rfc3083.txt
来自「RFC 的详细文档!」· 文本 代码 · 共 1,778 行 · 第 1/5 页
TXT
1,778 行
counters for invalid KEK and TEK events, for key expirations and
renewals, and for duplicate messages. The CM and CMTS MUST
support viewing current authorization key sequence numbers and key
expiration times for failure diagnosis.
o The management interface needs to support dynamic control of the
distribution of IP multicast data traffic. This control includes
forwarding IP multicast traffic to the correct multicast group
(SID), and managing the membership lists of each multicast group
(SID). The CMTS MUST support configuring and viewing all IP
multicast forwarding state, and all multicast group memberships,
within the MAC domains of the CMTS.
3.3. Textual convention
CableLabs has required the implementation of prior versions of this
MIB in DOCSIS 1.0 cable modems that implement the Baseline Privacy
Interface, as a prerequisite for DOCSIS 1.0 certification.
The Baseline Privacy Interface MIB contains eight MIB objects defined
with the (now obsolete) DisplayString textual convention, and one MIB
object defined with the (now undesirable) IpAddress textual
convention.
In the judgment of the working group, it is preferable to keep these
less-than-desirable textual conventions, in order to maintain
backward compatibility and interoperability with DOCSIS 1.0 cable
modems that implemented previous versions of this MIB.
Woundy Informational [Page 7]
RFC 3083 DOCSIS Baseline Privacy MIB March 2001
4. Definitions
DOCS-BPI-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE,
Integer32, Counter32, IpAddress
FROM SNMPv2-SMI
DisplayString, MacAddress, RowStatus, TruthValue, DateAndTime
FROM SNMPv2-TC
OBJECT-GROUP, MODULE-COMPLIANCE
FROM SNMPv2-CONF
ifIndex
FROM IF-MIB
docsIfMib, docsIfCmServiceId, docsIfCmtsServiceId
FROM DOCS-IF-MIB
;
docsBpiMIB MODULE-IDENTITY
LAST-UPDATED "200103130000Z"
ORGANIZATION "IETF IPCDN Working Group"
CONTACT-INFO "Rich Woundy
Postal: Cisco Systems
250 Apollo Drive
Chelmsford, MA 01824 U.S.A.
Tel: +1 978 244 8000
E-mail: rwoundy@cisco.com
IETF IPCDN Working Group
General Discussion: ipcdn@ietf.org
Subscribe: http://www.ietf.org/mailman/listinfo/ipcdn
Archive: ftp://ftp.ietf.org/ietf-mail-archive/ipcdn
Co-chairs: Richard Woundy, rwoundy@cisco.com
Andrew Valentine, a.valentine@eu.hns.com"
DESCRIPTION
"This is the MIB Module for the DOCSIS Baseline Privacy Interface
(BPI) at cable modems (CMs) and cable modem termination systems
(CMTSs). CableLabs requires the implementation of this MIB in
DOCSIS 1.0 cable modems that implement the Baseline Privacy
Interface, as a prerequisite for DOCSIS 1.0 certification."
REVISION "200103130000Z"
DESCRIPTION
"Version published as RFC 3083."
REVISION "200011031930Z"
DESCRIPTION
"Modified by Richard Woundy to fix problems identified by the MIB
Woundy Informational [Page 8]
RFC 3083 DOCSIS Baseline Privacy MIB March 2001
doctor. I marked docsBpiCmtsDefaultAuthGraceTime and
docsBpiCmtsDefaultTEKGraceTime as obsolete objects, to prevent OID
reassignment. Several object descriptions were also corrected."
REVISION "200002161930Z"
DESCRIPTION
"Initial version.
CableLabs requires the implementation of this MIB in certified DOCSIS
1.0 cable modems implementing the Baseline Privacy Interface, per
DOCSIS 1.0 engineering change notice oss-n-99027."
::= { docsIfMib 5 }
docsBpiMIBObjects OBJECT IDENTIFIER ::= { docsBpiMIB 1 }
-- Cable Modem Group
docsBpiCmObjects OBJECT IDENTIFIER ::= { docsBpiMIBObjects 1 }
--
-- The BPI base and authorization table for CMs, indexed by ifIndex
--
docsBpiCmBaseTable OBJECT-TYPE
SYNTAX SEQUENCE OF DocsBpiCmBaseEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table describes the basic and authorization-related Baseline
Privacy attributes of each CM MAC interface."
::= { docsBpiCmObjects 1 }
docsBpiCmBaseEntry OBJECT-TYPE
SYNTAX DocsBpiCmBaseEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains objects describing attributes of one CM MAC
interface. An entry in this table exists for each ifEntry with an
ifType of docsCableMaclayer(127)."
