--************************************************************************** -- -- Copyright 2008 Scientific Atlanta, A Cisco Company -- All Rights Reserved -- No portions of this material may be reproduced in any -- form without the written permission of: -- Scientific Atlanta, A Cisco Company -- 5030 Sugarloaf Pkwy -- Lawrenceville, Georgia 30044 -- --************************************************************************** SA-CM-MTA-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE,enterprises, Integer32 FROM SNMPv2-SMI SnmpAdminString FROM SNMP-FRAMEWORK-MIB TruthValue FROM SNMPv2-TC ; sa OBJECT IDENTIFIER ::= { enterprises 1429 } saVoip OBJECT IDENTIFIER ::= { sa 78 } saCmMta MODULE-IDENTITY LAST-UPDATED "0807080000Z" ORGANIZATION "Scientific Atlanta, Inc." CONTACT-INFO "marcin.godlewski@sciatl.com" DESCRIPTION "Controls the behavior of the Cable Modem functional block in Embedded MTA devices. This MIB is active only at the Cable Modem IP address" -- History REVISION "0807080000Z" DESCRIPTION "Added saCmMtaProvState (2012)" REVISION "0804230000Z" DESCRIPTION "Added saCmMtaDhcpOptionSixty (2468)" REVISION "0804070000Z" DESCRIPTION "Added saCmMtaDhcpRebindRule (2452)" REVISION "0803170000Z" DESCRIPTION "Added saCmMtaIcmpReplyEnable (5660)" REVISION "0711160000Z" DESCRIPTION "Added enableTelnetPermanentViaWebpage(5) to saCmMtaCliAccessType (1988)" REVISION "0706010000Z" DESCRIPTION "Added webPage(6) to saCmMtaProvisioningMode (1528)" REVISION "0610300000Z" DESCRIPTION "Added saCmMtaAltCertChain (1076,5372)" REVISION "0610020000Z" DESCRIPTION "Changed description of saCmMtaCliAccessPassword" REVISION "0609050000Z" DESCRIPTION "Changed description and defval of saCmMtaProvSnmpInformCommunityString" REVISION "0607110000Z" DESCRIPTION "Added values 4 and 5 to saCmMtaProvisioningMode (786)" REVISION "0606210000Z" DESCRIPTION "Changed saCmMtaSpinLockInit access to read-only Changed description of saCmMtaCliAccessType to remove VSIFs 105 to 108" REVISION "0603170000Z" DESCRIPTION "Changed saCmMtaTelnetAccess status to obsolete Added saCmMtaCliAccess tree" REVISION "0602130000Z" DESCRIPTION "Added enableSsh(2) to saCmMtaTelnetAccess" REVISION "0601230000Z" -- 2006/01/23 DESCRIPTION "Added saCmMtaSpinLockInit" REVISION "0601200000Z" -- 2006/01/20 DESCRIPTION "Added saCmMtaSwUpgradeControlTimer" ::= { saVoip 1 } saCmMtaDevice OBJECT-TYPE SYNTAX INTEGER { disable(0), enable(1) } MAX-ACCESS read-only STATUS current DESCRIPTION "Control embedded MTA. If disable(0), MTA will not send out DHCP DISCOVER message. If DHCP option 122.1 is missing, MTA is disabled and MIB is set to disable(0). Note: Equivalent of VSIF 54. Note: This object can be set via the CM configuration file ONLY." ::= { saCmMta 1 } saCmMtaCountMtaAsCpe OBJECT-TYPE SYNTAX INTEGER { false(0), true(1) } MAX-ACCESS read-only STATUS current DESCRIPTION "MTA in Max-Count of CPEs (Max number of CPE in CM config file), default per eDOCSIS spec. This setting is used to control counting MTA in Max-Count of CPEs. 0: Do not count MTA as a CPE 1: Count MTA as a CPE Note: Equivalent of VSIF 69 Note: This object can be set via the CM configuration file ONLY." DEFVAL { 1 } ::= { saCmMta 2 } saCmMtaIpFilters OBJECT-TYPE SYNTAX INTEGER { perSpec(0), openMta(1) } MAX-ACCESS read-write STATUS current DESCRIPTION "DOCSIS config file filters (from RFC2669) are normally applied to the MTA and all CPE interfaces per the eDOCSIS spec. This MIB controls if the filters are applied to the MTA. 0: Follow e-docsis spec - apply filters to MTA, Ethernet and USB ports (default) 1: Do not apply any filters to the MTA - apply filters only to Ethernet and USB ports Filters do NOT block traffic to/from the MTA. Note: Equivalent of VSIF 77" DEFVAL { 0 } ::= { saCmMta 3 } saCmMtaProvChange OBJECT-TYPE SYNTAX INTEGER { none(0), informTftpFailAndOid(1) } MAX-ACCESS read-only STATUS current DESCRIPTION "Applying special requirement of inform to be sent. 0: Follow PacketCable Provision procedure.