Tech-invite3GPPspaceIETFspace
959493929190898887868584838281807978777675747372717069686766656463626160595857565554535251504948474645444342414039383736353433323130292827262524232221201918171615141312111009080706050403020100
in Index   Prev   Next

RFC 7659

Definitions of Managed Objects for Network Address Translators (NATs)

Pages: 84
Proposed Standard
Errata
Part 3 of 4 – Pages 46 to 74
First   Prev   Next

Top   ToC   RFC7659 - Page 46   prevText
natv2InstanceLimitPortMapEntries OBJECT-TYPE
    SYNTAX Unsigned32
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Limit on total number of port map entries supported by the
         NAT instance.  When natv2InstancePortMapEntries has reached
         this limit, subsequent packets that would normally trigger
         creation of a new port map entry will be dropped and counted
         in natv2InstancePortMapEntryLimitDrops.  Warning of an
         approach to this limit can be achieved by setting
         natv2InstanceThresholdPortMapEntriesHigh to a non-zero
         value, for example, 80% of the limit.  The limit is disabled
         by setting its value to zero.

         For further information, please see the descriptions of
         natv2NotificationInstancePortMapEntriesHigh and
         natv2InstancePortMapEntries."
    DEFVAL
        { 0 }
    ::= { natv2InstanceEntry 24 }

natv2InstanceLimitPendingFragments OBJECT-TYPE
    SYNTAX Unsigned32
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Limit on number of out-of-order fragments received by the
         NAT instance from remote sources and held until head of
         chain appears.  While the number of held fragments is at this
         limit, subsequent packets that contain fragments not
         relating to those already held will be dropped and counted
         in natv2InstancePendingFragmentLimitDrops.  The limit is
         disabled by setting the value to zero.

         Applicable only when the NAT instance supports 'Receive
         Fragments Out of Order' behavior; leave at default
         otherwise.  See the description of
         natv2InstanceFragmentBehavior."
    REFERENCE
         "RFC 4787, Section 11."
    DEFVAL { 0 }
    ::= { natv2InstanceEntry 25 }

natv2InstanceLimitSubscriberActives OBJECT-TYPE
    SYNTAX Unsigned32
    MAX-ACCESS read-write
    STATUS current
Top   ToC   RFC7659 - Page 47
    DESCRIPTION
        "Limit on number of total number of active subscribers
         supported by the NAT instance.  An active subscriber is
         defined as any subscriber with at least one map entry,
         including static mappings.  While the number of active
         subscribers is at this limit, subsequent packets that would
         otherwise trigger first mappings for newly active
         subscribers will be dropped and counted in
         natv2InstanceSubscriberActiveLimitDrops.  The limit is
         disabled by setting the value to zero."
    DEFVAL { 0 }
    ::= { natv2InstanceEntry 26 }

-- Table of counters per upper-layer protocol identified by the
-- packet header and supported by the NAT instance.

natv2ProtocolTable  OBJECT-TYPE
    SYNTAX SEQUENCE OF Natv2ProtocolEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Table of protocols with per-protocol counters.  Conceptual
         rows of the table are indexed by the combination of the NAT
         instance number and the IANA-assigned upper-layer protocol
         number as given by the ProtocolNumber Textual Convention
         (TC) and contained in the packet IP header.  It is up to the
         agent implementation to determine and operate upon only
         those upper-layer protocol numbers supported by the NAT
         instance."
    REFERENCE
        "RFC 7659, Section 3.3.5."
    ::= { natv2MIBInstanceObjects 2 }

natv2ProtocolEntry OBJECT-TYPE
    SYNTAX Natv2ProtocolEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Per-protocol counters."
    INDEX { natv2ProtocolInstanceIndex,
            natv2ProtocolNumber }
    ::= { natv2ProtocolTable 1 }

Natv2ProtocolEntry ::=
    SEQUENCE {
        natv2ProtocolInstanceIndex          Natv2InstanceIndex,
        natv2ProtocolNumber                     ProtocolNumber,
Top   ToC   RFC7659 - Page 48
-- State
        natv2ProtocolPortMapEntries             Unsigned32,
-- Statistics.  Discontinuity object from instance table reused here.
        natv2ProtocolTranslations               Counter64,
        natv2ProtocolPortMapCreations           Counter64,
        natv2ProtocolPortMapFailureDrops        Counter64
    }

natv2ProtocolInstanceIndex OBJECT-TYPE
    SYNTAX Natv2InstanceIndex
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "NAT instance index.  It is up to the implementation to
         determine and operate upon only those values that
         correspond to in-service NAT instances."
    ::= { natv2ProtocolEntry 1 }

natv2ProtocolNumber OBJECT-TYPE
    SYNTAX ProtocolNumber
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Counters in this conceptual row apply to packets indicating
         the upper-layer protocol identified by the value of
         this object.  It is up to the implementation to determine and
         operate upon only those values that correspond to protocols
         supported by the NAT instance."
    REFERENCE
        "RFC 7659, Section 3.3.5.
         IANA Protocol Numbers,
         <http://www.iana.org/assignments/protocol-numbers>"
    ::= { natv2ProtocolEntry 2 }

 -- State
natv2ProtocolPortMapEntries OBJECT-TYPE
    SYNTAX Unsigned32
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "The current number of entries in the port map table in total
         over the whole NAT instance for a given protocol, including
         static mappings.  A port map entry maps from a given external
         realm, address, and port for a given protocol to an internal
         realm, address, and port.  This definition includes 'hairpin'
         mappings, where the external realm is the same as the
         internal one.  Port map entries are also tracked per
         subscriber, per instance, and per address pool within the
Top   ToC   RFC7659 - Page 49
         instance."
    REFERENCE
        "RFC 7659, Sections 3.3.5 and 3.3.9.
         Hairpinning: RFC 4787, Section 6."
    ::= { natv2ProtocolEntry 3 }

-- Statistics
natv2ProtocolTranslations OBJECT-TYPE
    SYNTAX Counter64
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "The cumulative number of packets translated by the NAT
         instance in either direction for the given protocol.

