RFC 4131
Management Information Base for Data Over Cable Service Interface Specification (DOCSIS) Cable Modems and Cable Modem Termination Systems for Baseline Privacy Plus
docsBpi2CmCryptoSuiteTable OBJECT-TYPE
SYNTAX SEQUENCE OF DocsBpi2CmCryptoSuiteEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table describes the Baseline Privacy Plus
cryptographic suite capabilities for each CM MAC
interface."
::= { docsBpi2CmObjects 5 }
docsBpi2CmCryptoSuiteEntry OBJECT-TYPE
SYNTAX DocsBpi2CmCryptoSuiteEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains a cryptographic suite pair
that this CM MAC supports."
INDEX { ifIndex, docsBpi2CmCryptoSuiteIndex }
::= { docsBpi2CmCryptoSuiteTable 1 }
DocsBpi2CmCryptoSuiteEntry ::= SEQUENCE {
docsBpi2CmCryptoSuiteIndex Unsigned32,
docsBpi2CmCryptoSuiteDataEncryptAlg
DocsBpkmDataEncryptAlg,
docsBpi2CmCryptoSuiteDataAuthentAlg
DocsBpkmDataAuthentAlg
}
docsBpi2CmCryptoSuiteIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..1000)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index for a cryptographic suite row."
::= { docsBpi2CmCryptoSuiteEntry 1 }
docsBpi2CmCryptoSuiteDataEncryptAlg OBJECT-TYPE
SYNTAX DocsBpkmDataEncryptAlg
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the data encryption
algorithm for this cryptographic suite capability."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.2.20."
::= { docsBpi2CmCryptoSuiteEntry 2 }
docsBpi2CmCryptoSuiteDataAuthentAlg OBJECT-TYPE
SYNTAX DocsBpkmDataAuthentAlg
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the data authentication
algorithm for this cryptographic suite capability."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.2.20."
::= { docsBpi2CmCryptoSuiteEntry 3 }
-- Cable Modem Termination System Group
docsBpi2CmtsObjects OBJECT IDENTIFIER ::= { docsBpi2MIBObjects 2 }
--
-- SPECIAL NOTE: For the following CMTS tables, when a CM is
-- running in BPI mode, replace SAID (Security Association ID)
-- with SID (Service ID). The CMTS is required to map SAIDs and
-- SIDs to one contiguous space.
--
--
-- The BPI+ base table for CMTSs, indexed by ifIndex
--
docsBpi2CmtsBaseTable OBJECT-TYPE
SYNTAX SEQUENCE OF DocsBpi2CmtsBaseEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table describes the basic Baseline Privacy
attributes of each CMTS MAC interface."
::= { docsBpi2CmtsObjects 1 }
docsBpi2CmtsBaseEntry OBJECT-TYPE
SYNTAX DocsBpi2CmtsBaseEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains objects describing attributes of
one CMTS MAC interface. An entry in this table exists for
each ifEntry with an ifType of docsCableMaclayer(127)."
INDEX { ifIndex }
::= { docsBpi2CmtsBaseTable 1 }
DocsBpi2CmtsBaseEntry ::= SEQUENCE {
docsBpi2CmtsDefaultAuthLifetime Integer32,
docsBpi2CmtsDefaultTEKLifetime Integer32,
docsBpi2CmtsDefaultSelfSignedManufCertTrust INTEGER,
docsBpi2CmtsCheckCertValidityPeriods TruthValue,
docsBpi2CmtsAuthentInfos Counter32,
docsBpi2CmtsAuthRequests Counter32,
docsBpi2CmtsAuthReplies Counter32,
docsBpi2CmtsAuthRejects Counter32,
docsBpi2CmtsAuthInvalids Counter32,
docsBpi2CmtsSAMapRequests Counter32,
docsBpi2CmtsSAMapReplies Counter32,
docsBpi2CmtsSAMapRejects Counter32
}
docsBpi2CmtsDefaultAuthLifetime OBJECT-TYPE
SYNTAX Integer32 (1..6048000)
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The value of this object is the default lifetime, in
seconds, that the CMTS assigns to a new authorization key.
This object value persists after re-initialization of the
managed system."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Appendix A.2."
DEFVAL { 604800 }
::= { docsBpi2CmtsBaseEntry 1 }
docsBpi2CmtsDefaultTEKLifetime OBJECT-TYPE
SYNTAX Integer32 (1..604800)
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The value of this object is the default lifetime, in
seconds, that the CMTS assigns to a new Traffic Encryption
Key (TEK).
This object value persists after re-initialization of the
managed system."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Appendix A.2."
DEFVAL { 43200 }
::= { docsBpi2CmtsBaseEntry 2 }
docsBpi2CmtsDefaultSelfSignedManufCertTrust OBJECT-TYPE
SYNTAX INTEGER {
trusted (1),
untrusted (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object determines the default trust of
self-signed manufacturer certificate entries, contained
in docsBpi2CmtsCACertTable, and created after this
object is set.
