-- Copyright (C) 2008-2014 Super Micro Computer Inc. All Rights Reserved

-- $Id: fsipdb.mib,v 1.5 2012/09/07 09:52:05 siva Exp $

-- IP-BINDING-DATABASE Proprietary MIB Definition

-- This MIB contains scalars and tables used to configure/storing
-- (HOST, IP) binding informations.

   SUPERMICRO-IPDB-MIB DEFINITIONS ::= BEGIN
      IMPORTS
         MODULE-IDENTITY, OBJECT-TYPE,
         enterprises, IpAddress, Counter32,
         Integer32, Unsigned32                    FROM SNMPv2-SMI
         RowStatus, MacAddress                    FROM SNMPv2-TC
         InterfaceIndex                           FROM IF-MIB;


fsipdb  MODULE-IDENTITY
        LAST-UPDATED "201209050000Z"
        ORGANIZATION "Super Micro Computer Inc."
        CONTACT-INFO "support@Supermicro.com"

        DESCRIPTION
            " The proprietary MIB module for IPDB module. Used to maintain 
            the hosts IP, MAC & VLAN in a database which will be used to 
            allow/drop the incoming IP traffic on a specific interface. "
        REVISION "201209050000Z"
        DESCRIPTION
            " Inclusion of debug option for IPDB module. "
        REVISION "201005240000Z"
        DESCRIPTION
            " Addition of 'fsIpDbSrcGuardConfigTable', which is used to 
            configure IP source guard status per Layer 2 interfaces basis. 
            IP source guard is used to restrict the IP traffic on Layer 2 
            interfaces by filtering traffic based on the IP binding 
            database."
        REVISION "201005170000Z"
        DESCRIPTION
            "Grammatical and Spelling mistakes are removed. "
        ::=  { enterprises supermicro-computer-inc(10876) super-switch(101) 
        basic(2) 2}

-- ***************************************************************************
--                         Groups in the MIB
-- ***************************************************************************
    fsIpDbScalars               OBJECT IDENTIFIER ::= { fsipdb 1 }
    fsIpDbStatic                OBJECT IDENTIFIER ::= { fsipdb 2 }
    fsIpDbBindings              OBJECT IDENTIFIER ::= { fsipdb 3 }
    fsIpDbInterface             OBJECT IDENTIFIER ::= { fsipdb 4 }
    fsIpDbSrcGuard              OBJECT IDENTIFIER ::= { fsipdb 5 }

-- ***************************************************************************
--                               SCALARS
-- ***************************************************************************
    
    fsIpDbNoOfBindings OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "Indicates the total number of (host, IP) bindings, across 
            all VLAN's, at a given time. This is nothing but the total 
            number of entries in the IP binding database"
    ::= { fsIpDbScalars 1 }
        
    fsIpDbNoOfStaticBindings OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "Indicates the total number of static (host, IP) bindings, 
            across all VLANS, at the given time."
    ::= { fsIpDbScalars 2 }
                                                                    
    fsIpDbNoOfDHCPBindings OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "Indicates the total number of (host, IP) bindings configured 
             through DHCP, across all VLANS, at the given time."
    ::= { fsIpDbScalars 3 }

    fsIpDbNoOfPPPBindings OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "Indicates the total number of (host, IP) bindings configured 
             through PPP, across all VLANS, at the given time."
    ::= { fsIpDbScalars 4 }

    fsIpDbTraceLevel OBJECT-TYPE 
        SYNTAX      Integer32 
        MAX-ACCESS  read-write 
        STATUS      current 
        DESCRIPTION 
            "This object is used to enable trace statements in IP binding 
            database module.

            A four byte integer is used for enabling the trace level.  
            Each bit in the four byte integer represents a particular  
            trace level.  

            The mapping between the bit positions & the trace level is  
            as follows:  
                    BIT 1 - Function entry traces
                    BIT 2 - Function Exit traces
                    BIT 3 - Debug traces
                    BIT 4 - Failure traces
                    BIT 5 - Function arguments trace

            The remaining bits are unused. Combination of levels are  
            also allowed. 
 
            For example if the bits 1 and 2 are set, then the trace 
            statement related to function entry and exit will be printed. 
 
