CISCO-TRUSTSEC-SXP-MIB
File:
CISCO-TRUSTSEC-SXP-MIB.mib (77963 bytes)
Imported modules
Imported symbols
Defined Types
CtsxSxpConnectionEntry |
|
SEQUENCE |
|
|
|
|
ctsxSxpConnVrfName |
CiscoVrfName |
|
|
ctsxSxpConnPeerAddrType |
InetAddressType |
|
|
ctsxSxpConnPeerAddr |
InetAddress |
|
|
ctsxSxpConnSourceAddrType |
InetAddressType |
|
|
ctsxSxpConnSourceAddr |
InetAddress |
|
|
ctsxSxpConnOperSourceAddrType |
InetAddressType |
|
|
ctsxSxpConnOperSourceAddr |
InetAddress |
|
|
ctsxSxpConnPasswordUsed |
INTEGER |
|
|
ctsxSxpConnConfigPasswordType |
CtsPasswordEncryptionType |
|
|
ctsxSxpConnConfigPassword |
CtsPassword |
|
|
ctsxSxpConnViewPasswordType |
CtsPasswordEncryptionType |
|
|
ctsxSxpConnViewPassword |
CtsPassword |
|
|
ctsxSxpConnModeLocation |
INTEGER |
|
|
ctsxSxpConnMode |
INTEGER |
|
|
ctsxSxpConnInstance |
Unsigned32 |
|
|
ctsxSxpConnStatusLastChange |
Unsigned32 |
|
|
ctsxSxpConnStatus |
INTEGER |
|
|
ctsxSxpVrfId |
Unsigned32 |
|
|
ctsxSxpConnStorageType |
StorageType |
|
|
ctsxSxpConnRowStatus |
RowStatus |
|
|
ctsxSxpConnVersion |
INTEGER |
|
|
ctsxSxpConnSpeakerMinHoldTime |
Unsigned32 |
|
|
ctsxSxpConnListenerMinHoldTime |
Unsigned32 |
|
|
ctsxSxpConnListenerMaxHoldTime |
Unsigned32 |
|
|
ctsxSxpConnHoldTime |
Unsigned32 |
|
|
ctsxSxpConnCapability |
BITS |
|
CtsxIpSgtMappingEntry |
|
SEQUENCE |
|
|
|
|
ctsxIpSgtMappingVrfId |
Unsigned32 |
|
|
ctsxIpSgtMappingAddrType |
InetAddressType |
|
|
ctsxIpSgtMappingAddr |
InetAddress |
|
|
ctsxIpSgtMappingPeerAddrType |
InetAddressType |
|
|
ctsxIpSgtMappingPeerAddr |
InetAddress |
|
|
ctsxIpSgtMappingSgt |
CtsSecurityGroupTag |
|
|
ctsxIpSgtMappingInstance |
Unsigned32 |
|
|
ctsxIpSgtMappingVrfName |
CiscoVrfName |
|
|
ctsxIpSgtMappingStatus |
INTEGER |
|
CtsxSxpSgtMapEntry |
|
SEQUENCE |
|
|
|
|
ctsxSxpSgtMapVrfId |
Unsigned32 |
|
|
ctsxSxpSgtMapAddrType |
InetAddressType |
|
|
ctsxSxpSgtMapAddr |
InetAddress |
|
|
ctsxSxpSgtMapAddrPrefixLength |
InetAddressPrefixLength |
|
|
ctsxSxpSgtMapPeerAddrType |
InetAddressType |
|
|
ctsxSxpSgtMapPeerAddr |
InetAddress |
|
|
ctsxSxpSgtMapSgt |
CtsSecurityGroupTag |
|
|
ctsxSxpSgtMapInstance |
Unsigned32 |
|
|
ctsxSxpSgtMapVrfName |
CiscoVrfName |
|
|
ctsxSxpSgtMapPeerSeq |
OCTET STRING |
|
|
ctsxSxpSgtMapStatus |
INTEGER |
|
Defined Values
ciscoTrustSecSxpMIB |
1.3.6.1.4.1.9.9.720 |
This MIB module is for the configuration and status query
of SGT Exchange Protocol over TCP (SXPoTCP) feature of the
device on the Cisco's Trusted Security (TrustSec) system.
Security Group Tag (SGT) identifying its source, assigned to a
packet on ingress to a TrustSec cloud, and used to determine
security and other policy to be applied to it along its path
through the cloud.
SXPoTCP protocol extends the original SGT Exchange Protocol
(SXP) protocol to enable a much wider array of deployment
scenarios. This MIB uses the term SXP to refer to SXPoTCP.