This object need not persist after re-initialization
of the managed system."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 9.4.1"
::= { docsBpi2CmtsBaseEntry 3 }
docsBpi2CmtsCheckCertValidityPeriods OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this object to 'true' causes all chained and
root certificates in the chain to have their validity
periods checked against the current time of day, when
the CMTS receives an Authorization Request from the
CM.
A 'false' setting causes all certificates in the chain
not to have their validity periods checked against the
current time of day.
This object need not persist after re-initialization
of the managed system."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 9.4.2"
::= { docsBpi2CmtsBaseEntry 4 }
docsBpi2CmtsAuthentInfos OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has received an Authentication Information message
from any CM.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.9."
::= { docsBpi2CmtsBaseEntry 5 }
docsBpi2CmtsAuthRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has received an Authorization Request message from any
CM.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.1."
::= { docsBpi2CmtsBaseEntry 6 }
docsBpi2CmtsAuthReplies OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has transmitted an Authorization Reply message to any
CM.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.2."
::= { docsBpi2CmtsBaseEntry 7 }
docsBpi2CmtsAuthRejects OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has transmitted an Authorization Reject message to any
CM.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.3."
::= { docsBpi2CmtsBaseEntry 8 }
docsBpi2CmtsAuthInvalids OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times
the CMTS has transmitted an Authorization Invalid message
to any CM.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.7."
::= { docsBpi2CmtsBaseEntry 9 }
docsBpi2CmtsSAMapRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has received an SA Map Request message from any CM.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.10."
::= { docsBpi2CmtsBaseEntry 10 }
docsBpi2CmtsSAMapReplies OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has transmitted an SA Map Reply message to any CM.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.11."
::= { docsBpi2CmtsBaseEntry 11 }
docsBpi2CmtsSAMapRejects OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has transmitted an SA Map Reject message to any CM.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.12."
::= { docsBpi2CmtsBaseEntry 12 }
--
-- The CMTS Authorization Table, indexed by ifIndex and CM MAC
-- address
--
docsBpi2CmtsAuthTable OBJECT-TYPE
SYNTAX SEQUENCE OF DocsBpi2CmtsAuthEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table describes the attributes of each CM
authorization association. The CMTS maintains one
authorization association with each Baseline Privacy-
enabled CM, registered on each CMTS MAC interface,
regardless of whether the CM is authorized or rejected."
::= { docsBpi2CmtsObjects 2 }
docsBpi2CmtsAuthEntry OBJECT-TYPE
SYNTAX DocsBpi2CmtsAuthEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains objects describing attributes of
one authorization association. The CMTS MUST create one
entry per CM per MAC interface, based on the receipt of an
Authorization Request message, and MUST not delete the
entry until the CM loses registration."
INDEX { ifIndex, docsBpi2CmtsAuthCmMacAddress }
::= { docsBpi2CmtsAuthTable 1 }
DocsBpi2CmtsAuthEntry ::= SEQUENCE {
docsBpi2CmtsAuthCmMacAddress MacAddress,
docsBpi2CmtsAuthCmBpiVersion INTEGER,
docsBpi2CmtsAuthCmPublicKey OCTET STRING,
docsBpi2CmtsAuthCmKeySequenceNumber Integer32,
docsBpi2CmtsAuthCmExpiresOld DateAndTime,
docsBpi2CmtsAuthCmExpiresNew DateAndTime,
docsBpi2CmtsAuthCmLifetime Integer32,
docsBpi2CmtsAuthCmReset INTEGER,
docsBpi2CmtsAuthCmInfos Counter32,
docsBpi2CmtsAuthCmRequests Counter32,
docsBpi2CmtsAuthCmReplies Counter32,
docsBpi2CmtsAuthCmRejects Counter32,
docsBpi2CmtsAuthCmInvalids Counter32,
docsBpi2CmtsAuthRejectErrorCode INTEGER,
docsBpi2CmtsAuthRejectErrorString SnmpAdminString,
docsBpi2CmtsAuthInvalidErrorCode INTEGER,
docsBpi2CmtsAuthInvalidErrorString SnmpAdminString,
docsBpi2CmtsAuthPrimarySAId DocsSAIdOrZero,
docsBpi2CmtsAuthBpkmCmCertValid INTEGER,
docsBpi2CmtsAuthBpkmCmCert
DocsX509ASN1DEREncodedCertificate,
docsBpi2CmtsAuthCACertIndexPtr Unsigned32
}
docsBpi2CmtsAuthCmMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The value of this object is the physical address of
the CM to which the authorization association applies."
::= { docsBpi2CmtsAuthEntry 1 }
docsBpi2CmtsAuthCmBpiVersion OBJECT-TYPE
SYNTAX INTEGER {
bpi (0),
bpiPlus (1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the version of Baseline
Privacy for which this CM has registered. The value
'bpiplus' represents the value of BPI-Version Attribute of
the Baseline Privacy Key Management BPKM attribute
BPI-Version (1). The value 'bpi' is used to represent the
CM registered using DOCSIS 1.0 Baseline Privacy."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.2.22; ANSI/SCTE 22-2 2002(formerly DSS 02-03)
Data-Over-Cable Service Interface Specification DOCSIS 1.0
Baseline Privacy Interface (BPI)"
::= { docsBpi2CmtsAuthEntry 2 }
docsBpi2CmtsAuthCmPublicKey OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..524))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is a DER-encoded
RSAPublicKey ASN.1 type string, as defined in the RSA
Encryption Standard (PKCS #1), corresponding to the
public key of the CM. This is the zero-length OCTET
STRING if the CMTS does not retain the public key."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.2.4."
