idnits 2.17.1 draft-ietf-ipcdn-cable-device-mib-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts. ** The document seems to lack a 1id_guidelines paragraph about the list of Shadow Directories. == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 8 instances of too long lines in the document, the longest one being 4 characters in excess of 72. ** The abstract seems to contain references ([5], [6], [7]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == Line 202 has weird spacing: '...MTS and vario...' == Line 492 has weird spacing: '...cribing acces...' == Line 720 has weird spacing: '...hese is appli...' == Line 1725 has weird spacing: '...matched packe...' == Line 1905 has weird spacing: '...ems and optio...' == (2 more instances...) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (October 1998) is 9325 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 2271 (ref. '1') (Obsoleted by RFC 2571) ** Downref: Normative reference to an Informational RFC: RFC 1215 (ref. '4') ** Obsolete normative reference: RFC 1902 (ref. '5') (Obsoleted by RFC 2578) ** Obsolete normative reference: RFC 1903 (ref. '6') (Obsoleted by RFC 2579) ** Obsolete normative reference: RFC 1904 (ref. '7') (Obsoleted by RFC 2580) ** Downref: Normative reference to an Historic RFC: RFC 1157 (ref. '8') ** Downref: Normative reference to an Historic RFC: RFC 1901 (ref. '9') ** Obsolete normative reference: RFC 1906 (ref. '10') (Obsoleted by RFC 3417) ** Obsolete normative reference: RFC 2272 (ref. '11') (Obsoleted by RFC 2572) ** Obsolete normative reference: RFC 2274 (ref. '12') (Obsoleted by RFC 2574) ** Obsolete normative reference: RFC 1905 (ref. '13') (Obsoleted by RFC 3416) ** Obsolete normative reference: RFC 2273 (ref. '14') (Obsoleted by RFC 2573) ** Obsolete normative reference: RFC 2275 (ref. '15') (Obsoleted by RFC 2575) -- Possible downref: Non-RFC (?) normative reference: ref. '16' ** Downref: Normative reference to an Experimental RFC: RFC 1224 (ref. '17') -- Possible downref: Non-RFC (?) normative reference: ref. '18' -- Possible downref: Non-RFC (?) normative reference: ref. '20' Summary: 24 errors (**), 0 flaws (~~), 7 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 INTERNET-DRAFT MCNS Cable Device MIB October 1998 3 Cable Device Management Information Base 4 for MCNS compliant Cable Modems and 5 Cable Modem Termination Systems 6 draft-ietf-ipcdn-cable-device-mib-05.txt 8 Tue Oct 13 15:05:42 PDT 1998 10 Guenter Roeck (editor) 11 cisco Systems 12 groeck@cisco.com 14 Status of this Memo 16 This document is an Internet-Draft. Internet-Drafts are working 17 documents of the Internet Engineering Task Force (IETF), its Areas, and 18 its Working Groups. Note that other groups may also distribute working 19 documents as Internet-Drafts. 21 Internet-Drafts are draft documents valid for a maximum of six months 22 and may be updated, replaced, or obsoleted by other documents at any 23 time. It is inappropriate to use Internet-Drafts as reference material 24 or to cite them other than as a "work in progress". 26 To view the entire list of current Internet-Drafts, please check the 27 "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow 28 Directories on ftp.is.co.za (Africa), ftp.nordu.net (Europe), 29 munnari.oz.au (Pacific Rim), ftp.ietf.org (US East Coast), or 30 ftp.isi.edu (US West Coast). 32 Copyright (c) The Internet Society 1998. All Rights Reserved. 34 Abstract 36 This memo defines an experimental portion of the Management Information 37 Base (MIB) for use with network management protocols in the Internet 38 community. In particular, it defines a basic set of managed objects for 39 SNMP-based management of MCNS compliant Cable Modems and Cable Modem 40 Termination Systems. 42 This memo specifies a MIB module in a manner that is compliant to the 43 SNMP SMIv2[5][6][7]. The set of objects is consistent with the SNMP 44 framework and existing SNMP standards. 46 This memo is a product of the IPCDN working group within the Internet 47 Engineering Task Force. Comments are solicited and should be addressed 48 to the working group's mailing list at ipcdn@terayon.com and/or the 49 author. 51 Table of Contents 53 1 The SNMP Management Framework ................................... 3 54 2 Glossary ........................................................ 4 55 2.1 CATV .......................................................... 4 56 2.2 CM ............................................................ 4 57 2.3 CMTS .......................................................... 4 58 2.4 DOCSIS ........................................................ 4 59 2.5 Downstream .................................................... 4 60 2.6 Head-end ...................................................... 4 61 2.7 MAC Packet .................................................... 4 62 2.8 MCNS .......................................................... 4 63 2.9 RF ............................................................ 4 64 2.10 Upstream ..................................................... 4 65 3 Overview ........................................................ 5 66 3.1 Structure of the MIB .......................................... 5 67 3.2 Management requirements ....................................... 6 68 3.2.1 Handling of Software upgrades ............................... 6 69 3.2.2 Events and Traps ............................................ 6 70 3.2.3 Trap Throttling ............................................. 7 71 3.2.3.1 Trap rate throttling ...................................... 7 72 3.2.3.2 Limiting the trap rate .................................... 8 73 3.3 Protocol Filters .............................................. 8 74 4 Definitions ..................................................... 9 75 5 Acknowledgments ................................................. 43 76 6 References ...................................................... 43 77 7 Security Considerations ......................................... 45 78 8 Intellectual Property ........................................... 45 79 9 Copyright Section ............................................... 45 80 10 Author's Address ............................................... 46 81 1. The SNMP Management Framework The SNMP Management Framework 82 presently consists of five major components: 84 o An overall architecture, described in RFC 2271 [1]. 86 o Mechanisms for describing and naming objects and events for the 87 purpose of management. The first version of this Structure of 88 Management Information (SMI) is called SMIv1 and described in 89 RFC 1155 [2], RFC 1212 [3] and RFC 1215 [4]. The second version, 90 called SMIv2, is described in RFC 1902 [5], RFC 1903 [6] and RFC 91 1904 [7]. 93 o Message protocols for transferring management information. The 94 first version of the SNMP message protocol is called SNMPv1 and 95 described in RFC 1157 [8]. A second version of the SNMP message 96 protocol, which is not an Internet standards track protocol, is 97 called SNMPv2c and described in RFC 1901 [9] and RFC 1906 [10]. 98 The third version of the message protocol is called SNMPv3 and 99 described in RFC 1906 [10], RFC 2272 [11] and RFC 2274 [12]. 101 o Protocol operations for accessing management information. The 102 first set of protocol operations and associated PDU formats is 103 described in RFC 1157 [8]. A second set of protocol operations 104 and associated PDU formats is described in RFC 1905 [13]. 106 o A set of fundamental applications described in RFC 2273 [14] and 107 the view-based access control mechanism described in RFC 2275 108 [15]. 110 Managed objects are accessed via a virtual information store, termed the 111 Management Information Base or MIB. Objects in the MIB are defined 112 using the mechanisms defined in the SMI. 114 This memo specifies a MIB module that is compliant to the SMIv2. A MIB 115 conforming to the SMIv1 can be produced through the appropriate 116 translations. The resulting translated MIB must be semantically 117 equivalent, except where objects or events are omitted because no 118 translation is possible (use of Counter64). Some machine readable 119 information in SMIv2 will be converted into textual descriptions in 120 SMIv1 during the translation process. However, this loss of machine 121 readable information is not considered to change the semantics of the 122 MIB. 124 2. Glossary 126 The terms in this document are derived either from normal cable system 127 usage, or from the documents associated with the Data Over Cable Service 128 Interface Specification process. 130 2.1. CATV 132 Originally "Community Antenna Television", now used to refer to any 133 cable or hybrid fiber and cable system used to deliver video signals to 134 a community. 136 2.2. CM Cable Modem. A CM acts as a "slave" station in a DOCSIS 137 compliant cable data system. 139 2.3. CMTS Cable Modem Termination System. A generic term covering a 140 cable bridge or cable router in a head-end. A CMTS acts as the master 141 station in a DOCSIS compliant cable data system. It is the only station 142 that transmits downstream, and it controls the scheduling of upstream 143 transmissions by its associated CMs. 145 2.4. DOCSIS 147 "Data Over Cable Interface Specification". A term referring to the 148 ITU-T J.112 Annex B standard for cable modem systems. [20] 150 2.5. Downstream 152 >From the head-end towards the subscriber. 154 2.6. Head-end 156 The origination point in most cable systems of the subscriber video 157 signals. Generally also the location of the CMTS equipment. 159 2.7. MAC Packet 161 A DOCSIS PDU. 163 2.8. MCNS 165 "Multimedia Cable Network System". Generally replaced in usage by 166 DOCSIS. 168 2.9. RF 170 Radio Frequency. 172 2.10. Upstream 174 >From the subscriber towards the head-end. 176 3. Overview 178 This MIB provides a set of objects required for the management of MCNS 179 compliant Cable Modems (CM) and Cable Modem Termination Systems (CMTS). 180 The specification is derived from the MCNS Radio Frequency Interface 181 specification [16]. 183 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 184 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 185 document are to be interpreted as described in [19]. 