TrustSec secures a network fabric by authenticating and
authorizing each device connecting to the network, allowing
for the encryption, authentication and replay protection of data
traffic on a hop by hop basis. SXP allows the deployment
of RBACL, a key component of the TrustSec architecture, in the
absence of TrustSec capable hardware. |
MODULE-IDENTITY |
|
|
|
ctsxSxpEnable |
1.3.6.1.4.1.9.9.720.1.1.1 |
This object specifies if the SXP (Security Group Tag Exchange
Protocol) functionality is enabled on the device. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsxSxpConfigDefaultPasswordType |
1.3.6.1.4.1.9.9.720.1.1.2 |
This object specifies the type of encryption used
to configure ctsxSxpConfigDefaultPassword string.
When read, this object will always return 'other'.
Value of this object must be set in the same PDU as
ctsxSxpConfigDefaultPassword.
Value of this object must be specified as 'clearText',
'typeSix' or 'typeSeven' to configure a non zero length
password in ctsxSxpConfigDefaultPassword.
Value for this object must be 'none' if
ctsxSxpConfigDefaultPassword is a zero length string. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
CtsPasswordEncryptionType |
|
|
ctsxSxpConfigDefaultPassword |
1.3.6.1.4.1.9.9.720.1.1.3 |
This object specifies the default password for SXP
connections.
The type of encryption used to configure this password
is determined by ctsxSxpConfigDefaultPasswordType.
When read, this object will always return a zero length
string.
The value of this object must be set in the same PDU as
ctsxSxpConfigDefaultPasswordType.
A non zero length password must be specified for this object
if the value of ctsxSxpConfigDefaultPasswordType is other than
'none' or 'other'.
Value for this object must be a zero length string if the value
of ctsxSxpConfigDefaultPasswordType is 'none'.
The purpose of this object is to only allow configuration of
the default password. The ctsxSxpViewDefaultPassword object is
used to display the default password. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
CtsPassword |
|
|
ctsxSxpViewDefaultPassword |
1.3.6.1.4.1.9.9.720.1.1.5 |
This object indicates the default password for SXP connections.
The type of encryption used to display this password is
determined by the object ctsxSxpViewDefaultPasswordType.
The purpose of this object is to only display the password.
The ctsxSxpConfigDefaultPassword object is used to configure the
password. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
CtsPassword |
|
|
ctsxSxpDefaultSourceAddr |
1.3.6.1.4.1.9.9.720.1.1.7 |
The Internet address to be used as default source address for
SXP connections. The type of this address is determined by the
ctsxSxpDefaultSourceAddrType object.
This address will be used as source address for SXP connections
that do not have specific source-IP address configured via
ctsxSxpConnSourceAddr object. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
InetAddress |
|
|
ctsxSxpRetryPeriod |
1.3.6.1.4.1.9.9.720.1.1.8 |
This object specifies the amount of time after which the device
will make the retry attempt for the SXP connections that are not
setup successfully.
A value of zero for this object indicates that the device will
never try to establish connections that were not setup
successfully. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ctsxSxpReconPeriod |
1.3.6.1.4.1.9.9.720.1.1.9 |
This object specifies the amount of time after which system
will initiate removal of SGT mappings for a reconciled
connection.
A value of zero for this object indicates that SGT
mappings for a reconciled connection will never be deleted. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ctsxSxpBindingChangesLogEnable |
1.3.6.1.4.1.9.9.720.1.1.10 |
This object specifies if the system will generate system
logging messages for SXP binding changes.
A value of 'false' will prevent system from generating
logging messages for SXP binding changes. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsxSgtMapExpansionLimit |
1.3.6.1.4.1.9.9.720.1.1.11 |
This object specifies the maximum number of SGT
mapping entries that can be expanded on the system.
Value of zero for this object indicates that SGT mapping
expansion functionality is disabled. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Gauge32 |
|
|
ctsxSgtMapExpansionCount |
1.3.6.1.4.1.9.9.720.1.1.12 |
This object indicates the number of SGT mapping
entries currently expanded on the system. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Gauge32 |
|
|
ctsxSxpAdminNodeId |
1.3.6.1.4.1.9.9.720.1.1.13 |
This object specifies the administrative SXP node ID for
this system.
Setting this object to a non-zero value will clear the values
in ctsxSxpNodeIdInterface and ctsxSxpNodeIdIpAddrType.
This object can be set only if ctsxSxpEnable is 'false'. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ctsxSxpNodeIdInterface |
1.3.6.1.4.1.9.9.720.1.1.14 |
This object specifies the interface to be used to select
SXP node ID.
Setting this object to a non-zero value will clear the values
in ctsxSxpAdminNodeId and ctsxSxpNodeIdIpAddrType.
