draft-ietf-bridge-ext-v2-03.txt   draft-ietf-bridge-ext-v2-04.txt 
Internet Draft V. Ngai Internet Draft V. Ngai
Expires April 2005 Enterasys Networks Expires October 2005 Enterasys Networks
draft-ietf-bridge-ext-v2-03.txt L. Bell draft-ietf-bridge-ext-v2-04.txt L. Bell
3Com Corp. 3Com Corp.
October 2004 May 2005
Definitions of Managed Objects for Bridges with Traffic Definitions of Managed Objects for Bridges with Traffic
Classes, Multicast Filtering and Virtual LAN Extensions Classes, Multicast Filtering and Virtual LAN Extensions
Status of this Memo Status of this Memo
By submitting this Internet-Draft, I certify that any applicable By submitting this Internet-Draft, each author represents that any
patent or other IPR claims of which I am aware have been disclosed, applicable patent or other IPR claims of which he or she is aware
or will be disclosed, and any of which I become aware will be have been or will be disclosed, and any of which he or she becomes
disclosed, in accordance with RFC 3668. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on April 15, 2005. This Internet-Draft will expire on June 15, 2005.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2004). All Rights Reserved. Copyright (C) The Internet Society (2005). All Rights Reserved.
Abstract Abstract
This memo defines a portion of the Management Information Base (MIB) This memo defines a portion of the Management Information Base (MIB)
for use with network management protocols in TCP/IP based internets. for use with network management protocols in TCP/IP based internets.
In particular, it defines two MIB modules for managing the new In particular, it defines two MIB modules for managing the
capabilities of MAC bridges defined by the IEEE 802.1D-1998 MAC capabilities of MAC bridges defined by the IEEE 802.1D-1998 (TM) MAC
Bridges and the IEEE 802.1Q-2003 Virtual LAN (VLAN) standards for Bridges and the IEEE 802.1Q-2003 (TM) Virtual LAN (VLAN) standards
bridging between Local Area Network (LAN) segments. One MIB module for bridging between Local Area Network (LAN) segments. One MIB
defines objects for managing the 'Traffic Classes' and 'Enhanced module defines objects for managing the 'Traffic Classes' and
Multicast Filtering' components of IEEE 802.1D-1998 and P802.1t-2001. 'Enhanced Multicast Filtering' components of IEEE 802.1D-1998 and
The other MIB module defines objects for managing VLANs, as specified P802.1t-2001 (TM). The other MIB module defines objects for managing
in IEEE 802.1Q-2003, P802.1u and P802.1v. VLANs, as specified in IEEE 802.1Q-2003, P802.1u (TM) and P802.1v
(TM).
Provisions are made for support of transparent bridging. Provisions Provisions are made for support of transparent bridging. Provisions
are also made so that these objects apply to bridges connected by are also made so that these objects apply to bridges connected by
subnetworks other than LAN segments. This memo also includes several subnetworks other than LAN segments.
MIB modules in a manner that is compliant to the SMIv2 [RFC2578].
This memo supplements RFC 1493 [RFC1493] and (to a lesser extent) RFC This memo supplements RFC 1493bis and (to a lesser extent) RFC 1525.
1525 [RFC1525]. (NOTE for RFC Ed.: all instances of 'RFC 1493bis' will need to be
updated to reflect the new RFC number for draft-ietf-bridge-
bridgemib-smiv2-10.txt)
Table of Contents Table of Contents
1 The Internet-Standard Management Framework ................... 4
2 Overview ..................................................... 4
2.1 Scope ...................................................... 5
3 Structure of MIBs ............................................ 5
3.1 Structure of Extended Bridge MIB module .................... 6
3.1.1 Relationship to IEEE 802.1D-1998 Manageable Objects ...... 6
3.1.2 Relationship to IEEE 802.1Q Manageable Objects ........... 8
3.1.3 The dot1dExtBase Subtree ................................. 8
3.1.4 The dot1dPriority Subtree ................................ 8
3.1.5 The dot1dGarp Subtree .................................... 9
3.1.6 The dot1dGmrp Subtree .................................... 9
3.1.7 The dot1dTpHCPortTable ................................... 9
3.1.8 The dot1dTpPortOverflowTable ............................. 9
3.2 Structure of Virtual Bridge MIB module ..................... 9
3.2.1 Relationship to IEEE 802.1Q Manageable Objects ........... 9
3.2.2 The dot1qBase Subtree .................................... 13
3.2.3 The dot1qTp Subtree ...................................... 13
3.2.4 The dot1qStatic Subtree .................................. 13
3.2.5 The dot1qVlan Subtree .................................... 14
3.3 Textual Conventions ........................................ 14
3.4 Relationship to Other MIBs ................................. 14
3.4.1 Relationship to the SNMPv2-MIB ........................... 15
3.4.2 Relationship to the IF-MIB ............................... 15
3.4.2.1 Layering Model ......................................... 16
3.4.2.2 ifStackTable ........................................... 17
3.4.2.3 ifRcvAddressTable ...................................... 17
3.4.3 Relationship to the BRIDGE-MIB ........................... 17
3.4.3.1 The dot1dBase Subtree .................................. 18
3.4.3.2 The dot1dStp Subtree ................................... 18
3.4.3.3 The dot1dTp Subtree .................................... 18
3.4.3.4 The dot1dStatic Subtree ................................ 19
3.4.3.5 Additions to the BRIDGE-MIB ............................ 19
4 Definitions for Extended Bridge MIB .......................... 20
5 Definitions for Virtual Bridge MIB ........................... 44
6 Acknowledgments .............................................. 94
7 IANA Considerations .......................................... 94
8 Security Considerations ...................................... 94
9 Normative References ......................................... 97
10 Informative References ...................................... 98
11 Contact Information ......................................... 100
Appendix A. Email from Tony Jeffrey from IEEE .................. 102
Copyright Statement ........................................... 102
Disclaimer of Validity ........................................ 102
1. The Internet-Standard Management Framework 1. The Internet-Standard Management Framework
For a detailed overview of the documents that describe the current For a detailed overview of the documents that describe the current
Internet-Standard Management Framework, please refer to section 7 of Internet-Standard Management Framework, please refer to section 7 of
RFC 3410 [RFC3410]. RFC 3410 [RFC3410].
Managed objects are accessed via a virtual information store, termed Managed objects are accessed via a virtual information store, termed
the Management Information Base or MIB. MIB objects are generally the Management Information Base or MIB. MIB objects are generally
accessed through the Simple Network Management Protocol (SNMP). accessed through the Simple Network Management Protocol (SNMP).
Objects in the MIB are defined using the mechanisms defined in the Objects in the MIB are defined using the mechanisms defined in the
skipping to change at page 4, line 26 skipping to change at page 4, line 26
module that is compliant to the SMIv2, which is described in STD 58, module that is compliant to the SMIv2, which is described in STD 58,
RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580 RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579] and STD 58, RFC 2580
[RFC2580]. [RFC2580].
2. Overview 2. Overview
A common device present in many networks is the Bridge. This device A common device present in many networks is the Bridge. This device
is used to connect Local Area Network segments below the network is used to connect Local Area Network segments below the network
layer. These devices are often known as 'layer 2 switches'. layer. These devices are often known as 'layer 2 switches'.
There are two major modes defined for this bridging: Source-Route and
transparent. Source-Route bridging is described by IEEE 802.5
[802.5], and is not discussed further in this document.
The transparent method of bridging is defined by IEEE 802.1D-1998 The transparent method of bridging is defined by IEEE 802.1D-1998
[802.1D] which is an update to the original IEEE 802.1D specification [802.1D]. Managed objects for transparent bridging are defined in
[802.1D-ORIG]. Managed objects for that original specification of the BRIDGE-MIB [BRIDGE-MIB].
transparent bridging were defined in RFC 1493 [RFC1493].
The original IEEE 802.1D is augmented by IEEE 802.1Q-2003 [802.1Q] to The original IEEE 802.1D is augmented by IEEE 802.1Q-2003 [802.1Q] to
provide support for 'virtual bridged LANs' where a single bridged provide support for 'virtual bridged LANs' where a single bridged
physical LAN network may be used to support multiple logical bridged physical LAN network may be used to support multiple logical bridged
LANs, each of which offers a service approximately the same as that LANs, each of which offers a service approximately the same as that
defined by IEEE 802.1D. Such virtual LANs (VLANs) are an integral defined by IEEE 802.1D. Such virtual LANs (VLANs) are an integral
feature of switched LAN networks. A VLAN can be viewed as a group of feature of switched LAN networks. A VLAN can be viewed as a group of
end-stations on multiple LAN segments and can communicate as if they end-stations on multiple LAN segments and can communicate as if they
were on a single LAN. IEEE 802.1Q defines port-based Virtual LANs were on a single LAN. IEEE 802.1Q defines port-based Virtual LANs
where membership is determined by the bridge port on which data where membership is determined by the bridge port on which data
frames are received. This memo defines the objects needed for the frames are received, and port-and-protocol-based Virtual LANs where
management of port-based VLANs in bridge entities. membership is determined by the bridge port on which frames are
received and the protocol identifier of the frame. This memo defines
This memo defines those objects needed for the management of a the objects needed for the management of port-based VLANs in bridge
bridging entity operating in the transparent mode, as well as some entities.
objects applicable to all types of bridges. Managed objects for
Source-Route bridging are defined in RFC 1525 [RFC1525].
2.1. Scope 2.1. Scope
This MIB includes a comprehensive set of managed objects which The MIB modules defined in this document include a comprehensive set
attempts to match the set defined in IEEE 802.1D and IEEE 802.1Q. of managed objects which attempts to match the set defined in IEEE
However, to be consistent with the spirit of the SNMP Framework, a 802.1D and IEEE 802.1Q. However, to be consistent with the spirit of
subjective judgement was made to omit the objects from those the SNMP Framework, a subjective judgement was made to omit the
standards most 'costly' to implement in an agent and least objects from those standards most 'costly' to implement in an agent
'essential' for fault and configuration management. The omissions and least 'essential' for fault and configuration management. The
are described in section 3 below. omissions are described in section 3 below.
Historical note: Historical note:
The original bridge MIB [RFC1493] used the following principles for The original BRIDGE-MIB [RFC1493] used the following principles for
determining inclusion of an object in the BRIDGE-MIB module: determining inclusion of an object in the BRIDGE-MIB module:
(1) Start with a small set of essential objects and add only as (1) Start with a small set of essential objects and add only as
further objects are needed. further objects are needed.
(2) Require objects be essential for either fault or configuration (2) Require objects be essential for either fault or configuration
management. management.
(3) Consider evidence of current use and/or utility. (3) Consider evidence of current use and/or utility.
(4) Limit the total of objects. (4) Limit the total number of objects.
(5) Exclude objects which are simply derivable from others in this (5) Exclude objects which are simply derivable from others in this
or other MIBs. or other MIBs.
(6) Avoid causing critical sections to be heavily instrumented. (6) Avoid causing critical sections to be heavily instrumented.
The guideline that was followed is one counter per critical The guideline that was followed is one counter per critical
section per layer. section per layer.
3. Structure of MIBs 3. Structure of MIBs
This document defines additional objects, on top of those existing in This document defines objects which supplement those in the
the original BRIDGE-MIB module defined in [RFC1493]: that MIB module BRIDGE-MIB module [BRIDGE-MIB]. Section 3.4.3 of the present document
is to be maintained unchanged for backwards compatibility. Section contains some recommendations regarding usage of objects in the
3.4.3 of the present document contains some recommendations regarding BRIDGE-MIB by devices implementing the enhancements defined here.
usage of objects in the original bridge MIB by devices implementing
the enhancements defined here.
Two MIB modules are defined here:
(1) Managed objects for an extended bridge MIB module P-BRIDGE-MIB An extended bridge MIB module P-BRIDGE-MIB defines managed objects
for the traffic class and multicast filtering enhancements for the traffic class and multicast filtering enhancements defined by
defined by IEEE 802.1D-1998 [802.1D], including the Restricted IEEE 802.1D-1998 [802.1D], including the Restricted Group
Group Registration control defined by IEEE P802.1t [802.1t]. Registration control defined by IEEE P802.1t [802.1t].
(2) Managed objects for a virtual bridge MIB module Q-BRIDGE-MIB A virtual bridge MIB module Q-BRIDGE-MIB defines managed objects for
for the Virtual LAN bridging enhancements defined by IEEE the Virtual LAN bridging enhancements defined by IEEE 802.1Q-2003
802.1Q-2003 [802.1Q], including the Restricted VLAN [802.1Q], including the Restricted VLAN Registration control defined
Registration control defined by IEEE P802.1u [802.1u] and the by IEEE P802.1u [802.1u] and the VLAN Classification by Protocol and
VLAN Classification by Protocol and Port enhancement defined by Port enhancement defined by IEEE P802.1v [802.1v].
IEEE P802.1v [802.1v].
3.1. Structure of Extended Bridge MIB module 3.1. Structure of Extended Bridge MIB module
Objects in this MIB are arranged into groups. Each group is Objects in this MIB are arranged into subtrees. Each subtree is
organized as a set of related objects. The overall structure and organized as a set of related objects. The overall structure and
assignment of objects to their groups is shown below. assignment of objects to their subtrees is shown below.
3.1.1. Relationship to IEEE 802.1D-1998 Manageable Objects 3.1.1. Relationship to IEEE 802.1D-1998 Manageable Objects
This section contains a cross-reference to the objects defined in This section contains a cross-reference to the objects defined in
IEEE 802.1D-1998 [802.1D]. It also details those objects that are IEEE 802.1D-1998 [802.1D]. It also details those objects that are
not considered necessary in this MIB module. not considered necessary in this MIB module.
Some objects defined by IEEE 802.1D-1998 have been included in the Some objects defined by IEEE 802.1D-1998 have been included in the
virtual bridge MIB module rather than this one: entries in virtual bridge MIB module rather than this one: entries in
dot1qTpGroupTable, dot1qForwardAllTable and dot1qTpGroupTable, dot1qForwardAllTable and
skipping to change at page 8, line 42 skipping to change at page 8, line 33
dot1qConfigurablePvidTagging 12.10.1.1 read bridge vlan dot1qConfigurablePvidTagging 12.10.1.1 read bridge vlan
config config
dot1dLocalVlanCapable dot1dLocalVlanCapable
dot1dPortCapabilitiesTable dot1dPortCapabilitiesTable
dot1dPortCapabilities dot1dPortCapabilities
dot1qDot1qTagging 5.2 implementation options dot1qDot1qTagging 5.2 implementation options
dot1qConfigurableAcceptableFrameTypes dot1qConfigurableAcceptableFrameTypes
5.2 implementation options 5.2 implementation options
dot1qIngressFiltering 5.2 implementation options dot1qIngressFiltering 5.2 implementation options
3.1.3. The dot1dExtBase Group 3.1.3. The dot1dExtBase Subtree
This group contains the objects which are applicable to all bridges This subtree contains the objects which are applicable to all bridges
implementing the traffic class and multicast filtering features of implementing the traffic class and multicast filtering features of
IEEE 802.1D-1998 [802.1D]. It includes per-device configuration of IEEE 802.1D-1998 [802.1D]. It includes per-device configuration of
GARP and GMRP protocols. This group will be implemented by all GARP and GMRP protocols.
devices which implement the extensions defined in 802.1D-1998.
3.1.4. The dot1dPriority Group 3.1.4. The dot1dPriority Subtree
This group contains the objects for configuring and reporting status This subtree contains the objects for configuring and reporting
of priority-based queuing mechanisms in a bridge. This includes per- status of priority-based queuing mechanisms in a bridge. This
port user_priority treatment, mapping of user_priority in frames into includes per-port user_priority treatment, mapping of user_priority
internal traffic classes and outbound user_priority and in frames into internal traffic classes and outbound user_priority
access_priority. and access_priority.
3.1.5. The dot1dGarp Group 3.1.5. The dot1dGarp Subtree
This group contains the objects for configuring and reporting on This subtree contains the objects for configuring and reporting on
operation of the Generic Attribute Registration Protocol (GARP). operation of the Generic Attribute Registration Protocol (GARP).
3.1.6. The dot1dGmrp Group 3.1.6. The dot1dGmrp Subtree
This group contains the objects for configuring and reporting on This subtree contains the objects for configuring and reporting on
operation of the GARP Multicast Registration Protocol (GMRP). operation of the GARP Multicast Registration Protocol (GMRP).
