1 ACCESSBIND-PIB PIB-DEFINITIONS ::= BEGIN
5 Unsigned32, Integer32, MODULE-IDENTITY,
6 MODULE-COMPLIANCE, OBJECT-TYPE, OBJECT-GROUP, pib
8 InstanceId, Prid, ReferenceId, TagId, TagReferenceId
12 RoleCombination, PrcIdentifierOid
14 InetAddress, InetAddressType
16 TruthValue, PhysAddress
19 accessBindPib MODULE-IDENTITY
20 SUBJECT-CATEGORIES { all }
21 LAST-UPDATED "200202202002Z"
22 ORGANIZATION "IETF RAP WG"
29 E-mail: wweiss@ellacoya.com
32 "A PIB module containing the set of classes to
33 configure generic event handlers, and outsource
34 events as they occur. One application of this PIB is
35 to bind authorization and authentication to COPS
38 ::= { ibrpib 2 } -- xxx to be assigned by IANA
42 -- The branch OIDs in the AccessBind PIB
45 capabilityClasses OBJECT IDENTIFIER ::= { accessBindPib 1 }
46 eventClasses OBJECT IDENTIFIER ::= { accessBindPib 2 }
47 eventHdlrClasses OBJECT IDENTIFIER ::= { accessBindPib 3 }
48 contextClasses OBJECT IDENTIFIER ::= { accessBindPib 4 }
49 authClasses OBJECT IDENTIFIER ::= { accessBindPib 5 }
50 filterClasses OBJECT IDENTIFIER ::= { accessBindPib 6 }
57 -- Instances of this table represent events that occurred at
58 -- the PEP. The events reference the event handler instance
59 -- and the specific event handler element that the event was
62 eventTable OBJECT-TYPE
63 SYNTAX SEQUENCE OF EventEntry
67 "An instance of this class is created by the PEP and sent
68 to the PDP. As a result of this event, The PDP may send
69 additional unsolicited decisions to the PEP after
70 sending the mandatory solicited decision for the event."
72 ::= { eventClasses 1 }
74 eventEntry OBJECT-TYPE
78 "An instance of the eventTable PRC."
85 EventEntry ::= SEQUENCE {
87 eventEventHdlr ReferenceId,
88 eventCause ReferenceId
95 "An index to uniquely identify this event."
99 eventEventHdlr OBJECT-TYPE
101 PIB-REFERENCES { frwkReferenceEntry }
104 "This attribute allows a PEP to indicate to the PDP that
105 this event was generated due to the referenced Event
106 Handler. This attribute references an event handler via
107 the indirection PRC frwkReference, since the event
108 handler and event could potentially belong to a different
115 eventCause OBJECT-TYPE
117 PIB-REFERENCES { frwkReferenceEntry }
120 "This attribute references the specific instance in a
121 group of event Handler elements belonging to an event
122 Handler that resulted in this event. This attribute
123 references a specific event handler element via the
124 indirection PRC frwkReference, since the event handler
125 element and event could potentially belong to a different
133 -- EventHandler Table
135 -- Instances of this PRC are provisioned by the PDP on the PEP
136 -- to catch specific events. The Event Handlers reference a
137 -- group of eventHdlrElement PRIs that contain the scope of
138 -- the event and specify the context data to send to the PDP
139 -- when an event is caught.
141 eventHandlerTable OBJECT-TYPE
142 SYNTAX SEQUENCE OF EventHandlerEntry
146 "The eventHandlerTable specifies for what events the PEP
147 should send a request to the PDP. As a result of this
148 request, the PEP may send configuration changes to the
149 PEP. An instance of this class defines the circumstances
150 for generating a request, and provides the means for
151 specifying the contents of the PEP Request. Hence, the
152 eventHandlerTable can be said to create eventTable
155 ::= { eventHdlrClasses 1 }
157 eventHandlerEntry OBJECT-TYPE
158 SYNTAX EventHandlerEntry
162 PIB-INDEX { eventHandlerId }
163 UNIQUENESS { eventHandlerElements,
164 eventHandlerNonMatchNext
167 ::= { eventHandlerTable 1}
169 EventHandlerEntry ::= SEQUENCE {
170 eventHandlerId InstanceId,
171 eventHandlerElements TagReferenceId,
172 eventHandlerNonMatchNext Prid
175 eventHandlerId OBJECT-TYPE
179 "An arbitrary integer index that uniquely identifies
180 an instance of the eventHandlerTable class."
182 ::= { eventHandlerEntry 1}
184 eventHandlerElements OBJECT-TYPE
185 SYNTAX TagReferenceId
186 PIB-TAG { eventHdlrElementGrpId }
189 "A reference to a group of eventHdlrElement instances,
190 each of which determines the scope (criteria for
191 generating a new request) and what context information to
194 ::= { eventHandlerEntry 2}
196 eventHandlerNonMatchNext OBJECT-TYPE
200 "The data path for 'out of scope' traffic."
202 ::= { eventHandlerEntry 3}
206 -- EventHdlrElement Table
208 -- Each Instance of this PRC belongs to a group of
209 -- eventHdlrElement PRIs. The group is identified by the
210 -- eventHdlrElementGrpId attribute. These are provisioned by
211 -- the PDP on the PEP to catch specific events. This PRC
212 -- contain the scope of the event and specify the context data
213 -- type to send to the PDP when an event is caught.
215 eventHdlrElementTable OBJECT-TYPE
216 SYNTAX SEQUENCE OF EventHdlrElementEntry
220 "The eventHdlrElementTable specifies a single eventHdlr
221 element's scope via a reference to a group of filters and
222 the context data type and encapsulation meta-information
223 that the PEP needs to send an event notification to the
226 ::= { eventHdlrClasses 2 }
228 eventHdlrElementEntry OBJECT-TYPE
229 SYNTAX EventHdlrElementEntry
233 PIB-INDEX { eventHdlrElementId }
234 UNIQUENESS { eventHdlrElementEventCriteria,
235 eventHdlrElementGrpId,
236 eventHdlrElementEventScope,
237 eventHdlrElementHandleScope,
238 eventHdlrElementContext,
239 eventHdlrElementMatchNext
242 ::= { eventHdlrElementTable 1}
244 EventHdlrElementEntry ::= SEQUENCE {
245 eventHdlrElementId InstanceId,
246 eventHdlrElementEventCriteria INTEGER,
247 eventHdlrElementGrpId TagId,
248 eventHdlrElementEventScope TagReferenceId,
249 eventHdlrElementHandleScope TagReferenceId,
250 eventHdlrElementContext TagReferenceId,
251 eventHdlrElementMatchNext Prid
254 eventHdlrElementId OBJECT-TYPE
258 "An arbitrary integer index that uniquely identifies
259 an instance of the eventHdlrElementTable class."
261 ::= { eventHdlrElementEntry 1}
263 eventHdlrElementEventCriteria OBJECT-TYPE
271 "Indicates when an event is generated. Valid options are
272 one_time, every_time and on_change. This attribute allows
273 event Handlers to distinguish one time events (ignore
274 after the first match) from recurring events (generate an
275 event every time a match occurs). A enum type was also
276 define to specify that a new event should be generated
277 when a specific set of fields change. This is important
278 for protocols like RSVP because messages are sent both to
279 demonstrate that the reservation is active and to notify
280 hops of changes to reservations. Since only changes need
281 to propagate to the PDP, the on_change option indicates
282 that that events should be generated selectively.
284 This criteria controls behavior of both, the EventScope
285 and the HandleScope."
287 ::= { eventHdlrElementEntry 2}
289 eventHdlrElementGrpId OBJECT-TYPE
290 SYNTAX TagId -- corresponding Tag Reference in
294 "Group identifier. All instances with the same group
295 identifier belong to one group and can be referenced
296 collectively from an eventHandler instance."
298 ::= { eventHdlrElementEntry 3}
300 eventHdlrElementEventScope OBJECT-TYPE
301 SYNTAX TagReferenceId
302 PIB-TAG { eventHdlrEventScopeGroup }
305 "Identifies a group of eventHdlrEventScope entries
306 associated with this eventHdlrElement instance."
308 ::= { eventHdlrElementEntry 4}
310 eventHdlrElementHandleScope OBJECT-TYPE
311 SYNTAX TagReferenceId
312 PIB-TAG { eventHdlrHandleScopeGroup }
315 "Identifies a group of eventHdlrHandleScope entries
316 associated with this eventHdlrElement instance. This is
317 an optional attribute. If it is not present the
318 semantics of the Handle processing is interpreted as
319 identical to the Event Scope handling specified in the
322 ::= { eventHdlrElementEntry 5}
324 eventHdlrElementContext OBJECT-TYPE
325 SYNTAX TagReferenceId
326 PIB-TAG { contextDataGroup }
329 "Identifies a list of ContextDataTable entries
330 associated with this eventHdlrElement instance."
