idnits 2.17.1 draft-ietf-mobileip-rfc2006bis-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity. == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 3 longer pages, the longest (page 51) being 114 lines == It seems as if not all pages are separated by form feeds - found 0 form feeds but 86 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack an Authors' Addresses Section. ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 8 instances of too long lines in the document, the longest one being 47 characters in excess of 72. ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 3753: '...n implementation SHOULD allow access t...' Miscellaneous warnings: ---------------------------------------------------------------------------- == Line 341 has weird spacing: '...ierType value...' == Line 346 has weird spacing: '...fied by somet...' == Line 3805 has weird spacing: '...CM) for the ...' -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (September 2003) is 7526 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: '5' is defined on line 3789, but no explicit reference was found in the text == Unused Reference: '18' is defined on line 3836, but no explicit reference was found in the text == Unused Reference: '19' is defined on line 3839, but no explicit reference was found in the text == Unused Reference: '20' is defined on line 3841, but no explicit reference was found in the text == Unused Reference: '26' is defined on line 3861, but no explicit reference was found in the text == Unused Reference: '27' is defined on line 3864, but no explicit reference was found in the text == Unused Reference: '28' is defined on line 3867, but no explicit reference was found in the text == Unused Reference: '29' is defined on line 3870, but no explicit reference was found in the text == Unused Reference: '30' is defined on line 3873, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2571 (ref. '2') (Obsoleted by RFC 3411) ** Downref: Normative reference to an Historic RFC: RFC 1157 (ref. '6') ** Obsolete normative reference: RFC 1905 (ref. '7') (Obsoleted by RFC 3416) ** Obsolete normative reference: RFC 2574 (ref. '8') (Obsoleted by RFC 3414) ** Obsolete normative reference: RFC 2575 (ref. '9') (Obsoleted by RFC 3415) ** Obsolete normative reference: RFC 2570 (ref. '10') (Obsoleted by RFC 3410) ** Downref: Normative reference to an Informational RFC: RFC 1215 (ref. '13') ** Downref: Normative reference to an Historic RFC: RFC 1901 (ref. '14') ** Obsolete normative reference: RFC 1906 (ref. '15') (Obsoleted by RFC 3417) ** Obsolete normative reference: RFC 2572 (ref. '16') (Obsoleted by RFC 3412) ** Obsolete normative reference: RFC 2573 (ref. '17') (Obsoleted by RFC 3413) ** Obsolete normative reference: RFC 2002 (ref. '19') (Obsoleted by RFC 3220) ** Obsolete normative reference: RFC 3012 (ref. '22') (Obsoleted by RFC 4721) ** Downref: Normative reference to an Informational RFC: RFC 1701 (ref. '28') ** Obsolete normative reference: RFC 2851 (ref. '30') (Obsoleted by RFC 3291) Summary: 24 errors (**), 0 flaws (~~), 15 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Mobile IP Working Group R. Rathi 3 INTERNET DRAFT K. Leung 4 September 2003 6 The Definitions of Managed Objects for IP Mobility Support 7 using SMIv2, revised 8 draft-ietf-mobileip-rfc2006bis-03.txt 10 Status of this Memo 12 This document is an Internet Draft and is in full conformance with 13 all provisions of Section 10 of RFC2026. Internet Drafts are working 14 documents of the Internet Engineering Task Force (IETF), its areas, 15 and working groups. Note that other groups may also distribute 16 working documents as Internet Drafts. 18 Internet Drafts are draft documents valid for a maximum of six months 19 and may be updated, replaced, or obsoleted by other documents at any 20 time. It is inappropriate to use Internet Drafts as reference 21 material or to cite them other than as "work in progress." 23 The list of current Internet-Drafts can be accessed at 24 http://www.ietf.org/ietf/1id-abstracts.txt. 26 The list of Internet-Draft Shadow Directories can be accessed at 27 http://www.ietf.org/shadow.html. 29 Abstract 31 This memo defines the Management Information Base (MIB) for use with 32 network management protocols in TCP/IP-based internets. In 33 particular, it describes managed objects used for managing the Mobile 34 Node, Foreign Agent and Home Agent of the Mobile IP Protocol. 36 This memo is intended to update and possibly obsolete RFC 2006, 37 however, it is designed to be backward compatible. 39 Table of Contents 41 1. The Network Management Framework . . . . . . . . . . . . . . . . 2 42 2. Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 43 2.1. Object Definitions . . . . . . . . . . . . . . . . . . . . . . 3 44 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 45 3.1. Object Selection Criteria . . . . . . . . . . . . . . . . . . . 3 46 3.2. Structure of the Mobile IP . . . . . . . . . . . . . . . . . . 4 47 3.3. MIB Groups . . . . . . . . . . . . . . . . . . . . . . . . . . 4 48 3.4. Protocol Extensions . . . . . . . . . . . . . . . . . . . . . . 5 49 4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 50 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 76 51 6. Security Considerations . . . . . . . . . . . . . . . . . . . . . 77 52 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . . 78 53 A. Changes from RFC 2006 . . . . . . . . . . . . . . . . . . . . . . 80 54 B. Chair and Editor Addresses . . . . . . . . . . . . . . . . . . . 85 55 C. Full Copyright Statement . . . . . . . . . . . . . . . . . . . . 85 57 1. The SNMP Network Management Framework 59 The SNMP Management Framework presently consists of five major 60 components: 62 o An overall architecture, described in RFC 2571 [2]. 64 o Mechanisms for describing and naming objects and events for the 65 purpose of management. The first version of this Structure of 66 Management Information (SMI) is called SMIv1 and described in 67 STD 16, RFC 1155 [11], STD 16, RFC 1212 [12] and RFC 1215 [13]. 68 The second version, called SMIv2, is described in STD 58, RFC 69 2578 [1], STD 58, RFC 2579 [3] and STD 58, RFC 2580 [4]. 71 o Message protocols for transferring management information. The 72 first version of the SNMP message protocol is called SNMPv1 and 73 described in STD 15, RFC 1157 [6]. A second version of the SNMP 74 message protocol, which is not an Internet standards track pro- 75 tocol, is called SNMPv2c and described in RFC 1901 [14] and RFC 76 1906 [15]. The third version of the message protocol is called 77 SNMPv3 and described in RFC 1906 [15], RFC 2572 [16] and RFC 78 2574 [8]. 80 o Protocol operations for accessing management information. The 81 first set of protocol operations and associated PDU formats is 82 described in STD 15, RFC 1157 [6]. A second set of protocol 83 operations and associated PDU formats is described in RFC 1905 84 [7]. 86 o A set of fundamental applications described in RFC 2573 [17] and 87 the view-based access control mechanism described in RFC 2575 88 [9]. 90 A more detailed introduction to the current SNMP Management Framework 91 can be found in RFC 2570 [10]. 93 Managed objects are accessed via a virtual information store, termed 94 the Management Information Base or MIB. Objects in the MIB are 95 defined using the mechanisms defined in the SMI. 97 This memo specifies a MIB module that is compliant to the SMIv2. A 98 MIB conforming to the SMIv1 can be produced through the appropriate 99 translations. The resulting translated MIB must be semantically 100 equivalent, except where objects or events are omitted because no 101 translation is possible (use of Counter64). Some machine readable 102 information in SMIv2 will be converted into textual descriptions in 103 SMIv1 during the translation process. However, this loss of machine 104 readable information is not considered to change the semantics of the 105 MIB. 107 2. Objects 109 2.1. Object Definitions 111 Managed objects are accessed via a virtual information store, termed 112 the Management Information Base or MIB. Objects in the MIB are 113 defined using the subset of Abstract Syntax Notation One (ASN.1) 114 defined in the SMI. In particular, each object type is named by an 115 OBJECT IDENTIFIER, an administratively assigned name. The object 116 type together with an object instance serves to uniquely identify a 117 specific instantiation of the object. For human convenience, we 118 often use a textual string, termed the descriptor, to refer to the 119 object type. 121 3. Overview 123 3.1. Object Selection Criteria 125 To be consistent with IAB directives and good engineering practice, 126 the authors have applied some criteria to select managed objects for 127 the Mobile IP Protocol. 129 (1) Partition management functionality among the Mobile Node, Home 130 Agent, and Foreign Agent according to the partitioning seen in 131 the Mobile IP Protocol. 133 (2) Require that objects be essential for either fault or configura- 134 tion management. 136 (3) Limit the total number of objects. 138 (4) Exclude objects which are simply derivable from others in this 139 or other MIBs. 141 3.2. Structure of the Mobile IP 143 This section describes the basic model of Mobile IP used in develop- 144 ing the Mobile IP MIB. This information should be useful to the 145 implementor in understanding some of the basic design decisions of 146 the MIB. 148 The Mobile IP Protocol introduces these new functional entities: 150 Mobile Node 152 A host or router that changes its point of attachment from one 153 network or subnetwork to another. A mobile node may change its 154 location without losing connectivity and without changing its IP 155 address; it may continue to communicate with other Internet nodes 156 at any location using its (constant) IP address, assuming link- 157 layer connectivity to a point of attachment is available. 159 Home Agent 161 A router on a mobile node's home network which tunnels packets 162 for delivery to the mobile node when it is away from home, and 163 maintains current location information for the mobile node. 165 Foreign Agent 167 A router on a mobile node's visited network which provides rout- 168 ing services to the mobile node while registered. The foreign 169 agent detunnels and delivers packets to the mobile node that were 170 tunneled by the mobile node's home agent. For datagrams sent by a 171 mobile node, the foreign agent may serve as a default router for 172 registered mobile nodes. 174 This document specifies the objects used in managing these entities; 175 namely, the Mobile Node, the Home Agent, and the Foreign Agent. 177 3.3. MIB Groups 179 Objects in this MIB are arranged into groups. Each group is orga- 180 nized as a set of related objects. The overall structure and the 181 relationship between groups and the Mobile IP entities are shown 182 below: 184 Groups Mobile Node Foreign Agent Home Agent 185 mipSystemGroup X X X 186 mipSecAssociationGroup X X X 187 mipSecViolationGroup X X X 188 mnSystemGroup X 189 mnDiscoveryGroup X 190 mnRegistrationGroup X 191 maAdvertisementGroup X X 192 faSystemGroup X 193 faAdvertisementGroup X 194 faRegistrationGroup X 195 haRegistrationGroup X 196 haRegNodeCountersGroup X 198 3.4. Protocol Extensions 200 Apart from changes to base specification of Mobile IP [24], it has 201 been enhanced in number of ways through its ability for added capa- 202 bilities. Implementations of those capabilities have not been able 203 to have any management capabilities present in RFC 2006 compliant MIB 204 module agents, since the capabilities themselves postdated the adop- 205 tion of RFC 2006. For several significant capabilities, in the form 206 of NAI extension [21], Challenge/Response Extensions [22], Reverse 207 Tunneling [23], and Vendor/Organization-Specific Extensions [25], the 208 MIB Module defined in this document exposes object types to manage 209 those extended capabilities and their operation. 211 NAI extension requires a thorough redefinition of MIB table row 212 indices from the RFC 2006 state since it provides a one more way to 213 identify the mobile nodes apart from home address. The functional 214 differences between this memo and RFC 2006 are explained in Appendix 215 A. 217 MIP-MIB DEFINITIONS ::= BEGIN 219 IMPORTS 220 Counter32, Gauge32, Integer32, IpAddress, Unsigned32, 221 MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, mib-2 222 FROM SNMPv2-SMI 223 RowStatus, TruthValue, TimeStamp, 224 TEXTUAL-CONVENTION 225 FROM SNMPv2-TC 226 MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP 227 FROM SNMPv2-CONF; 229 mipMIB MODULE-IDENTITY 230 LAST-UPDATED "200309250000Z" 231 ORGANIZATION "IETF Mobile IP Working Group" 232 CONTACT-INFO 233 " Kent Leung 234 Postal: Cisco Systems 235 170 West Tasman Drive 236 San Jose, CA 95134 237 USA 238 Phone: +1 408-526-5030 239 Email: kleung@cisco.com" 240 DESCRIPTION 241 "The MIB Module for the Mobile IP." 242 REVISION "200309250000Z" 243 DESCRIPTION 244 "Updated for latest changes to Mobile IP." 245 REVISION "199606040000Z" 246 DESCRIPTION 247 "Initial revision, published as part of RFC 2006." 248 ::= { mib-2 44 } 250 mipMIBObjects OBJECT IDENTIFIER ::= { mipMIB 1 } 252 -- Groups under mipMIBObjects 254 mipSystem OBJECT IDENTIFIER ::= { mipMIBObjects 1 } 255 mipSecurity OBJECT IDENTIFIER ::= { mipMIBObjects 2 } 256 mipMN OBJECT IDENTIFIER ::= { mipMIBObjects 3 } 257 mipMA OBJECT IDENTIFIER ::= { mipMIBObjects 4 } 258 mipFA OBJECT IDENTIFIER ::= { mipMIBObjects 5 } 259 mipHA OBJECT IDENTIFIER ::= { mipMIBObjects 6 } 261 mnSystem OBJECT IDENTIFIER ::= { mipMN 1 } 262 mnDiscovery OBJECT IDENTIFIER ::= { mipMN 2 } 263 mnRegistration OBJECT IDENTIFIER ::= { mipMN 3 } 265 maAdvertisement OBJECT IDENTIFIER ::= { mipMA 2 } 267 faSystem OBJECT IDENTIFIER ::= { mipFA 1 } 268 faAdvertisement OBJECT IDENTIFIER ::= { mipFA 2 } 269 faRegistration OBJECT IDENTIFIER ::= { mipFA 3 } 271 haRegistration OBJECT IDENTIFIER ::= { mipHA 3 } 273 -- All deprecated definitions are put towards the end of the MIB. 275 -- Textual convention 276 RegistrationFlags ::= TEXTUAL-CONVENTION 277 STATUS current 278 DESCRIPTION 279 "This data type is used to define the registration 280 flags for Mobile IP registration extension: 281 reserved1 282 -- Reserved 283 reverseTunnel 284 -- Request to support reverse tunneling 285 reserved2 286 -- Reserved 287 gre 288 -- Request to use GRE 289 minEnc 290 -- Request to use minimal encapsulation 291 decapsulationByMN 292 -- Decapsulation by mobile node 293 broadcastDatagram 294 -- Request to receive broadcasts 295 simultaneousBindings 296 -- Request to retain prior binding(s) 297 reverseTunnel 298 -- Request to support reverse tunneling." 299 SYNTAX BITS { 300 reserved1(1), 301 reverseTunnel(2), 302 reserved2(3), 303 gre(4), 304 minEnc(5), 305 decapsulationbyMN(6), 306 broadcastDatagram(7), 307 simultaneousBindings(8) 308 } 310 MipEntityIdentifierType ::= TEXTUAL-CONVENTION 311 STATUS current 312 DESCRIPTION 313 "A value that represents a type of Mobile IP entity 314 identifier. 315 other(1) Indicates identifier which 316 is not in one of the formats defined 317 below. 319 ipaddress(2) IP address as defined by InetAddressIPv4 320 textual convention in INET-ADDRESS-MIB. 322 nai(3) A network access identifier as defined by 323 the MipEntityIdentifierNAI textual 324 convention." 326 REFERENCE 327 "RFC2851 - Textual Conventions for Internet Network 328 Addresses" 329 SYNTAX INTEGER { 330 other(1), 331 ipaddress(2), 332 nai(3) 333 } 335 MipEntityIdentifier ::= TEXTUAL-CONVENTION 336 STATUS current 337 DESCRIPTION 338 "Represents the generic identifier for Mobile IP 339 entities. A MipEntityIdentifier value is always 340 interpreted within the context of a 341 MipEntityIdentifierType value. 342 Foreign agents and Home agents are 343 identified by the IP addresses. Mobile nodes can be 344 identified in more than one way e.g. IP addresses, 345 network access identifiers (NAI). If mobile node is 346 identified by something other than IP address say by 347 NAI and it gets IP address dynamically from the home 348 agent then value of object of this type should be same 349 as NAI. This is because IP address is not tied with 350 mobile node and it can change across registrations over 351 period of time. Note that the first 64 octets are used 352 as index element." 353 SYNTAX OCTET STRING (SIZE (1..64)) 355 MipEntityIdentifierNAI ::= TEXTUAL-CONVENTION 356 STATUS current 357 DESCRIPTION 358 "Represents a Network Access Identifier (NAI). Mobile 359 nodes may use NAI to authenticate themselves to the 360 foreign agent and home agent and to get the home 361 address dynamically from the home agent." 