-- ****************************************************
-- CISCO-ERR-DISABLE-MIB.my
--        MIB support for the Error Disable feature
-- 
--
-- Copyright (c) 2006 by Cisco Systems, Inc.
-- All rights reserved.
--
-- ****************************************************

CISCO-ERR-DISABLE-MIB DEFINITIONS ::= BEGIN

IMPORTS
        MODULE-IDENTITY, OBJECT-TYPE,
        NOTIFICATION-TYPE, Unsigned32
                FROM SNMPv2-SMI
        MODULE-COMPLIANCE, OBJECT-GROUP,
        NOTIFICATION-GROUP
                FROM SNMPv2-CONF
        ifIndex
                FROM IF-MIB
        TEXTUAL-CONVENTION, TruthValue
                FROM SNMPv2-TC
        TimeIntervalSec       
                FROM CISCO-TC
        ciscoMgmt
                FROM CISCO-SMI
        VlanIndexOrZero
                FROM CISCO-PRIVATE-VLAN-MIB;

ciscoErrDisableMIB MODULE-IDENTITY
        LAST-UPDATED        "200605310000Z"
        ORGANIZATION        "Cisco Systems, Inc."
        CONTACT-INFO
                "       Cisco Systems
                        Customer Service

                Postal: 170 W Tasman Drive
                        San Jose, CA  95134
                        USA

                   Tel: +1 800 553-NETS

                E-mail: cs-lan-switch-snmp@cisco.com"
        DESCRIPTION
            "
            This MIB module provides the ability for a Network
            Management Station (NMS) to configure and monitor the
            error-disable feature via SNMP.

            The error-disable feature allows other software
            features running in a system to operationally disable a
            system entity upon detecting abnormal conditions. 

            Examples of such a system entity include interfaces, a
            vlan configured in the system, or a VLAN allowed on
            specific layer 2 multi-vlan interface.

            More specific examples:

                a) When BPDU guard is enabled on an interface
                it is expected that no BPDU packets are received by
                the interface. If a BPDU packet is received, then the
                BPDU guard will operationally disable the
                interface. 

                b) Users can configure a particular threshold of
                broadcast packets received on an interface. If the
                number of packets received exceeds the threshold, then
                storm-control will disable the interface. 

                c) When unidirectional Link Detection (UDLD) detects a
                unidirectional link on an interface, it can disable
                the interface.

                d) On a trunk or a multi-vlan layer 2 port, if
                port-security detects violation on a particular vlan,
                then it can operationally disable that vlan on that
                port.

            The definition of 'abnormal condition' is under the
            control of features that make use of the error-disable
            feature to disable system entities.

            The error-disable feature supports the following
            configuration:

                1) Whether software features can in fact use the
                error-disable feature upon detecting abnormal
                conditions.
                   NOTE: Some software features will ALWAYS use the
                   error-disable feature to disable entities upon
                   detection of error.

                2) Whether the system can attempt to automatically
                recover after a system entity has been disabled (e.g., 
                A system can attempt to bring up a physical interface
                which had been disabled earlier)
                
                3) If error recovery is possible, then the time
                interval to wait before the system starts the recovery
                attempt.

            "
            
        REVISION        "200605310000Z"
        DESCRIPTION
                "Initial version of this MIB module."
        ::= { ciscoMgmt 548 }

ciscoErrDisableMIBNotifs  OBJECT IDENTIFIER ::=  
                          { ciscoErrDisableMIB 0 }

ciscoErrDisableMIBObjects OBJECT IDENTIFIER ::=  
                          { ciscoErrDisableMIB 1 }

ciscoErrDisableMIBConform OBJECT IDENTIFIER ::=  
                          { ciscoErrDisableMIB 2 }

cErrDisableGlobalObjects  OBJECT IDENTIFIER ::=  
                          { ciscoErrDisableMIBObjects 1 }

cErrDisableFeatureObjects  OBJECT IDENTIFIER ::=
                           { ciscoErrDisableMIBObjects 2 }

cErrDisableIfObjects       OBJECT IDENTIFIER ::=
                           { ciscoErrDisableMIBObjects 3 }