3.1.7. The dot1dTpHCPortTable 3.1.7. The dot1dTpHCPortTable
This table extends the dot1dTp group from the original bridge MIB This table extends the dot1dTp subtree from the BRIDGE-MIB
[RFC1493] and contains the objects for reporting port bridging [BRIDGE-MIB] and contains the objects for reporting port bridging
statistics for high capacity network interfaces. statistics for high capacity network interfaces.
3.1.8. The dot1dTpPortOverflowTable 3.1.8. The dot1dTpPortOverflowTable
This table ex This table extends the dot1dTp subtree from the BRIDGE-MIB
tends the dot1dTp group from the original bridge MIB [BRIDGE-MIB] and contains the objects for reporting the upper bits of
[RFC1493] and contains the objects for reporting the upper bits of
port bridging statistics for high capacity network interfaces for port bridging statistics for high capacity network interfaces for
when 32-bit counters are inadequate. when 32-bit counters are inadequate.
3.2. Structure of Virtual Bridge MIB module 3.2. Structure of Virtual Bridge MIB module
Objects in this MIB are arranged into groups. Each group is Objects in this MIB are arranged into subtrees. Each subtree is
organized as a set of related objects. The overall structure and organized as a set of related objects. The overall structure and
assignment of objects to their groups is shown below. Some assignment of objects to their subtrees is shown below. Some
manageable objects defined in the original bridge MIB [RFC1493] need manageable objects defined in the BRIDGE-MIB [BRIDGE-MIB] need to be
to be indexed differently when they are used in a VLAN bridging indexed differently when they are used in a VLAN bridging
environment: these objects are, therefore, effectively duplicated by environment: these objects are, therefore, effectively duplicated by
new objects with different indexing which are defined in the Virtual new objects with different indexing which are defined in the Virtual
Bridge MIB. Bridge MIB.
3.2.1. Relationship to IEEE 802.1Q Manageable Objects 3.2.1. Relationship to IEEE 802.1Q Manageable Objects
This section contains section-number cross-references to manageable This section contains section-number cross-references to manageable
objects defined in clause 12 of IEEE 802.1Q-2003 [802.1Q]. It also objects defined in clause 12 of IEEE 802.1Q-2003 [802.1Q]. It also
details those objects that are not considered necessary in this MIB details those objects that are not considered necessary in this MIB
module. module.
skipping to change at page 13, line 38 skipping to change at page 13, line 29
entries (12.7.1.3) FDB in dot1dTpGroupTable entries (12.7.1.3) FDB in dot1dTpGroupTable
read garp state (12.9.3.1) not considered useful read garp state (12.9.3.1) not considered useful
notify vlan registration failure not considered useful notify vlan registration failure not considered useful
(12.10.1.6) (12.10.1.6)
notify learning constraint violation notify learning constraint violation
(12.10.3.10) not considered useful (12.10.3.10) not considered useful
3.2.2. The dot1qBase Group 3.2.2. The dot1qBase Subtree
This mandatory group contains the objects which are applicable to all This subtree contains the objects which are applicable to all bridges
bridges implementing IEEE 802.1Q virtual LANs. implementing IEEE 802.1Q virtual LANs.
3.2.3. The dot1qTp Group 3.2.3. The dot1qTp Subtree
This group contains objects that control the operation and report the This subtree contains objects that control the operation and report
status of transparent bridging. This includes management of the the status of transparent bridging. This includes management of the
dynamic Filtering Databases for both unicast and multicast dynamic Filtering Databases for both unicast and multicast
forwarding. This group will be implemented by all bridges that forwarding. This subtree will be implemented by all bridges that
perform destination-address filtering. perform destination-address filtering.
3.2.4. The dot1qStatic Group 3.2.4. The dot1qStatic Subtree
This group contains objects that control static configuration This subtree contains objects that control static configuration
information for transparent bridging. This includes management of information for transparent bridging. This includes management of
the static entries in the Filtering Databases for both unicast and the static entries in the Filtering Databases for both unicast and
multicast forwarding. multicast forwarding.
3.2.5. The dot1qVlan Group 3.2.5. The dot1qVlan Subtree
This group contains objects that control configuration and report This subtree contains objects that control configuration and report
status of the Virtual LANs known to a bridge. This includes status of the Virtual LANs known to a bridge. This includes
management of the statically configured VLANs as well as reporting management of the statically configured VLANs as well as reporting
VLANs discovered by other means e.g. GVRP. It also controls VLANs discovered by other means e.g. GVRP. It also controls
configuration and reports status of per-port objects relating to configuration and reports status of per-port objects relating to
VLANs and reports traffic statistics. It also provides for VLANs and reports traffic statistics. It also provides for
management of the VLAN Learning Constraints. management of the VLAN Learning Constraints.
3.3. Textual Conventions 3.3. Textual Conventions
The datatypes MacAddress, BridgeId, Timeout, EnabledStatus, PortList,
VlanIndex and VlanId are used as textual conventions in this
document. These textual conventions have NO effect on either the
syntax nor the semantics of any managed object. Objects defined
using these conventions are always encoded by means of the rules that
define their primitive type. Hence, no changes to the SMI or the
SNMP are necessary to accommodate these textual conventions which are
adopted merely for the convenience of readers.
Various Working Groups have defined standards-track MIB documents Various Working Groups have defined standards-track MIB documents
(for example [RFC2613] and [RFC3318]), that contain objects and (for example [RFC2613] and [RFC3318]), that contain objects and
Textual Conventions to represent a Virtual Local Area Network Textual Conventions to represent a Virtual Local Area Network
Identifier (VLAN-ID) [802.1Q]. New definitions are showing up in Identifier (VLAN-ID) [802.1Q]. New definitions are showing up in
various Internet-Drafts (for example [I-D.ietf-ipcdn-qos-mib], [I- various Internet-Drafts (for example [I-D.ietf-ipcdn-qos-mib],
D.ietf-rmonmib-sspm-mib]). Unfortunately the result is a set of [I-D.ietf-rmonmib-sspm-mib]). Unfortunately the result is a set of
different definitions for the same piece of management information. different definitions for the same piece of management information.
This may lead to confusion and unnecessary complexity. In order to This may lead to confusion and unnecessary complexity. In order to
address this situation, three new textual conventions are defined in address this situation, three new textual conventions are defined in
the Q-BRIDGE-MIB, called VlanIdOrAny, VlanIdOrNone, and the Q-BRIDGE-MIB, called VlanIdOrAny, VlanIdOrNone, and
VlanIdOrAnyOrNone. These new textual conventions should be (re-)used VlanIdOrAnyOrNone. These new textual conventions should be (re-)used
in MIB modules, so that they all represent a VLAN-ID in the same way. in MIB modules, so that they all represent a VLAN-ID in the same way.
In fact, PIB modules can and should also use these TCs when then need
to represent a VLAN-ID.
These textual conventions provide a means to specify MIB objects that These textual conventions provide a means to specify MIB objects that
refer to either a specific VLAN, to any VLAN, or to no VLAN. For an refer to either a specific VLAN, to any VLAN, or to no VLAN. For an
example of how these textual conventions might be used, consider a example of how these textual conventions might be used, consider a
MIB object, with SYNTAX of VlanIdOrAnyOrNone, that specifies the VLAN MIB object, with SYNTAX of VlanIdOrAnyOrNone, that specifies the VLAN
on which to accept incoming packets of a particular protocol. Such on which to accept incoming packets of a particular protocol. Such
an object would allow the device to be configured to accept packets an object would allow the device to be configured to accept packets
of this protocol received with a specific 802.1q tag value, with any of this protocol received with a specific 802.1q tag value, with any
802.1q tag value, or with no 802.1q tag. Note that a MIB object that 802.1q tag value, or with no 802.1q tag. Note that a MIB object that
is defined using one of these textual conventions should clarify the is defined using one of these textual conventions should clarify the
meaning of 'any VLAN' and/or 'no VLAN' in its DESCRIPTION clause. meaning of 'any VLAN' and/or 'no VLAN' in its DESCRIPTION clause.
3.4. Relationship to Other MIBs 3.4. Relationship to Other MIBs
As described above, some IEEE 802.1D management objects have not been As described above, some IEEE 802.1D management objects have not been
included in this MIB because they overlap with objects in other MIBs included in this MIB because they overlap with objects in other MIBs
applicable to a bridge implementing this MIB. In particular, it is applicable to a bridge implementing this MIB module.
assumed that a bridge implementing this MIB will also implement (at
least) the 'system' group defined in MIB-II [RFC1213], the
'interfaces' group defined in [RFC2863] and the original bridge MIB
[RFC1493].
3.4.1. Relationship to the 'system' group 3.4.1. Relationship to the SNMPv2-MIB
In MIB-II, the 'system' group is defined as being mandatory for all The SNMPv2-MIB [RFC3418] defines objects that are generally
systems such that each managed entity contains one instance of each applicable to managed devices. These objects apply to the device as
object in the 'system' group. Thus, those objects apply to the a whole irrespective of whether the device's sole functionality is
entity as a whole irrespective of whether the entity's sole bridging, or whether bridging is only a subset of the device's
functionality is bridging, or whether bridging is only a subset of functionality.
the entity's functionality.
3.4.2. Relation to Interfaces MIB Full support for the 802.1D management objects requires that the
SNMPv2-MIB objects sysDescr and sysUpTime are implemented. Note that
compliance to the current SNMPv2-MIB module requires additional
objects and notifications to be implemented as specified in RFC 3418
[RFC3418].
The Interfaces Group MIB [RFC2863], requires that any MIB which is an 3.4.2. Relationship to the IF-MIB
adjunct of the Interfaces Group MIB, clarify specific areas within
the Interfaces Group MIB. These areas were intentionally left vague
in the Interfaces Group MIB to avoid over-constraining the MIB,
thereby precluding management of certain media-types.
The Interfaces Group MIB enumerates several areas which a media- The IF-MIB, [RFC2863], requires that any MIB which is an adjunct of
specific MIB must clarify. Each of these areas is addressed in a the IF-MIB clarify specific areas within the IF-MIB. These areas
following subsection. The implementor is referred to the Interfaces were intentionally left vague in the IF-MIB in order to avoid
Group MIB in order to understand the general intent of these areas. over-constraining the MIB, thereby precluding management of certain
media-types.
In the Interfaces Group MIB, the 'interfaces' group is defined as The IF-MIB enumerates several areas which a media-specific MIB must
being mandatory for all systems and contains information on an clarify. Each of these areas is addressed in a following subsection.
entity's interfaces, where each interface is thought of as being The implementor is referred to the IF-MIB in order to understand the
attached to a `subnetwork'. (Note that this term is not to be general intent of these areas.
confused with `subnet' which refers to an addressing partitioning
scheme used in the Internet suite of protocols.) The term 'segment' The IF-MIB [RFC2863] defines managed objects for managing network
is used in this memo to refer to such a subnetwork, whether it be an interfaces. A network interface is thought of as being attached to a
Ethernet segment, a 'ring', a WAN link, or even an X.25 virtual `subnetwork'. (Note that this term is not to be confused with
circuit. `subnet' which refers to an addressing partitioning scheme used in
the Internet suite of protocols.) The term 'segment' is used in this
memo to refer to such a subnetwork, whether it be an Ethernet
segment, a 'ring', a WAN link, or even an X.25 virtual circuit.
Full support for the 802.1D management objects requires that the
IF-MIB objects ifIndex, ifType, ifDescr, ifPhysAddress, and
ifLastChange are implemented. Note that compliance to the current
IF-MIB module requires additional objects and notifications to be
implemented as specified in RFC 2863 [RFC2863].
Implicit in this Extended Bridge MIB is the notion of ports on a Implicit in this Extended Bridge MIB is the notion of ports on a
bridge. Each of these ports is associated with one interface of the bridge. Each of these ports is associated with one interface of the
'interfaces' group (one row in ifTable) and, in most situations, each 'interfaces' subtree (one row in ifTable) and, in most situations,
port is associated with a different interface. However, there are each port is associated with a different interface. However, there
situations in which multiple ports are associated with the same are situations in which multiple ports are associated with the same
interface. An example of such a situation would be several ports interface. An example of such a situation would be several ports
each corresponding one-to-one with several X.25 virtual circuits but each corresponding one-to-one with several X.25 virtual circuits but
all on the same interface. all on the same interface.
Each port is uniquely identified by a port number. A port number has Each port is uniquely identified by a port number. A port number has
no mandatory relationship to an interface number, but in the simple no mandatory relationship to an interface number, but in the simple
case a port number will have the same value as the corresponding case a port number will have the same value as the corresponding
interface's interface number. Port numbers are in the range interface's interface number. Port numbers are in the range
(1..dot1dBaseNumPorts). (1..dot1dBaseNumPorts).
Some entities perform other functionality as well as bridging through Some entities perform other functionality as well as bridging through
the sending and receiving of data on their interfaces. In such the sending and receiving of data on their interfaces. In such
situations, only a subset of the data sent/recei situations, only a subset of the data sent/received on an interface
ved on an interface
is within the domain of the entity's bridging functionality. This is within the domain of the entity's bridging functionality. This
subset is considered to be delineated according to a set of subset is considered to be delineated according to a set of
protocols, with some protocols being bridged, and other protocols not protocols, with some protocols being bridged, and other protocols not
being bridged. For example, in an entity which exclusively performed being bridged. For example, in an entity which exclusively performed
bridging, all protocols would be considered as being bridged, whereas bridging, all protocols would be considered as being bridged, whereas
in an entity which performed IP routing on IP datagrams and only in an entity which performed IP routing on IP datagrams and only
bridged other protocols, only the non-IP data would be considered as bridged other protocols, only the non-IP data would be considered as
being bridged. Thus, this Extended Bridge MIB (and in particular, being bridged.
its counters) is applicable only to that subset of the data on an
entity's interfaces which is sent/received for a protocol being Thus, this Extended Bridge MIB (and in particular, its counters) is
bridged. All such data is sent/received via the ports of the bridge. applicable only to that subset of the data on an entity's interfaces
which is sent/received for a protocol being bridged. All such data
is sent/received via the ports of the bridge.
3.4.2.1. Layering Model 3.4.2.1. Layering Model
This memo assumes the interpretation of the Interfaces Group to be in This memo assumes the interpretation of the Interfaces Subtree to be
accordance with the Interfaces Group MIB [RFC2863] which states that in accordance with the IF-MIB [RFC2863] which states that the
the interfaces table (ifTable) contains information on the managed interfaces table (ifTable) contains information on the managed
resource's interfaces and that each sub-layer below the internetwork resource's interfaces and that each sub-layer below the internetwork
layer of a network interface is considered an interface. layer of a network interface is considered an interface.
This document recommends that, within an entity, VLANs which are This document does not make any assumption that within an entity,
instantiated as an entry in dot1qVlanCurrentTable by either VLANs which are instantiated as an entry in dot1qVlanCurrentTable by
management configuration through dot1qVlanStaticTable or by dynamic either management configuration through dot1qVlanStaticTable or by
means (e.g. through GVRP), are NOT also represented by an entry in dynamic means (e.g. through GVRP), are also represented by an entry
ifTable. in ifTable.
Where an entity contains higher-layer protocol entities e.g. IP-layer Where an entity contains higher-layer protocol entities e.g. IP-layer
interfaces that transmit and receive traffic to/from a VLAN, these interfaces that transmit and receive traffic to/from a VLAN, these
should be represented in the ifTable as interfaces of type should be represented in the ifTable as interfaces of type
propVirtual(53). Protocol-specific types such as l3ipxvlan(137) propVirtual(53). Protocol-specific types such as l3ipxvlan(137)
should not be used here since there is no implication that the bridge should not be used here since there is no implication that the bridge
will perform any protocol filtering before delivering up to these will perform any protocol filtering before delivering up to these
virtual interfaces. virtual interfaces.
3.4.2.2. ifStackTable 3.4.2.2. ifStackTable
In addition, the Interfaces Group MIB [RFC2863] defines a table In addition, the IF-MIB [RFC2863] defines a table 'ifStackTable' for
'ifStackTable' for describing the relationship between logical describing the relationship between logical interfaces within an
interfaces within an entity. It is anticipated that implementors entity. It is anticipated that implementors will use this table to
will use this table to describe the binding of e.g. IP interfaces to describe the binding of e.g. IP interfaces to physical ports,
physical ports, although the presence of VLANs makes the although the presence of VLANs makes the representation less than
representation less than perfect for showing connectivity: the perfect for showing connectivity: the ifStackTable cannot represent
ifStackTable cannot represent the full capability of the IEEE 802.1Q the full capability of the IEEE 802.1Q VLAN bridging standard since
VLAN bridging standard since that makes a distinction between VLAN that makes a distinction between VLAN bindings on 'ingress' to and
bindings on 'ingress' to and 'egress' from a port: these 'egress' from a port: these relationships may or may not be
relationships may or may not be symmetrical whereas Interface MIB symmetrical whereas Interface MIB Evolution assumes a symmetrical
Evolution assumes a symmetrical binding for transmit and receive. binding for transmit and receive. This makes it necessary to define
This makes it necessary to define other manageable objects for other manageable objects for configuring which ports are members of
configuring which ports are members of which VLANs. which VLANs.
