| < draft-ietf-radext-dynauth-client-mib-05.txt | draft-ietf-radext-dynauth-client-mib-06.txt > | |||
|---|---|---|---|---|
| Network Working Group S. De Cnodder | Network Working Group S. De Cnodder | |||
| Internet-Draft Alcatel | Internet-Draft Alcatel | |||
| Expires: September 30, 2006 N. Jonnala | Expires: December 17, 2006 N. Jonnala | |||
| M. Chiba | M. Chiba | |||
| Cisco Systems, Inc. | Cisco Systems, Inc. | |||
| March 29, 2006 | June 15, 2006 | |||
| Dynamic Authorization Client MIB | Dynamic Authorization Client MIB | |||
| draft-ietf-radext-dynauth-client-mib-05.txt | draft-ietf-radext-dynauth-client-mib-06.txt | |||
| Status of this Memo | Status of this Memo | |||
| By submitting this Internet-Draft, each author represents that any | By submitting this Internet-Draft, each author represents that any | |||
| applicable patent or other IPR claims of which he or she is aware | applicable patent or other IPR claims of which he or she is aware | |||
| have been or will be disclosed, and any of which he or she becomes | have been or will be disclosed, and any of which he or she becomes | |||
| aware will be disclosed, in accordance with Section 6 of BCP 79. | aware will be disclosed, in accordance with Section 6 of BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||
| skipping to change at page 1, line 36 ¶ | skipping to change at page 1, line 36 ¶ | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
| http://www.ietf.org/ietf/1id-abstracts.txt. | http://www.ietf.org/ietf/1id-abstracts.txt. | |||
| The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
| http://www.ietf.org/shadow.html. | http://www.ietf.org/shadow.html. | |||
| This Internet-Draft will expire on September 30, 2006. | This Internet-Draft will expire on December 17, 2006. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (C) The Internet Society (2006). | Copyright (C) The Internet Society (2006). | |||
| Abstract | Abstract | |||
| This memo defines a portion of the Management Information Base (MIB) | This memo defines a portion of the Management Information Base (MIB) | |||
| for use with network management protocols in the Internet community. | for use with network management protocols in the Internet community. | |||
| In particular, it describes the Remote Authentication Dial In User | In particular, it describes the Remote Authentication Dial In User | |||
| skipping to change at page 5, line 14 ¶ | skipping to change at page 5, line 14 ¶ | |||
| 3. Overview | 3. Overview | |||
| "Dynamic Authorization Extensions to RADIUS" [RFC3576] defines the | "Dynamic Authorization Extensions to RADIUS" [RFC3576] defines the | |||
| operation of Disconnect-Request, Disconnect-ACK, Disconnect-NAK, CoA- | operation of Disconnect-Request, Disconnect-ACK, Disconnect-NAK, CoA- | |||
| Request, CoA-ACK and CoA-NAK packets. [DYNSERV] defines the Dynamic | Request, CoA-ACK and CoA-NAK packets. [DYNSERV] defines the Dynamic | |||
| Authorization Server MIB and the relationship with other MIB modules. | Authorization Server MIB and the relationship with other MIB modules. | |||
| This MIB module for the Dynamic Authorization Client contains the | This MIB module for the Dynamic Authorization Client contains the | |||
| following: | following: | |||
| 1. Three scalar objects, and | 1. Two scalar objects, and | |||
| 2. One Dynamic Authorization Server table. This table contains one | 2. One Dynamic Authorization Server table. This table contains one | |||
| row for each DAS that the DAC shares a secret with. | row for each DAS that the DAC shares a secret with. | |||