            The user has to enter the corresponding integer value for the 
            bits set. For example if bits 1 and 2 are to be set ,then user
            has to give the value 6." 
          ::= { fsIpDbScalars 5 }


-- ***************************************************************************
--                               GROUPS
-- ***************************************************************************

-- ********************** (HOST, IP) Static Bindings *************************

    fsIpDbStaticBindingTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF FsIpDbStaticBindingEntry
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION
            "This table contains the static Host IP configuration 
             information."
    ::= { fsIpDbStatic 1}

    fsIpDbStaticBindingEntry OBJECT-TYPE
        SYNTAX FsIpDbStaticBindingEntry
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION
            "A single entry contains the binding information of a single 
             host connected to the system."
        INDEX { 
                fsIpDbStaticHostVlanId,
                fsIpDbStaticHostMac
              }
    ::= { fsIpDbStaticBindingTable 1 }

    FsIpDbStaticBindingEntry ::= SEQUENCE {
        fsIpDbStaticHostVlanId      Integer32,
        fsIpDbStaticHostMac         MacAddress,
        fsIpDbStaticHostIp          IpAddress,
        fsIpDbStaticInIfIndex       Integer32,
        fsIpDbStaticGateway         IpAddress,
        fsIpDbStaticBindingStatus   RowStatus
    }
    
    fsIpDbStaticHostVlanId OBJECT-TYPE
        SYNTAX      Integer32 (1..4094)
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "The VLAN ID to which the host belongs. This is an index of 
             the table."
    ::= { fsIpDbStaticBindingEntry 1 }
    
    fsIpDbStaticHostMac OBJECT-TYPE
        SYNTAX      MacAddress
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "MAC address of the Host. This is an index of the table."
    ::= { fsIpDbStaticBindingEntry 2 }
 
    fsIpDbStaticHostIp OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "IP address of the Host."
    ::= { fsIpDbStaticBindingEntry 3 }
        
    fsIpDbStaticInIfIndex OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "Indicates the interface to which the host is connected."
    ::= { fsIpDbStaticBindingEntry 4 }

    fsIpDbStaticGateway OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "Indicates the gateway to which the Host have access to."
    ::= { fsIpDbStaticBindingEntry 5 }

    fsIpDbStaticBindingStatus OBJECT-TYPE
        SYNTAX      RowStatus
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "The rowstatus of the binding table entry. All the objects in the 
             table must be filled before making the rowstatus as active."
    ::= { fsIpDbStaticBindingEntry 6 }

-- ********************** (HOST, IP) Binding Database ************************

    fsIpDbBindingTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF FsIpDbBindingEntry
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION
            "This table contains the information about all the hosts connected
             to the system, their MAC Address, VLAN, IP etc."
    ::= { fsIpDbBindings 1}

    fsIpDbBindingEntry OBJECT-TYPE
        SYNTAX FsIpDbBindingEntry
        MAX-ACCESS      not-accessible
        STATUS          current
        DESCRIPTION
            "A single entry contains the binding information of a single 
             host connected to the system."
        INDEX { 
                fsIpDbHostVlanId,
                fsIpDbHostMac
              }
    ::= { fsIpDbBindingTable 1 }

    FsIpDbBindingEntry ::= SEQUENCE {
        fsIpDbHostVlanId        Integer32,
        fsIpDbHostMac           MacAddress,
        fsIpDbHostBindingType   INTEGER,
        fsIpDbHostIp            IpAddress,
        fsIpDbHostInIfIndex     Integer32,
        fsIpDbHostRemLeaseTime  Integer32,
        fsIpDbHostBindingID     Unsigned32
    }
    
    fsIpDbHostVlanId OBJECT-TYPE
        SYNTAX      Integer32 (1..4094)
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "The VLAN ID to which the host belongs. This is an index of 
             the table."
    ::= { fsIpDbBindingEntry 1 }

    fsIpDbHostMac OBJECT-TYPE
        SYNTAX      MacAddress
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "MAC address of the Host. This is an index of the table."
    ::= { fsIpDbBindingEntry 2 }
    
    fsIpDbHostBindingType OBJECT-TYPE
        SYNTAX      INTEGER { static (1), dhcp (2), ppp (3) }
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "Specifies whether the entry was configured through static 
            or dynamically learnt through DHCP or PPP."
    ::= { fsIpDbBindingEntry 3 }
    
    fsIpDbHostIp OBJECT-TYPE
        SYNTAX      IpAddress
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "IP address of the Host."
    ::= { fsIpDbBindingEntry 4 }
        