         This value MUST be monotone increasing in the periods
         between updates of the NAT instance
         natv2InstanceDiscontinuityTime.  If a manager detects a
         change in the latter since the last time it sampled this
         counter, it SHOULD NOT make use of the difference between
         the latest value of the counter and any value retrieved
         before the new value of natv2InstanceDiscontinuityTime."
    ::= { natv2ProtocolEntry 4 }

natv2ProtocolPortMapCreations  OBJECT-TYPE
    SYNTAX Counter64
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "The cumulative number of port map entries created by the NAT
         instance for the given protocol.

         This value MUST be monotone increasing in the periods
         between updates of the NAT instance
         natv2InstanceDiscontinuityTime.  If a manager detects a
         change in the latter since the last time it sampled this
         counter, it SHOULD NOT make use of the difference between
         the latest value of the counter and any value retrieved
         before the new value of natv2InstanceDiscontinuityTime."
    ::= { natv2ProtocolEntry 5 }

natv2ProtocolPortMapFailureDrops OBJECT-TYPE
    SYNTAX Counter64
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "The cumulative number of packets dropped because the packet
         would have triggered the creation of a new port map entry,
Top   ToC   RFC7659 - Page 50
         but no port could be allocated for the protocol concerned.
         The usual case for this will be for a NAT instance that
         supports address pooling and the 'Paired' pooling behavior
         recommended by RFC 4787, where the internal endpoint has
         used up all of the ports allocated to it for the address it
         was mapped to in the selected address pool in the external
         realm concerned and cannot be given more ports because
         - policy or implementation prevents it from having a
           second address in the same pool, and
         - policy or unavailability prevents it from acquiring
           more ports at its originally assigned address.

         If the NAT instance supports address pooling but its
         pooling behavior is 'Arbitrary' (meaning that
         the NAT instance can allocate a new port mapping for
         the given internal endpoint on any address in the
         selected address pool and is not bound to what it has
         already mapped for that endpoint), then this counter
         is incremented when all ports for the protocol concerned
         over the whole of the selected address pool are already
         in use.

         Finally, if the NAT instance has no configured address
         pooling, then this counter is incremented because all
         ports for the protocol concerned over the whole of the
         NAT instance for the external realm concerned are already
         in use.

         This value MUST be monotone increasing in the periods
         between updates of the NAT instance
         natv2InstanceDiscontinuityTime.  If a manager detects a
         change in the latter since the last time it sampled this
         counter, it SHOULD NOT make use of the difference between
         the latest value of the counter and any value retrieved
         before the new value of natv2InstanceDiscontinuityTime."
    REFERENCE
        "RFC 4787, end of Section 4.1."
    ::= { natv2ProtocolEntry 6 }

-- pools

natv2PoolTable OBJECT-TYPE
    SYNTAX SEQUENCE OF Natv2PoolEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
       "Table of address pools, applicable only if these are
        supported by the NAT instance.  An address pool is a set of
Top   ToC   RFC7659 - Page 51
        addresses and ports in a particular realm, available for
        assignment to the 'external' portion of a mapping.  Where more
        than one pool has been configured for the realm, policy
        determines which subscribers and/or services are mapped to
        which pool.  natv2PoolTable provides basic information, state,
        statistics, and two notification thresholds for each pool.
        natv2PoolRangeTable is an expansion table for natv2PoolTable
        that identifies particular address ranges allocated to the
        pool."
    REFERENCE
        "RFC 7659, Section 3.3.6."
    ::= { natv2MIBInstanceObjects 3 }

natv2PoolEntry OBJECT-TYPE
    SYNTAX Natv2PoolEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Entry in the table of address pools."
    INDEX { natv2PoolInstanceIndex, natv2PoolIndex }
    ::= { natv2PoolTable 1 }

Natv2PoolEntry ::=
    SEQUENCE {
-- Index
         natv2PoolInstanceIndex                 Natv2InstanceIndex,
         natv2PoolIndex                         Natv2PoolIndex,
-- Configuration
         natv2PoolRealm                         SnmpAdminString,
         natv2PoolAddressType                   InetAddressType,
         natv2PoolMinimumPort                   InetPortNumber,
         natv2PoolMaximumPort                   InetPortNumber,
-- State
         natv2PoolAddressMapEntries             Unsigned32,
         natv2PoolPortMapEntries                Unsigned32,
-- Statistics and discontinuity time
         natv2PoolAddressMapCreations           Counter64,
         natv2PoolPortMapCreations              Counter64,
         natv2PoolAddressMapFailureDrops        Counter64,
         natv2PoolPortMapFailureDrops           Counter64,
         natv2PoolDiscontinuityTime             TimeStamp,
-- Notification thresholds and objects returned by notifications
         natv2PoolThresholdUsageLow             Integer32,
         natv2PoolThresholdUsageHigh            Integer32,
         natv2PoolNotifiedPortMapEntries        Unsigned32,
         natv2PoolNotifiedPortMapProtocol       ProtocolNumber,
         natv2PoolNotificationInterval          Unsigned32
    }
Top   ToC   RFC7659 - Page 52
natv2PoolInstanceIndex OBJECT-TYPE
    SYNTAX Natv2InstanceIndex
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "NAT instance index.  It is up to the agent implementation
         to determine and operate upon only those values that
         correspond to in-service NAT instances."
    ::= { natv2PoolEntry 1 }

natv2PoolIndex OBJECT-TYPE
    SYNTAX Natv2PoolIndex
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Index of an address pool that is unique for a given NAT
         instance.  It is up to the agent implementation to determine
         and operate upon only those values that correspond to
         provisioned pools."
    ::= { natv2PoolEntry 2 }

-- Configuration
natv2PoolRealm OBJECT-TYPE
    SYNTAX SnmpAdminString (SIZE (0..32))
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Address realm to which this pool's addresses belong."
    REFERENCE
        "Address realms are discussed in Section 3.3.3 of
         RFC 7659.  The primary reference is RFC 2663, Section 2.1."
    ::= { natv2PoolEntry 3 }

natv2PoolAddressType OBJECT-TYPE
    SYNTAX InetAddressType
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Address type supplied by this address pool.  This will be the
         same for all pools in a given realm (by definition of an
         address realm).  Values other than ipv4(1) or ipv6(2) would
         be unexpected."
    REFERENCE
        "InetAddressType in RFC 4001."
    ::= { natv2PoolEntry 4 }

natv2PoolMinimumPort OBJECT-TYPE
    SYNTAX InetPortNumber
Top   ToC   RFC7659 - Page 53
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Minimum port number of the range that can be allocated in
         this pool.  Applies to all protocols supported by the NAT
         instance."
    REFERENCE
        "InetPortNumber in RFC 4001."
    ::= { natv2PoolEntry 5 }

natv2PoolMaximumPort OBJECT-TYPE
    SYNTAX InetPortNumber
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Maximum port number of the range that can be allocated in
         this pool.  Applies to all protocols supported by the NAT
         instance."
    REFERENCE
        "InetPortNumber in RFC 4001."
    ::= { natv2PoolEntry 6 }

