Mobile IP Working Group                                         R. Rathi
INTERNET DRAFT                                                  K. Leung
                                                          September
                                                            October 2003

       The Definitions of Managed Objects for IP Mobility Support
                          using SMIv2, revised
                 draft-ietf-mip4-rfc2006bis-00.txt
                 draft-ietf-mip4-rfc2006bis-01.txt

Status of this Memo

   This document is an Internet Draft and is in full conformance with
   all provisions of Section 10 of RFC2026.  Internet Drafts are working
   documents of the Internet Engineering Task Force (IETF), its areas,
   and working groups.  Note that other groups may also distribute
   working documents as Internet Drafts.

   Internet Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/ietf/1id-abstracts.txt.

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html.

Abstract

   This memo defines the Management Information Base (MIB) for use with
   network management protocols in TCP/IP-based internets.  In
   particular, it describes managed objects used for managing the Mobile
   Node, Foreign Agent and Home Agent of the Mobile IP Protocol.

   This memo is intended to update and possibly obsolete RFC 2006,
   however, it is designed to be backward compatible.

Table of Contents

1. The Network Management Framework  . . . . . . . . . . . . . . . .   2
2. Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . .   3
2.1. Object Definitions  . . . . . . . . . . . . . . . . . . . . . .   3
3. Overview  . . . . . . . . . . . . . . . . . . . . . . . . . . . .   3
3.1. Object Selection Criteria . . . . . . . . . . . . . . . . . . .   3
3.2. Structure of the Mobile IP  . . . . . . . . . . . . . . . . . .   4
3.3. MIB Groups  . . . . . . . . . . . . . . . . . . . . . . . . . .   4
3.4. Protocol Extensions . . . . . . . . . . . . . . . . . . . . . .   5
4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . .   5
5. Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .  76
6. Security Considerations . . . . . . . . . . . . . . . . . . . . .  77
7. References  . . . . . . . . . . . . . . . . . . . . . . . . . . .  78
A. Changes from RFC 2006 . . . . . . . . . . . . . . . . . . . . . .  80
B. Chair and Editor Addresses  . . . . . . . . . . . . . . . . . . .  85
C. Full Copyright Statement  . . . . . . . . . . . . . . . . . . . .  86

1.  The SNMP Network Management Framework

   The SNMP Management Framework presently consists of five major
   components:

    o   An overall architecture, described in RFC 2571 [2].

    o   Mechanisms for describing and naming objects and events for the
        purpose of management.  The first version of this Structure of
        Management Information (SMI) is called SMIv1 and described in
        STD 16, RFC 1155 [11], STD 16, RFC 1212 [12] and RFC 1215 [13].
        The second version, called SMIv2, is described in STD 58, RFC
        2578 [1], STD 58, RFC 2579 [3] and STD 58, RFC 2580 [4].

    o   Message protocols for transferring management information.  The
        first version of the SNMP message protocol is called SNMPv1 and
        described in STD 15, RFC 1157 [6].  A second version of the SNMP
        message protocol, which is not an Internet standards track pro-
        tocol, is called SNMPv2c and described in RFC 1901 [14] and RFC
        1906 [15].  The third version of the message protocol is called
        SNMPv3 and described in RFC 1906 [15], RFC 2572 [16] and RFC
        2574 [8].

    o   Protocol operations for accessing management information.  The
        first set of protocol operations and associated PDU formats is
        described in STD 15, RFC 1157 [6].  A second set of protocol
        operations and associated PDU formats is described in RFC 1905
        [7].

    o   A set of fundamental applications described in RFC 2573 [17] and
        the view-based access control mechanism described in RFC 2575
        [9].

   A more detailed introduction to the current SNMP Management Framework
   can be found in RFC 2570 [10].

   Managed objects are accessed via a virtual information store, termed
   the Management Information Base or MIB.  Objects in the MIB are
   defined using the mechanisms defined in the SMI.

   This memo specifies a MIB module that is compliant to the SMIv2.  A
   MIB conforming to the SMIv1 can be produced through the appropriate
   translations.  The resulting translated MIB must be semantically
   equivalent, except where objects or events are omitted because no
   translation is possible (use of Counter64).  Some machine readable
   information in SMIv2 will be converted into textual descriptions in
   SMIv1 during the translation process.  However, this loss of machine
   readable information is not considered to change the semantics of the
   MIB.

2.  Objects

2.1.  Object Definitions

   Managed objects are accessed via a virtual information store, termed
   the Management Information Base or MIB.  Objects in the MIB are
   defined using the subset of Abstract Syntax Notation One (ASN.1)
   defined in the SMI.  In particular, each object type is named by an
   OBJECT IDENTIFIER, an administratively assigned name.  The object
   type together with an object instance serves to uniquely identify a
   specific instantiation of the object.  For human convenience, we
   often use a textual string, termed the descriptor, to refer to the
   object type.

3.  Overview

3.1.  Object Selection Criteria

   To be consistent with IAB directives and good engineering practice,
   the authors have applied some criteria to select managed objects for
   the Mobile IP Protocol.

   (1)  Partition management functionality among the Mobile Node, Home
        Agent, and Foreign Agent according to the partitioning seen in
        the Mobile IP Protocol.

   (2)  Require that objects be essential for either fault or configura-
        tion management.

   (3)  Limit the total number of objects.

   (4)  Exclude objects which are simply derivable from others in this
        or other MIBs.

3.2.  Structure of the Mobile IP

   This section describes the basic model of Mobile IP used in develop-
   ing the Mobile IP MIB. This information should be useful to the
   implementor in understanding some of the basic design decisions of
   the MIB.

   The Mobile IP Protocol introduces these new functional entities:

   Mobile Node

       A host or router that changes its point of attachment from one
       network or subnetwork to another.  A mobile node may change its
       location without losing connectivity and without changing its IP
       address; it may continue to communicate with other Internet nodes
       at any location using its (constant) IP address, assuming link-
       layer connectivity to a point of attachment is available.

   Home Agent

       A router on a mobile node's home network which tunnels packets
       for delivery to the mobile node when it is away from home, and
       maintains current location information for the mobile node.

   Foreign Agent

       A router on a mobile node's visited network which provides rout-
       ing services to the mobile node while registered.  The foreign
       agent detunnels and delivers packets to the mobile node that were
       tunneled by the mobile node's home agent. For datagrams sent by a
       mobile node, the foreign agent may serve as a default router for
       registered mobile nodes.

   This document specifies the objects used in managing these entities;
   namely, the Mobile Node, the Home Agent, and the Foreign Agent.

3.3.  MIB Groups

   Objects in this MIB are arranged into groups.  Each group is orga-
   nized as a set of related objects.  The overall structure and the
   relationship between groups and the Mobile IP entities are shown
   below:

           Groups            Mobile Node  Foreign Agent  Home Agent
      mipSystemGroup            X               X             X
      mipSecAssociationGroup    X               X             X
      mipSecViolationGroup      X               X             X
      mnSystemGroup             X
      mnDiscoveryGroup          X
      mnRegistrationGroup       X
      maAdvertisementGroup                      X             X
      faSystemGroup                             X
      faAdvertisementGroup                      X
      faRegistrationGroup                       X
      haRegistrationGroup                                     X
      haRegNodeCountersGroup                                  X

3.4.  Protocol Extensions

   Apart from changes to base specification of Mobile IP [24], it has
   been enhanced in number of ways through its ability for added capa-
   bilities.  Implementations of those capabilities have not been able
   to have any management capabilities present in RFC 2006 compliant MIB
   module agents, since the capabilities themselves postdated the adop-
   tion of RFC 2006.  For several significant capabilities, in the form
   of NAI extension [21], Challenge/Response Extensions [22], Reverse
   Tunneling [23], and Vendor/Organization-Specific Extensions [25], the
   MIB Module defined in this document exposes object types to manage
   those extended capabilities and their operation.

   NAI extension requires a thorough redefinition of MIB table row
   indices from the RFC 2006 state since it provides a one more way to
   identify the mobile nodes apart from home address.  The functional
   differences between this memo and RFC 2006 are explained in Appendix
   A.

MIP-MIB DEFINITIONS ::= BEGIN

    IMPORTS
        Counter32, Gauge32, Integer32, IpAddress, Unsigned32,
        MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, mib-2
                                        FROM SNMPv2-SMI
        RowStatus, TruthValue, TimeStamp,
        TEXTUAL-CONVENTION
                                        FROM SNMPv2-TC
        MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
                                        FROM SNMPv2-CONF;
    mipMIB    MODULE-IDENTITY
        LAST-UPDATED    "200309250000Z"
        ORGANIZATION    "IETF Mobile IP Working Group"
        CONTACT-INFO
                "       Kent Leung
                Postal: Cisco Systems
                        170 West Tasman Drive
                        San Jose, CA 95134
                        USA
                Phone:  +1 408-526-5030
                Email:  kleung@cisco.com"
        DESCRIPTION
                "The MIB Module for the Mobile IP."
        REVISION      "200309250000Z"
        DESCRIPTION
            "Updated for latest changes to Mobile IP."
        REVISION      "199606040000Z"
        DESCRIPTION
            "Initial revision, published as part of RFC 2006."
        ::= { mib-2 44 }

    mipMIBObjects    OBJECT IDENTIFIER ::= { mipMIB 1 }

    -- Groups under mipMIBObjects

    mipSystem    OBJECT IDENTIFIER ::= { mipMIBObjects 1 }
    mipSecurity    OBJECT IDENTIFIER ::= { mipMIBObjects 2 }
    mipMN    OBJECT IDENTIFIER ::= { mipMIBObjects 3 }
    mipMA    OBJECT IDENTIFIER ::= { mipMIBObjects 4 }
    mipFA    OBJECT IDENTIFIER ::= { mipMIBObjects 5 }
    mipHA    OBJECT IDENTIFIER ::= { mipMIBObjects 6 }

    mnSystem    OBJECT IDENTIFIER ::= { mipMN 1 }
    mnDiscovery    OBJECT IDENTIFIER ::= { mipMN 2 }
    mnRegistration    OBJECT IDENTIFIER ::= { mipMN 3 }

    maAdvertisement    OBJECT IDENTIFIER ::= { mipMA 2 }

    faSystem   OBJECT IDENTIFIER ::= { mipFA 1 }
    faAdvertisement   OBJECT IDENTIFIER ::= { mipFA 2 }
    faRegistration    OBJECT IDENTIFIER ::= { mipFA 3 }

    haRegistration    OBJECT IDENTIFIER ::= { mipHA 3 }

    -- All deprecated definitions are put towards the end of the MIB.

    -- Textual convention
    RegistrationFlags  ::= TEXTUAL-CONVENTION
        STATUS      current
        DESCRIPTION
                "This data type is used to define the registration
                flags for Mobile IP registration extension:
                   reserved1
                       -- Reserved
                   reverseTunnel
                       -- Request to support reverse tunneling
                   reserved2
                       -- Reserved
                   gre
                       -- Request to use GRE
                   minEnc
                       -- Request to use minimal encapsulation
                   decapsulationByMN
                       -- Decapsulation by mobile node
                   broadcastDatagram
                       -- Request to receive broadcasts
                   simultaneousBindings
                       -- Request to retain prior binding(s)
                   reverseTunnel
                       -- Request to support reverse tunneling."
        SYNTAX      BITS {
                         reserved1(1),
                         reverseTunnel(2),
                         reserved2(3),
                         gre(4),
                         minEnc(5),
                         decapsulationbyMN(6),
                         broadcastDatagram(7),
                         simultaneousBindings(8)
                    }

    MipEntityIdentifierType ::=  TEXTUAL-CONVENTION
        STATUS       current
        DESCRIPTION
                "A value that represents a type of Mobile IP entity
                identifier.
                other(1)     Indicates identifier which
                             is not in one of the formats defined
                             below.

                ipaddress(2) IP address as defined by InetAddressIPv4
                             textual convention in INET-ADDRESS-MIB.

                nai(3)       A network access identifier as defined by
                             the MipEntityIdentifierNAI textual
                             convention."
        REFERENCE
                "RFC2851 - Textual Conventions for Internet Network
                Addresses"
        SYNTAX       INTEGER {
                         other(1),
                         ipaddress(2),
                         nai(3)
                     }

    MipEntityIdentifier ::=  TEXTUAL-CONVENTION
        STATUS       current
        DESCRIPTION
                "Represents the generic identifier for Mobile IP
                entities.  A MipEntityIdentifier value is always
                interpreted within the context of a
                MipEntityIdentifierType  value.
                             Foreign agents and Home agents are
                identified by the IP addresses.  Mobile nodes can be
                identified in more than one way e.g. IP addresses,
                network access identifiers (NAI).  If mobile node is
                identified by  something other than IP address say by
                NAI and it gets IP address dynamically from the home
                agent then value of object of this type should be same
                as NAI.  This is because IP address is not tied with
                mobile node and it can change across registrations over
                period of time.  Note that the first 64 octets are used
                as index element."
        SYNTAX       OCTET STRING (SIZE (1..64))

    MipEntityIdentifierNAI ::=  TEXTUAL-CONVENTION
        STATUS       current
        DESCRIPTION
                "Represents a Network Access Identifier (NAI).  Mobile
                nodes may use NAI to authenticate themselves to the
                foreign agent and home agent and to get the home
                address dynamically from the home agent."
        REFERENCE
                "RFC2794 - Mobile IP Network Access Identifier
                Extension for IPv4"
        SYNTAX       OCTET STRING (SIZE (1..255))

    MipDeliveryStyle ::=  TEXTUAL-CONVENTION
        STATUS       current
        DESCRIPTION
                "This data type is used to indicate the delivery
                style requested by the mobile node in its registration
                request."
        REFERENCE
                "RFC3024 - Reverse Tunneling for Mobile IP"
        SYNTAX       INTEGER { direct(1), encapsulating(2) }
    -- mipSystem Group

    mipEntities OBJECT-TYPE
        SYNTAX      BITS {
                         mobileNode(0),
                         foreignAgent(1),
                         homeAgent(2)
                    }
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "This object describes which Mobile IP entities are
                supported by this managed entity.  The entity may
                support more than one Mobile IP entities.  For example,
                the entity supports both Foreign Agent (FA) and Home
                Agent (HA).  Therefore, bit 1 and bit 2 are set to 1
                for this object."
        ::= { mipSystem 1 }

    mipEnable OBJECT-TYPE
        SYNTAX      INTEGER { enabled(1), disabled(2) }
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
                "Indicates whether the Mobile IP protocol should be
                enabled for the managed entity.  If it is disabled, the
                entity should disable both agent discovery and
                registration functions."
        ::= { mipSystem 2 }

    mipEncapsulationSupported   OBJECT-TYPE
        SYNTAX      BITS {
                         ipInIp(0),
                         gre(1),
                         minEnc(2),
                         other(3)
                    }
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Encapsulation methods supported by the Mobile IP
                entity.  The entity may support multiple encapsulation
                methods or none of them:
                    ipInIp(0), -- IP Encapsulation within IP
                    gre(1),    -- Generic Routing Encapsulation,
                               -- refers to RFC1701
                    minEnc(2), -- Minimal Encapsulation within IP."
        ::= { mipSystem 3 }
    -- mipSecurity Group