-- 
-- Textual Conventions
--
CErrDisableFeatureID ::= TEXTUAL-CONVENTION
        STATUS      current
        DESCRIPTION
            "An integer-value assigned to various features/events
            that can error disable a system entity

            udld: Unidirectional Link Detection
            
            bpduGuard: Spanning Tree BPDU Guard feature that prevents
            processing BPDU packets on an access interface
             
            channelMisconfig: General Link Aggregation mis-configuration

            pagpFlap: Cisco's PAGP Link Aggregation protocol errors

            dtpFlap: Dynamic Trunking Protocol errors
            
            linkFlap: Link State flapping

            l2ptGuard: L2 Protocol Tunnel errors

            dot1xSecurityViolation: 802.1x authentication violations

            portSecurity: Port Security violations

            gbicInvalid: Invalid GBIC errors (examples include
            unsupported GBIC being inserted)

            dhcpRateLimit: DHCP snooping rate limit violation

            unicastFlood: Unicast Flooding threshold violations

            vmps: VLAN Membership Policy Server feature related errors

            stormControl: storm control (broadcast/multicast/unicast)
            threshold violations

            inlinePower: Errors in inline power

            arpInspection: Errors detected by Dynamic Arp Inspection
            (DAI) feature

            portLoopback: Interface Loopback Error
            "

        SYNTAX INTEGER {
            udld                   (1),
            bpduGuard              (2),
            channelMisconfig       (3),
            pagpFlap               (4),
            dtpFlap                (5),
            linkFlap               (6),
            l2ptGuard              (7),
            dot1xSecurityViolation (8),
            portSecurityViolation  (9),
            gbicInvalid            (10),
            dhcpRateLimit          (11),
            unicastFlood           (12), 
            vmps                   (13),
            stormControl           (14),
            inlinePower            (15),
            arpInspection          (16),
            portLoopback           (17)        
        }

--
--
-- Global configuration objects
--
            
cErrDisableRecoveryInterval  OBJECT-TYPE
        SYNTAX      TimeIntervalSec
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "This object specifies the error-disable recovery time
            interval.
            When a system entity is operationally disabled upon
            detecting abnormal condition by a particular feature,
            the system waits for a period equal to this time interval,
            and then re-enable the entity if automitic recovery is
            enabled for the feature."
        ::= { cErrDisableGlobalObjects 1 }


cErrDisableNotifEnable  OBJECT-TYPE
        SYNTAX      TruthValue
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "This object specifies whether cErrDisableInterfaceEvent
            notification should be generated when a system entity is
            error-disabled."
        ::= { cErrDisableGlobalObjects 2 }

cErrDisableNotifRate  OBJECT-TYPE
        SYNTAX      Unsigned32
        UNITS       "Notification/Minute"
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "The value of this object specifies the maximum number of
            error-disable notifications the device will generate per
            minute.

            A value of '0' specifies no limit and the device
            will generate a notification for each error-disable
            event."
        ::= { cErrDisableGlobalObjects 3 }

cErrDisableFeatureTable  OBJECT-TYPE
        SYNTAX        SEQUENCE OF CErrDisableFeatureEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "This table contains the error-disable related info
            for each feature employing the error-disable
            feature."
        ::= { cErrDisableFeatureObjects 1 }

cErrDisableFeatureEntry  OBJECT-TYPE
        SYNTAX       CErrDisableFeatureEntry
        MAX-ACCESS   not-accessible
        STATUS       current
        DESCRIPTION
            "An entry is created for each feature that employs the
            error-disable feature."
        INDEX { cErrDisableFeatureIndex }
        ::= { cErrDisableFeatureTable 1 }

CErrDisableFeatureEntry ::=
    SEQUENCE {
        cErrDisableFeatureIndex              CErrDisableFeatureID,
        cErrDisableFeatureConfigurable       BITS,
        cErrDisableFeatureDetectEnable       TruthValue,
        cErrDisableFeatureRecoveryEnable     TruthValue,
        cErrDisableFeatureRecoveryInterval   TimeIntervalSec
    }

cErrDisableFeatureIndex  OBJECT-TYPE
        SYNTAX      CErrDisableFeatureID
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "This object uniquely identifies a feature that makes
            use of the error-disable feature."
        ::= { cErrDisableFeatureEntry 1 }
        
cErrDisableFeatureConfigurable  OBJECT-TYPE
        SYNTAX       BITS
            {
              detectionEnable  (0),
              recoveryEnable   (1),
              recoveryInterval (2)
            }
        MAX-ACCESS   read-only
        STATUS       current
        DESCRIPTION
            "This object indicates whether the error-disable related
             configuration is configurable for this feature. If a bit
             is set to 1, then the corresponding error-disable
             configuration can be configured.

