Tech-invite3GPPspaceIETFspace
959493929190898887868584838281807978777675747372717069686766656463626160595857565554535251504948474645444342414039383736353433323130292827262524232221201918171615141312111009080706050403020100
in Index   Prev   Next

RFC 5833

Control and Provisioning of Wireless Access Points (CAPWAP) Protocol Base MIB

Pages: 73
Informational
Part 4 of 4 – Pages 55 to 73
First   Prev   None

Top   ToC   RFC5833 - Page 55   prevText
-- Notification Objects
capwapBaseNotifyVarObjects OBJECT IDENTIFIER
    ::= { capwapBaseObjects 5 }

capwapBaseNtfWtpId OBJECT-TYPE
    SYNTAX      CapwapBaseWtpIdTC
    MAX-ACCESS  accessible-for-notify
    STATUS      current
    DESCRIPTION
        "Represents the unique identifier of a WTP."
    ::= { capwapBaseNotifyVarObjects 1 }

capwapBaseNtfRadioId OBJECT-TYPE
    SYNTAX      CapwapBaseRadioIdTC
    MAX-ACCESS  accessible-for-notify
    STATUS      current
    DESCRIPTION
        "Represents the identifier of a PHY radio on a WTP, which is
         only required to be unique on a WTP.
         For example, WTP A and WTP B can use the same value of
         capwapBaseNtfRadioId for their first radio."
    REFERENCE
        "Section 4.3 of CAPWAP Protocol Specification, RFC 5415."
    ::= { capwapBaseNotifyVarObjects 2 }

capwapBaseNtfChannelType OBJECT-TYPE
    SYNTAX      CapwapBaseChannelTypeTC
    MAX-ACCESS  accessible-for-notify
    STATUS      current
    DESCRIPTION
        "Represents the channel type for the CAPWAP protocol."
    ::= { capwapBaseNotifyVarObjects 3 }

capwapBaseNtfAuthenMethod OBJECT-TYPE
    SYNTAX      CapwapBaseAuthenMethodTC
    MAX-ACCESS  accessible-for-notify
    STATUS      current
    DESCRIPTION
        "Represents the authentication method for the CAPWAP Channel."
    ::= { capwapBaseNotifyVarObjects 4 }

capwapBaseNtfChannelDownReason OBJECT-TYPE
    SYNTAX      INTEGER {
                  timeout(1),
                  rekeyFailure(2),
                  acRebootWtp(3),
                  dtlsError(4),
                  maxRetransmit(5)
Top   ToC   RFC5833 - Page 56
                }
    MAX-ACCESS  accessible-for-notify
    STATUS      current
    DESCRIPTION
        "Represents the reason the channel is down.
         The following enumerated values are supported:
           timeout(1)       - The keepalive timed out
           rekeyFailure(2)  - Rekey process failed; channel will be
                              broken
           acRebootWtp(3)   - The AC rebooted the WTP
           dtlsError(4)     - DTLS notifications: DTLSAborted,
                              DTLSReassemblyFailure, DTLSPeerDisconnect,
                              or frequent DTLSDecapFailure
           maxRetransmit(5) - The underlying reliable transport's
                              RetransmitCount counter has reached the
                              MaxRetransmit variable"
    ::= { capwapBaseNotifyVarObjects 5 }

capwapBaseNtfStationIdList OBJECT-TYPE
    SYNTAX      LongUtf8String (SIZE (6..1024))
    MAX-ACCESS  accessible-for-notify
    STATUS      current
    DESCRIPTION
        "Represents a list of station MAC addresses separated by
         semicolons."
    REFERENCE
        "Section 4.6.17 of CAPWAP Protocol Specification, RFC 5415."
    ::= { capwapBaseNotifyVarObjects 6 }