3.4.2.3. ifRcvAddressTable 3.4.2.3. ifRcvAddressTable
This table contains all MAC addresses, unicast, multicast, and This table contains all MAC addresses, unicast, multicast, and
broadcast, for which an interface will receive packets and forward broadcast, for which an interface will receive packets and forward
them up to a higher layer entity for local consumption. Note that them up to a higher layer entity for local consumption. Note that
this does not include addresses for data-link layer control protocols this does not include addresses for data-link layer control protocols
such as Spanning-Tree, GMRP or GVRP. The format of the address, such as Spanning-Tree, GMRP or GVRP. The format of the address,
contained in ifRcvAddressAddress, is the same as for ifPhysAddress. contained in ifRcvAddressAddress, is the same as for ifPhysAddress.
This table does not include unicast or multicast addresses which are This table does not include unicast or multicast addresses which are
accepted for possible forwarding out some other port. This table is accepted for possible forwarding out some other port. This table is
explicitly not intended to provide a bridge address filtering explicitly not intended to provide a bridge address filtering
mechanism. mechanism.
3.4.3. Relation to Original Bridge MIB 3.4.3. Relationship to the BRIDGE-MIB
This section defines how objects in the original bridge MIB module This section defines how objects in the BRIDGE-MIB module
[RFC1493] should be represented for devices which implement the [BRIDGE-MIB] should be represented for devices which implement the
extensions: some of the old objects are less useful in such devices extensions: some of the old objects are less useful in such devices
but must still be implemented for reasons of backwards compatibility. but must still be implemented for reasons of backwards compatibility.
Note that formal conformance statements for that MIB module do not
exist since it is defined in SMIv1.
3.4.3.1. The dot1dBase Group 3.4.3.1. The dot1dBase Subtree
This mandatory group contains the objects which are applicable to all This subtree contains objects which are applicable to all types of
types of bridges. Interpretation of this group is unchanged. bridges. Interpretation of this subtree is unchanged.
3.4.3.2. The dot1dStp Group 3.4.3.2. The dot1dStp Subtree
This group contains the objects that denote the bridge's state with This subtree contains the objects that denote the bridge's state with
respect to the Spanning Tree Protocol. Interpretation of this group respect to the Spanning Tree Protocol. Interpretation of this
is unchanged. subtree is unchanged.
3.4.3.3. The dot1dTp Group 3.4.3.3. The dot1dTp Subtree
This group contains objects that describe the entity's state with This subtree contains objects that describe the entity's state with
respect to transparent bridging. respect to transparent bridging.
In a device operating with a single Filtering Database, In a device operating with a single Filtering Database,
interpretation of this group is unchanged. interpretation of this subtree is unchanged.
In a device supporting multiple Filtering Databases, this group is In a device supporting multiple Filtering Databases, this subtree is
interpreted as follows: interpreted as follows:
dot1dTpLearnedEntryDiscards dot1dTpLearnedEntryDiscards
The number of times that *any* of the FDBs became full. The number of times that *any* of the FDBs became full.
dot1dTpAgingTime dot1dTpAgingTime
This applies to all Filtering Databases. This applies to all Filtering Databases.
dot1dTpFdbTable dot1dTpFdbTable
skipping to change at page 19, line 22 skipping to change at page 19, line 9
This table is port-based and is not affected by multiple This table is port-based and is not affected by multiple
Filtering Databases or multiple VLANs. The counters should Filtering Databases or multiple VLANs. The counters should
include frames received or transmitted for all VLANs. Note that include frames received or transmitted for all VLANs. Note that
equivalent 64-bit port statistics counters, as well as other equivalent 64-bit port statistics counters, as well as other
objects to represent the upper 32 bits of these counters, are objects to represent the upper 32 bits of these counters, are
defined in this document for high capacity network interfaces. defined in this document for high capacity network interfaces.
These have conformance statements to indicate for which speeds These have conformance statements to indicate for which speeds
of interface they are required. of interface they are required.
3.4.3.4. The dot1dStatic Group 3.4.3.4. The dot1dStatic Subtree
This optional group contains objects that describe the configuration This optional subtree contains objects that describe the
of destination-address filtering. configuration of destination-address filtering.
In a device operating with a single Filtering Database, In a device operating with a single Filtering Database,
interpretation of this group is unchanged. interpretation of this subtree is unchanged.
In a device supporting multiple Filtering Databases, this group is In a device supporting multiple Filtering Databases, this subtree is
interpreted as follows: interpreted as follows:
dot1dStaticTable dot1dStaticTable
Entries read from this table include all static entries from all Entries read from this table include all static entries from all
of the Filtering Databases. Entries for the same MAC address of the Filtering Databases. Entries for the same MAC address
and receive port in more than one Filtering Database must appear and receive port in more than one Filtering Database must appear
only once since these are the indices of this table. This table only once since these are the indices of this table. This table
should be implemented as read-only in devices that support should be implemented as read-only in devices that support
multiple Forwarding Databases - instead, write access should be multiple Forwarding Databases - instead, write access should be
provided through dot1qStaticUnicastTable and provided through dot1qStaticUnicastTable and
dot1qStaticMulticastTable, as defined in this document. dot1qStaticMulticastTable, as defined in this document.
3.4.3.5. Additions to the Original Bridge MIB 3.4.3.5. Additions to the BRIDGE-MIB
In addition to the objects in the original bridge MIB [RFC1493], this To supplement the BRIDGE-MIB [BRIDGE-MIB], this module contains:
document contains:
(1) support for multiple traffic classes and dynamic multicast (1) support for multiple traffic classes and dynamic multicast
filtering as per IEEE 802.1D-1998 [802.1D]. filtering as per IEEE 802.1D-1998 [802.1D].
(2) support for bridged Virtual LANs as per IEEE 802.1Q-2003 (2) support for bridged Virtual LANs as per IEEE 802.1Q-2003
[802.1Q]. [802.1Q].
(3) support for 64-bit versions of original bridge MIB [RFC1493] (3) support for 64-bit versions of BRIDGE-MIB [BRIDGE-MIB] port
port counters. counters.
4. Definitions for Extended Bridge MIB 4. Definitions for Extended Bridge MIB
P-BRIDGE-MIB DEFINITIONS ::= P-BRIDGE-MIB DEFINITIONS ::= BEGIN
BEGIN
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- MIB for IEEE 802.1p devices -- MIB for IEEE 802.1p devices
-- ------------------------------------------------------------- -- -------------------------------------------------------------
IMPORTS IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Counter32, Counter64 MODULE-IDENTITY, OBJECT-TYPE, Counter32, Counter64
FROM SNMPv2-SMI FROM SNMPv2-SMI
TruthValue, TimeInterval, MacAddress, TEXTUAL-CONVENTION TruthValue, TimeInterval, MacAddress, TEXTUAL-CONVENTION
FROM SNMPv2-TC FROM SNMPv2-TC
MODULE-COMPLIANCE, OBJECT-GROUP MODULE-COMPLIANCE, OBJECT-GROUP
FROM SNMPv2-CONF FROM SNMPv2-CONF
dot1dTp, dot1dTpPort, dot1dBridge, dot1dTp, dot1dTpPort, dot1dBridge,
dot1dBasePortEntry, dot1dBasePort dot1dBasePortEntry, dot1dBasePort
FROM BRIDGE-MIB; FROM BRIDGE-MIB;
pBridgeMIB MODULE-IDENTITY pBridgeMIB MODULE-IDENTITY
LAST-UPDATED "200203010000Z" LAST-UPDATED "200412130000Z"
ORGANIZATION "IETF Bridge MIB Working Group" ORGANIZATION "IETF Bridge MIB Working Group"
CONTACT-INFO CONTACT-INFO
"Email: Bridge-mib@ietf.org" "Email: bridge-mib@ietf.org
ietfmibs@ops.ietf.org
Les Bell
Postal: 3Com Europe Ltd.
3Com Centre, Boundary Way
Hemel Hempstead, Herts. HP2 7YU
UK
Phone: +44 1442 438025
Email: elbell@ntlworld.com
Vivian Ngai
Postal:
Phone:
Email:
Andrew Smith
Postal: Beijing Harbour Networks
Jiuling Building
21 North Xisanhuan Ave.
Beijing, 100089
PRC
Fax: +1 415 345 1827
Email: ah_smith@acm.org
Paul Langille
Postal: Newbridge Networks
5 Corporate Drive
Andover, MA 01810
USA
Phone: +1 978 691 4665
Email: langille@newbridge.com
Anil Rijhsinghani
Postal: Accton Technology Corporation
5 Mount Royal Ave
Marlboro, MA 01752
USA
Phone:
Email: anil@accton.com
Keith McCloghrie
Postal: Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
Phone: +1 408 526 5260
Email: kzm@cisco.com"
DESCRIPTION DESCRIPTION
"The Bridge MIB Extension module for managing Priority "The Bridge MIB Extension module for managing Priority
and Multicast Filtering, defined by IEEE 802.1D-1998, and Multicast Filtering, defined by IEEE 802.1D-1998,
including Restricted Group Registration defined by including Restricted Group Registration defined by
IEEE 802.1t-2001." IEEE 802.1t-2001.
Copyright (C) The Internet Society (2005). This version of
this MIB module is part of RFC XXXX; See the RFC itself for
full legal notices."
-- RFC ed.: replace XXXX with actual RFC number for this document and remove this note
-- revision history -- revision history
REVISION "200203010000Z" REVISION "200412130000Z"
DESCRIPTION DESCRIPTION
"Draft 0 (RFC 2674 update)." "Added dot1dPortRestrictedGroupRegistration.
Deprecated pBridgePortGmrpGroup and pBridgeCompliance
and added pBridgePortGmrpGroup2 and pBridgeCompliance2."
REVISION "199908250000Z"
DESCRIPTION
"The Bridge MIB Extension module for managing Priority
and Multicast Filtering, defined by IEEE 802.1D-1998.
Initial version, published as RFC 2674."
::= { dot1dBridge 6 } ::= { dot1dBridge 6 }
pBridgeMIBObjects OBJECT IDENTIFIER ::= { pBridgeMIB 1 } pBridgeMIBObjects OBJECT IDENTIFIER ::= { pBridgeMIB 1 }
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- Textual Conventions -- Textual Conventions
-- ------------------------------------------------------------- -- -------------------------------------------------------------
EnabledStatus ::= TEXTUAL-CONVENTION EnabledStatus ::= TEXTUAL-CONVENTION
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A simple status value for the object." "A simple status value for the object."
SYNTAX INTEGER { enabled(1), disabled(2) } SYNTAX INTEGER { enabled(1), disabled(2) }
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- subtrees in the P-BRIDGE MIB
-- ------------------------------------------------------------- -- -------------------------------------------------------------
dot1dExtBase OBJECT IDENTIFIER ::= { pBridgeMIBObjects 1 } dot1dExtBase OBJECT IDENTIFIER ::= { pBridgeMIBObjects 1 }
dot1dPriority OBJECT IDENTIFIER ::= { pBridgeMIBObjects 2 } dot1dPriority OBJECT IDENTIFIER ::= { pBridgeMIBObjects 2 }
dot1dGarp OBJECT IDENTIFIER ::= { pBridgeMIBObjects 3 } dot1dGarp OBJECT IDENTIFIER ::= { pBridgeMIBObjects 3 }
dot1dGmrp OBJECT IDENTIFIER ::= { pBridgeMIBObjects 4 } dot1dGmrp OBJECT IDENTIFIER ::= { pBridgeMIBObjects 4 }
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- the dot1dExtBase subtree
-- ------------------------------------------------------------- -- -------------------------------------------------------------
dot1dDeviceCapabilities OBJECT-TYPE dot1dDeviceCapabilities OBJECT-TYPE
SYNTAX BITS { SYNTAX BITS {
dot1dExtendedFilteringServices(0), dot1dExtendedFilteringServices(0),
-- can perform filtering of -- can perform filtering of
-- individual multicast addresses -- individual multicast addresses
-- controlled by GMRP. -- controlled by GMRP.
dot1dTrafficClasses(1), dot1dTrafficClasses(1),
-- can map user priority to -- can map user priority to
skipping to change at page 24, line 22 skipping to change at page 24, line 37
dot1dPortCapabilitiesEntry OBJECT-TYPE dot1dPortCapabilitiesEntry OBJECT-TYPE
SYNTAX Dot1dPortCapabilitiesEntry SYNTAX Dot1dPortCapabilitiesEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A set of capabilities information about this port "A set of capabilities information about this port
indexed by dot1dBasePort." indexed by dot1dBasePort."
AUGMENTS { dot1dBasePortEntry } AUGMENTS { dot1dBasePortEntry }
::= { dot1dPortCapabilitiesTable 1 } ::= { dot1dPortCapabilitiesTable 1 }
Dot1dPortCapabilitiesEntry ::= Dot1dPortCapabilitiesEntry :: SEQUENCE {
SEQUENCE {
dot1dPortCapabilities dot1dPortCapabilities
BITS BITS
} }
dot1dPortCapabilities OBJECT-TYPE dot1dPortCapabilities OBJECT-TYPE
SYNTAX BITS { SYNTAX BITS {
dot1qDot1qTagging(0), -- supports 802.1Q VLAN tagging of dot1qDot1qTagging(0), -- supports 802.1Q VLAN tagging of
-- frames and GVRP. -- frames and GVRP.
dot1qConfigurableAcceptableFrameTypes(1), dot1qConfigurableAcceptableFrameTypes(1),
-- allows modified values of -- allows modified values of
skipping to change at page 25, line 8 skipping to change at page 25, line 24
DESCRIPTION DESCRIPTION
"Indicates the parts of IEEE 802.1D and 802.1Q that are "Indicates the parts of IEEE 802.1D and 802.1Q that are
optional on a per-port basis that are implemented by optional on a per-port basis that are implemented by
this device and are manageable through this MIB." this device and are manageable through this MIB."
REFERENCE REFERENCE
"ISO/IEC 15802-3 Section 5.2, "ISO/IEC 15802-3 Section 5.2,
IEEE 802.1Q/D11 Section 5.2" IEEE 802.1Q/D11 Section 5.2"
::= { dot1dPortCapabilitiesEntry 1 } ::= { dot1dPortCapabilitiesEntry 1 }
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- the dot1dPriority subtree
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- Port Priority Table -- Port Priority Table
-- ------------------------------------------------------------- -- -------------------------------------------------------------
dot1dPortPriorityT dot1dPortPriorityTable OBJECT-TYPE
able OBJECT-TYPE
SYNTAX SEQUENCE OF Dot1dPortPriorityEntry SYNTAX SEQUENCE OF Dot1dPortPriorityEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A table that contains information about every port that "A table that contains information about every port that
is associated with this transparent bridge." is associated with this transparent bridge."
::= { dot1dPriority 1 } ::= { dot1dPriority 1 }
dot1dPortPriorityEntry OBJECT-TYPE dot1dPortPriorityEntry OBJECT-TYPE
SYNTAX Dot1dPortPriorityEntry SYNTAX Dot1dPortPriorityEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A list of Default User Priorities for each port of a "A list of Default User Priorities for each port of a
transparent bridge. This is indexed by dot1dBasePort." transparent bridge. This is indexed by dot1dBasePort."
AUGMENTS { dot1dBasePortEntry } AUGMENTS { dot1dBasePortEntry }
::= { dot1dPortPriorityTable 1 } ::= { dot1dPortPriorityTable 1 }
Dot1dPortPriorityEntry ::= Dot1dPortPriorityEntry ::
SEQUENCE { SEQUENCE {
dot1dPortDefaultUserPriority dot1dPortDefaultUserPriority
INTEGER, INTEGER,
dot1dPortNumTrafficClasses dot1dPortNumTrafficClasses
INTEGER INTEGER
} }
dot1dPortDefaultUserPriority OBJECT-TYPE dot1dPortDefaultUserPriority OBJECT-TYPE
SYNTAX INTEGER (0..7) SYNTAX INTEGER (0..7)
MAX-ACCESS read-write MAX-ACCESS read-write
skipping to change at page 26, line 45 skipping to change at page 27, line 15
dot1dUserPriorityRegenEntry OBJECT-TYPE dot1dUserPriorityRegenEntry OBJECT-TYPE
SYNTAX Dot1dUserPriorityRegenEntry SYNTAX Dot1dUserPriorityRegenEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A mapping of incoming User Priority to a Regenerated "A mapping of incoming User Priority to a Regenerated
User Priority." User Priority."