332 ::= { eventHdlrElementEntry 6}
334 eventHdlrElementMatchNext OBJECT-TYPE
338 "The data path for traffic in scope."
340 ::= { eventHdlrElementEntry 7}
344 -- EventHdlrEventScope Table
346 -- This PRC defines the scope of an event handler element using
347 -- references to filters defined in the Framework PIB or in some
348 -- other PIBs. These filters may describe specific protocol
349 -- properties for which events need to be generated. These filter
350 -- references are grouped using a TagId, and this group is then
351 -- referenced from the eventHdlrElement PRC.
353 eventHdlrEventScopeTable OBJECT-TYPE
354 SYNTAX SEQUENCE OF EventHdlrEventScopeEntry
358 "This class defines the criteria to be used for
359 partitioning various portions of traffic."
361 ::= { eventHdlrClasses 3 }
363 eventHdlrEventScopeEntry OBJECT-TYPE
364 SYNTAX EventHdlrEventScopeEntry
367 "An instance of this class defines an individual criterion
368 to be used towards generating an event."
369 PIB-INDEX { eventHdlrEventScopeId }
370 UNIQUENESS { eventHdlrEventScopeGroup,
371 eventHdlrEventScopeFilter
374 ::= { eventHdlrEventScopeTable 1}
376 EventHdlrEventScopeEntry::= SEQUENCE {
377 eventHdlrEventScopeId InstanceId,
378 eventHdlrEventScopeGroup TagId,
379 eventHdlrEventScopeFilter Prid,
380 eventHdlrEventScopePrecedence INTEGER,
381 eventHdlrEventScopeChangeFlag TruthValue
384 eventHdlrEventScopeId OBJECT-TYPE
388 "An arbitrary integer index that uniquely identifies an
389 instance of the eventHdlrEventScopeTable class."
391 ::= { eventHdlrEventScopeEntry 1}
393 eventHdlrEventScopeGroup OBJECT-TYPE
394 SYNTAX TagId -- corresponding TagReference
395 -- defined in eventHdlrElementEntry
398 "Represents the binding between the eventHdlrElementEntry
399 and the eventHdlrEventScope entries. A group of
400 eventHdlrEventScope entries constitutes the criteria for
401 partitioning various portions of traffic."
403 ::= { eventHdlrEventScopeEntry 2}
405 eventHdlrEventScopeFilter OBJECT-TYPE
409 "Pointer to a filter to be used as the criteria."
410 ::= { eventHdlrEventScopeEntry 3}
412 eventHdlrEventScopePrecedence OBJECT-TYPE
416 "Represents the precedence of this criterion with respect
417 to other criteria within the same group. When the
418 precedence is unique, the instance represents an
419 alternative criteria (an ORing function). When the
420 precedence for two or more instances of the
421 eventHdlrEventScope class is the same, the attributes
422 within all the instances are treated collectively as a
423 single filter criteria with the following rules:
424 1. If the filters are not of the same type, the filters
425 are ANDed as a whole eg (RSVP and IP)
426 2. If the filter types are the same, the attribute values
427 are ORed and the attributes themselves are ANDed,
428 for example, two IP filters with src protocol values
429 56 and 57 respectively and dst protocol values 20 and
430 25 , would be treated as the condition (src port (56
431 or 57) AND dst port (20 or 25)."
433 ::= { eventHdlrEventScopeEntry 4}
435 eventHdlrEventScopeChangeFlag OBJECT-TYPE
439 "Boolean value, if set to 'true' indicates that a new
440 event should be generated if any of the assigned fields in
441 the associated filter change."
443 ::= { eventHdlrEventScopeEntry 5}
448 -- EventHdlrHandleScope Table
450 -- This PRC defines the scope of request handles generated by the
451 -- PEP due to events caught by the event handler element. Each
452 -- instance of this PRC references filters defined in the
453 -- Framework PIB or some other signaling-protocol specific filter
454 -- PRCs. These filters may describe specific protocol properties
455 -- to which this event handler is sensitive. Essentially this
456 -- table defines when a new COPS RequestHandle must be created by
457 -- the PEP based on protocol properties. The event handler may be
458 -- set up to be sensitive to specific field values and/or the
459 -- uniqueness of a set of values considered together. This
460 -- accommodates various behaviors of signaling protocols. These
461 -- filters references are grouped using a TagId, and this group
462 -- is then referenced from the eventHdlrElement PRC via the
463 -- eventHdlrElementHandleScope TagReference.
465 eventHdlrHandleScopeTable OBJECT-TYPE
466 SYNTAX SEQUENCE OF EventHdlrHandleScopeEntry
470 "This class defines the criteria to be used for
471 deciding whether to create a new COPS RequestHandle for
472 an event or to use an existing Handle."
474 ::= { eventHdlrClasses 4 }
476 eventHdlrHandleScopeEntry OBJECT-TYPE
477 SYNTAX EventHdlrHandleScopeEntry
480 "An instance of this class defines an individual criterion
481 to be used towards deciding when to create a new Handle."
482 PIB-INDEX { eventHdlrHandleScopeId }
483 UNIQUENESS { eventHdlrHandleScopeGroup,
484 eventHdlrHandleScopeFilter
487 ::= { eventHdlrHandleScopeTable 1}
489 EventHdlrHandleScopeEntry::= SEQUENCE {
490 eventHdlrHandleScopeId InstanceId,
491 eventHdlrHandleScopeGroup TagId,
492 eventHdlrHandleScopeFilter Prid,
493 eventHdlrHandleScopePrecedence INTEGER,
494 eventHdlrHandleScopeChangeFlag TruthValue
497 eventHdlrHandleScopeId OBJECT-TYPE
501 "An arbitrary integer index that uniquely identifies an
502 instance of the eventHdlrHandleScopeTable class."
504 ::= { eventHdlrHandleScopeEntry 1}
506 eventHdlrHandleScopeGroup OBJECT-TYPE
507 SYNTAX TagId -- corresponding TagReference
508 -- defined in eventHdlrElementEntry
511 "Represents the binding between the eventHdlrElementEntry
512 and the eventHdlrHandleScope entries. A group of
513 eventHdlrHandleScope entries constitutes the criteria for
514 defining the scope of the Handles generated."
516 ::= { eventHdlrHandleScopeEntry 2}
518 eventHdlrHandleScopeFilter OBJECT-TYPE
522 "Pointer to a filter to be used as the criteria."
523 ::= { eventHdlrHandleScopeEntry 3}
525 eventHdlrHandleScopePrecedence OBJECT-TYPE
529 "Represents the precedence of this criterion with respect
530 to other criteria within the same group. When the
531 precedence is unique, the instance represents an
532 alternative criteria (an ORing function). When the
533 precedence for two or more instances of the
534 eventHdlrHandleScope class is the same, the attributes
535 within all the instances are treated collectively as a
536 single filter criteria."
538 ::= { eventHdlrHandleScopeEntry 4}
541 eventHdlrHandleScopeChangeFlag OBJECT-TYPE
545 "Boolean value, if set to 'true' indicates that a new
546 Handle should be generated to send the event request if
547 any of the assigned fields in the associated filter
550 ::= { eventHdlrHandleScopeEntry 5}
555 -- EventHdlrAuthProtocol Table
557 -- This PRC specifies the Auth Mechanism to use in the Access
558 -- request when a data path Event Handler is configured to
559 -- catch access events.
562 eventHdlrAuthProtocolTable OBJECT-TYPE
563 SYNTAX SEQUENCE OF EventHdlrAuthProtocolEntry
567 "This class lists the authentication protocols that can
568 be used for an access request."
570 ::= { eventHdlrClasses 5 }
572 eventHdlrAuthProtocolEntry OBJECT-TYPE
573 SYNTAX EventHdlrAuthProtocolEntry
576 "An instance of this class describes an authentication
577 protocol that may be used for an access request. Instances
578 of this class that share the same TagId value collectively
579 constitute a list of authentication protocols that may be
580 used for a given access request"
581 PIB-INDEX { eventHdlrAuthProtocolId }
582 UNIQUENESS { eventHdlrAuthProtocolGroup,
583 eventHdlrAuthProtocolAuthMechanism
586 ::= { eventHdlrAuthProtocolTable 1}
588 EventHdlrAuthProtocolEntry::= SEQUENCE {
589 eventHdlrAuthProtocolId InstanceId,
590 eventHdlrAuthProtocolGroup TagId,
591 eventHdlrAuthProtocolAuthMechanism INTEGER
594 eventHdlrAuthProtocolId OBJECT-TYPE
598 "An arbitrary integer index that uniquely identifies an
599 instance of the ContextDataTable class."