capwapBaseNtfAuthenFailureReason OBJECT-TYPE
    SYNTAX      INTEGER {
                  keyMismatch(1),
                  invalidCert(2),
                  reassemblyFailure(3),
                  decapFailure(4),
                  encapFailure(5),
                  timeout(6),
                  unknown(8)
                }
    MAX-ACCESS  accessible-for-notify
    STATUS      current
    DESCRIPTION
        "Represents the reason for WTP authorization failure.
         The following enumerated values are supported:
           keyMismatch(1)       - WTP's and AC's keys did not match
           invalidCert(2)       - Certification is not valid
           reassemblyFailure(3) - Fragment reassembly failure
           decapFailure(4)      - Decapsulation error
Top   ToC   RFC5833 - Page 57
           encapFailure(5)      - Encapsulation error
           timeout(6)           - WaitDTLS timer timeout
           unknown(8)           - Unknown reason"
    REFERENCE
        "Section 2.3.1 of CAPWAP Protocol Specification, RFC 5415."
    ::= { capwapBaseNotifyVarObjects 7 }

capwapBaseNtfRadioOperStatusFlag OBJECT-TYPE
    SYNTAX      INTEGER {
                  operable(0),
                  inoperable(1)
                }
    MAX-ACCESS  accessible-for-notify
    STATUS      current
    DESCRIPTION
        "Represents the operation status of a radio.
         The following enumerated values are supported:
           operable(0)   - The radio is operable
           inoperable(1) - The radio is inoperable, and the
                           capwapBaseNtfRadioStatusCause object
                           gives the reason in detail
         Note that the CAPWAP field [RFC5415] modeled by this
         object takes zero as starting value; this MIB object
         follows that rule."
    REFERENCE
        "Section 4.6.34 of CAPWAP Protocol Specification, RFC 5415."
    ::= { capwapBaseNotifyVarObjects 8 }

capwapBaseNtfRadioStatusCause OBJECT-TYPE
    SYNTAX      INTEGER {
                  normal(0),
                  hwError(1),
                  swError(2),
                  adminSet(3)
                }
    MAX-ACCESS  accessible-for-notify
    STATUS      current
    DESCRIPTION
        "Represents the reason why the radio is out of service.
         The following enumerated values are supported:
           normal(0)   - Normal status
           hwError(1)  - Radio failure
           swError(2)  - Software failure
           adminSet(3) - Administratively set
         Note that the CAPWAP field [RFC5415] modeled by this
         object takes zero as starting value; this MIB object
         follows that rule."
    REFERENCE
Top   ToC   RFC5833 - Page 58
        "Section 4.6.34 of CAPWAP Protocol Specification, RFC 5415."
    ::= { capwapBaseNotifyVarObjects 9 }

capwapBaseNtfJoinFailureReason  OBJECT-TYPE
    SYNTAX      INTEGER {
                  unspecified(1),
                  resDepletion(2),
                  unknownSource(3),
                  incorrectData(4),
                  sessionIdInUse(5),
                  unsupportedHw(6),
                  unsupportedBinding(7)
                }
    MAX-ACCESS  accessible-for-notify
    STATUS      current
    DESCRIPTION
        "Represents the reason of join failure.
         The following enumerated values are supported:
           unspecified(1)        - Unspecified failure
           resDepletion(2)       - Resource depletion
           unknownSource(3)      - Unknown source
           incorrectData(4)      - Incorrect data
           sessionIdInUse(5)     - Session ID already in use
           unsupportedHw(6)      - WTP hardware not supported
           unsupportedBinding(7) - Binding not supported"
    REFERENCE
        "Section 4.6.35 of CAPWAP Protocol Specification, RFC 5415."
    ::= { capwapBaseNotifyVarObjects 10 }

capwapBaseNtfImageFailureReason  OBJECT-TYPE
    SYNTAX      INTEGER {
                  invalidChecksum(1),
                  invalidLength(2),
                  other(3),
                  inStorage(4)
                }
    MAX-ACCESS  accessible-for-notify
    STATUS      current
    DESCRIPTION
        "Represents the reason of image failure.
         The following enumerated values are supported:
           invalidChecksum(1) - Invalid checksum
           invalidLength(2)   - Invalid data length
           other(3)           - Other error
           inStorage(4)       - Image already present"
    REFERENCE
        "Section 4.6.35 of CAPWAP Protocol Specification, RFC 5415."
    ::= { capwapBaseNotifyVarObjects 11 }
Top   ToC   RFC5833 - Page 59
capwapBaseNtfConfigMsgErrorType  OBJECT-TYPE
    SYNTAX      INTEGER {
                  unknownElement(1),
                  unsupportedElement(2),
                  unknownValue(3),
                  unsupportedValue(4)
                }
    MAX-ACCESS  accessible-for-notify
    STATUS      current
    DESCRIPTION
        "Represents the type of configuration message error.
         The following enumerated values are supported:
           unknownElement(1)     - Unknown message element
           unsupportedElement(2) - Unsupported message element
           unknownValue(3)       - Unknown message element value
           unsupportedValue(4)   - Unsupported message element value"
    REFERENCE
        "Section 4.6.36 of CAPWAP Protocol Specification, RFC 5415."
    ::= { capwapBaseNotifyVarObjects 12 }