This object can be set only if ctsxSxpEnable is 'false'. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
InterfaceIndexOrZero |
|
|
ctsxSxpNodeIdIpAddrType |
1.3.6.1.4.1.9.9.720.1.1.15 |
This object specifies the type of Internet address to be
used to select the SXP node ID. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
InetAddressType |
|
|
ctsxSxpNodeIdIpAddr |
1.3.6.1.4.1.9.9.720.1.1.16 |
This object specifies the Internet address to be used to
select the SXP node ID.
The type of this address is determined by
ctsxSxpOperNodeIdIpAddrType object.
Setting this object to a non-zero length value will clear the
values in ctsxSxpAdminNodeId and ctsxSxpNodeIdInterface.
This object can be set only if ctsxSxpEnable is 'false'. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
InetAddress |
|
|
ctsxSxpOperNodeId |
1.3.6.1.4.1.9.9.720.1.1.17 |
This object indicates the operational SXP node ID of
the system. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ctsxSxpSpeakerMinHoldTime |
1.3.6.1.4.1.9.9.720.1.1.18 |
This object specifies the global minimum hold-time for SXP
connections in 'speaker' mode. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
1..65534 |
|
ctsxSxpListenerMinHoldTime |
1.3.6.1.4.1.9.9.720.1.1.19 |
This object specifies the global minimum hold-time for
SXP connections in 'listener' mode.
Value of this object must be lesser than
ctsxSxpListenerMaxHoldTime. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
1..65534 |
|
ctsxSxpListenerMaxHoldTime |
1.3.6.1.4.1.9.9.720.1.1.20 |
This object specifies the global maximum hold-time for
SXP connections in 'listener' mode.
Value of this object must be greater than
ctsxSxpListenerMinHoldTime. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
1..65534 |
|
ctsxSxpVersionSupport |
1.3.6.1.4.1.9.9.720.1.1.21 |
The highest version of SXP protocol that this device supports.
'unknown' - The SXP protocol version capability for the
device is unknown.
'one' - The device supports SXP protocol up to version 1.
'two' - The device supports SXP protocol up to version 2.
'three' - The device supports SXP protocol up to version 3.
'four' - The device supports SXP protocol up to version 4. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
unknown(1), one(2), two(3), three(4), four(5) |
|
ctsxSxpConnectionEntry |
1.3.6.1.4.1.9.9.720.1.2.1.1 |
An entry containing management information of a
particular SXP peers. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CtsxSxpConnectionEntry |
|
|
ctsxSxpConnVrfName |
1.3.6.1.4.1.9.9.720.1.2.1.1.1 |
The name of the Virtual Routing and Forwarding (VRF) table
associated with this SXP connection.
A zero length string implies that connection will be setup
in the default virtual routing and forwarding domain. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CiscoVrfName |
|
|
ctsxSxpConnPeerAddr |
1.3.6.1.4.1.9.9.720.1.2.1.1.3 |
The Internet address of the SXP peer device. The type of this
address is determined by the value of ctsxSxpConnPeerAddrType
object. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
InetAddress |
Size(1..64) |
|
ctsxSxpConnSourceAddr |
1.3.6.1.4.1.9.9.720.1.2.1.1.5 |
The source Internet address configured for this SXP connection.
The type of this address is determined by the value
of ctsxSxpConnSourceAddrType object.
When specified, value of this object takes precedence over
the ctsxSxpDefaultSourceAddr object. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
InetAddress |
|
|
ctsxSxpConnOperSourceAddr |
1.3.6.1.4.1.9.9.720.1.2.1.1.7 |
The source Internet address that is in use for
this SXP connection.
The type of this address is determined by the value
of ctsxSxpConnSourceAddrType object. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
InetAddress |
|
|
ctsxSxpConnPasswordUsed |
1.3.6.1.4.1.9.9.720.1.2.1.1.8 |
This object specifies the type of password to be used for this
SXP connection.
'none' - No password required for the SXP connection.
'default' - The default password which is specified by the
object ctsxSxpViewDefaultPassword, will be used
for the SXP connection.
'connectionSpecific' - The password specified by the
ctsxSxpConnViewPassword object will be used for
the connection. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
INTEGER |
none(1), default(2), connectionSpecific(3) |
|
ctsxSxpConnConfigPasswordType |
1.3.6.1.4.1.9.9.720.1.2.1.1.9 |
This object specifies the type of encryption used
to configure ctsxSxpConnConfigPassword string.
When read, this object will always return 'other'.
Value for this object may be specified as 'clearText',
'typeSix' or 'typeSeven' if the value of the object
ctsxSxpConnPasswordUsed is 'connectionSpecific'.
Value for this object may not be specified if the value of
ctsxSxpConnPasswordUsed is other than 'connectionSpecific'. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
CtsPasswordEncryptionType |
|
|
ctsxSxpConnConfigPassword |
1.3.6.1.4.1.9.9.720.1.2.1.1.10 |
This object is used to specify the password for this
connection.