187 3.1. Structure of the MIB 189 This MIB is structured into seven groups: 191 o The docsDevBase group extends the MIB-II 'system' group with 192 objects needed for cable device system management. 194 o The docsDevNmAccessGroup provides a minimum level of SNMP access 195 security (see Section 3 of [18]). 197 o The docsDevSoftware group provides information for network- 198 downloadable software upgrades. See "Handling of Software 199 Upgrades" below.. 201 o The docsDevServer group provides information about the progress of 202 the interaction between the CM or CMTS and various provisioning 203 servers. 205 o The docsDevEvent group provides control and logging for event 206 reporting. 208 o The docsDevFilter group configures filters at link layer and IP 209 layer for bridged data traffic. This group consists of a link- 210 layer filter table, docsDevFilterLLCTable, which is used to manage 211 the processing and forwarding of non-IP traffic; an IP packet 212 classifier table, docsDevFilterIpTable, which is used to map 213 classes of packets to specific policy actions; a policy table, 214 docsDevFilterPolicyTable, which maps zero or more policy actions 215 onto a specific packet classification, and one or more policy 216 action tables. 218 At this time, this MIB specifies only one policy action table, 219 docsDevFilterTosTable, which allows the manipulation of the type of 220 services bits in an IP packet based on matching some criteria. The 221 working group may add additional policy types and action tables in the 222 future, for example to allow QOS to modem service identifier assignment 223 based on destination. 225 o The docsDevCpe group provides control over which IP addresses may 226 be used by customer premises equipment (e.g. PCs) serviced by a 227 given cable modem. This provides anti-spoofing control at the 228 point of origin for a large cable modem system. This group is 229 seperate from docsDevFilter primarily this group is only 230 implemented on the Cable Modem (CM) and MUST NOT be implemented on 231 the Cable Modem Termination System (CMTS) 233 3.2. Management requirements 235 3.2.1. Handling of Software upgrades 237 The Cable Modem software upgrade process is documented in [16]. From a 238 network management station, the operator: 240 o sets docsDevSwServer to the address of the TFTP server for software 241 upgrades 243 o sets docsDevSwFilename to the file pathname of the software upgrade 244 image 246 o sets docsDevSwAdminStatus to upgrade-from-mgt 248 One reason for the SNMP-initiated upgrade is to allow loading of a 249 temporary software image (e.g., special diagnostic software) that 250 differs from the software normally used on that device without changing 251 the provisioning database. 253 Note that software upgrades should not be accepted blindly by the cable 254 device. The cable device may refuse an upgrade if: 256 o The download is incomplete. 258 o The file contents are incomplete or damaged. 260 o The software is not intended for that hardware device (may include 261 the case of a feature set that has not been purchased for this 262 device). 264 3.2.2. Events and Traps 266 This MIB provides control facilities for reporting events through 267 syslog, traps, and nonvolatile logging. If events are reported through 268 traps, the specified conventions must be followed. Other means of event 269 reporting are outside the scope of this document. 271 The definition and coding of events is vendor-specific. In deference to 272 the network operator who must troubleshoot multi-vendor networks, the 273 circumstances and meaning of each event should be reported as human- 274 readable text. Vendors SHOULD provide time-of-day clocks in CMs to 275 provide useful timestamping of events. 277 For each vendor-specific event that is reportable via TRAP, the vendor 278 must create an enterprise-specific trap definition. Trap definitions 279 MUST include the event reason encoded as DisplayString and should be 280 defined as: 282 trapName NOTIFICATION-TYPE 283 OBJECTS { 284 ifIndex, 285 eventReason, 286 other useful objects 287 } 288 STATUS current 289 DESCRIPTION 290 "trap description" 291 ::= Object Id 293 Note that ifIndex is only included if the event or trap is interface 294 related. 296 The last digit of the trap OID for enterprise-specific traps must match 297 docsDevEvId. For SNMPv1-capable Network Management systems, this is 298 necessary to correlate the event type to the trap type. Many Network 299 Management systems are only capable of trap filtering on an enterprise 300 and single-last-digit basis. 302 3.2.3. Trap Throttling 304 The CM and CMTS MUST provide support for trap message throttling as 305 described below. The network operator can employ message rate 306 throttling or trap limiting by manipulating the appropriate MIB 307 variables. 309 3.2.3.1. Trap rate throttling 311 Network operators may employ either of two rate control methods. In the 312 first method, the device ceases to send traps when the rate exceeds the 313 specified maximum message rate. It resumes sending traps only if 314 reactivated by a network management station request. 316 In the second method, the device resumes sending traps when the rate 317 falls below the specified maximum message rate. 319 The network operator configures the specified maximum message rate by 320 setting the measurement interval (in seconds), and the maximum number of 321 traps to be transmitted within the measurement interval. The operator 322 can query the operational throttling state (to determine whether traps 323 are enabled or blocked by throttling) of the device, as well as query 324 and set the administrative throttling state (to manage the rate control 325 method) of the device. 327 3.2.3.2. Limiting the trap rate 329 Network operators may wish to limit the number of traps sent by a device 330 over a specified time period. The device ceases to send traps when the 331 number of traps exceeds the specified threshold. It resumes sending 332 traps only when the measurement interval has passed. 334 The network operator defines the maximum number of traps he is willing 335 to handle and sets the measurement interval to a large number (in 336 hundredths of a second). For this case, the administrative throttling 337 state is set to stop at threshold which is the maximum number of traps. 339 See "Techniques for Managing Asynchronously Generated Alerts" [17] for 340 further information. 342 3.3. Protocol Filters 344 The Cable Device MIB provides objects for both LLC and IP protocol 345 filters. The LLC protocol filter entries can be used to limit CM 346 forwarding to a restricted set of network-layer protocols (such as IP, 347 IPX, NetBIOS, and Appletalk). The IP protocol filter entries can be 348 used to restrict upstream or downstream traffic based on source and 349 destination IP addresses, transport-layer protocols (such as TCP, UDP, 350 and ICMP), and source and destination TCP/UDP port numbers. 352 4. Definitions 354 DOCS-CABLE-DEVICE-MIB DEFINITIONS ::= BEGIN 356 IMPORTS 357 MODULE-IDENTITY, 358 OBJECT-TYPE, 359 BITS, 360 IpAddress, 361 Unsigned32, 362 Counter32, 363 Integer32, 364 experimental 365 FROM SNMPv2-SMI 366 DisplayString, 367 RowStatus, 368 DateAndTime, 369 TruthValue 370 FROM SNMPv2-TC 371 OBJECT-GROUP, 372 MODULE-COMPLIANCE 373 FROM SNMPv2-CONF 374 InterfaceIndexOrZero 375 FROM IF-MIB; -- RFC2233 377 docsDev MODULE-IDENTITY 378 LAST-UPDATED "9810131545Z" -- Oct 13, 1998 379 ORGANIZATION "IETF IPCDN Working Group" 380 CONTACT-INFO 381 " Guenter Roeck 382 Postal: cisco Systems 383 170 West Tasman Drive 384 San Jose, CA 95134 385 U.S.A. 386 Phone: +1 408 527 3143 387 E-mail: groeck@cisco.com" 388 DESCRIPTION 389 "This is the MIB Module for MCNS-compliant cable modems and 390 cable-modem termination systems." 391 REVISION "9810131935Z" 392 DESCRIPTION 393 "Modified by Mike StJohns to add/revise filtering, TOS 394 support, software version information objects." 395 ::= { experimental 83 } 397 docsDevMIBObjects OBJECT IDENTIFIER ::= { docsDev 1 } 398 docsDevBase OBJECT IDENTIFIER ::= { docsDevMIBObjects 1 } 400 -- 401 -- For the following object, there is no concept in the 402 -- RFI specification corresponding to a backup CMTS. The 403 -- enumeration is provided here in case someone is able 404 -- to define such a role or device. 405 -- 407 docsDevRole OBJECT-TYPE 408 SYNTAX INTEGER { 409 cm(1), 410 cmtsActive(2), 411 cmtsBackup(3) 412 } 413 MAX-ACCESS read-only 414 STATUS current 415 DESCRIPTION 416 "Defines the current role of this device. cm (1) is 417 a Cable Modem, cmtsActive(2) is a Cable Modem Termination 418 System which is controlling the system of cable modems, 419 and cmtsBackup(3) is a CMTS which is currently connected, 420 but not controlling the system (not currently used)." 421 ::= { docsDevBase 1 } 423 docsDevDateTime OBJECT-TYPE 424 SYNTAX DateAndTime 425 MAX-ACCESS read-write 426 STATUS current 427 DESCRIPTION 428 "The date and time, with optional timezone 429 information." 430 ::= { docsDevBase 2 } 432 docsDevResetNow OBJECT-TYPE 433 SYNTAX TruthValue 434 MAX-ACCESS read-write 435 STATUS current 436 DESCRIPTION 437 "Setting this object to true(1) causes the device to reset. 438 Reading this object always returns false(2)." 439 ::= { docsDevBase 3 } 441 docsDevSerialNumber OBJECT-TYPE 442 SYNTAX DisplayString 443 MAX-ACCESS read-only 444 STATUS current 445 DESCRIPTION 446 "The manufacturer's serial number for this device." 447 ::= { docsDevBase 4 } 449 docsDevSTPControl OBJECT-TYPE 450 SYNTAX INTEGER { 451 stEnabled(1), 452 noStFilterBpdu(2), 453 noStPassBpdu(3) 454 } 455 MAX-ACCESS read-write 456 STATUS current 457 DESCRIPTION 458 "This object controls operation of the spanning tree 459 protocol (as distinguished from transparent bridging). 460 If set to stEnabled(1) then the spanning tree protocol 461 is enabled, subject to bridging constraints. If 462 noStFilterBpdu(2), then spanning tree is not active, 463 and Bridge PDUs received are discarded. 