T11-FC-SP-SA-MIB

This MIB module specifies the management information
required to manage Security Associations established via
Fibre Channel's FC-SP specification.
        
The MIB module consists of six parts:
        
- a per-Fabric table, t11FcSpSaIfTable, of capabilities,
  parameters, status information, and counters; the counters
  include non-transient aggregates of per-SA transient
  counters;
        
- three tables, t11FcSpSaPropTable, t11FcSpSaTSelPropTable,
  and t11FcSpSaTransTable, specifying the proposals for an
  FC-SP entity acting as an SA_Initiator to present to the
  SA_Responder during the negotiation of Security
        
  Associations.  The same information is also used by an
  FC-SP entity acting as an SA_Responder to decide what to
  accept during the negotiation of Security Associations.
  One of these tables, t11FcSpSaTransTable, is used not only
  for information about security transforms to propose and
  to accept, but also as agreed upon during the negotiation
  of Security Associations;
        
- a table, t11FcSpSaTSelDrByTable, of Traffic Selectors
  having the security action of 'drop' or 'bypass' to be
  applied either to ingress traffic that is unprotected by
  FC-SP, or to all egress traffic;
        
- four tables, t11FcSpSaPairTable, t11FcSpSaTSelNegInTable,
  t11FcSpSaTSelNegOutTable, and t11FcSpSaTSelSpiTable,
  containing information about active bidirectional pairs of
  Security Associations; in particular, t11FcSpSaPairTable
  has one row per active bidirectional SA pair,
  t11FcSpSaTSelNegInTable and t11FcSpSaTSelNegOutTable
  contain information on the Traffic Selectors negotiated on
  the SAs, and the t11FcSpSaTSelSpiTable is an alternate
  lookup table such that the Traffic Selector(s) in use on a
  particular Security Association can be quickly determined
  based on the (ingress) SPI value;
        
- a table, t11FcSpSaControlTable, of control and other
  information concerning the generation of notifications for
  events related to FC-SP Security Associations;
        
- one notification, t11FcSpSaNotifyAuthFailure, generated on
  the occurrence of an Authentication failure for a received
  FC-2 or CT_IU frame.
        
Copyright (C) The IETF Trust (2008).  This version
of this MIB module is part of RFC 5324;  see the RFC
itself for full legal notices.
    

Imported Objects

FcAddressIdOrZero, fcmInstanceIndexFC-MGMT-MIB
InterfaceIndexOrZero, InterfaceIndexIF-MIB
NOTIFICATION-GROUP, OBJECT-GROUP, MODULE-COMPLIANCESNMPv2-CONF
OBJECT-TYPE, mib-2, MODULE-IDENTITY, NOTIFICATION-TYPE, Unsigned32, Counter32, Gauge32, TimeTicks, Counter64SNMPv2-SMI
RowStatus, TruthValue, TimeStamp, AutonomousType, StorageTypeSNMPv2-TC
T11FcSpType, T11FcSpiIndex, T11FcSpLifetimeLeft, T11FcSpLifetimeLeftUnits, T11FcSpSecurityProtocolId, T11FcRoutingControl, T11FcSaDirection, T11FcSpPrecedence, T11FcSpTransformsT11-FC-SP-TC-MIB
T11FabricIndexT11-TC-MIB