    fsIpDbHostInIfIndex OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "Indicates the interface to which the host is connected."
    ::= { fsIpDbBindingEntry 5 }

    fsIpDbHostRemLeaseTime OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "The Remaining lease time in seconds for the (host, IP) binding. 
             Applicable only if the fsIpDbBindingType is DHCP."
    ::= { fsIpDbBindingEntry 6 }

    fsIpDbHostBindingID OBJECT-TYPE
        SYNTAX      Unsigned32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "An integer value that identifies the binding type. For Static 
            Bindings, this value is 0. For DHCP Bindings, this is the 
            transaction ID. For PPP Bindings, this is the session ID 
            of PPPoE session."
    ::= { fsIpDbBindingEntry 7 }



--  Below is the Gateway Table corresponding to each binding entry. 
--  Each binding entry will contain a table of Gateway IPs, 
--  which will contain atleast one (default gateway) gateway IP entry.

        fsIpDbGatewayIpTable OBJECT-TYPE
            SYNTAX  SEQUENCE OF FsIpDbGatewayIpEntry
            MAX-ACCESS  not-accessible
            STATUS      current
            DESCRIPTION
                "This table is a part of FsDhcpSnpBindingEntry. The table 
                 contains IP address of Gateways allowed for the host.
                 The host will be allowed to contact only these Gateways."
        ::= { fsIpDbBindings 2 }

        fsIpDbGatewayIpEntry OBJECT-TYPE
            SYNTAX FsIpDbGatewayIpEntry
            MAX-ACCESS  not-accessible
            STATUS      current
            DESCRIPTION
                "Each entry contains an IP address of Gateway allowed for 
                the host."
            INDEX { 
                    fsIpDbHostMac,
                    fsIpDbHostVlanId,
                    fsIpDbGatewayNetwork,
                    fsIpDbGatewayNetMask,
                    fsIpDbGatewayIp
                  }
        ::= { fsIpDbGatewayIpTable 1 }
    
        FsIpDbGatewayIpEntry ::= SEQUENCE {
            fsIpDbGatewayNetwork    IpAddress,
            fsIpDbGatewayNetMask    IpAddress,
            fsIpDbGatewayIp         IpAddress,
            fsIpDbGatewayIpMode     INTEGER
        }
    
        fsIpDbGatewayNetwork OBJECT-TYPE
            SYNTAX      IpAddress
            MAX-ACCESS  not-accessible
            STATUS      current
            DESCRIPTION
                "The network IP address of the gateway."
        ::= { fsIpDbGatewayIpEntry 1 }
        
        fsIpDbGatewayNetMask OBJECT-TYPE
            SYNTAX      IpAddress
            MAX-ACCESS  not-accessible
            STATUS      current
            DESCRIPTION
                "The mask for the network to which the gateway is given."
        ::= { fsIpDbGatewayIpEntry 2 }

        fsIpDbGatewayIp OBJECT-TYPE
            SYNTAX      IpAddress
            MAX-ACCESS  not-accessible
            STATUS      current
            DESCRIPTION
                "The Gateway IP for the given network."
        ::= { fsIpDbGatewayIpEntry 3 }

        fsIpDbGatewayIpMode OBJECT-TYPE
            SYNTAX      INTEGER { active (0) }
            MAX-ACCESS  read-only
            STATUS      current
            DESCRIPTION
                "The Gateway IP verification mode while ARP 
                packet processing. "
        ::= { fsIpDbGatewayIpEntry 4 }

-- **************************** Interface Entry ******************************

    fsIpDbInterfaceTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF FsIpDbInterfaceEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "This table contains the interface (layer 2 VLAN) specific
             informations."
    ::= { fsIpDbInterface 1 }

    fsIpDbInterfaceEntry OBJECT-TYPE
        SYNTAX FsIpDbInterfaceEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "Each entry will contain statistics associated with the interface."
        INDEX { fsIpDbIntfVlanId }
    ::= { fsIpDbInterfaceTable 1 }