601 ::= { eventHdlrAuthProtocolEntry 1}
603 eventHdlrAuthProtocolGroup OBJECT-TYPE
604 SYNTAX TagId -- corresponding TagReference
605 -- in datapathEventHdlrEntry
608 "Represents a binding between an datapathEventHdlrTable
609 instance and a list of eventHdlrAuthProtocolTable
612 ::= { eventHdlrAuthProtocolEntry 2}
614 eventHdlrAuthProtocolAuthMechanism OBJECT-TYPE
623 "The authentication protocol that may be used for an
625 ::= { eventHdlrAuthProtocolEntry 3}
629 -- DataPath Event Handler Table
631 -- This PRC is an extension of the EventHandler PRC. This
632 -- extension illustrates the use of the EventHandler PRC
633 -- concept for authentication usage. Instances of this PRC are
634 -- provisioned by the PDP on the PEP to catch specific access
635 -- events. This PRC references a group of
636 -- eventHdlrAuthProtocol instances which define a set of
637 -- Authentication mechanisms to use if an access event is
638 -- caught by this event Handler. From its base class (Event
639 -- Handler) this PRC also references a group of
640 -- eventHdlrElement PRIs that contain the scope of the
641 -- access event and specify the context data to send to the
642 -- PDP when an access event is caught.
644 datapathEventHdlrTable OBJECT-TYPE
645 SYNTAX SEQUENCE OF DatapathEventHdlrEntry
649 "The datapathEventHdlrTable specifies for what access
650 events the PEP should send an access request to the PDP.
651 As a result of this access request, the PEP may send
652 configuration changes to the PEP or specific policies for
653 specific users. An instance of this class defines the
654 circumstances for generating an access request, and
655 provides the means for specifying the authentication
656 mechanisms and contents of the PEP Request. Hence, the
657 datapathEventHdlrTable can be said to create eventTable
658 entries for user access. "
660 ::= { eventHdlrClasses 6 }
662 datapathEventHdlrEntry OBJECT-TYPE
663 SYNTAX DatapathEventHdlrEntry
666 "dataPathEventHdlrTable entry."
667 EXTENDS { eventHandlerEntry }
668 UNIQUENESS { eventHandlerElements,
669 eventHandlerNonMatchNext,
670 datapathEventHdlrRequestAuth
673 ::= { datapathEventHdlrTable 1}
675 DatapathEventHdlrEntry ::= SEQUENCE {
676 datapathEventHdlrRequestAuth TruthValue,
677 datapathEventHdlrAuthProtocol TagReferenceId
680 datapathEventHdlrRequestAuth OBJECT-TYPE
684 "Boolean flag, if set to 'true' requires authentication
685 data to be sent in the request sent to the PDP with the
688 ::= { datapathEventHdlrEntry 1}
691 datapathEventHdlrAuthProtocol OBJECT-TYPE
692 SYNTAX TagReferenceId
693 PIB-TAG { eventHdlrAuthProtocolGroup }
696 "References a group of eventHdlrAuthProtocol instances,
697 each of which specifies an authentication mechanism."
699 ::= { datapathEventHdlrEntry 2}
706 -- This PRC specifies the context information to send to the PDP
707 -- when an event is caught. The context information to send is
708 -- described in terms of the PRC data types to include in the
709 -- request, the level of encapsulated data and the interface
710 -- information for that request.
713 contextDataTable OBJECT-TYPE
714 SYNTAX SEQUENCE OF ContextDataEntry
718 "This class points to the context information to be
719 included with a request."
721 ::= { contextClasses 1 }
723 contextDataEntry OBJECT-TYPE
724 SYNTAX ContextDataEntry
727 "An instance of this class contains the type description
728 (the assigned OID) of the class which needs to be filled
729 in by the PEP and included with a PEP request."
730 PIB-INDEX { contextDataId }
733 ::= { contextDataTable 1}
735 ContextDataEntry::= SEQUENCE {
736 contextDataId InstanceId,
737 contextDataGroup TagId,
738 contextDataIfElement PrcIdentifierOid,
739 contextDataEncapsulation INTEGER
742 contextDataId OBJECT-TYPE
746 "An arbitrary integer index that uniquely identifies an
747 instance of the contextDataTable class."
749 ::= { contextDataEntry 1}
751 contextDataGroup OBJECT-TYPE
752 SYNTAX TagId --corresponding TagReference
753 --defined in eventHdlrElement
756 "Defines the grouping of contextData instances
757 that are applicable to a given eventHdlrElement. When
758 instances of this PRC are sent to the PEP without the
759 event Handler information, this attribute is unused."
761 ::= { contextDataEntry 2}
764 contextDataIfElement OBJECT-TYPE
765 SYNTAX PrcIdentifierOid
768 "The OID of a class whose instance is to be included with
769 the PEP request or event-specific ContextData Response."
771 ::= { contextDataEntry 3}
773 contextDataEncapsulation OBJECT-TYPE
777 "This attribute allows one to distinguish between inner
778 and outer headers when there are multiple encapsulated
779 headers of the same type in a packet.
783 positive number 'n' means the 'n'th header starting
785 negative number 'n' means the 'n'th header starting from
788 ::= { contextDataEntry 4}
793 -- Layer 3 Header Data PRC
796 ctxtL3HdrTable OBJECT-TYPE
797 SYNTAX SEQUENCE OF CtxtL3HdrEntry
801 "An instance of this class is created by the PEP and
802 sent to the PDP to provide the PDP with information it
803 requested in the ContextData PRC. The PDP uses
804 this PRC to make Authentication/Provisioning
807 ::= { contextClasses 2 }
809 ctxtL3HdrEntry OBJECT-TYPE
810 SYNTAX CtxtL3HdrEntry
813 "An instance of the ctxtL3HdrTable PRC."
815 PIB-INDEX { ctxtL3HdrId }
818 ::= { ctxtL3HdrTable 1 }
820 CtxtL3HdrEntry::= SEQUENCE {
821 ctxtL3HdrId InstanceId,
822 ctxtL3HdrSrcAddrType InetAddressType,
823 ctxtL3HdrSrcAddr InetAddress,
824 ctxtL3HdrDstAddrType InetAddressType,
825 ctxtL3HdrDstAddr InetAddress,
826 ctxtL3HdrProtocol Unsigned32,
827 ctxtL3HdrSrcPort Unsigned32,
828 ctxtL3HdrDstPort Unsigned32,
829 ctxtL3HdrDscp Unsigned32,
830 ctxtL3HdrEcn TruthValue,
831 ctxtL3HdrIpOpt OCTET STRING,
832 ctxtL3HdrEncap Integer32
835 ctxtL3HdrId OBJECT-TYPE
839 "An index to uniquely identify an instance of this
842 ::= { ctxtL3HdrEntry 1 }
844 ctxtL3HdrSrcAddrType OBJECT-TYPE
845 SYNTAX InetAddressType
848 "The address type enumeration value [INETADDR] to specify
849 the type of the packet's source L3 address)."
851 ::= { ctxtL3HdrEntry 2 }
853 ctxtL3HdrSrcAddr OBJECT-TYPE
857 " The packet's source L3 address."
859 ::= { ctxtL3HdrEntry 3 }
861 ctxtL3HdrDstAddrType OBJECT-TYPE
862 SYNTAX InetAddressType
865 "The address type enumeration value [INETADDR] to specify
866 the type of the packet's destination L3 address."
868 ::= { ctxtL3HdrEntry 4 }
871 ctxtL3HdrDstAddr OBJECT-TYPE
875 "The packet's destination L3 address."
877 ::= { ctxtL3HdrEntry 5 }
880 ctxtL3HdrProtocol OBJECT-TYPE
884 "The packet's protocol field."
886 ::= { ctxtL3HdrEntry 6 }
888 ctxtL3HdrSrcPort OBJECT-TYPE
892 "This attribute binds an existing upstream session to
893 this session instance."
895 ::= { ctxtL3HdrEntry 7 }
897 ctxtL3HdrDstPort OBJECT-TYPE
901 "This attribute binds an existing upstream session to
902 this session instance."
904 ::= { ctxtL3HdrEntry 8 }
906 ctxtL3HdrDscp OBJECT-TYPE
910 "DiffServ CodePoint."