Objects

t11FcSpSaMIB .1.3.6.1.2.1.179
t11FcSpSaMIBNotifications .1.3.6.1.2.1.179.0
t11FcSpSaMIBObjects .1.3.6.1.2.1.179.1
t11FcSpSaBase .1.3.6.1.2.1.179.1.1
t11FcSpSaIfTable .1.3.6.1.2.1.179.1.1.1
t11FcSpSaIfEntry
.1.3.6.1.2.1.179.1.1.1.1
t11FcSpSaIfIndex
.1.3.6.1.2.1.179.1.1.1.1.1
t11FcSpSaIfDeadPeerDetections
.1.3.6.1.2.1.179.1.1.1.1.10
t11FcSpSaIfTerminateAllSas .1.3.6.1.2.1.179.1.1.1.1.11
t11FcSpSaIfOutDrops
.1.3.6.1.2.1.179.1.1.1.1.12
t11FcSpSaIfOutBypasses
.1.3.6.1.2.1.179.1.1.1.1.13
t11FcSpSaIfOutProcesses
.1.3.6.1.2.1.179.1.1.1.1.14
t11FcSpSaIfOutUnMatcheds
.1.3.6.1.2.1.179.1.1.1.1.15
t11FcSpSaIfInUnprotUnmtchDrops
.1.3.6.1.2.1.179.1.1.1.1.16
t11FcSpSaIfInDetReplays
.1.3.6.1.2.1.179.1.1.1.1.17
t11FcSpSaIfInUnprotMtchDrops
.1.3.6.1.2.1.179.1.1.1.1.18
t11FcSpSaIfInBadXforms
.1.3.6.1.2.1.179.1.1.1.1.19
t11FcSpSaIfFabricIndex
.1.3.6.1.2.1.179.1.1.1.1.2
t11FcSpSaIfInGoodXforms
.1.3.6.1.2.1.179.1.1.1.1.20
t11FcSpSaIfInProtUnmtchs
.1.3.6.1.2.1.179.1.1.1.1.21
t11FcSpSaIfEspHeaderCapab
.1.3.6.1.2.1.179.1.1.1.1.3
t11FcSpSaIfCTAuthCapab
.1.3.6.1.2.1.179.1.1.1.1.4
t11FcSpSaIfIKEv2Capab
.1.3.6.1.2.1.179.1.1.1.1.5
t11FcSpSaIfIkev2AuthCapab
.1.3.6.1.2.1.179.1.1.1.1.6
t11FcSpSaIfStorageType
.1.3.6.1.2.1.179.1.1.1.1.7
t11FcSpSaIfReplayPrevention
.1.3.6.1.2.1.179.1.1.1.1.8
t11FcSpSaIfReplayWindowSize .1.3.6.1.2.1.179.1.1.1.1.9
t11FcSpSaConfig .1.3.6.1.2.1.179.1.2
t11FcSpSaPropTable .1.3.6.1.2.1.179.1.2.1
t11FcSpSaPropEntry
.1.3.6.1.2.1.179.1.2.1.1
t11FcSpSaPropIndex .1.3.6.1.2.1.179.1.2.1.1.1
t11FcSpSaPropSecurityProt
.1.3.6.1.2.1.179.1.2.1.1.2
t11FcSpSaPropTSelListIndex .1.3.6.1.2.1.179.1.2.1.1.3
t11FcSpSaPropTransListIndex .1.3.6.1.2.1.179.1.2.1.1.4
t11FcSpSaPropAcceptAlgorithm .1.3.6.1.2.1.179.1.2.1.1.5
t11FcSpSaPropOutMatchSucceeds
.1.3.6.1.2.1.179.1.2.1.1.6
t11FcSpSaPropRowStatus
.1.3.6.1.2.1.179.1.2.1.1.7
t11FcSpSaTSelPropTable .1.3.6.1.2.1.179.1.2.2
t11FcSpSaTSelPropEntry
.1.3.6.1.2.1.179.1.2.2.1
t11FcSpSaTSelPropListIndex .1.3.6.1.2.1.179.1.2.2.1.1
t11FcSpSaTSelPropStartType
.1.3.6.1.2.1.179.1.2.2.1.10
t11FcSpSaTSelPropEndType
.1.3.6.1.2.1.179.1.2.2.1.11
t11FcSpSaTSelPropStorageType
.1.3.6.1.2.1.179.1.2.2.1.12
t11FcSpSaTSelPropRowStatus
.1.3.6.1.2.1.179.1.2.2.1.13
t11FcSpSaTSelPropPrecedence
.1.3.6.1.2.1.179.1.2.2.1.2
t11FcSpSaTSelPropDirection
.1.3.6.1.2.1.179.1.2.2.1.3
t11FcSpSaTSelPropStartSrcAddr .1.3.6.1.2.1.179.1.2.2.1.4
t11FcSpSaTSelPropEndSrcAddr .1.3.6.1.2.1.179.1.2.2.1.5
