP haRegNodeCountersGroup2 DESCRIPTION "This group is mandatory for home agents which log registration counters for each individual mobile node." GROUP mipSecNotificationsGroup2 DESCRIPTION "This group is mandatory for Mobile IP entities (MN, FA, and HA) that can report the security violations." ::= { mipCompliances 2 } -- Units of conformance mipSystemGroup OBJECT-GROUP OBJECTS { mipEntities, mipEnable, mipEncapsulationSupported } STATUS current DESCRIPTION "A collection of objects providing the basic Mobile IP entity's management information." ::= { mipGroups 1 } mnDiscoveryGroup OBJECT-GROUP OBJECTS { mnFAAddress, mnCOA, mnAdvSourceAddress, mnAdvSequence, mnAdvFlags, mnAdvMaxRegLifetime, mnAdvMaxAdvLifetime, mnAdvTimeReceived, mnSolicitationsSent, mnAdvertisementsReceived, mnAdvsDroppedInvalidExtension, mnAdvsIgnoredUnknownExtension, mnMoveFromHAToFA, mnMoveFromFAToFA, mnMoveFromFAToHA, mnGratuitousARPsSend, mnAgentRebootsDectected } STATUS current DESCRIPTION "A collection of objects providing management information for the Agent Discovery function within a mobile node." ::= { mipGroups 5 } faSystemGroup OBJECT-GROUP OBJECTS { faCOAStatus} STATUS current DESCRIPTION "A collection of objects providing the basic management information for foreign agents." ::= { mipGroups 8 } Rathi [Page 55] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 mipSecAssociationGroup2 OBJECT-GROUP OBJECTS { mipSecurityAlgorithmType, mipSecurityAlgorithmMode, mipSecurityKey, mipSecurityReplayMethod, mipSecurityReplayTime, mipSecurityStatus, mipSecurityAssocsCount } STATUS current DESCRIPTION "A collection of objects providing the management information for security associations of Mobile IP entities." ::= { mipGroups 14 } mipSecViolationGroup2 OBJECT-GROUP OBJECTS { mipSecTotalViolations, mipSecurityViolationCounter, mipSecurityRecentViolationSPI, mipSecurityRecentViolationTime, mipSecurityRecentViolationIDLow, mipSecurityRecentViolationIDHigh, mipSecurityRecentViolationReason } STATUS current DESCRIPTION "A collection of objects providing the management information for security violation logging of Mobile IP entities." ::= { mipGroups 15 } mnSystemGroup2 OBJECT-GROUP OBJECTS { mnState, mnCurrentHA, mnHomeAddress, mnHAStatus, mnIdentifierType, mnIdentifier } STATUS current DESCRIPTION "A collection of objects providing the basic management information for mobile nodes." ::= { mipGroups 16 } mnRegistrationGroup2 OBJECT-GROUP OBJECTS { mnRegAgentAddress, mnRegCOA, mnRegFlags, mnRegIDLow, mnRegIDHigh, mnRegTimeRequested, mnRegTimeRemaining, mnRegTimeSent, mnRegIsAccepted, mnCOAIsLocal, mnRegDeliveryStyle, mnRegRequestsSent, mnRegRepliesRecieved, mnDeRegRequestsSent, mnDeRegRepliesRecieved, mnRepliesInvalidHomeAddress, mnRepliesUnknownHA, mnRepliesUnknownFA, mnRepliesInvalidID, mnRepliesDroppedInvalidExtension, mnRepliesIgnoredUnknownExtension, mnRepliesHAAuthenticationFailure, Rathi [Page 56] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 mnRepliesFAAuthenticationFailure, mnRegRequestsAccepted, mnRegRequestsDeniedByHA, mnRegRequestsDeniedByFA, mnRegRequestsDeniedByHADueToID, mnRegRequestsWithDirectedBroadcast } STATUS current DESCRIPTION "A collection of objects providing management information for the registration function within a mobile node." ::= { mipGroups 17 } maAdvertisementGroup2 OBJECT-GROUP OBJECTS { maAdvertMaxRegLifetime, maAdvertPrefixLengthInclusion, maAdvertAddress, maAdvertMaxInterval, maAdvertMinInterval, maAdvertMaxAdvLifetime, maAdvertResponseSolicitationOnly, maAdvertService, maAdvertStatus, maAdvertisementsSent, maAdvsSentForSolicitation, maSolicitationsReceived } STATUS current DESCRIPTION "A collection of objects providing management information for the Agent Advertisement function within mobility agents." ::= { mipGroups 18 } faAdvertisementGroup2 OBJECT-GROUP OBJECTS { faAdvertIsBusy, faAdvertRegRequired, faAdvertChallengeWindow } STATUS current DESCRIPTION "A collection of objects providing supplemental management information for the Agent Advertisement function within a foreign agent." ::= { mipGroups 19 } faRegistrationGroup2 OBJECT-GROUP OBJECTS { faRegVisitorCount, faRegVisitorHomeAddress, faRegVisitorHomeAgentAddress, faRegVisitorTimeGranted, faRegVisitorTimeRemaining, faRegVisitorRegFlags, faRegVisitorRegIDLow, faRegVisitorRegIDHigh, faRegVisitorRegIsAccepted, faRegVisitorDeliveryStyle, faRegRequestsReceived, Rathi [Page 57] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 faRegRequestsRelayed, faReasonUnspecified, faAdmProhibited, faInsufficientResource, faMNAuthenticationFailure, faRegLifetimeTooLong, faPoorlyFormedRequests, faEncapsulationUnavailable, faHAUnreachable, faRegRepliesRecieved, faRegRepliesRelayed, faHAAuthenticationFailure, faPoorlyFormedReplies, faReverseTunnelUnavailable, faReverseTunnelBitNotSet, faMnTooDistant, faDeliveryStyleUnsupported, faNonZeroHomeAddressRequired, faUnknownChallenge, faMissingChallenge, faStaleChallenge, faCvsesFromMnUnsupported, faCvsesFromHaUnsupported, faNvsesFromMnIgnored, faNvsesFromHaIgnored } STATUS current DESCRIPTION "A collection of objects providing management information for the registration function within a foreign agent." ::= { mipGroups 20 } haRegistrationGroup2 OBJECT-GROUP OBJECTS { haMobilityBindingMN, haMobilityBindingCOA, haMobilityBindingSourceAddress, haMobilityBindingRegFlags, haMobilityBindingRegIDLow, haMobilityBindingRegIDHigh, haMobilityBindingTimeGranted, haMobilityBindingTimeRemaining, haMobilityBindingMnIdType, haMobilityBindingMnId, haRegistrationAccepted, haMultiBindingUnsupported, haReasonUnspecified, haAdmProhibited, haInsufficientResource, haMNAuthenticationFailure, haFAAuthenticationFailure, haIDMismatch, haPoorlyFormedRequest, haTooManyBindings, haUnknownHA, haGratuitiousARPsSent, haProxyARPsSent, haRegRequestsReceived, haDeRegRequestsReceived, haRegRepliesSent, haDeRegRepliesSent, haReverseTunnelUnavailable, haReverseTunnelBitNotSet, haEncapsulationUnavailable, haCvsesFromMnUnsupported, haCvsesFromFaUnsupported, haRegMobilityBindingCount, haNvsesFromMnIgnored, haNvsesFromFaIgnored } STATUS current DESCRIPTION "A collection of objects providing management information for the registration function within a home agent." ::= { mipGroups 21 } Rathi [Page 58] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 haRegNodeCountersGroup2 OBJECT-GROUP OBJECTS { haRegServiceRequestsAccepted, haRegServiceRequestsDenied, haRegOverallServiceTime, haRegRecentServiceAcceptedTime, haRegRecentServiceDeniedTime, haRegRecentServiceDeniedCode } STATUS current DESCRIPTION "A collection of objects providing management information for counters related to the registration function within a home agent." ::= { mipGroups 22 } mipSecNotificationsGroup2 NOTIFICATION-GROUP NOTIFICATIONS { mipAuthFailure2 } STATUS current DESCRIPTION "The notification related to security violations." ::= { mipGroups 23 } -- Deprecated Definitions -- Deprecated objects -- Security group specific deprecated objects mipSecAssocTable OBJECT-TYPE SYNTAX SEQUENCE OF MipSecAssocEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "A table containing Mobility Security Associations." ::= { mipSecurity 1 } mipSecAssocEntry OBJECT-TYPE SYNTAX MipSecAssocEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "One particular Mobility Security Association." INDEX { mipSecPeerAddress, mipSecSPI } ::= { mipSecAssocTable 1 } MipSecAssocEntry ::= SEQUENCE { mipSecPeerAddress IpAddress, Rathi [Page 59] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 mipSecSPI Unsigned32, mipSecAlgorithmType INTEGER, mipSecAlgorithmMode INTEGER, mipSecKey OCTET STRING, mipSecReplayMethod INTEGER } mipSecPeerAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "The IP address of the peer entity with which this node shares the mobility security association." ::= { mipSecAssocEntry 1 } mipSecSPI OBJECT-TYPE SYNTAX Unsigned32 (0..4294967295) MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "The SPI is the 4-byte opaque index within the Mobility Security Association which selects the specific security parameters to be used to authenticate the peer, i.e. the rest of the variables in this MipSecAssocEntry." ::= { mipSecAssocEntry 2 } mipSecAlgorithmType OBJECT-TYPE SYNTAX INTEGER { other(1), md5(2) } MAX-ACCESS read-create STATUS deprecated DESCRIPTION "Type of security algorithm." ::= { mipSecAssocEntry 3 } mipSecAlgorithmMode OBJECT-TYPE SYNTAX INTEGER { other(1), prefixSuffix(2) } MAX-ACCESS read-create STATUS deprecated DESCRIPTION Rathi [Page 60] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 "Security mode used by this algorithm." ::= { mipSecAssocEntry 4 } mipSecKey OBJECT-TYPE SYNTAX OCTET STRING (SIZE(16)) MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The shared secret key for the security associations. Reading this object will always return zero length value." ::= { mipSecAssocEntry 5 } mipSecReplayMethod OBJECT-TYPE SYNTAX INTEGER { other(1), timestamps(2), nonces(3) } MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The replay-protection method supported for this SPI within this Mobility Security Association." ::= { mipSecAssocEntry 6 } -- Mobile IP security violation table mipSecViolationTable OBJECT-TYPE SYNTAX SEQUENCE OF MipSecViolationEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "A table containing information about security violations." ::= { mipSecurity 3 } mipSecViolationEntry OBJECT-TYPE SYNTAX MipSecViolationEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "Information about one particular security violation." INDEX { mipSecViolatorAddress } ::= { mipSecViolationTable 1 } MipSecViolationEntry ::= SEQUENCE { Rathi [Page 61] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 mipSecViolatorAddress IpAddress, mipSecViolationCounter Counter32, mipSecRecentViolationSPI Integer32, mipSecRecentViolationTime TimeStamp, mipSecRecentViolationIDLow Integer32, mipSecRecentViolationIDHigh Integer32, mipSecRecentViolationReason INTEGER } mipSecViolatorAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS accessible-for-notify STATUS deprecated DESCRIPTION "Violator's IP address. The violator is not necessary in the mipSecAssocTable." ::= { mipSecViolationEntry 1 } mipSecViolationCounter OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS deprecated DESCRIPTION "Total number of security violations for this peer." ::= { mipSecViolationEntry 2 } mipSecRecentViolationSPI OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS deprecated DESCRIPTION "SPI of the most recent security violation for this peer. If the security violation is due to an identification mismatch, then this is the SPI from the Mobile-Home Authentication Extension. If the security violation is due to an invalid authenticator, then this is the SPI from the offending authentication extension. In all other cases, it should be set to zero." ::= { mipSecViolationEntry 3 } mipSecRecentViolationTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS deprecated DESCRIPTION "Time of the most recent security violation for this peer." Rathi [Page 62] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 ::= { mipSecViolationEntry 4 } mipSecRecentViolationIDLow OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS deprecated DESCRIPTION "Low-order 32 bits of identification used in request or reply of the most recent security violation for this peer." ::= { mipSecViolationEntry 