1-- ***************************************************************** 2-- Cisco COPS Client MIB 3-- 4-- April, 1999 Thomas Wu 5-- 6-- Copyright (c) 1999-2000, 2005 by cisco Systems, Inc. 7-- All rights reserved. 8-- ***************************************************************** 9 10 11CISCO-COPS-CLIENT-MIB DEFINITIONS ::= BEGIN 12 13IMPORTS 14 MODULE-IDENTITY, 15 OBJECT-TYPE, 16 Unsigned32 17 FROM SNMPv2-SMI 18 19 MODULE-COMPLIANCE, 20 OBJECT-GROUP 21 FROM SNMPv2-CONF 22 23 TEXTUAL-CONVENTION, 24 DisplayString, 25 RowStatus, 26 TruthValue 27 FROM SNMPv2-TC 28 29 ifIndex 30 FROM IF-MIB 31 32 ciscoMgmt 33 FROM CISCO-SMI 34 ; 35 36ciscoCopsClientMIB MODULE-IDENTITY 37 LAST-UPDATED "200511140000Z" 38 ORGANIZATION "Cisco Systems Inc. " 39 CONTACT-INFO 40 "Cisco Systems 41 Customer Service 42 43 Postal: 170 W Tasman Drive 44 San Jose, CA 95134 45 USA 46 47 Tel: +1 800 553-NETS 48 49 E-mail: cs-wbu@cisco.com, cs-snmp@cisco.com" 50 DESCRIPTION 51 "This MIB module is for configuration & statistic query 52 of Common Open Policy Service(COPS) client feature on the Cisco 53 device. COPS is a simple client/server model for supporting 54 policy control over QoS Signaling Protocols and provisioned QoS 55 resource management. 56 57 COPS is a simple query and response protocol that can be used to 58 exchange policy information between a policy server (Policy 59 Decision Point or PDP) and its clients (Policy Enforcement Points 60 or PEPs)." 61 REVISION "200511140000Z" 62 DESCRIPTION 63 "Updated the imports such that Unsigned32 is imported from 64 SNMPv2-SMI instead of CISCO-TC. Changed the syntax of the 65 textual conventions CopsRole, CopsRoleCombination, 66 CopsDomainName from DisplayString to OCTET STRING." 67 REVISION "200006110000Z" 68 DESCRIPTION 69 "Added support for optional role configuration." 70 REVISION "9909160040Z" 71 DESCRIPTION 72 "Initial version of this MIB module." 73 ::= { ciscoMgmt 140 } 74 75-- 76-- Textual Conventions 77-- 78CopsRole ::= TEXTUAL-CONVENTION 79 STATUS current 80 DESCRIPTION 81 "A display string where valid letters are a-z, A-Z, 0-9, 82 ., - and _. Name can not start with an '_'. 83 Policies are assigned to a 'role', and one or more 'roles' are 84 assigned to interfaces, such that an interface takes on the 85 policies indirectly as the policies of the roles assigned to 86 that interface." 87 SYNTAX OCTET STRING (SIZE (1..31)) 88 89CopsRoleCombination ::= TEXTUAL-CONVENTION 90 STATUS current 91 DESCRIPTION 92 "A display string consisting of a set of roles concatenated 93 with '+' characters where the roles are in lexicographic 94 order from minimum to maximum. Policies are assigned to a 95 'role', and one or more 'roles' are assigned to interfaces, 96 such that an interface takes on the policies indirectly as 97 the policies of the roles assigned to that interface. 98 When one or more roles assigned to an interface, that set of 99 roles is known as a role-combination." 100 SYNTAX OCTET STRING (SIZE (0..255)) 101 102CopsDomainName ::= TEXTUAL-CONVENTION 103 STATUS current 104 DESCRIPTION 105 "A display string where valid letters are a-z, A-Z, 0-9, 106 ., - and _. Name can not start with an '_'. 107 The COPS domain which a COPS client type belongs to. 108 This is so that a COPS server supporting multiple domains 109 can push the correct set of domain policies to a device." 