t11FcSpSaTSelPropStartDstAddr .1.3.6.1.2.1.179.1.2.2.1.6
t11FcSpSaTSelPropEndDstAddr .1.3.6.1.2.1.179.1.2.2.1.7
t11FcSpSaTSelPropStartRCtl
.1.3.6.1.2.1.179.1.2.2.1.8
t11FcSpSaTSelPropEndRCtl
.1.3.6.1.2.1.179.1.2.2.1.9
t11FcSpSaTransTable .1.3.6.1.2.1.179.1.2.3
t11FcSpSaTransEntry
.1.3.6.1.2.1.179.1.2.3.1
t11FcSpSaTransListIndex .1.3.6.1.2.1.179.1.2.3.1.1
t11FcSpSaTransIndex .1.3.6.1.2.1.179.1.2.3.1.2
t11FcSpSaTransSecurityProt
.1.3.6.1.2.1.179.1.2.3.1.3
t11FcSpSaTransEncryptAlg
.1.3.6.1.2.1.179.1.2.3.1.4
t11FcSpSaTransEncryptKeyLen .1.3.6.1.2.1.179.1.2.3.1.5
t11FcSpSaTransIntegrityAlg
.1.3.6.1.2.1.179.1.2.3.1.6
t11FcSpSaTransStorageType
.1.3.6.1.2.1.179.1.2.3.1.7
t11FcSpSaTransRowStatus
.1.3.6.1.2.1.179.1.2.3.1.8
t11FcSpSaTSelDrByTable .1.3.6.1.2.1.179.1.2.4
t11FcSpSaTSelDrByEntry
.1.3.6.1.2.1.179.1.2.4.1
t11FcSpSaTSelDrByDirection
.1.3.6.1.2.1.179.1.2.4.1.1
t11FcSpSaTSelDrByStartType
.1.3.6.1.2.1.179.1.2.4.1.10
t11FcSpSaTSelDrByEndType
.1.3.6.1.2.1.179.1.2.4.1.11
t11FcSpSaTSelDrByMatches
.1.3.6.1.2.1.179.1.2.4.1.12
t11FcSpSaTSelDrByRowStatus
.1.3.6.1.2.1.179.1.2.4.1.13
t11FcSpSaTSelDrByPrecedence
.1.3.6.1.2.1.179.1.2.4.1.2
t11FcSpSaTSelDrByAction .1.3.6.1.2.1.179.1.2.4.1.3
t11FcSpSaTSelDrByStartSrcAddr .1.3.6.1.2.1.179.1.2.4.1.4
t11FcSpSaTSelDrByEndSrcAddr .1.3.6.1.2.1.179.1.2.4.1.5
t11FcSpSaTSelDrByStartDstAddr .1.3.6.1.2.1.179.1.2.4.1.6
t11FcSpSaTSelDrByEndDstAddr .1.3.6.1.2.1.179.1.2.4.1.7
t11FcSpSaTSelDrByStartRCtl
.1.3.6.1.2.1.179.1.2.4.1.8
t11FcSpSaTSelDrByEndRCtl
.1.3.6.1.2.1.179.1.2.4.1.9
t11FcSpSaActive .1.3.6.1.2.1.179.1.3
t11FcSpSaPairTable .1.3.6.1.2.1.179.1.3.1
t11FcSpSaPairEntry
.1.3.6.1.2.1.179.1.3.1.1
t11FcSpSaPairIfIndex
.1.3.6.1.2.1.179.1.3.1.1.1
t11FcSpSaPairInDetReplays
.1.3.6.1.2.1.179.1.3.1.1.10
t11FcSpSaPairInBadXforms
.1.3.6.1.2.1.179.1.3.1.1.11
t11FcSpSaPairInGoodXforms
.1.3.6.1.2.1.179.1.3.1.1.12
t11FcSpSaPairInboundSpi
.1.3.6.1.2.1.179.1.3.1.1.2
t11FcSpSaPairSecurityProt
.1.3.6.1.2.1.179.1.3.1.1.3
t11FcSpSaPairTransListIndex .1.3.6.1.2.1.179.1.3.1.1.4
t11FcSpSaPairTransIndex .1.3.6.1.2.1.179.1.3.1.1.5
t11FcSpSaPairLifetimeLeft
.1.3.6.1.2.1.179.1.3.1.1.6
t11FcSpSaPairLifetimeLeftUnits
.1.3.6.1.2.1.179.1.3.1.1.7
t11FcSpSaPairTerminate .1.3.6.1.2.1.179.1.3.1.1.8
t11FcSpSaPairInProtUnMatchs
.1.3.6.1.2.1.179.1.3.1.1.9
t11FcSpSaTSelNegInTable .1.3.6.1.2.1.179.1.3.2
t11FcSpSaTSelNegInEntry
.1.3.6.1.2.1.179.1.3.2.1
t11FcSpSaTSelNegInIndex .1.3.6.1.2.1.179.1.3.2.1.1
t11FcSpSaTSelNegInEndType
.1.3.6.1.2.1.179.1.3.2.1.10
