You are here:

MonitorTools.com > Technical documentation > SNMP > MIB > Cisco > CISCO-DYNAMIC-ARP-INSPECTION-MIB
ActiveXperts Network Monitor 2019##AdminFavorites

CISCO-DYNAMIC-ARP-INSPECTION-MIB by vendor Cisco

CISCO-DYNAMIC-ARP-INSPECTION-MIB file content

The SNMP protocol is used to for conveying information and commands between agents and managing entities. SNMP uses the User Datagram Protocol (UDP) as the transport protocol for passing data between managers and agents. The reasons for using UDP for SNMP are, firstly it has low overheads in comparison to TCP, which uses a 3-way hand shake for connection. Secondly, in congested networks, SNMP over TCP is a bad idea because TCP in order to maintain reliability will flood the network with retransmissions.

Management information (MIB) is represented as a collection of managed objects. These objects together form a virtual information base called MIB. An agent may implement many MIBs, but all agents must implement a particular MIB called MIB-II [16]. This standard defines variables for things such as interface statistics (interface speeds, MTU, octets sent, octets received, etc.) as well as various other things pertaining to the system itself (system location, system contact, etc.). The main goal of MIB-II is to provide general TCP/IP management information.

Use ActiveXperts Network Monitor 2019 to import vendor-specific MIB files, inclusing CISCO-DYNAMIC-ARP-INSPECTION-MIB.


Vendor: Cisco
Mib: CISCO-DYNAMIC-ARP-INSPECTION-MIB  [download]  [view objects]
Tool: ActiveXperts Network Monitor 2019 [download]    (ships with advanced SNMP/MIB tools)
-- *****************************************************************
-- CISCO-DYNAMIC-ARP-INSPECTION-MIB
--
-- October 2003, Edward Pham
--
-- Copyright (c) 2003 by cisco Systems, Inc.
-- All rights reserved.
-- *****************************************************************

CISCO-DYNAMIC-ARP-INSPECTION-MIB DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY, 
    Unsigned32,
    OBJECT-TYPE
        FROM SNMPv2-SMI

    MODULE-COMPLIANCE,
    OBJECT-GROUP
        FROM SNMPv2-CONF

    TruthValue
        FROM SNMPv2-TC

    ifIndex
        FROM IF-MIB

    VlanIndex
        FROM Q-BRIDGE-MIB

    ciscoMgmt
        FROM CISCO-SMI;

ciscoDynamicArpInspectionMIB MODULE-IDENTITY
    LAST-UPDATED "200310291500Z"
    ORGANIZATION "Cisco Systems, Inc."
    CONTACT-INFO
        "        Cisco Systems
                 Customer Service

         Postal: 170 W Tasman Drive
                 San Jose, CA 95134
                 USA

            Tel: +1 800 553-NETS

         E-mail: cs-lan-switch-snmp@cisco.com"
    DESCRIPTION
        "The MIB module is for configuration of Dynamic ARP Inspection 
         feature. Dynamic ARP Inspection is a security mechanism which
         validate ARP packets seen on access ports." 
    REVISION    "200310291500Z"
    DESCRIPTION
        "Initial revision of this MIB module."
    ::= { ciscoMgmt 374 } 

cdaiMIBNotifs
    OBJECT IDENTIFIER ::= { ciscoDynamicArpInspectionMIB 0 }
cdaiMIBObjects
    OBJECT IDENTIFIER ::= { ciscoDynamicArpInspectionMIB 1 }
cdaiMIBConformance
    OBJECT IDENTIFIER ::= { ciscoDynamicArpInspectionMIB 2 }

cdaiGlobal
    OBJECT IDENTIFIER ::= { cdaiMIBObjects 1 }
cdaiVlan
    OBJECT IDENTIFIER ::= { cdaiMIBObjects 2 }
cdaiInterface
    OBJECT IDENTIFIER ::= { cdaiMIBObjects 3 }

--
-- The Global group  
-- 

cdaiLoggingEnable  OBJECT-TYPE
    SYNTAX        TruthValue
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION
        "This object indicates whether the Dynamic ARP Inspection
        logging is enabled on the device.

        If this object is set to 'true', Dynamic ARP Inspection
        logging is enabled.

        If this object is set to 'false', Dynamic ARP Inspection
        loging is disabled."
    ::= { cdaiGlobal 1 }


--
--  The Dynamic ARP Inspection VLAN Config Table
--

cdaiVlanConfigTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF CdaiVlanConfigEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "A table provides the mechanism to control Dynamic ARP
        Inspection per VLAN. When a VLAN is created in a device
        supporting this table, a corresponding entry of this table
        will be added." 
    ::= { cdaiVlan 1 }
 
cdaiVlanConfigEntry OBJECT-TYPE
    SYNTAX       CdaiVlanConfigEntry 
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "A row instance contains the configuration to enable
         or disable Dynamic ARP Inspection at each existing VLAN." 
    INDEX { cdaiVlanIndex }
    ::= { cdaiVlanConfigTable 1 }

CdaiVlanConfigEntry ::= SEQUENCE {
    cdaiVlanIndex                  VlanIndex,
    cdaiVlanDynArpInspEnable       TruthValue 
}
 
cdaiVlanIndex OBJECT-TYPE
    SYNTAX      VlanIndex 
    MAX-ACCESS  not-accessible 
    STATUS      current
    DESCRIPTION
        "This object indicates the VLAN number on which Dynamic ARP
        Inspection feature is configured." 
    ::= { cdaiVlanConfigEntry 1 }

cdaiVlanDynArpInspEnable OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "This object indicates whether Dynamic ARP Inspection is
         enabled in this VLAN.