    -- Mobile IP security violation total counter

    mipSecTotalViolations OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
               "Total number of security violations in the entity."
           ::= { mipSecurity 2 }

    mipSecurityAssocsCount  OBJECT-TYPE
        SYNTAX      Gauge32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
               "Total number of mobility security associations
               known to the entity i.e.  the number of entries in
               the mipSecurityAssocTable."
        ::= { mipSecurity 4 }

    -- Mobile IP security association table

    mipSecurityAssocTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF MipSecurityAssocEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "A table containing Mobility Security Associations."
        ::= { mipSecurity 5 }

    mipSecurityAssocEntry OBJECT-TYPE
        SYNTAX      MipSecurityAssocEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "One particular Mobility Security Association."
        INDEX   { mipSecurityPeerIdType, mipSecurityPeerId,
                  mipSecuritySPI }
        ::= { mipSecurityAssocTable 1 }

    MipSecurityAssocEntry ::=
        SEQUENCE {
            mipSecurityPeerIdType    MipEntityIdentifierType,
            mipSecurityPeerId        MipEntityIdentifier,
            mipSecuritySPI           Unsigned32,
            mipSecurityAlgorithmType INTEGER,
            mipSecurityAlgorithmMode INTEGER,
            mipSecurityKey           OCTET STRING,
            mipSecurityReplayMethod  INTEGER,
            mipSecurityReplayTime    Unsigned32,
            mipSecurityStatus        RowStatus
        }

    mipSecurityPeerIdType OBJECT-TYPE
        SYNTAX      MipEntityIdentifierType
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "The type of the peer entity's identifier."
        ::= { mipSecurityAssocEntry 1 }

    mipSecurityPeerId OBJECT-TYPE
        SYNTAX      MipEntityIdentifier
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "The identifier of the peer entity with which this
                node shares the mobility security association."
        ::= { mipSecurityAssocEntry 2 }

    mipSecuritySPI OBJECT-TYPE
        SYNTAX      Unsigned32 (0..4294967295)
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "The SPI is the 4-byte opaque index within the
                Mobility Security Association which selects the
                specific security parameters to be used to
                authenticate the peer, i.e.  the rest of the variables
                in this mipSecurityAssocEntry."
        ::= { mipSecurityAssocEntry 3 }

    mipSecurityAlgorithmType OBJECT-TYPE
        SYNTAX      INTEGER {
                            other(1),
                            md5(2)
                    }
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
                "Type of security algorithm."
        DEFVAL     { md5 }
        ::= { mipSecurityAssocEntry 4 }
    mipSecurityAlgorithmMode OBJECT-TYPE
        SYNTAX      INTEGER {
                            other(1),
                            prefixSuffix(2),
                            hmac(3)
                    }
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
                "Security mode used by this algorithm."
        DEFVAL     { hmac }
        ::= { mipSecurityAssocEntry 5 }

    mipSecurityKey  OBJECT-TYPE
        SYNTAX      OCTET STRING (SIZE(16))
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
                "The shared secret key for the security
                associations.  Reading this object will always return
                zero length value."
        ::= { mipSecurityAssocEntry 6 }

    mipSecurityReplayMethod OBJECT-TYPE
        SYNTAX      INTEGER {
                             other(1),
                             timestamps(2),
                             nonces(3)
                    }
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
                "The replay-protection method supported for this SPI
                within this Mobility Security Association."
        DEFVAL     { timestamps }
        ::= { mipSecurityAssocEntry 7 }

    mipSecurityReplayTime OBJECT-TYPE
        SYNTAX      Unsigned32 (3..255)
        UNITS       "seconds"
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
                "The replay-protection time difference that is
                acceptable for this Mobility Security Association when
                MipSecurityReplayMethod is set to timestamps."
        DEFVAL     { 7 }
        ::= { mipSecurityAssocEntry 8 }
     mipSecurityStatus  OBJECT-TYPE
        SYNTAX      RowStatus
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
                "The row status for this table."
        ::= { mipSecurityAssocEntry 9 }

    -- Mobile IP security violation table

    mipSecurityViolationTable  OBJECT-TYPE
        SYNTAX      SEQUENCE OF MipSecurityViolationEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "A table containing information about security
                violations."
        ::= { mipSecurity 6 }

    mipSecurityViolationEntry  OBJECT-TYPE
        SYNTAX      MipSecurityViolationEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "Information about one particular security violation."
        INDEX   { mipSecurityViolatorIdType, mipSecurityViolatorId  }
        ::= { mipSecurityViolationTable 1 }

    MipSecurityViolationEntry ::=
        SEQUENCE {
            mipSecurityViolatorIdType        MipEntityIdentifierType,
            mipSecurityViolatorId            MipEntityIdentifier,
            mipSecurityViolationCounter      Counter32,
            mipSecurityRecentViolationSPI    Unsigned32,
            mipSecurityRecentViolationTime   TimeStamp,
            mipSecurityRecentViolationIDLow  Unsigned32,
            mipSecurityRecentViolationIDHigh Unsigned32,
            mipSecurityRecentViolationReason INTEGER
        }

    mipSecurityViolatorIdType  OBJECT-TYPE
        SYNTAX      MipEntityIdentifierType
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "The type of Violator's identifier."
        ::= { mipSecurityViolationEntry 1 }

    mipSecurityViolatorId  OBJECT-TYPE
        SYNTAX      MipEntityIdentifier
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "Violator's identifier.  The violator is not necessary
                in the mipSecurityAssocTable."
        ::= { mipSecurityViolationEntry 2 }

    mipSecurityViolationCounter OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of security violations for this peer."
        ::= { mipSecurityViolationEntry 3 }

    mipSecurityRecentViolationSPI  OBJECT-TYPE
        SYNTAX      Unsigned32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "SPI of the most recent security violation for this
                peer.  If the security violation is due to an
                identification mismatch, then this is the SPI from the
                Mobile-Home Authentication Extension.  If the security
                violation is due to an invalid authenticator, then
                this is the SPI from the offending authentication
                extension.  In all other cases, it should be set to
                zero."
        ::= { mipSecurityViolationEntry 4 }

    mipSecurityRecentViolationTime OBJECT-TYPE
        SYNTAX      TimeStamp
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Time of the most recent security violation for this
                peer."
        ::= { mipSecurityViolationEntry 5 }

    mipSecurityRecentViolationIDLow  OBJECT-TYPE
        SYNTAX      Unsigned32 (0..4294967295)
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
               "Low-order 32 bits of identification used in request or
                reply of the most recent security violation for this
                peer."
        ::= { mipSecurityViolationEntry 6 }

    mipSecurityRecentViolationIDHigh  OBJECT-TYPE
        SYNTAX      Unsigned32 (0..4294967295)
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "High-order 32 bits of identification used in request
                or reply of the most recent security violation for
                this peer."
        ::= { mipSecurityViolationEntry 7 }

    mipSecurityRecentViolationReason   OBJECT-TYPE
        SYNTAX      INTEGER {
                            noMobilitySecurityAssociation(1),
                            badAuthenticator(2),
                            badIdentifier(3),
                            badSPI(4),
                            missingSecurityExtension(5),
                            other(6)
                    }
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Reason for the most recent security violation for
                this peer."
        ::= { mipSecurityViolationEntry 8 }

    -- mipMN Group
    -- mipSystem Group

    mnState OBJECT-TYPE
        SYNTAX      INTEGER {
                            home(1),
                            registered(2),
                            pending(3),
                            isolated(4),
                            unknown(5)
                    }
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Indicates mobile node's state of Mobile IP:
                     home,
                         -- MN is connected to home network.
                     registered,
                         -- MN has registered on foreign network
                     pending,
                         -- MN has sent registration request and is
                            waiting for the reply
                     isolated,
                         -- MN is isolated from network
                     unknown
                         -- MN can not determine its state."
        ::= { mnSystem 1 }

    mnHomeAddress OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "An IP address that is assigned for an extended period
                of time to the mobile node.  It remains unchanged
                regardless of the mobile node's current point of
                attachment.  If mobile node doesn't have home address
                assigned yet then this object will take the default
                value."
        DEFVAL { '00000000'H }
        ::= { mnSystem 2 }

    -- Mobile node's home agent list

    mnHATable OBJECT-TYPE
        SYNTAX      SEQUENCE OF MnHAEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "A table containing all of the mobile node's potential
                home agents."
        ::= { mnSystem 3 }

    mnHAEntry OBJECT-TYPE
        SYNTAX MnHAEntry
        MAX-ACCESS not-accessible
        STATUS      current
        DESCRIPTION
                "Information for a particular Home Agent."
        INDEX { mnHAAddress }
        ::= { mnHATable 1 }
    MnHAEntry ::= SEQUENCE {
        mnHAAddress IpAddress,
        mnCurrentHA TruthValue,
        mnHAStatus  RowStatus
    }

    mnHAAddress OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "IP address of mobile node's Home Agent."
        ::= { mnHAEntry 1 }

    mnCurrentHA OBJECT-TYPE
        SYNTAX      TruthValue
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Whether this home agent is the current home agent for
                the mobile node.  If it is true, the mobile node is
                registered with that home agent."
        ::= { mnHAEntry 2 }

    mnHAStatus  OBJECT-TYPE
        SYNTAX      RowStatus
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
                "The row status for this home agent entry.  If the
                status is set to 'createAndGo' or 'active', then the
                mobile node can use mnHAAddress as a valid candidate
                for a home agent.  If the status is set to 'destroy',
                then the mobile node should delete this row, and
                deregister from that home agent."
        ::= { mnHAEntry 3 }

    mnIdentifierType OBJECT-TYPE
        SYNTAX      MipEntityIdentifierType
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The type of the identifier of the mobile node."
        ::= { mnSystem 4 }

    mnIdentifier OBJECT-TYPE
        SYNTAX      MipEntityIdentifier
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The identifier of the mobile node."
        ::= { mnSystem 5 }

    mnFATable OBJECT-TYPE
        SYNTAX      SEQUENCE OF MnFAEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "A table containing all foreign agents that the mobile
                node knows about and their corresponding COA (care-of
                address).  This COA is an address of a foreign agent
                with which the mobile node is registered.  The table is
                updated when advertisements are received by the mobile
                node.  If an advertisement expires, its entry(s) should
                be deleted from the table.  One foreign agent can
                provide more than one COA in its advertisements."
        ::= { mnDiscovery 1 }

    mnFAEntry OBJECT-TYPE
        SYNTAX      MnFAEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "One pair of foreign agent IP address and COA for that
                foreign agent."
        INDEX { mnFAAddress, mnCOA }
        ::= { mnFATable 1 }

    MnFAEntry ::= SEQUENCE {
        mnFAAddress IpAddress,
        mnCOA       IpAddress
    }

    mnFAAddress OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Foreign agent's IP address."
        ::= { mnFAEntry 1 }

    mnCOA   OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "A care-of address being offered by this foreign agent
                or a co-located care-of address which the mobile node
                has associated with one of its own network
                interfaces."
        ::= { mnFAEntry 2 }

   -- Mobile node could store multiple agent advertisements, however,
   -- only the most recently received agent advertisement information
   -- is required to be made available to the manager station.

    mnRecentAdvReceived OBJECT IDENTIFIER ::= { mnDiscovery 2 }

    mnAdvSourceAddress OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The source IP address of the most recently received
                Agent Advertisement.  This address could be the address
                of a home agent or a foreign agent."
        ::= { mnRecentAdvReceived 1 }

    mnAdvSequence OBJECT-TYPE
        SYNTAX      Integer32 (0..65535)
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The sequence number of the most recently received
                advertisement.  The sequence number ranges from 0 to
                0xffff.  After the sequence number attains the value
                0xffff, it will roll over to 256."
        ::= { mnRecentAdvReceived 2 }

    mnAdvFlags OBJECT-TYPE
        SYNTAX      BITS {
                         gre(1),
                         minEnc(2),
                         foreignAgent(3),
                         homeAgent(4),
                         busy(5),
                         regRequired(6),
                         reverseTunnel(7)
                    }
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The flags are contained in the 7th byte in the
                extension of the most recently received mobility agent
                advertisement:
                    gre
                        -- Agent offers Generic Routing Encapsulation
                    minEnc,
                        -- Agent offers Minimal Encapsulation
                    foreignAgent,
                        -- Agent is a Foreign Agent
                    homeAgent,
                        -- Agent is a Home Agent
                    busy,
                        -- Foreign Agent is busy
                    regRequired,
                        -- FA registration is required
                    reverseTunnel,
                        -- Agent supports reverse tunneling."
        ::= { mnRecentAdvReceived 3 }

    mnAdvMaxRegLifetime OBJECT-TYPE
        SYNTAX      Integer32 (1..65535)
        UNITS       "seconds"
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The longest lifetime in seconds that the agent is
                willing to accept in any registration request."
        ::= { mnRecentAdvReceived 4 }

    mnAdvMaxAdvLifetime OBJECT-TYPE
        SYNTAX      Integer32 (1..65535)
        UNITS       "seconds"
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The maximum length of time that the Advertisement is
                considered valid in the absence of further
                Advertisements."
        REFERENCE
                "AdvertisementLifeTime in RFC1256."
        ::= { mnRecentAdvReceived 5 }

    mnAdvTimeReceived OBJECT-TYPE
        SYNTAX      TimeStamp
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The time at which the most recently received
                advertisement was received."
        ::= { mnRecentAdvReceived 6 }

    -- Mobile Node Discovery Group Counter

    mnSolicitationsSent OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Solicitation sent by the mobile
                node."
        ::= { mnDiscovery 3 }

    mnAdvertisementsReceived OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of advertisements received by the mobile
                node."
        ::= { mnDiscovery 4 }

    mnAdvsDroppedInvalidExtension OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of advertisements dropped by the mobile
                node due to both poorly formed extensions and
                unrecognized extensions with extension number in the
                range 0-127."
        ::= { mnDiscovery 5 }

    mnAdvsIgnoredUnknownExtension OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of unrecognized extensions in the range
                128-255 that were ignored by the mobile node."
        ::= { mnDiscovery 6 }

    mnMoveFromHAToFA OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Number of times that the mobile node has decided to
                move from its home network to a foreign network."
        ::= { mnDiscovery 7 }

    mnMoveFromFAToFA OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Number of times that the mobile node has decided to
                move from one foreign network to another foreign
                network."
        ::= { mnDiscovery 8 }

    mnMoveFromFAToHA OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Number of times that the mobile node has decided to
                move from a foreign network to its home network."
        ::= { mnDiscovery 9 }

    mnGratuitousARPsSend OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Gratuitous ARPs sent by mobile node
                in order to clear out any stale ARP entries in the ARP
                caches of nodes on the home network."
        ::= { mnDiscovery 10 }

    mnAgentRebootsDectected OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of agent reboots detected by the mobile
                node through sequence number of the advertisement."
        ::= { mnDiscovery 11 }