INDEX { ifIndex }
::= { docsBpiCmBaseTable 1 }
DocsBpiCmBaseEntry ::= SEQUENCE {
docsBpiCmPrivacyEnable TruthValue,
docsBpiCmPublicKey OCTET STRING,
docsBpiCmAuthState INTEGER,
docsBpiCmAuthKeySequenceNumber Integer32,
docsBpiCmAuthExpires DateAndTime,
Woundy Informational [Page 9]
RFC 3083 DOCSIS Baseline Privacy MIB March 2001
docsBpiCmAuthReset TruthValue,
docsBpiCmAuthGraceTime Integer32,
docsBpiCmTEKGraceTime Integer32,
docsBpiCmAuthWaitTimeout Integer32,
docsBpiCmReauthWaitTimeout Integer32,
docsBpiCmOpWaitTimeout Integer32,
docsBpiCmRekeyWaitTimeout Integer32,
docsBpiCmAuthRejectWaitTimeout Integer32,
docsBpiCmAuthRequests Counter32,
docsBpiCmAuthReplies Counter32,
docsBpiCmAuthRejects Counter32,
docsBpiCmAuthInvalids Counter32,
docsBpiCmAuthRejectErrorCode INTEGER,
docsBpiCmAuthRejectErrorString DisplayString,
docsBpiCmAuthInvalidErrorCode INTEGER,
docsBpiCmAuthInvalidErrorString DisplayString
}
docsBpiCmPrivacyEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object identifies whether this CM is provisioned to run
Baseline Privacy. This is analogous to the presence (or absence)
of the Baseline Privacy Configuration Setting option. The status
of each individual SID with respect to Baseline Privacy is
captured in the docsBpiCmTEKPrivacyEnable object."
REFERENCE
"DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1."
::= { docsBpiCmBaseEntry 1 }
docsBpiCmPublicKey OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (74 | 106 | 140 | 270))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is a DER-encoded RSAPublicKey ASN.1 type
string, as defined in the RSA Encryption Standard (PKCS #1) [22],
corresponding to the public key of the CM. The 74, 106, 140, and
270 byte key encoding lengths correspond to 512 bit, 768 bit, 1024
bit, and 2048 public moduli respectively."
REFERENCE
"DOCSIS Baseline Privacy Interface Specification, Section 4.2.2.4."
::= { docsBpiCmBaseEntry 2 }
docsBpiCmAuthState OBJECT-TYPE
SYNTAX INTEGER {
Woundy Informational [Page 10]
RFC 3083 DOCSIS Baseline Privacy MIB March 2001
authWait(2),
authorized(3),
reauthWait(4),
authRejectWait(5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the state of the CM authorization
FSM. The start state indicates that FSM is in its initial state."
REFERENCE
"DOCSIS Baseline Privacy Interface Specification, Section 4.1.2.1."
::= { docsBpiCmBaseEntry 3 }
docsBpiCmAuthKeySequenceNumber OBJECT-TYPE
SYNTAX Integer32 (0..15)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the authorization key sequence number
for this FSM."
REFERENCE
"DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.2
and 4.2.2.10."
::= { docsBpiCmBaseEntry 4 }
docsBpiCmAuthExpires OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the actual clock time when the current
authorization for this FSM expires. If the CM does not have an active
authorization, then the value is of the expiration date and time of
the last active authorization."
REFERENCE
"DOCSIS Baseline Privacy Interface Specification, Sections 4.2.1.2
and 4.2.2.9."
::= { docsBpiCmBaseEntry 5 }
docsBpiCmAuthReset OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this object to TRUE generates a Reauthorize event in the
authorization FSM. Reading this object always returns FALSE."
REFERENCE
Woundy Informational [Page 11]
RFC 3083 DOCSIS Baseline Privacy MIB March 2001
"DOCSIS Baseline Privacy Interface Specification, Section 4.1.2.3.4."
::= { docsBpiCmBaseEntry 6 }
docsBpiCmAuthGraceTime OBJECT-TYPE
SYNTAX Integer32 (1..1800)
UNITS "seconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the grace time for an authorization key.
A CM is expected to start trying to get a new authorization key
beginning AuthGraceTime seconds before the authorization key actually
expires."
REFERENCE
"DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.3."
::= { docsBpiCmBaseEntry 7 }
docsBpiCmTEKGraceTime OBJECT-TYPE
SYNTAX Integer32 (1..1800)
UNITS "seconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the grace time for a TEK. A CM is
expected to start trying to get a new TEK beginning TEKGraceTime
seconds before the TEK actually expires."
REFERENCE
"DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.6."
::= { docsBpiCmBaseEntry 8 }
docsBpiCmAuthWaitTimeout OBJECT-TYPE
SYNTAX Integer32 (1..30)
UNITS "seconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the Authorize Wait Timeout."
REFERENCE
"DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.1."
::= { docsBpiCmBaseEntry 9 }
docsBpiCmReauthWaitTimeout OBJECT-TYPE
SYNTAX Integer32 (1..30)
UNITS "seconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the Reauthorize Wait Timeout in seconds."
Woundy Informational [Page 12]
RFC 3083 DOCSIS Baseline Privacy MIB March 2001
REFERENCE
"DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.2."
::= { docsBpiCmBaseEntry 10 }
docsBpiCmOpWaitTimeout OBJECT-TYPE
SYNTAX Integer32 (1..10)
UNITS "seconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the Operational Wait Timeout in seconds."
REFERENCE
"DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.4."
::= { docsBpiCmBaseEntry 11 }
docsBpiCmRekeyWaitTimeout OBJECT-TYPE
SYNTAX Integer32 (1..10)
UNITS "seconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the Rekey Wait Timeout in seconds."
REFERENCE
"DOCSIS Baseline Privacy Interface Specification, Appendix A.1.1.1.5."
::= { docsBpiCmBaseEntry 12 }
docsBpiCmAuthRejectWaitTimeout OBJECT-TYPE
SYNTAX Integer32 (1..600)
UNITS "seconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the Authorization Reject Wait Timeout in
seconds."
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?