362 REFERENCE 363 "RFC2794 - Mobile IP Network Access Identifier 364 Extension for IPv4" 365 SYNTAX OCTET STRING (SIZE (1..255)) 367 MipDeliveryStyle ::= TEXTUAL-CONVENTION 368 STATUS current 369 DESCRIPTION 370 "This data type is used to indicate the delivery 371 style requested by the mobile node in its registration 372 request." 373 REFERENCE 374 "RFC3024 - Reverse Tunneling for Mobile IP" 375 SYNTAX INTEGER { direct(1), encapsulating(2) } 377 -- mipSystem Group 379 mipEntities OBJECT-TYPE 380 SYNTAX BITS { 381 mobileNode(0), 382 foreignAgent(1), 383 homeAgent(2) 384 } 385 MAX-ACCESS read-only 386 STATUS current 387 DESCRIPTION 388 "This object describes which Mobile IP entities are 389 supported by this managed entity. The entity may 390 support more than one Mobile IP entities. For example, 391 the entity supports both Foreign Agent (FA) and Home 392 Agent (HA). Therefore, bit 1 and bit 2 are set to 1 393 for this object." 394 ::= { mipSystem 1 } 396 mipEnable OBJECT-TYPE 397 SYNTAX INTEGER { enabled(1), disabled(2) } 398 MAX-ACCESS read-write 399 STATUS current 400 DESCRIPTION 401 "Indicates whether the Mobile IP protocol should be 402 enabled for the managed entity. If it is disabled, the 403 entity should disable both agent discovery and 404 registration functions." 405 ::= { mipSystem 2 } 407 mipEncapsulationSupported OBJECT-TYPE 408 SYNTAX BITS { 409 ipInIp(0), 410 gre(1), 411 minEnc(2), 412 other(3) 413 } 414 MAX-ACCESS read-only 415 STATUS current 416 DESCRIPTION 417 "Encapsulation methods supported by the Mobile IP 418 entity. The entity may support multiple encapsulation 419 methods or none of them: 420 ipInIp(0), -- IP Encapsulation within IP 421 gre(1), -- Generic Routing Encapsulation, 422 -- refers to RFC1701 423 minEnc(2), -- Minimal Encapsulation within IP." 424 ::= { mipSystem 3 } 426 -- mipSecurity Group 428 -- Mobile IP security violation total counter 430 mipSecTotalViolations OBJECT-TYPE 431 SYNTAX Counter32 432 MAX-ACCESS read-only 433 STATUS current 434 DESCRIPTION 435 "Total number of security violations in the entity." 436 ::= { mipSecurity 2 } 438 mipSecurityAssocsCount OBJECT-TYPE 439 SYNTAX Gauge32 440 MAX-ACCESS read-only 441 STATUS current 442 DESCRIPTION 443 "Total number of mobility security associations 444 known to the entity i.e. the number of entries in 445 the mipSecurityAssocTable." 446 ::= { mipSecurity 4 } 448 -- Mobile IP security association table 450 mipSecurityAssocTable OBJECT-TYPE 451 SYNTAX SEQUENCE OF MipSecurityAssocEntry 452 MAX-ACCESS not-accessible 453 STATUS current 454 DESCRIPTION 455 "A table containing Mobility Security Associations." 456 ::= { mipSecurity 5 } 458 mipSecurityAssocEntry OBJECT-TYPE 459 SYNTAX MipSecurityAssocEntry 460 MAX-ACCESS not-accessible 461 STATUS current 462 DESCRIPTION 463 "One particular Mobility Security Association." 464 INDEX { mipSecurityPeerIdType, mipSecurityPeerId, 465 mipSecuritySPI } 466 ::= { mipSecurityAssocTable 1 } 468 MipSecurityAssocEntry ::= 469 SEQUENCE { 470 mipSecurityPeerIdType MipEntityIdentifierType, 471 mipSecurityPeerId MipEntityIdentifier, 472 mipSecuritySPI Unsigned32, 473 mipSecurityAlgorithmType INTEGER, 474 mipSecurityAlgorithmMode INTEGER, 475 mipSecurityKey OCTET STRING, 476 mipSecurityReplayMethod INTEGER, 477 mipSecurityReplayTime Unsigned32, 478 mipSecurityStatus RowStatus 479 } 481 mipSecurityPeerIdType OBJECT-TYPE 482 SYNTAX MipEntityIdentifierType 483 MAX-ACCESS not-accessible 484 STATUS current 485 DESCRIPTION 486 "The type of the peer entity's identifier." 487 ::= { mipSecurityAssocEntry 1 } 489 mipSecurityPeerId OBJECT-TYPE 490 SYNTAX MipEntityIdentifier 491 MAX-ACCESS not-accessible 492 STATUS current 493 DESCRIPTION 494 "The identifier of the peer entity with which this 495 node shares the mobility security association." 496 ::= { mipSecurityAssocEntry 2 } 498 mipSecuritySPI OBJECT-TYPE 499 SYNTAX Unsigned32 (0..4294967295) 500 MAX-ACCESS not-accessible 501 STATUS current 502 DESCRIPTION 503 "The SPI is the 4-byte opaque index within the 504 Mobility Security Association which selects the 505 specific security parameters to be used to 506 authenticate the peer, i.e. the rest of the variables 507 in this mipSecurityAssocEntry." 508 ::= { mipSecurityAssocEntry 3 } 510 mipSecurityAlgorithmType OBJECT-TYPE 511 SYNTAX INTEGER { 512 other(1), 513 md5(2) 514 } 515 MAX-ACCESS read-create 516 STATUS current 517 DESCRIPTION 518 "Type of security algorithm." 519 DEFVAL { md5 } 520 ::= { mipSecurityAssocEntry 4 } 522 mipSecurityAlgorithmMode OBJECT-TYPE 523 SYNTAX INTEGER { 524 other(1), 525 prefixSuffix(2), 526 hmac(3) 527 } 528 MAX-ACCESS read-create 529 STATUS current 530 DESCRIPTION 531 "Security mode used by this algorithm." 532 DEFVAL { hmac } 533 ::= { mipSecurityAssocEntry 5 } 535 mipSecurityKey OBJECT-TYPE 536 SYNTAX OCTET STRING (SIZE(16)) 537 MAX-ACCESS read-create 538 STATUS current 539 DESCRIPTION 540 "The shared secret key for the security 541 associations. Reading this object will always return 542 zero length value." 543 ::= { mipSecurityAssocEntry 6 } 545 mipSecurityReplayMethod OBJECT-TYPE 546 SYNTAX INTEGER { 547 other(1), 548 timestamps(2), 549 nonces(3) 550 } 551 MAX-ACCESS read-create 552 STATUS current 553 DESCRIPTION 554 "The replay-protection method supported for this SPI 555 within this Mobility Security Association." 556 DEFVAL { timestamps } 557 ::= { mipSecurityAssocEntry 7 } 559 mipSecurityReplayTime OBJECT-TYPE 560 SYNTAX Unsigned32 (3..255) 561 UNITS "seconds" 562 MAX-ACCESS read-create 563 STATUS current 564 DESCRIPTION 565 "The replay-protection time difference that is 566 acceptable for this Mobility Security Association when 567 MipSecurityReplayMethod is set to timestamps." 568 DEFVAL { 7 } 569 ::= { mipSecurityAssocEntry 8 } 571 mipSecurityStatus OBJECT-TYPE 572 SYNTAX RowStatus 573 MAX-ACCESS read-create 574 STATUS current 575 DESCRIPTION 576 "The row status for this table." 577 ::= { mipSecurityAssocEntry 9 } 579 -- Mobile IP security violation table 581 mipSecurityViolationTable OBJECT-TYPE 582 SYNTAX SEQUENCE OF MipSecurityViolationEntry 583 MAX-ACCESS not-accessible 584 STATUS current 585 DESCRIPTION 586 "A table containing information about security 587 violations." 588 ::= { mipSecurity 6 } 590 mipSecurityViolationEntry OBJECT-TYPE 591 SYNTAX MipSecurityViolationEntry 592 MAX-ACCESS not-accessible 593 STATUS current 594 DESCRIPTION 595 "Information about one particular security violation." 596 INDEX { mipSecurityViolatorIdType, mipSecurityViolatorId } 597 ::= { mipSecurityViolationTable 1 } 599 MipSecurityViolationEntry ::= 600 SEQUENCE { 601 mipSecurityViolatorIdType MipEntityIdentifierType, 602 mipSecurityViolatorId MipEntityIdentifier, 603 mipSecurityViolationCounter Counter32, 604 mipSecurityRecentViolationSPI Unsigned32, 605 mipSecurityRecentViolationTime TimeStamp, 606 mipSecurityRecentViolationIDLow Unsigned32, 607 mipSecurityRecentViolationIDHigh Unsigned32, 608 mipSecurityRecentViolationReason INTEGER 609 } 611 mipSecurityViolatorIdType OBJECT-TYPE 612 SYNTAX MipEntityIdentifierType 613 MAX-ACCESS not-accessible 614 STATUS current 615 DESCRIPTION 616 "The type of Violator's identifier." 617 ::= { mipSecurityViolationEntry 1 } 619 mipSecurityViolatorId OBJECT-TYPE 620 SYNTAX MipEntityIdentifier 621 MAX-ACCESS not-accessible 622 STATUS current 623 DESCRIPTION 624 "Violator's identifier. The violator is not necessary 625 in the mipSecurityAssocTable." 626 ::= { mipSecurityViolationEntry 2 } 628 mipSecurityViolationCounter OBJECT-TYPE 629 SYNTAX Counter32 630 MAX-ACCESS read-only 631 STATUS current 632 DESCRIPTION 633 "Total number of security violations for this peer." 634 ::= { mipSecurityViolationEntry 3 } 636 mipSecurityRecentViolationSPI OBJECT-TYPE 637 SYNTAX Unsigned32 638 MAX-ACCESS read-only 639 STATUS current 640 DESCRIPTION 641 "SPI of the most recent security violation for this 642 peer. If the security violation is due to an 643 identification mismatch, then this is the SPI from the 644 Mobile-Home Authentication Extension. If the security 645 violation is due to an invalid authenticator, then 646 this is the SPI from the offending authentication 647 extension. In all other cases, it should be set to 648 zero." 649 ::= { mipSecurityViolationEntry 4 } 651 mipSecurityRecentViolationTime OBJECT-TYPE 652 SYNTAX TimeStamp 653 MAX-ACCESS read-only 654 STATUS current 655 DESCRIPTION 656 "Time of the most recent security violation for this 657 peer." 658 ::= { mipSecurityViolationEntry 5 } 660 mipSecurityRecentViolationIDLow OBJECT-TYPE 661 SYNTAX Unsigned32 (0..4294967295) 662 MAX-ACCESS read-only 663 STATUS current 664 DESCRIPTION 665 "Low-order 32 bits of identification used in request or 666 reply of the most recent security violation for this 667 peer." 668 ::= { mipSecurityViolationEntry 6 } 670 mipSecurityRecentViolationIDHigh OBJECT-TYPE 671 SYNTAX Unsigned32 (0..4294967295) 672 MAX-ACCESS read-only 673 STATUS current 674 DESCRIPTION 675 "High-order 32 bits of identification used in request 676 or reply of the most recent security violation for 677 this peer." 678 ::= { mipSecurityViolationEntry 7 } 680 mipSecurityRecentViolationReason OBJECT-TYPE 681 SYNTAX INTEGER { 682 noMobilitySecurityAssociation(1), 683 badAuthenticator(2), 684 badIdentifier(3), 685 badSPI(4), 686 missingSecurityExtension(5), 687 other(6) 688 } 689 MAX-ACCESS read-only 690 STATUS current 691 DESCRIPTION 692 "Reason for the most recent security violation for 693 this peer." 694 ::= { mipSecurityViolationEntry 8 } 696 -- mipMN Group 697 -- mipSystem Group 699 mnState OBJECT-TYPE 700 SYNTAX INTEGER { 701 home(1), 702 registered(2), 703 pending(3), 704 isolated(4), 705 unknown(5) 706 } 707 MAX-ACCESS read-only 708 STATUS current 709 DESCRIPTION 710 "Indicates mobile node's state of Mobile IP: 711 home, 712 -- MN is connected to home network. 713 registered, 714 -- MN has registered on foreign network 715 pending, 716 -- MN has sent registration request and is 717 waiting for the reply 718 isolated, 719 -- MN is isolated from network 720 unknown 721 -- MN can not determine its state." 722 ::= { mnSystem 1 } 724 mnHomeAddress OBJECT-TYPE 725 SYNTAX IpAddress 726 MAX-ACCESS read-only 727 STATUS current 728 DESCRIPTION 729 "An IP address that is assigned for an extended period 730 of time to the mobile node. It remains unchanged 731 regardless of the mobile node's current point of 732 attachment. If mobile node doesn't have home address 733 assigned yet then this object will take the default 734 value." 735 DEFVAL { '00000000'H } 736 ::= { mnSystem 2 } 738 -- Mobile node's home agent list 740 mnHATable OBJECT-TYPE 741 SYNTAX SEQUENCE OF MnHAEntry 742 MAX-ACCESS not-accessible 743 STATUS current 744 DESCRIPTION 745 "A table containing all of the mobile node's potential 746 home agents." 747 ::= { mnSystem 3 } 749 mnHAEntry OBJECT-TYPE 750 SYNTAX MnHAEntry 751 MAX-ACCESS not-accessible 752 STATUS current 753 DESCRIPTION 754 "Information for a particular Home Agent." 755 INDEX { mnHAAddress } 756 ::= { mnHATable 1 } 758 MnHAEntry ::= SEQUENCE { 759 mnHAAddress IpAddress, 760 mnCurrentHA TruthValue, 761 mnHAStatus RowStatus 762 } 764 mnHAAddress OBJECT-TYPE 765 SYNTAX IpAddress 766 MAX-ACCESS not-accessible 767 STATUS current 768 DESCRIPTION 769 "IP address of mobile node's Home Agent." 770 ::= { mnHAEntry 1 } 772 mnCurrentHA OBJECT-TYPE 773 SYNTAX TruthValue 774 MAX-ACCESS read-only 775 STATUS current 776 DESCRIPTION 777 "Whether this home agent is the current home agent for 778 the mobile node. If it is true, the mobile node is 779 registered with that home agent." 780 ::= { mnHAEntry 2 } 782 mnHAStatus OBJECT-TYPE 783 SYNTAX RowStatus 784 MAX-ACCESS read-create 785 STATUS current 786 DESCRIPTION 787 "The row status for this home agent entry. If the 788 status is set to 'createAndGo' or 'active', then the 789 mobile node can use mnHAAddress as a valid candidate 790 for a home agent. If the status is set to 'destroy', 791 then the mobile node should delete this row, and 792 deregister from that home agent." 793 ::= { mnHAEntry 3 } 795 mnIdentifierType OBJECT-TYPE 796 SYNTAX MipEntityIdentifierType 797 MAX-ACCESS read-only 798 STATUS current 799 DESCRIPTION 800 "The type of the identifier of the mobile node." 801 ::= { mnSystem 4 } 803 mnIdentifier OBJECT-TYPE 804 SYNTAX MipEntityIdentifier 805 MAX-ACCESS read-only 806 STATUS current 807 DESCRIPTION 808 "The identifier of the mobile node." 809 ::= { mnSystem 5 } 811 mnFATable OBJECT-TYPE 812 SYNTAX SEQUENCE OF MnFAEntry 813 MAX-ACCESS not-accessible 814 STATUS current 815 DESCRIPTION 816 "A table containing all foreign agents that the mobile 817 node knows about and their corresponding COA (care-of 818 address). This COA is an address of a foreign agent 819 with which the mobile node is registered. The table is 820 updated when advertisements are received by the mobile 821 node. If an advertisement expires, its entry(s) should 822 be deleted from the table. One foreign agent can 823 provide more than one COA in its advertisements." 824 ::= { mnDiscovery 1 } 826 mnFAEntry OBJECT-TYPE 827 SYNTAX MnFAEntry 828 MAX-ACCESS not-accessible 829 STATUS current 830 DESCRIPTION 831 "One pair of foreign agent IP address and COA for that 832 foreign agent." 833 INDEX { mnFAAddress, mnCOA } 834 ::= { mnFATable 1 } 836 MnFAEntry ::= SEQUENCE { 837 mnFAAddress IpAddress, 838 mnCOA IpAddress 839 } 841 mnFAAddress OBJECT-TYPE 842 SYNTAX IpAddress 843 MAX-ACCESS read-only 844 STATUS current 845 DESCRIPTION 846 "Foreign agent's IP address." 847 ::= { mnFAEntry 1 } 849 mnCOA OBJECT-TYPE 850 SYNTAX IpAddress 851 MAX-ACCESS read-only 852 STATUS current 853 DESCRIPTION 854 "A care-of address being offered by this foreign agent 855 or a co-located care-of address which the mobile node 856 has associated with one of its own network 857 interfaces." 858 ::= { mnFAEntry 2 } 860 -- Mobile node could store multiple agent advertisements, however, 861 -- only the most recently received agent advertisement information 862 -- is required to be made available to the manager station. 864 mnRecentAdvReceived OBJECT IDENTIFIER ::= { mnDiscovery 2 } 866 mnAdvSourceAddress OBJECT-TYPE 867 SYNTAX IpAddress 868 MAX-ACCESS read-only 869 STATUS current 870 DESCRIPTION 871 "The source IP address of the most recently received 872 Agent Advertisement. This address could be the address 873 of a home agent or a foreign agent." 874 ::= { mnRecentAdvReceived 1 } 876 mnAdvSequence OBJECT-TYPE 877 SYNTAX Integer32 (0..65535) 878 MAX-ACCESS read-only 879 STATUS current 880 DESCRIPTION 881 "The sequence number of the most recently received 882 advertisement. The sequence number ranges from 0 to 883 0xffff. After the sequence number attains the value 884 0xffff, it will roll over to 256." 885 ::= { mnRecentAdvReceived 2 } 887 mnAdvFlags OBJECT-TYPE 888 SYNTAX BITS { 889 gre(1), 890 minEnc(2), 891 foreignAgent(3), 892 homeAgent(4), 893 busy(5), 894 regRequired(6), 895 reverseTunnel(7) 896 } 897 MAX-ACCESS read-only 898 STATUS current 899 DESCRIPTION 900 "The flags are contained in the 7th byte in the 901 extension of the most recently received mobility agent 902 advertisement: 903 gre 904 -- Agent offers Generic Routing Encapsulation 905 minEnc, 906 -- Agent offers Minimal Encapsulation 907 foreignAgent, 908 -- Agent is a Foreign Agent 909 homeAgent, 910 -- Agent is a Home Agent 911 busy, 912 -- Foreign Agent is busy 913 regRequired, 914 -- FA registration is required 915 reverseTunnel, 916 -- Agent supports reverse tunneling." 917 ::= { mnRecentAdvReceived 3 } 919 mnAdvMaxRegLifetime OBJECT-TYPE 920 SYNTAX Integer32 (1..65535) 921 UNITS "seconds" 922 MAX-ACCESS read-only 923 STATUS current 924 DESCRIPTION 925 "The longest lifetime in seconds that the agent is 926 willing to accept in any registration request." 927 ::= { mnRecentAdvReceived 4 } 929 mnAdvMaxAdvLifetime OBJECT-TYPE 930 SYNTAX Integer32 (1..65535) 931 UNITS "seconds" 932 MAX-ACCESS read-only 933 STATUS current 934 DESCRIPTION 935 "The maximum length of time that the Advertisement is 936 considered valid in the absence of further 937 Advertisements." 938 REFERENCE 939 "AdvertisementLifeTime in RFC1256." 940 ::= { mnRecentAdvReceived 5 } 942 mnAdvTimeReceived OBJECT-TYPE 943 SYNTAX TimeStamp 944 MAX-ACCESS read-only 945 STATUS current 946 DESCRIPTION 947 "The time at which the most recently received 948 advertisement was received." 949 ::= { mnRecentAdvReceived 6 } 951 -- Mobile Node Discovery Group Counter 953 mnSolicitationsSent OBJECT-TYPE 954 SYNTAX Counter32 955 MAX-ACCESS read-only 956 STATUS current 957 DESCRIPTION 958 "Total number of Solicitation sent by the mobile 959 node." 960 ::= { mnDiscovery 3 } 962 mnAdvertisementsReceived OBJECT-TYPE 963 SYNTAX Counter32 964 MAX-ACCESS read-only 965 STATUS current 966 DESCRIPTION 967 "Total number of advertisements received by the mobile 968 node." 969 ::= { mnDiscovery 4 } 971 mnAdvsDroppedInvalidExtension OBJECT-TYPE 972 SYNTAX Counter32 973 MAX-ACCESS read-only 974 STATUS current 975 DESCRIPTION 976 "Total number of advertisements dropped by the mobile 977 node due to both poorly formed extensions and 978 unrecognized extensions with extension number in the 979 range 0-127." 