    -- Mobile Node Registration Group

    -- Registration table of mobile node
    mnRegistrationTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF MnRegistrationEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "A table containing information about the mobile
                node's attempted registration(s).  The mobile node
                updates this table based upon Registration Requests
                sent and Registration Replies received in response to
                these requests.  Certain variables within this table
                are also updated if when Registration Requests are
                retransmitted."
        ::= { mnRegistration 1 }

    mnRegistrationEntry OBJECT-TYPE
        SYNTAX      MnRegistrationEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "Information about one registration attempt."
        INDEX { mnRegAgentAddress, mnRegCOA}
        ::= { mnRegistrationTable 1 }

    MnRegistrationEntry ::= SEQUENCE {
        mnRegAgentAddress  IpAddress,
        mnRegCOA           IpAddress,
        mnRegFlags         RegistrationFlags,
        mnRegIDLow         Unsigned32,
        mnRegIDHigh        Unsigned32,
        mnRegTimeRequested Unsigned32,
        mnRegTimeRemaining Gauge32,
        mnRegTimeSent      TimeStamp,
        mnRegIsAccepted    TruthValue,
        mnCOAIsLocal       TruthValue,
        mnRegDeliveryStyle MipDeliveryStyle
        }

    mnRegAgentAddress OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                 "IP address of the agent as used in the destination
                 IP address of the Registration Request.  The agent
                 may be a home agent or a foreign agent."
        ::= { mnRegistrationEntry 1 }
    mnRegCOA OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Care-of address for the registration."
        ::= { mnRegistrationEntry 2 }

    mnRegFlags OBJECT-TYPE
        SYNTAX      RegistrationFlags
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Registration flags sent by the mobile node.  It is the
                second byte in the Mobile IP Registration Request
                message."
        ::= { mnRegistrationEntry 3 }

    mnRegIDLow OBJECT-TYPE
        SYNTAX      Unsigned32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Low-order 32 bits of the Identification used in that
                registration by the mobile node."
        ::= { mnRegistrationEntry 4 }

    mnRegIDHigh OBJECT-TYPE
        SYNTAX      Unsigned32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "High-order 32 bits of the Identification used in that
                registration by the mobile node."
        ::= { mnRegistrationEntry 5 }

    mnRegTimeRequested OBJECT-TYPE
        SYNTAX      Unsigned32
        UNITS       "seconds"
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "If the registration is pending, then this is the
                lifetime requested by the mobile node (in seconds).
                If the registration has been accepted, then this is
                the lifetime actually granted by the home agent in the
                reply."
        ::= { mnRegistrationEntry 6 }
    mnRegTimeRemaining OBJECT-TYPE
        SYNTAX      Gauge32
        UNITS       "seconds"
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The number of seconds remaining until this
                registration expires.  It has the same initial value
                as mnRegTimeRequested and is only valid if
                mnRegIsAccepted is TRUE."
        ::= { mnRegistrationEntry 7 }

    mnRegTimeSent OBJECT-TYPE
        SYNTAX      TimeStamp
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The time when the last (re-)transmission occurred."
        ::= { mnRegistrationEntry 8 }

    mnRegIsAccepted OBJECT-TYPE
        SYNTAX      TruthValue
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "true(1) if the mobile node has received a
                Registration Reply indicating that service has been
                accepted; false(2) otherwise.  false(2) implies that
                the registration is still pending."
        ::= { mnRegistrationEntry 9 }

    mnCOAIsLocal OBJECT-TYPE
        SYNTAX      TruthValue
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Whether the COA is local to (dynamically acquired by)
                the mobile node or not.  If it is false(2), the COA is
                an address of the foreign agent."
        ::= { mnRegistrationEntry 10 }

    mnRegDeliveryStyle OBJECT-TYPE
        SYNTAX      MipDeliveryStyle
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Delivery style requested by the mobile node in the
                registration request.  If mobile node is operating with
                a co-located care-of address i.e. when mnCOAIsLocal is
                true(1), this object should not be instantiated."
        DEFVAL      { direct }
        ::= { mnRegistrationEntry 11 }

    -- Mobile Node Registration Group Counters

    mnRegRequestsSent OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of registration requests sent by the
                mobile node.  This does not include deregistrations
                (those with Lifetime equal to zero)."
        ::= { mnRegistration 2 }

    mnDeRegRequestsSent OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of deregistration requests sent by the
                mobile node (those with Lifetime equal to zero)."
        ::= { mnRegistration 3 }

    mnRegRepliesRecieved OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of registration replies received by the
                mobile node in which the Lifetime is greater than
                zero."
        ::= { mnRegistration 4 }

    mnDeRegRepliesRecieved OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of (de)registration replies received by
                the mobile node in which the Lifetime is equal to
                zero."
        ::= { mnRegistration 5 }

    mnRepliesInvalidHomeAddress OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of replies with invalid home address for
                the mobile node."
        ::= { mnRegistration 6 }

    mnRepliesUnknownHA OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of replies with unknown home agents
                (not in home agent table)."
        ::= { mnRegistration 7 }

    mnRepliesUnknownFA OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of replies with unknown foreign agents if
                replies relayed through foreign agent."
        ::= { mnRegistration 8 }

    mnRepliesInvalidID OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of replies with invalid Identification
                fields."
        ::= { mnRegistration 9 }

    mnRepliesDroppedInvalidExtension OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Replies dropped by the
                mobile node due to both poorly formed extensions and
                unrecognized extensions with extension number in the
                range 0-127."
        ::= { mnRegistration 10 }

    mnRepliesIgnoredUnknownExtension OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Replies that contained
                one or more unrecognized extensions in the range
                128-255 that were ignored by the mobile node."
        ::= { mnRegistration 11 }

    mnRepliesHAAuthenticationFailure OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of replies without a valid Home Agent to
                Mobile Node authenticator."
        ::= { mnRegistration 12 }

    mnRepliesFAAuthenticationFailure OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of replies without a valid Foreign Agent
                to Mobile Node authenticator."
        ::= { mnRegistration 13 }

    mnRegRequestsAccepted OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of registration requests accepted by the
                mobile node's home agent (Code 0 and Code 1)."
        ::= { mnRegistration 14 }

    mnRegRequestsDeniedByHA OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of registration requests denied by
                mobile node's home agent (Sum of Code 128 through
                Code 191)."
        ::= { mnRegistration 15 }

    mnRegRequestsDeniedByFA OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of registration requests denied by the
                foreign agent (Sum of Codes 64 through Code 127)."
        ::= { mnRegistration 16 }

    mnRegRequestsDeniedByHADueToID OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Request denied by home
                agent due to identification mismatch."
        ::= { mnRegistration 17 }

    mnRegRequestsWithDirectedBroadcast OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests sent by mobile
                node with a directed broadcast address in the home
                agent field."
        ::= { mnRegistration 18 }

    -- MA Advertisement Group

    -- MA Advertisement Group Counters

    maAdvertisementsSent OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of advertisements sent by the mobility
                agent."
        ::= { maAdvertisement 2 }

    maAdvsSentForSolicitation OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of advertisements sent by mobility agent
                in response to mobile node solicitations."
        ::= { maAdvertisement 3 }

    maSolicitationsReceived OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of solicitations received by the
                mobility agent."
        ::= { maAdvertisement 4 }

    -- Mobility agent advertisement configuration table

    maAdvertConfTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF MaAdvertConfEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "A table containing configurable advertisement
                parameters for all advertisement interfaces in
                the mobility agent."
        ::= { maAdvertisement 5 }

    maAdvertConfEntry OBJECT-TYPE
        SYNTAX      MaAdvertConfEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "Advertisement parameters for one advertisement
                interface."
        INDEX   { maAdvertIfIndex }
        ::= { maAdvertConfTable 1 }

    MaAdvertConfEntry    ::= SEQUENCE {
          maAdvertIfIndex                  Integer32,
          maAdvertMaxRegLifetime           Integer32,
          maAdvertPrefixLengthInclusion    TruthValue,
          maAdvertAddress                  IpAddress,
          maAdvertMaxInterval              Integer32,
          maAdvertMinInterval              Integer32,
          maAdvertMaxAdvLifetime           Integer32,
          maAdvertResponseSolicitationOnly TruthValue,
          maAdvertService                  BITS,
          maAdvertStatus                   RowStatus
        }

    maAdvertIfIndex OBJECT-TYPE
        SYNTAX      Integer32 (1..2147483647)
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "The ifIndex value from Interfaces table of
                MIB II for advertisement interface."
        ::= { maAdvertConfEntry 1 }
    maAdvertMaxRegLifetime OBJECT-TYPE
        SYNTAX      Integer32 (1..65535)
        UNITS       "seconds"
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
                "The longest lifetime in seconds that mobility agent
                is willing to accept in any Registration Request."
        ::= { maAdvertConfEntry 2 }

    maAdvertPrefixLengthInclusion OBJECT-TYPE
        SYNTAX      TruthValue
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
                "Whether the advertisement should include the Prefix-
                Lengths Extension.  If it is true, all advertisements
                sent over this interface should include the
                Prefix-Lengths Extension."
        ::= { maAdvertConfEntry 3 }

    maAdvertAddress OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
                "The IP destination address to be used for
                advertisements sent from the interface.  The only
                permissible values are the all-systems multicast
                address (224.0.0.1) or the limited-broadcast address
                (255.255.255.255)."
        REFERENCE
                "AdvertisementAddress in RFC1256."
        ::= { maAdvertConfEntry 4 }

    maAdvertMaxInterval OBJECT-TYPE
        SYNTAX      Integer32 (4..1800)
        UNITS       "seconds"
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
                "The maximum time in seconds between successive
                transmissions of Agent Advertisements from this
                interface."
        REFERENCE
                "MaxAdvertisementInterval in RFC1256."
        ::= { maAdvertConfEntry 5 }

    maAdvertMinInterval OBJECT-TYPE
        SYNTAX      Integer32 (3..1800)
        UNITS       "seconds"
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
                "The minimum time in seconds between successive
                transmissions of Agent Advertisements from this
                interface."
        REFERENCE
                "MinAdvertisementInterval in RFC1256."
        ::= { maAdvertConfEntry 6 }

    maAdvertMaxAdvLifetime OBJECT-TYPE
        SYNTAX      Integer32 (4..9000)
        UNITS       "seconds"
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
                "The time (in seconds) to be placed in the Lifetime
                field of the RFC 1256-portion of the Agent
                Advertisements sent over this interface."
        REFERENCE
                "AdvertisementLifetime in RFC1256."
        ::= { maAdvertConfEntry 7 }

    maAdvertResponseSolicitationOnly OBJECT-TYPE
        SYNTAX      TruthValue
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
                "The flag indicates whether the advertisement from
                that interface should be sent only in response to an
                Agent Solicitation message."
        DEFVAL      { false }
        ::= { maAdvertConfEntry 8 }

    maAdvertService OBJECT-TYPE
        SYNTAX      BITS { foreignAgent(0),
                           homeAgent(1)
                    }
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
                "Indicates which mobility services are offered on this
                interface."
        ::= { maAdvertConfEntry 9 }

    maAdvertStatus OBJECT-TYPE
        SYNTAX      RowStatus
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
                "The row status for the agent advertisement table.  If
                this column status is 'active', the manager should not
                change any column in the row."
        ::= { maAdvertConfEntry 10 }

    -- Foreign Agent Group

    -- Foreign Agent System Group

    faCOATable OBJECT-TYPE
        SYNTAX      SEQUENCE OF FaCOAEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "A table containing all of the care-of addresses
                (COAs) supported by the foreign agent.  New entries can
                be added to the table.  The order of entries in the
                faCOATAble is also the order in which the COAs are
                listed in the Agent Advertisement."
           ::= { faSystem 1 }

    faCOAEntry OBJECT-TYPE
        SYNTAX      FaCOAEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "Entry of COA"
        INDEX { faSupportedCOA }
        ::= { faCOATable 1 }

    FaCOAEntry     ::=
        SEQUENCE {
                 faSupportedCOA IpAddress,
                 faCOAStatus    RowStatus
        }

    faSupportedCOA OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "Care-of-address supported by this foreign agent."
        ::= { faCOAEntry 1 }
    faCOAStatus  OBJECT-TYPE
        SYNTAX      RowStatus
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
                "The row status for COA entry."
        ::= { faCOAEntry 2 }

    -- Foreign Agent Advertisement Group
    -- FA needs to implement MA Advertisement Group plus that group
    -- Foreign agent advertisement configuration table.

    faAdvertConfTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF FaAdvertConfEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "A table containing additional configurable
                advertisement parameters beyond that provided by
                maAdvertConfTable for all advertisement interfaces
                in the foreign agent."
           ::= { faAdvertisement 3 }

    faAdvertConfEntry OBJECT-TYPE
        SYNTAX      FaAdvertConfEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "Additional advertisement parameters beyond that
                provided by maAdvertConfEntry for one advertisement
                interface."
        INDEX { maAdvertIfIndex }
        ::= { faAdvertConfTable 1 }

    FaAdvertConfEntry    ::= SEQUENCE {
        faAdvertIsBusy          TruthValue,
        faAdvertRegRequired     TruthValue,
        faAdvertChallengeWindow Integer32
        }

    faAdvertIsBusy OBJECT-TYPE
        SYNTAX      TruthValue
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "If true(1), the agent is busy and any Agent
                advertisements sent from the agent on this interface
                should have the 'B' bit set to 1."
        ::= { faAdvertConfEntry 1 }
    faAdvertRegRequired OBJECT-TYPE
        SYNTAX      TruthValue
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
                "If true(1), registration is required and any Agent
                Advertisements sent from the agent on this interface
                should have the 'R' bit set to 1."
        ::= { faAdvertConfEntry 2 }

    faAdvertChallengeWindow  OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
                "Indicates the number of last challenge values
                which can be used by mobile node in the registration
                request sent to the foreign agent on this interface."
        REFERENCE
                "RFC3012 - Mobile IPv4 Challenge/Response Extensions"
        DEFVAL      { 2 }
        ::= { faAdvertConfEntry 3 }