5 } mipSecRecentViolationIDHigh OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS deprecated DESCRIPTION "High-order 32 bits of identification used in request or reply of the most recent security violation for this peer." ::= { mipSecViolationEntry 6 } mipSecRecentViolationReason OBJECT-TYPE SYNTAX INTEGER { noMobilitySecurityAssociation(1), badAuthenticator(2), badIdentifier(3), badSPI(4), missingSecurityExtension(5), other(6) } MAX-ACCESS read-only STATUS deprecated DESCRIPTION "Reason for the most recent security violation for this peer." ::= { mipSecViolationEntry 7 } -- Mobility agent advertisement specific deprecated objects -- Mobility agent advertisement configuration table maAdvConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF MaAdvConfigEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION Rathi [Page 63] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 "A table containing configurable advertisement parameters for all advertisement interfaces in the mobility agent." ::= { maAdvertisement 1 } maAdvConfigEntry OBJECT-TYPE SYNTAX MaAdvConfigEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "Advertisement parameters for one advertisement interface." INDEX { maInterfaceAddress } ::= { maAdvConfigTable 1 } MaAdvConfigEntry ::= SEQUENCE { maInterfaceAddress IpAddress, maAdvMaxRegLifetime Integer32, maAdvPrefixLengthInclusion TruthValue, maAdvAddress IpAddress, maAdvMaxInterval Integer32, maAdvMinInterval Integer32, maAdvMaxAdvLifetime Integer32, maAdvResponseSolicitationOnly TruthValue, maAdvStatus RowStatus } maInterfaceAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "IP address for advertisement interface." ::= { maAdvConfigEntry 1 } maAdvMaxRegLifetime OBJECT-TYPE SYNTAX Integer32 (0..65535) UNITS "seconds" MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The longest lifetime in seconds that mobility agent is willing to accept in any Registration Request." ::= { maAdvConfigEntry 2 } maAdvPrefixLengthInclusion OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create Rathi [Page 64] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 STATUS deprecated DESCRIPTION "Whether the advertisement should include the Prefix- Lengths Extension. If it is true, all advertisements sent over this interface should include the Prefix-Lengths Extension." ::= { maAdvConfigEntry 3 } maAdvAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The IP destination address to be used for advertisements sent from the interface. The only permissible values are the all-systems multicast address (224.0.0.1) or the limited-broadcast address (255.255.255.255)." REFERENCE "AdvertisementAddress in RFC1256." ::= { maAdvConfigEntry 4 } maAdvMaxInterval OBJECT-TYPE SYNTAX Integer32 (4..1800) UNITS "seconds" MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The maximum time in seconds between successive transmissions of Agent Advertisements from this interface." REFERENCE "MaxAdvertisementInterval in RFC1256." ::= { maAdvConfigEntry 5 } maAdvMinInterval OBJECT-TYPE SYNTAX Integer32 (3..1800) UNITS "seconds" MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The minimum time in seconds between successive transmissions of Agent Advertisements from this interface." REFERENCE "MinAdvertisementInterval in RFC1256." ::= { maAdvConfigEntry 6 } Rathi [Page 65] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 maAdvMaxAdvLifetime OBJECT-TYPE SYNTAX Integer32 (4..9000) UNITS "seconds" MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The time (in seconds) to be placed in the Lifetime field of the RFC 1256-portion of the Agent Advertisements sent over this interface." REFERENCE "AdvertisementLifetime in RFC1256." ::= { maAdvConfigEntry 7 } maAdvResponseSolicitationOnly OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The flag indicates whether the advertisement from that interface should be sent only in response to an Agent Solicitation message." DEFVAL { false } ::= { maAdvConfigEntry 8 } maAdvStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS deprecated DESCRIPTION "The row status for the agent advertisement table. If this column status is 'active', the manager should not change any column in the row." ::= { maAdvConfigEntry 9 } -- Foreign agent specific deprecated objects faIsBusy OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS deprecated DESCRIPTION "Whether or not the foreign agent is too busy to accept additional registrations. If true(1), the agent is busy and any Agent advertisements sent from this agent should have the 'B' bit set to 1." ::= { faAdvertisement 1 } Rathi [Page 66] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 faRegistrationRequired OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS deprecated DESCRIPTION "Whether or not this foreign agent requires registration even from those mobile nodes that have acquired their own, colocated care-of address. If true(1), registration is required and any Agent Advertisements sent from this agent should have the 'R' bit set to 1." ::= { faAdvertisement 2 } -- Foreign Agent Visitors List faVisitorTable OBJECT-TYPE SYNTAX SEQUENCE OF FaVisitorEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "A table containing the foreign agent's visitor list. The foreign agent updates this table in response to registration events from mobile nodes." ::= { faRegistration 1 } faVisitorEntry OBJECT-TYPE SYNTAX FaVisitorEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "Information for one visitor." INDEX { faVisitorIPAddress } ::= { faVisitorTable 1 } FaVisitorEntry ::= SEQUENCE { faVisitorIPAddress IpAddress, faVisitorHomeAddress IpAddress, faVisitorHomeAgentAddress IpAddress, faVisitorTimeGranted