110 SYNTAX OCTET STRING (SIZE (0..31)) 111 112CopsClientType ::= TEXTUAL-CONVENTION 113 STATUS current 114 DESCRIPTION 115 "An enumerated value for all the supported COPS client type. 116 rsvp(1) Resource Reservation Protocol(RSVP). RSVP is a 117 signaling mechanism that the applications will 118 use to signal parameters to the network, so that 119 network can assign QoS for the application data 120 stream. 121 provisioning(2) Provisioning. A client type for COPS to support 122 policy provisioning. This client type is 123 independent of the type of policy (QoS, VPNs, 124 Security, etc.) and it is based on the concept 125 of PIBs (Policy Information Bases [PIB])." 126 SYNTAX INTEGER { 127 rsvp(1), 128 provisioning(2) 129 } 130 131ccopsMIBObjects OBJECT IDENTIFIER ::= { ciscoCopsClientMIB 1 } 132 133-- object groups 134 135ccopsGlobalObjects OBJECT IDENTIFIER ::= { ccopsMIBObjects 1 } 136 137-- 138-- The ccopsGlobalObjects group 139-- 140ccopsServerMax OBJECT-TYPE 141 SYNTAX Unsigned32 (0..65535) 142 UNITS "servers" 143 MAX-ACCESS read-only 144 STATUS current 145 DESCRIPTION 146 "Maximum number of configurable COPS servers allowed for 147 each client type. A value of zero indicates no limitation 148 on the number of configurable COPS servers." 149 ::= { ccopsGlobalObjects 1 } 150 151ccopsMaxRole OBJECT-TYPE 152 SYNTAX Unsigned32 153 UNITS "roles" 154 MAX-ACCESS read-only 155 STATUS current 156 DESCRIPTION 157 "Indicates the maximum number of roles supported by 158 this device. A value of zero indicates no limitation on 159 the number of roles." 160 ::= { ccopsGlobalObjects 2 } 161 162ccopsMaxRoleCombination OBJECT-TYPE 163 SYNTAX Unsigned32 164 UNITS "role-combinations" 165 MAX-ACCESS read-only 166 STATUS current 167 DESCRIPTION 168 "Indicates the maximum number of role-combinations supported 169 by this device. A value of zero indicates no limitation on 170 the number of role-combinations. Each CopsRoleCombination 171 may contain up to ccopsMaxRole roles." 172 ::= { ccopsGlobalObjects 3 } 173 174-- 175-- COPS Client Server Configuration Table 176-- 177ccopsServerConfigTable OBJECT-TYPE 178 SYNTAX SEQUENCE OF CcopsServerConfigEntry 179 MAX-ACCESS not-accessible 180 STATUS current 181 DESCRIPTION 182 "A list of possible COPS servers that the COPS client will 183 try to connect to in order of ccopsServerConfigPriority." 184 ::= { ccopsGlobalObjects 4 } 185 186ccopsServerConfigEntry OBJECT-TYPE 187 SYNTAX CcopsServerConfigEntry 188 MAX-ACCESS not-accessible 189 STATUS current 190 DESCRIPTION 191 "A set of configuration information regarding a single COPS 192 server from the point of view of a COPS client. The entry 193 is created and deleted by using ccopsServerConfigStatus. 194 195 An entry may not exist in the active state unless all 196 objects in the entry have an appropriate value. 197 198 Each client type can have its own COPS servers. 199 By creating, deleting or modifying an entry in this table, 200 users can add, delete or modify a COPS server for a particular 201 client type for the device. 202 203 In order to get policies from COPS server for a client type, 204 user has to create an entry for such client type." 205 INDEX { ccopsServerConfigClientType, 206 IMPLIED ccopsServerConfigName } 207 ::= { ccopsServerConfigTable 1 } 208 209CcopsServerConfigEntry ::= 210 SEQUENCE { 211 ccopsServerConfigClientType CopsClientType, 212 ccopsServerConfigName DisplayString, 213 ccopsServerConfigPriority Unsigned32, 214 ccopsServerConfigPort Unsigned32, 215 ccopsServerConfigStatus RowStatus 216 } 217 218ccopsServerConfigClientType OBJECT-TYPE 219 SYNTAX CopsClientType 220 MAX-ACCESS not-accessible 221 STATUS current 222 DESCRIPTION 223 "The type of policies to be retrieved from this server." 