PKTC-IETF-MTA-MIB Table View

Table-centric layout grouping table, row, and column objects.

Standard view Table view

Tables

Rows

Columns

pktcMtaDevErrorOidsTable

table

.1.3.6.1.2.1.140.1.1.12 · 1 row entry · 4 columns

Open in standard view

This table contains the list of configuration errors or
warnings the MTA encountered when parsing the
configuration file it received from the Provisioning
Server.
For each error, an entry is created in this table,
containing the configuration parameters the MTA rejected
and the associated reason (e.g., wrong or unknown OID,
inappropriate object values).  If the MTA
did not report a provisioning state of 'pass(1)' in
the pktcMtaDevProvisioningState object, this table MUST be
populated for each error or warning instance.  Even if
different parameters share the same error type (e.g., all
realm name configuration parameters are invalid), all
observed errors or warnings must be reported as
different instances.  Errors are placed into the table in
no particular order.  The table MUST be cleared each time
the MTA reboots.

pktcMtaDevErrorOidsEntry entry .1.3.6.1.2.1.140.1.1.12.1

This entry contains the necessary information the MTA MUST
attempt to provide in case of configuration file errors or
warnings.

Indexes

pktcMtaDevErrorOidIndex

Column	Syntax	OID
pktcMtaDevErrorOidIndex This object is the index of the MTA configuration error table. It is an integer value that starts at value '1' and is incremented for each encountered configuration file error or warning. The maximum num…	Unsigned32 Constraints: `range: 1-1024`	`.1.3.6.1.2.1.140.1.1.12.1.1`
pktcMtaDevErrorOid This object contains a human readable representation (character string) of the OID corresponding to the configuration file parameter that caused the particular error. For example, if the value of the pktcMtaDevEnabled o…	SNMP-FRAMEWORK-MIBSnmpAdminString Textual Convention: SNMP-FRAMEWORK-MIBSnmpAdminString `OctetString` Type Constraints: `range: 0..255`	`.1.3.6.1.2.1.140.1.1.12.1.2`
pktcMtaDevErrorValue This object contains the value of the OID corresponding to the configuration file parameter that caused the error. If the MTA cannot recognize the OID of the configuration parameter causing the error, then this object i…	SNMP-FRAMEWORK-MIBSnmpAdminString Textual Convention: SNMP-FRAMEWORK-MIBSnmpAdminString `OctetString` Type Constraints: `range: 0..255`	`.1.3.6.1.2.1.140.1.1.12.1.3`
pktcMtaDevErrorReason This object indicates the reason for the error or warning, as per the MTA's interpretation, in human-readable form. For example: 'VALUE NOT IN RANGE', 'VALUE DOES NOT MATCH TYPE', 'UNSUPPORTED VALUE', 'LAST 4 BITS MUST …	SNMP-FRAMEWORK-MIBSnmpAdminString Textual Convention: SNMP-FRAMEWORK-MIBSnmpAdminString `OctetString` Type Constraints: `range: 0..255`	`.1.3.6.1.2.1.140.1.1.12.1.4`

pktcMtaDevRealmTable

table

.1.3.6.1.2.1.140.1.3.6 · 1 row entry · 9 columns

Open in standard view

This object contains the realm table.
The CMS table (pktcMtaDevCmsTable) and the realm table
(pktcMtaDevRealmTable) are used for managing the MTA-CMS
Security Associations.  The realm table defines the
Kerberos realms for the Application Servers (CMSes and the
Provisioning Server).

pktcMtaDevRealmEntry entry .1.3.6.1.2.1.140.1.3.6.1

This table entry object lists the MTA security parameters
for a single Kerberos realm. The conceptual rows MUST NOT
persist across MTA reboots.

Indexes

pktcMtaDevRealmIndex

Column Syntax OID

pktcMtaDevRealmIndex

This object defines the realm table index.

Unsigned32

Constraints:
range: 1-64

.1.3.6.1.2.1.140.1.3.6.1.1

pktcMtaDevRealmName

This object identifies the Kerberos realm name in all
capitals. The MTA MUST prohibit the instantiation of any
two rows with identical Kerberos realm names. The MTA MUST
also verify that any search operation involving…

OctetStringr/w

Constraints:
range: 1-255

.1.3.6.1.2.1.140.1.3.6.1.2

pktcMtaDevRealmPkinitGracePeriod

This object contains the PKINIT Grace Period. For the
purpose of key management with Application Servers (CMSes
or the Provisioning Server), the MTA must utilize the
PKINIT exchange to obtain Application Server tickets…

minutesUnsigned32r/w

Constraints:
range: 15-600

.1.3.6.1.2.1.140.1.3.6.1.3

pktcMtaDevRealmTgsGracePeriod

This object contains the Ticket Granting Server Grace
Period (TGSGP). The Ticket Granting Server (TGS)
Request/Reply exchange may be performed by the MTA
on demand whenever an Application Server ticket is
needed to est…

minutesUnsigned32r/w

Constraints:
range: 1-600

.1.3.6.1.2.1.140.1.3.6.1.4

pktcMtaDevRealmOrgName

This object contains the X.500 organization name attribute
as defined in the subject name of the service provider
certificate.

