-- ***************************************************************************** -- Juniper-DOS-PROTECTION-MIB -- -- Juniper Networks Enterprise MIB -- DOS Protection MIB -- -- Copyright (c) 2005-2006 Juniper Networks, Inc. -- All Rights Reserved. -- ***************************************************************************** Juniper-DOS-PROTECTION-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Counter32, Unsigned32 FROM SNMPv2-SMI JuniEnable FROM Juniper-TC TEXTUAL-CONVENTION, TruthValue FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF juniMibs FROM Juniper-MIBs; juniDosProtectionMIB MODULE-IDENTITY LAST-UPDATED "200601010000Z" -- 01-Jan-2006 00:00 ORGANIZATION "Juniper Networks, Inc." CONTACT-INFO " Juniper Networks, Inc. Postal: 10 Technology Park Drive Westford, MA 01886-3146 USA Tel: +1 978 589 5800 Email: mib@Juniper.net" DESCRIPTION "The DOS Protection MIB for the Juniper E-Series product family. This MIB contains managed objects for the DOS Protection application. Management objects are provided to control and monitor the DOS protection application." -- Revision History REVISION "200608180400Z" -- 18-Aug-2006 00:00 AM EDT - JUNOSe 8.0 DESCRIPTION "Added MPLS Lsp Ping support." REVISION "200608171926Z" -- 17-Aug-2006 03:26 PM EDT - JUNOSe 7.3 DESCRIPTION "Added new protocol type, atmDynamicIfPppData, to manage in JuniDosProtectionProtocolType." REVISION "200601010500Z" -- 01-Jan-2006 00:00 AM EST - JUNOSe 7.3 DESCRIPTION "Initial version of this MIB module." ::= { juniMibs 80 } -- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -- Textual conventions -- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ JuniDosProtectionProtocolType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The control protocols that are supported by the DOS protection application." SYNTAX INTEGER { pppEchoRequest(0), ppEchoReply(1), pppEchoReplyFast(2), pppControl(3), atmControl(4), atmOam(5), atmDynamicIf(6), atmInverseArp(7), frameRelayControl(8), frameRelayArp(9), pppoeControl(10), pppoePppConfig(11), ethernetArpMiss(12), ethernetArp(13), ethernetLacp(14), ethernetDynamicIf(15), slepSlarp(16), mplsTtlOnReceive(17), mplsTtlOnTransmit(18), mplsMtuExceeded(19), itmL2tpControl(20), flisInPayload(21), flisInPayloadUpdateTable(22), dhcpExternal(23), ipOsi(24), ipTtlExpired(25), ipOptionsOther(26), ipOptionsRouterAlert(27), ipMulticastBroadcastOther(28), ipMulticastDhcpSc(29), ipMulticastControlSc(30), ipMulticastControlIc(31), ipMulticastVrrp(32), ipMulticastCacheMiss(33), ipMulticastCacheMissAutoReply(34), ipMulticastWrongIf(35), ipLocalDhcpSc(36), ipLocalDhcpIc(37), ipLocalIcmpEcho(38), ipLocalIcmpOther(39), ipLocalLDP(40), ipLocalBgp(41), ipLocalOspf(42), ipLocalRsvp(43), ipLocalPim(44), ipLocalCops(45), ipLocalL2tpControlSc(46), ipLocalL2tpControlIc(47), ipLocalOther(48), ipLocalDemuxMiss(49), ipRouteToSrpEthernet(50), ipRouteNoRoute(51), ipNormalPathMtu(52), ipNeighborDiscovery(53), ipNeighborDiscoveryMiss(54), ipSearchError(55), ipMld(56), ipLocalPimAssert(57), ipLocalBfd(58), ipIke(59), ipReassembly(60), ipLocalIcmpFragment(61), ipLocalFragment(62), ipAppClassifierHttpRedirect(63), ipMulticastDhcpIc(64), dhcpTesterIc(65), atmDynamicIfPppData(66), ipLocalLspPing(67) } JuniDosProtectionPriorityType ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The control priorities that are supported by the DOS protection application." SYNTAX INTEGER { hiGreenFcIc(0), hiYellowFcIc(1), loGreenFcIc(2), loYellowFcIc(3), hiGreenFcSc(4), hiYellowFcSc(5), loGreenFcSc(6), loYellowFcSc(7) } JuniDosProtectionProtocolState ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The current state of a protocol." SYNTAX INTEGER { ok(1), inTrouble(2) } JuniDosProtectionScfdsTableOverflowState ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The current state of the suspicious flow table." SYNTAX INTEGER { notOverflowingOrGrouping(1), grouping(2), overflowing(3) } -- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -- Managed objects -- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ juniDosProtectionObjects OBJECT IDENTIFIER ::= { juniDosProtectionMIB 1 } juniDosProtectionScfdsGroup OBJECT IDENTIFIER ::= { juniDosProtectionObjects 1 } -- -- scalars -- juniDosProtectionScfdsGlobalState OBJECT-TYPE SYNTAX JuniEnable MAX-ACCESS read-write STATUS current DESCRIPTION "Controls whether the suspicious control flow detection system is enabled or disabled. Setting the value to enable(1) enables the suspicious