    -- Foreign Agent Registration Group

    -- Foreign Agent Registration Group Counters

    faRegRequestsReceived OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of valid Registration Requests
                received."
        ::= { faRegistration 2 }

    faRegRequestsRelayed OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests relayed to home
                agent by foreign agent."
        ::= { faRegistration 3 }

    faReasonUnspecified OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent -- reason unspecified (Code 64)."
        ::= { faRegistration 4 }

    faAdmProhibited OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent -- administratively prohibited (Code
                65)."
        ::= { faRegistration 5 }

    faInsufficientResource OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent -- insufficient resources (Code 66)."
        ::= { faRegistration 6 }

    faMNAuthenticationFailure OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent -- mobile node failed authentication
                (Code 67)."
        ::= { faRegistration 7 }

    faRegLifetimeTooLong OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent -- requested lifetime too long (Code
                69)."
        ::= { faRegistration 8 }

    faPoorlyFormedRequests OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent -- poorly formed request (Code 70)."
        ::= { faRegistration 9 }

    faEncapsulationUnavailable OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent -- requested encapsulation unavailable
                (Code 72)."
        ::= { faRegistration 10 }

    faHAUnreachable OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent -- home agent unreachable (Codes
                80-95)."
        ::= { faRegistration 12 }

    faRegRepliesRecieved OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of well-formed Registration Replies
                received by foreign agent."
        ::= { faRegistration 13 }

    faRegRepliesRelayed OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of valid Registration Replies relayed to
                the mobile node by foreign agent."
        ::= { faRegistration 14 }

    faHAAuthenticationFailure OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Replies denied by
                foreign agent -- home agent failed authentication
                (Code 68)."
        ::= { faRegistration 15 }

    faPoorlyFormedReplies OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Replies denied by
                foreign agent -- poorly formed reply (Code 71)."
        ::= { faRegistration 16 }

    faReverseTunnelUnavailable OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent -- requested reverse tunnel
                unavailable (Code 74)."
        REFERENCE
                "RFC3024 - Reverse Tunneling for Mobile IP"
        ::= { faRegistration 17 }

    faReverseTunnelBitNotSet OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent -- reverse tunnel is mandatory and
                'T' bit not set (Code 75)."
        REFERENCE
                "RFC3024 - Reverse Tunneling for Mobile IP"
        ::= { faRegistration 18 }

    faMnTooDistant OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent -- mobile node too distant (Code 76)."
        REFERENCE
                "RFC3024 - Reverse Tunneling for Mobile IP"
        ::= { faRegistration 19 }
    faDeliveryStyleUnsupported OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent -- delivery style not supported
                (Code 79)."
        REFERENCE
                "RFC3024 - Reverse Tunneling for Mobile IP"
        ::= { faRegistration 20 }

    faNonZeroHomeAddressRequired OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent -- non zero home address is
                required (Code 96)."
        REFERENCE
                "RFC2794 - Mobile IP Network Access Identifier
                Extension for IPv4"
        ::= { faRegistration 21 }

    faUnknownChallenge OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent -- challenge was unknown (code 104)."
        REFERENCE
                "RFC3012 - Mobile IPv4 Challenge/Response Extensions"
        ::= { faRegistration 22 }

    faMissingChallenge OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent -- challenge was missing (code 105)."
        REFERENCE
                "RFC3012 - Mobile IPv4 Challenge/Response Extensions"
        ::= { faRegistration 23 }

    faStaleChallenge OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent -- challenge was stale (code 106)."
        REFERENCE
                "RFC3012 - Mobile IPv4 Challenge/Response Extensions"
        ::= { faRegistration 24 }

    faCvsesFromMnUnsupported OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent --  Unsupported Vendor-ID or unable to
                interpret Vendor-CVSE-Type in the CVSE sent by the
                mobile node to the foreign agent (code 100)."
        REFERENCE
                "RFC3025 - Mobile IP Vendor/Organization-Specific
                Extensions"
        ::= { faRegistration 25 }

     faCvsesFromHaUnsupported OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Replies denied by
                foreign agent --  Unsupported Vendor-ID or unable to
                interpret Vendor-CVSE-Type in the CVSE sent by the
                home agent to the foreign agent (code 101)."
        REFERENCE
                "RFC3025 - Mobile IP Vendor/Organization-Specific
                Extensions"
        ::= { faRegistration 26 }

    faNvsesFromMnIgnored OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests which contained
                one or more NVSEs from the mobile node that were
                ignored by the foreign agent."
        REFERENCE
                "RFC3025 - Mobile IP Vendor/Organization-Specific
                Extensions"
        ::= { faRegistration 27 }
     faNvsesFromHaIgnored OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Replies which contained
                one or more NVSEs from the home agent that were
                ignored by the foreign agent."
        REFERENCE
                "RFC3025 - Mobile IP Vendor/Organization-Specific
                Extensions"
        ::= { faRegistration 28 }

    faRegVisitorCount OBJECT-TYPE
         SYNTAX      Gauge32
         MAX-ACCESS  read-only
         STATUS      current
         DESCRIPTION
                 "The current number of entries in faRegVisitorTable."
         ::= { faRegistration 29 }

    -- Foreign Agent Visitors List

    faRegVisitorTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF FaRegVisitorEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "A table containing the foreign agent's visitor list.
                The foreign agent updates this table in response to
                registration events from mobile nodes."
        ::= { faRegistration 30 }

    faRegVisitorEntry OBJECT-TYPE
        SYNTAX      FaRegVisitorEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "Information for one visitor."
        INDEX   { faRegVisitorIdType, faRegVisitorId }
        ::= { faRegVisitorTable 1 }

    FaRegVisitorEntry     ::= SEQUENCE {
        faRegVisitorIdType           MipEntityIdentifierType,
        faRegVisitorId               MipEntityIdentifier,
        faRegVisitorHomeAddress      IpAddress,
        faRegVisitorHomeAgentAddress IpAddress,
        faRegVisitorTimeGranted      Integer32,
        faRegVisitorTimeRemaining    Gauge32,
        faRegVisitorRegFlags         RegistrationFlags,
        faRegVisitorRegIDLow         Unsigned32,
        faRegVisitorRegIDHigh        Unsigned32,
        faRegVisitorRegIsAccepted    TruthValue,
        faRegVisitorDeliveryStyle    MipDeliveryStyle
        }

    faRegVisitorIdType  OBJECT-TYPE
         SYNTAX      MipEntityIdentifierType
         MAX-ACCESS  not-accessible
         STATUS      current
         DESCRIPTION
                 "The type of the visitor's identifier."
         ::= { faRegVisitorEntry 1 }

    faRegVisitorId  OBJECT-TYPE
         SYNTAX      MipEntityIdentifier
         MAX-ACCESS  not-accessible
         STATUS      current
         DESCRIPTION
                 "The identifier of the visitor."
         ::= { faRegVisitorEntry 2 }

    faRegVisitorHomeAddress OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Home (IP) address of visiting mobile node."
        ::= { faRegVisitorEntry 3 }

    faRegVisitorHomeAgentAddress OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Home agent IP address for that visiting mobile node."
        ::= { faRegVisitorEntry 4 }

    faRegVisitorTimeGranted OBJECT-TYPE
        SYNTAX      Integer32
        UNITS       "seconds"
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The lifetime in seconds granted to the mobile node
                for this registration.  Only valid if
                faRegVisitorRegIsAccepted is true(1)."
        ::= { faRegVisitorEntry 5 }

    faRegVisitorTimeRemaining OBJECT-TYPE
        SYNTAX      Gauge32
        UNITS       "seconds"
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The number of seconds remaining until the
                registration is expired.  It has the same initial value
                as faRegVisitorTimeGranted, and is counted down by the
                foreign agent."
        ::= { faRegVisitorEntry 6 }

    faRegVisitorRegFlags OBJECT-TYPE
        SYNTAX      RegistrationFlags
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Registration flags sent by mobile node."
        ::= { faRegVisitorEntry 7 }

    faRegVisitorRegIDLow OBJECT-TYPE
        SYNTAX      Unsigned32 (0..4294967295)
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Low 32 bits of Identification used in that
                registration by the mobile node."
        ::= { faRegVisitorEntry 8 }

    faRegVisitorRegIDHigh OBJECT-TYPE
        SYNTAX      Unsigned32 (0..4294967295)
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "High 32 bits of Identification used in that
                registration by the mobile node."
        ::= { faRegVisitorEntry 9 }

    faRegVisitorRegIsAccepted OBJECT-TYPE
        SYNTAX      TruthValue
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Whether the registration has been accepted or not.  If
                it is false(2), this registration is still pending for
                reply."
        ::= { faRegVisitorEntry 10 }
    faRegVisitorDeliveryStyle OBJECT-TYPE
        SYNTAX      MipDeliveryStyle
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Delivery style requested by the mobile node in its
                registration request."
        DEFVAL      { direct }
        ::= { faRegVisitorEntry 11 }

    -- Home Agent Group

    -- Home Agent Registration Group

    -- Home agent mobility binding list

    haMobilityBindingTable  OBJECT-TYPE
        SYNTAX      SEQUENCE OF HaMobilityBindingEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "A table containing the home agent's mobility binding
                list.  The home agent updates this table in response
                to registration events from mobile nodes."
        ::= { haRegistration 1 }

    haMobilityBindingEntry OBJECT-TYPE
        SYNTAX      HaMobilityBindingEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "An entry on the mobility binding list."
        INDEX   { haMobilityBindingMN, haMobilityBindingCOA }
        ::= { haMobilityBindingTable 1 }

    HaMobilityBindingEntry ::= SEQUENCE {
         haMobilityBindingMN            IpAddress,
         haMobilityBindingCOA           IpAddress,
         haMobilityBindingSourceAddress IpAddress,
         haMobilityBindingRegFlags      RegistrationFlags,
         haMobilityBindingRegIDLow      Unsigned32,
         haMobilityBindingRegIDHigh     Unsigned32,
         haMobilityBindingTimeGranted   Unsigned32,
         haMobilityBindingTimeRemaining Gauge32,
         haMobilityBindingMnIdType      MipEntityIdentifierType,
         haMobilityBindingMnId          MipEntityIdentifier
         }
    haMobilityBindingMN    OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Mobile node's home (IP) address."
        ::= { haMobilityBindingEntry 1 }

    haMobilityBindingCOA   OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Mobile node's care-of-address.  One mobile node can
                have multiple bindings with different
                care-of-addresses."
        ::= { haMobilityBindingEntry 2 }

    haMobilityBindingSourceAddress    OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "IP source address of the Registration Request as
                received by the home agent.  Will be either a mobile
                node's co-located care-of address or an address of the
                foreign agent."
        ::= { haMobilityBindingEntry 3 }

    haMobilityBindingRegFlags OBJECT-TYPE
        SYNTAX      RegistrationFlags
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Registration flags sent by mobile node."
        ::= { haMobilityBindingEntry 4 }

    haMobilityBindingRegIDLow OBJECT-TYPE
        SYNTAX      Unsigned32 (0..4294967295)
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Low 32 bits of Identification used in that binding by
                the mobile node."
        ::= { haMobilityBindingEntry 5 }

    haMobilityBindingRegIDHigh OBJECT-TYPE
        SYNTAX      Unsigned32 (0..4294967295)
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
               "High 32 bits of Identification used in that binding by
                the mobile node."
        ::= { haMobilityBindingEntry 6 }

    haMobilityBindingTimeGranted OBJECT-TYPE
        SYNTAX      Unsigned32
        UNITS       "seconds"
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The lifetime in seconds granted to the mobile node
                for this registration."
        ::= { haMobilityBindingEntry 7 }

    haMobilityBindingTimeRemaining OBJECT-TYPE
        SYNTAX      Gauge32
        UNITS       "seconds"
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The number of seconds remaining until the
                registration is expired.  It has the same initial value
                as haMobilityBindingTimeGranted, and is counted down
                by the home agent."
        ::= { haMobilityBindingEntry 8 }

    haMobilityBindingMnIdType OBJECT-TYPE
         SYNTAX      MipEntityIdentifierType
         MAX-ACCESS  read-only
         STATUS      current
         DESCRIPTION
                 "The type of the mobile node's identifier."
         ::= { haMobilityBindingEntry 9 }

    haMobilityBindingMnId OBJECT-TYPE
         SYNTAX      MipEntityIdentifier
         MAX-ACCESS  read-only
         STATUS      current
         DESCRIPTION
                 "The identifier of the mobile node."
         ::= { haMobilityBindingEntry 10 }

    -- Home Agent Registration Group Counters

    -- Home agent registration Counters for all mobile nodes.

    haRegistrationAccepted   OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests accepted by
                home agent (Code 0)."
        ::= { haRegistration 3 }

    haMultiBindingUnsupported OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests accepted by
                home agent -- simultaneous mobility bindings
                unsupported (Code 1)."
        ::= { haRegistration 4 }

    haReasonUnspecified   OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by home
                agent -- reason unspecified (Code 128)."
        ::= { haRegistration 5 }

    haAdmProhibited   OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by home
                agent -- administratively prohibited (Code 129)."
        ::= { haRegistration 6 }

    haInsufficientResource  OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by home
                agent -- insufficient resources (Code 130)."
        ::= { haRegistration 7 }

    haMNAuthenticationFailure OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by home
                agent -- mobile node failed authentication (Code
                131)."
        ::= { haRegistration 8 }

    haFAAuthenticationFailure OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by home
                agent -- foreign agent failed authentication (Code
                132)."
        ::= { haRegistration 9 }

    haIDMismatch OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by home
                agent -- Identification mismatch (Code 133)."
        ::= { haRegistration 10 }

    haPoorlyFormedRequest OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by home
                agent -- poorly formed request (Code 134)."
        ::= { haRegistration 11 }

    haTooManyBindings    OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by home
                agent -- too many simultaneous mobility bindings (Code
                135)."
        ::= { haRegistration 12 }

    haUnknownHA   OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by home
                agent -- unknown home agent address (Code 136)."
        ::= { haRegistration 13 }

    haGratuitiousARPsSent OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of gratuition ARPs sent by the home
                agent on behalf of mobile nodes."
        ::= { haRegistration 14 }

    haProxyARPsSent   OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of proxy ARPs sent by the home agent on
                behalf of mobile nodes."
        ::= { haRegistration 15 }

    haRegRequestsReceived OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests received by
                home agent."
        ::= { haRegistration 16 }

    haDeRegRequestsReceived OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests received by the
                home agent with a Lifetime of zero (requests to
                deregister)."
        ::= { haRegistration 17 }

    haRegRepliesSent  OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Replies sent by the home
                agent."
        ::= { haRegistration 18 }

    haDeRegRepliesSent OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Replies sent by the home
                agent in response to requests to deregister."
        ::= { haRegistration 19 }

    haReverseTunnelUnavailable OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                the home agent -- requested reverse tunnel
                unavailable (Code 137)."
        REFERENCE
                "RFC3024 - Reverse Tunneling for Mobile IP"
        ::= { haRegistration 20 }

    haReverseTunnelBitNotSet OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                the home agent -- reverse tunnel is mandatory and
                'T' bit not set (Code 138)."
        REFERENCE
                "RFC3024 - Reverse Tunneling for Mobile IP"
        ::= { haRegistration 21 }

    haEncapsulationUnavailable OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by
                the home agent -- requested encapsulation
                unavailable (Code 72)."
        REFERENCE
                "RFC3024 - Reverse Tunneling for Mobile IP"
       ::= { haRegistration 22 }

     haCvsesFromMnUnsupported OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by the
                home agent --  Unsupported Vendor-ID or unable to
                interpret Vendor-CVSE-Type in the CVSE sent by the
                mobile node to the home agent (code 140)."
        REFERENCE
                "RFC3025 - Mobile IP Vendor/Organization-Specific
                Extensions"
        ::= { haRegistration 23 }

     haCvsesFromFaUnsupported OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests denied by the
                home agent --  Unsupported Vendor-ID or unable to
                interpret Vendor-CVSE-Type in the CVSE sent by the
                foreign agent to the home agent (code 141)."
        REFERENCE
                "RFC3025 - Mobile IP Vendor/Organization-Specific
                Extensions"
        ::= { haRegistration 24 }

     haNvsesFromMnIgnored OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests which contained
                one or more NVSEs from the mobile node that were
                ignored by the home agent."
        REFERENCE
                "RFC3025 - Mobile IP Vendor/Organization-Specific
                Extensions"
        ::= { haRegistration 25 }

     haNvsesFromFaIgnored OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of Registration Requests which contained
                one or more NVSEs from the foreign agent that were
                ignored by the home agent."
        REFERENCE
                "RFC3025 - Mobile IP Vendor/Organization-Specific
                Extensions"
        ::= { haRegistration 26 }

    haRegMobilityBindingCount OBJECT-TYPE
        SYNTAX      Gauge32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The current number of entries in
                 haMobilityBindingTable."
        ::= { haRegistration 27 }