         If this object is set to 'true', Dynamic ARP Inspection
         is enabled. 

         If this object is set to 'false', Dynamic ARP Inspection
         is disabled."
    ::= { cdaiVlanConfigEntry 2 }


--
-- The Dynamic ARP Inspection Interface Config Table
--

cdaiIfConfigTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF CdaiIfConfigEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "A table provides the mechanism to configure the trust
        state for Dynamic ARP Inspection purpose at each physical
        interface capable of this feature. Some of the interfaces
        (but not limited to) for which this feature might be
        applicable are: ifType = ethernetCsmacd(6)." 
    ::= { cdaiInterface 1 }
 
cdaiIfConfigEntry OBJECT-TYPE
    SYNTAX       CdaiIfConfigEntry 
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "A row instance contains the configuration to enable or
        disable trust state for Dynamic ARP Inspection at each
        physical interface capable of this feature." 
    INDEX { ifIndex }
    ::= { cdaiIfConfigTable 1 }

CdaiIfConfigEntry ::= SEQUENCE {
    cdaiIfTrustEnable       TruthValue 
}
 
cdaiIfTrustEnable OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "This object indicates whether the interface is trusted for
        Dynamic ARP Inspection purpose. 

        If this object is set to 'true', the interface is trusted.
        ARP packets coming to this interface will be forwarded
        without checking.

        If this object is set to 'false', the interface is not
        trusted. ARP packets coming to this interface will be
        subjected to ARP inspection." 
    ::= { cdaiIfConfigEntry 1 }

--
-- The Dynamic ARP Inspection Rate Limit Interface Config Table
--

cdaiIfRateLimitTable OBJECT-TYPE
    SYNTAX       SEQUENCE OF CdaiIfRateLimitEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "A table provides the mechanism to configure the rate limit
        for Dynamic ARP Inspection purpose at each physical interface
        capable of this feature." 
    ::= { cdaiInterface 2 }
 
cdaiIfRateLimitEntry OBJECT-TYPE
    SYNTAX       CdaiIfRateLimitEntry 
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "A row instance contains the configuration of rate limit 
        Dynamic ARP Inspection at each physical interface capable
        of this feature." 
    INDEX { ifIndex }
    ::= { cdaiIfRateLimitTable 1 }

CdaiIfRateLimitEntry ::= SEQUENCE {
    cdaiIfRateLimit     Unsigned32 
}
 
cdaiIfRateLimit OBJECT-TYPE
    SYNTAX      Unsigned32 
    UNITS       "packet per second"
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "This object indicates rate limit value for Dynamic ARP
         Inspection purpose. If the incoming rate of ARP packets 
         exceeds the value of this object, ARP packets will be
         dropped. " 
    ::= { cdaiIfRateLimitEntry 1 }

-- Conformance

cdaiMIBCompliances
    OBJECT IDENTIFIER ::= { cdaiMIBConformance 1 }

cdaiMIBGroups
    OBJECT IDENTIFIER ::= { cdaiMIBConformance 2 }

cdaiMIBCompliance MODULE-COMPLIANCE
    STATUS  current
    DESCRIPTION
        "The compliance statement for CISCO-DYNAMIC-ARP-INSPECTION-MIB"
    MODULE
    MANDATORY-GROUPS { 
            cdaiVlanConfigGroup,
            cdaiIfConfigGroup
    }
   
    GROUP cdaiGlobalLoggingGroup
    DESCRIPTION
        "This group is mandatory only for the platform which supports
         enabling Dynamic ARP Inspection logging at the device level."

    GROUP cdaiIfRateLimitGroup
    DESCRIPTION
        "This group is mandatory only for the platform which supports
         Dynamic ARP Inspection rate limit per interface."

    ::= { cdaiMIBCompliances 1 }

-- Units of Conformance

-- cdaiGlobalGroup

cdaiGlobalLoggingGroup OBJECT-GROUP
    OBJECTS {
        cdaiLoggingEnable
    }
    STATUS current
    DESCRIPTION
        "A collection of object which is used to configure Dynamic
        ARP Inspection logging."
    ::= { cdaiMIBGroups 1 }

cdaiVlanConfigGroup OBJECT-GROUP
    OBJECTS {
        cdaiVlanDynArpInspEnable
    }
    STATUS current
    DESCRIPTION
        "A collection of object which are used to configure as
         well as show information regarding the Dynamic ARP
         Inspection feature per VLAN."
    ::= { cdaiMIBGroups 2 }

cdaiIfConfigGroup OBJECT-GROUP
    OBJECTS {
        cdaiIfTrustEnable        
    }
    STATUS current
    DESCRIPTION
        "A collection of object which are used to configure as
         well as show information regarding the interface trust
         state for Dynamic ARP Inspection purpose."
    ::= { cdaiMIBGroups 3 }

cdaiIfRateLimitGroup OBJECT-GROUP
    OBJECTS {
        cdaiIfRateLimit        
    }
    STATUS current
    DESCRIPTION
        "A collection of object which are used to configure as
         well as show information regarding the rate limit per 
         interface for Dynamic ARP Inspection purpose."
    ::= { cdaiMIBGroups 4 }

END