980 ::= { mnDiscovery 5 } 982 mnAdvsIgnoredUnknownExtension OBJECT-TYPE 983 SYNTAX Counter32 984 MAX-ACCESS read-only 985 STATUS current 986 DESCRIPTION 987 "Total number of unrecognized extensions in the range 988 128-255 that were ignored by the mobile node." 989 ::= { mnDiscovery 6 } 991 mnMoveFromHAToFA OBJECT-TYPE 992 SYNTAX Counter32 993 MAX-ACCESS read-only 994 STATUS current 995 DESCRIPTION 996 "Number of times that the mobile node has decided to 997 move from its home network to a foreign network." 998 ::= { mnDiscovery 7 } 1000 mnMoveFromFAToFA OBJECT-TYPE 1001 SYNTAX Counter32 1002 MAX-ACCESS read-only 1003 STATUS current 1004 DESCRIPTION 1005 "Number of times that the mobile node has decided to 1006 move from one foreign network to another foreign 1007 network." 1008 ::= { mnDiscovery 8 } 1010 mnMoveFromFAToHA OBJECT-TYPE 1011 SYNTAX Counter32 1012 MAX-ACCESS read-only 1013 STATUS current 1014 DESCRIPTION 1015 "Number of times that the mobile node has decided to 1016 move from a foreign network to its home network." 1017 ::= { mnDiscovery 9 } 1019 mnGratuitousARPsSend OBJECT-TYPE 1020 SYNTAX Counter32 1021 MAX-ACCESS read-only 1022 STATUS current 1023 DESCRIPTION 1024 "Total number of Gratuitous ARPs sent by mobile node 1025 in order to clear out any stale ARP entries in the ARP 1026 caches of nodes on the home network." 1027 ::= { mnDiscovery 10 } 1029 mnAgentRebootsDectected OBJECT-TYPE 1030 SYNTAX Counter32 1031 MAX-ACCESS read-only 1032 STATUS current 1033 DESCRIPTION 1034 "Total number of agent reboots detected by the mobile 1035 node through sequence number of the advertisement." 1036 ::= { mnDiscovery 11 } 1038 -- Mobile Node Registration Group 1040 -- Registration table of mobile node 1041 mnRegistrationTable OBJECT-TYPE 1042 SYNTAX SEQUENCE OF MnRegistrationEntry 1043 MAX-ACCESS not-accessible 1044 STATUS current 1045 DESCRIPTION 1046 "A table containing information about the mobile 1047 node's attempted registration(s). The mobile node 1048 updates this table based upon Registration Requests 1049 sent and Registration Replies received in response to 1050 these requests. Certain variables within this table 1051 are also updated if when Registration Requests are 1052 retransmitted." 1053 ::= { mnRegistration 1 } 1055 mnRegistrationEntry OBJECT-TYPE 1056 SYNTAX MnRegistrationEntry 1057 MAX-ACCESS not-accessible 1058 STATUS current 1059 DESCRIPTION 1060 "Information about one registration attempt." 1061 INDEX { mnRegAgentAddress, mnRegCOA} 1062 ::= { mnRegistrationTable 1 } 1064 MnRegistrationEntry ::= SEQUENCE { 1065 mnRegAgentAddress IpAddress, 1066 mnRegCOA IpAddress, 1067 mnRegFlags RegistrationFlags, 1068 mnRegIDLow Unsigned32, 1069 mnRegIDHigh Unsigned32, 1070 mnRegTimeRequested Unsigned32, 1071 mnRegTimeRemaining Gauge32, 1072 mnRegTimeSent TimeStamp, 1073 mnRegIsAccepted TruthValue, 1074 mnCOAIsLocal TruthValue, 1075 mnRegDeliveryStyle MipDeliveryStyle 1076 } 1078 mnRegAgentAddress OBJECT-TYPE 1079 SYNTAX IpAddress 1080 MAX-ACCESS read-only 1081 STATUS current 1082 DESCRIPTION 1083 "IP address of the agent as used in the destination 1084 IP address of the Registration Request. The agent 1085 may be a home agent or a foreign agent." 1086 ::= { mnRegistrationEntry 1 } 1088 mnRegCOA OBJECT-TYPE 1089 SYNTAX IpAddress 1090 MAX-ACCESS read-only 1091 STATUS current 1092 DESCRIPTION 1093 "Care-of address for the registration." 1094 ::= { mnRegistrationEntry 2 } 1096 mnRegFlags OBJECT-TYPE 1097 SYNTAX RegistrationFlags 1098 MAX-ACCESS read-only 1099 STATUS current 1100 DESCRIPTION 1101 "Registration flags sent by the mobile node. It is the 1102 second byte in the Mobile IP Registration Request 1103 message." 1104 ::= { mnRegistrationEntry 3 } 1106 mnRegIDLow OBJECT-TYPE 1107 SYNTAX Unsigned32 1108 MAX-ACCESS read-only 1109 STATUS current 1110 DESCRIPTION 1111 "Low-order 32 bits of the Identification used in that 1112 registration by the mobile node." 1113 ::= { mnRegistrationEntry 4 } 1115 mnRegIDHigh OBJECT-TYPE 1116 SYNTAX Unsigned32 1117 MAX-ACCESS read-only 1118 STATUS current 1119 DESCRIPTION 1120 "High-order 32 bits of the Identification used in that 1121 registration by the mobile node." 1122 ::= { mnRegistrationEntry 5 } 1124 mnRegTimeRequested OBJECT-TYPE 1125 SYNTAX Unsigned32 1126 UNITS "seconds" 1127 MAX-ACCESS read-only 1128 STATUS current 1129 DESCRIPTION 1130 "If the registration is pending, then this is the 1131 lifetime requested by the mobile node (in seconds). 1132 If the registration has been accepted, then this is 1133 the lifetime actually granted by the home agent in the 1134 reply." 1135 ::= { mnRegistrationEntry 6 } 1137 mnRegTimeRemaining OBJECT-TYPE 1138 SYNTAX Gauge32 1139 UNITS "seconds" 1140 MAX-ACCESS read-only 1141 STATUS current 1142 DESCRIPTION 1143 "The number of seconds remaining until this 1144 registration expires. It has the same initial value 1145 as mnRegTimeRequested and is only valid if 1146 mnRegIsAccepted is TRUE." 1147 ::= { mnRegistrationEntry 7 } 1149 mnRegTimeSent OBJECT-TYPE 1150 SYNTAX TimeStamp 1151 MAX-ACCESS read-only 1152 STATUS current 1153 DESCRIPTION 1154 "The time when the last (re-)transmission occurred." 1155 ::= { mnRegistrationEntry 8 } 1157 mnRegIsAccepted OBJECT-TYPE 1158 SYNTAX TruthValue 1159 MAX-ACCESS read-only 1160 STATUS current 1161 DESCRIPTION 1162 "true(1) if the mobile node has received a 1163 Registration Reply indicating that service has been 1164 accepted; false(2) otherwise. false(2) implies that 1165 the registration is still pending." 1166 ::= { mnRegistrationEntry 9 } 1168 mnCOAIsLocal OBJECT-TYPE 1169 SYNTAX TruthValue 1170 MAX-ACCESS read-only 1171 STATUS current 1172 DESCRIPTION 1173 "Whether the COA is local to (dynamically acquired by) 1174 the mobile node or not. If it is false(2), the COA is 1175 an address of the foreign agent." 1176 ::= { mnRegistrationEntry 10 } 1178 mnRegDeliveryStyle OBJECT-TYPE 1179 SYNTAX MipDeliveryStyle 1180 MAX-ACCESS read-only 1181 STATUS current 1182 DESCRIPTION 1183 "Delivery style requested by the mobile node in the 1184 registration request. If mobile node is operating with 1185 a co-located care-of address i.e. when mnCOAIsLocal is 1186 true(1), this object should not be instantiated." 1188 DEFVAL { direct } 1189 ::= { mnRegistrationEntry 11 } 1191 -- Mobile Node Registration Group Counters 1193 mnRegRequestsSent OBJECT-TYPE 1194 SYNTAX Counter32 1195 MAX-ACCESS read-only 1196 STATUS current 1197 DESCRIPTION 1198 "Total number of registration requests sent by the 1199 mobile node. This does not include deregistrations 1200 (those with Lifetime equal to zero)." 1201 ::= { mnRegistration 2 } 1203 mnDeRegRequestsSent OBJECT-TYPE 1204 SYNTAX Counter32 1205 MAX-ACCESS read-only 1206 STATUS current 1207 DESCRIPTION 1208 "Total number of deregistration requests sent by the 1209 mobile node (those with Lifetime equal to zero)." 1210 ::= { mnRegistration 3 } 1212 mnRegRepliesRecieved OBJECT-TYPE 1213 SYNTAX Counter32 1214 MAX-ACCESS read-only 1215 STATUS current 1216 DESCRIPTION 1217 "Total number of registration replies received by the 1218 mobile node in which the Lifetime is greater than 1219 zero." 1220 ::= { mnRegistration 4 } 1222 mnDeRegRepliesRecieved OBJECT-TYPE 1223 SYNTAX Counter32 1224 MAX-ACCESS read-only 1225 STATUS current 1226 DESCRIPTION 1227 "Total number of (de)registration replies received by 1228 the mobile node in which the Lifetime is equal to 1229 zero." 1230 ::= { mnRegistration 5 } 1232 mnRepliesInvalidHomeAddress OBJECT-TYPE 1233 SYNTAX Counter32 1234 MAX-ACCESS read-only 1235 STATUS current 1236 DESCRIPTION 1237 "Total number of replies with invalid home address for 1238 the mobile node." 1239 ::= { mnRegistration 6 } 1241 mnRepliesUnknownHA OBJECT-TYPE 1242 SYNTAX Counter32 1243 MAX-ACCESS read-only 1244 STATUS current 1245 DESCRIPTION 1246 "Total number of replies with unknown home agents 1247 (not in home agent table)." 1248 ::= { mnRegistration 7 } 1250 mnRepliesUnknownFA OBJECT-TYPE 1251 SYNTAX Counter32 1252 MAX-ACCESS read-only 1253 STATUS current 1254 DESCRIPTION 1255 "Total number of replies with unknown foreign agents if 1256 replies relayed through foreign agent." 1257 ::= { mnRegistration 8 } 1259 mnRepliesInvalidID OBJECT-TYPE 1260 SYNTAX Counter32 1261 MAX-ACCESS read-only 1262 STATUS current 1263 DESCRIPTION 1264 "Total number of replies with invalid Identification 1265 fields." 1266 ::= { mnRegistration 9 } 1268 mnRepliesDroppedInvalidExtension OBJECT-TYPE 1269 SYNTAX Counter32 1270 MAX-ACCESS read-only 1271 STATUS current 1272 DESCRIPTION 1273 "Total number of Registration Replies dropped by the 1274 mobile node due to both poorly formed extensions and 1275 unrecognized extensions with extension number in the 1276 range 0-127." 1277 ::= { mnRegistration 10 } 1279 mnRepliesIgnoredUnknownExtension OBJECT-TYPE 1280 SYNTAX Counter32 1281 MAX-ACCESS read-only 1282 STATUS current 1283 DESCRIPTION 1284 "Total number of Registration Replies that contained 1285 one or more unrecognized extensions in the range 1286 128-255 that were ignored by the mobile node." 1287 ::= { mnRegistration 11 } 1289 mnRepliesHAAuthenticationFailure OBJECT-TYPE 1290 SYNTAX Counter32 1291 MAX-ACCESS read-only 1292 STATUS current 1293 DESCRIPTION 1294 "Total number of replies without a valid Home Agent to 1295 Mobile Node authenticator." 1296 ::= { mnRegistration 12 } 1298 mnRepliesFAAuthenticationFailure OBJECT-TYPE 1299 SYNTAX Counter32 1300 MAX-ACCESS read-only 1301 STATUS current 1302 DESCRIPTION 1303 "Total number of replies without a valid Foreign Agent 1304 to Mobile Node authenticator." 1305 ::= { mnRegistration 13 } 1307 mnRegRequestsAccepted OBJECT-TYPE 1308 SYNTAX Counter32 1309 MAX-ACCESS read-only 1310 STATUS current 1311 DESCRIPTION 1312 "Total number of registration requests accepted by the 1313 mobile node's home agent (Code 0 and Code 1)." 1314 ::= { mnRegistration 14 } 1316 mnRegRequestsDeniedByHA OBJECT-TYPE 1317 SYNTAX Counter32 1318 MAX-ACCESS read-only 1319 STATUS current 1320 DESCRIPTION 1321 "Total number of registration requests denied by 1322 mobile node's home agent (Sum of Code 128 through 1323 Code 191)." 1324 ::= { mnRegistration 15 } 1326 mnRegRequestsDeniedByFA OBJECT-TYPE 1327 SYNTAX Counter32 1328 MAX-ACCESS read-only 1329 STATUS current 1330 DESCRIPTION 1331 "Total number of registration requests denied by the 1332 foreign agent (Sum of Codes 64 through Code 127)." 1333 ::= { mnRegistration 16 } 1335 mnRegRequestsDeniedByHADueToID OBJECT-TYPE 1336 SYNTAX Counter32 1337 MAX-ACCESS read-only 1338 STATUS current 1339 DESCRIPTION 1340 "Total number of Registration Request denied by home 1341 agent due to identification mismatch." 1342 ::= { mnRegistration 17 } 1344 mnRegRequestsWithDirectedBroadcast OBJECT-TYPE 1345 SYNTAX Counter32 1346 MAX-ACCESS read-only 1347 STATUS current 1348 DESCRIPTION 1349 "Total number of Registration Requests sent by mobile 1350 node with a directed broadcast address in the home 1351 agent field." 1352 ::= { mnRegistration 18 } 1354 -- MA Advertisement Group 1356 -- MA Advertisement Group Counters 1358 maAdvertisementsSent OBJECT-TYPE 1359 SYNTAX Counter32 1360 MAX-ACCESS read-only 1361 STATUS current 1362 DESCRIPTION 1363 "Total number of advertisements sent by the mobility 1364 agent." 1365 ::= { maAdvertisement 2 } 1367 maAdvsSentForSolicitation OBJECT-TYPE 1368 SYNTAX Counter32 1369 MAX-ACCESS read-only 1370 STATUS current 1371 DESCRIPTION 1372 "Total number of advertisements sent by mobility agent 1373 in response to mobile node solicitations." 1374 ::= { maAdvertisement 3 } 1376 maSolicitationsReceived OBJECT-TYPE 1377 SYNTAX Counter32 1378 MAX-ACCESS read-only 1379 STATUS current 1380 DESCRIPTION 1381 "Total number of solicitations received by the 1382 mobility agent." 1383 ::= { maAdvertisement 4 } 1385 -- Mobility agent advertisement configuration table 1387 maAdvertConfTable OBJECT-TYPE 1388 SYNTAX SEQUENCE OF MaAdvertConfEntry 1389 MAX-ACCESS not-accessible 1390 STATUS current 1391 DESCRIPTION 1392 "A table containing configurable advertisement 1393 parameters for all advertisement interfaces in 1394 the mobility agent." 1395 ::= { maAdvertisement 5 } 1397 maAdvertConfEntry OBJECT-TYPE 1398 SYNTAX MaAdvertConfEntry 1399 MAX-ACCESS not-accessible 1400 STATUS current 1401 DESCRIPTION 1402 "Advertisement parameters for one advertisement 1403 interface." 1404 INDEX { maAdvertIfIndex } 1405 ::= { maAdvertConfTable 1 } 1407 MaAdvertConfEntry ::= SEQUENCE { 1408 maAdvertIfIndex Integer32, 1409 maAdvertMaxRegLifetime Integer32, 1410 maAdvertPrefixLengthInclusion TruthValue, 1411 maAdvertAddress IpAddress, 1412 maAdvertMaxInterval Integer32, 1413 maAdvertMinInterval Integer32, 1414 maAdvertMaxAdvLifetime Integer32, 1415 maAdvertResponseSolicitationOnly TruthValue, 1416 maAdvertService BITS, 1417 maAdvertStatus RowStatus 1418 } 1420 maAdvertIfIndex OBJECT-TYPE 1421 SYNTAX Integer32 (1..2147483647) 1422 MAX-ACCESS not-accessible 1423 STATUS current 1424 DESCRIPTION 1425 "The ifIndex value from Interfaces table of 1426 MIB II for advertisement interface." 1427 ::= { maAdvertConfEntry 1 } 1429 maAdvertMaxRegLifetime OBJECT-TYPE 1430 SYNTAX Integer32 (1..65535) 1431 UNITS "seconds" 1432 MAX-ACCESS read-create 1433 STATUS current 1434 DESCRIPTION 1435 "The longest lifetime in seconds that mobility agent 1436 is willing to accept in any Registration Request." 1437 ::= { maAdvertConfEntry 2 } 1439 maAdvertPrefixLengthInclusion OBJECT-TYPE 1440 SYNTAX TruthValue 1441 MAX-ACCESS read-create 1442 STATUS current 1443 DESCRIPTION 1444 "Whether the advertisement should include the Prefix- 1445 Lengths Extension. If it is true, all advertisements 1446 sent over this interface should include the 1447 Prefix-Lengths Extension." 1448 ::= { maAdvertConfEntry 3 } 1450 maAdvertAddress OBJECT-TYPE 1451 SYNTAX IpAddress 1452 MAX-ACCESS read-create 1453 STATUS current 1454 DESCRIPTION 1455 "The IP destination address to be used for 1456 advertisements sent from the interface. The only 1457 permissible values are the all-systems multicast 1458 address (224.0.0.1) or the limited-broadcast address 1459 (255.255.255.255)." 1460 REFERENCE 1461 "AdvertisementAddress in RFC1256." 1462 ::= { maAdvertConfEntry 4 } 1464 maAdvertMaxInterval OBJECT-TYPE 1465 SYNTAX Integer32 (4..1800) 1466 UNITS "seconds" 1467 MAX-ACCESS read-create 1468 STATUS current 1469 DESCRIPTION 1470 "The maximum time in seconds between successive 1471 transmissions of Agent Advertisements from this 1472 interface." 1473 REFERENCE 1474 "MaxAdvertisementInterval in RFC1256." 1475 ::= { maAdvertConfEntry 5 } 1477 maAdvertMinInterval OBJECT-TYPE 1478 SYNTAX Integer32 (3..1800) 1479 UNITS "seconds" 1480 MAX-ACCESS read-create 1481 STATUS current 1482 DESCRIPTION 1483 "The minimum time in seconds between successive 1484 transmissions of Agent Advertisements from this 1485 interface." 1486 REFERENCE 1487 "MinAdvertisementInterval in RFC1256." 1488 ::= { maAdvertConfEntry 6 } 1490 maAdvertMaxAdvLifetime OBJECT-TYPE 1491 SYNTAX Integer32 (4..9000) 1492 UNITS "seconds" 1493 MAX-ACCESS read-create 1494 STATUS current 1495 DESCRIPTION 1496 "The time (in seconds) to be placed in the Lifetime 1497 field of the RFC 1256-portion of the Agent 1498 Advertisements sent over this interface." 1499 REFERENCE 1500 "AdvertisementLifetime in RFC1256." 1501 ::= { maAdvertConfEntry 7 } 1503 maAdvertResponseSolicitationOnly OBJECT-TYPE 1504 SYNTAX TruthValue 1505 MAX-ACCESS read-create 1506 STATUS current 1507 DESCRIPTION 1508 "The flag indicates whether the advertisement from 1509 that interface should be sent only in response to an 1510 Agent Solicitation message." 1511 DEFVAL { false } 1512 ::= { maAdvertConfEntry 8 } 1514 maAdvertService OBJECT-TYPE 1515 SYNTAX BITS { foreignAgent(0), 1516 homeAgent(1) 1517 } 1518 MAX-ACCESS read-create 1519 STATUS current 1520 DESCRIPTION 1521 "Indicates which mobility services are offered on this 1522 interface." 1523 ::= { maAdvertConfEntry 9 } 1525 maAdvertStatus OBJECT-TYPE 1526 SYNTAX RowStatus 1527 MAX-ACCESS read-create 1528 STATUS current 1529 DESCRIPTION 1530 "The row status for the agent advertisement table. If 1531 this column status is 'active', the manager should not 1532 change any column in the row." 1533 ::= { maAdvertConfEntry 10 } 1535 -- Foreign Agent Group 1537 -- Foreign Agent System Group 1539 faCOATable OBJECT-TYPE 1540 SYNTAX SEQUENCE OF FaCOAEntry 1541 MAX-ACCESS not-accessible 1542 STATUS current 1543 DESCRIPTION 1544 "A table containing all of the care-of addresses 1545 (COAs) supported by the foreign agent. New entries can 1546 be added to the table. The order of entries in the 1547 faCOATAble is also the order in which the COAs are 1548 listed in the Agent Advertisement." 