INTERNET-DRAFT MCNS Cable Modem MIB July 1997 Cable Modem Management Information Base for MCNS compliant Cable Modems draft-ietf-ipcdn-cable-modem-mib-00.txt Mon Jul 7 10:32:27 PDT 1997 Guenter Roeck (editor) cisco Systems groeck@cisco.com Status of this Memo This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its Areas, and its Working Groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as a "work in progress". To view the entire list of current Internet-Drafts, please check the "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow Directories on ftp.is.co.za (Africa), ftp.nordu.net (Europe), munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or ftp.isi.edu (US West Coast). Abstract This memo defines an experimental portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it defines a basic set of managed objects for SNMP-based management of MCNS compliant Cable Modems. This memo specifies a MIB module in a manner that is compliant to the SNMPv2 SMI. The set of objects is consistent with the SNMP framework and existing SNMP standards. This memo does not specify a standard for the Internet community. This memo is a product of the IPCDN working group within the Internet Engineering Task Force. Comments are solicited and should be addressed to the working group's mailing list at ipcdn@terayon.com and/or the author. Expires January 1998 [Page 1] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 Table of Contents 1 The SNMPv2 Network Management Framework ......................... 3 2 Object Definitions .............................................. 3 3 Overview ........................................................ 4 3.1 Structure of the MIB .......................................... 4 3.2 Management requirements ....................................... 4 3.2.1 Handling of Software upgrades ............................... 4 3.2.2 Events and Traps ............................................ 5 3.2.3 Trap Throttling ............................................. 5 3.2.3.1 Trap rate throttling ...................................... 5 3.2.3.2 Limiting the trap rate .................................... 6 3.3 Protocol Filters .............................................. 6 4 Definitions ..................................................... 7 5 Acknowledgments ................................................. 30 6 References ...................................................... 30 7 Security Considerations ......................................... 30 8 Author's Address ................................................ 31 Expires January 1998 [Page 2] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 1. The SNMPv2 Network Management Framework The SNMPv2 Network Management Framework presently consists of three major components. They are: o the SMI, described in RFC 1902 [1] - the mechanisms used for describing and naming objects for the purpose of management. o the MIB-II, STD 17, RFC 1213 [2] - the core set of managed objects for the Internet suite of protocols. o the protocol, RFC 1157 [3] and/or RFC 1905 [4], - the protocol for accessing managed objects. The Framework permits new objects to be defined for the purpose of experimentation and evaluation. 2. Object Definitions Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the subset of Abstract Syntax Notation One (ASN.1) defined in the SMI. In particular, each object type is named by an OBJECT IDENTIFIER, an administratively assigned name. The object type together with an object instance serves to uniquely identify a specific instantiation of the object. For human convenience, we often use a textual string, termed the descriptor, to refer to the object type. Expires January 1998 [Page 3] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 3. Overview This MIB provides a set of objects required for the management of MCNS compliant Cable Modems (CM). The specification is derived from the MCNS Radio Frequency Interface specification [6]. 3.1. Structure of the MIB This MIB is structured in six groups: o The docsCmBase group extends the MIB-II 'system' group with objects needed for cable modem system management. o The docsCmNmAccessGroup provides a minimum level of SNMP access security (see Section 3 of [8]). o The docsCmSoftware group provides information for network- downloadable software upgrades. o The docsCmServer group provides information about the progress of the interaction with various provisioning servers. o The docsCmEvent group provides control and logging for event reporting o The docsCmFilter group configures filters at link layer and IP layer for bridged data traffic. 3.2. Management requirements 3.2.1. Handling of Software upgrades The Cable Modem software upgrade process is documented in [6]. From a network management station, the operator: o sets mcnscmSwServer to the address of the TFTP server for software upgrades o sets mcnscmSwFilename to the file pathname of the software upgrade image o sets mcnscmSwAdminStatus to upgrade-from-mgt One reason for the SNMP-initiated upgrade is to allow loading of a temporary software image (e.g., special diagnostic software) that differs from the software normally used on that modem without changing the provisioning database. Note that software upgrades should not be accepted blindly by the cable modem. The cable modem may refuse an upgrade if: Expires January 1998 [Page 4] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 o The download is incomplete. o The file contents are incomplete or damaged. o The software is not intended for that hardware device (may include the case of a feature set that has not been purchased for this device). 