| 4. RADIUS Dynamic Authorization Client MIB Definitions | 4. RADIUS Dynamic Authorization Client MIB Definitions | |||
| RADIUS-DYNAUTH-CLIENT-MIB DEFINITIONS ::= BEGIN | RADIUS-DYNAUTH-CLIENT-MIB DEFINITIONS ::= BEGIN | |||
| IMPORTS | IMPORTS | |||
| MODULE-IDENTITY, OBJECT-TYPE, | MODULE-IDENTITY, OBJECT-TYPE, | |||
| Counter32, Gauge32, Integer32, | Counter32, Gauge32, Integer32, | |||
| mib-2, TimeTicks FROM SNMPv2-SMI -- [RFC2578] | mib-2, TimeTicks FROM SNMPv2-SMI -- [RFC2578] | |||
| SnmpAdminString FROM SNMP-FRAMEWORK-MIB -- [RFC3411] | SnmpAdminString FROM SNMP-FRAMEWORK-MIB -- [RFC3411] | |||
| InetAddressType, InetAddress, | InetAddressType, InetAddress, | |||
| InetPortNumber FROM INET-ADDRESS-MIB -- [RFC4001] | InetPortNumber FROM INET-ADDRESS-MIB -- [RFC4001] | |||
| MODULE-COMPLIANCE, | MODULE-COMPLIANCE, | |||
| OBJECT-GROUP FROM SNMPv2-CONF; -- [RFC2580] | OBJECT-GROUP FROM SNMPv2-CONF; -- [RFC2580] | |||
| radiusDynAuthClientMIB MODULE-IDENTITY | radiusDynAuthClientMIB MODULE-IDENTITY | |||
| LAST-UPDATED "200603220000Z" -- 22 March 2006 | LAST-UPDATED "200606060000Z" -- 6 June 2006 | |||
| ORGANIZATION "IETF RADEXT Working Group" | ORGANIZATION "IETF RADEXT Working Group" | |||
| CONTACT-INFO | CONTACT-INFO | |||
| " Stefaan De Cnodder | " Stefaan De Cnodder | |||
| Alcatel | Alcatel | |||
| Francis Wellesplein 1 | Francis Wellesplein 1 | |||
| B-2018 Antwerp | B-2018 Antwerp | |||
| Belgium | Belgium | |||
| Phone: +32 3 240 85 15 | Phone: +32 3 240 85 15 | |||
| EMail: stefaan.de_cnodder@alcatel.be | EMail: stefaan.de_cnodder@alcatel.be | |||
| skipping to change at page 7, line 10 ¶ | skipping to change at page 7, line 10 ¶ | |||
| DESCRIPTION | DESCRIPTION | |||
| "The MIB module for entities implementing the client | "The MIB module for entities implementing the client | |||
| side of the Dynamic Authorization Extensions to Remote | side of the Dynamic Authorization Extensions to Remote | |||
| Authentication Dial In User Service (RADIUS) protocol. | Authentication Dial In User Service (RADIUS) protocol. | |||
| Copyright (C) The Internet Society (2006). Initial | Copyright (C) The Internet Society (2006). Initial | |||
| version as published in RFC yyyy; | version as published in RFC yyyy; | |||
| for full legal notices see the RFC itself." | for full legal notices see the RFC itself." | |||
| -- RFC Ed.: replace yyyy with actual RFC number & remove this note | -- RFC Ed.: replace yyyy with actual RFC number & remove this note | |||
| REVISION "200603220000Z" -- 22 March 2006 | REVISION "200606060000Z" -- 6 June 2006 | |||
| DESCRIPTION "Initial version as published in RFC yyyy" | DESCRIPTION "Initial version as published in RFC yyyy" | |||
| -- RFC Ed.: replace yyyy with actual RFC number & remove this note | -- RFC Ed.: replace yyyy with actual RFC number & remove this note | |||
| ::= { mib-2 xxx } | ::= { mib-2 xxx } | |||
| -- The value xxx to be assigned by IANA. | -- The value xxx to be assigned by IANA. | |||
| radiusDynAuthClientMIBObjects OBJECT IDENTIFIER ::= | radiusDynAuthClientMIBObjects OBJECT IDENTIFIER ::= | |||
| { radiusDynAuthClientMIB 1 } | { radiusDynAuthClientMIB 1 } | |||
| radiusDynAuthClientScalars OBJECT IDENTIFIER ::= | radiusDynAuthClientScalars OBJECT IDENTIFIER ::= | |||
| { radiusDynAuthClientMIBObjects 1 } | { radiusDynAuthClientMIBObjects 1 } | |||
| skipping to change at page 7, line 47 ¶ | skipping to change at page 7, line 47 ¶ | |||
| STATUS current | STATUS current | |||
| DESCRIPTION | DESCRIPTION | |||