1549 ::= { faSystem 1 } 1551 faCOAEntry OBJECT-TYPE 1552 SYNTAX FaCOAEntry 1553 MAX-ACCESS not-accessible 1554 STATUS current 1555 DESCRIPTION 1556 "Entry of COA" 1557 INDEX { faSupportedCOA } 1558 ::= { faCOATable 1 } 1560 FaCOAEntry ::= 1561 SEQUENCE { 1562 faSupportedCOA IpAddress, 1563 faCOAStatus RowStatus 1564 } 1566 faSupportedCOA OBJECT-TYPE 1567 SYNTAX IpAddress 1568 MAX-ACCESS not-accessible 1569 STATUS current 1570 DESCRIPTION 1571 "Care-of-address supported by this foreign agent." 1572 ::= { faCOAEntry 1 } 1574 faCOAStatus OBJECT-TYPE 1575 SYNTAX RowStatus 1576 MAX-ACCESS read-create 1577 STATUS current 1578 DESCRIPTION 1579 "The row status for COA entry." 1580 ::= { faCOAEntry 2 } 1582 -- Foreign Agent Advertisement Group 1583 -- FA needs to implement MA Advertisement Group plus that group 1584 -- Foreign agent advertisement configuration table. 1586 faAdvertConfTable OBJECT-TYPE 1587 SYNTAX SEQUENCE OF FaAdvertConfEntry 1588 MAX-ACCESS not-accessible 1589 STATUS current 1590 DESCRIPTION 1591 "A table containing additional configurable 1592 advertisement parameters beyond that provided by 1593 maAdvertConfTable for all advertisement interfaces 1594 in the foreign agent." 1595 ::= { faAdvertisement 3 } 1597 faAdvertConfEntry OBJECT-TYPE 1598 SYNTAX FaAdvertConfEntry 1599 MAX-ACCESS not-accessible 1600 STATUS current 1601 DESCRIPTION 1602 "Additional advertisement parameters beyond that 1603 provided by maAdvertConfEntry for one advertisement 1604 interface." 1605 INDEX { maAdvertIfIndex } 1606 ::= { faAdvertConfTable 1 } 1608 FaAdvertConfEntry ::= SEQUENCE { 1609 faAdvertIsBusy TruthValue, 1610 faAdvertRegRequired TruthValue, 1611 faAdvertChallengeWindow Integer32 1612 } 1614 faAdvertIsBusy OBJECT-TYPE 1615 SYNTAX TruthValue 1616 MAX-ACCESS read-only 1617 STATUS current 1618 DESCRIPTION 1619 "If true(1), the agent is busy and any Agent 1620 advertisements sent from the agent on this interface 1621 should have the 'B' bit set to 1." 1622 ::= { faAdvertConfEntry 1 } 1624 faAdvertRegRequired OBJECT-TYPE 1625 SYNTAX TruthValue 1626 MAX-ACCESS read-write 1627 STATUS current 1628 DESCRIPTION 1629 "If true(1), registration is required and any Agent 1630 Advertisements sent from the agent on this interface 1631 should have the 'R' bit set to 1." 1632 ::= { faAdvertConfEntry 2 } 1634 faAdvertChallengeWindow OBJECT-TYPE 1635 SYNTAX Integer32 1636 MAX-ACCESS read-write 1637 STATUS current 1638 DESCRIPTION 1639 "Indicates the number of last challenge values 1640 which can be used by mobile node in the registration 1641 request sent to the foreign agent on this interface." 1642 REFERENCE 1643 "RFC3012 - Mobile IPv4 Challenge/Response Extensions" 1644 DEFVAL { 2 } 1645 ::= { faAdvertConfEntry 3 } 1647 -- Foreign Agent Registration Group 1649 -- Foreign Agent Registration Group Counters 1651 faRegRequestsReceived OBJECT-TYPE 1652 SYNTAX Counter32 1653 MAX-ACCESS read-only 1654 STATUS current 1655 DESCRIPTION 1656 "Total number of valid Registration Requests 1657 received." 1658 ::= { faRegistration 2 } 1660 faRegRequestsRelayed OBJECT-TYPE 1661 SYNTAX Counter32 1662 MAX-ACCESS read-only 1663 STATUS current 1664 DESCRIPTION 1665 "Total number of Registration Requests relayed to home 1666 agent by foreign agent." 1667 ::= { faRegistration 3 } 1669 faReasonUnspecified OBJECT-TYPE 1670 SYNTAX Counter32 1671 MAX-ACCESS read-only 1672 STATUS current 1673 DESCRIPTION 1674 "Total number of Registration Requests denied by 1675 foreign agent -- reason unspecified (Code 64)." 1676 ::= { faRegistration 4 } 1678 faAdmProhibited OBJECT-TYPE 1679 SYNTAX Counter32 1680 MAX-ACCESS read-only 1681 STATUS current 1682 DESCRIPTION 1683 "Total number of Registration Requests denied by 1684 foreign agent -- administratively prohibited (Code 1685 65)." 1686 ::= { faRegistration 5 } 1688 faInsufficientResource OBJECT-TYPE 1689 SYNTAX Counter32 1690 MAX-ACCESS read-only 1691 STATUS current 1692 DESCRIPTION 1693 "Total number of Registration Requests denied by 1694 foreign agent -- insufficient resources (Code 66)." 1695 ::= { faRegistration 6 } 1697 faMNAuthenticationFailure OBJECT-TYPE 1698 SYNTAX Counter32 1699 MAX-ACCESS read-only 1700 STATUS current 1701 DESCRIPTION 1702 "Total number of Registration Requests denied by 1703 foreign agent -- mobile node failed authentication 1704 (Code 67)." 1705 ::= { faRegistration 7 } 1707 faRegLifetimeTooLong OBJECT-TYPE 1708 SYNTAX Counter32 1709 MAX-ACCESS read-only 1710 STATUS current 1711 DESCRIPTION 1712 "Total number of Registration Requests denied by 1713 foreign agent -- requested lifetime too long (Code 1714 69)." 1715 ::= { faRegistration 8 } 1717 faPoorlyFormedRequests OBJECT-TYPE 1718 SYNTAX Counter32 1719 MAX-ACCESS read-only 1720 STATUS current 1721 DESCRIPTION 1722 "Total number of Registration Requests denied by 1723 foreign agent -- poorly formed request (Code 70)." 1724 ::= { faRegistration 9 } 1726 faEncapsulationUnavailable OBJECT-TYPE 1727 SYNTAX Counter32 1728 MAX-ACCESS read-only 1729 STATUS current 1730 DESCRIPTION 1731 "Total number of Registration Requests denied by 1732 foreign agent -- requested encapsulation unavailable 1733 (Code 72)." 1734 ::= { faRegistration 10 } 1736 faHAUnreachable OBJECT-TYPE 1737 SYNTAX Counter32 1738 MAX-ACCESS read-only 1739 STATUS current 1740 DESCRIPTION 1741 "Total number of Registration Requests denied by 1742 foreign agent -- home agent unreachable (Codes 1743 80-95)." 1744 ::= { faRegistration 12 } 1746 faRegRepliesRecieved OBJECT-TYPE 1747 SYNTAX Counter32 1748 MAX-ACCESS read-only 1749 STATUS current 1750 DESCRIPTION 1751 "Total number of well-formed Registration Replies 1752 received by foreign agent." 1753 ::= { faRegistration 13 } 1755 faRegRepliesRelayed OBJECT-TYPE 1756 SYNTAX Counter32 1757 MAX-ACCESS read-only 1758 STATUS current 1759 DESCRIPTION 1760 "Total number of valid Registration Replies relayed to 1761 the mobile node by foreign agent." 1762 ::= { faRegistration 14 } 1764 faHAAuthenticationFailure OBJECT-TYPE 1765 SYNTAX Counter32 1766 MAX-ACCESS read-only 1767 STATUS current 1768 DESCRIPTION 1769 "Total number of Registration Replies denied by 1770 foreign agent -- home agent failed authentication 1771 (Code 68)." 1772 ::= { faRegistration 15 } 1774 faPoorlyFormedReplies OBJECT-TYPE 1775 SYNTAX Counter32 1776 MAX-ACCESS read-only 1777 STATUS current 1778 DESCRIPTION 1779 "Total number of Registration Replies denied by 1780 foreign agent -- poorly formed reply (Code 71)." 1781 ::= { faRegistration 16 } 1783 faReverseTunnelUnavailable OBJECT-TYPE 1784 SYNTAX Counter32 1785 MAX-ACCESS read-only 1786 STATUS current 1787 DESCRIPTION 1788 "Total number of Registration Requests denied by 1789 foreign agent -- requested reverse tunnel 1790 unavailable (Code 74)." 1791 REFERENCE 1792 "RFC3024 - Reverse Tunneling for Mobile IP" 1793 ::= { faRegistration 17 } 1795 faReverseTunnelBitNotSet OBJECT-TYPE 1796 SYNTAX Counter32 1797 MAX-ACCESS read-only 1798 STATUS current 1799 DESCRIPTION 1800 "Total number of Registration Requests denied by 1801 foreign agent -- reverse tunnel is mandatory and 1802 'T' bit not set (Code 75)." 1803 REFERENCE 1804 "RFC3024 - Reverse Tunneling for Mobile IP" 1805 ::= { faRegistration 18 } 1807 faMnTooDistant OBJECT-TYPE 1808 SYNTAX Counter32 1809 MAX-ACCESS read-only 1810 STATUS current 1811 DESCRIPTION 1812 "Total number of Registration Requests denied by 1813 foreign agent -- mobile node too distant (Code 76)." 1814 REFERENCE 1815 "RFC3024 - Reverse Tunneling for Mobile IP" 1816 ::= { faRegistration 19 } 1818 faDeliveryStyleUnsupported OBJECT-TYPE 1819 SYNTAX Counter32 1820 MAX-ACCESS read-only 1821 STATUS current 1822 DESCRIPTION 1823 "Total number of Registration Requests denied by 1824 foreign agent -- delivery style not supported 1825 (Code 79)." 1826 REFERENCE 1827 "RFC3024 - Reverse Tunneling for Mobile IP" 1828 ::= { faRegistration 20 } 1830 faNonZeroHomeAddressRequired OBJECT-TYPE 1831 SYNTAX Counter32 1832 MAX-ACCESS read-only 1833 STATUS current 1834 DESCRIPTION 1835 "Total number of Registration Requests denied by 1836 foreign agent -- non zero home address is 1837 required (Code 96)." 1838 REFERENCE 1839 "RFC2794 - Mobile IP Network Access Identifier 1840 Extension for IPv4" 1841 ::= { faRegistration 21 } 1843 faUnknownChallenge OBJECT-TYPE 1844 SYNTAX Counter32 1845 MAX-ACCESS read-only 1846 STATUS current 1847 DESCRIPTION 1848 "Total number of Registration Requests denied by 1849 foreign agent -- challenge was unknown (code 104)." 1850 REFERENCE 1851 "RFC3012 - Mobile IPv4 Challenge/Response Extensions" 1852 ::= { faRegistration 22 } 1854 faMissingChallenge OBJECT-TYPE 1855 SYNTAX Counter32 1856 MAX-ACCESS read-only 1857 STATUS current 1858 DESCRIPTION 1859 "Total number of Registration Requests denied by 1860 foreign agent -- challenge was missing (code 105)." 1861 REFERENCE 1862 "RFC3012 - Mobile IPv4 Challenge/Response Extensions" 1863 ::= { faRegistration 23 } 1865 faStaleChallenge OBJECT-TYPE 1866 SYNTAX Counter32 1867 MAX-ACCESS read-only 1868 STATUS current 1869 DESCRIPTION 1870 "Total number of Registration Requests denied by 1871 foreign agent -- challenge was stale (code 106)." 1872 REFERENCE 1873 "RFC3012 - Mobile IPv4 Challenge/Response Extensions" 1874 ::= { faRegistration 24 } 1876 faCvsesFromMnUnsupported OBJECT-TYPE 1877 SYNTAX Counter32 1878 MAX-ACCESS read-only 1879 STATUS current 1880 DESCRIPTION 1881 "Total number of Registration Requests denied by 1882 foreign agent -- Unsupported Vendor-ID or unable to 1883 interpret Vendor-CVSE-Type in the CVSE sent by the 1884 mobile node to the foreign agent (code 100)." 1885 REFERENCE 1886 "RFC3025 - Mobile IP Vendor/Organization-Specific 1887 Extensions" 1888 ::= { faRegistration 25 } 1890 faCvsesFromHaUnsupported OBJECT-TYPE 1891 SYNTAX Counter32 1892 MAX-ACCESS read-only 1893 STATUS current 1894 DESCRIPTION 1895 "Total number of Registration Replies denied by 1896 foreign agent -- Unsupported Vendor-ID or unable to 1897 interpret Vendor-CVSE-Type in the CVSE sent by the 1898 home agent to the foreign agent (code 101)." 1899 REFERENCE 1900 "RFC3025 - Mobile IP Vendor/Organization-Specific 1901 Extensions" 1902 ::= { faRegistration 26 } 1904 faNvsesFromMnIgnored OBJECT-TYPE 1905 SYNTAX Counter32 1906 MAX-ACCESS read-only 1907 STATUS current 1908 DESCRIPTION 1909 "Total number of Registration Requests which contained 1910 one or more NVSEs from the mobile node that were 1911 ignored by the foreign agent." 1912 REFERENCE 1913 "RFC3025 - Mobile IP Vendor/Organization-Specific 1914 Extensions" 1915 ::= { faRegistration 27 } 1917 faNvsesFromHaIgnored OBJECT-TYPE 1918 SYNTAX Counter32 1919 MAX-ACCESS read-only 1920 STATUS current 1921 DESCRIPTION 1922 "Total number of Registration Replies which contained 1923 one or more NVSEs from the home agent that were 1924 ignored by the foreign agent." 1925 REFERENCE 1926 "RFC3025 - Mobile IP Vendor/Organization-Specific 1927 Extensions" 1928 ::= { faRegistration 28 } 1930 faRegVisitorCount OBJECT-TYPE 1931 SYNTAX Gauge32 1932 MAX-ACCESS read-only 1933 STATUS current 1934 DESCRIPTION 1935 "The current number of entries in faRegVisitorTable." 1936 ::= { faRegistration 29 } 1938 -- Foreign Agent Visitors List 1940 faRegVisitorTable OBJECT-TYPE 1941 SYNTAX SEQUENCE OF FaRegVisitorEntry 1942 MAX-ACCESS not-accessible 1943 STATUS current 1944 DESCRIPTION 1945 "A table containing the foreign agent's visitor list. 1946 The foreign agent updates this table in response to 1947 registration events from mobile nodes." 1948 ::= { faRegistration 30 } 1950 faRegVisitorEntry OBJECT-TYPE 1951 SYNTAX FaRegVisitorEntry 1952 MAX-ACCESS not-accessible 1953 STATUS current 1954 DESCRIPTION 1955 "Information for one visitor." 1956 INDEX { faRegVisitorIdType, faRegVisitorId } 1957 ::= { faRegVisitorTable 1 } 1959 FaRegVisitorEntry ::= SEQUENCE { 1960 faRegVisitorIdType MipEntityIdentifierType, 1961 faRegVisitorId MipEntityIdentifier, 1962 faRegVisitorHomeAddress IpAddress, 1963 faRegVisitorHomeAgentAddress IpAddress, 1964 faRegVisitorTimeGranted Integer32, 1965 faRegVisitorTimeRemaining Gauge32, 1966 faRegVisitorRegFlags RegistrationFlags, 1967 faRegVisitorRegIDLow Unsigned32, 1968 faRegVisitorRegIDHigh Unsigned32, 1969 faRegVisitorRegIsAccepted TruthValue, 1970 faRegVisitorDeliveryStyle MipDeliveryStyle 1971 } 1973 faRegVisitorIdType OBJECT-TYPE 1974 SYNTAX MipEntityIdentifierType 1975 MAX-ACCESS not-accessible 1976 STATUS current 1977 DESCRIPTION 1978 "The type of the visitor's identifier." 1979 ::= { faRegVisitorEntry 1 } 1981 faRegVisitorId OBJECT-TYPE 1982 SYNTAX MipEntityIdentifier 1983 MAX-ACCESS not-accessible 1984 STATUS current 1985 DESCRIPTION 1986 "The identifier of the visitor." 1987 ::= { faRegVisitorEntry 2 } 1989 faRegVisitorHomeAddress OBJECT-TYPE 1990 SYNTAX IpAddress 1991 MAX-ACCESS read-only 1992 STATUS current 1993 DESCRIPTION 1994 "Home (IP) address of visiting mobile node." 1995 ::= { faRegVisitorEntry 3 } 1997 faRegVisitorHomeAgentAddress OBJECT-TYPE 1998 SYNTAX IpAddress 1999 MAX-ACCESS read-only 2000 STATUS current 2001 DESCRIPTION 2002 "Home agent IP address for that visiting mobile node." 2003 ::= { faRegVisitorEntry 4 } 2005 faRegVisitorTimeGranted OBJECT-TYPE 2006 SYNTAX Integer32 2007 UNITS "seconds" 2008 MAX-ACCESS read-only 2009 STATUS current 2010 DESCRIPTION 2011 "The lifetime in seconds granted to the mobile node 2012 for this registration. Only valid if 2013 faRegVisitorRegIsAccepted is true(1)." 2015 ::= { faRegVisitorEntry 5 } 2017 faRegVisitorTimeRemaining OBJECT-TYPE 2018 SYNTAX Gauge32 2019 UNITS "seconds" 2020 MAX-ACCESS read-only 2021 STATUS current 2022 DESCRIPTION 2023 "The number of seconds remaining until the 2024 registration is expired. It has the same initial value 2025 as faRegVisitorTimeGranted, and is counted down by the 2026 foreign agent." 2027 ::= { faRegVisitorEntry 6 } 2029 faRegVisitorRegFlags OBJECT-TYPE 2030 SYNTAX RegistrationFlags 2031 MAX-ACCESS read-only 2032 STATUS current 2033 DESCRIPTION 2034 "Registration flags sent by mobile node." 2035 ::= { faRegVisitorEntry 7 } 2037 faRegVisitorRegIDLow OBJECT-TYPE 2038 SYNTAX Unsigned32 (0..4294967295) 2039 MAX-ACCESS read-only 2040 STATUS current 2041 DESCRIPTION 2042 "Low 32 bits of Identification used in that 2043 registration by the mobile node." 2044 ::= { faRegVisitorEntry 8 } 2046 faRegVisitorRegIDHigh OBJECT-TYPE 2047 SYNTAX Unsigned32 (0..4294967295) 2048 MAX-ACCESS read-only 2049 STATUS current 2050 DESCRIPTION 2051 "High 32 bits of Identification used in that 2052 registration by the mobile node." 2053 ::= { faRegVisitorEntry 9 } 2055 faRegVisitorRegIsAccepted OBJECT-TYPE 2056 SYNTAX TruthValue 2057 MAX-ACCESS read-only 2058 STATUS current 2059 DESCRIPTION 2060 "Whether the registration has been accepted or not. If 2061 it is false(2), this registration is still pending for 2062 reply." 2063 ::= { faRegVisitorEntry 10 } 2065 faRegVisitorDeliveryStyle OBJECT-TYPE 2066 SYNTAX MipDeliveryStyle 2067 MAX-ACCESS read-only 2068 STATUS current 2069 DESCRIPTION 2070 "Delivery style requested by the mobile node in its 2071 registration request." 2072 DEFVAL { direct } 2073 ::= { faRegVisitorEntry 11 } 2075 -- Home Agent Group 2077 -- Home Agent Registration Group 2079 -- Home agent mobility binding list 2081 haMobilityBindingTable OBJECT-TYPE 2082 SYNTAX SEQUENCE OF HaMobilityBindingEntry 2083 MAX-ACCESS not-accessible 2084 STATUS current 2085 DESCRIPTION 2086 "A table containing the home agent's mobility binding 2087 list. The home agent updates this table in response 2088 to registration events from mobile nodes." 2089 ::= { haRegistration 1 } 2091 haMobilityBindingEntry OBJECT-TYPE 2092 SYNTAX HaMobilityBindingEntry 2093 MAX-ACCESS not-accessible 2094 STATUS current 2095 DESCRIPTION 2096 "An entry on the mobility binding list." 2097 INDEX { haMobilityBindingMN, haMobilityBindingCOA } 2098 ::= { haMobilityBindingTable 1 } 2100 HaMobilityBindingEntry ::= SEQUENCE { 2101 haMobilityBindingMN IpAddress, 2102 haMobilityBindingCOA IpAddress, 2103 haMobilityBindingSourceAddress IpAddress, 2104 haMobilityBindingRegFlags RegistrationFlags, 2105 haMobilityBindingRegIDLow Unsigned32, 2106 haMobilityBindingRegIDHigh Unsigned32, 2107 haMobilityBindingTimeGranted Unsigned32, 2108 haMobilityBindingTimeRemaining Gauge32, 2109 haMobilityBindingMnIdType MipEntityIdentifierType, 2110 haMobilityBindingMnId MipEntityIdentifier 2111 } 2113 haMobilityBindingMN OBJECT-TYPE 2114 SYNTAX IpAddress 2115 MAX-ACCESS read-only 2116 STATUS current 2117 DESCRIPTION 2118 "Mobile node's home (IP) address." 