INDEX { dot1dBasePort, dot1dUserPriority } INDEX { dot1dBasePort, dot1dUserPriority }
::= { dot1dUserPriorityRegenTable 1 } ::= { dot1dUserPriorityRegenTable 1 }
Dot1dUserPriorityRegenEntry ::= Dot1dUserPriorityRegenEntry :: SEQUENCE {
SEQUENCE {
dot1dUserPriority dot1dUserPriority
INTEGER, INTEGER,
dot1dRegenUserPriority dot1dRegenUserPriority
INTEGER INTEGER
} }
dot1dUserPriority OBJECT-TYPE dot1dUserPriority OBJECT-TYPE
SYNTAX INTEGER (0..7) SYNTAX INTEGER (0..7)
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
skipping to change at page 27, line 49 skipping to change at page 28, line 18
dot1dTrafficClassEntry OBJECT-TYPE dot1dTrafficClassEntry OBJECT-TYPE
SYNTAX Dot1dTrafficClassEntry SYNTAX Dot1dTrafficClassEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"User Priority to Traffic Class mapping." "User Priority to Traffic Class mapping."
INDEX { dot1dBasePort, dot1dTrafficClassPriority } INDEX { dot1dBasePort, dot1dTrafficClassPriority }
::= { dot1dTrafficClassTable 1 } ::= { dot1dTrafficClassTable 1 }
Dot1dTrafficClassEntry ::= Dot1dTrafficClassEntry :: SEQUENCE {
SEQUENCE {
dot1dTrafficClassPriority dot1dTrafficClassPriority
INTEGER, INTEGER,
dot1dTrafficClass dot1dTrafficClass
INTEGER INTEGER
} }
dot1dTrafficClassPriority OBJECT-TYPE dot1dTrafficClassPriority OBJECT-TYPE
SYNTAX INTEGER (0..7) SYNTAX INTEGER (0..7)
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
skipping to change at page 29, line 18 skipping to change at page 29, line 33
dot1dPortOutboundAccessPriorityEntry OBJECT-TYPE dot1dPortOutboundAccessPriorityEntry OBJECT-TYPE
SYNTAX Dot1dPortOutboundAccessPriorityEntry SYNTAX Dot1dPortOutboundAccessPriorityEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Regenerated User Priority to Outbound Access Priority "Regenerated User Priority to Outbound Access Priority
mapping." mapping."
INDEX { dot1dBasePort, dot1dRegenUserPriority } INDEX { dot1dBasePort, dot1dRegenUserPriority }
::= { dot1dPortOutboundAccessPriorityTable 1 } ::= { dot1dPortOutboundAccessPriorityTable 1 }
Dot1dPortOutboundAccessPriorityEntry ::= Dot1dPortOutboundAccessPriorityEntry :: SEQUENCE {
SEQUENCE {
dot1dPortOutboundAccessPriority dot1dPortOutboundAccessPriority
INTEGER INTEGER
} }
dot1dPortOutboundAccessPriority OBJECT-TYPE dot1dPortOutboundAccessPriority OBJECT-TYPE
SYNTAX INTEGER (0..7) SYNTAX INTEGER (0..7)
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The Outbound Access Priority the received frame is "The Outbound Access Priority the received frame is
mapped to." mapped to."
::= { dot1dPortOutboundAccessPriorityEntry 1 } ::= { dot1dPortOutboundAccessPriorityEntry 1 }
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- the dot1dGarp subtree
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- The GARP Port Table -- The GARP Port Table
-- ------------------------------------------------------------- -- -------------------------------------------------------------
dot1dPortGarpTable OBJECT-TYPE dot1dPortGarpTable OBJECT-TYPE
SYNTAX SEQUENCE OF Dot1dPortGarpEntry SYNTAX SEQUENCE OF Dot1dPortGarpEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A table of GARP control information about every bridge "A table of GARP control information about every bridge
port. This is indexed by dot1dBasePort." port. This is indexed by dot1dBasePort."
::= { dot1dGarp 1 } ::= { dot1dGarp 1 }
Bell et. al Expires April 2005
dot1dPortGarpEntry OBJECT-TYPE dot1dPortGarpEntry OBJECT-TYPE
SYNTAX Dot1dPortGarpEntry SYNTAX Dot1dPortGarpEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"GARP control information for a bridge port." "GARP control information for a bridge port."
AUGMENTS { dot1dBasePortEntry } AUGMENTS { dot1dBasePortEntry }
::= { dot1dPortGarpTable 1 } ::= { dot1dPortGarpTable 1 }
Dot1dPortGarpEntry ::= Dot1dPortGarpEntry :: SEQUENCE {
SEQUENCE {
dot1dPortGarpJoinTime dot1dPortGarpJoinTime
TimeInterval, TimeInterval,
dot1dPortGarpLeaveTime dot1dPortGarpLeaveTime
TimeInterval, TimeInterval,
dot1dPortGarpLeaveAllTime dot1dPortGarpLeaveAllTime
TimeInterval TimeInterval
} }
dot1dPortGarpJoinTime OBJECT-TYPE dot1dPortGarpJoinTime OBJECT-TYPE
SYNTAX TimeInterval SYNTAX TimeInterval
skipping to change at page 31, line 27 skipping to change at page 31, line 41
dot1dPortGmrpEntry OBJECT-TYPE dot1dPortGmrpEntry OBJECT-TYPE
SYNTAX Dot1dPortGmrpEntry SYNTAX Dot1dPortGmrpEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"GMRP control and status information for a bridge port." "GMRP control and status information for a bridge port."
AUGMENTS { dot1dBasePortEntry } AUGMENTS { dot1dBasePortEntry }
::= { dot1dPortGmrpTable 1 } ::= { dot1dPortGmrpTable 1 }
Dot1dPortGmrpEntry ::= Dot1dPortGmrpEntry :: SEQUENCE {
SEQUENCE {
dot1dPortGmrpStatus dot1dPortGmrpStatus
EnabledStatus, EnabledStatus,
dot1dPortGmrpFailedRegistrations dot1dPortGmrpFailedRegistrations
Counter32, Counter32,
dot1dPortGmrpLastPduOrigin dot1dPortGmrpLastPduOrigin
MacAddress, MacAddress,
dot1dPortRestrictedGroupRegistration dot1dPortRestrictedGroupRegistration
TruthValue TruthValue
} }
skipping to change at page 33, line 25 skipping to change at page 33, line 40
dot1dTpHCPortEntry OBJECT-TYPE dot1dTpHCPortEntry OBJECT-TYPE
SYNTAX Dot1dTpHCPortEntry SYNTAX Dot1dTpHCPortEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Statistics information for each high capacity port of a "Statistics information for each high capacity port of a
transparent bridge." transparent bridge."
INDEX { dot1dTpPort } INDEX { dot1dTpPort }
::= { dot1dTpHCPortTable 1 } ::= { dot1dTpHCPortTable 1 }
Dot1dTpHCPortEntry ::= Dot1dTpHCPortEntry :: SEQUENCE {
SEQUENCE {
dot1dTpHCPortInFrames dot1dTpHCPortInFrames
Counter64, Counter64,
dot1dTpHCPortOutFrames dot1dTpHCPortOutFrames
Counter64, Counter64,
dot1dTpHCPortInDiscards dot1dTpHCPortInDiscards
Counter64 Counter64
} }
dot1dTpHCPortInFrames OBJECT-TYPE dot1dTpHCPortInFrames OBJECT-TYPE
SYNTAX Counter64 SYNTAX Counter64
skipping to change at page 34, line 36 skipping to change at page 35, line 7
REFERENCE REFERENCE
"ISO/IEC 15802-3 Section 14.6.1.1.3" "ISO/IEC 15802-3 Section 14.6.1.1.3"
::= { dot1dTpHCPortEntry 3 } ::= { dot1dTpHCPortEntry 3 }
-- ---------------------------------------------------- -- ----------------------------------------------------
-- Upper part of High Capacity Port Table for Transparent Bridges -- Upper part of High Capacity Port Table for Transparent Bridges
-- ---------------------------------------------------- -- ----------------------------------------------------
dot1dTpPortOverflowTable OBJECT-TYPE dot1dTpPortOverflowTable OBJECT-TYPE
SYNTAX SEQUENCE OF Dot1dTpPortOverflowEntry SYNTAX SEQUENCE OF Dot1dTpPortOverflowEntry
MAX- MAX-ACCESS not-accessible
ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A table that contains the most-significant bits of "A table that contains the most-significant bits of
statistics counters for ports that are associated with this statistics counters for ports that are associated with this
transparent bridge that are on high capacity interfaces, as transparent bridge that are on high capacity interfaces, as
defined in the conformance clauses for this table. This table defined in the conformance clauses for this table. This table
is provided as a way to read 64-bit counters for agents which is provided as a way to read 64-bit counters for agents which
support only SNMPv1. support only SNMPv1.
Note that the reporting of most-significant and Note that the reporting of most-significant and
skipping to change at page 35, line 20 skipping to change at page 35, line 37
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The most significant bits of statistics counters for a high "The most significant bits of statistics counters for a high
capacity interface of a transparent bridge. Each object is capacity interface of a transparent bridge. Each object is
associated with a corresponding object in dot1dTpPortTable associated with a corresponding object in dot1dTpPortTable
which indicates the least significant bits of the counter." which indicates the least significant bits of the counter."
INDEX { dot1dTpPort } INDEX { dot1dTpPort }
::= { dot1dTpPortOverflowTable 1 } ::= { dot1dTpPortOverflowTable 1 }
Dot1dTpPortOverflowEntry ::= Dot1dTpPortOverflowEntry :: SEQUENCE {
SEQUENCE {
dot1dTpPortInOverflowFrames dot1dTpPortInOverflowFrames
Counter32, Counter32,
dot1dTpPortOutOverflowFrames dot1dTpPortOutOverflowFrames
Counter32, Counter32,
dot1dTpPortInOverflowDiscards dot1dTpPortInOverflowDiscards
Counter32 Counter32
} }
dot1dTpPortInOverflowFrames OBJECT-TYPE dot1dTpPortInOverflowFrames OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
skipping to change at page 38, line 31 skipping to change at page 38, line 46
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A collection of objects providing port level control "A collection of objects providing port level control
and status information for GARP operation." and status information for GARP operation."
::= { pBridgeGroups 8 } ::= { pBridgeGroups 8 }
pBridgePortGmrpGroup OBJECT-GROUP pBridgePortGmrpGroup OBJECT-GROUP
OBJECTS { OBJECTS {
dot1dPortGmrpStatus, dot1dPortGmrpStatus,
dot1dPortGmrpFailedRegistrations, dot1dPortGmrpFailedRegistrations,
dot1dPortGmrpLastPduOrigin, dot1dPortGmrpLastPduOrigin
dot1dPortRestrictedGroupRegistration
} }
STATUS current STATUS deprecated
DESCRIPTION DESCRIPTION
"A collection of objects providing port level control "A collection of objects providing port level control
and status information for GMRP operation." and status information for GMRP operation."
::= { pBridgeGroups 9 } ::= { pBridgeGroups 9 }
pBridgeHCPortGroup OBJECT-GROUP pBridgeHCPortGroup OBJECT-GROUP
OBJECTS { OBJECTS {
dot1dTpHCPortInFrames, dot1dTpHCPortInFrames,
dot1dTpHCPortOutFrames, dot1dTpHCPortOutFrames,
dot1dTpHCPortInDiscards dot1dTpHCPortInDiscards
skipping to change at page 39, line 17 skipping to change at page 39, line 32
dot1dTpPortInOverflowFrames, dot1dTpPortInOverflowFrames,
dot1dTpPortOutOverflowFrames, dot1dTpPortOutOverflowFrames,
dot1dTpPortInOverflowDiscards dot1dTpPortInOverflowDiscards
} }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A collection of objects providing overflow statistics "A collection of objects providing overflow statistics
counters for high capacity bridge ports." counters for high capacity bridge ports."
::= { pBridgeGroups 11 } ::= { pBridgeGroups 11 }
pBridgePortGmrpGroup2 OBJECT-GROUP
OBJECTS {
dot1dPortGmrpStatus,
dot1dPortGmrpFailedRegistrations,
dot1dPortGmrpLastPduOrigin,
dot1dPortRestrictedGroupRegistration
}
STATUS current
DESCRIPTION
"A collection of objects providing port level control
and status information for GMRP operation."
::= { pBridgeGroups 12 }
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- compliance statements -- compliance statements
-- ------------------------------------------------------------- -- -------------------------------------------------------------
pBridgeCompliance MODULE-COMPLIANCE pBridgeCompliance MODULE-COMPLIANCE
STATUS current STATUS deprecated
DESCRIPTION DESCRIPTION
"The compliance statement for device support of Priority "The compliance statement for device support of Priority
and Multicast Filtering extended bridging services." and Multicast Filtering extended bridging services."
MODULE MODULE
MANDATORY-GROUPS { pBridgeExtCapGroup } MANDATORY-GROUPS { pBridgeExtCapGroup }
GROUP pBridgeDeviceGmrpGroup GROUP pBridgeDeviceGmrpGroup
DESCRIPTION DESCRIPTION
"This group is mandatory for devices supporting the GMRP "This group is mandatory for devices supporting the GMRP
skipping to change at page 41, line 20 skipping to change at page 41, line 49
DESCRIPTION DESCRIPTION
"Write access is not required." "Write access is not required."
OBJECT dot1dRegenUserPriority OBJECT dot1dRegenUserPriority
MIN-ACCESS read-only MIN-ACCESS read-only
DESCRIPTION DESCRIPTION
"Write access is not required." "Write access is not required."
::= { pBridgeCompliances 1 } ::= { pBridgeCompliances 1 }
pBridgeCompliance2 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for device support of Priority
and Multicast Filtering extended bridging services."
MODULE
MANDATORY-GROUPS { pBridgeExtCapGroup }
GROUP pBridgeDeviceGmrpGroup
DESCRIPTION
"This group is mandatory for devices supporting the GMRP
application, defined by IEEE 802.1D Extended Filtering
Services."
GROUP pBridgeDevicePriorityGroup
DESCRIPTION
"This group is mandatory only for devices supporting
the priority forwarding operations defined by IEEE
802.1D."
GROUP pBridgeDefaultPriorityGroup
DESCRIPTION
"This group is mandatory only for devices supporting
the priority forwarding operations defined by the
extended bridge services with media types, such as
Ethernet, that do not support native User Priority."
GROUP pBridgeRegenPriorityGroup
DESCRIPTION
"This group is mandatory only for devices supporting
the priority forwarding operations defined by IEEE 802.1D
and which have interface media types that support
native User Priority e.g. IEEE 802.5."
GROUP pBridgePriorityGroup
DESCRIPTION
"This group is mandatory only for devices supporting
the priority forwarding operations defined by IEEE 802.1D."
GROUP pBridgeAccessPriorityGroup
DESCRIPTION
"This group is optional and is relevant only for devices
supporting the priority forwarding operations defined by
IEEE 802.1D and which have interface media types that
support native Access Priority e.g. IEEE 802.5."
GROUP pBridgePortGarpGroup
DESCRIPTION
"This group is mandatory for devices supporting any
of the GARP applications: e.g. GMRP, defined by the
extended filtering services of 802.1D; or GVRP,
defined by 802.1Q (refer to the Q-BRIDGE-MIB for
conformance statements for GVRP)."
GROUP pBridgePortGmrpGroup2
DESCRIPTION
"This group is mandatory for devices supporting the
GMRP application, as defined by IEEE 802.1D Extended
Filtering Services."
GROUP pBridgeHCPortGroup
DESCRIPTION
"Support for this group in a device is mandatory for those
bridge ports which map to network interfaces that have the
value of the corresponding instance of ifSpeed
greater than 650,000,000 bits/second."
GROUP pBridgePortOverflowGroup
DESCRIPTION
"Support for this group in a device is mandatory for those
bridge ports which map to network interfaces that have the
value of the corresponding instance of ifSpeed
greater than 650,000,000 bits/second."
OBJECT dot1dPortNumTrafficClasses
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT dot1dTrafficClass
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
OBJECT dot1dRegenUserPriority
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required."