912 ::= { ctxtL3HdrEntry 9 }
914 ctxtL3HdrEcn OBJECT-TYPE
918 "PEP sets this attribute to true(1) if ECN capable."
920 ::= { ctxtL3HdrEntry 10 }
922 ctxtL3HdrIpOpt OBJECT-TYPE
926 "IP Options field in the packet."
928 ::= { ctxtL3HdrEntry 11 }
930 ctxtL3HdrEncap OBJECT-TYPE
934 "This attribute specifies which encapsulated header is
935 being described. The sign on this value will be the same
936 as the value specified in the ContextData
937 instance that requested this header. If the original
938 ContextData instance specified a
939 ContextDataEncapsulation value of zero (meaning
940 return all headers), then all instances of this attribute
941 MUST be expressed as positive numbers.
945 positive number 'n' means the 'n'th header starting
947 negative number 'n' means the 'n'th header starting from
950 ::= { ctxtL3HdrEntry 12 }
954 -- 802.1 Header Data PRC
957 ctxt802HdrTable OBJECT-TYPE
958 SYNTAX SEQUENCE OF Ctxt802HdrEntry
962 "An instance of this class is created by the PEP and sent
963 to the PDP to provide the PDP with information it
964 requested in the ContextData PRC. The PDP uses this PRC
965 to make Authorization/Provisioning decisions."
967 ::= { contextClasses 3 }
969 ctxt802HdrEntry OBJECT-TYPE
970 SYNTAX Ctxt802HdrEntry
973 "An instance of the ctxt802HdrTable PRC."
975 PIB-INDEX { ctxt802HdrId }
978 ::= { ctxt802HdrTable 1 }
980 Ctxt802HdrEntry::= SEQUENCE {
981 ctxt802HdrId InstanceId,
982 ctxt802HdrSrcAddr PhysAddress,
983 ctxt802HdrDstAddr PhysAddress,
984 ctxt802HdrProtocol Unsigned32,
985 ctxt802HdrPriority Unsigned32,
986 ctxt802HdrVlan Unsigned32,
987 ctxt802HdrEncap Integer32
990 ctxt802HdrId OBJECT-TYPE
994 "An index to uniquely identify an instance of this
997 ::= { ctxt802HdrEntry 1 }
1000 ctxt802HdrSrcAddr OBJECT-TYPE
1004 " The packet's source MAC address."
1006 ::= { ctxt802HdrEntry 2 }
1008 ctxt802HdrDstAddr OBJECT-TYPE
1012 "The packet's destination MAC address."
1014 ::= { ctxt802HdrEntry 3 }
1017 ctxt802HdrProtocol OBJECT-TYPE
1018 SYNTAX Unsigned32 (0..'ffff'h)
1021 "The L2 packet's protocol field."
1023 ::= { ctxt802HdrEntry 4 }
1026 ctxt802HdrPriority OBJECT-TYPE
1027 SYNTAX Unsigned32 (0..7)
1030 "The L2 packet's priority field. This attribute is only
1031 valid for packets using the 802.1q header extension."
1033 ::= { ctxt802HdrEntry 5 }
1035 ctxt802HdrVlan OBJECT-TYPE
1036 SYNTAX Unsigned32 (1..4094)
1039 "The L2 packet's VLAN field. This attribute is only valid
1040 for packets using the 802.1q header extension."
1042 ::= { ctxt802HdrEntry 6 }
1044 ctxt802HdrEncap OBJECT-TYPE
1048 "This attribute specifies which encapsulated header is
1049 being described. The sign on this value will be the same
1050 as the value specified in the ContextData
1051 instance that requested this header. If the original
1052 ContextData instance specified an
1053 ContextDataEncapsulation value of zero (meaning
1054 return all headers), then all instances of this attribute
1055 MUST be expressed as positive numbers.
1058 positive number 'n' means the 'n'th header starting
1060 negative number 'n' means the 'n'th header starting from
1063 ::= { ctxt802HdrEntry 7 }
1067 -- CtxtDialupInterface Table
1070 ctxtDialupInterfaceTable OBJECT-TYPE
1071 SYNTAX SEQUENCE OF CtxtDialupInterfaceEntry
1075 "Dialup Interface context data."
1077 ::= { contextClasses 4 }
1079 ctxtDialupInterfaceEntry OBJECT-TYPE
1080 SYNTAX CtxtDialupInterfaceEntry
1083 "Entry oid of the ctxtDialupInterfaceTable PRC."
1085 PIB-INDEX { ctxtDialupInterfaceId }
1088 ::= { ctxtDialupInterfaceTable 1 }
1090 CtxtDialupInterfaceEntry::= SEQUENCE {
1091 ctxtDialupInterfaceId InstanceId,
1092 ctxtDialupInterfaceNASPort Integer32,
1093 ctxtDialupInterfaceNASPortId OCTET STRING,
1094 ctxtDialupInterfaceNASPortType INTEGER,
1095 ctxtDialupInterfaceCalledStationId OCTET STRING,
1096 ctxtDialupInterfaceCallingStationId OCTET STRING,
1097 ctxtDialupInterfaceConnectInfo OCTET STRING
1100 ctxtDialupInterfaceId OBJECT-TYPE
1104 "An index to uniquely identify an instance of this
1105 provisioning class."
1107 ::= { ctxtDialupInterfaceEntry 1 }
1110 ctxtDialupInterfaceNASPort OBJECT-TYPE
1114 "This Attribute indicates the physical port number of the
1115 NAS which is authenticating the user. It is only used in
1116 Access-Request packets. Note that this is using 'port'
1117 in its sense of a physical connection on the NAS, not in
1118 the sense of a TCP or UDP port number."
1120 ::= { ctxtDialupInterfaceEntry 2 }
1123 ctxtDialupInterfaceNASPortId OBJECT-TYPE
1127 "This Attribute contains a text string which identifies
1128 the port of the NAS which is authenticating the user. It
1129 is only used in Access-Request and Accounting-Request
1130 packets. Note that this is using 'port' in its sense of
1131 a physical connection on the NAS, not in the sense of a
1132 TCP or UDP port number. "
1134 ::= { ctxtDialupInterfaceEntry 3 }
1136 ctxtDialupInterfaceNASPortType OBJECT-TYPE
1142 radIsdnAsyncV120(3),
1143 radIsdnAsyncV110(4),
1146 radHdlcClearChannel(7),
1157 radWirelessOther(18),
1158 radWirelessIEEE80211(19)
1162 "This Attribute indicates the type of the physical port
1163 of the NAS which is authenticating the user. It can be
1164 used instead of or in addition to the radNasPort (5)
1165 attribute. It is only used in Access-Request packets.
1166 Either radNasPort (5) or radNasPortType or both SHOULD be
1167 present in an Access-Request packet, if the NAS
1168 differentiates among its ports.
1170 A value of 'radAsync(0)' indicates Async.
1172 A value of 'radSync(1)' indicates Sync.
1174 A value of 'radIsdnSync(2)' indicates ISDN Sync.
1176 A value of 'radIsdnAsyncV120(3)' indicates ISDN
1179 A value of 'radIsdnAsyncV110(4)' indicates ISDN
1182 A value of 'radVirtual(5)' indicates Virtual.
1183 Virtual refers to a connection to the NAS via some
1184 transport protocol, instead of through a physical
1185 port. For example, if a user telnetted into a NAS to
1186 authenticate himself as an Outbound-User, the
1187 Access-Request might include radNasPortType =
1188 Virtual as a hint to the RADIUS server that the user
1189 was not on a physical port.