             'detectionEnable'    - indicates the error-disable detection
                                    can be enabled/disabled for this feature
                                    via cErrDisableFeatureDetectEnable.
             'recoveryEnable'     - indicates the error-disable recovery
                                    can be enabled/disabled for this feature
                                    via cErrDisableFeatureRecoveryEnable.
             'recoveryInterval'   - indicates the error-disable recovery
                                    Interval can be configured via
                                    cErrDisableFeatureRecoveryInterval. "
        ::= { cErrDisableFeatureEntry 2 }

cErrDisableFeatureDetectEnable   OBJECT-TYPE
        SYNTAX      TruthValue
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "This object specifies whether the error-disable detection
             is enabled for the feature.

            Note:
                This object is read-write only for those features
                that are configurable, meaning:
                cErrDisableFeatureConfigurable. has the
                first bit set to 1."
        ::= { cErrDisableFeatureEntry 3 }


cErrDisableFeatureRecoveryEnable  OBJECT-TYPE
        SYNTAX      TruthValue
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "This object specifies whether the system can
            automatically recover a system entity that has been
            disabled by the feature."
        ::= { cErrDisableFeatureEntry 4 }

cErrDisableFeatureRecoveryInterval  OBJECT-TYPE
        SYNTAX       TimeIntervalSec
        MAX-ACCESS   read-write
        STATUS       current
        DESCRIPTION
            "This object specifies the error-recovery time interval
            that will be used by the system for any system entity that
            is error-disabled by this particular feature.

            If the value of this object is '0', then the device will
            use the value specified by the global configuration object
            cErrDisableRecoveryInterval."
        ::= { cErrDisableFeatureEntry 5 }


cErrDisableIfStatusTable  OBJECT-TYPE
        SYNTAX        SEQUENCE OF CErrDisableIfStatusEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "This table provides interface (port) specific
            error-disable status information. Each conceptual row
            provides status information about a {interface, vlan}
            disabled by a feature.

            On a trunk or multi-vlan access interface, a given vlan on
            the interface can be error-disabled. In this the row is
            indexed by the ifIndex for the interface and the vlan
            index corresponding to the vlan in question.

            If the interface is carrying only 1 vlan or the entire
            trunk interface is error-disabled (due to link flaps, for
            example) then the vlan index portion of the row index is
            0."

        ::= { cErrDisableIfObjects 1 }


cErrDisableIfStatusEntry  OBJECT-TYPE
        SYNTAX       CErrDisableIfStatusEntry
        MAX-ACCESS   not-accessible
        STATUS       current
        DESCRIPTION
            "A collection of objects that specify the status of an
            error-disabled Interface or {interface, vlan}."
        INDEX     { ifIndex, 
                    cErrDisableIfStatusVlanIndex
                  }
        ::= { cErrDisableIfStatusTable 1 }


CErrDisableIfStatusEntry ::=
        SEQUENCE {
            cErrDisableIfStatusVlanIndex     VlanIndexOrZero,
            cErrDisableIfStatusCause         CErrDisableFeatureID,
            cErrDisableIfStatusTimeToRecover TimeIntervalSec
        }


cErrDisableIfStatusVlanIndex  OBJECT-TYPE
        SYNTAX       VlanIndexOrZero
        MAX-ACCESS   not-accessible
        STATUS       current
        DESCRIPTION
            "This object specifies the vlan of the given interface
            that has been error-disabled. If the physical interface is
            error-disabled then the value of this object is 0."
        ::= { cErrDisableIfStatusEntry 1 }


