draft-ietf-radext-dynauth-client-mib-03.txt   draft-ietf-radext-dynauth-client-mib-04.txt 
Network Working Group S. De Cnodder Network Working Group S. De Cnodder
Internet-Draft Alcatel Internet-Draft Alcatel
Expires: July 7, 2006 N. Jonnala Expires: September 15, 2006 N. Jonnala
M. Chiba M. Chiba
Cisco Systems, Inc. Cisco Systems, Inc.
January 3, 2006 March 14, 2006
Dynamic Authorization Client MIB Dynamic Authorization Client MIB
draft-ietf-radext-dynauth-client-mib-03.txt draft-ietf-radext-dynauth-client-mib-04.txt
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 36 skipping to change at page 1, line 36
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on July 7, 2006. This Internet-Draft will expire on September 15, 2006.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2006). Copyright (C) The Internet Society (2006).
Abstract Abstract
This memo defines a portion of the Management Information Base (MIB) This memo defines a portion of the Management Information Base (MIB)
for use with network management protocols in the Internet community. for use with network management protocols in the Internet community.
In particular, it describes the Remote Authentication Dial In User In particular, it describes the Remote Authentication Dial In User
skipping to change at page 2, line 13 skipping to change at page 2, line 13
defined in RFC 3576. defined in RFC 3576.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Requirements notation . . . . . . . . . . . . . . . . . . 3 1.1. Requirements notation . . . . . . . . . . . . . . . . . . 3
1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
2. The Internet-Standard Management Framework . . . . . . . . . . 4 2. The Internet-Standard Management Framework . . . . . . . . . . 4
3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
4. RADIUS Dynamic Authorization Client MIB Definitions . . . . . 6 4. RADIUS Dynamic Authorization Client MIB Definitions . . . . . 6
5. Security Considerations . . . . . . . . . . . . . . . . . . . 20 5. Security Considerations . . . . . . . . . . . . . . . . . . . 21
6. IANA considerations . . . . . . . . . . . . . . . . . . . . . 22 6. IANA considerations . . . . . . . . . . . . . . . . . . . . . 23
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 23 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 24
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 24 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 25
8.1. Normative References . . . . . . . . . . . . . . . . . . . 24 8.1. Normative References . . . . . . . . . . . . . . . . . . . 25
8.2. Informative References . . . . . . . . . . . . . . . . . . 24 8.2. Informative References . . . . . . . . . . . . . . . . . . 25
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 26 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 27
Intellectual Property and Copyright Statements . . . . . . . . . . 27 Intellectual Property and Copyright Statements . . . . . . . . . . 28
1. Introduction 1. Introduction
This memo defines a portion of the Management Information Base (MIB) This memo defines a portion of the Management Information Base (MIB)
for use with network management protocols in the Internet community. for use with network management protocols in the Internet community.
It is becoming increasingly important to support Dynamic It is becoming increasingly important to support Dynamic
Authorization extensions on the network access server (NAS) devices Authorization extensions on the network access server (NAS) devices
to handle the Disconnect and Change-of-Authorization (CoA) messages to handle the Disconnect and Change-of-Authorization (CoA) messages
as described in [RFC3576]. As a result, the effective management of as described in [RFC3576]. As a result, the effective management of
RADIUS Dynamic Authorization entities is of considerable importance. RADIUS Dynamic Authorization entities is of considerable importance.