The type of encryption used to configure this password
is determined by ctsxSxpConnConfigPasswordType.
When read, this object will always return a zero length string.
A non zero length password must be specified for this object if
the value of ctsxSxpConnConfigPasswordType is other than 'none'
or 'other'.
A value for this object may not be specified if the value of
ctsxSxpConnPasswordUsed is other than 'connectionSpecific'.
The purpose of this object is to only allow configuration of
the password. The ctsxSxpConnViewPassword object is used to
display the password. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
CtsPassword |
|
|
ctsxSxpConnViewPassword |
1.3.6.1.4.1.9.9.720.1.2.1.1.12 |
This object indicates the password associated with this
connection.
The type of encryption used to display this password is
determined by the object ctsxSxpConnViewPasswordType.
The purpose of this object is to only display the password.
The ctsxSxpConnConfigPassword object is used to configure the
password. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
CtsPassword |
|
|
ctsxSxpConnModeLocation |
1.3.6.1.4.1.9.9.720.1.2.1.1.13 |
This object specifies if ctsxSxpConnMode is applicable
for local or the peer device.
A value of 'local' indicates that ctsxSxpConnMode applies to
the local device in this SXP connection.
A value of 'peer' indicates that ctsxSxpConnMode applies to
the peer device in this SXP connection. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
INTEGER |
local(1), peer(2) |
|
ctsxSxpConnMode |
1.3.6.1.4.1.9.9.720.1.2.1.1.14 |
This object specifies the device mode of this SXP connection.
A value of 'speaker' indicates that device will acts as
the speaker in this SXP connection.
A value of 'listener' indicates that device will acts as
the listener in this SXP connection. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
INTEGER |
speaker(1), listener(2) |
|
ctsxSxpConnInstance |
1.3.6.1.4.1.9.9.720.1.2.1.1.15 |
This object indicates the instance number associated
with this SXP connection.
The instance number is used to identify stale SGT
mappings which need to be removed from the system. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ctsxSxpConnStatusLastChange |
1.3.6.1.4.1.9.9.720.1.2.1.1.16 |
The amount of time elapsed since change in status of this SXP
connection. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ctsxSxpConnStatus |
1.3.6.1.4.1.9.9.720.1.2.1.1.17 |
This object indicates the status of this SXP connection.
'other' - Any other state not covered by below
enumerations.
'off' - The SXP connection has been disconnected.
SGT mappings are no longer learnt through SXP
connection in this state. SGT mappings
already learnt through this connection will be
deleted.
'on' - The SXP connection has been successfully
established. SGT mappings are learnt
through this SXP connection.
'pendingOn' - A request to establish SXP connection has been
sent to the peer and is pending.
'deleteHoldDown' - The SXP connection is not operational and
delete hold-down timer has been started. If the
SXP connection does not recover before the
expiration of the hold-down timer, the SGT
mappings learnt on this connection will be
deleted. If the SXP connection recovers
before the expiration of the hold-down timer,
the SGT mappings learnt on this connection
will not be deleted. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
other(1), off(2), on(3), pendingOn(4), deleteHoldDown(5) |
|
ctsxSxpVrfId |
1.3.6.1.4.1.9.9.720.1.2.1.1.18 |
The numerical identifier associated with ctsxSxpConnVrfName. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ctsxSxpConnRowStatus |
1.3.6.1.4.1.9.9.720.1.2.1.1.20 |
The status of this conceptual row.
Once a row becomes active, only the value in
ctsxSxpConnModeLocation, ctsxSxpConnMode
ctsxSxpConnSpeakerMinHoldTime, ctsxSxpConnListenerMinHoldTime,
and ctsxSxpConnListenerMaxHoldTime within each a row can
be modified. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
RowStatus |
|
|
ctsxSxpConnVersion |
1.3.6.1.4.1.9.9.720.1.2.1.1.21 |
The version of SXP protocol in use for this connection.
'unknown' - Version of SXP protocol for this connection
is unknown.
'one' - Connection is using version 1 of the SXP protocol.
'two' - Connection is using version 2 of the SXP protocol.
'three' - Connection is using version 3 of the SXP protocol.
'four' - Connection is using version 4 of the SXP protocol. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
unknown(1), one(2), two(3), three(4), four(5) |
|
ctsxSxpConnSpeakerMinHoldTime |
1.3.6.1.4.1.9.9.720.1.2.1.1.22 |
This object specifies the minimum hold-time for this SXP
connection when the device is acting as 'speaker'.
Setting the object to zero indicates that the global value
ctsxSxpSpeakerMinHoldTime will be used for the connection.
Setting the object to 65535 indicates that the hold-time
functionality has been disabled for the connection. Value of
this object must be 65535 if the corresponding instance value
of ctsxSxpConnListenerMinHoldTime is 65535.