224 ::= { ccopsServerConfigEntry 1 } 225 226ccopsServerConfigName OBJECT-TYPE 227 SYNTAX DisplayString (SIZE (1..64)) 228 MAX-ACCESS not-accessible 229 STATUS current 230 DESCRIPTION 231 "The IP address or the hostname of a COPS server. If a hostname 232 is used, it will be resolved to an address prior to each attempt 233 to setup a connection to a PDP. If the PEP cannot resolve the 234 hostname, the connection attempt will fail. 235 Use of IP address values is preferred, except in cases where a 236 hostname must/should be used (e.g. if the PDP has a dynamic 237 address)" 238 ::= { ccopsServerConfigEntry 2 } 239 240ccopsServerConfigPriority OBJECT-TYPE 241 SYNTAX Unsigned32 (0..255) 242 MAX-ACCESS read-create 243 STATUS current 244 DESCRIPTION 245 "The priority of this entry relative to other entries. 246 The COPS client will attempt to contact COPS servers for 247 the appropriate Client-Type in the order of their 248 priority values. COPS servers designated by the COPS 249 protocol PDP-Redirect mechanism are always used in 250 preference to any entries in this table. 251 252 When ccopsServerMax mib object is not zero, the valid 253 value for ccopsServerConfigPriority ranges from zero to 254 ccopsServerMax minus one. When the ccopsServerMax 255 mib object is zero, any valid unsigned value may be used. 256 257 For servers with different value of ccopsServerConfigPriority, 258 the server with lowest value has highest priority. 259 260 For servers with same value of ccopsServerConfigPriority 261 and ccopsServerConfigClientType, the relative priority 262 of Servers is determined by a numerical comparison of their 263 IP addresses, with the lowest address having higher priority." 264 REFERENCE 265 "Reference Internet Draft, The COPS (Common Open Policy 266 Service) Protocol, PDP Redirect." 267 ::= { ccopsServerConfigEntry 3 } 268 269ccopsServerConfigPort OBJECT-TYPE 270 SYNTAX Unsigned32 (0..65535) 271 MAX-ACCESS read-create 272 STATUS current 273 DESCRIPTION 274 "The destination port number to which COPS server messages 275 should be sent. By default the COPS service will be provided 276 on the well-known COPS protocol port number 3288." 277 REFERENCE 278 "Reference Internet Draft, The COPS (Common Open Policy 279 Service) Protocol, Port number." 280 DEFVAL { 3288 } 281 ::= { ccopsServerConfigEntry 4 } 282 283ccopsServerConfigStatus OBJECT-TYPE 284 SYNTAX RowStatus 285 MAX-ACCESS read-create 286 STATUS current 287 DESCRIPTION 288 "The status of COPS server configuration for a client type. 289 An entry may not exist in the active state unless all 290 objects in the entry have an appropriate value. 291 292 Once a row becomes active, value in any other column within 293 such row cannot be modified except by setting 294 ccopsServerConfigStatus to notInService(2) for such row." 295 ::= { ccopsServerConfigEntry 5 } 296 297ccopsInitialTimeout OBJECT-TYPE 298 SYNTAX Unsigned32 (0..65535) 299 UNITS "seconds" 300 MAX-ACCESS read-write 301 STATUS current 302 DESCRIPTION 303 "If the device can not connect to the last connected COPS 304 server, it uses this value for the initial retry time-out 305 and then retries to connect after this time-out period. 306 This value is re-used for the first retry after every 307 successful connection. 