skipping to change at page 6, line 20 skipping to change at page 6, line 20
MODULE-IDENTITY, OBJECT-TYPE, MODULE-IDENTITY, OBJECT-TYPE,
Counter32, Gauge32, Integer32, Counter32, Gauge32, Integer32,
mib-2, TimeTicks FROM SNMPv2-SMI -- [RFC2578] mib-2, TimeTicks FROM SNMPv2-SMI -- [RFC2578]
SnmpAdminString FROM SNMP-FRAMEWORK-MIB -- [RFC3411] SnmpAdminString FROM SNMP-FRAMEWORK-MIB -- [RFC3411]
InetAddressType, InetAddress, InetAddressType, InetAddress,
InetPortNumber FROM INET-ADDRESS-MIB -- [RFC4001] InetPortNumber FROM INET-ADDRESS-MIB -- [RFC4001]
MODULE-COMPLIANCE, MODULE-COMPLIANCE,
OBJECT-GROUP FROM SNMPv2-CONF; -- [RFC2580] OBJECT-GROUP FROM SNMPv2-CONF; -- [RFC2580]
radiusDynAuthClientMIB MODULE-IDENTITY radiusDynAuthClientMIB MODULE-IDENTITY
LAST-UPDATED "200601030000Z" -- 3 January 2006 LAST-UPDATED "200603100000Z" -- 10 March 2006
ORGANIZATION "IETF RADEXT Working Group" ORGANIZATION "IETF RADEXT Working Group"
CONTACT-INFO CONTACT-INFO
" Stefaan De Cnodder " Stefaan De Cnodder
Alcatel Alcatel
Francis Wellesplein 1 Francis Wellesplein 1
B-2018 Antwerp B-2018 Antwerp
Belgium Belgium
Phone: +32 3 240 85 15 Phone: +32 3 240 85 15
EMail: stefaan.de_cnodder@alcatel.be EMail: stefaan.de_cnodder@alcatel.be
skipping to change at page 7, line 5 skipping to change at page 7, line 5
170 West Tasman Dr. 170 West Tasman Dr.
San Jose CA, 95134 San Jose CA, 95134
Phone: +1 408 525 7198 Phone: +1 408 525 7198
EMail: mchiba@cisco.com " EMail: mchiba@cisco.com "
DESCRIPTION DESCRIPTION
"The MIB module for entities implementing the client "The MIB module for entities implementing the client
side of the Dynamic Authorization Extensions to Remote side of the Dynamic Authorization Extensions to Remote
Authentication Dial In User Service (RADIUS) protocol. Authentication Dial In User Service (RADIUS) protocol.
Copyright (C) The Internet Society (2005). Initial Copyright (C) The Internet Society (2006). Initial
version as published in RFC yyyy; version as published in RFC yyyy;
for full legal notices see the RFC itself. Supplementary for full legal notices see the RFC itself."
information may be available on
http://www.ietf.org/copyrights/ianamib.html."
-- RFC Ed.: replace yyyy with actual RFC number & remove this note -- RFC Ed.: replace yyyy with actual RFC number & remove this note
REVISION "200601030000Z" -- 3 January 2006 REVISION "200603100000Z" -- 10 March 2006
DESCRIPTION "Initial version as published in RFC yyyy" DESCRIPTION "Initial version as published in RFC yyyy"
-- RFC Ed.: replace yyyy with actual RFC number & remove this note -- RFC Ed.: replace yyyy with actual RFC number & remove this note
::= { mib-2 xxx } ::= { mib-2 xxx }
-- The value xxx to be assigned by IANA. -- The value xxx to be assigned by IANA.
radiusDynAuthClientMIBObjects OBJECT IDENTIFIER ::= radiusDynAuthClientMIBObjects OBJECT IDENTIFIER ::=
{ radiusDynAuthClientMIB 1 } { radiusDynAuthClientMIB 1 }
radiusDynAuthClient OBJECT IDENTIFIER ::= radiusDynAuthClientScalars OBJECT IDENTIFIER ::=
{ radiusDynAuthClientMIBObjects 1 } { radiusDynAuthClientMIBObjects 1 }
radiusDynAuthClientDisconInvalidServerAddresses OBJECT-TYPE radiusDynAuthClientDisconInvalidServerAddresses OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of Disconnect-Ack and Disconnect-NAK packets "The number of Disconnect-Ack and Disconnect-NAK packets
received from unknown addresses." received from unknown addresses. This counter wraps
::= { radiusDynAuthClient 1 } from the maximum value to zero and is reset upon system
(re)initialization."