3.2.2. Events and Traps Any system implementing this MIB must support reporting events using SNMP traps. Other means of event reporting are outside the scope of this document. The definition and coding of events is vendor-specific. In deference to the network operator who must troubleshoot multi-vendor networks, the circumstances and meaning of each event should be reported as human- readable text. Vendors SHOULD provide time-of-day clocks in CMs to provide useful timestamping of events. For each vendor-specific event that is reportable via TRAP, the vendor must create an enterprise-specific trap definition. Trap definitions MUST include the event reason encoded as DisplayString and should be defined as: trapName NOTIFICATION-TYPE OBJECTS { ifIndex, eventReason, other useful objects } STATUS current DESCRIPTION "trap description" ::= Object Id 3.2.3. Trap Throttling The CM and CMTS MUST provide support for trap message throttling as described below. The network operator can employ message rate throttling or trap limiting by manipulating the appropriate MIB variables. 3.2.3.1. Trap rate throttling Network operators may employ either of two rate control methods. In the first method, the device ceases to send traps when the rate exceeds the specified maximum message rate. It resumes sending traps only if reactivated by a network management station request. Expires January 1998 [Page 5] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 In the second method, the device resumes sending traps when the rate falls below the specified maximum message rate. The network operator configures the specified maximum message rate by setting the measurement interval (in seconds), and the maximum number of traps to be transmitted within the measurement interval. The operator can query the operational throttling state (to determine whether traps are enabled or blocked by throttling) of the device, as well as query and set the administrative throttling state (to manage the rate control method) of the device. 3.2.3.2. Limiting the trap rate Network operators may wish to limit the number of traps sent by a device over a specified time period. The device ceases to send traps when the number of traps exceeds the specified threshold. It resumes sending traps only when the measurement interval has passed. The network operator defines the maximum number of traps he is willing to handle and sets the measurement interval to a large number (in hundredths of a second). For this case, the administrative throttling state is set to stop at threshold which is the maximum number of traps. See "Techniques for Managing Asynchronously Generated Alerts" [7] for further information. 3.3. Protocol Filters The Cable Modem MIB provides objects for both LLC and IP protocol filters. The LLC protocol filter entries can be used to limit CM forwarding to a restricted set of network-layer protocols (such as IP, IPX, NetBIOS, and Appletalk). The IP protocol filter entries can be used to restrict upstream or downstream traffic based on source and destination IP addresses, transport-layer protocols (such as TCP, UDP, and ICMP), and source and destination TCP/UDP port numbers. The CM should support a minimum of ten LLC protocol filter entries, and ten IP protocol filter entries. Expires January 1998 [Page 6] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 4. Definitions DOCS-CM-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, IpAddress, Unsigned32, Counter32, TimeTicks FROM SNMPv2-SMI DisplayString, RowStatus, DateAndTime FROM SNMPv2-TC OBJECT-GROUP, MODULE-COMPLIANCE FROM SNMPv2-CONF InterfaceIndexOrZero FROM IF-MIB transmission FROM RFC1213-MIB; docsCmMIB MODULE-IDENTITY LAST-UPDATED "9707071029Z" -- Jul 07, 1997 ORGANIZATION "IETF IPCDN Working Group" CONTACT-INFO " Guenter Roeck Postal: cisco Systems 170 West Tasman Drive San Jose, CA 95134 U.S.A. Phone: +1 408 527 3143 E-mail: groeck@cisco.com" DESCRIPTION "This is the MIB Module for MCNS-compliant cable modems and cable-modem termination systems." ::= { transmission 123 } -- Editor's note: This is not a valid assignment. Final value is TBD, -- and will not reside in the transmission subtree. docsCmMIBObjects OBJECT IDENTIFIER ::= { docsCmMIB 1 } docsCmBase OBJECT IDENTIFIER ::= { docsCmMIBObjects 1 } -- -- For the following object, there is no concept in the -- RFI specification corresponding to a backup CMTS. The -- enumeration is provided here in case someone is able -- to define such a role or device. -- docsCmRole OBJECT-TYPE SYNTAX INTEGER { cm(1), cmtsActive(2), cmtsBackup(3) } Expires January 1998 [Page 7] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 MAX-ACCESS read-only STATUS current DESCRIPTION "Defines the current role of this device." ::= { docsCmBase 1 } docsCmDateTime OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-write