capwapBaseNtfMsgErrorElements  OBJECT-TYPE
    SYNTAX      SnmpAdminString
    MAX-ACCESS  accessible-for-notify
    STATUS      current
    DESCRIPTION
        "Represents the message elements sent by the AC in the
         Configuration Status Response message that caused the error."
    REFERENCE
        "Section 4.6.36 of CAPWAP Protocol Specification, RFC 5415."
    ::= { capwapBaseNotifyVarObjects 13 }

-- Notification Control
capwapBaseNotifyControlObjects OBJECT IDENTIFIER
    ::= { capwapBaseObjects 6 }

capwapBaseChannelUpDownNotifyEnable  OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Represents whether the Channel Up / Channel Down notification
         should be generated.
         A value of true(1) means that the notification is enabled.
         A value of false(2) means that the notification is disabled.
         The value of the object is persistent at restart/reboot."
    DEFVAL { false }
    ::= { capwapBaseNotifyControlObjects 1 }
Top   ToC   RFC5833 - Page 60
capwapBaseDecryptErrorNotifyEnable OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Represents whether the decryption error notification should
         be generated.
         A value of true(1) means that the notification is enabled.
         A value of false(2) means that the notification is disabled.
         The value of the object is persistent at restart/reboot."
    DEFVAL { true }
    ::= { capwapBaseNotifyControlObjects 2 }

capwapBaseJoinFailureNotifyEnable OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Represents whether the notification of a WTP join failure
         should be generated.
         A value of true(1) means that the notification is enabled.
         A value of false(2) means that the notification is disabled.
         The value of the object is persistent at restart/reboot."
    DEFVAL { true }
    ::= { capwapBaseNotifyControlObjects 3 }

capwapBaseImageUpgradeFailureNotifyEnable OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Represents whether the notification of a WTP image upgrade
         failure should be generated.
         A value of true(1) means that the notification is enabled.
         A value of false(2) means that the notification is disabled.
         The value of the object is persistent at restart/reboot."
    DEFVAL { true }
    ::= { capwapBaseNotifyControlObjects 4 }

capwapBaseConfigMsgErrorNotifyEnable OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Represents whether the notification of configuration message
         error should be generated.
         A value of true(1) means that the notification is enabled.
         A value of false(2) means that the notification is disabled.
Top   ToC   RFC5833 - Page 61
         The value of the object is persistent at restart/reboot."
    DEFVAL { false }
    ::= { capwapBaseNotifyControlObjects 5 }

capwapBaseRadioOperableStatusNotifyEnable OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Represents whether the notification of a radio's operational
         state change should be generated.
         A value of true(1) means that the notification is enabled.
         A value of false(2) means that the notification is disabled.
         The value of the object is persistent at restart/reboot."
    DEFVAL { false }
    ::= { capwapBaseNotifyControlObjects 6 }

capwapBaseAuthenFailureNotifyEnable OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Represents whether the notification of authentication failure
         should be generated.
         A value of true(1) means that the notification is enabled.
         A value of false(2) means that the notification is disabled.
         The value of the object is persistent at restart/reboot."
    DEFVAL { true }
    ::= { capwapBaseNotifyControlObjects 7 }

-- Module compliance

capwapBaseCompliances OBJECT IDENTIFIER
    ::= { capwapBaseConformance 1 }

capwapBaseGroups OBJECT IDENTIFIER
    ::= { capwapBaseConformance 2 }

capwapBaseCompliance MODULE-COMPLIANCE
    STATUS current
    DESCRIPTION
       "Describes the requirements for conformance to the
        CAPWAP-BASE-MIB module."