::= { radiusDynAuthClientScalars 1 }
radiusDynAuthClientCoAInvalidServerAddresses OBJECT-TYPE radiusDynAuthClientCoAInvalidServerAddresses OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of CoA-Ack and CoA-NAK packets received from "The number of CoA-Ack and CoA-NAK packets received from
unknown addresses." unknown addresses. This counter wraps from the maximum
::= { radiusDynAuthClient 2 } value to zero and is reset upon system
(re)initialization."
::= { radiusDynAuthClientScalars 2 }
radiusDynAuthServerTable OBJECT-TYPE radiusDynAuthServerTable OBJECT-TYPE
SYNTAX SEQUENCE OF RadiusDynAuthServerEntry SYNTAX SEQUENCE OF RadiusDynAuthServerEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The (conceptual) table listing the RADIUS Dynamic "The (conceptual) table listing the RADIUS Dynamic
Authorization Servers with which the client shares a Authorization Servers with which the client shares a
secret." secret."
::= { radiusDynAuthClient 3 } ::= { radiusDynAuthClientMIBObjects 2 }
radiusDynAuthServerEntry OBJECT-TYPE radiusDynAuthServerEntry OBJECT-TYPE
SYNTAX RadiusDynAuthServerEntry SYNTAX RadiusDynAuthServerEntry
MAX-ACCESS not-accessible MAX-ACCESS not-accessible
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"An entry (conceptual row) representing one Dynamic "An entry (conceptual row) representing one Dynamic
Authorization Server with which the client shares a Authorization Server with which the client shares a
secret." secret."
INDEX { radiusDynAuthServerIndex } INDEX { radiusDynAuthServerIndex }
::= { radiusDynAuthServerTable 1 } ::= { radiusDynAuthServerTable 1 }
skipping to change at page 10, line 29 skipping to change at page 10, line 30
radiusDynAuthClientDisconRequests OBJECT-TYPE radiusDynAuthClientDisconRequests OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "requests" UNITS "requests"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of RADIUS Disconnect-Requests sent "The number of RADIUS Disconnect-Requests sent
to this Dynamic Authorization Server. This also to this Dynamic Authorization Server. This also
includes the RADIUS Disconnect-Requests that have a includes the RADIUS Disconnect-Requests that have a
Service-Type attribute with value 'Authorize Only'." Service-Type attribute with value 'Authorize Only'.
This counter wraps from the maximum value to zero and
is reset upon system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.1, Disconnect Messages (DM)." "RFC 3576, Section 2.1, Disconnect Messages (DM)."
::= { radiusDynAuthServerEntry 7 } ::= { radiusDynAuthServerEntry 7 }
radiusDynAuthClientDisconAuthOnlyRequests OBJECT-TYPE radiusDynAuthClientDisconAuthOnlyRequests OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "requests" UNITS "requests"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of RADIUS Disconnect-Requests that include a "The number of RADIUS Disconnect-Requests that include a
Service-Type attribute with value 'Authorize Only' Service-Type attribute with value 'Authorize Only'
sent to this Dynamic Authorization Server." sent to this Dynamic Authorization Server. This counter
wraps from the maximum value to zero and is reset upon
system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.1, Disconnect Messages (DM)." "RFC 3576, Section 2.1, Disconnect Messages (DM)."
::= { radiusDynAuthServerEntry 8 } ::= { radiusDynAuthServerEntry 8 }
radiusDynAuthClientDisconRetransmissions OBJECT-TYPE radiusDynAuthClientDisconRetransmissions OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "retransmissions" UNITS "retransmissions"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of RADIUS Disconnect-request packets "The number of RADIUS Disconnect-request packets
retransmitted to this RADIUS Dynamic Authorization retransmitted to this RADIUS Dynamic Authorization
Server." Server. This counter wraps from the maximum value to
zero and is reset upon system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.1, Disconnect Messages (DM)." "RFC 3576, Section 2.1, Disconnect Messages (DM)."
::= { radiusDynAuthServerEntry 9 } ::= { radiusDynAuthServerEntry 9 }
radiusDynAuthClientDisconAcks OBJECT-TYPE radiusDynAuthClientDisconAcks OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "replies" UNITS "replies"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of RADIUS Disconnect-ACK packets "The number of RADIUS Disconnect-ACK packets
received from this Dynamic Authorization Server" received from this Dynamic Authorization Server. This
counter wraps from the maximum value to zero and is
reset upon system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.1, Disconnect Messages (DM)." "RFC 3576, Section 2.1, Disconnect Messages (DM)."