::= { pBridgeCompliances 2 }
END END
5. Definitions for Virtual Bridge MIB 5. Definitions for Virtual Bridge MIB
Q-BRIDGE-MIB DEFINITIONS ::= BEGIN Q-BRIDGE-MIB DEFINITIONS ::= BEGIN
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- MIB for IEEE 802.1Q Devices -- MIB for IEEE 802.1Q Devices
-- ------------------------------------------------------------- -- -------------------------------------------------------------
skipping to change at page 42, line 4 skipping to change at page 44, line 31
MODULE-COMPLIANCE, OBJECT-GROUP MODULE-COMPLIANCE, OBJECT-GROUP
FROM SNMPv2-CONF FROM SNMPv2-CONF
dot1dBridge, dot1dBasePortEntry, dot1dBasePort dot1dBridge, dot1dBasePortEntry, dot1dBasePort
FROM BRIDGE-MIB FROM BRIDGE-MIB
EnabledStatus EnabledStatus
FROM P-BRIDGE-MIB FROM P-BRIDGE-MIB
TimeFilter TimeFilter
FROM RMON2-MIB; FROM RMON2-MIB;
qBridgeMIB MODULE-IDENTITY qBridgeMIB MODULE-IDENTITY
LAST-UPDATED "200209170000Z" LAST-UPDATED "200412130000Z"
ORGANIZATION "IETF Bridge MIB Working Group" ORGANIZATION "IETF Bridge MIB Working Group"
CONTACT-INFO CONTACT-INFO
"Email: Bridge-mib@ietf.org" "Email: Bridge-mib@ietf.org
ietfmibs@ops.ietf.org
Les Bell
Postal: 3Com Europe Ltd.
3Com Centre, Boundary Way
Hemel Hempstead, Herts. HP2 7YU
UK
Phone: +44 1442 438025
Email: elbell@ntlworld.com
Andrew Smith
Postal: Beijing Harbour Networks
Jiuling Building
21 North Xisanhuan Ave.
Beijing, 100089
PRC
Fax: +1 415 345 1827
Email: ah_smith@acm.org
Paul Langille
Postal: Newbridge Networks
5 Corporate Drive
Andover, MA 01810
USA
Phone: +1 978 691 4665
Email: langille@newbridge.com
Anil Rijhsinghani
Postal: Accton Technology Corporation
5 Mount Royal Ave
Marlboro, MA 01752
USA
Phone:
Email: anil@accton.com
Keith McCloghrie
Postal: Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
Phone: +1 408 526 5260
Email: kzm@cisco.com"
DESCRIPTION DESCRIPTION
"The VLAN Bridge MIB module for managing Virtual Bridged "The VLAN Bridge MIB module for managing Virtual Bridged
Local Area Networks, as defined by IEEE 802.1Q-2003, Local Area Networks, as defined by IEEE 802.1Q-2003,
including Restricted Vlan Registration defined by including Restricted Vlan Registration defined by
IEEE 802.1u-2001 and Vlan Classification defined by IEEE 802.1u-2001 and Vlan Classification defined by
IEEE 802.1v-2001." IEEE 802.1v-2001.
Copyright (C) The Internet Society (2005). This version of
this MIB module is part of RFC XXXX; See the RFC itself for
full legal notices."
-- RFC ed.: replace XXXX with actual RFC number and remove this note
-- revision history -- revision history
REVISION "200209170000Z" REVISION "200412130000Z"
DESCRIPTION DESCRIPTION
"Draft 1 (RFC 2674 update)." "Added Vlan TEXTUAL-CONVENTIONs,
dot1qPortRestrictedVlanRegistration, dot1vProtocol subtree,
qBridgeClassificationDeviceGroup, qBridgePortGroup2,
qBridgeClassificationPortGroup, and qBridgeCompliance2.
Clarified dot1qForwardAllStaticPorts,
qPortAcceptableFrameTypes, and qBridgeCompliance.
Deprecated qBridgePortGroup and qBridgeCompliance. "
REVISION "199908250000Z"
DESCRIPTION
"The VLAN Bridge MIB module for managing Virtual Bridged
Local Area Networks, as defined by IEEE 802.1Q-1998.
Initial version, published as RFC 2674."
::= { dot1dBridge 7 } ::= { dot1dBridge 7 }
qBridgeMIBObjects OBJECT IDENTIFIER ::= { qBridgeMIB 1 } qBridgeMIBObjects OBJECT IDENTIFIER ::= { qBridgeMIB 1 }
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- Textual Conventions -- Textual Conventions
-- ------------------------------------------------------------- -- -------------------------------------------------------------
PortList ::= TEXTUAL-CONVENTION PortList ::= TEXTUAL-CONVENTION
skipping to change at page 43, line 33 skipping to change at page 47, line 27
SYNTAX INTEGER (1..4094) SYNTAX INTEGER (1..4094)
VlanIdOrAny ::= TEXTUAL-CONVENTION VlanIdOrAny ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d" DISPLAY-HINT "d"
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The VLAN ID that uniquely identifies a specific VLAN, "The VLAN ID that uniquely identifies a specific VLAN,
or any VLAN. The special value of 4095 is used to or any VLAN. The special value of 4095 is used to
indicate a wildcard, i.e. any VLAN. This can be used indicate a wildcard, i.e. any VLAN. This can be used
in any situation where an object or table entry must in any situation where an object or table entry must
refer either to a specific VLAN or to any VLAN." refer either to a specific VLAN or to any VLAN.
Note that a MIB object that is defined using this
TEXTUAL-CONVENTION should clarify the meaning of
'any VLAN' (i.e., the special value 4095)."
SYNTAX Integer32 (1..4094 | 4095) SYNTAX Integer32 (1..4094 | 4095)
VlanIdOrNone ::= TEXTUAL-CONVENTION VlanIdOrNone ::= TEXTUAL-CONVENTION
DISPLAY-HINT "d" DISPLAY-HINT "d"
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The VLAN ID that uniquely identifies a specific VLAN, "The VLAN ID that uniquely identifies a specific VLAN,
or no VLAN. The special value of zero is used to or no VLAN. The special value of zero is used to
indicate that no VLAN ID is present or used. This can indicate that no VLAN ID is present or used. This can
be used in any situation where an object or a table entry be used in any situation where an object or a table entry
must refer either to a specific VLAN, or to no VLAN." must refer either to a specific VLAN, or to no VLAN.
Note that a MIB object that is defined using this
TEXTUAL-CONVENTION should clarify the meaning of
'no VLAN' (i.e., the special value 0)."
SYNTAX Integer32 (0 | 1..4094) SYNTAX Integer32 (0 | 1..4094)
VlanIdOrAnyOrNone ::= TEXTUAL-CONVE VlanIdOrAnyOrNone ::= TEXTUAL-CONVENTION
NTION
DISPLAY-HINT "d" DISPLAY-HINT "d"
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The VLAN ID that uniquely identifies a specific VLAN, "The VLAN ID that uniquely identifies a specific VLAN,
any VLAN, or no VLAN. The special values 0 and 4095 any VLAN, or no VLAN. The special values 0 and 4095
have the same meaning as described in the VlanIdOrAny have the same meaning as described in the VlanIdOrAny
and VlanIdOrNone TEXTUAL-CONVENTIONs." and VlanIdOrNone TEXTUAL-CONVENTIONs."
Note that a MIB object that is defined using this
TEXTUAL-CONVENTION should clarify the meaning of
'any VLAN' and 'no VLAN' (i.e., the special values
0 and 4095)."
SYNTAX Integer32 (0 | 1..4094 | 4095) SYNTAX Integer32 (0 | 1..4094 | 4095)
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- subtrees in the Q-BRIDGE MIB
-- ------------------------------------------------------------- -- -------------------------------------------------------------
dot1qBase OBJECT IDENTIFIER ::= { qBridgeMIBObjects 1 } dot1qBase OBJECT IDENTIFIER ::= { qBridgeMIBObjects 1 }
dot1qTp OBJECT IDENTIFIER ::= { qBridgeMIBObjects 2 } dot1qTp OBJECT IDENTIFIER ::= { qBridgeMIBObjects 2 }
dot1qStatic OBJECT IDENTIFIER ::= { qBridgeMIBObjects 3 } dot1qStatic OBJECT IDENTIFIER ::= { qBridgeMIBObjects 3 }
dot1qVlan OBJECT IDENTIFIER ::= { qBridgeMIBObjects 4 } dot1qVlan OBJECT IDENTIFIER ::= { qBridgeMIBObjects 4 }
dot1vProtocol OBJECT IDENTIFIER ::= { qBridgeMIBObjects 5 } dot1vProtocol OBJECT IDENTIFIER ::= { qBridgeMIBObjects 5 }
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- dot1qBase subtree
-- ------------------------------------------------------------- -- -------------------------------------------------------------
dot1qVlanVersionNumber OBJECT-TYPE dot1qVlanVersionNumber OBJECT-TYPE
SYNTAX INTEGER { SYNTAX INTEGER {
version1(1) version1(1)
} }
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The version number of IEEE 802.1Q that this device "The version number of IEEE 802.1Q that this device
skipping to change at page 45, line 43 skipping to change at page 50, line 4
not been specifically disabled. When disabled(2), GVRP not been specifically disabled. When disabled(2), GVRP
is disabled on all ports and all GVRP packets will be is disabled on all ports and all GVRP packets will be
forwarded transparently. This object affects all GVRP forwarded transparently. This object affects all GVRP
Applicant and Registrar state machines. A transition Applicant and Registrar state machines. A transition
from disabled(2) to enabled(1) will cause a reset of all from disabled(2) to enabled(1) will cause a reset of all
GVRP state machines on all ports." GVRP state machines on all ports."
DEFVAL { enabled } DEFVAL { enabled }
::= { dot1qBase 5 } ::= { dot1qBase 5 }
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- the dot1qTp subtree
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- the current Filtering Database Table -- the current Filtering Database Table
-- ------------------------------------------------------------- -- -------------------------------------------------------------
dot1qFdbTable OBJECT-TYPE dot1qFdbTable OBJECT-TYPE
SYNTAX SEQUENCE OF Dot1qFdbEntry SYNTAX SEQUENCE OF Dot1qFdbEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
skipping to change at page 46, line 26 skipping to change at page 50, line 33
dot1qFdbEntry OBJECT-TYPE dot1qFdbEntry OBJECT-TYPE
SYNTAX Dot1qFdbEntry SYNTAX Dot1qFdbEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Information about a specific Filtering Database." "Information about a specific Filtering Database."
INDEX { dot1qFdbId } INDEX { dot1qFdbId }
::= { dot1qFdbTable 1 } ::= { dot1qFdbTable 1 }
Dot1qFdbEntry ::= Dot1qFdbEntry :: SEQUENCE {
SEQUENCE {
dot1qFdbId dot1qFdbId
Unsigned32, Unsigned32,
dot1qFdbDynamicCount dot1qFdbDynamicCount
Counter32 Counter32
} }
dot1qFdbId OBJECT-TYPE dot1qFdbId OBJECT-TYPE
SYNTAX Unsigned32 SYNTAX Unsigned32
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
skipping to change at page 47, line 38 skipping to change at page 51, line 45
SYNTAX Dot1qTpFdbEntry SYNTAX Dot1qTpFdbEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Information about a specific unicast MAC address for "Information about a specific unicast MAC address for
which the device has some forwarding and/or filtering which the device has some forwarding and/or filtering
information." information."
INDEX { dot1qFdbId, dot1qTpFdbAddress } INDEX { dot1qFdbId, dot1qTpFdbAddress }
::= { dot1qTpFdbTable 1 } ::= { dot1qTpFdbTable 1 }
Dot1qTpFdbEntry ::= Dot1qTpFdbEntry :: SEQUENCE {
SEQUENCE {
dot1qTpFdbAddress dot1qTpFdbAddress
MacAddress, MacAddress,
dot1qTpFdbPort dot1qTpFdbPort
INTEGER, INTEGER,
dot1qTpFdbStatus dot1qTpFdbStatus
INTEGER INTEGER
} }
dot1qTpFdbAddress OBJECT-TYPE dot1qTpFdbAddress OBJECT-TYPE
SYNTAX MacAddress SYNTAX MacAddress
skipping to change at page 49, line 49 skipping to change at page 54, line 10
DESCRIPTION DESCRIPTION
"Filtering information configured into the bridge by "Filtering information configured into the bridge by
management, or learnt dynamically, specifying the set of management, or learnt dynamically, specifying the set of
ports to which frames received on a VLAN and containing ports to which frames received on a VLAN and containing
a specific Group destination address, are allowed to be a specific Group destination address, are allowed to be
forwarded. The subset of these ports learnt dynamically forwarded. The subset of these ports learnt dynamically
is also provided." is also provided."
INDEX { dot1qVlanIndex, dot1qTpGroupAddress } INDEX { dot1qVlanIndex, dot1qTpGroupAddress }
::= { dot1qTpGroupTable 1 } ::= { dot1qTpGroupTable 1 }
Dot1qTpGroupEntry ::= Dot1qTpGroupEntry :: SEQUENCE {
SEQUENCE {
dot1qTpGroupAddress dot1qTpGroupAddress
MacAddress, MacAddress,
dot1qTpGroupEgressPorts dot1qTpGroupEgressPorts
PortList, PortList,
dot1qTpGroupLearnt dot1qTpGroupLearnt
PortList PortList
} }
dot1qTpGroupAddress OBJECT-TYPE dot1qTpGroupAddress OBJECT-TYPE
SYNTAX MacAddress SYNTAX MacAddress
skipping to change at page 50, line 45 skipping to change at page 55, line 6
SYNTAX PortList SYNTAX PortList
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The subset of ports in dot1qTpGroupEgressPorts which "The subset of ports in dot1qTpGroupEgressPorts which
were learnt by GMRP or some other dynamic mechanism, in were learnt by GMRP or some other dynamic mechanism, in
this Filtering database." this Filtering database."
::= { dot1qTpGroupEntry 3 } ::= { dot1qTpGroupEntry 3 }
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- Service Requirements subtree
-- ------------------------------------------------------------- -- -------------------------------------------------------------
dot1qForwardAllTable OBJECT-TYPE dot1qForwardAllTable OBJECT-TYPE
SYNTAX SEQUENCE OF Dot1qForwardAllEntry SYNTAX SEQUENCE OF Dot1qForwardAllEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A table containing forwarding information for each "A table containing forwarding information for each
VLAN, specifying the set of ports to which forwarding of VLAN, specifying the set of ports to which forwarding of
all multicasts applies, configured statically by all multicasts applies, configured statically by
skipping to change at page 51, line 29 skipping to change at page 55, line 36
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Forwarding information for a VLAN, specifying the set "Forwarding information for a VLAN, specifying the set
of ports to which all multicasts should be forwarded, of ports to which all multicasts should be forwarded,
configured statically by management or dynamically by configured statically by management or dynamically by
GMRP." GMRP."
INDEX { dot1qVlanIndex } INDEX { dot1qVlanIndex }
::= { dot1qForwardAllTable 1 } ::= { dot1qForwardAllTable 1 }
Dot1qForwardAllEntry ::= Dot1qForwardAllEntry :: SEQUENCE {
SEQUENCE {
dot1qForwardAllPorts dot1qForwardAllPorts
PortList, PortList,
dot1qForwardAllStaticPorts dot1qForwardAllStaticPorts
PortList, PortList,
dot1qForwardAllForbiddenPorts dot1qForwardAllForbiddenPorts
PortList PortList
} }
dot1qForwardAllPorts OBJECT-TYPE dot1qForwardAllPorts OBJECT-TYPE
SYNTAX PortList SYNTAX PortList
skipping to change at page 52, line 20 skipping to change at page 56, line 26
"The set of ports configured by management in this VLAN "The set of ports configured by management in this VLAN
to which all multicast group-addressed frames are to be to which all multicast group-addressed frames are to be
forwarded. Ports entered in this list will also appear forwarded. Ports entered in this list will also appear
in the complete set shown by dot1qForwardAllPorts. This in the complete set shown by dot1qForwardAllPorts. This
value will be restored after the device is reset. This value will be restored after the device is reset. This
only applies to ports that are members of the VLAN, only applies to ports that are members of the VLAN,
defined by dot1qVlanCurrentEgressPorts. A port may not defined by dot1qVlanCurrentEgressPorts. A port may not
be added in this set if it is already a member of the be added in this set if it is already a member of the
set of ports in dot1qForwardAllForbiddenPorts. The set of ports in dot1qForwardAllForbiddenPorts. The
default value is a string of ones of appropriate length, default value is a string of ones of appropriate length,
to indicate standard non-EFS behaviour, i.e. forward to indicate the standard behaviour of using basic
all multicasts to all ports." filtering services, i.e. forward all multicasts to all
ports."