    -- Home agent registration Counters per node

    haRegCounterTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF HaRegCounterEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "A table containing registration statistics for all
                mobile nodes authorized to use this home agent."
        ::= { haRegistration 28 }

    haRegCounterEntry  OBJECT-TYPE
        SYNTAX      HaRegCounterEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "Registration statistics for one mobile node."
        INDEX   { haMobilityBindingMnIdType, haMobilityBindingMnId }
        ::= { haRegCounterTable 1 }

    HaRegCounterEntry      ::= SEQUENCE {
        haRegServiceRequestsAccepted   Counter32,
        haRegServiceRequestsDenied     Counter32,
        haRegOverallServiceTime        Gauge32,
        haRegRecentServiceAcceptedTime TimeStamp,
        haRegRecentServiceDeniedTime   TimeStamp,
        haRegRecentServiceDeniedCode   INTEGER
        }

    haRegServiceRequestsAccepted OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of service requests for the mobile node
                accepted by the home agent (Code 0 + Code 1)."
        ::= { haRegCounterEntry 1 }

    haRegServiceRequestsDenied   OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Total number of service requests for the mobile node
                denied by the home agent (sum of all registrations
                denied with Code 128 through Code 159)."
        ::= { haRegCounterEntry 2 }

    haRegOverallServiceTime   OBJECT-TYPE
        SYNTAX      Gauge32
        UNITS       "seconds"
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Overall service time (in seconds) that has
                accumulated for the mobile node since the home agent
                last rebooted."
        ::= { haRegCounterEntry 3 }

    haRegRecentServiceAcceptedTime  OBJECT-TYPE
        SYNTAX      TimeStamp
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The time at which the most recent Registration
                Request was accepted by the home agent for this mobile
                node."
        ::= { haRegCounterEntry 4 }

    haRegRecentServiceDeniedTime  OBJECT-TYPE
        SYNTAX      TimeStamp
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The time at which the most recent Registration
                Request was denied by the home agent for this mobile
                node."
        ::= { haRegCounterEntry 5 }

    haRegRecentServiceDeniedCode  OBJECT-TYPE
        SYNTAX      INTEGER {
                            reasonUnspecified(128),
                            admProhibited(129),
                            insufficientResource(130),
                            mnAuthenticationFailure(131),
                            faAuthenticationFailure(132),
                            idMismatch(133),
                            poorlyFormedRequest(134),
                            tooManyBindings(135),
                            unknownHA(136),
                            reverseTunnelUnavailable(137),
                            reverseTunnelBitNotSet(138),
                            encapsulationUnavailable(139),
                            mnCvseUnsupported(140),
                            faCvseUnsupported(141)
                    }
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "The Code indicating the reason why the most recent
                Registration Request for this mobile node was rejected
                by the home agent."
        ::= { haRegCounterEntry 6 }

    mipMIBNotificationPrefix    OBJECT IDENTIFIER ::= { mipMIB 2 }

    mipMIBNotifications  OBJECT IDENTIFIER ::=
                         { mipMIBNotificationPrefix 0 }

    mipAuthFailure2 NOTIFICATION-TYPE
        OBJECTS   {    mipSecurityRecentViolationSPI,
                       mipSecurityRecentViolationIDLow,
                       mipSecurityRecentViolationIDHigh,
                       mipSecurityRecentViolationReason
                  }
        STATUS    current
        DESCRIPTION
                "The mipAuthFailure2 indicates that the Mobile IP
                entity has an authentication failure when it validates
                the mobile Registration Request or Reply."
        ::= { mipMIBNotifications 2 }

    mipMIBConformance OBJECT IDENTIFIER ::= { mipMIB 3 }

    mipGroups     OBJECT IDENTIFIER ::= { mipMIBConformance 1 }
    mipCompliances    OBJECT IDENTIFIER ::= { mipMIBConformance 2 }

    -- compliance statements

    mipCompliance2    MODULE-COMPLIANCE
        STATUS    current
        DESCRIPTION
                "The compliance statement for SNMPv2 entities which
                implement the Mobile IP MIB."
        MODULE
            MANDATORY-GROUPS { mipSystemGroup }

            GROUP    mipSecAssociationGroup2
            DESCRIPTION
                "This group is mandatory for Mobile IP entities (MN,
                FA, and HA) which support security associations.
                Mobile Nodes and Home Agents must implement this
                group.  Foreign Agents must implement this group if
                they maintain any security associations."

            GROUP    mipSecViolationGroup2
            DESCRIPTION
                "This group is mandatory for Mobile IP entities (MN,
                FA, and HA) that can log security violations."

            GROUP     mnSystemGroup2
            DESCRIPTION
                "This group is mandatory for mobile node."

            GROUP     mnDiscoveryGroup
            DESCRIPTION
                "This group is mandatory for mobile nodes which
                implement the Agent Discovery function."

            GROUP     mnRegistrationGroup2
            DESCRIPTION
                "This group is mandatory for mobile nodes."

            GROUP    maAdvertisementGroup2
            DESCRIPTION
                "This group is mandatory for the mobility agents (HA
                and FA) since they must implement Agent
                Advertisement."

            GROUP     faSystemGroup
            DESCRIPTION
                "This group is mandatory for foreign agents."

            GROUP     faAdvertisementGroup2
            DESCRIPTION
                "This group is mandatory for foreign agents."

            GROUP     faRegistrationGroup2
            DESCRIPTION
                "This group is mandatory for foreign agents."

            GROUP    haRegistrationGroup2
            DESCRIPTION
                "This group is mandatory for home agents."

            GROUP    haRegNodeCountersGroup2
            DESCRIPTION
                "This group is mandatory for home agents which log
                registration counters for each individual mobile
                node."

            GROUP    mipSecNotificationsGroup2
            DESCRIPTION
                "This group is mandatory for Mobile IP entities (MN,
                FA, and HA) that can report the security violations."

       ::= { mipCompliances 2 }

    -- Units of conformance

    mipSystemGroup     OBJECT-GROUP
        OBJECTS    { mipEntities, mipEnable, mipEncapsulationSupported }
        STATUS     current
        DESCRIPTION
                "A collection of objects providing the basic Mobile IP
                entity's management information."
        ::= { mipGroups 1 }

    mnDiscoveryGroup    OBJECT-GROUP
        OBJECTS   { mnFAAddress, mnCOA, mnAdvSourceAddress,
                    mnAdvSequence, mnAdvFlags, mnAdvMaxRegLifetime,
                    mnAdvMaxAdvLifetime, mnAdvTimeReceived,
                    mnSolicitationsSent, mnAdvertisementsReceived,
                    mnAdvsDroppedInvalidExtension,
                    mnAdvsIgnoredUnknownExtension, mnMoveFromHAToFA,
                    mnMoveFromFAToFA, mnMoveFromFAToHA,
                    mnGratuitousARPsSend, mnAgentRebootsDectected }
        STATUS    current
        DESCRIPTION
                "A collection of objects providing management
                information for the Agent Discovery function within a
                mobile node."
        ::= { mipGroups 5 }

    faSystemGroup       OBJECT-GROUP
        OBJECTS   { faCOAStatus}
        STATUS    current
        DESCRIPTION
                "A collection of objects providing the basic
                management information for foreign agents."
        ::= { mipGroups 8 }
   mipSecAssociationGroup2    OBJECT-GROUP
        OBJECTS   { mipSecurityAlgorithmType, mipSecurityAlgorithmMode,
                    mipSecurityKey, mipSecurityReplayMethod,
                    mipSecurityReplayTime, mipSecurityStatus,
                    mipSecurityAssocsCount }
        STATUS    current
        DESCRIPTION
                "A collection of objects providing the management
                information for security associations of Mobile IP
                entities."
        ::= { mipGroups 14 }

    mipSecViolationGroup2    OBJECT-GROUP
        OBJECTS   { mipSecTotalViolations,
                    mipSecurityViolationCounter,
                    mipSecurityRecentViolationSPI,
                    mipSecurityRecentViolationTime,
                    mipSecurityRecentViolationIDLow,
                    mipSecurityRecentViolationIDHigh,
                    mipSecurityRecentViolationReason }
        STATUS    current
        DESCRIPTION
                "A collection of objects providing the management
                information for security violation logging of Mobile
                IP entities."
        ::= { mipGroups 15 }

    mnSystemGroup2    OBJECT-GROUP
        OBJECTS   { mnState, mnCurrentHA, mnHomeAddress,
                    mnHAStatus, mnIdentifierType, mnIdentifier }
        STATUS    current
        DESCRIPTION
                "A collection of objects providing the basic
                management information for mobile nodes."
        ::= { mipGroups 16 }

    mnRegistrationGroup2    OBJECT-GROUP
        OBJECTS   { mnRegAgentAddress, mnRegCOA, mnRegFlags, mnRegIDLow,
                    mnRegIDHigh, mnRegTimeRequested, mnRegTimeRemaining,
                    mnRegTimeSent, mnRegIsAccepted, mnCOAIsLocal,
                    mnRegDeliveryStyle, mnRegRequestsSent,
                    mnRegRepliesRecieved, mnDeRegRequestsSent,
                    mnDeRegRepliesRecieved,
                    mnRepliesInvalidHomeAddress, mnRepliesUnknownHA,
                    mnRepliesUnknownFA, mnRepliesInvalidID,
                    mnRepliesDroppedInvalidExtension,
                    mnRepliesIgnoredUnknownExtension,
                    mnRepliesHAAuthenticationFailure,
                    mnRepliesFAAuthenticationFailure,
                    mnRegRequestsAccepted, mnRegRequestsDeniedByHA,
                    mnRegRequestsDeniedByFA,
                    mnRegRequestsDeniedByHADueToID,
                    mnRegRequestsWithDirectedBroadcast }

        STATUS    current
        DESCRIPTION
                "A collection of objects providing management
                information for the registration function within a
                mobile node."
        ::= { mipGroups 17 }

    maAdvertisementGroup2    OBJECT-GROUP
        OBJECTS   { maAdvertMaxRegLifetime,
                    maAdvertPrefixLengthInclusion, maAdvertAddress,
                    maAdvertMaxInterval, maAdvertMinInterval,
                    maAdvertMaxAdvLifetime,
                    maAdvertResponseSolicitationOnly,
                    maAdvertService, maAdvertStatus,
                    maAdvertisementsSent,
                    maAdvsSentForSolicitation,
                    maSolicitationsReceived }
        STATUS    current
        DESCRIPTION
                "A collection of objects providing management
                information for the Agent Advertisement function
                within mobility agents."
        ::= { mipGroups 18 }

    faAdvertisementGroup2    OBJECT-GROUP
        OBJECTS   { faAdvertIsBusy, faAdvertRegRequired,
                    faAdvertChallengeWindow }
        STATUS      current
        DESCRIPTION
                "A collection of objects providing supplemental
                management information for the Agent Advertisement
                function within a foreign agent."
        ::= { mipGroups 19 }

    faRegistrationGroup2    OBJECT-GROUP
        OBJECTS   {  faRegVisitorCount, faRegVisitorHomeAddress,
                     faRegVisitorHomeAgentAddress,
                     faRegVisitorTimeGranted,
                     faRegVisitorTimeRemaining, faRegVisitorRegFlags,
                     faRegVisitorRegIDLow, faRegVisitorRegIDHigh,
                     faRegVisitorRegIsAccepted,
                     faRegVisitorDeliveryStyle, faRegRequestsReceived,
                     faRegRequestsRelayed, faReasonUnspecified,
                     faAdmProhibited, faInsufficientResource,
                     faMNAuthenticationFailure, faRegLifetimeTooLong,
                     faPoorlyFormedRequests,
                     faEncapsulationUnavailable,
                     faHAUnreachable, faRegRepliesRecieved,
                     faRegRepliesRelayed, faHAAuthenticationFailure,
                     faPoorlyFormedReplies,
                     faReverseTunnelUnavailable,
                     faReverseTunnelBitNotSet,
                     faMnTooDistant, faDeliveryStyleUnsupported,
                     faNonZeroHomeAddressRequired, faUnknownChallenge,
                     faMissingChallenge, faStaleChallenge,
                     faCvsesFromMnUnsupported, faCvsesFromHaUnsupported,
                     faNvsesFromMnIgnored, faNvsesFromHaIgnored }
        STATUS    current
        DESCRIPTION
                "A collection of objects providing management
                information for the registration function within a
                foreign agent."
        ::= { mipGroups 20 }

    haRegistrationGroup2    OBJECT-GROUP
        OBJECTS   { haMobilityBindingMN, haMobilityBindingCOA,
                    haMobilityBindingSourceAddress,
                    haMobilityBindingRegFlags,
                    haMobilityBindingRegIDLow,
                    haMobilityBindingRegIDHigh,
                    haMobilityBindingTimeGranted,
                    haMobilityBindingTimeRemaining,
                    haMobilityBindingMnIdType, haMobilityBindingMnId,
                    haRegistrationAccepted, haMultiBindingUnsupported,
                    haReasonUnspecified, haAdmProhibited,
                    haInsufficientResource, haMNAuthenticationFailure,
                    haFAAuthenticationFailure, haIDMismatch,
                    haPoorlyFormedRequest, haTooManyBindings,
                    haUnknownHA, haGratuitiousARPsSent,
                    haProxyARPsSent, haRegRequestsReceived,
                    haDeRegRequestsReceived, haRegRepliesSent,
                    haDeRegRepliesSent, haReverseTunnelUnavailable,
                    haReverseTunnelBitNotSet,
                    haEncapsulationUnavailable, haCvsesFromMnUnsupported,
                    haCvsesFromFaUnsupported,  haRegMobilityBindingCount,
                    haNvsesFromMnIgnored, haNvsesFromFaIgnored }
        STATUS    current
        DESCRIPTION
                "A collection of objects providing management
                information for the registration function within a
                home agent."
        ::= { mipGroups 21 }
    haRegNodeCountersGroup2  OBJECT-GROUP
        OBJECTS   { haRegServiceRequestsAccepted,
                    haRegServiceRequestsDenied,
                    haRegOverallServiceTime,
                    haRegRecentServiceAcceptedTime,
                    haRegRecentServiceDeniedTime,
                    haRegRecentServiceDeniedCode }
        STATUS      current
        DESCRIPTION
                "A collection of objects providing management
                information for counters related to the registration
                function within a home agent."
        ::= { mipGroups 22 }

    mipSecNotificationsGroup2 NOTIFICATION-GROUP
        NOTIFICATIONS { mipAuthFailure2 }
        STATUS      current
        DESCRIPTION
                "The notification related to security violations."
        ::= { mipGroups 23 }