Value of this object should be ignored and can not be set
if the corresponding instance values of ctsxSxpConnModeLocation
is 'local' and ctsSxpConnMode is 'listener' or
ctsxSxpConnModeLocation is 'peer' and ctsSxpConnMode is
'speaker'. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
0 | 1..65534 | 65535 |
|
ctsxSxpConnListenerMinHoldTime |
1.3.6.1.4.1.9.9.720.1.2.1.1.23 |
This object specifies the minimum hold-time for this SXP
connection when the device is acting as 'listener'.
Value of this object must be lesser than
ctsxSxpConnListenerMaxHoldTime.
Setting the object to zero indicates that the global value
ctsxSxpListenerMinHoldTime will be used for the connection.
Value of this object must be zero if the value of corresponding
instance value of ctsxSxpConnListenerMaxHoldTime is zero.
Setting the object to 65535 indicates that hold-time
functionality has been disabled for the connection. Value of
this object must be 65535 if the corresponding instance value
of ctsxSxpConnListenerMaxHoldTime is 65535.
Value of this object should be ignored and can not be set
if the corresponding instance value of ctsxSxpConnModeLocation
is 'local' and ctsSxpConnMode is 'speaker' or
ctsxSxpConnModeLocation is 'peer' and ctsSxpConnMode is
'listener'. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
0 | 1..65534 | 65535 |
|
ctsxSxpConnListenerMaxHoldTime |
1.3.6.1.4.1.9.9.720.1.2.1.1.24 |
This object specifies the maximum hold-time for this SXP
connection when the device is acting as 'listener'.
Value of this object must be greater than
ctsxSxpConnListenerMinHoldTime.
Setting the object to zero indicates that the global value
ctsxSxpListenerMaxHoldTime will be used for the connection.
Value of this object must be zero if the corresponding
instance value of ctsxSxpConnListenerMinHoldTime is zero.
Setting the object to 65535 indicates that hold-time
functionality has been disabled for the connection. Value of
this object must be 65535 if the corresponding instance value
ctsxSxpConnListenerMinHoldTime is 65535.
Value of this object should be ignored and can not be set
if the corresponding instance value of ctsxSxpConnModeLocation
is 'local' and ctsSxpConnMode is 'speaker' or
ctsxSxpConnModeLocation is 'peer' and ctsSxpConnMode is
'listener'. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
0 | 1..65534 | 65535 |
|
ctsxSxpConnHoldTime |
1.3.6.1.4.1.9.9.720.1.2.1.1.25 |
This object indicates the hold-time in use for this
SXP connection.
A value of 0 indicates that hold-time functionality has been
disabled for this connection. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ctsxSxpConnCapability |
1.3.6.1.4.1.9.9.720.1.2.1.1.26 |
This object indicates the capability of SXP connection. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
BITS |
ipv4(0), ipv6(1), subnet(2) |
|
ctsxIpSgtMappingTable |
1.3.6.1.4.1.9.9.720.1.3.1 |
A list of SGT mappings learnt by this device.
If the value of ctsxSxpConnVersion is 'three' or above,
this table populates entries for all mapping addresses
without prefix.
Addresses with prefix are not populated in this table.
ctsxSxpSgtMapTable should be used in such case. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
CtsxIpSgtMappingEntry |
|
ctsxIpSgtMappingEntry |
1.3.6.1.4.1.9.9.720.1.3.1.1 |
An entry containing management information about SGT
mapping learnt by this device.
An entry will be created for each SGT mappings the device
learns via SXP.
An entry will be deleted if SXP connection from where the
SGT mappings was learnt is disconnected. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CtsxIpSgtMappingEntry |
|
|
ctsxIpSgtMappingVrfId |
1.3.6.1.4.1.9.9.720.1.3.1.1.1 |
The VRF number identifying the VRF where this SGT mapping
was learnt. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ctsxIpSgtMappingAddr |
1.3.6.1.4.1.9.9.720.1.3.1.1.3 |
The IP address in this SGT mapping.
The type of this address is determined by the value of
ctsxIpSgtMappingAddrType object. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
InetAddress |
Size(1..48) |
|
ctsxIpSgtMappingPeerAddr |
1.3.6.1.4.1.9.9.720.1.3.1.1.5 |
The IP address of the peer SXP device from where this SGT
mapping was learnt.
The type of this address is determined by the value of
ctsxIpSgtMappingPeerAddrType object. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
InetAddress |
Size(1..48) |
|
ctsxIpSgtMappingSgt |
1.3.6.1.4.1.9.9.720.1.3.1.1.6 |
The Security Group Tag (SGT) in this SGT mapping.
ctsxIpSgtMappingAddr represents the IP address associated
with this SGT. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
CtsSecurityGroupTag |
|
|
ctsxIpSgtMappingInstance |
1.3.6.1.4.1.9.9.720.1.3.1.1.7 |
This object indicates the instance number of the SXP
connection from where this SGT mapping was learnt.