| "The number of CoA-Ack and CoA-NAK packets received from | "The number of CoA-Ack and CoA-NAK packets received from | |||
| unknown addresses. Disconnect-NAK packets received from | unknown addresses. Disconnect-NAK packets received from | |||
| unknown addresses. This counter may experience a | unknown addresses. This counter may experience a | |||
| discontinuity when the DAC module (re)starts as | discontinuity when the DAC module (re)starts as | |||
| indicated by the value of | indicated by the value of | |||
| radiusDynAuthClientCounterDiscontinuity." | radiusDynAuthClientCounterDiscontinuity." | |||
| ::= { radiusDynAuthClientScalars 2 } | ::= { radiusDynAuthClientScalars 2 } | |||
| radiusDynAuthClientCounterDiscontinuity OBJECT-TYPE | ||||
| SYNTAX TimeTicks | ||||
| UNITS "hundredths of a second" | ||||
| MAX-ACCESS read-only | ||||
| STATUS current | ||||
| DESCRIPTION | ||||
| "The time (in hundredths of a second) since the | ||||
| DAC module was last re-initialized." | ||||
| ::= { radiusDynAuthClientScalars 3 } | ||||
| radiusDynAuthServerTable OBJECT-TYPE | radiusDynAuthServerTable OBJECT-TYPE | |||
| SYNTAX SEQUENCE OF RadiusDynAuthServerEntry | SYNTAX SEQUENCE OF RadiusDynAuthServerEntry | |||
| MAX-ACCESS not-accessible | MAX-ACCESS not-accessible | |||
| STATUS current | STATUS current | |||
| DESCRIPTION | DESCRIPTION | |||
| "The (conceptual) table listing the RADIUS Dynamic | "The (conceptual) table listing the RADIUS Dynamic | |||
| Authorization Servers with which the client shares a | Authorization Servers with which the client shares a | |||
| secret." | secret." | |||
| ::= { radiusDynAuthClientMIBObjects 2 } | ::= { radiusDynAuthClientMIBObjects 2 } | |||
| skipping to change at page 9, line 12 ¶ | skipping to change at page 8, line 50 ¶ | |||
| radiusDynAuthClientCoARetransmissions Counter32, | radiusDynAuthClientCoARetransmissions Counter32, | |||
| radiusDynAuthClientCoAAcks Counter32, | radiusDynAuthClientCoAAcks Counter32, | |||
| radiusDynAuthClientCoANaks Counter32, | radiusDynAuthClientCoANaks Counter32, | |||
| radiusDynAuthClientCoANakAuthOnlyRequest Counter32, | radiusDynAuthClientCoANakAuthOnlyRequest Counter32, | |||
| radiusDynAuthClientCoANakSessNoContext Counter32, | radiusDynAuthClientCoANakSessNoContext Counter32, | |||
| radiusDynAuthClientMalformedCoAResponses Counter32, | radiusDynAuthClientMalformedCoAResponses Counter32, | |||
| radiusDynAuthClientCoABadAuthenticators Counter32, | radiusDynAuthClientCoABadAuthenticators Counter32, | |||
| radiusDynAuthClientCoAPendingRequests Gauge32, | radiusDynAuthClientCoAPendingRequests Gauge32, | |||
| radiusDynAuthClientCoATimeouts Counter32, | radiusDynAuthClientCoATimeouts Counter32, | |||
| radiusDynAuthClientCoAPacketsDropped Counter32, | radiusDynAuthClientCoAPacketsDropped Counter32, | |||
| radiusDynAuthClientUnknownTypes Counter32 | radiusDynAuthClientUnknownTypes Counter32, | |||
| radiusDynAuthClientCounterDiscontinuity TimeTicks | ||||
| } | } | |||
| radiusDynAuthServerIndex OBJECT-TYPE | radiusDynAuthServerIndex OBJECT-TYPE | |||
| SYNTAX Integer32 (1..2147483647) | SYNTAX Integer32 (1..2147483647) | |||
| MAX-ACCESS not-accessible | MAX-ACCESS not-accessible | |||
| STATUS current | STATUS current | |||
| DESCRIPTION | DESCRIPTION | |||
| "A number uniquely identifying each RADIUS Dynamic | "A number uniquely identifying each RADIUS Dynamic | |||
| Authorization Server with which this Dynamic | Authorization Server with which this Dynamic | |||