1191 A value of 'radPIAFS(6)' indicates PIAFS. PIAFS is a
1192 form of wireless ISDN commonly used in Japan, and
1193 stands for PHS (Personal Handyphone System) Internet
1194 Access Forum Standard (PIAFS).
1196 A value of 'radHdlcClearChannel(7)' indicates HDLC
1199 A value of 'radX25(8)' indicates X.25.
1201 A value of 'radX75(9)' indicates X.75.
1203 A value of 'radG3Fax(10)' indicates G.3 Fax.
1205 A value of 'radSDSL(11)' indicates SDSL Symmetric
1208 A value of 'radAdslCAP(12)' indicates ADSL-CAP -
1209 Asymmetric DSL, Carrierless Amplitude Phase
1212 A value of 'radAdslDMT(13)' indicates ADSL-DMT -
1213 Asymmetric DSL, Discrete Multi-Tone.
1215 A value of 'radIdsl(14)' indicates IDSL ISDN
1216 Digital Subscriber Line.
1218 A value of 'radEthernet(15)' indicates Ethernet.
1220 A value of 'radXdsl(16)' indicates xDSL - Digital
1221 Subscriber Line of unknown type.
1223 A value of 'radCable(17)' indicates Cable.
1225 A value of 'radWirelessOther(18)' indicates Wireless
1228 A value of 'radWirelessIEEE80211(19)' indicates
1229 Wireless - IEEE 802.11."
1230 ::= { ctxtDialupInterfaceEntry 4 }
1233 ctxtDialupInterfaceCalledStationId OBJECT-TYPE
1237 "This Attribute allows the NAS to send in the Access-
1238 Request packet the phone number that the user called,
1239 using Dialed Number Identification (DNIS) or similar
1240 technology. Note that this may be different from the
1241 phone number the call comes in on. It is only used in
1242 Access-Request packets. "
1243 ::= { ctxtDialupInterfaceEntry 5 }
1245 ctxtDialupInterfaceCallingStationId OBJECT-TYPE
1249 "This Attribute allows the NAS to send in the Access-
1250 Request packet the phone number that the user is calling
1251 from, using Dialed Number Identification (DNIS) or
1252 similar technology. Note that this may be different from
1253 the phone number called. It is only used in
1254 Access-Request packets. "
1255 ::= { ctxtDialupInterfaceEntry 6 }
1257 ctxtDialupInterfaceConnectInfo OBJECT-TYPE
1261 "This Attribute allows the NAS to send in the Access-
1262 Request packet the phone number that the call came from,
1263 using Automatic Number Identification (ANI) or similar
1264 technology. It is only used in Access-Request packets."
1265 ::= { ctxtDialupInterfaceEntry 7 }
1271 --- CtxtDialupInterfaceFramedProtocol Table
1274 ctxtDialupIfFramedProtocolTable OBJECT-TYPE
1275 SYNTAX SEQUENCE OF CtxtDialupIfFramedProtocolEntry
1281 ::= { contextClasses 5 }
1283 ctxtDialupIfFramedProtocolEntry OBJECT-TYPE
1284 SYNTAX CtxtDialupIfFramedProtocolEntry
1287 "Entry oid of the ctxtDialupIfFramedProtocolTable PRC."
1289 PIB-INDEX { ctxtDialupIfFramedProtocolId }
1292 ::= { ctxtDialupIfFramedProtocolTable 1 }
1294 CtxtDialupIfFramedProtocolEntry ::= SEQUENCE {
1295 ctxtDialupIfFramedProtocolId InstanceId,
1296 ctxtDialupIfFramedProtocolProt INTEGER,
1297 ctxtDialupIfFramedProtocolMTU Integer32,
1298 ctxtDialupIfFramedProtocolCompression INTEGER,
1299 ctxtDialupIfFramedProtocolPortLimit Unsigned32,
1300 ctxtDialupIfFramedProtocolIpAddress InetAddress,
1301 ctxtDialupIfFramedProtocolIpNetmask InetAddress
1304 ctxtDialupIfFramedProtocolId OBJECT-TYPE
1308 "An index to uniquely identify an instance of this
1309 provisioning class."
1311 ::= { ctxtDialupIfFramedProtocolEntry 1 }
1314 ctxtDialupIfFramedProtocolProt OBJECT-TYPE
1321 radX75Synchronous(6)
1325 "This Attribute indicates the framing to be used for
1326 framed access. It MAY be used in both Access-Request and
1327 Access-Accept packets.
1329 A value of 'radPPP(1)' represents PPP.
1331 A value of 'radSLIP(2)' represents SLIP.
1333 A value of 'radARAP(3)' represents AppleTalk Remote
1334 Access Protocol (ARAP).
1336 A value of 'radGandalf(4)' represents Gandalf
1337 proprietary SingleLink/MultiLink protocol.
1339 A value of 'radXylogics(5)' represents Xylogics
1340 proprietary IPX/SLIP.
1342 A value of 'radX75Synchronous(6)' represents X.75
1345 ::= { ctxtDialupIfFramedProtocolEntry 2 }
1348 ctxtDialupIfFramedProtocolMTU OBJECT-TYPE
1352 "This Attribute indicates the Maximum Transmission Unit
1353 to be configured for the user, when it is not negotiated
1354 by some other means (such as PPP). It MAY be used in
1355 Access-Accept packets. It MAY be used in an Access-
1356 Request packet as a hint by the NAS to the server that it
1357 would prefer that value, but the server is not required
1360 ::= { ctxtDialupIfFramedProtocolEntry 3 }
1362 ctxtDialupIfFramedProtocolCompression OBJECT-TYPE
1371 "This Attribute indicates a compression protocol to be
1372 used for the link. It MAY be used in Access-Accept
1373 packets. It MAY be used in an Access-Request packet as a
1374 hint to the server that the NAS would prefer to use that
1375 compression, but the server is not required to honor the
1378 More than one compression protocol Attribute MAY be sent.
1379 It is the responsibility of the NAS to apply the proper
1380 compression protocol to appropriate link traffic.
1382 A value of 'radNone(0)' indicates None.
1384 A value of 'radVJ(1)' indicates VJ TCP/IP header
1387 A value of 'radIPXheader(2)' indicates IPX header
1390 A value of 'radStacLZS(3)' indicates Stac-LZS
1393 ::= { ctxtDialupIfFramedProtocolEntry 4 }
1396 ctxtDialupIfFramedProtocolPortLimit OBJECT-TYPE
1400 "This Attribute sets the maximum number of ports to be
1401 provided to the user by the NAS. This Attribute MAY be
1402 sent by the server to the client in an Access-Accept
1403 packet. It is intended for use in conjunction with
1404 Multilink PPP [10] or similar uses. It MAY also be sent
1405 by the NAS to the server as a hint that that many ports
1406 are desired for use, but the server is not required to
1409 ::= { ctxtDialupIfFramedProtocolEntry 5 }
1411 ctxtDialupIfFramedProtocolIpAddress OBJECT-TYPE
1415 "This Attribute indicates the address to be configured
1416 for the user. It MAY be used in Access-Accept packets.
1417 It MAY be used in an Access-Request packet as a hint by
1418 the NAS to the server that it would prefer that address,
1419 but the server is not required to honor the hint."
1421 ::= { ctxtDialupIfFramedProtocolEntry 6 }
1424 ctxtDialupIfFramedProtocolIpNetmask OBJECT-TYPE
1428 "This Attribute indicates the IP netmask to be configured
1429 for the user when the user is a router to a network. It
1430 MAY be used in Access-Accept packets. It MAY be used in
1431 an Access-Request packet as a hint by the NAS to the
1432 server that it would prefer that netmask, but the server
1433 is not required to honor the hint."
1435 ::= { ctxtDialupIfFramedProtocolEntry 7 }
1441 --- CtxtDialupIfLoginService Table
1444 ctxtDialupIfLoginServiceTable OBJECT-TYPE
1445 SYNTAX SEQUENCE OF CtxtDialupIfLoginServiceEntry
1451 ::= { contextClasses 6 }
1453 ctxtDialupIfLoginServiceEntry OBJECT-TYPE
1454 SYNTAX CtxtDialupIfLoginServiceEntry
1457 "Entry oid of the ctxtDialupIfLoginServiceTable PRC."
1459 PIB-INDEX { ctxtDialupIfLoginServiceId }
1462 ::= { ctxtDialupIfLoginServiceTable 1 }
1466 CtxtDialupIfLoginServiceEntry::= SEQUENCE {
1467 ctxtDialupIfLoginServiceId InstanceId,
1468 ctxtDialupIfLoginServiceIpHost InetAddress
1471 ctxtDialupIfLoginServiceId OBJECT-TYPE
1475 "An index to uniquely identify an instance of this
1476 provisioning class."
1478 ::= { ctxtDialupIfLoginServiceEntry 1 }
1481 ctxtDialupIfLoginServiceIpHost OBJECT-TYPE
1487 ::= { ctxtDialupIfLoginServiceEntry 2 }
1492 --- CtxtDialupIfLoginLat Table (Extends
1493 --- CtxtDialupIfLoginService)
1496 ctxtDialupIfLoginLatTable OBJECT-TYPE
1497 SYNTAX SEQUENCE OF CtxtDialupIfLoginLatEntry
1503 ::= { contextClasses 7 }
1505 ctxtDialupIfLoginLatEntry OBJECT-TYPE
1506 SYNTAX CtxtDialupIfLoginLatEntry
1509 "Entry oid of the ctxtDialupIfLoginLatTable PRC."