308 309 When the device is connecting to COPS server the first 310 time or the last connected COPS server is no longer 311 available, it will attempt to contact COPS servers existing 312 in ccopsServerConfigTable for the appropriate Client-Type 313 in the order of their priority values." 314 DEFVAL { 30 } 315 ::= { ccopsGlobalObjects 5 } 316 317ccopsTimeoutIncrement OBJECT-TYPE 318 SYNTAX Unsigned32 (0..65535) 319 UNITS "seconds" 320 MAX-ACCESS read-write 321 STATUS current 322 DESCRIPTION 323 "On every consecutive failure to connect to all existing 324 COPS server for a client type, the COPS client increases 325 the retry time-out by ccopsTimeoutIncrement but not greater 326 than ccopsTimeoutMax." 327 DEFVAL { 30 } 328 ::= { ccopsGlobalObjects 6 } 329 330ccopsTimeoutMax OBJECT-TYPE 331 SYNTAX Unsigned32 (0..65535) 332 UNITS "seconds" 333 MAX-ACCESS read-write 334 STATUS current 335 DESCRIPTION 336 "The maximum retry time-out that the COPS client allows. 337 On every consecutive failure to connect to all COPS servers, 338 the COPS client increases the retry time-out up to 339 ccopsTimeoutMax." 340 DEFVAL { 300 } 341 ::= { ccopsGlobalObjects 7 } 342 343-- 344-- COPS Client Domain Table 345-- 346ccopsDomainTable OBJECT-TYPE 347 SYNTAX SEQUENCE OF CcopsDomainEntry 348 MAX-ACCESS not-accessible 349 STATUS current 350 DESCRIPTION 351 "A list of COPS domains for each client type supported in 352 the device." 353 ::= { ccopsGlobalObjects 8 } 354 355ccopsDomainEntry OBJECT-TYPE 356 SYNTAX CcopsDomainEntry 357 MAX-ACCESS not-accessible 358 STATUS current 359 DESCRIPTION 360 "A set of domain configuration information regarding a 361 single COPS client type. 362 363 An entry will exist for each COPS client type which is 364 supported in the device. 365 366 For each COPS client type supported in the device, a 367 domain name should be specified if the COPS server for 368 that client type has multiple domains defined in its 369 database." 370 INDEX { ccopsDomainClientType } 371 ::= { ccopsDomainTable 1 } 372 373CcopsDomainEntry ::= 374 SEQUENCE { 375 ccopsDomainClientType CopsClientType, 376 ccopsDomainName CopsDomainName 377 } 378 379ccopsDomainClientType OBJECT-TYPE 380 SYNTAX CopsClientType 381 MAX-ACCESS not-accessible 382 STATUS current 383 DESCRIPTION 384 "The type of COPS client." 385 ::= { ccopsDomainEntry 1 } 386 387ccopsDomainName OBJECT-TYPE 388 SYNTAX CopsDomainName 389 MAX-ACCESS read-write 390 STATUS current 391 DESCRIPTION 392 "The COPS domain which this client type belongs to. 393 This is so that a COPS server supporting multiple domains 394 can push the correct set of domain policies to this device. 395 Zero length name is default. COPS server have a default 396 set of policies for clients who have zero length domain 397 names. 398 399 Changing the COPS domain name while qosPolicySource is cops(2) 400 will result in requesting new policies from the cops server and 401 configuring the device with those new policies. The value of 402 ccopsDomainName is ignored if qosPolicySource is local(1)." 403 REFERENCE 404 "Reference CISCO-QOS-MIB, qosPolicySource." 405 DEFVAL { ''H } 406 ::= { ccopsDomainEntry 2 } 407 408-- 409-- COPS client role table 410-- 411ccopsRoleTable OBJECT-TYPE 412 SYNTAX SEQUENCE OF CcopsRoleEntry 413 MAX-ACCESS not-accessible 414 STATUS current 415 DESCRIPTION 416 "A list of roles. The number of entries is 417 determined by ccopsMaxRole." 418 ::= { ccopsGlobalObjects 9 } 419 420ccopsRoleEntry OBJECT-TYPE 421 SYNTAX CcopsRoleEntry 422 MAX-ACCESS not-accessible 423 STATUS current 424 DESCRIPTION 425 "Entry containing COPS-PR role information. The entry is 426 created, deleted and modified by using ccopsRoleStatus. 