-- State
natv2PoolAddressMapEntries OBJECT-TYPE
    SYNTAX Unsigned32
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "The current number of address map entries using external
         addresses drawn from this pool, including static mappings.
         This definition includes 'hairpin' mappings, where the
         external realm is the same as the internal one.  Address map
         entries are also tracked per subscriber and per instance."
    REFERENCE
        "RFC 7659, Section 3.3.8.
         Hairpinning: RFC 4787, Section 6."
    ::= { natv2PoolEntry 7 }

natv2PoolPortMapEntries OBJECT-TYPE
    SYNTAX Unsigned32
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "The current number of entries in the port map table using
         external addresses and ports drawn from this pool, including
         static mappings.  This definition includes 'hairpin'
         mappings, where the external realm is the same as the
         internal one.  Port map entries are also tracked per
Top   ToC   RFC7659 - Page 54
         subscriber, per instance, and per protocol within the
         instance."
    REFERENCE
        "RFC 7659, Section 3.3.9.
         Hairpinning: RFC 4787, Section 6."
    ::= { natv2PoolEntry 8 }

-- Statistics and discontinuity time
natv2PoolAddressMapCreations OBJECT-TYPE
    SYNTAX Counter64
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "The cumulative number of address map entries created in this
         pool, including static mappings.  Address map entries are
         also tracked per instance and per subscriber.

         This value MUST be monotone increasing in
         the periods between updates of the entity's
         natv2PoolDiscontinuityTime.  If a manager detects a
         change in the latter since the last time it sampled this
         counter, it SHOULD NOT make use of the difference between
         the latest value of the counter and any value retrieved
         before the new value of natv2PoolDiscontinuityTime."
    ::= { natv2PoolEntry 9 }

natv2PoolPortMapCreations OBJECT-TYPE
    SYNTAX Counter64
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "The cumulative number of port map entries created in this
         pool, including static mappings.  Port map entries are also
         tracked per instance, per protocol, and per subscriber.

         This value MUST be monotone increasing in the periods
         between updates of the entity's
         natv2PoolDiscontinuityTime.  If a manager detects a
         change in the latter since the last time it sampled this
         counter, it SHOULD NOT make use of the difference between
         the latest value of the counter and any value retrieved
         before the new value of natv2PoolDiscontinuityTime."
    ::= { natv2PoolEntry 10 }

natv2PoolAddressMapFailureDrops OBJECT-TYPE
    SYNTAX Counter64
    MAX-ACCESS read-only
    STATUS current
Top   ToC   RFC7659 - Page 55
    DESCRIPTION
        "The cumulative number of packets originated by the
         subscriber that were dropped because the packet would have
         triggered the creation of a new address map entry, but no
         address could be allocated from this address pool because
         all addresses in the pool have already been fully allocated.
         Counters of this event are also provided per instance, per
         protocol, and per subscriber.

         This value MUST be monotone increasing in the periods
         between updates of the entity's
         natv2PoolDiscontinuityTime.  If a manager detects a
         change in the latter since the last time it sampled this
         counter, it SHOULD NOT make use of the difference between
         the latest value of the counter and any value retrieved
         before the new value of natv2PoolDiscontinuityTime."
    ::= { natv2PoolEntry 11 }

natv2PoolPortMapFailureDrops OBJECT-TYPE
    SYNTAX Counter64
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "The cumulative number of packets dropped because the packet
         would have triggered the creation of a new port map entry,
         but no port could be allocated for the protocol concerned.
         The usual case for this will be for a NAT instance that
         supports the 'Paired' pooling behavior recommended by RFC
         4787, where the internal endpoint has used up all of the
         ports allocated to it for the address it was mapped to in
         this pool and cannot be given more ports because
         - policy or implementation prevents it from having a
           second address in the same pool, and
         - policy or unavailability prevents it from acquiring
           more ports at its originally assigned address.

         If the NAT instance pooling behavior is 'Arbitrary' (meaning
         that the NAT instance can allocate a new port mapping for
         the given internal endpoint on any address in the selected
         address pool and is not bound to what it has already mapped
         for that endpoint), then this counter is incremented when
         all ports for the protocol concerned over the whole of this
         address pool are already in use.

         This value MUST be monotone increasing in the periods
         between updates of the entity's
         natv2PoolDiscontinuityTime.  If a manager detects a
         change in the latter since the last time it sampled this
Top   ToC   RFC7659 - Page 56
         counter, it SHOULD NOT make use of the difference between
         the latest value of the counter and any value retrieved
         before the new value of natv2PoolDiscontinuityTime."
    REFERENCE
        "Pooling behavior: RFC 4787, end of Section 4.1."
    ::= { natv2PoolEntry 12 }


natv2PoolDiscontinuityTime OBJECT-TYPE
    SYNTAX TimeStamp
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Snapshot of the value of the sysUpTime object at the
         beginning of the latest period of continuity of the
         statistical counters associated with this address
         pool.  This MUST be initialized when the address pool
         is configured and MUST be updated whenever the port
         or address ranges allocated to the pool change."
    ::= { natv2PoolEntry 13 }

-- Notification thresholds and objects returned by notifications
natv2PoolThresholdUsageLow OBJECT-TYPE
    SYNTAX Integer32 (-1|0..100)
    UNITS "Percent"
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Threshold for reporting low utilization of the address pool.
         Utilization at a given instant is calculated as the
         percentage of ports allocated in port map entries for the
         most-used protocol at that instant.  If utilization is less
         than or equal to natv2PoolThresholdUsageLow, an instance of
         natv2NotificationPoolUsageLow may be triggered, unless
         disabled by setting it to -1.  Reporting is subject to the
         per-pool notification interval given by
         natv2PoolNotificationInterval.  If multiple notifications
         are triggered during one interval, the agent MUST report
         only the one with the lowest value of
         natv2PoolNotifiedPortMapEntries and discard the others.

