1 TUNNEL-MIB DEFINITIONS ::= BEGIN
4 MODULE-IDENTITY, OBJECT-TYPE, transmission,
5 Integer32, IpAddress FROM SNMPv2-SMI
6 RowStatus FROM SNMPv2-TC
7 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF
8 ifIndex, InterfaceIndexOrZero FROM IF-MIB;
10 tunnelMIB MODULE-IDENTITY
11 LAST-UPDATED "9908241200Z" -- August 24, 1999
12 ORGANIZATION "IETF Interfaces MIB Working Group"
17 Redmond, WA 98052-6399
18 EMail: dthaler@dthaler.microsoft.com"
20 "The MIB module for management of IP Tunnels, independent of
21 the specific encapsulation scheme in use."
22 REVISION "9908241200Z" -- August 24, 1999
24 "Initial version, published as RFC 2667."
25 ::= { transmission 131 }
27 tunnelMIBObjects OBJECT IDENTIFIER ::= { tunnelMIB 1 }
29 tunnel OBJECT IDENTIFIER ::= { tunnelMIBObjects 1 }
31 -- the IP Tunnel MIB-Group
33 -- a collection of objects providing information about
36 tunnelIfTable OBJECT-TYPE
37 SYNTAX SEQUENCE OF TunnelIfEntry
38 MAX-ACCESS not-accessible
41 "The (conceptual) table containing information on configured
45 tunnelIfEntry OBJECT-TYPE
47 MAX-ACCESS not-accessible
50 "An entry (conceptual row) containing the information on a
51 particular configured tunnel."
53 ::= { tunnelIfTable 1 }
55 TunnelIfEntry ::= SEQUENCE {
56 tunnelIfLocalAddress IpAddress,
57 tunnelIfRemoteAddress IpAddress,
58 tunnelIfEncapsMethod INTEGER,
59 tunnelIfHopLimit Integer32,
60 tunnelIfSecurity INTEGER,
64 tunnelIfLocalAddress OBJECT-TYPE
69 "The address of the local endpoint of the tunnel (i.e., the
70 source address used in the outer IP header), or 0.0.0.0 if
72 ::= { tunnelIfEntry 1 }
74 tunnelIfRemoteAddress OBJECT-TYPE
79 "The address of the remote endpoint of the tunnel (i.e., the
80 destination address used in the outer IP header), or 0.0.0.0
82 ::= { tunnelIfEntry 2 }
84 tunnelIfEncapsMethod OBJECT-TYPE
86 other(1), -- none of the following
87 direct(2), -- no intermediate header
88 gre(3), -- GRE encapsulation
89 minimal(4), -- Minimal encapsulation
90 l2tp(5), -- L2TP encapsulation
91 pptp(6), -- PPTP encapsulation
92 l2f(7), -- L2F encapsulation
93 udp(8), -- UDP encapsulation
94 atmp(9) -- ATMP encapsulation
100 "The encapsulation method used by the tunnel. The value
101 direct indicates that the packet is encapsulated directly
102 within a normal IPv4 header, with no intermediate header,
103 and unicast to the remote tunnel endpoint (e.g., an RFC 2003
104 IP-in-IP tunnel, or an RFC 1933 IPv6-in-IPv4 tunnel). The
105 value minimal indicates that a Minimal Forwarding Header
106 (RFC 2004) is inserted between the outer header and the
107 payload packet. The value UDP indicates that the payload
108 packet is encapsulated within a normal UDP packet (e.g., RFC
109 1234). The remaining protocol-specific values indicate that
110 a header of the protocol of that name is inserted between
111 the outer header and the payload header."
112 ::= { tunnelIfEntry 3 }
114 tunnelIfHopLimit OBJECT-TYPE
115 SYNTAX Integer32 (0..255)
116 MAX-ACCESS read-write
119 "The TTL to use in the outer IP header. A value of 0
120 indicates that the value is copied from the payload's
122 ::= { tunnelIfEntry 4 }
124 tunnelIfSecurity OBJECT-TYPE
126 none(1), -- no security
127 ipsec(2), -- IPSEC security
133 "The method used by the tunnel to secure the outer IP
134 header. The value ipsec indicates that IPsec is used
135 between the tunnel endpoints for authentication or
136 encryption or both. More specific security-related
137 information may be available in a MIB for the security
139 ::= { tunnelIfEntry 5 }
141 tunnelIfTOS OBJECT-TYPE
142 SYNTAX Integer32 (-2..63)
143 MAX-ACCESS read-write
146 "The method used to set the high 6 bits of the TOS in the
147 outer IP header. A value of -1 indicates that the bits are
148 copied from the payload's header. A value of -2 indicates
149 that a traffic conditioner is invoked and more information
150 may be available in a traffic conditioner MIB. A value
151 between 0 and 63 inclusive indicates that the bit field is
152 set to the indicated value."
153 ::= { tunnelIfEntry 6 }
155 tunnelConfigTable OBJECT-TYPE
156 SYNTAX SEQUENCE OF TunnelConfigEntry
157 MAX-ACCESS not-accessible
160 "The (conceptual) table containing information on configured
161 tunnels. This table can be used to map a set of tunnel
162 endpoints to the associated ifIndex value. It can also be
163 used for row creation. Note that every row in the
164 tunnelIfTable with a fixed destination address should have a
165 corresponding row in the tunnelConfigTable, regardless of
166 whether it was created via SNMP."