::= { radiusDynAuthServerEntry 10 } ::= { radiusDynAuthServerEntry 10 }
radiusDynAuthClientDisconNaks OBJECT-TYPE radiusDynAuthClientDisconNaks OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "replies" UNITS "replies"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of RADIUS Disconnect-NAK packets "The number of RADIUS Disconnect-NAK packets
received from this Dynamic Authorization Server. received from this Dynamic Authorization Server.
This includes the RADIUS Disconnect-NAK packets This includes the RADIUS Disconnect-NAK packets
received with a Service-Type attribute with value received with a Service-Type attribute with value
'Authorize Only' and the RADIUS Disconnect-NAK 'Authorize Only' and the RADIUS Disconnect-NAK
packets received no session context was found." packets received no session context was found. This
counter wraps from the maximum value to zero and is
reset upon system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.1, Disconnect Messages (DM)." "RFC 3576, Section 2.1, Disconnect Messages (DM)."
::= { radiusDynAuthServerEntry 11 } ::= { radiusDynAuthServerEntry 11 }
radiusDynAuthClientDisconNakAuthOnlyRequest OBJECT-TYPE radiusDynAuthClientDisconNakAuthOnlyRequest OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "replies" UNITS "replies"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of RADIUS Disconnect-NAK packets "The number of RADIUS Disconnect-NAK packets
that include a Service-Type attribute with value that include a Service-Type attribute with value
'Authorize Only' received from this Dynamic 'Authorize Only' received from this Dynamic
Authorization Server." Authorization Server. This counter wraps from the
maximum value to zero and is reset upon system
(re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.1, Disconnect Messages (DM)." "RFC 3576, Section 2.1, Disconnect Messages (DM)."
::= { radiusDynAuthServerEntry 12 } ::= { radiusDynAuthServerEntry 12 }
radiusDynAuthClientDisconNakSessNoContext OBJECT-TYPE radiusDynAuthClientDisconNakSessNoContext OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "replies" UNITS "replies"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of RADIUS Disconnect-NAK packets "The number of RADIUS Disconnect-NAK packets
received from this Dynamic Authorization Server received from this Dynamic Authorization Server
because no session context was found, i.e. it because no session context was found, i.e. it
includes an Error-Cause attribute with value 503 includes an Error-Cause attribute with value 503
('Session Context Not Found')." ('Session Context Not Found'). This counter wraps
from the maximum value to zero and is reset upon
system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.1, Disconnect Messages (DM)." "RFC 3576, Section 2.1, Disconnect Messages (DM)."
::= { radiusDynAuthServerEntry 13 } ::= { radiusDynAuthServerEntry 13 }
radiusDynAuthClientMalformedDisconResponses OBJECT-TYPE radiusDynAuthClientMalformedDisconResponses OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "replies" UNITS "replies"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of malformed RADIUS Disconnect-Ack and "The number of malformed RADIUS Disconnect-Ack and
Disconnect-NAK packets received from this Dynamic Disconnect-NAK packets received from this Dynamic
Authorization Server. Bad authenticators and unknown Authorization Server. Bad authenticators and unknown
types are not included as malformed Disconnect-Ack and types are not included as malformed Disconnect-Ack and
Disconnect-NAK packets." Disconnect-NAK packets. This counter wraps from the
maximum value to zero and is reset upon system
(re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.1, Disconnect Messages (DM), and "RFC 3576, Section 2.1, Disconnect Messages (DM), and
Section 2.3, Packet Format." Section 2.3, Packet Format."