The instance number is used to determine if an SGT
mapping entry is stale and needs to be removed
from the system. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ctsxIpSgtMappingStatus |
1.3.6.1.4.1.9.9.720.1.3.1.1.9 |
This object indicates the status of this SGT mapping.
'other' - Any other state no covered by below
enumerations.
'active' - The SGT mapping is currently active. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
other(1), active(2) |
|
ctsxSxpSgtMapEntry |
1.3.6.1.4.1.9.9.720.1.3.2.1 |
An entry containing management information about SGT
mapping learnt by this device.
An entry will be created for each of the SGT mappings
the device learns via SXP.
An entry will be deleted if SXP connection from where the
SGT mappings was learnt is disconnected. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CtsxSxpSgtMapEntry |
|
|
ctsxSxpSgtMapVrfId |
1.3.6.1.4.1.9.9.720.1.3.2.1.1 |
The VRF number identifying the VRF where this SGT mapping
was learnt. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ctsxSxpSgtMapAddr |
1.3.6.1.4.1.9.9.720.1.3.2.1.3 |
The address in this SGT mapping.
The type of this address is determined by the value of
ctsxSxpSgtMapAddrType object. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
InetAddress |
Size(1..48) |
|
ctsxSxpSgtMapAddrPrefixLength |
1.3.6.1.4.1.9.9.720.1.3.2.1.4 |
This object indicates the length of the prefix associated
with ctsxSxpSgtMapAddr.
This object is always interpreted with the value of
ctsxSxpSgtMapAddrType object. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
InetAddressPrefixLength |
|
|
ctsxSxpSgtMapPeerAddrType |
1.3.6.1.4.1.9.9.720.1.3.2.1.5 |
The type of address of the SXP peer device from where
this SGT mapping was learnt. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
InetAddressType |
|
|
ctsxSxpSgtMapPeerAddr |
1.3.6.1.4.1.9.9.720.1.3.2.1.6 |
The address of the peer SXP device from where this SGT
mapping was learnt.
The type of this address is determined by the value of
ctsxSxpSgtMapPeerAddrType object. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
InetAddress |
Size(1..48) |
|
ctsxSxpSgtMapSgt |
1.3.6.1.4.1.9.9.720.1.3.2.1.7 |
The Security Group Tag (SGT) in this SGT mapping.
ctsxSxpSgtMapAddr represents the address associated
with this SGT. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
CtsSecurityGroupTag |
|
|
ctsxSxpSgtMapInstance |
1.3.6.1.4.1.9.9.720.1.3.2.1.8 |
This object indicates the instance number of the SXP
connection from where this SGT binding was learnt.
The instance number is used to determine if an SGT
mapping entry is stale and needs to be removed
from the system. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ctsxSxpSgtMapVrfName |
1.3.6.1.4.1.9.9.720.1.3.2.1.9 |
The name of the VRF identified by ctsxEnahncedSgtMapVrfId. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
CiscoVrfName |
|
|
ctsxSxpSgtMapPeerSeq |
1.3.6.1.4.1.9.9.720.1.3.2.1.10 |
The Peer Sequence associated with this SGT
mapping entry.
It is a sequence of node IDs though which SGT
mapping has traversed.
Each node ID is 4 octets long. The octets 1 to 4
represent the first node ID in the sequence, octets
5 to 8 represent the second node ID in the sequence
and so on. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
OCTET STRING |
|
|
ctsxSxpSgtMapStatus |
1.3.6.1.4.1.9.9.720.1.3.2.1.11 |
This object indicates the status of this SGT mapping.
'other' - Any other state no covered by below
enumerations.
'active' - The SGT mapping is currently active. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
other(1), active(2) |
|
ctsxSxpConnSourceAddrErrNotifEnable |
1.3.6.1.4.1.9.9.720.1.4.1 |
This object specifies whether the system generates the
ctsxSxpConnSourceAddrErrNotif.
A value of 'false' will prevent ctsxSxpConnSourceAddrErrNotif
notifications from being generated by this system. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsxSxpMsgParseErrNotifEnable |
1.3.6.1.4.1.9.9.720.1.4.2 |
This object specifies whether the system generates the
ctsxSxpMsgParseErrNotif.
A value of 'false' will prevent ctsxSxpMsgParseErrNotif
notifications from being generated by this system. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsxSxpConnConfigErrNotifEnable |
1.3.6.1.4.1.9.9.720.1.4.3 |
This object specifies whether the system generates the
ctsxSxpConnConfigErrNotif.