2119 ::= { haMobilityBindingEntry 1 } 2121 haMobilityBindingCOA OBJECT-TYPE 2122 SYNTAX IpAddress 2123 MAX-ACCESS read-only 2124 STATUS current 2125 DESCRIPTION 2126 "Mobile node's care-of-address. One mobile node can 2127 have multiple bindings with different 2128 care-of-addresses." 2129 ::= { haMobilityBindingEntry 2 } 2131 haMobilityBindingSourceAddress OBJECT-TYPE 2132 SYNTAX IpAddress 2133 MAX-ACCESS read-only 2134 STATUS current 2135 DESCRIPTION 2136 "IP source address of the Registration Request as 2137 received by the home agent. Will be either a mobile 2138 node's co-located care-of address or an address of the 2139 foreign agent." 2140 ::= { haMobilityBindingEntry 3 } 2142 haMobilityBindingRegFlags OBJECT-TYPE 2143 SYNTAX RegistrationFlags 2144 MAX-ACCESS read-only 2145 STATUS current 2146 DESCRIPTION 2147 "Registration flags sent by mobile node." 2148 ::= { haMobilityBindingEntry 4 } 2150 haMobilityBindingRegIDLow OBJECT-TYPE 2151 SYNTAX Unsigned32 (0..4294967295) 2152 MAX-ACCESS read-only 2153 STATUS current 2154 DESCRIPTION 2155 "Low 32 bits of Identification used in that binding by 2156 the mobile node." 2157 ::= { haMobilityBindingEntry 5 } 2159 haMobilityBindingRegIDHigh OBJECT-TYPE 2160 SYNTAX Unsigned32 (0..4294967295) 2161 MAX-ACCESS read-only 2162 STATUS current 2163 DESCRIPTION 2164 "High 32 bits of Identification used in that binding by 2165 the mobile node." 2166 ::= { haMobilityBindingEntry 6 } 2168 haMobilityBindingTimeGranted OBJECT-TYPE 2169 SYNTAX Unsigned32 2170 UNITS "seconds" 2171 MAX-ACCESS read-only 2172 STATUS current 2173 DESCRIPTION 2174 "The lifetime in seconds granted to the mobile node 2175 for this registration." 2176 ::= { haMobilityBindingEntry 7 } 2178 haMobilityBindingTimeRemaining OBJECT-TYPE 2179 SYNTAX Gauge32 2180 UNITS "seconds" 2181 MAX-ACCESS read-only 2182 STATUS current 2183 DESCRIPTION 2184 "The number of seconds remaining until the 2185 registration is expired. It has the same initial value 2186 as haMobilityBindingTimeGranted, and is counted down 2187 by the home agent." 2188 ::= { haMobilityBindingEntry 8 } 2190 haMobilityBindingMnIdType OBJECT-TYPE 2191 SYNTAX MipEntityIdentifierType 2192 MAX-ACCESS read-only 2193 STATUS current 2194 DESCRIPTION 2195 "The type of the mobile node's identifier." 2196 ::= { haMobilityBindingEntry 9 } 2198 haMobilityBindingMnId OBJECT-TYPE 2199 SYNTAX MipEntityIdentifier 2200 MAX-ACCESS read-only 2201 STATUS current 2202 DESCRIPTION 2203 "The identifier of the mobile node." 2204 ::= { haMobilityBindingEntry 10 } 2206 -- Home Agent Registration Group Counters 2208 -- Home agent registration Counters for all mobile nodes. 2210 haRegistrationAccepted OBJECT-TYPE 2211 SYNTAX Counter32 2212 MAX-ACCESS read-only 2213 STATUS current 2214 DESCRIPTION 2215 "Total number of Registration Requests accepted by 2216 home agent (Code 0)." 2217 ::= { haRegistration 3 } 2219 haMultiBindingUnsupported OBJECT-TYPE 2220 SYNTAX Counter32 2221 MAX-ACCESS read-only 2222 STATUS current 2223 DESCRIPTION 2224 "Total number of Registration Requests accepted by 2225 home agent -- simultaneous mobility bindings 2226 unsupported (Code 1)." 2227 ::= { haRegistration 4 } 2229 haReasonUnspecified OBJECT-TYPE 2230 SYNTAX Counter32 2231 MAX-ACCESS read-only 2232 STATUS current 2233 DESCRIPTION 2234 "Total number of Registration Requests denied by home 2235 agent -- reason unspecified (Code 128)." 2236 ::= { haRegistration 5 } 2238 haAdmProhibited OBJECT-TYPE 2239 SYNTAX Counter32 2240 MAX-ACCESS read-only 2241 STATUS current 2242 DESCRIPTION 2243 "Total number of Registration Requests denied by home 2244 agent -- administratively prohibited (Code 129)." 2245 ::= { haRegistration 6 } 2247 haInsufficientResource OBJECT-TYPE 2248 SYNTAX Counter32 2249 MAX-ACCESS read-only 2250 STATUS current 2251 DESCRIPTION 2252 "Total number of Registration Requests denied by home 2253 agent -- insufficient resources (Code 130)." 2254 ::= { haRegistration 7 } 2256 haMNAuthenticationFailure OBJECT-TYPE 2257 SYNTAX Counter32 2258 MAX-ACCESS read-only 2259 STATUS current 2260 DESCRIPTION 2261 "Total number of Registration Requests denied by home 2262 agent -- mobile node failed authentication (Code 2263 131)." 2264 ::= { haRegistration 8 } 2266 haFAAuthenticationFailure OBJECT-TYPE 2267 SYNTAX Counter32 2268 MAX-ACCESS read-only 2269 STATUS current 2270 DESCRIPTION 2271 "Total number of Registration Requests denied by home 2272 agent -- foreign agent failed authentication (Code 2273 132)." 2274 ::= { haRegistration 9 } 2276 haIDMismatch OBJECT-TYPE 2277 SYNTAX Counter32 2278 MAX-ACCESS read-only 2279 STATUS current 2280 DESCRIPTION 2281 "Total number of Registration Requests denied by home 2282 agent -- Identification mismatch (Code 133)." 2283 ::= { haRegistration 10 } 2285 haPoorlyFormedRequest OBJECT-TYPE 2286 SYNTAX Counter32 2287 MAX-ACCESS read-only 2288 STATUS current 2289 DESCRIPTION 2290 "Total number of Registration Requests denied by home 2291 agent -- poorly formed request (Code 134)." 2292 ::= { haRegistration 11 } 2294 haTooManyBindings OBJECT-TYPE 2295 SYNTAX Counter32 2296 MAX-ACCESS read-only 2297 STATUS current 2298 DESCRIPTION 2299 "Total number of Registration Requests denied by home 2300 agent -- too many simultaneous mobility bindings (Code 2301 135)." 2302 ::= { haRegistration 12 } 2304 haUnknownHA OBJECT-TYPE 2305 SYNTAX Counter32 2306 MAX-ACCESS read-only 2307 STATUS current 2308 DESCRIPTION 2309 "Total number of Registration Requests denied by home 2310 agent -- unknown home agent address (Code 136)." 2311 ::= { haRegistration 13 } 2313 haGratuitiousARPsSent OBJECT-TYPE 2314 SYNTAX Counter32 2315 MAX-ACCESS read-only 2316 STATUS current 2317 DESCRIPTION 2318 "Total number of gratuition ARPs sent by the home 2319 agent on behalf of mobile nodes." 2320 ::= { haRegistration 14 } 2322 haProxyARPsSent OBJECT-TYPE 2323 SYNTAX Counter32 2324 MAX-ACCESS read-only 2325 STATUS current 2326 DESCRIPTION 2327 "Total number of proxy ARPs sent by the home agent on 2328 behalf of mobile nodes." 2329 ::= { haRegistration 15 } 2331 haRegRequestsReceived OBJECT-TYPE 2332 SYNTAX Counter32 2333 MAX-ACCESS read-only 2334 STATUS current 2335 DESCRIPTION 2336 "Total number of Registration Requests received by 2337 home agent." 2338 ::= { haRegistration 16 } 2340 haDeRegRequestsReceived OBJECT-TYPE 2341 SYNTAX Counter32 2342 MAX-ACCESS read-only 2343 STATUS current 2344 DESCRIPTION 2345 "Total number of Registration Requests received by the 2346 home agent with a Lifetime of zero (requests to 2347 deregister)." 2348 ::= { haRegistration 17 } 2350 haRegRepliesSent OBJECT-TYPE 2351 SYNTAX Counter32 2352 MAX-ACCESS read-only 2353 STATUS current 2354 DESCRIPTION 2355 "Total number of Registration Replies sent by the home 2356 agent." 2357 ::= { haRegistration 18 } 2359 haDeRegRepliesSent OBJECT-TYPE 2360 SYNTAX Counter32 2361 MAX-ACCESS read-only 2362 STATUS current 2363 DESCRIPTION 2364 "Total number of Registration Replies sent by the home 2365 agent in response to requests to deregister." 2366 ::= { haRegistration 19 } 2368 haReverseTunnelUnavailable OBJECT-TYPE 2369 SYNTAX Counter32 2370 MAX-ACCESS read-only 2371 STATUS current 2372 DESCRIPTION 2373 "Total number of Registration Requests denied by 2374 the home agent -- requested reverse tunnel 2375 unavailable (Code 137)." 2376 REFERENCE 2377 "RFC3024 - Reverse Tunneling for Mobile IP" 2378 ::= { haRegistration 20 } 2380 haReverseTunnelBitNotSet OBJECT-TYPE 2381 SYNTAX Counter32 2382 MAX-ACCESS read-only 2383 STATUS current 2384 DESCRIPTION 2385 "Total number of Registration Requests denied by 2386 the home agent -- reverse tunnel is mandatory and 2387 'T' bit not set (Code 138)." 2388 REFERENCE 2389 "RFC3024 - Reverse Tunneling for Mobile IP" 2390 ::= { haRegistration 21 } 2392 haEncapsulationUnavailable OBJECT-TYPE 2393 SYNTAX Counter32 2394 MAX-ACCESS read-only 2395 STATUS current 2396 DESCRIPTION 2397 "Total number of Registration Requests denied by 2398 the home agent -- requested encapsulation 2399 unavailable (Code 72)." 2400 REFERENCE 2401 "RFC3024 - Reverse Tunneling for Mobile IP" 2403 ::= { haRegistration 22 } 2405 haCvsesFromMnUnsupported OBJECT-TYPE 2406 SYNTAX Counter32 2407 MAX-ACCESS read-only 2408 STATUS current 2409 DESCRIPTION 2410 "Total number of Registration Requests denied by the 2411 home agent -- Unsupported Vendor-ID or unable to 2412 interpret Vendor-CVSE-Type in the CVSE sent by the 2413 mobile node to the home agent (code 140)." 2414 REFERENCE 2415 "RFC3025 - Mobile IP Vendor/Organization-Specific 2416 Extensions" 2417 ::= { haRegistration 23 } 2419 haCvsesFromFaUnsupported OBJECT-TYPE 2420 SYNTAX Counter32 2421 MAX-ACCESS read-only 2422 STATUS current 2423 DESCRIPTION 2424 "Total number of Registration Requests denied by the 2425 home agent -- Unsupported Vendor-ID or unable to 2426 interpret Vendor-CVSE-Type in the CVSE sent by the 2427 foreign agent to the home agent (code 141)." 2428 REFERENCE 2429 "RFC3025 - Mobile IP Vendor/Organization-Specific 2430 Extensions" 2431 ::= { haRegistration 24 } 2433 haNvsesFromMnIgnored OBJECT-TYPE 2434 SYNTAX Counter32 2435 MAX-ACCESS read-only 2436 STATUS current 2437 DESCRIPTION 2438 "Total number of Registration Requests which contained 2439 one or more NVSEs from the mobile node that were 2440 ignored by the home agent." 2441 REFERENCE 2442 "RFC3025 - Mobile IP Vendor/Organization-Specific 2443 Extensions" 2444 ::= { haRegistration 25 } 2446 haNvsesFromFaIgnored OBJECT-TYPE 2447 SYNTAX Counter32 2448 MAX-ACCESS read-only 2449 STATUS current 2450 DESCRIPTION 2451 "Total number of Registration Requests which contained 2452 one or more NVSEs from the foreign agent that were 2453 ignored by the home agent." 2454 REFERENCE 2455 "RFC3025 - Mobile IP Vendor/Organization-Specific 2456 Extensions" 2457 ::= { haRegistration 26 } 2459 haRegMobilityBindingCount OBJECT-TYPE 2460 SYNTAX Gauge32 2461 MAX-ACCESS read-only 2462 STATUS current 2463 DESCRIPTION 2464 "The current number of entries in 2465 haMobilityBindingTable." 2466 ::= { haRegistration 27 } 2468 -- Home agent registration Counters per node 2470 haRegCounterTable OBJECT-TYPE 2471 SYNTAX SEQUENCE OF HaRegCounterEntry 2472 MAX-ACCESS not-accessible 2473 STATUS current 2474 DESCRIPTION 2475 "A table containing registration statistics for all 2476 mobile nodes authorized to use this home agent." 2477 ::= { haRegistration 28 } 2479 haRegCounterEntry OBJECT-TYPE 2480 SYNTAX HaRegCounterEntry 2481 MAX-ACCESS not-accessible 2482 STATUS current 2483 DESCRIPTION 2484 "Registration statistics for one mobile node." 2485 INDEX { haMobilityBindingMnIdType, haMobilityBindingMnId } 2486 ::= { haRegCounterTable 1 } 2488 HaRegCounterEntry ::= SEQUENCE { 2489 haRegServiceRequestsAccepted Counter32, 2490 haRegServiceRequestsDenied Counter32, 2491 haRegOverallServiceTime Gauge32, 2492 haRegRecentServiceAcceptedTime TimeStamp, 2493 haRegRecentServiceDeniedTime TimeStamp, 2494 haRegRecentServiceDeniedCode INTEGER 2495 } 2497 haRegServiceRequestsAccepted OBJECT-TYPE 2498 SYNTAX Counter32 2499 MAX-ACCESS read-only 2500 STATUS current 2501 DESCRIPTION 2502 "Total number of service requests for the mobile node 2503 accepted by the home agent (Code 0 + Code 1)." 2504 ::= { haRegCounterEntry 1 } 2506 haRegServiceRequestsDenied OBJECT-TYPE 2507 SYNTAX Counter32 2508 MAX-ACCESS read-only 2509 STATUS current 2510 DESCRIPTION 2511 "Total number of service requests for the mobile node 2512 denied by the home agent (sum of all registrations 2513 denied with Code 128 through Code 159)." 2514 ::= { haRegCounterEntry 2 } 2516 haRegOverallServiceTime OBJECT-TYPE 2517 SYNTAX Gauge32 2518 UNITS "seconds" 2519 MAX-ACCESS read-only 2520 STATUS current 2521 DESCRIPTION 2522 "Overall service time (in seconds) that has 2523 accumulated for the mobile node since the home agent 2524 last rebooted." 2525 ::= { haRegCounterEntry 3 } 2527 haRegRecentServiceAcceptedTime OBJECT-TYPE 2528 SYNTAX TimeStamp 2529 MAX-ACCESS read-only 2530 STATUS current 2531 DESCRIPTION 2532 "The time at which the most recent Registration 2533 Request was accepted by the home agent for this mobile 2534 node." 2535 ::= { haRegCounterEntry 4 } 2537 haRegRecentServiceDeniedTime OBJECT-TYPE 2538 SYNTAX TimeStamp 2539 MAX-ACCESS read-only 2540 STATUS current 2541 DESCRIPTION 2542 "The time at which the most recent Registration 2543 Request was denied by the home agent for this mobile 2544 node." 2545 ::= { haRegCounterEntry 5 } 2547 haRegRecentServiceDeniedCode OBJECT-TYPE 2548 SYNTAX INTEGER { 2549 reasonUnspecified(128), 2550 admProhibited(129), 2551 insufficientResource(130), 2552 mnAuthenticationFailure(131), 2553 faAuthenticationFailure(132), 2554 idMismatch(133), 2555 poorlyFormedRequest(134), 2556 tooManyBindings(135), 2557 unknownHA(136), 2558 reverseTunnelUnavailable(137), 2559 reverseTunnelBitNotSet(138), 2560 encapsulationUnavailable(139), 2561 mnCvseUnsupported(140), 2562 faCvseUnsupported(141) 2563 } 2564 MAX-ACCESS read-only 2565 STATUS current 2566 DESCRIPTION 2567 "The Code indicating the reason why the most recent 2568 Registration Request for this mobile node was rejected 2569 by the home agent." 2570 ::= { haRegCounterEntry 6 } 2572 mipMIBNotificationPrefix OBJECT IDENTIFIER ::= { mipMIB 2 } 2574 mipMIBNotifications OBJECT IDENTIFIER ::= 2575 { mipMIBNotificationPrefix 0 } 2577 mipAuthFailure2 NOTIFICATION-TYPE 2578 OBJECTS { mipSecurityRecentViolationSPI, 2579 mipSecurityRecentViolationIDLow, 2580 mipSecurityRecentViolationIDHigh, 2581 mipSecurityRecentViolationReason 2582 } 2583 STATUS current 2584 DESCRIPTION 2585 "The mipAuthFailure2 indicates that the Mobile IP 2586 entity has an authentication failure when it validates 2587 the mobile Registration Request or Reply." 2588 ::= { mipMIBNotifications 2 } 2590 mipMIBConformance OBJECT IDENTIFIER ::= { mipMIB 3 } 2592 mipGroups OBJECT IDENTIFIER ::= { mipMIBConformance 1 } 2593 mipCompliances OBJECT IDENTIFIER ::= { mipMIBConformance 2 } 2595 -- compliance statements 2597 mipCompliance2 MODULE-COMPLIANCE 2598 STATUS current 2599 DESCRIPTION 2600 "The compliance statement for SNMPv2 entities which 2601 implement the Mobile IP MIB." 2602 MODULE 2603 MANDATORY-GROUPS { mipSystemGroup } 2605 GROUP mipSecAssociationGroup2 2606 DESCRIPTION 2607 "This group is mandatory for Mobile IP entities (MN, 2608 FA, and HA) which support security associations. 2609 Mobile Nodes and Home Agents must implement this 2610 group. Foreign Agents must implement this group if 2611 they maintain any security associations." 2613 GROUP mipSecViolationGroup2 2614 DESCRIPTION 2615 "This group is mandatory for Mobile IP entities (MN, 2616 FA, and HA) that can log security violations." 2618 GROUP mnSystemGroup2 2619 DESCRIPTION 2620 "This group is mandatory for mobile node." 2622 GROUP mnDiscoveryGroup 2623 DESCRIPTION 2624 "This group is mandatory for mobile nodes which 2625 implement the Agent Discovery function." 2627 GROUP mnRegistrationGroup2 2628 DESCRIPTION 2629 "This group is mandatory for mobile nodes." 2631 GROUP maAdvertisementGroup2 2632 DESCRIPTION 2633 "This group is mandatory for the mobility agents (HA 2634 and FA) since they must implement Agent 2635 Advertisement." 2637 GROUP faSystemGroup 2638 DESCRIPTION 2639 "This group is mandatory for foreign agents." 2641 GROUP faAdvertisementGroup2 2642 DESCRIPTION 2643 "This group is mandatory for foreign agents." 2645 GROUP faRegistrationGroup2 2646 DESCRIPTION 2647 "This group is mandatory for foreign agents." 2649 GROUP haRegistrationGroup2 2650 DESCRIPTION 2651 "This group is mandatory for home agents." 2653 GROUP haRegNodeCountersGroup2 2654 DESCRIPTION 2655 "This group is mandatory for home agents which log 2656 registration counters for each individual mobile 2657 node." 2659 GROUP mipSecNotificationsGroup2 2660 DESCRIPTION 2661 "This group is mandatory for Mobile IP entities (MN, 2662 FA, and HA) that can report the security violations." 2664 ::= { mipCompliances 2 } 2666 -- Units of conformance 2668 mipSystemGroup OBJECT-GROUP 2669 OBJECTS { mipEntities, mipEnable, mipEncapsulationSupported } 2670 STATUS current 2671 DESCRIPTION 2672 "A collection of objects providing the basic Mobile IP 2673 entity's management information." 