    MODULE IF-MIB -- The Interfaces MIB, RFC 2863
    MANDATORY-GROUPS {
       ifGeneralInformationGroup
    }
Top   ToC   RFC5833 - Page 62
    MODULE -- this module
     MANDATORY-GROUPS {
       capwapBaseAcNodeGroup,
       capwapBaseWtpProfileGroup,
       capwapBaseWtpStateGroup,
       capwapBaseWtpGroup,
       capwapBaseRadioGroup,
       capwapBaseStationGroup
     }

     GROUP capwapBaseAcNodeGroup2
     DESCRIPTION
         "The capwapBaseAcNodeGroup2 group is optional."

     GROUP capwapBaseAcNameListGroup
     DESCRIPTION
         "The capwapBaseAcNameListGroup group is optional."

     GROUP capwapBaseMacAclsGroup
     DESCRIPTION
         "The capwapBaseMacAclsGroup group is optional."

     GROUP capwapBaseWtpProfileGroup2
     DESCRIPTION
         "The capwapBaseWtpProfileGroup2 group is optional."

     GROUP capwapBaseWtpGroup2
     DESCRIPTION
         "The capwapBaseWtpGroup2 group is optional."

     GROUP capwapBaseWtpEventsStatsGroup
     DESCRIPTION
         "The capwapBaseWtpEventsStatsGroup group is optional."

     GROUP capwapBaseRadioEventsStatsGroup
     DESCRIPTION
         "The capwapBaseRadioEventsStatsGroup group is optional."

     GROUP capwapBaseParametersGroup
     DESCRIPTION
         "The capwapBaseParametersGroup group is optional."

     GROUP capwapBaseStatsGroup
     DESCRIPTION
         "The capwapBaseStatsGroup group is optional."

     GROUP capwapBaseNotificationsGroup
     DESCRIPTION
Top   ToC   RFC5833 - Page 63
          "The capwapBaseNotificationsGroup group is optional."

     GROUP capwapBaseNotifyVarsGroup
     DESCRIPTION
         "The capwapBaseNotifyVarsGroup group is optional.
          If capwapBaseNotificationsGroup is supported,
          this group must be implemented."

     GROUP capwapBaseNotifyControlGroup
     DESCRIPTION
        "The capwapBaseNotifyControlGroup group is optional.
         If capwapBaseNotificationsGroup is supported,
         this group must be implemented."
     ::= { capwapBaseCompliances 1 }

capwapBaseAcNodeGroup    OBJECT-GROUP
    OBJECTS {
      capwapBaseWtpSessions,
      capwapBaseWtpSessionsLimit,
      capwapBaseStationSessions,
      capwapBaseStationSessionsLimit
    }
    STATUS  current
    DESCRIPTION
        "A collection of objects that is used to represent
         the basic properties of the AC from the CAPWAP
         protocol perspective."
    ::= { capwapBaseGroups 1 }

capwapBaseAcNodeGroup2   OBJECT-GROUP
    OBJECTS {
      capwapBaseDataChannelDTLSPolicyOptions,
      capwapBaseControlChannelAuthenOptions
     }
    STATUS  current
    DESCRIPTION
        "A collection of objects that is used to represent
         the other properties (such as security) of the AC from
         the CAPWAP protocol perspective."
    ::= { capwapBaseGroups 2 }

capwapBaseAcNameListGroup  OBJECT-GROUP
    OBJECTS {
      capwapBaseAcNameListName,
      capwapBaseAcNameListPriority,
      capwapBaseAcNameListRowStatus
    }
    STATUS  current
Top   ToC   RFC5833 - Page 64
    DESCRIPTION
        "A collection of objects that is used to configure
         the AC name list."
    ::= { capwapBaseGroups 3 }

capwapBaseMacAclsGroup  OBJECT-GROUP
    OBJECTS {
      capwapBaseMacAclStationId,
      capwapBaseMacAclRowStatus
    }
    STATUS  current
    DESCRIPTION
        "A collection of objects that is used to configure
         the stations ACL."
    ::= { capwapBaseGroups 4 }