464 If noStPassBpdu(3) then spanning tree is not active 465 and Bridge PDUs are transparently forwarded. Note that 466 a device need not implement all of these options, 467 but that noStFilterBpdu(2) is required." 468 ::= { docsDevBase 5 } 470 -- 471 -- The following table provides one level of security for access 472 -- to the device by network management stations. 473 -- Note that access is also constrained by the 474 -- community strings and any vendor-specific security. 475 -- 477 docsDevNmAccessTable OBJECT-TYPE 478 SYNTAX SEQUENCE OF DocsDevNmAccessEntry 479 MAX-ACCESS not-accessible 480 STATUS current 481 DESCRIPTION 482 "This table controls access to SNMP objects by network 483 management stations. If the table is empty, access 484 to SNMP objects is unrestricted." 485 ::= { docsDevMIBObjects 2 } 487 docsDevNmAccessEntry OBJECT-TYPE 488 SYNTAX DocsDevNmAccessEntry 489 MAX-ACCESS not-accessible 490 STATUS current 491 DESCRIPTION 492 "An entry describing access to SNMP objects by a 493 particular network management station. An entry in 494 this table is not readable unless the management station 495 has read-write permission (either implicit if the table 496 is empty, or explicit through an entry in this table. 497 Entries are ordered by docsDevNmAccessIndex. The first 498 matching entry (e.g. matching IP address and community 499 string) is used to derive access." 500 INDEX { docsDevNmAccessIndex } 501 ::= { docsDevNmAccessTable 1 } 503 DocsDevNmAccessEntry ::= SEQUENCE { 504 docsDevNmAccessIndex Integer32, 505 docsDevNmAccessIp IpAddress, 506 docsDevNmAccessIpMask IpAddress, 507 docsDevNmAccessCommunity DisplayString, 508 docsDevNmAccessControl INTEGER, 509 docsDevNmAccessInterfaces OCTET STRING, 510 docsDevNmAccessStatus RowStatus 511 } 513 docsDevNmAccessIndex OBJECT-TYPE 514 SYNTAX Integer32 (1..2147483647) 515 MAX-ACCESS not-accessible 516 STATUS current 517 DESCRIPTION 518 "Index used to order the application of access 519 entries." 520 ::= { docsDevNmAccessEntry 1 } 522 docsDevNmAccessIp OBJECT-TYPE 523 SYNTAX IpAddress 524 MAX-ACCESS read-create 525 STATUS current 526 DESCRIPTION 527 "The IP address (or subnet) of the network management 528 station. The address 255.255.255.255 is defined to mean 529 any NMS. If traps are enabled for this entry, then the 530 value must be the address of a specific device." 531 DEFVAL { 'ffffffff'h } 532 ::= { docsDevNmAccessEntry 2 } 534 docsDevNmAccessIpMask OBJECT-TYPE 535 SYNTAX IpAddress 536 MAX-ACCESS read-create 537 STATUS current 538 DESCRIPTION 539 "The IP subnet mask of the network management stations. 540 If traps are enabled for this entry, then the value must 541 be 255.255.255.255." 542 DEFVAL { 'ffffffff'h } 543 ::= { docsDevNmAccessEntry 3 } 545 docsDevNmAccessCommunity OBJECT-TYPE 546 SYNTAX DisplayString 547 MAX-ACCESS read-create 548 STATUS current 549 DESCRIPTION 550 "The community string to be matched for access by this 551 entry. If set to a zero length string then any community string 552 will match. When read, this object SHOULD return a zero 553 length string." 554 DEFVAL { "public" } 555 ::= { docsDevNmAccessEntry 4 } 557 docsDevNmAccessControl OBJECT-TYPE 558 SYNTAX INTEGER { 559 none(1), 560 read(2), 561 readWrite(3), 562 roWithTraps(4), 563 rwWithTraps(5), 564 trapsOnly(6) 565 } 566 MAX-ACCESS read-create 567 STATUS current 568 DESCRIPTION 569 "Specifies the type of access allowed to this NMS. Setting 570 this object to none(1) causes the table entry to be 571 destroyed. Read(2) allows access by 'get' and 'get-next' 572 PDUs. ReadWrite(3) allows access by 'set' as well. 573 RoWithtraps(4), rwWithTraps(5), and trapsOnly(6) 574 control distribution of Trap PDUs transmitted by this 575 device." 576 DEFVAL { read } 577 ::= { docsDevNmAccessEntry 5 } 579 -- The syntax of the following object was copied from RFC1493, 580 -- dot1dStaticAllowedToGoTo. 582 docsDevNmAccessInterfaces OBJECT-TYPE 583 SYNTAX OCTET STRING 584 MAX-ACCESS read-create 585 STATUS current 586 DESCRIPTION 587 "Specifies the set of interfaces from which requests from 588 this NMS will be accepted. 589 Each octet within the value of this object specifies a set 590 of eight interfaces, with the first octet specifying ports 591 1 through 8, the second octet specifying interfaces 9 592 through 16, etc. Within each octet, the most significant 593 bit represents the lowest numbered interface, and the least 594 significant bit represents the highest numbered interface. 595 Thus, each interface is represented by a single bit within 596 the value of this object. If that bit has a value of '1' 597 then that interface is included in the set. 599 Note that entries in this table apply only to link-layer 600 interfaces (e.g., Ethernet and CATV MAC). Upstream and 601 downstream channel interfaces must not be specified." 602 -- DEFVAL is the bitmask corresponding to all interfaces 603 ::= { docsDevNmAccessEntry 6 } 605 docsDevNmAccessStatus OBJECT-TYPE 606 SYNTAX RowStatus 607 MAX-ACCESS read-create 608 STATUS current 609 DESCRIPTION 610 "Controls and reflects the status of rows in this 612 table. Rows in this table may be created by either the 613 create-and-go or create-and-wait paradigms. There is no 614 restriction on changing values in a row of this table while the 615 row is active." 616 ::= { docsDevNmAccessEntry 7 } 618 -- 619 -- Procedures for using the following group are described in section 620 -- 3.2.1 621 -- 623 docsDevSoftware OBJECT IDENTIFIER ::= { docsDevMIBObjects 3 } 625 docsDevSwServer OBJECT-TYPE 626 SYNTAX IpAddress 627 MAX-ACCESS read-write 628 STATUS current 629 DESCRIPTION 630 "The address of the TFTP server used for software upgrades. 631 If the TFTP server is unknown, return 0.0.0.0." 632 ::= { docsDevSoftware 1 } 634 docsDevSwFilename OBJECT-TYPE 635 SYNTAX DisplayString (SIZE (0..64)) 636 MAX-ACCESS read-write 637 STATUS current 638 DESCRIPTION 639 "The file name of the software image to be loaded into this 640 device. Unless set via SNMP, this is the file name 641 specified by the provisioning server that corresponds to 642 the software version that is desired for this device. 643 If unknown, the string '(unknown)' is returned." 644 ::= { docsDevSoftware 2 } 646 docsDevSwAdminStatus OBJECT-TYPE 647 SYNTAX INTEGER { 648 upgradeFromMgt(1), 649 allowProvisioningUpgrade(2), 650 ignoreProvisioningUpgrade(3) 651 } 652 MAX-ACCESS read-write 653 STATUS current 654 DESCRIPTION 655 "If set to upgradeFromMgt(1), the device will initiate a 656 TFTP software image download using docsDevSwFilename. 657 After successfully receiving an image, the device will 658 set its state to ignoreProvisioningUpgrade(3) and reboot. 659 If the download process is interrupted by a reset or 660 power failure, the device will load the previous image 661 and, after re-initialization, continue to attempt loading 662 the image specified in docsDevSwFilename. 664 If set to allowProvisioningUpgrade(2), the device will 665 use the software version information supplied by the 666 provisioning server when next rebooting (this does not 667 cause a reboot). 669 When set to ignoreProvisioningUpgrade(3), the device 670 will disregard software image upgrade information from the 671 provisioning server. 673 Note that reading this object can return upgradeFromMgt(1). 674 This indicates that a software download is currently in 675 progress, and that the device will reboot after 676 successfully receiving an image. 678 At initial startup, this object has the default value of 679 allowProvisioningUpgrade(2)." 680 ::= { docsDevSoftware 3 } 682 docsDevSwOperStatus OBJECT-TYPE 683 SYNTAX INTEGER { 684 inProgress(1), 685 completeFromProvisioning(2), 686 completeFromMgt(3), 687 failed(4), 688 other(5) 689 } 690 MAX-ACCESS read-only 691 STATUS current 692 DESCRIPTION 693 "InProgress(1) indicates that a TFTP download is underway, 694 either as a result of a version mismatch at provisioning 695 or as a result of a upgradeFromMgt request. 696 CompleteFromProvisioning(2) indicates that the last 697 software upgrade was a result of version mismatch at 698 provisioning. CompleteFromMgt(3) indicates that the last 699 software upgrade was a result of setting 700 docsDevSwAdminStatus to upgradeFromMgt. 701 Failed(4) indicates that the last attempted download 702 failed, ordinarily due to TFTP timeout." 703 REFERENCE 704 "DOCSIS Radio Frequency Interface Specification, Section 705 8.2, Downloading Cable Modem Operating Software." 706 ::= { docsDevSoftware 4 } 708 docsDevSwCurrentVers OBJECT-TYPE 709 SYNTAX DisplayString 710 MAX-ACCESS read-only 711 STATUS current 712 DESCRIPTION 713 "The software version currently operating in this device. 714 This object should be in the syntax used by the individual 715 vendor to identify software versions. Any CM MUST return a 716 string descriptive of the current software load. For a 717 CMTS, this object SHOULD contain either a human readable 718 representation of the vendor specific designation of the 719 software for the chassis, or of the software for the 720 control processor. If neither of these is applicable, 721 this MUST contain an empty string." 722 ::= { docsDevSoftware 5 } 724 -- 725 -- The following group describes server access and parameters used for 726 -- initial provisioning and bootstrapping. 727 -- 729 docsDevServer OBJECT IDENTIFIER ::= { docsDevMIBObjects 4 } 731 docsDevServerBootState OBJECT-TYPE 732 SYNTAX INTEGER { 733 operational(1), 734 disabled(2), 735 waitingForDhcpOffer(3), 736 waitingForDhcpResponse(4), 737 waitingForTimeServer(5), 738 waitingForTftp(6), 739 refusedByCmts(7), 740 forwardingDenied(8), 741 other(9), 742 unknown(10) 743 } 744 MAX-ACCESS read-only 745 STATUS current 746 DESCRIPTION 747 "If operational(1), the device has completed loading and 748 processing of configuration parameters and the CMTS has 749 completed the Registration exchange. 750 If disabled(2) then the device was administratively 751 disabled, possibly by being refused network access in the 752 configuration file. 753 If waitingForDhcpOffer(3) then a DHCP Discover has been 754 transmitted and no offer has yet been received. 755 If waitingForDhcpResponse(4) then a DHCP Request has been 756 transmitted and no response has yet been received. 