Integer32, faVisitorTimeRemaining Gauge32, faVisitorRegFlags RegistrationFlags, faVisitorRegIDLow Integer32, faVisitorRegIDHigh Integer32, faVisitorRegIsAccepted TruthValue } faVisitorIPAddress OBJECT-TYPE SYNTAX IpAddress Rathi [Page 67] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 MAX-ACCESS read-only STATUS deprecated DESCRIPTION "Source IP address of visitor's Registration Request." ::= { faVisitorEntry 1 } faVisitorHomeAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS deprecated DESCRIPTION "Home (IP) address of visiting mobile node." ::= { faVisitorEntry 2 } faVisitorHomeAgentAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS deprecated DESCRIPTION "Home agent IP address for that visiting mobile node." ::= { faVisitorEntry 3 } faVisitorTimeGranted OBJECT-TYPE SYNTAX Integer32 UNITS "seconds" MAX-ACCESS read-only STATUS deprecated DESCRIPTION "The lifetime in seconds granted to the mobile node for this registration. Only valid if faVisitorRegIsAccepted is true(1)." ::= { faVisitorEntry 4 } faVisitorTimeRemaining OBJECT-TYPE SYNTAX Gauge32 UNITS "seconds" MAX-ACCESS read-only STATUS deprecated DESCRIPTION "The number of seconds remaining until the registration is expired. It has the same initial value as faVisitorTimeGranted, and is counted down by the foreign agent." ::= { faVisitorEntry 5 } faVisitorRegFlags OBJECT-TYPE SYNTAX RegistrationFlags MAX-ACCESS read-only Rathi [Page 68] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 STATUS deprecated DESCRIPTION "Registration flags sent by mobile node." ::= { faVisitorEntry 6 } faVisitorRegIDLow OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS deprecated DESCRIPTION "Low 32 bits of Identification used in that registration by the mobile node." ::= { faVisitorEntry 7 } faVisitorRegIDHigh OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS deprecated DESCRIPTION "High 32 bits of Identification used in that registration by the mobile node." ::= { faVisitorEntry 8 } faVisitorRegIsAccepted OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS deprecated DESCRIPTION "Whether the registration has been accepted or not. If it is false(2), this registration is still pending for reply." ::= { faVisitorEntry 9 } faVJCompressionUnavailable OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS deprecated DESCRIPTION "Total number of Registration Requests denied by foreign agent -- requested Van Jacobson header compression unavailable (Code 73)." ::= { faRegistration 11 } -- Home agent specific deprecated objects -- Home agent registration Counters per node haCounterTable OBJECT-TYPE Rathi [Page 69] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 SYNTAX SEQUENCE OF HaCounterEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "A table containing registration statistics for all mobile nodes authorized to use this home agent." ::= { haRegistration 2 } haCounterEntry OBJECT-TYPE SYNTAX HaCounterEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "Registration statistics for one mobile node." INDEX { haMobilityBindingMN } ::= { haCounterTable 1 } HaCounterEntry ::= SEQUENCE { haServiceRequestsAccepted Counter32, haServiceRequestsDenied Counter32, haOverallServiceTime Gauge32, haRecentServiceAcceptedTime TimeStamp, haRecentServiceDeniedTime TimeStamp, haRecentServiceDeniedCode INTEGER } haServiceRequestsAccepted OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS deprecated DESCRIPTION "Total number of service requests for the mobile node accepted by the home agent (Code 0 + Code 1)." ::= { haCounterEntry 2 } haServiceRequestsDenied OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS deprecated DESCRIPTION "Total number of service requests for the mobile node denied by the home agent (sum of all registrations denied with Code 128 through Code 159)." ::= { haCounterEntry 3 } haOverallServiceTime OBJECT-TYPE SYNTAX Gauge32 UNITS "seconds" Rathi [Page 70] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 MAX-ACCESS read-only STATUS deprecated DESCRIPTION "Overall service time (in seconds) that has accumulated for the mobile node since the home agent last rebooted." ::= { haCounterEntry 4 } haRecentServiceAcceptedTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS deprecated DESCRIPTION "The time at which the most recent Registration Request was accepted by the home agent for this mobile node." ::= { haCounterEntry 5 } haRecentServiceDeniedTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS deprecated DESCRIPTION "The time at which the most recent Registration Request was denied by the home agent for this mobile node." ::= { haCounterEntry 6 } haRecentServiceDeniedCode OBJECT-TYPE SYNTAX INTEGER { reasonUnspecified(128), admProhibited(129), insufficientResource(130), mnAuthenticationFailure(131), faAuthenticationFailure(132), idMismatch(133), poorlyFormedRequest(134), tooManyBindings(135), unknownHA(136) } MAX-ACCESS read-only STATUS deprecated DESCRIPTION "The Code indicating the reason why the most recent Registration Request for this mobile node was rejected by the home agent." ::= { haCounterEntry 7 } Rathi [Page 71] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 -- deprecated traps mipAuthFailure NOTIFICATION-TYPE OBJECTS { mipSecViolatorAddress, mipSecRecentViolationSPI, mipSecRecentViolationIDLow, mipSecRecentViolationIDHigh, mipSecRecentViolationReason } STATUS deprecated DESCRIPTION "The mipAuthFailure indicates that the Mobile IP entity has an authentication failure when it validates the mobile Registration Request or Reply. Implementation of this trap is optional." ::= { mipMIBNotifications 1 } -- deprecated compliance statement mipCompliance MODULE-COMPLIANCE STATUS deprecated DESCRIPTION "The