427 428 There is a maximum on the number of roles which may be 429 configured per device. In order to make a role available for 430 interface to construct its role combination, such role must 431 exist in the role table. Deleting a role in ccopsRoleTable 432 also removes that role from all role combinations for all 433 interfaces. 434 435 Therefore, a particular role can not be added into the role 436 combination for any interface if it is removed from this table." 437 INDEX { IMPLIED ccopsRoleName } 438 ::= { ccopsRoleTable 1 } 439 440CcopsRoleEntry ::= SEQUENCE { 441 ccopsRoleName CopsRole, 442 ccopsRoleStatus RowStatus 443} 444 445ccopsRoleName OBJECT-TYPE 446 SYNTAX CopsRole 447 MAX-ACCESS not-accessible 448 STATUS current 449 DESCRIPTION 450 "The name of the role. Only roles which were defined in COPS 451 server should be used. COPS server will only supply the policies 452 for those roles defined in its database." 453 ::= { ccopsRoleEntry 1 } 454 455ccopsRoleStatus OBJECT-TYPE 456 SYNTAX RowStatus 457 MAX-ACCESS read-create 458 STATUS current 459 DESCRIPTION 460 "This object is used to manage creation, deletion and 461 modification of rows in this table. 462 463 An entry may not exist in the active state unless all 464 objects in the entry have an appropriate value. 465 Once a row becomes active, value in any other column within 466 such row cannot be modified except by setting 467 ccopsRoleStatus to notInService(2) for such row. 468 469 Deleting a row results in removing this ccopsRoleName from all 470 role combinations in the ccopsIfTable" 471 ::= { ccopsRoleEntry 2 } 472 473-- 474-- COPS client interface table 475-- 476ccopsIfTable OBJECT-TYPE 477 SYNTAX SEQUENCE OF CcopsIfEntry 478 MAX-ACCESS not-accessible 479 STATUS current 480 DESCRIPTION 481 "A list of interface entries. An entry will exist for each 482 interface which supports COPS-PR feature." 483 ::= { ccopsGlobalObjects 10 } 484 485ccopsIfEntry OBJECT-TYPE 486 SYNTAX CcopsIfEntry 487 MAX-ACCESS not-accessible 488 STATUS current 489 DESCRIPTION 490 "Entry containing COPS status for a particular interface. 491 492 By default each interface has no roles. It then has a role 493 combination that is the zero length string. 494 495 Roles in a role combination for an interface are reported 496 to the PDP by the PEP. An interface may have multiple roles. 497 Adding/deleting roles results in changes to the role 498 combination for an interface. Therefore, a new set of QoS 499 policies will be used for the interface with the new role 500 combination." 501 INDEX { ifIndex } 502 ::= { ccopsIfTable 1 } 503 504CcopsIfEntry ::= SEQUENCE { 505 ccopsIfRoleCombination CopsRoleCombination 506} 507 508ccopsIfRoleCombination OBJECT-TYPE 509 SYNTAX CopsRoleCombination 510 MAX-ACCESS read-write 511 STATUS current 512 DESCRIPTION 513 "A display string, role combination, that is associated 514 with an interface. This is the administratively-desired 515 role combination which represents roles that are currently 516 set by the administrator for a particular interface in the 517 COPS domain. 