CISCO-IP-URPF-MIB MIB – Observium MIB Browser

CISCO-IP-URPF-MIB

        Unicast Reverse Path Forwarding (URPF) is a function that
checks the validity of the source address of IP packets
received on an interface. This in an attempt to prevent
Denial of Service attacks based on IP address spoofing.
        
URPF checks validity of a source address by determining
whether the packet would be successfully routed as a
destination address. 
Based on configuration, the check made
can be for existence of any route for the address, or more
strictly for a route out the interface on which the packet
was received by the device. When a violating packet is
detected, it can be dropped. 
This MIB allows detection of
spoofingevents.

ciscoIpUrpfMIB 1.3.6.1.4.1.9.9.451

Imported Objects

CISCO-SMI	ciscoMgmt
IF-MIB	ifIndex
SNMP-FRAMEWORK-MIB	SnmpAdminString
SNMPv2-CONF	MODULE-COMPLIANCE NOTIFICATION-GROUP OBJECT-GROUP
SNMPv2-SMI	Counter32 Gauge32 Integer32 MODULE-IDENTITY NOTIFICATION-TYPE OBJECT-TYPE Unsigned32
SNMPv2-TC	TEXTUAL-CONVENTION TimeStamp TruthValue

Type Definitions (2)

UnicastRpfOptions	Bits	`allowDefault(0)` `allowSelfPing(1)`
UnicastRpfType	Enumeration	`strict(1)` `loose(2)` `disabled(3)`

Objects (40)