t11FcSpSaTSelNegInUnpMtchDrops
.1.3.6.1.2.1.179.1.3.2.1.11
t11FcSpSaTSelNegInInboundSpi
.1.3.6.1.2.1.179.1.3.2.1.2
t11FcSpSaTSelNegInStartSrcAddr .1.3.6.1.2.1.179.1.3.2.1.3
t11FcSpSaTSelNegInEndSrcAddr .1.3.6.1.2.1.179.1.3.2.1.4
t11FcSpSaTSelNegInStartDstAddr .1.3.6.1.2.1.179.1.3.2.1.5
t11FcSpSaTSelNegInEndDstAddr .1.3.6.1.2.1.179.1.3.2.1.6
t11FcSpSaTSelNegInStartRCtl
.1.3.6.1.2.1.179.1.3.2.1.7
t11FcSpSaTSelNegInEndRCtl
.1.3.6.1.2.1.179.1.3.2.1.8
t11FcSpSaTSelNegInStartType
.1.3.6.1.2.1.179.1.3.2.1.9
t11FcSpSaTSelNegOutTable .1.3.6.1.2.1.179.1.3.3
t11FcSpSaTSelNegOutEntry
.1.3.6.1.2.1.179.1.3.3.1
t11FcSpSaTSelNegOutPrecedence
.1.3.6.1.2.1.179.1.3.3.1.1
t11FcSpSaTSelNegOutEndType
.1.3.6.1.2.1.179.1.3.3.1.10
t11FcSpSaTSelNegOutInboundSpi
.1.3.6.1.2.1.179.1.3.3.1.2
t11FcSpSaTSelNegOutStartSrcAddr .1.3.6.1.2.1.179.1.3.3.1.3
t11FcSpSaTSelNegOutEndSrcAddr .1.3.6.1.2.1.179.1.3.3.1.4
t11FcSpSaTSelNegOutStartDstAddr .1.3.6.1.2.1.179.1.3.3.1.5
t11FcSpSaTSelNegOutEndDstAddr .1.3.6.1.2.1.179.1.3.3.1.6
t11FcSpSaTSelNegOutStartRCtl
.1.3.6.1.2.1.179.1.3.3.1.7
t11FcSpSaTSelNegOutEndRCtl
.1.3.6.1.2.1.179.1.3.3.1.8
t11FcSpSaTSelNegOutStartType
.1.3.6.1.2.1.179.1.3.3.1.9
t11FcSpSaTSelSpiTable .1.3.6.1.2.1.179.1.3.4
t11FcSpSaTSelSpiEntry
.1.3.6.1.2.1.179.1.3.4.1
t11FcSpSaTSelSpiInboundSpi
.1.3.6.1.2.1.179.1.3.4.1.1
t11FcSpSaTSelSpiTrafSelIndex .1.3.6.1.2.1.179.1.3.4.1.2
t11FcSpSaTSelSpiDirection
.1.3.6.1.2.1.179.1.3.4.1.3
t11FcSpSaTSelSpiTrafSelPtr .1.3.6.1.2.1.179.1.3.4.1.4
t11FcSpSaControl .1.3.6.1.2.1.179.1.4
t11FcSpSaControlTable .1.3.6.1.2.1.179.1.4.1
t11FcSpSaControlEntry
.1.3.6.1.2.1.179.1.4.1.1
t11FcSpSaControlAuthFailEnable
.1.3.6.1.2.1.179.1.4.1.1.1
t11FcSpSaControlLifeExcdEnable
.1.3.6.1.2.1.179.1.4.1.1.10
t11FcSpSaControlLifeExcdSpi
.1.3.6.1.2.1.179.1.4.1.1.11
t11FcSpSaControlLifeExcdDir
.1.3.6.1.2.1.179.1.4.1.1.12
t11FcSpSaControlLifeExcdTime
.1.3.6.1.2.1.179.1.4.1.1.13
t11FcSpSaControlInboundSpi
.1.3.6.1.2.1.179.1.4.1.1.2
t11FcSpSaControlSource
.1.3.6.1.2.1.179.1.4.1.1.3
t11FcSpSaControlDestination
.1.3.6.1.2.1.179.1.4.1.1.4
t11FcSpSaControlFrame .1.3.6.1.2.1.179.1.4.1.1.5
t11FcSpSaControlElapsed
.1.3.6.1.2.1.179.1.4.1.1.6
t11FcSpSaControlSuppressed
.1.3.6.1.2.1.179.1.4.1.1.7
t11FcSpSaControlWindow .1.3.6.1.2.1.179.1.4.1.1.8
t11FcSpSaControlMaxNotifs .1.3.6.1.2.1.179.1.4.1.1.9
t11FcSpSaMIBConformance .1.3.6.1.2.1.179.2
t11FcSpSaMIBCompliances .1.3.6.1.2.1.179.2.1
t11FcSpSaMIBGroups .1.3.6.1.2.1.179.2.2