757 If waitingForTimeServer(5) then a Time Request has been 758 transmitted and no response has yet been received. 759 If waitingForTftp(6) then a request to the TFTP parameter 760 server has been made and no response received. 761 If refusedByCmts(7) then the Registration Request/Response 762 exchange with the CMTS failed. 763 If forwardingDenied(8) then the registration process 764 completed, but the network access option in the received 765 configuration file prohibits forwarding. " 766 REFERENCE 767 "DOCSIS Radio Frequency Interface Specification, Figure 768 7-1, CM Initialization Overview." 769 ::= { docsDevServer 1 } 771 docsDevServerDhcp OBJECT-TYPE 772 SYNTAX IpAddress 773 MAX-ACCESS read-only 774 STATUS current 775 DESCRIPTION 776 "The IP address of the DHCP server that assigned an IP 777 address to this device. Returns 0.0.0.0 if DHCP was not 778 used for IP address assignment." 779 ::= { docsDevServer 2 } 781 docsDevServerTime OBJECT-TYPE 782 SYNTAX IpAddress 783 MAX-ACCESS read-only 784 STATUS current 785 DESCRIPTION 786 "The IP address of the Time server (RFC-868). Returns 787 0.0.0.0 if the time server IP address is unknown." 788 ::= { docsDevServer 3 } 790 docsDevServerTftp OBJECT-TYPE 791 SYNTAX IpAddress 792 MAX-ACCESS read-only 793 STATUS current 794 DESCRIPTION 795 "The IP address of the TFTP server responsible for 796 downloading provisioning and configuration parameters 797 to this device. Returns 0.0.0.0 if the TFTP server 798 address is unknown." 799 ::= { docsDevServer 4 } 801 docsDevServerConfigFile OBJECT-TYPE 802 SYNTAX DisplayString 803 MAX-ACCESS read-only 804 STATUS current 805 DESCRIPTION 806 "The name of the device configuration file read from the 807 TFTP server. Returns an empty string if the configuration 808 file name is unknown." 809 ::= { docsDevServer 5 } 811 -- 812 -- Event Reporting 813 -- 815 docsDevEvent OBJECT IDENTIFIER ::= { docsDevMIBObjects 5 } 817 docsDevEvControl OBJECT-TYPE 818 SYNTAX INTEGER { 819 resetLog(1), 820 useDefaultReporting(2) 821 } 822 MAX-ACCESS read-write 823 STATUS current 824 DESCRIPTION 825 "Setting this object to resetLog(1) empties the event log. 826 All data is deleted. Setting it to useDefaultReporting(2) 827 returns all event priorities to their factory-default 828 reporting. Reading this object always returns 829 useDefaultReporting(2)." 830 ::= { docsDevEvent 1 } 832 docsDevEvSyslog OBJECT-TYPE 833 SYNTAX IpAddress 834 MAX-ACCESS read-write 835 STATUS current 836 DESCRIPTION 837 "The IP address of the Syslog server. If 0.0.0.0, syslog 838 transmission is inhibited." 839 ::= { docsDevEvent 2 } 841 docsDevEvThrottleAdminStatus OBJECT-TYPE 842 SYNTAX INTEGER { 843 unconstrained(1), 844 maintainBelowThreshold(2), 845 stopAtThreshold(3), 846 inhibited(4) 847 } 848 MAX-ACCESS read-write 849 STATUS current 850 DESCRIPTION 851 "Controls the transmission of traps and syslog messages 852 with respect to the trap pacing threshold. 853 unconstrained(1) causes traps and syslog messages to be 854 transmitted without regard to the threshold settings. 855 maintainBelowThreshold(2) causes trap transmission and 856 syslog messages to be suppressed if the number of traps 857 would otherwise exceed the threshold. 858 stopAtThreshold(3) causes trap transmission to cease 859 at the threshold, and not resume until directed to do so. 860 inhibited(4) causes all trap transmission and syslog 861 messages to be suppressed. 863 A single event is always treated as a single event for 864 threshold counting. That is, an event causing both a trap 865 and a syslog message is still treated as a single event. 867 Writing to this object resets the thresholding state. 869 At initial startup, this object has a default value of 870 unconstrained(1)." 872 ::= { docsDevEvent 3 } 874 docsDevEvThrottleInhibited OBJECT-TYPE 875 SYNTAX TruthValue 876 MAX-ACCESS read-only 877 STATUS current 878 DESCRIPTION 879 "If true(1), trap and syslog transmission is currently 880 inhibited due to thresholds and/or the current setting of 881 docsDevEvThrottleAdminStatus." 882 ::= { docsDevEvent 4 } 884 docsDevEvThrottleThreshold OBJECT-TYPE 885 SYNTAX Unsigned32 886 MAX-ACCESS read-write 887 STATUS current 888 DESCRIPTION 889 "Number of trap/syslog events per docsDevEvThrottleInterval 890 to be transmitted before throttling. 892 A single event is always treated as a single event for 893 threshold counting. That is, an event causing both a trap 894 and a syslog message is still treated as a single event. 896 At initial startup, this object returns 0." 897 ::= { docsDevEvent 5 } 899 docsDevEvThrottleInterval OBJECT-TYPE 900 SYNTAX Integer32 (1..2147483647) 901 UNITS "seconds" 902 MAX-ACCESS read-write 903 STATUS current 904 DESCRIPTION 905 "The interval over which the trap threshold applies. 906 At initial startup, this object has a value of 1." 907 ::= { docsDevEvent 6 } 909 -- 910 -- The following table controls the reporting of the various classes of 911 -- events. For each event priority, 912 -- a combination of logging and reporting mechanisms may be chosen. The 913 -- mapping of event types 914 -- to priorities is vendor-dependent. Vendors may also choose to allow 915 -- the user to control that mapping 916 -- through proprietary means. 918 docsDevEvControlTable OBJECT-TYPE 919 SYNTAX SEQUENCE OF DocsDevEvControlEntry 920 MAX-ACCESS not-accessible 921 STATUS current 922 DESCRIPTION 923 "Allows control of the reporting of event classes." 925 ::= { docsDevEvent 7 } 927 docsDevEvControlEntry OBJECT-TYPE 928 SYNTAX DocsDevEvControlEntry 929 MAX-ACCESS not-accessible 930 STATUS current 931 DESCRIPTION 932 "Allows configuration of the reporting mechanisms for a 933 particular event priority." 934 INDEX { docsDevEvPriority } 935 ::= { docsDevEvControlTable 1 } 937 DocsDevEvControlEntry ::= SEQUENCE { 938 docsDevEvPriority INTEGER, 939 docsDevEvReporting BITS 940 } 942 docsDevEvPriority OBJECT-TYPE 943 SYNTAX INTEGER { 944 emergency(1), 945 alert(2), 946 critical(3), 947 error(4), 948 warning(5), 949 notice(6), 950 information(7), 951 debug(8) 952 } 953 MAX-ACCESS not-accessible 954 STATUS current 955 DESCRIPTION 956 "The priority level that is controlled by this 957 entry. These are ordered from most (emergency) to least (debug) 958 critical. Each event with a CM or CMTS has a particular 959 priority level associated with it (as defined by the 960 vendor). During normal operation no event more critical than 961 notice(6) should be generated. Events between warning and 962 emergency should be generated at appropriate levels of 963 problems (e.g. emergency when the box is about to 964 crash)." 965 ::= { docsDevEvControlEntry 1 } 967 docsDevEvReporting OBJECT-TYPE 968 SYNTAX BITS { 969 local(0), 970 traps(1), 971 syslog(2) 972 } 973 MAX-ACCESS read-write 974 STATUS current 975 DESCRIPTION 976 "Defines the action to be taken on occurrence of this 977 event class. Implementations may not necessarily support 978 all options for all event classes, but at minimum must 979 allow traps and syslogging to be disabled. If the 980 local(0) bit is set, then log to the internal log, if the 981 traps(1) bit is set, then generate a trap, if the 982 syslog(2) bit is set, then send a syslog message 983 (assuming the syslog address is set)." 984 ::= { docsDevEvControlEntry 2 } 986 docsDevEventTable OBJECT-TYPE 987 SYNTAX SEQUENCE OF DocsDevEventEntry 988 MAX-ACCESS not-accessible 989 STATUS current 990 DESCRIPTION 991 "Contains a log of network and device events that may be 992 of interest in fault isolation and troubleshooting." 993 ::= { docsDevEvent 8 } 995 docsDevEventEntry OBJECT-TYPE 996 SYNTAX DocsDevEventEntry 997 MAX-ACCESS not-accessible 998 STATUS current 999 DESCRIPTION 1000 "Describes a network or device event that may be of 1001 interest in fault isolation and troubleshooting. Multiple 1002 sequential identical events are represented by 1003 incrementing docsDevEvCounts and setting 1004 docsDevEvLastTime to the current time rather than creating 1005 multiple rows. 1006 Entries are created with the first occurrance of an event. 1007 docsDevEvControl can be used to clear the table. 1008 Individual events can not be deleted." 1009 INDEX { docsDevEvIndex } 1010 ::= { docsDevEventTable 1 } 1012 DocsDevEventEntry ::= SEQUENCE { 1013 docsDevEvIndex Integer32, 1014 docsDevEvFirstTime DateAndTime, 1015 docsDevEvLastTime DateAndTime, 1016 docsDevEvCounts Counter32, 1017 docsDevEvLevel INTEGER, 1018 docsDevEvId Unsigned32, 1019 docsDevEvText DisplayString 1020 } 1022 docsDevEvIndex OBJECT-TYPE 1023 SYNTAX Integer32 (1..2147483647) 1024 MAX-ACCESS not-accessible 1025 STATUS current 1026 DESCRIPTION 1027 "Provides relative ordering of the objects in the event 1028 log. This object will always increase except when 1029 (a) the log is reset via docsDevEvControl, 1030 (b) the device reboots and does not implement nonvolatile 1031 storage for this log, or (c) it reaches the value 2^31. 1032 The next entry for all the above cases is 1." 1033 ::= { docsDevEventEntry 1 } 1035 docsDevEvFirstTime OBJECT-TYPE 1036 SYNTAX DateAndTime 1037 MAX-ACCESS read-only 1038 STATUS current 1039 DESCRIPTION 1040 "The time that this entry was created." 1041 ::= { docsDevEventEntry 2 } 1043 docsDevEvLastTime OBJECT-TYPE 1044 SYNTAX DateAndTime 1045 MAX-ACCESS read-only 1046 STATUS current 1047 DESCRIPTION 1048 "If multiple events are reported via the same entry, the 1049 time that the last event for this entry occurred, 1050 otherwise this should have the same value as 1051 docsDevEvFirstTime. " 1052 ::= { docsDevEventEntry 3 } 1054 -- This object was renamed from docsDevEvCount to meet naming 1055 -- requirements for Counter32 1056 docsDevEvCounts OBJECT-TYPE 1057 SYNTAX Counter32 1058 MAX-ACCESS read-only 1059 STATUS current 1060 DESCRIPTION 1061 "The number of consecutive event instances reported by 1062 this entry. This starts at 1 with the creation of this 1063 row and increments by 1 for each subsequent duplicate event." 1064 ::= { docsDevEventEntry 4 } 1066 docsDevEvLevel OBJECT-TYPE 1067 SYNTAX INTEGER { 1068 emergency(1), 1069 alert(2), 1070 critical(3), 1071 error(4), 1072 warning(5), 1073 notice(6), 1074 information(7), 1075 debug(8) 1076 } 1077 MAX-ACCESS read-only 1078 STATUS current 1079 DESCRIPTION 1080 "The priority level of this event as defined by the 1081 vendor. These are ordered from most serious (emergency) 1082 to least serious (debug)." 