         Implementation note: the percentage specified by this object
         can be converted to a number of port map entries at
         configuration time (after port and address ranges have been
         configured or reconfigured) and compared to the current
         value of natv2PoolNotifiedPortMapEntries."
    REFERENCE
        "RFC 7659, Sections 3.1.2 and 3.3.6."
Top   ToC   RFC7659 - Page 57
    DEFVAL { -1 }
    ::= { natv2PoolEntry 14 }

natv2PoolThresholdUsageHigh OBJECT-TYPE
    SYNTAX Integer32 (-1|0..100)
    UNITS "Percent"
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Threshold for reporting high utilization of the address
         pool.  Utilization at a given instant is calculated as the
         percentage of ports allocated in port map entries for the
         most-used protocol at that instant.  If utilization is
         greater than or equal to natv2PoolThresholdUsageHigh, an
         instance of natv2NotificationPoolUsageHigh may be triggered,
         unless disabled by setting it to -1.

         Reporting is subject to the per-pool notification interval
         given by natv2PoolNotificationInterval.  If multiple
         notifications are triggered during one interval, the agent
         MUST report only the one with the highest value of
         natv2PoolNotifiedPortMapEntries and discard the others.
         In the rare case where both upper and lower thresholds
         are crossed in the same interval, the agent MUST report only
         the upper-threshold notification.

         Implementation note: the percentage specified by this object
         can be converted to a number of port map entries at
         configuration time (after port and address ranges have been
         configured or reconfigured) and compared to the current
         value of natv2PoolNotifiedPortMapEntries."
    DEFVAL { -1 }
    ::= { natv2PoolEntry 15 }

natv2PoolNotifiedPortMapEntries OBJECT-TYPE
    SYNTAX Unsigned32
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "Number of port map entries using addresses and ports from
         this address pool for the most-used protocol at a given
         instant.  One of the objects returned by
         natv2NotificationPoolUsageLow and
         natv2NotificationPoolUsageHigh."
    ::= { natv2PoolEntry 16 }

natv2PoolNotifiedPortMapProtocol OBJECT-TYPE
    SYNTAX ProtocolNumber
Top   ToC   RFC7659 - Page 58
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION
        "The most-used protocol (i.e., with the largest number of
         port map entries) mapped into this address pool at a given
         instant.  One of the objects returned by
         natv2NotificationPoolUsageLow and
         natv2NotificationPoolUsageHigh."
    ::= { natv2PoolEntry 17 }

natv2PoolNotificationInterval OBJECT-TYPE
    SYNTAX Unsigned32 (1..3600)
    UNITS
        "Seconds"
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Minimum number of seconds between successive
         notifications for this address pool.  Controls the generation
         of natv2NotificationPoolUsageLow and
         natv2NotificationPoolUsageHigh."
    DEFVAL
        { 20 }
    ::= { natv2PoolEntry 18 }


natv2PoolRangeTable OBJECT-TYPE
    SYNTAX SEQUENCE OF Natv2PoolRangeEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "This table contains address ranges used by pool entries.
         It is an expansion of natv2PoolTable."
    REFERENCE
        "RFC 7659, Section 3.3.7."
    ::= { natv2MIBInstanceObjects 4 }

natv2PoolRangeEntry OBJECT-TYPE
    SYNTAX Natv2PoolRangeEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "NAT pool address range."
    INDEX {
         natv2PoolRangeInstanceIndex,
         natv2PoolRangePoolIndex,
         natv2PoolRangeRowIndex
    }
Top   ToC   RFC7659 - Page 59
    ::= { natv2PoolRangeTable 1 }

Natv2PoolRangeEntry ::=
    SEQUENCE {
        natv2PoolRangeInstanceIndex    Natv2InstanceIndex,
        natv2PoolRangePoolIndex        Natv2PoolIndex,
        natv2PoolRangeRowIndex         Unsigned32,
        natv2PoolRangeBegin            InetAddress,
        natv2PoolRangeEnd              InetAddress
    }

natv2PoolRangeInstanceIndex OBJECT-TYPE
    SYNTAX Natv2InstanceIndex
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Index of the NAT instance on which the address pool and this
         address range are configured.  See Natv2InstanceIndex."
    ::= { natv2PoolRangeEntry 1 }

natv2PoolRangePoolIndex OBJECT-TYPE
    SYNTAX Natv2PoolIndex
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Index of the address pool to which this address range
         belongs.  See Natv2PoolIndex."
    ::= { natv2PoolRangeEntry 2 }

natv2PoolRangeRowIndex OBJECT-TYPE
    SYNTAX Unsigned32
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Row index for successive range entries for the same
         address pool."
    ::= { natv2PoolRangeEntry 3 }

natv2PoolRangeBegin OBJECT-TYPE
    SYNTAX InetAddress
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Lowest address included in this range.  The type of address
         (IPv4 or IPv6) is given by natv2PoolAddressType
         in natv2PoolTable."
    ::= { natv2PoolRangeEntry 4 }
Top   ToC   RFC7659 - Page 60
natv2PoolRangeEnd OBJECT-TYPE
    SYNTAX InetAddress
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Highest address included in this range.  The type of address
         (IPv4 or IPv6) is given by natv2PoolAddressType
         in natv2PoolTable."
    ::= { natv2PoolRangeEntry 5 }

-- Indexed mapping tables

-- Address Map Table.  Mapped from the internal to external address.

natv2AddressMapTable OBJECT-TYPE
    SYNTAX SEQUENCE OF Natv2AddressMapEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Table of mappings from the internal to external address.  By
         definition, this is a snapshot of NAT instance state at a
         given moment.  Indexed by NAT instance, internal realm, and
         internal address in that realm.  Provides the mapped external
         address and, depending on implementation support, identifies
         the address pool from which the external address and port
         were taken and the index of the subscriber to which the
         mapping has been allocated.