STATUS current DESCRIPTION "The date and time, with optional timezone information." ::= { docsCmBase 2 } docsCmResetNow OBJECT-TYPE SYNTAX INTEGER { reset(1), ready(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this object to reset(1) causes the device to reset." ::= { docsCmBase 3 } docsCmSerialNumber OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "The manufacturer's serial number for this device." ::= { docsCmBase 4 } docsCmSTPControl OBJECT-TYPE SYNTAX INTEGER { stEnabled(1), noStFilterBpdu(2), noStPassBpdu(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object controls operation of the spanning tree protocol (as distinguished from transparent bridging). If set to st- enabled(1) then the spanning tree protocol is enabled, subject to bridging constraints. If no-st-filter-bpdu(2), then spanning tree is not active, and Bridge PDUs received are discarded. If no-st-pass-bpdu(3) then spanning tree is not active and Bridge PDUs are transparently forwarded. Note that a device need not implement all of these options, but that no-st-filter-bpdu(2) is required." ::= { docsCmBase 5 } Expires January 1998 [Page 8] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 -- -- The following table provides one level of security for access to the -- device by network management stations. Also, see the security section -- in the text above. Note also that access is also constrained by the -- community strings and any vendor-specific security. -- docsCmNmAccessTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsCmNmAccessEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table controls access to SNMP objects by network management stations." ::= { docsCmMIBObjects 2 } docsCmNmAccessEntry OBJECT-TYPE SYNTAX DocsCmNmAccessEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Controls access to SNMP objects by a particular network management station. For each entry in this table, the contents are not readable unless the management station has read-write permission." INDEX { docsCmNmAccessIndex } ::= { docsCmNmAccessTable 1 } DocsCmNmAccessEntry ::= SEQUENCE { docsCmNmAccessIndex INTEGER, docsCmNmAccessIp IpAddress, docsCmNmAccessIpMask IpAddress, docsCmNmAccessCommunity DisplayString, docsCmNmAccessControl INTEGER, docsCmNmAccessInterfaces OCTET STRING } docsCmNmAccessIndex OBJECT-TYPE SYNTAX INTEGER (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Index used to order the application of access entries." ::= { docsCmNmAccessEntry 1 } docsCmNmAccessIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The IP address (or subnet) of the network management station. The address 255.255.255.255 is defined to mean any NMS. If traps Expires January 1998 [Page 9] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 are enabled for this entry, then the value must be the address of a specific device." DEFVAL { 'ffffffff'h } ::= { docsCmNmAccessEntry 2 } docsCmNmAccessIpMask OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The IP subnet mask of the network management stations. If traps are enabled for this entry, then the value must be 255.255.255.255." DEFVAL { 'ffffffff'h } ::= { docsCmNmAccessEntry 3 } docsCmNmAccessCommunity OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-create STATUS current DESCRIPTION "The community string to be matched for access by this entry. If set to the null string then any community string will match." DEFVAL { "public" } ::= { docsCmNmAccessEntry 4 } docsCmNmAccessControl OBJECT-TYPE SYNTAX INTEGER { none(1), read(2), readWrite(3), roWithTraps(4), rwWithTraps(5), trapsOnly(6) } MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the type of access allowed to this NMS. Setting this object to none(1) causes the table entry to be destroyed. Read (2) allows access by 'get' and 'get-next' PDUs. ReadWrite(3) allows access by 'set' as well. RoWithtraps(4), rwWithTraps(5), and trapsOnly(6) control distribution of Trap PDUs transmitted by this device." DEFVAL { read } ::= { docsCmNmAccessEntry 5 } -- The syntax of the following object was copied from RFC1493, -- dot1dStaticAllowedToGoTo. docsCmNmAccessInterfaces OBJECT-TYPE SYNTAX OCTET STRING Expires January 1998 [Page 10] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 MAX-ACCESS read-create STATUS current DESCRIPTION "Specifies the set of interfaces from which requests from this NMS will be accepted. Each octet within the value of this object specifies a set of eight interfaces, with the first octet specifying ports 1 through 8, the second octet specifying interfaces 9 through 16, etc. Within each octet, the most significant bit represents the lowest numbered interface, and the least significant bit represents the highest numbered interface. Thus, each interface is represented by a single bit within the value of this object. If that bit has a value of '1' then that interface is included in the set. Note that entries in this table apply only to link-layer interfaces (e.g., Ethernet and CATV MAC). Upstream and downstream channel interfaces must not be specified." -- DEFVAL is the bitmask corresponding to all interfaces ::= { docsCmNmAccessEntry 6 } -- -- Editor's note: Needs update. -- Procedures for using the following group are described in section -- 4.2.2 -- docsCmSoftware OBJECT IDENTIFIER ::= { docsCmMIBObjects 3 } docsCmSwServer OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "The address of the TFTP server used for software upgrades." ::= { docsCmSoftware 1 } docsCmSwFilename OBJECT-TYPE SYNTAX DisplayString (SIZE (0..