1510 EXTENDS { ctxtDialupIfLoginServiceEntry }
1513 ::= { ctxtDialupIfLoginLatTable 1 }
1516 CtxtDialupIfLoginLatEntry::= SEQUENCE {
1517 ctxtDialupIfLoginLatService OCTET STRING,
1518 ctxtDialupIfLoginLatNode OCTET STRING,
1519 ctxtDialupIfLoginLatGroup OCTET STRING,
1520 ctxtDialupIfLoginLatPort OCTET STRING
1524 ctxtDialupIfLoginLatService OBJECT-TYPE
1530 ::= { ctxtDialupIfLoginLatEntry 1 }
1532 ctxtDialupIfLoginLatNode OBJECT-TYPE
1538 ::= { ctxtDialupIfLoginLatEntry 2 }
1540 ctxtDialupIfLoginLatGroup OBJECT-TYPE
1546 ::= { ctxtDialupIfLoginLatEntry 3 }
1548 ctxtDialupIfLoginLatPort OBJECT-TYPE
1554 ::= { ctxtDialupIfLoginLatEntry 4 }
1560 -- The RSVP Filter table
1562 rsvpFilterTable OBJECT-TYPE
1563 SYNTAX SEQUENCE OF RsvpFilterEntry
1567 "RSVP specific filter table."
1569 ::= { filterClasses 1 }
1571 rsvpFilterEntry OBJECT-TYPE
1572 SYNTAX RsvpFilterEntry
1575 " RSVP specific filter table entry."
1577 PIB-INDEX { rsvpFilterId }
1580 ::= { rsvpFilterTable 1 }
1583 RsvpFilterEntry ::= SEQUENCE {
1584 rsvpFilterId InstanceId,
1585 rsvpFilterFlags OCTET STRING,
1586 rsvpFilterSendTTL Unsigned32,
1587 rsvpFilterDClassDscp Integer32,
1588 rsvpFilterSessionDestAddrType InetAddressType,
1589 rsvpFilterSessionDestAddr InetAddress,
1590 rsvpFilterSessionDestAddrMask Unsigned32,
1591 rsvpFilterSessionProtocol Integer32,
1592 rsvpFilterSessionDestPort Unsigned32,
1593 rsvpFilterSessionSrcAddrType InetAddressType,
1594 rsvpFilterSessionSrcAddr InetAddress,
1595 rsvpFilterSessionSrcAddrMask Unsigned32,
1596 rsvpFilterSessionSrcPort Unsigned32,
1597 rsvpFilterStyleValue OCTET STRING
1600 rsvpFilterId OBJECT-TYPE
1604 "An arbitrary integer index that uniquely identifies an
1605 instance of the class."
1606 ::= { rsvpFilterEntry 1 }
1608 rsvpFilterFlags OBJECT-TYPE
1612 "The Flags carried in the RSVP header. Currently all these
1613 flags should be set to zero."
1614 ::= { rsvpFilterEntry 2 }
1616 rsvpFilterSendTTL OBJECT-TYPE
1617 SYNTAX Unsigned32 (0..255)
1620 "The IP TTL value with which the message was sent."
1621 ::= { rsvpFilterEntry 3 }
1623 rsvpFilterDClassDscp OBJECT-TYPE
1624 SYNTAX Integer32 (-1| 0..63)
1627 "The DClass dscp value."
1628 ::= { rsvpFilterEntry 4 }
1630 rsvpFilterSessionDestAddrType OBJECT-TYPE
1631 SYNTAX InetAddressType
1634 "The address type enumeration value [INETADDR] to specify the
1635 type of the destination IP address."
1636 ::= { rsvpFilterEntry 5 }
1638 rsvpFilterSessionDestAddr OBJECT-TYPE
1642 "The destination IP address."
1643 ::= { rsvpFilterEntry 6 }
1645 rsvpFilterSessionDestAddrMask OBJECT-TYPE
1649 "The length of a mask for the matching of the destination IP
1651 ::= { rsvpFilterEntry 7 }
1653 rsvpFilterSessionProtocol OBJECT-TYPE
1654 SYNTAX Integer32 (-1 | 0..255)
1657 "The IP protocol to match against the packet's protocol. A
1658 value of -1 means match all."
1659 ::= { rsvpFilterEntry 8 }
1661 rsvpFilterSessionDestPort OBJECT-TYPE
1662 SYNTAX Unsigned32 (0..65535)
1665 "The packet's Layer 4 destination port."
1666 ::= { rsvpFilterEntry 9 }
1668 rsvpFilterSessionSrcAddrType OBJECT-TYPE
1669 SYNTAX InetAddressType
1672 "The address type enumeration value [INETADDR] to specify the
1673 type of the source IP address."
1674 ::= { rsvpFilterEntry 10 }
1676 rsvpFilterSessionSrcAddr OBJECT-TYPE
1680 "The source IP address."
1681 ::= { rsvpFilterEntry 11 }
1683 rsvpFilterSessionSrcAddrMask OBJECT-TYPE
1687 "The length of a mask for the matching of the source IP
1689 ::= { rsvpFilterEntry 12 }
1691 rsvpFilterSessionSrcPort OBJECT-TYPE
1692 SYNTAX Unsigned32 (0..65535)
1695 "The packet's Layer 4 source port."
1696 ::= { rsvpFilterEntry 13 }
1698 rsvpFilterStyleValue OBJECT-TYPE
1702 "The RSVP packet's Style value."
1703 ::= { rsvpFilterEntry 14 }
1707 -- RSVP Common Context Data
1710 ctxtRsvpTable OBJECT-TYPE
1711 SYNTAX SEQUENCE OF CtxtRsvpEntry
1717 ::= { contextClasses 8 }
1719 ctxtRsvpEntry OBJECT-TYPE
1720 SYNTAX CtxtRsvpEntry
1725 PIB-INDEX { ctxtRsvpId }
1728 ::= { ctxtRsvpTable 1 }
1730 CtxtRsvpEntry ::= SEQUENCE {
1731 ctxtRsvpId InstanceId,
1732 ctxtRsvpMsgType INTEGER,
1733 ctxtRsvpFlags OCTET STRING,
1734 ctxtRsvpSendTTL Unsigned32,
1735 ctxtRsvpInIntfId Unsigned32,
1736 ctxtRsvpInIntfAddrType InetAddressType,
1737 ctxtRsvpInIntfAddr InetAddress,
1738 ctxtRsvpOutIntfId Unsigned32,
1739 ctxtRsvpOutIntfAddrType InetAddressType,
1740 ctxtRsvpOutIntfAddr InetAddress
1743 ctxtRsvpId OBJECT-TYPE
1747 "An arbitrary integer index that uniquely identifies an
1748 instance of the class."
1749 ::= { ctxtRsvpEntry 1 }
1751 ctxtRsvpMsgType OBJECT-TYPE
1760 "The RSVP message type."
1761 ::= { ctxtRsvpEntry 2 }
1763 ctxtRsvpFlags OBJECT-TYPE
1767 "The RSVP flags contained in the message header. They are
1768 currently undefined and should be set to zero."
1769 ::= { ctxtRsvpEntry 3 }
1771 ctxtRsvpSendTTL OBJECT-TYPE
1772 SYNTAX Unsigned32 (0..255)
1776 ::= { ctxtRsvpEntry 4 }
1778 ctxtRsvpInIntfId OBJECT-TYPE
1783 ::= { ctxtRsvpEntry 5 }
1785 ctxtRsvpInIntfAddrType OBJECT-TYPE
1786 SYNTAX InetAddressType
1789 "The address type enumeration value [INETADDR] to specify the
1790 type of the In Interface IP address."
1791 ::= { ctxtRsvpEntry 6 }
1793 ctxtRsvpInIntfAddr OBJECT-TYPE
1797 "The In Interface IP address."
1798 ::= { ctxtRsvpEntry 7 }
1800 ctxtRsvpOutIntfId OBJECT-TYPE
1804 "The Out Interface Id."
1805 ::= { ctxtRsvpEntry 8 }
1807 ctxtRsvpOutIntfAddrType OBJECT-TYPE
1808 SYNTAX InetAddressType
1811 "The address type enumeration value [INETADDR] to specify the
1812 type of the Out Interface IP address."
1813 ::= { ctxtRsvpEntry 9 }
1815 ctxtRsvpOutIntfAddr OBJECT-TYPE
1819 "The Out Interface IP address."