         In the case of DS-Lite (RFC 6333), the indexing realm and
         address are those of the IPv6 encapsulation rather than the
         IPv4 inner packet."
    REFERENCE
        "RFC 7659, Section 3.3.8. DS-Lite: RFC 6333"
    ::= { natv2MIBInstanceObjects 5 }

natv2AddressMapEntry OBJECT-TYPE
    SYNTAX Natv2AddressMapEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Mapping from internal to external address."
    INDEX { natv2AddressMapInstanceIndex,
            natv2AddressMapInternalRealm,
            natv2AddressMapInternalAddressType,
            natv2AddressMapInternalAddress,
            natv2AddressMapRowIndex }
    ::= { natv2AddressMapTable 1 }
Top   ToC   RFC7659 - Page 61
Natv2AddressMapEntry ::=
    SEQUENCE {
        natv2AddressMapInstanceIndex       Natv2InstanceIndex,
        natv2AddressMapInternalRealm       SnmpAdminString,
        natv2AddressMapInternalAddressType  InetAddressType,
        natv2AddressMapInternalAddress      InetAddress,
        natv2AddressMapRowIndex            Unsigned32,
        natv2AddressMapInternalMappedAddressType InetAddressType,
        natv2AddressMapInternalMappedAddress     InetAddress,
        natv2AddressMapExternalRealm       SnmpAdminString,
        natv2AddressMapExternalAddressType InetAddressType,
        natv2AddressMapExternalAddress     InetAddress,
        natv2AddressMapExternalPoolIndex   Natv2PoolIndexOrZero,
        natv2AddressMapSubscriberIndex     Natv2SubscriberIndexOrZero
    }

natv2AddressMapInstanceIndex OBJECT-TYPE
    SYNTAX Natv2InstanceIndex
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Index of the NAT instance that generated this address map."
    ::= { natv2AddressMapEntry 1 }

natv2AddressMapInternalRealm OBJECT-TYPE
    SYNTAX SnmpAdminString (SIZE(0..32))
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Realm to which the internal address belongs.  In most cases,
         this is the realm defining the address space of the packet
         being translated.  However, in the case of DS-Lite (RFC
         6333), this realm defines the IPv6 outer header address
         space.  It is the combination of that outer header and
         the inner IPv4 packet header that is remapped to the
         external address and realm.  The corresponding IPv4 realm is
         restricted in scope to the tunnel, so there is no point in
         identifying it.  The mapped IPv4 address will normally be the
         well-known value 192.0.0.2, or at least lie in the reserved
         192.0.0.0/29 range.

         If natv2AddressMapSubscriberIndex in this table is a valid
         subscriber index (i.e., greater than zero), then the value
         of natv2AddressMapInternalRealm MUST be identical to the
         value of natv2SubscriberRealm associated with that index."
    REFERENCE
        "DS-Lite: RFC 6333, Sections 5.7 (for well-known addresses)
         and 6.6 (on the need to have the IPv6 tunnel address in
Top   ToC   RFC7659 - Page 62
         the NAT mapping tables)."
    ::= { natv2AddressMapEntry 2 }

natv2AddressMapInternalAddressType OBJECT-TYPE
    SYNTAX InetAddressType
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Address type in the header of packets on the
         interior side of this mapping.  Any value other than ipv4(1)
         or ipv6(2) would be unexpected.

         In the DS-Lite case, the address type is ipv6(2)."
    REFERENCE
        "DS-Lite: RFC 6333, Sections 5.7 (for well-known addresses)
         and 6.6 (on the need to have the IPv6 tunnel source
         address in the NAT mapping tables)."
    ::= { natv2AddressMapEntry 3 }

natv2AddressMapInternalAddress OBJECT-TYPE
    SYNTAX InetAddress (SIZE (0..16))
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Source address of packets originating from the interior
         of the association provided by this mapping.  The address
         type is given by natv2AddressMapInternalAddressType.

         In the case of DS-Lite (RFC 6333), this is the IPv6 tunnel
         source address.  The mapping in this case is considered to
         be from the combination of the IPv6 tunnel source address
         natv2AddressMapInternalRealmAddress and the well-known IPv4
         inner source address natv2AddressMapInternalMappedAddress to
         the external address."
    REFERENCE
        "DS-Lite: RFC 6333, Sections 5.7 (for well-known addresses)
         and 6.6 (on the need to have the IPv6 tunnel address in
         the NAT mapping tables)."
    ::= { natv2AddressMapEntry 4 }

natv2AddressMapRowIndex OBJECT-TYPE
    SYNTAX Unsigned32
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Index of a conceptual row corresponding to a mapping of the
         given internal realm and address to a single external realm
         and address.  Multiple rows will be present because of a
Top   ToC   RFC7659 - Page 63
         promiscuous external address selection policy, policies
         associating the same internal address with different address
         pools, or because the same internal realm-address
         combination is communicating with multiple external address
         realms."
    ::= { natv2AddressMapEntry 5 }

natv2AddressMapInternalMappedAddressType OBJECT-TYPE
    SYNTAX InetAddressType
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Internal address type actually translated by this mapping.
         Any value other than ipv4(1) or ipv6(2) would be unexpected.
         In the general case, this is the same as given by
         natv2AddressMapInternalRealmAddressType.  In the
         tunneled case, it is the address type used in the
         encapsulated packet header.  In particular, in the DS-Lite
         case, the mapped address type is ipv4(1)."
    REFERENCE
        "DS-Lite: RFC 6333."
    ::= { natv2AddressMapEntry 6 }

natv2AddressMapInternalMappedAddress OBJECT-TYPE
    SYNTAX InetAddress
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Internal address actually translated by this mapping.  In the
         general case, this is the same as
         natv2AddressMapInternalRealmAddress.  The address type is
         given by natv2AddressMapInternalMappedAddressType.  In the
         case of DS-Lite (RFC 6333), this is the source address of
         the encapsulated IPv4 packet, normally lying in the well-known
         range 192.0.0.0/29.  The mapping in this case is considered
         to be from the combination of the IPv6 tunnel source address
         natv2AddressMapInternalRealmAddress and the well-known IPv4
         inner source address natv2AddressMapInternalMappedAddress to
         the external address."
    REFERENCE
        "DS-Lite: RFC 6333, Sections 5.7 (for well-known addresses)
         and 6.6 (on the need to have the IPv6 tunnel address in
         the NAT mapping tables)."
    ::= { natv2AddressMapEntry 7 }

natv2AddressMapExternalRealm OBJECT-TYPE
    SYNTAX SnmpAdminString (SIZE(0..32))
    MAX-ACCESS read-only
Top   ToC   RFC7659 - Page 64
    STATUS current
    DESCRIPTION
        "External address realm to which this mapping maps the
         internal address.  This can be the same as the internal realm
         in the case of a 'hairpin' connection, but otherwise will be
         different."
    ::= { natv2AddressMapEntry 8 }

natv2AddressMapExternalAddressType OBJECT-TYPE
    SYNTAX InetAddressType
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Address type for the external realm.  Any value other than
         ipv4(1) or ipv6(2) would be unexpected."
    ::= { natv2AddressMapEntry 9 }

natv2AddressMapExternalAddress OBJECT-TYPE
    SYNTAX InetAddress
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "External address to which the internal address is mapped.
         The address type is given by
         natv2AddressMapExternalAddressType.