    -- Deprecated Definitions

    -- Deprecated objects

    -- Security group specific deprecated objects

    mipSecAssocTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF MipSecAssocEntry
        MAX-ACCESS  not-accessible
        STATUS      deprecated
        DESCRIPTION
                "A table containing Mobility Security Associations."
        ::= { mipSecurity 1 }

    mipSecAssocEntry OBJECT-TYPE
        SYNTAX      MipSecAssocEntry
        MAX-ACCESS  not-accessible
        STATUS      deprecated
        DESCRIPTION
                "One particular Mobility Security Association."
        INDEX   { mipSecPeerAddress, mipSecSPI }
        ::= { mipSecAssocTable 1 }

    MipSecAssocEntry ::=
        SEQUENCE {
            mipSecPeerAddress   IpAddress,
            mipSecSPI           Unsigned32,
            mipSecAlgorithmType INTEGER,
            mipSecAlgorithmMode INTEGER,
            mipSecKey           OCTET STRING,
            mipSecReplayMethod  INTEGER
        }

    mipSecPeerAddress  OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  not-accessible
        STATUS      deprecated
        DESCRIPTION
                "The IP address of the peer entity with which this
                node shares the mobility security association."
        ::= { mipSecAssocEntry 1 }

    mipSecSPI OBJECT-TYPE
        SYNTAX      Unsigned32 (0..4294967295)
        MAX-ACCESS  not-accessible
        STATUS      deprecated
        DESCRIPTION
                "The SPI is the 4-byte opaque index within the
                Mobility Security Association which selects the
                specific security parameters to be used to
                authenticate the peer, i.e. the rest of the variables
                in this MipSecAssocEntry."
        ::= { mipSecAssocEntry 2 }

    mipSecAlgorithmType OBJECT-TYPE
        SYNTAX      INTEGER {
                            other(1),
                            md5(2)
                    }
        MAX-ACCESS  read-create
        STATUS      deprecated
        DESCRIPTION
                "Type of security algorithm."
        ::= { mipSecAssocEntry 3 }

    mipSecAlgorithmMode OBJECT-TYPE
        SYNTAX      INTEGER {
                            other(1),
                            prefixSuffix(2)
                    }
        MAX-ACCESS  read-create

        STATUS      deprecated
        DESCRIPTION
                "Security mode used by this algorithm."
        ::= { mipSecAssocEntry 4 }

    mipSecKey  OBJECT-TYPE
        SYNTAX      OCTET STRING (SIZE(16))
        MAX-ACCESS  read-create
        STATUS      deprecated
        DESCRIPTION
                "The shared secret key for the security
                associations.  Reading this object will always return
                zero length value."
        ::= { mipSecAssocEntry 5 }

    mipSecReplayMethod OBJECT-TYPE
        SYNTAX      INTEGER {
                             other(1),
                             timestamps(2),
                             nonces(3)
                    }
        MAX-ACCESS  read-create
        STATUS      deprecated
        DESCRIPTION
                "The replay-protection method supported for this SPI
                within this Mobility Security Association."
        ::= { mipSecAssocEntry 6 }

    -- Mobile IP security violation table

    mipSecViolationTable  OBJECT-TYPE
        SYNTAX      SEQUENCE OF MipSecViolationEntry
        MAX-ACCESS  not-accessible
        STATUS      deprecated
        DESCRIPTION
                "A table containing information about security
                violations."
        ::= { mipSecurity 3 }

    mipSecViolationEntry  OBJECT-TYPE
        SYNTAX      MipSecViolationEntry
        MAX-ACCESS  not-accessible
        STATUS      deprecated
        DESCRIPTION
                "Information about one particular security violation."
        INDEX   { mipSecViolatorAddress }
        ::= { mipSecViolationTable 1 }

    MipSecViolationEntry ::=
        SEQUENCE {
            mipSecViolatorAddress       IpAddress,
            mipSecViolationCounter      Counter32,
            mipSecRecentViolationSPI    Integer32,
            mipSecRecentViolationTime   TimeStamp,
            mipSecRecentViolationIDLow  Integer32,
            mipSecRecentViolationIDHigh Integer32,
            mipSecRecentViolationReason INTEGER
        }

    mipSecViolatorAddress  OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  accessible-for-notify
        STATUS      deprecated
        DESCRIPTION
                "Violator's IP address.  The violator is not necessary
                in the mipSecAssocTable."
        ::= { mipSecViolationEntry 1 }

    mipSecViolationCounter OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "Total number of security violations for this peer."
        ::= { mipSecViolationEntry 2 }

    mipSecRecentViolationSPI  OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "SPI of the most recent security violation for this
                peer.  If the security violation is due to an
                identification mismatch, then this is the SPI from the
                Mobile-Home Authentication Extension.  If the security
                violation is due to an invalid authenticator, then
                this is the SPI from the offending authentication
                extension.  In all other cases, it should be set to
                zero."
        ::= { mipSecViolationEntry 3 }

    mipSecRecentViolationTime OBJECT-TYPE
        SYNTAX      TimeStamp
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "Time of the most recent security violation for this
                peer."
        ::= { mipSecViolationEntry 4 }

    mipSecRecentViolationIDLow  OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
               "Low-order 32 bits of identification used in request or
                reply of the most recent security violation for this
                peer."
        ::= { mipSecViolationEntry 5 }

    mipSecRecentViolationIDHigh  OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "High-order 32 bits of identification used in request
                or reply of the most recent security violation for
                this peer."
        ::= { mipSecViolationEntry 6 }

    mipSecRecentViolationReason   OBJECT-TYPE
        SYNTAX      INTEGER {
                            noMobilitySecurityAssociation(1),
                            badAuthenticator(2),
                            badIdentifier(3),
                            badSPI(4),
                            missingSecurityExtension(5),
                            other(6)
                    }
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "Reason for the most recent security violation for
                this peer."
        ::= { mipSecViolationEntry 7 }

    -- Mobility agent advertisement specific deprecated objects

    -- Mobility agent advertisement configuration table

    maAdvConfigTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF MaAdvConfigEntry
        MAX-ACCESS  not-accessible
        STATUS      deprecated
        DESCRIPTION
                "A table containing configurable advertisement
                parameters for all advertisement interfaces in
                the mobility agent."
        ::= { maAdvertisement 1 }

    maAdvConfigEntry OBJECT-TYPE
        SYNTAX      MaAdvConfigEntry
        MAX-ACCESS  not-accessible
        STATUS      deprecated
        DESCRIPTION
                "Advertisement parameters for one advertisement
                interface."
        INDEX   { maInterfaceAddress }
        ::= { maAdvConfigTable 1 }

    MaAdvConfigEntry    ::= SEQUENCE {
          maInterfaceAddress            IpAddress,
          maAdvMaxRegLifetime           Integer32,
          maAdvPrefixLengthInclusion    TruthValue,
          maAdvAddress                  IpAddress,
          maAdvMaxInterval              Integer32,
          maAdvMinInterval              Integer32,
          maAdvMaxAdvLifetime           Integer32,
          maAdvResponseSolicitationOnly TruthValue,
          maAdvStatus RowStatus
        }

    maInterfaceAddress OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  not-accessible
        STATUS      deprecated
        DESCRIPTION
                "IP address for advertisement interface."
        ::= { maAdvConfigEntry 1 }

    maAdvMaxRegLifetime OBJECT-TYPE
        SYNTAX      Integer32 (0..65535)
        UNITS       "seconds"
        MAX-ACCESS  read-create
        STATUS      deprecated
        DESCRIPTION
                "The longest lifetime in seconds that mobility agent
                is willing to accept in any Registration Request."
        ::= { maAdvConfigEntry 2 }

    maAdvPrefixLengthInclusion OBJECT-TYPE
        SYNTAX      TruthValue
        MAX-ACCESS  read-create
        STATUS      deprecated
        DESCRIPTION
                "Whether the advertisement should include the Prefix-
                Lengths Extension.  If it is true, all advertisements
                sent over this interface should include the
                Prefix-Lengths Extension."
        ::= { maAdvConfigEntry 3 }

    maAdvAddress OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-create
        STATUS      deprecated
        DESCRIPTION
                "The IP destination address to be used for
                advertisements sent from the interface.  The only
                permissible values are the all-systems multicast
                address (224.0.0.1) or the limited-broadcast address
                (255.255.255.255)."
        REFERENCE
                "AdvertisementAddress in RFC1256."
        ::= { maAdvConfigEntry 4 }

    maAdvMaxInterval OBJECT-TYPE
        SYNTAX      Integer32 (4..1800)
        UNITS       "seconds"
        MAX-ACCESS  read-create
        STATUS      deprecated
        DESCRIPTION
                "The maximum time in seconds between successive
                transmissions of Agent Advertisements from this
                interface."
        REFERENCE
                "MaxAdvertisementInterval in RFC1256."
        ::= { maAdvConfigEntry 5 }

    maAdvMinInterval OBJECT-TYPE
        SYNTAX      Integer32 (3..1800)
        UNITS       "seconds"
        MAX-ACCESS  read-create
        STATUS      deprecated
        DESCRIPTION
                "The minimum time in seconds between successive
                transmissions of Agent Advertisements from this
                interface."
        REFERENCE
                "MinAdvertisementInterval in RFC1256."
        ::= { maAdvConfigEntry 6 }
    maAdvMaxAdvLifetime OBJECT-TYPE
        SYNTAX      Integer32 (4..9000)
        UNITS       "seconds"
        MAX-ACCESS  read-create
        STATUS      deprecated
        DESCRIPTION
                "The time (in seconds) to be placed in the Lifetime
                field of the RFC 1256-portion of the Agent
                Advertisements sent over this interface."
        REFERENCE
                "AdvertisementLifetime in RFC1256."
        ::= { maAdvConfigEntry 7 }

    maAdvResponseSolicitationOnly OBJECT-TYPE
        SYNTAX      TruthValue
        MAX-ACCESS  read-create
        STATUS      deprecated
        DESCRIPTION
                "The flag indicates whether the advertisement from
                that interface should be sent only in response to an
                Agent Solicitation message."
        DEFVAL      { false }
        ::= { maAdvConfigEntry 8 }

    maAdvStatus OBJECT-TYPE
        SYNTAX      RowStatus
        MAX-ACCESS  read-create
        STATUS      deprecated
        DESCRIPTION
                "The row status for the agent advertisement table.  If
                this column status is 'active', the manager should not
                change any column in the row."
        ::= { maAdvConfigEntry 9 }

    -- Foreign agent specific deprecated objects

    faIsBusy OBJECT-TYPE
        SYNTAX      TruthValue
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "Whether or not the foreign agent is too busy to
                accept additional registrations.  If true(1), the agent
                is busy and any Agent advertisements sent from this
                agent should have the 'B' bit set to 1."
        ::= { faAdvertisement 1 }
    faRegistrationRequired OBJECT-TYPE
        SYNTAX      TruthValue
        MAX-ACCESS  read-write
        STATUS      deprecated
        DESCRIPTION
                "Whether or not this foreign agent requires
                registration even from those mobile nodes that have
                acquired their own, colocated care-of address.  If
                true(1), registration is required and any Agent
                Advertisements sent from this agent should have the
                'R' bit set to 1."
        ::= { faAdvertisement 2 }

    -- Foreign Agent Visitors List

    faVisitorTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF FaVisitorEntry
        MAX-ACCESS  not-accessible
        STATUS      deprecated
        DESCRIPTION
                "A table containing the foreign agent's visitor list.
                The foreign agent updates this table in response to
                registration events from mobile nodes."
        ::= { faRegistration 1 }

    faVisitorEntry OBJECT-TYPE
        SYNTAX      FaVisitorEntry
        MAX-ACCESS  not-accessible
        STATUS      deprecated
        DESCRIPTION
                "Information for one visitor."
        INDEX   { faVisitorIPAddress }
        ::= { faVisitorTable 1 }

    FaVisitorEntry     ::= SEQUENCE {
        faVisitorIPAddress        IpAddress,
        faVisitorHomeAddress      IpAddress,
        faVisitorHomeAgentAddress IpAddress,
        faVisitorTimeGranted      Integer32,
        faVisitorTimeRemaining    Gauge32,
        faVisitorRegFlags         RegistrationFlags,
        faVisitorRegIDLow         Integer32,
        faVisitorRegIDHigh        Integer32,
        faVisitorRegIsAccepted    TruthValue
        }

    faVisitorIPAddress OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "Source IP address of visitor's Registration Request."
        ::= { faVisitorEntry 1 }

    faVisitorHomeAddress OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "Home (IP) address of visiting mobile node."
        ::= { faVisitorEntry 2 }

    faVisitorHomeAgentAddress OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "Home agent IP address for that visiting mobile node."
        ::= { faVisitorEntry 3 }

    faVisitorTimeGranted OBJECT-TYPE
        SYNTAX      Integer32
        UNITS       "seconds"
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "The lifetime in seconds granted to the mobile node
                for this registration.  Only valid if
                faVisitorRegIsAccepted is true(1)."
        ::= { faVisitorEntry 4 }

    faVisitorTimeRemaining OBJECT-TYPE
        SYNTAX      Gauge32
        UNITS       "seconds"
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "The number of seconds remaining until the
                registration is expired.  It has the same initial value
                as faVisitorTimeGranted, and is counted down by the
                foreign agent."
        ::= { faVisitorEntry 5 }

    faVisitorRegFlags OBJECT-TYPE
        SYNTAX      RegistrationFlags
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "Registration flags sent by mobile node."
        ::= { faVisitorEntry 6 }

    faVisitorRegIDLow OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "Low 32 bits of Identification used in that
                registration by the mobile node."
        ::= { faVisitorEntry 7 }

    faVisitorRegIDHigh OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "High 32 bits of Identification used in that
                registration by the mobile node."
        ::= { faVisitorEntry 8 }

    faVisitorRegIsAccepted OBJECT-TYPE
        SYNTAX      TruthValue
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "Whether the registration has been accepted or not.  If
                it is false(2), this registration is still pending for
                reply."
        ::= { faVisitorEntry 9 }

    faVJCompressionUnavailable OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "Total number of Registration Requests denied by
                foreign agent -- requested Van Jacobson header
                compression unavailable (Code 73)."
        ::= { faRegistration 11 }