1083 ::= { docsDevEventEntry 5 } 1085 -- 1086 -- Vendors will provide their own enumerations for the following. 1087 -- The interpretation of the enumeration is unambiguous for a 1088 -- particular value of the vendor's enterprise number in sysObjectID. 1089 -- 1091 docsDevEvId OBJECT-TYPE 1092 SYNTAX Unsigned32 1093 MAX-ACCESS read-only 1094 STATUS current 1095 DESCRIPTION 1096 "For this product, uniquely identifies the type of event 1097 that is reported by this entry." 1098 ::= { docsDevEventEntry 6 } 1100 docsDevEvText OBJECT-TYPE 1101 SYNTAX DisplayString 1102 MAX-ACCESS read-only 1103 STATUS current 1104 DESCRIPTION 1105 "Provides a human-readable description of the event, 1106 including all relevant context (interface numbers, 1107 etc.)." 1108 ::= { docsDevEventEntry 7 } 1110 docsDevFilter OBJECT IDENTIFIER ::= { docsDevMIBObjects 6 } 1112 -- LLC (Link Level Control) filters can be defined on an inclusive or 1113 -- exclusive basis: CMs can be configured to forward only packets 1114 -- matching a set of layer three protocols, or to drop packets 1115 -- matching a set of layer three protocols. Typical use of these 1116 -- filters is to filter out possibly harmful (given the context of a 1117 -- large metropolitan LAN) protocols. 1119 docsDevFilterLLCDefault OBJECT-TYPE 1120 SYNTAX INTEGER { 1121 discard(1), 1122 accept(2) 1123 } 1124 MAX-ACCESS read-write 1125 STATUS current 1126 DESCRIPTION 1127 "If set to discard(1), all packets not matching an LLC 1128 filter will be discarded. If set to accept(2), all 1129 packets not matching an LLC filter will be accepted for 1130 further processing (e.g., bridging). 1131 At initial system startup, this object returns accept(2)." 1133 ::= { docsDevFilter 1 } 1135 docsDevFilterLLCTable OBJECT-TYPE 1136 SYNTAX SEQUENCE OF DocsDevFilterLLCEntry 1137 MAX-ACCESS not-accessible 1138 STATUS current 1139 DESCRIPTION 1140 "A list of filters to apply to (bridged) LLC traffic, which 1141 forwards or drops packets on the basis of the layer two 1142 protocol type." 1143 ::= { docsDevFilter 2 } 1145 docsDevFilterLLCEntry OBJECT-TYPE 1146 SYNTAX DocsDevFilterLLCEntry 1147 MAX-ACCESS not-accessible 1148 STATUS current 1149 DESCRIPTION 1150 "Describes a single filter to apply to (bridged) LLC traffic 1151 received on a specified interface. " 1152 INDEX { docsDevFilterLLCIndex } 1153 ::= { docsDevFilterLLCTable 1 } 1155 DocsDevFilterLLCEntry ::= SEQUENCE { 1156 docsDevFilterLLCIndex Integer32, 1157 docsDevFilterLLCStatus RowStatus, 1158 docsDevFilterLLCIfIndex InterfaceIndexOrZero, 1159 docsDevFilterLLCProtocolType INTEGER, 1160 docsDevFilterLLCProtocol Integer32, 1161 docsDevFilterLLCMatches Counter32 1162 } 1164 docsDevFilterLLCIndex OBJECT-TYPE 1165 SYNTAX Integer32 (1..2147483647) 1166 MAX-ACCESS not-accessible 1167 STATUS current 1168 DESCRIPTION 1169 "Index used for the identification of filters (note that LLC 1170 filter order is irrelevant)." 1171 ::= { docsDevFilterLLCEntry 1 } 1173 docsDevFilterLLCStatus OBJECT-TYPE 1174 SYNTAX RowStatus 1175 MAX-ACCESS read-create 1176 STATUS current 1177 DESCRIPTION 1178 "Controls and reflects the status of rows in this 1179 table. There is no restriction on changing any of the 1180 associated columns for this row while this object is set 1181 to active." 1183 ::= { docsDevFilterLLCEntry 2} 1185 docsDevFilterLLCIfIndex OBJECT-TYPE 1186 SYNTAX InterfaceIndexOrZero 1187 MAX-ACCESS read-create 1188 STATUS current 1189 DESCRIPTION 1190 "The entry interface to which this filter applies. 1191 The value corresponds to ifIndex for either a CATV MAC 1192 or another network interface. If the value is zero, the 1193 filter applies to all interfaces. In Cable Modems, the 1194 default value is the customer side interface. In Cable 1195 Modem Termination Systems, this object has to be 1196 specified to create a row in this table." 1197 ::= { docsDevFilterLLCEntry 3 } 1199 docsDevFilterLLCProtocolType OBJECT-TYPE 1200 SYNTAX INTEGER { 1201 ethertype(1), 1202 dsap(2) 1203 } 1204 MAX-ACCESS read-create 1205 STATUS current 1206 DESCRIPTION 1207 "The format of the value in docsDevFilterLLCProtocol: 1208 either a two-byte Ethernet Ethertype, or a one-byte 1209 802.2 SAP value. EtherType(1) also applies to SNAP- 1210 encapsulated frames." 1211 DEFVAL { ethertype } 1212 ::= { docsDevFilterLLCEntry 4 } 1214 docsDevFilterLLCProtocol OBJECT-TYPE 1215 SYNTAX Integer32 (0..65535) 1216 MAX-ACCESS read-create 1217 STATUS current 1218 DESCRIPTION 1219 "The layer three protocol for which this filter applies. 1220 The protocol value format depends on 1221 docsDevFilterLLCProtocolType. Note that for SNAP frames, 1222 etherType filtering is performed rather than DSAP=0xAA." 1223 DEFVAL { 0 } 1224 ::= { docsDevFilterLLCEntry 5 } 1226 docsDevFilterLLCMatches OBJECT-TYPE 1227 SYNTAX Counter32 1228 MAX-ACCESS read-only 1229 STATUS current 1230 DESCRIPTION 1231 "Counts the number of times this filter was matched." 1232 ::= { docsDevFilterLLCEntry 6 } 1234 -- The default behavior for (bridged) packets that do not match IP 1235 -- filters is defined by 1236 -- docsDevFilterIpDefault. 1238 docsDevFilterIpDefault OBJECT-TYPE 1239 SYNTAX INTEGER { 1240 discard(1), 1241 accept(2) 1242 } 1243 MAX-ACCESS read-write 1244 STATUS current 1245 DESCRIPTION 1246 "If set to discard(1), all packets not matching an IP filter 1247 will be discarded. If set to accept(2), all packets not 1248 matching an IP filter will be accepted for further 1249 processing (e.g., bridging). 1250 At initial system startup, this object returns accept(2)." 1251 ::= { docsDevFilter 3 } 1253 docsDevFilterIpTable OBJECT-TYPE 1254 SYNTAX SEQUENCE OF DocsDevFilterIpEntry 1255 MAX-ACCESS not-accessible 1256 STATUS current 1257 DESCRIPTION 1258 "An ordered list of filters or classifiers to apply to 1259 IP traffic. Filter application is ordered by the filter 1260 index, rather than by a best match algorithm (Note that 1261 this implies that the filter table may have gaps in the 1262 index values). Packets which match no filters will have 1263 policy 0 in the docsDevPolicyTable applied to them if 1264 it exists. Otherwise, Packets which match no filters 1265 are discarded or forwarded according to the setting of 1266 docsDevFilterIpDefault." 1267 ::= { docsDevFilter 4 } 1269 docsDevFilterIpEntry OBJECT-TYPE 1270 SYNTAX DocsDevFilterIpEntry 1271 MAX-ACCESS not-accessible 1272 STATUS current 1273 DESCRIPTION 1274 "Describes a filter to apply to IP traffic received on a 1275 specified interface. Both source and destination addresses 1276 must match for the filter to apply. 1277 To create an entry in this table, docsDevFilterIpIfIndex 1278 must be specified." 1279 INDEX { docsDevFilterIpIndex } 1280 ::= { docsDevFilterIpTable 1 } 1282 DocsDevFilterIpEntry ::= SEQUENCE { 1283 docsDevFilterIpIndex Integer32, 1284 docsDevFilterIpStatus RowStatus, 1285 docsDevFilterIpControl INTEGER, 1286 docsDevFilterIpIfIndex InterfaceIndexOrZero, 1287 docsDevFilterIpDirection INTEGER, 1288 docsDevFilterIpBroadcast TruthValue, 1289 docsDevFilterIpSaddr IpAddress, 1290 docsDevFilterIpSmask IpAddress, 1291 docsDevFilterIpDaddr IpAddress, 1292 docsDevFilterIpDmask IpAddress, 1293 docsDevFilterIpProtocol INTEGER, 1294 docsDevFilterIpSourcePortLow Integer32, 1295 docsDevFilterIpSourcePortHigh Integer32, 1296 docsDevFilterIpDestPortLow Integer32, 1297 docsDevFilterIpDestPortHigh Integer32, 1298 docsDevFilterIpMatches Counter32, 1299 docsDevFilterIpTos OCTET STRING, 1300 docsDevFilterIpTosMask OCTET STRING, 1301 docsDevFilterIpContinue TruthValue, 1302 docsDevFilterIpPolicyId Integer32 1303 } 1305 docsDevFilterIpIndex OBJECT-TYPE 1306 SYNTAX Integer32 (1..2147483647) 1307 MAX-ACCESS not-accessible 1308 STATUS current 1309 DESCRIPTION 1310 "Index used to order the application of filters. 1311 The filter with the lowest index is always applied 1312 first." 1313 ::= { docsDevFilterIpEntry 1 } 1315 docsDevFilterIpStatus OBJECT-TYPE 1316 SYNTAX RowStatus 1317 MAX-ACCESS read-create 1318 STATUS current 1319 DESCRIPTION 1320 "Controls and reflects the status of rows in this 1321 table. Specifying only this object (with the appropriate 1322 index) on a CM is sufficient to create a filter row which 1323 matches all inbound packets on the ethernet interface, 1324 and results in the packets being 1325 discarded. docsDevFilterIpIfIndex (at least) must be 1326 specificed on a CMTS to create a row. Creation of the 1327 rows may be done via either create-and-wait or 1328 create-and-go, but the filter is not applied until this 1329 object is set to (or changes to) active. There is no 1330 restriction in changing any object in a row while this 1331 object is set to active." 1332 ::= { docsDevFilterIpEntry 2 } 1334 docsDevFilterIpControl OBJECT-TYPE 1335 SYNTAX INTEGER { 1336 discard(1), 1337 accept(2), 1338 policy(3) 1339 } 1340 MAX-ACCESS read-create 1341 STATUS current 1342 DESCRIPTION 1343 "If set to discard(1), all packets matching this filter 1344 will be discarded and scanning of the remainder of the 1345 filter list will be aborted. If set to accept(2), all 1346 packets matching this filter will be accepted for further 1347 processing (e.g., bridging). If docsDevFilterIpContinue 1348 is set to true, see if there are other matches, otherwise 1349 done. If set to policy (3), execute the policy entries 1350 matched by docsDevIpFilterPolicyId. 1351 If is docsDevFilterIpContinue set to true see if there 1352 are other matches, otherwise done." 1353 DEFVAL { discard } 1354 ::= { docsDevFilterIpEntry 3 } 1356 docsDevFilterIpIfIndex OBJECT-TYPE 1357 SYNTAX InterfaceIndexOrZero 1358 MAX-ACCESS read-create 1359 STATUS current 1360 DESCRIPTION 1361 "The entry interface to which this filter applies. The 1362 value corresponds to ifIndex for either a CATV MAC or 1363 another network interface. If the value is zero, the 1364 filter applies to all interfaces. Default value in Cable 1365 Modems is the index of the customer-side (e.g. ethernet) 1366 interface. In Cable Modem Termination Systems, this 1367 object MUST be specified to create a row in this table." 