(default) 1: An inform to be sent after TFTP file download fails, and before returning to MTA-1. The format for this message is the same as MTA-25 and returns ProvisionStatus 3 indicating failure. And the OID returned in MTA-25 is changed to the following: 1.3.6.1.4.1.4491.2.2.1.1.1.9 Note: Mib also controlled by VSIF 73 Note: This object can be set via the CM configuration file ONLY." DEFVAL { 0 } ::= { saCmMta 4 } saCmMtaSidCount OBJECT-TYPE SYNTAX INTEGER (4|16) MAX-ACCESS read-only STATUS current DESCRIPTION "Number of SIDs the MTA supports." ::= { saCmMta 5 } saCmMtaProvSnmpSetTimeout OBJECT-TYPE SYNTAX INTEGER (0..30) UNITS "seconds" MAX-ACCESS read-only STATUS current DESCRIPTION "Time to wait (in seconds) since last SNMP SET from the SNMP trap server to resend the MTA config file before restarting MTA provisioning. SNMP SET message must contain parameters: configuration file hash, configuration file URL and, optionally, configuration file encryption key. There are three cases: 1.a. For provisioning mode 0 (PacketCable): if hash and key and URL are given, the MTA will continue without waiting. b. For provisioning mode > 0: if URL is given, the MTA will continue without waiting. 2.a. For provisioning mode 0: if configuration file hash or URL (or both) is missing, MTA will wait x seconds for the next SET and restart provisioning process. b. For provisioning mode > 0: if URL is missing, MTA will wait x seconds for the next SET and restart provisioning process. 3. Only for provisioing mode 0: if key is missing, MTA will wait x seconds for the next SET and then it will continue provisioning. where x is this MIB object. Setting this parameter to 0 means that MTA will never wait for another SET. For case 2 it will restart provisioning, for case 3 it will continue provisioning wihout key. Note: This object can be set via the CM configuration file ONLY." DEFVAL { 5 } ::= { saCmMta 6 } saCmMtaProvisioningMode OBJECT-TYPE SYNTAX INTEGER { packetCable(0), oneConfigFile(1), twoConfigFilesDHCP(2), twoConfigFilesSNMP(3), twoConfigFilesDHCPmacAddress(4), twoConfigFilesMacAddressOnly(5), webPage(6) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object must only be set via the CM configuration file during the provisioning process. After CM is operational, this object can not be set via SNMP. MTA provisioning modes: 0: MTA follows the PacketCable provisioning specifications and supports BASIC, HYBRID and SECURE flows. 1: MTA will provision using only the CM config file. VoIP parameters MUST be included in the CM config file as VSIFs. This option will become obsolete. 2: MTA will learn the MTA config file name and location from the MTA DHCP OFFER. If the filename or location is missing, MTA will switch to mode 3. 3: MTA will learn the MTA config file name and location via SNMP. The MTA will send an SNMP inform to the provisioning server specified in DHCP option 122.3 or 177.3, depending on saCmMtaDhcpPktcOption (note: MTA will not provision if saCmMtaDhcpPktcOption = requireNone(1) and no option 122.3 or 177.3 is specified). 4: MTA will learn the MTA config file name and location and the MTA host name from the MTA DHCP OFFER/ACK. If the filename is missing in the DHCP OFFER/ACK, the MTA will request a config file name based on the MTA mac address (example: 000f21c4e145.bin). If the MTA host name is missing in the DHCP OFFER/ACK the MTA will use a host name of MAC_ADDR (example: 000f21c4e145). 5: MTA will request a config file name based on the MTA mac address (example: 000f21c4e145.bin). MTA will learn the MTA config file location via DHCP. MTA will use a host name of MAC_ADDR (example: 000f21c4e145). MTA will NOT use the file name and host name in the DHCP ACK even if the parameters are present. 