169 tunnelConfigEntry OBJECT-TYPE
170 SYNTAX TunnelConfigEntry
171 MAX-ACCESS not-accessible
174 "An entry (conceptual row) containing the information on a
175 particular configured tunnel."
176 INDEX { tunnelConfigLocalAddress,
177 tunnelConfigRemoteAddress,
178 tunnelConfigEncapsMethod,
180 ::= { tunnelConfigTable 1 }
182 TunnelConfigEntry ::= SEQUENCE {
183 tunnelConfigLocalAddress IpAddress,
184 tunnelConfigRemoteAddress IpAddress,
185 tunnelConfigEncapsMethod INTEGER,
186 tunnelConfigID Integer32,
187 tunnelConfigIfIndex InterfaceIndexOrZero,
188 tunnelConfigStatus RowStatus
191 tunnelConfigLocalAddress OBJECT-TYPE
193 MAX-ACCESS not-accessible
196 "The address of the local endpoint of the tunnel, or 0.0.0.0
197 if the device is free to choose any of its addresses at
198 tunnel establishment time."
199 ::= { tunnelConfigEntry 1 }
201 tunnelConfigRemoteAddress OBJECT-TYPE
203 MAX-ACCESS not-accessible
206 "The address of the remote endpoint of the tunnel."
207 ::= { tunnelConfigEntry 2 }
209 tunnelConfigEncapsMethod OBJECT-TYPE
211 other(1), -- none of the following
212 direct(2), -- no intermediate header
213 gre(3), -- GRE encapsulation
214 minimal(4), -- Minimal encapsulation
215 l2tp(5), -- L2TP encapsulation
216 pptp(6), -- PPTP encapsulation
217 l2f(7), -- L2F encapsulation
218 udp(8), -- UDP encapsulation
221 MAX-ACCESS not-accessible
224 "The encapsulation method used by the tunnel."
225 ::= { tunnelConfigEntry 3 }
227 tunnelConfigID OBJECT-TYPE
228 SYNTAX Integer32 (1..2147483647)
229 MAX-ACCESS not-accessible
232 "An identifier used to distinguish between multiple tunnels
233 of the same encapsulation method, with the same endpoints.
234 If the encapsulation protocol only allows one tunnel per set
235 of endpoint addresses (such as for GRE or IP-in-IP), the
236 value of this object is 1. For encapsulation methods (such
237 as L2F) which allow multiple parallel tunnels, the manager
238 is responsible for choosing any ID which does not conflict
239 with an existing row, such as choosing a random number."
240 ::= { tunnelConfigEntry 4 }
242 tunnelConfigIfIndex OBJECT-TYPE
243 SYNTAX InterfaceIndexOrZero
247 "If the value of tunnelConfigStatus for this row is active,
248 then this object contains the value of ifIndex corresponding
249 to the tunnel interface. A value of 0 is not legal in the
250 active state, and means that the interface index has not yet
252 ::= { tunnelConfigEntry 5 }
254 tunnelConfigStatus OBJECT-TYPE
256 MAX-ACCESS read-create
259 "The status of this row, by which new entries may be
260 created, or old entries deleted from this table. The agent
261 need not support setting this object to createAndWait or
262 notInService since there are no other writable objects in
263 this table, and writable objects in rows of corresponding
264 tables such as the tunnelIfTable may be modified while this
267 To create a row in this table for an encapsulation method
268 which does not support multiple parallel tunnels with the
269 same endpoints, the management station should simply use a
270 tunnelConfigID of 1, and set tunnelConfigStatus to
271 createAndGo. For encapsulation methods such as L2F which
272 allow multiple parallel tunnels, the management station may
273 select a pseudo-random number to use as the tunnelConfigID
274 and set tunnelConfigStatus to createAndGo. In the event
275 that this ID is already in use and an inconsistentValue is
276 returned in response to the set operation, the management
277 station should simply select a new pseudo-random number and
280 Creating a row in this table will cause an interface index
281 to be assigned by the agent in an implementation-dependent
282 manner, and corresponding rows will be instantiated in the
283 ifTable and the tunnelIfTable. The status of this row will
284 become active as soon as the agent assigns the interface
285 index, regardless of whether the interface is operationally
288 Deleting a row in this table will likewise delete the
289 corresponding row in the ifTable and in the tunnelIfTable."
290 ::= { tunnelConfigEntry 6 }
292 -- conformance information
295 OBJECT IDENTIFIER ::= { tunnelMIB 2 }
297 OBJECT IDENTIFIER ::= { tunnelMIBConformance 1 }
298 tunnelMIBGroups OBJECT IDENTIFIER ::= { tunnelMIBConformance 2 }
300 -- compliance statements
302 tunnelMIBCompliance MODULE-COMPLIANCE
305 "The compliance statement for the IP Tunnel MIB."
306 MODULE -- this module
307 MANDATORY-GROUPS { tunnelMIBBasicGroup }
309 OBJECT tunnelIfHopLimit
312 "Write access is not required."
317 "Write access is not required."
319 OBJECT tunnelConfigStatus
322 "Write access is not required."
323 ::= { tunnelMIBCompliances 1 }
325 -- units of conformance
327 tunnelMIBBasicGroup OBJECT-GROUP
328 OBJECTS { tunnelIfLocalAddress, tunnelIfRemoteAddress,
329 tunnelIfEncapsMethod, tunnelIfHopLimit, tunnelIfTOS,
330 tunnelIfSecurity, tunnelConfigIfIndex, tunnelConfigStatus }
333 "A collection of objects to support basic management of IP
335 ::= { tunnelMIBGroups 1 }