compliance statement for SNMPv2 entities which implement the Mobile IP MIB." MODULE MANDATORY-GROUPS { mipSystemGroup } GROUP mipSecAssociationGroup DESCRIPTION "This group is mandatory for Mobile IP entities (MN, FA, and HA) which support security associations. Mobile Nodes and Home Agents must implement this group. Foreign Agents must implement this group if they maintain any security associations." GROUP mipSecViolationGroup DESCRIPTION "This group is mandatory for Mobile IP entities (MN, FA, and HA) that can log security violations." GROUP mnSystemGroup DESCRIPTION "This group is mandatory for mobile node." GROUP mnDiscoveryGroup DESCRIPTION "This group is mandatory for mobile nodes which Rathi [Page 72] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 implement the Agent Discovery function." GROUP mnRegistrationGroup DESCRIPTION "This group is mandatory for mobile nodes." GROUP maAdvertisementGroup DESCRIPTION "This group is mandatory for the mobility agents (HA and FA) since they must implement Agent Advertisement." GROUP faSystemGroup DESCRIPTION "This group is mandatory for foreign agents." GROUP faAdvertisementGroup DESCRIPTION "This group is mandatory for foreign agents." GROUP faRegistrationGroup DESCRIPTION "This group is mandatory for foreign agents." GROUP haRegistrationGroup DESCRIPTION "This group is mandatory for home agents." GROUP haRegNodeCountersGroup DESCRIPTION "This group is mandatory for home agents which log registration counters for each individual mobile node." GROUP mipSecNotificationsGroup DESCRIPTION "This group is mandatory for Mobile IP entities (MN, FA, and HA) that can report the security violations." ::= { mipCompliances 1 } -- Deprecated groups mipSecAssociationGroup OBJECT-GROUP OBJECTS { mipSecAlgorithmType, mipSecAlgorithmMode, mipSecKey, mipSecReplayMethod } STATUS deprecated DESCRIPTION "A collection of objects providing the management Rathi [Page 73] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 information for security associations of Mobile IP entities." ::= { mipGroups 2 } mipSecViolationGroup OBJECT-GROUP OBJECTS { mipSecTotalViolations, mipSecViolationCounter, mipSecRecentViolationSPI, mipSecRecentViolationTime, mipSecRecentViolationIDLow, mipSecRecentViolationIDHigh, mipSecRecentViolationReason } STATUS deprecated DESCRIPTION "A collection of objects providing the management information for security violation logging of Mobile IP entities." ::= { mipGroups 3 } mnSystemGroup OBJECT-GROUP OBJECTS { mnState, mnCurrentHA, mnHomeAddress, mnHAStatus } STATUS deprecated DESCRIPTION "A collection of objects providing the basic management information for mobile nodes." ::= { mipGroups 4 } mnRegistrationGroup OBJECT-GROUP OBJECTS { mnRegAgentAddress, mnRegCOA, mnRegFlags, mnRegIDLow, mnRegIDHigh, mnRegTimeRequested, mnRegTimeRemaining, mnRegTimeSent, mnRegIsAccepted, mnCOAIsLocal, mnRegRequestsSent, mnRegRepliesRecieved, mnDeRegRequestsSent, mnDeRegRepliesRecieved, mnRepliesInvalidHomeAddress, mnRepliesUnknownHA, mnRepliesUnknownFA, mnRepliesInvalidID, mnRepliesDroppedInvalidExtension, mnRepliesIgnoredUnknownExtension, mnRepliesHAAuthenticationFailure, mnRepliesFAAuthenticationFailure, mnRegRequestsAccepted, mnRegRequestsDeniedByHA, mnRegRequestsDeniedByFA, mnRegRequestsDeniedByHADueToID, mnRegRequestsWithDirectedBroadcast } STATUS deprecated DESCRIPTION "A collection of objects providing management information for the registration function within a mobile node." Rathi [Page 74] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 ::= { mipGroups 6 } maAdvertisementGroup OBJECT-GROUP OBJECTS { maAdvMaxRegLifetime, maAdvPrefixLengthInclusion, maAdvAddress, maAdvMaxInterval, maAdvMinInterval, maAdvMaxAdvLifetime, maAdvResponseSolicitationOnly, maAdvStatus, maAdvertisementsSent, maAdvsSentForSolicitation, maSolicitationsReceived } STATUS deprecated DESCRIPTION "A collection of objects providing management information for the Agent Advertisement function within mobility agents." ::= { mipGroups 7 } faAdvertisementGroup OBJECT-GROUP OBJECTS { faIsBusy, faRegistrationRequired } STATUS deprecated DESCRIPTION "A collection of objects providing supplemental management information for the Agent Advertisement function within a foreign agent." ::= { mipGroups 9 } faRegistrationGroup OBJECT-GROUP OBJECTS { faVisitorIPAddress, faVisitorHomeAddress, faVisitorHomeAgentAddress, faVisitorTimeGranted, faVisitorTimeRemaining, faVisitorRegFlags, faVisitorRegIDLow, faVisitorRegIDHigh, faVisitorRegIsAccepted, faRegRequestsReceived, faRegRequestsRelayed, faReasonUnspecified, faAdmProhibited, faInsufficientResource, faMNAuthenticationFailure, faRegLifetimeTooLong, faPoorlyFormedRequests, faEncapsulationUnavailable, faVJCompressionUnavailable, faHAUnreachable, faRegRepliesRecieved, faRegRepliesRelayed, faHAAuthenticationFailure, faPoorlyFormedReplies } STATUS deprecated DESCRIPTION "A collection of objects providing management information for the registration function within a foreign agent." ::= { mipGroups 10 } haRegistrationGroup OBJECT-GROUP Rathi [Page 75] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 OBJECTS { haMobilityBindingMN, haMobilityBindingCOA, haMobilityBindingSourceAddress, haMobilityBindingRegFlags, haMobilityBindingRegIDLow, haMobilityBindingRegIDHigh, haMobilityBindingTimeGranted, haMobilityBindingTimeRemaining, haRegistrationAccepted, haMultiBindingUnsupported, haReasonUnspecified, haAdmProhibited, haInsufficientResource, haMNAuthenticationFailure, haFAAuthenticationFailure, haIDMismatch, haPoorlyFormedRequest, haTooManyBindings, haUnknownHA, haGratuitiousARPsSent, haProxyARPsSent, haRegRequestsReceived, haDeRegRequestsReceived, haRegRepliesSent, haDeRegRepliesSent } STATUS deprecated DESCRIPTION "A collection of objects providing management information for the registration function within a home agent." ::= { mipGroups 11 } haRegNodeCountersGroup OBJECT-GROUP OBJECTS { haServiceRequestsAccepted, haServiceRequestsDenied, haOverallServiceTime, haRecentServiceAcceptedTime, haRecentServiceDeniedTime, haRecentServiceDeniedCode } STATUS deprecated DESCRIPTION "A collection of objects providing management information for counters related to the registration function within a home agent." ::= { mipGroups 12 } mipSecNotificationsGroup NOTIFICATION-GROUP NOTIFICATIONS { mipAuthFailure } STATUS deprecated DESCRIPTION "The notification related to security violations." ::= { mipGroups 13 } END 5. Acknowledgments The origin of this document is from RFC 2006 "The Definitions of Man- Rathi [Page 76] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 aged Objects for IP Mobility Support using SMIv2" written by D. Cong, M. Hamlen and C. Perkins. The editor wishes to acknowledge the good work of these original authors. Thanks to Roy Jose, Rudreshwar N, Basavaraj Patil, and Sri Gundavelli for their useful comments and contributions. 6. Security Considerations There are a number of management objects defined in this MIB that have a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure envi- ronment without proper protection can have a negative effect on net- work operations. The Mobile IP MIB affords the network operator the ability to config- ure and control the Mobile IP links of a particular system, including the Mobile IP authentication protocols, and shared secret key. This represents a security risk. These risks are addressed in the following manners: (1) All variables which represent a significant security risk are placed in separate MIB Groups. By providing Agent Capability Statements, the implementor of the MIB may elect not to imple- ment these groups. (2) The MIB allows the manager station to create the security asso- ciation for Mobile IP entities. However, the agent should always return 0 length octet string when the manager station retrieves the shared security key in the mipSecAssocTable. In this way, the Mobile IP entities can prevent the key leaking from SNMP GET, GET-NEXT, or GET-BULK requests. (3) The MIB defines a trap for Mobile IP entities to send a notifi- cation to the manager station if there is a security violation. In this way, the operator can notice the source of an intruder. (4) The MIB also defines a table to log the security violations in the Mobile IP entities. The manager station can retrieve this log to analyze the security violation instances in the system. Thus, in order to preserve the integrity, security and privacy of the Mobile IP security features, an implementation SHOULD allow access to this MIB only via SNMPv3. SNMPv1 by itself is not a secure environment. Even if the network itself is secure (for example by using IPSec), even then, there is no control as to who on the secure network is allowed to access and Rathi [Page 77] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 GET/SET (read/change/create/delete) the objects in this MIB. It is recommended that the implementers consider the security fea- tures as provided by the SNMPv3 framework. Specifically, the use of the User-based Security Model RFC 2574 [8] and the View-based Access Control Model RFC 2575 [9] is recommended. It is then a customer/user responsibility to ensure that the SNMP entity giving access to an instance of this MIB, is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/cre- ate/delete) them. 7. References [1] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Structure of Management Information Ver- sion 2 (SMIv2)", STD 58, RFC 2578, April 1999 [2] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing SNMP Management Frameworks", RFC 2571, April 1999 [3] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999 [4] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999 [5] McCloghrie, K., and M. Rose, Editors, "Management Information Base for Network Management of TCP/IP-based internets: MIB-II", STD 17, RFC 1213, March 1991. [6] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Net- work Management Protocol", STD 15, RFC 1157, May 1990. [7] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol Operations for version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, January 1996. [8] Blumenthal U., "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2574, April 1999. [9] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Proto- col (SNMP)", RFC 2575, April 1999 Rathi [Page 78] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 [10] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction to Version 3 of the Internet-standard Network Management Frame- work", RFC 2570, April 1999 [11] Rose, M., and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based Internets", STD 16, RFC 1155, May 1990. [12] Rose, M., and K. McCloghrie, "Concise MIB Definitions", STD 16, RFC 1212, March 1991. [13] M. Rose, "A Convention for Defining Traps for use with the SNMP", RFC 1215, March 1991. [14] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Intro- duction to Community-based SNMPv2", RFC 1901, January 1996. [15] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Trans- port Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1906, January 1996. [16] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2572, April 1999. [17] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC 2573, April 1999. [18] Solomon J., "Mobile IP Protocol Applicability Statement", RFC 2005, October 1996. [19] Perkins C., "IP Mobility Support", RFC 2002, Octoer 