-- Network Working Group D. Thaler
-- Request for Comments: 2667 Microsoft
-- Category: Standards Track August 1999
--
--
-- IP Tunnel MIBTUNNEL-MIB DEFINITIONS::=BEGINIMPORTSMODULE-IDENTITY,OBJECT-TYPE, transmission,Integer32,IpAddressFROM SNMPv2-SMI
RowStatusFROM SNMPv2-TC
MODULE-COMPLIANCE,OBJECT-GROUPFROM SNMPv2-CONF
ifIndex,InterfaceIndexOrZeroFROM IF-MIB;tunnelMIB MODULE-IDENTITYLAST-UPDATED"9908241200Z"-- August 24, 1999ORGANIZATION"IETF Interfaces MIB Working Group"CONTACT-INFO" Dave Thaler
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
EMail: dthaler@dthaler.microsoft.com"DESCRIPTION"The MIB module for management of IP Tunnels, independent of
the specific encapsulation scheme in use."REVISION"9908241200Z"-- August 24, 1999DESCRIPTION"Initial version, published as RFC 2667."::={ transmission 131}tunnelMIBObjects OBJECTIDENTIFIER::={ tunnelMIB 1}tunnel OBJECTIDENTIFIER::={ tunnelMIBObjects 1}-- the IP Tunnel MIB-Group
--
-- a collection of objects providing information about
-- IP TunnelstunnelIfTable OBJECT-TYPESYNTAXSEQUENCEOF TunnelIfEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"The (conceptual) table containing information on configured
tunnels."::={ tunnel 1}tunnelIfEntry OBJECT-TYPESYNTAX TunnelIfEntry
MAX-ACCESSnot-accessible
STATUScurrentDESCRIPTION"An entry (conceptual row) containing the information on a
particular configured tunnel."INDEX{ ifIndex }::={ tunnelIfTable 1}
TunnelIfEntry ::=SEQUENCE{
tunnelIfLocalAddress IpAddress,
tunnelIfRemoteAddress IpAddress,
tunnelIfEncapsMethod INTEGER,
tunnelIfHopLimit Integer32,
tunnelIfSecurity INTEGER,
tunnelIfTOS Integer32}tunnelIfLocalAddress OBJECT-TYPESYNTAXIpAddressMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The address of the local endpoint of the tunnel (i.e., the
source address used in the outer IP header), or 0.0.0.0 if
unknown."::={ tunnelIfEntry 1}
tunnelIfRemoteAddress OBJECT-TYPESYNTAXIpAddressMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The address of the remote endpoint of the tunnel (i.e., the
destination address used in the outer IP header), or 0.0.0.0
if unknown."::={ tunnelIfEntry 2}tunnelIfEncapsMethod OBJECT-TYPESYNTAXINTEGER{other(1),-- none of the followingdirect(2),-- no intermediate headergre(3),-- GRE encapsulationminimal(4),-- Minimal encapsulationl2tp(5),-- L2TP encapsulationpptp(6),-- PPTP encapsulation
l2f(7),-- L2F encapsulationudp(8),-- UDP encapsulationatmp(9)-- ATMP encapsulation}MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The encapsulation method used by the tunnel. The value
direct indicates that the packet is encapsulated directly
within a normal IPv4 header, with no intermediate header,
and unicast to the remote tunnel endpoint (e.g., an RFC 2003
IP-in-IP tunnel, or an RFC 1933 IPv6-in-IPv4 tunnel). The
value minimal indicates that a Minimal Forwarding Header
(RFC 2004) is inserted between the outer header and the
payload packet. The value UDP indicates that the payload
packet is encapsulated within a normal UDP packet (e.g., RFC
1234). The remaining protocol-specific values indicate that
a header of the protocol of that name is inserted between
the outer header and the payload header."::={ tunnelIfEntry 3}
tunnelIfHopLimit OBJECT-TYPESYNTAXInteger32(0..255)MAX-ACCESSread-writeSTATUScurrentDESCRIPTION"The TTL to use in the outer IP header. A value of 0
indicates that the value is copied from the payload's
header."::={ tunnelIfEntry 4}tunnelIfSecurity OBJECT-TYPESYNTAXINTEGER{none(1),-- no securityipsec(2),-- IPSEC securityother(3)}MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The method used by the tunnel to secure the outer IP
header. The value ipsec indicates that IPsec is used
between the tunnel endpoints for authentication or
encryption or both. More specific security-related
information may be available in a MIB for the security
protocol in use."::={ tunnelIfEntry 5}tunnelIfTOS OBJECT-TYPESYNTAXInteger32(-2..63)MAX-ACCESSread-writeSTATUScurrentDESCRIPTION"The method used to set the high 6 bits of the TOS in the
outer IP header. A value of -1 indicates that the bits are
copied from the payload's header. A value of -2 indicates
that a traffic conditioner is invoked and more information
may be available in a traffic conditioner MIB. A value
between 0 and 63 inclusive indicates that the bit field is
set to the indicated value."::={ tunnelIfEntry 6}tunnelConfigTable OBJECT-TYPESYNTAXSEQUENCEOF TunnelConfigEntry
MAX-ACCESSnot-accessibleSTATUScurrent
DESCRIPTION"The (conceptual) table containing information on configured
tunnels. This table can be used to map a set of tunnel
endpoints to the associated ifIndex value. It can also be
used for row creation. Note that every row in the
tunnelIfTable with a fixed destination address should have a
corresponding row in the tunnelConfigTable, regardless of
whether it was created via SNMP."::={ tunnel 2}tunnelConfigEntry OBJECT-TYPESYNTAX TunnelConfigEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"An entry (conceptual row) containing the information on a
