ALU-IPSEC-MIB DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE,
    Counter64
        FROM SNMPv2-SMI

    MODULE-COMPLIANCE, OBJECT-GROUP
        FROM SNMPv2-CONF

    TEXTUAL-CONVENTION, TruthValue
        FROM SNMPv2-TC

    aluSARMIBModules, aluSARObjs,
    aluSARConfs, aluSARNotifyPrefix
        FROM ALU-SAR-GLOBAL-MIB

    tmnxIPsecMdaDpStatsEntry, tmnxIPsecTunnelEntry
        FROM TIMETRA-IPSEC-MIB

    svcId
        FROM TIMETRA-SERV-MIB

    sapPortId, sapEncapValue
        FROM TIMETRA-SAP-MIB
    
    tmnxChassisIndex, tmnxCardSlotNum,
    tmnxMDASlotNum
        FROM TIMETRA-CHASSIS-MIB
    ;

aluIPsecMIBModule MODULE-IDENTITY
        LAST-UPDATED "201104180000Z"
        ORGANIZATION "Nokia"
        CONTACT-INFO
            "Nokia SROS Support
             Web: http://support.nokia.com"
        DESCRIPTION
            "This document is the SNMP MIB  module to manage and provision
             the  Nokia 7705 device with IPsec tunneling, encryption
             and other related features.

             Copyright 2008-2014 Nokia. All rights reserved.

             Reproduction of  this document is authorized  on the condition 
             that the foregoing copyright notice is included.

             This SNMP MIB module (Specification) embodies Nokia's
             proprietary  intellectual  property. Nokia retains all 
             title and ownership in the Specification, including any revisions.

             Nokia grants all interested parties a non-exclusive 
             license to use and distribute an unmodified copy of this 
             Specification in connection with management of Nokia
             products, and without fee, provided this copyright notice and 
             license appear on all copies.

             This  Specification  is supplied `as is', and Nokia
             makes no warranty, either express or implied, as to the use, 
             operation, condition, or performance of the Specification."

--
--  Revision History
--
        REVISION        "201104180000Z"
        DESCRIPTION     "Rev 0.1                18 Apr 2014 00:00
                         Initial version of the ALU-IPSEC-MIB."

        ::= {aluSARMIBModules 16 }

aluIPsecObjects                 OBJECT IDENTIFIER ::= { aluSARObjs 19 }
aluIPsecNotificationsPrefix     OBJECT IDENTIFIER ::= { aluSARNotifyPrefix 15 }
    aluIPsecNotifications           OBJECT IDENTIFIER ::= { aluIPsecNotificationsPrefix 0 }
aluIPsecMIBConformance          OBJECT IDENTIFIER ::= { aluSARConfs 19 }

--
-- mib objects
--

--
-- ALU Extensions of tmnxIPsecMdaDpStatsEntry
--
aluExtIPsecMdaDpStatsTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF AluExtIPsecMdaDpStatsEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "Table to retrieve the IPsec Mda Data Path Statistics entries for 7705."
    ::= { aluIPsecObjects 1 }

aluExtIPsecMdaDpStatsEntry   OBJECT-TYPE
    SYNTAX      AluExtIPsecMdaDpStatsEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "Information about a single IPsec Mda Data Path Statistics entry for 7705."
    AUGMENTS {
        tmnxIPsecMdaDpStatsEntry
    }
    ::= { aluExtIPsecMdaDpStatsTable 1 }

AluExtIPsecMdaDpStatsEntry ::=
    SEQUENCE {
        aluExtIPsecMdaDpStatsIPFragDrop             Counter64
    }

aluExtIPsecMdaDpStatsIPFragDrop OBJECT-TYPE
    SYNTAX      Counter64
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The value of aluExtIPsecMdaDpStatsIPFragDrop indicates the 
         number of packets dropped before inbound (decryption) processing by
         the IPsec data path due to fragmentation. Re-assembly over IPsec
         tunnel is not supported on 7705."
    ::= { aluExtIPsecMdaDpStatsEntry 1 }

--
-- ALU Extensions of tmnxIPsecTunnelEntry
--
aluExtIPsecTunnelTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF AluExtIPsecTunnelEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "Table to store the IPsec Tunnel entries for 7705."
    ::= { aluIPsecObjects 2 }

aluExtIPsecTunnelEntry OBJECT-TYPE
    SYNTAX      AluExtIPsecTunnelEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "Information about a single IPsec Tunnel entry for 7705."
    AUGMENTS {
        tmnxIPsecTunnelEntry
    }
    ::= { aluExtIPsecTunnelTable 1 }

AluExtIPsecTunnelEntry ::=
    SEQUENCE {
        aluExtIPsecTunnelCopyDfBit                      TruthValue
    }

aluExtIPsecTunnelCopyDfBit  OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION 
        "The value of aluExtIPsecTunnelCopyDfBit specifies whether to copy
         Do not Fragment (DF) bit in the outgoing packets' IPsec tunnel 
         header from the customer clear traffic. If disabled, the DF bit of
         the IPsec tunnel header will always be set to 1."
    DEFVAL { false }
    ::= { aluExtIPsecTunnelEntry 1 }

--
-- Notification Information
--

--
-- Conformance Information
--
aluIPsecMIBCompliances OBJECT IDENTIFIER ::= { aluIPsecMIBConformance 1 }
aluIPsecMIBGroups      OBJECT IDENTIFIER ::= { aluIPsecMIBConformance 2 }

--
-- Compliance Statements
--
aluIPsec7705V6v1Compliance MODULE-COMPLIANCE
    STATUS  current
    DESCRIPTION
        "The compliance statement for management of IPsec features
         on Nokia 7705 SAR series systems."
    MODULE  -- this module
        MANDATORY-GROUPS {
            aluIPsecMdaDpStatsGroup,
            aluIPsecGroup
        }
    ::= { aluIPsecMIBCompliances 1 }

--
-- Units of conformance
--
aluIPsecMdaDpStatsGroup OBJECT-GROUP
    OBJECTS {
                aluExtIPsecMdaDpStatsIPFragDrop
            }
    STATUS    current
    DESCRIPTION
        "The group of objects for IPsec Mda Data Path Statistics
         on Nokia 7705 SAR series systems."
    ::= { aluIPsecMIBGroups 1 }

aluIPsecGroup OBJECT-GROUP
    OBJECTS {
                aluExtIPsecTunnelCopyDfBit
            }
    STATUS    current
    DESCRIPTION
        "The group of objects supporting the IPsec Feature capabilities 
         on Nokia 7705 SAR series systems."
    ::= { aluIPsecMIBGroups 2 }

END