    FsIpDbInterfaceEntry ::= SEQUENCE {
        fsIpDbIntfVlanId                    Integer32,
        fsIpDbIntfNoOfVlanBindings          Counter32,
        fsIpDbIntfNoOfVlanStaticBindings    Counter32,
        fsIpDbIntfNoOfVlanDHCPBindings      Counter32,
        fsIpDbIntfNoOfVlanPPPBindings       Counter32
    }

    fsIpDbIntfVlanId OBJECT-TYPE
        SYNTAX      Integer32 (1..4094)
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "Vlan ID of the VLAN to which this table-entry is associated."
    ::= { fsIpDbInterfaceEntry 1 }

    fsIpDbIntfNoOfVlanBindings OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "This indicates the total number of (host, IP) bindings for 
            a given VLAN at a given time."
    ::= { fsIpDbInterfaceEntry 2 }

    fsIpDbIntfNoOfVlanStaticBindings OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "This indicates the total number of static (host, IP) bindings 
            for a VLAN at a given time. "
    ::= { fsIpDbInterfaceEntry 3 }

    fsIpDbIntfNoOfVlanDHCPBindings OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "This indicates the total number of (host, IP) bindings 
            configured through DHCP for a VLAN at a given time. "
    ::= { fsIpDbInterfaceEntry 4 }

    fsIpDbIntfNoOfVlanPPPBindings OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION
            "This indicates the total number of (host, IP) bindings 
            configured through PPP for a VLAN at a given time. "
    ::= { fsIpDbInterfaceEntry 5 }

-- ======================================================
-- IP source guard table
-- ======================================================
fsIpDbSrcGuardConfigTable   OBJECT-TYPE
    SYNTAX              SEQUENCE OF FsIpDbSrcGuardConfigEntry
    MAX-ACCESS          not-accessible
    STATUS              current
    DESCRIPTION
    " This table provides the objects to enable or disable
    IP source guard on each non routed Layer 2 interfaces. 

    When DHCP Snooping is enabled at an interface, a list of 
    IP addresses is obtained through DHCP snooping for this 
    particular interface and these list of IP address are 
    maintained in IP binding database along with the MAC, 
    VLAN ID and interface index. This database can be populated 
    using static configuration also. 
    
    If IP source guard is enabled, incoming IP traffic on an 
    interface are allowed when there is a matching entry in IP 
    binding database. Else, all incoming IP traffic on an 
    interface are allowed irrespective of the IP binding database."
    ::= { fsIpDbSrcGuard 1 }


fsIpDbSrcGuardConfigEntry   OBJECT-TYPE
    SYNTAX              FsIpDbSrcGuardConfigEntry
    MAX-ACCESS          not-accessible
    STATUS              current
    DESCRIPTION
    " Each row instance contains the configuration to enable
    or disable IP source guard on a physical interface. " 
    INDEX { fsIpDbSrcGuardIndex }
    ::= { fsIpDbSrcGuardConfigTable 1 }

FsIpDbSrcGuardConfigEntry ::= SEQUENCE {
    fsIpDbSrcGuardIndex  InterfaceIndex,
    fsIpDbSrcGuardStatus INTEGER
}

fsIpDbSrcGuardIndex OBJECT-TYPE
    SYNTAX       InterfaceIndex
    MAX-ACCESS   not-accessible 
    STATUS       current
    DESCRIPTION
       "This indicates the interface identifier for which the IP source 
        guard configuration is applied." 
    ::= { fsIpDbSrcGuardConfigEntry  1 }

fsIpDbSrcGuardStatus  OBJECT-TYPE
    SYNTAX              INTEGER { 
                            disable(1), 
                            ip (2),
                            ipMac (3)
    }
    MAX-ACCESS          read-write
    STATUS              current
    DESCRIPTION
        " This object indicates the IP source guard status of an 
        interface. 
    
        If this object is set to 'disable', IP source guard feature 
        is disabled and all incoming IP traffic on this interface 
        will be allowed. 
    
        If this object is set to 'ip', IP source guard feature is 
        enabled on fsIpDbSrcGuardIndex with Source IP address filtering 
        mode. The switch allows the IP traffic when the source IP 
        matches with an entry in Ip binding database. 

        If this object is set to 'ipMac', IP source guard is enabled on 
        the fsIpDbSrcGuardIndex with Source IP and MAC address filtering 
        mode. The switch allows the IP traffic when the source IP and MAC 
        address matches with an entry in Ip binding database. 

        When there is no IP binding entries and IP source guard is 
        enabled, switch drops all types of packets other than DHCP 
        packet. "
    
    DEFVAL  { disable }
    ::= { fsIpDbSrcGuardConfigEntry 2 }


END