2674 ::= { mipGroups 1 } 2676 mnDiscoveryGroup OBJECT-GROUP 2677 OBJECTS { mnFAAddress, mnCOA, mnAdvSourceAddress, 2678 mnAdvSequence, mnAdvFlags, mnAdvMaxRegLifetime, 2679 mnAdvMaxAdvLifetime, mnAdvTimeReceived, 2680 mnSolicitationsSent, mnAdvertisementsReceived, 2681 mnAdvsDroppedInvalidExtension, 2682 mnAdvsIgnoredUnknownExtension, mnMoveFromHAToFA, 2683 mnMoveFromFAToFA, mnMoveFromFAToHA, 2684 mnGratuitousARPsSend, mnAgentRebootsDectected } 2685 STATUS current 2686 DESCRIPTION 2687 "A collection of objects providing management 2688 information for the Agent Discovery function within a 2689 mobile node." 2690 ::= { mipGroups 5 } 2692 faSystemGroup OBJECT-GROUP 2693 OBJECTS { faCOAStatus} 2694 STATUS current 2695 DESCRIPTION 2696 "A collection of objects providing the basic 2697 management information for foreign agents." 2698 ::= { mipGroups 8 } 2700 mipSecAssociationGroup2 OBJECT-GROUP 2701 OBJECTS { mipSecurityAlgorithmType, mipSecurityAlgorithmMode, 2702 mipSecurityKey, mipSecurityReplayMethod, 2703 mipSecurityReplayTime, mipSecurityStatus, 2704 mipSecurityAssocsCount } 2705 STATUS current 2706 DESCRIPTION 2707 "A collection of objects providing the management 2708 information for security associations of Mobile IP 2709 entities." 2710 ::= { mipGroups 14 } 2712 mipSecViolationGroup2 OBJECT-GROUP 2713 OBJECTS { mipSecTotalViolations, 2714 mipSecurityViolationCounter, 2715 mipSecurityRecentViolationSPI, 2716 mipSecurityRecentViolationTime, 2717 mipSecurityRecentViolationIDLow, 2718 mipSecurityRecentViolationIDHigh, 2719 mipSecurityRecentViolationReason } 2720 STATUS current 2721 DESCRIPTION 2722 "A collection of objects providing the management 2723 information for security violation logging of Mobile 2724 IP entities." 2725 ::= { mipGroups 15 } 2727 mnSystemGroup2 OBJECT-GROUP 2728 OBJECTS { mnState, mnCurrentHA, mnHomeAddress, 2729 mnHAStatus, mnIdentifierType, mnIdentifier } 2730 STATUS current 2731 DESCRIPTION 2732 "A collection of objects providing the basic 2733 management information for mobile nodes." 2734 ::= { mipGroups 16 } 2736 mnRegistrationGroup2 OBJECT-GROUP 2737 OBJECTS { mnRegAgentAddress, mnRegCOA, mnRegFlags, mnRegIDLow, 2738 mnRegIDHigh, mnRegTimeRequested, mnRegTimeRemaining, 2739 mnRegTimeSent, mnRegIsAccepted, mnCOAIsLocal, 2740 mnRegDeliveryStyle, mnRegRequestsSent, 2741 mnRegRepliesRecieved, mnDeRegRequestsSent, 2742 mnDeRegRepliesRecieved, 2743 mnRepliesInvalidHomeAddress, mnRepliesUnknownHA, 2744 mnRepliesUnknownFA, mnRepliesInvalidID, 2745 mnRepliesDroppedInvalidExtension, 2746 mnRepliesIgnoredUnknownExtension, 2747 mnRepliesHAAuthenticationFailure, 2748 mnRepliesFAAuthenticationFailure, 2749 mnRegRequestsAccepted, mnRegRequestsDeniedByHA, 2750 mnRegRequestsDeniedByFA, 2751 mnRegRequestsDeniedByHADueToID, 2752 mnRegRequestsWithDirectedBroadcast } 2754 STATUS current 2755 DESCRIPTION 2756 "A collection of objects providing management 2757 information for the registration function within a 2758 mobile node." 2759 ::= { mipGroups 17 } 2761 maAdvertisementGroup2 OBJECT-GROUP 2762 OBJECTS { maAdvertMaxRegLifetime, 2763 maAdvertPrefixLengthInclusion, maAdvertAddress, 2764 maAdvertMaxInterval, maAdvertMinInterval, 2765 maAdvertMaxAdvLifetime, 2766 maAdvertResponseSolicitationOnly, 2767 maAdvertService, maAdvertStatus, 2768 maAdvertisementsSent, 2769 maAdvsSentForSolicitation, 2770 maSolicitationsReceived } 2771 STATUS current 2772 DESCRIPTION 2773 "A collection of objects providing management 2774 information for the Agent Advertisement function 2775 within mobility agents." 2776 ::= { mipGroups 18 } 2778 faAdvertisementGroup2 OBJECT-GROUP 2779 OBJECTS { faAdvertIsBusy, faAdvertRegRequired, 2780 faAdvertChallengeWindow } 2781 STATUS current 2782 DESCRIPTION 2783 "A collection of objects providing supplemental 2784 management information for the Agent Advertisement 2785 function within a foreign agent." 2786 ::= { mipGroups 19 } 2788 faRegistrationGroup2 OBJECT-GROUP 2789 OBJECTS { faRegVisitorCount, faRegVisitorHomeAddress, 2790 faRegVisitorHomeAgentAddress, 2791 faRegVisitorTimeGranted, 2792 faRegVisitorTimeRemaining, faRegVisitorRegFlags, 2793 faRegVisitorRegIDLow, faRegVisitorRegIDHigh, 2794 faRegVisitorRegIsAccepted, 2795 faRegVisitorDeliveryStyle, faRegRequestsReceived, 2796 faRegRequestsRelayed, faReasonUnspecified, 2797 faAdmProhibited, faInsufficientResource, 2798 faMNAuthenticationFailure, faRegLifetimeTooLong, 2799 faPoorlyFormedRequests, 2800 faEncapsulationUnavailable, 2801 faHAUnreachable, faRegRepliesRecieved, 2802 faRegRepliesRelayed, faHAAuthenticationFailure, 2803 faPoorlyFormedReplies, 2804 faReverseTunnelUnavailable, 2805 faReverseTunnelBitNotSet, 2806 faMnTooDistant, faDeliveryStyleUnsupported, 2807 faNonZeroHomeAddressRequired, faUnknownChallenge, 2808 faMissingChallenge, faStaleChallenge, 2809 faCvsesFromMnUnsupported, faCvsesFromHaUnsupported, 2810 faNvsesFromMnIgnored, faNvsesFromHaIgnored } 2811 STATUS current 2812 DESCRIPTION 2813 "A collection of objects providing management 2814 information for the registration function within a 2815 foreign agent." 2816 ::= { mipGroups 20 } 2818 haRegistrationGroup2 OBJECT-GROUP 2819 OBJECTS { haMobilityBindingMN, haMobilityBindingCOA, 2820 haMobilityBindingSourceAddress, 2821 haMobilityBindingRegFlags, 2822 haMobilityBindingRegIDLow, 2823 haMobilityBindingRegIDHigh, 2824 haMobilityBindingTimeGranted, 2825 haMobilityBindingTimeRemaining, 2826 haMobilityBindingMnIdType, haMobilityBindingMnId, 2827 haRegistrationAccepted, haMultiBindingUnsupported, 2828 haReasonUnspecified, haAdmProhibited, 2829 haInsufficientResource, haMNAuthenticationFailure, 2830 haFAAuthenticationFailure, haIDMismatch, 2831 haPoorlyFormedRequest, haTooManyBindings, 2832 haUnknownHA, haGratuitiousARPsSent, 2833 haProxyARPsSent, haRegRequestsReceived, 2834 haDeRegRequestsReceived, haRegRepliesSent, 2835 haDeRegRepliesSent, haReverseTunnelUnavailable, 2836 haReverseTunnelBitNotSet, 2837 haEncapsulationUnavailable, haCvsesFromMnUnsupported, 2838 haCvsesFromFaUnsupported, haRegMobilityBindingCount, 2839 haNvsesFromMnIgnored, haNvsesFromFaIgnored } 2840 STATUS current 2841 DESCRIPTION 2842 "A collection of objects providing management 2843 information for the registration function within a 2844 home agent." 2845 ::= { mipGroups 21 } 2847 haRegNodeCountersGroup2 OBJECT-GROUP 2848 OBJECTS { haRegServiceRequestsAccepted, 2849 haRegServiceRequestsDenied, 2850 haRegOverallServiceTime, 2851 haRegRecentServiceAcceptedTime, 2852 haRegRecentServiceDeniedTime, 2853 haRegRecentServiceDeniedCode } 2854 STATUS current 2855 DESCRIPTION 2856 "A collection of objects providing management 2857 information for counters related to the registration 2858 function within a home agent." 2859 ::= { mipGroups 22 } 2861 mipSecNotificationsGroup2 NOTIFICATION-GROUP 2862 NOTIFICATIONS { mipAuthFailure2 } 2863 STATUS current 2864 DESCRIPTION 2865 "The notification related to security violations." 2866 ::= { mipGroups 23 } 2868 -- Deprecated Definitions 2870 -- Deprecated objects 2872 -- Security group specific deprecated objects 2874 mipSecAssocTable OBJECT-TYPE 2875 SYNTAX SEQUENCE OF MipSecAssocEntry 2876 MAX-ACCESS not-accessible 2877 STATUS deprecated 2878 DESCRIPTION 2879 "A table containing Mobility Security Associations." 2880 ::= { mipSecurity 1 } 2882 mipSecAssocEntry OBJECT-TYPE 2883 SYNTAX MipSecAssocEntry 2884 MAX-ACCESS not-accessible 2885 STATUS deprecated 2886 DESCRIPTION 2887 "One particular Mobility Security Association." 2888 INDEX { mipSecPeerAddress, mipSecSPI } 2889 ::= { mipSecAssocTable 1 } 2891 MipSecAssocEntry ::= 2892 SEQUENCE { 2893 mipSecPeerAddress IpAddress, 2894 mipSecSPI Unsigned32, 2895 mipSecAlgorithmType INTEGER, 2896 mipSecAlgorithmMode INTEGER, 2897 mipSecKey OCTET STRING, 2898 mipSecReplayMethod INTEGER 2899 } 2901 mipSecPeerAddress OBJECT-TYPE 2902 SYNTAX IpAddress 2903 MAX-ACCESS not-accessible 2904 STATUS deprecated 2905 DESCRIPTION 2906 "The IP address of the peer entity with which this 2907 node shares the mobility security association." 2908 ::= { mipSecAssocEntry 1 } 2910 mipSecSPI OBJECT-TYPE 2911 SYNTAX Unsigned32 (0..4294967295) 2912 MAX-ACCESS not-accessible 2913 STATUS deprecated 2914 DESCRIPTION 2915 "The SPI is the 4-byte opaque index within the 2916 Mobility Security Association which selects the 2917 specific security parameters to be used to 2918 authenticate the peer, i.e. the rest of the variables 2919 in this MipSecAssocEntry." 2920 ::= { mipSecAssocEntry 2 } 2922 mipSecAlgorithmType OBJECT-TYPE 2923 SYNTAX INTEGER { 2924 other(1), 2925 md5(2) 2926 } 2927 MAX-ACCESS read-create 2928 STATUS deprecated 2929 DESCRIPTION 2930 "Type of security algorithm." 2931 ::= { mipSecAssocEntry 3 } 2933 mipSecAlgorithmMode OBJECT-TYPE 2934 SYNTAX INTEGER { 2935 other(1), 2936 prefixSuffix(2) 2937 } 2938 MAX-ACCESS read-create 2940 STATUS deprecated 2941 DESCRIPTION 2942 "Security mode used by this algorithm." 2943 ::= { mipSecAssocEntry 4 } 2945 mipSecKey OBJECT-TYPE 2946 SYNTAX OCTET STRING (SIZE(16)) 2947 MAX-ACCESS read-create 2948 STATUS deprecated 2949 DESCRIPTION 2950 "The shared secret key for the security 2951 associations. Reading this object will always return 2952 zero length value." 2953 ::= { mipSecAssocEntry 5 } 2955 mipSecReplayMethod OBJECT-TYPE 2956 SYNTAX INTEGER { 2957 other(1), 2958 timestamps(2), 2959 nonces(3) 2960 } 2961 MAX-ACCESS read-create 2962 STATUS deprecated 2963 DESCRIPTION 2964 "The replay-protection method supported for this SPI 2965 within this Mobility Security Association." 2966 ::= { mipSecAssocEntry 6 } 2968 -- Mobile IP security violation table 2970 mipSecViolationTable OBJECT-TYPE 2971 SYNTAX SEQUENCE OF MipSecViolationEntry 2972 MAX-ACCESS not-accessible 2973 STATUS deprecated 2974 DESCRIPTION 2975 "A table containing information about security 2976 violations." 2977 ::= { mipSecurity 3 } 2979 mipSecViolationEntry OBJECT-TYPE 2980 SYNTAX MipSecViolationEntry 2981 MAX-ACCESS not-accessible 2982 STATUS deprecated 2983 DESCRIPTION 2984 "Information about one particular security violation." 2985 INDEX { mipSecViolatorAddress } 2986 ::= { mipSecViolationTable 1 } 2988 MipSecViolationEntry ::= 2989 SEQUENCE { 2990 mipSecViolatorAddress IpAddress, 2991 mipSecViolationCounter Counter32, 2992 mipSecRecentViolationSPI Integer32, 2993 mipSecRecentViolationTime TimeStamp, 2994 mipSecRecentViolationIDLow Integer32, 2995 mipSecRecentViolationIDHigh Integer32, 2996 mipSecRecentViolationReason INTEGER 2997 } 2999 mipSecViolatorAddress OBJECT-TYPE 3000 SYNTAX IpAddress 3001 MAX-ACCESS accessible-for-notify 3002 STATUS deprecated 3003 DESCRIPTION 3004 "Violator's IP address. The violator is not necessary 3005 in the mipSecAssocTable." 3006 ::= { mipSecViolationEntry 1 } 3008 mipSecViolationCounter OBJECT-TYPE 3009 SYNTAX Counter32 3010 MAX-ACCESS read-only 3011 STATUS deprecated 3012 DESCRIPTION 3013 "Total number of security violations for this peer." 3014 ::= { mipSecViolationEntry 2 } 3016 mipSecRecentViolationSPI OBJECT-TYPE 3017 SYNTAX Integer32 3018 MAX-ACCESS read-only 3019 STATUS deprecated 3020 DESCRIPTION 3021 "SPI of the most recent security violation for this 3022 peer. If the security violation is due to an 3023 identification mismatch, then this is the SPI from the 3024 Mobile-Home Authentication Extension. If the security 3025 violation is due to an invalid authenticator, then 3026 this is the SPI from the offending authentication 3027 extension. In all other cases, it should be set to 3028 zero." 3029 ::= { mipSecViolationEntry 3 } 3031 mipSecRecentViolationTime OBJECT-TYPE 3032 SYNTAX TimeStamp 3033 MAX-ACCESS read-only 3034 STATUS deprecated 3035 DESCRIPTION 3036 "Time of the most recent security violation for this 3037 peer." 3039 ::= { mipSecViolationEntry 4 } 3041 mipSecRecentViolationIDLow OBJECT-TYPE 3042 SYNTAX Integer32 3043 MAX-ACCESS read-only 3044 STATUS deprecated 3045 DESCRIPTION 3046 "Low-order 32 bits of identification used in request or 3047 reply of the most recent security violation for this 3048 peer." 3049 ::= { mipSecViolationEntry 5 } 3051 mipSecRecentViolationIDHigh OBJECT-TYPE 3052 SYNTAX Integer32 3053 MAX-ACCESS read-only 3054 STATUS deprecated 3055 DESCRIPTION 3056 "High-order 32 bits of identification used in request 3057 or reply of the most recent security violation for 3058 this peer." 3059 ::= { mipSecViolationEntry 6 } 3061 mipSecRecentViolationReason OBJECT-TYPE 3062 SYNTAX INTEGER { 3063 noMobilitySecurityAssociation(1), 3064 badAuthenticator(2), 3065 badIdentifier(3), 3066 badSPI(4), 3067 missingSecurityExtension(5), 3068 other(6) 3069 } 3070 MAX-ACCESS read-only 3071 STATUS deprecated 3072 DESCRIPTION 3073 "Reason for the most recent security violation for 3074 this peer." 3075 ::= { mipSecViolationEntry 7 } 3077 -- Mobility agent advertisement specific deprecated objects 3079 -- Mobility agent advertisement configuration table 3081 maAdvConfigTable OBJECT-TYPE 3082 SYNTAX SEQUENCE OF MaAdvConfigEntry 3083 MAX-ACCESS not-accessible 3084 STATUS deprecated 3085 DESCRIPTION 3086 "A table containing configurable advertisement 3087 parameters for all advertisement interfaces in 3088 the mobility agent." 3089 ::= { maAdvertisement 1 } 3091 maAdvConfigEntry OBJECT-TYPE 3092 SYNTAX MaAdvConfigEntry 3093 MAX-ACCESS not-accessible 3094 STATUS deprecated 3095 DESCRIPTION 3096 "Advertisement parameters for one advertisement 3097 interface." 3098 INDEX { maInterfaceAddress } 3099 ::= { maAdvConfigTable 1 } 3101 MaAdvConfigEntry ::= SEQUENCE { 3102 maInterfaceAddress IpAddress, 3103 maAdvMaxRegLifetime Integer32, 3104 maAdvPrefixLengthInclusion TruthValue, 3105 maAdvAddress IpAddress, 3106 maAdvMaxInterval Integer32, 3107 maAdvMinInterval Integer32, 3108 maAdvMaxAdvLifetime Integer32, 3109 maAdvResponseSolicitationOnly TruthValue, 3110 maAdvStatus RowStatus 3111 } 3113 maInterfaceAddress OBJECT-TYPE 3114 SYNTAX IpAddress 3115 MAX-ACCESS not-accessible 3116 STATUS deprecated 3117 DESCRIPTION 3118 "IP address for advertisement interface." 3119 ::= { maAdvConfigEntry 1 } 3121 maAdvMaxRegLifetime OBJECT-TYPE 3122 SYNTAX Integer32 (0..65535) 3123 UNITS "seconds" 3124 MAX-ACCESS read-create 3125 STATUS deprecated 3126 DESCRIPTION 3127 "The longest lifetime in seconds that mobility agent 3128 is willing to accept in any Registration Request." 3129 ::= { maAdvConfigEntry 2 } 3131 maAdvPrefixLengthInclusion OBJECT-TYPE 3132 SYNTAX TruthValue 3133 MAX-ACCESS read-create 3134 STATUS deprecated 3135 DESCRIPTION 3136 "Whether the advertisement should include the Prefix- 3137 Lengths Extension. If it is true, all advertisements 3138 sent over this interface should include the 3139 Prefix-Lengths Extension." 3140 ::= { maAdvConfigEntry 3 } 3142 maAdvAddress OBJECT-TYPE 3143 SYNTAX IpAddress 3144 MAX-ACCESS read-create 3145 STATUS deprecated 3146 DESCRIPTION 3147 "The IP destination address to be used for 3148 advertisements sent from the interface. The only 3149 permissible values are the all-systems multicast 3150 address (224.0.0.1) or the limited-broadcast address 3151 (255.255.255.255)." 3152 REFERENCE 3153 "AdvertisementAddress in RFC1256." 3154 ::= { maAdvConfigEntry 4 } 3156 maAdvMaxInterval OBJECT-TYPE 3157 SYNTAX Integer32 (4..1800) 3158 UNITS "seconds" 3159 MAX-ACCESS read-create 3160 STATUS deprecated 3161 DESCRIPTION 3162 "The maximum time in seconds between successive 3163 transmissions of Agent Advertisements from this 3164 interface." 3165 REFERENCE 3166 "MaxAdvertisementInterval in RFC1256." 3167 ::= { maAdvConfigEntry 5 } 3169 maAdvMinInterval OBJECT-TYPE 3170 SYNTAX Integer32 (3..1800) 3171 UNITS "seconds" 3172 MAX-ACCESS read-create 3173 STATUS deprecated 3174 DESCRIPTION 3175 "The minimum time in seconds between successive 3176 transmissions of Agent Advertisements from this 3177 interface." 3178 REFERENCE 3179 "MinAdvertisementInterval in RFC1256." 3180 ::= { maAdvConfigEntry 6 } 3182 maAdvMaxAdvLifetime OBJECT-TYPE 3183 SYNTAX Integer32 (4..9000) 3184 UNITS "seconds" 3185 MAX-ACCESS read-create 3186 STATUS deprecated 3187 DESCRIPTION 3188 "The time (in seconds) to be placed in the Lifetime 3189 field of the RFC 1256-portion of the Agent 3190 Advertisements sent over this interface." 3191 REFERENCE 3192 "AdvertisementLifetime in RFC1256." 3193 ::= { maAdvConfigEntry 7 } 3195 maAdvResponseSolicitationOnly OBJECT-TYPE 3196 SYNTAX TruthValue 3197 MAX-ACCESS read-create 3198 STATUS deprecated 3199 DESCRIPTION 3200 "The flag indicates whether the advertisement from 3201 that interface should be sent only in response to an 3202 Agent Solicitation message." 3203 DEFVAL { false } 3204 ::= { maAdvConfigEntry 8 } 3206 maAdvStatus OBJECT-TYPE 3207 SYNTAX RowStatus 3208 MAX-ACCESS read-create 3209 STATUS deprecated 3210 DESCRIPTION 3211 "The row status for the agent advertisement table. If 3212 this column status is 'active', the manager should not 3213 change any column in the row." 3214 ::= { maAdvConfigEntry 9 } 3216 -- Foreign agent specific deprecated objects 3218 faIsBusy OBJECT-TYPE 3219 SYNTAX TruthValue 3220 MAX-ACCESS read-only 3221 STATUS deprecated 3222 DESCRIPTION 3223 "Whether or not the foreign agent is too busy to 3224 accept additional registrations. If true(1), the agent 3225 is busy and any Agent advertisements sent from this 3226 agent should have the 'B' bit set to 1." 