natv2InstanceFilteringBehavior
NATV2-MIB ·
.1.3.6.1.2.1.234.2.1.1.4
Object
column
Enumeration
Filtering behavior is the policy governing acceptance or
the dropping of packets incoming from remote sources via a
given external realm and destined to a specific three-tuple
of external address, port, and protocol at the NAT instance
that has been assigned in a port mapping.
endpointIndependent(0) accepts for translation packets from
all combinations of remote address and port destined to the
mapped external address and port via the given external
realm and using the given protocol.
addressDependent(1) accepts for translation packets from all
remote ports from the same remote source address destined to
the mapped external address and port via the given external
realm and using the given protocol.
addressAndPortDependent(2) accepts for translation only
those packets with the same remote source address, port, and
protocol incoming from the same external realm as identified
when the applicable port map entry was created.
RFC 4787, REQ-8 recommends either endpointIndependent(0) or
addressDependent(1) filtering behavior depending on whether
application friendliness or security takes priority.
Context
- MIB
- NATV2-MIB
- OID
.1.3.6.1.2.1.234.2.1.1.4- Type
- column
- Access
- readonly
- Status
- current
- Parent
- natv2InstanceEntry
- Table
- natv2InstanceTable
- Siblings
- 25
Syntax
Enumeration
Values & Constraints
Enumerated Values
0 | endpointIndependent |
1 | addressDependent |
2 | addressAndPortDependent |
Related Objects
Sibling Objects
| Object | Type | Syntax | OID |
|---|---|---|---|
| natv2InstanceIndex NAT instance index. It is up to the implementation to
determine which values correspond to in-service NAT
instances. This object is used as an index for all tables
defined below. | column | Natv2InstanceIndex | .1.3.6.1.2.1.234.2.1.1.1 |
| natv2InstanceAddressMapCreations The cumulative number of address map entries created by the
NAT instance, including static mappings. Address map
creations are also tracked per address pool within the
instance a… | column | SNMPv2-SMICounter64 | .1.3.6.1.2.1.234.2.1.1.10 |
| natv2InstancePortMapCreations The cumulative number of port map entries created by the
NAT instance, including static mappings. Port map
creations are also tracked per protocol and address pool
within the ins… | column | SNMPv2-SMICounter64 | .1.3.6.1.2.1.234.2.1.1.11 |
| natv2InstanceAddressMapEntryLimitDrops The cumulative number of packets dropped rather than
translated because the packet would have triggered
the creation of a new address map entry, but the limit
on number of address… | column | SNMPv2-SMICounter64 | .1.3.6.1.2.1.234.2.1.1.12 |
| natv2InstancePortMapEntryLimitDrops The cumulative number of packets dropped rather than
translated because the packet would have triggered
the creation of a new port map entry, but the limit
on number of port map e… | column | SNMPv2-SMICounter64 | .1.3.6.1.2.1.234.2.1.1.13 |
| natv2InstanceSubscriberActiveLimitDrops The cumulative number of packets dropped rather than
translated because the packet would have triggered the
creation of a new mapping for a subscriber with no other
active mapping… | column | SNMPv2-SMICounter64 | .1.3.6.1.2.1.234.2.1.1.14 |
| natv2InstanceAddressMapFailureDrops The cumulative number of packets dropped because the packet
would have triggered the creation of a new address map
entry, but no address could be allocated in the selected
externa… | column | SNMPv2-SMICounter64 | .1.3.6.1.2.1.234.2.1.1.15 |
| natv2InstancePortMapFailureDrops The cumulative number of packets dropped because the
packet would have triggered the creation of a new
port map entry, but no port could be allocated for the
protocol concerned. … | column | SNMPv2-SMICounter64 | .1.3.6.1.2.1.234.2.1.1.16 |
| natv2InstanceFragmentDrops The cumulative number of fragments received by the NAT
instance but dropped rather than translated. When the NAT
instance supports the 'Receive Fragment Out of Order'
capability … | column | SNMPv2-SMICounter64 | .1.3.6.1.2.1.234.2.1.1.17 |
| natv2InstanceOtherResourceFailureDrops The cumulative number of packets dropped because of
unavailability of a resource other than an address or port
that would have been required to process it. The most likely
case i… | column | SNMPv2-SMICounter64 | .1.3.6.1.2.1.234.2.1.1.18 |
| natv2InstanceDiscontinuityTime Snapshot of the value of the sysUpTime object at the
beginning of the latest period of continuity of the
statistical counters associated with this NAT instance. | column | SNMPv2-TCTimeStamp | .1.3.6.1.2.1.234.2.1.1.19 |
| natv2InstanceAlias This object is an 'alias' name for the NAT instance as
specified by a network manager and provides a non-volatile
'handle' for the instance.
An example of the value… | column | OctetString | .1.3.6.1.2.1.234.2.1.1.2 |
| natv2InstanceThresholdAddressMapEntriesHigh Notification threshold for total number of address map
entries held by this NAT instance. Whenever
natv2InstanceAddressMapEntries is updated, if it equals or
exceeds natv2Instanc… | column | SNMPv2-SMIInteger32 | .1.3.6.1.2.1.234.2.1.1.20 |
| natv2InstanceThresholdPortMapEntriesHigh Notification threshold for total number of port map
entries held by this NAT instance. Whenever
natv2InstancePortMapEntries is updated, if it equals or
exceeds natv2InstanceThres… | column | SNMPv2-SMIInteger32 | .1.3.6.1.2.1.234.2.1.1.21 |
| natv2InstanceNotificationInterval Minimum number of seconds between successive
notifications for this NAT instance. Controls the reporting
of natv2NotificationInstanceAddressMapEntriesHigh and
natv2NotificationIn… | column | Seconds Unsigned32 | .1.3.6.1.2.1.234.2.1.1.22 |
| natv2InstanceLimitAddressMapEntries Limit on total number of address map entries supported by
the NAT instance. When natv2InstanceAddressMapEntries has
reached this limit, subsequent packets that would normally
tri… | column | SNMPv2-SMIUnsigned32 | .1.3.6.1.2.1.234.2.1.1.23 |
| natv2InstanceLimitPortMapEntries Limit on total number of port map entries supported by the
NAT instance. When natv2InstancePortMapEntries has reached
this limit, subsequent packets that would normally trigger
c… | column | SNMPv2-SMIUnsigned32 | .1.3.6.1.2.1.234.2.1.1.24 |
| natv2InstanceLimitPendingFragments Limit on number of out-of-order fragments received by the
NAT instance from remote sources and held until head of
chain appears. While the number of held fragments is at this
lim… | column | SNMPv2-SMIUnsigned32 | .1.3.6.1.2.1.234.2.1.1.25 |
| natv2InstanceLimitSubscriberActives Limit on number of total number of active subscribers
supported by the NAT instance. An active subscriber is
defined as any subscriber with at least one map entry,
including stat… | column | SNMPv2-SMIUnsigned32 | .1.3.6.1.2.1.234.2.1.1.26 |
| natv2InstancePortMappingBehavior Port mapping behavior is the policy governing the selection
of external address and port in a given realm for a given
five-tuple of source address and port, destination address
an… | column | Enumeration | .1.3.6.1.2.1.234.2.1.1.3 |
| natv2InstancePoolingBehavior Pooling behavior is the policy used to select the address
for a new port mapping within a given address pool to which
the internal address has already been mapped.
… | column | Enumeration | .1.3.6.1.2.1.234.2.1.1.5 |
| natv2InstanceFragmentBehavior Fragment behavior is the NAT instance's capability to
receive and translate fragments incoming from remote
sources.
fragmentNone(0) implies no capability to transla… | column | Enumeration | .1.3.6.1.2.1.234.2.1.1.6 |
| natv2InstanceAddressMapEntries The current number of address map entries in total over the
whole NAT instance, including static mappings. An address
map entry maps from a given internal address and realm to an… | column | SNMPv2-SMIUnsigned32 | .1.3.6.1.2.1.234.2.1.1.7 |
| natv2InstancePortMapEntries The current number of entries in the port map table in total
over the whole NAT instance, including static mappings. A
port map entry maps from a given external realm, address,
a… | column | SNMPv2-SMIUnsigned32 | .1.3.6.1.2.1.234.2.1.1.8 |
| natv2InstanceTranslations The cumulative number of translated packets passing through
this NAT instance. This value MUST be monotone increasing in
the periods between updates of
natv2InstanceDiscontinuity… | column | SNMPv2-SMICounter64 | .1.3.6.1.2.1.234.2.1.1.9 |