SNMP-FRAMEWORK-MIBSnmpAdminStringr/w

Textual Convention: SNMP-FRAMEWORK-MIBSnmpAdminString OctetString

Type Constraints:
range: 0..255

.1.3.6.1.2.1.140.1.3.6.1.5

pktcMtaDevRealmUnsolicitedKeyMaxTimeout

This object specifies the maximum time the MTA will
attempt to perform the exponential back-off algorithm.
This timer only applies when the MTA initiated key
management. If the DHCP option code 122, sub-option 4, is
pr…

secondsUnsigned32r/w

Constraints:
range: 1-600

.1.3.6.1.2.1.140.1.3.6.1.6

pktcMtaDevRealmUnsolicitedKeyNomTimeout

This object specifies the initial timeout value
for the AS-REQ/AS-REP exponential back-off and retry
mechanism. If the DHCP option code 122, sub-option 4, is
provided to the MTA, it overwrites this value.
This value sh…

millisecondsUnsigned32r/w

Constraints:
range: 100-600000

.1.3.6.1.2.1.140.1.3.6.1.7

pktcMtaDevRealmUnsolicitedKeyMaxRetries

This object specifies the maximum number of retries the
MTA attempts to obtain a ticket from the KDC.

Unsolicited key updates are retransmitted according to an
exponential back-off mechanism using two tim…

Unsigned32r/w

Constraints:
range: 0-1024

.1.3.6.1.2.1.140.1.3.6.1.8

pktcMtaDevRealmStatus

This object defines the row status of this realm in the
realm table (pktcMtaDevRealmTable).

An entry in this table is not qualified for activation
until the object instances of all corresponding columns
h…

SNMPv2-TCRowStatusr/w

Textual Convention: SNMPv2-TCRowStatus Enumeration

Type Values:

1	active
2	notInService
3	notReady
4	createAndGo
5	createAndWait
6	destroy

.1.3.6.1.2.1.140.1.3.6.1.9

pktcMtaDevCmsTable

table

.1.3.6.1.2.1.140.1.3.8 · 1 row entry · 10 columns

Open in standard view

This object defines the CMS table.
The CMS table (pktcMtaDevCmsTable) and the realm table
(pktcMtaDevRealmTable) are used for managing security
between the MTA and CMSes.  Each CMS table entry defines
a CMS the managed MTA is allowed to communicate with
and contains security parameters for key management with
that CMS.

pktcMtaDevCmsEntry entry .1.3.6.1.2.1.140.1.3.8.1

This table entry object lists the MTA key management
parameters used when establishing Security Associations
with a CMS. The conceptual rows MUST NOT persist across
MTA reboots.

Indexes

pktcMtaDevCmsIndex

Column Syntax OID

pktcMtaDevCmsIndex

This object defines the CMS table index.

Unsigned32

Constraints:
range: 1-128

.1.3.6.1.2.1.140.1.3.8.1.1

pktcMtaDevCmsFqdn

This object specifies the CMS FQDN. The MTA must
prohibit the instantiation of any two rows with identical
FQDNs. The MTA must also verify that any search and/or
comparison operation involving a CMS FQDN is case
insen…

OctetStringr/w

Constraints:
range: 1-255

.1.3.6.1.2.1.140.1.3.8.1.2

pktcMtaDevCmsKerbRealmName

This object identifies the Kerberos realm name in uppercase
characters associated with the CMS defined in this
conceptual row. The object value is a reference
point to the corresponding Kerberos realm name in the
realm…

OctetStringr/w

Constraints:
range: 1-255

.1.3.6.1.2.1.140.1.3.8.1.3

pktcMtaDevCmsMaxClockSkew

This object specifies the maximum allowable clock skew
between the MTA and the CMS defined in this row.

secondsUnsigned32r/w

Constraints:
range: 1-1800

.1.3.6.1.2.1.140.1.3.8.1.4

pktcMtaDevCmsSolicitedKeyTimeout

This object defines a Kerberos Key Management timer on the
MTA. It is the time period during which the MTA saves the
nonce and Server Kerberos Principal Identifier to match an
AP Request and its associated AP Reply res…

millisecondsUnsigned32r/w

Constraints:
range: 100-30000

.1.3.6.1.2.1.140.1.3.8.1.5

pktcMtaDevCmsUnsolicitedKeyMaxTimeout

This object defines the timeout value that only applies
to an MTA-initiated key management exchange. It is the
maximum timeout, and it may not be exceeded in the
exponential back-off algorithm.

secondsUnsigned32r/w

Constraints:
range: 1-600

.1.3.6.1.2.1.140.1.3.8.1.6

pktcMtaDevCmsUnsolicitedKeyNomTimeout

This object defines the starting value of the timeout
for an MTA-initiated key management. It should account for
the average roundtrip time between the MTA and the CMS and
the processing time on the CMS.

millisecondsUnsigned32r/w

Constraints:
range: 100-30000

.1.3.6.1.2.1.140.1.3.8.1.7

pktcMtaDevCmsUnsolicitedKeyMaxRetries

This object contains the maximum number of retries before
the MTA stops attempting to establish a Security
Association with the CMS.

Unsigned32r/w

Constraints:
range: 0-1024

.1.3.6.1.2.1.140.1.3.8.1.8

pktcMtaDevCmsIpsecCtrl

This object specifies the MTA IPSec control flag.
If the object value is 'true', the MTA must use Kerberos
Key Management and IPsec to communicate with this CMS. If
it is 'false', IPSec Signaling Security and Kerberos …

SNMPv2-TCTruthValue

Textual Convention: SNMPv2-TCTruthValue Enumeration

Type Values:

1	true
2	false

.1.3.6.1.2.1.140.1.3.8.1.9

pktcMtaDevCmsStatus

This object defines the row status associated with this
particular CMS in the CMS table (pktcMtaDevCmsTable).

An entry in this table is not qualified for activation
until the object instances of all corre…

SNMPv2-TCRowStatusr/w

Textual Convention: SNMPv2-TCRowStatus Enumeration

Type Values:

1	active
2	notInService
3	notReady
4	createAndGo
5	createAndWait
6	destroy

.1.3.6.1.2.1.140.1.3.8.1.10