3227 ::= { faAdvertisement 1 } 3229 faRegistrationRequired OBJECT-TYPE 3230 SYNTAX TruthValue 3231 MAX-ACCESS read-write 3232 STATUS deprecated 3233 DESCRIPTION 3234 "Whether or not this foreign agent requires 3235 registration even from those mobile nodes that have 3236 acquired their own, colocated care-of address. If 3237 true(1), registration is required and any Agent 3238 Advertisements sent from this agent should have the 3239 'R' bit set to 1." 3240 ::= { faAdvertisement 2 } 3242 -- Foreign Agent Visitors List 3244 faVisitorTable OBJECT-TYPE 3245 SYNTAX SEQUENCE OF FaVisitorEntry 3246 MAX-ACCESS not-accessible 3247 STATUS deprecated 3248 DESCRIPTION 3249 "A table containing the foreign agent's visitor list. 3250 The foreign agent updates this table in response to 3251 registration events from mobile nodes." 3252 ::= { faRegistration 1 } 3254 faVisitorEntry OBJECT-TYPE 3255 SYNTAX FaVisitorEntry 3256 MAX-ACCESS not-accessible 3257 STATUS deprecated 3258 DESCRIPTION 3259 "Information for one visitor." 3260 INDEX { faVisitorIPAddress } 3261 ::= { faVisitorTable 1 } 3263 FaVisitorEntry ::= SEQUENCE { 3264 faVisitorIPAddress IpAddress, 3265 faVisitorHomeAddress IpAddress, 3266 faVisitorHomeAgentAddress IpAddress, 3267 faVisitorTimeGranted Integer32, 3268 faVisitorTimeRemaining Gauge32, 3269 faVisitorRegFlags RegistrationFlags, 3270 faVisitorRegIDLow Integer32, 3271 faVisitorRegIDHigh Integer32, 3272 faVisitorRegIsAccepted TruthValue 3273 } 3275 faVisitorIPAddress OBJECT-TYPE 3276 SYNTAX IpAddress 3277 MAX-ACCESS read-only 3278 STATUS deprecated 3279 DESCRIPTION 3280 "Source IP address of visitor's Registration Request." 3281 ::= { faVisitorEntry 1 } 3283 faVisitorHomeAddress OBJECT-TYPE 3284 SYNTAX IpAddress 3285 MAX-ACCESS read-only 3286 STATUS deprecated 3287 DESCRIPTION 3288 "Home (IP) address of visiting mobile node." 3289 ::= { faVisitorEntry 2 } 3291 faVisitorHomeAgentAddress OBJECT-TYPE 3292 SYNTAX IpAddress 3293 MAX-ACCESS read-only 3294 STATUS deprecated 3295 DESCRIPTION 3296 "Home agent IP address for that visiting mobile node." 3297 ::= { faVisitorEntry 3 } 3299 faVisitorTimeGranted OBJECT-TYPE 3300 SYNTAX Integer32 3301 UNITS "seconds" 3302 MAX-ACCESS read-only 3303 STATUS deprecated 3304 DESCRIPTION 3305 "The lifetime in seconds granted to the mobile node 3306 for this registration. Only valid if 3307 faVisitorRegIsAccepted is true(1)." 3308 ::= { faVisitorEntry 4 } 3310 faVisitorTimeRemaining OBJECT-TYPE 3311 SYNTAX Gauge32 3312 UNITS "seconds" 3313 MAX-ACCESS read-only 3314 STATUS deprecated 3315 DESCRIPTION 3316 "The number of seconds remaining until the 3317 registration is expired. It has the same initial value 3318 as faVisitorTimeGranted, and is counted down by the 3319 foreign agent." 3320 ::= { faVisitorEntry 5 } 3322 faVisitorRegFlags OBJECT-TYPE 3323 SYNTAX RegistrationFlags 3324 MAX-ACCESS read-only 3325 STATUS deprecated 3326 DESCRIPTION 3327 "Registration flags sent by mobile node." 3328 ::= { faVisitorEntry 6 } 3330 faVisitorRegIDLow OBJECT-TYPE 3331 SYNTAX Integer32 3332 MAX-ACCESS read-only 3333 STATUS deprecated 3334 DESCRIPTION 3335 "Low 32 bits of Identification used in that 3336 registration by the mobile node." 3337 ::= { faVisitorEntry 7 } 3339 faVisitorRegIDHigh OBJECT-TYPE 3340 SYNTAX Integer32 3341 MAX-ACCESS read-only 3342 STATUS deprecated 3343 DESCRIPTION 3344 "High 32 bits of Identification used in that 3345 registration by the mobile node." 3346 ::= { faVisitorEntry 8 } 3348 faVisitorRegIsAccepted OBJECT-TYPE 3349 SYNTAX TruthValue 3350 MAX-ACCESS read-only 3351 STATUS deprecated 3352 DESCRIPTION 3353 "Whether the registration has been accepted or not. If 3354 it is false(2), this registration is still pending for 3355 reply." 3356 ::= { faVisitorEntry 9 } 3358 faVJCompressionUnavailable OBJECT-TYPE 3359 SYNTAX Counter32 3360 MAX-ACCESS read-only 3361 STATUS deprecated 3362 DESCRIPTION 3363 "Total number of Registration Requests denied by 3364 foreign agent -- requested Van Jacobson header 3365 compression unavailable (Code 73)." 3366 ::= { faRegistration 11 } 3368 -- Home agent specific deprecated objects 3370 -- Home agent registration Counters per node 3372 haCounterTable OBJECT-TYPE 3373 SYNTAX SEQUENCE OF HaCounterEntry 3374 MAX-ACCESS not-accessible 3375 STATUS deprecated 3376 DESCRIPTION 3377 "A table containing registration statistics for all 3378 mobile nodes authorized to use this home agent." 3379 ::= { haRegistration 2 } 3381 haCounterEntry OBJECT-TYPE 3382 SYNTAX HaCounterEntry 3383 MAX-ACCESS not-accessible 3384 STATUS deprecated 3385 DESCRIPTION 3386 "Registration statistics for one mobile node." 3387 INDEX { haMobilityBindingMN } 3388 ::= { haCounterTable 1 } 3390 HaCounterEntry ::= SEQUENCE { 3391 haServiceRequestsAccepted Counter32, 3392 haServiceRequestsDenied Counter32, 3393 haOverallServiceTime Gauge32, 3394 haRecentServiceAcceptedTime TimeStamp, 3395 haRecentServiceDeniedTime TimeStamp, 3396 haRecentServiceDeniedCode INTEGER 3397 } 3399 haServiceRequestsAccepted OBJECT-TYPE 3400 SYNTAX Counter32 3401 MAX-ACCESS read-only 3402 STATUS deprecated 3403 DESCRIPTION 3404 "Total number of service requests for the mobile node 3405 accepted by the home agent (Code 0 + Code 1)." 3406 ::= { haCounterEntry 2 } 3408 haServiceRequestsDenied OBJECT-TYPE 3409 SYNTAX Counter32 3410 MAX-ACCESS read-only 3411 STATUS deprecated 3412 DESCRIPTION 3413 "Total number of service requests for the mobile node 3414 denied by the home agent (sum of all registrations 3415 denied with Code 128 through Code 159)." 3416 ::= { haCounterEntry 3 } 3418 haOverallServiceTime OBJECT-TYPE 3419 SYNTAX Gauge32 3420 UNITS "seconds" 3421 MAX-ACCESS read-only 3422 STATUS deprecated 3423 DESCRIPTION 3424 "Overall service time (in seconds) that has 3425 accumulated for the mobile node since the home agent 3426 last rebooted." 3427 ::= { haCounterEntry 4 } 3429 haRecentServiceAcceptedTime OBJECT-TYPE 3430 SYNTAX TimeStamp 3431 MAX-ACCESS read-only 3432 STATUS deprecated 3433 DESCRIPTION 3434 "The time at which the most recent Registration 3435 Request was accepted by the home agent for this mobile 3436 node." 3437 ::= { haCounterEntry 5 } 3439 haRecentServiceDeniedTime OBJECT-TYPE 3440 SYNTAX TimeStamp 3441 MAX-ACCESS read-only 3442 STATUS deprecated 3443 DESCRIPTION 3444 "The time at which the most recent Registration 3445 Request was denied by the home agent for this mobile 3446 node." 3447 ::= { haCounterEntry 6 } 3449 haRecentServiceDeniedCode OBJECT-TYPE 3450 SYNTAX INTEGER { 3451 reasonUnspecified(128), 3452 admProhibited(129), 3453 insufficientResource(130), 3454 mnAuthenticationFailure(131), 3455 faAuthenticationFailure(132), 3456 idMismatch(133), 3457 poorlyFormedRequest(134), 3458 tooManyBindings(135), 3459 unknownHA(136) 3460 } 3461 MAX-ACCESS read-only 3462 STATUS deprecated 3463 DESCRIPTION 3464 "The Code indicating the reason why the most recent 3465 Registration Request for this mobile node was rejected 3466 by the home agent." 3467 ::= { haCounterEntry 7 } 3469 -- deprecated traps 3471 mipAuthFailure NOTIFICATION-TYPE 3472 OBJECTS { mipSecViolatorAddress, 3473 mipSecRecentViolationSPI, 3474 mipSecRecentViolationIDLow, 3475 mipSecRecentViolationIDHigh, 3476 mipSecRecentViolationReason 3477 } 3479 STATUS deprecated 3480 DESCRIPTION 3481 "The mipAuthFailure indicates that the Mobile IP 3482 entity has an authentication failure when it validates 3483 the mobile Registration Request or Reply. 3484 Implementation of this trap is optional." 3485 ::= { mipMIBNotifications 1 } 3487 -- deprecated compliance statement 3489 mipCompliance MODULE-COMPLIANCE 3490 STATUS deprecated 3491 DESCRIPTION 3492 "The compliance statement for SNMPv2 entities which 3493 implement the Mobile IP MIB." 3494 MODULE 3495 MANDATORY-GROUPS { mipSystemGroup } 3497 GROUP mipSecAssociationGroup 3498 DESCRIPTION 3499 "This group is mandatory for Mobile IP entities (MN, 3500 FA, and HA) which support security associations. 3501 Mobile Nodes and Home Agents must implement this 3502 group. Foreign Agents must implement this group if 3503 they maintain any security associations." 3505 GROUP mipSecViolationGroup 3506 DESCRIPTION 3507 "This group is mandatory for Mobile IP entities (MN, 3508 FA, and HA) that can log security violations." 3510 GROUP mnSystemGroup 3511 DESCRIPTION 3512 "This group is mandatory for mobile node." 3514 GROUP mnDiscoveryGroup 3515 DESCRIPTION 3516 "This group is mandatory for mobile nodes which 3517 implement the Agent Discovery function." 3519 GROUP mnRegistrationGroup 3520 DESCRIPTION 3521 "This group is mandatory for mobile nodes." 3523 GROUP maAdvertisementGroup 3524 DESCRIPTION 3525 "This group is mandatory for the mobility agents (HA 3526 and FA) since they must implement Agent 3527 Advertisement." 3529 GROUP faSystemGroup 3530 DESCRIPTION 3531 "This group is mandatory for foreign agents." 3533 GROUP faAdvertisementGroup 3534 DESCRIPTION 3535 "This group is mandatory for foreign agents." 3537 GROUP faRegistrationGroup 3538 DESCRIPTION 3539 "This group is mandatory for foreign agents." 3540 GROUP haRegistrationGroup 3541 DESCRIPTION 3542 "This group is mandatory for home agents." 3544 GROUP haRegNodeCountersGroup 3545 DESCRIPTION 3546 "This group is mandatory for home agents which log 3547 registration counters for each individual mobile 3548 node." 3550 GROUP mipSecNotificationsGroup 3551 DESCRIPTION 3552 "This group is mandatory for Mobile IP entities (MN, 3553 FA, and HA) that can report the security violations." 3555 ::= { mipCompliances 1 } 3557 -- Deprecated groups 3559 mipSecAssociationGroup OBJECT-GROUP 3560 OBJECTS { mipSecAlgorithmType, mipSecAlgorithmMode, 3561 mipSecKey, mipSecReplayMethod } 3562 STATUS deprecated 3563 DESCRIPTION 3564 "A collection of objects providing the management 3565 information for security associations of Mobile IP 3566 entities." 3567 ::= { mipGroups 2 } 3569 mipSecViolationGroup OBJECT-GROUP 3570 OBJECTS { mipSecTotalViolations, 3571 mipSecViolationCounter, mipSecRecentViolationSPI, 3572 mipSecRecentViolationTime, 3573 mipSecRecentViolationIDLow, 3574 mipSecRecentViolationIDHigh, 3575 mipSecRecentViolationReason } 3576 STATUS deprecated 3577 DESCRIPTION 3578 "A collection of objects providing the management 3579 information for security violation logging of Mobile 3580 IP entities." 3581 ::= { mipGroups 3 } 3583 mnSystemGroup OBJECT-GROUP 3584 OBJECTS { mnState, mnCurrentHA, mnHomeAddress, 3585 mnHAStatus } 3586 STATUS deprecated 3587 DESCRIPTION 3588 "A collection of objects providing the basic 3589 management information for mobile nodes." 3590 ::= { mipGroups 4 } 3592 mnRegistrationGroup OBJECT-GROUP 3593 OBJECTS { mnRegAgentAddress, mnRegCOA, mnRegFlags, mnRegIDLow, 3594 mnRegIDHigh, mnRegTimeRequested, mnRegTimeRemaining, 3595 mnRegTimeSent, mnRegIsAccepted, mnCOAIsLocal, 3596 mnRegRequestsSent, mnRegRepliesRecieved, 3597 mnDeRegRequestsSent, mnDeRegRepliesRecieved, 3598 mnRepliesInvalidHomeAddress, mnRepliesUnknownHA, 3599 mnRepliesUnknownFA, mnRepliesInvalidID, 3600 mnRepliesDroppedInvalidExtension, 3601 mnRepliesIgnoredUnknownExtension, 3602 mnRepliesHAAuthenticationFailure, 3603 mnRepliesFAAuthenticationFailure, 3604 mnRegRequestsAccepted, mnRegRequestsDeniedByHA, 3605 mnRegRequestsDeniedByFA, 3606 mnRegRequestsDeniedByHADueToID, 3607 mnRegRequestsWithDirectedBroadcast } 3608 STATUS deprecated 3609 DESCRIPTION 3610 "A collection of objects providing management 3611 information for the registration function within a 3612 mobile node." 3614 ::= { mipGroups 6 } 3616 maAdvertisementGroup OBJECT-GROUP 3617 OBJECTS { maAdvMaxRegLifetime, 3618 maAdvPrefixLengthInclusion, maAdvAddress, 3619 maAdvMaxInterval, maAdvMinInterval, 3620 maAdvMaxAdvLifetime, 3621 maAdvResponseSolicitationOnly, maAdvStatus, 3622 maAdvertisementsSent, maAdvsSentForSolicitation, 3623 maSolicitationsReceived } 3624 STATUS deprecated 3625 DESCRIPTION 3626 "A collection of objects providing management 3627 information for the Agent Advertisement function 3628 within mobility agents." 3629 ::= { mipGroups 7 } 3631 faAdvertisementGroup OBJECT-GROUP 3632 OBJECTS { faIsBusy, faRegistrationRequired } 3633 STATUS deprecated 3634 DESCRIPTION 3635 "A collection of objects providing supplemental 3636 management information for the Agent Advertisement 3637 function within a foreign agent." 3638 ::= { mipGroups 9 } 3640 faRegistrationGroup OBJECT-GROUP 3641 OBJECTS { faVisitorIPAddress, faVisitorHomeAddress, 3642 faVisitorHomeAgentAddress, faVisitorTimeGranted, 3643 faVisitorTimeRemaining, faVisitorRegFlags, 3644 faVisitorRegIDLow, faVisitorRegIDHigh, 3645 faVisitorRegIsAccepted, faRegRequestsReceived, 3646 faRegRequestsRelayed, faReasonUnspecified, 3647 faAdmProhibited, faInsufficientResource, 3648 faMNAuthenticationFailure, faRegLifetimeTooLong, 3649 faPoorlyFormedRequests, 3650 faEncapsulationUnavailable, 3651 faVJCompressionUnavailable, faHAUnreachable, 3652 faRegRepliesRecieved, faRegRepliesRelayed, 3653 faHAAuthenticationFailure, faPoorlyFormedReplies } 3654 STATUS deprecated 3655 DESCRIPTION 3656 "A collection of objects providing management 3657 information for the registration function within a 3658 foreign agent." 3659 ::= { mipGroups 10 } 3661 haRegistrationGroup OBJECT-GROUP 3662 OBJECTS { haMobilityBindingMN, haMobilityBindingCOA, 3663 haMobilityBindingSourceAddress, 3664 haMobilityBindingRegFlags, 3665 haMobilityBindingRegIDLow, 3666 haMobilityBindingRegIDHigh, 3667 haMobilityBindingTimeGranted, 3668 haMobilityBindingTimeRemaining, 3669 haRegistrationAccepted, haMultiBindingUnsupported, 3670 haReasonUnspecified, haAdmProhibited, 3671 haInsufficientResource, haMNAuthenticationFailure, 3672 haFAAuthenticationFailure, haIDMismatch, 3673 haPoorlyFormedRequest, haTooManyBindings, 3674 haUnknownHA, haGratuitiousARPsSent, 3675 haProxyARPsSent, haRegRequestsReceived, 3676 haDeRegRequestsReceived, haRegRepliesSent, 3677 haDeRegRepliesSent } 3678 STATUS deprecated 3679 DESCRIPTION 3680 "A collection of objects providing management 3681 information for the registration function within a 3682 home agent." 3683 ::= { mipGroups 11 } 3685 haRegNodeCountersGroup OBJECT-GROUP 3686 OBJECTS { haServiceRequestsAccepted, 3687 haServiceRequestsDenied, haOverallServiceTime, 3688 haRecentServiceAcceptedTime, 3689 haRecentServiceDeniedTime, 3690 haRecentServiceDeniedCode } 3691 STATUS deprecated 3692 DESCRIPTION 3693 "A collection of objects providing management 3694 information for counters related to the registration 3695 function within a home agent." 3696 ::= { mipGroups 12 } 3698 mipSecNotificationsGroup NOTIFICATION-GROUP 3699 NOTIFICATIONS { mipAuthFailure } 3700 STATUS deprecated 3701 DESCRIPTION 3702 "The notification related to security violations." 3703 ::= { mipGroups 13 } 3705 END 3707 5. Acknowledgments 3709 The origin of this document is from RFC 2006 "The Definitions of Man- 3710 aged Objects for IP Mobility Support using SMIv2" written by D. Cong, 3711 M. Hamlen and C. Perkins. The editor wishes to acknowledge the good 3712 work of these original authors. Thanks to Roy Jose, Rudreshwar N, 3713 Basavaraj Patil, and Sri Gundavelli for their useful comments and 3714 contributions. 3716 6. Security Considerations 3718 There are a number of management objects defined in this MIB that 3719 have a MAX-ACCESS clause of read-write and/or read-create. Such 3720 objects may be considered sensitive or vulnerable in some network 3721 environments. The support for SET operations in a non-secure envi- 3722 ronment without proper protection can have a negative effect on net- 3723 work operations. 3725 The Mobile IP MIB affords the network operator the ability to config- 3726 ure and control the Mobile IP links of a particular system, including 3727 the Mobile IP authentication protocols, and shared secret key. This 3728 represents a security risk. 3730 These risks are addressed in the following manners: 3732 (1) All variables which represent a significant security risk are 3733 placed in separate MIB Groups. By providing Agent Capability 3734 Statements, the implementor of the MIB may elect not to imple- 3735 ment these groups. 3737 (2) The MIB allows the manager station to create the security asso- 3738 ciation for Mobile IP entities. However, the agent should 3739 always return 0 length octet string when the manager station 3740 retrieves the shared security key in the mipSecAssocTable. In 3741 this way, the Mobile IP entities can prevent the key leaking 3742 from SNMP GET, GET-NEXT, or GET-BULK requests. 3744 (3) The MIB defines a trap for Mobile IP entities to send a notifi- 3745 cation to the manager station if there is a security violation. 