::= { radiusDynAuthServerEntry 14 } ::= { radiusDynAuthServerEntry 14 }
radiusDynAuthClientDisconBadAuthenticators OBJECT-TYPE radiusDynAuthClientDisconBadAuthenticators OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "replies" UNITS "replies"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of RADIUS Disconnect-Ack and Disconnect-NAK "The number of RADIUS Disconnect-Ack and Disconnect-NAK
packets which contained invalid Authenticator field packets which contained invalid Authenticator field
received from this Dynamic Authorization Server." received from this Dynamic Authorization Server. This
counter wraps from the maximum value to zero and is
reset upon system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.1, Disconnect Messages (DM), and "RFC 3576, Section 2.1, Disconnect Messages (DM), and
Section 2.3, Packet Format." Section 2.3, Packet Format."
::= { radiusDynAuthServerEntry 15 } ::= { radiusDynAuthServerEntry 15 }
radiusDynAuthClientDisconPendingRequests OBJECT-TYPE radiusDynAuthClientDisconPendingRequests OBJECT-TYPE
SYNTAX Gauge32 SYNTAX Gauge32
UNITS "requests" UNITS "requests"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
skipping to change at page 13, line 30 skipping to change at page 13, line 47
SYNTAX Counter32 SYNTAX Counter32
UNITS "timeouts" UNITS "timeouts"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of Disconnect request timeouts to this "The number of Disconnect request timeouts to this
server. After a timeout the client may retry to the server. After a timeout the client may retry to the
same server or give up. A retry to the same server is same server or give up. A retry to the same server is
counted as a retransmit as well as a timeout. A send counted as a retransmit as well as a timeout. A send
to a different server is counted as a to a different server is counted as a
Disconnect-Request as well as a timeout." Disconnect-Request as well as a timeout. This counter
wraps from the maximum value to zero and is reset upon
system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.1, Disconnect Messages (DM)." "RFC 3576, Section 2.1, Disconnect Messages (DM)."
::= { radiusDynAuthServerEntry 17 } ::= { radiusDynAuthServerEntry 17 }
radiusDynAuthClientDisconPacketsDropped OBJECT-TYPE radiusDynAuthClientDisconPacketsDropped OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "replies" UNITS "replies"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of incoming Disconnect-Ack and "The number of incoming Disconnect-Ack and
Disconnect-NAK packets from this Dynamic Authorization Disconnect-NAK packets from this Dynamic Authorization
Server silently discarded by the client application for Server silently discarded by the client application for
some reason other than malformed, bad authenticators or some reason other than malformed, bad authenticators or
unknown types." unknown types. This counter wraps from the maximum
value to zero and is reset upon system
(re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.1, Disconnect Messages (DM), and "RFC 3576, Section 2.1, Disconnect Messages (DM), and
Section 2.3, Packet Format." Section 2.3, Packet Format."
::= { radiusDynAuthServerEntry 18 } ::= { radiusDynAuthServerEntry 18 }
radiusDynAuthClientCoARequests OBJECT-TYPE radiusDynAuthClientCoARequests OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "requests" UNITS "requests"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of RADIUS CoA-Requests sent to this "The number of RADIUS CoA-Requests sent to this
Dynamic Authorization Server. This also includes Dynamic Authorization Server. This also includes
the CoA requests that have a Service-Type attribute the CoA requests that have a Service-Type attribute
with value 'Authorize Only'." with value 'Authorize Only'. This counter wraps from
the maximum value to zero and is reset upon system
(re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.2, Change-of-Authorization "RFC 3576, Section 2.2, Change-of-Authorization
Messages (CoA)." Messages (CoA)."
::= { radiusDynAuthServerEntry 19 } ::= { radiusDynAuthServerEntry 19 }
radiusDynAuthClientCoAAuthOnlyRequest OBJECT-TYPE radiusDynAuthClientCoAAuthOnlyRequest OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "requests" UNITS "requests"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of RADIUS CoA-requests that include a "The number of RADIUS CoA-requests that include a
Service-Type attribute with value 'Authorize Only' Service-Type attribute with value 'Authorize Only'
sent to this Dynamic Authorization Client." sent to this Dynamic Authorization Client. This counter
wraps from the maximum value to zero and is reset upon
system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.2, Change-of-Authorization "RFC 3576, Section 2.2, Change-of-Authorization
Messages (CoA)." Messages (CoA)."