         In the DS-Lite case, the mapping is from the combination of
         the internal IPv6 tunnel source address as presented in this
         table and the well-known IPv4 source address of the
         encapsulated IPv4 packet."
    REFERENCE
        "DS-Lite: RFC 6333, Sections 5.7 (for well-known addresses)
         and 6.6 (on the need to have the IPv6 tunnel address in
         the NAT mapping tables)."
    ::= { natv2AddressMapEntry 10 }

natv2AddressMapExternalPoolIndex OBJECT-TYPE
    SYNTAX Natv2PoolIndexOrZero
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Index of the address pool in the external realm from which
         the mapped external address given in
         natv2AddressMapExternalAddress was taken.  Zero if the
         implementation does not support address pools but has chosen
         to support this object or if no pool was configured for the
         given external realm."
    ::= { natv2AddressMapEntry 11 }
Top   ToC   RFC7659 - Page 65
natv2AddressMapSubscriberIndex OBJECT-TYPE
    SYNTAX Natv2SubscriberIndexOrZero
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Index of the subscriber to which this address mapping
         applies, or zero if no subscribers are configured on
         this NAT instance."
    ::= { natv2AddressMapEntry 12 }

-- natv2PortMapTable

natv2PortMapTable OBJECT-TYPE
    SYNTAX SEQUENCE OF Natv2PortMapEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Table of port map entries indexed by the NAT instance,
         protocol, and external realm and address.  A port map entry
         associates an internal upper-layer protocol endpoint with an
         endpoint for the same protocol in the given external realm.
         By definition, this is a snapshot of NAT instance state at
         a given moment.  The table provides the basic mapping
         information.

         In the case of DS-Lite (RFC 6333), the table provides the
         internal IPv6 tunnel source address in
         natv2PortMapInternalRealmAddress and the IPv4 source address
         of the encapsulated packet that is actually translated in
         natv2PortMapInternalMappedAddress.  In the general (non-DS-
         Lite) case, those two objects will have the same value."
    REFERENCE
        "RFC 7659, Section 3.3.9.
         DS-Lite: RFC 6333, Sections 5.7
         (for well-known addresses) and 6.6 (on the need to have the
         IPv6 tunnel address in the NAT mapping tables)."
    ::= { natv2MIBInstanceObjects 6 }

natv2PortMapEntry OBJECT-TYPE
    SYNTAX Natv2PortMapEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "A single NAT mapping."
    INDEX { natv2PortMapInstanceIndex,
            natv2PortMapProtocol,
            natv2PortMapExternalRealm,
            natv2PortMapExternalAddressType,
Top   ToC   RFC7659 - Page 66
            natv2PortMapExternalAddress,
            natv2PortMapExternalPort }
    ::= { natv2PortMapTable 1 }

Natv2PortMapEntry ::=
    SEQUENCE {
        natv2PortMapInstanceIndex        Natv2InstanceIndex,
        natv2PortMapProtocol             ProtocolNumber,
        natv2PortMapExternalRealm        SnmpAdminString,
        natv2PortMapExternalAddressType  InetAddressType,
        natv2PortMapExternalAddress      InetAddress,
        natv2PortMapExternalPort         InetPortNumber,
        natv2PortMapInternalRealm        SnmpAdminString,
        natv2PortMapInternalAddressType  InetAddressType,
        natv2PortMapInternalAddress      InetAddress,
        natv2PortMapInternalMappedAddressType InetAddressType,
        natv2PortMapInternalMappedAddress     InetAddress,
        natv2PortMapInternalPort         InetPortNumber,
        natv2PortMapExternalPoolIndex    Natv2PoolIndexOrZero,
        natv2PortMapSubscriberIndex      Natv2SubscriberIndexOrZero
    }

natv2PortMapInstanceIndex OBJECT-TYPE
    SYNTAX Natv2InstanceIndex
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Index of the NAT instance that created this port map entry."
    ::= { natv2PortMapEntry 1 }

natv2PortMapProtocol OBJECT-TYPE
    SYNTAX ProtocolNumber
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "The map entry's upper-layer protocol number."
    ::= { natv2PortMapEntry 2 }

natv2PortMapExternalRealm OBJECT-TYPE
    SYNTAX SnmpAdminString (SIZE(0..32))
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "The realm to which natv2PortMapExternalAddress belongs."
    ::= { natv2PortMapEntry 3 }

natv2PortMapExternalAddressType OBJECT-TYPE
    SYNTAX InetAddressType
Top   ToC   RFC7659 - Page 67
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "Address type for the external realm.  A value other
         than ipv4(1) or ipv6(2) would be unexpected."
    ::= { natv2PortMapEntry 4 }

natv2PortMapExternalAddress OBJECT-TYPE
    SYNTAX InetAddress (SIZE (0..16))
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "The mapping's assigned external address.  (This address is
         taken from the address pool identified by
         natv2PortMapExternalPoolIndex, if the implementation
         supports address pools and pools are configured for the
         given external realm.)  This is the source address for
         translated outgoing packets.  The address type is given
         by natv2PortMapExternalAddressType."