1820 ::= { ctxtRsvpEntry 10 }
1824 -- RSVP Path Context Data
1826 ctxtRsvpPathTable OBJECT-TYPE
1827 SYNTAX SEQUENCE OF CtxtRsvpPathEntry
1833 ::= { contextClasses 9 }
1835 ctxtRsvpPathEntry OBJECT-TYPE
1836 SYNTAX CtxtRsvpPathEntry
1841 PIB-INDEX { ctxtRsvpPathId }
1844 ::= { ctxtRsvpPathTable 1 }
1846 CtxtRsvpPathEntry ::= SEQUENCE {
1847 ctxtRsvpPathId InstanceId,
1848 ctxtRsvpPathTokenRate Unsigned32
1851 ctxtRsvpPathId OBJECT-TYPE
1855 "An arbitrary integer index that uniquely identifies an
1856 instance of the class."
1857 ::= { ctxtRsvpPathEntry 1 }
1859 ctxtRsvpPathTokenRate OBJECT-TYPE
1863 "The token bucket rate for the TSPEC."
1864 ::= { ctxtRsvpPathEntry 2 }
1867 -- RSVP PathErr Context Data
1870 ctxtRsvpPathErrTable OBJECT-TYPE
1871 SYNTAX SEQUENCE OF CtxtRsvpPathErrEntry
1877 ::= { contextClasses 10 }
1879 ctxtRsvpPathErrEntry OBJECT-TYPE
1880 SYNTAX CtxtRsvpPathErrEntry
1885 PIB-INDEX { ctxtRsvpPathErrId }
1888 ::= { ctxtRsvpPathErrTable 1 }
1890 CtxtRsvpPathErrEntry ::= SEQUENCE {
1891 ctxtRsvpPathErrId InstanceId,
1892 ctxtRsvpPathErrTokenRate Unsigned32,
1893 ctxtRsvpPathErrErrorAddrType InetAddressType,
1894 ctxtRsvpPathErrErrorAddr InetAddress,
1895 ctxtRsvpPathErrErrorCode Unsigned32,
1896 ctxtRsvpPathErrErrorValue Unsigned32
1899 ctxtRsvpPathErrId OBJECT-TYPE
1903 "An arbitrary integer index that uniquely identifies an
1904 instance of the class."
1905 ::= { ctxtRsvpPathErrEntry 1 }
1907 ctxtRsvpPathErrTokenRate OBJECT-TYPE
1911 "The token bucket rate for the TSPEC."
1912 ::= { ctxtRsvpPathErrEntry 2 }
1914 ctxtRsvpPathErrErrorAddrType OBJECT-TYPE
1915 SYNTAX InetAddressType
1918 "The address type IP address in error."
1919 ::= { ctxtRsvpPathErrEntry 3 }
1921 ctxtRsvpPathErrErrorAddr OBJECT-TYPE
1925 "The Error IP address."
1926 ::= { ctxtRsvpPathErrEntry 4 }
1928 ctxtRsvpPathErrErrorCode OBJECT-TYPE
1932 "The RSVP error code."
1933 ::= { ctxtRsvpPathErrEntry 5 }
1935 ctxtRsvpPathErrErrorValue OBJECT-TYPE
1939 "The RSVP error value."
1940 ::= { ctxtRsvpPathErrEntry 6 }
1943 -- RSVP Resv Context Data
1946 ctxtRsvpResvTable OBJECT-TYPE
1947 SYNTAX SEQUENCE OF CtxtRsvpResvEntry
1953 ::= { contextClasses 11 }
1955 ctxtRsvpResvEntry OBJECT-TYPE
1956 SYNTAX CtxtRsvpResvEntry
1961 PIB-INDEX { ctxtRsvpResvId }
1964 ::= { ctxtRsvpResvTable 1 }
1966 CtxtRsvpResvEntry ::= SEQUENCE {
1967 ctxtRsvpResvId InstanceId,
1968 ctxtRsvpResvFSpecGrp TagReferenceId,
1969 ctxtRsvpResvSvcType INTEGER,
1970 ctxtRsvpResvTokenRate Unsigned32
1973 ctxtRsvpResvId OBJECT-TYPE
1977 "An arbitrary integer index that uniquely identifies an
1978 instance of the class."
1979 ::= { ctxtRsvpResvEntry 1 }
1981 ctxtRsvpResvFSpecGrp OBJECT-TYPE
1982 SYNTAX TagReferenceId
1983 PIB-TAG { ctxtRsvpFilterSpecTagId }
1986 "Identifies a group of Filter Spec entries."
1987 ::= { ctxtRsvpResvEntry 2 }
1989 ctxtRsvpResvSvcType OBJECT-TYPE
1996 "An enum describing the type of service."
1997 ::= { ctxtRsvpResvEntry 3 }
1999 ctxtRsvpResvTokenRate OBJECT-TYPE
2003 "The token bucket rate for the TSPEC."
2004 ::= { ctxtRsvpResvEntry 4 }
2007 -- RSVP ResvErr Context Data
2009 ctxtRsvpResvErrTable OBJECT-TYPE
2010 SYNTAX SEQUENCE OF CtxtRsvpResvErrEntry
2016 ::= { contextClasses 12 }
2018 ctxtRsvpResvErrEntry OBJECT-TYPE
2019 SYNTAX CtxtRsvpResvErrEntry
2024 PIB-INDEX { ctxtRsvpResvErrId }
2027 ::= { ctxtRsvpResvErrTable 1 }
2029 CtxtRsvpResvErrEntry ::= SEQUENCE {
2030 ctxtRsvpResvErrId InstanceId,
2031 ctxtRsvpResvErrFSpecGrp TagReferenceId,
2032 ctxtRsvpResvErrSvcType INTEGER,
2033 ctxtRsvpResvErrTokenRate Unsigned32,
2034 ctxtRsvpResvErrErrorAddrType InetAddressType,
2035 ctxtRsvpResvErrErrorAddr InetAddress,
2036 ctxtRsvpResvErrErrorCode Unsigned32,
2037 ctxtRsvpResvErrErrorValue Unsigned32
2040 ctxtRsvpResvErrId OBJECT-TYPE
2044 "An arbitrary integer index that uniquely identifies an
2045 instance of the class."
2046 ::= { ctxtRsvpResvErrEntry 1 }
2048 ctxtRsvpResvErrFSpecGrp OBJECT-TYPE
2049 SYNTAX TagReferenceId
2050 PIB-TAG { ctxtRsvpFilterSpecTagId }
2053 "Identifies a group of Filter Spec entries."
2054 ::= { ctxtRsvpResvErrEntry 2 }
2056 ctxtRsvpResvErrSvcType OBJECT-TYPE
2063 "An enum describing the type of service."
2064 ::= { ctxtRsvpResvErrEntry 3 }
2066 ctxtRsvpResvErrTokenRate OBJECT-TYPE
2070 "The token bucket rate for the TSPEC."
2071 ::= { ctxtRsvpResvErrEntry 4 }
2073 ctxtRsvpResvErrErrorAddrType OBJECT-TYPE
2074 SYNTAX InetAddressType
2077 "The address type IP address in error."
2078 ::= { ctxtRsvpResvErrEntry 5 }
2080 ctxtRsvpResvErrErrorAddr OBJECT-TYPE
2084 "The Error IP address."
2085 ::= { ctxtRsvpResvErrEntry 6 }
2087 ctxtRsvpResvErrErrorCode OBJECT-TYPE
2091 "The RSVP error code."
2092 ::= { ctxtRsvpResvErrEntry 7 }
2094 ctxtRsvpResvErrErrorValue OBJECT-TYPE
2098 "The RSVP error value."
2099 ::= { ctxtRsvpResvErrEntry 8 }
2102 -- RSVP Filter Spec Context Data
2105 ctxtRsvpFilterSpecTable OBJECT-TYPE
2106 SYNTAX SEQUENCE OF CtxtRsvpFilterSpecEntry
2112 ::= { contextClasses 13 }
2114 ctxtRsvpFilterSpecEntry OBJECT-TYPE
2115 SYNTAX CtxtRsvpFilterSpecEntry
2120 PIB-INDEX { ctxtRsvpFilterSpecId }
2123 ::= { ctxtRsvpFilterSpecTable 1 }
2125 CtxtRsvpFilterSpecEntry::= SEQUENCE {
2126 ctxtRsvpFilterSpecId InstanceId,
2127 ctxtRsvpFilterSpecTagId TagId,
2128 ctxtRsvpFilterSpecAddrType InetAddressType,
2129 ctxtRsvpFilterSpecAddr InetAddress,
2130 ctxtRsvpFilterSpecPort Unsigned32
2133 ctxtRsvpFilterSpecId OBJECT-TYPE
2137 "An arbitrary integer index that uniquely identifies an
2138 instance of the class."