::= { radiusDynAuthServerEntry 20 } ::= { radiusDynAuthServerEntry 20 }
radiusDynAuthClientCoARetransmissions OBJECT-TYPE radiusDynAuthClientCoARetransmissions OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "retransmissions" UNITS "retransmissions"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of RADIUS CoA-request packets "The number of RADIUS CoA-request packets
retransmitted to this RADIUS Dynamic Authorization retransmitted to this RADIUS Dynamic Authorization
Server." Server. This counter wraps from the maximum value to
zero and is reset upon system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.2, Change-of-Authorization "RFC 3576, Section 2.2, Change-of-Authorization
Messages (CoA)." Messages (CoA)."
::= { radiusDynAuthServerEntry 21 } ::= { radiusDynAuthServerEntry 21 }
radiusDynAuthClientCoAAcks OBJECT-TYPE radiusDynAuthClientCoAAcks OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "replies" UNITS "replies"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of RADIUS CoA-ACK packets "The number of RADIUS CoA-ACK packets received from
received from this Dynamic Authorization Server" this Dynamic Authorization Server. This counter wraps
from the maximum value to zero and is reset upon system
(re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.2, Change-of-Authorization "RFC 3576, Section 2.2, Change-of-Authorization
Messages (CoA)." Messages (CoA)."
::= { radiusDynAuthServerEntry 22 } ::= { radiusDynAuthServerEntry 22 }
radiusDynAuthClientCoANaks OBJECT-TYPE radiusDynAuthClientCoANaks OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "replies" UNITS "replies"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of RADIUS CoA-NAK packets "The number of RADIUS CoA-NAK packets received from
received from this Dynamic Authorization Server. this Dynamic Authorization Server. This includes the
This includes the RADIUS CoA-NAK packets received RADIUS CoA-NAK packets received with a Service-Type
with a Service-Type attribute with value 'Authorize attribute with value 'Authorize Only' and the RADIUS
Only' and the RADIUS CoA-NAK packets received because CoA-NAK packets received because no session context
no session context was found." was found. This counter wraps from the maximum value
to zero and is reset upon system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.2, Change-of-Authorization "RFC 3576, Section 2.2, Change-of-Authorization
Messages (CoA)." Messages (CoA)."
::= { radiusDynAuthServerEntry 23 } ::= { radiusDynAuthServerEntry 23 }
radiusDynAuthClientCoANakAuthOnlyRequest OBJECT-TYPE radiusDynAuthClientCoANakAuthOnlyRequest OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "replies" UNITS "replies"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of RADIUS CoA-NAK packets that include a "The number of RADIUS CoA-NAK packets that include a
Service-Type attribute with value 'Authorize Only' Service-Type attribute with value 'Authorize Only'
received from this Dynamic Authorization Server." received from this Dynamic Authorization Server. This
counter wraps from the maximum value to zero and is
reset upon system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.2, Change-of-Authorization "RFC 3576, Section 2.2, Change-of-Authorization
Messages (CoA)." Messages (CoA)."
::= { radiusDynAuthServerEntry 24 } ::= { radiusDynAuthServerEntry 24 }
radiusDynAuthClientCoANakSessNoContext OBJECT-TYPE radiusDynAuthClientCoANakSessNoContext OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "replies" UNITS "replies"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of RADIUS CoA-NAK packets "The number of RADIUS CoA-NAK packets received from
received from this Dynamic Authorization Server this Dynamic Authorization Server because no session
because no session context was found, i.e. it context was found, i.e. it includes an Error-Cause
includes an Error-Cause attribute with value 503 attribute with value 503 ('Session Context Not Found').
('Session Context Not Found')." This counter wraps from the maximum value to zero and
is reset upon system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.2, Change-of-Authorization "RFC 3576, Section 2.2, Change-of-Authorization
Messages (CoA)." Messages (CoA)."