518 519 If copsMaxRoleCombination is one, the new role will be 520 applied to all interfaces which support COPS feature on 521 the device. Agent returns inconsistentValue if this role 522 does not exist in ccopsRoleTable, resourceUnavailable if 523 the role combination exceeds copsMaxRoleCombination in the 524 device, wrongValue if a non-lexicographically-ordered value 525 is written to it. 526 527 On some platforms, roles may be assigned per port group 528 rather than per port. If multiple ports belong to a port 529 group, the role combination assigned to any of the ports 530 in such group will apply to all ports in the same group. 531 532 On some platforms, there can be a single role combination 533 for the entire device. The role combination assigned to 534 any of the interfaces will apply to all interfaces which 535 support COPS feature in the device." 536 ::= { ccopsIfEntry 1 } 537 538ccopsRoleConfigSupported OBJECT-TYPE 539 SYNTAX TruthValue 540 MAX-ACCESS read-only 541 STATUS current 542 DESCRIPTION 543 "Indicates whether this device supports the ccopsMaxRole 544 and ccopsRoleTable, and thereby, whether a role must be 545 present in the ccopsRoleTable before it can be used within 546 a value of ccopsIfRoleCombination." 547 ::= { ccopsGlobalObjects 11 } 548 549-- 550-- Notifications 551-- 552ccopsMIBNotifications OBJECT IDENTIFIER ::= { ciscoCopsClientMIB 2 } 553 554-- no notifications defined 555 556-- 557-- Conformance 558-- 559ccopsMIBConformance OBJECT IDENTIFIER ::= { ciscoCopsClientMIB 3 } 560 561ccopsMIBCompliances OBJECT IDENTIFIER ::= { ccopsMIBConformance 1 } 562 563ccopsMIBGroups OBJECT IDENTIFIER ::= { ccopsMIBConformance 2 } 564 565-- 566-- Compliance 567-- 568ccopsMIBCompliance MODULE-COMPLIANCE 569 STATUS deprecated 570 DESCRIPTION 571 "The compliance statement for the CISCO-COPS-CLIENT-MIB." 572 MODULE 573 MANDATORY-GROUPS { ccopsGlobalGroup } 574 575 ::= { ccopsMIBCompliances 1 } 576 577ccopsMIBComplianceRev2 MODULE-COMPLIANCE 578 STATUS current 579 DESCRIPTION 580 "The compliance statement for the CISCO-COPS-CLIENT-MIB." 581 MODULE 582 MANDATORY-GROUPS { ccopsGlobalGroupRev2 } 583 584 GROUP ccopsRoleGroup 585 DESCRIPTION 586 "This group is mandatory in agents for which the value of 587 ccopsRoleConfigSupported is 'true'." 588 589 ::= { ccopsMIBCompliances 2 } 590 591-- 592-- Units of Conformance 593-- 594ccopsGlobalGroup OBJECT-GROUP 595 OBJECTS { 596 ccopsServerMax, 597 ccopsServerConfigPriority, 598 ccopsServerConfigPort, 599 ccopsServerConfigStatus, 600 ccopsInitialTimeout, 601 ccopsTimeoutIncrement, 602 ccopsTimeoutMax, 603 ccopsDomainName, 604 ccopsMaxRole, 605 ccopsMaxRoleCombination, 606 ccopsRoleStatus, 607 ccopsIfRoleCombination 608 } 609 STATUS deprecated 610 DESCRIPTION 611 "A collection of objects providing the COPS ability on the 612 device. Devices implementing the COPS client feature should 613 support this group." 614 ::= { ccopsMIBGroups 1 } 615 616ccopsGlobalGroupRev2 OBJECT-GROUP 617 OBJECTS { 618 ccopsServerMax, 619 ccopsServerConfigPriority, 620 ccopsServerConfigPort, 621 ccopsServerConfigStatus, 622 ccopsInitialTimeout, 623 ccopsTimeoutIncrement, 624 ccopsTimeoutMax, 625 ccopsDomainName, 626 ccopsMaxRoleCombination, 627 ccopsIfRoleCombination, 628 ccopsRoleConfigSupported 629 } 630 STATUS current 631 DESCRIPTION 632 "A collection of objects providing the COPS ability on the 633 device." 634 ::= { ccopsMIBGroups 2 } 635 636ccopsRoleGroup OBJECT-GROUP 637 OBJECTS { 638 ccopsMaxRole, 639 ccopsRoleStatus 640 } 641 STATUS current 642 DESCRIPTION 643 "A collection of objects which allow an agent to require 644 a limited set of allowed roles be specified, and to reject 645 any role-combination containing any other role." 646 ::= { ccopsMIBGroups 3 } 647END 648 649 650 651