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "The file name of the software image to be loaded into this device. Unless set via SNMP, this is the file name specified by the provisioning server that corresponds to the software version that is desired for this device. If unknown, the string '(unknown)' is returned." ::= { docsCmSoftware 2 } docsCmSwAdminStatus OBJECT-TYPE SYNTAX INTEGER { upgradeFromMgt(1), Expires January 1998 [Page 11] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 allowProvisioningUpgrade(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "If set to upgradeFromMgt(1), the device initiates a TFTP download using docsCmSwFilename. On successfully receiving an image, the device will re-boot. On reboots, the device will disregard software information from the provisioning server. If set to allowProvisioningUpgrade(2), the device will use the software version information supplied by the provisioning server when next rebooting (this does not cause a re-boot). " ::= { docsCmSoftware 3 } docsCmSwOperStatus OBJECT-TYPE SYNTAX INTEGER { inProgress(1), completeFromProvisioning(2), completeFromMgt(3), failed(4), other(5) } MAX-ACCESS read-only STATUS current DESCRIPTION "InProgress(1) indicates that a TFTP download is underway, either as a result of a version mismatch at provisioning or as a result of a upgradeFromMgt request. CompleteFromProvisioning(2) indicates that the last software upgrade was a result of version mismatch at provisioning. CompleteFromMgt(3) indicates that the last software upgrade was a result of setting docsCmSwAdminStatus to upgradeFromMgt. Failed(4) indicates that the last attempted download failed, ordinarily due to TFTP timeout." ::= { docsCmSoftware 4 } -- -- The following group describes server access and parameters used for -- initial provisioning and bootstrapping. -- docsCmServer OBJECT IDENTIFIER ::= { docsCmMIBObjects 4 } docsCmServerBootState OBJECT-TYPE SYNTAX INTEGER { operational(1), disabled(2), waitingForDhcpOffer(3), waitingForDhcpResponse(4), waitingForTimeServer(5), waitingForSecurity(6), Expires January 1998 [Page 12] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 waitingForTftp(7), refusedByCmts(8), forwardingDenied(9), other(10), unknown(11) } MAX-ACCESS read-only STATUS current DESCRIPTION "If operational(1), the device has completed loading and processing of configuration parameters and the CMTS has completed the Registration exchange. If disabled(2) then the device was administratively disabled, possibly by being refused network access in the configuration file. If waitingForDhcpOffer(3) then a DHCP Discover has been transmitted and no offer has yet been received. If waitingForDhcpResponse(4) then a DHCP Request has been transmitted and no response has yet been received. If waitingForSecurity(5) then an exchange with a security server is needed and has not completed. If waitingForTftp(6) then a request to the TFTP parameter server has been made and no response received. If refusedByCmts(7) then the Registration Request/Response exchange with the CMTS failed. If forwardingDenied(8) then the registration process completed, but the network access option in the received configuration file prohibits forwarding. " ::= { docsCmServer 1 } docsCmServerDhcp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The IP address of the DHCP server that assigned an IP address to this device. Returns 0.0.0.0 if DHCP was not used for IP address assignment." ::= { docsCmServer 2 } docsCmServerTime OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The IP address of the Time server (RFC-868)." ::= { docsCmServer 3 } docsCmServerTftp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current Expires January 1998 [Page 13] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 DESCRIPTION "The IP address of the TFTP server responsible for downloading provisioning and configuration parameters to this device." ::= { docsCmServer 4 } docsCmServerSecurity OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The IP address of the security server, if present." ::= { docsCmServer 5 } docsCmServerConfigFile OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "The name of the device configuration file read from the TFTP server." ::= { docsCmServer 6 } -- -- Event Reporting -- docsCmEvent OBJECT IDENTIFIER ::= { docsCmMIBObjects 5 } docsCmEvControl OBJECT-TYPE SYNTAX INTEGER { resetLog(1), useDefaultReporting(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this object to resetLog(1) empties the event log. All data is deleted. Setting it to useDefaultReporting(2) returns all event priorities to their factory-default reporting." ::= { docsCmEvent 1 } docsCmEvSyslog OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "The IP address of the Syslog server. If 0.0.0.0, syslog transmission is inhibited." ::= { docsCmEvent 2 } docsCmEvThrottleAdminStatus OBJECT-TYPE SYNTAX INTEGER { Expires January 1998 [Page 14] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 