::= { dot1qForwardAllEntry 2 } ::= { dot1qForwardAllEntry 2 }
dot1qForwardAllForbiddenPorts OBJECT-TYPE dot1qForwardAllForbiddenPorts OBJECT-TYPE
SYNTAX PortList SYNTAX PortList
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The set of ports configured by management in this VLAN "The set of ports configured by management in this VLAN
for which the Service Requirement attribute Forward All for which the Service Requirement attribute Forward All
Multicast Groups may not be dynamically registered by Multicast Groups may not be dynamically registered by
GMRP. This value will be restored after the device is GMRP. This value will be restored after the device is
reset. A port may not be added in this set if it is reset. A port may not be added in this set if it is
already a member of the set of ports in already a member of the set of ports in
dot1qForwardAllStaticPorts. The default value is a dot1qForwardAllStaticPorts. The default value is a
string of zeros of appropriate length." string of zeros of appropriate length."
::= { dot1qForwardAllEntry 3 } ::= { dot1qForwardAllEntry 3 }
dot1qForwardUnregisteredTable OBJECT-TYPE dot1qForwardUnregisteredTable OBJECT-TYPE
SYNTAX SEQUENCE OF Dot1qForwardUnregistered SYNTAX SEQUENCE OF Dot1qForwardUnregisteredEntry
Entry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A table containing forwarding information for each "A table containing forwarding information for each
VLAN, specifying the set of ports to which forwarding of VLAN, specifying the set of ports to which forwarding of
multicast group-addressed frames for which there is no multicast group-addressed frames for which there is no
more specific forwarding information applies. This is more specific forwarding information applies. This is
configured statically by management and determined configured statically by management and determined
dynamically by GMRP. An entry appears in this table for dynamically by GMRP. An entry appears in this table for
all VLANs that are currently instantiated." all VLANs that are currently instantiated."
skipping to change at page 53, line 21 skipping to change at page 57, line 29
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Forwarding information for a VLAN, specifying the set "Forwarding information for a VLAN, specifying the set
of ports to which all multicasts for which there is no of ports to which all multicasts for which there is no
more specific forwarding information shall be forwarded. more specific forwarding information shall be forwarded.
This is configured statically by management or This is configured statically by management or
dynamically by GMRP." dynamically by GMRP."
INDEX { dot1qVlanIndex } INDEX { dot1qVlanIndex }
::= { dot1qForwardUnregisteredTable 1 } ::= { dot1qForwardUnregisteredTable 1 }
Dot1qForwardUnregisteredEntry ::= Dot1qForwardUnregisteredEntry :: SEQUENCE {
SEQUENCE {
dot1qForwardUnregisteredPorts dot1qForwardUnregisteredPorts
PortList, PortList,
dot1qForwardUnregisteredStaticPorts dot1qForwardUnregisteredStaticPorts
PortList, PortList,
dot1qForwardUnregisteredForbiddenPorts dot1qForwardUnregisteredForbiddenPorts
PortList PortList
} }
dot1qForwardUnregisteredPorts OBJECT-TYPE dot1qForwardUnregisteredPorts OBJECT-TYPE
SYNTAX PortList SYNTAX PortList
skipping to change at page 55, line 29 skipping to change at page 59, line 37
ports to which frames received from a specific port and ports to which frames received from a specific port and
containing a specific unicast destination address are containing a specific unicast destination address are
allowed to be forwarded." allowed to be forwarded."
INDEX { INDEX {
dot1qFdbId, dot1qFdbId,
dot1qStaticUnicastAddress, dot1qStaticUnicastAddress,
dot1qStaticUnicastReceivePort dot1qStaticUnicastReceivePort
} }
::= { dot1qStaticUnicastTable 1 } ::= { dot1qStaticUnicastTable 1 }
Dot1qStaticUnicastEntry ::= Dot1qStaticUnicastEntry :: SEQUENCE {
SEQUENCE {
dot1qStaticUnicastAddress dot1qStaticUnicastAddress
MacAddress, MacAddress,
dot1qStaticUnicastReceivePort dot1qStaticUnicastReceivePort
INTEGER, INTEGER,
dot1qStaticUnicastAllowedToGoTo dot1qStaticUnicastAllowedToGoTo
PortList, PortList,
dot1qStaticUnicastStatus dot1qStaticUnicastStatus
INTEGER INTEGER
} }
skipping to change at page 56, line 40 skipping to change at page 60, line 48
applies to ports that are members of the VLAN, defined applies to ports that are members of the VLAN, defined
by dot1qVlanCurrentEgressPorts. The default value of by dot1qVlanCurrentEgressPorts. The default value of
this object is a string of ones of appropriate length." this object is a string of ones of appropriate length."
REFERENCE REFERENCE
"IEEE 802.1Q/D11 Table 8-5, ISO/IEC 15802-3 Table 7-5" "IEEE 802.1Q/D11 Table 8-5, ISO/IEC 15802-3 Table 7-5"
::= { dot1qStaticUnicastEntry 3 } ::= { dot1qStaticUnicastEntry 3 }
dot1qStaticUnicastStatus OBJECT-TYPE dot1qStaticUnicastStatus OBJECT-TYPE
SYNTAX INTEGER { SYNTAX INTEGER {
other(1), other(1),
invalid(2 invalid(2),
),
permanent(3), permanent(3),
deleteOnReset(4), deleteOnReset(4),
deleteOnTimeout(5) deleteOnTimeout(5)
} }
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"This object indicates the status of this entry. "This object indicates the status of this entry.
other(1) - this entry is currently in use but other(1) - this entry is currently in use but
the conditions under which it will remain the conditions under which it will remain
skipping to change at page 58, line 11 skipping to change at page 62, line 20
ports to which frames received from this specific port ports to which frames received from this specific port
for this VLAN and containing this Multicast or Broadcast for this VLAN and containing this Multicast or Broadcast
destination address are allowed to be forwarded." destination address are allowed to be forwarded."
INDEX { INDEX {
dot1qVlanIndex, dot1qVlanIndex,
dot1qStaticMulticastAddress, dot1qStaticMulticastAddress,
dot1qStaticMulticastReceivePort dot1qStaticMulticastReceivePort
} }
::= { dot1qStaticMulticastTable 1 } ::= { dot1qStaticMulticastTable 1 }
Dot1qStaticMulticastEntry ::= Dot1qStaticMulticastEntry :: SEQUENCE {
SEQUENCE {
dot1qStaticMulticastAddress dot1qStaticMulticastAddress
MacAddress, MacAddress,
dot1qStaticMulticastReceivePort dot1qStaticMulticastReceivePort
INTEGER, INTEGER,
dot1qStaticMulticastStaticEgressPorts dot1qStaticMulticastStaticEgressPorts
PortList, PortList,
dot1qStaticMulticastForbiddenEgressPorts dot1qStaticMulticastForbiddenEgressPorts
PortList, PortList,
dot1qStaticMulticastStatus dot1qStaticMulticastStatus
INTEGER INTEGER
skipping to change at page 60, line 40 skipping to change at page 64, line 49
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A table containing current configuration information "A table containing current configuration information
for each VLAN currently configured into the device by for each VLAN currently configured into the device by
(local or network) management, or dynamically created (local or network) management, or dynamically created
as a result of GVRP requests received." as a result of GVRP requests received."
::= { dot1qVlan 2 } ::= { dot1qVlan 2 }
dot1qVlanCurrentEntry OBJECT-TYPE dot1qVlanCurrentEntry OBJECT-TYPE
SYNTAX Dot1qV SYNTAX Dot1qVlanCurrentEntry
lanCurrentEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Information for a VLAN configured into the device by "Information for a VLAN configured into the device by
(local or network) management, or dynamically created (local or network) management, or dynamically created
as a result of GVRP requests received." as a result of GVRP requests received."
INDEX { dot1qVlanTimeMark, dot1qVlanIndex } INDEX { dot1qVlanTimeMark, dot1qVlanIndex }
::= { dot1qVlanCurrentTable 1 } ::= { dot1qVlanCurrentTable 1 }
Dot1qVlanCurrentEntry ::= Dot1qVlanCurrentEntry :: SEQUENCE {
SEQUENCE {
dot1qVlanTimeMark dot1qVlanTimeMark
TimeFilter, TimeFilter,
dot1qVlanIndex dot1qVlanIndex
VlanIndex, VlanIndex,
dot1qVlanFdbId dot1qVlanFdbId
Unsigned32, Unsigned32,
dot1qVlanCurrentEgressPorts dot1qVlanCurrentEgressPorts
PortList, PortList,
dot1qVlanCurrentUntaggedPorts dot1qVlanCurrentUntaggedPorts
PortList, PortList,
skipping to change at page 63, line 41 skipping to change at page 68, line 5
dot1qVlanStaticEntry OBJECT-TYPE dot1qVlanStaticEntry OBJECT-TYPE
SYNTAX Dot1qVlanStaticEntry SYNTAX Dot1qVlanStaticEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Static information for a VLAN configured into the "Static information for a VLAN configured into the
device by (local or network) management." device by (local or network) management."
INDEX { dot1qVlanIndex } INDEX { dot1qVlanIndex }
::= { dot1qVlanStaticTable 1 } ::= { dot1qVlanStaticTable 1 }
Dot1qVlanStaticEntry ::= Dot1qVlanStaticEntry :: SEQUENCE {
SEQUENCE {
dot1qVlanStaticName dot1qVlanStaticName
SnmpAdminString, SnmpAdminString,
dot1qVlanStaticEgressPorts dot1qVlanStaticEgressPorts
PortList, PortList,
dot1qVlanForbiddenEgressPorts dot1qVlanForbiddenEgressPorts
PortList, PortList,
dot1qVlanStaticUntaggedPorts dot1qVlanStaticUntaggedPorts
PortList, PortList,
dot1qVlanStaticRowStatus dot1qVlanStaticRowStatus
RowStatus RowStatus
skipping to change at page 66, line 37 skipping to change at page 70, line 46
dot1qPortVlanEntry OBJECT-TYPE dot1qPortVlanEntry OBJECT-TYPE
SYNTAX Dot1qPortVlanEntry SYNTAX Dot1qPortVlanEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Information controlling VLAN configuration for a port "Information controlling VLAN configuration for a port
on the device. This is indexed by dot1dBasePort." on the device. This is indexed by dot1dBasePort."
AUGMENTS { dot1dBasePortEntry } AUGMENTS { dot1dBasePortEntry }
::= { dot1qPortVlanTable 1 } ::= { dot1qPortVlanTable 1 }
Dot1qPortVlanEntry ::= Dot1qPortVlanEntry :: SEQUENCE {
SEQUENCE {
dot1qPvid dot1qPvid
VlanIndex, VlanIndex,
dot1qPortAcceptableFrameTypes dot1qPortAcceptableFrameTypes
INTEGER, INTEGER,
dot1qPortIngressFiltering dot1qPortIngressFiltering
TruthValue, TruthValue,
dot1qPortGvrpStatus dot1qPortGvrpStatus
EnabledStatus, EnabledStatus,
dot1qPortGvrpFailedRegistrations dot1qPortGvrpFailedRegistrations
Counter32, Counter32,
skipping to change at page 67, line 33 skipping to change at page 71, line 42
admitAll(1), admitAll(1),
admitOnlyVlanTagged(2) admitOnlyVlanTagged(2)
} }
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"When this is admitOnlyVlanTagged(2) the device will "When this is admitOnlyVlanTagged(2) the device will
discard untagged frames or Priority-Tagged frames discard untagged frames or Priority-Tagged frames
received on this port. When admitAll(1), untagged received on this port. When admitAll(1), untagged
frames or Priority-Tagged frames received on this port frames or Priority-Tagged frames received on this port
will be accepted and assigned to the PVID for this port. will be accepted and assigned to a VID based on the
PVID and VID Set for this port.
This control does not affect VLAN independent BPDU This control does not affect VLAN independent BPDU
frames, such as GVRP and STP. It does affect VLAN frames, such as GVRP and STP. It does affect VLAN
dependent BPDU frames, such as GMRP." dependent BPDU frames, such as GMRP."
REFERENCE REFERENCE
"IEEE 802.1Q/D11 Section 12.10.1.3" "IEEE 802.1Q/D11 Section 12.10.1.3"
DEFVAL { admitAll } DEFVAL { admitAll }
::= { dot1qPortVlanEntry 2 } ::= { dot1qPortVlanEntry 2 }
dot1qPortIngressFiltering OBJECT-TYPE dot1qPortIngressFiltering OBJECT-TYPE
skipping to change at page 70, line 11 skipping to change at page 74, line 22
dot1qPortVlanStatisticsEntry OBJECT-TYPE dot1qPortVlanStatisticsEntry OBJECT-TYPE
SYNTAX Dot1qPortVlanStatisticsEntry SYNTAX Dot1qPortVlanStatisticsEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Traffic statistics for a VLAN on an interface." "Traffic statistics for a VLAN on an interface."
INDEX { dot1dBasePort, dot1qVlanIndex } INDEX { dot1dBasePort, dot1qVlanIndex }
::= { dot1qPortVlanStatisticsTable 1 } ::= { dot1qPortVlanStatisticsTable 1 }
Dot1qPortVlanStatisticsEntry ::= Dot1qPortVlanStatisticsEntry :: SEQUENCE {
SEQUENCE {
dot1qTpVlanPortInFrames dot1qTpVlanPortInFrames
Counter32, Counter32,
dot1qTpVlanPortOutFrames dot1qTpVlanPortOutFrames
Counter32, Counter32,
dot1qTpVlanPortInDiscards dot1qTpVlanPortInDiscards
Counter32, Counter32,
dot1qTpVlanPortInOverflowFrames dot1qTpVlanPortInOverflowFrames
Counter32, Counter32,
dot1qTpVlanPortOutOverflowFrames dot1qTpVlanPortOutOverflowFrames
Counter32, Counter32,
skipping to change at page 72, line 32 skipping to change at page 76, line 42
dot1qPortVlanHCStatisticsEntry OBJECT-TYPE dot1qPortVlanHCStatisticsEntry OBJECT-TYPE
SYNTAX Dot1qPortVlanHCStatisticsEntry SYNTAX Dot1qPortVlanHCStatisticsEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"Traffic statistics for a VLAN on a high capacity "Traffic statistics for a VLAN on a high capacity
interface." interface."
INDEX { dot1dBasePort, dot1qVlanIndex } INDEX { dot1dBasePort, dot1qVlanIndex }
::= { dot1qPortVlanHCStatisticsTable 1 } ::= { dot1qPortVlanHCStatisticsTable 1 }
Dot1qPortVlanHCStatisticsEntry ::= Dot1qPortVlanHCStatisticsEntry :: SEQUENCE {
SEQUENCE {
dot1qTpVlanPortHCInFrames dot1qTpVlanPortHCInFrames
Counter64, Counter64,
dot1qTpVlanPortHCOutFrames dot1qTpVlanPortHCOutFrames
Counter64, Counter64,
dot1qTpVlanPortHCInDiscards dot1qTpVlanPortHCInDiscards
Counter64 Counter64
} }
dot1qTpVlanPortHCInFrames OBJECT-TYPE dot1qTpVlanPortHCInFrames OBJECT-TYPE
SYNTAX Counter64 SYNTAX Counter64
skipping to change at page 73, line 43 skipping to change at page 78, line 7
its segment which were classified as belonging to this its segment which were classified as belonging to this
VLAN which were discarded due to VLAN related reasons. VLAN which were discarded due to VLAN related reasons.
Specifically, the IEEE 802.1Q counters for Discard Specifically, the IEEE 802.1Q counters for Discard
Inbound and Discard on Ingress Filtering." Inbound and Discard on Ingress Filtering."
REFERENCE REFERENCE
"IEEE 802.1Q/D11 Section 12.6.1.1.3" "IEEE 802.1Q/D11 Section 12.6.1.1.3"
::= { dot1qPortVlanHCStatisticsEntry 3 } ::= { dot1qPortVlanHCStatisticsEntry 3 }
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- The VLAN Learning Constraints Table -- The VLAN Learning Constraints Table
-- -------------------------------------------------------------
dot1qLearningConstraintsTable OBJECT-TYPE dot1qLearningConstraintsTable OBJECT-TYPE
SYNTAX SEQUENCE OF Dot1qLearningConstraintsEntry SYNTAX SEQUENCE OF Dot1qLearningConstraintsEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A table containing learning constraints for sets of "A table containing learning constraints for sets of
Shared and Independent VLANs." Shared and Independent VLANs."