1996. [20] Cong, D., Hamlen, M., and Perkins, C., "The Definitions of Man- aged Objects for IP Mobility Support using SMIv2", RFC 2006, October 1996. [21] Calhoun, P., and Perkins, C., "Mobile IP Network Access Identi- fier Extension for IPv4", RFC 2794, January 2000. [22] Calhoun, P., and Perkins, C., "Mobile IPv4 Challenge/Response Extension", RFC 3012, November 2000. [23] Montenegro, G., "Reverse Tunneling for Mobile IP", RFC 3024, January 2001. [24] Perkins, C., "IP Mobility Support for IPv4, revised (work in progress)", draft-ietf-mobileip-rfc2002-bis-08.txt, September Rathi [Page 79] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 2001. [25] Dommety, G., and Leung, K., "Mobile IP Vendor/Organization- Spe- cific Extensions", RFC 3115, April 2001. [26] Perkins, C., "IP Encapsulation within IP", RFC 2003, October 1996. [27] Perkins, C., "Minimal Encapsulation within IP", RFC 2004, Octo- ber 1996. [28] Hanks S. et. al., "Generic Routing Encapsulation (GRE)", RFC 1701, October 1994. [29] Deering, S., "ICMP Router Discovery Messages", RFC 1256, Septem- ber 1991. [30] Daniele, M., Haberman, B., Routhier, S., and Schoenwaelder, J., "Textual Conventions for Internet Network Addresses", RFC 2851, June 2000. A. Changes from RFC 2006 to draft-ietf-mobileip-rfc2006bis-00.txt A.1 The changes from RFC 2006 are the following: - Section "The Network Management Framework" was updated. - Subsection Protocol Extensions was created under section Overview. - Section Security Considerations was updated. - Changes to the MIB definition are following. Changes are listed in the order of their occurrence in the MIB definition. (1) The textual convention RegistrationFlags was updated. The bit for VJ compression was removed and bit for reverse tunneling was added. (2) Three new textual conventions were added : MipEntityIdentifier- Type, MipEntityIdentifier and MipEntityIdentifierNAI. These textual conventions were defined to take into account that mobile nodes can be identified by other than ipaddress. (3) New textual convention MipDeliveryStyle was added to represent the delivery style requested by mobile node in the registration request. (4) mipSecAssocTable was deprecated and replaced with mipSecurityAs- socTable to support the mobile nodes identified by NAI. Indices of the table were changed. mipSecurityStatus object was added Rathi [Page 80] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 to manage the creation of new security associations in the table. Default value clause was added to following three objects of the new table. - mipSecurityAlgorithmType - mipSecurityAlgorithmMode - mipSecurityReplayMethod hmac was added to the enumeration list of mipSecurityAlgorithmMode object. (5) A new object mipSecurityAssocsCount was added. This gives the number of security associations in the mipSecurityAssocTable. (6) mipSecViolationTable was deprecated and replaced with mipSecuri- tyViolationTable to support the mobile nodes identified by NAI. Indices of the table were changed. The objects corresponding to mipSecRecentViolationIDLow and mipSecRecentViolationIDHigh in the new table are changed to have the syntax of Unsigned32 instead of Integer32. (7) Description of the mnHomeAddress object was changed to support dynamic home address assignment and default value clause was added. (8) Two new objects mnIdentifierType and mnIdentifier were added to the mnSystem group. (9) object mnAdvFlags was refined. The bit for VJ compression was removed and bit for reverse tunneling was added. (10) Lower limit of value-range for objects mnAdvMaxRegLifetime and mnAdvMaxAdvLifetime is changed to 1 from 0. (11) A new object mnRegDeliveryStyle was added to the mnRegistra- tionTable (12) maAdvConfigTable was deprecated and replaced with maAdvertCon- fTable to support configuration of advertisement parameters on unnumbered interfaces. Index of the table was changed. A new object maAdvertService was added to maAdvertConfTable to indi- cate the mobility services offered on the network interface. (13) objects faIsBusy and faRegistrationRequired were deprecated and replaced with faAdvertConfTable. This is to allow for different settings of 'B' and 'R' bit on different network interfaces. (14) A new object faChallengeWindow was added to the faAdvertCon- fTable to allow for configuration of challenge window. Rathi [Page 81] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 (15) faVisitorTable was deprecated and replaced with faRegVisi- torTable to support the visitors identified by NAI. Indices of the table were changed. The objects corresponding to faVisitor- RegIDLow and faVisitorRegIDHigh in the new table are changed to have the syntax of Unsigned32 instead of Integer32. (16) A new object faRegVisitorDeliveryStyle was added to the FaRegVisitorTable to indicate the delivery style requested by the mobile node. (17) A new object faRegVisitorCount was added to count the number of entries in faRegVisitorTable. (18) faVJCompressionUnavailable object was deprecated. (19) Five new counters specific to reverse tunneling function in for- eign agent were added to faRegistration group. These objects are - faReverseTunnelUnavailable - faReverseTunnelBitNotSet - faMnTooDistant - faDeliveryStyleUnsupported - faNonZeroHomeAddressRequired (20) Three new counters specific to agent advertisement challenge extension were added to faRegistration group. These objects are - faUnknownChallenge - faMissingChallenge - faStaleChallenge (21) Two new counters specific to processing of vendor specific extensions by foreign agent were added to faRegistration group. These objects are - faCvsesFromMnRejected - faCvsesFromHaRejected (22) Two new objects haMobilityBindingMnIdType