control flow detection system. Setting the value to disable(0) disables the system. When read this object returns the current state of the system." DEFVAL { enable } ::= { juniDosProtectionScfdsGroup 1 } juniDosProtectionScfdsGlobalGrouping OBJECT-TYPE SYNTAX JuniEnable MAX-ACCESS read-write STATUS current DESCRIPTION "When set to enable(1), the suspicious flow control system will group flows when resources are unavailable to treat each suspicious flow individually. When set to disable(0), this feature will be inhibited and the suspicious control flow system may not recognize all suspicious flows during a resource shortage. When read this object will return the current state of the object." DEFVAL { enable } ::= { juniDosProtectionScfdsGroup 2 } juniDosProtectionScfdsGlobalClearAll OBJECT-TYPE SYNTAX INTEGER { ok(0), clear(1) } MAX-ACCESS read-write STATUS current DESCRIPTION "When set to clear(1), the suspicious control flow detection system is cleared. When set to ok(0), there is no effect and the suspicious control flow detection system is unchanged. By clearing the suspicious control flow detection system all flows are removed from the suspicious flow table. When read, always returns a value of ok(0)." ::= { juniDosProtectionScfdsGroup 3 } juniDosProtectionScfdsGlobalDiscontinuityTime OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The sysUpTime at which the counters were last re-initialized on any slot due to a restart." ::= { juniDosProtectionScfdsGroup 4 } juniDosProtectionScfdsGlobalTableOverflowState OBJECT-TYPE SYNTAX JuniDosProtectionScfdsTableOverflowState MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates whether any module in the system is in under a resource shortage situation. A value of notOverflowingOrGrouping(1) indicates that there is no resource shortage on any module. A value of grouping(2) or overflowing(3) indicates that at least one module is suffering from a resource shortage, and has acted according to the state of the juniDosProtectionScfdsGlobalGrouping object." ::= { juniDosProtectionScfdsGroup 5 } -- -- global counters -- juniDosProtectionScfdsGlobalCurrentSuspiciousFlows OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of flows currently marked as suspicious." ::= { juniDosProtectionScfdsGroup 6 } juniDosProtectionScfdsGlobalNumberSuspiciousFlows OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of suspicious flows seen since system restart." ::= { juniDosProtectionScfdsGroup 7 } juniDosProtectionScfdsGlobalCurrentSuspiciousFlowGroups OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of flow groups currently marked as suspicious." ::= { juniDosProtectionScfdsGroup 8 } juniDosProtectionScfdsGlobalNumberSuspiciousFlowGroups OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of suspicius flow groups seen since system restart." ::= { juniDosProtectionScfdsGroup 9 } juniDosProtectionScfdsGlobalCurrentFalseNegativeFlows OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of flows currently falsely considered suspicious. A false negative indicates that the flow was seen as possibly suspicious, but did not pass all the tests to be considered suspicious. This is a normal condition of the system." ::= { juniDosProtectionScfdsGroup 10 } juniDosProtectionScfdsGlobalNumberFalseNegativeFlows OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of flows falsely considered possibly suspicious seen since system restart." ::= { juniDosProtectionScfdsGroup 11 } juniDosProtectionScfdsGlobalNumberTableOverflows OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of times the system had a table overflow on any slot." ::= { juniDosProtectionScfdsGroup 12 } -- -- protocol table -- juniDosProtectionScfdsProtocolTable OBJECT-TYPE SYNTAX SEQUENCE OF JuniDosProtectionScfdsProtocolEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The information for the DOS protection control protocols." ::= { juniDosProtectionScfdsGroup 13 } juniDosProtectionScfdsProtocolEntry OBJECT-TYPE SYNTAX JuniDosProtectionScfdsProtocolEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The information for an individual DOS protection control protocol." INDEX { juniDosProtectionScfdsProtocolIndex } ::= { juniDosProtectionScfdsProtocolTable 1 } JuniDosProtectionScfdsProtocolEntry ::= SEQUENCE { juniDosProtectionScfdsProtocolIndex JuniDosProtectionProtocolType, juniDosProtectionScfdsProtocolThreshold Unsigned32, juniDosProtectionScfdsProtocolLowThreshold Unsigned32, juniDosProtectionScfdsProtocolBackoffTime Unsigned32, juniDosProtectionScfdsProtocolState JuniDosProtectionProtocolState, juniDosProtectionScfdsProtocolTransitions Counter32} juniDosProtectionScfdsProtocolIndex OBJECT-TYPE SYNTAX JuniDosProtectionProtocolType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The control protocol value for this entry." ::= { juniDosProtectionScfdsProtocolEntry 1 } juniDosProtectionScfdsProtocolThreshold OBJECT-TYPE SYNTAX Unsigned32(0|3..