    ::= { natv2PortMapEntry 5 }

natv2PortMapExternalPort OBJECT-TYPE
    SYNTAX InetPortNumber
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "The mapping's assigned external port number.  This is the
         source port for translated outgoing packets.  If the internal
         port number given by natv2PortMapInternalPort is zero, this
         value MUST also be zero.  Otherwise, this MUST be a non-zero
         value."
    ::= { natv2PortMapEntry 6 }

natv2PortMapInternalRealm OBJECT-TYPE
    SYNTAX SnmpAdminString (SIZE(0..32))
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "The realm to which natv2PortMapInternalRealmAddress belongs.
         In the general case, this realm contains the address that is
         being translated.  In the DS-Lite (RFC 6333) case, this realm
         defines the IPv6 address space from which the tunnel source
         address is taken.  The realm of the encapsulated IPv4 address
         is restricted in scope to the tunnel, so there is no point
         in identifying it separately."
    REFERENCE
        "DS-Lite: RFC 6333."
Top   ToC   RFC7659 - Page 68
    ::= { natv2PortMapEntry 7 }

natv2PortMapInternalAddressType OBJECT-TYPE
    SYNTAX InetAddressType
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Address type for addresses in the realm identified by
         natv2PortMapInternalRealm."
    ::= { natv2PortMapEntry 8 }

natv2PortMapInternalAddress OBJECT-TYPE
    SYNTAX InetAddress
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Source address for packets received under this mapping on
         the internal side of the NAT instance.  In the general case,
         this address is the same as the address given in
         natv2PortMapInternalMappedAddress.  In the DS-Lite case,
         natv2PortMapInternalAddress is the IPv6 tunnel source
         address.  The address type is given
         by natv2PortMapInternalAddressType."
    REFERENCE
        "DS-Lite: RFC 6333, Sections 5.7 (for well-known addresses)
         and 6.6 (on the need to have the IPv6 tunnel address in
         the NAT mapping tables)."
    ::= { natv2PortMapEntry 9 }

natv2PortMapInternalMappedAddressType OBJECT-TYPE
    SYNTAX InetAddressType
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Internal address type actually translated by this mapping.
         Any value other than ipv4(1) or ipv6(2) would be unexpected.
         In the general case, this is the same as given by
         natv2AddressMapInternalAddressType.  In the DS-Lite
         case, the address type is ipv4(1)."
    REFERENCE
        "DS-Lite: RFC 6333."
   ::= { natv2PortMapEntry 10 }

natv2PortMapInternalMappedAddress OBJECT-TYPE
    SYNTAX InetAddress
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
Top   ToC   RFC7659 - Page 69
        "Internal address actually translated by this mapping.  In the
         general case, this is the same as
         natv2PortMapInternalRealmAddress.  The address type is given
         by natv2PortMapInternalMappedAddressType.

         In the case of DS-Lite (RFC 6333), this is the source
         address of the encapsulated IPv4 packet, normally selected
         from the well-known range 192.0.0.0/29.  The mapping in this
         case is considered to be from the external address to the
         combination of the IPv6 tunnel source address
         natv2PortMapInternalRealmAddress and the well-known IPv4
         inner source address natv2PortMapInternalMappedAddress."
    REFERENCE
        "DS-Lite: RFC 6333, Sections 5.7 (for well-known addresses)
         and 6.6 (on the need to have the IPv6 tunnel address in
         the NAT mapping tables)."
    ::= { natv2PortMapEntry 11 }

natv2PortMapInternalPort OBJECT-TYPE
    SYNTAX InetPortNumber
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "The mapping's internal port number.  If this is zero, ports
         are not translated (i.e., the NAT instance is a pure NAT
         rather than a Network Address and Port Translator (NAPT))."
    ::= { natv2PortMapEntry 12 }

natv2PortMapExternalPoolIndex OBJECT-TYPE
    SYNTAX Natv2PoolIndexOrZero
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Identifies the address pool from which the external address
         in this port map entry was taken.  Zero if the implementation
         does not support address pools but has chosen to support
         this object or if no pools are configured for the given
         external realm."
    ::= { natv2PortMapEntry 13 }

natv2PortMapSubscriberIndex OBJECT-TYPE
    SYNTAX Natv2SubscriberIndexOrZero
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Subscriber using this map entry.  Zero if the implementation
         does not support subscribers but has chosen to support
         this object."
Top   ToC   RFC7659 - Page 70
    ::= { natv2PortMapEntry 14 }

-- Conformance section.  Specifies three cumulatively more extensive
-- applications: basic NAT, pooled NAT, and carrier-grade NAT.

natv2MIBConformance OBJECT IDENTIFIER ::= { natv2MIB 3 }

natv2MIBCompliances OBJECT IDENTIFIER ::= { natv2MIBConformance 1 }
natv2MIBGroups      OBJECT IDENTIFIER ::= { natv2MIBConformance 2 }

natv2MIBBasicCompliance MODULE-COMPLIANCE
    STATUS current
    DESCRIPTION
        "Describes the requirements for conformance to the basic NAT
         application of NATV2-MIB."
    MODULE  -- this module
        MANDATORY-GROUPS { natv2BasicNotificationGroup,
                           natv2BasicInstanceLevelGroup
                         }
    ::= { natv2MIBCompliances 1 }

natv2MIBPooledNATCompliance MODULE-COMPLIANCE
    STATUS current
    DESCRIPTION
        "Describes the requirements for conformance to the pooled NAT
         application of NATV2-MIB."
    MODULE  -- this module
        MANDATORY-GROUPS { natv2BasicNotificationGroup,
                           natv2BasicInstanceLevelGroup,
                           natv2PooledNotificationGroup,
                           natv2PooledInstanceLevelGroup
                         }
    ::= { natv2MIBCompliances 2 }

natv2MIBCGNCompliance MODULE-COMPLIANCE
    STATUS current
    DESCRIPTION
        "Describes the requirements for conformance to the
         carrier-grade NAT application of NATV2-MIB."
    MODULE  -- this module
        MANDATORY-GROUPS { natv2BasicNotificationGroup,
                           natv2BasicInstanceLevelGroup,
                           natv2PooledNotificationGroup,
                           natv2PooledInstanceLevelGroup,
                           natv2CGNNotificationGroup,
                           natv2CGNDeviceLevelGroup,
                           natv2CGNInstanceLevelGroup
                         }
Top   ToC   RFC7659 - Page 71
    ::= { natv2MIBCompliances 3 }