    -- Home agent specific deprecated objects

    -- Home agent registration Counters per node

    haCounterTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF HaCounterEntry
        MAX-ACCESS  not-accessible
        STATUS      deprecated
        DESCRIPTION
                "A table containing registration statistics for all
                mobile nodes authorized to use this home agent."
        ::= { haRegistration 2 }

    haCounterEntry  OBJECT-TYPE
        SYNTAX      HaCounterEntry
        MAX-ACCESS  not-accessible
        STATUS      deprecated
        DESCRIPTION
                "Registration statistics for one mobile node."
        INDEX   { haMobilityBindingMN }
        ::= { haCounterTable 1 }

    HaCounterEntry      ::= SEQUENCE {
        haServiceRequestsAccepted   Counter32,
        haServiceRequestsDenied     Counter32,
        haOverallServiceTime        Gauge32,
        haRecentServiceAcceptedTime TimeStamp,
        haRecentServiceDeniedTime   TimeStamp,
        haRecentServiceDeniedCode   INTEGER
        }

    haServiceRequestsAccepted OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "Total number of service requests for the mobile node
                accepted by the home agent (Code 0 + Code 1)."
        ::= { haCounterEntry 2 }

    haServiceRequestsDenied   OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "Total number of service requests for the mobile node
                denied by the home agent (sum of all registrations
                denied with Code 128 through Code 159)."
        ::= { haCounterEntry 3 }

    haOverallServiceTime   OBJECT-TYPE
        SYNTAX      Gauge32
        UNITS       "seconds"
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "Overall service time (in seconds) that has
                accumulated for the mobile node since the home agent
                last rebooted."
        ::= { haCounterEntry 4 }

    haRecentServiceAcceptedTime  OBJECT-TYPE
        SYNTAX      TimeStamp
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "The time at which the most recent Registration
                Request was accepted by the home agent for this mobile
                node."
        ::= { haCounterEntry 5 }

    haRecentServiceDeniedTime  OBJECT-TYPE
        SYNTAX      TimeStamp
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "The time at which the most recent Registration
                Request was denied by the home agent for this mobile
                node."
        ::= { haCounterEntry 6 }

    haRecentServiceDeniedCode  OBJECT-TYPE
        SYNTAX      INTEGER {
                            reasonUnspecified(128),
                            admProhibited(129),
                            insufficientResource(130),
                            mnAuthenticationFailure(131),
                            faAuthenticationFailure(132),
                            idMismatch(133),
                            poorlyFormedRequest(134),
                            tooManyBindings(135),
                            unknownHA(136)
                    }
        MAX-ACCESS  read-only
        STATUS      deprecated
        DESCRIPTION
                "The Code indicating the reason why the most recent
                Registration Request for this mobile node was rejected
                by the home agent."
        ::= { haCounterEntry 7 }
    --  deprecated traps

    mipAuthFailure NOTIFICATION-TYPE
        OBJECTS   {    mipSecViolatorAddress,
                       mipSecRecentViolationSPI,
                       mipSecRecentViolationIDLow,
                       mipSecRecentViolationIDHigh,
                       mipSecRecentViolationReason
                  }

        STATUS    deprecated
        DESCRIPTION
                "The mipAuthFailure indicates that the Mobile IP
                entity has an authentication failure when it validates
                the mobile Registration Request or Reply.
                Implementation of this trap is optional."
        ::= { mipMIBNotifications 1 }

    -- deprecated compliance statement

    mipCompliance    MODULE-COMPLIANCE
        STATUS    deprecated
        DESCRIPTION
                "The compliance statement for SNMPv2 entities which
                implement the Mobile IP MIB."
        MODULE
            MANDATORY-GROUPS { mipSystemGroup }

            GROUP    mipSecAssociationGroup
            DESCRIPTION
                "This group is mandatory for Mobile IP entities (MN,
                FA, and HA) which support security associations.
                Mobile Nodes and Home Agents must implement this
                group.  Foreign Agents must implement this group if
                they maintain any security associations."

            GROUP    mipSecViolationGroup
            DESCRIPTION
                "This group is mandatory for Mobile IP entities (MN,
                FA, and HA) that can log security violations."

            GROUP     mnSystemGroup
            DESCRIPTION
                "This group is mandatory for mobile node."

            GROUP     mnDiscoveryGroup
            DESCRIPTION
                "This group is mandatory for mobile nodes which
                implement the Agent Discovery function."

            GROUP     mnRegistrationGroup
            DESCRIPTION
                "This group is mandatory for mobile nodes."

            GROUP    maAdvertisementGroup
            DESCRIPTION
                "This group is mandatory for the mobility agents (HA
                and FA) since they must implement Agent
                Advertisement."

            GROUP     faSystemGroup
            DESCRIPTION
                "This group is mandatory for foreign agents."

            GROUP     faAdvertisementGroup
            DESCRIPTION
                "This group is mandatory for foreign agents."

            GROUP     faRegistrationGroup
            DESCRIPTION
                "This group is mandatory for foreign agents."
            GROUP    haRegistrationGroup
            DESCRIPTION
                "This group is mandatory for home agents."

            GROUP    haRegNodeCountersGroup
            DESCRIPTION
                "This group is mandatory for home agents which log
                registration counters for each individual mobile
                node."

            GROUP    mipSecNotificationsGroup
            DESCRIPTION
                "This group is mandatory for Mobile IP entities (MN,
                FA, and HA) that can report the security violations."

       ::= { mipCompliances 1 }

    -- Deprecated groups

    mipSecAssociationGroup OBJECT-GROUP
        OBJECTS   { mipSecAlgorithmType, mipSecAlgorithmMode,
                    mipSecKey, mipSecReplayMethod }
        STATUS    deprecated
        DESCRIPTION
                "A collection of objects providing the management
                information for security associations of Mobile IP
                entities."
        ::= { mipGroups 2 }

    mipSecViolationGroup     OBJECT-GROUP
        OBJECTS   { mipSecTotalViolations,
                    mipSecViolationCounter, mipSecRecentViolationSPI,
                    mipSecRecentViolationTime,
                    mipSecRecentViolationIDLow,
                    mipSecRecentViolationIDHigh,
                    mipSecRecentViolationReason }
        STATUS    deprecated
        DESCRIPTION
                "A collection of objects providing the management
                information for security violation logging of Mobile
                IP entities."
        ::= { mipGroups 3 }

    mnSystemGroup    OBJECT-GROUP
        OBJECTS   { mnState, mnCurrentHA, mnHomeAddress,
                    mnHAStatus }
        STATUS    deprecated
        DESCRIPTION
                "A collection of objects providing the basic
                management information for mobile nodes."
        ::= { mipGroups 4 }

    mnRegistrationGroup    OBJECT-GROUP
        OBJECTS   { mnRegAgentAddress, mnRegCOA, mnRegFlags, mnRegIDLow,
                    mnRegIDHigh, mnRegTimeRequested, mnRegTimeRemaining,
                    mnRegTimeSent, mnRegIsAccepted, mnCOAIsLocal,
                    mnRegRequestsSent, mnRegRepliesRecieved,
                    mnDeRegRequestsSent, mnDeRegRepliesRecieved,
                    mnRepliesInvalidHomeAddress, mnRepliesUnknownHA,
                    mnRepliesUnknownFA, mnRepliesInvalidID,
                    mnRepliesDroppedInvalidExtension,
                    mnRepliesIgnoredUnknownExtension,
                    mnRepliesHAAuthenticationFailure,
                    mnRepliesFAAuthenticationFailure,
                    mnRegRequestsAccepted, mnRegRequestsDeniedByHA,
                    mnRegRequestsDeniedByFA,
                    mnRegRequestsDeniedByHADueToID,
                    mnRegRequestsWithDirectedBroadcast }
        STATUS    deprecated
        DESCRIPTION
                "A collection of objects providing management
                information for the registration function within a
                mobile node."
        ::= { mipGroups 6 }

    maAdvertisementGroup    OBJECT-GROUP
        OBJECTS   { maAdvMaxRegLifetime,
                    maAdvPrefixLengthInclusion, maAdvAddress,
                    maAdvMaxInterval, maAdvMinInterval,
                    maAdvMaxAdvLifetime,
                    maAdvResponseSolicitationOnly, maAdvStatus,
                    maAdvertisementsSent, maAdvsSentForSolicitation,
                    maSolicitationsReceived }
        STATUS    deprecated
        DESCRIPTION
                "A collection of objects providing management
                information for the Agent Advertisement function
                within mobility agents."
        ::= { mipGroups 7 }

    faAdvertisementGroup OBJECT-GROUP
        OBJECTS   { faIsBusy, faRegistrationRequired }
        STATUS    deprecated
        DESCRIPTION
                "A collection of objects providing supplemental
                management information for the Agent Advertisement
                function within a foreign agent."
        ::= { mipGroups 9 }

    faRegistrationGroup    OBJECT-GROUP
        OBJECTS   {  faVisitorIPAddress, faVisitorHomeAddress,
                     faVisitorHomeAgentAddress, faVisitorTimeGranted,
                     faVisitorTimeRemaining, faVisitorRegFlags,
                     faVisitorRegIDLow, faVisitorRegIDHigh,
                     faVisitorRegIsAccepted, faRegRequestsReceived,
                     faRegRequestsRelayed, faReasonUnspecified,
                     faAdmProhibited, faInsufficientResource,
                     faMNAuthenticationFailure, faRegLifetimeTooLong,
                     faPoorlyFormedRequests,
                     faEncapsulationUnavailable,
                     faVJCompressionUnavailable, faHAUnreachable,
                     faRegRepliesRecieved, faRegRepliesRelayed,
                     faHAAuthenticationFailure, faPoorlyFormedReplies }
        STATUS    deprecated
        DESCRIPTION
                "A collection of objects providing management
                information for the registration function within a
                foreign agent."
        ::= { mipGroups 10 }

    haRegistrationGroup    OBJECT-GROUP
        OBJECTS   { haMobilityBindingMN, haMobilityBindingCOA,
                    haMobilityBindingSourceAddress,
                    haMobilityBindingRegFlags,
                    haMobilityBindingRegIDLow,
                    haMobilityBindingRegIDHigh,
                    haMobilityBindingTimeGranted,
                    haMobilityBindingTimeRemaining,
                    haRegistrationAccepted, haMultiBindingUnsupported,
                    haReasonUnspecified, haAdmProhibited,
                    haInsufficientResource, haMNAuthenticationFailure,
                    haFAAuthenticationFailure, haIDMismatch,
                    haPoorlyFormedRequest, haTooManyBindings,
                    haUnknownHA, haGratuitiousARPsSent,
                    haProxyARPsSent, haRegRequestsReceived,
                    haDeRegRequestsReceived, haRegRepliesSent,
                    haDeRegRepliesSent }
        STATUS    deprecated
        DESCRIPTION
                "A collection of objects providing management
                information for the registration function within a
                home agent."
        ::= { mipGroups 11 }

    haRegNodeCountersGroup  OBJECT-GROUP
        OBJECTS   { haServiceRequestsAccepted,
                    haServiceRequestsDenied, haOverallServiceTime,
                    haRecentServiceAcceptedTime,
                    haRecentServiceDeniedTime,
                    haRecentServiceDeniedCode }
        STATUS    deprecated
        DESCRIPTION
                "A collection of objects providing management
                information for counters related to the registration
                function within a home agent."
        ::= { mipGroups 12 }

    mipSecNotificationsGroup NOTIFICATION-GROUP
        NOTIFICATIONS { mipAuthFailure }
        STATUS      deprecated
        DESCRIPTION
                "The notification related to security violations."
        ::= { mipGroups 13 }

END

5.  Acknowledgments

   The origin of this document is from RFC 2006 "The Definitions of Man-
   aged Objects for IP Mobility Support using SMIv2" written by D. Cong,
   M. Hamlen and  C. Perkins. The editor wishes to acknowledge the good
   work of these original authors.  Thanks to Roy Jose, Rudreshwar N,
   Basavaraj Patil, and Sri Gundavelli for their useful comments and
   contributions.

6.  Security Considerations

   There are a number of management objects defined in this MIB that
   have a MAX-ACCESS clause of read-write and/or read-create.  Such
   objects may be considered sensitive or vulnerable in some network
   environments.  The support for SET operations in a non-secure envi-
   ronment without proper protection can have a negative effect on net-
   work operations.

   The Mobile IP MIB affords the network operator the ability to config-
   ure and control the Mobile IP links of a particular system, including
   the Mobile IP authentication protocols, and shared secret key.  This
   represents a security risk.

   These risks are addressed in the following manners:

   (1)  All variables which represent a significant security risk are
        placed in separate MIB Groups.  By providing Agent Capability
        Statements, the implementor of the MIB may elect not to imple-
        ment these groups.

   (2)  The MIB allows the manager station to create the security asso-
        ciation for Mobile IP entities.  However, the agent should
        always return 0 length octet string when the manager station
        retrieves the shared security key in the mipSecAssocTable.  In
        this way, the Mobile IP entities can prevent the key leaking
        from SNMP GET, GET-NEXT, or GET-BULK requests.

   (3)  The MIB defines a trap for Mobile IP entities to send a notifi-
        cation to the manager station if there is a security violation.
        In this way, the operator can notice the source of an intruder.

   (4)  The MIB also defines a table to log the security violations in
        the Mobile IP entities.  The manager station can retrieve this
        log to analyze the security violation instances in the system.

   Thus, in order to preserve the integrity, security and privacy of the
   Mobile IP security features, an implementation SHOULD allow access to
   this MIB only via SNMPv3.

   SNMPv1 by itself is not a secure environment.  Even if the network
   itself is secure (for example by using IPSec), even then, there is no
   control as to who on the secure network is allowed to access and
   GET/SET (read/change/create/delete) the objects in this MIB.

   It is recommended that the implementers consider the security fea-
   tures as provided by the SNMPv3 framework.  Specifically, the use of
   the User-based Security Model RFC 2574 [8] and the View-based Access
   Control Model RFC 2575 [9] is recommended.

   It is then a customer/user responsibility to ensure that the SNMP
   entity giving access to an instance of this MIB, is properly
   configured to give access to the objects only to those principals
   (users) that have legitimate rights to indeed GET or SET (change/cre-
   ate/delete) them.

7.  References

   [1]  McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,
        M., and S. Waldbusser, "Structure of Management Information Ver-
   [2]  Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for
   [3]  McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,
        M., and S. Waldbusser, "Textual Conventions for SMIv2", STD 58,
   [4]  McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,
        M., and S. Waldbusser, "Conformance Statements for SMIv2", STD
   [5]  McCloghrie, K., and M. Rose, Editors, "Management Information
        Base for Network Management of TCP/IP-based internets: MIB-II",
        STD 17, RFC 1213, March 1991.