3746 In this way, the operator can notice the source of an intruder. 3748 (4) The MIB also defines a table to log the security violations in 3749 the Mobile IP entities. The manager station can retrieve this 3750 log to analyze the security violation instances in the system. 3752 Thus, in order to preserve the integrity, security and privacy of the 3753 Mobile IP security features, an implementation SHOULD allow access to 3754 this MIB only via SNMPv3. 3756 SNMPv1 by itself is not a secure environment. Even if the network 3757 itself is secure (for example by using IPSec), even then, there is no 3758 control as to who on the secure network is allowed to access and 3759 GET/SET (read/change/create/delete) the objects in this MIB. 3761 It is recommended that the implementers consider the security fea- 3762 tures as provided by the SNMPv3 framework. Specifically, the use of 3763 the User-based Security Model RFC 2574 [8] and the View-based Access 3764 Control Model RFC 2575 [9] is recommended. 3766 It is then a customer/user responsibility to ensure that the SNMP 3767 entity giving access to an instance of this MIB, is properly 3768 configured to give access to the objects only to those principals 3769 (users) that have legitimate rights to indeed GET or SET (change/cre- 3770 ate/delete) them. 3772 7. References 3774 [1] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, 3775 M., and S. Waldbusser, "Structure of Management Information Ver- 3776 sion 2 (SMIv2)", STD 58, RFC 2578, April 1999 3778 [2] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for 3779 Describing SNMP Management Frameworks", RFC 2571, April 1999 3781 [3] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, 3782 M., and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, 3783 RFC 2579, April 1999 3785 [4] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, 3786 M., and S. Waldbusser, "Conformance Statements for SMIv2", STD 3787 58, RFC 2580, April 1999 3789 [5] McCloghrie, K., and M. Rose, Editors, "Management Information 3790 Base for Network Management of TCP/IP-based internets: MIB-II", 3791 STD 17, RFC 1213, March 1991. 3793 [6] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Net- 3794 work Management Protocol", STD 15, RFC 1157, May 1990. 3796 [7] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. 3797 Waldbusser, "Protocol Operations for version 2 of the Simple 3798 Network Management Protocol (SNMPv2)", RFC 1905, January 1996. 3800 [8] Blumenthal U., "User-based Security Model (USM) for version 3 of 3801 the Simple Network Management Protocol (SNMPv3)", RFC 2574, 3802 April 1999. 3804 [9] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access 3805 Control Model (VACM) for the Simple Network Management Proto- 3806 col (SNMP)", RFC 2575, April 1999 3808 [10] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction 3809 to Version 3 of the Internet-standard Network Management Frame- 3810 work", RFC 2570, April 1999 3812 [11] Rose, M., and K. McCloghrie, "Structure and Identification of 3813 Management Information for TCP/IP-based Internets", STD 16, RFC 3814 1155, May 1990. 3816 [12] Rose, M., and K. McCloghrie, "Concise MIB Definitions", STD 16, 3817 RFC 1212, March 1991. 3819 [13] M. Rose, "A Convention for Defining Traps for use with the 3820 SNMP", RFC 1215, March 1991. 3822 [14] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Intro- 3823 duction to Community-based SNMPv2", RFC 1901, January 1996. 3825 [15] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Trans- 3826 port Mappings for Version 2 of the Simple Network Management 3827 Protocol (SNMPv2)", RFC 1906, January 1996. 3829 [16] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message 3830 Processing and Dispatching for the Simple Network Management 3831 Protocol (SNMP)", RFC 2572, April 1999. 3833 [17] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC 3834 2573, April 1999. 3836 [18] Solomon J., "Mobile IP Protocol Applicability Statement", RFC 3837 2005, October 1996. 3839 [19] Perkins C., "IP Mobility Support", RFC 2002, Octoer 1996. 3841 [20] Cong, D., Hamlen, M., and Perkins, C., "The Definitions of Man- 3842 aged Objects for IP Mobility Support using SMIv2", RFC 2006, 3843 October 1996. 3845 [21] Calhoun, P., and Perkins, C., "Mobile IP Network Access Identi- 3846 fier Extension for IPv4", RFC 2794, January 2000. 3848 [22] Calhoun, P., and Perkins, C., "Mobile IPv4 Challenge/Response 3849 Extension", RFC 3012, November 2000. 3851 [23] Montenegro, G., "Reverse Tunneling for Mobile IP", RFC 3024, 3852 January 2001. 3854 [24] Perkins, C., "IP Mobility Support for IPv4, revised (work in 3855 progress)", draft-ietf-mobileip-rfc2002-bis-08.txt, September 3856 2001. 3858 [25] Dommety, G., and Leung, K., "Mobile IP Vendor/Organization- Spe- 3859 cific Extensions", RFC 3115, April 2001. 3861 [26] Perkins, C., "IP Encapsulation within IP", RFC 2003, October 3862 1996. 3864 [27] Perkins, C., "Minimal Encapsulation within IP", RFC 2004, Octo- 3865 ber 1996. 3867 [28] Hanks S. et. al., "Generic Routing Encapsulation (GRE)", RFC 3868 1701, October 1994. 3870 [29] Deering, S., "ICMP Router Discovery Messages", RFC 1256, Septem- 3871 ber 1991. 3873 [30] Daniele, M., Haberman, B., Routhier, S., and Schoenwaelder, J., 3874 "Textual Conventions for Internet Network Addresses", RFC 2851, 3875 June 2000. 3877 A. Changes from RFC 2006 3879 A.1 The changes from RFC 2006 are the following: 3881 - Section "The Network Management Framework" was updated. 3882 - Subsection Protocol Extensions was created under section Overview. 3883 - Section Security Considerations was updated. 3884 - Changes to the MIB definition are following. Changes are listed 3885 in the order of their occurrence in the MIB definition. 3887 (1) The textual convention RegistrationFlags was updated. The bit 3888 for VJ compression was removed and bit for reverse tunneling was 3889 added. 3891 (2) Three new textual conventions were added : MipEntityIdentifier- 3892 Type, MipEntityIdentifier and MipEntityIdentifierNAI. These 3893 textual conventions were defined to take into account that 3894 mobile nodes can be identified by other than ipaddress. 3896 (3) New textual convention MipDeliveryStyle was added to represent 3897 the delivery style requested by mobile node in the registration 3898 request. 3900 (4) mipSecAssocTable was deprecated and replaced with mipSecurityAs- 3901 socTable to support the mobile nodes identified by NAI. Indices 3902 of the table were changed. mipSecurityStatus object was added 3903 to manage the creation of new security associations in the 3904 table. Default value clause was added to following three 3905 objects of the new table. 3906 - mipSecurityAlgorithmType 3907 - mipSecurityAlgorithmMode 3908 - mipSecurityReplayMethod 3910 hmac was added to the enumeration list of 3911 mipSecurityAlgorithmMode object. 3913 (5) A new object mipSecurityAssocsCount was added. This gives the 3914 number of security associations in the mipSecurityAssocTable. 3916 (6) mipSecViolationTable was deprecated and replaced with mipSecuri- 3917 tyViolationTable to support the mobile nodes identified by NAI. 3918 Indices of the table were changed. The objects corresponding to 3919 mipSecRecentViolationIDLow and mipSecRecentViolationIDHigh in 3920 the new table are changed to have the syntax of Unsigned32 3921 instead of Integer32. 3923 (7) Description of the mnHomeAddress object was changed to support 3924 dynamic home address assignment and default value clause was 3925 added. 3927 (8) Two new objects mnIdentifierType and mnIdentifier were added to 3928 the mnSystem group. 3930 (9) object mnAdvFlags was refined. The bit for VJ compression was 3931 removed and bit for reverse tunneling was added. 3933 (10) Lower limit of value-range for objects mnAdvMaxRegLifetime and 3934 mnAdvMaxAdvLifetime is changed to 1 from 0. 3936 (11) A new object mnRegDeliveryStyle was added to the mnRegistra- 3937 tionTable 3939 (12) maAdvConfigTable was deprecated and replaced with maAdvertCon- 3940 fTable to support configuration of advertisement parameters on 3941 unnumbered interfaces. Index of the table was changed. A new 3942 object maAdvertService was added to maAdvertConfTable to indi- 3943 cate the mobility services offered on the network interface. 3945 (13) objects faIsBusy and faRegistrationRequired were deprecated and 3946 replaced with faAdvertConfTable. This is to allow for different 3947 settings of 'B' and 'R' bit on different network interfaces. 3949 (14) A new object faChallengeWindow was added to the faAdvertCon- 3950 fTable to allow for configuration of challenge window. 3952 (15) faVisitorTable was deprecated and replaced with faRegVisi- 3953 torTable to support the visitors identified by NAI. Indices of 3954 the table were changed. The objects corresponding to faVisitor- 3955 RegIDLow and faVisitorRegIDHigh in the new table are changed to 3956 have the syntax of Unsigned32 instead of Integer32. 3958 (16) A new object faRegVisitorDeliveryStyle was added to the 3959 FaRegVisitorTable to indicate the delivery style requested by 3960 the mobile node. 3962 (17) A new object faRegVisitorCount was added to count the number of 3963 entries in faRegVisitorTable. 3965 (18) faVJCompressionUnavailable object was deprecated. 3967 (19) Five new counters specific to reverse tunneling function in for- 3968 eign agent were added to faRegistration group. These objects 3969 are 3970 - faReverseTunnelUnavailable 3971 - faReverseTunnelBitNotSet 3972 - faMnTooDistant 3973 - faDeliveryStyleUnsupported 3974 - faNonZeroHomeAddressRequired 3976 (20) Three new counters specific to agent advertisement challenge 3977 extension were added to faRegistration group. These objects are 3978 - faUnknownChallenge 3979 - faMissingChallenge 3980 - faStaleChallenge 3982 (21) Two new counters specific to processing of vendor specific 3983 extensions by foreign agent were added to faRegistration group. 3984 These objects are 3985 - faCvsesFromMnRejected 3986 - faCvsesFromHaRejected 3988 (22) Two new objects haMobilityBindingMnIdType and haMobilityBind- 3989 ingMnId were added to the haMobilityBindingTable to accommodate 3990 for the mobile nodes not identified by the ipaddress. Syntax of 3991 objects haMobilityBindingRegIDLow and haMobilityBindingRegIDHigh 3992 was changed to Unsigned32 from Integer32. 3994 (23) haCounterTable was deprecated and replaced with haRegCoun- 3995 terTable to support the mobile nodes identified by NAI. Indices 3996 of the table were changed. The syntax of object corresponding 3997 to haRecentServiceDeniedCode in the new table was changed to add 3998 more error codes. 4000 (24) Three new counters specific to reverse tunneling function in 4001 home agent were added to the haRegistration group. These 4002 objects are 4003 - haReverseTunnelUnavailable 4004 - haReverseTunnelBitNotSet 4005 - haEncapsulationUnavailable 4006 - 4007 (25) Two new counters specific to processing of vendor specific 4008 extensions by home agent were added to haRegistration group. 4009 These objects are 4010 - haCvsesFromMnRejected 4011 - haCvsesFromFaRejected 4013 (26) A new object haRegMobilityBindingCount was added to count the 4014 number of entries in haMobilityBindingTable. 4016 (27) mipAuthFailure notification was deprecated and replaced with 4017 mipAuthFailure2. 4019 (28) Compliance statement mipCompliance was deprecated and replaced 4020 with mipCompliance2. 4022 (29) Conformance groups were depreciated as needed due to the fact 4023 that many new items have been added to the MIB. These groups 4024 include: 4025 -mipSecAssociationGroup 4026 -mipSecViolationGroup 4027 -mnSystemGroup 4028 -mnRegistrationGroup 4029 -maAdvertisementGroup 4030 -faAdvertisementGroup 4031 -faRegistrationGroup 4032 -haRegistrationGroup 4033 -haRegNodeCountersGroup 4034 -mipSecNotificationsGroup 4036 New conformance groups were added as needed to replace depre- 4037 cated groups. These groups include: 4038 -mipSecAssociationGroup2 4039 -mipSecViolationGroup2 4040 -mnSystemGroup2 4041 -mnRegistrationGroup2 4042 -maAdvertisementGroup2 4043 -faAdvertisementGroup2 4044 -faRegistrationGroup2 4045 -haRegistrationGroup2 4046 -haRegNodeCountersGroup2 4047 -mipSecNotificationsGroup2 4049 A.2 The changes from versions -01 to -02: 4051 (1) The textual convention RegistrationFlags was updated to conform to the sequence order of the flag bits in RFC 3344. 4053 (2) Typos "CmiEntityIdentfier" changed "MipEntityIdentifier". 4055 (3) A new object MipSecurityReplayTime was added for acceptable replay protection time range using timestamps. 4057 (4) The following objects changed to have the syntax of Unsigned32 instead of Integer32. 4058 -mnRegIDHigh 4059 -mnRegIDLow 4060 -mnRegTimeRequested 4061 -haMobilityBindingTimeGranted 4062 -mipSecurityRecentViolationSPI 4064 (5) The following values added to object haRegRecentServiceDeniedCode. 4065 -mnCvseUnsupported (140) 4066 -faCvseUnsupported (141) 4068 (6) The following object names were changed to provide better meaning since these are rejection counters. 4069 -haCvsesFromMnRejected to haCvsesFromMnUnsupported 4070 -haCvsesFromFaRejected to haCvsesFromFaUnsupported 4071 -faCvsesFromMnRejected to faCvsesFromMnUnsupported 4072 -faCvsesFromHaRejected to faCvsesFromHaUnsupported 4074 (7) The following objects were added to HA registration counters. 4075 -haNvsesFromMnIgnored 4076 -haNvsesFromFaIgnored 4078 (8) The following objects were added to FA registration counters. 4079 -faNvsesFromMnIgnored 4080 -faNvsesFromHaIgnored 4082 A.3 The changes from versions -02 to -03: 4084 (1) The size of the MipEntityIdentifier is changed to OCTET STRING of 4085 size 64 octets 4087 (2) Changed the SYNTAX for mnAdvSequence object to Integer32 4089 (3) Changed the SYNTAX for mnAdvMaxRegLifeTime object to Integer32 4091 (4) Changed the SYNTAX for mnAdvMaxAdvLifeTime object to Integer32 4093 (5) faNvsesFromMnIgnored is anchored at faRegistration 27 4095 (6) faNvsesFromHaIgnored is anchored at faRegistration 28 4097 (7) faRegVisitorCount is anchored at faRegistration 29 4099 (8) Changed the faCvsesFromHaSupported object name to faCvsesFromHaUnsupported 4101 (9) Added faNvsesFromMnIgnored and faNvsesFromHaIgnored to faRegistrationGroup2 4103 (10) faRegVisitorTable is anchored at faRegistration 30 4105 (11) Added the haNvsesFromMnIgnored object to the haRegistrationGroup2 4107 (12) Added the haNvsesFromFaIgnored object to the haRegistrationGroup2 4109 (13) Added the NOTIFICATION-GROUP to the imports 4110 B. Chair and Editor Addresses 4112 The working group can be contacted via the current chairs: 4114 Basavaraj Patil Phil Roberts 4115 Nokia Megisto Corp. 4116 6000 Connection Dr. Suite 120 4117 20251 Century Blvd 4118 Irving, TX. 75039 Germantown, MD. 20874 4119 USA USA 4120 Phone: +1 972-894-6709 Phone: +1 847-202-9314 4121 Email: Basavaraj.Patil@nokia.com Email: PRoberts@MEGISTO.com 4123 Questions about this memo can also be directed to the editors: 4125 Ravindra Rathi Kent Leung 4126 Intel Corporation Cisco Systems, Inc. 4127 136, Airport Road 170 West Tasman Drive 4128 Bangalore - 560 017 San Jose, CA. 95134 4129 India USA 4130 Phone: +91 80 507 5553 Phone: +1 408-526-5030 4131 Email: ravindra.rathi@intel.com Email: kleung@cisco.com 4133 C. Full Copyright Statement 4135 Copyright (C) The Internet Society (2000). All Rights Reserved. 4136 This document and translations of it may be copied and furnished to 4137 others, and derivative works that comment on or otherwise explain it 4138 or assist in its implementation may be prepared, copied, published 4139 and distributed, in whole or in part, without restriction of any 4140 kind, provided that the above copyright notice and this paragraph are 4141 included on all such copies and derivative works. However, this doc- 4142 ument itself may not be modified in any way, such as by removing the 4143 copyright notice or references to the Internet Society or other 4144 Internet organizations, except as needed for the purpose of develop- 4145 ing Internet standards in which case the procedures for copyrights 4146 defined in the Internet Standards process must be followed, or as 4147 required to translate it into languages other than English. 4149 The limited permissions granted above are perpetual and will not be 4150 revoked by the Internet Society or its successors or assigns. 4152 This document and the information contained herein is provided on an 4153 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 4154 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 4155 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 4156 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MER- 4157 CHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE