-- This file is corresponding to Release 9.1.10.101 from 2014/08/11 00:00:00


-- (C)opyright 2003-2014 bintec elmeg GmbH
-- $RCSfile: mibipsectuning,v $ 
-- $Revision: 1.11 $ 

BIANCA-BRICK-IPSEC-TUNING-MIB DEFINITIONS ::= BEGIN
        IMPORTS
            IpAddress, Counter, TimeTicks, enterprises
                FROM RFC1155-SMI

            DisplayString
                FROM RFC1158-MIB
 
            Date, HexValue
                FROM BINTEC-MIB
 
            OBJECT-TYPE
                FROM RFC-1212;

    bintec       OBJECT IDENTIFIER ::= { enterprises 272 }
    bibo         OBJECT IDENTIFIER ::= { bintec 4 }


    -- Management Information for the IPSec Subsystem of the BIANCA/BRICK, 
    ipsec        OBJECT IDENTIFIER
        ::= { bibo 26 }


-- Global IPSec Tuning

	ipsecTuning OBJECT IDENTIFIER  ::= { ipsec 32 }
	--Static table containing tuning settings for IPSec


	ipsecTuneMaxPeers OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-only
            STATUS  mandatory
            DESCRIPTION
		"Maximum number of supported peers."
	    DEFVAL { 50000 }
	::= { ipsecTuning 1 }

	ipsecTunePeerHashLines OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-write
            STATUS  mandatory
            DESCRIPTION
		"Number of peer hash lines (i.e. hash modulo)."
	    DEFVAL { 128 }
	::= { ipsecTuning 2 }

	ipsecTuneMaxTrafs OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-only
            STATUS  mandatory
            DESCRIPTION
		"Maximum number of supported traffic list entries."
	    DEFVAL { 200000 }
	::= { ipsecTuning 3 }

	ipsecTuneTrafHashLines OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-write
            STATUS  mandatory
            DESCRIPTION
		"Number of traffic hash lines (i.e. hash modulo)."
	    DEFVAL { 256 }
	::= { ipsecTuning 4 }

	ipsecTuneSaBIDHashLines OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-write
            STATUS  mandatory
            DESCRIPTION
		"Number of SA bundle ID hash lines (i.e. hash modulo)."
	    DEFVAL { 256 }
	::= { ipsecTuning 5 }

	ipsecTuneSAIHashLines OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-write
            STATUS  mandatory
            DESCRIPTION
		"Number of SA identifier hash lines (i.e. hash modulo)."
	    DEFVAL { 256 }
	::= { ipsecTuning 6 }

	ipsecTuneTunRngHashLines OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-write
            STATUS  mandatory
            DESCRIPTION
		"Number of tunnel range hash lines (i.e. hash modulo)."
	    DEFVAL { 256 }
	::= { ipsecTuning 7 }

	ipsecTuneBundleIdxHashLines OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-write
            STATUS  mandatory
            DESCRIPTION
		"Number of bundle index hash lines (i.e. hash modulo)."
	    DEFVAL { 256 }
	::= { ipsecTuning 8 }

	ipsecTuneIfcHashLines OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-write
            STATUS  mandatory
            DESCRIPTION
		"Number of interface hash lines (i.e. hash modulo)."
	    DEFVAL { 128 }
	::= { ipsecTuning 9 }

	ipsecTuneDevHashLines OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-write
            STATUS  mandatory
            DESCRIPTION
		"Number of device hash lines (i.e. hash modulo)."
	    DEFVAL { 128 }
	::= { ipsecTuning 10 }

	ipsecTuneRtHashLines OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-write
            STATUS  mandatory
            DESCRIPTION
		"Number of route hash lines (i.e. hash modulo)."
	    DEFVAL { 128 }
	::= { ipsecTuning 11 }

	ipsecTuneExtRtHashLines OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-write
            STATUS  mandatory
            DESCRIPTION
		"Number of extended route hash lines (i.e. hash modulo)."
	    DEFVAL { 128 }
	::= { ipsecTuning 12 }

	ipsecTuneMaxCacheEntries OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-write
            STATUS  mandatory
            DESCRIPTION
		"Maximum number of cache entries allocated."
	    DEFVAL { 8192 }
	::= { ipsecTuning 13 }

	ipsecTuneCacheHashLines OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-write
            STATUS  mandatory
            DESCRIPTION
		"Number of cache hash lines (i.e. hash modulo)."
	    DEFVAL { 1024 }
	::= { ipsecTuning 14 }

	ipsecTuneMaxProfiles OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-only
            STATUS  mandatory
            DESCRIPTION
		"Maximum number of supported ipsec profile list entries."
	    DEFVAL { 30000 }
	::= { ipsecTuning 15 }

	ipsecTuneIPFragMaxBytes OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-write
            STATUS  mandatory
            DESCRIPTION
		"Maximum number of bytes stored in fragments. Exceeding this
		 limit results in discarding oldest trace(s)."
	    DEFVAL { 131072 }
	::= { ipsecTuning 16 }

	ipsecTuneIPFragMaxFragments OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-write
            STATUS  mandatory
            DESCRIPTION
		"Maximum number of stored fragments. Exceeding this
		 limit results in discarding oldest trace(s)."
	    DEFVAL { 128 }
	::= { ipsecTuning 17 }

	ipsecTuneIPFragMaxTraces OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-write
            STATUS  mandatory
            DESCRIPTION
		"Maximum number of traces. Exceeding this limit results in
		 discarding oldest trace(s)."
	    DEFVAL { 128 }
	::= { ipsecTuning 18 }

	ipsecTuneAutoRehashMaxEntriesPerLine OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-write
            STATUS  mandatory
            DESCRIPTION
		"This variable defines the average number of entries per hash
		 line, when rehashing is performed.
		 A value of 4 means e.g., that when the number of entries in a
		 hash table becomes four times the number of current anchors, a
		 rehash is performed. Value 0 has the special meaning of
		 turning off automatic rehashing, like negative values do.

		 NOTE: automatic rehashing overwrites any specific fix settings!

		 Default value is 4."
	    DEFVAL { 4 }
	::= { ipsecTuning 19 }

	ipsecTuneAutoRehashMaxRehashedEntriesPerLine OBJECT-TYPE
	    SYNTAX INTEGER
            ACCESS  read-write
            STATUS  mandatory
            DESCRIPTION
		"This variable defines the average number of entries per hash
		 line, when rehashing is finished.
		 A value of 2 means e.g., that, after rehashing finished, the
		 number of entries in the hash table is at most twice the
		 number of hash anchors (i.e. number of hash anchors increased
		 accordingly). If the value is configured to be greater or
		 equal to ipsecTuneAutoRehashMaxEntriesPerLine, automatic
		 rehashing is de facto disabled, automatic decreasing of hash
		 anchors isn't performed.

		 Default value is 2."
	    DEFVAL { 2 }
	::= { ipsecTuning 20 }

END