   [6]  Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Net-
        work Management Protocol", STD 15, RFC 1157, May 1990.

   [7]  SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S.
        Waldbusser, "Protocol Operations for version 2 of the Simple
        Network Management Protocol (SNMPv2)", RFC 1905, January 1996.

   [8]  Blumenthal U., "User-based Security Model (USM) for version 3 of
        the Simple Network Management Protocol (SNMPv3)", RFC 2574,
        April 1999.

   [9]  Wijnen, B., Presuhn, R., and K.  McCloghrie, "View-based Access
        Control Model (VACM) for  the  Simple  Network Management Proto-
   [10] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction
        to Version 3 of the Internet-standard Network Management Frame-
   [11] Rose, M., and K. McCloghrie, "Structure and Identification of
        Management Information for TCP/IP-based Internets", STD 16, RFC
        1155, May 1990.

   [12] Rose, M., and K. McCloghrie, "Concise MIB Definitions", STD 16,
        RFC 1212, March 1991.

   [13] M. Rose, "A Convention for Defining Traps for use with the
        SNMP", RFC 1215, March 1991.

   [14] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Intro-
        duction to Community-based SNMPv2", RFC 1901, January 1996.

   [15] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Trans-
        port Mappings for Version 2 of the Simple Network Management
        Protocol (SNMPv2)", RFC 1906, January 1996.

   [16] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message
        Processing and Dispatching for the Simple Network Management
        Protocol (SNMP)", RFC 2572, April 1999.

   [17] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC
        2573, April 1999.

   [18] Solomon J., "Mobile IP Protocol Applicability Statement", RFC
        2005, October 1996.

   [19] Perkins C., "IP Mobility Support", RFC 2002, Octoer 1996.

   [20] Cong, D., Hamlen, M., and Perkins, C., "The Definitions of Man-
        aged Objects for IP Mobility Support using SMIv2", RFC 2006,
        October 1996.

   [21] Calhoun, P., and Perkins, C., "Mobile IP Network Access Identi-
        fier Extension for IPv4",  RFC 2794, January 2000.

   [22] Calhoun, P., and Perkins, C., "Mobile IPv4 Challenge/Response
        Extension", RFC 3012, November 2000.

   [23] Montenegro, G., "Reverse Tunneling for Mobile IP", RFC 3024,
        January 2001.

   [24] Perkins, C., "IP Mobility Support for IPv4, revised (work in
        progress)", draft-ietf-mobileip-rfc2002-bis-08.txt, September
        2001.

   [25] Dommety, G., and Leung, K., "Mobile IP Vendor/Organization- Spe-
        cific Extensions", RFC 3115, April 2001.

   [26] Perkins, C., "IP Encapsulation within IP", RFC 2003, October
        1996.

   [27] Perkins, C., "Minimal Encapsulation within IP", RFC 2004, Octo-
        ber 1996.

   [28] Hanks S. et. al., "Generic Routing Encapsulation (GRE)", RFC
        1701, October 1994.

   [29] Deering, S., "ICMP Router Discovery Messages", RFC 1256, Septem-
        ber 1991.

   [30] Daniele, M., Haberman, B., Routhier, S., and Schoenwaelder, J.,
        "Textual Conventions for Internet Network Addresses", RFC 2851,
        June 2000.

A.  Changes from RFC 2006 to draft-ietf-mobileip-rfc2006bis-00.txt

   A.1 The changes from RFC 2006 are the following:

   -  Section "The Network Management Framework" was updated.
   -  Subsection Protocol Extensions was created under section Overview.
   -  Section Security Considerations was updated.
   -  Changes to the MIB definition are following.  Changes are listed
      in the order of their occurrence in the MIB definition.

   (1)  The textual convention RegistrationFlags was updated.  The bit
        for VJ compression was removed and bit for reverse tunneling was
        added.

   (2)  Three new textual conventions were added : MipEntityIdentifier-
        Type, MipEntityIdentifier and MipEntityIdentifierNAI.  These
        textual conventions were defined to take into account that
        mobile nodes can be identified by other than ipaddress.

   (3)  New textual convention MipDeliveryStyle was added to represent
        the delivery style requested by mobile node in the registration
        request.

   (4)  mipSecAssocTable was deprecated and replaced with mipSecurityAs-
        socTable to support the mobile nodes identified by NAI.  Indices
        of the table were changed.  mipSecurityStatus object was added
        to manage the creation of new security associations in the
        table.  Default value clause was added to following three
        objects of the new table.
        - mipSecurityAlgorithmType
        - mipSecurityAlgorithmMode
        - mipSecurityReplayMethod

        hmac was added to the enumeration list of
        mipSecurityAlgorithmMode object.

   (5)  A new object mipSecurityAssocsCount was added.  This gives the
        number of security associations in the mipSecurityAssocTable.

   (6)  mipSecViolationTable was deprecated and replaced with mipSecuri-
        tyViolationTable to support the mobile nodes identified by NAI.
        Indices of the table were changed.  The objects corresponding to
        mipSecRecentViolationIDLow and mipSecRecentViolationIDHigh in
        the new table are changed to have the syntax of Unsigned32
        instead of Integer32.

   (7)  Description of the mnHomeAddress object was changed to support
        dynamic home address assignment and default value clause was
        added.

   (8)  Two new objects mnIdentifierType and mnIdentifier were added to
        the mnSystem group.

   (9)  object mnAdvFlags was refined.  The bit for VJ compression was
        removed and bit for reverse tunneling was added.

   (10) Lower limit of value-range for objects mnAdvMaxRegLifetime and
        mnAdvMaxAdvLifetime is changed to 1 from 0.

   (11) A new object mnRegDeliveryStyle was added to the mnRegistra-
        tionTable

   (12) maAdvConfigTable was deprecated and replaced with maAdvertCon-
        fTable to support configuration of advertisement parameters on
        unnumbered interfaces.  Index of the table was changed.  A new
        object maAdvertService was added to maAdvertConfTable to indi-
        cate the mobility services offered on the network interface.

   (13) objects faIsBusy and faRegistrationRequired were deprecated and
        replaced with faAdvertConfTable.  This is to allow for different
        settings of 'B' and 'R' bit on different network interfaces.

   (14) A new object faChallengeWindow was added to the faAdvertCon-
        fTable to allow for configuration of challenge window.

   (15) faVisitorTable was deprecated and replaced with faRegVisi-
        torTable to support the visitors identified by NAI.  Indices of
        the table were changed.  The objects corresponding to faVisitor-
        RegIDLow and faVisitorRegIDHigh in the new table are changed to
        have the syntax of Unsigned32 instead of Integer32.

   (16) A new object faRegVisitorDeliveryStyle was added to the
        FaRegVisitorTable to indicate the delivery style requested by
        the mobile node.

   (17) A new object faRegVisitorCount was added to count the number of
        entries in faRegVisitorTable.

   (18) faVJCompressionUnavailable object was deprecated.

   (19) Five new counters specific to reverse tunneling function in for-
        eign agent were added to faRegistration group.  These objects
        are
        - faReverseTunnelUnavailable
        - faReverseTunnelBitNotSet
        - faMnTooDistant
        - faDeliveryStyleUnsupported
        - faNonZeroHomeAddressRequired

   (20) Three new counters specific to agent advertisement challenge
        extension were added to faRegistration group.  These objects are
        - faUnknownChallenge
        - faMissingChallenge
        - faStaleChallenge

   (21) Two new counters specific to processing of vendor specific
        extensions by foreign agent were added to faRegistration group.
        These objects are
        - faCvsesFromMnRejected
        - faCvsesFromHaRejected

   (22) Two new objects haMobilityBindingMnIdType and haMobilityBind-
        ingMnId were added to the haMobilityBindingTable to accommodate
        for the mobile nodes not identified by the ipaddress.  Syntax of
        objects haMobilityBindingRegIDLow and haMobilityBindingRegIDHigh
        was changed to Unsigned32 from Integer32.

   (23) haCounterTable was deprecated and replaced with haRegCoun-
        terTable to support the mobile nodes identified by NAI.  Indices
        of the table were changed.  The syntax of object corresponding
        to haRecentServiceDeniedCode in the new table was changed to add
        more error codes.

   (24) Three new counters specific to reverse tunneling function in
        home agent were added to the haRegistration group.  These
        objects are
        - haReverseTunnelUnavailable
        - haReverseTunnelBitNotSet
- haEncapsulationUnavailable
-
   (25) Two new counters specific to processing of vendor specific
        extensions by home agent were added to haRegistration group.
        These objects are
        - haCvsesFromMnRejected
        - haCvsesFromFaRejected

   (26) A new object haRegMobilityBindingCount was added to count the
        number of entries in haMobilityBindingTable.

   (27) mipAuthFailure notification was deprecated and replaced with
        mipAuthFailure2.

   (28) Compliance statement mipCompliance was deprecated and replaced
        with mipCompliance2.

   (29) Conformance groups were depreciated as needed due to the fact
        that many new items have been added to the MIB.  These groups
        include:
        -mipSecAssociationGroup
        -mipSecViolationGroup
        -mnSystemGroup
        -mnRegistrationGroup
        -maAdvertisementGroup
        -faAdvertisementGroup
        -faRegistrationGroup
        -haRegistrationGroup
        -haRegNodeCountersGroup
        -mipSecNotificationsGroup

        New conformance groups were added as needed to replace depre-
        cated groups.  These groups include:
        -mipSecAssociationGroup2
        -mipSecViolationGroup2
        -mnSystemGroup2
        -mnRegistrationGroup2
        -maAdvertisementGroup2
        -faAdvertisementGroup2
        -faRegistrationGroup2
        -haRegistrationGroup2
        -haRegNodeCountersGroup2
        -mipSecNotificationsGroup2

   A.2 The changes from versions draft-ietf-mobileip-rfc2006bis-01.txt
       draft-ietf-mobileip-rfc2006bis-02.txt

(1) The textual convention RegistrationFlags was updated to conform to the sequence order of the flag bits in RFC 3344.

(2) Typos "CmiEntityIdentfier" changed "MipEntityIdentifier".

(3) A new object MipSecurityReplayTime was added for acceptable replay protection time range using timestamps.

(4) The following objects changed to have the syntax of Unsigned32 instead of Integer32.
        -mnRegIDHigh
        -mnRegIDLow
        -mnRegTimeRequested
        -haMobilityBindingTimeGranted
        -mipSecurityRecentViolationSPI

(5) The following values added to object haRegRecentServiceDeniedCode.
        -mnCvseUnsupported (140)
     -faCvseUnsupported (141)

(6) The following object names were changed to provide better meaning since these are rejection counters.
     -haCvsesFromMnRejected to haCvsesFromMnUnsupported
     -haCvsesFromFaRejected to haCvsesFromFaUnsupported
     -faCvsesFromMnRejected to faCvsesFromMnUnsupported
     -faCvsesFromHaRejected to faCvsesFromHaUnsupported

(7) The following objects were added to HA registration counters.
     -haNvsesFromMnIgnored
     -haNvsesFromFaIgnored

(8) The following objects were added to FA registration counters.
     -faNvsesFromMnIgnored
     -faNvsesFromHaIgnored

   A.3 The changes from versions draft-ietf-mobileip-rfc2006bis-02.txt
       draft-ietf-mobileip-rfc2006bis-03.txt

(1) The size of the MipEntityIdentifier is changed to OCTET STRING of
    size 64 octets

(2) Changed the SYNTAX for mnAdvSequence object to Integer32

(3) Changed the SYNTAX for mnAdvMaxRegLifeTime object to Integer32

(4) Changed the SYNTAX for mnAdvMaxAdvLifeTime object to Integer32

(5) faNvsesFromMnIgnored is anchored at faRegistration 27

(6) faNvsesFromHaIgnored is anchored at faRegistration 28

(7) faRegVisitorCount is anchored at faRegistration 29

(8) Changed the faCvsesFromHaSupported object name to faCvsesFromHaUnsupported

(9) Added faNvsesFromMnIgnored and faNvsesFromHaIgnored to faRegistrationGroup2

(10) faRegVisitorTable is anchored at faRegistration 30

(11) Added the haNvsesFromMnIgnored object to the haRegistrationGroup2

(12) Added the haNvsesFromFaIgnored object to the haRegistrationGroup2

(13) Added the NOTIFICATION-GROUP to the imports

   A.4 The changes from versions draft-ietf-mobileip-rfc2006bis-03.txt
       draft-ietf-mip4-rfc2006bis-00.txt

(1) Draft retitled to draft-ietf-mip4-rfc2006bis-00.txt

   A.5 The changes from versions draft-ietf-mip4-rfc2006bis-00.txt to
       draft-ietf-mip4-rfc2006bis-01.txt

(1) Chair addresses updated.

B.  Chair and Editor Addresses

   The working group can be contacted via the current chairs:

      Basavaraj Patil                      Phil Roberts
      Nokia                                Megisto Corp.
      6000 Connection Dr.                  Suite 120
                                           20251 Century Blvd
      Irving, TX. 75039                    Germantown, MD. 20874
      USA

      Pete McCann                          Henrik Levkowetz
      Lucent Technologies                  ipUnplugged AB
      Rm 9C-226R                           Arenavagen 33
      1960 Lucent Lane
      Naperville, Illinois 60563           Stockholm S-121 28
      USA                                  Sweden
      Phone:  +1 972-894-6709 630 713 9359              Phone:  +1 847-202-9314  +46 708 32 16 08
      Email:  Basavaraj.Patil@nokia.com  mccap@lucent.com             Email:  PRoberts@MEGISTO.com  henrik@levkowetz.com

   Questions about this memo can also be directed to the editors:

      Ravindra Rathi                       Kent Leung
      Intel Corporation                    Cisco Systems, Inc.
      136, Airport Road                    170 West Tasman Drive
      Bangalore - 560 017                  San Jose, CA. 95134
      India                                USA
      Phone: +91 80 507 5553               Phone:  +1 408-526-5030 408 526 5030
      Email: ravindra.rathi@intel.com      Email:  kleung@cisco.com

C.  Full Copyright Statement

   Copyright (C) The Internet Society (2000).  All Rights Reserved.
   This document and translations of it may be copied and furnished to
   others, and derivative works that comment on or otherwise explain it
   or assist in its implementation may be prepared, copied, published
   and distributed, in whole or in part, without restriction of any
   kind, provided that the above copyright notice and this paragraph are
   included on all such copies and derivative works.  However, this doc-
   ument itself may not be modified in any way, such as by removing the
   copyright notice or references to the Internet Society or other
   Internet organizations, except as needed for the purpose of develop-
   ing Internet standards in which case the procedures for copyrights
   defined in the Internet Standards process must be followed, or as
   required to translate it into languages other than English.

   The limited permissions granted above are perpetual and will not be
   revoked by the Internet Society or its successors or assigns.

   This document and the information contained herein is provided on an
   "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
   TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
   BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
   HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MER-
   CHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE