ipPolicyListTrustedFields
POLICY-MIB ·
.1.3.6.1.4.1.81.36.1.1.12
Object
column
r/w
Enumeration
Specify which fields in the incoming packet might be trusted when the policy decision should be based in the incoming packet itself.
Policy decision depend on the active policy list.
In cases that the result of the active policy list is Permit, then the treatment of the outgoing packet may be based on the incoming packet instead of an explicit filter rule.
Trusting COS (802.1p) means that the outgoing packet priority (802.1p) should equal the incoming packet priority.
Trusting DSCP means that the treatment of the outgoing packet (prioirty tagging (802.1p) or some other composite operation) should be taken from ipPolicyDSCPmapTable using the incoming packet DSCP value.
Trusting COS + DSCP means that both fields should be used.
The behavior of the device when both COS + DSCP should be trusted is outside the scope of the current version of the MIB.
(Note: P333R uses the max between incoming COS & DSCP-to-COS mapping).
Not supported to be used in non access-and-QoS combined list and non QoS specific list.
Some devices might support only a subset of the values.
Context
- MIB
- POLICY-MIB
- OID
.1.3.6.1.4.1.81.36.1.1.12- Type
- column
- Access
- readwrite
- Status
- current
- Parent
- ipPolicyListEntry
- Table
- ipPolicyListTable
- Siblings
- 18
Syntax
Enumeration
Values & Constraints
Enumerated Values
1 | cos |
2 | dscp |
3 | cos-dscp |
4 | untrust |
256 | not-supported |
Related Objects
Sibling Objects
| Object | Type | Syntax | OID |
|---|---|---|---|
| ipPolicyListSlot The EntID-id (AKA module-id / box number) to which this list relates | column | Integer32 | .1.3.6.1.4.1.81.36.1.1.1 |
| ipPolicyListOwner The entity that configured this list | column | OctetString | .1.3.6.1.4.1.81.36.1.1.10 |
| ipPolicyListErrMsg obsolete Free text describing the reason why the list is not valid.
When the list is valid returns NULL string.
The values returned for this MIB are not affected by the list
status (active… | column | OctetString | .1.3.6.1.4.1.81.36.1.1.11 |
| ipPolicyListScope obsolete Controls the scope of the policy rules.
forward(1) - policy rules apply to packets forwarded by the Entity.
local subnet will not apply to theIf
forwardAndControl(2) - policy … | column | Enumeration | .1.3.6.1.4.1.81.36.1.1.13 |
| ipPolicyListIpOptionOperation The operation that should be applied to packets carrying IP Options.
Applied only for ingress access-control List. Egress is not-supported.
This field points to the appropriate ip… | column | Enumeration | .1.3.6.1.4.1.81.36.1.1.14 |
| ipPolicyListIpFragmentationOperation The operation that should be applied to IP fragmentation packets.
Applied only for ingress access-control List. Egress is not-supported.
This field points to the appropriate ipPol… | column | Enumeration | .1.3.6.1.4.1.81.36.1.1.15 |
| ipPolicyListType IP policy list type.
Derived from list range. See ipPolicyListID MIB. | column | Enumeration | .1.3.6.1.4.1.81.36.1.1.16 |
| ipPolicyListEtherTypeDefaultOperation The operation that should be applied to a packet in case the packet
does not match any of the user specified ether type rules.
This field points to the appropriate ipPolicyCompos… | column | Enumeration | .1.3.6.1.4.1.81.36.1.1.17 |
| ipPolicyListLocalAddress Local address for VPN tunnel (crypto list).
Field format: either IP address (x.x.x.x) or IP interface name. Management application shall parse and display local address value base… | column | OctetString | .1.3.6.1.4.1.81.36.1.1.18 |
| ipPolicyListNATPoolListIndex Add ipPolicyListNATPoolListIndex as an index to NAT pool list to
IpPolicyListEntry.
Values:
1 - Invalid.
2 - Null, No NAT list association.
3 - 10 - NAT list index 1-8.
… | column | Integer32 | .1.3.6.1.4.1.81.36.1.1.19 |
| ipPolicyListID The ID of the list.
List 0 is the default list. It contains read-only rule (permit all),
and a default DSCP mapping table and composite Op. When a new list
is created, the def… | column | Integer32 | .1.3.6.1.4.1.81.36.1.1.2 |
| ipPolicyListName Name of this list.
ACL default name: ACL List #list-number
QoS default name: QoS List #list-number
PBR default name: PBR List #list-number | column | OctetString | .1.3.6.1.4.1.81.36.1.1.3 |
| ipPolicyListValidityStatus obsolete Validity status of this list. Summarizes validity of rules,
dscp table and composite Opertaions associated with this list.
The validity context is that of the first entry for this… | column | Enumeration | .1.3.6.1.4.1.81.36.1.1.4 |
| ipPolicyListChecksum obsolete Checksum of all the configurable (read/write) mib items that are
part of this list or part of any rule/dscp mapping/compositeOp
that belongs to this list.
Addition/deletion/modifi… | column | SNMPv2-SMIInteger32 | .1.3.6.1.4.1.81.36.1.1.5 |
| ipPolicyListRowStatus Used for creation/deletion of a list and for monitoring list status.
Use CreateAndWait (5) to create a list.
Destroy (6) to destroy a list. The active list can NOT
be destroyed. … | column | RowStatus | .1.3.6.1.4.1.81.36.1.1.6 |
| ipPolicyListDefaultOperation The operation that should be applied to a packet in case the packet does not match any of the user specified rules. Values pertains to ACL or QoS depending on List type.
This fiel… | column | Integer32 | .1.3.6.1.4.1.81.36.1.1.7 |
| ipPolicyListCookie A cookie to be associated with this list. This mib item can be used
by the management application as a unique ID of the list.
Note: The Agent is not aware of the … | column | SNMPv2-SMIInteger32 | .1.3.6.1.4.1.81.36.1.1.8 |
| ipPolicyListTrackChanges Counts the number of changes made to the configuration of the list
including changes to the rules that are part of the list.
This counters is set to 0 when the list is being crea… | column | SNMPv2-SMIInteger32 | .1.3.6.1.4.1.81.36.1.1.9 |