unconstrained(1), maintainBelowThreshold(2), stopAtThreshold(3), inhibited(4) } MAX-ACCESS read-write STATUS current DESCRIPTION "Controls the transmission of traps and syslog messages with respect to the trap pacing threshold. unconstrained(1) causes traps to be transmitted without regard to the threshold settings. maintainBelowThreshold(2) causes trap transmission to be suppressed if the number of traps would otherwise exceed the threshold. stopAtThreshold(3) causes trap transmission to cease at the threshold, and not resume until directed to do so. inhibited(4) causes all trap transmission to be suppressed. Writing to this object resets the thresholding state." ::= { docsCmEvent 3 } docsCmEvThrottleOperStatus OBJECT-TYPE SYNTAX INTEGER { inhibited(1), operational(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates whether or not trap and syslog transmission is currently inhibited due to thresholds and docsCmEvThrottleAdminStatus." ::= { docsCmEvent 4 } docsCmEvThrottleThreshold OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "Number of trap/syslog events per docsCmEvThrottleInterval to be transmitted before throttling." ::= { docsCmEvent 5 } docsCmEvThrottleInterval OBJECT-TYPE SYNTAX TimeTicks MAX-ACCESS read-write STATUS current DESCRIPTION "The interval over which the trap threshold applies." ::= { docsCmEvent 6 } -- -- The following table controls the reporting of the various classes of Expires January 1998 [Page 15] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 -- events. For each event priority, -- a combination of logging and reporting mechanisms may be chosen. The -- mapping of event types -- to priorities is vendor-dependent. Vendors may also choose to allow -- the user to control that mapping -- through proprietary means. docsCmEvControlTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsCmEvControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Allows control of the reporting of event classes." ::= { docsCmEvent 7 } docsCmEvControlEntry OBJECT-TYPE SYNTAX DocsCmEvControlEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Allows configuration of the reporting mechanisms for a particular event priority." INDEX { docsCmEvPriority } ::= { docsCmEvControlTable 1 } DocsCmEvControlEntry ::= SEQUENCE { docsCmEvPriority INTEGER, docsCmEvReporting INTEGER } docsCmEvPriority OBJECT-TYPE SYNTAX INTEGER { emergency(1), alert(2), critical(3), error(4), warning(5), notice(6), information(7), debug(8) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "The priority level that is controlled by this entry." ::= { docsCmEvControlEntry 1 } docsCmEvReporting OBJECT-TYPE SYNTAX INTEGER { noReporting(1), localLogOnly(2), Expires January 1998 [Page 16] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 trapOnly(3), localLogAndTrap(4), syslogOnly(5), bothLogs(6), syslogAndTrap(7), bothLogsAndTrap(8) } MAX-ACCESS read-write STATUS current DESCRIPTION "Defines the action to be taken on occurrence of this event class. Implementations may not necessarily support all options for all event classes, but at minimum must allow traps and syslogging to be disabled." ::= { docsCmEvControlEntry 2 } docsCmEventTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsCmEventEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Contains a log of network and device events that may be of interest in fault isolation and troubleshooting." ::= { docsCmEvent 8 } docsCmEventEntry OBJECT-TYPE SYNTAX DocsCmEventEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Describes a network or device event that may be of interest in fault isolation and troubleshooting." INDEX { docsCmEvIndex } ::= { docsCmEventTable 1 } DocsCmEventEntry ::= SEQUENCE { docsCmEvIndex INTEGER, docsCmEvFirstTime DateAndTime, docsCmEvLastTime DateAndTime, docsCmEvCount Counter32, docsCmEvLevel INTEGER, docsCmEvId Unsigned32, docsCmEvText DisplayString } docsCmEvIndex OBJECT-TYPE SYNTAX INTEGER (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Provides relative ordering of the objects in the event log. This object will always increase except when (a) the log is Expires January 1998 [Page 17] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 reset via docsCmEvControl, (b) the device reboots and does not implement nonvolatile storage for this log, or (c) it reaches the value 2^31. In all three cases the log is cleared and the next entry is 1." ::= { docsCmEventEntry 1 } docsCmEvFirstTime OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "The time that this entry was created." ::= { docsCmEventEntry 2 } docsCmEvLastTime OBJECT-TYPE SYNTAX DateAndTime MAX-ACCESS read-only STATUS current DESCRIPTION "If multiple events are reported via the same entry, the time that the last event for this entry occurred." ::= { docsCmEventEntry 3 } docsCmEvCount OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of consecutive event instances reported by this entry." ::= { docsCmEventEntry 4 } docsCmEvLevel OBJECT-TYPE SYNTAX INTEGER { emergency(1), alert(2), critical(3), error(4), warning(5), notice(6), information(7), debug(8) } MAX-ACCESS read-only STATUS current DESCRIPTION "The priority level of this event." ::= { docsCmEventEntry 5 } -- -- Vendors will provide their own enumerations for the