cErrDisableIfStatusCause  OBJECT-TYPE
        SYNTAX       CErrDisableFeatureID
        MAX-ACCESS   read-only
        STATUS       current
        DESCRIPTION
            "This object specifies the feature/event that caused the
            {interface, vlan} (or the entire interface) to be
            error-disabled."
        ::= { cErrDisableIfStatusEntry 2 }


cErrDisableIfStatusTimeToRecover  OBJECT-TYPE
        SYNTAX       TimeIntervalSec
        MAX-ACCESS   read-only
        STATUS       current
        DESCRIPTION
            "Time left before the system attempts an automatic
            recovery of the interface or the vlan of the given 
            interface. If no recovery is scheduled, then the value 
            of this object is '0'."
        ::= { cErrDisableIfStatusEntry 3 }


--
-- Notifications
--
cErrDisableNotificationsPrefix    OBJECT IDENTIFIER ::=
               { ciscoErrDisableMIBNotifs 1 }

cErrDisableInterfaceEvent  NOTIFICATION-TYPE
        OBJECTS  { cErrDisableIfStatusCause }
        STATUS   current
        DESCRIPTION
            "The cErrDisableInterfaceEvent is generated when an interface
             or {interface, vlan} is error-disabled by the feature
             specified in cErrDisableIfStatusCause."

        ::= { cErrDisableNotificationsPrefix 1 }


--
-- MIB Conformance statements
--

ciscoErrDisableMIBCompliances 
        OBJECT IDENTIFIER ::= { ciscoErrDisableMIBConform 1 }

ciscoErrDisableMIBGroups 
        OBJECT IDENTIFIER ::= { ciscoErrDisableMIBConform 2 }

ciscoErrDisableMIBCompliance  MODULE-COMPLIANCE
        STATUS      current
        DESCRIPTION 
            "The compliance statement for the cisco errdisable MIB."
        MODULE -- This module
        MANDATORY-GROUPS {
            ciscoErrDisableGlobalCfgGroup,
            ciscoErrDisableFeatureCfgGroup,
            ciscoErrDisableIfStatusGroup
        }

        GROUP ciscoErrDisableNotifCfgGroup
        DESCRIPTION
            "This group is mandatory if the managed system
            supports notifications for error-disable events."

        GROUP ciscoErrDisableNotifGroup
        DESCRIPTION
            "This group is mandatory if the managed system
            supports notifications for error-disable events."

        ::= { ciscoErrDisableMIBCompliances 1 }

--
-- Object groups

ciscoErrDisableGlobalCfgGroup  OBJECT-GROUP
        OBJECTS {
            cErrDisableRecoveryInterval
        }
        STATUS  current
        DESCRIPTION
            "A collection of objects to configure error-disable
            functionality."
        ::= { ciscoErrDisableMIBGroups 1 }

ciscoErrDisableFeatureCfgGroup  OBJECT-GROUP
        OBJECTS {
            cErrDisableFeatureConfigurable,
            cErrDisableFeatureDetectEnable,
            cErrDisableFeatureRecoveryEnable,
            cErrDisableFeatureRecoveryInterval
        }
        STATUS       current
        DESCRIPTION 
            "A collection of objects to manage the configuration of
            the error-disable feature."
        ::= { ciscoErrDisableMIBGroups 2 }

ciscoErrDisableIfStatusGroup  OBJECT-GROUP
        OBJECTS {
            cErrDisableIfStatusCause,
            cErrDisableIfStatusTimeToRecover
        }
        STATUS  current
        DESCRIPTION
            "A collection of error-disable interface status objects."
        ::= { ciscoErrDisableMIBGroups 3 }

ciscoErrDisableNotifCfgGroup OBJECT-GROUP
        OBJECTS {
            cErrDisableNotifEnable,
            cErrDisableNotifRate
        }
        STATUS  current
        DESCRIPTION
            "A collection of objects to configure error-disable
            notifications."
        ::= { ciscoErrDisableMIBGroups 4 }

ciscoErrDisableNotifGroup  NOTIFICATION-GROUP
        NOTIFICATIONS {
            cErrDisableInterfaceEvent
        }
        STATUS  current
        DESCRIPTION
            "A collection of error-disable notification objects."
        ::= { ciscoErrDisableMIBGroups 5 }

END