capwapBaseWtpProfileGroup    OBJECT-GROUP
    OBJECTS {
      capwapBaseWtpProfileName,
      capwapBaseWtpProfileWtpMacAddress,
      capwapBaseWtpProfileWtpModelNumber,
      capwapBaseWtpProfileWtpName,
      capwapBaseWtpProfileWtpLocation,
      capwapBaseWtpProfileRowStatus
    }
    STATUS  current
    DESCRIPTION
        "A collection of objects that is used to configure
         the WTP profile."
    ::= { capwapBaseGroups 5 }

capwapBaseWtpProfileGroup2    OBJECT-GROUP
    OBJECTS {
      capwapBaseWtpProfileWtpStaticIpEnable,
      capwapBaseWtpProfileWtpStaticIpType,
      capwapBaseWtpProfileWtpStaticIpAddress,
      capwapBaseWtpProfileWtpNetmask,
      capwapBaseWtpProfileWtpGateway,
      capwapBaseWtpProfileWtpFallbackEnable,
      capwapBaseWtpProfileWtpEchoInterval,
      capwapBaseWtpProfileWtpIdleTimeout,
      capwapBaseWtpProfileWtpMaxDiscoveryInterval,
      capwapBaseWtpProfileWtpReportInterval,
      capwapBaseWtpProfileWtpStatisticsTimer,
      capwapBaseWtpProfileWtpEcnSupport
    }
    STATUS  current
    DESCRIPTION
Top   ToC   RFC5833 - Page 65
        "A collection of optional objects that is used to
         configure the WTP profile."
    ::= { capwapBaseGroups 6 }

capwapBaseWtpStateGroup    OBJECT-GROUP
    OBJECTS {
      capwapBaseWtpStateWtpIpAddressType,
      capwapBaseWtpStateWtpIpAddress,
      capwapBaseWtpStateWtpLocalIpAddressType,
      capwapBaseWtpStateWtpLocalIpAddress,
      capwapBaseWtpStateWtpBaseMacAddress,
      capwapBaseWtpState,
      capwapBaseWtpStateWtpUpTime,
      capwapBaseWtpStateWtpCurrWtpProfileId
    }
    STATUS  current
    DESCRIPTION
        "A collection of objects that is used to represent
         the WTP's state information."
    ::= { capwapBaseGroups 7 }

capwapBaseWtpGroup    OBJECT-GROUP
    OBJECTS {
      capwapBaseWtpBaseMacAddress,
      capwapBaseWtpTunnelModeOptions,
      capwapBaseWtpMacTypeOptions,
      capwapBaseWtpDiscoveryType,
      capwapBaseWtpRadiosInUseNum,
      capwapBaseWtpRadioNumLimit
    }
    STATUS  current
    DESCRIPTION
        "A collection of objects that is used to represent
         the properties information for the WTPs in running state."
    ::= { capwapBaseGroups 8 }

capwapBaseWtpGroup2   OBJECT-GROUP
    OBJECTS {
      capwapBaseWtpPhyIndex,
      capwapBaseWtpRetransmitCount
    }
    STATUS  current
    DESCRIPTION
        "A collection of optional objects that is used to represent
         the properties of the WTPs in running state."
    ::= { capwapBaseGroups 9 }

capwapBaseRadioGroup    OBJECT-GROUP
Top   ToC   RFC5833 - Page 66
    OBJECTS {
      capwapBaseWirelessBindingVirtualRadioIfIndex,
      capwapBaseWirelessBindingType
    }
    STATUS  current
    DESCRIPTION
        "A collection of objects that is used to represent
         the wireless binding type and the mappings between the
         ifIndexes of WLAN Virtual Radio Interfaces and PHY radios."
    ::= { capwapBaseGroups 10 }

capwapBaseStationGroup    OBJECT-GROUP
    OBJECTS {
      capwapBaseStationWtpId,
      capwapBaseStationWtpRadioId,
      capwapBaseStationAddedTime,
      capwapBaseStationVlanName
    }
    STATUS  current
    DESCRIPTION
        "A collection of objects that is used to represent
         the stations' basic properties."
    ::= { capwapBaseGroups 11 }