particular configured tunnel."INDEX{ tunnelConfigLocalAddress,
tunnelConfigRemoteAddress,
tunnelConfigEncapsMethod,
tunnelConfigID }::={ tunnelConfigTable 1}
TunnelConfigEntry ::=SEQUENCE{
tunnelConfigLocalAddress IpAddress,
tunnelConfigRemoteAddress IpAddress,
tunnelConfigEncapsMethod INTEGER,
tunnelConfigID Integer32,
tunnelConfigIfIndex InterfaceIndexOrZero,
tunnelConfigStatus RowStatus}tunnelConfigLocalAddress OBJECT-TYPESYNTAXIpAddressMAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"The address of the local endpoint of the tunnel, or 0.0.0.0
if the device is free to choose any of its addresses at
tunnel establishment time."::={ tunnelConfigEntry 1}tunnelConfigRemoteAddress OBJECT-TYPESYNTAXIpAddressMAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"The address of the remote endpoint of the tunnel."::={ tunnelConfigEntry 2}
tunnelConfigEncapsMethod OBJECT-TYPESYNTAXINTEGER{other(1),-- none of the followingdirect(2),-- no intermediate headergre(3),-- GRE encapsulationminimal(4),-- Minimal encapsulationl2tp(5),-- L2TP encapsulationpptp(6),-- PPTP encapsulationl2f(7),-- L2F encapsulationudp(8),-- UDP encapsulationatmp(9)}MAX-ACCESSnot-accessibleSTATUScurrent
DESCRIPTION"The encapsulation method used by the tunnel."::={ tunnelConfigEntry 3}tunnelConfigID OBJECT-TYPESYNTAXInteger32(1..2147483647)MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"An identifier used to distinguish between multiple tunnels
of the same encapsulation method, with the same endpoints.
If the encapsulation protocol only allows one tunnel per set
of endpoint addresses (such as for GRE or IP-in-IP), the
value of this object is 1. For encapsulation methods (such
as L2F) which allow multiple parallel tunnels, the manager
is responsible for choosing any ID which does not conflict
with an existing row, such as choosing a random number."::={ tunnelConfigEntry 4}tunnelConfigIfIndex OBJECT-TYPESYNTAXInterfaceIndexOrZeroMAX-ACCESSread-onlySTATUScurrent
DESCRIPTION"If the value of tunnelConfigStatus for this row is active,
then this object contains the value of ifIndex corresponding
to the tunnel interface. A value of 0 is not legal in the
active state, and means that the interface index has not yet
been assigned."::={ tunnelConfigEntry 5}tunnelConfigStatus OBJECT-TYPESYNTAXRowStatusMAX-ACCESSread-createSTATUScurrentDESCRIPTION"The status of this row, by which new entries may be
created, or old entries deleted from this table. The agent
need not support setting this object to createAndWait or
notInService since there are no other writable objects in
this table, and writable objects in rows of corresponding
tables such as the tunnelIfTable may be modified while this
row is active.
To create a row in this table for an encapsulation method
which does not support multiple parallel tunnels with the
same endpoints, the management station should simply use a
tunnelConfigID of 1, and set tunnelConfigStatus to
createAndGo. For encapsulation methods such as L2F which
allow multiple parallel tunnels, the management station may
select a pseudo-random number to use as the tunnelConfigID
and set tunnelConfigStatus to createAndGo. In the event
that this ID is already in use and an inconsistentValue is
returned in response to the set operation, the management
station should simply select a new pseudo-random number and
retry the operation.
Creating a row in this table will cause an interface index
to be assigned by the agent in an implementation-dependent
manner, and corresponding rows will be instantiated in the
ifTable and the tunnelIfTable. The status of this row will
become active as soon as the agent assigns the interface
index, regardless of whether the interface is operationally
up.
Deleting a row in this table will likewise delete the
corresponding row in the ifTable and in the tunnelIfTable."::={ tunnelConfigEntry 6}-- conformance informationtunnelMIBConformance
OBJECTIDENTIFIER::={ tunnelMIB 2}tunnelMIBCompliances
OBJECTIDENTIFIER::={ tunnelMIBConformance 1}tunnelMIBGroups OBJECTIDENTIFIER::={ tunnelMIBConformance 2}
-- compliance statementstunnelMIBCompliance MODULE-COMPLIANCESTATUScurrentDESCRIPTION"The compliance statement for the IP Tunnel MIB."MODULE-- this moduleMANDATORY-GROUPS{ tunnelMIBBasicGroup }OBJECT tunnelIfHopLimit
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."OBJECT tunnelIfTOS
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."OBJECT tunnelConfigStatus
MIN-ACCESSread-onlyDESCRIPTION"Write access is not required."::={ tunnelMIBCompliances 1}-- units of conformancetunnelMIBBasicGroup OBJECT-GROUPOBJECTS{ tunnelIfLocalAddress, tunnelIfRemoteAddress,
tunnelIfEncapsMethod, tunnelIfHopLimit, tunnelIfTOS,
tunnelIfSecurity, tunnelConfigIfIndex, tunnelConfigStatus }STATUScurrentDESCRIPTION"A collection of objects to support basic management of IP
Tunnels."::={ tunnelMIBGroups 1}END