and haMobilityBind- ingMnId were added to the haMobilityBindingTable to accommodate for the mobile nodes not identified by the ipaddress. Syntax of objects haMobilityBindingRegIDLow and haMobilityBindingRegIDHigh was changed to Unsigned32 from Integer32. (23) haCounterTable was deprecated and replaced with haRegCoun- terTable to support the mobile nodes identified by NAI. Indices of the table were changed. The syntax of object corresponding to haRecentServiceDeniedCode in the new table was changed to add more error codes. Rathi [Page 82] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 (24) Three new counters specific to reverse tunneling function in home agent were added to the haRegistration group. These objects are - haReverseTunnelUnavailable - haReverseTunnelBitNotSet - haEncapsulationUnavailable - (25) Two new counters specific to processing of vendor specific extensions by home agent were added to haRegistration group. These objects are - haCvsesFromMnRejected - haCvsesFromFaRejected (26) A new object haRegMobilityBindingCount was added to count the number of entries in haMobilityBindingTable. (27) mipAuthFailure notification was deprecated and replaced with mipAuthFailure2. (28) Compliance statement mipCompliance was deprecated and replaced with mipCompliance2. (29) Conformance groups were depreciated as needed due to the fact that many new items have been added to the MIB. These groups include: -mipSecAssociationGroup -mipSecViolationGroup -mnSystemGroup -mnRegistrationGroup -maAdvertisementGroup -faAdvertisementGroup -faRegistrationGroup -haRegistrationGroup -haRegNodeCountersGroup -mipSecNotificationsGroup New conformance groups were added as needed to replace depre- cated groups. These groups include: -mipSecAssociationGroup2 -mipSecViolationGroup2 -mnSystemGroup2 -mnRegistrationGroup2 -maAdvertisementGroup2 -faAdvertisementGroup2 -faRegistrationGroup2 -haRegistrationGroup2 -haRegNodeCountersGroup2 Rathi [Page 83] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 -mipSecNotificationsGroup2 A.2 The changes from versions draft-ietf-mobileip-rfc2006bis-01.txt draft-ietf-mobileip-rfc2006bis-02.txt (1) The textual convention RegistrationFlags was updated to conform to the sequence order of the flag bits in RFC 3344. (2) Typos "CmiEntityIdentfier" changed "MipEntityIdentifier". (3) A new object MipSecurityReplayTime was added for acceptable replay protection time range using timestamps. (4) The following objects changed to have the syntax of Unsigned32 instead of Integer32. -mnRegIDHigh -mnRegIDLow -mnRegTimeRequested -haMobilityBindingTimeGranted -mipSecurityRecentViolationSPI (5) The following values added to object haRegRecentServiceDeniedCode. -mnCvseUnsupported (140) -faCvseUnsupported (141) (6) The following object names were changed to provide better meaning since these are rejection counters. -haCvsesFromMnRejected to haCvsesFromMnUnsupported -haCvsesFromFaRejected to haCvsesFromFaUnsupported -faCvsesFromMnRejected to faCvsesFromMnUnsupported -faCvsesFromHaRejected to faCvsesFromHaUnsupported (7) The following objects were added to HA registration counters. -haNvsesFromMnIgnored -haNvsesFromFaIgnored (8) The following objects were added to FA registration counters. -faNvsesFromMnIgnored -faNvsesFromHaIgnored A.3 The changes from versions draft-ietf-mobileip-rfc2006bis-02.txt draft-ietf-mobileip-rfc2006bis-03.txt (1) The size of the MipEntityIdentifier is changed to OCTET STRING of size 64 octets (2) Changed the SYNTAX for mnAdvSequence object to Integer32 (3) Changed the SYNTAX for mnAdvMaxRegLifeTime object to Integer32 (4) Changed the SYNTAX for mnAdvMaxAdvLifeTime object to Integer32 Rathi [Page 84] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 (5) faNvsesFromMnIgnored is anchored at faRegistration 27 (6) faNvsesFromHaIgnored is anchored at faRegistration 28 (7) faRegVisitorCount is anchored at faRegistration 29 (8) Changed the faCvsesFromHaSupported object name to faCvsesFromHaUnsupported (9) Added faNvsesFromMnIgnored and faNvsesFromHaIgnored to faRegistrationGroup2 (10) faRegVisitorTable is anchored at faRegistration 30 (11) Added the haNvsesFromMnIgnored object to the haRegistrationGroup2 (12) Added the haNvsesFromFaIgnored object to the haRegistrationGroup2 (13) Added the NOTIFICATION-GROUP to the imports A.4 The changes from versions draft-ietf-mobileip-rfc2006bis-03.txt draft-ietf-mip4-rfc2006bis-00.txt (1) Draft retitled to draft-ietf-mip4-rfc2006bis-00.txt A.5 The changes from versions draft-ietf-mip4-rfc2006bis-00.txt to draft-ietf-mip4-rfc2006bis-01.txt (1) Chair addresses updated. B. Chair and Editor Addresses The working group can be contacted via the current chairs: Pete McCann Henrik Levkowetz Lucent Technologies ipUnplugged AB Rm 9C-226R Arenavagen 33 1960 Lucent Lane Naperville, Illinois 60563 Stockholm S-121 28 USA Sweden Phone: +1 630 713 9359 Phone: +46 708 32 16 08 Email: mccap@lucent.com Email: henrik@levkowetz.com Questions about this memo can also be directed to the editors: Ravindra Rathi Kent Leung Intel Corporation Cisco Systems, Inc. 136, Airport Road 170 West Tasman Drive Bangalore - 560 017 San Jose, CA. 95134 India USA Phone: +91 80 507 5553 Phone: +1 408 526 5030 Email: ravindra.rathi@intel.com Email: kleung@cisco.com Rathi [Page 85] INTERNET DRAFT Mobile IP MIB Definition using SMIv2 September 2003 C. Full Copyright Statement Copyright (C) The Internet Society (2000). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this doc- ument itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of develop- ing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MER- CHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE Rathi [Page 86]