2139 ::= { ctxtRsvpFilterSpecEntry 1 }
2141 ctxtRsvpFilterSpecTagId OBJECT-TYPE
2145 "Identifies the group of Filter Spec PRIs that this PRI
2147 ::= { ctxtRsvpFilterSpecEntry 2 }
2149 ctxtRsvpFilterSpecAddrType OBJECT-TYPE
2150 SYNTAX InetAddressType
2153 "The address type enumeration value [INETADDR] to specify the
2154 type of the IP address."
2155 ::= { ctxtRsvpFilterSpecEntry 3 }
2157 ctxtRsvpFilterSpecAddr OBJECT-TYPE
2161 "The Filter Spec IP address."
2162 ::= { ctxtRsvpFilterSpecEntry 4 }
2164 ctxtRsvpFilterSpecPort OBJECT-TYPE
2165 SYNTAX Unsigned32 (0..65535)
2168 "The packet's Layer 4 destination port."
2169 ::= { ctxtRsvpFilterSpecEntry 5 }
2173 -- Authentication Extension Tables
2177 -- AuthExtensions Base Table
2180 authExtTable OBJECT-TYPE
2181 SYNTAX SEQUENCE OF AuthExtEntry
2182 PIB-ACCESS install-notify
2185 "This is an abstract PRC. This PRC can be extended by
2186 authentication PRCs that contain attributes specific to
2187 that authentication protocol. An instance of the extended
2188 class is created by the PEP and sent to the PDP. The PDP
2189 may send information back to the PEP or may uses the
2190 information to authenticate the PEP's access request.
2191 This PRC itself should not be instantiated.
2193 This is a 'transient' class. Its instances are temporary
2194 and are deleted by the PEP after a certain time/event.
2195 Thus it must not be referred to by the server."
2197 ::= { authClasses 1 }
2199 authExtEntry OBJECT-TYPE
2203 "Entry oid for the AuthExtTable PRC."
2205 PIB-INDEX { authExtId }
2208 ::= { authExtTable 1 }
2210 AuthExtEntry ::= SEQUENCE {
2211 authExtId InstanceId
2214 authExtId OBJECT-TYPE
2218 "An index to uniquely identify an instance of the
2219 entended provisioning class."
2221 ::= { authExtEntry 1 }
2226 -- UserAuthExt Table
2229 userAuthExtTable OBJECT-TYPE
2230 SYNTAX SEQUENCE OF UserAuthExtEntry
2234 "This is a concrete PRC used to contain user
2235 authentication fields. This PRC extends the base PRC
2238 ::= { authClasses 2 }
2240 userAuthExtEntry OBJECT-TYPE
2241 SYNTAX UserAuthExtEntry
2244 "Entry for the UserAuthExtTable PRC. InstanceId's for
2245 this extended PRC are assigned by the base PRC AuthExt
2248 EXTENDS { authExtEntry }
2251 ::= { userAuthExtTable 1 }
2253 UserAuthExtEntry ::= SEQUENCE {
2254 userAuthExtRealm OCTET STRING,
2255 userAuthExtUsername OCTET STRING
2259 userAuthExtRealm OBJECT-TYPE
2263 "user realm octet string."
2265 ::= { userAuthExtEntry 1 }
2267 userAuthExtUsername OBJECT-TYPE
2271 "Username octet string."
2273 ::= { userAuthExtEntry 2 }
2279 -- AuthChapExt Table
2282 authChapExtTable OBJECT-TYPE
2283 SYNTAX SEQUENCE OF AuthChapExtEntry
2287 "This is a concrete PRC used to contain CHAP
2288 authentication fields. This PRC extends the PRC
2291 ::= { authClasses 3 }
2293 authChapExtEntry OBJECT-TYPE
2294 SYNTAX AuthChapExtEntry
2297 "Entry oid for the AuthChapExtTable PRC. InstanceId's for
2298 this extended PRC are assigned by the base PRC [SPPI]."
2300 EXTENDS { userAuthExtEntry }
2303 ::= { authChapExtTable 1 }
2305 AuthChapExtEntry::= SEQUENCE {
2306 authChapExtId Unsigned32,
2307 authChapExtChal OCTET STRING,
2308 authChapExtResp OCTET STRING
2311 authChapExtId OBJECT-TYPE
2317 ::= { authChapExtEntry 1 }
2319 authChapExtChal OBJECT-TYPE
2323 "CHAP Challenge octet string. The challenge is generated
2326 ::= { authChapExtEntry 2 }
2328 authChapExtResp OBJECT-TYPE
2332 "CHAP Challenge Response octet string. The challenge
2333 response is sent to the PDP along with the challenge."
2335 ::= { authChapExtEntry 3 }
2342 authPapExtTable OBJECT-TYPE
2343 SYNTAX SEQUENCE OF AuthPapExtEntry
2347 "This is a concrete PRC used to contain PAP
2348 authentication fields. This PRC extends the PRC
2351 ::= { authClasses 4 }
2353 authPapExtEntry OBJECT-TYPE
2354 SYNTAX AuthPapExtEntry
2357 "Entry oid for the AuthPapExtTable PRC. InstanceId's for
2358 this extended PRC are assigned by the base PRC [SPPI]."
2360 EXTENDS { userAuthExtEntry }
2363 ::= { authPapExtTable 1 }
2365 AuthPapExtEntry::= SEQUENCE {
2366 authPapExtPwd OCTET STRING
2369 authPapExtPwd OBJECT-TYPE
2373 "PAP password octet string."
2375 ::= { authPapExtEntry 1 }
2382 -- AuthExtResult Table
2385 authExtResultTable OBJECT-TYPE
2386 SYNTAX SEQUENCE OF AuthExtResultEntry
2390 "This is a concrete PRC used to contain authentication
2391 results. This PRC extends the base PRC authExtEntry."
2393 ::= { authClasses 5 }
2395 authExtResultEntry OBJECT-TYPE
2396 SYNTAX AuthExtResultEntry
2399 "Entry for the authExtResultTable PRC. InstanceId's for
2400 this extended PRC are assigned by the base PRC AuthExt
2403 EXTENDS { authExtEntry }
2406 ::= { authExtResultTable 1 }
2408 AuthExtResultEntry ::= SEQUENCE {
2409 authExtResultSuccess TruthValue
2413 authExtResultSuccess OBJECT-TYPE
2417 "Set to 'true' if authentication was successful, else
2420 ::= { authExtResultEntry 1 }
2424 -- AuthEapReqExt Table
2427 authEapReqExtTable OBJECT-TYPE
2428 SYNTAX SEQUENCE OF AuthEapReqExtEntry
2432 "This is a concrete PRC used to contain EAP
2433 authentication fields. This PRC extends the base PRC
2434 authExtEntry. The PEP uses this PRC to send EAP messages
2437 ::= { authClasses 6 }
2439 authEapReqExtEntry OBJECT-TYPE
2440 SYNTAX AuthEapReqExtEntry
2443 "Entry oid for the authEapReqExtTable PRC. InstanceId's
2444 for this extended PRC are assigned by the base PRC
2447 EXTENDS { authExtEntry }
2450 ::= { authEapReqExtTable 1 }
2452 AuthEapReqExtEntry::= SEQUENCE {
2453 authEapReqExtSpecific OCTET STRING
2456 authEapReqExtSpecific OBJECT-TYPE
2460 "Opaque EAP Request octet string."
2462 ::= { authEapReqExtEntry 1 }
2466 -- AuthEapRespExt Table
2469 authEapRespExtTable OBJECT-TYPE
2470 SYNTAX SEQUENCE OF AuthEapRespExtEntry
2474 "This is a concrete PRC used to contain EAP
2475 authentication fields. This PRC extends the base PRC
2476 authExtEntry. The PDP responds using this PRC for EAP
2479 ::= { authClasses 7 }
2481 authEapRespExtEntry OBJECT-TYPE
2482 SYNTAX AuthEapRespExtEntry
2485 "Entry oid for the authEapRespExtTable PRC. InstanceId's
2486 for this extended PRC are assigned by the base PRC
2489 EXTENDS { authExtEntry }
2492 ::= { authEapRespExtTable 1 }
2494 AuthEapRespExtEntry::= SEQUENCE {
2495 authEapRespExtSpecific OCTET STRING
2498 authEapRespExtSpecific OBJECT-TYPE
2502 "Opaque EAP Response octet string."
2504 ::= { authEapRespExtEntry 1 }
2508 -- conformance section tbd