FDRY-DHCP-SNOOPING-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Unsigned32, IpAddress FROM SNMPv2-SMI snSwitch FROM FOUNDRY-SN-SWITCH-GROUP-MIB ArpType, ArpState FROM FDRY-DAI-MIB MacAddress, TruthValue, TEXTUAL-CONVENTION FROM SNMPv2-TC VlanIndex FROM Q-BRIDGE-MIB DisplayString FROM FOUNDRY-SN-AGENT-MIB ifIndex FROM IF-MIB; fdryDhcpSnoopMIB MODULE-IDENTITY LAST-UPDATED "201007260000Z" -- July 26, 2010 ORGANIZATION "Brocade Communications Systems, Inc." CONTACT-INFO "Technical Support Center 130 Holger Way, San Jose, CA 95134 Email: ipsupport@brocade.com Phone: 1-800-752-8061 URL: www.brocade.com" DESCRIPTION "Management Information for configuration of DHCP Snooping feature. DHCP Snooping is a security feature which enables the device to filter untrusted DHCP packets in a subnet. It can also stop unauthorized DHCP serves and prevent errors due to user mis-configuration servers. Copyright 1996-2010 Brocade Communications Systems, Inc. All rights reserved. This Brocade Communications Systems SNMP Management Information Base Specification embodies Brocade Communications Systems' confidential and proprietary intellectual property. Brocade Communications Systems retains all title and ownership in the Specification, including any revisions. This Specification is supplied AS IS, and Brocade Communications Systems makes no warranty, either express or implied, as to the use, operation, condition, or performance of the specification, and any unintended consequence it may on the user environment." REVISION "201007260000Z" -- July 26, 2010 DESCRIPTION "Changed the ORGANIZATION, CONTACT-INFO and DESCRIPTION fields." REVISION "201003220000Z" -- March 22, 2010 DESCRIPTION "" ::= { snSwitch 36} -- -- Textual Conventions -- ClearAction ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Represents action of Clear operation to be used." SYNTAX INTEGER{ valid(0), clear(1) } fdryDhcpSnoopGlobalObjects OBJECT IDENTIFIER ::= { fdryDhcpSnoopMIB 1 } fdryDhcpSnoopVlan OBJECT IDENTIFIER ::= { fdryDhcpSnoopMIB 2 } fdryDhcpSnoopInterface OBJECT IDENTIFIER ::= { fdryDhcpSnoopMIB 3 } fdryDhcpSnoopBind OBJECT IDENTIFIER ::= { fdryDhcpSnoopMIB 4 } -- -- DHCP Snooping global Scalar Object -- fdryDhcpSnoopGlobalClearOper OBJECT-TYPE SYNTAX ClearAction MAX-ACCESS read-write STATUS current DESCRIPTION "valid(0) - this value is always returned when the variable is read. clear(1) - setting the variable to this value clears all entries in the DHCP binding database." ::= { fdryDhcpSnoopGlobalObjects 1 } -- -- DHCP Snooping VLAN configuration table -- fdryDhcpSnoopVlanConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF FdryDhcpSnoopVlanConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table provides the mechanism to control DHCP Snooping per VLAN. When a VLAN is created in a device supporting this table, a corresponding entry of this table will be added." ::= { fdryDhcpSnoopVlan 1 } fdryDhcpSnoopVlanConfigEntry OBJECT-TYPE SYNTAX FdryDhcpSnoopVlanConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A row instance contains the configuration to enable or disable DHCP Snooping at the existing VLAN." INDEX { fdryDhcpSnoopVlanVLanId } ::= { fdryDhcpSnoopVlanConfigTable 1 } FdryDhcpSnoopVlanConfigEntry ::= SEQUENCE { fdryDhcpSnoopVlanVLanId VlanIndex, fdryDhcpSnoopVlanDhcpSnoopEnable TruthValue } fdryDhcpSnoopVlanVLanId OBJECT-TYPE SYNTAX VlanIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object indicates the VLAN number on which DHCP Snooping feature is configured." ::= { fdryDhcpSnoopVlanConfigEntry 1 } fdryDhcpSnoopVlanDhcpSnoopEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object indicates whether DHCP Snooping is enabled in this VLAN. If this object is set to 'true', DHCP Snooping is enabled. If this object is set to 'false', DHCP Snooping is disabled." ::= { fdryDhcpSnoopVlanConfigEntry 2 } -- -- DHCP Snooping Interface configuration table -- fdryDhcpSnoopIfConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF FdryDhcpSnoopIfConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table provides the mechanism to configure the trust state for DHCP Snooping purpose at each physical interface." ::= { fdryDhcpSnoopInterface 1 } fdryDhcpSnoopIfConfigEntry OBJECT-TYPE SYNTAX FdryDhcpSnoopIfConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A row instance contains the configuration to enable or disable trust state for DHCP Snooping at each physical interface capable of this feature." INDEX { ifIndex } ::= { fdryDhcpSnoopIfConfigTable 1 } FdryDhcpSnoopIfConfigEntry ::= SEQUENCE { fdryDhcpSnoopIfTrustValue TruthValue } fdryDhcpSnoopIfTrustValue OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object indicates whether the interface is trusted for DHCP Snooping. If this object is set to 'true', the interface is trusted. DHCP packets coming to this interface will be forwarded without checking. If this object is set to 'false', the interface is not trusted. DHCP packets received on this interface will be subjected to DHCP checks." ::= { fdryDhcpSnoopIfConfigEntry 1 } -- -- DHCP Snooping binding database table -- Use this table to display DHCP Snooping entries -- fdryDhcpSnoopBindTable OBJECT-TYPE SYNTAX SEQUENCE OF FdryDhcpSnoopBindEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table provides the information of DHCP snooping binding database learnt by the device" ::= { fdryDhcpSnoopBind 1 } fdryDhcpSnoopBindEntry OBJECT-TYPE SYNTAX FdryDhcpSnoopBindEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A row instance contains the information of DHCP snoonping entry." INDEX { fdryDhcpSnoopBindIpAddr } ::= { fdryDhcpSnoopBindTable 1 } FdryDhcpSnoopBindEntry ::= SEQUENCE { fdryDhcpSnoopBindIpAddr IpAddress, fdryDhcpSnoopBindMacAddr MacAddress, fdryDhcpSnoopBindType ArpType, fdryDhcpSnoopBindState ArpState, fdryDhcpSnoopBindPort DisplayString, fdryDhcpSnoopBindVlanId VlanIndex, fdryDhcpSnoopBindClearOper ClearAction } fdryDhcpSnoopBindIpAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The device IP address." ::= { fdryDhcpSnoopBindEntry 1} fdryDhcpSnoopBindMacAddr OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The device MAC address." ::= { fdryDhcpSnoopBindEntry 2 } fdryDhcpSnoopBindType OBJECT-TYPE SYNTAX ArpType MAX-ACCESS read-only STATUS current DESCRIPTION "The type of the ARP entry" ::= { fdryDhcpSnoopBindEntry 3 } fdryDhcpSnoopBindState OBJECT-TYPE SYNTAX ArpState MAX-ACCESS read-only STATUS current DESCRIPTION "The state of the ARP entry" ::= { fdryDhcpSnoopBindEntry 4 } fdryDhcpSnoopBindPort OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "The port of the ARP entry" ::= { fdryDhcpSnoopBindEntry 5 } fdryDhcpSnoopBindVlanId OBJECT-TYPE SYNTAX VlanIndex MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates the VLAN number on which DHCP snooping feature is configured." ::= { fdryDhcpSnoopBindEntry 6 } fdryDhcpSnoopBindClearOper OBJECT-TYPE SYNTAX ClearAction MAX-ACCESS read-write STATUS current DESCRIPTION "valid(0) - this value is always returned when the variable is read. clear(1) - setting the variable to this value clears this entry in the DHCP binding database." ::= {fdryDhcpSnoopBindEntry 7 } END