6: Web page provisioning. Parameters from a web page will be used rather than from config file. All the web page parameters are stored in non-vol. Base provisioning method is 2 above. For modes other than 0, MTA DHCP options 122, 177 are not required. Note: This object can be set via the CM configuration file ONLY." DEFVAL { 0 } ::= { saCmMta 7 } saCmMtaDhcpPktcOption OBJECT-TYPE SYNTAX INTEGER { require122(0), requireNone(1), require177(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object must only be set via the CM configuration file during the provisioning process. After CM is operational, this object can not be set via SNMP. 0: CM and MTA will accept only PacketCable option 122. If option 122 is not included in CM DHCP OFFER, MTA will not start. 1: CM and MTA will accept 122 or 177 or none. If DHCP OFFER contains 122 or 177, MTA will process it. 2: CM and MTA will accept only PacketCable option 177. If option 177 is not included in CM DHCP OFFER, MTA will not start. This MIB is saved into modem's non-vol memory and the new value is active after the modem registers and reboots again (DHCP comes before config file parsing). Note: Equivalent of VSIF 64 Note: This object can be set via the CM configuration file ONLY." DEFVAL { 0 } ::= { saCmMta 8 } saCmMtaProvSnmpInformCommunityString OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-only STATUS current DESCRIPTION "The value set in this object becomes the SNMPv2c community string in all SNMP INFORMS sent to the provisioning server during MTA registration. Provisioning methods affected include: - SA ProvMode 3 - Pktc BASIC.2 (MTA-25 only) - Pktc HYBRID.1 (MTA-15 only) - Pktc HYBRID.2 (MTA-15 and MTA-25) Note: Pktc SECURE mode is NOT affected. Note: This setting only affects provisioning-related INFORMs, not INFORMs/TRAPs sent by the MTA after it has completed registration. Note: This object can be set via the CM configuration file ONLY." DEFVAL { "public" } ::= { saCmMta 9 } saCmMtaRequireTod OBJECT-TYPE SYNTAX INTEGER { false(0), true(1) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object controls if the EMTA will continue the provisioning process if a response from a Time of Day server is not available at provisioning step CM-8. If set to true(1) the EMTA will require a ToD response. If set to false(0) the EMTA will request ToD but will not require the TOD server response. Note: For PacketCable secure provisioning, if this object is set to false(0), and ToD is not available, MTA will probably be unable to verify that certificates are valid and will not provision. Note: this object can be set in the CM config file only." DEFVAL { 1 } ::= { saCmMta 10 } saCmMtaTelnetAccess OBJECT-TYPE SYNTAX INTEGER { disable(0), enableTelnet(1), enableSsh(2) } MAX-ACCESS read-write STATUS obsolete DESCRIPTION "Controls telnet/SSH access to the CM IP Address when VSIF 106 is configured for SNMP-controlled conditional telnet access (VSIF 106 = 2). When VSIF 106 = 2 AND username and password are specified in VSIFs 107 and 108, the value of this object can be modified to control telnet/SSH access. In this case, the object returns the current value when read (disable(0) by default). When VSIF 106 = 1 AND username and password are specified in VSIFs 107 and 108, this object returns 1 when read and cannot be modified. When VSIF 106 = 0 or username or password are not specified, this object returns 0 when read and cannot be modified." ::= { saCmMta 11 } saCmMtaMtaCpeTraffic OBJECT-TYPE SYNTAX INTEGER { pass(1), block(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object controls if the traffic between eMTA and CPE can be forwarded." DEFVAL { 1 } ::= { saCmMta 12 } saCmMtaDecryptMtaConfigFile OBJECT-TYPE SYNTAX INTEGER { disable(1), RSA-CM-cert(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "To be written." DEFVAL { 1 } ::= { saCmMta 13 } saCmMtaSwUpgradeControlTimer OBJECT-TYPE SYNTAX INTEGER (0..7200) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "This object is used to control the conditions for rebooting the modem following a software download: 0: Docsis Default: Always download software and reboot immediately after software download, 1: Do not download software if any phone endpoint is off hook and return 13 to docsDevSwAdminStatus when set to upgradgeFromMgt(1), other: Download software immediately but delay the reboot until all lines have been on-hook for the specified time in seconds. Note: docsDevSwOperStatus shows inProgess(1) even if the download itself has finished and MTA is waiting for user to hang up." DEFVAL { 0 } ::= { saCmMta 14 } saCmMtaSpinLockInit OBJECT-TYPE SYNTAX INTEGER { zero(0), random(1) } MAX-ACCESS read-only STATUS current DESCRIPTION "Controls whether the usmUserSpinLock from SNMPv3 USM is initially set to zero or to a random value at boot time." DEFVAL { 1 } ::= { saCmMta 15 } saCmMtaAltCertChain OBJECT-TYPE SYNTAX INTEGER { deny(0), accept(1) } MAX-ACCESS read-only STATUS current DESCRIPTION "Normally, an image built for PacketCable may only use the CableLabs service provider certificate chain, and an image built for EuroPacketCable may only use the tComLabs service provider certificate chain. This object allows the two certificate chains to be used regardless of whether the image supports PacketCable or EuroPacketCable. 0: Follow the Security Specification. PacketCable images use Cablelabs certificate chain. EuroPacketCable images use tComlabs certificate chain. 1: Don't tie the Service Provider certificate chain with the image." DEFVAL { 0 } ::= { saCmMta 16 } saCmMtaDhcpRebindRule OBJECT-TYPE SYNTAX INTEGER{ strict(1), relaxed(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object is used to control the DHCP client behaviour for the MTA when a DHCP REBIND (T2 timeout) occurs. The value strict will only allow the MTA to accept a valid DHCP ACK only from the DHCP server that provided the initial lease. The value relaxed will allow the MTA to accept a valid DHCP ACK from any DHCP server." REFERENCE "RFC 2131 Dynamic Host Configuration Protocol" DEFVAL { 1 } ::= { saCmMta 19 } saCmMtaDhcpOptionSixty OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-only STATUS current DESCRIPTION "Defines the string value for SIP EMTA DHCP DISCOVER option 60 text. This mib is only writeable in the the CM config file. Default option 60 value is pktc1.0" DEFVAL { "pktc1.0" } ::= { saCmMta 20 } saCmMtaProvState OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "This MIB will show the provisioning state of the modem. This is equivalent to the CM State web page. This MIB will return an integer of the current provisioning state based on the descriptions below. MTA Disabled / Prevented would be the value if MTA is diabled (via option 122/177, ifAdminStatus, saCmMtaDevice) or prevented (application not started due to bad option 122 or other error). Docsis-Downstream Scanning (1) Docsis-Downstream Ranging (2) Docsis-Upstream Ranging (3) Docsis-DHCP (4) Docsis-TFTP (5) Docsis-Data Reg Complete (6) Telephony-DHCP (7) Telephony-Security (8) Telephony-TFTP (9) Telephony-Reg with Call Server (10) Telephony-Reg Complete (11) MTA Disabled/Prevented (12) " ::= { saCmMta 21 } -- =========== -- TELNET TREE saCmMtaCliAccess OBJECT IDENTIFIER ::= { saCmMta 1001 } saCmMtaCliAccessType OBJECT-TYPE SYNTAX INTEGER { disable(0), enableTelnetPermanent(1), enableTelnetSingleSession(2), enableSshPermanent(3), enableSshSingleSession(4), enableTelnetPermanentViaWebpage(5) } MAX-ACCESS read-write STATUS