capwapBaseWtpEventsStatsGroup    OBJECT-GROUP
    OBJECTS {
      capwapBaseWtpEventsStatsRebootCount,
      capwapBaseWtpEventsStatsInitCount,
      capwapBaseWtpEventsStatsLinkFailureCount,
      capwapBaseWtpEventsStatsSwFailureCount,
      capwapBaseWtpEventsStatsHwFailureCount,
      capwapBaseWtpEventsStatsOtherFailureCount,
      capwapBaseWtpEventsStatsUnknownFailureCount,
      capwapBaseWtpEventsStatsLastFailureType
    }
    STATUS  current
    DESCRIPTION
        "A collection of objects that is used for collecting
         WTP reboot count, link failure count, hardware failure
         count, and so on."
    ::= { capwapBaseGroups 12 }

capwapBaseRadioEventsStatsGroup    OBJECT-GROUP
    OBJECTS {
      capwapBaseRadioEventsStatsResetCount,
      capwapBaseRadioEventsStatsSwFailureCount,
      capwapBaseRadioEventsStatsHwFailureCount,
      capwapBaseRadioEventsStatsOtherFailureCount,
Top   ToC   RFC5833 - Page 67
      capwapBaseRadioEventsStatsUnknownFailureCount,
      capwapBaseRadioEventsStatsConfigUpdateCount,
      capwapBaseRadioEventsStatsChannelChangeCount,
      capwapBaseRadioEventsStatsBandChangeCount,
      capwapBaseRadioEventsStatsCurrNoiseFloor,
      capwapBaseRadioEventsStatsDecryptErrorCount,
      capwapBaseRadioEventsStatsLastFailureType
    }
    STATUS  current
    DESCRIPTION
        "A collection of objects that is used for collecting
         radio reset count, channel change count, hardware failure
         count, and so on"
    ::= { capwapBaseGroups 13 }

capwapBaseParametersGroup    OBJECT-GROUP
    OBJECTS {
      capwapBaseAcMaxRetransmit,
      capwapBaseAcChangeStatePendingTimer,
      capwapBaseAcDataCheckTimer,
      capwapBaseAcDTLSSessionDeleteTimer,
      capwapBaseAcEchoInterval,
      capwapBaseAcRetransmitInterval,
      capwapBaseAcSilentInterval,
      capwapBaseAcWaitDTLSTimer,
      capwapBaseAcWaitJoinTimer,
      capwapBaseAcEcnSupport
    }
    STATUS  current
    DESCRIPTION
        "Objects used for the CAPWAP protocol's parameters."
    ::= { capwapBaseGroups 14 }

capwapBaseStatsGroup    OBJECT-GROUP
    OBJECTS {
      capwapBaseFailedDTLSAuthFailureCount,
      capwapBaseFailedDTLSSessionCount
    }
    STATUS  current
    DESCRIPTION
        "Objects used for collecting the CAPWAP protocol's statistics."
    ::= { capwapBaseGroups 15 }

capwapBaseNotificationsGroup    NOTIFICATION-GROUP
    NOTIFICATIONS {
      capwapBaseChannelUp,
      capwapBaseChannelDown,
      capwapBaseDecryptErrorReport,
Top   ToC   RFC5833 - Page 68
      capwapBaseJoinFailure,
      capwapBaseImageUpgradeFailure,
      capwapBaseConfigMsgError,
      capwapBaseRadioOperableStatus,
      capwapBaseAuthenFailure
    }
    STATUS  current
    DESCRIPTION
        "A collection of notifications in this MIB module."
    ::= { capwapBaseGroups 16 }