A value of 'false' will prevent ctsxSxpConnConfigErrNotif
notifications from being generated by this system. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsxSxpBindingErrNotifEnable |
1.3.6.1.4.1.9.9.720.1.4.4 |
This object specifies whether the system generates the
ctsxSxpBindingErrNotif.
A value of 'false' will prevent ctsxSxpBindingErrNotif
notifications from being generated by this system. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsxSxpConnUpNotifEnable |
1.3.6.1.4.1.9.9.720.1.4.5 |
This object specifies whether the system generates the
ctsxSxpConnUpNotif.
A value of 'false' will prevent ctsxSxpConnUpNotif
notifications from being generated by this system. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsxSxpConnDownNotifEnable |
1.3.6.1.4.1.9.9.720.1.4.6 |
This object specifies whether the system generates the
ctsxSxpConnDownNotif.
A value of 'false' will prevent ctsxSxpConnDownNotif
notifications from being generated by this system. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsxSxpExpansionFailNotifEnable |
1.3.6.1.4.1.9.9.720.1.4.7 |
This object specifies whether the system generates the
ctsxSxpExpansionFailNotif.
A value of 'false' will prevent ctsxSxpExpansionFailNotif
notifications from being generated by this system. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsxSxpOperNodeIdChangeNotifEnable |
1.3.6.1.4.1.9.9.720.1.4.8 |
This object specifies whether the system generates the
ctsxSxpOperNodeIdChangeNotif.
A value of 'false' will prevent ctsxSxpOperNodeIdChangeNotif
notifications from being generated by this system. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsxSxpBindingConflictNotifEnable |
1.3.6.1.4.1.9.9.720.1.4.9 |
This object specifies whether the system generates the
ctsxSxpBindingConflictNotif.
A value of 'false' will prevent ctsxSxpBindingConflictNotif
notifications from being generated by this system. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsxSgtMapExpansionVrf |
1.3.6.1.4.1.9.9.720.1.5.1 |
This object indicates the VRF name for which
host SGT bindings cannot be expanded. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
CiscoVrfName |
|
|
ctsxSgtMapExpansionAddrType |
1.3.6.1.4.1.9.9.720.1.5.2 |
This object indicates the type of subnet address for
which host SGT binding cannot be expanded. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
InetAddressType |
|
|
ctsxSgtMapExpansionAddr |
1.3.6.1.4.1.9.9.720.1.5.3 |
This object indicates the subnet address for which
host SGT binding cannot be expanded.
The type of this address is determined by the value of
ctsxSgtMapExpansionAddrType object. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
InetAddress |
|
|
ctsxSgtMapExpansionAddrPrefixLength |
1.3.6.1.4.1.9.9.720.1.5.4 |
This object indicates the length of the prefix associated
with ctsxSgtMapExpansionAddr.
This object is always interpreted with the value of
ctsxSgtMapExpansionAddrType object. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
InetAddressPrefixLength |
|
|
ctsxSxpNotifErrMsg |
1.3.6.1.4.1.9.9.720.1.5.5 |
This object indicates error message associated with
notifications. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
SnmpAdminString |
|
|
ctsxSgtMapConflictingVrfName |
1.3.6.1.4.1.9.9.720.1.5.6 |
This object indicates the VRF name of the SXP connection
on which conflicting SGT mapping was received. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
CiscoVrfName |
|
|
ctsxSgtMapConflictingAddr |
1.3.6.1.4.1.9.9.720.1.5.8 |
This object indicates the Internet address
in the conflicting SGT mapping.