::= { docsBpi2CmtsAuthEntry 3 }
docsBpi2CmtsAuthCmKeySequenceNumber OBJECT-TYPE
SYNTAX Integer32 (0..15)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the most recent
authorization key sequence number for this CM."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Sections 4.2.1.2 and 4.2.2.10."
::= { docsBpi2CmtsAuthEntry 4 }
docsBpi2CmtsAuthCmExpiresOld OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the actual clock time
for expiration of the immediate predecessor of the most
recent authorization key for this FSM. If this FSM has only
one authorization key, then the value is the time of
activation of this FSM.
Note: This object has no meaning for CMs running in BPI
mode; therefore, this object is not instantiated for entries
associated to those CMs."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Sections 4.2.1.2 and 4.2.2.9."
::= { docsBpi2CmtsAuthEntry 5 }
docsBpi2CmtsAuthCmExpiresNew OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the actual clock
time for expiration of the most recent authorization key
for this FSM."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Sections 4.2.1.2 and 4.2.2.9."
::= { docsBpi2CmtsAuthEntry 6 }
docsBpi2CmtsAuthCmLifetime OBJECT-TYPE
SYNTAX Integer32 (1..6048000)
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The value of this object is the lifetime, in seconds,
that the CMTS assigns to an authorization key for this CM."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.2 and Appendix A.2."
::= { docsBpi2CmtsAuthEntry 7 }
docsBpi2CmtsAuthCmReset OBJECT-TYPE
SYNTAX INTEGER {
noResetRequested(1),
invalidateAuth(2),
sendAuthInvalid(3),
invalidateTeks(4)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this object to invalidateAuth(2) causes the
CMTS to invalidate the current CM authorization key(s), but
not to transmit an Authorization Invalid message nor to
invalidate the primary SAID's TEKs. Setting this object to
sendAuthInvalid(3) causes the CMTS to invalidate the
current CM authorization key(s), and to transmit an
Authorization Invalid message to the CM, but not to
invalidate the primary SAID's TEKs. Setting this object to
invalidateTeks(4) causes the CMTS to invalidate the current
CM authorization key(s), to transmit an Authorization
Invalid message to the CM, and to invalidate the TEKs
associated with this CM's primary SAID.
For BPI mode, substitute all of the CM's unicast
TEKs for the primary SAID's TEKs in the previous
paragraph.
Reading this object returns the most recently set
value of this object or, if the object has not been set
since entry creation, returns noResetRequested(1)."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Sections 4.1.2.3.4, 4.1.2.3.5, and 4.1.3.3.5."
::= { docsBpi2CmtsAuthEntry 8 }
docsBpi2CmtsAuthCmInfos OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has received an Authentication Information message
from this CM.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.9."
::= { docsBpi2CmtsAuthEntry 9 }
docsBpi2CmtsAuthCmRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has received an Authorization Request message from
this CM.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.1."
::= { docsBpi2CmtsAuthEntry 10 }
docsBpi2CmtsAuthCmReplies OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has transmitted an Authorization Reply message to this
CM.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.2."
::= { docsBpi2CmtsAuthEntry 11 }
docsBpi2CmtsAuthCmRejects OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has transmitted an Authorization Reject message to
this CM.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.3."
::= { docsBpi2CmtsAuthEntry 12 }
docsBpi2CmtsAuthCmInvalids OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has transmitted an Authorization Invalid message to
this CM.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.7."
::= { docsBpi2CmtsAuthEntry 13 }
docsBpi2CmtsAuthRejectErrorCode OBJECT-TYPE
SYNTAX INTEGER {
none(1),
unknown(2),
unauthorizedCm(3),
unauthorizedSaid(4),
permanentAuthorizationFailure(8),
timeOfDayNotAcquired(11)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the enumerated
description of the Error-Code in the most recent
Authorization Reject message transmitted to the CM. This has
the value unknown(2) if the last Error-Code value was 0 and
none(1) if no Authorization Reject message has been
transmitted to the CM since entry creation."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Sections 4.2.1.3 and 4.2.2.15."
::= { docsBpi2CmtsAuthEntry 14 }
docsBpi2CmtsAuthRejectErrorString OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..128))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the text string in the
most recent Authorization Reject message transmitted to the
CM. This is a zero length string if no Authorization
Reject message has been transmitted to the CM since entry
creation."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Sections 4.2.1.3 and 4.2.2.6."
::= { docsBpi2CmtsAuthEntry 15 }
docsBpi2CmtsAuthInvalidErrorCode OBJECT-TYPE
SYNTAX INTEGER {
none(1),
unknown(2),
unauthorizedCm(3),
unsolicited(5),
invalidKeySequence(6),
keyRequestAuthenticationFailure(7)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the enumerated
description of the Error-Code in the most recent
Authorization Invalid message transmitted to the CM. This
has the value unknown(2) if the last Error-Code value was 0
and none(1) if no Authorization Invalid message has been
transmitted to the CM since entry creation."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Sections 4.2.1.7 and 4.2.2.15."
::= { docsBpi2CmtsAuthEntry 16 }
docsBpi2CmtsAuthInvalidErrorString OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..128))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the text string in the
most recent Authorization Invalid message transmitted to
the CM. This is a zero length string if no Authorization
Invalid message has been transmitted to the CM since entry
creation."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Sections 4.2.1.7 and 4.2.2.6."
::= { docsBpi2CmtsAuthEntry 17 }
docsBpi2CmtsAuthPrimarySAId OBJECT-TYPE
SYNTAX DocsSAIdOrZero
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the Primary Security
Association identifier. For BPI mode, the value must be
any unicast SID."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 2.1.3."
::= { docsBpi2CmtsAuthEntry 18 }
docsBpi2CmtsAuthBpkmCmCertValid OBJECT-TYPE
SYNTAX INTEGER {
unknown (0),
validCmChained (1),
validCmTrusted (2),
invalidCmUntrusted (3),
invalidCAUntrusted (4),
invalidCmOther (5),
invalidCAOther (6)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Contains the reason why a CM's certificate is deemed
valid or invalid.
Return unknown(0) if the CM is running BPI mode.
ValidCmChained(1) means the certificate is valid
because it chains to a valid certificate.
ValidCmTrusted(2) means the certificate is valid
because it has been provisioned (in the
docsBpi2CmtsProvisionedCmCert table) to be trusted.
InvalidCmUntrusted(3) means the certificate is invalid
because it has been provisioned (in the
docsBpi2CmtsProvisionedCmCert table) to be untrusted.
InvalidCAUntrusted(4) means the certificate is invalid
because it chains to an untrusted certificate.
InvalidCmOther(5) and InvalidCAOther(6) refer to
errors in parsing, validity periods, etc., which are
attributable to the CM certificate or its chain,
respectively; additional information may be found
in docsBpi2AuthRejectErrorString for these types
of errors."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 9.4.2."
::= { docsBpi2CmtsAuthEntry 19 }
docsBpi2CmtsAuthBpkmCmCert OBJECT-TYPE
SYNTAX DocsX509ASN1DEREncodedCertificate
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The X509 CM Certificate sent as part of a BPKM
Authorization Request.
Note: The zero-length OCTET STRING must be returned if the
Entire certificate is not retained in the CMTS."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 9.2."
::= { docsBpi2CmtsAuthEntry 20 }
docsBpi2CmtsAuthCACertIndexPtr OBJECT-TYPE
SYNTAX Unsigned32 (0..4294967295)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A row index into docsBpi2CmtsCACertTable.
Returns the index in docsBpi2CmtsCACertTable to which
CA certificate this CM is chained to. A value of
0 means it could not be found or not applicable."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 9.2."
::= { docsBpi2CmtsAuthEntry 21 }
--
-- The CMTS TEK Table, indexed by ifIndex and SAID
--
docsBpi2CmtsTEKTable OBJECT-TYPE
SYNTAX SEQUENCE OF DocsBpi2CmtsTEKEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table describes the attributes of each
Traffic Encryption Key (TEK) association. The CMTS
Maintains one TEK association per SAID on each CMTS MAC
interface."
::= { docsBpi2CmtsObjects 3 }
docsBpi2CmtsTEKEntry OBJECT-TYPE
SYNTAX DocsBpi2CmtsTEKEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains objects describing attributes of
one TEK association on a particular CMTS MAC interface. The
CMTS MUST create one entry per SAID per MAC interface,
based on the receipt of a Key Request message, and MUST not
delete the entry before the CM authorization for the SAID
permanently expires."
INDEX { ifIndex, docsBpi2CmtsTEKSAId }
::= { docsBpi2CmtsTEKTable 1 }
DocsBpi2CmtsTEKEntry ::= SEQUENCE {
docsBpi2CmtsTEKSAId DocsSAId,
docsBpi2CmtsTEKSAType DocsBpkmSAType,
docsBpi2CmtsTEKDataEncryptAlg DocsBpkmDataEncryptAlg,
docsBpi2CmtsTEKDataAuthentAlg DocsBpkmDataAuthentAlg,
docsBpi2CmtsTEKLifetime Integer32,
docsBpi2CmtsTEKKeySequenceNumber Integer32,
docsBpi2CmtsTEKExpiresOld DateAndTime,
docsBpi2CmtsTEKExpiresNew DateAndTime,
docsBpi2CmtsTEKReset TruthValue,
docsBpi2CmtsKeyRequests Counter32,
docsBpi2CmtsKeyReplies Counter32,
docsBpi2CmtsKeyRejects Counter32,
docsBpi2CmtsTEKInvalids Counter32,
docsBpi2CmtsKeyRejectErrorCode INTEGER,
docsBpi2CmtsKeyRejectErrorString SnmpAdminString,
docsBpi2CmtsTEKInvalidErrorCode INTEGER,
docsBpi2CmtsTEKInvalidErrorString SnmpAdminString
}
docsBpi2CmtsTEKSAId OBJECT-TYPE
SYNTAX DocsSAId
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The value of this object is the DOCSIS Security
Association ID (SAID)."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.2.12."
::= { docsBpi2CmtsTEKEntry 1 }
docsBpi2CmtsTEKSAType OBJECT-TYPE
SYNTAX DocsBpkmSAType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the type of security
association. 'dynamic' does not apply to CMs running in
BPI mode. Unicast BPI TEKs must utilize the 'primary'
encoding, and multicast BPI TEKs must utilize the 'static'
encoding."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 2.1.3."
::= { docsBpi2CmtsTEKEntry 2 }
docsBpi2CmtsTEKDataEncryptAlg OBJECT-TYPE
SYNTAX DocsBpkmDataEncryptAlg
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the data encryption
algorithm for this SAID."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.2.20."
::= { docsBpi2CmtsTEKEntry 3 }
docsBpi2CmtsTEKDataAuthentAlg OBJECT-TYPE
SYNTAX DocsBpkmDataAuthentAlg
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the data authentication
algorithm for this SAID."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.2.20."
::= { docsBpi2CmtsTEKEntry 4 }
docsBpi2CmtsTEKLifetime OBJECT-TYPE
SYNTAX Integer32 (1..604800)
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The value of this object is the lifetime, in
seconds, that the CMTS assigns to keys for this TEK
association."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.5 and Appendix A.2."
::= { docsBpi2CmtsTEKEntry 5 }
docsBpi2CmtsTEKKeySequenceNumber OBJECT-TYPE
SYNTAX Integer32 (0..15)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the most recent TEK
key sequence number for this SAID."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Sections 4.2.2.10 and 4.2.2.13."
::= { docsBpi2CmtsTEKEntry 6 }
docsBpi2CmtsTEKExpiresOld OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the actual clock time
for expiration of the immediate predecessor of the most
recent TEK for this FSM. If this FSM has only one TEK, then
the value is the time of activation of this FSM."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Sections 4.2.1.5 and 4.2.2.9."
::= { docsBpi2CmtsTEKEntry 7 }
docsBpi2CmtsTEKExpiresNew OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the actual clock time
for expiration of the most recent TEK for this FSM."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Sections 4.2.1.5 and 4.2.2.9."
::= { docsBpi2CmtsTEKEntry 8 }
docsBpi2CmtsTEKReset OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this object to 'true' causes the CMTS to
invalidate all currently active TEKs and to generate new
TEKs for the associated SAID; the CMTS MAY also generate
unsolicited TEK Invalid messages, to optimize the TEK
synchronization between the CMTS and the CM(s). Reading
this object always returns FALSE."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.1.3.3.5."
::= { docsBpi2CmtsTEKEntry 9 }
docsBpi2CmtsKeyRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has received a Key Request message.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.4."
::= { docsBpi2CmtsTEKEntry 10 }
docsBpi2CmtsKeyReplies OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has transmitted a Key Reply message.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.5."
::= { docsBpi2CmtsTEKEntry 11 }
docsBpi2CmtsKeyRejects OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has transmitted a Key Reject message.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.6."
::= { docsBpi2CmtsTEKEntry 12 }
docsBpi2CmtsTEKInvalids OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has transmitted a TEK Invalid message.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.8."
::= { docsBpi2CmtsTEKEntry 13 }
docsBpi2CmtsKeyRejectErrorCode OBJECT-TYPE
SYNTAX INTEGER {
none(1),
unknown(2),
unauthorizedSaid(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the enumerated
description of the Error-Code in the most recent Key Reject
message sent in response to a Key Request for this SAID.
This has the value unknown(2) if the last Error-Code value
was 0 and none(1) if no Key Reject message has been
received since registration."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Sections 4.2.1.6 and 4.2.2.15."
::= { docsBpi2CmtsTEKEntry 14 }
docsBpi2CmtsKeyRejectErrorString OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..128))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the text string in
the most recent Key Reject message sent in response to a
Key Request for this SAID. This is a zero length string if
no Key Reject message has been received since
registration."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Sections 4.2.1.6 and 4.2.2.6."
::= { docsBpi2CmtsTEKEntry 15 }
docsBpi2CmtsTEKInvalidErrorCode OBJECT-TYPE
SYNTAX INTEGER {
none(1),
unknown(2),
invalidKeySequence(6)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the enumerated
description of the Error-Code in the most recent TEK
Invalid message sent in association with this SAID. This
has the value unknown(2) if the last Error-Code value was 0
and none(1) if no TEK Invalid message has been received
since registration."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Sections 4.2.1.8 and 4.2.2.15."
::= { docsBpi2CmtsTEKEntry 16 }
docsBpi2CmtsTEKInvalidErrorString OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..128))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the text string in
the most recent TEK Invalid message sent in association
with this SAID. This is a zero length string if no TEK
Invalid message has been received since registration."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Sections 4.2.1.8 and 4.2.2.6."
::= { docsBpi2CmtsTEKEntry 17 }
--
-- The CMTS Multicast Objects Group
--
docsBpi2CmtsMulticastObjects OBJECT IDENTIFIER
::= { docsBpi2CmtsObjects 4 }
--
-- The CMTS IP Multicast Mapping Table, indexed by
-- docsBpi2CmtsIpMulticastIndex, and by ifIndex
--
docsBpi2CmtsIpMulticastMapTable OBJECT-TYPE
SYNTAX SEQUENCE OF DocsBpi2CmtsIpMulticastMapEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table maps multicast IP addresses to SAIDs.
If a multicast IP address is mapped by multiple rows
in the table, the row with the lowest
docsBpi2CmtsIpMulticastIndex must be utilized for the
mapping."
::= { docsBpi2CmtsMulticastObjects 1 }
docsBpi2CmtsIpMulticastMapEntry OBJECT-TYPE
SYNTAX DocsBpi2CmtsIpMulticastMapEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains objects describing the mapping of
a set of multicast IP address and the mask to one SAID
associated to a CMTS MAC Interface, as well as associated
message counters and error information."
INDEX { ifIndex, docsBpi2CmtsIpMulticastIndex }
::= { docsBpi2CmtsIpMulticastMapTable 1 }
DocsBpi2CmtsIpMulticastMapEntry ::= SEQUENCE {
docsBpi2CmtsIpMulticastIndex Unsigned32,
docsBpi2CmtsIpMulticastAddressType InetAddressType,
docsBpi2CmtsIpMulticastAddress InetAddress,
docsBpi2CmtsIpMulticastMask InetAddress,
docsBpi2CmtsIpMulticastSAId DocsSAIdOrZero,
docsBpi2CmtsIpMulticastSAType DocsBpkmSAType,
docsBpi2CmtsIpMulticastDataEncryptAlg
DocsBpkmDataEncryptAlg,
docsBpi2CmtsIpMulticastDataAuthentAlg
DocsBpkmDataAuthentAlg,
docsBpi2CmtsIpMulticastSAMapRequests Counter32,
docsBpi2CmtsIpMulticastSAMapReplies Counter32,
docsBpi2CmtsIpMulticastSAMapRejects Counter32,
docsBpi2CmtsIpMulticastSAMapRejectErrorCode
INTEGER,
docsBpi2CmtsIpMulticastSAMapRejectErrorString
SnmpAdminString,
docsBpi2CmtsIpMulticastMapControl RowStatus,
docsBpi2CmtsIpMulticastMapStorageType StorageType
}
docsBpi2CmtsIpMulticastIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..4294967295)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of this row. Conceptual rows having the
value 'permanent' need not allow write-access to any
columnar objects in the row."
::= { docsBpi2CmtsIpMulticastMapEntry 1 }
docsBpi2CmtsIpMulticastAddressType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of Internet address for
docsBpi2CmtsIpMulticastAddress
and docsBpi2CmtsIpMulticastMask."
DEFVAL { ipv4 }
::= { docsBpi2CmtsIpMulticastMapEntry 2 }
docsBpi2CmtsIpMulticastAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object represents the IP multicast address
to be mapped, in conjunction with
docsBpi2CmtsIpMulticastMask. The type of this address is
determined by the value of the object
docsBpi2CmtsIpMulticastAddressType."
::= { docsBpi2CmtsIpMulticastMapEntry 3 }
docsBpi2CmtsIpMulticastMask OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object represents the IP multicast address mask
for this row.
An IP multicast address matches this row if the logical
AND of the address with docsBpi2CmtsIpMulticastMask is
identical to the logical AND of
docsBpi2CmtsIpMulticastAddr with
docsBpi2CmtsIpMulticastMask. The type of this address is
determined by the value of the object
docsBpi2CmtsIpMulticastAddressType.
Note: For IPv6, this object need not represent a
contiguous netmask; e.g., to associate a SAID to a
multicast group matching 'any' multicast scope. The TC
InetAddressPrefixLength is not used, as it only
represents contiguous netmask."
::= { docsBpi2CmtsIpMulticastMapEntry 4 }
docsBpi2CmtsIpMulticastSAId OBJECT-TYPE
SYNTAX DocsSAIdOrZero
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object represents the multicast SAID to be
used in this IP multicast address mapping entry."
::= { docsBpi2CmtsIpMulticastMapEntry 5 }
docsBpi2CmtsIpMulticastSAType OBJECT-TYPE
SYNTAX DocsBpkmSAType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object is the type of security
association. 'dynamic' does not apply to CMs running in
BPI mode. Unicast BPI TEKs must utilize the 'primary'
encoding, and multicast BPI TEKs must utilize the 'static'
encoding. By default, SNMP created entries set this object
to 'static' if not set at row creation."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 2.1.3."
::= { docsBpi2CmtsIpMulticastMapEntry 6 }
docsBpi2CmtsIpMulticastDataEncryptAlg OBJECT-TYPE
SYNTAX DocsBpkmDataEncryptAlg
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object is the data encryption
algorithm for this IP."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.2.20."
DEFVAL { des56CbcMode }
::= { docsBpi2CmtsIpMulticastMapEntry 7 }
docsBpi2CmtsIpMulticastDataAuthentAlg OBJECT-TYPE
SYNTAX DocsBpkmDataAuthentAlg
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The value of this object is the data authentication
algorithm for this IP."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.2.20."
DEFVAL { none }
::= { docsBpi2CmtsIpMulticastMapEntry 8 }
docsBpi2CmtsIpMulticastSAMapRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has received an SA Map Request message for this IP.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.10."
::= { docsBpi2CmtsIpMulticastMapEntry 9 }
docsBpi2CmtsIpMulticastSAMapReplies OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has transmitted an SA Map Reply message for this IP.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.11."
::= { docsBpi2CmtsIpMulticastMapEntry 10 }
docsBpi2CmtsIpMulticastSAMapRejects OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the number of times the
CMTS has transmitted an SA Map Reject message for this IP.
Discontinuities in the value of this counter can occur at
re-initialization of the management system, and at other
times as indicated by the value of
ifCounterDiscontinuityTime."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 4.2.1.12."
::= { docsBpi2CmtsIpMulticastMapEntry 11 }
docsBpi2CmtsIpMulticastSAMapRejectErrorCode OBJECT-TYPE
SYNTAX INTEGER {
none(1),
unknown(2),
noAuthForRequestedDSFlow(9),
dsFlowNotMappedToSA(10)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the enumerated
description of the Error-Code in the most recent SA Map
Reject message sent in response to an SA Map Request for
this IP. It has the value unknown(2) if the last Error-Code
Value was 0 and none(1) if no SA MAP Reject message has
been received since entry creation."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Sections 4.2.1.12 and 4.2.2.15."
::= { docsBpi2CmtsIpMulticastMapEntry 12 }
docsBpi2CmtsIpMulticastSAMapRejectErrorString OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..128))
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of this object is the text string in
the most recent SA Map Reject message sent in response to
an SA Map Request for this IP. It is a zero length string
if no SA Map Reject message has been received since entry
creation."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Sections 4.2.1.12 and 4.2.2.6."
::= { docsBpi2CmtsIpMulticastMapEntry 13 }
docsBpi2CmtsIpMulticastMapControl OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object controls and reflects the IP multicast
address mapping entry. There is no restriction on the
ability to change values in this row while the row is
active.
A created row can be set to active only after the
Corresponding instances of docsBpi2CmtsIpMulticastAddress,
docsBpi2CmtsIpMulticastMask, docsBpi2CmtsIpMulticastSAId,
and docsBpi2CmtsIpMulticastSAType have all been set."
::= { docsBpi2CmtsIpMulticastMapEntry 14 }
docsBpi2CmtsIpMulticastMapStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The storage type for this conceptual row.
Conceptual rows having the value 'permanent' need not allow
write-access to any columnar objects in the row."
::= { docsBpi2CmtsIpMulticastMapEntry 15 }
--
-- The CMTS Multicast SAID Authorization Table,
-- indexed by ifIndex by
-- multicast SAID by CM MAC address
--
docsBpi2CmtsMulticastAuthTable OBJECT-TYPE
SYNTAX SEQUENCE OF DocsBpi2CmtsMulticastAuthEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table describes the multicast SAID
authorization for each CM on each CMTS MAC interface."
::= { docsBpi2CmtsMulticastObjects 2 }
docsBpi2CmtsMulticastAuthEntry OBJECT-TYPE
SYNTAX DocsBpi2CmtsMulticastAuthEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry contains objects describing the key
authorization of one cable modem for one multicast SAID
for one CMTS MAC interface.
Row entries persist after re-initialization of
the managed system."
INDEX { ifIndex, docsBpi2CmtsMulticastAuthSAId,
docsBpi2CmtsMulticastAuthCmMacAddress }
::= { docsBpi2CmtsMulticastAuthTable 1 }
DocsBpi2CmtsMulticastAuthEntry ::= SEQUENCE
{
docsBpi2CmtsMulticastAuthSAId DocsSAId,
docsBpi2CmtsMulticastAuthCmMacAddress MacAddress,
docsBpi2CmtsMulticastAuthControl RowStatus
}
docsBpi2CmtsMulticastAuthSAId OBJECT-TYPE
SYNTAX DocsSAId
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object represents the multicast SAID for
authorization."
::= { docsBpi2CmtsMulticastAuthEntry 1 }
docsBpi2CmtsMulticastAuthCmMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object represents the MAC address of the CM
to which the multicast SAID authorization applies."
::= { docsBpi2CmtsMulticastAuthEntry 2 }
docsBpi2CmtsMulticastAuthControl OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this conceptual row for the
authorization of multicast SAIDs to CMs."