REFERENCE REFERENCE
"IEEE 802.1Q/D11 Section 12.10.3.1" "IEEE 802.1Q/D11 Section 12.10.3.1"
skipping to change at page 74, line 19 skipping to change at page 78, line 29
dot1qLearningConstraintsEntry OBJECT-TYPE dot1qLearningConstraintsEntry OBJECT-TYPE
SYNTAX Dot1qLearningConstraintsEntry SYNTAX Dot1qLearningConstraintsEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A learning constraint defined for a VLAN." "A learning constraint defined for a VLAN."
INDEX { dot1qConstraintVlan, dot1qConstraintSet } INDEX { dot1qConstraintVlan, dot1qConstraintSet }
::= { dot1qLearningConstraintsTable 1 } ::= { dot1qLearningConstraintsTable 1 }
Dot1qLearningConstraintsEntry ::= Dot1qLearningConstraintsEntry :: SEQUENCE {
SEQUENCE {
dot1qConstraintVlan dot1qConstraintVlan
VlanIndex, VlanIndex,
dot1qConstraintSet dot1qConstraintSet
INTEGER, INTEGER,
dot1qConstraintType dot1qConstraintType
INTEGER, INTEGER,
dot1qConstraintStatus dot1qConstraintStatus
RowStatus RowStatus
} }
skipping to change at page 76, line 9 skipping to change at page 80, line 18
MAX-ACCESS read-write MAX-ACCESS read-write
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The type of constraint set to which a VLAN belongs, if "The type of constraint set to which a VLAN belongs, if
there is not an explicit entry for that VLAN in there is not an explicit entry for that VLAN in
dot1qLearningConstraintsTable. The types are as defined dot1qLearningConstraintsTable. The types are as defined
for dot1qConstraintType." for dot1qConstraintType."
::= { dot1qVlan 10 } ::= { dot1qVlan 10 }
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- dot1vProtocol subtree
-- ------------------------------------------------------------- -- -------------------------------------------------------------
dot1vProtocolGroupTable OBJECT-TYPE dot1vProtocolGroupTable OBJECT-TYPE
SYNTAX SEQUENCE OF Dot1vProtocolGroupEntry SYNTAX SEQUENCE OF Dot1vProtocolGroupEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A table that contains mappings from Protocol "A table that contains mappings from Protocol
Templates to Protocol Group Identifiers used for Templates to Protocol Group Identifiers used for
Port-and-Protocol-based VLAN Classification." Port-and-Protocol-based VLAN Classification."
skipping to change at page 76, line 35 skipping to change at page 80, line 44
SYNTAX Dot1vProtocolGroupEntry SYNTAX Dot1vProtocolGroupEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A mapping from a Protocol Template to a Protocol "A mapping from a Protocol Template to a Protocol
Group Identifier." Group Identifier."
INDEX { dot1vProtocolTemplateFrameType, INDEX { dot1vProtocolTemplateFrameType,
dot1vProtocolTemplateProtocolValue } dot1vProtocolTemplateProtocolValue }
::= { dot1vProtocolGroupTable 1 } ::= { dot1vProtocolGroupTable 1 }
Dot1vProtocolGroupEntry ::= Dot1vProtocolGroupEntry :: SEQUENCE {
SEQUENCE {
dot1vProtocolTemplateFrameType dot1vProtocolTemplateFrameType
INTEGER, INTEGER,
dot1vProtocolTemplateProtocolValue dot1vProtocolTemplateProtocolValue
OCTET STRING, OCTET STRING,
dot1vProtocolGroupId dot1vProtocolGroupId
INTEGER, INTEGER,
dot1vProtocolGroupRowStatus dot1vProtocolGroupRowStatus
RowStatus RowStatus
} }
skipping to change at page 78, line 34 skipping to change at page 82, line 42
dot1vProtocolPortEntry OBJECT-TYPE dot1vProtocolPortEntry OBJECT-TYPE
SYNTAX Dot1vProtocolPortEntry SYNTAX Dot1vProtocolPortEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A VID set for a port." "A VID set for a port."
INDEX { dot1dBasePort, INDEX { dot1dBasePort,
dot1vProtocolPortGroupId } dot1vProtocolPortGroupId }
::= { dot1vProtocolPortTable 1 } ::= { dot1vProtocolPortTable 1 }
Dot1vProtocolPortEntry ::= Dot1vProtocolPortEntry :: SEQUENCE {
SEQUENCE {
dot1vProtocolPortGroupId dot1vProtocolPortGroupId
INTEGER, INTEGER,
dot1vProtocolPortGroupVid dot1vProtocolPortGroupVid
INTEGER, INTEGER,
dot1vProtocolPortRowStatus dot1vProtocolPortRowStatus
RowStatus RowStatus
} }
dot1vProtocolPortGroupId OBJECT-TYPE dot1vProtocolPortGroupId OBJECT-TYPE
SYNTAX INTEGER (1..2147483647) SYNTAX INTEGER (1..2147483647)
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
skipping to change at page 80, line 10 skipping to change at page 84, line 20
dot1qNumVlans, dot1qNumVlans,
dot1qGvrpStatus dot1qGvrpStatus
} }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A collection of objects providing device level control "A collection of objects providing device level control
and status information for the Virtual LAN bridge and status information for the Virtual LAN bridge
services." services."
::= { qBridgeGroups 1 } ::= { qBridgeGroups 1 }
qBridgeFdbUnicastGroup OBJECT-GROUP qBridgeFdbUnicastsubtree OBJECT-GROUP
OBJECTS { OBJECTS {
dot1qFdbDynamicCount, dot1qFdbDynamicCount,
dot1qTpFdbPort, dot1qTpFdbPort,
dot1qTpFdbStatus dot1qTpFdbStatus
} }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A collection of objects providing information about all "A collection of objects providing information about all
unicast addresses, learnt dynamically or statically unicast addresses, learnt dynamically or statically
configured by management, in each Filtering Database." configured by management, in each Filtering Database."
skipping to change at page 82, line 10 skipping to change at page 86, line 20
VLANs statically configured by management." VLANs statically configured by management."
::= { qBridgeGroups 7 } ::= { qBridgeGroups 7 }
qBridgePortGroup OBJECT-GROUP qBridgePortGroup OBJECT-GROUP
OBJECTS { OBJECTS {
dot1qPvid, dot1qPvid,
dot1qPortAcceptableFrameTypes, dot1qPortAcceptableFrameTypes,
dot1qPortIngressFiltering, dot1qPortIngressFiltering,
dot1qPortGvrpStatus, dot1qPortGvrpStatus,
dot1qPortGvrpFailedRegistrations, dot1qPortGvrpFailedRegistrations,
dot1qPortGvrpLastPduOrigin, dot1qPortGvrpLastPduOrigin
dot1qPortRestrictedVlanRegistration
} }
STATUS current STATUS deprecated
DESCRIPTION DESCRIPTION
"A collection of objects providing port level VLAN "A collection of objects providing port level VLAN
control and status information for all ports." control and status information for all ports."
::= { qBridgeGroups 8 } ::= { qBridgeGroups 8 }
qBridgeVlanStatisticsGroup OBJECT-GROUP qBridgeVlanStatisticsGroup OBJECT-GROUP
OBJECTS { OBJECTS {
dot1qTpVlanPortInFrames, dot1qTpVlanPortInFrames,
dot1qTpVlanPortOutFrames, dot1qTpVlanPortOutFrames,
dot1qTpVlanPortInDiscards dot1qTpVlanPortInDiscards
skipping to change at page 83, line 35 skipping to change at page 87, line 44
::= { qBridgeGroups 12 } ::= { qBridgeGroups 12 }
qBridgeLearningConstraintDefaultGroup OBJECT-GROUP qBridgeLearningConstraintDefaultGroup OBJECT-GROUP
OBJECTS { OBJECTS {
dot1qConstraintSetDefault, dot1qConstraintSetDefault,
dot1qConstraintTypeDefault dot1qConstraintTypeDefault
} }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"A collection of objects defining the default Filtering "A collection of objects defining the default Filtering
Database constraints for VLANs which Database constraints for VLANs which have no specific
have no specific
constraints defined." constraints defined."
::= { qBridgeGroups 13 } ::= { qBridgeGroups 13 }
qBridgeClassificationDeviceGroup OBJECT-GROUP qBridgeClassificationDeviceGroup OBJECT-GROUP
OBJECTS { OBJECTS {
dot1vProtocolGroupId, dot1vProtocolGroupId,
dot1vProtocolGroupRowStatus dot1vProtocolGroupRowStatus
} }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
skipping to change at page 84, line 13 skipping to change at page 88, line 22
qBridgeClassificationPortGroup OBJECT-GROUP qBridgeClassificationPortGroup OBJECT-GROUP
OBJECTS { OBJECTS {
dot1vProtocolPortGroupVid, dot1vProtocolPortGroupVid,
dot1vProtocolPortRowStatus dot1vProtocolPortRowStatus
} }
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"VLAN classification information for individual ports." "VLAN classification information for individual ports."
::= { qBridgeGroups 15 } ::= { qBridgeGroups 15 }
qBridgePortGroup2 OBJECT-GROUP
OBJECTS {
dot1qPvid,
dot1qPortAcceptableFrameTypes,
dot1qPortIngressFiltering,
dot1qPortGvrpStatus,
dot1qPortGvrpFailedRegistrations,
dot1qPortGvrpLastPduOrigin,
dot1qPortRestrictedVlanRegistration
}
STATUS current
DESCRIPTION
"A collection of objects providing port level VLAN
control and status information for all ports."
::= { qBridgeGroups 16 }
-- ------------------------------------------------------------- -- -------------------------------------------------------------
-- compliance statements -- compliance statements
-- ------------------------------------------------------------- -- -------------------------------------------------------------
qBridgeCompliance MODULE-COMPLIANCE qBridgeCompliance MODULE-COMPLIANCE
STATUS current STATUS deprecated
DESCRIPTION DESCRIPTION
"The compliance statement for device support of Virtual "The compliance statement for device support of Virtual
LAN Bridge services." LAN Bridge services."
MODULE MODULE
MANDATORY-GROUPS { MANDATORY-GROUPS {
qBridgeBaseGroup, qBridgeBaseGroup,
qBridgeVlanGroup, qBridgeVlanGroup,
qBridgeVlanStaticGroup, qBridgeVlanStaticGroup,
qBridgePortGroup qBridgePortGroup
skipping to change at page 85, line 38 skipping to change at page 90, line 17
VLAN Learning (SVL) modes of operation of the VLAN Learning (SVL) modes of operation of the
filtering database, as defined by IEEE 802.1Q." filtering database, as defined by IEEE 802.1Q."
GROUP qBridgeLearningConstraintDefaultGroup GROUP qBridgeLearningConstraintDefaultGroup
DESCRIPTION DESCRIPTION
"This group is mandatory for devices implementing "This group is mandatory for devices implementing
both Independent VLAN Learning (IVL) and Shared both Independent VLAN Learning (IVL) and Shared
VLAN Learning (SVL) modes of operation of the VLAN Learning (SVL) modes of operation of the
filtering database, as defined by IEEE 802.1Q." filtering database, as defined by IEEE 802.1Q."
OBJECT dot1qPortAcceptableFrameTypes
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required as this is an optional
capability in IEEE 802.1Q."
OBJECT dot1qPortIngressFiltering
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required as this is an optional
capability in IEEE 802.1Q."
OBJECT dot1qConstraintSetDefault
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required as this is an optional
capability in IEEE 802.1Q."
OBJECT dot1qConstraintTypeDefault
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required as this is an optional
capability in IEEE 802.1Q."
::= { qBridgeCompliances 1 }
qBridgeCompliance2 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for device support of Virtual
LAN Bridge services."
MODULE
MANDATORY-GROUPS {
qBridgeBaseGroup,
qBridgeVlanGroup,
qBridgeVlanStaticGroup,
qBridgePortGroup
}
GROUP qBridgeFdbUnicastGroup
DESCRIPTION
"This group is mandatory for bridges that implement
802.1Q transparent bridging."
GROUP qBridgeFdbMulticastGroup
DESCRIPTION
"This group is mandatory for bridges that implement
802.1Q transparent bridging."
GROUP qBridgeServiceRequirementsGroup
DESCRIPTION
"This group is mandatory for bridges that implement
extended filtering services. All objects must be
read-write if extended-filtering services are
enabled."
GROUP qBridgeFdbStaticGroup
DESCRIPTION
"This group is optional."
GROUP qBridgeVlanStatisticsGroup
DESCRIPTION
"This group is optional as there may be significant
implementation cost associated with its support."
GROUP qBridgeVlanStatisticsOverflowGroup
DESCRIPTION
"This group is optional as there may be significant
implementation cost associated with its support. It is most
relevant for high capacity interfaces where the SNMP agent
supports only SNMPv1."
GROUP qBridgeVlanHCStatisticsGroup
DESCRIPTION
"This group is optional as there may be significant
implementation cost associated with its support. It is most
relevant for high capacity interfaces."
GROUP qBridgeLearningConstraintsGroup
DESCRIPTION
"This group is mandatory for devices implementing
both Independent VLAN Learning (IVL) and Shared
VLAN Learning (SVL) modes of operation of the
filtering database, as defined by IEEE 802.1Q."
GROUP qBridgeLearningConstraintDefaultGroup
DESCRIPTION
"This group is mandatory for devices implementing
both Independent VLAN Learning (IVL) and Shared
VLAN Learning (SVL) modes of operation of the
filtering database, as defined by IEEE 802.1Q."
GROUP qBridgeClassificationDeviceGroup GROUP qBridgeClassificationDeviceGroup
DESCRIPTION DESCRIPTION
"This group is mandatory ONLY for devices implementing "This group is mandatory ONLY for devices implementing
VLAN Classification as specified in IEEE 802.1v." VLAN Classification as specified in IEEE 802.1v."
GROUP qBridgeClassificationPortGroup GROUP qBridgeClassificationPortGroup
DESCRIPTION DESCRIPTION
"This group is mandatory ONLY for devices implementing "This group is mandatory ONLY for devices implementing
VLAN Classification as specified in IEEE 802.1v." VLAN Classification as specified in IEEE 802.1v."
skipping to change at page 86, line 26 skipping to change at page 93, line 6
DESCRIPTION DESCRIPTION
"Write access is not required as this is an optional "Write access is not required as this is an optional
capability in IEEE 802.1Q." capability in IEEE 802.1Q."
OBJECT dot1qConstraintTypeDefault OBJECT dot1qConstraintTypeDefault
MIN-ACCESS read-only MIN-ACCESS read-only
DESCRIPTION DESCRIPTION
"Write access is not required as this is an optional "Write access is not required as this is an optional
capability in IEEE 802.1Q." capability in IEEE 802.1Q."
::= { qBridgeCompliances 1 } OBJECT dot1vProtocolGroupId
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required as this is an optional
capability in IEEE 802.1v."
OBJECT dot1vProtocolGroupRowStatus
MIN-ACCESS read-only
DESCRIPTION
"Write access is not required as this is an optional
capability in IEEE 802.1v."
::= { qBridgeCompliances 2 }
END END
6. Acknowledgments 6. Acknowledgments
This document expands upon previous work which resulted in the
original bridge MIB [RFC1493].
Much of the groundwork for this document was performed by the IEEE Much of the groundwork for this document was performed by the IEEE
802.1 working group during the definition of the IEEE 802.1D updates 802.1 working group during the definition of the IEEE 802.1D updates
[802.1D] and IEEE 802.1Q [802.1Q]. [802.1D] and IEEE 802.1Q [802.1Q].
The authors wish to thank the members of the Bridge Working Group, The authors wish to thank the members of the Bridge Working Group,
and David Harrington, Anders SW Christensen, Andrew Smith, Paul and David Harrington, Anders SW Christensen, Andrew Smith, Paul
Langille, Anil Rijhsinghani, and Keith McCloghrie in particular for Langille, Anil Rijhsinghani, and Keith McCloghrie in particular for
their comments and suggestions which improved this effort. their comments and suggestions which improved this effort.
Editing for the final draft was done by David Levi. Editing for the final draft was done by David Levi.
skipping to change at page 87, line 37 skipping to change at page 94, line 34
Heard, Randy Presuhn, Dan Romascanu, Eduardo Cardona, Tom Petch, Heard, Randy Presuhn, Dan Romascanu, Eduardo Cardona, Tom Petch,
Juergen Schoenwaelder, Richard Woundy, Tony Jeffree and William Juergen Schoenwaelder, Richard Woundy, Tony Jeffree and William
Murwin. We also received input and feedback from IEEE confirming Murwin. We also received input and feedback from IEEE confirming
that the values 0 and 4095 are not used for identifying a specific that the values 0 and 4095 are not used for identifying a specific
VLAN-ID and so can be used to represent none or a wildcard (see VLAN-ID and so can be used to represent none or a wildcard (see
Appendix A). Appendix A).