-- Groups

natv2BasicNotificationGroup NOTIFICATION-GROUP
    NOTIFICATIONS {
         natv2NotificationInstanceAddressMapEntriesHigh,
         natv2NotificationInstancePortMapEntriesHigh
    }
    STATUS  current
    DESCRIPTION
        "Notifications that MUST be supported by all NAT
         applications."
    ::= { natv2MIBGroups 1 }

natv2BasicInstanceLevelGroup OBJECT-GROUP
    OBJECTS {
-- from natv2InstanceTable
              natv2InstanceAlias,
              natv2InstancePortMappingBehavior,
              natv2InstanceFilteringBehavior,
              natv2InstanceFragmentBehavior,
              natv2InstanceAddressMapEntries,
              natv2InstancePortMapEntries,
              natv2InstanceTranslations,
              natv2InstanceAddressMapCreations,
              natv2InstanceAddressMapEntryLimitDrops,
              natv2InstanceAddressMapFailureDrops,
              natv2InstancePortMapCreations,
              natv2InstancePortMapEntryLimitDrops,
              natv2InstancePortMapFailureDrops,
              natv2InstanceFragmentDrops,
              natv2InstanceOtherResourceFailureDrops,
              natv2InstanceDiscontinuityTime,
              natv2InstanceThresholdAddressMapEntriesHigh,
              natv2InstanceThresholdPortMapEntriesHigh,
              natv2InstanceNotificationInterval,
              natv2InstanceLimitAddressMapEntries,
              natv2InstanceLimitPortMapEntries,
              natv2InstanceLimitPendingFragments,
-- from natv2ProtocolTable
              natv2ProtocolPortMapEntries,
              natv2ProtocolTranslations,
              natv2ProtocolPortMapCreations,
              natv2ProtocolPortMapFailureDrops,
-- from natv2AddressMapTable
              natv2AddressMapExternalRealm,
              natv2AddressMapExternalAddressType,
Top   ToC   RFC7659 - Page 72
              natv2AddressMapExternalAddress,
-- from natv2PortMapTable
              natv2PortMapInternalRealm,
              natv2PortMapInternalAddressType,
              natv2PortMapInternalAddress,
              natv2PortMapInternalPort
            }
    STATUS current
    DESCRIPTION
        "Per-instance objects that MUST be supported by
         implementations of all NAT applications."
    ::= { natv2MIBGroups 2 }

natv2PooledNotificationGroup NOTIFICATION-GROUP
    NOTIFICATIONS {
         natv2NotificationPoolUsageLow,
         natv2NotificationPoolUsageHigh
                  }
    STATUS  current
    DESCRIPTION
        "Notifications that MUST be supported by pooled and
         carrier-grade NAT applications."
    ::= { natv2MIBGroups 3 }

natv2PooledInstanceLevelGroup OBJECT-GROUP
    OBJECTS {
-- from natv2InstanceTable
                    natv2InstancePoolingBehavior,
-- from natv2PoolTable
                    natv2PoolRealm,
                    natv2PoolAddressType,
                    natv2PoolMinimumPort,
                    natv2PoolMaximumPort,
                    natv2PoolAddressMapEntries,
                    natv2PoolPortMapEntries,
                    natv2PoolAddressMapCreations,
                    natv2PoolPortMapCreations,
                    natv2PoolAddressMapFailureDrops,
                    natv2PoolPortMapFailureDrops,
                    natv2PoolDiscontinuityTime,
                    natv2PoolThresholdUsageLow,
                    natv2PoolThresholdUsageHigh,
                    natv2PoolNotifiedPortMapEntries,
                    natv2PoolNotifiedPortMapProtocol,
                    natv2PoolNotificationInterval,
-- from natv2PoolRangeTable
                    natv2PoolRangeBegin,
                    natv2PoolRangeEnd,
Top   ToC   RFC7659 - Page 73
-- from natv2AddressMapTable
                    natv2AddressMapExternalPoolIndex,
-- from natv2PortMapTable
                    natv2PortMapExternalPoolIndex
            }
    STATUS current
    DESCRIPTION
        "Per-instance objects that MUST be supported by
         implementations of the pooled and carrier-grade
         NAT applications."
    ::= { natv2MIBGroups 4 }

natv2CGNNotificationGroup NOTIFICATION-GROUP
    NOTIFICATIONS {
         natv2NotificationSubscriberPortMappingEntriesHigh
    }
    STATUS  current
    DESCRIPTION
        "Notification that MUST be supported by implementations
         of the carrier-grade NAT application."
    ::= { natv2MIBGroups 5 }

natv2CGNDeviceLevelGroup OBJECT-GROUP
    OBJECTS {
-- from table natv2SubscriberTable
              natv2SubscriberInternalRealm,
              natv2SubscriberInternalPrefixType,
              natv2SubscriberInternalPrefix,
              natv2SubscriberInternalPrefixLength,
              natv2SubscriberAddressMapEntries,
              natv2SubscriberPortMapEntries,
              natv2SubscriberTranslations,
              natv2SubscriberAddressMapCreations,
              natv2SubscriberPortMapCreations,
              natv2SubscriberAddressMapFailureDrops,
              natv2SubscriberPortMapFailureDrops,
              natv2SubscriberDiscontinuityTime,
              natv2SubscriberLimitPortMapEntries,
              natv2SubscriberThresholdPortMapEntriesHigh,
              natv2SubscriberNotificationInterval
            }
    STATUS current
    DESCRIPTION
        "Device-level objects that MUST be supported by the
         carrier-grade NAT application."
    ::= { natv2MIBGroups 6 }

natv2CGNInstanceLevelGroup OBJECT-GROUP
Top   ToC   RFC7659 - Page 74
    OBJECTS {
   -- from natv2InstanceTable
              natv2InstanceSubscriberActiveLimitDrops,
              natv2InstanceLimitSubscriberActives,
   -- from natv2AddressMapTable
              natv2AddressMapInternalMappedAddressType,
              natv2AddressMapInternalMappedAddress,
              natv2AddressMapSubscriberIndex,
   -- from natv2PortMapTable
              natv2PortMapInternalMappedAddressType,
              natv2PortMapInternalMappedAddress,
              natv2PortMapSubscriberIndex
            }
    STATUS current
    DESCRIPTION
        "Per-instance objects that MUST be supported by the
         carrier-grade NAT application."
    ::= { natv2MIBGroups 7 }

END



(page 74 continued on part 4)

Next Section