1368 ::= { docsDevFilterIpEntry 4 } 1370 docsDevFilterIpDirection OBJECT-TYPE 1371 SYNTAX INTEGER { 1372 inbound(1), 1373 outbound(2), 1374 both(3) 1375 } 1376 MAX-ACCESS read-create 1377 STATUS current 1378 DESCRIPTION 1379 "Determines whether the filter is applied to inbound(1) 1380 traffic, outbound(2) traffic, or traffic in both(3) 1381 directions." 1382 DEFVAL { inbound } 1383 ::= { docsDevFilterIpEntry 5 } 1385 docsDevFilterIpBroadcast OBJECT-TYPE 1386 SYNTAX TruthValue 1387 MAX-ACCESS read-create 1388 STATUS current 1389 DESCRIPTION 1390 "If set to true(1), the filter only applies to multicast 1391 and broadcast traffic. If set to false(2), the filter 1392 applies to all traffic." 1393 DEFVAL { false } 1394 ::= { docsDevFilterIpEntry 6 } 1396 docsDevFilterIpSaddr OBJECT-TYPE 1397 SYNTAX IpAddress 1398 MAX-ACCESS read-create 1399 STATUS current 1400 DESCRIPTION 1401 "The source IP address, or portion thereof, that is to be 1402 matched for this filter." 1403 DEFVAL { '00000000'h } 1404 ::= { docsDevFilterIpEntry 7 } 1406 docsDevFilterIpSmask OBJECT-TYPE 1407 SYNTAX IpAddress 1408 MAX-ACCESS read-create 1409 STATUS current 1410 DESCRIPTION 1411 "A bit mask that is to be applied to the source address 1412 prior to matching. This mask is not necessarily the same 1413 as a subnet mask, but 1's bits must be leftmost and 1414 contiguous." 1415 DEFVAL { '00000000'h } 1416 ::= { docsDevFilterIpEntry 8 } 1418 docsDevFilterIpDaddr OBJECT-TYPE 1419 SYNTAX IpAddress 1420 MAX-ACCESS read-create 1421 STATUS current 1422 DESCRIPTION 1423 "The destination IP address, or portion thereof, that is 1424 to be matched for this filter " 1425 DEFVAL { '00000000'h } 1426 ::= { docsDevFilterIpEntry 9 } 1428 docsDevFilterIpDmask OBJECT-TYPE 1429 SYNTAX IpAddress 1430 MAX-ACCESS read-create 1431 STATUS current 1432 DESCRIPTION 1433 "A bit mask that is to be applied to the destination 1434 address prior to matching. This mask is not necessarily 1435 the same as a subnet mask, but 1's bits must be leftmost 1436 and contiguous." 1437 DEFVAL { '00000000'h } 1438 ::= { docsDevFilterIpEntry 10 } 1440 docsDevFilterIpProtocol OBJECT-TYPE 1441 SYNTAX INTEGER { 1442 icmp(1), 1443 tcp(6), 1444 udp(17), 1445 any(256) 1447 } 1448 MAX-ACCESS read-create 1449 STATUS current 1450 DESCRIPTION 1451 "The IP protocol value that is to be matched." 1452 DEFVAL { any } 1453 ::= { docsDevFilterIpEntry 11 } 1455 docsDevFilterIpSourcePortLow OBJECT-TYPE 1456 SYNTAX Integer32 (0..65535) 1457 MAX-ACCESS read-create 1458 STATUS current 1459 DESCRIPTION 1460 "If docsDevFilterIpProtocol is udp or tcp, this is the 1461 inclusive lower bound of the transport-layer source port 1462 range that is to be matched." 1463 DEFVAL { 0 } 1464 ::= { docsDevFilterIpEntry 12 } 1466 docsDevFilterIpSourcePortHigh OBJECT-TYPE 1467 SYNTAX Integer32 (0..65535) 1468 MAX-ACCESS read-create 1469 STATUS current 1470 DESCRIPTION 1471 "If docsDevFilterIpProtocol is udp or tcp, this is the 1472 inclusive upper bound of the transport-layer source port 1473 range that is to be matched." 1474 DEFVAL { 65535 } 1475 ::= { docsDevFilterIpEntry 13 } 1477 docsDevFilterIpDestPortLow OBJECT-TYPE 1478 SYNTAX Integer32 (0..65535) 1479 MAX-ACCESS read-create 1480 STATUS current 1481 DESCRIPTION 1482 "If docsDevFilterIpProtocol is udp or tcp, this is the 1483 inclusive lower bound of the transport-layer destination 1484 port range that is to be matched." 1485 DEFVAL { 0 } 1486 ::= { docsDevFilterIpEntry 14 } 1488 docsDevFilterIpDestPortHigh OBJECT-TYPE 1489 SYNTAX Integer32 (0..65535) 1490 MAX-ACCESS read-create 1491 STATUS current 1492 DESCRIPTION 1493 "If docsDevFilterIpProtocol is udp or tcp, this is the 1494 inclusive upper bound of the transport-layer destination 1495 port range that is to be matched." 1496 DEFVAL { 65535 } 1497 ::= { docsDevFilterIpEntry 15 } 1499 docsDevFilterIpMatches OBJECT-TYPE 1500 SYNTAX Counter32 1501 MAX-ACCESS read-only 1502 STATUS current 1503 DESCRIPTION 1504 "Counts the number of times this filter was matched. 1505 This object is initialized to 0 at boot, or at row 1506 creation, and is reset only upon reboot." 1507 ::= { docsDevFilterIpEntry 16 } 1509 docsDevFilterIpTos OBJECT-TYPE 1510 SYNTAX OCTET STRING ( SIZE (1)) 1511 MAX-ACCESS read-create 1512 STATUS current 1513 DESCRIPTION 1514 "This is the value to be matched to the packet's 1515 TOS (Type of Service) value (after the TOS value 1516 is AND'd with docsDevFilterIpTosMask)." 1517 DEFVAL { '00'h } 1518 ::= { docsDevFilterIpEntry 17 } 1520 docsDevFilterIpTosMask OBJECT-TYPE 1521 SYNTAX OCTET STRING ( SIZE (1) ) 1522 MAX-ACCESS read-create 1523 STATUS current 1524 DESCRIPTION 1525 "The mask to be applied to the packet's TOS value before 1526 matching." 1527 DEFVAL { '00'h } 1528 ::= { docsDevFilterIpEntry 18 } 1530 docsDevFilterIpContinue OBJECT-TYPE 1531 SYNTAX TruthValue 1532 MAX-ACCESS read-create 1533 STATUS current 1534 DESCRIPTION 1535 "If this value is set to true, and docsDevFilterIpControl 1536 is anything but discard (1), continue scanning and 1537 applying policies." 1538 DEFVAL { false } 1539 ::= { docsDevFilterIpEntry 19 } 1541 docsDevFilterIpPolicyId OBJECT-TYPE 1542 SYNTAX Integer32 (0..2147483647) 1543 MAX-ACCESS read-create 1544 STATUS current 1545 DESCRIPTION 1546 "This object points to an entry in docsDevFilterPolicyTable. 1547 If docsDevFilterIpControl is set to policy (3), execute 1548 all matching policies in docsDevFilterPolicyTable. 1549 If no matching policy exists, treat as if 1550 docsDevFilterIpControl were set to accept (1). 1552 If this object is set to the value of 0, there is no 1553 matching policy, and docsDevFilterPolicyTable MUST NOT be 1554 consulted." 1555 DEFVAL { 0 } 1556 ::= { docsDevFilterIpEntry 20 } 1558 -- 1559 -- docsDevFilterPolicyTable exists to allow multiple policy actions 1560 -- to be applied to any given classified packet. The policy actions 1561 -- are applied in index order For example: 1562 -- 1563 -- Index ID Type Action 1564 -- 1 1 TOS 1 1565 -- 12 1 IPSEC 3 1566 -- 9 5 TOS 1 1568 -- This says that a packet which matches a filter with policy id 1, 1569 -- first has TOS policy 1 applied (which might set the TOS bits to 1570 -- enable a higher priority), and next has the IPSEC policy 3 applied 1571 -- (which may result in the packet being dumped into a secure VPN to a 1572 -- remote encryptor). 1573 -- 1575 docsDevFilterPolicyTable OBJECT-TYPE 1576 SYNTAX SEQUENCE OF DocsDevFilterPolicyEntry 1577 MAX-ACCESS not-accessible 1578 STATUS current 1579 DESCRIPTION 1580 "A Table which maps between a policy ID and a set of 1581 policies to be applied." 1582 ::= { docsDevFilter 5 } 1584 docsDevFilterPolicyEntry OBJECT-TYPE 1585 SYNTAX DocsDevFilterPolicyEntry 1586 MAX-ACCESS not-accessible 1587 STATUS current 1588 DESCRIPTION 1589 "An entry in the docsDevFilterPolicyTable. Entries are 1590 created by Network Management. To create an entry, 1591 docsDevFilterPolicyId and docsDevFilterPolicyAction 1592 must be specified." 1593 INDEX { docsDevFilterPolicyIndex } 1594 ::= { docsDevFilterPolicyTable 1 } 1596 DocsDevFilterPolicyEntry ::= SEQUENCE { 1597 docsDevFilterPolicyIndex Integer32, 1598 docsDevFilterPolicyId Integer32, 1599 docsDevFilterPolicyType INTEGER, 1600 docsDevFilterPolicyAction Integer32, 1601 docsDevFilterPolicyStatus RowStatus 1602 } 1604 docsDevFilterPolicyIndex OBJECT-TYPE 1605 SYNTAX Integer32 (1..2147483647) 1606 MAX-ACCESS not-accessible 1607 STATUS current 1608 DESCRIPTION "Index value for the table." 1609 ::= { docsDevFilterPolicyEntry 1 } 1611 docsDevFilterPolicyId OBJECT-TYPE 1612 SYNTAX Integer32 (0..2147483647) 1613 MAX-ACCESS read-create 1614 STATUS current 1615 DESCRIPTION 1616 "Policy ID for this entry. A policy ID can apply to 1617 multiple rows of this table, all relevant policies are 1618 executed. Policy 0 (if populated) is applied to all 1619 packets which do not match any of the filters. N.B. If 1620 docsDevFilterIpPolicyId is set to 0, it DOES NOT match 1621 policy 0 of this table. " 1622 ::= { docsDevFilterPolicyEntry 2 } 1624 docsDevFilterPolicyType OBJECT-TYPE 1625 SYNTAX INTEGER { 1626 other(1), 1627 tos (2) 1628 } 1629 MAX-ACCESS read-create 1630 STATUS current 1631 DESCRIPTION 1632 "The policy type to execute. For tos(1), look at the 1633 docsDevFilterTosTable table. 1634 This version of the Cable Device MIB only defines 1635 a policy type of tos(2). Other policy types will 1636 require further study. A policy type of other(1) 1637 indicates a vendor specific extension. An attempt to set 1638 this value to other(1) where a vendor extension does not 1639 exist will result on a returned error of badValue." 1640 DEFVAL { tos } 1641 ::= { docsDevFilterPolicyEntry 3 } 1643 docsDevFilterPolicyAction OBJECT-TYPE 1644 SYNTAX Integer32 (1..2147483647) 1645 MAX-ACCESS read-create 1646 STATUS current 1647 DESCRIPTION 1648 "Index into the table identified by 1649 docsDevFilterPolicyType. For a policy type of tos(2), 1650 this is an index into docsDevFilterTosTable. For a policy 1651 type of other(1), this is a pointer into a vendor 1652 specified table." 1653 ::= { docsDevFilterPolicyEntry 4 } 1655 docsDevFilterPolicyStatus OBJECT-TYPE 1656 SYNTAX RowStatus 1657 MAX-ACCESS read-create 1658 STATUS current 1659 DESCRIPTION 1660 "Object used to create an entry in this table." 1661 ::= { docsDevFilterPolicyEntry 5 } 1663 -- This table deserves a bit of explanation. If a packet makes it 1664 -- through the classifier and ends up in this table, do: 1665 -- Set the tosBits of the packet to 1666 -- (tosBits && docsDevFilterTosAndMask) || docsDevFilterTosOrMask 1667 -- 1668 -- This construct allows you to do a clear and set of all the bits in 1669 -- a flexible manner. 1671 docsDevFilterTosTable OBJECT-TYPE 1672 SYNTAX SEQUENCE OF DocsDevFilterTosEntry 1673 MAX-ACCESS not-accessible 1674 STATUS current 1675 DESCRIPTION 1676 "Table used to describe Type of Service (TOS) bits 1677 processing." 1678 ::= { docsDevFilter 6 } 1680 docsDevFilterTosEntry OBJECT-TYPE 1681 SYNTAX DocsDevFilterTosEntry 1682 MAX-ACCESS not-accessible 1683 STATUS current 1684 DESCRIPTION 1685 "A TOS policy entry." 