| Authorization Client communicates. This number is | Authorization Client communicates. This number is | |||
| skipping to change at page 9, line 49 ¶ | skipping to change at page 9, line 41 ¶ | |||
| STATUS current | STATUS current | |||
| DESCRIPTION | DESCRIPTION | |||
| "The IP address value of the RADIUS Dynamic | "The IP address value of the RADIUS Dynamic | |||
| Authorization Server referred to in this table entry | Authorization Server referred to in this table entry | |||
| using the version neutral IP address format. The type | using the version neutral IP address format. The type | |||
| of this address is determined by the value of the | of this address is determined by the value of the | |||
| radiusDynAuthServerAddressType object." | radiusDynAuthServerAddressType object." | |||
| ::= { radiusDynAuthServerEntry 3 } | ::= { radiusDynAuthServerEntry 3 } | |||
| radiusDynAuthServerClientPortNumber OBJECT-TYPE | radiusDynAuthServerClientPortNumber OBJECT-TYPE | |||
| SYNTAX InetPortNumber | SYNTAX InetPortNumber (1..65535) | |||
| MAX-ACCESS read-only | MAX-ACCESS read-only | |||
| STATUS current | STATUS current | |||
| DESCRIPTION | DESCRIPTION | |||
| "The UDP destination port that the RADIUS Dynamic | "The UDP destination port that the RADIUS Dynamic | |||
| Authorization Client is using to send requests to this | Authorization Client is using to send requests to this | |||
| server. The value zero is invalid." | server. The value zero is invalid." | |||
| ::= { radiusDynAuthServerEntry 4 } | ::= { radiusDynAuthServerEntry 4 } | |||
| radiusDynAuthServerID OBJECT-TYPE | radiusDynAuthServerID OBJECT-TYPE | |||
| SYNTAX SnmpAdminString | SYNTAX SnmpAdminString | |||
| skipping to change at page 19, line 40 ¶ | skipping to change at page 19, line 30 ¶ | |||
| DESCRIPTION | DESCRIPTION | |||
| "The number of incoming packets of unknown types | "The number of incoming packets of unknown types | |||
| which were received on the Dynamic Authorization port. | which were received on the Dynamic Authorization port. | |||
| This counter may experience a discontinuity when the | This counter may experience a discontinuity when the | |||
| DAC module (re)starts as indicated by the value of | DAC module (re)starts as indicated by the value of | |||
| radiusDynAuthClientCounterDiscontinuity." | radiusDynAuthClientCounterDiscontinuity." | |||
| REFERENCE | REFERENCE | |||
| "RFC 3576, Section 2.3, Packet Format." | "RFC 3576, Section 2.3, Packet Format." | |||
| ::= { radiusDynAuthServerEntry 31 } | ::= { radiusDynAuthServerEntry 31 } | |||
| radiusDynAuthClientCounterDiscontinuity OBJECT-TYPE | ||||
| SYNTAX TimeTicks | ||||
| UNITS "hundredths of a second" | ||||
| MAX-ACCESS read-only | ||||
| STATUS current | ||||
| DESCRIPTION | ||||
| "The time (in hundredths of a second) since the | ||||
| last counter discontinuity. A discontinuity may | ||||
| be the result of a reinitialization of the DAC | ||||
| module within the managed entity." | ||||
| ::= { radiusDynAuthServerEntry 32 } | ||||
| -- conformance information | -- conformance information | |||
| radiusDynAuthClientMIBConformance | radiusDynAuthClientMIBConformance | |||
| OBJECT IDENTIFIER ::= { radiusDynAuthClientMIB 2 } | OBJECT IDENTIFIER ::= { radiusDynAuthClientMIB 2 } | |||
| radiusDynAuthClientMIBCompliances | radiusDynAuthClientMIBCompliances | |||
| OBJECT IDENTIFIER ::= { radiusDynAuthClientMIBConformance 1 } | OBJECT IDENTIFIER ::= { radiusDynAuthClientMIBConformance 1 } | |||
| radiusDynAuthClientMIBGroups | radiusDynAuthClientMIBGroups | |||