::= { radiusDynAuthServerEntry 25 } ::= { radiusDynAuthServerEntry 25 }
radiusDynAuthClientMalformedCoAResponses OBJECT-TYPE radiusDynAuthClientMalformedCoAResponses OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "replies" UNITS "replies"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of malformed RADIUS CoA-Ack and CoA-NAK "The number of malformed RADIUS CoA-Ack and CoA-NAK
packets received from this Dynamic Authorization packets received from this Dynamic Authorization
Server. Bad authenticators and unknown types are Server. Bad authenticators and unknown types are
not included as malformed CoA-Ack and CoA-NAK packets." not included as malformed CoA-Ack and CoA-NAK packets.
This counter wraps from the maximum value to zero and
is reset upon system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.2, Change-of-Authorization "RFC 3576, Section 2.2, Change-of-Authorization
Messages (CoA), and Section 2.3, Packet Format." Messages (CoA), and Section 2.3, Packet Format."
::= { radiusDynAuthServerEntry 26 } ::= { radiusDynAuthServerEntry 26 }
radiusDynAuthClientCoABadAuthenticators OBJECT-TYPE radiusDynAuthClientCoABadAuthenticators OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "replies" UNITS "replies"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of RADIUS CoA-Ack and CoA-NAK packets "The number of RADIUS CoA-Ack and CoA-NAK packets
which contained invalid Authenticator field which contained invalid Authenticator field
received from this Dynamic Authorization Server." received from this Dynamic Authorization Server.
This counter wraps from the maximum value to zero and
is reset upon system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.2, Change-of-Authorization "RFC 3576, Section 2.2, Change-of-Authorization
Messages (CoA), and Section 2.3, Packet Format." Messages (CoA), and Section 2.3, Packet Format."
::= { radiusDynAuthServerEntry 27 } ::= { radiusDynAuthServerEntry 27 }
radiusDynAuthClientCoAPendingRequests OBJECT-TYPE radiusDynAuthClientCoAPendingRequests OBJECT-TYPE
SYNTAX Gauge32 SYNTAX Gauge32
UNITS "requests" UNITS "requests"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of RADIUS CoA-request packets destined for "The number of RADIUS CoA-request packets destined for
this server that have not yet timed out or received a this server that have not yet timed out or received a
response. This variable is incremented when an response. This variable is incremented when an
CoA-Request is sent and decremented due to receipt of CoA-Request is sent and decremented due to receipt of
a CoA-Ack, CoA-NAK or a timeout or a retransmission." a CoA-Ack, CoA-NAK or a timeout or a retransmission.
This counter wraps from the maximum value to zero and
is reset upon system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.2, Change-of-Authorization "RFC 3576, Section 2.2, Change-of-Authorization
Messages (CoA)." Messages (CoA)."
::= { radiusDynAuthServerEntry 28 } ::= { radiusDynAuthServerEntry 28 }
radiusDynAuthClientCoATimeouts OBJECT-TYPE radiusDynAuthClientCoATimeouts OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "timeouts" UNITS "timeouts"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
skipping to change at page 17, line 14 skipping to change at page 18, line 4
Messages (CoA)." Messages (CoA)."
::= { radiusDynAuthServerEntry 28 } ::= { radiusDynAuthServerEntry 28 }
radiusDynAuthClientCoATimeouts OBJECT-TYPE radiusDynAuthClientCoATimeouts OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "timeouts" UNITS "timeouts"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of CoA request timeouts to this server. "The number of CoA request timeouts to this server.
After a timeout the client may retry to the same After a timeout the client may retry to the same
server or give up. A retry to the same server is server or give up. A retry to the same server is
counted as a retransmit as well as a timeout. A send to counted as a retransmit as well as a timeout. A send to
a different server is counted as a CoA-Request as well a different server is counted as a CoA-Request as well
as a timeout." as a timeout. This counter wraps from the maximum value
to zero and is reset upon system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.2, Change-of-Authorization "RFC 3576, Section 2.2, Change-of-Authorization
Messages (CoA)." Messages (CoA)."