1686 INDEX { docsDevFilterTosIndex } 1687 ::= { docsDevFilterTosTable 1 } 1689 DocsDevFilterTosEntry ::= SEQUENCE { 1690 docsDevFilterTosIndex Integer32, 1691 docsDevFilterTosStatus RowStatus, 1692 docsDevFilterTosAndMask OCTET STRING (SIZE (1)), 1693 docsDevFilterTosOrMask OCTET STRING (SIZE (1)) 1694 } 1696 docsDevFilterTosIndex OBJECT-TYPE 1697 SYNTAX Integer32 (1..2147483647) 1698 MAX-ACCESS not-accessible 1699 STATUS current 1700 DESCRIPTION 1701 "The unique index for this row. There are no ordering 1702 requirements for this table and any valid index may be 1703 specified." 1704 ::= { docsDevFilterTosEntry 1 } 1706 docsDevFilterTosStatus OBJECT-TYPE 1707 SYNTAX RowStatus 1708 MAX-ACCESS read-create 1709 STATUS current 1710 DESCRIPTION 1711 "The object used to create and delete entries in this 1712 table. A row created by specifying just this object 1713 results in a row which specifies no change to the TOS 1714 bits. A row may be created using either the create-and-go 1715 or create-and-wait paradigms. There is no restriction on 1716 the ability to change values in this row while the row is 1717 active." 1718 ::= { docsDevFilterTosEntry 2 } 1720 docsDevFilterTosAndMask OBJECT-TYPE 1721 SYNTAX OCTET STRING (SIZE (1)) 1722 MAX-ACCESS read-create 1723 STATUS current 1724 DESCRIPTION 1725 "This value is AND'd with the matched packet's TOS bits." 1726 DEFVAL { 'ff'h } 1727 ::= { docsDevFilterTosEntry 3 } 1729 docsDevFilterTosOrMask OBJECT-TYPE 1730 SYNTAX OCTET STRING (SIZE (1)) 1731 MAX-ACCESS read-create 1732 STATUS current 1733 DESCRIPTION 1734 "After AND'ing with the above bits, the packet's TOS bits 1735 are OR'd with these bits." 1736 DEFVAL { '00'h } 1737 ::= { docsDevFilterTosEntry 4 } 1739 -- 1740 -- CPE IP Management and anti spoofing group. Only implemented on 1741 -- Cable Modems. 1742 -- 1744 docsDevCpe OBJECT IDENTIFIER ::= { docsDevMIBObjects 7} 1746 docsDevCpeEnroll OBJECT-TYPE 1747 SYNTAX INTEGER { 1748 none(1), 1749 any(2) 1750 } 1751 MAX-ACCESS read-write 1752 STATUS current 1753 DESCRIPTION 1754 "This object controls the population of docsDevFilterCpeTable. 1755 If set to none, the filters must be set manually. 1756 If set to any, the CM wiretaps the packets originating 1757 from the ethernet and enrolls up to docsDevFilterMaxCpe 1758 addresses based on the source IP addresses of those 1759 packets. At initial system startup, default value for this 1760 object is any(2)." 1761 ::= { docsDevCpe 1 } 1763 docsDevCpeMax OBJECT-TYPE 1764 SYNTAX Integer32 (-1..2147483647) 1765 MAX-ACCESS read-write 1766 STATUS current 1767 DESCRIPTION 1768 "This object controls the maximum number of CPEs allowed to 1769 connect behind this device. If set to zero, any number of 1770 CPEs may connect up to the maximum permitted for the device. 1771 If set to -1, no filtering is done on CPE source addresses, 1772 and no entries are made in the docsDevFilterCpeTable. If an 1773 attempt is made to set this to a number greater than that 1774 permitted for the device, it is set to that maximum. 1775 At iniitial system startup, default value for this object 1776 is 1." 1777 ::= { docsDevCpe 2 } 1779 -- docsDevFilterDhcpGrace was deleted 1781 docsDevCpeTable OBJECT-TYPE 1782 SYNTAX SEQUENCE OF DocsDevCpeEntry 1783 MAX-ACCESS not-accessible 1784 STATUS current 1785 DESCRIPTION 1786 "This table list the IP addresses seen as source addresses 1787 in packets originating from the customer interface on 1788 this device. In addition, this table can be provisioned 1789 with the specific addresses permitted for the CPEs via 1790 the normal row creation mechanisms." 1791 ::= { docsDevCpe 3 } 1793 docsDevCpeEntry OBJECT-TYPE 1794 SYNTAX DocsDevCpeEntry 1795 MAX-ACCESS not-accessible 1796 STATUS current 1797 DESCRIPTION 1798 "An entry in the docsDevFilterCpeTable. There is one entry 1799 for each CPE seen or provisioned. If docsDevFilterMaxCpe 1800 is set to -1, this table is ignored, otherwise: Upon receipt 1801 of a packet from the customer interface of the CM, the 1802 source address is checked against this table. If the 1803 address is in the table, packet processing continues. 1804 If the address is not in the table, but docsDevCpeEnroll 1805 is set to any and the table size is less than 1806 docsDevFilterMaxCpe, the address is added to the table and 1807 packet processing continues. Otherwise, the packet is 1808 dropped." 1809 INDEX { docsDevCpeIp } 1810 ::= {docsDevCpeTable 1 } 1812 DocsDevCpeEntry ::= SEQUENCE { 1813 docsDevCpeIp IpAddress, 1814 docsDevCpeSource INTEGER, 1815 docsDevCpeStatus RowStatus 1816 } 1818 docsDevCpeIp OBJECT-TYPE 1819 SYNTAX IpAddress 1820 MAX-ACCESS not-accessible 1821 STATUS current 1822 DESCRIPTION 1823 "The IP address to which this entry applies." 1824 ::= { docsDevCpeEntry 1 } 1826 docsDevCpeSource OBJECT-TYPE 1827 SYNTAX INTEGER { 1828 other(1), 1829 manual(2), 1830 learned(3) 1831 } 1832 MAX-ACCESS read-only 1833 STATUS current 1834 DESCRIPTION 1835 "This object describes how this entry was created. If the 1836 value is manual(2), this row was created by a network 1837 management action (either configuration, or SNMP set). 1838 If set to learned(3), then it was found via 1839 looking at the source IP addresses." 1840 -- DEFVAL { set } 1841 ::= { docsDevCpeEntry 2 } 1843 -- docsDevFilterCpeExpires was deleted. 1845 docsDevCpeStatus OBJECT-TYPE 1846 SYNTAX RowStatus 1847 MAX-ACCESS read-create 1848 STATUS current 1849 DESCRIPTION 1850 "Standard object to manipulate rows. To create a row in this 1851 table, you only need to specify this object. Management 1852 stations SHOULD use the create-and-go mechanism for 1853 creating rows in this table." 1854 ::= { docsDevCpeEntry 3 } 1856 -- 1857 -- Placeholder for notifications/traps. 1858 -- 1859 docsDevNotification OBJECT IDENTIFIER ::= { docsDev 2 } 1861 -- 1862 -- Conformance definitions 1863 -- 1864 docsDevConformance OBJECT IDENTIFIER ::= { docsDev 3 } 1865 docsDevGroups OBJECT IDENTIFIER ::= { docsDevConformance 1 } 1866 docsDevCompliances OBJECT IDENTIFIER ::= { docsDevConformance 2 } 1868 docsDevBasicCompliance MODULE-COMPLIANCE 1869 STATUS current 1870 DESCRIPTION 1871 "The compliance statement for MCNS Cable Modems and 1872 Cable Modem Termination Systems." 1874 MODULE -- docsDev 1876 -- conditionally mandatory groups 1878 GROUP docsDevBaseGroup 1879 DESCRIPTION 1880 "Mandatory in Cable Modems, optional in Cable Modem 1881 Termination Systems." 1883 GROUP docsDevEventGroup 1884 DESCRIPTION 1885 "Mandatory in Cable Modems, optional in Cable Modem 1886 Termination Systems." 1888 GROUP docsDevFilterGroup 1889 DESCRIPTION 1890 "Mandatory in Cable Modems, optional in Cable Modem 1891 Termination Systems." 1893 GROUP docsDevNmAccessGroup 1894 DESCRIPTION 1895 "This group is Mandatory in Cable Modems and is optional 1896 in Cable Modem Termination Systems." 1898 GROUP docsDevServerGroup 1899 DESCRIPTION 1900 "This group is implemented only in Cable Modems and is 1901 not implemented in Cable Modem Termination Systems." 1903 GROUP docsDevSoftwareGroup 1904 DESCRIPTION 1905 "This group is Mandatory in Cable Modems and optional in 1906 Cable Modem Termination Systems." 1908 GROUP docsDevCpeGroup 1909 DESCRIPTION 1910 "This group is Mandatory in Cable Modems, and is 1911 not implemented in Cable Modem Termination Systems. A 1912 similar capability for CMTS devices may be proposed later 1913 after study." 1915 OBJECT docsDevSTPControl 1916 MIN-ACCESS read-only 1917 DESCRIPTION 1918 "It is compliant to implement this object as read-only. 1919 Devices need only support noStFilterBpdu(2)." 1921 OBJECT docsDevEvReporting 1922 MIN-ACCESS read-only 1923 DESCRIPTION 1924 "It is compliant to implement this object as read-only. 1925 Devices need only support local(0)." 1927 ::= { docsDevCompliances 1 } 1929 docsDevBaseGroup OBJECT-GROUP 1930 OBJECTS { 1931 docsDevRole, 1932 docsDevDateTime, 1933 docsDevResetNow, 1934 docsDevSerialNumber, 1935 docsDevSTPControl 1936 } 1937 STATUS current 1938 DESCRIPTION 1939 "A collection of objects providing device status and 1940 control." 1941 ::= { docsDevGroups 1 } 1943 docsDevNmAccessGroup OBJECT-GROUP 1944 OBJECTS { 1945 docsDevNmAccessIp, 1946 docsDevNmAccessIpMask, 1947 docsDevNmAccessCommunity, 1948 docsDevNmAccessControl, 1949 docsDevNmAccessInterfaces, 1950 docsDevNmAccessStatus 1951 } 1952 STATUS current 1953 DESCRIPTION 1954 "A collection of objects for controlling access to SNMP 1955 objects." 1956 ::= { docsDevGroups 2 } 1958 docsDevSoftwareGroup OBJECT-GROUP 1959 OBJECTS { 1960 docsDevSwServer, 1961 docsDevSwFilename, 1962 docsDevSwAdminStatus, 1963 docsDevSwOperStatus, 1964 docsDevSwCurrentVers 1965 } 1966 STATUS current 1967 DESCRIPTION 1968 "A collection of objects for controlling software 1969 downloads." 1970 ::= { docsDevGroups 3 } 1972 docsDevServerGroup OBJECT-GROUP 1973 OBJECTS { 1974 docsDevServerBootState, 1975 docsDevServerDhcp, 1976 docsDevServerTime, 1977 docsDevServerTftp, 1978 docsDevServerConfigFile 1979 } 1980 STATUS current 1981 DESCRIPTION 1982 "A collection of objects providing status about server 1983 provisioning." 1984 ::= { docsDevGroups 4 } 1986 docsDevEventGroup OBJECT-GROUP 1987 OBJECTS { 1988 docsDevEvControl, 1989 docsDevEvSyslog, 1990 docsDevEvThrottleAdminStatus, 1991 docsDevEvThrottleInhibited, 1992 docsDevEvThrottleThreshold, 1993 docsDevEvThrottleInterval, 1994 docsDevEvReporting, 1995 docsDevEvFirstTime, 1996 docsDevEvLastTime, 1997 docsDevEvCounts, 1998 docsDevEvLevel, 1999 docsDevEvId, 2000 docsDevEvText 2001 } 2002 STATUS current 2003 DESCRIPTION 2004 "A collection of objects used to control and monitor 2005 events." 