::= { docsBpi2CmtsMulticastAuthEntry 3 }
--
-- CMTS Cert Objects
--
docsBpi2CmtsCertObjects OBJECT IDENTIFIER
::= { docsBpi2CmtsObjects 5 }
--
-- CMTS Provisioned CM Cert Table
--
docsBpi2CmtsProvisionedCmCertTable OBJECT-TYPE
SYNTAX SEQUENCE OF
DocsBpi2CmtsProvisionedCmCertEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of CM certificate trust entries provisioned
to the CMTS. The trust object for a certificate in this
table has an overriding effect on the validity object of a
certificate in the authorization table, as long as the
entire contents of the two certificates are identical."
::= { docsBpi2CmtsCertObjects 1 }
docsBpi2CmtsProvisionedCmCertEntry OBJECT-TYPE
SYNTAX DocsBpi2CmtsProvisionedCmCertEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry in the CMTS's provisioned CM certificate
table. Row entries persist after re-initialization of
the managed system."
REFERENCE
"Data-Over-Cable Service Interface Specifications:
Operations Support System Interface Specification
SP-OSSIv2.0-I05-040407, Section 6.2.14"
INDEX { docsBpi2CmtsProvisionedCmCertMacAddress }
::= { docsBpi2CmtsProvisionedCmCertTable 1 }
DocsBpi2CmtsProvisionedCmCertEntry ::= SEQUENCE
{
docsBpi2CmtsProvisionedCmCertMacAddress MacAddress,
docsBpi2CmtsProvisionedCmCertTrust INTEGER,
docsBpi2CmtsProvisionedCmCertSource INTEGER,
docsBpi2CmtsProvisionedCmCertStatus RowStatus,
docsBpi2CmtsProvisionedCmCert
DocsX509ASN1DEREncodedCertificate
}
docsBpi2CmtsProvisionedCmCertMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The index of this row."
::= { docsBpi2CmtsProvisionedCmCertEntry 1 }
docsBpi2CmtsProvisionedCmCertTrust OBJECT-TYPE
SYNTAX INTEGER {
trusted(1),
untrusted(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Trust state for the provisioned CM certificate entry.
Note: Setting this object need only override the validity
of CM certificates sent in future authorization requests;
instantaneous effect need not occur."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 9.4.1."
DEFVAL { untrusted }
::= { docsBpi2CmtsProvisionedCmCertEntry 2 }
docsBpi2CmtsProvisionedCmCertSource OBJECT-TYPE
SYNTAX INTEGER {
snmp(1),
configurationFile(2),
externalDatabase(3),
other(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object indicates how the certificate reached the
CMTS. Other(4) means that it originated from a source not
identified above."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 9.4.1."
::= { docsBpi2CmtsProvisionedCmCertEntry 3 }
docsBpi2CmtsProvisionedCmCertStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this conceptual row. Values in this row
cannot be changed while the row is 'active'."
::= { docsBpi2CmtsProvisionedCmCertEntry 4 }
docsBpi2CmtsProvisionedCmCert OBJECT-TYPE
SYNTAX DocsX509ASN1DEREncodedCertificate
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"An X509 DER-encoded Certificate Authority
certificate.
Note: The zero-length OCTET STRING must be returned, on
reads, if the entire certificate is not retained in the
CMTS."
REFERENCE
"DOCSIS Baseline Privacy Plus Interface Specification,
Section 9.2."
::= { docsBpi2CmtsProvisionedCmCertEntry 5 }
--
-- CMTS CA Cert Table
--
docsBpi2CmtsCACertTable OBJECT-TYPE
SYNTAX SEQUENCE OF DocsBpi2CmtsCACertEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table of known Certificate Authority certificates
acquired by this device."
::= { docsBpi2CmtsCertObjects 2 }
docsBpi2CmtsCACertEntry OBJECT-TYPE
SYNTAX DocsBpi2CmtsCACertEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A row in the Certificate Authority certificate
table. Row entries with the trust status 'trusted',
'untrusted', or 'root' persist after re-initialization
of the managed system."
REFERENCE
"Data-Over-Cable Service Interface Specifications:
Operations Support System Interface Specification
SP-OSSIv2.0-I05-040407, Section 6.2.14"
INDEX { docsBpi2CmtsCACertIndex }
::= {docsBpi2CmtsCACertTable 1 }
DocsBpi2CmtsCACertEntry ::= SEQUENCE {
docsBpi2CmtsCACertIndex Unsigned32,
docsBpi2CmtsCACertSubject SnmpAdminString,
docsBpi2CmtsCACertIssuer SnmpAdminString,
docsBpi2CmtsCACertSerialNumber OCTET STRING,
docsBpi2CmtsCACertTrust INTEGER,
docsBpi2CmtsCACertSource INTEGER,
docsBpi2CmtsCACertStatus RowStatus,
docsBpi2CmtsCACert
DocsX509ASN1DEREncodedCertificate,
docsBpi2CmtsCACertThumbprint OCTET STRING
}