The type of this address is determined by the value of
ctsxSgtMapConflictingAddrType object. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
InetAddress |
|
|
ctsxSxpOldOperNodeId |
1.3.6.1.4.1.9.9.720.1.5.11 |
The SXP node ID that was in use by this SXP node and
now replaced by a new SXP node ID represented by
ctsxSxpOperNodeId. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ctsxSxpConnSourceAddrErrNotif |
1.3.6.1.4.1.9.9.720.0.1 |
A ctsxSxpConnSourceAddrErrNotif is generated if the
system is not able to establish SXP connection using
ctsxSxpConnOperSourceAddr. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ctsxSxpMsgParseErrNotif |
1.3.6.1.4.1.9.9.720.0.2 |
A ctsxSxpMsgParseErrNotif is generated if the system is
not able to parse a received SXP message. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ctsxSxpConnConfigErrNotif |
1.3.6.1.4.1.9.9.720.0.3 |
A ctsxSxpConnConfigErrNotif is generated if the system
detects a configuration error for an SXP connection. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ctsxSxpBindingErrNotif |
1.3.6.1.4.1.9.9.720.0.4 |
A ctsxSxpBindingErrNotif is generated if the address in the
SGT mapping is not found in routing and forwarding table of
the system. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ctsxSxpConnUpNotif |
1.3.6.1.4.1.9.9.720.0.5 |
A ctsxSxpConnUpNotif is generated if the ctsxSxpConnStatus
for an SXP connection transitioned into 'on' state. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ctsxSxpConnDownNotif |
1.3.6.1.4.1.9.9.720.0.6 |
A ctsxSxpConnDownNotif is generated if ctsxSxpConnStatus
for an SXP connection left the 'on' state and transitioned
into some other state. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ctsxSxpExpansionFailNotif |
1.3.6.1.4.1.9.9.720.0.7 |
A ctsxSxpExpansionFailNotif is generated if the number of
expanded SGT maps reaches the configured limit and the received
SGT mapping can not be expanded. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ctsxSxpOperNodeIdChangeNotif |
1.3.6.1.4.1.9.9.720.0.8 |
A ctsxSxpOperNodeIdChangeNotif is generated if the value of
ctsxSxpOperNodeId changes. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ctsxSxpBindingConflictNotif |
1.3.6.1.4.1.9.9.720.0.9 |
A ctsxSxpBindingConflictNotif is generated if the
device receives conflicting SGT mapping information. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ciscoTrustSecSxpMIBCompliance |
1.3.6.1.4.1.9.9.720.2.1.1 |
The compliance statement for the CISCO-TRUSTSEC-SXP-MIB. |
Status: deprecated |
Access: read-only |
MODULE-COMPLIANCE |
|
|
|
ciscoTrustSecSxpMIBCompliance2 |
1.3.6.1.4.1.9.9.720.2.1.2 |
The compliance statement for the CISCO-TRUSTSEC-SXP-MIB. |
Status: deprecated |
Access: read-only |
MODULE-COMPLIANCE |
|
|
|
ciscoTrustSecSxpMIBCompliance3 |
1.3.6.1.4.1.9.9.720.2.1.3 |
The compliance statement for the CISCO-TRUSTSEC-SXP-MIB. |
Status: current |
Access: read-only |
MODULE-COMPLIANCE |
|
|
|
ctsxSxpGlobalGroup |
1.3.6.1.4.1.9.9.720.2.2.1 |
A collection of objects providing management functionality
of global SXP configuration. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ctsxSxpConnectionGroup |
1.3.6.1.4.1.9.9.720.2.2.2 |
A collection of objects providing management functionality
of SXP connections. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ctsxIpSgtMappingGroup |
1.3.6.1.4.1.9.9.720.2.2.3 |
A collection of objects providing management functionality
of SGT mapping for SXP. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ctsxSxpVersionGroup |
1.3.6.1.4.1.9.9.720.2.2.4 |
A collection of object(s) providing version information
for SXP. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ctsxSxpBindingLogGroup |
1.3.6.1.4.1.9.9.720.2.2.5 |
A collection of object(s) providing logging control
for SXP binding. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ctsxSxpBindingNotifInfoGroup |
1.3.6.1.4.1.9.9.720.2.2.6 |
A collection of object(s) providing variable binding
information for SXP notifications. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ctsxSxpNotifErrMsgGroup |
1.3.6.1.4.1.9.9.720.2.2.7 |
A collection of object(s) providing detailed error messages
for SXP notifications. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ctsxSxpNodeIdInfoGroup |
1.3.6.1.4.1.9.9.720.2.2.8 |
A collection of object(s) providing SXP node ID information
for the system. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ctsxSxpSgtMapGroup |
1.3.6.1.4.1.9.9.720.2.2.9 |
A collection of objects providing management functionality
of SGT mapping and expansion for SXP. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ctsxNotifsControlGroup |
1.3.6.1.4.1.9.9.720.2.2.10 |
A collection of objects providing notification control
for SXP. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ctsxNotifsGroup |
1.3.6.1.4.1.9.9.720.2.2.11 |
A collection of notifications for SXP. |
Status: current |
Access: read-only |
NOTIFICATION-GROUP |
|
|
|
ctsxSxpGlobalHoldTimeGroup |
1.3.6.1.4.1.9.9.720.2.2.12 |
A collection of objects providing global
hold-time information for SXP connections. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ctsxSxpConnHoldTimeGroup |
1.3.6.1.4.1.9.9.720.2.2.13 |
A collection of objects providing hold-time
information for each SXP connection. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ctsxSxpConnCapbilityGroup |
1.3.6.1.4.1.9.9.720.2.2.14 |
A collection of object(s) providing capability
information for each SXP connection. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ctsxSxpVersionSupportGroup |
1.3.6.1.4.1.9.9.720.2.2.15 |
A collection of object(s) providing SXP version
capability information. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ctsxSgtMapPeerSeqGroup |
1.3.6.1.4.1.9.9.720.2.2.16 |
A collection of object(s) providing Peer Sequence
information. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|