ciscoIpUrpfMIB		`.1.3.6.1.4.1.9.9.451`
ciscoIpUrpfMIBNotifs		`.1.3.6.1.4.1.9.9.451.0`
ciscoIpUrpfMIBObjects		`.1.3.6.1.4.1.9.9.451.1`
cipUrpfScalar		`.1.3.6.1.4.1.9.9.451.1.1`
cipUrpfDropRateWindow r/w	secondsInteger32	`.1.3.6.1.4.1.9.9.451.1.1.1`
cipUrpfComputeInterval r/w	secondsInteger32	`.1.3.6.1.4.1.9.9.451.1.1.2`
cipUrpfDropNotifyHoldDownTime r/w	secondsInteger32	`.1.3.6.1.4.1.9.9.451.1.1.3`
cipUrpfStatistics		`.1.3.6.1.4.1.9.9.451.1.2`
cipUrpfTable		`.1.3.6.1.4.1.9.9.451.1.2.1`
cipUrpfEntry	cipUrpfIpVersion	`.1.3.6.1.4.1.9.9.451.1.2.1.1`
cipUrpfIpVersion	Enumeration	`.1.3.6.1.4.1.9.9.451.1.2.1.1.1`
cipUrpfDrops	packetsSNMPv2-SMICounter32	`.1.3.6.1.4.1.9.9.451.1.2.1.1.2`
cipUrpfDropRate	packets per secondSNMPv2-SMIGauge32	`.1.3.6.1.4.1.9.9.451.1.2.1.1.3`
cipUrpfIfMonTable		`.1.3.6.1.4.1.9.9.451.1.2.2`
cipUrpfIfMonEntry	IF-MIBifIndexcipUrpfIfIpVersion	`.1.3.6.1.4.1.9.9.451.1.2.2.1`
cipUrpfIfIpVersion	Enumeration	`.1.3.6.1.4.1.9.9.451.1.2.2.1.1`
cipUrpfIfDrops	packetsSNMPv2-SMICounter32	`.1.3.6.1.4.1.9.9.451.1.2.2.1.2`
cipUrpfIfSuppressedDrops	packetsSNMPv2-SMICounter32	`.1.3.6.1.4.1.9.9.451.1.2.2.1.3`
cipUrpfIfDropRate	packets/secondSNMPv2-SMIGauge32	`.1.3.6.1.4.1.9.9.451.1.2.2.1.4`
cipUrpfIfDiscontinuityTime	SNMPv2-TCTimeStamp	`.1.3.6.1.4.1.9.9.451.1.2.2.1.5`
cipUrpfVrfIfTable		`.1.3.6.1.4.1.9.9.451.1.2.3`
cipUrpfVrfIfEntry	cipUrpfVrfNameIF-MIBifIndex	`.1.3.6.1.4.1.9.9.451.1.2.3.1`
cipUrpfVrfIfDrops	packetsSNMPv2-SMICounter32	`.1.3.6.1.4.1.9.9.451.1.2.3.1.2`
cipUrpfVrfIfDiscontinuityTime	SNMPv2-TCTimeStamp	`.1.3.6.1.4.1.9.9.451.1.2.3.1.3`
cipUrpfInterfaceConfig		`.1.3.6.1.4.1.9.9.451.1.3`
cipUrpfIfConfTable		`.1.3.6.1.4.1.9.9.451.1.3.1`
cipUrpfIfConfEntry		`.1.3.6.1.4.1.9.9.451.1.3.1.1`
cipUrpfIfDropRateNotifyEnable r/w	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.451.1.3.1.1.1`
cipUrpfIfNotifyDropRateThreshold r/w	packets/secondUnsigned32	`.1.3.6.1.4.1.9.9.451.1.3.1.1.2`
cipUrpfIfNotifyDrHoldDownReset r/w	SNMPv2-TCTruthValue	`.1.3.6.1.4.1.9.9.451.1.3.1.1.3`
cipUrpfIfCheckStrict	Enumeration	`.1.3.6.1.4.1.9.9.451.1.3.1.1.4`
cipUrpfIfWhichRouteTableID	Enumeration	`.1.3.6.1.4.1.9.9.451.1.3.1.1.5`
cipUrpfIfVrfName	OctetString	`.1.3.6.1.4.1.9.9.451.1.3.1.1.6`
cipUrpfVrf		`.1.3.6.1.4.1.9.9.451.1.4`
cipUrpfVrfTable		`.1.3.6.1.4.1.9.9.451.1.4.1`
cipUrpfVrfEntry	cipUrpfVrfName	`.1.3.6.1.4.1.9.9.451.1.4.1.1`
cipUrpfVrfName	OctetString	`.1.3.6.1.4.1.9.9.451.1.4.1.1.1`
ciscoIpUrpfMIBConformance		`.1.3.6.1.4.1.9.9.451.2`
ciscoIpUrpfMIBCompliances		`.1.3.6.1.4.1.9.9.451.2.1`
ciscoIpUrpfMIBGroups		`.1.3.6.1.4.1.9.9.451.2.2`

Notifications / Traps (1)

Name OID Description

Name	OID	Description
cipUrpfIfDropRateNotify cipUrpfIfDropRate	`.1.3.6.1.4.1.9.9.451.0.1`	This notification is generated when cipUrpfIfDropRateNotifyEnable is set to true and the calculated URPF drop rate (cipUrpfIfDropRate) exceeds the notification threshold drop rate (cipUrpfIfNotifyDropRateThreshold). Note the exceptional value of 0 for threshold allows notification generation if any drop events occur in an interval. After generating this notification, another such notification will not be sent out for a minimum of five minutes (note the exception to this provided by cipUrpfIfNotifyDrHoldDownReset). The object value present in the notification is the the drop rate that exceeded the threshold.

cipUrpfIfDropRateNotify

cipUrpfIfDropRate

.1.3.6.1.4.1.9.9.451.0.1

This notification is generated when
cipUrpfIfDropRateNotifyEnable is set to true and
the calculated URPF drop rate (cipUrpfIfDropRate) 
exceeds the notification threshold drop rate 
(cipUrpfIfNotifyDropRateThreshold). Note the 
exceptional value of 0 for threshold allows notification 
generation if any drop events occur in an interval.
          
After generating this notification, another such
notification will not be sent out for a minimum of five 
minutes (note the exception to this provided by 
cipUrpfIfNotifyDrHoldDownReset).
          
The object value present in the notification is the 
the drop rate that exceeded the threshold.