following. -- The interpretation of the enumeration is unambiguous for a particular Expires January 1998 [Page 18] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 -- value of the vendor's enterprise number in sysObjectID. -- docsCmEvId OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "For this product, uniquely identifies the type of event that is reported by this entry." ::= { docsCmEventEntry 6 } docsCmEvText OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "Provides a human-readable description of the event, including all relevant context (interface numbers, etc.)" ::= { docsCmEventEntry 7 } docsCmFilter OBJECT IDENTIFIER ::= { docsCmMIBObjects 6 } -- LLC filters can be defined on an inclusive or exclusive basis: CMs -- can be configured to forward only -- packets matching a set of layer three protocols, or to drop packets -- matching a set of layer three protocols. -- CMs must support a minimum of ten LLC filter entries. docsCmFilterLLCDefault OBJECT-TYPE SYNTAX INTEGER { discard(1), accept(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "If set to discard(1), all packets matching an LLC filter will be discarded. If set to accept(2), only packets matching an LLC filter will be accepted for further processing (e.g., bridging)." ::= { docsCmFilter 1 } docsCmFilterLLCTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsCmFilterLLCEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A list of filters to apply to (bridged) LLC traffic, which forwards or drops packets on the basis of the layer three protocol type." ::= { docsCmFilter 2 } Expires January 1998 [Page 19] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 docsCmFilterLLCEntry OBJECT-TYPE SYNTAX DocsCmFilterLLCEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Describes a single filter to apply to (bridged) LLC traffic received on a specified interface. " INDEX { docsCmFilterLLCIndex } ::= { docsCmFilterLLCTable 1 } DocsCmFilterLLCEntry ::= SEQUENCE { docsCmFilterLLCIndex INTEGER, docsCmFilterLLCControl RowStatus, docsCmFilterLLCIfIndex InterfaceIndexOrZero, docsCmFilterLLCProtocolType INTEGER, docsCmFilterLLCProtocol INTEGER, docsCmFilterLLCMatches Counter32 } docsCmFilterLLCIndex OBJECT-TYPE SYNTAX INTEGER (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Index used for the identification of filters (note that LLC filter order is irrelevant)." ::= { docsCmFilterLLCEntry 1 } docsCmFilterLLCControl OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Controls and reflects the status of rows in this table." ::= { docsCmFilterLLCEntry 2} docsCmFilterLLCIfIndex OBJECT-TYPE SYNTAX InterfaceIndexOrZero MAX-ACCESS read-create STATUS current DESCRIPTION "The entry interface to which this filter applies. The value corresponds to ifIndex for either a CATV MAC or other network interface. In Cable Modems, the default value is the customer side interface. In Cable Modem Termination Systems, this object has to be specified to create a row in this table." ::= { docsCmFilterLLCEntry 3 } docsCmFilterLLCProtocolType OBJECT-TYPE SYNTAX INTEGER { Expires January 1998 [Page 20] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 ethertype(1), dsap(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "The format of the value in docsCmFilterLLCProtocol: either a two-byte Ethernet Ethertype, or a one-byte 802.2 SAP value. EtherType(1) also applies to SNAP-encapsulated frames." DEFVAL { ethertype } ::= { docsCmFilterLLCEntry 4 } docsCmFilterLLCProtocol OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The layer three protocol for which this filter applies. The protocol value format depends on docsCmFilterLLCProtocolType. Note that for SNAP frames, etherType filtering is performed rather than DSAP=0xAA." DEFVAL { 0 } ::= { docsCmFilterLLCEntry 5 } docsCmFilterLLCMatches OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Counts the number of times this filter was matched." ::= { docsCmFilterLLCEntry 6 } -- The default behavior for (bridged) packets that do not match IP -- filters is defined by -- docsCmFilterIpDefault. docsCmFilterIpDefault OBJECT-TYPE SYNTAX INTEGER { discard(1), accept(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "If set to discard(1), all packets not matching an IP filter will be discarded. If set to accept(2), all packets not matching an IP filter will be accepted for further processing (e.g., bridging)." ::= { docsCmFilter 3 } -- -- CMs must support a minimum of ten IP address filter entries. Expires January 1998 [Page 21] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 -- docsCmFilterIpTable OBJECT-TYPE SYNTAX SEQUENCE OF DocsCmFilterIpEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An ordered list of filters to apply to IP traffic. Filter application is ordered by the filter index, rather than by a best match algorithm. Packets which match no filters are discarded or forwarded according to the setting of docsCmFilterIpDefault." ::= { docsCmFilter 4 } docsCmFilterIpEntry OBJECT-TYPE SYNTAX DocsCmFilterIpEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Describes a filter to apply to IP traffic received on a specified interface. Both source and destination addresses must match for the filter to apply." INDEX { docsCmFilterIpIndex } ::= { docsCmFilterIpTable 1 } DocsCmFilterIpEntry ::= SEQUENCE { docsCmFilterIpIndex INTEGER, docsCmFilterIpStatus RowStatus, docsCmFilterIpControl INTEGER, docsCmFilterIpIfIndex InterfaceIndexOrZero, docsCmFilterIpDirection INTEGER, docsCmFilterIpBroadcast INTEGER, docsCmFilterIpSaddr IpAddress, docsCmFilterIpSmask IpAddress, docsCmFilterIpDaddr IpAddress, docsCmFilterIpDmask IpAddress, docsCmFilterIpProtocol INTEGER, docsCmFilterIpSourcePortLow INTEGER, docsCmFilterIpSourcePortHigh INTEGER, docsCmFilterIpDestPortLow INTEGER, docsCmFilterIpDestPortHigh INTEGER, docsCmFilterIpMatches Counter32 } docsCmFilterIpIndex OBJECT-TYPE SYNTAX INTEGER (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Index used to order the application of filters." ::= { docsCmFilterIpEntry 1 } Expires January 1998 [Page 22] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 docsCmFilterIpStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Controls and reflects the status of rows in this table." ::= { docsCmFilterIpEntry 2 } docsCmFilterIpControl OBJECT-TYPE SYNTAX INTEGER { discard(1), accept(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "If set to discard(1), all packets matching this filter will be discarded and scanning of the remainder of the filter list will be aborted. If set to accept(2), all packets matching this filter will be accepted for further processing (e.g., bridging) and scanning of the remainder of the filter list will be aborted. " DEFVAL { discard } ::= { docsCmFilterIpEntry 3 } docsCmFilterIpIfIndex OBJECT-TYPE SYNTAX InterfaceIndexOrZero MAX-ACCESS read-create STATUS current DESCRIPTION "The entry interface to which this filter applies. The value corresponds to ifIndex for either a CATV MAC or other network interface." -- DEFVAL for CMs is the customer-side (i.e., ethernet) -- interface. Not defined for CMTSs. ::= { docsCmFilterIpEntry 4 } docsCmFilterIpDirection OBJECT-TYPE SYNTAX INTEGER { inbound(1), outbound(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Determines whether the filter is applied to inbound(1) or outbound(2) traffic." DEFVAL { inbound } ::= { docsCmFilterIpEntry 5 } docsCmFilterIpBroadcast OBJECT-TYPE SYNTAX INTEGER { Expires January 1998 [Page 23] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 broadcastOnly(1), allPackets(2) } MAX-ACCESS read-create STATUS current DESCRIPTION "Determines whether the filter is applied to all traffic, or just to multicast and broadcast traffic." DEFVAL { allPackets } ::= { docsCmFilterIpEntry 6 } docsCmFilterIpSaddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The source IP address, or portion thereof, that is to be matched for this filter." DEFVAL { '00000000'h } ::= { docsCmFilterIpEntry 7 } docsCmFilterIpSmask OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "A bit mask that is to be applied to the source address prior to matching. This mask is not necessarily the same as a subnet mask, but 1's bits must be leftmost and contiguous." DEFVAL { '00000000'h } ::= { docsCmFilterIpEntry 8 } docsCmFilterIpDaddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "The destination IP address, or portion thereof, that is to be matched for this filter " DEFVAL { '00000000'h } ::= { docsCmFilterIpEntry 9 } docsCmFilterIpDmask OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-create STATUS current DESCRIPTION "A bit mask that is to be applied to the destination address prior to matching. This mask is not necessarily the same as a subnet mask, but 1's bits must be leftmost and contiguous " DEFVAL { '00000000'h } ::= { docsCmFilterIpEntry 10 } Expires January 1998 [Page 24] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 docsCmFilterIpProtocol OBJECT-TYPE SYNTAX INTEGER { icmp(1), tcp(6), udp(17), any(256) } MAX-ACCESS read-create STATUS current DESCRIPTION "The IP protocol value that is to be matched." DEFVAL { any } ::= { docsCmFilterIpEntry 11 } docsCmFilterIpSourcePortLow OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "If docsCmFilterIpProtocol is udp or tcp, this is the inclusive lower bound of the transport-layer source port range that is to be matched." DEFVAL { 0 } ::= { docsCmFilterIpEntry 12 } docsCmFilterIpSourcePortHigh OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "If docsCmFilterIpProtocol is udp or tcp, this is the inclusive upper bound of the transport-layer source port range that is to be matched." DEFVAL { 65535 } ::= { docsCmFilterIpEntry 13 } docsCmFilterIpDestPortLow OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "If docsCmFilterIpProtocol is udp or tcp, this is the inclusive lower bound of the transport-layer destination port range that is to be matched." DEFVAL { 0 } ::= { docsCmFilterIpEntry 14 } docsCmFilterIpDestPortHigh OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS read-create STATUS current DESCRIPTION Expires January 1998 [Page 25] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 "If docsCmFilterIpProtocol is udp or tcp, this is the inclusive upper bound of the transport-layer destination port range that is to be matched." DEFVAL { 65535 } ::= { docsCmFilterIpEntry 15 } docsCmFilterIpMatches OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Counts the number of times this filter was matched." ::= { docsCmFilterIpEntry 16 } -- -- Placeholder