| OBJECT IDENTIFIER ::= { radiusDynAuthClientMIBConformance 2 } | OBJECT IDENTIFIER ::= { radiusDynAuthClientMIBConformance 2 } | |||
| -- compliance statements | -- compliance statements | |||
| skipping to change at page 20, line 45 ¶ | skipping to change at page 20, line 49 ¶ | |||
| a session exists or not (e.g., in case of a RADIUS | a session exists or not (e.g., in case of a RADIUS | |||
| proxy)." | proxy)." | |||
| ::= { radiusDynAuthClientMIBCompliances 1 } | ::= { radiusDynAuthClientMIBCompliances 1 } | |||
| -- units of conformance | -- units of conformance | |||
| radiusDynAuthClientMIBGroup OBJECT-GROUP | radiusDynAuthClientMIBGroup OBJECT-GROUP | |||
| OBJECTS { radiusDynAuthClientDisconInvalidServerAddresses, | OBJECTS { radiusDynAuthClientDisconInvalidServerAddresses, | |||
| radiusDynAuthClientCoAInvalidServerAddresses, | radiusDynAuthClientCoAInvalidServerAddresses, | |||
| radiusDynAuthClientCounterDiscontinuity, | ||||
| radiusDynAuthServerAddressType, | radiusDynAuthServerAddressType, | |||
| radiusDynAuthServerAddress, | radiusDynAuthServerAddress, | |||
| radiusDynAuthServerClientPortNumber, | radiusDynAuthServerClientPortNumber, | |||
| radiusDynAuthServerID, | radiusDynAuthServerID, | |||
| radiusDynAuthClientRoundTripTime, | radiusDynAuthClientRoundTripTime, | |||
| radiusDynAuthClientDisconRequests, | radiusDynAuthClientDisconRequests, | |||
| radiusDynAuthClientDisconRetransmissions, | radiusDynAuthClientDisconRetransmissions, | |||
| radiusDynAuthClientDisconAcks, | radiusDynAuthClientDisconAcks, | |||
| radiusDynAuthClientDisconNaks, | radiusDynAuthClientDisconNaks, | |||
| radiusDynAuthClientMalformedDisconResponses, | radiusDynAuthClientMalformedDisconResponses, | |||
| skipping to change at page 21, line 23 ¶ | skipping to change at page 21, line 25 ¶ | |||
| radiusDynAuthClientDisconPacketsDropped, | radiusDynAuthClientDisconPacketsDropped, | |||
| radiusDynAuthClientCoARequests, | radiusDynAuthClientCoARequests, | |||
| radiusDynAuthClientCoARetransmissions, | radiusDynAuthClientCoARetransmissions, | |||
| radiusDynAuthClientCoAAcks, | radiusDynAuthClientCoAAcks, | |||
| radiusDynAuthClientCoANaks, | radiusDynAuthClientCoANaks, | |||
| radiusDynAuthClientMalformedCoAResponses, | radiusDynAuthClientMalformedCoAResponses, | |||
| radiusDynAuthClientCoABadAuthenticators, | radiusDynAuthClientCoABadAuthenticators, | |||
| radiusDynAuthClientCoAPendingRequests, | radiusDynAuthClientCoAPendingRequests, | |||
| radiusDynAuthClientCoATimeouts, | radiusDynAuthClientCoATimeouts, | |||
| radiusDynAuthClientCoAPacketsDropped, | radiusDynAuthClientCoAPacketsDropped, | |||
| radiusDynAuthClientUnknownTypes | radiusDynAuthClientUnknownTypes, | |||
| radiusDynAuthClientCounterDiscontinuity | ||||
| } | } | |||
| STATUS current | STATUS current | |||
| DESCRIPTION | DESCRIPTION | |||
| "The collection of objects providing management of | "The collection of objects providing management of | |||
| a RADIUS Dynamic Authorization Client." | a RADIUS Dynamic Authorization Client." | |||
| ::= { radiusDynAuthClientMIBGroups 1 } | ::= { radiusDynAuthClientMIBGroups 1 } | |||
| radiusDynAuthClientAuthOnlyGroup OBJECT-GROUP | radiusDynAuthClientAuthOnlyGroup OBJECT-GROUP | |||
| OBJECTS { radiusDynAuthClientDisconAuthOnlyRequests, | OBJECTS { radiusDynAuthClientDisconAuthOnlyRequests, | |||
| radiusDynAuthClientDisconNakAuthOnlyRequest, | radiusDynAuthClientDisconNakAuthOnlyRequest, | |||
| End of changes. 13 change blocks. | ||||
| 21 lines changed or deleted | 25 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||