current DESCRIPTION "Controls telnet/SSH access to the CM IP Address. When username and password are specified, the value of this object can be modified to control telnet/SSH access. In this case, the object returns the current value when read (disable(0) by default). Single session enables the session and once a user logs out, the access gets disabled. Permanent session does not disable the access after a user logs out." DEFVAL { 0 } ::= { saCmMtaCliAccess 1 } saCmMtaCliAccessInterface OBJECT-TYPE SYNTAX BITS { docsis(0), emta(1), cpe(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Controls and reflects the IP stack interfaces on which a telnet server is active." DEFVAL { '00'h } ::= { saCmMtaCliAccess 2 } saCmMtaCliAccessUsername OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS not-accessible STATUS current DESCRIPTION "Username string" ::= { saCmMtaCliAccess 3 } saCmMtaCliAccessPassword OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS not-accessible STATUS current DESCRIPTION "Password string. When using a plain-text string, this object is encoded as an ascii string. When using the MD5 or password of the day types, this object should be encoded as a hex string." ::= { saCmMtaCliAccess 4 } saCmMtaCliAccessPasswordType OBJECT-TYPE SYNTAX INTEGER { plain(0), md5(1), pod(2) } MAX-ACCESS not-accessible STATUS current DESCRIPTION "Password type" DEFVAL { 0 } ::= { saCmMtaCliAccess 5 } saCmMtaCliAccessSessionInProgress OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "Indicates whether or not a telnet session is currently in progress." ::= { saCmMtaCliAccess 6 } saCmMtaCliAccessForceUserLogout OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "If a telnet session is currently in progress, setting this object to true(1) will terminate the session. Setting to false(2) has no effect. Always returns false(2) when read." ::= { saCmMtaCliAccess 7 } saCmMtaCliAccessSessionAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "This object gives the address of the most recently connected device. If no session has taken place since the last reboot, this object will report an empty string." ::= { saCmMtaCliAccess 8 } saCmMtaCliAccessBadAddress OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The address of an device which has last unsuccessfully attempted to log in to this station." ::= { saCmMtaCliAccess 9 } saCmMtaCliAccessTriesToLock OBJECT-TYPE SYNTAX INTEGER (0..32) MAX-ACCESS read-write STATUS current DESCRIPTION "Defines number of unsuccessful access atempts before disconneting the session. Access is blocked for duration specified in saCmMtaCliAccessUnlockTime. If 0 is specified, session is never dropped." DEFVAL { 3 } ::= { saCmMtaCliAccess 10 } saCmMtaCliAccessUnlockTime OBJECT-TYPE SYNTAX INTEGER UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "Time to unlock the access. If 0 is specified only reboot unlocks the access." DEFVAL { 30 } ::= { saCmMtaCliAccess 11 } saCmMtaCliAccessNoActivityTimeout OBJECT-TYPE SYNTAX INTEGER UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "Timeout for a session if no activity (no input) is present. If 0, session will not timeout." DEFVAL { 0 } ::= { saCmMtaCliAccess 12 } saCmMtaCliAccessConnectBanner OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-only STATUS current DESCRIPTION "Banner when user connects to session." ::= { saCmMtaCliAccess 13 } saCmMtaCliAccessGoodLogin OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-only STATUS current DESCRIPTION "Banner when user successfully logs in." ::= { saCmMtaCliAccess 14 } saCmMtaCliAccessBadBanner OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-only STATUS current DESCRIPTION "Banner when user is disconnected after trying loging in with bad credentials." ::= { saCmMtaCliAccess 15 } -- END OF TELNET TREE END