for notifications/traps. -- docsCmNotification OBJECT IDENTIFIER ::= { docsCmMIB 2 } -- -- Conformance definitions -- docsCmConformance OBJECT IDENTIFIER ::= { docsCmMIB 3 } docsCmGroups OBJECT IDENTIFIER ::= { docsCmConformance 1 } docsCmCompliances OBJECT IDENTIFIER ::= { docsCmConformance 2 } docsCmBasicCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for MCNS Cable Modems and Cable Modem Termination Systems." MODULE -- docsCmMIB MANDATORY-GROUPS { docsCmBaseGroup, docsCmEventGroup, docsCmFilterGroup } -- conditionally mandatory groups GROUP docsCmNmAccessGroup DESCRIPTION "Must be implemented on Cable Modems, should be implemented on CMTSs" GROUP docsCmServerGroup DESCRIPTION "This group is implemented only on Cable Modems, not on CMTSs." Expires January 1998 [Page 26] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 GROUP docsCmSoftwareGroup DESCRIPTION "Must be implemented on Cable Modems, should be implemented on CMTSs." OBJECT docsCmSTPControl MIN-ACCESS read-only DESCRIPTION "Devices need only support no-st-filter-bpdu(2)." ::= { docsCmCompliances 1 } docsCmBaseGroup OBJECT-GROUP OBJECTS { docsCmRole, docsCmDateTime, docsCmResetNow, docsCmSerialNumber, docsCmSTPControl } STATUS current DESCRIPTION "A collection of objects providing device status and control." ::= { docsCmGroups 1 } docsCmNmAccessGroup OBJECT-GROUP OBJECTS { docsCmNmAccessIp, docsCmNmAccessIpMask, docsCmNmAccessCommunity, docsCmNmAccessControl, docsCmNmAccessInterfaces } STATUS current DESCRIPTION "A collection of objects for controlling access to SNMP objects." ::= { docsCmGroups 2 } docsCmSoftwareGroup OBJECT-GROUP OBJECTS { docsCmSwServer, docsCmSwFilename, docsCmSwAdminStatus, docsCmSwOperStatus } STATUS current DESCRIPTION "A collection of objects for controlling software downloads." ::= { docsCmGroups 3 } docsCmServerGroup OBJECT-GROUP OBJECTS { Expires January 1998 [Page 27] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 docsCmServerBootState, docsCmServerDhcp, docsCmServerTime, docsCmServerTftp, docsCmServerSecurity, docsCmServerConfigFile } STATUS current DESCRIPTION "A collection of objects providing status about server provisioning." ::= { docsCmGroups 4 } docsCmEventGroup OBJECT-GROUP OBJECTS { docsCmEvControl, docsCmEvSyslog, docsCmEvThrottleAdminStatus, docsCmEvThrottleOperStatus, docsCmEvThrottleThreshold, docsCmEvThrottleInterval, docsCmEvReporting, docsCmEvFirstTime, docsCmEvLastTime, docsCmEvCount, docsCmEvLevel, docsCmEvId, docsCmEvText } STATUS current DESCRIPTION "A collection of objects used to control and monitor events." ::= { docsCmGroups 5 } docsCmFilterGroup OBJECT-GROUP OBJECTS { docsCmFilterLLCDefault, docsCmFilterIpDefault, docsCmFilterLLCControl, docsCmFilterLLCIfIndex, docsCmFilterLLCProtocolType, docsCmFilterLLCProtocol, docsCmFilterLLCMatches, docsCmFilterIpControl, docsCmFilterIpIfIndex, docsCmFilterIpStatus, docsCmFilterIpDirection, docsCmFilterIpBroadcast, docsCmFilterIpSaddr, docsCmFilterIpSmask, docsCmFilterIpDaddr, docsCmFilterIpDmask, Expires January 1998 [Page 28] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 docsCmFilterIpProtocol, docsCmFilterIpSourcePortLow, docsCmFilterIpSourcePortHigh, docsCmFilterIpDestPortLow, docsCmFilterIpDestPortHigh, docsCmFilterIpMatches } STATUS current DESCRIPTION "A collection of objects to specify filters at link layer and IP layer." ::= { docsCmGroups 6 } END Expires January 1998 [Page 29] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 5. Acknowledgments This document was produced by the IPCDN Working Group. It is based on a document written by Pam Anderson from CableLabs, Wilson Sawyer from BayNetworks, and Rich Woundy from Continental Cablevision. Special thanks is also due to Azlina Palmer 6. References [1] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Structure of Management Information for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1902, January 1996. [2] McCloghrie, K., and M. Rose, Editors, "Management Information Base for Network Management of TCP/IP-based internets: MIB-II", STD 17, RFC 1213, Hughes LAN Systems, Performance Systems International, March 1991. [3] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "A Simple Network Management Protocol (SNMP)", STD 15, RFC 1157, SNMP Research, Performance Systems International, MIT Lab for Computer Science, May 1990. [4] SNMPv2 Working Group, Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, January 1996. [5] McCloghrie, K. and F. Kastenholz, "Evolution of the Interfaces Group of MIB-II", RFC 1573, Hughes LAN Systems, FTP Software, January 1994. [6] "MCNS Data Over Cable Services Cable Modem Radio Frequency Interface Specification SP-RFID01-970326", MCNS, March 1997. [7] L. Steinberg, "Techniques for Managing Asynchronously Generated Alerts", RFC 1224, May 1991. [8] "MCNS Data Over Cable Services Operations Support System Interface Specification SP-OSSII01-970403", MCNS, March 1997. 7. Security Considerations Security issues are not discussed in this memo. Expires January 1998 [Page 30] INTERNET-DRAFT MCNS Cable Modem MIB July 1997 8. Author's Address Guenter Roeck cisco Systems 170 West Tasman Drive San Jose, CA 95134 U.S.A. Phone: +1 408 527 3143 Email: groeck@cisco.com Expires January 1998 [Page 31]