2006 ::= { docsDevGroups 5 } 2008 docsDevFilterGroup OBJECT-GROUP 2009 OBJECTS { 2010 docsDevFilterLLCDefault, 2011 docsDevFilterIpDefault, 2012 docsDevFilterLLCStatus, 2013 docsDevFilterLLCIfIndex, 2014 docsDevFilterLLCProtocolType, 2015 docsDevFilterLLCProtocol, 2016 docsDevFilterLLCMatches, 2017 docsDevFilterIpControl, 2018 docsDevFilterIpIfIndex, 2019 docsDevFilterIpStatus, 2020 docsDevFilterIpDirection, 2021 docsDevFilterIpBroadcast, 2022 docsDevFilterIpSaddr, 2023 docsDevFilterIpSmask, 2024 docsDevFilterIpDaddr, 2025 docsDevFilterIpDmask, 2026 docsDevFilterIpProtocol, 2027 docsDevFilterIpSourcePortLow, 2028 docsDevFilterIpSourcePortHigh, 2029 docsDevFilterIpDestPortLow, 2030 docsDevFilterIpDestPortHigh, 2031 docsDevFilterIpMatches, 2032 docsDevFilterIpTos, 2033 docsDevFilterIpTosMask, 2034 docsDevFilterIpContinue, 2035 docsDevFilterIpPolicyId, 2036 docsDevFilterPolicyId, 2037 docsDevFilterPolicyType, 2038 docsDevFilterPolicyAction, 2039 docsDevFilterPolicyStatus, 2040 docsDevFilterTosStatus, 2041 docsDevFilterTosAndMask, 2042 docsDevFilterTosOrMask 2043 -- docsDevFilterCpeEnroll, 2044 -- docsDevFilterMaxCpe, 2045 -- docsDevFilterDhcpGrace, 2046 -- docsDevFilterCpeSource, 2047 -- docsDevFilterCpeExpires, 2048 -- docsDevFilterCpeStatus 2049 } 2050 STATUS current 2051 DESCRIPTION 2052 "A collection of objects to specify filters at link layer 2053 and IP layer." 2054 ::= { docsDevGroups 6 } 2056 docsDevCpeGroup OBJECT-GROUP 2057 OBJECTS { 2058 docsDevCpeEnroll, 2059 docsDevCpeMax, 2060 docsDevCpeSource, 2061 docsDevCpeStatus 2062 } 2063 STATUS current 2064 DESCRIPTION 2065 "A collection of objects used to control the number 2066 and specific values of IP addresses allowed for 2067 associated Customer Premises Equipment (CPE)." 2068 ::= { docsDevGroups 7 } 2070 END 2071 5. Acknowledgments 2073 This document was produced by the IPCDN Working Group. It is based on a 2074 document written by Pam Anderson from CableLabs, Wilson Sawyer from 2075 BayNetworks, and Rich Woundy from Continental Cablevision. 2077 Special thanks is also due to Azlina Palmer, who helped a lot reviewing 2078 the document. 2080 6. References 2082 [1] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for 2083 Describing SNMP Management Frameworks", RFC 2271, Cabletron 2084 Systems, Inc., BMC Software, Inc., IBM T. J. Watson Research, 2085 January 1998 2087 [2] Rose, M., and K. McCloghrie, "Structure and Identification of 2088 Management Information for TCP/IP-based Internets", RFC 1155, 2089 Performance Systems International, Hughes LAN Systems, May 1990 2091 [3] Rose, M., and K. McCloghrie, "Concise MIB Definitions", RFC 1212, 2092 Performance Systems International, Hughes LAN Systems, March 1991 2094 [4] M. Rose, "A Convention for Defining Traps for use with the SNMP", 2095 RFC 1215, Performance Systems International, March 1991 2097 [5] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Structure 2098 of Management Information for Version 2 of the Simple Network 2099 Management Protocol (SNMPv2)", RFC 1902, SNMP Research,Inc., Cisco 2100 Systems, Inc., Dover Beach Consulting, Inc., International Network 2101 Services, January 1996. 2103 [6] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Textual 2104 Conventions for Version 2 of the Simple Network Management Protocol 2105 (SNMPv2)", RFC 1903, SNMP Research, Inc., Cisco Systems, Inc., 2106 Dover Beach Consulting, Inc., International Network Services, 2107 January 1996. 2109 [7] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Conformance 2110 Statements for Version 2 of the Simple Network Management Protocol 2111 (SNMPv2)", RFC 1904, SNMP Research, Inc., Cisco Systems, Inc., 2112 Dover Beach Consulting, Inc., International Network Services, 2113 January 1996. 2115 [8] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network 2116 Management Protocol", RFC 1157, SNMP Research, Performance Systems 2117 International, Performance Systems International, MIT Laboratory 2118 for Computer Science, May 1990. 2120 [9] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, 2121 "Introduction to Community-based SNMPv2", RFC 1901, SNMP Research, 2122 Inc., Cisco Systems, Inc., Dover Beach Consulting, Inc., 2123 International Network Services, January 1996. 2125 [10] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport 2126 Mappings for Version 2 of the Simple Network Management Protocol 2127 (SNMPv2)", RFC 1906, SNMP Research, Inc., Cisco Systems, Inc., 2128 Dover Beach Consulting, Inc., International Network Services, 2129 January 1996. 2131 [11] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message 2132 Processing and Dispatching for the Simple Network Management 2133 Protocol (SNMP)", RFC 2272, SNMP Research, Inc., Cabletron Systems, 2134 Inc., BMC Software, Inc., IBM T. J. Watson Research, January 1998. 2136 [12] Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) for 2137 version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2138 2274, IBM T. J. Watson Research, January 1998. 2140 [13] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol 2141 Operations for Version 2 of the Simple Network Management Protocol 2142 (SNMPv2)", RFC 1905, SNMP Research, Inc., Cisco Systems, Inc., 2143 Dover Beach Consulting, Inc., International Network Services, 2144 January 1996. 2146 [14] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC 2147 2273, SNMP Research, Inc., Secure Computing Corporation, Cisco 2148 Systems, January 1998 2150 [15] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access 2151 Control Model (VACM) for the Simple Network Management Protocol 2152 (SNMP)", RFC 2275, IBM T. J. Watson Research, BMC Software, Inc., 2153 Cisco Systems, Inc., January 1998 2155 [16] " Data-Over-Cable Service Interface Specifications: Cable Modem 2156 Radio Frequency Interface Specification SP-RFI-I04-980724", DOCSIS, 2157 July 1998, http://www.cablemodem.com/public/pubtechspec/SP-RFI- 2158 I04-980724.pdf. 2160 [17] L. Steinberg, "Techniques for Managing Asynchronously Generated 2161 Alerts", RFC 1224, May 1991. 2163 [18] "Data-Over-Cable Service Interface Specifications: Operations 2164 Support System Interface Specification RF Interface SP-OSSI-RF- 2165 I02-980410", DOCSIS, April 1998, 2166 http://www.cablemodem.com/public/pubtechspec/ossi/sp-ossi.PDF. 2168 [19] Bradner, S., "Key words for use in RFCs to Indicate Requirement 2169 Levels", RFC2119, Harvard University, March 1997 2171 [20] "Data-Over-Cable Service Interface Specifications: Baseline Privacy 2172 Interface Specification SP-BPI-I01-970922", DOCSIS, September 1977, 2173 http://www.cablemodem.com/public/pubtechspec/ss/SP-BPI-I01- 2174 970922.pdf 2176 7. Security Considerations 2178 This MIB relates to a system which will provide metropolitan public 2179 internet access. As such, improper manipulation of the objects 2180 represented by this MIB may result in denial of service to a large 2181 number of end-users. In addition, manipulation of the 2182 docsDevNmAccessTable, docsDevFilterLLCTable, docsDevFilterIpTable and 2183 the elements of the docsDevCpe group may allow an end-user to increase 2184 their service levels, spoof their IP addresses, change the permitted 2185 management stations, or affect other end-users in either a positive or 2186 negative manner. 2188 The use of docsDevNmAccessTable to specify management stations is 2189 considered to be only limited protection and does not protect against 2190 attacks which spoof the management station's IP address. The use of 2191 stronger mechanisms such as SNMPv3 security should be considered where 2192 possible. 2194 This MIB does not affect confidentiality of services on a cable modem 2195 system. [20] specifies the implementation of the DOCSIS Baseline 2196 privacy mechanism. The working group expects to issue a MIB for the 2197 management of this mechanism at a later time. 2199 8. Intellectual Property 2201 The IETF takes no position regarding the validity or scope of any 2202 intellectual property or other rights that might be claimed to pertain 2203 to the implementation or use of the technology described in this 2204 document or the extent to which any license under such rights might or 2205 might not be available; neither does it represent that it has made any 2206 effort to identify any such rights. Information on the IETF's 2207 procedures with respect to rights in standards-track and standards- 2208 related documentation can be found in BCP-11. Copies of claims of 2209 rights made available for publication and any assurances of licenses to 2210 be made available, or the result of an attempt made to obtain a general 2211 license or permission for the use of such proprietary rights by 2212 implementors or users of this specification can be obtained from the 2213 IETF Secretariat. 2215 The IETF invites any interested party to bring to its attention any 2216 copyrights, patents or patent applications, or other proprietary rights 2217 which may cover technology that may be required to practice this 2218 standard. Please address the information to the IETF Executive 2219 Director. 2221 9. Copyright Section 2223 Copyright (C) The Internet Society 1998. All Rights Reserved. 2225 This document and translations of it may be copied and furnished to 2226 others, and derivative works that comment on or otherwise explain it or 2227 assist in its implmentation may be prepared, copied, published and 2228 distributed, in whole or in part, without restriction of any kind, 2229 provided that the above copyright notice and this paragraph are included 2230 on all such copies and derivative works. However, this document itself 2231 may not be modified in any way, such as by removing the copyright notice 2232 or references to the Internet Society or other Internet organizations, 2233 except as needed for the purpose of developing Internet standards in 2234 which case the procedures for copyrights defined in the Internet 2235 Standards process must be followed, or as required to translate it into 2236 languages other than English. 2238 The limited permissions granted above are perpetual and will not be 2239 revoked by the Internet Society or its successors or assigns. 2241 This document and the information contained herein is provided on an "AS 2242 IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK 2243 FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT 2244 LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT 2245 INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR 2246 FITNESS FOR A PARTICULAR PURPOSE. 2248 10. Author's Address 2250 Guenter Roeck 2251 cisco Systems 2252 170 West Tasman Drive 2253 San Jose, CA 95134 2254 U.S.A. 2256 Phone: +1 408 527 3143 2257 Email: groeck@cisco.com