capwapBaseNotifyVarsGroup    OBJECT-GROUP
    OBJECTS {
      capwapBaseNtfWtpId,
      capwapBaseNtfRadioId,
      capwapBaseNtfChannelType,
      capwapBaseNtfAuthenMethod,
      capwapBaseNtfChannelDownReason,
      capwapBaseNtfStationIdList,
      capwapBaseNtfAuthenFailureReason,
      capwapBaseNtfRadioOperStatusFlag,
      capwapBaseNtfRadioStatusCause,
      capwapBaseNtfJoinFailureReason,
      capwapBaseNtfImageFailureReason,
      capwapBaseNtfConfigMsgErrorType,
      capwapBaseNtfMsgErrorElements
    }
    STATUS  current
    DESCRIPTION
        "Objects used for notifications."
    ::= { capwapBaseGroups 17 }

capwapBaseNotifyControlGroup OBJECT-GROUP
    OBJECTS {
      capwapBaseChannelUpDownNotifyEnable,
      capwapBaseDecryptErrorNotifyEnable,
      capwapBaseJoinFailureNotifyEnable,
      capwapBaseImageUpgradeFailureNotifyEnable,
      capwapBaseConfigMsgErrorNotifyEnable,
      capwapBaseRadioOperableStatusNotifyEnable,
      capwapBaseAuthenFailureNotifyEnable
   }
   STATUS  current
   DESCRIPTION
        "Objects used to enable or disable notifications."
   ::= { capwapBaseGroups 18 }

END
Top   ToC   RFC5833 - Page 69

10. Security Considerations

There are a number of management objects defined in this MIB module with a MAX-ACCESS clause of read-write and/or read-create. Such objects MAY be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. The followings are the tables and objects and their sensitivity/vulnerability: - Unauthorized changes to the capwapBaseWtProfileTable and writable objects under capwapBaseAcs group MAY disrupt allocation of resources in the network. For example, a WTP's static IP address could be changed by setting the capwapBaseWtpProfileWtpStaticIpAddress object. - Unauthorized changes to writable objects under the capwapBaseAc group MAY disrupt allocation of resources in the network. For example, an invalid value for the capwapBaseWtpSessionsLimit object will increase the AC's traffic burden. - Unauthorized changes to the capwapBaseMacAclTable MAY prevent legal stations from being able to access the network, while illegal stations are able to access it. - Unauthorized changes to writable objects under the capwapBaseParameters group MAY influence CAPWAP protocol behavior and status. For example, an invalid value set for the capwapBaseAcDataCheckTimer MAY influence the CAPWAP state machine. Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) MAY be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. The followings are the tables and objects and their sensitivity/vulnerability: - The capwapBaseDataChannelDTLSPolicyOptions and capwapBaseControlChannelAuthenOptions under the capwapBaseAc group expose the current security option for CAPWAP data and control channels. - The capwapBaseWtpTable exposes a WTP's important information like tunnel mode, MAC type, and so on. - The capwapBaseWtpEventsStatsTable exposes a WTP's failure information.
Top   ToC   RFC5833 - Page 70
   -  The capwapBaseRadioEventsStatsTable exposes a radio's failure
      information.

   SNMP versions prior to SNMPv3 did not include adequate security.
   Even if the network itself is secure (for example by using IPsec),
   even then, there is no control as to who on the secure network is
   allowed to access and GET/SET (read/change/create/delete) the objects
   in this MIB module.

   It is RECOMMENDED that implementers consider the security features as
   provided by the SNMPv3 framework (see [RFC3410], section 8),
   including full support for the SNMPv3 cryptographic mechanisms (for
   authentication and privacy).

   Further, the deployment of SNMP versions prior to SNMPv3 is NOT
   RECOMMENDED.  Instead, it is RECOMMENDED to deploy SNMPv3 and to
   enable cryptographic security.  It is then a customer/operator
   responsibility to ensure that the SNMP entity giving access to an
   instance of this MIB module is properly configured to give access to
   the objects only to those principals (users) that have legitimate
   rights to indeed GET or SET (change/create/delete) them.