::= { radiusDynAuthServerEntry 29 } ::= { radiusDynAuthServerEntry 29 }
radiusDynAuthClientCoAPacketsDropped OBJECT-TYPE radiusDynAuthClientCoAPacketsDropped OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "replies" UNITS "replies"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of incoming CoA-Ack and CoA-NAK from this "The number of incoming CoA-Ack and CoA-NAK from this
Dynamic Authorization Server silently discarded by the Dynamic Authorization Server silently discarded by the
client application for some reason other than client application for some reason other than
malformed, bad authenticators or unknown types." malformed, bad authenticators or unknown types. This
counter wraps from the maximum value to zero and is
reset upon system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.2, Change-of-Authorization "RFC 3576, Section 2.2, Change-of-Authorization
Messages (CoA), and Section 2.3, Packet Format." Messages (CoA), and Section 2.3, Packet Format."
::= { radiusDynAuthServerEntry 30 } ::= { radiusDynAuthServerEntry 30 }
radiusDynAuthClientUnknownTypes OBJECT-TYPE radiusDynAuthClientUnknownTypes OBJECT-TYPE
SYNTAX Counter32 SYNTAX Counter32
UNITS "replies" UNITS "replies"
MAX-ACCESS read-only MAX-ACCESS read-only
STATUS current STATUS current
DESCRIPTION DESCRIPTION
"The number of incoming packets of unknown types "The number of incoming packets of unknown types
which were received on the Dynamic Authorization port." which were received on the Dynamic Authorization port.
This counter wraps from the maximum value to zero and
is reset upon system (re)initialization."
REFERENCE REFERENCE
"RFC 3576, Section 2.3, Packet Format." "RFC 3576, Section 2.3, Packet Format."
::= { radiusDynAuthServerEntry 31 } ::= { radiusDynAuthServerEntry 31 }
-- conformance information -- conformance information
radiusDynAuthClientMIBConformance radiusDynAuthClientMIBConformance
OBJECT IDENTIFIER ::= { radiusDynAuthClientMIB 2 } OBJECT IDENTIFIER ::= { radiusDynAuthClientMIB 2 }
radiusDynAuthClientMIBCompliances radiusDynAuthClientMIBCompliances
OBJECT IDENTIFIER ::= { radiusDynAuthClientMIBConformance 1 } OBJECT IDENTIFIER ::= { radiusDynAuthClientMIBConformance 1 }
radiusDynAuthClientMIBGroups radiusDynAuthClientMIBGroups
OBJECT IDENTIFIER ::= { radiusDynAuthClientMIBConformance 2 } OBJECT IDENTIFIER ::= { radiusDynAuthClientMIBConformance 2 }
-- compliance statements -- compliance statements
radiusDynAuthClientMIBCompliance MODULE-COMPLIANCE radiusDynAuthClientMIBCompliance MODULE-COMPLIANCE
skipping to change at page 23, line 9 skipping to change at page 24, line 9
rights to indeed GET or SET (change/create/delete) them. rights to indeed GET or SET (change/create/delete) them.
6. IANA considerations 6. IANA considerations
IANA is requested to assign an OID under mib-2. IANA is requested to assign an OID under mib-2.
7. Acknowledgements 7. Acknowledgements
The authors would also like to acknowledge the following people for The authors would also like to acknowledge the following people for
their comments on this document: Bernard Aboba, Alan DeKok, David their comments on this document: Bernard Aboba, Alan DeKok, David
Nelson, Anjaneyulu Pata, Dan Romascanu, Greg Weber, Bert Wijnen, and Nelson, Anjaneyulu Pata, Dan Romascanu, Juergen Schoenwaelder, Greg
Glen Zorn. Weber, Bert Wijnen, and Glen Zorn.
8. References 8. References
8.1. Normative References 8.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", RFC 2119, March 1997. Requirement Levels", RFC 2119, March 1997.
[RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., [RFC2578] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J.,
Rose, M., and S. Waldbusser, "Structure of Management Rose, M., and S. Waldbusser, "Structure of Management
 End of changes. 42 change blocks. 
63 lines changed or deleted 108 lines changed or added

This html diff was produced by rfcdiff 1.29, available from http://www.levkowetz.com/ietf/tools/rfcdiff/