7. IANA Considerations 7. IANA Considerations
There are no special considerations for IANA related to this draft. There are no special considerations for IANA related to this draft.
The MIB modules in this document are updates to MIB modules with
previously assigned IANA identifiers.
8. Security Considerations 8. Security Considerations
There are a number of management objects defined in this MIB that There are a number of management objects defined in this MIB module
have a MAX-ACCESS clause of read-write and/or read-create. Such with a MAX-ACCESS clause of read-write and/or read-create. Such
objects may be considered sensitive or vulnerable in some network objects may be considered sensitive or vulnerable in some network
environments. The support for SET operations in a non-secure environments. The support for SET operations in a non-secure
environment without proper protection can have a negative effect on environment without proper protection can have a negative effect on
network operations. network operations. These tables and objects and their
sensitivity/vulnerability are described below.
SNMPv1 by itself is not a secure environment. Even if the network The following tables and objects in the P-BRIDGE-MIB can be
itself is secure (for example by using IPSec), even then, there is no manipulated to interfere with the operation of priority classes.
control as to who on the secure network is allowed to access and This could, for example, be used to force a reinitialization of state
GET/SET (read/change/create/delete) the objects in this MIB. machines, thus causing network instability. Another possibility
would be for an attacker to override established policy on port
priorities, thus giving a user (or an attacker) unauthorized
preferential treatment.
It is recommended that the implementers consider the security dot1dTrafficClassesEnabled
features as provided by the SNMPv3 framework. Specifically, the use dot1dGmrpStatus
of the User-based Security Model [USM] and the View-based Access dot1dPortPriorityTable
Control Model [VACM] is recommended. dot1dUserPriorityRegenTable
dot1dTrafficClassTable
dot1dPortGarpTable
dot1dPortGmrpTable
It is then a customer/user responsibility to ensure that the SNMP The following tables and objects in the Q-BRIDGE-MIB could be
entity giving access to an instance of this MIB, is properly manipulated to interfere with the operation of virtual LANs. This
configured to give access to the objects only to those principals could, for example, be used to force a reinitialization of state
(users) that have l machines to cause network instability, or changing the forwarding and
egitimate rights to indeed GET or SET filtering policies.
(change/create/delete) them.
9. Normative References dot1qGvrpStatus
dot1qForwardAllTable
dot1qStaticUnicastTable
dot1qStaticMulticastTable
dot1qVlanStaticTable
dot1qPortVlanTable
dot1qLearningConstraintsTable
dot1vProtocolGroupTable
dot1vProtocolPortTable
[RFC1213] McCloghrie K. and M. Rose, Editors, "Management Information Some of the readable objects in this MIB module (i.e., objects with a
Base for Network Management of TCP/IP-based internets", STD MAX-ACCESS other than not-accessible) may be considered sensitive or
17, RFC 1213, March 1991. vulnerable in some network environments. It is thus important to
control even GET and/or NOTIFY access to these objects and possibly
to even encrypt the values of these objects when sending them over
the network via SNMP. These are the tables and objects and their
sensitivity/vulnerability.
[RFC1493] Decker, E., Langille, P., Rijsinghani, A. and K. The objects dot1dDeviceCapabilities and dot1dPortCapabilitiesTable in
McCloghrie, "Definitions of Managed Objects for Bridges", the P-BRIDGE-MIB could be used by an attacker to determine which
RFC 1493, July 1993. attacks might be useful to attempt against a given device.
[RFC1525] Decker, E., McCloghrie, K., Langille, P. and A. The following read-only tables and objects in the Q-BRIDGE-MIB could
Rijsinghani, "Definitions of Managed Objects for Source be used by an attacker to determine which attacks might be useful to
Routing Bridges", RFC 1525, September 1993. attempt against a given device, could be used by an attacker to
detect whether their attacks are being blocked or filtered, or could
be used to understand the logical topology of the network.
dot1qMaxVlanID
dot1qMaxSupportedVlans
dot1qNumVlans
dot1qFdbTable
dot1qTpFdbTable
dot1qTpGroupTable
dot1qVlanCurrentTable
dot1qPortVlanStatisticsTable
SNMP versions prior to SNMPv3 did not include adequate security.
Even if the network itself is secure (for example by using IPSec),
even then, there is no control as to who on the secure network is
allowed to access and GET/SET (read/change/create/delete) the objects
in this MIB module.
It is RECOMMENDED that implementers consider the security features as
provided by the SNMPv3 framework (see [RFC3410], section 8),
including full support for the SNMPv3 cryptographic mechanisms (for
authentication and privacy).
Further, deployment of SNMP versions prior to SNMPv3 is NOT
RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to
enable cryptographic security. It is then a customer/operator
responsibility to ensure that the SNMP entity giving access to an
instance of this MIB module is properly configured to give access to
the objects only to those principals (users) that have legitimate
rights to indeed GET or SET (change/create/delete) them.
9. Normative References
[BRIDGE-MIB] Norseth, K., and E. Bell, editors "Definitions of
Managed Objects for Bridges", RFC 1493bis, February 2005.
-- RFC Ed.: please replace 1493bis with actual RFC number,
update the reference and remove this note
[RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
Rose, M., and S. Waldbusser, "Structure of Management Rose, M., and S. Waldbusser, "Structure of Management
Information Version 2 (SMIv2)", STD 58, RFC 2578, April Information Version 2 (SMIv2)", STD 58, RFC 2578, April
1999. 1999.
[RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., [RFC2579] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
Rose, M., and S. Waldbusser, "Textual Conventions for Rose, M., and S. Waldbusser, "Textual Conventions for
SMIv2", STD 58, RFC 2579, April 1999. SMIv2", STD 58, RFC 2579, April 1999.
skipping to change at page 89, line 40 skipping to change at page 97, line 33
SMIv2", STD 58, RFC 2580, April 1999. SMIv2", STD 58, RFC 2580, April 1999.
[RFC2674] Bell, E., Smith, A., Langille, P., Rijhsinghani, A. and [RFC2674] Bell, E., Smith, A., Langille, P., Rijhsinghani, A. and
McCloghrie, "Definitions of Managed Objects for Bridges McCloghrie, "Definitions of Managed Objects for Bridges
with Traffic Classes, Multicast Filtering and Virtual LAN with Traffic Classes, Multicast Filtering and Virtual LAN
Extensions", RFC 2674, August 1999. Extensions", RFC 2674, August 1999.
[RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group
MIB", RFC 2863, June 2000. MIB", RFC 2863, June 2000.
[RFC3418] Case, J., McCloghrie, K., Rose, M., Waldbusser, S.,
"Management Information Base (MIB) for the Simple Network
Management Protocol (SNMP)", STD 62, RFC 3418, March 1991.
[802.1D] "Information technology - Telecommunications and [802.1D] "Information technology - Telecommunications and
information exchange between systems - Local and information exchange between systems - Local and
metropolitan area networks - Common specifications - Part metropolitan area networks - Common specifications - Part
3: Media Access Control (MAC) Bridges: Revision. This is 3: Media Access Control (MAC) Bridges: Revision. This is
a revision of ISO/IEC 10038: 1993, 802.1j-1992 and 802.6k- a revision of ISO/IEC 10038: 1993, 802.1j-1992 and
1992. It incorporates P802.11c, P802.1p and P802.12e." 802.6k-1992. It incorporates P802.11c, P802.1p and
ISO/IEC 15802-3: 1998. P802.12e." ISO/IEC 15802-3: 1998.
[802.1D-ORIG] ISO/IEC 10038, ANSI/IEEE Std 802.1D-1993 "MAC Bridges".
[802.1Q] ANSI/IEEE Standard 802.1Q, "IEEE Standards for Local and [802.1Q] ANSI/IEEE Standard 802.1Q, "IEEE Standards for Local and
Metropolitan Area Networks: Virtual Bridged Local Area Metropolitan Area Networks: Virtual Bridged Local Area
Networks", 2003. Networks", 2003.
[802.1t] IEEE 802.1t-2001, "(Amendment to IEEE Standard 802.1D) IEEE [802.1t] IEEE 802.1t-2001, "(Amendment to IEEE Standard 802.1D) IEEE
Standard for Information technology - Telecommunications Standard for Information technology - Telecommunications
and information exchange between systems - Local and and information exchange between systems - Local and
metropolitan area networks - Common specifications - Part metropolitan area networks - Common specifications - Part
3: Media Access Control (MAC) Bridges: Technical and 3: Media Access Control (MAC) Bridges: Technical and
skipping to change at page 90, line 32 skipping to change at page 98, line 27
Classification by Protocol and Port". Classification by Protocol and Port".
[802.1w] IEEE 802.1w-2001, "(Amendment to IEEE Standard 802.1D) IEEE [802.1w] IEEE 802.1w-2001, "(Amendment to IEEE Standard 802.1D) IEEE
Standard for Information technology--Telecommunications and Standard for Information technology--Telecommunications and
information exchange between systems--Local and information exchange between systems--Local and
metropolitan area networks--Common Specifications--Part 3: metropolitan area networks--Common Specifications--Part 3:
Media Access Control (MAC) Bridges: Rapid Reconfiguation". Media Access Control (MAC) Bridges: Rapid Reconfiguation".
10. Informative References 10. Informative References
[RFC1493] Decker, E., Langille, P., Rijsinghani, A. and K.
McCloghrie, "Definitions of Managed Objects for Bridges",
RFC 1493, July 1993.
[RFC1525] Decker, E., McCloghrie, K., Langille, P. and A.
Rijsinghani, "Definitions of Managed Objects for Source
Routing Bridges", RFC 1525, September 1993.
[I-D.ietf-ipcdn-qos-mib] Patrick, M. and W. Murwin, "Data Over Cable [I-D.ietf-ipcdn-qos-mib] Patrick, M. and W. Murwin, "Data Over Cable
System Interface Specification Quality of Service System Interface Specification Quality of Service
Management Information Base (DOCSIS-QOS MIB)", draft-ietf- Management Information Base (DOCSIS-QOS MIB)", draft-ietf-
ipcdn-qos-mib-10 (work in progress), September 2004. ipcdn-qos-mib-10 (work in progress), September 2004.
[I-D.ietf-rmonmib-sspm-mib] Kalbfleisch, C., Cole, R. and D. Romascanu, [I-D.ietf-rmonmib-sspm-mib] Kalbfleisch, C., Cole, R. and D. Romascanu,
"Definition of Managed Objects for Synthetic Sources for "Definition of Managed Objects for Synthetic Sources for
Performance Monitoring Algorithms.", draft-ietf-rmonmib- Performance Monitoring Algorithms.", draft-ietf-rmonmib-
sspm-mib-12 (work in progress), June 2004. sspm-mib-12 (work in progress), June 2004.
skipping to change at page 91, line 9 skipping to change at page 100, line 5
"Remote Network Monitoring MIB Extensions for Switched "Remote Network Monitoring MIB Extensions for Switched
Networks Version 1.0", RFC 2613, June 1999. Networks Version 1.0", RFC 2613, June 1999.
[RFC3318] Sahita, R., Hahn, S., Chan, K. and K. McCloghrie, [RFC3318] Sahita, R., Hahn, S., Chan, K. and K. McCloghrie,
"Framework Policy Information Base", RFC 3318, March 2003. "Framework Policy Information Base", RFC 3318, March 2003.
[RFC3410] Case, J., Mundy, R., Partain, D. and B. Stewart, [RFC3410] Case, J., Mundy, R., Partain, D. and B. Stewart,
"Introduction and Applicability Statements for Internet- "Introduction and Applicability Statements for Internet-
Standard Management Framework", RFC 3410, December 2002. Standard Management Framework", RFC 3410, December 2002.
[802.5] ANSI/IEEE P802.5M-Draft 7, "Source Routing Transparent
Bridge Operation", IEEE Project 802 (1991).
11. Contact Information 11. Contact Information
Vivian Ngai Vivian Ngai
Enterasys Networks Enterasys Networks
2691 South Decker Lake Lane 2691 South Decker Lake Lane
Salt lake City, UT 84119 Salt lake City, UT 84119
USA USA
Phone: +1 801 556 5652 Phone: +1 801 556 5652
Email: vivian_ngai@acm.org Email: vivian_ngai@acm.org
Les Bell Les Bell
3Com Europe Limited 3Com Europe Limited
3Com Centre, Boundary Way 3Com Centre, Boundary Way
Hemel Hempstead Hemel Hempstead
Herts. HP2 7YU Herts. HP2 7YU
UK UK
Phone: +44 1442 438025 Phone: +44 1442 438025
EMail: Les_Bell@3Com.com EMail: elbell@ntlworld.com
Andrew Smith Andrew Smith
Beijing Harbour Networks Beijing Harbour Networks
Jiuling Building Jiuling Building
21 North Xisanhuan Ave. 21 North Xisanhuan Ave.
Beijing, 100089 Beijing, 100089
PRC PRC
Fax: +1 415 345 1827 Fax: +1 415 345 1827
EMail: ah_smith@acm.org EMail: ah_smith@acm.org
skipping to change at page 94, line 29 skipping to change at page 102, line 29
is there any need to change our definitions of the managed objects is there any need to change our definitions of the managed objects
in the document (Clause 12) to reflect the interpretation of 4095 in the document (Clause 12) to reflect the interpretation of 4095
as a wildcard, or is this simply an issue for the SNMP machinery as a wildcard, or is this simply an issue for the SNMP machinery
to handle? to handle?
Regards, Regards,
Tony Tony
Copyright Statement Copyright Statement
Copyright (C) The Internet Society (2004). This document is subject Copyright (C) The Internet Society (2005). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights. except as set forth therein, the authors retain all their rights.
This document and the informati This document and the information contained herein are provided on an
on contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Disclaimer of Validity Disclaimer of Validity
The IETF takes no position regarding the validity or scope of any The IETF takes no position regarding the validity or scope of any
skipping to change at page 96, line 4 skipping to change at line 4499
attempt made to obtain a general license or permission for the use of attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr. http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at ietf- this standard. Please address the information to the IETF at ietf-
ipr@ietf.org. ipr@ietf.org.
Table of Contents
1 The Internet-Standard Management Framework ................... 4
2 Overview ..................................................... 4
2.1 Scope ...................................................... 5
3 Structure of MIBs ............................................ 5
3.1 Structure of Extended Bridge MIB module .................... 6
3.1.1 Relationship to IEEE 802.1D-1998 Manageable Objects ...... 6
3.1.2 Relationship to IEEE 802.1Q Manageable Objects ........... 8
3.1.3 The dot1dExtBase Group ................................... 8
3.1.4 The dot1dPriority Group .................................. 9
3.1.5 The dot1dGarp Group ...................................... 9
3.1.6 The dot1dGmrp Group ...................................... 9
3.1.7 The dot1dTpHCPortTable ................................... 9
3.1.8 The dot1dTpPortOverflowTable ............................. 9
3.2 Structure of Virtual Bridge MIB module ..................... 9
3.2.1 Relationship to IEEE 802.1Q Manageable Objects ........... 10
3.2.2 The dot1qBase Group ...................................... 13
3.2.3 The dot1qTp Group ........................................ 13
3.2.4 The dot1qStatic Group .................................... 14
3.2.5 The dot1qVlan Group ...................................... 14
3.3 Textual Conventions ........................................ 14
3.4 Relationship to Other MIBs ................................. 15
3.4.1 Relationship to the 'system' group ....................... 15
3.4.2 Relation to Interfaces MIB ............................... 15
3.4.2.1 Layering Model ......................................... 16
3.4.2.2 ifStackTable ........................................... 17
3.4.2.3 ifRcvAddressTable ...................................... 17
3.4.3 Relation to Original Bridge MIB .......................... 18
3.4.3.1 The dot1dBase Group .................................... 18
3.4.3.2 The dot1dStp Group ..................................... 18
3.4.3.3 The dot1dTp Group ...................................... 18
3.4.3.4 The dot1dStatic Group .................................. 19
3.4.3.5 Additions to the Original Bridge MIB ................... 19
4 Definitions for Extended Bridge MIB .......................... 21
5 Definitions for Virtual Bridge MIB ........................... 41
6 Acknowledgments .............................................. 87
7 IANA Considerations .......................................... 87
8 Security Considerations ...................................... 87
9 Normative References ......................................... 89
10 Informative References ...................................... 90
11 Contact Information ......................................... 92
Appendix A. Email from Tony Jeffrey from IEEE .................. 94
Copyright Statement ........................................... 94
Disclaimer of Validity ........................................ 94
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/