11. IANA Considerations

11.1. IANA Considerations for CAPWAP-BASE-MIB Module

The MIB module in this document uses the following IANA-assigned OBJECT IDENTIFIER value recorded in the SMI Numbers registry: Descriptor OBJECT IDENTIFIER value ---------- ----------------------- capwapBaseMIB { mib-2 196 }

11.2. IANA Considerations for ifType

IANA has assigned the following ifType: Decimal Name Description ------- ------------ ------------------------------- 254 capwapWtpVirtualRadio WTP Virtual Radio Interface

12. Contributors

This MIB module is based on contributions from Long Gao.
Top   ToC   RFC5833 - Page 71

13. Acknowledgements

Thanks to David Harrington, Dan Romascanu, Abhijit Choudhury, Bert Wijnen, and David L. Black for helpful comments on this document and guiding some technical solutions. The authors also thank the following friends and coworkers: Fei Fang, Xuebin Zhu, Hao Song, Yu Liu, Sachin Dutta, Ju Wang, Hao Wang, Yujin Zhao, Haitao Zhang, Xiansen Cai, and Xiaolan Wan.

14. References

14.1. Normative References

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC2287] Krupczak, C. and J. Saperia, "Definitions of System-Level Managed Objects for Applications", RFC 2287, February 1998. [RFC2578] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. [RFC2579] McCloghrie, K., Ed., Perkins, D., Ed., and J. Schoenwaelder, Ed., "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. [RFC2863] McCloghrie, K. and F. Kastenholz, "The Interfaces Group MIB", RFC 2863, June 2000. [RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks", STD 62, RFC 3411, December 2002. [RFC3418] Presuhn, R., "Management Information Base (MIB) for the Simple Network Management Protocol (SNMP)", STD 62, RFC 3418, December 2002.
Top   ToC   RFC5833 - Page 72
   [RFC4001]           Daniele, M., Haberman, B., Routhier, S., and J.
                       Schoenwaelder, "Textual Conventions for Internet
                       Network Addresses", RFC 4001, February 2005.

   [RFC4133]           Bierman, A. and K. McCloghrie, "Entity MIB
                       (Version 3)", RFC 4133, August 2005.

   [RFC5415]           Calhoun, P., Montemurro, M., and D. Stanley,
                       "Control And Provisioning of Wireless Access
                       Points (CAPWAP) Protocol Specification",
                       RFC 5415, March 2009.

14.2. Informative References

[Err1832] RFC Errata, "Errata ID 1832", for RFC 5415, <http://www.rfc-editor.org>. [IEEE.802-11.2007] "Information technology - Telecommunications and information exchange between systems - Local and metropolitan area networks - Specific requirements - Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications", IEEE Standard 802.11, 2007, <htt p://standards.ieee.org/getieee802/download/ 802.11-2007.pdf>. [RFC3168] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition of Explicit Congestion Notification (ECN) to IP", RFC 3168, September 2001. [RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet-Standard Management Framework", RFC 3410, December 2002. [RFC4118] Yang, L., Zerfos, P., and E. Sadot, "Architecture Taxonomy for Control and Provisioning of Wireless Access Points (CAPWAP)", RFC 4118, June 2005. [RFC4347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer Security", RFC 4347, April 2006. [RFC5416] Calhoun, P., Montemurro, M., and D. Stanley, "Control and Provisioning of Wireless Access Points (CAPWAP) Protocol Binding for IEEE 802.11", RFC 5416, March 2009.
Top   ToC   RFC5833 - Page 73
   [RFC5834]           Shi, Y., Ed., Perkins, D., Ed., Elliott, C., Ed.,
                       and Y. Zhang, Ed., "Control and Provisioning of
                       Wireless Access Points (CAPWAP) Protocol Binding
                       MIB for IEEE 802.11", RFC 5834, May 2010.

Authors' Addresses

Yang Shi (editor) Hangzhou H3C Tech. Co., Ltd. Beijing R&D Center of H3C, Digital Technology Plaza NO. 9 Shangdi 9th Street, Haidian District Beijing 100085 China Phone: +86 010 82775276 EMail: rishyang@gmail.com David T. Perkins (editor) 228 Bayview Dr. San Carlos, CA 94070 USA Phone: +1 408 394-8702 EMail: dperkins@dsperkins.com Chris Elliott (editor) 1516 Kent St. Durham, NC 27707 USA Phone: +1 919-308-1216 EMail: chelliot@pobox.com Yong Zhang (editor) Fortinet, Inc. 1090 Kifer Road Sunnyvale, CA 94086 USA EMail: yzhang@fortinet.com