Notifications/Traps

NameOIDDescription
t11FcSpSaNotifyAuthFailure






.1.3.6.1.2.1.179.0.1
notification is generated, it indicates the
occurrence of an Authentication failure for a received
FC-2 or CT_IU frame.  The t11FcSpSaControlInboundSpi,
t11FcSpSaControlSource, and t11FcSpSaControlDestination
objects in the varbindlist are the frame's SPI, source and
destination addresses, respectively.  t11FcSpSaControlFrame
provides the (beginning of the) frame's content if such is
available.
          
This notification is generated only for the first
occurrence of an Authentication failure on a Fabric within
a time window.  Subsequent occurrences of an Authentication
Failure on the same Fabric within the same time window
are counted but suppressed.
          
The value of t11FcSpSaControlElapsed contains (a lower bound
on) the elapsed time since the last generation of this
notification for the same Fabric.  The value of
t11FcSpSaControlSuppressed contains the number of
generations which were suppressed in the time window after
that last generation, or zero if unknown.
t11FcSpSaNotifyLifeExceeded


.1.3.6.1.2.1.179.0.2
ication is generated when the lifetime (in
seconds or in passed bytes) of an SA is exceeded, and the
SA is either immediately terminated or is terminated
because an attempt to renew the SA fails.  The values of
t11FcSpSaControlLifeExcdSpi and t11FcSpSaControlLifeExcdDir
contain the SPI and direction of the terminated SA.