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "The threshold in packets per second for this control protocol. This is the rate at which a flow for this protocol is considered suspicious. Setting this object to zero will have the affect of excusing this protocol from suspicious control flow detection." ::= { juniDosProtectionScfdsProtocolEntry 2 } juniDosProtectionScfdsProtocolLowThreshold OBJECT-TYPE SYNTAX Unsigned32(0|1..32767) MAX-ACCESS read-write STATUS current DESCRIPTION "The low threshold in packets per second for this control protocol . This is the rate at which a flow must fall below to in order return to the normal state, after having been marked suspicious. A low threshold of zero disables this functionality." ::= { juniDosProtectionScfdsProtocolEntry 3 } juniDosProtectionScfdsProtocolBackoffTime OBJECT-TYPE SYNTAX Unsigned32(0|10..1000) MAX-ACCESS read-write STATUS current DESCRIPTION "The backoff time in seconds. A flow which is considered suspicious will be returned to normal after this amount of time regardless of the current rate of the flow. A backoff time of 0 disables this functionality." DEFVAL { 300 } ::= { juniDosProtectionScfdsProtocolEntry 4 } juniDosProtectionScfdsProtocolState OBJECT-TYPE SYNTAX JuniDosProtectionProtocolState MAX-ACCESS read-only STATUS current DESCRIPTION "The current state of the protocol. This object will return inTrouble(2) if any module in the system has reported that the protocol is currently being watched for suspicious flows. If no module reports that this protocol is being watched this object will return ok(1). A protocol is in trouble on a module when the sum of the rate for all flows for the protocol is over the limit for that protocol." ::= { juniDosProtectionScfdsProtocolEntry 5 } juniDosProtectionScfdsProtocolTransitions OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of transitions to 'inTrouble' that this control protocol has made." ::= { juniDosProtectionScfdsProtocolEntry 6 } -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -- Notifications -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ --juniDosProtectionTraps OBJECT IDENTIFIER ::= { juniDosProtectionMIB 0 } --juniDosProtectionTrapControl OBJECT IDENTIFIER ::= { juniDosProtectionMIB 2 } --juniDosProtectionScfdsTraps OBJECT IDENTIFIER ::= { juniDosProtectionTraps 0 } -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -- Conformance information -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ juniDosProtectionMIBConformance OBJECT IDENTIFIER ::= { juniDosProtectionMIB 4 } juniDosProtectionMIBCompliances OBJECT IDENTIFIER ::= { juniDosProtectionMIBConformance 1 } juniDosProtectionMIBGroups OBJECT IDENTIFIER ::= { juniDosProtectionMIBConformance 2 } juniDosProtectionCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities which implement the Juniper Dos Protection MIB." MODULE -- this module MANDATORY-GROUPS { juniDosProtectionGroup } ::= { juniDosProtectionMIBCompliances 1 } -- -- units of conformance -- juniDosProtectionGroup OBJECT-GROUP OBJECTS {juniDosProtectionScfdsGlobalState, juniDosProtectionScfdsGlobalGrouping, juniDosProtectionScfdsGlobalClearAll, juniDosProtectionScfdsGlobalDiscontinuityTime, juniDosProtectionScfdsGlobalTableOverflowState, juniDosProtectionScfdsGlobalCurrentSuspiciousFlows, juniDosProtectionScfdsGlobalNumberSuspiciousFlows, juniDosProtectionScfdsGlobalCurrentSuspiciousFlowGroups, juniDosProtectionScfdsGlobalNumberSuspiciousFlowGroups, juniDosProtectionScfdsGlobalCurrentFalseNegativeFlows, juniDosProtectionScfdsGlobalNumberFalseNegativeFlows, juniDosProtectionScfdsGlobalNumberTableOverflows, juniDosProtectionScfdsProtocolThreshold, juniDosProtectionScfdsProtocolLowThreshold, juniDosProtectionScfdsProtocolBackoffTime, juniDosProtectionScfdsProtocolState, juniDosProtectionScfdsProtocolTransitions } STATUS current DESCRIPTION "A collection of objects providing management of DOS protection application in a Juniper product." ::= { juniDosProtectionMIBGroups 1 } END